u/pc/rhodecode-enterprise-ce-fork-pc Commit - r2424:76f7c7cb

feed-token, user, performance: lazy load the feed_token. We only need it for...

marcink -

r2424:76f7c7cb default

parent child

rhodecode/lib/auth.py

0 +4 -1

              # -*- coding: utf-8 -*-
              # Copyright (C) 2010-2017 RhodeCode GmbH
              #
              # This program is free software: you can redistribute it and/or modify
              # it under the terms of the GNU Affero General Public License, version 3
              # (only), as published by the Free Software Foundation.
              #
              # This program is distributed in the hope that it will be useful,
              # but WITHOUT ANY WARRANTY; without even the implied warranty of
              # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
              # GNU General Public License for more details.
              #
              # You should have received a copy of the GNU Affero General Public License
              # along with this program.  If not, see <http://www.gnu.org/licenses/>.
              #
              # This program is dual-licensed. If you wish to learn more about the
              # RhodeCode Enterprise Edition, including its added features, Support services,
              # and proprietary license terms, please see https://rhodecode.com/licenses/
              """
              authentication and permission libraries
              """
              import os
              import inspect
              import collections
              import fnmatch
              import hashlib
              import itertools
              import logging
              import random
              import traceback
              from functools import wraps
              import ipaddress
              from pyramid.httpexceptions import HTTPForbidden, HTTPFound, HTTPNotFound
              from sqlalchemy.orm.exc import ObjectDeletedError
              from sqlalchemy.orm import joinedload
              from zope.cachedescriptors.property import Lazy as LazyProperty
              import rhodecode
              from rhodecode.model import meta
              from rhodecode.model.meta import Session
              from rhodecode.model.user import UserModel
              from rhodecode.model.db import (
                  User, Repository, Permission, UserToPerm, UserGroupToPerm, UserGroupMember,
                  UserIpMap, UserApiKeys, RepoGroup, UserGroup)
              from rhodecode.lib import caches
              from rhodecode.lib.utils2 import safe_unicode, aslist, safe_str, md5
              from rhodecode.lib.utils import (
                  get_repo_slug, get_repo_group_slug, get_user_group_slug)
              from rhodecode.lib.caching_query import FromCache
              if rhodecode.is_unix:
                  import bcrypt
              log = logging.getLogger(__name__)
              csrf_token_key = "csrf_token"
              class PasswordGenerator(object):
                  """
                  This is a simple class for generating password from different sets of
                  characters
                  usage::
                      passwd_gen = PasswordGenerator()
                      #print 8-letter password containing only big and small letters
                          of alphabet
                      passwd_gen.gen_password(8, passwd_gen.ALPHABETS_BIG_SMALL)
                  """
                  ALPHABETS_NUM = r'''1234567890'''
                  ALPHABETS_SMALL = r'''qwertyuiopasdfghjklzxcvbnm'''
                  ALPHABETS_BIG = r'''QWERTYUIOPASDFGHJKLZXCVBNM'''
                  ALPHABETS_SPECIAL = r'''`-=[]\;',./~!@#$%^&*()_+{}|:"<>?'''
                  ALPHABETS_FULL = ALPHABETS_BIG + ALPHABETS_SMALL \
                      + ALPHABETS_NUM + ALPHABETS_SPECIAL
                  ALPHABETS_ALPHANUM = ALPHABETS_BIG + ALPHABETS_SMALL + ALPHABETS_NUM
                  ALPHABETS_BIG_SMALL = ALPHABETS_BIG + ALPHABETS_SMALL
                  ALPHABETS_ALPHANUM_BIG = ALPHABETS_BIG + ALPHABETS_NUM
                  ALPHABETS_ALPHANUM_SMALL = ALPHABETS_SMALL + ALPHABETS_NUM
                  def __init__(self, passwd=''):
                      self.passwd = passwd
                  def gen_password(self, length, type_=None):
                      if type_ is None:
                          type_ = self.ALPHABETS_FULL
                      self.passwd = ''.join([random.choice(type_) for _ in xrange(length)])
                      return self.passwd
              class _RhodeCodeCryptoBase(object):
                  ENC_PREF = None
                  def hash_create(self, str_):
                      """
                      hash the string using
                      :param str_: password to hash
                      """
                      raise NotImplementedError
                  def hash_check_with_upgrade(self, password, hashed):
                      """
                      Returns tuple in which first element is boolean that states that
                      given password matches it's hashed version, and the second is new hash
                      of the password, in case this password should be migrated to new
                      cipher.
                      """
                      checked_hash = self.hash_check(password, hashed)
                      return checked_hash, None
                  def hash_check(self, password, hashed):
                      """
                      Checks matching password with it's hashed value.
                      :param password: password
                      :param hashed: password in hashed form
                      """
                      raise NotImplementedError
                  def _assert_bytes(self, value):
                      """
                      Passing in an `unicode` object can lead to hard to detect issues
                      if passwords contain non-ascii characters.  Doing a type check
                      during runtime, so that such mistakes are detected early on.
                      """
                      if not isinstance(value, str):
                          raise TypeError(
                              "Bytestring required as input, got %r." % (value, ))
              class _RhodeCodeCryptoBCrypt(_RhodeCodeCryptoBase):
                  ENC_PREF = ('$2a$10', '$2b$10')
                  def hash_create(self, str_):
                      self._assert_bytes(str_)
                      return bcrypt.hashpw(str_, bcrypt.gensalt(10))
                  def hash_check_with_upgrade(self, password, hashed):
                      """
                      Returns tuple in which first element is boolean that states that
                      given password matches it's hashed version, and the second is new hash
                      of the password, in case this password should be migrated to new
                      cipher.
                      This implements special upgrade logic which works like that:
                       - check if the given password == bcrypted hash, if yes then we
                         properly used password and it was already in bcrypt. Proceed
                         without any changes
                       - if bcrypt hash check is not working try with sha256. If hash compare
                         is ok, it means we using correct but old hashed password. indicate
                         hash change and proceed
                      """
                      new_hash = None
                      # regular pw check
                      password_match_bcrypt = self.hash_check(password, hashed)
                      # now we want to know if the password was maybe from sha256
                      # basically calling _RhodeCodeCryptoSha256().hash_check()
                      if not password_match_bcrypt:
                          if _RhodeCodeCryptoSha256().hash_check(password, hashed):
                              new_hash = self.hash_create(password)  # make new bcrypt hash
                              password_match_bcrypt = True
                      return password_match_bcrypt, new_hash
                  def hash_check(self, password, hashed):
                      """
                      Checks matching password with it's hashed value.
                      :param password: password
                      :param hashed: password in hashed form
                      """
                      self._assert_bytes(password)
                      try:
                          return bcrypt.hashpw(password, hashed) == hashed
                      except ValueError as e:
                          # we're having a invalid salt here probably, we should not crash
                          # just return with False as it would be a wrong password.
                          log.debug('Failed to check password hash using bcrypt %s',
                                    safe_str(e))
                      return False
              class _RhodeCodeCryptoSha256(_RhodeCodeCryptoBase):
                  ENC_PREF = '_'
                  def hash_create(self, str_):
                      self._assert_bytes(str_)
                      return hashlib.sha256(str_).hexdigest()
                  def hash_check(self, password, hashed):
                      """
                      Checks matching password with it's hashed value.
                      :param password: password
                      :param hashed: password in hashed form
                      """
                      self._assert_bytes(password)
                      return hashlib.sha256(password).hexdigest() == hashed
              class _RhodeCodeCryptoMd5(_RhodeCodeCryptoBase):
                  ENC_PREF = '_'
                  def hash_create(self, str_):
                      self._assert_bytes(str_)
                      return hashlib.md5(str_).hexdigest()
                  def hash_check(self, password, hashed):
                      """
                      Checks matching password with it's hashed value.
                      :param password: password
                      :param hashed: password in hashed form
                      """
                      self._assert_bytes(password)
                      return hashlib.md5(password).hexdigest() == hashed
              def crypto_backend():
                  """
                  Return the matching crypto backend.
                  Selection is based on if we run tests or not, we pick md5 backend to run
                  tests faster since BCRYPT is expensive to calculate
                  """
                  if rhodecode.is_test:
                      RhodeCodeCrypto = _RhodeCodeCryptoMd5()
                  else:
                      RhodeCodeCrypto = _RhodeCodeCryptoBCrypt()
                  return RhodeCodeCrypto
              def get_crypt_password(password):
                  """
                  Create the hash of `password` with the active crypto backend.
                  :param password: The cleartext password.
                  :type password: unicode
                  """
                  password = safe_str(password)
                  return crypto_backend().hash_create(password)
              def check_password(password, hashed):
                  """
                  Check if the value in `password` matches the hash in `hashed`.
                  :param password: The cleartext password.
                  :type password: unicode
                  :param hashed: The expected hashed version of the password.
                  :type hashed: The hash has to be passed in in text representation.
                  """
                  password = safe_str(password)
                  return crypto_backend().hash_check(password, hashed)
              def generate_auth_token(data, salt=None):
                  """
                  Generates API KEY from given string
                  """
                  if salt is None:
                      salt = os.urandom(16)
                  return hashlib.sha1(safe_str(data) + salt).hexdigest()
              def get_came_from(request):
                  """
                  get query_string+path from request sanitized after removing auth_token
                  """
                  _req = request
                  path = _req.path
                  if 'auth_token' in _req.GET:
                      # sanitize the request and remove auth_token for redirection
                      _req.GET.pop('auth_token')
                  qs = _req.query_string
                  if qs:
                      path += '?' + qs
                  return path
              class CookieStoreWrapper(object):
                  def __init__(self, cookie_store):
                      self.cookie_store = cookie_store
                  def __repr__(self):
                      return 'CookieStore<%s>' % (self.cookie_store)
                  def get(self, key, other=None):
                      if isinstance(self.cookie_store, dict):
                          return self.cookie_store.get(key, other)
                      elif isinstance(self.cookie_store, AuthUser):
                          return self.cookie_store.__dict__.get(key, other)
              def _cached_perms_data(user_id, scope, user_is_admin,
                                     user_inherit_default_permissions, explicit, algo,
                                     calculate_super_admin):
                  permissions = PermissionCalculator(
                      user_id, scope, user_is_admin, user_inherit_default_permissions,
                      explicit, algo, calculate_super_admin)
                  return permissions.calculate()
              class PermOrigin(object):
                  SUPER_ADMIN = 'superadmin'
                  REPO_USER = 'user:%s'
                  REPO_USERGROUP = 'usergroup:%s'
                  REPO_OWNER = 'repo.owner'
                  REPO_DEFAULT = 'repo.default'
                  REPO_DEFAULT_NO_INHERIT = 'repo.default.no.inherit'
                  REPO_PRIVATE = 'repo.private'
                  REPOGROUP_USER = 'user:%s'
                  REPOGROUP_USERGROUP = 'usergroup:%s'
                  REPOGROUP_OWNER = 'group.owner'
                  REPOGROUP_DEFAULT = 'group.default'
                  REPOGROUP_DEFAULT_NO_INHERIT = 'group.default.no.inherit'
                  USERGROUP_USER = 'user:%s'
                  USERGROUP_USERGROUP = 'usergroup:%s'
                  USERGROUP_OWNER = 'usergroup.owner'
                  USERGROUP_DEFAULT = 'usergroup.default'
                  USERGROUP_DEFAULT_NO_INHERIT = 'usergroup.default.no.inherit'
              class PermOriginDict(dict):
                  """
                  A special dict used for tracking permissions along with their origins.
                  `__setitem__` has been overridden to expect a tuple(perm, origin)
                  `__getitem__` will return only the perm
                  `.perm_origin_stack` will return the stack of (perm, origin) set per key
                  >>> perms = PermOriginDict()
                  >>> perms['resource'] = 'read', 'default'
                  >>> perms['resource']
                  'read'
                  >>> perms['resource'] = 'write', 'admin'
                  >>> perms['resource']
                  'write'
                  >>> perms.perm_origin_stack
                  {'resource': [('read', 'default'), ('write', 'admin')]}
                  """
                  def __init__(self, *args, **kw):
                      dict.__init__(self, *args, **kw)
                      self.perm_origin_stack = collections.OrderedDict()
                  def __setitem__(self, key, (perm, origin)):
                      self.perm_origin_stack.setdefault(key, []).append((perm, origin))
                      dict.__setitem__(self, key, perm)
              class PermissionCalculator(object):
                  def __init__(
                          self, user_id, scope, user_is_admin,
                          user_inherit_default_permissions, explicit, algo,
                          calculate_super_admin=False):
                      self.user_id = user_id
                      self.user_is_admin = user_is_admin
                      self.inherit_default_permissions = user_inherit_default_permissions
                      self.explicit = explicit
                      self.algo = algo
                      self.calculate_super_admin = calculate_super_admin
                      scope = scope or {}
                      self.scope_repo_id = scope.get('repo_id')
                      self.scope_repo_group_id = scope.get('repo_group_id')
                      self.scope_user_group_id = scope.get('user_group_id')
                      self.default_user_id = User.get_default_user(cache=True).user_id
                      self.permissions_repositories = PermOriginDict()
                      self.permissions_repository_groups = PermOriginDict()
                      self.permissions_user_groups = PermOriginDict()
                      self.permissions_global = set()
                      self.default_repo_perms = Permission.get_default_repo_perms(
                          self.default_user_id, self.scope_repo_id)
                      self.default_repo_groups_perms = Permission.get_default_group_perms(
                          self.default_user_id, self.scope_repo_group_id)
                      self.default_user_group_perms = \
                          Permission.get_default_user_group_perms(
                              self.default_user_id, self.scope_user_group_id)
                  def calculate(self):
                      if self.user_is_admin and not self.calculate_super_admin:
                          return self._admin_permissions()
                      self._calculate_global_default_permissions()
                      self._calculate_global_permissions()
                      self._calculate_default_permissions()
                      self._calculate_repository_permissions()
                      self._calculate_repository_group_permissions()
                      self._calculate_user_group_permissions()
                      return self._permission_structure()
                  def _admin_permissions(self):
                      """
                      admin user have all default rights for repositories
                      and groups set to admin
                      """
                      self.permissions_global.add('hg.admin')
                      self.permissions_global.add('hg.create.write_on_repogroup.true')
                      # repositories
                      for perm in self.default_repo_perms:
                          r_k = perm.UserRepoToPerm.repository.repo_name
                          p = 'repository.admin'
                          self.permissions_repositories[r_k] = p, PermOrigin.SUPER_ADMIN
                      # repository groups
                      for perm in self.default_repo_groups_perms:
                          rg_k = perm.UserRepoGroupToPerm.group.group_name
                          p = 'group.admin'
                          self.permissions_repository_groups[rg_k] = p, PermOrigin.SUPER_ADMIN
                      # user groups
                      for perm in self.default_user_group_perms:
                          u_k = perm.UserUserGroupToPerm.user_group.users_group_name
                          p = 'usergroup.admin'
                          self.permissions_user_groups[u_k] = p, PermOrigin.SUPER_ADMIN
                      return self._permission_structure()
                  def _calculate_global_default_permissions(self):
                      """
                      global permissions taken from the default user
                      """
                      default_global_perms = UserToPerm.query()\
                          .filter(UserToPerm.user_id == self.default_user_id)\
                          .options(joinedload(UserToPerm.permission))
                      for perm in default_global_perms:
                          self.permissions_global.add(perm.permission.permission_name)
                      if self.user_is_admin:
                          self.permissions_global.add('hg.admin')
                          self.permissions_global.add('hg.create.write_on_repogroup.true')
                  def _calculate_global_permissions(self):
                      """
                      Set global system permissions with user permissions or permissions
                      taken from the user groups of the current user.
                      The permissions include repo creating, repo group creating, forking
                      etc.
                      """
                      # now we read the defined permissions and overwrite what we have set
                      # before those can be configured from groups or users explicitly.
                      # TODO: johbo: This seems to be out of sync, find out the reason
                      # for the comment below and update it.
                      # In case we want to extend this list we should be always in sync with
                      # User.DEFAULT_USER_PERMISSIONS definitions
                      _configurable = frozenset([
                          'hg.fork.none', 'hg.fork.repository',
                          'hg.create.none', 'hg.create.repository',
                          'hg.usergroup.create.false', 'hg.usergroup.create.true',
                          'hg.repogroup.create.false', 'hg.repogroup.create.true',
                          'hg.create.write_on_repogroup.false',
                          'hg.create.write_on_repogroup.true',
                          'hg.inherit_default_perms.false', 'hg.inherit_default_perms.true'
                      ])
                      # USER GROUPS comes first user group global permissions
                      user_perms_from_users_groups = Session().query(UserGroupToPerm)\
                          .options(joinedload(UserGroupToPerm.permission))\
                          .join((UserGroupMember, UserGroupToPerm.users_group_id ==
                                 UserGroupMember.users_group_id))\
                          .filter(UserGroupMember.user_id == self.user_id)\
                          .order_by(UserGroupToPerm.users_group_id)\
                          .all()
                      # need to group here by groups since user can be in more than
                      # one group, so we get all groups
                      _explicit_grouped_perms = [
                          [x, list(y)] for x, y in
                          itertools.groupby(user_perms_from_users_groups,
                                            lambda _x: _x.users_group)]
                      for gr, perms in _explicit_grouped_perms:
                          # since user can be in multiple groups iterate over them and
                          # select the lowest permissions first (more explicit)
                          # TODO: marcink: do this^^
                          # group doesn't inherit default permissions so we actually set them
                          if not gr.inherit_default_permissions:
                              # NEED TO IGNORE all previously set configurable permissions
                              # and replace them with explicitly set from this user
                              # group permissions
                              self.permissions_global = self.permissions_global.difference(
                                  _configurable)
                              for perm in perms:
                                  self.permissions_global.add(perm.permission.permission_name)
                      # user explicit global permissions
                      user_perms = Session().query(UserToPerm)\
                          .options(joinedload(UserToPerm.permission))\
                          .filter(UserToPerm.user_id == self.user_id).all()
                      if not self.inherit_default_permissions:
                          # NEED TO IGNORE all configurable permissions and
                          # replace them with explicitly set from this user permissions
                          self.permissions_global = self.permissions_global.difference(
                              _configurable)
                          for perm in user_perms:
                              self.permissions_global.add(perm.permission.permission_name)
                  def _calculate_default_permissions(self):
                      """
                      Set default user permissions for repositories, repository groups
                      taken from the default user.
                      Calculate inheritance of object permissions based on what we have now
                      in GLOBAL permissions. We check if .false is in GLOBAL since this is
                      explicitly set. Inherit is the opposite of .false being there.
                      .. note::
                         the syntax is little bit odd but what we need to check here is
                         the opposite of .false permission being in the list so even for
                         inconsistent state when both .true/.false is there
                         .false is more important
                      """
                      user_inherit_object_permissions = not ('hg.inherit_default_perms.false'
                                                             in self.permissions_global)
                      # defaults for repositories, taken from `default` user permissions
                      # on given repo
                      for perm in self.default_repo_perms:
                          r_k = perm.UserRepoToPerm.repository.repo_name
                          p = perm.Permission.permission_name
                          o = PermOrigin.REPO_DEFAULT
                          self.permissions_repositories[r_k] = p, o
                          # if we decide this user isn't inheriting permissions from
                          # default user we set him to .none so only explicit
                          # permissions work
                          if not user_inherit_object_permissions:
                              p = 'repository.none'
                              o = PermOrigin.REPO_DEFAULT_NO_INHERIT
                              self.permissions_repositories[r_k] = p, o
                          if perm.Repository.private and not (
                                  perm.Repository.user_id == self.user_id):
                              # disable defaults for private repos,
                              p = 'repository.none'
                              o = PermOrigin.REPO_PRIVATE
                              self.permissions_repositories[r_k] = p, o
                          elif perm.Repository.user_id == self.user_id:
                              # set admin if owner
                              p = 'repository.admin'
                              o = PermOrigin.REPO_OWNER
                              self.permissions_repositories[r_k] = p, o
                          if self.user_is_admin:
                              p = 'repository.admin'
                              o = PermOrigin.SUPER_ADMIN
                              self.permissions_repositories[r_k] = p, o
                      # defaults for repository groups taken from `default` user permission
                      # on given group
                      for perm in self.default_repo_groups_perms:
                          rg_k = perm.UserRepoGroupToPerm.group.group_name
                          p = perm.Permission.permission_name
                          o = PermOrigin.REPOGROUP_DEFAULT
                          self.permissions_repository_groups[rg_k] = p, o
                          # if we decide this user isn't inheriting permissions from default
                          # user we set him to .none so only explicit permissions work
                          if not user_inherit_object_permissions:
                              p = 'group.none'
                              o = PermOrigin.REPOGROUP_DEFAULT_NO_INHERIT
                              self.permissions_repository_groups[rg_k] = p, o
                          if perm.RepoGroup.user_id == self.user_id:
                              # set admin if owner
                              p = 'group.admin'
                              o = PermOrigin.REPOGROUP_OWNER
                              self.permissions_repository_groups[rg_k] = p, o
                          if self.user_is_admin:
                              p = 'group.admin'
                              o = PermOrigin.SUPER_ADMIN
                              self.permissions_repository_groups[rg_k] = p, o
                      # defaults for user groups taken from `default` user permission
                      # on given user group
                      for perm in self.default_user_group_perms:
                          u_k = perm.UserUserGroupToPerm.user_group.users_group_name
                          p = perm.Permission.permission_name
                          o = PermOrigin.USERGROUP_DEFAULT
                          self.permissions_user_groups[u_k] = p, o
                          # if we decide this user isn't inheriting permissions from default
                          # user we set him to .none so only explicit permissions work
                          if not user_inherit_object_permissions:
                              p = 'usergroup.none'
                              o = PermOrigin.USERGROUP_DEFAULT_NO_INHERIT
                              self.permissions_user_groups[u_k] = p, o
                          if perm.UserGroup.user_id == self.user_id:
                              # set admin if owner
                              p = 'usergroup.admin'
                              o = PermOrigin.USERGROUP_OWNER
                              self.permissions_user_groups[u_k] = p, o
                          if self.user_is_admin:
                              p = 'usergroup.admin'
                              o = PermOrigin.SUPER_ADMIN
                              self.permissions_user_groups[u_k] = p, o
                  def _calculate_repository_permissions(self):
                      """
                      Repository permissions for the current user.
                      Check if the user is part of user groups for this repository and
                      fill in the permission from it. `_choose_permission` decides of which
                      permission should be selected based on selected method.
                      """
                      # user group for repositories permissions
                      user_repo_perms_from_user_group = Permission\
                          .get_default_repo_perms_from_user_group(
                              self.user_id, self.scope_repo_id)
                      multiple_counter = collections.defaultdict(int)
                      for perm in user_repo_perms_from_user_group:
                          r_k = perm.UserGroupRepoToPerm.repository.repo_name
                          multiple_counter[r_k] += 1
                          p = perm.Permission.permission_name
                          o = PermOrigin.REPO_USERGROUP % perm.UserGroupRepoToPerm\
                              .users_group.users_group_name
                          if multiple_counter[r_k] > 1:
                              cur_perm = self.permissions_repositories[r_k]
                              p = self._choose_permission(p, cur_perm)
                          self.permissions_repositories[r_k] = p, o
                          if perm.Repository.user_id == self.user_id:
                              # set admin if owner
                              p = 'repository.admin'
                              o = PermOrigin.REPO_OWNER
                              self.permissions_repositories[r_k] = p, o
                          if self.user_is_admin:
                              p = 'repository.admin'
                              o = PermOrigin.SUPER_ADMIN
                              self.permissions_repositories[r_k] = p, o
                      # user explicit permissions for repositories, overrides any specified
                      # by the group permission
                      user_repo_perms = Permission.get_default_repo_perms(
                          self.user_id, self.scope_repo_id)
                      for perm in user_repo_perms:
                          r_k = perm.UserRepoToPerm.repository.repo_name
                          p = perm.Permission.permission_name
                          o = PermOrigin.REPO_USER % perm.UserRepoToPerm.user.username
                          if not self.explicit:
                              cur_perm = self.permissions_repositories.get(
                                  r_k, 'repository.none')
                              p = self._choose_permission(p, cur_perm)
                          self.permissions_repositories[r_k] = p, o
                          if perm.Repository.user_id == self.user_id:
                              # set admin if owner
                              p = 'repository.admin'
                              o = PermOrigin.REPO_OWNER
                              self.permissions_repositories[r_k] = p, o
                          if self.user_is_admin:
                              p = 'repository.admin'
                              o = PermOrigin.SUPER_ADMIN
                              self.permissions_repositories[r_k] = p, o
                  def _calculate_repository_group_permissions(self):
                      """
                      Repository group permissions for the current user.
                      Check if the user is part of user groups for repository groups and
                      fill in the permissions from it. `_choose_permission` decides of which
                      permission should be selected based on selected method.
                      """
                      # user group for repo groups permissions
                      user_repo_group_perms_from_user_group = Permission\
                          .get_default_group_perms_from_user_group(
                              self.user_id, self.scope_repo_group_id)
                      multiple_counter = collections.defaultdict(int)
                      for perm in user_repo_group_perms_from_user_group:
                          rg_k = perm.UserGroupRepoGroupToPerm.group.group_name
                          multiple_counter[rg_k] += 1
                          o = PermOrigin.REPOGROUP_USERGROUP % perm.UserGroupRepoGroupToPerm\
                              .users_group.users_group_name
                          p = perm.Permission.permission_name
                          if multiple_counter[rg_k] > 1:
                              cur_perm = self.permissions_repository_groups[rg_k]
                              p = self._choose_permission(p, cur_perm)
                          self.permissions_repository_groups[rg_k] = p, o
                          if perm.RepoGroup.user_id == self.user_id:
                              # set admin if owner, even for member of other user group
                              p = 'group.admin'
                              o = PermOrigin.REPOGROUP_OWNER
                              self.permissions_repository_groups[rg_k] = p, o
                          if self.user_is_admin:
                              p = 'group.admin'
                              o = PermOrigin.SUPER_ADMIN
                              self.permissions_repository_groups[rg_k] = p, o
                      # user explicit permissions for repository groups
                      user_repo_groups_perms = Permission.get_default_group_perms(
                          self.user_id, self.scope_repo_group_id)
                      for perm in user_repo_groups_perms:
                          rg_k = perm.UserRepoGroupToPerm.group.group_name
                          o = PermOrigin.REPOGROUP_USER % perm.UserRepoGroupToPerm\
                              .user.username
                          p = perm.Permission.permission_name
                          if not self.explicit:
                              cur_perm = self.permissions_repository_groups.get(
                                  rg_k, 'group.none')
                              p = self._choose_permission(p, cur_perm)
                          self.permissions_repository_groups[rg_k] = p, o
                          if perm.RepoGroup.user_id == self.user_id:
                              # set admin if owner
                              p = 'group.admin'
                              o = PermOrigin.REPOGROUP_OWNER
                              self.permissions_repository_groups[rg_k] = p, o
                          if self.user_is_admin:
                              p = 'group.admin'
                              o = PermOrigin.SUPER_ADMIN
                              self.permissions_repository_groups[rg_k] = p, o
                  def _calculate_user_group_permissions(self):
                      """
                      User group permissions for the current user.
                      """
                      # user group for user group permissions
                      user_group_from_user_group = Permission\
                          .get_default_user_group_perms_from_user_group(
                              self.user_id, self.scope_user_group_id)
                      multiple_counter = collections.defaultdict(int)
                      for perm in user_group_from_user_group:
                          ug_k = perm.UserGroupUserGroupToPerm\
                              .target_user_group.users_group_name
                          multiple_counter[ug_k] += 1
                          o = PermOrigin.USERGROUP_USERGROUP % perm.UserGroupUserGroupToPerm\
                              .user_group.users_group_name
                          p = perm.Permission.permission_name
                          if multiple_counter[ug_k] > 1:
                              cur_perm = self.permissions_user_groups[ug_k]
                              p = self._choose_permission(p, cur_perm)
                          self.permissions_user_groups[ug_k] = p, o
                          if perm.UserGroup.user_id == self.user_id:
                              # set admin if owner, even for member of other user group
                              p = 'usergroup.admin'
                              o = PermOrigin.USERGROUP_OWNER
                              self.permissions_user_groups[ug_k] = p, o
                          if self.user_is_admin:
                              p = 'usergroup.admin'
                              o = PermOrigin.SUPER_ADMIN
                              self.permissions_user_groups[ug_k] = p, o
                      # user explicit permission for user groups
                      user_user_groups_perms = Permission.get_default_user_group_perms(
                          self.user_id, self.scope_user_group_id)
                      for perm in user_user_groups_perms:
                          ug_k = perm.UserUserGroupToPerm.user_group.users_group_name
                          o = PermOrigin.USERGROUP_USER % perm.UserUserGroupToPerm\
                              .user.username
                          p = perm.Permission.permission_name
                          if not self.explicit:
                              cur_perm = self.permissions_user_groups.get(
                                  ug_k, 'usergroup.none')
                              p = self._choose_permission(p, cur_perm)
                          self.permissions_user_groups[ug_k] = p, o
                          if perm.UserGroup.user_id == self.user_id:
                              # set admin if owner
                              p = 'usergroup.admin'
                              o = PermOrigin.USERGROUP_OWNER
                              self.permissions_user_groups[ug_k] = p, o
                          if self.user_is_admin:
                              p = 'usergroup.admin'
                              o = PermOrigin.SUPER_ADMIN
                              self.permissions_user_groups[ug_k] = p, o
                  def _choose_permission(self, new_perm, cur_perm):
                      new_perm_val = Permission.PERM_WEIGHTS[new_perm]
                      cur_perm_val = Permission.PERM_WEIGHTS[cur_perm]
                      if self.algo == 'higherwin':
                          if new_perm_val > cur_perm_val:
                              return new_perm
                          return cur_perm
                      elif self.algo == 'lowerwin':
                          if new_perm_val < cur_perm_val:
                              return new_perm
                          return cur_perm
                  def _permission_structure(self):
                      return {
                          'global': self.permissions_global,
                          'repositories': self.permissions_repositories,
                          'repositories_groups': self.permissions_repository_groups,
                          'user_groups': self.permissions_user_groups,
                      }
              def allowed_auth_token_access(view_name, auth_token, whitelist=None):
                  """
                  Check if given controller_name is in whitelist of auth token access
                  """
                  if not whitelist:
                      from rhodecode import CONFIG
                      whitelist = aslist(
                          CONFIG.get('api_access_controllers_whitelist'), sep=',')
                  # backward compat translation
                  compat = {
                      # old controller, new VIEW
                      'ChangesetController:*': 'RepoCommitsView:*',
                      'ChangesetController:changeset_patch': 'RepoCommitsView:repo_commit_patch',
                      'ChangesetController:changeset_raw': 'RepoCommitsView:repo_commit_raw',
                      'FilesController:raw': 'RepoCommitsView:repo_commit_raw',
                      'FilesController:archivefile': 'RepoFilesView:repo_archivefile',
                      'GistsController:*': 'GistView:*',
                  }
                  log.debug(
                      'Allowed views for AUTH TOKEN access: %s' % (whitelist,))
                  auth_token_access_valid = False
                  for entry in whitelist:
                      token_match = True
                      if entry in compat:
                          # translate from old Controllers to Pyramid Views
                          entry = compat[entry]
                      if '@' in entry:
                          # specific AuthToken
                          entry, allowed_token = entry.split('@', 1)
                          token_match = auth_token == allowed_token
                      if fnmatch.fnmatch(view_name, entry) and token_match:
                          auth_token_access_valid = True
                          break
                  if auth_token_access_valid:
                      log.debug('view: `%s` matches entry in whitelist: %s'
                                % (view_name, whitelist))
                  else:
                      msg = ('view: `%s` does *NOT* match any entry in whitelist: %s'
                             % (view_name, whitelist))
                      if auth_token:
                          # if we use auth token key and don't have access it's a warning
                          log.warning(msg)
                      else:
                          log.debug(msg)
                  return auth_token_access_valid
              class AuthUser(object):
                  """
                  A simple object that handles all attributes of user in RhodeCode
                  It does lookup based on API key,given user, or user present in session
                  Then it fills all required information for such user. It also checks if
                  anonymous access is enabled and if so, it returns default user as logged in
                  """
                  GLOBAL_PERMS = [x[0] for x in Permission.PERMS]
                  def __init__(self, user_id=None, api_key=None, username=None, ip_addr=None):
                      self.user_id = user_id
                      self._api_key = api_key
                      self.api_key = None
-                     self.feed_token = ''
                      self.username = username
                      self.ip_addr = ip_addr
                      self.name = ''
                      self.lastname = ''
                      self.first_name = ''
                      self.last_name = ''
                      self.email = ''
                      self.is_authenticated = False
                      self.admin = False
                      self.inherit_default_permissions = False
                      self.password = ''
                      self.anonymous_user = None  # propagated on propagate_data
                      self.propagate_data()
                      self._instance = None
                      self._permissions_scoped_cache = {}  # used to bind scoped calculation
                  @LazyProperty
                  def permissions(self):
                      return self.get_perms(user=self, cache=False)
                  @LazyProperty
                  def permissions_safe(self):
                      """
                      Filtered permissions excluding not allowed repositories
                      """
                      perms = self.get_perms(user=self, cache=False)
                      perms['repositories'] = {
                          k: v for k, v in perms['repositories'].iteritems()
                          if v != 'repository.none'}
                      perms['repositories_groups'] = {
                          k: v for k, v in perms['repositories_groups'].iteritems()
                          if v != 'group.none'}
                      perms['user_groups'] = {
                          k: v for k, v in perms['user_groups'].iteritems()
                          if v != 'usergroup.none'}
                      return perms
                  @LazyProperty
                  def permissions_full_details(self):
                      return self.get_perms(
                          user=self, cache=False, calculate_super_admin=True)
                  def permissions_with_scope(self, scope):
                      """
                      Call the get_perms function with scoped data. The scope in that function
                      narrows the SQL calls to the given ID of objects resulting in fetching
                      Just particular permission we want to obtain. If scope is an empty dict
                      then it basically narrows the scope to GLOBAL permissions only.
                      :param scope: dict
                      """
                      if 'repo_name' in scope:
                          obj = Repository.get_by_repo_name(scope['repo_name'])
                          if obj:
                              scope['repo_id'] = obj.repo_id
                      _scope = {
                          'repo_id': -1,
                          'user_group_id': -1,
                          'repo_group_id': -1,
                      }
                      _scope.update(scope)
                      cache_key = "_".join(map(safe_str, reduce(lambda a, b: a+b,
                                                                _scope.items())))
                      if cache_key not in self._permissions_scoped_cache:
                          # store in cache to mimic how the @LazyProperty works,
                          # the difference here is that we use the unique key calculated
                          # from params and values
                          res = self.get_perms(user=self, cache=False, scope=_scope)
                          self._permissions_scoped_cache[cache_key] = res
                      return self._permissions_scoped_cache[cache_key]
                  def get_instance(self):
                      return User.get(self.user_id)
                  def update_lastactivity(self):
                      if self.user_id:
                          User.get(self.user_id).update_lastactivity()
                  def propagate_data(self):
                      """
                      Fills in user data and propagates values to this instance. Maps fetched
                      user attributes to this class instance attributes
                      """
                      log.debug('AuthUser: starting data propagation for new potential user')
                      user_model = UserModel()
                      anon_user = self.anonymous_user = User.get_default_user(cache=True)
                      is_user_loaded = False
                      # lookup by userid
                      if self.user_id is not None and self.user_id != anon_user.user_id:
                          log.debug('Trying Auth User lookup by USER ID: `%s`', self.user_id)
                          is_user_loaded = user_model.fill_data(self, user_id=self.user_id)
                      # try go get user by api key
                      elif self._api_key and self._api_key != anon_user.api_key:
                          log.debug('Trying Auth User lookup by API KEY: `%s`', self._api_key)
                          is_user_loaded = user_model.fill_data(self, api_key=self._api_key)
                      # lookup by username
                      elif self.username:
                          log.debug('Trying Auth User lookup by USER NAME: `%s`', self.username)
                          is_user_loaded = user_model.fill_data(self, username=self.username)
                      else:
                          log.debug('No data in %s that could been used to log in', self)
                      if not is_user_loaded:
                          log.debug(
                              'Failed to load user. Fallback to default user %s', anon_user)
                          # if we cannot authenticate user try anonymous
                          if anon_user.active:
                              log.debug('default user is active, using it as a session user')
                              user_model.fill_data(self, user_id=anon_user.user_id)
                              # then we set this user is logged in
                              self.is_authenticated = True
                          else:
                              log.debug('default user is NOT active')
                              # in case of disabled anonymous user we reset some of the
                              # parameters so such user is "corrupted", skipping the fill_data
                              for attr in ['user_id', 'username', 'admin', 'active']:
                                  setattr(self, attr, None)
                              self.is_authenticated = False
                      if not self.username:
                          self.username = 'None'
                      log.debug('AuthUser: propagated user is now %s', self)
                  def get_perms(self, user, scope=None, explicit=True, algo='higherwin',
                                calculate_super_admin=False, cache=False):
                      """
                      Fills user permission attribute with permissions taken from database
                      works for permissions given for repositories, and for permissions that
                      are granted to groups
                      :param user: instance of User object from database
                      :param explicit: In case there are permissions both for user and a group
                          that user is part of, explicit flag will defiine if user will
                          explicitly override permissions from group, if it's False it will
                          make decision based on the algo
                      :param algo: algorithm to decide what permission should be choose if
                          it's multiple defined, eg user in two different groups. It also
                          decides if explicit flag is turned off how to specify the permission
                          for case when user is in a group + have defined separate permission
                      """
                      user_id = user.user_id
                      user_is_admin = user.is_admin
                      # inheritance of global permissions like create repo/fork repo etc
                      user_inherit_default_permissions = user.inherit_default_permissions
                      log.debug('Computing PERMISSION tree for scope %s' % (scope, ))
                      compute = caches.conditional_cache(
                          'short_term', 'cache_desc',
                          condition=cache, func=_cached_perms_data)
                      result = compute(user_id, scope, user_is_admin,
                                       user_inherit_default_permissions, explicit, algo,
                                       calculate_super_admin)
                      result_repr = []
                      for k in result:
                          result_repr.append((k, len(result[k])))
                      log.debug('PERMISSION tree computed %s' % (result_repr,))
                      return result
                  @property
                  def is_default(self):
                      return self.username == User.DEFAULT_USER
                  @property
                  def is_admin(self):
                      return self.admin
                  @property
                  def is_user_object(self):
                      return self.user_id is not None
                  @property
                  def repositories_admin(self):
                      """
                      Returns list of repositories you're an admin of
                      """
                      return [
                          x[0] for x in self.permissions['repositories'].iteritems()
                          if x[1] == 'repository.admin']
                  @property
                  def repository_groups_admin(self):
                      """
                      Returns list of repository groups you're an admin of
                      """
                      return [
                          x[0] for x in self.permissions['repositories_groups'].iteritems()
                          if x[1] == 'group.admin']
                  @property
                  def user_groups_admin(self):
                      """
                      Returns list of user groups you're an admin of
                      """
                      return [
                          x[0] for x in self.permissions['user_groups'].iteritems()
                          if x[1] == 'usergroup.admin']
                  def repo_acl_ids(self, perms=None, name_filter=None, cache=False):
                      """
                      Returns list of repository ids that user have access to based on given
                      perms. The cache flag should be only used in cases that are used for
                      display purposes, NOT IN ANY CASE for permission checks.
                      """
                      from rhodecode.model.scm import RepoList
                      if not perms:
                          perms = [
                              'repository.read', 'repository.write', 'repository.admin']
                      def _cached_repo_acl(user_id, perm_def, name_filter):
                          qry = Repository.query()
                          if name_filter:
                              ilike_expression = u'%{}%'.format(safe_unicode(name_filter))
                              qry = qry.filter(
                                  Repository.repo_name.ilike(ilike_expression))
                          return [x.repo_id for x in
                                  RepoList(qry, perm_set=perm_def)]
                      compute = caches.conditional_cache(
                          'long_term', 'repo_acl_ids',
                          condition=cache, func=_cached_repo_acl)
                      return compute(self.user_id, perms, name_filter)
                  def repo_group_acl_ids(self, perms=None, name_filter=None, cache=False):
                      """
                      Returns list of repository group ids that user have access to based on given
                      perms. The cache flag should be only used in cases that are used for
                      display purposes, NOT IN ANY CASE for permission checks.
                      """
                      from rhodecode.model.scm import RepoGroupList
                      if not perms:
                          perms = [
                              'group.read', 'group.write', 'group.admin']
                      def _cached_repo_group_acl(user_id, perm_def, name_filter):
                          qry = RepoGroup.query()
                          if name_filter:
                              ilike_expression = u'%{}%'.format(safe_unicode(name_filter))
                              qry = qry.filter(
                                  RepoGroup.group_name.ilike(ilike_expression))
                          return [x.group_id for x in
                                  RepoGroupList(qry, perm_set=perm_def)]
                      compute = caches.conditional_cache(
                          'long_term', 'repo_group_acl_ids',
                          condition=cache, func=_cached_repo_group_acl)
                      return compute(self.user_id, perms, name_filter)
                  def user_group_acl_ids(self, perms=None, name_filter=None, cache=False):
                      """
                      Returns list of user group ids that user have access to based on given
                      perms. The cache flag should be only used in cases that are used for
                      display purposes, NOT IN ANY CASE for permission checks.
                      """
                      from rhodecode.model.scm import UserGroupList
                      if not perms:
                          perms = [
                              'usergroup.read', 'usergroup.write', 'usergroup.admin']
                      def _cached_user_group_acl(user_id, perm_def, name_filter):
                          qry = UserGroup.query()
                          if name_filter:
                              ilike_expression = u'%{}%'.format(safe_unicode(name_filter))
                              qry = qry.filter(
                                  UserGroup.users_group_name.ilike(ilike_expression))
                          return [x.users_group_id for x in
                                  UserGroupList(qry, perm_set=perm_def)]
                      compute = caches.conditional_cache(
                          'long_term', 'user_group_acl_ids',
                          condition=cache, func=_cached_user_group_acl)
                      return compute(self.user_id, perms, name_filter)
                  @property
                  def ip_allowed(self):
                      """
                      Checks if ip_addr used in constructor is allowed from defined list of
                      allowed ip_addresses for user
                      :returns: boolean, True if ip is in allowed ip range
                      """
                      # check IP
                      inherit = self.inherit_default_permissions
                      return AuthUser.check_ip_allowed(self.user_id, self.ip_addr,
                                                       inherit_from_default=inherit)
                  @property
                  def personal_repo_group(self):
                      return RepoGroup.get_user_personal_repo_group(self.user_id)
+                 @LazyProperty
+                 def feed_token(self):
+                     return self.get_instance().feed_token
                  @classmethod
                  def check_ip_allowed(cls, user_id, ip_addr, inherit_from_default):
                      allowed_ips = AuthUser.get_allowed_ips(
                          user_id, cache=True, inherit_from_default=inherit_from_default)
                      if check_ip_access(source_ip=ip_addr, allowed_ips=allowed_ips):
                          log.debug('IP:%s is in range of %s' % (ip_addr, allowed_ips))
                          return True
                      else:
                          log.info('Access for IP:%s forbidden, '
                                   'not in %s' % (ip_addr, allowed_ips))
                          return False
                  def __repr__(self):
                      return "<AuthUser('id:%s[%s] ip:%s auth:%s')>"\
                          % (self.user_id, self.username, self.ip_addr, self.is_authenticated)
                  def set_authenticated(self, authenticated=True):
                      if self.user_id != self.anonymous_user.user_id:
                          self.is_authenticated = authenticated
                  def get_cookie_store(self):
                      return {
                          'username': self.username,
                          'password': md5(self.password or ''),
                          'user_id': self.user_id,
                          'is_authenticated': self.is_authenticated
                      }
                  @classmethod
                  def from_cookie_store(cls, cookie_store):
                      """
                      Creates AuthUser from a cookie store
                      :param cls:
                      :param cookie_store:
                      """
                      user_id = cookie_store.get('user_id')
                      username = cookie_store.get('username')
                      api_key = cookie_store.get('api_key')
                      return AuthUser(user_id, api_key, username)
                  @classmethod
                  def get_allowed_ips(cls, user_id, cache=False, inherit_from_default=False):
                      _set = set()
                      if inherit_from_default:
                          default_ips = UserIpMap.query().filter(
                              UserIpMap.user == User.get_default_user(cache=True))
                          if cache:
                              default_ips = default_ips.options(
                                  FromCache("sql_cache_short", "get_user_ips_default"))
                          # populate from default user
                          for ip in default_ips:
                              try:
                                  _set.add(ip.ip_addr)
                              except ObjectDeletedError:
                                  # since we use heavy caching sometimes it happens that
                                  # we get deleted objects here, we just skip them
                                  pass
                      user_ips = UserIpMap.query().filter(UserIpMap.user_id == user_id)
                      if cache:
                          user_ips = user_ips.options(
                              FromCache("sql_cache_short", "get_user_ips_%s" % user_id))
                      for ip in user_ips:
                          try:
                              _set.add(ip.ip_addr)
                          except ObjectDeletedError:
                              # since we use heavy caching sometimes it happens that we get
                              # deleted objects here, we just skip them
                              pass
                      return _set or set(['0.0.0.0/0', '::/0'])
              def set_available_permissions(settings):
                  """
                  This function will propagate pyramid settings with all available defined
                  permission given in db. We don't want to check each time from db for new
                  permissions since adding a new permission also requires application restart
                  ie. to decorate new views with the newly created permission
                  :param settings: current pyramid registry.settings
                  """
                  log.debug('auth: getting information about all available permissions')
                  try:
                      sa = meta.Session
                      all_perms = sa.query(Permission).all()
                      settings.setdefault('available_permissions',
                                          [x.permission_name for x in all_perms])
                      log.debug('auth: set available permissions')
                  except Exception:
                      log.exception('Failed to fetch permissions from the database.')
                      raise
              def get_csrf_token(session, force_new=False, save_if_missing=True):
                  """
                  Return the current authentication token, creating one if one doesn't
                  already exist and the save_if_missing flag is present.
                  :param session: pass in the pyramid session, else we use the global ones
                  :param force_new: force to re-generate the token and store it in session
                  :param save_if_missing: save the newly generated token if it's missing in
                      session
                  """
                  # NOTE(marcink): probably should be replaced with below one from pyramid 1.9
                  # from pyramid.csrf import get_csrf_token
                  if (csrf_token_key not in session and save_if_missing) or force_new:
                      token = hashlib.sha1(str(random.getrandbits(128))).hexdigest()
                      session[csrf_token_key] = token
                      if hasattr(session, 'save'):
                          session.save()
                  return session.get(csrf_token_key)
              def get_request(perm_class_instance):
                  from pyramid.threadlocal import get_current_request
                  pyramid_request = get_current_request()
                  return pyramid_request
              # CHECK DECORATORS
              class CSRFRequired(object):
                  """
                  Decorator for authenticating a form
                  This decorator uses an authorization token stored in the client's
                  session for prevention of certain Cross-site request forgery (CSRF)
                  attacks (See
                  http://en.wikipedia.org/wiki/Cross-site_request_forgery for more
                  information).
                  For use with the ``webhelpers.secure_form`` helper functions.
                  """
                  def __init__(self, token=csrf_token_key, header='X-CSRF-Token',
                      except_methods=None):
                      self.token = token
                      self.header = header
                      self.except_methods = except_methods or []
                  def __call__(self, func):
                      return get_cython_compat_decorator(self.__wrapper, func)
                  def _get_csrf(self, _request):
                      return _request.POST.get(self.token, _request.headers.get(self.header))
                  def check_csrf(self, _request, cur_token):
                      supplied_token = self._get_csrf(_request)
                      return supplied_token and supplied_token == cur_token
                  def _get_request(self):
                      return get_request(self)
                  def __wrapper(self, func, *fargs, **fkwargs):
                      request = self._get_request()
                      if request.method in self.except_methods:
                          return func(*fargs, **fkwargs)
                      cur_token = get_csrf_token(request.session, save_if_missing=False)
                      if self.check_csrf(request, cur_token):
                          if request.POST.get(self.token):
                              del request.POST[self.token]
                          return func(*fargs, **fkwargs)
                      else:
                          reason = 'token-missing'
                          supplied_token = self._get_csrf(request)
                          if supplied_token and cur_token != supplied_token:
                              reason = 'token-mismatch [%s:%s]' % (
                                  cur_token or ''[:6], supplied_token or ''[:6])
                          csrf_message = \
                              ("Cross-site request forgery detected, request denied. See "
                               "http://en.wikipedia.org/wiki/Cross-site_request_forgery for "
                               "more information.")
                      log.warn('Cross-site request forgery detected, request %r DENIED: %s '
                               'REMOTE_ADDR:%s, HEADERS:%s' % (
                                   request, reason, request.remote_addr, request.headers))
                      raise HTTPForbidden(explanation=csrf_message)
              class LoginRequired(object):
                  """
                  Must be logged in to execute this function else
                  redirect to login page
                  :param api_access: if enabled this checks only for valid auth token
                      and grants access based on valid token
                  """
                  def __init__(self, auth_token_access=None):
                      self.auth_token_access = auth_token_access
                  def __call__(self, func):
                      return get_cython_compat_decorator(self.__wrapper, func)
                  def _get_request(self):
                      return get_request(self)
                  def __wrapper(self, func, *fargs, **fkwargs):
                      from rhodecode.lib import helpers as h
                      cls = fargs[0]
                      user = cls._rhodecode_user
                      request = self._get_request()
                      _ = request.translate
                      loc = "%s:%s" % (cls.__class__.__name__, func.__name__)
                      log.debug('Starting login restriction checks for user: %s' % (user,))
                      # check if our IP is allowed
                      ip_access_valid = True
                      if not user.ip_allowed:
                          h.flash(h.literal(_('IP %s not allowed' % (user.ip_addr,))),
                                  category='warning')
                          ip_access_valid = False
                      # check if we used an APIKEY and it's a valid one
                      # defined white-list of controllers which API access will be enabled
                      _auth_token = request.GET.get(
                          'auth_token', '') or request.GET.get('api_key', '')
                      auth_token_access_valid = allowed_auth_token_access(
                          loc, auth_token=_auth_token)
                      # explicit controller is enabled or API is in our whitelist
                      if self.auth_token_access or auth_token_access_valid:
                          log.debug('Checking AUTH TOKEN access for %s' % (cls,))
                          db_user = user.get_instance()
                          if db_user:
                              if self.auth_token_access:
                                  roles = self.auth_token_access
                              else:
                                  roles = [UserApiKeys.ROLE_HTTP]
                              token_match = db_user.authenticate_by_token(
                                  _auth_token, roles=roles)
                          else:
                              log.debug('Unable to fetch db instance for auth user: %s', user)
                              token_match = False
                          if _auth_token and token_match:
                              auth_token_access_valid = True
                              log.debug('AUTH TOKEN ****%s is VALID' % (_auth_token[-4:],))
                          else:
                              auth_token_access_valid = False
                              if not _auth_token:
                                  log.debug("AUTH TOKEN *NOT* present in request")
                              else:
                                  log.warning(
                                      "AUTH TOKEN ****%s *NOT* valid" % _auth_token[-4:])
                      log.debug('Checking if %s is authenticated @ %s' % (user.username, loc))
                      reason = 'RHODECODE_AUTH' if user.is_authenticated \
                          else 'AUTH_TOKEN_AUTH'
                      if ip_access_valid and (
                              user.is_authenticated or auth_token_access_valid):
                          log.info(
                              'user %s authenticating with:%s IS authenticated on func %s'
                              % (user, reason, loc))
                          # update user data to check last activity
                          user.update_lastactivity()
                          Session().commit()
                          return func(*fargs, **fkwargs)
                      else:
                          log.warning(
                              'user %s authenticating with:%s NOT authenticated on '
                              'func: %s: IP_ACCESS:%s AUTH_TOKEN_ACCESS:%s'
                              % (user, reason, loc, ip_access_valid,
                                 auth_token_access_valid))
                          # we preserve the get PARAM
                          came_from = get_came_from(request)
                          log.debug('redirecting to login page with %s' % (came_from,))
                          raise HTTPFound(
                              h.route_path('login', _query={'came_from': came_from}))
              class NotAnonymous(object):
                  """
                  Must be logged in to execute this function else
                  redirect to login page
                  """
                  def __call__(self, func):
                      return get_cython_compat_decorator(self.__wrapper, func)
                  def _get_request(self):
                      return get_request(self)
                  def __wrapper(self, func, *fargs, **fkwargs):
                      import rhodecode.lib.helpers as h
                      cls = fargs[0]
                      self.user = cls._rhodecode_user
                      request = self._get_request()
                      _ = request.translate
                      log.debug('Checking if user is not anonymous @%s' % cls)
                      anonymous = self.user.username == User.DEFAULT_USER
                      if anonymous:
                          came_from = get_came_from(request)
                          h.flash(_('You need to be a registered user to '
                                    'perform this action'),
                                  category='warning')
                          raise HTTPFound(
                              h.route_path('login', _query={'came_from': came_from}))
                      else:
                          return func(*fargs, **fkwargs)
              class PermsDecorator(object):
                  """
                  Base class for controller decorators, we extract the current user from
                  the class itself, which has it stored in base controllers
                  """
                  def __init__(self, *required_perms):
                      self.required_perms = set(required_perms)
                  def __call__(self, func):
                      return get_cython_compat_decorator(self.__wrapper, func)
                  def _get_request(self):
                      return get_request(self)
                  def __wrapper(self, func, *fargs, **fkwargs):
                      import rhodecode.lib.helpers as h
                      cls = fargs[0]
                      _user = cls._rhodecode_user
                      request = self._get_request()
                      _ = request.translate
                      log.debug('checking %s permissions %s for %s %s',
                                self.__class__.__name__, self.required_perms, cls, _user)
                      if self.check_permissions(_user):
                          log.debug('Permission granted for %s %s', cls, _user)
                          return func(*fargs, **fkwargs)
                      else:
                          log.debug('Permission denied for %s %s', cls, _user)
                          anonymous = _user.username == User.DEFAULT_USER
                          if anonymous:
                              came_from = get_came_from(self._get_request())
                              h.flash(_('You need to be signed in to view this page'),
                                      category='warning')
                              raise HTTPFound(
                                  h.route_path('login', _query={'came_from': came_from}))
                          else:
                              # redirect with 404 to prevent resource discovery
                              raise HTTPNotFound()
                  def check_permissions(self, user):
                      """Dummy function for overriding"""
                      raise NotImplementedError(
                          'You have to write this function in child class')
              class HasPermissionAllDecorator(PermsDecorator):
                  """
                  Checks for access permission for all given predicates. All of them
                  have to be meet in order to fulfill the request
                  """
                  def check_permissions(self, user):
                      perms = user.permissions_with_scope({})
                      if self.required_perms.issubset(perms['global']):
                          return True
                      return False
              class HasPermissionAnyDecorator(PermsDecorator):
                  """
                  Checks for access permission for any of given predicates. In order to
                  fulfill the request any of predicates must be meet
                  """
                  def check_permissions(self, user):
                      perms = user.permissions_with_scope({})
                      if self.required_perms.intersection(perms['global']):
                          return True
                      return False
              class HasRepoPermissionAllDecorator(PermsDecorator):
                  """
                  Checks for access permission for all given predicates for specific
                  repository. All of them have to be meet in order to fulfill the request
                  """
                  def _get_repo_name(self):
                      _request = self._get_request()
                      return get_repo_slug(_request)
                  def check_permissions(self, user):
                      perms = user.permissions
                      repo_name = self._get_repo_name()
                      try:
                          user_perms = set([perms['repositories'][repo_name]])
                      except KeyError:
                          log.debug('cannot locate repo with name: `%s` in permissions defs',
                                    repo_name)
                          return False
                      log.debug('checking `%s` permissions for repo `%s`',
                                user_perms, repo_name)
                      if self.required_perms.issubset(user_perms):
                          return True
                      return False
              class HasRepoPermissionAnyDecorator(PermsDecorator):
                  """
                  Checks for access permission for any of given predicates for specific
                  repository. In order to fulfill the request any of predicates must be meet
                  """
                  def _get_repo_name(self):
                      _request = self._get_request()
                      return get_repo_slug(_request)
                  def check_permissions(self, user):
                      perms = user.permissions
                      repo_name = self._get_repo_name()
                      try:
                          user_perms = set([perms['repositories'][repo_name]])
                      except KeyError:
                          log.debug(
                              'cannot locate repo with name: `%s` in permissions defs',
                              repo_name)
                          return False
                      log.debug('checking `%s` permissions for repo `%s`',
                                user_perms, repo_name)
                      if self.required_perms.intersection(user_perms):
                          return True
                      return False
              class HasRepoGroupPermissionAllDecorator(PermsDecorator):
                  """
                  Checks for access permission for all given predicates for specific
                  repository group. All of them have to be meet in order to
                  fulfill the request
                  """
                  def _get_repo_group_name(self):
                      _request = self._get_request()
                      return get_repo_group_slug(_request)
                  def check_permissions(self, user):
                      perms = user.permissions
                      group_name = self._get_repo_group_name()
                      try:
                          user_perms = set([perms['repositories_groups'][group_name]])
                      except KeyError:
                          log.debug(
                              'cannot locate repo group with name: `%s` in permissions defs',
                              group_name)
                          return False
                      log.debug('checking `%s` permissions for repo group `%s`',
                                user_perms, group_name)
                      if self.required_perms.issubset(user_perms):
                          return True
                      return False
              class HasRepoGroupPermissionAnyDecorator(PermsDecorator):
                  """
                  Checks for access permission for any of given predicates for specific
                  repository group. In order to fulfill the request any
                  of predicates must be met
                  """
                  def _get_repo_group_name(self):
                      _request = self._get_request()
                      return get_repo_group_slug(_request)
                  def check_permissions(self, user):
                      perms = user.permissions
                      group_name = self._get_repo_group_name()
                      try:
                          user_perms = set([perms['repositories_groups'][group_name]])
                      except KeyError:
                          log.debug(
                              'cannot locate repo group with name: `%s` in permissions defs',
                              group_name)
                          return False
                      log.debug('checking `%s` permissions for repo group `%s`',
                                user_perms, group_name)
                      if self.required_perms.intersection(user_perms):
                          return True
                      return False
              class HasUserGroupPermissionAllDecorator(PermsDecorator):
                  """
                  Checks for access permission for all given predicates for specific
                  user group. All of them have to be meet in order to fulfill the request
                  """
                  def _get_user_group_name(self):
                      _request = self._get_request()
                      return get_user_group_slug(_request)
                  def check_permissions(self, user):
                      perms = user.permissions
                      group_name = self._get_user_group_name()
                      try:
                          user_perms = set([perms['user_groups'][group_name]])
                      except KeyError:
                          return False
                      if self.required_perms.issubset(user_perms):
                          return True
                      return False
              class HasUserGroupPermissionAnyDecorator(PermsDecorator):
                  """
                  Checks for access permission for any of given predicates for specific
                  user group. In order to fulfill the request any of predicates must be meet
                  """
                  def _get_user_group_name(self):
                      _request = self._get_request()
                      return get_user_group_slug(_request)
                  def check_permissions(self, user):
                      perms = user.permissions
                      group_name = self._get_user_group_name()
                      try:
                          user_perms = set([perms['user_groups'][group_name]])
                      except KeyError:
                          return False
                      if self.required_perms.intersection(user_perms):
                          return True
                      return False
              # CHECK FUNCTIONS
              class PermsFunction(object):
                  """Base function for other check functions"""
                  def __init__(self, *perms):
                      self.required_perms = set(perms)
                      self.repo_name = None
                      self.repo_group_name = None
                      self.user_group_name = None
                  def __bool__(self):
                      frame = inspect.currentframe()
                      stack_trace = traceback.format_stack(frame)
                      log.error('Checking bool value on a class instance of perm '
                                'function is not allowed: %s' % ''.join(stack_trace))
                      # rather than throwing errors, here we always return False so if by
                      # accident someone checks truth for just an instance it will always end
                      # up in returning False
                      return False
                  __nonzero__ = __bool__
                  def __call__(self, check_location='', user=None):
                      if not user:
                          log.debug('Using user attribute from global request')
                          # TODO: remove this someday,put as user as attribute here
                          request = self._get_request()
                          user = request.user
                      # init auth user if not already given
                      if not isinstance(user, AuthUser):
                          log.debug('Wrapping user %s into AuthUser', user)
                          user = AuthUser(user.user_id)
                      cls_name = self.__class__.__name__
                      check_scope = self._get_check_scope(cls_name)
                      check_location = check_location or 'unspecified location'
                      log.debug('checking cls:%s %s usr:%s %s @ %s', cls_name,
                                self.required_perms, user, check_scope, check_location)
                      if not user:
                          log.warning('Empty user given for permission check')
                          return False
                      if self.check_permissions(user):
                          log.debug('Permission to repo:`%s` GRANTED for user:`%s` @ %s',
                                    check_scope, user, check_location)
                          return True
                      else:
                          log.debug('Permission to repo:`%s` DENIED for user:`%s` @ %s',
                                    check_scope, user, check_location)
                          return False
                  def _get_request(self):
                      return get_request(self)
                  def _get_check_scope(self, cls_name):
                      return {
                          'HasPermissionAll':          'GLOBAL',
                          'HasPermissionAny':          'GLOBAL',
                          'HasRepoPermissionAll':      'repo:%s' % self.repo_name,
                          'HasRepoPermissionAny':      'repo:%s' % self.repo_name,
                          'HasRepoGroupPermissionAll': 'repo_group:%s' % self.repo_group_name,
                          'HasRepoGroupPermissionAny': 'repo_group:%s' % self.repo_group_name,
                          'HasUserGroupPermissionAll': 'user_group:%s' % self.user_group_name,
                          'HasUserGroupPermissionAny': 'user_group:%s' % self.user_group_name,
                      }.get(cls_name, '?:%s' % cls_name)
                  def check_permissions(self, user):
                      """Dummy function for overriding"""
                      raise Exception('You have to write this function in child class')
              class HasPermissionAll(PermsFunction):
                  def check_permissions(self, user):
                      perms = user.permissions_with_scope({})
                      if self.required_perms.issubset(perms.get('global')):
                          return True
                      return False
              class HasPermissionAny(PermsFunction):
                  def check_permissions(self, user):
                      perms = user.permissions_with_scope({})
                      if self.required_perms.intersection(perms.get('global')):
                          return True
                      return False
              class HasRepoPermissionAll(PermsFunction):
                  def __call__(self, repo_name=None, check_location='', user=None):
                      self.repo_name = repo_name
                      return super(HasRepoPermissionAll, self).__call__(check_location, user)
                  def _get_repo_name(self):
                      if not self.repo_name:
                          _request = self._get_request()
                          self.repo_name = get_repo_slug(_request)
                      return self.repo_name
                  def check_permissions(self, user):
                      self.repo_name = self._get_repo_name()
                      perms = user.permissions
                      try:
                          user_perms = set([perms['repositories'][self.repo_name]])
                      except KeyError:
                          return False
                      if self.required_perms.issubset(user_perms):
                          return True
                      return False
              class HasRepoPermissionAny(PermsFunction):
                  def __call__(self, repo_name=None, check_location='', user=None):
                      self.repo_name = repo_name
                      return super(HasRepoPermissionAny, self).__call__(check_location, user)
                  def _get_repo_name(self):
                      if not self.repo_name:
                          _request = self._get_request()
                          self.repo_name = get_repo_slug(_request)
                      return self.repo_name
                  def check_permissions(self, user):
                      self.repo_name = self._get_repo_name()
                      perms = user.permissions
                      try:
                          user_perms = set([perms['repositories'][self.repo_name]])
                      except KeyError:
                          return False
                      if self.required_perms.intersection(user_perms):
                          return True
                      return False
              class HasRepoGroupPermissionAny(PermsFunction):
                  def __call__(self, group_name=None, check_location='', user=None):
                      self.repo_group_name = group_name
                      return super(HasRepoGroupPermissionAny, self).__call__(
                          check_location, user)
                  def check_permissions(self, user):
                      perms = user.permissions
                      try:
                          user_perms = set(
                              [perms['repositories_groups'][self.repo_group_name]])
                      except KeyError:
                          return False
                      if self.required_perms.intersection(user_perms):
                          return True
                      return False
              class HasRepoGroupPermissionAll(PermsFunction):
                  def __call__(self, group_name=None, check_location='', user=None):
                      self.repo_group_name = group_name
                      return super(HasRepoGroupPermissionAll, self).__call__(
                          check_location, user)
                  def check_permissions(self, user):
                      perms = user.permissions
                      try:
                          user_perms = set(
                              [perms['repositories_groups'][self.repo_group_name]])
                      except KeyError:
                          return False
                      if self.required_perms.issubset(user_perms):
                          return True
                      return False
              class HasUserGroupPermissionAny(PermsFunction):
                  def __call__(self, user_group_name=None, check_location='', user=None):
                      self.user_group_name = user_group_name
                      return super(HasUserGroupPermissionAny, self).__call__(
                          check_location, user)
                  def check_permissions(self, user):
                      perms = user.permissions
                      try:
                          user_perms = set([perms['user_groups'][self.user_group_name]])
                      except KeyError:
                          return False
                      if self.required_perms.intersection(user_perms):
                          return True
                      return False
              class HasUserGroupPermissionAll(PermsFunction):
                  def __call__(self, user_group_name=None, check_location='', user=None):
                      self.user_group_name = user_group_name
                      return super(HasUserGroupPermissionAll, self).__call__(
                          check_location, user)
                  def check_permissions(self, user):
                      perms = user.permissions
                      try:
                          user_perms = set([perms['user_groups'][self.user_group_name]])
                      except KeyError:
                          return False
                      if self.required_perms.issubset(user_perms):
                          return True
                      return False
              # SPECIAL VERSION TO HANDLE MIDDLEWARE AUTH
              class HasPermissionAnyMiddleware(object):
                  def __init__(self, *perms):
                      self.required_perms = set(perms)
                  def __call__(self, user, repo_name):
                      # repo_name MUST be unicode, since we handle keys in permission
                      # dict by unicode
                      repo_name = safe_unicode(repo_name)
                      user = AuthUser(user.user_id)
                      log.debug(
                          'Checking VCS protocol permissions %s for user:%s repo:`%s`',
                          self.required_perms, user, repo_name)
                      if self.check_permissions(user, repo_name):
                          log.debug('Permission to repo:`%s` GRANTED for user:%s @ %s',
                                    repo_name, user, 'PermissionMiddleware')
                          return True
                      else:
                          log.debug('Permission to repo:`%s` DENIED for user:%s @ %s',
                                    repo_name, user, 'PermissionMiddleware')
                          return False
                  def check_permissions(self, user, repo_name):
                      perms = user.permissions_with_scope({'repo_name': repo_name})
                      try:
                          user_perms = set([perms['repositories'][repo_name]])
                      except Exception:
                          log.exception('Error while accessing user permissions')
                          return False
                      if self.required_perms.intersection(user_perms):
                          return True
                      return False
              # SPECIAL VERSION TO HANDLE API AUTH
              class _BaseApiPerm(object):
                  def __init__(self, *perms):
                      self.required_perms = set(perms)
                  def __call__(self, check_location=None, user=None, repo_name=None,
                               group_name=None, user_group_name=None):
                      cls_name = self.__class__.__name__
                      check_scope = 'global:%s' % (self.required_perms,)
                      if repo_name:
                          check_scope += ', repo_name:%s' % (repo_name,)
                      if group_name:
                          check_scope += ', repo_group_name:%s' % (group_name,)
                      if user_group_name:
                          check_scope += ', user_group_name:%s' % (user_group_name,)
                      log.debug(
                          'checking cls:%s %s %s @ %s'
                          % (cls_name, self.required_perms, check_scope, check_location))
                      if not user:
                          log.debug('Empty User passed into arguments')
                          return False
                      # process user
                      if not isinstance(user, AuthUser):
                          user = AuthUser(user.user_id)
                      if not check_location:
                          check_location = 'unspecified'
                      if self.check_permissions(user.permissions, repo_name, group_name,
                                                user_group_name):
                          log.debug('Permission to repo:`%s` GRANTED for user:`%s` @ %s',
                                    check_scope, user, check_location)
                          return True
                      else:
                          log.debug('Permission to repo:`%s` DENIED for user:`%s` @ %s',
                                    check_scope, user, check_location)
                          return False
                  def check_permissions(self, perm_defs, repo_name=None, group_name=None,
                                        user_group_name=None):
                      """
                      implement in child class should return True if permissions are ok,
                      False otherwise
                      :param perm_defs: dict with permission definitions
                      :param repo_name: repo name
                      """
                      raise NotImplementedError()
              class HasPermissionAllApi(_BaseApiPerm):
                  def check_permissions(self, perm_defs, repo_name=None, group_name=None,
                                        user_group_name=None):
                      if self.required_perms.issubset(perm_defs.get('global')):
                          return True
                      return False
              class HasPermissionAnyApi(_BaseApiPerm):
                  def check_permissions(self, perm_defs, repo_name=None, group_name=None,
                                        user_group_name=None):
                      if self.required_perms.intersection(perm_defs.get('global')):
                          return True
                      return False
              class HasRepoPermissionAllApi(_BaseApiPerm):
                  def check_permissions(self, perm_defs, repo_name=None, group_name=None,
                                        user_group_name=None):
                      try:
                          _user_perms = set([perm_defs['repositories'][repo_name]])
                      except KeyError:
                          log.warning(traceback.format_exc())
                          return False
                      if self.required_perms.issubset(_user_perms):
                          return True
                      return False
              class HasRepoPermissionAnyApi(_BaseApiPerm):
                  def check_permissions(self, perm_defs, repo_name=None, group_name=None,
                                        user_group_name=None):
                      try:
                          _user_perms = set([perm_defs['repositories'][repo_name]])
                      except KeyError:
                          log.warning(traceback.format_exc())
                          return False
                      if self.required_perms.intersection(_user_perms):
                          return True
                      return False
              class HasRepoGroupPermissionAnyApi(_BaseApiPerm):
                  def check_permissions(self, perm_defs, repo_name=None, group_name=None,
                                        user_group_name=None):
                      try:
                          _user_perms = set([perm_defs['repositories_groups'][group_name]])
                      except KeyError:
                          log.warning(traceback.format_exc())
                          return False
                      if self.required_perms.intersection(_user_perms):
                          return True
                      return False
              class HasRepoGroupPermissionAllApi(_BaseApiPerm):
                  def check_permissions(self, perm_defs, repo_name=None, group_name=None,
                                        user_group_name=None):
                      try:
                          _user_perms = set([perm_defs['repositories_groups'][group_name]])
                      except KeyError:
                          log.warning(traceback.format_exc())
                          return False
                      if self.required_perms.issubset(_user_perms):
                          return True
                      return False
              class HasUserGroupPermissionAnyApi(_BaseApiPerm):
                  def check_permissions(self, perm_defs, repo_name=None, group_name=None,
                                        user_group_name=None):
                      try:
                          _user_perms = set([perm_defs['user_groups'][user_group_name]])
                      except KeyError:
                          log.warning(traceback.format_exc())
                          return False
                      if self.required_perms.intersection(_user_perms):
                          return True
                      return False
              def check_ip_access(source_ip, allowed_ips=None):
                  """
                  Checks if source_ip is a subnet of any of allowed_ips.
                  :param source_ip:
                  :param allowed_ips: list of allowed ips together with mask
                  """
                  log.debug('checking if ip:%s is subnet of %s' % (source_ip, allowed_ips))
                  source_ip_address = ipaddress.ip_address(safe_unicode(source_ip))
                  if isinstance(allowed_ips, (tuple, list, set)):
                      for ip in allowed_ips:
                          ip = safe_unicode(ip)
                          try:
                              network_address = ipaddress.ip_network(ip, strict=False)
                              if source_ip_address in network_address:
                                  log.debug('IP %s is network %s' %
                                            (source_ip_address, network_address))
                                  return True
                              # for any case we cannot determine the IP, don't crash just
                              # skip it and log as error, we want to say forbidden still when
                              # sending bad IP
                          except Exception:
                              log.error(traceback.format_exc())
                              continue
                  return False
              def get_cython_compat_decorator(wrapper, func):
                  """
                  Creates a cython compatible decorator. The previously used
                  decorator.decorator() function seems to be incompatible with cython.
                  :param wrapper: __wrapper method of the decorator class
                  :param func: decorated function
                  """
                  @wraps(func)
                  def local_wrapper(*args, **kwds):
                      return wrapper(func, *args, **kwds)
                  local_wrapper.__wrapped__ = func
                  return local_wrapper

rhodecode/model/db.py

0 +8 -4

              # -*- coding: utf-8 -*-
              # Copyright (C) 2010-2017 RhodeCode GmbH
              #
              # This program is free software: you can redistribute it and/or modify
              # it under the terms of the GNU Affero General Public License, version 3
              # (only), as published by the Free Software Foundation.
              #
              # This program is distributed in the hope that it will be useful,
              # but WITHOUT ANY WARRANTY; without even the implied warranty of
              # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
              # GNU General Public License for more details.
              #
              # You should have received a copy of the GNU Affero General Public License
              # along with this program.  If not, see <http://www.gnu.org/licenses/>.
              #
              # This program is dual-licensed. If you wish to learn more about the
              # RhodeCode Enterprise Edition, including its added features, Support services,
              # and proprietary license terms, please see https://rhodecode.com/licenses/
              """
              Database Models for RhodeCode Enterprise
              """
              import re
              import os
              import time
              import hashlib
              import logging
              import datetime
              import warnings
              import ipaddress
              import functools
              import traceback
              import collections
              from sqlalchemy import (
                  or_, and_, not_, func, TypeDecorator, event,
                  Index, Sequence, UniqueConstraint, ForeignKey, CheckConstraint, Column,
                  Boolean, String, Unicode, UnicodeText, DateTime, Integer, LargeBinary,
                  Text, Float, PickleType)
              from sqlalchemy.sql.expression import true, false
              from sqlalchemy.sql.functions import coalesce, count  # noqa
              from sqlalchemy.orm import (
                  relationship, joinedload, class_mapper, validates, aliased)
              from sqlalchemy.ext.declarative import declared_attr
              from sqlalchemy.ext.hybrid import hybrid_property
              from sqlalchemy.exc import IntegrityError  # noqa
              from sqlalchemy.dialects.mysql import LONGTEXT
              from beaker.cache import cache_region
              from zope.cachedescriptors.property import Lazy as LazyProperty
              from pyramid.threadlocal import get_current_request
              from rhodecode.translation import _
              from rhodecode.lib.vcs import get_vcs_instance
              from rhodecode.lib.vcs.backends.base import EmptyCommit, Reference
              from rhodecode.lib.utils2 import (
                  str2bool, safe_str, get_commit_safe, safe_unicode, md5_safe,
                  time_to_datetime, aslist, Optional, safe_int, get_clone_url, AttributeDict,
                  glob2re, StrictAttributeDict, cleaned_uri)
              from rhodecode.lib.jsonalchemy import MutationObj, MutationList, JsonType, \
                  JsonRaw
              from rhodecode.lib.ext_json import json
              from rhodecode.lib.caching_query import FromCache
              from rhodecode.lib.encrypt import AESCipher
              from rhodecode.model.meta import Base, Session
              URL_SEP = '/'
              log = logging.getLogger(__name__)
              # =============================================================================
              # BASE CLASSES
              # =============================================================================
              # this is propagated from .ini file rhodecode.encrypted_values.secret or
              # beaker.session.secret if first is not set.
              # and initialized at environment.py
              ENCRYPTION_KEY = None
              # used to sort permissions by types, '#' used here is not allowed to be in
              # usernames, and it's very early in sorted string.printable table.
              PERMISSION_TYPE_SORT = {
                  'admin': '####',
                  'write': '###',
                  'read':  '##',
                  'none':  '#',
              }
              def display_user_sort(obj):
                  """
                  Sort function used to sort permissions in .permissions() function of
                  Repository, RepoGroup, UserGroup. Also it put the default user in front
                  of all other resources
                  """
                  if obj.username == User.DEFAULT_USER:
                      return '#####'
                  prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
                  return prefix + obj.username
              def display_user_group_sort(obj):
                  """
                  Sort function used to sort permissions in .permissions() function of
                  Repository, RepoGroup, UserGroup. Also it put the default user in front
                  of all other resources
                  """
                  prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
                  return prefix + obj.users_group_name
              def _hash_key(k):
                  return md5_safe(k)
              def in_filter_generator(qry, items, limit=500):
                  """
                  Splits IN() into multiple with OR
                  e.g.::
                  cnt = Repository.query().filter(
                      or_(
                          *in_filter_generator(Repository.repo_id, range(100000))
                      )).count()
                  """
                  if not items:
                      # empty list will cause empty query which might cause security issues
                      # this can lead to hidden unpleasant results
                      items = [-1]
                  parts = []
                  for chunk in xrange(0, len(items), limit):
                      parts.append(
                          qry.in_(items[chunk: chunk + limit])
                      )
                  return parts
              class EncryptedTextValue(TypeDecorator):
                  """
                  Special column for encrypted long text data, use like::
                      value = Column("encrypted_value", EncryptedValue(), nullable=False)
                  This column is intelligent so if value is in unencrypted form it return
                  unencrypted form, but on save it always encrypts
                  """
                  impl = Text
                  def process_bind_param(self, value, dialect):
                      if not value:
                          return value
                      if value.startswith('enc$aes$') or value.startswith('enc$aes_hmac$'):
                          # protect against double encrypting if someone manually starts
                          # doing
                          raise ValueError('value needs to be in unencrypted format, ie. '
                                           'not starting with enc$aes')
                      return 'enc$aes_hmac$%s' % AESCipher(
                          ENCRYPTION_KEY, hmac=True).encrypt(value)
                  def process_result_value(self, value, dialect):
                      import rhodecode
                      if not value:
                          return value
                      parts = value.split('$', 3)
                      if not len(parts) == 3:
                          # probably not encrypted values
                          return value
                      else:
                          if parts[0] != 'enc':
                              # parts ok but without our header ?
                              return value
                          enc_strict_mode = str2bool(rhodecode.CONFIG.get(
                              'rhodecode.encrypted_values.strict') or True)
                          # at that stage we know it's our encryption
                          if parts[1] == 'aes':
                              decrypted_data = AESCipher(ENCRYPTION_KEY).decrypt(parts[2])
                          elif parts[1] == 'aes_hmac':
                              decrypted_data = AESCipher(
                                  ENCRYPTION_KEY, hmac=True,
                                  strict_verification=enc_strict_mode).decrypt(parts[2])
                          else:
                              raise ValueError(
                                  'Encryption type part is wrong, must be `aes` '
                                  'or `aes_hmac`, got `%s` instead' % (parts[1]))
                          return decrypted_data
              class BaseModel(object):
                  """
                  Base Model for all classes
                  """
                  @classmethod
                  def _get_keys(cls):
                      """return column names for this model """
                      return class_mapper(cls).c.keys()
                  def get_dict(self):
                      """
                      return dict with keys and values corresponding
                      to this model data """
                      d = {}
                      for k in self._get_keys():
                          d[k] = getattr(self, k)
                      # also use __json__() if present to get additional fields
                      _json_attr = getattr(self, '__json__', None)
                      if _json_attr:
                          # update with attributes from __json__
                          if callable(_json_attr):
                              _json_attr = _json_attr()
                          for k, val in _json_attr.iteritems():
                              d[k] = val
                      return d
                  def get_appstruct(self):
                      """return list with keys and values tuples corresponding
                      to this model data """
                      lst = []
                      for k in self._get_keys():
                          lst.append((k, getattr(self, k),))
                      return lst
                  def populate_obj(self, populate_dict):
                      """populate model with data from given populate_dict"""
                      for k in self._get_keys():
                          if k in populate_dict:
                              setattr(self, k, populate_dict[k])
                  @classmethod
                  def query(cls):
                      return Session().query(cls)
                  @classmethod
                  def get(cls, id_):
                      if id_:
                          return cls.query().get(id_)
                  @classmethod
                  def get_or_404(cls, id_):
                      from pyramid.httpexceptions import HTTPNotFound
                      try:
                          id_ = int(id_)
                      except (TypeError, ValueError):
                          raise HTTPNotFound()
                      res = cls.query().get(id_)
                      if not res:
                          raise HTTPNotFound()
                      return res
                  @classmethod
                  def getAll(cls):
                      # deprecated and left for backward compatibility
                      return cls.get_all()
                  @classmethod
                  def get_all(cls):
                      return cls.query().all()
                  @classmethod
                  def delete(cls, id_):
                      obj = cls.query().get(id_)
                      Session().delete(obj)
                  @classmethod
                  def identity_cache(cls, session, attr_name, value):
                      exist_in_session = []
                      for (item_cls, pkey), instance in session.identity_map.items():
                          if cls == item_cls and getattr(instance, attr_name) == value:
                              exist_in_session.append(instance)
                      if exist_in_session:
                          if len(exist_in_session) == 1:
                              return exist_in_session[0]
                          log.exception(
                              'multiple objects with attr %s and '
                              'value %s found with same name: %r',
                              attr_name, value, exist_in_session)
                  def __repr__(self):
                      if hasattr(self, '__unicode__'):
                          # python repr needs to return str
                          try:
                              return safe_str(self.__unicode__())
                          except UnicodeDecodeError:
                              pass
                      return '<DB:%s>' % (self.__class__.__name__)
              class RhodeCodeSetting(Base, BaseModel):
                  __tablename__ = 'rhodecode_settings'
                  __table_args__ = (
                      UniqueConstraint('app_settings_name'),
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                  )
                  SETTINGS_TYPES = {
                      'str': safe_str,
                      'int': safe_int,
                      'unicode': safe_unicode,
                      'bool': str2bool,
                      'list': functools.partial(aslist, sep=',')
                  }
                  DEFAULT_UPDATE_URL = 'https://rhodecode.com/api/v1/info/versions'
                  GLOBAL_CONF_KEY = 'app_settings'
                  app_settings_id = Column("app_settings_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                  app_settings_name = Column("app_settings_name", String(255), nullable=True, unique=None, default=None)
                  _app_settings_value = Column("app_settings_value", String(4096), nullable=True, unique=None, default=None)
                  _app_settings_type = Column("app_settings_type", String(255), nullable=True, unique=None, default=None)
                  def __init__(self, key='', val='', type='unicode'):
                      self.app_settings_name = key
                      self.app_settings_type = type
                      self.app_settings_value = val
                  @validates('_app_settings_value')
                  def validate_settings_value(self, key, val):
                      assert type(val) == unicode
                      return val
                  @hybrid_property
                  def app_settings_value(self):
                      v = self._app_settings_value
                      _type = self.app_settings_type
                      if _type:
                          _type = self.app_settings_type.split('.')[0]
                          # decode the encrypted value
                          if 'encrypted' in self.app_settings_type:
                              cipher = EncryptedTextValue()
                              v = safe_unicode(cipher.process_result_value(v, None))
                      converter = self.SETTINGS_TYPES.get(_type) or \
                          self.SETTINGS_TYPES['unicode']
                      return converter(v)
                  @app_settings_value.setter
                  def app_settings_value(self, val):
                      """
                      Setter that will always make sure we use unicode in app_settings_value
                      :param val:
                      """
                      val = safe_unicode(val)
                      # encode the encrypted value
                      if 'encrypted' in self.app_settings_type:
                          cipher = EncryptedTextValue()
                          val = safe_unicode(cipher.process_bind_param(val, None))
                      self._app_settings_value = val
                  @hybrid_property
                  def app_settings_type(self):
                      return self._app_settings_type
                  @app_settings_type.setter
                  def app_settings_type(self, val):
                      if val.split('.')[0] not in self.SETTINGS_TYPES:
                          raise Exception('type must be one of %s got %s'
                                          % (self.SETTINGS_TYPES.keys(), val))
                      self._app_settings_type = val
                  def __unicode__(self):
                      return u"<%s('%s:%s[%s]')>" % (
                          self.__class__.__name__,
                          self.app_settings_name, self.app_settings_value,
                          self.app_settings_type
                      )
              class RhodeCodeUi(Base, BaseModel):
                  __tablename__ = 'rhodecode_ui'
                  __table_args__ = (
                      UniqueConstraint('ui_key'),
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                  )
                  HOOK_REPO_SIZE = 'changegroup.repo_size'
                  # HG
                  HOOK_PRE_PULL = 'preoutgoing.pre_pull'
                  HOOK_PULL = 'outgoing.pull_logger'
                  HOOK_PRE_PUSH = 'prechangegroup.pre_push'
                  HOOK_PRETX_PUSH = 'pretxnchangegroup.pre_push'
                  HOOK_PUSH = 'changegroup.push_logger'
                  HOOK_PUSH_KEY = 'pushkey.key_push'
                  # TODO: johbo: Unify way how hooks are configured for git and hg,
                  # git part is currently hardcoded.
                  # SVN PATTERNS
                  SVN_BRANCH_ID = 'vcs_svn_branch'
                  SVN_TAG_ID = 'vcs_svn_tag'
                  ui_id = Column(
                      "ui_id", Integer(), nullable=False, unique=True, default=None,
                      primary_key=True)
                  ui_section = Column(
                      "ui_section", String(255), nullable=True, unique=None, default=None)
                  ui_key = Column(
                      "ui_key", String(255), nullable=True, unique=None, default=None)
                  ui_value = Column(
                      "ui_value", String(255), nullable=True, unique=None, default=None)
                  ui_active = Column(
                      "ui_active", Boolean(), nullable=True, unique=None, default=True)
                  def __repr__(self):
                      return '<%s[%s]%s=>%s]>' % (self.__class__.__name__, self.ui_section,
                                                  self.ui_key, self.ui_value)
              class RepoRhodeCodeSetting(Base, BaseModel):
                  __tablename__ = 'repo_rhodecode_settings'
                  __table_args__ = (
                      UniqueConstraint(
                          'app_settings_name', 'repository_id',
                          name='uq_repo_rhodecode_setting_name_repo_id'),
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                  )
                  repository_id = Column(
                      "repository_id", Integer(), ForeignKey('repositories.repo_id'),
                      nullable=False)
                  app_settings_id = Column(
                      "app_settings_id", Integer(), nullable=False, unique=True,
                      default=None, primary_key=True)
                  app_settings_name = Column(
                      "app_settings_name", String(255), nullable=True, unique=None,
                      default=None)
                  _app_settings_value = Column(
                      "app_settings_value", String(4096), nullable=True, unique=None,
                      default=None)
                  _app_settings_type = Column(
                      "app_settings_type", String(255), nullable=True, unique=None,
                      default=None)
                  repository = relationship('Repository')
                  def __init__(self, repository_id, key='', val='', type='unicode'):
                      self.repository_id = repository_id
                      self.app_settings_name = key
                      self.app_settings_type = type
                      self.app_settings_value = val
                  @validates('_app_settings_value')
                  def validate_settings_value(self, key, val):
                      assert type(val) == unicode
                      return val
                  @hybrid_property
                  def app_settings_value(self):
                      v = self._app_settings_value
                      type_ = self.app_settings_type
                      SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
                      converter = SETTINGS_TYPES.get(type_) or SETTINGS_TYPES['unicode']
                      return converter(v)
                  @app_settings_value.setter
                  def app_settings_value(self, val):
                      """
                      Setter that will always make sure we use unicode in app_settings_value
                      :param val:
                      """
                      self._app_settings_value = safe_unicode(val)
                  @hybrid_property
                  def app_settings_type(self):
                      return self._app_settings_type
                  @app_settings_type.setter
                  def app_settings_type(self, val):
                      SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
                      if val not in SETTINGS_TYPES:
                          raise Exception('type must be one of %s got %s'
                                          % (SETTINGS_TYPES.keys(), val))
                      self._app_settings_type = val
                  def __unicode__(self):
                      return u"<%s('%s:%s:%s[%s]')>" % (
                          self.__class__.__name__, self.repository.repo_name,
                          self.app_settings_name, self.app_settings_value,
                          self.app_settings_type
                      )
              class RepoRhodeCodeUi(Base, BaseModel):
                  __tablename__ = 'repo_rhodecode_ui'
                  __table_args__ = (
                      UniqueConstraint(
                          'repository_id', 'ui_section', 'ui_key',
                          name='uq_repo_rhodecode_ui_repository_id_section_key'),
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                  )
                  repository_id = Column(
                      "repository_id", Integer(), ForeignKey('repositories.repo_id'),
                      nullable=False)
                  ui_id = Column(
                      "ui_id", Integer(), nullable=False, unique=True, default=None,
                      primary_key=True)
                  ui_section = Column(
                      "ui_section", String(255), nullable=True, unique=None, default=None)
                  ui_key = Column(
                      "ui_key", String(255), nullable=True, unique=None, default=None)
                  ui_value = Column(
                      "ui_value", String(255), nullable=True, unique=None, default=None)
                  ui_active = Column(
                      "ui_active", Boolean(), nullable=True, unique=None, default=True)
                  repository = relationship('Repository')
                  def __repr__(self):
                      return '<%s[%s:%s]%s=>%s]>' % (
                          self.__class__.__name__, self.repository.repo_name,
                          self.ui_section, self.ui_key, self.ui_value)
              class User(Base, BaseModel):
                  __tablename__ = 'users'
                  __table_args__ = (
                      UniqueConstraint('username'), UniqueConstraint('email'),
                      Index('u_username_idx', 'username'),
                      Index('u_email_idx', 'email'),
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                  )
                  DEFAULT_USER = 'default'
                  DEFAULT_USER_EMAIL = 'anonymous@rhodecode.org'
                  DEFAULT_GRAVATAR_URL = 'https://secure.gravatar.com/avatar/{md5email}?d=identicon&s={size}'
                  user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                  username = Column("username", String(255), nullable=True, unique=None, default=None)
                  password = Column("password", String(255), nullable=True, unique=None, default=None)
                  active = Column("active", Boolean(), nullable=True, unique=None, default=True)
                  admin = Column("admin", Boolean(), nullable=True, unique=None, default=False)
                  name = Column("firstname", String(255), nullable=True, unique=None, default=None)
                  lastname = Column("lastname", String(255), nullable=True, unique=None, default=None)
                  _email = Column("email", String(255), nullable=True, unique=None, default=None)
                  last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None)
                  last_activity = Column('last_activity', DateTime(timezone=False), nullable=True, unique=None, default=None)
                  extern_type = Column("extern_type", String(255), nullable=True, unique=None, default=None)
                  extern_name = Column("extern_name", String(255), nullable=True, unique=None, default=None)
                  _api_key = Column("api_key", String(255), nullable=True, unique=None, default=None)
                  inherit_default_permissions = Column("inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
                  created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                  _user_data = Column("user_data", LargeBinary(), nullable=True)  # JSON data
                  user_log = relationship('UserLog')
                  user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all')
                  repositories = relationship('Repository')
                  repository_groups = relationship('RepoGroup')
                  user_groups = relationship('UserGroup')
                  user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all')
                  followings = relationship('UserFollowing', primaryjoin='UserFollowing.user_id==User.user_id', cascade='all')
                  repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all')
                  repo_group_to_perm = relationship('UserRepoGroupToPerm', primaryjoin='UserRepoGroupToPerm.user_id==User.user_id', cascade='all')
                  user_group_to_perm = relationship('UserUserGroupToPerm', primaryjoin='UserUserGroupToPerm.user_id==User.user_id', cascade='all')
                  group_member = relationship('UserGroupMember', cascade='all')
                  notifications = relationship('UserNotification', cascade='all')
                  # notifications assigned to this user
                  user_created_notifications = relationship('Notification', cascade='all')
                  # comments created by this user
                  user_comments = relationship('ChangesetComment', cascade='all')
                  # user profile extra info
                  user_emails = relationship('UserEmailMap', cascade='all')
                  user_ip_map = relationship('UserIpMap', cascade='all')
                  user_auth_tokens = relationship('UserApiKeys', cascade='all')
                  user_ssh_keys = relationship('UserSshKeys', cascade='all')
                  # gists
                  user_gists = relationship('Gist', cascade='all')
                  # user pull requests
                  user_pull_requests = relationship('PullRequest', cascade='all')
                  # external identities
                  extenal_identities = relationship(
                      'ExternalIdentity',
                      primaryjoin="User.user_id==ExternalIdentity.local_user_id",
                      cascade='all')
                  # review rules
                  user_review_rules = relationship('RepoReviewRuleUser', cascade='all')
                  def __unicode__(self):
                      return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
                                                    self.user_id, self.username)
                  @hybrid_property
                  def email(self):
                      return self._email
                  @email.setter
                  def email(self, val):
                      self._email = val.lower() if val else None
                  @hybrid_property
                  def first_name(self):
                      from rhodecode.lib import helpers as h
                      if self.name:
                          return h.escape(self.name)
                      return self.name
                  @hybrid_property
                  def last_name(self):
                      from rhodecode.lib import helpers as h
                      if self.lastname:
                          return h.escape(self.lastname)
                      return self.lastname
                  @hybrid_property
                  def api_key(self):
                      """
                      Fetch if exist an auth-token with role ALL connected to this user
                      """
                      user_auth_token = UserApiKeys.query()\
                          .filter(UserApiKeys.user_id == self.user_id)\
                          .filter(or_(UserApiKeys.expires == -1,
                                          UserApiKeys.expires >= time.time()))\
                          .filter(UserApiKeys.role == UserApiKeys.ROLE_ALL).first()
                      if user_auth_token:
                          user_auth_token = user_auth_token.api_key
                      return user_auth_token
                  @api_key.setter
                  def api_key(self, val):
                      # don't allow to set API key this is deprecated for now
                      self._api_key = None
                  @property
                  def reviewer_pull_requests(self):
                      return PullRequestReviewers.query() \
                          .options(joinedload(PullRequestReviewers.pull_request)) \
                          .filter(PullRequestReviewers.user_id == self.user_id) \
                          .all()
                  @property
                  def firstname(self):
                      # alias for future
                      return self.name
                  @property
                  def emails(self):
                      other = UserEmailMap.query()\
                          .filter(UserEmailMap.user == self) \
                          .order_by(UserEmailMap.email_id.asc()) \
                          .all()
                      return [self.email] + [x.email for x in other]
                  @property
                  def auth_tokens(self):
                      auth_tokens = self.get_auth_tokens()
                      return [x.api_key for x in auth_tokens]
                  def get_auth_tokens(self):
                      return UserApiKeys.query()\
                          .filter(UserApiKeys.user == self)\
                          .order_by(UserApiKeys.user_api_key_id.asc())\
                          .all()
-                 @property
+                 @LazyProperty
                  def feed_token(self):
                      return self.get_feed_token()
-                 def get_feed_token(self):
+                 def get_feed_token(self, cache=True):
                      feed_tokens = UserApiKeys.query()\
                          .filter(UserApiKeys.user == self)\
-                         .filter(UserApiKeys.role == UserApiKeys.ROLE_FEED)\
-                         .all()
+                         .filter(UserApiKeys.role == UserApiKeys.ROLE_FEED)
+                     if cache:
+                         feed_tokens = feed_tokens.options(
+                             FromCache("long_term", "get_user_feed_token_%s" % self.user_id))
+                     feed_tokens = feed_tokens.all()
                      if feed_tokens:
                          return feed_tokens[0].api_key
                      return 'NO_FEED_TOKEN_AVAILABLE'
                  @classmethod
                  def get(cls, user_id, cache=False):
                      if not user_id:
                          return
                      user = cls.query()
                      if cache:
                          user = user.options(
                              FromCache("sql_cache_short", "get_users_%s" % user_id))
                      return user.get(user_id)
                  @classmethod
                  def extra_valid_auth_tokens(cls, user, role=None):
                      tokens = UserApiKeys.query().filter(UserApiKeys.user == user)\
                              .filter(or_(UserApiKeys.expires == -1,
                                          UserApiKeys.expires >= time.time()))
                      if role:
                          tokens = tokens.filter(or_(UserApiKeys.role == role,
                                                     UserApiKeys.role == UserApiKeys.ROLE_ALL))
                      return tokens.all()
                  def authenticate_by_token(self, auth_token, roles=None, scope_repo_id=None):
                      from rhodecode.lib import auth
                      log.debug('Trying to authenticate user: %s via auth-token, '
                                'and roles: %s', self, roles)
                      if not auth_token:
                          return False
                      crypto_backend = auth.crypto_backend()
                      roles = (roles or []) + [UserApiKeys.ROLE_ALL]
                      tokens_q = UserApiKeys.query()\
                          .filter(UserApiKeys.user_id == self.user_id)\
                          .filter(or_(UserApiKeys.expires == -1,
                                      UserApiKeys.expires >= time.time()))
                      tokens_q = tokens_q.filter(UserApiKeys.role.in_(roles))
                      plain_tokens = []
                      hash_tokens = []
                      for token in tokens_q.all():
                          # verify scope first
                          if token.repo_id:
                              # token has a scope, we need to verify it
                              if scope_repo_id != token.repo_id:
                                  log.debug(
                                      'Scope mismatch: token has a set repo scope: %s, '
                                      'and calling scope is:%s, skipping further checks',
                                       token.repo, scope_repo_id)
                                  # token has a scope, and it doesn't match, skip token
                                  continue
                          if token.api_key.startswith(crypto_backend.ENC_PREF):
                              hash_tokens.append(token.api_key)
                          else:
                              plain_tokens.append(token.api_key)
                      is_plain_match = auth_token in plain_tokens
                      if is_plain_match:
                          return True
                      for hashed in hash_tokens:
                          # TODO(marcink): this is expensive to calculate, but most secure
                          match = crypto_backend.hash_check(auth_token, hashed)
                          if match:
                              return True
                      return False
                  @property
                  def ip_addresses(self):
                      ret = UserIpMap.query().filter(UserIpMap.user == self).all()
                      return [x.ip_addr for x in ret]
                  @property
                  def username_and_name(self):
                      return '%s (%s %s)' % (self.username, self.first_name, self.last_name)
                  @property
                  def username_or_name_or_email(self):
                      full_name = self.full_name if self.full_name is not ' ' else None
                      return self.username or full_name or self.email
                  @property
                  def full_name(self):
                      return '%s %s' % (self.first_name, self.last_name)
                  @property
                  def full_name_or_username(self):
                      return ('%s %s' % (self.first_name, self.last_name)
                              if (self.first_name and self.last_name) else self.username)
                  @property
                  def full_contact(self):
                      return '%s %s <%s>' % (self.first_name, self.last_name, self.email)
                  @property
                  def short_contact(self):
                      return '%s %s' % (self.first_name, self.last_name)
                  @property
                  def is_admin(self):
                      return self.admin
                  def AuthUser(self, **kwargs):
                      """
                      Returns instance of AuthUser for this user
                      """
                      from rhodecode.lib.auth import AuthUser
                      return AuthUser(user_id=self.user_id, username=self.username, **kwargs)
                  @hybrid_property
                  def user_data(self):
                      if not self._user_data:
                          return {}
                      try:
                          return json.loads(self._user_data)
                      except TypeError:
                          return {}
                  @user_data.setter
                  def user_data(self, val):
                      if not isinstance(val, dict):
                          raise Exception('user_data must be dict, got %s' % type(val))
                      try:
                          self._user_data = json.dumps(val)
                      except Exception:
                          log.error(traceback.format_exc())
                  @classmethod
                  def get_by_username(cls, username, case_insensitive=False,
                                      cache=False, identity_cache=False):
                      session = Session()
                      if case_insensitive:
                          q = cls.query().filter(
                              func.lower(cls.username) == func.lower(username))
                      else:
                          q = cls.query().filter(cls.username == username)
                      if cache:
                          if identity_cache:
                              val = cls.identity_cache(session, 'username', username)
                              if val:
                                  return val
                          else:
                              cache_key = "get_user_by_name_%s" % _hash_key(username)
                              q = q.options(
                                  FromCache("sql_cache_short", cache_key))
                      return q.scalar()
                  @classmethod
                  def get_by_auth_token(cls, auth_token, cache=False):
                      q = UserApiKeys.query()\
                          .filter(UserApiKeys.api_key == auth_token)\
                          .filter(or_(UserApiKeys.expires == -1,
                                      UserApiKeys.expires >= time.time()))
                      if cache:
                          q = q.options(
                              FromCache("sql_cache_short", "get_auth_token_%s" % auth_token))
                      match = q.first()
                      if match:
                          return match.user
                  @classmethod
                  def get_by_email(cls, email, case_insensitive=False, cache=False):
                      if case_insensitive:
                          q = cls.query().filter(func.lower(cls.email) == func.lower(email))
                      else:
                          q = cls.query().filter(cls.email == email)
                      email_key = _hash_key(email)
                      if cache:
                          q = q.options(
                              FromCache("sql_cache_short", "get_email_key_%s" % email_key))
                      ret = q.scalar()
                      if ret is None:
                          q = UserEmailMap.query()
                          # try fetching in alternate email map
                          if case_insensitive:
                              q = q.filter(func.lower(UserEmailMap.email) == func.lower(email))
                          else:
                              q = q.filter(UserEmailMap.email == email)
                          q = q.options(joinedload(UserEmailMap.user))
                          if cache:
                              q = q.options(
                                  FromCache("sql_cache_short", "get_email_map_key_%s" % email_key))
                          ret = getattr(q.scalar(), 'user', None)
                      return ret
                  @classmethod
                  def get_from_cs_author(cls, author):
                      """
                      Tries to get User objects out of commit author string
                      :param author:
                      """
                      from rhodecode.lib.helpers import email, author_name
                      # Valid email in the attribute passed, see if they're in the system
                      _email = email(author)
                      if _email:
                          user = cls.get_by_email(_email, case_insensitive=True)
                          if user:
                              return user
                      # Maybe we can match by username?
                      _author = author_name(author)
                      user = cls.get_by_username(_author, case_insensitive=True)
                      if user:
                          return user
                  def update_userdata(self, **kwargs):
                      usr = self
                      old = usr.user_data
                      old.update(**kwargs)
                      usr.user_data = old
                      Session().add(usr)
                      log.debug('updated userdata with ', kwargs)
                  def update_lastlogin(self):
                      """Update user lastlogin"""
                      self.last_login = datetime.datetime.now()
                      Session().add(self)
                      log.debug('updated user %s lastlogin', self.username)
                  def update_lastactivity(self):
                      """Update user lastactivity"""
                      self.last_activity = datetime.datetime.now()
                      Session().add(self)
                      log.debug('updated user `%s` last activity', self.username)
                  def update_password(self, new_password):
                      from rhodecode.lib.auth import get_crypt_password
                      self.password = get_crypt_password(new_password)
                      Session().add(self)
                  @classmethod
                  def get_first_super_admin(cls):
                      user = User.query().filter(User.admin == true()).first()
                      if user is None:
                          raise Exception('FATAL: Missing administrative account!')
                      return user
                  @classmethod
                  def get_all_super_admins(cls):
                      """
                      Returns all admin accounts sorted by username
                      """
                      return User.query().filter(User.admin == true())\
                          .order_by(User.username.asc()).all()
                  @classmethod
                  def get_default_user(cls, cache=False, refresh=False):
                      user = User.get_by_username(User.DEFAULT_USER, cache=cache)
                      if user is None:
                          raise Exception('FATAL: Missing default account!')
                      if refresh:
                          # The default user might be based on outdated state which
                          # has been loaded from the cache.
                          # A call to refresh() ensures that the
                          # latest state from the database is used.
                          Session().refresh(user)
                      return user
                  def _get_default_perms(self, user, suffix=''):
                      from rhodecode.model.permission import PermissionModel
                      return PermissionModel().get_default_perms(user.user_perms, suffix)
                  def get_default_perms(self, suffix=''):
                      return self._get_default_perms(self, suffix)
                  def get_api_data(self, include_secrets=False, details='full'):
                      """
                      Common function for generating user related data for API
                      :param include_secrets: By default secrets in the API data will be replaced
                         by a placeholder value to prevent exposing this data by accident. In case
                         this data shall be exposed, set this flag to ``True``.
                      :param details: details can be 'basic|full' basic gives only a subset of
                         the available user information that includes user_id, name and emails.
                      """
                      user = self
                      user_data = self.user_data
                      data = {
                          'user_id': user.user_id,
                          'username': user.username,
                          'firstname': user.name,
                          'lastname': user.lastname,
                          'email': user.email,
                          'emails': user.emails,
                      }
                      if details == 'basic':
                          return data
                      auth_token_length = 40
                      auth_token_replacement = '*' * auth_token_length
                      extras = {
                          'auth_tokens': [auth_token_replacement],
                          'active': user.active,
                          'admin': user.admin,
                          'extern_type': user.extern_type,
                          'extern_name': user.extern_name,
                          'last_login': user.last_login,
                          'last_activity': user.last_activity,
                          'ip_addresses': user.ip_addresses,
                          'language': user_data.get('language')
                      }
                      data.update(extras)
                      if include_secrets:
                          data['auth_tokens'] = user.auth_tokens
                      return data
                  def __json__(self):
                      data = {
                          'full_name': self.full_name,
                          'full_name_or_username': self.full_name_or_username,
                          'short_contact': self.short_contact,
                          'full_contact': self.full_contact,
                      }
                      data.update(self.get_api_data())
                      return data
              class UserApiKeys(Base, BaseModel):
                  __tablename__ = 'user_api_keys'
                  __table_args__ = (
                      Index('uak_api_key_idx', 'api_key', unique=True),
                      Index('uak_api_key_expires_idx', 'api_key', 'expires'),
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                  )
                  __mapper_args__ = {}
                  # ApiKey role
                  ROLE_ALL = 'token_role_all'
                  ROLE_HTTP = 'token_role_http'
                  ROLE_VCS = 'token_role_vcs'
                  ROLE_API = 'token_role_api'
                  ROLE_FEED = 'token_role_feed'
                  ROLE_PASSWORD_RESET = 'token_password_reset'
                  ROLES = [ROLE_ALL, ROLE_HTTP, ROLE_VCS, ROLE_API, ROLE_FEED]
                  user_api_key_id = Column("user_api_key_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                  user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
                  api_key = Column("api_key", String(255), nullable=False, unique=True)
                  description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
                  expires = Column('expires', Float(53), nullable=False)
                  role = Column('role', String(255), nullable=True)
                  created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                  # scope columns
                  repo_id = Column(
                      'repo_id', Integer(), ForeignKey('repositories.repo_id'),
                      nullable=True, unique=None, default=None)
                  repo = relationship('Repository', lazy='joined')
                  repo_group_id = Column(
                      'repo_group_id', Integer(), ForeignKey('groups.group_id'),
                      nullable=True, unique=None, default=None)
                  repo_group = relationship('RepoGroup', lazy='joined')
                  user = relationship('User', lazy='joined')
                  def __unicode__(self):
                      return u"<%s('%s')>" % (self.__class__.__name__, self.role)
                  def __json__(self):
                      data = {
                          'auth_token': self.api_key,
                          'role': self.role,
                          'scope': self.scope_humanized,
                          'expired': self.expired
                      }
                      return data
                  def get_api_data(self, include_secrets=False):
                      data = self.__json__()
                      if include_secrets:
                          return data
                      else:
                          data['auth_token'] = self.token_obfuscated
                          return data
                  @hybrid_property
                  def description_safe(self):
                      from rhodecode.lib import helpers as h
                      return h.escape(self.description)
                  @property
                  def expired(self):
                      if self.expires == -1:
                          return False
                      return time.time() > self.expires
                  @classmethod
                  def _get_role_name(cls, role):
                      return {
                          cls.ROLE_ALL: _('all'),
                          cls.ROLE_HTTP: _('http/web interface'),
                          cls.ROLE_VCS: _('vcs (git/hg/svn protocol)'),
                          cls.ROLE_API: _('api calls'),
                          cls.ROLE_FEED: _('feed access'),
                      }.get(role, role)
                  @property
                  def role_humanized(self):
                      return self._get_role_name(self.role)
                  def _get_scope(self):
                      if self.repo:
                          return repr(self.repo)
                      if self.repo_group:
                          return repr(self.repo_group) + ' (recursive)'
                      return 'global'
                  @property
                  def scope_humanized(self):
                      return self._get_scope()
                  @property
                  def token_obfuscated(self):
                      if self.api_key:
                          return self.api_key[:4] + "****"
              class UserEmailMap(Base, BaseModel):
                  __tablename__ = 'user_email_map'
                  __table_args__ = (
                      Index('uem_email_idx', 'email'),
                      UniqueConstraint('email'),
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                  )
                  __mapper_args__ = {}
                  email_id = Column("email_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                  user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
                  _email = Column("email", String(255), nullable=True, unique=False, default=None)
                  user = relationship('User', lazy='joined')
                  @validates('_email')
                  def validate_email(self, key, email):
                      # check if this email is not main one
                      main_email = Session().query(User).filter(User.email == email).scalar()
                      if main_email is not None:
                          raise AttributeError('email %s is present is user table' % email)
                      return email
                  @hybrid_property
                  def email(self):
                      return self._email
                  @email.setter
                  def email(self, val):
                      self._email = val.lower() if val else None
              class UserIpMap(Base, BaseModel):
                  __tablename__ = 'user_ip_map'
                  __table_args__ = (
                      UniqueConstraint('user_id', 'ip_addr'),
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                  )
                  __mapper_args__ = {}
                  ip_id = Column("ip_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                  user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
                  ip_addr = Column("ip_addr", String(255), nullable=True, unique=False, default=None)
                  active = Column("active", Boolean(), nullable=True, unique=None, default=True)
                  description = Column("description", String(10000), nullable=True, unique=None, default=None)
                  user = relationship('User', lazy='joined')
                  @hybrid_property
                  def description_safe(self):
                      from rhodecode.lib import helpers as h
                      return h.escape(self.description)
                  @classmethod
                  def _get_ip_range(cls, ip_addr):
                      net = ipaddress.ip_network(safe_unicode(ip_addr), strict=False)
                      return [str(net.network_address), str(net.broadcast_address)]
                  def __json__(self):
                      return {
                        'ip_addr': self.ip_addr,
                        'ip_range': self._get_ip_range(self.ip_addr),
                      }
                  def __unicode__(self):
                      return u"<%s('user_id:%s=>%s')>" % (self.__class__.__name__,
                                                          self.user_id, self.ip_addr)
              class UserSshKeys(Base, BaseModel):
                  __tablename__ = 'user_ssh_keys'
                  __table_args__ = (
                      Index('usk_ssh_key_fingerprint_idx', 'ssh_key_fingerprint'),
                      UniqueConstraint('ssh_key_fingerprint'),
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                  )
                  __mapper_args__ = {}
                  ssh_key_id = Column('ssh_key_id', Integer(), nullable=False, unique=True, default=None, primary_key=True)
                  ssh_key_data = Column('ssh_key_data', String(10240), nullable=False, unique=None, default=None)
                  ssh_key_fingerprint = Column('ssh_key_fingerprint', String(255), nullable=False, unique=None, default=None)
                  description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
                  created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                  accessed_on = Column('accessed_on', DateTime(timezone=False), nullable=True, default=None)
                  user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
                  user = relationship('User', lazy='joined')
                  def __json__(self):
                      data = {
                          'ssh_fingerprint': self.ssh_key_fingerprint,
                          'description': self.description,
                          'created_on': self.created_on
                      }
                      return data
                  def get_api_data(self):
                      data = self.__json__()
                      return data
              class UserLog(Base, BaseModel):
                  __tablename__ = 'user_logs'
                  __table_args__ = (
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                  )
                  VERSION_1 = 'v1'
                  VERSION_2 = 'v2'
                  VERSIONS = [VERSION_1, VERSION_2]
                  user_log_id = Column("user_log_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                  user_id = Column("user_id", Integer(), ForeignKey('users.user_id',ondelete='SET NULL'), nullable=True, unique=None, default=None)
                  username = Column("username", String(255), nullable=True, unique=None, default=None)
                  repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id', ondelete='SET NULL'), nullable=True, unique=None, default=None)
                  repository_name = Column("repository_name", String(255), nullable=True, unique=None, default=None)
                  user_ip = Column("user_ip", String(255), nullable=True, unique=None, default=None)
                  action = Column("action", Text().with_variant(Text(1200000), 'mysql'), nullable=True, unique=None, default=None)
                  action_date = Column("action_date", DateTime(timezone=False), nullable=True, unique=None, default=None)
                  version = Column("version", String(255), nullable=True, default=VERSION_1)
                  user_data = Column('user_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
                  action_data = Column('action_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
                  def __unicode__(self):
                      return u"<%s('id:%s:%s')>" % (
                          self.__class__.__name__, self.repository_name, self.action)
                  def __json__(self):
                      return {
                          'user_id': self.user_id,
                          'username': self.username,
                          'repository_id': self.repository_id,
                          'repository_name': self.repository_name,
                          'user_ip': self.user_ip,
                          'action_date': self.action_date,
                          'action': self.action,
                      }
                  @hybrid_property
                  def entry_id(self):
                      return self.user_log_id
                  @property
                  def action_as_day(self):
                      return datetime.date(*self.action_date.timetuple()[:3])
                  user = relationship('User')
                  repository = relationship('Repository', cascade='')
              class UserGroup(Base, BaseModel):
                  __tablename__ = 'users_groups'
                  __table_args__ = (
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                  )
                  users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                  users_group_name = Column("users_group_name", String(255), nullable=False, unique=True, default=None)
                  user_group_description = Column("user_group_description", String(10000), nullable=True, unique=None, default=None)
                  users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None)
                  inherit_default_permissions = Column("users_group_inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
                  user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
                  created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                  _group_data = Column("group_data", LargeBinary(), nullable=True)  # JSON data
                  members = relationship('UserGroupMember', cascade="all, delete, delete-orphan", lazy="joined")
                  users_group_to_perm = relationship('UserGroupToPerm', cascade='all')
                  users_group_repo_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
                  users_group_repo_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')
                  user_user_group_to_perm = relationship('UserUserGroupToPerm', cascade='all')
                  user_group_user_group_to_perm = relationship('UserGroupUserGroupToPerm ', primaryjoin="UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id", cascade='all')
                  user_group_review_rules = relationship('RepoReviewRuleUserGroup', cascade='all')
                  user = relationship('User', primaryjoin="User.user_id==UserGroup.user_id")
                  @classmethod
                  def _load_group_data(cls, column):
                      if not column:
                          return {}
                      try:
                          return json.loads(column) or {}
                      except TypeError:
                          return {}
                  @hybrid_property
                  def description_safe(self):
                      from rhodecode.lib import helpers as h
                      return h.escape(self.description)
                  @hybrid_property
                  def group_data(self):
                      return self._load_group_data(self._group_data)
                  @group_data.expression
                  def group_data(self, **kwargs):
                      return self._group_data
                  @group_data.setter
                  def group_data(self, val):
                      try:
                          self._group_data = json.dumps(val)
                      except Exception:
                          log.error(traceback.format_exc())
                  def __unicode__(self):
                      return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
                                                    self.users_group_id,
                                                    self.users_group_name)
                  @classmethod
                  def get_by_group_name(cls, group_name, cache=False,
                                        case_insensitive=False):
                      if case_insensitive:
                          q = cls.query().filter(func.lower(cls.users_group_name) ==
                                                 func.lower(group_name))
                      else:
                          q = cls.query().filter(cls.users_group_name == group_name)
                      if cache:
                          q = q.options(
                              FromCache("sql_cache_short", "get_group_%s" % _hash_key(group_name)))
                      return q.scalar()
                  @classmethod
                  def get(cls, user_group_id, cache=False):
                      if not user_group_id:
                          return
                      user_group = cls.query()
                      if cache:
                          user_group = user_group.options(
                              FromCache("sql_cache_short", "get_users_group_%s" % user_group_id))
                      return user_group.get(user_group_id)
                  def permissions(self, with_admins=True, with_owner=True):
                      q = UserUserGroupToPerm.query().filter(UserUserGroupToPerm.user_group == self)
                      q = q.options(joinedload(UserUserGroupToPerm.user_group),
                                    joinedload(UserUserGroupToPerm.user),
                                    joinedload(UserUserGroupToPerm.permission),)
                      # get owners and admins and permissions. We do a trick of re-writing
                      # objects from sqlalchemy to named-tuples due to sqlalchemy session
                      # has a global reference and changing one object propagates to all
                      # others. This means if admin is also an owner admin_row that change
                      # would propagate to both objects
                      perm_rows = []
                      for _usr in q.all():
                          usr = AttributeDict(_usr.user.get_dict())
                          usr.permission = _usr.permission.permission_name
                          perm_rows.append(usr)
                      # filter the perm rows by 'default' first and then sort them by
                      # admin,write,read,none permissions sorted again alphabetically in
                      # each group
                      perm_rows = sorted(perm_rows, key=display_user_sort)
                      _admin_perm = 'usergroup.admin'
                      owner_row = []
                      if with_owner:
                          usr = AttributeDict(self.user.get_dict())
                          usr.owner_row = True
                          usr.permission = _admin_perm
                          owner_row.append(usr)
                      super_admin_rows = []
                      if with_admins:
                          for usr in User.get_all_super_admins():
                              # if this admin is also owner, don't double the record
                              if usr.user_id == owner_row[0].user_id:
                                  owner_row[0].admin_row = True
                              else:
                                  usr = AttributeDict(usr.get_dict())
                                  usr.admin_row = True
                                  usr.permission = _admin_perm
                                  super_admin_rows.append(usr)
                      return super_admin_rows + owner_row + perm_rows
                  def permission_user_groups(self):
                      q = UserGroupUserGroupToPerm.query().filter(UserGroupUserGroupToPerm.target_user_group == self)
                      q = q.options(joinedload(UserGroupUserGroupToPerm.user_group),
                                    joinedload(UserGroupUserGroupToPerm.target_user_group),
                                    joinedload(UserGroupUserGroupToPerm.permission),)
                      perm_rows = []
                      for _user_group in q.all():
                          usr = AttributeDict(_user_group.user_group.get_dict())
                          usr.permission = _user_group.permission.permission_name
                          perm_rows.append(usr)
                      perm_rows = sorted(perm_rows, key=display_user_group_sort)
                      return perm_rows
                  def _get_default_perms(self, user_group, suffix=''):
                      from rhodecode.model.permission import PermissionModel
                      return PermissionModel().get_default_perms(user_group.users_group_to_perm, suffix)
                  def get_default_perms(self, suffix=''):
                      return self._get_default_perms(self, suffix)
                  def get_api_data(self, with_group_members=True, include_secrets=False):
                      """
                      :param include_secrets: See :meth:`User.get_api_data`, this parameter is
                         basically forwarded.
                      """
                      user_group = self
                      data = {
                          'users_group_id': user_group.users_group_id,
                          'group_name': user_group.users_group_name,
                          'group_description': user_group.user_group_description,
                          'active': user_group.users_group_active,
                          'owner': user_group.user.username,
                          'owner_email': user_group.user.email,
                      }
                      if with_group_members:
                          users = []
                          for user in user_group.members:
                              user = user.user
                              users.append(user.get_api_data(include_secrets=include_secrets))
                          data['users'] = users
                      return data
              class UserGroupMember(Base, BaseModel):
                  __tablename__ = 'users_groups_members'
                  __table_args__ = (
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                  )
                  users_group_member_id = Column("users_group_member_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                  users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                  user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                  user = relationship('User', lazy='joined')
                  users_group = relationship('UserGroup')
                  def __init__(self, gr_id='', u_id=''):
                      self.users_group_id = gr_id
                      self.user_id = u_id
              class RepositoryField(Base, BaseModel):
                  __tablename__ = 'repositories_fields'
                  __table_args__ = (
                      UniqueConstraint('repository_id', 'field_key'),  # no-multi field
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                  )
                  PREFIX = 'ex_'  # prefix used in form to not conflict with already existing fields
                  repo_field_id = Column("repo_field_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                  repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
                  field_key = Column("field_key", String(250))
                  field_label = Column("field_label", String(1024), nullable=False)
                  field_value = Column("field_value", String(10000), nullable=False)
                  field_desc = Column("field_desc", String(1024), nullable=False)
                  field_type = Column("field_type", String(255), nullable=False, unique=None)
                  created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                  repository = relationship('Repository')
                  @property
                  def field_key_prefixed(self):
                      return 'ex_%s' % self.field_key
                  @classmethod
                  def un_prefix_key(cls, key):
                      if key.startswith(cls.PREFIX):
                          return key[len(cls.PREFIX):]
                      return key
                  @classmethod
                  def get_by_key_name(cls, key, repo):
                      row = cls.query()\
                              .filter(cls.repository == repo)\
                              .filter(cls.field_key == key).scalar()
                      return row
              class Repository(Base, BaseModel):
                  __tablename__ = 'repositories'
                  __table_args__ = (
                      Index('r_repo_name_idx', 'repo_name', mysql_length=255),
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                  )
                  DEFAULT_CLONE_URI = '{scheme}://{user}@{netloc}/{repo}'
                  DEFAULT_CLONE_URI_ID = '{scheme}://{user}@{netloc}/_{repoid}'
                  STATE_CREATED = 'repo_state_created'
                  STATE_PENDING = 'repo_state_pending'
                  STATE_ERROR = 'repo_state_error'
                  LOCK_AUTOMATIC = 'lock_auto'
                  LOCK_API = 'lock_api'
                  LOCK_WEB = 'lock_web'
                  LOCK_PULL = 'lock_pull'
                  NAME_SEP = URL_SEP
                  repo_id = Column(
                      "repo_id", Integer(), nullable=False, unique=True, default=None,
                      primary_key=True)
                  _repo_name = Column(
                      "repo_name", Text(), nullable=False, default=None)
                  _repo_name_hash = Column(
                      "repo_name_hash", String(255), nullable=False, unique=True)
                  repo_state = Column("repo_state", String(255), nullable=True)
                  clone_uri = Column(
                      "clone_uri", EncryptedTextValue(), nullable=True, unique=False,
                      default=None)
                  repo_type = Column(
                      "repo_type", String(255), nullable=False, unique=False, default=None)
                  user_id = Column(
                      "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
                      unique=False, default=None)
                  private = Column(
                      "private", Boolean(), nullable=True, unique=None, default=None)
                  enable_statistics = Column(
                      "statistics", Boolean(), nullable=True, unique=None, default=True)
                  enable_downloads = Column(
                      "downloads", Boolean(), nullable=True, unique=None, default=True)
                  description = Column(
                      "description", String(10000), nullable=True, unique=None, default=None)
                  created_on = Column(
                      'created_on', DateTime(timezone=False), nullable=True, unique=None,
                      default=datetime.datetime.now)
                  updated_on = Column(
                      'updated_on', DateTime(timezone=False), nullable=True, unique=None,
                      default=datetime.datetime.now)
                  _landing_revision = Column(
                      "landing_revision", String(255), nullable=False, unique=False,
                      default=None)
                  enable_locking = Column(
                      "enable_locking", Boolean(), nullable=False, unique=None,
                      default=False)
                  _locked = Column(
                      "locked", String(255), nullable=True, unique=False, default=None)
                  _changeset_cache = Column(
                      "changeset_cache", LargeBinary(), nullable=True)  # JSON data
                  fork_id = Column(
                      "fork_id", Integer(), ForeignKey('repositories.repo_id'),
                      nullable=True, unique=False, default=None)
                  group_id = Column(
                      "group_id", Integer(), ForeignKey('groups.group_id'), nullable=True,
                      unique=False, default=None)
                  user = relationship('User', lazy='joined')
                  fork = relationship('Repository', remote_side=repo_id, lazy='joined')
                  group = relationship('RepoGroup', lazy='joined')
                  repo_to_perm = relationship(
                      'UserRepoToPerm', cascade='all',
                      order_by='UserRepoToPerm.repo_to_perm_id')
                  users_group_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
                  stats = relationship('Statistics', cascade='all', uselist=False)
                  followers = relationship(
                      'UserFollowing',
                      primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id',
                      cascade='all')
                  extra_fields = relationship(
                      'RepositoryField', cascade="all, delete, delete-orphan")
                  logs = relationship('UserLog')
                  comments = relationship(
                      'ChangesetComment', cascade="all, delete, delete-orphan")
                  pull_requests_source = relationship(
                      'PullRequest',
                      primaryjoin='PullRequest.source_repo_id==Repository.repo_id',
                      cascade="all, delete, delete-orphan")
                  pull_requests_target = relationship(
                      'PullRequest',
                      primaryjoin='PullRequest.target_repo_id==Repository.repo_id',
                      cascade="all, delete, delete-orphan")
                  ui = relationship('RepoRhodeCodeUi', cascade="all")
                  settings = relationship('RepoRhodeCodeSetting', cascade="all")
                  integrations = relationship('Integration',
                                              cascade="all, delete, delete-orphan")
                  def __unicode__(self):
                      return u"<%s('%s:%s')>" % (self.__class__.__name__, self.repo_id,
                                                 safe_unicode(self.repo_name))
                  @hybrid_property
                  def description_safe(self):
                      from rhodecode.lib import helpers as h
                      return h.escape(self.description)
                  @hybrid_property
                  def landing_rev(self):
                      # always should return [rev_type, rev]
                      if self._landing_revision:
                          _rev_info = self._landing_revision.split(':')
                          if len(_rev_info) < 2:
                              _rev_info.insert(0, 'rev')
                          return [_rev_info[0], _rev_info[1]]
                      return [None, None]
                  @landing_rev.setter
                  def landing_rev(self, val):
                      if ':' not in val:
                          raise ValueError('value must be delimited with `:` and consist '
                                           'of <rev_type>:<rev>, got %s instead' % val)
                      self._landing_revision = val
                  @hybrid_property
                  def locked(self):
                      if self._locked:
                          user_id, timelocked, reason = self._locked.split(':')
                          lock_values = int(user_id), timelocked, reason
                      else:
                          lock_values = [None, None, None]
                      return lock_values
                  @locked.setter
                  def locked(self, val):
                      if val and isinstance(val, (list, tuple)):
                          self._locked = ':'.join(map(str, val))
                      else:
                          self._locked = None
                  @hybrid_property
                  def changeset_cache(self):
                      from rhodecode.lib.vcs.backends.base import EmptyCommit
                      dummy = EmptyCommit().__json__()
                      if not self._changeset_cache:
                          return dummy
                      try:
                          return json.loads(self._changeset_cache)
                      except TypeError:
                          return dummy
                      except Exception:
                          log.error(traceback.format_exc())
                          return dummy
                  @changeset_cache.setter
                  def changeset_cache(self, val):
                      try:
                          self._changeset_cache = json.dumps(val)
                      except Exception:
                          log.error(traceback.format_exc())
                  @hybrid_property
                  def repo_name(self):
                      return self._repo_name
                  @repo_name.setter
                  def repo_name(self, value):
                      self._repo_name = value
                      self._repo_name_hash = hashlib.sha1(safe_str(value)).hexdigest()
                  @classmethod
                  def normalize_repo_name(cls, repo_name):
                      """
                      Normalizes os specific repo_name to the format internally stored inside
                      database using URL_SEP
                      :param cls:
                      :param repo_name:
                      """
                      return cls.NAME_SEP.join(repo_name.split(os.sep))
                  @classmethod
                  def get_by_repo_name(cls, repo_name, cache=False, identity_cache=False):
                      session = Session()
                      q = session.query(cls).filter(cls.repo_name == repo_name)
                      if cache:
                          if identity_cache:
                              val = cls.identity_cache(session, 'repo_name', repo_name)
                              if val:
                                  return val
                          else:
                              cache_key = "get_repo_by_name_%s" % _hash_key(repo_name)
                              q = q.options(
                                  FromCache("sql_cache_short", cache_key))
                      return q.scalar()
                  @classmethod
                  def get_by_full_path(cls, repo_full_path):
                      repo_name = repo_full_path.split(cls.base_path(), 1)[-1]
                      repo_name = cls.normalize_repo_name(repo_name)
                      return cls.get_by_repo_name(repo_name.strip(URL_SEP))
                  @classmethod
                  def get_repo_forks(cls, repo_id):
                      return cls.query().filter(Repository.fork_id == repo_id)
                  @classmethod
                  def base_path(cls):
                      """
                      Returns base path when all repos are stored
                      :param cls:
                      """
                      q = Session().query(RhodeCodeUi)\
                          .filter(RhodeCodeUi.ui_key == cls.NAME_SEP)
                      q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
                      return q.one().ui_value
                  @classmethod
                  def is_valid(cls, repo_name):
                      """
                      returns True if given repo name is a valid filesystem repository
                      :param cls:
                      :param repo_name:
                      """
                      from rhodecode.lib.utils import is_valid_repo
                      return is_valid_repo(repo_name, cls.base_path())
                  @classmethod
                  def get_all_repos(cls, user_id=Optional(None), group_id=Optional(None),
                                    case_insensitive=True):
                      q = Repository.query()
                      if not isinstance(user_id, Optional):
                          q = q.filter(Repository.user_id == user_id)
                      if not isinstance(group_id, Optional):
                          q = q.filter(Repository.group_id == group_id)
                      if case_insensitive:
                          q = q.order_by(func.lower(Repository.repo_name))
                      else:
                          q = q.order_by(Repository.repo_name)
                      return q.all()
                  @property
                  def forks(self):
                      """
                      Return forks of this repo
                      """
                      return Repository.get_repo_forks(self.repo_id)
                  @property
                  def parent(self):
                      """
                      Returns fork parent
                      """
                      return self.fork
                  @property
                  def just_name(self):
                      return self.repo_name.split(self.NAME_SEP)[-1]
                  @property
                  def groups_with_parents(self):
                      groups = []
                      if self.group is None:
                          return groups
                      cur_gr = self.group
                      groups.insert(0, cur_gr)
                      while 1:
                          gr = getattr(cur_gr, 'parent_group', None)
                          cur_gr = cur_gr.parent_group
                          if gr is None:
                              break
                          groups.insert(0, gr)
                      return groups
                  @property
                  def groups_and_repo(self):
                      return self.groups_with_parents, self
                  @LazyProperty
                  def repo_path(self):
                      """
                      Returns base full path for that repository means where it actually
                      exists on a filesystem
                      """
                      q = Session().query(RhodeCodeUi).filter(
                          RhodeCodeUi.ui_key == self.NAME_SEP)
                      q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
                      return q.one().ui_value
                  @property
                  def repo_full_path(self):
                      p = [self.repo_path]
                      # we need to split the name by / since this is how we store the
                      # names in the database, but that eventually needs to be converted
                      # into a valid system path
                      p += self.repo_name.split(self.NAME_SEP)
                      return os.path.join(*map(safe_unicode, p))
                  @property
                  def cache_keys(self):
                      """
                      Returns associated cache keys for that repo
                      """
                      return CacheKey.query()\
                          .filter(CacheKey.cache_args == self.repo_name)\
                          .order_by(CacheKey.cache_key)\
                          .all()
                  def get_new_name(self, repo_name):
                      """
                      returns new full repository name based on assigned group and new new
                      :param group_name:
                      """
                      path_prefix = self.group.full_path_splitted if self.group else []
                      return self.NAME_SEP.join(path_prefix + [repo_name])
                  @property
                  def _config(self):
                      """
                      Returns db based config object.
                      """
                      from rhodecode.lib.utils import make_db_config
                      return make_db_config(clear_session=False, repo=self)
                  def permissions(self, with_admins=True, with_owner=True):
                      q = UserRepoToPerm.query().filter(UserRepoToPerm.repository == self)
                      q = q.options(joinedload(UserRepoToPerm.repository),
                                    joinedload(UserRepoToPerm.user),
                                    joinedload(UserRepoToPerm.permission),)
                      # get owners and admins and permissions. We do a trick of re-writing
                      # objects from sqlalchemy to named-tuples due to sqlalchemy session
                      # has a global reference and changing one object propagates to all
                      # others. This means if admin is also an owner admin_row that change
                      # would propagate to both objects
                      perm_rows = []
                      for _usr in q.all():
                          usr = AttributeDict(_usr.user.get_dict())
                          usr.permission = _usr.permission.permission_name
                          perm_rows.append(usr)
                      # filter the perm rows by 'default' first and then sort them by
                      # admin,write,read,none permissions sorted again alphabetically in
                      # each group
                      perm_rows = sorted(perm_rows, key=display_user_sort)
                      _admin_perm = 'repository.admin'
                      owner_row = []
                      if with_owner:
                          usr = AttributeDict(self.user.get_dict())
                          usr.owner_row = True
                          usr.permission = _admin_perm
                          owner_row.append(usr)
                      super_admin_rows = []
                      if with_admins:
                          for usr in User.get_all_super_admins():
                              # if this admin is also owner, don't double the record
                              if usr.user_id == owner_row[0].user_id:
                                  owner_row[0].admin_row = True
                              else:
                                  usr = AttributeDict(usr.get_dict())
                                  usr.admin_row = True
                                  usr.permission = _admin_perm
                                  super_admin_rows.append(usr)
                      return super_admin_rows + owner_row + perm_rows
                  def permission_user_groups(self):
                      q = UserGroupRepoToPerm.query().filter(
                          UserGroupRepoToPerm.repository == self)
                      q = q.options(joinedload(UserGroupRepoToPerm.repository),
                                    joinedload(UserGroupRepoToPerm.users_group),
                                    joinedload(UserGroupRepoToPerm.permission),)
                      perm_rows = []
                      for _user_group in q.all():
                          usr = AttributeDict(_user_group.users_group.get_dict())
                          usr.permission = _user_group.permission.permission_name
                          perm_rows.append(usr)
                      perm_rows = sorted(perm_rows, key=display_user_group_sort)
                      return perm_rows
                  def get_api_data(self, include_secrets=False):
                      """
                      Common function for generating repo api data
                      :param include_secrets: See :meth:`User.get_api_data`.
                      """
                      # TODO: mikhail: Here there is an anti-pattern, we probably need to
                      # move this methods on models level.
                      from rhodecode.model.settings import SettingsModel
                      from rhodecode.model.repo import RepoModel
                      repo = self
                      _user_id, _time, _reason = self.locked
                      data = {
                          'repo_id': repo.repo_id,
                          'repo_name': repo.repo_name,
                          'repo_type': repo.repo_type,
                          'clone_uri': repo.clone_uri or '',
                          'url': RepoModel().get_url(self),
                          'private': repo.private,
                          'created_on': repo.created_on,
                          'description': repo.description_safe,
                          'landing_rev': repo.landing_rev,
                          'owner': repo.user.username,
                          'fork_of': repo.fork.repo_name if repo.fork else None,
                          'fork_of_id': repo.fork.repo_id if repo.fork else None,
                          'enable_statistics': repo.enable_statistics,
                          'enable_locking': repo.enable_locking,
                          'enable_downloads': repo.enable_downloads,
                          'last_changeset': repo.changeset_cache,
                          'locked_by': User.get(_user_id).get_api_data(
                              include_secrets=include_secrets) if _user_id else None,
                          'locked_date': time_to_datetime(_time) if _time else None,
                          'lock_reason': _reason if _reason else None,
                      }
                      # TODO: mikhail: should be per-repo settings here
                      rc_config = SettingsModel().get_all_settings()
                      repository_fields = str2bool(
                          rc_config.get('rhodecode_repository_fields'))
                      if repository_fields:
                          for f in self.extra_fields:
                              data[f.field_key_prefixed] = f.field_value
                      return data
                  @classmethod
                  def lock(cls, repo, user_id, lock_time=None, lock_reason=None):
                      if not lock_time:
                          lock_time = time.time()
                      if not lock_reason:
                          lock_reason = cls.LOCK_AUTOMATIC
                      repo.locked = [user_id, lock_time, lock_reason]
                      Session().add(repo)
                      Session().commit()
                  @classmethod
                  def unlock(cls, repo):
                      repo.locked = None
                      Session().add(repo)
                      Session().commit()
                  @classmethod
                  def getlock(cls, repo):
                      return repo.locked
                  def is_user_lock(self, user_id):
                      if self.lock[0]:
                          lock_user_id = safe_int(self.lock[0])
                          user_id = safe_int(user_id)
                          # both are ints, and they are equal
                          return all([lock_user_id, user_id]) and lock_user_id == user_id
                      return False
                  def get_locking_state(self, action, user_id, only_when_enabled=True):
                      """
                      Checks locking on this repository, if locking is enabled and lock is
                      present returns a tuple of make_lock, locked, locked_by.
                      make_lock can have 3 states None (do nothing) True, make lock
                      False release lock, This value is later propagated to hooks, which
                      do the locking. Think about this as signals passed to hooks what to do.
                      """
                      # TODO: johbo: This is part of the business logic and should be moved
                      # into the RepositoryModel.
                      if action not in ('push', 'pull'):
                          raise ValueError("Invalid action value: %s" % repr(action))
                      # defines if locked error should be thrown to user
                      currently_locked = False
                      # defines if new lock should be made, tri-state
                      make_lock = None
                      repo = self
                      user = User.get(user_id)
                      lock_info = repo.locked
                      if repo and (repo.enable_locking or not only_when_enabled):
                          if action == 'push':
                              # check if it's already locked !, if it is compare users
                              locked_by_user_id = lock_info[0]
                              if user.user_id == locked_by_user_id:
                                  log.debug(
                                      'Got `push` action from user %s, now unlocking', user)
                                  # unlock if we have push from user who locked
                                  make_lock = False
                              else:
                                  # we're not the same user who locked, ban with
                                  # code defined in settings (default is 423 HTTP Locked) !
                                  log.debug('Repo %s is currently locked by %s', repo, user)
                                  currently_locked = True
                          elif action == 'pull':
                              # [0] user [1] date
                              if lock_info[0] and lock_info[1]:
                                  log.debug('Repo %s is currently locked by %s', repo, user)
                                  currently_locked = True
                              else:
                                  log.debug('Setting lock on repo %s by %s', repo, user)
                                  make_lock = True
                      else:
                          log.debug('Repository %s do not have locking enabled', repo)
                      log.debug('FINAL locking values make_lock:%s,locked:%s,locked_by:%s',
                                make_lock, currently_locked, lock_info)
                      from rhodecode.lib.auth import HasRepoPermissionAny
                      perm_check = HasRepoPermissionAny('repository.write', 'repository.admin')
                      if make_lock and not perm_check(repo_name=repo.repo_name, user=user):
                          # if we don't have at least write permission we cannot make a lock
                          log.debug('lock state reset back to FALSE due to lack '
                                    'of at least read permission')
                          make_lock = False
                      return make_lock, currently_locked, lock_info
                  @property
                  def last_db_change(self):
                      return self.updated_on
                  @property
                  def clone_uri_hidden(self):
                      clone_uri = self.clone_uri
                      if clone_uri:
                          import urlobject
                          url_obj = urlobject.URLObject(cleaned_uri(clone_uri))
                          if url_obj.password:
                              clone_uri = url_obj.with_password('*****')
                      return clone_uri
                  def clone_url(self, **override):
                      from rhodecode.model.settings import SettingsModel
                      uri_tmpl = None
                      if 'with_id' in override:
                          uri_tmpl = self.DEFAULT_CLONE_URI_ID
                          del override['with_id']
                      if 'uri_tmpl' in override:
                          uri_tmpl = override['uri_tmpl']
                          del override['uri_tmpl']
                      # we didn't override our tmpl from **overrides
                      if not uri_tmpl:
                          rc_config = SettingsModel().get_all_settings(cache=True)
                          uri_tmpl = rc_config.get(
                              'rhodecode_clone_uri_tmpl') or self.DEFAULT_CLONE_URI
                      request = get_current_request()
                      return get_clone_url(request=request,
                                           uri_tmpl=uri_tmpl,
                                           repo_name=self.repo_name,
                                           repo_id=self.repo_id, **override)
                  def set_state(self, state):
                      self.repo_state = state
                      Session().add(self)
                  #==========================================================================
                  # SCM PROPERTIES
                  #==========================================================================
                  def get_commit(self, commit_id=None, commit_idx=None, pre_load=None):
                      return get_commit_safe(
                          self.scm_instance(), commit_id, commit_idx, pre_load=pre_load)
                  def get_changeset(self, rev=None, pre_load=None):
                      warnings.warn("Use get_commit", DeprecationWarning)
                      commit_id = None
                      commit_idx = None
                      if isinstance(rev, basestring):
                          commit_id = rev
                      else:
                          commit_idx = rev
                      return self.get_commit(commit_id=commit_id, commit_idx=commit_idx,
                                             pre_load=pre_load)
                  def get_landing_commit(self):
                      """
                      Returns landing commit, or if that doesn't exist returns the tip
                      """
                      _rev_type, _rev = self.landing_rev
                      commit = self.get_commit(_rev)
                      if isinstance(commit, EmptyCommit):
                          return self.get_commit()
                      return commit
                  def update_commit_cache(self, cs_cache=None, config=None):
                      """
                      Update cache of last changeset for repository, keys should be::
                          short_id
                          raw_id
                          revision
                          parents
                          message
                          date
                          author
                      :param cs_cache:
                      """
                      from rhodecode.lib.vcs.backends.base import BaseChangeset
                      if cs_cache is None:
                          # use no-cache version here
                          scm_repo = self.scm_instance(cache=False, config=config)
                          if scm_repo:
                              cs_cache = scm_repo.get_commit(
                                  pre_load=["author", "date", "message", "parents"])
                          else:
                              cs_cache = EmptyCommit()
                      if isinstance(cs_cache, BaseChangeset):
                          cs_cache = cs_cache.__json__()
                      def is_outdated(new_cs_cache):
                          if (new_cs_cache['raw_id'] != self.changeset_cache['raw_id'] or
                              new_cs_cache['revision'] != self.changeset_cache['revision']):
                              return True
                          return False
                      # check if we have maybe already latest cached revision
                      if is_outdated(cs_cache) or not self.changeset_cache:
                          _default = datetime.datetime.fromtimestamp(0)
                          last_change = cs_cache.get('date') or _default
                          log.debug('updated repo %s with new cs cache %s',
                                    self.repo_name, cs_cache)
                          self.updated_on = last_change
                          self.changeset_cache = cs_cache
                          Session().add(self)
                          Session().commit()
                      else:
                          log.debug('Skipping update_commit_cache for repo:`%s` '
                                    'commit already with latest changes', self.repo_name)
                  @property
                  def tip(self):
                      return self.get_commit('tip')
                  @property
                  def author(self):
                      return self.tip.author
                  @property
                  def last_change(self):
                      return self.scm_instance().last_change
                  def get_comments(self, revisions=None):
                      """
                      Returns comments for this repository grouped by revisions
                      :param revisions: filter query by revisions only
                      """
                      cmts = ChangesetComment.query()\
                          .filter(ChangesetComment.repo == self)
                      if revisions:
                          cmts = cmts.filter(ChangesetComment.revision.in_(revisions))
                      grouped = collections.defaultdict(list)
                      for cmt in cmts.all():
                          grouped[cmt.revision].append(cmt)
                      return grouped
                  def statuses(self, revisions=None):
                      """
                      Returns statuses for this repository
                      :param revisions: list of revisions to get statuses for
                      """
                      statuses = ChangesetStatus.query()\
                          .filter(ChangesetStatus.repo == self)\
                          .filter(ChangesetStatus.version == 0)
                      if revisions:
                          # Try doing the filtering in chunks to avoid hitting limits
                          size = 500
                          status_results = []
                          for chunk in xrange(0, len(revisions), size):
                              status_results += statuses.filter(
                                  ChangesetStatus.revision.in_(
                                      revisions[chunk: chunk+size])
                              ).all()
                      else:
                          status_results = statuses.all()
                      grouped = {}
                      # maybe we have open new pullrequest without a status?
                      stat = ChangesetStatus.STATUS_UNDER_REVIEW
                      status_lbl = ChangesetStatus.get_status_lbl(stat)
                      for pr in PullRequest.query().filter(PullRequest.source_repo == self).all():
                          for rev in pr.revisions:
                              pr_id = pr.pull_request_id
                              pr_repo = pr.target_repo.repo_name
                              grouped[rev] = [stat, status_lbl, pr_id, pr_repo]
                      for stat in status_results:
                          pr_id = pr_repo = None
                          if stat.pull_request:
                              pr_id = stat.pull_request.pull_request_id
                              pr_repo = stat.pull_request.target_repo.repo_name
                          grouped[stat.revision] = [str(stat.status), stat.status_lbl,
                                                    pr_id, pr_repo]
                      return grouped
                  # ==========================================================================
                  # SCM CACHE INSTANCE
                  # ==========================================================================
                  def scm_instance(self, **kwargs):
                      import rhodecode
                      # Passing a config will not hit the cache currently only used
                      # for repo2dbmapper
                      config = kwargs.pop('config', None)
                      cache = kwargs.pop('cache', None)
                      full_cache = str2bool(rhodecode.CONFIG.get('vcs_full_cache'))
                      # if cache is NOT defined use default global, else we have a full
                      # control over cache behaviour
                      if cache is None and full_cache and not config:
                          return self._get_instance_cached()
                      return self._get_instance(cache=bool(cache), config=config)
                  def _get_instance_cached(self):
                      @cache_region('long_term')
                      def _get_repo(cache_key):
                          return self._get_instance()
                      invalidator_context = CacheKey.repo_context_cache(
                          _get_repo, self.repo_name, None, thread_scoped=True)
                      with invalidator_context as context:
                          context.invalidate()
                          repo = context.compute()
                      return repo
                  def _get_instance(self, cache=True, config=None):
                      config = config or self._config
                      custom_wire = {
                          'cache': cache  # controls the vcs.remote cache
                      }
                      repo = get_vcs_instance(
                          repo_path=safe_str(self.repo_full_path),
                          config=config,
                          with_wire=custom_wire,
                          create=False,
                          _vcs_alias=self.repo_type)
                      return repo
                  def __json__(self):
                      return {'landing_rev': self.landing_rev}
                  def get_dict(self):
                      # Since we transformed `repo_name` to a hybrid property, we need to
                      # keep compatibility with the code which uses `repo_name` field.
                      result = super(Repository, self).get_dict()
                      result['repo_name'] = result.pop('_repo_name', None)
                      return result
              class RepoGroup(Base, BaseModel):
                  __tablename__ = 'groups'
                  __table_args__ = (
                      UniqueConstraint('group_name', 'group_parent_id'),
                      CheckConstraint('group_id != group_parent_id'),
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                  )
                  __mapper_args__ = {'order_by': 'group_name'}
                  CHOICES_SEPARATOR = '/'  # used to generate select2 choices for nested groups
                  group_id = Column("group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                  group_name = Column("group_name", String(255), nullable=False, unique=True, default=None)
                  group_parent_id = Column("group_parent_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)
                  group_description = Column("group_description", String(10000), nullable=True, unique=None, default=None)
                  enable_locking = Column("enable_locking", Boolean(), nullable=False, unique=None, default=False)
                  user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
                  created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                  updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
                  personal = Column('personal', Boolean(), nullable=True, unique=None, default=None)
                  repo_group_to_perm = relationship('UserRepoGroupToPerm', cascade='all', order_by='UserRepoGroupToPerm.group_to_perm_id')
                  users_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')
                  parent_group = relationship('RepoGroup', remote_side=group_id)
                  user = relationship('User')
                  integrations = relationship('Integration',
                                              cascade="all, delete, delete-orphan")
                  def __init__(self, group_name='', parent_group=None):
                      self.group_name = group_name
                      self.parent_group = parent_group
                  def __unicode__(self):
                      return u"<%s('id:%s:%s')>" % (
                          self.__class__.__name__, self.group_id, self.group_name)
                  @hybrid_property
                  def description_safe(self):
                      from rhodecode.lib import helpers as h
                      return h.escape(self.group_description)
                  @classmethod
                  def _generate_choice(cls, repo_group):
                      from webhelpers.html import literal as _literal
                      _name = lambda k: _literal(cls.CHOICES_SEPARATOR.join(k))
                      return repo_group.group_id, _name(repo_group.full_path_splitted)
                  @classmethod
                  def groups_choices(cls, groups=None, show_empty_group=True):
                      if not groups:
                          groups = cls.query().all()
                      repo_groups = []
                      if show_empty_group:
                          repo_groups = [(-1, u'-- %s --' % _('No parent'))]
                      repo_groups.extend([cls._generate_choice(x) for x in groups])
                      repo_groups = sorted(
                          repo_groups, key=lambda t: t[1].split(cls.CHOICES_SEPARATOR)[0])
                      return repo_groups
                  @classmethod
                  def url_sep(cls):
                      return URL_SEP
                  @classmethod
                  def get_by_group_name(cls, group_name, cache=False, case_insensitive=False):
                      if case_insensitive:
                          gr = cls.query().filter(func.lower(cls.group_name)
                                                  == func.lower(group_name))
                      else:
                          gr = cls.query().filter(cls.group_name == group_name)
                      if cache:
                          name_key = _hash_key(group_name)
                          gr = gr.options(
                              FromCache("sql_cache_short", "get_group_%s" % name_key))
                      return gr.scalar()
                  @classmethod
                  def get_user_personal_repo_group(cls, user_id):
                      user = User.get(user_id)
                      if user.username == User.DEFAULT_USER:
                          return None
                      return cls.query()\
                          .filter(cls.personal == true()) \
                          .filter(cls.user == user).scalar()
                  @classmethod
                  def get_all_repo_groups(cls, user_id=Optional(None), group_id=Optional(None),
                                          case_insensitive=True):
                      q = RepoGroup.query()
                      if not isinstance(user_id, Optional):
                          q = q.filter(RepoGroup.user_id == user_id)
                      if not isinstance(group_id, Optional):
                          q = q.filter(RepoGroup.group_parent_id == group_id)
                      if case_insensitive:
                          q = q.order_by(func.lower(RepoGroup.group_name))
                      else:
                          q = q.order_by(RepoGroup.group_name)
                      return q.all()
                  @property
                  def parents(self):
                      parents_recursion_limit = 10
                      groups = []
                      if self.parent_group is None:
                          return groups
                      cur_gr = self.parent_group
                      groups.insert(0, cur_gr)
                      cnt = 0
                      while 1:
                          cnt += 1
                          gr = getattr(cur_gr, 'parent_group', None)
                          cur_gr = cur_gr.parent_group
                          if gr is None:
                              break
                          if cnt == parents_recursion_limit:
                              # this will prevent accidental infinit loops
                              log.error(('more than %s parents found for group %s, stopping '
                                         'recursive parent fetching' % (parents_recursion_limit, self)))
                              break
                          groups.insert(0, gr)
                      return groups
                  @property
                  def last_db_change(self):
                      return self.updated_on
                  @property
                  def children(self):
                      return RepoGroup.query().filter(RepoGroup.parent_group == self)
                  @property
                  def name(self):
                      return self.group_name.split(RepoGroup.url_sep())[-1]
                  @property
                  def full_path(self):
                      return self.group_name
                  @property
                  def full_path_splitted(self):
                      return self.group_name.split(RepoGroup.url_sep())
                  @property
                  def repositories(self):
                      return Repository.query()\
                              .filter(Repository.group == self)\
                              .order_by(Repository.repo_name)
                  @property
                  def repositories_recursive_count(self):
                      cnt = self.repositories.count()
                      def children_count(group):
                          cnt = 0
                          for child in group.children:
                              cnt += child.repositories.count()
                              cnt += children_count(child)
                          return cnt
                      return cnt + children_count(self)
                  def _recursive_objects(self, include_repos=True):
                      all_ = []
                      def _get_members(root_gr):
                          if include_repos:
                              for r in root_gr.repositories:
                                  all_.append(r)
                          childs = root_gr.children.all()
                          if childs:
                              for gr in childs:
                                  all_.append(gr)
                                  _get_members(gr)
                      _get_members(self)
                      return [self] + all_
                  def recursive_groups_and_repos(self):
                      """
                      Recursive return all groups, with repositories in those groups
                      """
                      return self._recursive_objects()
                  def recursive_groups(self):
                      """
                      Returns all children groups for this group including children of children
                      """
                      return self._recursive_objects(include_repos=False)
                  def get_new_name(self, group_name):
                      """
                      returns new full group name based on parent and new name
                      :param group_name:
                      """
                      path_prefix = (self.parent_group.full_path_splitted if
                                     self.parent_group else [])
                      return RepoGroup.url_sep().join(path_prefix + [group_name])
                  def permissions(self, with_admins=True, with_owner=True):
                      q = UserRepoGroupToPerm.query().filter(UserRepoGroupToPerm.group == self)
                      q = q.options(joinedload(UserRepoGroupToPerm.group),
                                    joinedload(UserRepoGroupToPerm.user),
                                    joinedload(UserRepoGroupToPerm.permission),)
                      # get owners and admins and permissions. We do a trick of re-writing
                      # objects from sqlalchemy to named-tuples due to sqlalchemy session
                      # has a global reference and changing one object propagates to all
                      # others. This means if admin is also an owner admin_row that change
                      # would propagate to both objects
                      perm_rows = []
                      for _usr in q.all():
                          usr = AttributeDict(_usr.user.get_dict())
                          usr.permission = _usr.permission.permission_name
                          perm_rows.append(usr)
                      # filter the perm rows by 'default' first and then sort them by
                      # admin,write,read,none permissions sorted again alphabetically in
                      # each group
                      perm_rows = sorted(perm_rows, key=display_user_sort)
                      _admin_perm = 'group.admin'
                      owner_row = []
                      if with_owner:
                          usr = AttributeDict(self.user.get_dict())
                          usr.owner_row = True
                          usr.permission = _admin_perm
                          owner_row.append(usr)
                      super_admin_rows = []
                      if with_admins:
                          for usr in User.get_all_super_admins():
                              # if this admin is also owner, don't double the record
                              if usr.user_id == owner_row[0].user_id:
                                  owner_row[0].admin_row = True
                              else:
                                  usr = AttributeDict(usr.get_dict())
                                  usr.admin_row = True
                                  usr.permission = _admin_perm
                                  super_admin_rows.append(usr)
                      return super_admin_rows + owner_row + perm_rows
                  def permission_user_groups(self):
                      q = UserGroupRepoGroupToPerm.query().filter(UserGroupRepoGroupToPerm.group == self)
                      q = q.options(joinedload(UserGroupRepoGroupToPerm.group),
                                    joinedload(UserGroupRepoGroupToPerm.users_group),
                                    joinedload(UserGroupRepoGroupToPerm.permission),)
                      perm_rows = []
                      for _user_group in q.all():
                          usr = AttributeDict(_user_group.users_group.get_dict())
                          usr.permission = _user_group.permission.permission_name
                          perm_rows.append(usr)
                      perm_rows = sorted(perm_rows, key=display_user_group_sort)
                      return perm_rows
                  def get_api_data(self):
                      """
                      Common function for generating api data
                      """
                      group = self
                      data = {
                          'group_id': group.group_id,
                          'group_name': group.group_name,
                          'group_description': group.description_safe,
                          'parent_group': group.parent_group.group_name if group.parent_group else None,
                          'repositories': [x.repo_name for x in group.repositories],
                          'owner': group.user.username,
                      }
                      return data
              class Permission(Base, BaseModel):
                  __tablename__ = 'permissions'
                  __table_args__ = (
                      Index('p_perm_name_idx', 'permission_name'),
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                  )
                  PERMS = [
                      ('hg.admin', _('RhodeCode Super Administrator')),
                      ('repository.none', _('Repository no access')),
                      ('repository.read', _('Repository read access')),
                      ('repository.write', _('Repository write access')),
                      ('repository.admin', _('Repository admin access')),
                      ('group.none', _('Repository group no access')),
                      ('group.read', _('Repository group read access')),
                      ('group.write', _('Repository group write access')),
                      ('group.admin', _('Repository group admin access')),
                      ('usergroup.none', _('User group no access')),
                      ('usergroup.read', _('User group read access')),
                      ('usergroup.write', _('User group write access')),
                      ('usergroup.admin', _('User group admin access')),
                      ('hg.repogroup.create.false', _('Repository Group creation disabled')),
                      ('hg.repogroup.create.true', _('Repository Group creation enabled')),
                      ('hg.usergroup.create.false', _('User Group creation disabled')),
                      ('hg.usergroup.create.true', _('User Group creation enabled')),
                      ('hg.create.none', _('Repository creation disabled')),
                      ('hg.create.repository', _('Repository creation enabled')),
                      ('hg.create.write_on_repogroup.true', _('Repository creation enabled with write permission to a repository group')),
                      ('hg.create.write_on_repogroup.false', _('Repository creation disabled with write permission to a repository group')),
                      ('hg.fork.none', _('Repository forking disabled')),
                      ('hg.fork.repository', _('Repository forking enabled')),
                      ('hg.register.none', _('Registration disabled')),
                      ('hg.register.manual_activate', _('User Registration with manual account activation')),
                      ('hg.register.auto_activate', _('User Registration with automatic account activation')),
                      ('hg.password_reset.enabled', _('Password reset enabled')),
                      ('hg.password_reset.hidden', _('Password reset hidden')),
                      ('hg.password_reset.disabled', _('Password reset disabled')),
                      ('hg.extern_activate.manual', _('Manual activation of external account')),
                      ('hg.extern_activate.auto', _('Automatic activation of external account')),
                      ('hg.inherit_default_perms.false', _('Inherit object permissions from default user disabled')),
                      ('hg.inherit_default_perms.true', _('Inherit object permissions from default user enabled')),
                  ]
                  # definition of system default permissions for DEFAULT user
                  DEFAULT_USER_PERMISSIONS = [
                      'repository.read',
                      'group.read',
                      'usergroup.read',
                      'hg.create.repository',
                      'hg.repogroup.create.false',
                      'hg.usergroup.create.false',
                      'hg.create.write_on_repogroup.true',
                      'hg.fork.repository',
                      'hg.register.manual_activate',
                      'hg.password_reset.enabled',
                      'hg.extern_activate.auto',
                      'hg.inherit_default_perms.true',
                  ]
                  # defines which permissions are more important higher the more important
                  # Weight defines which permissions are more important.
                  # The higher number the more important.
                  PERM_WEIGHTS = {
                      'repository.none': 0,
                      'repository.read': 1,
                      'repository.write': 3,
                      'repository.admin': 4,
                      'group.none': 0,
                      'group.read': 1,
                      'group.write': 3,
                      'group.admin': 4,
                      'usergroup.none': 0,
                      'usergroup.read': 1,
                      'usergroup.write': 3,
                      'usergroup.admin': 4,
                      'hg.repogroup.create.false': 0,
                      'hg.repogroup.create.true': 1,
                      'hg.usergroup.create.false': 0,
                      'hg.usergroup.create.true': 1,
                      'hg.fork.none': 0,
                      'hg.fork.repository': 1,
                      'hg.create.none': 0,
                      'hg.create.repository': 1
                  }
                  permission_id = Column("permission_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                  permission_name = Column("permission_name", String(255), nullable=True, unique=None, default=None)
                  permission_longname = Column("permission_longname", String(255), nullable=True, unique=None, default=None)
                  def __unicode__(self):
                      return u"<%s('%s:%s')>" % (
                          self.__class__.__name__, self.permission_id, self.permission_name
                      )
                  @classmethod
                  def get_by_key(cls, key):
                      return cls.query().filter(cls.permission_name == key).scalar()
                  @classmethod
                  def get_default_repo_perms(cls, user_id, repo_id=None):
                      q = Session().query(UserRepoToPerm, Repository, Permission)\
                          .join((Permission, UserRepoToPerm.permission_id == Permission.permission_id))\
                          .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\
                          .filter(UserRepoToPerm.user_id == user_id)
                      if repo_id:
                          q = q.filter(UserRepoToPerm.repository_id == repo_id)
                      return q.all()
                  @classmethod
                  def get_default_repo_perms_from_user_group(cls, user_id, repo_id=None):
                      q = Session().query(UserGroupRepoToPerm, Repository, Permission)\
                          .join(
                              Permission,
                              UserGroupRepoToPerm.permission_id == Permission.permission_id)\
                          .join(
                              Repository,
                              UserGroupRepoToPerm.repository_id == Repository.repo_id)\
                          .join(
                              UserGroup,
                              UserGroupRepoToPerm.users_group_id ==
                              UserGroup.users_group_id)\
                          .join(
                              UserGroupMember,
                              UserGroupRepoToPerm.users_group_id ==
                              UserGroupMember.users_group_id)\
                          .filter(
                              UserGroupMember.user_id == user_id,
                              UserGroup.users_group_active == true())
                      if repo_id:
                          q = q.filter(UserGroupRepoToPerm.repository_id == repo_id)
                      return q.all()
                  @classmethod
                  def get_default_group_perms(cls, user_id, repo_group_id=None):
                      q = Session().query(UserRepoGroupToPerm, RepoGroup, Permission)\
                          .join((Permission, UserRepoGroupToPerm.permission_id == Permission.permission_id))\
                          .join((RepoGroup, UserRepoGroupToPerm.group_id == RepoGroup.group_id))\
                          .filter(UserRepoGroupToPerm.user_id == user_id)
                      if repo_group_id:
                          q = q.filter(UserRepoGroupToPerm.group_id == repo_group_id)
                      return q.all()
                  @classmethod
                  def get_default_group_perms_from_user_group(
                          cls, user_id, repo_group_id=None):
                      q = Session().query(UserGroupRepoGroupToPerm, RepoGroup, Permission)\
                          .join(
                              Permission,
                              UserGroupRepoGroupToPerm.permission_id ==
                              Permission.permission_id)\
                          .join(
                              RepoGroup,
                              UserGroupRepoGroupToPerm.group_id == RepoGroup.group_id)\
                          .join(
                              UserGroup,
                              UserGroupRepoGroupToPerm.users_group_id ==
                              UserGroup.users_group_id)\
                          .join(
                              UserGroupMember,
                              UserGroupRepoGroupToPerm.users_group_id ==
                              UserGroupMember.users_group_id)\
                          .filter(
                              UserGroupMember.user_id == user_id,
                              UserGroup.users_group_active == true())
                      if repo_group_id:
                          q = q.filter(UserGroupRepoGroupToPerm.group_id == repo_group_id)
                      return q.all()
                  @classmethod
                  def get_default_user_group_perms(cls, user_id, user_group_id=None):
                      q = Session().query(UserUserGroupToPerm, UserGroup, Permission)\
                          .join((Permission, UserUserGroupToPerm.permission_id == Permission.permission_id))\
                          .join((UserGroup, UserUserGroupToPerm.user_group_id == UserGroup.users_group_id))\
                          .filter(UserUserGroupToPerm.user_id == user_id)
                      if user_group_id:
                          q = q.filter(UserUserGroupToPerm.user_group_id == user_group_id)
                      return q.all()
                  @classmethod
                  def get_default_user_group_perms_from_user_group(
                          cls, user_id, user_group_id=None):
                      TargetUserGroup = aliased(UserGroup, name='target_user_group')
                      q = Session().query(UserGroupUserGroupToPerm, UserGroup, Permission)\
                          .join(
                              Permission,
                              UserGroupUserGroupToPerm.permission_id ==
                              Permission.permission_id)\
                          .join(
                              TargetUserGroup,
                              UserGroupUserGroupToPerm.target_user_group_id ==
                              TargetUserGroup.users_group_id)\
                          .join(
                              UserGroup,
                              UserGroupUserGroupToPerm.user_group_id ==
                              UserGroup.users_group_id)\
                          .join(
                              UserGroupMember,
                              UserGroupUserGroupToPerm.user_group_id ==
                              UserGroupMember.users_group_id)\
                          .filter(
                              UserGroupMember.user_id == user_id,
                              UserGroup.users_group_active == true())
                      if user_group_id:
                          q = q.filter(
                              UserGroupUserGroupToPerm.user_group_id == user_group_id)
                      return q.all()
              class UserRepoToPerm(Base, BaseModel):
                  __tablename__ = 'repo_to_perm'
                  __table_args__ = (
                      UniqueConstraint('user_id', 'repository_id', 'permission_id'),
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                  )
                  repo_to_perm_id = Column("repo_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                  user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                  permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                  repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
                  user = relationship('User')
                  repository = relationship('Repository')
                  permission = relationship('Permission')
                  @classmethod
                  def create(cls, user, repository, permission):
                      n = cls()
                      n.user = user
                      n.repository = repository
                      n.permission = permission
                      Session().add(n)
                      return n
                  def __unicode__(self):
                      return u'<%s => %s >' % (self.user, self.repository)
              class UserUserGroupToPerm(Base, BaseModel):
                  __tablename__ = 'user_user_group_to_perm'
                  __table_args__ = (
                      UniqueConstraint('user_id', 'user_group_id', 'permission_id'),
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                  )
                  user_user_group_to_perm_id = Column("user_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                  user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                  permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                  user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                  user = relationship('User')
                  user_group = relationship('UserGroup')
                  permission = relationship('Permission')
                  @classmethod
                  def create(cls, user, user_group, permission):
                      n = cls()
                      n.user = user
                      n.user_group = user_group
                      n.permission = permission
                      Session().add(n)
                      return n
                  def __unicode__(self):
                      return u'<%s => %s >' % (self.user, self.user_group)
              class UserToPerm(Base, BaseModel):
                  __tablename__ = 'user_to_perm'
                  __table_args__ = (
                      UniqueConstraint('user_id', 'permission_id'),
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                  )
                  user_to_perm_id = Column("user_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                  user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                  permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                  user = relationship('User')
                  permission = relationship('Permission', lazy='joined')
                  def __unicode__(self):
                      return u'<%s => %s >' % (self.user, self.permission)
              class UserGroupRepoToPerm(Base, BaseModel):
                  __tablename__ = 'users_group_repo_to_perm'
                  __table_args__ = (
                      UniqueConstraint('repository_id', 'users_group_id', 'permission_id'),
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                  )
                  users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                  users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                  permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                  repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
                  users_group = relationship('UserGroup')
                  permission = relationship('Permission')
                  repository = relationship('Repository')
                  @classmethod
                  def create(cls, users_group, repository, permission):
                      n = cls()
                      n.users_group = users_group
                      n.repository = repository
                      n.permission = permission
                      Session().add(n)
                      return n
                  def __unicode__(self):
                      return u'<UserGroupRepoToPerm:%s => %s >' % (self.users_group, self.repository)
              class UserGroupUserGroupToPerm(Base, BaseModel):
                  __tablename__ = 'user_group_user_group_to_perm'
                  __table_args__ = (
                      UniqueConstraint('target_user_group_id', 'user_group_id', 'permission_id'),
                      CheckConstraint('target_user_group_id != user_group_id'),
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                  )
                  user_group_user_group_to_perm_id = Column("user_group_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                  target_user_group_id = Column("target_user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                  permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                  user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                  target_user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id')
                  user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.user_group_id==UserGroup.users_group_id')
                  permission = relationship('Permission')
                  @classmethod
                  def create(cls, target_user_group, user_group, permission):
                      n = cls()
                      n.target_user_group = target_user_group
                      n.user_group = user_group
                      n.permission = permission
                      Session().add(n)
                      return n
                  def __unicode__(self):
                      return u'<UserGroupUserGroup:%s => %s >' % (self.target_user_group, self.user_group)
              class UserGroupToPerm(Base, BaseModel):
                  __tablename__ = 'users_group_to_perm'
                  __table_args__ = (
                      UniqueConstraint('users_group_id', 'permission_id',),
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                  )
                  users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                  users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                  permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                  users_group = relationship('UserGroup')
                  permission = relationship('Permission')
              class UserRepoGroupToPerm(Base, BaseModel):
                  __tablename__ = 'user_repo_group_to_perm'
                  __table_args__ = (
                      UniqueConstraint('user_id', 'group_id', 'permission_id'),
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                  )
                  group_to_perm_id = Column("group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                  user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                  group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
                  permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                  user = relationship('User')
                  group = relationship('RepoGroup')
                  permission = relationship('Permission')
                  @classmethod
                  def create(cls, user, repository_group, permission):
                      n = cls()
                      n.user = user
                      n.group = repository_group
                      n.permission = permission
                      Session().add(n)
                      return n
              class UserGroupRepoGroupToPerm(Base, BaseModel):
                  __tablename__ = 'users_group_repo_group_to_perm'
                  __table_args__ = (
                      UniqueConstraint('users_group_id', 'group_id'),
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                  )
                  users_group_repo_group_to_perm_id = Column("users_group_repo_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                  users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                  group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
                  permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                  users_group = relationship('UserGroup')
                  permission = relationship('Permission')
                  group = relationship('RepoGroup')
                  @classmethod
                  def create(cls, user_group, repository_group, permission):
                      n = cls()
                      n.users_group = user_group
                      n.group = repository_group
                      n.permission = permission
                      Session().add(n)
                      return n
                  def __unicode__(self):
                      return u'<UserGroupRepoGroupToPerm:%s => %s >' % (self.users_group, self.group)
              class Statistics(Base, BaseModel):
                  __tablename__ = 'statistics'
                  __table_args__ = (
                       {'extend_existing': True, 'mysql_engine': 'InnoDB',
                        'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                  )
                  stat_id = Column("stat_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                  repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=True, default=None)
                  stat_on_revision = Column("stat_on_revision", Integer(), nullable=False)
                  commit_activity = Column("commit_activity", LargeBinary(1000000), nullable=False)#JSON data
                  commit_activity_combined = Column("commit_activity_combined", LargeBinary(), nullable=False)#JSON data
                  languages = Column("languages", LargeBinary(1000000), nullable=False)#JSON data
                  repository = relationship('Repository', single_parent=True)
              class UserFollowing(Base, BaseModel):
                  __tablename__ = 'user_followings'
                  __table_args__ = (
                      UniqueConstraint('user_id', 'follows_repository_id'),
                      UniqueConstraint('user_id', 'follows_user_id'),
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                  )
                  user_following_id = Column("user_following_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                  user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                  follows_repo_id = Column("follows_repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)
                  follows_user_id = Column("follows_user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
                  follows_from = Column('follows_from', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
                  user = relationship('User', primaryjoin='User.user_id==UserFollowing.user_id')
                  follows_user = relationship('User', primaryjoin='User.user_id==UserFollowing.follows_user_id')
                  follows_repository = relationship('Repository', order_by='Repository.repo_name')
                  @classmethod
                  def get_repo_followers(cls, repo_id):
                      return cls.query().filter(cls.follows_repo_id == repo_id)
              class CacheKey(Base, BaseModel):
                  __tablename__ = 'cache_invalidation'
                  __table_args__ = (
                      UniqueConstraint('cache_key'),
                      Index('key_idx', 'cache_key'),
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                  )
                  CACHE_TYPE_ATOM = 'ATOM'
                  CACHE_TYPE_RSS = 'RSS'
                  CACHE_TYPE_README = 'README'
                  cache_id = Column("cache_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                  cache_key = Column("cache_key", String(255), nullable=True, unique=None, default=None)
                  cache_args = Column("cache_args", String(255), nullable=True, unique=None, default=None)
                  cache_active = Column("cache_active", Boolean(), nullable=True, unique=None, default=False)
                  def __init__(self, cache_key, cache_args=''):
                      self.cache_key = cache_key
                      self.cache_args = cache_args
                      self.cache_active = False
                  def __unicode__(self):
                      return u"<%s('%s:%s[%s]')>" % (
                          self.__class__.__name__,
                          self.cache_id, self.cache_key, self.cache_active)
                  def _cache_key_partition(self):
                      prefix, repo_name, suffix = self.cache_key.partition(self.cache_args)
                      return prefix, repo_name, suffix
                  def get_prefix(self):
                      """
                      Try to extract prefix from existing cache key. The key could consist
                      of prefix, repo_name, suffix
                      """
                      # this returns prefix, repo_name, suffix
                      return self._cache_key_partition()[0]
                  def get_suffix(self):
                      """
                      get suffix that might have been used in _get_cache_key to
                      generate self.cache_key. Only used for informational purposes
                      in repo_edit.mako.
                      """
                      # prefix, repo_name, suffix
                      return self._cache_key_partition()[2]
                  @classmethod
                  def delete_all_cache(cls):
                      """
                      Delete all cache keys from database.
                      Should only be run when all instances are down and all entries
                      thus stale.
                      """
                      cls.query().delete()
                      Session().commit()
                  @classmethod
                  def get_cache_key(cls, repo_name, cache_type):
                      """
                      Generate a cache key for this process of RhodeCode instance.
                      Prefix most likely will be process id or maybe explicitly set
                      instance_id from .ini file.
                      """
                      import rhodecode
                      prefix = safe_unicode(rhodecode.CONFIG.get('instance_id') or '')
                      repo_as_unicode = safe_unicode(repo_name)
                      key = u'{}_{}'.format(repo_as_unicode, cache_type) \
                          if cache_type else repo_as_unicode
                      return u'{}{}'.format(prefix, key)
                  @classmethod
                  def set_invalidate(cls, repo_name, delete=False):
                      """
                      Mark all caches of a repo as invalid in the database.
                      """
                      try:
                          qry = Session().query(cls).filter(cls.cache_args == repo_name)
                          if delete:
                              log.debug('cache objects deleted for repo %s',
                                        safe_str(repo_name))
                              qry.delete()
                          else:
                              log.debug('cache objects marked as invalid for repo %s',
                                        safe_str(repo_name))
                              qry.update({"cache_active": False})
                          Session().commit()
                      except Exception:
                          log.exception(
                              'Cache key invalidation failed for repository %s',
                              safe_str(repo_name))
                          Session().rollback()
                  @classmethod
                  def get_active_cache(cls, cache_key):
                      inv_obj = cls.query().filter(cls.cache_key == cache_key).scalar()
                      if inv_obj:
                          return inv_obj
                      return None
                  @classmethod
                  def repo_context_cache(cls, compute_func, repo_name, cache_type,
                                         thread_scoped=False):
                      """
                      @cache_region('long_term')
                      def _heavy_calculation(cache_key):
                          return 'result'
                      cache_context = CacheKey.repo_context_cache(
                          _heavy_calculation, repo_name, cache_type)
                      with cache_context as context:
                          context.invalidate()
                          computed = context.compute()
                      assert computed == 'result'
                      """
                      from rhodecode.lib import caches
                      return caches.InvalidationContext(
                          compute_func, repo_name, cache_type, thread_scoped=thread_scoped)
              class ChangesetComment(Base, BaseModel):
                  __tablename__ = 'changeset_comments'
                  __table_args__ = (
                      Index('cc_revision_idx', 'revision'),
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                  )
                  COMMENT_OUTDATED = u'comment_outdated'
                  COMMENT_TYPE_NOTE = u'note'
                  COMMENT_TYPE_TODO = u'todo'
                  COMMENT_TYPES = [COMMENT_TYPE_NOTE, COMMENT_TYPE_TODO]
                  comment_id = Column('comment_id', Integer(), nullable=False, primary_key=True)
                  repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
                  revision = Column('revision', String(40), nullable=True)
                  pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
                  pull_request_version_id = Column("pull_request_version_id", Integer(), ForeignKey('pull_request_versions.pull_request_version_id'), nullable=True)
                  line_no = Column('line_no', Unicode(10), nullable=True)
                  hl_lines = Column('hl_lines', Unicode(512), nullable=True)
                  f_path = Column('f_path', Unicode(1000), nullable=True)
                  user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
                  text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False)
                  created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                  modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                  renderer = Column('renderer', Unicode(64), nullable=True)
                  display_state = Column('display_state',  Unicode(128), nullable=True)
                  comment_type = Column('comment_type',  Unicode(128), nullable=True, default=COMMENT_TYPE_NOTE)
                  resolved_comment_id = Column('resolved_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'), nullable=True)
                  resolved_comment = relationship('ChangesetComment', remote_side=comment_id, backref='resolved_by')
                  author = relationship('User', lazy='joined')
                  repo = relationship('Repository')
                  status_change = relationship('ChangesetStatus', cascade="all, delete, delete-orphan", lazy='joined')
                  pull_request = relationship('PullRequest', lazy='joined')
                  pull_request_version = relationship('PullRequestVersion')
                  @classmethod
                  def get_users(cls, revision=None, pull_request_id=None):
                      """
                      Returns user associated with this ChangesetComment. ie those
                      who actually commented
                      :param cls:
                      :param revision:
                      """
                      q = Session().query(User)\
                              .join(ChangesetComment.author)
                      if revision:
                          q = q.filter(cls.revision == revision)
                      elif pull_request_id:
                          q = q.filter(cls.pull_request_id == pull_request_id)
                      return q.all()
                  @classmethod
                  def get_index_from_version(cls, pr_version, versions):
                      num_versions = [x.pull_request_version_id for x in versions]
                      try:
                          return num_versions.index(pr_version) +1
                      except (IndexError, ValueError):
                          return
                  @property
                  def outdated(self):
                      return self.display_state == self.COMMENT_OUTDATED
                  def outdated_at_version(self, version):
                      """
                      Checks if comment is outdated for given pull request version
                      """
                      return self.outdated and self.pull_request_version_id != version
                  def older_than_version(self, version):
                      """
                      Checks if comment is made from previous version than given
                      """
                      if version is None:
                          return self.pull_request_version_id is not None
                      return self.pull_request_version_id < version
                  @property
                  def resolved(self):
                      return self.resolved_by[0] if self.resolved_by else None
                  @property
                  def is_todo(self):
                      return self.comment_type == self.COMMENT_TYPE_TODO
                  @property
                  def is_inline(self):
                      return self.line_no and self.f_path
                  def get_index_version(self, versions):
                      return self.get_index_from_version(
                          self.pull_request_version_id, versions)
                  def __repr__(self):
                      if self.comment_id:
                          return '<DB:Comment #%s>' % self.comment_id
                      else:
                          return '<DB:Comment at %#x>' % id(self)
                  def get_api_data(self):
                      comment = self
                      data = {
                          'comment_id': comment.comment_id,
                          'comment_type': comment.comment_type,
                          'comment_text': comment.text,
                          'comment_status': comment.status_change,
                          'comment_f_path': comment.f_path,
                          'comment_lineno': comment.line_no,
                          'comment_author': comment.author,
                          'comment_created_on': comment.created_on
                      }
                      return data
                  def __json__(self):
                      data = dict()
                      data.update(self.get_api_data())
                      return data
              class ChangesetStatus(Base, BaseModel):
                  __tablename__ = 'changeset_statuses'
                  __table_args__ = (
                      Index('cs_revision_idx', 'revision'),
                      Index('cs_version_idx', 'version'),
                      UniqueConstraint('repo_id', 'revision', 'version'),
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                  )
                  STATUS_NOT_REVIEWED = DEFAULT = 'not_reviewed'
                  STATUS_APPROVED = 'approved'
                  STATUS_REJECTED = 'rejected'
                  STATUS_UNDER_REVIEW = 'under_review'
                  STATUSES = [
                      (STATUS_NOT_REVIEWED, _("Not Reviewed")),  # (no icon) and default
                      (STATUS_APPROVED, _("Approved")),
                      (STATUS_REJECTED, _("Rejected")),
                      (STATUS_UNDER_REVIEW, _("Under Review")),
                  ]
                  changeset_status_id = Column('changeset_status_id', Integer(), nullable=False, primary_key=True)
                  repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
                  user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None)
                  revision = Column('revision', String(40), nullable=False)
                  status = Column('status', String(128), nullable=False, default=DEFAULT)
                  changeset_comment_id = Column('changeset_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'))
                  modified_at = Column('modified_at', DateTime(), nullable=False, default=datetime.datetime.now)
                  version = Column('version', Integer(), nullable=False, default=0)
                  pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
                  author = relationship('User', lazy='joined')
                  repo = relationship('Repository')
                  comment = relationship('ChangesetComment', lazy='joined')
                  pull_request = relationship('PullRequest', lazy='joined')
                  def __unicode__(self):
                      return u"<%s('%s[v%s]:%s')>" % (
                          self.__class__.__name__,
                          self.status, self.version, self.author
                      )
                  @classmethod
                  def get_status_lbl(cls, value):
                      return dict(cls.STATUSES).get(value)
                  @property
                  def status_lbl(self):
                      return ChangesetStatus.get_status_lbl(self.status)
                  def get_api_data(self):
                      status = self
                      data = {
                          'status_id': status.changeset_status_id,
                          'status': status.status,
                      }
                      return data
                  def __json__(self):
                      data = dict()
                      data.update(self.get_api_data())
                      return data
              class _PullRequestBase(BaseModel):
                  """
                  Common attributes of pull request and version entries.
                  """
                  # .status values
                  STATUS_NEW = u'new'
                  STATUS_OPEN = u'open'
                  STATUS_CLOSED = u'closed'
                  title = Column('title', Unicode(255), nullable=True)
                  description = Column(
                      'description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'),
                      nullable=True)
                  # new/open/closed status of pull request (not approve/reject/etc)
                  status = Column('status', Unicode(255), nullable=False, default=STATUS_NEW)
                  created_on = Column(
                      'created_on', DateTime(timezone=False), nullable=False,
                      default=datetime.datetime.now)
                  updated_on = Column(
                      'updated_on', DateTime(timezone=False), nullable=False,
                      default=datetime.datetime.now)
                  @declared_attr
                  def user_id(cls):
                      return Column(
                          "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
                          unique=None)
                  # 500 revisions max
                  _revisions = Column(
                      'revisions', UnicodeText().with_variant(UnicodeText(20500), 'mysql'))
                  @declared_attr
                  def source_repo_id(cls):
                      # TODO: dan: rename column to source_repo_id
                      return Column(
                          'org_repo_id', Integer(), ForeignKey('repositories.repo_id'),
                          nullable=False)
                  source_ref = Column('org_ref', Unicode(255), nullable=False)
                  @declared_attr
                  def target_repo_id(cls):
                      # TODO: dan: rename column to target_repo_id
                      return Column(
                          'other_repo_id', Integer(), ForeignKey('repositories.repo_id'),
                          nullable=False)
                  target_ref = Column('other_ref', Unicode(255), nullable=False)
                  _shadow_merge_ref = Column('shadow_merge_ref', Unicode(255), nullable=True)
                  # TODO: dan: rename column to last_merge_source_rev
                  _last_merge_source_rev = Column(
                      'last_merge_org_rev', String(40), nullable=True)
                  # TODO: dan: rename column to last_merge_target_rev
                  _last_merge_target_rev = Column(
                      'last_merge_other_rev', String(40), nullable=True)
                  _last_merge_status = Column('merge_status', Integer(), nullable=True)
                  merge_rev = Column('merge_rev', String(40), nullable=True)
                  reviewer_data = Column(
                      'reviewer_data_json', MutationObj.as_mutable(
                          JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
                  @property
                  def reviewer_data_json(self):
                      return json.dumps(self.reviewer_data)
                  @hybrid_property
                  def description_safe(self):
                      from rhodecode.lib import helpers as h
                      return h.escape(self.description)
                  @hybrid_property
                  def revisions(self):
                      return self._revisions.split(':') if self._revisions else []
                  @revisions.setter
                  def revisions(self, val):
                      self._revisions = ':'.join(val)
                  @hybrid_property
                  def last_merge_status(self):
                      return safe_int(self._last_merge_status)
                  @last_merge_status.setter
                  def last_merge_status(self, val):
                      self._last_merge_status = val
                  @declared_attr
                  def author(cls):
                      return relationship('User', lazy='joined')
                  @declared_attr
                  def source_repo(cls):
                      return relationship(
                          'Repository',
                          primaryjoin='%s.source_repo_id==Repository.repo_id' % cls.__name__)
                  @property
                  def source_ref_parts(self):
                      return self.unicode_to_reference(self.source_ref)
                  @declared_attr
                  def target_repo(cls):
                      return relationship(
                          'Repository',
                          primaryjoin='%s.target_repo_id==Repository.repo_id' % cls.__name__)
                  @property
                  def target_ref_parts(self):
                      return self.unicode_to_reference(self.target_ref)
                  @property
                  def shadow_merge_ref(self):
                      return self.unicode_to_reference(self._shadow_merge_ref)
                  @shadow_merge_ref.setter
                  def shadow_merge_ref(self, ref):
                      self._shadow_merge_ref = self.reference_to_unicode(ref)
                  def unicode_to_reference(self, raw):
                      """
                      Convert a unicode (or string) to a reference object.
                      If unicode evaluates to False it returns None.
                      """
                      if raw:
                          refs = raw.split(':')
                          return Reference(*refs)
                      else:
                          return None
                  def reference_to_unicode(self, ref):
                      """
                      Convert a reference object to unicode.
                      If reference is None it returns None.
                      """
                      if ref:
                          return u':'.join(ref)
                      else:
                          return None
                  def get_api_data(self, with_merge_state=True):
                      from rhodecode.model.pull_request import PullRequestModel
                      pull_request = self
                      if with_merge_state:
                          merge_status = PullRequestModel().merge_status(pull_request)
                          merge_state = {
                              'status': merge_status[0],
                              'message': safe_unicode(merge_status[1]),
                          }
                      else:
                          merge_state = {'status': 'not_available',
                                         'message': 'not_available'}
                      merge_data = {
                          'clone_url': PullRequestModel().get_shadow_clone_url(pull_request),
                          'reference': (
                              pull_request.shadow_merge_ref._asdict()
                              if pull_request.shadow_merge_ref else None),
                      }
                      data = {
                          'pull_request_id': pull_request.pull_request_id,
                          'url': PullRequestModel().get_url(pull_request),
                          'title': pull_request.title,
                          'description': pull_request.description,
                          'status': pull_request.status,
                          'created_on': pull_request.created_on,
                          'updated_on': pull_request.updated_on,
                          'commit_ids': pull_request.revisions,
                          'review_status': pull_request.calculated_review_status(),
                          'mergeable': merge_state,
                          'source': {
                              'clone_url': pull_request.source_repo.clone_url(),
                              'repository': pull_request.source_repo.repo_name,
                              'reference': {
                                  'name': pull_request.source_ref_parts.name,
                                  'type': pull_request.source_ref_parts.type,
                                  'commit_id': pull_request.source_ref_parts.commit_id,
                              },
                          },
                          'target': {
                              'clone_url': pull_request.target_repo.clone_url(),
                              'repository': pull_request.target_repo.repo_name,
                              'reference': {
                                  'name': pull_request.target_ref_parts.name,
                                  'type': pull_request.target_ref_parts.type,
                                  'commit_id': pull_request.target_ref_parts.commit_id,
                              },
                          },
                          'merge': merge_data,
                          'author': pull_request.author.get_api_data(include_secrets=False,
                                                                     details='basic'),
                          'reviewers': [
                              {
                                  'user': reviewer.get_api_data(include_secrets=False,
                                                                details='basic'),
                                  'reasons': reasons,
                                  'review_status': st[0][1].status if st else 'not_reviewed',
                              }
                              for reviewer, reasons, mandatory, st in
                              pull_request.reviewers_statuses()
                          ]
                      }
                      return data
              class PullRequest(Base, _PullRequestBase):
                  __tablename__ = 'pull_requests'
                  __table_args__ = (
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                  )
                  pull_request_id = Column(
                      'pull_request_id', Integer(), nullable=False, primary_key=True)
                  def __repr__(self):
                      if self.pull_request_id:
                          return '<DB:PullRequest #%s>' % self.pull_request_id
                      else:
                          return '<DB:PullRequest at %#x>' % id(self)
                  reviewers = relationship('PullRequestReviewers',
                                           cascade="all, delete, delete-orphan")
                  statuses = relationship('ChangesetStatus',
                                          cascade="all, delete, delete-orphan")
                  comments = relationship('ChangesetComment',
                                          cascade="all, delete, delete-orphan")
                  versions = relationship('PullRequestVersion',
                                          cascade="all, delete, delete-orphan",
                                          lazy='dynamic')
                  @classmethod
                  def get_pr_display_object(cls, pull_request_obj, org_pull_request_obj,
                                            internal_methods=None):
                      class PullRequestDisplay(object):
                          """
                          Special object wrapper for showing PullRequest data via Versions
                          It mimics PR object as close as possible. This is read only object
                          just for display
                          """
                          def __init__(self, attrs, internal=None):
                              self.attrs = attrs
                              # internal have priority over the given ones via attrs
                              self.internal = internal or ['versions']
                          def __getattr__(self, item):
                              if item in self.internal:
                                  return getattr(self, item)
                              try:
                                  return self.attrs[item]
                              except KeyError:
                                  raise AttributeError(
                                      '%s object has no attribute %s' % (self, item))
                          def __repr__(self):
                              return '<DB:PullRequestDisplay #%s>' % self.attrs.get('pull_request_id')
                          def versions(self):
                              return pull_request_obj.versions.order_by(
                                  PullRequestVersion.pull_request_version_id).all()
                          def is_closed(self):
                              return pull_request_obj.is_closed()
                          @property
                          def pull_request_version_id(self):
                              return getattr(pull_request_obj, 'pull_request_version_id', None)
                      attrs = StrictAttributeDict(pull_request_obj.get_api_data())
                      attrs.author = StrictAttributeDict(
                          pull_request_obj.author.get_api_data())
                      if pull_request_obj.target_repo:
                          attrs.target_repo = StrictAttributeDict(
                              pull_request_obj.target_repo.get_api_data())
                          attrs.target_repo.clone_url = pull_request_obj.target_repo.clone_url
                      if pull_request_obj.source_repo:
                          attrs.source_repo = StrictAttributeDict(
                              pull_request_obj.source_repo.get_api_data())
                          attrs.source_repo.clone_url = pull_request_obj.source_repo.clone_url
                      attrs.source_ref_parts = pull_request_obj.source_ref_parts
                      attrs.target_ref_parts = pull_request_obj.target_ref_parts
                      attrs.revisions = pull_request_obj.revisions
                      attrs.shadow_merge_ref = org_pull_request_obj.shadow_merge_ref
                      attrs.reviewer_data = org_pull_request_obj.reviewer_data
                      attrs.reviewer_data_json = org_pull_request_obj.reviewer_data_json
                      return PullRequestDisplay(attrs, internal=internal_methods)
                  def is_closed(self):
                      return self.status == self.STATUS_CLOSED
                  def __json__(self):
                      return {
                          'revisions': self.revisions,
                      }
                  def calculated_review_status(self):
                      from rhodecode.model.changeset_status import ChangesetStatusModel
                      return ChangesetStatusModel().calculated_review_status(self)
                  def reviewers_statuses(self):
                      from rhodecode.model.changeset_status import ChangesetStatusModel
                      return ChangesetStatusModel().reviewers_statuses(self)
                  @property
                  def workspace_id(self):
                      from rhodecode.model.pull_request import PullRequestModel
                      return PullRequestModel()._workspace_id(self)
                  def get_shadow_repo(self):
                      workspace_id = self.workspace_id
                      vcs_obj = self.target_repo.scm_instance()
                      shadow_repository_path = vcs_obj._get_shadow_repository_path(
                          workspace_id)
                      return vcs_obj._get_shadow_instance(shadow_repository_path)
              class PullRequestVersion(Base, _PullRequestBase):
                  __tablename__ = 'pull_request_versions'
                  __table_args__ = (
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                  )
                  pull_request_version_id = Column(
                      'pull_request_version_id', Integer(), nullable=False, primary_key=True)
                  pull_request_id = Column(
                      'pull_request_id', Integer(),
                      ForeignKey('pull_requests.pull_request_id'), nullable=False)
                  pull_request = relationship('PullRequest')
                  def __repr__(self):
                      if self.pull_request_version_id:
                          return '<DB:PullRequestVersion #%s>' % self.pull_request_version_id
                      else:
                          return '<DB:PullRequestVersion at %#x>' % id(self)
                  @property
                  def reviewers(self):
                      return self.pull_request.reviewers
                  @property
                  def versions(self):
                      return self.pull_request.versions
                  def is_closed(self):
                      # calculate from original
                      return self.pull_request.status == self.STATUS_CLOSED
                  def calculated_review_status(self):
                      return self.pull_request.calculated_review_status()
                  def reviewers_statuses(self):
                      return self.pull_request.reviewers_statuses()
              class PullRequestReviewers(Base, BaseModel):
                  __tablename__ = 'pull_request_reviewers'
                  __table_args__ = (
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                  )
                  @hybrid_property
                  def reasons(self):
                      if not self._reasons:
                          return []
                      return self._reasons
                  @reasons.setter
                  def reasons(self, val):
                      val = val or []
                      if any(not isinstance(x, basestring) for x in val):
                          raise Exception('invalid reasons type, must be list of strings')
                      self._reasons = val
                  pull_requests_reviewers_id = Column(
                      'pull_requests_reviewers_id', Integer(), nullable=False,
                      primary_key=True)
                  pull_request_id = Column(
                      "pull_request_id", Integer(),
                      ForeignKey('pull_requests.pull_request_id'), nullable=False)
                  user_id = Column(
                      "user_id", Integer(), ForeignKey('users.user_id'), nullable=True)
                  _reasons = Column(
                      'reason', MutationList.as_mutable(
                          JsonType('list', dialect_map=dict(mysql=UnicodeText(16384)))))
                  mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
                  user = relationship('User')
                  pull_request = relationship('PullRequest')
              class Notification(Base, BaseModel):
                  __tablename__ = 'notifications'
                  __table_args__ = (
                      Index('notification_type_idx', 'type'),
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                  )
                  TYPE_CHANGESET_COMMENT = u'cs_comment'
                  TYPE_MESSAGE = u'message'
                  TYPE_MENTION = u'mention'
                  TYPE_REGISTRATION = u'registration'
                  TYPE_PULL_REQUEST = u'pull_request'
                  TYPE_PULL_REQUEST_COMMENT = u'pull_request_comment'
                  notification_id = Column('notification_id', Integer(), nullable=False, primary_key=True)
                  subject = Column('subject', Unicode(512), nullable=True)
                  body = Column('body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True)
                  created_by = Column("created_by", Integer(), ForeignKey('users.user_id'), nullable=True)
                  created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                  type_ = Column('type', Unicode(255))
                  created_by_user = relationship('User')
                  notifications_to_users = relationship('UserNotification', lazy='joined',
                                                        cascade="all, delete, delete-orphan")
                  @property
                  def recipients(self):
                      return [x.user for x in UserNotification.query()\
                              .filter(UserNotification.notification == self)\
                              .order_by(UserNotification.user_id.asc()).all()]
                  @classmethod
                  def create(cls, created_by, subject, body, recipients, type_=None):
                      if type_ is None:
                          type_ = Notification.TYPE_MESSAGE
                      notification = cls()
                      notification.created_by_user = created_by
                      notification.subject = subject
                      notification.body = body
                      notification.type_ = type_
                      notification.created_on = datetime.datetime.now()
                      for u in recipients:
                          assoc = UserNotification()
                          assoc.notification = notification
                          # if created_by is inside recipients mark his notification
                          # as read
                          if u.user_id == created_by.user_id:
                              assoc.read = True
                          u.notifications.append(assoc)
                      Session().add(notification)
                      return notification
              class UserNotification(Base, BaseModel):
                  __tablename__ = 'user_to_notification'
                  __table_args__ = (
                      UniqueConstraint('user_id', 'notification_id'),
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                  )
                  user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
                  notification_id = Column("notification_id", Integer(), ForeignKey('notifications.notification_id'), primary_key=True)
                  read = Column('read', Boolean, default=False)
                  sent_on = Column('sent_on', DateTime(timezone=False), nullable=True, unique=None)
                  user = relationship('User', lazy="joined")
                  notification = relationship('Notification', lazy="joined",
                                              order_by=lambda: Notification.created_on.desc(),)
                  def mark_as_read(self):
                      self.read = True
                      Session().add(self)
              class Gist(Base, BaseModel):
                  __tablename__ = 'gists'
                  __table_args__ = (
                      Index('g_gist_access_id_idx', 'gist_access_id'),
                      Index('g_created_on_idx', 'created_on'),
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                  )
                  GIST_PUBLIC = u'public'
                  GIST_PRIVATE = u'private'
                  DEFAULT_FILENAME = u'gistfile1.txt'
                  ACL_LEVEL_PUBLIC = u'acl_public'
                  ACL_LEVEL_PRIVATE = u'acl_private'
                  gist_id = Column('gist_id', Integer(), primary_key=True)
                  gist_access_id = Column('gist_access_id', Unicode(250))
                  gist_description = Column('gist_description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
                  gist_owner = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True)
                  gist_expires = Column('gist_expires', Float(53), nullable=False)
                  gist_type = Column('gist_type', Unicode(128), nullable=False)
                  created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                  modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                  acl_level = Column('acl_level', Unicode(128), nullable=True)
                  owner = relationship('User')
                  def __repr__(self):
                      return '<Gist:[%s]%s>' % (self.gist_type, self.gist_access_id)
                  @hybrid_property
                  def description_safe(self):
                      from rhodecode.lib import helpers as h
                      return h.escape(self.gist_description)
                  @classmethod
                  def get_or_404(cls, id_):
                      from pyramid.httpexceptions import HTTPNotFound
                      res = cls.query().filter(cls.gist_access_id == id_).scalar()
                      if not res:
                          raise HTTPNotFound()
                      return res
                  @classmethod
                  def get_by_access_id(cls, gist_access_id):
                      return cls.query().filter(cls.gist_access_id == gist_access_id).scalar()
                  def gist_url(self):
                      from rhodecode.model.gist import GistModel
                      return GistModel().get_url(self)
                  @classmethod
                  def base_path(cls):
                      """
                      Returns base path when all gists are stored
                      :param cls:
                      """
                      from rhodecode.model.gist import GIST_STORE_LOC
                      q = Session().query(RhodeCodeUi)\
                          .filter(RhodeCodeUi.ui_key == URL_SEP)
                      q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
                      return os.path.join(q.one().ui_value, GIST_STORE_LOC)
                  def get_api_data(self):
                      """
                      Common function for generating gist related data for API
                      """
                      gist = self
                      data = {
                          'gist_id': gist.gist_id,
                          'type': gist.gist_type,
                          'access_id': gist.gist_access_id,
                          'description': gist.gist_description,
                          'url': gist.gist_url(),
                          'expires': gist.gist_expires,
                          'created_on': gist.created_on,
                          'modified_at': gist.modified_at,
                          'content': None,
                          'acl_level': gist.acl_level,
                      }
                      return data
                  def __json__(self):
                      data = dict(
                      )
                      data.update(self.get_api_data())
                      return data
                  # SCM functions
                  def scm_instance(self, **kwargs):
                      full_repo_path = os.path.join(self.base_path(), self.gist_access_id)
                      return get_vcs_instance(
                          repo_path=safe_str(full_repo_path), create=False)
              class ExternalIdentity(Base, BaseModel):
                  __tablename__ = 'external_identities'
                  __table_args__ = (
                      Index('local_user_id_idx', 'local_user_id'),
                      Index('external_id_idx', 'external_id'),
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8'})
                  external_id = Column('external_id', Unicode(255), default=u'',
                                       primary_key=True)
                  external_username = Column('external_username', Unicode(1024), default=u'')
                  local_user_id = Column('local_user_id', Integer(),
                                         ForeignKey('users.user_id'), primary_key=True)
                  provider_name = Column('provider_name', Unicode(255), default=u'',
                                         primary_key=True)
                  access_token = Column('access_token', String(1024), default=u'')
                  alt_token = Column('alt_token', String(1024), default=u'')
                  token_secret = Column('token_secret', String(1024), default=u'')
                  @classmethod
                  def by_external_id_and_provider(cls, external_id, provider_name,
                                                  local_user_id=None):
                      """
                      Returns ExternalIdentity instance based on search params
                      :param external_id:
                      :param provider_name:
                      :return: ExternalIdentity
                      """
                      query = cls.query()
                      query = query.filter(cls.external_id == external_id)
                      query = query.filter(cls.provider_name == provider_name)
                      if local_user_id:
                          query = query.filter(cls.local_user_id == local_user_id)
                      return query.first()
                  @classmethod
                  def user_by_external_id_and_provider(cls, external_id, provider_name):
                      """
                      Returns User instance based on search params
                      :param external_id:
                      :param provider_name:
                      :return: User
                      """
                      query = User.query()
                      query = query.filter(cls.external_id == external_id)
                      query = query.filter(cls.provider_name == provider_name)
                      query = query.filter(User.user_id == cls.local_user_id)
                      return query.first()
                  @classmethod
                  def by_local_user_id(cls, local_user_id):
                      """
                      Returns all tokens for user
                      :param local_user_id:
                      :return: ExternalIdentity
                      """
                      query = cls.query()
                      query = query.filter(cls.local_user_id == local_user_id)
                      return query
              class Integration(Base, BaseModel):
                  __tablename__ = 'integrations'
                  __table_args__ = (
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                  )
                  integration_id = Column('integration_id', Integer(), primary_key=True)
                  integration_type = Column('integration_type', String(255))
                  enabled = Column('enabled', Boolean(), nullable=False)
                  name = Column('name', String(255), nullable=False)
                  child_repos_only = Column('child_repos_only', Boolean(), nullable=False,
                      default=False)
                  settings = Column(
                      'settings_json', MutationObj.as_mutable(
                          JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
                  repo_id = Column(
                      'repo_id', Integer(), ForeignKey('repositories.repo_id'),
                      nullable=True, unique=None, default=None)
                  repo = relationship('Repository', lazy='joined')
                  repo_group_id = Column(
                      'repo_group_id', Integer(), ForeignKey('groups.group_id'),
                      nullable=True, unique=None, default=None)
                  repo_group = relationship('RepoGroup', lazy='joined')
                  @property
                  def scope(self):
                      if self.repo:
                          return repr(self.repo)
                      if self.repo_group:
                          if self.child_repos_only:
                              return repr(self.repo_group) + ' (child repos only)'
                          else:
                              return repr(self.repo_group) + ' (recursive)'
                      if self.child_repos_only:
                          return 'root_repos'
                      return 'global'
                  def __repr__(self):
                      return '<Integration(%r, %r)>' % (self.integration_type, self.scope)
              class RepoReviewRuleUser(Base, BaseModel):
                  __tablename__ = 'repo_review_rules_users'
                  __table_args__ = (
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
                  )
                  repo_review_rule_user_id = Column('repo_review_rule_user_id', Integer(), primary_key=True)
                  repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
                  user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False)
                  mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
                  user = relationship('User')
                  def rule_data(self):
                      return {
                          'mandatory': self.mandatory
                      }
              class RepoReviewRuleUserGroup(Base, BaseModel):
                  __tablename__ = 'repo_review_rules_users_groups'
                  __table_args__ = (
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
                  )
                  repo_review_rule_users_group_id = Column('repo_review_rule_users_group_id', Integer(), primary_key=True)
                  repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
                  users_group_id = Column("users_group_id", Integer(),ForeignKey('users_groups.users_group_id'), nullable=False)
                  mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
                  users_group = relationship('UserGroup')
                  def rule_data(self):
                      return {
                          'mandatory': self.mandatory
                      }
              class RepoReviewRule(Base, BaseModel):
                  __tablename__ = 'repo_review_rules'
                  __table_args__ = (
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
                  )
                  repo_review_rule_id = Column(
                      'repo_review_rule_id', Integer(), primary_key=True)
                  repo_id = Column(
                      "repo_id", Integer(), ForeignKey('repositories.repo_id'))
                  repo = relationship('Repository', backref='review_rules')
                  _branch_pattern = Column("branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*')  # glob
                  _file_pattern = Column("file_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*')  # glob
                  use_authors_for_review = Column("use_authors_for_review", Boolean(), nullable=False, default=False)
                  forbid_author_to_review = Column("forbid_author_to_review", Boolean(), nullable=False, default=False)
                  forbid_commit_author_to_review = Column("forbid_commit_author_to_review", Boolean(), nullable=False, default=False)
                  forbid_adding_reviewers = Column("forbid_adding_reviewers", Boolean(), nullable=False, default=False)
                  rule_users = relationship('RepoReviewRuleUser')
                  rule_user_groups = relationship('RepoReviewRuleUserGroup')
                  @hybrid_property
                  def branch_pattern(self):
                      return self._branch_pattern or '*'
                  def _validate_glob(self, value):
                      re.compile('^' + glob2re(value) + '$')
                  @branch_pattern.setter
                  def branch_pattern(self, value):
                      self._validate_glob(value)
                      self._branch_pattern = value or '*'
                  @hybrid_property
                  def file_pattern(self):
                      return self._file_pattern or '*'
                  @file_pattern.setter
                  def file_pattern(self, value):
                      self._validate_glob(value)
                      self._file_pattern = value or '*'
                  def matches(self, branch, files_changed):
                      """
                      Check if this review rule matches a branch/files in a pull request
                      :param branch: branch name for the commit
                      :param files_changed: list of file paths changed in the pull request
                      """
                      branch = branch or ''
                      files_changed = files_changed or []
                      branch_matches = True
                      if branch:
                          branch_regex = re.compile('^' + glob2re(self.branch_pattern) + '$')
                          branch_matches = bool(branch_regex.search(branch))
                      files_matches = True
                      if self.file_pattern != '*':
                          files_matches = False
                          file_regex = re.compile(glob2re(self.file_pattern))
                          for filename in files_changed:
                              if file_regex.search(filename):
                                  files_matches = True
                                  break
                      return branch_matches and files_matches
                  @property
                  def review_users(self):
                      """ Returns the users which this rule applies to """
                      users = collections.OrderedDict()
                      for rule_user in self.rule_users:
                          if rule_user.user.active:
                              if rule_user.user not in users:
                                  users[rule_user.user.username] = {
                                      'user': rule_user.user,
                                      'source': 'user',
                                      'source_data': {},
                                      'data': rule_user.rule_data()
                                  }
                      for rule_user_group in self.rule_user_groups:
                          source_data = {
                              'name': rule_user_group.users_group.users_group_name,
                              'members': len(rule_user_group.users_group.members)
                          }
                          for member in rule_user_group.users_group.members:
                              if member.user.active:
                                  users[member.user.username] = {
                                      'user': member.user,
                                      'source': 'user_group',
                                      'source_data': source_data,
                                      'data': rule_user_group.rule_data()
                                  }
                      return users
                  def __repr__(self):
                      return '<RepoReviewerRule(id=%r, repo=%r)>' % (
                          self.repo_review_rule_id, self.repo)
              class ScheduleEntry(Base, BaseModel):
                  __tablename__ = 'schedule_entries'
                  __table_args__ = (
                      UniqueConstraint('schedule_name', name='s_schedule_name_idx'),
                      UniqueConstraint('task_uid', name='s_task_uid_idx'),
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                  )
                  schedule_types = ['crontab', 'timedelta', 'integer']
                  schedule_entry_id = Column('schedule_entry_id', Integer(), primary_key=True)
                  schedule_name = Column("schedule_name", String(255), nullable=False, unique=None, default=None)
                  schedule_description = Column("schedule_description", String(10000), nullable=True, unique=None, default=None)
                  schedule_enabled = Column("schedule_enabled", Boolean(), nullable=False, unique=None, default=True)
                  _schedule_type = Column("schedule_type", String(255), nullable=False, unique=None, default=None)
                  schedule_definition = Column('schedule_definition_json', MutationObj.as_mutable(JsonType(default=lambda: "", dialect_map=dict(mysql=LONGTEXT()))))
                  schedule_last_run = Column('schedule_last_run', DateTime(timezone=False), nullable=True, unique=None, default=None)
                  schedule_total_run_count = Column('schedule_total_run_count', Integer(), nullable=True, unique=None, default=0)
                  # task
                  task_uid = Column("task_uid", String(255), nullable=False, unique=None, default=None)
                  task_dot_notation = Column("task_dot_notation", String(4096), nullable=False, unique=None, default=None)
                  task_args = Column('task_args_json', MutationObj.as_mutable(JsonType(default=list, dialect_map=dict(mysql=LONGTEXT()))))
                  task_kwargs = Column('task_kwargs_json', MutationObj.as_mutable(JsonType(default=dict, dialect_map=dict(mysql=LONGTEXT()))))
                  created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                  updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=None)
                  @hybrid_property
                  def schedule_type(self):
                      return self._schedule_type
                  @schedule_type.setter
                  def schedule_type(self, val):
                      if val not in self.schedule_types:
                          raise ValueError('Value must be on of `{}` and got `{}`'.format(
                              val, self.schedule_type))
                      self._schedule_type = val
                  @classmethod
                  def get_uid(cls, obj):
                      args = obj.task_args
                      kwargs = obj.task_kwargs
                      if isinstance(args, JsonRaw):
                          try:
                              args = json.loads(args)
                          except ValueError:
                              args = tuple()
                      if isinstance(kwargs, JsonRaw):
                          try:
                              kwargs = json.loads(kwargs)
                          except ValueError:
                              kwargs = dict()
                      dot_notation = obj.task_dot_notation
                      val = '.'.join(map(safe_str, [
                          sorted(dot_notation), args, sorted(kwargs.items())]))
                      return hashlib.sha1(val).hexdigest()
                  @classmethod
                  def get_by_schedule_name(cls, schedule_name):
                      return cls.query().filter(cls.schedule_name == schedule_name).scalar()
                  @classmethod
                  def get_by_schedule_id(cls, schedule_id):
                      return cls.query().filter(cls.schedule_entry_id == schedule_id).scalar()
                  @property
                  def task(self):
                      return self.task_dot_notation
                  @property
                  def schedule(self):
                      from rhodecode.lib.celerylib.utils import raw_2_schedule
                      schedule = raw_2_schedule(self.schedule_definition, self.schedule_type)
                      return schedule
                  @property
                  def args(self):
                      try:
                          return list(self.task_args or [])
                      except ValueError:
                          return list()
                  @property
                  def kwargs(self):
                      try:
                          return dict(self.task_kwargs or {})
                      except ValueError:
                          return dict()
                  def _as_raw(self, val):
                      if hasattr(val, 'de_coerce'):
                          val = val.de_coerce()
                          if val:
                              val = json.dumps(val)
                      return val
                  @property
                  def schedule_definition_raw(self):
                      return self._as_raw(self.schedule_definition)
                  @property
                  def args_raw(self):
                      return self._as_raw(self.task_args)
                  @property
                  def kwargs_raw(self):
                      return self._as_raw(self.task_kwargs)
                  def __repr__(self):
                      return '<DB:ScheduleEntry({}:{})>'.format(
                          self.schedule_entry_id, self.schedule_name)
              @event.listens_for(ScheduleEntry, 'before_update')
              def update_task_uid(mapper, connection, target):
                  target.task_uid = ScheduleEntry.get_uid(target)
              @event.listens_for(ScheduleEntry, 'before_insert')
              def set_task_uid(mapper, connection, target):
                  target.task_uid = ScheduleEntry.get_uid(target)
              class DbMigrateVersion(Base, BaseModel):
                  __tablename__ = 'db_migrate_version'
                  __table_args__ = (
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                  )
                  repository_id = Column('repository_id', String(250), primary_key=True)
                  repository_path = Column('repository_path', Text)
                  version = Column('version', Integer)
              class DbSession(Base, BaseModel):
                  __tablename__ = 'db_session'
                  __table_args__ = (
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                  )
                  def __repr__(self):
                      return '<DB:DbSession({})>'.format(self.id)
                  id = Column('id', Integer())
                  namespace = Column('namespace', String(255), primary_key=True)
                  accessed = Column('accessed', DateTime, nullable=False)
                  created = Column('created', DateTime, nullable=False)
                  data = Column('data', PickleType, nullable=False)

rhodecode/model/user.py

0 0 -2

              # -*- coding: utf-8 -*-
              # Copyright (C) 2010-2017 RhodeCode GmbH
              #
              # This program is free software: you can redistribute it and/or modify
              # it under the terms of the GNU Affero General Public License, version 3
              # (only), as published by the Free Software Foundation.
              #
              # This program is distributed in the hope that it will be useful,
              # but WITHOUT ANY WARRANTY; without even the implied warranty of
              # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
              # GNU General Public License for more details.
              #
              # You should have received a copy of the GNU Affero General Public License
              # along with this program.  If not, see <http://www.gnu.org/licenses/>.
              #
              # This program is dual-licensed. If you wish to learn more about the
              # RhodeCode Enterprise Edition, including its added features, Support services,
              # and proprietary license terms, please see https://rhodecode.com/licenses/
              """
              users model for RhodeCode
              """
              import logging
              import traceback
              import datetime
              import ipaddress
              from pyramid.threadlocal import get_current_request
              from sqlalchemy.exc import DatabaseError
              from rhodecode import events
              from rhodecode.lib.user_log_filter import user_log_filter
              from rhodecode.lib.utils2 import (
                  safe_unicode, get_current_rhodecode_user, action_logger_generic,
                  AttributeDict, str2bool)
              from rhodecode.lib.exceptions import (
                  DefaultUserException, UserOwnsReposException, UserOwnsRepoGroupsException,
                  UserOwnsUserGroupsException, NotAllowedToCreateUserError)
              from rhodecode.lib.caching_query import FromCache
              from rhodecode.model import BaseModel
              from rhodecode.model.auth_token import AuthTokenModel
              from rhodecode.model.db import (
                  _hash_key, true, false, or_, joinedload, User, UserToPerm,
                  UserEmailMap, UserIpMap, UserLog)
              from rhodecode.model.meta import Session
              from rhodecode.model.repo_group import RepoGroupModel
              log = logging.getLogger(__name__)
              class UserModel(BaseModel):
                  cls = User
                  def get(self, user_id, cache=False):
                      user = self.sa.query(User)
                      if cache:
                          user = user.options(
                              FromCache("sql_cache_short", "get_user_%s" % user_id))
                      return user.get(user_id)
                  def get_user(self, user):
                      return self._get_user(user)
                  def _serialize_user(self, user):
                      import rhodecode.lib.helpers as h
                      return {
                          'id': user.user_id,
                          'first_name': user.first_name,
                          'last_name': user.last_name,
                          'username': user.username,
                          'email': user.email,
                          'icon_link': h.gravatar_url(user.email, 30),
                          'value_display': h.escape(h.person(user)),
                          'value': user.username,
                          'value_type': 'user',
                          'active': user.active,
                      }
                  def get_users(self, name_contains=None, limit=20, only_active=True):
                      query = self.sa.query(User)
                      if only_active:
                          query = query.filter(User.active == true())
                      if name_contains:
                          ilike_expression = u'%{}%'.format(safe_unicode(name_contains))
                          query = query.filter(
                              or_(
                                  User.name.ilike(ilike_expression),
                                  User.lastname.ilike(ilike_expression),
                                  User.username.ilike(ilike_expression)
                              )
                          )
                          query = query.limit(limit)
                      users = query.all()
                      _users = [
                          self._serialize_user(user) for user in users
                      ]
                      return _users
                  def get_by_username(self, username, cache=False, case_insensitive=False):
                      if case_insensitive:
                          user = self.sa.query(User).filter(User.username.ilike(username))
                      else:
                          user = self.sa.query(User)\
                              .filter(User.username == username)
                      if cache:
                          name_key = _hash_key(username)
                          user = user.options(
                              FromCache("sql_cache_short", "get_user_%s" % name_key))
                      return user.scalar()
                  def get_by_email(self, email, cache=False, case_insensitive=False):
                      return User.get_by_email(email, case_insensitive, cache)
                  def get_by_auth_token(self, auth_token, cache=False):
                      return User.get_by_auth_token(auth_token, cache)
                  def get_active_user_count(self, cache=False):
                      return User.query().filter(
                          User.active == True).filter(
                              User.username != User.DEFAULT_USER).count()
                  def create(self, form_data, cur_user=None):
                      if not cur_user:
                          cur_user = getattr(get_current_rhodecode_user(), 'username', None)
                      user_data = {
                          'username': form_data['username'],
                          'password': form_data['password'],
                          'email': form_data['email'],
                          'firstname': form_data['firstname'],
                          'lastname': form_data['lastname'],
                          'active': form_data['active'],
                          'extern_type': form_data['extern_type'],
                          'extern_name': form_data['extern_name'],
                          'admin': False,
                          'cur_user': cur_user
                      }
                      if 'create_repo_group' in form_data:
                          user_data['create_repo_group'] = str2bool(
                              form_data.get('create_repo_group'))
                      try:
                          if form_data.get('password_change'):
                              user_data['force_password_change'] = True
                          return UserModel().create_or_update(**user_data)
                      except Exception:
                          log.error(traceback.format_exc())
                          raise
                  def update_user(self, user, skip_attrs=None, **kwargs):
                      from rhodecode.lib.auth import get_crypt_password
                      user = self._get_user(user)
                      if user.username == User.DEFAULT_USER:
                          raise DefaultUserException(
                              "You can't edit this user (`%(username)s`) since it's "
                              "crucial for entire application" % {
                              'username': user.username})
                      # first store only defaults
                      user_attrs = {
                          'updating_user_id': user.user_id,
                          'username': user.username,
                          'password': user.password,
                          'email': user.email,
                          'firstname': user.name,
                          'lastname': user.lastname,
                          'active': user.active,
                          'admin': user.admin,
                          'extern_name': user.extern_name,
                          'extern_type': user.extern_type,
                          'language': user.user_data.get('language')
                      }
                      # in case there's new_password, that comes from form, use it to
                      # store password
                      if kwargs.get('new_password'):
                          kwargs['password'] = kwargs['new_password']
                      # cleanups, my_account password change form
                      kwargs.pop('current_password', None)
                      kwargs.pop('new_password', None)
                      # cleanups, user edit password change form
                      kwargs.pop('password_confirmation', None)
                      kwargs.pop('password_change', None)
                      # create repo group on user creation
                      kwargs.pop('create_repo_group', None)
                      # legacy forms send name, which is the firstname
                      firstname = kwargs.pop('name', None)
                      if firstname:
                          kwargs['firstname'] = firstname
                      for k, v in kwargs.items():
                          # skip if we don't want to update this
                          if skip_attrs and k in skip_attrs:
                              continue
                          user_attrs[k] = v
                      try:
                          return self.create_or_update(**user_attrs)
                      except Exception:
                          log.error(traceback.format_exc())
                          raise
                  def create_or_update(
                          self, username, password, email, firstname='', lastname='',
                          active=True, admin=False, extern_type=None, extern_name=None,
                          cur_user=None, plugin=None, force_password_change=False,
                          allow_to_create_user=True, create_repo_group=None,
                          updating_user_id=None, language=None, strict_creation_check=True):
                      """
                      Creates a new instance if not found, or updates current one
                      :param username:
                      :param password:
                      :param email:
                      :param firstname:
                      :param lastname:
                      :param active:
                      :param admin:
                      :param extern_type:
                      :param extern_name:
                      :param cur_user:
                      :param plugin: optional plugin this method was called from
                      :param force_password_change: toggles new or existing user flag
                          for password change
                      :param allow_to_create_user: Defines if the method can actually create
                          new users
                      :param create_repo_group: Defines if the method should also
                          create an repo group with user name, and owner
                      :param updating_user_id: if we set it up this is the user we want to
                          update this allows to editing username.
                      :param language: language of user from interface.
                      :returns: new User object with injected `is_new_user` attribute.
                      """
                      if not cur_user:
                          cur_user = getattr(get_current_rhodecode_user(), 'username', None)
                      from rhodecode.lib.auth import (
                          get_crypt_password, check_password, generate_auth_token)
                      from rhodecode.lib.hooks_base import (
                          log_create_user, check_allowed_create_user)
                      def _password_change(new_user, password):
                          old_password = new_user.password or ''
                          # empty password
                          if not old_password:
                              return False
                          # password check is only needed for RhodeCode internal auth calls
                          # in case it's a plugin we don't care
                          if not plugin:
                              # first check if we gave crypted password back, and if it
                              # matches it's not password change
                              if new_user.password == password:
                                  return False
                              password_match = check_password(password, old_password)
                              if not password_match:
                                  return True
                          return False
                      # read settings on default personal repo group creation
                      if create_repo_group is None:
                          default_create_repo_group = RepoGroupModel()\
                              .get_default_create_personal_repo_group()
                          create_repo_group = default_create_repo_group
                      user_data = {
                          'username': username,
                          'password': password,
                          'email': email,
                          'firstname': firstname,
                          'lastname': lastname,
                          'active': active,
                          'admin': admin
                      }
                      if updating_user_id:
                          log.debug('Checking for existing account in RhodeCode '
                                    'database with user_id `%s` ' % (updating_user_id,))
                          user = User.get(updating_user_id)
                      else:
                          log.debug('Checking for existing account in RhodeCode '
                                    'database with username `%s` ' % (username,))
                          user = User.get_by_username(username, case_insensitive=True)
                      if user is None:
                          # we check internal flag if this method is actually allowed to
                          # create new user
                          if not allow_to_create_user:
                              msg = ('Method wants to create new user, but it is not '
                                     'allowed to do so')
                              log.warning(msg)
                              raise NotAllowedToCreateUserError(msg)
                          log.debug('Creating new user %s', username)
                          # only if we create user that is active
                          new_active_user = active
                          if new_active_user and strict_creation_check:
                              # raises UserCreationError if it's not allowed for any reason to
                              # create new active user, this also executes pre-create hooks
                              check_allowed_create_user(user_data, cur_user, strict_check=True)
                          events.trigger(events.UserPreCreate(user_data))
                          new_user = User()
                          edit = False
                      else:
                          log.debug('updating user %s', username)
                          events.trigger(events.UserPreUpdate(user, user_data))
                          new_user = user
                          edit = True
                          # we're not allowed to edit default user
                          if user.username == User.DEFAULT_USER:
                              raise DefaultUserException(
                                  "You can't edit this user (`%(username)s`) since it's "
                                  "crucial for entire application"
                                  % {'username': user.username})
                      # inject special attribute that will tell us if User is new or old
                      new_user.is_new_user = not edit
                      # for users that didn's specify auth type, we use RhodeCode built in
                      from rhodecode.authentication.plugins import auth_rhodecode
                      extern_name = extern_name or auth_rhodecode.RhodeCodeAuthPlugin.name
                      extern_type = extern_type or auth_rhodecode.RhodeCodeAuthPlugin.name
                      try:
                          new_user.username = username
                          new_user.admin = admin
                          new_user.email = email
                          new_user.active = active
                          new_user.extern_name = safe_unicode(extern_name)
                          new_user.extern_type = safe_unicode(extern_type)
                          new_user.name = firstname
                          new_user.lastname = lastname
                          # set password only if creating an user or password is changed
                          if not edit or _password_change(new_user, password):
                              reason = 'new password' if edit else 'new user'
                              log.debug('Updating password reason=>%s', reason)
                              new_user.password = get_crypt_password(password) if password else None
                          if force_password_change:
                              new_user.update_userdata(force_password_change=True)
                          if language:
                              new_user.update_userdata(language=language)
                          new_user.update_userdata(notification_status=True)
                          self.sa.add(new_user)
                          if not edit and create_repo_group:
                              RepoGroupModel().create_personal_repo_group(
                                  new_user, commit_early=False)
                          if not edit:
                              # add the RSS token
                              AuthTokenModel().create(username,
                                                      description=u'Generated feed token',
                                                      role=AuthTokenModel.cls.ROLE_FEED)
                              kwargs = new_user.get_dict()
                              # backward compat, require api_keys present
                              kwargs['api_keys'] = kwargs['auth_tokens']
                              log_create_user(created_by=cur_user, **kwargs)
                              events.trigger(events.UserPostCreate(user_data))
                          return new_user
                      except (DatabaseError,):
                          log.error(traceback.format_exc())
                          raise
                  def create_registration(self, form_data):
                      from rhodecode.model.notification import NotificationModel
                      from rhodecode.model.notification import EmailNotificationModel
                      try:
                          form_data['admin'] = False
                          form_data['extern_name'] = 'rhodecode'
                          form_data['extern_type'] = 'rhodecode'
                          new_user = self.create(form_data)
                          self.sa.add(new_user)
                          self.sa.flush()
                          user_data = new_user.get_dict()
                          kwargs = {
                              # use SQLALCHEMY safe dump of user data
                              'user': AttributeDict(user_data),
                              'date': datetime.datetime.now()
                          }
                          notification_type = EmailNotificationModel.TYPE_REGISTRATION
                          # pre-generate the subject for notification itself
                          (subject,
                           _h, _e,  # we don't care about those
                           body_plaintext) = EmailNotificationModel().render_email(
                              notification_type, **kwargs)
                          # create notification objects, and emails
                          NotificationModel().create(
                              created_by=new_user,
                              notification_subject=subject,
                              notification_body=body_plaintext,
                              notification_type=notification_type,
                              recipients=None,  # all admins
                              email_kwargs=kwargs,
                          )
                          return new_user
                      except Exception:
                          log.error(traceback.format_exc())
                          raise
                  def _handle_user_repos(self, username, repositories, handle_mode=None):
                      _superadmin = self.cls.get_first_super_admin()
                      left_overs = True
                      from rhodecode.model.repo import RepoModel
                      if handle_mode == 'detach':
                          for obj in repositories:
                              obj.user = _superadmin
                              # set description we know why we super admin now owns
                              # additional repositories that were orphaned !
                              obj.description += '  \n::detached repository from deleted user: %s' % (username,)
                              self.sa.add(obj)
                          left_overs = False
                      elif handle_mode == 'delete':
                          for obj in repositories:
                              RepoModel().delete(obj, forks='detach')
                          left_overs = False
                      # if nothing is done we have left overs left
                      return left_overs
                  def _handle_user_repo_groups(self, username, repository_groups,
                                               handle_mode=None):
                      _superadmin = self.cls.get_first_super_admin()
                      left_overs = True
                      from rhodecode.model.repo_group import RepoGroupModel
                      if handle_mode == 'detach':
                          for r in repository_groups:
                              r.user = _superadmin
                              # set description we know why we super admin now owns
                              # additional repositories that were orphaned !
                              r.group_description += '  \n::detached repository group from deleted user: %s' % (username,)
                              self.sa.add(r)
                          left_overs = False
                      elif handle_mode == 'delete':
                          for r in repository_groups:
                              RepoGroupModel().delete(r)
                          left_overs = False
                      # if nothing is done we have left overs left
                      return left_overs
                  def _handle_user_user_groups(self, username, user_groups, handle_mode=None):
                      _superadmin = self.cls.get_first_super_admin()
                      left_overs = True
                      from rhodecode.model.user_group import UserGroupModel
                      if handle_mode == 'detach':
                          for r in user_groups:
                              for user_user_group_to_perm in r.user_user_group_to_perm:
                                  if user_user_group_to_perm.user.username == username:
                                      user_user_group_to_perm.user = _superadmin
                              r.user = _superadmin
                              # set description we know why we super admin now owns
                              # additional repositories that were orphaned !
                              r.user_group_description += '  \n::detached user group from deleted user: %s' % (username,)
                              self.sa.add(r)
                          left_overs = False
                      elif handle_mode == 'delete':
                          for r in user_groups:
                              UserGroupModel().delete(r)
                          left_overs = False
                      # if nothing is done we have left overs left
                      return left_overs
                  def delete(self, user, cur_user=None, handle_repos=None,
                             handle_repo_groups=None, handle_user_groups=None):
                      if not cur_user:
                          cur_user = getattr(
                              get_current_rhodecode_user(), 'username', None)
                      user = self._get_user(user)
                      try:
                          if user.username == User.DEFAULT_USER:
                              raise DefaultUserException(
                                  u"You can't remove this user since it's"
                                  u" crucial for entire application")
                          left_overs = self._handle_user_repos(
                              user.username, user.repositories, handle_repos)
                          if left_overs and user.repositories:
                              repos = [x.repo_name for x in user.repositories]
                              raise UserOwnsReposException(
                                  u'user "%(username)s" still owns %(len_repos)s repositories and cannot be '
                                  u'removed. Switch owners or remove those repositories:%(list_repos)s'
                                  % {'username': user.username, 'len_repos': len(repos),
                                     'list_repos': ', '.join(repos)})
                          left_overs = self._handle_user_repo_groups(
                              user.username, user.repository_groups, handle_repo_groups)
                          if left_overs and user.repository_groups:
                              repo_groups = [x.group_name for x in user.repository_groups]
                              raise UserOwnsRepoGroupsException(
                                  u'user "%(username)s" still owns %(len_repo_groups)s repository groups and cannot be '
                                  u'removed. Switch owners or remove those repository groups:%(list_repo_groups)s'
                                  % {'username': user.username, 'len_repo_groups': len(repo_groups),
                                     'list_repo_groups': ', '.join(repo_groups)})
                          left_overs = self._handle_user_user_groups(
                              user.username, user.user_groups, handle_user_groups)
                          if left_overs and user.user_groups:
                              user_groups = [x.users_group_name for x in user.user_groups]
                              raise UserOwnsUserGroupsException(
                                  u'user "%s" still owns %s user groups and cannot be '
                                  u'removed. Switch owners or remove those user groups:%s'
                                  % (user.username, len(user_groups), ', '.join(user_groups)))
                          # we might change the user data with detach/delete, make sure
                          # the object is marked as expired before actually deleting !
                          self.sa.expire(user)
                          self.sa.delete(user)
                          from rhodecode.lib.hooks_base import log_delete_user
                          log_delete_user(deleted_by=cur_user, **user.get_dict())
                      except Exception:
                          log.error(traceback.format_exc())
                          raise
                  def reset_password_link(self, data, pwd_reset_url):
                      from rhodecode.lib.celerylib import tasks, run_task
                      from rhodecode.model.notification import EmailNotificationModel
                      user_email = data['email']
                      try:
                          user = User.get_by_email(user_email)
                          if user:
                              log.debug('password reset user found %s', user)
                              email_kwargs = {
                                  'password_reset_url': pwd_reset_url,
                                  'user': user,
                                  'email': user_email,
                                  'date': datetime.datetime.now()
                              }
                              (subject, headers, email_body,
                               email_body_plaintext) = EmailNotificationModel().render_email(
                                  EmailNotificationModel.TYPE_PASSWORD_RESET, **email_kwargs)
                              recipients = [user_email]
                              action_logger_generic(
                                  'sending password reset email to user: {}'.format(
                                      user), namespace='security.password_reset')
                              run_task(tasks.send_email, recipients, subject,
                                       email_body_plaintext, email_body)
                          else:
                              log.debug("password reset email %s not found", user_email)
                      except Exception:
                          log.error(traceback.format_exc())
                          return False
                      return True
                  def reset_password(self, data):
                      from rhodecode.lib.celerylib import tasks, run_task
                      from rhodecode.model.notification import EmailNotificationModel
                      from rhodecode.lib import auth
                      user_email = data['email']
                      pre_db = True
                      try:
                          user = User.get_by_email(user_email)
                          new_passwd = auth.PasswordGenerator().gen_password(
 , auth.PasswordGenerator.ALPHABETS_BIG_SMALL)
                          if user:
                              user.password = auth.get_crypt_password(new_passwd)
                              # also force this user to reset his password !
                              user.update_userdata(force_password_change=True)
                              Session().add(user)
                              # now delete the token in question
                              UserApiKeys = AuthTokenModel.cls
                              UserApiKeys().query().filter(
                                  UserApiKeys.api_key == data['token']).delete()
                              Session().commit()
                              log.info('successfully reset password for `%s`', user_email)
                          if new_passwd is None:
                              raise Exception('unable to generate new password')
                          pre_db = False
                          email_kwargs = {
                              'new_password': new_passwd,
                              'user': user,
                              'email': user_email,
                              'date': datetime.datetime.now()
                          }
                          (subject, headers, email_body,
                           email_body_plaintext) = EmailNotificationModel().render_email(
                              EmailNotificationModel.TYPE_PASSWORD_RESET_CONFIRMATION,
                              **email_kwargs)
                          recipients = [user_email]
                          action_logger_generic(
                              'sent new password to user: {} with email: {}'.format(
                                  user, user_email), namespace='security.password_reset')
                          run_task(tasks.send_email, recipients, subject,
                                   email_body_plaintext, email_body)
                      except Exception:
                          log.error('Failed to update user password')
                          log.error(traceback.format_exc())
                          if pre_db:
                              # we rollback only if local db stuff fails. If it goes into
                              # run_task, we're pass rollback state this wouldn't work then
                              Session().rollback()
                      return True
                  def fill_data(self, auth_user, user_id=None, api_key=None, username=None):
                      """
                      Fetches auth_user by user_id,or api_key if present.
                      Fills auth_user attributes with those taken from database.
                      Additionally set's is_authenitated if lookup fails
                      present in database
                      :param auth_user: instance of user to set attributes
                      :param user_id: user id to fetch by
                      :param api_key: api key to fetch by
                      :param username: username to fetch by
                      """
                      if user_id is None and api_key is None and username is None:
                          raise Exception('You need to pass user_id, api_key or username')
                      log.debug(
                          'AuthUser: fill data execution based on: '
                          'user_id:%s api_key:%s username:%s', user_id, api_key, username)
                      try:
                          dbuser = None
                          if user_id:
                              dbuser = self.get(user_id)
                          elif api_key:
                              dbuser = self.get_by_auth_token(api_key)
                          elif username:
                              dbuser = self.get_by_username(username)
                          if not dbuser:
                              log.warning(
                                  'Unable to lookup user by id:%s api_key:%s username:%s',
                                  user_id, api_key, username)
                              return False
                          if not dbuser.active:
                              log.debug('User `%s:%s` is inactive, skipping fill data',
                                        username, user_id)
                              return False
                          log.debug('AuthUser: filling found user:%s data', dbuser)
                          user_data = dbuser.get_dict()
                          user_data.update({
                              # set explicit the safe escaped values
                              'first_name': dbuser.first_name,
                              'last_name': dbuser.last_name,
                          })
                          for k, v in user_data.items():
                              # properties of auth user we dont update
                              if k not in ['auth_tokens', 'permissions']:
                                  setattr(auth_user, k, v)
-                         # few extras
-                         setattr(auth_user, 'feed_token', dbuser.feed_token)
                      except Exception:
                          log.error(traceback.format_exc())
                          auth_user.is_authenticated = False
                          return False
                      return True
                  def has_perm(self, user, perm):
                      perm = self._get_perm(perm)
                      user = self._get_user(user)
                      return UserToPerm.query().filter(UserToPerm.user == user)\
                          .filter(UserToPerm.permission == perm).scalar() is not None
                  def grant_perm(self, user, perm):
                      """
                      Grant user global permissions
                      :param user:
                      :param perm:
                      """
                      user = self._get_user(user)
                      perm = self._get_perm(perm)
                      # if this permission is already granted skip it
                      _perm = UserToPerm.query()\
                          .filter(UserToPerm.user == user)\
                          .filter(UserToPerm.permission == perm)\
                          .scalar()
                      if _perm:
                          return
                      new = UserToPerm()
                      new.user = user
                      new.permission = perm
                      self.sa.add(new)
                      return new
                  def revoke_perm(self, user, perm):
                      """
                      Revoke users global permissions
                      :param user:
                      :param perm:
                      """
                      user = self._get_user(user)
                      perm = self._get_perm(perm)
                      obj = UserToPerm.query()\
                              .filter(UserToPerm.user == user)\
                              .filter(UserToPerm.permission == perm)\
                              .scalar()
                      if obj:
                          self.sa.delete(obj)
                  def add_extra_email(self, user, email):
                      """
                      Adds email address to UserEmailMap
                      :param user:
                      :param email:
                      """
                      user = self._get_user(user)
                      obj = UserEmailMap()
                      obj.user = user
                      obj.email = email
                      self.sa.add(obj)
                      return obj
                  def delete_extra_email(self, user, email_id):
                      """
                      Removes email address from UserEmailMap
                      :param user:
                      :param email_id:
                      """
                      user = self._get_user(user)
                      obj = UserEmailMap.query().get(email_id)
                      if obj and obj.user_id == user.user_id:
                          self.sa.delete(obj)
                  def parse_ip_range(self, ip_range):
                      ip_list = []
                      def make_unique(value):
                          seen = []
                          return [c for c in value if not (c in seen or seen.append(c))]
                      # firsts split by commas
                      for ip_range in ip_range.split(','):
                          if not ip_range:
                              continue
                          ip_range = ip_range.strip()
                          if '-' in ip_range:
                              start_ip, end_ip = ip_range.split('-', 1)
                              start_ip = ipaddress.ip_address(safe_unicode(start_ip.strip()))
                              end_ip = ipaddress.ip_address(safe_unicode(end_ip.strip()))
                              parsed_ip_range = []
                              for index in xrange(int(start_ip), int(end_ip) + 1):
                                  new_ip = ipaddress.ip_address(index)
                                  parsed_ip_range.append(str(new_ip))
                              ip_list.extend(parsed_ip_range)
                          else:
                              ip_list.append(ip_range)
                      return make_unique(ip_list)
                  def add_extra_ip(self, user, ip, description=None):
                      """
                      Adds ip address to UserIpMap
                      :param user:
                      :param ip:
                      """
                      user = self._get_user(user)
                      obj = UserIpMap()
                      obj.user = user
                      obj.ip_addr = ip
                      obj.description = description
                      self.sa.add(obj)
                      return obj
                  def delete_extra_ip(self, user, ip_id):
                      """
                      Removes ip address from UserIpMap
                      :param user:
                      :param ip_id:
                      """
                      user = self._get_user(user)
                      obj = UserIpMap.query().get(ip_id)
                      if obj and obj.user_id == user.user_id:
                          self.sa.delete(obj)
                  def get_accounts_in_creation_order(self, current_user=None):
                      """
                      Get accounts in order of creation for deactivation for license limits
                      pick currently logged in user, and append to the list in position 0
                      pick all super-admins in order of creation date and add it to the list
                      pick all other accounts in order of creation and add it to the list.
                      Based on that list, the last accounts can be disabled as they are
                      created at the end and don't include any of the super admins as well
                      as the current user.
                      :param current_user: optionally current user running this operation
                      """
                      if not current_user:
                          current_user = get_current_rhodecode_user()
                      active_super_admins = [
                          x.user_id for x in User.query()
                          .filter(User.user_id != current_user.user_id)
                          .filter(User.active == true())
                          .filter(User.admin == true())
                          .order_by(User.created_on.asc())]
                      active_regular_users = [
                          x.user_id for x in User.query()
                          .filter(User.user_id != current_user.user_id)
                          .filter(User.active == true())
                          .filter(User.admin == false())
                          .order_by(User.created_on.asc())]
                      list_of_accounts = [current_user.user_id]
                      list_of_accounts += active_super_admins
                      list_of_accounts += active_regular_users
                      return list_of_accounts
                  def deactivate_last_users(self, expected_users, current_user=None):
                      """
                      Deactivate accounts that are over the license limits.
                      Algorithm of which accounts to disabled is based on the formula:
                      Get current user, then super admins in creation order, then regular
                      active users in creation order.
                      Using that list we mark all accounts from the end of it as inactive.
                      This way we block only latest created accounts.
                      :param expected_users: list of users in special order, we deactivate
                          the end N ammoun of users from that list
                      """
                      list_of_accounts = self.get_accounts_in_creation_order(
                          current_user=current_user)
                      for acc_id in list_of_accounts[expected_users + 1:]:
                          user = User.get(acc_id)
                          log.info('Deactivating account %s for license unlock', user)
                          user.active = False
                          Session().add(user)
                          Session().commit()
                      return
                  def get_user_log(self, user, filter_term):
                      user_log = UserLog.query()\
                          .filter(or_(UserLog.user_id == user.user_id,
                                      UserLog.username == user.username))\
                          .options(joinedload(UserLog.user))\
                          .options(joinedload(UserLog.repository))\
                          .order_by(UserLog.action_date.desc())
                      user_log = user_log_filter(user_log, filter_term)
                      return user_log

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages