rhodecode-enterprise-ce Commit - r4488:e79c19d1

1

# -*- coding: utf-8 -*-

1

# -*- coding: utf-8 -*-

2

3

4

#

4

#

5

# This program is free software: you can redistribute it and/or modify

5

# This program is free software: you can redistribute it and/or modify

6

# it under the terms of the GNU Affero General Public License, version 3

6

# it under the terms of the GNU Affero General Public License, version 3

7

# (only), as published by the Free Software Foundation.

7

# (only), as published by the Free Software Foundation.

8

#

8

#

9

# This program is distributed in the hope that it will be useful,

9

# This program is distributed in the hope that it will be useful,

10

# but WITHOUT ANY WARRANTY; without even the implied warranty of

10

# but WITHOUT ANY WARRANTY; without even the implied warranty of

11

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

11

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

12

# GNU General Public License for more details.

12

# GNU General Public License for more details.

13

#

13

#

14

# You should have received a copy of the GNU Affero General Public License

14

# You should have received a copy of the GNU Affero General Public License

15

# along with this program. If not, see <http://www.gnu.org/licenses/>.

15

# along with this program. If not, see <http://www.gnu.org/licenses/>.

16

#

16

#

17

# This program is dual-licensed. If you wish to learn more about the

17

# This program is dual-licensed. If you wish to learn more about the

18

# RhodeCode Enterprise Edition, including its added features, Support services,

18

# RhodeCode Enterprise Edition, including its added features, Support services,

19

# and proprietary license terms, please see https://rhodecode.com/licenses/

19

# and proprietary license terms, please see https://rhodecode.com/licenses/

20

21

"""

21

"""

22

Database Models for RhodeCode Enterprise

22

Database Models for RhodeCode Enterprise

23

"""

23

"""

24

25

import re

25

import re

26

import os

26

import os

27

import time

27

import time

28

import string

28

import string

29

import hashlib

29

import hashlib

30

import logging

30

import logging

31

import datetime

31

import datetime

32

import uuid

32

import uuid

33

import warnings

33

import warnings

34

import ipaddress

34

import ipaddress

35

import functools

35

import functools

36

import traceback

36

import traceback

37

import collections

37

import collections

38

39

from sqlalchemy import (

39

from sqlalchemy import (

40

or_, and_, not_, func, cast, TypeDecorator, event,

40

or_, and_, not_, func, cast, TypeDecorator, event,

41

Index, Sequence, UniqueConstraint, ForeignKey, CheckConstraint, Column,

41

Index, Sequence, UniqueConstraint, ForeignKey, CheckConstraint, Column,

42

Boolean, String, Unicode, UnicodeText, DateTime, Integer, LargeBinary,

42

Boolean, String, Unicode, UnicodeText, DateTime, Integer, LargeBinary,

43

Text, Float, PickleType, BigInteger)

43

Text, Float, PickleType, BigInteger)

44

from sqlalchemy.sql.expression import true, false, case

44

from sqlalchemy.sql.expression import true, false, case

45

from sqlalchemy.sql.functions import coalesce, count # pragma: no cover

45

from sqlalchemy.sql.functions import coalesce, count # pragma: no cover

46

from sqlalchemy.orm import (

46

from sqlalchemy.orm import (

47

relationship, joinedload, class_mapper, validates, aliased)

47

relationship, joinedload, class_mapper, validates, aliased)

48

from sqlalchemy.ext.declarative import declared_attr

48

from sqlalchemy.ext.declarative import declared_attr

49

from sqlalchemy.ext.hybrid import hybrid_property

49

from sqlalchemy.ext.hybrid import hybrid_property

50

from sqlalchemy.exc import IntegrityError # pragma: no cover

50

from sqlalchemy.exc import IntegrityError # pragma: no cover

51

from sqlalchemy.dialects.mysql import LONGTEXT

51

from sqlalchemy.dialects.mysql import LONGTEXT

52

from zope.cachedescriptors.property import Lazy as LazyProperty

52

from zope.cachedescriptors.property import Lazy as LazyProperty

53

from pyramid import compat

53

from pyramid import compat

54

from pyramid.threadlocal import get_current_request

54

from pyramid.threadlocal import get_current_request

55

from webhelpers2.text import remove_formatting

55

from webhelpers2.text import remove_formatting

56

57

from rhodecode.translation import _

57

from rhodecode.translation import _

58

from rhodecode.lib.vcs import get_vcs_instance, VCSError

58

from rhodecode.lib.vcs import get_vcs_instance, VCSError

59

from rhodecode.lib.vcs.backends.base import EmptyCommit, Reference

59

from rhodecode.lib.vcs.backends.base import EmptyCommit, Reference

60

from rhodecode.lib.utils2 import (

60

from rhodecode.lib.utils2 import (

61

str2bool, safe_str, get_commit_safe, safe_unicode, sha1_safe,

61

str2bool, safe_str, get_commit_safe, safe_unicode, sha1_safe,

62

time_to_datetime, aslist, Optional, safe_int, get_clone_url, AttributeDict,

62

time_to_datetime, aslist, Optional, safe_int, get_clone_url, AttributeDict,

63

glob2re, StrictAttributeDict, cleaned_uri, datetime_to_time, OrderedDefaultDict)

63

glob2re, StrictAttributeDict, cleaned_uri, datetime_to_time, OrderedDefaultDict)

64

from rhodecode.lib.jsonalchemy import MutationObj, MutationList, JsonType, \

64

from rhodecode.lib.jsonalchemy import MutationObj, MutationList, JsonType, \

65

JsonRaw

65

JsonRaw

66

from rhodecode.lib.ext_json import json

66

from rhodecode.lib.ext_json import json

67

from rhodecode.lib.caching_query import FromCache

67

from rhodecode.lib.caching_query import FromCache

68

from rhodecode.lib.encrypt import AESCipher, validate_and_get_enc_data

68

from rhodecode.lib.encrypt import AESCipher, validate_and_get_enc_data

69

from rhodecode.lib.encrypt2 import Encryptor

69

from rhodecode.lib.encrypt2 import Encryptor

70

from rhodecode.lib.exceptions import (

70

from rhodecode.lib.exceptions import (

71

ArtifactMetadataDuplicate, ArtifactMetadataBadValueType)

71

ArtifactMetadataDuplicate, ArtifactMetadataBadValueType)

72

from rhodecode.model.meta import Base, Session

72

from rhodecode.model.meta import Base, Session

73

74

URL_SEP = '/'

74

URL_SEP = '/'

75

log = logging.getLogger(__name__)

75

log = logging.getLogger(__name__)

76

77

# =============================================================================

77

# =============================================================================

78

# BASE CLASSES

78

# BASE CLASSES

79

# =============================================================================

79

# =============================================================================

80

81

# this is propagated from .ini file rhodecode.encrypted_values.secret or

81

# this is propagated from .ini file rhodecode.encrypted_values.secret or

82

# beaker.session.secret if first is not set.

82

# beaker.session.secret if first is not set.

83

# and initialized at environment.py

83

# and initialized at environment.py

84

ENCRYPTION_KEY = None

84

ENCRYPTION_KEY = None

85

86

# used to sort permissions by types, '#' used here is not allowed to be in

86

# used to sort permissions by types, '#' used here is not allowed to be in

87

# usernames, and it's very early in sorted string.printable table.

87

# usernames, and it's very early in sorted string.printable table.

88

PERMISSION_TYPE_SORT = {

88

PERMISSION_TYPE_SORT = {

89

'admin': '####',

89

'admin': '####',

90

'write': '###',

90

'write': '###',

91

'read': '##',

91

'read': '##',

92

'none': '#',

92

'none': '#',

93

}

93

}

94

95

96

def display_user_sort(obj):

96

def display_user_sort(obj):

97

"""

97

"""

98

Sort function used to sort permissions in .permissions() function of

98

Sort function used to sort permissions in .permissions() function of

99

Repository, RepoGroup, UserGroup. Also it put the default user in front

99

Repository, RepoGroup, UserGroup. Also it put the default user in front

100

of all other resources

100

of all other resources

101

"""

101

"""

102

103

if obj.username == User.DEFAULT_USER:

103

if obj.username == User.DEFAULT_USER:

104

return '#####'

104

return '#####'

105

prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')

105

prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')

106

extra_sort_num = '1' # default

106

extra_sort_num = '1' # default

107

108

# NOTE(dan): inactive duplicates goes last

108

# NOTE(dan): inactive duplicates goes last

109

if getattr(obj, 'duplicate_perm', None):

109

if getattr(obj, 'duplicate_perm', None):

110

extra_sort_num = '9'

110

extra_sort_num = '9'

111

return prefix + extra_sort_num + obj.username

111

return prefix + extra_sort_num + obj.username

112

113

114

def display_user_group_sort(obj):

114

def display_user_group_sort(obj):

115

"""

115

"""

116

Sort function used to sort permissions in .permissions() function of

116

Sort function used to sort permissions in .permissions() function of

117

Repository, RepoGroup, UserGroup. Also it put the default user in front

117

Repository, RepoGroup, UserGroup. Also it put the default user in front

118

of all other resources

118

of all other resources

119

"""

119

"""

120

121

prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')

121

prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')

122

return prefix + obj.users_group_name

122

return prefix + obj.users_group_name

123

124

125

def _hash_key(k):

125

def _hash_key(k):

126

return sha1_safe(k)

126

return sha1_safe(k)

127

128

129

def in_filter_generator(qry, items, limit=500):

129

def in_filter_generator(qry, items, limit=500):

130

"""

130

"""

131

Splits IN() into multiple with OR

131

Splits IN() into multiple with OR

132

e.g.::

132

e.g.::

133

cnt = Repository.query().filter(

133

cnt = Repository.query().filter(

134

or_(

134

or_(

135

*in_filter_generator(Repository.repo_id, range(100000))

135

*in_filter_generator(Repository.repo_id, range(100000))

136

)).count()

136

)).count()

137

"""

137

"""

138

if not items:

138

if not items:

139

# empty list will cause empty query which might cause security issues

139

# empty list will cause empty query which might cause security issues

140

# this can lead to hidden unpleasant results

140

# this can lead to hidden unpleasant results

141

items = [-1]

141

items = [-1]

142

143

parts = []

143

parts = []

144

for chunk in xrange(0, len(items), limit):

144

for chunk in xrange(0, len(items), limit):

145

parts.append(

145

parts.append(

146

qry.in_(items[chunk: chunk + limit])

146

qry.in_(items[chunk: chunk + limit])

147

)

147

)

148

149

return parts

149

return parts

150

151

152

base_table_args = {

152

base_table_args = {

153

'extend_existing': True,

153

'extend_existing': True,

154

'mysql_engine': 'InnoDB',

154

'mysql_engine': 'InnoDB',

155

'mysql_charset': 'utf8',

155

'mysql_charset': 'utf8',

156

'sqlite_autoincrement': True

156

'sqlite_autoincrement': True

157

}

157

}

158

159

160

class EncryptedTextValue(TypeDecorator):

160

class EncryptedTextValue(TypeDecorator):

161

"""

161

"""

162

Special column for encrypted long text data, use like::

162

Special column for encrypted long text data, use like::

163

164

value = Column("encrypted_value", EncryptedValue(), nullable=False)

164

value = Column("encrypted_value", EncryptedValue(), nullable=False)

165

166

This column is intelligent so if value is in unencrypted form it return

166

This column is intelligent so if value is in unencrypted form it return

167

unencrypted form, but on save it always encrypts

167

unencrypted form, but on save it always encrypts

168

"""

168

"""

169

impl = Text

169

impl = Text

170

171

def process_bind_param(self, value, dialect):

171

def process_bind_param(self, value, dialect):

172

"""

172

"""

173

Setter for storing value

173

Setter for storing value

174

"""

174

"""

175

import rhodecode

175

import rhodecode

176

if not value:

176

if not value:

177

return value

177

return value

178

179

# protect against double encrypting if values is already encrypted

179

# protect against double encrypting if values is already encrypted

180

if value.startswith('enc$aes$') \

180

if value.startswith('enc$aes$') \

181

or value.startswith('enc$aes_hmac$') \

181

or value.startswith('enc$aes_hmac$') \

182

or value.startswith('enc2$'):

182

or value.startswith('enc2$'):

183

raise ValueError('value needs to be in unencrypted format, '

183

raise ValueError('value needs to be in unencrypted format, '

184

'ie. not starting with enc$ or enc2$')

184

'ie. not starting with enc$ or enc2$')

185

186

algo = rhodecode.CONFIG.get('rhodecode.encrypted_values.algorithm') or 'aes'

186

algo = rhodecode.CONFIG.get('rhodecode.encrypted_values.algorithm') or 'aes'

187

if algo == 'aes':

187

if algo == 'aes':

188

return 'enc$aes_hmac$%s' % AESCipher(ENCRYPTION_KEY, hmac=True).encrypt(value)

188

return 'enc$aes_hmac$%s' % AESCipher(ENCRYPTION_KEY, hmac=True).encrypt(value)

189

elif algo == 'fernet':

189

elif algo == 'fernet':

190

return Encryptor(ENCRYPTION_KEY).encrypt(value)

190

return Encryptor(ENCRYPTION_KEY).encrypt(value)

191

else:

191

else:

192

ValueError('Bad encryption algorithm, should be fernet or aes, got: {}'.format(algo))

192

ValueError('Bad encryption algorithm, should be fernet or aes, got: {}'.format(algo))

193

194

def process_result_value(self, value, dialect):

194

def process_result_value(self, value, dialect):

195

"""

195

"""

196

Getter for retrieving value

196

Getter for retrieving value

197

"""

197

"""

198

199

import rhodecode

199

import rhodecode

200

if not value:

200

if not value:

201

return value

201

return value

202

203

algo = rhodecode.CONFIG.get('rhodecode.encrypted_values.algorithm') or 'aes'

203

algo = rhodecode.CONFIG.get('rhodecode.encrypted_values.algorithm') or 'aes'

204

enc_strict_mode = str2bool(rhodecode.CONFIG.get('rhodecode.encrypted_values.strict') or True)

204

enc_strict_mode = str2bool(rhodecode.CONFIG.get('rhodecode.encrypted_values.strict') or True)

205

if algo == 'aes':

205

if algo == 'aes':

206

decrypted_data = validate_and_get_enc_data(value, ENCRYPTION_KEY, enc_strict_mode)

206

decrypted_data = validate_and_get_enc_data(value, ENCRYPTION_KEY, enc_strict_mode)

207

elif algo == 'fernet':

207

elif algo == 'fernet':

208

return Encryptor(ENCRYPTION_KEY).decrypt(value)

208

return Encryptor(ENCRYPTION_KEY).decrypt(value)

209

else:

209

else:

210

ValueError('Bad encryption algorithm, should be fernet or aes, got: {}'.format(algo))

210

ValueError('Bad encryption algorithm, should be fernet or aes, got: {}'.format(algo))

211

return decrypted_data

211

return decrypted_data

212

213

214

class BaseModel(object):

214

class BaseModel(object):

215

"""

215

"""

216

Base Model for all classes

216

Base Model for all classes

217

"""

217

"""

218

219

@classmethod

219

@classmethod

220

def _get_keys(cls):

220

def _get_keys(cls):

221

"""return column names for this model """

221

"""return column names for this model """

222

return class_mapper(cls).c.keys()

222

return class_mapper(cls).c.keys()

223

224

def get_dict(self):

224

def get_dict(self):

225

"""

225

"""

226

return dict with keys and values corresponding

226

return dict with keys and values corresponding

227

to this model data """

227

to this model data """

228

229

d = {}

229

d = {}

230

for k in self._get_keys():

230

for k in self._get_keys():

231

d[k] = getattr(self, k)

231

d[k] = getattr(self, k)

232

233

# also use __json__() if present to get additional fields

233

# also use __json__() if present to get additional fields

234

_json_attr = getattr(self, '__json__', None)

234

_json_attr = getattr(self, '__json__', None)

235

if _json_attr:

235

if _json_attr:

236

# update with attributes from __json__

236

# update with attributes from __json__

237

if callable(_json_attr):

237

if callable(_json_attr):

238

_json_attr = _json_attr()

238

_json_attr = _json_attr()

239

for k, val in _json_attr.iteritems():

239

for k, val in _json_attr.iteritems():

240

d[k] = val

240

d[k] = val

241

return d

241

return d

242

243

def get_appstruct(self):

243

def get_appstruct(self):

244

"""return list with keys and values tuples corresponding

244

"""return list with keys and values tuples corresponding

245

to this model data """

245

to this model data """

246

247

lst = []

247

lst = []

248

for k in self._get_keys():

248

for k in self._get_keys():

249

lst.append((k, getattr(self, k),))

249

lst.append((k, getattr(self, k),))

250

return lst

250

return lst

251

252

def populate_obj(self, populate_dict):

252

def populate_obj(self, populate_dict):

253

"""populate model with data from given populate_dict"""

253

"""populate model with data from given populate_dict"""

254

255

for k in self._get_keys():

255

for k in self._get_keys():

256

if k in populate_dict:

256

if k in populate_dict:

257

setattr(self, k, populate_dict[k])

257

setattr(self, k, populate_dict[k])

258

259

@classmethod

259

@classmethod

260

def query(cls):

260

def query(cls):

261

return Session().query(cls)

261

return Session().query(cls)

262

263

@classmethod

263

@classmethod

264

def get(cls, id_):

264

def get(cls, id_):

265

if id_:

265

if id_:

266

return cls.query().get(id_)

266

return cls.query().get(id_)

267

268

@classmethod

268

@classmethod

269

def get_or_404(cls, id_):

269

def get_or_404(cls, id_):

270

from pyramid.httpexceptions import HTTPNotFound

270

from pyramid.httpexceptions import HTTPNotFound

271

272

try:

272

try:

273

id_ = int(id_)

273

id_ = int(id_)

274

except (TypeError, ValueError):

274

except (TypeError, ValueError):

275

raise HTTPNotFound()

275

raise HTTPNotFound()

276

277

res = cls.query().get(id_)

277

res = cls.query().get(id_)

278

if not res:

278

if not res:

279

raise HTTPNotFound()

279

raise HTTPNotFound()

280

return res

280

return res

281

282

@classmethod

282

@classmethod

283

def getAll(cls):

283

def getAll(cls):

284

# deprecated and left for backward compatibility

284

# deprecated and left for backward compatibility

285

return cls.get_all()

285

return cls.get_all()

286

287

@classmethod

287

@classmethod

288

def get_all(cls):

288

def get_all(cls):

289

return cls.query().all()

289

return cls.query().all()

290

291

@classmethod

291

@classmethod

292

def delete(cls, id_):

292

def delete(cls, id_):

293

obj = cls.query().get(id_)

293

obj = cls.query().get(id_)

294

Session().delete(obj)

294

Session().delete(obj)

295

296

@classmethod

296

@classmethod

297

def identity_cache(cls, session, attr_name, value):

297

def identity_cache(cls, session, attr_name, value):

298

exist_in_session = []

298

exist_in_session = []

299

for (item_cls, pkey), instance in session.identity_map.items():

299

for (item_cls, pkey), instance in session.identity_map.items():

300

if cls == item_cls and getattr(instance, attr_name) == value:

300

if cls == item_cls and getattr(instance, attr_name) == value:

301

exist_in_session.append(instance)

301

exist_in_session.append(instance)

302

if exist_in_session:

302

if exist_in_session:

303

if len(exist_in_session) == 1:

303

if len(exist_in_session) == 1:

304

return exist_in_session[0]

304

return exist_in_session[0]

305

log.exception(

305

log.exception(

306

'multiple objects with attr %s and '

306

'multiple objects with attr %s and '

307

'value %s found with same name: %r',

307

'value %s found with same name: %r',

308

attr_name, value, exist_in_session)

308

attr_name, value, exist_in_session)

309

310

def __repr__(self):

310

def __repr__(self):

311

if hasattr(self, '__unicode__'):

311

if hasattr(self, '__unicode__'):

312

# python repr needs to return str

312

# python repr needs to return str

313

try:

313

try:

314

return safe_str(self.__unicode__())

314

return safe_str(self.__unicode__())

315

except UnicodeDecodeError:

315

except UnicodeDecodeError:

316

pass

316

pass

317

return '<DB:%s>' % (self.__class__.__name__)

317

return '<DB:%s>' % (self.__class__.__name__)

318

319

320

class RhodeCodeSetting(Base, BaseModel):

320

class RhodeCodeSetting(Base, BaseModel):

321

__tablename__ = 'rhodecode_settings'

321

__tablename__ = 'rhodecode_settings'

322

__table_args__ = (

322

__table_args__ = (

323

UniqueConstraint('app_settings_name'),

323

UniqueConstraint('app_settings_name'),

324

base_table_args

324

base_table_args

325

)

325

)

326

327

SETTINGS_TYPES = {

327

SETTINGS_TYPES = {

328

'str': safe_str,

328

'str': safe_str,

329

'int': safe_int,

329

'int': safe_int,

330

'unicode': safe_unicode,

330

'unicode': safe_unicode,

331

'bool': str2bool,

331

'bool': str2bool,

332

'list': functools.partial(aslist, sep=',')

332

'list': functools.partial(aslist, sep=',')

333

}

333

}

334

DEFAULT_UPDATE_URL = 'https://rhodecode.com/api/v1/info/versions'

334

DEFAULT_UPDATE_URL = 'https://rhodecode.com/api/v1/info/versions'

335

GLOBAL_CONF_KEY = 'app_settings'

335

GLOBAL_CONF_KEY = 'app_settings'

336

337

app_settings_id = Column("app_settings_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

337

app_settings_id = Column("app_settings_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

338

app_settings_name = Column("app_settings_name", String(255), nullable=True, unique=None, default=None)

338

app_settings_name = Column("app_settings_name", String(255), nullable=True, unique=None, default=None)

339

_app_settings_value = Column("app_settings_value", String(4096), nullable=True, unique=None, default=None)

339

_app_settings_value = Column("app_settings_value", String(4096), nullable=True, unique=None, default=None)

340

_app_settings_type = Column("app_settings_type", String(255), nullable=True, unique=None, default=None)

340

_app_settings_type = Column("app_settings_type", String(255), nullable=True, unique=None, default=None)

341

342

def __init__(self, key='', val='', type='unicode'):

342

def __init__(self, key='', val='', type='unicode'):

343

self.app_settings_name = key

343

self.app_settings_name = key

344

self.app_settings_type = type

344

self.app_settings_type = type

345

self.app_settings_value = val

345

self.app_settings_value = val

346

347

@validates('_app_settings_value')

347

@validates('_app_settings_value')

348

def validate_settings_value(self, key, val):

348

def validate_settings_value(self, key, val):

349

assert type(val) == unicode

349

assert type(val) == unicode

350

return val

350

return val

351

352

@hybrid_property

352

@hybrid_property

353

def app_settings_value(self):

353

def app_settings_value(self):

354

v = self._app_settings_value

354

v = self._app_settings_value

355

_type = self.app_settings_type

355

_type = self.app_settings_type

356

if _type:

356

if _type:

357

_type = self.app_settings_type.split('.')[0]

357

_type = self.app_settings_type.split('.')[0]

358

# decode the encrypted value

358

# decode the encrypted value

359

if 'encrypted' in self.app_settings_type:

359

if 'encrypted' in self.app_settings_type:

360

cipher = EncryptedTextValue()

360

cipher = EncryptedTextValue()

361

v = safe_unicode(cipher.process_result_value(v, None))

361

v = safe_unicode(cipher.process_result_value(v, None))

362

363

converter = self.SETTINGS_TYPES.get(_type) or \

363

converter = self.SETTINGS_TYPES.get(_type) or \

364

self.SETTINGS_TYPES['unicode']

364

self.SETTINGS_TYPES['unicode']

365

return converter(v)

365

return converter(v)

366

367

@app_settings_value.setter

367

@app_settings_value.setter

368

def app_settings_value(self, val):

368

def app_settings_value(self, val):

369

"""

369

"""

370

Setter that will always make sure we use unicode in app_settings_value

370

Setter that will always make sure we use unicode in app_settings_value

371

372

:param val:

372

:param val:

373

"""

373

"""

374

val = safe_unicode(val)

374

val = safe_unicode(val)

375

# encode the encrypted value

375

# encode the encrypted value

376

if 'encrypted' in self.app_settings_type:

376

if 'encrypted' in self.app_settings_type:

377

cipher = EncryptedTextValue()

377

cipher = EncryptedTextValue()

378

val = safe_unicode(cipher.process_bind_param(val, None))

378

val = safe_unicode(cipher.process_bind_param(val, None))

379

self._app_settings_value = val

379

self._app_settings_value = val

380

381

@hybrid_property

381

@hybrid_property

382

def app_settings_type(self):

382

def app_settings_type(self):

383

return self._app_settings_type

383

return self._app_settings_type

384

385

@app_settings_type.setter

385

@app_settings_type.setter

386

def app_settings_type(self, val):

386

def app_settings_type(self, val):

387

if val.split('.')[0] not in self.SETTINGS_TYPES:

387

if val.split('.')[0] not in self.SETTINGS_TYPES:

388

raise Exception('type must be one of %s got %s'

388

raise Exception('type must be one of %s got %s'

389

% (self.SETTINGS_TYPES.keys(), val))

389

% (self.SETTINGS_TYPES.keys(), val))

390

self._app_settings_type = val

390

self._app_settings_type = val

391

392

@classmethod

392

@classmethod

393

def get_by_prefix(cls, prefix):

393

def get_by_prefix(cls, prefix):

394

return RhodeCodeSetting.query()\

394

return RhodeCodeSetting.query()\

395

.filter(RhodeCodeSetting.app_settings_name.startswith(prefix))\

395

.filter(RhodeCodeSetting.app_settings_name.startswith(prefix))\

396

.all()

396

.all()

397

398

def __unicode__(self):

398

def __unicode__(self):

399

return u"<%s('%s:%s[%s]')>" % (

399

return u"<%s('%s:%s[%s]')>" % (

400

self.__class__.__name__,

400

self.__class__.__name__,

401

self.app_settings_name, self.app_settings_value,

401

self.app_settings_name, self.app_settings_value,

402

self.app_settings_type

402

self.app_settings_type

403

)

403

)

404

405

406

class RhodeCodeUi(Base, BaseModel):

406

class RhodeCodeUi(Base, BaseModel):

407

__tablename__ = 'rhodecode_ui'

407

__tablename__ = 'rhodecode_ui'

408

__table_args__ = (

408

__table_args__ = (

409

UniqueConstraint('ui_key'),

409

UniqueConstraint('ui_key'),

410

base_table_args

410

base_table_args

411

)

411

)

412

413

HOOK_REPO_SIZE = 'changegroup.repo_size'

413

HOOK_REPO_SIZE = 'changegroup.repo_size'

414

# HG

414

# HG

415

HOOK_PRE_PULL = 'preoutgoing.pre_pull'

415

HOOK_PRE_PULL = 'preoutgoing.pre_pull'

416

HOOK_PULL = 'outgoing.pull_logger'

416

HOOK_PULL = 'outgoing.pull_logger'

417

HOOK_PRE_PUSH = 'prechangegroup.pre_push'

417

HOOK_PRE_PUSH = 'prechangegroup.pre_push'

418

HOOK_PRETX_PUSH = 'pretxnchangegroup.pre_push'

418

HOOK_PRETX_PUSH = 'pretxnchangegroup.pre_push'

419

HOOK_PUSH = 'changegroup.push_logger'

419

HOOK_PUSH = 'changegroup.push_logger'

420

HOOK_PUSH_KEY = 'pushkey.key_push'

420

HOOK_PUSH_KEY = 'pushkey.key_push'

421

422

HOOKS_BUILTIN = [

422

HOOKS_BUILTIN = [

423

HOOK_PRE_PULL,

423

HOOK_PRE_PULL,

424

HOOK_PULL,

424

HOOK_PULL,

425

HOOK_PRE_PUSH,

425

HOOK_PRE_PUSH,

426

HOOK_PRETX_PUSH,

426

HOOK_PRETX_PUSH,

427

HOOK_PUSH,

427

HOOK_PUSH,

428

HOOK_PUSH_KEY,

428

HOOK_PUSH_KEY,

429

]

429

]

430

431

# TODO: johbo: Unify way how hooks are configured for git and hg,

431

# TODO: johbo: Unify way how hooks are configured for git and hg,

432

# git part is currently hardcoded.

432

# git part is currently hardcoded.

433

434

# SVN PATTERNS

434

# SVN PATTERNS

435

SVN_BRANCH_ID = 'vcs_svn_branch'

435

SVN_BRANCH_ID = 'vcs_svn_branch'

436

SVN_TAG_ID = 'vcs_svn_tag'

436

SVN_TAG_ID = 'vcs_svn_tag'

437

438

ui_id = Column(

438

ui_id = Column(

439

"ui_id", Integer(), nullable=False, unique=True, default=None,

439

"ui_id", Integer(), nullable=False, unique=True, default=None,

440

primary_key=True)

440

primary_key=True)

441

ui_section = Column(

441

ui_section = Column(

442

"ui_section", String(255), nullable=True, unique=None, default=None)

442

"ui_section", String(255), nullable=True, unique=None, default=None)

443

ui_key = Column(

443

ui_key = Column(

444

"ui_key", String(255), nullable=True, unique=None, default=None)

444

"ui_key", String(255), nullable=True, unique=None, default=None)

445

ui_value = Column(

445

ui_value = Column(

446

"ui_value", String(255), nullable=True, unique=None, default=None)

446

"ui_value", String(255), nullable=True, unique=None, default=None)

447

ui_active = Column(

447

ui_active = Column(

448

"ui_active", Boolean(), nullable=True, unique=None, default=True)

448

"ui_active", Boolean(), nullable=True, unique=None, default=True)

449

450

def __repr__(self):

450

def __repr__(self):

451

return '<%s[%s]%s=>%s]>' % (self.__class__.__name__, self.ui_section,

451

return '<%s[%s]%s=>%s]>' % (self.__class__.__name__, self.ui_section,

452

self.ui_key, self.ui_value)

452

self.ui_key, self.ui_value)

453

454

455

class RepoRhodeCodeSetting(Base, BaseModel):

455

class RepoRhodeCodeSetting(Base, BaseModel):

456

__tablename__ = 'repo_rhodecode_settings'

456

__tablename__ = 'repo_rhodecode_settings'

457

__table_args__ = (

457

__table_args__ = (

458

UniqueConstraint(

458

UniqueConstraint(

459

'app_settings_name', 'repository_id',

459

'app_settings_name', 'repository_id',

460

name='uq_repo_rhodecode_setting_name_repo_id'),

460

name='uq_repo_rhodecode_setting_name_repo_id'),

461

base_table_args

461

base_table_args

462

)

462

)

463

464

repository_id = Column(

464

repository_id = Column(

465

"repository_id", Integer(), ForeignKey('repositories.repo_id'),

465

"repository_id", Integer(), ForeignKey('repositories.repo_id'),

466

nullable=False)

466

nullable=False)

467

app_settings_id = Column(

467

app_settings_id = Column(

468

"app_settings_id", Integer(), nullable=False, unique=True,

468

"app_settings_id", Integer(), nullable=False, unique=True,

469

default=None, primary_key=True)

469

default=None, primary_key=True)

470

app_settings_name = Column(

470

app_settings_name = Column(

471

"app_settings_name", String(255), nullable=True, unique=None,

471

"app_settings_name", String(255), nullable=True, unique=None,

472

default=None)

472

default=None)

473

_app_settings_value = Column(

473

_app_settings_value = Column(

474

"app_settings_value", String(4096), nullable=True, unique=None,

474

"app_settings_value", String(4096), nullable=True, unique=None,

475

default=None)

475

default=None)

476

_app_settings_type = Column(

476

_app_settings_type = Column(

477

"app_settings_type", String(255), nullable=True, unique=None,

477

"app_settings_type", String(255), nullable=True, unique=None,

478

default=None)

478

default=None)

479

480

repository = relationship('Repository')

480

repository = relationship('Repository')

481

482

def __init__(self, repository_id, key='', val='', type='unicode'):

482

def __init__(self, repository_id, key='', val='', type='unicode'):

483

self.repository_id = repository_id

483

self.repository_id = repository_id

484

self.app_settings_name = key

484

self.app_settings_name = key

485

self.app_settings_type = type

485

self.app_settings_type = type

486

self.app_settings_value = val

486

self.app_settings_value = val

487

488

@validates('_app_settings_value')

488

@validates('_app_settings_value')

489

def validate_settings_value(self, key, val):

489

def validate_settings_value(self, key, val):

490

assert type(val) == unicode

490

assert type(val) == unicode

491

return val

491

return val

492

493

@hybrid_property

493

@hybrid_property

494

def app_settings_value(self):

494

def app_settings_value(self):

495

v = self._app_settings_value

495

v = self._app_settings_value

496

type_ = self.app_settings_type

496

type_ = self.app_settings_type

497

SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES

497

SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES

498

converter = SETTINGS_TYPES.get(type_) or SETTINGS_TYPES['unicode']

498

converter = SETTINGS_TYPES.get(type_) or SETTINGS_TYPES['unicode']

499

return converter(v)

499

return converter(v)

500

501

@app_settings_value.setter

501

@app_settings_value.setter

502

def app_settings_value(self, val):

502

def app_settings_value(self, val):

503

"""

503

"""

504

Setter that will always make sure we use unicode in app_settings_value

504

Setter that will always make sure we use unicode in app_settings_value

505

506

:param val:

506

:param val:

507

"""

507

"""

508

self._app_settings_value = safe_unicode(val)

508

self._app_settings_value = safe_unicode(val)

509

510

@hybrid_property

510

@hybrid_property

511

def app_settings_type(self):

511

def app_settings_type(self):

512

return self._app_settings_type

512

return self._app_settings_type

513

514

@app_settings_type.setter

514

@app_settings_type.setter

515

def app_settings_type(self, val):

515

def app_settings_type(self, val):

516

SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES

516

SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES

517

if val not in SETTINGS_TYPES:

517

if val not in SETTINGS_TYPES:

518

raise Exception('type must be one of %s got %s'

518

raise Exception('type must be one of %s got %s'

519

% (SETTINGS_TYPES.keys(), val))

519

% (SETTINGS_TYPES.keys(), val))

520

self._app_settings_type = val

520

self._app_settings_type = val

521

522

def __unicode__(self):

522

def __unicode__(self):

523

return u"<%s('%s:%s:%s[%s]')>" % (

523

return u"<%s('%s:%s:%s[%s]')>" % (

524

self.__class__.__name__, self.repository.repo_name,

524

self.__class__.__name__, self.repository.repo_name,

525

self.app_settings_name, self.app_settings_value,

525

self.app_settings_name, self.app_settings_value,

526

self.app_settings_type

526

self.app_settings_type

527

)

527

)

528

529

530

class RepoRhodeCodeUi(Base, BaseModel):

530

class RepoRhodeCodeUi(Base, BaseModel):

531

__tablename__ = 'repo_rhodecode_ui'

531

__tablename__ = 'repo_rhodecode_ui'

532

__table_args__ = (

532

__table_args__ = (

533

UniqueConstraint(

533

UniqueConstraint(

534

'repository_id', 'ui_section', 'ui_key',

534

'repository_id', 'ui_section', 'ui_key',

535

name='uq_repo_rhodecode_ui_repository_id_section_key'),

535

name='uq_repo_rhodecode_ui_repository_id_section_key'),

536

base_table_args

536

base_table_args

537

)

537

)

538

539

repository_id = Column(

539

repository_id = Column(

540

"repository_id", Integer(), ForeignKey('repositories.repo_id'),

540

"repository_id", Integer(), ForeignKey('repositories.repo_id'),

541

nullable=False)

541

nullable=False)

542

ui_id = Column(

542

ui_id = Column(

543

"ui_id", Integer(), nullable=False, unique=True, default=None,

543

"ui_id", Integer(), nullable=False, unique=True, default=None,

544

primary_key=True)

544

primary_key=True)

545

ui_section = Column(

545

ui_section = Column(

546

"ui_section", String(255), nullable=True, unique=None, default=None)

546

"ui_section", String(255), nullable=True, unique=None, default=None)

547

ui_key = Column(

547

ui_key = Column(

548

"ui_key", String(255), nullable=True, unique=None, default=None)

548

"ui_key", String(255), nullable=True, unique=None, default=None)

549

ui_value = Column(

549

ui_value = Column(

550

"ui_value", String(255), nullable=True, unique=None, default=None)

550

"ui_value", String(255), nullable=True, unique=None, default=None)

551

ui_active = Column(

551

ui_active = Column(

552

"ui_active", Boolean(), nullable=True, unique=None, default=True)

552

"ui_active", Boolean(), nullable=True, unique=None, default=True)

553

554

repository = relationship('Repository')

554

repository = relationship('Repository')

555

556

def __repr__(self):

556

def __repr__(self):

557

return '<%s[%s:%s]%s=>%s]>' % (

557

return '<%s[%s:%s]%s=>%s]>' % (

558

self.__class__.__name__, self.repository.repo_name,

558

self.__class__.__name__, self.repository.repo_name,

559

self.ui_section, self.ui_key, self.ui_value)

559

self.ui_section, self.ui_key, self.ui_value)

560

561

562

class User(Base, BaseModel):

562

class User(Base, BaseModel):

563

__tablename__ = 'users'

563

__tablename__ = 'users'

564

__table_args__ = (

564

__table_args__ = (

565

UniqueConstraint('username'), UniqueConstraint('email'),

565

UniqueConstraint('username'), UniqueConstraint('email'),

566

Index('u_username_idx', 'username'),

566

Index('u_username_idx', 'username'),

567

Index('u_email_idx', 'email'),

567

Index('u_email_idx', 'email'),

568

base_table_args

568

base_table_args

569

)

569

)

570

571

DEFAULT_USER = 'default'

571

DEFAULT_USER = 'default'

572

DEFAULT_USER_EMAIL = 'anonymous@rhodecode.org'

572

DEFAULT_USER_EMAIL = 'anonymous@rhodecode.org'

573

DEFAULT_GRAVATAR_URL = 'https://secure.gravatar.com/avatar/{md5email}?d=identicon&s={size}'

573

DEFAULT_GRAVATAR_URL = 'https://secure.gravatar.com/avatar/{md5email}?d=identicon&s={size}'

574

575

user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

575

user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

576

username = Column("username", String(255), nullable=True, unique=None, default=None)

576

username = Column("username", String(255), nullable=True, unique=None, default=None)

577

password = Column("password", String(255), nullable=True, unique=None, default=None)

577

password = Column("password", String(255), nullable=True, unique=None, default=None)

578

active = Column("active", Boolean(), nullable=True, unique=None, default=True)

578

active = Column("active", Boolean(), nullable=True, unique=None, default=True)

579

admin = Column("admin", Boolean(), nullable=True, unique=None, default=False)

579

admin = Column("admin", Boolean(), nullable=True, unique=None, default=False)

580

name = Column("firstname", String(255), nullable=True, unique=None, default=None)

580

name = Column("firstname", String(255), nullable=True, unique=None, default=None)

581

lastname = Column("lastname", String(255), nullable=True, unique=None, default=None)

581

lastname = Column("lastname", String(255), nullable=True, unique=None, default=None)

582

_email = Column("email", String(255), nullable=True, unique=None, default=None)

582

_email = Column("email", String(255), nullable=True, unique=None, default=None)

583

last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None)

583

last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None)

584

last_activity = Column('last_activity', DateTime(timezone=False), nullable=True, unique=None, default=None)

584

last_activity = Column('last_activity', DateTime(timezone=False), nullable=True, unique=None, default=None)

585

description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))

585

description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))

586

587

extern_type = Column("extern_type", String(255), nullable=True, unique=None, default=None)

587

extern_type = Column("extern_type", String(255), nullable=True, unique=None, default=None)

588

extern_name = Column("extern_name", String(255), nullable=True, unique=None, default=None)

588

extern_name = Column("extern_name", String(255), nullable=True, unique=None, default=None)

589

_api_key = Column("api_key", String(255), nullable=True, unique=None, default=None)

589

_api_key = Column("api_key", String(255), nullable=True, unique=None, default=None)

590

inherit_default_permissions = Column("inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)

590

inherit_default_permissions = Column("inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)

591

created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

591

created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

592

_user_data = Column("user_data", LargeBinary(), nullable=True) # JSON data

592

_user_data = Column("user_data", LargeBinary(), nullable=True) # JSON data

593

594

user_log = relationship('UserLog')

594

user_log = relationship('UserLog')

595

user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all, delete-orphan')

595

user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all, delete-orphan')

596

597

repositories = relationship('Repository')

597

repositories = relationship('Repository')

598

repository_groups = relationship('RepoGroup')

598

repository_groups = relationship('RepoGroup')

599

user_groups = relationship('UserGroup')

599

user_groups = relationship('UserGroup')

600

601

user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all')

601

user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all')

602

followings = relationship('UserFollowing', primaryjoin='UserFollowing.user_id==User.user_id', cascade='all')

602

followings = relationship('UserFollowing', primaryjoin='UserFollowing.user_id==User.user_id', cascade='all')

603

604

repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all, delete-orphan')

604

repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all, delete-orphan')

605

repo_group_to_perm = relationship('UserRepoGroupToPerm', primaryjoin='UserRepoGroupToPerm.user_id==User.user_id', cascade='all, delete-orphan')

605

repo_group_to_perm = relationship('UserRepoGroupToPerm', primaryjoin='UserRepoGroupToPerm.user_id==User.user_id', cascade='all, delete-orphan')

606

user_group_to_perm = relationship('UserUserGroupToPerm', primaryjoin='UserUserGroupToPerm.user_id==User.user_id', cascade='all, delete-orphan')

606

user_group_to_perm = relationship('UserUserGroupToPerm', primaryjoin='UserUserGroupToPerm.user_id==User.user_id', cascade='all, delete-orphan')

607

608

group_member = relationship('UserGroupMember', cascade='all')

608

group_member = relationship('UserGroupMember', cascade='all')

609

610

notifications = relationship('UserNotification', cascade='all')

610

notifications = relationship('UserNotification', cascade='all')

611

# notifications assigned to this user

611

# notifications assigned to this user

612

user_created_notifications = relationship('Notification', cascade='all')

612

user_created_notifications = relationship('Notification', cascade='all')

613

# comments created by this user

613

# comments created by this user

614

user_comments = relationship('ChangesetComment', cascade='all')

614

user_comments = relationship('ChangesetComment', cascade='all')

615

# user profile extra info

615

# user profile extra info

616

user_emails = relationship('UserEmailMap', cascade='all')

616

user_emails = relationship('UserEmailMap', cascade='all')

617

user_ip_map = relationship('UserIpMap', cascade='all')

617

user_ip_map = relationship('UserIpMap', cascade='all')

618

user_auth_tokens = relationship('UserApiKeys', cascade='all')

618

user_auth_tokens = relationship('UserApiKeys', cascade='all')

619

user_ssh_keys = relationship('UserSshKeys', cascade='all')

619

user_ssh_keys = relationship('UserSshKeys', cascade='all')

620

621

# gists

621

# gists

622

user_gists = relationship('Gist', cascade='all')

622

user_gists = relationship('Gist', cascade='all')

623

# user pull requests

623

# user pull requests

624

user_pull_requests = relationship('PullRequest', cascade='all')

624

user_pull_requests = relationship('PullRequest', cascade='all')

625

626

# external identities

626

# external identities

627

external_identities = relationship(

627

external_identities = relationship(

628

'ExternalIdentity',

628

'ExternalIdentity',

629

primaryjoin="User.user_id==ExternalIdentity.local_user_id",

629

primaryjoin="User.user_id==ExternalIdentity.local_user_id",

630

cascade='all')

630

cascade='all')

631

# review rules

631

# review rules

632

user_review_rules = relationship('RepoReviewRuleUser', cascade='all')

632

user_review_rules = relationship('RepoReviewRuleUser', cascade='all')

633

634

# artifacts owned

634

# artifacts owned

635

artifacts = relationship('FileStore', primaryjoin='FileStore.user_id==User.user_id')

635

artifacts = relationship('FileStore', primaryjoin='FileStore.user_id==User.user_id')

636

637

# no cascade, set NULL

637

# no cascade, set NULL

638

scope_artifacts = relationship('FileStore', primaryjoin='FileStore.scope_user_id==User.user_id')

638

scope_artifacts = relationship('FileStore', primaryjoin='FileStore.scope_user_id==User.user_id')

639

640

def __unicode__(self):

640

def __unicode__(self):

641

return u"<%s('id:%s:%s')>" % (self.__class__.__name__,

641

return u"<%s('id:%s:%s')>" % (self.__class__.__name__,

642

self.user_id, self.username)

642

self.user_id, self.username)

643

644

@hybrid_property

644

@hybrid_property

645

def email(self):

645

def email(self):

646

return self._email

646

return self._email

647

648

@email.setter

648

@email.setter

649

def email(self, val):

649

def email(self, val):

650

self._email = val.lower() if val else None

650

self._email = val.lower() if val else None

651

652

@hybrid_property

652

@hybrid_property

653

def first_name(self):

653

def first_name(self):

654

from rhodecode.lib import helpers as h

654

from rhodecode.lib import helpers as h

655

if self.name:

655

if self.name:

656

return h.escape(self.name)

656

return h.escape(self.name)

657

return self.name

657

return self.name

658

659

@hybrid_property

659

@hybrid_property

660

def last_name(self):

660

def last_name(self):

661

from rhodecode.lib import helpers as h

661

from rhodecode.lib import helpers as h

662

if self.lastname:

662

if self.lastname:

663

return h.escape(self.lastname)

663

return h.escape(self.lastname)

664

return self.lastname

664

return self.lastname

665

666

@hybrid_property

666

@hybrid_property

667

def api_key(self):

667

def api_key(self):

668

"""

668

"""

669

Fetch if exist an auth-token with role ALL connected to this user

669

Fetch if exist an auth-token with role ALL connected to this user

670

"""

670

"""

671

user_auth_token = UserApiKeys.query()\

671

user_auth_token = UserApiKeys.query()\

672

.filter(UserApiKeys.user_id == self.user_id)\

672

.filter(UserApiKeys.user_id == self.user_id)\

673

.filter(or_(UserApiKeys.expires == -1,

673

.filter(or_(UserApiKeys.expires == -1,

674

UserApiKeys.expires >= time.time()))\

674

UserApiKeys.expires >= time.time()))\

675

.filter(UserApiKeys.role == UserApiKeys.ROLE_ALL).first()

675

.filter(UserApiKeys.role == UserApiKeys.ROLE_ALL).first()

676

if user_auth_token:

676

if user_auth_token:

677

user_auth_token = user_auth_token.api_key

677

user_auth_token = user_auth_token.api_key

678

679

return user_auth_token

679

return user_auth_token

680

681

@api_key.setter

681

@api_key.setter

682

def api_key(self, val):

682

def api_key(self, val):

683

# don't allow to set API key this is deprecated for now

683

# don't allow to set API key this is deprecated for now

684

self._api_key = None

684

self._api_key = None

685

686

@property

686

@property

687

def reviewer_pull_requests(self):

687

def reviewer_pull_requests(self):

688

return PullRequestReviewers.query() \

688

return PullRequestReviewers.query() \

689

.options(joinedload(PullRequestReviewers.pull_request)) \

689

.options(joinedload(PullRequestReviewers.pull_request)) \

690

.filter(PullRequestReviewers.user_id == self.user_id) \

690

.filter(PullRequestReviewers.user_id == self.user_id) \

691

.all()

691

.all()

692

693

@property

693

@property

694

def firstname(self):

694

def firstname(self):

695

# alias for future

695

# alias for future

696

return self.name

696

return self.name

697

698

@property

698

@property

699

def emails(self):

699

def emails(self):

700

other = UserEmailMap.query()\

700

other = UserEmailMap.query()\

701

.filter(UserEmailMap.user == self) \

701

.filter(UserEmailMap.user == self) \

702

.order_by(UserEmailMap.email_id.asc()) \

702

.order_by(UserEmailMap.email_id.asc()) \

703

.all()

703

.all()

704

return [self.email] + [x.email for x in other]

704

return [self.email] + [x.email for x in other]

705

706

def emails_cached(self):

706

def emails_cached(self):

707

emails = UserEmailMap.query()\

707

emails = UserEmailMap.query()\

708

.filter(UserEmailMap.user == self) \

708

.filter(UserEmailMap.user == self) \

709

.order_by(UserEmailMap.email_id.asc())

709

.order_by(UserEmailMap.email_id.asc())

710

711

emails = emails.options(

711

emails = emails.options(

712

FromCache("sql_cache_short", "get_user_{}_emails".format(self.user_id))

712

FromCache("sql_cache_short", "get_user_{}_emails".format(self.user_id))

713

)

713

)

714

715

return [self.email] + [x.email for x in emails]

715

return [self.email] + [x.email for x in emails]

716

717

@property

717

@property

718

def auth_tokens(self):

718

def auth_tokens(self):

719

auth_tokens = self.get_auth_tokens()

719

auth_tokens = self.get_auth_tokens()

720

return [x.api_key for x in auth_tokens]

720

return [x.api_key for x in auth_tokens]

721

722

def get_auth_tokens(self):

722

def get_auth_tokens(self):

723

return UserApiKeys.query()\

723

return UserApiKeys.query()\

724

.filter(UserApiKeys.user == self)\

724

.filter(UserApiKeys.user == self)\

725

.order_by(UserApiKeys.user_api_key_id.asc())\

725

.order_by(UserApiKeys.user_api_key_id.asc())\

726

.all()

726

.all()

727

728

@LazyProperty

728

@LazyProperty

729

def feed_token(self):

729

def feed_token(self):

730

return self.get_feed_token()

730

return self.get_feed_token()

731

732

def get_feed_token(self, cache=True):

732

def get_feed_token(self, cache=True):

733

feed_tokens = UserApiKeys.query()\

733

feed_tokens = UserApiKeys.query()\

734

.filter(UserApiKeys.user == self)\

734

.filter(UserApiKeys.user == self)\

735

.filter(UserApiKeys.role == UserApiKeys.ROLE_FEED)

735

.filter(UserApiKeys.role == UserApiKeys.ROLE_FEED)

736

if cache:

736

if cache:

737

feed_tokens = feed_tokens.options(

737

feed_tokens = feed_tokens.options(

738

FromCache("sql_cache_short", "get_user_feed_token_%s" % self.user_id))

738

FromCache("sql_cache_short", "get_user_feed_token_%s" % self.user_id))

739

740

feed_tokens = feed_tokens.all()

740

feed_tokens = feed_tokens.all()

741

if feed_tokens:

741

if feed_tokens:

742

return feed_tokens[0].api_key

742

return feed_tokens[0].api_key

743

return 'NO_FEED_TOKEN_AVAILABLE'

743

return 'NO_FEED_TOKEN_AVAILABLE'

744

745

@LazyProperty

745

@LazyProperty

746

def artifact_token(self):

746

def artifact_token(self):

747

return self.get_artifact_token()

747

return self.get_artifact_token()

748

749

def get_artifact_token(self, cache=True):

749

def get_artifact_token(self, cache=True):

750

artifacts_tokens = UserApiKeys.query()\

750

artifacts_tokens = UserApiKeys.query()\

751

.filter(UserApiKeys.user == self)\

751

.filter(UserApiKeys.user == self)\

752

.filter(UserApiKeys.role == UserApiKeys.ROLE_ARTIFACT_DOWNLOAD)

752

.filter(UserApiKeys.role == UserApiKeys.ROLE_ARTIFACT_DOWNLOAD)

753

if cache:

753

if cache:

754

artifacts_tokens = artifacts_tokens.options(

754

artifacts_tokens = artifacts_tokens.options(

755

FromCache("sql_cache_short", "get_user_artifact_token_%s" % self.user_id))

755

FromCache("sql_cache_short", "get_user_artifact_token_%s" % self.user_id))

756

757

artifacts_tokens = artifacts_tokens.all()

757

artifacts_tokens = artifacts_tokens.all()

758

if artifacts_tokens:

758

if artifacts_tokens:

759

return artifacts_tokens[0].api_key

759

return artifacts_tokens[0].api_key

760

return 'NO_ARTIFACT_TOKEN_AVAILABLE'

760

return 'NO_ARTIFACT_TOKEN_AVAILABLE'

761

762

@classmethod

762

@classmethod

763

def get(cls, user_id, cache=False):

763

def get(cls, user_id, cache=False):

764

if not user_id:

764

if not user_id:

765

return

765

return

766

767

user = cls.query()

767

user = cls.query()

768

if cache:

768

if cache:

769

user = user.options(

769

user = user.options(

770

FromCache("sql_cache_short", "get_users_%s" % user_id))

770

FromCache("sql_cache_short", "get_users_%s" % user_id))

771

return user.get(user_id)

771

return user.get(user_id)

772

773

@classmethod

773

@classmethod

774

def extra_valid_auth_tokens(cls, user, role=None):

774

def extra_valid_auth_tokens(cls, user, role=None):

775

tokens = UserApiKeys.query().filter(UserApiKeys.user == user)\

775

tokens = UserApiKeys.query().filter(UserApiKeys.user == user)\

776

.filter(or_(UserApiKeys.expires == -1,

776

.filter(or_(UserApiKeys.expires == -1,

777

UserApiKeys.expires >= time.time()))

777

UserApiKeys.expires >= time.time()))

778

if role:

778

if role:

779

tokens = tokens.filter(or_(UserApiKeys.role == role,

779

tokens = tokens.filter(or_(UserApiKeys.role == role,

780

UserApiKeys.role == UserApiKeys.ROLE_ALL))

780

UserApiKeys.role == UserApiKeys.ROLE_ALL))

781

return tokens.all()

781

return tokens.all()

782

783

def authenticate_by_token(self, auth_token, roles=None, scope_repo_id=None):

783

def authenticate_by_token(self, auth_token, roles=None, scope_repo_id=None):

784

from rhodecode.lib import auth

784

from rhodecode.lib import auth

785

786

log.debug('Trying to authenticate user: %s via auth-token, '

786

log.debug('Trying to authenticate user: %s via auth-token, '

787

'and roles: %s', self, roles)

787

'and roles: %s', self, roles)

788

789

if not auth_token:

789

if not auth_token:

790

return False

790

return False

791

792

roles = (roles or []) + [UserApiKeys.ROLE_ALL]

792

roles = (roles or []) + [UserApiKeys.ROLE_ALL]

793

tokens_q = UserApiKeys.query()\

793

tokens_q = UserApiKeys.query()\

794

.filter(UserApiKeys.user_id == self.user_id)\

794

.filter(UserApiKeys.user_id == self.user_id)\

795

.filter(or_(UserApiKeys.expires == -1,

795

.filter(or_(UserApiKeys.expires == -1,

796

UserApiKeys.expires >= time.time()))

796

UserApiKeys.expires >= time.time()))

797

798

tokens_q = tokens_q.filter(UserApiKeys.role.in_(roles))

798

tokens_q = tokens_q.filter(UserApiKeys.role.in_(roles))

799

800

crypto_backend = auth.crypto_backend()

800

crypto_backend = auth.crypto_backend()

801

enc_token_map = {}

801

enc_token_map = {}

802

plain_token_map = {}

802

plain_token_map = {}

803

for token in tokens_q:

803

for token in tokens_q:

804

if token.api_key.startswith(crypto_backend.ENC_PREF):

804

if token.api_key.startswith(crypto_backend.ENC_PREF):

805

enc_token_map[token.api_key] = token

805

enc_token_map[token.api_key] = token

806

else:

806

else:

807

plain_token_map[token.api_key] = token

807

plain_token_map[token.api_key] = token

808

log.debug(

808

log.debug(

809

'Found %s plain and %s encrypted tokens to check for authentication for this user',

809

'Found %s plain and %s encrypted tokens to check for authentication for this user',

810

len(plain_token_map), len(enc_token_map))

810

len(plain_token_map), len(enc_token_map))

811

812

# plain token match comes first

812

# plain token match comes first

813

match = plain_token_map.get(auth_token)

813

match = plain_token_map.get(auth_token)

814

815

# check encrypted tokens now

815

# check encrypted tokens now

816

if not match:

816

if not match:

817

for token_hash, token in enc_token_map.items():

817

for token_hash, token in enc_token_map.items():

818

# NOTE(marcink): this is expensive to calculate, but most secure

818

# NOTE(marcink): this is expensive to calculate, but most secure

819

if crypto_backend.hash_check(auth_token, token_hash):

819

if crypto_backend.hash_check(auth_token, token_hash):

820

match = token

820

match = token

821

break

821

break

822

823

if match:

823

if match:

824

log.debug('Found matching token %s', match)

824

log.debug('Found matching token %s', match)

825

if match.repo_id:

825

if match.repo_id:

826

log.debug('Found scope, checking for scope match of token %s', match)

826

log.debug('Found scope, checking for scope match of token %s', match)

827

if match.repo_id == scope_repo_id:

827

if match.repo_id == scope_repo_id:

828

return True

828

return True

829

else:

829

else:

830

log.debug(

830

log.debug(

831

'AUTH_TOKEN: scope mismatch, token has a set repo scope: %s, '

831

'AUTH_TOKEN: scope mismatch, token has a set repo scope: %s, '

832

'and calling scope is:%s, skipping further checks',

832

'and calling scope is:%s, skipping further checks',

833

match.repo, scope_repo_id)

833

match.repo, scope_repo_id)

834

return False

834

return False

835

else:

835

else:

836

return True

836

return True

837

838

return False

838

return False

839

840

@property

840

@property

841

def ip_addresses(self):

841

def ip_addresses(self):

842

ret = UserIpMap.query().filter(UserIpMap.user == self).all()

842

ret = UserIpMap.query().filter(UserIpMap.user == self).all()

843

return [x.ip_addr for x in ret]

843

return [x.ip_addr for x in ret]

844

845

@property

845

@property

846

def username_and_name(self):

846

def username_and_name(self):

847

return '%s (%s %s)' % (self.username, self.first_name, self.last_name)

847

return '%s (%s %s)' % (self.username, self.first_name, self.last_name)

848

849

@property

849

@property

850

def username_or_name_or_email(self):

850

def username_or_name_or_email(self):

851

full_name = self.full_name if self.full_name is not ' ' else None

851

full_name = self.full_name if self.full_name is not ' ' else None

852

return self.username or full_name or self.email

852

return self.username or full_name or self.email

853

854

@property

854

@property

855

def full_name(self):

855

def full_name(self):

856

return '%s %s' % (self.first_name, self.last_name)

856

return '%s %s' % (self.first_name, self.last_name)

857

858

@property

858

@property

859

def full_name_or_username(self):

859

def full_name_or_username(self):

860

return ('%s %s' % (self.first_name, self.last_name)

860

return ('%s %s' % (self.first_name, self.last_name)

861

if (self.first_name and self.last_name) else self.username)

861

if (self.first_name and self.last_name) else self.username)

862

863

@property

863

@property

864

def full_contact(self):

864

def full_contact(self):

865

return '%s %s <%s>' % (self.first_name, self.last_name, self.email)

865

return '%s %s <%s>' % (self.first_name, self.last_name, self.email)

866

867

@property

867

@property

868

def short_contact(self):

868

def short_contact(self):

869

return '%s %s' % (self.first_name, self.last_name)

869

return '%s %s' % (self.first_name, self.last_name)

870

871

@property

871

@property

872

def is_admin(self):

872

def is_admin(self):

873

return self.admin

873

return self.admin

874

875

@property

875

@property

876

def language(self):

876

def language(self):

877

return self.user_data.get('language')

877

return self.user_data.get('language')

878

879

def AuthUser(self, **kwargs):

879

def AuthUser(self, **kwargs):

880

"""

880

"""

881

Returns instance of AuthUser for this user

881

Returns instance of AuthUser for this user

882

"""

882

"""

883

from rhodecode.lib.auth import AuthUser

883

from rhodecode.lib.auth import AuthUser

884

return AuthUser(user_id=self.user_id, username=self.username, **kwargs)

884

return AuthUser(user_id=self.user_id, username=self.username, **kwargs)

885

886

@hybrid_property

886

@hybrid_property

887

def user_data(self):

887

def user_data(self):

888

if not self._user_data:

888

if not self._user_data:

889

return {}

889

return {}

890

891

try:

891

try:

892

return json.loads(self._user_data)

892

return json.loads(self._user_data)

893

except TypeError:

893

except TypeError:

894

return {}

894

return {}

895

896

@user_data.setter

896

@user_data.setter

897

def user_data(self, val):

897

def user_data(self, val):

898

if not isinstance(val, dict):

898

if not isinstance(val, dict):

899

raise Exception('user_data must be dict, got %s' % type(val))

899

raise Exception('user_data must be dict, got %s' % type(val))

900

try:

900

try:

901

self._user_data = json.dumps(val)

901

self._user_data = json.dumps(val)

902

except Exception:

902

except Exception:

903

log.error(traceback.format_exc())

903

log.error(traceback.format_exc())

904

905

@classmethod

905

@classmethod

906

def get_by_username(cls, username, case_insensitive=False,

906

def get_by_username(cls, username, case_insensitive=False,

907

cache=False, identity_cache=False):

907

cache=False, identity_cache=False):

908

session = Session()

908

session = Session()

909

910

if case_insensitive:

910

if case_insensitive:

911

q = cls.query().filter(

911

q = cls.query().filter(

912

func.lower(cls.username) == func.lower(username))

912

func.lower(cls.username) == func.lower(username))

913

else:

913

else:

914

q = cls.query().filter(cls.username == username)

914

q = cls.query().filter(cls.username == username)

915

916

if cache:

916

if cache:

917

if identity_cache:

917

if identity_cache:

918

val = cls.identity_cache(session, 'username', username)

918

val = cls.identity_cache(session, 'username', username)

919

if val:

919

if val:

920

return val

920

return val

921

else:

921

else:

922

cache_key = "get_user_by_name_%s" % _hash_key(username)

922

cache_key = "get_user_by_name_%s" % _hash_key(username)

923

q = q.options(

923

q = q.options(

924

FromCache("sql_cache_short", cache_key))

924

FromCache("sql_cache_short", cache_key))

925

926

return q.scalar()

926

return q.scalar()

927

928

@classmethod

928

@classmethod

929

def get_by_auth_token(cls, auth_token, cache=False):

929

def get_by_auth_token(cls, auth_token, cache=False):

930

q = UserApiKeys.query()\

930

q = UserApiKeys.query()\

931

.filter(UserApiKeys.api_key == auth_token)\

931

.filter(UserApiKeys.api_key == auth_token)\

932

.filter(or_(UserApiKeys.expires == -1,

932

.filter(or_(UserApiKeys.expires == -1,

933

UserApiKeys.expires >= time.time()))

933

UserApiKeys.expires >= time.time()))

934

if cache:

934

if cache:

935

q = q.options(

935

q = q.options(

936

FromCache("sql_cache_short", "get_auth_token_%s" % auth_token))

936

FromCache("sql_cache_short", "get_auth_token_%s" % auth_token))

937

938

match = q.first()

938

match = q.first()

939

if match:

939

if match:

940

return match.user

940

return match.user

941

942

@classmethod

942

@classmethod

943

def get_by_email(cls, email, case_insensitive=False, cache=False):

943

def get_by_email(cls, email, case_insensitive=False, cache=False):

944

945

if case_insensitive:

945

if case_insensitive:

946

q = cls.query().filter(func.lower(cls.email) == func.lower(email))

946

q = cls.query().filter(func.lower(cls.email) == func.lower(email))

947

948

else:

948

else:

949

q = cls.query().filter(cls.email == email)

949

q = cls.query().filter(cls.email == email)

950

951

email_key = _hash_key(email)

951

email_key = _hash_key(email)

952

if cache:

952

if cache:

953

q = q.options(

953

q = q.options(

954

FromCache("sql_cache_short", "get_email_key_%s" % email_key))

954

FromCache("sql_cache_short", "get_email_key_%s" % email_key))

955

956

ret = q.scalar()

956

ret = q.scalar()

957

if ret is None:

957

if ret is None:

958

q = UserEmailMap.query()

958

q = UserEmailMap.query()

959

# try fetching in alternate email map

959

# try fetching in alternate email map

960

if case_insensitive:

960

if case_insensitive:

961

q = q.filter(func.lower(UserEmailMap.email) == func.lower(email))

961

q = q.filter(func.lower(UserEmailMap.email) == func.lower(email))

962

else:

962

else:

963

q = q.filter(UserEmailMap.email == email)

963

q = q.filter(UserEmailMap.email == email)

964

q = q.options(joinedload(UserEmailMap.user))

964

q = q.options(joinedload(UserEmailMap.user))

965

if cache:

965

if cache:

966

q = q.options(

966

q = q.options(

967

FromCache("sql_cache_short", "get_email_map_key_%s" % email_key))

967

FromCache("sql_cache_short", "get_email_map_key_%s" % email_key))

968

ret = getattr(q.scalar(), 'user', None)

968

ret = getattr(q.scalar(), 'user', None)

969

970

return ret

970

return ret

971

972

@classmethod

972

@classmethod

973

def get_from_cs_author(cls, author):

973

def get_from_cs_author(cls, author):

974

"""

974

"""

975

Tries to get User objects out of commit author string

975

Tries to get User objects out of commit author string

976

977

:param author:

977

:param author:

978

"""

978

"""

979

from rhodecode.lib.helpers import email, author_name

979

from rhodecode.lib.helpers import email, author_name

980

# Valid email in the attribute passed, see if they're in the system

980

# Valid email in the attribute passed, see if they're in the system

981

_email = email(author)

981

_email = email(author)

982

if _email:

982

if _email:

983

user = cls.get_by_email(_email, case_insensitive=True)

983

user = cls.get_by_email(_email, case_insensitive=True)

984

if user:

984

if user:

985

return user

985

return user

986

# Maybe we can match by username?

986

# Maybe we can match by username?

987

_author = author_name(author)

987

_author = author_name(author)

988

user = cls.get_by_username(_author, case_insensitive=True)

988

user = cls.get_by_username(_author, case_insensitive=True)

989

if user:

989

if user:

990

return user

990

return user

991

992

def update_userdata(self, **kwargs):

992

def update_userdata(self, **kwargs):

993

usr = self

993

usr = self

994

old = usr.user_data

994

old = usr.user_data

995

old.update(**kwargs)

995

old.update(**kwargs)

996

usr.user_data = old

996

usr.user_data = old

997

Session().add(usr)

997

Session().add(usr)

998

log.debug('updated userdata with %s', kwargs)

998

log.debug('updated userdata with %s', kwargs)

999

1000

def update_lastlogin(self):

1000

def update_lastlogin(self):

1001

"""Update user lastlogin"""

1001

"""Update user lastlogin"""

1002

self.last_login = datetime.datetime.now()

1002

self.last_login = datetime.datetime.now()

1003

Session().add(self)

1003

Session().add(self)

1004

log.debug('updated user %s lastlogin', self.username)

1004

log.debug('updated user %s lastlogin', self.username)

1005

1006

def update_password(self, new_password):

1006

def update_password(self, new_password):

1007

from rhodecode.lib.auth import get_crypt_password

1007

from rhodecode.lib.auth import get_crypt_password

1008

1009

self.password = get_crypt_password(new_password)

1009

self.password = get_crypt_password(new_password)

1010

Session().add(self)

1010

Session().add(self)

1011

1012

@classmethod

1012

@classmethod

1013

def get_first_super_admin(cls):

1013

def get_first_super_admin(cls):

1014

user = User.query()\

1014

user = User.query()\

1015

.filter(User.admin == true()) \

1015

.filter(User.admin == true()) \

1016

.order_by(User.user_id.asc()) \

1016

.order_by(User.user_id.asc()) \

1017

.first()

1017

.first()

1018

1019

if user is None:

1019

if user is None:

1020

raise Exception('FATAL: Missing administrative account!')

1020

raise Exception('FATAL: Missing administrative account!')

1021

return user

1021

return user

1022

1023

@classmethod

1023

@classmethod

1024

def get_all_super_admins(cls, only_active=False):

1024

def get_all_super_admins(cls, only_active=False):

1025

"""

1025

"""

1026

Returns all admin accounts sorted by username

1026

Returns all admin accounts sorted by username

1027

"""

1027

"""

1028

qry = User.query().filter(User.admin == true()).order_by(User.username.asc())

1028

qry = User.query().filter(User.admin == true()).order_by(User.username.asc())

1029

if only_active:

1029

if only_active:

1030

qry = qry.filter(User.active == true())

1030

qry = qry.filter(User.active == true())

1031

return qry.all()

1031

return qry.all()

1032

1033

@classmethod

1033

@classmethod

1034

def get_all_user_ids(cls, only_active=True):

1034

def get_all_user_ids(cls, only_active=True):

1035

"""

1035

"""

1036

Returns all users IDs

1036

Returns all users IDs

1037

"""

1037

"""

1038

qry = Session().query(User.user_id)

1038

qry = Session().query(User.user_id)

1039

1040

if only_active:

1040

if only_active:

1041

qry = qry.filter(User.active == true())

1041

qry = qry.filter(User.active == true())

1042

return [x.user_id for x in qry]

1042

return [x.user_id for x in qry]

1043

1044

@classmethod

1044

@classmethod

1045

def get_default_user(cls, cache=False, refresh=False):

1045

def get_default_user(cls, cache=False, refresh=False):

1046

user = User.get_by_username(User.DEFAULT_USER, cache=cache)

1046

user = User.get_by_username(User.DEFAULT_USER, cache=cache)

1047

if user is None:

1047

if user is None:

1048

raise Exception('FATAL: Missing default account!')

1048

raise Exception('FATAL: Missing default account!')

1049

if refresh:

1049

if refresh:

1050

# The default user might be based on outdated state which

1050

# The default user might be based on outdated state which

1051

# has been loaded from the cache.

1051

# has been loaded from the cache.

1052

# A call to refresh() ensures that the

1052

# A call to refresh() ensures that the

1053

# latest state from the database is used.

1053

# latest state from the database is used.

1054

Session().refresh(user)

1054

Session().refresh(user)

1055

return user

1055

return user

1056

1057

@classmethod

1057

@classmethod

1058

def get_default_user_id(cls):

1058

def get_default_user_id(cls):

1059

import rhodecode

1059

import rhodecode

1060

return rhodecode.CONFIG['default_user_id']

1060

return rhodecode.CONFIG['default_user_id']

1061

1062

def _get_default_perms(self, user, suffix=''):

1062

def _get_default_perms(self, user, suffix=''):

1063

from rhodecode.model.permission import PermissionModel

1063

from rhodecode.model.permission import PermissionModel

1064

return PermissionModel().get_default_perms(user.user_perms, suffix)

1064

return PermissionModel().get_default_perms(user.user_perms, suffix)

1065

1066

def get_default_perms(self, suffix=''):

1066

def get_default_perms(self, suffix=''):

1067

return self._get_default_perms(self, suffix)

1067

return self._get_default_perms(self, suffix)

1068

1069

def get_api_data(self, include_secrets=False, details='full'):

1069

def get_api_data(self, include_secrets=False, details='full'):

1070

"""

1070

"""

1071

Common function for generating user related data for API

1071

Common function for generating user related data for API

1072

1073

:param include_secrets: By default secrets in the API data will be replaced

1073

:param include_secrets: By default secrets in the API data will be replaced

1074

by a placeholder value to prevent exposing this data by accident. In case

1074

by a placeholder value to prevent exposing this data by accident. In case

1075

this data shall be exposed, set this flag to ``True``.

1075

this data shall be exposed, set this flag to ``True``.

1076

1077

:param details: details can be 'basic|full' basic gives only a subset of

1077

:param details: details can be 'basic|full' basic gives only a subset of

1078

the available user information that includes user_id, name and emails.

1078

the available user information that includes user_id, name and emails.

1079

"""

1079

"""

1080

user = self

1080

user = self

1081

user_data = self.user_data

1081

user_data = self.user_data

1082

data = {

1082

data = {

1083

'user_id': user.user_id,

1083

'user_id': user.user_id,

1084

'username': user.username,

1084

'username': user.username,

1085

'firstname': user.name,

1085

'firstname': user.name,

1086

'lastname': user.lastname,

1086

'lastname': user.lastname,

1087

'description': user.description,

1087

'description': user.description,

1088

'email': user.email,

1088

'email': user.email,

1089

'emails': user.emails,

1089

'emails': user.emails,

1090

}

1090

}

1091

if details == 'basic':

1091

if details == 'basic':

1092

return data

1092

return data

1093

1094

auth_token_length = 40

1094

auth_token_length = 40

1095

auth_token_replacement = '*' * auth_token_length

1095

auth_token_replacement = '*' * auth_token_length

1096

1097

extras = {

1097

extras = {

1098

'auth_tokens': [auth_token_replacement],

1098

'auth_tokens': [auth_token_replacement],

1099

'active': user.active,

1099

'active': user.active,

1100

'admin': user.admin,

1100

'admin': user.admin,

1101

'extern_type': user.extern_type,

1101

'extern_type': user.extern_type,

1102

'extern_name': user.extern_name,

1102

'extern_name': user.extern_name,

1103

'last_login': user.last_login,

1103

'last_login': user.last_login,

1104

'last_activity': user.last_activity,

1104

'last_activity': user.last_activity,

1105

'ip_addresses': user.ip_addresses,

1105

'ip_addresses': user.ip_addresses,

1106

'language': user_data.get('language')

1106

'language': user_data.get('language')

1107

}

1107

}

1108

data.update(extras)

1108

data.update(extras)

1109

1110

if include_secrets:

1110

if include_secrets:

1111

data['auth_tokens'] = user.auth_tokens

1111

data['auth_tokens'] = user.auth_tokens

1112

return data

1112

return data

1113

1114

def __json__(self):

1114

def __json__(self):

1115

data = {

1115

data = {

1116

'full_name': self.full_name,

1116

'full_name': self.full_name,

1117

'full_name_or_username': self.full_name_or_username,

1117

'full_name_or_username': self.full_name_or_username,

1118

'short_contact': self.short_contact,

1118

'short_contact': self.short_contact,

1119

'full_contact': self.full_contact,

1119

'full_contact': self.full_contact,

1120

}

1120

}

1121

data.update(self.get_api_data())

1121

data.update(self.get_api_data())

1122

return data

1122

return data

1123

1124

1125

class UserApiKeys(Base, BaseModel):

1125

class UserApiKeys(Base, BaseModel):

1126

__tablename__ = 'user_api_keys'

1126

__tablename__ = 'user_api_keys'

1127

__table_args__ = (

1127

__table_args__ = (

1128

Index('uak_api_key_idx', 'api_key'),

1128

Index('uak_api_key_idx', 'api_key'),

1129

Index('uak_api_key_expires_idx', 'api_key', 'expires'),

1129

Index('uak_api_key_expires_idx', 'api_key', 'expires'),

1130

base_table_args

1130

base_table_args

1131

)

1131

)

1132

__mapper_args__ = {}

1132

__mapper_args__ = {}

1133

1134

# ApiKey role

1134

# ApiKey role

1135

ROLE_ALL = 'token_role_all'

1135

ROLE_ALL = 'token_role_all'

1136

ROLE_VCS = 'token_role_vcs'

1136

ROLE_VCS = 'token_role_vcs'

1137

ROLE_API = 'token_role_api'

1137

ROLE_API = 'token_role_api'

1138

ROLE_HTTP = 'token_role_http'

1138

ROLE_HTTP = 'token_role_http'

1139

ROLE_FEED = 'token_role_feed'

1139

ROLE_FEED = 'token_role_feed'

1140

ROLE_ARTIFACT_DOWNLOAD = 'role_artifact_download'

1140

ROLE_ARTIFACT_DOWNLOAD = 'role_artifact_download'

1141

# The last one is ignored in the list as we only

1141

# The last one is ignored in the list as we only

1142

# use it for one action, and cannot be created by users

1142

# use it for one action, and cannot be created by users

1143

ROLE_PASSWORD_RESET = 'token_password_reset'

1143

ROLE_PASSWORD_RESET = 'token_password_reset'

1144

1145

ROLES = [ROLE_ALL, ROLE_VCS, ROLE_API, ROLE_HTTP, ROLE_FEED, ROLE_ARTIFACT_DOWNLOAD]

1145

ROLES = [ROLE_ALL, ROLE_VCS, ROLE_API, ROLE_HTTP, ROLE_FEED, ROLE_ARTIFACT_DOWNLOAD]

1146

1147

user_api_key_id = Column("user_api_key_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

1147

user_api_key_id = Column("user_api_key_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

1148

user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)

1148

user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)

1149

api_key = Column("api_key", String(255), nullable=False, unique=True)

1149

api_key = Column("api_key", String(255), nullable=False, unique=True)

1150

description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))

1150

description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))

1151

expires = Column('expires', Float(53), nullable=False)

1151

expires = Column('expires', Float(53), nullable=False)

1152

role = Column('role', String(255), nullable=True)

1152

role = Column('role', String(255), nullable=True)

1153

created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

1153

created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

1154

1155

# scope columns

1155

# scope columns

1156

repo_id = Column(

1156

repo_id = Column(

1157

'repo_id', Integer(), ForeignKey('repositories.repo_id'),

1157

'repo_id', Integer(), ForeignKey('repositories.repo_id'),

1158

nullable=True, unique=None, default=None)

1158

nullable=True, unique=None, default=None)

1159

repo = relationship('Repository', lazy='joined')

1159

repo = relationship('Repository', lazy='joined')

1160

1161

repo_group_id = Column(

1161

repo_group_id = Column(

1162

'repo_group_id', Integer(), ForeignKey('groups.group_id'),

1162

'repo_group_id', Integer(), ForeignKey('groups.group_id'),

1163

nullable=True, unique=None, default=None)

1163

nullable=True, unique=None, default=None)

1164

repo_group = relationship('RepoGroup', lazy='joined')

1164

repo_group = relationship('RepoGroup', lazy='joined')

1165

1166

user = relationship('User', lazy='joined')

1166

user = relationship('User', lazy='joined')

1167

1168

def __unicode__(self):

1168

def __unicode__(self):

1169

return u"<%s('%s')>" % (self.__class__.__name__, self.role)

1169

return u"<%s('%s')>" % (self.__class__.__name__, self.role)

1170

1171

def __json__(self):

1171

def __json__(self):

1172

data = {

1172

data = {

1173

'auth_token': self.api_key,

1173

'auth_token': self.api_key,

1174

'role': self.role,

1174

'role': self.role,

1175

'scope': self.scope_humanized,

1175

'scope': self.scope_humanized,

1176

'expired': self.expired

1176

'expired': self.expired

1177

}

1177

}

1178

return data

1178

return data

1179

1180

def get_api_data(self, include_secrets=False):

1180

def get_api_data(self, include_secrets=False):

1181

data = self.__json__()

1181

data = self.__json__()

1182

if include_secrets:

1182

if include_secrets:

1183

return data

1183

return data

1184

else:

1184

else:

1185

data['auth_token'] = self.token_obfuscated

1185

data['auth_token'] = self.token_obfuscated

1186

return data

1186

return data

1187

1188

@hybrid_property

1188

@hybrid_property

1189

def description_safe(self):

1189

def description_safe(self):

1190

from rhodecode.lib import helpers as h

1190

from rhodecode.lib import helpers as h

1191

return h.escape(self.description)

1191

return h.escape(self.description)

1192

1193

@property

1193

@property

1194

def expired(self):

1194

def expired(self):

1195

if self.expires == -1:

1195

if self.expires == -1:

1196

return False

1196

return False

1197

return time.time() > self.expires

1197

return time.time() > self.expires

1198

1199

@classmethod

1199

@classmethod

1200

def _get_role_name(cls, role):

1200

def _get_role_name(cls, role):

1201

return {

1201

return {

1202

cls.ROLE_ALL: _('all'),

1202

cls.ROLE_ALL: _('all'),

1203

cls.ROLE_HTTP: _('http/web interface'),

1203

cls.ROLE_HTTP: _('http/web interface'),

1204

cls.ROLE_VCS: _('vcs (git/hg/svn protocol)'),

1204

cls.ROLE_VCS: _('vcs (git/hg/svn protocol)'),

1205

cls.ROLE_API: _('api calls'),

1205

cls.ROLE_API: _('api calls'),

1206

cls.ROLE_FEED: _('feed access'),

1206

cls.ROLE_FEED: _('feed access'),

1207

cls.ROLE_ARTIFACT_DOWNLOAD: _('artifacts downloads'),

1207

cls.ROLE_ARTIFACT_DOWNLOAD: _('artifacts downloads'),

1208

}.get(role, role)

1208

}.get(role, role)

1209

1210

@classmethod

1210

@classmethod

1211

def _get_role_description(cls, role):

1211

def _get_role_description(cls, role):

1212

return {

1212

return {

1213

cls.ROLE_ALL: _('Token for all actions.'),

1213

cls.ROLE_ALL: _('Token for all actions.'),

1214

cls.ROLE_HTTP: _('Token to access RhodeCode pages via web interface without '

1214

cls.ROLE_HTTP: _('Token to access RhodeCode pages via web interface without '

1215

'login using `api_access_controllers_whitelist` functionality.'),

1215

'login using `api_access_controllers_whitelist` functionality.'),

1216

cls.ROLE_VCS: _('Token to interact over git/hg/svn protocols. '

1216

cls.ROLE_VCS: _('Token to interact over git/hg/svn protocols. '

1217

'Requires auth_token authentication plugin to be active. <br/>'

1217

'Requires auth_token authentication plugin to be active. <br/>'

1218

'Such Token should be used then instead of a password to '

1218

'Such Token should be used then instead of a password to '

1219

'interact with a repository, and additionally can be '

1219

'interact with a repository, and additionally can be '

1220

'limited to single repository using repo scope.'),

1220

'limited to single repository using repo scope.'),

1221

cls.ROLE_API: _('Token limited to api calls.'),

1221

cls.ROLE_API: _('Token limited to api calls.'),

1222

cls.ROLE_FEED: _('Token to read RSS/ATOM feed.'),

1222

cls.ROLE_FEED: _('Token to read RSS/ATOM feed.'),

1223

cls.ROLE_ARTIFACT_DOWNLOAD: _('Token for artifacts downloads.'),

1223

cls.ROLE_ARTIFACT_DOWNLOAD: _('Token for artifacts downloads.'),

1224

}.get(role, role)

1224

}.get(role, role)

1225

1226

@property

1226

@property

1227

def role_humanized(self):

1227

def role_humanized(self):

1228

return self._get_role_name(self.role)

1228

return self._get_role_name(self.role)

1229

1230

def _get_scope(self):

1230

def _get_scope(self):

1231

if self.repo:

1231

if self.repo:

1232

return 'Repository: {}'.format(self.repo.repo_name)

1232

return 'Repository: {}'.format(self.repo.repo_name)

1233

if self.repo_group:

1233

if self.repo_group:

1234

return 'RepositoryGroup: {} (recursive)'.format(self.repo_group.group_name)

1234

return 'RepositoryGroup: {} (recursive)'.format(self.repo_group.group_name)

1235

return 'Global'

1235

return 'Global'

1236

1237

@property

1237

@property

1238

def scope_humanized(self):

1238

def scope_humanized(self):

1239

return self._get_scope()

1239

return self._get_scope()

1240

1241

@property

1241

@property

1242

def token_obfuscated(self):

1242

def token_obfuscated(self):

1243

if self.api_key:

1243

if self.api_key:

1244

return self.api_key[:4] + "****"

1244

return self.api_key[:4] + "****"

1245

1246

1247

class UserEmailMap(Base, BaseModel):

1247

class UserEmailMap(Base, BaseModel):

1248

__tablename__ = 'user_email_map'

1248

__tablename__ = 'user_email_map'

1249

__table_args__ = (

1249

__table_args__ = (

1250

Index('uem_email_idx', 'email'),

1250

Index('uem_email_idx', 'email'),

1251

UniqueConstraint('email'),

1251

UniqueConstraint('email'),

1252

base_table_args

1252

base_table_args

1253

)

1253

)

1254

__mapper_args__ = {}

1254

__mapper_args__ = {}

1255

1256

email_id = Column("email_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

1256

email_id = Column("email_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

1257

user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)

1257

user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)

1258

_email = Column("email", String(255), nullable=True, unique=False, default=None)

1258

_email = Column("email", String(255), nullable=True, unique=False, default=None)

1259

user = relationship('User', lazy='joined')

1259

user = relationship('User', lazy='joined')

1260

1261

@validates('_email')

1261

@validates('_email')

1262

def validate_email(self, key, email):

1262

def validate_email(self, key, email):

1263

# check if this email is not main one

1263

# check if this email is not main one

1264

main_email = Session().query(User).filter(User.email == email).scalar()

1264

main_email = Session().query(User).filter(User.email == email).scalar()

1265

if main_email is not None:

1265

if main_email is not None:

1266

raise AttributeError('email %s is present is user table' % email)

1266

raise AttributeError('email %s is present is user table' % email)

1267

return email

1267

return email

1268

1269

@hybrid_property

1269

@hybrid_property

1270

def email(self):

1270

def email(self):

1271

return self._email

1271

return self._email

1272

1273

@email.setter

1273

@email.setter

1274

def email(self, val):

1274

def email(self, val):

1275

self._email = val.lower() if val else None

1275

self._email = val.lower() if val else None

1276

1277

1278

class UserIpMap(Base, BaseModel):

1278

class UserIpMap(Base, BaseModel):

1279

__tablename__ = 'user_ip_map'

1279

__tablename__ = 'user_ip_map'

1280

__table_args__ = (

1280

__table_args__ = (

1281

UniqueConstraint('user_id', 'ip_addr'),

1281

UniqueConstraint('user_id', 'ip_addr'),

1282

base_table_args

1282

base_table_args

1283

)

1283

)

1284

__mapper_args__ = {}

1284

__mapper_args__ = {}

1285

1286

ip_id = Column("ip_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

1286

ip_id = Column("ip_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

1287

user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)

1287

user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)

1288

ip_addr = Column("ip_addr", String(255), nullable=True, unique=False, default=None)

1288

ip_addr = Column("ip_addr", String(255), nullable=True, unique=False, default=None)

1289

active = Column("active", Boolean(), nullable=True, unique=None, default=True)

1289

active = Column("active", Boolean(), nullable=True, unique=None, default=True)

1290

description = Column("description", String(10000), nullable=True, unique=None, default=None)

1290

description = Column("description", String(10000), nullable=True, unique=None, default=None)

1291

user = relationship('User', lazy='joined')

1291

user = relationship('User', lazy='joined')

1292

1293

@hybrid_property

1293

@hybrid_property

1294

def description_safe(self):

1294

def description_safe(self):

1295

from rhodecode.lib import helpers as h

1295

from rhodecode.lib import helpers as h

1296

return h.escape(self.description)

1296

return h.escape(self.description)

1297

1298

@classmethod

1298

@classmethod

1299

def _get_ip_range(cls, ip_addr):

1299

def _get_ip_range(cls, ip_addr):

1300

net = ipaddress.ip_network(safe_unicode(ip_addr), strict=False)

1300

net = ipaddress.ip_network(safe_unicode(ip_addr), strict=False)

1301

return [str(net.network_address), str(net.broadcast_address)]

1301

return [str(net.network_address), str(net.broadcast_address)]

1302

1303

def __json__(self):

1303

def __json__(self):

1304

return {

1304

return {

1305

'ip_addr': self.ip_addr,

1305

'ip_addr': self.ip_addr,

1306

'ip_range': self._get_ip_range(self.ip_addr),

1306

'ip_range': self._get_ip_range(self.ip_addr),

1307

}

1307

}

1308

1309

def __unicode__(self):

1309

def __unicode__(self):

1310

return u"<%s('user_id:%s=>%s')>" % (self.__class__.__name__,

1310

return u"<%s('user_id:%s=>%s')>" % (self.__class__.__name__,

1311

self.user_id, self.ip_addr)

1311

self.user_id, self.ip_addr)

1312

1313

1314

class UserSshKeys(Base, BaseModel):

1314

class UserSshKeys(Base, BaseModel):

1315

__tablename__ = 'user_ssh_keys'

1315

__tablename__ = 'user_ssh_keys'

1316

__table_args__ = (

1316

__table_args__ = (

1317

Index('usk_ssh_key_fingerprint_idx', 'ssh_key_fingerprint'),

1317

Index('usk_ssh_key_fingerprint_idx', 'ssh_key_fingerprint'),

1318

1319

UniqueConstraint('ssh_key_fingerprint'),

1319

UniqueConstraint('ssh_key_fingerprint'),

1320

1321

base_table_args

1321

base_table_args

1322

)

1322

)

1323

__mapper_args__ = {}

1323

__mapper_args__ = {}

1324

1325

ssh_key_id = Column('ssh_key_id', Integer(), nullable=False, unique=True, default=None, primary_key=True)

1325

ssh_key_id = Column('ssh_key_id', Integer(), nullable=False, unique=True, default=None, primary_key=True)

1326

ssh_key_data = Column('ssh_key_data', String(10240), nullable=False, unique=None, default=None)

1326

ssh_key_data = Column('ssh_key_data', String(10240), nullable=False, unique=None, default=None)

1327

ssh_key_fingerprint = Column('ssh_key_fingerprint', String(255), nullable=False, unique=None, default=None)

1327

ssh_key_fingerprint = Column('ssh_key_fingerprint', String(255), nullable=False, unique=None, default=None)

1328

1329

description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))

1329

description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))

1330

1331

created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

1331

created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

1332

accessed_on = Column('accessed_on', DateTime(timezone=False), nullable=True, default=None)

1332

accessed_on = Column('accessed_on', DateTime(timezone=False), nullable=True, default=None)

1333

user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)

1333

user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)

1334

1335

user = relationship('User', lazy='joined')

1335

user = relationship('User', lazy='joined')

1336

1337

def __json__(self):

1337

def __json__(self):

1338

data = {

1338

data = {

1339

'ssh_fingerprint': self.ssh_key_fingerprint,

1339

'ssh_fingerprint': self.ssh_key_fingerprint,

1340

'description': self.description,

1340

'description': self.description,

1341

'created_on': self.created_on

1341

'created_on': self.created_on

1342

}

1342

}

1343

return data

1343

return data

1344

1345

def get_api_data(self):

1345

def get_api_data(self):

1346

data = self.__json__()

1346

data = self.__json__()

1347

return data

1347

return data

1348

1349

1350

class UserLog(Base, BaseModel):

1350

class UserLog(Base, BaseModel):

1351

__tablename__ = 'user_logs'

1351

__tablename__ = 'user_logs'

1352

__table_args__ = (

1352

__table_args__ = (

1353

base_table_args,

1353

base_table_args,

1354

)

1354

)

1355

1356

VERSION_1 = 'v1'

1356

VERSION_1 = 'v1'

1357

VERSION_2 = 'v2'

1357

VERSION_2 = 'v2'

1358

VERSIONS = [VERSION_1, VERSION_2]

1358

VERSIONS = [VERSION_1, VERSION_2]

1359

1360

user_log_id = Column("user_log_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

1360

user_log_id = Column("user_log_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

1361

user_id = Column("user_id", Integer(), ForeignKey('users.user_id',ondelete='SET NULL'), nullable=True, unique=None, default=None)

1361

user_id = Column("user_id", Integer(), ForeignKey('users.user_id',ondelete='SET NULL'), nullable=True, unique=None, default=None)

1362

username = Column("username", String(255), nullable=True, unique=None, default=None)

1362

username = Column("username", String(255), nullable=True, unique=None, default=None)

1363

repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id', ondelete='SET NULL'), nullable=True, unique=None, default=None)

1363

repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id', ondelete='SET NULL'), nullable=True, unique=None, default=None)

1364

repository_name = Column("repository_name", String(255), nullable=True, unique=None, default=None)

1364

repository_name = Column("repository_name", String(255), nullable=True, unique=None, default=None)

1365

user_ip = Column("user_ip", String(255), nullable=True, unique=None, default=None)

1365

user_ip = Column("user_ip", String(255), nullable=True, unique=None, default=None)

1366

action = Column("action", Text().with_variant(Text(1200000), 'mysql'), nullable=True, unique=None, default=None)

1366

action = Column("action", Text().with_variant(Text(1200000), 'mysql'), nullable=True, unique=None, default=None)

1367

action_date = Column("action_date", DateTime(timezone=False), nullable=True, unique=None, default=None)

1367

action_date = Column("action_date", DateTime(timezone=False), nullable=True, unique=None, default=None)

1368

1369

version = Column("version", String(255), nullable=True, default=VERSION_1)

1369

version = Column("version", String(255), nullable=True, default=VERSION_1)

1370

user_data = Column('user_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))

1370

user_data = Column('user_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))

1371

action_data = Column('action_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))

1371

action_data = Column('action_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))

1372

1373

def __unicode__(self):

1373

def __unicode__(self):

1374

return u"<%s('id:%s:%s')>" % (

1374

return u"<%s('id:%s:%s')>" % (

1375

self.__class__.__name__, self.repository_name, self.action)

1375

self.__class__.__name__, self.repository_name, self.action)

1376

1377

def __json__(self):

1377

def __json__(self):

1378

return {

1378

return {

1379

'user_id': self.user_id,

1379

'user_id': self.user_id,

1380

'username': self.username,

1380

'username': self.username,

1381

'repository_id': self.repository_id,

1381

'repository_id': self.repository_id,

1382

'repository_name': self.repository_name,

1382

'repository_name': self.repository_name,

1383

'user_ip': self.user_ip,

1383

'user_ip': self.user_ip,

1384

'action_date': self.action_date,

1384

'action_date': self.action_date,

1385

'action': self.action,

1385

'action': self.action,

1386

}

1386

}

1387

1388

@hybrid_property

1388

@hybrid_property

1389

def entry_id(self):

1389

def entry_id(self):

1390

return self.user_log_id

1390

return self.user_log_id

1391

1392

@property

1392

@property

1393

def action_as_day(self):

1393

def action_as_day(self):

1394

return datetime.date(*self.action_date.timetuple()[:3])

1394

return datetime.date(*self.action_date.timetuple()[:3])

1395

1396

user = relationship('User')

1396

user = relationship('User')

1397

repository = relationship('Repository', cascade='')

1397

repository = relationship('Repository', cascade='')

1398

1399

1400

class UserGroup(Base, BaseModel):

1400

class UserGroup(Base, BaseModel):

1401

__tablename__ = 'users_groups'

1401

__tablename__ = 'users_groups'

1402

__table_args__ = (

1402

__table_args__ = (

1403

base_table_args,

1403

base_table_args,

1404

)

1404

)

1405

1406

users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

1406

users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

1407

users_group_name = Column("users_group_name", String(255), nullable=False, unique=True, default=None)

1407

users_group_name = Column("users_group_name", String(255), nullable=False, unique=True, default=None)

1408

user_group_description = Column("user_group_description", String(10000), nullable=True, unique=None, default=None)

1408

user_group_description = Column("user_group_description", String(10000), nullable=True, unique=None, default=None)

1409

users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None)

1409

users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None)

1410

inherit_default_permissions = Column("users_group_inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)

1410

inherit_default_permissions = Column("users_group_inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)

1411

user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)

1411

user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)

1412

created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

1412

created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

1413

_group_data = Column("group_data", LargeBinary(), nullable=True) # JSON data

1413

_group_data = Column("group_data", LargeBinary(), nullable=True) # JSON data

1414

1415

members = relationship('UserGroupMember', cascade="all, delete-orphan", lazy="joined")

1415

members = relationship('UserGroupMember', cascade="all, delete-orphan", lazy="joined")

1416

users_group_to_perm = relationship('UserGroupToPerm', cascade='all')

1416

users_group_to_perm = relationship('UserGroupToPerm', cascade='all')

1417

users_group_repo_to_perm = relationship('UserGroupRepoToPerm', cascade='all')

1417

users_group_repo_to_perm = relationship('UserGroupRepoToPerm', cascade='all')

1418

users_group_repo_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')

1418

users_group_repo_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')

1419

user_user_group_to_perm = relationship('UserUserGroupToPerm', cascade='all')

1419

user_user_group_to_perm = relationship('UserUserGroupToPerm', cascade='all')

1420

user_group_user_group_to_perm = relationship('UserGroupUserGroupToPerm ', primaryjoin="UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id", cascade='all')

1420

user_group_user_group_to_perm = relationship('UserGroupUserGroupToPerm ', primaryjoin="UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id", cascade='all')

1421

1422

user_group_review_rules = relationship('RepoReviewRuleUserGroup', cascade='all')

1422

user_group_review_rules = relationship('RepoReviewRuleUserGroup', cascade='all')

1423

user = relationship('User', primaryjoin="User.user_id==UserGroup.user_id")

1423

user = relationship('User', primaryjoin="User.user_id==UserGroup.user_id")

1424

1425

@classmethod

1425

@classmethod

1426

def _load_group_data(cls, column):

1426

def _load_group_data(cls, column):

1427

if not column:

1427

if not column:

1428

return {}

1428

return {}

1429

1430

try:

1430

try:

1431

return json.loads(column) or {}

1431

return json.loads(column) or {}

1432

except TypeError:

1432

except TypeError:

1433

return {}

1433

return {}

1434

1435

@hybrid_property

1435

@hybrid_property

1436

def description_safe(self):

1436

def description_safe(self):

1437

from rhodecode.lib import helpers as h

1437

from rhodecode.lib import helpers as h

1438

return h.escape(self.user_group_description)

1438

return h.escape(self.user_group_description)

1439

1440

@hybrid_property

1440

@hybrid_property

1441

def group_data(self):

1441

def group_data(self):

1442

return self._load_group_data(self._group_data)

1442

return self._load_group_data(self._group_data)

1443

1444

@group_data.expression

1444

@group_data.expression

1445

def group_data(self, **kwargs):

1445

def group_data(self, **kwargs):

1446

return self._group_data

1446

return self._group_data

1447

1448

@group_data.setter

1448

@group_data.setter

1449

def group_data(self, val):

1449

def group_data(self, val):

1450

try:

1450

try:

1451

self._group_data = json.dumps(val)

1451

self._group_data = json.dumps(val)

1452

except Exception:

1452

except Exception:

1453

log.error(traceback.format_exc())

1453

log.error(traceback.format_exc())

1454

1455

@classmethod

1455

@classmethod

1456

def _load_sync(cls, group_data):

1456

def _load_sync(cls, group_data):

1457

if group_data:

1457

if group_data:

1458

return group_data.get('extern_type')

1458

return group_data.get('extern_type')

1459

1460

@property

1460

@property

1461

def sync(self):

1461

def sync(self):

1462

return self._load_sync(self.group_data)

1462

return self._load_sync(self.group_data)

1463

1464

def __unicode__(self):

1464

def __unicode__(self):

1465

return u"<%s('id:%s:%s')>" % (self.__class__.__name__,

1465

return u"<%s('id:%s:%s')>" % (self.__class__.__name__,

1466

self.users_group_id,

1466

self.users_group_id,

1467

self.users_group_name)

1467

self.users_group_name)

1468

1469

@classmethod

1469

@classmethod

1470

def get_by_group_name(cls, group_name, cache=False,

1470

def get_by_group_name(cls, group_name, cache=False,

1471

case_insensitive=False):

1471

case_insensitive=False):

1472

if case_insensitive:

1472

if case_insensitive:

1473

q = cls.query().filter(func.lower(cls.users_group_name) ==

1473

q = cls.query().filter(func.lower(cls.users_group_name) ==

1474

func.lower(group_name))

1474

func.lower(group_name))

1475

1476

else:

1476

else:

1477

q = cls.query().filter(cls.users_group_name == group_name)

1477

q = cls.query().filter(cls.users_group_name == group_name)

1478

if cache:

1478

if cache:

1479

q = q.options(

1479

q = q.options(

1480

FromCache("sql_cache_short", "get_group_%s" % _hash_key(group_name)))

1480

FromCache("sql_cache_short", "get_group_%s" % _hash_key(group_name)))

1481

return q.scalar()

1481

return q.scalar()

1482

1483

@classmethod

1483

@classmethod

1484

def get(cls, user_group_id, cache=False):

1484

def get(cls, user_group_id, cache=False):

1485

if not user_group_id:

1485

if not user_group_id:

1486

return

1486

return

1487

1488

user_group = cls.query()

1488

user_group = cls.query()

1489

if cache:

1489

if cache:

1490

user_group = user_group.options(

1490

user_group = user_group.options(

1491

FromCache("sql_cache_short", "get_users_group_%s" % user_group_id))

1491

FromCache("sql_cache_short", "get_users_group_%s" % user_group_id))

1492

return user_group.get(user_group_id)

1492

return user_group.get(user_group_id)

1493

1494

def permissions(self, with_admins=True, with_owner=True,

1494

def permissions(self, with_admins=True, with_owner=True,

1495

expand_from_user_groups=False):

1495

expand_from_user_groups=False):

1496

"""

1496

"""

1497

Permissions for user groups

1497

Permissions for user groups

1498

"""

1498

"""

1499

_admin_perm = 'usergroup.admin'

1499

_admin_perm = 'usergroup.admin'

1500

1501

owner_row = []

1501

owner_row = []

1502

if with_owner:

1502

if with_owner:

1503

usr = AttributeDict(self.user.get_dict())

1503

usr = AttributeDict(self.user.get_dict())

1504

usr.owner_row = True

1504

usr.owner_row = True

1505

usr.permission = _admin_perm

1505

usr.permission = _admin_perm

1506

owner_row.append(usr)

1506

owner_row.append(usr)

1507

1508

super_admin_ids = []

1508

super_admin_ids = []

1509

super_admin_rows = []

1509

super_admin_rows = []

1510

if with_admins:

1510

if with_admins:

1511

for usr in User.get_all_super_admins():

1511

for usr in User.get_all_super_admins():

1512

super_admin_ids.append(usr.user_id)

1512

super_admin_ids.append(usr.user_id)

1513

# if this admin is also owner, don't double the record

1513

# if this admin is also owner, don't double the record

1514

if usr.user_id == owner_row[0].user_id:

1514

if usr.user_id == owner_row[0].user_id:

1515

owner_row[0].admin_row = True

1515

owner_row[0].admin_row = True

1516

else:

1516

else:

1517

usr = AttributeDict(usr.get_dict())

1517

usr = AttributeDict(usr.get_dict())

1518

usr.admin_row = True

1518

usr.admin_row = True

1519

usr.permission = _admin_perm

1519

usr.permission = _admin_perm

1520

super_admin_rows.append(usr)

1520

super_admin_rows.append(usr)

1521

1522

q = UserUserGroupToPerm.query().filter(UserUserGroupToPerm.user_group == self)

1522

q = UserUserGroupToPerm.query().filter(UserUserGroupToPerm.user_group == self)

1523

q = q.options(joinedload(UserUserGroupToPerm.user_group),

1523

q = q.options(joinedload(UserUserGroupToPerm.user_group),

1524

joinedload(UserUserGroupToPerm.user),

1524

joinedload(UserUserGroupToPerm.user),

1525

joinedload(UserUserGroupToPerm.permission),)

1525

joinedload(UserUserGroupToPerm.permission),)

1526

1527

# get owners and admins and permissions. We do a trick of re-writing

1527

# get owners and admins and permissions. We do a trick of re-writing

1528

# objects from sqlalchemy to named-tuples due to sqlalchemy session

1528

# objects from sqlalchemy to named-tuples due to sqlalchemy session

1529

# has a global reference and changing one object propagates to all

1529

# has a global reference and changing one object propagates to all

1530

# others. This means if admin is also an owner admin_row that change

1530

# others. This means if admin is also an owner admin_row that change

1531

# would propagate to both objects

1531

# would propagate to both objects

1532

perm_rows = []

1532

perm_rows = []

1533

for _usr in q.all():

1533

for _usr in q.all():

1534

usr = AttributeDict(_usr.user.get_dict())

1534

usr = AttributeDict(_usr.user.get_dict())

1535

# if this user is also owner/admin, mark as duplicate record

1535

# if this user is also owner/admin, mark as duplicate record

1536

if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:

1536

if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:

1537

usr.duplicate_perm = True

1537

usr.duplicate_perm = True

1538

usr.permission = _usr.permission.permission_name

1538

usr.permission = _usr.permission.permission_name

1539

perm_rows.append(usr)

1539

perm_rows.append(usr)

1540

1541

# filter the perm rows by 'default' first and then sort them by

1541

# filter the perm rows by 'default' first and then sort them by

1542

# admin,write,read,none permissions sorted again alphabetically in

1542

# admin,write,read,none permissions sorted again alphabetically in

1543

# each group

1543

# each group

1544

perm_rows = sorted(perm_rows, key=display_user_sort)

1544

perm_rows = sorted(perm_rows, key=display_user_sort)

1545

1546

user_groups_rows = []

1546

user_groups_rows = []

1547

if expand_from_user_groups:

1547

if expand_from_user_groups:

1548

for ug in self.permission_user_groups(with_members=True):

1548

for ug in self.permission_user_groups(with_members=True):

1549

for user_data in ug.members:

1549

for user_data in ug.members:

1550

user_groups_rows.append(user_data)

1550

user_groups_rows.append(user_data)

1551

1552

return super_admin_rows + owner_row + perm_rows + user_groups_rows

1552

return super_admin_rows + owner_row + perm_rows + user_groups_rows

1553

1554

def permission_user_groups(self, with_members=False):

1554

def permission_user_groups(self, with_members=False):

1555

q = UserGroupUserGroupToPerm.query()\

1555

q = UserGroupUserGroupToPerm.query()\

1556

.filter(UserGroupUserGroupToPerm.target_user_group == self)

1556

.filter(UserGroupUserGroupToPerm.target_user_group == self)

1557

q = q.options(joinedload(UserGroupUserGroupToPerm.user_group),

1557

q = q.options(joinedload(UserGroupUserGroupToPerm.user_group),

1558

joinedload(UserGroupUserGroupToPerm.target_user_group),

1558

joinedload(UserGroupUserGroupToPerm.target_user_group),

1559

joinedload(UserGroupUserGroupToPerm.permission),)

1559

joinedload(UserGroupUserGroupToPerm.permission),)

1560

1561

perm_rows = []

1561

perm_rows = []

1562

for _user_group in q.all():

1562

for _user_group in q.all():

1563

entry = AttributeDict(_user_group.user_group.get_dict())

1563

entry = AttributeDict(_user_group.user_group.get_dict())

1564

entry.permission = _user_group.permission.permission_name

1564

entry.permission = _user_group.permission.permission_name

1565

if with_members:

1565

if with_members:

1566

entry.members = [x.user.get_dict()

1566

entry.members = [x.user.get_dict()

1567

for x in _user_group.user_group.members]

1567

for x in _user_group.user_group.members]

1568

perm_rows.append(entry)

1568

perm_rows.append(entry)

1569

1570

perm_rows = sorted(perm_rows, key=display_user_group_sort)

1570

perm_rows = sorted(perm_rows, key=display_user_group_sort)

1571

return perm_rows

1571

return perm_rows

1572

1573

def _get_default_perms(self, user_group, suffix=''):

1573

def _get_default_perms(self, user_group, suffix=''):

1574

from rhodecode.model.permission import PermissionModel

1574

from rhodecode.model.permission import PermissionModel

1575

return PermissionModel().get_default_perms(user_group.users_group_to_perm, suffix)

1575

return PermissionModel().get_default_perms(user_group.users_group_to_perm, suffix)

1576

1577

def get_default_perms(self, suffix=''):

1577

def get_default_perms(self, suffix=''):

1578

return self._get_default_perms(self, suffix)

1578

return self._get_default_perms(self, suffix)

1579

1580

def get_api_data(self, with_group_members=True, include_secrets=False):

1580

def get_api_data(self, with_group_members=True, include_secrets=False):

1581

"""

1581

"""

1582

:param include_secrets: See :meth:`User.get_api_data`, this parameter is

1582

:param include_secrets: See :meth:`User.get_api_data`, this parameter is

1583

basically forwarded.

1583

basically forwarded.

1584

1585

"""

1585

"""

1586

user_group = self

1586

user_group = self

1587

data = {

1587

data = {

1588

'users_group_id': user_group.users_group_id,

1588

'users_group_id': user_group.users_group_id,

1589

'group_name': user_group.users_group_name,

1589

'group_name': user_group.users_group_name,

1590

'group_description': user_group.user_group_description,

1590

'group_description': user_group.user_group_description,

1591

'active': user_group.users_group_active,

1591

'active': user_group.users_group_active,

1592

'owner': user_group.user.username,

1592

'owner': user_group.user.username,

1593

'sync': user_group.sync,

1593

'sync': user_group.sync,

1594

'owner_email': user_group.user.email,

1594

'owner_email': user_group.user.email,

1595

}

1595

}

1596

1597

if with_group_members:

1597

if with_group_members:

1598

users = []

1598

users = []

1599

for user in user_group.members:

1599

for user in user_group.members:

1600

user = user.user

1600

user = user.user

1601

users.append(user.get_api_data(include_secrets=include_secrets))

1601

users.append(user.get_api_data(include_secrets=include_secrets))

1602

data['users'] = users

1602

data['users'] = users

1603

1604

return data

1604

return data

1605

1606

1607

class UserGroupMember(Base, BaseModel):

1607

class UserGroupMember(Base, BaseModel):

1608

__tablename__ = 'users_groups_members'

1608

__tablename__ = 'users_groups_members'

1609

__table_args__ = (

1609

__table_args__ = (

1610

base_table_args,

1610

base_table_args,

1611

)

1611

)

1612

1613

users_group_member_id = Column("users_group_member_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

1613

users_group_member_id = Column("users_group_member_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

1614

users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)

1614

users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)

1615

user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)

1615

user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)

1616

1617

user = relationship('User', lazy='joined')

1617

user = relationship('User', lazy='joined')

1618

users_group = relationship('UserGroup')

1618

users_group = relationship('UserGroup')

1619

1620

def __init__(self, gr_id='', u_id=''):

1620

def __init__(self, gr_id='', u_id=''):

1621

self.users_group_id = gr_id

1621

self.users_group_id = gr_id

1622

self.user_id = u_id

1622

self.user_id = u_id

1623

1624

1625

class RepositoryField(Base, BaseModel):

1625

class RepositoryField(Base, BaseModel):

1626

__tablename__ = 'repositories_fields'

1626

__tablename__ = 'repositories_fields'

1627

__table_args__ = (

1627

__table_args__ = (

1628

UniqueConstraint('repository_id', 'field_key'), # no-multi field

1628

UniqueConstraint('repository_id', 'field_key'), # no-multi field

1629

base_table_args,

1629

base_table_args,

1630

)

1630

)

1631

1632

PREFIX = 'ex_' # prefix used in form to not conflict with already existing fields

1632

PREFIX = 'ex_' # prefix used in form to not conflict with already existing fields

1633

1634

repo_field_id = Column("repo_field_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

1634

repo_field_id = Column("repo_field_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

1635

repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)

1635

repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)

1636

field_key = Column("field_key", String(250))

1636

field_key = Column("field_key", String(250))

1637

field_label = Column("field_label", String(1024), nullable=False)

1637

field_label = Column("field_label", String(1024), nullable=False)

1638

field_value = Column("field_value", String(10000), nullable=False)

1638

field_value = Column("field_value", String(10000), nullable=False)

1639

field_desc = Column("field_desc", String(1024), nullable=False)

1639

field_desc = Column("field_desc", String(1024), nullable=False)

1640

field_type = Column("field_type", String(255), nullable=False, unique=None)

1640

field_type = Column("field_type", String(255), nullable=False, unique=None)

1641

created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

1641

created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

1642

1643

repository = relationship('Repository')

1643

repository = relationship('Repository')

1644

1645

@property

1645

@property

1646

def field_key_prefixed(self):

1646

def field_key_prefixed(self):

1647

return 'ex_%s' % self.field_key

1647

return 'ex_%s' % self.field_key

1648

1649

@classmethod

1649

@classmethod

1650

def un_prefix_key(cls, key):

1650

def un_prefix_key(cls, key):

1651

if key.startswith(cls.PREFIX):

1651

if key.startswith(cls.PREFIX):

1652

return key[len(cls.PREFIX):]

1652

return key[len(cls.PREFIX):]

1653

return key

1653

return key

1654

1655

@classmethod

1655

@classmethod

1656

def get_by_key_name(cls, key, repo):

1656

def get_by_key_name(cls, key, repo):

1657

row = cls.query()\

1657

row = cls.query()\

1658

.filter(cls.repository == repo)\

1658

.filter(cls.repository == repo)\

1659

.filter(cls.field_key == key).scalar()

1659

.filter(cls.field_key == key).scalar()

1660

return row

1660

return row

1661

1662

1663

class Repository(Base, BaseModel):

1663

class Repository(Base, BaseModel):

1664

__tablename__ = 'repositories'

1664

__tablename__ = 'repositories'

1665

__table_args__ = (

1665

__table_args__ = (

1666

Index('r_repo_name_idx', 'repo_name', mysql_length=255),

1666

Index('r_repo_name_idx', 'repo_name', mysql_length=255),

1667

base_table_args,

1667

base_table_args,

1668

)

1668

)

1669

DEFAULT_CLONE_URI = '{scheme}://{user}@{netloc}/{repo}'

1669

DEFAULT_CLONE_URI = '{scheme}://{user}@{netloc}/{repo}'

1670

DEFAULT_CLONE_URI_ID = '{scheme}://{user}@{netloc}/_{repoid}'

1670

DEFAULT_CLONE_URI_ID = '{scheme}://{user}@{netloc}/_{repoid}'

1671

DEFAULT_CLONE_URI_SSH = 'ssh://{sys_user}@{hostname}/{repo}'

1671

DEFAULT_CLONE_URI_SSH = 'ssh://{sys_user}@{hostname}/{repo}'

1672

1673

STATE_CREATED = 'repo_state_created'

1673

STATE_CREATED = 'repo_state_created'

1674

STATE_PENDING = 'repo_state_pending'

1674

STATE_PENDING = 'repo_state_pending'

1675

STATE_ERROR = 'repo_state_error'

1675

STATE_ERROR = 'repo_state_error'

1676

1677

LOCK_AUTOMATIC = 'lock_auto'

1677

LOCK_AUTOMATIC = 'lock_auto'

1678

LOCK_API = 'lock_api'

1678

LOCK_API = 'lock_api'

1679

LOCK_WEB = 'lock_web'

1679

LOCK_WEB = 'lock_web'

1680

LOCK_PULL = 'lock_pull'

1680

LOCK_PULL = 'lock_pull'

1681

1682

NAME_SEP = URL_SEP

1682

NAME_SEP = URL_SEP

1683

1684

repo_id = Column(

1684

repo_id = Column(

1685

"repo_id", Integer(), nullable=False, unique=True, default=None,

1685

"repo_id", Integer(), nullable=False, unique=True, default=None,

1686

primary_key=True)

1686

primary_key=True)

1687

_repo_name = Column(

1687

_repo_name = Column(

1688

"repo_name", Text(), nullable=False, default=None)

1688

"repo_name", Text(), nullable=False, default=None)

1689

repo_name_hash = Column(

1689

repo_name_hash = Column(

1690

"repo_name_hash", String(255), nullable=False, unique=True)

1690

"repo_name_hash", String(255), nullable=False, unique=True)

1691

repo_state = Column("repo_state", String(255), nullable=True)

1691

repo_state = Column("repo_state", String(255), nullable=True)

1692

1693

clone_uri = Column(

1693

clone_uri = Column(

1694

"clone_uri", EncryptedTextValue(), nullable=True, unique=False,

1694

"clone_uri", EncryptedTextValue(), nullable=True, unique=False,

1695

default=None)

1695

default=None)

1696

push_uri = Column(

1696

push_uri = Column(

1697

"push_uri", EncryptedTextValue(), nullable=True, unique=False,

1697

"push_uri", EncryptedTextValue(), nullable=True, unique=False,

1698

default=None)

1698

default=None)

1699

repo_type = Column(

1699

repo_type = Column(

1700

"repo_type", String(255), nullable=False, unique=False, default=None)

1700

"repo_type", String(255), nullable=False, unique=False, default=None)

1701

user_id = Column(

1701

user_id = Column(

1702

"user_id", Integer(), ForeignKey('users.user_id'), nullable=False,

1702

"user_id", Integer(), ForeignKey('users.user_id'), nullable=False,

1703

unique=False, default=None)

1703

unique=False, default=None)

1704

private = Column(

1704

private = Column(

1705

"private", Boolean(), nullable=True, unique=None, default=None)

1705

"private", Boolean(), nullable=True, unique=None, default=None)

1706

archived = Column(

1706

archived = Column(

1707

"archived", Boolean(), nullable=True, unique=None, default=None)

1707

"archived", Boolean(), nullable=True, unique=None, default=None)

1708

enable_statistics = Column(

1708

enable_statistics = Column(

1709

"statistics", Boolean(), nullable=True, unique=None, default=True)

1709

"statistics", Boolean(), nullable=True, unique=None, default=True)

1710

enable_downloads = Column(

1710

enable_downloads = Column(

1711

"downloads", Boolean(), nullable=True, unique=None, default=True)

1711

"downloads", Boolean(), nullable=True, unique=None, default=True)

1712

description = Column(

1712

description = Column(

1713

"description", String(10000), nullable=True, unique=None, default=None)

1713

"description", String(10000), nullable=True, unique=None, default=None)

1714

created_on = Column(

1714

created_on = Column(

1715

'created_on', DateTime(timezone=False), nullable=True, unique=None,

1715

'created_on', DateTime(timezone=False), nullable=True, unique=None,

1716

default=datetime.datetime.now)

1716

default=datetime.datetime.now)

1717

updated_on = Column(

1717

updated_on = Column(

1718

'updated_on', DateTime(timezone=False), nullable=True, unique=None,

1718

'updated_on', DateTime(timezone=False), nullable=True, unique=None,

1719

default=datetime.datetime.now)

1719

default=datetime.datetime.now)

1720

_landing_revision = Column(

1720

_landing_revision = Column(

1721

"landing_revision", String(255), nullable=False, unique=False,

1721

"landing_revision", String(255), nullable=False, unique=False,

1722

default=None)

1722

default=None)

1723

enable_locking = Column(

1723

enable_locking = Column(

1724

"enable_locking", Boolean(), nullable=False, unique=None,

1724

"enable_locking", Boolean(), nullable=False, unique=None,

1725

default=False)

1725

default=False)

1726

_locked = Column(

1726

_locked = Column(

1727

"locked", String(255), nullable=True, unique=False, default=None)

1727

"locked", String(255), nullable=True, unique=False, default=None)

1728

_changeset_cache = Column(

1728

_changeset_cache = Column(

1729

"changeset_cache", LargeBinary(), nullable=True) # JSON data

1729

"changeset_cache", LargeBinary(), nullable=True) # JSON data

1730

1731

fork_id = Column(

1731

fork_id = Column(

1732

"fork_id", Integer(), ForeignKey('repositories.repo_id'),

1732

"fork_id", Integer(), ForeignKey('repositories.repo_id'),

1733

nullable=True, unique=False, default=None)

1733

nullable=True, unique=False, default=None)

1734

group_id = Column(

1734

group_id = Column(

1735

"group_id", Integer(), ForeignKey('groups.group_id'), nullable=True,

1735

"group_id", Integer(), ForeignKey('groups.group_id'), nullable=True,

1736

unique=False, default=None)

1736

unique=False, default=None)

1737

1738

user = relationship('User', lazy='joined')

1738

user = relationship('User', lazy='joined')

1739

fork = relationship('Repository', remote_side=repo_id, lazy='joined')

1739

fork = relationship('Repository', remote_side=repo_id, lazy='joined')

1740

group = relationship('RepoGroup', lazy='joined')

1740

group = relationship('RepoGroup', lazy='joined')

1741

repo_to_perm = relationship(

1741

repo_to_perm = relationship(

1742

'UserRepoToPerm', cascade='all',

1742

'UserRepoToPerm', cascade='all',

1743

order_by='UserRepoToPerm.repo_to_perm_id')

1743

order_by='UserRepoToPerm.repo_to_perm_id')

1744

users_group_to_perm = relationship('UserGroupRepoToPerm', cascade='all')

1744

users_group_to_perm = relationship('UserGroupRepoToPerm', cascade='all')

1745

stats = relationship('Statistics', cascade='all', uselist=False)

1745

stats = relationship('Statistics', cascade='all', uselist=False)

1746

1747

followers = relationship(

1747

followers = relationship(

1748

'UserFollowing',

1748

'UserFollowing',

1749

primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id',

1749

primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id',

1750

cascade='all')

1750

cascade='all')

1751

extra_fields = relationship(

1751

extra_fields = relationship(

1752

'RepositoryField', cascade="all, delete-orphan")

1752

'RepositoryField', cascade="all, delete-orphan")

1753

logs = relationship('UserLog')

1753

logs = relationship('UserLog')

1754

comments = relationship(

1754

comments = relationship(

1755

'ChangesetComment', cascade="all, delete-orphan")

1755

'ChangesetComment', cascade="all, delete-orphan")

1756

pull_requests_source = relationship(

1756

pull_requests_source = relationship(

1757

'PullRequest',

1757

'PullRequest',

1758

primaryjoin='PullRequest.source_repo_id==Repository.repo_id',

1758

primaryjoin='PullRequest.source_repo_id==Repository.repo_id',

1759

cascade="all, delete-orphan")

1759

cascade="all, delete-orphan")

1760

pull_requests_target = relationship(

1760

pull_requests_target = relationship(

1761

'PullRequest',

1761

'PullRequest',

1762

primaryjoin='PullRequest.target_repo_id==Repository.repo_id',

1762

primaryjoin='PullRequest.target_repo_id==Repository.repo_id',

1763

cascade="all, delete-orphan")

1763

cascade="all, delete-orphan")

1764

ui = relationship('RepoRhodeCodeUi', cascade="all")

1764

ui = relationship('RepoRhodeCodeUi', cascade="all")

1765

settings = relationship('RepoRhodeCodeSetting', cascade="all")

1765

settings = relationship('RepoRhodeCodeSetting', cascade="all")

1766

integrations = relationship('Integration', cascade="all, delete-orphan")

1766

integrations = relationship('Integration', cascade="all, delete-orphan")

1767

1768

scoped_tokens = relationship('UserApiKeys', cascade="all")

1768

scoped_tokens = relationship('UserApiKeys', cascade="all")

1769

1770

# no cascade, set NULL

1770

# no cascade, set NULL

1771

artifacts = relationship('FileStore', primaryjoin='FileStore.scope_repo_id==Repository.repo_id')

1771

artifacts = relationship('FileStore', primaryjoin='FileStore.scope_repo_id==Repository.repo_id')

1772

1773

def __unicode__(self):

1773

def __unicode__(self):

1774

return u"<%s('%s:%s')>" % (self.__class__.__name__, self.repo_id,

1774

return u"<%s('%s:%s')>" % (self.__class__.__name__, self.repo_id,

1775

safe_unicode(self.repo_name))

1775

safe_unicode(self.repo_name))

1776

1777

@hybrid_property

1777

@hybrid_property

1778

def description_safe(self):

1778

def description_safe(self):

1779

from rhodecode.lib import helpers as h

1779

from rhodecode.lib import helpers as h

1780

return h.escape(self.description)

1780

return h.escape(self.description)

1781

1782

@hybrid_property

1782

@hybrid_property

1783

def landing_rev(self):

1783

def landing_rev(self):

1784

# always should return [rev_type, rev], e.g ['branch', 'master']

1784

# always should return [rev_type, rev], e.g ['branch', 'master']

1785

if self._landing_revision:

1785

if self._landing_revision:

1786

_rev_info = self._landing_revision.split(':')

1786

_rev_info = self._landing_revision.split(':')

1787

if len(_rev_info) < 2:

1787

if len(_rev_info) < 2:

1788

_rev_info.insert(0, 'rev')

1788

_rev_info.insert(0, 'rev')

1789

return [_rev_info[0], _rev_info[1]]

1789

return [_rev_info[0], _rev_info[1]]

1790

return [None, None]

1790

return [None, None]

1791

1792

@property

1792

@property

1793

def landing_ref_type(self):

1793

def landing_ref_type(self):

1794

return self.landing_rev[0]

1794

return self.landing_rev[0]

1795

1796

@property

1796

@property

1797

def landing_ref_name(self):

1797

def landing_ref_name(self):

1798

return self.landing_rev[1]

1798

return self.landing_rev[1]

1799

1800

@landing_rev.setter

1800

@landing_rev.setter

1801

def landing_rev(self, val):

1801

def landing_rev(self, val):

1802

if ':' not in val:

1802

if ':' not in val:

1803

raise ValueError('value must be delimited with `:` and consist '

1803

raise ValueError('value must be delimited with `:` and consist '

1804

'of <rev_type>:<rev>, got %s instead' % val)

1804

'of <rev_type>:<rev>, got %s instead' % val)

1805

self._landing_revision = val

1805

self._landing_revision = val

1806

1807

@hybrid_property

1807

@hybrid_property

1808

def locked(self):

1808

def locked(self):

1809

if self._locked:

1809

if self._locked:

1810

user_id, timelocked, reason = self._locked.split(':')

1810

user_id, timelocked, reason = self._locked.split(':')

1811

lock_values = int(user_id), timelocked, reason

1811

lock_values = int(user_id), timelocked, reason

1812

else:

1812

else:

1813

lock_values = [None, None, None]

1813

lock_values = [None, None, None]

1814

return lock_values

1814

return lock_values

1815

1816

@locked.setter

1816

@locked.setter

1817

def locked(self, val):

1817

def locked(self, val):

1818

if val and isinstance(val, (list, tuple)):

1818

if val and isinstance(val, (list, tuple)):

1819

self._locked = ':'.join(map(str, val))

1819

self._locked = ':'.join(map(str, val))

1820

else:

1820

else:

1821

self._locked = None

1821

self._locked = None

1822

1823

@classmethod

1823

@classmethod

1824

def _load_changeset_cache(cls, repo_id, changeset_cache_raw):

1824

def _load_changeset_cache(cls, repo_id, changeset_cache_raw):

1825

from rhodecode.lib.vcs.backends.base import EmptyCommit

1825

from rhodecode.lib.vcs.backends.base import EmptyCommit

1826

dummy = EmptyCommit().__json__()

1826

dummy = EmptyCommit().__json__()

1827

if not changeset_cache_raw:

1827

if not changeset_cache_raw:

1828

dummy['source_repo_id'] = repo_id

1828

dummy['source_repo_id'] = repo_id

1829

return json.loads(json.dumps(dummy))

1829

return json.loads(json.dumps(dummy))

1830

1831

try:

1831

try:

1832

return json.loads(changeset_cache_raw)

1832

return json.loads(changeset_cache_raw)

1833

except TypeError:

1833

except TypeError:

1834

return dummy

1834

return dummy

1835

except Exception:

1835

except Exception:

1836

log.error(traceback.format_exc())

1836

log.error(traceback.format_exc())

1837

return dummy

1837

return dummy

1838

1839

@hybrid_property

1839

@hybrid_property

1840

def changeset_cache(self):

1840

def changeset_cache(self):

1841

return self._load_changeset_cache(self.repo_id, self._changeset_cache)

1841

return self._load_changeset_cache(self.repo_id, self._changeset_cache)

1842

1843

@changeset_cache.setter

1843

@changeset_cache.setter

1844

def changeset_cache(self, val):

1844

def changeset_cache(self, val):

1845

try:

1845

try:

1846

self._changeset_cache = json.dumps(val)

1846

self._changeset_cache = json.dumps(val)

1847

except Exception:

1847

except Exception:

1848

log.error(traceback.format_exc())

1848

log.error(traceback.format_exc())

1849

1850

@hybrid_property

1850

@hybrid_property

1851

def repo_name(self):

1851

def repo_name(self):

1852

return self._repo_name

1852

return self._repo_name

1853

1854

@repo_name.setter

1854

@repo_name.setter

1855

def repo_name(self, value):

1855

def repo_name(self, value):

1856

self._repo_name = value

1856

self._repo_name = value

1857

self.repo_name_hash = hashlib.sha1(safe_str(value)).hexdigest()

1857

self.repo_name_hash = hashlib.sha1(safe_str(value)).hexdigest()

1858

1859

@classmethod

1859

@classmethod

1860

def normalize_repo_name(cls, repo_name):

1860

def normalize_repo_name(cls, repo_name):

1861

"""

1861

"""

1862

Normalizes os specific repo_name to the format internally stored inside

1862

Normalizes os specific repo_name to the format internally stored inside

1863

database using URL_SEP

1863

database using URL_SEP

1864

1865

:param cls:

1865

:param cls:

1866

:param repo_name:

1866

:param repo_name:

1867

"""

1867

"""

1868

return cls.NAME_SEP.join(repo_name.split(os.sep))

1868

return cls.NAME_SEP.join(repo_name.split(os.sep))

1869

1870

@classmethod

1870

@classmethod

1871

def get_by_repo_name(cls, repo_name, cache=False, identity_cache=False):

1871

def get_by_repo_name(cls, repo_name, cache=False, identity_cache=False):

1872

session = Session()

1872

session = Session()

1873

q = session.query(cls).filter(cls.repo_name == repo_name)

1873

q = session.query(cls).filter(cls.repo_name == repo_name)

1874

1875

if cache:

1875

if cache:

1876

if identity_cache:

1876

if identity_cache:

1877

val = cls.identity_cache(session, 'repo_name', repo_name)

1877

val = cls.identity_cache(session, 'repo_name', repo_name)

1878

if val:

1878

if val:

1879

return val

1879

return val

1880

else:

1880

else:

1881

cache_key = "get_repo_by_name_%s" % _hash_key(repo_name)

1881

cache_key = "get_repo_by_name_%s" % _hash_key(repo_name)

1882

q = q.options(

1882

q = q.options(

1883

FromCache("sql_cache_short", cache_key))

1883

FromCache("sql_cache_short", cache_key))

1884

1885

return q.scalar()

1885

return q.scalar()

1886

1887

@classmethod

1887

@classmethod

1888

def get_by_id_or_repo_name(cls, repoid):

1888

def get_by_id_or_repo_name(cls, repoid):

1889

if isinstance(repoid, (int, long)):

1889

if isinstance(repoid, (int, long)):

1890

try:

1890

try:

1891

repo = cls.get(repoid)

1891

repo = cls.get(repoid)

1892

except ValueError:

1892

except ValueError:

1893

repo = None

1893

repo = None

1894

else:

1894

else:

1895

repo = cls.get_by_repo_name(repoid)

1895

repo = cls.get_by_repo_name(repoid)

1896

return repo

1896

return repo

1897

1898

@classmethod

1898

@classmethod

1899

def get_by_full_path(cls, repo_full_path):

1899

def get_by_full_path(cls, repo_full_path):

1900

repo_name = repo_full_path.split(cls.base_path(), 1)[-1]

1900

repo_name = repo_full_path.split(cls.base_path(), 1)[-1]

1901

repo_name = cls.normalize_repo_name(repo_name)

1901

repo_name = cls.normalize_repo_name(repo_name)

1902

return cls.get_by_repo_name(repo_name.strip(URL_SEP))

1902

return cls.get_by_repo_name(repo_name.strip(URL_SEP))

1903

1904

@classmethod

1904

@classmethod

1905

def get_repo_forks(cls, repo_id):

1905

def get_repo_forks(cls, repo_id):

1906

return cls.query().filter(Repository.fork_id == repo_id)

1906

return cls.query().filter(Repository.fork_id == repo_id)

1907

1908

@classmethod

1908

@classmethod

1909

def base_path(cls):

1909

def base_path(cls):

1910

"""

1910

"""

1911

Returns base path when all repos are stored

1911

Returns base path when all repos are stored

1912

1913

:param cls:

1913

:param cls:

1914

"""

1914

"""

1915

q = Session().query(RhodeCodeUi)\

1915

q = Session().query(RhodeCodeUi)\

1916

.filter(RhodeCodeUi.ui_key == cls.NAME_SEP)

1916

.filter(RhodeCodeUi.ui_key == cls.NAME_SEP)

1917

q = q.options(FromCache("sql_cache_short", "repository_repo_path"))

1917

q = q.options(FromCache("sql_cache_short", "repository_repo_path"))

1918

return q.one().ui_value

1918

return q.one().ui_value

1919

1920

@classmethod

1920

@classmethod

1921

def get_all_repos(cls, user_id=Optional(None), group_id=Optional(None),

1921

def get_all_repos(cls, user_id=Optional(None), group_id=Optional(None),

1922

case_insensitive=True, archived=False):

1922

case_insensitive=True, archived=False):

1923

q = Repository.query()

1923

q = Repository.query()

1924

1925

if not archived:

1925

if not archived:

1926

q = q.filter(Repository.archived.isnot(true()))

1926

q = q.filter(Repository.archived.isnot(true()))

1927

1928

if not isinstance(user_id, Optional):

1928

if not isinstance(user_id, Optional):

1929

q = q.filter(Repository.user_id == user_id)

1929

q = q.filter(Repository.user_id == user_id)

1930

1931

if not isinstance(group_id, Optional):

1931

if not isinstance(group_id, Optional):

1932

q = q.filter(Repository.group_id == group_id)

1932

q = q.filter(Repository.group_id == group_id)

1933

1934

if case_insensitive:

1934

if case_insensitive:

1935

q = q.order_by(func.lower(Repository.repo_name))

1935

q = q.order_by(func.lower(Repository.repo_name))

1936

else:

1936

else:

1937

q = q.order_by(Repository.repo_name)

1937

q = q.order_by(Repository.repo_name)

1938

1939

return q.all()

1939

return q.all()

1940

1941

@property

1941

@property

1942

def repo_uid(self):

1942

def repo_uid(self):

1943

return '_{}'.format(self.repo_id)

1943

return '_{}'.format(self.repo_id)

1944

1945

@property

1945

@property

1946

def forks(self):

1946

def forks(self):

1947

"""

1947

"""

1948

Return forks of this repo

1948

Return forks of this repo

1949

"""

1949

"""

1950

return Repository.get_repo_forks(self.repo_id)

1950

return Repository.get_repo_forks(self.repo_id)

1951

1952

@property

1952

@property

1953

def parent(self):

1953

def parent(self):

1954

"""

1954

"""

1955

Returns fork parent

1955

Returns fork parent

1956

"""

1956

"""

1957

return self.fork

1957

return self.fork

1958

1959

@property

1959

@property

1960

def just_name(self):

1960

def just_name(self):

1961

return self.repo_name.split(self.NAME_SEP)[-1]

1961

return self.repo_name.split(self.NAME_SEP)[-1]

1962

1963

@property

1963

@property

1964

def groups_with_parents(self):

1964

def groups_with_parents(self):

1965

groups = []

1965

groups = []

1966

if self.group is None:

1966

if self.group is None:

1967

return groups

1967

return groups

1968

1969

cur_gr = self.group

1969

cur_gr = self.group

1970

groups.insert(0, cur_gr)

1970

groups.insert(0, cur_gr)

1971

while 1:

1971

while 1:

1972

gr = getattr(cur_gr, 'parent_group', None)

1972

gr = getattr(cur_gr, 'parent_group', None)

1973

cur_gr = cur_gr.parent_group

1973

cur_gr = cur_gr.parent_group

1974

if gr is None:

1974

if gr is None:

1975

break

1975

break

1976

groups.insert(0, gr)

1976

groups.insert(0, gr)

1977

1978

return groups

1978

return groups

1979

1980

@property

1980

@property

1981

def groups_and_repo(self):

1981

def groups_and_repo(self):

1982

return self.groups_with_parents, self

1982

return self.groups_with_parents, self

1983

1984

@LazyProperty

1984

@LazyProperty

1985

def repo_path(self):

1985

def repo_path(self):

1986

"""

1986

"""

1987

Returns base full path for that repository means where it actually

1987

Returns base full path for that repository means where it actually

1988

exists on a filesystem

1988

exists on a filesystem

1989

"""

1989

"""

1990

q = Session().query(RhodeCodeUi).filter(

1990

q = Session().query(RhodeCodeUi).filter(

1991

RhodeCodeUi.ui_key == self.NAME_SEP)

1991

RhodeCodeUi.ui_key == self.NAME_SEP)

1992

q = q.options(FromCache("sql_cache_short", "repository_repo_path"))

1992

q = q.options(FromCache("sql_cache_short", "repository_repo_path"))

1993

return q.one().ui_value

1993

return q.one().ui_value

1994

1995

@property

1995

@property

1996

def repo_full_path(self):

1996

def repo_full_path(self):

1997

p = [self.repo_path]

1997

p = [self.repo_path]

1998

# we need to split the name by / since this is how we store the

1998

# we need to split the name by / since this is how we store the

1999

# names in the database, but that eventually needs to be converted

1999

# names in the database, but that eventually needs to be converted

2000

# into a valid system path

2000

# into a valid system path

2001

p += self.repo_name.split(self.NAME_SEP)

2001

p += self.repo_name.split(self.NAME_SEP)

2002

return os.path.join(*map(safe_unicode, p))

2002

return os.path.join(*map(safe_unicode, p))

2003

2004

@property

2004

@property

2005

def cache_keys(self):

2005

def cache_keys(self):

2006

"""

2006

"""

2007

Returns associated cache keys for that repo

2007

Returns associated cache keys for that repo

2008

"""

2008

"""

2009

invalidation_namespace = CacheKey.REPO_INVALIDATION_NAMESPACE.format(

2009

invalidation_namespace = CacheKey.REPO_INVALIDATION_NAMESPACE.format(

2010

repo_id=self.repo_id)

2010

repo_id=self.repo_id)

2011

return CacheKey.query()\

2011

return CacheKey.query()\

2012

.filter(CacheKey.cache_args == invalidation_namespace)\

2012

.filter(CacheKey.cache_args == invalidation_namespace)\

2013

.order_by(CacheKey.cache_key)\

2013

.order_by(CacheKey.cache_key)\

2014

.all()

2014

.all()

2015

2016

@property

2016

@property

2017

def cached_diffs_relative_dir(self):

2017

def cached_diffs_relative_dir(self):

2018

"""

2018

"""

2019

Return a relative to the repository store path of cached diffs

2019

Return a relative to the repository store path of cached diffs

2020

used for safe display for users, who shouldn't know the absolute store

2020

used for safe display for users, who shouldn't know the absolute store

2021

path

2021

path

2022

"""

2022

"""

2023

return os.path.join(

2023

return os.path.join(

2024

os.path.dirname(self.repo_name),

2024

os.path.dirname(self.repo_name),

2025

self.cached_diffs_dir.split(os.path.sep)[-1])

2025

self.cached_diffs_dir.split(os.path.sep)[-1])

2026

2027

@property

2027

@property

2028

def cached_diffs_dir(self):

2028

def cached_diffs_dir(self):

2029

path = self.repo_full_path

2029

path = self.repo_full_path

2030

return os.path.join(

2030

return os.path.join(

2031

os.path.dirname(path),

2031

os.path.dirname(path),

2032

'.__shadow_diff_cache_repo_{}'.format(self.repo_id))

2032

'.__shadow_diff_cache_repo_{}'.format(self.repo_id))

2033

2034

def cached_diffs(self):

2034

def cached_diffs(self):

2035

diff_cache_dir = self.cached_diffs_dir

2035

diff_cache_dir = self.cached_diffs_dir

2036

if os.path.isdir(diff_cache_dir):

2036

if os.path.isdir(diff_cache_dir):

2037

return os.listdir(diff_cache_dir)

2037

return os.listdir(diff_cache_dir)

2038

return []

2038

return []

2039

2040

def shadow_repos(self):

2040

def shadow_repos(self):

2041

shadow_repos_pattern = '.__shadow_repo_{}'.format(self.repo_id)

2041

shadow_repos_pattern = '.__shadow_repo_{}'.format(self.repo_id)

2042

return [

2042

return [

2043

x for x in os.listdir(os.path.dirname(self.repo_full_path))

2043

x for x in os.listdir(os.path.dirname(self.repo_full_path))

2044

if x.startswith(shadow_repos_pattern)]

2044

if x.startswith(shadow_repos_pattern)]

2045

2046

def get_new_name(self, repo_name):

2046

def get_new_name(self, repo_name):

2047

"""

2047

"""

2048

returns new full repository name based on assigned group and new new

2048

returns new full repository name based on assigned group and new new

2049

2050

:param group_name:

2050

:param group_name:

2051

"""

2051

"""

2052

path_prefix = self.group.full_path_splitted if self.group else []

2052

path_prefix = self.group.full_path_splitted if self.group else []

2053

return self.NAME_SEP.join(path_prefix + [repo_name])

2053

return self.NAME_SEP.join(path_prefix + [repo_name])

2054

2055

@property

2055

@property

2056

def _config(self):

2056

def _config(self):

2057

"""

2057

"""

2058

Returns db based config object.

2058

Returns db based config object.

2059

"""

2059

"""

2060

from rhodecode.lib.utils import make_db_config

2060

from rhodecode.lib.utils import make_db_config

2061

return make_db_config(clear_session=False, repo=self)

2061

return make_db_config(clear_session=False, repo=self)

2062

2063

def permissions(self, with_admins=True, with_owner=True,

2063

def permissions(self, with_admins=True, with_owner=True,

2064

expand_from_user_groups=False):

2064

expand_from_user_groups=False):

2065

"""

2065

"""

2066

Permissions for repositories

2066

Permissions for repositories

2067

"""

2067

"""

2068

_admin_perm = 'repository.admin'

2068

_admin_perm = 'repository.admin'

2069

2070

owner_row = []

2070

owner_row = []

2071

if with_owner:

2071

if with_owner:

2072

usr = AttributeDict(self.user.get_dict())

2072

usr = AttributeDict(self.user.get_dict())

2073

usr.owner_row = True

2073

usr.owner_row = True

2074

usr.permission = _admin_perm

2074

usr.permission = _admin_perm

2075

usr.permission_id = None

2075

usr.permission_id = None

2076

owner_row.append(usr)

2076

owner_row.append(usr)

2077

2078

super_admin_ids = []

2078

super_admin_ids = []

2079

super_admin_rows = []

2079

super_admin_rows = []

2080

if with_admins:

2080

if with_admins:

2081

for usr in User.get_all_super_admins():

2081

for usr in User.get_all_super_admins():

2082

super_admin_ids.append(usr.user_id)

2082

super_admin_ids.append(usr.user_id)

2083

# if this admin is also owner, don't double the record

2083

# if this admin is also owner, don't double the record

2084

if usr.user_id == owner_row[0].user_id:

2084

if usr.user_id == owner_row[0].user_id:

2085

owner_row[0].admin_row = True

2085

owner_row[0].admin_row = True

2086

else:

2086

else:

2087

usr = AttributeDict(usr.get_dict())

2087

usr = AttributeDict(usr.get_dict())

2088

usr.admin_row = True

2088

usr.admin_row = True

2089

usr.permission = _admin_perm

2089

usr.permission = _admin_perm

2090

usr.permission_id = None

2090

usr.permission_id = None

2091

super_admin_rows.append(usr)

2091

super_admin_rows.append(usr)

2092

2093

q = UserRepoToPerm.query().filter(UserRepoToPerm.repository == self)

2093

q = UserRepoToPerm.query().filter(UserRepoToPerm.repository == self)

2094

q = q.options(joinedload(UserRepoToPerm.repository),

2094

q = q.options(joinedload(UserRepoToPerm.repository),

2095

joinedload(UserRepoToPerm.user),

2095

joinedload(UserRepoToPerm.user),

2096

joinedload(UserRepoToPerm.permission),)

2096

joinedload(UserRepoToPerm.permission),)

2097

2098

# get owners and admins and permissions. We do a trick of re-writing

2098

# get owners and admins and permissions. We do a trick of re-writing

2099

# objects from sqlalchemy to named-tuples due to sqlalchemy session

2099

# objects from sqlalchemy to named-tuples due to sqlalchemy session

2100

# has a global reference and changing one object propagates to all

2100

# has a global reference and changing one object propagates to all

2101

# others. This means if admin is also an owner admin_row that change

2101

# others. This means if admin is also an owner admin_row that change

2102

# would propagate to both objects

2102

# would propagate to both objects

2103

perm_rows = []

2103

perm_rows = []

2104

for _usr in q.all():

2104

for _usr in q.all():

2105

usr = AttributeDict(_usr.user.get_dict())

2105

usr = AttributeDict(_usr.user.get_dict())

2106

# if this user is also owner/admin, mark as duplicate record

2106

# if this user is also owner/admin, mark as duplicate record

2107

if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:

2107

if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:

2108

usr.duplicate_perm = True

2108

usr.duplicate_perm = True

2109

# also check if this permission is maybe used by branch_permissions

2109

# also check if this permission is maybe used by branch_permissions

2110

if _usr.branch_perm_entry:

2110

if _usr.branch_perm_entry:

2111

usr.branch_rules = [x.branch_rule_id for x in _usr.branch_perm_entry]

2111

usr.branch_rules = [x.branch_rule_id for x in _usr.branch_perm_entry]

2112

2113

usr.permission = _usr.permission.permission_name

2113

usr.permission = _usr.permission.permission_name

2114

usr.permission_id = _usr.repo_to_perm_id

2114

usr.permission_id = _usr.repo_to_perm_id

2115

perm_rows.append(usr)

2115

perm_rows.append(usr)

2116

2117

# filter the perm rows by 'default' first and then sort them by

2117

# filter the perm rows by 'default' first and then sort them by

2118

# admin,write,read,none permissions sorted again alphabetically in

2118

# admin,write,read,none permissions sorted again alphabetically in

2119

# each group

2119

# each group

2120

perm_rows = sorted(perm_rows, key=display_user_sort)

2120

perm_rows = sorted(perm_rows, key=display_user_sort)

2121

2122

user_groups_rows = []

2122

user_groups_rows = []

2123

if expand_from_user_groups:

2123

if expand_from_user_groups:

2124

for ug in self.permission_user_groups(with_members=True):

2124

for ug in self.permission_user_groups(with_members=True):

2125

for user_data in ug.members:

2125

for user_data in ug.members:

2126

user_groups_rows.append(user_data)

2126

user_groups_rows.append(user_data)

2127

2128

return super_admin_rows + owner_row + perm_rows + user_groups_rows

2128

return super_admin_rows + owner_row + perm_rows + user_groups_rows

2129

2130

def permission_user_groups(self, with_members=True):

2130

def permission_user_groups(self, with_members=True):

2131

q = UserGroupRepoToPerm.query()\

2131

q = UserGroupRepoToPerm.query()\

2132

.filter(UserGroupRepoToPerm.repository == self)

2132

.filter(UserGroupRepoToPerm.repository == self)

2133

q = q.options(joinedload(UserGroupRepoToPerm.repository),

2133

q = q.options(joinedload(UserGroupRepoToPerm.repository),

2134

joinedload(UserGroupRepoToPerm.users_group),

2134

joinedload(UserGroupRepoToPerm.users_group),

2135

joinedload(UserGroupRepoToPerm.permission),)

2135

joinedload(UserGroupRepoToPerm.permission),)

2136

2137

perm_rows = []

2137

perm_rows = []

2138

for _user_group in q.all():

2138

for _user_group in q.all():

2139

entry = AttributeDict(_user_group.users_group.get_dict())

2139

entry = AttributeDict(_user_group.users_group.get_dict())

2140

entry.permission = _user_group.permission.permission_name

2140

entry.permission = _user_group.permission.permission_name

2141

if with_members:

2141

if with_members:

2142

entry.members = [x.user.get_dict()

2142

entry.members = [x.user.get_dict()

2143

for x in _user_group.users_group.members]

2143

for x in _user_group.users_group.members]

2144

perm_rows.append(entry)

2144

perm_rows.append(entry)

2145

2146

perm_rows = sorted(perm_rows, key=display_user_group_sort)

2146

perm_rows = sorted(perm_rows, key=display_user_group_sort)

2147

return perm_rows

2147

return perm_rows

2148

2149

def get_api_data(self, include_secrets=False):

2149

def get_api_data(self, include_secrets=False):

2150

"""

2150

"""

2151

Common function for generating repo api data

2151

Common function for generating repo api data

2152

2153

:param include_secrets: See :meth:`User.get_api_data`.

2153

:param include_secrets: See :meth:`User.get_api_data`.

2154

2155

"""

2155

"""

2156

# TODO: mikhail: Here there is an anti-pattern, we probably need to

2156

# TODO: mikhail: Here there is an anti-pattern, we probably need to

2157

# move this methods on models level.

2157

# move this methods on models level.

2158

from rhodecode.model.settings import SettingsModel

2158

from rhodecode.model.settings import SettingsModel

2159

from rhodecode.model.repo import RepoModel

2159

from rhodecode.model.repo import RepoModel

2160

2161

repo = self

2161

repo = self

2162

_user_id, _time, _reason = self.locked

2162

_user_id, _time, _reason = self.locked

2163

2164

data = {

2164

data = {

2165

'repo_id': repo.repo_id,

2165

'repo_id': repo.repo_id,

2166

'repo_name': repo.repo_name,

2166

'repo_name': repo.repo_name,

2167

'repo_type': repo.repo_type,

2167

'repo_type': repo.repo_type,

2168

'clone_uri': repo.clone_uri or '',

2168

'clone_uri': repo.clone_uri or '',

2169

'push_uri': repo.push_uri or '',

2169

'push_uri': repo.push_uri or '',

2170

'url': RepoModel().get_url(self),

2170

'url': RepoModel().get_url(self),

2171

'private': repo.private,

2171

'private': repo.private,

2172

'created_on': repo.created_on,

2172

'created_on': repo.created_on,

2173

'description': repo.description_safe,

2173

'description': repo.description_safe,

2174

'landing_rev': repo.landing_rev,

2174

'landing_rev': repo.landing_rev,

2175

'owner': repo.user.username,

2175

'owner': repo.user.username,

2176

'fork_of': repo.fork.repo_name if repo.fork else None,

2176

'fork_of': repo.fork.repo_name if repo.fork else None,

2177

'fork_of_id': repo.fork.repo_id if repo.fork else None,

2177

'fork_of_id': repo.fork.repo_id if repo.fork else None,

2178

'enable_statistics': repo.enable_statistics,

2178

'enable_statistics': repo.enable_statistics,

2179

'enable_locking': repo.enable_locking,

2179

'enable_locking': repo.enable_locking,

2180

'enable_downloads': repo.enable_downloads,

2180

'enable_downloads': repo.enable_downloads,

2181

'last_changeset': repo.changeset_cache,

2181

'last_changeset': repo.changeset_cache,

2182

'locked_by': User.get(_user_id).get_api_data(

2182

'locked_by': User.get(_user_id).get_api_data(

2183

include_secrets=include_secrets) if _user_id else None,

2183

include_secrets=include_secrets) if _user_id else None,

2184

'locked_date': time_to_datetime(_time) if _time else None,

2184

'locked_date': time_to_datetime(_time) if _time else None,

2185

'lock_reason': _reason if _reason else None,

2185

'lock_reason': _reason if _reason else None,

2186

}

2186

}

2187

2188

# TODO: mikhail: should be per-repo settings here

2188

# TODO: mikhail: should be per-repo settings here

2189

rc_config = SettingsModel().get_all_settings()

2189

rc_config = SettingsModel().get_all_settings()

2190

repository_fields = str2bool(

2190

repository_fields = str2bool(

2191

rc_config.get('rhodecode_repository_fields'))

2191

rc_config.get('rhodecode_repository_fields'))

2192

if repository_fields:

2192

if repository_fields:

2193

for f in self.extra_fields:

2193

for f in self.extra_fields:

2194

data[f.field_key_prefixed] = f.field_value

2194

data[f.field_key_prefixed] = f.field_value

2195

2196

return data

2196

return data

2197

2198

@classmethod

2198

@classmethod

2199

def lock(cls, repo, user_id, lock_time=None, lock_reason=None):

2199

def lock(cls, repo, user_id, lock_time=None, lock_reason=None):

2200

if not lock_time:

2200

if not lock_time:

2201

lock_time = time.time()

2201

lock_time = time.time()

2202

if not lock_reason:

2202

if not lock_reason:

2203

lock_reason = cls.LOCK_AUTOMATIC

2203

lock_reason = cls.LOCK_AUTOMATIC

2204

repo.locked = [user_id, lock_time, lock_reason]

2204

repo.locked = [user_id, lock_time, lock_reason]

2205

Session().add(repo)

2205

Session().add(repo)

2206

Session().commit()

2206

Session().commit()

2207

2208

@classmethod

2208

@classmethod

2209

def unlock(cls, repo):

2209

def unlock(cls, repo):

2210

repo.locked = None

2210

repo.locked = None

2211

Session().add(repo)

2211

Session().add(repo)

2212

Session().commit()

2212

Session().commit()

2213

2214

@classmethod

2214

@classmethod

2215

def getlock(cls, repo):

2215

def getlock(cls, repo):

2216

return repo.locked

2216

return repo.locked

2217

2218

def is_user_lock(self, user_id):

2218

def is_user_lock(self, user_id):

2219

if self.lock[0]:

2219

if self.lock[0]:

2220

lock_user_id = safe_int(self.lock[0])

2220

lock_user_id = safe_int(self.lock[0])

2221

user_id = safe_int(user_id)

2221

user_id = safe_int(user_id)

2222

# both are ints, and they are equal

2222

# both are ints, and they are equal

2223

return all([lock_user_id, user_id]) and lock_user_id == user_id

2223

return all([lock_user_id, user_id]) and lock_user_id == user_id

2224

2225

return False

2225

return False

2226

2227

def get_locking_state(self, action, user_id, only_when_enabled=True):

2227

def get_locking_state(self, action, user_id, only_when_enabled=True):

2228

"""

2228

"""

2229

Checks locking on this repository, if locking is enabled and lock is

2229

Checks locking on this repository, if locking is enabled and lock is

2230

present returns a tuple of make_lock, locked, locked_by.

2230

present returns a tuple of make_lock, locked, locked_by.

2231

make_lock can have 3 states None (do nothing) True, make lock

2231

make_lock can have 3 states None (do nothing) True, make lock

2232

False release lock, This value is later propagated to hooks, which

2232

False release lock, This value is later propagated to hooks, which

2233

do the locking. Think about this as signals passed to hooks what to do.

2233

do the locking. Think about this as signals passed to hooks what to do.

2234

2235

"""

2235

"""

2236

# TODO: johbo: This is part of the business logic and should be moved

2236

# TODO: johbo: This is part of the business logic and should be moved

2237

# into the RepositoryModel.

2237

# into the RepositoryModel.

2238

2239

if action not in ('push', 'pull'):

2239

if action not in ('push', 'pull'):

2240

raise ValueError("Invalid action value: %s" % repr(action))

2240

raise ValueError("Invalid action value: %s" % repr(action))

2241

2242

# defines if locked error should be thrown to user

2242

# defines if locked error should be thrown to user

2243

currently_locked = False

2243

currently_locked = False

2244

# defines if new lock should be made, tri-state

2244

# defines if new lock should be made, tri-state

2245

make_lock = None

2245

make_lock = None

2246

repo = self

2246

repo = self

2247

user = User.get(user_id)

2247

user = User.get(user_id)

2248

2249

lock_info = repo.locked

2249

lock_info = repo.locked

2250

2251

if repo and (repo.enable_locking or not only_when_enabled):

2251

if repo and (repo.enable_locking or not only_when_enabled):

2252

if action == 'push':

2252

if action == 'push':

2253

# check if it's already locked !, if it is compare users

2253

# check if it's already locked !, if it is compare users

2254

locked_by_user_id = lock_info[0]

2254

locked_by_user_id = lock_info[0]

2255

if user.user_id == locked_by_user_id:

2255

if user.user_id == locked_by_user_id:

2256

log.debug(

2256

log.debug(

2257

'Got `push` action from user %s, now unlocking', user)

2257

'Got `push` action from user %s, now unlocking', user)

2258

# unlock if we have push from user who locked

2258

# unlock if we have push from user who locked

2259

make_lock = False

2259

make_lock = False

2260

else:

2260

else:

2261

# we're not the same user who locked, ban with

2261

# we're not the same user who locked, ban with

2262

# code defined in settings (default is 423 HTTP Locked) !

2262

# code defined in settings (default is 423 HTTP Locked) !

2263

log.debug('Repo %s is currently locked by %s', repo, user)

2263

log.debug('Repo %s is currently locked by %s', repo, user)

2264

currently_locked = True

2264

currently_locked = True

2265

elif action == 'pull':

2265

elif action == 'pull':

2266

# [0] user [1] date

2266

# [0] user [1] date

2267

if lock_info[0] and lock_info[1]:

2267

if lock_info[0] and lock_info[1]:

2268

log.debug('Repo %s is currently locked by %s', repo, user)

2268

log.debug('Repo %s is currently locked by %s', repo, user)

2269

currently_locked = True

2269

currently_locked = True

2270

else:

2270

else:

2271

log.debug('Setting lock on repo %s by %s', repo, user)

2271

log.debug('Setting lock on repo %s by %s', repo, user)

2272

make_lock = True

2272

make_lock = True

2273

2274

else:

2274

else:

2275

log.debug('Repository %s do not have locking enabled', repo)

2275

log.debug('Repository %s do not have locking enabled', repo)

2276

2277

log.debug('FINAL locking values make_lock:%s,locked:%s,locked_by:%s',

2277

log.debug('FINAL locking values make_lock:%s,locked:%s,locked_by:%s',

2278

make_lock, currently_locked, lock_info)

2278

make_lock, currently_locked, lock_info)

2279

2280

from rhodecode.lib.auth import HasRepoPermissionAny

2280

from rhodecode.lib.auth import HasRepoPermissionAny

2281

perm_check = HasRepoPermissionAny('repository.write', 'repository.admin')

2281

perm_check = HasRepoPermissionAny('repository.write', 'repository.admin')

2282

if make_lock and not perm_check(repo_name=repo.repo_name, user=user):

2282

if make_lock and not perm_check(repo_name=repo.repo_name, user=user):

2283

# if we don't have at least write permission we cannot make a lock

2283

# if we don't have at least write permission we cannot make a lock

2284

log.debug('lock state reset back to FALSE due to lack '

2284

log.debug('lock state reset back to FALSE due to lack '

2285

'of at least read permission')

2285

'of at least read permission')

2286

make_lock = False

2286

make_lock = False

2287

2288

return make_lock, currently_locked, lock_info

2288

return make_lock, currently_locked, lock_info

2289

2290

@property

2290

@property

2291

def last_commit_cache_update_diff(self):

2291

def last_commit_cache_update_diff(self):

2292

return time.time() - (safe_int(self.changeset_cache.get('updated_on')) or 0)

2292

return time.time() - (safe_int(self.changeset_cache.get('updated_on')) or 0)

2293

2294

@classmethod

2294

@classmethod

2295

def _load_commit_change(cls, last_commit_cache):

2295

def _load_commit_change(cls, last_commit_cache):

2296

from rhodecode.lib.vcs.utils.helpers import parse_datetime

2296

from rhodecode.lib.vcs.utils.helpers import parse_datetime

2297

empty_date = datetime.datetime.fromtimestamp(0)

2297

empty_date = datetime.datetime.fromtimestamp(0)

2298

date_latest = last_commit_cache.get('date', empty_date)

2298

date_latest = last_commit_cache.get('date', empty_date)

2299

try:

2299

try:

2300

return parse_datetime(date_latest)

2300

return parse_datetime(date_latest)

2301

except Exception:

2301

except Exception:

2302

return empty_date

2302

return empty_date

2303

2304

@property

2304

@property

2305

def last_commit_change(self):

2305

def last_commit_change(self):

2306

return self._load_commit_change(self.changeset_cache)

2306

return self._load_commit_change(self.changeset_cache)

2307

2308

@property

2308

@property

2309

def last_db_change(self):

2309

def last_db_change(self):

2310

return self.updated_on

2310

return self.updated_on

2311

2312

@property

2312

@property

2313

def clone_uri_hidden(self):

2313

def clone_uri_hidden(self):

2314

clone_uri = self.clone_uri

2314

clone_uri = self.clone_uri

2315

if clone_uri:

2315

if clone_uri:

2316

import urlobject

2316

import urlobject

2317

url_obj = urlobject.URLObject(cleaned_uri(clone_uri))

2317

url_obj = urlobject.URLObject(cleaned_uri(clone_uri))

2318

if url_obj.password:

2318

if url_obj.password:

2319

clone_uri = url_obj.with_password('*****')

2319

clone_uri = url_obj.with_password('*****')

2320

return clone_uri

2320

return clone_uri

2321

2322

@property

2322

@property

2323

def push_uri_hidden(self):

2323

def push_uri_hidden(self):

2324

push_uri = self.push_uri

2324

push_uri = self.push_uri

2325

if push_uri:

2325

if push_uri:

2326

import urlobject

2326

import urlobject

2327

url_obj = urlobject.URLObject(cleaned_uri(push_uri))

2327

url_obj = urlobject.URLObject(cleaned_uri(push_uri))

2328

if url_obj.password:

2328

if url_obj.password:

2329

push_uri = url_obj.with_password('*****')

2329

push_uri = url_obj.with_password('*****')

2330

return push_uri

2330

return push_uri

2331

2332

def clone_url(self, **override):

2332

def clone_url(self, **override):

2333

from rhodecode.model.settings import SettingsModel

2333

from rhodecode.model.settings import SettingsModel

2334

2335

uri_tmpl = None

2335

uri_tmpl = None

2336

if 'with_id' in override:

2336

if 'with_id' in override:

2337

uri_tmpl = self.DEFAULT_CLONE_URI_ID

2337

uri_tmpl = self.DEFAULT_CLONE_URI_ID

2338

del override['with_id']

2338

del override['with_id']

2339

2340

if 'uri_tmpl' in override:

2340

if 'uri_tmpl' in override:

2341

uri_tmpl = override['uri_tmpl']

2341

uri_tmpl = override['uri_tmpl']

2342

del override['uri_tmpl']

2342

del override['uri_tmpl']

2343

2344

ssh = False

2344

ssh = False

2345

if 'ssh' in override:

2345

if 'ssh' in override:

2346

ssh = True

2346

ssh = True

2347

del override['ssh']

2347

del override['ssh']

2348

2349

# we didn't override our tmpl from **overrides

2349

# we didn't override our tmpl from **overrides

2350

request = get_current_request()

2350

request = get_current_request()

2351

if not uri_tmpl:

2351

if not uri_tmpl:

2352

if hasattr(request, 'call_context') and hasattr(request.call_context, 'rc_config'):

2352

if hasattr(request, 'call_context') and hasattr(request.call_context, 'rc_config'):

2353

rc_config = request.call_context.rc_config

2353

rc_config = request.call_context.rc_config

2354

else:

2354

else:

2355

rc_config = SettingsModel().get_all_settings(cache=True)

2355

rc_config = SettingsModel().get_all_settings(cache=True)

2356

2357

if ssh:

2357

if ssh:

2358

uri_tmpl = rc_config.get(

2358

uri_tmpl = rc_config.get(

2359

'rhodecode_clone_uri_ssh_tmpl') or self.DEFAULT_CLONE_URI_SSH

2359

'rhodecode_clone_uri_ssh_tmpl') or self.DEFAULT_CLONE_URI_SSH

2360

2361

else:

2361

else:

2362

uri_tmpl = rc_config.get(

2362

uri_tmpl = rc_config.get(

2363

'rhodecode_clone_uri_tmpl') or self.DEFAULT_CLONE_URI

2363

'rhodecode_clone_uri_tmpl') or self.DEFAULT_CLONE_URI

2364

2365

return get_clone_url(request=request,

2365

return get_clone_url(request=request,

2366

uri_tmpl=uri_tmpl,

2366

uri_tmpl=uri_tmpl,

2367

repo_name=self.repo_name,

2367

repo_name=self.repo_name,

2368

repo_id=self.repo_id,

2368

repo_id=self.repo_id,

2369

repo_type=self.repo_type,

2369

repo_type=self.repo_type,

2370

**override)

2370

**override)

2371

2372

def set_state(self, state):

2372

def set_state(self, state):

2373

self.repo_state = state

2373

self.repo_state = state

2374

Session().add(self)

2374

Session().add(self)

2375

#==========================================================================

2375

#==========================================================================

2376

# SCM PROPERTIES

2376

# SCM PROPERTIES

2377

#==========================================================================

2377

#==========================================================================

2378

2379

def get_commit(self, commit_id=None, commit_idx=None, pre_load=None, maybe_unreachable=False):

2379

def get_commit(self, commit_id=None, commit_idx=None, pre_load=None, maybe_unreachable=False):

2380

return get_commit_safe(

2380

return get_commit_safe(

2381

self.scm_instance(), commit_id, commit_idx, pre_load=pre_load,

2381

self.scm_instance(), commit_id, commit_idx, pre_load=pre_load,

2382

maybe_unreachable=maybe_unreachable)

2382

maybe_unreachable=maybe_unreachable)

2383

2384

def get_changeset(self, rev=None, pre_load=None):

2384

def get_changeset(self, rev=None, pre_load=None):

2385

warnings.warn("Use get_commit", DeprecationWarning)

2385

warnings.warn("Use get_commit", DeprecationWarning)

2386

commit_id = None

2386

commit_id = None

2387

commit_idx = None

2387

commit_idx = None

2388

if isinstance(rev, compat.string_types):

2388

if isinstance(rev, compat.string_types):

2389

commit_id = rev

2389

commit_id = rev

2390

else:

2390

else:

2391

commit_idx = rev

2391

commit_idx = rev

2392

return self.get_commit(commit_id=commit_id, commit_idx=commit_idx,

2392

return self.get_commit(commit_id=commit_id, commit_idx=commit_idx,

2393

pre_load=pre_load)

2393

pre_load=pre_load)

2394

2395

def get_landing_commit(self):

2395

def get_landing_commit(self):

2396

"""

2396

"""

2397

Returns landing commit, or if that doesn't exist returns the tip

2397

Returns landing commit, or if that doesn't exist returns the tip

2398

"""

2398

"""

2399

_rev_type, _rev = self.landing_rev

2399

_rev_type, _rev = self.landing_rev

2400

commit = self.get_commit(_rev)

2400

commit = self.get_commit(_rev)

2401

if isinstance(commit, EmptyCommit):

2401

if isinstance(commit, EmptyCommit):

2402

return self.get_commit()

2402

return self.get_commit()

2403

return commit

2403

return commit

2404

2405

def flush_commit_cache(self):

2405

def flush_commit_cache(self):

2406

self.update_commit_cache(cs_cache={'raw_id':'0'})

2406

self.update_commit_cache(cs_cache={'raw_id':'0'})

2407

self.update_commit_cache()

2407

self.update_commit_cache()

2408

2409

def update_commit_cache(self, cs_cache=None, config=None):

2409

def update_commit_cache(self, cs_cache=None, config=None):

2410

"""

2410

"""

2411

Update cache of last commit for repository

2411

Update cache of last commit for repository

2412

cache_keys should be::

2412

cache_keys should be::

2413

2414

source_repo_id

2414

source_repo_id

2415

short_id

2415

short_id

2416

raw_id

2416

raw_id

2417

revision

2417

revision

2418

parents

2418

parents

2419

message

2419

message

2420

date

2420

date

2421

author

2421

author

2422

updated_on

2422

updated_on

2423

2424

"""

2424

"""

2425

from rhodecode.lib.vcs.backends.base import BaseChangeset

2425

from rhodecode.lib.vcs.backends.base import BaseChangeset

2426

from rhodecode.lib.vcs.utils.helpers import parse_datetime

2426

from rhodecode.lib.vcs.utils.helpers import parse_datetime

2427

empty_date = datetime.datetime.fromtimestamp(0)

2427

empty_date = datetime.datetime.fromtimestamp(0)

2428

2429

if cs_cache is None:

2429

if cs_cache is None:

2430

# use no-cache version here

2430

# use no-cache version here

2431

try:

2431

try:

2432

scm_repo = self.scm_instance(cache=False, config=config)

2432

scm_repo = self.scm_instance(cache=False, config=config)

2433

except VCSError:

2433

except VCSError:

2434

scm_repo = None

2434

scm_repo = None

2435

empty = scm_repo is None or scm_repo.is_empty()

2435

empty = scm_repo is None or scm_repo.is_empty()

2436

2437

if not empty:

2437

if not empty:

2438

cs_cache = scm_repo.get_commit(

2438

cs_cache = scm_repo.get_commit(

2439

pre_load=["author", "date", "message", "parents", "branch"])

2439

pre_load=["author", "date", "message", "parents", "branch"])

2440

else:

2440

else:

2441

cs_cache = EmptyCommit()

2441

cs_cache = EmptyCommit()

2442

2443

if isinstance(cs_cache, BaseChangeset):

2443

if isinstance(cs_cache, BaseChangeset):

2444

cs_cache = cs_cache.__json__()

2444

cs_cache = cs_cache.__json__()

2445

2446

def is_outdated(new_cs_cache):

2446

def is_outdated(new_cs_cache):

2447

if (new_cs_cache['raw_id'] != self.changeset_cache['raw_id'] or

2447

if (new_cs_cache['raw_id'] != self.changeset_cache['raw_id'] or

2448

new_cs_cache['revision'] != self.changeset_cache['revision']):

2448

new_cs_cache['revision'] != self.changeset_cache['revision']):

2449

return True

2449

return True

2450

return False

2450

return False

2451

2452

# check if we have maybe already latest cached revision

2452

# check if we have maybe already latest cached revision

2453

if is_outdated(cs_cache) or not self.changeset_cache:

2453

if is_outdated(cs_cache) or not self.changeset_cache:

2454

_current_datetime = datetime.datetime.utcnow()

2454

_current_datetime = datetime.datetime.utcnow()

2455

last_change = cs_cache.get('date') or _current_datetime

2455

last_change = cs_cache.get('date') or _current_datetime

2456

# we check if last update is newer than the new value

2456

# we check if last update is newer than the new value

2457

# if yes, we use the current timestamp instead. Imagine you get

2457

# if yes, we use the current timestamp instead. Imagine you get

2458

# old commit pushed 1y ago, we'd set last update 1y to ago.

2458

# old commit pushed 1y ago, we'd set last update 1y to ago.

2459

last_change_timestamp = datetime_to_time(last_change)

2459

last_change_timestamp = datetime_to_time(last_change)

2460

current_timestamp = datetime_to_time(last_change)

2460

current_timestamp = datetime_to_time(last_change)

2461

if last_change_timestamp > current_timestamp and not empty:

2461

if last_change_timestamp > current_timestamp and not empty:

2462

cs_cache['date'] = _current_datetime

2462

cs_cache['date'] = _current_datetime

2463

2464

_date_latest = parse_datetime(cs_cache.get('date') or empty_date)

2464

_date_latest = parse_datetime(cs_cache.get('date') or empty_date)

2465

cs_cache['updated_on'] = time.time()

2465

cs_cache['updated_on'] = time.time()

2466

self.changeset_cache = cs_cache

2466

self.changeset_cache = cs_cache

2467

self.updated_on = last_change

2467

self.updated_on = last_change

2468

Session().add(self)

2468

Session().add(self)

2469

Session().commit()

2469

Session().commit()

2470

2471

else:

2471

else:

2472

if empty:

2472

if empty:

2473

cs_cache = EmptyCommit().__json__()

2473

cs_cache = EmptyCommit().__json__()

2474

else:

2474

else:

2475

cs_cache = self.changeset_cache

2475

cs_cache = self.changeset_cache

2476

2477

_date_latest = parse_datetime(cs_cache.get('date') or empty_date)

2477

_date_latest = parse_datetime(cs_cache.get('date') or empty_date)

2478

2479

cs_cache['updated_on'] = time.time()

2479

cs_cache['updated_on'] = time.time()

2480

self.changeset_cache = cs_cache

2480

self.changeset_cache = cs_cache

2481

self.updated_on = _date_latest

2481

self.updated_on = _date_latest

2482

Session().add(self)

2482

Session().add(self)

2483

Session().commit()

2483

Session().commit()

2484

2485

log.debug('updated repo `%s` with new commit cache %s, and last update_date: %s',

2485

log.debug('updated repo `%s` with new commit cache %s, and last update_date: %s',

2486

self.repo_name, cs_cache, _date_latest)

2486

self.repo_name, cs_cache, _date_latest)

2487

2488

@property

2488

@property

2489

def tip(self):

2489

def tip(self):

2490

return self.get_commit('tip')

2490

return self.get_commit('tip')

2491

2492

@property

2492

@property

2493

def author(self):

2493

def author(self):

2494

return self.tip.author

2494

return self.tip.author

2495

2496

@property

2496

@property

2497

def last_change(self):

2497

def last_change(self):

2498

return self.scm_instance().last_change

2498

return self.scm_instance().last_change

2499

2500

def get_comments(self, revisions=None):

2500

def get_comments(self, revisions=None):

2501

"""

2501

"""

2502

Returns comments for this repository grouped by revisions

2502

Returns comments for this repository grouped by revisions

2503

2504

:param revisions: filter query by revisions only

2504

:param revisions: filter query by revisions only

2505

"""

2505

"""

2506

cmts = ChangesetComment.query()\

2506

cmts = ChangesetComment.query()\

2507

.filter(ChangesetComment.repo == self)

2507

.filter(ChangesetComment.repo == self)

2508

if revisions:

2508

if revisions:

2509

cmts = cmts.filter(ChangesetComment.revision.in_(revisions))

2509

cmts = cmts.filter(ChangesetComment.revision.in_(revisions))

2510

grouped = collections.defaultdict(list)

2510

grouped = collections.defaultdict(list)

2511

for cmt in cmts.all():

2511

for cmt in cmts.all():

2512

grouped[cmt.revision].append(cmt)

2512

grouped[cmt.revision].append(cmt)

2513

return grouped

2513

return grouped

2514

2515

def statuses(self, revisions=None):

2515

def statuses(self, revisions=None):

2516

"""

2516

"""

2517

Returns statuses for this repository

2517

Returns statuses for this repository

2518

2519

:param revisions: list of revisions to get statuses for

2519

:param revisions: list of revisions to get statuses for

2520

"""

2520

"""

2521

statuses = ChangesetStatus.query()\

2521

statuses = ChangesetStatus.query()\

2522

.filter(ChangesetStatus.repo == self)\

2522

.filter(ChangesetStatus.repo == self)\

2523

.filter(ChangesetStatus.version == 0)

2523

.filter(ChangesetStatus.version == 0)

2524

2525

if revisions:

2525

if revisions:

2526

# Try doing the filtering in chunks to avoid hitting limits

2526

# Try doing the filtering in chunks to avoid hitting limits

2527

size = 500

2527

size = 500

2528

status_results = []

2528

status_results = []

2529

for chunk in xrange(0, len(revisions), size):

2529

for chunk in xrange(0, len(revisions), size):

2530

status_results += statuses.filter(

2530

status_results += statuses.filter(

2531

ChangesetStatus.revision.in_(

2531

ChangesetStatus.revision.in_(

2532

revisions[chunk: chunk+size])

2532

revisions[chunk: chunk+size])

2533

).all()

2533

).all()

2534

else:

2534

else:

2535

status_results = statuses.all()

2535

status_results = statuses.all()

2536

2537

grouped = {}

2537

grouped = {}

2538

2539

# maybe we have open new pullrequest without a status?

2539

# maybe we have open new pullrequest without a status?

2540

stat = ChangesetStatus.STATUS_UNDER_REVIEW

2540

stat = ChangesetStatus.STATUS_UNDER_REVIEW

2541

status_lbl = ChangesetStatus.get_status_lbl(stat)

2541

status_lbl = ChangesetStatus.get_status_lbl(stat)

2542

for pr in PullRequest.query().filter(PullRequest.source_repo == self).all():

2542

for pr in PullRequest.query().filter(PullRequest.source_repo == self).all():

2543

for rev in pr.revisions:

2543

for rev in pr.revisions:

2544

pr_id = pr.pull_request_id

2544

pr_id = pr.pull_request_id

2545

pr_repo = pr.target_repo.repo_name

2545

pr_repo = pr.target_repo.repo_name

2546

grouped[rev] = [stat, status_lbl, pr_id, pr_repo]

2546

grouped[rev] = [stat, status_lbl, pr_id, pr_repo]

2547

2548

for stat in status_results:

2548

for stat in status_results:

2549

pr_id = pr_repo = None

2549

pr_id = pr_repo = None

2550

if stat.pull_request:

2550

if stat.pull_request:

2551

pr_id = stat.pull_request.pull_request_id

2551

pr_id = stat.pull_request.pull_request_id

2552

pr_repo = stat.pull_request.target_repo.repo_name

2552

pr_repo = stat.pull_request.target_repo.repo_name

2553

grouped[stat.revision] = [str(stat.status), stat.status_lbl,

2553

grouped[stat.revision] = [str(stat.status), stat.status_lbl,

2554

pr_id, pr_repo]

2554

pr_id, pr_repo]

2555

return grouped

2555

return grouped

2556

2557

# ==========================================================================

2557

# ==========================================================================

2558

# SCM CACHE INSTANCE

2558

# SCM CACHE INSTANCE

2559

# ==========================================================================

2559

# ==========================================================================

2560

2561

def scm_instance(self, **kwargs):

2561

def scm_instance(self, **kwargs):

2562

import rhodecode

2562

import rhodecode

2563

2564

# Passing a config will not hit the cache currently only used

2564

# Passing a config will not hit the cache currently only used

2565

# for repo2dbmapper

2565

# for repo2dbmapper

2566

config = kwargs.pop('config', None)

2566

config = kwargs.pop('config', None)

2567

cache = kwargs.pop('cache', None)

2567

cache = kwargs.pop('cache', None)

2568

vcs_full_cache = kwargs.pop('vcs_full_cache', None)

2568

vcs_full_cache = kwargs.pop('vcs_full_cache', None)

2569

if vcs_full_cache is not None:

2569

if vcs_full_cache is not None:

2570

# allows override global config

2570

# allows override global config

2571

full_cache = vcs_full_cache

2571

full_cache = vcs_full_cache

2572

else:

2572

else:

2573

full_cache = str2bool(rhodecode.CONFIG.get('vcs_full_cache'))

2573

full_cache = str2bool(rhodecode.CONFIG.get('vcs_full_cache'))

2574

# if cache is NOT defined use default global, else we have a full

2574

# if cache is NOT defined use default global, else we have a full

2575

# control over cache behaviour

2575

# control over cache behaviour

2576

if cache is None and full_cache and not config:

2576

if cache is None and full_cache and not config:

2577

log.debug('Initializing pure cached instance for %s', self.repo_path)

2577

log.debug('Initializing pure cached instance for %s', self.repo_path)

2578

return self._get_instance_cached()

2578

return self._get_instance_cached()

2579

2580

# cache here is sent to the "vcs server"

2580

# cache here is sent to the "vcs server"

2581

return self._get_instance(cache=bool(cache), config=config)

2581

return self._get_instance(cache=bool(cache), config=config)

2582

2583

def _get_instance_cached(self):

2583

def _get_instance_cached(self):

2584

from rhodecode.lib import rc_cache

2584

from rhodecode.lib import rc_cache

2585

2586

cache_namespace_uid = 'cache_repo_instance.{}'.format(self.repo_id)

2586

cache_namespace_uid = 'cache_repo_instance.{}'.format(self.repo_id)

2587

invalidation_namespace = CacheKey.REPO_INVALIDATION_NAMESPACE.format(

2587

invalidation_namespace = CacheKey.REPO_INVALIDATION_NAMESPACE.format(

2588

repo_id=self.repo_id)

2588

repo_id=self.repo_id)

2589

region = rc_cache.get_or_create_region('cache_repo_longterm', cache_namespace_uid)

2589

region = rc_cache.get_or_create_region('cache_repo_longterm', cache_namespace_uid)

2590

2591

@region.conditional_cache_on_arguments(namespace=cache_namespace_uid)

2591

@region.conditional_cache_on_arguments(namespace=cache_namespace_uid)

2592

def get_instance_cached(repo_id, context_id, _cache_state_uid):

2592

def get_instance_cached(repo_id, context_id, _cache_state_uid):

2593

return self._get_instance(repo_state_uid=_cache_state_uid)

2593

return self._get_instance(repo_state_uid=_cache_state_uid)

2594

2595

# we must use thread scoped cache here,

2595

# we must use thread scoped cache here,

2596

# because each thread of gevent needs it's own not shared connection and cache

2596

# because each thread of gevent needs it's own not shared connection and cache

2597

# we also alter `args` so the cache key is individual for every green thread.

2597

# we also alter `args` so the cache key is individual for every green thread.

2598

inv_context_manager = rc_cache.InvalidationContext(

2598

inv_context_manager = rc_cache.InvalidationContext(

2599

uid=cache_namespace_uid, invalidation_namespace=invalidation_namespace,

2599

uid=cache_namespace_uid, invalidation_namespace=invalidation_namespace,

2600

thread_scoped=True)

2600

thread_scoped=True)

2601

with inv_context_manager as invalidation_context:

2601

with inv_context_manager as invalidation_context:

2602

cache_state_uid = invalidation_context.cache_data['cache_state_uid']

2602

cache_state_uid = invalidation_context.cache_data['cache_state_uid']

2603

args = (self.repo_id, inv_context_manager.cache_key, cache_state_uid)

2603

args = (self.repo_id, inv_context_manager.cache_key, cache_state_uid)

2604

2605

# re-compute and store cache if we get invalidate signal

2605

# re-compute and store cache if we get invalidate signal

2606

if invalidation_context.should_invalidate():

2606

if invalidation_context.should_invalidate():

2607

instance = get_instance_cached.refresh(*args)

2607

instance = get_instance_cached.refresh(*args)

2608

else:

2608

else:

2609

instance = get_instance_cached(*args)

2609

instance = get_instance_cached(*args)

2610

2611

log.debug('Repo instance fetched in %.4fs', inv_context_manager.compute_time)

2611

log.debug('Repo instance fetched in %.4fs', inv_context_manager.compute_time)

2612

return instance

2612

return instance

2613

2614

def _get_instance(self, cache=True, config=None, repo_state_uid=None):

2614

def _get_instance(self, cache=True, config=None, repo_state_uid=None):

2615

log.debug('Initializing %s instance `%s` with cache flag set to: %s',

2615

log.debug('Initializing %s instance `%s` with cache flag set to: %s',

2616

self.repo_type, self.repo_path, cache)

2616

self.repo_type, self.repo_path, cache)

2617

config = config or self._config

2617

config = config or self._config

2618

custom_wire = {

2618

custom_wire = {

2619

'cache': cache, # controls the vcs.remote cache

2619

'cache': cache, # controls the vcs.remote cache

2620

'repo_state_uid': repo_state_uid

2620

'repo_state_uid': repo_state_uid

2621

}

2621

}

2622

repo = get_vcs_instance(

2622

repo = get_vcs_instance(

2623

repo_path=safe_str(self.repo_full_path),

2623

repo_path=safe_str(self.repo_full_path),

2624

config=config,

2624

config=config,

2625

with_wire=custom_wire,

2625

with_wire=custom_wire,

2626

create=False,

2626

create=False,

2627

_vcs_alias=self.repo_type)

2627

_vcs_alias=self.repo_type)

2628

if repo is not None:

2628

if repo is not None:

2629

repo.count() # cache rebuild

2629

repo.count() # cache rebuild

2630

return repo

2630

return repo

2631

2632

def get_shadow_repository_path(self, workspace_id):

2632

def get_shadow_repository_path(self, workspace_id):

2633

from rhodecode.lib.vcs.backends.base import BaseRepository

2633

from rhodecode.lib.vcs.backends.base import BaseRepository

2634

shadow_repo_path = BaseRepository._get_shadow_repository_path(

2634

shadow_repo_path = BaseRepository._get_shadow_repository_path(

2635

self.repo_full_path, self.repo_id, workspace_id)

2635

self.repo_full_path, self.repo_id, workspace_id)

2636

return shadow_repo_path

2636

return shadow_repo_path

2637

2638

def __json__(self):

2638

def __json__(self):

2639

return {'landing_rev': self.landing_rev}

2639

return {'landing_rev': self.landing_rev}

2640

2641

def get_dict(self):

2641

def get_dict(self):

2642

2643

# Since we transformed `repo_name` to a hybrid property, we need to

2643

# Since we transformed `repo_name` to a hybrid property, we need to

2644

# keep compatibility with the code which uses `repo_name` field.

2644

# keep compatibility with the code which uses `repo_name` field.

2645

2646

result = super(Repository, self).get_dict()

2646

result = super(Repository, self).get_dict()

2647

result['repo_name'] = result.pop('_repo_name', None)

2647

result['repo_name'] = result.pop('_repo_name', None)

2648

return result

2648

return result

2649

2650

2651

class RepoGroup(Base, BaseModel):

2651

class RepoGroup(Base, BaseModel):

2652

__tablename__ = 'groups'

2652

__tablename__ = 'groups'

2653

__table_args__ = (

2653

__table_args__ = (

2654

UniqueConstraint('group_name', 'group_parent_id'),

2654

UniqueConstraint('group_name', 'group_parent_id'),

2655

base_table_args,

2655

base_table_args,

2656

)

2656

)

2657

__mapper_args__ = {'order_by': 'group_name'}

2657

__mapper_args__ = {'order_by': 'group_name'}

2658

2659

CHOICES_SEPARATOR = '/' # used to generate select2 choices for nested groups

2659

CHOICES_SEPARATOR = '/' # used to generate select2 choices for nested groups

2660

2661

group_id = Column("group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

2661

group_id = Column("group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

2662

_group_name = Column("group_name", String(255), nullable=False, unique=True, default=None)

2662

_group_name = Column("group_name", String(255), nullable=False, unique=True, default=None)

2663

group_name_hash = Column("repo_group_name_hash", String(1024), nullable=False, unique=False)

2663

group_name_hash = Column("repo_group_name_hash", String(1024), nullable=False, unique=False)

2664

group_parent_id = Column("group_parent_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)

2664

group_parent_id = Column("group_parent_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)

2665

group_description = Column("group_description", String(10000), nullable=True, unique=None, default=None)

2665

group_description = Column("group_description", String(10000), nullable=True, unique=None, default=None)

2666

enable_locking = Column("enable_locking", Boolean(), nullable=False, unique=None, default=False)

2666

enable_locking = Column("enable_locking", Boolean(), nullable=False, unique=None, default=False)

2667

user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)

2667

user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)

2668

created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

2668

created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

2669

updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)

2669

updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)

2670

personal = Column('personal', Boolean(), nullable=True, unique=None, default=None)

2670

personal = Column('personal', Boolean(), nullable=True, unique=None, default=None)

2671

_changeset_cache = Column("changeset_cache", LargeBinary(), nullable=True) # JSON data

2671

_changeset_cache = Column("changeset_cache", LargeBinary(), nullable=True) # JSON data

2672

2673

repo_group_to_perm = relationship('UserRepoGroupToPerm', cascade='all', order_by='UserRepoGroupToPerm.group_to_perm_id')

2673

repo_group_to_perm = relationship('UserRepoGroupToPerm', cascade='all', order_by='UserRepoGroupToPerm.group_to_perm_id')

2674

users_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')

2674

users_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')

2675

parent_group = relationship('RepoGroup', remote_side=group_id)

2675

parent_group = relationship('RepoGroup', remote_side=group_id)

2676

user = relationship('User')

2676

user = relationship('User')

2677

integrations = relationship('Integration', cascade="all, delete-orphan")

2677

integrations = relationship('Integration', cascade="all, delete-orphan")

2678

2679

# no cascade, set NULL

2679

# no cascade, set NULL

2680

scope_artifacts = relationship('FileStore', primaryjoin='FileStore.scope_repo_group_id==RepoGroup.group_id')

2680

scope_artifacts = relationship('FileStore', primaryjoin='FileStore.scope_repo_group_id==RepoGroup.group_id')

2681

2682

def __init__(self, group_name='', parent_group=None):

2682

def __init__(self, group_name='', parent_group=None):

2683

self.group_name = group_name

2683

self.group_name = group_name

2684

self.parent_group = parent_group

2684

self.parent_group = parent_group

2685

2686

def __unicode__(self):

2686

def __unicode__(self):

2687

return u"<%s('id:%s:%s')>" % (

2687

return u"<%s('id:%s:%s')>" % (

2688

self.__class__.__name__, self.group_id, self.group_name)

2688

self.__class__.__name__, self.group_id, self.group_name)

2689

2690

@hybrid_property

2690

@hybrid_property

2691

def group_name(self):

2691

def group_name(self):

2692

return self._group_name

2692

return self._group_name

2693

2694

@group_name.setter

2694

@group_name.setter

2695

def group_name(self, value):

2695

def group_name(self, value):

2696

self._group_name = value

2696

self._group_name = value

2697

self.group_name_hash = self.hash_repo_group_name(value)

2697

self.group_name_hash = self.hash_repo_group_name(value)

2698

2699

@classmethod

2699

@classmethod

2700

def _load_changeset_cache(cls, repo_id, changeset_cache_raw):

2700

def _load_changeset_cache(cls, repo_id, changeset_cache_raw):

2701

from rhodecode.lib.vcs.backends.base import EmptyCommit

2701

from rhodecode.lib.vcs.backends.base import EmptyCommit

2702

dummy = EmptyCommit().__json__()

2702

dummy = EmptyCommit().__json__()

2703

if not changeset_cache_raw:

2703

if not changeset_cache_raw:

2704

dummy['source_repo_id'] = repo_id

2704

dummy['source_repo_id'] = repo_id

2705

return json.loads(json.dumps(dummy))

2705

return json.loads(json.dumps(dummy))

2706

2707

try:

2707

try:

2708

return json.loads(changeset_cache_raw)

2708

return json.loads(changeset_cache_raw)

2709

except TypeError:

2709

except TypeError:

2710

return dummy

2710

return dummy

2711

except Exception:

2711

except Exception:

2712

log.error(traceback.format_exc())

2712

log.error(traceback.format_exc())

2713

return dummy

2713

return dummy

2714

2715

@hybrid_property

2715

@hybrid_property

2716

def changeset_cache(self):

2716

def changeset_cache(self):

2717

return self._load_changeset_cache('', self._changeset_cache)

2717

return self._load_changeset_cache('', self._changeset_cache)

2718

2719

@changeset_cache.setter

2719

@changeset_cache.setter

2720

def changeset_cache(self, val):

2720

def changeset_cache(self, val):

2721

try:

2721

try:

2722

self._changeset_cache = json.dumps(val)

2722

self._changeset_cache = json.dumps(val)

2723

except Exception:

2723

except Exception:

2724

log.error(traceback.format_exc())

2724

log.error(traceback.format_exc())

2725

2726

@validates('group_parent_id')

2726

@validates('group_parent_id')

2727

def validate_group_parent_id(self, key, val):

2727

def validate_group_parent_id(self, key, val):

2728

"""

2728

"""

2729

Check cycle references for a parent group to self

2729

Check cycle references for a parent group to self

2730

"""

2730

"""

2731

if self.group_id and val:

2731

if self.group_id and val:

2732

assert val != self.group_id

2732

assert val != self.group_id

2733

2734

return val

2734

return val

2735

2736

@hybrid_property

2736

@hybrid_property

2737

def description_safe(self):

2737

def description_safe(self):

2738

from rhodecode.lib import helpers as h

2738

from rhodecode.lib import helpers as h

2739

return h.escape(self.group_description)

2739

return h.escape(self.group_description)

2740

2741

@classmethod

2741

@classmethod

2742

def hash_repo_group_name(cls, repo_group_name):

2742

def hash_repo_group_name(cls, repo_group_name):

2743

val = remove_formatting(repo_group_name)

2743

val = remove_formatting(repo_group_name)

2744

val = safe_str(val).lower()

2744

val = safe_str(val).lower()

2745

chars = []

2745

chars = []

2746

for c in val:

2746

for c in val:

2747

if c not in string.ascii_letters:

2747

if c not in string.ascii_letters:

2748

c = str(ord(c))

2748

c = str(ord(c))

2749

chars.append(c)

2749

chars.append(c)

2750

2751

return ''.join(chars)

2751

return ''.join(chars)

2752

2753

@classmethod

2753

@classmethod

2754

def _generate_choice(cls, repo_group):

2754

def _generate_choice(cls, repo_group):

2755

from webhelpers2.html import literal as _literal

2755

from webhelpers2.html import literal as _literal

2756

_name = lambda k: _literal(cls.CHOICES_SEPARATOR.join(k))

2756

_name = lambda k: _literal(cls.CHOICES_SEPARATOR.join(k))

2757

return repo_group.group_id, _name(repo_group.full_path_splitted)

2757

return repo_group.group_id, _name(repo_group.full_path_splitted)

2758

2759

@classmethod

2759

@classmethod

2760

def groups_choices(cls, groups=None, show_empty_group=True):

2760

def groups_choices(cls, groups=None, show_empty_group=True):

2761

if not groups:

2761

if not groups:

2762

groups = cls.query().all()

2762

groups = cls.query().all()

2763

2764

repo_groups = []

2764

repo_groups = []

2765

if show_empty_group:

2765

if show_empty_group:

2766

repo_groups = [(-1, u'-- %s --' % _('No parent'))]

2766

repo_groups = [(-1, u'-- %s --' % _('No parent'))]

2767

2768

repo_groups.extend([cls._generate_choice(x) for x in groups])

2768

repo_groups.extend([cls._generate_choice(x) for x in groups])

2769

2770

repo_groups = sorted(

2770

repo_groups = sorted(

2771

repo_groups, key=lambda t: t[1].split(cls.CHOICES_SEPARATOR)[0])

2771

repo_groups, key=lambda t: t[1].split(cls.CHOICES_SEPARATOR)[0])

2772

return repo_groups

2772

return repo_groups

2773

2774

@classmethod

2774

@classmethod

2775

def url_sep(cls):

2775

def url_sep(cls):

2776

return URL_SEP

2776

return URL_SEP

2777

2778

@classmethod

2778

@classmethod

2779

def get_by_group_name(cls, group_name, cache=False, case_insensitive=False):

2779

def get_by_group_name(cls, group_name, cache=False, case_insensitive=False):

2780

if case_insensitive:

2780

if case_insensitive:

2781

gr = cls.query().filter(func.lower(cls.group_name)

2781

gr = cls.query().filter(func.lower(cls.group_name)

2782

== func.lower(group_name))

2782

== func.lower(group_name))

2783

else:

2783

else:

2784

gr = cls.query().filter(cls.group_name == group_name)

2784

gr = cls.query().filter(cls.group_name == group_name)

2785

if cache:

2785

if cache:

2786

name_key = _hash_key(group_name)

2786

name_key = _hash_key(group_name)

2787

gr = gr.options(

2787

gr = gr.options(

2788

FromCache("sql_cache_short", "get_group_%s" % name_key))

2788

FromCache("sql_cache_short", "get_group_%s" % name_key))

2789

return gr.scalar()

2789

return gr.scalar()

2790

2791

@classmethod

2791

@classmethod

2792

def get_user_personal_repo_group(cls, user_id):

2792

def get_user_personal_repo_group(cls, user_id):

2793

user = User.get(user_id)

2793

user = User.get(user_id)

2794

if user.username == User.DEFAULT_USER:

2794

if user.username == User.DEFAULT_USER:

2795

return None

2795

return None

2796

2797

return cls.query()\

2797

return cls.query()\

2798

.filter(cls.personal == true()) \

2798

.filter(cls.personal == true()) \

2799

.filter(cls.user == user) \

2799

.filter(cls.user == user) \

2800

.order_by(cls.group_id.asc()) \

2800

.order_by(cls.group_id.asc()) \

2801

.first()

2801

.first()

2802

2803

@classmethod

2803

@classmethod

2804

def get_all_repo_groups(cls, user_id=Optional(None), group_id=Optional(None),

2804

def get_all_repo_groups(cls, user_id=Optional(None), group_id=Optional(None),

2805

case_insensitive=True):

2805

case_insensitive=True):

2806

q = RepoGroup.query()

2806

q = RepoGroup.query()

2807

2808

if not isinstance(user_id, Optional):

2808

if not isinstance(user_id, Optional):

2809

q = q.filter(RepoGroup.user_id == user_id)

2809

q = q.filter(RepoGroup.user_id == user_id)

2810

2811

if not isinstance(group_id, Optional):

2811

if not isinstance(group_id, Optional):

2812

q = q.filter(RepoGroup.group_parent_id == group_id)

2812

q = q.filter(RepoGroup.group_parent_id == group_id)

2813

2814

if case_insensitive:

2814

if case_insensitive:

2815

q = q.order_by(func.lower(RepoGroup.group_name))

2815

q = q.order_by(func.lower(RepoGroup.group_name))

2816

else:

2816

else:

2817

q = q.order_by(RepoGroup.group_name)

2817

q = q.order_by(RepoGroup.group_name)

2818

return q.all()

2818

return q.all()

2819

2820

@property

2820

@property

2821

def parents(self, parents_recursion_limit=10):

2821

def parents(self, parents_recursion_limit=10):

2822

groups = []

2822

groups = []

2823

if self.parent_group is None:

2823

if self.parent_group is None:

2824

return groups

2824

return groups

2825

cur_gr = self.parent_group

2825

cur_gr = self.parent_group

2826

groups.insert(0, cur_gr)

2826

groups.insert(0, cur_gr)

2827

cnt = 0

2827

cnt = 0

2828

while 1:

2828

while 1:

2829

cnt += 1

2829

cnt += 1

2830

gr = getattr(cur_gr, 'parent_group', None)

2830

gr = getattr(cur_gr, 'parent_group', None)

2831

cur_gr = cur_gr.parent_group

2831

cur_gr = cur_gr.parent_group

2832

if gr is None:

2832

if gr is None:

2833

break

2833

break

2834

if cnt == parents_recursion_limit:

2834

if cnt == parents_recursion_limit:

2835

# this will prevent accidental infinit loops

2835

# this will prevent accidental infinit loops

2836

log.error('more than %s parents found for group %s, stopping '

2836

log.error('more than %s parents found for group %s, stopping '

2837

'recursive parent fetching', parents_recursion_limit, self)

2837

'recursive parent fetching', parents_recursion_limit, self)

2838

break

2838

break

2839

2840

groups.insert(0, gr)

2840

groups.insert(0, gr)

2841

return groups

2841

return groups

2842

2843

@property

2843

@property

2844

def last_commit_cache_update_diff(self):

2844

def last_commit_cache_update_diff(self):

2845

return time.time() - (safe_int(self.changeset_cache.get('updated_on')) or 0)

2845

return time.time() - (safe_int(self.changeset_cache.get('updated_on')) or 0)

2846

2847

@classmethod

2847

@classmethod

2848

def _load_commit_change(cls, last_commit_cache):

2848

def _load_commit_change(cls, last_commit_cache):

2849

from rhodecode.lib.vcs.utils.helpers import parse_datetime

2849

from rhodecode.lib.vcs.utils.helpers import parse_datetime

2850

empty_date = datetime.datetime.fromtimestamp(0)

2850

empty_date = datetime.datetime.fromtimestamp(0)

2851

date_latest = last_commit_cache.get('date', empty_date)

2851

date_latest = last_commit_cache.get('date', empty_date)

2852

try:

2852

try:

2853

return parse_datetime(date_latest)

2853

return parse_datetime(date_latest)

2854

except Exception:

2854

except Exception:

2855

return empty_date

2855

return empty_date

2856

2857

@property

2857

@property

2858

def last_commit_change(self):

2858

def last_commit_change(self):

2859

return self._load_commit_change(self.changeset_cache)

2859

return self._load_commit_change(self.changeset_cache)

2860

2861

@property

2861

@property

2862

def last_db_change(self):

2862

def last_db_change(self):

2863

return self.updated_on

2863

return self.updated_on

2864

2865

@property

2865

@property

2866

def children(self):

2866

def children(self):

2867

return RepoGroup.query().filter(RepoGroup.parent_group == self)

2867

return RepoGroup.query().filter(RepoGroup.parent_group == self)

2868

2869

@property

2869

@property

2870

def name(self):

2870

def name(self):

2871

return self.group_name.split(RepoGroup.url_sep())[-1]

2871

return self.group_name.split(RepoGroup.url_sep())[-1]

2872

2873

@property

2873

@property

2874

def full_path(self):

2874

def full_path(self):

2875

return self.group_name

2875

return self.group_name

2876

2877

@property

2877

@property

2878

def full_path_splitted(self):

2878

def full_path_splitted(self):

2879

return self.group_name.split(RepoGroup.url_sep())

2879

return self.group_name.split(RepoGroup.url_sep())

2880

2881

@property

2881

@property

2882

def repositories(self):

2882

def repositories(self):

2883

return Repository.query()\

2883

return Repository.query()\

2884

.filter(Repository.group == self)\

2884

.filter(Repository.group == self)\

2885

.order_by(Repository.repo_name)

2885

.order_by(Repository.repo_name)

2886

2887

@property

2887

@property

2888

def repositories_recursive_count(self):

2888

def repositories_recursive_count(self):

2889

cnt = self.repositories.count()

2889

cnt = self.repositories.count()

2890

2891

def children_count(group):

2891

def children_count(group):

2892

cnt = 0

2892

cnt = 0

2893

for child in group.children:

2893

for child in group.children:

2894

cnt += child.repositories.count()

2894

cnt += child.repositories.count()

2895

cnt += children_count(child)

2895

cnt += children_count(child)

2896

return cnt

2896

return cnt

2897

2898

return cnt + children_count(self)

2898

return cnt + children_count(self)

2899

2900

def _recursive_objects(self, include_repos=True, include_groups=True):

2900

def _recursive_objects(self, include_repos=True, include_groups=True):

2901

all_ = []

2901

all_ = []

2902

2903

def _get_members(root_gr):

2903

def _get_members(root_gr):

2904

if include_repos:

2904

if include_repos:

2905

for r in root_gr.repositories:

2905

for r in root_gr.repositories:

2906

all_.append(r)

2906

all_.append(r)

2907

childs = root_gr.children.all()

2907

childs = root_gr.children.all()

2908

if childs:

2908

if childs:

2909

for gr in childs:

2909

for gr in childs:

2910

if include_groups:

2910

if include_groups:

2911

all_.append(gr)

2911

all_.append(gr)

2912

_get_members(gr)

2912

_get_members(gr)

2913

2914

root_group = []

2914

root_group = []

2915

if include_groups:

2915

if include_groups:

2916

root_group = [self]

2916

root_group = [self]

2917

2918

_get_members(self)

2918

_get_members(self)

2919

return root_group + all_

2919

return root_group + all_

2920

2921

def recursive_groups_and_repos(self):

2921

def recursive_groups_and_repos(self):

2922

"""

2922

"""

2923

Recursive return all groups, with repositories in those groups

2923

Recursive return all groups, with repositories in those groups

2924

"""

2924

"""

2925

return self._recursive_objects()

2925

return self._recursive_objects()

2926

2927

def recursive_groups(self):

2927

def recursive_groups(self):

2928

"""

2928

"""

2929

Returns all children groups for this group including children of children

2929

Returns all children groups for this group including children of children

2930

"""

2930

"""

2931

return self._recursive_objects(include_repos=False)

2931

return self._recursive_objects(include_repos=False)

2932

2933

def recursive_repos(self):

2933

def recursive_repos(self):

2934

"""

2934

"""

2935

Returns all children repositories for this group

2935

Returns all children repositories for this group

2936

"""

2936

"""

2937

return self._recursive_objects(include_groups=False)

2937

return self._recursive_objects(include_groups=False)

2938

2939

def get_new_name(self, group_name):

2939

def get_new_name(self, group_name):

2940

"""

2940

"""

2941

returns new full group name based on parent and new name

2941

returns new full group name based on parent and new name

2942

2943

:param group_name:

2943

:param group_name:

2944

"""

2944

"""

2945

path_prefix = (self.parent_group.full_path_splitted if

2945

path_prefix = (self.parent_group.full_path_splitted if

2946

self.parent_group else [])

2946

self.parent_group else [])

2947

return RepoGroup.url_sep().join(path_prefix + [group_name])

2947

return RepoGroup.url_sep().join(path_prefix + [group_name])

2948

2949

def update_commit_cache(self, config=None):

2949

def update_commit_cache(self, config=None):

2950

"""

2950

"""

2951

Update cache of last commit for newest repository inside this repository group.

2951

Update cache of last commit for newest repository inside this repository group.

2952

cache_keys should be::

2952

cache_keys should be::

2953

2954

source_repo_id

2954

source_repo_id

2955

short_id

2955

short_id

2956

raw_id

2956

raw_id

2957

revision

2957

revision

2958

parents

2958

parents

2959

message

2959

message

2960

date

2960

date

2961

author

2961

author

2962

2963

"""

2963

"""

2964

from rhodecode.lib.vcs.utils.helpers import parse_datetime

2964

from rhodecode.lib.vcs.utils.helpers import parse_datetime

2965

empty_date = datetime.datetime.fromtimestamp(0)

2965

empty_date = datetime.datetime.fromtimestamp(0)

2966

2967

def repo_groups_and_repos(root_gr):

2967

def repo_groups_and_repos(root_gr):

2968

for _repo in root_gr.repositories:

2968

for _repo in root_gr.repositories:

2969

yield _repo

2969

yield _repo

2970

for child_group in root_gr.children.all():

2970

for child_group in root_gr.children.all():

2971

yield child_group

2971

yield child_group

2972

2973

latest_repo_cs_cache = {}

2973

latest_repo_cs_cache = {}

2974

for obj in repo_groups_and_repos(self):

2974

for obj in repo_groups_and_repos(self):

2975

repo_cs_cache = obj.changeset_cache

2975

repo_cs_cache = obj.changeset_cache

2976

date_latest = latest_repo_cs_cache.get('date', empty_date)

2976

date_latest = latest_repo_cs_cache.get('date', empty_date)

2977

date_current = repo_cs_cache.get('date', empty_date)

2977

date_current = repo_cs_cache.get('date', empty_date)

2978

current_timestamp = datetime_to_time(parse_datetime(date_latest))

2978

current_timestamp = datetime_to_time(parse_datetime(date_latest))

2979

if current_timestamp < datetime_to_time(parse_datetime(date_current)):

2979

if current_timestamp < datetime_to_time(parse_datetime(date_current)):

2980

latest_repo_cs_cache = repo_cs_cache

2980

latest_repo_cs_cache = repo_cs_cache

2981

if hasattr(obj, 'repo_id'):

2981

if hasattr(obj, 'repo_id'):

2982

latest_repo_cs_cache['source_repo_id'] = obj.repo_id

2982

latest_repo_cs_cache['source_repo_id'] = obj.repo_id

2983

else:

2983

else:

2984

latest_repo_cs_cache['source_repo_id'] = repo_cs_cache.get('source_repo_id')

2984

latest_repo_cs_cache['source_repo_id'] = repo_cs_cache.get('source_repo_id')

2985

2986

_date_latest = parse_datetime(latest_repo_cs_cache.get('date') or empty_date)

2986

_date_latest = parse_datetime(latest_repo_cs_cache.get('date') or empty_date)

2987

2988

latest_repo_cs_cache['updated_on'] = time.time()

2988

latest_repo_cs_cache['updated_on'] = time.time()

2989

self.changeset_cache = latest_repo_cs_cache

2989

self.changeset_cache = latest_repo_cs_cache

2990

self.updated_on = _date_latest

2990

self.updated_on = _date_latest

2991

Session().add(self)

2991

Session().add(self)

2992

Session().commit()

2992

Session().commit()

2993

2994

log.debug('updated repo group `%s` with new commit cache %s, and last update_date: %s',

2994

log.debug('updated repo group `%s` with new commit cache %s, and last update_date: %s',

2995

self.group_name, latest_repo_cs_cache, _date_latest)

2995

self.group_name, latest_repo_cs_cache, _date_latest)

2996

2997

def permissions(self, with_admins=True, with_owner=True,

2997

def permissions(self, with_admins=True, with_owner=True,

2998

expand_from_user_groups=False):

2998

expand_from_user_groups=False):

2999

"""

2999

"""

3000

Permissions for repository groups

3000

Permissions for repository groups

3001

"""

3001

"""

3002

_admin_perm = 'group.admin'

3002

_admin_perm = 'group.admin'

3003

3004

owner_row = []

3004

owner_row = []

3005

if with_owner:

3005

if with_owner:

3006

usr = AttributeDict(self.user.get_dict())

3006

usr = AttributeDict(self.user.get_dict())

3007

usr.owner_row = True

3007

usr.owner_row = True

3008

usr.permission = _admin_perm

3008

usr.permission = _admin_perm

3009

owner_row.append(usr)

3009

owner_row.append(usr)

3010

3011

super_admin_ids = []

3011

super_admin_ids = []

3012

super_admin_rows = []

3012

super_admin_rows = []

3013

if with_admins:

3013

if with_admins:

3014

for usr in User.get_all_super_admins():

3014

for usr in User.get_all_super_admins():

3015

super_admin_ids.append(usr.user_id)

3015

super_admin_ids.append(usr.user_id)

3016

# if this admin is also owner, don't double the record

3016

# if this admin is also owner, don't double the record

3017

if usr.user_id == owner_row[0].user_id:

3017

if usr.user_id == owner_row[0].user_id:

3018

owner_row[0].admin_row = True

3018

owner_row[0].admin_row = True

3019

else:

3019

else:

3020

usr = AttributeDict(usr.get_dict())

3020

usr = AttributeDict(usr.get_dict())

3021

usr.admin_row = True

3021

usr.admin_row = True

3022

usr.permission = _admin_perm

3022

usr.permission = _admin_perm

3023

super_admin_rows.append(usr)

3023

super_admin_rows.append(usr)

3024

3025

q = UserRepoGroupToPerm.query().filter(UserRepoGroupToPerm.group == self)

3025

q = UserRepoGroupToPerm.query().filter(UserRepoGroupToPerm.group == self)

3026

q = q.options(joinedload(UserRepoGroupToPerm.group),

3026

q = q.options(joinedload(UserRepoGroupToPerm.group),

3027

joinedload(UserRepoGroupToPerm.user),

3027

joinedload(UserRepoGroupToPerm.user),

3028

joinedload(UserRepoGroupToPerm.permission),)

3028

joinedload(UserRepoGroupToPerm.permission),)

3029

3030

# get owners and admins and permissions. We do a trick of re-writing

3030

# get owners and admins and permissions. We do a trick of re-writing

3031

# objects from sqlalchemy to named-tuples due to sqlalchemy session

3031

# objects from sqlalchemy to named-tuples due to sqlalchemy session

3032

# has a global reference and changing one object propagates to all

3032

# has a global reference and changing one object propagates to all

3033

# others. This means if admin is also an owner admin_row that change

3033

# others. This means if admin is also an owner admin_row that change

3034

# would propagate to both objects

3034

# would propagate to both objects

3035

perm_rows = []

3035

perm_rows = []

3036

for _usr in q.all():

3036

for _usr in q.all():

3037

usr = AttributeDict(_usr.user.get_dict())

3037

usr = AttributeDict(_usr.user.get_dict())

3038

# if this user is also owner/admin, mark as duplicate record

3038

# if this user is also owner/admin, mark as duplicate record

3039

if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:

3039

if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:

3040

usr.duplicate_perm = True

3040

usr.duplicate_perm = True

3041

usr.permission = _usr.permission.permission_name

3041

usr.permission = _usr.permission.permission_name

3042

perm_rows.append(usr)

3042

perm_rows.append(usr)

3043

3044

# filter the perm rows by 'default' first and then sort them by

3044

# filter the perm rows by 'default' first and then sort them by

3045

# admin,write,read,none permissions sorted again alphabetically in

3045

# admin,write,read,none permissions sorted again alphabetically in

3046

# each group

3046

# each group

3047

perm_rows = sorted(perm_rows, key=display_user_sort)

3047

perm_rows = sorted(perm_rows, key=display_user_sort)

3048

3049

user_groups_rows = []

3049

user_groups_rows = []

3050

if expand_from_user_groups:

3050

if expand_from_user_groups:

3051

for ug in self.permission_user_groups(with_members=True):

3051

for ug in self.permission_user_groups(with_members=True):

3052

for user_data in ug.members:

3052

for user_data in ug.members:

3053

user_groups_rows.append(user_data)

3053

user_groups_rows.append(user_data)

3054

3055

return super_admin_rows + owner_row + perm_rows + user_groups_rows

3055

return super_admin_rows + owner_row + perm_rows + user_groups_rows

3056

3057

def permission_user_groups(self, with_members=False):

3057

def permission_user_groups(self, with_members=False):

3058

q = UserGroupRepoGroupToPerm.query()\

3058

q = UserGroupRepoGroupToPerm.query()\

3059

.filter(UserGroupRepoGroupToPerm.group == self)

3059

.filter(UserGroupRepoGroupToPerm.group == self)

3060

q = q.options(joinedload(UserGroupRepoGroupToPerm.group),

3060

q = q.options(joinedload(UserGroupRepoGroupToPerm.group),

3061

joinedload(UserGroupRepoGroupToPerm.users_group),

3061

joinedload(UserGroupRepoGroupToPerm.users_group),

3062

joinedload(UserGroupRepoGroupToPerm.permission),)

3062

joinedload(UserGroupRepoGroupToPerm.permission),)

3063

3064

perm_rows = []

3064

perm_rows = []

3065

for _user_group in q.all():

3065

for _user_group in q.all():

3066

entry = AttributeDict(_user_group.users_group.get_dict())

3066

entry = AttributeDict(_user_group.users_group.get_dict())

3067

entry.permission = _user_group.permission.permission_name

3067

entry.permission = _user_group.permission.permission_name

3068

if with_members:

3068

if with_members:

3069

entry.members = [x.user.get_dict()

3069

entry.members = [x.user.get_dict()

3070

for x in _user_group.users_group.members]

3070

for x in _user_group.users_group.members]

3071

perm_rows.append(entry)

3071

perm_rows.append(entry)

3072

3073

perm_rows = sorted(perm_rows, key=display_user_group_sort)

3073

perm_rows = sorted(perm_rows, key=display_user_group_sort)

3074

return perm_rows

3074

return perm_rows

3075

3076

def get_api_data(self):

3076

def get_api_data(self):

3077

"""

3077

"""

3078

Common function for generating api data

3078

Common function for generating api data

3079

3080

"""

3080

"""

3081

group = self

3081

group = self

3082

data = {

3082

data = {

3083

'group_id': group.group_id,

3083

'group_id': group.group_id,

3084

'group_name': group.group_name,

3084

'group_name': group.group_name,

3085

'group_description': group.description_safe,

3085

'group_description': group.description_safe,

3086

'parent_group': group.parent_group.group_name if group.parent_group else None,

3086

'parent_group': group.parent_group.group_name if group.parent_group else None,

3087

'repositories': [x.repo_name for x in group.repositories],

3087

'repositories': [x.repo_name for x in group.repositories],

3088

'owner': group.user.username,

3088

'owner': group.user.username,

3089

}

3089

}

3090

return data

3090

return data

3091

3092

def get_dict(self):

3092

def get_dict(self):

3093

# Since we transformed `group_name` to a hybrid property, we need to

3093

# Since we transformed `group_name` to a hybrid property, we need to

3094

# keep compatibility with the code which uses `group_name` field.

3094

# keep compatibility with the code which uses `group_name` field.

3095

result = super(RepoGroup, self).get_dict()

3095

result = super(RepoGroup, self).get_dict()

3096

result['group_name'] = result.pop('_group_name', None)

3096

result['group_name'] = result.pop('_group_name', None)

3097

return result

3097

return result

3098

3099

3100

class Permission(Base, BaseModel):

3100

class Permission(Base, BaseModel):

3101

__tablename__ = 'permissions'

3101

__tablename__ = 'permissions'

3102

__table_args__ = (

3102

__table_args__ = (

3103

Index('p_perm_name_idx', 'permission_name'),

3103

Index('p_perm_name_idx', 'permission_name'),

3104

base_table_args,

3104

base_table_args,

3105

)

3105

)

3106

3107

PERMS = [

3107

PERMS = [

3108

('hg.admin', _('RhodeCode Super Administrator')),

3108

('hg.admin', _('RhodeCode Super Administrator')),

3109

3110

('repository.none', _('Repository no access')),

3110

('repository.none', _('Repository no access')),

3111

('repository.read', _('Repository read access')),

3111

('repository.read', _('Repository read access')),

3112

('repository.write', _('Repository write access')),

3112

('repository.write', _('Repository write access')),

3113

('repository.admin', _('Repository admin access')),

3113

('repository.admin', _('Repository admin access')),

3114

3115

('group.none', _('Repository group no access')),

3115

('group.none', _('Repository group no access')),

3116

('group.read', _('Repository group read access')),

3116

('group.read', _('Repository group read access')),

3117

('group.write', _('Repository group write access')),

3117

('group.write', _('Repository group write access')),

3118

('group.admin', _('Repository group admin access')),

3118

('group.admin', _('Repository group admin access')),

3119

3120

('usergroup.none', _('User group no access')),

3120

('usergroup.none', _('User group no access')),

3121

('usergroup.read', _('User group read access')),

3121

('usergroup.read', _('User group read access')),

3122

('usergroup.write', _('User group write access')),

3122

('usergroup.write', _('User group write access')),

3123

('usergroup.admin', _('User group admin access')),

3123

('usergroup.admin', _('User group admin access')),

3124

3125

('branch.none', _('Branch no permissions')),

3125

('branch.none', _('Branch no permissions')),

3126

('branch.merge', _('Branch access by web merge')),

3126

('branch.merge', _('Branch access by web merge')),

3127

('branch.push', _('Branch access by push')),

3127

('branch.push', _('Branch access by push')),

3128

('branch.push_force', _('Branch access by push with force')),

3128

('branch.push_force', _('Branch access by push with force')),

3129

3130

('hg.repogroup.create.false', _('Repository Group creation disabled')),

3130

('hg.repogroup.create.false', _('Repository Group creation disabled')),

3131

('hg.repogroup.create.true', _('Repository Group creation enabled')),

3131

('hg.repogroup.create.true', _('Repository Group creation enabled')),

3132

3133

('hg.usergroup.create.false', _('User Group creation disabled')),

3133

('hg.usergroup.create.false', _('User Group creation disabled')),

3134

('hg.usergroup.create.true', _('User Group creation enabled')),

3134

('hg.usergroup.create.true', _('User Group creation enabled')),

3135

3136

('hg.create.none', _('Repository creation disabled')),

3136

('hg.create.none', _('Repository creation disabled')),

3137

('hg.create.repository', _('Repository creation enabled')),

3137

('hg.create.repository', _('Repository creation enabled')),

3138

('hg.create.write_on_repogroup.true', _('Repository creation enabled with write permission to a repository group')),

3138

('hg.create.write_on_repogroup.true', _('Repository creation enabled with write permission to a repository group')),

3139

('hg.create.write_on_repogroup.false', _('Repository creation disabled with write permission to a repository group')),

3139

('hg.create.write_on_repogroup.false', _('Repository creation disabled with write permission to a repository group')),

3140

3141

('hg.fork.none', _('Repository forking disabled')),

3141

('hg.fork.none', _('Repository forking disabled')),

3142

('hg.fork.repository', _('Repository forking enabled')),

3142

('hg.fork.repository', _('Repository forking enabled')),

3143

3144

('hg.register.none', _('Registration disabled')),

3144

('hg.register.none', _('Registration disabled')),

3145

('hg.register.manual_activate', _('User Registration with manual account activation')),

3145

('hg.register.manual_activate', _('User Registration with manual account activation')),

3146

('hg.register.auto_activate', _('User Registration with automatic account activation')),

3146

('hg.register.auto_activate', _('User Registration with automatic account activation')),

3147

3148

('hg.password_reset.enabled', _('Password reset enabled')),

3148

('hg.password_reset.enabled', _('Password reset enabled')),

3149

('hg.password_reset.hidden', _('Password reset hidden')),

3149

('hg.password_reset.hidden', _('Password reset hidden')),

3150

('hg.password_reset.disabled', _('Password reset disabled')),

3150

('hg.password_reset.disabled', _('Password reset disabled')),

3151

3152

('hg.extern_activate.manual', _('Manual activation of external account')),

3152

('hg.extern_activate.manual', _('Manual activation of external account')),

3153

('hg.extern_activate.auto', _('Automatic activation of external account')),

3153

('hg.extern_activate.auto', _('Automatic activation of external account')),

3154

3155

('hg.inherit_default_perms.false', _('Inherit object permissions from default user disabled')),

3155

('hg.inherit_default_perms.false', _('Inherit object permissions from default user disabled')),

3156

('hg.inherit_default_perms.true', _('Inherit object permissions from default user enabled')),

3156

('hg.inherit_default_perms.true', _('Inherit object permissions from default user enabled')),

3157

]

3157

]

3158

3159

# definition of system default permissions for DEFAULT user, created on

3159

# definition of system default permissions for DEFAULT user, created on

3160

# system setup

3160

# system setup

3161

DEFAULT_USER_PERMISSIONS = [

3161

DEFAULT_USER_PERMISSIONS = [

3162

# object perms

3162

# object perms

3163

'repository.read',

3163

'repository.read',

3164

'group.read',

3164

'group.read',

3165

'usergroup.read',

3165

'usergroup.read',

3166

# branch, for backward compat we need same value as before so forced pushed

3166

# branch, for backward compat we need same value as before so forced pushed

3167

'branch.push_force',

3167

'branch.push_force',

3168

# global

3168

# global

3169

'hg.create.repository',

3169

'hg.create.repository',

3170

'hg.repogroup.create.false',

3170

'hg.repogroup.create.false',

3171

'hg.usergroup.create.false',

3171

'hg.usergroup.create.false',

3172

'hg.create.write_on_repogroup.true',

3172

'hg.create.write_on_repogroup.true',

3173

'hg.fork.repository',

3173

'hg.fork.repository',

3174

'hg.register.manual_activate',

3174

'hg.register.manual_activate',

3175

'hg.password_reset.enabled',

3175

'hg.password_reset.enabled',

3176

'hg.extern_activate.auto',

3176

'hg.extern_activate.auto',

3177

'hg.inherit_default_perms.true',

3177

'hg.inherit_default_perms.true',

3178

]

3178

]

3179

3180

# defines which permissions are more important higher the more important

3180

# defines which permissions are more important higher the more important

3181

# Weight defines which permissions are more important.

3181

# Weight defines which permissions are more important.

3182

# The higher number the more important.

3182

# The higher number the more important.

3183

PERM_WEIGHTS = {

3183

PERM_WEIGHTS = {

3184

'repository.none': 0,

3184

'repository.none': 0,

3185

'repository.read': 1,

3185

'repository.read': 1,

3186

'repository.write': 3,

3186

'repository.write': 3,

3187

'repository.admin': 4,

3187

'repository.admin': 4,

3188

3189

'group.none': 0,

3189

'group.none': 0,

3190

'group.read': 1,

3190

'group.read': 1,

3191

'group.write': 3,

3191

'group.write': 3,

3192

'group.admin': 4,

3192

'group.admin': 4,

3193

3194

'usergroup.none': 0,

3194

'usergroup.none': 0,

3195

'usergroup.read': 1,

3195

'usergroup.read': 1,

3196

'usergroup.write': 3,

3196

'usergroup.write': 3,

3197

'usergroup.admin': 4,

3197

'usergroup.admin': 4,

3198

3199

'branch.none': 0,

3199

'branch.none': 0,

3200

'branch.merge': 1,

3200

'branch.merge': 1,

3201

'branch.push': 3,

3201

'branch.push': 3,

3202

'branch.push_force': 4,

3202

'branch.push_force': 4,

3203

3204

'hg.repogroup.create.false': 0,

3204

'hg.repogroup.create.false': 0,

3205

'hg.repogroup.create.true': 1,

3205

'hg.repogroup.create.true': 1,

3206

3207

'hg.usergroup.create.false': 0,

3207

'hg.usergroup.create.false': 0,

3208

'hg.usergroup.create.true': 1,

3208

'hg.usergroup.create.true': 1,

3209

3210

'hg.fork.none': 0,

3210

'hg.fork.none': 0,

3211

'hg.fork.repository': 1,

3211

'hg.fork.repository': 1,

3212

'hg.create.none': 0,

3212

'hg.create.none': 0,

3213

'hg.create.repository': 1

3213

'hg.create.repository': 1

3214

}

3214

}

3215

3216

permission_id = Column("permission_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

3216

permission_id = Column("permission_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

3217

permission_name = Column("permission_name", String(255), nullable=True, unique=None, default=None)

3217

permission_name = Column("permission_name", String(255), nullable=True, unique=None, default=None)

3218

permission_longname = Column("permission_longname", String(255), nullable=True, unique=None, default=None)

3218

permission_longname = Column("permission_longname", String(255), nullable=True, unique=None, default=None)

3219

3220

def __unicode__(self):

3220

def __unicode__(self):

3221

return u"<%s('%s:%s')>" % (

3221

return u"<%s('%s:%s')>" % (

3222

self.__class__.__name__, self.permission_id, self.permission_name

3222

self.__class__.__name__, self.permission_id, self.permission_name

3223

)

3223

)

3224

3225

@classmethod

3225

@classmethod

3226

def get_by_key(cls, key):

3226

def get_by_key(cls, key):

3227

return cls.query().filter(cls.permission_name == key).scalar()

3227

return cls.query().filter(cls.permission_name == key).scalar()

3228

3229

@classmethod

3229

@classmethod

3230

def get_default_repo_perms(cls, user_id, repo_id=None):

3230

def get_default_repo_perms(cls, user_id, repo_id=None):

3231

q = Session().query(UserRepoToPerm, Repository, Permission)\

3231

q = Session().query(UserRepoToPerm, Repository, Permission)\

3232

.join((Permission, UserRepoToPerm.permission_id == Permission.permission_id))\

3232

.join((Permission, UserRepoToPerm.permission_id == Permission.permission_id))\

3233

.join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\

3233

.join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\

3234

.filter(UserRepoToPerm.user_id == user_id)

3234

.filter(UserRepoToPerm.user_id == user_id)

3235

if repo_id:

3235

if repo_id:

3236

q = q.filter(UserRepoToPerm.repository_id == repo_id)

3236

q = q.filter(UserRepoToPerm.repository_id == repo_id)

3237

return q.all()

3237

return q.all()

3238

3239

@classmethod

3239

@classmethod

3240

def get_default_repo_branch_perms(cls, user_id, repo_id=None):

3240

def get_default_repo_branch_perms(cls, user_id, repo_id=None):

3241

q = Session().query(UserToRepoBranchPermission, UserRepoToPerm, Permission) \

3241

q = Session().query(UserToRepoBranchPermission, UserRepoToPerm, Permission) \

3242

.join(

3242

.join(

3243

Permission,

3243

Permission,

3244

UserToRepoBranchPermission.permission_id == Permission.permission_id) \

3244

UserToRepoBranchPermission.permission_id == Permission.permission_id) \

3245

.join(

3245

.join(

3246

UserRepoToPerm,

3246

UserRepoToPerm,

3247

UserToRepoBranchPermission.rule_to_perm_id == UserRepoToPerm.repo_to_perm_id) \

3247

UserToRepoBranchPermission.rule_to_perm_id == UserRepoToPerm.repo_to_perm_id) \

3248

.filter(UserRepoToPerm.user_id == user_id)

3248

.filter(UserRepoToPerm.user_id == user_id)

3249

3250

if repo_id:

3250

if repo_id:

3251

q = q.filter(UserToRepoBranchPermission.repository_id == repo_id)

3251

q = q.filter(UserToRepoBranchPermission.repository_id == repo_id)

3252

return q.order_by(UserToRepoBranchPermission.rule_order).all()

3252

return q.order_by(UserToRepoBranchPermission.rule_order).all()

3253

3254

@classmethod

3254

@classmethod

3255

def get_default_repo_perms_from_user_group(cls, user_id, repo_id=None):

3255

def get_default_repo_perms_from_user_group(cls, user_id, repo_id=None):

3256

q = Session().query(UserGroupRepoToPerm, Repository, Permission)\

3256

q = Session().query(UserGroupRepoToPerm, Repository, Permission)\

3257

.join(

3257

.join(

3258

Permission,

3258

Permission,

3259

UserGroupRepoToPerm.permission_id == Permission.permission_id)\

3259

UserGroupRepoToPerm.permission_id == Permission.permission_id)\

3260

.join(

3260

.join(

3261

Repository,

3261

Repository,

3262

UserGroupRepoToPerm.repository_id == Repository.repo_id)\

3262

UserGroupRepoToPerm.repository_id == Repository.repo_id)\

3263

.join(

3263

.join(

3264

UserGroup,

3264

UserGroup,

3265

UserGroupRepoToPerm.users_group_id ==

3265

UserGroupRepoToPerm.users_group_id ==

3266

UserGroup.users_group_id)\

3266

UserGroup.users_group_id)\

3267

.join(

3267

.join(

3268

UserGroupMember,

3268

UserGroupMember,

3269

UserGroupRepoToPerm.users_group_id ==

3269

UserGroupRepoToPerm.users_group_id ==

3270

UserGroupMember.users_group_id)\

3270

UserGroupMember.users_group_id)\

3271

.filter(

3271

.filter(

3272

UserGroupMember.user_id == user_id,

3272

UserGroupMember.user_id == user_id,

3273

UserGroup.users_group_active == true())

3273

UserGroup.users_group_active == true())

3274

if repo_id:

3274

if repo_id:

3275

q = q.filter(UserGroupRepoToPerm.repository_id == repo_id)

3275

q = q.filter(UserGroupRepoToPerm.repository_id == repo_id)

3276

return q.all()

3276

return q.all()

3277

3278

@classmethod

3278

@classmethod

3279

def get_default_repo_branch_perms_from_user_group(cls, user_id, repo_id=None):

3279

def get_default_repo_branch_perms_from_user_group(cls, user_id, repo_id=None):

3280

q = Session().query(UserGroupToRepoBranchPermission, UserGroupRepoToPerm, Permission) \

3280

q = Session().query(UserGroupToRepoBranchPermission, UserGroupRepoToPerm, Permission) \

3281

.join(

3281

.join(

3282

Permission,

3282

Permission,

3283

UserGroupToRepoBranchPermission.permission_id == Permission.permission_id) \

3283

UserGroupToRepoBranchPermission.permission_id == Permission.permission_id) \

3284

.join(

3284

.join(

3285

UserGroupRepoToPerm,

3285

UserGroupRepoToPerm,

3286

UserGroupToRepoBranchPermission.rule_to_perm_id == UserGroupRepoToPerm.users_group_to_perm_id) \

3286

UserGroupToRepoBranchPermission.rule_to_perm_id == UserGroupRepoToPerm.users_group_to_perm_id) \

3287

.join(

3287

.join(

3288

UserGroup,

3288

UserGroup,

3289

UserGroupRepoToPerm.users_group_id == UserGroup.users_group_id) \

3289

UserGroupRepoToPerm.users_group_id == UserGroup.users_group_id) \

3290

.join(

3290

.join(

3291

UserGroupMember,

3291

UserGroupMember,

3292

UserGroupRepoToPerm.users_group_id == UserGroupMember.users_group_id) \

3292

UserGroupRepoToPerm.users_group_id == UserGroupMember.users_group_id) \

3293

.filter(

3293

.filter(

3294

UserGroupMember.user_id == user_id,

3294

UserGroupMember.user_id == user_id,

3295

UserGroup.users_group_active == true())

3295

UserGroup.users_group_active == true())

3296

3297

if repo_id:

3297

if repo_id:

3298

q = q.filter(UserGroupToRepoBranchPermission.repository_id == repo_id)

3298

q = q.filter(UserGroupToRepoBranchPermission.repository_id == repo_id)

3299

return q.order_by(UserGroupToRepoBranchPermission.rule_order).all()

3299

return q.order_by(UserGroupToRepoBranchPermission.rule_order).all()

3300

3301

@classmethod

3301

@classmethod

3302

def get_default_group_perms(cls, user_id, repo_group_id=None):

3302

def get_default_group_perms(cls, user_id, repo_group_id=None):

3303

q = Session().query(UserRepoGroupToPerm, RepoGroup, Permission)\

3303

q = Session().query(UserRepoGroupToPerm, RepoGroup, Permission)\

3304

.join(

3304

.join(

3305

Permission,

3305

Permission,

3306

UserRepoGroupToPerm.permission_id == Permission.permission_id)\

3306

UserRepoGroupToPerm.permission_id == Permission.permission_id)\

3307

.join(

3307

.join(

3308

RepoGroup,

3308

RepoGroup,

3309

UserRepoGroupToPerm.group_id == RepoGroup.group_id)\

3309

UserRepoGroupToPerm.group_id == RepoGroup.group_id)\

3310

.filter(UserRepoGroupToPerm.user_id == user_id)

3310

.filter(UserRepoGroupToPerm.user_id == user_id)

3311

if repo_group_id:

3311

if repo_group_id:

3312

q = q.filter(UserRepoGroupToPerm.group_id == repo_group_id)

3312

q = q.filter(UserRepoGroupToPerm.group_id == repo_group_id)

3313

return q.all()

3313

return q.all()

3314

3315

@classmethod

3315

@classmethod

3316

def get_default_group_perms_from_user_group(

3316

def get_default_group_perms_from_user_group(

3317

cls, user_id, repo_group_id=None):

3317

cls, user_id, repo_group_id=None):

3318

q = Session().query(UserGroupRepoGroupToPerm, RepoGroup, Permission)\

3318

q = Session().query(UserGroupRepoGroupToPerm, RepoGroup, Permission)\

3319

.join(

3319

.join(

3320

Permission,

3320

Permission,

3321

UserGroupRepoGroupToPerm.permission_id ==

3321

UserGroupRepoGroupToPerm.permission_id ==

3322

Permission.permission_id)\

3322

Permission.permission_id)\

3323

.join(

3323

.join(

3324

RepoGroup,

3324

RepoGroup,

3325

UserGroupRepoGroupToPerm.group_id == RepoGroup.group_id)\

3325

UserGroupRepoGroupToPerm.group_id == RepoGroup.group_id)\

3326

.join(

3326

.join(

3327

UserGroup,

3327

UserGroup,

3328

UserGroupRepoGroupToPerm.users_group_id ==

3328

UserGroupRepoGroupToPerm.users_group_id ==

3329

UserGroup.users_group_id)\

3329

UserGroup.users_group_id)\

3330

.join(

3330

.join(

3331

UserGroupMember,

3331

UserGroupMember,

3332

UserGroupRepoGroupToPerm.users_group_id ==

3332

UserGroupRepoGroupToPerm.users_group_id ==

3333

UserGroupMember.users_group_id)\

3333

UserGroupMember.users_group_id)\

3334

.filter(

3334

.filter(

3335

UserGroupMember.user_id == user_id,

3335

UserGroupMember.user_id == user_id,

3336

UserGroup.users_group_active == true())

3336

UserGroup.users_group_active == true())

3337

if repo_group_id:

3337

if repo_group_id:

3338

q = q.filter(UserGroupRepoGroupToPerm.group_id == repo_group_id)

3338

q = q.filter(UserGroupRepoGroupToPerm.group_id == repo_group_id)

3339

return q.all()

3339

return q.all()

3340

3341

@classmethod

3341

@classmethod

3342

def get_default_user_group_perms(cls, user_id, user_group_id=None):

3342

def get_default_user_group_perms(cls, user_id, user_group_id=None):

3343

q = Session().query(UserUserGroupToPerm, UserGroup, Permission)\

3343

q = Session().query(UserUserGroupToPerm, UserGroup, Permission)\

3344

.join((Permission, UserUserGroupToPerm.permission_id == Permission.permission_id))\

3344

.join((Permission, UserUserGroupToPerm.permission_id == Permission.permission_id))\

3345

.join((UserGroup, UserUserGroupToPerm.user_group_id == UserGroup.users_group_id))\

3345

.join((UserGroup, UserUserGroupToPerm.user_group_id == UserGroup.users_group_id))\

3346

.filter(UserUserGroupToPerm.user_id == user_id)

3346

.filter(UserUserGroupToPerm.user_id == user_id)

3347

if user_group_id:

3347

if user_group_id:

3348

q = q.filter(UserUserGroupToPerm.user_group_id == user_group_id)

3348

q = q.filter(UserUserGroupToPerm.user_group_id == user_group_id)

3349

return q.all()

3349

return q.all()

3350

3351

@classmethod

3351

@classmethod

3352

def get_default_user_group_perms_from_user_group(

3352

def get_default_user_group_perms_from_user_group(

3353

cls, user_id, user_group_id=None):

3353

cls, user_id, user_group_id=None):

3354

TargetUserGroup = aliased(UserGroup, name='target_user_group')

3354

TargetUserGroup = aliased(UserGroup, name='target_user_group')

3355

q = Session().query(UserGroupUserGroupToPerm, UserGroup, Permission)\

3355

q = Session().query(UserGroupUserGroupToPerm, UserGroup, Permission)\

3356

.join(

3356

.join(

3357

Permission,

3357

Permission,

3358

UserGroupUserGroupToPerm.permission_id ==

3358

UserGroupUserGroupToPerm.permission_id ==

3359

Permission.permission_id)\

3359

Permission.permission_id)\

3360

.join(

3360

.join(

3361

TargetUserGroup,

3361

TargetUserGroup,

3362

UserGroupUserGroupToPerm.target_user_group_id ==

3362

UserGroupUserGroupToPerm.target_user_group_id ==

3363

TargetUserGroup.users_group_id)\

3363

TargetUserGroup.users_group_id)\

3364

.join(

3364

.join(

3365

UserGroup,

3365

UserGroup,

3366

UserGroupUserGroupToPerm.user_group_id ==

3366

UserGroupUserGroupToPerm.user_group_id ==

3367

UserGroup.users_group_id)\

3367

UserGroup.users_group_id)\

3368

.join(

3368

.join(

3369

UserGroupMember,

3369

UserGroupMember,

3370

UserGroupUserGroupToPerm.user_group_id ==

3370

UserGroupUserGroupToPerm.user_group_id ==

3371

UserGroupMember.users_group_id)\

3371

UserGroupMember.users_group_id)\

3372

.filter(

3372

.filter(

3373

UserGroupMember.user_id == user_id,

3373

UserGroupMember.user_id == user_id,

3374

UserGroup.users_group_active == true())

3374

UserGroup.users_group_active == true())

3375

if user_group_id:

3375

if user_group_id:

3376

q = q.filter(

3376

q = q.filter(

3377

UserGroupUserGroupToPerm.user_group_id == user_group_id)

3377

UserGroupUserGroupToPerm.user_group_id == user_group_id)

3378

3379

return q.all()

3379

return q.all()

3380

3381

3382

class UserRepoToPerm(Base, BaseModel):

3382

class UserRepoToPerm(Base, BaseModel):

3383

__tablename__ = 'repo_to_perm'

3383

__tablename__ = 'repo_to_perm'

3384

__table_args__ = (

3384

__table_args__ = (

3385

UniqueConstraint('user_id', 'repository_id', 'permission_id'),

3385

UniqueConstraint('user_id', 'repository_id', 'permission_id'),

3386

base_table_args

3386

base_table_args

3387

)

3387

)

3388

3389

repo_to_perm_id = Column("repo_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

3389

repo_to_perm_id = Column("repo_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

3390

user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)

3390

user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)

3391

permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

3391

permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

3392

repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)

3392

repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)

3393

3394

user = relationship('User')

3394

user = relationship('User')

3395

repository = relationship('Repository')

3395

repository = relationship('Repository')

3396

permission = relationship('Permission')

3396

permission = relationship('Permission')

3397

3398

branch_perm_entry = relationship('UserToRepoBranchPermission', cascade="all, delete-orphan", lazy='joined')

3398

branch_perm_entry = relationship('UserToRepoBranchPermission', cascade="all, delete-orphan", lazy='joined')

3399

3400

@classmethod

3400

@classmethod

3401

def create(cls, user, repository, permission):

3401

def create(cls, user, repository, permission):

3402

n = cls()

3402

n = cls()

3403

n.user = user

3403

n.user = user

3404

n.repository = repository

3404

n.repository = repository

3405

n.permission = permission

3405

n.permission = permission

3406

Session().add(n)

3406

Session().add(n)

3407

return n

3407

return n

3408

3409

def __unicode__(self):

3409

def __unicode__(self):

3410

return u'<%s => %s >' % (self.user, self.repository)

3410

return u'<%s => %s >' % (self.user, self.repository)

3411

3412

3413

class UserUserGroupToPerm(Base, BaseModel):

3413

class UserUserGroupToPerm(Base, BaseModel):

3414

__tablename__ = 'user_user_group_to_perm'

3414

__tablename__ = 'user_user_group_to_perm'

3415

__table_args__ = (

3415

__table_args__ = (

3416

UniqueConstraint('user_id', 'user_group_id', 'permission_id'),

3416

UniqueConstraint('user_id', 'user_group_id', 'permission_id'),

3417

base_table_args

3417

base_table_args

3418

)

3418

)

3419

3420

user_user_group_to_perm_id = Column("user_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

3420

user_user_group_to_perm_id = Column("user_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

3421

user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)

3421

user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)

3422

permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

3422

permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

3423

user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)

3423

user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)

3424

3425

user = relationship('User')

3425

user = relationship('User')

3426

user_group = relationship('UserGroup')

3426

user_group = relationship('UserGroup')

3427

permission = relationship('Permission')

3427

permission = relationship('Permission')

3428

3429

@classmethod

3429

@classmethod

3430

def create(cls, user, user_group, permission):

3430

def create(cls, user, user_group, permission):

3431

n = cls()

3431

n = cls()

3432

n.user = user

3432

n.user = user

3433

n.user_group = user_group

3433

n.user_group = user_group

3434

n.permission = permission

3434

n.permission = permission

3435

Session().add(n)

3435

Session().add(n)

3436

return n

3436

return n

3437

3438

def __unicode__(self):

3438

def __unicode__(self):

3439

return u'<%s => %s >' % (self.user, self.user_group)

3439

return u'<%s => %s >' % (self.user, self.user_group)

3440

3441

3442

class UserToPerm(Base, BaseModel):

3442

class UserToPerm(Base, BaseModel):

3443

__tablename__ = 'user_to_perm'

3443

__tablename__ = 'user_to_perm'

3444

__table_args__ = (

3444

__table_args__ = (

3445

UniqueConstraint('user_id', 'permission_id'),

3445

UniqueConstraint('user_id', 'permission_id'),

3446

base_table_args

3446

base_table_args

3447

)

3447

)

3448

3449

user_to_perm_id = Column("user_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

3449

user_to_perm_id = Column("user_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

3450

user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)

3450

user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)

3451

permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

3451

permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

3452

3453

user = relationship('User')

3453

user = relationship('User')

3454

permission = relationship('Permission', lazy='joined')

3454

permission = relationship('Permission', lazy='joined')

3455

3456

def __unicode__(self):

3456

def __unicode__(self):

3457

return u'<%s => %s >' % (self.user, self.permission)

3457

return u'<%s => %s >' % (self.user, self.permission)

3458

3459

3460

class UserGroupRepoToPerm(Base, BaseModel):

3460

class UserGroupRepoToPerm(Base, BaseModel):

3461

__tablename__ = 'users_group_repo_to_perm'

3461

__tablename__ = 'users_group_repo_to_perm'

3462

__table_args__ = (

3462

__table_args__ = (

3463

UniqueConstraint('repository_id', 'users_group_id', 'permission_id'),

3463

UniqueConstraint('repository_id', 'users_group_id', 'permission_id'),

3464

base_table_args

3464

base_table_args

3465

)

3465

)

3466

3467

users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

3467

users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

3468

users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)

3468

users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)

3469

permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

3469

permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

3470

repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)

3470

repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)

3471

3472

users_group = relationship('UserGroup')

3472

users_group = relationship('UserGroup')

3473

permission = relationship('Permission')

3473

permission = relationship('Permission')

3474

repository = relationship('Repository')

3474

repository = relationship('Repository')

3475

user_group_branch_perms = relationship('UserGroupToRepoBranchPermission', cascade='all')

3475

user_group_branch_perms = relationship('UserGroupToRepoBranchPermission', cascade='all')

3476

3477

@classmethod

3477

@classmethod

3478

def create(cls, users_group, repository, permission):

3478

def create(cls, users_group, repository, permission):

3479

n = cls()

3479

n = cls()

3480

n.users_group = users_group

3480

n.users_group = users_group

3481

n.repository = repository

3481

n.repository = repository

3482

n.permission = permission

3482

n.permission = permission

3483

Session().add(n)

3483

Session().add(n)

3484

return n

3484

return n

3485

3486

def __unicode__(self):

3486

def __unicode__(self):

3487

return u'<UserGroupRepoToPerm:%s => %s >' % (self.users_group, self.repository)

3487

return u'<UserGroupRepoToPerm:%s => %s >' % (self.users_group, self.repository)

3488

3489

3490

class UserGroupUserGroupToPerm(Base, BaseModel):

3490

class UserGroupUserGroupToPerm(Base, BaseModel):

3491

__tablename__ = 'user_group_user_group_to_perm'

3491

__tablename__ = 'user_group_user_group_to_perm'

3492

__table_args__ = (

3492

__table_args__ = (

3493

UniqueConstraint('target_user_group_id', 'user_group_id', 'permission_id'),

3493

UniqueConstraint('target_user_group_id', 'user_group_id', 'permission_id'),

3494

CheckConstraint('target_user_group_id != user_group_id'),

3494

CheckConstraint('target_user_group_id != user_group_id'),

3495

base_table_args

3495

base_table_args

3496

)

3496

)

3497

3498

user_group_user_group_to_perm_id = Column("user_group_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

3498

user_group_user_group_to_perm_id = Column("user_group_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

3499

target_user_group_id = Column("target_user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)

3499

target_user_group_id = Column("target_user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)

3500

permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

3500

permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

3501

user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)

3501

user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)

3502

3503

target_user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id')

3503

target_user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id')

3504

user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.user_group_id==UserGroup.users_group_id')

3504

user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.user_group_id==UserGroup.users_group_id')

3505

permission = relationship('Permission')

3505

permission = relationship('Permission')

3506

3507

@classmethod

3507

@classmethod

3508

def create(cls, target_user_group, user_group, permission):

3508

def create(cls, target_user_group, user_group, permission):

3509

n = cls()

3509

n = cls()

3510

n.target_user_group = target_user_group

3510

n.target_user_group = target_user_group

3511

n.user_group = user_group

3511

n.user_group = user_group

3512

n.permission = permission

3512

n.permission = permission

3513

Session().add(n)

3513

Session().add(n)

3514

return n

3514

return n

3515

3516

def __unicode__(self):

3516

def __unicode__(self):

3517

return u'<UserGroupUserGroup:%s => %s >' % (self.target_user_group, self.user_group)

3517

return u'<UserGroupUserGroup:%s => %s >' % (self.target_user_group, self.user_group)

3518

3519

3520

class UserGroupToPerm(Base, BaseModel):

3520

class UserGroupToPerm(Base, BaseModel):

3521

__tablename__ = 'users_group_to_perm'

3521

__tablename__ = 'users_group_to_perm'

3522

__table_args__ = (

3522

__table_args__ = (

3523

UniqueConstraint('users_group_id', 'permission_id',),

3523

UniqueConstraint('users_group_id', 'permission_id',),

3524

base_table_args

3524

base_table_args

3525

)

3525

)

3526

3527

users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

3527

users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

3528

users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)

3528

users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)

3529

permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

3529

permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

3530

3531

users_group = relationship('UserGroup')

3531

users_group = relationship('UserGroup')

3532

permission = relationship('Permission')

3532

permission = relationship('Permission')

3533

3534

3535

class UserRepoGroupToPerm(Base, BaseModel):

3535

class UserRepoGroupToPerm(Base, BaseModel):

3536

__tablename__ = 'user_repo_group_to_perm'

3536

__tablename__ = 'user_repo_group_to_perm'

3537

__table_args__ = (

3537

__table_args__ = (

3538

UniqueConstraint('user_id', 'group_id', 'permission_id'),

3538

UniqueConstraint('user_id', 'group_id', 'permission_id'),

3539

base_table_args

3539

base_table_args

3540

)

3540

)

3541

3542

group_to_perm_id = Column("group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

3542

group_to_perm_id = Column("group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

3543

user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)

3543

user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)

3544

group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)

3544

group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)

3545

permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

3545

permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

3546

3547

user = relationship('User')

3547

user = relationship('User')

3548

group = relationship('RepoGroup')

3548

group = relationship('RepoGroup')

3549

permission = relationship('Permission')

3549

permission = relationship('Permission')

3550

3551

@classmethod

3551

@classmethod

3552

def create(cls, user, repository_group, permission):

3552

def create(cls, user, repository_group, permission):

3553

n = cls()

3553

n = cls()

3554

n.user = user

3554

n.user = user

3555

n.group = repository_group

3555

n.group = repository_group

3556

n.permission = permission

3556

n.permission = permission

3557

Session().add(n)

3557

Session().add(n)

3558

return n

3558

return n

3559

3560

3561

class UserGroupRepoGroupToPerm(Base, BaseModel):

3561

class UserGroupRepoGroupToPerm(Base, BaseModel):

3562

__tablename__ = 'users_group_repo_group_to_perm'

3562

__tablename__ = 'users_group_repo_group_to_perm'

3563

__table_args__ = (

3563

__table_args__ = (

3564

UniqueConstraint('users_group_id', 'group_id'),

3564

UniqueConstraint('users_group_id', 'group_id'),

3565

base_table_args

3565

base_table_args

3566

)

3566

)

3567

3568

users_group_repo_group_to_perm_id = Column("users_group_repo_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

3568

users_group_repo_group_to_perm_id = Column("users_group_repo_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

3569

users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)

3569

users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)

3570

group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)

3570

group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)

3571

permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

3571

permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

3572

3573

users_group = relationship('UserGroup')

3573

users_group = relationship('UserGroup')

3574

permission = relationship('Permission')

3574

permission = relationship('Permission')

3575

group = relationship('RepoGroup')

3575

group = relationship('RepoGroup')

3576

3577

@classmethod

3577

@classmethod

3578

def create(cls, user_group, repository_group, permission):

3578

def create(cls, user_group, repository_group, permission):

3579

n = cls()

3579

n = cls()

3580

n.users_group = user_group

3580

n.users_group = user_group

3581

n.group = repository_group

3581

n.group = repository_group

3582

n.permission = permission

3582

n.permission = permission

3583

Session().add(n)

3583

Session().add(n)

3584

return n

3584

return n

3585

3586

def __unicode__(self):

3586

def __unicode__(self):

3587

return u'<UserGroupRepoGroupToPerm:%s => %s >' % (self.users_group, self.group)

3587

return u'<UserGroupRepoGroupToPerm:%s => %s >' % (self.users_group, self.group)

3588

3589

3590

class Statistics(Base, BaseModel):

3590

class Statistics(Base, BaseModel):

3591

__tablename__ = 'statistics'

3591

__tablename__ = 'statistics'

3592

__table_args__ = (

3592

__table_args__ = (

3593

base_table_args

3593

base_table_args

3594

)

3594

)

3595

3596

stat_id = Column("stat_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

3596

stat_id = Column("stat_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

3597

repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=True, default=None)

3597

repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=True, default=None)

3598

stat_on_revision = Column("stat_on_revision", Integer(), nullable=False)

3598

stat_on_revision = Column("stat_on_revision", Integer(), nullable=False)

3599

commit_activity = Column("commit_activity", LargeBinary(1000000), nullable=False)#JSON data

3599

commit_activity = Column("commit_activity", LargeBinary(1000000), nullable=False)#JSON data

3600

commit_activity_combined = Column("commit_activity_combined", LargeBinary(), nullable=False)#JSON data

3600

commit_activity_combined = Column("commit_activity_combined", LargeBinary(), nullable=False)#JSON data

3601

languages = Column("languages", LargeBinary(1000000), nullable=False)#JSON data

3601

languages = Column("languages", LargeBinary(1000000), nullable=False)#JSON data

3602

3603

repository = relationship('Repository', single_parent=True)

3603

repository = relationship('Repository', single_parent=True)

3604

3605

3606

class UserFollowing(Base, BaseModel):

3606

class UserFollowing(Base, BaseModel):

3607

__tablename__ = 'user_followings'

3607

__tablename__ = 'user_followings'

3608

__table_args__ = (

3608

__table_args__ = (

3609

UniqueConstraint('user_id', 'follows_repository_id'),

3609

UniqueConstraint('user_id', 'follows_repository_id'),

3610

UniqueConstraint('user_id', 'follows_user_id'),

3610

UniqueConstraint('user_id', 'follows_user_id'),

3611

base_table_args

3611

base_table_args

3612

)

3612

)

3613

3614

user_following_id = Column("user_following_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

3614

user_following_id = Column("user_following_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

3615

user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)

3615

user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)

3616

follows_repo_id = Column("follows_repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)

3616

follows_repo_id = Column("follows_repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)

3617

follows_user_id = Column("follows_user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)

3617

follows_user_id = Column("follows_user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)

3618

follows_from = Column('follows_from', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)

3618

follows_from = Column('follows_from', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)

3619

3620

user = relationship('User', primaryjoin='User.user_id==UserFollowing.user_id')

3620

user = relationship('User', primaryjoin='User.user_id==UserFollowing.user_id')

3621

3622

follows_user = relationship('User', primaryjoin='User.user_id==UserFollowing.follows_user_id')

3622

follows_user = relationship('User', primaryjoin='User.user_id==UserFollowing.follows_user_id')

3623

follows_repository = relationship('Repository', order_by='Repository.repo_name')

3623

follows_repository = relationship('Repository', order_by='Repository.repo_name')

3624

3625

@classmethod

3625

@classmethod

3626

def get_repo_followers(cls, repo_id):

3626

def get_repo_followers(cls, repo_id):

3627

return cls.query().filter(cls.follows_repo_id == repo_id)

3627

return cls.query().filter(cls.follows_repo_id == repo_id)

3628

3629

3630

class CacheKey(Base, BaseModel):

3630

class CacheKey(Base, BaseModel):

3631

__tablename__ = 'cache_invalidation'

3631

__tablename__ = 'cache_invalidation'

3632

__table_args__ = (

3632

__table_args__ = (

3633

UniqueConstraint('cache_key'),

3633

UniqueConstraint('cache_key'),

3634

Index('key_idx', 'cache_key'),

3634

Index('key_idx', 'cache_key'),

3635

base_table_args,

3635

base_table_args,

3636

)

3636

)

3637

3638

CACHE_TYPE_FEED = 'FEED'

3638

CACHE_TYPE_FEED = 'FEED'

3639

3640

# namespaces used to register process/thread aware caches

3640

# namespaces used to register process/thread aware caches

3641

REPO_INVALIDATION_NAMESPACE = 'repo_cache:{repo_id}'

3641

REPO_INVALIDATION_NAMESPACE = 'repo_cache:{repo_id}'

3642

SETTINGS_INVALIDATION_NAMESPACE = 'system_settings'

3642

SETTINGS_INVALIDATION_NAMESPACE = 'system_settings'

3643

3644

cache_id = Column("cache_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

3644

cache_id = Column("cache_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

3645

cache_key = Column("cache_key", String(255), nullable=True, unique=None, default=None)

3645

cache_key = Column("cache_key", String(255), nullable=True, unique=None, default=None)

3646

cache_args = Column("cache_args", String(255), nullable=True, unique=None, default=None)

3646

cache_args = Column("cache_args", String(255), nullable=True, unique=None, default=None)

3647

cache_state_uid = Column("cache_state_uid", String(255), nullable=True, unique=None, default=None)

3647

cache_state_uid = Column("cache_state_uid", String(255), nullable=True, unique=None, default=None)

3648

cache_active = Column("cache_active", Boolean(), nullable=True, unique=None, default=False)

3648

cache_active = Column("cache_active", Boolean(), nullable=True, unique=None, default=False)

3649

3650

def __init__(self, cache_key, cache_args='', cache_state_uid=None):

3650

def __init__(self, cache_key, cache_args='', cache_state_uid=None):

3651

self.cache_key = cache_key

3651

self.cache_key = cache_key

3652

self.cache_args = cache_args

3652

self.cache_args = cache_args

3653

self.cache_active = False

3653

self.cache_active = False

3654

# first key should be same for all entries, since all workers should share it

3654

# first key should be same for all entries, since all workers should share it

3655

self.cache_state_uid = cache_state_uid or self.generate_new_state_uid()

3655

self.cache_state_uid = cache_state_uid or self.generate_new_state_uid()

3656

3657

def __unicode__(self):

3657

def __unicode__(self):

3658

return u"<%s('%s:%s[%s]')>" % (

3658

return u"<%s('%s:%s[%s]')>" % (

3659

self.__class__.__name__,

3659

self.__class__.__name__,

3660

self.cache_id, self.cache_key, self.cache_active)

3660

self.cache_id, self.cache_key, self.cache_active)

3661

3662

def _cache_key_partition(self):

3662

def _cache_key_partition(self):

3663

prefix, repo_name, suffix = self.cache_key.partition(self.cache_args)

3663

prefix, repo_name, suffix = self.cache_key.partition(self.cache_args)

3664

return prefix, repo_name, suffix

3664

return prefix, repo_name, suffix

3665

3666

def get_prefix(self):

3666

def get_prefix(self):

3667

"""

3667

"""

3668

Try to extract prefix from existing cache key. The key could consist

3668

Try to extract prefix from existing cache key. The key could consist

3669

of prefix, repo_name, suffix

3669

of prefix, repo_name, suffix

3670

"""

3670

"""

3671

# this returns prefix, repo_name, suffix

3671

# this returns prefix, repo_name, suffix

3672

return self._cache_key_partition()[0]

3672

return self._cache_key_partition()[0]

3673

3674

def get_suffix(self):

3674

def get_suffix(self):

3675

"""

3675

"""

3676

get suffix that might have been used in _get_cache_key to

3676

get suffix that might have been used in _get_cache_key to

3677

generate self.cache_key. Only used for informational purposes

3677

generate self.cache_key. Only used for informational purposes

3678

in repo_edit.mako.

3678

in repo_edit.mako.

3679

"""

3679

"""

3680

# prefix, repo_name, suffix

3680

# prefix, repo_name, suffix

3681

return self._cache_key_partition()[2]

3681

return self._cache_key_partition()[2]

3682

3683

@classmethod

3683

@classmethod

3684

def generate_new_state_uid(cls, based_on=None):

3684

def generate_new_state_uid(cls, based_on=None):

3685

if based_on:

3685

if based_on:

3686

return str(uuid.uuid5(uuid.NAMESPACE_URL, safe_str(based_on)))

3686

return str(uuid.uuid5(uuid.NAMESPACE_URL, safe_str(based_on)))

3687

else:

3687

else:

3688

return str(uuid.uuid4())

3688

return str(uuid.uuid4())

3689

3690

@classmethod

3690

@classmethod

3691

def delete_all_cache(cls):

3691

def delete_all_cache(cls):

3692

"""

3692

"""

3693

Delete all cache keys from database.

3693

Delete all cache keys from database.

3694

Should only be run when all instances are down and all entries

3694

Should only be run when all instances are down and all entries

3695

thus stale.

3695

thus stale.

3696

"""

3696

"""

3697

cls.query().delete()

3697

cls.query().delete()

3698

Session().commit()

3698

Session().commit()

3699

3700

@classmethod

3700

@classmethod

3701

def set_invalidate(cls, cache_uid, delete=False):

3701

def set_invalidate(cls, cache_uid, delete=False):

3702

"""

3702

"""

3703

Mark all caches of a repo as invalid in the database.

3703

Mark all caches of a repo as invalid in the database.

3704

"""

3704

"""

3705

3706

try:

3706

try:

3707

qry = Session().query(cls).filter(cls.cache_args == cache_uid)

3707

qry = Session().query(cls).filter(cls.cache_args == cache_uid)

3708

if delete:

3708

if delete:

3709

qry.delete()

3709

qry.delete()

3710

log.debug('cache objects deleted for cache args %s',

3710

log.debug('cache objects deleted for cache args %s',

3711

safe_str(cache_uid))

3711

safe_str(cache_uid))

3712

else:

3712

else:

3713

qry.update({"cache_active": False,

3713

qry.update({"cache_active": False,

3714

"cache_state_uid": cls.generate_new_state_uid()})

3714

"cache_state_uid": cls.generate_new_state_uid()})

3715

log.debug('cache objects marked as invalid for cache args %s',

3715

log.debug('cache objects marked as invalid for cache args %s',

3716

safe_str(cache_uid))

3716

safe_str(cache_uid))

3717

3718

Session().commit()

3718

Session().commit()

3719

except Exception:

3719

except Exception:

3720

log.exception(

3720

log.exception(

3721

'Cache key invalidation failed for cache args %s',

3721

'Cache key invalidation failed for cache args %s',

3722

safe_str(cache_uid))

3722

safe_str(cache_uid))

3723

Session().rollback()

3723

Session().rollback()

3724

3725

@classmethod

3725

@classmethod

3726

def get_active_cache(cls, cache_key):

3726

def get_active_cache(cls, cache_key):

3727

inv_obj = cls.query().filter(cls.cache_key == cache_key).scalar()

3727

inv_obj = cls.query().filter(cls.cache_key == cache_key).scalar()

3728

if inv_obj:

3728

if inv_obj:

3729

return inv_obj

3729

return inv_obj

3730

return None

3730

return None

3731

3732

@classmethod

3732

@classmethod

3733

def get_namespace_map(cls, namespace):

3733

def get_namespace_map(cls, namespace):

3734

return {

3734

return {

3735

x.cache_key: x

3735

x.cache_key: x

3736

for x in cls.query().filter(cls.cache_args == namespace)}

3736

for x in cls.query().filter(cls.cache_args == namespace)}

3737

3738

3739

class ChangesetComment(Base, BaseModel):

3739

class ChangesetComment(Base, BaseModel):

3740

__tablename__ = 'changeset_comments'

3740

__tablename__ = 'changeset_comments'

3741

__table_args__ = (

3741

__table_args__ = (

3742

Index('cc_revision_idx', 'revision'),

3742

Index('cc_revision_idx', 'revision'),

3743

base_table_args,

3743

base_table_args,

3744

)

3744

)

3745

3746

COMMENT_OUTDATED = u'comment_outdated'

3746

COMMENT_OUTDATED = u'comment_outdated'

3747

COMMENT_TYPE_NOTE = u'note'

3747

COMMENT_TYPE_NOTE = u'note'

3748

COMMENT_TYPE_TODO = u'todo'

3748

COMMENT_TYPE_TODO = u'todo'

3749

COMMENT_TYPES = [COMMENT_TYPE_NOTE, COMMENT_TYPE_TODO]

3749

COMMENT_TYPES = [COMMENT_TYPE_NOTE, COMMENT_TYPE_TODO]

3750

3751

OP_IMMUTABLE = u'immutable'

3751

OP_IMMUTABLE = u'immutable'

3752

OP_CHANGEABLE = u'changeable'

3752

OP_CHANGEABLE = u'changeable'

3753

3754

comment_id = Column('comment_id', Integer(), nullable=False, primary_key=True)

3754

comment_id = Column('comment_id', Integer(), nullable=False, primary_key=True)

3755

repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)

3755

repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)

3756

revision = Column('revision', String(40), nullable=True)

3756

revision = Column('revision', String(40), nullable=True)

3757

pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)

3757

pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)

3758

pull_request_version_id = Column("pull_request_version_id", Integer(), ForeignKey('pull_request_versions.pull_request_version_id'), nullable=True)

3758

pull_request_version_id = Column("pull_request_version_id", Integer(), ForeignKey('pull_request_versions.pull_request_version_id'), nullable=True)

3759

line_no = Column('line_no', Unicode(10), nullable=True)

3759

line_no = Column('line_no', Unicode(10), nullable=True)

3760

hl_lines = Column('hl_lines', Unicode(512), nullable=True)

3760

hl_lines = Column('hl_lines', Unicode(512), nullable=True)

3761

f_path = Column('f_path', Unicode(1000), nullable=True)

3761

f_path = Column('f_path', Unicode(1000), nullable=True)

3762

user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)

3762

user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)

3763

text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False)

3763

text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False)

3764

created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

3764

created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

3765

modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

3765

modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

3766

renderer = Column('renderer', Unicode(64), nullable=True)

3766

renderer = Column('renderer', Unicode(64), nullable=True)

3767

display_state = Column('display_state', Unicode(128), nullable=True)

3767

display_state = Column('display_state', Unicode(128), nullable=True)

3768

immutable_state = Column('immutable_state', Unicode(128), nullable=True, default=OP_CHANGEABLE)

3768

immutable_state = Column('immutable_state', Unicode(128), nullable=True, default=OP_CHANGEABLE)

3769

3770

comment_type = Column('comment_type', Unicode(128), nullable=True, default=COMMENT_TYPE_NOTE)

3770

comment_type = Column('comment_type', Unicode(128), nullable=True, default=COMMENT_TYPE_NOTE)

3771

resolved_comment_id = Column('resolved_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'), nullable=True)

3771

resolved_comment_id = Column('resolved_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'), nullable=True)

3772

3773

resolved_comment = relationship('ChangesetComment', remote_side=comment_id, back_populates='resolved_by')

3773

resolved_comment = relationship('ChangesetComment', remote_side=comment_id, back_populates='resolved_by')

3774

resolved_by = relationship('ChangesetComment', back_populates='resolved_comment')

3774

resolved_by = relationship('ChangesetComment', back_populates='resolved_comment')

3775

3776

author = relationship('User', lazy='joined')

3776

author = relationship('User', lazy='joined')

3777

repo = relationship('Repository')

3777

repo = relationship('Repository')

3778

status_change = relationship('ChangesetStatus', cascade="all, delete-orphan", lazy='joined')

3778

status_change = relationship('ChangesetStatus', cascade="all, delete-orphan", lazy='joined')

3779

pull_request = relationship('PullRequest', lazy='joined')

3779

pull_request = relationship('PullRequest', lazy='joined')

3780

pull_request_version = relationship('PullRequestVersion')

3780

pull_request_version = relationship('PullRequestVersion')

3781

history = relationship('ChangesetCommentHistory', cascade='all, delete-orphan', lazy='joined', order_by='ChangesetCommentHistory.version')

3781

history = relationship('ChangesetCommentHistory', cascade='all, delete-orphan', lazy='joined', order_by='ChangesetCommentHistory.version')

3782

3783

@classmethod

3783

@classmethod

3784

def get_users(cls, revision=None, pull_request_id=None):

3784

def get_users(cls, revision=None, pull_request_id=None):

3785

"""

3785

"""

3786

Returns user associated with this ChangesetComment. ie those

3786

Returns user associated with this ChangesetComment. ie those

3787

who actually commented

3787

who actually commented

3788

3789

:param cls:

3789

:param cls:

3790

:param revision:

3790

:param revision:

3791

"""

3791

"""

3792

q = Session().query(User)\

3792

q = Session().query(User)\

3793

.join(ChangesetComment.author)

3793

.join(ChangesetComment.author)

3794

if revision:

3794

if revision:

3795

q = q.filter(cls.revision == revision)

3795

q = q.filter(cls.revision == revision)

3796

elif pull_request_id:

3796

elif pull_request_id:

3797

q = q.filter(cls.pull_request_id == pull_request_id)

3797

q = q.filter(cls.pull_request_id == pull_request_id)

3798

return q.all()

3798

return q.all()

3799

3800

@classmethod

3800

@classmethod

3801

def get_index_from_version(cls, pr_version, versions):

3801

def get_index_from_version(cls, pr_version, versions):

3802

num_versions = [x.pull_request_version_id for x in versions]

3802

num_versions = [x.pull_request_version_id for x in versions]

3803

try:

3803

try:

3804

return num_versions.index(pr_version) + 1

3804

return num_versions.index(pr_version) + 1

3805

except (IndexError, ValueError):

3805

except (IndexError, ValueError):

3806

return

3806

return

3807

3808

@property

3808

@property

3809

def outdated(self):

3809

def outdated(self):

3810

return self.display_state == self.COMMENT_OUTDATED

3810

return self.display_state == self.COMMENT_OUTDATED

3811

3812

@property

3812

@property

3813

def outdated_js(self):

3813

def outdated_js(self):

3814

return json.dumps(self.display_state == self.COMMENT_OUTDATED)

3814

return json.dumps(self.display_state == self.COMMENT_OUTDATED)

3815

3816

@property

3816

@property

3817

def immutable(self):

3817

def immutable(self):

3818

return self.immutable_state == self.OP_IMMUTABLE

3818

return self.immutable_state == self.OP_IMMUTABLE

3819

3820

def outdated_at_version(self, version):

3820

def outdated_at_version(self, version):

3821

"""

3821

"""

3822

Checks if comment is outdated for given pull request version

3822

Checks if comment is outdated for given pull request version

3823

"""

3823

"""

3824

def version_check():

3824

def version_check():

3825

return self.pull_request_version_id and self.pull_request_version_id != version

3825

return self.pull_request_version_id and self.pull_request_version_id != version

3826

3827

if self.is_inline:

3827

if self.is_inline:

3828

return self.outdated and version_check()

3828

return self.outdated and version_check()

3829

else:

3829

else:

3830

# general comments don't have .outdated set, also latest don't have a version

3830

# general comments don't have .outdated set, also latest don't have a version

3831

return version_check()

3831

return version_check()

3832

3833

def outdated_at_version_js(self, version):

3833

def outdated_at_version_js(self, version):

3834

"""

3834

"""

3835

Checks if comment is outdated for given pull request version

3835

Checks if comment is outdated for given pull request version

3836

"""

3836

"""

3837

return json.dumps(self.outdated_at_version(version))

3837

return json.dumps(self.outdated_at_version(version))

3838

3839

def older_than_version(self, version):

3839

def older_than_version(self, version):

3840

"""

3840

"""

3841

Checks if comment is made from previous version than given

3841

Checks if comment is made from previous version than given

3842

"""

3842

"""

3843

if version is None:

3843

if version is None:

3844

return self.pull_request_version != version

3844

return self.pull_request_version != version

3845

3846

return self.pull_request_version < version

3846

return self.pull_request_version < version

3847

3848

def older_than_version_js(self, version):

3848

def older_than_version_js(self, version):

3849

"""

3849

"""

3850

Checks if comment is made from previous version than given

3850

Checks if comment is made from previous version than given

3851

"""

3851

"""

3852

return json.dumps(self.older_than_version(version))

3852

return json.dumps(self.older_than_version(version))

3853

3854

@property

3854

@property

3855

def commit_id(self):

3855

def commit_id(self):

3856

"""New style naming to stop using .revision"""

3856

"""New style naming to stop using .revision"""

3857

return self.revision

3857

return self.revision

3858

3859

@property

3859

@property

3860

def resolved(self):

3860

def resolved(self):

3861

return self.resolved_by[0] if self.resolved_by else None

3861

return self.resolved_by[0] if self.resolved_by else None

3862

3863

@property

3863

@property

3864

def is_todo(self):

3864

def is_todo(self):

3865

return self.comment_type == self.COMMENT_TYPE_TODO

3865

return self.comment_type == self.COMMENT_TYPE_TODO

3866

3867

@property

3867

@property

3868

def is_inline(self):

3868

def is_inline(self):

3869

~~return~~ self.line_no and self.f_path

3869

if self.line_no and self.f_path:

3870

return True

3871

return False

3870

3872

3871

@property

3873

@property

3872

def last_version(self):

3874

def last_version(self):

3873

version = 0

3875

version = 0

3874

if self.history:

3876

if self.history:

3875

version = self.history[-1].version

3877

version = self.history[-1].version

3876

return version

3878

return version

3877

3879

3878

def get_index_version(self, versions):

3880

def get_index_version(self, versions):

3879

return self.get_index_from_version(

3881

return self.get_index_from_version(

3880

self.pull_request_version_id, versions)

3882

self.pull_request_version_id, versions)

3881

3883

3882

def __repr__(self):

3884

def __repr__(self):

3883

if self.comment_id:

3885

if self.comment_id:

3884

return '<DB:Comment #%s>' % self.comment_id

3886

return '<DB:Comment #%s>' % self.comment_id

3885

else:

3887

else:

3886

return '<DB:Comment at %#x>' % id(self)

3888

return '<DB:Comment at %#x>' % id(self)

3887

3889

3888

def get_api_data(self):

3890

def get_api_data(self):

3889

comment = self

3891

comment = self

3890

3892

3891

data = {

3893

data = {

3892

'comment_id': comment.comment_id,

3894

'comment_id': comment.comment_id,

3893

'comment_type': comment.comment_type,

3895

'comment_type': comment.comment_type,

3894

'comment_text': comment.text,

3896

'comment_text': comment.text,

3895

'comment_status': comment.status_change,

3897

'comment_status': comment.status_change,

3896

'comment_f_path': comment.f_path,

3898

'comment_f_path': comment.f_path,

3897

'comment_lineno': comment.line_no,

3899

'comment_lineno': comment.line_no,

3898

'comment_author': comment.author,

3900

'comment_author': comment.author,

3899

'comment_created_on': comment.created_on,

3901

'comment_created_on': comment.created_on,

3900

'comment_resolved_by': self.resolved,

3902

'comment_resolved_by': self.resolved,

3901

'comment_commit_id': comment.revision,

3903

'comment_commit_id': comment.revision,

3902

'comment_pull_request_id': comment.pull_request_id,

3904

'comment_pull_request_id': comment.pull_request_id,

3903

'comment_last_version': self.last_version

3905

'comment_last_version': self.last_version

3904

}

3906

}

3905

return data

3907

return data

3906

3908

3907

def __json__(self):

3909

def __json__(self):

3908

data = dict()

3910

data = dict()

3909

data.update(self.get_api_data())

3911

data.update(self.get_api_data())

3910

return data

3912

return data

3911

3913

3912

3914

3913

class ChangesetCommentHistory(Base, BaseModel):

3915

class ChangesetCommentHistory(Base, BaseModel):

3914

__tablename__ = 'changeset_comments_history'

3916

__tablename__ = 'changeset_comments_history'

3915

__table_args__ = (

3917

__table_args__ = (

3916

Index('cch_comment_id_idx', 'comment_id'),

3918

Index('cch_comment_id_idx', 'comment_id'),

3917

base_table_args,

3919

base_table_args,

3918

)

3920

)

3919

3921

3920

comment_history_id = Column('comment_history_id', Integer(), nullable=False, primary_key=True)

3922

comment_history_id = Column('comment_history_id', Integer(), nullable=False, primary_key=True)

3921

comment_id = Column('comment_id', Integer(), ForeignKey('changeset_comments.comment_id'), nullable=False)

3923

comment_id = Column('comment_id', Integer(), ForeignKey('changeset_comments.comment_id'), nullable=False)

3922

version = Column("version", Integer(), nullable=False, default=0)

3924

version = Column("version", Integer(), nullable=False, default=0)

3923

created_by_user_id = Column('created_by_user_id', Integer(), ForeignKey('users.user_id'), nullable=False)

3925

created_by_user_id = Column('created_by_user_id', Integer(), ForeignKey('users.user_id'), nullable=False)

3924

text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False)

3926

text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False)

3925

created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

3927

created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

3926

deleted = Column('deleted', Boolean(), default=False)

3928

deleted = Column('deleted', Boolean(), default=False)

3927

3929

3928

author = relationship('User', lazy='joined')

3930

author = relationship('User', lazy='joined')

3929

comment = relationship('ChangesetComment', cascade="all, delete")

3931

comment = relationship('ChangesetComment', cascade="all, delete")

3930

3932

3931

@classmethod

3933

@classmethod

3932

def get_version(cls, comment_id):

3934

def get_version(cls, comment_id):

3933

q = Session().query(ChangesetCommentHistory).filter(

3935

q = Session().query(ChangesetCommentHistory).filter(

3934

ChangesetCommentHistory.comment_id == comment_id).order_by(ChangesetCommentHistory.version.desc())

3936

ChangesetCommentHistory.comment_id == comment_id).order_by(ChangesetCommentHistory.version.desc())

3935

if q.count() == 0:

3937

if q.count() == 0:

3936

return 1

3938

return 1

3937

elif q.count() >= q[0].version:

3939

elif q.count() >= q[0].version:

3938

return q.count() + 1

3940

return q.count() + 1

3939

else:

3941

else:

3940

return q[0].version + 1

3942

return q[0].version + 1

3941

3943

3942

3944

3943

class ChangesetStatus(Base, BaseModel):

3945

class ChangesetStatus(Base, BaseModel):

3944

__tablename__ = 'changeset_statuses'

3946

__tablename__ = 'changeset_statuses'

3945

__table_args__ = (

3947

__table_args__ = (

3946

Index('cs_revision_idx', 'revision'),

3948

Index('cs_revision_idx', 'revision'),

3947

Index('cs_version_idx', 'version'),

3949

Index('cs_version_idx', 'version'),

3948

UniqueConstraint('repo_id', 'revision', 'version'),

3950

UniqueConstraint('repo_id', 'revision', 'version'),

3949

base_table_args

3951

base_table_args

3950

)

3952

)

3951

3953

3952

STATUS_NOT_REVIEWED = DEFAULT = 'not_reviewed'

3954

STATUS_NOT_REVIEWED = DEFAULT = 'not_reviewed'

3953

STATUS_APPROVED = 'approved'

3955

STATUS_APPROVED = 'approved'

3954

STATUS_REJECTED = 'rejected'

3956

STATUS_REJECTED = 'rejected'

3955

STATUS_UNDER_REVIEW = 'under_review'

3957

STATUS_UNDER_REVIEW = 'under_review'

3956

3958

3957

STATUSES = [

3959

STATUSES = [

3958

(STATUS_NOT_REVIEWED, _("Not Reviewed")), # (no icon) and default

3960

(STATUS_NOT_REVIEWED, _("Not Reviewed")), # (no icon) and default

3959

(STATUS_APPROVED, _("Approved")),

3961

(STATUS_APPROVED, _("Approved")),

3960

(STATUS_REJECTED, _("Rejected")),

3962

(STATUS_REJECTED, _("Rejected")),

3961

(STATUS_UNDER_REVIEW, _("Under Review")),

3963

(STATUS_UNDER_REVIEW, _("Under Review")),

3962

]

3964

]

3963

3965

3964

changeset_status_id = Column('changeset_status_id', Integer(), nullable=False, primary_key=True)

3966

changeset_status_id = Column('changeset_status_id', Integer(), nullable=False, primary_key=True)

3965

repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)

3967

repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)

3966

user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None)

3968

user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None)

3967

revision = Column('revision', String(40), nullable=False)

3969

revision = Column('revision', String(40), nullable=False)

3968

status = Column('status', String(128), nullable=False, default=DEFAULT)

3970

status = Column('status', String(128), nullable=False, default=DEFAULT)

3969

changeset_comment_id = Column('changeset_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'))

3971

changeset_comment_id = Column('changeset_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'))

3970

modified_at = Column('modified_at', DateTime(), nullable=False, default=datetime.datetime.now)

3972

modified_at = Column('modified_at', DateTime(), nullable=False, default=datetime.datetime.now)

3971

version = Column('version', Integer(), nullable=False, default=0)

3973

version = Column('version', Integer(), nullable=False, default=0)

3972

pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)

3974

pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)

3973

3975

3974

author = relationship('User', lazy='joined')

3976

author = relationship('User', lazy='joined')

3975

repo = relationship('Repository')

3977

repo = relationship('Repository')

3976

comment = relationship('ChangesetComment', lazy='joined')

3978

comment = relationship('ChangesetComment', lazy='joined')

3977

pull_request = relationship('PullRequest', lazy='joined')

3979

pull_request = relationship('PullRequest', lazy='joined')

3978

3980

3979

def __unicode__(self):

3981

def __unicode__(self):

3980

return u"<%s('%s[v%s]:%s')>" % (

3982

return u"<%s('%s[v%s]:%s')>" % (

3981

self.__class__.__name__,

3983

self.__class__.__name__,

3982

self.status, self.version, self.author

3984

self.status, self.version, self.author

3983

)

3985

)

3984

3986

3985

@classmethod

3987

@classmethod

3986

def get_status_lbl(cls, value):

3988

def get_status_lbl(cls, value):

3987

return dict(cls.STATUSES).get(value)

3989

return dict(cls.STATUSES).get(value)

3988

3990

3989

@property

3991

@property

3990

def status_lbl(self):

3992

def status_lbl(self):

3991

return ChangesetStatus.get_status_lbl(self.status)

3993

return ChangesetStatus.get_status_lbl(self.status)

3992

3994

3993

def get_api_data(self):

3995

def get_api_data(self):

3994

status = self

3996

status = self

3995

data = {

3997

data = {

3996

'status_id': status.changeset_status_id,

3998

'status_id': status.changeset_status_id,

3997

'status': status.status,

3999

'status': status.status,

3998

}

4000

}

3999

return data

4001

return data

4000

4002

4001

def __json__(self):

4003

def __json__(self):

4002

data = dict()

4004

data = dict()

4003

data.update(self.get_api_data())

4005

data.update(self.get_api_data())

4004

return data

4006

return data

4005

4007

4006

4008

4007

class _SetState(object):

4009

class _SetState(object):

4008

"""

4010

"""

4009

Context processor allowing changing state for sensitive operation such as

4011

Context processor allowing changing state for sensitive operation such as

4010

pull request update or merge

4012

pull request update or merge

4011

"""

4013

"""

4012

4014

4013

def __init__(self, pull_request, pr_state, back_state=None):

4015

def __init__(self, pull_request, pr_state, back_state=None):

4014

self._pr = pull_request

4016

self._pr = pull_request

4015

self._org_state = back_state or pull_request.pull_request_state

4017

self._org_state = back_state or pull_request.pull_request_state

4016

self._pr_state = pr_state

4018

self._pr_state = pr_state

4017

self._current_state = None

4019

self._current_state = None

4018

4020

4019

def __enter__(self):

4021

def __enter__(self):

4020

log.debug('StateLock: entering set state context of pr %s, setting state to: `%s`',

4022

log.debug('StateLock: entering set state context of pr %s, setting state to: `%s`',

4021

self._pr, self._pr_state)

4023

self._pr, self._pr_state)

4022

self.set_pr_state(self._pr_state)

4024

self.set_pr_state(self._pr_state)

4023

return self

4025

return self

4024

4026

4025

def __exit__(self, exc_type, exc_val, exc_tb):

4027

def __exit__(self, exc_type, exc_val, exc_tb):

4026

if exc_val is not None:

4028

if exc_val is not None:

4027

log.error(traceback.format_exc(exc_tb))

4029

log.error(traceback.format_exc(exc_tb))

4028

return None

4030

return None

4029

4031

4030

self.set_pr_state(self._org_state)

4032

self.set_pr_state(self._org_state)

4031

log.debug('StateLock: exiting set state context of pr %s, setting state to: `%s`',

4033

log.debug('StateLock: exiting set state context of pr %s, setting state to: `%s`',

4032

self._pr, self._org_state)

4034

self._pr, self._org_state)

4033

4035

4034

@property

4036

@property

4035

def state(self):

4037

def state(self):

4036

return self._current_state

4038

return self._current_state

4037

4039

4038

def set_pr_state(self, pr_state):

4040

def set_pr_state(self, pr_state):

4039

try:

4041

try:

4040

self._pr.pull_request_state = pr_state

4042

self._pr.pull_request_state = pr_state

4041

Session().add(self._pr)

4043

Session().add(self._pr)

4042

Session().commit()

4044

Session().commit()

4043

self._current_state = pr_state

4045

self._current_state = pr_state

4044

except Exception:

4046

except Exception:

4045

log.exception('Failed to set PullRequest %s state to %s', self._pr, pr_state)

4047

log.exception('Failed to set PullRequest %s state to %s', self._pr, pr_state)

4046

raise

4048

raise

4047

4049

4048

4050

4049

class _PullRequestBase(BaseModel):

4051

class _PullRequestBase(BaseModel):

4050

"""

4052

"""

4051

Common attributes of pull request and version entries.

4053

Common attributes of pull request and version entries.

4052

"""

4054

"""

4053

4055

4054

# .status values

4056

# .status values

4055

STATUS_NEW = u'new'

4057

STATUS_NEW = u'new'

4056

STATUS_OPEN = u'open'

4058

STATUS_OPEN = u'open'

4057

STATUS_CLOSED = u'closed'

4059

STATUS_CLOSED = u'closed'

4058

4060

4059

# available states

4061

# available states

4060

STATE_CREATING = u'creating'

4062

STATE_CREATING = u'creating'

4061

STATE_UPDATING = u'updating'

4063

STATE_UPDATING = u'updating'

4062

STATE_MERGING = u'merging'

4064

STATE_MERGING = u'merging'

4063

STATE_CREATED = u'created'

4065

STATE_CREATED = u'created'

4064

4066

4065

title = Column('title', Unicode(255), nullable=True)

4067

title = Column('title', Unicode(255), nullable=True)

4066

description = Column(

4068

description = Column(

4067

'description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'),

4069

'description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'),

4068

nullable=True)

4070

nullable=True)

4069

description_renderer = Column('description_renderer', Unicode(64), nullable=True)

4071

description_renderer = Column('description_renderer', Unicode(64), nullable=True)

4070

4072

4071

# new/open/closed status of pull request (not approve/reject/etc)

4073

# new/open/closed status of pull request (not approve/reject/etc)

4072

status = Column('status', Unicode(255), nullable=False, default=STATUS_NEW)

4074

status = Column('status', Unicode(255), nullable=False, default=STATUS_NEW)

4073

created_on = Column(

4075

created_on = Column(

4074

'created_on', DateTime(timezone=False), nullable=False,

4076

'created_on', DateTime(timezone=False), nullable=False,

4075

default=datetime.datetime.now)

4077

default=datetime.datetime.now)

4076

updated_on = Column(

4078

updated_on = Column(

4077

'updated_on', DateTime(timezone=False), nullable=False,

4079

'updated_on', DateTime(timezone=False), nullable=False,

4078

default=datetime.datetime.now)

4080

default=datetime.datetime.now)

4079

4081

4080

pull_request_state = Column("pull_request_state", String(255), nullable=True)

4082

pull_request_state = Column("pull_request_state", String(255), nullable=True)

4081

4083

4082

@declared_attr

4084

@declared_attr

4083

def user_id(cls):

4085

def user_id(cls):

4084

return Column(

4086

return Column(

4085

"user_id", Integer(), ForeignKey('users.user_id'), nullable=False,

4087

"user_id", Integer(), ForeignKey('users.user_id'), nullable=False,

4086

unique=None)

4088

unique=None)

4087

4089

4088

# 500 revisions max

4090

# 500 revisions max

4089

_revisions = Column(

4091

_revisions = Column(

4090

'revisions', UnicodeText().with_variant(UnicodeText(20500), 'mysql'))

4092

'revisions', UnicodeText().with_variant(UnicodeText(20500), 'mysql'))

4091

4093

4092

common_ancestor_id = Column('common_ancestor_id', Unicode(255), nullable=True)

4094

common_ancestor_id = Column('common_ancestor_id', Unicode(255), nullable=True)

4093

4095

4094

@declared_attr

4096

@declared_attr

4095

def source_repo_id(cls):

4097

def source_repo_id(cls):

4096

# TODO: dan: rename column to source_repo_id

4098

# TODO: dan: rename column to source_repo_id

4097

return Column(

4099

return Column(

4098

'org_repo_id', Integer(), ForeignKey('repositories.repo_id'),

4100

'org_repo_id', Integer(), ForeignKey('repositories.repo_id'),

4099

nullable=False)

4101

nullable=False)

4100

4102

4101

_source_ref = Column('org_ref', Unicode(255), nullable=False)

4103

_source_ref = Column('org_ref', Unicode(255), nullable=False)

4102

4104

4103

@hybrid_property

4105

@hybrid_property

4104

def source_ref(self):

4106

def source_ref(self):

4105

return self._source_ref

4107

return self._source_ref

4106

4108

4107

@source_ref.setter

4109

@source_ref.setter

4108

def source_ref(self, val):

4110

def source_ref(self, val):

4109

parts = (val or '').split(':')

4111

parts = (val or '').split(':')

4110

if len(parts) != 3:

4112

if len(parts) != 3:

4111

raise ValueError(

4113

raise ValueError(

4112

'Invalid reference format given: {}, expected X:Y:Z'.format(val))

4114

'Invalid reference format given: {}, expected X:Y:Z'.format(val))

4113

self._source_ref = safe_unicode(val)

4115

self._source_ref = safe_unicode(val)

4114

4116

4115

_target_ref = Column('other_ref', Unicode(255), nullable=False)

4117

_target_ref = Column('other_ref', Unicode(255), nullable=False)

4116

4118

4117

@hybrid_property

4119

@hybrid_property

4118

def target_ref(self):

4120

def target_ref(self):

4119

return self._target_ref

4121

return self._target_ref

4120

4122

4121

@target_ref.setter

4123

@target_ref.setter

4122

def target_ref(self, val):

4124

def target_ref(self, val):

4123

parts = (val or '').split(':')

4125

parts = (val or '').split(':')

4124

if len(parts) != 3:

4126

if len(parts) != 3:

4125

raise ValueError(

4127

raise ValueError(

4126

'Invalid reference format given: {}, expected X:Y:Z'.format(val))

4128

'Invalid reference format given: {}, expected X:Y:Z'.format(val))

4127

self._target_ref = safe_unicode(val)

4129

self._target_ref = safe_unicode(val)

4128

4130

4129

@declared_attr

4131

@declared_attr

4130

def target_repo_id(cls):

4132

def target_repo_id(cls):

4131

# TODO: dan: rename column to target_repo_id

4133

# TODO: dan: rename column to target_repo_id

4132

return Column(

4134

return Column(

4133

'other_repo_id', Integer(), ForeignKey('repositories.repo_id'),

4135

'other_repo_id', Integer(), ForeignKey('repositories.repo_id'),

4134

nullable=False)

4136

nullable=False)

4135

4137

4136

_shadow_merge_ref = Column('shadow_merge_ref', Unicode(255), nullable=True)

4138

_shadow_merge_ref = Column('shadow_merge_ref', Unicode(255), nullable=True)

4137

4139

4138

# TODO: dan: rename column to last_merge_source_rev

4140

# TODO: dan: rename column to last_merge_source_rev

4139

_last_merge_source_rev = Column(

4141

_last_merge_source_rev = Column(

4140

'last_merge_org_rev', String(40), nullable=True)

4142

'last_merge_org_rev', String(40), nullable=True)

4141

# TODO: dan: rename column to last_merge_target_rev

4143

# TODO: dan: rename column to last_merge_target_rev

4142

_last_merge_target_rev = Column(

4144

_last_merge_target_rev = Column(

4143

'last_merge_other_rev', String(40), nullable=True)

4145

'last_merge_other_rev', String(40), nullable=True)

4144

_last_merge_status = Column('merge_status', Integer(), nullable=True)

4146

_last_merge_status = Column('merge_status', Integer(), nullable=True)

4145

last_merge_metadata = Column(

4147

last_merge_metadata = Column(

4146

'last_merge_metadata', MutationObj.as_mutable(

4148

'last_merge_metadata', MutationObj.as_mutable(

4147

JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))

4149

JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))

4148

4150

4149

merge_rev = Column('merge_rev', String(40), nullable=True)

4151

merge_rev = Column('merge_rev', String(40), nullable=True)

4150

4152

4151

reviewer_data = Column(

4153

reviewer_data = Column(

4152

'reviewer_data_json', MutationObj.as_mutable(

4154

'reviewer_data_json', MutationObj.as_mutable(

4153

JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))

4155

JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))

4154

4156

4155

@property

4157

@property

4156

def reviewer_data_json(self):

4158

def reviewer_data_json(self):

4157

return json.dumps(self.reviewer_data)

4159

return json.dumps(self.reviewer_data)

4158

4160

4159

@property

4161

@property

4160

def last_merge_metadata_parsed(self):

4162

def last_merge_metadata_parsed(self):

4161

metadata = {}

4163

metadata = {}

4162

if not self.last_merge_metadata:

4164

if not self.last_merge_metadata:

4163

return metadata

4165

return metadata

4164

4166

4165

if hasattr(self.last_merge_metadata, 'de_coerce'):

4167

if hasattr(self.last_merge_metadata, 'de_coerce'):

4166

for k, v in self.last_merge_metadata.de_coerce().items():

4168

for k, v in self.last_merge_metadata.de_coerce().items():

4167

if k in ['target_ref', 'source_ref']:

4169

if k in ['target_ref', 'source_ref']:

4168

metadata[k] = Reference(v['type'], v['name'], v['commit_id'])

4170

metadata[k] = Reference(v['type'], v['name'], v['commit_id'])

4169

else:

4171

else:

4170

if hasattr(v, 'de_coerce'):

4172

if hasattr(v, 'de_coerce'):

4171

metadata[k] = v.de_coerce()

4173

metadata[k] = v.de_coerce()

4172

else:

4174

else:

4173

metadata[k] = v

4175

metadata[k] = v

4174

return metadata

4176

return metadata

4175

4177

4176

@property

4178

@property

4177

def work_in_progress(self):

4179

def work_in_progress(self):

4178

"""checks if pull request is work in progress by checking the title"""

4180

"""checks if pull request is work in progress by checking the title"""

4179

title = self.title.upper()

4181

title = self.title.upper()

4180

if re.match(r'^(\[WIP\]\s*|WIP:\s*|WIP\s+)', title):

4182

if re.match(r'^(\[WIP\]\s*|WIP:\s*|WIP\s+)', title):

4181

return True

4183

return True

4182

return False

4184

return False

4183

4185

4184

@hybrid_property

4186

@hybrid_property

4185

def description_safe(self):

4187

def description_safe(self):

4186

from rhodecode.lib import helpers as h

4188

from rhodecode.lib import helpers as h

4187

return h.escape(self.description)

4189

return h.escape(self.description)

4188

4190

4189

@hybrid_property

4191

@hybrid_property

4190

def revisions(self):

4192

def revisions(self):

4191

return self._revisions.split(':') if self._revisions else []

4193

return self._revisions.split(':') if self._revisions else []

4192

4194

4193

@revisions.setter

4195

@revisions.setter

4194

def revisions(self, val):

4196

def revisions(self, val):

4195

self._revisions = u':'.join(val)

4197

self._revisions = u':'.join(val)

4196

4198

4197

@hybrid_property

4199

@hybrid_property

4198

def last_merge_status(self):

4200

def last_merge_status(self):

4199

return safe_int(self._last_merge_status)

4201

return safe_int(self._last_merge_status)

4200

4202

4201

@last_merge_status.setter

4203

@last_merge_status.setter

4202

def last_merge_status(self, val):

4204

def last_merge_status(self, val):

4203

self._last_merge_status = val

4205

self._last_merge_status = val

4204

4206

4205

@declared_attr

4207

@declared_attr

4206

def author(cls):

4208

def author(cls):

4207

return relationship('User', lazy='joined')

4209

return relationship('User', lazy='joined')

4208

4210

4209

@declared_attr

4211

@declared_attr

4210

def source_repo(cls):

4212

def source_repo(cls):

4211

return relationship(

4213

return relationship(

4212

'Repository',

4214

'Repository',

4213

primaryjoin='%s.source_repo_id==Repository.repo_id' % cls.__name__)

4215

primaryjoin='%s.source_repo_id==Repository.repo_id' % cls.__name__)

4214

4216

4215

@property

4217

@property

4216

def source_ref_parts(self):

4218

def source_ref_parts(self):

4217

return self.unicode_to_reference(self.source_ref)

4219

return self.unicode_to_reference(self.source_ref)

4218

4220

4219

@declared_attr

4221

@declared_attr

4220

def target_repo(cls):

4222

def target_repo(cls):

4221

return relationship(

4223

return relationship(

4222

'Repository',

4224

'Repository',

4223

primaryjoin='%s.target_repo_id==Repository.repo_id' % cls.__name__)

4225

primaryjoin='%s.target_repo_id==Repository.repo_id' % cls.__name__)

4224

4226

4225

@property

4227

@property

4226

def target_ref_parts(self):

4228

def target_ref_parts(self):

4227

return self.unicode_to_reference(self.target_ref)

4229

return self.unicode_to_reference(self.target_ref)

4228

4230

4229

@property

4231

@property

4230

def shadow_merge_ref(self):

4232

def shadow_merge_ref(self):

4231

return self.unicode_to_reference(self._shadow_merge_ref)

4233

return self.unicode_to_reference(self._shadow_merge_ref)

4232

4234

4233

@shadow_merge_ref.setter

4235

@shadow_merge_ref.setter

4234

def shadow_merge_ref(self, ref):

4236

def shadow_merge_ref(self, ref):

4235

self._shadow_merge_ref = self.reference_to_unicode(ref)

4237

self._shadow_merge_ref = self.reference_to_unicode(ref)

4236

4238

4237

@staticmethod

4239

@staticmethod

4238

def unicode_to_reference(raw):

4240

def unicode_to_reference(raw):

4239

"""

4241

"""

4240

Convert a unicode (or string) to a reference object.

4242

Convert a unicode (or string) to a reference object.

4241

If unicode evaluates to False it returns None.

4243

If unicode evaluates to False it returns None.

4242

"""

4244

"""

4243

if raw:

4245

if raw:

4244

refs = raw.split(':')

4246

refs = raw.split(':')

4245

return Reference(*refs)

4247

return Reference(*refs)

4246

else:

4248

else:

4247

return None

4249

return None

4248

4250

4249

@staticmethod

4251

@staticmethod

4250

def reference_to_unicode(ref):

4252

def reference_to_unicode(ref):

4251

"""

4253

"""

4252

Convert a reference object to unicode.

4254

Convert a reference object to unicode.

4253

If reference is None it returns None.

4255

If reference is None it returns None.

4254

"""

4256

"""

4255

if ref:

4257

if ref:

4256

return u':'.join(ref)

4258

return u':'.join(ref)

4257

else:

4259

else:

4258

return None

4260

return None

4259

4261

4260

def get_api_data(self, with_merge_state=True):

4262

def get_api_data(self, with_merge_state=True):

4261

from rhodecode.model.pull_request import PullRequestModel

4263

from rhodecode.model.pull_request import PullRequestModel

4262

4264

4263

pull_request = self

4265

pull_request = self

4264

if with_merge_state:

4266

if with_merge_state:

4265

merge_response, merge_status, msg = \

4267

merge_response, merge_status, msg = \

4266

PullRequestModel().merge_status(pull_request)

4268

PullRequestModel().merge_status(pull_request)

4267

merge_state = {

4269

merge_state = {

4268

'status': merge_status,

4270

'status': merge_status,

4269

'message': safe_unicode(msg),

4271

'message': safe_unicode(msg),

4270

}

4272

}

4271

else:

4273

else:

4272

merge_state = {'status': 'not_available',

4274

merge_state = {'status': 'not_available',

4273

'message': 'not_available'}

4275

'message': 'not_available'}

4274

4276

4275

merge_data = {

4277

merge_data = {

4276

'clone_url': PullRequestModel().get_shadow_clone_url(pull_request),

4278

'clone_url': PullRequestModel().get_shadow_clone_url(pull_request),

4277

'reference': (

4279

'reference': (

4278

pull_request.shadow_merge_ref._asdict()

4280

pull_request.shadow_merge_ref._asdict()

4279

if pull_request.shadow_merge_ref else None),

4281

if pull_request.shadow_merge_ref else None),

4280

}

4282

}

4281

4283

4282

data = {

4284

data = {

4283

'pull_request_id': pull_request.pull_request_id,

4285

'pull_request_id': pull_request.pull_request_id,

4284

'url': PullRequestModel().get_url(pull_request),

4286

'url': PullRequestModel().get_url(pull_request),

4285

'title': pull_request.title,

4287

'title': pull_request.title,

4286

'description': pull_request.description,

4288

'description': pull_request.description,

4287

'status': pull_request.status,

4289

'status': pull_request.status,

4288

'state': pull_request.pull_request_state,

4290

'state': pull_request.pull_request_state,

4289

'created_on': pull_request.created_on,

4291

'created_on': pull_request.created_on,

4290

'updated_on': pull_request.updated_on,

4292

'updated_on': pull_request.updated_on,

4291

'commit_ids': pull_request.revisions,

4293

'commit_ids': pull_request.revisions,

4292

'review_status': pull_request.calculated_review_status(),

4294

'review_status': pull_request.calculated_review_status(),

4293

'mergeable': merge_state,

4295

'mergeable': merge_state,

4294

'source': {

4296

'source': {

4295

'clone_url': pull_request.source_repo.clone_url(),

4297

'clone_url': pull_request.source_repo.clone_url(),

4296

'repository': pull_request.source_repo.repo_name,

4298

'repository': pull_request.source_repo.repo_name,

4297

'reference': {

4299

'reference': {

4298

'name': pull_request.source_ref_parts.name,

4300

'name': pull_request.source_ref_parts.name,

4299

'type': pull_request.source_ref_parts.type,

4301

'type': pull_request.source_ref_parts.type,

4300

'commit_id': pull_request.source_ref_parts.commit_id,

4302

'commit_id': pull_request.source_ref_parts.commit_id,

4301

},

4303

},

4302

},

4304

},

4303

'target': {

4305

'target': {

4304

'clone_url': pull_request.target_repo.clone_url(),

4306

'clone_url': pull_request.target_repo.clone_url(),

4305

'repository': pull_request.target_repo.repo_name,

4307

'repository': pull_request.target_repo.repo_name,

4306

'reference': {

4308

'reference': {

4307

'name': pull_request.target_ref_parts.name,

4309

'name': pull_request.target_ref_parts.name,

4308

'type': pull_request.target_ref_parts.type,

4310

'type': pull_request.target_ref_parts.type,

4309

'commit_id': pull_request.target_ref_parts.commit_id,

4311

'commit_id': pull_request.target_ref_parts.commit_id,

4310

},

4312

},

4311

},

4313

},

4312

'merge': merge_data,

4314

'merge': merge_data,

4313

'author': pull_request.author.get_api_data(include_secrets=False,

4315

'author': pull_request.author.get_api_data(include_secrets=False,

4314

details='basic'),

4316

details='basic'),

4315

'reviewers': [

4317

'reviewers': [

4316

{

4318

{

4317

'user': reviewer.get_api_data(include_secrets=False,

4319

'user': reviewer.get_api_data(include_secrets=False,

4318

details='basic'),

4320

details='basic'),

4319

'reasons': reasons,

4321

'reasons': reasons,

4320

'review_status': st[0][1].status if st else 'not_reviewed',

4322

'review_status': st[0][1].status if st else 'not_reviewed',

4321

}

4323

}

4322

for obj, reviewer, reasons, mandatory, st in

4324

for obj, reviewer, reasons, mandatory, st in

4323

pull_request.reviewers_statuses()

4325

pull_request.reviewers_statuses()

4324

]

4326

]

4325

}

4327

}

4326

4328

4327

return data

4329

return data

4328

4330

4329

def set_state(self, pull_request_state, final_state=None):

4331

def set_state(self, pull_request_state, final_state=None):

4330

"""

4332

"""

4331

# goes from initial state to updating to initial state.

4333

# goes from initial state to updating to initial state.

4332

# initial state can be changed by specifying back_state=

4334

# initial state can be changed by specifying back_state=

4333

with pull_request_obj.set_state(PullRequest.STATE_UPDATING):

4335

with pull_request_obj.set_state(PullRequest.STATE_UPDATING):

4334

pull_request.merge()

4336

pull_request.merge()

4335

4337

4336

:param pull_request_state:

4338

:param pull_request_state:

4337

:param final_state:

4339

:param final_state:

4338

4340

4339

"""

4341

"""

4340

4342

4341

return _SetState(self, pull_request_state, back_state=final_state)

4343

return _SetState(self, pull_request_state, back_state=final_state)

4342

4344

4343

4345

4344

class PullRequest(Base, _PullRequestBase):

4346

class PullRequest(Base, _PullRequestBase):

4345

__tablename__ = 'pull_requests'

4347

__tablename__ = 'pull_requests'

4346

__table_args__ = (

4348

__table_args__ = (

4347

base_table_args,

4349

base_table_args,

4348

)

4350

)

4349

LATEST_VER = 'latest'

4351

LATEST_VER = 'latest'

4350

4352

4351

pull_request_id = Column(

4353

pull_request_id = Column(

4352

'pull_request_id', Integer(), nullable=False, primary_key=True)

4354

'pull_request_id', Integer(), nullable=False, primary_key=True)

4353

4355

4354

def __repr__(self):

4356

def __repr__(self):

4355

if self.pull_request_id:

4357

if self.pull_request_id:

4356

return '<DB:PullRequest #%s>' % self.pull_request_id

4358

return '<DB:PullRequest #%s>' % self.pull_request_id

4357

else:

4359

else:

4358

return '<DB:PullRequest at %#x>' % id(self)

4360

return '<DB:PullRequest at %#x>' % id(self)

4359

4361

4360

reviewers = relationship('PullRequestReviewers', cascade="all, delete-orphan")

4362

reviewers = relationship('PullRequestReviewers', cascade="all, delete-orphan")

4361

statuses = relationship('ChangesetStatus', cascade="all, delete-orphan")

4363

statuses = relationship('ChangesetStatus', cascade="all, delete-orphan")

4362

comments = relationship('ChangesetComment', cascade="all, delete-orphan")

4364

comments = relationship('ChangesetComment', cascade="all, delete-orphan")

4363

versions = relationship('PullRequestVersion', cascade="all, delete-orphan",

4365

versions = relationship('PullRequestVersion', cascade="all, delete-orphan",

4364

lazy='dynamic')

4366

lazy='dynamic')

4365

4367

4366

@classmethod

4368

@classmethod

4367

def get_pr_display_object(cls, pull_request_obj, org_pull_request_obj,

4369

def get_pr_display_object(cls, pull_request_obj, org_pull_request_obj,

4368

internal_methods=None):

4370

internal_methods=None):

4369

4371

4370

class PullRequestDisplay(object):

4372

class PullRequestDisplay(object):

4371

"""

4373

"""

4372

Special object wrapper for showing PullRequest data via Versions

4374

Special object wrapper for showing PullRequest data via Versions

4373

It mimics PR object as close as possible. This is read only object

4375

It mimics PR object as close as possible. This is read only object

4374

just for display

4376

just for display

4375

"""

4377

"""

4376

4378

4377

def __init__(self, attrs, internal=None):

4379

def __init__(self, attrs, internal=None):

4378

self.attrs = attrs

4380

self.attrs = attrs

4379

# internal have priority over the given ones via attrs

4381

# internal have priority over the given ones via attrs

4380

self.internal = internal or ['versions']

4382

self.internal = internal or ['versions']

4381

4383

4382

def __getattr__(self, item):

4384

def __getattr__(self, item):

4383

if item in self.internal:

4385

if item in self.internal:

4384

return getattr(self, item)

4386

return getattr(self, item)

4385

try:

4387

try:

4386

return self.attrs[item]

4388

return self.attrs[item]

4387

except KeyError:

4389

except KeyError:

4388

raise AttributeError(

4390

raise AttributeError(

4389

'%s object has no attribute %s' % (self, item))

4391

'%s object has no attribute %s' % (self, item))

4390

4392

4391

def __repr__(self):

4393

def __repr__(self):

4392

return '<DB:PullRequestDisplay #%s>' % self.attrs.get('pull_request_id')

4394

return '<DB:PullRequestDisplay #%s>' % self.attrs.get('pull_request_id')

4393

4395

4394

def versions(self):

4396

def versions(self):

4395

return pull_request_obj.versions.order_by(

4397

return pull_request_obj.versions.order_by(

4396

PullRequestVersion.pull_request_version_id).all()

4398

PullRequestVersion.pull_request_version_id).all()

4397

4399

4398

def is_closed(self):

4400

def is_closed(self):

4399

return pull_request_obj.is_closed()

4401

return pull_request_obj.is_closed()

4400

4402

4401

def is_state_changing(self):

4403

def is_state_changing(self):

4402

return pull_request_obj.is_state_changing()

4404

return pull_request_obj.is_state_changing()

4403

4405

4404

@property

4406

@property

4405

def pull_request_version_id(self):

4407

def pull_request_version_id(self):

4406

return getattr(pull_request_obj, 'pull_request_version_id', None)

4408

return getattr(pull_request_obj, 'pull_request_version_id', None)

4407

4409

4408

@property

4410

@property

4409

def pull_request_last_version(self):

4411

def pull_request_last_version(self):

4410

return pull_request_obj.pull_request_last_version

4412

return pull_request_obj.pull_request_last_version

4411

4413

4412

attrs = StrictAttributeDict(pull_request_obj.get_api_data(with_merge_state=False))

4414

attrs = StrictAttributeDict(pull_request_obj.get_api_data(with_merge_state=False))

4413

4415

4414

attrs.author = StrictAttributeDict(

4416

attrs.author = StrictAttributeDict(

4415

pull_request_obj.author.get_api_data())

4417

pull_request_obj.author.get_api_data())

4416

if pull_request_obj.target_repo:

4418

if pull_request_obj.target_repo:

4417

attrs.target_repo = StrictAttributeDict(

4419

attrs.target_repo = StrictAttributeDict(

4418

pull_request_obj.target_repo.get_api_data())

4420

pull_request_obj.target_repo.get_api_data())

4419

attrs.target_repo.clone_url = pull_request_obj.target_repo.clone_url

4421

attrs.target_repo.clone_url = pull_request_obj.target_repo.clone_url

4420

4422

4421

if pull_request_obj.source_repo:

4423

if pull_request_obj.source_repo:

4422

attrs.source_repo = StrictAttributeDict(

4424

attrs.source_repo = StrictAttributeDict(

4423

pull_request_obj.source_repo.get_api_data())

4425

pull_request_obj.source_repo.get_api_data())

4424

attrs.source_repo.clone_url = pull_request_obj.source_repo.clone_url

4426

attrs.source_repo.clone_url = pull_request_obj.source_repo.clone_url

4425

4427

4426

attrs.source_ref_parts = pull_request_obj.source_ref_parts

4428

attrs.source_ref_parts = pull_request_obj.source_ref_parts

4427

attrs.target_ref_parts = pull_request_obj.target_ref_parts

4429

attrs.target_ref_parts = pull_request_obj.target_ref_parts

4428

attrs.revisions = pull_request_obj.revisions

4430

attrs.revisions = pull_request_obj.revisions

4429

attrs.common_ancestor_id = pull_request_obj.common_ancestor_id

4431

attrs.common_ancestor_id = pull_request_obj.common_ancestor_id

4430

attrs.shadow_merge_ref = org_pull_request_obj.shadow_merge_ref

4432

attrs.shadow_merge_ref = org_pull_request_obj.shadow_merge_ref

4431

attrs.reviewer_data = org_pull_request_obj.reviewer_data

4433

attrs.reviewer_data = org_pull_request_obj.reviewer_data

4432

attrs.reviewer_data_json = org_pull_request_obj.reviewer_data_json

4434

attrs.reviewer_data_json = org_pull_request_obj.reviewer_data_json

4433

4435

4434

return PullRequestDisplay(attrs, internal=internal_methods)

4436

return PullRequestDisplay(attrs, internal=internal_methods)

4435

4437

4436

def is_closed(self):

4438

def is_closed(self):

4437

return self.status == self.STATUS_CLOSED

4439

return self.status == self.STATUS_CLOSED

4438

4440

4439

def is_state_changing(self):

4441

def is_state_changing(self):

4440

return self.pull_request_state != PullRequest.STATE_CREATED

4442

return self.pull_request_state != PullRequest.STATE_CREATED

4441

4443

4442

def __json__(self):

4444

def __json__(self):

4443

return {

4445

return {

4444

'revisions': self.revisions,

4446

'revisions': self.revisions,

4445

'versions': self.versions_count

4447

'versions': self.versions_count

4446

}

4448

}

4447

4449

4448

def calculated_review_status(self):

4450

def calculated_review_status(self):

4449

from rhodecode.model.changeset_status import ChangesetStatusModel

4451

from rhodecode.model.changeset_status import ChangesetStatusModel

4450

return ChangesetStatusModel().calculated_review_status(self)

4452

return ChangesetStatusModel().calculated_review_status(self)

4451

4453

4452

def reviewers_statuses(self):

4454

def reviewers_statuses(self):

4453

from rhodecode.model.changeset_status import ChangesetStatusModel

4455

from rhodecode.model.changeset_status import ChangesetStatusModel

4454

return ChangesetStatusModel().reviewers_statuses(self)

4456

return ChangesetStatusModel().reviewers_statuses(self)

4455

4457

4456

@property

4458

@property

4457

def workspace_id(self):

4459

def workspace_id(self):

4458

from rhodecode.model.pull_request import PullRequestModel

4460

from rhodecode.model.pull_request import PullRequestModel

4459

return PullRequestModel()._workspace_id(self)

4461

return PullRequestModel()._workspace_id(self)

4460

4462

4461

def get_shadow_repo(self):

4463

def get_shadow_repo(self):

4462

workspace_id = self.workspace_id

4464

workspace_id = self.workspace_id

4463

shadow_repository_path = self.target_repo.get_shadow_repository_path(workspace_id)

4465

shadow_repository_path = self.target_repo.get_shadow_repository_path(workspace_id)

4464

if os.path.isdir(shadow_repository_path):

4466

if os.path.isdir(shadow_repository_path):

4465

vcs_obj = self.target_repo.scm_instance()

4467

vcs_obj = self.target_repo.scm_instance()

4466

return vcs_obj.get_shadow_instance(shadow_repository_path)

4468

return vcs_obj.get_shadow_instance(shadow_repository_path)

4467

4469

4468

@property

4470

@property

4469

def versions_count(self):

4471

def versions_count(self):

4470

"""

4472

"""

4471

return number of versions this PR have, e.g a PR that once been

4473

return number of versions this PR have, e.g a PR that once been

4472

updated will have 2 versions

4474

updated will have 2 versions

4473

"""

4475

"""

4474

return self.versions.count() + 1

4476

return self.versions.count() + 1

4475

4477

4476

@property

4478

@property

4477

def pull_request_last_version(self):

4479

def pull_request_last_version(self):

4478

return self.versions_count

4480

return self.versions_count

4479

4481

4480

4482

4481

class PullRequestVersion(Base, _PullRequestBase):

4483

class PullRequestVersion(Base, _PullRequestBase):

4482

__tablename__ = 'pull_request_versions'

4484

__tablename__ = 'pull_request_versions'

4483

__table_args__ = (

4485

__table_args__ = (

4484

base_table_args,

4486

base_table_args,

4485

)

4487

)

4486

4488

4487

pull_request_version_id = Column(

4489

pull_request_version_id = Column(

4488

'pull_request_version_id', Integer(), nullable=False, primary_key=True)

4490

'pull_request_version_id', Integer(), nullable=False, primary_key=True)

4489

pull_request_id = Column(

4491

pull_request_id = Column(

4490

'pull_request_id', Integer(),

4492

'pull_request_id', Integer(),

4491

ForeignKey('pull_requests.pull_request_id'), nullable=False)

4493

ForeignKey('pull_requests.pull_request_id'), nullable=False)

4492

pull_request = relationship('PullRequest')

4494

pull_request = relationship('PullRequest')

4493

4495

4494

def __repr__(self):

4496

def __repr__(self):

4495

if self.pull_request_version_id:

4497

if self.pull_request_version_id:

4496

return '<DB:PullRequestVersion #%s>' % self.pull_request_version_id

4498

return '<DB:PullRequestVersion #%s>' % self.pull_request_version_id

4497

else:

4499

else:

4498

return '<DB:PullRequestVersion at %#x>' % id(self)

4500

return '<DB:PullRequestVersion at %#x>' % id(self)

4499

4501

4500

@property

4502

@property

4501

def reviewers(self):

4503

def reviewers(self):

4502

return self.pull_request.reviewers

4504

return self.pull_request.reviewers

4503

4505

4504

@property

4506

@property

4505

def versions(self):

4507

def versions(self):

4506

return self.pull_request.versions

4508

return self.pull_request.versions

4507

4509

4508

def is_closed(self):

4510

def is_closed(self):

4509

# calculate from original

4511

# calculate from original

4510

return self.pull_request.status == self.STATUS_CLOSED

4512

return self.pull_request.status == self.STATUS_CLOSED

4511

4513

4512

def is_state_changing(self):

4514

def is_state_changing(self):

4513

return self.pull_request.pull_request_state != PullRequest.STATE_CREATED

4515

return self.pull_request.pull_request_state != PullRequest.STATE_CREATED

4514

4516

4515

def calculated_review_status(self):

4517

def calculated_review_status(self):

4516

return self.pull_request.calculated_review_status()

4518

return self.pull_request.calculated_review_status()

4517

4519

4518

def reviewers_statuses(self):

4520

def reviewers_statuses(self):

4519

return self.pull_request.reviewers_statuses()

4521

return self.pull_request.reviewers_statuses()

4520

4522

4521

4523

4522

class PullRequestReviewers(Base, BaseModel):

4524

class PullRequestReviewers(Base, BaseModel):

4523

__tablename__ = 'pull_request_reviewers'

4525

__tablename__ = 'pull_request_reviewers'

4524

__table_args__ = (

4526

__table_args__ = (

4525

base_table_args,

4527

base_table_args,

4526

)

4528

)

4527

ROLE_REVIEWER = u'reviewer'

4529

ROLE_REVIEWER = u'reviewer'

4528

ROLE_OBSERVER = u'observer'

4530

ROLE_OBSERVER = u'observer'

4529

4531

4530

@hybrid_property

4532

@hybrid_property

4531

def reasons(self):

4533

def reasons(self):

4532

if not self._reasons:

4534

if not self._reasons:

4533

return []

4535

return []

4534

return self._reasons

4536

return self._reasons

4535

4537

4536

@reasons.setter

4538

@reasons.setter

4537

def reasons(self, val):

4539

def reasons(self, val):

4538

val = val or []

4540

val = val or []

4539

if any(not isinstance(x, compat.string_types) for x in val):

4541

if any(not isinstance(x, compat.string_types) for x in val):

4540

raise Exception('invalid reasons type, must be list of strings')

4542

raise Exception('invalid reasons type, must be list of strings')

4541

self._reasons = val

4543

self._reasons = val

4542

4544

4543

pull_requests_reviewers_id = Column(

4545

pull_requests_reviewers_id = Column(

4544

'pull_requests_reviewers_id', Integer(), nullable=False,

4546

'pull_requests_reviewers_id', Integer(), nullable=False,

4545

primary_key=True)

4547

primary_key=True)

4546

pull_request_id = Column(

4548

pull_request_id = Column(

4547

"pull_request_id", Integer(),

4549

"pull_request_id", Integer(),

4548

ForeignKey('pull_requests.pull_request_id'), nullable=False)

4550

ForeignKey('pull_requests.pull_request_id'), nullable=False)

4549

user_id = Column(

4551

user_id = Column(

4550

"user_id", Integer(), ForeignKey('users.user_id'), nullable=True)

4552

"user_id", Integer(), ForeignKey('users.user_id'), nullable=True)

4551

_reasons = Column(

4553

_reasons = Column(

4552

'reason', MutationList.as_mutable(

4554

'reason', MutationList.as_mutable(

4553

JsonType('list', dialect_map=dict(mysql=UnicodeText(16384)))))

4555

JsonType('list', dialect_map=dict(mysql=UnicodeText(16384)))))

4554

4556

4555

mandatory = Column("mandatory", Boolean(), nullable=False, default=False)

4557

mandatory = Column("mandatory", Boolean(), nullable=False, default=False)

4556

role = Column('role', Unicode(255), nullable=True, default=ROLE_REVIEWER)

4558

role = Column('role', Unicode(255), nullable=True, default=ROLE_REVIEWER)

4557

4559

4558

user = relationship('User')

4560

user = relationship('User')

4559

pull_request = relationship('PullRequest')

4561

pull_request = relationship('PullRequest')

4560

4562

4561

rule_data = Column(

4563

rule_data = Column(

4562

'rule_data_json',

4564

'rule_data_json',

4563

JsonType(dialect_map=dict(mysql=UnicodeText(16384))))

4565

JsonType(dialect_map=dict(mysql=UnicodeText(16384))))

4564

4566

4565

def rule_user_group_data(self):

4567

def rule_user_group_data(self):

4566

"""

4568

"""

4567

Returns the voting user group rule data for this reviewer

4569

Returns the voting user group rule data for this reviewer

4568

"""

4570

"""

4569

4571

4570

if self.rule_data and 'vote_rule' in self.rule_data:

4572

if self.rule_data and 'vote_rule' in self.rule_data:

4571

user_group_data = {}

4573

user_group_data = {}

4572

if 'rule_user_group_entry_id' in self.rule_data:

4574

if 'rule_user_group_entry_id' in self.rule_data:

4573

# means a group with voting rules !

4575

# means a group with voting rules !

4574

user_group_data['id'] = self.rule_data['rule_user_group_entry_id']

4576

user_group_data['id'] = self.rule_data['rule_user_group_entry_id']

4575

user_group_data['name'] = self.rule_data['rule_name']

4577

user_group_data['name'] = self.rule_data['rule_name']

4576

user_group_data['vote_rule'] = self.rule_data['vote_rule']

4578

user_group_data['vote_rule'] = self.rule_data['vote_rule']

4577

4579

4578

return user_group_data

4580

return user_group_data

4579

4581

4580

def __unicode__(self):

4582

def __unicode__(self):

4581

return u"<%s('id:%s')>" % (self.__class__.__name__,

4583

return u"<%s('id:%s')>" % (self.__class__.__name__,

4582

self.pull_requests_reviewers_id)

4584

self.pull_requests_reviewers_id)

4583

4585

4584

4586

4585

class Notification(Base, BaseModel):

4587

class Notification(Base, BaseModel):

4586

__tablename__ = 'notifications'

4588

__tablename__ = 'notifications'

4587

__table_args__ = (

4589

__table_args__ = (

4588

Index('notification_type_idx', 'type'),

4590

Index('notification_type_idx', 'type'),

4589

base_table_args,

4591

base_table_args,

4590

)

4592

)

4591

4593

4592

TYPE_CHANGESET_COMMENT = u'cs_comment'

4594

TYPE_CHANGESET_COMMENT = u'cs_comment'

4593

TYPE_MESSAGE = u'message'

4595

TYPE_MESSAGE = u'message'

4594

TYPE_MENTION = u'mention'

4596

TYPE_MENTION = u'mention'

4595

TYPE_REGISTRATION = u'registration'

4597

TYPE_REGISTRATION = u'registration'

4596

TYPE_PULL_REQUEST = u'pull_request'

4598

TYPE_PULL_REQUEST = u'pull_request'

4597

TYPE_PULL_REQUEST_COMMENT = u'pull_request_comment'

4599

TYPE_PULL_REQUEST_COMMENT = u'pull_request_comment'

4598

TYPE_PULL_REQUEST_UPDATE = u'pull_request_update'

4600

TYPE_PULL_REQUEST_UPDATE = u'pull_request_update'

4599

4601

4600

notification_id = Column('notification_id', Integer(), nullable=False, primary_key=True)

4602

notification_id = Column('notification_id', Integer(), nullable=False, primary_key=True)

4601

subject = Column('subject', Unicode(512), nullable=True)

4603

subject = Column('subject', Unicode(512), nullable=True)

4602

body = Column('body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True)

4604

body = Column('body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True)

4603

created_by = Column("created_by", Integer(), ForeignKey('users.user_id'), nullable=True)

4605

created_by = Column("created_by", Integer(), ForeignKey('users.user_id'), nullable=True)

4604

created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

4606

created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

4605

type_ = Column('type', Unicode(255))

4607

type_ = Column('type', Unicode(255))

4606

4608

4607

created_by_user = relationship('User')

4609

created_by_user = relationship('User')

4608

notifications_to_users = relationship('UserNotification', lazy='joined',

4610

notifications_to_users = relationship('UserNotification', lazy='joined',

4609

cascade="all, delete-orphan")

4611

cascade="all, delete-orphan")

4610

4612

4611

@property

4613

@property

4612

def recipients(self):

4614

def recipients(self):

4613

return [x.user for x in UserNotification.query()\

4615

return [x.user for x in UserNotification.query()\

4614

.filter(UserNotification.notification == self)\

4616

.filter(UserNotification.notification == self)\

4615

.order_by(UserNotification.user_id.asc()).all()]

4617

.order_by(UserNotification.user_id.asc()).all()]

4616

4618

4617

@classmethod

4619

@classmethod

4618

def create(cls, created_by, subject, body, recipients, type_=None):

4620

def create(cls, created_by, subject, body, recipients, type_=None):

4619

if type_ is None:

4621

if type_ is None:

4620

type_ = Notification.TYPE_MESSAGE

4622

type_ = Notification.TYPE_MESSAGE

4621

4623

4622

notification = cls()

4624

notification = cls()

4623

notification.created_by_user = created_by

4625

notification.created_by_user = created_by

4624

notification.subject = subject

4626

notification.subject = subject

4625

notification.body = body

4627

notification.body = body

4626

notification.type_ = type_

4628

notification.type_ = type_

4627

notification.created_on = datetime.datetime.now()

4629

notification.created_on = datetime.datetime.now()

4628

4630

4629

# For each recipient link the created notification to his account

4631

# For each recipient link the created notification to his account

4630

for u in recipients:

4632

for u in recipients:

4631

assoc = UserNotification()

4633

assoc = UserNotification()

4632

assoc.user_id = u.user_id

4634

assoc.user_id = u.user_id

4633

assoc.notification = notification

4635

assoc.notification = notification

4634

4636

4635

# if created_by is inside recipients mark his notification

4637

# if created_by is inside recipients mark his notification

4636

# as read

4638

# as read

4637

if u.user_id == created_by.user_id:

4639

if u.user_id == created_by.user_id:

4638

assoc.read = True

4640

assoc.read = True

4639

Session().add(assoc)

4641

Session().add(assoc)

4640

4642

4641

Session().add(notification)

4643

Session().add(notification)

4642

4644

4643

return notification

4645

return notification

4644

4646

4645

4647

4646

class UserNotification(Base, BaseModel):

4648

class UserNotification(Base, BaseModel):

4647

__tablename__ = 'user_to_notification'

4649

__tablename__ = 'user_to_notification'

4648

__table_args__ = (

4650

__table_args__ = (

4649

UniqueConstraint('user_id', 'notification_id'),

4651

UniqueConstraint('user_id', 'notification_id'),

4650

base_table_args

4652

base_table_args

4651

)

4653

)

4652

4654

4653

user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)

4655

user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)

4654

notification_id = Column("notification_id", Integer(), ForeignKey('notifications.notification_id'), primary_key=True)

4656

notification_id = Column("notification_id", Integer(), ForeignKey('notifications.notification_id'), primary_key=True)

4655

read = Column('read', Boolean, default=False)

4657

read = Column('read', Boolean, default=False)

4656

sent_on = Column('sent_on', DateTime(timezone=False), nullable=True, unique=None)

4658

sent_on = Column('sent_on', DateTime(timezone=False), nullable=True, unique=None)

4657

4659

4658

user = relationship('User', lazy="joined")

4660

user = relationship('User', lazy="joined")

4659

notification = relationship('Notification', lazy="joined",

4661

notification = relationship('Notification', lazy="joined",

4660

order_by=lambda: Notification.created_on.desc(),)

4662

order_by=lambda: Notification.created_on.desc(),)

4661

4663

4662

def mark_as_read(self):

4664

def mark_as_read(self):

4663

self.read = True

4665

self.read = True

4664

Session().add(self)

4666

Session().add(self)

4665

4667

4666

4668

4667

class UserNotice(Base, BaseModel):

4669

class UserNotice(Base, BaseModel):

4668

__tablename__ = 'user_notices'

4670

__tablename__ = 'user_notices'

4669

__table_args__ = (

4671

__table_args__ = (

4670

base_table_args

4672

base_table_args

4671

)

4673

)

4672

4674

4673

NOTIFICATION_TYPE_MESSAGE = 'message'

4675

NOTIFICATION_TYPE_MESSAGE = 'message'

4674

NOTIFICATION_TYPE_NOTICE = 'notice'

4676

NOTIFICATION_TYPE_NOTICE = 'notice'

4675

4677

4676

NOTIFICATION_LEVEL_INFO = 'info'

4678

NOTIFICATION_LEVEL_INFO = 'info'

4677

NOTIFICATION_LEVEL_WARNING = 'warning'

4679

NOTIFICATION_LEVEL_WARNING = 'warning'

4678

NOTIFICATION_LEVEL_ERROR = 'error'

4680

NOTIFICATION_LEVEL_ERROR = 'error'

4679

4681

4680

user_notice_id = Column('gist_id', Integer(), primary_key=True)

4682

user_notice_id = Column('gist_id', Integer(), primary_key=True)

4681

4683

4682

notice_subject = Column('notice_subject', Unicode(512), nullable=True)

4684

notice_subject = Column('notice_subject', Unicode(512), nullable=True)

4683

notice_body = Column('notice_body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True)

4685

notice_body = Column('notice_body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True)

4684

4686

4685

notice_read = Column('notice_read', Boolean, default=False)

4687

notice_read = Column('notice_read', Boolean, default=False)

4686

4688

4687

notification_level = Column('notification_level', String(1024), default=NOTIFICATION_LEVEL_INFO)

4689

notification_level = Column('notification_level', String(1024), default=NOTIFICATION_LEVEL_INFO)

4688

notification_type = Column('notification_type', String(1024), default=NOTIFICATION_TYPE_NOTICE)

4690

notification_type = Column('notification_type', String(1024), default=NOTIFICATION_TYPE_NOTICE)

4689

4691

4690

notice_created_by = Column('notice_created_by', Integer(), ForeignKey('users.user_id'), nullable=True)

4692

notice_created_by = Column('notice_created_by', Integer(), ForeignKey('users.user_id'), nullable=True)

4691

notice_created_on = Column('notice_created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

4693

notice_created_on = Column('notice_created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

4692

4694

4693

user_id = Column('user_id', Integer(), ForeignKey('users.user_id'))

4695

user_id = Column('user_id', Integer(), ForeignKey('users.user_id'))

4694

user = relationship('User', lazy="joined", primaryjoin='User.user_id==UserNotice.user_id')

4696

user = relationship('User', lazy="joined", primaryjoin='User.user_id==UserNotice.user_id')

4695

4697

4696

@classmethod

4698

@classmethod

4697

def create_for_user(cls, user, subject, body, notice_level=NOTIFICATION_LEVEL_INFO, allow_duplicate=False):

4699

def create_for_user(cls, user, subject, body, notice_level=NOTIFICATION_LEVEL_INFO, allow_duplicate=False):

4698

4700

4699

if notice_level not in [cls.NOTIFICATION_LEVEL_ERROR,

4701

if notice_level not in [cls.NOTIFICATION_LEVEL_ERROR,

4700

cls.NOTIFICATION_LEVEL_WARNING,

4702

cls.NOTIFICATION_LEVEL_WARNING,

4701

cls.NOTIFICATION_LEVEL_INFO]:

4703

cls.NOTIFICATION_LEVEL_INFO]:

4702

return

4704

return

4703

4705

4704

from rhodecode.model.user import UserModel

4706

from rhodecode.model.user import UserModel

4705

user = UserModel().get_user(user)

4707

user = UserModel().get_user(user)

4706

4708

4707

new_notice = UserNotice()

4709

new_notice = UserNotice()

4708

if not allow_duplicate:

4710

if not allow_duplicate:

4709

existing_msg = UserNotice().query() \

4711

existing_msg = UserNotice().query() \

4710

.filter(UserNotice.user == user) \

4712

.filter(UserNotice.user == user) \

4711

.filter(UserNotice.notice_body == body) \

4713

.filter(UserNotice.notice_body == body) \

4712

.filter(UserNotice.notice_read == false()) \

4714

.filter(UserNotice.notice_read == false()) \

4713

.scalar()

4715

.scalar()

4714

if existing_msg:

4716

if existing_msg:

4715

log.warning('Ignoring duplicate notice for user %s', user)

4717

log.warning('Ignoring duplicate notice for user %s', user)

4716

return

4718

return

4717

4719

4718

new_notice.user = user

4720

new_notice.user = user

4719

new_notice.notice_subject = subject

4721

new_notice.notice_subject = subject

4720

new_notice.notice_body = body

4722

new_notice.notice_body = body

4721

new_notice.notification_level = notice_level

4723

new_notice.notification_level = notice_level

4722

Session().add(new_notice)

4724

Session().add(new_notice)

4723

Session().commit()

4725

Session().commit()

4724

4726

4725

4727

4726

class Gist(Base, BaseModel):

4728

class Gist(Base, BaseModel):

4727

__tablename__ = 'gists'

4729

__tablename__ = 'gists'

4728

__table_args__ = (

4730

__table_args__ = (

4729

Index('g_gist_access_id_idx', 'gist_access_id'),

4731

Index('g_gist_access_id_idx', 'gist_access_id'),

4730

Index('g_created_on_idx', 'created_on'),

4732

Index('g_created_on_idx', 'created_on'),

4731

base_table_args

4733

base_table_args

4732

)

4734

)

4733

4735

4734

GIST_PUBLIC = u'public'

4736

GIST_PUBLIC = u'public'

4735

GIST_PRIVATE = u'private'

4737

GIST_PRIVATE = u'private'

4736

DEFAULT_FILENAME = u'gistfile1.txt'

4738

DEFAULT_FILENAME = u'gistfile1.txt'

4737

4739

4738

ACL_LEVEL_PUBLIC = u'acl_public'

4740

ACL_LEVEL_PUBLIC = u'acl_public'

4739

ACL_LEVEL_PRIVATE = u'acl_private'

4741

ACL_LEVEL_PRIVATE = u'acl_private'

4740

4742

4741

gist_id = Column('gist_id', Integer(), primary_key=True)

4743

gist_id = Column('gist_id', Integer(), primary_key=True)

4742

gist_access_id = Column('gist_access_id', Unicode(250))

4744

gist_access_id = Column('gist_access_id', Unicode(250))

4743

gist_description = Column('gist_description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))

4745

gist_description = Column('gist_description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))

4744

gist_owner = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True)

4746

gist_owner = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True)

4745

gist_expires = Column('gist_expires', Float(53), nullable=False)

4747

gist_expires = Column('gist_expires', Float(53), nullable=False)

4746

gist_type = Column('gist_type', Unicode(128), nullable=False)

4748

gist_type = Column('gist_type', Unicode(128), nullable=False)

4747

created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

4749

created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

4748

modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

4750

modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

4749

acl_level = Column('acl_level', Unicode(128), nullable=True)

4751

acl_level = Column('acl_level', Unicode(128), nullable=True)

4750

4752

4751

owner = relationship('User')

4753

owner = relationship('User')

4752

4754

4753

def __repr__(self):

4755

def __repr__(self):

4754

return '<Gist:[%s]%s>' % (self.gist_type, self.gist_access_id)

4756

return '<Gist:[%s]%s>' % (self.gist_type, self.gist_access_id)

4755

4757

4756

@hybrid_property

4758

@hybrid_property

4757

def description_safe(self):

4759

def description_safe(self):

4758

from rhodecode.lib import helpers as h

4760

from rhodecode.lib import helpers as h

4759

return h.escape(self.gist_description)

4761

return h.escape(self.gist_description)

4760

4762

4761

@classmethod

4763

@classmethod

4762

def get_or_404(cls, id_):

4764

def get_or_404(cls, id_):

4763

from pyramid.httpexceptions import HTTPNotFound

4765

from pyramid.httpexceptions import HTTPNotFound

4764

4766

4765

res = cls.query().filter(cls.gist_access_id == id_).scalar()

4767

res = cls.query().filter(cls.gist_access_id == id_).scalar()

4766

if not res:

4768

if not res:

4767

raise HTTPNotFound()

4769

raise HTTPNotFound()

4768

return res

4770

return res

4769

4771

4770

@classmethod

4772

@classmethod

4771

def get_by_access_id(cls, gist_access_id):

4773

def get_by_access_id(cls, gist_access_id):

4772

return cls.query().filter(cls.gist_access_id == gist_access_id).scalar()

4774

return cls.query().filter(cls.gist_access_id == gist_access_id).scalar()

4773

4775

4774

def gist_url(self):

4776

def gist_url(self):

4775

from rhodecode.model.gist import GistModel

4777

from rhodecode.model.gist import GistModel

4776

return GistModel().get_url(self)

4778

return GistModel().get_url(self)

4777

4779

4778

@classmethod

4780

@classmethod

4779

def base_path(cls):

4781

def base_path(cls):

4780

"""

4782

"""

4781

Returns base path when all gists are stored

4783

Returns base path when all gists are stored

4782

4784

4783

:param cls:

4785

:param cls:

4784

"""

4786

"""

4785

from rhodecode.model.gist import GIST_STORE_LOC

4787

from rhodecode.model.gist import GIST_STORE_LOC

4786

q = Session().query(RhodeCodeUi)\

4788

q = Session().query(RhodeCodeUi)\

4787

.filter(RhodeCodeUi.ui_key == URL_SEP)

4789

.filter(RhodeCodeUi.ui_key == URL_SEP)

4788

q = q.options(FromCache("sql_cache_short", "repository_repo_path"))

4790

q = q.options(FromCache("sql_cache_short", "repository_repo_path"))

4789

return os.path.join(q.one().ui_value, GIST_STORE_LOC)

4791

return os.path.join(q.one().ui_value, GIST_STORE_LOC)

4790

4792

4791

def get_api_data(self):

4793

def get_api_data(self):

4792

"""

4794

"""

4793

Common function for generating gist related data for API

4795

Common function for generating gist related data for API

4794

"""

4796

"""

4795

gist = self

4797

gist = self

4796

data = {

4798

data = {

4797

'gist_id': gist.gist_id,

4799

'gist_id': gist.gist_id,

4798

'type': gist.gist_type,

4800

'type': gist.gist_type,

4799

'access_id': gist.gist_access_id,

4801

'access_id': gist.gist_access_id,

4800

'description': gist.gist_description,

4802

'description': gist.gist_description,

4801

'url': gist.gist_url(),

4803

'url': gist.gist_url(),

4802

'expires': gist.gist_expires,

4804

'expires': gist.gist_expires,

4803

'created_on': gist.created_on,

4805

'created_on': gist.created_on,

4804

'modified_at': gist.modified_at,

4806

'modified_at': gist.modified_at,

4805

'content': None,

4807

'content': None,

4806

'acl_level': gist.acl_level,

4808

'acl_level': gist.acl_level,

4807

}

4809

}

4808

return data

4810

return data

4809

4811

4810

def __json__(self):

4812

def __json__(self):

4811

data = dict(

4813

data = dict(

4812

)

4814

)

4813

data.update(self.get_api_data())

4815

data.update(self.get_api_data())

4814

return data

4816

return data

4815

# SCM functions

4817

# SCM functions

4816

4818

4817

def scm_instance(self, **kwargs):

4819

def scm_instance(self, **kwargs):

4818

"""

4820

"""

4819

Get an instance of VCS Repository

4821

Get an instance of VCS Repository

4820

4822

4821

:param kwargs:

4823

:param kwargs:

4822

"""

4824

"""

4823

from rhodecode.model.gist import GistModel

4825

from rhodecode.model.gist import GistModel

4824

full_repo_path = os.path.join(self.base_path(), self.gist_access_id)

4826

full_repo_path = os.path.join(self.base_path(), self.gist_access_id)

4825

return get_vcs_instance(

4827

return get_vcs_instance(

4826

repo_path=safe_str(full_repo_path), create=False,

4828

repo_path=safe_str(full_repo_path), create=False,

4827

_vcs_alias=GistModel.vcs_backend)

4829

_vcs_alias=GistModel.vcs_backend)

4828

4830

4829

4831

4830

class ExternalIdentity(Base, BaseModel):

4832

class ExternalIdentity(Base, BaseModel):

4831

__tablename__ = 'external_identities'

4833

__tablename__ = 'external_identities'

4832

__table_args__ = (

4834

__table_args__ = (

4833

Index('local_user_id_idx', 'local_user_id'),

4835

Index('local_user_id_idx', 'local_user_id'),

4834

Index('external_id_idx', 'external_id'),

4836

Index('external_id_idx', 'external_id'),

4835

base_table_args

4837

base_table_args

4836

)

4838

)

4837

4839

4838

external_id = Column('external_id', Unicode(255), default=u'', primary_key=True)

4840

external_id = Column('external_id', Unicode(255), default=u'', primary_key=True)

4839

external_username = Column('external_username', Unicode(1024), default=u'')

4841

external_username = Column('external_username', Unicode(1024), default=u'')

4840

local_user_id = Column('local_user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)

4842

local_user_id = Column('local_user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)

4841

provider_name = Column('provider_name', Unicode(255), default=u'', primary_key=True)

4843

provider_name = Column('provider_name', Unicode(255), default=u'', primary_key=True)

4842

access_token = Column('access_token', String(1024), default=u'')

4844

access_token = Column('access_token', String(1024), default=u'')

4843

alt_token = Column('alt_token', String(1024), default=u'')

4845

alt_token = Column('alt_token', String(1024), default=u'')

4844

token_secret = Column('token_secret', String(1024), default=u'')

4846

token_secret = Column('token_secret', String(1024), default=u'')

4845

4847

4846

@classmethod

4848

@classmethod

4847

def by_external_id_and_provider(cls, external_id, provider_name, local_user_id=None):

4849

def by_external_id_and_provider(cls, external_id, provider_name, local_user_id=None):

4848

"""

4850

"""

4849

Returns ExternalIdentity instance based on search params

4851

Returns ExternalIdentity instance based on search params

4850

4852

4851

:param external_id:

4853

:param external_id:

4852

:param provider_name:

4854

:param provider_name:

4853

:return: ExternalIdentity

4855

:return: ExternalIdentity

4854

"""

4856

"""

4855

query = cls.query()

4857

query = cls.query()

4856

query = query.filter(cls.external_id == external_id)

4858

query = query.filter(cls.external_id == external_id)

4857

query = query.filter(cls.provider_name == provider_name)

4859

query = query.filter(cls.provider_name == provider_name)

4858

if local_user_id:

4860

if local_user_id:

4859

query = query.filter(cls.local_user_id == local_user_id)

4861

query = query.filter(cls.local_user_id == local_user_id)

4860

return query.first()

4862

return query.first()

4861

4863

4862

@classmethod

4864

@classmethod

4863

def user_by_external_id_and_provider(cls, external_id, provider_name):

4865

def user_by_external_id_and_provider(cls, external_id, provider_name):

4864

"""

4866

"""

4865

Returns User instance based on search params

4867

Returns User instance based on search params

4866

4868

4867

:param external_id:

4869

:param external_id:

4868

:param provider_name:

4870

:param provider_name:

4869

:return: User

4871

:return: User

4870

"""

4872

"""

4871

query = User.query()

4873

query = User.query()

4872

query = query.filter(cls.external_id == external_id)

4874

query = query.filter(cls.external_id == external_id)

4873

query = query.filter(cls.provider_name == provider_name)

4875

query = query.filter(cls.provider_name == provider_name)

4874

query = query.filter(User.user_id == cls.local_user_id)

4876

query = query.filter(User.user_id == cls.local_user_id)

4875

return query.first()

4877

return query.first()

4876

4878

4877

@classmethod

4879

@classmethod

4878

def by_local_user_id(cls, local_user_id):

4880

def by_local_user_id(cls, local_user_id):

4879

"""

4881

"""

4880

Returns all tokens for user

4882

Returns all tokens for user

4881

4883

4882

:param local_user_id:

4884

:param local_user_id:

4883

:return: ExternalIdentity

4885

:return: ExternalIdentity

4884

"""

4886

"""

4885

query = cls.query()

4887

query = cls.query()

4886

query = query.filter(cls.local_user_id == local_user_id)

4888

query = query.filter(cls.local_user_id == local_user_id)

4887

return query

4889

return query

4888

4890

4889

@classmethod

4891

@classmethod

4890

def load_provider_plugin(cls, plugin_id):

4892

def load_provider_plugin(cls, plugin_id):

4891

from rhodecode.authentication.base import loadplugin

4893

from rhodecode.authentication.base import loadplugin

4892

_plugin_id = 'egg:rhodecode-enterprise-ee#{}'.format(plugin_id)

4894

_plugin_id = 'egg:rhodecode-enterprise-ee#{}'.format(plugin_id)

4893

auth_plugin = loadplugin(_plugin_id)

4895

auth_plugin = loadplugin(_plugin_id)

4894

return auth_plugin

4896

return auth_plugin

4895

4897

4896

4898

4897

class Integration(Base, BaseModel):

4899

class Integration(Base, BaseModel):

4898

__tablename__ = 'integrations'

4900

__tablename__ = 'integrations'

4899

__table_args__ = (

4901

__table_args__ = (

4900

base_table_args

4902

base_table_args

4901

)

4903

)

4902

4904

4903

integration_id = Column('integration_id', Integer(), primary_key=True)

4905

integration_id = Column('integration_id', Integer(), primary_key=True)

4904

integration_type = Column('integration_type', String(255))

4906

integration_type = Column('integration_type', String(255))

4905

enabled = Column('enabled', Boolean(), nullable=False)

4907

enabled = Column('enabled', Boolean(), nullable=False)

4906

name = Column('name', String(255), nullable=False)

4908

name = Column('name', String(255), nullable=False)

4907

child_repos_only = Column('child_repos_only', Boolean(), nullable=False,

4909

child_repos_only = Column('child_repos_only', Boolean(), nullable=False,

4908

default=False)

4910

default=False)

4909

4911

4910

settings = Column(

4912

settings = Column(

4911

'settings_json', MutationObj.as_mutable(

4913

'settings_json', MutationObj.as_mutable(

4912

JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))

4914

JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))

4913

repo_id = Column(

4915

repo_id = Column(

4914

'repo_id', Integer(), ForeignKey('repositories.repo_id'),

4916

'repo_id', Integer(), ForeignKey('repositories.repo_id'),

4915

nullable=True, unique=None, default=None)

4917

nullable=True, unique=None, default=None)

4916

repo = relationship('Repository', lazy='joined')

4918

repo = relationship('Repository', lazy='joined')

4917

4919

4918

repo_group_id = Column(

4920

repo_group_id = Column(

4919

'repo_group_id', Integer(), ForeignKey('groups.group_id'),

4921

'repo_group_id', Integer(), ForeignKey('groups.group_id'),

4920

nullable=True, unique=None, default=None)

4922

nullable=True, unique=None, default=None)

4921

repo_group = relationship('RepoGroup', lazy='joined')

4923

repo_group = relationship('RepoGroup', lazy='joined')

4922

4924

4923

@property

4925

@property

4924

def scope(self):

4926

def scope(self):

4925

if self.repo:

4927

if self.repo:

4926

return repr(self.repo)

4928

return repr(self.repo)

4927

if self.repo_group:

4929

if self.repo_group:

4928

if self.child_repos_only:

4930

if self.child_repos_only:

4929

return repr(self.repo_group) + ' (child repos only)'

4931

return repr(self.repo_group) + ' (child repos only)'

4930

else:

4932

else:

4931

return repr(self.repo_group) + ' (recursive)'

4933

return repr(self.repo_group) + ' (recursive)'

4932

if self.child_repos_only:

4934

if self.child_repos_only:

4933

return 'root_repos'

4935

return 'root_repos'

4934

return 'global'

4936

return 'global'

4935

4937

4936

def __repr__(self):

4938

def __repr__(self):

4937

return '<Integration(%r, %r)>' % (self.integration_type, self.scope)

4939

return '<Integration(%r, %r)>' % (self.integration_type, self.scope)

4938

4940

4939

4941

4940

class RepoReviewRuleUser(Base, BaseModel):

4942

class RepoReviewRuleUser(Base, BaseModel):

4941

__tablename__ = 'repo_review_rules_users'

4943

__tablename__ = 'repo_review_rules_users'

4942

__table_args__ = (

4944

__table_args__ = (

4943

base_table_args

4945

base_table_args

4944

)

4946

)

4945

4947

4946

repo_review_rule_user_id = Column('repo_review_rule_user_id', Integer(), primary_key=True)

4948

repo_review_rule_user_id = Column('repo_review_rule_user_id', Integer(), primary_key=True)

4947

repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))

4949

repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))

4948

user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False)

4950

user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False)

4949

mandatory = Column("mandatory", Boolean(), nullable=False, default=False)

4951

mandatory = Column("mandatory", Boolean(), nullable=False, default=False)

4950

user = relationship('User')

4952

user = relationship('User')

4951

4953

4952

def rule_data(self):

4954

def rule_data(self):

4953

return {

4955

return {

4954

'mandatory': self.mandatory

4956

'mandatory': self.mandatory

4955

}

4957

}

4956

4958

4957

4959

4958

class RepoReviewRuleUserGroup(Base, BaseModel):

4960

class RepoReviewRuleUserGroup(Base, BaseModel):

4959

__tablename__ = 'repo_review_rules_users_groups'

4961

__tablename__ = 'repo_review_rules_users_groups'

4960

__table_args__ = (

4962

__table_args__ = (

4961

base_table_args

4963

base_table_args

4962

)

4964

)

4963

4965

4964

VOTE_RULE_ALL = -1

4966

VOTE_RULE_ALL = -1

4965

4967

4966

repo_review_rule_users_group_id = Column('repo_review_rule_users_group_id', Integer(), primary_key=True)

4968

repo_review_rule_users_group_id = Column('repo_review_rule_users_group_id', Integer(), primary_key=True)

4967

repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))

4969

repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))

4968

users_group_id = Column("users_group_id", Integer(),ForeignKey('users_groups.users_group_id'), nullable=False)

4970

users_group_id = Column("users_group_id", Integer(),ForeignKey('users_groups.users_group_id'), nullable=False)

4969

mandatory = Column("mandatory", Boolean(), nullable=False, default=False)

4971

mandatory = Column("mandatory", Boolean(), nullable=False, default=False)

4970

vote_rule = Column("vote_rule", Integer(), nullable=True, default=VOTE_RULE_ALL)

4972

vote_rule = Column("vote_rule", Integer(), nullable=True, default=VOTE_RULE_ALL)

4971

users_group = relationship('UserGroup')

4973

users_group = relationship('UserGroup')

4972

4974

4973

def rule_data(self):

4975

def rule_data(self):

4974

return {

4976

return {

4975

'mandatory': self.mandatory,

4977

'mandatory': self.mandatory,

4976

'vote_rule': self.vote_rule

4978

'vote_rule': self.vote_rule

4977

}

4979

}

4978

4980

4979

@property

4981

@property

4980

def vote_rule_label(self):

4982

def vote_rule_label(self):

4981

if not self.vote_rule or self.vote_rule == self.VOTE_RULE_ALL:

4983

if not self.vote_rule or self.vote_rule == self.VOTE_RULE_ALL:

4982

return 'all must vote'

4984

return 'all must vote'

4983

else:

4985

else:

4984

return 'min. vote {}'.format(self.vote_rule)

4986

return 'min. vote {}'.format(self.vote_rule)

4985

4987

4986

4988

4987

class RepoReviewRule(Base, BaseModel):

4989

class RepoReviewRule(Base, BaseModel):

4988

__tablename__ = 'repo_review_rules'

4990

__tablename__ = 'repo_review_rules'

4989

__table_args__ = (

4991

__table_args__ = (

4990

base_table_args

4992

base_table_args

4991

)

4993

)

4992

4994

4993

repo_review_rule_id = Column(

4995

repo_review_rule_id = Column(

4994

'repo_review_rule_id', Integer(), primary_key=True)

4996

'repo_review_rule_id', Integer(), primary_key=True)

4995

repo_id = Column(

4997

repo_id = Column(

4996

"repo_id", Integer(), ForeignKey('repositories.repo_id'))

4998

"repo_id", Integer(), ForeignKey('repositories.repo_id'))

4997

repo = relationship('Repository', backref='review_rules')

4999

repo = relationship('Repository', backref='review_rules')

4998

5000

4999

review_rule_name = Column('review_rule_name', String(255))

5001

review_rule_name = Column('review_rule_name', String(255))

5000

_branch_pattern = Column("branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob

5002

_branch_pattern = Column("branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob

5001

_target_branch_pattern = Column("target_branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob

5003

_target_branch_pattern = Column("target_branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob

5002

_file_pattern = Column("file_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob

5004

_file_pattern = Column("file_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob

5003

5005

5004

use_authors_for_review = Column("use_authors_for_review", Boolean(), nullable=False, default=False)

5006

use_authors_for_review = Column("use_authors_for_review", Boolean(), nullable=False, default=False)

5005

forbid_author_to_review = Column("forbid_author_to_review", Boolean(), nullable=False, default=False)

5007

forbid_author_to_review = Column("forbid_author_to_review", Boolean(), nullable=False, default=False)

5006

forbid_commit_author_to_review = Column("forbid_commit_author_to_review", Boolean(), nullable=False, default=False)

5008

forbid_commit_author_to_review = Column("forbid_commit_author_to_review", Boolean(), nullable=False, default=False)

5007

forbid_adding_reviewers = Column("forbid_adding_reviewers", Boolean(), nullable=False, default=False)

5009

forbid_adding_reviewers = Column("forbid_adding_reviewers", Boolean(), nullable=False, default=False)

5008

5010

5009

rule_users = relationship('RepoReviewRuleUser')

5011

rule_users = relationship('RepoReviewRuleUser')

5010

rule_user_groups = relationship('RepoReviewRuleUserGroup')

5012

rule_user_groups = relationship('RepoReviewRuleUserGroup')

5011

5013

5012

def _validate_pattern(self, value):

5014

def _validate_pattern(self, value):

5013

re.compile('^' + glob2re(value) + '$')

5015

re.compile('^' + glob2re(value) + '$')

5014

5016

5015

@hybrid_property

5017

@hybrid_property

5016

def source_branch_pattern(self):

5018

def source_branch_pattern(self):

5017

return self._branch_pattern or '*'

5019

return self._branch_pattern or '*'

5018

5020

5019

@source_branch_pattern.setter

5021

@source_branch_pattern.setter

5020

def source_branch_pattern(self, value):

5022

def source_branch_pattern(self, value):

5021

self._validate_pattern(value)

5023

self._validate_pattern(value)

5022

self._branch_pattern = value or '*'

5024

self._branch_pattern = value or '*'

5023

5025

5024

@hybrid_property

5026

@hybrid_property

5025

def target_branch_pattern(self):

5027

def target_branch_pattern(self):

5026

return self._target_branch_pattern or '*'

5028

return self._target_branch_pattern or '*'

5027

5029

5028

@target_branch_pattern.setter

5030

@target_branch_pattern.setter

5029

def target_branch_pattern(self, value):

5031

def target_branch_pattern(self, value):

5030

self._validate_pattern(value)

5032

self._validate_pattern(value)

5031

self._target_branch_pattern = value or '*'

5033

self._target_branch_pattern = value or '*'

5032

5034

5033

@hybrid_property

5035

@hybrid_property

5034

def file_pattern(self):

5036

def file_pattern(self):

5035

return self._file_pattern or '*'

5037

return self._file_pattern or '*'

5036

5038

5037

@file_pattern.setter

5039

@file_pattern.setter

5038

def file_pattern(self, value):

5040

def file_pattern(self, value):

5039

self._validate_pattern(value)

5041

self._validate_pattern(value)

5040

self._file_pattern = value or '*'

5042

self._file_pattern = value or '*'

5041

5043

5042

def matches(self, source_branch, target_branch, files_changed):

5044

def matches(self, source_branch, target_branch, files_changed):

5043

"""

5045

"""

5044

Check if this review rule matches a branch/files in a pull request

5046

Check if this review rule matches a branch/files in a pull request

5045

5047

5046

:param source_branch: source branch name for the commit

5048

:param source_branch: source branch name for the commit

5047

:param target_branch: target branch name for the commit

5049

:param target_branch: target branch name for the commit

5048

:param files_changed: list of file paths changed in the pull request

5050

:param files_changed: list of file paths changed in the pull request

5049

"""

5051

"""

5050

5052

5051

source_branch = source_branch or ''

5053

source_branch = source_branch or ''

5052

target_branch = target_branch or ''

5054

target_branch = target_branch or ''

5053

files_changed = files_changed or []

5055

files_changed = files_changed or []

5054

5056

5055

branch_matches = True

5057

branch_matches = True

5056

if source_branch or target_branch:

5058

if source_branch or target_branch:

5057

if self.source_branch_pattern == '*':

5059

if self.source_branch_pattern == '*':

5058

source_branch_match = True

5060

source_branch_match = True

5059

else:

5061

else:

5060

if self.source_branch_pattern.startswith('re:'):

5062

if self.source_branch_pattern.startswith('re:'):

5061

source_pattern = self.source_branch_pattern[3:]

5063

source_pattern = self.source_branch_pattern[3:]

5062

else:

5064

else:

5063

source_pattern = '^' + glob2re(self.source_branch_pattern) + '$'

5065

source_pattern = '^' + glob2re(self.source_branch_pattern) + '$'

5064

source_branch_regex = re.compile(source_pattern)

5066

source_branch_regex = re.compile(source_pattern)

5065

source_branch_match = bool(source_branch_regex.search(source_branch))

5067

source_branch_match = bool(source_branch_regex.search(source_branch))

5066

if self.target_branch_pattern == '*':

5068

if self.target_branch_pattern == '*':

5067

target_branch_match = True

5069

target_branch_match = True

5068

else:

5070

else:

5069

if self.target_branch_pattern.startswith('re:'):

5071

if self.target_branch_pattern.startswith('re:'):

5070

target_pattern = self.target_branch_pattern[3:]

5072

target_pattern = self.target_branch_pattern[3:]

5071

else:

5073

else:

5072

target_pattern = '^' + glob2re(self.target_branch_pattern) + '$'

5074

target_pattern = '^' + glob2re(self.target_branch_pattern) + '$'

5073

target_branch_regex = re.compile(target_pattern)

5075

target_branch_regex = re.compile(target_pattern)

5074

target_branch_match = bool(target_branch_regex.search(target_branch))

5076

target_branch_match = bool(target_branch_regex.search(target_branch))

5075

5077

5076

branch_matches = source_branch_match and target_branch_match

5078

branch_matches = source_branch_match and target_branch_match

5077

5079

5078

files_matches = True

5080

files_matches = True

5079

if self.file_pattern != '*':

5081

if self.file_pattern != '*':

5080

files_matches = False

5082

files_matches = False

5081

if self.file_pattern.startswith('re:'):

5083

if self.file_pattern.startswith('re:'):

5082

file_pattern = self.file_pattern[3:]

5084

file_pattern = self.file_pattern[3:]

5083

else:

5085

else:

5084

file_pattern = glob2re(self.file_pattern)

5086

file_pattern = glob2re(self.file_pattern)

5085

file_regex = re.compile(file_pattern)

5087

file_regex = re.compile(file_pattern)

5086

for file_data in files_changed:

5088

for file_data in files_changed:

5087

filename = file_data.get('filename')

5089

filename = file_data.get('filename')

5088

5090

5089

if file_regex.search(filename):

5091

if file_regex.search(filename):

5090

files_matches = True

5092

files_matches = True

5091

break

5093

break

5092

5094

5093

return branch_matches and files_matches

5095

return branch_matches and files_matches

5094

5096

5095

@property

5097

@property

5096

def review_users(self):

5098

def review_users(self):

5097

""" Returns the users which this rule applies to """

5099

""" Returns the users which this rule applies to """

5098

5100

5099

users = collections.OrderedDict()

5101

users = collections.OrderedDict()

5100

5102

5101

for rule_user in self.rule_users:

5103

for rule_user in self.rule_users:

5102

if rule_user.user.active:

5104

if rule_user.user.active:

5103

if rule_user.user not in users:

5105

if rule_user.user not in users:

5104

users[rule_user.user.username] = {

5106

users[rule_user.user.username] = {

5105

'user': rule_user.user,

5107

'user': rule_user.user,

5106

'source': 'user',

5108

'source': 'user',

5107

'source_data': {},

5109

'source_data': {},

5108

'data': rule_user.rule_data()

5110

'data': rule_user.rule_data()

5109

}

5111

}

5110

5112

5111

for rule_user_group in self.rule_user_groups:

5113

for rule_user_group in self.rule_user_groups:

5112

source_data = {

5114

source_data = {

5113

'user_group_id': rule_user_group.users_group.users_group_id,

5115

'user_group_id': rule_user_group.users_group.users_group_id,

5114

'name': rule_user_group.users_group.users_group_name,

5116

'name': rule_user_group.users_group.users_group_name,

5115

'members': len(rule_user_group.users_group.members)

5117

'members': len(rule_user_group.users_group.members)

5116

}

5118

}

5117

for member in rule_user_group.users_group.members:

5119

for member in rule_user_group.users_group.members:

5118

if member.user.active:

5120

if member.user.active:

5119

key = member.user.username

5121

key = member.user.username

5120

if key in users:

5122

if key in users:

5121

# skip this member as we have him already

5123

# skip this member as we have him already

5122

# this prevents from override the "first" matched

5124

# this prevents from override the "first" matched

5123

# users with duplicates in multiple groups

5125

# users with duplicates in multiple groups

5124

continue

5126

continue

5125

5127

5126

users[key] = {

5128

users[key] = {

5127

'user': member.user,

5129

'user': member.user,

5128

'source': 'user_group',

5130

'source': 'user_group',

5129

'source_data': source_data,

5131

'source_data': source_data,

5130

'data': rule_user_group.rule_data()

5132

'data': rule_user_group.rule_data()

5131

}

5133

}

5132

5134

5133

return users

5135

return users

5134

5136

5135

def user_group_vote_rule(self, user_id):

5137

def user_group_vote_rule(self, user_id):

5136

5138

5137

rules = []

5139

rules = []

5138

if not self.rule_user_groups:

5140

if not self.rule_user_groups:

5139

return rules

5141

return rules

5140

5142

5141

for user_group in self.rule_user_groups:

5143

for user_group in self.rule_user_groups:

5142

user_group_members = [x.user_id for x in user_group.users_group.members]

5144

user_group_members = [x.user_id for x in user_group.users_group.members]

5143

if user_id in user_group_members:

5145

if user_id in user_group_members:

5144

rules.append(user_group)

5146

rules.append(user_group)

5145

return rules

5147

return rules

5146

5148

5147

def __repr__(self):

5149

def __repr__(self):

5148

return '<RepoReviewerRule(id=%r, repo=%r)>' % (

5150

return '<RepoReviewerRule(id=%r, repo=%r)>' % (

5149

self.repo_review_rule_id, self.repo)

5151

self.repo_review_rule_id, self.repo)

5150

5152

5151

5153

5152

class ScheduleEntry(Base, BaseModel):

5154

class ScheduleEntry(Base, BaseModel):

5153

__tablename__ = 'schedule_entries'

5155

__tablename__ = 'schedule_entries'

5154

__table_args__ = (

5156

__table_args__ = (

5155

UniqueConstraint('schedule_name', name='s_schedule_name_idx'),

5157

UniqueConstraint('schedule_name', name='s_schedule_name_idx'),

5156

UniqueConstraint('task_uid', name='s_task_uid_idx'),

5158

UniqueConstraint('task_uid', name='s_task_uid_idx'),

5157

base_table_args,

5159

base_table_args,

5158

)

5160

)

5159

5161

5160

schedule_types = ['crontab', 'timedelta', 'integer']

5162

schedule_types = ['crontab', 'timedelta', 'integer']

5161

schedule_entry_id = Column('schedule_entry_id', Integer(), primary_key=True)

5163

schedule_entry_id = Column('schedule_entry_id', Integer(), primary_key=True)

5162

5164

5163

schedule_name = Column("schedule_name", String(255), nullable=False, unique=None, default=None)

5165

schedule_name = Column("schedule_name", String(255), nullable=False, unique=None, default=None)

5164

schedule_description = Column("schedule_description", String(10000), nullable=True, unique=None, default=None)

5166

schedule_description = Column("schedule_description", String(10000), nullable=True, unique=None, default=None)

5165

schedule_enabled = Column("schedule_enabled", Boolean(), nullable=False, unique=None, default=True)

5167

schedule_enabled = Column("schedule_enabled", Boolean(), nullable=False, unique=None, default=True)

5166

5168

5167

_schedule_type = Column("schedule_type", String(255), nullable=False, unique=None, default=None)

5169

_schedule_type = Column("schedule_type", String(255), nullable=False, unique=None, default=None)

5168

schedule_definition = Column('schedule_definition_json', MutationObj.as_mutable(JsonType(default=lambda: "", dialect_map=dict(mysql=LONGTEXT()))))

5170

schedule_definition = Column('schedule_definition_json', MutationObj.as_mutable(JsonType(default=lambda: "", dialect_map=dict(mysql=LONGTEXT()))))

5169

5171

5170

schedule_last_run = Column('schedule_last_run', DateTime(timezone=False), nullable=True, unique=None, default=None)

5172

schedule_last_run = Column('schedule_last_run', DateTime(timezone=False), nullable=True, unique=None, default=None)

5171

schedule_total_run_count = Column('schedule_total_run_count', Integer(), nullable=True, unique=None, default=0)

5173

schedule_total_run_count = Column('schedule_total_run_count', Integer(), nullable=True, unique=None, default=0)

5172

5174

5173

# task

5175

# task

5174

task_uid = Column("task_uid", String(255), nullable=False, unique=None, default=None)

5176

task_uid = Column("task_uid", String(255), nullable=False, unique=None, default=None)

5175

task_dot_notation = Column("task_dot_notation", String(4096), nullable=False, unique=None, default=None)

5177

task_dot_notation = Column("task_dot_notation", String(4096), nullable=False, unique=None, default=None)

5176

task_args = Column('task_args_json', MutationObj.as_mutable(JsonType(default=list, dialect_map=dict(mysql=LONGTEXT()))))

5178

task_args = Column('task_args_json', MutationObj.as_mutable(JsonType(default=list, dialect_map=dict(mysql=LONGTEXT()))))

5177

task_kwargs = Column('task_kwargs_json', MutationObj.as_mutable(JsonType(default=dict, dialect_map=dict(mysql=LONGTEXT()))))

5179

task_kwargs = Column('task_kwargs_json', MutationObj.as_mutable(JsonType(default=dict, dialect_map=dict(mysql=LONGTEXT()))))

5178

5180

5179

created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

5181

created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

5180

updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=None)

5182

updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=None)

5181

5183

5182

@hybrid_property

5184

@hybrid_property

5183

def schedule_type(self):

5185

def schedule_type(self):

5184

return self._schedule_type

5186

return self._schedule_type

5185

5187

5186

@schedule_type.setter

5188

@schedule_type.setter

5187

def schedule_type(self, val):

5189

def schedule_type(self, val):

5188

if val not in self.schedule_types:

5190

if val not in self.schedule_types:

5189

raise ValueError('Value must be on of `{}` and got `{}`'.format(

5191

raise ValueError('Value must be on of `{}` and got `{}`'.format(

5190

val, self.schedule_type))

5192

val, self.schedule_type))

5191

5193

5192

self._schedule_type = val

5194

self._schedule_type = val

5193

5195

5194

@classmethod

5196

@classmethod

5195

def get_uid(cls, obj):

5197

def get_uid(cls, obj):

5196

args = obj.task_args

5198

args = obj.task_args

5197

kwargs = obj.task_kwargs

5199

kwargs = obj.task_kwargs

5198

if isinstance(args, JsonRaw):

5200

if isinstance(args, JsonRaw):

5199

try:

5201

try:

5200

args = json.loads(args)

5202

args = json.loads(args)

5201

except ValueError:

5203

except ValueError:

5202

args = tuple()

5204

args = tuple()

5203

5205

5204

if isinstance(kwargs, JsonRaw):

5206

if isinstance(kwargs, JsonRaw):

5205

try:

5207

try:

5206

kwargs = json.loads(kwargs)

5208

kwargs = json.loads(kwargs)

5207

except ValueError:

5209

except ValueError:

5208

kwargs = dict()

5210

kwargs = dict()

5209

5211

5210

dot_notation = obj.task_dot_notation

5212

dot_notation = obj.task_dot_notation

5211

val = '.'.join(map(safe_str, [

5213

val = '.'.join(map(safe_str, [

5212

sorted(dot_notation), args, sorted(kwargs.items())]))

5214

sorted(dot_notation), args, sorted(kwargs.items())]))

5213

return hashlib.sha1(val).hexdigest()

5215

return hashlib.sha1(val).hexdigest()

5214

5216

5215

@classmethod

5217

@classmethod

5216

def get_by_schedule_name(cls, schedule_name):

5218

def get_by_schedule_name(cls, schedule_name):

5217

return cls.query().filter(cls.schedule_name == schedule_name).scalar()

5219

return cls.query().filter(cls.schedule_name == schedule_name).scalar()

5218

5220

5219

@classmethod

5221

@classmethod

5220

def get_by_schedule_id(cls, schedule_id):

5222

def get_by_schedule_id(cls, schedule_id):

5221

return cls.query().filter(cls.schedule_entry_id == schedule_id).scalar()

5223

return cls.query().filter(cls.schedule_entry_id == schedule_id).scalar()

5222

5224

5223

@property

5225

@property

5224

def task(self):

5226

def task(self):

5225

return self.task_dot_notation

5227

return self.task_dot_notation

5226

5228

5227

@property

5229

@property

5228

def schedule(self):

5230

def schedule(self):

5229

from rhodecode.lib.celerylib.utils import raw_2_schedule

5231

from rhodecode.lib.celerylib.utils import raw_2_schedule

5230

schedule = raw_2_schedule(self.schedule_definition, self.schedule_type)

5232

schedule = raw_2_schedule(self.schedule_definition, self.schedule_type)

5231

return schedule

5233

return schedule

5232

5234

5233

@property

5235

@property

5234

def args(self):

5236

def args(self):

5235

try:

5237

try:

5236

return list(self.task_args or [])

5238

return list(self.task_args or [])

5237

except ValueError:

5239

except ValueError:

5238

return list()

5240

return list()

5239

5241

5240

@property

5242

@property

5241

def kwargs(self):

5243

def kwargs(self):

5242

try:

5244

try:

5243

return dict(self.task_kwargs or {})

5245

return dict(self.task_kwargs or {})

5244

except ValueError:

5246

except ValueError:

5245

return dict()

5247

return dict()

5246

5248

5247

def _as_raw(self, val):

5249

def _as_raw(self, val):

5248

if hasattr(val, 'de_coerce'):

5250

if hasattr(val, 'de_coerce'):

5249

val = val.de_coerce()

5251

val = val.de_coerce()

5250

if val:

5252

if val:

5251

val = json.dumps(val)

5253

val = json.dumps(val)

5252

5254

5253

return val

5255

return val

5254

5256

5255

@property

5257

@property

5256

def schedule_definition_raw(self):

5258

def schedule_definition_raw(self):

5257

return self._as_raw(self.schedule_definition)

5259

return self._as_raw(self.schedule_definition)

5258

5260

5259

@property

5261

@property

5260

def args_raw(self):

5262

def args_raw(self):

5261

return self._as_raw(self.task_args)

5263

return self._as_raw(self.task_args)

5262

5264

5263

@property

5265

@property

5264

def kwargs_raw(self):

5266

def kwargs_raw(self):

5265

return self._as_raw(self.task_kwargs)

5267

return self._as_raw(self.task_kwargs)

5266

5268

5267

def __repr__(self):

5269

def __repr__(self):

5268

return '<DB:ScheduleEntry({}:{})>'.format(

5270

return '<DB:ScheduleEntry({}:{})>'.format(

5269

self.schedule_entry_id, self.schedule_name)

5271

self.schedule_entry_id, self.schedule_name)

5270

5272

5271

5273

5272

@event.listens_for(ScheduleEntry, 'before_update')

5274

@event.listens_for(ScheduleEntry, 'before_update')

5273

def update_task_uid(mapper, connection, target):

5275

def update_task_uid(mapper, connection, target):

5274

target.task_uid = ScheduleEntry.get_uid(target)

5276

target.task_uid = ScheduleEntry.get_uid(target)

5275

5277

5276

5278

5277

@event.listens_for(ScheduleEntry, 'before_insert')

5279

@event.listens_for(ScheduleEntry, 'before_insert')

5278

def set_task_uid(mapper, connection, target):

5280

def set_task_uid(mapper, connection, target):

5279

target.task_uid = ScheduleEntry.get_uid(target)

5281

target.task_uid = ScheduleEntry.get_uid(target)

5280

5282

5281

5283

5282

class _BaseBranchPerms(BaseModel):

5284

class _BaseBranchPerms(BaseModel):

5283

@classmethod

5285

@classmethod

5284

def compute_hash(cls, value):

5286

def compute_hash(cls, value):

5285

return sha1_safe(value)

5287

return sha1_safe(value)

5286

5288

5287

@hybrid_property

5289

@hybrid_property

5288

def branch_pattern(self):

5290

def branch_pattern(self):

5289

return self._branch_pattern or '*'

5291

return self._branch_pattern or '*'

5290

5292

5291

@hybrid_property

5293

@hybrid_property

5292

def branch_hash(self):

5294

def branch_hash(self):

5293

return self._branch_hash

5295

return self._branch_hash

5294

5296

5295

def _validate_glob(self, value):

5297

def _validate_glob(self, value):

5296

re.compile('^' + glob2re(value) + '$')

5298

re.compile('^' + glob2re(value) + '$')

5297

5299

5298

@branch_pattern.setter

5300

@branch_pattern.setter

5299

def branch_pattern(self, value):

5301

def branch_pattern(self, value):

5300

self._validate_glob(value)

5302

self._validate_glob(value)

5301

self._branch_pattern = value or '*'

5303

self._branch_pattern = value or '*'

5302

# set the Hash when setting the branch pattern

5304

# set the Hash when setting the branch pattern

5303

self._branch_hash = self.compute_hash(self._branch_pattern)

5305

self._branch_hash = self.compute_hash(self._branch_pattern)

5304

5306

5305

def matches(self, branch):

5307

def matches(self, branch):

5306

"""

5308

"""

5307

Check if this the branch matches entry

5309

Check if this the branch matches entry

5308

5310

5309

:param branch: branch name for the commit

5311

:param branch: branch name for the commit

5310

"""

5312

"""

5311

5313

5312

branch = branch or ''

5314

branch = branch or ''

5313

5315

5314

branch_matches = True

5316

branch_matches = True

5315

if branch:

5317

if branch:

5316

branch_regex = re.compile('^' + glob2re(self.branch_pattern) + '$')

5318

branch_regex = re.compile('^' + glob2re(self.branch_pattern) + '$')

5317

branch_matches = bool(branch_regex.search(branch))

5319

branch_matches = bool(branch_regex.search(branch))

5318

5320

5319

return branch_matches

5321

return branch_matches

5320

5322

5321

5323

5322

class UserToRepoBranchPermission(Base, _BaseBranchPerms):

5324

class UserToRepoBranchPermission(Base, _BaseBranchPerms):

5323

__tablename__ = 'user_to_repo_branch_permissions'

5325

__tablename__ = 'user_to_repo_branch_permissions'

5324

__table_args__ = (

5326

__table_args__ = (

5325

base_table_args

5327

base_table_args

5326

)

5328

)

5327

5329

5328

branch_rule_id = Column('branch_rule_id', Integer(), primary_key=True)

5330

branch_rule_id = Column('branch_rule_id', Integer(), primary_key=True)

5329

5331

5330

repository_id = Column('repository_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)

5332

repository_id = Column('repository_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)

5331

repo = relationship('Repository', backref='user_branch_perms')

5333

repo = relationship('Repository', backref='user_branch_perms')

5332

5334

5333

permission_id = Column('permission_id', Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

5335

permission_id = Column('permission_id', Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

5334

permission = relationship('Permission')

5336

permission = relationship('Permission')

5335

5337

5336

rule_to_perm_id = Column('rule_to_perm_id', Integer(), ForeignKey('repo_to_perm.repo_to_perm_id'), nullable=False, unique=None, default=None)

5338

rule_to_perm_id = Column('rule_to_perm_id', Integer(), ForeignKey('repo_to_perm.repo_to_perm_id'), nullable=False, unique=None, default=None)

5337

user_repo_to_perm = relationship('UserRepoToPerm')

5339

user_repo_to_perm = relationship('UserRepoToPerm')

5338

5340

5339

rule_order = Column('rule_order', Integer(), nullable=False)

5341

rule_order = Column('rule_order', Integer(), nullable=False)

5340

_branch_pattern = Column('branch_pattern', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), default=u'*') # glob

5342

_branch_pattern = Column('branch_pattern', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), default=u'*') # glob

5341

_branch_hash = Column('branch_hash', UnicodeText().with_variant(UnicodeText(2048), 'mysql'))

5343

_branch_hash = Column('branch_hash', UnicodeText().with_variant(UnicodeText(2048), 'mysql'))

5342

5344

5343

def __unicode__(self):

5345

def __unicode__(self):

5344

return u'<UserBranchPermission(%s => %r)>' % (

5346

return u'<UserBranchPermission(%s => %r)>' % (

5345

self.user_repo_to_perm, self.branch_pattern)

5347

self.user_repo_to_perm, self.branch_pattern)

5346

5348

5347

5349

5348

class UserGroupToRepoBranchPermission(Base, _BaseBranchPerms):

5350

class UserGroupToRepoBranchPermission(Base, _BaseBranchPerms):

5349

__tablename__ = 'user_group_to_repo_branch_permissions'

5351

__tablename__ = 'user_group_to_repo_branch_permissions'

5350

__table_args__ = (

5352

__table_args__ = (

5351

base_table_args

5353

base_table_args

5352

)

5354

)

5353

5355

5354

branch_rule_id = Column('branch_rule_id', Integer(), primary_key=True)

5356

branch_rule_id = Column('branch_rule_id', Integer(), primary_key=True)

5355

5357

5356

repository_id = Column('repository_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)

5358

repository_id = Column('repository_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)

5357

repo = relationship('Repository', backref='user_group_branch_perms')

5359

repo = relationship('Repository', backref='user_group_branch_perms')

5358

5360

5359

permission_id = Column('permission_id', Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

5361

permission_id = Column('permission_id', Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

5360

permission = relationship('Permission')

5362

permission = relationship('Permission')

5361

5363

5362

rule_to_perm_id = Column('rule_to_perm_id', Integer(), ForeignKey('users_group_repo_to_perm.users_group_to_perm_id'), nullable=False, unique=None, default=None)

5364

rule_to_perm_id = Column('rule_to_perm_id', Integer(), ForeignKey('users_group_repo_to_perm.users_group_to_perm_id'), nullable=False, unique=None, default=None)

5363

user_group_repo_to_perm = relationship('UserGroupRepoToPerm')

5365

user_group_repo_to_perm = relationship('UserGroupRepoToPerm')

5364

5366

5365

rule_order = Column('rule_order', Integer(), nullable=False)

5367

rule_order = Column('rule_order', Integer(), nullable=False)

5366

_branch_pattern = Column('branch_pattern', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), default=u'*') # glob

5368

_branch_pattern = Column('branch_pattern', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), default=u'*') # glob

5367

_branch_hash = Column('branch_hash', UnicodeText().with_variant(UnicodeText(2048), 'mysql'))

5369

_branch_hash = Column('branch_hash', UnicodeText().with_variant(UnicodeText(2048), 'mysql'))

5368

5370

5369

def __unicode__(self):

5371

def __unicode__(self):

5370

return u'<UserBranchPermission(%s => %r)>' % (

5372

return u'<UserBranchPermission(%s => %r)>' % (

5371

self.user_group_repo_to_perm, self.branch_pattern)

5373

self.user_group_repo_to_perm, self.branch_pattern)

5372

5374

5373

5375

5374

class UserBookmark(Base, BaseModel):

5376

class UserBookmark(Base, BaseModel):

5375

__tablename__ = 'user_bookmarks'

5377

__tablename__ = 'user_bookmarks'

5376

__table_args__ = (

5378

__table_args__ = (

5377

UniqueConstraint('user_id', 'bookmark_repo_id'),

5379

UniqueConstraint('user_id', 'bookmark_repo_id'),

5378

UniqueConstraint('user_id', 'bookmark_repo_group_id'),

5380

UniqueConstraint('user_id', 'bookmark_repo_group_id'),

5379

UniqueConstraint('user_id', 'bookmark_position'),

5381

UniqueConstraint('user_id', 'bookmark_position'),

5380

base_table_args

5382

base_table_args

5381

)

5383

)

5382

5384

5383

user_bookmark_id = Column("user_bookmark_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

5385

user_bookmark_id = Column("user_bookmark_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

5384

user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)

5386

user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)

5385

position = Column("bookmark_position", Integer(), nullable=False)

5387

position = Column("bookmark_position", Integer(), nullable=False)

5386

title = Column("bookmark_title", String(255), nullable=True, unique=None, default=None)

5388

title = Column("bookmark_title", String(255), nullable=True, unique=None, default=None)

5387

redirect_url = Column("bookmark_redirect_url", String(10240), nullable=True, unique=None, default=None)

5389

redirect_url = Column("bookmark_redirect_url", String(10240), nullable=True, unique=None, default=None)

5388

created_on = Column("created_on", DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

5390

created_on = Column("created_on", DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

5389

5391

5390

bookmark_repo_id = Column("bookmark_repo_id", Integer(), ForeignKey("repositories.repo_id"), nullable=True, unique=None, default=None)

5392

bookmark_repo_id = Column("bookmark_repo_id", Integer(), ForeignKey("repositories.repo_id"), nullable=True, unique=None, default=None)

5391

bookmark_repo_group_id = Column("bookmark_repo_group_id", Integer(), ForeignKey("groups.group_id"), nullable=True, unique=None, default=None)

5393

bookmark_repo_group_id = Column("bookmark_repo_group_id", Integer(), ForeignKey("groups.group_id"), nullable=True, unique=None, default=None)

5392

5394

5393

user = relationship("User")

5395

user = relationship("User")

5394

5396

5395

repository = relationship("Repository")

5397

repository = relationship("Repository")

5396

repository_group = relationship("RepoGroup")

5398

repository_group = relationship("RepoGroup")

5397

5399

5398

@classmethod

5400

@classmethod

5399

def get_by_position_for_user(cls, position, user_id):

5401

def get_by_position_for_user(cls, position, user_id):

5400

return cls.query() \

5402

return cls.query() \

5401

.filter(UserBookmark.user_id == user_id) \

5403

.filter(UserBookmark.user_id == user_id) \

5402

.filter(UserBookmark.position == position).scalar()

5404

.filter(UserBookmark.position == position).scalar()

5403

5405

5404

@classmethod

5406

@classmethod

5405

def get_bookmarks_for_user(cls, user_id, cache=True):

5407

def get_bookmarks_for_user(cls, user_id, cache=True):

5406

bookmarks = cls.query() \

5408

bookmarks = cls.query() \

5407

.filter(UserBookmark.user_id == user_id) \

5409

.filter(UserBookmark.user_id == user_id) \

5408

.options(joinedload(UserBookmark.repository)) \

5410

.options(joinedload(UserBookmark.repository)) \

5409

.options(joinedload(UserBookmark.repository_group)) \

5411

.options(joinedload(UserBookmark.repository_group)) \

5410

.order_by(UserBookmark.position.asc())

5412

.order_by(UserBookmark.position.asc())

5411

5413

5412

if cache:

5414

if cache:

5413

bookmarks = bookmarks.options(

5415

bookmarks = bookmarks.options(

5414

FromCache("sql_cache_short", "get_user_{}_bookmarks".format(user_id))

5416

FromCache("sql_cache_short", "get_user_{}_bookmarks".format(user_id))

5415

)

5417

)

5416

5418

5417

return bookmarks.all()

5419

return bookmarks.all()

5418

5420

5419

def __unicode__(self):

5421

def __unicode__(self):

5420

return u'<UserBookmark(%s @ %r)>' % (self.position, self.redirect_url)

5422

return u'<UserBookmark(%s @ %r)>' % (self.position, self.redirect_url)

5421

5423

5422

5424

5423

class FileStore(Base, BaseModel):

5425

class FileStore(Base, BaseModel):

5424

__tablename__ = 'file_store'

5426

__tablename__ = 'file_store'

5425

__table_args__ = (

5427

__table_args__ = (

5426

base_table_args

5428

base_table_args

5427

)

5429

)

5428

5430

5429

file_store_id = Column('file_store_id', Integer(), primary_key=True)

5431

file_store_id = Column('file_store_id', Integer(), primary_key=True)

5430

file_uid = Column('file_uid', String(1024), nullable=False)

5432

file_uid = Column('file_uid', String(1024), nullable=False)

5431

file_display_name = Column('file_display_name', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), nullable=True)

5433

file_display_name = Column('file_display_name', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), nullable=True)

5432

file_description = Column('file_description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'), nullable=True)

5434

file_description = Column('file_description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'), nullable=True)

5433

file_org_name = Column('file_org_name', UnicodeText().with_variant(UnicodeText(10240), 'mysql'), nullable=False)

5435

file_org_name = Column('file_org_name', UnicodeText().with_variant(UnicodeText(10240), 'mysql'), nullable=False)

5434

5436

5435

# sha256 hash

5437

# sha256 hash

5436

file_hash = Column('file_hash', String(512), nullable=False)

5438

file_hash = Column('file_hash', String(512), nullable=False)

5437

file_size = Column('file_size', BigInteger(), nullable=False)

5439

file_size = Column('file_size', BigInteger(), nullable=False)

5438

5440

5439

created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

5441

created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

5440

accessed_on = Column('accessed_on', DateTime(timezone=False), nullable=True)

5442

accessed_on = Column('accessed_on', DateTime(timezone=False), nullable=True)

5441

accessed_count = Column('accessed_count', Integer(), default=0)

5443

accessed_count = Column('accessed_count', Integer(), default=0)

5442

5444

5443

enabled = Column('enabled', Boolean(), nullable=False, default=True)

5445

enabled = Column('enabled', Boolean(), nullable=False, default=True)

5444

5446

5445

# if repo/repo_group reference is set, check for permissions

5447

# if repo/repo_group reference is set, check for permissions

5446

check_acl = Column('check_acl', Boolean(), nullable=False, default=True)

5448

check_acl = Column('check_acl', Boolean(), nullable=False, default=True)

5447

5449

5448

# hidden defines an attachment that should be hidden from showing in artifact listing

5450

# hidden defines an attachment that should be hidden from showing in artifact listing

5449

hidden = Column('hidden', Boolean(), nullable=False, default=False)

5451

hidden = Column('hidden', Boolean(), nullable=False, default=False)

5450

5452

5451

user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)

5453

user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)

5452

upload_user = relationship('User', lazy='joined', primaryjoin='User.user_id==FileStore.user_id')

5454

upload_user = relationship('User', lazy='joined', primaryjoin='User.user_id==FileStore.user_id')

5453

5455

5454

file_metadata = relationship('FileStoreMetadata', lazy='joined')

5456

file_metadata = relationship('FileStoreMetadata', lazy='joined')

5455

5457

5456

# scope limited to user, which requester have access to

5458

# scope limited to user, which requester have access to

5457

scope_user_id = Column(

5459

scope_user_id = Column(

5458

'scope_user_id', Integer(), ForeignKey('users.user_id'),

5460

'scope_user_id', Integer(), ForeignKey('users.user_id'),

5459

nullable=True, unique=None, default=None)

5461

nullable=True, unique=None, default=None)

5460

user = relationship('User', lazy='joined', primaryjoin='User.user_id==FileStore.scope_user_id')

5462

user = relationship('User', lazy='joined', primaryjoin='User.user_id==FileStore.scope_user_id')

5461

5463

5462

# scope limited to user group, which requester have access to

5464

# scope limited to user group, which requester have access to

5463

scope_user_group_id = Column(

5465

scope_user_group_id = Column(

5464

'scope_user_group_id', Integer(), ForeignKey('users_groups.users_group_id'),

5466

'scope_user_group_id', Integer(), ForeignKey('users_groups.users_group_id'),

5465

nullable=True, unique=None, default=None)

5467

nullable=True, unique=None, default=None)

5466

user_group = relationship('UserGroup', lazy='joined')

5468

user_group = relationship('UserGroup', lazy='joined')

5467

5469

5468

# scope limited to repo, which requester have access to

5470

# scope limited to repo, which requester have access to

5469

scope_repo_id = Column(

5471

scope_repo_id = Column(

5470

'scope_repo_id', Integer(), ForeignKey('repositories.repo_id'),

5472

'scope_repo_id', Integer(), ForeignKey('repositories.repo_id'),

5471

nullable=True, unique=None, default=None)

5473

nullable=True, unique=None, default=None)

5472

repo = relationship('Repository', lazy='joined')

5474

repo = relationship('Repository', lazy='joined')

5473

5475

5474

# scope limited to repo group, which requester have access to

5476

# scope limited to repo group, which requester have access to

5475

scope_repo_group_id = Column(

5477

scope_repo_group_id = Column(

5476

'scope_repo_group_id', Integer(), ForeignKey('groups.group_id'),

5478

'scope_repo_group_id', Integer(), ForeignKey('groups.group_id'),

5477

nullable=True, unique=None, default=None)

5479

nullable=True, unique=None, default=None)

5478

repo_group = relationship('RepoGroup', lazy='joined')

5480

repo_group = relationship('RepoGroup', lazy='joined')

5479

5481

5480

@classmethod

5482

@classmethod

5481

def get_by_store_uid(cls, file_store_uid, safe=False):

5483

def get_by_store_uid(cls, file_store_uid, safe=False):

5482

if safe:

5484

if safe:

5483

return FileStore.query().filter(FileStore.file_uid == file_store_uid).first()

5485

return FileStore.query().filter(FileStore.file_uid == file_store_uid).first()

5484

else:

5486

else:

5485

return FileStore.query().filter(FileStore.file_uid == file_store_uid).scalar()

5487

return FileStore.query().filter(FileStore.file_uid == file_store_uid).scalar()

5486

5488

5487

@classmethod

5489

@classmethod

5488

def create(cls, file_uid, filename, file_hash, file_size, file_display_name='',

5490

def create(cls, file_uid, filename, file_hash, file_size, file_display_name='',

5489

file_description='', enabled=True, hidden=False, check_acl=True,

5491

file_description='', enabled=True, hidden=False, check_acl=True,

5490

user_id=None, scope_user_id=None, scope_repo_id=None, scope_repo_group_id=None):

5492

user_id=None, scope_user_id=None, scope_repo_id=None, scope_repo_group_id=None):

5491

5493

5492

store_entry = FileStore()

5494

store_entry = FileStore()

5493

store_entry.file_uid = file_uid

5495

store_entry.file_uid = file_uid

5494

store_entry.file_display_name = file_display_name

5496

store_entry.file_display_name = file_display_name

5495

store_entry.file_org_name = filename

5497

store_entry.file_org_name = filename

5496

store_entry.file_size = file_size

5498

store_entry.file_size = file_size

5497

store_entry.file_hash = file_hash

5499

store_entry.file_hash = file_hash

5498

store_entry.file_description = file_description

5500

store_entry.file_description = file_description

5499

5501

5500

store_entry.check_acl = check_acl

5502

store_entry.check_acl = check_acl

5501

store_entry.enabled = enabled

5503

store_entry.enabled = enabled

5502

store_entry.hidden = hidden

5504

store_entry.hidden = hidden

5503

5505

5504

store_entry.user_id = user_id

5506

store_entry.user_id = user_id

5505

store_entry.scope_user_id = scope_user_id

5507

store_entry.scope_user_id = scope_user_id

5506

store_entry.scope_repo_id = scope_repo_id

5508

store_entry.scope_repo_id = scope_repo_id

5507

store_entry.scope_repo_group_id = scope_repo_group_id

5509

store_entry.scope_repo_group_id = scope_repo_group_id

5508

5510

5509

return store_entry

5511

return store_entry

5510

5512

5511

@classmethod

5513

@classmethod

5512

def store_metadata(cls, file_store_id, args, commit=True):

5514

def store_metadata(cls, file_store_id, args, commit=True):

5513

file_store = FileStore.get(file_store_id)

5515

file_store = FileStore.get(file_store_id)

5514

if file_store is None:

5516

if file_store is None:

5515

return

5517

return

5516

5518

5517

for section, key, value, value_type in args:

5519

for section, key, value, value_type in args:

5518

has_key = FileStoreMetadata().query() \

5520

has_key = FileStoreMetadata().query() \

5519

.filter(FileStoreMetadata.file_store_id == file_store.file_store_id) \

5521

.filter(FileStoreMetadata.file_store_id == file_store.file_store_id) \

5520

.filter(FileStoreMetadata.file_store_meta_section == section) \

5522

.filter(FileStoreMetadata.file_store_meta_section == section) \

5521

.filter(FileStoreMetadata.file_store_meta_key == key) \

5523

.filter(FileStoreMetadata.file_store_meta_key == key) \

5522

.scalar()

5524

.scalar()

5523

if has_key:

5525

if has_key:

5524

msg = 'key `{}` already defined under section `{}` for this file.'\

5526

msg = 'key `{}` already defined under section `{}` for this file.'\

5525

.format(key, section)

5527

.format(key, section)

5526

raise ArtifactMetadataDuplicate(msg, err_section=section, err_key=key)

5528

raise ArtifactMetadataDuplicate(msg, err_section=section, err_key=key)

5527

5529

5528

# NOTE(marcink): raises ArtifactMetadataBadValueType

5530

# NOTE(marcink): raises ArtifactMetadataBadValueType

5529

FileStoreMetadata.valid_value_type(value_type)

5531

FileStoreMetadata.valid_value_type(value_type)

5530

5532

5531

meta_entry = FileStoreMetadata()

5533

meta_entry = FileStoreMetadata()

5532

meta_entry.file_store = file_store

5534

meta_entry.file_store = file_store

5533

meta_entry.file_store_meta_section = section

5535

meta_entry.file_store_meta_section = section

5534

meta_entry.file_store_meta_key = key

5536

meta_entry.file_store_meta_key = key

5535

meta_entry.file_store_meta_value_type = value_type

5537

meta_entry.file_store_meta_value_type = value_type

5536

meta_entry.file_store_meta_value = value

5538

meta_entry.file_store_meta_value = value

5537

5539

5538

Session().add(meta_entry)

5540

Session().add(meta_entry)

5539

5541

5540

try:

5542

try:

5541

if commit:

5543

if commit:

5542

Session().commit()

5544

Session().commit()

5543

except IntegrityError:

5545

except IntegrityError:

5544

Session().rollback()

5546

Session().rollback()

5545

raise ArtifactMetadataDuplicate('Duplicate section/key found for this file.')

5547

raise ArtifactMetadataDuplicate('Duplicate section/key found for this file.')

5546

5548

5547

@classmethod

5549

@classmethod

5548

def bump_access_counter(cls, file_uid, commit=True):

5550

def bump_access_counter(cls, file_uid, commit=True):

5549

FileStore().query()\

5551

FileStore().query()\

5550

.filter(FileStore.file_uid == file_uid)\

5552

.filter(FileStore.file_uid == file_uid)\

5551

.update({FileStore.accessed_count: (FileStore.accessed_count + 1),

5553

.update({FileStore.accessed_count: (FileStore.accessed_count + 1),

5552

FileStore.accessed_on: datetime.datetime.now()})

5554

FileStore.accessed_on: datetime.datetime.now()})

5553

if commit:

5555

if commit:

5554

Session().commit()

5556

Session().commit()

5555

5557

5556

def __json__(self):

5558

def __json__(self):

5557

data = {

5559

data = {

5558

'filename': self.file_display_name,

5560

'filename': self.file_display_name,

5559

'filename_org': self.file_org_name,

5561

'filename_org': self.file_org_name,

5560

'file_uid': self.file_uid,

5562

'file_uid': self.file_uid,

5561

'description': self.file_description,

5563

'description': self.file_description,

5562

'hidden': self.hidden,

5564

'hidden': self.hidden,

5563

'size': self.file_size,

5565

'size': self.file_size,

5564

'created_on': self.created_on,

5566

'created_on': self.created_on,

5565

'uploaded_by': self.upload_user.get_api_data(details='basic'),

5567

'uploaded_by': self.upload_user.get_api_data(details='basic'),

5566

'downloaded_times': self.accessed_count,

5568

'downloaded_times': self.accessed_count,

5567

'sha256': self.file_hash,

5569

'sha256': self.file_hash,

5568

'metadata': self.file_metadata,

5570

'metadata': self.file_metadata,

5569

}

5571

}

5570

5572

5571

return data

5573

return data

5572

5574

5573

def __repr__(self):

5575

def __repr__(self):

5574

return '<FileStore({})>'.format(self.file_store_id)

5576

return '<FileStore({})>'.format(self.file_store_id)

5575

5577

5576

5578

5577

class FileStoreMetadata(Base, BaseModel):

5579

class FileStoreMetadata(Base, BaseModel):

5578

__tablename__ = 'file_store_metadata'

5580

__tablename__ = 'file_store_metadata'

5579

__table_args__ = (

5581

__table_args__ = (

5580

UniqueConstraint('file_store_id', 'file_store_meta_section_hash', 'file_store_meta_key_hash'),

5582

UniqueConstraint('file_store_id', 'file_store_meta_section_hash', 'file_store_meta_key_hash'),

5581

Index('file_store_meta_section_idx', 'file_store_meta_section', mysql_length=255),

5583

Index('file_store_meta_section_idx', 'file_store_meta_section', mysql_length=255),

5582

Index('file_store_meta_key_idx', 'file_store_meta_key', mysql_length=255),

5584

Index('file_store_meta_key_idx', 'file_store_meta_key', mysql_length=255),

5583

base_table_args

5585

base_table_args

5584

)

5586

)

5585

SETTINGS_TYPES = {

5587

SETTINGS_TYPES = {

5586

'str': safe_str,

5588

'str': safe_str,

5587

'int': safe_int,

5589

'int': safe_int,

5588

'unicode': safe_unicode,

5590

'unicode': safe_unicode,

5589

'bool': str2bool,

5591

'bool': str2bool,

5590

'list': functools.partial(aslist, sep=',')

5592

'list': functools.partial(aslist, sep=',')

5591

}

5593

}

5592

5594

5593

file_store_meta_id = Column(

5595

file_store_meta_id = Column(

5594

"file_store_meta_id", Integer(), nullable=False, unique=True, default=None,

5596

"file_store_meta_id", Integer(), nullable=False, unique=True, default=None,

5595

primary_key=True)

5597

primary_key=True)

5596

_file_store_meta_section = Column(

5598

_file_store_meta_section = Column(

5597

"file_store_meta_section", UnicodeText().with_variant(UnicodeText(1024), 'mysql'),

5599

"file_store_meta_section", UnicodeText().with_variant(UnicodeText(1024), 'mysql'),

5598

nullable=True, unique=None, default=None)

5600

nullable=True, unique=None, default=None)

5599

_file_store_meta_section_hash = Column(

5601

_file_store_meta_section_hash = Column(

5600

"file_store_meta_section_hash", String(255),

5602

"file_store_meta_section_hash", String(255),

5601

nullable=True, unique=None, default=None)

5603

nullable=True, unique=None, default=None)

5602

_file_store_meta_key = Column(

5604

_file_store_meta_key = Column(

5603

"file_store_meta_key", UnicodeText().with_variant(UnicodeText(1024), 'mysql'),

5605

"file_store_meta_key", UnicodeText().with_variant(UnicodeText(1024), 'mysql'),

5604

nullable=True, unique=None, default=None)

5606

nullable=True, unique=None, default=None)

5605

_file_store_meta_key_hash = Column(

5607

_file_store_meta_key_hash = Column(

5606

"file_store_meta_key_hash", String(255), nullable=True, unique=None, default=None)

5608

"file_store_meta_key_hash", String(255), nullable=True, unique=None, default=None)

5607

_file_store_meta_value = Column(

5609

_file_store_meta_value = Column(

5608

"file_store_meta_value", UnicodeText().with_variant(UnicodeText(20480), 'mysql'),

5610

"file_store_meta_value", UnicodeText().with_variant(UnicodeText(20480), 'mysql'),

5609

nullable=True, unique=None, default=None)

5611

nullable=True, unique=None, default=None)

5610

_file_store_meta_value_type = Column(

5612

_file_store_meta_value_type = Column(

5611

"file_store_meta_value_type", String(255), nullable=True, unique=None,

5613

"file_store_meta_value_type", String(255), nullable=True, unique=None,

5612

default='unicode')

5614

default='unicode')

5613

5615

5614

file_store_id = Column(

5616

file_store_id = Column(

5615

'file_store_id', Integer(), ForeignKey('file_store.file_store_id'),

5617

'file_store_id', Integer(), ForeignKey('file_store.file_store_id'),

5616

nullable=True, unique=None, default=None)

5618

nullable=True, unique=None, default=None)

5617

5619

5618

file_store = relationship('FileStore', lazy='joined')

5620

file_store = relationship('FileStore', lazy='joined')

5619

5621

5620

@classmethod

5622

@classmethod

5621

def valid_value_type(cls, value):

5623

def valid_value_type(cls, value):

5622

if value.split('.')[0] not in cls.SETTINGS_TYPES:

5624

if value.split('.')[0] not in cls.SETTINGS_TYPES:

5623

raise ArtifactMetadataBadValueType(

5625

raise ArtifactMetadataBadValueType(

5624

'value_type must be one of %s got %s' % (cls.SETTINGS_TYPES.keys(), value))

5626

'value_type must be one of %s got %s' % (cls.SETTINGS_TYPES.keys(), value))

5625

5627

5626

@hybrid_property

5628

@hybrid_property

5627

def file_store_meta_section(self):

5629

def file_store_meta_section(self):

5628

return self._file_store_meta_section

5630

return self._file_store_meta_section

5629

5631

5630

@file_store_meta_section.setter

5632

@file_store_meta_section.setter

5631

def file_store_meta_section(self, value):

5633

def file_store_meta_section(self, value):

5632

self._file_store_meta_section = value

5634

self._file_store_meta_section = value

5633

self._file_store_meta_section_hash = _hash_key(value)

5635

self._file_store_meta_section_hash = _hash_key(value)

5634

5636

5635

@hybrid_property

5637

@hybrid_property

5636

def file_store_meta_key(self):

5638

def file_store_meta_key(self):

5637

return self._file_store_meta_key

5639

return self._file_store_meta_key

5638

5640

5639

@file_store_meta_key.setter

5641

@file_store_meta_key.setter

5640

def file_store_meta_key(self, value):

5642

def file_store_meta_key(self, value):

5641

self._file_store_meta_key = value

5643

self._file_store_meta_key = value

5642

self._file_store_meta_key_hash = _hash_key(value)

5644

self._file_store_meta_key_hash = _hash_key(value)

5643

5645

5644

@hybrid_property

5646

@hybrid_property

5645

def file_store_meta_value(self):

5647

def file_store_meta_value(self):

5646

val = self._file_store_meta_value

5648

val = self._file_store_meta_value

5647

5649

5648

if self._file_store_meta_value_type:

5650

if self._file_store_meta_value_type:

5649

# e.g unicode.encrypted == unicode

5651

# e.g unicode.encrypted == unicode

5650

_type = self._file_store_meta_value_type.split('.')[0]

5652

_type = self._file_store_meta_value_type.split('.')[0]

5651

# decode the encrypted value if it's encrypted field type

5653

# decode the encrypted value if it's encrypted field type

5652

if '.encrypted' in self._file_store_meta_value_type:

5654

if '.encrypted' in self._file_store_meta_value_type:

5653

cipher = EncryptedTextValue()

5655

cipher = EncryptedTextValue()

5654

val = safe_unicode(cipher.process_result_value(val, None))

5656

val = safe_unicode(cipher.process_result_value(val, None))

5655

# do final type conversion

5657

# do final type conversion

5656

converter = self.SETTINGS_TYPES.get(_type) or self.SETTINGS_TYPES['unicode']

5658

converter = self.SETTINGS_TYPES.get(_type) or self.SETTINGS_TYPES['unicode']

5657

val = converter(val)

5659

val = converter(val)

5658

5660

5659

return val

5661

return val

5660

5662

5661

@file_store_meta_value.setter

5663

@file_store_meta_value.setter

5662

def file_store_meta_value(self, val):

5664

def file_store_meta_value(self, val):

5663

val = safe_unicode(val)

5665

val = safe_unicode(val)

5664

# encode the encrypted value

5666

# encode the encrypted value

5665

if '.encrypted' in self.file_store_meta_value_type:

5667

if '.encrypted' in self.file_store_meta_value_type:

5666

cipher = EncryptedTextValue()

5668

cipher = EncryptedTextValue()

5667

val = safe_unicode(cipher.process_bind_param(val, None))

5669

val = safe_unicode(cipher.process_bind_param(val, None))

5668

self._file_store_meta_value = val

5670

self._file_store_meta_value = val

5669

5671

5670

@hybrid_property

5672

@hybrid_property

5671

def file_store_meta_value_type(self):

5673

def file_store_meta_value_type(self):

5672

return self._file_store_meta_value_type

5674

return self._file_store_meta_value_type

5673

5675

5674

@file_store_meta_value_type.setter

5676

@file_store_meta_value_type.setter

5675

def file_store_meta_value_type(self, val):

5677

def file_store_meta_value_type(self, val):

5676

# e.g unicode.encrypted

5678

# e.g unicode.encrypted

5677

self.valid_value_type(val)

5679

self.valid_value_type(val)

5678

self._file_store_meta_value_type = val

5680

self._file_store_meta_value_type = val

5679

5681

5680

def __json__(self):

5682

def __json__(self):

5681

data = {

5683

data = {

5682

'artifact': self.file_store.file_uid,

5684

'artifact': self.file_store.file_uid,

5683

'section': self.file_store_meta_section,

5685

'section': self.file_store_meta_section,

5684

'key': self.file_store_meta_key,

5686

'key': self.file_store_meta_key,

5685

'value': self.file_store_meta_value,

5687

'value': self.file_store_meta_value,

5686

}

5688

}

5687

5689

5688

return data

5690

return data

5689

5691

5690

def __repr__(self):

5692

def __repr__(self):

5691

return '<%s[%s]%s=>%s]>' % (self.__class__.__name__, self.file_store_meta_section,

5693

return '<%s[%s]%s=>%s]>' % (self.__class__.__name__, self.file_store_meta_section,

5692

self.file_store_meta_key, self.file_store_meta_value)

5694

self.file_store_meta_key, self.file_store_meta_value)

5693

5695

5694

5696

5695

class DbMigrateVersion(Base, BaseModel):

5697

class DbMigrateVersion(Base, BaseModel):

5696

__tablename__ = 'db_migrate_version'

5698

__tablename__ = 'db_migrate_version'

5697

__table_args__ = (

5699

__table_args__ = (

5698

base_table_args,

5700

base_table_args,

5699

)

5701

)

5700

5702

5701

repository_id = Column('repository_id', String(250), primary_key=True)

5703

repository_id = Column('repository_id', String(250), primary_key=True)

5702

repository_path = Column('repository_path', Text)

5704

repository_path = Column('repository_path', Text)

5703

version = Column('version', Integer)

5705

version = Column('version', Integer)

5704

5706

5705

@classmethod

5707

@classmethod

5706

def set_version(cls, version):

5708

def set_version(cls, version):

5707

"""

5709

"""

5708

Helper for forcing a different version, usually for debugging purposes via ishell.

5710

Helper for forcing a different version, usually for debugging purposes via ishell.

5709

"""

5711

"""

5710

ver = DbMigrateVersion.query().first()

5712

ver = DbMigrateVersion.query().first()

5711

ver.version = version

5713

ver.version = version

5712

Session().commit()

5714

Session().commit()

5713

5715

5714

5716

5715

class DbSession(Base, BaseModel):

5717

class DbSession(Base, BaseModel):

5716

__tablename__ = 'db_session'

5718

__tablename__ = 'db_session'

5717

__table_args__ = (

5719

__table_args__ = (

5718

base_table_args,

5720

base_table_args,

5719

)

5721

)

5720

5722

5721

def __repr__(self):

5723

def __repr__(self):

5722

return '<DB:DbSession({})>'.format(self.id)

5724

return '<DB:DbSession({})>'.format(self.id)

5723

5725

5724

id = Column('id', Integer())

5726

id = Column('id', Integer())

5725

namespace = Column('namespace', String(255), primary_key=True)

5727

namespace = Column('namespace', String(255), primary_key=True)

5726

accessed = Column('accessed', DateTime, nullable=False)

5728

accessed = Column('accessed', DateTime, nullable=False)

5727

created = Column('created', DateTime, nullable=False)

5729

created = Column('created', DateTime, nullable=False)

5728

data = Column('data', PickleType, nullable=False)

5730

data = Column('data', PickleType, nullable=False)

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2020 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import itertools
             import logging
             import collections
             from rhodecode.model import BaseModel
             from rhodecode.model.db import (
                 ChangesetStatus, ChangesetComment, PullRequest, Session)
             from rhodecode.lib.exceptions import StatusChangeOnClosedPullRequestError
             from rhodecode.lib.markup_renderer import (
                 DEFAULT_COMMENTS_RENDERER, RstTemplateRenderer)
             log = logging.getLogger(__name__)
             class ChangesetStatusModel(BaseModel):
                 cls = ChangesetStatus
                 def __get_changeset_status(self, changeset_status):
                     return self._get_instance(ChangesetStatus, changeset_status)
                 def __get_pull_request(self, pull_request):
                     return self._get_instance(PullRequest, pull_request)
                 def _get_status_query(self, repo, revision, pull_request,
                                       with_revisions=False):
                     repo = self._get_repo(repo)
                     q = ChangesetStatus.query()\
                         .filter(ChangesetStatus.repo == repo)
                     if not with_revisions:
                         q = q.filter(ChangesetStatus.version == 0)
                     if revision:
                         q = q.filter(ChangesetStatus.revision == revision)
                     elif pull_request:
                         pull_request = self.__get_pull_request(pull_request)
                         # TODO: johbo: Think about the impact of this join, there must
                         # be a reason why ChangesetStatus and ChanagesetComment is linked
                         # to the pull request. Might be that we want to do the same for
                         # the pull_request_version_id.
                         q = q.join(ChangesetComment).filter(
                             ChangesetStatus.pull_request == pull_request,
                             ChangesetComment.pull_request_version_id == None)
                     else:
                         raise Exception('Please specify revision or pull_request')
                     q = q.order_by(ChangesetStatus.version.asc())
                     return q
                 def calculate_group_vote(self, group_id, group_statuses_by_reviewers,
                                          trim_votes=True):
                     """
                     Calculate status based on given group members, and voting rule
                     group1 - 4 members, 3 required for approval
                         user1 - approved
                         user2 - reject
                         user3 - approved
                         user4 - rejected
                     final_state: rejected, reasons not at least 3 votes
                     group1 - 4 members, 2 required for approval
                         user1 - approved
                         user2 - reject
                         user3 - approved
                         user4 - rejected
                     final_state: approved, reasons got at least 2 approvals
                     group1 - 4 members, ALL required for approval
                         user1 - approved
                         user2 - reject
                         user3 - approved
                         user4 - rejected
                     final_state: rejected, reasons not all approvals
                     group1 - 4 members, ALL required for approval
                         user1 - approved
                         user2 - approved
                         user3 - approved
                         user4 - approved
                     final_state: approved, reason all approvals received
                     group1 - 4 members, 5 required for approval
                         (approval should be shorted to number of actual members)
                         user1 - approved
                         user2 - approved
                         user3 - approved
                         user4 - approved
                     final_state: approved, reason all approvals received
                     """
                     group_vote_data = {}
                     got_rule = False
                     members = collections.OrderedDict()
                     for review_obj, user, reasons, mandatory, statuses \
                             in group_statuses_by_reviewers:
                         if not got_rule:
                             group_vote_data = review_obj.rule_user_group_data()
                             got_rule = bool(group_vote_data)
                         members[user.user_id] = statuses
                     if not group_vote_data:
                         return []
                     required_votes = group_vote_data['vote_rule']
                     if required_votes == -1:
                         # -1 means all required, so we replace it with how many people
                         # are in the members
                         required_votes = len(members)
                     if trim_votes and required_votes > len(members):
                         # we require more votes than we have members in the group
                         # in this case we trim the required votes to the number of members
                         required_votes = len(members)
                     approvals = sum([
 for statuses in members.values()
                         if statuses and
                            statuses[0][1].status == ChangesetStatus.STATUS_APPROVED])
                     calculated_votes = []
                     # we have all votes from users, now check if we have enough votes
                     # to fill other
                     fill_in = ChangesetStatus.STATUS_UNDER_REVIEW
                     if approvals >= required_votes:
                         fill_in = ChangesetStatus.STATUS_APPROVED
                     for member, statuses in members.items():
                         if statuses:
                             ver, latest = statuses[0]
                             if fill_in == ChangesetStatus.STATUS_APPROVED:
                                 calculated_votes.append(fill_in)
                             else:
                                 calculated_votes.append(latest.status)
                         else:
                             calculated_votes.append(fill_in)
                     return calculated_votes
                 def calculate_status(self, statuses_by_reviewers):
                     """
                     Given the approval statuses from reviewers, calculates final approval
                     status. There can only be 3 results, all approved, all rejected. If
                     there is no consensus the PR is under review.
                     :param statuses_by_reviewers:
                     """
                     def group_rule(element):
                         review_obj = element[0]
                         rule_data = review_obj.rule_user_group_data()
                         if rule_data and rule_data['id']:
                             return rule_data['id']
                     voting_groups = itertools.groupby(
                         sorted(statuses_by_reviewers, key=group_rule), group_rule)
                     voting_by_groups = [(x, list(y)) for x, y in voting_groups]
                     reviewers_number = len(statuses_by_reviewers)
                     votes = collections.defaultdict(int)
                     for group, group_statuses_by_reviewers in voting_by_groups:
                         if group:
                             # calculate how the "group" voted
                             for vote_status in self.calculate_group_vote(
                                     group, group_statuses_by_reviewers):
                                 votes[vote_status] += 1
                         else:
                             for review_obj, user, reasons, mandatory, statuses \
                                     in group_statuses_by_reviewers:
                                 # individual vote
                                 if statuses:
                                     ver, latest = statuses[0]
                                     votes[latest.status] += 1
                     approved_votes_count = votes[ChangesetStatus.STATUS_APPROVED]
                     rejected_votes_count = votes[ChangesetStatus.STATUS_REJECTED]
                     # TODO(marcink): with group voting, how does rejected work,
                     # do we ever get rejected state ?
-                    if approved_votes_count == reviewers_number:
+                    if approved_votes_count and (approved_votes_count == reviewers_number):
                         return ChangesetStatus.STATUS_APPROVED
-                    if rejected_votes_count == reviewers_number:
+                    if rejected_votes_count and (rejected_votes_count == reviewers_number):
                         return ChangesetStatus.STATUS_REJECTED
                     return ChangesetStatus.STATUS_UNDER_REVIEW
                 def get_statuses(self, repo, revision=None, pull_request=None,
                                  with_revisions=False):
                     q = self._get_status_query(repo, revision, pull_request,
                                                with_revisions)
                     return q.all()
                 def get_status(self, repo, revision=None, pull_request=None, as_str=True):
                     """
                     Returns latest status of changeset for given revision or for given
                     pull request. Statuses are versioned inside a table itself and
                     version == 0 is always the current one
                     :param repo:
                     :param revision: 40char hash or None
                     :param pull_request: pull_request reference
                     :param as_str: return status as string not object
                     """
                     q = self._get_status_query(repo, revision, pull_request)
                     # need to use first here since there can be multiple statuses
                     # returned from pull_request
                     status = q.first()
                     if as_str:
                         status = status.status if status else status
                         st = status or ChangesetStatus.DEFAULT
                         return str(st)
                     return status
                 def _render_auto_status_message(
                         self, status, commit_id=None, pull_request=None):
                     """
                     render the message using DEFAULT_COMMENTS_RENDERER (RST renderer),
                     so it's always looking the same disregarding on which default
                     renderer system is using.
                     :param status: status text to change into
                     :param commit_id: the commit_id we change the status for
                     :param pull_request: the pull request we change the status for
                     """
                     new_status = ChangesetStatus.get_status_lbl(status)
                     params = {
                         'new_status_label': new_status,
                         'pull_request': pull_request,
                         'commit_id': commit_id,
                     }
                     renderer = RstTemplateRenderer()
                     return renderer.render('auto_status_change.mako', **params)
                 def set_status(self, repo, status, user, comment=None, revision=None,
                                pull_request=None, dont_allow_on_closed_pull_request=False):
                     """
                     Creates new status for changeset or updates the old ones bumping their
                     version, leaving the current status at
                     :param repo:
                     :param revision:
                     :param status:
                     :param user:
                     :param comment:
                     :param dont_allow_on_closed_pull_request: don't allow a status change
                         if last status was for pull request and it's closed. We shouldn't
                         mess around this manually
                     """
                     repo = self._get_repo(repo)
                     q = ChangesetStatus.query()
                     if revision:
                         q = q.filter(ChangesetStatus.repo == repo)
                         q = q.filter(ChangesetStatus.revision == revision)
                     elif pull_request:
                         pull_request = self.__get_pull_request(pull_request)
                         q = q.filter(ChangesetStatus.repo == pull_request.source_repo)
                         q = q.filter(ChangesetStatus.revision.in_(pull_request.revisions))
                     cur_statuses = q.all()
                     # if statuses exists and last is associated with a closed pull request
                     # we need to check if we can allow this status change
                     if (dont_allow_on_closed_pull_request and cur_statuses
                         and getattr(cur_statuses[0].pull_request, 'status', '')
                             == PullRequest.STATUS_CLOSED):
                         raise StatusChangeOnClosedPullRequestError(
                             'Changing status on closed pull request is not allowed'
                         )
                     # update all current statuses with older version
                     if cur_statuses:
                         for st in cur_statuses:
                             st.version += 1
                             Session().add(st)
                         Session().flush()
                     def _create_status(user, repo, status, comment, revision, pull_request):
                         new_status = ChangesetStatus()
                         new_status.author = self._get_user(user)
                         new_status.repo = self._get_repo(repo)
                         new_status.status = status
                         new_status.comment = comment
                         new_status.revision = revision
                         new_status.pull_request = pull_request
                         return new_status
                     if not comment:
                         from rhodecode.model.comment import CommentsModel
                         comment = CommentsModel().create(
                             text=self._render_auto_status_message(
                                 status, commit_id=revision, pull_request=pull_request),
                             repo=repo,
                             user=user,
                             pull_request=pull_request,
                             send_email=False, renderer=DEFAULT_COMMENTS_RENDERER
                         )
                     if revision:
                         new_status = _create_status(
                             user=user, repo=repo, status=status, comment=comment,
                             revision=revision, pull_request=pull_request)
                         Session().add(new_status)
                         return new_status
                     elif pull_request:
                         # pull request can have more than one revision associated to it
                         # we need to create new version for each one
                         new_statuses = []
                         repo = pull_request.source_repo
                         for rev in pull_request.revisions:
                             new_status = _create_status(
                                 user=user, repo=repo, status=status, comment=comment,
                                 revision=rev, pull_request=pull_request)
                             new_statuses.append(new_status)
                             Session().add(new_status)
                         return new_statuses
                 def aggregate_votes_by_user(self, commit_statuses, reviewers_data):
                     commit_statuses_map = collections.defaultdict(list)
                     for st in commit_statuses:
                         commit_statuses_map[st.author.username] += [st]
                     reviewers = []
                     def version(commit_status):
                         return commit_status.version
                     for obj in reviewers_data:
                         if not obj.user:
                             continue
                         statuses = commit_statuses_map.get(obj.user.username, None)
                         if statuses:
                             status_groups = itertools.groupby(
                                 sorted(statuses, key=version), version)
                             statuses = [(x, list(y)[0]) for x, y in status_groups]
                         reviewers.append((obj, obj.user, obj.reasons, obj.mandatory, statuses))
                     return reviewers
                 def reviewers_statuses(self, pull_request):
                     _commit_statuses = self.get_statuses(
                         pull_request.source_repo,
                         pull_request=pull_request,
                         with_revisions=True)
                     return self.aggregate_votes_by_user(_commit_statuses, pull_request.reviewers)
                 def calculated_review_status(self, pull_request, reviewers_statuses=None):
                     """
                     calculate pull request status based on reviewers, it should be a list
                     of two element lists.
                     :param reviewers_statuses:
                     """
                     reviewers = reviewers_statuses or self.reviewers_statuses(pull_request)
                     return self.calculate_status(reviewers)

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2020 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             Database Models for RhodeCode Enterprise
             """
             import re
             import os
             import time
             import string
             import hashlib
             import logging
             import datetime
             import uuid
             import warnings
             import ipaddress
             import functools
             import traceback
             import collections
             from sqlalchemy import (
                 or_, and_, not_, func, cast, TypeDecorator, event,
                 Index, Sequence, UniqueConstraint, ForeignKey, CheckConstraint, Column,
                 Boolean, String, Unicode, UnicodeText, DateTime, Integer, LargeBinary,
                 Text, Float, PickleType, BigInteger)
             from sqlalchemy.sql.expression import true, false, case
             from sqlalchemy.sql.functions import coalesce, count  # pragma: no cover
             from sqlalchemy.orm import (
                 relationship, joinedload, class_mapper, validates, aliased)
             from sqlalchemy.ext.declarative import declared_attr
             from sqlalchemy.ext.hybrid import hybrid_property
             from sqlalchemy.exc import IntegrityError  # pragma: no cover
             from sqlalchemy.dialects.mysql import LONGTEXT
             from zope.cachedescriptors.property import Lazy as LazyProperty
             from pyramid import compat
             from pyramid.threadlocal import get_current_request
             from webhelpers2.text import remove_formatting
             from rhodecode.translation import _
             from rhodecode.lib.vcs import get_vcs_instance, VCSError
             from rhodecode.lib.vcs.backends.base import EmptyCommit, Reference
             from rhodecode.lib.utils2 import (
                 str2bool, safe_str, get_commit_safe, safe_unicode, sha1_safe,
                 time_to_datetime, aslist, Optional, safe_int, get_clone_url, AttributeDict,
                 glob2re, StrictAttributeDict, cleaned_uri, datetime_to_time, OrderedDefaultDict)
             from rhodecode.lib.jsonalchemy import MutationObj, MutationList, JsonType, \
                 JsonRaw
             from rhodecode.lib.ext_json import json
             from rhodecode.lib.caching_query import FromCache
             from rhodecode.lib.encrypt import AESCipher, validate_and_get_enc_data
             from rhodecode.lib.encrypt2 import Encryptor
             from rhodecode.lib.exceptions import (
                 ArtifactMetadataDuplicate, ArtifactMetadataBadValueType)
             from rhodecode.model.meta import Base, Session
             URL_SEP = '/'
             log = logging.getLogger(__name__)
             # =============================================================================
             # BASE CLASSES
             # =============================================================================
             # this is propagated from .ini file rhodecode.encrypted_values.secret or
             # beaker.session.secret if first is not set.
             # and initialized at environment.py
             ENCRYPTION_KEY = None
             # used to sort permissions by types, '#' used here is not allowed to be in
             # usernames, and it's very early in sorted string.printable table.
             PERMISSION_TYPE_SORT = {
                 'admin': '####',
                 'write': '###',
                 'read':  '##',
                 'none':  '#',
             }
             def display_user_sort(obj):
                 """
                 Sort function used to sort permissions in .permissions() function of
                 Repository, RepoGroup, UserGroup. Also it put the default user in front
                 of all other resources
                 """
                 if obj.username == User.DEFAULT_USER:
                     return '#####'
                 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
                 extra_sort_num = '1'  # default
                 # NOTE(dan): inactive duplicates goes last
                 if getattr(obj, 'duplicate_perm', None):
                     extra_sort_num = '9'
                 return prefix + extra_sort_num + obj.username
             def display_user_group_sort(obj):
                 """
                 Sort function used to sort permissions in .permissions() function of
                 Repository, RepoGroup, UserGroup. Also it put the default user in front
                 of all other resources
                 """
                 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
                 return prefix + obj.users_group_name
             def _hash_key(k):
                 return sha1_safe(k)
             def in_filter_generator(qry, items, limit=500):
                 """
                 Splits IN() into multiple with OR
                 e.g.::
                 cnt = Repository.query().filter(
                     or_(
                         *in_filter_generator(Repository.repo_id, range(100000))
                     )).count()
                 """
                 if not items:
                     # empty list will cause empty query which might cause security issues
                     # this can lead to hidden unpleasant results
                     items = [-1]
                 parts = []
                 for chunk in xrange(0, len(items), limit):
                     parts.append(
                         qry.in_(items[chunk: chunk + limit])
                     )
                 return parts
             base_table_args = {
                 'extend_existing': True,
                 'mysql_engine': 'InnoDB',
                 'mysql_charset': 'utf8',
                 'sqlite_autoincrement': True
             }
             class EncryptedTextValue(TypeDecorator):
                 """
                 Special column for encrypted long text data, use like::
                     value = Column("encrypted_value", EncryptedValue(), nullable=False)
                 This column is intelligent so if value is in unencrypted form it return
                 unencrypted form, but on save it always encrypts
                 """
                 impl = Text
                 def process_bind_param(self, value, dialect):
                     """
                     Setter for storing value
                     """
                     import rhodecode
                     if not value:
                         return value
                     # protect against double encrypting if values is already encrypted
                     if value.startswith('enc$aes$') \
                             or value.startswith('enc$aes_hmac$') \
                             or value.startswith('enc2$'):
                         raise ValueError('value needs to be in unencrypted format, '
                                          'ie. not starting with enc$ or enc2$')
                     algo = rhodecode.CONFIG.get('rhodecode.encrypted_values.algorithm') or 'aes'
                     if algo == 'aes':
                         return 'enc$aes_hmac$%s' % AESCipher(ENCRYPTION_KEY, hmac=True).encrypt(value)
                     elif algo == 'fernet':
                         return Encryptor(ENCRYPTION_KEY).encrypt(value)
                     else:
                         ValueError('Bad encryption algorithm, should be fernet or aes, got: {}'.format(algo))
                 def process_result_value(self, value, dialect):
                     """
                     Getter for retrieving value
                     """
                     import rhodecode
                     if not value:
                         return value
                     algo = rhodecode.CONFIG.get('rhodecode.encrypted_values.algorithm') or 'aes'
                     enc_strict_mode = str2bool(rhodecode.CONFIG.get('rhodecode.encrypted_values.strict') or True)
                     if algo == 'aes':
                         decrypted_data = validate_and_get_enc_data(value, ENCRYPTION_KEY, enc_strict_mode)
                     elif algo == 'fernet':
                         return Encryptor(ENCRYPTION_KEY).decrypt(value)
                     else:
                         ValueError('Bad encryption algorithm, should be fernet or aes, got: {}'.format(algo))
                     return decrypted_data
             class BaseModel(object):
                 """
                 Base Model for all classes
                 """
                 @classmethod
                 def _get_keys(cls):
                     """return column names for this model """
                     return class_mapper(cls).c.keys()
                 def get_dict(self):
                     """
                     return dict with keys and values corresponding
                     to this model data """
                     d = {}
                     for k in self._get_keys():
                         d[k] = getattr(self, k)
                     # also use __json__() if present to get additional fields
                     _json_attr = getattr(self, '__json__', None)
                     if _json_attr:
                         # update with attributes from __json__
                         if callable(_json_attr):
                             _json_attr = _json_attr()
                         for k, val in _json_attr.iteritems():
                             d[k] = val
                     return d
                 def get_appstruct(self):
                     """return list with keys and values tuples corresponding
                     to this model data """
                     lst = []
                     for k in self._get_keys():
                         lst.append((k, getattr(self, k),))
                     return lst
                 def populate_obj(self, populate_dict):
                     """populate model with data from given populate_dict"""
                     for k in self._get_keys():
                         if k in populate_dict:
                             setattr(self, k, populate_dict[k])
                 @classmethod
                 def query(cls):
                     return Session().query(cls)
                 @classmethod
                 def get(cls, id_):
                     if id_:
                         return cls.query().get(id_)
                 @classmethod
                 def get_or_404(cls, id_):
                     from pyramid.httpexceptions import HTTPNotFound
                     try:
                         id_ = int(id_)
                     except (TypeError, ValueError):
                         raise HTTPNotFound()
                     res = cls.query().get(id_)
                     if not res:
                         raise HTTPNotFound()
                     return res
                 @classmethod
                 def getAll(cls):
                     # deprecated and left for backward compatibility
                     return cls.get_all()
                 @classmethod
                 def get_all(cls):
                     return cls.query().all()
                 @classmethod
                 def delete(cls, id_):
                     obj = cls.query().get(id_)
                     Session().delete(obj)
                 @classmethod
                 def identity_cache(cls, session, attr_name, value):
                     exist_in_session = []
                     for (item_cls, pkey), instance in session.identity_map.items():
                         if cls == item_cls and getattr(instance, attr_name) == value:
                             exist_in_session.append(instance)
                     if exist_in_session:
                         if len(exist_in_session) == 1:
                             return exist_in_session[0]
                         log.exception(
                             'multiple objects with attr %s and '
                             'value %s found with same name: %r',
                             attr_name, value, exist_in_session)
                 def __repr__(self):
                     if hasattr(self, '__unicode__'):
                         # python repr needs to return str
                         try:
                             return safe_str(self.__unicode__())
                         except UnicodeDecodeError:
                             pass
                     return '<DB:%s>' % (self.__class__.__name__)
             class RhodeCodeSetting(Base, BaseModel):
                 __tablename__ = 'rhodecode_settings'
                 __table_args__ = (
                     UniqueConstraint('app_settings_name'),
                     base_table_args
                 )
                 SETTINGS_TYPES = {
                     'str': safe_str,
                     'int': safe_int,
                     'unicode': safe_unicode,
                     'bool': str2bool,
                     'list': functools.partial(aslist, sep=',')
                 }
                 DEFAULT_UPDATE_URL = 'https://rhodecode.com/api/v1/info/versions'
                 GLOBAL_CONF_KEY = 'app_settings'
                 app_settings_id = Column("app_settings_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 app_settings_name = Column("app_settings_name", String(255), nullable=True, unique=None, default=None)
                 _app_settings_value = Column("app_settings_value", String(4096), nullable=True, unique=None, default=None)
                 _app_settings_type = Column("app_settings_type", String(255), nullable=True, unique=None, default=None)
                 def __init__(self, key='', val='', type='unicode'):
                     self.app_settings_name = key
                     self.app_settings_type = type
                     self.app_settings_value = val
                 @validates('_app_settings_value')
                 def validate_settings_value(self, key, val):
                     assert type(val) == unicode
                     return val
                 @hybrid_property
                 def app_settings_value(self):
                     v = self._app_settings_value
                     _type = self.app_settings_type
                     if _type:
                         _type = self.app_settings_type.split('.')[0]
                         # decode the encrypted value
                         if 'encrypted' in self.app_settings_type:
                             cipher = EncryptedTextValue()
                             v = safe_unicode(cipher.process_result_value(v, None))
                     converter = self.SETTINGS_TYPES.get(_type) or \
                         self.SETTINGS_TYPES['unicode']
                     return converter(v)
                 @app_settings_value.setter
                 def app_settings_value(self, val):
                     """
                     Setter that will always make sure we use unicode in app_settings_value
                     :param val:
                     """
                     val = safe_unicode(val)
                     # encode the encrypted value
                     if 'encrypted' in self.app_settings_type:
                         cipher = EncryptedTextValue()
                         val = safe_unicode(cipher.process_bind_param(val, None))
                     self._app_settings_value = val
                 @hybrid_property
                 def app_settings_type(self):
                     return self._app_settings_type
                 @app_settings_type.setter
                 def app_settings_type(self, val):
                     if val.split('.')[0] not in self.SETTINGS_TYPES:
                         raise Exception('type must be one of %s got %s'
                                         % (self.SETTINGS_TYPES.keys(), val))
                     self._app_settings_type = val
                 @classmethod
                 def get_by_prefix(cls, prefix):
                     return RhodeCodeSetting.query()\
                         .filter(RhodeCodeSetting.app_settings_name.startswith(prefix))\
                         .all()
                 def __unicode__(self):
                     return u"<%s('%s:%s[%s]')>" % (
                         self.__class__.__name__,
                         self.app_settings_name, self.app_settings_value,
                         self.app_settings_type
                     )
             class RhodeCodeUi(Base, BaseModel):
                 __tablename__ = 'rhodecode_ui'
                 __table_args__ = (
                     UniqueConstraint('ui_key'),
                     base_table_args
                 )
                 HOOK_REPO_SIZE = 'changegroup.repo_size'
                 # HG
                 HOOK_PRE_PULL = 'preoutgoing.pre_pull'
                 HOOK_PULL = 'outgoing.pull_logger'
                 HOOK_PRE_PUSH = 'prechangegroup.pre_push'
                 HOOK_PRETX_PUSH = 'pretxnchangegroup.pre_push'
                 HOOK_PUSH = 'changegroup.push_logger'
                 HOOK_PUSH_KEY = 'pushkey.key_push'
                 HOOKS_BUILTIN = [
                     HOOK_PRE_PULL,
                     HOOK_PULL,
                     HOOK_PRE_PUSH,
                     HOOK_PRETX_PUSH,
                     HOOK_PUSH,
                     HOOK_PUSH_KEY,
                 ]
                 # TODO: johbo: Unify way how hooks are configured for git and hg,
                 # git part is currently hardcoded.
                 # SVN PATTERNS
                 SVN_BRANCH_ID = 'vcs_svn_branch'
                 SVN_TAG_ID = 'vcs_svn_tag'
                 ui_id = Column(
                     "ui_id", Integer(), nullable=False, unique=True, default=None,
                     primary_key=True)
                 ui_section = Column(
                     "ui_section", String(255), nullable=True, unique=None, default=None)
                 ui_key = Column(
                     "ui_key", String(255), nullable=True, unique=None, default=None)
                 ui_value = Column(
                     "ui_value", String(255), nullable=True, unique=None, default=None)
                 ui_active = Column(
                     "ui_active", Boolean(), nullable=True, unique=None, default=True)
                 def __repr__(self):
                     return '<%s[%s]%s=>%s]>' % (self.__class__.__name__, self.ui_section,
                                                 self.ui_key, self.ui_value)
             class RepoRhodeCodeSetting(Base, BaseModel):
                 __tablename__ = 'repo_rhodecode_settings'
                 __table_args__ = (
                     UniqueConstraint(
                         'app_settings_name', 'repository_id',
                         name='uq_repo_rhodecode_setting_name_repo_id'),
                     base_table_args
                 )
                 repository_id = Column(
                     "repository_id", Integer(), ForeignKey('repositories.repo_id'),
                     nullable=False)
                 app_settings_id = Column(
                     "app_settings_id", Integer(), nullable=False, unique=True,
                     default=None, primary_key=True)
                 app_settings_name = Column(
                     "app_settings_name", String(255), nullable=True, unique=None,
                     default=None)
                 _app_settings_value = Column(
                     "app_settings_value", String(4096), nullable=True, unique=None,
                     default=None)
                 _app_settings_type = Column(
                     "app_settings_type", String(255), nullable=True, unique=None,
                     default=None)
                 repository = relationship('Repository')
                 def __init__(self, repository_id, key='', val='', type='unicode'):
                     self.repository_id = repository_id
                     self.app_settings_name = key
                     self.app_settings_type = type
                     self.app_settings_value = val
                 @validates('_app_settings_value')
                 def validate_settings_value(self, key, val):
                     assert type(val) == unicode
                     return val
                 @hybrid_property
                 def app_settings_value(self):
                     v = self._app_settings_value
                     type_ = self.app_settings_type
                     SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
                     converter = SETTINGS_TYPES.get(type_) or SETTINGS_TYPES['unicode']
                     return converter(v)
                 @app_settings_value.setter
                 def app_settings_value(self, val):
                     """
                     Setter that will always make sure we use unicode in app_settings_value
                     :param val:
                     """
                     self._app_settings_value = safe_unicode(val)
                 @hybrid_property
                 def app_settings_type(self):
                     return self._app_settings_type
                 @app_settings_type.setter
                 def app_settings_type(self, val):
                     SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
                     if val not in SETTINGS_TYPES:
                         raise Exception('type must be one of %s got %s'
                                         % (SETTINGS_TYPES.keys(), val))
                     self._app_settings_type = val
                 def __unicode__(self):
                     return u"<%s('%s:%s:%s[%s]')>" % (
                         self.__class__.__name__, self.repository.repo_name,
                         self.app_settings_name, self.app_settings_value,
                         self.app_settings_type
                     )
             class RepoRhodeCodeUi(Base, BaseModel):
                 __tablename__ = 'repo_rhodecode_ui'
                 __table_args__ = (
                     UniqueConstraint(
                         'repository_id', 'ui_section', 'ui_key',
                         name='uq_repo_rhodecode_ui_repository_id_section_key'),
                     base_table_args
                 )
                 repository_id = Column(
                     "repository_id", Integer(), ForeignKey('repositories.repo_id'),
                     nullable=False)
                 ui_id = Column(
                     "ui_id", Integer(), nullable=False, unique=True, default=None,
                     primary_key=True)
                 ui_section = Column(
                     "ui_section", String(255), nullable=True, unique=None, default=None)
                 ui_key = Column(
                     "ui_key", String(255), nullable=True, unique=None, default=None)
                 ui_value = Column(
                     "ui_value", String(255), nullable=True, unique=None, default=None)
                 ui_active = Column(
                     "ui_active", Boolean(), nullable=True, unique=None, default=True)
                 repository = relationship('Repository')
                 def __repr__(self):
                     return '<%s[%s:%s]%s=>%s]>' % (
                         self.__class__.__name__, self.repository.repo_name,
                         self.ui_section, self.ui_key, self.ui_value)
             class User(Base, BaseModel):
                 __tablename__ = 'users'
                 __table_args__ = (
                     UniqueConstraint('username'), UniqueConstraint('email'),
                     Index('u_username_idx', 'username'),
                     Index('u_email_idx', 'email'),
                     base_table_args
                 )
                 DEFAULT_USER = 'default'
                 DEFAULT_USER_EMAIL = 'anonymous@rhodecode.org'
                 DEFAULT_GRAVATAR_URL = 'https://secure.gravatar.com/avatar/{md5email}?d=identicon&s={size}'
                 user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 username = Column("username", String(255), nullable=True, unique=None, default=None)
                 password = Column("password", String(255), nullable=True, unique=None, default=None)
                 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
                 admin = Column("admin", Boolean(), nullable=True, unique=None, default=False)
                 name = Column("firstname", String(255), nullable=True, unique=None, default=None)
                 lastname = Column("lastname", String(255), nullable=True, unique=None, default=None)
                 _email = Column("email", String(255), nullable=True, unique=None, default=None)
                 last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None)
                 last_activity = Column('last_activity', DateTime(timezone=False), nullable=True, unique=None, default=None)
                 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
                 extern_type = Column("extern_type", String(255), nullable=True, unique=None, default=None)
                 extern_name = Column("extern_name", String(255), nullable=True, unique=None, default=None)
                 _api_key = Column("api_key", String(255), nullable=True, unique=None, default=None)
                 inherit_default_permissions = Column("inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 _user_data = Column("user_data", LargeBinary(), nullable=True)  # JSON data
                 user_log = relationship('UserLog')
                 user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all, delete-orphan')
                 repositories = relationship('Repository')
                 repository_groups = relationship('RepoGroup')
                 user_groups = relationship('UserGroup')
                 user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all')
                 followings = relationship('UserFollowing', primaryjoin='UserFollowing.user_id==User.user_id', cascade='all')
                 repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all, delete-orphan')
                 repo_group_to_perm = relationship('UserRepoGroupToPerm', primaryjoin='UserRepoGroupToPerm.user_id==User.user_id', cascade='all, delete-orphan')
                 user_group_to_perm = relationship('UserUserGroupToPerm', primaryjoin='UserUserGroupToPerm.user_id==User.user_id', cascade='all, delete-orphan')
                 group_member = relationship('UserGroupMember', cascade='all')
                 notifications = relationship('UserNotification', cascade='all')
                 # notifications assigned to this user
                 user_created_notifications = relationship('Notification', cascade='all')
                 # comments created by this user
                 user_comments = relationship('ChangesetComment', cascade='all')
                 # user profile extra info
                 user_emails = relationship('UserEmailMap', cascade='all')
                 user_ip_map = relationship('UserIpMap', cascade='all')
                 user_auth_tokens = relationship('UserApiKeys', cascade='all')
                 user_ssh_keys = relationship('UserSshKeys', cascade='all')
                 # gists
                 user_gists = relationship('Gist', cascade='all')
                 # user pull requests
                 user_pull_requests = relationship('PullRequest', cascade='all')
                 # external identities
                 external_identities = relationship(
                     'ExternalIdentity',
                     primaryjoin="User.user_id==ExternalIdentity.local_user_id",
                     cascade='all')
                 # review rules
                 user_review_rules = relationship('RepoReviewRuleUser', cascade='all')
                 # artifacts owned
                 artifacts = relationship('FileStore', primaryjoin='FileStore.user_id==User.user_id')
                 # no cascade, set NULL
                 scope_artifacts = relationship('FileStore', primaryjoin='FileStore.scope_user_id==User.user_id')
                 def __unicode__(self):
                     return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
                                                   self.user_id, self.username)
                 @hybrid_property
                 def email(self):
                     return self._email
                 @email.setter
                 def email(self, val):
                     self._email = val.lower() if val else None
                 @hybrid_property
                 def first_name(self):
                     from rhodecode.lib import helpers as h
                     if self.name:
                         return h.escape(self.name)
                     return self.name
                 @hybrid_property
                 def last_name(self):
                     from rhodecode.lib import helpers as h
                     if self.lastname:
                         return h.escape(self.lastname)
                     return self.lastname
                 @hybrid_property
                 def api_key(self):
                     """
                     Fetch if exist an auth-token with role ALL connected to this user
                     """
                     user_auth_token = UserApiKeys.query()\
                         .filter(UserApiKeys.user_id == self.user_id)\
                         .filter(or_(UserApiKeys.expires == -1,
                                         UserApiKeys.expires >= time.time()))\
                         .filter(UserApiKeys.role == UserApiKeys.ROLE_ALL).first()
                     if user_auth_token:
                         user_auth_token = user_auth_token.api_key
                     return user_auth_token
                 @api_key.setter
                 def api_key(self, val):
                     # don't allow to set API key this is deprecated for now
                     self._api_key = None
                 @property
                 def reviewer_pull_requests(self):
                     return PullRequestReviewers.query() \
                         .options(joinedload(PullRequestReviewers.pull_request)) \
                         .filter(PullRequestReviewers.user_id == self.user_id) \
                         .all()
                 @property
                 def firstname(self):
                     # alias for future
                     return self.name
                 @property
                 def emails(self):
                     other = UserEmailMap.query()\
                         .filter(UserEmailMap.user == self) \
                         .order_by(UserEmailMap.email_id.asc()) \
                         .all()
                     return [self.email] + [x.email for x in other]
                 def emails_cached(self):
                     emails = UserEmailMap.query()\
                         .filter(UserEmailMap.user == self) \
                         .order_by(UserEmailMap.email_id.asc())
                     emails = emails.options(
                         FromCache("sql_cache_short", "get_user_{}_emails".format(self.user_id))
                     )
                     return [self.email] + [x.email for x in emails]
                 @property
                 def auth_tokens(self):
                     auth_tokens = self.get_auth_tokens()
                     return [x.api_key for x in auth_tokens]
                 def get_auth_tokens(self):
                     return UserApiKeys.query()\
                         .filter(UserApiKeys.user == self)\
                         .order_by(UserApiKeys.user_api_key_id.asc())\
                         .all()
                 @LazyProperty
                 def feed_token(self):
                     return self.get_feed_token()
                 def get_feed_token(self, cache=True):
                     feed_tokens = UserApiKeys.query()\
                         .filter(UserApiKeys.user == self)\
                         .filter(UserApiKeys.role == UserApiKeys.ROLE_FEED)
                     if cache:
                         feed_tokens = feed_tokens.options(
                             FromCache("sql_cache_short", "get_user_feed_token_%s" % self.user_id))
                     feed_tokens = feed_tokens.all()
                     if feed_tokens:
                         return feed_tokens[0].api_key
                     return 'NO_FEED_TOKEN_AVAILABLE'
                 @LazyProperty
                 def artifact_token(self):
                     return self.get_artifact_token()
                 def get_artifact_token(self, cache=True):
                     artifacts_tokens = UserApiKeys.query()\
                         .filter(UserApiKeys.user == self)\
                         .filter(UserApiKeys.role == UserApiKeys.ROLE_ARTIFACT_DOWNLOAD)
                     if cache:
                         artifacts_tokens = artifacts_tokens.options(
                             FromCache("sql_cache_short", "get_user_artifact_token_%s" % self.user_id))
                     artifacts_tokens = artifacts_tokens.all()
                     if artifacts_tokens:
                         return artifacts_tokens[0].api_key
                     return 'NO_ARTIFACT_TOKEN_AVAILABLE'
                 @classmethod
                 def get(cls, user_id, cache=False):
                     if not user_id:
                         return
                     user = cls.query()
                     if cache:
                         user = user.options(
                             FromCache("sql_cache_short", "get_users_%s" % user_id))
                     return user.get(user_id)
                 @classmethod
                 def extra_valid_auth_tokens(cls, user, role=None):
                     tokens = UserApiKeys.query().filter(UserApiKeys.user == user)\
                             .filter(or_(UserApiKeys.expires == -1,
                                         UserApiKeys.expires >= time.time()))
                     if role:
                         tokens = tokens.filter(or_(UserApiKeys.role == role,
                                                    UserApiKeys.role == UserApiKeys.ROLE_ALL))
                     return tokens.all()
                 def authenticate_by_token(self, auth_token, roles=None, scope_repo_id=None):
                     from rhodecode.lib import auth
                     log.debug('Trying to authenticate user: %s via auth-token, '
                               'and roles: %s', self, roles)
                     if not auth_token:
                         return False
                     roles = (roles or []) + [UserApiKeys.ROLE_ALL]
                     tokens_q = UserApiKeys.query()\
                         .filter(UserApiKeys.user_id == self.user_id)\
                         .filter(or_(UserApiKeys.expires == -1,
                                     UserApiKeys.expires >= time.time()))
                     tokens_q = tokens_q.filter(UserApiKeys.role.in_(roles))
                     crypto_backend = auth.crypto_backend()
                     enc_token_map = {}
                     plain_token_map = {}
                     for token in tokens_q:
                         if token.api_key.startswith(crypto_backend.ENC_PREF):
                             enc_token_map[token.api_key] = token
                         else:
                             plain_token_map[token.api_key] = token
                     log.debug(
                         'Found %s plain and %s encrypted tokens to check for authentication for this user',
                         len(plain_token_map), len(enc_token_map))
                     # plain token match comes first
                     match = plain_token_map.get(auth_token)
                     # check encrypted tokens now
                     if not match:
                         for token_hash, token in enc_token_map.items():
                             # NOTE(marcink): this is expensive to calculate, but most secure
                             if crypto_backend.hash_check(auth_token, token_hash):
                                 match = token
                                 break
                     if match:
                         log.debug('Found matching token %s', match)
                         if match.repo_id:
                             log.debug('Found scope, checking for scope match of token %s', match)
                             if match.repo_id == scope_repo_id:
                                 return True
                             else:
                                 log.debug(
                                     'AUTH_TOKEN: scope mismatch, token has a set repo scope: %s, '
                                     'and calling scope is:%s, skipping further checks',
                                      match.repo, scope_repo_id)
                                 return False
                         else:
                             return True
                     return False
                 @property
                 def ip_addresses(self):
                     ret = UserIpMap.query().filter(UserIpMap.user == self).all()
                     return [x.ip_addr for x in ret]
                 @property
                 def username_and_name(self):
                     return '%s (%s %s)' % (self.username, self.first_name, self.last_name)
                 @property
                 def username_or_name_or_email(self):
                     full_name = self.full_name if self.full_name is not ' ' else None
                     return self.username or full_name or self.email
                 @property
                 def full_name(self):
                     return '%s %s' % (self.first_name, self.last_name)
                 @property
                 def full_name_or_username(self):
                     return ('%s %s' % (self.first_name, self.last_name)
                             if (self.first_name and self.last_name) else self.username)
                 @property
                 def full_contact(self):
                     return '%s %s <%s>' % (self.first_name, self.last_name, self.email)
                 @property
                 def short_contact(self):
                     return '%s %s' % (self.first_name, self.last_name)
                 @property
                 def is_admin(self):
                     return self.admin
                 @property
                 def language(self):
                     return self.user_data.get('language')
                 def AuthUser(self, **kwargs):
                     """
                     Returns instance of AuthUser for this user
                     """
                     from rhodecode.lib.auth import AuthUser
                     return AuthUser(user_id=self.user_id, username=self.username, **kwargs)
                 @hybrid_property
                 def user_data(self):
                     if not self._user_data:
                         return {}
                     try:
                         return json.loads(self._user_data)
                     except TypeError:
                         return {}
                 @user_data.setter
                 def user_data(self, val):
                     if not isinstance(val, dict):
                         raise Exception('user_data must be dict, got %s' % type(val))
                     try:
                         self._user_data = json.dumps(val)
                     except Exception:
                         log.error(traceback.format_exc())
                 @classmethod
                 def get_by_username(cls, username, case_insensitive=False,
                                     cache=False, identity_cache=False):
                     session = Session()
                     if case_insensitive:
                         q = cls.query().filter(
                             func.lower(cls.username) == func.lower(username))
                     else:
                         q = cls.query().filter(cls.username == username)
                     if cache:
                         if identity_cache:
                             val = cls.identity_cache(session, 'username', username)
                             if val:
                                 return val
                         else:
                             cache_key = "get_user_by_name_%s" % _hash_key(username)
                             q = q.options(
                                 FromCache("sql_cache_short", cache_key))
                     return q.scalar()
                 @classmethod
                 def get_by_auth_token(cls, auth_token, cache=False):
                     q = UserApiKeys.query()\
                         .filter(UserApiKeys.api_key == auth_token)\
                         .filter(or_(UserApiKeys.expires == -1,
                                     UserApiKeys.expires >= time.time()))
                     if cache:
                         q = q.options(
                             FromCache("sql_cache_short", "get_auth_token_%s" % auth_token))
                     match = q.first()
                     if match:
                         return match.user
                 @classmethod
                 def get_by_email(cls, email, case_insensitive=False, cache=False):
                     if case_insensitive:
                         q = cls.query().filter(func.lower(cls.email) == func.lower(email))
                     else:
                         q = cls.query().filter(cls.email == email)
                     email_key = _hash_key(email)
                     if cache:
                         q = q.options(
                             FromCache("sql_cache_short", "get_email_key_%s" % email_key))
                     ret = q.scalar()
                     if ret is None:
                         q = UserEmailMap.query()
                         # try fetching in alternate email map
                         if case_insensitive:
                             q = q.filter(func.lower(UserEmailMap.email) == func.lower(email))
                         else:
                             q = q.filter(UserEmailMap.email == email)
                         q = q.options(joinedload(UserEmailMap.user))
                         if cache:
                             q = q.options(
                                 FromCache("sql_cache_short", "get_email_map_key_%s" % email_key))
                         ret = getattr(q.scalar(), 'user', None)
                     return ret
                 @classmethod
                 def get_from_cs_author(cls, author):
                     """
                     Tries to get User objects out of commit author string
                     :param author:
                     """
                     from rhodecode.lib.helpers import email, author_name
                     # Valid email in the attribute passed, see if they're in the system
                     _email = email(author)
                     if _email:
                         user = cls.get_by_email(_email, case_insensitive=True)
                         if user:
                             return user
                     # Maybe we can match by username?
                     _author = author_name(author)
                     user = cls.get_by_username(_author, case_insensitive=True)
                     if user:
                         return user
                 def update_userdata(self, **kwargs):
                     usr = self
                     old = usr.user_data
                     old.update(**kwargs)
                     usr.user_data = old
                     Session().add(usr)
                     log.debug('updated userdata with %s', kwargs)
                 def update_lastlogin(self):
                     """Update user lastlogin"""
                     self.last_login = datetime.datetime.now()
                     Session().add(self)
                     log.debug('updated user %s lastlogin', self.username)
                 def update_password(self, new_password):
                     from rhodecode.lib.auth import get_crypt_password
                     self.password = get_crypt_password(new_password)
                     Session().add(self)
                 @classmethod
                 def get_first_super_admin(cls):
                     user = User.query()\
                         .filter(User.admin == true()) \
                         .order_by(User.user_id.asc()) \
                         .first()
                     if user is None:
                         raise Exception('FATAL: Missing administrative account!')
                     return user
                 @classmethod
                 def get_all_super_admins(cls, only_active=False):
                     """
                     Returns all admin accounts sorted by username
                     """
                     qry = User.query().filter(User.admin == true()).order_by(User.username.asc())
                     if only_active:
                         qry = qry.filter(User.active == true())
                     return qry.all()
                 @classmethod
                 def get_all_user_ids(cls, only_active=True):
                     """
                     Returns all users IDs
                     """
                     qry = Session().query(User.user_id)
                     if only_active:
                         qry = qry.filter(User.active == true())
                     return [x.user_id for x in qry]
                 @classmethod
                 def get_default_user(cls, cache=False, refresh=False):
                     user = User.get_by_username(User.DEFAULT_USER, cache=cache)
                     if user is None:
                         raise Exception('FATAL: Missing default account!')
                     if refresh:
                         # The default user might be based on outdated state which
                         # has been loaded from the cache.
                         # A call to refresh() ensures that the
                         # latest state from the database is used.
                         Session().refresh(user)
                     return user
                 @classmethod
                 def get_default_user_id(cls):
                     import rhodecode
                     return rhodecode.CONFIG['default_user_id']
                 def _get_default_perms(self, user, suffix=''):
                     from rhodecode.model.permission import PermissionModel
                     return PermissionModel().get_default_perms(user.user_perms, suffix)
                 def get_default_perms(self, suffix=''):
                     return self._get_default_perms(self, suffix)
                 def get_api_data(self, include_secrets=False, details='full'):
                     """
                     Common function for generating user related data for API
                     :param include_secrets: By default secrets in the API data will be replaced
                        by a placeholder value to prevent exposing this data by accident. In case
                        this data shall be exposed, set this flag to ``True``.
                     :param details: details can be 'basic|full' basic gives only a subset of
                        the available user information that includes user_id, name and emails.
                     """
                     user = self
                     user_data = self.user_data
                     data = {
                         'user_id': user.user_id,
                         'username': user.username,
                         'firstname': user.name,
                         'lastname': user.lastname,
                         'description': user.description,
                         'email': user.email,
                         'emails': user.emails,
                     }
                     if details == 'basic':
                         return data
                     auth_token_length = 40
                     auth_token_replacement = '*' * auth_token_length
                     extras = {
                         'auth_tokens': [auth_token_replacement],
                         'active': user.active,
                         'admin': user.admin,
                         'extern_type': user.extern_type,
                         'extern_name': user.extern_name,
                         'last_login': user.last_login,
                         'last_activity': user.last_activity,
                         'ip_addresses': user.ip_addresses,
                         'language': user_data.get('language')
                     }
                     data.update(extras)
                     if include_secrets:
                         data['auth_tokens'] = user.auth_tokens
                     return data
                 def __json__(self):
                     data = {
                         'full_name': self.full_name,
                         'full_name_or_username': self.full_name_or_username,
                         'short_contact': self.short_contact,
                         'full_contact': self.full_contact,
                     }
                     data.update(self.get_api_data())
                     return data
             class UserApiKeys(Base, BaseModel):
                 __tablename__ = 'user_api_keys'
                 __table_args__ = (
                     Index('uak_api_key_idx', 'api_key'),
                     Index('uak_api_key_expires_idx', 'api_key', 'expires'),
                     base_table_args
                 )
                 __mapper_args__ = {}
                 # ApiKey role
                 ROLE_ALL = 'token_role_all'
                 ROLE_VCS = 'token_role_vcs'
                 ROLE_API = 'token_role_api'
                 ROLE_HTTP = 'token_role_http'
                 ROLE_FEED = 'token_role_feed'
                 ROLE_ARTIFACT_DOWNLOAD = 'role_artifact_download'
                 # The last one is ignored in the list as we only
                 # use it for one action, and cannot be created by users
                 ROLE_PASSWORD_RESET = 'token_password_reset'
                 ROLES = [ROLE_ALL, ROLE_VCS, ROLE_API, ROLE_HTTP, ROLE_FEED, ROLE_ARTIFACT_DOWNLOAD]
                 user_api_key_id = Column("user_api_key_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
                 api_key = Column("api_key", String(255), nullable=False, unique=True)
                 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
                 expires = Column('expires', Float(53), nullable=False)
                 role = Column('role', String(255), nullable=True)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 # scope columns
                 repo_id = Column(
                     'repo_id', Integer(), ForeignKey('repositories.repo_id'),
                     nullable=True, unique=None, default=None)
                 repo = relationship('Repository', lazy='joined')
                 repo_group_id = Column(
                     'repo_group_id', Integer(), ForeignKey('groups.group_id'),
                     nullable=True, unique=None, default=None)
                 repo_group = relationship('RepoGroup', lazy='joined')
                 user = relationship('User', lazy='joined')
                 def __unicode__(self):
                     return u"<%s('%s')>" % (self.__class__.__name__, self.role)
                 def __json__(self):
                     data = {
                         'auth_token': self.api_key,
                         'role': self.role,
                         'scope': self.scope_humanized,
                         'expired': self.expired
                     }
                     return data
                 def get_api_data(self, include_secrets=False):
                     data = self.__json__()
                     if include_secrets:
                         return data
                     else:
                         data['auth_token'] = self.token_obfuscated
                         return data
                 @hybrid_property
                 def description_safe(self):
                     from rhodecode.lib import helpers as h
                     return h.escape(self.description)
                 @property
                 def expired(self):
                     if self.expires == -1:
                         return False
                     return time.time() > self.expires
                 @classmethod
                 def _get_role_name(cls, role):
                     return {
                         cls.ROLE_ALL: _('all'),
                         cls.ROLE_HTTP: _('http/web interface'),
                         cls.ROLE_VCS: _('vcs (git/hg/svn protocol)'),
                         cls.ROLE_API: _('api calls'),
                         cls.ROLE_FEED: _('feed access'),
                         cls.ROLE_ARTIFACT_DOWNLOAD: _('artifacts downloads'),
                     }.get(role, role)
                 @classmethod
                 def _get_role_description(cls, role):
                     return {
                         cls.ROLE_ALL: _('Token for all actions.'),
                         cls.ROLE_HTTP: _('Token to access RhodeCode pages via web interface without '
                                          'login using `api_access_controllers_whitelist` functionality.'),
                         cls.ROLE_VCS: _('Token to interact over git/hg/svn protocols. '
                                         'Requires auth_token authentication plugin to be active. <br/>'
                                         'Such Token should be used then instead of a password to '
                                         'interact with a repository, and additionally can be '
                                         'limited to single repository using repo scope.'),
                         cls.ROLE_API: _('Token limited to api calls.'),
                         cls.ROLE_FEED: _('Token to read RSS/ATOM feed.'),
                         cls.ROLE_ARTIFACT_DOWNLOAD: _('Token for artifacts downloads.'),
                     }.get(role, role)
                 @property
                 def role_humanized(self):
                     return self._get_role_name(self.role)
                 def _get_scope(self):
                     if self.repo:
                         return 'Repository: {}'.format(self.repo.repo_name)
                     if self.repo_group:
                         return 'RepositoryGroup: {} (recursive)'.format(self.repo_group.group_name)
                     return 'Global'
                 @property
                 def scope_humanized(self):
                     return self._get_scope()
                 @property
                 def token_obfuscated(self):
                     if self.api_key:
                         return self.api_key[:4] + "****"
             class UserEmailMap(Base, BaseModel):
                 __tablename__ = 'user_email_map'
                 __table_args__ = (
                     Index('uem_email_idx', 'email'),
                     UniqueConstraint('email'),
                     base_table_args
                 )
                 __mapper_args__ = {}
                 email_id = Column("email_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
                 _email = Column("email", String(255), nullable=True, unique=False, default=None)
                 user = relationship('User', lazy='joined')
                 @validates('_email')
                 def validate_email(self, key, email):
                     # check if this email is not main one
                     main_email = Session().query(User).filter(User.email == email).scalar()
                     if main_email is not None:
                         raise AttributeError('email %s is present is user table' % email)
                     return email
                 @hybrid_property
                 def email(self):
                     return self._email
                 @email.setter
                 def email(self, val):
                     self._email = val.lower() if val else None
             class UserIpMap(Base, BaseModel):
                 __tablename__ = 'user_ip_map'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'ip_addr'),
                     base_table_args
                 )
                 __mapper_args__ = {}
                 ip_id = Column("ip_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
                 ip_addr = Column("ip_addr", String(255), nullable=True, unique=False, default=None)
                 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
                 description = Column("description", String(10000), nullable=True, unique=None, default=None)
                 user = relationship('User', lazy='joined')
                 @hybrid_property
                 def description_safe(self):
                     from rhodecode.lib import helpers as h
                     return h.escape(self.description)
                 @classmethod
                 def _get_ip_range(cls, ip_addr):
                     net = ipaddress.ip_network(safe_unicode(ip_addr), strict=False)
                     return [str(net.network_address), str(net.broadcast_address)]
                 def __json__(self):
                     return {
                       'ip_addr': self.ip_addr,
                       'ip_range': self._get_ip_range(self.ip_addr),
                     }
                 def __unicode__(self):
                     return u"<%s('user_id:%s=>%s')>" % (self.__class__.__name__,
                                                         self.user_id, self.ip_addr)
             class UserSshKeys(Base, BaseModel):
                 __tablename__ = 'user_ssh_keys'
                 __table_args__ = (
                     Index('usk_ssh_key_fingerprint_idx', 'ssh_key_fingerprint'),
                     UniqueConstraint('ssh_key_fingerprint'),
                     base_table_args
                 )
                 __mapper_args__ = {}
                 ssh_key_id = Column('ssh_key_id', Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 ssh_key_data = Column('ssh_key_data', String(10240), nullable=False, unique=None, default=None)
                 ssh_key_fingerprint = Column('ssh_key_fingerprint', String(255), nullable=False, unique=None, default=None)
                 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 accessed_on = Column('accessed_on', DateTime(timezone=False), nullable=True, default=None)
                 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
                 user = relationship('User', lazy='joined')
                 def __json__(self):
                     data = {
                         'ssh_fingerprint': self.ssh_key_fingerprint,
                         'description': self.description,
                         'created_on': self.created_on
                     }
                     return data
                 def get_api_data(self):
                     data = self.__json__()
                     return data
             class UserLog(Base, BaseModel):
                 __tablename__ = 'user_logs'
                 __table_args__ = (
                     base_table_args,
                 )
                 VERSION_1 = 'v1'
                 VERSION_2 = 'v2'
                 VERSIONS = [VERSION_1, VERSION_2]
                 user_log_id = Column("user_log_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id',ondelete='SET NULL'), nullable=True, unique=None, default=None)
                 username = Column("username", String(255), nullable=True, unique=None, default=None)
                 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id', ondelete='SET NULL'), nullable=True, unique=None, default=None)
                 repository_name = Column("repository_name", String(255), nullable=True, unique=None, default=None)
                 user_ip = Column("user_ip", String(255), nullable=True, unique=None, default=None)
                 action = Column("action", Text().with_variant(Text(1200000), 'mysql'), nullable=True, unique=None, default=None)
                 action_date = Column("action_date", DateTime(timezone=False), nullable=True, unique=None, default=None)
                 version = Column("version", String(255), nullable=True, default=VERSION_1)
                 user_data = Column('user_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
                 action_data = Column('action_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
                 def __unicode__(self):
                     return u"<%s('id:%s:%s')>" % (
                         self.__class__.__name__, self.repository_name, self.action)
                 def __json__(self):
                     return {
                         'user_id': self.user_id,
                         'username': self.username,
                         'repository_id': self.repository_id,
                         'repository_name': self.repository_name,
                         'user_ip': self.user_ip,
                         'action_date': self.action_date,
                         'action': self.action,
                     }
                 @hybrid_property
                 def entry_id(self):
                     return self.user_log_id
                 @property
                 def action_as_day(self):
                     return datetime.date(*self.action_date.timetuple()[:3])
                 user = relationship('User')
                 repository = relationship('Repository', cascade='')
             class UserGroup(Base, BaseModel):
                 __tablename__ = 'users_groups'
                 __table_args__ = (
                     base_table_args,
                 )
                 users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 users_group_name = Column("users_group_name", String(255), nullable=False, unique=True, default=None)
                 user_group_description = Column("user_group_description", String(10000), nullable=True, unique=None, default=None)
                 users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None)
                 inherit_default_permissions = Column("users_group_inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 _group_data = Column("group_data", LargeBinary(), nullable=True)  # JSON data
                 members = relationship('UserGroupMember', cascade="all, delete-orphan", lazy="joined")
                 users_group_to_perm = relationship('UserGroupToPerm', cascade='all')
                 users_group_repo_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
                 users_group_repo_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')
                 user_user_group_to_perm = relationship('UserUserGroupToPerm', cascade='all')
                 user_group_user_group_to_perm = relationship('UserGroupUserGroupToPerm ', primaryjoin="UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id", cascade='all')
                 user_group_review_rules = relationship('RepoReviewRuleUserGroup', cascade='all')
                 user = relationship('User', primaryjoin="User.user_id==UserGroup.user_id")
                 @classmethod
                 def _load_group_data(cls, column):
                     if not column:
                         return {}
                     try:
                         return json.loads(column) or {}
                     except TypeError:
                         return {}
                 @hybrid_property
                 def description_safe(self):
                     from rhodecode.lib import helpers as h
                     return h.escape(self.user_group_description)
                 @hybrid_property
                 def group_data(self):
                     return self._load_group_data(self._group_data)
                 @group_data.expression
                 def group_data(self, **kwargs):
                     return self._group_data
                 @group_data.setter
                 def group_data(self, val):
                     try:
                         self._group_data = json.dumps(val)
                     except Exception:
                         log.error(traceback.format_exc())
                 @classmethod
                 def _load_sync(cls, group_data):
                     if group_data:
                         return group_data.get('extern_type')
                 @property
                 def sync(self):
                     return self._load_sync(self.group_data)
                 def __unicode__(self):
                     return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
                                                   self.users_group_id,
                                                   self.users_group_name)
                 @classmethod
                 def get_by_group_name(cls, group_name, cache=False,
                                       case_insensitive=False):
                     if case_insensitive:
                         q = cls.query().filter(func.lower(cls.users_group_name) ==
                                                func.lower(group_name))
                     else:
                         q = cls.query().filter(cls.users_group_name == group_name)
                     if cache:
                         q = q.options(
                             FromCache("sql_cache_short", "get_group_%s" % _hash_key(group_name)))
                     return q.scalar()
                 @classmethod
                 def get(cls, user_group_id, cache=False):
                     if not user_group_id:
                         return
                     user_group = cls.query()
                     if cache:
                         user_group = user_group.options(
                             FromCache("sql_cache_short", "get_users_group_%s" % user_group_id))
                     return user_group.get(user_group_id)
                 def permissions(self, with_admins=True, with_owner=True,
                                 expand_from_user_groups=False):
                     """
                     Permissions for user groups
                     """
                     _admin_perm = 'usergroup.admin'
                     owner_row = []
                     if with_owner:
                         usr = AttributeDict(self.user.get_dict())
                         usr.owner_row = True
                         usr.permission = _admin_perm
                         owner_row.append(usr)
                     super_admin_ids = []
                     super_admin_rows = []
                     if with_admins:
                         for usr in User.get_all_super_admins():
                             super_admin_ids.append(usr.user_id)
                             # if this admin is also owner, don't double the record
                             if usr.user_id == owner_row[0].user_id:
                                 owner_row[0].admin_row = True
                             else:
                                 usr = AttributeDict(usr.get_dict())
                                 usr.admin_row = True
                                 usr.permission = _admin_perm
                                 super_admin_rows.append(usr)
                     q = UserUserGroupToPerm.query().filter(UserUserGroupToPerm.user_group == self)
                     q = q.options(joinedload(UserUserGroupToPerm.user_group),
                                   joinedload(UserUserGroupToPerm.user),
                                   joinedload(UserUserGroupToPerm.permission),)
                     # get owners and admins and permissions. We do a trick of re-writing
                     # objects from sqlalchemy to named-tuples due to sqlalchemy session
                     # has a global reference and changing one object propagates to all
                     # others. This means if admin is also an owner admin_row that change
                     # would propagate to both objects
                     perm_rows = []
                     for _usr in q.all():
                         usr = AttributeDict(_usr.user.get_dict())
                         # if this user is also owner/admin, mark as duplicate record
                         if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
                             usr.duplicate_perm = True
                         usr.permission = _usr.permission.permission_name
                         perm_rows.append(usr)
                     # filter the perm rows by 'default' first and then sort them by
                     # admin,write,read,none permissions sorted again alphabetically in
                     # each group
                     perm_rows = sorted(perm_rows, key=display_user_sort)
                     user_groups_rows = []
                     if expand_from_user_groups:
                         for ug in self.permission_user_groups(with_members=True):
                             for user_data in ug.members:
                                 user_groups_rows.append(user_data)
                     return super_admin_rows + owner_row + perm_rows + user_groups_rows
                 def permission_user_groups(self, with_members=False):
                     q = UserGroupUserGroupToPerm.query()\
                         .filter(UserGroupUserGroupToPerm.target_user_group == self)
                     q = q.options(joinedload(UserGroupUserGroupToPerm.user_group),
                                   joinedload(UserGroupUserGroupToPerm.target_user_group),
                                   joinedload(UserGroupUserGroupToPerm.permission),)
                     perm_rows = []
                     for _user_group in q.all():
                         entry = AttributeDict(_user_group.user_group.get_dict())
                         entry.permission = _user_group.permission.permission_name
                         if with_members:
                             entry.members = [x.user.get_dict()
                                              for x in _user_group.user_group.members]
                         perm_rows.append(entry)
                     perm_rows = sorted(perm_rows, key=display_user_group_sort)
                     return perm_rows
                 def _get_default_perms(self, user_group, suffix=''):
                     from rhodecode.model.permission import PermissionModel
                     return PermissionModel().get_default_perms(user_group.users_group_to_perm, suffix)
                 def get_default_perms(self, suffix=''):
                     return self._get_default_perms(self, suffix)
                 def get_api_data(self, with_group_members=True, include_secrets=False):
                     """
                     :param include_secrets: See :meth:`User.get_api_data`, this parameter is
                        basically forwarded.
                     """
                     user_group = self
                     data = {
                         'users_group_id': user_group.users_group_id,
                         'group_name': user_group.users_group_name,
                         'group_description': user_group.user_group_description,
                         'active': user_group.users_group_active,
                         'owner': user_group.user.username,
                         'sync': user_group.sync,
                         'owner_email': user_group.user.email,
                     }
                     if with_group_members:
                         users = []
                         for user in user_group.members:
                             user = user.user
                             users.append(user.get_api_data(include_secrets=include_secrets))
                         data['users'] = users
                     return data
             class UserGroupMember(Base, BaseModel):
                 __tablename__ = 'users_groups_members'
                 __table_args__ = (
                     base_table_args,
                 )
                 users_group_member_id = Column("users_group_member_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 user = relationship('User', lazy='joined')
                 users_group = relationship('UserGroup')
                 def __init__(self, gr_id='', u_id=''):
                     self.users_group_id = gr_id
                     self.user_id = u_id
             class RepositoryField(Base, BaseModel):
                 __tablename__ = 'repositories_fields'
                 __table_args__ = (
                     UniqueConstraint('repository_id', 'field_key'),  # no-multi field
                     base_table_args,
                 )
                 PREFIX = 'ex_'  # prefix used in form to not conflict with already existing fields
                 repo_field_id = Column("repo_field_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
                 field_key = Column("field_key", String(250))
                 field_label = Column("field_label", String(1024), nullable=False)
                 field_value = Column("field_value", String(10000), nullable=False)
                 field_desc = Column("field_desc", String(1024), nullable=False)
                 field_type = Column("field_type", String(255), nullable=False, unique=None)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 repository = relationship('Repository')
                 @property
                 def field_key_prefixed(self):
                     return 'ex_%s' % self.field_key
                 @classmethod
                 def un_prefix_key(cls, key):
                     if key.startswith(cls.PREFIX):
                         return key[len(cls.PREFIX):]
                     return key
                 @classmethod
                 def get_by_key_name(cls, key, repo):
                     row = cls.query()\
                             .filter(cls.repository == repo)\
                             .filter(cls.field_key == key).scalar()
                     return row
             class Repository(Base, BaseModel):
                 __tablename__ = 'repositories'
                 __table_args__ = (
                     Index('r_repo_name_idx', 'repo_name', mysql_length=255),
                     base_table_args,
                 )
                 DEFAULT_CLONE_URI = '{scheme}://{user}@{netloc}/{repo}'
                 DEFAULT_CLONE_URI_ID = '{scheme}://{user}@{netloc}/_{repoid}'
                 DEFAULT_CLONE_URI_SSH = 'ssh://{sys_user}@{hostname}/{repo}'
                 STATE_CREATED = 'repo_state_created'
                 STATE_PENDING = 'repo_state_pending'
                 STATE_ERROR = 'repo_state_error'
                 LOCK_AUTOMATIC = 'lock_auto'
                 LOCK_API = 'lock_api'
                 LOCK_WEB = 'lock_web'
                 LOCK_PULL = 'lock_pull'
                 NAME_SEP = URL_SEP
                 repo_id = Column(
                     "repo_id", Integer(), nullable=False, unique=True, default=None,
                     primary_key=True)
                 _repo_name = Column(
                     "repo_name", Text(), nullable=False, default=None)
                 repo_name_hash = Column(
                     "repo_name_hash", String(255), nullable=False, unique=True)
                 repo_state = Column("repo_state", String(255), nullable=True)
                 clone_uri = Column(
                     "clone_uri", EncryptedTextValue(), nullable=True, unique=False,
                     default=None)
                 push_uri = Column(
                     "push_uri", EncryptedTextValue(), nullable=True, unique=False,
                     default=None)
                 repo_type = Column(
                     "repo_type", String(255), nullable=False, unique=False, default=None)
                 user_id = Column(
                     "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
                     unique=False, default=None)
                 private = Column(
                     "private", Boolean(), nullable=True, unique=None, default=None)
                 archived = Column(
                     "archived", Boolean(), nullable=True, unique=None, default=None)
                 enable_statistics = Column(
                     "statistics", Boolean(), nullable=True, unique=None, default=True)
                 enable_downloads = Column(
                     "downloads", Boolean(), nullable=True, unique=None, default=True)
                 description = Column(
                     "description", String(10000), nullable=True, unique=None, default=None)
                 created_on = Column(
                     'created_on', DateTime(timezone=False), nullable=True, unique=None,
                     default=datetime.datetime.now)
                 updated_on = Column(
                     'updated_on', DateTime(timezone=False), nullable=True, unique=None,
                     default=datetime.datetime.now)
                 _landing_revision = Column(
                     "landing_revision", String(255), nullable=False, unique=False,
                     default=None)
                 enable_locking = Column(
                     "enable_locking", Boolean(), nullable=False, unique=None,
                     default=False)
                 _locked = Column(
                     "locked", String(255), nullable=True, unique=False, default=None)
                 _changeset_cache = Column(
                     "changeset_cache", LargeBinary(), nullable=True)  # JSON data
                 fork_id = Column(
                     "fork_id", Integer(), ForeignKey('repositories.repo_id'),
                     nullable=True, unique=False, default=None)
                 group_id = Column(
                     "group_id", Integer(), ForeignKey('groups.group_id'), nullable=True,
                     unique=False, default=None)
                 user = relationship('User', lazy='joined')
                 fork = relationship('Repository', remote_side=repo_id, lazy='joined')
                 group = relationship('RepoGroup', lazy='joined')
                 repo_to_perm = relationship(
                     'UserRepoToPerm', cascade='all',
                     order_by='UserRepoToPerm.repo_to_perm_id')
                 users_group_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
                 stats = relationship('Statistics', cascade='all', uselist=False)
                 followers = relationship(
                     'UserFollowing',
                     primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id',
                     cascade='all')
                 extra_fields = relationship(
                     'RepositoryField', cascade="all, delete-orphan")
                 logs = relationship('UserLog')
                 comments = relationship(
                     'ChangesetComment', cascade="all, delete-orphan")
                 pull_requests_source = relationship(
                     'PullRequest',
                     primaryjoin='PullRequest.source_repo_id==Repository.repo_id',
                     cascade="all, delete-orphan")
                 pull_requests_target = relationship(
                     'PullRequest',
                     primaryjoin='PullRequest.target_repo_id==Repository.repo_id',
                     cascade="all, delete-orphan")
                 ui = relationship('RepoRhodeCodeUi', cascade="all")
                 settings = relationship('RepoRhodeCodeSetting', cascade="all")
                 integrations = relationship('Integration', cascade="all, delete-orphan")
                 scoped_tokens = relationship('UserApiKeys', cascade="all")
                 # no cascade, set NULL
                 artifacts = relationship('FileStore', primaryjoin='FileStore.scope_repo_id==Repository.repo_id')
                 def __unicode__(self):
                     return u"<%s('%s:%s')>" % (self.__class__.__name__, self.repo_id,
                                                safe_unicode(self.repo_name))
                 @hybrid_property
                 def description_safe(self):
                     from rhodecode.lib import helpers as h
                     return h.escape(self.description)
                 @hybrid_property
                 def landing_rev(self):
                     # always should return [rev_type, rev], e.g ['branch', 'master']
                     if self._landing_revision:
                         _rev_info = self._landing_revision.split(':')
                         if len(_rev_info) < 2:
                             _rev_info.insert(0, 'rev')
                         return [_rev_info[0], _rev_info[1]]
                     return [None, None]
                 @property
                 def landing_ref_type(self):
                     return self.landing_rev[0]
                 @property
                 def landing_ref_name(self):
                     return self.landing_rev[1]
                 @landing_rev.setter
                 def landing_rev(self, val):
                     if ':' not in val:
                         raise ValueError('value must be delimited with `:` and consist '
                                          'of <rev_type>:<rev>, got %s instead' % val)
                     self._landing_revision = val
                 @hybrid_property
                 def locked(self):
                     if self._locked:
                         user_id, timelocked, reason = self._locked.split(':')
                         lock_values = int(user_id), timelocked, reason
                     else:
                         lock_values = [None, None, None]
                     return lock_values
                 @locked.setter
                 def locked(self, val):
                     if val and isinstance(val, (list, tuple)):
                         self._locked = ':'.join(map(str, val))
                     else:
                         self._locked = None
                 @classmethod
                 def _load_changeset_cache(cls, repo_id, changeset_cache_raw):
                     from rhodecode.lib.vcs.backends.base import EmptyCommit
                     dummy = EmptyCommit().__json__()
                     if not changeset_cache_raw:
                         dummy['source_repo_id'] = repo_id
                         return json.loads(json.dumps(dummy))
                     try:
                         return json.loads(changeset_cache_raw)
                     except TypeError:
                         return dummy
                     except Exception:
                         log.error(traceback.format_exc())
                         return dummy
                 @hybrid_property
                 def changeset_cache(self):
                     return self._load_changeset_cache(self.repo_id, self._changeset_cache)
                 @changeset_cache.setter
                 def changeset_cache(self, val):
                     try:
                         self._changeset_cache = json.dumps(val)
                     except Exception:
                         log.error(traceback.format_exc())
                 @hybrid_property
                 def repo_name(self):
                     return self._repo_name
                 @repo_name.setter
                 def repo_name(self, value):
                     self._repo_name = value
                     self.repo_name_hash = hashlib.sha1(safe_str(value)).hexdigest()
                 @classmethod
                 def normalize_repo_name(cls, repo_name):
                     """
                     Normalizes os specific repo_name to the format internally stored inside
                     database using URL_SEP
                     :param cls:
                     :param repo_name:
                     """
                     return cls.NAME_SEP.join(repo_name.split(os.sep))
                 @classmethod
                 def get_by_repo_name(cls, repo_name, cache=False, identity_cache=False):
                     session = Session()
                     q = session.query(cls).filter(cls.repo_name == repo_name)
                     if cache:
                         if identity_cache:
                             val = cls.identity_cache(session, 'repo_name', repo_name)
                             if val:
                                 return val
                         else:
                             cache_key = "get_repo_by_name_%s" % _hash_key(repo_name)
                             q = q.options(
                                 FromCache("sql_cache_short", cache_key))
                     return q.scalar()
                 @classmethod
                 def get_by_id_or_repo_name(cls, repoid):
                     if isinstance(repoid, (int, long)):
                         try:
                             repo = cls.get(repoid)
                         except ValueError:
                             repo = None
                     else:
                         repo = cls.get_by_repo_name(repoid)
                     return repo
                 @classmethod
                 def get_by_full_path(cls, repo_full_path):
                     repo_name = repo_full_path.split(cls.base_path(), 1)[-1]
                     repo_name = cls.normalize_repo_name(repo_name)
                     return cls.get_by_repo_name(repo_name.strip(URL_SEP))
                 @classmethod
                 def get_repo_forks(cls, repo_id):
                     return cls.query().filter(Repository.fork_id == repo_id)
                 @classmethod
                 def base_path(cls):
                     """
                     Returns base path when all repos are stored
                     :param cls:
                     """
                     q = Session().query(RhodeCodeUi)\
                         .filter(RhodeCodeUi.ui_key == cls.NAME_SEP)
                     q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
                     return q.one().ui_value
                 @classmethod
                 def get_all_repos(cls, user_id=Optional(None), group_id=Optional(None),
                                   case_insensitive=True, archived=False):
                     q = Repository.query()
                     if not archived:
                         q = q.filter(Repository.archived.isnot(true()))
                     if not isinstance(user_id, Optional):
                         q = q.filter(Repository.user_id == user_id)
                     if not isinstance(group_id, Optional):
                         q = q.filter(Repository.group_id == group_id)
                     if case_insensitive:
                         q = q.order_by(func.lower(Repository.repo_name))
                     else:
                         q = q.order_by(Repository.repo_name)
                     return q.all()
                 @property
                 def repo_uid(self):
                     return '_{}'.format(self.repo_id)
                 @property
                 def forks(self):
                     """
                     Return forks of this repo
                     """
                     return Repository.get_repo_forks(self.repo_id)
                 @property
                 def parent(self):
                     """
                     Returns fork parent
                     """
                     return self.fork
                 @property
                 def just_name(self):
                     return self.repo_name.split(self.NAME_SEP)[-1]
                 @property
                 def groups_with_parents(self):
                     groups = []
                     if self.group is None:
                         return groups
                     cur_gr = self.group
                     groups.insert(0, cur_gr)
                     while 1:
                         gr = getattr(cur_gr, 'parent_group', None)
                         cur_gr = cur_gr.parent_group
                         if gr is None:
                             break
                         groups.insert(0, gr)
                     return groups
                 @property
                 def groups_and_repo(self):
                     return self.groups_with_parents, self
                 @LazyProperty
                 def repo_path(self):
                     """
                     Returns base full path for that repository means where it actually
                     exists on a filesystem
                     """
                     q = Session().query(RhodeCodeUi).filter(
                         RhodeCodeUi.ui_key == self.NAME_SEP)
                     q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
                     return q.one().ui_value
                 @property
                 def repo_full_path(self):
                     p = [self.repo_path]
                     # we need to split the name by / since this is how we store the
                     # names in the database, but that eventually needs to be converted
                     # into a valid system path
                     p += self.repo_name.split(self.NAME_SEP)
                     return os.path.join(*map(safe_unicode, p))
                 @property
                 def cache_keys(self):
                     """
                     Returns associated cache keys for that repo
                     """
                     invalidation_namespace = CacheKey.REPO_INVALIDATION_NAMESPACE.format(
                         repo_id=self.repo_id)
                     return CacheKey.query()\
                         .filter(CacheKey.cache_args == invalidation_namespace)\
                         .order_by(CacheKey.cache_key)\
                         .all()
                 @property
                 def cached_diffs_relative_dir(self):
                     """
                     Return a relative to the repository store path of cached diffs
                     used for safe display for users, who shouldn't know the absolute store
                     path
                     """
                     return os.path.join(
                         os.path.dirname(self.repo_name),
                         self.cached_diffs_dir.split(os.path.sep)[-1])
                 @property
                 def cached_diffs_dir(self):
                     path = self.repo_full_path
                     return os.path.join(
                         os.path.dirname(path),
                         '.__shadow_diff_cache_repo_{}'.format(self.repo_id))
                 def cached_diffs(self):
                     diff_cache_dir = self.cached_diffs_dir
                     if os.path.isdir(diff_cache_dir):
                         return os.listdir(diff_cache_dir)
                     return []
                 def shadow_repos(self):
                     shadow_repos_pattern = '.__shadow_repo_{}'.format(self.repo_id)
                     return [
                         x for x in os.listdir(os.path.dirname(self.repo_full_path))
                         if x.startswith(shadow_repos_pattern)]
                 def get_new_name(self, repo_name):
                     """
                     returns new full repository name based on assigned group and new new
                     :param group_name:
                     """
                     path_prefix = self.group.full_path_splitted if self.group else []
                     return self.NAME_SEP.join(path_prefix + [repo_name])
                 @property
                 def _config(self):
                     """
                     Returns db based config object.
                     """
                     from rhodecode.lib.utils import make_db_config
                     return make_db_config(clear_session=False, repo=self)
                 def permissions(self, with_admins=True, with_owner=True,
                                 expand_from_user_groups=False):
                     """
                     Permissions for repositories
                     """
                     _admin_perm = 'repository.admin'
                     owner_row = []
                     if with_owner:
                         usr = AttributeDict(self.user.get_dict())
                         usr.owner_row = True
                         usr.permission = _admin_perm
                         usr.permission_id = None
                         owner_row.append(usr)
                     super_admin_ids = []
                     super_admin_rows = []
                     if with_admins:
                         for usr in User.get_all_super_admins():
                             super_admin_ids.append(usr.user_id)
                             # if this admin is also owner, don't double the record
                             if usr.user_id == owner_row[0].user_id:
                                 owner_row[0].admin_row = True
                             else:
                                 usr = AttributeDict(usr.get_dict())
                                 usr.admin_row = True
                                 usr.permission = _admin_perm
                                 usr.permission_id = None
                                 super_admin_rows.append(usr)
                     q = UserRepoToPerm.query().filter(UserRepoToPerm.repository == self)
                     q = q.options(joinedload(UserRepoToPerm.repository),
                                   joinedload(UserRepoToPerm.user),
                                   joinedload(UserRepoToPerm.permission),)
                     # get owners and admins and permissions. We do a trick of re-writing
                     # objects from sqlalchemy to named-tuples due to sqlalchemy session
                     # has a global reference and changing one object propagates to all
                     # others. This means if admin is also an owner admin_row that change
                     # would propagate to both objects
                     perm_rows = []
                     for _usr in q.all():
                         usr = AttributeDict(_usr.user.get_dict())
                         # if this user is also owner/admin, mark as duplicate record
                         if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
                             usr.duplicate_perm = True
                         # also check if this permission is maybe used by branch_permissions
                         if _usr.branch_perm_entry:
                             usr.branch_rules = [x.branch_rule_id for x in _usr.branch_perm_entry]
                         usr.permission = _usr.permission.permission_name
                         usr.permission_id = _usr.repo_to_perm_id
                         perm_rows.append(usr)
                     # filter the perm rows by 'default' first and then sort them by
                     # admin,write,read,none permissions sorted again alphabetically in
                     # each group
                     perm_rows = sorted(perm_rows, key=display_user_sort)
                     user_groups_rows = []
                     if expand_from_user_groups:
                         for ug in self.permission_user_groups(with_members=True):
                             for user_data in ug.members:
                                 user_groups_rows.append(user_data)
                     return super_admin_rows + owner_row + perm_rows + user_groups_rows
                 def permission_user_groups(self, with_members=True):
                     q = UserGroupRepoToPerm.query()\
                         .filter(UserGroupRepoToPerm.repository == self)
                     q = q.options(joinedload(UserGroupRepoToPerm.repository),
                                   joinedload(UserGroupRepoToPerm.users_group),
                                   joinedload(UserGroupRepoToPerm.permission),)
                     perm_rows = []
                     for _user_group in q.all():
                         entry = AttributeDict(_user_group.users_group.get_dict())
                         entry.permission = _user_group.permission.permission_name
                         if with_members:
                             entry.members = [x.user.get_dict()
                                              for x in _user_group.users_group.members]
                         perm_rows.append(entry)
                     perm_rows = sorted(perm_rows, key=display_user_group_sort)
                     return perm_rows
                 def get_api_data(self, include_secrets=False):
                     """
                     Common function for generating repo api data
                     :param include_secrets: See :meth:`User.get_api_data`.
                     """
                     # TODO: mikhail: Here there is an anti-pattern, we probably need to
                     # move this methods on models level.
                     from rhodecode.model.settings import SettingsModel
                     from rhodecode.model.repo import RepoModel
                     repo = self
                     _user_id, _time, _reason = self.locked
                     data = {
                         'repo_id': repo.repo_id,
                         'repo_name': repo.repo_name,
                         'repo_type': repo.repo_type,
                         'clone_uri': repo.clone_uri or '',
                         'push_uri': repo.push_uri or '',
                         'url': RepoModel().get_url(self),
                         'private': repo.private,
                         'created_on': repo.created_on,
                         'description': repo.description_safe,
                         'landing_rev': repo.landing_rev,
                         'owner': repo.user.username,
                         'fork_of': repo.fork.repo_name if repo.fork else None,
                         'fork_of_id': repo.fork.repo_id if repo.fork else None,
                         'enable_statistics': repo.enable_statistics,
                         'enable_locking': repo.enable_locking,
                         'enable_downloads': repo.enable_downloads,
                         'last_changeset': repo.changeset_cache,
                         'locked_by': User.get(_user_id).get_api_data(
                             include_secrets=include_secrets) if _user_id else None,
                         'locked_date': time_to_datetime(_time) if _time else None,
                         'lock_reason': _reason if _reason else None,
                     }
                     # TODO: mikhail: should be per-repo settings here
                     rc_config = SettingsModel().get_all_settings()
                     repository_fields = str2bool(
                         rc_config.get('rhodecode_repository_fields'))
                     if repository_fields:
                         for f in self.extra_fields:
                             data[f.field_key_prefixed] = f.field_value
                     return data
                 @classmethod
                 def lock(cls, repo, user_id, lock_time=None, lock_reason=None):
                     if not lock_time:
                         lock_time = time.time()
                     if not lock_reason:
                         lock_reason = cls.LOCK_AUTOMATIC
                     repo.locked = [user_id, lock_time, lock_reason]
                     Session().add(repo)
                     Session().commit()
                 @classmethod
                 def unlock(cls, repo):
                     repo.locked = None
                     Session().add(repo)
                     Session().commit()
                 @classmethod
                 def getlock(cls, repo):
                     return repo.locked
                 def is_user_lock(self, user_id):
                     if self.lock[0]:
                         lock_user_id = safe_int(self.lock[0])
                         user_id = safe_int(user_id)
                         # both are ints, and they are equal
                         return all([lock_user_id, user_id]) and lock_user_id == user_id
                     return False
                 def get_locking_state(self, action, user_id, only_when_enabled=True):
                     """
                     Checks locking on this repository, if locking is enabled and lock is
                     present returns a tuple of make_lock, locked, locked_by.
                     make_lock can have 3 states None (do nothing) True, make lock
                     False release lock, This value is later propagated to hooks, which
                     do the locking. Think about this as signals passed to hooks what to do.
                     """
                     # TODO: johbo: This is part of the business logic and should be moved
                     # into the RepositoryModel.
                     if action not in ('push', 'pull'):
                         raise ValueError("Invalid action value: %s" % repr(action))
                     # defines if locked error should be thrown to user
                     currently_locked = False
                     # defines if new lock should be made, tri-state
                     make_lock = None
                     repo = self
                     user = User.get(user_id)
                     lock_info = repo.locked
                     if repo and (repo.enable_locking or not only_when_enabled):
                         if action == 'push':
                             # check if it's already locked !, if it is compare users
                             locked_by_user_id = lock_info[0]
                             if user.user_id == locked_by_user_id:
                                 log.debug(
                                     'Got `push` action from user %s, now unlocking', user)
                                 # unlock if we have push from user who locked
                                 make_lock = False
                             else:
                                 # we're not the same user who locked, ban with
                                 # code defined in settings (default is 423 HTTP Locked) !
                                 log.debug('Repo %s is currently locked by %s', repo, user)
                                 currently_locked = True
                         elif action == 'pull':
                             # [0] user [1] date
                             if lock_info[0] and lock_info[1]:
                                 log.debug('Repo %s is currently locked by %s', repo, user)
                                 currently_locked = True
                             else:
                                 log.debug('Setting lock on repo %s by %s', repo, user)
                                 make_lock = True
                     else:
                         log.debug('Repository %s do not have locking enabled', repo)
                     log.debug('FINAL locking values make_lock:%s,locked:%s,locked_by:%s',
                               make_lock, currently_locked, lock_info)
                     from rhodecode.lib.auth import HasRepoPermissionAny
                     perm_check = HasRepoPermissionAny('repository.write', 'repository.admin')
                     if make_lock and not perm_check(repo_name=repo.repo_name, user=user):
                         # if we don't have at least write permission we cannot make a lock
                         log.debug('lock state reset back to FALSE due to lack '
                                   'of at least read permission')
                         make_lock = False
                     return make_lock, currently_locked, lock_info
                 @property
                 def last_commit_cache_update_diff(self):
                     return time.time() - (safe_int(self.changeset_cache.get('updated_on')) or 0)
                 @classmethod
                 def _load_commit_change(cls, last_commit_cache):
                     from rhodecode.lib.vcs.utils.helpers import parse_datetime
                     empty_date = datetime.datetime.fromtimestamp(0)
                     date_latest = last_commit_cache.get('date', empty_date)
                     try:
                         return parse_datetime(date_latest)
                     except Exception:
                         return empty_date
                 @property
                 def last_commit_change(self):
                     return self._load_commit_change(self.changeset_cache)
                 @property
                 def last_db_change(self):
                     return self.updated_on
                 @property
                 def clone_uri_hidden(self):
                     clone_uri = self.clone_uri
                     if clone_uri:
                         import urlobject
                         url_obj = urlobject.URLObject(cleaned_uri(clone_uri))
                         if url_obj.password:
                             clone_uri = url_obj.with_password('*****')
                     return clone_uri
                 @property
                 def push_uri_hidden(self):
                     push_uri = self.push_uri
                     if push_uri:
                         import urlobject
                         url_obj = urlobject.URLObject(cleaned_uri(push_uri))
                         if url_obj.password:
                             push_uri = url_obj.with_password('*****')
                     return push_uri
                 def clone_url(self, **override):
                     from rhodecode.model.settings import SettingsModel
                     uri_tmpl = None
                     if 'with_id' in override:
                         uri_tmpl = self.DEFAULT_CLONE_URI_ID
                         del override['with_id']
                     if 'uri_tmpl' in override:
                         uri_tmpl = override['uri_tmpl']
                         del override['uri_tmpl']
                     ssh = False
                     if 'ssh' in override:
                         ssh = True
                         del override['ssh']
                     # we didn't override our tmpl from **overrides
                     request = get_current_request()
                     if not uri_tmpl:
                         if hasattr(request, 'call_context') and hasattr(request.call_context, 'rc_config'):
                             rc_config = request.call_context.rc_config
                         else:
                             rc_config = SettingsModel().get_all_settings(cache=True)
                         if ssh:
                             uri_tmpl = rc_config.get(
                                 'rhodecode_clone_uri_ssh_tmpl') or self.DEFAULT_CLONE_URI_SSH
                         else:
                             uri_tmpl = rc_config.get(
                                 'rhodecode_clone_uri_tmpl') or self.DEFAULT_CLONE_URI
                     return get_clone_url(request=request,
                                          uri_tmpl=uri_tmpl,
                                          repo_name=self.repo_name,
                                          repo_id=self.repo_id,
                                          repo_type=self.repo_type,
                                          **override)
                 def set_state(self, state):
                     self.repo_state = state
                     Session().add(self)
                 #==========================================================================
                 # SCM PROPERTIES
                 #==========================================================================
                 def get_commit(self, commit_id=None, commit_idx=None, pre_load=None, maybe_unreachable=False):
                     return get_commit_safe(
                         self.scm_instance(), commit_id, commit_idx, pre_load=pre_load,
                         maybe_unreachable=maybe_unreachable)
                 def get_changeset(self, rev=None, pre_load=None):
                     warnings.warn("Use get_commit", DeprecationWarning)
                     commit_id = None
                     commit_idx = None
                     if isinstance(rev, compat.string_types):
                         commit_id = rev
                     else:
                         commit_idx = rev
                     return self.get_commit(commit_id=commit_id, commit_idx=commit_idx,
                                            pre_load=pre_load)
                 def get_landing_commit(self):
                     """
                     Returns landing commit, or if that doesn't exist returns the tip
                     """
                     _rev_type, _rev = self.landing_rev
                     commit = self.get_commit(_rev)
                     if isinstance(commit, EmptyCommit):
                         return self.get_commit()
                     return commit
                 def flush_commit_cache(self):
                     self.update_commit_cache(cs_cache={'raw_id':'0'})
                     self.update_commit_cache()
                 def update_commit_cache(self, cs_cache=None, config=None):
                     """
                     Update cache of last commit for repository
                     cache_keys should be::
                         source_repo_id
                         short_id
                         raw_id
                         revision
                         parents
                         message
                         date
                         author
                         updated_on
                     """
                     from rhodecode.lib.vcs.backends.base import BaseChangeset
                     from rhodecode.lib.vcs.utils.helpers import parse_datetime
                     empty_date = datetime.datetime.fromtimestamp(0)
                     if cs_cache is None:
                         # use no-cache version here
                         try:
                             scm_repo = self.scm_instance(cache=False, config=config)
                         except VCSError:
                             scm_repo = None
                         empty = scm_repo is None or scm_repo.is_empty()
                         if not empty:
                             cs_cache = scm_repo.get_commit(
                                 pre_load=["author", "date", "message", "parents", "branch"])
                         else:
                             cs_cache = EmptyCommit()
                     if isinstance(cs_cache, BaseChangeset):
                         cs_cache = cs_cache.__json__()
                     def is_outdated(new_cs_cache):
                         if (new_cs_cache['raw_id'] != self.changeset_cache['raw_id'] or
                             new_cs_cache['revision'] != self.changeset_cache['revision']):
                             return True
                         return False
                     # check if we have maybe already latest cached revision
                     if is_outdated(cs_cache) or not self.changeset_cache:
                         _current_datetime = datetime.datetime.utcnow()
                         last_change = cs_cache.get('date') or _current_datetime
                         # we check if last update is newer than the new value
                         # if yes, we use the current timestamp instead. Imagine you get
                         # old commit pushed 1y ago, we'd set last update 1y to ago.
                         last_change_timestamp = datetime_to_time(last_change)
                         current_timestamp = datetime_to_time(last_change)
                         if last_change_timestamp > current_timestamp and not empty:
                             cs_cache['date'] = _current_datetime
                         _date_latest = parse_datetime(cs_cache.get('date') or empty_date)
                         cs_cache['updated_on'] = time.time()
                         self.changeset_cache = cs_cache
                         self.updated_on = last_change
                         Session().add(self)
                         Session().commit()
                     else:
                         if empty:
                             cs_cache = EmptyCommit().__json__()
                         else:
                             cs_cache = self.changeset_cache
                         _date_latest = parse_datetime(cs_cache.get('date') or empty_date)
                         cs_cache['updated_on'] = time.time()
                         self.changeset_cache = cs_cache
                         self.updated_on = _date_latest
                         Session().add(self)
                         Session().commit()
                     log.debug('updated repo `%s` with new commit cache %s, and last update_date: %s',
                               self.repo_name, cs_cache, _date_latest)
                 @property
                 def tip(self):
                     return self.get_commit('tip')
                 @property
                 def author(self):
                     return self.tip.author
                 @property
                 def last_change(self):
                     return self.scm_instance().last_change
                 def get_comments(self, revisions=None):
                     """
                     Returns comments for this repository grouped by revisions
                     :param revisions: filter query by revisions only
                     """
                     cmts = ChangesetComment.query()\
                         .filter(ChangesetComment.repo == self)
                     if revisions:
                         cmts = cmts.filter(ChangesetComment.revision.in_(revisions))
                     grouped = collections.defaultdict(list)
                     for cmt in cmts.all():
                         grouped[cmt.revision].append(cmt)
                     return grouped
                 def statuses(self, revisions=None):
                     """
                     Returns statuses for this repository
                     :param revisions: list of revisions to get statuses for
                     """
                     statuses = ChangesetStatus.query()\
                         .filter(ChangesetStatus.repo == self)\
                         .filter(ChangesetStatus.version == 0)
                     if revisions:
                         # Try doing the filtering in chunks to avoid hitting limits
                         size = 500
                         status_results = []
                         for chunk in xrange(0, len(revisions), size):
                             status_results += statuses.filter(
                                 ChangesetStatus.revision.in_(
                                     revisions[chunk: chunk+size])
                             ).all()
                     else:
                         status_results = statuses.all()
                     grouped = {}
                     # maybe we have open new pullrequest without a status?
                     stat = ChangesetStatus.STATUS_UNDER_REVIEW
                     status_lbl = ChangesetStatus.get_status_lbl(stat)
                     for pr in PullRequest.query().filter(PullRequest.source_repo == self).all():
                         for rev in pr.revisions:
                             pr_id = pr.pull_request_id
                             pr_repo = pr.target_repo.repo_name
                             grouped[rev] = [stat, status_lbl, pr_id, pr_repo]
                     for stat in status_results:
                         pr_id = pr_repo = None
                         if stat.pull_request:
                             pr_id = stat.pull_request.pull_request_id
                             pr_repo = stat.pull_request.target_repo.repo_name
                         grouped[stat.revision] = [str(stat.status), stat.status_lbl,
                                                   pr_id, pr_repo]
                     return grouped
                 # ==========================================================================
                 # SCM CACHE INSTANCE
                 # ==========================================================================
                 def scm_instance(self, **kwargs):
                     import rhodecode
                     # Passing a config will not hit the cache currently only used
                     # for repo2dbmapper
                     config = kwargs.pop('config', None)
                     cache = kwargs.pop('cache', None)
                     vcs_full_cache = kwargs.pop('vcs_full_cache', None)
                     if vcs_full_cache is not None:
                         # allows override global config
                         full_cache = vcs_full_cache
                     else:
                         full_cache = str2bool(rhodecode.CONFIG.get('vcs_full_cache'))
                     # if cache is NOT defined use default global, else we have a full
                     # control over cache behaviour
                     if cache is None and full_cache and not config:
                         log.debug('Initializing pure cached instance for %s', self.repo_path)
                         return self._get_instance_cached()
                     # cache here is sent to the "vcs server"
                     return self._get_instance(cache=bool(cache), config=config)
                 def _get_instance_cached(self):
                     from rhodecode.lib import rc_cache
                     cache_namespace_uid = 'cache_repo_instance.{}'.format(self.repo_id)
                     invalidation_namespace = CacheKey.REPO_INVALIDATION_NAMESPACE.format(
                         repo_id=self.repo_id)
                     region = rc_cache.get_or_create_region('cache_repo_longterm', cache_namespace_uid)
                     @region.conditional_cache_on_arguments(namespace=cache_namespace_uid)
                     def get_instance_cached(repo_id, context_id, _cache_state_uid):
                         return self._get_instance(repo_state_uid=_cache_state_uid)
                     # we must use thread scoped cache here,
                     # because each thread of gevent needs it's own not shared connection and cache
                     # we also alter `args` so the cache key is individual for every green thread.
                     inv_context_manager = rc_cache.InvalidationContext(
                         uid=cache_namespace_uid, invalidation_namespace=invalidation_namespace,
                         thread_scoped=True)
                     with inv_context_manager as invalidation_context:
                         cache_state_uid = invalidation_context.cache_data['cache_state_uid']
                         args = (self.repo_id, inv_context_manager.cache_key, cache_state_uid)
                         # re-compute and store cache if we get invalidate signal
                         if invalidation_context.should_invalidate():
                             instance = get_instance_cached.refresh(*args)
                         else:
                             instance = get_instance_cached(*args)
                         log.debug('Repo instance fetched in %.4fs', inv_context_manager.compute_time)
                         return instance
                 def _get_instance(self, cache=True, config=None, repo_state_uid=None):
                     log.debug('Initializing %s instance `%s` with cache flag set to: %s',
                               self.repo_type, self.repo_path, cache)
                     config = config or self._config
                     custom_wire = {
                         'cache': cache,  # controls the vcs.remote cache
                         'repo_state_uid': repo_state_uid
                     }
                     repo = get_vcs_instance(
                         repo_path=safe_str(self.repo_full_path),
                         config=config,
                         with_wire=custom_wire,
                         create=False,
                         _vcs_alias=self.repo_type)
                     if repo is not None:
                         repo.count()  # cache rebuild
                     return repo
                 def get_shadow_repository_path(self, workspace_id):
                     from rhodecode.lib.vcs.backends.base import BaseRepository
                     shadow_repo_path = BaseRepository._get_shadow_repository_path(
                         self.repo_full_path, self.repo_id, workspace_id)
                     return shadow_repo_path
                 def __json__(self):
                     return {'landing_rev': self.landing_rev}
                 def get_dict(self):
                     # Since we transformed `repo_name` to a hybrid property, we need to
                     # keep compatibility with the code which uses `repo_name` field.
                     result = super(Repository, self).get_dict()
                     result['repo_name'] = result.pop('_repo_name', None)
                     return result
             class RepoGroup(Base, BaseModel):
                 __tablename__ = 'groups'
                 __table_args__ = (
                     UniqueConstraint('group_name', 'group_parent_id'),
                     base_table_args,
                 )
                 __mapper_args__ = {'order_by': 'group_name'}
                 CHOICES_SEPARATOR = '/'  # used to generate select2 choices for nested groups
                 group_id = Column("group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 _group_name = Column("group_name", String(255), nullable=False, unique=True, default=None)
                 group_name_hash = Column("repo_group_name_hash", String(1024), nullable=False, unique=False)
                 group_parent_id = Column("group_parent_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)
                 group_description = Column("group_description", String(10000), nullable=True, unique=None, default=None)
                 enable_locking = Column("enable_locking", Boolean(), nullable=False, unique=None, default=False)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
                 personal = Column('personal', Boolean(), nullable=True, unique=None, default=None)
                 _changeset_cache = Column("changeset_cache", LargeBinary(), nullable=True)  # JSON data
                 repo_group_to_perm = relationship('UserRepoGroupToPerm', cascade='all', order_by='UserRepoGroupToPerm.group_to_perm_id')
                 users_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')
                 parent_group = relationship('RepoGroup', remote_side=group_id)
                 user = relationship('User')
                 integrations = relationship('Integration', cascade="all, delete-orphan")
                 # no cascade, set NULL
                 scope_artifacts = relationship('FileStore', primaryjoin='FileStore.scope_repo_group_id==RepoGroup.group_id')
                 def __init__(self, group_name='', parent_group=None):
                     self.group_name = group_name
                     self.parent_group = parent_group
                 def __unicode__(self):
                     return u"<%s('id:%s:%s')>" % (
                         self.__class__.__name__, self.group_id, self.group_name)
                 @hybrid_property
                 def group_name(self):
                     return self._group_name
                 @group_name.setter
                 def group_name(self, value):
                     self._group_name = value
                     self.group_name_hash = self.hash_repo_group_name(value)
                 @classmethod
                 def _load_changeset_cache(cls, repo_id, changeset_cache_raw):
                     from rhodecode.lib.vcs.backends.base import EmptyCommit
                     dummy = EmptyCommit().__json__()
                     if not changeset_cache_raw:
                         dummy['source_repo_id'] = repo_id
                         return json.loads(json.dumps(dummy))
                     try:
                         return json.loads(changeset_cache_raw)
                     except TypeError:
                         return dummy
                     except Exception:
                         log.error(traceback.format_exc())
                         return dummy
                 @hybrid_property
                 def changeset_cache(self):
                     return self._load_changeset_cache('', self._changeset_cache)
                 @changeset_cache.setter
                 def changeset_cache(self, val):
                     try:
                         self._changeset_cache = json.dumps(val)
                     except Exception:
                         log.error(traceback.format_exc())
                 @validates('group_parent_id')
                 def validate_group_parent_id(self, key, val):
                     """
                     Check cycle references for a parent group to self
                     """
                     if self.group_id and val:
                         assert val != self.group_id
                     return val
                 @hybrid_property
                 def description_safe(self):
                     from rhodecode.lib import helpers as h
                     return h.escape(self.group_description)
                 @classmethod
                 def hash_repo_group_name(cls, repo_group_name):
                     val = remove_formatting(repo_group_name)
                     val = safe_str(val).lower()
                     chars = []
                     for c in val:
                         if c not in string.ascii_letters:
                             c = str(ord(c))
                         chars.append(c)
                     return ''.join(chars)
                 @classmethod
                 def _generate_choice(cls, repo_group):
                     from webhelpers2.html import literal as _literal
                     _name = lambda k: _literal(cls.CHOICES_SEPARATOR.join(k))
                     return repo_group.group_id, _name(repo_group.full_path_splitted)
                 @classmethod
                 def groups_choices(cls, groups=None, show_empty_group=True):
                     if not groups:
                         groups = cls.query().all()
                     repo_groups = []
                     if show_empty_group:
                         repo_groups = [(-1, u'-- %s --' % _('No parent'))]
                     repo_groups.extend([cls._generate_choice(x) for x in groups])
                     repo_groups = sorted(
                         repo_groups, key=lambda t: t[1].split(cls.CHOICES_SEPARATOR)[0])
                     return repo_groups
                 @classmethod
                 def url_sep(cls):
                     return URL_SEP
                 @classmethod
                 def get_by_group_name(cls, group_name, cache=False, case_insensitive=False):
                     if case_insensitive:
                         gr = cls.query().filter(func.lower(cls.group_name)
                                                 == func.lower(group_name))
                     else:
                         gr = cls.query().filter(cls.group_name == group_name)
                     if cache:
                         name_key = _hash_key(group_name)
                         gr = gr.options(
                             FromCache("sql_cache_short", "get_group_%s" % name_key))
                     return gr.scalar()
                 @classmethod
                 def get_user_personal_repo_group(cls, user_id):
                     user = User.get(user_id)
                     if user.username == User.DEFAULT_USER:
                         return None
                     return cls.query()\
                         .filter(cls.personal == true()) \
                         .filter(cls.user == user) \
                         .order_by(cls.group_id.asc()) \
                         .first()
                 @classmethod
                 def get_all_repo_groups(cls, user_id=Optional(None), group_id=Optional(None),
                                         case_insensitive=True):
                     q = RepoGroup.query()
                     if not isinstance(user_id, Optional):
                         q = q.filter(RepoGroup.user_id == user_id)
                     if not isinstance(group_id, Optional):
                         q = q.filter(RepoGroup.group_parent_id == group_id)
                     if case_insensitive:
                         q = q.order_by(func.lower(RepoGroup.group_name))
                     else:
                         q = q.order_by(RepoGroup.group_name)
                     return q.all()
                 @property
                 def parents(self, parents_recursion_limit=10):
                     groups = []
                     if self.parent_group is None:
                         return groups
                     cur_gr = self.parent_group
                     groups.insert(0, cur_gr)
                     cnt = 0
                     while 1:
                         cnt += 1
                         gr = getattr(cur_gr, 'parent_group', None)
                         cur_gr = cur_gr.parent_group
                         if gr is None:
                             break
                         if cnt == parents_recursion_limit:
                             # this will prevent accidental infinit loops
                             log.error('more than %s parents found for group %s, stopping '
                                       'recursive parent fetching', parents_recursion_limit, self)
                             break
                         groups.insert(0, gr)
                     return groups
                 @property
                 def last_commit_cache_update_diff(self):
                     return time.time() - (safe_int(self.changeset_cache.get('updated_on')) or 0)
                 @classmethod
                 def _load_commit_change(cls, last_commit_cache):
                     from rhodecode.lib.vcs.utils.helpers import parse_datetime
                     empty_date = datetime.datetime.fromtimestamp(0)
                     date_latest = last_commit_cache.get('date', empty_date)
                     try:
                         return parse_datetime(date_latest)
                     except Exception:
                         return empty_date
                 @property
                 def last_commit_change(self):
                     return self._load_commit_change(self.changeset_cache)
                 @property
                 def last_db_change(self):
                     return self.updated_on
                 @property
                 def children(self):
                     return RepoGroup.query().filter(RepoGroup.parent_group == self)
                 @property
                 def name(self):
                     return self.group_name.split(RepoGroup.url_sep())[-1]
                 @property
                 def full_path(self):
                     return self.group_name
                 @property
                 def full_path_splitted(self):
                     return self.group_name.split(RepoGroup.url_sep())
                 @property
                 def repositories(self):
                     return Repository.query()\
                             .filter(Repository.group == self)\
                             .order_by(Repository.repo_name)
                 @property
                 def repositories_recursive_count(self):
                     cnt = self.repositories.count()
                     def children_count(group):
                         cnt = 0
                         for child in group.children:
                             cnt += child.repositories.count()
                             cnt += children_count(child)
                         return cnt
                     return cnt + children_count(self)
                 def _recursive_objects(self, include_repos=True, include_groups=True):
                     all_ = []
                     def _get_members(root_gr):
                         if include_repos:
                             for r in root_gr.repositories:
                                 all_.append(r)
                         childs = root_gr.children.all()
                         if childs:
                             for gr in childs:
                                 if include_groups:
                                     all_.append(gr)
                                 _get_members(gr)
                     root_group = []
                     if include_groups:
                         root_group = [self]
                     _get_members(self)
                     return root_group + all_
                 def recursive_groups_and_repos(self):
                     """
                     Recursive return all groups, with repositories in those groups
                     """
                     return self._recursive_objects()
                 def recursive_groups(self):
                     """
                     Returns all children groups for this group including children of children
                     """
                     return self._recursive_objects(include_repos=False)
                 def recursive_repos(self):
                     """
                     Returns all children repositories for this group
                     """
                     return self._recursive_objects(include_groups=False)
                 def get_new_name(self, group_name):
                     """
                     returns new full group name based on parent and new name
                     :param group_name:
                     """
                     path_prefix = (self.parent_group.full_path_splitted if
                                    self.parent_group else [])
                     return RepoGroup.url_sep().join(path_prefix + [group_name])
                 def update_commit_cache(self, config=None):
                     """
                     Update cache of last commit for newest repository inside this repository group.
                     cache_keys should be::
                         source_repo_id
                         short_id
                         raw_id
                         revision
                         parents
                         message
                         date
                         author
                     """
                     from rhodecode.lib.vcs.utils.helpers import parse_datetime
                     empty_date = datetime.datetime.fromtimestamp(0)
                     def repo_groups_and_repos(root_gr):
                         for _repo in root_gr.repositories:
                             yield _repo
                         for child_group in root_gr.children.all():
                             yield child_group
                     latest_repo_cs_cache = {}
                     for obj in repo_groups_and_repos(self):
                         repo_cs_cache = obj.changeset_cache
                         date_latest = latest_repo_cs_cache.get('date', empty_date)
                         date_current = repo_cs_cache.get('date', empty_date)
                         current_timestamp = datetime_to_time(parse_datetime(date_latest))
                         if current_timestamp < datetime_to_time(parse_datetime(date_current)):
                             latest_repo_cs_cache = repo_cs_cache
                             if hasattr(obj, 'repo_id'):
                                 latest_repo_cs_cache['source_repo_id'] = obj.repo_id
                             else:
                                 latest_repo_cs_cache['source_repo_id'] = repo_cs_cache.get('source_repo_id')
                     _date_latest = parse_datetime(latest_repo_cs_cache.get('date') or empty_date)
                     latest_repo_cs_cache['updated_on'] = time.time()
                     self.changeset_cache = latest_repo_cs_cache
                     self.updated_on = _date_latest
                     Session().add(self)
                     Session().commit()
                     log.debug('updated repo group `%s` with new commit cache %s, and last update_date: %s',
                               self.group_name, latest_repo_cs_cache, _date_latest)
                 def permissions(self, with_admins=True, with_owner=True,
                                 expand_from_user_groups=False):
                     """
                     Permissions for repository groups
                     """
                     _admin_perm = 'group.admin'
                     owner_row = []
                     if with_owner:
                         usr = AttributeDict(self.user.get_dict())
                         usr.owner_row = True
                         usr.permission = _admin_perm
                         owner_row.append(usr)
                     super_admin_ids = []
                     super_admin_rows = []
                     if with_admins:
                         for usr in User.get_all_super_admins():
                             super_admin_ids.append(usr.user_id)
                             # if this admin is also owner, don't double the record
                             if usr.user_id == owner_row[0].user_id:
                                 owner_row[0].admin_row = True
                             else:
                                 usr = AttributeDict(usr.get_dict())
                                 usr.admin_row = True
                                 usr.permission = _admin_perm
                                 super_admin_rows.append(usr)
                     q = UserRepoGroupToPerm.query().filter(UserRepoGroupToPerm.group == self)
                     q = q.options(joinedload(UserRepoGroupToPerm.group),
                                   joinedload(UserRepoGroupToPerm.user),
                                   joinedload(UserRepoGroupToPerm.permission),)
                     # get owners and admins and permissions. We do a trick of re-writing
                     # objects from sqlalchemy to named-tuples due to sqlalchemy session
                     # has a global reference and changing one object propagates to all
                     # others. This means if admin is also an owner admin_row that change
                     # would propagate to both objects
                     perm_rows = []
                     for _usr in q.all():
                         usr = AttributeDict(_usr.user.get_dict())
                         # if this user is also owner/admin, mark as duplicate record
                         if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
                             usr.duplicate_perm = True
                         usr.permission = _usr.permission.permission_name
                         perm_rows.append(usr)
                     # filter the perm rows by 'default' first and then sort them by
                     # admin,write,read,none permissions sorted again alphabetically in
                     # each group
                     perm_rows = sorted(perm_rows, key=display_user_sort)
                     user_groups_rows = []
                     if expand_from_user_groups:
                         for ug in self.permission_user_groups(with_members=True):
                             for user_data in ug.members:
                                 user_groups_rows.append(user_data)
                     return super_admin_rows + owner_row + perm_rows + user_groups_rows
                 def permission_user_groups(self, with_members=False):
                     q = UserGroupRepoGroupToPerm.query()\
                         .filter(UserGroupRepoGroupToPerm.group == self)
                     q = q.options(joinedload(UserGroupRepoGroupToPerm.group),
                                   joinedload(UserGroupRepoGroupToPerm.users_group),
                                   joinedload(UserGroupRepoGroupToPerm.permission),)
                     perm_rows = []
                     for _user_group in q.all():
                         entry = AttributeDict(_user_group.users_group.get_dict())
                         entry.permission = _user_group.permission.permission_name
                         if with_members:
                             entry.members = [x.user.get_dict()
                                              for x in _user_group.users_group.members]
                         perm_rows.append(entry)
                     perm_rows = sorted(perm_rows, key=display_user_group_sort)
                     return perm_rows
                 def get_api_data(self):
                     """
                     Common function for generating api data
                     """
                     group = self
                     data = {
                         'group_id': group.group_id,
                         'group_name': group.group_name,
                         'group_description': group.description_safe,
                         'parent_group': group.parent_group.group_name if group.parent_group else None,
                         'repositories': [x.repo_name for x in group.repositories],
                         'owner': group.user.username,
                     }
                     return data
                 def get_dict(self):
                     # Since we transformed `group_name` to a hybrid property, we need to
                     # keep compatibility with the code which uses `group_name` field.
                     result = super(RepoGroup, self).get_dict()
                     result['group_name'] = result.pop('_group_name', None)
                     return result
             class Permission(Base, BaseModel):
                 __tablename__ = 'permissions'
                 __table_args__ = (
                     Index('p_perm_name_idx', 'permission_name'),
                     base_table_args,
                 )
                 PERMS = [
                     ('hg.admin', _('RhodeCode Super Administrator')),
                     ('repository.none', _('Repository no access')),
                     ('repository.read', _('Repository read access')),
                     ('repository.write', _('Repository write access')),
                     ('repository.admin', _('Repository admin access')),
                     ('group.none', _('Repository group no access')),
                     ('group.read', _('Repository group read access')),
                     ('group.write', _('Repository group write access')),
                     ('group.admin', _('Repository group admin access')),
                     ('usergroup.none', _('User group no access')),
                     ('usergroup.read', _('User group read access')),
                     ('usergroup.write', _('User group write access')),
                     ('usergroup.admin', _('User group admin access')),
                     ('branch.none', _('Branch no permissions')),
                     ('branch.merge', _('Branch access by web merge')),
                     ('branch.push', _('Branch access by push')),
                     ('branch.push_force', _('Branch access by push with force')),
                     ('hg.repogroup.create.false', _('Repository Group creation disabled')),
                     ('hg.repogroup.create.true', _('Repository Group creation enabled')),
                     ('hg.usergroup.create.false', _('User Group creation disabled')),
                     ('hg.usergroup.create.true', _('User Group creation enabled')),
                     ('hg.create.none', _('Repository creation disabled')),
                     ('hg.create.repository', _('Repository creation enabled')),
                     ('hg.create.write_on_repogroup.true', _('Repository creation enabled with write permission to a repository group')),
                     ('hg.create.write_on_repogroup.false', _('Repository creation disabled with write permission to a repository group')),
                     ('hg.fork.none', _('Repository forking disabled')),
                     ('hg.fork.repository', _('Repository forking enabled')),
                     ('hg.register.none', _('Registration disabled')),
                     ('hg.register.manual_activate', _('User Registration with manual account activation')),
                     ('hg.register.auto_activate', _('User Registration with automatic account activation')),
                     ('hg.password_reset.enabled', _('Password reset enabled')),
                     ('hg.password_reset.hidden', _('Password reset hidden')),
                     ('hg.password_reset.disabled', _('Password reset disabled')),
                     ('hg.extern_activate.manual', _('Manual activation of external account')),
                     ('hg.extern_activate.auto', _('Automatic activation of external account')),
                     ('hg.inherit_default_perms.false', _('Inherit object permissions from default user disabled')),
                     ('hg.inherit_default_perms.true', _('Inherit object permissions from default user enabled')),
                 ]
                 # definition of system default permissions for DEFAULT user, created on
                 # system setup
                 DEFAULT_USER_PERMISSIONS = [
                     # object perms
                     'repository.read',
                     'group.read',
                     'usergroup.read',
                     # branch, for backward compat we need same value as before so forced pushed
                     'branch.push_force',
                     # global
                     'hg.create.repository',
                     'hg.repogroup.create.false',
                     'hg.usergroup.create.false',
                     'hg.create.write_on_repogroup.true',
                     'hg.fork.repository',
                     'hg.register.manual_activate',
                     'hg.password_reset.enabled',
                     'hg.extern_activate.auto',
                     'hg.inherit_default_perms.true',
                 ]
                 # defines which permissions are more important higher the more important
                 # Weight defines which permissions are more important.
                 # The higher number the more important.
                 PERM_WEIGHTS = {
                     'repository.none': 0,
                     'repository.read': 1,
                     'repository.write': 3,
                     'repository.admin': 4,
                     'group.none': 0,
                     'group.read': 1,
                     'group.write': 3,
                     'group.admin': 4,
                     'usergroup.none': 0,
                     'usergroup.read': 1,
                     'usergroup.write': 3,
                     'usergroup.admin': 4,
                     'branch.none': 0,
                     'branch.merge': 1,
                     'branch.push': 3,
                     'branch.push_force': 4,
                     'hg.repogroup.create.false': 0,
                     'hg.repogroup.create.true': 1,
                     'hg.usergroup.create.false': 0,
                     'hg.usergroup.create.true': 1,
                     'hg.fork.none': 0,
                     'hg.fork.repository': 1,
                     'hg.create.none': 0,
                     'hg.create.repository': 1
                 }
                 permission_id = Column("permission_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 permission_name = Column("permission_name", String(255), nullable=True, unique=None, default=None)
                 permission_longname = Column("permission_longname", String(255), nullable=True, unique=None, default=None)
                 def __unicode__(self):
                     return u"<%s('%s:%s')>" % (
                         self.__class__.__name__, self.permission_id, self.permission_name
                     )
                 @classmethod
                 def get_by_key(cls, key):
                     return cls.query().filter(cls.permission_name == key).scalar()
                 @classmethod
                 def get_default_repo_perms(cls, user_id, repo_id=None):
                     q = Session().query(UserRepoToPerm, Repository, Permission)\
                         .join((Permission, UserRepoToPerm.permission_id == Permission.permission_id))\
                         .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\
                         .filter(UserRepoToPerm.user_id == user_id)
                     if repo_id:
                         q = q.filter(UserRepoToPerm.repository_id == repo_id)
                     return q.all()
                 @classmethod
                 def get_default_repo_branch_perms(cls, user_id, repo_id=None):
                     q = Session().query(UserToRepoBranchPermission, UserRepoToPerm, Permission) \
                         .join(
                             Permission,
                             UserToRepoBranchPermission.permission_id == Permission.permission_id) \
                         .join(
                             UserRepoToPerm,
                             UserToRepoBranchPermission.rule_to_perm_id == UserRepoToPerm.repo_to_perm_id) \
                         .filter(UserRepoToPerm.user_id == user_id)
                     if repo_id:
                         q = q.filter(UserToRepoBranchPermission.repository_id == repo_id)
                     return q.order_by(UserToRepoBranchPermission.rule_order).all()
                 @classmethod
                 def get_default_repo_perms_from_user_group(cls, user_id, repo_id=None):
                     q = Session().query(UserGroupRepoToPerm, Repository, Permission)\
                         .join(
                             Permission,
                             UserGroupRepoToPerm.permission_id == Permission.permission_id)\
                         .join(
                             Repository,
                             UserGroupRepoToPerm.repository_id == Repository.repo_id)\
                         .join(
                             UserGroup,
                             UserGroupRepoToPerm.users_group_id ==
                             UserGroup.users_group_id)\
                         .join(
                             UserGroupMember,
                             UserGroupRepoToPerm.users_group_id ==
                             UserGroupMember.users_group_id)\
                         .filter(
                             UserGroupMember.user_id == user_id,
                             UserGroup.users_group_active == true())
                     if repo_id:
                         q = q.filter(UserGroupRepoToPerm.repository_id == repo_id)
                     return q.all()
                 @classmethod
                 def get_default_repo_branch_perms_from_user_group(cls, user_id, repo_id=None):
                     q = Session().query(UserGroupToRepoBranchPermission, UserGroupRepoToPerm, Permission) \
                         .join(
                             Permission,
                             UserGroupToRepoBranchPermission.permission_id == Permission.permission_id) \
                         .join(
                             UserGroupRepoToPerm,
                             UserGroupToRepoBranchPermission.rule_to_perm_id == UserGroupRepoToPerm.users_group_to_perm_id) \
                         .join(
                             UserGroup,
                             UserGroupRepoToPerm.users_group_id == UserGroup.users_group_id) \
                         .join(
                             UserGroupMember,
                             UserGroupRepoToPerm.users_group_id == UserGroupMember.users_group_id) \
                         .filter(
                             UserGroupMember.user_id == user_id,
                             UserGroup.users_group_active == true())
                     if repo_id:
                         q = q.filter(UserGroupToRepoBranchPermission.repository_id == repo_id)
                     return q.order_by(UserGroupToRepoBranchPermission.rule_order).all()
                 @classmethod
                 def get_default_group_perms(cls, user_id, repo_group_id=None):
                     q = Session().query(UserRepoGroupToPerm, RepoGroup, Permission)\
                         .join(
                             Permission,
                             UserRepoGroupToPerm.permission_id == Permission.permission_id)\
                         .join(
                             RepoGroup,
                             UserRepoGroupToPerm.group_id == RepoGroup.group_id)\
                         .filter(UserRepoGroupToPerm.user_id == user_id)
                     if repo_group_id:
                         q = q.filter(UserRepoGroupToPerm.group_id == repo_group_id)
                     return q.all()
                 @classmethod
                 def get_default_group_perms_from_user_group(
                         cls, user_id, repo_group_id=None):
                     q = Session().query(UserGroupRepoGroupToPerm, RepoGroup, Permission)\
                         .join(
                             Permission,
                             UserGroupRepoGroupToPerm.permission_id ==
                             Permission.permission_id)\
                         .join(
                             RepoGroup,
                             UserGroupRepoGroupToPerm.group_id == RepoGroup.group_id)\
                         .join(
                             UserGroup,
                             UserGroupRepoGroupToPerm.users_group_id ==
                             UserGroup.users_group_id)\
                         .join(
                             UserGroupMember,
                             UserGroupRepoGroupToPerm.users_group_id ==
                             UserGroupMember.users_group_id)\
                         .filter(
                             UserGroupMember.user_id == user_id,
                             UserGroup.users_group_active == true())
                     if repo_group_id:
                         q = q.filter(UserGroupRepoGroupToPerm.group_id == repo_group_id)
                     return q.all()
                 @classmethod
                 def get_default_user_group_perms(cls, user_id, user_group_id=None):
                     q = Session().query(UserUserGroupToPerm, UserGroup, Permission)\
                         .join((Permission, UserUserGroupToPerm.permission_id == Permission.permission_id))\
                         .join((UserGroup, UserUserGroupToPerm.user_group_id == UserGroup.users_group_id))\
                         .filter(UserUserGroupToPerm.user_id == user_id)
                     if user_group_id:
                         q = q.filter(UserUserGroupToPerm.user_group_id == user_group_id)
                     return q.all()
                 @classmethod
                 def get_default_user_group_perms_from_user_group(
                         cls, user_id, user_group_id=None):
                     TargetUserGroup = aliased(UserGroup, name='target_user_group')
                     q = Session().query(UserGroupUserGroupToPerm, UserGroup, Permission)\
                         .join(
                             Permission,
                             UserGroupUserGroupToPerm.permission_id ==
                             Permission.permission_id)\
                         .join(
                             TargetUserGroup,
                             UserGroupUserGroupToPerm.target_user_group_id ==
                             TargetUserGroup.users_group_id)\
                         .join(
                             UserGroup,
                             UserGroupUserGroupToPerm.user_group_id ==
                             UserGroup.users_group_id)\
                         .join(
                             UserGroupMember,
                             UserGroupUserGroupToPerm.user_group_id ==
                             UserGroupMember.users_group_id)\
                         .filter(
                             UserGroupMember.user_id == user_id,
                             UserGroup.users_group_active == true())
                     if user_group_id:
                         q = q.filter(
                             UserGroupUserGroupToPerm.user_group_id == user_group_id)
                     return q.all()
             class UserRepoToPerm(Base, BaseModel):
                 __tablename__ = 'repo_to_perm'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'repository_id', 'permission_id'),
                     base_table_args
                 )
                 repo_to_perm_id = Column("repo_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
                 user = relationship('User')
                 repository = relationship('Repository')
                 permission = relationship('Permission')
                 branch_perm_entry = relationship('UserToRepoBranchPermission', cascade="all, delete-orphan", lazy='joined')
                 @classmethod
                 def create(cls, user, repository, permission):
                     n = cls()
                     n.user = user
                     n.repository = repository
                     n.permission = permission
                     Session().add(n)
                     return n
                 def __unicode__(self):
                     return u'<%s => %s >' % (self.user, self.repository)
             class UserUserGroupToPerm(Base, BaseModel):
                 __tablename__ = 'user_user_group_to_perm'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'user_group_id', 'permission_id'),
                     base_table_args
                 )
                 user_user_group_to_perm_id = Column("user_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 user = relationship('User')
                 user_group = relationship('UserGroup')
                 permission = relationship('Permission')
                 @classmethod
                 def create(cls, user, user_group, permission):
                     n = cls()
                     n.user = user
                     n.user_group = user_group
                     n.permission = permission
                     Session().add(n)
                     return n
                 def __unicode__(self):
                     return u'<%s => %s >' % (self.user, self.user_group)
             class UserToPerm(Base, BaseModel):
                 __tablename__ = 'user_to_perm'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'permission_id'),
                     base_table_args
                 )
                 user_to_perm_id = Column("user_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 user = relationship('User')
                 permission = relationship('Permission', lazy='joined')
                 def __unicode__(self):
                     return u'<%s => %s >' % (self.user, self.permission)
             class UserGroupRepoToPerm(Base, BaseModel):
                 __tablename__ = 'users_group_repo_to_perm'
                 __table_args__ = (
                     UniqueConstraint('repository_id', 'users_group_id', 'permission_id'),
                     base_table_args
                 )
                 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
                 users_group = relationship('UserGroup')
                 permission = relationship('Permission')
                 repository = relationship('Repository')
                 user_group_branch_perms = relationship('UserGroupToRepoBranchPermission', cascade='all')
                 @classmethod
                 def create(cls, users_group, repository, permission):
                     n = cls()
                     n.users_group = users_group
                     n.repository = repository
                     n.permission = permission
                     Session().add(n)
                     return n
                 def __unicode__(self):
                     return u'<UserGroupRepoToPerm:%s => %s >' % (self.users_group, self.repository)
             class UserGroupUserGroupToPerm(Base, BaseModel):
                 __tablename__ = 'user_group_user_group_to_perm'
                 __table_args__ = (
                     UniqueConstraint('target_user_group_id', 'user_group_id', 'permission_id'),
                     CheckConstraint('target_user_group_id != user_group_id'),
                     base_table_args
                 )
                 user_group_user_group_to_perm_id = Column("user_group_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 target_user_group_id = Column("target_user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 target_user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id')
                 user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.user_group_id==UserGroup.users_group_id')
                 permission = relationship('Permission')
                 @classmethod
                 def create(cls, target_user_group, user_group, permission):
                     n = cls()
                     n.target_user_group = target_user_group
                     n.user_group = user_group
                     n.permission = permission
                     Session().add(n)
                     return n
                 def __unicode__(self):
                     return u'<UserGroupUserGroup:%s => %s >' % (self.target_user_group, self.user_group)
             class UserGroupToPerm(Base, BaseModel):
                 __tablename__ = 'users_group_to_perm'
                 __table_args__ = (
                     UniqueConstraint('users_group_id', 'permission_id',),
                     base_table_args
                 )
                 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 users_group = relationship('UserGroup')
                 permission = relationship('Permission')
             class UserRepoGroupToPerm(Base, BaseModel):
                 __tablename__ = 'user_repo_group_to_perm'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'group_id', 'permission_id'),
                     base_table_args
                 )
                 group_to_perm_id = Column("group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 user = relationship('User')
                 group = relationship('RepoGroup')
                 permission = relationship('Permission')
                 @classmethod
                 def create(cls, user, repository_group, permission):
                     n = cls()
                     n.user = user
                     n.group = repository_group
                     n.permission = permission
                     Session().add(n)
                     return n
             class UserGroupRepoGroupToPerm(Base, BaseModel):
                 __tablename__ = 'users_group_repo_group_to_perm'
                 __table_args__ = (
                     UniqueConstraint('users_group_id', 'group_id'),
                     base_table_args
                 )
                 users_group_repo_group_to_perm_id = Column("users_group_repo_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 users_group = relationship('UserGroup')
                 permission = relationship('Permission')
                 group = relationship('RepoGroup')
                 @classmethod
                 def create(cls, user_group, repository_group, permission):
                     n = cls()
                     n.users_group = user_group
                     n.group = repository_group
                     n.permission = permission
                     Session().add(n)
                     return n
                 def __unicode__(self):
                     return u'<UserGroupRepoGroupToPerm:%s => %s >' % (self.users_group, self.group)
             class Statistics(Base, BaseModel):
                 __tablename__ = 'statistics'
                 __table_args__ = (
                      base_table_args
                 )
                 stat_id = Column("stat_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=True, default=None)
                 stat_on_revision = Column("stat_on_revision", Integer(), nullable=False)
                 commit_activity = Column("commit_activity", LargeBinary(1000000), nullable=False)#JSON data
                 commit_activity_combined = Column("commit_activity_combined", LargeBinary(), nullable=False)#JSON data
                 languages = Column("languages", LargeBinary(1000000), nullable=False)#JSON data
                 repository = relationship('Repository', single_parent=True)
             class UserFollowing(Base, BaseModel):
                 __tablename__ = 'user_followings'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'follows_repository_id'),
                     UniqueConstraint('user_id', 'follows_user_id'),
                     base_table_args
                 )
                 user_following_id = Column("user_following_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 follows_repo_id = Column("follows_repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)
                 follows_user_id = Column("follows_user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
                 follows_from = Column('follows_from', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
                 user = relationship('User', primaryjoin='User.user_id==UserFollowing.user_id')
                 follows_user = relationship('User', primaryjoin='User.user_id==UserFollowing.follows_user_id')
                 follows_repository = relationship('Repository', order_by='Repository.repo_name')
                 @classmethod
                 def get_repo_followers(cls, repo_id):
                     return cls.query().filter(cls.follows_repo_id == repo_id)
             class CacheKey(Base, BaseModel):
                 __tablename__ = 'cache_invalidation'
                 __table_args__ = (
                     UniqueConstraint('cache_key'),
                     Index('key_idx', 'cache_key'),
                     base_table_args,
                 )
                 CACHE_TYPE_FEED = 'FEED'
                 # namespaces used to register process/thread aware caches
                 REPO_INVALIDATION_NAMESPACE = 'repo_cache:{repo_id}'
                 SETTINGS_INVALIDATION_NAMESPACE = 'system_settings'
                 cache_id = Column("cache_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 cache_key = Column("cache_key", String(255), nullable=True, unique=None, default=None)
                 cache_args = Column("cache_args", String(255), nullable=True, unique=None, default=None)
                 cache_state_uid = Column("cache_state_uid", String(255), nullable=True, unique=None, default=None)
                 cache_active = Column("cache_active", Boolean(), nullable=True, unique=None, default=False)
                 def __init__(self, cache_key, cache_args='', cache_state_uid=None):
                     self.cache_key = cache_key
                     self.cache_args = cache_args
                     self.cache_active = False
                     # first key should be same for all entries, since all workers should share it
                     self.cache_state_uid = cache_state_uid or self.generate_new_state_uid()
                 def __unicode__(self):
                     return u"<%s('%s:%s[%s]')>" % (
                         self.__class__.__name__,
                         self.cache_id, self.cache_key, self.cache_active)
                 def _cache_key_partition(self):
                     prefix, repo_name, suffix = self.cache_key.partition(self.cache_args)
                     return prefix, repo_name, suffix
                 def get_prefix(self):
                     """
                     Try to extract prefix from existing cache key. The key could consist
                     of prefix, repo_name, suffix
                     """
                     # this returns prefix, repo_name, suffix
                     return self._cache_key_partition()[0]
                 def get_suffix(self):
                     """
                     get suffix that might have been used in _get_cache_key to
                     generate self.cache_key. Only used for informational purposes
                     in repo_edit.mako.
                     """
                     # prefix, repo_name, suffix
                     return self._cache_key_partition()[2]
                 @classmethod
                 def generate_new_state_uid(cls, based_on=None):
                     if based_on:
                         return str(uuid.uuid5(uuid.NAMESPACE_URL, safe_str(based_on)))
                     else:
                         return str(uuid.uuid4())
                 @classmethod
                 def delete_all_cache(cls):
                     """
                     Delete all cache keys from database.
                     Should only be run when all instances are down and all entries
                     thus stale.
                     """
                     cls.query().delete()
                     Session().commit()
                 @classmethod
                 def set_invalidate(cls, cache_uid, delete=False):
                     """
                     Mark all caches of a repo as invalid in the database.
                     """
                     try:
                         qry = Session().query(cls).filter(cls.cache_args == cache_uid)
                         if delete:
                             qry.delete()
                             log.debug('cache objects deleted for cache args %s',
                                       safe_str(cache_uid))
                         else:
                             qry.update({"cache_active": False,
                                         "cache_state_uid": cls.generate_new_state_uid()})
                             log.debug('cache objects marked as invalid for cache args %s',
                                       safe_str(cache_uid))
                         Session().commit()
                     except Exception:
                         log.exception(
                             'Cache key invalidation failed for cache args %s',
                             safe_str(cache_uid))
                         Session().rollback()
                 @classmethod
                 def get_active_cache(cls, cache_key):
                     inv_obj = cls.query().filter(cls.cache_key == cache_key).scalar()
                     if inv_obj:
                         return inv_obj
                     return None
                 @classmethod
                 def get_namespace_map(cls, namespace):
                     return {
                         x.cache_key: x
                         for x in cls.query().filter(cls.cache_args == namespace)}
             class ChangesetComment(Base, BaseModel):
                 __tablename__ = 'changeset_comments'
                 __table_args__ = (
                     Index('cc_revision_idx', 'revision'),
                     base_table_args,
                 )
                 COMMENT_OUTDATED = u'comment_outdated'
                 COMMENT_TYPE_NOTE = u'note'
                 COMMENT_TYPE_TODO = u'todo'
                 COMMENT_TYPES = [COMMENT_TYPE_NOTE, COMMENT_TYPE_TODO]
                 OP_IMMUTABLE = u'immutable'
                 OP_CHANGEABLE = u'changeable'
                 comment_id = Column('comment_id', Integer(), nullable=False, primary_key=True)
                 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
                 revision = Column('revision', String(40), nullable=True)
                 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
                 pull_request_version_id = Column("pull_request_version_id", Integer(), ForeignKey('pull_request_versions.pull_request_version_id'), nullable=True)
                 line_no = Column('line_no', Unicode(10), nullable=True)
                 hl_lines = Column('hl_lines', Unicode(512), nullable=True)
                 f_path = Column('f_path', Unicode(1000), nullable=True)
                 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
                 text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 renderer = Column('renderer', Unicode(64), nullable=True)
                 display_state = Column('display_state',  Unicode(128), nullable=True)
                 immutable_state = Column('immutable_state', Unicode(128), nullable=True, default=OP_CHANGEABLE)
                 comment_type = Column('comment_type',  Unicode(128), nullable=True, default=COMMENT_TYPE_NOTE)
                 resolved_comment_id = Column('resolved_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'), nullable=True)
                 resolved_comment = relationship('ChangesetComment', remote_side=comment_id, back_populates='resolved_by')
                 resolved_by = relationship('ChangesetComment', back_populates='resolved_comment')
                 author = relationship('User', lazy='joined')
                 repo = relationship('Repository')
                 status_change = relationship('ChangesetStatus', cascade="all, delete-orphan", lazy='joined')
                 pull_request = relationship('PullRequest', lazy='joined')
                 pull_request_version = relationship('PullRequestVersion')
                 history = relationship('ChangesetCommentHistory', cascade='all, delete-orphan', lazy='joined', order_by='ChangesetCommentHistory.version')
                 @classmethod
                 def get_users(cls, revision=None, pull_request_id=None):
                     """
                     Returns user associated with this ChangesetComment. ie those
                     who actually commented
                     :param cls:
                     :param revision:
                     """
                     q = Session().query(User)\
                             .join(ChangesetComment.author)
                     if revision:
                         q = q.filter(cls.revision == revision)
                     elif pull_request_id:
                         q = q.filter(cls.pull_request_id == pull_request_id)
                     return q.all()
                 @classmethod
                 def get_index_from_version(cls, pr_version, versions):
                     num_versions = [x.pull_request_version_id for x in versions]
                     try:
                         return num_versions.index(pr_version) + 1
                     except (IndexError, ValueError):
                         return
                 @property
                 def outdated(self):
                     return self.display_state == self.COMMENT_OUTDATED
                 @property
                 def outdated_js(self):
                     return json.dumps(self.display_state == self.COMMENT_OUTDATED)
                 @property
                 def immutable(self):
                     return self.immutable_state == self.OP_IMMUTABLE
                 def outdated_at_version(self, version):
                     """
                     Checks if comment is outdated for given pull request version
                     """
                     def version_check():
                         return self.pull_request_version_id and self.pull_request_version_id != version
                     if self.is_inline:
                         return self.outdated and version_check()
                     else:
                         # general comments don't have .outdated set, also latest don't have a version
                         return version_check()
                 def outdated_at_version_js(self, version):
                     """
                     Checks if comment is outdated for given pull request version
                     """
                     return json.dumps(self.outdated_at_version(version))
                 def older_than_version(self, version):
                     """
                     Checks if comment is made from previous version than given
                     """
                     if version is None:
                         return self.pull_request_version != version
                     return self.pull_request_version < version
                 def older_than_version_js(self, version):
                     """
                     Checks if comment is made from previous version than given
                     """
                     return json.dumps(self.older_than_version(version))
                 @property
                 def commit_id(self):
                     """New style naming to stop using .revision"""
                     return self.revision
                 @property
                 def resolved(self):
                     return self.resolved_by[0] if self.resolved_by else None
                 @property
                 def is_todo(self):
                     return self.comment_type == self.COMMENT_TYPE_TODO
                 @property
                 def is_inline(self):
-                    return self.line_no and self.f_path
+                    if self.line_no and self.f_path:
+                        return True
+                    return False
                 @property
                 def last_version(self):
                     version = 0
                     if self.history:
                         version = self.history[-1].version
                     return version
                 def get_index_version(self, versions):
                     return self.get_index_from_version(
                         self.pull_request_version_id, versions)
                 def __repr__(self):
                     if self.comment_id:
                         return '<DB:Comment #%s>' % self.comment_id
                     else:
                         return '<DB:Comment at %#x>' % id(self)
                 def get_api_data(self):
                     comment = self
                     data = {
                         'comment_id': comment.comment_id,
                         'comment_type': comment.comment_type,
                         'comment_text': comment.text,
                         'comment_status': comment.status_change,
                         'comment_f_path': comment.f_path,
                         'comment_lineno': comment.line_no,
                         'comment_author': comment.author,
                         'comment_created_on': comment.created_on,
                         'comment_resolved_by': self.resolved,
                         'comment_commit_id': comment.revision,
                         'comment_pull_request_id': comment.pull_request_id,
                         'comment_last_version': self.last_version
                     }
                     return data
                 def __json__(self):
                     data = dict()
                     data.update(self.get_api_data())
                     return data
             class ChangesetCommentHistory(Base, BaseModel):
                 __tablename__ = 'changeset_comments_history'
                 __table_args__ = (
                     Index('cch_comment_id_idx', 'comment_id'),
                     base_table_args,
                 )
                 comment_history_id = Column('comment_history_id', Integer(), nullable=False, primary_key=True)
                 comment_id = Column('comment_id', Integer(), ForeignKey('changeset_comments.comment_id'), nullable=False)
                 version = Column("version", Integer(), nullable=False, default=0)
                 created_by_user_id = Column('created_by_user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
                 text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 deleted = Column('deleted', Boolean(), default=False)
                 author = relationship('User', lazy='joined')
                 comment = relationship('ChangesetComment', cascade="all, delete")
                 @classmethod
                 def get_version(cls, comment_id):
                     q = Session().query(ChangesetCommentHistory).filter(
                         ChangesetCommentHistory.comment_id == comment_id).order_by(ChangesetCommentHistory.version.desc())
                     if q.count() == 0:
                         return 1
                     elif q.count() >= q[0].version:
                         return q.count() + 1
                     else:
                         return q[0].version + 1
             class ChangesetStatus(Base, BaseModel):
                 __tablename__ = 'changeset_statuses'
                 __table_args__ = (
                     Index('cs_revision_idx', 'revision'),
                     Index('cs_version_idx', 'version'),
                     UniqueConstraint('repo_id', 'revision', 'version'),
                     base_table_args
                 )
                 STATUS_NOT_REVIEWED = DEFAULT = 'not_reviewed'
                 STATUS_APPROVED = 'approved'
                 STATUS_REJECTED = 'rejected'
                 STATUS_UNDER_REVIEW = 'under_review'
                 STATUSES = [
                     (STATUS_NOT_REVIEWED, _("Not Reviewed")),  # (no icon) and default
                     (STATUS_APPROVED, _("Approved")),
                     (STATUS_REJECTED, _("Rejected")),
                     (STATUS_UNDER_REVIEW, _("Under Review")),
                 ]
                 changeset_status_id = Column('changeset_status_id', Integer(), nullable=False, primary_key=True)
                 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None)
                 revision = Column('revision', String(40), nullable=False)
                 status = Column('status', String(128), nullable=False, default=DEFAULT)
                 changeset_comment_id = Column('changeset_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'))
                 modified_at = Column('modified_at', DateTime(), nullable=False, default=datetime.datetime.now)
                 version = Column('version', Integer(), nullable=False, default=0)
                 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
                 author = relationship('User', lazy='joined')
                 repo = relationship('Repository')
                 comment = relationship('ChangesetComment', lazy='joined')
                 pull_request = relationship('PullRequest', lazy='joined')
                 def __unicode__(self):
                     return u"<%s('%s[v%s]:%s')>" % (
                         self.__class__.__name__,
                         self.status, self.version, self.author
                     )
                 @classmethod
                 def get_status_lbl(cls, value):
                     return dict(cls.STATUSES).get(value)
                 @property
                 def status_lbl(self):
                     return ChangesetStatus.get_status_lbl(self.status)
                 def get_api_data(self):
                     status = self
                     data = {
                         'status_id': status.changeset_status_id,
                         'status': status.status,
                     }
                     return data
                 def __json__(self):
                     data = dict()
                     data.update(self.get_api_data())
                     return data
             class _SetState(object):
                 """
                 Context processor allowing changing state for sensitive operation such as
                 pull request update or merge
                 """
                 def __init__(self, pull_request, pr_state, back_state=None):
                     self._pr = pull_request
                     self._org_state = back_state or pull_request.pull_request_state
                     self._pr_state = pr_state
                     self._current_state = None
                 def __enter__(self):
                     log.debug('StateLock: entering set state context of pr %s, setting state to: `%s`',
                               self._pr, self._pr_state)
                     self.set_pr_state(self._pr_state)
                     return self
                 def __exit__(self, exc_type, exc_val, exc_tb):
                     if exc_val is not None:
                         log.error(traceback.format_exc(exc_tb))
                         return None
                     self.set_pr_state(self._org_state)
                     log.debug('StateLock: exiting set state context of pr %s, setting state to: `%s`',
                               self._pr, self._org_state)
                 @property
                 def state(self):
                     return self._current_state
                 def set_pr_state(self, pr_state):
                     try:
                         self._pr.pull_request_state = pr_state
                         Session().add(self._pr)
                         Session().commit()
                         self._current_state = pr_state
                     except Exception:
                         log.exception('Failed to set PullRequest %s state to %s', self._pr, pr_state)
                         raise
             class _PullRequestBase(BaseModel):
                 """
                 Common attributes of pull request and version entries.
                 """
                 # .status values
                 STATUS_NEW = u'new'
                 STATUS_OPEN = u'open'
                 STATUS_CLOSED = u'closed'
                 # available states
                 STATE_CREATING = u'creating'
                 STATE_UPDATING = u'updating'
                 STATE_MERGING = u'merging'
                 STATE_CREATED = u'created'
                 title = Column('title', Unicode(255), nullable=True)
                 description = Column(
                     'description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'),
                     nullable=True)
                 description_renderer = Column('description_renderer', Unicode(64), nullable=True)
                 # new/open/closed status of pull request (not approve/reject/etc)
                 status = Column('status', Unicode(255), nullable=False, default=STATUS_NEW)
                 created_on = Column(
                     'created_on', DateTime(timezone=False), nullable=False,
                     default=datetime.datetime.now)
                 updated_on = Column(
                     'updated_on', DateTime(timezone=False), nullable=False,
                     default=datetime.datetime.now)
                 pull_request_state = Column("pull_request_state", String(255), nullable=True)
                 @declared_attr
                 def user_id(cls):
                     return Column(
                         "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
                         unique=None)
                 # 500 revisions max
                 _revisions = Column(
                     'revisions', UnicodeText().with_variant(UnicodeText(20500), 'mysql'))
                 common_ancestor_id = Column('common_ancestor_id', Unicode(255), nullable=True)
                 @declared_attr
                 def source_repo_id(cls):
                     # TODO: dan: rename column to source_repo_id
                     return Column(
                         'org_repo_id', Integer(), ForeignKey('repositories.repo_id'),
                         nullable=False)
                 _source_ref = Column('org_ref', Unicode(255), nullable=False)
                 @hybrid_property
                 def source_ref(self):
                     return self._source_ref
                 @source_ref.setter
                 def source_ref(self, val):
                     parts = (val or '').split(':')
                     if len(parts) != 3:
                         raise ValueError(
                             'Invalid reference format given: {}, expected X:Y:Z'.format(val))
                     self._source_ref = safe_unicode(val)
                 _target_ref = Column('other_ref', Unicode(255), nullable=False)
                 @hybrid_property
                 def target_ref(self):
                     return self._target_ref
                 @target_ref.setter
                 def target_ref(self, val):
                     parts = (val or '').split(':')
                     if len(parts) != 3:
                         raise ValueError(
                             'Invalid reference format given: {}, expected X:Y:Z'.format(val))
                     self._target_ref = safe_unicode(val)
                 @declared_attr
                 def target_repo_id(cls):
                     # TODO: dan: rename column to target_repo_id
                     return Column(
                         'other_repo_id', Integer(), ForeignKey('repositories.repo_id'),
                         nullable=False)
                 _shadow_merge_ref = Column('shadow_merge_ref', Unicode(255), nullable=True)
                 # TODO: dan: rename column to last_merge_source_rev
                 _last_merge_source_rev = Column(
                     'last_merge_org_rev', String(40), nullable=True)
                 # TODO: dan: rename column to last_merge_target_rev
                 _last_merge_target_rev = Column(
                     'last_merge_other_rev', String(40), nullable=True)
                 _last_merge_status = Column('merge_status', Integer(), nullable=True)
                 last_merge_metadata = Column(
                     'last_merge_metadata', MutationObj.as_mutable(
                         JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
                 merge_rev = Column('merge_rev', String(40), nullable=True)
                 reviewer_data = Column(
                     'reviewer_data_json', MutationObj.as_mutable(
                         JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
                 @property
                 def reviewer_data_json(self):
                     return json.dumps(self.reviewer_data)
                 @property
                 def last_merge_metadata_parsed(self):
                     metadata = {}
                     if not self.last_merge_metadata:
                         return metadata
                     if hasattr(self.last_merge_metadata, 'de_coerce'):
                         for k, v in self.last_merge_metadata.de_coerce().items():
                             if k in ['target_ref', 'source_ref']:
                                 metadata[k] = Reference(v['type'], v['name'], v['commit_id'])
                             else:
                                 if hasattr(v, 'de_coerce'):
                                     metadata[k] = v.de_coerce()
                                 else:
                                     metadata[k] = v
                     return metadata
                 @property
                 def work_in_progress(self):
                     """checks if pull request is work in progress by checking the title"""
                     title = self.title.upper()
                     if re.match(r'^(\[WIP\]\s*|WIP:\s*|WIP\s+)', title):
                         return True
                     return False
                 @hybrid_property
                 def description_safe(self):
                     from rhodecode.lib import helpers as h
                     return h.escape(self.description)
                 @hybrid_property
                 def revisions(self):
                     return self._revisions.split(':') if self._revisions else []
                 @revisions.setter
                 def revisions(self, val):
                     self._revisions = u':'.join(val)
                 @hybrid_property
                 def last_merge_status(self):
                     return safe_int(self._last_merge_status)
                 @last_merge_status.setter
                 def last_merge_status(self, val):
                     self._last_merge_status = val
                 @declared_attr
                 def author(cls):
                     return relationship('User', lazy='joined')
                 @declared_attr
                 def source_repo(cls):
                     return relationship(
                         'Repository',
                         primaryjoin='%s.source_repo_id==Repository.repo_id' % cls.__name__)
                 @property
                 def source_ref_parts(self):
                     return self.unicode_to_reference(self.source_ref)
                 @declared_attr
                 def target_repo(cls):
                     return relationship(
                         'Repository',
                         primaryjoin='%s.target_repo_id==Repository.repo_id' % cls.__name__)
                 @property
                 def target_ref_parts(self):
                     return self.unicode_to_reference(self.target_ref)
                 @property
                 def shadow_merge_ref(self):
                     return self.unicode_to_reference(self._shadow_merge_ref)
                 @shadow_merge_ref.setter
                 def shadow_merge_ref(self, ref):
                     self._shadow_merge_ref = self.reference_to_unicode(ref)
                 @staticmethod
                 def unicode_to_reference(raw):
                     """
                     Convert a unicode (or string) to a reference object.
                     If unicode evaluates to False it returns None.
                     """
                     if raw:
                         refs = raw.split(':')
                         return Reference(*refs)
                     else:
                         return None
                 @staticmethod
                 def reference_to_unicode(ref):
                     """
                     Convert a reference object to unicode.
                     If reference is None it returns None.
                     """
                     if ref:
                         return u':'.join(ref)
                     else:
                         return None
                 def get_api_data(self, with_merge_state=True):
                     from rhodecode.model.pull_request import PullRequestModel
                     pull_request = self
                     if with_merge_state:
                         merge_response, merge_status, msg = \
                             PullRequestModel().merge_status(pull_request)
                         merge_state = {
                             'status': merge_status,
                             'message': safe_unicode(msg),
                         }
                     else:
                         merge_state = {'status': 'not_available',
                                        'message': 'not_available'}
                     merge_data = {
                         'clone_url': PullRequestModel().get_shadow_clone_url(pull_request),
                         'reference': (
                             pull_request.shadow_merge_ref._asdict()
                             if pull_request.shadow_merge_ref else None),
                     }
                     data = {
                         'pull_request_id': pull_request.pull_request_id,
                         'url': PullRequestModel().get_url(pull_request),
                         'title': pull_request.title,
                         'description': pull_request.description,
                         'status': pull_request.status,
                         'state': pull_request.pull_request_state,
                         'created_on': pull_request.created_on,
                         'updated_on': pull_request.updated_on,
                         'commit_ids': pull_request.revisions,
                         'review_status': pull_request.calculated_review_status(),
                         'mergeable': merge_state,
                         'source': {
                             'clone_url': pull_request.source_repo.clone_url(),
                             'repository': pull_request.source_repo.repo_name,
                             'reference': {
                                 'name': pull_request.source_ref_parts.name,
                                 'type': pull_request.source_ref_parts.type,
                                 'commit_id': pull_request.source_ref_parts.commit_id,
                             },
                         },
                         'target': {
                             'clone_url': pull_request.target_repo.clone_url(),
                             'repository': pull_request.target_repo.repo_name,
                             'reference': {
                                 'name': pull_request.target_ref_parts.name,
                                 'type': pull_request.target_ref_parts.type,
                                 'commit_id': pull_request.target_ref_parts.commit_id,
                             },
                         },
                         'merge': merge_data,
                         'author': pull_request.author.get_api_data(include_secrets=False,
                                                                    details='basic'),
                         'reviewers': [
                             {
                                 'user': reviewer.get_api_data(include_secrets=False,
                                                               details='basic'),
                                 'reasons': reasons,
                                 'review_status': st[0][1].status if st else 'not_reviewed',
                             }
                             for obj, reviewer, reasons, mandatory, st in
                             pull_request.reviewers_statuses()
                         ]
                     }
                     return data
                 def set_state(self, pull_request_state, final_state=None):
                     """
                     # goes from initial state to updating to initial state.
                     # initial state can be changed by specifying back_state=
                     with pull_request_obj.set_state(PullRequest.STATE_UPDATING):
                        pull_request.merge()
                     :param pull_request_state:
                     :param final_state:
                     """
                     return _SetState(self, pull_request_state, back_state=final_state)
             class PullRequest(Base, _PullRequestBase):
                 __tablename__ = 'pull_requests'
                 __table_args__ = (
                     base_table_args,
                 )
                 LATEST_VER = 'latest'
                 pull_request_id = Column(
                     'pull_request_id', Integer(), nullable=False, primary_key=True)
                 def __repr__(self):
                     if self.pull_request_id:
                         return '<DB:PullRequest #%s>' % self.pull_request_id
                     else:
                         return '<DB:PullRequest at %#x>' % id(self)
                 reviewers = relationship('PullRequestReviewers', cascade="all, delete-orphan")
                 statuses = relationship('ChangesetStatus', cascade="all, delete-orphan")
                 comments = relationship('ChangesetComment', cascade="all, delete-orphan")
                 versions = relationship('PullRequestVersion', cascade="all, delete-orphan",
                                         lazy='dynamic')
                 @classmethod
                 def get_pr_display_object(cls, pull_request_obj, org_pull_request_obj,
                                           internal_methods=None):
                     class PullRequestDisplay(object):
                         """
                         Special object wrapper for showing PullRequest data via Versions
                         It mimics PR object as close as possible. This is read only object
                         just for display
                         """
                         def __init__(self, attrs, internal=None):
                             self.attrs = attrs
                             # internal have priority over the given ones via attrs
                             self.internal = internal or ['versions']
                         def __getattr__(self, item):
                             if item in self.internal:
                                 return getattr(self, item)
                             try:
                                 return self.attrs[item]
                             except KeyError:
                                 raise AttributeError(
                                     '%s object has no attribute %s' % (self, item))
                         def __repr__(self):
                             return '<DB:PullRequestDisplay #%s>' % self.attrs.get('pull_request_id')
                         def versions(self):
                             return pull_request_obj.versions.order_by(
                                 PullRequestVersion.pull_request_version_id).all()
                         def is_closed(self):
                             return pull_request_obj.is_closed()
                         def is_state_changing(self):
                             return pull_request_obj.is_state_changing()
                         @property
                         def pull_request_version_id(self):
                             return getattr(pull_request_obj, 'pull_request_version_id', None)
                         @property
                         def pull_request_last_version(self):
                             return pull_request_obj.pull_request_last_version
                     attrs = StrictAttributeDict(pull_request_obj.get_api_data(with_merge_state=False))
                     attrs.author = StrictAttributeDict(
                         pull_request_obj.author.get_api_data())
                     if pull_request_obj.target_repo:
                         attrs.target_repo = StrictAttributeDict(
                             pull_request_obj.target_repo.get_api_data())
                         attrs.target_repo.clone_url = pull_request_obj.target_repo.clone_url
                     if pull_request_obj.source_repo:
                         attrs.source_repo = StrictAttributeDict(
                             pull_request_obj.source_repo.get_api_data())
                         attrs.source_repo.clone_url = pull_request_obj.source_repo.clone_url
                     attrs.source_ref_parts = pull_request_obj.source_ref_parts
                     attrs.target_ref_parts = pull_request_obj.target_ref_parts
                     attrs.revisions = pull_request_obj.revisions
                     attrs.common_ancestor_id = pull_request_obj.common_ancestor_id
                     attrs.shadow_merge_ref = org_pull_request_obj.shadow_merge_ref
                     attrs.reviewer_data = org_pull_request_obj.reviewer_data
                     attrs.reviewer_data_json = org_pull_request_obj.reviewer_data_json
                     return PullRequestDisplay(attrs, internal=internal_methods)
                 def is_closed(self):
                     return self.status == self.STATUS_CLOSED
                 def is_state_changing(self):
                     return self.pull_request_state != PullRequest.STATE_CREATED
                 def __json__(self):
                     return {
                         'revisions': self.revisions,
                         'versions': self.versions_count
                     }
                 def calculated_review_status(self):
                     from rhodecode.model.changeset_status import ChangesetStatusModel
                     return ChangesetStatusModel().calculated_review_status(self)
                 def reviewers_statuses(self):
                     from rhodecode.model.changeset_status import ChangesetStatusModel
                     return ChangesetStatusModel().reviewers_statuses(self)
                 @property
                 def workspace_id(self):
                     from rhodecode.model.pull_request import PullRequestModel
                     return PullRequestModel()._workspace_id(self)
                 def get_shadow_repo(self):
                     workspace_id = self.workspace_id
                     shadow_repository_path = self.target_repo.get_shadow_repository_path(workspace_id)
                     if os.path.isdir(shadow_repository_path):
                         vcs_obj = self.target_repo.scm_instance()
                         return vcs_obj.get_shadow_instance(shadow_repository_path)
                 @property
                 def versions_count(self):
                     """
                     return number of versions this PR have, e.g a PR that once been
                     updated will have 2 versions
                     """
                     return self.versions.count() + 1
                 @property
                 def pull_request_last_version(self):
                     return self.versions_count
             class PullRequestVersion(Base, _PullRequestBase):
                 __tablename__ = 'pull_request_versions'
                 __table_args__ = (
                     base_table_args,
                 )
                 pull_request_version_id = Column(
                     'pull_request_version_id', Integer(), nullable=False, primary_key=True)
                 pull_request_id = Column(
                     'pull_request_id', Integer(),
                     ForeignKey('pull_requests.pull_request_id'), nullable=False)
                 pull_request = relationship('PullRequest')
                 def __repr__(self):
                     if self.pull_request_version_id:
                         return '<DB:PullRequestVersion #%s>' % self.pull_request_version_id
                     else:
                         return '<DB:PullRequestVersion at %#x>' % id(self)
                 @property
                 def reviewers(self):
                     return self.pull_request.reviewers
                 @property
                 def versions(self):
                     return self.pull_request.versions
                 def is_closed(self):
                     # calculate from original
                     return self.pull_request.status == self.STATUS_CLOSED
                 def is_state_changing(self):
                     return self.pull_request.pull_request_state != PullRequest.STATE_CREATED
                 def calculated_review_status(self):
                     return self.pull_request.calculated_review_status()
                 def reviewers_statuses(self):
                     return self.pull_request.reviewers_statuses()
             class PullRequestReviewers(Base, BaseModel):
                 __tablename__ = 'pull_request_reviewers'
                 __table_args__ = (
                     base_table_args,
                 )
                 ROLE_REVIEWER = u'reviewer'
                 ROLE_OBSERVER = u'observer'
                 @hybrid_property
                 def reasons(self):
                     if not self._reasons:
                         return []
                     return self._reasons
                 @reasons.setter
                 def reasons(self, val):
                     val = val or []
                     if any(not isinstance(x, compat.string_types) for x in val):
                         raise Exception('invalid reasons type, must be list of strings')
                     self._reasons = val
                 pull_requests_reviewers_id = Column(
                     'pull_requests_reviewers_id', Integer(), nullable=False,
                     primary_key=True)
                 pull_request_id = Column(
                     "pull_request_id", Integer(),
                     ForeignKey('pull_requests.pull_request_id'), nullable=False)
                 user_id = Column(
                     "user_id", Integer(), ForeignKey('users.user_id'), nullable=True)
                 _reasons = Column(
                     'reason', MutationList.as_mutable(
                         JsonType('list', dialect_map=dict(mysql=UnicodeText(16384)))))
                 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
                 role = Column('role', Unicode(255), nullable=True, default=ROLE_REVIEWER)
                 user = relationship('User')
                 pull_request = relationship('PullRequest')
                 rule_data = Column(
                     'rule_data_json',
                     JsonType(dialect_map=dict(mysql=UnicodeText(16384))))
                 def rule_user_group_data(self):
                     """
                     Returns the voting user group rule data for this reviewer
                     """
                     if self.rule_data and 'vote_rule' in self.rule_data:
                         user_group_data = {}
                         if 'rule_user_group_entry_id' in self.rule_data:
                             # means a group with voting rules !
                             user_group_data['id'] = self.rule_data['rule_user_group_entry_id']
                             user_group_data['name'] = self.rule_data['rule_name']
                             user_group_data['vote_rule'] = self.rule_data['vote_rule']
                         return user_group_data
                 def __unicode__(self):
                     return u"<%s('id:%s')>" % (self.__class__.__name__,
                                                self.pull_requests_reviewers_id)
             class Notification(Base, BaseModel):
                 __tablename__ = 'notifications'
                 __table_args__ = (
                     Index('notification_type_idx', 'type'),
                     base_table_args,
                 )
                 TYPE_CHANGESET_COMMENT = u'cs_comment'
                 TYPE_MESSAGE = u'message'
                 TYPE_MENTION = u'mention'
                 TYPE_REGISTRATION = u'registration'
                 TYPE_PULL_REQUEST = u'pull_request'
                 TYPE_PULL_REQUEST_COMMENT = u'pull_request_comment'
                 TYPE_PULL_REQUEST_UPDATE = u'pull_request_update'
                 notification_id = Column('notification_id', Integer(), nullable=False, primary_key=True)
                 subject = Column('subject', Unicode(512), nullable=True)
                 body = Column('body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True)
                 created_by = Column("created_by", Integer(), ForeignKey('users.user_id'), nullable=True)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 type_ = Column('type', Unicode(255))
                 created_by_user = relationship('User')
                 notifications_to_users = relationship('UserNotification', lazy='joined',
                                                       cascade="all, delete-orphan")
                 @property
                 def recipients(self):
                     return [x.user for x in UserNotification.query()\
                             .filter(UserNotification.notification == self)\
                             .order_by(UserNotification.user_id.asc()).all()]
                 @classmethod
                 def create(cls, created_by, subject, body, recipients, type_=None):
                     if type_ is None:
                         type_ = Notification.TYPE_MESSAGE
                     notification = cls()
                     notification.created_by_user = created_by
                     notification.subject = subject
                     notification.body = body
                     notification.type_ = type_
                     notification.created_on = datetime.datetime.now()
                     # For each recipient link the created notification to his account
                     for u in recipients:
                         assoc = UserNotification()
                         assoc.user_id = u.user_id
                         assoc.notification = notification
                         # if created_by is inside recipients mark his notification
                         # as read
                         if u.user_id == created_by.user_id:
                             assoc.read = True
                         Session().add(assoc)
                     Session().add(notification)
                     return notification
             class UserNotification(Base, BaseModel):
                 __tablename__ = 'user_to_notification'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'notification_id'),
                     base_table_args
                 )
                 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
                 notification_id = Column("notification_id", Integer(), ForeignKey('notifications.notification_id'), primary_key=True)
                 read = Column('read', Boolean, default=False)
                 sent_on = Column('sent_on', DateTime(timezone=False), nullable=True, unique=None)
                 user = relationship('User', lazy="joined")
                 notification = relationship('Notification', lazy="joined",
                                             order_by=lambda: Notification.created_on.desc(),)
                 def mark_as_read(self):
                     self.read = True
                     Session().add(self)
             class UserNotice(Base, BaseModel):
                 __tablename__ = 'user_notices'
                 __table_args__ = (
                     base_table_args
                 )
                 NOTIFICATION_TYPE_MESSAGE = 'message'
                 NOTIFICATION_TYPE_NOTICE = 'notice'
                 NOTIFICATION_LEVEL_INFO = 'info'
                 NOTIFICATION_LEVEL_WARNING = 'warning'
                 NOTIFICATION_LEVEL_ERROR = 'error'
                 user_notice_id = Column('gist_id', Integer(), primary_key=True)
                 notice_subject = Column('notice_subject', Unicode(512), nullable=True)
                 notice_body = Column('notice_body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True)
                 notice_read = Column('notice_read', Boolean, default=False)
                 notification_level = Column('notification_level', String(1024), default=NOTIFICATION_LEVEL_INFO)
                 notification_type = Column('notification_type', String(1024), default=NOTIFICATION_TYPE_NOTICE)
                 notice_created_by = Column('notice_created_by', Integer(), ForeignKey('users.user_id'), nullable=True)
                 notice_created_on = Column('notice_created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'))
                 user = relationship('User', lazy="joined", primaryjoin='User.user_id==UserNotice.user_id')
                 @classmethod
                 def create_for_user(cls, user, subject, body, notice_level=NOTIFICATION_LEVEL_INFO, allow_duplicate=False):
                     if notice_level not in [cls.NOTIFICATION_LEVEL_ERROR,
                                             cls.NOTIFICATION_LEVEL_WARNING,
                                             cls.NOTIFICATION_LEVEL_INFO]:
                         return
                     from rhodecode.model.user import UserModel
                     user = UserModel().get_user(user)
                     new_notice = UserNotice()
                     if not allow_duplicate:
                         existing_msg = UserNotice().query() \
                             .filter(UserNotice.user == user) \
                             .filter(UserNotice.notice_body == body) \
                             .filter(UserNotice.notice_read == false()) \
                             .scalar()
                         if existing_msg:
                             log.warning('Ignoring duplicate notice for user %s', user)
                             return
                     new_notice.user = user
                     new_notice.notice_subject = subject
                     new_notice.notice_body = body
                     new_notice.notification_level = notice_level
                     Session().add(new_notice)
                     Session().commit()
             class Gist(Base, BaseModel):
                 __tablename__ = 'gists'
                 __table_args__ = (
                     Index('g_gist_access_id_idx', 'gist_access_id'),
                     Index('g_created_on_idx', 'created_on'),
                     base_table_args
                 )
                 GIST_PUBLIC = u'public'
                 GIST_PRIVATE = u'private'
                 DEFAULT_FILENAME = u'gistfile1.txt'
                 ACL_LEVEL_PUBLIC = u'acl_public'
                 ACL_LEVEL_PRIVATE = u'acl_private'
                 gist_id = Column('gist_id', Integer(), primary_key=True)
                 gist_access_id = Column('gist_access_id', Unicode(250))
                 gist_description = Column('gist_description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
                 gist_owner = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True)
                 gist_expires = Column('gist_expires', Float(53), nullable=False)
                 gist_type = Column('gist_type', Unicode(128), nullable=False)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 acl_level = Column('acl_level', Unicode(128), nullable=True)
                 owner = relationship('User')
                 def __repr__(self):
                     return '<Gist:[%s]%s>' % (self.gist_type, self.gist_access_id)
                 @hybrid_property
                 def description_safe(self):
                     from rhodecode.lib import helpers as h
                     return h.escape(self.gist_description)
                 @classmethod
                 def get_or_404(cls, id_):
                     from pyramid.httpexceptions import HTTPNotFound
                     res = cls.query().filter(cls.gist_access_id == id_).scalar()
                     if not res:
                         raise HTTPNotFound()
                     return res
                 @classmethod
                 def get_by_access_id(cls, gist_access_id):
                     return cls.query().filter(cls.gist_access_id == gist_access_id).scalar()
                 def gist_url(self):
                     from rhodecode.model.gist import GistModel
                     return GistModel().get_url(self)
                 @classmethod
                 def base_path(cls):
                     """
                     Returns base path when all gists are stored
                     :param cls:
                     """
                     from rhodecode.model.gist import GIST_STORE_LOC
                     q = Session().query(RhodeCodeUi)\
                         .filter(RhodeCodeUi.ui_key == URL_SEP)
                     q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
                     return os.path.join(q.one().ui_value, GIST_STORE_LOC)
                 def get_api_data(self):
                     """
                     Common function for generating gist related data for API
                     """
                     gist = self
                     data = {
                         'gist_id': gist.gist_id,
                         'type': gist.gist_type,
                         'access_id': gist.gist_access_id,
                         'description': gist.gist_description,
                         'url': gist.gist_url(),
                         'expires': gist.gist_expires,
                         'created_on': gist.created_on,
                         'modified_at': gist.modified_at,
                         'content': None,
                         'acl_level': gist.acl_level,
                     }
                     return data
                 def __json__(self):
                     data = dict(
                     )
                     data.update(self.get_api_data())
                     return data
                 # SCM functions
                 def scm_instance(self, **kwargs):
                     """
                     Get an instance of VCS Repository
                     :param kwargs:
                     """
                     from rhodecode.model.gist import GistModel
                     full_repo_path = os.path.join(self.base_path(), self.gist_access_id)
                     return get_vcs_instance(
                         repo_path=safe_str(full_repo_path), create=False,
                         _vcs_alias=GistModel.vcs_backend)
             class ExternalIdentity(Base, BaseModel):
                 __tablename__ = 'external_identities'
                 __table_args__ = (
                     Index('local_user_id_idx', 'local_user_id'),
                     Index('external_id_idx', 'external_id'),
                     base_table_args
                 )
                 external_id = Column('external_id', Unicode(255), default=u'', primary_key=True)
                 external_username = Column('external_username', Unicode(1024), default=u'')
                 local_user_id = Column('local_user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
                 provider_name = Column('provider_name', Unicode(255), default=u'', primary_key=True)
                 access_token = Column('access_token', String(1024), default=u'')
                 alt_token = Column('alt_token', String(1024), default=u'')
                 token_secret = Column('token_secret', String(1024), default=u'')
                 @classmethod
                 def by_external_id_and_provider(cls, external_id, provider_name, local_user_id=None):
                     """
                     Returns ExternalIdentity instance based on search params
                     :param external_id:
                     :param provider_name:
                     :return: ExternalIdentity
                     """
                     query = cls.query()
                     query = query.filter(cls.external_id == external_id)
                     query = query.filter(cls.provider_name == provider_name)
                     if local_user_id:
                         query = query.filter(cls.local_user_id == local_user_id)
                     return query.first()
                 @classmethod
                 def user_by_external_id_and_provider(cls, external_id, provider_name):
                     """
                     Returns User instance based on search params
                     :param external_id:
                     :param provider_name:
                     :return: User
                     """
                     query = User.query()
                     query = query.filter(cls.external_id == external_id)
                     query = query.filter(cls.provider_name == provider_name)
                     query = query.filter(User.user_id == cls.local_user_id)
                     return query.first()
                 @classmethod
                 def by_local_user_id(cls, local_user_id):
                     """
                     Returns all tokens for user
                     :param local_user_id:
                     :return: ExternalIdentity
                     """
                     query = cls.query()
                     query = query.filter(cls.local_user_id == local_user_id)
                     return query
                 @classmethod
                 def load_provider_plugin(cls, plugin_id):
                     from rhodecode.authentication.base import loadplugin
                     _plugin_id = 'egg:rhodecode-enterprise-ee#{}'.format(plugin_id)
                     auth_plugin = loadplugin(_plugin_id)
                     return auth_plugin
             class Integration(Base, BaseModel):
                 __tablename__ = 'integrations'
                 __table_args__ = (
                     base_table_args
                 )
                 integration_id = Column('integration_id', Integer(), primary_key=True)
                 integration_type = Column('integration_type', String(255))
                 enabled = Column('enabled', Boolean(), nullable=False)
                 name = Column('name', String(255), nullable=False)
                 child_repos_only = Column('child_repos_only', Boolean(), nullable=False,
                     default=False)
                 settings = Column(
                     'settings_json', MutationObj.as_mutable(
                         JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
                 repo_id = Column(
                     'repo_id', Integer(), ForeignKey('repositories.repo_id'),
                     nullable=True, unique=None, default=None)
                 repo = relationship('Repository', lazy='joined')
                 repo_group_id = Column(
                     'repo_group_id', Integer(), ForeignKey('groups.group_id'),
                     nullable=True, unique=None, default=None)
                 repo_group = relationship('RepoGroup', lazy='joined')
                 @property
                 def scope(self):
                     if self.repo:
                         return repr(self.repo)
                     if self.repo_group:
                         if self.child_repos_only:
                             return repr(self.repo_group) + ' (child repos only)'
                         else:
                             return repr(self.repo_group) + ' (recursive)'
                     if self.child_repos_only:
                         return 'root_repos'
                     return 'global'
                 def __repr__(self):
                     return '<Integration(%r, %r)>' % (self.integration_type, self.scope)
             class RepoReviewRuleUser(Base, BaseModel):
                 __tablename__ = 'repo_review_rules_users'
                 __table_args__ = (
                     base_table_args
                 )
                 repo_review_rule_user_id = Column('repo_review_rule_user_id', Integer(), primary_key=True)
                 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False)
                 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
                 user = relationship('User')
                 def rule_data(self):
                     return {
                         'mandatory': self.mandatory
                     }
             class RepoReviewRuleUserGroup(Base, BaseModel):
                 __tablename__ = 'repo_review_rules_users_groups'
                 __table_args__ = (
                     base_table_args
                 )
                 VOTE_RULE_ALL = -1
                 repo_review_rule_users_group_id = Column('repo_review_rule_users_group_id', Integer(), primary_key=True)
                 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
                 users_group_id = Column("users_group_id", Integer(),ForeignKey('users_groups.users_group_id'), nullable=False)
                 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
                 vote_rule = Column("vote_rule", Integer(), nullable=True, default=VOTE_RULE_ALL)
                 users_group = relationship('UserGroup')
                 def rule_data(self):
                     return {
                         'mandatory': self.mandatory,
                         'vote_rule': self.vote_rule
                     }
                 @property
                 def vote_rule_label(self):
                     if not self.vote_rule or self.vote_rule == self.VOTE_RULE_ALL:
                         return 'all must vote'
                     else:
                         return 'min. vote {}'.format(self.vote_rule)
             class RepoReviewRule(Base, BaseModel):
                 __tablename__ = 'repo_review_rules'
                 __table_args__ = (
                     base_table_args
                 )
                 repo_review_rule_id = Column(
                     'repo_review_rule_id', Integer(), primary_key=True)
                 repo_id = Column(
                     "repo_id", Integer(), ForeignKey('repositories.repo_id'))
                 repo = relationship('Repository', backref='review_rules')
                 review_rule_name = Column('review_rule_name', String(255))
                 _branch_pattern = Column("branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*')  # glob
                 _target_branch_pattern = Column("target_branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*')  # glob
                 _file_pattern = Column("file_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*')  # glob
                 use_authors_for_review = Column("use_authors_for_review", Boolean(), nullable=False, default=False)
                 forbid_author_to_review = Column("forbid_author_to_review", Boolean(), nullable=False, default=False)
                 forbid_commit_author_to_review = Column("forbid_commit_author_to_review", Boolean(), nullable=False, default=False)
                 forbid_adding_reviewers = Column("forbid_adding_reviewers", Boolean(), nullable=False, default=False)
                 rule_users = relationship('RepoReviewRuleUser')
                 rule_user_groups = relationship('RepoReviewRuleUserGroup')
                 def _validate_pattern(self, value):
                     re.compile('^' + glob2re(value) + '$')
                 @hybrid_property
                 def source_branch_pattern(self):
                     return self._branch_pattern or '*'
                 @source_branch_pattern.setter
                 def source_branch_pattern(self, value):
                     self._validate_pattern(value)
                     self._branch_pattern = value or '*'
                 @hybrid_property
                 def target_branch_pattern(self):
                     return self._target_branch_pattern or '*'
                 @target_branch_pattern.setter
                 def target_branch_pattern(self, value):
                     self._validate_pattern(value)
                     self._target_branch_pattern = value or '*'
                 @hybrid_property
                 def file_pattern(self):
                     return self._file_pattern or '*'
                 @file_pattern.setter
                 def file_pattern(self, value):
                     self._validate_pattern(value)
                     self._file_pattern = value or '*'
                 def matches(self, source_branch, target_branch, files_changed):
                     """
                     Check if this review rule matches a branch/files in a pull request
                     :param source_branch: source branch name for the commit
                     :param target_branch: target branch name for the commit
                     :param files_changed: list of file paths changed in the pull request
                     """
                     source_branch = source_branch or ''
                     target_branch = target_branch or ''
                     files_changed = files_changed or []
                     branch_matches = True
                     if source_branch or target_branch:
                         if self.source_branch_pattern == '*':
                             source_branch_match = True
                         else:
                             if self.source_branch_pattern.startswith('re:'):
                                 source_pattern = self.source_branch_pattern[3:]
                             else:
                                 source_pattern = '^' + glob2re(self.source_branch_pattern) + '$'
                             source_branch_regex = re.compile(source_pattern)
                             source_branch_match = bool(source_branch_regex.search(source_branch))
                         if self.target_branch_pattern == '*':
                             target_branch_match = True
                         else:
                             if self.target_branch_pattern.startswith('re:'):
                                 target_pattern = self.target_branch_pattern[3:]
                             else:
                                 target_pattern = '^' + glob2re(self.target_branch_pattern) + '$'
                             target_branch_regex = re.compile(target_pattern)
                             target_branch_match = bool(target_branch_regex.search(target_branch))
                         branch_matches = source_branch_match and target_branch_match
                     files_matches = True
                     if self.file_pattern != '*':
                         files_matches = False
                         if self.file_pattern.startswith('re:'):
                             file_pattern = self.file_pattern[3:]
                         else:
                             file_pattern = glob2re(self.file_pattern)
                         file_regex = re.compile(file_pattern)
                         for file_data in files_changed:
                             filename = file_data.get('filename')
                             if file_regex.search(filename):
                                 files_matches = True
                                 break
                     return branch_matches and files_matches
                 @property
                 def review_users(self):
                     """ Returns the users which this rule applies to """
                     users = collections.OrderedDict()
                     for rule_user in self.rule_users:
                         if rule_user.user.active:
                             if rule_user.user not in users:
                                 users[rule_user.user.username] = {
                                     'user': rule_user.user,
                                     'source': 'user',
                                     'source_data': {},
                                     'data': rule_user.rule_data()
                                 }
                     for rule_user_group in self.rule_user_groups:
                         source_data = {
                             'user_group_id': rule_user_group.users_group.users_group_id,
                             'name': rule_user_group.users_group.users_group_name,
                             'members': len(rule_user_group.users_group.members)
                         }
                         for member in rule_user_group.users_group.members:
                             if member.user.active:
                                 key = member.user.username
                                 if key in users:
                                     # skip this member as we have him already
                                     # this prevents from override the "first" matched
                                     # users with duplicates in multiple groups
                                     continue
                                 users[key] = {
                                     'user': member.user,
                                     'source': 'user_group',
                                     'source_data': source_data,
                                     'data': rule_user_group.rule_data()
                                 }
                     return users
                 def user_group_vote_rule(self, user_id):
                     rules = []
                     if not self.rule_user_groups:
                         return rules
                     for user_group in self.rule_user_groups:
                         user_group_members = [x.user_id for x in user_group.users_group.members]
                         if user_id in user_group_members:
                             rules.append(user_group)
                     return rules
                 def __repr__(self):
                     return '<RepoReviewerRule(id=%r, repo=%r)>' % (
                         self.repo_review_rule_id, self.repo)
             class ScheduleEntry(Base, BaseModel):
                 __tablename__ = 'schedule_entries'
                 __table_args__ = (
                     UniqueConstraint('schedule_name', name='s_schedule_name_idx'),
                     UniqueConstraint('task_uid', name='s_task_uid_idx'),
                     base_table_args,
                 )
                 schedule_types = ['crontab', 'timedelta', 'integer']
                 schedule_entry_id = Column('schedule_entry_id', Integer(), primary_key=True)
                 schedule_name = Column("schedule_name", String(255), nullable=False, unique=None, default=None)
                 schedule_description = Column("schedule_description", String(10000), nullable=True, unique=None, default=None)
                 schedule_enabled = Column("schedule_enabled", Boolean(), nullable=False, unique=None, default=True)
                 _schedule_type = Column("schedule_type", String(255), nullable=False, unique=None, default=None)
                 schedule_definition = Column('schedule_definition_json', MutationObj.as_mutable(JsonType(default=lambda: "", dialect_map=dict(mysql=LONGTEXT()))))
                 schedule_last_run = Column('schedule_last_run', DateTime(timezone=False), nullable=True, unique=None, default=None)
                 schedule_total_run_count = Column('schedule_total_run_count', Integer(), nullable=True, unique=None, default=0)
                 # task
                 task_uid = Column("task_uid", String(255), nullable=False, unique=None, default=None)
                 task_dot_notation = Column("task_dot_notation", String(4096), nullable=False, unique=None, default=None)
                 task_args = Column('task_args_json', MutationObj.as_mutable(JsonType(default=list, dialect_map=dict(mysql=LONGTEXT()))))
                 task_kwargs = Column('task_kwargs_json', MutationObj.as_mutable(JsonType(default=dict, dialect_map=dict(mysql=LONGTEXT()))))
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=None)
                 @hybrid_property
                 def schedule_type(self):
                     return self._schedule_type
                 @schedule_type.setter
                 def schedule_type(self, val):
                     if val not in self.schedule_types:
                         raise ValueError('Value must be on of `{}` and got `{}`'.format(
                             val, self.schedule_type))
                     self._schedule_type = val
                 @classmethod
                 def get_uid(cls, obj):
                     args = obj.task_args
                     kwargs = obj.task_kwargs
                     if isinstance(args, JsonRaw):
                         try:
                             args = json.loads(args)
                         except ValueError:
                             args = tuple()
                     if isinstance(kwargs, JsonRaw):
                         try:
                             kwargs = json.loads(kwargs)
                         except ValueError:
                             kwargs = dict()
                     dot_notation = obj.task_dot_notation
                     val = '.'.join(map(safe_str, [
                         sorted(dot_notation), args, sorted(kwargs.items())]))
                     return hashlib.sha1(val).hexdigest()
                 @classmethod
                 def get_by_schedule_name(cls, schedule_name):
                     return cls.query().filter(cls.schedule_name == schedule_name).scalar()
                 @classmethod
                 def get_by_schedule_id(cls, schedule_id):
                     return cls.query().filter(cls.schedule_entry_id == schedule_id).scalar()
                 @property
                 def task(self):
                     return self.task_dot_notation
                 @property
                 def schedule(self):
                     from rhodecode.lib.celerylib.utils import raw_2_schedule
                     schedule = raw_2_schedule(self.schedule_definition, self.schedule_type)
                     return schedule
                 @property
                 def args(self):
                     try:
                         return list(self.task_args or [])
                     except ValueError:
                         return list()
                 @property
                 def kwargs(self):
                     try:
                         return dict(self.task_kwargs or {})
                     except ValueError:
                         return dict()
                 def _as_raw(self, val):
                     if hasattr(val, 'de_coerce'):
                         val = val.de_coerce()
                         if val:
                             val = json.dumps(val)
                     return val
                 @property
                 def schedule_definition_raw(self):
                     return self._as_raw(self.schedule_definition)
                 @property
                 def args_raw(self):
                     return self._as_raw(self.task_args)
                 @property
                 def kwargs_raw(self):
                     return self._as_raw(self.task_kwargs)
                 def __repr__(self):
                     return '<DB:ScheduleEntry({}:{})>'.format(
                         self.schedule_entry_id, self.schedule_name)
             @event.listens_for(ScheduleEntry, 'before_update')
             def update_task_uid(mapper, connection, target):
                 target.task_uid = ScheduleEntry.get_uid(target)
             @event.listens_for(ScheduleEntry, 'before_insert')
             def set_task_uid(mapper, connection, target):
                 target.task_uid = ScheduleEntry.get_uid(target)
             class _BaseBranchPerms(BaseModel):
                 @classmethod
                 def compute_hash(cls, value):
                     return sha1_safe(value)
                 @hybrid_property
                 def branch_pattern(self):
                     return self._branch_pattern or '*'
                 @hybrid_property
                 def branch_hash(self):
                     return self._branch_hash
                 def _validate_glob(self, value):
                     re.compile('^' + glob2re(value) + '$')
                 @branch_pattern.setter
                 def branch_pattern(self, value):
                     self._validate_glob(value)
                     self._branch_pattern = value or '*'
                     # set the Hash when setting the branch pattern
                     self._branch_hash = self.compute_hash(self._branch_pattern)
                 def matches(self, branch):
                     """
                     Check if this the branch matches entry
                     :param branch: branch name for the commit
                     """
                     branch = branch or ''
                     branch_matches = True
                     if branch:
                         branch_regex = re.compile('^' + glob2re(self.branch_pattern) + '$')
                         branch_matches = bool(branch_regex.search(branch))
                     return branch_matches
             class UserToRepoBranchPermission(Base, _BaseBranchPerms):
                 __tablename__ = 'user_to_repo_branch_permissions'
                 __table_args__ = (
                     base_table_args
                 )
                 branch_rule_id = Column('branch_rule_id', Integer(), primary_key=True)
                 repository_id = Column('repository_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
                 repo = relationship('Repository', backref='user_branch_perms')
                 permission_id = Column('permission_id', Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 permission = relationship('Permission')
                 rule_to_perm_id = Column('rule_to_perm_id', Integer(), ForeignKey('repo_to_perm.repo_to_perm_id'), nullable=False, unique=None, default=None)
                 user_repo_to_perm = relationship('UserRepoToPerm')
                 rule_order = Column('rule_order', Integer(), nullable=False)
                 _branch_pattern = Column('branch_pattern', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), default=u'*')  # glob
                 _branch_hash = Column('branch_hash', UnicodeText().with_variant(UnicodeText(2048), 'mysql'))
                 def __unicode__(self):
                     return u'<UserBranchPermission(%s => %r)>' % (
                         self.user_repo_to_perm, self.branch_pattern)
             class UserGroupToRepoBranchPermission(Base, _BaseBranchPerms):
                 __tablename__ = 'user_group_to_repo_branch_permissions'
                 __table_args__ = (
                     base_table_args
                 )
                 branch_rule_id = Column('branch_rule_id', Integer(), primary_key=True)
                 repository_id = Column('repository_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
                 repo = relationship('Repository', backref='user_group_branch_perms')
                 permission_id = Column('permission_id', Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 permission = relationship('Permission')
                 rule_to_perm_id = Column('rule_to_perm_id', Integer(), ForeignKey('users_group_repo_to_perm.users_group_to_perm_id'), nullable=False, unique=None, default=None)
                 user_group_repo_to_perm = relationship('UserGroupRepoToPerm')
                 rule_order = Column('rule_order', Integer(), nullable=False)
                 _branch_pattern = Column('branch_pattern', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), default=u'*')  # glob
                 _branch_hash = Column('branch_hash', UnicodeText().with_variant(UnicodeText(2048), 'mysql'))
                 def __unicode__(self):
                     return u'<UserBranchPermission(%s => %r)>' % (
                         self.user_group_repo_to_perm, self.branch_pattern)
             class UserBookmark(Base, BaseModel):
                 __tablename__ = 'user_bookmarks'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'bookmark_repo_id'),
                     UniqueConstraint('user_id', 'bookmark_repo_group_id'),
                     UniqueConstraint('user_id', 'bookmark_position'),
                     base_table_args
                 )
                 user_bookmark_id = Column("user_bookmark_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 position = Column("bookmark_position", Integer(), nullable=False)
                 title = Column("bookmark_title", String(255), nullable=True, unique=None, default=None)
                 redirect_url = Column("bookmark_redirect_url", String(10240), nullable=True, unique=None, default=None)
                 created_on = Column("created_on", DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 bookmark_repo_id = Column("bookmark_repo_id", Integer(), ForeignKey("repositories.repo_id"), nullable=True, unique=None, default=None)
                 bookmark_repo_group_id = Column("bookmark_repo_group_id", Integer(), ForeignKey("groups.group_id"), nullable=True, unique=None, default=None)
                 user = relationship("User")
                 repository = relationship("Repository")
                 repository_group = relationship("RepoGroup")
                 @classmethod
                 def get_by_position_for_user(cls, position, user_id):
                     return cls.query() \
                         .filter(UserBookmark.user_id == user_id) \
                         .filter(UserBookmark.position == position).scalar()
                 @classmethod
                 def get_bookmarks_for_user(cls, user_id, cache=True):
                     bookmarks = cls.query() \
                         .filter(UserBookmark.user_id == user_id) \
                         .options(joinedload(UserBookmark.repository)) \
                         .options(joinedload(UserBookmark.repository_group)) \
                         .order_by(UserBookmark.position.asc())
                     if cache:
                         bookmarks = bookmarks.options(
                             FromCache("sql_cache_short", "get_user_{}_bookmarks".format(user_id))
                         )
                     return bookmarks.all()
                 def __unicode__(self):
                     return u'<UserBookmark(%s @ %r)>' % (self.position, self.redirect_url)
             class FileStore(Base, BaseModel):
                 __tablename__ = 'file_store'
                 __table_args__ = (
                     base_table_args
                 )
                 file_store_id = Column('file_store_id', Integer(), primary_key=True)
                 file_uid = Column('file_uid', String(1024), nullable=False)
                 file_display_name = Column('file_display_name', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), nullable=True)
                 file_description = Column('file_description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'), nullable=True)
                 file_org_name = Column('file_org_name', UnicodeText().with_variant(UnicodeText(10240), 'mysql'), nullable=False)
                 # sha256 hash
                 file_hash = Column('file_hash', String(512), nullable=False)
                 file_size = Column('file_size', BigInteger(), nullable=False)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 accessed_on = Column('accessed_on', DateTime(timezone=False), nullable=True)
                 accessed_count = Column('accessed_count', Integer(), default=0)
                 enabled = Column('enabled', Boolean(), nullable=False, default=True)
                 # if repo/repo_group reference is set, check for permissions
                 check_acl = Column('check_acl', Boolean(), nullable=False, default=True)
                 # hidden defines an attachment that should be hidden from showing in artifact listing
                 hidden = Column('hidden', Boolean(), nullable=False, default=False)
                 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
                 upload_user = relationship('User', lazy='joined', primaryjoin='User.user_id==FileStore.user_id')
                 file_metadata = relationship('FileStoreMetadata', lazy='joined')
                 # scope limited to user, which requester have access to
                 scope_user_id = Column(
                     'scope_user_id', Integer(), ForeignKey('users.user_id'),
                     nullable=True, unique=None, default=None)
                 user = relationship('User', lazy='joined', primaryjoin='User.user_id==FileStore.scope_user_id')
                 # scope limited to user group, which requester have access to
                 scope_user_group_id = Column(
                     'scope_user_group_id', Integer(), ForeignKey('users_groups.users_group_id'),
                     nullable=True, unique=None, default=None)
                 user_group = relationship('UserGroup', lazy='joined')
                 # scope limited to repo, which requester have access to
                 scope_repo_id = Column(
                     'scope_repo_id', Integer(), ForeignKey('repositories.repo_id'),
                     nullable=True, unique=None, default=None)
                 repo = relationship('Repository', lazy='joined')
                 # scope limited to repo group, which requester have access to
                 scope_repo_group_id = Column(
                     'scope_repo_group_id', Integer(), ForeignKey('groups.group_id'),
                     nullable=True, unique=None, default=None)
                 repo_group = relationship('RepoGroup', lazy='joined')
                 @classmethod
                 def get_by_store_uid(cls, file_store_uid, safe=False):
                     if safe:
                         return FileStore.query().filter(FileStore.file_uid == file_store_uid).first()
                     else:
                         return FileStore.query().filter(FileStore.file_uid == file_store_uid).scalar()
                 @classmethod
                 def create(cls, file_uid, filename, file_hash, file_size, file_display_name='',
                            file_description='', enabled=True, hidden=False, check_acl=True,
                            user_id=None, scope_user_id=None, scope_repo_id=None, scope_repo_group_id=None):
                     store_entry = FileStore()
                     store_entry.file_uid = file_uid
                     store_entry.file_display_name = file_display_name
                     store_entry.file_org_name = filename
                     store_entry.file_size = file_size
                     store_entry.file_hash = file_hash
                     store_entry.file_description = file_description
                     store_entry.check_acl = check_acl
                     store_entry.enabled = enabled
                     store_entry.hidden = hidden
                     store_entry.user_id = user_id
                     store_entry.scope_user_id = scope_user_id
                     store_entry.scope_repo_id = scope_repo_id
                     store_entry.scope_repo_group_id = scope_repo_group_id
                     return store_entry
                 @classmethod
                 def store_metadata(cls, file_store_id, args, commit=True):
                     file_store = FileStore.get(file_store_id)
                     if file_store is None:
                         return
                     for section, key, value, value_type in args:
                         has_key = FileStoreMetadata().query() \
                             .filter(FileStoreMetadata.file_store_id == file_store.file_store_id) \
                             .filter(FileStoreMetadata.file_store_meta_section == section) \
                             .filter(FileStoreMetadata.file_store_meta_key == key) \
                             .scalar()
                         if has_key:
                             msg = 'key `{}` already defined under section `{}` for this file.'\
                                 .format(key, section)
                             raise ArtifactMetadataDuplicate(msg, err_section=section, err_key=key)
                         # NOTE(marcink): raises ArtifactMetadataBadValueType
                         FileStoreMetadata.valid_value_type(value_type)
                         meta_entry = FileStoreMetadata()
                         meta_entry.file_store = file_store
                         meta_entry.file_store_meta_section = section
                         meta_entry.file_store_meta_key = key
                         meta_entry.file_store_meta_value_type = value_type
                         meta_entry.file_store_meta_value = value
                         Session().add(meta_entry)
                     try:
                         if commit:
                             Session().commit()
                     except IntegrityError:
                         Session().rollback()
                         raise ArtifactMetadataDuplicate('Duplicate section/key found for this file.')
                 @classmethod
                 def bump_access_counter(cls, file_uid, commit=True):
                     FileStore().query()\
                         .filter(FileStore.file_uid == file_uid)\
                         .update({FileStore.accessed_count: (FileStore.accessed_count + 1),
                                  FileStore.accessed_on: datetime.datetime.now()})
                     if commit:
                         Session().commit()
                 def __json__(self):
                     data = {
                         'filename': self.file_display_name,
                         'filename_org': self.file_org_name,
                         'file_uid': self.file_uid,
                         'description': self.file_description,
                         'hidden': self.hidden,
                         'size': self.file_size,
                         'created_on': self.created_on,
                         'uploaded_by': self.upload_user.get_api_data(details='basic'),
                         'downloaded_times': self.accessed_count,
                         'sha256': self.file_hash,
                         'metadata': self.file_metadata,
                     }
                     return data
                 def __repr__(self):
                     return '<FileStore({})>'.format(self.file_store_id)
             class FileStoreMetadata(Base, BaseModel):
                 __tablename__ = 'file_store_metadata'
                 __table_args__ = (
                     UniqueConstraint('file_store_id', 'file_store_meta_section_hash', 'file_store_meta_key_hash'),
                     Index('file_store_meta_section_idx', 'file_store_meta_section', mysql_length=255),
                     Index('file_store_meta_key_idx', 'file_store_meta_key', mysql_length=255),
                     base_table_args
                 )
                 SETTINGS_TYPES = {
                     'str': safe_str,
                     'int': safe_int,
                     'unicode': safe_unicode,
                     'bool': str2bool,
                     'list': functools.partial(aslist, sep=',')
                 }
                 file_store_meta_id = Column(
                     "file_store_meta_id", Integer(), nullable=False, unique=True, default=None,
                     primary_key=True)
                 _file_store_meta_section = Column(
                     "file_store_meta_section", UnicodeText().with_variant(UnicodeText(1024), 'mysql'),
                     nullable=True, unique=None, default=None)
                 _file_store_meta_section_hash = Column(
                     "file_store_meta_section_hash", String(255),
                     nullable=True, unique=None, default=None)
                 _file_store_meta_key = Column(
                     "file_store_meta_key", UnicodeText().with_variant(UnicodeText(1024), 'mysql'),
                     nullable=True, unique=None, default=None)
                 _file_store_meta_key_hash = Column(
                     "file_store_meta_key_hash", String(255), nullable=True, unique=None, default=None)
                 _file_store_meta_value = Column(
                     "file_store_meta_value", UnicodeText().with_variant(UnicodeText(20480), 'mysql'),
                     nullable=True, unique=None, default=None)
                 _file_store_meta_value_type = Column(
                     "file_store_meta_value_type", String(255), nullable=True, unique=None,
                     default='unicode')
                 file_store_id = Column(
                     'file_store_id', Integer(), ForeignKey('file_store.file_store_id'),
                     nullable=True, unique=None, default=None)
                 file_store = relationship('FileStore', lazy='joined')
                 @classmethod
                 def valid_value_type(cls, value):
                     if value.split('.')[0] not in cls.SETTINGS_TYPES:
                         raise ArtifactMetadataBadValueType(
                             'value_type must be one of %s got %s' % (cls.SETTINGS_TYPES.keys(), value))
                 @hybrid_property
                 def file_store_meta_section(self):
                     return self._file_store_meta_section
                 @file_store_meta_section.setter
                 def file_store_meta_section(self, value):
                     self._file_store_meta_section = value
                     self._file_store_meta_section_hash = _hash_key(value)
                 @hybrid_property
                 def file_store_meta_key(self):
                     return self._file_store_meta_key
                 @file_store_meta_key.setter
                 def file_store_meta_key(self, value):
                     self._file_store_meta_key = value
                     self._file_store_meta_key_hash = _hash_key(value)
                 @hybrid_property
                 def file_store_meta_value(self):
                     val = self._file_store_meta_value
                     if self._file_store_meta_value_type:
                         # e.g unicode.encrypted == unicode
                         _type = self._file_store_meta_value_type.split('.')[0]
                         # decode the encrypted value if it's encrypted field type
                         if '.encrypted' in self._file_store_meta_value_type:
                             cipher = EncryptedTextValue()
                             val = safe_unicode(cipher.process_result_value(val, None))
                         # do final type conversion
                         converter = self.SETTINGS_TYPES.get(_type) or self.SETTINGS_TYPES['unicode']
                         val = converter(val)
                     return val
                 @file_store_meta_value.setter
                 def file_store_meta_value(self, val):
                     val = safe_unicode(val)
                     # encode the encrypted value
                     if '.encrypted' in self.file_store_meta_value_type:
                         cipher = EncryptedTextValue()
                         val = safe_unicode(cipher.process_bind_param(val, None))
                     self._file_store_meta_value = val
                 @hybrid_property
                 def file_store_meta_value_type(self):
                     return self._file_store_meta_value_type
                 @file_store_meta_value_type.setter
                 def file_store_meta_value_type(self, val):
                     # e.g unicode.encrypted
                     self.valid_value_type(val)
                     self._file_store_meta_value_type = val
                 def __json__(self):
                     data = {
                         'artifact': self.file_store.file_uid,
                         'section': self.file_store_meta_section,
                         'key': self.file_store_meta_key,
                         'value': self.file_store_meta_value,
                     }
                     return data
                 def __repr__(self):
                     return '<%s[%s]%s=>%s]>' % (self.__class__.__name__, self.file_store_meta_section,
                                                 self.file_store_meta_key, self.file_store_meta_value)
             class DbMigrateVersion(Base, BaseModel):
                 __tablename__ = 'db_migrate_version'
                 __table_args__ = (
                     base_table_args,
                 )
                 repository_id = Column('repository_id', String(250), primary_key=True)
                 repository_path = Column('repository_path', Text)
                 version = Column('version', Integer)
                 @classmethod
                 def set_version(cls, version):
                     """
                     Helper for forcing a different version, usually for debugging purposes via ishell.
                     """
                     ver = DbMigrateVersion.query().first()
                     ver.version = version
                     Session().commit()
             class DbSession(Base, BaseModel):
                 __tablename__ = 'db_session'
                 __table_args__ = (
                     base_table_args,
                 )
                 def __repr__(self):
                     return '<DB:DbSession({})>'.format(self.id)
                 id = Column('id', Integer())
                 namespace = Column('namespace', String(255), primary_key=True)
                 accessed = Column('accessed', DateTime, nullable=False)
                 created = Column('created', DateTime, nullable=False)
                 data = Column('data', PickleType, nullable=False)

             // # Copyright (C) 2010-2020 RhodeCode GmbH
             // #
             // # This program is free software: you can redistribute it and/or modify
             // # it under the terms of the GNU Affero General Public License, version 3
             // # (only), as published by the Free Software Foundation.
             // #
             // # This program is distributed in the hope that it will be useful,
             // # but WITHOUT ANY WARRANTY; without even the implied warranty of
             // # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             // # GNU General Public License for more details.
             // #
             // # You should have received a copy of the GNU Affero General Public License
             // # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             // #
             // # This program is dual-licensed. If you wish to learn more about the
             // # RhodeCode Enterprise Edition, including its added features, Support services,
             // # and proprietary license terms, please see https://rhodecode.com/licenses/
             /**
             RhodeCode JS Files
             **/
             if (typeof console == "undefined" || typeof console.log == "undefined"){
                 console = { log: function() {} }
             }
             // TODO: move the following function to submodules
             /**
              * show more
              */
             var show_more_event = function(){
               $('table .show_more').click(function(e) {
                 var cid = e.target.id.substring(1);
                 var button = $(this);
                 if (button.hasClass('open')) {
                   $('#'+cid).hide();
                   button.removeClass('open');
                 } else {
                   $('#'+cid).show();
                   button.addClass('open one');
                 }
               });
             };
             var compare_radio_buttons = function(repo_name, compare_ref_type){
                 $('#compare_action').on('click', function(e){
                     e.preventDefault();
                     var source = $('input[name=compare_source]:checked').val();
                     var target = $('input[name=compare_target]:checked').val();
                     if(source && target){
                         var url_data = {
                             repo_name: repo_name,
                             source_ref: source,
                             source_ref_type: compare_ref_type,
                             target_ref: target,
                             target_ref_type: compare_ref_type,
                             merge: 1
                         };
                         window.location = pyroutes.url('repo_compare', url_data);
                     }
                 });
                 $('.compare-radio-button').on('click', function(e){
                     var source = $('input[name=compare_source]:checked').val();
                     var target = $('input[name=compare_target]:checked').val();
                     if(source && target){
                         $('#compare_action').removeAttr("disabled");
                         $('#compare_action').removeClass("disabled");
                     }
                 })
             };
             var showRepoSize = function(target, repo_name, commit_id, callback) {
                 var container = $('#' + target);
                 var url = pyroutes.url('repo_stats',
                   {"repo_name": repo_name, "commit_id": commit_id});
                 container.show();
                 if (!container.hasClass('loaded')) {
                     $.ajax({url: url})
                         .complete(function (data) {
                             var responseJSON = data.responseJSON;
                             container.addClass('loaded');
                             container.html(responseJSON.size);
                             callback(responseJSON.code_stats)
                         })
                         .fail(function (data) {
                             console.log('failed to load repo stats');
                         });
                 }
             };
             var showRepoStats = function(target, data){
                 var container = $('#' + target);
                 if (container.hasClass('loaded')) {
                     return
                 }
                 var total = 0;
                 var no_data = true;
                 var tbl = document.createElement('table');
                 tbl.setAttribute('class', 'trending_language_tbl rctable');
                 $.each(data, function(key, val){
                     total += val.count;
                 });
                 var sortedStats = [];
                 for (var obj in data){
                     sortedStats.push([obj, data[obj]])
                 }
                 var sortedData = sortedStats.sort(function (a, b) {
                     return b[1].count - a[1].count
                 });
                 var cnt = 0;
                 $.each(sortedData, function(idx, val){
                     cnt += 1;
                     no_data = false;
                     var tr = document.createElement('tr');
                     var key = val[0];
                     var obj = {"desc": val[1].desc, "count": val[1].count};
                     // meta language names
                     var td1 = document.createElement('td');
                     var trending_language_label = document.createElement('div');
                     trending_language_label.innerHTML = obj.desc;
                     td1.appendChild(trending_language_label);
                     // extensions
                     var td2 = document.createElement('td');
                     var extension = document.createElement('div');
                     extension.innerHTML = ".{0}".format(key)
                     td2.appendChild(extension);
                     // number of files
                     var td3 = document.createElement('td');
                     var file_count = document.createElement('div');
                     var percentage_num = Math.round((obj.count / total * 100), 2);
                     var label = _ngettext('file', 'files', obj.count);
                     file_count.innerHTML = "{0} {1} ({2}%)".format(obj.count, label, percentage_num) ;
                     td3.appendChild(file_count);
                     // percentage
                     var td4 = document.createElement('td');
                     td4.setAttribute("class", 'trending_language');
                     var percentage = document.createElement('div');
                     percentage.setAttribute('class', 'lang-bar');
                     percentage.innerHTML = "&nbsp;";
                     percentage.style.width = percentage_num + '%';
                     td4.appendChild(percentage);
                     tr.appendChild(td1);
                     tr.appendChild(td2);
                     tr.appendChild(td3);
                     tr.appendChild(td4);
                     tbl.appendChild(tr);
                 });
                 $(container).html(tbl);
                 $(container).addClass('loaded');
                 $('#code_stats_show_more').on('click', function (e) {
                     e.preventDefault();
                     $('.stats_hidden').each(function (idx) {
                         $(this).css("display", "");
                     });
                     $('#code_stats_show_more').hide();
                 });
             };
             // returns a node from given html;
             var fromHTML = function(html){
               var _html = document.createElement('element');
               _html.innerHTML = html;
               return _html;
             };
             // Toggle Collapsable Content
             function collapsableContent() {
                 $('.collapsable-content').not('.no-hide').hide();
                 $('.btn-collapse').unbind(); //in case we've been here before
                 $('.btn-collapse').click(function() {
                     var button = $(this);
                     var togglename = $(this).data("toggle");
                     $('.collapsable-content[data-toggle='+togglename+']').toggle();
                     if ($(this).html()=="Show Less")
                         $(this).html("Show More");
                     else
                         $(this).html("Show Less");
                 });
             };
             var timeagoActivate = function() {
                 $("time.timeago").timeago();
             };
             var clipboardActivate = function() {
                 /*
                 *
                 * <i class="tooltip icon-plus clipboard-action" data-clipboard-text="${commit.raw_id}" title="${_('Copy the full commit id')}"></i>
                 * */
                 var clipboard = new ClipboardJS('.clipboard-action');
                 clipboard.on('success', function(e) {
                     var callback = function () {
                         $(e.trigger).animate({'opacity': 1.00}, 200)
                     };
                     $(e.trigger).animate({'opacity': 0.15}, 200, callback);
                     e.clearSelection();
                 });
             };
             var tooltipActivate = function () {
                 var delay = 50;
                 var animation = 'fade';
                 var theme = 'tooltipster-shadow';
                 var debug = false;
                 $('.tooltip').tooltipster({
                     debug: debug,
                     theme: theme,
                     animation: animation,
                     delay: delay,
                     contentCloning: true,
                     contentAsHTML: true,
                     functionBefore: function (instance, helper) {
                         var $origin = $(helper.origin);
                         var data = '<div style="white-space: pre-wrap">{0}</div>'.format(instance.content());
                         instance.content(data);
                     }
                 });
                 var hovercardCache = {};
                 var loadHoverCard = function (url, altHovercard, callback) {
                     var id = url;
                     if (hovercardCache[id] !== undefined) {
                         callback(hovercardCache[id]);
                         return true;
                     }
                     hovercardCache[id] = undefined;
                     $.get(url, function (data) {
                         hovercardCache[id] = data;
                         callback(hovercardCache[id]);
                         return true;
                     }).fail(function (data, textStatus, errorThrown) {
                         if (parseInt(data.status) === 404) {
                             var msg = "<p>{0}</p>".format(altHovercard || "No Data exists for this hovercard");
                         } else {
                             var msg = "<p class='error-message'>Error while fetching hovercard.\nError code {0} ({1}).</p>".format(data.status,data.statusText);
                         }
                         callback(msg);
                         return false
                     });
                 };
                 $('.tooltip-hovercard').tooltipster({
                     debug: debug,
                     theme: theme,
                     animation: animation,
                     delay: delay,
                     interactive: true,
                     contentCloning: true,
                     trigger: 'custom',
                     triggerOpen: {
                         mouseenter: true,
                     },
                     triggerClose: {
                         mouseleave: true,
                         originClick: true,
                         touchleave: true
                     },
                     content: _gettext('Loading...'),
                     contentAsHTML: true,
                     updateAnimation: null,
                     functionBefore: function (instance, helper) {
                         var $origin = $(helper.origin);
                         // we set a variable so the data is only loaded once via Ajax, not every time the tooltip opens
                         if ($origin.data('loaded') !== true) {
                             var hovercardUrl = $origin.data('hovercardUrl');
                             var altHovercard = $origin.data('hovercardAlt');
                             if (hovercardUrl !== undefined && hovercardUrl !== "") {
+                                var urlLoad = true;
                                 if (hovercardUrl.substr(0, 12) === 'pyroutes.url') {
                                     hovercardUrl = eval(hovercardUrl)
+                                } else if (hovercardUrl.substr(0, 11) === 'javascript:') {
+                                    var jsFunc = hovercardUrl.substr(11);
+                                    urlLoad = false;
+                                    loaded = true;
+                                    instance.content(eval(jsFunc))
                                 }
+                                if (urlLoad) {
                                     var loaded = loadHoverCard(hovercardUrl, altHovercard, function (data) {
                                         instance.content(data);
                                     })
+                                }
                             } else {
                                 if ($origin.data('hovercardAltHtml')) {
                                     var data =  atob($origin.data('hovercardAltHtml'));
                                 } else {
                                     var data = '<div style="white-space: pre-wrap">{0}</div>'.format(altHovercard)
                                 }
                                 var loaded = true;
                                 instance.content(data);
                             }
                             // to remember that the data has been loaded
                             $origin.data('loaded', loaded);
                         }
                     }
                 })
             };
             // Formatting values in a Select2 dropdown of commit references
             var formatSelect2SelectionRefs = function(commit_ref){
               var tmpl = '';
               if (!commit_ref.text || commit_ref.type === 'sha'){
                 return commit_ref.text;
               }
               if (commit_ref.type === 'branch'){
                 tmpl = tmpl.concat('<i class="icon-branch"></i> ');
               } else if (commit_ref.type === 'tag'){
                 tmpl = tmpl.concat('<i class="icon-tag"></i> ');
               } else if (commit_ref.type === 'book'){
                 tmpl = tmpl.concat('<i class="icon-bookmark"></i> ');
               }
               return tmpl.concat(escapeHtml(commit_ref.text));
             };
             // takes a given html element and scrolls it down offset pixels
             function offsetScroll(element, offset) {
                 setTimeout(function() {
                     var location = element.offset().top;
                     // some browsers use body, some use html
                     $('html, body').animate({ scrollTop: (location - offset) });
                 }, 100);
             }
             // scroll an element `percent`% from the top of page in `time` ms
             function scrollToElement(element, percent, time) {
                 percent = (percent === undefined ? 25 : percent);
                 time = (time === undefined ? 100 : time);
                 var $element = $(element);
                 if ($element.length == 0) {
                     throw('Cannot scroll to {0}'.format(element))
                 }
                 var elOffset = $element.offset().top;
                 var elHeight = $element.height();
                 var windowHeight = $(window).height();
                 var offset = elOffset;
                 if (elHeight < windowHeight) {
                     offset = elOffset - ((windowHeight / (100 / percent)) - (elHeight / 2));
                 }
                 setTimeout(function() {
                     $('html, body').animate({ scrollTop: offset});
                 }, time);
             }
             /**
              * global hooks after DOM is loaded
              */
             $(document).ready(function() {
                 firefoxAnchorFix();
                 $('.navigation a.menulink').on('click', function(e){
                     var menuitem = $(this).parent('li');
                     if (menuitem.hasClass('open')) {
                         menuitem.removeClass('open');
                     } else {
                         menuitem.addClass('open');
                         $(document).on('click', function(event) {
                             if (!$(event.target).closest(menuitem).length) {
                                 menuitem.removeClass('open');
                             }
                         });
                     }
                 });
                 $('body').on('click', '.cb-lineno a', function(event) {
                     function sortNumber(a,b) {
                         return a - b;
                     }
                     var lineNo = $(this).data('lineNo');
                     var lineName = $(this).attr('name');
                     if (lineNo) {
                         var prevLine = $('.cb-line-selected a').data('lineNo');
                         // on shift, we do a range selection, if we got previous line
                         if (event.shiftKey && prevLine !== undefined) {
                             var prevLine = parseInt(prevLine);
                             var nextLine = parseInt(lineNo);
                             var pos = [prevLine, nextLine].sort(sortNumber);
                             var anchor = '#L{0}-{1}'.format(pos[0], pos[1]);
                         // single click
                         } else {
                             var nextLine = parseInt(lineNo);
                             var pos = [nextLine, nextLine];
                             var anchor = '#L{0}'.format(pos[0]);
                         }
                         // highlight
                         var range = [];
                         for (var i = pos[0]; i <= pos[1]; i++) {
                             range.push(i);
                         }
                         // clear old selected lines
                         $('.cb-line-selected').removeClass('cb-line-selected');
                         $.each(range, function (i, lineNo) {
                             var line_td = $('td.cb-lineno#L' + lineNo);
                             if (line_td.length) {
                                 line_td.addClass('cb-line-selected'); // line number td
                                 line_td.prev().addClass('cb-line-selected'); // line data
                                 line_td.next().addClass('cb-line-selected'); // line content
                             }
                         });
                     } else if (lineName !== undefined) { // lineName only occurs in diffs
                         // clear old selected lines
                         $('td.cb-line-selected').removeClass('cb-line-selected');
                         var anchor = '#{0}'.format(lineName);
                         var diffmode = templateContext.session_attrs.diffmode || "sideside";
                         if (diffmode === "unified") {
                             $(this).closest('tr').find('td').addClass('cb-line-selected');
                         } else {
                             var activeTd = $(this).closest('td');
                             activeTd.addClass('cb-line-selected');
                             activeTd.next('td').addClass('cb-line-selected');
                         }
                     }
                     // Replace URL without jumping to it if browser supports.
                     // Default otherwise
                     if (history.pushState && anchor !== undefined) {
                         var new_location = location.href.rstrip('#');
                         if (location.hash) {
                             // location without hash
                             new_location = new_location.replace(location.hash, "");
                         }
                         // Make new anchor url
                         new_location = new_location + anchor;
                         history.pushState(true, document.title, new_location);
                         return false;
                     }
                 });
                 $('.collapse_file').on('click', function(e) {
                     e.stopPropagation();
                     if ($(e.target).is('a')) { return; }
                     var node = $(e.delegateTarget).first();
                     var icon = $($(node.children().first()).children().first());
                     var id = node.attr('fid');
                     var target = $('#'+id);
                     var tr = $('#tr_'+id);
                     var diff = $('#diff_'+id);
                     if(node.hasClass('expand_file')){
                         node.removeClass('expand_file');
                         icon.removeClass('expand_file_icon');
                         node.addClass('collapse_file');
                         icon.addClass('collapse_file_icon');
                         diff.show();
                         tr.show();
                         target.show();
                     } else {
                         node.removeClass('collapse_file');
                         icon.removeClass('collapse_file_icon');
                         node.addClass('expand_file');
                         icon.addClass('expand_file_icon');
                         diff.hide();
                         tr.hide();
                         target.hide();
                     }
                 });
                 $('#expand_all_files').click(function() {
                     $('.expand_file').each(function() {
                         var node = $(this);
                         var icon = $($(node.children().first()).children().first());
                         var id = $(this).attr('fid');
                         var target = $('#'+id);
                         var tr = $('#tr_'+id);
                         var diff = $('#diff_'+id);
                         node.removeClass('expand_file');
                         icon.removeClass('expand_file_icon');
                         node.addClass('collapse_file');
                         icon.addClass('collapse_file_icon');
                         diff.show();
                         tr.show();
                         target.show();
                     });
                 });
                 $('#collapse_all_files').click(function() {
                     $('.collapse_file').each(function() {
                         var node = $(this);
                         var icon = $($(node.children().first()).children().first());
                         var id = $(this).attr('fid');
                         var target = $('#'+id);
                         var tr = $('#tr_'+id);
                         var diff = $('#diff_'+id);
                         node.removeClass('collapse_file');
                         icon.removeClass('collapse_file_icon');
                         node.addClass('expand_file');
                         icon.addClass('expand_file_icon');
                         diff.hide();
                         tr.hide();
                         target.hide();
                     });
                 });
                 // Mouse over behavior for comments and line selection
                 // Select the line that comes from the url anchor
                 // At the time of development, Chrome didn't seem to support jquery's :target
                 // element, so I had to scroll manually
                 if (location.hash) {
                     var result = splitDelimitedHash(location.hash);
                     var loc = result.loc;
                     if (loc.length > 1) {
                         var highlightable_line_tds = [];
                         // source code line format
                         var page_highlights = loc.substring(loc.indexOf('#') + 1).split('L');
                         // multi-line HL, for files
                         if (page_highlights.length > 1) {
                             var highlight_ranges = page_highlights[1].split(",");
                             var h_lines = [];
                             for (var pos in highlight_ranges) {
                                 var _range = highlight_ranges[pos].split('-');
                                 if (_range.length === 2) {
                                     var start = parseInt(_range[0]);
                                     var end = parseInt(_range[1]);
                                     if (start < end) {
                                         for (var i = start; i <= end; i++) {
                                             h_lines.push(i);
                                         }
                                     }
                                 } else {
                                     h_lines.push(parseInt(highlight_ranges[pos]));
                                 }
                             }
                             for (pos in h_lines) {
                                 var line_td = $('td.cb-lineno#L' + h_lines[pos]);
                                 if (line_td.length) {
                                     highlightable_line_tds.push(line_td);
                                 }
                             }
                         }
                         // now check a direct id reference of line in diff / pull-request page)
                         if ($(loc).length > 0 && $(loc).hasClass('cb-lineno')) {
                             highlightable_line_tds.push($(loc));
                         }
                         // mark diff lines as selected
                         $.each(highlightable_line_tds, function (i, $td) {
                             $td.addClass('cb-line-selected'); // line number td
                             $td.prev().addClass('cb-line-selected'); // line data
                             $td.next().addClass('cb-line-selected'); // line content
                         });
                         if (highlightable_line_tds.length > 0) {
                             var $first_line_td = highlightable_line_tds[0];
                             scrollToElement($first_line_td);
                             $.Topic('/ui/plugins/code/anchor_focus').prepareOrPublish({
                                 td: $first_line_td,
                                 remainder: result.remainder
                             });
                         } else {
                             // case for direct anchor to comments
                             var $line = $(loc);
                             if ($line.hasClass('comment-general')) {
                                 $line.show();
                             } else if ($line.hasClass('comment-inline')) {
                                 $line.show();
                                 var $cb = $line.closest('.cb');
                                 $cb.removeClass('cb-collapsed')
                             }
                             if ($line.length > 0) {
                                 $line.addClass('comment-selected-hl');
                                 offsetScroll($line, 70);
                             }
                             if (!$line.hasClass('comment-outdated') && result.remainder === '/ReplyToComment') {
                                 $line.nextAll('.cb-comment-add-button').trigger('click');
                             }
                         }
                     }
                 }
                 collapsableContent();
             });
             var feedLifetimeOptions = function(query, initialData){
                 var data = {results: []};
                 var isQuery = typeof query.term !== 'undefined';
                 var section = _gettext('Lifetime');
                 var children = [];
                 //filter results
                 $.each(initialData.results, function(idx, value) {
                     if (!isQuery || query.term.length === 0 || value.text.toUpperCase().indexOf(query.term.toUpperCase()) >= 0) {
                         children.push({
                             'id': this.id,
                             'text': this.text
                         })
                     }
                 });
                 data.results.push({
                     'text': section,
                     'children': children
                 });
                 if (isQuery) {
                     var now = moment.utc();
                     var parseQuery = function(entry, now){
                         var fmt = 'DD/MM/YYYY H:mm';
                         var parsed = moment.utc(entry, fmt);
                         var diffInMin = parsed.diff(now, 'minutes');
                         if (diffInMin > 0){
                             return {
                                 id: diffInMin,
                                 text: parsed.format(fmt)
                             }
                         } else {
                             return {
                                 id: undefined,
                                 text: parsed.format('DD/MM/YYYY') + ' ' + _gettext('date not in future')
                             }
                         }
                     };
                     data.results.push({
                         'text': _gettext('Specified expiration date'),
                         'children': [{
                             'id': parseQuery(query.term, now).id,
                             'text': parseQuery(query.term, now).text
                         }]
                     });
                 }
                 query.callback(data);
             };
             /*
             * Retrievew via  templateContext.session_attrs.key
             * */
             var storeUserSessionAttr = function (key, val) {
                 var postData = {
                     'key': key,
                     'val': val,
                     'csrf_token': CSRF_TOKEN
                 };
                 var success = function(o) {
                     return true
                 };
                 ajaxPOST(pyroutes.url('store_user_session_value'), postData, success);
                 return false;
             };

             ## snippet for sidebar elements
             ## usage:
             ##    <%namespace name="sidebar" file="/base/sidebar.mako"/>
             ##    ${sidebar.comments_table()}
             <%namespace name="base" file="/base/base.mako"/>
             <%def name="comments_table(comments, counter_num, todo_comments=False, existing_ids=None, is_pr=True)">
                 <%
                     if todo_comments:
                         cls_ = 'todos-content-table'
                         def sorter(entry):
                             user_id = entry.author.user_id
                             resolved = '1' if entry.resolved else '0'
                             if user_id == c.rhodecode_user.user_id:
                                 # own comments first
                                 user_id = 0
                             return '{}'.format(str(entry.comment_id).zfill(10000))
                     else:
                         cls_ = 'comments-content-table'
                         def sorter(entry):
                             user_id = entry.author.user_id
                             return '{}'.format(str(entry.comment_id).zfill(10000))
                     existing_ids = existing_ids or []
                 %>
                 <table class="todo-table ${cls_}" data-total-count="${len(comments)}" data-counter="${counter_num}">
                  % for loop_obj, comment_obj in h.looper(reversed(sorted(comments, key=sorter))):
                      <%
                         display = ''
                         _cls = ''
                      %>
                      <%
                          comment_ver_index = comment_obj.get_index_version(getattr(c, 'versions', []))
                          prev_comment_ver_index = 0
                          if loop_obj.previous:
                             prev_comment_ver_index = loop_obj.previous.get_index_version(getattr(c, 'versions', []))
                          ver_info = None
                          if getattr(c, 'versions', []):
                             ver_info = c.versions[comment_ver_index-1] if comment_ver_index else None
                      %>
                      <% hidden_at_ver = comment_obj.outdated_at_version_js(c.at_version_num) %>
                      <% is_from_old_ver = comment_obj.older_than_version_js(c.at_version_num) %>
                      <%
                      if (prev_comment_ver_index > comment_ver_index):
                        comments_ver_divider = comment_ver_index
                      else:
                         comments_ver_divider = None
                      %>
                       % if todo_comments:
                           % if comment_obj.resolved:
                               <% _cls = 'resolved-todo' %>
                               <% display = 'none' %>
                           % endif
                       % else:
                           ## SKIP TODOs we display them in other area
                           % if comment_obj.is_todo:
                               <% display = 'none' %>
                           % endif
                           ## Skip outdated comments
                           % if comment_obj.outdated:
                               <% display = 'none' %>
                               <% _cls = 'hidden-comment' %>
                           % endif
                       % endif
                       % if not todo_comments and comments_ver_divider:
                       <tr class="old-comments-marker">
                           <td colspan="3">
                               % if ver_info:
                                 <code>v${comments_ver_divider} ${h.age_component(ver_info.created_on, time_is_local=True, tooltip=False)}</code>
                               % else:
                                 <code>v${comments_ver_divider}</code>
                               % endif
                           </td>
                       </tr>
                       % endif
                       <tr class="${_cls}" style="display: ${display};" data-sidebar-comment-id="${comment_obj.comment_id}">
                           <td class="td-todo-number">
-                              <a class="${('todo-resolved' if comment_obj.resolved else '')} permalink"
-                                 href="#comment-${comment_obj.comment_id}"
-                                 onclick="return Rhodecode.comments.scrollToComment($('#comment-${comment_obj.comment_id}'), 0, ${hidden_at_ver})">
                               <%
                                 version_info = ''
                                 if is_pr:
                                     version_info = (' made in older version (v{})'.format(comment_ver_index) if is_from_old_ver == 'true' else ' made in this version')
                               %>
+                              <script type="text/javascript">
+                                  // closure function helper
+                                  var sidebarComment${comment_obj.comment_id} = function() {
+                                    return renderTemplate('sideBarCommentHovercard', {
+                                        version_info: "${version_info}",
+                                        file_name: "${comment_obj.f_path}",
+                                        line_no: "${comment_obj.line_no}",
+                                        outdated: ${h.json.dumps(comment_obj.outdated)},
+                                        inline: ${h.json.dumps(comment_obj.is_inline)},
+                                        is_todo: ${h.json.dumps(comment_obj.is_todo)},
+                                        created_on: "${h.format_date(comment_obj.created_on)}",
+                                        datetime: "${comment_obj.created_on}${h.get_timezone(comment_obj.created_on, time_is_local=True)}",
+                                    })
+                                  }
+                              </script>
-                              % if todo_comments:
+                              % if comment_obj.outdated:
-                                % if comment_obj.is_inline:
+                                <i class="icon-comment-toggle tooltip-hovercard" data-hovercard-url="javascript:sidebarComment${comment_obj.comment_id}()"></i>
-                                  <i class="tooltip icon-code" title="Inline TODO comment${version_info}."></i>
+                              % elif comment_obj.is_inline:
-                                % else:
+                                <i class="icon-code tooltip-hovercard" data-hovercard-url="javascript:sidebarComment${comment_obj.comment_id}()"></i>
-                                  <i class="tooltip icon-comment" title="General TODO comment${version_info}."></i>
-                                % endif
                               % else:
-                                % if comment_obj.outdated:
+                                <i class="icon-comment tooltip-hovercard" data-hovercard-url="javascript:sidebarComment${comment_obj.comment_id}()"></i>
-                                  <i class="tooltip icon-comment-toggle" title="Inline Outdated made in v${comment_ver_index}."></i>
-                                % elif comment_obj.is_inline:
-                                  <i class="tooltip icon-code" title="Inline comment${version_info}."></i>
-                                % else:
-                                  <i class="tooltip icon-comment" title="General comment${version_info}."></i>
-                                % endif
                               % endif
-                              </a>
                               ## NEW, since refresh
                               % if existing_ids and comment_obj.comment_id not in existing_ids:
                                   <span class="tag">NEW</span>
                               % endif
                           </td>
                           <td class="td-todo-gravatar">
                               ${base.gravatar(comment_obj.author.email, 16, user=comment_obj.author, tooltip=True, extra_class=['no-margin'])}
                           </td>
                           <td class="todo-comment-text-wrapper">
-                              <div class="tooltip todo-comment-text timeago ${('todo-resolved' if comment_obj.resolved else '')} " title="${h.format_date(comment_obj.created_on)}" datetime="${comment_obj.created_on}${h.get_timezone(comment_obj.created_on, time_is_local=True)}">
+                              <div class="todo-comment-text ${('todo-resolved' if comment_obj.resolved else '')}">
-                                <code>${h.chop_at_smart(comment_obj.text, '\n', suffix_if_chopped='...')}</code>
+                                  <a class="${('todo-resolved' if comment_obj.resolved else '')} permalink"
+                                     href="#comment-${comment_obj.comment_id}"
+                                     onclick="return Rhodecode.comments.scrollToComment($('#comment-${comment_obj.comment_id}'), 0, ${hidden_at_ver})">
+                                     ${h.chop_at_smart(comment_obj.text, '\n', suffix_if_chopped='...')}
+                                  </a>
                               </div>
                           </td>
                       </tr>
                  % endfor
                 </table>
             </%def>

             <%text>
             <div style="display: none">
             <script>
             var CG = new ColorGenerator();
             </script>
             <script id="ejs_gravatarWithUser" type="text/template" class="ejsTemplate">
             <%
             if (size > 16) {
                 var gravatar_class = 'gravatar gravatar-large';
             } else {
                 var gravatar_class = 'gravatar';
             }
             if (tooltip) {
                 var gravatar_class = gravatar_class + ' tooltip-hovercard';
             }
             var data_hovercard_alt = username;
             %>
             <%
             if (show_disabled) {
                 var user_cls = 'user user-disabled';
             } else {
                 var user_cls = 'user';
             }
             var data_hovercard_url = pyroutes.url('hovercard_user', {"user_id": user_id})
             %>
             <div class="rc-user">
                 <img class="<%= gravatar_class %>" height="<%= size %>" width="<%= size %>" data-hovercard-url="<%= data_hovercard_url %>" data-hovercard-alt="<%= data_hovercard_alt %>" src="<%- gravatar_url -%>">
                 <span class="<%= user_cls %>"> <%- user_link -%> </span>
             </div>
             </script>
             <script id="ejs_reviewMemberEntry" type="text/template" class="ejsTemplate">
                 <%
                     if (create) {
                         var edit_visibility = 'visible';
                     } else {
                         var edit_visibility = 'hidden';
                     }
                     if (member.user_group && member.user_group.vote_rule) {
                         var reviewGroup = '<i class="icon-user-group"></i>';
                         var reviewGroupColor = CG.asRGB(CG.getColor(member.user_group.vote_rule));
                     } else {
                         var reviewGroup = null;
                         var reviewGroupColor = 'transparent';
                     }
                     var rule_show = rule_show || false;
                     if (rule_show) {
                         var rule_visibility = 'table-cell';
                     } else {
                         var rule_visibility = 'none';
                     }
                 %>
             <tr id="reviewer_<%= member.user_id %>" class="reviewer_entry" tooltip="Review Group" data-reviewer-user-id="<%= member.user_id %>">
                 <td style="width: 20px">
                     <div class="reviewer_status tooltip" title="<%= review_status_label %>">
                       <i class="icon-circle review-status-<%= review_status %>"></i>
                     </div>
                 </td>
                 <td>
                   <div id="reviewer_<%= member.user_id %>_name" class="reviewer_name">
                     <%-
                       renderTemplate('gravatarWithUser', {
                         'size': 16,
                         'show_disabled': false,
                         'tooltip': true,
                         'username': member.username,
                         'user_id': member.user_id,
                         'user_link': member.user_link,
                         'gravatar_url':  member.gravatar_link
                         })
                     %>
                     <span class="tooltip presence-state" style="display: none" title="This users is currently at this page">
                       <i class="icon-eye" style="color: #0ac878"></i>
                     </span>
                   </div>
                 </td>
                 <td style="width: 10px">
                 <% if (reviewGroup !== null) { %>
                     <span class="tooltip" title="Member of review group from rule: `<%= member.user_group.name %>`" style="color: <%= reviewGroupColor %>">
                     <%- reviewGroup %>
                     </span>
                 <% } %>
                 </td>
                 <% if (mandatory) { %>
                 <td style="text-align: right;width: 10px;">
                     <div class="reviewer_member_mandatory tooltip" title="Mandatory reviewer">
                         <i class="icon-lock"></i>
                     </div>
                 </td>
                 <% } else { %>
                 <td style="text-align: right;width: 10px;">
                     <% if (allowed_to_update) { %>
                       <div class="reviewer_member_remove" onclick="reviewersController.removeReviewMember(<%= member.user_id %>, true)" style="visibility: <%= edit_visibility %>;">
                           <i class="icon-remove"></i>
                       </div>
                     <% } %>
                 </td>
                 <% } %>
             </tr>
             <tr>
                 <td colspan="4" style="display: <%= rule_visibility %>" class="pr-user-rule-container">
                   <input type="hidden" name="__start__" value="reviewer:mapping">
                     <%if (member.user_group && member.user_group.vote_rule) { %>
                         <div class="reviewer_reason">
                           <%if (member.user_group.vote_rule == -1) {%>
                            - group votes required: ALL
                           <%} else {%>
                            - group votes required: <%= member.user_group.vote_rule %>
                           <%}%>
                         </div>
                     <%} %>
                     <input type="hidden" name="__start__" value="reasons:sequence">
                       <% for (var i = 0; i < reasons.length; i++) { %>
                           <% var reason = reasons[i] %>
                           <div class="reviewer_reason">- <%= reason %></div>
                           <input type="hidden" name="reason" value="<%= reason %>">
                       <% } %>
                       <input type="hidden" name="__end__" value="reasons:sequence">
                       <input type="hidden" name="__start__" value="rules:sequence">
                       <% for (var i = 0; i < member.rules.length; i++) { %>
                           <% var rule = member.rules[i] %>
                           <input type="hidden" name="rule_id" value="<%= rule %>">
                       <% } %>
                       <input type="hidden" name="__end__" value="rules:sequence">
                       <input id="reviewer_<%= member.user_id %>_input" type="hidden" value="<%= member.user_id %>" name="user_id" />
                       <input type="hidden" name="mandatory" value="<%= mandatory %>"/>
                   <input type="hidden" name="__end__" value="reviewer:mapping">
                 </td>
             </tr>
             </script>
             <script id="ejs_commentVersion" type="text/template" class="ejsTemplate">
             <%
             if (size > 16) {
                 var gravatar_class = 'gravatar gravatar-large';
             } else {
                 var gravatar_class = 'gravatar';
             }
             %>
             <%
             if (show_disabled) {
                 var user_cls = 'user user-disabled';
             } else {
                 var user_cls = 'user';
             }
             %>
             <div style='line-height: 20px'>
                 <img style="margin: -3px 0" class="<%= gravatar_class %>" height="<%= size %>" width="<%= size %>" src="<%- gravatar_url -%>">
                 <strong><%- user_name -%></strong>, <code>v<%- version -%></code> edited <%- timeago_component -%>
             </div>
             </script>
+            <script id="ejs_sideBarCommentHovercard" type="text/template" class="ejsTemplate">
+            <div>
+                <% if (is_todo) { %>
+                    <% if (inline) { %>
+                        <strong>Inline</strong> TODO on line: <%= line_no %>
+                        <% if (version_info) { %>
+                            <%= version_info %>
+                        <% } %>
+                        <br/>
+                        File: <code><%- file_name -%></code>
+                    <% } else { %>
+                        <strong>General</strong> TODO
+                        <% if (version_info) { %>
+                            <%= version_info %>
+                        <% } %>
+                    <% } %>
+                <% } else { %>
+                    <% if (inline) { %>
+                        <strong>Inline</strong> comment on line: <%= line_no %>
+                        <% if (version_info) { %>
+                            <%= version_info %>
+                        <% } %>
+                        <br/>
+                        File: <code><%- file_name -%></code>
+                    <% } else { %>
+                        <strong>General</strong> comment
+                        <% if (version_info) { %>
+                            <%= version_info %>
+                        <% } %>
+                    <% } %>
+                <% } %>
+                <br/>
+                Created:
+                <time class="timeago" title="<%= created_on %>" datetime="<%= datetime %>"><%= $.timeago(datetime) %></time>
             </div>
+            </script>
+            ##// END OF EJS Templates
+            </div>
             <script>
                 // registers the templates into global cache
                 registerTemplates();
             </script>
             </%text>