##// END OF EJS Templates
fix(cache-invalidation): fixed case when empty repos once cached wouldn't invalidate caches because of empty case condition
super-admin -
r5300:eaec72ab default
parent child Browse files
Show More
@@ -1,5887 +1,5887 b''
1 1 # Copyright (C) 2010-2023 RhodeCode GmbH
2 2 #
3 3 # This program is free software: you can redistribute it and/or modify
4 4 # it under the terms of the GNU Affero General Public License, version 3
5 5 # (only), as published by the Free Software Foundation.
6 6 #
7 7 # This program is distributed in the hope that it will be useful,
8 8 # but WITHOUT ANY WARRANTY; without even the implied warranty of
9 9 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 10 # GNU General Public License for more details.
11 11 #
12 12 # You should have received a copy of the GNU Affero General Public License
13 13 # along with this program. If not, see <http://www.gnu.org/licenses/>.
14 14 #
15 15 # This program is dual-licensed. If you wish to learn more about the
16 16 # RhodeCode Enterprise Edition, including its added features, Support services,
17 17 # and proprietary license terms, please see https://rhodecode.com/licenses/
18 18
19 19 """
20 20 Database Models for RhodeCode Enterprise
21 21 """
22 22
23 23 import re
24 24 import os
25 25 import time
26 26 import string
27 27 import logging
28 28 import datetime
29 29 import uuid
30 30 import warnings
31 31 import ipaddress
32 32 import functools
33 33 import traceback
34 34 import collections
35 35
36 36 from sqlalchemy import (
37 37 or_, and_, not_, func, cast, TypeDecorator, event, select,
38 38 true, false, null,
39 39 Index, Sequence, UniqueConstraint, ForeignKey, CheckConstraint, Column,
40 40 Boolean, String, Unicode, UnicodeText, DateTime, Integer, LargeBinary,
41 41 Text, Float, PickleType, BigInteger)
42 42 from sqlalchemy.sql.expression import case
43 43 from sqlalchemy.sql.functions import coalesce, count # pragma: no cover
44 44 from sqlalchemy.orm import (
45 45 relationship, lazyload, joinedload, class_mapper, validates, aliased, load_only)
46 46 from sqlalchemy.ext.declarative import declared_attr
47 47 from sqlalchemy.ext.hybrid import hybrid_property
48 48 from sqlalchemy.exc import IntegrityError # pragma: no cover
49 49 from sqlalchemy.dialects.mysql import LONGTEXT
50 50 from zope.cachedescriptors.property import Lazy as LazyProperty
51 51 from pyramid.threadlocal import get_current_request
52 52 from webhelpers2.text import remove_formatting
53 53
54 54 from rhodecode.lib.str_utils import safe_bytes
55 55 from rhodecode.translation import _
56 56 from rhodecode.lib.vcs import get_vcs_instance, VCSError
57 57 from rhodecode.lib.vcs.backends.base import (
58 58 EmptyCommit, Reference, unicode_to_reference, reference_to_unicode)
59 59 from rhodecode.lib.utils2 import (
60 60 str2bool, safe_str, get_commit_safe, sha1_safe,
61 61 time_to_datetime, aslist, Optional, safe_int, get_clone_url, AttributeDict,
62 62 glob2re, StrictAttributeDict, cleaned_uri, datetime_to_time)
63 63 from rhodecode.lib.jsonalchemy import (
64 64 MutationObj, MutationList, JsonType, JsonRaw)
65 65 from rhodecode.lib.hash_utils import sha1
66 66 from rhodecode.lib import ext_json
67 67 from rhodecode.lib import enc_utils
68 68 from rhodecode.lib.ext_json import json, str_json
69 69 from rhodecode.lib.caching_query import FromCache
70 70 from rhodecode.lib.exceptions import (
71 71 ArtifactMetadataDuplicate, ArtifactMetadataBadValueType)
72 72 from rhodecode.model.meta import Base, Session
73 73
74 74 URL_SEP = '/'
75 75 log = logging.getLogger(__name__)
76 76
77 77 # =============================================================================
78 78 # BASE CLASSES
79 79 # =============================================================================
80 80
81 81 # this is propagated from .ini file rhodecode.encrypted_values.secret or
82 82 # beaker.session.secret if first is not set.
83 83 # and initialized at environment.py
84 84 ENCRYPTION_KEY: bytes = b''
85 85
86 86 # used to sort permissions by types, '#' used here is not allowed to be in
87 87 # usernames, and it's very early in sorted string.printable table.
88 88 PERMISSION_TYPE_SORT = {
89 89 'admin': '####',
90 90 'write': '###',
91 91 'read': '##',
92 92 'none': '#',
93 93 }
94 94
95 95
96 96 def display_user_sort(obj):
97 97 """
98 98 Sort function used to sort permissions in .permissions() function of
99 99 Repository, RepoGroup, UserGroup. Also it put the default user in front
100 100 of all other resources
101 101 """
102 102
103 103 if obj.username == User.DEFAULT_USER:
104 104 return '#####'
105 105 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
106 106 extra_sort_num = '1' # default
107 107
108 108 # NOTE(dan): inactive duplicates goes last
109 109 if getattr(obj, 'duplicate_perm', None):
110 110 extra_sort_num = '9'
111 111 return prefix + extra_sort_num + obj.username
112 112
113 113
114 114 def display_user_group_sort(obj):
115 115 """
116 116 Sort function used to sort permissions in .permissions() function of
117 117 Repository, RepoGroup, UserGroup. Also it put the default user in front
118 118 of all other resources
119 119 """
120 120
121 121 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
122 122 return prefix + obj.users_group_name
123 123
124 124
125 125 def _hash_key(k):
126 126 return sha1_safe(k)
127 127
128 128
129 129 def in_filter_generator(qry, items, limit=500):
130 130 """
131 131 Splits IN() into multiple with OR
132 132 e.g.::
133 133 cnt = Repository.query().filter(
134 134 or_(
135 135 *in_filter_generator(Repository.repo_id, range(100000))
136 136 )).count()
137 137 """
138 138 if not items:
139 139 # empty list will cause empty query which might cause security issues
140 140 # this can lead to hidden unpleasant results
141 141 items = [-1]
142 142
143 143 parts = []
144 144 for chunk in range(0, len(items), limit):
145 145 parts.append(
146 146 qry.in_(items[chunk: chunk + limit])
147 147 )
148 148
149 149 return parts
150 150
151 151
152 152 base_table_args = {
153 153 'extend_existing': True,
154 154 'mysql_engine': 'InnoDB',
155 155 'mysql_charset': 'utf8',
156 156 'sqlite_autoincrement': True
157 157 }
158 158
159 159
160 160 class EncryptedTextValue(TypeDecorator):
161 161 """
162 162 Special column for encrypted long text data, use like::
163 163
164 164 value = Column("encrypted_value", EncryptedValue(), nullable=False)
165 165
166 166 This column is intelligent so if value is in unencrypted form it return
167 167 unencrypted form, but on save it always encrypts
168 168 """
169 169 cache_ok = True
170 170 impl = Text
171 171
172 172 def process_bind_param(self, value, dialect):
173 173 """
174 174 Setter for storing value
175 175 """
176 176 import rhodecode
177 177 if not value:
178 178 return value
179 179
180 180 # protect against double encrypting if values is already encrypted
181 181 if value.startswith('enc$aes$') \
182 182 or value.startswith('enc$aes_hmac$') \
183 183 or value.startswith('enc2$'):
184 184 raise ValueError('value needs to be in unencrypted format, '
185 185 'ie. not starting with enc$ or enc2$')
186 186
187 187 algo = rhodecode.CONFIG.get('rhodecode.encrypted_values.algorithm') or 'aes'
188 188 bytes_val = enc_utils.encrypt_value(value, enc_key=ENCRYPTION_KEY, algo=algo)
189 189 return safe_str(bytes_val)
190 190
191 191 def process_result_value(self, value, dialect):
192 192 """
193 193 Getter for retrieving value
194 194 """
195 195
196 196 import rhodecode
197 197 if not value:
198 198 return value
199 199
200 200 enc_strict_mode = rhodecode.ConfigGet().get_bool('rhodecode.encrypted_values.strict', missing=True)
201 201
202 202 bytes_val = enc_utils.decrypt_value(value, enc_key=ENCRYPTION_KEY, strict_mode=enc_strict_mode)
203 203
204 204 return safe_str(bytes_val)
205 205
206 206
207 207 class BaseModel(object):
208 208 """
209 209 Base Model for all classes
210 210 """
211 211
212 212 @classmethod
213 213 def _get_keys(cls):
214 214 """return column names for this model """
215 215 return class_mapper(cls).c.keys()
216 216
217 217 def get_dict(self):
218 218 """
219 219 return dict with keys and values corresponding
220 220 to this model data """
221 221
222 222 d = {}
223 223 for k in self._get_keys():
224 224 d[k] = getattr(self, k)
225 225
226 226 # also use __json__() if present to get additional fields
227 227 _json_attr = getattr(self, '__json__', None)
228 228 if _json_attr:
229 229 # update with attributes from __json__
230 230 if callable(_json_attr):
231 231 _json_attr = _json_attr()
232 232 for k, val in _json_attr.items():
233 233 d[k] = val
234 234 return d
235 235
236 236 def get_appstruct(self):
237 237 """return list with keys and values tuples corresponding
238 238 to this model data """
239 239
240 240 lst = []
241 241 for k in self._get_keys():
242 242 lst.append((k, getattr(self, k),))
243 243 return lst
244 244
245 245 def populate_obj(self, populate_dict):
246 246 """populate model with data from given populate_dict"""
247 247
248 248 for k in self._get_keys():
249 249 if k in populate_dict:
250 250 setattr(self, k, populate_dict[k])
251 251
252 252 @classmethod
253 253 def query(cls):
254 254 return Session().query(cls)
255 255
256 256 @classmethod
257 257 def select(cls, custom_cls=None):
258 258 """
259 259 stmt = cls.select().where(cls.user_id==1)
260 260 # optionally
261 261 stmt = cls.select(User.user_id).where(cls.user_id==1)
262 262 result = cls.execute(stmt) | cls.scalars(stmt)
263 263 """
264 264
265 265 if custom_cls:
266 266 stmt = select(custom_cls)
267 267 else:
268 268 stmt = select(cls)
269 269 return stmt
270 270
271 271 @classmethod
272 272 def execute(cls, stmt):
273 273 return Session().execute(stmt)
274 274
275 275 @classmethod
276 276 def scalars(cls, stmt):
277 277 return Session().scalars(stmt)
278 278
279 279 @classmethod
280 280 def get(cls, id_):
281 281 if id_:
282 282 return cls.query().get(id_)
283 283
284 284 @classmethod
285 285 def get_or_404(cls, id_):
286 286 from pyramid.httpexceptions import HTTPNotFound
287 287
288 288 try:
289 289 id_ = int(id_)
290 290 except (TypeError, ValueError):
291 291 raise HTTPNotFound()
292 292
293 293 res = cls.query().get(id_)
294 294 if not res:
295 295 raise HTTPNotFound()
296 296 return res
297 297
298 298 @classmethod
299 299 def getAll(cls):
300 300 # deprecated and left for backward compatibility
301 301 return cls.get_all()
302 302
303 303 @classmethod
304 304 def get_all(cls):
305 305 return cls.query().all()
306 306
307 307 @classmethod
308 308 def delete(cls, id_):
309 309 obj = cls.query().get(id_)
310 310 Session().delete(obj)
311 311
312 312 @classmethod
313 313 def identity_cache(cls, session, attr_name, value):
314 314 exist_in_session = []
315 315 for (item_cls, pkey), instance in session.identity_map.items():
316 316 if cls == item_cls and getattr(instance, attr_name) == value:
317 317 exist_in_session.append(instance)
318 318 if exist_in_session:
319 319 if len(exist_in_session) == 1:
320 320 return exist_in_session[0]
321 321 log.exception(
322 322 'multiple objects with attr %s and '
323 323 'value %s found with same name: %r',
324 324 attr_name, value, exist_in_session)
325 325
326 326 @property
327 327 def cls_name(self):
328 328 return self.__class__.__name__
329 329
330 330 def __repr__(self):
331 331 return f'<DB:{self.cls_name}>'
332 332
333 333
334 334 class RhodeCodeSetting(Base, BaseModel):
335 335 __tablename__ = 'rhodecode_settings'
336 336 __table_args__ = (
337 337 UniqueConstraint('app_settings_name'),
338 338 base_table_args
339 339 )
340 340
341 341 SETTINGS_TYPES = {
342 342 'str': safe_str,
343 343 'int': safe_int,
344 344 'unicode': safe_str,
345 345 'bool': str2bool,
346 346 'list': functools.partial(aslist, sep=',')
347 347 }
348 348 DEFAULT_UPDATE_URL = 'https://rhodecode.com/api/v1/info/versions'
349 349 GLOBAL_CONF_KEY = 'app_settings'
350 350
351 351 app_settings_id = Column("app_settings_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
352 352 app_settings_name = Column("app_settings_name", String(255), nullable=True, unique=None, default=None)
353 353 _app_settings_value = Column("app_settings_value", String(4096), nullable=True, unique=None, default=None)
354 354 _app_settings_type = Column("app_settings_type", String(255), nullable=True, unique=None, default=None)
355 355
356 356 def __init__(self, key='', val='', type='unicode'):
357 357 self.app_settings_name = key
358 358 self.app_settings_type = type
359 359 self.app_settings_value = val
360 360
361 361 @validates('_app_settings_value')
362 362 def validate_settings_value(self, key, val):
363 363 assert type(val) == str
364 364 return val
365 365
366 366 @hybrid_property
367 367 def app_settings_value(self):
368 368 v = self._app_settings_value
369 369 _type = self.app_settings_type
370 370 if _type:
371 371 _type = self.app_settings_type.split('.')[0]
372 372 # decode the encrypted value
373 373 if 'encrypted' in self.app_settings_type:
374 374 cipher = EncryptedTextValue()
375 375 v = safe_str(cipher.process_result_value(v, None))
376 376
377 377 converter = self.SETTINGS_TYPES.get(_type) or \
378 378 self.SETTINGS_TYPES['unicode']
379 379 return converter(v)
380 380
381 381 @app_settings_value.setter
382 382 def app_settings_value(self, val):
383 383 """
384 384 Setter that will always make sure we use unicode in app_settings_value
385 385
386 386 :param val:
387 387 """
388 388 val = safe_str(val)
389 389 # encode the encrypted value
390 390 if 'encrypted' in self.app_settings_type:
391 391 cipher = EncryptedTextValue()
392 392 val = safe_str(cipher.process_bind_param(val, None))
393 393 self._app_settings_value = val
394 394
395 395 @hybrid_property
396 396 def app_settings_type(self):
397 397 return self._app_settings_type
398 398
399 399 @app_settings_type.setter
400 400 def app_settings_type(self, val):
401 401 if val.split('.')[0] not in self.SETTINGS_TYPES:
402 402 raise Exception('type must be one of %s got %s'
403 403 % (self.SETTINGS_TYPES.keys(), val))
404 404 self._app_settings_type = val
405 405
406 406 @classmethod
407 407 def get_by_prefix(cls, prefix):
408 408 return RhodeCodeSetting.query()\
409 409 .filter(RhodeCodeSetting.app_settings_name.startswith(prefix))\
410 410 .all()
411 411
412 412 def __repr__(self):
413 413 return "<%s('%s:%s[%s]')>" % (
414 414 self.cls_name,
415 415 self.app_settings_name, self.app_settings_value,
416 416 self.app_settings_type
417 417 )
418 418
419 419
420 420 class RhodeCodeUi(Base, BaseModel):
421 421 __tablename__ = 'rhodecode_ui'
422 422 __table_args__ = (
423 423 UniqueConstraint('ui_key'),
424 424 base_table_args
425 425 )
426 426 # Sync those values with vcsserver.config.hooks
427 427
428 428 HOOK_REPO_SIZE = 'changegroup.repo_size'
429 429 # HG
430 430 HOOK_PRE_PULL = 'preoutgoing.pre_pull'
431 431 HOOK_PULL = 'outgoing.pull_logger'
432 432 HOOK_PRE_PUSH = 'prechangegroup.pre_push'
433 433 HOOK_PRETX_PUSH = 'pretxnchangegroup.pre_push'
434 434 HOOK_PUSH = 'changegroup.push_logger'
435 435 HOOK_PUSH_KEY = 'pushkey.key_push'
436 436
437 437 HOOKS_BUILTIN = [
438 438 HOOK_PRE_PULL,
439 439 HOOK_PULL,
440 440 HOOK_PRE_PUSH,
441 441 HOOK_PRETX_PUSH,
442 442 HOOK_PUSH,
443 443 HOOK_PUSH_KEY,
444 444 ]
445 445
446 446 # TODO: johbo: Unify way how hooks are configured for git and hg,
447 447 # git part is currently hardcoded.
448 448
449 449 # SVN PATTERNS
450 450 SVN_BRANCH_ID = 'vcs_svn_branch'
451 451 SVN_TAG_ID = 'vcs_svn_tag'
452 452
453 453 ui_id = Column(
454 454 "ui_id", Integer(), nullable=False, unique=True, default=None,
455 455 primary_key=True)
456 456 ui_section = Column(
457 457 "ui_section", String(255), nullable=True, unique=None, default=None)
458 458 ui_key = Column(
459 459 "ui_key", String(255), nullable=True, unique=None, default=None)
460 460 ui_value = Column(
461 461 "ui_value", String(255), nullable=True, unique=None, default=None)
462 462 ui_active = Column(
463 463 "ui_active", Boolean(), nullable=True, unique=None, default=True)
464 464
465 465 def __repr__(self):
466 466 return '<%s[%s]%s=>%s]>' % (self.cls_name, self.ui_section,
467 467 self.ui_key, self.ui_value)
468 468
469 469
470 470 class RepoRhodeCodeSetting(Base, BaseModel):
471 471 __tablename__ = 'repo_rhodecode_settings'
472 472 __table_args__ = (
473 473 UniqueConstraint(
474 474 'app_settings_name', 'repository_id',
475 475 name='uq_repo_rhodecode_setting_name_repo_id'),
476 476 base_table_args
477 477 )
478 478
479 479 repository_id = Column(
480 480 "repository_id", Integer(), ForeignKey('repositories.repo_id'),
481 481 nullable=False)
482 482 app_settings_id = Column(
483 483 "app_settings_id", Integer(), nullable=False, unique=True,
484 484 default=None, primary_key=True)
485 485 app_settings_name = Column(
486 486 "app_settings_name", String(255), nullable=True, unique=None,
487 487 default=None)
488 488 _app_settings_value = Column(
489 489 "app_settings_value", String(4096), nullable=True, unique=None,
490 490 default=None)
491 491 _app_settings_type = Column(
492 492 "app_settings_type", String(255), nullable=True, unique=None,
493 493 default=None)
494 494
495 495 repository = relationship('Repository', viewonly=True)
496 496
497 497 def __init__(self, repository_id, key='', val='', type='unicode'):
498 498 self.repository_id = repository_id
499 499 self.app_settings_name = key
500 500 self.app_settings_type = type
501 501 self.app_settings_value = val
502 502
503 503 @validates('_app_settings_value')
504 504 def validate_settings_value(self, key, val):
505 505 assert type(val) == str
506 506 return val
507 507
508 508 @hybrid_property
509 509 def app_settings_value(self):
510 510 v = self._app_settings_value
511 511 type_ = self.app_settings_type
512 512 SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
513 513 converter = SETTINGS_TYPES.get(type_) or SETTINGS_TYPES['unicode']
514 514 return converter(v)
515 515
516 516 @app_settings_value.setter
517 517 def app_settings_value(self, val):
518 518 """
519 519 Setter that will always make sure we use unicode in app_settings_value
520 520
521 521 :param val:
522 522 """
523 523 self._app_settings_value = safe_str(val)
524 524
525 525 @hybrid_property
526 526 def app_settings_type(self):
527 527 return self._app_settings_type
528 528
529 529 @app_settings_type.setter
530 530 def app_settings_type(self, val):
531 531 SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
532 532 if val not in SETTINGS_TYPES:
533 533 raise Exception('type must be one of %s got %s'
534 534 % (SETTINGS_TYPES.keys(), val))
535 535 self._app_settings_type = val
536 536
537 537 def __repr__(self):
538 538 return "<%s('%s:%s:%s[%s]')>" % (
539 539 self.cls_name, self.repository.repo_name,
540 540 self.app_settings_name, self.app_settings_value,
541 541 self.app_settings_type
542 542 )
543 543
544 544
545 545 class RepoRhodeCodeUi(Base, BaseModel):
546 546 __tablename__ = 'repo_rhodecode_ui'
547 547 __table_args__ = (
548 548 UniqueConstraint(
549 549 'repository_id', 'ui_section', 'ui_key',
550 550 name='uq_repo_rhodecode_ui_repository_id_section_key'),
551 551 base_table_args
552 552 )
553 553
554 554 repository_id = Column(
555 555 "repository_id", Integer(), ForeignKey('repositories.repo_id'),
556 556 nullable=False)
557 557 ui_id = Column(
558 558 "ui_id", Integer(), nullable=False, unique=True, default=None,
559 559 primary_key=True)
560 560 ui_section = Column(
561 561 "ui_section", String(255), nullable=True, unique=None, default=None)
562 562 ui_key = Column(
563 563 "ui_key", String(255), nullable=True, unique=None, default=None)
564 564 ui_value = Column(
565 565 "ui_value", String(255), nullable=True, unique=None, default=None)
566 566 ui_active = Column(
567 567 "ui_active", Boolean(), nullable=True, unique=None, default=True)
568 568
569 569 repository = relationship('Repository', viewonly=True)
570 570
571 571 def __repr__(self):
572 572 return '<%s[%s:%s]%s=>%s]>' % (
573 573 self.cls_name, self.repository.repo_name,
574 574 self.ui_section, self.ui_key, self.ui_value)
575 575
576 576
577 577 class User(Base, BaseModel):
578 578 __tablename__ = 'users'
579 579 __table_args__ = (
580 580 UniqueConstraint('username'), UniqueConstraint('email'),
581 581 Index('u_username_idx', 'username'),
582 582 Index('u_email_idx', 'email'),
583 583 base_table_args
584 584 )
585 585
586 586 DEFAULT_USER = 'default'
587 587 DEFAULT_USER_EMAIL = 'anonymous@rhodecode.org'
588 588 DEFAULT_GRAVATAR_URL = 'https://secure.gravatar.com/avatar/{md5email}?d=identicon&s={size}'
589 589
590 590 user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
591 591 username = Column("username", String(255), nullable=True, unique=None, default=None)
592 592 password = Column("password", String(255), nullable=True, unique=None, default=None)
593 593 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
594 594 admin = Column("admin", Boolean(), nullable=True, unique=None, default=False)
595 595 name = Column("firstname", String(255), nullable=True, unique=None, default=None)
596 596 lastname = Column("lastname", String(255), nullable=True, unique=None, default=None)
597 597 _email = Column("email", String(255), nullable=True, unique=None, default=None)
598 598 last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None)
599 599 last_activity = Column('last_activity', DateTime(timezone=False), nullable=True, unique=None, default=None)
600 600 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
601 601
602 602 extern_type = Column("extern_type", String(255), nullable=True, unique=None, default=None)
603 603 extern_name = Column("extern_name", String(255), nullable=True, unique=None, default=None)
604 604 _api_key = Column("api_key", String(255), nullable=True, unique=None, default=None)
605 605 inherit_default_permissions = Column("inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
606 606 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
607 607 _user_data = Column("user_data", LargeBinary(), nullable=True) # JSON data
608 608
609 609 user_log = relationship('UserLog', back_populates='user')
610 610 user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all, delete-orphan')
611 611
612 612 repositories = relationship('Repository', back_populates='user')
613 613 repository_groups = relationship('RepoGroup', back_populates='user')
614 614 user_groups = relationship('UserGroup', back_populates='user')
615 615
616 616 user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all', back_populates='follows_user')
617 617 followings = relationship('UserFollowing', primaryjoin='UserFollowing.user_id==User.user_id', cascade='all', back_populates='user')
618 618
619 619 repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all, delete-orphan')
620 620 repo_group_to_perm = relationship('UserRepoGroupToPerm', primaryjoin='UserRepoGroupToPerm.user_id==User.user_id', cascade='all, delete-orphan', back_populates='user')
621 621 user_group_to_perm = relationship('UserUserGroupToPerm', primaryjoin='UserUserGroupToPerm.user_id==User.user_id', cascade='all, delete-orphan', back_populates='user')
622 622
623 623 group_member = relationship('UserGroupMember', cascade='all', back_populates='user')
624 624
625 625 notifications = relationship('UserNotification', cascade='all', back_populates='user')
626 626 # notifications assigned to this user
627 627 user_created_notifications = relationship('Notification', cascade='all', back_populates='created_by_user')
628 628 # comments created by this user
629 629 user_comments = relationship('ChangesetComment', cascade='all', back_populates='author')
630 630 # user profile extra info
631 631 user_emails = relationship('UserEmailMap', cascade='all', back_populates='user')
632 632 user_ip_map = relationship('UserIpMap', cascade='all', back_populates='user')
633 633 user_auth_tokens = relationship('UserApiKeys', cascade='all', back_populates='user')
634 634 user_ssh_keys = relationship('UserSshKeys', cascade='all', back_populates='user')
635 635
636 636 # gists
637 637 user_gists = relationship('Gist', cascade='all', back_populates='owner')
638 638 # user pull requests
639 639 user_pull_requests = relationship('PullRequest', cascade='all', back_populates='author')
640 640
641 641 # external identities
642 642 external_identities = relationship('ExternalIdentity', primaryjoin="User.user_id==ExternalIdentity.local_user_id", cascade='all')
643 643 # review rules
644 644 user_review_rules = relationship('RepoReviewRuleUser', cascade='all', back_populates='user')
645 645
646 646 # artifacts owned
647 647 artifacts = relationship('FileStore', primaryjoin='FileStore.user_id==User.user_id', back_populates='upload_user')
648 648
649 649 # no cascade, set NULL
650 650 scope_artifacts = relationship('FileStore', primaryjoin='FileStore.scope_user_id==User.user_id', cascade='', back_populates='user')
651 651
652 652 def __repr__(self):
653 653 return f"<{self.cls_name}('id={self.user_id}, username={self.username}')>"
654 654
655 655 @hybrid_property
656 656 def email(self):
657 657 return self._email
658 658
659 659 @email.setter
660 660 def email(self, val):
661 661 self._email = val.lower() if val else None
662 662
663 663 @hybrid_property
664 664 def first_name(self):
665 665 from rhodecode.lib import helpers as h
666 666 if self.name:
667 667 return h.escape(self.name)
668 668 return self.name
669 669
670 670 @hybrid_property
671 671 def last_name(self):
672 672 from rhodecode.lib import helpers as h
673 673 if self.lastname:
674 674 return h.escape(self.lastname)
675 675 return self.lastname
676 676
677 677 @hybrid_property
678 678 def api_key(self):
679 679 """
680 680 Fetch if exist an auth-token with role ALL connected to this user
681 681 """
682 682 user_auth_token = UserApiKeys.query()\
683 683 .filter(UserApiKeys.user_id == self.user_id)\
684 684 .filter(or_(UserApiKeys.expires == -1,
685 685 UserApiKeys.expires >= time.time()))\
686 686 .filter(UserApiKeys.role == UserApiKeys.ROLE_ALL).first()
687 687 if user_auth_token:
688 688 user_auth_token = user_auth_token.api_key
689 689
690 690 return user_auth_token
691 691
692 692 @api_key.setter
693 693 def api_key(self, val):
694 694 # don't allow to set API key this is deprecated for now
695 695 self._api_key = None
696 696
697 697 @property
698 698 def reviewer_pull_requests(self):
699 699 return PullRequestReviewers.query() \
700 700 .options(joinedload(PullRequestReviewers.pull_request)) \
701 701 .filter(PullRequestReviewers.user_id == self.user_id) \
702 702 .all()
703 703
704 704 @property
705 705 def firstname(self):
706 706 # alias for future
707 707 return self.name
708 708
709 709 @property
710 710 def emails(self):
711 711 other = UserEmailMap.query()\
712 712 .filter(UserEmailMap.user == self) \
713 713 .order_by(UserEmailMap.email_id.asc()) \
714 714 .all()
715 715 return [self.email] + [x.email for x in other]
716 716
717 717 def emails_cached(self):
718 718 emails = []
719 719 if self.user_id != self.get_default_user_id():
720 720 emails = UserEmailMap.query()\
721 721 .filter(UserEmailMap.user == self) \
722 722 .order_by(UserEmailMap.email_id.asc())
723 723
724 724 emails = emails.options(
725 725 FromCache("sql_cache_short", f"get_user_{self.user_id}_emails")
726 726 )
727 727
728 728 return [self.email] + [x.email for x in emails]
729 729
730 730 @property
731 731 def auth_tokens(self):
732 732 auth_tokens = self.get_auth_tokens()
733 733 return [x.api_key for x in auth_tokens]
734 734
735 735 def get_auth_tokens(self):
736 736 return UserApiKeys.query()\
737 737 .filter(UserApiKeys.user == self)\
738 738 .order_by(UserApiKeys.user_api_key_id.asc())\
739 739 .all()
740 740
741 741 @LazyProperty
742 742 def feed_token(self):
743 743 return self.get_feed_token()
744 744
745 745 def get_feed_token(self, cache=True):
746 746 feed_tokens = UserApiKeys.query()\
747 747 .filter(UserApiKeys.user == self)\
748 748 .filter(UserApiKeys.role == UserApiKeys.ROLE_FEED)
749 749 if cache:
750 750 feed_tokens = feed_tokens.options(
751 751 FromCache("sql_cache_short", f"get_user_feed_token_{self.user_id}"))
752 752
753 753 feed_tokens = feed_tokens.all()
754 754 if feed_tokens:
755 755 return feed_tokens[0].api_key
756 756 return 'NO_FEED_TOKEN_AVAILABLE'
757 757
758 758 @LazyProperty
759 759 def artifact_token(self):
760 760 return self.get_artifact_token()
761 761
762 762 def get_artifact_token(self, cache=True):
763 763 artifacts_tokens = UserApiKeys.query()\
764 764 .filter(UserApiKeys.user == self) \
765 765 .filter(or_(UserApiKeys.expires == -1,
766 766 UserApiKeys.expires >= time.time())) \
767 767 .filter(UserApiKeys.role == UserApiKeys.ROLE_ARTIFACT_DOWNLOAD)
768 768
769 769 if cache:
770 770 artifacts_tokens = artifacts_tokens.options(
771 771 FromCache("sql_cache_short", f"get_user_artifact_token_{self.user_id}"))
772 772
773 773 artifacts_tokens = artifacts_tokens.all()
774 774 if artifacts_tokens:
775 775 return artifacts_tokens[0].api_key
776 776 return 'NO_ARTIFACT_TOKEN_AVAILABLE'
777 777
778 778 def get_or_create_artifact_token(self):
779 779 artifacts_tokens = UserApiKeys.query()\
780 780 .filter(UserApiKeys.user == self) \
781 781 .filter(or_(UserApiKeys.expires == -1,
782 782 UserApiKeys.expires >= time.time())) \
783 783 .filter(UserApiKeys.role == UserApiKeys.ROLE_ARTIFACT_DOWNLOAD)
784 784
785 785 artifacts_tokens = artifacts_tokens.all()
786 786 if artifacts_tokens:
787 787 return artifacts_tokens[0].api_key
788 788 else:
789 789 from rhodecode.model.auth_token import AuthTokenModel
790 790 artifact_token = AuthTokenModel().create(
791 791 self, 'auto-generated-artifact-token',
792 792 lifetime=-1, role=UserApiKeys.ROLE_ARTIFACT_DOWNLOAD)
793 793 Session.commit()
794 794 return artifact_token.api_key
795 795
796 796 @classmethod
797 797 def get(cls, user_id, cache=False):
798 798 if not user_id:
799 799 return
800 800
801 801 user = cls.query()
802 802 if cache:
803 803 user = user.options(
804 804 FromCache("sql_cache_short", f"get_users_{user_id}"))
805 805 return user.get(user_id)
806 806
807 807 @classmethod
808 808 def extra_valid_auth_tokens(cls, user, role=None):
809 809 tokens = UserApiKeys.query().filter(UserApiKeys.user == user)\
810 810 .filter(or_(UserApiKeys.expires == -1,
811 811 UserApiKeys.expires >= time.time()))
812 812 if role:
813 813 tokens = tokens.filter(or_(UserApiKeys.role == role,
814 814 UserApiKeys.role == UserApiKeys.ROLE_ALL))
815 815 return tokens.all()
816 816
817 817 def authenticate_by_token(self, auth_token, roles=None, scope_repo_id=None):
818 818 from rhodecode.lib import auth
819 819
820 820 log.debug('Trying to authenticate user: %s via auth-token, '
821 821 'and roles: %s', self, roles)
822 822
823 823 if not auth_token:
824 824 return False
825 825
826 826 roles = (roles or []) + [UserApiKeys.ROLE_ALL]
827 827 tokens_q = UserApiKeys.query()\
828 828 .filter(UserApiKeys.user_id == self.user_id)\
829 829 .filter(or_(UserApiKeys.expires == -1,
830 830 UserApiKeys.expires >= time.time()))
831 831
832 832 tokens_q = tokens_q.filter(UserApiKeys.role.in_(roles))
833 833
834 834 crypto_backend = auth.crypto_backend()
835 835 enc_token_map = {}
836 836 plain_token_map = {}
837 837 for token in tokens_q:
838 838 if token.api_key.startswith(crypto_backend.ENC_PREF):
839 839 enc_token_map[token.api_key] = token
840 840 else:
841 841 plain_token_map[token.api_key] = token
842 842 log.debug(
843 843 'Found %s plain and %s encrypted tokens to check for authentication for this user',
844 844 len(plain_token_map), len(enc_token_map))
845 845
846 846 # plain token match comes first
847 847 match = plain_token_map.get(auth_token)
848 848
849 849 # check encrypted tokens now
850 850 if not match:
851 851 for token_hash, token in enc_token_map.items():
852 852 # NOTE(marcink): this is expensive to calculate, but most secure
853 853 if crypto_backend.hash_check(auth_token, token_hash):
854 854 match = token
855 855 break
856 856
857 857 if match:
858 858 log.debug('Found matching token %s', match)
859 859 if match.repo_id:
860 860 log.debug('Found scope, checking for scope match of token %s', match)
861 861 if match.repo_id == scope_repo_id:
862 862 return True
863 863 else:
864 864 log.debug(
865 865 'AUTH_TOKEN: scope mismatch, token has a set repo scope: %s, '
866 866 'and calling scope is:%s, skipping further checks',
867 867 match.repo, scope_repo_id)
868 868 return False
869 869 else:
870 870 return True
871 871
872 872 return False
873 873
874 874 @property
875 875 def ip_addresses(self):
876 876 ret = UserIpMap.query().filter(UserIpMap.user == self).all()
877 877 return [x.ip_addr for x in ret]
878 878
879 879 @property
880 880 def username_and_name(self):
881 881 return f'{self.username} ({self.first_name} {self.last_name})'
882 882
883 883 @property
884 884 def username_or_name_or_email(self):
885 885 full_name = self.full_name if self.full_name != ' ' else None
886 886 return self.username or full_name or self.email
887 887
888 888 @property
889 889 def full_name(self):
890 890 return f'{self.first_name} {self.last_name}'
891 891
892 892 @property
893 893 def full_name_or_username(self):
894 894 return (f'{self.first_name} {self.last_name}'
895 895 if (self.first_name and self.last_name) else self.username)
896 896
897 897 @property
898 898 def full_contact(self):
899 899 return f'{self.first_name} {self.last_name} <{self.email}>'
900 900
901 901 @property
902 902 def short_contact(self):
903 903 return f'{self.first_name} {self.last_name}'
904 904
905 905 @property
906 906 def is_admin(self):
907 907 return self.admin
908 908
909 909 @property
910 910 def language(self):
911 911 return self.user_data.get('language')
912 912
913 913 def AuthUser(self, **kwargs):
914 914 """
915 915 Returns instance of AuthUser for this user
916 916 """
917 917 from rhodecode.lib.auth import AuthUser
918 918 return AuthUser(user_id=self.user_id, username=self.username, **kwargs)
919 919
920 920 @hybrid_property
921 921 def user_data(self):
922 922 if not self._user_data:
923 923 return {}
924 924
925 925 try:
926 926 return json.loads(self._user_data) or {}
927 927 except TypeError:
928 928 return {}
929 929
930 930 @user_data.setter
931 931 def user_data(self, val):
932 932 if not isinstance(val, dict):
933 933 raise Exception('user_data must be dict, got %s' % type(val))
934 934 try:
935 935 self._user_data = safe_bytes(json.dumps(val))
936 936 except Exception:
937 937 log.error(traceback.format_exc())
938 938
939 939 @classmethod
940 940 def get_by_username(cls, username, case_insensitive=False,
941 941 cache=False):
942 942
943 943 if case_insensitive:
944 944 q = cls.select().where(
945 945 func.lower(cls.username) == func.lower(username))
946 946 else:
947 947 q = cls.select().where(cls.username == username)
948 948
949 949 if cache:
950 950 hash_key = _hash_key(username)
951 951 q = q.options(
952 952 FromCache("sql_cache_short", f"get_user_by_name_{hash_key}"))
953 953
954 954 return cls.execute(q).scalar_one_or_none()
955 955
956 956 @classmethod
957 957 def get_by_auth_token(cls, auth_token, cache=False):
958 958
959 959 q = cls.select(User)\
960 960 .join(UserApiKeys)\
961 961 .where(UserApiKeys.api_key == auth_token)\
962 962 .where(or_(UserApiKeys.expires == -1,
963 963 UserApiKeys.expires >= time.time()))
964 964
965 965 if cache:
966 966 q = q.options(
967 967 FromCache("sql_cache_short", f"get_auth_token_{auth_token}"))
968 968
969 969 matched_user = cls.execute(q).scalar_one_or_none()
970 970
971 971 return matched_user
972 972
973 973 @classmethod
974 974 def get_by_email(cls, email, case_insensitive=False, cache=False):
975 975
976 976 if case_insensitive:
977 977 q = cls.select().where(func.lower(cls.email) == func.lower(email))
978 978 else:
979 979 q = cls.select().where(cls.email == email)
980 980
981 981 if cache:
982 982 email_key = _hash_key(email)
983 983 q = q.options(
984 984 FromCache("sql_cache_short", f"get_email_key_{email_key}"))
985 985
986 986 ret = cls.execute(q).scalar_one_or_none()
987 987
988 988 if ret is None:
989 989 q = cls.select(UserEmailMap)
990 990 # try fetching in alternate email map
991 991 if case_insensitive:
992 992 q = q.where(func.lower(UserEmailMap.email) == func.lower(email))
993 993 else:
994 994 q = q.where(UserEmailMap.email == email)
995 995 q = q.options(joinedload(UserEmailMap.user))
996 996 if cache:
997 997 q = q.options(
998 998 FromCache("sql_cache_short", f"get_email_map_key_{email_key}"))
999 999
1000 1000 result = cls.execute(q).scalar_one_or_none()
1001 1001 ret = getattr(result, 'user', None)
1002 1002
1003 1003 return ret
1004 1004
1005 1005 @classmethod
1006 1006 def get_from_cs_author(cls, author):
1007 1007 """
1008 1008 Tries to get User objects out of commit author string
1009 1009
1010 1010 :param author:
1011 1011 """
1012 1012 from rhodecode.lib.helpers import email, author_name
1013 1013 # Valid email in the attribute passed, see if they're in the system
1014 1014 _email = email(author)
1015 1015 if _email:
1016 1016 user = cls.get_by_email(_email, case_insensitive=True)
1017 1017 if user:
1018 1018 return user
1019 1019 # Maybe we can match by username?
1020 1020 _author = author_name(author)
1021 1021 user = cls.get_by_username(_author, case_insensitive=True)
1022 1022 if user:
1023 1023 return user
1024 1024
1025 1025 def update_userdata(self, **kwargs):
1026 1026 usr = self
1027 1027 old = usr.user_data
1028 1028 old.update(**kwargs)
1029 1029 usr.user_data = old
1030 1030 Session().add(usr)
1031 1031 log.debug('updated userdata with %s', kwargs)
1032 1032
1033 1033 def update_lastlogin(self):
1034 1034 """Update user lastlogin"""
1035 1035 self.last_login = datetime.datetime.now()
1036 1036 Session().add(self)
1037 1037 log.debug('updated user %s lastlogin', self.username)
1038 1038
1039 1039 def update_password(self, new_password):
1040 1040 from rhodecode.lib.auth import get_crypt_password
1041 1041
1042 1042 self.password = get_crypt_password(new_password)
1043 1043 Session().add(self)
1044 1044
1045 1045 @classmethod
1046 1046 def get_first_super_admin(cls):
1047 1047 stmt = cls.select().where(User.admin == true()).order_by(User.user_id.asc())
1048 1048 user = cls.scalars(stmt).first()
1049 1049
1050 1050 if user is None:
1051 1051 raise Exception('FATAL: Missing administrative account!')
1052 1052 return user
1053 1053
1054 1054 @classmethod
1055 1055 def get_all_super_admins(cls, only_active=False):
1056 1056 """
1057 1057 Returns all admin accounts sorted by username
1058 1058 """
1059 1059 qry = User.query().filter(User.admin == true()).order_by(User.username.asc())
1060 1060 if only_active:
1061 1061 qry = qry.filter(User.active == true())
1062 1062 return qry.all()
1063 1063
1064 1064 @classmethod
1065 1065 def get_all_user_ids(cls, only_active=True):
1066 1066 """
1067 1067 Returns all users IDs
1068 1068 """
1069 1069 qry = Session().query(User.user_id)
1070 1070
1071 1071 if only_active:
1072 1072 qry = qry.filter(User.active == true())
1073 1073 return [x.user_id for x in qry]
1074 1074
1075 1075 @classmethod
1076 1076 def get_default_user(cls, cache=False, refresh=False):
1077 1077 user = User.get_by_username(User.DEFAULT_USER, cache=cache)
1078 1078 if user is None:
1079 1079 raise Exception('FATAL: Missing default account!')
1080 1080 if refresh:
1081 1081 # The default user might be based on outdated state which
1082 1082 # has been loaded from the cache.
1083 1083 # A call to refresh() ensures that the
1084 1084 # latest state from the database is used.
1085 1085 Session().refresh(user)
1086 1086
1087 1087 return user
1088 1088
1089 1089 @classmethod
1090 1090 def get_default_user_id(cls):
1091 1091 import rhodecode
1092 1092 return rhodecode.CONFIG['default_user_id']
1093 1093
1094 1094 def _get_default_perms(self, user, suffix=''):
1095 1095 from rhodecode.model.permission import PermissionModel
1096 1096 return PermissionModel().get_default_perms(user.user_perms, suffix)
1097 1097
1098 1098 def get_default_perms(self, suffix=''):
1099 1099 return self._get_default_perms(self, suffix)
1100 1100
1101 1101 def get_api_data(self, include_secrets=False, details='full'):
1102 1102 """
1103 1103 Common function for generating user related data for API
1104 1104
1105 1105 :param include_secrets: By default secrets in the API data will be replaced
1106 1106 by a placeholder value to prevent exposing this data by accident. In case
1107 1107 this data shall be exposed, set this flag to ``True``.
1108 1108
1109 1109 :param details: details can be 'basic|full' basic gives only a subset of
1110 1110 the available user information that includes user_id, name and emails.
1111 1111 """
1112 1112 user = self
1113 1113 user_data = self.user_data
1114 1114 data = {
1115 1115 'user_id': user.user_id,
1116 1116 'username': user.username,
1117 1117 'firstname': user.name,
1118 1118 'lastname': user.lastname,
1119 1119 'description': user.description,
1120 1120 'email': user.email,
1121 1121 'emails': user.emails,
1122 1122 }
1123 1123 if details == 'basic':
1124 1124 return data
1125 1125
1126 1126 auth_token_length = 40
1127 1127 auth_token_replacement = '*' * auth_token_length
1128 1128
1129 1129 extras = {
1130 1130 'auth_tokens': [auth_token_replacement],
1131 1131 'active': user.active,
1132 1132 'admin': user.admin,
1133 1133 'extern_type': user.extern_type,
1134 1134 'extern_name': user.extern_name,
1135 1135 'last_login': user.last_login,
1136 1136 'last_activity': user.last_activity,
1137 1137 'ip_addresses': user.ip_addresses,
1138 1138 'language': user_data.get('language')
1139 1139 }
1140 1140 data.update(extras)
1141 1141
1142 1142 if include_secrets:
1143 1143 data['auth_tokens'] = user.auth_tokens
1144 1144 return data
1145 1145
1146 1146 def __json__(self):
1147 1147 data = {
1148 1148 'full_name': self.full_name,
1149 1149 'full_name_or_username': self.full_name_or_username,
1150 1150 'short_contact': self.short_contact,
1151 1151 'full_contact': self.full_contact,
1152 1152 }
1153 1153 data.update(self.get_api_data())
1154 1154 return data
1155 1155
1156 1156
1157 1157 class UserApiKeys(Base, BaseModel):
1158 1158 __tablename__ = 'user_api_keys'
1159 1159 __table_args__ = (
1160 1160 Index('uak_api_key_idx', 'api_key'),
1161 1161 Index('uak_api_key_expires_idx', 'api_key', 'expires'),
1162 1162 base_table_args
1163 1163 )
1164 1164
1165 1165 # ApiKey role
1166 1166 ROLE_ALL = 'token_role_all'
1167 1167 ROLE_VCS = 'token_role_vcs'
1168 1168 ROLE_API = 'token_role_api'
1169 1169 ROLE_HTTP = 'token_role_http'
1170 1170 ROLE_FEED = 'token_role_feed'
1171 1171 ROLE_ARTIFACT_DOWNLOAD = 'role_artifact_download'
1172 1172 # The last one is ignored in the list as we only
1173 1173 # use it for one action, and cannot be created by users
1174 1174 ROLE_PASSWORD_RESET = 'token_password_reset'
1175 1175
1176 1176 ROLES = [ROLE_ALL, ROLE_VCS, ROLE_API, ROLE_HTTP, ROLE_FEED, ROLE_ARTIFACT_DOWNLOAD]
1177 1177
1178 1178 user_api_key_id = Column("user_api_key_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1179 1179 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1180 1180 api_key = Column("api_key", String(255), nullable=False, unique=True)
1181 1181 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
1182 1182 expires = Column('expires', Float(53), nullable=False)
1183 1183 role = Column('role', String(255), nullable=True)
1184 1184 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1185 1185
1186 1186 # scope columns
1187 1187 repo_id = Column(
1188 1188 'repo_id', Integer(), ForeignKey('repositories.repo_id'),
1189 1189 nullable=True, unique=None, default=None)
1190 1190 repo = relationship('Repository', lazy='joined', back_populates='scoped_tokens')
1191 1191
1192 1192 repo_group_id = Column(
1193 1193 'repo_group_id', Integer(), ForeignKey('groups.group_id'),
1194 1194 nullable=True, unique=None, default=None)
1195 1195 repo_group = relationship('RepoGroup', lazy='joined')
1196 1196
1197 1197 user = relationship('User', lazy='joined', back_populates='user_auth_tokens')
1198 1198
1199 1199 def __repr__(self):
1200 1200 return f"<{self.cls_name}('{self.role}')>"
1201 1201
1202 1202 def __json__(self):
1203 1203 data = {
1204 1204 'auth_token': self.api_key,
1205 1205 'role': self.role,
1206 1206 'scope': self.scope_humanized,
1207 1207 'expired': self.expired
1208 1208 }
1209 1209 return data
1210 1210
1211 1211 def get_api_data(self, include_secrets=False):
1212 1212 data = self.__json__()
1213 1213 if include_secrets:
1214 1214 return data
1215 1215 else:
1216 1216 data['auth_token'] = self.token_obfuscated
1217 1217 return data
1218 1218
1219 1219 @hybrid_property
1220 1220 def description_safe(self):
1221 1221 from rhodecode.lib import helpers as h
1222 1222 return h.escape(self.description)
1223 1223
1224 1224 @property
1225 1225 def expired(self):
1226 1226 if self.expires == -1:
1227 1227 return False
1228 1228 return time.time() > self.expires
1229 1229
1230 1230 @classmethod
1231 1231 def _get_role_name(cls, role):
1232 1232 return {
1233 1233 cls.ROLE_ALL: _('all'),
1234 1234 cls.ROLE_HTTP: _('http/web interface'),
1235 1235 cls.ROLE_VCS: _('vcs (git/hg/svn protocol)'),
1236 1236 cls.ROLE_API: _('api calls'),
1237 1237 cls.ROLE_FEED: _('feed access'),
1238 1238 cls.ROLE_ARTIFACT_DOWNLOAD: _('artifacts downloads'),
1239 1239 }.get(role, role)
1240 1240
1241 1241 @classmethod
1242 1242 def _get_role_description(cls, role):
1243 1243 return {
1244 1244 cls.ROLE_ALL: _('Token for all actions.'),
1245 1245 cls.ROLE_HTTP: _('Token to access RhodeCode pages via web interface without '
1246 1246 'login using `api_access_controllers_whitelist` functionality.'),
1247 1247 cls.ROLE_VCS: _('Token to interact over git/hg/svn protocols. '
1248 1248 'Requires auth_token authentication plugin to be active. <br/>'
1249 1249 'Such Token should be used then instead of a password to '
1250 1250 'interact with a repository, and additionally can be '
1251 1251 'limited to single repository using repo scope.'),
1252 1252 cls.ROLE_API: _('Token limited to api calls.'),
1253 1253 cls.ROLE_FEED: _('Token to read RSS/ATOM feed.'),
1254 1254 cls.ROLE_ARTIFACT_DOWNLOAD: _('Token for artifacts downloads.'),
1255 1255 }.get(role, role)
1256 1256
1257 1257 @property
1258 1258 def role_humanized(self):
1259 1259 return self._get_role_name(self.role)
1260 1260
1261 1261 def _get_scope(self):
1262 1262 if self.repo:
1263 1263 return 'Repository: {}'.format(self.repo.repo_name)
1264 1264 if self.repo_group:
1265 1265 return 'RepositoryGroup: {} (recursive)'.format(self.repo_group.group_name)
1266 1266 return 'Global'
1267 1267
1268 1268 @property
1269 1269 def scope_humanized(self):
1270 1270 return self._get_scope()
1271 1271
1272 1272 @property
1273 1273 def token_obfuscated(self):
1274 1274 if self.api_key:
1275 1275 return self.api_key[:4] + "****"
1276 1276
1277 1277
1278 1278 class UserEmailMap(Base, BaseModel):
1279 1279 __tablename__ = 'user_email_map'
1280 1280 __table_args__ = (
1281 1281 Index('uem_email_idx', 'email'),
1282 1282 Index('uem_user_id_idx', 'user_id'),
1283 1283 UniqueConstraint('email'),
1284 1284 base_table_args
1285 1285 )
1286 1286
1287 1287 email_id = Column("email_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1288 1288 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1289 1289 _email = Column("email", String(255), nullable=True, unique=False, default=None)
1290 1290 user = relationship('User', lazy='joined', back_populates='user_emails')
1291 1291
1292 1292 @validates('_email')
1293 1293 def validate_email(self, key, email):
1294 1294 # check if this email is not main one
1295 1295 main_email = Session().query(User).filter(User.email == email).scalar()
1296 1296 if main_email is not None:
1297 1297 raise AttributeError('email %s is present is user table' % email)
1298 1298 return email
1299 1299
1300 1300 @hybrid_property
1301 1301 def email(self):
1302 1302 return self._email
1303 1303
1304 1304 @email.setter
1305 1305 def email(self, val):
1306 1306 self._email = val.lower() if val else None
1307 1307
1308 1308
1309 1309 class UserIpMap(Base, BaseModel):
1310 1310 __tablename__ = 'user_ip_map'
1311 1311 __table_args__ = (
1312 1312 UniqueConstraint('user_id', 'ip_addr'),
1313 1313 base_table_args
1314 1314 )
1315 1315
1316 1316 ip_id = Column("ip_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1317 1317 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1318 1318 ip_addr = Column("ip_addr", String(255), nullable=True, unique=False, default=None)
1319 1319 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
1320 1320 description = Column("description", String(10000), nullable=True, unique=None, default=None)
1321 1321 user = relationship('User', lazy='joined', back_populates='user_ip_map')
1322 1322
1323 1323 @hybrid_property
1324 1324 def description_safe(self):
1325 1325 from rhodecode.lib import helpers as h
1326 1326 return h.escape(self.description)
1327 1327
1328 1328 @classmethod
1329 1329 def _get_ip_range(cls, ip_addr):
1330 1330 net = ipaddress.ip_network(safe_str(ip_addr), strict=False)
1331 1331 return [str(net.network_address), str(net.broadcast_address)]
1332 1332
1333 1333 def __json__(self):
1334 1334 return {
1335 1335 'ip_addr': self.ip_addr,
1336 1336 'ip_range': self._get_ip_range(self.ip_addr),
1337 1337 }
1338 1338
1339 1339 def __repr__(self):
1340 1340 return f"<{self.cls_name}('user_id={self.user_id} => ip={self.ip_addr}')>"
1341 1341
1342 1342
1343 1343 class UserSshKeys(Base, BaseModel):
1344 1344 __tablename__ = 'user_ssh_keys'
1345 1345 __table_args__ = (
1346 1346 Index('usk_ssh_key_fingerprint_idx', 'ssh_key_fingerprint'),
1347 1347
1348 1348 UniqueConstraint('ssh_key_fingerprint'),
1349 1349
1350 1350 base_table_args
1351 1351 )
1352 1352
1353 1353 ssh_key_id = Column('ssh_key_id', Integer(), nullable=False, unique=True, default=None, primary_key=True)
1354 1354 ssh_key_data = Column('ssh_key_data', String(10240), nullable=False, unique=None, default=None)
1355 1355 ssh_key_fingerprint = Column('ssh_key_fingerprint', String(255), nullable=False, unique=None, default=None)
1356 1356
1357 1357 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
1358 1358
1359 1359 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1360 1360 accessed_on = Column('accessed_on', DateTime(timezone=False), nullable=True, default=None)
1361 1361 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1362 1362
1363 1363 user = relationship('User', lazy='joined', back_populates='user_ssh_keys')
1364 1364
1365 1365 def __json__(self):
1366 1366 data = {
1367 1367 'ssh_fingerprint': self.ssh_key_fingerprint,
1368 1368 'description': self.description,
1369 1369 'created_on': self.created_on
1370 1370 }
1371 1371 return data
1372 1372
1373 1373 def get_api_data(self):
1374 1374 data = self.__json__()
1375 1375 return data
1376 1376
1377 1377
1378 1378 class UserLog(Base, BaseModel):
1379 1379 __tablename__ = 'user_logs'
1380 1380 __table_args__ = (
1381 1381 base_table_args,
1382 1382 )
1383 1383
1384 1384 VERSION_1 = 'v1'
1385 1385 VERSION_2 = 'v2'
1386 1386 VERSIONS = [VERSION_1, VERSION_2]
1387 1387
1388 1388 user_log_id = Column("user_log_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1389 1389 user_id = Column("user_id", Integer(), ForeignKey('users.user_id',ondelete='SET NULL'), nullable=True, unique=None, default=None)
1390 1390 username = Column("username", String(255), nullable=True, unique=None, default=None)
1391 1391 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id', ondelete='SET NULL'), nullable=True, unique=None, default=None)
1392 1392 repository_name = Column("repository_name", String(255), nullable=True, unique=None, default=None)
1393 1393 user_ip = Column("user_ip", String(255), nullable=True, unique=None, default=None)
1394 1394 action = Column("action", Text().with_variant(Text(1200000), 'mysql'), nullable=True, unique=None, default=None)
1395 1395 action_date = Column("action_date", DateTime(timezone=False), nullable=True, unique=None, default=None)
1396 1396
1397 1397 version = Column("version", String(255), nullable=True, default=VERSION_1)
1398 1398 user_data = Column('user_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
1399 1399 action_data = Column('action_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
1400 1400 user = relationship('User', cascade='', back_populates='user_log')
1401 1401 repository = relationship('Repository', cascade='', back_populates='logs')
1402 1402
1403 1403 def __repr__(self):
1404 1404 return f"<{self.cls_name}('id:{self.repository_name}:{self.action}')>"
1405 1405
1406 1406 def __json__(self):
1407 1407 return {
1408 1408 'user_id': self.user_id,
1409 1409 'username': self.username,
1410 1410 'repository_id': self.repository_id,
1411 1411 'repository_name': self.repository_name,
1412 1412 'user_ip': self.user_ip,
1413 1413 'action_date': self.action_date,
1414 1414 'action': self.action,
1415 1415 }
1416 1416
1417 1417 @hybrid_property
1418 1418 def entry_id(self):
1419 1419 return self.user_log_id
1420 1420
1421 1421 @property
1422 1422 def action_as_day(self):
1423 1423 return datetime.date(*self.action_date.timetuple()[:3])
1424 1424
1425 1425
1426 1426 class UserGroup(Base, BaseModel):
1427 1427 __tablename__ = 'users_groups'
1428 1428 __table_args__ = (
1429 1429 base_table_args,
1430 1430 )
1431 1431
1432 1432 users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1433 1433 users_group_name = Column("users_group_name", String(255), nullable=False, unique=True, default=None)
1434 1434 user_group_description = Column("user_group_description", String(10000), nullable=True, unique=None, default=None)
1435 1435 users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None)
1436 1436 inherit_default_permissions = Column("users_group_inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
1437 1437 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
1438 1438 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1439 1439 _group_data = Column("group_data", LargeBinary(), nullable=True) # JSON data
1440 1440
1441 1441 members = relationship('UserGroupMember', cascade="all, delete-orphan", lazy="joined", back_populates='users_group')
1442 1442 users_group_to_perm = relationship('UserGroupToPerm', cascade='all', back_populates='users_group')
1443 1443 users_group_repo_to_perm = relationship('UserGroupRepoToPerm', cascade='all', back_populates='users_group')
1444 1444 users_group_repo_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all', back_populates='users_group')
1445 1445 user_user_group_to_perm = relationship('UserUserGroupToPerm', cascade='all', back_populates='user_group')
1446 1446
1447 1447 user_group_user_group_to_perm = relationship('UserGroupUserGroupToPerm', primaryjoin="UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id", cascade='all', back_populates='target_user_group')
1448 1448
1449 1449 user_group_review_rules = relationship('RepoReviewRuleUserGroup', cascade='all', back_populates='users_group')
1450 1450 user = relationship('User', primaryjoin="User.user_id==UserGroup.user_id", back_populates='user_groups')
1451 1451
1452 1452 @classmethod
1453 1453 def _load_group_data(cls, column):
1454 1454 if not column:
1455 1455 return {}
1456 1456
1457 1457 try:
1458 1458 return json.loads(column) or {}
1459 1459 except TypeError:
1460 1460 return {}
1461 1461
1462 1462 @hybrid_property
1463 1463 def description_safe(self):
1464 1464 from rhodecode.lib import helpers as h
1465 1465 return h.escape(self.user_group_description)
1466 1466
1467 1467 @hybrid_property
1468 1468 def group_data(self):
1469 1469 return self._load_group_data(self._group_data)
1470 1470
1471 1471 @group_data.expression
1472 1472 def group_data(self, **kwargs):
1473 1473 return self._group_data
1474 1474
1475 1475 @group_data.setter
1476 1476 def group_data(self, val):
1477 1477 try:
1478 1478 self._group_data = json.dumps(val)
1479 1479 except Exception:
1480 1480 log.error(traceback.format_exc())
1481 1481
1482 1482 @classmethod
1483 1483 def _load_sync(cls, group_data):
1484 1484 if group_data:
1485 1485 return group_data.get('extern_type')
1486 1486
1487 1487 @property
1488 1488 def sync(self):
1489 1489 return self._load_sync(self.group_data)
1490 1490
1491 1491 def __repr__(self):
1492 1492 return f"<{self.cls_name}('id:{self.users_group_id}:{self.users_group_name}')>"
1493 1493
1494 1494 @classmethod
1495 1495 def get_by_group_name(cls, group_name, cache=False,
1496 1496 case_insensitive=False):
1497 1497 if case_insensitive:
1498 1498 q = cls.query().filter(func.lower(cls.users_group_name) ==
1499 1499 func.lower(group_name))
1500 1500
1501 1501 else:
1502 1502 q = cls.query().filter(cls.users_group_name == group_name)
1503 1503 if cache:
1504 1504 name_key = _hash_key(group_name)
1505 1505 q = q.options(
1506 1506 FromCache("sql_cache_short", f"get_group_{name_key}"))
1507 1507 return q.scalar()
1508 1508
1509 1509 @classmethod
1510 1510 def get(cls, user_group_id, cache=False):
1511 1511 if not user_group_id:
1512 1512 return
1513 1513
1514 1514 user_group = cls.query()
1515 1515 if cache:
1516 1516 user_group = user_group.options(
1517 1517 FromCache("sql_cache_short", "get_users_group_%s" % user_group_id))
1518 1518 return user_group.get(user_group_id)
1519 1519
1520 1520 def permissions(self, with_admins=True, with_owner=True,
1521 1521 expand_from_user_groups=False):
1522 1522 """
1523 1523 Permissions for user groups
1524 1524 """
1525 1525 _admin_perm = 'usergroup.admin'
1526 1526
1527 1527 owner_row = []
1528 1528 if with_owner:
1529 1529 usr = AttributeDict(self.user.get_dict())
1530 1530 usr.owner_row = True
1531 1531 usr.permission = _admin_perm
1532 1532 owner_row.append(usr)
1533 1533
1534 1534 super_admin_ids = []
1535 1535 super_admin_rows = []
1536 1536 if with_admins:
1537 1537 for usr in User.get_all_super_admins():
1538 1538 super_admin_ids.append(usr.user_id)
1539 1539 # if this admin is also owner, don't double the record
1540 1540 if usr.user_id == owner_row[0].user_id:
1541 1541 owner_row[0].admin_row = True
1542 1542 else:
1543 1543 usr = AttributeDict(usr.get_dict())
1544 1544 usr.admin_row = True
1545 1545 usr.permission = _admin_perm
1546 1546 super_admin_rows.append(usr)
1547 1547
1548 1548 q = UserUserGroupToPerm.query().filter(UserUserGroupToPerm.user_group == self)
1549 1549 q = q.options(joinedload(UserUserGroupToPerm.user_group),
1550 1550 joinedload(UserUserGroupToPerm.user),
1551 1551 joinedload(UserUserGroupToPerm.permission),)
1552 1552
1553 1553 # get owners and admins and permissions. We do a trick of re-writing
1554 1554 # objects from sqlalchemy to named-tuples due to sqlalchemy session
1555 1555 # has a global reference and changing one object propagates to all
1556 1556 # others. This means if admin is also an owner admin_row that change
1557 1557 # would propagate to both objects
1558 1558 perm_rows = []
1559 1559 for _usr in q.all():
1560 1560 usr = AttributeDict(_usr.user.get_dict())
1561 1561 # if this user is also owner/admin, mark as duplicate record
1562 1562 if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
1563 1563 usr.duplicate_perm = True
1564 1564 usr.permission = _usr.permission.permission_name
1565 1565 perm_rows.append(usr)
1566 1566
1567 1567 # filter the perm rows by 'default' first and then sort them by
1568 1568 # admin,write,read,none permissions sorted again alphabetically in
1569 1569 # each group
1570 1570 perm_rows = sorted(perm_rows, key=display_user_sort)
1571 1571
1572 1572 user_groups_rows = []
1573 1573 if expand_from_user_groups:
1574 1574 for ug in self.permission_user_groups(with_members=True):
1575 1575 for user_data in ug.members:
1576 1576 user_groups_rows.append(user_data)
1577 1577
1578 1578 return super_admin_rows + owner_row + perm_rows + user_groups_rows
1579 1579
1580 1580 def permission_user_groups(self, with_members=False):
1581 1581 q = UserGroupUserGroupToPerm.query()\
1582 1582 .filter(UserGroupUserGroupToPerm.target_user_group == self)
1583 1583 q = q.options(joinedload(UserGroupUserGroupToPerm.user_group),
1584 1584 joinedload(UserGroupUserGroupToPerm.target_user_group),
1585 1585 joinedload(UserGroupUserGroupToPerm.permission),)
1586 1586
1587 1587 perm_rows = []
1588 1588 for _user_group in q.all():
1589 1589 entry = AttributeDict(_user_group.user_group.get_dict())
1590 1590 entry.permission = _user_group.permission.permission_name
1591 1591 if with_members:
1592 1592 entry.members = [x.user.get_dict()
1593 1593 for x in _user_group.user_group.members]
1594 1594 perm_rows.append(entry)
1595 1595
1596 1596 perm_rows = sorted(perm_rows, key=display_user_group_sort)
1597 1597 return perm_rows
1598 1598
1599 1599 def _get_default_perms(self, user_group, suffix=''):
1600 1600 from rhodecode.model.permission import PermissionModel
1601 1601 return PermissionModel().get_default_perms(user_group.users_group_to_perm, suffix)
1602 1602
1603 1603 def get_default_perms(self, suffix=''):
1604 1604 return self._get_default_perms(self, suffix)
1605 1605
1606 1606 def get_api_data(self, with_group_members=True, include_secrets=False):
1607 1607 """
1608 1608 :param include_secrets: See :meth:`User.get_api_data`, this parameter is
1609 1609 basically forwarded.
1610 1610
1611 1611 """
1612 1612 user_group = self
1613 1613 data = {
1614 1614 'users_group_id': user_group.users_group_id,
1615 1615 'group_name': user_group.users_group_name,
1616 1616 'group_description': user_group.user_group_description,
1617 1617 'active': user_group.users_group_active,
1618 1618 'owner': user_group.user.username,
1619 1619 'sync': user_group.sync,
1620 1620 'owner_email': user_group.user.email,
1621 1621 }
1622 1622
1623 1623 if with_group_members:
1624 1624 users = []
1625 1625 for user in user_group.members:
1626 1626 user = user.user
1627 1627 users.append(user.get_api_data(include_secrets=include_secrets))
1628 1628 data['users'] = users
1629 1629
1630 1630 return data
1631 1631
1632 1632
1633 1633 class UserGroupMember(Base, BaseModel):
1634 1634 __tablename__ = 'users_groups_members'
1635 1635 __table_args__ = (
1636 1636 base_table_args,
1637 1637 )
1638 1638
1639 1639 users_group_member_id = Column("users_group_member_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1640 1640 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
1641 1641 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
1642 1642
1643 1643 user = relationship('User', lazy='joined', back_populates='group_member')
1644 1644 users_group = relationship('UserGroup', back_populates='members')
1645 1645
1646 1646 def __init__(self, gr_id='', u_id=''):
1647 1647 self.users_group_id = gr_id
1648 1648 self.user_id = u_id
1649 1649
1650 1650
1651 1651 class RepositoryField(Base, BaseModel):
1652 1652 __tablename__ = 'repositories_fields'
1653 1653 __table_args__ = (
1654 1654 UniqueConstraint('repository_id', 'field_key'), # no-multi field
1655 1655 base_table_args,
1656 1656 )
1657 1657
1658 1658 PREFIX = 'ex_' # prefix used in form to not conflict with already existing fields
1659 1659
1660 1660 repo_field_id = Column("repo_field_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1661 1661 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
1662 1662 field_key = Column("field_key", String(250))
1663 1663 field_label = Column("field_label", String(1024), nullable=False)
1664 1664 field_value = Column("field_value", String(10000), nullable=False)
1665 1665 field_desc = Column("field_desc", String(1024), nullable=False)
1666 1666 field_type = Column("field_type", String(255), nullable=False, unique=None)
1667 1667 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1668 1668
1669 1669 repository = relationship('Repository', back_populates='extra_fields')
1670 1670
1671 1671 @property
1672 1672 def field_key_prefixed(self):
1673 1673 return 'ex_%s' % self.field_key
1674 1674
1675 1675 @classmethod
1676 1676 def un_prefix_key(cls, key):
1677 1677 if key.startswith(cls.PREFIX):
1678 1678 return key[len(cls.PREFIX):]
1679 1679 return key
1680 1680
1681 1681 @classmethod
1682 1682 def get_by_key_name(cls, key, repo):
1683 1683 row = cls.query()\
1684 1684 .filter(cls.repository == repo)\
1685 1685 .filter(cls.field_key == key).scalar()
1686 1686 return row
1687 1687
1688 1688
1689 1689 class Repository(Base, BaseModel):
1690 1690 __tablename__ = 'repositories'
1691 1691 __table_args__ = (
1692 1692 Index('r_repo_name_idx', 'repo_name', mysql_length=255),
1693 1693 base_table_args,
1694 1694 )
1695 1695 DEFAULT_CLONE_URI = '{scheme}://{user}@{netloc}/{repo}'
1696 1696 DEFAULT_CLONE_URI_ID = '{scheme}://{user}@{netloc}/_{repoid}'
1697 1697 DEFAULT_CLONE_URI_SSH = 'ssh://{sys_user}@{hostname}/{repo}'
1698 1698
1699 1699 STATE_CREATED = 'repo_state_created'
1700 1700 STATE_PENDING = 'repo_state_pending'
1701 1701 STATE_ERROR = 'repo_state_error'
1702 1702
1703 1703 LOCK_AUTOMATIC = 'lock_auto'
1704 1704 LOCK_API = 'lock_api'
1705 1705 LOCK_WEB = 'lock_web'
1706 1706 LOCK_PULL = 'lock_pull'
1707 1707
1708 1708 NAME_SEP = URL_SEP
1709 1709
1710 1710 repo_id = Column(
1711 1711 "repo_id", Integer(), nullable=False, unique=True, default=None,
1712 1712 primary_key=True)
1713 1713 _repo_name = Column(
1714 1714 "repo_name", Text(), nullable=False, default=None)
1715 1715 repo_name_hash = Column(
1716 1716 "repo_name_hash", String(255), nullable=False, unique=True)
1717 1717 repo_state = Column("repo_state", String(255), nullable=True)
1718 1718
1719 1719 clone_uri = Column(
1720 1720 "clone_uri", EncryptedTextValue(), nullable=True, unique=False,
1721 1721 default=None)
1722 1722 push_uri = Column(
1723 1723 "push_uri", EncryptedTextValue(), nullable=True, unique=False,
1724 1724 default=None)
1725 1725 repo_type = Column(
1726 1726 "repo_type", String(255), nullable=False, unique=False, default=None)
1727 1727 user_id = Column(
1728 1728 "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
1729 1729 unique=False, default=None)
1730 1730 private = Column(
1731 1731 "private", Boolean(), nullable=True, unique=None, default=None)
1732 1732 archived = Column(
1733 1733 "archived", Boolean(), nullable=True, unique=None, default=None)
1734 1734 enable_statistics = Column(
1735 1735 "statistics", Boolean(), nullable=True, unique=None, default=True)
1736 1736 enable_downloads = Column(
1737 1737 "downloads", Boolean(), nullable=True, unique=None, default=True)
1738 1738 description = Column(
1739 1739 "description", String(10000), nullable=True, unique=None, default=None)
1740 1740 created_on = Column(
1741 1741 'created_on', DateTime(timezone=False), nullable=True, unique=None,
1742 1742 default=datetime.datetime.now)
1743 1743 updated_on = Column(
1744 1744 'updated_on', DateTime(timezone=False), nullable=True, unique=None,
1745 1745 default=datetime.datetime.now)
1746 1746 _landing_revision = Column(
1747 1747 "landing_revision", String(255), nullable=False, unique=False,
1748 1748 default=None)
1749 1749 enable_locking = Column(
1750 1750 "enable_locking", Boolean(), nullable=False, unique=None,
1751 1751 default=False)
1752 1752 _locked = Column(
1753 1753 "locked", String(255), nullable=True, unique=False, default=None)
1754 1754 _changeset_cache = Column(
1755 1755 "changeset_cache", LargeBinary(), nullable=True) # JSON data
1756 1756
1757 1757 fork_id = Column(
1758 1758 "fork_id", Integer(), ForeignKey('repositories.repo_id'),
1759 1759 nullable=True, unique=False, default=None)
1760 1760 group_id = Column(
1761 1761 "group_id", Integer(), ForeignKey('groups.group_id'), nullable=True,
1762 1762 unique=False, default=None)
1763 1763
1764 1764 user = relationship('User', lazy='joined', back_populates='repositories')
1765 1765 fork = relationship('Repository', remote_side=repo_id, lazy='joined')
1766 1766 group = relationship('RepoGroup', lazy='joined')
1767 1767 repo_to_perm = relationship('UserRepoToPerm', cascade='all', order_by='UserRepoToPerm.repo_to_perm_id')
1768 1768 users_group_to_perm = relationship('UserGroupRepoToPerm', cascade='all', back_populates='repository')
1769 1769 stats = relationship('Statistics', cascade='all', uselist=False)
1770 1770
1771 1771 followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id', cascade='all', back_populates='follows_repository')
1772 1772 extra_fields = relationship('RepositoryField', cascade="all, delete-orphan", back_populates='repository')
1773 1773
1774 1774 logs = relationship('UserLog', back_populates='repository')
1775 1775
1776 1776 comments = relationship('ChangesetComment', cascade="all, delete-orphan", back_populates='repo')
1777 1777
1778 1778 pull_requests_source = relationship(
1779 1779 'PullRequest',
1780 1780 primaryjoin='PullRequest.source_repo_id==Repository.repo_id',
1781 1781 cascade="all, delete-orphan",
1782 1782 overlaps="source_repo"
1783 1783 )
1784 1784 pull_requests_target = relationship(
1785 1785 'PullRequest',
1786 1786 primaryjoin='PullRequest.target_repo_id==Repository.repo_id',
1787 1787 cascade="all, delete-orphan",
1788 1788 overlaps="target_repo"
1789 1789 )
1790 1790
1791 1791 ui = relationship('RepoRhodeCodeUi', cascade="all")
1792 1792 settings = relationship('RepoRhodeCodeSetting', cascade="all")
1793 1793 integrations = relationship('Integration', cascade="all, delete-orphan", back_populates='repo')
1794 1794
1795 1795 scoped_tokens = relationship('UserApiKeys', cascade="all", back_populates='repo')
1796 1796
1797 1797 # no cascade, set NULL
1798 1798 artifacts = relationship('FileStore', primaryjoin='FileStore.scope_repo_id==Repository.repo_id', viewonly=True)
1799 1799
1800 1800 review_rules = relationship('RepoReviewRule')
1801 1801 user_branch_perms = relationship('UserToRepoBranchPermission')
1802 1802 user_group_branch_perms = relationship('UserGroupToRepoBranchPermission')
1803 1803
1804 1804 def __repr__(self):
1805 1805 return "<%s('%s:%s')>" % (self.cls_name, self.repo_id, self.repo_name)
1806 1806
1807 1807 @hybrid_property
1808 1808 def description_safe(self):
1809 1809 from rhodecode.lib import helpers as h
1810 1810 return h.escape(self.description)
1811 1811
1812 1812 @hybrid_property
1813 1813 def landing_rev(self):
1814 1814 # always should return [rev_type, rev], e.g ['branch', 'master']
1815 1815 if self._landing_revision:
1816 1816 _rev_info = self._landing_revision.split(':')
1817 1817 if len(_rev_info) < 2:
1818 1818 _rev_info.insert(0, 'rev')
1819 1819 return [_rev_info[0], _rev_info[1]]
1820 1820 return [None, None]
1821 1821
1822 1822 @property
1823 1823 def landing_ref_type(self):
1824 1824 return self.landing_rev[0]
1825 1825
1826 1826 @property
1827 1827 def landing_ref_name(self):
1828 1828 return self.landing_rev[1]
1829 1829
1830 1830 @landing_rev.setter
1831 1831 def landing_rev(self, val):
1832 1832 if ':' not in val:
1833 1833 raise ValueError('value must be delimited with `:` and consist '
1834 1834 'of <rev_type>:<rev>, got %s instead' % val)
1835 1835 self._landing_revision = val
1836 1836
1837 1837 @hybrid_property
1838 1838 def locked(self):
1839 1839 if self._locked:
1840 1840 user_id, timelocked, reason = self._locked.split(':')
1841 1841 lock_values = int(user_id), timelocked, reason
1842 1842 else:
1843 1843 lock_values = [None, None, None]
1844 1844 return lock_values
1845 1845
1846 1846 @locked.setter
1847 1847 def locked(self, val):
1848 1848 if val and isinstance(val, (list, tuple)):
1849 1849 self._locked = ':'.join(map(str, val))
1850 1850 else:
1851 1851 self._locked = None
1852 1852
1853 1853 @classmethod
1854 1854 def _load_changeset_cache(cls, repo_id, changeset_cache_raw):
1855 1855 from rhodecode.lib.vcs.backends.base import EmptyCommit
1856 1856 dummy = EmptyCommit().__json__()
1857 1857 if not changeset_cache_raw:
1858 1858 dummy['source_repo_id'] = repo_id
1859 1859 return json.loads(json.dumps(dummy))
1860 1860
1861 1861 try:
1862 1862 return json.loads(changeset_cache_raw)
1863 1863 except TypeError:
1864 1864 return dummy
1865 1865 except Exception:
1866 1866 log.error(traceback.format_exc())
1867 1867 return dummy
1868 1868
1869 1869 @hybrid_property
1870 1870 def changeset_cache(self):
1871 1871 return self._load_changeset_cache(self.repo_id, self._changeset_cache)
1872 1872
1873 1873 @changeset_cache.setter
1874 1874 def changeset_cache(self, val):
1875 1875 try:
1876 1876 self._changeset_cache = json.dumps(val)
1877 1877 except Exception:
1878 1878 log.error(traceback.format_exc())
1879 1879
1880 1880 @hybrid_property
1881 1881 def repo_name(self):
1882 1882 return self._repo_name
1883 1883
1884 1884 @repo_name.setter
1885 1885 def repo_name(self, value):
1886 1886 self._repo_name = value
1887 1887 self.repo_name_hash = sha1(safe_bytes(value))
1888 1888
1889 1889 @classmethod
1890 1890 def normalize_repo_name(cls, repo_name):
1891 1891 """
1892 1892 Normalizes os specific repo_name to the format internally stored inside
1893 1893 database using URL_SEP
1894 1894
1895 1895 :param cls:
1896 1896 :param repo_name:
1897 1897 """
1898 1898 return cls.NAME_SEP.join(repo_name.split(os.sep))
1899 1899
1900 1900 @classmethod
1901 1901 def get_by_repo_name(cls, repo_name, cache=False, identity_cache=False):
1902 1902 session = Session()
1903 1903 q = session.query(cls).filter(cls.repo_name == repo_name)
1904 1904
1905 1905 if cache:
1906 1906 if identity_cache:
1907 1907 val = cls.identity_cache(session, 'repo_name', repo_name)
1908 1908 if val:
1909 1909 return val
1910 1910 else:
1911 1911 cache_key = "get_repo_by_name_%s" % _hash_key(repo_name)
1912 1912 q = q.options(
1913 1913 FromCache("sql_cache_short", cache_key))
1914 1914
1915 1915 return q.scalar()
1916 1916
1917 1917 @classmethod
1918 1918 def get_by_id_or_repo_name(cls, repoid):
1919 1919 if isinstance(repoid, int):
1920 1920 try:
1921 1921 repo = cls.get(repoid)
1922 1922 except ValueError:
1923 1923 repo = None
1924 1924 else:
1925 1925 repo = cls.get_by_repo_name(repoid)
1926 1926 return repo
1927 1927
1928 1928 @classmethod
1929 1929 def get_by_full_path(cls, repo_full_path):
1930 1930 repo_name = repo_full_path.split(cls.base_path(), 1)[-1]
1931 1931 repo_name = cls.normalize_repo_name(repo_name)
1932 1932 return cls.get_by_repo_name(repo_name.strip(URL_SEP))
1933 1933
1934 1934 @classmethod
1935 1935 def get_repo_forks(cls, repo_id):
1936 1936 return cls.query().filter(Repository.fork_id == repo_id)
1937 1937
1938 1938 @classmethod
1939 1939 def base_path(cls):
1940 1940 """
1941 1941 Returns base path when all repos are stored
1942 1942
1943 1943 :param cls:
1944 1944 """
1945 1945 from rhodecode.lib.utils import get_rhodecode_base_path
1946 1946 return get_rhodecode_base_path()
1947 1947
1948 1948 @classmethod
1949 1949 def get_all_repos(cls, user_id=Optional(None), group_id=Optional(None),
1950 1950 case_insensitive=True, archived=False):
1951 1951 q = Repository.query()
1952 1952
1953 1953 if not archived:
1954 1954 q = q.filter(Repository.archived.isnot(true()))
1955 1955
1956 1956 if not isinstance(user_id, Optional):
1957 1957 q = q.filter(Repository.user_id == user_id)
1958 1958
1959 1959 if not isinstance(group_id, Optional):
1960 1960 q = q.filter(Repository.group_id == group_id)
1961 1961
1962 1962 if case_insensitive:
1963 1963 q = q.order_by(func.lower(Repository.repo_name))
1964 1964 else:
1965 1965 q = q.order_by(Repository.repo_name)
1966 1966
1967 1967 return q.all()
1968 1968
1969 1969 @property
1970 1970 def repo_uid(self):
1971 1971 return '_{}'.format(self.repo_id)
1972 1972
1973 1973 @property
1974 1974 def forks(self):
1975 1975 """
1976 1976 Return forks of this repo
1977 1977 """
1978 1978 return Repository.get_repo_forks(self.repo_id)
1979 1979
1980 1980 @property
1981 1981 def parent(self):
1982 1982 """
1983 1983 Returns fork parent
1984 1984 """
1985 1985 return self.fork
1986 1986
1987 1987 @property
1988 1988 def just_name(self):
1989 1989 return self.repo_name.split(self.NAME_SEP)[-1]
1990 1990
1991 1991 @property
1992 1992 def groups_with_parents(self):
1993 1993 groups = []
1994 1994 if self.group is None:
1995 1995 return groups
1996 1996
1997 1997 cur_gr = self.group
1998 1998 groups.insert(0, cur_gr)
1999 1999 while 1:
2000 2000 gr = getattr(cur_gr, 'parent_group', None)
2001 2001 cur_gr = cur_gr.parent_group
2002 2002 if gr is None:
2003 2003 break
2004 2004 groups.insert(0, gr)
2005 2005
2006 2006 return groups
2007 2007
2008 2008 @property
2009 2009 def groups_and_repo(self):
2010 2010 return self.groups_with_parents, self
2011 2011
2012 2012 @LazyProperty
2013 2013 def repo_path(self):
2014 2014 """
2015 2015 Returns base full path for that repository means where it actually
2016 2016 exists on a filesystem
2017 2017 """
2018 2018 q = Session().query(RhodeCodeUi).filter(
2019 2019 RhodeCodeUi.ui_key == self.NAME_SEP)
2020 2020 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
2021 2021 return q.one().ui_value
2022 2022
2023 2023 @property
2024 2024 def repo_full_path(self):
2025 2025 p = [self.repo_path]
2026 2026 # we need to split the name by / since this is how we store the
2027 2027 # names in the database, but that eventually needs to be converted
2028 2028 # into a valid system path
2029 2029 p += self.repo_name.split(self.NAME_SEP)
2030 2030 return os.path.join(*map(safe_str, p))
2031 2031
2032 2032 @property
2033 2033 def cache_keys(self):
2034 2034 """
2035 2035 Returns associated cache keys for that repo
2036 2036 """
2037 2037 repo_namespace_key = CacheKey.REPO_INVALIDATION_NAMESPACE.format(repo_id=self.repo_id)
2038 2038 return CacheKey.query()\
2039 2039 .filter(CacheKey.cache_key == repo_namespace_key)\
2040 2040 .order_by(CacheKey.cache_key)\
2041 2041 .all()
2042 2042
2043 2043 @property
2044 2044 def cached_diffs_relative_dir(self):
2045 2045 """
2046 2046 Return a relative to the repository store path of cached diffs
2047 2047 used for safe display for users, who shouldn't know the absolute store
2048 2048 path
2049 2049 """
2050 2050 return os.path.join(
2051 2051 os.path.dirname(self.repo_name),
2052 2052 self.cached_diffs_dir.split(os.path.sep)[-1])
2053 2053
2054 2054 @property
2055 2055 def cached_diffs_dir(self):
2056 2056 path = self.repo_full_path
2057 2057 return os.path.join(
2058 2058 os.path.dirname(path),
2059 2059 f'.__shadow_diff_cache_repo_{self.repo_id}')
2060 2060
2061 2061 def cached_diffs(self):
2062 2062 diff_cache_dir = self.cached_diffs_dir
2063 2063 if os.path.isdir(diff_cache_dir):
2064 2064 return os.listdir(diff_cache_dir)
2065 2065 return []
2066 2066
2067 2067 def shadow_repos(self):
2068 2068 shadow_repos_pattern = f'.__shadow_repo_{self.repo_id}'
2069 2069 return [
2070 2070 x for x in os.listdir(os.path.dirname(self.repo_full_path))
2071 2071 if x.startswith(shadow_repos_pattern)
2072 2072 ]
2073 2073
2074 2074 def get_new_name(self, repo_name):
2075 2075 """
2076 2076 returns new full repository name based on assigned group and new new
2077 2077
2078 2078 :param repo_name:
2079 2079 """
2080 2080 path_prefix = self.group.full_path_splitted if self.group else []
2081 2081 return self.NAME_SEP.join(path_prefix + [repo_name])
2082 2082
2083 2083 @property
2084 2084 def _config(self):
2085 2085 """
2086 2086 Returns db based config object.
2087 2087 """
2088 2088 from rhodecode.lib.utils import make_db_config
2089 2089 return make_db_config(clear_session=False, repo=self)
2090 2090
2091 2091 def permissions(self, with_admins=True, with_owner=True,
2092 2092 expand_from_user_groups=False):
2093 2093 """
2094 2094 Permissions for repositories
2095 2095 """
2096 2096 _admin_perm = 'repository.admin'
2097 2097
2098 2098 owner_row = []
2099 2099 if with_owner:
2100 2100 usr = AttributeDict(self.user.get_dict())
2101 2101 usr.owner_row = True
2102 2102 usr.permission = _admin_perm
2103 2103 usr.permission_id = None
2104 2104 owner_row.append(usr)
2105 2105
2106 2106 super_admin_ids = []
2107 2107 super_admin_rows = []
2108 2108 if with_admins:
2109 2109 for usr in User.get_all_super_admins():
2110 2110 super_admin_ids.append(usr.user_id)
2111 2111 # if this admin is also owner, don't double the record
2112 2112 if usr.user_id == owner_row[0].user_id:
2113 2113 owner_row[0].admin_row = True
2114 2114 else:
2115 2115 usr = AttributeDict(usr.get_dict())
2116 2116 usr.admin_row = True
2117 2117 usr.permission = _admin_perm
2118 2118 usr.permission_id = None
2119 2119 super_admin_rows.append(usr)
2120 2120
2121 2121 q = UserRepoToPerm.query().filter(UserRepoToPerm.repository == self)
2122 2122 q = q.options(joinedload(UserRepoToPerm.repository),
2123 2123 joinedload(UserRepoToPerm.user),
2124 2124 joinedload(UserRepoToPerm.permission),)
2125 2125
2126 2126 # get owners and admins and permissions. We do a trick of re-writing
2127 2127 # objects from sqlalchemy to named-tuples due to sqlalchemy session
2128 2128 # has a global reference and changing one object propagates to all
2129 2129 # others. This means if admin is also an owner admin_row that change
2130 2130 # would propagate to both objects
2131 2131 perm_rows = []
2132 2132 for _usr in q.all():
2133 2133 usr = AttributeDict(_usr.user.get_dict())
2134 2134 # if this user is also owner/admin, mark as duplicate record
2135 2135 if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
2136 2136 usr.duplicate_perm = True
2137 2137 # also check if this permission is maybe used by branch_permissions
2138 2138 if _usr.branch_perm_entry:
2139 2139 usr.branch_rules = [x.branch_rule_id for x in _usr.branch_perm_entry]
2140 2140
2141 2141 usr.permission = _usr.permission.permission_name
2142 2142 usr.permission_id = _usr.repo_to_perm_id
2143 2143 perm_rows.append(usr)
2144 2144
2145 2145 # filter the perm rows by 'default' first and then sort them by
2146 2146 # admin,write,read,none permissions sorted again alphabetically in
2147 2147 # each group
2148 2148 perm_rows = sorted(perm_rows, key=display_user_sort)
2149 2149
2150 2150 user_groups_rows = []
2151 2151 if expand_from_user_groups:
2152 2152 for ug in self.permission_user_groups(with_members=True):
2153 2153 for user_data in ug.members:
2154 2154 user_groups_rows.append(user_data)
2155 2155
2156 2156 return super_admin_rows + owner_row + perm_rows + user_groups_rows
2157 2157
2158 2158 def permission_user_groups(self, with_members=True):
2159 2159 q = UserGroupRepoToPerm.query()\
2160 2160 .filter(UserGroupRepoToPerm.repository == self)
2161 2161 q = q.options(joinedload(UserGroupRepoToPerm.repository),
2162 2162 joinedload(UserGroupRepoToPerm.users_group),
2163 2163 joinedload(UserGroupRepoToPerm.permission),)
2164 2164
2165 2165 perm_rows = []
2166 2166 for _user_group in q.all():
2167 2167 entry = AttributeDict(_user_group.users_group.get_dict())
2168 2168 entry.permission = _user_group.permission.permission_name
2169 2169 if with_members:
2170 2170 entry.members = [x.user.get_dict()
2171 2171 for x in _user_group.users_group.members]
2172 2172 perm_rows.append(entry)
2173 2173
2174 2174 perm_rows = sorted(perm_rows, key=display_user_group_sort)
2175 2175 return perm_rows
2176 2176
2177 2177 def get_api_data(self, include_secrets=False):
2178 2178 """
2179 2179 Common function for generating repo api data
2180 2180
2181 2181 :param include_secrets: See :meth:`User.get_api_data`.
2182 2182
2183 2183 """
2184 2184 # TODO: mikhail: Here there is an anti-pattern, we probably need to
2185 2185 # move this methods on models level.
2186 2186 from rhodecode.model.settings import SettingsModel
2187 2187 from rhodecode.model.repo import RepoModel
2188 2188
2189 2189 repo = self
2190 2190 _user_id, _time, _reason = self.locked
2191 2191
2192 2192 data = {
2193 2193 'repo_id': repo.repo_id,
2194 2194 'repo_name': repo.repo_name,
2195 2195 'repo_type': repo.repo_type,
2196 2196 'clone_uri': repo.clone_uri or '',
2197 2197 'push_uri': repo.push_uri or '',
2198 2198 'url': RepoModel().get_url(self),
2199 2199 'private': repo.private,
2200 2200 'created_on': repo.created_on,
2201 2201 'description': repo.description_safe,
2202 2202 'landing_rev': repo.landing_rev,
2203 2203 'owner': repo.user.username,
2204 2204 'fork_of': repo.fork.repo_name if repo.fork else None,
2205 2205 'fork_of_id': repo.fork.repo_id if repo.fork else None,
2206 2206 'enable_statistics': repo.enable_statistics,
2207 2207 'enable_locking': repo.enable_locking,
2208 2208 'enable_downloads': repo.enable_downloads,
2209 2209 'last_changeset': repo.changeset_cache,
2210 2210 'locked_by': User.get(_user_id).get_api_data(
2211 2211 include_secrets=include_secrets) if _user_id else None,
2212 2212 'locked_date': time_to_datetime(_time) if _time else None,
2213 2213 'lock_reason': _reason if _reason else None,
2214 2214 }
2215 2215
2216 2216 # TODO: mikhail: should be per-repo settings here
2217 2217 rc_config = SettingsModel().get_all_settings()
2218 2218 repository_fields = str2bool(
2219 2219 rc_config.get('rhodecode_repository_fields'))
2220 2220 if repository_fields:
2221 2221 for f in self.extra_fields:
2222 2222 data[f.field_key_prefixed] = f.field_value
2223 2223
2224 2224 return data
2225 2225
2226 2226 @classmethod
2227 2227 def lock(cls, repo, user_id, lock_time=None, lock_reason=None):
2228 2228 if not lock_time:
2229 2229 lock_time = time.time()
2230 2230 if not lock_reason:
2231 2231 lock_reason = cls.LOCK_AUTOMATIC
2232 2232 repo.locked = [user_id, lock_time, lock_reason]
2233 2233 Session().add(repo)
2234 2234 Session().commit()
2235 2235
2236 2236 @classmethod
2237 2237 def unlock(cls, repo):
2238 2238 repo.locked = None
2239 2239 Session().add(repo)
2240 2240 Session().commit()
2241 2241
2242 2242 @classmethod
2243 2243 def getlock(cls, repo):
2244 2244 return repo.locked
2245 2245
2246 2246 def get_locking_state(self, action, user_id, only_when_enabled=True):
2247 2247 """
2248 2248 Checks locking on this repository, if locking is enabled and lock is
2249 2249 present returns a tuple of make_lock, locked, locked_by.
2250 2250 make_lock can have 3 states None (do nothing) True, make lock
2251 2251 False release lock, This value is later propagated to hooks, which
2252 2252 do the locking. Think about this as signals passed to hooks what to do.
2253 2253
2254 2254 """
2255 2255 # TODO: johbo: This is part of the business logic and should be moved
2256 2256 # into the RepositoryModel.
2257 2257
2258 2258 if action not in ('push', 'pull'):
2259 2259 raise ValueError("Invalid action value: %s" % repr(action))
2260 2260
2261 2261 # defines if locked error should be thrown to user
2262 2262 currently_locked = False
2263 2263 # defines if new lock should be made, tri-state
2264 2264 make_lock = None
2265 2265 repo = self
2266 2266 user = User.get(user_id)
2267 2267
2268 2268 lock_info = repo.locked
2269 2269
2270 2270 if repo and (repo.enable_locking or not only_when_enabled):
2271 2271 if action == 'push':
2272 2272 # check if it's already locked !, if it is compare users
2273 2273 locked_by_user_id = lock_info[0]
2274 2274 if user.user_id == locked_by_user_id:
2275 2275 log.debug(
2276 2276 'Got `push` action from user %s, now unlocking', user)
2277 2277 # unlock if we have push from user who locked
2278 2278 make_lock = False
2279 2279 else:
2280 2280 # we're not the same user who locked, ban with
2281 2281 # code defined in settings (default is 423 HTTP Locked) !
2282 2282 log.debug('Repo %s is currently locked by %s', repo, user)
2283 2283 currently_locked = True
2284 2284 elif action == 'pull':
2285 2285 # [0] user [1] date
2286 2286 if lock_info[0] and lock_info[1]:
2287 2287 log.debug('Repo %s is currently locked by %s', repo, user)
2288 2288 currently_locked = True
2289 2289 else:
2290 2290 log.debug('Setting lock on repo %s by %s', repo, user)
2291 2291 make_lock = True
2292 2292
2293 2293 else:
2294 2294 log.debug('Repository %s do not have locking enabled', repo)
2295 2295
2296 2296 log.debug('FINAL locking values make_lock:%s,locked:%s,locked_by:%s',
2297 2297 make_lock, currently_locked, lock_info)
2298 2298
2299 2299 from rhodecode.lib.auth import HasRepoPermissionAny
2300 2300 perm_check = HasRepoPermissionAny('repository.write', 'repository.admin')
2301 2301 if make_lock and not perm_check(repo_name=repo.repo_name, user=user):
2302 2302 # if we don't have at least write permission we cannot make a lock
2303 2303 log.debug('lock state reset back to FALSE due to lack '
2304 2304 'of at least read permission')
2305 2305 make_lock = False
2306 2306
2307 2307 return make_lock, currently_locked, lock_info
2308 2308
2309 2309 @property
2310 2310 def last_commit_cache_update_diff(self):
2311 2311 return time.time() - (safe_int(self.changeset_cache.get('updated_on')) or 0)
2312 2312
2313 2313 @classmethod
2314 2314 def _load_commit_change(cls, last_commit_cache):
2315 2315 from rhodecode.lib.vcs.utils.helpers import parse_datetime
2316 2316 empty_date = datetime.datetime.fromtimestamp(0)
2317 2317 date_latest = last_commit_cache.get('date', empty_date)
2318 2318 try:
2319 2319 return parse_datetime(date_latest)
2320 2320 except Exception:
2321 2321 return empty_date
2322 2322
2323 2323 @property
2324 2324 def last_commit_change(self):
2325 2325 return self._load_commit_change(self.changeset_cache)
2326 2326
2327 2327 @property
2328 2328 def last_db_change(self):
2329 2329 return self.updated_on
2330 2330
2331 2331 @property
2332 2332 def clone_uri_hidden(self):
2333 2333 clone_uri = self.clone_uri
2334 2334 if clone_uri:
2335 2335 import urlobject
2336 2336 url_obj = urlobject.URLObject(cleaned_uri(clone_uri))
2337 2337 if url_obj.password:
2338 2338 clone_uri = url_obj.with_password('*****')
2339 2339 return clone_uri
2340 2340
2341 2341 @property
2342 2342 def push_uri_hidden(self):
2343 2343 push_uri = self.push_uri
2344 2344 if push_uri:
2345 2345 import urlobject
2346 2346 url_obj = urlobject.URLObject(cleaned_uri(push_uri))
2347 2347 if url_obj.password:
2348 2348 push_uri = url_obj.with_password('*****')
2349 2349 return push_uri
2350 2350
2351 2351 def clone_url(self, **override):
2352 2352 from rhodecode.model.settings import SettingsModel
2353 2353
2354 2354 uri_tmpl = None
2355 2355 if 'with_id' in override:
2356 2356 uri_tmpl = self.DEFAULT_CLONE_URI_ID
2357 2357 del override['with_id']
2358 2358
2359 2359 if 'uri_tmpl' in override:
2360 2360 uri_tmpl = override['uri_tmpl']
2361 2361 del override['uri_tmpl']
2362 2362
2363 2363 ssh = False
2364 2364 if 'ssh' in override:
2365 2365 ssh = True
2366 2366 del override['ssh']
2367 2367
2368 2368 # we didn't override our tmpl from **overrides
2369 2369 request = get_current_request()
2370 2370 if not uri_tmpl:
2371 2371 if hasattr(request, 'call_context') and hasattr(request.call_context, 'rc_config'):
2372 2372 rc_config = request.call_context.rc_config
2373 2373 else:
2374 2374 rc_config = SettingsModel().get_all_settings(cache=True)
2375 2375
2376 2376 if ssh:
2377 2377 uri_tmpl = rc_config.get(
2378 2378 'rhodecode_clone_uri_ssh_tmpl') or self.DEFAULT_CLONE_URI_SSH
2379 2379
2380 2380 else:
2381 2381 uri_tmpl = rc_config.get(
2382 2382 'rhodecode_clone_uri_tmpl') or self.DEFAULT_CLONE_URI
2383 2383
2384 2384 return get_clone_url(request=request,
2385 2385 uri_tmpl=uri_tmpl,
2386 2386 repo_name=self.repo_name,
2387 2387 repo_id=self.repo_id,
2388 2388 repo_type=self.repo_type,
2389 2389 **override)
2390 2390
2391 2391 def set_state(self, state):
2392 2392 self.repo_state = state
2393 2393 Session().add(self)
2394 2394 #==========================================================================
2395 2395 # SCM PROPERTIES
2396 2396 #==========================================================================
2397 2397
2398 2398 def get_commit(self, commit_id=None, commit_idx=None, pre_load=None, maybe_unreachable=False, reference_obj=None):
2399 2399 return get_commit_safe(
2400 2400 self.scm_instance(), commit_id, commit_idx, pre_load=pre_load,
2401 2401 maybe_unreachable=maybe_unreachable, reference_obj=reference_obj)
2402 2402
2403 2403 def get_changeset(self, rev=None, pre_load=None):
2404 2404 warnings.warn("Use get_commit", DeprecationWarning)
2405 2405 commit_id = None
2406 2406 commit_idx = None
2407 2407 if isinstance(rev, str):
2408 2408 commit_id = rev
2409 2409 else:
2410 2410 commit_idx = rev
2411 2411 return self.get_commit(commit_id=commit_id, commit_idx=commit_idx,
2412 2412 pre_load=pre_load)
2413 2413
2414 2414 def get_landing_commit(self):
2415 2415 """
2416 2416 Returns landing commit, or if that doesn't exist returns the tip
2417 2417 """
2418 2418 _rev_type, _rev = self.landing_rev
2419 2419 commit = self.get_commit(_rev)
2420 2420 if isinstance(commit, EmptyCommit):
2421 2421 return self.get_commit()
2422 2422 return commit
2423 2423
2424 2424 def flush_commit_cache(self):
2425 2425 self.update_commit_cache(cs_cache={'raw_id':'0'})
2426 2426 self.update_commit_cache()
2427 2427
2428 2428 def update_commit_cache(self, cs_cache=None, config=None):
2429 2429 """
2430 2430 Update cache of last commit for repository
2431 2431 cache_keys should be::
2432 2432
2433 2433 source_repo_id
2434 2434 short_id
2435 2435 raw_id
2436 2436 revision
2437 2437 parents
2438 2438 message
2439 2439 date
2440 2440 author
2441 2441 updated_on
2442 2442
2443 2443 """
2444 2444 from rhodecode.lib.vcs.backends.base import BaseCommit
2445 2445 from rhodecode.lib.vcs.utils.helpers import parse_datetime
2446 2446 empty_date = datetime.datetime.fromtimestamp(0)
2447 2447 repo_commit_count = 0
2448 2448
2449 2449 if cs_cache is None:
2450 2450 # use no-cache version here
2451 2451 try:
2452 2452 scm_repo = self.scm_instance(cache=False, config=config)
2453 2453 except VCSError:
2454 2454 scm_repo = None
2455 2455 empty = scm_repo is None or scm_repo.is_empty()
2456 2456
2457 2457 if not empty:
2458 2458 cs_cache = scm_repo.get_commit(
2459 2459 pre_load=["author", "date", "message", "parents", "branch"])
2460 2460 repo_commit_count = scm_repo.count()
2461 2461 else:
2462 2462 cs_cache = EmptyCommit()
2463 2463
2464 2464 if isinstance(cs_cache, BaseCommit):
2465 2465 cs_cache = cs_cache.__json__()
2466 2466
2467 2467 def is_outdated(new_cs_cache):
2468 2468 if (new_cs_cache['raw_id'] != self.changeset_cache['raw_id'] or
2469 2469 new_cs_cache['revision'] != self.changeset_cache['revision']):
2470 2470 return True
2471 2471 return False
2472 2472
2473 2473 # check if we have maybe already latest cached revision
2474 2474 if is_outdated(cs_cache) or not self.changeset_cache:
2475 2475 _current_datetime = datetime.datetime.utcnow()
2476 2476 last_change = cs_cache.get('date') or _current_datetime
2477 2477 # we check if last update is newer than the new value
2478 2478 # if yes, we use the current timestamp instead. Imagine you get
2479 2479 # old commit pushed 1y ago, we'd set last update 1y to ago.
2480 2480 last_change_timestamp = datetime_to_time(last_change)
2481 2481 current_timestamp = datetime_to_time(last_change)
2482 2482 if last_change_timestamp > current_timestamp and not empty:
2483 2483 cs_cache['date'] = _current_datetime
2484 2484
2485 2485 # also store size of repo
2486 2486 cs_cache['repo_commit_count'] = repo_commit_count
2487 2487
2488 2488 _date_latest = parse_datetime(cs_cache.get('date') or empty_date)
2489 2489 cs_cache['updated_on'] = time.time()
2490 2490 self.changeset_cache = cs_cache
2491 2491 self.updated_on = last_change
2492 2492 Session().add(self)
2493 2493 Session().commit()
2494 2494
2495 2495 else:
2496 2496 if empty:
2497 2497 cs_cache = EmptyCommit().__json__()
2498 2498 else:
2499 2499 cs_cache = self.changeset_cache
2500 2500
2501 2501 _date_latest = parse_datetime(cs_cache.get('date') or empty_date)
2502 2502
2503 2503 cs_cache['updated_on'] = time.time()
2504 2504 self.changeset_cache = cs_cache
2505 2505 self.updated_on = _date_latest
2506 2506 Session().add(self)
2507 2507 Session().commit()
2508 2508
2509 2509 log.debug('updated repo `%s` with new commit cache %s, and last update_date: %s',
2510 2510 self.repo_name, cs_cache, _date_latest)
2511 2511
2512 2512 @property
2513 2513 def tip(self):
2514 2514 return self.get_commit('tip')
2515 2515
2516 2516 @property
2517 2517 def author(self):
2518 2518 return self.tip.author
2519 2519
2520 2520 @property
2521 2521 def last_change(self):
2522 2522 return self.scm_instance().last_change
2523 2523
2524 2524 def get_comments(self, revisions=None):
2525 2525 """
2526 2526 Returns comments for this repository grouped by revisions
2527 2527
2528 2528 :param revisions: filter query by revisions only
2529 2529 """
2530 2530 cmts = ChangesetComment.query()\
2531 2531 .filter(ChangesetComment.repo == self)
2532 2532 if revisions:
2533 2533 cmts = cmts.filter(ChangesetComment.revision.in_(revisions))
2534 2534 grouped = collections.defaultdict(list)
2535 2535 for cmt in cmts.all():
2536 2536 grouped[cmt.revision].append(cmt)
2537 2537 return grouped
2538 2538
2539 2539 def statuses(self, revisions=None):
2540 2540 """
2541 2541 Returns statuses for this repository
2542 2542
2543 2543 :param revisions: list of revisions to get statuses for
2544 2544 """
2545 2545 statuses = ChangesetStatus.query()\
2546 2546 .filter(ChangesetStatus.repo == self)\
2547 2547 .filter(ChangesetStatus.version == 0)
2548 2548
2549 2549 if revisions:
2550 2550 # Try doing the filtering in chunks to avoid hitting limits
2551 2551 size = 500
2552 2552 status_results = []
2553 2553 for chunk in range(0, len(revisions), size):
2554 2554 status_results += statuses.filter(
2555 2555 ChangesetStatus.revision.in_(
2556 2556 revisions[chunk: chunk+size])
2557 2557 ).all()
2558 2558 else:
2559 2559 status_results = statuses.all()
2560 2560
2561 2561 grouped = {}
2562 2562
2563 2563 # maybe we have open new pullrequest without a status?
2564 2564 stat = ChangesetStatus.STATUS_UNDER_REVIEW
2565 2565 status_lbl = ChangesetStatus.get_status_lbl(stat)
2566 2566 for pr in PullRequest.query().filter(PullRequest.source_repo == self).all():
2567 2567 for rev in pr.revisions:
2568 2568 pr_id = pr.pull_request_id
2569 2569 pr_repo = pr.target_repo.repo_name
2570 2570 grouped[rev] = [stat, status_lbl, pr_id, pr_repo]
2571 2571
2572 2572 for stat in status_results:
2573 2573 pr_id = pr_repo = None
2574 2574 if stat.pull_request:
2575 2575 pr_id = stat.pull_request.pull_request_id
2576 2576 pr_repo = stat.pull_request.target_repo.repo_name
2577 2577 grouped[stat.revision] = [str(stat.status), stat.status_lbl,
2578 2578 pr_id, pr_repo]
2579 2579 return grouped
2580 2580
2581 2581 # ==========================================================================
2582 2582 # SCM CACHE INSTANCE
2583 2583 # ==========================================================================
2584 2584
2585 2585 def scm_instance(self, **kwargs):
2586 2586 import rhodecode
2587 2587
2588 2588 # Passing a config will not hit the cache currently only used
2589 2589 # for repo2dbmapper
2590 2590 config = kwargs.pop('config', None)
2591 2591 cache = kwargs.pop('cache', None)
2592 2592 vcs_full_cache = kwargs.pop('vcs_full_cache', None)
2593 2593 if vcs_full_cache is not None:
2594 2594 # allows override global config
2595 2595 full_cache = vcs_full_cache
2596 2596 else:
2597 2597 full_cache = rhodecode.ConfigGet().get_bool('vcs_full_cache')
2598 2598 # if cache is NOT defined use default global, else we have a full
2599 2599 # control over cache behaviour
2600 2600 if cache is None and full_cache and not config:
2601 2601 log.debug('Initializing pure cached instance for %s', self.repo_path)
2602 2602 return self._get_instance_cached()
2603 2603
2604 2604 # cache here is sent to the "vcs server"
2605 2605 return self._get_instance(cache=bool(cache), config=config)
2606 2606
2607 2607 def _get_instance_cached(self):
2608 2608 from rhodecode.lib import rc_cache
2609 2609
2610 2610 cache_namespace_uid = f'repo_instance.{self.repo_id}'
2611 2611 region = rc_cache.get_or_create_region('cache_repo_longterm', cache_namespace_uid)
2612 2612
2613 2613 # we must use thread scoped cache here,
2614 2614 # because each thread of gevent needs it's own not shared connection and cache
2615 2615 # we also alter `args` so the cache key is individual for every green thread.
2616 2616 repo_namespace_key = CacheKey.REPO_INVALIDATION_NAMESPACE.format(repo_id=self.repo_id)
2617 2617 inv_context_manager = rc_cache.InvalidationContext(key=repo_namespace_key, thread_scoped=True)
2618 2618
2619 2619 # our wrapped caching function that takes state_uid to save the previous state in
2620 2620 def cache_generator(_state_uid):
2621 2621
2622 2622 @region.conditional_cache_on_arguments(namespace=cache_namespace_uid)
2623 2623 def get_instance_cached(_repo_id, _process_context_id):
2624 2624 # we save in cached func the generation state so we can detect a change and invalidate caches
2625 2625 return _state_uid, self._get_instance(repo_state_uid=_state_uid)
2626 2626
2627 2627 return get_instance_cached
2628 2628
2629 2629 with inv_context_manager as invalidation_context:
2630 2630 cache_state_uid = invalidation_context.state_uid
2631 2631 cache_func = cache_generator(cache_state_uid)
2632 2632
2633 2633 args = self.repo_id, inv_context_manager.proc_key
2634 2634
2635 2635 previous_state_uid, instance = cache_func(*args)
2636 2636
2637 if instance:
2638 2637 # now compare keys, the "cache" state vs expected state.
2639 2638 if previous_state_uid != cache_state_uid:
2640 2639 log.warning('Cached state uid %s is different than current state uid %s',
2641 2640 previous_state_uid, cache_state_uid)
2642 2641 _, instance = cache_func.refresh(*args)
2643 2642
2644 2643 log.debug('Repo instance fetched in %.4fs', inv_context_manager.compute_time)
2645 2644 return instance
2646 2645
2647 2646 def _get_instance(self, cache=True, config=None, repo_state_uid=None):
2648 2647 log.debug('Initializing %s instance `%s` with cache flag set to: %s',
2649 2648 self.repo_type, self.repo_path, cache)
2650 2649 config = config or self._config
2651 2650 custom_wire = {
2652 2651 'cache': cache, # controls the vcs.remote cache
2653 2652 'repo_state_uid': repo_state_uid
2654 2653 }
2654
2655 2655 repo = get_vcs_instance(
2656 2656 repo_path=safe_str(self.repo_full_path),
2657 2657 config=config,
2658 2658 with_wire=custom_wire,
2659 2659 create=False,
2660 2660 _vcs_alias=self.repo_type)
2661 2661 if repo is not None:
2662 2662 repo.count() # cache rebuild
2663 2663
2664 2664 return repo
2665 2665
2666 2666 def get_shadow_repository_path(self, workspace_id):
2667 2667 from rhodecode.lib.vcs.backends.base import BaseRepository
2668 2668 shadow_repo_path = BaseRepository._get_shadow_repository_path(
2669 2669 self.repo_full_path, self.repo_id, workspace_id)
2670 2670 return shadow_repo_path
2671 2671
2672 2672 def __json__(self):
2673 2673 return {'landing_rev': self.landing_rev}
2674 2674
2675 2675 def get_dict(self):
2676 2676
2677 2677 # Since we transformed `repo_name` to a hybrid property, we need to
2678 2678 # keep compatibility with the code which uses `repo_name` field.
2679 2679
2680 2680 result = super(Repository, self).get_dict()
2681 2681 result['repo_name'] = result.pop('_repo_name', None)
2682 2682 result.pop('_changeset_cache', '')
2683 2683 return result
2684 2684
2685 2685
2686 2686 class RepoGroup(Base, BaseModel):
2687 2687 __tablename__ = 'groups'
2688 2688 __table_args__ = (
2689 2689 UniqueConstraint('group_name', 'group_parent_id'),
2690 2690 base_table_args,
2691 2691 )
2692 2692
2693 2693 CHOICES_SEPARATOR = '/' # used to generate select2 choices for nested groups
2694 2694
2695 2695 group_id = Column("group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2696 2696 _group_name = Column("group_name", String(255), nullable=False, unique=True, default=None)
2697 2697 group_name_hash = Column("repo_group_name_hash", String(1024), nullable=False, unique=False)
2698 2698 group_parent_id = Column("group_parent_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)
2699 2699 group_description = Column("group_description", String(10000), nullable=True, unique=None, default=None)
2700 2700 enable_locking = Column("enable_locking", Boolean(), nullable=False, unique=None, default=False)
2701 2701 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
2702 2702 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
2703 2703 updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
2704 2704 personal = Column('personal', Boolean(), nullable=True, unique=None, default=None)
2705 2705 _changeset_cache = Column("changeset_cache", LargeBinary(), nullable=True) # JSON data
2706 2706
2707 2707 repo_group_to_perm = relationship('UserRepoGroupToPerm', cascade='all', order_by='UserRepoGroupToPerm.group_to_perm_id', back_populates='group')
2708 2708 users_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all', back_populates='group')
2709 2709 parent_group = relationship('RepoGroup', remote_side=group_id)
2710 2710 user = relationship('User', back_populates='repository_groups')
2711 2711 integrations = relationship('Integration', cascade="all, delete-orphan", back_populates='repo_group')
2712 2712
2713 2713 # no cascade, set NULL
2714 2714 scope_artifacts = relationship('FileStore', primaryjoin='FileStore.scope_repo_group_id==RepoGroup.group_id', viewonly=True)
2715 2715
2716 2716 def __init__(self, group_name='', parent_group=None):
2717 2717 self.group_name = group_name
2718 2718 self.parent_group = parent_group
2719 2719
2720 2720 def __repr__(self):
2721 2721 return f"<{self.cls_name}('id:{self.group_id}:{self.group_name}')>"
2722 2722
2723 2723 @hybrid_property
2724 2724 def group_name(self):
2725 2725 return self._group_name
2726 2726
2727 2727 @group_name.setter
2728 2728 def group_name(self, value):
2729 2729 self._group_name = value
2730 2730 self.group_name_hash = self.hash_repo_group_name(value)
2731 2731
2732 2732 @classmethod
2733 2733 def _load_changeset_cache(cls, repo_id, changeset_cache_raw):
2734 2734 from rhodecode.lib.vcs.backends.base import EmptyCommit
2735 2735 dummy = EmptyCommit().__json__()
2736 2736 if not changeset_cache_raw:
2737 2737 dummy['source_repo_id'] = repo_id
2738 2738 return json.loads(json.dumps(dummy))
2739 2739
2740 2740 try:
2741 2741 return json.loads(changeset_cache_raw)
2742 2742 except TypeError:
2743 2743 return dummy
2744 2744 except Exception:
2745 2745 log.error(traceback.format_exc())
2746 2746 return dummy
2747 2747
2748 2748 @hybrid_property
2749 2749 def changeset_cache(self):
2750 2750 return self._load_changeset_cache('', self._changeset_cache)
2751 2751
2752 2752 @changeset_cache.setter
2753 2753 def changeset_cache(self, val):
2754 2754 try:
2755 2755 self._changeset_cache = json.dumps(val)
2756 2756 except Exception:
2757 2757 log.error(traceback.format_exc())
2758 2758
2759 2759 @validates('group_parent_id')
2760 2760 def validate_group_parent_id(self, key, val):
2761 2761 """
2762 2762 Check cycle references for a parent group to self
2763 2763 """
2764 2764 if self.group_id and val:
2765 2765 assert val != self.group_id
2766 2766
2767 2767 return val
2768 2768
2769 2769 @hybrid_property
2770 2770 def description_safe(self):
2771 2771 from rhodecode.lib import helpers as h
2772 2772 return h.escape(self.group_description)
2773 2773
2774 2774 @classmethod
2775 2775 def hash_repo_group_name(cls, repo_group_name):
2776 2776 val = remove_formatting(repo_group_name)
2777 2777 val = safe_str(val).lower()
2778 2778 chars = []
2779 2779 for c in val:
2780 2780 if c not in string.ascii_letters:
2781 2781 c = str(ord(c))
2782 2782 chars.append(c)
2783 2783
2784 2784 return ''.join(chars)
2785 2785
2786 2786 @classmethod
2787 2787 def _generate_choice(cls, repo_group):
2788 2788 from webhelpers2.html import literal as _literal
2789 2789
2790 2790 def _name(k):
2791 2791 return _literal(cls.CHOICES_SEPARATOR.join(k))
2792 2792
2793 2793 return repo_group.group_id, _name(repo_group.full_path_splitted)
2794 2794
2795 2795 @classmethod
2796 2796 def groups_choices(cls, groups=None, show_empty_group=True):
2797 2797 if not groups:
2798 2798 groups = cls.query().all()
2799 2799
2800 2800 repo_groups = []
2801 2801 if show_empty_group:
2802 2802 repo_groups = [(-1, '-- %s --' % _('No parent'))]
2803 2803
2804 2804 repo_groups.extend([cls._generate_choice(x) for x in groups])
2805 2805
2806 2806 repo_groups = sorted(
2807 2807 repo_groups, key=lambda t: t[1].split(cls.CHOICES_SEPARATOR)[0])
2808 2808 return repo_groups
2809 2809
2810 2810 @classmethod
2811 2811 def url_sep(cls):
2812 2812 return URL_SEP
2813 2813
2814 2814 @classmethod
2815 2815 def get_by_group_name(cls, group_name, cache=False, case_insensitive=False):
2816 2816 if case_insensitive:
2817 2817 gr = cls.query().filter(func.lower(cls.group_name)
2818 2818 == func.lower(group_name))
2819 2819 else:
2820 2820 gr = cls.query().filter(cls.group_name == group_name)
2821 2821 if cache:
2822 2822 name_key = _hash_key(group_name)
2823 2823 gr = gr.options(
2824 2824 FromCache("sql_cache_short", f"get_group_{name_key}"))
2825 2825 return gr.scalar()
2826 2826
2827 2827 @classmethod
2828 2828 def get_user_personal_repo_group(cls, user_id):
2829 2829 user = User.get(user_id)
2830 2830 if user.username == User.DEFAULT_USER:
2831 2831 return None
2832 2832
2833 2833 return cls.query()\
2834 2834 .filter(cls.personal == true()) \
2835 2835 .filter(cls.user == user) \
2836 2836 .order_by(cls.group_id.asc()) \
2837 2837 .first()
2838 2838
2839 2839 @classmethod
2840 2840 def get_all_repo_groups(cls, user_id=Optional(None), group_id=Optional(None),
2841 2841 case_insensitive=True):
2842 2842 q = RepoGroup.query()
2843 2843
2844 2844 if not isinstance(user_id, Optional):
2845 2845 q = q.filter(RepoGroup.user_id == user_id)
2846 2846
2847 2847 if not isinstance(group_id, Optional):
2848 2848 q = q.filter(RepoGroup.group_parent_id == group_id)
2849 2849
2850 2850 if case_insensitive:
2851 2851 q = q.order_by(func.lower(RepoGroup.group_name))
2852 2852 else:
2853 2853 q = q.order_by(RepoGroup.group_name)
2854 2854 return q.all()
2855 2855
2856 2856 @property
2857 2857 def parents(self, parents_recursion_limit=10):
2858 2858 groups = []
2859 2859 if self.parent_group is None:
2860 2860 return groups
2861 2861 cur_gr = self.parent_group
2862 2862 groups.insert(0, cur_gr)
2863 2863 cnt = 0
2864 2864 while 1:
2865 2865 cnt += 1
2866 2866 gr = getattr(cur_gr, 'parent_group', None)
2867 2867 cur_gr = cur_gr.parent_group
2868 2868 if gr is None:
2869 2869 break
2870 2870 if cnt == parents_recursion_limit:
2871 2871 # this will prevent accidental infinit loops
2872 2872 log.error('more than %s parents found for group %s, stopping '
2873 2873 'recursive parent fetching', parents_recursion_limit, self)
2874 2874 break
2875 2875
2876 2876 groups.insert(0, gr)
2877 2877 return groups
2878 2878
2879 2879 @property
2880 2880 def last_commit_cache_update_diff(self):
2881 2881 return time.time() - (safe_int(self.changeset_cache.get('updated_on')) or 0)
2882 2882
2883 2883 @classmethod
2884 2884 def _load_commit_change(cls, last_commit_cache):
2885 2885 from rhodecode.lib.vcs.utils.helpers import parse_datetime
2886 2886 empty_date = datetime.datetime.fromtimestamp(0)
2887 2887 date_latest = last_commit_cache.get('date', empty_date)
2888 2888 try:
2889 2889 return parse_datetime(date_latest)
2890 2890 except Exception:
2891 2891 return empty_date
2892 2892
2893 2893 @property
2894 2894 def last_commit_change(self):
2895 2895 return self._load_commit_change(self.changeset_cache)
2896 2896
2897 2897 @property
2898 2898 def last_db_change(self):
2899 2899 return self.updated_on
2900 2900
2901 2901 @property
2902 2902 def children(self):
2903 2903 return RepoGroup.query().filter(RepoGroup.parent_group == self)
2904 2904
2905 2905 @property
2906 2906 def name(self):
2907 2907 return self.group_name.split(RepoGroup.url_sep())[-1]
2908 2908
2909 2909 @property
2910 2910 def full_path(self):
2911 2911 return self.group_name
2912 2912
2913 2913 @property
2914 2914 def full_path_splitted(self):
2915 2915 return self.group_name.split(RepoGroup.url_sep())
2916 2916
2917 2917 @property
2918 2918 def repositories(self):
2919 2919 return Repository.query()\
2920 2920 .filter(Repository.group == self)\
2921 2921 .order_by(Repository.repo_name)
2922 2922
2923 2923 @property
2924 2924 def repositories_recursive_count(self):
2925 2925 cnt = self.repositories.count()
2926 2926
2927 2927 def children_count(group):
2928 2928 cnt = 0
2929 2929 for child in group.children:
2930 2930 cnt += child.repositories.count()
2931 2931 cnt += children_count(child)
2932 2932 return cnt
2933 2933
2934 2934 return cnt + children_count(self)
2935 2935
2936 2936 def _recursive_objects(self, include_repos=True, include_groups=True):
2937 2937 all_ = []
2938 2938
2939 2939 def _get_members(root_gr):
2940 2940 if include_repos:
2941 2941 for r in root_gr.repositories:
2942 2942 all_.append(r)
2943 2943 childs = root_gr.children.all()
2944 2944 if childs:
2945 2945 for gr in childs:
2946 2946 if include_groups:
2947 2947 all_.append(gr)
2948 2948 _get_members(gr)
2949 2949
2950 2950 root_group = []
2951 2951 if include_groups:
2952 2952 root_group = [self]
2953 2953
2954 2954 _get_members(self)
2955 2955 return root_group + all_
2956 2956
2957 2957 def recursive_groups_and_repos(self):
2958 2958 """
2959 2959 Recursive return all groups, with repositories in those groups
2960 2960 """
2961 2961 return self._recursive_objects()
2962 2962
2963 2963 def recursive_groups(self):
2964 2964 """
2965 2965 Returns all children groups for this group including children of children
2966 2966 """
2967 2967 return self._recursive_objects(include_repos=False)
2968 2968
2969 2969 def recursive_repos(self):
2970 2970 """
2971 2971 Returns all children repositories for this group
2972 2972 """
2973 2973 return self._recursive_objects(include_groups=False)
2974 2974
2975 2975 def get_new_name(self, group_name):
2976 2976 """
2977 2977 returns new full group name based on parent and new name
2978 2978
2979 2979 :param group_name:
2980 2980 """
2981 2981 path_prefix = (self.parent_group.full_path_splitted if
2982 2982 self.parent_group else [])
2983 2983 return RepoGroup.url_sep().join(path_prefix + [group_name])
2984 2984
2985 2985 def update_commit_cache(self, config=None):
2986 2986 """
2987 2987 Update cache of last commit for newest repository inside this repository group.
2988 2988 cache_keys should be::
2989 2989
2990 2990 source_repo_id
2991 2991 short_id
2992 2992 raw_id
2993 2993 revision
2994 2994 parents
2995 2995 message
2996 2996 date
2997 2997 author
2998 2998
2999 2999 """
3000 3000 from rhodecode.lib.vcs.utils.helpers import parse_datetime
3001 3001 empty_date = datetime.datetime.fromtimestamp(0)
3002 3002
3003 3003 def repo_groups_and_repos(root_gr):
3004 3004 for _repo in root_gr.repositories:
3005 3005 yield _repo
3006 3006 for child_group in root_gr.children.all():
3007 3007 yield child_group
3008 3008
3009 3009 latest_repo_cs_cache = {}
3010 3010 for obj in repo_groups_and_repos(self):
3011 3011 repo_cs_cache = obj.changeset_cache
3012 3012 date_latest = latest_repo_cs_cache.get('date', empty_date)
3013 3013 date_current = repo_cs_cache.get('date', empty_date)
3014 3014 current_timestamp = datetime_to_time(parse_datetime(date_latest))
3015 3015 if current_timestamp < datetime_to_time(parse_datetime(date_current)):
3016 3016 latest_repo_cs_cache = repo_cs_cache
3017 3017 if hasattr(obj, 'repo_id'):
3018 3018 latest_repo_cs_cache['source_repo_id'] = obj.repo_id
3019 3019 else:
3020 3020 latest_repo_cs_cache['source_repo_id'] = repo_cs_cache.get('source_repo_id')
3021 3021
3022 3022 _date_latest = parse_datetime(latest_repo_cs_cache.get('date') or empty_date)
3023 3023
3024 3024 latest_repo_cs_cache['updated_on'] = time.time()
3025 3025 self.changeset_cache = latest_repo_cs_cache
3026 3026 self.updated_on = _date_latest
3027 3027 Session().add(self)
3028 3028 Session().commit()
3029 3029
3030 3030 log.debug('updated repo group `%s` with new commit cache %s, and last update_date: %s',
3031 3031 self.group_name, latest_repo_cs_cache, _date_latest)
3032 3032
3033 3033 def permissions(self, with_admins=True, with_owner=True,
3034 3034 expand_from_user_groups=False):
3035 3035 """
3036 3036 Permissions for repository groups
3037 3037 """
3038 3038 _admin_perm = 'group.admin'
3039 3039
3040 3040 owner_row = []
3041 3041 if with_owner:
3042 3042 usr = AttributeDict(self.user.get_dict())
3043 3043 usr.owner_row = True
3044 3044 usr.permission = _admin_perm
3045 3045 owner_row.append(usr)
3046 3046
3047 3047 super_admin_ids = []
3048 3048 super_admin_rows = []
3049 3049 if with_admins:
3050 3050 for usr in User.get_all_super_admins():
3051 3051 super_admin_ids.append(usr.user_id)
3052 3052 # if this admin is also owner, don't double the record
3053 3053 if usr.user_id == owner_row[0].user_id:
3054 3054 owner_row[0].admin_row = True
3055 3055 else:
3056 3056 usr = AttributeDict(usr.get_dict())
3057 3057 usr.admin_row = True
3058 3058 usr.permission = _admin_perm
3059 3059 super_admin_rows.append(usr)
3060 3060
3061 3061 q = UserRepoGroupToPerm.query().filter(UserRepoGroupToPerm.group == self)
3062 3062 q = q.options(joinedload(UserRepoGroupToPerm.group),
3063 3063 joinedload(UserRepoGroupToPerm.user),
3064 3064 joinedload(UserRepoGroupToPerm.permission),)
3065 3065
3066 3066 # get owners and admins and permissions. We do a trick of re-writing
3067 3067 # objects from sqlalchemy to named-tuples due to sqlalchemy session
3068 3068 # has a global reference and changing one object propagates to all
3069 3069 # others. This means if admin is also an owner admin_row that change
3070 3070 # would propagate to both objects
3071 3071 perm_rows = []
3072 3072 for _usr in q.all():
3073 3073 usr = AttributeDict(_usr.user.get_dict())
3074 3074 # if this user is also owner/admin, mark as duplicate record
3075 3075 if usr.user_id == owner_row[0].user_id or usr.user_id in super_admin_ids:
3076 3076 usr.duplicate_perm = True
3077 3077 usr.permission = _usr.permission.permission_name
3078 3078 perm_rows.append(usr)
3079 3079
3080 3080 # filter the perm rows by 'default' first and then sort them by
3081 3081 # admin,write,read,none permissions sorted again alphabetically in
3082 3082 # each group
3083 3083 perm_rows = sorted(perm_rows, key=display_user_sort)
3084 3084
3085 3085 user_groups_rows = []
3086 3086 if expand_from_user_groups:
3087 3087 for ug in self.permission_user_groups(with_members=True):
3088 3088 for user_data in ug.members:
3089 3089 user_groups_rows.append(user_data)
3090 3090
3091 3091 return super_admin_rows + owner_row + perm_rows + user_groups_rows
3092 3092
3093 3093 def permission_user_groups(self, with_members=False):
3094 3094 q = UserGroupRepoGroupToPerm.query()\
3095 3095 .filter(UserGroupRepoGroupToPerm.group == self)
3096 3096 q = q.options(joinedload(UserGroupRepoGroupToPerm.group),
3097 3097 joinedload(UserGroupRepoGroupToPerm.users_group),
3098 3098 joinedload(UserGroupRepoGroupToPerm.permission),)
3099 3099
3100 3100 perm_rows = []
3101 3101 for _user_group in q.all():
3102 3102 entry = AttributeDict(_user_group.users_group.get_dict())
3103 3103 entry.permission = _user_group.permission.permission_name
3104 3104 if with_members:
3105 3105 entry.members = [x.user.get_dict()
3106 3106 for x in _user_group.users_group.members]
3107 3107 perm_rows.append(entry)
3108 3108
3109 3109 perm_rows = sorted(perm_rows, key=display_user_group_sort)
3110 3110 return perm_rows
3111 3111
3112 3112 def get_api_data(self):
3113 3113 """
3114 3114 Common function for generating api data
3115 3115
3116 3116 """
3117 3117 group = self
3118 3118 data = {
3119 3119 'group_id': group.group_id,
3120 3120 'group_name': group.group_name,
3121 3121 'group_description': group.description_safe,
3122 3122 'parent_group': group.parent_group.group_name if group.parent_group else None,
3123 3123 'repositories': [x.repo_name for x in group.repositories],
3124 3124 'owner': group.user.username,
3125 3125 }
3126 3126 return data
3127 3127
3128 3128 def get_dict(self):
3129 3129 # Since we transformed `group_name` to a hybrid property, we need to
3130 3130 # keep compatibility with the code which uses `group_name` field.
3131 3131 result = super(RepoGroup, self).get_dict()
3132 3132 result['group_name'] = result.pop('_group_name', None)
3133 3133 result.pop('_changeset_cache', '')
3134 3134 return result
3135 3135
3136 3136
3137 3137 class Permission(Base, BaseModel):
3138 3138 __tablename__ = 'permissions'
3139 3139 __table_args__ = (
3140 3140 Index('p_perm_name_idx', 'permission_name'),
3141 3141 base_table_args,
3142 3142 )
3143 3143
3144 3144 PERMS = [
3145 3145 ('hg.admin', _('RhodeCode Super Administrator')),
3146 3146
3147 3147 ('repository.none', _('Repository no access')),
3148 3148 ('repository.read', _('Repository read access')),
3149 3149 ('repository.write', _('Repository write access')),
3150 3150 ('repository.admin', _('Repository admin access')),
3151 3151
3152 3152 ('group.none', _('Repository group no access')),
3153 3153 ('group.read', _('Repository group read access')),
3154 3154 ('group.write', _('Repository group write access')),
3155 3155 ('group.admin', _('Repository group admin access')),
3156 3156
3157 3157 ('usergroup.none', _('User group no access')),
3158 3158 ('usergroup.read', _('User group read access')),
3159 3159 ('usergroup.write', _('User group write access')),
3160 3160 ('usergroup.admin', _('User group admin access')),
3161 3161
3162 3162 ('branch.none', _('Branch no permissions')),
3163 3163 ('branch.merge', _('Branch access by web merge')),
3164 3164 ('branch.push', _('Branch access by push')),
3165 3165 ('branch.push_force', _('Branch access by push with force')),
3166 3166
3167 3167 ('hg.repogroup.create.false', _('Repository Group creation disabled')),
3168 3168 ('hg.repogroup.create.true', _('Repository Group creation enabled')),
3169 3169
3170 3170 ('hg.usergroup.create.false', _('User Group creation disabled')),
3171 3171 ('hg.usergroup.create.true', _('User Group creation enabled')),
3172 3172
3173 3173 ('hg.create.none', _('Repository creation disabled')),
3174 3174 ('hg.create.repository', _('Repository creation enabled')),
3175 3175 ('hg.create.write_on_repogroup.true', _('Repository creation enabled with write permission to a repository group')),
3176 3176 ('hg.create.write_on_repogroup.false', _('Repository creation disabled with write permission to a repository group')),
3177 3177
3178 3178 ('hg.fork.none', _('Repository forking disabled')),
3179 3179 ('hg.fork.repository', _('Repository forking enabled')),
3180 3180
3181 3181 ('hg.register.none', _('Registration disabled')),
3182 3182 ('hg.register.manual_activate', _('User Registration with manual account activation')),
3183 3183 ('hg.register.auto_activate', _('User Registration with automatic account activation')),
3184 3184
3185 3185 ('hg.password_reset.enabled', _('Password reset enabled')),
3186 3186 ('hg.password_reset.hidden', _('Password reset hidden')),
3187 3187 ('hg.password_reset.disabled', _('Password reset disabled')),
3188 3188
3189 3189 ('hg.extern_activate.manual', _('Manual activation of external account')),
3190 3190 ('hg.extern_activate.auto', _('Automatic activation of external account')),
3191 3191
3192 3192 ('hg.inherit_default_perms.false', _('Inherit object permissions from default user disabled')),
3193 3193 ('hg.inherit_default_perms.true', _('Inherit object permissions from default user enabled')),
3194 3194 ]
3195 3195
3196 3196 # definition of system default permissions for DEFAULT user, created on
3197 3197 # system setup
3198 3198 DEFAULT_USER_PERMISSIONS = [
3199 3199 # object perms
3200 3200 'repository.read',
3201 3201 'group.read',
3202 3202 'usergroup.read',
3203 3203 # branch, for backward compat we need same value as before so forced pushed
3204 3204 'branch.push_force',
3205 3205 # global
3206 3206 'hg.create.repository',
3207 3207 'hg.repogroup.create.false',
3208 3208 'hg.usergroup.create.false',
3209 3209 'hg.create.write_on_repogroup.true',
3210 3210 'hg.fork.repository',
3211 3211 'hg.register.manual_activate',
3212 3212 'hg.password_reset.enabled',
3213 3213 'hg.extern_activate.auto',
3214 3214 'hg.inherit_default_perms.true',
3215 3215 ]
3216 3216
3217 3217 # defines which permissions are more important higher the more important
3218 3218 # Weight defines which permissions are more important.
3219 3219 # The higher number the more important.
3220 3220 PERM_WEIGHTS = {
3221 3221 'repository.none': 0,
3222 3222 'repository.read': 1,
3223 3223 'repository.write': 3,
3224 3224 'repository.admin': 4,
3225 3225
3226 3226 'group.none': 0,
3227 3227 'group.read': 1,
3228 3228 'group.write': 3,
3229 3229 'group.admin': 4,
3230 3230
3231 3231 'usergroup.none': 0,
3232 3232 'usergroup.read': 1,
3233 3233 'usergroup.write': 3,
3234 3234 'usergroup.admin': 4,
3235 3235
3236 3236 'branch.none': 0,
3237 3237 'branch.merge': 1,
3238 3238 'branch.push': 3,
3239 3239 'branch.push_force': 4,
3240 3240
3241 3241 'hg.repogroup.create.false': 0,
3242 3242 'hg.repogroup.create.true': 1,
3243 3243
3244 3244 'hg.usergroup.create.false': 0,
3245 3245 'hg.usergroup.create.true': 1,
3246 3246
3247 3247 'hg.fork.none': 0,
3248 3248 'hg.fork.repository': 1,
3249 3249 'hg.create.none': 0,
3250 3250 'hg.create.repository': 1
3251 3251 }
3252 3252
3253 3253 permission_id = Column("permission_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3254 3254 permission_name = Column("permission_name", String(255), nullable=True, unique=None, default=None)
3255 3255 permission_longname = Column("permission_longname", String(255), nullable=True, unique=None, default=None)
3256 3256
3257 3257 def __repr__(self):
3258 3258 return "<%s('%s:%s')>" % (
3259 3259 self.cls_name, self.permission_id, self.permission_name
3260 3260 )
3261 3261
3262 3262 @classmethod
3263 3263 def get_by_key(cls, key):
3264 3264 return cls.query().filter(cls.permission_name == key).scalar()
3265 3265
3266 3266 @classmethod
3267 3267 def get_default_repo_perms(cls, user_id, repo_id=None):
3268 3268 q = Session().query(UserRepoToPerm, Repository, Permission)\
3269 3269 .join((Permission, UserRepoToPerm.permission_id == Permission.permission_id))\
3270 3270 .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\
3271 3271 .filter(UserRepoToPerm.user_id == user_id)
3272 3272 if repo_id:
3273 3273 q = q.filter(UserRepoToPerm.repository_id == repo_id)
3274 3274 return q.all()
3275 3275
3276 3276 @classmethod
3277 3277 def get_default_repo_branch_perms(cls, user_id, repo_id=None):
3278 3278 q = Session().query(UserToRepoBranchPermission, UserRepoToPerm, Permission) \
3279 3279 .join(
3280 3280 Permission,
3281 3281 UserToRepoBranchPermission.permission_id == Permission.permission_id) \
3282 3282 .join(
3283 3283 UserRepoToPerm,
3284 3284 UserToRepoBranchPermission.rule_to_perm_id == UserRepoToPerm.repo_to_perm_id) \
3285 3285 .filter(UserRepoToPerm.user_id == user_id)
3286 3286
3287 3287 if repo_id:
3288 3288 q = q.filter(UserToRepoBranchPermission.repository_id == repo_id)
3289 3289 return q.order_by(UserToRepoBranchPermission.rule_order).all()
3290 3290
3291 3291 @classmethod
3292 3292 def get_default_repo_perms_from_user_group(cls, user_id, repo_id=None):
3293 3293 q = Session().query(UserGroupRepoToPerm, Repository, Permission)\
3294 3294 .join(
3295 3295 Permission,
3296 3296 UserGroupRepoToPerm.permission_id == Permission.permission_id)\
3297 3297 .join(
3298 3298 Repository,
3299 3299 UserGroupRepoToPerm.repository_id == Repository.repo_id)\
3300 3300 .join(
3301 3301 UserGroup,
3302 3302 UserGroupRepoToPerm.users_group_id ==
3303 3303 UserGroup.users_group_id)\
3304 3304 .join(
3305 3305 UserGroupMember,
3306 3306 UserGroupRepoToPerm.users_group_id ==
3307 3307 UserGroupMember.users_group_id)\
3308 3308 .filter(
3309 3309 UserGroupMember.user_id == user_id,
3310 3310 UserGroup.users_group_active == true())
3311 3311 if repo_id:
3312 3312 q = q.filter(UserGroupRepoToPerm.repository_id == repo_id)
3313 3313 return q.all()
3314 3314
3315 3315 @classmethod
3316 3316 def get_default_repo_branch_perms_from_user_group(cls, user_id, repo_id=None):
3317 3317 q = Session().query(UserGroupToRepoBranchPermission, UserGroupRepoToPerm, Permission) \
3318 3318 .join(
3319 3319 Permission,
3320 3320 UserGroupToRepoBranchPermission.permission_id == Permission.permission_id) \
3321 3321 .join(
3322 3322 UserGroupRepoToPerm,
3323 3323 UserGroupToRepoBranchPermission.rule_to_perm_id == UserGroupRepoToPerm.users_group_to_perm_id) \
3324 3324 .join(
3325 3325 UserGroup,
3326 3326 UserGroupRepoToPerm.users_group_id == UserGroup.users_group_id) \
3327 3327 .join(
3328 3328 UserGroupMember,
3329 3329 UserGroupRepoToPerm.users_group_id == UserGroupMember.users_group_id) \
3330 3330 .filter(
3331 3331 UserGroupMember.user_id == user_id,
3332 3332 UserGroup.users_group_active == true())
3333 3333
3334 3334 if repo_id:
3335 3335 q = q.filter(UserGroupToRepoBranchPermission.repository_id == repo_id)
3336 3336 return q.order_by(UserGroupToRepoBranchPermission.rule_order).all()
3337 3337
3338 3338 @classmethod
3339 3339 def get_default_group_perms(cls, user_id, repo_group_id=None):
3340 3340 q = Session().query(UserRepoGroupToPerm, RepoGroup, Permission)\
3341 3341 .join(
3342 3342 Permission,
3343 3343 UserRepoGroupToPerm.permission_id == Permission.permission_id)\
3344 3344 .join(
3345 3345 RepoGroup,
3346 3346 UserRepoGroupToPerm.group_id == RepoGroup.group_id)\
3347 3347 .filter(UserRepoGroupToPerm.user_id == user_id)
3348 3348 if repo_group_id:
3349 3349 q = q.filter(UserRepoGroupToPerm.group_id == repo_group_id)
3350 3350 return q.all()
3351 3351
3352 3352 @classmethod
3353 3353 def get_default_group_perms_from_user_group(
3354 3354 cls, user_id, repo_group_id=None):
3355 3355 q = Session().query(UserGroupRepoGroupToPerm, RepoGroup, Permission)\
3356 3356 .join(
3357 3357 Permission,
3358 3358 UserGroupRepoGroupToPerm.permission_id ==
3359 3359 Permission.permission_id)\
3360 3360 .join(
3361 3361 RepoGroup,
3362 3362 UserGroupRepoGroupToPerm.group_id == RepoGroup.group_id)\
3363 3363 .join(
3364 3364 UserGroup,
3365 3365 UserGroupRepoGroupToPerm.users_group_id ==
3366 3366 UserGroup.users_group_id)\
3367 3367 .join(
3368 3368 UserGroupMember,
3369 3369 UserGroupRepoGroupToPerm.users_group_id ==
3370 3370 UserGroupMember.users_group_id)\
3371 3371 .filter(
3372 3372 UserGroupMember.user_id == user_id,
3373 3373 UserGroup.users_group_active == true())
3374 3374 if repo_group_id:
3375 3375 q = q.filter(UserGroupRepoGroupToPerm.group_id == repo_group_id)
3376 3376 return q.all()
3377 3377
3378 3378 @classmethod
3379 3379 def get_default_user_group_perms(cls, user_id, user_group_id=None):
3380 3380 q = Session().query(UserUserGroupToPerm, UserGroup, Permission)\
3381 3381 .join((Permission, UserUserGroupToPerm.permission_id == Permission.permission_id))\
3382 3382 .join((UserGroup, UserUserGroupToPerm.user_group_id == UserGroup.users_group_id))\
3383 3383 .filter(UserUserGroupToPerm.user_id == user_id)
3384 3384 if user_group_id:
3385 3385 q = q.filter(UserUserGroupToPerm.user_group_id == user_group_id)
3386 3386 return q.all()
3387 3387
3388 3388 @classmethod
3389 3389 def get_default_user_group_perms_from_user_group(
3390 3390 cls, user_id, user_group_id=None):
3391 3391 TargetUserGroup = aliased(UserGroup, name='target_user_group')
3392 3392 q = Session().query(UserGroupUserGroupToPerm, UserGroup, Permission)\
3393 3393 .join(
3394 3394 Permission,
3395 3395 UserGroupUserGroupToPerm.permission_id ==
3396 3396 Permission.permission_id)\
3397 3397 .join(
3398 3398 TargetUserGroup,
3399 3399 UserGroupUserGroupToPerm.target_user_group_id ==
3400 3400 TargetUserGroup.users_group_id)\
3401 3401 .join(
3402 3402 UserGroup,
3403 3403 UserGroupUserGroupToPerm.user_group_id ==
3404 3404 UserGroup.users_group_id)\
3405 3405 .join(
3406 3406 UserGroupMember,
3407 3407 UserGroupUserGroupToPerm.user_group_id ==
3408 3408 UserGroupMember.users_group_id)\
3409 3409 .filter(
3410 3410 UserGroupMember.user_id == user_id,
3411 3411 UserGroup.users_group_active == true())
3412 3412 if user_group_id:
3413 3413 q = q.filter(
3414 3414 UserGroupUserGroupToPerm.user_group_id == user_group_id)
3415 3415
3416 3416 return q.all()
3417 3417
3418 3418
3419 3419 class UserRepoToPerm(Base, BaseModel):
3420 3420 __tablename__ = 'repo_to_perm'
3421 3421 __table_args__ = (
3422 3422 UniqueConstraint('user_id', 'repository_id', 'permission_id'),
3423 3423 base_table_args
3424 3424 )
3425 3425
3426 3426 repo_to_perm_id = Column("repo_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3427 3427 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3428 3428 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3429 3429 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
3430 3430
3431 3431 user = relationship('User', back_populates="repo_to_perm")
3432 3432 repository = relationship('Repository', back_populates="repo_to_perm")
3433 3433 permission = relationship('Permission')
3434 3434
3435 3435 branch_perm_entry = relationship('UserToRepoBranchPermission', cascade="all, delete-orphan", lazy='joined', back_populates='user_repo_to_perm')
3436 3436
3437 3437 @classmethod
3438 3438 def create(cls, user, repository, permission):
3439 3439 n = cls()
3440 3440 n.user = user
3441 3441 n.repository = repository
3442 3442 n.permission = permission
3443 3443 Session().add(n)
3444 3444 return n
3445 3445
3446 3446 def __repr__(self):
3447 3447 return f'<{self.user} => {self.repository} >'
3448 3448
3449 3449
3450 3450 class UserUserGroupToPerm(Base, BaseModel):
3451 3451 __tablename__ = 'user_user_group_to_perm'
3452 3452 __table_args__ = (
3453 3453 UniqueConstraint('user_id', 'user_group_id', 'permission_id'),
3454 3454 base_table_args
3455 3455 )
3456 3456
3457 3457 user_user_group_to_perm_id = Column("user_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3458 3458 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3459 3459 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3460 3460 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3461 3461
3462 3462 user = relationship('User', back_populates='user_group_to_perm')
3463 3463 user_group = relationship('UserGroup', back_populates='user_user_group_to_perm')
3464 3464 permission = relationship('Permission')
3465 3465
3466 3466 @classmethod
3467 3467 def create(cls, user, user_group, permission):
3468 3468 n = cls()
3469 3469 n.user = user
3470 3470 n.user_group = user_group
3471 3471 n.permission = permission
3472 3472 Session().add(n)
3473 3473 return n
3474 3474
3475 3475 def __repr__(self):
3476 3476 return f'<{self.user} => {self.user_group} >'
3477 3477
3478 3478
3479 3479 class UserToPerm(Base, BaseModel):
3480 3480 __tablename__ = 'user_to_perm'
3481 3481 __table_args__ = (
3482 3482 UniqueConstraint('user_id', 'permission_id'),
3483 3483 base_table_args
3484 3484 )
3485 3485
3486 3486 user_to_perm_id = Column("user_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3487 3487 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3488 3488 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3489 3489
3490 3490 user = relationship('User', back_populates='user_perms')
3491 3491 permission = relationship('Permission', lazy='joined')
3492 3492
3493 3493 def __repr__(self):
3494 3494 return f'<{self.user} => {self.permission} >'
3495 3495
3496 3496
3497 3497 class UserGroupRepoToPerm(Base, BaseModel):
3498 3498 __tablename__ = 'users_group_repo_to_perm'
3499 3499 __table_args__ = (
3500 3500 UniqueConstraint('repository_id', 'users_group_id', 'permission_id'),
3501 3501 base_table_args
3502 3502 )
3503 3503
3504 3504 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3505 3505 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3506 3506 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3507 3507 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
3508 3508
3509 3509 users_group = relationship('UserGroup', back_populates='users_group_repo_to_perm')
3510 3510 permission = relationship('Permission')
3511 3511 repository = relationship('Repository', back_populates='users_group_to_perm')
3512 3512 user_group_branch_perms = relationship('UserGroupToRepoBranchPermission', cascade='all', back_populates='user_group_repo_to_perm')
3513 3513
3514 3514 @classmethod
3515 3515 def create(cls, users_group, repository, permission):
3516 3516 n = cls()
3517 3517 n.users_group = users_group
3518 3518 n.repository = repository
3519 3519 n.permission = permission
3520 3520 Session().add(n)
3521 3521 return n
3522 3522
3523 3523 def __repr__(self):
3524 3524 return f'<UserGroupRepoToPerm:{self.users_group} => {self.repository} >'
3525 3525
3526 3526
3527 3527 class UserGroupUserGroupToPerm(Base, BaseModel):
3528 3528 __tablename__ = 'user_group_user_group_to_perm'
3529 3529 __table_args__ = (
3530 3530 UniqueConstraint('target_user_group_id', 'user_group_id', 'permission_id'),
3531 3531 CheckConstraint('target_user_group_id != user_group_id'),
3532 3532 base_table_args
3533 3533 )
3534 3534
3535 3535 user_group_user_group_to_perm_id = Column("user_group_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3536 3536 target_user_group_id = Column("target_user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3537 3537 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3538 3538 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3539 3539
3540 3540 target_user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id', back_populates='user_group_user_group_to_perm')
3541 3541 user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.user_group_id==UserGroup.users_group_id')
3542 3542 permission = relationship('Permission')
3543 3543
3544 3544 @classmethod
3545 3545 def create(cls, target_user_group, user_group, permission):
3546 3546 n = cls()
3547 3547 n.target_user_group = target_user_group
3548 3548 n.user_group = user_group
3549 3549 n.permission = permission
3550 3550 Session().add(n)
3551 3551 return n
3552 3552
3553 3553 def __repr__(self):
3554 3554 return f'<UserGroupUserGroup:{self.target_user_group} => {self.user_group} >'
3555 3555
3556 3556
3557 3557 class UserGroupToPerm(Base, BaseModel):
3558 3558 __tablename__ = 'users_group_to_perm'
3559 3559 __table_args__ = (
3560 3560 UniqueConstraint('users_group_id', 'permission_id',),
3561 3561 base_table_args
3562 3562 )
3563 3563
3564 3564 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3565 3565 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3566 3566 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3567 3567
3568 3568 users_group = relationship('UserGroup', back_populates='users_group_to_perm')
3569 3569 permission = relationship('Permission')
3570 3570
3571 3571
3572 3572 class UserRepoGroupToPerm(Base, BaseModel):
3573 3573 __tablename__ = 'user_repo_group_to_perm'
3574 3574 __table_args__ = (
3575 3575 UniqueConstraint('user_id', 'group_id', 'permission_id'),
3576 3576 base_table_args
3577 3577 )
3578 3578
3579 3579 group_to_perm_id = Column("group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3580 3580 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3581 3581 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
3582 3582 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3583 3583
3584 3584 user = relationship('User', back_populates='repo_group_to_perm')
3585 3585 group = relationship('RepoGroup', back_populates='repo_group_to_perm')
3586 3586 permission = relationship('Permission')
3587 3587
3588 3588 @classmethod
3589 3589 def create(cls, user, repository_group, permission):
3590 3590 n = cls()
3591 3591 n.user = user
3592 3592 n.group = repository_group
3593 3593 n.permission = permission
3594 3594 Session().add(n)
3595 3595 return n
3596 3596
3597 3597
3598 3598 class UserGroupRepoGroupToPerm(Base, BaseModel):
3599 3599 __tablename__ = 'users_group_repo_group_to_perm'
3600 3600 __table_args__ = (
3601 3601 UniqueConstraint('users_group_id', 'group_id'),
3602 3602 base_table_args
3603 3603 )
3604 3604
3605 3605 users_group_repo_group_to_perm_id = Column("users_group_repo_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3606 3606 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
3607 3607 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
3608 3608 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
3609 3609
3610 3610 users_group = relationship('UserGroup', back_populates='users_group_repo_group_to_perm')
3611 3611 permission = relationship('Permission')
3612 3612 group = relationship('RepoGroup', back_populates='users_group_to_perm')
3613 3613
3614 3614 @classmethod
3615 3615 def create(cls, user_group, repository_group, permission):
3616 3616 n = cls()
3617 3617 n.users_group = user_group
3618 3618 n.group = repository_group
3619 3619 n.permission = permission
3620 3620 Session().add(n)
3621 3621 return n
3622 3622
3623 3623 def __repr__(self):
3624 3624 return '<UserGroupRepoGroupToPerm:%s => %s >' % (self.users_group, self.group)
3625 3625
3626 3626
3627 3627 class Statistics(Base, BaseModel):
3628 3628 __tablename__ = 'statistics'
3629 3629 __table_args__ = (
3630 3630 base_table_args
3631 3631 )
3632 3632
3633 3633 stat_id = Column("stat_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3634 3634 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=True, default=None)
3635 3635 stat_on_revision = Column("stat_on_revision", Integer(), nullable=False)
3636 3636 commit_activity = Column("commit_activity", LargeBinary(1000000), nullable=False) #JSON data
3637 3637 commit_activity_combined = Column("commit_activity_combined", LargeBinary(), nullable=False) #JSON data
3638 3638 languages = Column("languages", LargeBinary(1000000), nullable=False) #JSON data
3639 3639
3640 3640 repository = relationship('Repository', single_parent=True, viewonly=True)
3641 3641
3642 3642
3643 3643 class UserFollowing(Base, BaseModel):
3644 3644 __tablename__ = 'user_followings'
3645 3645 __table_args__ = (
3646 3646 UniqueConstraint('user_id', 'follows_repository_id'),
3647 3647 UniqueConstraint('user_id', 'follows_user_id'),
3648 3648 base_table_args
3649 3649 )
3650 3650
3651 3651 user_following_id = Column("user_following_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3652 3652 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
3653 3653 follows_repo_id = Column("follows_repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)
3654 3654 follows_user_id = Column("follows_user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
3655 3655 follows_from = Column('follows_from', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
3656 3656
3657 3657 user = relationship('User', primaryjoin='User.user_id==UserFollowing.user_id', back_populates='followings')
3658 3658
3659 3659 follows_user = relationship('User', primaryjoin='User.user_id==UserFollowing.follows_user_id')
3660 3660 follows_repository = relationship('Repository', order_by='Repository.repo_name', back_populates='followers')
3661 3661
3662 3662 @classmethod
3663 3663 def get_repo_followers(cls, repo_id):
3664 3664 return cls.query().filter(cls.follows_repo_id == repo_id)
3665 3665
3666 3666
3667 3667 class CacheKey(Base, BaseModel):
3668 3668 __tablename__ = 'cache_invalidation'
3669 3669 __table_args__ = (
3670 3670 UniqueConstraint('cache_key'),
3671 3671 Index('key_idx', 'cache_key'),
3672 3672 Index('cache_args_idx', 'cache_args'),
3673 3673 base_table_args,
3674 3674 )
3675 3675
3676 3676 CACHE_TYPE_FEED = 'FEED'
3677 3677
3678 3678 # namespaces used to register process/thread aware caches
3679 3679 REPO_INVALIDATION_NAMESPACE = 'repo_cache.v1:{repo_id}'
3680 3680
3681 3681 cache_id = Column("cache_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
3682 3682 cache_key = Column("cache_key", String(255), nullable=True, unique=None, default=None)
3683 3683 cache_args = Column("cache_args", String(255), nullable=True, unique=None, default=None)
3684 3684 cache_state_uid = Column("cache_state_uid", String(255), nullable=True, unique=None, default=None)
3685 3685 cache_active = Column("cache_active", Boolean(), nullable=True, unique=None, default=False)
3686 3686
3687 3687 def __init__(self, cache_key, cache_args='', cache_state_uid=None, cache_active=False):
3688 3688 self.cache_key = cache_key
3689 3689 self.cache_args = cache_args
3690 3690 self.cache_active = cache_active
3691 3691 # first key should be same for all entries, since all workers should share it
3692 3692 self.cache_state_uid = cache_state_uid or self.generate_new_state_uid()
3693 3693
3694 3694 def __repr__(self):
3695 3695 return "<%s('%s:%s[%s]')>" % (
3696 3696 self.cls_name,
3697 3697 self.cache_id, self.cache_key, self.cache_active)
3698 3698
3699 3699 def _cache_key_partition(self):
3700 3700 prefix, repo_name, suffix = self.cache_key.partition(self.cache_args)
3701 3701 return prefix, repo_name, suffix
3702 3702
3703 3703 def get_prefix(self):
3704 3704 """
3705 3705 Try to extract prefix from existing cache key. The key could consist
3706 3706 of prefix, repo_name, suffix
3707 3707 """
3708 3708 # this returns prefix, repo_name, suffix
3709 3709 return self._cache_key_partition()[0]
3710 3710
3711 3711 def get_suffix(self):
3712 3712 """
3713 3713 get suffix that might have been used in _get_cache_key to
3714 3714 generate self.cache_key. Only used for informational purposes
3715 3715 in repo_edit.mako.
3716 3716 """
3717 3717 # prefix, repo_name, suffix
3718 3718 return self._cache_key_partition()[2]
3719 3719
3720 3720 @classmethod
3721 3721 def generate_new_state_uid(cls, based_on=None):
3722 3722 if based_on:
3723 3723 return str(uuid.uuid5(uuid.NAMESPACE_URL, safe_str(based_on)))
3724 3724 else:
3725 3725 return str(uuid.uuid4())
3726 3726
3727 3727 @classmethod
3728 3728 def delete_all_cache(cls):
3729 3729 """
3730 3730 Delete all cache keys from database.
3731 3731 Should only be run when all instances are down and all entries
3732 3732 thus stale.
3733 3733 """
3734 3734 cls.query().delete()
3735 3735 Session().commit()
3736 3736
3737 3737 @classmethod
3738 3738 def set_invalidate(cls, cache_uid, delete=False):
3739 3739 """
3740 3740 Mark all caches of a repo as invalid in the database.
3741 3741 """
3742 3742 try:
3743 3743 qry = Session().query(cls).filter(cls.cache_key == cache_uid)
3744 3744 if delete:
3745 3745 qry.delete()
3746 3746 log.debug('cache objects deleted for cache args %s',
3747 3747 safe_str(cache_uid))
3748 3748 else:
3749 3749 new_uid = cls.generate_new_state_uid()
3750 3750 qry.update({"cache_state_uid": new_uid,
3751 3751 "cache_args": f"repo_state:{time.time()}"})
3752 3752 log.debug('cache object %s set new UID %s',
3753 3753 safe_str(cache_uid), new_uid)
3754 3754
3755 3755 Session().commit()
3756 3756 except Exception:
3757 3757 log.exception(
3758 3758 'Cache key invalidation failed for cache args %s',
3759 3759 safe_str(cache_uid))
3760 3760 Session().rollback()
3761 3761
3762 3762 @classmethod
3763 3763 def get_active_cache(cls, cache_key):
3764 3764 inv_obj = cls.query().filter(cls.cache_key == cache_key).scalar()
3765 3765 if inv_obj:
3766 3766 return inv_obj
3767 3767 return None
3768 3768
3769 3769 @classmethod
3770 3770 def get_namespace_map(cls, namespace):
3771 3771 return {
3772 3772 x.cache_key: x
3773 3773 for x in cls.query().filter(cls.cache_args == namespace)}
3774 3774
3775 3775
3776 3776 class ChangesetComment(Base, BaseModel):
3777 3777 __tablename__ = 'changeset_comments'
3778 3778 __table_args__ = (
3779 3779 Index('cc_revision_idx', 'revision'),
3780 3780 base_table_args,
3781 3781 )
3782 3782
3783 3783 COMMENT_OUTDATED = 'comment_outdated'
3784 3784 COMMENT_TYPE_NOTE = 'note'
3785 3785 COMMENT_TYPE_TODO = 'todo'
3786 3786 COMMENT_TYPES = [COMMENT_TYPE_NOTE, COMMENT_TYPE_TODO]
3787 3787
3788 3788 OP_IMMUTABLE = 'immutable'
3789 3789 OP_CHANGEABLE = 'changeable'
3790 3790
3791 3791 comment_id = Column('comment_id', Integer(), nullable=False, primary_key=True)
3792 3792 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
3793 3793 revision = Column('revision', String(40), nullable=True)
3794 3794 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
3795 3795 pull_request_version_id = Column("pull_request_version_id", Integer(), ForeignKey('pull_request_versions.pull_request_version_id'), nullable=True)
3796 3796 line_no = Column('line_no', Unicode(10), nullable=True)
3797 3797 hl_lines = Column('hl_lines', Unicode(512), nullable=True)
3798 3798 f_path = Column('f_path', Unicode(1000), nullable=True)
3799 3799 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
3800 3800 text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False)
3801 3801 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3802 3802 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3803 3803 renderer = Column('renderer', Unicode(64), nullable=True)
3804 3804 display_state = Column('display_state', Unicode(128), nullable=True)
3805 3805 immutable_state = Column('immutable_state', Unicode(128), nullable=True, default=OP_CHANGEABLE)
3806 3806 draft = Column('draft', Boolean(), nullable=True, default=False)
3807 3807
3808 3808 comment_type = Column('comment_type', Unicode(128), nullable=True, default=COMMENT_TYPE_NOTE)
3809 3809 resolved_comment_id = Column('resolved_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'), nullable=True)
3810 3810
3811 3811 resolved_comment = relationship('ChangesetComment', remote_side=comment_id, back_populates='resolved_by')
3812 3812 resolved_by = relationship('ChangesetComment', back_populates='resolved_comment')
3813 3813
3814 3814 author = relationship('User', lazy='select', back_populates='user_comments')
3815 3815 repo = relationship('Repository', back_populates='comments')
3816 3816 status_change = relationship('ChangesetStatus', cascade="all, delete-orphan", lazy='select', back_populates='comment')
3817 3817 pull_request = relationship('PullRequest', lazy='select', back_populates='comments')
3818 3818 pull_request_version = relationship('PullRequestVersion', lazy='select')
3819 3819 history = relationship('ChangesetCommentHistory', cascade='all, delete-orphan', lazy='select', order_by='ChangesetCommentHistory.version', back_populates="comment")
3820 3820
3821 3821 @classmethod
3822 3822 def get_users(cls, revision=None, pull_request_id=None):
3823 3823 """
3824 3824 Returns user associated with this ChangesetComment. ie those
3825 3825 who actually commented
3826 3826
3827 3827 :param cls:
3828 3828 :param revision:
3829 3829 """
3830 3830 q = Session().query(User).join(ChangesetComment.author)
3831 3831 if revision:
3832 3832 q = q.filter(cls.revision == revision)
3833 3833 elif pull_request_id:
3834 3834 q = q.filter(cls.pull_request_id == pull_request_id)
3835 3835 return q.all()
3836 3836
3837 3837 @classmethod
3838 3838 def get_index_from_version(cls, pr_version, versions=None, num_versions=None) -> int:
3839 3839 if pr_version is None:
3840 3840 return 0
3841 3841
3842 3842 if versions is not None:
3843 3843 num_versions = [x.pull_request_version_id for x in versions]
3844 3844
3845 3845 num_versions = num_versions or []
3846 3846 try:
3847 3847 return num_versions.index(pr_version) + 1
3848 3848 except (IndexError, ValueError):
3849 3849 return 0
3850 3850
3851 3851 @property
3852 3852 def outdated(self):
3853 3853 return self.display_state == self.COMMENT_OUTDATED
3854 3854
3855 3855 @property
3856 3856 def outdated_js(self):
3857 3857 return str_json(self.display_state == self.COMMENT_OUTDATED)
3858 3858
3859 3859 @property
3860 3860 def immutable(self):
3861 3861 return self.immutable_state == self.OP_IMMUTABLE
3862 3862
3863 3863 def outdated_at_version(self, version: int) -> bool:
3864 3864 """
3865 3865 Checks if comment is outdated for given pull request version
3866 3866 """
3867 3867
3868 3868 def version_check():
3869 3869 return self.pull_request_version_id and self.pull_request_version_id != version
3870 3870
3871 3871 if self.is_inline:
3872 3872 return self.outdated and version_check()
3873 3873 else:
3874 3874 # general comments don't have .outdated set, also latest don't have a version
3875 3875 return version_check()
3876 3876
3877 3877 def outdated_at_version_js(self, version):
3878 3878 """
3879 3879 Checks if comment is outdated for given pull request version
3880 3880 """
3881 3881 return str_json(self.outdated_at_version(version))
3882 3882
3883 3883 def older_than_version(self, version: int) -> bool:
3884 3884 """
3885 3885 Checks if comment is made from a previous version than given.
3886 3886 Assumes self.pull_request_version.pull_request_version_id is an integer if not None.
3887 3887 """
3888 3888
3889 3889 # If version is None, return False as the current version cannot be less than None
3890 3890 if version is None:
3891 3891 return False
3892 3892
3893 3893 # Ensure that the version is an integer to prevent TypeError on comparison
3894 3894 if not isinstance(version, int):
3895 3895 raise ValueError("The provided version must be an integer.")
3896 3896
3897 3897 # Initialize current version to 0 or pull_request_version_id if it's available
3898 3898 cur_ver = 0
3899 3899 if self.pull_request_version and self.pull_request_version.pull_request_version_id is not None:
3900 3900 cur_ver = self.pull_request_version.pull_request_version_id
3901 3901
3902 3902 # Return True if the current version is less than the given version
3903 3903 return cur_ver < version
3904 3904
3905 3905 def older_than_version_js(self, version):
3906 3906 """
3907 3907 Checks if comment is made from previous version than given
3908 3908 """
3909 3909 return str_json(self.older_than_version(version))
3910 3910
3911 3911 @property
3912 3912 def commit_id(self):
3913 3913 """New style naming to stop using .revision"""
3914 3914 return self.revision
3915 3915
3916 3916 @property
3917 3917 def resolved(self):
3918 3918 return self.resolved_by[0] if self.resolved_by else None
3919 3919
3920 3920 @property
3921 3921 def is_todo(self):
3922 3922 return self.comment_type == self.COMMENT_TYPE_TODO
3923 3923
3924 3924 @property
3925 3925 def is_inline(self):
3926 3926 if self.line_no and self.f_path:
3927 3927 return True
3928 3928 return False
3929 3929
3930 3930 @property
3931 3931 def last_version(self):
3932 3932 version = 0
3933 3933 if self.history:
3934 3934 version = self.history[-1].version
3935 3935 return version
3936 3936
3937 3937 def get_index_version(self, versions):
3938 3938 return self.get_index_from_version(
3939 3939 self.pull_request_version_id, versions)
3940 3940
3941 3941 @property
3942 3942 def review_status(self):
3943 3943 if self.status_change:
3944 3944 return self.status_change[0].status
3945 3945
3946 3946 @property
3947 3947 def review_status_lbl(self):
3948 3948 if self.status_change:
3949 3949 return self.status_change[0].status_lbl
3950 3950
3951 3951 def __repr__(self):
3952 3952 if self.comment_id:
3953 3953 return f'<DB:Comment #{self.comment_id}>'
3954 3954 else:
3955 3955 return f'<DB:Comment at {id(self)!r}>'
3956 3956
3957 3957 def get_api_data(self):
3958 3958 comment = self
3959 3959
3960 3960 data = {
3961 3961 'comment_id': comment.comment_id,
3962 3962 'comment_type': comment.comment_type,
3963 3963 'comment_text': comment.text,
3964 3964 'comment_status': comment.status_change,
3965 3965 'comment_f_path': comment.f_path,
3966 3966 'comment_lineno': comment.line_no,
3967 3967 'comment_author': comment.author,
3968 3968 'comment_created_on': comment.created_on,
3969 3969 'comment_resolved_by': self.resolved,
3970 3970 'comment_commit_id': comment.revision,
3971 3971 'comment_pull_request_id': comment.pull_request_id,
3972 3972 'comment_last_version': self.last_version
3973 3973 }
3974 3974 return data
3975 3975
3976 3976 def __json__(self):
3977 3977 data = dict()
3978 3978 data.update(self.get_api_data())
3979 3979 return data
3980 3980
3981 3981
3982 3982 class ChangesetCommentHistory(Base, BaseModel):
3983 3983 __tablename__ = 'changeset_comments_history'
3984 3984 __table_args__ = (
3985 3985 Index('cch_comment_id_idx', 'comment_id'),
3986 3986 base_table_args,
3987 3987 )
3988 3988
3989 3989 comment_history_id = Column('comment_history_id', Integer(), nullable=False, primary_key=True)
3990 3990 comment_id = Column('comment_id', Integer(), ForeignKey('changeset_comments.comment_id'), nullable=False)
3991 3991 version = Column("version", Integer(), nullable=False, default=0)
3992 3992 created_by_user_id = Column('created_by_user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
3993 3993 text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False)
3994 3994 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3995 3995 deleted = Column('deleted', Boolean(), default=False)
3996 3996
3997 3997 author = relationship('User', lazy='joined')
3998 3998 comment = relationship('ChangesetComment', cascade="all, delete", back_populates="history")
3999 3999
4000 4000 @classmethod
4001 4001 def get_version(cls, comment_id):
4002 4002 q = Session().query(ChangesetCommentHistory).filter(
4003 4003 ChangesetCommentHistory.comment_id == comment_id).order_by(ChangesetCommentHistory.version.desc())
4004 4004 if q.count() == 0:
4005 4005 return 1
4006 4006 elif q.count() >= q[0].version:
4007 4007 return q.count() + 1
4008 4008 else:
4009 4009 return q[0].version + 1
4010 4010
4011 4011
4012 4012 class ChangesetStatus(Base, BaseModel):
4013 4013 __tablename__ = 'changeset_statuses'
4014 4014 __table_args__ = (
4015 4015 Index('cs_revision_idx', 'revision'),
4016 4016 Index('cs_version_idx', 'version'),
4017 4017 UniqueConstraint('repo_id', 'revision', 'version'),
4018 4018 base_table_args
4019 4019 )
4020 4020
4021 4021 STATUS_NOT_REVIEWED = DEFAULT = 'not_reviewed'
4022 4022 STATUS_APPROVED = 'approved'
4023 4023 STATUS_REJECTED = 'rejected'
4024 4024 STATUS_UNDER_REVIEW = 'under_review'
4025 4025
4026 4026 STATUSES = [
4027 4027 (STATUS_NOT_REVIEWED, _("Not Reviewed")), # (no icon) and default
4028 4028 (STATUS_APPROVED, _("Approved")),
4029 4029 (STATUS_REJECTED, _("Rejected")),
4030 4030 (STATUS_UNDER_REVIEW, _("Under Review")),
4031 4031 ]
4032 4032
4033 4033 changeset_status_id = Column('changeset_status_id', Integer(), nullable=False, primary_key=True)
4034 4034 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
4035 4035 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None)
4036 4036 revision = Column('revision', String(40), nullable=False)
4037 4037 status = Column('status', String(128), nullable=False, default=DEFAULT)
4038 4038 changeset_comment_id = Column('changeset_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'))
4039 4039 modified_at = Column('modified_at', DateTime(), nullable=False, default=datetime.datetime.now)
4040 4040 version = Column('version', Integer(), nullable=False, default=0)
4041 4041 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
4042 4042
4043 4043 author = relationship('User', lazy='select')
4044 4044 repo = relationship('Repository', lazy='select')
4045 4045 comment = relationship('ChangesetComment', lazy='select', back_populates='status_change')
4046 4046 pull_request = relationship('PullRequest', lazy='select', back_populates='statuses')
4047 4047
4048 4048 def __repr__(self):
4049 4049 return f"<{self.cls_name}('{self.status}[v{self.version}]:{self.author}')>"
4050 4050
4051 4051 @classmethod
4052 4052 def get_status_lbl(cls, value):
4053 4053 return dict(cls.STATUSES).get(value)
4054 4054
4055 4055 @property
4056 4056 def status_lbl(self):
4057 4057 return ChangesetStatus.get_status_lbl(self.status)
4058 4058
4059 4059 def get_api_data(self):
4060 4060 status = self
4061 4061 data = {
4062 4062 'status_id': status.changeset_status_id,
4063 4063 'status': status.status,
4064 4064 }
4065 4065 return data
4066 4066
4067 4067 def __json__(self):
4068 4068 data = dict()
4069 4069 data.update(self.get_api_data())
4070 4070 return data
4071 4071
4072 4072
4073 4073 class _SetState(object):
4074 4074 """
4075 4075 Context processor allowing changing state for sensitive operation such as
4076 4076 pull request update or merge
4077 4077 """
4078 4078
4079 4079 def __init__(self, pull_request, pr_state, back_state=None):
4080 4080 self._pr = pull_request
4081 4081 self._org_state = back_state or pull_request.pull_request_state
4082 4082 self._pr_state = pr_state
4083 4083 self._current_state = None
4084 4084
4085 4085 def __enter__(self):
4086 4086 log.debug('StateLock: entering set state context of pr %s, setting state to: `%s`',
4087 4087 self._pr, self._pr_state)
4088 4088 self.set_pr_state(self._pr_state)
4089 4089 return self
4090 4090
4091 4091 def __exit__(self, exc_type, exc_val, exc_tb):
4092 4092 if exc_val is not None or exc_type is not None:
4093 4093 log.error(traceback.format_tb(exc_tb))
4094 4094 return None
4095 4095
4096 4096 self.set_pr_state(self._org_state)
4097 4097 log.debug('StateLock: exiting set state context of pr %s, setting state to: `%s`',
4098 4098 self._pr, self._org_state)
4099 4099
4100 4100 @property
4101 4101 def state(self):
4102 4102 return self._current_state
4103 4103
4104 4104 def set_pr_state(self, pr_state):
4105 4105 try:
4106 4106 self._pr.pull_request_state = pr_state
4107 4107 Session().add(self._pr)
4108 4108 Session().commit()
4109 4109 self._current_state = pr_state
4110 4110 except Exception:
4111 4111 log.exception('Failed to set PullRequest %s state to %s', self._pr, pr_state)
4112 4112 raise
4113 4113
4114 4114
4115 4115 class _PullRequestBase(BaseModel):
4116 4116 """
4117 4117 Common attributes of pull request and version entries.
4118 4118 """
4119 4119
4120 4120 # .status values
4121 4121 STATUS_NEW = 'new'
4122 4122 STATUS_OPEN = 'open'
4123 4123 STATUS_CLOSED = 'closed'
4124 4124
4125 4125 # available states
4126 4126 STATE_CREATING = 'creating'
4127 4127 STATE_UPDATING = 'updating'
4128 4128 STATE_MERGING = 'merging'
4129 4129 STATE_CREATED = 'created'
4130 4130
4131 4131 title = Column('title', Unicode(255), nullable=True)
4132 4132 description = Column(
4133 4133 'description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'),
4134 4134 nullable=True)
4135 4135 description_renderer = Column('description_renderer', Unicode(64), nullable=True)
4136 4136
4137 4137 # new/open/closed status of pull request (not approve/reject/etc)
4138 4138 status = Column('status', Unicode(255), nullable=False, default=STATUS_NEW)
4139 4139 created_on = Column(
4140 4140 'created_on', DateTime(timezone=False), nullable=False,
4141 4141 default=datetime.datetime.now)
4142 4142 updated_on = Column(
4143 4143 'updated_on', DateTime(timezone=False), nullable=False,
4144 4144 default=datetime.datetime.now)
4145 4145
4146 4146 pull_request_state = Column("pull_request_state", String(255), nullable=True)
4147 4147
4148 4148 @declared_attr
4149 4149 def user_id(cls):
4150 4150 return Column(
4151 4151 "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
4152 4152 unique=None)
4153 4153
4154 4154 # 500 revisions max
4155 4155 _revisions = Column(
4156 4156 'revisions', UnicodeText().with_variant(UnicodeText(20500), 'mysql'))
4157 4157
4158 4158 common_ancestor_id = Column('common_ancestor_id', Unicode(255), nullable=True)
4159 4159
4160 4160 @declared_attr
4161 4161 def source_repo_id(cls):
4162 4162 # TODO: dan: rename column to source_repo_id
4163 4163 return Column(
4164 4164 'org_repo_id', Integer(), ForeignKey('repositories.repo_id'),
4165 4165 nullable=False)
4166 4166
4167 4167 @declared_attr
4168 4168 def pr_source(cls):
4169 4169 return relationship(
4170 4170 'Repository',
4171 4171 primaryjoin=f'{cls.__name__}.source_repo_id==Repository.repo_id',
4172 4172 overlaps="pull_requests_source"
4173 4173 )
4174 4174
4175 4175 _source_ref = Column('org_ref', Unicode(255), nullable=False)
4176 4176
4177 4177 @hybrid_property
4178 4178 def source_ref(self):
4179 4179 return self._source_ref
4180 4180
4181 4181 @source_ref.setter
4182 4182 def source_ref(self, val):
4183 4183 parts = (val or '').split(':')
4184 4184 if len(parts) != 3:
4185 4185 raise ValueError(
4186 4186 'Invalid reference format given: {}, expected X:Y:Z'.format(val))
4187 4187 self._source_ref = safe_str(val)
4188 4188
4189 4189 _target_ref = Column('other_ref', Unicode(255), nullable=False)
4190 4190
4191 4191 @hybrid_property
4192 4192 def target_ref(self):
4193 4193 return self._target_ref
4194 4194
4195 4195 @target_ref.setter
4196 4196 def target_ref(self, val):
4197 4197 parts = (val or '').split(':')
4198 4198 if len(parts) != 3:
4199 4199 raise ValueError(
4200 4200 'Invalid reference format given: {}, expected X:Y:Z'.format(val))
4201 4201 self._target_ref = safe_str(val)
4202 4202
4203 4203 @declared_attr
4204 4204 def target_repo_id(cls):
4205 4205 # TODO: dan: rename column to target_repo_id
4206 4206 return Column(
4207 4207 'other_repo_id', Integer(), ForeignKey('repositories.repo_id'),
4208 4208 nullable=False)
4209 4209
4210 4210 @declared_attr
4211 4211 def pr_target(cls):
4212 4212 return relationship(
4213 4213 'Repository',
4214 4214 primaryjoin=f'{cls.__name__}.target_repo_id==Repository.repo_id',
4215 4215 overlaps="pull_requests_target"
4216 4216 )
4217 4217
4218 4218 _shadow_merge_ref = Column('shadow_merge_ref', Unicode(255), nullable=True)
4219 4219
4220 4220 # TODO: dan: rename column to last_merge_source_rev
4221 4221 _last_merge_source_rev = Column(
4222 4222 'last_merge_org_rev', String(40), nullable=True)
4223 4223 # TODO: dan: rename column to last_merge_target_rev
4224 4224 _last_merge_target_rev = Column(
4225 4225 'last_merge_other_rev', String(40), nullable=True)
4226 4226 _last_merge_status = Column('merge_status', Integer(), nullable=True)
4227 4227 last_merge_metadata = Column(
4228 4228 'last_merge_metadata', MutationObj.as_mutable(
4229 4229 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
4230 4230
4231 4231 merge_rev = Column('merge_rev', String(40), nullable=True)
4232 4232
4233 4233 reviewer_data = Column(
4234 4234 'reviewer_data_json', MutationObj.as_mutable(
4235 4235 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
4236 4236
4237 4237 @property
4238 4238 def reviewer_data_json(self):
4239 4239 return str_json(self.reviewer_data)
4240 4240
4241 4241 @property
4242 4242 def last_merge_metadata_parsed(self):
4243 4243 metadata = {}
4244 4244 if not self.last_merge_metadata:
4245 4245 return metadata
4246 4246
4247 4247 if hasattr(self.last_merge_metadata, 'de_coerce'):
4248 4248 for k, v in self.last_merge_metadata.de_coerce().items():
4249 4249 if k in ['target_ref', 'source_ref']:
4250 4250 metadata[k] = Reference(v['type'], v['name'], v['commit_id'])
4251 4251 else:
4252 4252 if hasattr(v, 'de_coerce'):
4253 4253 metadata[k] = v.de_coerce()
4254 4254 else:
4255 4255 metadata[k] = v
4256 4256 return metadata
4257 4257
4258 4258 @property
4259 4259 def work_in_progress(self):
4260 4260 """checks if pull request is work in progress by checking the title"""
4261 4261 title = self.title.upper()
4262 4262 if re.match(r'^(\[WIP\]\s*|WIP:\s*|WIP\s+)', title):
4263 4263 return True
4264 4264 return False
4265 4265
4266 4266 @property
4267 4267 def title_safe(self):
4268 4268 return self.title\
4269 4269 .replace('{', '{{')\
4270 4270 .replace('}', '}}')
4271 4271
4272 4272 @hybrid_property
4273 4273 def description_safe(self):
4274 4274 from rhodecode.lib import helpers as h
4275 4275 return h.escape(self.description)
4276 4276
4277 4277 @hybrid_property
4278 4278 def revisions(self):
4279 4279 return self._revisions.split(':') if self._revisions else []
4280 4280
4281 4281 @revisions.setter
4282 4282 def revisions(self, val):
4283 4283 self._revisions = ':'.join(val)
4284 4284
4285 4285 @hybrid_property
4286 4286 def last_merge_status(self):
4287 4287 return safe_int(self._last_merge_status)
4288 4288
4289 4289 @last_merge_status.setter
4290 4290 def last_merge_status(self, val):
4291 4291 self._last_merge_status = val
4292 4292
4293 4293 @declared_attr
4294 4294 def author(cls):
4295 4295 return relationship(
4296 4296 'User', lazy='joined',
4297 4297 #TODO, problem that is somehow :?
4298 4298 #back_populates='user_pull_requests'
4299 4299 )
4300 4300
4301 4301 @declared_attr
4302 4302 def source_repo(cls):
4303 4303 return relationship(
4304 4304 'Repository',
4305 4305 primaryjoin=f'{cls.__name__}.source_repo_id==Repository.repo_id',
4306 4306 overlaps="pr_source"
4307 4307 )
4308 4308
4309 4309 @property
4310 4310 def source_ref_parts(self):
4311 4311 return self.unicode_to_reference(self.source_ref)
4312 4312
4313 4313 @declared_attr
4314 4314 def target_repo(cls):
4315 4315 return relationship(
4316 4316 'Repository',
4317 4317 primaryjoin=f'{cls.__name__}.target_repo_id==Repository.repo_id',
4318 4318 overlaps="pr_target"
4319 4319 )
4320 4320
4321 4321 @property
4322 4322 def target_ref_parts(self):
4323 4323 return self.unicode_to_reference(self.target_ref)
4324 4324
4325 4325 @property
4326 4326 def shadow_merge_ref(self):
4327 4327 return self.unicode_to_reference(self._shadow_merge_ref)
4328 4328
4329 4329 @shadow_merge_ref.setter
4330 4330 def shadow_merge_ref(self, ref):
4331 4331 self._shadow_merge_ref = self.reference_to_unicode(ref)
4332 4332
4333 4333 @staticmethod
4334 4334 def unicode_to_reference(raw):
4335 4335 return unicode_to_reference(raw)
4336 4336
4337 4337 @staticmethod
4338 4338 def reference_to_unicode(ref):
4339 4339 return reference_to_unicode(ref)
4340 4340
4341 4341 def get_api_data(self, with_merge_state=True):
4342 4342 from rhodecode.model.pull_request import PullRequestModel
4343 4343
4344 4344 pull_request = self
4345 4345 if with_merge_state:
4346 4346 merge_response, merge_status, msg = \
4347 4347 PullRequestModel().merge_status(pull_request)
4348 4348 merge_state = {
4349 4349 'status': merge_status,
4350 4350 'message': safe_str(msg),
4351 4351 }
4352 4352 else:
4353 4353 merge_state = {'status': 'not_available',
4354 4354 'message': 'not_available'}
4355 4355
4356 4356 merge_data = {
4357 4357 'clone_url': PullRequestModel().get_shadow_clone_url(pull_request),
4358 4358 'reference': (
4359 4359 pull_request.shadow_merge_ref.asdict()
4360 4360 if pull_request.shadow_merge_ref else None),
4361 4361 }
4362 4362
4363 4363 data = {
4364 4364 'pull_request_id': pull_request.pull_request_id,
4365 4365 'url': PullRequestModel().get_url(pull_request),
4366 4366 'title': pull_request.title,
4367 4367 'description': pull_request.description,
4368 4368 'status': pull_request.status,
4369 4369 'state': pull_request.pull_request_state,
4370 4370 'created_on': pull_request.created_on,
4371 4371 'updated_on': pull_request.updated_on,
4372 4372 'commit_ids': pull_request.revisions,
4373 4373 'review_status': pull_request.calculated_review_status(),
4374 4374 'mergeable': merge_state,
4375 4375 'source': {
4376 4376 'clone_url': pull_request.source_repo.clone_url(),
4377 4377 'repository': pull_request.source_repo.repo_name,
4378 4378 'reference': {
4379 4379 'name': pull_request.source_ref_parts.name,
4380 4380 'type': pull_request.source_ref_parts.type,
4381 4381 'commit_id': pull_request.source_ref_parts.commit_id,
4382 4382 },
4383 4383 },
4384 4384 'target': {
4385 4385 'clone_url': pull_request.target_repo.clone_url(),
4386 4386 'repository': pull_request.target_repo.repo_name,
4387 4387 'reference': {
4388 4388 'name': pull_request.target_ref_parts.name,
4389 4389 'type': pull_request.target_ref_parts.type,
4390 4390 'commit_id': pull_request.target_ref_parts.commit_id,
4391 4391 },
4392 4392 },
4393 4393 'merge': merge_data,
4394 4394 'author': pull_request.author.get_api_data(include_secrets=False,
4395 4395 details='basic'),
4396 4396 'reviewers': [
4397 4397 {
4398 4398 'user': reviewer.get_api_data(include_secrets=False,
4399 4399 details='basic'),
4400 4400 'reasons': reasons,
4401 4401 'review_status': st[0][1].status if st else 'not_reviewed',
4402 4402 }
4403 4403 for obj, reviewer, reasons, mandatory, st in
4404 4404 pull_request.reviewers_statuses()
4405 4405 ]
4406 4406 }
4407 4407
4408 4408 return data
4409 4409
4410 4410 def set_state(self, pull_request_state, final_state=None):
4411 4411 """
4412 4412 # goes from initial state to updating to initial state.
4413 4413 # initial state can be changed by specifying back_state=
4414 4414 with pull_request_obj.set_state(PullRequest.STATE_UPDATING):
4415 4415 pull_request.merge()
4416 4416
4417 4417 :param pull_request_state:
4418 4418 :param final_state:
4419 4419
4420 4420 """
4421 4421
4422 4422 return _SetState(self, pull_request_state, back_state=final_state)
4423 4423
4424 4424
4425 4425 class PullRequest(Base, _PullRequestBase):
4426 4426 __tablename__ = 'pull_requests'
4427 4427 __table_args__ = (
4428 4428 base_table_args,
4429 4429 )
4430 4430 LATEST_VER = 'latest'
4431 4431
4432 4432 pull_request_id = Column(
4433 4433 'pull_request_id', Integer(), nullable=False, primary_key=True)
4434 4434
4435 4435 def __repr__(self):
4436 4436 if self.pull_request_id:
4437 4437 return f'<DB:PullRequest #{self.pull_request_id}>'
4438 4438 else:
4439 4439 return f'<DB:PullRequest at {id(self)!r}>'
4440 4440
4441 4441 reviewers = relationship('PullRequestReviewers', cascade="all, delete-orphan", back_populates='pull_request')
4442 4442 statuses = relationship('ChangesetStatus', cascade="all, delete-orphan", back_populates='pull_request')
4443 4443 comments = relationship('ChangesetComment', cascade="all, delete-orphan", back_populates='pull_request')
4444 4444 versions = relationship('PullRequestVersion', cascade="all, delete-orphan", lazy='dynamic', back_populates='pull_request')
4445 4445
4446 4446 @classmethod
4447 4447 def get_pr_display_object(cls, pull_request_obj, org_pull_request_obj,
4448 4448 internal_methods=None):
4449 4449
4450 4450 class PullRequestDisplay(object):
4451 4451 """
4452 4452 Special object wrapper for showing PullRequest data via Versions
4453 4453 It mimics PR object as close as possible. This is read only object
4454 4454 just for display
4455 4455 """
4456 4456
4457 4457 def __init__(self, attrs, internal=None):
4458 4458 self.attrs = attrs
4459 4459 # internal have priority over the given ones via attrs
4460 4460 self.internal = internal or ['versions']
4461 4461
4462 4462 def __getattr__(self, item):
4463 4463 if item in self.internal:
4464 4464 return getattr(self, item)
4465 4465 try:
4466 4466 return self.attrs[item]
4467 4467 except KeyError:
4468 4468 raise AttributeError(
4469 4469 '%s object has no attribute %s' % (self, item))
4470 4470
4471 4471 def __repr__(self):
4472 4472 pr_id = self.attrs.get('pull_request_id')
4473 4473 return f'<DB:PullRequestDisplay #{pr_id}>'
4474 4474
4475 4475 def versions(self):
4476 4476 return pull_request_obj.versions.order_by(
4477 4477 PullRequestVersion.pull_request_version_id).all()
4478 4478
4479 4479 def is_closed(self):
4480 4480 return pull_request_obj.is_closed()
4481 4481
4482 4482 def is_state_changing(self):
4483 4483 return pull_request_obj.is_state_changing()
4484 4484
4485 4485 @property
4486 4486 def pull_request_version_id(self):
4487 4487 return getattr(pull_request_obj, 'pull_request_version_id', None)
4488 4488
4489 4489 @property
4490 4490 def pull_request_last_version(self):
4491 4491 return pull_request_obj.pull_request_last_version
4492 4492
4493 4493 attrs = StrictAttributeDict(pull_request_obj.get_api_data(with_merge_state=False))
4494 4494
4495 4495 attrs.author = StrictAttributeDict(
4496 4496 pull_request_obj.author.get_api_data())
4497 4497 if pull_request_obj.target_repo:
4498 4498 attrs.target_repo = StrictAttributeDict(
4499 4499 pull_request_obj.target_repo.get_api_data())
4500 4500 attrs.target_repo.clone_url = pull_request_obj.target_repo.clone_url
4501 4501
4502 4502 if pull_request_obj.source_repo:
4503 4503 attrs.source_repo = StrictAttributeDict(
4504 4504 pull_request_obj.source_repo.get_api_data())
4505 4505 attrs.source_repo.clone_url = pull_request_obj.source_repo.clone_url
4506 4506
4507 4507 attrs.source_ref_parts = pull_request_obj.source_ref_parts
4508 4508 attrs.target_ref_parts = pull_request_obj.target_ref_parts
4509 4509 attrs.revisions = pull_request_obj.revisions
4510 4510 attrs.common_ancestor_id = pull_request_obj.common_ancestor_id
4511 4511 attrs.shadow_merge_ref = org_pull_request_obj.shadow_merge_ref
4512 4512 attrs.reviewer_data = org_pull_request_obj.reviewer_data
4513 4513 attrs.reviewer_data_json = org_pull_request_obj.reviewer_data_json
4514 4514
4515 4515 return PullRequestDisplay(attrs, internal=internal_methods)
4516 4516
4517 4517 def is_closed(self):
4518 4518 return self.status == self.STATUS_CLOSED
4519 4519
4520 4520 def is_state_changing(self):
4521 4521 return self.pull_request_state != PullRequest.STATE_CREATED
4522 4522
4523 4523 def __json__(self):
4524 4524 return {
4525 4525 'revisions': self.revisions,
4526 4526 'versions': self.versions_count
4527 4527 }
4528 4528
4529 4529 def calculated_review_status(self):
4530 4530 from rhodecode.model.changeset_status import ChangesetStatusModel
4531 4531 return ChangesetStatusModel().calculated_review_status(self)
4532 4532
4533 4533 def reviewers_statuses(self, user=None):
4534 4534 from rhodecode.model.changeset_status import ChangesetStatusModel
4535 4535 return ChangesetStatusModel().reviewers_statuses(self, user=user)
4536 4536
4537 4537 def get_pull_request_reviewers(self, role=None):
4538 4538 qry = PullRequestReviewers.query()\
4539 4539 .filter(PullRequestReviewers.pull_request_id == self.pull_request_id)
4540 4540 if role:
4541 4541 qry = qry.filter(PullRequestReviewers.role == role)
4542 4542
4543 4543 return qry.all()
4544 4544
4545 4545 @property
4546 4546 def reviewers_count(self):
4547 4547 qry = PullRequestReviewers.query()\
4548 4548 .filter(PullRequestReviewers.pull_request_id == self.pull_request_id)\
4549 4549 .filter(PullRequestReviewers.role == PullRequestReviewers.ROLE_REVIEWER)
4550 4550 return qry.count()
4551 4551
4552 4552 @property
4553 4553 def observers_count(self):
4554 4554 qry = PullRequestReviewers.query()\
4555 4555 .filter(PullRequestReviewers.pull_request_id == self.pull_request_id)\
4556 4556 .filter(PullRequestReviewers.role == PullRequestReviewers.ROLE_OBSERVER)
4557 4557 return qry.count()
4558 4558
4559 4559 def observers(self):
4560 4560 qry = PullRequestReviewers.query()\
4561 4561 .filter(PullRequestReviewers.pull_request_id == self.pull_request_id)\
4562 4562 .filter(PullRequestReviewers.role == PullRequestReviewers.ROLE_OBSERVER)\
4563 4563 .all()
4564 4564
4565 4565 for entry in qry:
4566 4566 yield entry, entry.user
4567 4567
4568 4568 @property
4569 4569 def workspace_id(self):
4570 4570 from rhodecode.model.pull_request import PullRequestModel
4571 4571 return PullRequestModel()._workspace_id(self)
4572 4572
4573 4573 def get_shadow_repo(self):
4574 4574 workspace_id = self.workspace_id
4575 4575 shadow_repository_path = self.target_repo.get_shadow_repository_path(workspace_id)
4576 4576 if os.path.isdir(shadow_repository_path):
4577 4577 vcs_obj = self.target_repo.scm_instance()
4578 4578 return vcs_obj.get_shadow_instance(shadow_repository_path)
4579 4579
4580 4580 @property
4581 4581 def versions_count(self):
4582 4582 """
4583 4583 return number of versions this PR have, e.g a PR that once been
4584 4584 updated will have 2 versions
4585 4585 """
4586 4586 return self.versions.count() + 1
4587 4587
4588 4588 @property
4589 4589 def pull_request_last_version(self):
4590 4590 return self.versions_count
4591 4591
4592 4592
4593 4593 class PullRequestVersion(Base, _PullRequestBase):
4594 4594 __tablename__ = 'pull_request_versions'
4595 4595 __table_args__ = (
4596 4596 base_table_args,
4597 4597 )
4598 4598
4599 4599 pull_request_version_id = Column('pull_request_version_id', Integer(), nullable=False, primary_key=True)
4600 4600 pull_request_id = Column('pull_request_id', Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=False)
4601 4601 pull_request = relationship('PullRequest', back_populates='versions')
4602 4602
4603 4603 def __repr__(self):
4604 4604 if self.pull_request_version_id:
4605 4605 return f'<DB:PullRequestVersion #{self.pull_request_version_id}>'
4606 4606 else:
4607 4607 return f'<DB:PullRequestVersion at {id(self)!r}>'
4608 4608
4609 4609 @property
4610 4610 def reviewers(self):
4611 4611 return self.pull_request.reviewers
4612 4612
4613 4613 @property
4614 4614 def versions(self):
4615 4615 return self.pull_request.versions
4616 4616
4617 4617 def is_closed(self):
4618 4618 # calculate from original
4619 4619 return self.pull_request.status == self.STATUS_CLOSED
4620 4620
4621 4621 def is_state_changing(self):
4622 4622 return self.pull_request.pull_request_state != PullRequest.STATE_CREATED
4623 4623
4624 4624 def calculated_review_status(self):
4625 4625 return self.pull_request.calculated_review_status()
4626 4626
4627 4627 def reviewers_statuses(self):
4628 4628 return self.pull_request.reviewers_statuses()
4629 4629
4630 4630 def observers(self):
4631 4631 return self.pull_request.observers()
4632 4632
4633 4633
4634 4634 class PullRequestReviewers(Base, BaseModel):
4635 4635 __tablename__ = 'pull_request_reviewers'
4636 4636 __table_args__ = (
4637 4637 base_table_args,
4638 4638 )
4639 4639 ROLE_REVIEWER = 'reviewer'
4640 4640 ROLE_OBSERVER = 'observer'
4641 4641 ROLES = [ROLE_REVIEWER, ROLE_OBSERVER]
4642 4642
4643 4643 @hybrid_property
4644 4644 def reasons(self):
4645 4645 if not self._reasons:
4646 4646 return []
4647 4647 return self._reasons
4648 4648
4649 4649 @reasons.setter
4650 4650 def reasons(self, val):
4651 4651 val = val or []
4652 4652 if any(not isinstance(x, str) for x in val):
4653 4653 raise Exception('invalid reasons type, must be list of strings')
4654 4654 self._reasons = val
4655 4655
4656 4656 pull_requests_reviewers_id = Column(
4657 4657 'pull_requests_reviewers_id', Integer(), nullable=False,
4658 4658 primary_key=True)
4659 4659 pull_request_id = Column(
4660 4660 "pull_request_id", Integer(),
4661 4661 ForeignKey('pull_requests.pull_request_id'), nullable=False)
4662 4662 user_id = Column(
4663 4663 "user_id", Integer(), ForeignKey('users.user_id'), nullable=True)
4664 4664 _reasons = Column(
4665 4665 'reason', MutationList.as_mutable(
4666 4666 JsonType('list', dialect_map=dict(mysql=UnicodeText(16384)))))
4667 4667
4668 4668 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
4669 4669 role = Column('role', Unicode(255), nullable=True, default=ROLE_REVIEWER)
4670 4670
4671 4671 user = relationship('User')
4672 4672 pull_request = relationship('PullRequest', back_populates='reviewers')
4673 4673
4674 4674 rule_data = Column(
4675 4675 'rule_data_json',
4676 4676 JsonType(dialect_map=dict(mysql=UnicodeText(16384))))
4677 4677
4678 4678 def rule_user_group_data(self):
4679 4679 """
4680 4680 Returns the voting user group rule data for this reviewer
4681 4681 """
4682 4682
4683 4683 if self.rule_data and 'vote_rule' in self.rule_data:
4684 4684 user_group_data = {}
4685 4685 if 'rule_user_group_entry_id' in self.rule_data:
4686 4686 # means a group with voting rules !
4687 4687 user_group_data['id'] = self.rule_data['rule_user_group_entry_id']
4688 4688 user_group_data['name'] = self.rule_data['rule_name']
4689 4689 user_group_data['vote_rule'] = self.rule_data['vote_rule']
4690 4690
4691 4691 return user_group_data
4692 4692
4693 4693 @classmethod
4694 4694 def get_pull_request_reviewers(cls, pull_request_id, role=None):
4695 4695 qry = PullRequestReviewers.query()\
4696 4696 .filter(PullRequestReviewers.pull_request_id == pull_request_id)
4697 4697 if role:
4698 4698 qry = qry.filter(PullRequestReviewers.role == role)
4699 4699
4700 4700 return qry.all()
4701 4701
4702 4702 def __repr__(self):
4703 4703 return f"<{self.cls_name}('id:{self.pull_requests_reviewers_id}')>"
4704 4704
4705 4705
4706 4706 class Notification(Base, BaseModel):
4707 4707 __tablename__ = 'notifications'
4708 4708 __table_args__ = (
4709 4709 Index('notification_type_idx', 'type'),
4710 4710 base_table_args,
4711 4711 )
4712 4712
4713 4713 TYPE_CHANGESET_COMMENT = 'cs_comment'
4714 4714 TYPE_MESSAGE = 'message'
4715 4715 TYPE_MENTION = 'mention'
4716 4716 TYPE_REGISTRATION = 'registration'
4717 4717 TYPE_PULL_REQUEST = 'pull_request'
4718 4718 TYPE_PULL_REQUEST_COMMENT = 'pull_request_comment'
4719 4719 TYPE_PULL_REQUEST_UPDATE = 'pull_request_update'
4720 4720
4721 4721 notification_id = Column('notification_id', Integer(), nullable=False, primary_key=True)
4722 4722 subject = Column('subject', Unicode(512), nullable=True)
4723 4723 body = Column('body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True)
4724 4724 created_by = Column("created_by", Integer(), ForeignKey('users.user_id'), nullable=True)
4725 4725 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4726 4726 type_ = Column('type', Unicode(255))
4727 4727
4728 4728 created_by_user = relationship('User', back_populates='user_created_notifications')
4729 4729 notifications_to_users = relationship('UserNotification', lazy='joined', cascade="all, delete-orphan", back_populates='notification')
4730 4730
4731 4731 @property
4732 4732 def recipients(self):
4733 4733 return [x.user for x in UserNotification.query()\
4734 4734 .filter(UserNotification.notification == self)\
4735 4735 .order_by(UserNotification.user_id.asc()).all()]
4736 4736
4737 4737 @classmethod
4738 4738 def create(cls, created_by, subject, body, recipients, type_=None):
4739 4739 if type_ is None:
4740 4740 type_ = Notification.TYPE_MESSAGE
4741 4741
4742 4742 notification = cls()
4743 4743 notification.created_by_user = created_by
4744 4744 notification.subject = subject
4745 4745 notification.body = body
4746 4746 notification.type_ = type_
4747 4747 notification.created_on = datetime.datetime.now()
4748 4748
4749 4749 # For each recipient link the created notification to his account
4750 4750 for u in recipients:
4751 4751 assoc = UserNotification()
4752 4752 assoc.user_id = u.user_id
4753 4753 assoc.notification = notification
4754 4754
4755 4755 # if created_by is inside recipients mark his notification
4756 4756 # as read
4757 4757 if u.user_id == created_by.user_id:
4758 4758 assoc.read = True
4759 4759 Session().add(assoc)
4760 4760
4761 4761 Session().add(notification)
4762 4762
4763 4763 return notification
4764 4764
4765 4765
4766 4766 class UserNotification(Base, BaseModel):
4767 4767 __tablename__ = 'user_to_notification'
4768 4768 __table_args__ = (
4769 4769 UniqueConstraint('user_id', 'notification_id'),
4770 4770 base_table_args
4771 4771 )
4772 4772
4773 4773 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
4774 4774 notification_id = Column("notification_id", Integer(), ForeignKey('notifications.notification_id'), primary_key=True)
4775 4775 read = Column('read', Boolean, default=False)
4776 4776 sent_on = Column('sent_on', DateTime(timezone=False), nullable=True, unique=None)
4777 4777
4778 4778 user = relationship('User', lazy="joined", back_populates='notifications')
4779 4779 notification = relationship('Notification', lazy="joined", order_by=lambda: Notification.created_on.desc(), back_populates='notifications_to_users')
4780 4780
4781 4781 def mark_as_read(self):
4782 4782 self.read = True
4783 4783 Session().add(self)
4784 4784
4785 4785
4786 4786 class UserNotice(Base, BaseModel):
4787 4787 __tablename__ = 'user_notices'
4788 4788 __table_args__ = (
4789 4789 base_table_args
4790 4790 )
4791 4791
4792 4792 NOTIFICATION_TYPE_MESSAGE = 'message'
4793 4793 NOTIFICATION_TYPE_NOTICE = 'notice'
4794 4794
4795 4795 NOTIFICATION_LEVEL_INFO = 'info'
4796 4796 NOTIFICATION_LEVEL_WARNING = 'warning'
4797 4797 NOTIFICATION_LEVEL_ERROR = 'error'
4798 4798
4799 4799 user_notice_id = Column('gist_id', Integer(), primary_key=True)
4800 4800
4801 4801 notice_subject = Column('notice_subject', Unicode(512), nullable=True)
4802 4802 notice_body = Column('notice_body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True)
4803 4803
4804 4804 notice_read = Column('notice_read', Boolean, default=False)
4805 4805
4806 4806 notification_level = Column('notification_level', String(1024), default=NOTIFICATION_LEVEL_INFO)
4807 4807 notification_type = Column('notification_type', String(1024), default=NOTIFICATION_TYPE_NOTICE)
4808 4808
4809 4809 notice_created_by = Column('notice_created_by', Integer(), ForeignKey('users.user_id'), nullable=True)
4810 4810 notice_created_on = Column('notice_created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4811 4811
4812 4812 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'))
4813 4813 user = relationship('User', lazy="joined", primaryjoin='User.user_id==UserNotice.user_id')
4814 4814
4815 4815 @classmethod
4816 4816 def create_for_user(cls, user, subject, body, notice_level=NOTIFICATION_LEVEL_INFO, allow_duplicate=False):
4817 4817
4818 4818 if notice_level not in [cls.NOTIFICATION_LEVEL_ERROR,
4819 4819 cls.NOTIFICATION_LEVEL_WARNING,
4820 4820 cls.NOTIFICATION_LEVEL_INFO]:
4821 4821 return
4822 4822
4823 4823 from rhodecode.model.user import UserModel
4824 4824 user = UserModel().get_user(user)
4825 4825
4826 4826 new_notice = UserNotice()
4827 4827 if not allow_duplicate:
4828 4828 existing_msg = UserNotice().query() \
4829 4829 .filter(UserNotice.user == user) \
4830 4830 .filter(UserNotice.notice_body == body) \
4831 4831 .filter(UserNotice.notice_read == false()) \
4832 4832 .scalar()
4833 4833 if existing_msg:
4834 4834 log.warning('Ignoring duplicate notice for user %s', user)
4835 4835 return
4836 4836
4837 4837 new_notice.user = user
4838 4838 new_notice.notice_subject = subject
4839 4839 new_notice.notice_body = body
4840 4840 new_notice.notification_level = notice_level
4841 4841 Session().add(new_notice)
4842 4842 Session().commit()
4843 4843
4844 4844
4845 4845 class Gist(Base, BaseModel):
4846 4846 __tablename__ = 'gists'
4847 4847 __table_args__ = (
4848 4848 Index('g_gist_access_id_idx', 'gist_access_id'),
4849 4849 Index('g_created_on_idx', 'created_on'),
4850 4850 base_table_args
4851 4851 )
4852 4852
4853 4853 GIST_PUBLIC = 'public'
4854 4854 GIST_PRIVATE = 'private'
4855 4855 DEFAULT_FILENAME = 'gistfile1.txt'
4856 4856
4857 4857 ACL_LEVEL_PUBLIC = 'acl_public'
4858 4858 ACL_LEVEL_PRIVATE = 'acl_private'
4859 4859
4860 4860 gist_id = Column('gist_id', Integer(), primary_key=True)
4861 4861 gist_access_id = Column('gist_access_id', Unicode(250))
4862 4862 gist_description = Column('gist_description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
4863 4863 gist_owner = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True)
4864 4864 gist_expires = Column('gist_expires', Float(53), nullable=False)
4865 4865 gist_type = Column('gist_type', Unicode(128), nullable=False)
4866 4866 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4867 4867 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
4868 4868 acl_level = Column('acl_level', Unicode(128), nullable=True)
4869 4869
4870 4870 owner = relationship('User', back_populates='user_gists')
4871 4871
4872 4872 def __repr__(self):
4873 4873 return f'<Gist:[{self.gist_type}]{self.gist_access_id}>'
4874 4874
4875 4875 @hybrid_property
4876 4876 def description_safe(self):
4877 4877 from rhodecode.lib import helpers as h
4878 4878 return h.escape(self.gist_description)
4879 4879
4880 4880 @classmethod
4881 4881 def get_or_404(cls, id_):
4882 4882 from pyramid.httpexceptions import HTTPNotFound
4883 4883
4884 4884 res = cls.query().filter(cls.gist_access_id == id_).scalar()
4885 4885 if not res:
4886 4886 log.debug('WARN: No DB entry with id %s', id_)
4887 4887 raise HTTPNotFound()
4888 4888 return res
4889 4889
4890 4890 @classmethod
4891 4891 def get_by_access_id(cls, gist_access_id):
4892 4892 return cls.query().filter(cls.gist_access_id == gist_access_id).scalar()
4893 4893
4894 4894 def gist_url(self):
4895 4895 from rhodecode.model.gist import GistModel
4896 4896 return GistModel().get_url(self)
4897 4897
4898 4898 @classmethod
4899 4899 def base_path(cls):
4900 4900 """
4901 4901 Returns base path when all gists are stored
4902 4902
4903 4903 :param cls:
4904 4904 """
4905 4905 from rhodecode.model.gist import GIST_STORE_LOC
4906 4906 q = Session().query(RhodeCodeUi)\
4907 4907 .filter(RhodeCodeUi.ui_key == URL_SEP)
4908 4908 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
4909 4909 return os.path.join(q.one().ui_value, GIST_STORE_LOC)
4910 4910
4911 4911 def get_api_data(self):
4912 4912 """
4913 4913 Common function for generating gist related data for API
4914 4914 """
4915 4915 gist = self
4916 4916 data = {
4917 4917 'gist_id': gist.gist_id,
4918 4918 'type': gist.gist_type,
4919 4919 'access_id': gist.gist_access_id,
4920 4920 'description': gist.gist_description,
4921 4921 'url': gist.gist_url(),
4922 4922 'expires': gist.gist_expires,
4923 4923 'created_on': gist.created_on,
4924 4924 'modified_at': gist.modified_at,
4925 4925 'content': None,
4926 4926 'acl_level': gist.acl_level,
4927 4927 }
4928 4928 return data
4929 4929
4930 4930 def __json__(self):
4931 4931 data = dict(
4932 4932 )
4933 4933 data.update(self.get_api_data())
4934 4934 return data
4935 4935 # SCM functions
4936 4936
4937 4937 def scm_instance(self, **kwargs):
4938 4938 """
4939 4939 Get an instance of VCS Repository
4940 4940
4941 4941 :param kwargs:
4942 4942 """
4943 4943 from rhodecode.model.gist import GistModel
4944 4944 full_repo_path = os.path.join(self.base_path(), self.gist_access_id)
4945 4945 return get_vcs_instance(
4946 4946 repo_path=safe_str(full_repo_path), create=False,
4947 4947 _vcs_alias=GistModel.vcs_backend)
4948 4948
4949 4949
4950 4950 class ExternalIdentity(Base, BaseModel):
4951 4951 __tablename__ = 'external_identities'
4952 4952 __table_args__ = (
4953 4953 Index('local_user_id_idx', 'local_user_id'),
4954 4954 Index('external_id_idx', 'external_id'),
4955 4955 base_table_args
4956 4956 )
4957 4957
4958 4958 external_id = Column('external_id', Unicode(255), default='', primary_key=True)
4959 4959 external_username = Column('external_username', Unicode(1024), default='')
4960 4960 local_user_id = Column('local_user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
4961 4961 provider_name = Column('provider_name', Unicode(255), default='', primary_key=True)
4962 4962 access_token = Column('access_token', String(1024), default='')
4963 4963 alt_token = Column('alt_token', String(1024), default='')
4964 4964 token_secret = Column('token_secret', String(1024), default='')
4965 4965
4966 4966 @classmethod
4967 4967 def by_external_id_and_provider(cls, external_id, provider_name, local_user_id=None):
4968 4968 """
4969 4969 Returns ExternalIdentity instance based on search params
4970 4970
4971 4971 :param external_id:
4972 4972 :param provider_name:
4973 4973 :return: ExternalIdentity
4974 4974 """
4975 4975 query = cls.query()
4976 4976 query = query.filter(cls.external_id == external_id)
4977 4977 query = query.filter(cls.provider_name == provider_name)
4978 4978 if local_user_id:
4979 4979 query = query.filter(cls.local_user_id == local_user_id)
4980 4980 return query.first()
4981 4981
4982 4982 @classmethod
4983 4983 def user_by_external_id_and_provider(cls, external_id, provider_name):
4984 4984 """
4985 4985 Returns User instance based on search params
4986 4986
4987 4987 :param external_id:
4988 4988 :param provider_name:
4989 4989 :return: User
4990 4990 """
4991 4991 query = User.query()
4992 4992 query = query.filter(cls.external_id == external_id)
4993 4993 query = query.filter(cls.provider_name == provider_name)
4994 4994 query = query.filter(User.user_id == cls.local_user_id)
4995 4995 return query.first()
4996 4996
4997 4997 @classmethod
4998 4998 def by_local_user_id(cls, local_user_id):
4999 4999 """
5000 5000 Returns all tokens for user
5001 5001
5002 5002 :param local_user_id:
5003 5003 :return: ExternalIdentity
5004 5004 """
5005 5005 query = cls.query()
5006 5006 query = query.filter(cls.local_user_id == local_user_id)
5007 5007 return query
5008 5008
5009 5009 @classmethod
5010 5010 def load_provider_plugin(cls, plugin_id):
5011 5011 from rhodecode.authentication.base import loadplugin
5012 5012 _plugin_id = 'egg:rhodecode-enterprise-ee#{}'.format(plugin_id)
5013 5013 auth_plugin = loadplugin(_plugin_id)
5014 5014 return auth_plugin
5015 5015
5016 5016
5017 5017 class Integration(Base, BaseModel):
5018 5018 __tablename__ = 'integrations'
5019 5019 __table_args__ = (
5020 5020 base_table_args
5021 5021 )
5022 5022
5023 5023 integration_id = Column('integration_id', Integer(), primary_key=True)
5024 5024 integration_type = Column('integration_type', String(255))
5025 5025 enabled = Column('enabled', Boolean(), nullable=False)
5026 5026 name = Column('name', String(255), nullable=False)
5027 5027 child_repos_only = Column('child_repos_only', Boolean(), nullable=False, default=False)
5028 5028
5029 5029 settings = Column(
5030 5030 'settings_json', MutationObj.as_mutable(
5031 5031 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
5032 5032 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)
5033 5033 repo = relationship('Repository', lazy='joined', back_populates='integrations')
5034 5034
5035 5035 repo_group_id = Column('repo_group_id', Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)
5036 5036 repo_group = relationship('RepoGroup', lazy='joined', back_populates='integrations')
5037 5037
5038 5038 @property
5039 5039 def scope(self):
5040 5040 if self.repo:
5041 5041 return repr(self.repo)
5042 5042 if self.repo_group:
5043 5043 if self.child_repos_only:
5044 5044 return repr(self.repo_group) + ' (child repos only)'
5045 5045 else:
5046 5046 return repr(self.repo_group) + ' (recursive)'
5047 5047 if self.child_repos_only:
5048 5048 return 'root_repos'
5049 5049 return 'global'
5050 5050
5051 5051 def __repr__(self):
5052 5052 return '<Integration(%r, %r)>' % (self.integration_type, self.scope)
5053 5053
5054 5054
5055 5055 class RepoReviewRuleUser(Base, BaseModel):
5056 5056 __tablename__ = 'repo_review_rules_users'
5057 5057 __table_args__ = (
5058 5058 base_table_args
5059 5059 )
5060 5060 ROLE_REVIEWER = 'reviewer'
5061 5061 ROLE_OBSERVER = 'observer'
5062 5062 ROLES = [ROLE_REVIEWER, ROLE_OBSERVER]
5063 5063
5064 5064 repo_review_rule_user_id = Column('repo_review_rule_user_id', Integer(), primary_key=True)
5065 5065 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
5066 5066 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False)
5067 5067 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
5068 5068 role = Column('role', Unicode(255), nullable=True, default=ROLE_REVIEWER)
5069 5069 user = relationship('User', back_populates='user_review_rules')
5070 5070
5071 5071 def rule_data(self):
5072 5072 return {
5073 5073 'mandatory': self.mandatory,
5074 5074 'role': self.role,
5075 5075 }
5076 5076
5077 5077
5078 5078 class RepoReviewRuleUserGroup(Base, BaseModel):
5079 5079 __tablename__ = 'repo_review_rules_users_groups'
5080 5080 __table_args__ = (
5081 5081 base_table_args
5082 5082 )
5083 5083
5084 5084 VOTE_RULE_ALL = -1
5085 5085 ROLE_REVIEWER = 'reviewer'
5086 5086 ROLE_OBSERVER = 'observer'
5087 5087 ROLES = [ROLE_REVIEWER, ROLE_OBSERVER]
5088 5088
5089 5089 repo_review_rule_users_group_id = Column('repo_review_rule_users_group_id', Integer(), primary_key=True)
5090 5090 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
5091 5091 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False)
5092 5092 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
5093 5093 role = Column('role', Unicode(255), nullable=True, default=ROLE_REVIEWER)
5094 5094 vote_rule = Column("vote_rule", Integer(), nullable=True, default=VOTE_RULE_ALL)
5095 5095 users_group = relationship('UserGroup')
5096 5096
5097 5097 def rule_data(self):
5098 5098 return {
5099 5099 'mandatory': self.mandatory,
5100 5100 'role': self.role,
5101 5101 'vote_rule': self.vote_rule
5102 5102 }
5103 5103
5104 5104 @property
5105 5105 def vote_rule_label(self):
5106 5106 if not self.vote_rule or self.vote_rule == self.VOTE_RULE_ALL:
5107 5107 return 'all must vote'
5108 5108 else:
5109 5109 return 'min. vote {}'.format(self.vote_rule)
5110 5110
5111 5111
5112 5112 class RepoReviewRule(Base, BaseModel):
5113 5113 __tablename__ = 'repo_review_rules'
5114 5114 __table_args__ = (
5115 5115 base_table_args
5116 5116 )
5117 5117
5118 5118 repo_review_rule_id = Column(
5119 5119 'repo_review_rule_id', Integer(), primary_key=True)
5120 5120 repo_id = Column(
5121 5121 "repo_id", Integer(), ForeignKey('repositories.repo_id'))
5122 5122 repo = relationship('Repository', back_populates='review_rules')
5123 5123
5124 5124 review_rule_name = Column('review_rule_name', String(255))
5125 5125 _branch_pattern = Column("branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default='*') # glob
5126 5126 _target_branch_pattern = Column("target_branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default='*') # glob
5127 5127 _file_pattern = Column("file_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default='*') # glob
5128 5128
5129 5129 use_authors_for_review = Column("use_authors_for_review", Boolean(), nullable=False, default=False)
5130 5130
5131 5131 # Legacy fields, just for backward compat
5132 5132 _forbid_author_to_review = Column("forbid_author_to_review", Boolean(), nullable=False, default=False)
5133 5133 _forbid_commit_author_to_review = Column("forbid_commit_author_to_review", Boolean(), nullable=False, default=False)
5134 5134
5135 5135 pr_author = Column("pr_author", UnicodeText().with_variant(UnicodeText(255), 'mysql'), nullable=True)
5136 5136 commit_author = Column("commit_author", UnicodeText().with_variant(UnicodeText(255), 'mysql'), nullable=True)
5137 5137
5138 5138 forbid_adding_reviewers = Column("forbid_adding_reviewers", Boolean(), nullable=False, default=False)
5139 5139
5140 5140 rule_users = relationship('RepoReviewRuleUser')
5141 5141 rule_user_groups = relationship('RepoReviewRuleUserGroup')
5142 5142
5143 5143 def _validate_pattern(self, value):
5144 5144 re.compile('^' + glob2re(value) + '$')
5145 5145
5146 5146 @hybrid_property
5147 5147 def source_branch_pattern(self):
5148 5148 return self._branch_pattern or '*'
5149 5149
5150 5150 @source_branch_pattern.setter
5151 5151 def source_branch_pattern(self, value):
5152 5152 self._validate_pattern(value)
5153 5153 self._branch_pattern = value or '*'
5154 5154
5155 5155 @hybrid_property
5156 5156 def target_branch_pattern(self):
5157 5157 return self._target_branch_pattern or '*'
5158 5158
5159 5159 @target_branch_pattern.setter
5160 5160 def target_branch_pattern(self, value):
5161 5161 self._validate_pattern(value)
5162 5162 self._target_branch_pattern = value or '*'
5163 5163
5164 5164 @hybrid_property
5165 5165 def file_pattern(self):
5166 5166 return self._file_pattern or '*'
5167 5167
5168 5168 @file_pattern.setter
5169 5169 def file_pattern(self, value):
5170 5170 self._validate_pattern(value)
5171 5171 self._file_pattern = value or '*'
5172 5172
5173 5173 @hybrid_property
5174 5174 def forbid_pr_author_to_review(self):
5175 5175 return self.pr_author == 'forbid_pr_author'
5176 5176
5177 5177 @hybrid_property
5178 5178 def include_pr_author_to_review(self):
5179 5179 return self.pr_author == 'include_pr_author'
5180 5180
5181 5181 @hybrid_property
5182 5182 def forbid_commit_author_to_review(self):
5183 5183 return self.commit_author == 'forbid_commit_author'
5184 5184
5185 5185 @hybrid_property
5186 5186 def include_commit_author_to_review(self):
5187 5187 return self.commit_author == 'include_commit_author'
5188 5188
5189 5189 def matches(self, source_branch, target_branch, files_changed):
5190 5190 """
5191 5191 Check if this review rule matches a branch/files in a pull request
5192 5192
5193 5193 :param source_branch: source branch name for the commit
5194 5194 :param target_branch: target branch name for the commit
5195 5195 :param files_changed: list of file paths changed in the pull request
5196 5196 """
5197 5197
5198 5198 source_branch = source_branch or ''
5199 5199 target_branch = target_branch or ''
5200 5200 files_changed = files_changed or []
5201 5201
5202 5202 branch_matches = True
5203 5203 if source_branch or target_branch:
5204 5204 if self.source_branch_pattern == '*':
5205 5205 source_branch_match = True
5206 5206 else:
5207 5207 if self.source_branch_pattern.startswith('re:'):
5208 5208 source_pattern = self.source_branch_pattern[3:]
5209 5209 else:
5210 5210 source_pattern = '^' + glob2re(self.source_branch_pattern) + '$'
5211 5211 source_branch_regex = re.compile(source_pattern)
5212 5212 source_branch_match = bool(source_branch_regex.search(source_branch))
5213 5213 if self.target_branch_pattern == '*':
5214 5214 target_branch_match = True
5215 5215 else:
5216 5216 if self.target_branch_pattern.startswith('re:'):
5217 5217 target_pattern = self.target_branch_pattern[3:]
5218 5218 else:
5219 5219 target_pattern = '^' + glob2re(self.target_branch_pattern) + '$'
5220 5220 target_branch_regex = re.compile(target_pattern)
5221 5221 target_branch_match = bool(target_branch_regex.search(target_branch))
5222 5222
5223 5223 branch_matches = source_branch_match and target_branch_match
5224 5224
5225 5225 files_matches = True
5226 5226 if self.file_pattern != '*':
5227 5227 files_matches = False
5228 5228 if self.file_pattern.startswith('re:'):
5229 5229 file_pattern = self.file_pattern[3:]
5230 5230 else:
5231 5231 file_pattern = glob2re(self.file_pattern)
5232 5232 file_regex = re.compile(file_pattern)
5233 5233 for file_data in files_changed:
5234 5234 filename = file_data.get('filename')
5235 5235
5236 5236 if file_regex.search(filename):
5237 5237 files_matches = True
5238 5238 break
5239 5239
5240 5240 return branch_matches and files_matches
5241 5241
5242 5242 @property
5243 5243 def review_users(self):
5244 5244 """ Returns the users which this rule applies to """
5245 5245
5246 5246 users = collections.OrderedDict()
5247 5247
5248 5248 for rule_user in self.rule_users:
5249 5249 if rule_user.user.active:
5250 5250 if rule_user.user not in users:
5251 5251 users[rule_user.user.username] = {
5252 5252 'user': rule_user.user,
5253 5253 'source': 'user',
5254 5254 'source_data': {},
5255 5255 'data': rule_user.rule_data()
5256 5256 }
5257 5257
5258 5258 for rule_user_group in self.rule_user_groups:
5259 5259 source_data = {
5260 5260 'user_group_id': rule_user_group.users_group.users_group_id,
5261 5261 'name': rule_user_group.users_group.users_group_name,
5262 5262 'members': len(rule_user_group.users_group.members)
5263 5263 }
5264 5264 for member in rule_user_group.users_group.members:
5265 5265 if member.user.active:
5266 5266 key = member.user.username
5267 5267 if key in users:
5268 5268 # skip this member as we have him already
5269 5269 # this prevents from override the "first" matched
5270 5270 # users with duplicates in multiple groups
5271 5271 continue
5272 5272
5273 5273 users[key] = {
5274 5274 'user': member.user,
5275 5275 'source': 'user_group',
5276 5276 'source_data': source_data,
5277 5277 'data': rule_user_group.rule_data()
5278 5278 }
5279 5279
5280 5280 return users
5281 5281
5282 5282 def user_group_vote_rule(self, user_id):
5283 5283
5284 5284 rules = []
5285 5285 if not self.rule_user_groups:
5286 5286 return rules
5287 5287
5288 5288 for user_group in self.rule_user_groups:
5289 5289 user_group_members = [x.user_id for x in user_group.users_group.members]
5290 5290 if user_id in user_group_members:
5291 5291 rules.append(user_group)
5292 5292 return rules
5293 5293
5294 5294 def __repr__(self):
5295 5295 return f'<RepoReviewerRule(id={self.repo_review_rule_id}, repo={self.repo!r})>'
5296 5296
5297 5297
5298 5298 class ScheduleEntry(Base, BaseModel):
5299 5299 __tablename__ = 'schedule_entries'
5300 5300 __table_args__ = (
5301 5301 UniqueConstraint('schedule_name', name='s_schedule_name_idx'),
5302 5302 UniqueConstraint('task_uid', name='s_task_uid_idx'),
5303 5303 base_table_args,
5304 5304 )
5305 5305 SCHEDULE_TYPE_INTEGER = "integer"
5306 5306 SCHEDULE_TYPE_CRONTAB = "crontab"
5307 5307
5308 5308 schedule_types = [SCHEDULE_TYPE_CRONTAB, SCHEDULE_TYPE_INTEGER]
5309 5309 schedule_entry_id = Column('schedule_entry_id', Integer(), primary_key=True)
5310 5310
5311 5311 schedule_name = Column("schedule_name", String(255), nullable=False, unique=None, default=None)
5312 5312 schedule_description = Column("schedule_description", String(10000), nullable=True, unique=None, default=None)
5313 5313 schedule_enabled = Column("schedule_enabled", Boolean(), nullable=False, unique=None, default=True)
5314 5314
5315 5315 _schedule_type = Column("schedule_type", String(255), nullable=False, unique=None, default=None)
5316 5316 schedule_definition = Column('schedule_definition_json', MutationObj.as_mutable(JsonType(default=lambda: "", dialect_map=dict(mysql=LONGTEXT()))))
5317 5317
5318 5318 schedule_last_run = Column('schedule_last_run', DateTime(timezone=False), nullable=True, unique=None, default=None)
5319 5319 schedule_total_run_count = Column('schedule_total_run_count', Integer(), nullable=True, unique=None, default=0)
5320 5320
5321 5321 # task
5322 5322 task_uid = Column("task_uid", String(255), nullable=False, unique=None, default=None)
5323 5323 task_dot_notation = Column("task_dot_notation", String(4096), nullable=False, unique=None, default=None)
5324 5324 task_args = Column('task_args_json', MutationObj.as_mutable(JsonType(default=list, dialect_map=dict(mysql=LONGTEXT()))))
5325 5325 task_kwargs = Column('task_kwargs_json', MutationObj.as_mutable(JsonType(default=dict, dialect_map=dict(mysql=LONGTEXT()))))
5326 5326
5327 5327 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
5328 5328 updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=None)
5329 5329
5330 5330 @hybrid_property
5331 5331 def schedule_type(self):
5332 5332 return self._schedule_type
5333 5333
5334 5334 @schedule_type.setter
5335 5335 def schedule_type(self, val):
5336 5336 if val not in self.schedule_types:
5337 5337 raise ValueError('Value must be on of `{}` and got `{}`'.format(
5338 5338 val, self.schedule_type))
5339 5339
5340 5340 self._schedule_type = val
5341 5341
5342 5342 @classmethod
5343 5343 def get_uid(cls, obj):
5344 5344 args = obj.task_args
5345 5345 kwargs = obj.task_kwargs
5346 5346 if isinstance(args, JsonRaw):
5347 5347 try:
5348 5348 args = json.loads(args)
5349 5349 except ValueError:
5350 5350 args = tuple()
5351 5351
5352 5352 if isinstance(kwargs, JsonRaw):
5353 5353 try:
5354 5354 kwargs = json.loads(kwargs)
5355 5355 except ValueError:
5356 5356 kwargs = dict()
5357 5357
5358 5358 dot_notation = obj.task_dot_notation
5359 5359 val = '.'.join(map(safe_str, [
5360 5360 sorted(dot_notation), args, sorted(kwargs.items())]))
5361 5361 return sha1(safe_bytes(val))
5362 5362
5363 5363 @classmethod
5364 5364 def get_by_schedule_name(cls, schedule_name):
5365 5365 return cls.query().filter(cls.schedule_name == schedule_name).scalar()
5366 5366
5367 5367 @classmethod
5368 5368 def get_by_schedule_id(cls, schedule_id):
5369 5369 return cls.query().filter(cls.schedule_entry_id == schedule_id).scalar()
5370 5370
5371 5371 @property
5372 5372 def task(self):
5373 5373 return self.task_dot_notation
5374 5374
5375 5375 @property
5376 5376 def schedule(self):
5377 5377 from rhodecode.lib.celerylib.utils import raw_2_schedule
5378 5378 schedule = raw_2_schedule(self.schedule_definition, self.schedule_type)
5379 5379 return schedule
5380 5380
5381 5381 @property
5382 5382 def args(self):
5383 5383 try:
5384 5384 return list(self.task_args or [])
5385 5385 except ValueError:
5386 5386 return list()
5387 5387
5388 5388 @property
5389 5389 def kwargs(self):
5390 5390 try:
5391 5391 return dict(self.task_kwargs or {})
5392 5392 except ValueError:
5393 5393 return dict()
5394 5394
5395 5395 def _as_raw(self, val, indent=False):
5396 5396 if hasattr(val, 'de_coerce'):
5397 5397 val = val.de_coerce()
5398 5398 if val:
5399 5399 if indent:
5400 5400 val = ext_json.formatted_str_json(val)
5401 5401 else:
5402 5402 val = ext_json.str_json(val)
5403 5403
5404 5404 return val
5405 5405
5406 5406 @property
5407 5407 def schedule_definition_raw(self):
5408 5408 return self._as_raw(self.schedule_definition)
5409 5409
5410 5410 def args_raw(self, indent=False):
5411 5411 return self._as_raw(self.task_args, indent)
5412 5412
5413 5413 def kwargs_raw(self, indent=False):
5414 5414 return self._as_raw(self.task_kwargs, indent)
5415 5415
5416 5416 def __repr__(self):
5417 5417 return f'<DB:ScheduleEntry({self.schedule_entry_id}:{self.schedule_name})>'
5418 5418
5419 5419
5420 5420 @event.listens_for(ScheduleEntry, 'before_update')
5421 5421 def update_task_uid(mapper, connection, target):
5422 5422 target.task_uid = ScheduleEntry.get_uid(target)
5423 5423
5424 5424
5425 5425 @event.listens_for(ScheduleEntry, 'before_insert')
5426 5426 def set_task_uid(mapper, connection, target):
5427 5427 target.task_uid = ScheduleEntry.get_uid(target)
5428 5428
5429 5429
5430 5430 class _BaseBranchPerms(BaseModel):
5431 5431 @classmethod
5432 5432 def compute_hash(cls, value):
5433 5433 return sha1_safe(value)
5434 5434
5435 5435 @hybrid_property
5436 5436 def branch_pattern(self):
5437 5437 return self._branch_pattern or '*'
5438 5438
5439 5439 @hybrid_property
5440 5440 def branch_hash(self):
5441 5441 return self._branch_hash
5442 5442
5443 5443 def _validate_glob(self, value):
5444 5444 re.compile('^' + glob2re(value) + '$')
5445 5445
5446 5446 @branch_pattern.setter
5447 5447 def branch_pattern(self, value):
5448 5448 self._validate_glob(value)
5449 5449 self._branch_pattern = value or '*'
5450 5450 # set the Hash when setting the branch pattern
5451 5451 self._branch_hash = self.compute_hash(self._branch_pattern)
5452 5452
5453 5453 def matches(self, branch):
5454 5454 """
5455 5455 Check if this the branch matches entry
5456 5456
5457 5457 :param branch: branch name for the commit
5458 5458 """
5459 5459
5460 5460 branch = branch or ''
5461 5461
5462 5462 branch_matches = True
5463 5463 if branch:
5464 5464 branch_regex = re.compile('^' + glob2re(self.branch_pattern) + '$')
5465 5465 branch_matches = bool(branch_regex.search(branch))
5466 5466
5467 5467 return branch_matches
5468 5468
5469 5469
5470 5470 class UserToRepoBranchPermission(Base, _BaseBranchPerms):
5471 5471 __tablename__ = 'user_to_repo_branch_permissions'
5472 5472 __table_args__ = (
5473 5473 base_table_args
5474 5474 )
5475 5475
5476 5476 branch_rule_id = Column('branch_rule_id', Integer(), primary_key=True)
5477 5477
5478 5478 repository_id = Column('repository_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
5479 5479 repo = relationship('Repository', back_populates='user_branch_perms')
5480 5480
5481 5481 permission_id = Column('permission_id', Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
5482 5482 permission = relationship('Permission')
5483 5483
5484 5484 rule_to_perm_id = Column('rule_to_perm_id', Integer(), ForeignKey('repo_to_perm.repo_to_perm_id'), nullable=False, unique=None, default=None)
5485 5485 user_repo_to_perm = relationship('UserRepoToPerm', back_populates='branch_perm_entry')
5486 5486
5487 5487 rule_order = Column('rule_order', Integer(), nullable=False)
5488 5488 _branch_pattern = Column('branch_pattern', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), default='*') # glob
5489 5489 _branch_hash = Column('branch_hash', UnicodeText().with_variant(UnicodeText(2048), 'mysql'))
5490 5490
5491 5491 def __repr__(self):
5492 5492 return f'<UserBranchPermission({self.user_repo_to_perm} => {self.branch_pattern!r})>'
5493 5493
5494 5494
5495 5495 class UserGroupToRepoBranchPermission(Base, _BaseBranchPerms):
5496 5496 __tablename__ = 'user_group_to_repo_branch_permissions'
5497 5497 __table_args__ = (
5498 5498 base_table_args
5499 5499 )
5500 5500
5501 5501 branch_rule_id = Column('branch_rule_id', Integer(), primary_key=True)
5502 5502
5503 5503 repository_id = Column('repository_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
5504 5504 repo = relationship('Repository', back_populates='user_group_branch_perms')
5505 5505
5506 5506 permission_id = Column('permission_id', Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
5507 5507 permission = relationship('Permission')
5508 5508
5509 5509 rule_to_perm_id = Column('rule_to_perm_id', Integer(), ForeignKey('users_group_repo_to_perm.users_group_to_perm_id'), nullable=False, unique=None, default=None)
5510 5510 user_group_repo_to_perm = relationship('UserGroupRepoToPerm', back_populates='user_group_branch_perms')
5511 5511
5512 5512 rule_order = Column('rule_order', Integer(), nullable=False)
5513 5513 _branch_pattern = Column('branch_pattern', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), default='*') # glob
5514 5514 _branch_hash = Column('branch_hash', UnicodeText().with_variant(UnicodeText(2048), 'mysql'))
5515 5515
5516 5516 def __repr__(self):
5517 5517 return f'<UserBranchPermission({self.user_group_repo_to_perm} => {self.branch_pattern!r})>'
5518 5518
5519 5519
5520 5520 class UserBookmark(Base, BaseModel):
5521 5521 __tablename__ = 'user_bookmarks'
5522 5522 __table_args__ = (
5523 5523 UniqueConstraint('user_id', 'bookmark_repo_id'),
5524 5524 UniqueConstraint('user_id', 'bookmark_repo_group_id'),
5525 5525 UniqueConstraint('user_id', 'bookmark_position'),
5526 5526 base_table_args
5527 5527 )
5528 5528
5529 5529 user_bookmark_id = Column("user_bookmark_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
5530 5530 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
5531 5531 position = Column("bookmark_position", Integer(), nullable=False)
5532 5532 title = Column("bookmark_title", String(255), nullable=True, unique=None, default=None)
5533 5533 redirect_url = Column("bookmark_redirect_url", String(10240), nullable=True, unique=None, default=None)
5534 5534 created_on = Column("created_on", DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
5535 5535
5536 5536 bookmark_repo_id = Column("bookmark_repo_id", Integer(), ForeignKey("repositories.repo_id"), nullable=True, unique=None, default=None)
5537 5537 bookmark_repo_group_id = Column("bookmark_repo_group_id", Integer(), ForeignKey("groups.group_id"), nullable=True, unique=None, default=None)
5538 5538
5539 5539 user = relationship("User")
5540 5540
5541 5541 repository = relationship("Repository")
5542 5542 repository_group = relationship("RepoGroup")
5543 5543
5544 5544 @classmethod
5545 5545 def get_by_position_for_user(cls, position, user_id):
5546 5546 return cls.query() \
5547 5547 .filter(UserBookmark.user_id == user_id) \
5548 5548 .filter(UserBookmark.position == position).scalar()
5549 5549
5550 5550 @classmethod
5551 5551 def get_bookmarks_for_user(cls, user_id, cache=True):
5552 5552 bookmarks = cls.query() \
5553 5553 .filter(UserBookmark.user_id == user_id) \
5554 5554 .options(joinedload(UserBookmark.repository)) \
5555 5555 .options(joinedload(UserBookmark.repository_group)) \
5556 5556 .order_by(UserBookmark.position.asc())
5557 5557
5558 5558 if cache:
5559 5559 bookmarks = bookmarks.options(
5560 5560 FromCache("sql_cache_short", "get_user_{}_bookmarks".format(user_id))
5561 5561 )
5562 5562
5563 5563 return bookmarks.all()
5564 5564
5565 5565 def __repr__(self):
5566 5566 return f'<UserBookmark({self.position} @ {self.redirect_url!r})>'
5567 5567
5568 5568
5569 5569 class FileStore(Base, BaseModel):
5570 5570 __tablename__ = 'file_store'
5571 5571 __table_args__ = (
5572 5572 base_table_args
5573 5573 )
5574 5574
5575 5575 file_store_id = Column('file_store_id', Integer(), primary_key=True)
5576 5576 file_uid = Column('file_uid', String(1024), nullable=False)
5577 5577 file_display_name = Column('file_display_name', UnicodeText().with_variant(UnicodeText(2048), 'mysql'), nullable=True)
5578 5578 file_description = Column('file_description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'), nullable=True)
5579 5579 file_org_name = Column('file_org_name', UnicodeText().with_variant(UnicodeText(10240), 'mysql'), nullable=False)
5580 5580
5581 5581 # sha256 hash
5582 5582 file_hash = Column('file_hash', String(512), nullable=False)
5583 5583 file_size = Column('file_size', BigInteger(), nullable=False)
5584 5584
5585 5585 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
5586 5586 accessed_on = Column('accessed_on', DateTime(timezone=False), nullable=True)
5587 5587 accessed_count = Column('accessed_count', Integer(), default=0)
5588 5588
5589 5589 enabled = Column('enabled', Boolean(), nullable=False, default=True)
5590 5590
5591 5591 # if repo/repo_group reference is set, check for permissions
5592 5592 check_acl = Column('check_acl', Boolean(), nullable=False, default=True)
5593 5593
5594 5594 # hidden defines an attachment that should be hidden from showing in artifact listing
5595 5595 hidden = Column('hidden', Boolean(), nullable=False, default=False)
5596 5596
5597 5597 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
5598 5598 upload_user = relationship('User', lazy='joined', primaryjoin='User.user_id==FileStore.user_id', back_populates='artifacts')
5599 5599
5600 5600 file_metadata = relationship('FileStoreMetadata', lazy='joined')
5601 5601
5602 5602 # scope limited to user, which requester have access to
5603 5603 scope_user_id = Column(
5604 5604 'scope_user_id', Integer(), ForeignKey('users.user_id'),
5605 5605 nullable=True, unique=None, default=None)
5606 5606 user = relationship('User', lazy='joined', primaryjoin='User.user_id==FileStore.scope_user_id', back_populates='scope_artifacts')
5607 5607
5608 5608 # scope limited to user group, which requester have access to
5609 5609 scope_user_group_id = Column(
5610 5610 'scope_user_group_id', Integer(), ForeignKey('users_groups.users_group_id'),
5611 5611 nullable=True, unique=None, default=None)
5612 5612 user_group = relationship('UserGroup', lazy='joined')
5613 5613
5614 5614 # scope limited to repo, which requester have access to
5615 5615 scope_repo_id = Column(
5616 5616 'scope_repo_id', Integer(), ForeignKey('repositories.repo_id'),
5617 5617 nullable=True, unique=None, default=None)
5618 5618 repo = relationship('Repository', lazy='joined')
5619 5619
5620 5620 # scope limited to repo group, which requester have access to
5621 5621 scope_repo_group_id = Column(
5622 5622 'scope_repo_group_id', Integer(), ForeignKey('groups.group_id'),
5623 5623 nullable=True, unique=None, default=None)
5624 5624 repo_group = relationship('RepoGroup', lazy='joined')
5625 5625
5626 5626 @classmethod
5627 5627 def get_scope(cls, scope_type, scope_id):
5628 5628 if scope_type == 'repo':
5629 5629 return f'repo:{scope_id}'
5630 5630 elif scope_type == 'repo-group':
5631 5631 return f'repo-group:{scope_id}'
5632 5632 elif scope_type == 'user':
5633 5633 return f'user:{scope_id}'
5634 5634 elif scope_type == 'user-group':
5635 5635 return f'user-group:{scope_id}'
5636 5636 else:
5637 5637 return scope_type
5638 5638
5639 5639 @classmethod
5640 5640 def get_by_store_uid(cls, file_store_uid, safe=False):
5641 5641 if safe:
5642 5642 return FileStore.query().filter(FileStore.file_uid == file_store_uid).first()
5643 5643 else:
5644 5644 return FileStore.query().filter(FileStore.file_uid == file_store_uid).scalar()
5645 5645
5646 5646 @classmethod
5647 5647 def create(cls, file_uid, filename, file_hash, file_size, file_display_name='',
5648 5648 file_description='', enabled=True, hidden=False, check_acl=True,
5649 5649 user_id=None, scope_user_id=None, scope_repo_id=None, scope_repo_group_id=None):
5650 5650
5651 5651 store_entry = FileStore()
5652 5652 store_entry.file_uid = file_uid
5653 5653 store_entry.file_display_name = file_display_name
5654 5654 store_entry.file_org_name = filename
5655 5655 store_entry.file_size = file_size
5656 5656 store_entry.file_hash = file_hash
5657 5657 store_entry.file_description = file_description
5658 5658
5659 5659 store_entry.check_acl = check_acl
5660 5660 store_entry.enabled = enabled
5661 5661 store_entry.hidden = hidden
5662 5662
5663 5663 store_entry.user_id = user_id
5664 5664 store_entry.scope_user_id = scope_user_id
5665 5665 store_entry.scope_repo_id = scope_repo_id
5666 5666 store_entry.scope_repo_group_id = scope_repo_group_id
5667 5667
5668 5668 return store_entry
5669 5669
5670 5670 @classmethod
5671 5671 def store_metadata(cls, file_store_id, args, commit=True):
5672 5672 file_store = FileStore.get(file_store_id)
5673 5673 if file_store is None:
5674 5674 return
5675 5675
5676 5676 for section, key, value, value_type in args:
5677 5677 has_key = FileStoreMetadata().query() \
5678 5678 .filter(FileStoreMetadata.file_store_id == file_store.file_store_id) \
5679 5679 .filter(FileStoreMetadata.file_store_meta_section == section) \
5680 5680 .filter(FileStoreMetadata.file_store_meta_key == key) \
5681 5681 .scalar()
5682 5682 if has_key:
5683 5683 msg = 'key `{}` already defined under section `{}` for this file.'\
5684 5684 .format(key, section)
5685 5685 raise ArtifactMetadataDuplicate(msg, err_section=section, err_key=key)
5686 5686
5687 5687 # NOTE(marcink): raises ArtifactMetadataBadValueType
5688 5688 FileStoreMetadata.valid_value_type(value_type)
5689 5689
5690 5690 meta_entry = FileStoreMetadata()
5691 5691 meta_entry.file_store = file_store
5692 5692 meta_entry.file_store_meta_section = section
5693 5693 meta_entry.file_store_meta_key = key
5694 5694 meta_entry.file_store_meta_value_type = value_type
5695 5695 meta_entry.file_store_meta_value = value
5696 5696
5697 5697 Session().add(meta_entry)
5698 5698
5699 5699 try:
5700 5700 if commit:
5701 5701 Session().commit()
5702 5702 except IntegrityError:
5703 5703 Session().rollback()
5704 5704 raise ArtifactMetadataDuplicate('Duplicate section/key found for this file.')
5705 5705
5706 5706 @classmethod
5707 5707 def bump_access_counter(cls, file_uid, commit=True):
5708 5708 FileStore().query()\
5709 5709 .filter(FileStore.file_uid == file_uid)\
5710 5710 .update({FileStore.accessed_count: (FileStore.accessed_count + 1),
5711 5711 FileStore.accessed_on: datetime.datetime.now()})
5712 5712 if commit:
5713 5713 Session().commit()
5714 5714
5715 5715 def __json__(self):
5716 5716 data = {
5717 5717 'filename': self.file_display_name,
5718 5718 'filename_org': self.file_org_name,
5719 5719 'file_uid': self.file_uid,
5720 5720 'description': self.file_description,
5721 5721 'hidden': self.hidden,
5722 5722 'size': self.file_size,
5723 5723 'created_on': self.created_on,
5724 5724 'uploaded_by': self.upload_user.get_api_data(details='basic'),
5725 5725 'downloaded_times': self.accessed_count,
5726 5726 'sha256': self.file_hash,
5727 5727 'metadata': self.file_metadata,
5728 5728 }
5729 5729
5730 5730 return data
5731 5731
5732 5732 def __repr__(self):
5733 5733 return f'<FileStore({self.file_store_id})>'
5734 5734
5735 5735
5736 5736 class FileStoreMetadata(Base, BaseModel):
5737 5737 __tablename__ = 'file_store_metadata'
5738 5738 __table_args__ = (
5739 5739 UniqueConstraint('file_store_id', 'file_store_meta_section_hash', 'file_store_meta_key_hash'),
5740 5740 Index('file_store_meta_section_idx', 'file_store_meta_section', mysql_length=255),
5741 5741 Index('file_store_meta_key_idx', 'file_store_meta_key', mysql_length=255),
5742 5742 base_table_args
5743 5743 )
5744 5744 SETTINGS_TYPES = {
5745 5745 'str': safe_str,
5746 5746 'int': safe_int,
5747 5747 'unicode': safe_str,
5748 5748 'bool': str2bool,
5749 5749 'list': functools.partial(aslist, sep=',')
5750 5750 }
5751 5751
5752 5752 file_store_meta_id = Column(
5753 5753 "file_store_meta_id", Integer(), nullable=False, unique=True, default=None,
5754 5754 primary_key=True)
5755 5755 _file_store_meta_section = Column(
5756 5756 "file_store_meta_section", UnicodeText().with_variant(UnicodeText(1024), 'mysql'),
5757 5757 nullable=True, unique=None, default=None)
5758 5758 _file_store_meta_section_hash = Column(
5759 5759 "file_store_meta_section_hash", String(255),
5760 5760 nullable=True, unique=None, default=None)
5761 5761 _file_store_meta_key = Column(
5762 5762 "file_store_meta_key", UnicodeText().with_variant(UnicodeText(1024), 'mysql'),
5763 5763 nullable=True, unique=None, default=None)
5764 5764 _file_store_meta_key_hash = Column(
5765 5765 "file_store_meta_key_hash", String(255), nullable=True, unique=None, default=None)
5766 5766 _file_store_meta_value = Column(
5767 5767 "file_store_meta_value", UnicodeText().with_variant(UnicodeText(20480), 'mysql'),
5768 5768 nullable=True, unique=None, default=None)
5769 5769 _file_store_meta_value_type = Column(
5770 5770 "file_store_meta_value_type", String(255), nullable=True, unique=None,
5771 5771 default='unicode')
5772 5772
5773 5773 file_store_id = Column(
5774 5774 'file_store_id', Integer(), ForeignKey('file_store.file_store_id'),
5775 5775 nullable=True, unique=None, default=None)
5776 5776
5777 5777 file_store = relationship('FileStore', lazy='joined', viewonly=True)
5778 5778
5779 5779 @classmethod
5780 5780 def valid_value_type(cls, value):
5781 5781 if value.split('.')[0] not in cls.SETTINGS_TYPES:
5782 5782 raise ArtifactMetadataBadValueType(
5783 5783 'value_type must be one of %s got %s' % (cls.SETTINGS_TYPES.keys(), value))
5784 5784
5785 5785 @hybrid_property
5786 5786 def file_store_meta_section(self):
5787 5787 return self._file_store_meta_section
5788 5788
5789 5789 @file_store_meta_section.setter
5790 5790 def file_store_meta_section(self, value):
5791 5791 self._file_store_meta_section = value
5792 5792 self._file_store_meta_section_hash = _hash_key(value)
5793 5793
5794 5794 @hybrid_property
5795 5795 def file_store_meta_key(self):
5796 5796 return self._file_store_meta_key
5797 5797
5798 5798 @file_store_meta_key.setter
5799 5799 def file_store_meta_key(self, value):
5800 5800 self._file_store_meta_key = value
5801 5801 self._file_store_meta_key_hash = _hash_key(value)
5802 5802
5803 5803 @hybrid_property
5804 5804 def file_store_meta_value(self):
5805 5805 val = self._file_store_meta_value
5806 5806
5807 5807 if self._file_store_meta_value_type:
5808 5808 # e.g unicode.encrypted == unicode
5809 5809 _type = self._file_store_meta_value_type.split('.')[0]
5810 5810 # decode the encrypted value if it's encrypted field type
5811 5811 if '.encrypted' in self._file_store_meta_value_type:
5812 5812 cipher = EncryptedTextValue()
5813 5813 val = safe_str(cipher.process_result_value(val, None))
5814 5814 # do final type conversion
5815 5815 converter = self.SETTINGS_TYPES.get(_type) or self.SETTINGS_TYPES['unicode']
5816 5816 val = converter(val)
5817 5817
5818 5818 return val
5819 5819
5820 5820 @file_store_meta_value.setter
5821 5821 def file_store_meta_value(self, val):
5822 5822 val = safe_str(val)
5823 5823 # encode the encrypted value
5824 5824 if '.encrypted' in self.file_store_meta_value_type:
5825 5825 cipher = EncryptedTextValue()
5826 5826 val = safe_str(cipher.process_bind_param(val, None))
5827 5827 self._file_store_meta_value = val
5828 5828
5829 5829 @hybrid_property
5830 5830 def file_store_meta_value_type(self):
5831 5831 return self._file_store_meta_value_type
5832 5832
5833 5833 @file_store_meta_value_type.setter
5834 5834 def file_store_meta_value_type(self, val):
5835 5835 # e.g unicode.encrypted
5836 5836 self.valid_value_type(val)
5837 5837 self._file_store_meta_value_type = val
5838 5838
5839 5839 def __json__(self):
5840 5840 data = {
5841 5841 'artifact': self.file_store.file_uid,
5842 5842 'section': self.file_store_meta_section,
5843 5843 'key': self.file_store_meta_key,
5844 5844 'value': self.file_store_meta_value,
5845 5845 }
5846 5846
5847 5847 return data
5848 5848
5849 5849 def __repr__(self):
5850 5850 return '<%s[%s]%s=>%s]>' % (self.cls_name, self.file_store_meta_section,
5851 5851 self.file_store_meta_key, self.file_store_meta_value)
5852 5852
5853 5853
5854 5854 class DbMigrateVersion(Base, BaseModel):
5855 5855 __tablename__ = 'db_migrate_version'
5856 5856 __table_args__ = (
5857 5857 base_table_args,
5858 5858 )
5859 5859
5860 5860 repository_id = Column('repository_id', String(250), primary_key=True)
5861 5861 repository_path = Column('repository_path', Text)
5862 5862 version = Column('version', Integer)
5863 5863
5864 5864 @classmethod
5865 5865 def set_version(cls, version):
5866 5866 """
5867 5867 Helper for forcing a different version, usually for debugging purposes via ishell.
5868 5868 """
5869 5869 ver = DbMigrateVersion.query().first()
5870 5870 ver.version = version
5871 5871 Session().commit()
5872 5872
5873 5873
5874 5874 class DbSession(Base, BaseModel):
5875 5875 __tablename__ = 'db_session'
5876 5876 __table_args__ = (
5877 5877 base_table_args,
5878 5878 )
5879 5879
5880 5880 def __repr__(self):
5881 5881 return f'<DB:DbSession({self.id})>'
5882 5882
5883 5883 id = Column('id', Integer())
5884 5884 namespace = Column('namespace', String(255), primary_key=True)
5885 5885 accessed = Column('accessed', DateTime, nullable=False)
5886 5886 created = Column('created', DateTime, nullable=False)
5887 5887 data = Column('data', PickleType, nullable=False)
General Comments 0
You need to be logged in to leave comments. Login now