##// END OF EJS Templates
u » pc » rhodecode-enterprise-ce-fork-pc
RSS

Fork of rhodecode-enterprise-ce

security: use new safe escaped user attributes across the application....
ergo -
r1815:7cb6e1ce default
parent child Browse files
Show More

The requested changes are too big and content was truncated. Show full diff

Show file before | Show file after | Hide comments
@@ -1,308 +1,308 b''
1 # -*- coding: utf-8 -*-
1 # -*- coding: utf-8 -*-
2
2
3 # Copyright (C) 2016-2017 RhodeCode GmbH
3 # Copyright (C) 2016-2017 RhodeCode GmbH
4 #
4 #
5 # This program is free software: you can redistribute it and/or modify
5 # This program is free software: you can redistribute it and/or modify
6 # it under the terms of the GNU Affero General Public License, version 3
6 # it under the terms of the GNU Affero General Public License, version 3
7 # (only), as published by the Free Software Foundation.
7 # (only), as published by the Free Software Foundation.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU Affero General Public License
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 #
16 #
17 # This program is dual-licensed. If you wish to learn more about the
17 # This program is dual-licensed. If you wish to learn more about the
18 # RhodeCode Enterprise Edition, including its added features, Support services,
18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20
20
21 import logging
21 import logging
22 import datetime
22 import datetime
23
23
24 from pyramid.httpexceptions import HTTPFound
24 from pyramid.httpexceptions import HTTPFound
25 from pyramid.view import view_config
25 from pyramid.view import view_config
26 from sqlalchemy.sql.functions import coalesce
26 from sqlalchemy.sql.functions import coalesce
27
27
28 from rhodecode.lib.helpers import Page
28 from rhodecode.lib.helpers import Page
29 from rhodecode.lib.ext_json import json
29 from rhodecode.lib.ext_json import json
30
30
31 from rhodecode.apps._base import BaseAppView, DataGridAppView
31 from rhodecode.apps._base import BaseAppView, DataGridAppView
32 from rhodecode.lib.auth import (
32 from rhodecode.lib.auth import (
33 LoginRequired, HasPermissionAllDecorator, CSRFRequired)
33 LoginRequired, HasPermissionAllDecorator, CSRFRequired)
34 from rhodecode.lib import helpers as h
34 from rhodecode.lib import helpers as h
35 from rhodecode.lib.utils import PartialRenderer
35 from rhodecode.lib.utils import PartialRenderer
36 from rhodecode.lib.utils2 import safe_int, safe_unicode
36 from rhodecode.lib.utils2 import safe_int, safe_unicode
37 from rhodecode.model.auth_token import AuthTokenModel
37 from rhodecode.model.auth_token import AuthTokenModel
38 from rhodecode.model.user import UserModel
38 from rhodecode.model.user import UserModel
39 from rhodecode.model.user_group import UserGroupModel
39 from rhodecode.model.user_group import UserGroupModel
40 from rhodecode.model.db import User, or_
40 from rhodecode.model.db import User, or_
41 from rhodecode.model.meta import Session
41 from rhodecode.model.meta import Session
42
42
43 log = logging.getLogger(__name__)
43 log = logging.getLogger(__name__)
44
44
45
45
46 class AdminUsersView(BaseAppView, DataGridAppView):
46 class AdminUsersView(BaseAppView, DataGridAppView):
47 ALLOW_SCOPED_TOKENS = False
47 ALLOW_SCOPED_TOKENS = False
48 """
48 """
49 This view has alternative version inside EE, if modified please take a look
49 This view has alternative version inside EE, if modified please take a look
50 in there as well.
50 in there as well.
51 """
51 """
52
52
53 def load_default_context(self):
53 def load_default_context(self):
54 c = self._get_local_tmpl_context()
54 c = self._get_local_tmpl_context()
55 c.allow_scoped_tokens = self.ALLOW_SCOPED_TOKENS
55 c.allow_scoped_tokens = self.ALLOW_SCOPED_TOKENS
56 self._register_global_c(c)
56 self._register_global_c(c)
57 return c
57 return c
58
58
59 def _redirect_for_default_user(self, username):
59 def _redirect_for_default_user(self, username):
60 _ = self.request.translate
60 _ = self.request.translate
61 if username == User.DEFAULT_USER:
61 if username == User.DEFAULT_USER:
62 h.flash(_("You can't edit this user"), category='warning')
62 h.flash(_("You can't edit this user"), category='warning')
63 # TODO(marcink): redirect to 'users' admin panel once this
63 # TODO(marcink): redirect to 'users' admin panel once this
64 # is a pyramid view
64 # is a pyramid view
65 raise HTTPFound('/')
65 raise HTTPFound('/')
66
66
67 @HasPermissionAllDecorator('hg.admin')
67 @HasPermissionAllDecorator('hg.admin')
68 @view_config(
68 @view_config(
69 route_name='users', request_method='GET',
69 route_name='users', request_method='GET',
70 renderer='rhodecode:templates/admin/users/users.mako')
70 renderer='rhodecode:templates/admin/users/users.mako')
71 def users_list(self):
71 def users_list(self):
72 c = self.load_default_context()
72 c = self.load_default_context()
73 return self._get_template_context(c)
73 return self._get_template_context(c)
74
74
75 @HasPermissionAllDecorator('hg.admin')
75 @HasPermissionAllDecorator('hg.admin')
76 @view_config(
76 @view_config(
77 # renderer defined below
77 # renderer defined below
78 route_name='users_data', request_method='GET',
78 route_name='users_data', request_method='GET',
79 renderer='json_ext', xhr=True)
79 renderer='json_ext', xhr=True)
80 def users_list_data(self):
80 def users_list_data(self):
81 draw, start, limit = self._extract_chunk(self.request)
81 draw, start, limit = self._extract_chunk(self.request)
82 search_q, order_by, order_dir = self._extract_ordering(self.request)
82 search_q, order_by, order_dir = self._extract_ordering(self.request)
83
83
84 _render = PartialRenderer('data_table/_dt_elements.mako')
84 _render = PartialRenderer('data_table/_dt_elements.mako')
85
85
86 def user_actions(user_id, username):
86 def user_actions(user_id, username):
87 return _render("user_actions", user_id, username)
87 return _render("user_actions", user_id, username)
88
88
89 users_data_total_count = User.query()\
89 users_data_total_count = User.query()\
90 .filter(User.username != User.DEFAULT_USER) \
90 .filter(User.username != User.DEFAULT_USER) \
91 .count()
91 .count()
92
92
93 # json generate
93 # json generate
94 base_q = User.query().filter(User.username != User.DEFAULT_USER)
94 base_q = User.query().filter(User.username != User.DEFAULT_USER)
95
95
96 if search_q:
96 if search_q:
97 like_expression = u'%{}%'.format(safe_unicode(search_q))
97 like_expression = u'%{}%'.format(safe_unicode(search_q))
98 base_q = base_q.filter(or_(
98 base_q = base_q.filter(or_(
99 User.username.ilike(like_expression),
99 User.username.ilike(like_expression),
100 User._email.ilike(like_expression),
100 User._email.ilike(like_expression),
101 User.name.ilike(like_expression),
101 User.name.ilike(like_expression),
102 User.lastname.ilike(like_expression),
102 User.lastname.ilike(like_expression),
103 ))
103 ))
104
104
105 users_data_total_filtered_count = base_q.count()
105 users_data_total_filtered_count = base_q.count()
106
106
107 sort_col = getattr(User, order_by, None)
107 sort_col = getattr(User, order_by, None)
108 if sort_col:
108 if sort_col:
109 if order_dir == 'asc':
109 if order_dir == 'asc':
110 # handle null values properly to order by NULL last
110 # handle null values properly to order by NULL last
111 if order_by in ['last_activity']:
111 if order_by in ['last_activity']:
112 sort_col = coalesce(sort_col, datetime.date.max)
112 sort_col = coalesce(sort_col, datetime.date.max)
113 sort_col = sort_col.asc()
113 sort_col = sort_col.asc()
114 else:
114 else:
115 # handle null values properly to order by NULL last
115 # handle null values properly to order by NULL last
116 if order_by in ['last_activity']:
116 if order_by in ['last_activity']:
117 sort_col = coalesce(sort_col, datetime.date.min)
117 sort_col = coalesce(sort_col, datetime.date.min)
118 sort_col = sort_col.desc()
118 sort_col = sort_col.desc()
119
119
120 base_q = base_q.order_by(sort_col)
120 base_q = base_q.order_by(sort_col)
121 base_q = base_q.offset(start).limit(limit)
121 base_q = base_q.offset(start).limit(limit)
122
122
123 users_list = base_q.all()
123 users_list = base_q.all()
124
124
125 users_data = []
125 users_data = []
126 for user in users_list:
126 for user in users_list:
127 users_data.append({
127 users_data.append({
128 "username": h.gravatar_with_user(user.username),
128 "username": h.gravatar_with_user(user.username),
129 "email": user.email,
129 "email": user.email,
130 "first_name": h.escape(user.name),
130 "first_name": user.first_name,
131 "last_name": h.escape(user.lastname),
131 "last_name": user.last_name,
132 "last_login": h.format_date(user.last_login),
132 "last_login": h.format_date(user.last_login),
133 "last_activity": h.format_date(user.last_activity),
133 "last_activity": h.format_date(user.last_activity),
134 "active": h.bool2icon(user.active),
134 "active": h.bool2icon(user.active),
135 "active_raw": user.active,
135 "active_raw": user.active,
136 "admin": h.bool2icon(user.admin),
136 "admin": h.bool2icon(user.admin),
137 "extern_type": user.extern_type,
137 "extern_type": user.extern_type,
138 "extern_name": user.extern_name,
138 "extern_name": user.extern_name,
139 "action": user_actions(user.user_id, user.username),
139 "action": user_actions(user.user_id, user.username),
140 })
140 })
141
141
142 data = ({
142 data = ({
143 'draw': draw,
143 'draw': draw,
144 'data': users_data,
144 'data': users_data,
145 'recordsTotal': users_data_total_count,
145 'recordsTotal': users_data_total_count,
146 'recordsFiltered': users_data_total_filtered_count,
146 'recordsFiltered': users_data_total_filtered_count,
147 })
147 })
148
148
149 return data
149 return data
150
150
151 @LoginRequired()
151 @LoginRequired()
152 @HasPermissionAllDecorator('hg.admin')
152 @HasPermissionAllDecorator('hg.admin')
153 @view_config(
153 @view_config(
154 route_name='edit_user_auth_tokens', request_method='GET',
154 route_name='edit_user_auth_tokens', request_method='GET',
155 renderer='rhodecode:templates/admin/users/user_edit.mako')
155 renderer='rhodecode:templates/admin/users/user_edit.mako')
156 def auth_tokens(self):
156 def auth_tokens(self):
157 _ = self.request.translate
157 _ = self.request.translate
158 c = self.load_default_context()
158 c = self.load_default_context()
159
159
160 user_id = self.request.matchdict.get('user_id')
160 user_id = self.request.matchdict.get('user_id')
161 c.user = User.get_or_404(user_id, pyramid_exc=True)
161 c.user = User.get_or_404(user_id, pyramid_exc=True)
162 self._redirect_for_default_user(c.user.username)
162 self._redirect_for_default_user(c.user.username)
163
163
164 c.active = 'auth_tokens'
164 c.active = 'auth_tokens'
165
165
166 c.lifetime_values = [
166 c.lifetime_values = [
167 (str(-1), _('forever')),
167 (str(-1), _('forever')),
168 (str(5), _('5 minutes')),
168 (str(5), _('5 minutes')),
169 (str(60), _('1 hour')),
169 (str(60), _('1 hour')),
170 (str(60 * 24), _('1 day')),
170 (str(60 * 24), _('1 day')),
171 (str(60 * 24 * 30), _('1 month')),
171 (str(60 * 24 * 30), _('1 month')),
172 ]
172 ]
173 c.lifetime_options = [(c.lifetime_values, _("Lifetime"))]
173 c.lifetime_options = [(c.lifetime_values, _("Lifetime"))]
174 c.role_values = [
174 c.role_values = [
175 (x, AuthTokenModel.cls._get_role_name(x))
175 (x, AuthTokenModel.cls._get_role_name(x))
176 for x in AuthTokenModel.cls.ROLES]
176 for x in AuthTokenModel.cls.ROLES]
177 c.role_options = [(c.role_values, _("Role"))]
177 c.role_options = [(c.role_values, _("Role"))]
178 c.user_auth_tokens = AuthTokenModel().get_auth_tokens(
178 c.user_auth_tokens = AuthTokenModel().get_auth_tokens(
179 c.user.user_id, show_expired=True)
179 c.user.user_id, show_expired=True)
180 return self._get_template_context(c)
180 return self._get_template_context(c)
181
181
182 def maybe_attach_token_scope(self, token):
182 def maybe_attach_token_scope(self, token):
183 # implemented in EE edition
183 # implemented in EE edition
184 pass
184 pass
185
185
186 @LoginRequired()
186 @LoginRequired()
187 @HasPermissionAllDecorator('hg.admin')
187 @HasPermissionAllDecorator('hg.admin')
188 @CSRFRequired()
188 @CSRFRequired()
189 @view_config(
189 @view_config(
190 route_name='edit_user_auth_tokens_add', request_method='POST')
190 route_name='edit_user_auth_tokens_add', request_method='POST')
191 def auth_tokens_add(self):
191 def auth_tokens_add(self):
192 _ = self.request.translate
192 _ = self.request.translate
193 c = self.load_default_context()
193 c = self.load_default_context()
194
194
195 user_id = self.request.matchdict.get('user_id')
195 user_id = self.request.matchdict.get('user_id')
196 c.user = User.get_or_404(user_id, pyramid_exc=True)
196 c.user = User.get_or_404(user_id, pyramid_exc=True)
197 self._redirect_for_default_user(c.user.username)
197 self._redirect_for_default_user(c.user.username)
198
198
199 lifetime = safe_int(self.request.POST.get('lifetime'), -1)
199 lifetime = safe_int(self.request.POST.get('lifetime'), -1)
200 description = self.request.POST.get('description')
200 description = self.request.POST.get('description')
201 role = self.request.POST.get('role')
201 role = self.request.POST.get('role')
202
202
203 token = AuthTokenModel().create(
203 token = AuthTokenModel().create(
204 c.user.user_id, description, lifetime, role)
204 c.user.user_id, description, lifetime, role)
205 self.maybe_attach_token_scope(token)
205 self.maybe_attach_token_scope(token)
206 Session().commit()
206 Session().commit()
207
207
208 h.flash(_("Auth token successfully created"), category='success')
208 h.flash(_("Auth token successfully created"), category='success')
209 return HTTPFound(h.route_path('edit_user_auth_tokens', user_id=user_id))
209 return HTTPFound(h.route_path('edit_user_auth_tokens', user_id=user_id))
210
210
211 @LoginRequired()
211 @LoginRequired()
212 @HasPermissionAllDecorator('hg.admin')
212 @HasPermissionAllDecorator('hg.admin')
213 @CSRFRequired()
213 @CSRFRequired()
214 @view_config(
214 @view_config(
215 route_name='edit_user_auth_tokens_delete', request_method='POST')
215 route_name='edit_user_auth_tokens_delete', request_method='POST')
216 def auth_tokens_delete(self):
216 def auth_tokens_delete(self):
217 _ = self.request.translate
217 _ = self.request.translate
218 c = self.load_default_context()
218 c = self.load_default_context()
219
219
220 user_id = self.request.matchdict.get('user_id')
220 user_id = self.request.matchdict.get('user_id')
221 c.user = User.get_or_404(user_id, pyramid_exc=True)
221 c.user = User.get_or_404(user_id, pyramid_exc=True)
222 self._redirect_for_default_user(c.user.username)
222 self._redirect_for_default_user(c.user.username)
223
223
224 del_auth_token = self.request.POST.get('del_auth_token')
224 del_auth_token = self.request.POST.get('del_auth_token')
225
225
226 if del_auth_token:
226 if del_auth_token:
227 AuthTokenModel().delete(del_auth_token, c.user.user_id)
227 AuthTokenModel().delete(del_auth_token, c.user.user_id)
228 Session().commit()
228 Session().commit()
229 h.flash(_("Auth token successfully deleted"), category='success')
229 h.flash(_("Auth token successfully deleted"), category='success')
230
230
231 return HTTPFound(h.route_path('edit_user_auth_tokens', user_id=user_id))
231 return HTTPFound(h.route_path('edit_user_auth_tokens', user_id=user_id))
232
232
233 @LoginRequired()
233 @LoginRequired()
234 @HasPermissionAllDecorator('hg.admin')
234 @HasPermissionAllDecorator('hg.admin')
235 @view_config(
235 @view_config(
236 route_name='edit_user_groups_management', request_method='GET',
236 route_name='edit_user_groups_management', request_method='GET',
237 renderer='rhodecode:templates/admin/users/user_edit.mako')
237 renderer='rhodecode:templates/admin/users/user_edit.mako')
238 def groups_management(self):
238 def groups_management(self):
239 c = self.load_default_context()
239 c = self.load_default_context()
240
240
241 user_id = self.request.matchdict.get('user_id')
241 user_id = self.request.matchdict.get('user_id')
242 c.user = User.get_or_404(user_id, pyramid_exc=True)
242 c.user = User.get_or_404(user_id, pyramid_exc=True)
243 c.data = c.user.group_member
243 c.data = c.user.group_member
244 self._redirect_for_default_user(c.user.username)
244 self._redirect_for_default_user(c.user.username)
245 groups = [UserGroupModel.get_user_groups_as_dict(group.users_group)
245 groups = [UserGroupModel.get_user_groups_as_dict(group.users_group)
246 for group in c.user.group_member]
246 for group in c.user.group_member]
247 c.groups = json.dumps(groups)
247 c.groups = json.dumps(groups)
248 c.active = 'groups'
248 c.active = 'groups'
249
249
250 return self._get_template_context(c)
250 return self._get_template_context(c)
251
251
252 @LoginRequired()
252 @LoginRequired()
253 @HasPermissionAllDecorator('hg.admin')
253 @HasPermissionAllDecorator('hg.admin')
254 @CSRFRequired()
254 @CSRFRequired()
255 @view_config(
255 @view_config(
256 route_name='edit_user_groups_management_updates', request_method='POST')
256 route_name='edit_user_groups_management_updates', request_method='POST')
257 def groups_management_updates(self):
257 def groups_management_updates(self):
258 _ = self.request.translate
258 _ = self.request.translate
259 c = self.load_default_context()
259 c = self.load_default_context()
260
260
261 user_id = self.request.matchdict.get('user_id')
261 user_id = self.request.matchdict.get('user_id')
262 c.user = User.get_or_404(user_id, pyramid_exc=True)
262 c.user = User.get_or_404(user_id, pyramid_exc=True)
263 self._redirect_for_default_user(c.user.username)
263 self._redirect_for_default_user(c.user.username)
264
264
265 users_groups = set(self.request.POST.getall('users_group_id'))
265 users_groups = set(self.request.POST.getall('users_group_id'))
266 users_groups_model = []
266 users_groups_model = []
267
267
268 for ugid in users_groups:
268 for ugid in users_groups:
269 users_groups_model.append(UserGroupModel().get_group(safe_int(ugid)))
269 users_groups_model.append(UserGroupModel().get_group(safe_int(ugid)))
270 user_group_model = UserGroupModel()
270 user_group_model = UserGroupModel()
271 user_group_model.change_groups(c.user, users_groups_model)
271 user_group_model.change_groups(c.user, users_groups_model)
272
272
273 Session().commit()
273 Session().commit()
274 c.active = 'user_groups_management'
274 c.active = 'user_groups_management'
275 h.flash(_("Groups successfully changed"), category='success')
275 h.flash(_("Groups successfully changed"), category='success')
276
276
277 return HTTPFound(h.route_path(
277 return HTTPFound(h.route_path(
278 'edit_user_groups_management', user_id=user_id))
278 'edit_user_groups_management', user_id=user_id))
279
279
280 @LoginRequired()
280 @LoginRequired()
281 @HasPermissionAllDecorator('hg.admin')
281 @HasPermissionAllDecorator('hg.admin')
282 @view_config(
282 @view_config(
283 route_name='edit_user_audit_logs', request_method='GET',
283 route_name='edit_user_audit_logs', request_method='GET',
284 renderer='rhodecode:templates/admin/users/user_edit.mako')
284 renderer='rhodecode:templates/admin/users/user_edit.mako')
285 def user_audit_logs(self):
285 def user_audit_logs(self):
286 _ = self.request.translate
286 _ = self.request.translate
287 c = self.load_default_context()
287 c = self.load_default_context()
288
288
289 user_id = self.request.matchdict.get('user_id')
289 user_id = self.request.matchdict.get('user_id')
290 c.user = User.get_or_404(user_id, pyramid_exc=True)
290 c.user = User.get_or_404(user_id, pyramid_exc=True)
291 self._redirect_for_default_user(c.user.username)
291 self._redirect_for_default_user(c.user.username)
292 c.active = 'audit'
292 c.active = 'audit'
293
293
294 p = safe_int(self.request.GET.get('page', 1), 1)
294 p = safe_int(self.request.GET.get('page', 1), 1)
295
295
296 filter_term = self.request.GET.get('filter')
296 filter_term = self.request.GET.get('filter')
297 user_log = UserModel().get_user_log(c.user, filter_term)
297 user_log = UserModel().get_user_log(c.user, filter_term)
298
298
299 def url_generator(**kw):
299 def url_generator(**kw):
300 if filter_term:
300 if filter_term:
301 kw['filter'] = filter_term
301 kw['filter'] = filter_term
302 return self.request.current_route_path(_query=kw)
302 return self.request.current_route_path(_query=kw)
303
303
304 c.audit_logs = Page(user_log, page=p, items_per_page=10,
304 c.audit_logs = Page(user_log, page=p, items_per_page=10,
305 url=url_generator)
305 url=url_generator)
306 c.filter_term = filter_term
306 c.filter_term = filter_term
307 return self._get_template_context(c)
307 return self._get_template_context(c)
308
308
Show file before | Show file after | Hide comments
@@ -1,134 +1,134 b''
1 # -*- coding: utf-8 -*-
1 # -*- coding: utf-8 -*-
2
2
3 # Copyright (C) 2010-2017 RhodeCode GmbH
3 # Copyright (C) 2010-2017 RhodeCode GmbH
4 #
4 #
5 # This program is free software: you can redistribute it and/or modify
5 # This program is free software: you can redistribute it and/or modify
6 # it under the terms of the GNU Affero General Public License, version 3
6 # it under the terms of the GNU Affero General Public License, version 3
7 # (only), as published by the Free Software Foundation.
7 # (only), as published by the Free Software Foundation.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU Affero General Public License
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 #
16 #
17 # This program is dual-licensed. If you wish to learn more about the
17 # This program is dual-licensed. If you wish to learn more about the
18 # RhodeCode Enterprise Edition, including its added features, Support services,
18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20
20
21
21
22 import pytest
22 import pytest
23
23
24 import rhodecode
24 import rhodecode
25 from rhodecode.model.db import Repository
25 from rhodecode.model.db import Repository
26 from rhodecode.model.meta import Session
26 from rhodecode.model.meta import Session
27 from rhodecode.model.repo import RepoModel
27 from rhodecode.model.repo import RepoModel
28 from rhodecode.model.repo_group import RepoGroupModel
28 from rhodecode.model.repo_group import RepoGroupModel
29 from rhodecode.model.settings import SettingsModel
29 from rhodecode.model.settings import SettingsModel
30 from rhodecode.tests import TestController
30 from rhodecode.tests import TestController
31 from rhodecode.tests.fixture import Fixture
31 from rhodecode.tests.fixture import Fixture
32 from rhodecode.lib import helpers as h
32 from rhodecode.lib import helpers as h
33
33
34 fixture = Fixture()
34 fixture = Fixture()
35
35
36
36
37 def route_path(name, **kwargs):
37 def route_path(name, **kwargs):
38 return {
38 return {
39 'home': '/',
39 'home': '/',
40 'repo_group_home': '/{repo_group_name}'
40 'repo_group_home': '/{repo_group_name}'
41 }[name].format(**kwargs)
41 }[name].format(**kwargs)
42
42
43
43
44 class TestHomeController(TestController):
44 class TestHomeController(TestController):
45
45
46 def test_index(self):
46 def test_index(self):
47 self.log_user()
47 self.log_user()
48 response = self.app.get(route_path('home'))
48 response = self.app.get(route_path('home'))
49 # if global permission is set
49 # if global permission is set
50 response.mustcontain('Add Repository')
50 response.mustcontain('Add Repository')
51
51
52 # search for objects inside the JavaScript JSON
52 # search for objects inside the JavaScript JSON
53 for repo in Repository.getAll():
53 for repo in Repository.getAll():
54 response.mustcontain('"name_raw": "%s"' % repo.repo_name)
54 response.mustcontain('"name_raw": "%s"' % repo.repo_name)
55
55
56 def test_index_contains_statics_with_ver(self):
56 def test_index_contains_statics_with_ver(self):
57 from pylons import tmpl_context as c
57 from pylons import tmpl_context as c
58
58
59 self.log_user()
59 self.log_user()
60 response = self.app.get(route_path('home'))
60 response = self.app.get(route_path('home'))
61
61
62 rhodecode_version_hash = c.rhodecode_version_hash
62 rhodecode_version_hash = c.rhodecode_version_hash
63 response.mustcontain('style.css?ver={0}'.format(rhodecode_version_hash))
63 response.mustcontain('style.css?ver={0}'.format(rhodecode_version_hash))
64 response.mustcontain('rhodecode-components.js?ver={0}'.format(rhodecode_version_hash))
64 response.mustcontain('rhodecode-components.js?ver={0}'.format(rhodecode_version_hash))
65
65
66 def test_index_contains_backend_specific_details(self, backend):
66 def test_index_contains_backend_specific_details(self, backend):
67 self.log_user()
67 self.log_user()
68 response = self.app.get(route_path('home'))
68 response = self.app.get(route_path('home'))
69 tip = backend.repo.get_commit().raw_id
69 tip = backend.repo.get_commit().raw_id
70
70
71 # html in javascript variable:
71 # html in javascript variable:
72 response.mustcontain(r'<i class=\"icon-%s\"' % (backend.alias, ))
72 response.mustcontain(r'<i class=\"icon-%s\"' % (backend.alias, ))
73 response.mustcontain(r'href=\"/%s\"' % (backend.repo_name, ))
73 response.mustcontain(r'href=\"/%s\"' % (backend.repo_name, ))
74
74
75 response.mustcontain("""/%s/changeset/%s""" % (backend.repo_name, tip))
75 response.mustcontain("""/%s/changeset/%s""" % (backend.repo_name, tip))
76 response.mustcontain("""Added a symlink""")
76 response.mustcontain("""Added a symlink""")
77
77
78 def test_index_with_anonymous_access_disabled(self):
78 def test_index_with_anonymous_access_disabled(self):
79 with fixture.anon_access(False):
79 with fixture.anon_access(False):
80 response = self.app.get(route_path('home'), status=302)
80 response = self.app.get(route_path('home'), status=302)
81 assert 'login' in response.location
81 assert 'login' in response.location
82
82
83 def test_index_page_on_groups(self, autologin_user, repo_group):
83 def test_index_page_on_groups(self, autologin_user, repo_group):
84 response = self.app.get(route_path('repo_group_home', repo_group_name='gr1'))
84 response = self.app.get(route_path('repo_group_home', repo_group_name='gr1'))
85 response.mustcontain("gr1/repo_in_group")
85 response.mustcontain("gr1/repo_in_group")
86
86
87 def test_index_page_on_group_with_trailing_slash(
87 def test_index_page_on_group_with_trailing_slash(
88 self, autologin_user, repo_group):
88 self, autologin_user, repo_group):
89 response = self.app.get(route_path('repo_group_home', repo_group_name='gr1') + '/')
89 response = self.app.get(route_path('repo_group_home', repo_group_name='gr1') + '/')
90 response.mustcontain("gr1/repo_in_group")
90 response.mustcontain("gr1/repo_in_group")
91
91
92 @pytest.fixture(scope='class')
92 @pytest.fixture(scope='class')
93 def repo_group(self, request):
93 def repo_group(self, request):
94 gr = fixture.create_repo_group('gr1')
94 gr = fixture.create_repo_group('gr1')
95 fixture.create_repo(name='gr1/repo_in_group', repo_group=gr)
95 fixture.create_repo(name='gr1/repo_in_group', repo_group=gr)
96
96
97 @request.addfinalizer
97 @request.addfinalizer
98 def cleanup():
98 def cleanup():
99 RepoModel().delete('gr1/repo_in_group')
99 RepoModel().delete('gr1/repo_in_group')
100 RepoGroupModel().delete(repo_group='gr1', force_delete=True)
100 RepoGroupModel().delete(repo_group='gr1', force_delete=True)
101 Session().commit()
101 Session().commit()
102
102
103 def test_index_with_name_with_tags(self, user_util, autologin_user):
103 def test_index_with_name_with_tags(self, user_util, autologin_user):
104 user = user_util.create_user()
104 user = user_util.create_user()
105 username = user.username
105 username = user.username
106 user.name = '<img src="/image1" onload="alert(\'Hello, World!\');">'
106 user.name = '<img src="/image1" onload="alert(\'Hello, World!\');">'
107 user.lastname = '#"><img src=x onerror=prompt(document.cookie);>'
107 user.lastname = '#"><img src=x onerror=prompt(document.cookie);>'
108
108
109 Session().add(user)
109 Session().add(user)
110 Session().commit()
110 Session().commit()
111 user_util.create_repo(owner=username)
111 user_util.create_repo(owner=username)
112
112
113 response = self.app.get(route_path('home'))
113 response = self.app.get(route_path('home'))
114 response.mustcontain(h.html_escape(h.escape(user.name)))
114 response.mustcontain(h.html_escape(user.first_name))
115 response.mustcontain(h.html_escape(h.escape(user.lastname)))
115 response.mustcontain(h.html_escape(user.last_name))
116
116
117 @pytest.mark.parametrize("name, state", [
117 @pytest.mark.parametrize("name, state", [
118 ('Disabled', False),
118 ('Disabled', False),
119 ('Enabled', True),
119 ('Enabled', True),
120 ])
120 ])
121 def test_index_show_version(self, autologin_user, name, state):
121 def test_index_show_version(self, autologin_user, name, state):
122 version_string = 'RhodeCode Enterprise %s' % rhodecode.__version__
122 version_string = 'RhodeCode Enterprise %s' % rhodecode.__version__
123
123
124 sett = SettingsModel().create_or_update_setting(
124 sett = SettingsModel().create_or_update_setting(
125 'show_version', state, 'bool')
125 'show_version', state, 'bool')
126 Session().add(sett)
126 Session().add(sett)
127 Session().commit()
127 Session().commit()
128 SettingsModel().invalidate_settings_cache()
128 SettingsModel().invalidate_settings_cache()
129
129
130 response = self.app.get(route_path('home'))
130 response = self.app.get(route_path('home'))
131 if state is True:
131 if state is True:
132 response.mustcontain(version_string)
132 response.mustcontain(version_string)
133 if state is False:
133 if state is False:
134 response.mustcontain(no=[version_string])
134 response.mustcontain(no=[version_string])
Show file before | Show file after | Hide comments
@@ -1,76 +1,76 b''
1 # -*- coding: utf-8 -*-
1 # -*- coding: utf-8 -*-
2
2
3 # Copyright (C) 2016-2017 RhodeCode GmbH
3 # Copyright (C) 2016-2017 RhodeCode GmbH
4 #
4 #
5 # This program is free software: you can redistribute it and/or modify
5 # This program is free software: you can redistribute it and/or modify
6 # it under the terms of the GNU Affero General Public License, version 3
6 # it under the terms of the GNU Affero General Public License, version 3
7 # (only), as published by the Free Software Foundation.
7 # (only), as published by the Free Software Foundation.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU Affero General Public License
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 #
16 #
17 # This program is dual-licensed. If you wish to learn more about the
17 # This program is dual-licensed. If you wish to learn more about the
18 # RhodeCode Enterprise Edition, including its added features, Support services,
18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20
20
21 from rhodecode.lib import helpers as h
21 from rhodecode.lib import helpers as h
22 from rhodecode.lib.utils2 import safe_int
22 from rhodecode.lib.utils2 import safe_int
23
23
24
24
25 def reviewer_as_json(user, reasons=None, mandatory=False):
25 def reviewer_as_json(user, reasons=None, mandatory=False):
26 """
26 """
27 Returns json struct of a reviewer for frontend
27 Returns json struct of a reviewer for frontend
28
28
29 :param user: the reviewer
29 :param user: the reviewer
30 :param reasons: list of strings of why they are reviewers
30 :param reasons: list of strings of why they are reviewers
31 :param mandatory: bool, to set user as mandatory
31 :param mandatory: bool, to set user as mandatory
32 """
32 """
33
33
34 return {
34 return {
35 'user_id': user.user_id,
35 'user_id': user.user_id,
36 'reasons': reasons or [],
36 'reasons': reasons or [],
37 'mandatory': mandatory,
37 'mandatory': mandatory,
38 'username': user.username,
38 'username': user.username,
39 'firstname': user.firstname,
39 'first_name': user.first_name,
40 'lastname': user.lastname,
40 'last_name': user.last_name,
41 'gravatar_link': h.gravatar_url(user.email, 14),
41 'gravatar_link': h.gravatar_url(user.email, 14),
42 }
42 }
43
43
44
44
45 def get_default_reviewers_data(
45 def get_default_reviewers_data(
46 current_user, source_repo, source_commit, target_repo, target_commit):
46 current_user, source_repo, source_commit, target_repo, target_commit):
47
47
48 """ Return json for default reviewers of a repository """
48 """ Return json for default reviewers of a repository """
49
49
50 reasons = ['Default reviewer', 'Repository owner']
50 reasons = ['Default reviewer', 'Repository owner']
51 default = reviewer_as_json(
51 default = reviewer_as_json(
52 user=current_user, reasons=reasons, mandatory=False)
52 user=current_user, reasons=reasons, mandatory=False)
53
53
54 return {
54 return {
55 'api_ver': 'v1', # define version for later possible schema upgrade
55 'api_ver': 'v1', # define version for later possible schema upgrade
56 'reviewers': [default],
56 'reviewers': [default],
57 'rules': {},
57 'rules': {},
58 'rules_data': {},
58 'rules_data': {},
59 }
59 }
60
60
61
61
62 def validate_default_reviewers(review_members, reviewer_rules):
62 def validate_default_reviewers(review_members, reviewer_rules):
63 """
63 """
64 Function to validate submitted reviewers against the saved rules
64 Function to validate submitted reviewers against the saved rules
65
65
66 """
66 """
67 reviewers = []
67 reviewers = []
68 reviewer_by_id = {}
68 reviewer_by_id = {}
69 for r in review_members:
69 for r in review_members:
70 reviewer_user_id = safe_int(r['user_id'])
70 reviewer_user_id = safe_int(r['user_id'])
71 entry = (reviewer_user_id, r['reasons'], r['mandatory'])
71 entry = (reviewer_user_id, r['reasons'], r['mandatory'])
72
72
73 reviewer_by_id[reviewer_user_id] = entry
73 reviewer_by_id[reviewer_user_id] = entry
74 reviewers.append(entry)
74 reviewers.append(entry)
75
75
76 return reviewers
76 return reviewers
Show file before | Show file after | Hide comments
@@ -1,510 +1,510 b''
1 # -*- coding: utf-8 -*-
1 # -*- coding: utf-8 -*-
2
2
3 # Copyright (C) 2011-2017 RhodeCode GmbH
3 # Copyright (C) 2011-2017 RhodeCode GmbH
4 #
4 #
5 # This program is free software: you can redistribute it and/or modify
5 # This program is free software: you can redistribute it and/or modify
6 # it under the terms of the GNU Affero General Public License, version 3
6 # it under the terms of the GNU Affero General Public License, version 3
7 # (only), as published by the Free Software Foundation.
7 # (only), as published by the Free Software Foundation.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU Affero General Public License
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 #
16 #
17 # This program is dual-licensed. If you wish to learn more about the
17 # This program is dual-licensed. If you wish to learn more about the
18 # RhodeCode Enterprise Edition, including its added features, Support services,
18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20
20
21 """
21 """
22 User Groups crud controller for pylons
22 User Groups crud controller for pylons
23 """
23 """
24
24
25 import logging
25 import logging
26 import formencode
26 import formencode
27
27
28 import peppercorn
28 import peppercorn
29 from formencode import htmlfill
29 from formencode import htmlfill
30 from pylons import request, tmpl_context as c, url, config
30 from pylons import request, tmpl_context as c, url, config
31 from pylons.controllers.util import redirect
31 from pylons.controllers.util import redirect
32 from pylons.i18n.translation import _
32 from pylons.i18n.translation import _
33
33
34 from sqlalchemy.orm import joinedload
34 from sqlalchemy.orm import joinedload
35
35
36 from rhodecode.lib import auth
36 from rhodecode.lib import auth
37 from rhodecode.lib import helpers as h
37 from rhodecode.lib import helpers as h
38 from rhodecode.lib import audit_logger
38 from rhodecode.lib import audit_logger
39 from rhodecode.lib.ext_json import json
39 from rhodecode.lib.ext_json import json
40 from rhodecode.lib.exceptions import UserGroupAssignedException,\
40 from rhodecode.lib.exceptions import UserGroupAssignedException,\
41 RepoGroupAssignmentError
41 RepoGroupAssignmentError
42 from rhodecode.lib.utils import jsonify
42 from rhodecode.lib.utils import jsonify
43 from rhodecode.lib.utils2 import safe_unicode, str2bool, safe_int
43 from rhodecode.lib.utils2 import safe_unicode, str2bool, safe_int
44 from rhodecode.lib.auth import (
44 from rhodecode.lib.auth import (
45 LoginRequired, NotAnonymous, HasUserGroupPermissionAnyDecorator,
45 LoginRequired, NotAnonymous, HasUserGroupPermissionAnyDecorator,
46 HasPermissionAnyDecorator, XHRRequired)
46 HasPermissionAnyDecorator, XHRRequired)
47 from rhodecode.lib.base import BaseController, render
47 from rhodecode.lib.base import BaseController, render
48 from rhodecode.model.permission import PermissionModel
48 from rhodecode.model.permission import PermissionModel
49 from rhodecode.model.scm import UserGroupList
49 from rhodecode.model.scm import UserGroupList
50 from rhodecode.model.user_group import UserGroupModel
50 from rhodecode.model.user_group import UserGroupModel
51 from rhodecode.model.db import (
51 from rhodecode.model.db import (
52 User, UserGroup, UserGroupRepoToPerm, UserGroupRepoGroupToPerm)
52 User, UserGroup, UserGroupRepoToPerm, UserGroupRepoGroupToPerm)
53 from rhodecode.model.forms import (
53 from rhodecode.model.forms import (
54 UserGroupForm, UserGroupPermsForm, UserIndividualPermissionsForm,
54 UserGroupForm, UserGroupPermsForm, UserIndividualPermissionsForm,
55 UserPermissionsForm)
55 UserPermissionsForm)
56 from rhodecode.model.meta import Session
56 from rhodecode.model.meta import Session
57
57
58
58
59 log = logging.getLogger(__name__)
59 log = logging.getLogger(__name__)
60
60
61
61
62 class UserGroupsController(BaseController):
62 class UserGroupsController(BaseController):
63 """REST Controller styled on the Atom Publishing Protocol"""
63 """REST Controller styled on the Atom Publishing Protocol"""
64
64
65 @LoginRequired()
65 @LoginRequired()
66 def __before__(self):
66 def __before__(self):
67 super(UserGroupsController, self).__before__()
67 super(UserGroupsController, self).__before__()
68 c.available_permissions = config['available_permissions']
68 c.available_permissions = config['available_permissions']
69 PermissionModel().set_global_permission_choices(c, gettext_translator=_)
69 PermissionModel().set_global_permission_choices(c, gettext_translator=_)
70
70
71 def __load_data(self, user_group_id):
71 def __load_data(self, user_group_id):
72 c.group_members_obj = [x.user for x in c.user_group.members]
72 c.group_members_obj = [x.user for x in c.user_group.members]
73 c.group_members_obj.sort(key=lambda u: u.username.lower())
73 c.group_members_obj.sort(key=lambda u: u.username.lower())
74 c.group_members = [(x.user_id, x.username) for x in c.group_members_obj]
74 c.group_members = [(x.user_id, x.username) for x in c.group_members_obj]
75
75
76 def __load_defaults(self, user_group_id):
76 def __load_defaults(self, user_group_id):
77 """
77 """
78 Load defaults settings for edit, and update
78 Load defaults settings for edit, and update
79
79
80 :param user_group_id:
80 :param user_group_id:
81 """
81 """
82 user_group = UserGroup.get_or_404(user_group_id)
82 user_group = UserGroup.get_or_404(user_group_id)
83 data = user_group.get_dict()
83 data = user_group.get_dict()
84 # fill owner
84 # fill owner
85 if user_group.user:
85 if user_group.user:
86 data.update({'user': user_group.user.username})
86 data.update({'user': user_group.user.username})
87 else:
87 else:
88 replacement_user = User.get_first_super_admin().username
88 replacement_user = User.get_first_super_admin().username
89 data.update({'user': replacement_user})
89 data.update({'user': replacement_user})
90 return data
90 return data
91
91
92 def _revoke_perms_on_yourself(self, form_result):
92 def _revoke_perms_on_yourself(self, form_result):
93 _updates = filter(lambda u: c.rhodecode_user.user_id == int(u[0]),
93 _updates = filter(lambda u: c.rhodecode_user.user_id == int(u[0]),
94 form_result['perm_updates'])
94 form_result['perm_updates'])
95 _additions = filter(lambda u: c.rhodecode_user.user_id == int(u[0]),
95 _additions = filter(lambda u: c.rhodecode_user.user_id == int(u[0]),
96 form_result['perm_additions'])
96 form_result['perm_additions'])
97 _deletions = filter(lambda u: c.rhodecode_user.user_id == int(u[0]),
97 _deletions = filter(lambda u: c.rhodecode_user.user_id == int(u[0]),
98 form_result['perm_deletions'])
98 form_result['perm_deletions'])
99 admin_perm = 'usergroup.admin'
99 admin_perm = 'usergroup.admin'
100 if _updates and _updates[0][1] != admin_perm or \
100 if _updates and _updates[0][1] != admin_perm or \
101 _additions and _additions[0][1] != admin_perm or \
101 _additions and _additions[0][1] != admin_perm or \
102 _deletions and _deletions[0][1] != admin_perm:
102 _deletions and _deletions[0][1] != admin_perm:
103 return True
103 return True
104 return False
104 return False
105
105
106 # permission check inside
106 # permission check inside
107 @NotAnonymous()
107 @NotAnonymous()
108 def index(self):
108 def index(self):
109
109
110 from rhodecode.lib.utils import PartialRenderer
110 from rhodecode.lib.utils import PartialRenderer
111 _render = PartialRenderer('data_table/_dt_elements.mako')
111 _render = PartialRenderer('data_table/_dt_elements.mako')
112
112
113 def user_group_name(user_group_id, user_group_name):
113 def user_group_name(user_group_id, user_group_name):
114 return _render("user_group_name", user_group_id, user_group_name)
114 return _render("user_group_name", user_group_id, user_group_name)
115
115
116 def user_group_actions(user_group_id, user_group_name):
116 def user_group_actions(user_group_id, user_group_name):
117 return _render("user_group_actions", user_group_id, user_group_name)
117 return _render("user_group_actions", user_group_id, user_group_name)
118
118
119 # json generate
119 # json generate
120 group_iter = UserGroupList(UserGroup.query().all(),
120 group_iter = UserGroupList(UserGroup.query().all(),
121 perm_set=['usergroup.admin'])
121 perm_set=['usergroup.admin'])
122
122
123 user_groups_data = []
123 user_groups_data = []
124 for user_gr in group_iter:
124 for user_gr in group_iter:
125 user_groups_data.append({
125 user_groups_data.append({
126 "group_name": user_group_name(
126 "group_name": user_group_name(
127 user_gr.users_group_id, h.escape(user_gr.users_group_name)),
127 user_gr.users_group_id, h.escape(user_gr.users_group_name)),
128 "group_name_raw": user_gr.users_group_name,
128 "group_name_raw": user_gr.users_group_name,
129 "desc": h.escape(user_gr.user_group_description),
129 "desc": h.escape(user_gr.user_group_description),
130 "members": len(user_gr.members),
130 "members": len(user_gr.members),
131 "sync": user_gr.group_data.get('extern_type'),
131 "sync": user_gr.group_data.get('extern_type'),
132 "active": h.bool2icon(user_gr.users_group_active),
132 "active": h.bool2icon(user_gr.users_group_active),
133 "owner": h.escape(h.link_to_user(user_gr.user.username)),
133 "owner": h.escape(h.link_to_user(user_gr.user.username)),
134 "action": user_group_actions(
134 "action": user_group_actions(
135 user_gr.users_group_id, user_gr.users_group_name)
135 user_gr.users_group_id, user_gr.users_group_name)
136 })
136 })
137
137
138 c.data = json.dumps(user_groups_data)
138 c.data = json.dumps(user_groups_data)
139 return render('admin/user_groups/user_groups.mako')
139 return render('admin/user_groups/user_groups.mako')
140
140
141 @HasPermissionAnyDecorator('hg.admin', 'hg.usergroup.create.true')
141 @HasPermissionAnyDecorator('hg.admin', 'hg.usergroup.create.true')
142 @auth.CSRFRequired()
142 @auth.CSRFRequired()
143 def create(self):
143 def create(self):
144
144
145 users_group_form = UserGroupForm()()
145 users_group_form = UserGroupForm()()
146 try:
146 try:
147 form_result = users_group_form.to_python(dict(request.POST))
147 form_result = users_group_form.to_python(dict(request.POST))
148 user_group = UserGroupModel().create(
148 user_group = UserGroupModel().create(
149 name=form_result['users_group_name'],
149 name=form_result['users_group_name'],
150 description=form_result['user_group_description'],
150 description=form_result['user_group_description'],
151 owner=c.rhodecode_user.user_id,
151 owner=c.rhodecode_user.user_id,
152 active=form_result['users_group_active'])
152 active=form_result['users_group_active'])
153 Session().flush()
153 Session().flush()
154 creation_data = user_group.get_api_data()
154 creation_data = user_group.get_api_data()
155 user_group_name = form_result['users_group_name']
155 user_group_name = form_result['users_group_name']
156
156
157 audit_logger.store_web(
157 audit_logger.store_web(
158 'user_group.create', action_data={'data': creation_data},
158 'user_group.create', action_data={'data': creation_data},
159 user=c.rhodecode_user)
159 user=c.rhodecode_user)
160
160
161 user_group_link = h.link_to(
161 user_group_link = h.link_to(
162 h.escape(user_group_name),
162 h.escape(user_group_name),
163 url('edit_users_group', user_group_id=user_group.users_group_id))
163 url('edit_users_group', user_group_id=user_group.users_group_id))
164 h.flash(h.literal(_('Created user group %(user_group_link)s')
164 h.flash(h.literal(_('Created user group %(user_group_link)s')
165 % {'user_group_link': user_group_link}),
165 % {'user_group_link': user_group_link}),
166 category='success')
166 category='success')
167 Session().commit()
167 Session().commit()
168 except formencode.Invalid as errors:
168 except formencode.Invalid as errors:
169 return htmlfill.render(
169 return htmlfill.render(
170 render('admin/user_groups/user_group_add.mako'),
170 render('admin/user_groups/user_group_add.mako'),
171 defaults=errors.value,
171 defaults=errors.value,
172 errors=errors.error_dict or {},
172 errors=errors.error_dict or {},
173 prefix_error=False,
173 prefix_error=False,
174 encoding="UTF-8",
174 encoding="UTF-8",
175 force_defaults=False)
175 force_defaults=False)
176 except Exception:
176 except Exception:
177 log.exception("Exception creating user group")
177 log.exception("Exception creating user group")
178 h.flash(_('Error occurred during creation of user group %s') \
178 h.flash(_('Error occurred during creation of user group %s') \
179 % request.POST.get('users_group_name'), category='error')
179 % request.POST.get('users_group_name'), category='error')
180
180
181 return redirect(
181 return redirect(
182 url('edit_users_group', user_group_id=user_group.users_group_id))
182 url('edit_users_group', user_group_id=user_group.users_group_id))
183
183
184 @HasPermissionAnyDecorator('hg.admin', 'hg.usergroup.create.true')
184 @HasPermissionAnyDecorator('hg.admin', 'hg.usergroup.create.true')
185 def new(self):
185 def new(self):
186 """GET /user_groups/new: Form to create a new item"""
186 """GET /user_groups/new: Form to create a new item"""
187 # url('new_users_group')
187 # url('new_users_group')
188 return render('admin/user_groups/user_group_add.mako')
188 return render('admin/user_groups/user_group_add.mako')
189
189
190 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
190 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
191 @auth.CSRFRequired()
191 @auth.CSRFRequired()
192 def update(self, user_group_id):
192 def update(self, user_group_id):
193
193
194 user_group_id = safe_int(user_group_id)
194 user_group_id = safe_int(user_group_id)
195 c.user_group = UserGroup.get_or_404(user_group_id)
195 c.user_group = UserGroup.get_or_404(user_group_id)
196 c.active = 'settings'
196 c.active = 'settings'
197 self.__load_data(user_group_id)
197 self.__load_data(user_group_id)
198
198
199 users_group_form = UserGroupForm(
199 users_group_form = UserGroupForm(
200 edit=True, old_data=c.user_group.get_dict(), allow_disabled=True)()
200 edit=True, old_data=c.user_group.get_dict(), allow_disabled=True)()
201
201
202 old_values = c.user_group.get_api_data()
202 old_values = c.user_group.get_api_data()
203 try:
203 try:
204 form_result = users_group_form.to_python(request.POST)
204 form_result = users_group_form.to_python(request.POST)
205 pstruct = peppercorn.parse(request.POST.items())
205 pstruct = peppercorn.parse(request.POST.items())
206 form_result['users_group_members'] = pstruct['user_group_members']
206 form_result['users_group_members'] = pstruct['user_group_members']
207
207
208 UserGroupModel().update(c.user_group, form_result)
208 UserGroupModel().update(c.user_group, form_result)
209 updated_user_group = form_result['users_group_name']
209 updated_user_group = form_result['users_group_name']
210
210
211 audit_logger.store_web(
211 audit_logger.store_web(
212 'user_group.edit', action_data={'old_data': old_values},
212 'user_group.edit', action_data={'old_data': old_values},
213 user=c.rhodecode_user)
213 user=c.rhodecode_user)
214
214
215 h.flash(_('Updated user group %s') % updated_user_group,
215 h.flash(_('Updated user group %s') % updated_user_group,
216 category='success')
216 category='success')
217 Session().commit()
217 Session().commit()
218 except formencode.Invalid as errors:
218 except formencode.Invalid as errors:
219 defaults = errors.value
219 defaults = errors.value
220 e = errors.error_dict or {}
220 e = errors.error_dict or {}
221
221
222 return htmlfill.render(
222 return htmlfill.render(
223 render('admin/user_groups/user_group_edit.mako'),
223 render('admin/user_groups/user_group_edit.mako'),
224 defaults=defaults,
224 defaults=defaults,
225 errors=e,
225 errors=e,
226 prefix_error=False,
226 prefix_error=False,
227 encoding="UTF-8",
227 encoding="UTF-8",
228 force_defaults=False)
228 force_defaults=False)
229 except Exception:
229 except Exception:
230 log.exception("Exception during update of user group")
230 log.exception("Exception during update of user group")
231 h.flash(_('Error occurred during update of user group %s')
231 h.flash(_('Error occurred during update of user group %s')
232 % request.POST.get('users_group_name'), category='error')
232 % request.POST.get('users_group_name'), category='error')
233
233
234 return redirect(url('edit_users_group', user_group_id=user_group_id))
234 return redirect(url('edit_users_group', user_group_id=user_group_id))
235
235
236 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
236 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
237 @auth.CSRFRequired()
237 @auth.CSRFRequired()
238 def delete(self, user_group_id):
238 def delete(self, user_group_id):
239 user_group_id = safe_int(user_group_id)
239 user_group_id = safe_int(user_group_id)
240 c.user_group = UserGroup.get_or_404(user_group_id)
240 c.user_group = UserGroup.get_or_404(user_group_id)
241 force = str2bool(request.POST.get('force'))
241 force = str2bool(request.POST.get('force'))
242
242
243 old_values = c.user_group.get_api_data()
243 old_values = c.user_group.get_api_data()
244 try:
244 try:
245 UserGroupModel().delete(c.user_group, force=force)
245 UserGroupModel().delete(c.user_group, force=force)
246 audit_logger.store_web(
246 audit_logger.store_web(
247 'user.delete', action_data={'old_data': old_values},
247 'user.delete', action_data={'old_data': old_values},
248 user=c.rhodecode_user)
248 user=c.rhodecode_user)
249 Session().commit()
249 Session().commit()
250 h.flash(_('Successfully deleted user group'), category='success')
250 h.flash(_('Successfully deleted user group'), category='success')
251 except UserGroupAssignedException as e:
251 except UserGroupAssignedException as e:
252 h.flash(str(e), category='error')
252 h.flash(str(e), category='error')
253 except Exception:
253 except Exception:
254 log.exception("Exception during deletion of user group")
254 log.exception("Exception during deletion of user group")
255 h.flash(_('An error occurred during deletion of user group'),
255 h.flash(_('An error occurred during deletion of user group'),
256 category='error')
256 category='error')
257 return redirect(url('users_groups'))
257 return redirect(url('users_groups'))
258
258
259 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
259 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
260 def edit(self, user_group_id):
260 def edit(self, user_group_id):
261 """GET /user_groups/user_group_id/edit: Form to edit an existing item"""
261 """GET /user_groups/user_group_id/edit: Form to edit an existing item"""
262 # url('edit_users_group', user_group_id=ID)
262 # url('edit_users_group', user_group_id=ID)
263
263
264 user_group_id = safe_int(user_group_id)
264 user_group_id = safe_int(user_group_id)
265 c.user_group = UserGroup.get_or_404(user_group_id)
265 c.user_group = UserGroup.get_or_404(user_group_id)
266 c.active = 'settings'
266 c.active = 'settings'
267 self.__load_data(user_group_id)
267 self.__load_data(user_group_id)
268
268
269 defaults = self.__load_defaults(user_group_id)
269 defaults = self.__load_defaults(user_group_id)
270
270
271 return htmlfill.render(
271 return htmlfill.render(
272 render('admin/user_groups/user_group_edit.mako'),
272 render('admin/user_groups/user_group_edit.mako'),
273 defaults=defaults,
273 defaults=defaults,
274 encoding="UTF-8",
274 encoding="UTF-8",
275 force_defaults=False
275 force_defaults=False
276 )
276 )
277
277
278 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
278 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
279 def edit_perms(self, user_group_id):
279 def edit_perms(self, user_group_id):
280 user_group_id = safe_int(user_group_id)
280 user_group_id = safe_int(user_group_id)
281 c.user_group = UserGroup.get_or_404(user_group_id)
281 c.user_group = UserGroup.get_or_404(user_group_id)
282 c.active = 'perms'
282 c.active = 'perms'
283
283
284 defaults = {}
284 defaults = {}
285 # fill user group users
285 # fill user group users
286 for p in c.user_group.user_user_group_to_perm:
286 for p in c.user_group.user_user_group_to_perm:
287 defaults.update({'u_perm_%s' % p.user.user_id:
287 defaults.update({'u_perm_%s' % p.user.user_id:
288 p.permission.permission_name})
288 p.permission.permission_name})
289
289
290 for p in c.user_group.user_group_user_group_to_perm:
290 for p in c.user_group.user_group_user_group_to_perm:
291 defaults.update({'g_perm_%s' % p.user_group.users_group_id:
291 defaults.update({'g_perm_%s' % p.user_group.users_group_id:
292 p.permission.permission_name})
292 p.permission.permission_name})
293
293
294 return htmlfill.render(
294 return htmlfill.render(
295 render('admin/user_groups/user_group_edit.mako'),
295 render('admin/user_groups/user_group_edit.mako'),
296 defaults=defaults,
296 defaults=defaults,
297 encoding="UTF-8",
297 encoding="UTF-8",
298 force_defaults=False
298 force_defaults=False
299 )
299 )
300
300
301 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
301 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
302 @auth.CSRFRequired()
302 @auth.CSRFRequired()
303 def update_perms(self, user_group_id):
303 def update_perms(self, user_group_id):
304 """
304 """
305 grant permission for given usergroup
305 grant permission for given usergroup
306
306
307 :param user_group_id:
307 :param user_group_id:
308 """
308 """
309 user_group_id = safe_int(user_group_id)
309 user_group_id = safe_int(user_group_id)
310 c.user_group = UserGroup.get_or_404(user_group_id)
310 c.user_group = UserGroup.get_or_404(user_group_id)
311 form = UserGroupPermsForm()().to_python(request.POST)
311 form = UserGroupPermsForm()().to_python(request.POST)
312
312
313 if not c.rhodecode_user.is_admin:
313 if not c.rhodecode_user.is_admin:
314 if self._revoke_perms_on_yourself(form):
314 if self._revoke_perms_on_yourself(form):
315 msg = _('Cannot change permission for yourself as admin')
315 msg = _('Cannot change permission for yourself as admin')
316 h.flash(msg, category='warning')
316 h.flash(msg, category='warning')
317 return redirect(url('edit_user_group_perms', user_group_id=user_group_id))
317 return redirect(url('edit_user_group_perms', user_group_id=user_group_id))
318
318
319 try:
319 try:
320 UserGroupModel().update_permissions(user_group_id,
320 UserGroupModel().update_permissions(user_group_id,
321 form['perm_additions'], form['perm_updates'], form['perm_deletions'])
321 form['perm_additions'], form['perm_updates'], form['perm_deletions'])
322 except RepoGroupAssignmentError:
322 except RepoGroupAssignmentError:
323 h.flash(_('Target group cannot be the same'), category='error')
323 h.flash(_('Target group cannot be the same'), category='error')
324 return redirect(url('edit_user_group_perms', user_group_id=user_group_id))
324 return redirect(url('edit_user_group_perms', user_group_id=user_group_id))
325
325
326 # TODO(marcink): implement global permissions
326 # TODO(marcink): implement global permissions
327 # audit_log.store_web('user_group.edit.permissions')
327 # audit_log.store_web('user_group.edit.permissions')
328 Session().commit()
328 Session().commit()
329 h.flash(_('User Group permissions updated'), category='success')
329 h.flash(_('User Group permissions updated'), category='success')
330 return redirect(url('edit_user_group_perms', user_group_id=user_group_id))
330 return redirect(url('edit_user_group_perms', user_group_id=user_group_id))
331
331
332 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
332 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
333 def edit_perms_summary(self, user_group_id):
333 def edit_perms_summary(self, user_group_id):
334 user_group_id = safe_int(user_group_id)
334 user_group_id = safe_int(user_group_id)
335 c.user_group = UserGroup.get_or_404(user_group_id)
335 c.user_group = UserGroup.get_or_404(user_group_id)
336 c.active = 'perms_summary'
336 c.active = 'perms_summary'
337 permissions = {
337 permissions = {
338 'repositories': {},
338 'repositories': {},
339 'repositories_groups': {},
339 'repositories_groups': {},
340 }
340 }
341 ugroup_repo_perms = UserGroupRepoToPerm.query()\
341 ugroup_repo_perms = UserGroupRepoToPerm.query()\
342 .options(joinedload(UserGroupRepoToPerm.permission))\
342 .options(joinedload(UserGroupRepoToPerm.permission))\
343 .options(joinedload(UserGroupRepoToPerm.repository))\
343 .options(joinedload(UserGroupRepoToPerm.repository))\
344 .filter(UserGroupRepoToPerm.users_group_id == user_group_id)\
344 .filter(UserGroupRepoToPerm.users_group_id == user_group_id)\
345 .all()
345 .all()
346
346
347 for gr in ugroup_repo_perms:
347 for gr in ugroup_repo_perms:
348 permissions['repositories'][gr.repository.repo_name] \
348 permissions['repositories'][gr.repository.repo_name] \
349 = gr.permission.permission_name
349 = gr.permission.permission_name
350
350
351 ugroup_group_perms = UserGroupRepoGroupToPerm.query()\
351 ugroup_group_perms = UserGroupRepoGroupToPerm.query()\
352 .options(joinedload(UserGroupRepoGroupToPerm.permission))\
352 .options(joinedload(UserGroupRepoGroupToPerm.permission))\
353 .options(joinedload(UserGroupRepoGroupToPerm.group))\
353 .options(joinedload(UserGroupRepoGroupToPerm.group))\
354 .filter(UserGroupRepoGroupToPerm.users_group_id == user_group_id)\
354 .filter(UserGroupRepoGroupToPerm.users_group_id == user_group_id)\
355 .all()
355 .all()
356
356
357 for gr in ugroup_group_perms:
357 for gr in ugroup_group_perms:
358 permissions['repositories_groups'][gr.group.group_name] \
358 permissions['repositories_groups'][gr.group.group_name] \
359 = gr.permission.permission_name
359 = gr.permission.permission_name
360 c.permissions = permissions
360 c.permissions = permissions
361 return render('admin/user_groups/user_group_edit.mako')
361 return render('admin/user_groups/user_group_edit.mako')
362
362
363 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
363 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
364 def edit_global_perms(self, user_group_id):
364 def edit_global_perms(self, user_group_id):
365 user_group_id = safe_int(user_group_id)
365 user_group_id = safe_int(user_group_id)
366 c.user_group = UserGroup.get_or_404(user_group_id)
366 c.user_group = UserGroup.get_or_404(user_group_id)
367 c.active = 'global_perms'
367 c.active = 'global_perms'
368
368
369 c.default_user = User.get_default_user()
369 c.default_user = User.get_default_user()
370 defaults = c.user_group.get_dict()
370 defaults = c.user_group.get_dict()
371 defaults.update(c.default_user.get_default_perms(suffix='_inherited'))
371 defaults.update(c.default_user.get_default_perms(suffix='_inherited'))
372 defaults.update(c.user_group.get_default_perms())
372 defaults.update(c.user_group.get_default_perms())
373
373
374 return htmlfill.render(
374 return htmlfill.render(
375 render('admin/user_groups/user_group_edit.mako'),
375 render('admin/user_groups/user_group_edit.mako'),
376 defaults=defaults,
376 defaults=defaults,
377 encoding="UTF-8",
377 encoding="UTF-8",
378 force_defaults=False
378 force_defaults=False
379 )
379 )
380
380
381 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
381 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
382 @auth.CSRFRequired()
382 @auth.CSRFRequired()
383 def update_global_perms(self, user_group_id):
383 def update_global_perms(self, user_group_id):
384 user_group_id = safe_int(user_group_id)
384 user_group_id = safe_int(user_group_id)
385 user_group = UserGroup.get_or_404(user_group_id)
385 user_group = UserGroup.get_or_404(user_group_id)
386 c.active = 'global_perms'
386 c.active = 'global_perms'
387
387
388 try:
388 try:
389 # first stage that verifies the checkbox
389 # first stage that verifies the checkbox
390 _form = UserIndividualPermissionsForm()
390 _form = UserIndividualPermissionsForm()
391 form_result = _form.to_python(dict(request.POST))
391 form_result = _form.to_python(dict(request.POST))
392 inherit_perms = form_result['inherit_default_permissions']
392 inherit_perms = form_result['inherit_default_permissions']
393 user_group.inherit_default_permissions = inherit_perms
393 user_group.inherit_default_permissions = inherit_perms
394 Session().add(user_group)
394 Session().add(user_group)
395
395
396 if not inherit_perms:
396 if not inherit_perms:
397 # only update the individual ones if we un check the flag
397 # only update the individual ones if we un check the flag
398 _form = UserPermissionsForm(
398 _form = UserPermissionsForm(
399 [x[0] for x in c.repo_create_choices],
399 [x[0] for x in c.repo_create_choices],
400 [x[0] for x in c.repo_create_on_write_choices],
400 [x[0] for x in c.repo_create_on_write_choices],
401 [x[0] for x in c.repo_group_create_choices],
401 [x[0] for x in c.repo_group_create_choices],
402 [x[0] for x in c.user_group_create_choices],
402 [x[0] for x in c.user_group_create_choices],
403 [x[0] for x in c.fork_choices],
403 [x[0] for x in c.fork_choices],
404 [x[0] for x in c.inherit_default_permission_choices])()
404 [x[0] for x in c.inherit_default_permission_choices])()
405
405
406 form_result = _form.to_python(dict(request.POST))
406 form_result = _form.to_python(dict(request.POST))
407 form_result.update({'perm_user_group_id': user_group.users_group_id})
407 form_result.update({'perm_user_group_id': user_group.users_group_id})
408
408
409 PermissionModel().update_user_group_permissions(form_result)
409 PermissionModel().update_user_group_permissions(form_result)
410
410
411 Session().commit()
411 Session().commit()
412 h.flash(_('User Group global permissions updated successfully'),
412 h.flash(_('User Group global permissions updated successfully'),
413 category='success')
413 category='success')
414
414
415 except formencode.Invalid as errors:
415 except formencode.Invalid as errors:
416 defaults = errors.value
416 defaults = errors.value
417 c.user_group = user_group
417 c.user_group = user_group
418 return htmlfill.render(
418 return htmlfill.render(
419 render('admin/user_groups/user_group_edit.mako'),
419 render('admin/user_groups/user_group_edit.mako'),
420 defaults=defaults,
420 defaults=defaults,
421 errors=errors.error_dict or {},
421 errors=errors.error_dict or {},
422 prefix_error=False,
422 prefix_error=False,
423 encoding="UTF-8",
423 encoding="UTF-8",
424 force_defaults=False)
424 force_defaults=False)
425 except Exception:
425 except Exception:
426 log.exception("Exception during permissions saving")
426 log.exception("Exception during permissions saving")
427 h.flash(_('An error occurred during permissions saving'),
427 h.flash(_('An error occurred during permissions saving'),
428 category='error')
428 category='error')
429
429
430 return redirect(url('edit_user_group_global_perms', user_group_id=user_group_id))
430 return redirect(url('edit_user_group_global_perms', user_group_id=user_group_id))
431
431
432 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
432 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
433 def edit_advanced(self, user_group_id):
433 def edit_advanced(self, user_group_id):
434 user_group_id = safe_int(user_group_id)
434 user_group_id = safe_int(user_group_id)
435 c.user_group = UserGroup.get_or_404(user_group_id)
435 c.user_group = UserGroup.get_or_404(user_group_id)
436 c.active = 'advanced'
436 c.active = 'advanced'
437 c.group_members_obj = sorted(
437 c.group_members_obj = sorted(
438 (x.user for x in c.user_group.members),
438 (x.user for x in c.user_group.members),
439 key=lambda u: u.username.lower())
439 key=lambda u: u.username.lower())
440
440
441 c.group_to_repos = sorted(
441 c.group_to_repos = sorted(
442 (x.repository for x in c.user_group.users_group_repo_to_perm),
442 (x.repository for x in c.user_group.users_group_repo_to_perm),
443 key=lambda u: u.repo_name.lower())
443 key=lambda u: u.repo_name.lower())
444
444
445 c.group_to_repo_groups = sorted(
445 c.group_to_repo_groups = sorted(
446 (x.group for x in c.user_group.users_group_repo_group_to_perm),
446 (x.group for x in c.user_group.users_group_repo_group_to_perm),
447 key=lambda u: u.group_name.lower())
447 key=lambda u: u.group_name.lower())
448
448
449 return render('admin/user_groups/user_group_edit.mako')
449 return render('admin/user_groups/user_group_edit.mako')
450
450
451 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
451 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
452 def edit_advanced_set_synchronization(self, user_group_id):
452 def edit_advanced_set_synchronization(self, user_group_id):
453 user_group_id = safe_int(user_group_id)
453 user_group_id = safe_int(user_group_id)
454 user_group = UserGroup.get_or_404(user_group_id)
454 user_group = UserGroup.get_or_404(user_group_id)
455
455
456 existing = user_group.group_data.get('extern_type')
456 existing = user_group.group_data.get('extern_type')
457
457
458 if existing:
458 if existing:
459 new_state = user_group.group_data
459 new_state = user_group.group_data
460 new_state['extern_type'] = None
460 new_state['extern_type'] = None
461 else:
461 else:
462 new_state = user_group.group_data
462 new_state = user_group.group_data
463 new_state['extern_type'] = 'manual'
463 new_state['extern_type'] = 'manual'
464 new_state['extern_type_set_by'] = c.rhodecode_user.username
464 new_state['extern_type_set_by'] = c.rhodecode_user.username
465
465
466 try:
466 try:
467 user_group.group_data = new_state
467 user_group.group_data = new_state
468 Session().add(user_group)
468 Session().add(user_group)
469 Session().commit()
469 Session().commit()
470
470
471 h.flash(_('User Group synchronization updated successfully'),
471 h.flash(_('User Group synchronization updated successfully'),
472 category='success')
472 category='success')
473 except Exception:
473 except Exception:
474 log.exception("Exception during sync settings saving")
474 log.exception("Exception during sync settings saving")
475 h.flash(_('An error occurred during synchronization update'),
475 h.flash(_('An error occurred during synchronization update'),
476 category='error')
476 category='error')
477
477
478 return redirect(
478 return redirect(
479 url('edit_user_group_advanced', user_group_id=user_group_id))
479 url('edit_user_group_advanced', user_group_id=user_group_id))
480
480
481 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
481 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
482 @XHRRequired()
482 @XHRRequired()
483 @jsonify
483 @jsonify
484 def user_group_members(self, user_group_id):
484 def user_group_members(self, user_group_id):
485 """
485 """
486 Return members of given user group
486 Return members of given user group
487 """
487 """
488 user_group_id = safe_int(user_group_id)
488 user_group_id = safe_int(user_group_id)
489 user_group = UserGroup.get_or_404(user_group_id)
489 user_group = UserGroup.get_or_404(user_group_id)
490 group_members_obj = sorted((x.user for x in user_group.members),
490 group_members_obj = sorted((x.user for x in user_group.members),
491 key=lambda u: u.username.lower())
491 key=lambda u: u.username.lower())
492
492
493 group_members = [
493 group_members = [
494 {
494 {
495 'id': user.user_id,
495 'id': user.user_id,
496 'first_name': user.name,
496 'first_name': user.first_name,
497 'last_name': user.lastname,
497 'last_name': user.last_name,
498 'username': user.username,
498 'username': user.username,
499 'icon_link': h.gravatar_url(user.email, 30),
499 'icon_link': h.gravatar_url(user.email, 30),
500 'value_display': h.person(user.email),
500 'value_display': h.person(user.email),
501 'value': user.username,
501 'value': user.username,
502 'value_type': 'user',
502 'value_type': 'user',
503 'active': user.active,
503 'active': user.active,
504 }
504 }
505 for user in group_members_obj
505 for user in group_members_obj
506 ]
506 ]
507
507
508 return {
508 return {
509 'members': group_members
509 'members': group_members
510 }
510 }
Show file before | Show file after | Hide comments
@@ -1,1012 +1,1011 b''
1 # -*- coding: utf-8 -*-
1 # -*- coding: utf-8 -*-
2
2
3 # Copyright (C) 2012-2017 RhodeCode GmbH
3 # Copyright (C) 2012-2017 RhodeCode GmbH
4 #
4 #
5 # This program is free software: you can redistribute it and/or modify
5 # This program is free software: you can redistribute it and/or modify
6 # it under the terms of the GNU Affero General Public License, version 3
6 # it under the terms of the GNU Affero General Public License, version 3
7 # (only), as published by the Free Software Foundation.
7 # (only), as published by the Free Software Foundation.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU Affero General Public License
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 #
16 #
17 # This program is dual-licensed. If you wish to learn more about the
17 # This program is dual-licensed. If you wish to learn more about the
18 # RhodeCode Enterprise Edition, including its added features, Support services,
18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20
20
21 """
21 """
22 pull requests controller for rhodecode for initializing pull requests
22 pull requests controller for rhodecode for initializing pull requests
23 """
23 """
24 import types
25
26 import peppercorn
24 import peppercorn
27 import formencode
25 import formencode
28 import logging
26 import logging
29 import collections
27 import collections
30
28
31 from webob.exc import HTTPNotFound, HTTPForbidden, HTTPBadRequest
29 from webob.exc import HTTPNotFound, HTTPForbidden, HTTPBadRequest
32 from pylons import request, tmpl_context as c, url
30 from pylons import request, tmpl_context as c, url
33 from pylons.controllers.util import redirect
31 from pylons.controllers.util import redirect
34 from pylons.i18n.translation import _
32 from pylons.i18n.translation import _
35 from pyramid.threadlocal import get_current_registry
33 from pyramid.threadlocal import get_current_registry
34 from pyramid.httpexceptions import HTTPFound
36 from sqlalchemy.sql import func
35 from sqlalchemy.sql import func
37 from sqlalchemy.sql.expression import or_
36 from sqlalchemy.sql.expression import or_
38
37
39 from rhodecode import events
38 from rhodecode import events
40 from rhodecode.lib import auth, diffs, helpers as h, codeblocks
39 from rhodecode.lib import auth, diffs, helpers as h, codeblocks
41 from rhodecode.lib.ext_json import json
40 from rhodecode.lib.ext_json import json
42 from rhodecode.lib.base import (
41 from rhodecode.lib.base import (
43 BaseRepoController, render, vcs_operation_context)
42 BaseRepoController, render, vcs_operation_context)
44 from rhodecode.lib.auth import (
43 from rhodecode.lib.auth import (
45 LoginRequired, HasRepoPermissionAnyDecorator, NotAnonymous,
44 LoginRequired, HasRepoPermissionAnyDecorator, NotAnonymous,
46 HasAcceptedRepoType, XHRRequired)
45 HasAcceptedRepoType, XHRRequired)
47 from rhodecode.lib.channelstream import channelstream_request
46 from rhodecode.lib.channelstream import channelstream_request
48 from rhodecode.lib.utils import jsonify
47 from rhodecode.lib.utils import jsonify
49 from rhodecode.lib.utils2 import (
48 from rhodecode.lib.utils2 import (
50 safe_int, safe_str, str2bool, safe_unicode)
49 safe_int, safe_str, str2bool, safe_unicode)
51 from rhodecode.lib.vcs.backends.base import (
50 from rhodecode.lib.vcs.backends.base import (
52 EmptyCommit, UpdateFailureReason, EmptyRepository)
51 EmptyCommit, UpdateFailureReason, EmptyRepository)
53 from rhodecode.lib.vcs.exceptions import (
52 from rhodecode.lib.vcs.exceptions import (
54 EmptyRepositoryError, CommitDoesNotExistError, RepositoryRequirementError,
53 EmptyRepositoryError, CommitDoesNotExistError, RepositoryRequirementError,
55 NodeDoesNotExistError)
54 NodeDoesNotExistError)
56
55
57 from rhodecode.model.changeset_status import ChangesetStatusModel
56 from rhodecode.model.changeset_status import ChangesetStatusModel
58 from rhodecode.model.comment import CommentsModel
57 from rhodecode.model.comment import CommentsModel
59 from rhodecode.model.db import (PullRequest, ChangesetStatus, ChangesetComment,
58 from rhodecode.model.db import (PullRequest, ChangesetStatus, ChangesetComment,
60 Repository, PullRequestVersion)
59 Repository, PullRequestVersion)
61 from rhodecode.model.forms import PullRequestForm
60 from rhodecode.model.forms import PullRequestForm
62 from rhodecode.model.meta import Session
61 from rhodecode.model.meta import Session
63 from rhodecode.model.pull_request import PullRequestModel, MergeCheck
62 from rhodecode.model.pull_request import PullRequestModel, MergeCheck
64
63
65 log = logging.getLogger(__name__)
64 log = logging.getLogger(__name__)
66
65
67
66
68 class PullrequestsController(BaseRepoController):
67 class PullrequestsController(BaseRepoController):
69
68
70 def __before__(self):
69 def __before__(self):
71 super(PullrequestsController, self).__before__()
70 super(PullrequestsController, self).__before__()
72 c.REVIEW_STATUS_APPROVED = ChangesetStatus.STATUS_APPROVED
71 c.REVIEW_STATUS_APPROVED = ChangesetStatus.STATUS_APPROVED
73 c.REVIEW_STATUS_REJECTED = ChangesetStatus.STATUS_REJECTED
72 c.REVIEW_STATUS_REJECTED = ChangesetStatus.STATUS_REJECTED
74
73
75 @LoginRequired()
74 @LoginRequired()
76 @NotAnonymous()
75 @NotAnonymous()
77 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
76 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
78 'repository.admin')
77 'repository.admin')
79 @HasAcceptedRepoType('git', 'hg')
78 @HasAcceptedRepoType('git', 'hg')
80 def index(self):
79 def index(self):
81 source_repo = c.rhodecode_db_repo
80 source_repo = c.rhodecode_db_repo
82
81
83 try:
82 try:
84 source_repo.scm_instance().get_commit()
83 source_repo.scm_instance().get_commit()
85 except EmptyRepositoryError:
84 except EmptyRepositoryError:
86 h.flash(h.literal(_('There are no commits yet')),
85 h.flash(h.literal(_('There are no commits yet')),
87 category='warning')
86 category='warning')
88 redirect(h.route_path('repo_summary', repo_name=source_repo.repo_name))
87 redirect(h.route_path('repo_summary', repo_name=source_repo.repo_name))
89
88
90 commit_id = request.GET.get('commit')
89 commit_id = request.GET.get('commit')
91 branch_ref = request.GET.get('branch')
90 branch_ref = request.GET.get('branch')
92 bookmark_ref = request.GET.get('bookmark')
91 bookmark_ref = request.GET.get('bookmark')
93
92
94 try:
93 try:
95 source_repo_data = PullRequestModel().generate_repo_data(
94 source_repo_data = PullRequestModel().generate_repo_data(
96 source_repo, commit_id=commit_id,
95 source_repo, commit_id=commit_id,
97 branch=branch_ref, bookmark=bookmark_ref)
96 branch=branch_ref, bookmark=bookmark_ref)
98 except CommitDoesNotExistError as e:
97 except CommitDoesNotExistError as e:
99 log.exception(e)
98 log.exception(e)
100 h.flash(_('Commit does not exist'), 'error')
99 h.flash(_('Commit does not exist'), 'error')
101 redirect(url('pullrequest_home', repo_name=source_repo.repo_name))
100 redirect(url('pullrequest_home', repo_name=source_repo.repo_name))
102
101
103 default_target_repo = source_repo
102 default_target_repo = source_repo
104
103
105 if source_repo.parent:
104 if source_repo.parent:
106 parent_vcs_obj = source_repo.parent.scm_instance()
105 parent_vcs_obj = source_repo.parent.scm_instance()
107 if parent_vcs_obj and not parent_vcs_obj.is_empty():
106 if parent_vcs_obj and not parent_vcs_obj.is_empty():
108 # change default if we have a parent repo
107 # change default if we have a parent repo
109 default_target_repo = source_repo.parent
108 default_target_repo = source_repo.parent
110
109
111 target_repo_data = PullRequestModel().generate_repo_data(
110 target_repo_data = PullRequestModel().generate_repo_data(
112 default_target_repo)
111 default_target_repo)
113
112
114 selected_source_ref = source_repo_data['refs']['selected_ref']
113 selected_source_ref = source_repo_data['refs']['selected_ref']
115
114
116 title_source_ref = selected_source_ref.split(':', 2)[1]
115 title_source_ref = selected_source_ref.split(':', 2)[1]
117 c.default_title = PullRequestModel().generate_pullrequest_title(
116 c.default_title = PullRequestModel().generate_pullrequest_title(
118 source=source_repo.repo_name,
117 source=source_repo.repo_name,
119 source_ref=title_source_ref,
118 source_ref=title_source_ref,
120 target=default_target_repo.repo_name
119 target=default_target_repo.repo_name
121 )
120 )
122
121
123 c.default_repo_data = {
122 c.default_repo_data = {
124 'source_repo_name': source_repo.repo_name,
123 'source_repo_name': source_repo.repo_name,
125 'source_refs_json': json.dumps(source_repo_data),
124 'source_refs_json': json.dumps(source_repo_data),
126 'target_repo_name': default_target_repo.repo_name,
125 'target_repo_name': default_target_repo.repo_name,
127 'target_refs_json': json.dumps(target_repo_data),
126 'target_refs_json': json.dumps(target_repo_data),
128 }
127 }
129 c.default_source_ref = selected_source_ref
128 c.default_source_ref = selected_source_ref
130
129
131 return render('/pullrequests/pullrequest.mako')
130 return render('/pullrequests/pullrequest.mako')
132
131
133 @LoginRequired()
132 @LoginRequired()
134 @NotAnonymous()
133 @NotAnonymous()
135 @XHRRequired()
134 @XHRRequired()
136 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
135 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
137 'repository.admin')
136 'repository.admin')
138 @jsonify
137 @jsonify
139 def get_repo_refs(self, repo_name, target_repo_name):
138 def get_repo_refs(self, repo_name, target_repo_name):
140 repo = Repository.get_by_repo_name(target_repo_name)
139 repo = Repository.get_by_repo_name(target_repo_name)
141 if not repo:
140 if not repo:
142 raise HTTPNotFound
141 raise HTTPNotFound
143 return PullRequestModel().generate_repo_data(repo)
142 return PullRequestModel().generate_repo_data(repo)
144
143
145 @LoginRequired()
144 @LoginRequired()
146 @NotAnonymous()
145 @NotAnonymous()
147 @XHRRequired()
146 @XHRRequired()
148 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
147 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
149 'repository.admin')
148 'repository.admin')
150 @jsonify
149 @jsonify
151 def get_repo_destinations(self, repo_name):
150 def get_repo_destinations(self, repo_name):
152 repo = Repository.get_by_repo_name(repo_name)
151 repo = Repository.get_by_repo_name(repo_name)
153 if not repo:
152 if not repo:
154 raise HTTPNotFound
153 raise HTTPNotFound
155 filter_query = request.GET.get('query')
154 filter_query = request.GET.get('query')
156
155
157 query = Repository.query() \
156 query = Repository.query() \
158 .order_by(func.length(Repository.repo_name)) \
157 .order_by(func.length(Repository.repo_name)) \
159 .filter(or_(
158 .filter(or_(
160 Repository.repo_name == repo.repo_name,
159 Repository.repo_name == repo.repo_name,
161 Repository.fork_id == repo.repo_id))
160 Repository.fork_id == repo.repo_id))
162
161
163 if filter_query:
162 if filter_query:
164 ilike_expression = u'%{}%'.format(safe_unicode(filter_query))
163 ilike_expression = u'%{}%'.format(safe_unicode(filter_query))
165 query = query.filter(
164 query = query.filter(
166 Repository.repo_name.ilike(ilike_expression))
165 Repository.repo_name.ilike(ilike_expression))
167
166
168 add_parent = False
167 add_parent = False
169 if repo.parent:
168 if repo.parent:
170 if filter_query in repo.parent.repo_name:
169 if filter_query in repo.parent.repo_name:
171 parent_vcs_obj = repo.parent.scm_instance()
170 parent_vcs_obj = repo.parent.scm_instance()
172 if parent_vcs_obj and not parent_vcs_obj.is_empty():
171 if parent_vcs_obj and not parent_vcs_obj.is_empty():
173 add_parent = True
172 add_parent = True
174
173
175 limit = 20 - 1 if add_parent else 20
174 limit = 20 - 1 if add_parent else 20
176 all_repos = query.limit(limit).all()
175 all_repos = query.limit(limit).all()
177 if add_parent:
176 if add_parent:
178 all_repos += [repo.parent]
177 all_repos += [repo.parent]
179
178
180 repos = []
179 repos = []
181 for obj in self.scm_model.get_repos(all_repos):
180 for obj in self.scm_model.get_repos(all_repos):
182 repos.append({
181 repos.append({
183 'id': obj['name'],
182 'id': obj['name'],
184 'text': obj['name'],
183 'text': obj['name'],
185 'type': 'repo',
184 'type': 'repo',
186 'obj': obj['dbrepo']
185 'obj': obj['dbrepo']
187 })
186 })
188
187
189 data = {
188 data = {
190 'more': False,
189 'more': False,
191 'results': [{
190 'results': [{
192 'text': _('Repositories'),
191 'text': _('Repositories'),
193 'children': repos
192 'children': repos
194 }] if repos else []
193 }] if repos else []
195 }
194 }
196 return data
195 return data
197
196
198 @LoginRequired()
197 @LoginRequired()
199 @NotAnonymous()
198 @NotAnonymous()
200 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
199 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
201 'repository.admin')
200 'repository.admin')
202 @HasAcceptedRepoType('git', 'hg')
201 @HasAcceptedRepoType('git', 'hg')
203 @auth.CSRFRequired()
202 @auth.CSRFRequired()
204 def create(self, repo_name):
203 def create(self, repo_name):
205 repo = Repository.get_by_repo_name(repo_name)
204 repo = Repository.get_by_repo_name(repo_name)
206 if not repo:
205 if not repo:
207 raise HTTPNotFound
206 raise HTTPNotFound
208
207
209 controls = peppercorn.parse(request.POST.items())
208 controls = peppercorn.parse(request.POST.items())
210
209
211 try:
210 try:
212 _form = PullRequestForm(repo.repo_id)().to_python(controls)
211 _form = PullRequestForm(repo.repo_id)().to_python(controls)
213 except formencode.Invalid as errors:
212 except formencode.Invalid as errors:
214 if errors.error_dict.get('revisions'):
213 if errors.error_dict.get('revisions'):
215 msg = 'Revisions: %s' % errors.error_dict['revisions']
214 msg = 'Revisions: %s' % errors.error_dict['revisions']
216 elif errors.error_dict.get('pullrequest_title'):
215 elif errors.error_dict.get('pullrequest_title'):
217 msg = _('Pull request requires a title with min. 3 chars')
216 msg = _('Pull request requires a title with min. 3 chars')
218 else:
217 else:
219 msg = _('Error creating pull request: {}').format(errors)
218 msg = _('Error creating pull request: {}').format(errors)
220 log.exception(msg)
219 log.exception(msg)
221 h.flash(msg, 'error')
220 h.flash(msg, 'error')
222
221
223 # would rather just go back to form ...
222 # would rather just go back to form ...
224 return redirect(url('pullrequest_home', repo_name=repo_name))
223 return redirect(url('pullrequest_home', repo_name=repo_name))
225
224
226 source_repo = _form['source_repo']
225 source_repo = _form['source_repo']
227 source_ref = _form['source_ref']
226 source_ref = _form['source_ref']
228 target_repo = _form['target_repo']
227 target_repo = _form['target_repo']
229 target_ref = _form['target_ref']
228 target_ref = _form['target_ref']
230 commit_ids = _form['revisions'][::-1]
229 commit_ids = _form['revisions'][::-1]
231
230
232 # find the ancestor for this pr
231 # find the ancestor for this pr
233 source_db_repo = Repository.get_by_repo_name(_form['source_repo'])
232 source_db_repo = Repository.get_by_repo_name(_form['source_repo'])
234 target_db_repo = Repository.get_by_repo_name(_form['target_repo'])
233 target_db_repo = Repository.get_by_repo_name(_form['target_repo'])
235
234
236 source_scm = source_db_repo.scm_instance()
235 source_scm = source_db_repo.scm_instance()
237 target_scm = target_db_repo.scm_instance()
236 target_scm = target_db_repo.scm_instance()
238
237
239 source_commit = source_scm.get_commit(source_ref.split(':')[-1])
238 source_commit = source_scm.get_commit(source_ref.split(':')[-1])
240 target_commit = target_scm.get_commit(target_ref.split(':')[-1])
239 target_commit = target_scm.get_commit(target_ref.split(':')[-1])
241
240
242 ancestor = source_scm.get_common_ancestor(
241 ancestor = source_scm.get_common_ancestor(
243 source_commit.raw_id, target_commit.raw_id, target_scm)
242 source_commit.raw_id, target_commit.raw_id, target_scm)
244
243
245 target_ref_type, target_ref_name, __ = _form['target_ref'].split(':')
244 target_ref_type, target_ref_name, __ = _form['target_ref'].split(':')
246 target_ref = ':'.join((target_ref_type, target_ref_name, ancestor))
245 target_ref = ':'.join((target_ref_type, target_ref_name, ancestor))
247
246
248 pullrequest_title = _form['pullrequest_title']
247 pullrequest_title = _form['pullrequest_title']
249 title_source_ref = source_ref.split(':', 2)[1]
248 title_source_ref = source_ref.split(':', 2)[1]
250 if not pullrequest_title:
249 if not pullrequest_title:
251 pullrequest_title = PullRequestModel().generate_pullrequest_title(
250 pullrequest_title = PullRequestModel().generate_pullrequest_title(
252 source=source_repo,
251 source=source_repo,
253 source_ref=title_source_ref,
252 source_ref=title_source_ref,
254 target=target_repo
253 target=target_repo
255 )
254 )
256
255
257 description = _form['pullrequest_desc']
256 description = _form['pullrequest_desc']
258
257
259 get_default_reviewers_data, validate_default_reviewers = \
258 get_default_reviewers_data, validate_default_reviewers = \
260 PullRequestModel().get_reviewer_functions()
259 PullRequestModel().get_reviewer_functions()
261
260
262 # recalculate reviewers logic, to make sure we can validate this
261 # recalculate reviewers logic, to make sure we can validate this
263 reviewer_rules = get_default_reviewers_data(
262 reviewer_rules = get_default_reviewers_data(
264 c.rhodecode_user.get_instance(), source_db_repo,
263 c.rhodecode_user.get_instance(), source_db_repo,
265 source_commit, target_db_repo, target_commit)
264 source_commit, target_db_repo, target_commit)
266
265
267 given_reviewers = _form['review_members']
266 given_reviewers = _form['review_members']
268 reviewers = validate_default_reviewers(given_reviewers, reviewer_rules)
267 reviewers = validate_default_reviewers(given_reviewers, reviewer_rules)
269
268
270 try:
269 try:
271 pull_request = PullRequestModel().create(
270 pull_request = PullRequestModel().create(
272 c.rhodecode_user.user_id, source_repo, source_ref, target_repo,
271 c.rhodecode_user.user_id, source_repo, source_ref, target_repo,
273 target_ref, commit_ids, reviewers, pullrequest_title,
272 target_ref, commit_ids, reviewers, pullrequest_title,
274 description, reviewer_rules
273 description, reviewer_rules
275 )
274 )
276 Session().commit()
275 Session().commit()
277 h.flash(_('Successfully opened new pull request'),
276 h.flash(_('Successfully opened new pull request'),
278 category='success')
277 category='success')
279 except Exception as e:
278 except Exception as e:
280 msg = _('Error occurred during creation of this pull request.')
279 msg = _('Error occurred during creation of this pull request.')
281 log.exception(msg)
280 log.exception(msg)
282 h.flash(msg, category='error')
281 h.flash(msg, category='error')
283 return redirect(url('pullrequest_home', repo_name=repo_name))
282 return redirect(url('pullrequest_home', repo_name=repo_name))
284
283
285 raise HTTPFound(
284 raise HTTPFound(
286 h.route_path('pullrequest_show', repo_name=target_repo,
285 h.route_path('pullrequest_show', repo_name=target_repo,
287 pull_request_id=pull_request.pull_request_id))
286 pull_request_id=pull_request.pull_request_id))
288
287
289 @LoginRequired()
288 @LoginRequired()
290 @NotAnonymous()
289 @NotAnonymous()
291 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
290 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
292 'repository.admin')
291 'repository.admin')
293 @auth.CSRFRequired()
292 @auth.CSRFRequired()
294 @jsonify
293 @jsonify
295 def update(self, repo_name, pull_request_id):
294 def update(self, repo_name, pull_request_id):
296 pull_request_id = safe_int(pull_request_id)
295 pull_request_id = safe_int(pull_request_id)
297 pull_request = PullRequest.get_or_404(pull_request_id)
296 pull_request = PullRequest.get_or_404(pull_request_id)
298 # only owner or admin can update it
297 # only owner or admin can update it
299 allowed_to_update = PullRequestModel().check_user_update(
298 allowed_to_update = PullRequestModel().check_user_update(
300 pull_request, c.rhodecode_user)
299 pull_request, c.rhodecode_user)
301 if allowed_to_update:
300 if allowed_to_update:
302 controls = peppercorn.parse(request.POST.items())
301 controls = peppercorn.parse(request.POST.items())
303
302
304 if 'review_members' in controls:
303 if 'review_members' in controls:
305 self._update_reviewers(
304 self._update_reviewers(
306 pull_request_id, controls['review_members'],
305 pull_request_id, controls['review_members'],
307 pull_request.reviewer_data)
306 pull_request.reviewer_data)
308 elif str2bool(request.POST.get('update_commits', 'false')):
307 elif str2bool(request.POST.get('update_commits', 'false')):
309 self._update_commits(pull_request)
308 self._update_commits(pull_request)
310 elif str2bool(request.POST.get('edit_pull_request', 'false')):
309 elif str2bool(request.POST.get('edit_pull_request', 'false')):
311 self._edit_pull_request(pull_request)
310 self._edit_pull_request(pull_request)
312 else:
311 else:
313 raise HTTPBadRequest()
312 raise HTTPBadRequest()
314 return True
313 return True
315 raise HTTPForbidden()
314 raise HTTPForbidden()
316
315
317 def _edit_pull_request(self, pull_request):
316 def _edit_pull_request(self, pull_request):
318 try:
317 try:
319 PullRequestModel().edit(
318 PullRequestModel().edit(
320 pull_request, request.POST.get('title'),
319 pull_request, request.POST.get('title'),
321 request.POST.get('description'), c.rhodecode_user)
320 request.POST.get('description'), c.rhodecode_user)
322 except ValueError:
321 except ValueError:
323 msg = _(u'Cannot update closed pull requests.')
322 msg = _(u'Cannot update closed pull requests.')
324 h.flash(msg, category='error')
323 h.flash(msg, category='error')
325 return
324 return
326 else:
325 else:
327 Session().commit()
326 Session().commit()
328
327
329 msg = _(u'Pull request title & description updated.')
328 msg = _(u'Pull request title & description updated.')
330 h.flash(msg, category='success')
329 h.flash(msg, category='success')
331 return
330 return
332
331
333 def _update_commits(self, pull_request):
332 def _update_commits(self, pull_request):
334 resp = PullRequestModel().update_commits(pull_request)
333 resp = PullRequestModel().update_commits(pull_request)
335
334
336 if resp.executed:
335 if resp.executed:
337
336
338 if resp.target_changed and resp.source_changed:
337 if resp.target_changed and resp.source_changed:
339 changed = 'target and source repositories'
338 changed = 'target and source repositories'
340 elif resp.target_changed and not resp.source_changed:
339 elif resp.target_changed and not resp.source_changed:
341 changed = 'target repository'
340 changed = 'target repository'
342 elif not resp.target_changed and resp.source_changed:
341 elif not resp.target_changed and resp.source_changed:
343 changed = 'source repository'
342 changed = 'source repository'
344 else:
343 else:
345 changed = 'nothing'
344 changed = 'nothing'
346
345
347 msg = _(
346 msg = _(
348 u'Pull request updated to "{source_commit_id}" with '
347 u'Pull request updated to "{source_commit_id}" with '
349 u'{count_added} added, {count_removed} removed commits. '
348 u'{count_added} added, {count_removed} removed commits. '
350 u'Source of changes: {change_source}')
349 u'Source of changes: {change_source}')
351 msg = msg.format(
350 msg = msg.format(
352 source_commit_id=pull_request.source_ref_parts.commit_id,
351 source_commit_id=pull_request.source_ref_parts.commit_id,
353 count_added=len(resp.changes.added),
352 count_added=len(resp.changes.added),
354 count_removed=len(resp.changes.removed),
353 count_removed=len(resp.changes.removed),
355 change_source=changed)
354 change_source=changed)
356 h.flash(msg, category='success')
355 h.flash(msg, category='success')
357
356
358 registry = get_current_registry()
357 registry = get_current_registry()
359 rhodecode_plugins = getattr(registry, 'rhodecode_plugins', {})
358 rhodecode_plugins = getattr(registry, 'rhodecode_plugins', {})
360 channelstream_config = rhodecode_plugins.get('channelstream', {})
359 channelstream_config = rhodecode_plugins.get('channelstream', {})
361 if channelstream_config.get('enabled'):
360 if channelstream_config.get('enabled'):
362 message = msg + (
361 message = msg + (
363 ' - <a onclick="window.location.reload()">'
362 ' - <a onclick="window.location.reload()">'
364 '<strong>{}</strong></a>'.format(_('Reload page')))
363 '<strong>{}</strong></a>'.format(_('Reload page')))
365 channel = '/repo${}$/pr/{}'.format(
364 channel = '/repo${}$/pr/{}'.format(
366 pull_request.target_repo.repo_name,
365 pull_request.target_repo.repo_name,
367 pull_request.pull_request_id
366 pull_request.pull_request_id
368 )
367 )
369 payload = {
368 payload = {
370 'type': 'message',
369 'type': 'message',
371 'user': 'system',
370 'user': 'system',
372 'exclude_users': [request.user.username],
371 'exclude_users': [request.user.username],
373 'channel': channel,
372 'channel': channel,
374 'message': {
373 'message': {
375 'message': message,
374 'message': message,
376 'level': 'success',
375 'level': 'success',
377 'topic': '/notifications'
376 'topic': '/notifications'
378 }
377 }
379 }
378 }
380 channelstream_request(
379 channelstream_request(
381 channelstream_config, [payload], '/message',
380 channelstream_config, [payload], '/message',
382 raise_exc=False)
381 raise_exc=False)
383 else:
382 else:
384 msg = PullRequestModel.UPDATE_STATUS_MESSAGES[resp.reason]
383 msg = PullRequestModel.UPDATE_STATUS_MESSAGES[resp.reason]
385 warning_reasons = [
384 warning_reasons = [
386 UpdateFailureReason.NO_CHANGE,
385 UpdateFailureReason.NO_CHANGE,
387 UpdateFailureReason.WRONG_REF_TYPE,
386 UpdateFailureReason.WRONG_REF_TYPE,
388 ]
387 ]
389 category = 'warning' if resp.reason in warning_reasons else 'error'
388 category = 'warning' if resp.reason in warning_reasons else 'error'
390 h.flash(msg, category=category)
389 h.flash(msg, category=category)
391
390
392 @auth.CSRFRequired()
391 @auth.CSRFRequired()
393 @LoginRequired()
392 @LoginRequired()
394 @NotAnonymous()
393 @NotAnonymous()
395 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
394 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
396 'repository.admin')
395 'repository.admin')
397 def merge(self, repo_name, pull_request_id):
396 def merge(self, repo_name, pull_request_id):
398 """
397 """
399 POST /{repo_name}/pull-request/{pull_request_id}
398 POST /{repo_name}/pull-request/{pull_request_id}
400
399
401 Merge will perform a server-side merge of the specified
400 Merge will perform a server-side merge of the specified
402 pull request, if the pull request is approved and mergeable.
401 pull request, if the pull request is approved and mergeable.
403 After successful merging, the pull request is automatically
402 After successful merging, the pull request is automatically
404 closed, with a relevant comment.
403 closed, with a relevant comment.
405 """
404 """
406 pull_request_id = safe_int(pull_request_id)
405 pull_request_id = safe_int(pull_request_id)
407 pull_request = PullRequest.get_or_404(pull_request_id)
406 pull_request = PullRequest.get_or_404(pull_request_id)
408 user = c.rhodecode_user
407 user = c.rhodecode_user
409
408
410 check = MergeCheck.validate(pull_request, user)
409 check = MergeCheck.validate(pull_request, user)
411 merge_possible = not check.failed
410 merge_possible = not check.failed
412
411
413 for err_type, error_msg in check.errors:
412 for err_type, error_msg in check.errors:
414 h.flash(error_msg, category=err_type)
413 h.flash(error_msg, category=err_type)
415
414
416 if merge_possible:
415 if merge_possible:
417 log.debug("Pre-conditions checked, trying to merge.")
416 log.debug("Pre-conditions checked, trying to merge.")
418 extras = vcs_operation_context(
417 extras = vcs_operation_context(
419 request.environ, repo_name=pull_request.target_repo.repo_name,
418 request.environ, repo_name=pull_request.target_repo.repo_name,
420 username=user.username, action='push',
419 username=user.username, action='push',
421 scm=pull_request.target_repo.repo_type)
420 scm=pull_request.target_repo.repo_type)
422 self._merge_pull_request(pull_request, user, extras)
421 self._merge_pull_request(pull_request, user, extras)
423
422
424 raise HTTPFound(
423 raise HTTPFound(
425 h.route_path('pullrequest_show',
424 h.route_path('pullrequest_show',
426 repo_name=pull_request.target_repo.repo_name,
425 repo_name=pull_request.target_repo.repo_name,
427 pull_request_id=pull_request.pull_request_id))
426 pull_request_id=pull_request.pull_request_id))
428
427
429 def _merge_pull_request(self, pull_request, user, extras):
428 def _merge_pull_request(self, pull_request, user, extras):
430 merge_resp = PullRequestModel().merge(
429 merge_resp = PullRequestModel().merge(
431 pull_request, user, extras=extras)
430 pull_request, user, extras=extras)
432
431
433 if merge_resp.executed:
432 if merge_resp.executed:
434 log.debug("The merge was successful, closing the pull request.")
433 log.debug("The merge was successful, closing the pull request.")
435 PullRequestModel().close_pull_request(
434 PullRequestModel().close_pull_request(
436 pull_request.pull_request_id, user)
435 pull_request.pull_request_id, user)
437 Session().commit()
436 Session().commit()
438 msg = _('Pull request was successfully merged and closed.')
437 msg = _('Pull request was successfully merged and closed.')
439 h.flash(msg, category='success')
438 h.flash(msg, category='success')
440 else:
439 else:
441 log.debug(
440 log.debug(
442 "The merge was not successful. Merge response: %s",
441 "The merge was not successful. Merge response: %s",
443 merge_resp)
442 merge_resp)
444 msg = PullRequestModel().merge_status_message(
443 msg = PullRequestModel().merge_status_message(
445 merge_resp.failure_reason)
444 merge_resp.failure_reason)
446 h.flash(msg, category='error')
445 h.flash(msg, category='error')
447
446
448 def _update_reviewers(self, pull_request_id, review_members, reviewer_rules):
447 def _update_reviewers(self, pull_request_id, review_members, reviewer_rules):
449
448
450 get_default_reviewers_data, validate_default_reviewers = \
449 get_default_reviewers_data, validate_default_reviewers = \
451 PullRequestModel().get_reviewer_functions()
450 PullRequestModel().get_reviewer_functions()
452
451
453 try:
452 try:
454 reviewers = validate_default_reviewers(review_members, reviewer_rules)
453 reviewers = validate_default_reviewers(review_members, reviewer_rules)
455 except ValueError as e:
454 except ValueError as e:
456 log.error('Reviewers Validation: {}'.format(e))
455 log.error('Reviewers Validation: {}'.format(e))
457 h.flash(e, category='error')
456 h.flash(e, category='error')
458 return
457 return
459
458
460 PullRequestModel().update_reviewers(
459 PullRequestModel().update_reviewers(
461 pull_request_id, reviewers, c.rhodecode_user)
460 pull_request_id, reviewers, c.rhodecode_user)
462 h.flash(_('Pull request reviewers updated.'), category='success')
461 h.flash(_('Pull request reviewers updated.'), category='success')
463 Session().commit()
462 Session().commit()
464
463
465 @LoginRequired()
464 @LoginRequired()
466 @NotAnonymous()
465 @NotAnonymous()
467 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
466 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
468 'repository.admin')
467 'repository.admin')
469 @auth.CSRFRequired()
468 @auth.CSRFRequired()
470 @jsonify
469 @jsonify
471 def delete(self, repo_name, pull_request_id):
470 def delete(self, repo_name, pull_request_id):
472 pull_request_id = safe_int(pull_request_id)
471 pull_request_id = safe_int(pull_request_id)
473 pull_request = PullRequest.get_or_404(pull_request_id)
472 pull_request = PullRequest.get_or_404(pull_request_id)
474
473
475 pr_closed = pull_request.is_closed()
474 pr_closed = pull_request.is_closed()
476 allowed_to_delete = PullRequestModel().check_user_delete(
475 allowed_to_delete = PullRequestModel().check_user_delete(
477 pull_request, c.rhodecode_user) and not pr_closed
476 pull_request, c.rhodecode_user) and not pr_closed
478
477
479 # only owner can delete it !
478 # only owner can delete it !
480 if allowed_to_delete:
479 if allowed_to_delete:
481 PullRequestModel().delete(pull_request, c.rhodecode_user)
480 PullRequestModel().delete(pull_request, c.rhodecode_user)
482 Session().commit()
481 Session().commit()
483 h.flash(_('Successfully deleted pull request'),
482 h.flash(_('Successfully deleted pull request'),
484 category='success')
483 category='success')
485 return redirect(url('my_account_pullrequests'))
484 return redirect(url('my_account_pullrequests'))
486
485
487 h.flash(_('Your are not allowed to delete this pull request'),
486 h.flash(_('Your are not allowed to delete this pull request'),
488 category='error')
487 category='error')
489 raise HTTPForbidden()
488 raise HTTPForbidden()
490
489
491 def _get_pr_version(self, pull_request_id, version=None):
490 def _get_pr_version(self, pull_request_id, version=None):
492 pull_request_id = safe_int(pull_request_id)
491 pull_request_id = safe_int(pull_request_id)
493 at_version = None
492 at_version = None
494
493
495 if version and version == 'latest':
494 if version and version == 'latest':
496 pull_request_ver = PullRequest.get(pull_request_id)
495 pull_request_ver = PullRequest.get(pull_request_id)
497 pull_request_obj = pull_request_ver
496 pull_request_obj = pull_request_ver
498 _org_pull_request_obj = pull_request_obj
497 _org_pull_request_obj = pull_request_obj
499 at_version = 'latest'
498 at_version = 'latest'
500 elif version:
499 elif version:
501 pull_request_ver = PullRequestVersion.get_or_404(version)
500 pull_request_ver = PullRequestVersion.get_or_404(version)
502 pull_request_obj = pull_request_ver
501 pull_request_obj = pull_request_ver
503 _org_pull_request_obj = pull_request_ver.pull_request
502 _org_pull_request_obj = pull_request_ver.pull_request
504 at_version = pull_request_ver.pull_request_version_id
503 at_version = pull_request_ver.pull_request_version_id
505 else:
504 else:
506 _org_pull_request_obj = pull_request_obj = PullRequest.get_or_404(
505 _org_pull_request_obj = pull_request_obj = PullRequest.get_or_404(
507 pull_request_id)
506 pull_request_id)
508
507
509 pull_request_display_obj = PullRequest.get_pr_display_object(
508 pull_request_display_obj = PullRequest.get_pr_display_object(
510 pull_request_obj, _org_pull_request_obj)
509 pull_request_obj, _org_pull_request_obj)
511
510
512 return _org_pull_request_obj, pull_request_obj, \
511 return _org_pull_request_obj, pull_request_obj, \
513 pull_request_display_obj, at_version
512 pull_request_display_obj, at_version
514
513
515 def _get_diffset(
514 def _get_diffset(
516 self, source_repo, source_ref_id, target_ref_id, target_commit,
515 self, source_repo, source_ref_id, target_ref_id, target_commit,
517 source_commit, diff_limit, file_limit, display_inline_comments):
516 source_commit, diff_limit, file_limit, display_inline_comments):
518 vcs_diff = PullRequestModel().get_diff(
517 vcs_diff = PullRequestModel().get_diff(
519 source_repo, source_ref_id, target_ref_id)
518 source_repo, source_ref_id, target_ref_id)
520
519
521 diff_processor = diffs.DiffProcessor(
520 diff_processor = diffs.DiffProcessor(
522 vcs_diff, format='newdiff', diff_limit=diff_limit,
521 vcs_diff, format='newdiff', diff_limit=diff_limit,
523 file_limit=file_limit, show_full_diff=c.fulldiff)
522 file_limit=file_limit, show_full_diff=c.fulldiff)
524
523
525 _parsed = diff_processor.prepare()
524 _parsed = diff_processor.prepare()
526
525
527 def _node_getter(commit):
526 def _node_getter(commit):
528 def get_node(fname):
527 def get_node(fname):
529 try:
528 try:
530 return commit.get_node(fname)
529 return commit.get_node(fname)
531 except NodeDoesNotExistError:
530 except NodeDoesNotExistError:
532 return None
531 return None
533
532
534 return get_node
533 return get_node
535
534
536 diffset = codeblocks.DiffSet(
535 diffset = codeblocks.DiffSet(
537 repo_name=c.repo_name,
536 repo_name=c.repo_name,
538 source_repo_name=c.source_repo.repo_name,
537 source_repo_name=c.source_repo.repo_name,
539 source_node_getter=_node_getter(target_commit),
538 source_node_getter=_node_getter(target_commit),
540 target_node_getter=_node_getter(source_commit),
539 target_node_getter=_node_getter(source_commit),
541 comments=display_inline_comments
540 comments=display_inline_comments
542 )
541 )
543 diffset = diffset.render_patchset(
542 diffset = diffset.render_patchset(
544 _parsed, target_commit.raw_id, source_commit.raw_id)
543 _parsed, target_commit.raw_id, source_commit.raw_id)
545
544
546 return diffset
545 return diffset
547
546
548 @LoginRequired()
547 @LoginRequired()
549 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
548 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
550 'repository.admin')
549 'repository.admin')
551 def show(self, repo_name, pull_request_id):
550 def show(self, repo_name, pull_request_id):
552 pull_request_id = safe_int(pull_request_id)
551 pull_request_id = safe_int(pull_request_id)
553 version = request.GET.get('version')
552 version = request.GET.get('version')
554 from_version = request.GET.get('from_version') or version
553 from_version = request.GET.get('from_version') or version
555 merge_checks = request.GET.get('merge_checks')
554 merge_checks = request.GET.get('merge_checks')
556 c.fulldiff = str2bool(request.GET.get('fulldiff'))
555 c.fulldiff = str2bool(request.GET.get('fulldiff'))
557
556
558 (pull_request_latest,
557 (pull_request_latest,
559 pull_request_at_ver,
558 pull_request_at_ver,
560 pull_request_display_obj,
559 pull_request_display_obj,
561 at_version) = self._get_pr_version(
560 at_version) = self._get_pr_version(
562 pull_request_id, version=version)
561 pull_request_id, version=version)
563 pr_closed = pull_request_latest.is_closed()
562 pr_closed = pull_request_latest.is_closed()
564
563
565 if pr_closed and (version or from_version):
564 if pr_closed and (version or from_version):
566 # not allow to browse versions
565 # not allow to browse versions
567 return redirect(h.url('pullrequest_show', repo_name=repo_name,
566 return redirect(h.url('pullrequest_show', repo_name=repo_name,
568 pull_request_id=pull_request_id))
567 pull_request_id=pull_request_id))
569
568
570 versions = pull_request_display_obj.versions()
569 versions = pull_request_display_obj.versions()
571
570
572 c.at_version = at_version
571 c.at_version = at_version
573 c.at_version_num = (at_version
572 c.at_version_num = (at_version
574 if at_version and at_version != 'latest'
573 if at_version and at_version != 'latest'
575 else None)
574 else None)
576 c.at_version_pos = ChangesetComment.get_index_from_version(
575 c.at_version_pos = ChangesetComment.get_index_from_version(
577 c.at_version_num, versions)
576 c.at_version_num, versions)
578
577
579 (prev_pull_request_latest,
578 (prev_pull_request_latest,
580 prev_pull_request_at_ver,
579 prev_pull_request_at_ver,
581 prev_pull_request_display_obj,
580 prev_pull_request_display_obj,
582 prev_at_version) = self._get_pr_version(
581 prev_at_version) = self._get_pr_version(
583 pull_request_id, version=from_version)
582 pull_request_id, version=from_version)
584
583
585 c.from_version = prev_at_version
584 c.from_version = prev_at_version
586 c.from_version_num = (prev_at_version
585 c.from_version_num = (prev_at_version
587 if prev_at_version and prev_at_version != 'latest'
586 if prev_at_version and prev_at_version != 'latest'
588 else None)
587 else None)
589 c.from_version_pos = ChangesetComment.get_index_from_version(
588 c.from_version_pos = ChangesetComment.get_index_from_version(
590 c.from_version_num, versions)
589 c.from_version_num, versions)
591
590
592 # define if we're in COMPARE mode or VIEW at version mode
591 # define if we're in COMPARE mode or VIEW at version mode
593 compare = at_version != prev_at_version
592 compare = at_version != prev_at_version
594
593
595 # pull_requests repo_name we opened it against
594 # pull_requests repo_name we opened it against
596 # ie. target_repo must match
595 # ie. target_repo must match
597 if repo_name != pull_request_at_ver.target_repo.repo_name:
596 if repo_name != pull_request_at_ver.target_repo.repo_name:
598 raise HTTPNotFound
597 raise HTTPNotFound
599
598
600 c.shadow_clone_url = PullRequestModel().get_shadow_clone_url(
599 c.shadow_clone_url = PullRequestModel().get_shadow_clone_url(
601 pull_request_at_ver)
600 pull_request_at_ver)
602
601
603 c.pull_request = pull_request_display_obj
602 c.pull_request = pull_request_display_obj
604 c.pull_request_latest = pull_request_latest
603 c.pull_request_latest = pull_request_latest
605
604
606 if compare or (at_version and not at_version == 'latest'):
605 if compare or (at_version and not at_version == 'latest'):
607 c.allowed_to_change_status = False
606 c.allowed_to_change_status = False
608 c.allowed_to_update = False
607 c.allowed_to_update = False
609 c.allowed_to_merge = False
608 c.allowed_to_merge = False
610 c.allowed_to_delete = False
609 c.allowed_to_delete = False
611 c.allowed_to_comment = False
610 c.allowed_to_comment = False
612 c.allowed_to_close = False
611 c.allowed_to_close = False
613 else:
612 else:
614 can_change_status = PullRequestModel().check_user_change_status(
613 can_change_status = PullRequestModel().check_user_change_status(
615 pull_request_at_ver, c.rhodecode_user)
614 pull_request_at_ver, c.rhodecode_user)
616 c.allowed_to_change_status = can_change_status and not pr_closed
615 c.allowed_to_change_status = can_change_status and not pr_closed
617
616
618 c.allowed_to_update = PullRequestModel().check_user_update(
617 c.allowed_to_update = PullRequestModel().check_user_update(
619 pull_request_latest, c.rhodecode_user) and not pr_closed
618 pull_request_latest, c.rhodecode_user) and not pr_closed
620 c.allowed_to_merge = PullRequestModel().check_user_merge(
619 c.allowed_to_merge = PullRequestModel().check_user_merge(
621 pull_request_latest, c.rhodecode_user) and not pr_closed
620 pull_request_latest, c.rhodecode_user) and not pr_closed
622 c.allowed_to_delete = PullRequestModel().check_user_delete(
621 c.allowed_to_delete = PullRequestModel().check_user_delete(
623 pull_request_latest, c.rhodecode_user) and not pr_closed
622 pull_request_latest, c.rhodecode_user) and not pr_closed
624 c.allowed_to_comment = not pr_closed
623 c.allowed_to_comment = not pr_closed
625 c.allowed_to_close = c.allowed_to_merge and not pr_closed
624 c.allowed_to_close = c.allowed_to_merge and not pr_closed
626
625
627 c.forbid_adding_reviewers = False
626 c.forbid_adding_reviewers = False
628 c.forbid_author_to_review = False
627 c.forbid_author_to_review = False
629 c.forbid_commit_author_to_review = False
628 c.forbid_commit_author_to_review = False
630
629
631 if pull_request_latest.reviewer_data and \
630 if pull_request_latest.reviewer_data and \
632 'rules' in pull_request_latest.reviewer_data:
631 'rules' in pull_request_latest.reviewer_data:
633 rules = pull_request_latest.reviewer_data['rules'] or {}
632 rules = pull_request_latest.reviewer_data['rules'] or {}
634 try:
633 try:
635 c.forbid_adding_reviewers = rules.get(
634 c.forbid_adding_reviewers = rules.get(
636 'forbid_adding_reviewers')
635 'forbid_adding_reviewers')
637 c.forbid_author_to_review = rules.get(
636 c.forbid_author_to_review = rules.get(
638 'forbid_author_to_review')
637 'forbid_author_to_review')
639 c.forbid_commit_author_to_review = rules.get(
638 c.forbid_commit_author_to_review = rules.get(
640 'forbid_commit_author_to_review')
639 'forbid_commit_author_to_review')
641 except Exception:
640 except Exception:
642 pass
641 pass
643
642
644 # check merge capabilities
643 # check merge capabilities
645 _merge_check = MergeCheck.validate(
644 _merge_check = MergeCheck.validate(
646 pull_request_latest, user=c.rhodecode_user)
645 pull_request_latest, user=c.rhodecode_user)
647 c.pr_merge_errors = _merge_check.error_details
646 c.pr_merge_errors = _merge_check.error_details
648 c.pr_merge_possible = not _merge_check.failed
647 c.pr_merge_possible = not _merge_check.failed
649 c.pr_merge_message = _merge_check.merge_msg
648 c.pr_merge_message = _merge_check.merge_msg
650
649
651 c.pull_request_review_status = _merge_check.review_status
650 c.pull_request_review_status = _merge_check.review_status
652 if merge_checks:
651 if merge_checks:
653 return render('/pullrequests/pullrequest_merge_checks.mako')
652 return render('/pullrequests/pullrequest_merge_checks.mako')
654
653
655 comments_model = CommentsModel()
654 comments_model = CommentsModel()
656
655
657 # reviewers and statuses
656 # reviewers and statuses
658 c.pull_request_reviewers = pull_request_at_ver.reviewers_statuses()
657 c.pull_request_reviewers = pull_request_at_ver.reviewers_statuses()
659 allowed_reviewers = [x[0].user_id for x in c.pull_request_reviewers]
658 allowed_reviewers = [x[0].user_id for x in c.pull_request_reviewers]
660
659
661 # GENERAL COMMENTS with versions #
660 # GENERAL COMMENTS with versions #
662 q = comments_model._all_general_comments_of_pull_request(pull_request_latest)
661 q = comments_model._all_general_comments_of_pull_request(pull_request_latest)
663 q = q.order_by(ChangesetComment.comment_id.asc())
662 q = q.order_by(ChangesetComment.comment_id.asc())
664 general_comments = q
663 general_comments = q
665
664
666 # pick comments we want to render at current version
665 # pick comments we want to render at current version
667 c.comment_versions = comments_model.aggregate_comments(
666 c.comment_versions = comments_model.aggregate_comments(
668 general_comments, versions, c.at_version_num)
667 general_comments, versions, c.at_version_num)
669 c.comments = c.comment_versions[c.at_version_num]['until']
668 c.comments = c.comment_versions[c.at_version_num]['until']
670
669
671 # INLINE COMMENTS with versions #
670 # INLINE COMMENTS with versions #
672 q = comments_model._all_inline_comments_of_pull_request(pull_request_latest)
671 q = comments_model._all_inline_comments_of_pull_request(pull_request_latest)
673 q = q.order_by(ChangesetComment.comment_id.asc())
672 q = q.order_by(ChangesetComment.comment_id.asc())
674 inline_comments = q
673 inline_comments = q
675
674
676 c.inline_versions = comments_model.aggregate_comments(
675 c.inline_versions = comments_model.aggregate_comments(
677 inline_comments, versions, c.at_version_num, inline=True)
676 inline_comments, versions, c.at_version_num, inline=True)
678
677
679 # inject latest version
678 # inject latest version
680 latest_ver = PullRequest.get_pr_display_object(
679 latest_ver = PullRequest.get_pr_display_object(
681 pull_request_latest, pull_request_latest)
680 pull_request_latest, pull_request_latest)
682
681
683 c.versions = versions + [latest_ver]
682 c.versions = versions + [latest_ver]
684
683
685 # if we use version, then do not show later comments
684 # if we use version, then do not show later comments
686 # than current version
685 # than current version
687 display_inline_comments = collections.defaultdict(
686 display_inline_comments = collections.defaultdict(
688 lambda: collections.defaultdict(list))
687 lambda: collections.defaultdict(list))
689 for co in inline_comments:
688 for co in inline_comments:
690 if c.at_version_num:
689 if c.at_version_num:
691 # pick comments that are at least UPTO given version, so we
690 # pick comments that are at least UPTO given version, so we
692 # don't render comments for higher version
691 # don't render comments for higher version
693 should_render = co.pull_request_version_id and \
692 should_render = co.pull_request_version_id and \
694 co.pull_request_version_id <= c.at_version_num
693 co.pull_request_version_id <= c.at_version_num
695 else:
694 else:
696 # showing all, for 'latest'
695 # showing all, for 'latest'
697 should_render = True
696 should_render = True
698
697
699 if should_render:
698 if should_render:
700 display_inline_comments[co.f_path][co.line_no].append(co)
699 display_inline_comments[co.f_path][co.line_no].append(co)
701
700
702 # load diff data into template context, if we use compare mode then
701 # load diff data into template context, if we use compare mode then
703 # diff is calculated based on changes between versions of PR
702 # diff is calculated based on changes between versions of PR
704
703
705 source_repo = pull_request_at_ver.source_repo
704 source_repo = pull_request_at_ver.source_repo
706 source_ref_id = pull_request_at_ver.source_ref_parts.commit_id
705 source_ref_id = pull_request_at_ver.source_ref_parts.commit_id
707
706
708 target_repo = pull_request_at_ver.target_repo
707 target_repo = pull_request_at_ver.target_repo
709 target_ref_id = pull_request_at_ver.target_ref_parts.commit_id
708 target_ref_id = pull_request_at_ver.target_ref_parts.commit_id
710
709
711 if compare:
710 if compare:
712 # in compare switch the diff base to latest commit from prev version
711 # in compare switch the diff base to latest commit from prev version
713 target_ref_id = prev_pull_request_display_obj.revisions[0]
712 target_ref_id = prev_pull_request_display_obj.revisions[0]
714
713
715 # despite opening commits for bookmarks/branches/tags, we always
714 # despite opening commits for bookmarks/branches/tags, we always
716 # convert this to rev to prevent changes after bookmark or branch change
715 # convert this to rev to prevent changes after bookmark or branch change
717 c.source_ref_type = 'rev'
716 c.source_ref_type = 'rev'
718 c.source_ref = source_ref_id
717 c.source_ref = source_ref_id
719
718
720 c.target_ref_type = 'rev'
719 c.target_ref_type = 'rev'
721 c.target_ref = target_ref_id
720 c.target_ref = target_ref_id
722
721
723 c.source_repo = source_repo
722 c.source_repo = source_repo
724 c.target_repo = target_repo
723 c.target_repo = target_repo
725
724
726 # diff_limit is the old behavior, will cut off the whole diff
725 # diff_limit is the old behavior, will cut off the whole diff
727 # if the limit is applied otherwise will just hide the
726 # if the limit is applied otherwise will just hide the
728 # big files from the front-end
727 # big files from the front-end
729 diff_limit = self.cut_off_limit_diff
728 diff_limit = self.cut_off_limit_diff
730 file_limit = self.cut_off_limit_file
729 file_limit = self.cut_off_limit_file
731
730
732 c.commit_ranges = []
731 c.commit_ranges = []
733 source_commit = EmptyCommit()
732 source_commit = EmptyCommit()
734 target_commit = EmptyCommit()
733 target_commit = EmptyCommit()
735 c.missing_requirements = False
734 c.missing_requirements = False
736
735
737 source_scm = source_repo.scm_instance()
736 source_scm = source_repo.scm_instance()
738 target_scm = target_repo.scm_instance()
737 target_scm = target_repo.scm_instance()
739
738
740 # try first shadow repo, fallback to regular repo
739 # try first shadow repo, fallback to regular repo
741 try:
740 try:
742 commits_source_repo = pull_request_latest.get_shadow_repo()
741 commits_source_repo = pull_request_latest.get_shadow_repo()
743 except Exception:
742 except Exception:
744 log.debug('Failed to get shadow repo', exc_info=True)
743 log.debug('Failed to get shadow repo', exc_info=True)
745 commits_source_repo = source_scm
744 commits_source_repo = source_scm
746
745
747 c.commits_source_repo = commits_source_repo
746 c.commits_source_repo = commits_source_repo
748 commit_cache = {}
747 commit_cache = {}
749 try:
748 try:
750 pre_load = ["author", "branch", "date", "message"]
749 pre_load = ["author", "branch", "date", "message"]
751 show_revs = pull_request_at_ver.revisions
750 show_revs = pull_request_at_ver.revisions
752 for rev in show_revs:
751 for rev in show_revs:
753 comm = commits_source_repo.get_commit(
752 comm = commits_source_repo.get_commit(
754 commit_id=rev, pre_load=pre_load)
753 commit_id=rev, pre_load=pre_load)
755 c.commit_ranges.append(comm)
754 c.commit_ranges.append(comm)
756 commit_cache[comm.raw_id] = comm
755 commit_cache[comm.raw_id] = comm
757
756
758 # Order here matters, we first need to get target, and then
757 # Order here matters, we first need to get target, and then
759 # the source
758 # the source
760 target_commit = commits_source_repo.get_commit(
759 target_commit = commits_source_repo.get_commit(
761 commit_id=safe_str(target_ref_id))
760 commit_id=safe_str(target_ref_id))
762
761
763 source_commit = commits_source_repo.get_commit(
762 source_commit = commits_source_repo.get_commit(
764 commit_id=safe_str(source_ref_id))
763 commit_id=safe_str(source_ref_id))
765
764
766 except CommitDoesNotExistError:
765 except CommitDoesNotExistError:
767 log.warning(
766 log.warning(
768 'Failed to get commit from `{}` repo'.format(
767 'Failed to get commit from `{}` repo'.format(
769 commits_source_repo), exc_info=True)
768 commits_source_repo), exc_info=True)
770 except RepositoryRequirementError:
769 except RepositoryRequirementError:
771 log.warning(
770 log.warning(
772 'Failed to get all required data from repo', exc_info=True)
771 'Failed to get all required data from repo', exc_info=True)
773 c.missing_requirements = True
772 c.missing_requirements = True
774
773
775 c.ancestor = None # set it to None, to hide it from PR view
774 c.ancestor = None # set it to None, to hide it from PR view
776
775
777 try:
776 try:
778 ancestor_id = source_scm.get_common_ancestor(
777 ancestor_id = source_scm.get_common_ancestor(
779 source_commit.raw_id, target_commit.raw_id, target_scm)
778 source_commit.raw_id, target_commit.raw_id, target_scm)
780 c.ancestor_commit = source_scm.get_commit(ancestor_id)
779 c.ancestor_commit = source_scm.get_commit(ancestor_id)
781 except Exception:
780 except Exception:
782 c.ancestor_commit = None
781 c.ancestor_commit = None
783
782
784 c.statuses = source_repo.statuses(
783 c.statuses = source_repo.statuses(
785 [x.raw_id for x in c.commit_ranges])
784 [x.raw_id for x in c.commit_ranges])
786
785
787 # auto collapse if we have more than limit
786 # auto collapse if we have more than limit
788 collapse_limit = diffs.DiffProcessor._collapse_commits_over
787 collapse_limit = diffs.DiffProcessor._collapse_commits_over
789 c.collapse_all_commits = len(c.commit_ranges) > collapse_limit
788 c.collapse_all_commits = len(c.commit_ranges) > collapse_limit
790 c.compare_mode = compare
789 c.compare_mode = compare
791
790
792 c.missing_commits = False
791 c.missing_commits = False
793 if (c.missing_requirements or isinstance(source_commit, EmptyCommit)
792 if (c.missing_requirements or isinstance(source_commit, EmptyCommit)
794 or source_commit == target_commit):
793 or source_commit == target_commit):
795
794
796 c.missing_commits = True
795 c.missing_commits = True
797 else:
796 else:
798
797
799 c.diffset = self._get_diffset(
798 c.diffset = self._get_diffset(
800 commits_source_repo, source_ref_id, target_ref_id,
799 commits_source_repo, source_ref_id, target_ref_id,
801 target_commit, source_commit,
800 target_commit, source_commit,
802 diff_limit, file_limit, display_inline_comments)
801 diff_limit, file_limit, display_inline_comments)
803
802
804 c.limited_diff = c.diffset.limited_diff
803 c.limited_diff = c.diffset.limited_diff
805
804
806 # calculate removed files that are bound to comments
805 # calculate removed files that are bound to comments
807 comment_deleted_files = [
806 comment_deleted_files = [
808 fname for fname in display_inline_comments
807 fname for fname in display_inline_comments
809 if fname not in c.diffset.file_stats]
808 if fname not in c.diffset.file_stats]
810
809
811 c.deleted_files_comments = collections.defaultdict(dict)
810 c.deleted_files_comments = collections.defaultdict(dict)
812 for fname, per_line_comments in display_inline_comments.items():
811 for fname, per_line_comments in display_inline_comments.items():
813 if fname in comment_deleted_files:
812 if fname in comment_deleted_files:
814 c.deleted_files_comments[fname]['stats'] = 0
813 c.deleted_files_comments[fname]['stats'] = 0
815 c.deleted_files_comments[fname]['comments'] = list()
814 c.deleted_files_comments[fname]['comments'] = list()
816 for lno, comments in per_line_comments.items():
815 for lno, comments in per_line_comments.items():
817 c.deleted_files_comments[fname]['comments'].extend(
816 c.deleted_files_comments[fname]['comments'].extend(
818 comments)
817 comments)
819
818
820 # this is a hack to properly display links, when creating PR, the
819 # this is a hack to properly display links, when creating PR, the
821 # compare view and others uses different notation, and
820 # compare view and others uses different notation, and
822 # compare_commits.mako renders links based on the target_repo.
821 # compare_commits.mako renders links based on the target_repo.
823 # We need to swap that here to generate it properly on the html side
822 # We need to swap that here to generate it properly on the html side
824 c.target_repo = c.source_repo
823 c.target_repo = c.source_repo
825
824
826 c.commit_statuses = ChangesetStatus.STATUSES
825 c.commit_statuses = ChangesetStatus.STATUSES
827
826
828 c.show_version_changes = not pr_closed
827 c.show_version_changes = not pr_closed
829 if c.show_version_changes:
828 if c.show_version_changes:
830 cur_obj = pull_request_at_ver
829 cur_obj = pull_request_at_ver
831 prev_obj = prev_pull_request_at_ver
830 prev_obj = prev_pull_request_at_ver
832
831
833 old_commit_ids = prev_obj.revisions
832 old_commit_ids = prev_obj.revisions
834 new_commit_ids = cur_obj.revisions
833 new_commit_ids = cur_obj.revisions
835 commit_changes = PullRequestModel()._calculate_commit_id_changes(
834 commit_changes = PullRequestModel()._calculate_commit_id_changes(
836 old_commit_ids, new_commit_ids)
835 old_commit_ids, new_commit_ids)
837 c.commit_changes_summary = commit_changes
836 c.commit_changes_summary = commit_changes
838
837
839 # calculate the diff for commits between versions
838 # calculate the diff for commits between versions
840 c.commit_changes = []
839 c.commit_changes = []
841 mark = lambda cs, fw: list(
840 mark = lambda cs, fw: list(
842 h.itertools.izip_longest([], cs, fillvalue=fw))
841 h.itertools.izip_longest([], cs, fillvalue=fw))
843 for c_type, raw_id in mark(commit_changes.added, 'a') \
842 for c_type, raw_id in mark(commit_changes.added, 'a') \
844 + mark(commit_changes.removed, 'r') \
843 + mark(commit_changes.removed, 'r') \
845 + mark(commit_changes.common, 'c'):
844 + mark(commit_changes.common, 'c'):
846
845
847 if raw_id in commit_cache:
846 if raw_id in commit_cache:
848 commit = commit_cache[raw_id]
847 commit = commit_cache[raw_id]
849 else:
848 else:
850 try:
849 try:
851 commit = commits_source_repo.get_commit(raw_id)
850 commit = commits_source_repo.get_commit(raw_id)
852 except CommitDoesNotExistError:
851 except CommitDoesNotExistError:
853 # in case we fail extracting still use "dummy" commit
852 # in case we fail extracting still use "dummy" commit
854 # for display in commit diff
853 # for display in commit diff
855 commit = h.AttributeDict(
854 commit = h.AttributeDict(
856 {'raw_id': raw_id,
855 {'raw_id': raw_id,
857 'message': 'EMPTY or MISSING COMMIT'})
856 'message': 'EMPTY or MISSING COMMIT'})
858 c.commit_changes.append([c_type, commit])
857 c.commit_changes.append([c_type, commit])
859
858
860 # current user review statuses for each version
859 # current user review statuses for each version
861 c.review_versions = {}
860 c.review_versions = {}
862 if c.rhodecode_user.user_id in allowed_reviewers:
861 if c.rhodecode_user.user_id in allowed_reviewers:
863 for co in general_comments:
862 for co in general_comments:
864 if co.author.user_id == c.rhodecode_user.user_id:
863 if co.author.user_id == c.rhodecode_user.user_id:
865 # each comment has a status change
864 # each comment has a status change
866 status = co.status_change
865 status = co.status_change
867 if status:
866 if status:
868 _ver_pr = status[0].comment.pull_request_version_id
867 _ver_pr = status[0].comment.pull_request_version_id
869 c.review_versions[_ver_pr] = status[0]
868 c.review_versions[_ver_pr] = status[0]
870
869
871 return render('/pullrequests/pullrequest_show.mako')
870 return render('/pullrequests/pullrequest_show.mako')
872
871
873 @LoginRequired()
872 @LoginRequired()
874 @NotAnonymous()
873 @NotAnonymous()
875 @HasRepoPermissionAnyDecorator(
874 @HasRepoPermissionAnyDecorator(
876 'repository.read', 'repository.write', 'repository.admin')
875 'repository.read', 'repository.write', 'repository.admin')
877 @auth.CSRFRequired()
876 @auth.CSRFRequired()
878 @jsonify
877 @jsonify
879 def comment(self, repo_name, pull_request_id):
878 def comment(self, repo_name, pull_request_id):
880 pull_request_id = safe_int(pull_request_id)
879 pull_request_id = safe_int(pull_request_id)
881 pull_request = PullRequest.get_or_404(pull_request_id)
880 pull_request = PullRequest.get_or_404(pull_request_id)
882 if pull_request.is_closed():
881 if pull_request.is_closed():
883 log.debug('comment: forbidden because pull request is closed')
882 log.debug('comment: forbidden because pull request is closed')
884 raise HTTPForbidden()
883 raise HTTPForbidden()
885
884
886 status = request.POST.get('changeset_status', None)
885 status = request.POST.get('changeset_status', None)
887 text = request.POST.get('text')
886 text = request.POST.get('text')
888 comment_type = request.POST.get('comment_type')
887 comment_type = request.POST.get('comment_type')
889 resolves_comment_id = request.POST.get('resolves_comment_id', None)
888 resolves_comment_id = request.POST.get('resolves_comment_id', None)
890 close_pull_request = request.POST.get('close_pull_request')
889 close_pull_request = request.POST.get('close_pull_request')
891
890
892 # the logic here should work like following, if we submit close
891 # the logic here should work like following, if we submit close
893 # pr comment, use `close_pull_request_with_comment` function
892 # pr comment, use `close_pull_request_with_comment` function
894 # else handle regular comment logic
893 # else handle regular comment logic
895 user = c.rhodecode_user
894 user = c.rhodecode_user
896 repo = c.rhodecode_db_repo
895 repo = c.rhodecode_db_repo
897
896
898 if close_pull_request:
897 if close_pull_request:
899 # only owner or admin or person with write permissions
898 # only owner or admin or person with write permissions
900 allowed_to_close = PullRequestModel().check_user_update(
899 allowed_to_close = PullRequestModel().check_user_update(
901 pull_request, c.rhodecode_user)
900 pull_request, c.rhodecode_user)
902 if not allowed_to_close:
901 if not allowed_to_close:
903 log.debug('comment: forbidden because not allowed to close '
902 log.debug('comment: forbidden because not allowed to close '
904 'pull request %s', pull_request_id)
903 'pull request %s', pull_request_id)
905 raise HTTPForbidden()
904 raise HTTPForbidden()
906 comment, status = PullRequestModel().close_pull_request_with_comment(
905 comment, status = PullRequestModel().close_pull_request_with_comment(
907 pull_request, user, repo, message=text)
906 pull_request, user, repo, message=text)
908 Session().flush()
907 Session().flush()
909 events.trigger(
908 events.trigger(
910 events.PullRequestCommentEvent(pull_request, comment))
909 events.PullRequestCommentEvent(pull_request, comment))
911
910
912 else:
911 else:
913 # regular comment case, could be inline, or one with status.
912 # regular comment case, could be inline, or one with status.
914 # for that one we check also permissions
913 # for that one we check also permissions
915
914
916 allowed_to_change_status = PullRequestModel().check_user_change_status(
915 allowed_to_change_status = PullRequestModel().check_user_change_status(
917 pull_request, c.rhodecode_user)
916 pull_request, c.rhodecode_user)
918
917
919 if status and allowed_to_change_status:
918 if status and allowed_to_change_status:
920 message = (_('Status change %(transition_icon)s %(status)s')
919 message = (_('Status change %(transition_icon)s %(status)s')
921 % {'transition_icon': '>',
920 % {'transition_icon': '>',
922 'status': ChangesetStatus.get_status_lbl(status)})
921 'status': ChangesetStatus.get_status_lbl(status)})
923 text = text or message
922 text = text or message
924
923
925 comment = CommentsModel().create(
924 comment = CommentsModel().create(
926 text=text,
925 text=text,
927 repo=c.rhodecode_db_repo.repo_id,
926 repo=c.rhodecode_db_repo.repo_id,
928 user=c.rhodecode_user.user_id,
927 user=c.rhodecode_user.user_id,
929 pull_request=pull_request_id,
928 pull_request=pull_request_id,
930 f_path=request.POST.get('f_path'),
929 f_path=request.POST.get('f_path'),
931 line_no=request.POST.get('line'),
930 line_no=request.POST.get('line'),
932 status_change=(ChangesetStatus.get_status_lbl(status)
931 status_change=(ChangesetStatus.get_status_lbl(status)
933 if status and allowed_to_change_status else None),
932 if status and allowed_to_change_status else None),
934 status_change_type=(status
933 status_change_type=(status
935 if status and allowed_to_change_status else None),
934 if status and allowed_to_change_status else None),
936 comment_type=comment_type,
935 comment_type=comment_type,
937 resolves_comment_id=resolves_comment_id
936 resolves_comment_id=resolves_comment_id
938 )
937 )
939
938
940 if allowed_to_change_status:
939 if allowed_to_change_status:
941 # calculate old status before we change it
940 # calculate old status before we change it
942 old_calculated_status = pull_request.calculated_review_status()
941 old_calculated_status = pull_request.calculated_review_status()
943
942
944 # get status if set !
943 # get status if set !
945 if status:
944 if status:
946 ChangesetStatusModel().set_status(
945 ChangesetStatusModel().set_status(
947 c.rhodecode_db_repo.repo_id,
946 c.rhodecode_db_repo.repo_id,
948 status,
947 status,
949 c.rhodecode_user.user_id,
948 c.rhodecode_user.user_id,
950 comment,
949 comment,
951 pull_request=pull_request_id
950 pull_request=pull_request_id
952 )
951 )
953
952
954 Session().flush()
953 Session().flush()
955 events.trigger(
954 events.trigger(
956 events.PullRequestCommentEvent(pull_request, comment))
955 events.PullRequestCommentEvent(pull_request, comment))
957
956
958 # we now calculate the status of pull request, and based on that
957 # we now calculate the status of pull request, and based on that
959 # calculation we set the commits status
958 # calculation we set the commits status
960 calculated_status = pull_request.calculated_review_status()
959 calculated_status = pull_request.calculated_review_status()
961 if old_calculated_status != calculated_status:
960 if old_calculated_status != calculated_status:
962 PullRequestModel()._trigger_pull_request_hook(
961 PullRequestModel()._trigger_pull_request_hook(
963 pull_request, c.rhodecode_user, 'review_status_change')
962 pull_request, c.rhodecode_user, 'review_status_change')
964
963
965 Session().commit()
964 Session().commit()
966
965
967 if not request.is_xhr:
966 if not request.is_xhr:
968 raise HTTPFound(
967 raise HTTPFound(
969 h.route_path('pullrequest_show',
968 h.route_path('pullrequest_show',
970 repo_name=repo_name,
969 repo_name=repo_name,
971 pull_request_id=pull_request_id))
970 pull_request_id=pull_request_id))
972
971
973 data = {
972 data = {
974 'target_id': h.safeid(h.safe_unicode(request.POST.get('f_path'))),
973 'target_id': h.safeid(h.safe_unicode(request.POST.get('f_path'))),
975 }
974 }
976 if comment:
975 if comment:
977 c.co = comment
976 c.co = comment
978 rendered_comment = render('changeset/changeset_comment_block.mako')
977 rendered_comment = render('changeset/changeset_comment_block.mako')
979 data.update(comment.get_dict())
978 data.update(comment.get_dict())
980 data.update({'rendered_text': rendered_comment})
979 data.update({'rendered_text': rendered_comment})
981
980
982 return data
981 return data
983
982
984 @LoginRequired()
983 @LoginRequired()
985 @NotAnonymous()
984 @NotAnonymous()
986 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
985 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
987 'repository.admin')
986 'repository.admin')
988 @auth.CSRFRequired()
987 @auth.CSRFRequired()
989 @jsonify
988 @jsonify
990 def delete_comment(self, repo_name, comment_id):
989 def delete_comment(self, repo_name, comment_id):
991 return self._delete_comment(comment_id)
990 return self._delete_comment(comment_id)
992
991
993 def _delete_comment(self, comment_id):
992 def _delete_comment(self, comment_id):
994 comment_id = safe_int(comment_id)
993 comment_id = safe_int(comment_id)
995 co = ChangesetComment.get_or_404(comment_id)
994 co = ChangesetComment.get_or_404(comment_id)
996 if co.pull_request.is_closed():
995 if co.pull_request.is_closed():
997 # don't allow deleting comments on closed pull request
996 # don't allow deleting comments on closed pull request
998 raise HTTPForbidden()
997 raise HTTPForbidden()
999
998
1000 is_owner = co.author.user_id == c.rhodecode_user.user_id
999 is_owner = co.author.user_id == c.rhodecode_user.user_id
1001 is_repo_admin = h.HasRepoPermissionAny('repository.admin')(c.repo_name)
1000 is_repo_admin = h.HasRepoPermissionAny('repository.admin')(c.repo_name)
1002 if h.HasPermissionAny('hg.admin')() or is_repo_admin or is_owner:
1001 if h.HasPermissionAny('hg.admin')() or is_repo_admin or is_owner:
1003 old_calculated_status = co.pull_request.calculated_review_status()
1002 old_calculated_status = co.pull_request.calculated_review_status()
1004 CommentsModel().delete(comment=co, user=c.rhodecode_user)
1003 CommentsModel().delete(comment=co, user=c.rhodecode_user)
1005 Session().commit()
1004 Session().commit()
1006 calculated_status = co.pull_request.calculated_review_status()
1005 calculated_status = co.pull_request.calculated_review_status()
1007 if old_calculated_status != calculated_status:
1006 if old_calculated_status != calculated_status:
1008 PullRequestModel()._trigger_pull_request_hook(
1007 PullRequestModel()._trigger_pull_request_hook(
1009 co.pull_request, c.rhodecode_user, 'review_status_change')
1008 co.pull_request, c.rhodecode_user, 'review_status_change')
1010 return True
1009 return True
1011 else:
1010 else:
1012 raise HTTPForbidden()
1011 raise HTTPForbidden()
Show file before | Show file after | Hide comments
@@ -1,2021 +1,2023 b''
1 # -*- coding: utf-8 -*-
1 # -*- coding: utf-8 -*-
2
2
3 # Copyright (C) 2010-2017 RhodeCode GmbH
3 # Copyright (C) 2010-2017 RhodeCode GmbH
4 #
4 #
5 # This program is free software: you can redistribute it and/or modify
5 # This program is free software: you can redistribute it and/or modify
6 # it under the terms of the GNU Affero General Public License, version 3
6 # it under the terms of the GNU Affero General Public License, version 3
7 # (only), as published by the Free Software Foundation.
7 # (only), as published by the Free Software Foundation.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU Affero General Public License
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 #
16 #
17 # This program is dual-licensed. If you wish to learn more about the
17 # This program is dual-licensed. If you wish to learn more about the
18 # RhodeCode Enterprise Edition, including its added features, Support services,
18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20
20
21 """
21 """
22 authentication and permission libraries
22 authentication and permission libraries
23 """
23 """
24
24
25 import os
25 import os
26 import inspect
26 import inspect
27 import collections
27 import collections
28 import fnmatch
28 import fnmatch
29 import hashlib
29 import hashlib
30 import itertools
30 import itertools
31 import logging
31 import logging
32 import random
32 import random
33 import traceback
33 import traceback
34 from functools import wraps
34 from functools import wraps
35
35
36 import ipaddress
36 import ipaddress
37 from pyramid.httpexceptions import HTTPForbidden, HTTPFound
37 from pyramid.httpexceptions import HTTPForbidden, HTTPFound
38 from pylons.i18n.translation import _
38 from pylons.i18n.translation import _
39 # NOTE(marcink): this has to be removed only after pyramid migration,
39 # NOTE(marcink): this has to be removed only after pyramid migration,
40 # replace with _ = request.translate
40 # replace with _ = request.translate
41 from sqlalchemy.orm.exc import ObjectDeletedError
41 from sqlalchemy.orm.exc import ObjectDeletedError
42 from sqlalchemy.orm import joinedload
42 from sqlalchemy.orm import joinedload
43 from zope.cachedescriptors.property import Lazy as LazyProperty
43 from zope.cachedescriptors.property import Lazy as LazyProperty
44
44
45 import rhodecode
45 import rhodecode
46 from rhodecode.model import meta
46 from rhodecode.model import meta
47 from rhodecode.model.meta import Session
47 from rhodecode.model.meta import Session
48 from rhodecode.model.user import UserModel
48 from rhodecode.model.user import UserModel
49 from rhodecode.model.db import (
49 from rhodecode.model.db import (
50 User, Repository, Permission, UserToPerm, UserGroupToPerm, UserGroupMember,
50 User, Repository, Permission, UserToPerm, UserGroupToPerm, UserGroupMember,
51 UserIpMap, UserApiKeys, RepoGroup)
51 UserIpMap, UserApiKeys, RepoGroup)
52 from rhodecode.lib import caches
52 from rhodecode.lib import caches
53 from rhodecode.lib.utils2 import safe_unicode, aslist, safe_str, md5
53 from rhodecode.lib.utils2 import safe_unicode, aslist, safe_str, md5
54 from rhodecode.lib.utils import (
54 from rhodecode.lib.utils import (
55 get_repo_slug, get_repo_group_slug, get_user_group_slug)
55 get_repo_slug, get_repo_group_slug, get_user_group_slug)
56 from rhodecode.lib.caching_query import FromCache
56 from rhodecode.lib.caching_query import FromCache
57
57
58
58
59 if rhodecode.is_unix:
59 if rhodecode.is_unix:
60 import bcrypt
60 import bcrypt
61
61
62 log = logging.getLogger(__name__)
62 log = logging.getLogger(__name__)
63
63
64 csrf_token_key = "csrf_token"
64 csrf_token_key = "csrf_token"
65
65
66
66
67 class PasswordGenerator(object):
67 class PasswordGenerator(object):
68 """
68 """
69 This is a simple class for generating password from different sets of
69 This is a simple class for generating password from different sets of
70 characters
70 characters
71 usage::
71 usage::
72
72
73 passwd_gen = PasswordGenerator()
73 passwd_gen = PasswordGenerator()
74 #print 8-letter password containing only big and small letters
74 #print 8-letter password containing only big and small letters
75 of alphabet
75 of alphabet
76 passwd_gen.gen_password(8, passwd_gen.ALPHABETS_BIG_SMALL)
76 passwd_gen.gen_password(8, passwd_gen.ALPHABETS_BIG_SMALL)
77 """
77 """
78 ALPHABETS_NUM = r'''1234567890'''
78 ALPHABETS_NUM = r'''1234567890'''
79 ALPHABETS_SMALL = r'''qwertyuiopasdfghjklzxcvbnm'''
79 ALPHABETS_SMALL = r'''qwertyuiopasdfghjklzxcvbnm'''
80 ALPHABETS_BIG = r'''QWERTYUIOPASDFGHJKLZXCVBNM'''
80 ALPHABETS_BIG = r'''QWERTYUIOPASDFGHJKLZXCVBNM'''
81 ALPHABETS_SPECIAL = r'''`-=[]\;',./~!@#$%^&*()_+{}|:"<>?'''
81 ALPHABETS_SPECIAL = r'''`-=[]\;',./~!@#$%^&*()_+{}|:"<>?'''
82 ALPHABETS_FULL = ALPHABETS_BIG + ALPHABETS_SMALL \
82 ALPHABETS_FULL = ALPHABETS_BIG + ALPHABETS_SMALL \
83 + ALPHABETS_NUM + ALPHABETS_SPECIAL
83 + ALPHABETS_NUM + ALPHABETS_SPECIAL
84 ALPHABETS_ALPHANUM = ALPHABETS_BIG + ALPHABETS_SMALL + ALPHABETS_NUM
84 ALPHABETS_ALPHANUM = ALPHABETS_BIG + ALPHABETS_SMALL + ALPHABETS_NUM
85 ALPHABETS_BIG_SMALL = ALPHABETS_BIG + ALPHABETS_SMALL
85 ALPHABETS_BIG_SMALL = ALPHABETS_BIG + ALPHABETS_SMALL
86 ALPHABETS_ALPHANUM_BIG = ALPHABETS_BIG + ALPHABETS_NUM
86 ALPHABETS_ALPHANUM_BIG = ALPHABETS_BIG + ALPHABETS_NUM
87 ALPHABETS_ALPHANUM_SMALL = ALPHABETS_SMALL + ALPHABETS_NUM
87 ALPHABETS_ALPHANUM_SMALL = ALPHABETS_SMALL + ALPHABETS_NUM
88
88
89 def __init__(self, passwd=''):
89 def __init__(self, passwd=''):
90 self.passwd = passwd
90 self.passwd = passwd
91
91
92 def gen_password(self, length, type_=None):
92 def gen_password(self, length, type_=None):
93 if type_ is None:
93 if type_ is None:
94 type_ = self.ALPHABETS_FULL
94 type_ = self.ALPHABETS_FULL
95 self.passwd = ''.join([random.choice(type_) for _ in xrange(length)])
95 self.passwd = ''.join([random.choice(type_) for _ in xrange(length)])
96 return self.passwd
96 return self.passwd
97
97
98
98
99 class _RhodeCodeCryptoBase(object):
99 class _RhodeCodeCryptoBase(object):
100 ENC_PREF = None
100 ENC_PREF = None
101
101
102 def hash_create(self, str_):
102 def hash_create(self, str_):
103 """
103 """
104 hash the string using
104 hash the string using
105
105
106 :param str_: password to hash
106 :param str_: password to hash
107 """
107 """
108 raise NotImplementedError
108 raise NotImplementedError
109
109
110 def hash_check_with_upgrade(self, password, hashed):
110 def hash_check_with_upgrade(self, password, hashed):
111 """
111 """
112 Returns tuple in which first element is boolean that states that
112 Returns tuple in which first element is boolean that states that
113 given password matches it's hashed version, and the second is new hash
113 given password matches it's hashed version, and the second is new hash
114 of the password, in case this password should be migrated to new
114 of the password, in case this password should be migrated to new
115 cipher.
115 cipher.
116 """
116 """
117 checked_hash = self.hash_check(password, hashed)
117 checked_hash = self.hash_check(password, hashed)
118 return checked_hash, None
118 return checked_hash, None
119
119
120 def hash_check(self, password, hashed):
120 def hash_check(self, password, hashed):
121 """
121 """
122 Checks matching password with it's hashed value.
122 Checks matching password with it's hashed value.
123
123
124 :param password: password
124 :param password: password
125 :param hashed: password in hashed form
125 :param hashed: password in hashed form
126 """
126 """
127 raise NotImplementedError
127 raise NotImplementedError
128
128
129 def _assert_bytes(self, value):
129 def _assert_bytes(self, value):
130 """
130 """
131 Passing in an `unicode` object can lead to hard to detect issues
131 Passing in an `unicode` object can lead to hard to detect issues
132 if passwords contain non-ascii characters. Doing a type check
132 if passwords contain non-ascii characters. Doing a type check
133 during runtime, so that such mistakes are detected early on.
133 during runtime, so that such mistakes are detected early on.
134 """
134 """
135 if not isinstance(value, str):
135 if not isinstance(value, str):
136 raise TypeError(
136 raise TypeError(
137 "Bytestring required as input, got %r." % (value, ))
137 "Bytestring required as input, got %r." % (value, ))
138
138
139
139
140 class _RhodeCodeCryptoBCrypt(_RhodeCodeCryptoBase):
140 class _RhodeCodeCryptoBCrypt(_RhodeCodeCryptoBase):
141 ENC_PREF = ('$2a$10', '$2b$10')
141 ENC_PREF = ('$2a$10', '$2b$10')
142
142
143 def hash_create(self, str_):
143 def hash_create(self, str_):
144 self._assert_bytes(str_)
144 self._assert_bytes(str_)
145 return bcrypt.hashpw(str_, bcrypt.gensalt(10))
145 return bcrypt.hashpw(str_, bcrypt.gensalt(10))
146
146
147 def hash_check_with_upgrade(self, password, hashed):
147 def hash_check_with_upgrade(self, password, hashed):
148 """
148 """
149 Returns tuple in which first element is boolean that states that
149 Returns tuple in which first element is boolean that states that
150 given password matches it's hashed version, and the second is new hash
150 given password matches it's hashed version, and the second is new hash
151 of the password, in case this password should be migrated to new
151 of the password, in case this password should be migrated to new
152 cipher.
152 cipher.
153
153
154 This implements special upgrade logic which works like that:
154 This implements special upgrade logic which works like that:
155 - check if the given password == bcrypted hash, if yes then we
155 - check if the given password == bcrypted hash, if yes then we
156 properly used password and it was already in bcrypt. Proceed
156 properly used password and it was already in bcrypt. Proceed
157 without any changes
157 without any changes
158 - if bcrypt hash check is not working try with sha256. If hash compare
158 - if bcrypt hash check is not working try with sha256. If hash compare
159 is ok, it means we using correct but old hashed password. indicate
159 is ok, it means we using correct but old hashed password. indicate
160 hash change and proceed
160 hash change and proceed
161 """
161 """
162
162
163 new_hash = None
163 new_hash = None
164
164
165 # regular pw check
165 # regular pw check
166 password_match_bcrypt = self.hash_check(password, hashed)
166 password_match_bcrypt = self.hash_check(password, hashed)
167
167
168 # now we want to know if the password was maybe from sha256
168 # now we want to know if the password was maybe from sha256
169 # basically calling _RhodeCodeCryptoSha256().hash_check()
169 # basically calling _RhodeCodeCryptoSha256().hash_check()
170 if not password_match_bcrypt:
170 if not password_match_bcrypt:
171 if _RhodeCodeCryptoSha256().hash_check(password, hashed):
171 if _RhodeCodeCryptoSha256().hash_check(password, hashed):
172 new_hash = self.hash_create(password) # make new bcrypt hash
172 new_hash = self.hash_create(password) # make new bcrypt hash
173 password_match_bcrypt = True
173 password_match_bcrypt = True
174
174
175 return password_match_bcrypt, new_hash
175 return password_match_bcrypt, new_hash
176
176
177 def hash_check(self, password, hashed):
177 def hash_check(self, password, hashed):
178 """
178 """
179 Checks matching password with it's hashed value.
179 Checks matching password with it's hashed value.
180
180
181 :param password: password
181 :param password: password
182 :param hashed: password in hashed form
182 :param hashed: password in hashed form
183 """
183 """
184 self._assert_bytes(password)
184 self._assert_bytes(password)
185 try:
185 try:
186 return bcrypt.hashpw(password, hashed) == hashed
186 return bcrypt.hashpw(password, hashed) == hashed
187 except ValueError as e:
187 except ValueError as e:
188 # we're having a invalid salt here probably, we should not crash
188 # we're having a invalid salt here probably, we should not crash
189 # just return with False as it would be a wrong password.
189 # just return with False as it would be a wrong password.
190 log.debug('Failed to check password hash using bcrypt %s',
190 log.debug('Failed to check password hash using bcrypt %s',
191 safe_str(e))
191 safe_str(e))
192
192
193 return False
193 return False
194
194
195
195
196 class _RhodeCodeCryptoSha256(_RhodeCodeCryptoBase):
196 class _RhodeCodeCryptoSha256(_RhodeCodeCryptoBase):
197 ENC_PREF = '_'
197 ENC_PREF = '_'
198
198
199 def hash_create(self, str_):
199 def hash_create(self, str_):
200 self._assert_bytes(str_)
200 self._assert_bytes(str_)
201 return hashlib.sha256(str_).hexdigest()
201 return hashlib.sha256(str_).hexdigest()
202
202
203 def hash_check(self, password, hashed):
203 def hash_check(self, password, hashed):
204 """
204 """
205 Checks matching password with it's hashed value.
205 Checks matching password with it's hashed value.
206
206
207 :param password: password
207 :param password: password
208 :param hashed: password in hashed form
208 :param hashed: password in hashed form
209 """
209 """
210 self._assert_bytes(password)
210 self._assert_bytes(password)
211 return hashlib.sha256(password).hexdigest() == hashed
211 return hashlib.sha256(password).hexdigest() == hashed
212
212
213
213
214 class _RhodeCodeCryptoMd5(_RhodeCodeCryptoBase):
214 class _RhodeCodeCryptoMd5(_RhodeCodeCryptoBase):
215 ENC_PREF = '_'
215 ENC_PREF = '_'
216
216
217 def hash_create(self, str_):
217 def hash_create(self, str_):
218 self._assert_bytes(str_)
218 self._assert_bytes(str_)
219 return hashlib.md5(str_).hexdigest()
219 return hashlib.md5(str_).hexdigest()
220
220
221 def hash_check(self, password, hashed):
221 def hash_check(self, password, hashed):
222 """
222 """
223 Checks matching password with it's hashed value.
223 Checks matching password with it's hashed value.
224
224
225 :param password: password
225 :param password: password
226 :param hashed: password in hashed form
226 :param hashed: password in hashed form
227 """
227 """
228 self._assert_bytes(password)
228 self._assert_bytes(password)
229 return hashlib.md5(password).hexdigest() == hashed
229 return hashlib.md5(password).hexdigest() == hashed
230
230
231
231
232 def crypto_backend():
232 def crypto_backend():
233 """
233 """
234 Return the matching crypto backend.
234 Return the matching crypto backend.
235
235
236 Selection is based on if we run tests or not, we pick md5 backend to run
236 Selection is based on if we run tests or not, we pick md5 backend to run
237 tests faster since BCRYPT is expensive to calculate
237 tests faster since BCRYPT is expensive to calculate
238 """
238 """
239 if rhodecode.is_test:
239 if rhodecode.is_test:
240 RhodeCodeCrypto = _RhodeCodeCryptoMd5()
240 RhodeCodeCrypto = _RhodeCodeCryptoMd5()
241 else:
241 else:
242 RhodeCodeCrypto = _RhodeCodeCryptoBCrypt()
242 RhodeCodeCrypto = _RhodeCodeCryptoBCrypt()
243
243
244 return RhodeCodeCrypto
244 return RhodeCodeCrypto
245
245
246
246
247 def get_crypt_password(password):
247 def get_crypt_password(password):
248 """
248 """
249 Create the hash of `password` with the active crypto backend.
249 Create the hash of `password` with the active crypto backend.
250
250
251 :param password: The cleartext password.
251 :param password: The cleartext password.
252 :type password: unicode
252 :type password: unicode
253 """
253 """
254 password = safe_str(password)
254 password = safe_str(password)
255 return crypto_backend().hash_create(password)
255 return crypto_backend().hash_create(password)
256
256
257
257
258 def check_password(password, hashed):
258 def check_password(password, hashed):
259 """
259 """
260 Check if the value in `password` matches the hash in `hashed`.
260 Check if the value in `password` matches the hash in `hashed`.
261
261
262 :param password: The cleartext password.
262 :param password: The cleartext password.
263 :type password: unicode
263 :type password: unicode
264
264
265 :param hashed: The expected hashed version of the password.
265 :param hashed: The expected hashed version of the password.
266 :type hashed: The hash has to be passed in in text representation.
266 :type hashed: The hash has to be passed in in text representation.
267 """
267 """
268 password = safe_str(password)
268 password = safe_str(password)
269 return crypto_backend().hash_check(password, hashed)
269 return crypto_backend().hash_check(password, hashed)
270
270
271
271
272 def generate_auth_token(data, salt=None):
272 def generate_auth_token(data, salt=None):
273 """
273 """
274 Generates API KEY from given string
274 Generates API KEY from given string
275 """
275 """
276
276
277 if salt is None:
277 if salt is None:
278 salt = os.urandom(16)
278 salt = os.urandom(16)
279 return hashlib.sha1(safe_str(data) + salt).hexdigest()
279 return hashlib.sha1(safe_str(data) + salt).hexdigest()
280
280
281
281
282 class CookieStoreWrapper(object):
282 class CookieStoreWrapper(object):
283
283
284 def __init__(self, cookie_store):
284 def __init__(self, cookie_store):
285 self.cookie_store = cookie_store
285 self.cookie_store = cookie_store
286
286
287 def __repr__(self):
287 def __repr__(self):
288 return 'CookieStore<%s>' % (self.cookie_store)
288 return 'CookieStore<%s>' % (self.cookie_store)
289
289
290 def get(self, key, other=None):
290 def get(self, key, other=None):
291 if isinstance(self.cookie_store, dict):
291 if isinstance(self.cookie_store, dict):
292 return self.cookie_store.get(key, other)
292 return self.cookie_store.get(key, other)
293 elif isinstance(self.cookie_store, AuthUser):
293 elif isinstance(self.cookie_store, AuthUser):
294 return self.cookie_store.__dict__.get(key, other)
294 return self.cookie_store.__dict__.get(key, other)
295
295
296
296
297 def _cached_perms_data(user_id, scope, user_is_admin,
297 def _cached_perms_data(user_id, scope, user_is_admin,
298 user_inherit_default_permissions, explicit, algo):
298 user_inherit_default_permissions, explicit, algo):
299
299
300 permissions = PermissionCalculator(
300 permissions = PermissionCalculator(
301 user_id, scope, user_is_admin, user_inherit_default_permissions,
301 user_id, scope, user_is_admin, user_inherit_default_permissions,
302 explicit, algo)
302 explicit, algo)
303 return permissions.calculate()
303 return permissions.calculate()
304
304
305
305
306 class PermOrigin(object):
306 class PermOrigin(object):
307 ADMIN = 'superadmin'
307 ADMIN = 'superadmin'
308
308
309 REPO_USER = 'user:%s'
309 REPO_USER = 'user:%s'
310 REPO_USERGROUP = 'usergroup:%s'
310 REPO_USERGROUP = 'usergroup:%s'
311 REPO_OWNER = 'repo.owner'
311 REPO_OWNER = 'repo.owner'
312 REPO_DEFAULT = 'repo.default'
312 REPO_DEFAULT = 'repo.default'
313 REPO_PRIVATE = 'repo.private'
313 REPO_PRIVATE = 'repo.private'
314
314
315 REPOGROUP_USER = 'user:%s'
315 REPOGROUP_USER = 'user:%s'
316 REPOGROUP_USERGROUP = 'usergroup:%s'
316 REPOGROUP_USERGROUP = 'usergroup:%s'
317 REPOGROUP_OWNER = 'group.owner'
317 REPOGROUP_OWNER = 'group.owner'
318 REPOGROUP_DEFAULT = 'group.default'
318 REPOGROUP_DEFAULT = 'group.default'
319
319
320 USERGROUP_USER = 'user:%s'
320 USERGROUP_USER = 'user:%s'
321 USERGROUP_USERGROUP = 'usergroup:%s'
321 USERGROUP_USERGROUP = 'usergroup:%s'
322 USERGROUP_OWNER = 'usergroup.owner'
322 USERGROUP_OWNER = 'usergroup.owner'
323 USERGROUP_DEFAULT = 'usergroup.default'
323 USERGROUP_DEFAULT = 'usergroup.default'
324
324
325
325
326 class PermOriginDict(dict):
326 class PermOriginDict(dict):
327 """
327 """
328 A special dict used for tracking permissions along with their origins.
328 A special dict used for tracking permissions along with their origins.
329
329
330 `__setitem__` has been overridden to expect a tuple(perm, origin)
330 `__setitem__` has been overridden to expect a tuple(perm, origin)
331 `__getitem__` will return only the perm
331 `__getitem__` will return only the perm
332 `.perm_origin_stack` will return the stack of (perm, origin) set per key
332 `.perm_origin_stack` will return the stack of (perm, origin) set per key
333
333
334 >>> perms = PermOriginDict()
334 >>> perms = PermOriginDict()
335 >>> perms['resource'] = 'read', 'default'
335 >>> perms['resource'] = 'read', 'default'
336 >>> perms['resource']
336 >>> perms['resource']
337 'read'
337 'read'
338 >>> perms['resource'] = 'write', 'admin'
338 >>> perms['resource'] = 'write', 'admin'
339 >>> perms['resource']
339 >>> perms['resource']
340 'write'
340 'write'
341 >>> perms.perm_origin_stack
341 >>> perms.perm_origin_stack
342 {'resource': [('read', 'default'), ('write', 'admin')]}
342 {'resource': [('read', 'default'), ('write', 'admin')]}
343 """
343 """
344
344
345 def __init__(self, *args, **kw):
345 def __init__(self, *args, **kw):
346 dict.__init__(self, *args, **kw)
346 dict.__init__(self, *args, **kw)
347 self.perm_origin_stack = {}
347 self.perm_origin_stack = {}
348
348
349 def __setitem__(self, key, (perm, origin)):
349 def __setitem__(self, key, (perm, origin)):
350 self.perm_origin_stack.setdefault(key, []).append((perm, origin))
350 self.perm_origin_stack.setdefault(key, []).append((perm, origin))
351 dict.__setitem__(self, key, perm)
351 dict.__setitem__(self, key, perm)
352
352
353
353
354 class PermissionCalculator(object):
354 class PermissionCalculator(object):
355
355
356 def __init__(
356 def __init__(
357 self, user_id, scope, user_is_admin,
357 self, user_id, scope, user_is_admin,
358 user_inherit_default_permissions, explicit, algo):
358 user_inherit_default_permissions, explicit, algo):
359 self.user_id = user_id
359 self.user_id = user_id
360 self.user_is_admin = user_is_admin
360 self.user_is_admin = user_is_admin
361 self.inherit_default_permissions = user_inherit_default_permissions
361 self.inherit_default_permissions = user_inherit_default_permissions
362 self.explicit = explicit
362 self.explicit = explicit
363 self.algo = algo
363 self.algo = algo
364
364
365 scope = scope or {}
365 scope = scope or {}
366 self.scope_repo_id = scope.get('repo_id')
366 self.scope_repo_id = scope.get('repo_id')
367 self.scope_repo_group_id = scope.get('repo_group_id')
367 self.scope_repo_group_id = scope.get('repo_group_id')
368 self.scope_user_group_id = scope.get('user_group_id')
368 self.scope_user_group_id = scope.get('user_group_id')
369
369
370 self.default_user_id = User.get_default_user(cache=True).user_id
370 self.default_user_id = User.get_default_user(cache=True).user_id
371
371
372 self.permissions_repositories = PermOriginDict()
372 self.permissions_repositories = PermOriginDict()
373 self.permissions_repository_groups = PermOriginDict()
373 self.permissions_repository_groups = PermOriginDict()
374 self.permissions_user_groups = PermOriginDict()
374 self.permissions_user_groups = PermOriginDict()
375 self.permissions_global = set()
375 self.permissions_global = set()
376
376
377 self.default_repo_perms = Permission.get_default_repo_perms(
377 self.default_repo_perms = Permission.get_default_repo_perms(
378 self.default_user_id, self.scope_repo_id)
378 self.default_user_id, self.scope_repo_id)
379 self.default_repo_groups_perms = Permission.get_default_group_perms(
379 self.default_repo_groups_perms = Permission.get_default_group_perms(
380 self.default_user_id, self.scope_repo_group_id)
380 self.default_user_id, self.scope_repo_group_id)
381 self.default_user_group_perms = \
381 self.default_user_group_perms = \
382 Permission.get_default_user_group_perms(
382 Permission.get_default_user_group_perms(
383 self.default_user_id, self.scope_user_group_id)
383 self.default_user_id, self.scope_user_group_id)
384
384
385 def calculate(self):
385 def calculate(self):
386 if self.user_is_admin:
386 if self.user_is_admin:
387 return self._admin_permissions()
387 return self._admin_permissions()
388
388
389 self._calculate_global_default_permissions()
389 self._calculate_global_default_permissions()
390 self._calculate_global_permissions()
390 self._calculate_global_permissions()
391 self._calculate_default_permissions()
391 self._calculate_default_permissions()
392 self._calculate_repository_permissions()
392 self._calculate_repository_permissions()
393 self._calculate_repository_group_permissions()
393 self._calculate_repository_group_permissions()
394 self._calculate_user_group_permissions()
394 self._calculate_user_group_permissions()
395 return self._permission_structure()
395 return self._permission_structure()
396
396
397 def _admin_permissions(self):
397 def _admin_permissions(self):
398 """
398 """
399 admin user have all default rights for repositories
399 admin user have all default rights for repositories
400 and groups set to admin
400 and groups set to admin
401 """
401 """
402 self.permissions_global.add('hg.admin')
402 self.permissions_global.add('hg.admin')
403 self.permissions_global.add('hg.create.write_on_repogroup.true')
403 self.permissions_global.add('hg.create.write_on_repogroup.true')
404
404
405 # repositories
405 # repositories
406 for perm in self.default_repo_perms:
406 for perm in self.default_repo_perms:
407 r_k = perm.UserRepoToPerm.repository.repo_name
407 r_k = perm.UserRepoToPerm.repository.repo_name
408 p = 'repository.admin'
408 p = 'repository.admin'
409 self.permissions_repositories[r_k] = p, PermOrigin.ADMIN
409 self.permissions_repositories[r_k] = p, PermOrigin.ADMIN
410
410
411 # repository groups
411 # repository groups
412 for perm in self.default_repo_groups_perms:
412 for perm in self.default_repo_groups_perms:
413 rg_k = perm.UserRepoGroupToPerm.group.group_name
413 rg_k = perm.UserRepoGroupToPerm.group.group_name
414 p = 'group.admin'
414 p = 'group.admin'
415 self.permissions_repository_groups[rg_k] = p, PermOrigin.ADMIN
415 self.permissions_repository_groups[rg_k] = p, PermOrigin.ADMIN
416
416
417 # user groups
417 # user groups
418 for perm in self.default_user_group_perms:
418 for perm in self.default_user_group_perms:
419 u_k = perm.UserUserGroupToPerm.user_group.users_group_name
419 u_k = perm.UserUserGroupToPerm.user_group.users_group_name
420 p = 'usergroup.admin'
420 p = 'usergroup.admin'
421 self.permissions_user_groups[u_k] = p, PermOrigin.ADMIN
421 self.permissions_user_groups[u_k] = p, PermOrigin.ADMIN
422
422
423 return self._permission_structure()
423 return self._permission_structure()
424
424
425 def _calculate_global_default_permissions(self):
425 def _calculate_global_default_permissions(self):
426 """
426 """
427 global permissions taken from the default user
427 global permissions taken from the default user
428 """
428 """
429 default_global_perms = UserToPerm.query()\
429 default_global_perms = UserToPerm.query()\
430 .filter(UserToPerm.user_id == self.default_user_id)\
430 .filter(UserToPerm.user_id == self.default_user_id)\
431 .options(joinedload(UserToPerm.permission))
431 .options(joinedload(UserToPerm.permission))
432
432
433 for perm in default_global_perms:
433 for perm in default_global_perms:
434 self.permissions_global.add(perm.permission.permission_name)
434 self.permissions_global.add(perm.permission.permission_name)
435
435
436 def _calculate_global_permissions(self):
436 def _calculate_global_permissions(self):
437 """
437 """
438 Set global system permissions with user permissions or permissions
438 Set global system permissions with user permissions or permissions
439 taken from the user groups of the current user.
439 taken from the user groups of the current user.
440
440
441 The permissions include repo creating, repo group creating, forking
441 The permissions include repo creating, repo group creating, forking
442 etc.
442 etc.
443 """
443 """
444
444
445 # now we read the defined permissions and overwrite what we have set
445 # now we read the defined permissions and overwrite what we have set
446 # before those can be configured from groups or users explicitly.
446 # before those can be configured from groups or users explicitly.
447
447
448 # TODO: johbo: This seems to be out of sync, find out the reason
448 # TODO: johbo: This seems to be out of sync, find out the reason
449 # for the comment below and update it.
449 # for the comment below and update it.
450
450
451 # In case we want to extend this list we should be always in sync with
451 # In case we want to extend this list we should be always in sync with
452 # User.DEFAULT_USER_PERMISSIONS definitions
452 # User.DEFAULT_USER_PERMISSIONS definitions
453 _configurable = frozenset([
453 _configurable = frozenset([
454 'hg.fork.none', 'hg.fork.repository',
454 'hg.fork.none', 'hg.fork.repository',
455 'hg.create.none', 'hg.create.repository',
455 'hg.create.none', 'hg.create.repository',
456 'hg.usergroup.create.false', 'hg.usergroup.create.true',
456 'hg.usergroup.create.false', 'hg.usergroup.create.true',
457 'hg.repogroup.create.false', 'hg.repogroup.create.true',
457 'hg.repogroup.create.false', 'hg.repogroup.create.true',
458 'hg.create.write_on_repogroup.false',
458 'hg.create.write_on_repogroup.false',
459 'hg.create.write_on_repogroup.true',
459 'hg.create.write_on_repogroup.true',
460 'hg.inherit_default_perms.false', 'hg.inherit_default_perms.true'
460 'hg.inherit_default_perms.false', 'hg.inherit_default_perms.true'
461 ])
461 ])
462
462
463 # USER GROUPS comes first user group global permissions
463 # USER GROUPS comes first user group global permissions
464 user_perms_from_users_groups = Session().query(UserGroupToPerm)\
464 user_perms_from_users_groups = Session().query(UserGroupToPerm)\
465 .options(joinedload(UserGroupToPerm.permission))\
465 .options(joinedload(UserGroupToPerm.permission))\
466 .join((UserGroupMember, UserGroupToPerm.users_group_id ==
466 .join((UserGroupMember, UserGroupToPerm.users_group_id ==
467 UserGroupMember.users_group_id))\
467 UserGroupMember.users_group_id))\
468 .filter(UserGroupMember.user_id == self.user_id)\
468 .filter(UserGroupMember.user_id == self.user_id)\
469 .order_by(UserGroupToPerm.users_group_id)\
469 .order_by(UserGroupToPerm.users_group_id)\
470 .all()
470 .all()
471
471
472 # need to group here by groups since user can be in more than
472 # need to group here by groups since user can be in more than
473 # one group, so we get all groups
473 # one group, so we get all groups
474 _explicit_grouped_perms = [
474 _explicit_grouped_perms = [
475 [x, list(y)] for x, y in
475 [x, list(y)] for x, y in
476 itertools.groupby(user_perms_from_users_groups,
476 itertools.groupby(user_perms_from_users_groups,
477 lambda _x: _x.users_group)]
477 lambda _x: _x.users_group)]
478
478
479 for gr, perms in _explicit_grouped_perms:
479 for gr, perms in _explicit_grouped_perms:
480 # since user can be in multiple groups iterate over them and
480 # since user can be in multiple groups iterate over them and
481 # select the lowest permissions first (more explicit)
481 # select the lowest permissions first (more explicit)
482 # TODO: marcink: do this^^
482 # TODO: marcink: do this^^
483
483
484 # group doesn't inherit default permissions so we actually set them
484 # group doesn't inherit default permissions so we actually set them
485 if not gr.inherit_default_permissions:
485 if not gr.inherit_default_permissions:
486 # NEED TO IGNORE all previously set configurable permissions
486 # NEED TO IGNORE all previously set configurable permissions
487 # and replace them with explicitly set from this user
487 # and replace them with explicitly set from this user
488 # group permissions
488 # group permissions
489 self.permissions_global = self.permissions_global.difference(
489 self.permissions_global = self.permissions_global.difference(
490 _configurable)
490 _configurable)
491 for perm in perms:
491 for perm in perms:
492 self.permissions_global.add(perm.permission.permission_name)
492 self.permissions_global.add(perm.permission.permission_name)
493
493
494 # user explicit global permissions
494 # user explicit global permissions
495 user_perms = Session().query(UserToPerm)\
495 user_perms = Session().query(UserToPerm)\
496 .options(joinedload(UserToPerm.permission))\
496 .options(joinedload(UserToPerm.permission))\
497 .filter(UserToPerm.user_id == self.user_id).all()
497 .filter(UserToPerm.user_id == self.user_id).all()
498
498
499 if not self.inherit_default_permissions:
499 if not self.inherit_default_permissions:
500 # NEED TO IGNORE all configurable permissions and
500 # NEED TO IGNORE all configurable permissions and
501 # replace them with explicitly set from this user permissions
501 # replace them with explicitly set from this user permissions
502 self.permissions_global = self.permissions_global.difference(
502 self.permissions_global = self.permissions_global.difference(
503 _configurable)
503 _configurable)
504 for perm in user_perms:
504 for perm in user_perms:
505 self.permissions_global.add(perm.permission.permission_name)
505 self.permissions_global.add(perm.permission.permission_name)
506
506
507 def _calculate_default_permissions(self):
507 def _calculate_default_permissions(self):
508 """
508 """
509 Set default user permissions for repositories, repository groups
509 Set default user permissions for repositories, repository groups
510 taken from the default user.
510 taken from the default user.
511
511
512 Calculate inheritance of object permissions based on what we have now
512 Calculate inheritance of object permissions based on what we have now
513 in GLOBAL permissions. We check if .false is in GLOBAL since this is
513 in GLOBAL permissions. We check if .false is in GLOBAL since this is
514 explicitly set. Inherit is the opposite of .false being there.
514 explicitly set. Inherit is the opposite of .false being there.
515
515
516 .. note::
516 .. note::
517
517
518 the syntax is little bit odd but what we need to check here is
518 the syntax is little bit odd but what we need to check here is
519 the opposite of .false permission being in the list so even for
519 the opposite of .false permission being in the list so even for
520 inconsistent state when both .true/.false is there
520 inconsistent state when both .true/.false is there
521 .false is more important
521 .false is more important
522
522
523 """
523 """
524 user_inherit_object_permissions = not ('hg.inherit_default_perms.false'
524 user_inherit_object_permissions = not ('hg.inherit_default_perms.false'
525 in self.permissions_global)
525 in self.permissions_global)
526
526
527 # defaults for repositories, taken from `default` user permissions
527 # defaults for repositories, taken from `default` user permissions
528 # on given repo
528 # on given repo
529 for perm in self.default_repo_perms:
529 for perm in self.default_repo_perms:
530 r_k = perm.UserRepoToPerm.repository.repo_name
530 r_k = perm.UserRepoToPerm.repository.repo_name
531 o = PermOrigin.REPO_DEFAULT
531 o = PermOrigin.REPO_DEFAULT
532 if perm.Repository.private and not (
532 if perm.Repository.private and not (
533 perm.Repository.user_id == self.user_id):
533 perm.Repository.user_id == self.user_id):
534 # disable defaults for private repos,
534 # disable defaults for private repos,
535 p = 'repository.none'
535 p = 'repository.none'
536 o = PermOrigin.REPO_PRIVATE
536 o = PermOrigin.REPO_PRIVATE
537 elif perm.Repository.user_id == self.user_id:
537 elif perm.Repository.user_id == self.user_id:
538 # set admin if owner
538 # set admin if owner
539 p = 'repository.admin'
539 p = 'repository.admin'
540 o = PermOrigin.REPO_OWNER
540 o = PermOrigin.REPO_OWNER
541 else:
541 else:
542 p = perm.Permission.permission_name
542 p = perm.Permission.permission_name
543 # if we decide this user isn't inheriting permissions from
543 # if we decide this user isn't inheriting permissions from
544 # default user we set him to .none so only explicit
544 # default user we set him to .none so only explicit
545 # permissions work
545 # permissions work
546 if not user_inherit_object_permissions:
546 if not user_inherit_object_permissions:
547 p = 'repository.none'
547 p = 'repository.none'
548 self.permissions_repositories[r_k] = p, o
548 self.permissions_repositories[r_k] = p, o
549
549
550 # defaults for repository groups taken from `default` user permission
550 # defaults for repository groups taken from `default` user permission
551 # on given group
551 # on given group
552 for perm in self.default_repo_groups_perms:
552 for perm in self.default_repo_groups_perms:
553 rg_k = perm.UserRepoGroupToPerm.group.group_name
553 rg_k = perm.UserRepoGroupToPerm.group.group_name
554 o = PermOrigin.REPOGROUP_DEFAULT
554 o = PermOrigin.REPOGROUP_DEFAULT
555 if perm.RepoGroup.user_id == self.user_id:
555 if perm.RepoGroup.user_id == self.user_id:
556 # set admin if owner
556 # set admin if owner
557 p = 'group.admin'
557 p = 'group.admin'
558 o = PermOrigin.REPOGROUP_OWNER
558 o = PermOrigin.REPOGROUP_OWNER
559 else:
559 else:
560 p = perm.Permission.permission_name
560 p = perm.Permission.permission_name
561
561
562 # if we decide this user isn't inheriting permissions from default
562 # if we decide this user isn't inheriting permissions from default
563 # user we set him to .none so only explicit permissions work
563 # user we set him to .none so only explicit permissions work
564 if not user_inherit_object_permissions:
564 if not user_inherit_object_permissions:
565 p = 'group.none'
565 p = 'group.none'
566 self.permissions_repository_groups[rg_k] = p, o
566 self.permissions_repository_groups[rg_k] = p, o
567
567
568 # defaults for user groups taken from `default` user permission
568 # defaults for user groups taken from `default` user permission
569 # on given user group
569 # on given user group
570 for perm in self.default_user_group_perms:
570 for perm in self.default_user_group_perms:
571 u_k = perm.UserUserGroupToPerm.user_group.users_group_name
571 u_k = perm.UserUserGroupToPerm.user_group.users_group_name
572 o = PermOrigin.USERGROUP_DEFAULT
572 o = PermOrigin.USERGROUP_DEFAULT
573 if perm.UserGroup.user_id == self.user_id:
573 if perm.UserGroup.user_id == self.user_id:
574 # set admin if owner
574 # set admin if owner
575 p = 'usergroup.admin'
575 p = 'usergroup.admin'
576 o = PermOrigin.USERGROUP_OWNER
576 o = PermOrigin.USERGROUP_OWNER
577 else:
577 else:
578 p = perm.Permission.permission_name
578 p = perm.Permission.permission_name
579
579
580 # if we decide this user isn't inheriting permissions from default
580 # if we decide this user isn't inheriting permissions from default
581 # user we set him to .none so only explicit permissions work
581 # user we set him to .none so only explicit permissions work
582 if not user_inherit_object_permissions:
582 if not user_inherit_object_permissions:
583 p = 'usergroup.none'
583 p = 'usergroup.none'
584 self.permissions_user_groups[u_k] = p, o
584 self.permissions_user_groups[u_k] = p, o
585
585
586 def _calculate_repository_permissions(self):
586 def _calculate_repository_permissions(self):
587 """
587 """
588 Repository permissions for the current user.
588 Repository permissions for the current user.
589
589
590 Check if the user is part of user groups for this repository and
590 Check if the user is part of user groups for this repository and
591 fill in the permission from it. `_choose_permission` decides of which
591 fill in the permission from it. `_choose_permission` decides of which
592 permission should be selected based on selected method.
592 permission should be selected based on selected method.
593 """
593 """
594
594
595 # user group for repositories permissions
595 # user group for repositories permissions
596 user_repo_perms_from_user_group = Permission\
596 user_repo_perms_from_user_group = Permission\
597 .get_default_repo_perms_from_user_group(
597 .get_default_repo_perms_from_user_group(
598 self.user_id, self.scope_repo_id)
598 self.user_id, self.scope_repo_id)
599
599
600 multiple_counter = collections.defaultdict(int)
600 multiple_counter = collections.defaultdict(int)
601 for perm in user_repo_perms_from_user_group:
601 for perm in user_repo_perms_from_user_group:
602 r_k = perm.UserGroupRepoToPerm.repository.repo_name
602 r_k = perm.UserGroupRepoToPerm.repository.repo_name
603 ug_k = perm.UserGroupRepoToPerm.users_group.users_group_name
603 ug_k = perm.UserGroupRepoToPerm.users_group.users_group_name
604 multiple_counter[r_k] += 1
604 multiple_counter[r_k] += 1
605 p = perm.Permission.permission_name
605 p = perm.Permission.permission_name
606 o = PermOrigin.REPO_USERGROUP % ug_k
606 o = PermOrigin.REPO_USERGROUP % ug_k
607
607
608 if perm.Repository.user_id == self.user_id:
608 if perm.Repository.user_id == self.user_id:
609 # set admin if owner
609 # set admin if owner
610 p = 'repository.admin'
610 p = 'repository.admin'
611 o = PermOrigin.REPO_OWNER
611 o = PermOrigin.REPO_OWNER
612 else:
612 else:
613 if multiple_counter[r_k] > 1:
613 if multiple_counter[r_k] > 1:
614 cur_perm = self.permissions_repositories[r_k]
614 cur_perm = self.permissions_repositories[r_k]
615 p = self._choose_permission(p, cur_perm)
615 p = self._choose_permission(p, cur_perm)
616 self.permissions_repositories[r_k] = p, o
616 self.permissions_repositories[r_k] = p, o
617
617
618 # user explicit permissions for repositories, overrides any specified
618 # user explicit permissions for repositories, overrides any specified
619 # by the group permission
619 # by the group permission
620 user_repo_perms = Permission.get_default_repo_perms(
620 user_repo_perms = Permission.get_default_repo_perms(
621 self.user_id, self.scope_repo_id)
621 self.user_id, self.scope_repo_id)
622 for perm in user_repo_perms:
622 for perm in user_repo_perms:
623 r_k = perm.UserRepoToPerm.repository.repo_name
623 r_k = perm.UserRepoToPerm.repository.repo_name
624 o = PermOrigin.REPO_USER % perm.UserRepoToPerm.user.username
624 o = PermOrigin.REPO_USER % perm.UserRepoToPerm.user.username
625 # set admin if owner
625 # set admin if owner
626 if perm.Repository.user_id == self.user_id:
626 if perm.Repository.user_id == self.user_id:
627 p = 'repository.admin'
627 p = 'repository.admin'
628 o = PermOrigin.REPO_OWNER
628 o = PermOrigin.REPO_OWNER
629 else:
629 else:
630 p = perm.Permission.permission_name
630 p = perm.Permission.permission_name
631 if not self.explicit:
631 if not self.explicit:
632 cur_perm = self.permissions_repositories.get(
632 cur_perm = self.permissions_repositories.get(
633 r_k, 'repository.none')
633 r_k, 'repository.none')
634 p = self._choose_permission(p, cur_perm)
634 p = self._choose_permission(p, cur_perm)
635 self.permissions_repositories[r_k] = p, o
635 self.permissions_repositories[r_k] = p, o
636
636
637 def _calculate_repository_group_permissions(self):
637 def _calculate_repository_group_permissions(self):
638 """
638 """
639 Repository group permissions for the current user.
639 Repository group permissions for the current user.
640
640
641 Check if the user is part of user groups for repository groups and
641 Check if the user is part of user groups for repository groups and
642 fill in the permissions from it. `_choose_permmission` decides of which
642 fill in the permissions from it. `_choose_permmission` decides of which
643 permission should be selected based on selected method.
643 permission should be selected based on selected method.
644 """
644 """
645 # user group for repo groups permissions
645 # user group for repo groups permissions
646 user_repo_group_perms_from_user_group = Permission\
646 user_repo_group_perms_from_user_group = Permission\
647 .get_default_group_perms_from_user_group(
647 .get_default_group_perms_from_user_group(
648 self.user_id, self.scope_repo_group_id)
648 self.user_id, self.scope_repo_group_id)
649
649
650 multiple_counter = collections.defaultdict(int)
650 multiple_counter = collections.defaultdict(int)
651 for perm in user_repo_group_perms_from_user_group:
651 for perm in user_repo_group_perms_from_user_group:
652 g_k = perm.UserGroupRepoGroupToPerm.group.group_name
652 g_k = perm.UserGroupRepoGroupToPerm.group.group_name
653 ug_k = perm.UserGroupRepoGroupToPerm.users_group.users_group_name
653 ug_k = perm.UserGroupRepoGroupToPerm.users_group.users_group_name
654 o = PermOrigin.REPOGROUP_USERGROUP % ug_k
654 o = PermOrigin.REPOGROUP_USERGROUP % ug_k
655 multiple_counter[g_k] += 1
655 multiple_counter[g_k] += 1
656 p = perm.Permission.permission_name
656 p = perm.Permission.permission_name
657 if perm.RepoGroup.user_id == self.user_id:
657 if perm.RepoGroup.user_id == self.user_id:
658 # set admin if owner, even for member of other user group
658 # set admin if owner, even for member of other user group
659 p = 'group.admin'
659 p = 'group.admin'
660 o = PermOrigin.REPOGROUP_OWNER
660 o = PermOrigin.REPOGROUP_OWNER
661 else:
661 else:
662 if multiple_counter[g_k] > 1:
662 if multiple_counter[g_k] > 1:
663 cur_perm = self.permissions_repository_groups[g_k]
663 cur_perm = self.permissions_repository_groups[g_k]
664 p = self._choose_permission(p, cur_perm)
664 p = self._choose_permission(p, cur_perm)
665 self.permissions_repository_groups[g_k] = p, o
665 self.permissions_repository_groups[g_k] = p, o
666
666
667 # user explicit permissions for repository groups
667 # user explicit permissions for repository groups
668 user_repo_groups_perms = Permission.get_default_group_perms(
668 user_repo_groups_perms = Permission.get_default_group_perms(
669 self.user_id, self.scope_repo_group_id)
669 self.user_id, self.scope_repo_group_id)
670 for perm in user_repo_groups_perms:
670 for perm in user_repo_groups_perms:
671 rg_k = perm.UserRepoGroupToPerm.group.group_name
671 rg_k = perm.UserRepoGroupToPerm.group.group_name
672 u_k = perm.UserRepoGroupToPerm.user.username
672 u_k = perm.UserRepoGroupToPerm.user.username
673 o = PermOrigin.REPOGROUP_USER % u_k
673 o = PermOrigin.REPOGROUP_USER % u_k
674
674
675 if perm.RepoGroup.user_id == self.user_id:
675 if perm.RepoGroup.user_id == self.user_id:
676 # set admin if owner
676 # set admin if owner
677 p = 'group.admin'
677 p = 'group.admin'
678 o = PermOrigin.REPOGROUP_OWNER
678 o = PermOrigin.REPOGROUP_OWNER
679 else:
679 else:
680 p = perm.Permission.permission_name
680 p = perm.Permission.permission_name
681 if not self.explicit:
681 if not self.explicit:
682 cur_perm = self.permissions_repository_groups.get(
682 cur_perm = self.permissions_repository_groups.get(
683 rg_k, 'group.none')
683 rg_k, 'group.none')
684 p = self._choose_permission(p, cur_perm)
684 p = self._choose_permission(p, cur_perm)
685 self.permissions_repository_groups[rg_k] = p, o
685 self.permissions_repository_groups[rg_k] = p, o
686
686
687 def _calculate_user_group_permissions(self):
687 def _calculate_user_group_permissions(self):
688 """
688 """
689 User group permissions for the current user.
689 User group permissions for the current user.
690 """
690 """
691 # user group for user group permissions
691 # user group for user group permissions
692 user_group_from_user_group = Permission\
692 user_group_from_user_group = Permission\
693 .get_default_user_group_perms_from_user_group(
693 .get_default_user_group_perms_from_user_group(
694 self.user_id, self.scope_user_group_id)
694 self.user_id, self.scope_user_group_id)
695
695
696 multiple_counter = collections.defaultdict(int)
696 multiple_counter = collections.defaultdict(int)
697 for perm in user_group_from_user_group:
697 for perm in user_group_from_user_group:
698 g_k = perm.UserGroupUserGroupToPerm\
698 g_k = perm.UserGroupUserGroupToPerm\
699 .target_user_group.users_group_name
699 .target_user_group.users_group_name
700 u_k = perm.UserGroupUserGroupToPerm\
700 u_k = perm.UserGroupUserGroupToPerm\
701 .user_group.users_group_name
701 .user_group.users_group_name
702 o = PermOrigin.USERGROUP_USERGROUP % u_k
702 o = PermOrigin.USERGROUP_USERGROUP % u_k
703 multiple_counter[g_k] += 1
703 multiple_counter[g_k] += 1
704 p = perm.Permission.permission_name
704 p = perm.Permission.permission_name
705
705
706 if perm.UserGroup.user_id == self.user_id:
706 if perm.UserGroup.user_id == self.user_id:
707 # set admin if owner, even for member of other user group
707 # set admin if owner, even for member of other user group
708 p = 'usergroup.admin'
708 p = 'usergroup.admin'
709 o = PermOrigin.USERGROUP_OWNER
709 o = PermOrigin.USERGROUP_OWNER
710 else:
710 else:
711 if multiple_counter[g_k] > 1:
711 if multiple_counter[g_k] > 1:
712 cur_perm = self.permissions_user_groups[g_k]
712 cur_perm = self.permissions_user_groups[g_k]
713 p = self._choose_permission(p, cur_perm)
713 p = self._choose_permission(p, cur_perm)
714 self.permissions_user_groups[g_k] = p, o
714 self.permissions_user_groups[g_k] = p, o
715
715
716 # user explicit permission for user groups
716 # user explicit permission for user groups
717 user_user_groups_perms = Permission.get_default_user_group_perms(
717 user_user_groups_perms = Permission.get_default_user_group_perms(
718 self.user_id, self.scope_user_group_id)
718 self.user_id, self.scope_user_group_id)
719 for perm in user_user_groups_perms:
719 for perm in user_user_groups_perms:
720 ug_k = perm.UserUserGroupToPerm.user_group.users_group_name
720 ug_k = perm.UserUserGroupToPerm.user_group.users_group_name
721 u_k = perm.UserUserGroupToPerm.user.username
721 u_k = perm.UserUserGroupToPerm.user.username
722 o = PermOrigin.USERGROUP_USER % u_k
722 o = PermOrigin.USERGROUP_USER % u_k
723
723
724 if perm.UserGroup.user_id == self.user_id:
724 if perm.UserGroup.user_id == self.user_id:
725 # set admin if owner
725 # set admin if owner
726 p = 'usergroup.admin'
726 p = 'usergroup.admin'
727 o = PermOrigin.USERGROUP_OWNER
727 o = PermOrigin.USERGROUP_OWNER
728 else:
728 else:
729 p = perm.Permission.permission_name
729 p = perm.Permission.permission_name
730 if not self.explicit:
730 if not self.explicit:
731 cur_perm = self.permissions_user_groups.get(
731 cur_perm = self.permissions_user_groups.get(
732 ug_k, 'usergroup.none')
732 ug_k, 'usergroup.none')
733 p = self._choose_permission(p, cur_perm)
733 p = self._choose_permission(p, cur_perm)
734 self.permissions_user_groups[ug_k] = p, o
734 self.permissions_user_groups[ug_k] = p, o
735
735
736 def _choose_permission(self, new_perm, cur_perm):
736 def _choose_permission(self, new_perm, cur_perm):
737 new_perm_val = Permission.PERM_WEIGHTS[new_perm]
737 new_perm_val = Permission.PERM_WEIGHTS[new_perm]
738 cur_perm_val = Permission.PERM_WEIGHTS[cur_perm]
738 cur_perm_val = Permission.PERM_WEIGHTS[cur_perm]
739 if self.algo == 'higherwin':
739 if self.algo == 'higherwin':
740 if new_perm_val > cur_perm_val:
740 if new_perm_val > cur_perm_val:
741 return new_perm
741 return new_perm
742 return cur_perm
742 return cur_perm
743 elif self.algo == 'lowerwin':
743 elif self.algo == 'lowerwin':
744 if new_perm_val < cur_perm_val:
744 if new_perm_val < cur_perm_val:
745 return new_perm
745 return new_perm
746 return cur_perm
746 return cur_perm
747
747
748 def _permission_structure(self):
748 def _permission_structure(self):
749 return {
749 return {
750 'global': self.permissions_global,
750 'global': self.permissions_global,
751 'repositories': self.permissions_repositories,
751 'repositories': self.permissions_repositories,
752 'repositories_groups': self.permissions_repository_groups,
752 'repositories_groups': self.permissions_repository_groups,
753 'user_groups': self.permissions_user_groups,
753 'user_groups': self.permissions_user_groups,
754 }
754 }
755
755
756
756
757 def allowed_auth_token_access(controller_name, whitelist=None, auth_token=None):
757 def allowed_auth_token_access(controller_name, whitelist=None, auth_token=None):
758 """
758 """
759 Check if given controller_name is in whitelist of auth token access
759 Check if given controller_name is in whitelist of auth token access
760 """
760 """
761 if not whitelist:
761 if not whitelist:
762 from rhodecode import CONFIG
762 from rhodecode import CONFIG
763 whitelist = aslist(
763 whitelist = aslist(
764 CONFIG.get('api_access_controllers_whitelist'), sep=',')
764 CONFIG.get('api_access_controllers_whitelist'), sep=',')
765 log.debug(
765 log.debug(
766 'Allowed controllers for AUTH TOKEN access: %s' % (whitelist,))
766 'Allowed controllers for AUTH TOKEN access: %s' % (whitelist,))
767
767
768 auth_token_access_valid = False
768 auth_token_access_valid = False
769 for entry in whitelist:
769 for entry in whitelist:
770 if fnmatch.fnmatch(controller_name, entry):
770 if fnmatch.fnmatch(controller_name, entry):
771 auth_token_access_valid = True
771 auth_token_access_valid = True
772 break
772 break
773
773
774 if auth_token_access_valid:
774 if auth_token_access_valid:
775 log.debug('controller:%s matches entry in whitelist'
775 log.debug('controller:%s matches entry in whitelist'
776 % (controller_name,))
776 % (controller_name,))
777 else:
777 else:
778 msg = ('controller: %s does *NOT* match any entry in whitelist'
778 msg = ('controller: %s does *NOT* match any entry in whitelist'
779 % (controller_name,))
779 % (controller_name,))
780 if auth_token:
780 if auth_token:
781 # if we use auth token key and don't have access it's a warning
781 # if we use auth token key and don't have access it's a warning
782 log.warning(msg)
782 log.warning(msg)
783 else:
783 else:
784 log.debug(msg)
784 log.debug(msg)
785
785
786 return auth_token_access_valid
786 return auth_token_access_valid
787
787
788
788
789 class AuthUser(object):
789 class AuthUser(object):
790 """
790 """
791 A simple object that handles all attributes of user in RhodeCode
791 A simple object that handles all attributes of user in RhodeCode
792
792
793 It does lookup based on API key,given user, or user present in session
793 It does lookup based on API key,given user, or user present in session
794 Then it fills all required information for such user. It also checks if
794 Then it fills all required information for such user. It also checks if
795 anonymous access is enabled and if so, it returns default user as logged in
795 anonymous access is enabled and if so, it returns default user as logged in
796 """
796 """
797 GLOBAL_PERMS = [x[0] for x in Permission.PERMS]
797 GLOBAL_PERMS = [x[0] for x in Permission.PERMS]
798
798
799 def __init__(self, user_id=None, api_key=None, username=None, ip_addr=None):
799 def __init__(self, user_id=None, api_key=None, username=None, ip_addr=None):
800
800
801 self.user_id = user_id
801 self.user_id = user_id
802 self._api_key = api_key
802 self._api_key = api_key
803
803
804 self.api_key = None
804 self.api_key = None
805 self.feed_token = ''
805 self.feed_token = ''
806 self.username = username
806 self.username = username
807 self.ip_addr = ip_addr
807 self.ip_addr = ip_addr
808 self.name = ''
808 self.name = ''
809 self.lastname = ''
809 self.lastname = ''
810 self.first_name = ''
811 self.last_name = ''
810 self.email = ''
812 self.email = ''
811 self.is_authenticated = False
813 self.is_authenticated = False
812 self.admin = False
814 self.admin = False
813 self.inherit_default_permissions = False
815 self.inherit_default_permissions = False
814 self.password = ''
816 self.password = ''
815
817
816 self.anonymous_user = None # propagated on propagate_data
818 self.anonymous_user = None # propagated on propagate_data
817 self.propagate_data()
819 self.propagate_data()
818 self._instance = None
820 self._instance = None
819 self._permissions_scoped_cache = {} # used to bind scoped calculation
821 self._permissions_scoped_cache = {} # used to bind scoped calculation
820
822
821 @LazyProperty
823 @LazyProperty
822 def permissions(self):
824 def permissions(self):
823 return self.get_perms(user=self, cache=False)
825 return self.get_perms(user=self, cache=False)
824
826
825 def permissions_with_scope(self, scope):
827 def permissions_with_scope(self, scope):
826 """
828 """
827 Call the get_perms function with scoped data. The scope in that function
829 Call the get_perms function with scoped data. The scope in that function
828 narrows the SQL calls to the given ID of objects resulting in fetching
830 narrows the SQL calls to the given ID of objects resulting in fetching
829 Just particular permission we want to obtain. If scope is an empty dict
831 Just particular permission we want to obtain. If scope is an empty dict
830 then it basically narrows the scope to GLOBAL permissions only.
832 then it basically narrows the scope to GLOBAL permissions only.
831
833
832 :param scope: dict
834 :param scope: dict
833 """
835 """
834 if 'repo_name' in scope:
836 if 'repo_name' in scope:
835 obj = Repository.get_by_repo_name(scope['repo_name'])
837 obj = Repository.get_by_repo_name(scope['repo_name'])
836 if obj:
838 if obj:
837 scope['repo_id'] = obj.repo_id
839 scope['repo_id'] = obj.repo_id
838 _scope = {
840 _scope = {
839 'repo_id': -1,
841 'repo_id': -1,
840 'user_group_id': -1,
842 'user_group_id': -1,
841 'repo_group_id': -1,
843 'repo_group_id': -1,
842 }
844 }
843 _scope.update(scope)
845 _scope.update(scope)
844 cache_key = "_".join(map(safe_str, reduce(lambda a, b: a+b,
846 cache_key = "_".join(map(safe_str, reduce(lambda a, b: a+b,
845 _scope.items())))
847 _scope.items())))
846 if cache_key not in self._permissions_scoped_cache:
848 if cache_key not in self._permissions_scoped_cache:
847 # store in cache to mimic how the @LazyProperty works,
849 # store in cache to mimic how the @LazyProperty works,
848 # the difference here is that we use the unique key calculated
850 # the difference here is that we use the unique key calculated
849 # from params and values
851 # from params and values
850 res = self.get_perms(user=self, cache=False, scope=_scope)
852 res = self.get_perms(user=self, cache=False, scope=_scope)
851 self._permissions_scoped_cache[cache_key] = res
853 self._permissions_scoped_cache[cache_key] = res
852 return self._permissions_scoped_cache[cache_key]
854 return self._permissions_scoped_cache[cache_key]
853
855
854 def get_instance(self):
856 def get_instance(self):
855 return User.get(self.user_id)
857 return User.get(self.user_id)
856
858
857 def update_lastactivity(self):
859 def update_lastactivity(self):
858 if self.user_id:
860 if self.user_id:
859 User.get(self.user_id).update_lastactivity()
861 User.get(self.user_id).update_lastactivity()
860
862
861 def propagate_data(self):
863 def propagate_data(self):
862 """
864 """
863 Fills in user data and propagates values to this instance. Maps fetched
865 Fills in user data and propagates values to this instance. Maps fetched
864 user attributes to this class instance attributes
866 user attributes to this class instance attributes
865 """
867 """
866 log.debug('starting data propagation for new potential AuthUser')
868 log.debug('starting data propagation for new potential AuthUser')
867 user_model = UserModel()
869 user_model = UserModel()
868 anon_user = self.anonymous_user = User.get_default_user(cache=True)
870 anon_user = self.anonymous_user = User.get_default_user(cache=True)
869 is_user_loaded = False
871 is_user_loaded = False
870
872
871 # lookup by userid
873 # lookup by userid
872 if self.user_id is not None and self.user_id != anon_user.user_id:
874 if self.user_id is not None and self.user_id != anon_user.user_id:
873 log.debug('Trying Auth User lookup by USER ID: `%s`' % self.user_id)
875 log.debug('Trying Auth User lookup by USER ID: `%s`' % self.user_id)
874 is_user_loaded = user_model.fill_data(self, user_id=self.user_id)
876 is_user_loaded = user_model.fill_data(self, user_id=self.user_id)
875
877
876 # try go get user by api key
878 # try go get user by api key
877 elif self._api_key and self._api_key != anon_user.api_key:
879 elif self._api_key and self._api_key != anon_user.api_key:
878 log.debug('Trying Auth User lookup by API KEY: `%s`' % self._api_key)
880 log.debug('Trying Auth User lookup by API KEY: `%s`' % self._api_key)
879 is_user_loaded = user_model.fill_data(self, api_key=self._api_key)
881 is_user_loaded = user_model.fill_data(self, api_key=self._api_key)
880
882
881 # lookup by username
883 # lookup by username
882 elif self.username:
884 elif self.username:
883 log.debug('Trying Auth User lookup by USER NAME: `%s`' % self.username)
885 log.debug('Trying Auth User lookup by USER NAME: `%s`' % self.username)
884 is_user_loaded = user_model.fill_data(self, username=self.username)
886 is_user_loaded = user_model.fill_data(self, username=self.username)
885 else:
887 else:
886 log.debug('No data in %s that could been used to log in' % self)
888 log.debug('No data in %s that could been used to log in' % self)
887
889
888 if not is_user_loaded:
890 if not is_user_loaded:
889 log.debug('Failed to load user. Fallback to default user')
891 log.debug('Failed to load user. Fallback to default user')
890 # if we cannot authenticate user try anonymous
892 # if we cannot authenticate user try anonymous
891 if anon_user.active:
893 if anon_user.active:
892 user_model.fill_data(self, user_id=anon_user.user_id)
894 user_model.fill_data(self, user_id=anon_user.user_id)
893 # then we set this user is logged in
895 # then we set this user is logged in
894 self.is_authenticated = True
896 self.is_authenticated = True
895 else:
897 else:
896 # in case of disabled anonymous user we reset some of the
898 # in case of disabled anonymous user we reset some of the
897 # parameters so such user is "corrupted", skipping the fill_data
899 # parameters so such user is "corrupted", skipping the fill_data
898 for attr in ['user_id', 'username', 'admin', 'active']:
900 for attr in ['user_id', 'username', 'admin', 'active']:
899 setattr(self, attr, None)
901 setattr(self, attr, None)
900 self.is_authenticated = False
902 self.is_authenticated = False
901
903
902 if not self.username:
904 if not self.username:
903 self.username = 'None'
905 self.username = 'None'
904
906
905 log.debug('Auth User is now %s' % self)
907 log.debug('Auth User is now %s' % self)
906
908
907 def get_perms(self, user, scope=None, explicit=True, algo='higherwin',
909 def get_perms(self, user, scope=None, explicit=True, algo='higherwin',
908 cache=False):
910 cache=False):
909 """
911 """
910 Fills user permission attribute with permissions taken from database
912 Fills user permission attribute with permissions taken from database
911 works for permissions given for repositories, and for permissions that
913 works for permissions given for repositories, and for permissions that
912 are granted to groups
914 are granted to groups
913
915
914 :param user: instance of User object from database
916 :param user: instance of User object from database
915 :param explicit: In case there are permissions both for user and a group
917 :param explicit: In case there are permissions both for user and a group
916 that user is part of, explicit flag will defiine if user will
918 that user is part of, explicit flag will defiine if user will
917 explicitly override permissions from group, if it's False it will
919 explicitly override permissions from group, if it's False it will
918 make decision based on the algo
920 make decision based on the algo
919 :param algo: algorithm to decide what permission should be choose if
921 :param algo: algorithm to decide what permission should be choose if
920 it's multiple defined, eg user in two different groups. It also
922 it's multiple defined, eg user in two different groups. It also
921 decides if explicit flag is turned off how to specify the permission
923 decides if explicit flag is turned off how to specify the permission
922 for case when user is in a group + have defined separate permission
924 for case when user is in a group + have defined separate permission
923 """
925 """
924 user_id = user.user_id
926 user_id = user.user_id
925 user_is_admin = user.is_admin
927 user_is_admin = user.is_admin
926
928
927 # inheritance of global permissions like create repo/fork repo etc
929 # inheritance of global permissions like create repo/fork repo etc
928 user_inherit_default_permissions = user.inherit_default_permissions
930 user_inherit_default_permissions = user.inherit_default_permissions
929
931
930 log.debug('Computing PERMISSION tree for scope %s' % (scope, ))
932 log.debug('Computing PERMISSION tree for scope %s' % (scope, ))
931 compute = caches.conditional_cache(
933 compute = caches.conditional_cache(
932 'short_term', 'cache_desc',
934 'short_term', 'cache_desc',
933 condition=cache, func=_cached_perms_data)
935 condition=cache, func=_cached_perms_data)
934 result = compute(user_id, scope, user_is_admin,
936 result = compute(user_id, scope, user_is_admin,
935 user_inherit_default_permissions, explicit, algo)
937 user_inherit_default_permissions, explicit, algo)
936
938
937 result_repr = []
939 result_repr = []
938 for k in result:
940 for k in result:
939 result_repr.append((k, len(result[k])))
941 result_repr.append((k, len(result[k])))
940
942
941 log.debug('PERMISSION tree computed %s' % (result_repr,))
943 log.debug('PERMISSION tree computed %s' % (result_repr,))
942 return result
944 return result
943
945
944 @property
946 @property
945 def is_default(self):
947 def is_default(self):
946 return self.username == User.DEFAULT_USER
948 return self.username == User.DEFAULT_USER
947
949
948 @property
950 @property
949 def is_admin(self):
951 def is_admin(self):
950 return self.admin
952 return self.admin
951
953
952 @property
954 @property
953 def is_user_object(self):
955 def is_user_object(self):
954 return self.user_id is not None
956 return self.user_id is not None
955
957
956 @property
958 @property
957 def repositories_admin(self):
959 def repositories_admin(self):
958 """
960 """
959 Returns list of repositories you're an admin of
961 Returns list of repositories you're an admin of
960 """
962 """
961 return [
963 return [
962 x[0] for x in self.permissions['repositories'].iteritems()
964 x[0] for x in self.permissions['repositories'].iteritems()
963 if x[1] == 'repository.admin']
965 if x[1] == 'repository.admin']
964
966
965 @property
967 @property
966 def repository_groups_admin(self):
968 def repository_groups_admin(self):
967 """
969 """
968 Returns list of repository groups you're an admin of
970 Returns list of repository groups you're an admin of
969 """
971 """
970 return [
972 return [
971 x[0] for x in self.permissions['repositories_groups'].iteritems()
973 x[0] for x in self.permissions['repositories_groups'].iteritems()
972 if x[1] == 'group.admin']
974 if x[1] == 'group.admin']
973
975
974 @property
976 @property
975 def user_groups_admin(self):
977 def user_groups_admin(self):
976 """
978 """
977 Returns list of user groups you're an admin of
979 Returns list of user groups you're an admin of
978 """
980 """
979 return [
981 return [
980 x[0] for x in self.permissions['user_groups'].iteritems()
982 x[0] for x in self.permissions['user_groups'].iteritems()
981 if x[1] == 'usergroup.admin']
983 if x[1] == 'usergroup.admin']
982
984
983 @property
985 @property
984 def ip_allowed(self):
986 def ip_allowed(self):
985 """
987 """
986 Checks if ip_addr used in constructor is allowed from defined list of
988 Checks if ip_addr used in constructor is allowed from defined list of
987 allowed ip_addresses for user
989 allowed ip_addresses for user
988
990
989 :returns: boolean, True if ip is in allowed ip range
991 :returns: boolean, True if ip is in allowed ip range
990 """
992 """
991 # check IP
993 # check IP
992 inherit = self.inherit_default_permissions
994 inherit = self.inherit_default_permissions
993 return AuthUser.check_ip_allowed(self.user_id, self.ip_addr,
995 return AuthUser.check_ip_allowed(self.user_id, self.ip_addr,
994 inherit_from_default=inherit)
996 inherit_from_default=inherit)
995 @property
997 @property
996 def personal_repo_group(self):
998 def personal_repo_group(self):
997 return RepoGroup.get_user_personal_repo_group(self.user_id)
999 return RepoGroup.get_user_personal_repo_group(self.user_id)
998
1000
999 @classmethod
1001 @classmethod
1000 def check_ip_allowed(cls, user_id, ip_addr, inherit_from_default):
1002 def check_ip_allowed(cls, user_id, ip_addr, inherit_from_default):
1001 allowed_ips = AuthUser.get_allowed_ips(
1003 allowed_ips = AuthUser.get_allowed_ips(
1002 user_id, cache=True, inherit_from_default=inherit_from_default)
1004 user_id, cache=True, inherit_from_default=inherit_from_default)
1003 if check_ip_access(source_ip=ip_addr, allowed_ips=allowed_ips):
1005 if check_ip_access(source_ip=ip_addr, allowed_ips=allowed_ips):
1004 log.debug('IP:%s is in range of %s' % (ip_addr, allowed_ips))
1006 log.debug('IP:%s is in range of %s' % (ip_addr, allowed_ips))
1005 return True
1007 return True
1006 else:
1008 else:
1007 log.info('Access for IP:%s forbidden, '
1009 log.info('Access for IP:%s forbidden, '
1008 'not in %s' % (ip_addr, allowed_ips))
1010 'not in %s' % (ip_addr, allowed_ips))
1009 return False
1011 return False
1010
1012
1011 def __repr__(self):
1013 def __repr__(self):
1012 return "<AuthUser('id:%s[%s] ip:%s auth:%s')>"\
1014 return "<AuthUser('id:%s[%s] ip:%s auth:%s')>"\
1013 % (self.user_id, self.username, self.ip_addr, self.is_authenticated)
1015 % (self.user_id, self.username, self.ip_addr, self.is_authenticated)
1014
1016
1015 def set_authenticated(self, authenticated=True):
1017 def set_authenticated(self, authenticated=True):
1016 if self.user_id != self.anonymous_user.user_id:
1018 if self.user_id != self.anonymous_user.user_id:
1017 self.is_authenticated = authenticated
1019 self.is_authenticated = authenticated
1018
1020
1019 def get_cookie_store(self):
1021 def get_cookie_store(self):
1020 return {
1022 return {
1021 'username': self.username,
1023 'username': self.username,
1022 'password': md5(self.password),
1024 'password': md5(self.password),
1023 'user_id': self.user_id,
1025 'user_id': self.user_id,
1024 'is_authenticated': self.is_authenticated
1026 'is_authenticated': self.is_authenticated
1025 }
1027 }
1026
1028
1027 @classmethod
1029 @classmethod
1028 def from_cookie_store(cls, cookie_store):
1030 def from_cookie_store(cls, cookie_store):
1029 """
1031 """
1030 Creates AuthUser from a cookie store
1032 Creates AuthUser from a cookie store
1031
1033
1032 :param cls:
1034 :param cls:
1033 :param cookie_store:
1035 :param cookie_store:
1034 """
1036 """
1035 user_id = cookie_store.get('user_id')
1037 user_id = cookie_store.get('user_id')
1036 username = cookie_store.get('username')
1038 username = cookie_store.get('username')
1037 api_key = cookie_store.get('api_key')
1039 api_key = cookie_store.get('api_key')
1038 return AuthUser(user_id, api_key, username)
1040 return AuthUser(user_id, api_key, username)
1039
1041
1040 @classmethod
1042 @classmethod
1041 def get_allowed_ips(cls, user_id, cache=False, inherit_from_default=False):
1043 def get_allowed_ips(cls, user_id, cache=False, inherit_from_default=False):
1042 _set = set()
1044 _set = set()
1043
1045
1044 if inherit_from_default:
1046 if inherit_from_default:
1045 default_ips = UserIpMap.query().filter(
1047 default_ips = UserIpMap.query().filter(
1046 UserIpMap.user == User.get_default_user(cache=True))
1048 UserIpMap.user == User.get_default_user(cache=True))
1047 if cache:
1049 if cache:
1048 default_ips = default_ips.options(
1050 default_ips = default_ips.options(
1049 FromCache("sql_cache_short", "get_user_ips_default"))
1051 FromCache("sql_cache_short", "get_user_ips_default"))
1050
1052
1051 # populate from default user
1053 # populate from default user
1052 for ip in default_ips:
1054 for ip in default_ips:
1053 try:
1055 try:
1054 _set.add(ip.ip_addr)
1056 _set.add(ip.ip_addr)
1055 except ObjectDeletedError:
1057 except ObjectDeletedError:
1056 # since we use heavy caching sometimes it happens that
1058 # since we use heavy caching sometimes it happens that
1057 # we get deleted objects here, we just skip them
1059 # we get deleted objects here, we just skip them
1058 pass
1060 pass
1059
1061
1060 user_ips = UserIpMap.query().filter(UserIpMap.user_id == user_id)
1062 user_ips = UserIpMap.query().filter(UserIpMap.user_id == user_id)
1061 if cache:
1063 if cache:
1062 user_ips = user_ips.options(
1064 user_ips = user_ips.options(
1063 FromCache("sql_cache_short", "get_user_ips_%s" % user_id))
1065 FromCache("sql_cache_short", "get_user_ips_%s" % user_id))
1064
1066
1065 for ip in user_ips:
1067 for ip in user_ips:
1066 try:
1068 try:
1067 _set.add(ip.ip_addr)
1069 _set.add(ip.ip_addr)
1068 except ObjectDeletedError:
1070 except ObjectDeletedError:
1069 # since we use heavy caching sometimes it happens that we get
1071 # since we use heavy caching sometimes it happens that we get
1070 # deleted objects here, we just skip them
1072 # deleted objects here, we just skip them
1071 pass
1073 pass
1072 return _set or set(['0.0.0.0/0', '::/0'])
1074 return _set or set(['0.0.0.0/0', '::/0'])
1073
1075
1074
1076
1075 def set_available_permissions(config):
1077 def set_available_permissions(config):
1076 """
1078 """
1077 This function will propagate pylons globals with all available defined
1079 This function will propagate pylons globals with all available defined
1078 permission given in db. We don't want to check each time from db for new
1080 permission given in db. We don't want to check each time from db for new
1079 permissions since adding a new permission also requires application restart
1081 permissions since adding a new permission also requires application restart
1080 ie. to decorate new views with the newly created permission
1082 ie. to decorate new views with the newly created permission
1081
1083
1082 :param config: current pylons config instance
1084 :param config: current pylons config instance
1083
1085
1084 """
1086 """
1085 log.info('getting information about all available permissions')
1087 log.info('getting information about all available permissions')
1086 try:
1088 try:
1087 sa = meta.Session
1089 sa = meta.Session
1088 all_perms = sa.query(Permission).all()
1090 all_perms = sa.query(Permission).all()
1089 config['available_permissions'] = [x.permission_name for x in all_perms]
1091 config['available_permissions'] = [x.permission_name for x in all_perms]
1090 except Exception:
1092 except Exception:
1091 log.error(traceback.format_exc())
1093 log.error(traceback.format_exc())
1092 finally:
1094 finally:
1093 meta.Session.remove()
1095 meta.Session.remove()
1094
1096
1095
1097
1096 def get_csrf_token(session=None, force_new=False, save_if_missing=True):
1098 def get_csrf_token(session=None, force_new=False, save_if_missing=True):
1097 """
1099 """
1098 Return the current authentication token, creating one if one doesn't
1100 Return the current authentication token, creating one if one doesn't
1099 already exist and the save_if_missing flag is present.
1101 already exist and the save_if_missing flag is present.
1100
1102
1101 :param session: pass in the pylons session, else we use the global ones
1103 :param session: pass in the pylons session, else we use the global ones
1102 :param force_new: force to re-generate the token and store it in session
1104 :param force_new: force to re-generate the token and store it in session
1103 :param save_if_missing: save the newly generated token if it's missing in
1105 :param save_if_missing: save the newly generated token if it's missing in
1104 session
1106 session
1105 """
1107 """
1106 if not session:
1108 if not session:
1107 from pylons import session
1109 from pylons import session
1108
1110
1109 if (csrf_token_key not in session and save_if_missing) or force_new:
1111 if (csrf_token_key not in session and save_if_missing) or force_new:
1110 token = hashlib.sha1(str(random.getrandbits(128))).hexdigest()
1112 token = hashlib.sha1(str(random.getrandbits(128))).hexdigest()
1111 session[csrf_token_key] = token
1113 session[csrf_token_key] = token
1112 if hasattr(session, 'save'):
1114 if hasattr(session, 'save'):
1113 session.save()
1115 session.save()
1114 return session.get(csrf_token_key)
1116 return session.get(csrf_token_key)
1115
1117
1116
1118
1117 def get_request(perm_class):
1119 def get_request(perm_class):
1118 from pyramid.threadlocal import get_current_request
1120 from pyramid.threadlocal import get_current_request
1119 pyramid_request = get_current_request()
1121 pyramid_request = get_current_request()
1120 if not pyramid_request:
1122 if not pyramid_request:
1121 # return global request of pylons in case pyramid isn't available
1123 # return global request of pylons in case pyramid isn't available
1122 # NOTE(marcink): this should be removed after migration to pyramid
1124 # NOTE(marcink): this should be removed after migration to pyramid
1123 from pylons import request
1125 from pylons import request
1124 return request
1126 return request
1125 return pyramid_request
1127 return pyramid_request
1126
1128
1127
1129
1128 # CHECK DECORATORS
1130 # CHECK DECORATORS
1129 class CSRFRequired(object):
1131 class CSRFRequired(object):
1130 """
1132 """
1131 Decorator for authenticating a form
1133 Decorator for authenticating a form
1132
1134
1133 This decorator uses an authorization token stored in the client's
1135 This decorator uses an authorization token stored in the client's
1134 session for prevention of certain Cross-site request forgery (CSRF)
1136 session for prevention of certain Cross-site request forgery (CSRF)
1135 attacks (See
1137 attacks (See
1136 http://en.wikipedia.org/wiki/Cross-site_request_forgery for more
1138 http://en.wikipedia.org/wiki/Cross-site_request_forgery for more
1137 information).
1139 information).
1138
1140
1139 For use with the ``webhelpers.secure_form`` helper functions.
1141 For use with the ``webhelpers.secure_form`` helper functions.
1140
1142
1141 """
1143 """
1142 def __init__(self, token=csrf_token_key, header='X-CSRF-Token',
1144 def __init__(self, token=csrf_token_key, header='X-CSRF-Token',
1143 except_methods=None):
1145 except_methods=None):
1144 self.token = token
1146 self.token = token
1145 self.header = header
1147 self.header = header
1146 self.except_methods = except_methods or []
1148 self.except_methods = except_methods or []
1147
1149
1148 def __call__(self, func):
1150 def __call__(self, func):
1149 return get_cython_compat_decorator(self.__wrapper, func)
1151 return get_cython_compat_decorator(self.__wrapper, func)
1150
1152
1151 def _get_csrf(self, _request):
1153 def _get_csrf(self, _request):
1152 return _request.POST.get(self.token, _request.headers.get(self.header))
1154 return _request.POST.get(self.token, _request.headers.get(self.header))
1153
1155
1154 def check_csrf(self, _request, cur_token):
1156 def check_csrf(self, _request, cur_token):
1155 supplied_token = self._get_csrf(_request)
1157 supplied_token = self._get_csrf(_request)
1156 return supplied_token and supplied_token == cur_token
1158 return supplied_token and supplied_token == cur_token
1157
1159
1158 def _get_request(self):
1160 def _get_request(self):
1159 return get_request(self)
1161 return get_request(self)
1160
1162
1161 def __wrapper(self, func, *fargs, **fkwargs):
1163 def __wrapper(self, func, *fargs, **fkwargs):
1162 request = self._get_request()
1164 request = self._get_request()
1163
1165
1164 if request.method in self.except_methods:
1166 if request.method in self.except_methods:
1165 return func(*fargs, **fkwargs)
1167 return func(*fargs, **fkwargs)
1166
1168
1167 cur_token = get_csrf_token(save_if_missing=False)
1169 cur_token = get_csrf_token(save_if_missing=False)
1168 if self.check_csrf(request, cur_token):
1170 if self.check_csrf(request, cur_token):
1169 if request.POST.get(self.token):
1171 if request.POST.get(self.token):
1170 del request.POST[self.token]
1172 del request.POST[self.token]
1171 return func(*fargs, **fkwargs)
1173 return func(*fargs, **fkwargs)
1172 else:
1174 else:
1173 reason = 'token-missing'
1175 reason = 'token-missing'
1174 supplied_token = self._get_csrf(request)
1176 supplied_token = self._get_csrf(request)
1175 if supplied_token and cur_token != supplied_token:
1177 if supplied_token and cur_token != supplied_token:
1176 reason = 'token-mismatch [%s:%s]' % (
1178 reason = 'token-mismatch [%s:%s]' % (
1177 cur_token or ''[:6], supplied_token or ''[:6])
1179 cur_token or ''[:6], supplied_token or ''[:6])
1178
1180
1179 csrf_message = \
1181 csrf_message = \
1180 ("Cross-site request forgery detected, request denied. See "
1182 ("Cross-site request forgery detected, request denied. See "
1181 "http://en.wikipedia.org/wiki/Cross-site_request_forgery for "
1183 "http://en.wikipedia.org/wiki/Cross-site_request_forgery for "
1182 "more information.")
1184 "more information.")
1183 log.warn('Cross-site request forgery detected, request %r DENIED: %s '
1185 log.warn('Cross-site request forgery detected, request %r DENIED: %s '
1184 'REMOTE_ADDR:%s, HEADERS:%s' % (
1186 'REMOTE_ADDR:%s, HEADERS:%s' % (
1185 request, reason, request.remote_addr, request.headers))
1187 request, reason, request.remote_addr, request.headers))
1186
1188
1187 raise HTTPForbidden(explanation=csrf_message)
1189 raise HTTPForbidden(explanation=csrf_message)
1188
1190
1189
1191
1190 class LoginRequired(object):
1192 class LoginRequired(object):
1191 """
1193 """
1192 Must be logged in to execute this function else
1194 Must be logged in to execute this function else
1193 redirect to login page
1195 redirect to login page
1194
1196
1195 :param api_access: if enabled this checks only for valid auth token
1197 :param api_access: if enabled this checks only for valid auth token
1196 and grants access based on valid token
1198 and grants access based on valid token
1197 """
1199 """
1198 def __init__(self, auth_token_access=None):
1200 def __init__(self, auth_token_access=None):
1199 self.auth_token_access = auth_token_access
1201 self.auth_token_access = auth_token_access
1200
1202
1201 def __call__(self, func):
1203 def __call__(self, func):
1202 return get_cython_compat_decorator(self.__wrapper, func)
1204 return get_cython_compat_decorator(self.__wrapper, func)
1203
1205
1204 def _get_request(self):
1206 def _get_request(self):
1205 return get_request(self)
1207 return get_request(self)
1206
1208
1207 def __wrapper(self, func, *fargs, **fkwargs):
1209 def __wrapper(self, func, *fargs, **fkwargs):
1208 from rhodecode.lib import helpers as h
1210 from rhodecode.lib import helpers as h
1209 cls = fargs[0]
1211 cls = fargs[0]
1210 user = cls._rhodecode_user
1212 user = cls._rhodecode_user
1211 request = self._get_request()
1213 request = self._get_request()
1212
1214
1213 loc = "%s:%s" % (cls.__class__.__name__, func.__name__)
1215 loc = "%s:%s" % (cls.__class__.__name__, func.__name__)
1214 log.debug('Starting login restriction checks for user: %s' % (user,))
1216 log.debug('Starting login restriction checks for user: %s' % (user,))
1215 # check if our IP is allowed
1217 # check if our IP is allowed
1216 ip_access_valid = True
1218 ip_access_valid = True
1217 if not user.ip_allowed:
1219 if not user.ip_allowed:
1218 h.flash(h.literal(_('IP %s not allowed' % (user.ip_addr,))),
1220 h.flash(h.literal(_('IP %s not allowed' % (user.ip_addr,))),
1219 category='warning')
1221 category='warning')
1220 ip_access_valid = False
1222 ip_access_valid = False
1221
1223
1222 # check if we used an APIKEY and it's a valid one
1224 # check if we used an APIKEY and it's a valid one
1223 # defined white-list of controllers which API access will be enabled
1225 # defined white-list of controllers which API access will be enabled
1224 _auth_token = request.GET.get(
1226 _auth_token = request.GET.get(
1225 'auth_token', '') or request.GET.get('api_key', '')
1227 'auth_token', '') or request.GET.get('api_key', '')
1226 auth_token_access_valid = allowed_auth_token_access(
1228 auth_token_access_valid = allowed_auth_token_access(
1227 loc, auth_token=_auth_token)
1229 loc, auth_token=_auth_token)
1228
1230
1229 # explicit controller is enabled or API is in our whitelist
1231 # explicit controller is enabled or API is in our whitelist
1230 if self.auth_token_access or auth_token_access_valid:
1232 if self.auth_token_access or auth_token_access_valid:
1231 log.debug('Checking AUTH TOKEN access for %s' % (cls,))
1233 log.debug('Checking AUTH TOKEN access for %s' % (cls,))
1232 db_user = user.get_instance()
1234 db_user = user.get_instance()
1233
1235
1234 if db_user:
1236 if db_user:
1235 if self.auth_token_access:
1237 if self.auth_token_access:
1236 roles = self.auth_token_access
1238 roles = self.auth_token_access
1237 else:
1239 else:
1238 roles = [UserApiKeys.ROLE_HTTP]
1240 roles = [UserApiKeys.ROLE_HTTP]
1239 token_match = db_user.authenticate_by_token(
1241 token_match = db_user.authenticate_by_token(
1240 _auth_token, roles=roles)
1242 _auth_token, roles=roles)
1241 else:
1243 else:
1242 log.debug('Unable to fetch db instance for auth user: %s', user)
1244 log.debug('Unable to fetch db instance for auth user: %s', user)
1243 token_match = False
1245 token_match = False
1244
1246
1245 if _auth_token and token_match:
1247 if _auth_token and token_match:
1246 auth_token_access_valid = True
1248 auth_token_access_valid = True
1247 log.debug('AUTH TOKEN ****%s is VALID' % (_auth_token[-4:],))
1249 log.debug('AUTH TOKEN ****%s is VALID' % (_auth_token[-4:],))
1248 else:
1250 else:
1249 auth_token_access_valid = False
1251 auth_token_access_valid = False
1250 if not _auth_token:
1252 if not _auth_token:
1251 log.debug("AUTH TOKEN *NOT* present in request")
1253 log.debug("AUTH TOKEN *NOT* present in request")
1252 else:
1254 else:
1253 log.warning(
1255 log.warning(
1254 "AUTH TOKEN ****%s *NOT* valid" % _auth_token[-4:])
1256 "AUTH TOKEN ****%s *NOT* valid" % _auth_token[-4:])
1255
1257
1256 log.debug('Checking if %s is authenticated @ %s' % (user.username, loc))
1258 log.debug('Checking if %s is authenticated @ %s' % (user.username, loc))
1257 reason = 'RHODECODE_AUTH' if user.is_authenticated \
1259 reason = 'RHODECODE_AUTH' if user.is_authenticated \
1258 else 'AUTH_TOKEN_AUTH'
1260 else 'AUTH_TOKEN_AUTH'
1259
1261
1260 if ip_access_valid and (
1262 if ip_access_valid and (
1261 user.is_authenticated or auth_token_access_valid):
1263 user.is_authenticated or auth_token_access_valid):
1262 log.info(
1264 log.info(
1263 'user %s authenticating with:%s IS authenticated on func %s'
1265 'user %s authenticating with:%s IS authenticated on func %s'
1264 % (user, reason, loc))
1266 % (user, reason, loc))
1265
1267
1266 # update user data to check last activity
1268 # update user data to check last activity
1267 user.update_lastactivity()
1269 user.update_lastactivity()
1268 Session().commit()
1270 Session().commit()
1269 return func(*fargs, **fkwargs)
1271 return func(*fargs, **fkwargs)
1270 else:
1272 else:
1271 log.warning(
1273 log.warning(
1272 'user %s authenticating with:%s NOT authenticated on '
1274 'user %s authenticating with:%s NOT authenticated on '
1273 'func: %s: IP_ACCESS:%s AUTH_TOKEN_ACCESS:%s'
1275 'func: %s: IP_ACCESS:%s AUTH_TOKEN_ACCESS:%s'
1274 % (user, reason, loc, ip_access_valid,
1276 % (user, reason, loc, ip_access_valid,
1275 auth_token_access_valid))
1277 auth_token_access_valid))
1276 # we preserve the get PARAM
1278 # we preserve the get PARAM
1277 came_from = request.path_qs
1279 came_from = request.path_qs
1278 log.debug('redirecting to login page with %s' % (came_from,))
1280 log.debug('redirecting to login page with %s' % (came_from,))
1279 raise HTTPFound(
1281 raise HTTPFound(
1280 h.route_path('login', _query={'came_from': came_from}))
1282 h.route_path('login', _query={'came_from': came_from}))
1281
1283
1282
1284
1283 class NotAnonymous(object):
1285 class NotAnonymous(object):
1284 """
1286 """
1285 Must be logged in to execute this function else
1287 Must be logged in to execute this function else
1286 redirect to login page
1288 redirect to login page
1287 """
1289 """
1288
1290
1289 def __call__(self, func):
1291 def __call__(self, func):
1290 return get_cython_compat_decorator(self.__wrapper, func)
1292 return get_cython_compat_decorator(self.__wrapper, func)
1291
1293
1292 def _get_request(self):
1294 def _get_request(self):
1293 return get_request(self)
1295 return get_request(self)
1294
1296
1295 def __wrapper(self, func, *fargs, **fkwargs):
1297 def __wrapper(self, func, *fargs, **fkwargs):
1296 import rhodecode.lib.helpers as h
1298 import rhodecode.lib.helpers as h
1297 cls = fargs[0]
1299 cls = fargs[0]
1298 self.user = cls._rhodecode_user
1300 self.user = cls._rhodecode_user
1299 request = self._get_request()
1301 request = self._get_request()
1300
1302
1301 log.debug('Checking if user is not anonymous @%s' % cls)
1303 log.debug('Checking if user is not anonymous @%s' % cls)
1302
1304
1303 anonymous = self.user.username == User.DEFAULT_USER
1305 anonymous = self.user.username == User.DEFAULT_USER
1304
1306
1305 if anonymous:
1307 if anonymous:
1306 came_from = request.path_qs
1308 came_from = request.path_qs
1307 h.flash(_('You need to be a registered user to '
1309 h.flash(_('You need to be a registered user to '
1308 'perform this action'),
1310 'perform this action'),
1309 category='warning')
1311 category='warning')
1310 raise HTTPFound(
1312 raise HTTPFound(
1311 h.route_path('login', _query={'came_from': came_from}))
1313 h.route_path('login', _query={'came_from': came_from}))
1312 else:
1314 else:
1313 return func(*fargs, **fkwargs)
1315 return func(*fargs, **fkwargs)
1314
1316
1315
1317
1316 class XHRRequired(object):
1318 class XHRRequired(object):
1317 # TODO(marcink): remove this in favor of the predicates in pyramid routes
1319 # TODO(marcink): remove this in favor of the predicates in pyramid routes
1318
1320
1319 def __call__(self, func):
1321 def __call__(self, func):
1320 return get_cython_compat_decorator(self.__wrapper, func)
1322 return get_cython_compat_decorator(self.__wrapper, func)
1321
1323
1322 def _get_request(self):
1324 def _get_request(self):
1323 return get_request(self)
1325 return get_request(self)
1324
1326
1325 def __wrapper(self, func, *fargs, **fkwargs):
1327 def __wrapper(self, func, *fargs, **fkwargs):
1326 from pylons.controllers.util import abort
1328 from pylons.controllers.util import abort
1327 request = self._get_request()
1329 request = self._get_request()
1328
1330
1329 log.debug('Checking if request is XMLHttpRequest (XHR)')
1331 log.debug('Checking if request is XMLHttpRequest (XHR)')
1330 xhr_message = 'This is not a valid XMLHttpRequest (XHR) request'
1332 xhr_message = 'This is not a valid XMLHttpRequest (XHR) request'
1331
1333
1332 if not request.is_xhr:
1334 if not request.is_xhr:
1333 abort(400, detail=xhr_message)
1335 abort(400, detail=xhr_message)
1334
1336
1335 return func(*fargs, **fkwargs)
1337 return func(*fargs, **fkwargs)
1336
1338
1337
1339
1338 class HasAcceptedRepoType(object):
1340 class HasAcceptedRepoType(object):
1339 """
1341 """
1340 Check if requested repo is within given repo type aliases
1342 Check if requested repo is within given repo type aliases
1341 """
1343 """
1342
1344
1343 # TODO(marcink): remove this in favor of the predicates in pyramid routes
1345 # TODO(marcink): remove this in favor of the predicates in pyramid routes
1344
1346
1345 def __init__(self, *repo_type_list):
1347 def __init__(self, *repo_type_list):
1346 self.repo_type_list = set(repo_type_list)
1348 self.repo_type_list = set(repo_type_list)
1347
1349
1348 def __call__(self, func):
1350 def __call__(self, func):
1349 return get_cython_compat_decorator(self.__wrapper, func)
1351 return get_cython_compat_decorator(self.__wrapper, func)
1350
1352
1351 def __wrapper(self, func, *fargs, **fkwargs):
1353 def __wrapper(self, func, *fargs, **fkwargs):
1352 import rhodecode.lib.helpers as h
1354 import rhodecode.lib.helpers as h
1353 cls = fargs[0]
1355 cls = fargs[0]
1354 rhodecode_repo = cls.rhodecode_repo
1356 rhodecode_repo = cls.rhodecode_repo
1355
1357
1356 log.debug('%s checking repo type for %s in %s',
1358 log.debug('%s checking repo type for %s in %s',
1357 self.__class__.__name__,
1359 self.__class__.__name__,
1358 rhodecode_repo.alias, self.repo_type_list)
1360 rhodecode_repo.alias, self.repo_type_list)
1359
1361
1360 if rhodecode_repo.alias in self.repo_type_list:
1362 if rhodecode_repo.alias in self.repo_type_list:
1361 return func(*fargs, **fkwargs)
1363 return func(*fargs, **fkwargs)
1362 else:
1364 else:
1363 h.flash(h.literal(
1365 h.flash(h.literal(
1364 _('Action not supported for %s.' % rhodecode_repo.alias)),
1366 _('Action not supported for %s.' % rhodecode_repo.alias)),
1365 category='warning')
1367 category='warning')
1366 raise HTTPFound(
1368 raise HTTPFound(
1367 h.route_path('repo_summary',
1369 h.route_path('repo_summary',
1368 repo_name=cls.rhodecode_db_repo.repo_name))
1370 repo_name=cls.rhodecode_db_repo.repo_name))
1369
1371
1370
1372
1371 class PermsDecorator(object):
1373 class PermsDecorator(object):
1372 """
1374 """
1373 Base class for controller decorators, we extract the current user from
1375 Base class for controller decorators, we extract the current user from
1374 the class itself, which has it stored in base controllers
1376 the class itself, which has it stored in base controllers
1375 """
1377 """
1376
1378
1377 def __init__(self, *required_perms):
1379 def __init__(self, *required_perms):
1378 self.required_perms = set(required_perms)
1380 self.required_perms = set(required_perms)
1379
1381
1380 def __call__(self, func):
1382 def __call__(self, func):
1381 return get_cython_compat_decorator(self.__wrapper, func)
1383 return get_cython_compat_decorator(self.__wrapper, func)
1382
1384
1383 def _get_request(self):
1385 def _get_request(self):
1384 return get_request(self)
1386 return get_request(self)
1385
1387
1386 def _get_came_from(self):
1388 def _get_came_from(self):
1387 _request = self._get_request()
1389 _request = self._get_request()
1388
1390
1389 # both pylons/pyramid has this attribute
1391 # both pylons/pyramid has this attribute
1390 return _request.path_qs
1392 return _request.path_qs
1391
1393
1392 def __wrapper(self, func, *fargs, **fkwargs):
1394 def __wrapper(self, func, *fargs, **fkwargs):
1393 import rhodecode.lib.helpers as h
1395 import rhodecode.lib.helpers as h
1394 cls = fargs[0]
1396 cls = fargs[0]
1395 _user = cls._rhodecode_user
1397 _user = cls._rhodecode_user
1396
1398
1397 log.debug('checking %s permissions %s for %s %s',
1399 log.debug('checking %s permissions %s for %s %s',
1398 self.__class__.__name__, self.required_perms, cls, _user)
1400 self.__class__.__name__, self.required_perms, cls, _user)
1399
1401
1400 if self.check_permissions(_user):
1402 if self.check_permissions(_user):
1401 log.debug('Permission granted for %s %s', cls, _user)
1403 log.debug('Permission granted for %s %s', cls, _user)
1402 return func(*fargs, **fkwargs)
1404 return func(*fargs, **fkwargs)
1403
1405
1404 else:
1406 else:
1405 log.debug('Permission denied for %s %s', cls, _user)
1407 log.debug('Permission denied for %s %s', cls, _user)
1406 anonymous = _user.username == User.DEFAULT_USER
1408 anonymous = _user.username == User.DEFAULT_USER
1407
1409
1408 if anonymous:
1410 if anonymous:
1409 came_from = self._get_came_from()
1411 came_from = self._get_came_from()
1410 h.flash(_('You need to be signed in to view this page'),
1412 h.flash(_('You need to be signed in to view this page'),
1411 category='warning')
1413 category='warning')
1412 raise HTTPFound(
1414 raise HTTPFound(
1413 h.route_path('login', _query={'came_from': came_from}))
1415 h.route_path('login', _query={'came_from': came_from}))
1414
1416
1415 else:
1417 else:
1416 # redirect with forbidden ret code
1418 # redirect with forbidden ret code
1417 raise HTTPForbidden()
1419 raise HTTPForbidden()
1418
1420
1419 def check_permissions(self, user):
1421 def check_permissions(self, user):
1420 """Dummy function for overriding"""
1422 """Dummy function for overriding"""
1421 raise NotImplementedError(
1423 raise NotImplementedError(
1422 'You have to write this function in child class')
1424 'You have to write this function in child class')
1423
1425
1424
1426
1425 class HasPermissionAllDecorator(PermsDecorator):
1427 class HasPermissionAllDecorator(PermsDecorator):
1426 """
1428 """
1427 Checks for access permission for all given predicates. All of them
1429 Checks for access permission for all given predicates. All of them
1428 have to be meet in order to fulfill the request
1430 have to be meet in order to fulfill the request
1429 """
1431 """
1430
1432
1431 def check_permissions(self, user):
1433 def check_permissions(self, user):
1432 perms = user.permissions_with_scope({})
1434 perms = user.permissions_with_scope({})
1433 if self.required_perms.issubset(perms['global']):
1435 if self.required_perms.issubset(perms['global']):
1434 return True
1436 return True
1435 return False
1437 return False
1436
1438
1437
1439
1438 class HasPermissionAnyDecorator(PermsDecorator):
1440 class HasPermissionAnyDecorator(PermsDecorator):
1439 """
1441 """
1440 Checks for access permission for any of given predicates. In order to
1442 Checks for access permission for any of given predicates. In order to
1441 fulfill the request any of predicates must be meet
1443 fulfill the request any of predicates must be meet
1442 """
1444 """
1443
1445
1444 def check_permissions(self, user):
1446 def check_permissions(self, user):
1445 perms = user.permissions_with_scope({})
1447 perms = user.permissions_with_scope({})
1446 if self.required_perms.intersection(perms['global']):
1448 if self.required_perms.intersection(perms['global']):
1447 return True
1449 return True
1448 return False
1450 return False
1449
1451
1450
1452
1451 class HasRepoPermissionAllDecorator(PermsDecorator):
1453 class HasRepoPermissionAllDecorator(PermsDecorator):
1452 """
1454 """
1453 Checks for access permission for all given predicates for specific
1455 Checks for access permission for all given predicates for specific
1454 repository. All of them have to be meet in order to fulfill the request
1456 repository. All of them have to be meet in order to fulfill the request
1455 """
1457 """
1456 def _get_repo_name(self):
1458 def _get_repo_name(self):
1457 _request = self._get_request()
1459 _request = self._get_request()
1458 return get_repo_slug(_request)
1460 return get_repo_slug(_request)
1459
1461
1460 def check_permissions(self, user):
1462 def check_permissions(self, user):
1461 perms = user.permissions
1463 perms = user.permissions
1462 repo_name = self._get_repo_name()
1464 repo_name = self._get_repo_name()
1463
1465
1464 try:
1466 try:
1465 user_perms = set([perms['repositories'][repo_name]])
1467 user_perms = set([perms['repositories'][repo_name]])
1466 except KeyError:
1468 except KeyError:
1467 log.debug('cannot locate repo with name: `%s` in permissions defs',
1469 log.debug('cannot locate repo with name: `%s` in permissions defs',
1468 repo_name)
1470 repo_name)
1469 return False
1471 return False
1470
1472
1471 log.debug('checking `%s` permissions for repo `%s`',
1473 log.debug('checking `%s` permissions for repo `%s`',
1472 user_perms, repo_name)
1474 user_perms, repo_name)
1473 if self.required_perms.issubset(user_perms):
1475 if self.required_perms.issubset(user_perms):
1474 return True
1476 return True
1475 return False
1477 return False
1476
1478
1477
1479
1478 class HasRepoPermissionAnyDecorator(PermsDecorator):
1480 class HasRepoPermissionAnyDecorator(PermsDecorator):
1479 """
1481 """
1480 Checks for access permission for any of given predicates for specific
1482 Checks for access permission for any of given predicates for specific
1481 repository. In order to fulfill the request any of predicates must be meet
1483 repository. In order to fulfill the request any of predicates must be meet
1482 """
1484 """
1483 def _get_repo_name(self):
1485 def _get_repo_name(self):
1484 _request = self._get_request()
1486 _request = self._get_request()
1485 return get_repo_slug(_request)
1487 return get_repo_slug(_request)
1486
1488
1487 def check_permissions(self, user):
1489 def check_permissions(self, user):
1488 perms = user.permissions
1490 perms = user.permissions
1489 repo_name = self._get_repo_name()
1491 repo_name = self._get_repo_name()
1490
1492
1491 try:
1493 try:
1492 user_perms = set([perms['repositories'][repo_name]])
1494 user_perms = set([perms['repositories'][repo_name]])
1493 except KeyError:
1495 except KeyError:
1494 log.debug('cannot locate repo with name: `%s` in permissions defs',
1496 log.debug('cannot locate repo with name: `%s` in permissions defs',
1495 repo_name)
1497 repo_name)
1496 return False
1498 return False
1497
1499
1498 log.debug('checking `%s` permissions for repo `%s`',
1500 log.debug('checking `%s` permissions for repo `%s`',
1499 user_perms, repo_name)
1501 user_perms, repo_name)
1500 if self.required_perms.intersection(user_perms):
1502 if self.required_perms.intersection(user_perms):
1501 return True
1503 return True
1502 return False
1504 return False
1503
1505
1504
1506
1505 class HasRepoGroupPermissionAllDecorator(PermsDecorator):
1507 class HasRepoGroupPermissionAllDecorator(PermsDecorator):
1506 """
1508 """
1507 Checks for access permission for all given predicates for specific
1509 Checks for access permission for all given predicates for specific
1508 repository group. All of them have to be meet in order to
1510 repository group. All of them have to be meet in order to
1509 fulfill the request
1511 fulfill the request
1510 """
1512 """
1511 def _get_repo_group_name(self):
1513 def _get_repo_group_name(self):
1512 _request = self._get_request()
1514 _request = self._get_request()
1513 return get_repo_group_slug(_request)
1515 return get_repo_group_slug(_request)
1514
1516
1515 def check_permissions(self, user):
1517 def check_permissions(self, user):
1516 perms = user.permissions
1518 perms = user.permissions
1517 group_name = self._get_repo_group_name()
1519 group_name = self._get_repo_group_name()
1518 try:
1520 try:
1519 user_perms = set([perms['repositories_groups'][group_name]])
1521 user_perms = set([perms['repositories_groups'][group_name]])
1520 except KeyError:
1522 except KeyError:
1521 log.debug('cannot locate repo group with name: `%s` in permissions defs',
1523 log.debug('cannot locate repo group with name: `%s` in permissions defs',
1522 group_name)
1524 group_name)
1523 return False
1525 return False
1524
1526
1525 log.debug('checking `%s` permissions for repo group `%s`',
1527 log.debug('checking `%s` permissions for repo group `%s`',
1526 user_perms, group_name)
1528 user_perms, group_name)
1527 if self.required_perms.issubset(user_perms):
1529 if self.required_perms.issubset(user_perms):
1528 return True
1530 return True
1529 return False
1531 return False
1530
1532
1531
1533
1532 class HasRepoGroupPermissionAnyDecorator(PermsDecorator):
1534 class HasRepoGroupPermissionAnyDecorator(PermsDecorator):
1533 """
1535 """
1534 Checks for access permission for any of given predicates for specific
1536 Checks for access permission for any of given predicates for specific
1535 repository group. In order to fulfill the request any
1537 repository group. In order to fulfill the request any
1536 of predicates must be met
1538 of predicates must be met
1537 """
1539 """
1538 def _get_repo_group_name(self):
1540 def _get_repo_group_name(self):
1539 _request = self._get_request()
1541 _request = self._get_request()
1540 return get_repo_group_slug(_request)
1542 return get_repo_group_slug(_request)
1541
1543
1542 def check_permissions(self, user):
1544 def check_permissions(self, user):
1543 perms = user.permissions
1545 perms = user.permissions
1544 group_name = self._get_repo_group_name()
1546 group_name = self._get_repo_group_name()
1545
1547
1546 try:
1548 try:
1547 user_perms = set([perms['repositories_groups'][group_name]])
1549 user_perms = set([perms['repositories_groups'][group_name]])
1548 except KeyError:
1550 except KeyError:
1549 log.debug('cannot locate repo group with name: `%s` in permissions defs',
1551 log.debug('cannot locate repo group with name: `%s` in permissions defs',
1550 group_name)
1552 group_name)
1551 return False
1553 return False
1552
1554
1553 log.debug('checking `%s` permissions for repo group `%s`',
1555 log.debug('checking `%s` permissions for repo group `%s`',
1554 user_perms, group_name)
1556 user_perms, group_name)
1555 if self.required_perms.intersection(user_perms):
1557 if self.required_perms.intersection(user_perms):
1556 return True
1558 return True
1557 return False
1559 return False
1558
1560
1559
1561
1560 class HasUserGroupPermissionAllDecorator(PermsDecorator):
1562 class HasUserGroupPermissionAllDecorator(PermsDecorator):
1561 """
1563 """
1562 Checks for access permission for all given predicates for specific
1564 Checks for access permission for all given predicates for specific
1563 user group. All of them have to be meet in order to fulfill the request
1565 user group. All of them have to be meet in order to fulfill the request
1564 """
1566 """
1565 def _get_user_group_name(self):
1567 def _get_user_group_name(self):
1566 _request = self._get_request()
1568 _request = self._get_request()
1567 return get_user_group_slug(_request)
1569 return get_user_group_slug(_request)
1568
1570
1569 def check_permissions(self, user):
1571 def check_permissions(self, user):
1570 perms = user.permissions
1572 perms = user.permissions
1571 group_name = self._get_user_group_name()
1573 group_name = self._get_user_group_name()
1572 try:
1574 try:
1573 user_perms = set([perms['user_groups'][group_name]])
1575 user_perms = set([perms['user_groups'][group_name]])
1574 except KeyError:
1576 except KeyError:
1575 return False
1577 return False
1576
1578
1577 if self.required_perms.issubset(user_perms):
1579 if self.required_perms.issubset(user_perms):
1578 return True
1580 return True
1579 return False
1581 return False
1580
1582
1581
1583
1582 class HasUserGroupPermissionAnyDecorator(PermsDecorator):
1584 class HasUserGroupPermissionAnyDecorator(PermsDecorator):
1583 """
1585 """
1584 Checks for access permission for any of given predicates for specific
1586 Checks for access permission for any of given predicates for specific
1585 user group. In order to fulfill the request any of predicates must be meet
1587 user group. In order to fulfill the request any of predicates must be meet
1586 """
1588 """
1587 def _get_user_group_name(self):
1589 def _get_user_group_name(self):
1588 _request = self._get_request()
1590 _request = self._get_request()
1589 return get_user_group_slug(_request)
1591 return get_user_group_slug(_request)
1590
1592
1591 def check_permissions(self, user):
1593 def check_permissions(self, user):
1592 perms = user.permissions
1594 perms = user.permissions
1593 group_name = self._get_user_group_name()
1595 group_name = self._get_user_group_name()
1594 try:
1596 try:
1595 user_perms = set([perms['user_groups'][group_name]])
1597 user_perms = set([perms['user_groups'][group_name]])
1596 except KeyError:
1598 except KeyError:
1597 return False
1599 return False
1598
1600
1599 if self.required_perms.intersection(user_perms):
1601 if self.required_perms.intersection(user_perms):
1600 return True
1602 return True
1601 return False
1603 return False
1602
1604
1603
1605
1604 # CHECK FUNCTIONS
1606 # CHECK FUNCTIONS
1605 class PermsFunction(object):
1607 class PermsFunction(object):
1606 """Base function for other check functions"""
1608 """Base function for other check functions"""
1607
1609
1608 def __init__(self, *perms):
1610 def __init__(self, *perms):
1609 self.required_perms = set(perms)
1611 self.required_perms = set(perms)
1610 self.repo_name = None
1612 self.repo_name = None
1611 self.repo_group_name = None
1613 self.repo_group_name = None
1612 self.user_group_name = None
1614 self.user_group_name = None
1613
1615
1614 def __bool__(self):
1616 def __bool__(self):
1615 frame = inspect.currentframe()
1617 frame = inspect.currentframe()
1616 stack_trace = traceback.format_stack(frame)
1618 stack_trace = traceback.format_stack(frame)
1617 log.error('Checking bool value on a class instance of perm '
1619 log.error('Checking bool value on a class instance of perm '
1618 'function is not allowed: %s' % ''.join(stack_trace))
1620 'function is not allowed: %s' % ''.join(stack_trace))
1619 # rather than throwing errors, here we always return False so if by
1621 # rather than throwing errors, here we always return False so if by
1620 # accident someone checks truth for just an instance it will always end
1622 # accident someone checks truth for just an instance it will always end
1621 # up in returning False
1623 # up in returning False
1622 return False
1624 return False
1623 __nonzero__ = __bool__
1625 __nonzero__ = __bool__
1624
1626
1625 def __call__(self, check_location='', user=None):
1627 def __call__(self, check_location='', user=None):
1626 if not user:
1628 if not user:
1627 log.debug('Using user attribute from global request')
1629 log.debug('Using user attribute from global request')
1628 # TODO: remove this someday,put as user as attribute here
1630 # TODO: remove this someday,put as user as attribute here
1629 request = self._get_request()
1631 request = self._get_request()
1630 user = request.user
1632 user = request.user
1631
1633
1632 # init auth user if not already given
1634 # init auth user if not already given
1633 if not isinstance(user, AuthUser):
1635 if not isinstance(user, AuthUser):
1634 log.debug('Wrapping user %s into AuthUser', user)
1636 log.debug('Wrapping user %s into AuthUser', user)
1635 user = AuthUser(user.user_id)
1637 user = AuthUser(user.user_id)
1636
1638
1637 cls_name = self.__class__.__name__
1639 cls_name = self.__class__.__name__
1638 check_scope = self._get_check_scope(cls_name)
1640 check_scope = self._get_check_scope(cls_name)
1639 check_location = check_location or 'unspecified location'
1641 check_location = check_location or 'unspecified location'
1640
1642
1641 log.debug('checking cls:%s %s usr:%s %s @ %s', cls_name,
1643 log.debug('checking cls:%s %s usr:%s %s @ %s', cls_name,
1642 self.required_perms, user, check_scope, check_location)
1644 self.required_perms, user, check_scope, check_location)
1643 if not user:
1645 if not user:
1644 log.warning('Empty user given for permission check')
1646 log.warning('Empty user given for permission check')
1645 return False
1647 return False
1646
1648
1647 if self.check_permissions(user):
1649 if self.check_permissions(user):
1648 log.debug('Permission to repo:`%s` GRANTED for user:`%s` @ %s',
1650 log.debug('Permission to repo:`%s` GRANTED for user:`%s` @ %s',
1649 check_scope, user, check_location)
1651 check_scope, user, check_location)
1650 return True
1652 return True
1651
1653
1652 else:
1654 else:
1653 log.debug('Permission to repo:`%s` DENIED for user:`%s` @ %s',
1655 log.debug('Permission to repo:`%s` DENIED for user:`%s` @ %s',
1654 check_scope, user, check_location)
1656 check_scope, user, check_location)
1655 return False
1657 return False
1656
1658
1657 def _get_request(self):
1659 def _get_request(self):
1658 return get_request(self)
1660 return get_request(self)
1659
1661
1660 def _get_check_scope(self, cls_name):
1662 def _get_check_scope(self, cls_name):
1661 return {
1663 return {
1662 'HasPermissionAll': 'GLOBAL',
1664 'HasPermissionAll': 'GLOBAL',
1663 'HasPermissionAny': 'GLOBAL',
1665 'HasPermissionAny': 'GLOBAL',
1664 'HasRepoPermissionAll': 'repo:%s' % self.repo_name,
1666 'HasRepoPermissionAll': 'repo:%s' % self.repo_name,
1665 'HasRepoPermissionAny': 'repo:%s' % self.repo_name,
1667 'HasRepoPermissionAny': 'repo:%s' % self.repo_name,
1666 'HasRepoGroupPermissionAll': 'repo_group:%s' % self.repo_group_name,
1668 'HasRepoGroupPermissionAll': 'repo_group:%s' % self.repo_group_name,
1667 'HasRepoGroupPermissionAny': 'repo_group:%s' % self.repo_group_name,
1669 'HasRepoGroupPermissionAny': 'repo_group:%s' % self.repo_group_name,
1668 'HasUserGroupPermissionAll': 'user_group:%s' % self.user_group_name,
1670 'HasUserGroupPermissionAll': 'user_group:%s' % self.user_group_name,
1669 'HasUserGroupPermissionAny': 'user_group:%s' % self.user_group_name,
1671 'HasUserGroupPermissionAny': 'user_group:%s' % self.user_group_name,
1670 }.get(cls_name, '?:%s' % cls_name)
1672 }.get(cls_name, '?:%s' % cls_name)
1671
1673
1672 def check_permissions(self, user):
1674 def check_permissions(self, user):
1673 """Dummy function for overriding"""
1675 """Dummy function for overriding"""
1674 raise Exception('You have to write this function in child class')
1676 raise Exception('You have to write this function in child class')
1675
1677
1676
1678
1677 class HasPermissionAll(PermsFunction):
1679 class HasPermissionAll(PermsFunction):
1678 def check_permissions(self, user):
1680 def check_permissions(self, user):
1679 perms = user.permissions_with_scope({})
1681 perms = user.permissions_with_scope({})
1680 if self.required_perms.issubset(perms.get('global')):
1682 if self.required_perms.issubset(perms.get('global')):
1681 return True
1683 return True
1682 return False
1684 return False
1683
1685
1684
1686
1685 class HasPermissionAny(PermsFunction):
1687 class HasPermissionAny(PermsFunction):
1686 def check_permissions(self, user):
1688 def check_permissions(self, user):
1687 perms = user.permissions_with_scope({})
1689 perms = user.permissions_with_scope({})
1688 if self.required_perms.intersection(perms.get('global')):
1690 if self.required_perms.intersection(perms.get('global')):
1689 return True
1691 return True
1690 return False
1692 return False
1691
1693
1692
1694
1693 class HasRepoPermissionAll(PermsFunction):
1695 class HasRepoPermissionAll(PermsFunction):
1694 def __call__(self, repo_name=None, check_location='', user=None):
1696 def __call__(self, repo_name=None, check_location='', user=None):
1695 self.repo_name = repo_name
1697 self.repo_name = repo_name
1696 return super(HasRepoPermissionAll, self).__call__(check_location, user)
1698 return super(HasRepoPermissionAll, self).__call__(check_location, user)
1697
1699
1698 def _get_repo_name(self):
1700 def _get_repo_name(self):
1699 if not self.repo_name:
1701 if not self.repo_name:
1700 _request = self._get_request()
1702 _request = self._get_request()
1701 self.repo_name = get_repo_slug(_request)
1703 self.repo_name = get_repo_slug(_request)
1702 return self.repo_name
1704 return self.repo_name
1703
1705
1704 def check_permissions(self, user):
1706 def check_permissions(self, user):
1705 self.repo_name = self._get_repo_name()
1707 self.repo_name = self._get_repo_name()
1706 perms = user.permissions
1708 perms = user.permissions
1707 try:
1709 try:
1708 user_perms = set([perms['repositories'][self.repo_name]])
1710 user_perms = set([perms['repositories'][self.repo_name]])
1709 except KeyError:
1711 except KeyError:
1710 return False
1712 return False
1711 if self.required_perms.issubset(user_perms):
1713 if self.required_perms.issubset(user_perms):
1712 return True
1714 return True
1713 return False
1715 return False
1714
1716
1715
1717
1716 class HasRepoPermissionAny(PermsFunction):
1718 class HasRepoPermissionAny(PermsFunction):
1717 def __call__(self, repo_name=None, check_location='', user=None):
1719 def __call__(self, repo_name=None, check_location='', user=None):
1718 self.repo_name = repo_name
1720 self.repo_name = repo_name
1719 return super(HasRepoPermissionAny, self).__call__(check_location, user)
1721 return super(HasRepoPermissionAny, self).__call__(check_location, user)
1720
1722
1721 def _get_repo_name(self):
1723 def _get_repo_name(self):
1722 if not self.repo_name:
1724 if not self.repo_name:
1723 _request = self._get_request()
1725 _request = self._get_request()
1724 self.repo_name = get_repo_slug(_request)
1726 self.repo_name = get_repo_slug(_request)
1725 return self.repo_name
1727 return self.repo_name
1726
1728
1727 def check_permissions(self, user):
1729 def check_permissions(self, user):
1728 self.repo_name = self._get_repo_name()
1730 self.repo_name = self._get_repo_name()
1729 perms = user.permissions
1731 perms = user.permissions
1730 try:
1732 try:
1731 user_perms = set([perms['repositories'][self.repo_name]])
1733 user_perms = set([perms['repositories'][self.repo_name]])
1732 except KeyError:
1734 except KeyError:
1733 return False
1735 return False
1734 if self.required_perms.intersection(user_perms):
1736 if self.required_perms.intersection(user_perms):
1735 return True
1737 return True
1736 return False
1738 return False
1737
1739
1738
1740
1739 class HasRepoGroupPermissionAny(PermsFunction):
1741 class HasRepoGroupPermissionAny(PermsFunction):
1740 def __call__(self, group_name=None, check_location='', user=None):
1742 def __call__(self, group_name=None, check_location='', user=None):
1741 self.repo_group_name = group_name
1743 self.repo_group_name = group_name
1742 return super(HasRepoGroupPermissionAny, self).__call__(
1744 return super(HasRepoGroupPermissionAny, self).__call__(
1743 check_location, user)
1745 check_location, user)
1744
1746
1745 def check_permissions(self, user):
1747 def check_permissions(self, user):
1746 perms = user.permissions
1748 perms = user.permissions
1747 try:
1749 try:
1748 user_perms = set(
1750 user_perms = set(
1749 [perms['repositories_groups'][self.repo_group_name]])
1751 [perms['repositories_groups'][self.repo_group_name]])
1750 except KeyError:
1752 except KeyError:
1751 return False
1753 return False
1752 if self.required_perms.intersection(user_perms):
1754 if self.required_perms.intersection(user_perms):
1753 return True
1755 return True
1754 return False
1756 return False
1755
1757
1756
1758
1757 class HasRepoGroupPermissionAll(PermsFunction):
1759 class HasRepoGroupPermissionAll(PermsFunction):
1758 def __call__(self, group_name=None, check_location='', user=None):
1760 def __call__(self, group_name=None, check_location='', user=None):
1759 self.repo_group_name = group_name
1761 self.repo_group_name = group_name
1760 return super(HasRepoGroupPermissionAll, self).__call__(
1762 return super(HasRepoGroupPermissionAll, self).__call__(
1761 check_location, user)
1763 check_location, user)
1762
1764
1763 def check_permissions(self, user):
1765 def check_permissions(self, user):
1764 perms = user.permissions
1766 perms = user.permissions
1765 try:
1767 try:
1766 user_perms = set(
1768 user_perms = set(
1767 [perms['repositories_groups'][self.repo_group_name]])
1769 [perms['repositories_groups'][self.repo_group_name]])
1768 except KeyError:
1770 except KeyError:
1769 return False
1771 return False
1770 if self.required_perms.issubset(user_perms):
1772 if self.required_perms.issubset(user_perms):
1771 return True
1773 return True
1772 return False
1774 return False
1773
1775
1774
1776
1775 class HasUserGroupPermissionAny(PermsFunction):
1777 class HasUserGroupPermissionAny(PermsFunction):
1776 def __call__(self, user_group_name=None, check_location='', user=None):
1778 def __call__(self, user_group_name=None, check_location='', user=None):
1777 self.user_group_name = user_group_name
1779 self.user_group_name = user_group_name
1778 return super(HasUserGroupPermissionAny, self).__call__(
1780 return super(HasUserGroupPermissionAny, self).__call__(
1779 check_location, user)
1781 check_location, user)
1780
1782
1781 def check_permissions(self, user):
1783 def check_permissions(self, user):
1782 perms = user.permissions
1784 perms = user.permissions
1783 try:
1785 try:
1784 user_perms = set([perms['user_groups'][self.user_group_name]])
1786 user_perms = set([perms['user_groups'][self.user_group_name]])
1785 except KeyError:
1787 except KeyError:
1786 return False
1788 return False
1787 if self.required_perms.intersection(user_perms):
1789 if self.required_perms.intersection(user_perms):
1788 return True
1790 return True
1789 return False
1791 return False
1790
1792
1791
1793
1792 class HasUserGroupPermissionAll(PermsFunction):
1794 class HasUserGroupPermissionAll(PermsFunction):
1793 def __call__(self, user_group_name=None, check_location='', user=None):
1795 def __call__(self, user_group_name=None, check_location='', user=None):
1794 self.user_group_name = user_group_name
1796 self.user_group_name = user_group_name
1795 return super(HasUserGroupPermissionAll, self).__call__(
1797 return super(HasUserGroupPermissionAll, self).__call__(
1796 check_location, user)
1798 check_location, user)
1797
1799
1798 def check_permissions(self, user):
1800 def check_permissions(self, user):
1799 perms = user.permissions
1801 perms = user.permissions
1800 try:
1802 try:
1801 user_perms = set([perms['user_groups'][self.user_group_name]])
1803 user_perms = set([perms['user_groups'][self.user_group_name]])
1802 except KeyError:
1804 except KeyError:
1803 return False
1805 return False
1804 if self.required_perms.issubset(user_perms):
1806 if self.required_perms.issubset(user_perms):
1805 return True
1807 return True
1806 return False
1808 return False
1807
1809
1808
1810
1809 # SPECIAL VERSION TO HANDLE MIDDLEWARE AUTH
1811 # SPECIAL VERSION TO HANDLE MIDDLEWARE AUTH
1810 class HasPermissionAnyMiddleware(object):
1812 class HasPermissionAnyMiddleware(object):
1811 def __init__(self, *perms):
1813 def __init__(self, *perms):
1812 self.required_perms = set(perms)
1814 self.required_perms = set(perms)
1813
1815
1814 def __call__(self, user, repo_name):
1816 def __call__(self, user, repo_name):
1815 # repo_name MUST be unicode, since we handle keys in permission
1817 # repo_name MUST be unicode, since we handle keys in permission
1816 # dict by unicode
1818 # dict by unicode
1817 repo_name = safe_unicode(repo_name)
1819 repo_name = safe_unicode(repo_name)
1818 user = AuthUser(user.user_id)
1820 user = AuthUser(user.user_id)
1819 log.debug(
1821 log.debug(
1820 'Checking VCS protocol permissions %s for user:%s repo:`%s`',
1822 'Checking VCS protocol permissions %s for user:%s repo:`%s`',
1821 self.required_perms, user, repo_name)
1823 self.required_perms, user, repo_name)
1822
1824
1823 if self.check_permissions(user, repo_name):
1825 if self.check_permissions(user, repo_name):
1824 log.debug('Permission to repo:`%s` GRANTED for user:%s @ %s',
1826 log.debug('Permission to repo:`%s` GRANTED for user:%s @ %s',
1825 repo_name, user, 'PermissionMiddleware')
1827 repo_name, user, 'PermissionMiddleware')
1826 return True
1828 return True
1827
1829
1828 else:
1830 else:
1829 log.debug('Permission to repo:`%s` DENIED for user:%s @ %s',
1831 log.debug('Permission to repo:`%s` DENIED for user:%s @ %s',
1830 repo_name, user, 'PermissionMiddleware')
1832 repo_name, user, 'PermissionMiddleware')
1831 return False
1833 return False
1832
1834
1833 def check_permissions(self, user, repo_name):
1835 def check_permissions(self, user, repo_name):
1834 perms = user.permissions_with_scope({'repo_name': repo_name})
1836 perms = user.permissions_with_scope({'repo_name': repo_name})
1835
1837
1836 try:
1838 try:
1837 user_perms = set([perms['repositories'][repo_name]])
1839 user_perms = set([perms['repositories'][repo_name]])
1838 except Exception:
1840 except Exception:
1839 log.exception('Error while accessing user permissions')
1841 log.exception('Error while accessing user permissions')
1840 return False
1842 return False
1841
1843
1842 if self.required_perms.intersection(user_perms):
1844 if self.required_perms.intersection(user_perms):
1843 return True
1845 return True
1844 return False
1846 return False
1845
1847
1846
1848
1847 # SPECIAL VERSION TO HANDLE API AUTH
1849 # SPECIAL VERSION TO HANDLE API AUTH
1848 class _BaseApiPerm(object):
1850 class _BaseApiPerm(object):
1849 def __init__(self, *perms):
1851 def __init__(self, *perms):
1850 self.required_perms = set(perms)
1852 self.required_perms = set(perms)
1851
1853
1852 def __call__(self, check_location=None, user=None, repo_name=None,
1854 def __call__(self, check_location=None, user=None, repo_name=None,
1853 group_name=None, user_group_name=None):
1855 group_name=None, user_group_name=None):
1854 cls_name = self.__class__.__name__
1856 cls_name = self.__class__.__name__
1855 check_scope = 'global:%s' % (self.required_perms,)
1857 check_scope = 'global:%s' % (self.required_perms,)
1856 if repo_name:
1858 if repo_name:
1857 check_scope += ', repo_name:%s' % (repo_name,)
1859 check_scope += ', repo_name:%s' % (repo_name,)
1858
1860
1859 if group_name:
1861 if group_name:
1860 check_scope += ', repo_group_name:%s' % (group_name,)
1862 check_scope += ', repo_group_name:%s' % (group_name,)
1861
1863
1862 if user_group_name:
1864 if user_group_name:
1863 check_scope += ', user_group_name:%s' % (user_group_name,)
1865 check_scope += ', user_group_name:%s' % (user_group_name,)
1864
1866
1865 log.debug(
1867 log.debug(
1866 'checking cls:%s %s %s @ %s'
1868 'checking cls:%s %s %s @ %s'
1867 % (cls_name, self.required_perms, check_scope, check_location))
1869 % (cls_name, self.required_perms, check_scope, check_location))
1868 if not user:
1870 if not user:
1869 log.debug('Empty User passed into arguments')
1871 log.debug('Empty User passed into arguments')
1870 return False
1872 return False
1871
1873
1872 # process user
1874 # process user
1873 if not isinstance(user, AuthUser):
1875 if not isinstance(user, AuthUser):
1874 user = AuthUser(user.user_id)
1876 user = AuthUser(user.user_id)
1875 if not check_location:
1877 if not check_location:
1876 check_location = 'unspecified'
1878 check_location = 'unspecified'
1877 if self.check_permissions(user.permissions, repo_name, group_name,
1879 if self.check_permissions(user.permissions, repo_name, group_name,
1878 user_group_name):
1880 user_group_name):
1879 log.debug('Permission to repo:`%s` GRANTED for user:`%s` @ %s',
1881 log.debug('Permission to repo:`%s` GRANTED for user:`%s` @ %s',
1880 check_scope, user, check_location)
1882 check_scope, user, check_location)
1881 return True
1883 return True
1882
1884
1883 else:
1885 else:
1884 log.debug('Permission to repo:`%s` DENIED for user:`%s` @ %s',
1886 log.debug('Permission to repo:`%s` DENIED for user:`%s` @ %s',
1885 check_scope, user, check_location)
1887 check_scope, user, check_location)
1886 return False
1888 return False
1887
1889
1888 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
1890 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
1889 user_group_name=None):
1891 user_group_name=None):
1890 """
1892 """
1891 implement in child class should return True if permissions are ok,
1893 implement in child class should return True if permissions are ok,
1892 False otherwise
1894 False otherwise
1893
1895
1894 :param perm_defs: dict with permission definitions
1896 :param perm_defs: dict with permission definitions
1895 :param repo_name: repo name
1897 :param repo_name: repo name
1896 """
1898 """
1897 raise NotImplementedError()
1899 raise NotImplementedError()
1898
1900
1899
1901
1900 class HasPermissionAllApi(_BaseApiPerm):
1902 class HasPermissionAllApi(_BaseApiPerm):
1901 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
1903 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
1902 user_group_name=None):
1904 user_group_name=None):
1903 if self.required_perms.issubset(perm_defs.get('global')):
1905 if self.required_perms.issubset(perm_defs.get('global')):
1904 return True
1906 return True
1905 return False
1907 return False
1906
1908
1907
1909
1908 class HasPermissionAnyApi(_BaseApiPerm):
1910 class HasPermissionAnyApi(_BaseApiPerm):
1909 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
1911 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
1910 user_group_name=None):
1912 user_group_name=None):
1911 if self.required_perms.intersection(perm_defs.get('global')):
1913 if self.required_perms.intersection(perm_defs.get('global')):
1912 return True
1914 return True
1913 return False
1915 return False
1914
1916
1915
1917
1916 class HasRepoPermissionAllApi(_BaseApiPerm):
1918 class HasRepoPermissionAllApi(_BaseApiPerm):
1917 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
1919 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
1918 user_group_name=None):
1920 user_group_name=None):
1919 try:
1921 try:
1920 _user_perms = set([perm_defs['repositories'][repo_name]])
1922 _user_perms = set([perm_defs['repositories'][repo_name]])
1921 except KeyError:
1923 except KeyError:
1922 log.warning(traceback.format_exc())
1924 log.warning(traceback.format_exc())
1923 return False
1925 return False
1924 if self.required_perms.issubset(_user_perms):
1926 if self.required_perms.issubset(_user_perms):
1925 return True
1927 return True
1926 return False
1928 return False
1927
1929
1928
1930
1929 class HasRepoPermissionAnyApi(_BaseApiPerm):
1931 class HasRepoPermissionAnyApi(_BaseApiPerm):
1930 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
1932 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
1931 user_group_name=None):
1933 user_group_name=None):
1932 try:
1934 try:
1933 _user_perms = set([perm_defs['repositories'][repo_name]])
1935 _user_perms = set([perm_defs['repositories'][repo_name]])
1934 except KeyError:
1936 except KeyError:
1935 log.warning(traceback.format_exc())
1937 log.warning(traceback.format_exc())
1936 return False
1938 return False
1937 if self.required_perms.intersection(_user_perms):
1939 if self.required_perms.intersection(_user_perms):
1938 return True
1940 return True
1939 return False
1941 return False
1940
1942
1941
1943
1942 class HasRepoGroupPermissionAnyApi(_BaseApiPerm):
1944 class HasRepoGroupPermissionAnyApi(_BaseApiPerm):
1943 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
1945 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
1944 user_group_name=None):
1946 user_group_name=None):
1945 try:
1947 try:
1946 _user_perms = set([perm_defs['repositories_groups'][group_name]])
1948 _user_perms = set([perm_defs['repositories_groups'][group_name]])
1947 except KeyError:
1949 except KeyError:
1948 log.warning(traceback.format_exc())
1950 log.warning(traceback.format_exc())
1949 return False
1951 return False
1950 if self.required_perms.intersection(_user_perms):
1952 if self.required_perms.intersection(_user_perms):
1951 return True
1953 return True
1952 return False
1954 return False
1953
1955
1954
1956
1955 class HasRepoGroupPermissionAllApi(_BaseApiPerm):
1957 class HasRepoGroupPermissionAllApi(_BaseApiPerm):
1956 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
1958 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
1957 user_group_name=None):
1959 user_group_name=None):
1958 try:
1960 try:
1959 _user_perms = set([perm_defs['repositories_groups'][group_name]])
1961 _user_perms = set([perm_defs['repositories_groups'][group_name]])
1960 except KeyError:
1962 except KeyError:
1961 log.warning(traceback.format_exc())
1963 log.warning(traceback.format_exc())
1962 return False
1964 return False
1963 if self.required_perms.issubset(_user_perms):
1965 if self.required_perms.issubset(_user_perms):
1964 return True
1966 return True
1965 return False
1967 return False
1966
1968
1967
1969
1968 class HasUserGroupPermissionAnyApi(_BaseApiPerm):
1970 class HasUserGroupPermissionAnyApi(_BaseApiPerm):
1969 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
1971 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
1970 user_group_name=None):
1972 user_group_name=None):
1971 try:
1973 try:
1972 _user_perms = set([perm_defs['user_groups'][user_group_name]])
1974 _user_perms = set([perm_defs['user_groups'][user_group_name]])
1973 except KeyError:
1975 except KeyError:
1974 log.warning(traceback.format_exc())
1976 log.warning(traceback.format_exc())
1975 return False
1977 return False
1976 if self.required_perms.intersection(_user_perms):
1978 if self.required_perms.intersection(_user_perms):
1977 return True
1979 return True
1978 return False
1980 return False
1979
1981
1980
1982
1981 def check_ip_access(source_ip, allowed_ips=None):
1983 def check_ip_access(source_ip, allowed_ips=None):
1982 """
1984 """
1983 Checks if source_ip is a subnet of any of allowed_ips.
1985 Checks if source_ip is a subnet of any of allowed_ips.
1984
1986
1985 :param source_ip:
1987 :param source_ip:
1986 :param allowed_ips: list of allowed ips together with mask
1988 :param allowed_ips: list of allowed ips together with mask
1987 """
1989 """
1988 log.debug('checking if ip:%s is subnet of %s' % (source_ip, allowed_ips))
1990 log.debug('checking if ip:%s is subnet of %s' % (source_ip, allowed_ips))
1989 source_ip_address = ipaddress.ip_address(source_ip)
1991 source_ip_address = ipaddress.ip_address(source_ip)
1990 if isinstance(allowed_ips, (tuple, list, set)):
1992 if isinstance(allowed_ips, (tuple, list, set)):
1991 for ip in allowed_ips:
1993 for ip in allowed_ips:
1992 try:
1994 try:
1993 network_address = ipaddress.ip_network(ip, strict=False)
1995 network_address = ipaddress.ip_network(ip, strict=False)
1994 if source_ip_address in network_address:
1996 if source_ip_address in network_address:
1995 log.debug('IP %s is network %s' %
1997 log.debug('IP %s is network %s' %
1996 (source_ip_address, network_address))
1998 (source_ip_address, network_address))
1997 return True
1999 return True
1998 # for any case we cannot determine the IP, don't crash just
2000 # for any case we cannot determine the IP, don't crash just
1999 # skip it and log as error, we want to say forbidden still when
2001 # skip it and log as error, we want to say forbidden still when
2000 # sending bad IP
2002 # sending bad IP
2001 except Exception:
2003 except Exception:
2002 log.error(traceback.format_exc())
2004 log.error(traceback.format_exc())
2003 continue
2005 continue
2004 return False
2006 return False
2005
2007
2006
2008
2007 def get_cython_compat_decorator(wrapper, func):
2009 def get_cython_compat_decorator(wrapper, func):
2008 """
2010 """
2009 Creates a cython compatible decorator. The previously used
2011 Creates a cython compatible decorator. The previously used
2010 decorator.decorator() function seems to be incompatible with cython.
2012 decorator.decorator() function seems to be incompatible with cython.
2011
2013
2012 :param wrapper: __wrapper method of the decorator class
2014 :param wrapper: __wrapper method of the decorator class
2013 :param func: decorated function
2015 :param func: decorated function
2014 """
2016 """
2015 @wraps(func)
2017 @wraps(func)
2016 def local_wrapper(*args, **kwds):
2018 def local_wrapper(*args, **kwds):
2017 return wrapper(func, *args, **kwds)
2019 return wrapper(func, *args, **kwds)
2018 local_wrapper.__wrapped__ = func
2020 local_wrapper.__wrapped__ = func
2019 return local_wrapper
2021 return local_wrapper
2020
2022
2021
2023
Show file before | Show file after | Hide comments
@@ -1,220 +1,220 b''
1 # -*- coding: utf-8 -*-
1 # -*- coding: utf-8 -*-
2
2
3 # Copyright (C) 2016-2017 RhodeCode GmbH
3 # Copyright (C) 2016-2017 RhodeCode GmbH
4 #
4 #
5 # This program is free software: you can redistribute it and/or modify
5 # This program is free software: you can redistribute it and/or modify
6 # it under the terms of the GNU Affero General Public License, version 3
6 # it under the terms of the GNU Affero General Public License, version 3
7 # (only), as published by the Free Software Foundation.
7 # (only), as published by the Free Software Foundation.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU Affero General Public License
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 #
16 #
17 # This program is dual-licensed. If you wish to learn more about the
17 # This program is dual-licensed. If you wish to learn more about the
18 # RhodeCode Enterprise Edition, including its added features, Support services,
18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20
20
21 import hashlib
21 import hashlib
22 import itsdangerous
22 import itsdangerous
23 import logging
23 import logging
24 import os
24 import os
25 import requests
25 import requests
26 from dogpile.core import ReadWriteMutex
26 from dogpile.core import ReadWriteMutex
27
27
28 import rhodecode.lib.helpers as h
28 import rhodecode.lib.helpers as h
29 from rhodecode.lib.auth import HasRepoPermissionAny
29 from rhodecode.lib.auth import HasRepoPermissionAny
30 from rhodecode.lib.ext_json import json
30 from rhodecode.lib.ext_json import json
31 from rhodecode.model.db import User
31 from rhodecode.model.db import User
32
32
33 log = logging.getLogger(__name__)
33 log = logging.getLogger(__name__)
34
34
35 LOCK = ReadWriteMutex()
35 LOCK = ReadWriteMutex()
36
36
37 STATE_PUBLIC_KEYS = ['id', 'username', 'first_name', 'last_name',
37 STATE_PUBLIC_KEYS = ['id', 'username', 'first_name', 'last_name',
38 'icon_link', 'display_name', 'display_link']
38 'icon_link', 'display_name', 'display_link']
39
39
40
40
41 class ChannelstreamException(Exception):
41 class ChannelstreamException(Exception):
42 pass
42 pass
43
43
44
44
45 class ChannelstreamConnectionException(ChannelstreamException):
45 class ChannelstreamConnectionException(ChannelstreamException):
46 pass
46 pass
47
47
48
48
49 class ChannelstreamPermissionException(ChannelstreamException):
49 class ChannelstreamPermissionException(ChannelstreamException):
50 pass
50 pass
51
51
52
52
53 def channelstream_request(config, payload, endpoint, raise_exc=True):
53 def channelstream_request(config, payload, endpoint, raise_exc=True):
54 signer = itsdangerous.TimestampSigner(config['secret'])
54 signer = itsdangerous.TimestampSigner(config['secret'])
55 sig_for_server = signer.sign(endpoint)
55 sig_for_server = signer.sign(endpoint)
56 secret_headers = {'x-channelstream-secret': sig_for_server,
56 secret_headers = {'x-channelstream-secret': sig_for_server,
57 'x-channelstream-endpoint': endpoint,
57 'x-channelstream-endpoint': endpoint,
58 'Content-Type': 'application/json'}
58 'Content-Type': 'application/json'}
59 req_url = 'http://{}{}'.format(config['server'], endpoint)
59 req_url = 'http://{}{}'.format(config['server'], endpoint)
60 response = None
60 response = None
61 try:
61 try:
62 response = requests.post(req_url, data=json.dumps(payload),
62 response = requests.post(req_url, data=json.dumps(payload),
63 headers=secret_headers).json()
63 headers=secret_headers).json()
64 except requests.ConnectionError:
64 except requests.ConnectionError:
65 log.exception('ConnectionError happened')
65 log.exception('ConnectionError happened')
66 if raise_exc:
66 if raise_exc:
67 raise ChannelstreamConnectionException()
67 raise ChannelstreamConnectionException()
68 except Exception:
68 except Exception:
69 log.exception('Exception related to channelstream happened')
69 log.exception('Exception related to channelstream happened')
70 if raise_exc:
70 if raise_exc:
71 raise ChannelstreamConnectionException()
71 raise ChannelstreamConnectionException()
72 return response
72 return response
73
73
74
74
75 def get_user_data(user_id):
75 def get_user_data(user_id):
76 user = User.get(user_id)
76 user = User.get(user_id)
77 return {
77 return {
78 'id': user.user_id,
78 'id': user.user_id,
79 'username': user.username,
79 'username': user.username,
80 'first_name': user.name,
80 'first_name': user.first_name,
81 'last_name': user.lastname,
81 'last_name': user.last_name,
82 'icon_link': h.gravatar_url(user.email, 60),
82 'icon_link': h.gravatar_url(user.email, 60),
83 'display_name': h.person(user, 'username_or_name_or_email'),
83 'display_name': h.person(user, 'username_or_name_or_email'),
84 'display_link': h.link_to_user(user),
84 'display_link': h.link_to_user(user),
85 'notifications': user.user_data.get('notification_status', True)
85 'notifications': user.user_data.get('notification_status', True)
86 }
86 }
87
87
88
88
89 def broadcast_validator(channel_name):
89 def broadcast_validator(channel_name):
90 """ checks if user can access the broadcast channel """
90 """ checks if user can access the broadcast channel """
91 if channel_name == 'broadcast':
91 if channel_name == 'broadcast':
92 return True
92 return True
93
93
94
94
95 def repo_validator(channel_name):
95 def repo_validator(channel_name):
96 """ checks if user can access the broadcast channel """
96 """ checks if user can access the broadcast channel """
97 channel_prefix = '/repo$'
97 channel_prefix = '/repo$'
98 if channel_name.startswith(channel_prefix):
98 if channel_name.startswith(channel_prefix):
99 elements = channel_name[len(channel_prefix):].split('$')
99 elements = channel_name[len(channel_prefix):].split('$')
100 repo_name = elements[0]
100 repo_name = elements[0]
101 can_access = HasRepoPermissionAny(
101 can_access = HasRepoPermissionAny(
102 'repository.read',
102 'repository.read',
103 'repository.write',
103 'repository.write',
104 'repository.admin')(repo_name)
104 'repository.admin')(repo_name)
105 log.debug('permission check for {} channel '
105 log.debug('permission check for {} channel '
106 'resulted in {}'.format(repo_name, can_access))
106 'resulted in {}'.format(repo_name, can_access))
107 if can_access:
107 if can_access:
108 return True
108 return True
109 return False
109 return False
110
110
111
111
112 def check_channel_permissions(channels, plugin_validators, should_raise=True):
112 def check_channel_permissions(channels, plugin_validators, should_raise=True):
113 valid_channels = []
113 valid_channels = []
114
114
115 validators = [broadcast_validator, repo_validator]
115 validators = [broadcast_validator, repo_validator]
116 if plugin_validators:
116 if plugin_validators:
117 validators.extend(plugin_validators)
117 validators.extend(plugin_validators)
118 for channel_name in channels:
118 for channel_name in channels:
119 is_valid = False
119 is_valid = False
120 for validator in validators:
120 for validator in validators:
121 if validator(channel_name):
121 if validator(channel_name):
122 is_valid = True
122 is_valid = True
123 break
123 break
124 if is_valid:
124 if is_valid:
125 valid_channels.append(channel_name)
125 valid_channels.append(channel_name)
126 else:
126 else:
127 if should_raise:
127 if should_raise:
128 raise ChannelstreamPermissionException()
128 raise ChannelstreamPermissionException()
129 return valid_channels
129 return valid_channels
130
130
131
131
132 def get_channels_info(self, channels):
132 def get_channels_info(self, channels):
133 payload = {'channels': channels}
133 payload = {'channels': channels}
134 # gather persistence info
134 # gather persistence info
135 return channelstream_request(self._config(), payload, '/info')
135 return channelstream_request(self._config(), payload, '/info')
136
136
137
137
138 def parse_channels_info(info_result, include_channel_info=None):
138 def parse_channels_info(info_result, include_channel_info=None):
139 """
139 """
140 Returns data that contains only secure information that can be
140 Returns data that contains only secure information that can be
141 presented to clients
141 presented to clients
142 """
142 """
143 include_channel_info = include_channel_info or []
143 include_channel_info = include_channel_info or []
144
144
145 user_state_dict = {}
145 user_state_dict = {}
146 for userinfo in info_result['users']:
146 for userinfo in info_result['users']:
147 user_state_dict[userinfo['user']] = {
147 user_state_dict[userinfo['user']] = {
148 k: v for k, v in userinfo['state'].items()
148 k: v for k, v in userinfo['state'].items()
149 if k in STATE_PUBLIC_KEYS
149 if k in STATE_PUBLIC_KEYS
150 }
150 }
151
151
152 channels_info = {}
152 channels_info = {}
153
153
154 for c_name, c_info in info_result['channels'].items():
154 for c_name, c_info in info_result['channels'].items():
155 if c_name not in include_channel_info:
155 if c_name not in include_channel_info:
156 continue
156 continue
157 connected_list = []
157 connected_list = []
158 for userinfo in c_info['users']:
158 for userinfo in c_info['users']:
159 connected_list.append({
159 connected_list.append({
160 'user': userinfo['user'],
160 'user': userinfo['user'],
161 'state': user_state_dict[userinfo['user']]
161 'state': user_state_dict[userinfo['user']]
162 })
162 })
163 channels_info[c_name] = {'users': connected_list,
163 channels_info[c_name] = {'users': connected_list,
164 'history': c_info['history']}
164 'history': c_info['history']}
165
165
166 return channels_info
166 return channels_info
167
167
168
168
169 def log_filepath(history_location, channel_name):
169 def log_filepath(history_location, channel_name):
170 hasher = hashlib.sha256()
170 hasher = hashlib.sha256()
171 hasher.update(channel_name.encode('utf8'))
171 hasher.update(channel_name.encode('utf8'))
172 filename = '{}.log'.format(hasher.hexdigest())
172 filename = '{}.log'.format(hasher.hexdigest())
173 filepath = os.path.join(history_location, filename)
173 filepath = os.path.join(history_location, filename)
174 return filepath
174 return filepath
175
175
176
176
177 def read_history(history_location, channel_name):
177 def read_history(history_location, channel_name):
178 filepath = log_filepath(history_location, channel_name)
178 filepath = log_filepath(history_location, channel_name)
179 if not os.path.exists(filepath):
179 if not os.path.exists(filepath):
180 return []
180 return []
181 history_lines_limit = -100
181 history_lines_limit = -100
182 history = []
182 history = []
183 with open(filepath, 'rb') as f:
183 with open(filepath, 'rb') as f:
184 for line in f.readlines()[history_lines_limit:]:
184 for line in f.readlines()[history_lines_limit:]:
185 try:
185 try:
186 history.append(json.loads(line))
186 history.append(json.loads(line))
187 except Exception:
187 except Exception:
188 log.exception('Failed to load history')
188 log.exception('Failed to load history')
189 return history
189 return history
190
190
191
191
192 def update_history_from_logs(config, channels, payload):
192 def update_history_from_logs(config, channels, payload):
193 history_location = config.get('history.location')
193 history_location = config.get('history.location')
194 for channel in channels:
194 for channel in channels:
195 history = read_history(history_location, channel)
195 history = read_history(history_location, channel)
196 payload['channels_info'][channel]['history'] = history
196 payload['channels_info'][channel]['history'] = history
197
197
198
198
199 def write_history(config, message):
199 def write_history(config, message):
200 """ writes a messge to a base64encoded filename """
200 """ writes a messge to a base64encoded filename """
201 history_location = config.get('history.location')
201 history_location = config.get('history.location')
202 if not os.path.exists(history_location):
202 if not os.path.exists(history_location):
203 return
203 return
204 try:
204 try:
205 LOCK.acquire_write_lock()
205 LOCK.acquire_write_lock()
206 filepath = log_filepath(history_location, message['channel'])
206 filepath = log_filepath(history_location, message['channel'])
207 with open(filepath, 'ab') as f:
207 with open(filepath, 'ab') as f:
208 json.dump(message, f)
208 json.dump(message, f)
209 f.write('\n')
209 f.write('\n')
210 finally:
210 finally:
211 LOCK.release_write_lock()
211 LOCK.release_write_lock()
212
212
213
213
214 def get_connection_validators(registry):
214 def get_connection_validators(registry):
215 validators = []
215 validators = []
216 for k, config in registry.rhodecode_plugins.iteritems():
216 for k, config in registry.rhodecode_plugins.iteritems():
217 validator = config.get('channelstream', {}).get('connect_validator')
217 validator = config.get('channelstream', {}).get('connect_validator')
218 if validator:
218 if validator:
219 validators.append(validator)
219 validators.append(validator)
220 return validators
220 return validators
Show file before | Show file after | Hide comments
@@ -1,2035 +1,2035 b''
1 # -*- coding: utf-8 -*-
1 # -*- coding: utf-8 -*-
2
2
3 # Copyright (C) 2010-2017 RhodeCode GmbH
3 # Copyright (C) 2010-2017 RhodeCode GmbH
4 #
4 #
5 # This program is free software: you can redistribute it and/or modify
5 # This program is free software: you can redistribute it and/or modify
6 # it under the terms of the GNU Affero General Public License, version 3
6 # it under the terms of the GNU Affero General Public License, version 3
7 # (only), as published by the Free Software Foundation.
7 # (only), as published by the Free Software Foundation.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU Affero General Public License
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 #
16 #
17 # This program is dual-licensed. If you wish to learn more about the
17 # This program is dual-licensed. If you wish to learn more about the
18 # RhodeCode Enterprise Edition, including its added features, Support services,
18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20
20
21 """
21 """
22 Helper functions
22 Helper functions
23
23
24 Consists of functions to typically be used within templates, but also
24 Consists of functions to typically be used within templates, but also
25 available to Controllers. This module is available to both as 'h'.
25 available to Controllers. This module is available to both as 'h'.
26 """
26 """
27
27
28 import random
28 import random
29 import hashlib
29 import hashlib
30 import StringIO
30 import StringIO
31 import urllib
31 import urllib
32 import math
32 import math
33 import logging
33 import logging
34 import re
34 import re
35 import urlparse
35 import urlparse
36 import time
36 import time
37 import string
37 import string
38 import hashlib
38 import hashlib
39 from collections import OrderedDict
39 from collections import OrderedDict
40
40
41 import pygments
41 import pygments
42 import itertools
42 import itertools
43 import fnmatch
43 import fnmatch
44
44
45 from datetime import datetime
45 from datetime import datetime
46 from functools import partial
46 from functools import partial
47 from pygments.formatters.html import HtmlFormatter
47 from pygments.formatters.html import HtmlFormatter
48 from pygments import highlight as code_highlight
48 from pygments import highlight as code_highlight
49 from pygments.lexers import (
49 from pygments.lexers import (
50 get_lexer_by_name, get_lexer_for_filename, get_lexer_for_mimetype)
50 get_lexer_by_name, get_lexer_for_filename, get_lexer_for_mimetype)
51 from pylons import url as pylons_url
51 from pylons import url as pylons_url
52 from pylons.i18n.translation import _, ungettext
52 from pylons.i18n.translation import _, ungettext
53 from pyramid.threadlocal import get_current_request
53 from pyramid.threadlocal import get_current_request
54
54
55 from webhelpers.html import literal, HTML, escape
55 from webhelpers.html import literal, HTML, escape
56 from webhelpers.html.tools import *
56 from webhelpers.html.tools import *
57 from webhelpers.html.builder import make_tag
57 from webhelpers.html.builder import make_tag
58 from webhelpers.html.tags import auto_discovery_link, checkbox, css_classes, \
58 from webhelpers.html.tags import auto_discovery_link, checkbox, css_classes, \
59 end_form, file, form as wh_form, hidden, image, javascript_link, link_to, \
59 end_form, file, form as wh_form, hidden, image, javascript_link, link_to, \
60 link_to_if, link_to_unless, ol, required_legend, select, stylesheet_link, \
60 link_to_if, link_to_unless, ol, required_legend, select, stylesheet_link, \
61 submit, text, password, textarea, title, ul, xml_declaration, radio
61 submit, text, password, textarea, title, ul, xml_declaration, radio
62 from webhelpers.html.tools import auto_link, button_to, highlight, \
62 from webhelpers.html.tools import auto_link, button_to, highlight, \
63 js_obfuscate, mail_to, strip_links, strip_tags, tag_re
63 js_obfuscate, mail_to, strip_links, strip_tags, tag_re
64 from webhelpers.pylonslib import Flash as _Flash
64 from webhelpers.pylonslib import Flash as _Flash
65 from webhelpers.text import chop_at, collapse, convert_accented_entities, \
65 from webhelpers.text import chop_at, collapse, convert_accented_entities, \
66 convert_misc_entities, lchop, plural, rchop, remove_formatting, \
66 convert_misc_entities, lchop, plural, rchop, remove_formatting, \
67 replace_whitespace, urlify, truncate, wrap_paragraphs
67 replace_whitespace, urlify, truncate, wrap_paragraphs
68 from webhelpers.date import time_ago_in_words
68 from webhelpers.date import time_ago_in_words
69 from webhelpers.paginate import Page as _Page
69 from webhelpers.paginate import Page as _Page
70 from webhelpers.html.tags import _set_input_attrs, _set_id_attr, \
70 from webhelpers.html.tags import _set_input_attrs, _set_id_attr, \
71 convert_boolean_attrs, NotGiven, _make_safe_id_component
71 convert_boolean_attrs, NotGiven, _make_safe_id_component
72 from webhelpers2.number import format_byte_size
72 from webhelpers2.number import format_byte_size
73
73
74 from rhodecode.lib.action_parser import action_parser
74 from rhodecode.lib.action_parser import action_parser
75 from rhodecode.lib.ext_json import json
75 from rhodecode.lib.ext_json import json
76 from rhodecode.lib.utils import repo_name_slug, get_custom_lexer
76 from rhodecode.lib.utils import repo_name_slug, get_custom_lexer
77 from rhodecode.lib.utils2 import str2bool, safe_unicode, safe_str, \
77 from rhodecode.lib.utils2 import str2bool, safe_unicode, safe_str, \
78 get_commit_safe, datetime_to_time, time_to_datetime, time_to_utcdatetime, \
78 get_commit_safe, datetime_to_time, time_to_datetime, time_to_utcdatetime, \
79 AttributeDict, safe_int, md5, md5_safe
79 AttributeDict, safe_int, md5, md5_safe
80 from rhodecode.lib.markup_renderer import MarkupRenderer, relative_links
80 from rhodecode.lib.markup_renderer import MarkupRenderer, relative_links
81 from rhodecode.lib.vcs.exceptions import CommitDoesNotExistError
81 from rhodecode.lib.vcs.exceptions import CommitDoesNotExistError
82 from rhodecode.lib.vcs.backends.base import BaseChangeset, EmptyCommit
82 from rhodecode.lib.vcs.backends.base import BaseChangeset, EmptyCommit
83 from rhodecode.config.conf import DATE_FORMAT, DATETIME_FORMAT
83 from rhodecode.config.conf import DATE_FORMAT, DATETIME_FORMAT
84 from rhodecode.model.changeset_status import ChangesetStatusModel
84 from rhodecode.model.changeset_status import ChangesetStatusModel
85 from rhodecode.model.db import Permission, User, Repository
85 from rhodecode.model.db import Permission, User, Repository
86 from rhodecode.model.repo_group import RepoGroupModel
86 from rhodecode.model.repo_group import RepoGroupModel
87 from rhodecode.model.settings import IssueTrackerSettingsModel
87 from rhodecode.model.settings import IssueTrackerSettingsModel
88
88
89 log = logging.getLogger(__name__)
89 log = logging.getLogger(__name__)
90
90
91
91
92 DEFAULT_USER = User.DEFAULT_USER
92 DEFAULT_USER = User.DEFAULT_USER
93 DEFAULT_USER_EMAIL = User.DEFAULT_USER_EMAIL
93 DEFAULT_USER_EMAIL = User.DEFAULT_USER_EMAIL
94
94
95
95
96 def url(*args, **kw):
96 def url(*args, **kw):
97 return pylons_url(*args, **kw)
97 return pylons_url(*args, **kw)
98
98
99
99
100 def pylons_url_current(*args, **kw):
100 def pylons_url_current(*args, **kw):
101 """
101 """
102 This function overrides pylons.url.current() which returns the current
102 This function overrides pylons.url.current() which returns the current
103 path so that it will also work from a pyramid only context. This
103 path so that it will also work from a pyramid only context. This
104 should be removed once port to pyramid is complete.
104 should be removed once port to pyramid is complete.
105 """
105 """
106 if not args and not kw:
106 if not args and not kw:
107 request = get_current_request()
107 request = get_current_request()
108 return request.path
108 return request.path
109 return pylons_url.current(*args, **kw)
109 return pylons_url.current(*args, **kw)
110
110
111 url.current = pylons_url_current
111 url.current = pylons_url_current
112
112
113
113
114 def url_replace(**qargs):
114 def url_replace(**qargs):
115 """ Returns the current request url while replacing query string args """
115 """ Returns the current request url while replacing query string args """
116
116
117 request = get_current_request()
117 request = get_current_request()
118 new_args = request.GET.mixed()
118 new_args = request.GET.mixed()
119 new_args.update(qargs)
119 new_args.update(qargs)
120 return url('', **new_args)
120 return url('', **new_args)
121
121
122
122
123 def asset(path, ver=None, **kwargs):
123 def asset(path, ver=None, **kwargs):
124 """
124 """
125 Helper to generate a static asset file path for rhodecode assets
125 Helper to generate a static asset file path for rhodecode assets
126
126
127 eg. h.asset('images/image.png', ver='3923')
127 eg. h.asset('images/image.png', ver='3923')
128
128
129 :param path: path of asset
129 :param path: path of asset
130 :param ver: optional version query param to append as ?ver=
130 :param ver: optional version query param to append as ?ver=
131 """
131 """
132 request = get_current_request()
132 request = get_current_request()
133 query = {}
133 query = {}
134 query.update(kwargs)
134 query.update(kwargs)
135 if ver:
135 if ver:
136 query = {'ver': ver}
136 query = {'ver': ver}
137 return request.static_path(
137 return request.static_path(
138 'rhodecode:public/{}'.format(path), _query=query)
138 'rhodecode:public/{}'.format(path), _query=query)
139
139
140
140
141 default_html_escape_table = {
141 default_html_escape_table = {
142 ord('&'): u'&amp;',
142 ord('&'): u'&amp;',
143 ord('<'): u'&lt;',
143 ord('<'): u'&lt;',
144 ord('>'): u'&gt;',
144 ord('>'): u'&gt;',
145 ord('"'): u'&quot;',
145 ord('"'): u'&quot;',
146 ord("'"): u'&#39;',
146 ord("'"): u'&#39;',
147 }
147 }
148
148
149
149
150 def html_escape(text, html_escape_table=default_html_escape_table):
150 def html_escape(text, html_escape_table=default_html_escape_table):
151 """Produce entities within text."""
151 """Produce entities within text."""
152 return text.translate(html_escape_table)
152 return text.translate(html_escape_table)
153
153
154
154
155 def chop_at_smart(s, sub, inclusive=False, suffix_if_chopped=None):
155 def chop_at_smart(s, sub, inclusive=False, suffix_if_chopped=None):
156 """
156 """
157 Truncate string ``s`` at the first occurrence of ``sub``.
157 Truncate string ``s`` at the first occurrence of ``sub``.
158
158
159 If ``inclusive`` is true, truncate just after ``sub`` rather than at it.
159 If ``inclusive`` is true, truncate just after ``sub`` rather than at it.
160 """
160 """
161 suffix_if_chopped = suffix_if_chopped or ''
161 suffix_if_chopped = suffix_if_chopped or ''
162 pos = s.find(sub)
162 pos = s.find(sub)
163 if pos == -1:
163 if pos == -1:
164 return s
164 return s
165
165
166 if inclusive:
166 if inclusive:
167 pos += len(sub)
167 pos += len(sub)
168
168
169 chopped = s[:pos]
169 chopped = s[:pos]
170 left = s[pos:].strip()
170 left = s[pos:].strip()
171
171
172 if left and suffix_if_chopped:
172 if left and suffix_if_chopped:
173 chopped += suffix_if_chopped
173 chopped += suffix_if_chopped
174
174
175 return chopped
175 return chopped
176
176
177
177
178 def shorter(text, size=20):
178 def shorter(text, size=20):
179 postfix = '...'
179 postfix = '...'
180 if len(text) > size:
180 if len(text) > size:
181 return text[:size - len(postfix)] + postfix
181 return text[:size - len(postfix)] + postfix
182 return text
182 return text
183
183
184
184
185 def _reset(name, value=None, id=NotGiven, type="reset", **attrs):
185 def _reset(name, value=None, id=NotGiven, type="reset", **attrs):
186 """
186 """
187 Reset button
187 Reset button
188 """
188 """
189 _set_input_attrs(attrs, type, name, value)
189 _set_input_attrs(attrs, type, name, value)
190 _set_id_attr(attrs, id, name)
190 _set_id_attr(attrs, id, name)
191 convert_boolean_attrs(attrs, ["disabled"])
191 convert_boolean_attrs(attrs, ["disabled"])
192 return HTML.input(**attrs)
192 return HTML.input(**attrs)
193
193
194 reset = _reset
194 reset = _reset
195 safeid = _make_safe_id_component
195 safeid = _make_safe_id_component
196
196
197
197
198 def branding(name, length=40):
198 def branding(name, length=40):
199 return truncate(name, length, indicator="")
199 return truncate(name, length, indicator="")
200
200
201
201
202 def FID(raw_id, path):
202 def FID(raw_id, path):
203 """
203 """
204 Creates a unique ID for filenode based on it's hash of path and commit
204 Creates a unique ID for filenode based on it's hash of path and commit
205 it's safe to use in urls
205 it's safe to use in urls
206
206
207 :param raw_id:
207 :param raw_id:
208 :param path:
208 :param path:
209 """
209 """
210
210
211 return 'c-%s-%s' % (short_id(raw_id), md5_safe(path)[:12])
211 return 'c-%s-%s' % (short_id(raw_id), md5_safe(path)[:12])
212
212
213
213
214 class _GetError(object):
214 class _GetError(object):
215 """Get error from form_errors, and represent it as span wrapped error
215 """Get error from form_errors, and represent it as span wrapped error
216 message
216 message
217
217
218 :param field_name: field to fetch errors for
218 :param field_name: field to fetch errors for
219 :param form_errors: form errors dict
219 :param form_errors: form errors dict
220 """
220 """
221
221
222 def __call__(self, field_name, form_errors):
222 def __call__(self, field_name, form_errors):
223 tmpl = """<span class="error_msg">%s</span>"""
223 tmpl = """<span class="error_msg">%s</span>"""
224 if form_errors and field_name in form_errors:
224 if form_errors and field_name in form_errors:
225 return literal(tmpl % form_errors.get(field_name))
225 return literal(tmpl % form_errors.get(field_name))
226
226
227 get_error = _GetError()
227 get_error = _GetError()
228
228
229
229
230 class _ToolTip(object):
230 class _ToolTip(object):
231
231
232 def __call__(self, tooltip_title, trim_at=50):
232 def __call__(self, tooltip_title, trim_at=50):
233 """
233 """
234 Special function just to wrap our text into nice formatted
234 Special function just to wrap our text into nice formatted
235 autowrapped text
235 autowrapped text
236
236
237 :param tooltip_title:
237 :param tooltip_title:
238 """
238 """
239 tooltip_title = escape(tooltip_title)
239 tooltip_title = escape(tooltip_title)
240 tooltip_title = tooltip_title.replace('<', '&lt;').replace('>', '&gt;')
240 tooltip_title = tooltip_title.replace('<', '&lt;').replace('>', '&gt;')
241 return tooltip_title
241 return tooltip_title
242 tooltip = _ToolTip()
242 tooltip = _ToolTip()
243
243
244
244
245 def files_breadcrumbs(repo_name, commit_id, file_path):
245 def files_breadcrumbs(repo_name, commit_id, file_path):
246 if isinstance(file_path, str):
246 if isinstance(file_path, str):
247 file_path = safe_unicode(file_path)
247 file_path = safe_unicode(file_path)
248
248
249 # TODO: johbo: Is this always a url like path, or is this operating
249 # TODO: johbo: Is this always a url like path, or is this operating
250 # system dependent?
250 # system dependent?
251 path_segments = file_path.split('/')
251 path_segments = file_path.split('/')
252
252
253 repo_name_html = escape(repo_name)
253 repo_name_html = escape(repo_name)
254 if len(path_segments) == 1 and path_segments[0] == '':
254 if len(path_segments) == 1 and path_segments[0] == '':
255 url_segments = [repo_name_html]
255 url_segments = [repo_name_html]
256 else:
256 else:
257 url_segments = [
257 url_segments = [
258 link_to(
258 link_to(
259 repo_name_html,
259 repo_name_html,
260 url('files_home',
260 url('files_home',
261 repo_name=repo_name,
261 repo_name=repo_name,
262 revision=commit_id,
262 revision=commit_id,
263 f_path=''),
263 f_path=''),
264 class_='pjax-link')]
264 class_='pjax-link')]
265
265
266 last_cnt = len(path_segments) - 1
266 last_cnt = len(path_segments) - 1
267 for cnt, segment in enumerate(path_segments):
267 for cnt, segment in enumerate(path_segments):
268 if not segment:
268 if not segment:
269 continue
269 continue
270 segment_html = escape(segment)
270 segment_html = escape(segment)
271
271
272 if cnt != last_cnt:
272 if cnt != last_cnt:
273 url_segments.append(
273 url_segments.append(
274 link_to(
274 link_to(
275 segment_html,
275 segment_html,
276 url('files_home',
276 url('files_home',
277 repo_name=repo_name,
277 repo_name=repo_name,
278 revision=commit_id,
278 revision=commit_id,
279 f_path='/'.join(path_segments[:cnt + 1])),
279 f_path='/'.join(path_segments[:cnt + 1])),
280 class_='pjax-link'))
280 class_='pjax-link'))
281 else:
281 else:
282 url_segments.append(segment_html)
282 url_segments.append(segment_html)
283
283
284 return literal('/'.join(url_segments))
284 return literal('/'.join(url_segments))
285
285
286
286
287 class CodeHtmlFormatter(HtmlFormatter):
287 class CodeHtmlFormatter(HtmlFormatter):
288 """
288 """
289 My code Html Formatter for source codes
289 My code Html Formatter for source codes
290 """
290 """
291
291
292 def wrap(self, source, outfile):
292 def wrap(self, source, outfile):
293 return self._wrap_div(self._wrap_pre(self._wrap_code(source)))
293 return self._wrap_div(self._wrap_pre(self._wrap_code(source)))
294
294
295 def _wrap_code(self, source):
295 def _wrap_code(self, source):
296 for cnt, it in enumerate(source):
296 for cnt, it in enumerate(source):
297 i, t = it
297 i, t = it
298 t = '<div id="L%s">%s</div>' % (cnt + 1, t)
298 t = '<div id="L%s">%s</div>' % (cnt + 1, t)
299 yield i, t
299 yield i, t
300
300
301 def _wrap_tablelinenos(self, inner):
301 def _wrap_tablelinenos(self, inner):
302 dummyoutfile = StringIO.StringIO()
302 dummyoutfile = StringIO.StringIO()
303 lncount = 0
303 lncount = 0
304 for t, line in inner:
304 for t, line in inner:
305 if t:
305 if t:
306 lncount += 1
306 lncount += 1
307 dummyoutfile.write(line)
307 dummyoutfile.write(line)
308
308
309 fl = self.linenostart
309 fl = self.linenostart
310 mw = len(str(lncount + fl - 1))
310 mw = len(str(lncount + fl - 1))
311 sp = self.linenospecial
311 sp = self.linenospecial
312 st = self.linenostep
312 st = self.linenostep
313 la = self.lineanchors
313 la = self.lineanchors
314 aln = self.anchorlinenos
314 aln = self.anchorlinenos
315 nocls = self.noclasses
315 nocls = self.noclasses
316 if sp:
316 if sp:
317 lines = []
317 lines = []
318
318
319 for i in range(fl, fl + lncount):
319 for i in range(fl, fl + lncount):
320 if i % st == 0:
320 if i % st == 0:
321 if i % sp == 0:
321 if i % sp == 0:
322 if aln:
322 if aln:
323 lines.append('<a href="#%s%d" class="special">%*d</a>' %
323 lines.append('<a href="#%s%d" class="special">%*d</a>' %
324 (la, i, mw, i))
324 (la, i, mw, i))
325 else:
325 else:
326 lines.append('<span class="special">%*d</span>' % (mw, i))
326 lines.append('<span class="special">%*d</span>' % (mw, i))
327 else:
327 else:
328 if aln:
328 if aln:
329 lines.append('<a href="#%s%d">%*d</a>' % (la, i, mw, i))
329 lines.append('<a href="#%s%d">%*d</a>' % (la, i, mw, i))
330 else:
330 else:
331 lines.append('%*d' % (mw, i))
331 lines.append('%*d' % (mw, i))
332 else:
332 else:
333 lines.append('')
333 lines.append('')
334 ls = '\n'.join(lines)
334 ls = '\n'.join(lines)
335 else:
335 else:
336 lines = []
336 lines = []
337 for i in range(fl, fl + lncount):
337 for i in range(fl, fl + lncount):
338 if i % st == 0:
338 if i % st == 0:
339 if aln:
339 if aln:
340 lines.append('<a href="#%s%d">%*d</a>' % (la, i, mw, i))
340 lines.append('<a href="#%s%d">%*d</a>' % (la, i, mw, i))
341 else:
341 else:
342 lines.append('%*d' % (mw, i))
342 lines.append('%*d' % (mw, i))
343 else:
343 else:
344 lines.append('')
344 lines.append('')
345 ls = '\n'.join(lines)
345 ls = '\n'.join(lines)
346
346
347 # in case you wonder about the seemingly redundant <div> here: since the
347 # in case you wonder about the seemingly redundant <div> here: since the
348 # content in the other cell also is wrapped in a div, some browsers in
348 # content in the other cell also is wrapped in a div, some browsers in
349 # some configurations seem to mess up the formatting...
349 # some configurations seem to mess up the formatting...
350 if nocls:
350 if nocls:
351 yield 0, ('<table class="%stable">' % self.cssclass +
351 yield 0, ('<table class="%stable">' % self.cssclass +
352 '<tr><td><div class="linenodiv" '
352 '<tr><td><div class="linenodiv" '
353 'style="background-color: #f0f0f0; padding-right: 10px">'
353 'style="background-color: #f0f0f0; padding-right: 10px">'
354 '<pre style="line-height: 125%">' +
354 '<pre style="line-height: 125%">' +
355 ls + '</pre></div></td><td id="hlcode" class="code">')
355 ls + '</pre></div></td><td id="hlcode" class="code">')
356 else:
356 else:
357 yield 0, ('<table class="%stable">' % self.cssclass +
357 yield 0, ('<table class="%stable">' % self.cssclass +
358 '<tr><td class="linenos"><div class="linenodiv"><pre>' +
358 '<tr><td class="linenos"><div class="linenodiv"><pre>' +
359 ls + '</pre></div></td><td id="hlcode" class="code">')
359 ls + '</pre></div></td><td id="hlcode" class="code">')
360 yield 0, dummyoutfile.getvalue()
360 yield 0, dummyoutfile.getvalue()
361 yield 0, '</td></tr></table>'
361 yield 0, '</td></tr></table>'
362
362
363
363
364 class SearchContentCodeHtmlFormatter(CodeHtmlFormatter):
364 class SearchContentCodeHtmlFormatter(CodeHtmlFormatter):
365 def __init__(self, **kw):
365 def __init__(self, **kw):
366 # only show these line numbers if set
366 # only show these line numbers if set
367 self.only_lines = kw.pop('only_line_numbers', [])
367 self.only_lines = kw.pop('only_line_numbers', [])
368 self.query_terms = kw.pop('query_terms', [])
368 self.query_terms = kw.pop('query_terms', [])
369 self.max_lines = kw.pop('max_lines', 5)
369 self.max_lines = kw.pop('max_lines', 5)
370 self.line_context = kw.pop('line_context', 3)
370 self.line_context = kw.pop('line_context', 3)
371 self.url = kw.pop('url', None)
371 self.url = kw.pop('url', None)
372
372
373 super(CodeHtmlFormatter, self).__init__(**kw)
373 super(CodeHtmlFormatter, self).__init__(**kw)
374
374
375 def _wrap_code(self, source):
375 def _wrap_code(self, source):
376 for cnt, it in enumerate(source):
376 for cnt, it in enumerate(source):
377 i, t = it
377 i, t = it
378 t = '<pre>%s</pre>' % t
378 t = '<pre>%s</pre>' % t
379 yield i, t
379 yield i, t
380
380
381 def _wrap_tablelinenos(self, inner):
381 def _wrap_tablelinenos(self, inner):
382 yield 0, '<table class="code-highlight %stable">' % self.cssclass
382 yield 0, '<table class="code-highlight %stable">' % self.cssclass
383
383
384 last_shown_line_number = 0
384 last_shown_line_number = 0
385 current_line_number = 1
385 current_line_number = 1
386
386
387 for t, line in inner:
387 for t, line in inner:
388 if not t:
388 if not t:
389 yield t, line
389 yield t, line
390 continue
390 continue
391
391
392 if current_line_number in self.only_lines:
392 if current_line_number in self.only_lines:
393 if last_shown_line_number + 1 != current_line_number:
393 if last_shown_line_number + 1 != current_line_number:
394 yield 0, '<tr>'
394 yield 0, '<tr>'
395 yield 0, '<td class="line">...</td>'
395 yield 0, '<td class="line">...</td>'
396 yield 0, '<td id="hlcode" class="code"></td>'
396 yield 0, '<td id="hlcode" class="code"></td>'
397 yield 0, '</tr>'
397 yield 0, '</tr>'
398
398
399 yield 0, '<tr>'
399 yield 0, '<tr>'
400 if self.url:
400 if self.url:
401 yield 0, '<td class="line"><a href="%s#L%i">%i</a></td>' % (
401 yield 0, '<td class="line"><a href="%s#L%i">%i</a></td>' % (
402 self.url, current_line_number, current_line_number)
402 self.url, current_line_number, current_line_number)
403 else:
403 else:
404 yield 0, '<td class="line"><a href="">%i</a></td>' % (
404 yield 0, '<td class="line"><a href="">%i</a></td>' % (
405 current_line_number)
405 current_line_number)
406 yield 0, '<td id="hlcode" class="code">' + line + '</td>'
406 yield 0, '<td id="hlcode" class="code">' + line + '</td>'
407 yield 0, '</tr>'
407 yield 0, '</tr>'
408
408
409 last_shown_line_number = current_line_number
409 last_shown_line_number = current_line_number
410
410
411 current_line_number += 1
411 current_line_number += 1
412
412
413
413
414 yield 0, '</table>'
414 yield 0, '</table>'
415
415
416
416
417 def extract_phrases(text_query):
417 def extract_phrases(text_query):
418 """
418 """
419 Extracts phrases from search term string making sure phrases
419 Extracts phrases from search term string making sure phrases
420 contained in double quotes are kept together - and discarding empty values
420 contained in double quotes are kept together - and discarding empty values
421 or fully whitespace values eg.
421 or fully whitespace values eg.
422
422
423 'some text "a phrase" more' => ['some', 'text', 'a phrase', 'more']
423 'some text "a phrase" more' => ['some', 'text', 'a phrase', 'more']
424
424
425 """
425 """
426
426
427 in_phrase = False
427 in_phrase = False
428 buf = ''
428 buf = ''
429 phrases = []
429 phrases = []
430 for char in text_query:
430 for char in text_query:
431 if in_phrase:
431 if in_phrase:
432 if char == '"': # end phrase
432 if char == '"': # end phrase
433 phrases.append(buf)
433 phrases.append(buf)
434 buf = ''
434 buf = ''
435 in_phrase = False
435 in_phrase = False
436 continue
436 continue
437 else:
437 else:
438 buf += char
438 buf += char
439 continue
439 continue
440 else:
440 else:
441 if char == '"': # start phrase
441 if char == '"': # start phrase
442 in_phrase = True
442 in_phrase = True
443 phrases.append(buf)
443 phrases.append(buf)
444 buf = ''
444 buf = ''
445 continue
445 continue
446 elif char == ' ':
446 elif char == ' ':
447 phrases.append(buf)
447 phrases.append(buf)
448 buf = ''
448 buf = ''
449 continue
449 continue
450 else:
450 else:
451 buf += char
451 buf += char
452
452
453 phrases.append(buf)
453 phrases.append(buf)
454 phrases = [phrase.strip() for phrase in phrases if phrase.strip()]
454 phrases = [phrase.strip() for phrase in phrases if phrase.strip()]
455 return phrases
455 return phrases
456
456
457
457
458 def get_matching_offsets(text, phrases):
458 def get_matching_offsets(text, phrases):
459 """
459 """
460 Returns a list of string offsets in `text` that the list of `terms` match
460 Returns a list of string offsets in `text` that the list of `terms` match
461
461
462 >>> get_matching_offsets('some text here', ['some', 'here'])
462 >>> get_matching_offsets('some text here', ['some', 'here'])
463 [(0, 4), (10, 14)]
463 [(0, 4), (10, 14)]
464
464
465 """
465 """
466 offsets = []
466 offsets = []
467 for phrase in phrases:
467 for phrase in phrases:
468 for match in re.finditer(phrase, text):
468 for match in re.finditer(phrase, text):
469 offsets.append((match.start(), match.end()))
469 offsets.append((match.start(), match.end()))
470
470
471 return offsets
471 return offsets
472
472
473
473
474 def normalize_text_for_matching(x):
474 def normalize_text_for_matching(x):
475 """
475 """
476 Replaces all non alnum characters to spaces and lower cases the string,
476 Replaces all non alnum characters to spaces and lower cases the string,
477 useful for comparing two text strings without punctuation
477 useful for comparing two text strings without punctuation
478 """
478 """
479 return re.sub(r'[^\w]', ' ', x.lower())
479 return re.sub(r'[^\w]', ' ', x.lower())
480
480
481
481
482 def get_matching_line_offsets(lines, terms):
482 def get_matching_line_offsets(lines, terms):
483 """ Return a set of `lines` indices (starting from 1) matching a
483 """ Return a set of `lines` indices (starting from 1) matching a
484 text search query, along with `context` lines above/below matching lines
484 text search query, along with `context` lines above/below matching lines
485
485
486 :param lines: list of strings representing lines
486 :param lines: list of strings representing lines
487 :param terms: search term string to match in lines eg. 'some text'
487 :param terms: search term string to match in lines eg. 'some text'
488 :param context: number of lines above/below a matching line to add to result
488 :param context: number of lines above/below a matching line to add to result
489 :param max_lines: cut off for lines of interest
489 :param max_lines: cut off for lines of interest
490 eg.
490 eg.
491
491
492 text = '''
492 text = '''
493 words words words
493 words words words
494 words words words
494 words words words
495 some text some
495 some text some
496 words words words
496 words words words
497 words words words
497 words words words
498 text here what
498 text here what
499 '''
499 '''
500 get_matching_line_offsets(text, 'text', context=1)
500 get_matching_line_offsets(text, 'text', context=1)
501 {3: [(5, 9)], 6: [(0, 4)]]
501 {3: [(5, 9)], 6: [(0, 4)]]
502
502
503 """
503 """
504 matching_lines = {}
504 matching_lines = {}
505 phrases = [normalize_text_for_matching(phrase)
505 phrases = [normalize_text_for_matching(phrase)
506 for phrase in extract_phrases(terms)]
506 for phrase in extract_phrases(terms)]
507
507
508 for line_index, line in enumerate(lines, start=1):
508 for line_index, line in enumerate(lines, start=1):
509 match_offsets = get_matching_offsets(
509 match_offsets = get_matching_offsets(
510 normalize_text_for_matching(line), phrases)
510 normalize_text_for_matching(line), phrases)
511 if match_offsets:
511 if match_offsets:
512 matching_lines[line_index] = match_offsets
512 matching_lines[line_index] = match_offsets
513
513
514 return matching_lines
514 return matching_lines
515
515
516
516
517 def hsv_to_rgb(h, s, v):
517 def hsv_to_rgb(h, s, v):
518 """ Convert hsv color values to rgb """
518 """ Convert hsv color values to rgb """
519
519
520 if s == 0.0:
520 if s == 0.0:
521 return v, v, v
521 return v, v, v
522 i = int(h * 6.0) # XXX assume int() truncates!
522 i = int(h * 6.0) # XXX assume int() truncates!
523 f = (h * 6.0) - i
523 f = (h * 6.0) - i
524 p = v * (1.0 - s)
524 p = v * (1.0 - s)
525 q = v * (1.0 - s * f)
525 q = v * (1.0 - s * f)
526 t = v * (1.0 - s * (1.0 - f))
526 t = v * (1.0 - s * (1.0 - f))
527 i = i % 6
527 i = i % 6
528 if i == 0:
528 if i == 0:
529 return v, t, p
529 return v, t, p
530 if i == 1:
530 if i == 1:
531 return q, v, p
531 return q, v, p
532 if i == 2:
532 if i == 2:
533 return p, v, t
533 return p, v, t
534 if i == 3:
534 if i == 3:
535 return p, q, v
535 return p, q, v
536 if i == 4:
536 if i == 4:
537 return t, p, v
537 return t, p, v
538 if i == 5:
538 if i == 5:
539 return v, p, q
539 return v, p, q
540
540
541
541
542 def unique_color_generator(n=10000, saturation=0.10, lightness=0.95):
542 def unique_color_generator(n=10000, saturation=0.10, lightness=0.95):
543 """
543 """
544 Generator for getting n of evenly distributed colors using
544 Generator for getting n of evenly distributed colors using
545 hsv color and golden ratio. It always return same order of colors
545 hsv color and golden ratio. It always return same order of colors
546
546
547 :param n: number of colors to generate
547 :param n: number of colors to generate
548 :param saturation: saturation of returned colors
548 :param saturation: saturation of returned colors
549 :param lightness: lightness of returned colors
549 :param lightness: lightness of returned colors
550 :returns: RGB tuple
550 :returns: RGB tuple
551 """
551 """
552
552
553 golden_ratio = 0.618033988749895
553 golden_ratio = 0.618033988749895
554 h = 0.22717784590367374
554 h = 0.22717784590367374
555
555
556 for _ in xrange(n):
556 for _ in xrange(n):
557 h += golden_ratio
557 h += golden_ratio
558 h %= 1
558 h %= 1
559 HSV_tuple = [h, saturation, lightness]
559 HSV_tuple = [h, saturation, lightness]
560 RGB_tuple = hsv_to_rgb(*HSV_tuple)
560 RGB_tuple = hsv_to_rgb(*HSV_tuple)
561 yield map(lambda x: str(int(x * 256)), RGB_tuple)
561 yield map(lambda x: str(int(x * 256)), RGB_tuple)
562
562
563
563
564 def color_hasher(n=10000, saturation=0.10, lightness=0.95):
564 def color_hasher(n=10000, saturation=0.10, lightness=0.95):
565 """
565 """
566 Returns a function which when called with an argument returns a unique
566 Returns a function which when called with an argument returns a unique
567 color for that argument, eg.
567 color for that argument, eg.
568
568
569 :param n: number of colors to generate
569 :param n: number of colors to generate
570 :param saturation: saturation of returned colors
570 :param saturation: saturation of returned colors
571 :param lightness: lightness of returned colors
571 :param lightness: lightness of returned colors
572 :returns: css RGB string
572 :returns: css RGB string
573
573
574 >>> color_hash = color_hasher()
574 >>> color_hash = color_hasher()
575 >>> color_hash('hello')
575 >>> color_hash('hello')
576 'rgb(34, 12, 59)'
576 'rgb(34, 12, 59)'
577 >>> color_hash('hello')
577 >>> color_hash('hello')
578 'rgb(34, 12, 59)'
578 'rgb(34, 12, 59)'
579 >>> color_hash('other')
579 >>> color_hash('other')
580 'rgb(90, 224, 159)'
580 'rgb(90, 224, 159)'
581 """
581 """
582
582
583 color_dict = {}
583 color_dict = {}
584 cgenerator = unique_color_generator(
584 cgenerator = unique_color_generator(
585 saturation=saturation, lightness=lightness)
585 saturation=saturation, lightness=lightness)
586
586
587 def get_color_string(thing):
587 def get_color_string(thing):
588 if thing in color_dict:
588 if thing in color_dict:
589 col = color_dict[thing]
589 col = color_dict[thing]
590 else:
590 else:
591 col = color_dict[thing] = cgenerator.next()
591 col = color_dict[thing] = cgenerator.next()
592 return "rgb(%s)" % (', '.join(col))
592 return "rgb(%s)" % (', '.join(col))
593
593
594 return get_color_string
594 return get_color_string
595
595
596
596
597 def get_lexer_safe(mimetype=None, filepath=None):
597 def get_lexer_safe(mimetype=None, filepath=None):
598 """
598 """
599 Tries to return a relevant pygments lexer using mimetype/filepath name,
599 Tries to return a relevant pygments lexer using mimetype/filepath name,
600 defaulting to plain text if none could be found
600 defaulting to plain text if none could be found
601 """
601 """
602 lexer = None
602 lexer = None
603 try:
603 try:
604 if mimetype:
604 if mimetype:
605 lexer = get_lexer_for_mimetype(mimetype)
605 lexer = get_lexer_for_mimetype(mimetype)
606 if not lexer:
606 if not lexer:
607 lexer = get_lexer_for_filename(filepath)
607 lexer = get_lexer_for_filename(filepath)
608 except pygments.util.ClassNotFound:
608 except pygments.util.ClassNotFound:
609 pass
609 pass
610
610
611 if not lexer:
611 if not lexer:
612 lexer = get_lexer_by_name('text')
612 lexer = get_lexer_by_name('text')
613
613
614 return lexer
614 return lexer
615
615
616
616
617 def get_lexer_for_filenode(filenode):
617 def get_lexer_for_filenode(filenode):
618 lexer = get_custom_lexer(filenode.extension) or filenode.lexer
618 lexer = get_custom_lexer(filenode.extension) or filenode.lexer
619 return lexer
619 return lexer
620
620
621
621
622 def pygmentize(filenode, **kwargs):
622 def pygmentize(filenode, **kwargs):
623 """
623 """
624 pygmentize function using pygments
624 pygmentize function using pygments
625
625
626 :param filenode:
626 :param filenode:
627 """
627 """
628 lexer = get_lexer_for_filenode(filenode)
628 lexer = get_lexer_for_filenode(filenode)
629 return literal(code_highlight(filenode.content, lexer,
629 return literal(code_highlight(filenode.content, lexer,
630 CodeHtmlFormatter(**kwargs)))
630 CodeHtmlFormatter(**kwargs)))
631
631
632
632
633 def is_following_repo(repo_name, user_id):
633 def is_following_repo(repo_name, user_id):
634 from rhodecode.model.scm import ScmModel
634 from rhodecode.model.scm import ScmModel
635 return ScmModel().is_following_repo(repo_name, user_id)
635 return ScmModel().is_following_repo(repo_name, user_id)
636
636
637
637
638 class _Message(object):
638 class _Message(object):
639 """A message returned by ``Flash.pop_messages()``.
639 """A message returned by ``Flash.pop_messages()``.
640
640
641 Converting the message to a string returns the message text. Instances
641 Converting the message to a string returns the message text. Instances
642 also have the following attributes:
642 also have the following attributes:
643
643
644 * ``message``: the message text.
644 * ``message``: the message text.
645 * ``category``: the category specified when the message was created.
645 * ``category``: the category specified when the message was created.
646 """
646 """
647
647
648 def __init__(self, category, message):
648 def __init__(self, category, message):
649 self.category = category
649 self.category = category
650 self.message = message
650 self.message = message
651
651
652 def __str__(self):
652 def __str__(self):
653 return self.message
653 return self.message
654
654
655 __unicode__ = __str__
655 __unicode__ = __str__
656
656
657 def __html__(self):
657 def __html__(self):
658 return escape(safe_unicode(self.message))
658 return escape(safe_unicode(self.message))
659
659
660
660
661 class Flash(_Flash):
661 class Flash(_Flash):
662
662
663 def pop_messages(self):
663 def pop_messages(self):
664 """Return all accumulated messages and delete them from the session.
664 """Return all accumulated messages and delete them from the session.
665
665
666 The return value is a list of ``Message`` objects.
666 The return value is a list of ``Message`` objects.
667 """
667 """
668 from pylons import session
668 from pylons import session
669
669
670 messages = []
670 messages = []
671
671
672 # Pop the 'old' pylons flash messages. They are tuples of the form
672 # Pop the 'old' pylons flash messages. They are tuples of the form
673 # (category, message)
673 # (category, message)
674 for cat, msg in session.pop(self.session_key, []):
674 for cat, msg in session.pop(self.session_key, []):
675 messages.append(_Message(cat, msg))
675 messages.append(_Message(cat, msg))
676
676
677 # Pop the 'new' pyramid flash messages for each category as list
677 # Pop the 'new' pyramid flash messages for each category as list
678 # of strings.
678 # of strings.
679 for cat in self.categories:
679 for cat in self.categories:
680 for msg in session.pop_flash(queue=cat):
680 for msg in session.pop_flash(queue=cat):
681 messages.append(_Message(cat, msg))
681 messages.append(_Message(cat, msg))
682 # Map messages from the default queue to the 'notice' category.
682 # Map messages from the default queue to the 'notice' category.
683 for msg in session.pop_flash():
683 for msg in session.pop_flash():
684 messages.append(_Message('notice', msg))
684 messages.append(_Message('notice', msg))
685
685
686 session.save()
686 session.save()
687 return messages
687 return messages
688
688
689 def json_alerts(self):
689 def json_alerts(self):
690 payloads = []
690 payloads = []
691 messages = flash.pop_messages()
691 messages = flash.pop_messages()
692 if messages:
692 if messages:
693 for message in messages:
693 for message in messages:
694 subdata = {}
694 subdata = {}
695 if hasattr(message.message, 'rsplit'):
695 if hasattr(message.message, 'rsplit'):
696 flash_data = message.message.rsplit('|DELIM|', 1)
696 flash_data = message.message.rsplit('|DELIM|', 1)
697 org_message = flash_data[0]
697 org_message = flash_data[0]
698 if len(flash_data) > 1:
698 if len(flash_data) > 1:
699 subdata = json.loads(flash_data[1])
699 subdata = json.loads(flash_data[1])
700 else:
700 else:
701 org_message = message.message
701 org_message = message.message
702 payloads.append({
702 payloads.append({
703 'message': {
703 'message': {
704 'message': u'{}'.format(org_message),
704 'message': u'{}'.format(org_message),
705 'level': message.category,
705 'level': message.category,
706 'force': True,
706 'force': True,
707 'subdata': subdata
707 'subdata': subdata
708 }
708 }
709 })
709 })
710 return json.dumps(payloads)
710 return json.dumps(payloads)
711
711
712 flash = Flash()
712 flash = Flash()
713
713
714 #==============================================================================
714 #==============================================================================
715 # SCM FILTERS available via h.
715 # SCM FILTERS available via h.
716 #==============================================================================
716 #==============================================================================
717 from rhodecode.lib.vcs.utils import author_name, author_email
717 from rhodecode.lib.vcs.utils import author_name, author_email
718 from rhodecode.lib.utils2 import credentials_filter, age as _age
718 from rhodecode.lib.utils2 import credentials_filter, age as _age
719 from rhodecode.model.db import User, ChangesetStatus
719 from rhodecode.model.db import User, ChangesetStatus
720
720
721 age = _age
721 age = _age
722 capitalize = lambda x: x.capitalize()
722 capitalize = lambda x: x.capitalize()
723 email = author_email
723 email = author_email
724 short_id = lambda x: x[:12]
724 short_id = lambda x: x[:12]
725 hide_credentials = lambda x: ''.join(credentials_filter(x))
725 hide_credentials = lambda x: ''.join(credentials_filter(x))
726
726
727
727
728 def age_component(datetime_iso, value=None, time_is_local=False):
728 def age_component(datetime_iso, value=None, time_is_local=False):
729 title = value or format_date(datetime_iso)
729 title = value or format_date(datetime_iso)
730 tzinfo = '+00:00'
730 tzinfo = '+00:00'
731
731
732 # detect if we have a timezone info, otherwise, add it
732 # detect if we have a timezone info, otherwise, add it
733 if isinstance(datetime_iso, datetime) and not datetime_iso.tzinfo:
733 if isinstance(datetime_iso, datetime) and not datetime_iso.tzinfo:
734 if time_is_local:
734 if time_is_local:
735 tzinfo = time.strftime("+%H:%M",
735 tzinfo = time.strftime("+%H:%M",
736 time.gmtime(
736 time.gmtime(
737 (datetime.now() - datetime.utcnow()).seconds + 1
737 (datetime.now() - datetime.utcnow()).seconds + 1
738 )
738 )
739 )
739 )
740
740
741 return literal(
741 return literal(
742 '<time class="timeago tooltip" '
742 '<time class="timeago tooltip" '
743 'title="{1}{2}" datetime="{0}{2}">{1}</time>'.format(
743 'title="{1}{2}" datetime="{0}{2}">{1}</time>'.format(
744 datetime_iso, title, tzinfo))
744 datetime_iso, title, tzinfo))
745
745
746
746
747 def _shorten_commit_id(commit_id):
747 def _shorten_commit_id(commit_id):
748 from rhodecode import CONFIG
748 from rhodecode import CONFIG
749 def_len = safe_int(CONFIG.get('rhodecode_show_sha_length', 12))
749 def_len = safe_int(CONFIG.get('rhodecode_show_sha_length', 12))
750 return commit_id[:def_len]
750 return commit_id[:def_len]
751
751
752
752
753 def show_id(commit):
753 def show_id(commit):
754 """
754 """
755 Configurable function that shows ID
755 Configurable function that shows ID
756 by default it's r123:fffeeefffeee
756 by default it's r123:fffeeefffeee
757
757
758 :param commit: commit instance
758 :param commit: commit instance
759 """
759 """
760 from rhodecode import CONFIG
760 from rhodecode import CONFIG
761 show_idx = str2bool(CONFIG.get('rhodecode_show_revision_number', True))
761 show_idx = str2bool(CONFIG.get('rhodecode_show_revision_number', True))
762
762
763 raw_id = _shorten_commit_id(commit.raw_id)
763 raw_id = _shorten_commit_id(commit.raw_id)
764 if show_idx:
764 if show_idx:
765 return 'r%s:%s' % (commit.idx, raw_id)
765 return 'r%s:%s' % (commit.idx, raw_id)
766 else:
766 else:
767 return '%s' % (raw_id, )
767 return '%s' % (raw_id, )
768
768
769
769
770 def format_date(date):
770 def format_date(date):
771 """
771 """
772 use a standardized formatting for dates used in RhodeCode
772 use a standardized formatting for dates used in RhodeCode
773
773
774 :param date: date/datetime object
774 :param date: date/datetime object
775 :return: formatted date
775 :return: formatted date
776 """
776 """
777
777
778 if date:
778 if date:
779 _fmt = "%a, %d %b %Y %H:%M:%S"
779 _fmt = "%a, %d %b %Y %H:%M:%S"
780 return safe_unicode(date.strftime(_fmt))
780 return safe_unicode(date.strftime(_fmt))
781
781
782 return u""
782 return u""
783
783
784
784
785 class _RepoChecker(object):
785 class _RepoChecker(object):
786
786
787 def __init__(self, backend_alias):
787 def __init__(self, backend_alias):
788 self._backend_alias = backend_alias
788 self._backend_alias = backend_alias
789
789
790 def __call__(self, repository):
790 def __call__(self, repository):
791 if hasattr(repository, 'alias'):
791 if hasattr(repository, 'alias'):
792 _type = repository.alias
792 _type = repository.alias
793 elif hasattr(repository, 'repo_type'):
793 elif hasattr(repository, 'repo_type'):
794 _type = repository.repo_type
794 _type = repository.repo_type
795 else:
795 else:
796 _type = repository
796 _type = repository
797 return _type == self._backend_alias
797 return _type == self._backend_alias
798
798
799 is_git = _RepoChecker('git')
799 is_git = _RepoChecker('git')
800 is_hg = _RepoChecker('hg')
800 is_hg = _RepoChecker('hg')
801 is_svn = _RepoChecker('svn')
801 is_svn = _RepoChecker('svn')
802
802
803
803
804 def get_repo_type_by_name(repo_name):
804 def get_repo_type_by_name(repo_name):
805 repo = Repository.get_by_repo_name(repo_name)
805 repo = Repository.get_by_repo_name(repo_name)
806 return repo.repo_type
806 return repo.repo_type
807
807
808
808
809 def is_svn_without_proxy(repository):
809 def is_svn_without_proxy(repository):
810 if is_svn(repository):
810 if is_svn(repository):
811 from rhodecode.model.settings import VcsSettingsModel
811 from rhodecode.model.settings import VcsSettingsModel
812 conf = VcsSettingsModel().get_ui_settings_as_config_obj()
812 conf = VcsSettingsModel().get_ui_settings_as_config_obj()
813 return not str2bool(conf.get('vcs_svn_proxy', 'http_requests_enabled'))
813 return not str2bool(conf.get('vcs_svn_proxy', 'http_requests_enabled'))
814 return False
814 return False
815
815
816
816
817 def discover_user(author):
817 def discover_user(author):
818 """
818 """
819 Tries to discover RhodeCode User based on the autho string. Author string
819 Tries to discover RhodeCode User based on the autho string. Author string
820 is typically `FirstName LastName <email@address.com>`
820 is typically `FirstName LastName <email@address.com>`
821 """
821 """
822
822
823 # if author is already an instance use it for extraction
823 # if author is already an instance use it for extraction
824 if isinstance(author, User):
824 if isinstance(author, User):
825 return author
825 return author
826
826
827 # Valid email in the attribute passed, see if they're in the system
827 # Valid email in the attribute passed, see if they're in the system
828 _email = author_email(author)
828 _email = author_email(author)
829 if _email != '':
829 if _email != '':
830 user = User.get_by_email(_email, case_insensitive=True, cache=True)
830 user = User.get_by_email(_email, case_insensitive=True, cache=True)
831 if user is not None:
831 if user is not None:
832 return user
832 return user
833
833
834 # Maybe it's a username, we try to extract it and fetch by username ?
834 # Maybe it's a username, we try to extract it and fetch by username ?
835 _author = author_name(author)
835 _author = author_name(author)
836 user = User.get_by_username(_author, case_insensitive=True, cache=True)
836 user = User.get_by_username(_author, case_insensitive=True, cache=True)
837 if user is not None:
837 if user is not None:
838 return user
838 return user
839
839
840 return None
840 return None
841
841
842
842
843 def email_or_none(author):
843 def email_or_none(author):
844 # extract email from the commit string
844 # extract email from the commit string
845 _email = author_email(author)
845 _email = author_email(author)
846
846
847 # If we have an email, use it, otherwise
847 # If we have an email, use it, otherwise
848 # see if it contains a username we can get an email from
848 # see if it contains a username we can get an email from
849 if _email != '':
849 if _email != '':
850 return _email
850 return _email
851 else:
851 else:
852 user = User.get_by_username(
852 user = User.get_by_username(
853 author_name(author), case_insensitive=True, cache=True)
853 author_name(author), case_insensitive=True, cache=True)
854
854
855 if user is not None:
855 if user is not None:
856 return user.email
856 return user.email
857
857
858 # No valid email, not a valid user in the system, none!
858 # No valid email, not a valid user in the system, none!
859 return None
859 return None
860
860
861
861
862 def link_to_user(author, length=0, **kwargs):
862 def link_to_user(author, length=0, **kwargs):
863 user = discover_user(author)
863 user = discover_user(author)
864 # user can be None, but if we have it already it means we can re-use it
864 # user can be None, but if we have it already it means we can re-use it
865 # in the person() function, so we save 1 intensive-query
865 # in the person() function, so we save 1 intensive-query
866 if user:
866 if user:
867 author = user
867 author = user
868
868
869 display_person = person(author, 'username_or_name_or_email')
869 display_person = person(author, 'username_or_name_or_email')
870 if length:
870 if length:
871 display_person = shorter(display_person, length)
871 display_person = shorter(display_person, length)
872
872
873 if user:
873 if user:
874 return link_to(
874 return link_to(
875 escape(display_person),
875 escape(display_person),
876 route_path('user_profile', username=user.username),
876 route_path('user_profile', username=user.username),
877 **kwargs)
877 **kwargs)
878 else:
878 else:
879 return escape(display_person)
879 return escape(display_person)
880
880
881
881
882 def person(author, show_attr="username_and_name"):
882 def person(author, show_attr="username_and_name"):
883 user = discover_user(author)
883 user = discover_user(author)
884 if user:
884 if user:
885 return getattr(user, show_attr)
885 return getattr(user, show_attr)
886 else:
886 else:
887 _author = author_name(author)
887 _author = author_name(author)
888 _email = email(author)
888 _email = email(author)
889 return _author or _email
889 return _author or _email
890
890
891
891
892 def author_string(email):
892 def author_string(email):
893 if email:
893 if email:
894 user = User.get_by_email(email, case_insensitive=True, cache=True)
894 user = User.get_by_email(email, case_insensitive=True, cache=True)
895 if user:
895 if user:
896 if user.firstname or user.lastname:
896 if user.first_name or user.last_name:
897 return '%s %s &lt;%s&gt;' % (
897 return '%s %s &lt;%s&gt;' % (
898 escape(user.firstname), escape(user.lastname), email)
898 user.first_name, user.last_name, email)
899 else:
899 else:
900 return email
900 return email
901 else:
901 else:
902 return email
902 return email
903 else:
903 else:
904 return None
904 return None
905
905
906
906
907 def person_by_id(id_, show_attr="username_and_name"):
907 def person_by_id(id_, show_attr="username_and_name"):
908 # attr to return from fetched user
908 # attr to return from fetched user
909 person_getter = lambda usr: getattr(usr, show_attr)
909 person_getter = lambda usr: getattr(usr, show_attr)
910
910
911 #maybe it's an ID ?
911 #maybe it's an ID ?
912 if str(id_).isdigit() or isinstance(id_, int):
912 if str(id_).isdigit() or isinstance(id_, int):
913 id_ = int(id_)
913 id_ = int(id_)
914 user = User.get(id_)
914 user = User.get(id_)
915 if user is not None:
915 if user is not None:
916 return person_getter(user)
916 return person_getter(user)
917 return id_
917 return id_
918
918
919
919
920 def gravatar_with_user(author, show_disabled=False):
920 def gravatar_with_user(author, show_disabled=False):
921 from rhodecode.lib.utils import PartialRenderer
921 from rhodecode.lib.utils import PartialRenderer
922 _render = PartialRenderer('base/base.mako')
922 _render = PartialRenderer('base/base.mako')
923 return _render('gravatar_with_user', author, show_disabled=show_disabled)
923 return _render('gravatar_with_user', author, show_disabled=show_disabled)
924
924
925
925
926 def desc_stylize(value):
926 def desc_stylize(value):
927 """
927 """
928 converts tags from value into html equivalent
928 converts tags from value into html equivalent
929
929
930 :param value:
930 :param value:
931 """
931 """
932 if not value:
932 if not value:
933 return ''
933 return ''
934
934
935 value = re.sub(r'\[see\ \=\>\ *([a-zA-Z0-9\/\=\?\&\ \:\/\.\-]*)\]',
935 value = re.sub(r'\[see\ \=\>\ *([a-zA-Z0-9\/\=\?\&\ \:\/\.\-]*)\]',
936 '<div class="metatag" tag="see">see =&gt; \\1 </div>', value)
936 '<div class="metatag" tag="see">see =&gt; \\1 </div>', value)
937 value = re.sub(r'\[license\ \=\>\ *([a-zA-Z0-9\/\=\?\&\ \:\/\.\-]*)\]',
937 value = re.sub(r'\[license\ \=\>\ *([a-zA-Z0-9\/\=\?\&\ \:\/\.\-]*)\]',
938 '<div class="metatag" tag="license"><a href="http:\/\/www.opensource.org/licenses/\\1">\\1</a></div>', value)
938 '<div class="metatag" tag="license"><a href="http:\/\/www.opensource.org/licenses/\\1">\\1</a></div>', value)
939 value = re.sub(r'\[(requires|recommends|conflicts|base)\ \=\>\ *([a-zA-Z0-9\-\/]*)\]',
939 value = re.sub(r'\[(requires|recommends|conflicts|base)\ \=\>\ *([a-zA-Z0-9\-\/]*)\]',
940 '<div class="metatag" tag="\\1">\\1 =&gt; <a href="/\\2">\\2</a></div>', value)
940 '<div class="metatag" tag="\\1">\\1 =&gt; <a href="/\\2">\\2</a></div>', value)
941 value = re.sub(r'\[(lang|language)\ \=\>\ *([a-zA-Z\-\/\#\+]*)\]',
941 value = re.sub(r'\[(lang|language)\ \=\>\ *([a-zA-Z\-\/\#\+]*)\]',
942 '<div class="metatag" tag="lang">\\2</div>', value)
942 '<div class="metatag" tag="lang">\\2</div>', value)
943 value = re.sub(r'\[([a-z]+)\]',
943 value = re.sub(r'\[([a-z]+)\]',
944 '<div class="metatag" tag="\\1">\\1</div>', value)
944 '<div class="metatag" tag="\\1">\\1</div>', value)
945
945
946 return value
946 return value
947
947
948
948
949 def escaped_stylize(value):
949 def escaped_stylize(value):
950 """
950 """
951 converts tags from value into html equivalent, but escaping its value first
951 converts tags from value into html equivalent, but escaping its value first
952 """
952 """
953 if not value:
953 if not value:
954 return ''
954 return ''
955
955
956 # Using default webhelper escape method, but has to force it as a
956 # Using default webhelper escape method, but has to force it as a
957 # plain unicode instead of a markup tag to be used in regex expressions
957 # plain unicode instead of a markup tag to be used in regex expressions
958 value = unicode(escape(safe_unicode(value)))
958 value = unicode(escape(safe_unicode(value)))
959
959
960 value = re.sub(r'\[see\ \=\&gt;\ *([a-zA-Z0-9\/\=\?\&amp;\ \:\/\.\-]*)\]',
960 value = re.sub(r'\[see\ \=\&gt;\ *([a-zA-Z0-9\/\=\?\&amp;\ \:\/\.\-]*)\]',
961 '<div class="metatag" tag="see">see =&gt; \\1 </div>', value)
961 '<div class="metatag" tag="see">see =&gt; \\1 </div>', value)
962 value = re.sub(r'\[license\ \=\&gt;\ *([a-zA-Z0-9\/\=\?\&amp;\ \:\/\.\-]*)\]',
962 value = re.sub(r'\[license\ \=\&gt;\ *([a-zA-Z0-9\/\=\?\&amp;\ \:\/\.\-]*)\]',
963 '<div class="metatag" tag="license"><a href="http:\/\/www.opensource.org/licenses/\\1">\\1</a></div>', value)
963 '<div class="metatag" tag="license"><a href="http:\/\/www.opensource.org/licenses/\\1">\\1</a></div>', value)
964 value = re.sub(r'\[(requires|recommends|conflicts|base)\ \=\&gt;\ *([a-zA-Z0-9\-\/]*)\]',
964 value = re.sub(r'\[(requires|recommends|conflicts|base)\ \=\&gt;\ *([a-zA-Z0-9\-\/]*)\]',
965 '<div class="metatag" tag="\\1">\\1 =&gt; <a href="/\\2">\\2</a></div>', value)
965 '<div class="metatag" tag="\\1">\\1 =&gt; <a href="/\\2">\\2</a></div>', value)
966 value = re.sub(r'\[(lang|language)\ \=\&gt;\ *([a-zA-Z\-\/\#\+]*)\]',
966 value = re.sub(r'\[(lang|language)\ \=\&gt;\ *([a-zA-Z\-\/\#\+]*)\]',
967 '<div class="metatag" tag="lang">\\2</div>', value)
967 '<div class="metatag" tag="lang">\\2</div>', value)
968 value = re.sub(r'\[([a-z]+)\]',
968 value = re.sub(r'\[([a-z]+)\]',
969 '<div class="metatag" tag="\\1">\\1</div>', value)
969 '<div class="metatag" tag="\\1">\\1</div>', value)
970
970
971 return value
971 return value
972
972
973
973
974 def bool2icon(value):
974 def bool2icon(value):
975 """
975 """
976 Returns boolean value of a given value, represented as html element with
976 Returns boolean value of a given value, represented as html element with
977 classes that will represent icons
977 classes that will represent icons
978
978
979 :param value: given value to convert to html node
979 :param value: given value to convert to html node
980 """
980 """
981
981
982 if value: # does bool conversion
982 if value: # does bool conversion
983 return HTML.tag('i', class_="icon-true")
983 return HTML.tag('i', class_="icon-true")
984 else: # not true as bool
984 else: # not true as bool
985 return HTML.tag('i', class_="icon-false")
985 return HTML.tag('i', class_="icon-false")
986
986
987
987
988 #==============================================================================
988 #==============================================================================
989 # PERMS
989 # PERMS
990 #==============================================================================
990 #==============================================================================
991 from rhodecode.lib.auth import HasPermissionAny, HasPermissionAll, \
991 from rhodecode.lib.auth import HasPermissionAny, HasPermissionAll, \
992 HasRepoPermissionAny, HasRepoPermissionAll, HasRepoGroupPermissionAll, \
992 HasRepoPermissionAny, HasRepoPermissionAll, HasRepoGroupPermissionAll, \
993 HasRepoGroupPermissionAny, HasRepoPermissionAnyApi, get_csrf_token, \
993 HasRepoGroupPermissionAny, HasRepoPermissionAnyApi, get_csrf_token, \
994 csrf_token_key
994 csrf_token_key
995
995
996
996
997 #==============================================================================
997 #==============================================================================
998 # GRAVATAR URL
998 # GRAVATAR URL
999 #==============================================================================
999 #==============================================================================
1000 class InitialsGravatar(object):
1000 class InitialsGravatar(object):
1001 def __init__(self, email_address, first_name, last_name, size=30,
1001 def __init__(self, email_address, first_name, last_name, size=30,
1002 background=None, text_color='#fff'):
1002 background=None, text_color='#fff'):
1003 self.size = size
1003 self.size = size
1004 self.first_name = first_name
1004 self.first_name = first_name
1005 self.last_name = last_name
1005 self.last_name = last_name
1006 self.email_address = email_address
1006 self.email_address = email_address
1007 self.background = background or self.str2color(email_address)
1007 self.background = background or self.str2color(email_address)
1008 self.text_color = text_color
1008 self.text_color = text_color
1009
1009
1010 def get_color_bank(self):
1010 def get_color_bank(self):
1011 """
1011 """
1012 returns a predefined list of colors that gravatars can use.
1012 returns a predefined list of colors that gravatars can use.
1013 Those are randomized distinct colors that guarantee readability and
1013 Those are randomized distinct colors that guarantee readability and
1014 uniqueness.
1014 uniqueness.
1015
1015
1016 generated with: http://phrogz.net/css/distinct-colors.html
1016 generated with: http://phrogz.net/css/distinct-colors.html
1017 """
1017 """
1018 return [
1018 return [
1019 '#bf3030', '#a67f53', '#00ff00', '#5989b3', '#392040', '#d90000',
1019 '#bf3030', '#a67f53', '#00ff00', '#5989b3', '#392040', '#d90000',
1020 '#402910', '#204020', '#79baf2', '#a700b3', '#bf6060', '#7f5320',
1020 '#402910', '#204020', '#79baf2', '#a700b3', '#bf6060', '#7f5320',
1021 '#008000', '#003059', '#ee00ff', '#ff0000', '#8c4b00', '#007300',
1021 '#008000', '#003059', '#ee00ff', '#ff0000', '#8c4b00', '#007300',
1022 '#005fb3', '#de73e6', '#ff4040', '#ffaa00', '#3df255', '#203140',
1022 '#005fb3', '#de73e6', '#ff4040', '#ffaa00', '#3df255', '#203140',
1023 '#47004d', '#591616', '#664400', '#59b365', '#0d2133', '#83008c',
1023 '#47004d', '#591616', '#664400', '#59b365', '#0d2133', '#83008c',
1024 '#592d2d', '#bf9f60', '#73e682', '#1d3f73', '#73006b', '#402020',
1024 '#592d2d', '#bf9f60', '#73e682', '#1d3f73', '#73006b', '#402020',
1025 '#b2862d', '#397341', '#597db3', '#e600d6', '#a60000', '#736039',
1025 '#b2862d', '#397341', '#597db3', '#e600d6', '#a60000', '#736039',
1026 '#00b318', '#79aaf2', '#330d30', '#ff8080', '#403010', '#16591f',
1026 '#00b318', '#79aaf2', '#330d30', '#ff8080', '#403010', '#16591f',
1027 '#002459', '#8c4688', '#e50000', '#ffbf40', '#00732e', '#102340',
1027 '#002459', '#8c4688', '#e50000', '#ffbf40', '#00732e', '#102340',
1028 '#bf60ac', '#8c4646', '#cc8800', '#00a642', '#1d3473', '#b32d98',
1028 '#bf60ac', '#8c4646', '#cc8800', '#00a642', '#1d3473', '#b32d98',
1029 '#660e00', '#ffd580', '#80ffb2', '#7391e6', '#733967', '#d97b6c',
1029 '#660e00', '#ffd580', '#80ffb2', '#7391e6', '#733967', '#d97b6c',
1030 '#8c5e00', '#59b389', '#3967e6', '#590047', '#73281d', '#665200',
1030 '#8c5e00', '#59b389', '#3967e6', '#590047', '#73281d', '#665200',
1031 '#00e67a', '#2d50b3', '#8c2377', '#734139', '#b2982d', '#16593a',
1031 '#00e67a', '#2d50b3', '#8c2377', '#734139', '#b2982d', '#16593a',
1032 '#001859', '#ff00aa', '#a65e53', '#ffcc00', '#0d3321', '#2d3959',
1032 '#001859', '#ff00aa', '#a65e53', '#ffcc00', '#0d3321', '#2d3959',
1033 '#731d56', '#401610', '#4c3d00', '#468c6c', '#002ca6', '#d936a3',
1033 '#731d56', '#401610', '#4c3d00', '#468c6c', '#002ca6', '#d936a3',
1034 '#d94c36', '#403920', '#36d9a3', '#0d1733', '#592d4a', '#993626',
1034 '#d94c36', '#403920', '#36d9a3', '#0d1733', '#592d4a', '#993626',
1035 '#cca300', '#00734d', '#46598c', '#8c005e', '#7f1100', '#8c7000',
1035 '#cca300', '#00734d', '#46598c', '#8c005e', '#7f1100', '#8c7000',
1036 '#00a66f', '#7382e6', '#b32d74', '#d9896c', '#ffe680', '#1d7362',
1036 '#00a66f', '#7382e6', '#b32d74', '#d9896c', '#ffe680', '#1d7362',
1037 '#364cd9', '#73003d', '#d93a00', '#998a4d', '#59b3a1', '#5965b3',
1037 '#364cd9', '#73003d', '#d93a00', '#998a4d', '#59b3a1', '#5965b3',
1038 '#e5007a', '#73341d', '#665f00', '#00b38f', '#0018b3', '#59163a',
1038 '#e5007a', '#73341d', '#665f00', '#00b38f', '#0018b3', '#59163a',
1039 '#b2502d', '#bfb960', '#00ffcc', '#23318c', '#a6537f', '#734939',
1039 '#b2502d', '#bfb960', '#00ffcc', '#23318c', '#a6537f', '#734939',
1040 '#b2a700', '#104036', '#3d3df2', '#402031', '#e56739', '#736f39',
1040 '#b2a700', '#104036', '#3d3df2', '#402031', '#e56739', '#736f39',
1041 '#79f2ea', '#000059', '#401029', '#4c1400', '#ffee00', '#005953',
1041 '#79f2ea', '#000059', '#401029', '#4c1400', '#ffee00', '#005953',
1042 '#101040', '#990052', '#402820', '#403d10', '#00ffee', '#0000d9',
1042 '#101040', '#990052', '#402820', '#403d10', '#00ffee', '#0000d9',
1043 '#ff80c4', '#a66953', '#eeff00', '#00ccbe', '#8080ff', '#e673a1',
1043 '#ff80c4', '#a66953', '#eeff00', '#00ccbe', '#8080ff', '#e673a1',
1044 '#a62c00', '#474d00', '#1a3331', '#46468c', '#733950', '#662900',
1044 '#a62c00', '#474d00', '#1a3331', '#46468c', '#733950', '#662900',
1045 '#858c23', '#238c85', '#0f0073', '#b20047', '#d9986c', '#becc00',
1045 '#858c23', '#238c85', '#0f0073', '#b20047', '#d9986c', '#becc00',
1046 '#396f73', '#281d73', '#ff0066', '#ff6600', '#dee673', '#59adb3',
1046 '#396f73', '#281d73', '#ff0066', '#ff6600', '#dee673', '#59adb3',
1047 '#6559b3', '#590024', '#b2622d', '#98b32d', '#36ced9', '#332d59',
1047 '#6559b3', '#590024', '#b2622d', '#98b32d', '#36ced9', '#332d59',
1048 '#40001a', '#733f1d', '#526600', '#005359', '#242040', '#bf6079',
1048 '#40001a', '#733f1d', '#526600', '#005359', '#242040', '#bf6079',
1049 '#735039', '#cef23d', '#007780', '#5630bf', '#66001b', '#b24700',
1049 '#735039', '#cef23d', '#007780', '#5630bf', '#66001b', '#b24700',
1050 '#acbf60', '#1d6273', '#25008c', '#731d34', '#a67453', '#50592d',
1050 '#acbf60', '#1d6273', '#25008c', '#731d34', '#a67453', '#50592d',
1051 '#00ccff', '#6600ff', '#ff0044', '#4c1f00', '#8a994d', '#79daf2',
1051 '#00ccff', '#6600ff', '#ff0044', '#4c1f00', '#8a994d', '#79daf2',
1052 '#a173e6', '#d93662', '#402310', '#aaff00', '#2d98b3', '#8c40ff',
1052 '#a173e6', '#d93662', '#402310', '#aaff00', '#2d98b3', '#8c40ff',
1053 '#592d39', '#ff8c40', '#354020', '#103640', '#1a0040', '#331a20',
1053 '#592d39', '#ff8c40', '#354020', '#103640', '#1a0040', '#331a20',
1054 '#331400', '#334d00', '#1d5673', '#583973', '#7f0022', '#4c3626',
1054 '#331400', '#334d00', '#1d5673', '#583973', '#7f0022', '#4c3626',
1055 '#88cc00', '#36a3d9', '#3d0073', '#d9364c', '#33241a', '#698c23',
1055 '#88cc00', '#36a3d9', '#3d0073', '#d9364c', '#33241a', '#698c23',
1056 '#5995b3', '#300059', '#e57382', '#7f3300', '#366600', '#00aaff',
1056 '#5995b3', '#300059', '#e57382', '#7f3300', '#366600', '#00aaff',
1057 '#3a1659', '#733941', '#663600', '#74b32d', '#003c59', '#7f53a6',
1057 '#3a1659', '#733941', '#663600', '#74b32d', '#003c59', '#7f53a6',
1058 '#73000f', '#ff8800', '#baf279', '#79caf2', '#291040', '#a6293a',
1058 '#73000f', '#ff8800', '#baf279', '#79caf2', '#291040', '#a6293a',
1059 '#b2742d', '#587339', '#0077b3', '#632699', '#400009', '#d9a66c',
1059 '#b2742d', '#587339', '#0077b3', '#632699', '#400009', '#d9a66c',
1060 '#294010', '#2d4a59', '#aa00ff', '#4c131b', '#b25f00', '#5ce600',
1060 '#294010', '#2d4a59', '#aa00ff', '#4c131b', '#b25f00', '#5ce600',
1061 '#267399', '#a336d9', '#990014', '#664e33', '#86bf60', '#0088ff',
1061 '#267399', '#a336d9', '#990014', '#664e33', '#86bf60', '#0088ff',
1062 '#7700b3', '#593a16', '#073300', '#1d4b73', '#ac60bf', '#e59539',
1062 '#7700b3', '#593a16', '#073300', '#1d4b73', '#ac60bf', '#e59539',
1063 '#4f8c46', '#368dd9', '#5c0073'
1063 '#4f8c46', '#368dd9', '#5c0073'
1064 ]
1064 ]
1065
1065
1066 def rgb_to_hex_color(self, rgb_tuple):
1066 def rgb_to_hex_color(self, rgb_tuple):
1067 """
1067 """
1068 Converts an rgb_tuple passed to an hex color.
1068 Converts an rgb_tuple passed to an hex color.
1069
1069
1070 :param rgb_tuple: tuple with 3 ints represents rgb color space
1070 :param rgb_tuple: tuple with 3 ints represents rgb color space
1071 """
1071 """
1072 return '#' + ("".join(map(chr, rgb_tuple)).encode('hex'))
1072 return '#' + ("".join(map(chr, rgb_tuple)).encode('hex'))
1073
1073
1074 def email_to_int_list(self, email_str):
1074 def email_to_int_list(self, email_str):
1075 """
1075 """
1076 Get every byte of the hex digest value of email and turn it to integer.
1076 Get every byte of the hex digest value of email and turn it to integer.
1077 It's going to be always between 0-255
1077 It's going to be always between 0-255
1078 """
1078 """
1079 digest = md5_safe(email_str.lower())
1079 digest = md5_safe(email_str.lower())
1080 return [int(digest[i * 2:i * 2 + 2], 16) for i in range(16)]
1080 return [int(digest[i * 2:i * 2 + 2], 16) for i in range(16)]
1081
1081
1082 def pick_color_bank_index(self, email_str, color_bank):
1082 def pick_color_bank_index(self, email_str, color_bank):
1083 return self.email_to_int_list(email_str)[0] % len(color_bank)
1083 return self.email_to_int_list(email_str)[0] % len(color_bank)
1084
1084
1085 def str2color(self, email_str):
1085 def str2color(self, email_str):
1086 """
1086 """
1087 Tries to map in a stable algorithm an email to color
1087 Tries to map in a stable algorithm an email to color
1088
1088
1089 :param email_str:
1089 :param email_str:
1090 """
1090 """
1091 color_bank = self.get_color_bank()
1091 color_bank = self.get_color_bank()
1092 # pick position (module it's length so we always find it in the
1092 # pick position (module it's length so we always find it in the
1093 # bank even if it's smaller than 256 values
1093 # bank even if it's smaller than 256 values
1094 pos = self.pick_color_bank_index(email_str, color_bank)
1094 pos = self.pick_color_bank_index(email_str, color_bank)
1095 return color_bank[pos]
1095 return color_bank[pos]
1096
1096
1097 def normalize_email(self, email_address):
1097 def normalize_email(self, email_address):
1098 import unicodedata
1098 import unicodedata
1099 # default host used to fill in the fake/missing email
1099 # default host used to fill in the fake/missing email
1100 default_host = u'localhost'
1100 default_host = u'localhost'
1101
1101
1102 if not email_address:
1102 if not email_address:
1103 email_address = u'%s@%s' % (User.DEFAULT_USER, default_host)
1103 email_address = u'%s@%s' % (User.DEFAULT_USER, default_host)
1104
1104
1105 email_address = safe_unicode(email_address)
1105 email_address = safe_unicode(email_address)
1106
1106
1107 if u'@' not in email_address:
1107 if u'@' not in email_address:
1108 email_address = u'%s@%s' % (email_address, default_host)
1108 email_address = u'%s@%s' % (email_address, default_host)
1109
1109
1110 if email_address.endswith(u'@'):
1110 if email_address.endswith(u'@'):
1111 email_address = u'%s%s' % (email_address, default_host)
1111 email_address = u'%s%s' % (email_address, default_host)
1112
1112
1113 email_address = unicodedata.normalize('NFKD', email_address)\
1113 email_address = unicodedata.normalize('NFKD', email_address)\
1114 .encode('ascii', 'ignore')
1114 .encode('ascii', 'ignore')
1115 return email_address
1115 return email_address
1116
1116
1117 def get_initials(self):
1117 def get_initials(self):
1118 """
1118 """
1119 Returns 2 letter initials calculated based on the input.
1119 Returns 2 letter initials calculated based on the input.
1120 The algorithm picks first given email address, and takes first letter
1120 The algorithm picks first given email address, and takes first letter
1121 of part before @, and then the first letter of server name. In case
1121 of part before @, and then the first letter of server name. In case
1122 the part before @ is in a format of `somestring.somestring2` it replaces
1122 the part before @ is in a format of `somestring.somestring2` it replaces
1123 the server letter with first letter of somestring2
1123 the server letter with first letter of somestring2
1124
1124
1125 In case function was initialized with both first and lastname, this
1125 In case function was initialized with both first and lastname, this
1126 overrides the extraction from email by first letter of the first and
1126 overrides the extraction from email by first letter of the first and
1127 last name. We add special logic to that functionality, In case Full name
1127 last name. We add special logic to that functionality, In case Full name
1128 is compound, like Guido Von Rossum, we use last part of the last name
1128 is compound, like Guido Von Rossum, we use last part of the last name
1129 (Von Rossum) picking `R`.
1129 (Von Rossum) picking `R`.
1130
1130
1131 Function also normalizes the non-ascii characters to they ascii
1131 Function also normalizes the non-ascii characters to they ascii
1132 representation, eg Ą => A
1132 representation, eg Ą => A
1133 """
1133 """
1134 import unicodedata
1134 import unicodedata
1135 # replace non-ascii to ascii
1135 # replace non-ascii to ascii
1136 first_name = unicodedata.normalize(
1136 first_name = unicodedata.normalize(
1137 'NFKD', safe_unicode(self.first_name)).encode('ascii', 'ignore')
1137 'NFKD', safe_unicode(self.first_name)).encode('ascii', 'ignore')
1138 last_name = unicodedata.normalize(
1138 last_name = unicodedata.normalize(
1139 'NFKD', safe_unicode(self.last_name)).encode('ascii', 'ignore')
1139 'NFKD', safe_unicode(self.last_name)).encode('ascii', 'ignore')
1140
1140
1141 # do NFKD encoding, and also make sure email has proper format
1141 # do NFKD encoding, and also make sure email has proper format
1142 email_address = self.normalize_email(self.email_address)
1142 email_address = self.normalize_email(self.email_address)
1143
1143
1144 # first push the email initials
1144 # first push the email initials
1145 prefix, server = email_address.split('@', 1)
1145 prefix, server = email_address.split('@', 1)
1146
1146
1147 # check if prefix is maybe a 'firstname.lastname' syntax
1147 # check if prefix is maybe a 'first_name.last_name' syntax
1148 _dot_split = prefix.rsplit('.', 1)
1148 _dot_split = prefix.rsplit('.', 1)
1149 if len(_dot_split) == 2:
1149 if len(_dot_split) == 2:
1150 initials = [_dot_split[0][0], _dot_split[1][0]]
1150 initials = [_dot_split[0][0], _dot_split[1][0]]
1151 else:
1151 else:
1152 initials = [prefix[0], server[0]]
1152 initials = [prefix[0], server[0]]
1153
1153
1154 # then try to replace either firtname or lastname
1154 # then try to replace either first_name or last_name
1155 fn_letter = (first_name or " ")[0].strip()
1155 fn_letter = (first_name or " ")[0].strip()
1156 ln_letter = (last_name.split(' ', 1)[-1] or " ")[0].strip()
1156 ln_letter = (last_name.split(' ', 1)[-1] or " ")[0].strip()
1157
1157
1158 if fn_letter:
1158 if fn_letter:
1159 initials[0] = fn_letter
1159 initials[0] = fn_letter
1160
1160
1161 if ln_letter:
1161 if ln_letter:
1162 initials[1] = ln_letter
1162 initials[1] = ln_letter
1163
1163
1164 return ''.join(initials).upper()
1164 return ''.join(initials).upper()
1165
1165
1166 def get_img_data_by_type(self, font_family, img_type):
1166 def get_img_data_by_type(self, font_family, img_type):
1167 default_user = """
1167 default_user = """
1168 <svg xmlns="http://www.w3.org/2000/svg"
1168 <svg xmlns="http://www.w3.org/2000/svg"
1169 version="1.1" x="0px" y="0px" width="{size}" height="{size}"
1169 version="1.1" x="0px" y="0px" width="{size}" height="{size}"
1170 viewBox="-15 -10 439.165 429.164"
1170 viewBox="-15 -10 439.165 429.164"
1171
1171
1172 xml:space="preserve"
1172 xml:space="preserve"
1173 style="background:{background};" >
1173 style="background:{background};" >
1174
1174
1175 <path d="M204.583,216.671c50.664,0,91.74-48.075,
1175 <path d="M204.583,216.671c50.664,0,91.74-48.075,
1176 91.74-107.378c0-82.237-41.074-107.377-91.74-107.377
1176 91.74-107.378c0-82.237-41.074-107.377-91.74-107.377
1177 c-50.668,0-91.74,25.14-91.74,107.377C112.844,
1177 c-50.668,0-91.74,25.14-91.74,107.377C112.844,
1178 168.596,153.916,216.671,
1178 168.596,153.916,216.671,
1179 204.583,216.671z" fill="{text_color}"/>
1179 204.583,216.671z" fill="{text_color}"/>
1180 <path d="M407.164,374.717L360.88,
1180 <path d="M407.164,374.717L360.88,
1181 270.454c-2.117-4.771-5.836-8.728-10.465-11.138l-71.83-37.392
1181 270.454c-2.117-4.771-5.836-8.728-10.465-11.138l-71.83-37.392
1182 c-1.584-0.823-3.502-0.663-4.926,0.415c-20.316,
1182 c-1.584-0.823-3.502-0.663-4.926,0.415c-20.316,
1183 15.366-44.203,23.488-69.076,23.488c-24.877,
1183 15.366-44.203,23.488-69.076,23.488c-24.877,
1184 0-48.762-8.122-69.078-23.488
1184 0-48.762-8.122-69.078-23.488
1185 c-1.428-1.078-3.346-1.238-4.93-0.415L58.75,
1185 c-1.428-1.078-3.346-1.238-4.93-0.415L58.75,
1186 259.316c-4.631,2.41-8.346,6.365-10.465,11.138L2.001,374.717
1186 259.316c-4.631,2.41-8.346,6.365-10.465,11.138L2.001,374.717
1187 c-3.191,7.188-2.537,15.412,1.75,22.005c4.285,
1187 c-3.191,7.188-2.537,15.412,1.75,22.005c4.285,
1188 6.592,11.537,10.526,19.4,10.526h362.861c7.863,0,15.117-3.936,
1188 6.592,11.537,10.526,19.4,10.526h362.861c7.863,0,15.117-3.936,
1189 19.402-10.527 C409.699,390.129,
1189 19.402-10.527 C409.699,390.129,
1190 410.355,381.902,407.164,374.717z" fill="{text_color}"/>
1190 410.355,381.902,407.164,374.717z" fill="{text_color}"/>
1191 </svg>""".format(
1191 </svg>""".format(
1192 size=self.size,
1192 size=self.size,
1193 background='#979797', # @grey4
1193 background='#979797', # @grey4
1194 text_color=self.text_color,
1194 text_color=self.text_color,
1195 font_family=font_family)
1195 font_family=font_family)
1196
1196
1197 return {
1197 return {
1198 "default_user": default_user
1198 "default_user": default_user
1199 }[img_type]
1199 }[img_type]
1200
1200
1201 def get_img_data(self, svg_type=None):
1201 def get_img_data(self, svg_type=None):
1202 """
1202 """
1203 generates the svg metadata for image
1203 generates the svg metadata for image
1204 """
1204 """
1205
1205
1206 font_family = ','.join([
1206 font_family = ','.join([
1207 'proximanovaregular',
1207 'proximanovaregular',
1208 'Proxima Nova Regular',
1208 'Proxima Nova Regular',
1209 'Proxima Nova',
1209 'Proxima Nova',
1210 'Arial',
1210 'Arial',
1211 'Lucida Grande',
1211 'Lucida Grande',
1212 'sans-serif'
1212 'sans-serif'
1213 ])
1213 ])
1214 if svg_type:
1214 if svg_type:
1215 return self.get_img_data_by_type(font_family, svg_type)
1215 return self.get_img_data_by_type(font_family, svg_type)
1216
1216
1217 initials = self.get_initials()
1217 initials = self.get_initials()
1218 img_data = """
1218 img_data = """
1219 <svg xmlns="http://www.w3.org/2000/svg" pointer-events="none"
1219 <svg xmlns="http://www.w3.org/2000/svg" pointer-events="none"
1220 width="{size}" height="{size}"
1220 width="{size}" height="{size}"
1221 style="width: 100%; height: 100%; background-color: {background}"
1221 style="width: 100%; height: 100%; background-color: {background}"
1222 viewBox="0 0 {size} {size}">
1222 viewBox="0 0 {size} {size}">
1223 <text text-anchor="middle" y="50%" x="50%" dy="0.35em"
1223 <text text-anchor="middle" y="50%" x="50%" dy="0.35em"
1224 pointer-events="auto" fill="{text_color}"
1224 pointer-events="auto" fill="{text_color}"
1225 font-family="{font_family}"
1225 font-family="{font_family}"
1226 style="font-weight: 400; font-size: {f_size}px;">{text}
1226 style="font-weight: 400; font-size: {f_size}px;">{text}
1227 </text>
1227 </text>
1228 </svg>""".format(
1228 </svg>""".format(
1229 size=self.size,
1229 size=self.size,
1230 f_size=self.size/1.85, # scale the text inside the box nicely
1230 f_size=self.size/1.85, # scale the text inside the box nicely
1231 background=self.background,
1231 background=self.background,
1232 text_color=self.text_color,
1232 text_color=self.text_color,
1233 text=initials.upper(),
1233 text=initials.upper(),
1234 font_family=font_family)
1234 font_family=font_family)
1235
1235
1236 return img_data
1236 return img_data
1237
1237
1238 def generate_svg(self, svg_type=None):
1238 def generate_svg(self, svg_type=None):
1239 img_data = self.get_img_data(svg_type)
1239 img_data = self.get_img_data(svg_type)
1240 return "data:image/svg+xml;base64,%s" % img_data.encode('base64')
1240 return "data:image/svg+xml;base64,%s" % img_data.encode('base64')
1241
1241
1242
1242
1243 def initials_gravatar(email_address, first_name, last_name, size=30):
1243 def initials_gravatar(email_address, first_name, last_name, size=30):
1244 svg_type = None
1244 svg_type = None
1245 if email_address == User.DEFAULT_USER_EMAIL:
1245 if email_address == User.DEFAULT_USER_EMAIL:
1246 svg_type = 'default_user'
1246 svg_type = 'default_user'
1247 klass = InitialsGravatar(email_address, first_name, last_name, size)
1247 klass = InitialsGravatar(email_address, first_name, last_name, size)
1248 return klass.generate_svg(svg_type=svg_type)
1248 return klass.generate_svg(svg_type=svg_type)
1249
1249
1250
1250
1251 def gravatar_url(email_address, size=30, request=None):
1251 def gravatar_url(email_address, size=30, request=None):
1252 request = get_current_request()
1252 request = get_current_request()
1253 if request and hasattr(request, 'call_context'):
1253 if request and hasattr(request, 'call_context'):
1254 _use_gravatar = request.call_context.visual.use_gravatar
1254 _use_gravatar = request.call_context.visual.use_gravatar
1255 _gravatar_url = request.call_context.visual.gravatar_url
1255 _gravatar_url = request.call_context.visual.gravatar_url
1256 else:
1256 else:
1257 # doh, we need to re-import those to mock it later
1257 # doh, we need to re-import those to mock it later
1258 from pylons import tmpl_context as c
1258 from pylons import tmpl_context as c
1259
1259
1260 _use_gravatar = c.visual.use_gravatar
1260 _use_gravatar = c.visual.use_gravatar
1261 _gravatar_url = c.visual.gravatar_url
1261 _gravatar_url = c.visual.gravatar_url
1262
1262
1263 _gravatar_url = _gravatar_url or User.DEFAULT_GRAVATAR_URL
1263 _gravatar_url = _gravatar_url or User.DEFAULT_GRAVATAR_URL
1264
1264
1265 email_address = email_address or User.DEFAULT_USER_EMAIL
1265 email_address = email_address or User.DEFAULT_USER_EMAIL
1266 if isinstance(email_address, unicode):
1266 if isinstance(email_address, unicode):
1267 # hashlib crashes on unicode items
1267 # hashlib crashes on unicode items
1268 email_address = safe_str(email_address)
1268 email_address = safe_str(email_address)
1269
1269
1270 # empty email or default user
1270 # empty email or default user
1271 if not email_address or email_address == User.DEFAULT_USER_EMAIL:
1271 if not email_address or email_address == User.DEFAULT_USER_EMAIL:
1272 return initials_gravatar(User.DEFAULT_USER_EMAIL, '', '', size=size)
1272 return initials_gravatar(User.DEFAULT_USER_EMAIL, '', '', size=size)
1273
1273
1274 if _use_gravatar:
1274 if _use_gravatar:
1275 # TODO: Disuse pyramid thread locals. Think about another solution to
1275 # TODO: Disuse pyramid thread locals. Think about another solution to
1276 # get the host and schema here.
1276 # get the host and schema here.
1277 request = get_current_request()
1277 request = get_current_request()
1278 tmpl = safe_str(_gravatar_url)
1278 tmpl = safe_str(_gravatar_url)
1279 tmpl = tmpl.replace('{email}', email_address)\
1279 tmpl = tmpl.replace('{email}', email_address)\
1280 .replace('{md5email}', md5_safe(email_address.lower())) \
1280 .replace('{md5email}', md5_safe(email_address.lower())) \
1281 .replace('{netloc}', request.host)\
1281 .replace('{netloc}', request.host)\
1282 .replace('{scheme}', request.scheme)\
1282 .replace('{scheme}', request.scheme)\
1283 .replace('{size}', safe_str(size))
1283 .replace('{size}', safe_str(size))
1284 return tmpl
1284 return tmpl
1285 else:
1285 else:
1286 return initials_gravatar(email_address, '', '', size=size)
1286 return initials_gravatar(email_address, '', '', size=size)
1287
1287
1288
1288
1289 class Page(_Page):
1289 class Page(_Page):
1290 """
1290 """
1291 Custom pager to match rendering style with paginator
1291 Custom pager to match rendering style with paginator
1292 """
1292 """
1293
1293
1294 def _get_pos(self, cur_page, max_page, items):
1294 def _get_pos(self, cur_page, max_page, items):
1295 edge = (items / 2) + 1
1295 edge = (items / 2) + 1
1296 if (cur_page <= edge):
1296 if (cur_page <= edge):
1297 radius = max(items / 2, items - cur_page)
1297 radius = max(items / 2, items - cur_page)
1298 elif (max_page - cur_page) < edge:
1298 elif (max_page - cur_page) < edge:
1299 radius = (items - 1) - (max_page - cur_page)
1299 radius = (items - 1) - (max_page - cur_page)
1300 else:
1300 else:
1301 radius = items / 2
1301 radius = items / 2
1302
1302
1303 left = max(1, (cur_page - (radius)))
1303 left = max(1, (cur_page - (radius)))
1304 right = min(max_page, cur_page + (radius))
1304 right = min(max_page, cur_page + (radius))
1305 return left, cur_page, right
1305 return left, cur_page, right
1306
1306
1307 def _range(self, regexp_match):
1307 def _range(self, regexp_match):
1308 """
1308 """
1309 Return range of linked pages (e.g. '1 2 [3] 4 5 6 7 8').
1309 Return range of linked pages (e.g. '1 2 [3] 4 5 6 7 8').
1310
1310
1311 Arguments:
1311 Arguments:
1312
1312
1313 regexp_match
1313 regexp_match
1314 A "re" (regular expressions) match object containing the
1314 A "re" (regular expressions) match object containing the
1315 radius of linked pages around the current page in
1315 radius of linked pages around the current page in
1316 regexp_match.group(1) as a string
1316 regexp_match.group(1) as a string
1317
1317
1318 This function is supposed to be called as a callable in
1318 This function is supposed to be called as a callable in
1319 re.sub.
1319 re.sub.
1320
1320
1321 """
1321 """
1322 radius = int(regexp_match.group(1))
1322 radius = int(regexp_match.group(1))
1323
1323
1324 # Compute the first and last page number within the radius
1324 # Compute the first and last page number within the radius
1325 # e.g. '1 .. 5 6 [7] 8 9 .. 12'
1325 # e.g. '1 .. 5 6 [7] 8 9 .. 12'
1326 # -> leftmost_page = 5
1326 # -> leftmost_page = 5
1327 # -> rightmost_page = 9
1327 # -> rightmost_page = 9
1328 leftmost_page, _cur, rightmost_page = self._get_pos(self.page,
1328 leftmost_page, _cur, rightmost_page = self._get_pos(self.page,
1329 self.last_page,
1329 self.last_page,
1330 (radius * 2) + 1)
1330 (radius * 2) + 1)
1331 nav_items = []
1331 nav_items = []
1332
1332
1333 # Create a link to the first page (unless we are on the first page
1333 # Create a link to the first page (unless we are on the first page
1334 # or there would be no need to insert '..' spacers)
1334 # or there would be no need to insert '..' spacers)
1335 if self.page != self.first_page and self.first_page < leftmost_page:
1335 if self.page != self.first_page and self.first_page < leftmost_page:
1336 nav_items.append(self._pagerlink(self.first_page, self.first_page))
1336 nav_items.append(self._pagerlink(self.first_page, self.first_page))
1337
1337
1338 # Insert dots if there are pages between the first page
1338 # Insert dots if there are pages between the first page
1339 # and the currently displayed page range
1339 # and the currently displayed page range
1340 if leftmost_page - self.first_page > 1:
1340 if leftmost_page - self.first_page > 1:
1341 # Wrap in a SPAN tag if nolink_attr is set
1341 # Wrap in a SPAN tag if nolink_attr is set
1342 text = '..'
1342 text = '..'
1343 if self.dotdot_attr:
1343 if self.dotdot_attr:
1344 text = HTML.span(c=text, **self.dotdot_attr)
1344 text = HTML.span(c=text, **self.dotdot_attr)
1345 nav_items.append(text)
1345 nav_items.append(text)
1346
1346
1347 for thispage in xrange(leftmost_page, rightmost_page + 1):
1347 for thispage in xrange(leftmost_page, rightmost_page + 1):
1348 # Hilight the current page number and do not use a link
1348 # Hilight the current page number and do not use a link
1349 if thispage == self.page:
1349 if thispage == self.page:
1350 text = '%s' % (thispage,)
1350 text = '%s' % (thispage,)
1351 # Wrap in a SPAN tag if nolink_attr is set
1351 # Wrap in a SPAN tag if nolink_attr is set
1352 if self.curpage_attr:
1352 if self.curpage_attr:
1353 text = HTML.span(c=text, **self.curpage_attr)
1353 text = HTML.span(c=text, **self.curpage_attr)
1354 nav_items.append(text)
1354 nav_items.append(text)
1355 # Otherwise create just a link to that page
1355 # Otherwise create just a link to that page
1356 else:
1356 else:
1357 text = '%s' % (thispage,)
1357 text = '%s' % (thispage,)
1358 nav_items.append(self._pagerlink(thispage, text))
1358 nav_items.append(self._pagerlink(thispage, text))
1359
1359
1360 # Insert dots if there are pages between the displayed
1360 # Insert dots if there are pages between the displayed
1361 # page numbers and the end of the page range
1361 # page numbers and the end of the page range
1362 if self.last_page - rightmost_page > 1:
1362 if self.last_page - rightmost_page > 1:
1363 text = '..'
1363 text = '..'
1364 # Wrap in a SPAN tag if nolink_attr is set
1364 # Wrap in a SPAN tag if nolink_attr is set
1365 if self.dotdot_attr:
1365 if self.dotdot_attr:
1366 text = HTML.span(c=text, **self.dotdot_attr)
1366 text = HTML.span(c=text, **self.dotdot_attr)
1367 nav_items.append(text)
1367 nav_items.append(text)
1368
1368
1369 # Create a link to the very last page (unless we are on the last
1369 # Create a link to the very last page (unless we are on the last
1370 # page or there would be no need to insert '..' spacers)
1370 # page or there would be no need to insert '..' spacers)
1371 if self.page != self.last_page and rightmost_page < self.last_page:
1371 if self.page != self.last_page and rightmost_page < self.last_page:
1372 nav_items.append(self._pagerlink(self.last_page, self.last_page))
1372 nav_items.append(self._pagerlink(self.last_page, self.last_page))
1373
1373
1374 ## prerender links
1374 ## prerender links
1375 #_page_link = url.current()
1375 #_page_link = url.current()
1376 #nav_items.append(literal('<link rel="prerender" href="%s?page=%s">' % (_page_link, str(int(self.page)+1))))
1376 #nav_items.append(literal('<link rel="prerender" href="%s?page=%s">' % (_page_link, str(int(self.page)+1))))
1377 #nav_items.append(literal('<link rel="prefetch" href="%s?page=%s">' % (_page_link, str(int(self.page)+1))))
1377 #nav_items.append(literal('<link rel="prefetch" href="%s?page=%s">' % (_page_link, str(int(self.page)+1))))
1378 return self.separator.join(nav_items)
1378 return self.separator.join(nav_items)
1379
1379
1380 def pager(self, format='~2~', page_param='page', partial_param='partial',
1380 def pager(self, format='~2~', page_param='page', partial_param='partial',
1381 show_if_single_page=False, separator=' ', onclick=None,
1381 show_if_single_page=False, separator=' ', onclick=None,
1382 symbol_first='<<', symbol_last='>>',
1382 symbol_first='<<', symbol_last='>>',
1383 symbol_previous='<', symbol_next='>',
1383 symbol_previous='<', symbol_next='>',
1384 link_attr={'class': 'pager_link', 'rel': 'prerender'},
1384 link_attr={'class': 'pager_link', 'rel': 'prerender'},
1385 curpage_attr={'class': 'pager_curpage'},
1385 curpage_attr={'class': 'pager_curpage'},
1386 dotdot_attr={'class': 'pager_dotdot'}, **kwargs):
1386 dotdot_attr={'class': 'pager_dotdot'}, **kwargs):
1387
1387
1388 self.curpage_attr = curpage_attr
1388 self.curpage_attr = curpage_attr
1389 self.separator = separator
1389 self.separator = separator
1390 self.pager_kwargs = kwargs
1390 self.pager_kwargs = kwargs
1391 self.page_param = page_param
1391 self.page_param = page_param
1392 self.partial_param = partial_param
1392 self.partial_param = partial_param
1393 self.onclick = onclick
1393 self.onclick = onclick
1394 self.link_attr = link_attr
1394 self.link_attr = link_attr
1395 self.dotdot_attr = dotdot_attr
1395 self.dotdot_attr = dotdot_attr
1396
1396
1397 # Don't show navigator if there is no more than one page
1397 # Don't show navigator if there is no more than one page
1398 if self.page_count == 0 or (self.page_count == 1 and not show_if_single_page):
1398 if self.page_count == 0 or (self.page_count == 1 and not show_if_single_page):
1399 return ''
1399 return ''
1400
1400
1401 from string import Template
1401 from string import Template
1402 # Replace ~...~ in token format by range of pages
1402 # Replace ~...~ in token format by range of pages
1403 result = re.sub(r'~(\d+)~', self._range, format)
1403 result = re.sub(r'~(\d+)~', self._range, format)
1404
1404
1405 # Interpolate '%' variables
1405 # Interpolate '%' variables
1406 result = Template(result).safe_substitute({
1406 result = Template(result).safe_substitute({
1407 'first_page': self.first_page,
1407 'first_page': self.first_page,
1408 'last_page': self.last_page,
1408 'last_page': self.last_page,
1409 'page': self.page,
1409 'page': self.page,
1410 'page_count': self.page_count,
1410 'page_count': self.page_count,
1411 'items_per_page': self.items_per_page,
1411 'items_per_page': self.items_per_page,
1412 'first_item': self.first_item,
1412 'first_item': self.first_item,
1413 'last_item': self.last_item,
1413 'last_item': self.last_item,
1414 'item_count': self.item_count,
1414 'item_count': self.item_count,
1415 'link_first': self.page > self.first_page and \
1415 'link_first': self.page > self.first_page and \
1416 self._pagerlink(self.first_page, symbol_first) or '',
1416 self._pagerlink(self.first_page, symbol_first) or '',
1417 'link_last': self.page < self.last_page and \
1417 'link_last': self.page < self.last_page and \
1418 self._pagerlink(self.last_page, symbol_last) or '',
1418 self._pagerlink(self.last_page, symbol_last) or '',
1419 'link_previous': self.previous_page and \
1419 'link_previous': self.previous_page and \
1420 self._pagerlink(self.previous_page, symbol_previous) \
1420 self._pagerlink(self.previous_page, symbol_previous) \
1421 or HTML.span(symbol_previous, class_="pg-previous disabled"),
1421 or HTML.span(symbol_previous, class_="pg-previous disabled"),
1422 'link_next': self.next_page and \
1422 'link_next': self.next_page and \
1423 self._pagerlink(self.next_page, symbol_next) \
1423 self._pagerlink(self.next_page, symbol_next) \
1424 or HTML.span(symbol_next, class_="pg-next disabled")
1424 or HTML.span(symbol_next, class_="pg-next disabled")
1425 })
1425 })
1426
1426
1427 return literal(result)
1427 return literal(result)
1428
1428
1429
1429
1430 #==============================================================================
1430 #==============================================================================
1431 # REPO PAGER, PAGER FOR REPOSITORY
1431 # REPO PAGER, PAGER FOR REPOSITORY
1432 #==============================================================================
1432 #==============================================================================
1433 class RepoPage(Page):
1433 class RepoPage(Page):
1434
1434
1435 def __init__(self, collection, page=1, items_per_page=20,
1435 def __init__(self, collection, page=1, items_per_page=20,
1436 item_count=None, url=None, **kwargs):
1436 item_count=None, url=None, **kwargs):
1437
1437
1438 """Create a "RepoPage" instance. special pager for paging
1438 """Create a "RepoPage" instance. special pager for paging
1439 repository
1439 repository
1440 """
1440 """
1441 self._url_generator = url
1441 self._url_generator = url
1442
1442
1443 # Safe the kwargs class-wide so they can be used in the pager() method
1443 # Safe the kwargs class-wide so they can be used in the pager() method
1444 self.kwargs = kwargs
1444 self.kwargs = kwargs
1445
1445
1446 # Save a reference to the collection
1446 # Save a reference to the collection
1447 self.original_collection = collection
1447 self.original_collection = collection
1448
1448
1449 self.collection = collection
1449 self.collection = collection
1450
1450
1451 # The self.page is the number of the current page.
1451 # The self.page is the number of the current page.
1452 # The first page has the number 1!
1452 # The first page has the number 1!
1453 try:
1453 try:
1454 self.page = int(page) # make it int() if we get it as a string
1454 self.page = int(page) # make it int() if we get it as a string
1455 except (ValueError, TypeError):
1455 except (ValueError, TypeError):
1456 self.page = 1
1456 self.page = 1
1457
1457
1458 self.items_per_page = items_per_page
1458 self.items_per_page = items_per_page
1459
1459
1460 # Unless the user tells us how many items the collections has
1460 # Unless the user tells us how many items the collections has
1461 # we calculate that ourselves.
1461 # we calculate that ourselves.
1462 if item_count is not None:
1462 if item_count is not None:
1463 self.item_count = item_count
1463 self.item_count = item_count
1464 else:
1464 else:
1465 self.item_count = len(self.collection)
1465 self.item_count = len(self.collection)
1466
1466
1467 # Compute the number of the first and last available page
1467 # Compute the number of the first and last available page
1468 if self.item_count > 0:
1468 if self.item_count > 0:
1469 self.first_page = 1
1469 self.first_page = 1
1470 self.page_count = int(math.ceil(float(self.item_count) /
1470 self.page_count = int(math.ceil(float(self.item_count) /
1471 self.items_per_page))
1471 self.items_per_page))
1472 self.last_page = self.first_page + self.page_count - 1
1472 self.last_page = self.first_page + self.page_count - 1
1473
1473
1474 # Make sure that the requested page number is the range of
1474 # Make sure that the requested page number is the range of
1475 # valid pages
1475 # valid pages
1476 if self.page > self.last_page:
1476 if self.page > self.last_page:
1477 self.page = self.last_page
1477 self.page = self.last_page
1478 elif self.page < self.first_page:
1478 elif self.page < self.first_page:
1479 self.page = self.first_page
1479 self.page = self.first_page
1480
1480
1481 # Note: the number of items on this page can be less than
1481 # Note: the number of items on this page can be less than
1482 # items_per_page if the last page is not full
1482 # items_per_page if the last page is not full
1483 self.first_item = max(0, (self.item_count) - (self.page *
1483 self.first_item = max(0, (self.item_count) - (self.page *
1484 items_per_page))
1484 items_per_page))
1485 self.last_item = ((self.item_count - 1) - items_per_page *
1485 self.last_item = ((self.item_count - 1) - items_per_page *
1486 (self.page - 1))
1486 (self.page - 1))
1487
1487
1488 self.items = list(self.collection[self.first_item:self.last_item + 1])
1488 self.items = list(self.collection[self.first_item:self.last_item + 1])
1489
1489
1490 # Links to previous and next page
1490 # Links to previous and next page
1491 if self.page > self.first_page:
1491 if self.page > self.first_page:
1492 self.previous_page = self.page - 1
1492 self.previous_page = self.page - 1
1493 else:
1493 else:
1494 self.previous_page = None
1494 self.previous_page = None
1495
1495
1496 if self.page < self.last_page:
1496 if self.page < self.last_page:
1497 self.next_page = self.page + 1
1497 self.next_page = self.page + 1
1498 else:
1498 else:
1499 self.next_page = None
1499 self.next_page = None
1500
1500
1501 # No items available
1501 # No items available
1502 else:
1502 else:
1503 self.first_page = None
1503 self.first_page = None
1504 self.page_count = 0
1504 self.page_count = 0
1505 self.last_page = None
1505 self.last_page = None
1506 self.first_item = None
1506 self.first_item = None
1507 self.last_item = None
1507 self.last_item = None
1508 self.previous_page = None
1508 self.previous_page = None
1509 self.next_page = None
1509 self.next_page = None
1510 self.items = []
1510 self.items = []
1511
1511
1512 # This is a subclass of the 'list' type. Initialise the list now.
1512 # This is a subclass of the 'list' type. Initialise the list now.
1513 list.__init__(self, reversed(self.items))
1513 list.__init__(self, reversed(self.items))
1514
1514
1515
1515
1516 def changed_tooltip(nodes):
1516 def changed_tooltip(nodes):
1517 """
1517 """
1518 Generates a html string for changed nodes in commit page.
1518 Generates a html string for changed nodes in commit page.
1519 It limits the output to 30 entries
1519 It limits the output to 30 entries
1520
1520
1521 :param nodes: LazyNodesGenerator
1521 :param nodes: LazyNodesGenerator
1522 """
1522 """
1523 if nodes:
1523 if nodes:
1524 pref = ': <br/> '
1524 pref = ': <br/> '
1525 suf = ''
1525 suf = ''
1526 if len(nodes) > 30:
1526 if len(nodes) > 30:
1527 suf = '<br/>' + _(' and %s more') % (len(nodes) - 30)
1527 suf = '<br/>' + _(' and %s more') % (len(nodes) - 30)
1528 return literal(pref + '<br/> '.join([safe_unicode(x.path)
1528 return literal(pref + '<br/> '.join([safe_unicode(x.path)
1529 for x in nodes[:30]]) + suf)
1529 for x in nodes[:30]]) + suf)
1530 else:
1530 else:
1531 return ': ' + _('No Files')
1531 return ': ' + _('No Files')
1532
1532
1533
1533
1534 def breadcrumb_repo_link(repo):
1534 def breadcrumb_repo_link(repo):
1535 """
1535 """
1536 Makes a breadcrumbs path link to repo
1536 Makes a breadcrumbs path link to repo
1537
1537
1538 ex::
1538 ex::
1539 group >> subgroup >> repo
1539 group >> subgroup >> repo
1540
1540
1541 :param repo: a Repository instance
1541 :param repo: a Repository instance
1542 """
1542 """
1543
1543
1544 path = [
1544 path = [
1545 link_to(group.name, route_path('repo_group_home', repo_group_name=group.group_name))
1545 link_to(group.name, route_path('repo_group_home', repo_group_name=group.group_name))
1546 for group in repo.groups_with_parents
1546 for group in repo.groups_with_parents
1547 ] + [
1547 ] + [
1548 link_to(repo.just_name, route_path('repo_summary', repo_name=repo.repo_name))
1548 link_to(repo.just_name, route_path('repo_summary', repo_name=repo.repo_name))
1549 ]
1549 ]
1550
1550
1551 return literal(' &raquo; '.join(path))
1551 return literal(' &raquo; '.join(path))
1552
1552
1553
1553
1554 def format_byte_size_binary(file_size):
1554 def format_byte_size_binary(file_size):
1555 """
1555 """
1556 Formats file/folder sizes to standard.
1556 Formats file/folder sizes to standard.
1557 """
1557 """
1558 formatted_size = format_byte_size(file_size, binary=True)
1558 formatted_size = format_byte_size(file_size, binary=True)
1559 return formatted_size
1559 return formatted_size
1560
1560
1561
1561
1562 def urlify_text(text_, safe=True):
1562 def urlify_text(text_, safe=True):
1563 """
1563 """
1564 Extrac urls from text and make html links out of them
1564 Extrac urls from text and make html links out of them
1565
1565
1566 :param text_:
1566 :param text_:
1567 """
1567 """
1568
1568
1569 url_pat = re.compile(r'''(http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@#.&+]'''
1569 url_pat = re.compile(r'''(http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@#.&+]'''
1570 '''|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+)''')
1570 '''|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+)''')
1571
1571
1572 def url_func(match_obj):
1572 def url_func(match_obj):
1573 url_full = match_obj.groups()[0]
1573 url_full = match_obj.groups()[0]
1574 return '<a href="%(url)s">%(url)s</a>' % ({'url': url_full})
1574 return '<a href="%(url)s">%(url)s</a>' % ({'url': url_full})
1575 _newtext = url_pat.sub(url_func, text_)
1575 _newtext = url_pat.sub(url_func, text_)
1576 if safe:
1576 if safe:
1577 return literal(_newtext)
1577 return literal(_newtext)
1578 return _newtext
1578 return _newtext
1579
1579
1580
1580
1581 def urlify_commits(text_, repository):
1581 def urlify_commits(text_, repository):
1582 """
1582 """
1583 Extract commit ids from text and make link from them
1583 Extract commit ids from text and make link from them
1584
1584
1585 :param text_:
1585 :param text_:
1586 :param repository: repo name to build the URL with
1586 :param repository: repo name to build the URL with
1587 """
1587 """
1588 from pylons import url # doh, we need to re-import url to mock it later
1588 from pylons import url # doh, we need to re-import url to mock it later
1589 URL_PAT = re.compile(r'(^|\s)([0-9a-fA-F]{12,40})($|\s)')
1589 URL_PAT = re.compile(r'(^|\s)([0-9a-fA-F]{12,40})($|\s)')
1590
1590
1591 def url_func(match_obj):
1591 def url_func(match_obj):
1592 commit_id = match_obj.groups()[1]
1592 commit_id = match_obj.groups()[1]
1593 pref = match_obj.groups()[0]
1593 pref = match_obj.groups()[0]
1594 suf = match_obj.groups()[2]
1594 suf = match_obj.groups()[2]
1595
1595
1596 tmpl = (
1596 tmpl = (
1597 '%(pref)s<a class="%(cls)s" href="%(url)s">'
1597 '%(pref)s<a class="%(cls)s" href="%(url)s">'
1598 '%(commit_id)s</a>%(suf)s'
1598 '%(commit_id)s</a>%(suf)s'
1599 )
1599 )
1600 return tmpl % {
1600 return tmpl % {
1601 'pref': pref,
1601 'pref': pref,
1602 'cls': 'revision-link',
1602 'cls': 'revision-link',
1603 'url': url('changeset_home', repo_name=repository,
1603 'url': url('changeset_home', repo_name=repository,
1604 revision=commit_id, qualified=True),
1604 revision=commit_id, qualified=True),
1605 'commit_id': commit_id,
1605 'commit_id': commit_id,
1606 'suf': suf
1606 'suf': suf
1607 }
1607 }
1608
1608
1609 newtext = URL_PAT.sub(url_func, text_)
1609 newtext = URL_PAT.sub(url_func, text_)
1610
1610
1611 return newtext
1611 return newtext
1612
1612
1613
1613
1614 def _process_url_func(match_obj, repo_name, uid, entry,
1614 def _process_url_func(match_obj, repo_name, uid, entry,
1615 return_raw_data=False, link_format='html'):
1615 return_raw_data=False, link_format='html'):
1616 pref = ''
1616 pref = ''
1617 if match_obj.group().startswith(' '):
1617 if match_obj.group().startswith(' '):
1618 pref = ' '
1618 pref = ' '
1619
1619
1620 issue_id = ''.join(match_obj.groups())
1620 issue_id = ''.join(match_obj.groups())
1621
1621
1622 if link_format == 'html':
1622 if link_format == 'html':
1623 tmpl = (
1623 tmpl = (
1624 '%(pref)s<a class="%(cls)s" href="%(url)s">'
1624 '%(pref)s<a class="%(cls)s" href="%(url)s">'
1625 '%(issue-prefix)s%(id-repr)s'
1625 '%(issue-prefix)s%(id-repr)s'
1626 '</a>')
1626 '</a>')
1627 elif link_format == 'rst':
1627 elif link_format == 'rst':
1628 tmpl = '`%(issue-prefix)s%(id-repr)s <%(url)s>`_'
1628 tmpl = '`%(issue-prefix)s%(id-repr)s <%(url)s>`_'
1629 elif link_format == 'markdown':
1629 elif link_format == 'markdown':
1630 tmpl = '[%(issue-prefix)s%(id-repr)s](%(url)s)'
1630 tmpl = '[%(issue-prefix)s%(id-repr)s](%(url)s)'
1631 else:
1631 else:
1632 raise ValueError('Bad link_format:{}'.format(link_format))
1632 raise ValueError('Bad link_format:{}'.format(link_format))
1633
1633
1634 (repo_name_cleaned,
1634 (repo_name_cleaned,
1635 parent_group_name) = RepoGroupModel().\
1635 parent_group_name) = RepoGroupModel().\
1636 _get_group_name_and_parent(repo_name)
1636 _get_group_name_and_parent(repo_name)
1637
1637
1638 # variables replacement
1638 # variables replacement
1639 named_vars = {
1639 named_vars = {
1640 'id': issue_id,
1640 'id': issue_id,
1641 'repo': repo_name,
1641 'repo': repo_name,
1642 'repo_name': repo_name_cleaned,
1642 'repo_name': repo_name_cleaned,
1643 'group_name': parent_group_name
1643 'group_name': parent_group_name
1644 }
1644 }
1645 # named regex variables
1645 # named regex variables
1646 named_vars.update(match_obj.groupdict())
1646 named_vars.update(match_obj.groupdict())
1647 _url = string.Template(entry['url']).safe_substitute(**named_vars)
1647 _url = string.Template(entry['url']).safe_substitute(**named_vars)
1648
1648
1649 data = {
1649 data = {
1650 'pref': pref,
1650 'pref': pref,
1651 'cls': 'issue-tracker-link',
1651 'cls': 'issue-tracker-link',
1652 'url': _url,
1652 'url': _url,
1653 'id-repr': issue_id,
1653 'id-repr': issue_id,
1654 'issue-prefix': entry['pref'],
1654 'issue-prefix': entry['pref'],
1655 'serv': entry['url'],
1655 'serv': entry['url'],
1656 }
1656 }
1657 if return_raw_data:
1657 if return_raw_data:
1658 return {
1658 return {
1659 'id': issue_id,
1659 'id': issue_id,
1660 'url': _url
1660 'url': _url
1661 }
1661 }
1662 return tmpl % data
1662 return tmpl % data
1663
1663
1664
1664
1665 def process_patterns(text_string, repo_name, link_format='html'):
1665 def process_patterns(text_string, repo_name, link_format='html'):
1666 allowed_formats = ['html', 'rst', 'markdown']
1666 allowed_formats = ['html', 'rst', 'markdown']
1667 if link_format not in allowed_formats:
1667 if link_format not in allowed_formats:
1668 raise ValueError('Link format can be only one of:{} got {}'.format(
1668 raise ValueError('Link format can be only one of:{} got {}'.format(
1669 allowed_formats, link_format))
1669 allowed_formats, link_format))
1670
1670
1671 repo = None
1671 repo = None
1672 if repo_name:
1672 if repo_name:
1673 # Retrieving repo_name to avoid invalid repo_name to explode on
1673 # Retrieving repo_name to avoid invalid repo_name to explode on
1674 # IssueTrackerSettingsModel but still passing invalid name further down
1674 # IssueTrackerSettingsModel but still passing invalid name further down
1675 repo = Repository.get_by_repo_name(repo_name, cache=True)
1675 repo = Repository.get_by_repo_name(repo_name, cache=True)
1676
1676
1677 settings_model = IssueTrackerSettingsModel(repo=repo)
1677 settings_model = IssueTrackerSettingsModel(repo=repo)
1678 active_entries = settings_model.get_settings(cache=True)
1678 active_entries = settings_model.get_settings(cache=True)
1679
1679
1680 issues_data = []
1680 issues_data = []
1681 newtext = text_string
1681 newtext = text_string
1682
1682
1683 for uid, entry in active_entries.items():
1683 for uid, entry in active_entries.items():
1684 log.debug('found issue tracker entry with uid %s' % (uid,))
1684 log.debug('found issue tracker entry with uid %s' % (uid,))
1685
1685
1686 if not (entry['pat'] and entry['url']):
1686 if not (entry['pat'] and entry['url']):
1687 log.debug('skipping due to missing data')
1687 log.debug('skipping due to missing data')
1688 continue
1688 continue
1689
1689
1690 log.debug('issue tracker entry: uid: `%s` PAT:%s URL:%s PREFIX:%s'
1690 log.debug('issue tracker entry: uid: `%s` PAT:%s URL:%s PREFIX:%s'
1691 % (uid, entry['pat'], entry['url'], entry['pref']))
1691 % (uid, entry['pat'], entry['url'], entry['pref']))
1692
1692
1693 try:
1693 try:
1694 pattern = re.compile(r'%s' % entry['pat'])
1694 pattern = re.compile(r'%s' % entry['pat'])
1695 except re.error:
1695 except re.error:
1696 log.exception(
1696 log.exception(
1697 'issue tracker pattern: `%s` failed to compile',
1697 'issue tracker pattern: `%s` failed to compile',
1698 entry['pat'])
1698 entry['pat'])
1699 continue
1699 continue
1700
1700
1701 data_func = partial(
1701 data_func = partial(
1702 _process_url_func, repo_name=repo_name, entry=entry, uid=uid,
1702 _process_url_func, repo_name=repo_name, entry=entry, uid=uid,
1703 return_raw_data=True)
1703 return_raw_data=True)
1704
1704
1705 for match_obj in pattern.finditer(text_string):
1705 for match_obj in pattern.finditer(text_string):
1706 issues_data.append(data_func(match_obj))
1706 issues_data.append(data_func(match_obj))
1707
1707
1708 url_func = partial(
1708 url_func = partial(
1709 _process_url_func, repo_name=repo_name, entry=entry, uid=uid,
1709 _process_url_func, repo_name=repo_name, entry=entry, uid=uid,
1710 link_format=link_format)
1710 link_format=link_format)
1711
1711
1712 newtext = pattern.sub(url_func, newtext)
1712 newtext = pattern.sub(url_func, newtext)
1713 log.debug('processed prefix:uid `%s`' % (uid,))
1713 log.debug('processed prefix:uid `%s`' % (uid,))
1714
1714
1715 return newtext, issues_data
1715 return newtext, issues_data
1716
1716
1717
1717
1718 def urlify_commit_message(commit_text, repository=None):
1718 def urlify_commit_message(commit_text, repository=None):
1719 """
1719 """
1720 Parses given text message and makes proper links.
1720 Parses given text message and makes proper links.
1721 issues are linked to given issue-server, and rest is a commit link
1721 issues are linked to given issue-server, and rest is a commit link
1722
1722
1723 :param commit_text:
1723 :param commit_text:
1724 :param repository:
1724 :param repository:
1725 """
1725 """
1726 from pylons import url # doh, we need to re-import url to mock it later
1726 from pylons import url # doh, we need to re-import url to mock it later
1727
1727
1728 def escaper(string):
1728 def escaper(string):
1729 return string.replace('<', '&lt;').replace('>', '&gt;')
1729 return string.replace('<', '&lt;').replace('>', '&gt;')
1730
1730
1731 newtext = escaper(commit_text)
1731 newtext = escaper(commit_text)
1732
1732
1733 # extract http/https links and make them real urls
1733 # extract http/https links and make them real urls
1734 newtext = urlify_text(newtext, safe=False)
1734 newtext = urlify_text(newtext, safe=False)
1735
1735
1736 # urlify commits - extract commit ids and make link out of them, if we have
1736 # urlify commits - extract commit ids and make link out of them, if we have
1737 # the scope of repository present.
1737 # the scope of repository present.
1738 if repository:
1738 if repository:
1739 newtext = urlify_commits(newtext, repository)
1739 newtext = urlify_commits(newtext, repository)
1740
1740
1741 # process issue tracker patterns
1741 # process issue tracker patterns
1742 newtext, issues = process_patterns(newtext, repository or '')
1742 newtext, issues = process_patterns(newtext, repository or '')
1743
1743
1744 return literal(newtext)
1744 return literal(newtext)
1745
1745
1746
1746
1747 def render_binary(repo_name, file_obj):
1747 def render_binary(repo_name, file_obj):
1748 """
1748 """
1749 Choose how to render a binary file
1749 Choose how to render a binary file
1750 """
1750 """
1751 filename = file_obj.name
1751 filename = file_obj.name
1752
1752
1753 # images
1753 # images
1754 for ext in ['*.png', '*.jpg', '*.ico', '*.gif']:
1754 for ext in ['*.png', '*.jpg', '*.ico', '*.gif']:
1755 if fnmatch.fnmatch(filename, pat=ext):
1755 if fnmatch.fnmatch(filename, pat=ext):
1756 alt = filename
1756 alt = filename
1757 src = url('files_raw_home', repo_name=repo_name,
1757 src = url('files_raw_home', repo_name=repo_name,
1758 revision=file_obj.commit.raw_id, f_path=file_obj.path)
1758 revision=file_obj.commit.raw_id, f_path=file_obj.path)
1759 return literal('<img class="rendered-binary" alt="{}" src="{}">'.format(alt, src))
1759 return literal('<img class="rendered-binary" alt="{}" src="{}">'.format(alt, src))
1760
1760
1761
1761
1762 def renderer_from_filename(filename, exclude=None):
1762 def renderer_from_filename(filename, exclude=None):
1763 """
1763 """
1764 choose a renderer based on filename, this works only for text based files
1764 choose a renderer based on filename, this works only for text based files
1765 """
1765 """
1766
1766
1767 # ipython
1767 # ipython
1768 for ext in ['*.ipynb']:
1768 for ext in ['*.ipynb']:
1769 if fnmatch.fnmatch(filename, pat=ext):
1769 if fnmatch.fnmatch(filename, pat=ext):
1770 return 'jupyter'
1770 return 'jupyter'
1771
1771
1772 is_markup = MarkupRenderer.renderer_from_filename(filename, exclude=exclude)
1772 is_markup = MarkupRenderer.renderer_from_filename(filename, exclude=exclude)
1773 if is_markup:
1773 if is_markup:
1774 return is_markup
1774 return is_markup
1775 return None
1775 return None
1776
1776
1777
1777
1778 def render(source, renderer='rst', mentions=False, relative_url=None,
1778 def render(source, renderer='rst', mentions=False, relative_url=None,
1779 repo_name=None):
1779 repo_name=None):
1780
1780
1781 def maybe_convert_relative_links(html_source):
1781 def maybe_convert_relative_links(html_source):
1782 if relative_url:
1782 if relative_url:
1783 return relative_links(html_source, relative_url)
1783 return relative_links(html_source, relative_url)
1784 return html_source
1784 return html_source
1785
1785
1786 if renderer == 'rst':
1786 if renderer == 'rst':
1787 if repo_name:
1787 if repo_name:
1788 # process patterns on comments if we pass in repo name
1788 # process patterns on comments if we pass in repo name
1789 source, issues = process_patterns(
1789 source, issues = process_patterns(
1790 source, repo_name, link_format='rst')
1790 source, repo_name, link_format='rst')
1791
1791
1792 return literal(
1792 return literal(
1793 '<div class="rst-block">%s</div>' %
1793 '<div class="rst-block">%s</div>' %
1794 maybe_convert_relative_links(
1794 maybe_convert_relative_links(
1795 MarkupRenderer.rst(source, mentions=mentions)))
1795 MarkupRenderer.rst(source, mentions=mentions)))
1796 elif renderer == 'markdown':
1796 elif renderer == 'markdown':
1797 if repo_name:
1797 if repo_name:
1798 # process patterns on comments if we pass in repo name
1798 # process patterns on comments if we pass in repo name
1799 source, issues = process_patterns(
1799 source, issues = process_patterns(
1800 source, repo_name, link_format='markdown')
1800 source, repo_name, link_format='markdown')
1801
1801
1802 return literal(
1802 return literal(
1803 '<div class="markdown-block">%s</div>' %
1803 '<div class="markdown-block">%s</div>' %
1804 maybe_convert_relative_links(
1804 maybe_convert_relative_links(
1805 MarkupRenderer.markdown(source, flavored=True,
1805 MarkupRenderer.markdown(source, flavored=True,
1806 mentions=mentions)))
1806 mentions=mentions)))
1807 elif renderer == 'jupyter':
1807 elif renderer == 'jupyter':
1808 return literal(
1808 return literal(
1809 '<div class="ipynb">%s</div>' %
1809 '<div class="ipynb">%s</div>' %
1810 maybe_convert_relative_links(
1810 maybe_convert_relative_links(
1811 MarkupRenderer.jupyter(source)))
1811 MarkupRenderer.jupyter(source)))
1812
1812
1813 # None means just show the file-source
1813 # None means just show the file-source
1814 return None
1814 return None
1815
1815
1816
1816
1817 def commit_status(repo, commit_id):
1817 def commit_status(repo, commit_id):
1818 return ChangesetStatusModel().get_status(repo, commit_id)
1818 return ChangesetStatusModel().get_status(repo, commit_id)
1819
1819
1820
1820
1821 def commit_status_lbl(commit_status):
1821 def commit_status_lbl(commit_status):
1822 return dict(ChangesetStatus.STATUSES).get(commit_status)
1822 return dict(ChangesetStatus.STATUSES).get(commit_status)
1823
1823
1824
1824
1825 def commit_time(repo_name, commit_id):
1825 def commit_time(repo_name, commit_id):
1826 repo = Repository.get_by_repo_name(repo_name)
1826 repo = Repository.get_by_repo_name(repo_name)
1827 commit = repo.get_commit(commit_id=commit_id)
1827 commit = repo.get_commit(commit_id=commit_id)
1828 return commit.date
1828 return commit.date
1829
1829
1830
1830
1831 def get_permission_name(key):
1831 def get_permission_name(key):
1832 return dict(Permission.PERMS).get(key)
1832 return dict(Permission.PERMS).get(key)
1833
1833
1834
1834
1835 def journal_filter_help():
1835 def journal_filter_help():
1836 return _(
1836 return _(
1837 'Example filter terms:\n' +
1837 'Example filter terms:\n' +
1838 ' repository:vcs\n' +
1838 ' repository:vcs\n' +
1839 ' username:marcin\n' +
1839 ' username:marcin\n' +
1840 ' action:*push*\n' +
1840 ' action:*push*\n' +
1841 ' ip:127.0.0.1\n' +
1841 ' ip:127.0.0.1\n' +
1842 ' date:20120101\n' +
1842 ' date:20120101\n' +
1843 ' date:[20120101100000 TO 20120102]\n' +
1843 ' date:[20120101100000 TO 20120102]\n' +
1844 '\n' +
1844 '\n' +
1845 'Generate wildcards using \'*\' character:\n' +
1845 'Generate wildcards using \'*\' character:\n' +
1846 ' "repository:vcs*" - search everything starting with \'vcs\'\n' +
1846 ' "repository:vcs*" - search everything starting with \'vcs\'\n' +
1847 ' "repository:*vcs*" - search for repository containing \'vcs\'\n' +
1847 ' "repository:*vcs*" - search for repository containing \'vcs\'\n' +
1848 '\n' +
1848 '\n' +
1849 'Optional AND / OR operators in queries\n' +
1849 'Optional AND / OR operators in queries\n' +
1850 ' "repository:vcs OR repository:test"\n' +
1850 ' "repository:vcs OR repository:test"\n' +
1851 ' "username:test AND repository:test*"\n'
1851 ' "username:test AND repository:test*"\n'
1852 )
1852 )
1853
1853
1854
1854
1855 def search_filter_help(searcher):
1855 def search_filter_help(searcher):
1856
1856
1857 terms = ''
1857 terms = ''
1858 return _(
1858 return _(
1859 'Example filter terms for `{searcher}` search:\n' +
1859 'Example filter terms for `{searcher}` search:\n' +
1860 '{terms}\n' +
1860 '{terms}\n' +
1861 'Generate wildcards using \'*\' character:\n' +
1861 'Generate wildcards using \'*\' character:\n' +
1862 ' "repo_name:vcs*" - search everything starting with \'vcs\'\n' +
1862 ' "repo_name:vcs*" - search everything starting with \'vcs\'\n' +
1863 ' "repo_name:*vcs*" - search for repository containing \'vcs\'\n' +
1863 ' "repo_name:*vcs*" - search for repository containing \'vcs\'\n' +
1864 '\n' +
1864 '\n' +
1865 'Optional AND / OR operators in queries\n' +
1865 'Optional AND / OR operators in queries\n' +
1866 ' "repo_name:vcs OR repo_name:test"\n' +
1866 ' "repo_name:vcs OR repo_name:test"\n' +
1867 ' "owner:test AND repo_name:test*"\n' +
1867 ' "owner:test AND repo_name:test*"\n' +
1868 'More: {search_doc}'
1868 'More: {search_doc}'
1869 ).format(searcher=searcher.name,
1869 ).format(searcher=searcher.name,
1870 terms=terms, search_doc=searcher.query_lang_doc)
1870 terms=terms, search_doc=searcher.query_lang_doc)
1871
1871
1872
1872
1873 def not_mapped_error(repo_name):
1873 def not_mapped_error(repo_name):
1874 flash(_('%s repository is not mapped to db perhaps'
1874 flash(_('%s repository is not mapped to db perhaps'
1875 ' it was created or renamed from the filesystem'
1875 ' it was created or renamed from the filesystem'
1876 ' please run the application again'
1876 ' please run the application again'
1877 ' in order to rescan repositories') % repo_name, category='error')
1877 ' in order to rescan repositories') % repo_name, category='error')
1878
1878
1879
1879
1880 def ip_range(ip_addr):
1880 def ip_range(ip_addr):
1881 from rhodecode.model.db import UserIpMap
1881 from rhodecode.model.db import UserIpMap
1882 s, e = UserIpMap._get_ip_range(ip_addr)
1882 s, e = UserIpMap._get_ip_range(ip_addr)
1883 return '%s - %s' % (s, e)
1883 return '%s - %s' % (s, e)
1884
1884
1885
1885
1886 def form(url, method='post', needs_csrf_token=True, **attrs):
1886 def form(url, method='post', needs_csrf_token=True, **attrs):
1887 """Wrapper around webhelpers.tags.form to prevent CSRF attacks."""
1887 """Wrapper around webhelpers.tags.form to prevent CSRF attacks."""
1888 if method.lower() != 'get' and needs_csrf_token:
1888 if method.lower() != 'get' and needs_csrf_token:
1889 raise Exception(
1889 raise Exception(
1890 'Forms to POST/PUT/DELETE endpoints should have (in general) a ' +
1890 'Forms to POST/PUT/DELETE endpoints should have (in general) a ' +
1891 'CSRF token. If the endpoint does not require such token you can ' +
1891 'CSRF token. If the endpoint does not require such token you can ' +
1892 'explicitly set the parameter needs_csrf_token to false.')
1892 'explicitly set the parameter needs_csrf_token to false.')
1893
1893
1894 return wh_form(url, method=method, **attrs)
1894 return wh_form(url, method=method, **attrs)
1895
1895
1896
1896
1897 def secure_form(url, method="POST", multipart=False, **attrs):
1897 def secure_form(url, method="POST", multipart=False, **attrs):
1898 """Start a form tag that points the action to an url. This
1898 """Start a form tag that points the action to an url. This
1899 form tag will also include the hidden field containing
1899 form tag will also include the hidden field containing
1900 the auth token.
1900 the auth token.
1901
1901
1902 The url options should be given either as a string, or as a
1902 The url options should be given either as a string, or as a
1903 ``url()`` function. The method for the form defaults to POST.
1903 ``url()`` function. The method for the form defaults to POST.
1904
1904
1905 Options:
1905 Options:
1906
1906
1907 ``multipart``
1907 ``multipart``
1908 If set to True, the enctype is set to "multipart/form-data".
1908 If set to True, the enctype is set to "multipart/form-data".
1909 ``method``
1909 ``method``
1910 The method to use when submitting the form, usually either
1910 The method to use when submitting the form, usually either
1911 "GET" or "POST". If "PUT", "DELETE", or another verb is used, a
1911 "GET" or "POST". If "PUT", "DELETE", or another verb is used, a
1912 hidden input with name _method is added to simulate the verb
1912 hidden input with name _method is added to simulate the verb
1913 over POST.
1913 over POST.
1914
1914
1915 """
1915 """
1916 from webhelpers.pylonslib.secure_form import insecure_form
1916 from webhelpers.pylonslib.secure_form import insecure_form
1917 form = insecure_form(url, method, multipart, **attrs)
1917 form = insecure_form(url, method, multipart, **attrs)
1918 token = csrf_input()
1918 token = csrf_input()
1919 return literal("%s\n%s" % (form, token))
1919 return literal("%s\n%s" % (form, token))
1920
1920
1921 def csrf_input():
1921 def csrf_input():
1922 return literal(
1922 return literal(
1923 '<input type="hidden" id="{}" name="{}" value="{}">'.format(
1923 '<input type="hidden" id="{}" name="{}" value="{}">'.format(
1924 csrf_token_key, csrf_token_key, get_csrf_token()))
1924 csrf_token_key, csrf_token_key, get_csrf_token()))
1925
1925
1926 def dropdownmenu(name, selected, options, enable_filter=False, **attrs):
1926 def dropdownmenu(name, selected, options, enable_filter=False, **attrs):
1927 select_html = select(name, selected, options, **attrs)
1927 select_html = select(name, selected, options, **attrs)
1928 select2 = """
1928 select2 = """
1929 <script>
1929 <script>
1930 $(document).ready(function() {
1930 $(document).ready(function() {
1931 $('#%s').select2({
1931 $('#%s').select2({
1932 containerCssClass: 'drop-menu',
1932 containerCssClass: 'drop-menu',
1933 dropdownCssClass: 'drop-menu-dropdown',
1933 dropdownCssClass: 'drop-menu-dropdown',
1934 dropdownAutoWidth: true%s
1934 dropdownAutoWidth: true%s
1935 });
1935 });
1936 });
1936 });
1937 </script>
1937 </script>
1938 """
1938 """
1939 filter_option = """,
1939 filter_option = """,
1940 minimumResultsForSearch: -1
1940 minimumResultsForSearch: -1
1941 """
1941 """
1942 input_id = attrs.get('id') or name
1942 input_id = attrs.get('id') or name
1943 filter_enabled = "" if enable_filter else filter_option
1943 filter_enabled = "" if enable_filter else filter_option
1944 select_script = literal(select2 % (input_id, filter_enabled))
1944 select_script = literal(select2 % (input_id, filter_enabled))
1945
1945
1946 return literal(select_html+select_script)
1946 return literal(select_html+select_script)
1947
1947
1948
1948
1949 def get_visual_attr(tmpl_context_var, attr_name):
1949 def get_visual_attr(tmpl_context_var, attr_name):
1950 """
1950 """
1951 A safe way to get a variable from visual variable of template context
1951 A safe way to get a variable from visual variable of template context
1952
1952
1953 :param tmpl_context_var: instance of tmpl_context, usually present as `c`
1953 :param tmpl_context_var: instance of tmpl_context, usually present as `c`
1954 :param attr_name: name of the attribute we fetch from the c.visual
1954 :param attr_name: name of the attribute we fetch from the c.visual
1955 """
1955 """
1956 visual = getattr(tmpl_context_var, 'visual', None)
1956 visual = getattr(tmpl_context_var, 'visual', None)
1957 if not visual:
1957 if not visual:
1958 return
1958 return
1959 else:
1959 else:
1960 return getattr(visual, attr_name, None)
1960 return getattr(visual, attr_name, None)
1961
1961
1962
1962
1963 def get_last_path_part(file_node):
1963 def get_last_path_part(file_node):
1964 if not file_node.path:
1964 if not file_node.path:
1965 return u''
1965 return u''
1966
1966
1967 path = safe_unicode(file_node.path.split('/')[-1])
1967 path = safe_unicode(file_node.path.split('/')[-1])
1968 return u'../' + path
1968 return u'../' + path
1969
1969
1970
1970
1971 def route_url(*args, **kwargs):
1971 def route_url(*args, **kwargs):
1972 """
1972 """
1973 Wrapper around pyramids `route_url` (fully qualified url) function.
1973 Wrapper around pyramids `route_url` (fully qualified url) function.
1974 It is used to generate URLs from within pylons views or templates.
1974 It is used to generate URLs from within pylons views or templates.
1975 This will be removed when pyramid migration if finished.
1975 This will be removed when pyramid migration if finished.
1976 """
1976 """
1977 req = get_current_request()
1977 req = get_current_request()
1978 return req.route_url(*args, **kwargs)
1978 return req.route_url(*args, **kwargs)
1979
1979
1980
1980
1981 def route_path(*args, **kwargs):
1981 def route_path(*args, **kwargs):
1982 """
1982 """
1983 Wrapper around pyramids `route_path` function. It is used to generate
1983 Wrapper around pyramids `route_path` function. It is used to generate
1984 URLs from within pylons views or templates. This will be removed when
1984 URLs from within pylons views or templates. This will be removed when
1985 pyramid migration if finished.
1985 pyramid migration if finished.
1986 """
1986 """
1987 req = get_current_request()
1987 req = get_current_request()
1988 return req.route_path(*args, **kwargs)
1988 return req.route_path(*args, **kwargs)
1989
1989
1990
1990
1991 def route_path_or_none(*args, **kwargs):
1991 def route_path_or_none(*args, **kwargs):
1992 try:
1992 try:
1993 return route_path(*args, **kwargs)
1993 return route_path(*args, **kwargs)
1994 except KeyError:
1994 except KeyError:
1995 return None
1995 return None
1996
1996
1997
1997
1998 def static_url(*args, **kwds):
1998 def static_url(*args, **kwds):
1999 """
1999 """
2000 Wrapper around pyramids `route_path` function. It is used to generate
2000 Wrapper around pyramids `route_path` function. It is used to generate
2001 URLs from within pylons views or templates. This will be removed when
2001 URLs from within pylons views or templates. This will be removed when
2002 pyramid migration if finished.
2002 pyramid migration if finished.
2003 """
2003 """
2004 req = get_current_request()
2004 req = get_current_request()
2005 return req.static_url(*args, **kwds)
2005 return req.static_url(*args, **kwds)
2006
2006
2007
2007
2008 def resource_path(*args, **kwds):
2008 def resource_path(*args, **kwds):
2009 """
2009 """
2010 Wrapper around pyramids `route_path` function. It is used to generate
2010 Wrapper around pyramids `route_path` function. It is used to generate
2011 URLs from within pylons views or templates. This will be removed when
2011 URLs from within pylons views or templates. This will be removed when
2012 pyramid migration if finished.
2012 pyramid migration if finished.
2013 """
2013 """
2014 req = get_current_request()
2014 req = get_current_request()
2015 return req.resource_path(*args, **kwds)
2015 return req.resource_path(*args, **kwds)
2016
2016
2017
2017
2018 def api_call_example(method, args):
2018 def api_call_example(method, args):
2019 """
2019 """
2020 Generates an API call example via CURL
2020 Generates an API call example via CURL
2021 """
2021 """
2022 args_json = json.dumps(OrderedDict([
2022 args_json = json.dumps(OrderedDict([
2023 ('id', 1),
2023 ('id', 1),
2024 ('auth_token', 'SECRET'),
2024 ('auth_token', 'SECRET'),
2025 ('method', method),
2025 ('method', method),
2026 ('args', args)
2026 ('args', args)
2027 ]))
2027 ]))
2028 return literal(
2028 return literal(
2029 "curl {api_url} -X POST -H 'content-type:text/plain' --data-binary '{data}'"
2029 "curl {api_url} -X POST -H 'content-type:text/plain' --data-binary '{data}'"
2030 "<br/><br/>SECRET can be found in <a href=\"{token_url}\">auth-tokens</a> page, "
2030 "<br/><br/>SECRET can be found in <a href=\"{token_url}\">auth-tokens</a> page, "
2031 "and needs to be of `api calls` role."
2031 "and needs to be of `api calls` role."
2032 .format(
2032 .format(
2033 api_url=route_url('apiv2'),
2033 api_url=route_url('apiv2'),
2034 token_url=route_url('my_account_auth_tokens'),
2034 token_url=route_url('my_account_auth_tokens'),
2035 data=args_json))
2035 data=args_json))
Show file before | Show file after | Hide comments
@@ -1,4075 +1,4079 b''
1 # -*- coding: utf-8 -*-
1 # -*- coding: utf-8 -*-
2
2
3 # Copyright (C) 2010-2017 RhodeCode GmbH
3 # Copyright (C) 2010-2017 RhodeCode GmbH
4 #
4 #
5 # This program is free software: you can redistribute it and/or modify
5 # This program is free software: you can redistribute it and/or modify
6 # it under the terms of the GNU Affero General Public License, version 3
6 # it under the terms of the GNU Affero General Public License, version 3
7 # (only), as published by the Free Software Foundation.
7 # (only), as published by the Free Software Foundation.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU Affero General Public License
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 #
16 #
17 # This program is dual-licensed. If you wish to learn more about the
17 # This program is dual-licensed. If you wish to learn more about the
18 # RhodeCode Enterprise Edition, including its added features, Support services,
18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20
20
21 """
21 """
22 Database Models for RhodeCode Enterprise
22 Database Models for RhodeCode Enterprise
23 """
23 """
24
24
25 import re
25 import re
26 import os
26 import os
27 import time
27 import time
28 import hashlib
28 import hashlib
29 import logging
29 import logging
30 import datetime
30 import datetime
31 import warnings
31 import warnings
32 import ipaddress
32 import ipaddress
33 import functools
33 import functools
34 import traceback
34 import traceback
35 import collections
35 import collections
36
36
37
37
38 from sqlalchemy import *
38 from sqlalchemy import *
39 from sqlalchemy.ext.declarative import declared_attr
39 from sqlalchemy.ext.declarative import declared_attr
40 from sqlalchemy.ext.hybrid import hybrid_property
40 from sqlalchemy.ext.hybrid import hybrid_property
41 from sqlalchemy.orm import (
41 from sqlalchemy.orm import (
42 relationship, joinedload, class_mapper, validates, aliased)
42 relationship, joinedload, class_mapper, validates, aliased)
43 from sqlalchemy.sql.expression import true
43 from sqlalchemy.sql.expression import true
44 from beaker.cache import cache_region
44 from beaker.cache import cache_region
45 from zope.cachedescriptors.property import Lazy as LazyProperty
45 from zope.cachedescriptors.property import Lazy as LazyProperty
46
46
47 from pylons.i18n.translation import lazy_ugettext as _
47 from pylons.i18n.translation import lazy_ugettext as _
48 from pyramid.threadlocal import get_current_request
48 from pyramid.threadlocal import get_current_request
49
49
50 from rhodecode.lib.vcs import get_vcs_instance
50 from rhodecode.lib.vcs import get_vcs_instance
51 from rhodecode.lib.vcs.backends.base import EmptyCommit, Reference
51 from rhodecode.lib.vcs.backends.base import EmptyCommit, Reference
52 from rhodecode.lib.utils2 import (
52 from rhodecode.lib.utils2 import (
53 str2bool, safe_str, get_commit_safe, safe_unicode, md5_safe,
53 str2bool, safe_str, get_commit_safe, safe_unicode, md5_safe,
54 time_to_datetime, aslist, Optional, safe_int, get_clone_url, AttributeDict,
54 time_to_datetime, aslist, Optional, safe_int, get_clone_url, AttributeDict,
55 glob2re, StrictAttributeDict, cleaned_uri)
55 glob2re, StrictAttributeDict, cleaned_uri)
56 from rhodecode.lib.jsonalchemy import MutationObj, MutationList, JsonType
56 from rhodecode.lib.jsonalchemy import MutationObj, MutationList, JsonType
57 from rhodecode.lib.ext_json import json
57 from rhodecode.lib.ext_json import json
58 from rhodecode.lib.caching_query import FromCache
58 from rhodecode.lib.caching_query import FromCache
59 from rhodecode.lib.encrypt import AESCipher
59 from rhodecode.lib.encrypt import AESCipher
60
60
61 from rhodecode.model.meta import Base, Session
61 from rhodecode.model.meta import Base, Session
62
62
63 URL_SEP = '/'
63 URL_SEP = '/'
64 log = logging.getLogger(__name__)
64 log = logging.getLogger(__name__)
65
65
66 # =============================================================================
66 # =============================================================================
67 # BASE CLASSES
67 # BASE CLASSES
68 # =============================================================================
68 # =============================================================================
69
69
70 # this is propagated from .ini file rhodecode.encrypted_values.secret or
70 # this is propagated from .ini file rhodecode.encrypted_values.secret or
71 # beaker.session.secret if first is not set.
71 # beaker.session.secret if first is not set.
72 # and initialized at environment.py
72 # and initialized at environment.py
73 ENCRYPTION_KEY = None
73 ENCRYPTION_KEY = None
74
74
75 # used to sort permissions by types, '#' used here is not allowed to be in
75 # used to sort permissions by types, '#' used here is not allowed to be in
76 # usernames, and it's very early in sorted string.printable table.
76 # usernames, and it's very early in sorted string.printable table.
77 PERMISSION_TYPE_SORT = {
77 PERMISSION_TYPE_SORT = {
78 'admin': '####',
78 'admin': '####',
79 'write': '###',
79 'write': '###',
80 'read': '##',
80 'read': '##',
81 'none': '#',
81 'none': '#',
82 }
82 }
83
83
84
84
85 def display_sort(obj):
85 def display_sort(obj):
86 """
86 """
87 Sort function used to sort permissions in .permissions() function of
87 Sort function used to sort permissions in .permissions() function of
88 Repository, RepoGroup, UserGroup. Also it put the default user in front
88 Repository, RepoGroup, UserGroup. Also it put the default user in front
89 of all other resources
89 of all other resources
90 """
90 """
91
91
92 if obj.username == User.DEFAULT_USER:
92 if obj.username == User.DEFAULT_USER:
93 return '#####'
93 return '#####'
94 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
94 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
95 return prefix + obj.username
95 return prefix + obj.username
96
96
97
97
98 def _hash_key(k):
98 def _hash_key(k):
99 return md5_safe(k)
99 return md5_safe(k)
100
100
101
101
102 class EncryptedTextValue(TypeDecorator):
102 class EncryptedTextValue(TypeDecorator):
103 """
103 """
104 Special column for encrypted long text data, use like::
104 Special column for encrypted long text data, use like::
105
105
106 value = Column("encrypted_value", EncryptedValue(), nullable=False)
106 value = Column("encrypted_value", EncryptedValue(), nullable=False)
107
107
108 This column is intelligent so if value is in unencrypted form it return
108 This column is intelligent so if value is in unencrypted form it return
109 unencrypted form, but on save it always encrypts
109 unencrypted form, but on save it always encrypts
110 """
110 """
111 impl = Text
111 impl = Text
112
112
113 def process_bind_param(self, value, dialect):
113 def process_bind_param(self, value, dialect):
114 if not value:
114 if not value:
115 return value
115 return value
116 if value.startswith('enc$aes$') or value.startswith('enc$aes_hmac$'):
116 if value.startswith('enc$aes$') or value.startswith('enc$aes_hmac$'):
117 # protect against double encrypting if someone manually starts
117 # protect against double encrypting if someone manually starts
118 # doing
118 # doing
119 raise ValueError('value needs to be in unencrypted format, ie. '
119 raise ValueError('value needs to be in unencrypted format, ie. '
120 'not starting with enc$aes')
120 'not starting with enc$aes')
121 return 'enc$aes_hmac$%s' % AESCipher(
121 return 'enc$aes_hmac$%s' % AESCipher(
122 ENCRYPTION_KEY, hmac=True).encrypt(value)
122 ENCRYPTION_KEY, hmac=True).encrypt(value)
123
123
124 def process_result_value(self, value, dialect):
124 def process_result_value(self, value, dialect):
125 import rhodecode
125 import rhodecode
126
126
127 if not value:
127 if not value:
128 return value
128 return value
129
129
130 parts = value.split('$', 3)
130 parts = value.split('$', 3)
131 if not len(parts) == 3:
131 if not len(parts) == 3:
132 # probably not encrypted values
132 # probably not encrypted values
133 return value
133 return value
134 else:
134 else:
135 if parts[0] != 'enc':
135 if parts[0] != 'enc':
136 # parts ok but without our header ?
136 # parts ok but without our header ?
137 return value
137 return value
138 enc_strict_mode = str2bool(rhodecode.CONFIG.get(
138 enc_strict_mode = str2bool(rhodecode.CONFIG.get(
139 'rhodecode.encrypted_values.strict') or True)
139 'rhodecode.encrypted_values.strict') or True)
140 # at that stage we know it's our encryption
140 # at that stage we know it's our encryption
141 if parts[1] == 'aes':
141 if parts[1] == 'aes':
142 decrypted_data = AESCipher(ENCRYPTION_KEY).decrypt(parts[2])
142 decrypted_data = AESCipher(ENCRYPTION_KEY).decrypt(parts[2])
143 elif parts[1] == 'aes_hmac':
143 elif parts[1] == 'aes_hmac':
144 decrypted_data = AESCipher(
144 decrypted_data = AESCipher(
145 ENCRYPTION_KEY, hmac=True,
145 ENCRYPTION_KEY, hmac=True,
146 strict_verification=enc_strict_mode).decrypt(parts[2])
146 strict_verification=enc_strict_mode).decrypt(parts[2])
147 else:
147 else:
148 raise ValueError(
148 raise ValueError(
149 'Encryption type part is wrong, must be `aes` '
149 'Encryption type part is wrong, must be `aes` '
150 'or `aes_hmac`, got `%s` instead' % (parts[1]))
150 'or `aes_hmac`, got `%s` instead' % (parts[1]))
151 return decrypted_data
151 return decrypted_data
152
152
153
153
154 class BaseModel(object):
154 class BaseModel(object):
155 """
155 """
156 Base Model for all classes
156 Base Model for all classes
157 """
157 """
158
158
159 @classmethod
159 @classmethod
160 def _get_keys(cls):
160 def _get_keys(cls):
161 """return column names for this model """
161 """return column names for this model """
162 return class_mapper(cls).c.keys()
162 return class_mapper(cls).c.keys()
163
163
164 def get_dict(self):
164 def get_dict(self):
165 """
165 """
166 return dict with keys and values corresponding
166 return dict with keys and values corresponding
167 to this model data """
167 to this model data """
168
168
169 d = {}
169 d = {}
170 for k in self._get_keys():
170 for k in self._get_keys():
171 d[k] = getattr(self, k)
171 d[k] = getattr(self, k)
172
172
173 # also use __json__() if present to get additional fields
173 # also use __json__() if present to get additional fields
174 _json_attr = getattr(self, '__json__', None)
174 _json_attr = getattr(self, '__json__', None)
175 if _json_attr:
175 if _json_attr:
176 # update with attributes from __json__
176 # update with attributes from __json__
177 if callable(_json_attr):
177 if callable(_json_attr):
178 _json_attr = _json_attr()
178 _json_attr = _json_attr()
179 for k, val in _json_attr.iteritems():
179 for k, val in _json_attr.iteritems():
180 d[k] = val
180 d[k] = val
181 return d
181 return d
182
182
183 def get_appstruct(self):
183 def get_appstruct(self):
184 """return list with keys and values tuples corresponding
184 """return list with keys and values tuples corresponding
185 to this model data """
185 to this model data """
186
186
187 l = []
187 l = []
188 for k in self._get_keys():
188 for k in self._get_keys():
189 l.append((k, getattr(self, k),))
189 l.append((k, getattr(self, k),))
190 return l
190 return l
191
191
192 def populate_obj(self, populate_dict):
192 def populate_obj(self, populate_dict):
193 """populate model with data from given populate_dict"""
193 """populate model with data from given populate_dict"""
194
194
195 for k in self._get_keys():
195 for k in self._get_keys():
196 if k in populate_dict:
196 if k in populate_dict:
197 setattr(self, k, populate_dict[k])
197 setattr(self, k, populate_dict[k])
198
198
199 @classmethod
199 @classmethod
200 def query(cls):
200 def query(cls):
201 return Session().query(cls)
201 return Session().query(cls)
202
202
203 @classmethod
203 @classmethod
204 def get(cls, id_):
204 def get(cls, id_):
205 if id_:
205 if id_:
206 return cls.query().get(id_)
206 return cls.query().get(id_)
207
207
208 @classmethod
208 @classmethod
209 def get_or_404(cls, id_, pyramid_exc=False):
209 def get_or_404(cls, id_, pyramid_exc=False):
210 if pyramid_exc:
210 if pyramid_exc:
211 # NOTE(marcink): backward compat, once migration to pyramid
211 # NOTE(marcink): backward compat, once migration to pyramid
212 # this should only use pyramid exceptions
212 # this should only use pyramid exceptions
213 from pyramid.httpexceptions import HTTPNotFound
213 from pyramid.httpexceptions import HTTPNotFound
214 else:
214 else:
215 from webob.exc import HTTPNotFound
215 from webob.exc import HTTPNotFound
216
216
217 try:
217 try:
218 id_ = int(id_)
218 id_ = int(id_)
219 except (TypeError, ValueError):
219 except (TypeError, ValueError):
220 raise HTTPNotFound
220 raise HTTPNotFound
221
221
222 res = cls.query().get(id_)
222 res = cls.query().get(id_)
223 if not res:
223 if not res:
224 raise HTTPNotFound
224 raise HTTPNotFound
225 return res
225 return res
226
226
227 @classmethod
227 @classmethod
228 def getAll(cls):
228 def getAll(cls):
229 # deprecated and left for backward compatibility
229 # deprecated and left for backward compatibility
230 return cls.get_all()
230 return cls.get_all()
231
231
232 @classmethod
232 @classmethod
233 def get_all(cls):
233 def get_all(cls):
234 return cls.query().all()
234 return cls.query().all()
235
235
236 @classmethod
236 @classmethod
237 def delete(cls, id_):
237 def delete(cls, id_):
238 obj = cls.query().get(id_)
238 obj = cls.query().get(id_)
239 Session().delete(obj)
239 Session().delete(obj)
240
240
241 @classmethod
241 @classmethod
242 def identity_cache(cls, session, attr_name, value):
242 def identity_cache(cls, session, attr_name, value):
243 exist_in_session = []
243 exist_in_session = []
244 for (item_cls, pkey), instance in session.identity_map.items():
244 for (item_cls, pkey), instance in session.identity_map.items():
245 if cls == item_cls and getattr(instance, attr_name) == value:
245 if cls == item_cls and getattr(instance, attr_name) == value:
246 exist_in_session.append(instance)
246 exist_in_session.append(instance)
247 if exist_in_session:
247 if exist_in_session:
248 if len(exist_in_session) == 1:
248 if len(exist_in_session) == 1:
249 return exist_in_session[0]
249 return exist_in_session[0]
250 log.exception(
250 log.exception(
251 'multiple objects with attr %s and '
251 'multiple objects with attr %s and '
252 'value %s found with same name: %r',
252 'value %s found with same name: %r',
253 attr_name, value, exist_in_session)
253 attr_name, value, exist_in_session)
254
254
255 def __repr__(self):
255 def __repr__(self):
256 if hasattr(self, '__unicode__'):
256 if hasattr(self, '__unicode__'):
257 # python repr needs to return str
257 # python repr needs to return str
258 try:
258 try:
259 return safe_str(self.__unicode__())
259 return safe_str(self.__unicode__())
260 except UnicodeDecodeError:
260 except UnicodeDecodeError:
261 pass
261 pass
262 return '<DB:%s>' % (self.__class__.__name__)
262 return '<DB:%s>' % (self.__class__.__name__)
263
263
264
264
265 class RhodeCodeSetting(Base, BaseModel):
265 class RhodeCodeSetting(Base, BaseModel):
266 __tablename__ = 'rhodecode_settings'
266 __tablename__ = 'rhodecode_settings'
267 __table_args__ = (
267 __table_args__ = (
268 UniqueConstraint('app_settings_name'),
268 UniqueConstraint('app_settings_name'),
269 {'extend_existing': True, 'mysql_engine': 'InnoDB',
269 {'extend_existing': True, 'mysql_engine': 'InnoDB',
270 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
270 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
271 )
271 )
272
272
273 SETTINGS_TYPES = {
273 SETTINGS_TYPES = {
274 'str': safe_str,
274 'str': safe_str,
275 'int': safe_int,
275 'int': safe_int,
276 'unicode': safe_unicode,
276 'unicode': safe_unicode,
277 'bool': str2bool,
277 'bool': str2bool,
278 'list': functools.partial(aslist, sep=',')
278 'list': functools.partial(aslist, sep=',')
279 }
279 }
280 DEFAULT_UPDATE_URL = 'https://rhodecode.com/api/v1/info/versions'
280 DEFAULT_UPDATE_URL = 'https://rhodecode.com/api/v1/info/versions'
281 GLOBAL_CONF_KEY = 'app_settings'
281 GLOBAL_CONF_KEY = 'app_settings'
282
282
283 app_settings_id = Column("app_settings_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
283 app_settings_id = Column("app_settings_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
284 app_settings_name = Column("app_settings_name", String(255), nullable=True, unique=None, default=None)
284 app_settings_name = Column("app_settings_name", String(255), nullable=True, unique=None, default=None)
285 _app_settings_value = Column("app_settings_value", String(4096), nullable=True, unique=None, default=None)
285 _app_settings_value = Column("app_settings_value", String(4096), nullable=True, unique=None, default=None)
286 _app_settings_type = Column("app_settings_type", String(255), nullable=True, unique=None, default=None)
286 _app_settings_type = Column("app_settings_type", String(255), nullable=True, unique=None, default=None)
287
287
288 def __init__(self, key='', val='', type='unicode'):
288 def __init__(self, key='', val='', type='unicode'):
289 self.app_settings_name = key
289 self.app_settings_name = key
290 self.app_settings_type = type
290 self.app_settings_type = type
291 self.app_settings_value = val
291 self.app_settings_value = val
292
292
293 @validates('_app_settings_value')
293 @validates('_app_settings_value')
294 def validate_settings_value(self, key, val):
294 def validate_settings_value(self, key, val):
295 assert type(val) == unicode
295 assert type(val) == unicode
296 return val
296 return val
297
297
298 @hybrid_property
298 @hybrid_property
299 def app_settings_value(self):
299 def app_settings_value(self):
300 v = self._app_settings_value
300 v = self._app_settings_value
301 _type = self.app_settings_type
301 _type = self.app_settings_type
302 if _type:
302 if _type:
303 _type = self.app_settings_type.split('.')[0]
303 _type = self.app_settings_type.split('.')[0]
304 # decode the encrypted value
304 # decode the encrypted value
305 if 'encrypted' in self.app_settings_type:
305 if 'encrypted' in self.app_settings_type:
306 cipher = EncryptedTextValue()
306 cipher = EncryptedTextValue()
307 v = safe_unicode(cipher.process_result_value(v, None))
307 v = safe_unicode(cipher.process_result_value(v, None))
308
308
309 converter = self.SETTINGS_TYPES.get(_type) or \
309 converter = self.SETTINGS_TYPES.get(_type) or \
310 self.SETTINGS_TYPES['unicode']
310 self.SETTINGS_TYPES['unicode']
311 return converter(v)
311 return converter(v)
312
312
313 @app_settings_value.setter
313 @app_settings_value.setter
314 def app_settings_value(self, val):
314 def app_settings_value(self, val):
315 """
315 """
316 Setter that will always make sure we use unicode in app_settings_value
316 Setter that will always make sure we use unicode in app_settings_value
317
317
318 :param val:
318 :param val:
319 """
319 """
320 val = safe_unicode(val)
320 val = safe_unicode(val)
321 # encode the encrypted value
321 # encode the encrypted value
322 if 'encrypted' in self.app_settings_type:
322 if 'encrypted' in self.app_settings_type:
323 cipher = EncryptedTextValue()
323 cipher = EncryptedTextValue()
324 val = safe_unicode(cipher.process_bind_param(val, None))
324 val = safe_unicode(cipher.process_bind_param(val, None))
325 self._app_settings_value = val
325 self._app_settings_value = val
326
326
327 @hybrid_property
327 @hybrid_property
328 def app_settings_type(self):
328 def app_settings_type(self):
329 return self._app_settings_type
329 return self._app_settings_type
330
330
331 @app_settings_type.setter
331 @app_settings_type.setter
332 def app_settings_type(self, val):
332 def app_settings_type(self, val):
333 if val.split('.')[0] not in self.SETTINGS_TYPES:
333 if val.split('.')[0] not in self.SETTINGS_TYPES:
334 raise Exception('type must be one of %s got %s'
334 raise Exception('type must be one of %s got %s'
335 % (self.SETTINGS_TYPES.keys(), val))
335 % (self.SETTINGS_TYPES.keys(), val))
336 self._app_settings_type = val
336 self._app_settings_type = val
337
337
338 def __unicode__(self):
338 def __unicode__(self):
339 return u"<%s('%s:%s[%s]')>" % (
339 return u"<%s('%s:%s[%s]')>" % (
340 self.__class__.__name__,
340 self.__class__.__name__,
341 self.app_settings_name, self.app_settings_value,
341 self.app_settings_name, self.app_settings_value,
342 self.app_settings_type
342 self.app_settings_type
343 )
343 )
344
344
345
345
346 class RhodeCodeUi(Base, BaseModel):
346 class RhodeCodeUi(Base, BaseModel):
347 __tablename__ = 'rhodecode_ui'
347 __tablename__ = 'rhodecode_ui'
348 __table_args__ = (
348 __table_args__ = (
349 UniqueConstraint('ui_key'),
349 UniqueConstraint('ui_key'),
350 {'extend_existing': True, 'mysql_engine': 'InnoDB',
350 {'extend_existing': True, 'mysql_engine': 'InnoDB',
351 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
351 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
352 )
352 )
353
353
354 HOOK_REPO_SIZE = 'changegroup.repo_size'
354 HOOK_REPO_SIZE = 'changegroup.repo_size'
355 # HG
355 # HG
356 HOOK_PRE_PULL = 'preoutgoing.pre_pull'
356 HOOK_PRE_PULL = 'preoutgoing.pre_pull'
357 HOOK_PULL = 'outgoing.pull_logger'
357 HOOK_PULL = 'outgoing.pull_logger'
358 HOOK_PRE_PUSH = 'prechangegroup.pre_push'
358 HOOK_PRE_PUSH = 'prechangegroup.pre_push'
359 HOOK_PRETX_PUSH = 'pretxnchangegroup.pre_push'
359 HOOK_PRETX_PUSH = 'pretxnchangegroup.pre_push'
360 HOOK_PUSH = 'changegroup.push_logger'
360 HOOK_PUSH = 'changegroup.push_logger'
361 HOOK_PUSH_KEY = 'pushkey.key_push'
361 HOOK_PUSH_KEY = 'pushkey.key_push'
362
362
363 # TODO: johbo: Unify way how hooks are configured for git and hg,
363 # TODO: johbo: Unify way how hooks are configured for git and hg,
364 # git part is currently hardcoded.
364 # git part is currently hardcoded.
365
365
366 # SVN PATTERNS
366 # SVN PATTERNS
367 SVN_BRANCH_ID = 'vcs_svn_branch'
367 SVN_BRANCH_ID = 'vcs_svn_branch'
368 SVN_TAG_ID = 'vcs_svn_tag'
368 SVN_TAG_ID = 'vcs_svn_tag'
369
369
370 ui_id = Column(
370 ui_id = Column(
371 "ui_id", Integer(), nullable=False, unique=True, default=None,
371 "ui_id", Integer(), nullable=False, unique=True, default=None,
372 primary_key=True)
372 primary_key=True)
373 ui_section = Column(
373 ui_section = Column(
374 "ui_section", String(255), nullable=True, unique=None, default=None)
374 "ui_section", String(255), nullable=True, unique=None, default=None)
375 ui_key = Column(
375 ui_key = Column(
376 "ui_key", String(255), nullable=True, unique=None, default=None)
376 "ui_key", String(255), nullable=True, unique=None, default=None)
377 ui_value = Column(
377 ui_value = Column(
378 "ui_value", String(255), nullable=True, unique=None, default=None)
378 "ui_value", String(255), nullable=True, unique=None, default=None)
379 ui_active = Column(
379 ui_active = Column(
380 "ui_active", Boolean(), nullable=True, unique=None, default=True)
380 "ui_active", Boolean(), nullable=True, unique=None, default=True)
381
381
382 def __repr__(self):
382 def __repr__(self):
383 return '<%s[%s]%s=>%s]>' % (self.__class__.__name__, self.ui_section,
383 return '<%s[%s]%s=>%s]>' % (self.__class__.__name__, self.ui_section,
384 self.ui_key, self.ui_value)
384 self.ui_key, self.ui_value)
385
385
386
386
387 class RepoRhodeCodeSetting(Base, BaseModel):
387 class RepoRhodeCodeSetting(Base, BaseModel):
388 __tablename__ = 'repo_rhodecode_settings'
388 __tablename__ = 'repo_rhodecode_settings'
389 __table_args__ = (
389 __table_args__ = (
390 UniqueConstraint(
390 UniqueConstraint(
391 'app_settings_name', 'repository_id',
391 'app_settings_name', 'repository_id',
392 name='uq_repo_rhodecode_setting_name_repo_id'),
392 name='uq_repo_rhodecode_setting_name_repo_id'),
393 {'extend_existing': True, 'mysql_engine': 'InnoDB',
393 {'extend_existing': True, 'mysql_engine': 'InnoDB',
394 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
394 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
395 )
395 )
396
396
397 repository_id = Column(
397 repository_id = Column(
398 "repository_id", Integer(), ForeignKey('repositories.repo_id'),
398 "repository_id", Integer(), ForeignKey('repositories.repo_id'),
399 nullable=False)
399 nullable=False)
400 app_settings_id = Column(
400 app_settings_id = Column(
401 "app_settings_id", Integer(), nullable=False, unique=True,
401 "app_settings_id", Integer(), nullable=False, unique=True,
402 default=None, primary_key=True)
402 default=None, primary_key=True)
403 app_settings_name = Column(
403 app_settings_name = Column(
404 "app_settings_name", String(255), nullable=True, unique=None,
404 "app_settings_name", String(255), nullable=True, unique=None,
405 default=None)
405 default=None)
406 _app_settings_value = Column(
406 _app_settings_value = Column(
407 "app_settings_value", String(4096), nullable=True, unique=None,
407 "app_settings_value", String(4096), nullable=True, unique=None,
408 default=None)
408 default=None)
409 _app_settings_type = Column(
409 _app_settings_type = Column(
410 "app_settings_type", String(255), nullable=True, unique=None,
410 "app_settings_type", String(255), nullable=True, unique=None,
411 default=None)
411 default=None)
412
412
413 repository = relationship('Repository')
413 repository = relationship('Repository')
414
414
415 def __init__(self, repository_id, key='', val='', type='unicode'):
415 def __init__(self, repository_id, key='', val='', type='unicode'):
416 self.repository_id = repository_id
416 self.repository_id = repository_id
417 self.app_settings_name = key
417 self.app_settings_name = key
418 self.app_settings_type = type
418 self.app_settings_type = type
419 self.app_settings_value = val
419 self.app_settings_value = val
420
420
421 @validates('_app_settings_value')
421 @validates('_app_settings_value')
422 def validate_settings_value(self, key, val):
422 def validate_settings_value(self, key, val):
423 assert type(val) == unicode
423 assert type(val) == unicode
424 return val
424 return val
425
425
426 @hybrid_property
426 @hybrid_property
427 def app_settings_value(self):
427 def app_settings_value(self):
428 v = self._app_settings_value
428 v = self._app_settings_value
429 type_ = self.app_settings_type
429 type_ = self.app_settings_type
430 SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
430 SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
431 converter = SETTINGS_TYPES.get(type_) or SETTINGS_TYPES['unicode']
431 converter = SETTINGS_TYPES.get(type_) or SETTINGS_TYPES['unicode']
432 return converter(v)
432 return converter(v)
433
433
434 @app_settings_value.setter
434 @app_settings_value.setter
435 def app_settings_value(self, val):
435 def app_settings_value(self, val):
436 """
436 """
437 Setter that will always make sure we use unicode in app_settings_value
437 Setter that will always make sure we use unicode in app_settings_value
438
438
439 :param val:
439 :param val:
440 """
440 """
441 self._app_settings_value = safe_unicode(val)
441 self._app_settings_value = safe_unicode(val)
442
442
443 @hybrid_property
443 @hybrid_property
444 def app_settings_type(self):
444 def app_settings_type(self):
445 return self._app_settings_type
445 return self._app_settings_type
446
446
447 @app_settings_type.setter
447 @app_settings_type.setter
448 def app_settings_type(self, val):
448 def app_settings_type(self, val):
449 SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
449 SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
450 if val not in SETTINGS_TYPES:
450 if val not in SETTINGS_TYPES:
451 raise Exception('type must be one of %s got %s'
451 raise Exception('type must be one of %s got %s'
452 % (SETTINGS_TYPES.keys(), val))
452 % (SETTINGS_TYPES.keys(), val))
453 self._app_settings_type = val
453 self._app_settings_type = val
454
454
455 def __unicode__(self):
455 def __unicode__(self):
456 return u"<%s('%s:%s:%s[%s]')>" % (
456 return u"<%s('%s:%s:%s[%s]')>" % (
457 self.__class__.__name__, self.repository.repo_name,
457 self.__class__.__name__, self.repository.repo_name,
458 self.app_settings_name, self.app_settings_value,
458 self.app_settings_name, self.app_settings_value,
459 self.app_settings_type
459 self.app_settings_type
460 )
460 )
461
461
462
462
463 class RepoRhodeCodeUi(Base, BaseModel):
463 class RepoRhodeCodeUi(Base, BaseModel):
464 __tablename__ = 'repo_rhodecode_ui'
464 __tablename__ = 'repo_rhodecode_ui'
465 __table_args__ = (
465 __table_args__ = (
466 UniqueConstraint(
466 UniqueConstraint(
467 'repository_id', 'ui_section', 'ui_key',
467 'repository_id', 'ui_section', 'ui_key',
468 name='uq_repo_rhodecode_ui_repository_id_section_key'),
468 name='uq_repo_rhodecode_ui_repository_id_section_key'),
469 {'extend_existing': True, 'mysql_engine': 'InnoDB',
469 {'extend_existing': True, 'mysql_engine': 'InnoDB',
470 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
470 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
471 )
471 )
472
472
473 repository_id = Column(
473 repository_id = Column(
474 "repository_id", Integer(), ForeignKey('repositories.repo_id'),
474 "repository_id", Integer(), ForeignKey('repositories.repo_id'),
475 nullable=False)
475 nullable=False)
476 ui_id = Column(
476 ui_id = Column(
477 "ui_id", Integer(), nullable=False, unique=True, default=None,
477 "ui_id", Integer(), nullable=False, unique=True, default=None,
478 primary_key=True)
478 primary_key=True)
479 ui_section = Column(
479 ui_section = Column(
480 "ui_section", String(255), nullable=True, unique=None, default=None)
480 "ui_section", String(255), nullable=True, unique=None, default=None)
481 ui_key = Column(
481 ui_key = Column(
482 "ui_key", String(255), nullable=True, unique=None, default=None)
482 "ui_key", String(255), nullable=True, unique=None, default=None)
483 ui_value = Column(
483 ui_value = Column(
484 "ui_value", String(255), nullable=True, unique=None, default=None)
484 "ui_value", String(255), nullable=True, unique=None, default=None)
485 ui_active = Column(
485 ui_active = Column(
486 "ui_active", Boolean(), nullable=True, unique=None, default=True)
486 "ui_active", Boolean(), nullable=True, unique=None, default=True)
487
487
488 repository = relationship('Repository')
488 repository = relationship('Repository')
489
489
490 def __repr__(self):
490 def __repr__(self):
491 return '<%s[%s:%s]%s=>%s]>' % (
491 return '<%s[%s:%s]%s=>%s]>' % (
492 self.__class__.__name__, self.repository.repo_name,
492 self.__class__.__name__, self.repository.repo_name,
493 self.ui_section, self.ui_key, self.ui_value)
493 self.ui_section, self.ui_key, self.ui_value)
494
494
495
495
496 class User(Base, BaseModel):
496 class User(Base, BaseModel):
497 __tablename__ = 'users'
497 __tablename__ = 'users'
498 __table_args__ = (
498 __table_args__ = (
499 UniqueConstraint('username'), UniqueConstraint('email'),
499 UniqueConstraint('username'), UniqueConstraint('email'),
500 Index('u_username_idx', 'username'),
500 Index('u_username_idx', 'username'),
501 Index('u_email_idx', 'email'),
501 Index('u_email_idx', 'email'),
502 {'extend_existing': True, 'mysql_engine': 'InnoDB',
502 {'extend_existing': True, 'mysql_engine': 'InnoDB',
503 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
503 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
504 )
504 )
505 DEFAULT_USER = 'default'
505 DEFAULT_USER = 'default'
506 DEFAULT_USER_EMAIL = 'anonymous@rhodecode.org'
506 DEFAULT_USER_EMAIL = 'anonymous@rhodecode.org'
507 DEFAULT_GRAVATAR_URL = 'https://secure.gravatar.com/avatar/{md5email}?d=identicon&s={size}'
507 DEFAULT_GRAVATAR_URL = 'https://secure.gravatar.com/avatar/{md5email}?d=identicon&s={size}'
508
508
509 user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
509 user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
510 username = Column("username", String(255), nullable=True, unique=None, default=None)
510 username = Column("username", String(255), nullable=True, unique=None, default=None)
511 password = Column("password", String(255), nullable=True, unique=None, default=None)
511 password = Column("password", String(255), nullable=True, unique=None, default=None)
512 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
512 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
513 admin = Column("admin", Boolean(), nullable=True, unique=None, default=False)
513 admin = Column("admin", Boolean(), nullable=True, unique=None, default=False)
514 name = Column("firstname", String(255), nullable=True, unique=None, default=None)
514 name = Column("firstname", String(255), nullable=True, unique=None, default=None)
515 lastname = Column("lastname", String(255), nullable=True, unique=None, default=None)
515 lastname = Column("lastname", String(255), nullable=True, unique=None, default=None)
516 _email = Column("email", String(255), nullable=True, unique=None, default=None)
516 _email = Column("email", String(255), nullable=True, unique=None, default=None)
517 last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None)
517 last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None)
518 last_activity = Column('last_activity', DateTime(timezone=False), nullable=True, unique=None, default=None)
518 last_activity = Column('last_activity', DateTime(timezone=False), nullable=True, unique=None, default=None)
519
519
520 extern_type = Column("extern_type", String(255), nullable=True, unique=None, default=None)
520 extern_type = Column("extern_type", String(255), nullable=True, unique=None, default=None)
521 extern_name = Column("extern_name", String(255), nullable=True, unique=None, default=None)
521 extern_name = Column("extern_name", String(255), nullable=True, unique=None, default=None)
522 _api_key = Column("api_key", String(255), nullable=True, unique=None, default=None)
522 _api_key = Column("api_key", String(255), nullable=True, unique=None, default=None)
523 inherit_default_permissions = Column("inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
523 inherit_default_permissions = Column("inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
524 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
524 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
525 _user_data = Column("user_data", LargeBinary(), nullable=True) # JSON data
525 _user_data = Column("user_data", LargeBinary(), nullable=True) # JSON data
526
526
527 user_log = relationship('UserLog')
527 user_log = relationship('UserLog')
528 user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all')
528 user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all')
529
529
530 repositories = relationship('Repository')
530 repositories = relationship('Repository')
531 repository_groups = relationship('RepoGroup')
531 repository_groups = relationship('RepoGroup')
532 user_groups = relationship('UserGroup')
532 user_groups = relationship('UserGroup')
533
533
534 user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all')
534 user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all')
535 followings = relationship('UserFollowing', primaryjoin='UserFollowing.user_id==User.user_id', cascade='all')
535 followings = relationship('UserFollowing', primaryjoin='UserFollowing.user_id==User.user_id', cascade='all')
536
536
537 repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all')
537 repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all')
538 repo_group_to_perm = relationship('UserRepoGroupToPerm', primaryjoin='UserRepoGroupToPerm.user_id==User.user_id', cascade='all')
538 repo_group_to_perm = relationship('UserRepoGroupToPerm', primaryjoin='UserRepoGroupToPerm.user_id==User.user_id', cascade='all')
539 user_group_to_perm = relationship('UserUserGroupToPerm', primaryjoin='UserUserGroupToPerm.user_id==User.user_id', cascade='all')
539 user_group_to_perm = relationship('UserUserGroupToPerm', primaryjoin='UserUserGroupToPerm.user_id==User.user_id', cascade='all')
540
540
541 group_member = relationship('UserGroupMember', cascade='all')
541 group_member = relationship('UserGroupMember', cascade='all')
542
542
543 notifications = relationship('UserNotification', cascade='all')
543 notifications = relationship('UserNotification', cascade='all')
544 # notifications assigned to this user
544 # notifications assigned to this user
545 user_created_notifications = relationship('Notification', cascade='all')
545 user_created_notifications = relationship('Notification', cascade='all')
546 # comments created by this user
546 # comments created by this user
547 user_comments = relationship('ChangesetComment', cascade='all')
547 user_comments = relationship('ChangesetComment', cascade='all')
548 # user profile extra info
548 # user profile extra info
549 user_emails = relationship('UserEmailMap', cascade='all')
549 user_emails = relationship('UserEmailMap', cascade='all')
550 user_ip_map = relationship('UserIpMap', cascade='all')
550 user_ip_map = relationship('UserIpMap', cascade='all')
551 user_auth_tokens = relationship('UserApiKeys', cascade='all')
551 user_auth_tokens = relationship('UserApiKeys', cascade='all')
552 # gists
552 # gists
553 user_gists = relationship('Gist', cascade='all')
553 user_gists = relationship('Gist', cascade='all')
554 # user pull requests
554 # user pull requests
555 user_pull_requests = relationship('PullRequest', cascade='all')
555 user_pull_requests = relationship('PullRequest', cascade='all')
556 # external identities
556 # external identities
557 extenal_identities = relationship(
557 extenal_identities = relationship(
558 'ExternalIdentity',
558 'ExternalIdentity',
559 primaryjoin="User.user_id==ExternalIdentity.local_user_id",
559 primaryjoin="User.user_id==ExternalIdentity.local_user_id",
560 cascade='all')
560 cascade='all')
561
561
562 def __unicode__(self):
562 def __unicode__(self):
563 return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
563 return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
564 self.user_id, self.username)
564 self.user_id, self.username)
565
565
566 @hybrid_property
566 @hybrid_property
567 def email(self):
567 def email(self):
568 return self._email
568 return self._email
569
569
570 @email.setter
570 @email.setter
571 def email(self, val):
571 def email(self, val):
572 self._email = val.lower() if val else None
572 self._email = val.lower() if val else None
573
573
574 @hybrid_property
574 @hybrid_property
575 def first_name(self):
575 def first_name(self):
576 from rhodecode.lib import helpers as h
576 from rhodecode.lib import helpers as h
577 return h.escape(self.name)
577 if self.name:
578 return h.escape(self.name)
579 return self.name
578
580
579 @hybrid_property
581 @hybrid_property
580 def last_name(self):
582 def last_name(self):
581 from rhodecode.lib import helpers as h
583 from rhodecode.lib import helpers as h
582 return h.escape(self.lastname)
584 if self.lastname:
585 return h.escape(self.lastname)
586 return self.lastname
583
587
584 @hybrid_property
588 @hybrid_property
585 def api_key(self):
589 def api_key(self):
586 """
590 """
587 Fetch if exist an auth-token with role ALL connected to this user
591 Fetch if exist an auth-token with role ALL connected to this user
588 """
592 """
589 user_auth_token = UserApiKeys.query()\
593 user_auth_token = UserApiKeys.query()\
590 .filter(UserApiKeys.user_id == self.user_id)\
594 .filter(UserApiKeys.user_id == self.user_id)\
591 .filter(or_(UserApiKeys.expires == -1,
595 .filter(or_(UserApiKeys.expires == -1,
592 UserApiKeys.expires >= time.time()))\
596 UserApiKeys.expires >= time.time()))\
593 .filter(UserApiKeys.role == UserApiKeys.ROLE_ALL).first()
597 .filter(UserApiKeys.role == UserApiKeys.ROLE_ALL).first()
594 if user_auth_token:
598 if user_auth_token:
595 user_auth_token = user_auth_token.api_key
599 user_auth_token = user_auth_token.api_key
596
600
597 return user_auth_token
601 return user_auth_token
598
602
599 @api_key.setter
603 @api_key.setter
600 def api_key(self, val):
604 def api_key(self, val):
601 # don't allow to set API key this is deprecated for now
605 # don't allow to set API key this is deprecated for now
602 self._api_key = None
606 self._api_key = None
603
607
604 @property
608 @property
605 def firstname(self):
609 def firstname(self):
606 # alias for future
610 # alias for future
607 return self.name
611 return self.name
608
612
609 @property
613 @property
610 def emails(self):
614 def emails(self):
611 other = UserEmailMap.query().filter(UserEmailMap.user==self).all()
615 other = UserEmailMap.query().filter(UserEmailMap.user==self).all()
612 return [self.email] + [x.email for x in other]
616 return [self.email] + [x.email for x in other]
613
617
614 @property
618 @property
615 def auth_tokens(self):
619 def auth_tokens(self):
616 return [x.api_key for x in self.extra_auth_tokens]
620 return [x.api_key for x in self.extra_auth_tokens]
617
621
618 @property
622 @property
619 def extra_auth_tokens(self):
623 def extra_auth_tokens(self):
620 return UserApiKeys.query().filter(UserApiKeys.user == self).all()
624 return UserApiKeys.query().filter(UserApiKeys.user == self).all()
621
625
622 @property
626 @property
623 def feed_token(self):
627 def feed_token(self):
624 return self.get_feed_token()
628 return self.get_feed_token()
625
629
626 def get_feed_token(self):
630 def get_feed_token(self):
627 feed_tokens = UserApiKeys.query()\
631 feed_tokens = UserApiKeys.query()\
628 .filter(UserApiKeys.user == self)\
632 .filter(UserApiKeys.user == self)\
629 .filter(UserApiKeys.role == UserApiKeys.ROLE_FEED)\
633 .filter(UserApiKeys.role == UserApiKeys.ROLE_FEED)\
630 .all()
634 .all()
631 if feed_tokens:
635 if feed_tokens:
632 return feed_tokens[0].api_key
636 return feed_tokens[0].api_key
633 return 'NO_FEED_TOKEN_AVAILABLE'
637 return 'NO_FEED_TOKEN_AVAILABLE'
634
638
635 @classmethod
639 @classmethod
636 def extra_valid_auth_tokens(cls, user, role=None):
640 def extra_valid_auth_tokens(cls, user, role=None):
637 tokens = UserApiKeys.query().filter(UserApiKeys.user == user)\
641 tokens = UserApiKeys.query().filter(UserApiKeys.user == user)\
638 .filter(or_(UserApiKeys.expires == -1,
642 .filter(or_(UserApiKeys.expires == -1,
639 UserApiKeys.expires >= time.time()))
643 UserApiKeys.expires >= time.time()))
640 if role:
644 if role:
641 tokens = tokens.filter(or_(UserApiKeys.role == role,
645 tokens = tokens.filter(or_(UserApiKeys.role == role,
642 UserApiKeys.role == UserApiKeys.ROLE_ALL))
646 UserApiKeys.role == UserApiKeys.ROLE_ALL))
643 return tokens.all()
647 return tokens.all()
644
648
645 def authenticate_by_token(self, auth_token, roles=None, scope_repo_id=None):
649 def authenticate_by_token(self, auth_token, roles=None, scope_repo_id=None):
646 from rhodecode.lib import auth
650 from rhodecode.lib import auth
647
651
648 log.debug('Trying to authenticate user: %s via auth-token, '
652 log.debug('Trying to authenticate user: %s via auth-token, '
649 'and roles: %s', self, roles)
653 'and roles: %s', self, roles)
650
654
651 if not auth_token:
655 if not auth_token:
652 return False
656 return False
653
657
654 crypto_backend = auth.crypto_backend()
658 crypto_backend = auth.crypto_backend()
655
659
656 roles = (roles or []) + [UserApiKeys.ROLE_ALL]
660 roles = (roles or []) + [UserApiKeys.ROLE_ALL]
657 tokens_q = UserApiKeys.query()\
661 tokens_q = UserApiKeys.query()\
658 .filter(UserApiKeys.user_id == self.user_id)\
662 .filter(UserApiKeys.user_id == self.user_id)\
659 .filter(or_(UserApiKeys.expires == -1,
663 .filter(or_(UserApiKeys.expires == -1,
660 UserApiKeys.expires >= time.time()))
664 UserApiKeys.expires >= time.time()))
661
665
662 tokens_q = tokens_q.filter(UserApiKeys.role.in_(roles))
666 tokens_q = tokens_q.filter(UserApiKeys.role.in_(roles))
663
667
664 plain_tokens = []
668 plain_tokens = []
665 hash_tokens = []
669 hash_tokens = []
666
670
667 for token in tokens_q.all():
671 for token in tokens_q.all():
668 # verify scope first
672 # verify scope first
669 if token.repo_id:
673 if token.repo_id:
670 # token has a scope, we need to verify it
674 # token has a scope, we need to verify it
671 if scope_repo_id != token.repo_id:
675 if scope_repo_id != token.repo_id:
672 log.debug(
676 log.debug(
673 'Scope mismatch: token has a set repo scope: %s, '
677 'Scope mismatch: token has a set repo scope: %s, '
674 'and calling scope is:%s, skipping further checks',
678 'and calling scope is:%s, skipping further checks',
675 token.repo, scope_repo_id)
679 token.repo, scope_repo_id)
676 # token has a scope, and it doesn't match, skip token
680 # token has a scope, and it doesn't match, skip token
677 continue
681 continue
678
682
679 if token.api_key.startswith(crypto_backend.ENC_PREF):
683 if token.api_key.startswith(crypto_backend.ENC_PREF):
680 hash_tokens.append(token.api_key)
684 hash_tokens.append(token.api_key)
681 else:
685 else:
682 plain_tokens.append(token.api_key)
686 plain_tokens.append(token.api_key)
683
687
684 is_plain_match = auth_token in plain_tokens
688 is_plain_match = auth_token in plain_tokens
685 if is_plain_match:
689 if is_plain_match:
686 return True
690 return True
687
691
688 for hashed in hash_tokens:
692 for hashed in hash_tokens:
689 # TODO(marcink): this is expensive to calculate, but most secure
693 # TODO(marcink): this is expensive to calculate, but most secure
690 match = crypto_backend.hash_check(auth_token, hashed)
694 match = crypto_backend.hash_check(auth_token, hashed)
691 if match:
695 if match:
692 return True
696 return True
693
697
694 return False
698 return False
695
699
696 @property
700 @property
697 def ip_addresses(self):
701 def ip_addresses(self):
698 ret = UserIpMap.query().filter(UserIpMap.user == self).all()
702 ret = UserIpMap.query().filter(UserIpMap.user == self).all()
699 return [x.ip_addr for x in ret]
703 return [x.ip_addr for x in ret]
700
704
701 @property
705 @property
702 def username_and_name(self):
706 def username_and_name(self):
703 return '%s (%s %s)' % (self.username, self.firstname, self.lastname)
707 return '%s (%s %s)' % (self.username, self.first_name, self.last_name)
704
708
705 @property
709 @property
706 def username_or_name_or_email(self):
710 def username_or_name_or_email(self):
707 full_name = self.full_name if self.full_name is not ' ' else None
711 full_name = self.full_name if self.full_name is not ' ' else None
708 return self.username or full_name or self.email
712 return self.username or full_name or self.email
709
713
710 @property
714 @property
711 def full_name(self):
715 def full_name(self):
712 return '%s %s' % (self.firstname, self.lastname)
716 return '%s %s' % (self.first_name, self.last_name)
713
717
714 @property
718 @property
715 def full_name_or_username(self):
719 def full_name_or_username(self):
716 return ('%s %s' % (self.firstname, self.lastname)
720 return ('%s %s' % (self.first_name, self.last_name)
717 if (self.firstname and self.lastname) else self.username)
721 if (self.first_name and self.last_name) else self.username)
718
722
719 @property
723 @property
720 def full_contact(self):
724 def full_contact(self):
721 return '%s %s <%s>' % (self.firstname, self.lastname, self.email)
725 return '%s %s <%s>' % (self.first_name, self.last_name, self.email)
722
726
723 @property
727 @property
724 def short_contact(self):
728 def short_contact(self):
725 return '%s %s' % (self.firstname, self.lastname)
729 return '%s %s' % (self.first_name, self.last_name)
726
730
727 @property
731 @property
728 def is_admin(self):
732 def is_admin(self):
729 return self.admin
733 return self.admin
730
734
731 @property
735 @property
732 def AuthUser(self):
736 def AuthUser(self):
733 """
737 """
734 Returns instance of AuthUser for this user
738 Returns instance of AuthUser for this user
735 """
739 """
736 from rhodecode.lib.auth import AuthUser
740 from rhodecode.lib.auth import AuthUser
737 return AuthUser(user_id=self.user_id, username=self.username)
741 return AuthUser(user_id=self.user_id, username=self.username)
738
742
739 @hybrid_property
743 @hybrid_property
740 def user_data(self):
744 def user_data(self):
741 if not self._user_data:
745 if not self._user_data:
742 return {}
746 return {}
743
747
744 try:
748 try:
745 return json.loads(self._user_data)
749 return json.loads(self._user_data)
746 except TypeError:
750 except TypeError:
747 return {}
751 return {}
748
752
749 @user_data.setter
753 @user_data.setter
750 def user_data(self, val):
754 def user_data(self, val):
751 if not isinstance(val, dict):
755 if not isinstance(val, dict):
752 raise Exception('user_data must be dict, got %s' % type(val))
756 raise Exception('user_data must be dict, got %s' % type(val))
753 try:
757 try:
754 self._user_data = json.dumps(val)
758 self._user_data = json.dumps(val)
755 except Exception:
759 except Exception:
756 log.error(traceback.format_exc())
760 log.error(traceback.format_exc())
757
761
758 @classmethod
762 @classmethod
759 def get_by_username(cls, username, case_insensitive=False,
763 def get_by_username(cls, username, case_insensitive=False,
760 cache=False, identity_cache=False):
764 cache=False, identity_cache=False):
761 session = Session()
765 session = Session()
762
766
763 if case_insensitive:
767 if case_insensitive:
764 q = cls.query().filter(
768 q = cls.query().filter(
765 func.lower(cls.username) == func.lower(username))
769 func.lower(cls.username) == func.lower(username))
766 else:
770 else:
767 q = cls.query().filter(cls.username == username)
771 q = cls.query().filter(cls.username == username)
768
772
769 if cache:
773 if cache:
770 if identity_cache:
774 if identity_cache:
771 val = cls.identity_cache(session, 'username', username)
775 val = cls.identity_cache(session, 'username', username)
772 if val:
776 if val:
773 return val
777 return val
774 else:
778 else:
775 cache_key = "get_user_by_name_%s" % _hash_key(username)
779 cache_key = "get_user_by_name_%s" % _hash_key(username)
776 q = q.options(
780 q = q.options(
777 FromCache("sql_cache_short", cache_key))
781 FromCache("sql_cache_short", cache_key))
778
782
779 return q.scalar()
783 return q.scalar()
780
784
781 @classmethod
785 @classmethod
782 def get_by_auth_token(cls, auth_token, cache=False):
786 def get_by_auth_token(cls, auth_token, cache=False):
783 q = UserApiKeys.query()\
787 q = UserApiKeys.query()\
784 .filter(UserApiKeys.api_key == auth_token)\
788 .filter(UserApiKeys.api_key == auth_token)\
785 .filter(or_(UserApiKeys.expires == -1,
789 .filter(or_(UserApiKeys.expires == -1,
786 UserApiKeys.expires >= time.time()))
790 UserApiKeys.expires >= time.time()))
787 if cache:
791 if cache:
788 q = q.options(
792 q = q.options(
789 FromCache("sql_cache_short", "get_auth_token_%s" % auth_token))
793 FromCache("sql_cache_short", "get_auth_token_%s" % auth_token))
790
794
791 match = q.first()
795 match = q.first()
792 if match:
796 if match:
793 return match.user
797 return match.user
794
798
795 @classmethod
799 @classmethod
796 def get_by_email(cls, email, case_insensitive=False, cache=False):
800 def get_by_email(cls, email, case_insensitive=False, cache=False):
797
801
798 if case_insensitive:
802 if case_insensitive:
799 q = cls.query().filter(func.lower(cls.email) == func.lower(email))
803 q = cls.query().filter(func.lower(cls.email) == func.lower(email))
800
804
801 else:
805 else:
802 q = cls.query().filter(cls.email == email)
806 q = cls.query().filter(cls.email == email)
803
807
804 email_key = _hash_key(email)
808 email_key = _hash_key(email)
805 if cache:
809 if cache:
806 q = q.options(
810 q = q.options(
807 FromCache("sql_cache_short", "get_email_key_%s" % email_key))
811 FromCache("sql_cache_short", "get_email_key_%s" % email_key))
808
812
809 ret = q.scalar()
813 ret = q.scalar()
810 if ret is None:
814 if ret is None:
811 q = UserEmailMap.query()
815 q = UserEmailMap.query()
812 # try fetching in alternate email map
816 # try fetching in alternate email map
813 if case_insensitive:
817 if case_insensitive:
814 q = q.filter(func.lower(UserEmailMap.email) == func.lower(email))
818 q = q.filter(func.lower(UserEmailMap.email) == func.lower(email))
815 else:
819 else:
816 q = q.filter(UserEmailMap.email == email)
820 q = q.filter(UserEmailMap.email == email)
817 q = q.options(joinedload(UserEmailMap.user))
821 q = q.options(joinedload(UserEmailMap.user))
818 if cache:
822 if cache:
819 q = q.options(
823 q = q.options(
820 FromCache("sql_cache_short", "get_email_map_key_%s" % email_key))
824 FromCache("sql_cache_short", "get_email_map_key_%s" % email_key))
821 ret = getattr(q.scalar(), 'user', None)
825 ret = getattr(q.scalar(), 'user', None)
822
826
823 return ret
827 return ret
824
828
825 @classmethod
829 @classmethod
826 def get_from_cs_author(cls, author):
830 def get_from_cs_author(cls, author):
827 """
831 """
828 Tries to get User objects out of commit author string
832 Tries to get User objects out of commit author string
829
833
830 :param author:
834 :param author:
831 """
835 """
832 from rhodecode.lib.helpers import email, author_name
836 from rhodecode.lib.helpers import email, author_name
833 # Valid email in the attribute passed, see if they're in the system
837 # Valid email in the attribute passed, see if they're in the system
834 _email = email(author)
838 _email = email(author)
835 if _email:
839 if _email:
836 user = cls.get_by_email(_email, case_insensitive=True)
840 user = cls.get_by_email(_email, case_insensitive=True)
837 if user:
841 if user:
838 return user
842 return user
839 # Maybe we can match by username?
843 # Maybe we can match by username?
840 _author = author_name(author)
844 _author = author_name(author)
841 user = cls.get_by_username(_author, case_insensitive=True)
845 user = cls.get_by_username(_author, case_insensitive=True)
842 if user:
846 if user:
843 return user
847 return user
844
848
845 def update_userdata(self, **kwargs):
849 def update_userdata(self, **kwargs):
846 usr = self
850 usr = self
847 old = usr.user_data
851 old = usr.user_data
848 old.update(**kwargs)
852 old.update(**kwargs)
849 usr.user_data = old
853 usr.user_data = old
850 Session().add(usr)
854 Session().add(usr)
851 log.debug('updated userdata with ', kwargs)
855 log.debug('updated userdata with ', kwargs)
852
856
853 def update_lastlogin(self):
857 def update_lastlogin(self):
854 """Update user lastlogin"""
858 """Update user lastlogin"""
855 self.last_login = datetime.datetime.now()
859 self.last_login = datetime.datetime.now()
856 Session().add(self)
860 Session().add(self)
857 log.debug('updated user %s lastlogin', self.username)
861 log.debug('updated user %s lastlogin', self.username)
858
862
859 def update_lastactivity(self):
863 def update_lastactivity(self):
860 """Update user lastactivity"""
864 """Update user lastactivity"""
861 self.last_activity = datetime.datetime.now()
865 self.last_activity = datetime.datetime.now()
862 Session().add(self)
866 Session().add(self)
863 log.debug('updated user %s lastactivity', self.username)
867 log.debug('updated user %s lastactivity', self.username)
864
868
865 def update_password(self, new_password):
869 def update_password(self, new_password):
866 from rhodecode.lib.auth import get_crypt_password
870 from rhodecode.lib.auth import get_crypt_password
867
871
868 self.password = get_crypt_password(new_password)
872 self.password = get_crypt_password(new_password)
869 Session().add(self)
873 Session().add(self)
870
874
871 @classmethod
875 @classmethod
872 def get_first_super_admin(cls):
876 def get_first_super_admin(cls):
873 user = User.query().filter(User.admin == true()).first()
877 user = User.query().filter(User.admin == true()).first()
874 if user is None:
878 if user is None:
875 raise Exception('FATAL: Missing administrative account!')
879 raise Exception('FATAL: Missing administrative account!')
876 return user
880 return user
877
881
878 @classmethod
882 @classmethod
879 def get_all_super_admins(cls):
883 def get_all_super_admins(cls):
880 """
884 """
881 Returns all admin accounts sorted by username
885 Returns all admin accounts sorted by username
882 """
886 """
883 return User.query().filter(User.admin == true())\
887 return User.query().filter(User.admin == true())\
884 .order_by(User.username.asc()).all()
888 .order_by(User.username.asc()).all()
885
889
886 @classmethod
890 @classmethod
887 def get_default_user(cls, cache=False, refresh=False):
891 def get_default_user(cls, cache=False, refresh=False):
888 user = User.get_by_username(User.DEFAULT_USER, cache=cache)
892 user = User.get_by_username(User.DEFAULT_USER, cache=cache)
889 if user is None:
893 if user is None:
890 raise Exception('FATAL: Missing default account!')
894 raise Exception('FATAL: Missing default account!')
891 if refresh:
895 if refresh:
892 # The default user might be based on outdated state which
896 # The default user might be based on outdated state which
893 # has been loaded from the cache.
897 # has been loaded from the cache.
894 # A call to refresh() ensures that the
898 # A call to refresh() ensures that the
895 # latest state from the database is used.
899 # latest state from the database is used.
896 Session().refresh(user)
900 Session().refresh(user)
897 return user
901 return user
898
902
899 def _get_default_perms(self, user, suffix=''):
903 def _get_default_perms(self, user, suffix=''):
900 from rhodecode.model.permission import PermissionModel
904 from rhodecode.model.permission import PermissionModel
901 return PermissionModel().get_default_perms(user.user_perms, suffix)
905 return PermissionModel().get_default_perms(user.user_perms, suffix)
902
906
903 def get_default_perms(self, suffix=''):
907 def get_default_perms(self, suffix=''):
904 return self._get_default_perms(self, suffix)
908 return self._get_default_perms(self, suffix)
905
909
906 def get_api_data(self, include_secrets=False, details='full'):
910 def get_api_data(self, include_secrets=False, details='full'):
907 """
911 """
908 Common function for generating user related data for API
912 Common function for generating user related data for API
909
913
910 :param include_secrets: By default secrets in the API data will be replaced
914 :param include_secrets: By default secrets in the API data will be replaced
911 by a placeholder value to prevent exposing this data by accident. In case
915 by a placeholder value to prevent exposing this data by accident. In case
912 this data shall be exposed, set this flag to ``True``.
916 this data shall be exposed, set this flag to ``True``.
913
917
914 :param details: details can be 'basic|full' basic gives only a subset of
918 :param details: details can be 'basic|full' basic gives only a subset of
915 the available user information that includes user_id, name and emails.
919 the available user information that includes user_id, name and emails.
916 """
920 """
917 user = self
921 user = self
918 user_data = self.user_data
922 user_data = self.user_data
919 data = {
923 data = {
920 'user_id': user.user_id,
924 'user_id': user.user_id,
921 'username': user.username,
925 'username': user.username,
922 'firstname': user.name,
926 'firstname': user.name,
923 'lastname': user.lastname,
927 'lastname': user.lastname,
924 'email': user.email,
928 'email': user.email,
925 'emails': user.emails,
929 'emails': user.emails,
926 }
930 }
927 if details == 'basic':
931 if details == 'basic':
928 return data
932 return data
929
933
930 api_key_length = 40
934 api_key_length = 40
931 api_key_replacement = '*' * api_key_length
935 api_key_replacement = '*' * api_key_length
932
936
933 extras = {
937 extras = {
934 'api_keys': [api_key_replacement],
938 'api_keys': [api_key_replacement],
935 'auth_tokens': [api_key_replacement],
939 'auth_tokens': [api_key_replacement],
936 'active': user.active,
940 'active': user.active,
937 'admin': user.admin,
941 'admin': user.admin,
938 'extern_type': user.extern_type,
942 'extern_type': user.extern_type,
939 'extern_name': user.extern_name,
943 'extern_name': user.extern_name,
940 'last_login': user.last_login,
944 'last_login': user.last_login,
941 'last_activity': user.last_activity,
945 'last_activity': user.last_activity,
942 'ip_addresses': user.ip_addresses,
946 'ip_addresses': user.ip_addresses,
943 'language': user_data.get('language')
947 'language': user_data.get('language')
944 }
948 }
945 data.update(extras)
949 data.update(extras)
946
950
947 if include_secrets:
951 if include_secrets:
948 data['api_keys'] = user.auth_tokens
952 data['api_keys'] = user.auth_tokens
949 data['auth_tokens'] = user.extra_auth_tokens
953 data['auth_tokens'] = user.extra_auth_tokens
950 return data
954 return data
951
955
952 def __json__(self):
956 def __json__(self):
953 data = {
957 data = {
954 'full_name': self.full_name,
958 'full_name': self.full_name,
955 'full_name_or_username': self.full_name_or_username,
959 'full_name_or_username': self.full_name_or_username,
956 'short_contact': self.short_contact,
960 'short_contact': self.short_contact,
957 'full_contact': self.full_contact,
961 'full_contact': self.full_contact,
958 }
962 }
959 data.update(self.get_api_data())
963 data.update(self.get_api_data())
960 return data
964 return data
961
965
962
966
963 class UserApiKeys(Base, BaseModel):
967 class UserApiKeys(Base, BaseModel):
964 __tablename__ = 'user_api_keys'
968 __tablename__ = 'user_api_keys'
965 __table_args__ = (
969 __table_args__ = (
966 Index('uak_api_key_idx', 'api_key'),
970 Index('uak_api_key_idx', 'api_key'),
967 Index('uak_api_key_expires_idx', 'api_key', 'expires'),
971 Index('uak_api_key_expires_idx', 'api_key', 'expires'),
968 UniqueConstraint('api_key'),
972 UniqueConstraint('api_key'),
969 {'extend_existing': True, 'mysql_engine': 'InnoDB',
973 {'extend_existing': True, 'mysql_engine': 'InnoDB',
970 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
974 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
971 )
975 )
972 __mapper_args__ = {}
976 __mapper_args__ = {}
973
977
974 # ApiKey role
978 # ApiKey role
975 ROLE_ALL = 'token_role_all'
979 ROLE_ALL = 'token_role_all'
976 ROLE_HTTP = 'token_role_http'
980 ROLE_HTTP = 'token_role_http'
977 ROLE_VCS = 'token_role_vcs'
981 ROLE_VCS = 'token_role_vcs'
978 ROLE_API = 'token_role_api'
982 ROLE_API = 'token_role_api'
979 ROLE_FEED = 'token_role_feed'
983 ROLE_FEED = 'token_role_feed'
980 ROLE_PASSWORD_RESET = 'token_password_reset'
984 ROLE_PASSWORD_RESET = 'token_password_reset'
981
985
982 ROLES = [ROLE_ALL, ROLE_HTTP, ROLE_VCS, ROLE_API, ROLE_FEED]
986 ROLES = [ROLE_ALL, ROLE_HTTP, ROLE_VCS, ROLE_API, ROLE_FEED]
983
987
984 user_api_key_id = Column("user_api_key_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
988 user_api_key_id = Column("user_api_key_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
985 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
989 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
986 api_key = Column("api_key", String(255), nullable=False, unique=True)
990 api_key = Column("api_key", String(255), nullable=False, unique=True)
987 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
991 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
988 expires = Column('expires', Float(53), nullable=False)
992 expires = Column('expires', Float(53), nullable=False)
989 role = Column('role', String(255), nullable=True)
993 role = Column('role', String(255), nullable=True)
990 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
994 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
991
995
992 # scope columns
996 # scope columns
993 repo_id = Column(
997 repo_id = Column(
994 'repo_id', Integer(), ForeignKey('repositories.repo_id'),
998 'repo_id', Integer(), ForeignKey('repositories.repo_id'),
995 nullable=True, unique=None, default=None)
999 nullable=True, unique=None, default=None)
996 repo = relationship('Repository', lazy='joined')
1000 repo = relationship('Repository', lazy='joined')
997
1001
998 repo_group_id = Column(
1002 repo_group_id = Column(
999 'repo_group_id', Integer(), ForeignKey('groups.group_id'),
1003 'repo_group_id', Integer(), ForeignKey('groups.group_id'),
1000 nullable=True, unique=None, default=None)
1004 nullable=True, unique=None, default=None)
1001 repo_group = relationship('RepoGroup', lazy='joined')
1005 repo_group = relationship('RepoGroup', lazy='joined')
1002
1006
1003 user = relationship('User', lazy='joined')
1007 user = relationship('User', lazy='joined')
1004
1008
1005 def __unicode__(self):
1009 def __unicode__(self):
1006 return u"<%s('%s')>" % (self.__class__.__name__, self.role)
1010 return u"<%s('%s')>" % (self.__class__.__name__, self.role)
1007
1011
1008 def __json__(self):
1012 def __json__(self):
1009 data = {
1013 data = {
1010 'auth_token': self.api_key,
1014 'auth_token': self.api_key,
1011 'role': self.role,
1015 'role': self.role,
1012 'scope': self.scope_humanized,
1016 'scope': self.scope_humanized,
1013 'expired': self.expired
1017 'expired': self.expired
1014 }
1018 }
1015 return data
1019 return data
1016
1020
1017 @property
1021 @property
1018 def expired(self):
1022 def expired(self):
1019 if self.expires == -1:
1023 if self.expires == -1:
1020 return False
1024 return False
1021 return time.time() > self.expires
1025 return time.time() > self.expires
1022
1026
1023 @classmethod
1027 @classmethod
1024 def _get_role_name(cls, role):
1028 def _get_role_name(cls, role):
1025 return {
1029 return {
1026 cls.ROLE_ALL: _('all'),
1030 cls.ROLE_ALL: _('all'),
1027 cls.ROLE_HTTP: _('http/web interface'),
1031 cls.ROLE_HTTP: _('http/web interface'),
1028 cls.ROLE_VCS: _('vcs (git/hg/svn protocol)'),
1032 cls.ROLE_VCS: _('vcs (git/hg/svn protocol)'),
1029 cls.ROLE_API: _('api calls'),
1033 cls.ROLE_API: _('api calls'),
1030 cls.ROLE_FEED: _('feed access'),
1034 cls.ROLE_FEED: _('feed access'),
1031 }.get(role, role)
1035 }.get(role, role)
1032
1036
1033 @property
1037 @property
1034 def role_humanized(self):
1038 def role_humanized(self):
1035 return self._get_role_name(self.role)
1039 return self._get_role_name(self.role)
1036
1040
1037 def _get_scope(self):
1041 def _get_scope(self):
1038 if self.repo:
1042 if self.repo:
1039 return repr(self.repo)
1043 return repr(self.repo)
1040 if self.repo_group:
1044 if self.repo_group:
1041 return repr(self.repo_group) + ' (recursive)'
1045 return repr(self.repo_group) + ' (recursive)'
1042 return 'global'
1046 return 'global'
1043
1047
1044 @property
1048 @property
1045 def scope_humanized(self):
1049 def scope_humanized(self):
1046 return self._get_scope()
1050 return self._get_scope()
1047
1051
1048
1052
1049 class UserEmailMap(Base, BaseModel):
1053 class UserEmailMap(Base, BaseModel):
1050 __tablename__ = 'user_email_map'
1054 __tablename__ = 'user_email_map'
1051 __table_args__ = (
1055 __table_args__ = (
1052 Index('uem_email_idx', 'email'),
1056 Index('uem_email_idx', 'email'),
1053 UniqueConstraint('email'),
1057 UniqueConstraint('email'),
1054 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1058 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1055 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
1059 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
1056 )
1060 )
1057 __mapper_args__ = {}
1061 __mapper_args__ = {}
1058
1062
1059 email_id = Column("email_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1063 email_id = Column("email_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1060 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1064 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1061 _email = Column("email", String(255), nullable=True, unique=False, default=None)
1065 _email = Column("email", String(255), nullable=True, unique=False, default=None)
1062 user = relationship('User', lazy='joined')
1066 user = relationship('User', lazy='joined')
1063
1067
1064 @validates('_email')
1068 @validates('_email')
1065 def validate_email(self, key, email):
1069 def validate_email(self, key, email):
1066 # check if this email is not main one
1070 # check if this email is not main one
1067 main_email = Session().query(User).filter(User.email == email).scalar()
1071 main_email = Session().query(User).filter(User.email == email).scalar()
1068 if main_email is not None:
1072 if main_email is not None:
1069 raise AttributeError('email %s is present is user table' % email)
1073 raise AttributeError('email %s is present is user table' % email)
1070 return email
1074 return email
1071
1075
1072 @hybrid_property
1076 @hybrid_property
1073 def email(self):
1077 def email(self):
1074 return self._email
1078 return self._email
1075
1079
1076 @email.setter
1080 @email.setter
1077 def email(self, val):
1081 def email(self, val):
1078 self._email = val.lower() if val else None
1082 self._email = val.lower() if val else None
1079
1083
1080
1084
1081 class UserIpMap(Base, BaseModel):
1085 class UserIpMap(Base, BaseModel):
1082 __tablename__ = 'user_ip_map'
1086 __tablename__ = 'user_ip_map'
1083 __table_args__ = (
1087 __table_args__ = (
1084 UniqueConstraint('user_id', 'ip_addr'),
1088 UniqueConstraint('user_id', 'ip_addr'),
1085 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1089 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1086 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
1090 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
1087 )
1091 )
1088 __mapper_args__ = {}
1092 __mapper_args__ = {}
1089
1093
1090 ip_id = Column("ip_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1094 ip_id = Column("ip_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1091 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1095 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1092 ip_addr = Column("ip_addr", String(255), nullable=True, unique=False, default=None)
1096 ip_addr = Column("ip_addr", String(255), nullable=True, unique=False, default=None)
1093 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
1097 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
1094 description = Column("description", String(10000), nullable=True, unique=None, default=None)
1098 description = Column("description", String(10000), nullable=True, unique=None, default=None)
1095 user = relationship('User', lazy='joined')
1099 user = relationship('User', lazy='joined')
1096
1100
1097 @classmethod
1101 @classmethod
1098 def _get_ip_range(cls, ip_addr):
1102 def _get_ip_range(cls, ip_addr):
1099 net = ipaddress.ip_network(ip_addr, strict=False)
1103 net = ipaddress.ip_network(ip_addr, strict=False)
1100 return [str(net.network_address), str(net.broadcast_address)]
1104 return [str(net.network_address), str(net.broadcast_address)]
1101
1105
1102 def __json__(self):
1106 def __json__(self):
1103 return {
1107 return {
1104 'ip_addr': self.ip_addr,
1108 'ip_addr': self.ip_addr,
1105 'ip_range': self._get_ip_range(self.ip_addr),
1109 'ip_range': self._get_ip_range(self.ip_addr),
1106 }
1110 }
1107
1111
1108 def __unicode__(self):
1112 def __unicode__(self):
1109 return u"<%s('user_id:%s=>%s')>" % (self.__class__.__name__,
1113 return u"<%s('user_id:%s=>%s')>" % (self.__class__.__name__,
1110 self.user_id, self.ip_addr)
1114 self.user_id, self.ip_addr)
1111
1115
1112
1116
1113 class UserLog(Base, BaseModel):
1117 class UserLog(Base, BaseModel):
1114 __tablename__ = 'user_logs'
1118 __tablename__ = 'user_logs'
1115 __table_args__ = (
1119 __table_args__ = (
1116 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1120 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1117 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
1121 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
1118 )
1122 )
1119 VERSION_1 = 'v1'
1123 VERSION_1 = 'v1'
1120 VERSION_2 = 'v2'
1124 VERSION_2 = 'v2'
1121 VERSIONS = [VERSION_1, VERSION_2]
1125 VERSIONS = [VERSION_1, VERSION_2]
1122
1126
1123 user_log_id = Column("user_log_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1127 user_log_id = Column("user_log_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1124 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1128 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
1125 username = Column("username", String(255), nullable=True, unique=None, default=None)
1129 username = Column("username", String(255), nullable=True, unique=None, default=None)
1126 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True)
1130 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True)
1127 repository_name = Column("repository_name", String(255), nullable=True, unique=None, default=None)
1131 repository_name = Column("repository_name", String(255), nullable=True, unique=None, default=None)
1128 user_ip = Column("user_ip", String(255), nullable=True, unique=None, default=None)
1132 user_ip = Column("user_ip", String(255), nullable=True, unique=None, default=None)
1129 action = Column("action", Text().with_variant(Text(1200000), 'mysql'), nullable=True, unique=None, default=None)
1133 action = Column("action", Text().with_variant(Text(1200000), 'mysql'), nullable=True, unique=None, default=None)
1130 action_date = Column("action_date", DateTime(timezone=False), nullable=True, unique=None, default=None)
1134 action_date = Column("action_date", DateTime(timezone=False), nullable=True, unique=None, default=None)
1131
1135
1132 version = Column("version", String(255), nullable=True, default=VERSION_1)
1136 version = Column("version", String(255), nullable=True, default=VERSION_1)
1133 user_data = Column('user_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
1137 user_data = Column('user_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
1134 action_data = Column('action_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
1138 action_data = Column('action_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
1135
1139
1136 def __unicode__(self):
1140 def __unicode__(self):
1137 return u"<%s('id:%s:%s')>" % (
1141 return u"<%s('id:%s:%s')>" % (
1138 self.__class__.__name__, self.repository_name, self.action)
1142 self.__class__.__name__, self.repository_name, self.action)
1139
1143
1140 def __json__(self):
1144 def __json__(self):
1141 return {
1145 return {
1142 'user_id': self.user_id,
1146 'user_id': self.user_id,
1143 'username': self.username,
1147 'username': self.username,
1144 'repository_id': self.repository_id,
1148 'repository_id': self.repository_id,
1145 'repository_name': self.repository_name,
1149 'repository_name': self.repository_name,
1146 'user_ip': self.user_ip,
1150 'user_ip': self.user_ip,
1147 'action_date': self.action_date,
1151 'action_date': self.action_date,
1148 'action': self.action,
1152 'action': self.action,
1149 }
1153 }
1150
1154
1151 @property
1155 @property
1152 def action_as_day(self):
1156 def action_as_day(self):
1153 return datetime.date(*self.action_date.timetuple()[:3])
1157 return datetime.date(*self.action_date.timetuple()[:3])
1154
1158
1155 user = relationship('User')
1159 user = relationship('User')
1156 repository = relationship('Repository', cascade='')
1160 repository = relationship('Repository', cascade='')
1157
1161
1158
1162
1159 class UserGroup(Base, BaseModel):
1163 class UserGroup(Base, BaseModel):
1160 __tablename__ = 'users_groups'
1164 __tablename__ = 'users_groups'
1161 __table_args__ = (
1165 __table_args__ = (
1162 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1166 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1163 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
1167 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
1164 )
1168 )
1165
1169
1166 users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1170 users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1167 users_group_name = Column("users_group_name", String(255), nullable=False, unique=True, default=None)
1171 users_group_name = Column("users_group_name", String(255), nullable=False, unique=True, default=None)
1168 user_group_description = Column("user_group_description", String(10000), nullable=True, unique=None, default=None)
1172 user_group_description = Column("user_group_description", String(10000), nullable=True, unique=None, default=None)
1169 users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None)
1173 users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None)
1170 inherit_default_permissions = Column("users_group_inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
1174 inherit_default_permissions = Column("users_group_inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
1171 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
1175 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
1172 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1176 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1173 _group_data = Column("group_data", LargeBinary(), nullable=True) # JSON data
1177 _group_data = Column("group_data", LargeBinary(), nullable=True) # JSON data
1174
1178
1175 members = relationship('UserGroupMember', cascade="all, delete, delete-orphan", lazy="joined")
1179 members = relationship('UserGroupMember', cascade="all, delete, delete-orphan", lazy="joined")
1176 users_group_to_perm = relationship('UserGroupToPerm', cascade='all')
1180 users_group_to_perm = relationship('UserGroupToPerm', cascade='all')
1177 users_group_repo_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
1181 users_group_repo_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
1178 users_group_repo_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')
1182 users_group_repo_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')
1179 user_user_group_to_perm = relationship('UserUserGroupToPerm', cascade='all')
1183 user_user_group_to_perm = relationship('UserUserGroupToPerm', cascade='all')
1180 user_group_user_group_to_perm = relationship('UserGroupUserGroupToPerm ', primaryjoin="UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id", cascade='all')
1184 user_group_user_group_to_perm = relationship('UserGroupUserGroupToPerm ', primaryjoin="UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id", cascade='all')
1181
1185
1182 user = relationship('User')
1186 user = relationship('User')
1183
1187
1184 @hybrid_property
1188 @hybrid_property
1185 def group_data(self):
1189 def group_data(self):
1186 if not self._group_data:
1190 if not self._group_data:
1187 return {}
1191 return {}
1188
1192
1189 try:
1193 try:
1190 return json.loads(self._group_data)
1194 return json.loads(self._group_data)
1191 except TypeError:
1195 except TypeError:
1192 return {}
1196 return {}
1193
1197
1194 @group_data.setter
1198 @group_data.setter
1195 def group_data(self, val):
1199 def group_data(self, val):
1196 try:
1200 try:
1197 self._group_data = json.dumps(val)
1201 self._group_data = json.dumps(val)
1198 except Exception:
1202 except Exception:
1199 log.error(traceback.format_exc())
1203 log.error(traceback.format_exc())
1200
1204
1201 def __unicode__(self):
1205 def __unicode__(self):
1202 return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
1206 return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
1203 self.users_group_id,
1207 self.users_group_id,
1204 self.users_group_name)
1208 self.users_group_name)
1205
1209
1206 @classmethod
1210 @classmethod
1207 def get_by_group_name(cls, group_name, cache=False,
1211 def get_by_group_name(cls, group_name, cache=False,
1208 case_insensitive=False):
1212 case_insensitive=False):
1209 if case_insensitive:
1213 if case_insensitive:
1210 q = cls.query().filter(func.lower(cls.users_group_name) ==
1214 q = cls.query().filter(func.lower(cls.users_group_name) ==
1211 func.lower(group_name))
1215 func.lower(group_name))
1212
1216
1213 else:
1217 else:
1214 q = cls.query().filter(cls.users_group_name == group_name)
1218 q = cls.query().filter(cls.users_group_name == group_name)
1215 if cache:
1219 if cache:
1216 q = q.options(
1220 q = q.options(
1217 FromCache("sql_cache_short", "get_group_%s" % _hash_key(group_name)))
1221 FromCache("sql_cache_short", "get_group_%s" % _hash_key(group_name)))
1218 return q.scalar()
1222 return q.scalar()
1219
1223
1220 @classmethod
1224 @classmethod
1221 def get(cls, user_group_id, cache=False):
1225 def get(cls, user_group_id, cache=False):
1222 user_group = cls.query()
1226 user_group = cls.query()
1223 if cache:
1227 if cache:
1224 user_group = user_group.options(
1228 user_group = user_group.options(
1225 FromCache("sql_cache_short", "get_users_group_%s" % user_group_id))
1229 FromCache("sql_cache_short", "get_users_group_%s" % user_group_id))
1226 return user_group.get(user_group_id)
1230 return user_group.get(user_group_id)
1227
1231
1228 def permissions(self, with_admins=True, with_owner=True):
1232 def permissions(self, with_admins=True, with_owner=True):
1229 q = UserUserGroupToPerm.query().filter(UserUserGroupToPerm.user_group == self)
1233 q = UserUserGroupToPerm.query().filter(UserUserGroupToPerm.user_group == self)
1230 q = q.options(joinedload(UserUserGroupToPerm.user_group),
1234 q = q.options(joinedload(UserUserGroupToPerm.user_group),
1231 joinedload(UserUserGroupToPerm.user),
1235 joinedload(UserUserGroupToPerm.user),
1232 joinedload(UserUserGroupToPerm.permission),)
1236 joinedload(UserUserGroupToPerm.permission),)
1233
1237
1234 # get owners and admins and permissions. We do a trick of re-writing
1238 # get owners and admins and permissions. We do a trick of re-writing
1235 # objects from sqlalchemy to named-tuples due to sqlalchemy session
1239 # objects from sqlalchemy to named-tuples due to sqlalchemy session
1236 # has a global reference and changing one object propagates to all
1240 # has a global reference and changing one object propagates to all
1237 # others. This means if admin is also an owner admin_row that change
1241 # others. This means if admin is also an owner admin_row that change
1238 # would propagate to both objects
1242 # would propagate to both objects
1239 perm_rows = []
1243 perm_rows = []
1240 for _usr in q.all():
1244 for _usr in q.all():
1241 usr = AttributeDict(_usr.user.get_dict())
1245 usr = AttributeDict(_usr.user.get_dict())
1242 usr.permission = _usr.permission.permission_name
1246 usr.permission = _usr.permission.permission_name
1243 perm_rows.append(usr)
1247 perm_rows.append(usr)
1244
1248
1245 # filter the perm rows by 'default' first and then sort them by
1249 # filter the perm rows by 'default' first and then sort them by
1246 # admin,write,read,none permissions sorted again alphabetically in
1250 # admin,write,read,none permissions sorted again alphabetically in
1247 # each group
1251 # each group
1248 perm_rows = sorted(perm_rows, key=display_sort)
1252 perm_rows = sorted(perm_rows, key=display_sort)
1249
1253
1250 _admin_perm = 'usergroup.admin'
1254 _admin_perm = 'usergroup.admin'
1251 owner_row = []
1255 owner_row = []
1252 if with_owner:
1256 if with_owner:
1253 usr = AttributeDict(self.user.get_dict())
1257 usr = AttributeDict(self.user.get_dict())
1254 usr.owner_row = True
1258 usr.owner_row = True
1255 usr.permission = _admin_perm
1259 usr.permission = _admin_perm
1256 owner_row.append(usr)
1260 owner_row.append(usr)
1257
1261
1258 super_admin_rows = []
1262 super_admin_rows = []
1259 if with_admins:
1263 if with_admins:
1260 for usr in User.get_all_super_admins():
1264 for usr in User.get_all_super_admins():
1261 # if this admin is also owner, don't double the record
1265 # if this admin is also owner, don't double the record
1262 if usr.user_id == owner_row[0].user_id:
1266 if usr.user_id == owner_row[0].user_id:
1263 owner_row[0].admin_row = True
1267 owner_row[0].admin_row = True
1264 else:
1268 else:
1265 usr = AttributeDict(usr.get_dict())
1269 usr = AttributeDict(usr.get_dict())
1266 usr.admin_row = True
1270 usr.admin_row = True
1267 usr.permission = _admin_perm
1271 usr.permission = _admin_perm
1268 super_admin_rows.append(usr)
1272 super_admin_rows.append(usr)
1269
1273
1270 return super_admin_rows + owner_row + perm_rows
1274 return super_admin_rows + owner_row + perm_rows
1271
1275
1272 def permission_user_groups(self):
1276 def permission_user_groups(self):
1273 q = UserGroupUserGroupToPerm.query().filter(UserGroupUserGroupToPerm.target_user_group == self)
1277 q = UserGroupUserGroupToPerm.query().filter(UserGroupUserGroupToPerm.target_user_group == self)
1274 q = q.options(joinedload(UserGroupUserGroupToPerm.user_group),
1278 q = q.options(joinedload(UserGroupUserGroupToPerm.user_group),
1275 joinedload(UserGroupUserGroupToPerm.target_user_group),
1279 joinedload(UserGroupUserGroupToPerm.target_user_group),
1276 joinedload(UserGroupUserGroupToPerm.permission),)
1280 joinedload(UserGroupUserGroupToPerm.permission),)
1277
1281
1278 perm_rows = []
1282 perm_rows = []
1279 for _user_group in q.all():
1283 for _user_group in q.all():
1280 usr = AttributeDict(_user_group.user_group.get_dict())
1284 usr = AttributeDict(_user_group.user_group.get_dict())
1281 usr.permission = _user_group.permission.permission_name
1285 usr.permission = _user_group.permission.permission_name
1282 perm_rows.append(usr)
1286 perm_rows.append(usr)
1283
1287
1284 return perm_rows
1288 return perm_rows
1285
1289
1286 def _get_default_perms(self, user_group, suffix=''):
1290 def _get_default_perms(self, user_group, suffix=''):
1287 from rhodecode.model.permission import PermissionModel
1291 from rhodecode.model.permission import PermissionModel
1288 return PermissionModel().get_default_perms(user_group.users_group_to_perm, suffix)
1292 return PermissionModel().get_default_perms(user_group.users_group_to_perm, suffix)
1289
1293
1290 def get_default_perms(self, suffix=''):
1294 def get_default_perms(self, suffix=''):
1291 return self._get_default_perms(self, suffix)
1295 return self._get_default_perms(self, suffix)
1292
1296
1293 def get_api_data(self, with_group_members=True, include_secrets=False):
1297 def get_api_data(self, with_group_members=True, include_secrets=False):
1294 """
1298 """
1295 :param include_secrets: See :meth:`User.get_api_data`, this parameter is
1299 :param include_secrets: See :meth:`User.get_api_data`, this parameter is
1296 basically forwarded.
1300 basically forwarded.
1297
1301
1298 """
1302 """
1299 user_group = self
1303 user_group = self
1300 data = {
1304 data = {
1301 'users_group_id': user_group.users_group_id,
1305 'users_group_id': user_group.users_group_id,
1302 'group_name': user_group.users_group_name,
1306 'group_name': user_group.users_group_name,
1303 'group_description': user_group.user_group_description,
1307 'group_description': user_group.user_group_description,
1304 'active': user_group.users_group_active,
1308 'active': user_group.users_group_active,
1305 'owner': user_group.user.username,
1309 'owner': user_group.user.username,
1306 'owner_email': user_group.user.email,
1310 'owner_email': user_group.user.email,
1307 }
1311 }
1308
1312
1309 if with_group_members:
1313 if with_group_members:
1310 users = []
1314 users = []
1311 for user in user_group.members:
1315 for user in user_group.members:
1312 user = user.user
1316 user = user.user
1313 users.append(user.get_api_data(include_secrets=include_secrets))
1317 users.append(user.get_api_data(include_secrets=include_secrets))
1314 data['users'] = users
1318 data['users'] = users
1315
1319
1316 return data
1320 return data
1317
1321
1318
1322
1319 class UserGroupMember(Base, BaseModel):
1323 class UserGroupMember(Base, BaseModel):
1320 __tablename__ = 'users_groups_members'
1324 __tablename__ = 'users_groups_members'
1321 __table_args__ = (
1325 __table_args__ = (
1322 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1326 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1323 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
1327 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
1324 )
1328 )
1325
1329
1326 users_group_member_id = Column("users_group_member_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1330 users_group_member_id = Column("users_group_member_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1327 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
1331 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
1328 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
1332 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
1329
1333
1330 user = relationship('User', lazy='joined')
1334 user = relationship('User', lazy='joined')
1331 users_group = relationship('UserGroup')
1335 users_group = relationship('UserGroup')
1332
1336
1333 def __init__(self, gr_id='', u_id=''):
1337 def __init__(self, gr_id='', u_id=''):
1334 self.users_group_id = gr_id
1338 self.users_group_id = gr_id
1335 self.user_id = u_id
1339 self.user_id = u_id
1336
1340
1337
1341
1338 class RepositoryField(Base, BaseModel):
1342 class RepositoryField(Base, BaseModel):
1339 __tablename__ = 'repositories_fields'
1343 __tablename__ = 'repositories_fields'
1340 __table_args__ = (
1344 __table_args__ = (
1341 UniqueConstraint('repository_id', 'field_key'), # no-multi field
1345 UniqueConstraint('repository_id', 'field_key'), # no-multi field
1342 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1346 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1343 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
1347 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
1344 )
1348 )
1345 PREFIX = 'ex_' # prefix used in form to not conflict with already existing fields
1349 PREFIX = 'ex_' # prefix used in form to not conflict with already existing fields
1346
1350
1347 repo_field_id = Column("repo_field_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1351 repo_field_id = Column("repo_field_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
1348 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
1352 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
1349 field_key = Column("field_key", String(250))
1353 field_key = Column("field_key", String(250))
1350 field_label = Column("field_label", String(1024), nullable=False)
1354 field_label = Column("field_label", String(1024), nullable=False)
1351 field_value = Column("field_value", String(10000), nullable=False)
1355 field_value = Column("field_value", String(10000), nullable=False)
1352 field_desc = Column("field_desc", String(1024), nullable=False)
1356 field_desc = Column("field_desc", String(1024), nullable=False)
1353 field_type = Column("field_type", String(255), nullable=False, unique=None)
1357 field_type = Column("field_type", String(255), nullable=False, unique=None)
1354 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1358 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
1355
1359
1356 repository = relationship('Repository')
1360 repository = relationship('Repository')
1357
1361
1358 @property
1362 @property
1359 def field_key_prefixed(self):
1363 def field_key_prefixed(self):
1360 return 'ex_%s' % self.field_key
1364 return 'ex_%s' % self.field_key
1361
1365
1362 @classmethod
1366 @classmethod
1363 def un_prefix_key(cls, key):
1367 def un_prefix_key(cls, key):
1364 if key.startswith(cls.PREFIX):
1368 if key.startswith(cls.PREFIX):
1365 return key[len(cls.PREFIX):]
1369 return key[len(cls.PREFIX):]
1366 return key
1370 return key
1367
1371
1368 @classmethod
1372 @classmethod
1369 def get_by_key_name(cls, key, repo):
1373 def get_by_key_name(cls, key, repo):
1370 row = cls.query()\
1374 row = cls.query()\
1371 .filter(cls.repository == repo)\
1375 .filter(cls.repository == repo)\
1372 .filter(cls.field_key == key).scalar()
1376 .filter(cls.field_key == key).scalar()
1373 return row
1377 return row
1374
1378
1375
1379
1376 class Repository(Base, BaseModel):
1380 class Repository(Base, BaseModel):
1377 __tablename__ = 'repositories'
1381 __tablename__ = 'repositories'
1378 __table_args__ = (
1382 __table_args__ = (
1379 Index('r_repo_name_idx', 'repo_name', mysql_length=255),
1383 Index('r_repo_name_idx', 'repo_name', mysql_length=255),
1380 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1384 {'extend_existing': True, 'mysql_engine': 'InnoDB',
1381 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
1385 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
1382 )
1386 )
1383 DEFAULT_CLONE_URI = '{scheme}://{user}@{netloc}/{repo}'
1387 DEFAULT_CLONE_URI = '{scheme}://{user}@{netloc}/{repo}'
1384 DEFAULT_CLONE_URI_ID = '{scheme}://{user}@{netloc}/_{repoid}'
1388 DEFAULT_CLONE_URI_ID = '{scheme}://{user}@{netloc}/_{repoid}'
1385
1389
1386 STATE_CREATED = 'repo_state_created'
1390 STATE_CREATED = 'repo_state_created'
1387 STATE_PENDING = 'repo_state_pending'
1391 STATE_PENDING = 'repo_state_pending'
1388 STATE_ERROR = 'repo_state_error'
1392 STATE_ERROR = 'repo_state_error'
1389
1393
1390 LOCK_AUTOMATIC = 'lock_auto'
1394 LOCK_AUTOMATIC = 'lock_auto'
1391 LOCK_API = 'lock_api'
1395 LOCK_API = 'lock_api'
1392 LOCK_WEB = 'lock_web'
1396 LOCK_WEB = 'lock_web'
1393 LOCK_PULL = 'lock_pull'
1397 LOCK_PULL = 'lock_pull'
1394
1398
1395 NAME_SEP = URL_SEP
1399 NAME_SEP = URL_SEP
1396
1400
1397 repo_id = Column(
1401 repo_id = Column(
1398 "repo_id", Integer(), nullable=False, unique=True, default=None,
1402 "repo_id", Integer(), nullable=False, unique=True, default=None,
1399 primary_key=True)
1403 primary_key=True)
1400 _repo_name = Column(
1404 _repo_name = Column(
1401 "repo_name", Text(), nullable=False, default=None)
1405 "repo_name", Text(), nullable=False, default=None)
1402 _repo_name_hash = Column(
1406 _repo_name_hash = Column(
1403 "repo_name_hash", String(255), nullable=False, unique=True)
1407 "repo_name_hash", String(255), nullable=False, unique=True)
1404 repo_state = Column("repo_state", String(255), nullable=True)
1408 repo_state = Column("repo_state", String(255), nullable=True)
1405
1409
1406 clone_uri = Column(
1410 clone_uri = Column(
1407 "clone_uri", EncryptedTextValue(), nullable=True, unique=False,
1411 "clone_uri", EncryptedTextValue(), nullable=True, unique=False,
1408 default=None)
1412 default=None)
1409 repo_type = Column(
1413 repo_type = Column(
1410 "repo_type", String(255), nullable=False, unique=False, default=None)
1414 "repo_type", String(255), nullable=False, unique=False, default=None)
1411 user_id = Column(
1415 user_id = Column(
1412 "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
1416 "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
1413 unique=False, default=None)
1417 unique=False, default=None)
1414 private = Column(
1418 private = Column(
1415 "private", Boolean(), nullable=True, unique=None, default=None)
1419 "private", Boolean(), nullable=True, unique=None, default=None)
1416 enable_statistics = Column(
1420 enable_statistics = Column(
1417 "statistics", Boolean(), nullable=True, unique=None, default=True)
1421 "statistics", Boolean(), nullable=True, unique=None, default=True)
1418 enable_downloads = Column(
1422 enable_downloads = Column(
1419 "downloads", Boolean(), nullable=True, unique=None, default=True)
1423 "downloads", Boolean(), nullable=True, unique=None, default=True)
1420 description = Column(
1424 description = Column(
1421 "description", String(10000), nullable=True, unique=None, default=None)
1425 "description", String(10000), nullable=True, unique=None, default=None)
1422 created_on = Column(
1426 created_on = Column(
1423 'created_on', DateTime(timezone=False), nullable=True, unique=None,
1427 'created_on', DateTime(timezone=False), nullable=True, unique=None,
1424 default=datetime.datetime.now)
1428 default=datetime.datetime.now)
1425 updated_on = Column(
1429 updated_on = Column(
1426 'updated_on', DateTime(timezone=False), nullable=True, unique=None,
1430 'updated_on', DateTime(timezone=False), nullable=True, unique=None,
1427 default=datetime.datetime.now)
1431 default=datetime.datetime.now)
1428 _landing_revision = Column(
1432 _landing_revision = Column(
1429 "landing_revision", String(255), nullable=False, unique=False,
1433 "landing_revision", String(255), nullable=False, unique=False,
1430 default=None)
1434 default=None)
1431 enable_locking = Column(
1435 enable_locking = Column(
1432 "enable_locking", Boolean(), nullable=False, unique=None,
1436 "enable_locking", Boolean(), nullable=False, unique=None,
1433 default=False)
1437 default=False)
1434 _locked = Column(
1438 _locked = Column(
1435 "locked", String(255), nullable=True, unique=False, default=None)
1439 "locked", String(255), nullable=True, unique=False, default=None)
1436 _changeset_cache = Column(
1440 _changeset_cache = Column(
1437 "changeset_cache", LargeBinary(), nullable=True) # JSON data
1441 "changeset_cache", LargeBinary(), nullable=True) # JSON data
1438
1442
1439 fork_id = Column(
1443 fork_id = Column(
1440 "fork_id", Integer(), ForeignKey('repositories.repo_id'),
1444 "fork_id", Integer(), ForeignKey('repositories.repo_id'),
1441 nullable=True, unique=False, default=None)
1445 nullable=True, unique=False, default=None)
1442 group_id = Column(
1446 group_id = Column(
1443 "group_id", Integer(), ForeignKey('groups.group_id'), nullable=True,
1447 "group_id", Integer(), ForeignKey('groups.group_id'), nullable=True,
1444 unique=False, default=None)
1448 unique=False, default=None)
1445
1449
1446 user = relationship('User', lazy='joined')
1450 user = relationship('User', lazy='joined')
1447 fork = relationship('Repository', remote_side=repo_id, lazy='joined')
1451 fork = relationship('Repository', remote_side=repo_id, lazy='joined')
1448 group = relationship('RepoGroup', lazy='joined')
1452 group = relationship('RepoGroup', lazy='joined')
1449 repo_to_perm = relationship(
1453 repo_to_perm = relationship(
1450 'UserRepoToPerm', cascade='all',
1454 'UserRepoToPerm', cascade='all',
1451 order_by='UserRepoToPerm.repo_to_perm_id')
1455 order_by='UserRepoToPerm.repo_to_perm_id')
1452 users_group_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
1456 users_group_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
1453 stats = relationship('Statistics', cascade='all', uselist=False)
1457 stats = relationship('Statistics', cascade='all', uselist=False)
1454
1458
1455 followers = relationship(
1459 followers = relationship(
1456 'UserFollowing',
1460 'UserFollowing',
1457 primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id',
1461 primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id',
1458 cascade='all')
1462 cascade='all')
1459 extra_fields = relationship(
1463 extra_fields = relationship(
1460 'RepositoryField', cascade="all, delete, delete-orphan")
1464 'RepositoryField', cascade="all, delete, delete-orphan")
1461 logs = relationship('UserLog')
1465 logs = relationship('UserLog')
1462 comments = relationship(
1466 comments = relationship(
1463 'ChangesetComment', cascade="all, delete, delete-orphan")
1467 'ChangesetComment', cascade="all, delete, delete-orphan")
1464 pull_requests_source = relationship(
1468 pull_requests_source = relationship(
1465 'PullRequest',
1469 'PullRequest',
1466 primaryjoin='PullRequest.source_repo_id==Repository.repo_id',
1470 primaryjoin='PullRequest.source_repo_id==Repository.repo_id',
1467 cascade="all, delete, delete-orphan")
1471 cascade="all, delete, delete-orphan")
1468 pull_requests_target = relationship(
1472 pull_requests_target = relationship(
1469 'PullRequest',
1473 'PullRequest',
1470 primaryjoin='PullRequest.target_repo_id==Repository.repo_id',
1474 primaryjoin='PullRequest.target_repo_id==Repository.repo_id',
1471 cascade="all, delete, delete-orphan")
1475 cascade="all, delete, delete-orphan")
1472 ui = relationship('RepoRhodeCodeUi', cascade="all")
1476 ui = relationship('RepoRhodeCodeUi', cascade="all")
1473 settings = relationship('RepoRhodeCodeSetting', cascade="all")
1477 settings = relationship('RepoRhodeCodeSetting', cascade="all")
1474 integrations = relationship('Integration',
1478 integrations = relationship('Integration',
1475 cascade="all, delete, delete-orphan")
1479 cascade="all, delete, delete-orphan")
1476
1480
1477 def __unicode__(self):
1481 def __unicode__(self):
1478 return u"<%s('%s:%s')>" % (self.__class__.__name__, self.repo_id,
1482 return u"<%s('%s:%s')>" % (self.__class__.__name__, self.repo_id,
1479 safe_unicode(self.repo_name))
1483 safe_unicode(self.repo_name))
1480
1484
1481 @hybrid_property
1485 @hybrid_property
1482 def landing_rev(self):
1486 def landing_rev(self):
1483 # always should return [rev_type, rev]
1487 # always should return [rev_type, rev]
1484 if self._landing_revision:
1488 if self._landing_revision:
1485 _rev_info = self._landing_revision.split(':')
1489 _rev_info = self._landing_revision.split(':')
1486 if len(_rev_info) < 2:
1490 if len(_rev_info) < 2:
1487 _rev_info.insert(0, 'rev')
1491 _rev_info.insert(0, 'rev')
1488 return [_rev_info[0], _rev_info[1]]
1492 return [_rev_info[0], _rev_info[1]]
1489 return [None, None]
1493 return [None, None]
1490
1494
1491 @landing_rev.setter
1495 @landing_rev.setter
1492 def landing_rev(self, val):
1496 def landing_rev(self, val):
1493 if ':' not in val:
1497 if ':' not in val:
1494 raise ValueError('value must be delimited with `:` and consist '
1498 raise ValueError('value must be delimited with `:` and consist '
1495 'of <rev_type>:<rev>, got %s instead' % val)
1499 'of <rev_type>:<rev>, got %s instead' % val)
1496 self._landing_revision = val
1500 self._landing_revision = val
1497
1501
1498 @hybrid_property
1502 @hybrid_property
1499 def locked(self):
1503 def locked(self):
1500 if self._locked:
1504 if self._locked:
1501 user_id, timelocked, reason = self._locked.split(':')
1505 user_id, timelocked, reason = self._locked.split(':')
1502 lock_values = int(user_id), timelocked, reason
1506 lock_values = int(user_id), timelocked, reason
1503 else:
1507 else:
1504 lock_values = [None, None, None]
1508 lock_values = [None, None, None]
1505 return lock_values
1509 return lock_values
1506
1510
1507 @locked.setter
1511 @locked.setter
1508 def locked(self, val):
1512 def locked(self, val):
1509 if val and isinstance(val, (list, tuple)):
1513 if val and isinstance(val, (list, tuple)):
1510 self._locked = ':'.join(map(str, val))
1514 self._locked = ':'.join(map(str, val))
1511 else:
1515 else:
1512 self._locked = None
1516 self._locked = None
1513
1517
1514 @hybrid_property
1518 @hybrid_property
1515 def changeset_cache(self):
1519 def changeset_cache(self):
1516 from rhodecode.lib.vcs.backends.base import EmptyCommit
1520 from rhodecode.lib.vcs.backends.base import EmptyCommit
1517 dummy = EmptyCommit().__json__()
1521 dummy = EmptyCommit().__json__()
1518 if not self._changeset_cache:
1522 if not self._changeset_cache:
1519 return dummy
1523 return dummy
1520 try:
1524 try:
1521 return json.loads(self._changeset_cache)
1525 return json.loads(self._changeset_cache)
1522 except TypeError:
1526 except TypeError:
1523 return dummy
1527 return dummy
1524 except Exception:
1528 except Exception:
1525 log.error(traceback.format_exc())
1529 log.error(traceback.format_exc())
1526 return dummy
1530 return dummy
1527
1531
1528 @changeset_cache.setter
1532 @changeset_cache.setter
1529 def changeset_cache(self, val):
1533 def changeset_cache(self, val):
1530 try:
1534 try:
1531 self._changeset_cache = json.dumps(val)
1535 self._changeset_cache = json.dumps(val)
1532 except Exception:
1536 except Exception:
1533 log.error(traceback.format_exc())
1537 log.error(traceback.format_exc())
1534
1538
1535 @hybrid_property
1539 @hybrid_property
1536 def repo_name(self):
1540 def repo_name(self):
1537 return self._repo_name
1541 return self._repo_name
1538
1542
1539 @repo_name.setter
1543 @repo_name.setter
1540 def repo_name(self, value):
1544 def repo_name(self, value):
1541 self._repo_name = value
1545 self._repo_name = value
1542 self._repo_name_hash = hashlib.sha1(safe_str(value)).hexdigest()
1546 self._repo_name_hash = hashlib.sha1(safe_str(value)).hexdigest()
1543
1547
1544 @classmethod
1548 @classmethod
1545 def normalize_repo_name(cls, repo_name):
1549 def normalize_repo_name(cls, repo_name):
1546 """
1550 """
1547 Normalizes os specific repo_name to the format internally stored inside
1551 Normalizes os specific repo_name to the format internally stored inside
1548 database using URL_SEP
1552 database using URL_SEP
1549
1553
1550 :param cls:
1554 :param cls:
1551 :param repo_name:
1555 :param repo_name:
1552 """
1556 """
1553 return cls.NAME_SEP.join(repo_name.split(os.sep))
1557 return cls.NAME_SEP.join(repo_name.split(os.sep))
1554
1558
1555 @classmethod
1559 @classmethod
1556 def get_by_repo_name(cls, repo_name, cache=False, identity_cache=False):
1560 def get_by_repo_name(cls, repo_name, cache=False, identity_cache=False):
1557 session = Session()
1561 session = Session()
1558 q = session.query(cls).filter(cls.repo_name == repo_name)
1562 q = session.query(cls).filter(cls.repo_name == repo_name)
1559
1563
1560 if cache:
1564 if cache:
1561 if identity_cache:
1565 if identity_cache:
1562 val = cls.identity_cache(session, 'repo_name', repo_name)
1566 val = cls.identity_cache(session, 'repo_name', repo_name)
1563 if val:
1567 if val:
1564 return val
1568 return val
1565 else:
1569 else:
1566 cache_key = "get_repo_by_name_%s" % _hash_key(repo_name)
1570 cache_key = "get_repo_by_name_%s" % _hash_key(repo_name)
1567 q = q.options(
1571 q = q.options(
1568 FromCache("sql_cache_short", cache_key))
1572 FromCache("sql_cache_short", cache_key))
1569
1573
1570 return q.scalar()
1574 return q.scalar()
1571
1575
1572 @classmethod
1576 @classmethod
1573 def get_by_full_path(cls, repo_full_path):
1577 def get_by_full_path(cls, repo_full_path):
1574 repo_name = repo_full_path.split(cls.base_path(), 1)[-1]
1578 repo_name = repo_full_path.split(cls.base_path(), 1)[-1]
1575 repo_name = cls.normalize_repo_name(repo_name)
1579 repo_name = cls.normalize_repo_name(repo_name)
1576 return cls.get_by_repo_name(repo_name.strip(URL_SEP))
1580 return cls.get_by_repo_name(repo_name.strip(URL_SEP))
1577
1581
1578 @classmethod
1582 @classmethod
1579 def get_repo_forks(cls, repo_id):
1583 def get_repo_forks(cls, repo_id):
1580 return cls.query().filter(Repository.fork_id == repo_id)
1584 return cls.query().filter(Repository.fork_id == repo_id)
1581
1585
1582 @classmethod
1586 @classmethod
1583 def base_path(cls):
1587 def base_path(cls):
1584 """
1588 """
1585 Returns base path when all repos are stored
1589 Returns base path when all repos are stored
1586
1590
1587 :param cls:
1591 :param cls:
1588 """
1592 """
1589 q = Session().query(RhodeCodeUi)\
1593 q = Session().query(RhodeCodeUi)\
1590 .filter(RhodeCodeUi.ui_key == cls.NAME_SEP)
1594 .filter(RhodeCodeUi.ui_key == cls.NAME_SEP)
1591 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
1595 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
1592 return q.one().ui_value
1596 return q.one().ui_value
1593
1597
1594 @classmethod
1598 @classmethod
1595 def is_valid(cls, repo_name):
1599 def is_valid(cls, repo_name):
1596 """
1600 """
1597 returns True if given repo name is a valid filesystem repository
1601 returns True if given repo name is a valid filesystem repository
1598
1602
1599 :param cls:
1603 :param cls:
1600 :param repo_name:
1604 :param repo_name:
1601 """
1605 """
1602 from rhodecode.lib.utils import is_valid_repo
1606 from rhodecode.lib.utils import is_valid_repo
1603
1607
1604 return is_valid_repo(repo_name, cls.base_path())
1608 return is_valid_repo(repo_name, cls.base_path())
1605
1609
1606 @classmethod
1610 @classmethod
1607 def get_all_repos(cls, user_id=Optional(None), group_id=Optional(None),
1611 def get_all_repos(cls, user_id=Optional(None), group_id=Optional(None),
1608 case_insensitive=True):
1612 case_insensitive=True):
1609 q = Repository.query()
1613 q = Repository.query()
1610
1614
1611 if not isinstance(user_id, Optional):
1615 if not isinstance(user_id, Optional):
1612 q = q.filter(Repository.user_id == user_id)
1616 q = q.filter(Repository.user_id == user_id)
1613
1617
1614 if not isinstance(group_id, Optional):
1618 if not isinstance(group_id, Optional):
1615 q = q.filter(Repository.group_id == group_id)
1619 q = q.filter(Repository.group_id == group_id)
1616
1620
1617 if case_insensitive:
1621 if case_insensitive:
1618 q = q.order_by(func.lower(Repository.repo_name))
1622 q = q.order_by(func.lower(Repository.repo_name))
1619 else:
1623 else:
1620 q = q.order_by(Repository.repo_name)
1624 q = q.order_by(Repository.repo_name)
1621 return q.all()
1625 return q.all()
1622
1626
1623 @property
1627 @property
1624 def forks(self):
1628 def forks(self):
1625 """
1629 """
1626 Return forks of this repo
1630 Return forks of this repo
1627 """
1631 """
1628 return Repository.get_repo_forks(self.repo_id)
1632 return Repository.get_repo_forks(self.repo_id)
1629
1633
1630 @property
1634 @property
1631 def parent(self):
1635 def parent(self):
1632 """
1636 """
1633 Returns fork parent
1637 Returns fork parent
1634 """
1638 """
1635 return self.fork
1639 return self.fork
1636
1640
1637 @property
1641 @property
1638 def just_name(self):
1642 def just_name(self):
1639 return self.repo_name.split(self.NAME_SEP)[-1]
1643 return self.repo_name.split(self.NAME_SEP)[-1]
1640
1644
1641 @property
1645 @property
1642 def groups_with_parents(self):
1646 def groups_with_parents(self):
1643 groups = []
1647 groups = []
1644 if self.group is None:
1648 if self.group is None:
1645 return groups
1649 return groups
1646
1650
1647 cur_gr = self.group
1651 cur_gr = self.group
1648 groups.insert(0, cur_gr)
1652 groups.insert(0, cur_gr)
1649 while 1:
1653 while 1:
1650 gr = getattr(cur_gr, 'parent_group', None)
1654 gr = getattr(cur_gr, 'parent_group', None)
1651 cur_gr = cur_gr.parent_group
1655 cur_gr = cur_gr.parent_group
1652 if gr is None:
1656 if gr is None:
1653 break
1657 break
1654 groups.insert(0, gr)
1658 groups.insert(0, gr)
1655
1659
1656 return groups
1660 return groups
1657
1661
1658 @property
1662 @property
1659 def groups_and_repo(self):
1663 def groups_and_repo(self):
1660 return self.groups_with_parents, self
1664 return self.groups_with_parents, self
1661
1665
1662 @LazyProperty
1666 @LazyProperty
1663 def repo_path(self):
1667 def repo_path(self):
1664 """
1668 """
1665 Returns base full path for that repository means where it actually
1669 Returns base full path for that repository means where it actually
1666 exists on a filesystem
1670 exists on a filesystem
1667 """
1671 """
1668 q = Session().query(RhodeCodeUi).filter(
1672 q = Session().query(RhodeCodeUi).filter(
1669 RhodeCodeUi.ui_key == self.NAME_SEP)
1673 RhodeCodeUi.ui_key == self.NAME_SEP)
1670 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
1674 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
1671 return q.one().ui_value
1675 return q.one().ui_value
1672
1676
1673 @property
1677 @property
1674 def repo_full_path(self):
1678 def repo_full_path(self):
1675 p = [self.repo_path]
1679 p = [self.repo_path]
1676 # we need to split the name by / since this is how we store the
1680 # we need to split the name by / since this is how we store the
1677 # names in the database, but that eventually needs to be converted
1681 # names in the database, but that eventually needs to be converted
1678 # into a valid system path
1682 # into a valid system path
1679 p += self.repo_name.split(self.NAME_SEP)
1683 p += self.repo_name.split(self.NAME_SEP)
1680 return os.path.join(*map(safe_unicode, p))
1684 return os.path.join(*map(safe_unicode, p))
1681
1685
1682 @property
1686 @property
1683 def cache_keys(self):
1687 def cache_keys(self):
1684 """
1688 """
1685 Returns associated cache keys for that repo
1689 Returns associated cache keys for that repo
1686 """
1690 """
1687 return CacheKey.query()\
1691 return CacheKey.query()\
1688 .filter(CacheKey.cache_args == self.repo_name)\
1692 .filter(CacheKey.cache_args == self.repo_name)\
1689 .order_by(CacheKey.cache_key)\
1693 .order_by(CacheKey.cache_key)\
1690 .all()
1694 .all()
1691
1695
1692 def get_new_name(self, repo_name):
1696 def get_new_name(self, repo_name):
1693 """
1697 """
1694 returns new full repository name based on assigned group and new new
1698 returns new full repository name based on assigned group and new new
1695
1699
1696 :param group_name:
1700 :param group_name:
1697 """
1701 """
1698 path_prefix = self.group.full_path_splitted if self.group else []
1702 path_prefix = self.group.full_path_splitted if self.group else []
1699 return self.NAME_SEP.join(path_prefix + [repo_name])
1703 return self.NAME_SEP.join(path_prefix + [repo_name])
1700
1704
1701 @property
1705 @property
1702 def _config(self):
1706 def _config(self):
1703 """
1707 """
1704 Returns db based config object.
1708 Returns db based config object.
1705 """
1709 """
1706 from rhodecode.lib.utils import make_db_config
1710 from rhodecode.lib.utils import make_db_config
1707 return make_db_config(clear_session=False, repo=self)
1711 return make_db_config(clear_session=False, repo=self)
1708
1712
1709 def permissions(self, with_admins=True, with_owner=True):
1713 def permissions(self, with_admins=True, with_owner=True):
1710 q = UserRepoToPerm.query().filter(UserRepoToPerm.repository == self)
1714 q = UserRepoToPerm.query().filter(UserRepoToPerm.repository == self)
1711 q = q.options(joinedload(UserRepoToPerm.repository),
1715 q = q.options(joinedload(UserRepoToPerm.repository),
1712 joinedload(UserRepoToPerm.user),
1716 joinedload(UserRepoToPerm.user),
1713 joinedload(UserRepoToPerm.permission),)
1717 joinedload(UserRepoToPerm.permission),)
1714
1718
1715 # get owners and admins and permissions. We do a trick of re-writing
1719 # get owners and admins and permissions. We do a trick of re-writing
1716 # objects from sqlalchemy to named-tuples due to sqlalchemy session
1720 # objects from sqlalchemy to named-tuples due to sqlalchemy session
1717 # has a global reference and changing one object propagates to all
1721 # has a global reference and changing one object propagates to all
1718 # others. This means if admin is also an owner admin_row that change
1722 # others. This means if admin is also an owner admin_row that change
1719 # would propagate to both objects
1723 # would propagate to both objects
1720 perm_rows = []
1724 perm_rows = []
1721 for _usr in q.all():
1725 for _usr in q.all():
1722 usr = AttributeDict(_usr.user.get_dict())
1726 usr = AttributeDict(_usr.user.get_dict())
1723 usr.permission = _usr.permission.permission_name
1727 usr.permission = _usr.permission.permission_name
1724 perm_rows.append(usr)
1728 perm_rows.append(usr)
1725
1729
1726 # filter the perm rows by 'default' first and then sort them by
1730 # filter the perm rows by 'default' first and then sort them by
1727 # admin,write,read,none permissions sorted again alphabetically in
1731 # admin,write,read,none permissions sorted again alphabetically in
1728 # each group
1732 # each group
1729 perm_rows = sorted(perm_rows, key=display_sort)
1733 perm_rows = sorted(perm_rows, key=display_sort)
1730
1734
1731 _admin_perm = 'repository.admin'
1735 _admin_perm = 'repository.admin'
1732 owner_row = []
1736 owner_row = []
1733 if with_owner:
1737 if with_owner:
1734 usr = AttributeDict(self.user.get_dict())
1738 usr = AttributeDict(self.user.get_dict())
1735 usr.owner_row = True
1739 usr.owner_row = True
1736 usr.permission = _admin_perm
1740 usr.permission = _admin_perm
1737 owner_row.append(usr)
1741 owner_row.append(usr)
1738
1742
1739 super_admin_rows = []
1743 super_admin_rows = []
1740 if with_admins:
1744 if with_admins:
1741 for usr in User.get_all_super_admins():
1745 for usr in User.get_all_super_admins():
1742 # if this admin is also owner, don't double the record
1746 # if this admin is also owner, don't double the record
1743 if usr.user_id == owner_row[0].user_id:
1747 if usr.user_id == owner_row[0].user_id:
1744 owner_row[0].admin_row = True
1748 owner_row[0].admin_row = True
1745 else:
1749 else:
1746 usr = AttributeDict(usr.get_dict())
1750 usr = AttributeDict(usr.get_dict())
1747 usr.admin_row = True
1751 usr.admin_row = True
1748 usr.permission = _admin_perm
1752 usr.permission = _admin_perm
1749 super_admin_rows.append(usr)
1753 super_admin_rows.append(usr)
1750
1754
1751 return super_admin_rows + owner_row + perm_rows
1755 return super_admin_rows + owner_row + perm_rows
1752
1756
1753 def permission_user_groups(self):
1757 def permission_user_groups(self):
1754 q = UserGroupRepoToPerm.query().filter(
1758 q = UserGroupRepoToPerm.query().filter(
1755 UserGroupRepoToPerm.repository == self)
1759 UserGroupRepoToPerm.repository == self)
1756 q = q.options(joinedload(UserGroupRepoToPerm.repository),
1760 q = q.options(joinedload(UserGroupRepoToPerm.repository),
1757 joinedload(UserGroupRepoToPerm.users_group),
1761 joinedload(UserGroupRepoToPerm.users_group),
1758 joinedload(UserGroupRepoToPerm.permission),)
1762 joinedload(UserGroupRepoToPerm.permission),)
1759
1763
1760 perm_rows = []
1764 perm_rows = []
1761 for _user_group in q.all():
1765 for _user_group in q.all():
1762 usr = AttributeDict(_user_group.users_group.get_dict())
1766 usr = AttributeDict(_user_group.users_group.get_dict())
1763 usr.permission = _user_group.permission.permission_name
1767 usr.permission = _user_group.permission.permission_name
1764 perm_rows.append(usr)
1768 perm_rows.append(usr)
1765
1769
1766 return perm_rows
1770 return perm_rows
1767
1771
1768 def get_api_data(self, include_secrets=False):
1772 def get_api_data(self, include_secrets=False):
1769 """
1773 """
1770 Common function for generating repo api data
1774 Common function for generating repo api data
1771
1775
1772 :param include_secrets: See :meth:`User.get_api_data`.
1776 :param include_secrets: See :meth:`User.get_api_data`.
1773
1777
1774 """
1778 """
1775 # TODO: mikhail: Here there is an anti-pattern, we probably need to
1779 # TODO: mikhail: Here there is an anti-pattern, we probably need to
1776 # move this methods on models level.
1780 # move this methods on models level.
1777 from rhodecode.model.settings import SettingsModel
1781 from rhodecode.model.settings import SettingsModel
1778 from rhodecode.model.repo import RepoModel
1782 from rhodecode.model.repo import RepoModel
1779
1783
1780 repo = self
1784 repo = self
1781 _user_id, _time, _reason = self.locked
1785 _user_id, _time, _reason = self.locked
1782
1786
1783 data = {
1787 data = {
1784 'repo_id': repo.repo_id,
1788 'repo_id': repo.repo_id,
1785 'repo_name': repo.repo_name,
1789 'repo_name': repo.repo_name,
1786 'repo_type': repo.repo_type,
1790 'repo_type': repo.repo_type,
1787 'clone_uri': repo.clone_uri or '',
1791 'clone_uri': repo.clone_uri or '',
1788 'url': RepoModel().get_url(self),
1792 'url': RepoModel().get_url(self),
1789 'private': repo.private,
1793 'private': repo.private,
1790 'created_on': repo.created_on,
1794 'created_on': repo.created_on,
1791 'description': repo.description,
1795 'description': repo.description,
1792 'landing_rev': repo.landing_rev,
1796 'landing_rev': repo.landing_rev,
1793 'owner': repo.user.username,
1797 'owner': repo.user.username,
1794 'fork_of': repo.fork.repo_name if repo.fork else None,
1798 'fork_of': repo.fork.repo_name if repo.fork else None,
1795 'fork_of_id': repo.fork.repo_id if repo.fork else None,
1799 'fork_of_id': repo.fork.repo_id if repo.fork else None,
1796 'enable_statistics': repo.enable_statistics,
1800 'enable_statistics': repo.enable_statistics,
1797 'enable_locking': repo.enable_locking,
1801 'enable_locking': repo.enable_locking,
1798 'enable_downloads': repo.enable_downloads,
1802 'enable_downloads': repo.enable_downloads,
1799 'last_changeset': repo.changeset_cache,
1803 'last_changeset': repo.changeset_cache,
1800 'locked_by': User.get(_user_id).get_api_data(
1804 'locked_by': User.get(_user_id).get_api_data(
1801 include_secrets=include_secrets) if _user_id else None,
1805 include_secrets=include_secrets) if _user_id else None,
1802 'locked_date': time_to_datetime(_time) if _time else None,
1806 'locked_date': time_to_datetime(_time) if _time else None,
1803 'lock_reason': _reason if _reason else None,
1807 'lock_reason': _reason if _reason else None,
1804 }
1808 }
1805
1809
1806 # TODO: mikhail: should be per-repo settings here
1810 # TODO: mikhail: should be per-repo settings here
1807 rc_config = SettingsModel().get_all_settings()
1811 rc_config = SettingsModel().get_all_settings()
1808 repository_fields = str2bool(
1812 repository_fields = str2bool(
1809 rc_config.get('rhodecode_repository_fields'))
1813 rc_config.get('rhodecode_repository_fields'))
1810 if repository_fields:
1814 if repository_fields:
1811 for f in self.extra_fields:
1815 for f in self.extra_fields:
1812 data[f.field_key_prefixed] = f.field_value
1816 data[f.field_key_prefixed] = f.field_value
1813
1817
1814 return data
1818 return data
1815
1819
1816 @classmethod
1820 @classmethod
1817 def lock(cls, repo, user_id, lock_time=None, lock_reason=None):
1821 def lock(cls, repo, user_id, lock_time=None, lock_reason=None):
1818 if not lock_time:
1822 if not lock_time:
1819 lock_time = time.time()
1823 lock_time = time.time()
1820 if not lock_reason:
1824 if not lock_reason:
1821 lock_reason = cls.LOCK_AUTOMATIC
1825 lock_reason = cls.LOCK_AUTOMATIC
1822 repo.locked = [user_id, lock_time, lock_reason]
1826 repo.locked = [user_id, lock_time, lock_reason]
1823 Session().add(repo)
1827 Session().add(repo)
1824 Session().commit()
1828 Session().commit()
1825
1829
1826 @classmethod
1830 @classmethod
1827 def unlock(cls, repo):
1831 def unlock(cls, repo):
1828 repo.locked = None
1832 repo.locked = None
1829 Session().add(repo)
1833 Session().add(repo)
1830 Session().commit()
1834 Session().commit()
1831
1835
1832 @classmethod
1836 @classmethod
1833 def getlock(cls, repo):
1837 def getlock(cls, repo):
1834 return repo.locked
1838 return repo.locked
1835
1839
1836 def is_user_lock(self, user_id):
1840 def is_user_lock(self, user_id):
1837 if self.lock[0]:
1841 if self.lock[0]:
1838 lock_user_id = safe_int(self.lock[0])
1842 lock_user_id = safe_int(self.lock[0])
1839 user_id = safe_int(user_id)
1843 user_id = safe_int(user_id)
1840 # both are ints, and they are equal
1844 # both are ints, and they are equal
1841 return all([lock_user_id, user_id]) and lock_user_id == user_id
1845 return all([lock_user_id, user_id]) and lock_user_id == user_id
1842
1846
1843 return False
1847 return False
1844
1848
1845 def get_locking_state(self, action, user_id, only_when_enabled=True):
1849 def get_locking_state(self, action, user_id, only_when_enabled=True):
1846 """
1850 """
1847 Checks locking on this repository, if locking is enabled and lock is
1851 Checks locking on this repository, if locking is enabled and lock is
1848 present returns a tuple of make_lock, locked, locked_by.
1852 present returns a tuple of make_lock, locked, locked_by.
1849 make_lock can have 3 states None (do nothing) True, make lock
1853 make_lock can have 3 states None (do nothing) True, make lock
1850 False release lock, This value is later propagated to hooks, which
1854 False release lock, This value is later propagated to hooks, which
1851 do the locking. Think about this as signals passed to hooks what to do.
1855 do the locking. Think about this as signals passed to hooks what to do.
1852
1856
1853 """
1857 """
1854 # TODO: johbo: This is part of the business logic and should be moved
1858 # TODO: johbo: This is part of the business logic and should be moved
1855 # into the RepositoryModel.
1859 # into the RepositoryModel.
1856
1860
1857 if action not in ('push', 'pull'):
1861 if action not in ('push', 'pull'):
1858 raise ValueError("Invalid action value: %s" % repr(action))
1862 raise ValueError("Invalid action value: %s" % repr(action))
1859
1863
1860 # defines if locked error should be thrown to user
1864 # defines if locked error should be thrown to user
1861 currently_locked = False
1865 currently_locked = False
1862 # defines if new lock should be made, tri-state
1866 # defines if new lock should be made, tri-state
1863 make_lock = None
1867 make_lock = None
1864 repo = self
1868 repo = self
1865 user = User.get(user_id)
1869 user = User.get(user_id)
1866
1870
1867 lock_info = repo.locked
1871 lock_info = repo.locked
1868
1872
1869 if repo and (repo.enable_locking or not only_when_enabled):
1873 if repo and (repo.enable_locking or not only_when_enabled):
1870 if action == 'push':
1874 if action == 'push':
1871 # check if it's already locked !, if it is compare users
1875 # check if it's already locked !, if it is compare users
1872 locked_by_user_id = lock_info[0]
1876 locked_by_user_id = lock_info[0]
1873 if user.user_id == locked_by_user_id:
1877 if user.user_id == locked_by_user_id:
1874 log.debug(
1878 log.debug(
1875 'Got `push` action from user %s, now unlocking', user)
1879 'Got `push` action from user %s, now unlocking', user)
1876 # unlock if we have push from user who locked
1880 # unlock if we have push from user who locked
1877 make_lock = False
1881 make_lock = False
1878 else:
1882 else:
1879 # we're not the same user who locked, ban with
1883 # we're not the same user who locked, ban with
1880 # code defined in settings (default is 423 HTTP Locked) !
1884 # code defined in settings (default is 423 HTTP Locked) !
1881 log.debug('Repo %s is currently locked by %s', repo, user)
1885 log.debug('Repo %s is currently locked by %s', repo, user)
1882 currently_locked = True
1886 currently_locked = True
1883 elif action == 'pull':
1887 elif action == 'pull':
1884 # [0] user [1] date
1888 # [0] user [1] date
1885 if lock_info[0] and lock_info[1]:
1889 if lock_info[0] and lock_info[1]:
1886 log.debug('Repo %s is currently locked by %s', repo, user)
1890 log.debug('Repo %s is currently locked by %s', repo, user)
1887 currently_locked = True
1891 currently_locked = True
1888 else:
1892 else:
1889 log.debug('Setting lock on repo %s by %s', repo, user)
1893 log.debug('Setting lock on repo %s by %s', repo, user)
1890 make_lock = True
1894 make_lock = True
1891
1895
1892 else:
1896 else:
1893 log.debug('Repository %s do not have locking enabled', repo)
1897 log.debug('Repository %s do not have locking enabled', repo)
1894
1898
1895 log.debug('FINAL locking values make_lock:%s,locked:%s,locked_by:%s',
1899 log.debug('FINAL locking values make_lock:%s,locked:%s,locked_by:%s',
1896 make_lock, currently_locked, lock_info)
1900 make_lock, currently_locked, lock_info)
1897
1901
1898 from rhodecode.lib.auth import HasRepoPermissionAny
1902 from rhodecode.lib.auth import HasRepoPermissionAny
1899 perm_check = HasRepoPermissionAny('repository.write', 'repository.admin')
1903 perm_check = HasRepoPermissionAny('repository.write', 'repository.admin')
1900 if make_lock and not perm_check(repo_name=repo.repo_name, user=user):
1904 if make_lock and not perm_check(repo_name=repo.repo_name, user=user):
1901 # if we don't have at least write permission we cannot make a lock
1905 # if we don't have at least write permission we cannot make a lock
1902 log.debug('lock state reset back to FALSE due to lack '
1906 log.debug('lock state reset back to FALSE due to lack '
1903 'of at least read permission')
1907 'of at least read permission')
1904 make_lock = False
1908 make_lock = False
1905
1909
1906 return make_lock, currently_locked, lock_info
1910 return make_lock, currently_locked, lock_info
1907
1911
1908 @property
1912 @property
1909 def last_db_change(self):
1913 def last_db_change(self):
1910 return self.updated_on
1914 return self.updated_on
1911
1915
1912 @property
1916 @property
1913 def clone_uri_hidden(self):
1917 def clone_uri_hidden(self):
1914 clone_uri = self.clone_uri
1918 clone_uri = self.clone_uri
1915 if clone_uri:
1919 if clone_uri:
1916 import urlobject
1920 import urlobject
1917 url_obj = urlobject.URLObject(cleaned_uri(clone_uri))
1921 url_obj = urlobject.URLObject(cleaned_uri(clone_uri))
1918 if url_obj.password:
1922 if url_obj.password:
1919 clone_uri = url_obj.with_password('*****')
1923 clone_uri = url_obj.with_password('*****')
1920 return clone_uri
1924 return clone_uri
1921
1925
1922 def clone_url(self, **override):
1926 def clone_url(self, **override):
1923
1927
1924 uri_tmpl = None
1928 uri_tmpl = None
1925 if 'with_id' in override:
1929 if 'with_id' in override:
1926 uri_tmpl = self.DEFAULT_CLONE_URI_ID
1930 uri_tmpl = self.DEFAULT_CLONE_URI_ID
1927 del override['with_id']
1931 del override['with_id']
1928
1932
1929 if 'uri_tmpl' in override:
1933 if 'uri_tmpl' in override:
1930 uri_tmpl = override['uri_tmpl']
1934 uri_tmpl = override['uri_tmpl']
1931 del override['uri_tmpl']
1935 del override['uri_tmpl']
1932
1936
1933 # we didn't override our tmpl from **overrides
1937 # we didn't override our tmpl from **overrides
1934 if not uri_tmpl:
1938 if not uri_tmpl:
1935 uri_tmpl = self.DEFAULT_CLONE_URI
1939 uri_tmpl = self.DEFAULT_CLONE_URI
1936 try:
1940 try:
1937 from pylons import tmpl_context as c
1941 from pylons import tmpl_context as c
1938 uri_tmpl = c.clone_uri_tmpl
1942 uri_tmpl = c.clone_uri_tmpl
1939 except Exception:
1943 except Exception:
1940 # in any case if we call this outside of request context,
1944 # in any case if we call this outside of request context,
1941 # ie, not having tmpl_context set up
1945 # ie, not having tmpl_context set up
1942 pass
1946 pass
1943
1947
1944 request = get_current_request()
1948 request = get_current_request()
1945 return get_clone_url(request=request,
1949 return get_clone_url(request=request,
1946 uri_tmpl=uri_tmpl,
1950 uri_tmpl=uri_tmpl,
1947 repo_name=self.repo_name,
1951 repo_name=self.repo_name,
1948 repo_id=self.repo_id, **override)
1952 repo_id=self.repo_id, **override)
1949
1953
1950 def set_state(self, state):
1954 def set_state(self, state):
1951 self.repo_state = state
1955 self.repo_state = state
1952 Session().add(self)
1956 Session().add(self)
1953 #==========================================================================
1957 #==========================================================================
1954 # SCM PROPERTIES
1958 # SCM PROPERTIES
1955 #==========================================================================
1959 #==========================================================================
1956
1960
1957 def get_commit(self, commit_id=None, commit_idx=None, pre_load=None):
1961 def get_commit(self, commit_id=None, commit_idx=None, pre_load=None):
1958 return get_commit_safe(
1962 return get_commit_safe(
1959 self.scm_instance(), commit_id, commit_idx, pre_load=pre_load)
1963 self.scm_instance(), commit_id, commit_idx, pre_load=pre_load)
1960
1964
1961 def get_changeset(self, rev=None, pre_load=None):
1965 def get_changeset(self, rev=None, pre_load=None):
1962 warnings.warn("Use get_commit", DeprecationWarning)
1966 warnings.warn("Use get_commit", DeprecationWarning)
1963 commit_id = None
1967 commit_id = None
1964 commit_idx = None
1968 commit_idx = None
1965 if isinstance(rev, basestring):
1969 if isinstance(rev, basestring):
1966 commit_id = rev
1970 commit_id = rev
1967 else:
1971 else:
1968 commit_idx = rev
1972 commit_idx = rev
1969 return self.get_commit(commit_id=commit_id, commit_idx=commit_idx,
1973 return self.get_commit(commit_id=commit_id, commit_idx=commit_idx,
1970 pre_load=pre_load)
1974 pre_load=pre_load)
1971
1975
1972 def get_landing_commit(self):
1976 def get_landing_commit(self):
1973 """
1977 """
1974 Returns landing commit, or if that doesn't exist returns the tip
1978 Returns landing commit, or if that doesn't exist returns the tip
1975 """
1979 """
1976 _rev_type, _rev = self.landing_rev
1980 _rev_type, _rev = self.landing_rev
1977 commit = self.get_commit(_rev)
1981 commit = self.get_commit(_rev)
1978 if isinstance(commit, EmptyCommit):
1982 if isinstance(commit, EmptyCommit):
1979 return self.get_commit()
1983 return self.get_commit()
1980 return commit
1984 return commit
1981
1985
1982 def update_commit_cache(self, cs_cache=None, config=None):
1986 def update_commit_cache(self, cs_cache=None, config=None):
1983 """
1987 """
1984 Update cache of last changeset for repository, keys should be::
1988 Update cache of last changeset for repository, keys should be::
1985
1989
1986 short_id
1990 short_id
1987 raw_id
1991 raw_id
1988 revision
1992 revision
1989 parents
1993 parents
1990 message
1994 message
1991 date
1995 date
1992 author
1996 author
1993
1997
1994 :param cs_cache:
1998 :param cs_cache:
1995 """
1999 """
1996 from rhodecode.lib.vcs.backends.base import BaseChangeset
2000 from rhodecode.lib.vcs.backends.base import BaseChangeset
1997 if cs_cache is None:
2001 if cs_cache is None:
1998 # use no-cache version here
2002 # use no-cache version here
1999 scm_repo = self.scm_instance(cache=False, config=config)
2003 scm_repo = self.scm_instance(cache=False, config=config)
2000 if scm_repo:
2004 if scm_repo:
2001 cs_cache = scm_repo.get_commit(
2005 cs_cache = scm_repo.get_commit(
2002 pre_load=["author", "date", "message", "parents"])
2006 pre_load=["author", "date", "message", "parents"])
2003 else:
2007 else:
2004 cs_cache = EmptyCommit()
2008 cs_cache = EmptyCommit()
2005
2009
2006 if isinstance(cs_cache, BaseChangeset):
2010 if isinstance(cs_cache, BaseChangeset):
2007 cs_cache = cs_cache.__json__()
2011 cs_cache = cs_cache.__json__()
2008
2012
2009 def is_outdated(new_cs_cache):
2013 def is_outdated(new_cs_cache):
2010 if (new_cs_cache['raw_id'] != self.changeset_cache['raw_id'] or
2014 if (new_cs_cache['raw_id'] != self.changeset_cache['raw_id'] or
2011 new_cs_cache['revision'] != self.changeset_cache['revision']):
2015 new_cs_cache['revision'] != self.changeset_cache['revision']):
2012 return True
2016 return True
2013 return False
2017 return False
2014
2018
2015 # check if we have maybe already latest cached revision
2019 # check if we have maybe already latest cached revision
2016 if is_outdated(cs_cache) or not self.changeset_cache:
2020 if is_outdated(cs_cache) or not self.changeset_cache:
2017 _default = datetime.datetime.fromtimestamp(0)
2021 _default = datetime.datetime.fromtimestamp(0)
2018 last_change = cs_cache.get('date') or _default
2022 last_change = cs_cache.get('date') or _default
2019 log.debug('updated repo %s with new cs cache %s',
2023 log.debug('updated repo %s with new cs cache %s',
2020 self.repo_name, cs_cache)
2024 self.repo_name, cs_cache)
2021 self.updated_on = last_change
2025 self.updated_on = last_change
2022 self.changeset_cache = cs_cache
2026 self.changeset_cache = cs_cache
2023 Session().add(self)
2027 Session().add(self)
2024 Session().commit()
2028 Session().commit()
2025 else:
2029 else:
2026 log.debug('Skipping update_commit_cache for repo:`%s` '
2030 log.debug('Skipping update_commit_cache for repo:`%s` '
2027 'commit already with latest changes', self.repo_name)
2031 'commit already with latest changes', self.repo_name)
2028
2032
2029 @property
2033 @property
2030 def tip(self):
2034 def tip(self):
2031 return self.get_commit('tip')
2035 return self.get_commit('tip')
2032
2036
2033 @property
2037 @property
2034 def author(self):
2038 def author(self):
2035 return self.tip.author
2039 return self.tip.author
2036
2040
2037 @property
2041 @property
2038 def last_change(self):
2042 def last_change(self):
2039 return self.scm_instance().last_change
2043 return self.scm_instance().last_change
2040
2044
2041 def get_comments(self, revisions=None):
2045 def get_comments(self, revisions=None):
2042 """
2046 """
2043 Returns comments for this repository grouped by revisions
2047 Returns comments for this repository grouped by revisions
2044
2048
2045 :param revisions: filter query by revisions only
2049 :param revisions: filter query by revisions only
2046 """
2050 """
2047 cmts = ChangesetComment.query()\
2051 cmts = ChangesetComment.query()\
2048 .filter(ChangesetComment.repo == self)
2052 .filter(ChangesetComment.repo == self)
2049 if revisions:
2053 if revisions:
2050 cmts = cmts.filter(ChangesetComment.revision.in_(revisions))
2054 cmts = cmts.filter(ChangesetComment.revision.in_(revisions))
2051 grouped = collections.defaultdict(list)
2055 grouped = collections.defaultdict(list)
2052 for cmt in cmts.all():
2056 for cmt in cmts.all():
2053 grouped[cmt.revision].append(cmt)
2057 grouped[cmt.revision].append(cmt)
2054 return grouped
2058 return grouped
2055
2059
2056 def statuses(self, revisions=None):
2060 def statuses(self, revisions=None):
2057 """
2061 """
2058 Returns statuses for this repository
2062 Returns statuses for this repository
2059
2063
2060 :param revisions: list of revisions to get statuses for
2064 :param revisions: list of revisions to get statuses for
2061 """
2065 """
2062 statuses = ChangesetStatus.query()\
2066 statuses = ChangesetStatus.query()\
2063 .filter(ChangesetStatus.repo == self)\
2067 .filter(ChangesetStatus.repo == self)\
2064 .filter(ChangesetStatus.version == 0)
2068 .filter(ChangesetStatus.version == 0)
2065
2069
2066 if revisions:
2070 if revisions:
2067 # Try doing the filtering in chunks to avoid hitting limits
2071 # Try doing the filtering in chunks to avoid hitting limits
2068 size = 500
2072 size = 500
2069 status_results = []
2073 status_results = []
2070 for chunk in xrange(0, len(revisions), size):
2074 for chunk in xrange(0, len(revisions), size):
2071 status_results += statuses.filter(
2075 status_results += statuses.filter(
2072 ChangesetStatus.revision.in_(
2076 ChangesetStatus.revision.in_(
2073 revisions[chunk: chunk+size])
2077 revisions[chunk: chunk+size])
2074 ).all()
2078 ).all()
2075 else:
2079 else:
2076 status_results = statuses.all()
2080 status_results = statuses.all()
2077
2081
2078 grouped = {}
2082 grouped = {}
2079
2083
2080 # maybe we have open new pullrequest without a status?
2084 # maybe we have open new pullrequest without a status?
2081 stat = ChangesetStatus.STATUS_UNDER_REVIEW
2085 stat = ChangesetStatus.STATUS_UNDER_REVIEW
2082 status_lbl = ChangesetStatus.get_status_lbl(stat)
2086 status_lbl = ChangesetStatus.get_status_lbl(stat)
2083 for pr in PullRequest.query().filter(PullRequest.source_repo == self).all():
2087 for pr in PullRequest.query().filter(PullRequest.source_repo == self).all():
2084 for rev in pr.revisions:
2088 for rev in pr.revisions:
2085 pr_id = pr.pull_request_id
2089 pr_id = pr.pull_request_id
2086 pr_repo = pr.target_repo.repo_name
2090 pr_repo = pr.target_repo.repo_name
2087 grouped[rev] = [stat, status_lbl, pr_id, pr_repo]
2091 grouped[rev] = [stat, status_lbl, pr_id, pr_repo]
2088
2092
2089 for stat in status_results:
2093 for stat in status_results:
2090 pr_id = pr_repo = None
2094 pr_id = pr_repo = None
2091 if stat.pull_request:
2095 if stat.pull_request:
2092 pr_id = stat.pull_request.pull_request_id
2096 pr_id = stat.pull_request.pull_request_id
2093 pr_repo = stat.pull_request.target_repo.repo_name
2097 pr_repo = stat.pull_request.target_repo.repo_name
2094 grouped[stat.revision] = [str(stat.status), stat.status_lbl,
2098 grouped[stat.revision] = [str(stat.status), stat.status_lbl,
2095 pr_id, pr_repo]
2099 pr_id, pr_repo]
2096 return grouped
2100 return grouped
2097
2101
2098 # ==========================================================================
2102 # ==========================================================================
2099 # SCM CACHE INSTANCE
2103 # SCM CACHE INSTANCE
2100 # ==========================================================================
2104 # ==========================================================================
2101
2105
2102 def scm_instance(self, **kwargs):
2106 def scm_instance(self, **kwargs):
2103 import rhodecode
2107 import rhodecode
2104
2108
2105 # Passing a config will not hit the cache currently only used
2109 # Passing a config will not hit the cache currently only used
2106 # for repo2dbmapper
2110 # for repo2dbmapper
2107 config = kwargs.pop('config', None)
2111 config = kwargs.pop('config', None)
2108 cache = kwargs.pop('cache', None)
2112 cache = kwargs.pop('cache', None)
2109 full_cache = str2bool(rhodecode.CONFIG.get('vcs_full_cache'))
2113 full_cache = str2bool(rhodecode.CONFIG.get('vcs_full_cache'))
2110 # if cache is NOT defined use default global, else we have a full
2114 # if cache is NOT defined use default global, else we have a full
2111 # control over cache behaviour
2115 # control over cache behaviour
2112 if cache is None and full_cache and not config:
2116 if cache is None and full_cache and not config:
2113 return self._get_instance_cached()
2117 return self._get_instance_cached()
2114 return self._get_instance(cache=bool(cache), config=config)
2118 return self._get_instance(cache=bool(cache), config=config)
2115
2119
2116 def _get_instance_cached(self):
2120 def _get_instance_cached(self):
2117 @cache_region('long_term')
2121 @cache_region('long_term')
2118 def _get_repo(cache_key):
2122 def _get_repo(cache_key):
2119 return self._get_instance()
2123 return self._get_instance()
2120
2124
2121 invalidator_context = CacheKey.repo_context_cache(
2125 invalidator_context = CacheKey.repo_context_cache(
2122 _get_repo, self.repo_name, None, thread_scoped=True)
2126 _get_repo, self.repo_name, None, thread_scoped=True)
2123
2127
2124 with invalidator_context as context:
2128 with invalidator_context as context:
2125 context.invalidate()
2129 context.invalidate()
2126 repo = context.compute()
2130 repo = context.compute()
2127
2131
2128 return repo
2132 return repo
2129
2133
2130 def _get_instance(self, cache=True, config=None):
2134 def _get_instance(self, cache=True, config=None):
2131 config = config or self._config
2135 config = config or self._config
2132 custom_wire = {
2136 custom_wire = {
2133 'cache': cache # controls the vcs.remote cache
2137 'cache': cache # controls the vcs.remote cache
2134 }
2138 }
2135 repo = get_vcs_instance(
2139 repo = get_vcs_instance(
2136 repo_path=safe_str(self.repo_full_path),
2140 repo_path=safe_str(self.repo_full_path),
2137 config=config,
2141 config=config,
2138 with_wire=custom_wire,
2142 with_wire=custom_wire,
2139 create=False,
2143 create=False,
2140 _vcs_alias=self.repo_type)
2144 _vcs_alias=self.repo_type)
2141
2145
2142 return repo
2146 return repo
2143
2147
2144 def __json__(self):
2148 def __json__(self):
2145 return {'landing_rev': self.landing_rev}
2149 return {'landing_rev': self.landing_rev}
2146
2150
2147 def get_dict(self):
2151 def get_dict(self):
2148
2152
2149 # Since we transformed `repo_name` to a hybrid property, we need to
2153 # Since we transformed `repo_name` to a hybrid property, we need to
2150 # keep compatibility with the code which uses `repo_name` field.
2154 # keep compatibility with the code which uses `repo_name` field.
2151
2155
2152 result = super(Repository, self).get_dict()
2156 result = super(Repository, self).get_dict()
2153 result['repo_name'] = result.pop('_repo_name', None)
2157 result['repo_name'] = result.pop('_repo_name', None)
2154 return result
2158 return result
2155
2159
2156
2160
2157 class RepoGroup(Base, BaseModel):
2161 class RepoGroup(Base, BaseModel):
2158 __tablename__ = 'groups'
2162 __tablename__ = 'groups'
2159 __table_args__ = (
2163 __table_args__ = (
2160 UniqueConstraint('group_name', 'group_parent_id'),
2164 UniqueConstraint('group_name', 'group_parent_id'),
2161 CheckConstraint('group_id != group_parent_id'),
2165 CheckConstraint('group_id != group_parent_id'),
2162 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2166 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2163 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
2167 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
2164 )
2168 )
2165 __mapper_args__ = {'order_by': 'group_name'}
2169 __mapper_args__ = {'order_by': 'group_name'}
2166
2170
2167 CHOICES_SEPARATOR = '/' # used to generate select2 choices for nested groups
2171 CHOICES_SEPARATOR = '/' # used to generate select2 choices for nested groups
2168
2172
2169 group_id = Column("group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2173 group_id = Column("group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2170 group_name = Column("group_name", String(255), nullable=False, unique=True, default=None)
2174 group_name = Column("group_name", String(255), nullable=False, unique=True, default=None)
2171 group_parent_id = Column("group_parent_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)
2175 group_parent_id = Column("group_parent_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)
2172 group_description = Column("group_description", String(10000), nullable=True, unique=None, default=None)
2176 group_description = Column("group_description", String(10000), nullable=True, unique=None, default=None)
2173 enable_locking = Column("enable_locking", Boolean(), nullable=False, unique=None, default=False)
2177 enable_locking = Column("enable_locking", Boolean(), nullable=False, unique=None, default=False)
2174 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
2178 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
2175 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
2179 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
2176 personal = Column('personal', Boolean(), nullable=True, unique=None, default=None)
2180 personal = Column('personal', Boolean(), nullable=True, unique=None, default=None)
2177
2181
2178 repo_group_to_perm = relationship('UserRepoGroupToPerm', cascade='all', order_by='UserRepoGroupToPerm.group_to_perm_id')
2182 repo_group_to_perm = relationship('UserRepoGroupToPerm', cascade='all', order_by='UserRepoGroupToPerm.group_to_perm_id')
2179 users_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')
2183 users_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')
2180 parent_group = relationship('RepoGroup', remote_side=group_id)
2184 parent_group = relationship('RepoGroup', remote_side=group_id)
2181 user = relationship('User')
2185 user = relationship('User')
2182 integrations = relationship('Integration',
2186 integrations = relationship('Integration',
2183 cascade="all, delete, delete-orphan")
2187 cascade="all, delete, delete-orphan")
2184
2188
2185 def __init__(self, group_name='', parent_group=None):
2189 def __init__(self, group_name='', parent_group=None):
2186 self.group_name = group_name
2190 self.group_name = group_name
2187 self.parent_group = parent_group
2191 self.parent_group = parent_group
2188
2192
2189 def __unicode__(self):
2193 def __unicode__(self):
2190 return u"<%s('id:%s:%s')>" % (self.__class__.__name__, self.group_id,
2194 return u"<%s('id:%s:%s')>" % (self.__class__.__name__, self.group_id,
2191 self.group_name)
2195 self.group_name)
2192
2196
2193 @classmethod
2197 @classmethod
2194 def _generate_choice(cls, repo_group):
2198 def _generate_choice(cls, repo_group):
2195 from webhelpers.html import literal as _literal
2199 from webhelpers.html import literal as _literal
2196 _name = lambda k: _literal(cls.CHOICES_SEPARATOR.join(k))
2200 _name = lambda k: _literal(cls.CHOICES_SEPARATOR.join(k))
2197 return repo_group.group_id, _name(repo_group.full_path_splitted)
2201 return repo_group.group_id, _name(repo_group.full_path_splitted)
2198
2202
2199 @classmethod
2203 @classmethod
2200 def groups_choices(cls, groups=None, show_empty_group=True):
2204 def groups_choices(cls, groups=None, show_empty_group=True):
2201 if not groups:
2205 if not groups:
2202 groups = cls.query().all()
2206 groups = cls.query().all()
2203
2207
2204 repo_groups = []
2208 repo_groups = []
2205 if show_empty_group:
2209 if show_empty_group:
2206 repo_groups = [(-1, u'-- %s --' % _('No parent'))]
2210 repo_groups = [(-1, u'-- %s --' % _('No parent'))]
2207
2211
2208 repo_groups.extend([cls._generate_choice(x) for x in groups])
2212 repo_groups.extend([cls._generate_choice(x) for x in groups])
2209
2213
2210 repo_groups = sorted(
2214 repo_groups = sorted(
2211 repo_groups, key=lambda t: t[1].split(cls.CHOICES_SEPARATOR)[0])
2215 repo_groups, key=lambda t: t[1].split(cls.CHOICES_SEPARATOR)[0])
2212 return repo_groups
2216 return repo_groups
2213
2217
2214 @classmethod
2218 @classmethod
2215 def url_sep(cls):
2219 def url_sep(cls):
2216 return URL_SEP
2220 return URL_SEP
2217
2221
2218 @classmethod
2222 @classmethod
2219 def get_by_group_name(cls, group_name, cache=False, case_insensitive=False):
2223 def get_by_group_name(cls, group_name, cache=False, case_insensitive=False):
2220 if case_insensitive:
2224 if case_insensitive:
2221 gr = cls.query().filter(func.lower(cls.group_name)
2225 gr = cls.query().filter(func.lower(cls.group_name)
2222 == func.lower(group_name))
2226 == func.lower(group_name))
2223 else:
2227 else:
2224 gr = cls.query().filter(cls.group_name == group_name)
2228 gr = cls.query().filter(cls.group_name == group_name)
2225 if cache:
2229 if cache:
2226 name_key = _hash_key(group_name)
2230 name_key = _hash_key(group_name)
2227 gr = gr.options(
2231 gr = gr.options(
2228 FromCache("sql_cache_short", "get_group_%s" % name_key))
2232 FromCache("sql_cache_short", "get_group_%s" % name_key))
2229 return gr.scalar()
2233 return gr.scalar()
2230
2234
2231 @classmethod
2235 @classmethod
2232 def get_user_personal_repo_group(cls, user_id):
2236 def get_user_personal_repo_group(cls, user_id):
2233 user = User.get(user_id)
2237 user = User.get(user_id)
2234 if user.username == User.DEFAULT_USER:
2238 if user.username == User.DEFAULT_USER:
2235 return None
2239 return None
2236
2240
2237 return cls.query()\
2241 return cls.query()\
2238 .filter(cls.personal == true()) \
2242 .filter(cls.personal == true()) \
2239 .filter(cls.user == user).scalar()
2243 .filter(cls.user == user).scalar()
2240
2244
2241 @classmethod
2245 @classmethod
2242 def get_all_repo_groups(cls, user_id=Optional(None), group_id=Optional(None),
2246 def get_all_repo_groups(cls, user_id=Optional(None), group_id=Optional(None),
2243 case_insensitive=True):
2247 case_insensitive=True):
2244 q = RepoGroup.query()
2248 q = RepoGroup.query()
2245
2249
2246 if not isinstance(user_id, Optional):
2250 if not isinstance(user_id, Optional):
2247 q = q.filter(RepoGroup.user_id == user_id)
2251 q = q.filter(RepoGroup.user_id == user_id)
2248
2252
2249 if not isinstance(group_id, Optional):
2253 if not isinstance(group_id, Optional):
2250 q = q.filter(RepoGroup.group_parent_id == group_id)
2254 q = q.filter(RepoGroup.group_parent_id == group_id)
2251
2255
2252 if case_insensitive:
2256 if case_insensitive:
2253 q = q.order_by(func.lower(RepoGroup.group_name))
2257 q = q.order_by(func.lower(RepoGroup.group_name))
2254 else:
2258 else:
2255 q = q.order_by(RepoGroup.group_name)
2259 q = q.order_by(RepoGroup.group_name)
2256 return q.all()
2260 return q.all()
2257
2261
2258 @property
2262 @property
2259 def parents(self):
2263 def parents(self):
2260 parents_recursion_limit = 10
2264 parents_recursion_limit = 10
2261 groups = []
2265 groups = []
2262 if self.parent_group is None:
2266 if self.parent_group is None:
2263 return groups
2267 return groups
2264 cur_gr = self.parent_group
2268 cur_gr = self.parent_group
2265 groups.insert(0, cur_gr)
2269 groups.insert(0, cur_gr)
2266 cnt = 0
2270 cnt = 0
2267 while 1:
2271 while 1:
2268 cnt += 1
2272 cnt += 1
2269 gr = getattr(cur_gr, 'parent_group', None)
2273 gr = getattr(cur_gr, 'parent_group', None)
2270 cur_gr = cur_gr.parent_group
2274 cur_gr = cur_gr.parent_group
2271 if gr is None:
2275 if gr is None:
2272 break
2276 break
2273 if cnt == parents_recursion_limit:
2277 if cnt == parents_recursion_limit:
2274 # this will prevent accidental infinit loops
2278 # this will prevent accidental infinit loops
2275 log.error(('more than %s parents found for group %s, stopping '
2279 log.error(('more than %s parents found for group %s, stopping '
2276 'recursive parent fetching' % (parents_recursion_limit, self)))
2280 'recursive parent fetching' % (parents_recursion_limit, self)))
2277 break
2281 break
2278
2282
2279 groups.insert(0, gr)
2283 groups.insert(0, gr)
2280 return groups
2284 return groups
2281
2285
2282 @property
2286 @property
2283 def children(self):
2287 def children(self):
2284 return RepoGroup.query().filter(RepoGroup.parent_group == self)
2288 return RepoGroup.query().filter(RepoGroup.parent_group == self)
2285
2289
2286 @property
2290 @property
2287 def name(self):
2291 def name(self):
2288 return self.group_name.split(RepoGroup.url_sep())[-1]
2292 return self.group_name.split(RepoGroup.url_sep())[-1]
2289
2293
2290 @property
2294 @property
2291 def full_path(self):
2295 def full_path(self):
2292 return self.group_name
2296 return self.group_name
2293
2297
2294 @property
2298 @property
2295 def full_path_splitted(self):
2299 def full_path_splitted(self):
2296 return self.group_name.split(RepoGroup.url_sep())
2300 return self.group_name.split(RepoGroup.url_sep())
2297
2301
2298 @property
2302 @property
2299 def repositories(self):
2303 def repositories(self):
2300 return Repository.query()\
2304 return Repository.query()\
2301 .filter(Repository.group == self)\
2305 .filter(Repository.group == self)\
2302 .order_by(Repository.repo_name)
2306 .order_by(Repository.repo_name)
2303
2307
2304 @property
2308 @property
2305 def repositories_recursive_count(self):
2309 def repositories_recursive_count(self):
2306 cnt = self.repositories.count()
2310 cnt = self.repositories.count()
2307
2311
2308 def children_count(group):
2312 def children_count(group):
2309 cnt = 0
2313 cnt = 0
2310 for child in group.children:
2314 for child in group.children:
2311 cnt += child.repositories.count()
2315 cnt += child.repositories.count()
2312 cnt += children_count(child)
2316 cnt += children_count(child)
2313 return cnt
2317 return cnt
2314
2318
2315 return cnt + children_count(self)
2319 return cnt + children_count(self)
2316
2320
2317 def _recursive_objects(self, include_repos=True):
2321 def _recursive_objects(self, include_repos=True):
2318 all_ = []
2322 all_ = []
2319
2323
2320 def _get_members(root_gr):
2324 def _get_members(root_gr):
2321 if include_repos:
2325 if include_repos:
2322 for r in root_gr.repositories:
2326 for r in root_gr.repositories:
2323 all_.append(r)
2327 all_.append(r)
2324 childs = root_gr.children.all()
2328 childs = root_gr.children.all()
2325 if childs:
2329 if childs:
2326 for gr in childs:
2330 for gr in childs:
2327 all_.append(gr)
2331 all_.append(gr)
2328 _get_members(gr)
2332 _get_members(gr)
2329
2333
2330 _get_members(self)
2334 _get_members(self)
2331 return [self] + all_
2335 return [self] + all_
2332
2336
2333 def recursive_groups_and_repos(self):
2337 def recursive_groups_and_repos(self):
2334 """
2338 """
2335 Recursive return all groups, with repositories in those groups
2339 Recursive return all groups, with repositories in those groups
2336 """
2340 """
2337 return self._recursive_objects()
2341 return self._recursive_objects()
2338
2342
2339 def recursive_groups(self):
2343 def recursive_groups(self):
2340 """
2344 """
2341 Returns all children groups for this group including children of children
2345 Returns all children groups for this group including children of children
2342 """
2346 """
2343 return self._recursive_objects(include_repos=False)
2347 return self._recursive_objects(include_repos=False)
2344
2348
2345 def get_new_name(self, group_name):
2349 def get_new_name(self, group_name):
2346 """
2350 """
2347 returns new full group name based on parent and new name
2351 returns new full group name based on parent and new name
2348
2352
2349 :param group_name:
2353 :param group_name:
2350 """
2354 """
2351 path_prefix = (self.parent_group.full_path_splitted if
2355 path_prefix = (self.parent_group.full_path_splitted if
2352 self.parent_group else [])
2356 self.parent_group else [])
2353 return RepoGroup.url_sep().join(path_prefix + [group_name])
2357 return RepoGroup.url_sep().join(path_prefix + [group_name])
2354
2358
2355 def permissions(self, with_admins=True, with_owner=True):
2359 def permissions(self, with_admins=True, with_owner=True):
2356 q = UserRepoGroupToPerm.query().filter(UserRepoGroupToPerm.group == self)
2360 q = UserRepoGroupToPerm.query().filter(UserRepoGroupToPerm.group == self)
2357 q = q.options(joinedload(UserRepoGroupToPerm.group),
2361 q = q.options(joinedload(UserRepoGroupToPerm.group),
2358 joinedload(UserRepoGroupToPerm.user),
2362 joinedload(UserRepoGroupToPerm.user),
2359 joinedload(UserRepoGroupToPerm.permission),)
2363 joinedload(UserRepoGroupToPerm.permission),)
2360
2364
2361 # get owners and admins and permissions. We do a trick of re-writing
2365 # get owners and admins and permissions. We do a trick of re-writing
2362 # objects from sqlalchemy to named-tuples due to sqlalchemy session
2366 # objects from sqlalchemy to named-tuples due to sqlalchemy session
2363 # has a global reference and changing one object propagates to all
2367 # has a global reference and changing one object propagates to all
2364 # others. This means if admin is also an owner admin_row that change
2368 # others. This means if admin is also an owner admin_row that change
2365 # would propagate to both objects
2369 # would propagate to both objects
2366 perm_rows = []
2370 perm_rows = []
2367 for _usr in q.all():
2371 for _usr in q.all():
2368 usr = AttributeDict(_usr.user.get_dict())
2372 usr = AttributeDict(_usr.user.get_dict())
2369 usr.permission = _usr.permission.permission_name
2373 usr.permission = _usr.permission.permission_name
2370 perm_rows.append(usr)
2374 perm_rows.append(usr)
2371
2375
2372 # filter the perm rows by 'default' first and then sort them by
2376 # filter the perm rows by 'default' first and then sort them by
2373 # admin,write,read,none permissions sorted again alphabetically in
2377 # admin,write,read,none permissions sorted again alphabetically in
2374 # each group
2378 # each group
2375 perm_rows = sorted(perm_rows, key=display_sort)
2379 perm_rows = sorted(perm_rows, key=display_sort)
2376
2380
2377 _admin_perm = 'group.admin'
2381 _admin_perm = 'group.admin'
2378 owner_row = []
2382 owner_row = []
2379 if with_owner:
2383 if with_owner:
2380 usr = AttributeDict(self.user.get_dict())
2384 usr = AttributeDict(self.user.get_dict())
2381 usr.owner_row = True
2385 usr.owner_row = True
2382 usr.permission = _admin_perm
2386 usr.permission = _admin_perm
2383 owner_row.append(usr)
2387 owner_row.append(usr)
2384
2388
2385 super_admin_rows = []
2389 super_admin_rows = []
2386 if with_admins:
2390 if with_admins:
2387 for usr in User.get_all_super_admins():
2391 for usr in User.get_all_super_admins():
2388 # if this admin is also owner, don't double the record
2392 # if this admin is also owner, don't double the record
2389 if usr.user_id == owner_row[0].user_id:
2393 if usr.user_id == owner_row[0].user_id:
2390 owner_row[0].admin_row = True
2394 owner_row[0].admin_row = True
2391 else:
2395 else:
2392 usr = AttributeDict(usr.get_dict())
2396 usr = AttributeDict(usr.get_dict())
2393 usr.admin_row = True
2397 usr.admin_row = True
2394 usr.permission = _admin_perm
2398 usr.permission = _admin_perm
2395 super_admin_rows.append(usr)
2399 super_admin_rows.append(usr)
2396
2400
2397 return super_admin_rows + owner_row + perm_rows
2401 return super_admin_rows + owner_row + perm_rows
2398
2402
2399 def permission_user_groups(self):
2403 def permission_user_groups(self):
2400 q = UserGroupRepoGroupToPerm.query().filter(UserGroupRepoGroupToPerm.group == self)
2404 q = UserGroupRepoGroupToPerm.query().filter(UserGroupRepoGroupToPerm.group == self)
2401 q = q.options(joinedload(UserGroupRepoGroupToPerm.group),
2405 q = q.options(joinedload(UserGroupRepoGroupToPerm.group),
2402 joinedload(UserGroupRepoGroupToPerm.users_group),
2406 joinedload(UserGroupRepoGroupToPerm.users_group),
2403 joinedload(UserGroupRepoGroupToPerm.permission),)
2407 joinedload(UserGroupRepoGroupToPerm.permission),)
2404
2408
2405 perm_rows = []
2409 perm_rows = []
2406 for _user_group in q.all():
2410 for _user_group in q.all():
2407 usr = AttributeDict(_user_group.users_group.get_dict())
2411 usr = AttributeDict(_user_group.users_group.get_dict())
2408 usr.permission = _user_group.permission.permission_name
2412 usr.permission = _user_group.permission.permission_name
2409 perm_rows.append(usr)
2413 perm_rows.append(usr)
2410
2414
2411 return perm_rows
2415 return perm_rows
2412
2416
2413 def get_api_data(self):
2417 def get_api_data(self):
2414 """
2418 """
2415 Common function for generating api data
2419 Common function for generating api data
2416
2420
2417 """
2421 """
2418 group = self
2422 group = self
2419 data = {
2423 data = {
2420 'group_id': group.group_id,
2424 'group_id': group.group_id,
2421 'group_name': group.group_name,
2425 'group_name': group.group_name,
2422 'group_description': group.group_description,
2426 'group_description': group.group_description,
2423 'parent_group': group.parent_group.group_name if group.parent_group else None,
2427 'parent_group': group.parent_group.group_name if group.parent_group else None,
2424 'repositories': [x.repo_name for x in group.repositories],
2428 'repositories': [x.repo_name for x in group.repositories],
2425 'owner': group.user.username,
2429 'owner': group.user.username,
2426 }
2430 }
2427 return data
2431 return data
2428
2432
2429
2433
2430 class Permission(Base, BaseModel):
2434 class Permission(Base, BaseModel):
2431 __tablename__ = 'permissions'
2435 __tablename__ = 'permissions'
2432 __table_args__ = (
2436 __table_args__ = (
2433 Index('p_perm_name_idx', 'permission_name'),
2437 Index('p_perm_name_idx', 'permission_name'),
2434 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2438 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2435 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
2439 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
2436 )
2440 )
2437 PERMS = [
2441 PERMS = [
2438 ('hg.admin', _('RhodeCode Super Administrator')),
2442 ('hg.admin', _('RhodeCode Super Administrator')),
2439
2443
2440 ('repository.none', _('Repository no access')),
2444 ('repository.none', _('Repository no access')),
2441 ('repository.read', _('Repository read access')),
2445 ('repository.read', _('Repository read access')),
2442 ('repository.write', _('Repository write access')),
2446 ('repository.write', _('Repository write access')),
2443 ('repository.admin', _('Repository admin access')),
2447 ('repository.admin', _('Repository admin access')),
2444
2448
2445 ('group.none', _('Repository group no access')),
2449 ('group.none', _('Repository group no access')),
2446 ('group.read', _('Repository group read access')),
2450 ('group.read', _('Repository group read access')),
2447 ('group.write', _('Repository group write access')),
2451 ('group.write', _('Repository group write access')),
2448 ('group.admin', _('Repository group admin access')),
2452 ('group.admin', _('Repository group admin access')),
2449
2453
2450 ('usergroup.none', _('User group no access')),
2454 ('usergroup.none', _('User group no access')),
2451 ('usergroup.read', _('User group read access')),
2455 ('usergroup.read', _('User group read access')),
2452 ('usergroup.write', _('User group write access')),
2456 ('usergroup.write', _('User group write access')),
2453 ('usergroup.admin', _('User group admin access')),
2457 ('usergroup.admin', _('User group admin access')),
2454
2458
2455 ('hg.repogroup.create.false', _('Repository Group creation disabled')),
2459 ('hg.repogroup.create.false', _('Repository Group creation disabled')),
2456 ('hg.repogroup.create.true', _('Repository Group creation enabled')),
2460 ('hg.repogroup.create.true', _('Repository Group creation enabled')),
2457
2461
2458 ('hg.usergroup.create.false', _('User Group creation disabled')),
2462 ('hg.usergroup.create.false', _('User Group creation disabled')),
2459 ('hg.usergroup.create.true', _('User Group creation enabled')),
2463 ('hg.usergroup.create.true', _('User Group creation enabled')),
2460
2464
2461 ('hg.create.none', _('Repository creation disabled')),
2465 ('hg.create.none', _('Repository creation disabled')),
2462 ('hg.create.repository', _('Repository creation enabled')),
2466 ('hg.create.repository', _('Repository creation enabled')),
2463 ('hg.create.write_on_repogroup.true', _('Repository creation enabled with write permission to a repository group')),
2467 ('hg.create.write_on_repogroup.true', _('Repository creation enabled with write permission to a repository group')),
2464 ('hg.create.write_on_repogroup.false', _('Repository creation disabled with write permission to a repository group')),
2468 ('hg.create.write_on_repogroup.false', _('Repository creation disabled with write permission to a repository group')),
2465
2469
2466 ('hg.fork.none', _('Repository forking disabled')),
2470 ('hg.fork.none', _('Repository forking disabled')),
2467 ('hg.fork.repository', _('Repository forking enabled')),
2471 ('hg.fork.repository', _('Repository forking enabled')),
2468
2472
2469 ('hg.register.none', _('Registration disabled')),
2473 ('hg.register.none', _('Registration disabled')),
2470 ('hg.register.manual_activate', _('User Registration with manual account activation')),
2474 ('hg.register.manual_activate', _('User Registration with manual account activation')),
2471 ('hg.register.auto_activate', _('User Registration with automatic account activation')),
2475 ('hg.register.auto_activate', _('User Registration with automatic account activation')),
2472
2476
2473 ('hg.password_reset.enabled', _('Password reset enabled')),
2477 ('hg.password_reset.enabled', _('Password reset enabled')),
2474 ('hg.password_reset.hidden', _('Password reset hidden')),
2478 ('hg.password_reset.hidden', _('Password reset hidden')),
2475 ('hg.password_reset.disabled', _('Password reset disabled')),
2479 ('hg.password_reset.disabled', _('Password reset disabled')),
2476
2480
2477 ('hg.extern_activate.manual', _('Manual activation of external account')),
2481 ('hg.extern_activate.manual', _('Manual activation of external account')),
2478 ('hg.extern_activate.auto', _('Automatic activation of external account')),
2482 ('hg.extern_activate.auto', _('Automatic activation of external account')),
2479
2483
2480 ('hg.inherit_default_perms.false', _('Inherit object permissions from default user disabled')),
2484 ('hg.inherit_default_perms.false', _('Inherit object permissions from default user disabled')),
2481 ('hg.inherit_default_perms.true', _('Inherit object permissions from default user enabled')),
2485 ('hg.inherit_default_perms.true', _('Inherit object permissions from default user enabled')),
2482 ]
2486 ]
2483
2487
2484 # definition of system default permissions for DEFAULT user
2488 # definition of system default permissions for DEFAULT user
2485 DEFAULT_USER_PERMISSIONS = [
2489 DEFAULT_USER_PERMISSIONS = [
2486 'repository.read',
2490 'repository.read',
2487 'group.read',
2491 'group.read',
2488 'usergroup.read',
2492 'usergroup.read',
2489 'hg.create.repository',
2493 'hg.create.repository',
2490 'hg.repogroup.create.false',
2494 'hg.repogroup.create.false',
2491 'hg.usergroup.create.false',
2495 'hg.usergroup.create.false',
2492 'hg.create.write_on_repogroup.true',
2496 'hg.create.write_on_repogroup.true',
2493 'hg.fork.repository',
2497 'hg.fork.repository',
2494 'hg.register.manual_activate',
2498 'hg.register.manual_activate',
2495 'hg.password_reset.enabled',
2499 'hg.password_reset.enabled',
2496 'hg.extern_activate.auto',
2500 'hg.extern_activate.auto',
2497 'hg.inherit_default_perms.true',
2501 'hg.inherit_default_perms.true',
2498 ]
2502 ]
2499
2503
2500 # defines which permissions are more important higher the more important
2504 # defines which permissions are more important higher the more important
2501 # Weight defines which permissions are more important.
2505 # Weight defines which permissions are more important.
2502 # The higher number the more important.
2506 # The higher number the more important.
2503 PERM_WEIGHTS = {
2507 PERM_WEIGHTS = {
2504 'repository.none': 0,
2508 'repository.none': 0,
2505 'repository.read': 1,
2509 'repository.read': 1,
2506 'repository.write': 3,
2510 'repository.write': 3,
2507 'repository.admin': 4,
2511 'repository.admin': 4,
2508
2512
2509 'group.none': 0,
2513 'group.none': 0,
2510 'group.read': 1,
2514 'group.read': 1,
2511 'group.write': 3,
2515 'group.write': 3,
2512 'group.admin': 4,
2516 'group.admin': 4,
2513
2517
2514 'usergroup.none': 0,
2518 'usergroup.none': 0,
2515 'usergroup.read': 1,
2519 'usergroup.read': 1,
2516 'usergroup.write': 3,
2520 'usergroup.write': 3,
2517 'usergroup.admin': 4,
2521 'usergroup.admin': 4,
2518
2522
2519 'hg.repogroup.create.false': 0,
2523 'hg.repogroup.create.false': 0,
2520 'hg.repogroup.create.true': 1,
2524 'hg.repogroup.create.true': 1,
2521
2525
2522 'hg.usergroup.create.false': 0,
2526 'hg.usergroup.create.false': 0,
2523 'hg.usergroup.create.true': 1,
2527 'hg.usergroup.create.true': 1,
2524
2528
2525 'hg.fork.none': 0,
2529 'hg.fork.none': 0,
2526 'hg.fork.repository': 1,
2530 'hg.fork.repository': 1,
2527 'hg.create.none': 0,
2531 'hg.create.none': 0,
2528 'hg.create.repository': 1
2532 'hg.create.repository': 1
2529 }
2533 }
2530
2534
2531 permission_id = Column("permission_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2535 permission_id = Column("permission_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2532 permission_name = Column("permission_name", String(255), nullable=True, unique=None, default=None)
2536 permission_name = Column("permission_name", String(255), nullable=True, unique=None, default=None)
2533 permission_longname = Column("permission_longname", String(255), nullable=True, unique=None, default=None)
2537 permission_longname = Column("permission_longname", String(255), nullable=True, unique=None, default=None)
2534
2538
2535 def __unicode__(self):
2539 def __unicode__(self):
2536 return u"<%s('%s:%s')>" % (
2540 return u"<%s('%s:%s')>" % (
2537 self.__class__.__name__, self.permission_id, self.permission_name
2541 self.__class__.__name__, self.permission_id, self.permission_name
2538 )
2542 )
2539
2543
2540 @classmethod
2544 @classmethod
2541 def get_by_key(cls, key):
2545 def get_by_key(cls, key):
2542 return cls.query().filter(cls.permission_name == key).scalar()
2546 return cls.query().filter(cls.permission_name == key).scalar()
2543
2547
2544 @classmethod
2548 @classmethod
2545 def get_default_repo_perms(cls, user_id, repo_id=None):
2549 def get_default_repo_perms(cls, user_id, repo_id=None):
2546 q = Session().query(UserRepoToPerm, Repository, Permission)\
2550 q = Session().query(UserRepoToPerm, Repository, Permission)\
2547 .join((Permission, UserRepoToPerm.permission_id == Permission.permission_id))\
2551 .join((Permission, UserRepoToPerm.permission_id == Permission.permission_id))\
2548 .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\
2552 .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\
2549 .filter(UserRepoToPerm.user_id == user_id)
2553 .filter(UserRepoToPerm.user_id == user_id)
2550 if repo_id:
2554 if repo_id:
2551 q = q.filter(UserRepoToPerm.repository_id == repo_id)
2555 q = q.filter(UserRepoToPerm.repository_id == repo_id)
2552 return q.all()
2556 return q.all()
2553
2557
2554 @classmethod
2558 @classmethod
2555 def get_default_repo_perms_from_user_group(cls, user_id, repo_id=None):
2559 def get_default_repo_perms_from_user_group(cls, user_id, repo_id=None):
2556 q = Session().query(UserGroupRepoToPerm, Repository, Permission)\
2560 q = Session().query(UserGroupRepoToPerm, Repository, Permission)\
2557 .join(
2561 .join(
2558 Permission,
2562 Permission,
2559 UserGroupRepoToPerm.permission_id == Permission.permission_id)\
2563 UserGroupRepoToPerm.permission_id == Permission.permission_id)\
2560 .join(
2564 .join(
2561 Repository,
2565 Repository,
2562 UserGroupRepoToPerm.repository_id == Repository.repo_id)\
2566 UserGroupRepoToPerm.repository_id == Repository.repo_id)\
2563 .join(
2567 .join(
2564 UserGroup,
2568 UserGroup,
2565 UserGroupRepoToPerm.users_group_id ==
2569 UserGroupRepoToPerm.users_group_id ==
2566 UserGroup.users_group_id)\
2570 UserGroup.users_group_id)\
2567 .join(
2571 .join(
2568 UserGroupMember,
2572 UserGroupMember,
2569 UserGroupRepoToPerm.users_group_id ==
2573 UserGroupRepoToPerm.users_group_id ==
2570 UserGroupMember.users_group_id)\
2574 UserGroupMember.users_group_id)\
2571 .filter(
2575 .filter(
2572 UserGroupMember.user_id == user_id,
2576 UserGroupMember.user_id == user_id,
2573 UserGroup.users_group_active == true())
2577 UserGroup.users_group_active == true())
2574 if repo_id:
2578 if repo_id:
2575 q = q.filter(UserGroupRepoToPerm.repository_id == repo_id)
2579 q = q.filter(UserGroupRepoToPerm.repository_id == repo_id)
2576 return q.all()
2580 return q.all()
2577
2581
2578 @classmethod
2582 @classmethod
2579 def get_default_group_perms(cls, user_id, repo_group_id=None):
2583 def get_default_group_perms(cls, user_id, repo_group_id=None):
2580 q = Session().query(UserRepoGroupToPerm, RepoGroup, Permission)\
2584 q = Session().query(UserRepoGroupToPerm, RepoGroup, Permission)\
2581 .join((Permission, UserRepoGroupToPerm.permission_id == Permission.permission_id))\
2585 .join((Permission, UserRepoGroupToPerm.permission_id == Permission.permission_id))\
2582 .join((RepoGroup, UserRepoGroupToPerm.group_id == RepoGroup.group_id))\
2586 .join((RepoGroup, UserRepoGroupToPerm.group_id == RepoGroup.group_id))\
2583 .filter(UserRepoGroupToPerm.user_id == user_id)
2587 .filter(UserRepoGroupToPerm.user_id == user_id)
2584 if repo_group_id:
2588 if repo_group_id:
2585 q = q.filter(UserRepoGroupToPerm.group_id == repo_group_id)
2589 q = q.filter(UserRepoGroupToPerm.group_id == repo_group_id)
2586 return q.all()
2590 return q.all()
2587
2591
2588 @classmethod
2592 @classmethod
2589 def get_default_group_perms_from_user_group(
2593 def get_default_group_perms_from_user_group(
2590 cls, user_id, repo_group_id=None):
2594 cls, user_id, repo_group_id=None):
2591 q = Session().query(UserGroupRepoGroupToPerm, RepoGroup, Permission)\
2595 q = Session().query(UserGroupRepoGroupToPerm, RepoGroup, Permission)\
2592 .join(
2596 .join(
2593 Permission,
2597 Permission,
2594 UserGroupRepoGroupToPerm.permission_id ==
2598 UserGroupRepoGroupToPerm.permission_id ==
2595 Permission.permission_id)\
2599 Permission.permission_id)\
2596 .join(
2600 .join(
2597 RepoGroup,
2601 RepoGroup,
2598 UserGroupRepoGroupToPerm.group_id == RepoGroup.group_id)\
2602 UserGroupRepoGroupToPerm.group_id == RepoGroup.group_id)\
2599 .join(
2603 .join(
2600 UserGroup,
2604 UserGroup,
2601 UserGroupRepoGroupToPerm.users_group_id ==
2605 UserGroupRepoGroupToPerm.users_group_id ==
2602 UserGroup.users_group_id)\
2606 UserGroup.users_group_id)\
2603 .join(
2607 .join(
2604 UserGroupMember,
2608 UserGroupMember,
2605 UserGroupRepoGroupToPerm.users_group_id ==
2609 UserGroupRepoGroupToPerm.users_group_id ==
2606 UserGroupMember.users_group_id)\
2610 UserGroupMember.users_group_id)\
2607 .filter(
2611 .filter(
2608 UserGroupMember.user_id == user_id,
2612 UserGroupMember.user_id == user_id,
2609 UserGroup.users_group_active == true())
2613 UserGroup.users_group_active == true())
2610 if repo_group_id:
2614 if repo_group_id:
2611 q = q.filter(UserGroupRepoGroupToPerm.group_id == repo_group_id)
2615 q = q.filter(UserGroupRepoGroupToPerm.group_id == repo_group_id)
2612 return q.all()
2616 return q.all()
2613
2617
2614 @classmethod
2618 @classmethod
2615 def get_default_user_group_perms(cls, user_id, user_group_id=None):
2619 def get_default_user_group_perms(cls, user_id, user_group_id=None):
2616 q = Session().query(UserUserGroupToPerm, UserGroup, Permission)\
2620 q = Session().query(UserUserGroupToPerm, UserGroup, Permission)\
2617 .join((Permission, UserUserGroupToPerm.permission_id == Permission.permission_id))\
2621 .join((Permission, UserUserGroupToPerm.permission_id == Permission.permission_id))\
2618 .join((UserGroup, UserUserGroupToPerm.user_group_id == UserGroup.users_group_id))\
2622 .join((UserGroup, UserUserGroupToPerm.user_group_id == UserGroup.users_group_id))\
2619 .filter(UserUserGroupToPerm.user_id == user_id)
2623 .filter(UserUserGroupToPerm.user_id == user_id)
2620 if user_group_id:
2624 if user_group_id:
2621 q = q.filter(UserUserGroupToPerm.user_group_id == user_group_id)
2625 q = q.filter(UserUserGroupToPerm.user_group_id == user_group_id)
2622 return q.all()
2626 return q.all()
2623
2627
2624 @classmethod
2628 @classmethod
2625 def get_default_user_group_perms_from_user_group(
2629 def get_default_user_group_perms_from_user_group(
2626 cls, user_id, user_group_id=None):
2630 cls, user_id, user_group_id=None):
2627 TargetUserGroup = aliased(UserGroup, name='target_user_group')
2631 TargetUserGroup = aliased(UserGroup, name='target_user_group')
2628 q = Session().query(UserGroupUserGroupToPerm, UserGroup, Permission)\
2632 q = Session().query(UserGroupUserGroupToPerm, UserGroup, Permission)\
2629 .join(
2633 .join(
2630 Permission,
2634 Permission,
2631 UserGroupUserGroupToPerm.permission_id ==
2635 UserGroupUserGroupToPerm.permission_id ==
2632 Permission.permission_id)\
2636 Permission.permission_id)\
2633 .join(
2637 .join(
2634 TargetUserGroup,
2638 TargetUserGroup,
2635 UserGroupUserGroupToPerm.target_user_group_id ==
2639 UserGroupUserGroupToPerm.target_user_group_id ==
2636 TargetUserGroup.users_group_id)\
2640 TargetUserGroup.users_group_id)\
2637 .join(
2641 .join(
2638 UserGroup,
2642 UserGroup,
2639 UserGroupUserGroupToPerm.user_group_id ==
2643 UserGroupUserGroupToPerm.user_group_id ==
2640 UserGroup.users_group_id)\
2644 UserGroup.users_group_id)\
2641 .join(
2645 .join(
2642 UserGroupMember,
2646 UserGroupMember,
2643 UserGroupUserGroupToPerm.user_group_id ==
2647 UserGroupUserGroupToPerm.user_group_id ==
2644 UserGroupMember.users_group_id)\
2648 UserGroupMember.users_group_id)\
2645 .filter(
2649 .filter(
2646 UserGroupMember.user_id == user_id,
2650 UserGroupMember.user_id == user_id,
2647 UserGroup.users_group_active == true())
2651 UserGroup.users_group_active == true())
2648 if user_group_id:
2652 if user_group_id:
2649 q = q.filter(
2653 q = q.filter(
2650 UserGroupUserGroupToPerm.user_group_id == user_group_id)
2654 UserGroupUserGroupToPerm.user_group_id == user_group_id)
2651
2655
2652 return q.all()
2656 return q.all()
2653
2657
2654
2658
2655 class UserRepoToPerm(Base, BaseModel):
2659 class UserRepoToPerm(Base, BaseModel):
2656 __tablename__ = 'repo_to_perm'
2660 __tablename__ = 'repo_to_perm'
2657 __table_args__ = (
2661 __table_args__ = (
2658 UniqueConstraint('user_id', 'repository_id', 'permission_id'),
2662 UniqueConstraint('user_id', 'repository_id', 'permission_id'),
2659 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2663 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2660 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2664 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2661 )
2665 )
2662 repo_to_perm_id = Column("repo_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2666 repo_to_perm_id = Column("repo_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2663 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
2667 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
2664 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2668 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2665 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
2669 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
2666
2670
2667 user = relationship('User')
2671 user = relationship('User')
2668 repository = relationship('Repository')
2672 repository = relationship('Repository')
2669 permission = relationship('Permission')
2673 permission = relationship('Permission')
2670
2674
2671 @classmethod
2675 @classmethod
2672 def create(cls, user, repository, permission):
2676 def create(cls, user, repository, permission):
2673 n = cls()
2677 n = cls()
2674 n.user = user
2678 n.user = user
2675 n.repository = repository
2679 n.repository = repository
2676 n.permission = permission
2680 n.permission = permission
2677 Session().add(n)
2681 Session().add(n)
2678 return n
2682 return n
2679
2683
2680 def __unicode__(self):
2684 def __unicode__(self):
2681 return u'<%s => %s >' % (self.user, self.repository)
2685 return u'<%s => %s >' % (self.user, self.repository)
2682
2686
2683
2687
2684 class UserUserGroupToPerm(Base, BaseModel):
2688 class UserUserGroupToPerm(Base, BaseModel):
2685 __tablename__ = 'user_user_group_to_perm'
2689 __tablename__ = 'user_user_group_to_perm'
2686 __table_args__ = (
2690 __table_args__ = (
2687 UniqueConstraint('user_id', 'user_group_id', 'permission_id'),
2691 UniqueConstraint('user_id', 'user_group_id', 'permission_id'),
2688 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2692 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2689 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2693 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2690 )
2694 )
2691 user_user_group_to_perm_id = Column("user_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2695 user_user_group_to_perm_id = Column("user_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2692 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
2696 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
2693 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2697 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2694 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
2698 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
2695
2699
2696 user = relationship('User')
2700 user = relationship('User')
2697 user_group = relationship('UserGroup')
2701 user_group = relationship('UserGroup')
2698 permission = relationship('Permission')
2702 permission = relationship('Permission')
2699
2703
2700 @classmethod
2704 @classmethod
2701 def create(cls, user, user_group, permission):
2705 def create(cls, user, user_group, permission):
2702 n = cls()
2706 n = cls()
2703 n.user = user
2707 n.user = user
2704 n.user_group = user_group
2708 n.user_group = user_group
2705 n.permission = permission
2709 n.permission = permission
2706 Session().add(n)
2710 Session().add(n)
2707 return n
2711 return n
2708
2712
2709 def __unicode__(self):
2713 def __unicode__(self):
2710 return u'<%s => %s >' % (self.user, self.user_group)
2714 return u'<%s => %s >' % (self.user, self.user_group)
2711
2715
2712
2716
2713 class UserToPerm(Base, BaseModel):
2717 class UserToPerm(Base, BaseModel):
2714 __tablename__ = 'user_to_perm'
2718 __tablename__ = 'user_to_perm'
2715 __table_args__ = (
2719 __table_args__ = (
2716 UniqueConstraint('user_id', 'permission_id'),
2720 UniqueConstraint('user_id', 'permission_id'),
2717 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2721 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2718 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2722 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2719 )
2723 )
2720 user_to_perm_id = Column("user_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2724 user_to_perm_id = Column("user_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2721 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
2725 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
2722 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2726 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2723
2727
2724 user = relationship('User')
2728 user = relationship('User')
2725 permission = relationship('Permission', lazy='joined')
2729 permission = relationship('Permission', lazy='joined')
2726
2730
2727 def __unicode__(self):
2731 def __unicode__(self):
2728 return u'<%s => %s >' % (self.user, self.permission)
2732 return u'<%s => %s >' % (self.user, self.permission)
2729
2733
2730
2734
2731 class UserGroupRepoToPerm(Base, BaseModel):
2735 class UserGroupRepoToPerm(Base, BaseModel):
2732 __tablename__ = 'users_group_repo_to_perm'
2736 __tablename__ = 'users_group_repo_to_perm'
2733 __table_args__ = (
2737 __table_args__ = (
2734 UniqueConstraint('repository_id', 'users_group_id', 'permission_id'),
2738 UniqueConstraint('repository_id', 'users_group_id', 'permission_id'),
2735 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2739 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2736 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2740 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2737 )
2741 )
2738 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2742 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2739 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
2743 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
2740 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2744 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2741 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
2745 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
2742
2746
2743 users_group = relationship('UserGroup')
2747 users_group = relationship('UserGroup')
2744 permission = relationship('Permission')
2748 permission = relationship('Permission')
2745 repository = relationship('Repository')
2749 repository = relationship('Repository')
2746
2750
2747 @classmethod
2751 @classmethod
2748 def create(cls, users_group, repository, permission):
2752 def create(cls, users_group, repository, permission):
2749 n = cls()
2753 n = cls()
2750 n.users_group = users_group
2754 n.users_group = users_group
2751 n.repository = repository
2755 n.repository = repository
2752 n.permission = permission
2756 n.permission = permission
2753 Session().add(n)
2757 Session().add(n)
2754 return n
2758 return n
2755
2759
2756 def __unicode__(self):
2760 def __unicode__(self):
2757 return u'<UserGroupRepoToPerm:%s => %s >' % (self.users_group, self.repository)
2761 return u'<UserGroupRepoToPerm:%s => %s >' % (self.users_group, self.repository)
2758
2762
2759
2763
2760 class UserGroupUserGroupToPerm(Base, BaseModel):
2764 class UserGroupUserGroupToPerm(Base, BaseModel):
2761 __tablename__ = 'user_group_user_group_to_perm'
2765 __tablename__ = 'user_group_user_group_to_perm'
2762 __table_args__ = (
2766 __table_args__ = (
2763 UniqueConstraint('target_user_group_id', 'user_group_id', 'permission_id'),
2767 UniqueConstraint('target_user_group_id', 'user_group_id', 'permission_id'),
2764 CheckConstraint('target_user_group_id != user_group_id'),
2768 CheckConstraint('target_user_group_id != user_group_id'),
2765 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2769 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2766 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2770 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2767 )
2771 )
2768 user_group_user_group_to_perm_id = Column("user_group_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2772 user_group_user_group_to_perm_id = Column("user_group_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2769 target_user_group_id = Column("target_user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
2773 target_user_group_id = Column("target_user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
2770 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2774 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2771 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
2775 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
2772
2776
2773 target_user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id')
2777 target_user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id')
2774 user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.user_group_id==UserGroup.users_group_id')
2778 user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.user_group_id==UserGroup.users_group_id')
2775 permission = relationship('Permission')
2779 permission = relationship('Permission')
2776
2780
2777 @classmethod
2781 @classmethod
2778 def create(cls, target_user_group, user_group, permission):
2782 def create(cls, target_user_group, user_group, permission):
2779 n = cls()
2783 n = cls()
2780 n.target_user_group = target_user_group
2784 n.target_user_group = target_user_group
2781 n.user_group = user_group
2785 n.user_group = user_group
2782 n.permission = permission
2786 n.permission = permission
2783 Session().add(n)
2787 Session().add(n)
2784 return n
2788 return n
2785
2789
2786 def __unicode__(self):
2790 def __unicode__(self):
2787 return u'<UserGroupUserGroup:%s => %s >' % (self.target_user_group, self.user_group)
2791 return u'<UserGroupUserGroup:%s => %s >' % (self.target_user_group, self.user_group)
2788
2792
2789
2793
2790 class UserGroupToPerm(Base, BaseModel):
2794 class UserGroupToPerm(Base, BaseModel):
2791 __tablename__ = 'users_group_to_perm'
2795 __tablename__ = 'users_group_to_perm'
2792 __table_args__ = (
2796 __table_args__ = (
2793 UniqueConstraint('users_group_id', 'permission_id',),
2797 UniqueConstraint('users_group_id', 'permission_id',),
2794 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2798 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2795 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2799 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2796 )
2800 )
2797 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2801 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2798 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
2802 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
2799 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2803 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2800
2804
2801 users_group = relationship('UserGroup')
2805 users_group = relationship('UserGroup')
2802 permission = relationship('Permission')
2806 permission = relationship('Permission')
2803
2807
2804
2808
2805 class UserRepoGroupToPerm(Base, BaseModel):
2809 class UserRepoGroupToPerm(Base, BaseModel):
2806 __tablename__ = 'user_repo_group_to_perm'
2810 __tablename__ = 'user_repo_group_to_perm'
2807 __table_args__ = (
2811 __table_args__ = (
2808 UniqueConstraint('user_id', 'group_id', 'permission_id'),
2812 UniqueConstraint('user_id', 'group_id', 'permission_id'),
2809 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2813 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2810 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2814 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2811 )
2815 )
2812
2816
2813 group_to_perm_id = Column("group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2817 group_to_perm_id = Column("group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2814 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
2818 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
2815 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
2819 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
2816 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2820 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2817
2821
2818 user = relationship('User')
2822 user = relationship('User')
2819 group = relationship('RepoGroup')
2823 group = relationship('RepoGroup')
2820 permission = relationship('Permission')
2824 permission = relationship('Permission')
2821
2825
2822 @classmethod
2826 @classmethod
2823 def create(cls, user, repository_group, permission):
2827 def create(cls, user, repository_group, permission):
2824 n = cls()
2828 n = cls()
2825 n.user = user
2829 n.user = user
2826 n.group = repository_group
2830 n.group = repository_group
2827 n.permission = permission
2831 n.permission = permission
2828 Session().add(n)
2832 Session().add(n)
2829 return n
2833 return n
2830
2834
2831
2835
2832 class UserGroupRepoGroupToPerm(Base, BaseModel):
2836 class UserGroupRepoGroupToPerm(Base, BaseModel):
2833 __tablename__ = 'users_group_repo_group_to_perm'
2837 __tablename__ = 'users_group_repo_group_to_perm'
2834 __table_args__ = (
2838 __table_args__ = (
2835 UniqueConstraint('users_group_id', 'group_id'),
2839 UniqueConstraint('users_group_id', 'group_id'),
2836 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2840 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2837 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2841 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2838 )
2842 )
2839
2843
2840 users_group_repo_group_to_perm_id = Column("users_group_repo_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2844 users_group_repo_group_to_perm_id = Column("users_group_repo_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2841 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
2845 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
2842 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
2846 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
2843 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2847 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
2844
2848
2845 users_group = relationship('UserGroup')
2849 users_group = relationship('UserGroup')
2846 permission = relationship('Permission')
2850 permission = relationship('Permission')
2847 group = relationship('RepoGroup')
2851 group = relationship('RepoGroup')
2848
2852
2849 @classmethod
2853 @classmethod
2850 def create(cls, user_group, repository_group, permission):
2854 def create(cls, user_group, repository_group, permission):
2851 n = cls()
2855 n = cls()
2852 n.users_group = user_group
2856 n.users_group = user_group
2853 n.group = repository_group
2857 n.group = repository_group
2854 n.permission = permission
2858 n.permission = permission
2855 Session().add(n)
2859 Session().add(n)
2856 return n
2860 return n
2857
2861
2858 def __unicode__(self):
2862 def __unicode__(self):
2859 return u'<UserGroupRepoGroupToPerm:%s => %s >' % (self.users_group, self.group)
2863 return u'<UserGroupRepoGroupToPerm:%s => %s >' % (self.users_group, self.group)
2860
2864
2861
2865
2862 class Statistics(Base, BaseModel):
2866 class Statistics(Base, BaseModel):
2863 __tablename__ = 'statistics'
2867 __tablename__ = 'statistics'
2864 __table_args__ = (
2868 __table_args__ = (
2865 UniqueConstraint('repository_id'),
2869 UniqueConstraint('repository_id'),
2866 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2870 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2867 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2871 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2868 )
2872 )
2869 stat_id = Column("stat_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2873 stat_id = Column("stat_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2870 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=True, default=None)
2874 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=True, default=None)
2871 stat_on_revision = Column("stat_on_revision", Integer(), nullable=False)
2875 stat_on_revision = Column("stat_on_revision", Integer(), nullable=False)
2872 commit_activity = Column("commit_activity", LargeBinary(1000000), nullable=False)#JSON data
2876 commit_activity = Column("commit_activity", LargeBinary(1000000), nullable=False)#JSON data
2873 commit_activity_combined = Column("commit_activity_combined", LargeBinary(), nullable=False)#JSON data
2877 commit_activity_combined = Column("commit_activity_combined", LargeBinary(), nullable=False)#JSON data
2874 languages = Column("languages", LargeBinary(1000000), nullable=False)#JSON data
2878 languages = Column("languages", LargeBinary(1000000), nullable=False)#JSON data
2875
2879
2876 repository = relationship('Repository', single_parent=True)
2880 repository = relationship('Repository', single_parent=True)
2877
2881
2878
2882
2879 class UserFollowing(Base, BaseModel):
2883 class UserFollowing(Base, BaseModel):
2880 __tablename__ = 'user_followings'
2884 __tablename__ = 'user_followings'
2881 __table_args__ = (
2885 __table_args__ = (
2882 UniqueConstraint('user_id', 'follows_repository_id'),
2886 UniqueConstraint('user_id', 'follows_repository_id'),
2883 UniqueConstraint('user_id', 'follows_user_id'),
2887 UniqueConstraint('user_id', 'follows_user_id'),
2884 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2888 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2885 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2889 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
2886 )
2890 )
2887
2891
2888 user_following_id = Column("user_following_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2892 user_following_id = Column("user_following_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2889 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
2893 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
2890 follows_repo_id = Column("follows_repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)
2894 follows_repo_id = Column("follows_repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)
2891 follows_user_id = Column("follows_user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
2895 follows_user_id = Column("follows_user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
2892 follows_from = Column('follows_from', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
2896 follows_from = Column('follows_from', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
2893
2897
2894 user = relationship('User', primaryjoin='User.user_id==UserFollowing.user_id')
2898 user = relationship('User', primaryjoin='User.user_id==UserFollowing.user_id')
2895
2899
2896 follows_user = relationship('User', primaryjoin='User.user_id==UserFollowing.follows_user_id')
2900 follows_user = relationship('User', primaryjoin='User.user_id==UserFollowing.follows_user_id')
2897 follows_repository = relationship('Repository', order_by='Repository.repo_name')
2901 follows_repository = relationship('Repository', order_by='Repository.repo_name')
2898
2902
2899 @classmethod
2903 @classmethod
2900 def get_repo_followers(cls, repo_id):
2904 def get_repo_followers(cls, repo_id):
2901 return cls.query().filter(cls.follows_repo_id == repo_id)
2905 return cls.query().filter(cls.follows_repo_id == repo_id)
2902
2906
2903
2907
2904 class CacheKey(Base, BaseModel):
2908 class CacheKey(Base, BaseModel):
2905 __tablename__ = 'cache_invalidation'
2909 __tablename__ = 'cache_invalidation'
2906 __table_args__ = (
2910 __table_args__ = (
2907 UniqueConstraint('cache_key'),
2911 UniqueConstraint('cache_key'),
2908 Index('key_idx', 'cache_key'),
2912 Index('key_idx', 'cache_key'),
2909 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2913 {'extend_existing': True, 'mysql_engine': 'InnoDB',
2910 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
2914 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
2911 )
2915 )
2912 CACHE_TYPE_ATOM = 'ATOM'
2916 CACHE_TYPE_ATOM = 'ATOM'
2913 CACHE_TYPE_RSS = 'RSS'
2917 CACHE_TYPE_RSS = 'RSS'
2914 CACHE_TYPE_README = 'README'
2918 CACHE_TYPE_README = 'README'
2915
2919
2916 cache_id = Column("cache_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2920 cache_id = Column("cache_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
2917 cache_key = Column("cache_key", String(255), nullable=True, unique=None, default=None)
2921 cache_key = Column("cache_key", String(255), nullable=True, unique=None, default=None)
2918 cache_args = Column("cache_args", String(255), nullable=True, unique=None, default=None)
2922 cache_args = Column("cache_args", String(255), nullable=True, unique=None, default=None)
2919 cache_active = Column("cache_active", Boolean(), nullable=True, unique=None, default=False)
2923 cache_active = Column("cache_active", Boolean(), nullable=True, unique=None, default=False)
2920
2924
2921 def __init__(self, cache_key, cache_args=''):
2925 def __init__(self, cache_key, cache_args=''):
2922 self.cache_key = cache_key
2926 self.cache_key = cache_key
2923 self.cache_args = cache_args
2927 self.cache_args = cache_args
2924 self.cache_active = False
2928 self.cache_active = False
2925
2929
2926 def __unicode__(self):
2930 def __unicode__(self):
2927 return u"<%s('%s:%s[%s]')>" % (
2931 return u"<%s('%s:%s[%s]')>" % (
2928 self.__class__.__name__,
2932 self.__class__.__name__,
2929 self.cache_id, self.cache_key, self.cache_active)
2933 self.cache_id, self.cache_key, self.cache_active)
2930
2934
2931 def _cache_key_partition(self):
2935 def _cache_key_partition(self):
2932 prefix, repo_name, suffix = self.cache_key.partition(self.cache_args)
2936 prefix, repo_name, suffix = self.cache_key.partition(self.cache_args)
2933 return prefix, repo_name, suffix
2937 return prefix, repo_name, suffix
2934
2938
2935 def get_prefix(self):
2939 def get_prefix(self):
2936 """
2940 """
2937 Try to extract prefix from existing cache key. The key could consist
2941 Try to extract prefix from existing cache key. The key could consist
2938 of prefix, repo_name, suffix
2942 of prefix, repo_name, suffix
2939 """
2943 """
2940 # this returns prefix, repo_name, suffix
2944 # this returns prefix, repo_name, suffix
2941 return self._cache_key_partition()[0]
2945 return self._cache_key_partition()[0]
2942
2946
2943 def get_suffix(self):
2947 def get_suffix(self):
2944 """
2948 """
2945 get suffix that might have been used in _get_cache_key to
2949 get suffix that might have been used in _get_cache_key to
2946 generate self.cache_key. Only used for informational purposes
2950 generate self.cache_key. Only used for informational purposes
2947 in repo_edit.mako.
2951 in repo_edit.mako.
2948 """
2952 """
2949 # prefix, repo_name, suffix
2953 # prefix, repo_name, suffix
2950 return self._cache_key_partition()[2]
2954 return self._cache_key_partition()[2]
2951
2955
2952 @classmethod
2956 @classmethod
2953 def delete_all_cache(cls):
2957 def delete_all_cache(cls):
2954 """
2958 """
2955 Delete all cache keys from database.
2959 Delete all cache keys from database.
2956 Should only be run when all instances are down and all entries
2960 Should only be run when all instances are down and all entries
2957 thus stale.
2961 thus stale.
2958 """
2962 """
2959 cls.query().delete()
2963 cls.query().delete()
2960 Session().commit()
2964 Session().commit()
2961
2965
2962 @classmethod
2966 @classmethod
2963 def get_cache_key(cls, repo_name, cache_type):
2967 def get_cache_key(cls, repo_name, cache_type):
2964 """
2968 """
2965
2969
2966 Generate a cache key for this process of RhodeCode instance.
2970 Generate a cache key for this process of RhodeCode instance.
2967 Prefix most likely will be process id or maybe explicitly set
2971 Prefix most likely will be process id or maybe explicitly set
2968 instance_id from .ini file.
2972 instance_id from .ini file.
2969 """
2973 """
2970 import rhodecode
2974 import rhodecode
2971 prefix = safe_unicode(rhodecode.CONFIG.get('instance_id') or '')
2975 prefix = safe_unicode(rhodecode.CONFIG.get('instance_id') or '')
2972
2976
2973 repo_as_unicode = safe_unicode(repo_name)
2977 repo_as_unicode = safe_unicode(repo_name)
2974 key = u'{}_{}'.format(repo_as_unicode, cache_type) \
2978 key = u'{}_{}'.format(repo_as_unicode, cache_type) \
2975 if cache_type else repo_as_unicode
2979 if cache_type else repo_as_unicode
2976
2980
2977 return u'{}{}'.format(prefix, key)
2981 return u'{}{}'.format(prefix, key)
2978
2982
2979 @classmethod
2983 @classmethod
2980 def set_invalidate(cls, repo_name, delete=False):
2984 def set_invalidate(cls, repo_name, delete=False):
2981 """
2985 """
2982 Mark all caches of a repo as invalid in the database.
2986 Mark all caches of a repo as invalid in the database.
2983 """
2987 """
2984
2988
2985 try:
2989 try:
2986 qry = Session().query(cls).filter(cls.cache_args == repo_name)
2990 qry = Session().query(cls).filter(cls.cache_args == repo_name)
2987 if delete:
2991 if delete:
2988 log.debug('cache objects deleted for repo %s',
2992 log.debug('cache objects deleted for repo %s',
2989 safe_str(repo_name))
2993 safe_str(repo_name))
2990 qry.delete()
2994 qry.delete()
2991 else:
2995 else:
2992 log.debug('cache objects marked as invalid for repo %s',
2996 log.debug('cache objects marked as invalid for repo %s',
2993 safe_str(repo_name))
2997 safe_str(repo_name))
2994 qry.update({"cache_active": False})
2998 qry.update({"cache_active": False})
2995
2999
2996 Session().commit()
3000 Session().commit()
2997 except Exception:
3001 except Exception:
2998 log.exception(
3002 log.exception(
2999 'Cache key invalidation failed for repository %s',
3003 'Cache key invalidation failed for repository %s',
3000 safe_str(repo_name))
3004 safe_str(repo_name))
3001 Session().rollback()
3005 Session().rollback()
3002
3006
3003 @classmethod
3007 @classmethod
3004 def get_active_cache(cls, cache_key):
3008 def get_active_cache(cls, cache_key):
3005 inv_obj = cls.query().filter(cls.cache_key == cache_key).scalar()
3009 inv_obj = cls.query().filter(cls.cache_key == cache_key).scalar()
3006 if inv_obj:
3010 if inv_obj:
3007 return inv_obj
3011 return inv_obj
3008 return None
3012 return None
3009
3013
3010 @classmethod
3014 @classmethod
3011 def repo_context_cache(cls, compute_func, repo_name, cache_type,
3015 def repo_context_cache(cls, compute_func, repo_name, cache_type,
3012 thread_scoped=False):
3016 thread_scoped=False):
3013 """
3017 """
3014 @cache_region('long_term')
3018 @cache_region('long_term')
3015 def _heavy_calculation(cache_key):
3019 def _heavy_calculation(cache_key):
3016 return 'result'
3020 return 'result'
3017
3021
3018 cache_context = CacheKey.repo_context_cache(
3022 cache_context = CacheKey.repo_context_cache(
3019 _heavy_calculation, repo_name, cache_type)
3023 _heavy_calculation, repo_name, cache_type)
3020
3024
3021 with cache_context as context:
3025 with cache_context as context:
3022 context.invalidate()
3026 context.invalidate()
3023 computed = context.compute()
3027 computed = context.compute()
3024
3028
3025 assert computed == 'result'
3029 assert computed == 'result'
3026 """
3030 """
3027 from rhodecode.lib import caches
3031 from rhodecode.lib import caches
3028 return caches.InvalidationContext(
3032 return caches.InvalidationContext(
3029 compute_func, repo_name, cache_type, thread_scoped=thread_scoped)
3033 compute_func, repo_name, cache_type, thread_scoped=thread_scoped)
3030
3034
3031
3035
3032 class ChangesetComment(Base, BaseModel):
3036 class ChangesetComment(Base, BaseModel):
3033 __tablename__ = 'changeset_comments'
3037 __tablename__ = 'changeset_comments'
3034 __table_args__ = (
3038 __table_args__ = (
3035 Index('cc_revision_idx', 'revision'),
3039 Index('cc_revision_idx', 'revision'),
3036 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3040 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3037 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
3041 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
3038 )
3042 )
3039
3043
3040 COMMENT_OUTDATED = u'comment_outdated'
3044 COMMENT_OUTDATED = u'comment_outdated'
3041 COMMENT_TYPE_NOTE = u'note'
3045 COMMENT_TYPE_NOTE = u'note'
3042 COMMENT_TYPE_TODO = u'todo'
3046 COMMENT_TYPE_TODO = u'todo'
3043 COMMENT_TYPES = [COMMENT_TYPE_NOTE, COMMENT_TYPE_TODO]
3047 COMMENT_TYPES = [COMMENT_TYPE_NOTE, COMMENT_TYPE_TODO]
3044
3048
3045 comment_id = Column('comment_id', Integer(), nullable=False, primary_key=True)
3049 comment_id = Column('comment_id', Integer(), nullable=False, primary_key=True)
3046 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
3050 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
3047 revision = Column('revision', String(40), nullable=True)
3051 revision = Column('revision', String(40), nullable=True)
3048 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
3052 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
3049 pull_request_version_id = Column("pull_request_version_id", Integer(), ForeignKey('pull_request_versions.pull_request_version_id'), nullable=True)
3053 pull_request_version_id = Column("pull_request_version_id", Integer(), ForeignKey('pull_request_versions.pull_request_version_id'), nullable=True)
3050 line_no = Column('line_no', Unicode(10), nullable=True)
3054 line_no = Column('line_no', Unicode(10), nullable=True)
3051 hl_lines = Column('hl_lines', Unicode(512), nullable=True)
3055 hl_lines = Column('hl_lines', Unicode(512), nullable=True)
3052 f_path = Column('f_path', Unicode(1000), nullable=True)
3056 f_path = Column('f_path', Unicode(1000), nullable=True)
3053 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
3057 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
3054 text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False)
3058 text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False)
3055 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3059 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3056 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3060 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3057 renderer = Column('renderer', Unicode(64), nullable=True)
3061 renderer = Column('renderer', Unicode(64), nullable=True)
3058 display_state = Column('display_state', Unicode(128), nullable=True)
3062 display_state = Column('display_state', Unicode(128), nullable=True)
3059
3063
3060 comment_type = Column('comment_type', Unicode(128), nullable=True, default=COMMENT_TYPE_NOTE)
3064 comment_type = Column('comment_type', Unicode(128), nullable=True, default=COMMENT_TYPE_NOTE)
3061 resolved_comment_id = Column('resolved_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'), nullable=True)
3065 resolved_comment_id = Column('resolved_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'), nullable=True)
3062 resolved_comment = relationship('ChangesetComment', remote_side=comment_id, backref='resolved_by')
3066 resolved_comment = relationship('ChangesetComment', remote_side=comment_id, backref='resolved_by')
3063 author = relationship('User', lazy='joined')
3067 author = relationship('User', lazy='joined')
3064 repo = relationship('Repository')
3068 repo = relationship('Repository')
3065 status_change = relationship('ChangesetStatus', cascade="all, delete, delete-orphan", lazy='joined')
3069 status_change = relationship('ChangesetStatus', cascade="all, delete, delete-orphan", lazy='joined')
3066 pull_request = relationship('PullRequest', lazy='joined')
3070 pull_request = relationship('PullRequest', lazy='joined')
3067 pull_request_version = relationship('PullRequestVersion')
3071 pull_request_version = relationship('PullRequestVersion')
3068
3072
3069 @classmethod
3073 @classmethod
3070 def get_users(cls, revision=None, pull_request_id=None):
3074 def get_users(cls, revision=None, pull_request_id=None):
3071 """
3075 """
3072 Returns user associated with this ChangesetComment. ie those
3076 Returns user associated with this ChangesetComment. ie those
3073 who actually commented
3077 who actually commented
3074
3078
3075 :param cls:
3079 :param cls:
3076 :param revision:
3080 :param revision:
3077 """
3081 """
3078 q = Session().query(User)\
3082 q = Session().query(User)\
3079 .join(ChangesetComment.author)
3083 .join(ChangesetComment.author)
3080 if revision:
3084 if revision:
3081 q = q.filter(cls.revision == revision)
3085 q = q.filter(cls.revision == revision)
3082 elif pull_request_id:
3086 elif pull_request_id:
3083 q = q.filter(cls.pull_request_id == pull_request_id)
3087 q = q.filter(cls.pull_request_id == pull_request_id)
3084 return q.all()
3088 return q.all()
3085
3089
3086 @classmethod
3090 @classmethod
3087 def get_index_from_version(cls, pr_version, versions):
3091 def get_index_from_version(cls, pr_version, versions):
3088 num_versions = [x.pull_request_version_id for x in versions]
3092 num_versions = [x.pull_request_version_id for x in versions]
3089 try:
3093 try:
3090 return num_versions.index(pr_version) +1
3094 return num_versions.index(pr_version) +1
3091 except (IndexError, ValueError):
3095 except (IndexError, ValueError):
3092 return
3096 return
3093
3097
3094 @property
3098 @property
3095 def outdated(self):
3099 def outdated(self):
3096 return self.display_state == self.COMMENT_OUTDATED
3100 return self.display_state == self.COMMENT_OUTDATED
3097
3101
3098 def outdated_at_version(self, version):
3102 def outdated_at_version(self, version):
3099 """
3103 """
3100 Checks if comment is outdated for given pull request version
3104 Checks if comment is outdated for given pull request version
3101 """
3105 """
3102 return self.outdated and self.pull_request_version_id != version
3106 return self.outdated and self.pull_request_version_id != version
3103
3107
3104 def older_than_version(self, version):
3108 def older_than_version(self, version):
3105 """
3109 """
3106 Checks if comment is made from previous version than given
3110 Checks if comment is made from previous version than given
3107 """
3111 """
3108 if version is None:
3112 if version is None:
3109 return self.pull_request_version_id is not None
3113 return self.pull_request_version_id is not None
3110
3114
3111 return self.pull_request_version_id < version
3115 return self.pull_request_version_id < version
3112
3116
3113 @property
3117 @property
3114 def resolved(self):
3118 def resolved(self):
3115 return self.resolved_by[0] if self.resolved_by else None
3119 return self.resolved_by[0] if self.resolved_by else None
3116
3120
3117 @property
3121 @property
3118 def is_todo(self):
3122 def is_todo(self):
3119 return self.comment_type == self.COMMENT_TYPE_TODO
3123 return self.comment_type == self.COMMENT_TYPE_TODO
3120
3124
3121 @property
3125 @property
3122 def is_inline(self):
3126 def is_inline(self):
3123 return self.line_no and self.f_path
3127 return self.line_no and self.f_path
3124
3128
3125 def get_index_version(self, versions):
3129 def get_index_version(self, versions):
3126 return self.get_index_from_version(
3130 return self.get_index_from_version(
3127 self.pull_request_version_id, versions)
3131 self.pull_request_version_id, versions)
3128
3132
3129 def __repr__(self):
3133 def __repr__(self):
3130 if self.comment_id:
3134 if self.comment_id:
3131 return '<DB:Comment #%s>' % self.comment_id
3135 return '<DB:Comment #%s>' % self.comment_id
3132 else:
3136 else:
3133 return '<DB:Comment at %#x>' % id(self)
3137 return '<DB:Comment at %#x>' % id(self)
3134
3138
3135 def get_api_data(self):
3139 def get_api_data(self):
3136 comment = self
3140 comment = self
3137 data = {
3141 data = {
3138 'comment_id': comment.comment_id,
3142 'comment_id': comment.comment_id,
3139 'comment_type': comment.comment_type,
3143 'comment_type': comment.comment_type,
3140 'comment_text': comment.text,
3144 'comment_text': comment.text,
3141 'comment_status': comment.status_change,
3145 'comment_status': comment.status_change,
3142 'comment_f_path': comment.f_path,
3146 'comment_f_path': comment.f_path,
3143 'comment_lineno': comment.line_no,
3147 'comment_lineno': comment.line_no,
3144 'comment_author': comment.author,
3148 'comment_author': comment.author,
3145 'comment_created_on': comment.created_on
3149 'comment_created_on': comment.created_on
3146 }
3150 }
3147 return data
3151 return data
3148
3152
3149 def __json__(self):
3153 def __json__(self):
3150 data = dict()
3154 data = dict()
3151 data.update(self.get_api_data())
3155 data.update(self.get_api_data())
3152 return data
3156 return data
3153
3157
3154
3158
3155 class ChangesetStatus(Base, BaseModel):
3159 class ChangesetStatus(Base, BaseModel):
3156 __tablename__ = 'changeset_statuses'
3160 __tablename__ = 'changeset_statuses'
3157 __table_args__ = (
3161 __table_args__ = (
3158 Index('cs_revision_idx', 'revision'),
3162 Index('cs_revision_idx', 'revision'),
3159 Index('cs_version_idx', 'version'),
3163 Index('cs_version_idx', 'version'),
3160 UniqueConstraint('repo_id', 'revision', 'version'),
3164 UniqueConstraint('repo_id', 'revision', 'version'),
3161 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3165 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3162 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
3166 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
3163 )
3167 )
3164 STATUS_NOT_REVIEWED = DEFAULT = 'not_reviewed'
3168 STATUS_NOT_REVIEWED = DEFAULT = 'not_reviewed'
3165 STATUS_APPROVED = 'approved'
3169 STATUS_APPROVED = 'approved'
3166 STATUS_REJECTED = 'rejected'
3170 STATUS_REJECTED = 'rejected'
3167 STATUS_UNDER_REVIEW = 'under_review'
3171 STATUS_UNDER_REVIEW = 'under_review'
3168
3172
3169 STATUSES = [
3173 STATUSES = [
3170 (STATUS_NOT_REVIEWED, _("Not Reviewed")), # (no icon) and default
3174 (STATUS_NOT_REVIEWED, _("Not Reviewed")), # (no icon) and default
3171 (STATUS_APPROVED, _("Approved")),
3175 (STATUS_APPROVED, _("Approved")),
3172 (STATUS_REJECTED, _("Rejected")),
3176 (STATUS_REJECTED, _("Rejected")),
3173 (STATUS_UNDER_REVIEW, _("Under Review")),
3177 (STATUS_UNDER_REVIEW, _("Under Review")),
3174 ]
3178 ]
3175
3179
3176 changeset_status_id = Column('changeset_status_id', Integer(), nullable=False, primary_key=True)
3180 changeset_status_id = Column('changeset_status_id', Integer(), nullable=False, primary_key=True)
3177 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
3181 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
3178 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None)
3182 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None)
3179 revision = Column('revision', String(40), nullable=False)
3183 revision = Column('revision', String(40), nullable=False)
3180 status = Column('status', String(128), nullable=False, default=DEFAULT)
3184 status = Column('status', String(128), nullable=False, default=DEFAULT)
3181 changeset_comment_id = Column('changeset_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'))
3185 changeset_comment_id = Column('changeset_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'))
3182 modified_at = Column('modified_at', DateTime(), nullable=False, default=datetime.datetime.now)
3186 modified_at = Column('modified_at', DateTime(), nullable=False, default=datetime.datetime.now)
3183 version = Column('version', Integer(), nullable=False, default=0)
3187 version = Column('version', Integer(), nullable=False, default=0)
3184 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
3188 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
3185
3189
3186 author = relationship('User', lazy='joined')
3190 author = relationship('User', lazy='joined')
3187 repo = relationship('Repository')
3191 repo = relationship('Repository')
3188 comment = relationship('ChangesetComment', lazy='joined')
3192 comment = relationship('ChangesetComment', lazy='joined')
3189 pull_request = relationship('PullRequest', lazy='joined')
3193 pull_request = relationship('PullRequest', lazy='joined')
3190
3194
3191 def __unicode__(self):
3195 def __unicode__(self):
3192 return u"<%s('%s[v%s]:%s')>" % (
3196 return u"<%s('%s[v%s]:%s')>" % (
3193 self.__class__.__name__,
3197 self.__class__.__name__,
3194 self.status, self.version, self.author
3198 self.status, self.version, self.author
3195 )
3199 )
3196
3200
3197 @classmethod
3201 @classmethod
3198 def get_status_lbl(cls, value):
3202 def get_status_lbl(cls, value):
3199 return dict(cls.STATUSES).get(value)
3203 return dict(cls.STATUSES).get(value)
3200
3204
3201 @property
3205 @property
3202 def status_lbl(self):
3206 def status_lbl(self):
3203 return ChangesetStatus.get_status_lbl(self.status)
3207 return ChangesetStatus.get_status_lbl(self.status)
3204
3208
3205 def get_api_data(self):
3209 def get_api_data(self):
3206 status = self
3210 status = self
3207 data = {
3211 data = {
3208 'status_id': status.changeset_status_id,
3212 'status_id': status.changeset_status_id,
3209 'status': status.status,
3213 'status': status.status,
3210 }
3214 }
3211 return data
3215 return data
3212
3216
3213 def __json__(self):
3217 def __json__(self):
3214 data = dict()
3218 data = dict()
3215 data.update(self.get_api_data())
3219 data.update(self.get_api_data())
3216 return data
3220 return data
3217
3221
3218
3222
3219 class _PullRequestBase(BaseModel):
3223 class _PullRequestBase(BaseModel):
3220 """
3224 """
3221 Common attributes of pull request and version entries.
3225 Common attributes of pull request and version entries.
3222 """
3226 """
3223
3227
3224 # .status values
3228 # .status values
3225 STATUS_NEW = u'new'
3229 STATUS_NEW = u'new'
3226 STATUS_OPEN = u'open'
3230 STATUS_OPEN = u'open'
3227 STATUS_CLOSED = u'closed'
3231 STATUS_CLOSED = u'closed'
3228
3232
3229 title = Column('title', Unicode(255), nullable=True)
3233 title = Column('title', Unicode(255), nullable=True)
3230 description = Column(
3234 description = Column(
3231 'description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'),
3235 'description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'),
3232 nullable=True)
3236 nullable=True)
3233 # new/open/closed status of pull request (not approve/reject/etc)
3237 # new/open/closed status of pull request (not approve/reject/etc)
3234 status = Column('status', Unicode(255), nullable=False, default=STATUS_NEW)
3238 status = Column('status', Unicode(255), nullable=False, default=STATUS_NEW)
3235 created_on = Column(
3239 created_on = Column(
3236 'created_on', DateTime(timezone=False), nullable=False,
3240 'created_on', DateTime(timezone=False), nullable=False,
3237 default=datetime.datetime.now)
3241 default=datetime.datetime.now)
3238 updated_on = Column(
3242 updated_on = Column(
3239 'updated_on', DateTime(timezone=False), nullable=False,
3243 'updated_on', DateTime(timezone=False), nullable=False,
3240 default=datetime.datetime.now)
3244 default=datetime.datetime.now)
3241
3245
3242 @declared_attr
3246 @declared_attr
3243 def user_id(cls):
3247 def user_id(cls):
3244 return Column(
3248 return Column(
3245 "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
3249 "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
3246 unique=None)
3250 unique=None)
3247
3251
3248 # 500 revisions max
3252 # 500 revisions max
3249 _revisions = Column(
3253 _revisions = Column(
3250 'revisions', UnicodeText().with_variant(UnicodeText(20500), 'mysql'))
3254 'revisions', UnicodeText().with_variant(UnicodeText(20500), 'mysql'))
3251
3255
3252 @declared_attr
3256 @declared_attr
3253 def source_repo_id(cls):
3257 def source_repo_id(cls):
3254 # TODO: dan: rename column to source_repo_id
3258 # TODO: dan: rename column to source_repo_id
3255 return Column(
3259 return Column(
3256 'org_repo_id', Integer(), ForeignKey('repositories.repo_id'),
3260 'org_repo_id', Integer(), ForeignKey('repositories.repo_id'),
3257 nullable=False)
3261 nullable=False)
3258
3262
3259 source_ref = Column('org_ref', Unicode(255), nullable=False)
3263 source_ref = Column('org_ref', Unicode(255), nullable=False)
3260
3264
3261 @declared_attr
3265 @declared_attr
3262 def target_repo_id(cls):
3266 def target_repo_id(cls):
3263 # TODO: dan: rename column to target_repo_id
3267 # TODO: dan: rename column to target_repo_id
3264 return Column(
3268 return Column(
3265 'other_repo_id', Integer(), ForeignKey('repositories.repo_id'),
3269 'other_repo_id', Integer(), ForeignKey('repositories.repo_id'),
3266 nullable=False)
3270 nullable=False)
3267
3271
3268 target_ref = Column('other_ref', Unicode(255), nullable=False)
3272 target_ref = Column('other_ref', Unicode(255), nullable=False)
3269 _shadow_merge_ref = Column('shadow_merge_ref', Unicode(255), nullable=True)
3273 _shadow_merge_ref = Column('shadow_merge_ref', Unicode(255), nullable=True)
3270
3274
3271 # TODO: dan: rename column to last_merge_source_rev
3275 # TODO: dan: rename column to last_merge_source_rev
3272 _last_merge_source_rev = Column(
3276 _last_merge_source_rev = Column(
3273 'last_merge_org_rev', String(40), nullable=True)
3277 'last_merge_org_rev', String(40), nullable=True)
3274 # TODO: dan: rename column to last_merge_target_rev
3278 # TODO: dan: rename column to last_merge_target_rev
3275 _last_merge_target_rev = Column(
3279 _last_merge_target_rev = Column(
3276 'last_merge_other_rev', String(40), nullable=True)
3280 'last_merge_other_rev', String(40), nullable=True)
3277 _last_merge_status = Column('merge_status', Integer(), nullable=True)
3281 _last_merge_status = Column('merge_status', Integer(), nullable=True)
3278 merge_rev = Column('merge_rev', String(40), nullable=True)
3282 merge_rev = Column('merge_rev', String(40), nullable=True)
3279
3283
3280 reviewer_data = Column(
3284 reviewer_data = Column(
3281 'reviewer_data_json', MutationObj.as_mutable(
3285 'reviewer_data_json', MutationObj.as_mutable(
3282 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
3286 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
3283
3287
3284 @property
3288 @property
3285 def reviewer_data_json(self):
3289 def reviewer_data_json(self):
3286 return json.dumps(self.reviewer_data)
3290 return json.dumps(self.reviewer_data)
3287
3291
3288 @hybrid_property
3292 @hybrid_property
3289 def revisions(self):
3293 def revisions(self):
3290 return self._revisions.split(':') if self._revisions else []
3294 return self._revisions.split(':') if self._revisions else []
3291
3295
3292 @revisions.setter
3296 @revisions.setter
3293 def revisions(self, val):
3297 def revisions(self, val):
3294 self._revisions = ':'.join(val)
3298 self._revisions = ':'.join(val)
3295
3299
3296 @declared_attr
3300 @declared_attr
3297 def author(cls):
3301 def author(cls):
3298 return relationship('User', lazy='joined')
3302 return relationship('User', lazy='joined')
3299
3303
3300 @declared_attr
3304 @declared_attr
3301 def source_repo(cls):
3305 def source_repo(cls):
3302 return relationship(
3306 return relationship(
3303 'Repository',
3307 'Repository',
3304 primaryjoin='%s.source_repo_id==Repository.repo_id' % cls.__name__)
3308 primaryjoin='%s.source_repo_id==Repository.repo_id' % cls.__name__)
3305
3309
3306 @property
3310 @property
3307 def source_ref_parts(self):
3311 def source_ref_parts(self):
3308 return self.unicode_to_reference(self.source_ref)
3312 return self.unicode_to_reference(self.source_ref)
3309
3313
3310 @declared_attr
3314 @declared_attr
3311 def target_repo(cls):
3315 def target_repo(cls):
3312 return relationship(
3316 return relationship(
3313 'Repository',
3317 'Repository',
3314 primaryjoin='%s.target_repo_id==Repository.repo_id' % cls.__name__)
3318 primaryjoin='%s.target_repo_id==Repository.repo_id' % cls.__name__)
3315
3319
3316 @property
3320 @property
3317 def target_ref_parts(self):
3321 def target_ref_parts(self):
3318 return self.unicode_to_reference(self.target_ref)
3322 return self.unicode_to_reference(self.target_ref)
3319
3323
3320 @property
3324 @property
3321 def shadow_merge_ref(self):
3325 def shadow_merge_ref(self):
3322 return self.unicode_to_reference(self._shadow_merge_ref)
3326 return self.unicode_to_reference(self._shadow_merge_ref)
3323
3327
3324 @shadow_merge_ref.setter
3328 @shadow_merge_ref.setter
3325 def shadow_merge_ref(self, ref):
3329 def shadow_merge_ref(self, ref):
3326 self._shadow_merge_ref = self.reference_to_unicode(ref)
3330 self._shadow_merge_ref = self.reference_to_unicode(ref)
3327
3331
3328 def unicode_to_reference(self, raw):
3332 def unicode_to_reference(self, raw):
3329 """
3333 """
3330 Convert a unicode (or string) to a reference object.
3334 Convert a unicode (or string) to a reference object.
3331 If unicode evaluates to False it returns None.
3335 If unicode evaluates to False it returns None.
3332 """
3336 """
3333 if raw:
3337 if raw:
3334 refs = raw.split(':')
3338 refs = raw.split(':')
3335 return Reference(*refs)
3339 return Reference(*refs)
3336 else:
3340 else:
3337 return None
3341 return None
3338
3342
3339 def reference_to_unicode(self, ref):
3343 def reference_to_unicode(self, ref):
3340 """
3344 """
3341 Convert a reference object to unicode.
3345 Convert a reference object to unicode.
3342 If reference is None it returns None.
3346 If reference is None it returns None.
3343 """
3347 """
3344 if ref:
3348 if ref:
3345 return u':'.join(ref)
3349 return u':'.join(ref)
3346 else:
3350 else:
3347 return None
3351 return None
3348
3352
3349 def get_api_data(self, with_merge_state=True):
3353 def get_api_data(self, with_merge_state=True):
3350 from rhodecode.model.pull_request import PullRequestModel
3354 from rhodecode.model.pull_request import PullRequestModel
3351
3355
3352 pull_request = self
3356 pull_request = self
3353 if with_merge_state:
3357 if with_merge_state:
3354 merge_status = PullRequestModel().merge_status(pull_request)
3358 merge_status = PullRequestModel().merge_status(pull_request)
3355 merge_state = {
3359 merge_state = {
3356 'status': merge_status[0],
3360 'status': merge_status[0],
3357 'message': safe_unicode(merge_status[1]),
3361 'message': safe_unicode(merge_status[1]),
3358 }
3362 }
3359 else:
3363 else:
3360 merge_state = {'status': 'not_available',
3364 merge_state = {'status': 'not_available',
3361 'message': 'not_available'}
3365 'message': 'not_available'}
3362
3366
3363 merge_data = {
3367 merge_data = {
3364 'clone_url': PullRequestModel().get_shadow_clone_url(pull_request),
3368 'clone_url': PullRequestModel().get_shadow_clone_url(pull_request),
3365 'reference': (
3369 'reference': (
3366 pull_request.shadow_merge_ref._asdict()
3370 pull_request.shadow_merge_ref._asdict()
3367 if pull_request.shadow_merge_ref else None),
3371 if pull_request.shadow_merge_ref else None),
3368 }
3372 }
3369
3373
3370 data = {
3374 data = {
3371 'pull_request_id': pull_request.pull_request_id,
3375 'pull_request_id': pull_request.pull_request_id,
3372 'url': PullRequestModel().get_url(pull_request),
3376 'url': PullRequestModel().get_url(pull_request),
3373 'title': pull_request.title,
3377 'title': pull_request.title,
3374 'description': pull_request.description,
3378 'description': pull_request.description,
3375 'status': pull_request.status,
3379 'status': pull_request.status,
3376 'created_on': pull_request.created_on,
3380 'created_on': pull_request.created_on,
3377 'updated_on': pull_request.updated_on,
3381 'updated_on': pull_request.updated_on,
3378 'commit_ids': pull_request.revisions,
3382 'commit_ids': pull_request.revisions,
3379 'review_status': pull_request.calculated_review_status(),
3383 'review_status': pull_request.calculated_review_status(),
3380 'mergeable': merge_state,
3384 'mergeable': merge_state,
3381 'source': {
3385 'source': {
3382 'clone_url': pull_request.source_repo.clone_url(),
3386 'clone_url': pull_request.source_repo.clone_url(),
3383 'repository': pull_request.source_repo.repo_name,
3387 'repository': pull_request.source_repo.repo_name,
3384 'reference': {
3388 'reference': {
3385 'name': pull_request.source_ref_parts.name,
3389 'name': pull_request.source_ref_parts.name,
3386 'type': pull_request.source_ref_parts.type,
3390 'type': pull_request.source_ref_parts.type,
3387 'commit_id': pull_request.source_ref_parts.commit_id,
3391 'commit_id': pull_request.source_ref_parts.commit_id,
3388 },
3392 },
3389 },
3393 },
3390 'target': {
3394 'target': {
3391 'clone_url': pull_request.target_repo.clone_url(),
3395 'clone_url': pull_request.target_repo.clone_url(),
3392 'repository': pull_request.target_repo.repo_name,
3396 'repository': pull_request.target_repo.repo_name,
3393 'reference': {
3397 'reference': {
3394 'name': pull_request.target_ref_parts.name,
3398 'name': pull_request.target_ref_parts.name,
3395 'type': pull_request.target_ref_parts.type,
3399 'type': pull_request.target_ref_parts.type,
3396 'commit_id': pull_request.target_ref_parts.commit_id,
3400 'commit_id': pull_request.target_ref_parts.commit_id,
3397 },
3401 },
3398 },
3402 },
3399 'merge': merge_data,
3403 'merge': merge_data,
3400 'author': pull_request.author.get_api_data(include_secrets=False,
3404 'author': pull_request.author.get_api_data(include_secrets=False,
3401 details='basic'),
3405 details='basic'),
3402 'reviewers': [
3406 'reviewers': [
3403 {
3407 {
3404 'user': reviewer.get_api_data(include_secrets=False,
3408 'user': reviewer.get_api_data(include_secrets=False,
3405 details='basic'),
3409 details='basic'),
3406 'reasons': reasons,
3410 'reasons': reasons,
3407 'review_status': st[0][1].status if st else 'not_reviewed',
3411 'review_status': st[0][1].status if st else 'not_reviewed',
3408 }
3412 }
3409 for reviewer, reasons, mandatory, st in
3413 for reviewer, reasons, mandatory, st in
3410 pull_request.reviewers_statuses()
3414 pull_request.reviewers_statuses()
3411 ]
3415 ]
3412 }
3416 }
3413
3417
3414 return data
3418 return data
3415
3419
3416
3420
3417 class PullRequest(Base, _PullRequestBase):
3421 class PullRequest(Base, _PullRequestBase):
3418 __tablename__ = 'pull_requests'
3422 __tablename__ = 'pull_requests'
3419 __table_args__ = (
3423 __table_args__ = (
3420 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3424 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3421 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
3425 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
3422 )
3426 )
3423
3427
3424 pull_request_id = Column(
3428 pull_request_id = Column(
3425 'pull_request_id', Integer(), nullable=False, primary_key=True)
3429 'pull_request_id', Integer(), nullable=False, primary_key=True)
3426
3430
3427 def __repr__(self):
3431 def __repr__(self):
3428 if self.pull_request_id:
3432 if self.pull_request_id:
3429 return '<DB:PullRequest #%s>' % self.pull_request_id
3433 return '<DB:PullRequest #%s>' % self.pull_request_id
3430 else:
3434 else:
3431 return '<DB:PullRequest at %#x>' % id(self)
3435 return '<DB:PullRequest at %#x>' % id(self)
3432
3436
3433 reviewers = relationship('PullRequestReviewers',
3437 reviewers = relationship('PullRequestReviewers',
3434 cascade="all, delete, delete-orphan")
3438 cascade="all, delete, delete-orphan")
3435 statuses = relationship('ChangesetStatus',
3439 statuses = relationship('ChangesetStatus',
3436 cascade="all, delete, delete-orphan")
3440 cascade="all, delete, delete-orphan")
3437 comments = relationship('ChangesetComment',
3441 comments = relationship('ChangesetComment',
3438 cascade="all, delete, delete-orphan")
3442 cascade="all, delete, delete-orphan")
3439 versions = relationship('PullRequestVersion',
3443 versions = relationship('PullRequestVersion',
3440 cascade="all, delete, delete-orphan",
3444 cascade="all, delete, delete-orphan",
3441 lazy='dynamic')
3445 lazy='dynamic')
3442
3446
3443 @classmethod
3447 @classmethod
3444 def get_pr_display_object(cls, pull_request_obj, org_pull_request_obj,
3448 def get_pr_display_object(cls, pull_request_obj, org_pull_request_obj,
3445 internal_methods=None):
3449 internal_methods=None):
3446
3450
3447 class PullRequestDisplay(object):
3451 class PullRequestDisplay(object):
3448 """
3452 """
3449 Special object wrapper for showing PullRequest data via Versions
3453 Special object wrapper for showing PullRequest data via Versions
3450 It mimics PR object as close as possible. This is read only object
3454 It mimics PR object as close as possible. This is read only object
3451 just for display
3455 just for display
3452 """
3456 """
3453
3457
3454 def __init__(self, attrs, internal=None):
3458 def __init__(self, attrs, internal=None):
3455 self.attrs = attrs
3459 self.attrs = attrs
3456 # internal have priority over the given ones via attrs
3460 # internal have priority over the given ones via attrs
3457 self.internal = internal or ['versions']
3461 self.internal = internal or ['versions']
3458
3462
3459 def __getattr__(self, item):
3463 def __getattr__(self, item):
3460 if item in self.internal:
3464 if item in self.internal:
3461 return getattr(self, item)
3465 return getattr(self, item)
3462 try:
3466 try:
3463 return self.attrs[item]
3467 return self.attrs[item]
3464 except KeyError:
3468 except KeyError:
3465 raise AttributeError(
3469 raise AttributeError(
3466 '%s object has no attribute %s' % (self, item))
3470 '%s object has no attribute %s' % (self, item))
3467
3471
3468 def __repr__(self):
3472 def __repr__(self):
3469 return '<DB:PullRequestDisplay #%s>' % self.attrs.get('pull_request_id')
3473 return '<DB:PullRequestDisplay #%s>' % self.attrs.get('pull_request_id')
3470
3474
3471 def versions(self):
3475 def versions(self):
3472 return pull_request_obj.versions.order_by(
3476 return pull_request_obj.versions.order_by(
3473 PullRequestVersion.pull_request_version_id).all()
3477 PullRequestVersion.pull_request_version_id).all()
3474
3478
3475 def is_closed(self):
3479 def is_closed(self):
3476 return pull_request_obj.is_closed()
3480 return pull_request_obj.is_closed()
3477
3481
3478 @property
3482 @property
3479 def pull_request_version_id(self):
3483 def pull_request_version_id(self):
3480 return getattr(pull_request_obj, 'pull_request_version_id', None)
3484 return getattr(pull_request_obj, 'pull_request_version_id', None)
3481
3485
3482 attrs = StrictAttributeDict(pull_request_obj.get_api_data())
3486 attrs = StrictAttributeDict(pull_request_obj.get_api_data())
3483
3487
3484 attrs.author = StrictAttributeDict(
3488 attrs.author = StrictAttributeDict(
3485 pull_request_obj.author.get_api_data())
3489 pull_request_obj.author.get_api_data())
3486 if pull_request_obj.target_repo:
3490 if pull_request_obj.target_repo:
3487 attrs.target_repo = StrictAttributeDict(
3491 attrs.target_repo = StrictAttributeDict(
3488 pull_request_obj.target_repo.get_api_data())
3492 pull_request_obj.target_repo.get_api_data())
3489 attrs.target_repo.clone_url = pull_request_obj.target_repo.clone_url
3493 attrs.target_repo.clone_url = pull_request_obj.target_repo.clone_url
3490
3494
3491 if pull_request_obj.source_repo:
3495 if pull_request_obj.source_repo:
3492 attrs.source_repo = StrictAttributeDict(
3496 attrs.source_repo = StrictAttributeDict(
3493 pull_request_obj.source_repo.get_api_data())
3497 pull_request_obj.source_repo.get_api_data())
3494 attrs.source_repo.clone_url = pull_request_obj.source_repo.clone_url
3498 attrs.source_repo.clone_url = pull_request_obj.source_repo.clone_url
3495
3499
3496 attrs.source_ref_parts = pull_request_obj.source_ref_parts
3500 attrs.source_ref_parts = pull_request_obj.source_ref_parts
3497 attrs.target_ref_parts = pull_request_obj.target_ref_parts
3501 attrs.target_ref_parts = pull_request_obj.target_ref_parts
3498 attrs.revisions = pull_request_obj.revisions
3502 attrs.revisions = pull_request_obj.revisions
3499
3503
3500 attrs.shadow_merge_ref = org_pull_request_obj.shadow_merge_ref
3504 attrs.shadow_merge_ref = org_pull_request_obj.shadow_merge_ref
3501 attrs.reviewer_data = org_pull_request_obj.reviewer_data
3505 attrs.reviewer_data = org_pull_request_obj.reviewer_data
3502 attrs.reviewer_data_json = org_pull_request_obj.reviewer_data_json
3506 attrs.reviewer_data_json = org_pull_request_obj.reviewer_data_json
3503
3507
3504 return PullRequestDisplay(attrs, internal=internal_methods)
3508 return PullRequestDisplay(attrs, internal=internal_methods)
3505
3509
3506 def is_closed(self):
3510 def is_closed(self):
3507 return self.status == self.STATUS_CLOSED
3511 return self.status == self.STATUS_CLOSED
3508
3512
3509 def __json__(self):
3513 def __json__(self):
3510 return {
3514 return {
3511 'revisions': self.revisions,
3515 'revisions': self.revisions,
3512 }
3516 }
3513
3517
3514 def calculated_review_status(self):
3518 def calculated_review_status(self):
3515 from rhodecode.model.changeset_status import ChangesetStatusModel
3519 from rhodecode.model.changeset_status import ChangesetStatusModel
3516 return ChangesetStatusModel().calculated_review_status(self)
3520 return ChangesetStatusModel().calculated_review_status(self)
3517
3521
3518 def reviewers_statuses(self):
3522 def reviewers_statuses(self):
3519 from rhodecode.model.changeset_status import ChangesetStatusModel
3523 from rhodecode.model.changeset_status import ChangesetStatusModel
3520 return ChangesetStatusModel().reviewers_statuses(self)
3524 return ChangesetStatusModel().reviewers_statuses(self)
3521
3525
3522 @property
3526 @property
3523 def workspace_id(self):
3527 def workspace_id(self):
3524 from rhodecode.model.pull_request import PullRequestModel
3528 from rhodecode.model.pull_request import PullRequestModel
3525 return PullRequestModel()._workspace_id(self)
3529 return PullRequestModel()._workspace_id(self)
3526
3530
3527 def get_shadow_repo(self):
3531 def get_shadow_repo(self):
3528 workspace_id = self.workspace_id
3532 workspace_id = self.workspace_id
3529 vcs_obj = self.target_repo.scm_instance()
3533 vcs_obj = self.target_repo.scm_instance()
3530 shadow_repository_path = vcs_obj._get_shadow_repository_path(
3534 shadow_repository_path = vcs_obj._get_shadow_repository_path(
3531 workspace_id)
3535 workspace_id)
3532 return vcs_obj._get_shadow_instance(shadow_repository_path)
3536 return vcs_obj._get_shadow_instance(shadow_repository_path)
3533
3537
3534
3538
3535 class PullRequestVersion(Base, _PullRequestBase):
3539 class PullRequestVersion(Base, _PullRequestBase):
3536 __tablename__ = 'pull_request_versions'
3540 __tablename__ = 'pull_request_versions'
3537 __table_args__ = (
3541 __table_args__ = (
3538 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3542 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3539 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
3543 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
3540 )
3544 )
3541
3545
3542 pull_request_version_id = Column(
3546 pull_request_version_id = Column(
3543 'pull_request_version_id', Integer(), nullable=False, primary_key=True)
3547 'pull_request_version_id', Integer(), nullable=False, primary_key=True)
3544 pull_request_id = Column(
3548 pull_request_id = Column(
3545 'pull_request_id', Integer(),
3549 'pull_request_id', Integer(),
3546 ForeignKey('pull_requests.pull_request_id'), nullable=False)
3550 ForeignKey('pull_requests.pull_request_id'), nullable=False)
3547 pull_request = relationship('PullRequest')
3551 pull_request = relationship('PullRequest')
3548
3552
3549 def __repr__(self):
3553 def __repr__(self):
3550 if self.pull_request_version_id:
3554 if self.pull_request_version_id:
3551 return '<DB:PullRequestVersion #%s>' % self.pull_request_version_id
3555 return '<DB:PullRequestVersion #%s>' % self.pull_request_version_id
3552 else:
3556 else:
3553 return '<DB:PullRequestVersion at %#x>' % id(self)
3557 return '<DB:PullRequestVersion at %#x>' % id(self)
3554
3558
3555 @property
3559 @property
3556 def reviewers(self):
3560 def reviewers(self):
3557 return self.pull_request.reviewers
3561 return self.pull_request.reviewers
3558
3562
3559 @property
3563 @property
3560 def versions(self):
3564 def versions(self):
3561 return self.pull_request.versions
3565 return self.pull_request.versions
3562
3566
3563 def is_closed(self):
3567 def is_closed(self):
3564 # calculate from original
3568 # calculate from original
3565 return self.pull_request.status == self.STATUS_CLOSED
3569 return self.pull_request.status == self.STATUS_CLOSED
3566
3570
3567 def calculated_review_status(self):
3571 def calculated_review_status(self):
3568 return self.pull_request.calculated_review_status()
3572 return self.pull_request.calculated_review_status()
3569
3573
3570 def reviewers_statuses(self):
3574 def reviewers_statuses(self):
3571 return self.pull_request.reviewers_statuses()
3575 return self.pull_request.reviewers_statuses()
3572
3576
3573
3577
3574 class PullRequestReviewers(Base, BaseModel):
3578 class PullRequestReviewers(Base, BaseModel):
3575 __tablename__ = 'pull_request_reviewers'
3579 __tablename__ = 'pull_request_reviewers'
3576 __table_args__ = (
3580 __table_args__ = (
3577 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3581 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3578 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
3582 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
3579 )
3583 )
3580
3584
3581 @hybrid_property
3585 @hybrid_property
3582 def reasons(self):
3586 def reasons(self):
3583 if not self._reasons:
3587 if not self._reasons:
3584 return []
3588 return []
3585 return self._reasons
3589 return self._reasons
3586
3590
3587 @reasons.setter
3591 @reasons.setter
3588 def reasons(self, val):
3592 def reasons(self, val):
3589 val = val or []
3593 val = val or []
3590 if any(not isinstance(x, basestring) for x in val):
3594 if any(not isinstance(x, basestring) for x in val):
3591 raise Exception('invalid reasons type, must be list of strings')
3595 raise Exception('invalid reasons type, must be list of strings')
3592 self._reasons = val
3596 self._reasons = val
3593
3597
3594 pull_requests_reviewers_id = Column(
3598 pull_requests_reviewers_id = Column(
3595 'pull_requests_reviewers_id', Integer(), nullable=False,
3599 'pull_requests_reviewers_id', Integer(), nullable=False,
3596 primary_key=True)
3600 primary_key=True)
3597 pull_request_id = Column(
3601 pull_request_id = Column(
3598 "pull_request_id", Integer(),
3602 "pull_request_id", Integer(),
3599 ForeignKey('pull_requests.pull_request_id'), nullable=False)
3603 ForeignKey('pull_requests.pull_request_id'), nullable=False)
3600 user_id = Column(
3604 user_id = Column(
3601 "user_id", Integer(), ForeignKey('users.user_id'), nullable=True)
3605 "user_id", Integer(), ForeignKey('users.user_id'), nullable=True)
3602 _reasons = Column(
3606 _reasons = Column(
3603 'reason', MutationList.as_mutable(
3607 'reason', MutationList.as_mutable(
3604 JsonType('list', dialect_map=dict(mysql=UnicodeText(16384)))))
3608 JsonType('list', dialect_map=dict(mysql=UnicodeText(16384)))))
3605 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
3609 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
3606 user = relationship('User')
3610 user = relationship('User')
3607 pull_request = relationship('PullRequest')
3611 pull_request = relationship('PullRequest')
3608
3612
3609
3613
3610 class Notification(Base, BaseModel):
3614 class Notification(Base, BaseModel):
3611 __tablename__ = 'notifications'
3615 __tablename__ = 'notifications'
3612 __table_args__ = (
3616 __table_args__ = (
3613 Index('notification_type_idx', 'type'),
3617 Index('notification_type_idx', 'type'),
3614 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3618 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3615 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
3619 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
3616 )
3620 )
3617
3621
3618 TYPE_CHANGESET_COMMENT = u'cs_comment'
3622 TYPE_CHANGESET_COMMENT = u'cs_comment'
3619 TYPE_MESSAGE = u'message'
3623 TYPE_MESSAGE = u'message'
3620 TYPE_MENTION = u'mention'
3624 TYPE_MENTION = u'mention'
3621 TYPE_REGISTRATION = u'registration'
3625 TYPE_REGISTRATION = u'registration'
3622 TYPE_PULL_REQUEST = u'pull_request'
3626 TYPE_PULL_REQUEST = u'pull_request'
3623 TYPE_PULL_REQUEST_COMMENT = u'pull_request_comment'
3627 TYPE_PULL_REQUEST_COMMENT = u'pull_request_comment'
3624
3628
3625 notification_id = Column('notification_id', Integer(), nullable=False, primary_key=True)
3629 notification_id = Column('notification_id', Integer(), nullable=False, primary_key=True)
3626 subject = Column('subject', Unicode(512), nullable=True)
3630 subject = Column('subject', Unicode(512), nullable=True)
3627 body = Column('body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True)
3631 body = Column('body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True)
3628 created_by = Column("created_by", Integer(), ForeignKey('users.user_id'), nullable=True)
3632 created_by = Column("created_by", Integer(), ForeignKey('users.user_id'), nullable=True)
3629 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3633 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3630 type_ = Column('type', Unicode(255))
3634 type_ = Column('type', Unicode(255))
3631
3635
3632 created_by_user = relationship('User')
3636 created_by_user = relationship('User')
3633 notifications_to_users = relationship('UserNotification', lazy='joined',
3637 notifications_to_users = relationship('UserNotification', lazy='joined',
3634 cascade="all, delete, delete-orphan")
3638 cascade="all, delete, delete-orphan")
3635
3639
3636 @property
3640 @property
3637 def recipients(self):
3641 def recipients(self):
3638 return [x.user for x in UserNotification.query()\
3642 return [x.user for x in UserNotification.query()\
3639 .filter(UserNotification.notification == self)\
3643 .filter(UserNotification.notification == self)\
3640 .order_by(UserNotification.user_id.asc()).all()]
3644 .order_by(UserNotification.user_id.asc()).all()]
3641
3645
3642 @classmethod
3646 @classmethod
3643 def create(cls, created_by, subject, body, recipients, type_=None):
3647 def create(cls, created_by, subject, body, recipients, type_=None):
3644 if type_ is None:
3648 if type_ is None:
3645 type_ = Notification.TYPE_MESSAGE
3649 type_ = Notification.TYPE_MESSAGE
3646
3650
3647 notification = cls()
3651 notification = cls()
3648 notification.created_by_user = created_by
3652 notification.created_by_user = created_by
3649 notification.subject = subject
3653 notification.subject = subject
3650 notification.body = body
3654 notification.body = body
3651 notification.type_ = type_
3655 notification.type_ = type_
3652 notification.created_on = datetime.datetime.now()
3656 notification.created_on = datetime.datetime.now()
3653
3657
3654 for u in recipients:
3658 for u in recipients:
3655 assoc = UserNotification()
3659 assoc = UserNotification()
3656 assoc.notification = notification
3660 assoc.notification = notification
3657
3661
3658 # if created_by is inside recipients mark his notification
3662 # if created_by is inside recipients mark his notification
3659 # as read
3663 # as read
3660 if u.user_id == created_by.user_id:
3664 if u.user_id == created_by.user_id:
3661 assoc.read = True
3665 assoc.read = True
3662
3666
3663 u.notifications.append(assoc)
3667 u.notifications.append(assoc)
3664 Session().add(notification)
3668 Session().add(notification)
3665
3669
3666 return notification
3670 return notification
3667
3671
3668 @property
3672 @property
3669 def description(self):
3673 def description(self):
3670 from rhodecode.model.notification import NotificationModel
3674 from rhodecode.model.notification import NotificationModel
3671 return NotificationModel().make_description(self)
3675 return NotificationModel().make_description(self)
3672
3676
3673
3677
3674 class UserNotification(Base, BaseModel):
3678 class UserNotification(Base, BaseModel):
3675 __tablename__ = 'user_to_notification'
3679 __tablename__ = 'user_to_notification'
3676 __table_args__ = (
3680 __table_args__ = (
3677 UniqueConstraint('user_id', 'notification_id'),
3681 UniqueConstraint('user_id', 'notification_id'),
3678 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3682 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3679 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
3683 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
3680 )
3684 )
3681 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
3685 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
3682 notification_id = Column("notification_id", Integer(), ForeignKey('notifications.notification_id'), primary_key=True)
3686 notification_id = Column("notification_id", Integer(), ForeignKey('notifications.notification_id'), primary_key=True)
3683 read = Column('read', Boolean, default=False)
3687 read = Column('read', Boolean, default=False)
3684 sent_on = Column('sent_on', DateTime(timezone=False), nullable=True, unique=None)
3688 sent_on = Column('sent_on', DateTime(timezone=False), nullable=True, unique=None)
3685
3689
3686 user = relationship('User', lazy="joined")
3690 user = relationship('User', lazy="joined")
3687 notification = relationship('Notification', lazy="joined",
3691 notification = relationship('Notification', lazy="joined",
3688 order_by=lambda: Notification.created_on.desc(),)
3692 order_by=lambda: Notification.created_on.desc(),)
3689
3693
3690 def mark_as_read(self):
3694 def mark_as_read(self):
3691 self.read = True
3695 self.read = True
3692 Session().add(self)
3696 Session().add(self)
3693
3697
3694
3698
3695 class Gist(Base, BaseModel):
3699 class Gist(Base, BaseModel):
3696 __tablename__ = 'gists'
3700 __tablename__ = 'gists'
3697 __table_args__ = (
3701 __table_args__ = (
3698 Index('g_gist_access_id_idx', 'gist_access_id'),
3702 Index('g_gist_access_id_idx', 'gist_access_id'),
3699 Index('g_created_on_idx', 'created_on'),
3703 Index('g_created_on_idx', 'created_on'),
3700 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3704 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3701 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
3705 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
3702 )
3706 )
3703 GIST_PUBLIC = u'public'
3707 GIST_PUBLIC = u'public'
3704 GIST_PRIVATE = u'private'
3708 GIST_PRIVATE = u'private'
3705 DEFAULT_FILENAME = u'gistfile1.txt'
3709 DEFAULT_FILENAME = u'gistfile1.txt'
3706
3710
3707 ACL_LEVEL_PUBLIC = u'acl_public'
3711 ACL_LEVEL_PUBLIC = u'acl_public'
3708 ACL_LEVEL_PRIVATE = u'acl_private'
3712 ACL_LEVEL_PRIVATE = u'acl_private'
3709
3713
3710 gist_id = Column('gist_id', Integer(), primary_key=True)
3714 gist_id = Column('gist_id', Integer(), primary_key=True)
3711 gist_access_id = Column('gist_access_id', Unicode(250))
3715 gist_access_id = Column('gist_access_id', Unicode(250))
3712 gist_description = Column('gist_description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
3716 gist_description = Column('gist_description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
3713 gist_owner = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True)
3717 gist_owner = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True)
3714 gist_expires = Column('gist_expires', Float(53), nullable=False)
3718 gist_expires = Column('gist_expires', Float(53), nullable=False)
3715 gist_type = Column('gist_type', Unicode(128), nullable=False)
3719 gist_type = Column('gist_type', Unicode(128), nullable=False)
3716 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3720 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3717 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3721 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
3718 acl_level = Column('acl_level', Unicode(128), nullable=True)
3722 acl_level = Column('acl_level', Unicode(128), nullable=True)
3719
3723
3720 owner = relationship('User')
3724 owner = relationship('User')
3721
3725
3722 def __repr__(self):
3726 def __repr__(self):
3723 return '<Gist:[%s]%s>' % (self.gist_type, self.gist_access_id)
3727 return '<Gist:[%s]%s>' % (self.gist_type, self.gist_access_id)
3724
3728
3725 @classmethod
3729 @classmethod
3726 def get_or_404(cls, id_, pyramid_exc=False):
3730 def get_or_404(cls, id_, pyramid_exc=False):
3727
3731
3728 if pyramid_exc:
3732 if pyramid_exc:
3729 from pyramid.httpexceptions import HTTPNotFound
3733 from pyramid.httpexceptions import HTTPNotFound
3730 else:
3734 else:
3731 from webob.exc import HTTPNotFound
3735 from webob.exc import HTTPNotFound
3732
3736
3733 res = cls.query().filter(cls.gist_access_id == id_).scalar()
3737 res = cls.query().filter(cls.gist_access_id == id_).scalar()
3734 if not res:
3738 if not res:
3735 raise HTTPNotFound
3739 raise HTTPNotFound
3736 return res
3740 return res
3737
3741
3738 @classmethod
3742 @classmethod
3739 def get_by_access_id(cls, gist_access_id):
3743 def get_by_access_id(cls, gist_access_id):
3740 return cls.query().filter(cls.gist_access_id == gist_access_id).scalar()
3744 return cls.query().filter(cls.gist_access_id == gist_access_id).scalar()
3741
3745
3742 def gist_url(self):
3746 def gist_url(self):
3743 import rhodecode
3747 import rhodecode
3744 from pylons import url
3748 from pylons import url
3745
3749
3746 alias_url = rhodecode.CONFIG.get('gist_alias_url')
3750 alias_url = rhodecode.CONFIG.get('gist_alias_url')
3747 if alias_url:
3751 if alias_url:
3748 return alias_url.replace('{gistid}', self.gist_access_id)
3752 return alias_url.replace('{gistid}', self.gist_access_id)
3749
3753
3750 return url('gist', gist_id=self.gist_access_id, qualified=True)
3754 return url('gist', gist_id=self.gist_access_id, qualified=True)
3751
3755
3752 @classmethod
3756 @classmethod
3753 def base_path(cls):
3757 def base_path(cls):
3754 """
3758 """
3755 Returns base path when all gists are stored
3759 Returns base path when all gists are stored
3756
3760
3757 :param cls:
3761 :param cls:
3758 """
3762 """
3759 from rhodecode.model.gist import GIST_STORE_LOC
3763 from rhodecode.model.gist import GIST_STORE_LOC
3760 q = Session().query(RhodeCodeUi)\
3764 q = Session().query(RhodeCodeUi)\
3761 .filter(RhodeCodeUi.ui_key == URL_SEP)
3765 .filter(RhodeCodeUi.ui_key == URL_SEP)
3762 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
3766 q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
3763 return os.path.join(q.one().ui_value, GIST_STORE_LOC)
3767 return os.path.join(q.one().ui_value, GIST_STORE_LOC)
3764
3768
3765 def get_api_data(self):
3769 def get_api_data(self):
3766 """
3770 """
3767 Common function for generating gist related data for API
3771 Common function for generating gist related data for API
3768 """
3772 """
3769 gist = self
3773 gist = self
3770 data = {
3774 data = {
3771 'gist_id': gist.gist_id,
3775 'gist_id': gist.gist_id,
3772 'type': gist.gist_type,
3776 'type': gist.gist_type,
3773 'access_id': gist.gist_access_id,
3777 'access_id': gist.gist_access_id,
3774 'description': gist.gist_description,
3778 'description': gist.gist_description,
3775 'url': gist.gist_url(),
3779 'url': gist.gist_url(),
3776 'expires': gist.gist_expires,
3780 'expires': gist.gist_expires,
3777 'created_on': gist.created_on,
3781 'created_on': gist.created_on,
3778 'modified_at': gist.modified_at,
3782 'modified_at': gist.modified_at,
3779 'content': None,
3783 'content': None,
3780 'acl_level': gist.acl_level,
3784 'acl_level': gist.acl_level,
3781 }
3785 }
3782 return data
3786 return data
3783
3787
3784 def __json__(self):
3788 def __json__(self):
3785 data = dict(
3789 data = dict(
3786 )
3790 )
3787 data.update(self.get_api_data())
3791 data.update(self.get_api_data())
3788 return data
3792 return data
3789 # SCM functions
3793 # SCM functions
3790
3794
3791 def scm_instance(self, **kwargs):
3795 def scm_instance(self, **kwargs):
3792 full_repo_path = os.path.join(self.base_path(), self.gist_access_id)
3796 full_repo_path = os.path.join(self.base_path(), self.gist_access_id)
3793 return get_vcs_instance(
3797 return get_vcs_instance(
3794 repo_path=safe_str(full_repo_path), create=False)
3798 repo_path=safe_str(full_repo_path), create=False)
3795
3799
3796
3800
3797 class ExternalIdentity(Base, BaseModel):
3801 class ExternalIdentity(Base, BaseModel):
3798 __tablename__ = 'external_identities'
3802 __tablename__ = 'external_identities'
3799 __table_args__ = (
3803 __table_args__ = (
3800 Index('local_user_id_idx', 'local_user_id'),
3804 Index('local_user_id_idx', 'local_user_id'),
3801 Index('external_id_idx', 'external_id'),
3805 Index('external_id_idx', 'external_id'),
3802 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3806 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3803 'mysql_charset': 'utf8'})
3807 'mysql_charset': 'utf8'})
3804
3808
3805 external_id = Column('external_id', Unicode(255), default=u'',
3809 external_id = Column('external_id', Unicode(255), default=u'',
3806 primary_key=True)
3810 primary_key=True)
3807 external_username = Column('external_username', Unicode(1024), default=u'')
3811 external_username = Column('external_username', Unicode(1024), default=u'')
3808 local_user_id = Column('local_user_id', Integer(),
3812 local_user_id = Column('local_user_id', Integer(),
3809 ForeignKey('users.user_id'), primary_key=True)
3813 ForeignKey('users.user_id'), primary_key=True)
3810 provider_name = Column('provider_name', Unicode(255), default=u'',
3814 provider_name = Column('provider_name', Unicode(255), default=u'',
3811 primary_key=True)
3815 primary_key=True)
3812 access_token = Column('access_token', String(1024), default=u'')
3816 access_token = Column('access_token', String(1024), default=u'')
3813 alt_token = Column('alt_token', String(1024), default=u'')
3817 alt_token = Column('alt_token', String(1024), default=u'')
3814 token_secret = Column('token_secret', String(1024), default=u'')
3818 token_secret = Column('token_secret', String(1024), default=u'')
3815
3819
3816 @classmethod
3820 @classmethod
3817 def by_external_id_and_provider(cls, external_id, provider_name,
3821 def by_external_id_and_provider(cls, external_id, provider_name,
3818 local_user_id=None):
3822 local_user_id=None):
3819 """
3823 """
3820 Returns ExternalIdentity instance based on search params
3824 Returns ExternalIdentity instance based on search params
3821
3825
3822 :param external_id:
3826 :param external_id:
3823 :param provider_name:
3827 :param provider_name:
3824 :return: ExternalIdentity
3828 :return: ExternalIdentity
3825 """
3829 """
3826 query = cls.query()
3830 query = cls.query()
3827 query = query.filter(cls.external_id == external_id)
3831 query = query.filter(cls.external_id == external_id)
3828 query = query.filter(cls.provider_name == provider_name)
3832 query = query.filter(cls.provider_name == provider_name)
3829 if local_user_id:
3833 if local_user_id:
3830 query = query.filter(cls.local_user_id == local_user_id)
3834 query = query.filter(cls.local_user_id == local_user_id)
3831 return query.first()
3835 return query.first()
3832
3836
3833 @classmethod
3837 @classmethod
3834 def user_by_external_id_and_provider(cls, external_id, provider_name):
3838 def user_by_external_id_and_provider(cls, external_id, provider_name):
3835 """
3839 """
3836 Returns User instance based on search params
3840 Returns User instance based on search params
3837
3841
3838 :param external_id:
3842 :param external_id:
3839 :param provider_name:
3843 :param provider_name:
3840 :return: User
3844 :return: User
3841 """
3845 """
3842 query = User.query()
3846 query = User.query()
3843 query = query.filter(cls.external_id == external_id)
3847 query = query.filter(cls.external_id == external_id)
3844 query = query.filter(cls.provider_name == provider_name)
3848 query = query.filter(cls.provider_name == provider_name)
3845 query = query.filter(User.user_id == cls.local_user_id)
3849 query = query.filter(User.user_id == cls.local_user_id)
3846 return query.first()
3850 return query.first()
3847
3851
3848 @classmethod
3852 @classmethod
3849 def by_local_user_id(cls, local_user_id):
3853 def by_local_user_id(cls, local_user_id):
3850 """
3854 """
3851 Returns all tokens for user
3855 Returns all tokens for user
3852
3856
3853 :param local_user_id:
3857 :param local_user_id:
3854 :return: ExternalIdentity
3858 :return: ExternalIdentity
3855 """
3859 """
3856 query = cls.query()
3860 query = cls.query()
3857 query = query.filter(cls.local_user_id == local_user_id)
3861 query = query.filter(cls.local_user_id == local_user_id)
3858 return query
3862 return query
3859
3863
3860
3864
3861 class Integration(Base, BaseModel):
3865 class Integration(Base, BaseModel):
3862 __tablename__ = 'integrations'
3866 __tablename__ = 'integrations'
3863 __table_args__ = (
3867 __table_args__ = (
3864 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3868 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3865 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
3869 'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
3866 )
3870 )
3867
3871
3868 integration_id = Column('integration_id', Integer(), primary_key=True)
3872 integration_id = Column('integration_id', Integer(), primary_key=True)
3869 integration_type = Column('integration_type', String(255))
3873 integration_type = Column('integration_type', String(255))
3870 enabled = Column('enabled', Boolean(), nullable=False)
3874 enabled = Column('enabled', Boolean(), nullable=False)
3871 name = Column('name', String(255), nullable=False)
3875 name = Column('name', String(255), nullable=False)
3872 child_repos_only = Column('child_repos_only', Boolean(), nullable=False,
3876 child_repos_only = Column('child_repos_only', Boolean(), nullable=False,
3873 default=False)
3877 default=False)
3874
3878
3875 settings = Column(
3879 settings = Column(
3876 'settings_json', MutationObj.as_mutable(
3880 'settings_json', MutationObj.as_mutable(
3877 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
3881 JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
3878 repo_id = Column(
3882 repo_id = Column(
3879 'repo_id', Integer(), ForeignKey('repositories.repo_id'),
3883 'repo_id', Integer(), ForeignKey('repositories.repo_id'),
3880 nullable=True, unique=None, default=None)
3884 nullable=True, unique=None, default=None)
3881 repo = relationship('Repository', lazy='joined')
3885 repo = relationship('Repository', lazy='joined')
3882
3886
3883 repo_group_id = Column(
3887 repo_group_id = Column(
3884 'repo_group_id', Integer(), ForeignKey('groups.group_id'),
3888 'repo_group_id', Integer(), ForeignKey('groups.group_id'),
3885 nullable=True, unique=None, default=None)
3889 nullable=True, unique=None, default=None)
3886 repo_group = relationship('RepoGroup', lazy='joined')
3890 repo_group = relationship('RepoGroup', lazy='joined')
3887
3891
3888 @property
3892 @property
3889 def scope(self):
3893 def scope(self):
3890 if self.repo:
3894 if self.repo:
3891 return repr(self.repo)
3895 return repr(self.repo)
3892 if self.repo_group:
3896 if self.repo_group:
3893 if self.child_repos_only:
3897 if self.child_repos_only:
3894 return repr(self.repo_group) + ' (child repos only)'
3898 return repr(self.repo_group) + ' (child repos only)'
3895 else:
3899 else:
3896 return repr(self.repo_group) + ' (recursive)'
3900 return repr(self.repo_group) + ' (recursive)'
3897 if self.child_repos_only:
3901 if self.child_repos_only:
3898 return 'root_repos'
3902 return 'root_repos'
3899 return 'global'
3903 return 'global'
3900
3904
3901 def __repr__(self):
3905 def __repr__(self):
3902 return '<Integration(%r, %r)>' % (self.integration_type, self.scope)
3906 return '<Integration(%r, %r)>' % (self.integration_type, self.scope)
3903
3907
3904
3908
3905 class RepoReviewRuleUser(Base, BaseModel):
3909 class RepoReviewRuleUser(Base, BaseModel):
3906 __tablename__ = 'repo_review_rules_users'
3910 __tablename__ = 'repo_review_rules_users'
3907 __table_args__ = (
3911 __table_args__ = (
3908 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3912 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3909 'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
3913 'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
3910 )
3914 )
3911 repo_review_rule_user_id = Column('repo_review_rule_user_id', Integer(), primary_key=True)
3915 repo_review_rule_user_id = Column('repo_review_rule_user_id', Integer(), primary_key=True)
3912 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
3916 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
3913 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False)
3917 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False)
3914 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
3918 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
3915 user = relationship('User')
3919 user = relationship('User')
3916
3920
3917 def rule_data(self):
3921 def rule_data(self):
3918 return {
3922 return {
3919 'mandatory': self.mandatory
3923 'mandatory': self.mandatory
3920 }
3924 }
3921
3925
3922
3926
3923 class RepoReviewRuleUserGroup(Base, BaseModel):
3927 class RepoReviewRuleUserGroup(Base, BaseModel):
3924 __tablename__ = 'repo_review_rules_users_groups'
3928 __tablename__ = 'repo_review_rules_users_groups'
3925 __table_args__ = (
3929 __table_args__ = (
3926 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3930 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3927 'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
3931 'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
3928 )
3932 )
3929 repo_review_rule_users_group_id = Column('repo_review_rule_users_group_id', Integer(), primary_key=True)
3933 repo_review_rule_users_group_id = Column('repo_review_rule_users_group_id', Integer(), primary_key=True)
3930 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
3934 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
3931 users_group_id = Column("users_group_id", Integer(),ForeignKey('users_groups.users_group_id'), nullable=False)
3935 users_group_id = Column("users_group_id", Integer(),ForeignKey('users_groups.users_group_id'), nullable=False)
3932 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
3936 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
3933 users_group = relationship('UserGroup')
3937 users_group = relationship('UserGroup')
3934
3938
3935 def rule_data(self):
3939 def rule_data(self):
3936 return {
3940 return {
3937 'mandatory': self.mandatory
3941 'mandatory': self.mandatory
3938 }
3942 }
3939
3943
3940
3944
3941 class RepoReviewRule(Base, BaseModel):
3945 class RepoReviewRule(Base, BaseModel):
3942 __tablename__ = 'repo_review_rules'
3946 __tablename__ = 'repo_review_rules'
3943 __table_args__ = (
3947 __table_args__ = (
3944 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3948 {'extend_existing': True, 'mysql_engine': 'InnoDB',
3945 'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
3949 'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
3946 )
3950 )
3947
3951
3948 repo_review_rule_id = Column(
3952 repo_review_rule_id = Column(
3949 'repo_review_rule_id', Integer(), primary_key=True)
3953 'repo_review_rule_id', Integer(), primary_key=True)
3950 repo_id = Column(
3954 repo_id = Column(
3951 "repo_id", Integer(), ForeignKey('repositories.repo_id'))
3955 "repo_id", Integer(), ForeignKey('repositories.repo_id'))
3952 repo = relationship('Repository', backref='review_rules')
3956 repo = relationship('Repository', backref='review_rules')
3953
3957
3954 _branch_pattern = Column("branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob
3958 _branch_pattern = Column("branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob
3955 _file_pattern = Column("file_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob
3959 _file_pattern = Column("file_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*') # glob
3956
3960
3957 use_authors_for_review = Column("use_authors_for_review", Boolean(), nullable=False, default=False)
3961 use_authors_for_review = Column("use_authors_for_review", Boolean(), nullable=False, default=False)
3958 forbid_author_to_review = Column("forbid_author_to_review", Boolean(), nullable=False, default=False)
3962 forbid_author_to_review = Column("forbid_author_to_review", Boolean(), nullable=False, default=False)
3959 forbid_commit_author_to_review = Column("forbid_commit_author_to_review", Boolean(), nullable=False, default=False)
3963 forbid_commit_author_to_review = Column("forbid_commit_author_to_review", Boolean(), nullable=False, default=False)
3960 forbid_adding_reviewers = Column("forbid_adding_reviewers", Boolean(), nullable=False, default=False)
3964 forbid_adding_reviewers = Column("forbid_adding_reviewers", Boolean(), nullable=False, default=False)
3961
3965
3962 rule_users = relationship('RepoReviewRuleUser')
3966 rule_users = relationship('RepoReviewRuleUser')
3963 rule_user_groups = relationship('RepoReviewRuleUserGroup')
3967 rule_user_groups = relationship('RepoReviewRuleUserGroup')
3964
3968
3965 @hybrid_property
3969 @hybrid_property
3966 def branch_pattern(self):
3970 def branch_pattern(self):
3967 return self._branch_pattern or '*'
3971 return self._branch_pattern or '*'
3968
3972
3969 def _validate_glob(self, value):
3973 def _validate_glob(self, value):
3970 re.compile('^' + glob2re(value) + '$')
3974 re.compile('^' + glob2re(value) + '$')
3971
3975
3972 @branch_pattern.setter
3976 @branch_pattern.setter
3973 def branch_pattern(self, value):
3977 def branch_pattern(self, value):
3974 self._validate_glob(value)
3978 self._validate_glob(value)
3975 self._branch_pattern = value or '*'
3979 self._branch_pattern = value or '*'
3976
3980
3977 @hybrid_property
3981 @hybrid_property
3978 def file_pattern(self):
3982 def file_pattern(self):
3979 return self._file_pattern or '*'
3983 return self._file_pattern or '*'
3980
3984
3981 @file_pattern.setter
3985 @file_pattern.setter
3982 def file_pattern(self, value):
3986 def file_pattern(self, value):
3983 self._validate_glob(value)
3987 self._validate_glob(value)
3984 self._file_pattern = value or '*'
3988 self._file_pattern = value or '*'
3985
3989
3986 def matches(self, branch, files_changed):
3990 def matches(self, branch, files_changed):
3987 """
3991 """
3988 Check if this review rule matches a branch/files in a pull request
3992 Check if this review rule matches a branch/files in a pull request
3989
3993
3990 :param branch: branch name for the commit
3994 :param branch: branch name for the commit
3991 :param files_changed: list of file paths changed in the pull request
3995 :param files_changed: list of file paths changed in the pull request
3992 """
3996 """
3993
3997
3994 branch = branch or ''
3998 branch = branch or ''
3995 files_changed = files_changed or []
3999 files_changed = files_changed or []
3996
4000
3997 branch_matches = True
4001 branch_matches = True
3998 if branch:
4002 if branch:
3999 branch_regex = re.compile('^' + glob2re(self.branch_pattern) + '$')
4003 branch_regex = re.compile('^' + glob2re(self.branch_pattern) + '$')
4000 branch_matches = bool(branch_regex.search(branch))
4004 branch_matches = bool(branch_regex.search(branch))
4001
4005
4002 files_matches = True
4006 files_matches = True
4003 if self.file_pattern != '*':
4007 if self.file_pattern != '*':
4004 files_matches = False
4008 files_matches = False
4005 file_regex = re.compile(glob2re(self.file_pattern))
4009 file_regex = re.compile(glob2re(self.file_pattern))
4006 for filename in files_changed:
4010 for filename in files_changed:
4007 if file_regex.search(filename):
4011 if file_regex.search(filename):
4008 files_matches = True
4012 files_matches = True
4009 break
4013 break
4010
4014
4011 return branch_matches and files_matches
4015 return branch_matches and files_matches
4012
4016
4013 @property
4017 @property
4014 def review_users(self):
4018 def review_users(self):
4015 """ Returns the users which this rule applies to """
4019 """ Returns the users which this rule applies to """
4016
4020
4017 users = collections.OrderedDict()
4021 users = collections.OrderedDict()
4018
4022
4019 for rule_user in self.rule_users:
4023 for rule_user in self.rule_users:
4020 if rule_user.user.active:
4024 if rule_user.user.active:
4021 if rule_user.user not in users:
4025 if rule_user.user not in users:
4022 users[rule_user.user.username] = {
4026 users[rule_user.user.username] = {
4023 'user': rule_user.user,
4027 'user': rule_user.user,
4024 'source': 'user',
4028 'source': 'user',
4025 'source_data': {},
4029 'source_data': {},
4026 'data': rule_user.rule_data()
4030 'data': rule_user.rule_data()
4027 }
4031 }
4028
4032
4029 for rule_user_group in self.rule_user_groups:
4033 for rule_user_group in self.rule_user_groups:
4030 source_data = {
4034 source_data = {
4031 'name': rule_user_group.users_group.users_group_name,
4035 'name': rule_user_group.users_group.users_group_name,
4032 'members': len(rule_user_group.users_group.members)
4036 'members': len(rule_user_group.users_group.members)
4033 }
4037 }
4034 for member in rule_user_group.users_group.members:
4038 for member in rule_user_group.users_group.members:
4035 if member.user.active:
4039 if member.user.active:
4036 users[member.user.username] = {
4040 users[member.user.username] = {
4037 'user': member.user,
4041 'user': member.user,
4038 'source': 'user_group',
4042 'source': 'user_group',
4039 'source_data': source_data,
4043 'source_data': source_data,
4040 'data': rule_user_group.rule_data()
4044 'data': rule_user_group.rule_data()
4041 }
4045 }
4042
4046
4043 return users
4047 return users
4044
4048
4045 def __repr__(self):
4049 def __repr__(self):
4046 return '<RepoReviewerRule(id=%r, repo=%r)>' % (
4050 return '<RepoReviewerRule(id=%r, repo=%r)>' % (
4047 self.repo_review_rule_id, self.repo)
4051 self.repo_review_rule_id, self.repo)
4048
4052
4049
4053
4050 class DbMigrateVersion(Base, BaseModel):
4054 class DbMigrateVersion(Base, BaseModel):
4051 __tablename__ = 'db_migrate_version'
4055 __tablename__ = 'db_migrate_version'
4052 __table_args__ = (
4056 __table_args__ = (
4053 {'extend_existing': True, 'mysql_engine': 'InnoDB',
4057 {'extend_existing': True, 'mysql_engine': 'InnoDB',
4054 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
4058 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
4055 )
4059 )
4056 repository_id = Column('repository_id', String(250), primary_key=True)
4060 repository_id = Column('repository_id', String(250), primary_key=True)
4057 repository_path = Column('repository_path', Text)
4061 repository_path = Column('repository_path', Text)
4058 version = Column('version', Integer)
4062 version = Column('version', Integer)
4059
4063
4060
4064
4061 class DbSession(Base, BaseModel):
4065 class DbSession(Base, BaseModel):
4062 __tablename__ = 'db_session'
4066 __tablename__ = 'db_session'
4063 __table_args__ = (
4067 __table_args__ = (
4064 {'extend_existing': True, 'mysql_engine': 'InnoDB',
4068 {'extend_existing': True, 'mysql_engine': 'InnoDB',
4065 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
4069 'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
4066 )
4070 )
4067
4071
4068 def __repr__(self):
4072 def __repr__(self):
4069 return '<DB:DbSession({})>'.format(self.id)
4073 return '<DB:DbSession({})>'.format(self.id)
4070
4074
4071 id = Column('id', Integer())
4075 id = Column('id', Integer())
4072 namespace = Column('namespace', String(255), primary_key=True)
4076 namespace = Column('namespace', String(255), primary_key=True)
4073 accessed = Column('accessed', DateTime, nullable=False)
4077 accessed = Column('accessed', DateTime, nullable=False)
4074 created = Column('created', DateTime, nullable=False)
4078 created = Column('created', DateTime, nullable=False)
4075 data = Column('data', PickleType, nullable=False)
4079 data = Column('data', PickleType, nullable=False)
Show file before | Show file after | Hide comments
@@ -1,1551 +1,1551 b''
1 # -*- coding: utf-8 -*-
1 # -*- coding: utf-8 -*-
2
2
3 # Copyright (C) 2012-2017 RhodeCode GmbH
3 # Copyright (C) 2012-2017 RhodeCode GmbH
4 #
4 #
5 # This program is free software: you can redistribute it and/or modify
5 # This program is free software: you can redistribute it and/or modify
6 # it under the terms of the GNU Affero General Public License, version 3
6 # it under the terms of the GNU Affero General Public License, version 3
7 # (only), as published by the Free Software Foundation.
7 # (only), as published by the Free Software Foundation.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU Affero General Public License
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 #
16 #
17 # This program is dual-licensed. If you wish to learn more about the
17 # This program is dual-licensed. If you wish to learn more about the
18 # RhodeCode Enterprise Edition, including its added features, Support services,
18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20
20
21
21
22 """
22 """
23 pull request model for RhodeCode
23 pull request model for RhodeCode
24 """
24 """
25
25
26 from collections import namedtuple
26 from collections import namedtuple
27 import json
27 import json
28 import logging
28 import logging
29 import datetime
29 import datetime
30 import urllib
30 import urllib
31
31
32 from pylons.i18n.translation import _
32 from pylons.i18n.translation import _
33 from pylons.i18n.translation import lazy_ugettext
33 from pylons.i18n.translation import lazy_ugettext
34 from pyramid.threadlocal import get_current_request
34 from pyramid.threadlocal import get_current_request
35 from sqlalchemy import or_
35 from sqlalchemy import or_
36
36
37 from rhodecode import events
37 from rhodecode import events
38 from rhodecode.lib import helpers as h, hooks_utils, diffs
38 from rhodecode.lib import helpers as h, hooks_utils, diffs
39 from rhodecode.lib import audit_logger
39 from rhodecode.lib import audit_logger
40 from rhodecode.lib.compat import OrderedDict
40 from rhodecode.lib.compat import OrderedDict
41 from rhodecode.lib.hooks_daemon import prepare_callback_daemon
41 from rhodecode.lib.hooks_daemon import prepare_callback_daemon
42 from rhodecode.lib.markup_renderer import (
42 from rhodecode.lib.markup_renderer import (
43 DEFAULT_COMMENTS_RENDERER, RstTemplateRenderer)
43 DEFAULT_COMMENTS_RENDERER, RstTemplateRenderer)
44 from rhodecode.lib.utils2 import safe_unicode, safe_str, md5_safe
44 from rhodecode.lib.utils2 import safe_unicode, safe_str, md5_safe
45 from rhodecode.lib.vcs.backends.base import (
45 from rhodecode.lib.vcs.backends.base import (
46 Reference, MergeResponse, MergeFailureReason, UpdateFailureReason)
46 Reference, MergeResponse, MergeFailureReason, UpdateFailureReason)
47 from rhodecode.lib.vcs.conf import settings as vcs_settings
47 from rhodecode.lib.vcs.conf import settings as vcs_settings
48 from rhodecode.lib.vcs.exceptions import (
48 from rhodecode.lib.vcs.exceptions import (
49 CommitDoesNotExistError, EmptyRepositoryError)
49 CommitDoesNotExistError, EmptyRepositoryError)
50 from rhodecode.model import BaseModel
50 from rhodecode.model import BaseModel
51 from rhodecode.model.changeset_status import ChangesetStatusModel
51 from rhodecode.model.changeset_status import ChangesetStatusModel
52 from rhodecode.model.comment import CommentsModel
52 from rhodecode.model.comment import CommentsModel
53 from rhodecode.model.db import (
53 from rhodecode.model.db import (
54 PullRequest, PullRequestReviewers, ChangesetStatus,
54 PullRequest, PullRequestReviewers, ChangesetStatus,
55 PullRequestVersion, ChangesetComment, Repository)
55 PullRequestVersion, ChangesetComment, Repository)
56 from rhodecode.model.meta import Session
56 from rhodecode.model.meta import Session
57 from rhodecode.model.notification import NotificationModel, \
57 from rhodecode.model.notification import NotificationModel, \
58 EmailNotificationModel
58 EmailNotificationModel
59 from rhodecode.model.scm import ScmModel
59 from rhodecode.model.scm import ScmModel
60 from rhodecode.model.settings import VcsSettingsModel
60 from rhodecode.model.settings import VcsSettingsModel
61
61
62
62
63 log = logging.getLogger(__name__)
63 log = logging.getLogger(__name__)
64
64
65
65
66 # Data structure to hold the response data when updating commits during a pull
66 # Data structure to hold the response data when updating commits during a pull
67 # request update.
67 # request update.
68 UpdateResponse = namedtuple('UpdateResponse', [
68 UpdateResponse = namedtuple('UpdateResponse', [
69 'executed', 'reason', 'new', 'old', 'changes',
69 'executed', 'reason', 'new', 'old', 'changes',
70 'source_changed', 'target_changed'])
70 'source_changed', 'target_changed'])
71
71
72
72
73 class PullRequestModel(BaseModel):
73 class PullRequestModel(BaseModel):
74
74
75 cls = PullRequest
75 cls = PullRequest
76
76
77 DIFF_CONTEXT = 3
77 DIFF_CONTEXT = 3
78
78
79 MERGE_STATUS_MESSAGES = {
79 MERGE_STATUS_MESSAGES = {
80 MergeFailureReason.NONE: lazy_ugettext(
80 MergeFailureReason.NONE: lazy_ugettext(
81 'This pull request can be automatically merged.'),
81 'This pull request can be automatically merged.'),
82 MergeFailureReason.UNKNOWN: lazy_ugettext(
82 MergeFailureReason.UNKNOWN: lazy_ugettext(
83 'This pull request cannot be merged because of an unhandled'
83 'This pull request cannot be merged because of an unhandled'
84 ' exception.'),
84 ' exception.'),
85 MergeFailureReason.MERGE_FAILED: lazy_ugettext(
85 MergeFailureReason.MERGE_FAILED: lazy_ugettext(
86 'This pull request cannot be merged because of merge conflicts.'),
86 'This pull request cannot be merged because of merge conflicts.'),
87 MergeFailureReason.PUSH_FAILED: lazy_ugettext(
87 MergeFailureReason.PUSH_FAILED: lazy_ugettext(
88 'This pull request could not be merged because push to target'
88 'This pull request could not be merged because push to target'
89 ' failed.'),
89 ' failed.'),
90 MergeFailureReason.TARGET_IS_NOT_HEAD: lazy_ugettext(
90 MergeFailureReason.TARGET_IS_NOT_HEAD: lazy_ugettext(
91 'This pull request cannot be merged because the target is not a'
91 'This pull request cannot be merged because the target is not a'
92 ' head.'),
92 ' head.'),
93 MergeFailureReason.HG_SOURCE_HAS_MORE_BRANCHES: lazy_ugettext(
93 MergeFailureReason.HG_SOURCE_HAS_MORE_BRANCHES: lazy_ugettext(
94 'This pull request cannot be merged because the source contains'
94 'This pull request cannot be merged because the source contains'
95 ' more branches than the target.'),
95 ' more branches than the target.'),
96 MergeFailureReason.HG_TARGET_HAS_MULTIPLE_HEADS: lazy_ugettext(
96 MergeFailureReason.HG_TARGET_HAS_MULTIPLE_HEADS: lazy_ugettext(
97 'This pull request cannot be merged because the target has'
97 'This pull request cannot be merged because the target has'
98 ' multiple heads.'),
98 ' multiple heads.'),
99 MergeFailureReason.TARGET_IS_LOCKED: lazy_ugettext(
99 MergeFailureReason.TARGET_IS_LOCKED: lazy_ugettext(
100 'This pull request cannot be merged because the target repository'
100 'This pull request cannot be merged because the target repository'
101 ' is locked.'),
101 ' is locked.'),
102 MergeFailureReason._DEPRECATED_MISSING_COMMIT: lazy_ugettext(
102 MergeFailureReason._DEPRECATED_MISSING_COMMIT: lazy_ugettext(
103 'This pull request cannot be merged because the target or the '
103 'This pull request cannot be merged because the target or the '
104 'source reference is missing.'),
104 'source reference is missing.'),
105 MergeFailureReason.MISSING_TARGET_REF: lazy_ugettext(
105 MergeFailureReason.MISSING_TARGET_REF: lazy_ugettext(
106 'This pull request cannot be merged because the target '
106 'This pull request cannot be merged because the target '
107 'reference is missing.'),
107 'reference is missing.'),
108 MergeFailureReason.MISSING_SOURCE_REF: lazy_ugettext(
108 MergeFailureReason.MISSING_SOURCE_REF: lazy_ugettext(
109 'This pull request cannot be merged because the source '
109 'This pull request cannot be merged because the source '
110 'reference is missing.'),
110 'reference is missing.'),
111 MergeFailureReason.SUBREPO_MERGE_FAILED: lazy_ugettext(
111 MergeFailureReason.SUBREPO_MERGE_FAILED: lazy_ugettext(
112 'This pull request cannot be merged because of conflicts related '
112 'This pull request cannot be merged because of conflicts related '
113 'to sub repositories.'),
113 'to sub repositories.'),
114 }
114 }
115
115
116 UPDATE_STATUS_MESSAGES = {
116 UPDATE_STATUS_MESSAGES = {
117 UpdateFailureReason.NONE: lazy_ugettext(
117 UpdateFailureReason.NONE: lazy_ugettext(
118 'Pull request update successful.'),
118 'Pull request update successful.'),
119 UpdateFailureReason.UNKNOWN: lazy_ugettext(
119 UpdateFailureReason.UNKNOWN: lazy_ugettext(
120 'Pull request update failed because of an unknown error.'),
120 'Pull request update failed because of an unknown error.'),
121 UpdateFailureReason.NO_CHANGE: lazy_ugettext(
121 UpdateFailureReason.NO_CHANGE: lazy_ugettext(
122 'No update needed because the source and target have not changed.'),
122 'No update needed because the source and target have not changed.'),
123 UpdateFailureReason.WRONG_REF_TYPE: lazy_ugettext(
123 UpdateFailureReason.WRONG_REF_TYPE: lazy_ugettext(
124 'Pull request cannot be updated because the reference type is '
124 'Pull request cannot be updated because the reference type is '
125 'not supported for an update. Only Branch, Tag or Bookmark is allowed.'),
125 'not supported for an update. Only Branch, Tag or Bookmark is allowed.'),
126 UpdateFailureReason.MISSING_TARGET_REF: lazy_ugettext(
126 UpdateFailureReason.MISSING_TARGET_REF: lazy_ugettext(
127 'This pull request cannot be updated because the target '
127 'This pull request cannot be updated because the target '
128 'reference is missing.'),
128 'reference is missing.'),
129 UpdateFailureReason.MISSING_SOURCE_REF: lazy_ugettext(
129 UpdateFailureReason.MISSING_SOURCE_REF: lazy_ugettext(
130 'This pull request cannot be updated because the source '
130 'This pull request cannot be updated because the source '
131 'reference is missing.'),
131 'reference is missing.'),
132 }
132 }
133
133
134 def __get_pull_request(self, pull_request):
134 def __get_pull_request(self, pull_request):
135 return self._get_instance((
135 return self._get_instance((
136 PullRequest, PullRequestVersion), pull_request)
136 PullRequest, PullRequestVersion), pull_request)
137
137
138 def _check_perms(self, perms, pull_request, user, api=False):
138 def _check_perms(self, perms, pull_request, user, api=False):
139 if not api:
139 if not api:
140 return h.HasRepoPermissionAny(*perms)(
140 return h.HasRepoPermissionAny(*perms)(
141 user=user, repo_name=pull_request.target_repo.repo_name)
141 user=user, repo_name=pull_request.target_repo.repo_name)
142 else:
142 else:
143 return h.HasRepoPermissionAnyApi(*perms)(
143 return h.HasRepoPermissionAnyApi(*perms)(
144 user=user, repo_name=pull_request.target_repo.repo_name)
144 user=user, repo_name=pull_request.target_repo.repo_name)
145
145
146 def check_user_read(self, pull_request, user, api=False):
146 def check_user_read(self, pull_request, user, api=False):
147 _perms = ('repository.admin', 'repository.write', 'repository.read',)
147 _perms = ('repository.admin', 'repository.write', 'repository.read',)
148 return self._check_perms(_perms, pull_request, user, api)
148 return self._check_perms(_perms, pull_request, user, api)
149
149
150 def check_user_merge(self, pull_request, user, api=False):
150 def check_user_merge(self, pull_request, user, api=False):
151 _perms = ('repository.admin', 'repository.write', 'hg.admin',)
151 _perms = ('repository.admin', 'repository.write', 'hg.admin',)
152 return self._check_perms(_perms, pull_request, user, api)
152 return self._check_perms(_perms, pull_request, user, api)
153
153
154 def check_user_update(self, pull_request, user, api=False):
154 def check_user_update(self, pull_request, user, api=False):
155 owner = user.user_id == pull_request.user_id
155 owner = user.user_id == pull_request.user_id
156 return self.check_user_merge(pull_request, user, api) or owner
156 return self.check_user_merge(pull_request, user, api) or owner
157
157
158 def check_user_delete(self, pull_request, user):
158 def check_user_delete(self, pull_request, user):
159 owner = user.user_id == pull_request.user_id
159 owner = user.user_id == pull_request.user_id
160 _perms = ('repository.admin',)
160 _perms = ('repository.admin',)
161 return self._check_perms(_perms, pull_request, user) or owner
161 return self._check_perms(_perms, pull_request, user) or owner
162
162
163 def check_user_change_status(self, pull_request, user, api=False):
163 def check_user_change_status(self, pull_request, user, api=False):
164 reviewer = user.user_id in [x.user_id for x in
164 reviewer = user.user_id in [x.user_id for x in
165 pull_request.reviewers]
165 pull_request.reviewers]
166 return self.check_user_update(pull_request, user, api) or reviewer
166 return self.check_user_update(pull_request, user, api) or reviewer
167
167
168 def get(self, pull_request):
168 def get(self, pull_request):
169 return self.__get_pull_request(pull_request)
169 return self.__get_pull_request(pull_request)
170
170
171 def _prepare_get_all_query(self, repo_name, source=False, statuses=None,
171 def _prepare_get_all_query(self, repo_name, source=False, statuses=None,
172 opened_by=None, order_by=None,
172 opened_by=None, order_by=None,
173 order_dir='desc'):
173 order_dir='desc'):
174 repo = None
174 repo = None
175 if repo_name:
175 if repo_name:
176 repo = self._get_repo(repo_name)
176 repo = self._get_repo(repo_name)
177
177
178 q = PullRequest.query()
178 q = PullRequest.query()
179
179
180 # source or target
180 # source or target
181 if repo and source:
181 if repo and source:
182 q = q.filter(PullRequest.source_repo == repo)
182 q = q.filter(PullRequest.source_repo == repo)
183 elif repo:
183 elif repo:
184 q = q.filter(PullRequest.target_repo == repo)
184 q = q.filter(PullRequest.target_repo == repo)
185
185
186 # closed,opened
186 # closed,opened
187 if statuses:
187 if statuses:
188 q = q.filter(PullRequest.status.in_(statuses))
188 q = q.filter(PullRequest.status.in_(statuses))
189
189
190 # opened by filter
190 # opened by filter
191 if opened_by:
191 if opened_by:
192 q = q.filter(PullRequest.user_id.in_(opened_by))
192 q = q.filter(PullRequest.user_id.in_(opened_by))
193
193
194 if order_by:
194 if order_by:
195 order_map = {
195 order_map = {
196 'name_raw': PullRequest.pull_request_id,
196 'name_raw': PullRequest.pull_request_id,
197 'title': PullRequest.title,
197 'title': PullRequest.title,
198 'updated_on_raw': PullRequest.updated_on,
198 'updated_on_raw': PullRequest.updated_on,
199 'target_repo': PullRequest.target_repo_id
199 'target_repo': PullRequest.target_repo_id
200 }
200 }
201 if order_dir == 'asc':
201 if order_dir == 'asc':
202 q = q.order_by(order_map[order_by].asc())
202 q = q.order_by(order_map[order_by].asc())
203 else:
203 else:
204 q = q.order_by(order_map[order_by].desc())
204 q = q.order_by(order_map[order_by].desc())
205
205
206 return q
206 return q
207
207
208 def count_all(self, repo_name, source=False, statuses=None,
208 def count_all(self, repo_name, source=False, statuses=None,
209 opened_by=None):
209 opened_by=None):
210 """
210 """
211 Count the number of pull requests for a specific repository.
211 Count the number of pull requests for a specific repository.
212
212
213 :param repo_name: target or source repo
213 :param repo_name: target or source repo
214 :param source: boolean flag to specify if repo_name refers to source
214 :param source: boolean flag to specify if repo_name refers to source
215 :param statuses: list of pull request statuses
215 :param statuses: list of pull request statuses
216 :param opened_by: author user of the pull request
216 :param opened_by: author user of the pull request
217 :returns: int number of pull requests
217 :returns: int number of pull requests
218 """
218 """
219 q = self._prepare_get_all_query(
219 q = self._prepare_get_all_query(
220 repo_name, source=source, statuses=statuses, opened_by=opened_by)
220 repo_name, source=source, statuses=statuses, opened_by=opened_by)
221
221
222 return q.count()
222 return q.count()
223
223
224 def get_all(self, repo_name, source=False, statuses=None, opened_by=None,
224 def get_all(self, repo_name, source=False, statuses=None, opened_by=None,
225 offset=0, length=None, order_by=None, order_dir='desc'):
225 offset=0, length=None, order_by=None, order_dir='desc'):
226 """
226 """
227 Get all pull requests for a specific repository.
227 Get all pull requests for a specific repository.
228
228
229 :param repo_name: target or source repo
229 :param repo_name: target or source repo
230 :param source: boolean flag to specify if repo_name refers to source
230 :param source: boolean flag to specify if repo_name refers to source
231 :param statuses: list of pull request statuses
231 :param statuses: list of pull request statuses
232 :param opened_by: author user of the pull request
232 :param opened_by: author user of the pull request
233 :param offset: pagination offset
233 :param offset: pagination offset
234 :param length: length of returned list
234 :param length: length of returned list
235 :param order_by: order of the returned list
235 :param order_by: order of the returned list
236 :param order_dir: 'asc' or 'desc' ordering direction
236 :param order_dir: 'asc' or 'desc' ordering direction
237 :returns: list of pull requests
237 :returns: list of pull requests
238 """
238 """
239 q = self._prepare_get_all_query(
239 q = self._prepare_get_all_query(
240 repo_name, source=source, statuses=statuses, opened_by=opened_by,
240 repo_name, source=source, statuses=statuses, opened_by=opened_by,
241 order_by=order_by, order_dir=order_dir)
241 order_by=order_by, order_dir=order_dir)
242
242
243 if length:
243 if length:
244 pull_requests = q.limit(length).offset(offset).all()
244 pull_requests = q.limit(length).offset(offset).all()
245 else:
245 else:
246 pull_requests = q.all()
246 pull_requests = q.all()
247
247
248 return pull_requests
248 return pull_requests
249
249
250 def count_awaiting_review(self, repo_name, source=False, statuses=None,
250 def count_awaiting_review(self, repo_name, source=False, statuses=None,
251 opened_by=None):
251 opened_by=None):
252 """
252 """
253 Count the number of pull requests for a specific repository that are
253 Count the number of pull requests for a specific repository that are
254 awaiting review.
254 awaiting review.
255
255
256 :param repo_name: target or source repo
256 :param repo_name: target or source repo
257 :param source: boolean flag to specify if repo_name refers to source
257 :param source: boolean flag to specify if repo_name refers to source
258 :param statuses: list of pull request statuses
258 :param statuses: list of pull request statuses
259 :param opened_by: author user of the pull request
259 :param opened_by: author user of the pull request
260 :returns: int number of pull requests
260 :returns: int number of pull requests
261 """
261 """
262 pull_requests = self.get_awaiting_review(
262 pull_requests = self.get_awaiting_review(
263 repo_name, source=source, statuses=statuses, opened_by=opened_by)
263 repo_name, source=source, statuses=statuses, opened_by=opened_by)
264
264
265 return len(pull_requests)
265 return len(pull_requests)
266
266
267 def get_awaiting_review(self, repo_name, source=False, statuses=None,
267 def get_awaiting_review(self, repo_name, source=False, statuses=None,
268 opened_by=None, offset=0, length=None,
268 opened_by=None, offset=0, length=None,
269 order_by=None, order_dir='desc'):
269 order_by=None, order_dir='desc'):
270 """
270 """
271 Get all pull requests for a specific repository that are awaiting
271 Get all pull requests for a specific repository that are awaiting
272 review.
272 review.
273
273
274 :param repo_name: target or source repo
274 :param repo_name: target or source repo
275 :param source: boolean flag to specify if repo_name refers to source
275 :param source: boolean flag to specify if repo_name refers to source
276 :param statuses: list of pull request statuses
276 :param statuses: list of pull request statuses
277 :param opened_by: author user of the pull request
277 :param opened_by: author user of the pull request
278 :param offset: pagination offset
278 :param offset: pagination offset
279 :param length: length of returned list
279 :param length: length of returned list
280 :param order_by: order of the returned list
280 :param order_by: order of the returned list
281 :param order_dir: 'asc' or 'desc' ordering direction
281 :param order_dir: 'asc' or 'desc' ordering direction
282 :returns: list of pull requests
282 :returns: list of pull requests
283 """
283 """
284 pull_requests = self.get_all(
284 pull_requests = self.get_all(
285 repo_name, source=source, statuses=statuses, opened_by=opened_by,
285 repo_name, source=source, statuses=statuses, opened_by=opened_by,
286 order_by=order_by, order_dir=order_dir)
286 order_by=order_by, order_dir=order_dir)
287
287
288 _filtered_pull_requests = []
288 _filtered_pull_requests = []
289 for pr in pull_requests:
289 for pr in pull_requests:
290 status = pr.calculated_review_status()
290 status = pr.calculated_review_status()
291 if status in [ChangesetStatus.STATUS_NOT_REVIEWED,
291 if status in [ChangesetStatus.STATUS_NOT_REVIEWED,
292 ChangesetStatus.STATUS_UNDER_REVIEW]:
292 ChangesetStatus.STATUS_UNDER_REVIEW]:
293 _filtered_pull_requests.append(pr)
293 _filtered_pull_requests.append(pr)
294 if length:
294 if length:
295 return _filtered_pull_requests[offset:offset+length]
295 return _filtered_pull_requests[offset:offset+length]
296 else:
296 else:
297 return _filtered_pull_requests
297 return _filtered_pull_requests
298
298
299 def count_awaiting_my_review(self, repo_name, source=False, statuses=None,
299 def count_awaiting_my_review(self, repo_name, source=False, statuses=None,
300 opened_by=None, user_id=None):
300 opened_by=None, user_id=None):
301 """
301 """
302 Count the number of pull requests for a specific repository that are
302 Count the number of pull requests for a specific repository that are
303 awaiting review from a specific user.
303 awaiting review from a specific user.
304
304
305 :param repo_name: target or source repo
305 :param repo_name: target or source repo
306 :param source: boolean flag to specify if repo_name refers to source
306 :param source: boolean flag to specify if repo_name refers to source
307 :param statuses: list of pull request statuses
307 :param statuses: list of pull request statuses
308 :param opened_by: author user of the pull request
308 :param opened_by: author user of the pull request
309 :param user_id: reviewer user of the pull request
309 :param user_id: reviewer user of the pull request
310 :returns: int number of pull requests
310 :returns: int number of pull requests
311 """
311 """
312 pull_requests = self.get_awaiting_my_review(
312 pull_requests = self.get_awaiting_my_review(
313 repo_name, source=source, statuses=statuses, opened_by=opened_by,
313 repo_name, source=source, statuses=statuses, opened_by=opened_by,
314 user_id=user_id)
314 user_id=user_id)
315
315
316 return len(pull_requests)
316 return len(pull_requests)
317
317
318 def get_awaiting_my_review(self, repo_name, source=False, statuses=None,
318 def get_awaiting_my_review(self, repo_name, source=False, statuses=None,
319 opened_by=None, user_id=None, offset=0,
319 opened_by=None, user_id=None, offset=0,
320 length=None, order_by=None, order_dir='desc'):
320 length=None, order_by=None, order_dir='desc'):
321 """
321 """
322 Get all pull requests for a specific repository that are awaiting
322 Get all pull requests for a specific repository that are awaiting
323 review from a specific user.
323 review from a specific user.
324
324
325 :param repo_name: target or source repo
325 :param repo_name: target or source repo
326 :param source: boolean flag to specify if repo_name refers to source
326 :param source: boolean flag to specify if repo_name refers to source
327 :param statuses: list of pull request statuses
327 :param statuses: list of pull request statuses
328 :param opened_by: author user of the pull request
328 :param opened_by: author user of the pull request
329 :param user_id: reviewer user of the pull request
329 :param user_id: reviewer user of the pull request
330 :param offset: pagination offset
330 :param offset: pagination offset
331 :param length: length of returned list
331 :param length: length of returned list
332 :param order_by: order of the returned list
332 :param order_by: order of the returned list
333 :param order_dir: 'asc' or 'desc' ordering direction
333 :param order_dir: 'asc' or 'desc' ordering direction
334 :returns: list of pull requests
334 :returns: list of pull requests
335 """
335 """
336 pull_requests = self.get_all(
336 pull_requests = self.get_all(
337 repo_name, source=source, statuses=statuses, opened_by=opened_by,
337 repo_name, source=source, statuses=statuses, opened_by=opened_by,
338 order_by=order_by, order_dir=order_dir)
338 order_by=order_by, order_dir=order_dir)
339
339
340 _my = PullRequestModel().get_not_reviewed(user_id)
340 _my = PullRequestModel().get_not_reviewed(user_id)
341 my_participation = []
341 my_participation = []
342 for pr in pull_requests:
342 for pr in pull_requests:
343 if pr in _my:
343 if pr in _my:
344 my_participation.append(pr)
344 my_participation.append(pr)
345 _filtered_pull_requests = my_participation
345 _filtered_pull_requests = my_participation
346 if length:
346 if length:
347 return _filtered_pull_requests[offset:offset+length]
347 return _filtered_pull_requests[offset:offset+length]
348 else:
348 else:
349 return _filtered_pull_requests
349 return _filtered_pull_requests
350
350
351 def get_not_reviewed(self, user_id):
351 def get_not_reviewed(self, user_id):
352 return [
352 return [
353 x.pull_request for x in PullRequestReviewers.query().filter(
353 x.pull_request for x in PullRequestReviewers.query().filter(
354 PullRequestReviewers.user_id == user_id).all()
354 PullRequestReviewers.user_id == user_id).all()
355 ]
355 ]
356
356
357 def _prepare_participating_query(self, user_id=None, statuses=None,
357 def _prepare_participating_query(self, user_id=None, statuses=None,
358 order_by=None, order_dir='desc'):
358 order_by=None, order_dir='desc'):
359 q = PullRequest.query()
359 q = PullRequest.query()
360 if user_id:
360 if user_id:
361 reviewers_subquery = Session().query(
361 reviewers_subquery = Session().query(
362 PullRequestReviewers.pull_request_id).filter(
362 PullRequestReviewers.pull_request_id).filter(
363 PullRequestReviewers.user_id == user_id).subquery()
363 PullRequestReviewers.user_id == user_id).subquery()
364 user_filter= or_(
364 user_filter= or_(
365 PullRequest.user_id == user_id,
365 PullRequest.user_id == user_id,
366 PullRequest.pull_request_id.in_(reviewers_subquery)
366 PullRequest.pull_request_id.in_(reviewers_subquery)
367 )
367 )
368 q = PullRequest.query().filter(user_filter)
368 q = PullRequest.query().filter(user_filter)
369
369
370 # closed,opened
370 # closed,opened
371 if statuses:
371 if statuses:
372 q = q.filter(PullRequest.status.in_(statuses))
372 q = q.filter(PullRequest.status.in_(statuses))
373
373
374 if order_by:
374 if order_by:
375 order_map = {
375 order_map = {
376 'name_raw': PullRequest.pull_request_id,
376 'name_raw': PullRequest.pull_request_id,
377 'title': PullRequest.title,
377 'title': PullRequest.title,
378 'updated_on_raw': PullRequest.updated_on,
378 'updated_on_raw': PullRequest.updated_on,
379 'target_repo': PullRequest.target_repo_id
379 'target_repo': PullRequest.target_repo_id
380 }
380 }
381 if order_dir == 'asc':
381 if order_dir == 'asc':
382 q = q.order_by(order_map[order_by].asc())
382 q = q.order_by(order_map[order_by].asc())
383 else:
383 else:
384 q = q.order_by(order_map[order_by].desc())
384 q = q.order_by(order_map[order_by].desc())
385
385
386 return q
386 return q
387
387
388 def count_im_participating_in(self, user_id=None, statuses=None):
388 def count_im_participating_in(self, user_id=None, statuses=None):
389 q = self._prepare_participating_query(user_id, statuses=statuses)
389 q = self._prepare_participating_query(user_id, statuses=statuses)
390 return q.count()
390 return q.count()
391
391
392 def get_im_participating_in(
392 def get_im_participating_in(
393 self, user_id=None, statuses=None, offset=0,
393 self, user_id=None, statuses=None, offset=0,
394 length=None, order_by=None, order_dir='desc'):
394 length=None, order_by=None, order_dir='desc'):
395 """
395 """
396 Get all Pull requests that i'm participating in, or i have opened
396 Get all Pull requests that i'm participating in, or i have opened
397 """
397 """
398
398
399 q = self._prepare_participating_query(
399 q = self._prepare_participating_query(
400 user_id, statuses=statuses, order_by=order_by,
400 user_id, statuses=statuses, order_by=order_by,
401 order_dir=order_dir)
401 order_dir=order_dir)
402
402
403 if length:
403 if length:
404 pull_requests = q.limit(length).offset(offset).all()
404 pull_requests = q.limit(length).offset(offset).all()
405 else:
405 else:
406 pull_requests = q.all()
406 pull_requests = q.all()
407
407
408 return pull_requests
408 return pull_requests
409
409
410 def get_versions(self, pull_request):
410 def get_versions(self, pull_request):
411 """
411 """
412 returns version of pull request sorted by ID descending
412 returns version of pull request sorted by ID descending
413 """
413 """
414 return PullRequestVersion.query()\
414 return PullRequestVersion.query()\
415 .filter(PullRequestVersion.pull_request == pull_request)\
415 .filter(PullRequestVersion.pull_request == pull_request)\
416 .order_by(PullRequestVersion.pull_request_version_id.asc())\
416 .order_by(PullRequestVersion.pull_request_version_id.asc())\
417 .all()
417 .all()
418
418
419 def create(self, created_by, source_repo, source_ref, target_repo,
419 def create(self, created_by, source_repo, source_ref, target_repo,
420 target_ref, revisions, reviewers, title, description=None,
420 target_ref, revisions, reviewers, title, description=None,
421 reviewer_data=None):
421 reviewer_data=None):
422
422
423 created_by_user = self._get_user(created_by)
423 created_by_user = self._get_user(created_by)
424 source_repo = self._get_repo(source_repo)
424 source_repo = self._get_repo(source_repo)
425 target_repo = self._get_repo(target_repo)
425 target_repo = self._get_repo(target_repo)
426
426
427 pull_request = PullRequest()
427 pull_request = PullRequest()
428 pull_request.source_repo = source_repo
428 pull_request.source_repo = source_repo
429 pull_request.source_ref = source_ref
429 pull_request.source_ref = source_ref
430 pull_request.target_repo = target_repo
430 pull_request.target_repo = target_repo
431 pull_request.target_ref = target_ref
431 pull_request.target_ref = target_ref
432 pull_request.revisions = revisions
432 pull_request.revisions = revisions
433 pull_request.title = title
433 pull_request.title = title
434 pull_request.description = description
434 pull_request.description = description
435 pull_request.author = created_by_user
435 pull_request.author = created_by_user
436 pull_request.reviewer_data = reviewer_data
436 pull_request.reviewer_data = reviewer_data
437
437
438 Session().add(pull_request)
438 Session().add(pull_request)
439 Session().flush()
439 Session().flush()
440
440
441 reviewer_ids = set()
441 reviewer_ids = set()
442 # members / reviewers
442 # members / reviewers
443 for reviewer_object in reviewers:
443 for reviewer_object in reviewers:
444 user_id, reasons, mandatory = reviewer_object
444 user_id, reasons, mandatory = reviewer_object
445 user = self._get_user(user_id)
445 user = self._get_user(user_id)
446
446
447 # skip duplicates
447 # skip duplicates
448 if user.user_id in reviewer_ids:
448 if user.user_id in reviewer_ids:
449 continue
449 continue
450
450
451 reviewer_ids.add(user.user_id)
451 reviewer_ids.add(user.user_id)
452
452
453 reviewer = PullRequestReviewers()
453 reviewer = PullRequestReviewers()
454 reviewer.user = user
454 reviewer.user = user
455 reviewer.pull_request = pull_request
455 reviewer.pull_request = pull_request
456 reviewer.reasons = reasons
456 reviewer.reasons = reasons
457 reviewer.mandatory = mandatory
457 reviewer.mandatory = mandatory
458 Session().add(reviewer)
458 Session().add(reviewer)
459
459
460 # Set approval status to "Under Review" for all commits which are
460 # Set approval status to "Under Review" for all commits which are
461 # part of this pull request.
461 # part of this pull request.
462 ChangesetStatusModel().set_status(
462 ChangesetStatusModel().set_status(
463 repo=target_repo,
463 repo=target_repo,
464 status=ChangesetStatus.STATUS_UNDER_REVIEW,
464 status=ChangesetStatus.STATUS_UNDER_REVIEW,
465 user=created_by_user,
465 user=created_by_user,
466 pull_request=pull_request
466 pull_request=pull_request
467 )
467 )
468
468
469 self.notify_reviewers(pull_request, reviewer_ids)
469 self.notify_reviewers(pull_request, reviewer_ids)
470 self._trigger_pull_request_hook(
470 self._trigger_pull_request_hook(
471 pull_request, created_by_user, 'create')
471 pull_request, created_by_user, 'create')
472
472
473 creation_data = pull_request.get_api_data(with_merge_state=False)
473 creation_data = pull_request.get_api_data(with_merge_state=False)
474 self._log_audit_action(
474 self._log_audit_action(
475 'repo.pull_request.create', {'data': creation_data},
475 'repo.pull_request.create', {'data': creation_data},
476 created_by_user, pull_request)
476 created_by_user, pull_request)
477
477
478 return pull_request
478 return pull_request
479
479
480 def _trigger_pull_request_hook(self, pull_request, user, action):
480 def _trigger_pull_request_hook(self, pull_request, user, action):
481 pull_request = self.__get_pull_request(pull_request)
481 pull_request = self.__get_pull_request(pull_request)
482 target_scm = pull_request.target_repo.scm_instance()
482 target_scm = pull_request.target_repo.scm_instance()
483 if action == 'create':
483 if action == 'create':
484 trigger_hook = hooks_utils.trigger_log_create_pull_request_hook
484 trigger_hook = hooks_utils.trigger_log_create_pull_request_hook
485 elif action == 'merge':
485 elif action == 'merge':
486 trigger_hook = hooks_utils.trigger_log_merge_pull_request_hook
486 trigger_hook = hooks_utils.trigger_log_merge_pull_request_hook
487 elif action == 'close':
487 elif action == 'close':
488 trigger_hook = hooks_utils.trigger_log_close_pull_request_hook
488 trigger_hook = hooks_utils.trigger_log_close_pull_request_hook
489 elif action == 'review_status_change':
489 elif action == 'review_status_change':
490 trigger_hook = hooks_utils.trigger_log_review_pull_request_hook
490 trigger_hook = hooks_utils.trigger_log_review_pull_request_hook
491 elif action == 'update':
491 elif action == 'update':
492 trigger_hook = hooks_utils.trigger_log_update_pull_request_hook
492 trigger_hook = hooks_utils.trigger_log_update_pull_request_hook
493 else:
493 else:
494 return
494 return
495
495
496 trigger_hook(
496 trigger_hook(
497 username=user.username,
497 username=user.username,
498 repo_name=pull_request.target_repo.repo_name,
498 repo_name=pull_request.target_repo.repo_name,
499 repo_alias=target_scm.alias,
499 repo_alias=target_scm.alias,
500 pull_request=pull_request)
500 pull_request=pull_request)
501
501
502 def _get_commit_ids(self, pull_request):
502 def _get_commit_ids(self, pull_request):
503 """
503 """
504 Return the commit ids of the merged pull request.
504 Return the commit ids of the merged pull request.
505
505
506 This method is not dealing correctly yet with the lack of autoupdates
506 This method is not dealing correctly yet with the lack of autoupdates
507 nor with the implicit target updates.
507 nor with the implicit target updates.
508 For example: if a commit in the source repo is already in the target it
508 For example: if a commit in the source repo is already in the target it
509 will be reported anyways.
509 will be reported anyways.
510 """
510 """
511 merge_rev = pull_request.merge_rev
511 merge_rev = pull_request.merge_rev
512 if merge_rev is None:
512 if merge_rev is None:
513 raise ValueError('This pull request was not merged yet')
513 raise ValueError('This pull request was not merged yet')
514
514
515 commit_ids = list(pull_request.revisions)
515 commit_ids = list(pull_request.revisions)
516 if merge_rev not in commit_ids:
516 if merge_rev not in commit_ids:
517 commit_ids.append(merge_rev)
517 commit_ids.append(merge_rev)
518
518
519 return commit_ids
519 return commit_ids
520
520
521 def merge(self, pull_request, user, extras):
521 def merge(self, pull_request, user, extras):
522 log.debug("Merging pull request %s", pull_request.pull_request_id)
522 log.debug("Merging pull request %s", pull_request.pull_request_id)
523 merge_state = self._merge_pull_request(pull_request, user, extras)
523 merge_state = self._merge_pull_request(pull_request, user, extras)
524 if merge_state.executed:
524 if merge_state.executed:
525 log.debug(
525 log.debug(
526 "Merge was successful, updating the pull request comments.")
526 "Merge was successful, updating the pull request comments.")
527 self._comment_and_close_pr(pull_request, user, merge_state)
527 self._comment_and_close_pr(pull_request, user, merge_state)
528
528
529 self._log_audit_action(
529 self._log_audit_action(
530 'repo.pull_request.merge',
530 'repo.pull_request.merge',
531 {'merge_state': merge_state.__dict__},
531 {'merge_state': merge_state.__dict__},
532 user, pull_request)
532 user, pull_request)
533
533
534 else:
534 else:
535 log.warn("Merge failed, not updating the pull request.")
535 log.warn("Merge failed, not updating the pull request.")
536 return merge_state
536 return merge_state
537
537
538 def _merge_pull_request(self, pull_request, user, extras):
538 def _merge_pull_request(self, pull_request, user, extras):
539 target_vcs = pull_request.target_repo.scm_instance()
539 target_vcs = pull_request.target_repo.scm_instance()
540 source_vcs = pull_request.source_repo.scm_instance()
540 source_vcs = pull_request.source_repo.scm_instance()
541 target_ref = self._refresh_reference(
541 target_ref = self._refresh_reference(
542 pull_request.target_ref_parts, target_vcs)
542 pull_request.target_ref_parts, target_vcs)
543
543
544 message = _(
544 message = _(
545 'Merge pull request #%(pr_id)s from '
545 'Merge pull request #%(pr_id)s from '
546 '%(source_repo)s %(source_ref_name)s\n\n %(pr_title)s') % {
546 '%(source_repo)s %(source_ref_name)s\n\n %(pr_title)s') % {
547 'pr_id': pull_request.pull_request_id,
547 'pr_id': pull_request.pull_request_id,
548 'source_repo': source_vcs.name,
548 'source_repo': source_vcs.name,
549 'source_ref_name': pull_request.source_ref_parts.name,
549 'source_ref_name': pull_request.source_ref_parts.name,
550 'pr_title': pull_request.title
550 'pr_title': pull_request.title
551 }
551 }
552
552
553 workspace_id = self._workspace_id(pull_request)
553 workspace_id = self._workspace_id(pull_request)
554 use_rebase = self._use_rebase_for_merging(pull_request)
554 use_rebase = self._use_rebase_for_merging(pull_request)
555
555
556 callback_daemon, extras = prepare_callback_daemon(
556 callback_daemon, extras = prepare_callback_daemon(
557 extras, protocol=vcs_settings.HOOKS_PROTOCOL,
557 extras, protocol=vcs_settings.HOOKS_PROTOCOL,
558 use_direct_calls=vcs_settings.HOOKS_DIRECT_CALLS)
558 use_direct_calls=vcs_settings.HOOKS_DIRECT_CALLS)
559
559
560 with callback_daemon:
560 with callback_daemon:
561 # TODO: johbo: Implement a clean way to run a config_override
561 # TODO: johbo: Implement a clean way to run a config_override
562 # for a single call.
562 # for a single call.
563 target_vcs.config.set(
563 target_vcs.config.set(
564 'rhodecode', 'RC_SCM_DATA', json.dumps(extras))
564 'rhodecode', 'RC_SCM_DATA', json.dumps(extras))
565 merge_state = target_vcs.merge(
565 merge_state = target_vcs.merge(
566 target_ref, source_vcs, pull_request.source_ref_parts,
566 target_ref, source_vcs, pull_request.source_ref_parts,
567 workspace_id, user_name=user.username,
567 workspace_id, user_name=user.username,
568 user_email=user.email, message=message, use_rebase=use_rebase)
568 user_email=user.email, message=message, use_rebase=use_rebase)
569 return merge_state
569 return merge_state
570
570
571 def _comment_and_close_pr(self, pull_request, user, merge_state):
571 def _comment_and_close_pr(self, pull_request, user, merge_state):
572 pull_request.merge_rev = merge_state.merge_ref.commit_id
572 pull_request.merge_rev = merge_state.merge_ref.commit_id
573 pull_request.updated_on = datetime.datetime.now()
573 pull_request.updated_on = datetime.datetime.now()
574
574
575 CommentsModel().create(
575 CommentsModel().create(
576 text=unicode(_('Pull request merged and closed')),
576 text=unicode(_('Pull request merged and closed')),
577 repo=pull_request.target_repo.repo_id,
577 repo=pull_request.target_repo.repo_id,
578 user=user.user_id,
578 user=user.user_id,
579 pull_request=pull_request.pull_request_id,
579 pull_request=pull_request.pull_request_id,
580 f_path=None,
580 f_path=None,
581 line_no=None,
581 line_no=None,
582 closing_pr=True
582 closing_pr=True
583 )
583 )
584
584
585 Session().add(pull_request)
585 Session().add(pull_request)
586 Session().flush()
586 Session().flush()
587 # TODO: paris: replace invalidation with less radical solution
587 # TODO: paris: replace invalidation with less radical solution
588 ScmModel().mark_for_invalidation(
588 ScmModel().mark_for_invalidation(
589 pull_request.target_repo.repo_name)
589 pull_request.target_repo.repo_name)
590 self._trigger_pull_request_hook(pull_request, user, 'merge')
590 self._trigger_pull_request_hook(pull_request, user, 'merge')
591
591
592 def has_valid_update_type(self, pull_request):
592 def has_valid_update_type(self, pull_request):
593 source_ref_type = pull_request.source_ref_parts.type
593 source_ref_type = pull_request.source_ref_parts.type
594 return source_ref_type in ['book', 'branch', 'tag']
594 return source_ref_type in ['book', 'branch', 'tag']
595
595
596 def update_commits(self, pull_request):
596 def update_commits(self, pull_request):
597 """
597 """
598 Get the updated list of commits for the pull request
598 Get the updated list of commits for the pull request
599 and return the new pull request version and the list
599 and return the new pull request version and the list
600 of commits processed by this update action
600 of commits processed by this update action
601 """
601 """
602 pull_request = self.__get_pull_request(pull_request)
602 pull_request = self.__get_pull_request(pull_request)
603 source_ref_type = pull_request.source_ref_parts.type
603 source_ref_type = pull_request.source_ref_parts.type
604 source_ref_name = pull_request.source_ref_parts.name
604 source_ref_name = pull_request.source_ref_parts.name
605 source_ref_id = pull_request.source_ref_parts.commit_id
605 source_ref_id = pull_request.source_ref_parts.commit_id
606
606
607 target_ref_type = pull_request.target_ref_parts.type
607 target_ref_type = pull_request.target_ref_parts.type
608 target_ref_name = pull_request.target_ref_parts.name
608 target_ref_name = pull_request.target_ref_parts.name
609 target_ref_id = pull_request.target_ref_parts.commit_id
609 target_ref_id = pull_request.target_ref_parts.commit_id
610
610
611 if not self.has_valid_update_type(pull_request):
611 if not self.has_valid_update_type(pull_request):
612 log.debug(
612 log.debug(
613 "Skipping update of pull request %s due to ref type: %s",
613 "Skipping update of pull request %s due to ref type: %s",
614 pull_request, source_ref_type)
614 pull_request, source_ref_type)
615 return UpdateResponse(
615 return UpdateResponse(
616 executed=False,
616 executed=False,
617 reason=UpdateFailureReason.WRONG_REF_TYPE,
617 reason=UpdateFailureReason.WRONG_REF_TYPE,
618 old=pull_request, new=None, changes=None,
618 old=pull_request, new=None, changes=None,
619 source_changed=False, target_changed=False)
619 source_changed=False, target_changed=False)
620
620
621 # source repo
621 # source repo
622 source_repo = pull_request.source_repo.scm_instance()
622 source_repo = pull_request.source_repo.scm_instance()
623 try:
623 try:
624 source_commit = source_repo.get_commit(commit_id=source_ref_name)
624 source_commit = source_repo.get_commit(commit_id=source_ref_name)
625 except CommitDoesNotExistError:
625 except CommitDoesNotExistError:
626 return UpdateResponse(
626 return UpdateResponse(
627 executed=False,
627 executed=False,
628 reason=UpdateFailureReason.MISSING_SOURCE_REF,
628 reason=UpdateFailureReason.MISSING_SOURCE_REF,
629 old=pull_request, new=None, changes=None,
629 old=pull_request, new=None, changes=None,
630 source_changed=False, target_changed=False)
630 source_changed=False, target_changed=False)
631
631
632 source_changed = source_ref_id != source_commit.raw_id
632 source_changed = source_ref_id != source_commit.raw_id
633
633
634 # target repo
634 # target repo
635 target_repo = pull_request.target_repo.scm_instance()
635 target_repo = pull_request.target_repo.scm_instance()
636 try:
636 try:
637 target_commit = target_repo.get_commit(commit_id=target_ref_name)
637 target_commit = target_repo.get_commit(commit_id=target_ref_name)
638 except CommitDoesNotExistError:
638 except CommitDoesNotExistError:
639 return UpdateResponse(
639 return UpdateResponse(
640 executed=False,
640 executed=False,
641 reason=UpdateFailureReason.MISSING_TARGET_REF,
641 reason=UpdateFailureReason.MISSING_TARGET_REF,
642 old=pull_request, new=None, changes=None,
642 old=pull_request, new=None, changes=None,
643 source_changed=False, target_changed=False)
643 source_changed=False, target_changed=False)
644 target_changed = target_ref_id != target_commit.raw_id
644 target_changed = target_ref_id != target_commit.raw_id
645
645
646 if not (source_changed or target_changed):
646 if not (source_changed or target_changed):
647 log.debug("Nothing changed in pull request %s", pull_request)
647 log.debug("Nothing changed in pull request %s", pull_request)
648 return UpdateResponse(
648 return UpdateResponse(
649 executed=False,
649 executed=False,
650 reason=UpdateFailureReason.NO_CHANGE,
650 reason=UpdateFailureReason.NO_CHANGE,
651 old=pull_request, new=None, changes=None,
651 old=pull_request, new=None, changes=None,
652 source_changed=target_changed, target_changed=source_changed)
652 source_changed=target_changed, target_changed=source_changed)
653
653
654 change_in_found = 'target repo' if target_changed else 'source repo'
654 change_in_found = 'target repo' if target_changed else 'source repo'
655 log.debug('Updating pull request because of change in %s detected',
655 log.debug('Updating pull request because of change in %s detected',
656 change_in_found)
656 change_in_found)
657
657
658 # Finally there is a need for an update, in case of source change
658 # Finally there is a need for an update, in case of source change
659 # we create a new version, else just an update
659 # we create a new version, else just an update
660 if source_changed:
660 if source_changed:
661 pull_request_version = self._create_version_from_snapshot(pull_request)
661 pull_request_version = self._create_version_from_snapshot(pull_request)
662 self._link_comments_to_version(pull_request_version)
662 self._link_comments_to_version(pull_request_version)
663 else:
663 else:
664 try:
664 try:
665 ver = pull_request.versions[-1]
665 ver = pull_request.versions[-1]
666 except IndexError:
666 except IndexError:
667 ver = None
667 ver = None
668
668
669 pull_request.pull_request_version_id = \
669 pull_request.pull_request_version_id = \
670 ver.pull_request_version_id if ver else None
670 ver.pull_request_version_id if ver else None
671 pull_request_version = pull_request
671 pull_request_version = pull_request
672
672
673 try:
673 try:
674 if target_ref_type in ('tag', 'branch', 'book'):
674 if target_ref_type in ('tag', 'branch', 'book'):
675 target_commit = target_repo.get_commit(target_ref_name)
675 target_commit = target_repo.get_commit(target_ref_name)
676 else:
676 else:
677 target_commit = target_repo.get_commit(target_ref_id)
677 target_commit = target_repo.get_commit(target_ref_id)
678 except CommitDoesNotExistError:
678 except CommitDoesNotExistError:
679 return UpdateResponse(
679 return UpdateResponse(
680 executed=False,
680 executed=False,
681 reason=UpdateFailureReason.MISSING_TARGET_REF,
681 reason=UpdateFailureReason.MISSING_TARGET_REF,
682 old=pull_request, new=None, changes=None,
682 old=pull_request, new=None, changes=None,
683 source_changed=source_changed, target_changed=target_changed)
683 source_changed=source_changed, target_changed=target_changed)
684
684
685 # re-compute commit ids
685 # re-compute commit ids
686 old_commit_ids = pull_request.revisions
686 old_commit_ids = pull_request.revisions
687 pre_load = ["author", "branch", "date", "message"]
687 pre_load = ["author", "branch", "date", "message"]
688 commit_ranges = target_repo.compare(
688 commit_ranges = target_repo.compare(
689 target_commit.raw_id, source_commit.raw_id, source_repo, merge=True,
689 target_commit.raw_id, source_commit.raw_id, source_repo, merge=True,
690 pre_load=pre_load)
690 pre_load=pre_load)
691
691
692 ancestor = target_repo.get_common_ancestor(
692 ancestor = target_repo.get_common_ancestor(
693 target_commit.raw_id, source_commit.raw_id, source_repo)
693 target_commit.raw_id, source_commit.raw_id, source_repo)
694
694
695 pull_request.source_ref = '%s:%s:%s' % (
695 pull_request.source_ref = '%s:%s:%s' % (
696 source_ref_type, source_ref_name, source_commit.raw_id)
696 source_ref_type, source_ref_name, source_commit.raw_id)
697 pull_request.target_ref = '%s:%s:%s' % (
697 pull_request.target_ref = '%s:%s:%s' % (
698 target_ref_type, target_ref_name, ancestor)
698 target_ref_type, target_ref_name, ancestor)
699
699
700 pull_request.revisions = [
700 pull_request.revisions = [
701 commit.raw_id for commit in reversed(commit_ranges)]
701 commit.raw_id for commit in reversed(commit_ranges)]
702 pull_request.updated_on = datetime.datetime.now()
702 pull_request.updated_on = datetime.datetime.now()
703 Session().add(pull_request)
703 Session().add(pull_request)
704 new_commit_ids = pull_request.revisions
704 new_commit_ids = pull_request.revisions
705
705
706 old_diff_data, new_diff_data = self._generate_update_diffs(
706 old_diff_data, new_diff_data = self._generate_update_diffs(
707 pull_request, pull_request_version)
707 pull_request, pull_request_version)
708
708
709 # calculate commit and file changes
709 # calculate commit and file changes
710 changes = self._calculate_commit_id_changes(
710 changes = self._calculate_commit_id_changes(
711 old_commit_ids, new_commit_ids)
711 old_commit_ids, new_commit_ids)
712 file_changes = self._calculate_file_changes(
712 file_changes = self._calculate_file_changes(
713 old_diff_data, new_diff_data)
713 old_diff_data, new_diff_data)
714
714
715 # set comments as outdated if DIFFS changed
715 # set comments as outdated if DIFFS changed
716 CommentsModel().outdate_comments(
716 CommentsModel().outdate_comments(
717 pull_request, old_diff_data=old_diff_data,
717 pull_request, old_diff_data=old_diff_data,
718 new_diff_data=new_diff_data)
718 new_diff_data=new_diff_data)
719
719
720 commit_changes = (changes.added or changes.removed)
720 commit_changes = (changes.added or changes.removed)
721 file_node_changes = (
721 file_node_changes = (
722 file_changes.added or file_changes.modified or file_changes.removed)
722 file_changes.added or file_changes.modified or file_changes.removed)
723 pr_has_changes = commit_changes or file_node_changes
723 pr_has_changes = commit_changes or file_node_changes
724
724
725 # Add an automatic comment to the pull request, in case
725 # Add an automatic comment to the pull request, in case
726 # anything has changed
726 # anything has changed
727 if pr_has_changes:
727 if pr_has_changes:
728 update_comment = CommentsModel().create(
728 update_comment = CommentsModel().create(
729 text=self._render_update_message(changes, file_changes),
729 text=self._render_update_message(changes, file_changes),
730 repo=pull_request.target_repo,
730 repo=pull_request.target_repo,
731 user=pull_request.author,
731 user=pull_request.author,
732 pull_request=pull_request,
732 pull_request=pull_request,
733 send_email=False, renderer=DEFAULT_COMMENTS_RENDERER)
733 send_email=False, renderer=DEFAULT_COMMENTS_RENDERER)
734
734
735 # Update status to "Under Review" for added commits
735 # Update status to "Under Review" for added commits
736 for commit_id in changes.added:
736 for commit_id in changes.added:
737 ChangesetStatusModel().set_status(
737 ChangesetStatusModel().set_status(
738 repo=pull_request.source_repo,
738 repo=pull_request.source_repo,
739 status=ChangesetStatus.STATUS_UNDER_REVIEW,
739 status=ChangesetStatus.STATUS_UNDER_REVIEW,
740 comment=update_comment,
740 comment=update_comment,
741 user=pull_request.author,
741 user=pull_request.author,
742 pull_request=pull_request,
742 pull_request=pull_request,
743 revision=commit_id)
743 revision=commit_id)
744
744
745 log.debug(
745 log.debug(
746 'Updated pull request %s, added_ids: %s, common_ids: %s, '
746 'Updated pull request %s, added_ids: %s, common_ids: %s, '
747 'removed_ids: %s', pull_request.pull_request_id,
747 'removed_ids: %s', pull_request.pull_request_id,
748 changes.added, changes.common, changes.removed)
748 changes.added, changes.common, changes.removed)
749 log.debug(
749 log.debug(
750 'Updated pull request with the following file changes: %s',
750 'Updated pull request with the following file changes: %s',
751 file_changes)
751 file_changes)
752
752
753 log.info(
753 log.info(
754 "Updated pull request %s from commit %s to commit %s, "
754 "Updated pull request %s from commit %s to commit %s, "
755 "stored new version %s of this pull request.",
755 "stored new version %s of this pull request.",
756 pull_request.pull_request_id, source_ref_id,
756 pull_request.pull_request_id, source_ref_id,
757 pull_request.source_ref_parts.commit_id,
757 pull_request.source_ref_parts.commit_id,
758 pull_request_version.pull_request_version_id)
758 pull_request_version.pull_request_version_id)
759 Session().commit()
759 Session().commit()
760 self._trigger_pull_request_hook(
760 self._trigger_pull_request_hook(
761 pull_request, pull_request.author, 'update')
761 pull_request, pull_request.author, 'update')
762
762
763 return UpdateResponse(
763 return UpdateResponse(
764 executed=True, reason=UpdateFailureReason.NONE,
764 executed=True, reason=UpdateFailureReason.NONE,
765 old=pull_request, new=pull_request_version, changes=changes,
765 old=pull_request, new=pull_request_version, changes=changes,
766 source_changed=source_changed, target_changed=target_changed)
766 source_changed=source_changed, target_changed=target_changed)
767
767
768 def _create_version_from_snapshot(self, pull_request):
768 def _create_version_from_snapshot(self, pull_request):
769 version = PullRequestVersion()
769 version = PullRequestVersion()
770 version.title = pull_request.title
770 version.title = pull_request.title
771 version.description = pull_request.description
771 version.description = pull_request.description
772 version.status = pull_request.status
772 version.status = pull_request.status
773 version.created_on = datetime.datetime.now()
773 version.created_on = datetime.datetime.now()
774 version.updated_on = pull_request.updated_on
774 version.updated_on = pull_request.updated_on
775 version.user_id = pull_request.user_id
775 version.user_id = pull_request.user_id
776 version.source_repo = pull_request.source_repo
776 version.source_repo = pull_request.source_repo
777 version.source_ref = pull_request.source_ref
777 version.source_ref = pull_request.source_ref
778 version.target_repo = pull_request.target_repo
778 version.target_repo = pull_request.target_repo
779 version.target_ref = pull_request.target_ref
779 version.target_ref = pull_request.target_ref
780
780
781 version._last_merge_source_rev = pull_request._last_merge_source_rev
781 version._last_merge_source_rev = pull_request._last_merge_source_rev
782 version._last_merge_target_rev = pull_request._last_merge_target_rev
782 version._last_merge_target_rev = pull_request._last_merge_target_rev
783 version._last_merge_status = pull_request._last_merge_status
783 version._last_merge_status = pull_request._last_merge_status
784 version.shadow_merge_ref = pull_request.shadow_merge_ref
784 version.shadow_merge_ref = pull_request.shadow_merge_ref
785 version.merge_rev = pull_request.merge_rev
785 version.merge_rev = pull_request.merge_rev
786 version.reviewer_data = pull_request.reviewer_data
786 version.reviewer_data = pull_request.reviewer_data
787
787
788 version.revisions = pull_request.revisions
788 version.revisions = pull_request.revisions
789 version.pull_request = pull_request
789 version.pull_request = pull_request
790 Session().add(version)
790 Session().add(version)
791 Session().flush()
791 Session().flush()
792
792
793 return version
793 return version
794
794
795 def _generate_update_diffs(self, pull_request, pull_request_version):
795 def _generate_update_diffs(self, pull_request, pull_request_version):
796
796
797 diff_context = (
797 diff_context = (
798 self.DIFF_CONTEXT +
798 self.DIFF_CONTEXT +
799 CommentsModel.needed_extra_diff_context())
799 CommentsModel.needed_extra_diff_context())
800
800
801 source_repo = pull_request_version.source_repo
801 source_repo = pull_request_version.source_repo
802 source_ref_id = pull_request_version.source_ref_parts.commit_id
802 source_ref_id = pull_request_version.source_ref_parts.commit_id
803 target_ref_id = pull_request_version.target_ref_parts.commit_id
803 target_ref_id = pull_request_version.target_ref_parts.commit_id
804 old_diff = self._get_diff_from_pr_or_version(
804 old_diff = self._get_diff_from_pr_or_version(
805 source_repo, source_ref_id, target_ref_id, context=diff_context)
805 source_repo, source_ref_id, target_ref_id, context=diff_context)
806
806
807 source_repo = pull_request.source_repo
807 source_repo = pull_request.source_repo
808 source_ref_id = pull_request.source_ref_parts.commit_id
808 source_ref_id = pull_request.source_ref_parts.commit_id
809 target_ref_id = pull_request.target_ref_parts.commit_id
809 target_ref_id = pull_request.target_ref_parts.commit_id
810
810
811 new_diff = self._get_diff_from_pr_or_version(
811 new_diff = self._get_diff_from_pr_or_version(
812 source_repo, source_ref_id, target_ref_id, context=diff_context)
812 source_repo, source_ref_id, target_ref_id, context=diff_context)
813
813
814 old_diff_data = diffs.DiffProcessor(old_diff)
814 old_diff_data = diffs.DiffProcessor(old_diff)
815 old_diff_data.prepare()
815 old_diff_data.prepare()
816 new_diff_data = diffs.DiffProcessor(new_diff)
816 new_diff_data = diffs.DiffProcessor(new_diff)
817 new_diff_data.prepare()
817 new_diff_data.prepare()
818
818
819 return old_diff_data, new_diff_data
819 return old_diff_data, new_diff_data
820
820
821 def _link_comments_to_version(self, pull_request_version):
821 def _link_comments_to_version(self, pull_request_version):
822 """
822 """
823 Link all unlinked comments of this pull request to the given version.
823 Link all unlinked comments of this pull request to the given version.
824
824
825 :param pull_request_version: The `PullRequestVersion` to which
825 :param pull_request_version: The `PullRequestVersion` to which
826 the comments shall be linked.
826 the comments shall be linked.
827
827
828 """
828 """
829 pull_request = pull_request_version.pull_request
829 pull_request = pull_request_version.pull_request
830 comments = ChangesetComment.query()\
830 comments = ChangesetComment.query()\
831 .filter(
831 .filter(
832 # TODO: johbo: Should we query for the repo at all here?
832 # TODO: johbo: Should we query for the repo at all here?
833 # Pending decision on how comments of PRs are to be related
833 # Pending decision on how comments of PRs are to be related
834 # to either the source repo, the target repo or no repo at all.
834 # to either the source repo, the target repo or no repo at all.
835 ChangesetComment.repo_id == pull_request.target_repo.repo_id,
835 ChangesetComment.repo_id == pull_request.target_repo.repo_id,
836 ChangesetComment.pull_request == pull_request,
836 ChangesetComment.pull_request == pull_request,
837 ChangesetComment.pull_request_version == None)\
837 ChangesetComment.pull_request_version == None)\
838 .order_by(ChangesetComment.comment_id.asc())
838 .order_by(ChangesetComment.comment_id.asc())
839
839
840 # TODO: johbo: Find out why this breaks if it is done in a bulk
840 # TODO: johbo: Find out why this breaks if it is done in a bulk
841 # operation.
841 # operation.
842 for comment in comments:
842 for comment in comments:
843 comment.pull_request_version_id = (
843 comment.pull_request_version_id = (
844 pull_request_version.pull_request_version_id)
844 pull_request_version.pull_request_version_id)
845 Session().add(comment)
845 Session().add(comment)
846
846
847 def _calculate_commit_id_changes(self, old_ids, new_ids):
847 def _calculate_commit_id_changes(self, old_ids, new_ids):
848 added = [x for x in new_ids if x not in old_ids]
848 added = [x for x in new_ids if x not in old_ids]
849 common = [x for x in new_ids if x in old_ids]
849 common = [x for x in new_ids if x in old_ids]
850 removed = [x for x in old_ids if x not in new_ids]
850 removed = [x for x in old_ids if x not in new_ids]
851 total = new_ids
851 total = new_ids
852 return ChangeTuple(added, common, removed, total)
852 return ChangeTuple(added, common, removed, total)
853
853
854 def _calculate_file_changes(self, old_diff_data, new_diff_data):
854 def _calculate_file_changes(self, old_diff_data, new_diff_data):
855
855
856 old_files = OrderedDict()
856 old_files = OrderedDict()
857 for diff_data in old_diff_data.parsed_diff:
857 for diff_data in old_diff_data.parsed_diff:
858 old_files[diff_data['filename']] = md5_safe(diff_data['raw_diff'])
858 old_files[diff_data['filename']] = md5_safe(diff_data['raw_diff'])
859
859
860 added_files = []
860 added_files = []
861 modified_files = []
861 modified_files = []
862 removed_files = []
862 removed_files = []
863 for diff_data in new_diff_data.parsed_diff:
863 for diff_data in new_diff_data.parsed_diff:
864 new_filename = diff_data['filename']
864 new_filename = diff_data['filename']
865 new_hash = md5_safe(diff_data['raw_diff'])
865 new_hash = md5_safe(diff_data['raw_diff'])
866
866
867 old_hash = old_files.get(new_filename)
867 old_hash = old_files.get(new_filename)
868 if not old_hash:
868 if not old_hash:
869 # file is not present in old diff, means it's added
869 # file is not present in old diff, means it's added
870 added_files.append(new_filename)
870 added_files.append(new_filename)
871 else:
871 else:
872 if new_hash != old_hash:
872 if new_hash != old_hash:
873 modified_files.append(new_filename)
873 modified_files.append(new_filename)
874 # now remove a file from old, since we have seen it already
874 # now remove a file from old, since we have seen it already
875 del old_files[new_filename]
875 del old_files[new_filename]
876
876
877 # removed files is when there are present in old, but not in NEW,
877 # removed files is when there are present in old, but not in NEW,
878 # since we remove old files that are present in new diff, left-overs
878 # since we remove old files that are present in new diff, left-overs
879 # if any should be the removed files
879 # if any should be the removed files
880 removed_files.extend(old_files.keys())
880 removed_files.extend(old_files.keys())
881
881
882 return FileChangeTuple(added_files, modified_files, removed_files)
882 return FileChangeTuple(added_files, modified_files, removed_files)
883
883
884 def _render_update_message(self, changes, file_changes):
884 def _render_update_message(self, changes, file_changes):
885 """
885 """
886 render the message using DEFAULT_COMMENTS_RENDERER (RST renderer),
886 render the message using DEFAULT_COMMENTS_RENDERER (RST renderer),
887 so it's always looking the same disregarding on which default
887 so it's always looking the same disregarding on which default
888 renderer system is using.
888 renderer system is using.
889
889
890 :param changes: changes named tuple
890 :param changes: changes named tuple
891 :param file_changes: file changes named tuple
891 :param file_changes: file changes named tuple
892
892
893 """
893 """
894 new_status = ChangesetStatus.get_status_lbl(
894 new_status = ChangesetStatus.get_status_lbl(
895 ChangesetStatus.STATUS_UNDER_REVIEW)
895 ChangesetStatus.STATUS_UNDER_REVIEW)
896
896
897 changed_files = (
897 changed_files = (
898 file_changes.added + file_changes.modified + file_changes.removed)
898 file_changes.added + file_changes.modified + file_changes.removed)
899
899
900 params = {
900 params = {
901 'under_review_label': new_status,
901 'under_review_label': new_status,
902 'added_commits': changes.added,
902 'added_commits': changes.added,
903 'removed_commits': changes.removed,
903 'removed_commits': changes.removed,
904 'changed_files': changed_files,
904 'changed_files': changed_files,
905 'added_files': file_changes.added,
905 'added_files': file_changes.added,
906 'modified_files': file_changes.modified,
906 'modified_files': file_changes.modified,
907 'removed_files': file_changes.removed,
907 'removed_files': file_changes.removed,
908 }
908 }
909 renderer = RstTemplateRenderer()
909 renderer = RstTemplateRenderer()
910 return renderer.render('pull_request_update.mako', **params)
910 return renderer.render('pull_request_update.mako', **params)
911
911
912 def edit(self, pull_request, title, description, user):
912 def edit(self, pull_request, title, description, user):
913 pull_request = self.__get_pull_request(pull_request)
913 pull_request = self.__get_pull_request(pull_request)
914 old_data = pull_request.get_api_data(with_merge_state=False)
914 old_data = pull_request.get_api_data(with_merge_state=False)
915 if pull_request.is_closed():
915 if pull_request.is_closed():
916 raise ValueError('This pull request is closed')
916 raise ValueError('This pull request is closed')
917 if title:
917 if title:
918 pull_request.title = title
918 pull_request.title = title
919 pull_request.description = description
919 pull_request.description = description
920 pull_request.updated_on = datetime.datetime.now()
920 pull_request.updated_on = datetime.datetime.now()
921 Session().add(pull_request)
921 Session().add(pull_request)
922 self._log_audit_action(
922 self._log_audit_action(
923 'repo.pull_request.edit', {'old_data': old_data},
923 'repo.pull_request.edit', {'old_data': old_data},
924 user, pull_request)
924 user, pull_request)
925
925
926 def update_reviewers(self, pull_request, reviewer_data, user):
926 def update_reviewers(self, pull_request, reviewer_data, user):
927 """
927 """
928 Update the reviewers in the pull request
928 Update the reviewers in the pull request
929
929
930 :param pull_request: the pr to update
930 :param pull_request: the pr to update
931 :param reviewer_data: list of tuples
931 :param reviewer_data: list of tuples
932 [(user, ['reason1', 'reason2'], mandatory_flag)]
932 [(user, ['reason1', 'reason2'], mandatory_flag)]
933 """
933 """
934
934
935 reviewers = {}
935 reviewers = {}
936 for user_id, reasons, mandatory in reviewer_data:
936 for user_id, reasons, mandatory in reviewer_data:
937 if isinstance(user_id, (int, basestring)):
937 if isinstance(user_id, (int, basestring)):
938 user_id = self._get_user(user_id).user_id
938 user_id = self._get_user(user_id).user_id
939 reviewers[user_id] = {
939 reviewers[user_id] = {
940 'reasons': reasons, 'mandatory': mandatory}
940 'reasons': reasons, 'mandatory': mandatory}
941
941
942 reviewers_ids = set(reviewers.keys())
942 reviewers_ids = set(reviewers.keys())
943 pull_request = self.__get_pull_request(pull_request)
943 pull_request = self.__get_pull_request(pull_request)
944 current_reviewers = PullRequestReviewers.query()\
944 current_reviewers = PullRequestReviewers.query()\
945 .filter(PullRequestReviewers.pull_request ==
945 .filter(PullRequestReviewers.pull_request ==
946 pull_request).all()
946 pull_request).all()
947 current_reviewers_ids = set([x.user.user_id for x in current_reviewers])
947 current_reviewers_ids = set([x.user.user_id for x in current_reviewers])
948
948
949 ids_to_add = reviewers_ids.difference(current_reviewers_ids)
949 ids_to_add = reviewers_ids.difference(current_reviewers_ids)
950 ids_to_remove = current_reviewers_ids.difference(reviewers_ids)
950 ids_to_remove = current_reviewers_ids.difference(reviewers_ids)
951
951
952 log.debug("Adding %s reviewers", ids_to_add)
952 log.debug("Adding %s reviewers", ids_to_add)
953 log.debug("Removing %s reviewers", ids_to_remove)
953 log.debug("Removing %s reviewers", ids_to_remove)
954 changed = False
954 changed = False
955 for uid in ids_to_add:
955 for uid in ids_to_add:
956 changed = True
956 changed = True
957 _usr = self._get_user(uid)
957 _usr = self._get_user(uid)
958 reviewer = PullRequestReviewers()
958 reviewer = PullRequestReviewers()
959 reviewer.user = _usr
959 reviewer.user = _usr
960 reviewer.pull_request = pull_request
960 reviewer.pull_request = pull_request
961 reviewer.reasons = reviewers[uid]['reasons']
961 reviewer.reasons = reviewers[uid]['reasons']
962 # NOTE(marcink): mandatory shouldn't be changed now
962 # NOTE(marcink): mandatory shouldn't be changed now
963 # reviewer.mandatory = reviewers[uid]['reasons']
963 # reviewer.mandatory = reviewers[uid]['reasons']
964 Session().add(reviewer)
964 Session().add(reviewer)
965 self._log_audit_action(
965 self._log_audit_action(
966 'repo.pull_request.reviewer.add', {'data': reviewer.get_dict()},
966 'repo.pull_request.reviewer.add', {'data': reviewer.get_dict()},
967 user, pull_request)
967 user, pull_request)
968
968
969 for uid in ids_to_remove:
969 for uid in ids_to_remove:
970 changed = True
970 changed = True
971 reviewers = PullRequestReviewers.query()\
971 reviewers = PullRequestReviewers.query()\
972 .filter(PullRequestReviewers.user_id == uid,
972 .filter(PullRequestReviewers.user_id == uid,
973 PullRequestReviewers.pull_request == pull_request)\
973 PullRequestReviewers.pull_request == pull_request)\
974 .all()
974 .all()
975 # use .all() in case we accidentally added the same person twice
975 # use .all() in case we accidentally added the same person twice
976 # this CAN happen due to the lack of DB checks
976 # this CAN happen due to the lack of DB checks
977 for obj in reviewers:
977 for obj in reviewers:
978 old_data = obj.get_dict()
978 old_data = obj.get_dict()
979 Session().delete(obj)
979 Session().delete(obj)
980 self._log_audit_action(
980 self._log_audit_action(
981 'repo.pull_request.reviewer.delete',
981 'repo.pull_request.reviewer.delete',
982 {'old_data': old_data}, user, pull_request)
982 {'old_data': old_data}, user, pull_request)
983
983
984 if changed:
984 if changed:
985 pull_request.updated_on = datetime.datetime.now()
985 pull_request.updated_on = datetime.datetime.now()
986 Session().add(pull_request)
986 Session().add(pull_request)
987
987
988 self.notify_reviewers(pull_request, ids_to_add)
988 self.notify_reviewers(pull_request, ids_to_add)
989 return ids_to_add, ids_to_remove
989 return ids_to_add, ids_to_remove
990
990
991 def get_url(self, pull_request, request=None, permalink=False):
991 def get_url(self, pull_request, request=None, permalink=False):
992 if not request:
992 if not request:
993 request = get_current_request()
993 request = get_current_request()
994
994
995 if permalink:
995 if permalink:
996 return request.route_url(
996 return request.route_url(
997 'pull_requests_global',
997 'pull_requests_global',
998 pull_request_id=pull_request.pull_request_id,)
998 pull_request_id=pull_request.pull_request_id,)
999 else:
999 else:
1000 return request.route_url('pullrequest_show',
1000 return request.route_url('pullrequest_show',
1001 repo_name=safe_str(pull_request.target_repo.repo_name),
1001 repo_name=safe_str(pull_request.target_repo.repo_name),
1002 pull_request_id=pull_request.pull_request_id,)
1002 pull_request_id=pull_request.pull_request_id,)
1003
1003
1004 def get_shadow_clone_url(self, pull_request):
1004 def get_shadow_clone_url(self, pull_request):
1005 """
1005 """
1006 Returns qualified url pointing to the shadow repository. If this pull
1006 Returns qualified url pointing to the shadow repository. If this pull
1007 request is closed there is no shadow repository and ``None`` will be
1007 request is closed there is no shadow repository and ``None`` will be
1008 returned.
1008 returned.
1009 """
1009 """
1010 if pull_request.is_closed():
1010 if pull_request.is_closed():
1011 return None
1011 return None
1012 else:
1012 else:
1013 pr_url = urllib.unquote(self.get_url(pull_request))
1013 pr_url = urllib.unquote(self.get_url(pull_request))
1014 return safe_unicode('{pr_url}/repository'.format(pr_url=pr_url))
1014 return safe_unicode('{pr_url}/repository'.format(pr_url=pr_url))
1015
1015
1016 def notify_reviewers(self, pull_request, reviewers_ids):
1016 def notify_reviewers(self, pull_request, reviewers_ids):
1017 # notification to reviewers
1017 # notification to reviewers
1018 if not reviewers_ids:
1018 if not reviewers_ids:
1019 return
1019 return
1020
1020
1021 pull_request_obj = pull_request
1021 pull_request_obj = pull_request
1022 # get the current participants of this pull request
1022 # get the current participants of this pull request
1023 recipients = reviewers_ids
1023 recipients = reviewers_ids
1024 notification_type = EmailNotificationModel.TYPE_PULL_REQUEST
1024 notification_type = EmailNotificationModel.TYPE_PULL_REQUEST
1025
1025
1026 pr_source_repo = pull_request_obj.source_repo
1026 pr_source_repo = pull_request_obj.source_repo
1027 pr_target_repo = pull_request_obj.target_repo
1027 pr_target_repo = pull_request_obj.target_repo
1028
1028
1029 pr_url = h.route_url('pullrequest_show',
1029 pr_url = h.route_url('pullrequest_show',
1030 repo_name=pr_target_repo.repo_name,
1030 repo_name=pr_target_repo.repo_name,
1031 pull_request_id=pull_request_obj.pull_request_id,)
1031 pull_request_id=pull_request_obj.pull_request_id,)
1032
1032
1033 # set some variables for email notification
1033 # set some variables for email notification
1034 pr_target_repo_url = h.route_url(
1034 pr_target_repo_url = h.route_url(
1035 'repo_summary', repo_name=pr_target_repo.repo_name)
1035 'repo_summary', repo_name=pr_target_repo.repo_name)
1036
1036
1037 pr_source_repo_url = h.route_url(
1037 pr_source_repo_url = h.route_url(
1038 'repo_summary', repo_name=pr_source_repo.repo_name)
1038 'repo_summary', repo_name=pr_source_repo.repo_name)
1039
1039
1040 # pull request specifics
1040 # pull request specifics
1041 pull_request_commits = [
1041 pull_request_commits = [
1042 (x.raw_id, x.message)
1042 (x.raw_id, x.message)
1043 for x in map(pr_source_repo.get_commit, pull_request.revisions)]
1043 for x in map(pr_source_repo.get_commit, pull_request.revisions)]
1044
1044
1045 kwargs = {
1045 kwargs = {
1046 'user': pull_request.author,
1046 'user': pull_request.author,
1047 'pull_request': pull_request_obj,
1047 'pull_request': pull_request_obj,
1048 'pull_request_commits': pull_request_commits,
1048 'pull_request_commits': pull_request_commits,
1049
1049
1050 'pull_request_target_repo': pr_target_repo,
1050 'pull_request_target_repo': pr_target_repo,
1051 'pull_request_target_repo_url': pr_target_repo_url,
1051 'pull_request_target_repo_url': pr_target_repo_url,
1052
1052
1053 'pull_request_source_repo': pr_source_repo,
1053 'pull_request_source_repo': pr_source_repo,
1054 'pull_request_source_repo_url': pr_source_repo_url,
1054 'pull_request_source_repo_url': pr_source_repo_url,
1055
1055
1056 'pull_request_url': pr_url,
1056 'pull_request_url': pr_url,
1057 }
1057 }
1058
1058
1059 # pre-generate the subject for notification itself
1059 # pre-generate the subject for notification itself
1060 (subject,
1060 (subject,
1061 _h, _e, # we don't care about those
1061 _h, _e, # we don't care about those
1062 body_plaintext) = EmailNotificationModel().render_email(
1062 body_plaintext) = EmailNotificationModel().render_email(
1063 notification_type, **kwargs)
1063 notification_type, **kwargs)
1064
1064
1065 # create notification objects, and emails
1065 # create notification objects, and emails
1066 NotificationModel().create(
1066 NotificationModel().create(
1067 created_by=pull_request.author,
1067 created_by=pull_request.author,
1068 notification_subject=subject,
1068 notification_subject=subject,
1069 notification_body=body_plaintext,
1069 notification_body=body_plaintext,
1070 notification_type=notification_type,
1070 notification_type=notification_type,
1071 recipients=recipients,
1071 recipients=recipients,
1072 email_kwargs=kwargs,
1072 email_kwargs=kwargs,
1073 )
1073 )
1074
1074
1075 def delete(self, pull_request, user):
1075 def delete(self, pull_request, user):
1076 pull_request = self.__get_pull_request(pull_request)
1076 pull_request = self.__get_pull_request(pull_request)
1077 old_data = pull_request.get_api_data(with_merge_state=False)
1077 old_data = pull_request.get_api_data(with_merge_state=False)
1078 self._cleanup_merge_workspace(pull_request)
1078 self._cleanup_merge_workspace(pull_request)
1079 self._log_audit_action(
1079 self._log_audit_action(
1080 'repo.pull_request.delete', {'old_data': old_data},
1080 'repo.pull_request.delete', {'old_data': old_data},
1081 user, pull_request)
1081 user, pull_request)
1082 Session().delete(pull_request)
1082 Session().delete(pull_request)
1083
1083
1084 def close_pull_request(self, pull_request, user):
1084 def close_pull_request(self, pull_request, user):
1085 pull_request = self.__get_pull_request(pull_request)
1085 pull_request = self.__get_pull_request(pull_request)
1086 self._cleanup_merge_workspace(pull_request)
1086 self._cleanup_merge_workspace(pull_request)
1087 pull_request.status = PullRequest.STATUS_CLOSED
1087 pull_request.status = PullRequest.STATUS_CLOSED
1088 pull_request.updated_on = datetime.datetime.now()
1088 pull_request.updated_on = datetime.datetime.now()
1089 Session().add(pull_request)
1089 Session().add(pull_request)
1090 self._trigger_pull_request_hook(
1090 self._trigger_pull_request_hook(
1091 pull_request, pull_request.author, 'close')
1091 pull_request, pull_request.author, 'close')
1092 self._log_audit_action(
1092 self._log_audit_action(
1093 'repo.pull_request.close', {}, user, pull_request)
1093 'repo.pull_request.close', {}, user, pull_request)
1094
1094
1095 def close_pull_request_with_comment(
1095 def close_pull_request_with_comment(
1096 self, pull_request, user, repo, message=None):
1096 self, pull_request, user, repo, message=None):
1097
1097
1098 pull_request_review_status = pull_request.calculated_review_status()
1098 pull_request_review_status = pull_request.calculated_review_status()
1099
1099
1100 if pull_request_review_status == ChangesetStatus.STATUS_APPROVED:
1100 if pull_request_review_status == ChangesetStatus.STATUS_APPROVED:
1101 # approved only if we have voting consent
1101 # approved only if we have voting consent
1102 status = ChangesetStatus.STATUS_APPROVED
1102 status = ChangesetStatus.STATUS_APPROVED
1103 else:
1103 else:
1104 status = ChangesetStatus.STATUS_REJECTED
1104 status = ChangesetStatus.STATUS_REJECTED
1105 status_lbl = ChangesetStatus.get_status_lbl(status)
1105 status_lbl = ChangesetStatus.get_status_lbl(status)
1106
1106
1107 default_message = (
1107 default_message = (
1108 _('Closing with status change {transition_icon} {status}.')
1108 _('Closing with status change {transition_icon} {status}.')
1109 ).format(transition_icon='>', status=status_lbl)
1109 ).format(transition_icon='>', status=status_lbl)
1110 text = message or default_message
1110 text = message or default_message
1111
1111
1112 # create a comment, and link it to new status
1112 # create a comment, and link it to new status
1113 comment = CommentsModel().create(
1113 comment = CommentsModel().create(
1114 text=text,
1114 text=text,
1115 repo=repo.repo_id,
1115 repo=repo.repo_id,
1116 user=user.user_id,
1116 user=user.user_id,
1117 pull_request=pull_request.pull_request_id,
1117 pull_request=pull_request.pull_request_id,
1118 status_change=status_lbl,
1118 status_change=status_lbl,
1119 status_change_type=status,
1119 status_change_type=status,
1120 closing_pr=True
1120 closing_pr=True
1121 )
1121 )
1122
1122
1123 # calculate old status before we change it
1123 # calculate old status before we change it
1124 old_calculated_status = pull_request.calculated_review_status()
1124 old_calculated_status = pull_request.calculated_review_status()
1125 ChangesetStatusModel().set_status(
1125 ChangesetStatusModel().set_status(
1126 repo.repo_id,
1126 repo.repo_id,
1127 status,
1127 status,
1128 user.user_id,
1128 user.user_id,
1129 comment=comment,
1129 comment=comment,
1130 pull_request=pull_request.pull_request_id
1130 pull_request=pull_request.pull_request_id
1131 )
1131 )
1132
1132
1133 Session().flush()
1133 Session().flush()
1134 events.trigger(events.PullRequestCommentEvent(pull_request, comment))
1134 events.trigger(events.PullRequestCommentEvent(pull_request, comment))
1135 # we now calculate the status of pull request again, and based on that
1135 # we now calculate the status of pull request again, and based on that
1136 # calculation trigger status change. This might happen in cases
1136 # calculation trigger status change. This might happen in cases
1137 # that non-reviewer admin closes a pr, which means his vote doesn't
1137 # that non-reviewer admin closes a pr, which means his vote doesn't
1138 # change the status, while if he's a reviewer this might change it.
1138 # change the status, while if he's a reviewer this might change it.
1139 calculated_status = pull_request.calculated_review_status()
1139 calculated_status = pull_request.calculated_review_status()
1140 if old_calculated_status != calculated_status:
1140 if old_calculated_status != calculated_status:
1141 self._trigger_pull_request_hook(
1141 self._trigger_pull_request_hook(
1142 pull_request, user, 'review_status_change')
1142 pull_request, user, 'review_status_change')
1143
1143
1144 # finally close the PR
1144 # finally close the PR
1145 PullRequestModel().close_pull_request(
1145 PullRequestModel().close_pull_request(
1146 pull_request.pull_request_id, user)
1146 pull_request.pull_request_id, user)
1147
1147
1148 return comment, status
1148 return comment, status
1149
1149
1150 def merge_status(self, pull_request):
1150 def merge_status(self, pull_request):
1151 if not self._is_merge_enabled(pull_request):
1151 if not self._is_merge_enabled(pull_request):
1152 return False, _('Server-side pull request merging is disabled.')
1152 return False, _('Server-side pull request merging is disabled.')
1153 if pull_request.is_closed():
1153 if pull_request.is_closed():
1154 return False, _('This pull request is closed.')
1154 return False, _('This pull request is closed.')
1155 merge_possible, msg = self._check_repo_requirements(
1155 merge_possible, msg = self._check_repo_requirements(
1156 target=pull_request.target_repo, source=pull_request.source_repo)
1156 target=pull_request.target_repo, source=pull_request.source_repo)
1157 if not merge_possible:
1157 if not merge_possible:
1158 return merge_possible, msg
1158 return merge_possible, msg
1159
1159
1160 try:
1160 try:
1161 resp = self._try_merge(pull_request)
1161 resp = self._try_merge(pull_request)
1162 log.debug("Merge response: %s", resp)
1162 log.debug("Merge response: %s", resp)
1163 status = resp.possible, self.merge_status_message(
1163 status = resp.possible, self.merge_status_message(
1164 resp.failure_reason)
1164 resp.failure_reason)
1165 except NotImplementedError:
1165 except NotImplementedError:
1166 status = False, _('Pull request merging is not supported.')
1166 status = False, _('Pull request merging is not supported.')
1167
1167
1168 return status
1168 return status
1169
1169
1170 def _check_repo_requirements(self, target, source):
1170 def _check_repo_requirements(self, target, source):
1171 """
1171 """
1172 Check if `target` and `source` have compatible requirements.
1172 Check if `target` and `source` have compatible requirements.
1173
1173
1174 Currently this is just checking for largefiles.
1174 Currently this is just checking for largefiles.
1175 """
1175 """
1176 target_has_largefiles = self._has_largefiles(target)
1176 target_has_largefiles = self._has_largefiles(target)
1177 source_has_largefiles = self._has_largefiles(source)
1177 source_has_largefiles = self._has_largefiles(source)
1178 merge_possible = True
1178 merge_possible = True
1179 message = u''
1179 message = u''
1180
1180
1181 if target_has_largefiles != source_has_largefiles:
1181 if target_has_largefiles != source_has_largefiles:
1182 merge_possible = False
1182 merge_possible = False
1183 if source_has_largefiles:
1183 if source_has_largefiles:
1184 message = _(
1184 message = _(
1185 'Target repository large files support is disabled.')
1185 'Target repository large files support is disabled.')
1186 else:
1186 else:
1187 message = _(
1187 message = _(
1188 'Source repository large files support is disabled.')
1188 'Source repository large files support is disabled.')
1189
1189
1190 return merge_possible, message
1190 return merge_possible, message
1191
1191
1192 def _has_largefiles(self, repo):
1192 def _has_largefiles(self, repo):
1193 largefiles_ui = VcsSettingsModel(repo=repo).get_ui_settings(
1193 largefiles_ui = VcsSettingsModel(repo=repo).get_ui_settings(
1194 'extensions', 'largefiles')
1194 'extensions', 'largefiles')
1195 return largefiles_ui and largefiles_ui[0].active
1195 return largefiles_ui and largefiles_ui[0].active
1196
1196
1197 def _try_merge(self, pull_request):
1197 def _try_merge(self, pull_request):
1198 """
1198 """
1199 Try to merge the pull request and return the merge status.
1199 Try to merge the pull request and return the merge status.
1200 """
1200 """
1201 log.debug(
1201 log.debug(
1202 "Trying out if the pull request %s can be merged.",
1202 "Trying out if the pull request %s can be merged.",
1203 pull_request.pull_request_id)
1203 pull_request.pull_request_id)
1204 target_vcs = pull_request.target_repo.scm_instance()
1204 target_vcs = pull_request.target_repo.scm_instance()
1205
1205
1206 # Refresh the target reference.
1206 # Refresh the target reference.
1207 try:
1207 try:
1208 target_ref = self._refresh_reference(
1208 target_ref = self._refresh_reference(
1209 pull_request.target_ref_parts, target_vcs)
1209 pull_request.target_ref_parts, target_vcs)
1210 except CommitDoesNotExistError:
1210 except CommitDoesNotExistError:
1211 merge_state = MergeResponse(
1211 merge_state = MergeResponse(
1212 False, False, None, MergeFailureReason.MISSING_TARGET_REF)
1212 False, False, None, MergeFailureReason.MISSING_TARGET_REF)
1213 return merge_state
1213 return merge_state
1214
1214
1215 target_locked = pull_request.target_repo.locked
1215 target_locked = pull_request.target_repo.locked
1216 if target_locked and target_locked[0]:
1216 if target_locked and target_locked[0]:
1217 log.debug("The target repository is locked.")
1217 log.debug("The target repository is locked.")
1218 merge_state = MergeResponse(
1218 merge_state = MergeResponse(
1219 False, False, None, MergeFailureReason.TARGET_IS_LOCKED)
1219 False, False, None, MergeFailureReason.TARGET_IS_LOCKED)
1220 elif self._needs_merge_state_refresh(pull_request, target_ref):
1220 elif self._needs_merge_state_refresh(pull_request, target_ref):
1221 log.debug("Refreshing the merge status of the repository.")
1221 log.debug("Refreshing the merge status of the repository.")
1222 merge_state = self._refresh_merge_state(
1222 merge_state = self._refresh_merge_state(
1223 pull_request, target_vcs, target_ref)
1223 pull_request, target_vcs, target_ref)
1224 else:
1224 else:
1225 possible = pull_request.\
1225 possible = pull_request.\
1226 _last_merge_status == MergeFailureReason.NONE
1226 _last_merge_status == MergeFailureReason.NONE
1227 merge_state = MergeResponse(
1227 merge_state = MergeResponse(
1228 possible, False, None, pull_request._last_merge_status)
1228 possible, False, None, pull_request._last_merge_status)
1229
1229
1230 return merge_state
1230 return merge_state
1231
1231
1232 def _refresh_reference(self, reference, vcs_repository):
1232 def _refresh_reference(self, reference, vcs_repository):
1233 if reference.type in ('branch', 'book'):
1233 if reference.type in ('branch', 'book'):
1234 name_or_id = reference.name
1234 name_or_id = reference.name
1235 else:
1235 else:
1236 name_or_id = reference.commit_id
1236 name_or_id = reference.commit_id
1237 refreshed_commit = vcs_repository.get_commit(name_or_id)
1237 refreshed_commit = vcs_repository.get_commit(name_or_id)
1238 refreshed_reference = Reference(
1238 refreshed_reference = Reference(
1239 reference.type, reference.name, refreshed_commit.raw_id)
1239 reference.type, reference.name, refreshed_commit.raw_id)
1240 return refreshed_reference
1240 return refreshed_reference
1241
1241
1242 def _needs_merge_state_refresh(self, pull_request, target_reference):
1242 def _needs_merge_state_refresh(self, pull_request, target_reference):
1243 return not(
1243 return not(
1244 pull_request.revisions and
1244 pull_request.revisions and
1245 pull_request.revisions[0] == pull_request._last_merge_source_rev and
1245 pull_request.revisions[0] == pull_request._last_merge_source_rev and
1246 target_reference.commit_id == pull_request._last_merge_target_rev)
1246 target_reference.commit_id == pull_request._last_merge_target_rev)
1247
1247
1248 def _refresh_merge_state(self, pull_request, target_vcs, target_reference):
1248 def _refresh_merge_state(self, pull_request, target_vcs, target_reference):
1249 workspace_id = self._workspace_id(pull_request)
1249 workspace_id = self._workspace_id(pull_request)
1250 source_vcs = pull_request.source_repo.scm_instance()
1250 source_vcs = pull_request.source_repo.scm_instance()
1251 use_rebase = self._use_rebase_for_merging(pull_request)
1251 use_rebase = self._use_rebase_for_merging(pull_request)
1252 merge_state = target_vcs.merge(
1252 merge_state = target_vcs.merge(
1253 target_reference, source_vcs, pull_request.source_ref_parts,
1253 target_reference, source_vcs, pull_request.source_ref_parts,
1254 workspace_id, dry_run=True, use_rebase=use_rebase)
1254 workspace_id, dry_run=True, use_rebase=use_rebase)
1255
1255
1256 # Do not store the response if there was an unknown error.
1256 # Do not store the response if there was an unknown error.
1257 if merge_state.failure_reason != MergeFailureReason.UNKNOWN:
1257 if merge_state.failure_reason != MergeFailureReason.UNKNOWN:
1258 pull_request._last_merge_source_rev = \
1258 pull_request._last_merge_source_rev = \
1259 pull_request.source_ref_parts.commit_id
1259 pull_request.source_ref_parts.commit_id
1260 pull_request._last_merge_target_rev = target_reference.commit_id
1260 pull_request._last_merge_target_rev = target_reference.commit_id
1261 pull_request._last_merge_status = merge_state.failure_reason
1261 pull_request._last_merge_status = merge_state.failure_reason
1262 pull_request.shadow_merge_ref = merge_state.merge_ref
1262 pull_request.shadow_merge_ref = merge_state.merge_ref
1263 Session().add(pull_request)
1263 Session().add(pull_request)
1264 Session().commit()
1264 Session().commit()
1265
1265
1266 return merge_state
1266 return merge_state
1267
1267
1268 def _workspace_id(self, pull_request):
1268 def _workspace_id(self, pull_request):
1269 workspace_id = 'pr-%s' % pull_request.pull_request_id
1269 workspace_id = 'pr-%s' % pull_request.pull_request_id
1270 return workspace_id
1270 return workspace_id
1271
1271
1272 def merge_status_message(self, status_code):
1272 def merge_status_message(self, status_code):
1273 """
1273 """
1274 Return a human friendly error message for the given merge status code.
1274 Return a human friendly error message for the given merge status code.
1275 """
1275 """
1276 return self.MERGE_STATUS_MESSAGES[status_code]
1276 return self.MERGE_STATUS_MESSAGES[status_code]
1277
1277
1278 def generate_repo_data(self, repo, commit_id=None, branch=None,
1278 def generate_repo_data(self, repo, commit_id=None, branch=None,
1279 bookmark=None):
1279 bookmark=None):
1280 all_refs, selected_ref = \
1280 all_refs, selected_ref = \
1281 self._get_repo_pullrequest_sources(
1281 self._get_repo_pullrequest_sources(
1282 repo.scm_instance(), commit_id=commit_id,
1282 repo.scm_instance(), commit_id=commit_id,
1283 branch=branch, bookmark=bookmark)
1283 branch=branch, bookmark=bookmark)
1284
1284
1285 refs_select2 = []
1285 refs_select2 = []
1286 for element in all_refs:
1286 for element in all_refs:
1287 children = [{'id': x[0], 'text': x[1]} for x in element[0]]
1287 children = [{'id': x[0], 'text': x[1]} for x in element[0]]
1288 refs_select2.append({'text': element[1], 'children': children})
1288 refs_select2.append({'text': element[1], 'children': children})
1289
1289
1290 return {
1290 return {
1291 'user': {
1291 'user': {
1292 'user_id': repo.user.user_id,
1292 'user_id': repo.user.user_id,
1293 'username': repo.user.username,
1293 'username': repo.user.username,
1294 'firstname': repo.user.firstname,
1294 'firstname': repo.user.first_name,
1295 'lastname': repo.user.lastname,
1295 'lastname': repo.user.last_name,
1296 'gravatar_link': h.gravatar_url(repo.user.email, 14),
1296 'gravatar_link': h.gravatar_url(repo.user.email, 14),
1297 },
1297 },
1298 'description': h.chop_at_smart(repo.description, '\n'),
1298 'description': h.chop_at_smart(repo.description, '\n'),
1299 'refs': {
1299 'refs': {
1300 'all_refs': all_refs,
1300 'all_refs': all_refs,
1301 'selected_ref': selected_ref,
1301 'selected_ref': selected_ref,
1302 'select2_refs': refs_select2
1302 'select2_refs': refs_select2
1303 }
1303 }
1304 }
1304 }
1305
1305
1306 def generate_pullrequest_title(self, source, source_ref, target):
1306 def generate_pullrequest_title(self, source, source_ref, target):
1307 return u'{source}#{at_ref} to {target}'.format(
1307 return u'{source}#{at_ref} to {target}'.format(
1308 source=source,
1308 source=source,
1309 at_ref=source_ref,
1309 at_ref=source_ref,
1310 target=target,
1310 target=target,
1311 )
1311 )
1312
1312
1313 def _cleanup_merge_workspace(self, pull_request):
1313 def _cleanup_merge_workspace(self, pull_request):
1314 # Merging related cleanup
1314 # Merging related cleanup
1315 target_scm = pull_request.target_repo.scm_instance()
1315 target_scm = pull_request.target_repo.scm_instance()
1316 workspace_id = 'pr-%s' % pull_request.pull_request_id
1316 workspace_id = 'pr-%s' % pull_request.pull_request_id
1317
1317
1318 try:
1318 try:
1319 target_scm.cleanup_merge_workspace(workspace_id)
1319 target_scm.cleanup_merge_workspace(workspace_id)
1320 except NotImplementedError:
1320 except NotImplementedError:
1321 pass
1321 pass
1322
1322
1323 def _get_repo_pullrequest_sources(
1323 def _get_repo_pullrequest_sources(
1324 self, repo, commit_id=None, branch=None, bookmark=None):
1324 self, repo, commit_id=None, branch=None, bookmark=None):
1325 """
1325 """
1326 Return a structure with repo's interesting commits, suitable for
1326 Return a structure with repo's interesting commits, suitable for
1327 the selectors in pullrequest controller
1327 the selectors in pullrequest controller
1328
1328
1329 :param commit_id: a commit that must be in the list somehow
1329 :param commit_id: a commit that must be in the list somehow
1330 and selected by default
1330 and selected by default
1331 :param branch: a branch that must be in the list and selected
1331 :param branch: a branch that must be in the list and selected
1332 by default - even if closed
1332 by default - even if closed
1333 :param bookmark: a bookmark that must be in the list and selected
1333 :param bookmark: a bookmark that must be in the list and selected
1334 """
1334 """
1335
1335
1336 commit_id = safe_str(commit_id) if commit_id else None
1336 commit_id = safe_str(commit_id) if commit_id else None
1337 branch = safe_str(branch) if branch else None
1337 branch = safe_str(branch) if branch else None
1338 bookmark = safe_str(bookmark) if bookmark else None
1338 bookmark = safe_str(bookmark) if bookmark else None
1339
1339
1340 selected = None
1340 selected = None
1341
1341
1342 # order matters: first source that has commit_id in it will be selected
1342 # order matters: first source that has commit_id in it will be selected
1343 sources = []
1343 sources = []
1344 sources.append(('book', repo.bookmarks.items(), _('Bookmarks'), bookmark))
1344 sources.append(('book', repo.bookmarks.items(), _('Bookmarks'), bookmark))
1345 sources.append(('branch', repo.branches.items(), _('Branches'), branch))
1345 sources.append(('branch', repo.branches.items(), _('Branches'), branch))
1346
1346
1347 if commit_id:
1347 if commit_id:
1348 ref_commit = (h.short_id(commit_id), commit_id)
1348 ref_commit = (h.short_id(commit_id), commit_id)
1349 sources.append(('rev', [ref_commit], _('Commit IDs'), commit_id))
1349 sources.append(('rev', [ref_commit], _('Commit IDs'), commit_id))
1350
1350
1351 sources.append(
1351 sources.append(
1352 ('branch', repo.branches_closed.items(), _('Closed Branches'), branch),
1352 ('branch', repo.branches_closed.items(), _('Closed Branches'), branch),
1353 )
1353 )
1354
1354
1355 groups = []
1355 groups = []
1356 for group_key, ref_list, group_name, match in sources:
1356 for group_key, ref_list, group_name, match in sources:
1357 group_refs = []
1357 group_refs = []
1358 for ref_name, ref_id in ref_list:
1358 for ref_name, ref_id in ref_list:
1359 ref_key = '%s:%s:%s' % (group_key, ref_name, ref_id)
1359 ref_key = '%s:%s:%s' % (group_key, ref_name, ref_id)
1360 group_refs.append((ref_key, ref_name))
1360 group_refs.append((ref_key, ref_name))
1361
1361
1362 if not selected:
1362 if not selected:
1363 if set([commit_id, match]) & set([ref_id, ref_name]):
1363 if set([commit_id, match]) & set([ref_id, ref_name]):
1364 selected = ref_key
1364 selected = ref_key
1365
1365
1366 if group_refs:
1366 if group_refs:
1367 groups.append((group_refs, group_name))
1367 groups.append((group_refs, group_name))
1368
1368
1369 if not selected:
1369 if not selected:
1370 ref = commit_id or branch or bookmark
1370 ref = commit_id or branch or bookmark
1371 if ref:
1371 if ref:
1372 raise CommitDoesNotExistError(
1372 raise CommitDoesNotExistError(
1373 'No commit refs could be found matching: %s' % ref)
1373 'No commit refs could be found matching: %s' % ref)
1374 elif repo.DEFAULT_BRANCH_NAME in repo.branches:
1374 elif repo.DEFAULT_BRANCH_NAME in repo.branches:
1375 selected = 'branch:%s:%s' % (
1375 selected = 'branch:%s:%s' % (
1376 repo.DEFAULT_BRANCH_NAME,
1376 repo.DEFAULT_BRANCH_NAME,
1377 repo.branches[repo.DEFAULT_BRANCH_NAME]
1377 repo.branches[repo.DEFAULT_BRANCH_NAME]
1378 )
1378 )
1379 elif repo.commit_ids:
1379 elif repo.commit_ids:
1380 rev = repo.commit_ids[0]
1380 rev = repo.commit_ids[0]
1381 selected = 'rev:%s:%s' % (rev, rev)
1381 selected = 'rev:%s:%s' % (rev, rev)
1382 else:
1382 else:
1383 raise EmptyRepositoryError()
1383 raise EmptyRepositoryError()
1384 return groups, selected
1384 return groups, selected
1385
1385
1386 def get_diff(self, source_repo, source_ref_id, target_ref_id, context=DIFF_CONTEXT):
1386 def get_diff(self, source_repo, source_ref_id, target_ref_id, context=DIFF_CONTEXT):
1387 return self._get_diff_from_pr_or_version(
1387 return self._get_diff_from_pr_or_version(
1388 source_repo, source_ref_id, target_ref_id, context=context)
1388 source_repo, source_ref_id, target_ref_id, context=context)
1389
1389
1390 def _get_diff_from_pr_or_version(
1390 def _get_diff_from_pr_or_version(
1391 self, source_repo, source_ref_id, target_ref_id, context):
1391 self, source_repo, source_ref_id, target_ref_id, context):
1392 target_commit = source_repo.get_commit(
1392 target_commit = source_repo.get_commit(
1393 commit_id=safe_str(target_ref_id))
1393 commit_id=safe_str(target_ref_id))
1394 source_commit = source_repo.get_commit(
1394 source_commit = source_repo.get_commit(
1395 commit_id=safe_str(source_ref_id))
1395 commit_id=safe_str(source_ref_id))
1396 if isinstance(source_repo, Repository):
1396 if isinstance(source_repo, Repository):
1397 vcs_repo = source_repo.scm_instance()
1397 vcs_repo = source_repo.scm_instance()
1398 else:
1398 else:
1399 vcs_repo = source_repo
1399 vcs_repo = source_repo
1400
1400
1401 # TODO: johbo: In the context of an update, we cannot reach
1401 # TODO: johbo: In the context of an update, we cannot reach
1402 # the old commit anymore with our normal mechanisms. It needs
1402 # the old commit anymore with our normal mechanisms. It needs
1403 # some sort of special support in the vcs layer to avoid this
1403 # some sort of special support in the vcs layer to avoid this
1404 # workaround.
1404 # workaround.
1405 if (source_commit.raw_id == vcs_repo.EMPTY_COMMIT_ID and
1405 if (source_commit.raw_id == vcs_repo.EMPTY_COMMIT_ID and
1406 vcs_repo.alias == 'git'):
1406 vcs_repo.alias == 'git'):
1407 source_commit.raw_id = safe_str(source_ref_id)
1407 source_commit.raw_id = safe_str(source_ref_id)
1408
1408
1409 log.debug('calculating diff between '
1409 log.debug('calculating diff between '
1410 'source_ref:%s and target_ref:%s for repo `%s`',
1410 'source_ref:%s and target_ref:%s for repo `%s`',
1411 target_ref_id, source_ref_id,
1411 target_ref_id, source_ref_id,
1412 safe_unicode(vcs_repo.path))
1412 safe_unicode(vcs_repo.path))
1413
1413
1414 vcs_diff = vcs_repo.get_diff(
1414 vcs_diff = vcs_repo.get_diff(
1415 commit1=target_commit, commit2=source_commit, context=context)
1415 commit1=target_commit, commit2=source_commit, context=context)
1416 return vcs_diff
1416 return vcs_diff
1417
1417
1418 def _is_merge_enabled(self, pull_request):
1418 def _is_merge_enabled(self, pull_request):
1419 settings_model = VcsSettingsModel(repo=pull_request.target_repo)
1419 settings_model = VcsSettingsModel(repo=pull_request.target_repo)
1420 settings = settings_model.get_general_settings()
1420 settings = settings_model.get_general_settings()
1421 return settings.get('rhodecode_pr_merge_enabled', False)
1421 return settings.get('rhodecode_pr_merge_enabled', False)
1422
1422
1423 def _use_rebase_for_merging(self, pull_request):
1423 def _use_rebase_for_merging(self, pull_request):
1424 settings_model = VcsSettingsModel(repo=pull_request.target_repo)
1424 settings_model = VcsSettingsModel(repo=pull_request.target_repo)
1425 settings = settings_model.get_general_settings()
1425 settings = settings_model.get_general_settings()
1426 return settings.get('rhodecode_hg_use_rebase_for_merging', False)
1426 return settings.get('rhodecode_hg_use_rebase_for_merging', False)
1427
1427
1428 def _log_audit_action(self, action, action_data, user, pull_request):
1428 def _log_audit_action(self, action, action_data, user, pull_request):
1429 audit_logger.store(
1429 audit_logger.store(
1430 action=action,
1430 action=action,
1431 action_data=action_data,
1431 action_data=action_data,
1432 user=user,
1432 user=user,
1433 repo=pull_request.target_repo)
1433 repo=pull_request.target_repo)
1434
1434
1435 def get_reviewer_functions(self):
1435 def get_reviewer_functions(self):
1436 """
1436 """
1437 Fetches functions for validation and fetching default reviewers.
1437 Fetches functions for validation and fetching default reviewers.
1438 If available we use the EE package, else we fallback to CE
1438 If available we use the EE package, else we fallback to CE
1439 package functions
1439 package functions
1440 """
1440 """
1441 try:
1441 try:
1442 from rc_reviewers.utils import get_default_reviewers_data
1442 from rc_reviewers.utils import get_default_reviewers_data
1443 from rc_reviewers.utils import validate_default_reviewers
1443 from rc_reviewers.utils import validate_default_reviewers
1444 except ImportError:
1444 except ImportError:
1445 from rhodecode.apps.repository.utils import \
1445 from rhodecode.apps.repository.utils import \
1446 get_default_reviewers_data
1446 get_default_reviewers_data
1447 from rhodecode.apps.repository.utils import \
1447 from rhodecode.apps.repository.utils import \
1448 validate_default_reviewers
1448 validate_default_reviewers
1449
1449
1450 return get_default_reviewers_data, validate_default_reviewers
1450 return get_default_reviewers_data, validate_default_reviewers
1451
1451
1452
1452
1453 class MergeCheck(object):
1453 class MergeCheck(object):
1454 """
1454 """
1455 Perform Merge Checks and returns a check object which stores information
1455 Perform Merge Checks and returns a check object which stores information
1456 about merge errors, and merge conditions
1456 about merge errors, and merge conditions
1457 """
1457 """
1458 TODO_CHECK = 'todo'
1458 TODO_CHECK = 'todo'
1459 PERM_CHECK = 'perm'
1459 PERM_CHECK = 'perm'
1460 REVIEW_CHECK = 'review'
1460 REVIEW_CHECK = 'review'
1461 MERGE_CHECK = 'merge'
1461 MERGE_CHECK = 'merge'
1462
1462
1463 def __init__(self):
1463 def __init__(self):
1464 self.review_status = None
1464 self.review_status = None
1465 self.merge_possible = None
1465 self.merge_possible = None
1466 self.merge_msg = ''
1466 self.merge_msg = ''
1467 self.failed = None
1467 self.failed = None
1468 self.errors = []
1468 self.errors = []
1469 self.error_details = OrderedDict()
1469 self.error_details = OrderedDict()
1470
1470
1471 def push_error(self, error_type, message, error_key, details):
1471 def push_error(self, error_type, message, error_key, details):
1472 self.failed = True
1472 self.failed = True
1473 self.errors.append([error_type, message])
1473 self.errors.append([error_type, message])
1474 self.error_details[error_key] = dict(
1474 self.error_details[error_key] = dict(
1475 details=details,
1475 details=details,
1476 error_type=error_type,
1476 error_type=error_type,
1477 message=message
1477 message=message
1478 )
1478 )
1479
1479
1480 @classmethod
1480 @classmethod
1481 def validate(cls, pull_request, user, fail_early=False, translator=None):
1481 def validate(cls, pull_request, user, fail_early=False, translator=None):
1482 # if migrated to pyramid...
1482 # if migrated to pyramid...
1483 # _ = lambda: translator or _ # use passed in translator if any
1483 # _ = lambda: translator or _ # use passed in translator if any
1484
1484
1485 merge_check = cls()
1485 merge_check = cls()
1486
1486
1487 # permissions to merge
1487 # permissions to merge
1488 user_allowed_to_merge = PullRequestModel().check_user_merge(
1488 user_allowed_to_merge = PullRequestModel().check_user_merge(
1489 pull_request, user)
1489 pull_request, user)
1490 if not user_allowed_to_merge:
1490 if not user_allowed_to_merge:
1491 log.debug("MergeCheck: cannot merge, approval is pending.")
1491 log.debug("MergeCheck: cannot merge, approval is pending.")
1492
1492
1493 msg = _('User `{}` not allowed to perform merge.').format(user.username)
1493 msg = _('User `{}` not allowed to perform merge.').format(user.username)
1494 merge_check.push_error('error', msg, cls.PERM_CHECK, user.username)
1494 merge_check.push_error('error', msg, cls.PERM_CHECK, user.username)
1495 if fail_early:
1495 if fail_early:
1496 return merge_check
1496 return merge_check
1497
1497
1498 # review status, must be always present
1498 # review status, must be always present
1499 review_status = pull_request.calculated_review_status()
1499 review_status = pull_request.calculated_review_status()
1500 merge_check.review_status = review_status
1500 merge_check.review_status = review_status
1501
1501
1502 status_approved = review_status == ChangesetStatus.STATUS_APPROVED
1502 status_approved = review_status == ChangesetStatus.STATUS_APPROVED
1503 if not status_approved:
1503 if not status_approved:
1504 log.debug("MergeCheck: cannot merge, approval is pending.")
1504 log.debug("MergeCheck: cannot merge, approval is pending.")
1505
1505
1506 msg = _('Pull request reviewer approval is pending.')
1506 msg = _('Pull request reviewer approval is pending.')
1507
1507
1508 merge_check.push_error(
1508 merge_check.push_error(
1509 'warning', msg, cls.REVIEW_CHECK, review_status)
1509 'warning', msg, cls.REVIEW_CHECK, review_status)
1510
1510
1511 if fail_early:
1511 if fail_early:
1512 return merge_check
1512 return merge_check
1513
1513
1514 # left over TODOs
1514 # left over TODOs
1515 todos = CommentsModel().get_unresolved_todos(pull_request)
1515 todos = CommentsModel().get_unresolved_todos(pull_request)
1516 if todos:
1516 if todos:
1517 log.debug("MergeCheck: cannot merge, {} "
1517 log.debug("MergeCheck: cannot merge, {} "
1518 "unresolved todos left.".format(len(todos)))
1518 "unresolved todos left.".format(len(todos)))
1519
1519
1520 if len(todos) == 1:
1520 if len(todos) == 1:
1521 msg = _('Cannot merge, {} TODO still not resolved.').format(
1521 msg = _('Cannot merge, {} TODO still not resolved.').format(
1522 len(todos))
1522 len(todos))
1523 else:
1523 else:
1524 msg = _('Cannot merge, {} TODOs still not resolved.').format(
1524 msg = _('Cannot merge, {} TODOs still not resolved.').format(
1525 len(todos))
1525 len(todos))
1526
1526
1527 merge_check.push_error('warning', msg, cls.TODO_CHECK, todos)
1527 merge_check.push_error('warning', msg, cls.TODO_CHECK, todos)
1528
1528
1529 if fail_early:
1529 if fail_early:
1530 return merge_check
1530 return merge_check
1531
1531
1532 # merge possible
1532 # merge possible
1533 merge_status, msg = PullRequestModel().merge_status(pull_request)
1533 merge_status, msg = PullRequestModel().merge_status(pull_request)
1534 merge_check.merge_possible = merge_status
1534 merge_check.merge_possible = merge_status
1535 merge_check.merge_msg = msg
1535 merge_check.merge_msg = msg
1536 if not merge_status:
1536 if not merge_status:
1537 log.debug(
1537 log.debug(
1538 "MergeCheck: cannot merge, pull request merge not possible.")
1538 "MergeCheck: cannot merge, pull request merge not possible.")
1539 merge_check.push_error('warning', msg, cls.MERGE_CHECK, None)
1539 merge_check.push_error('warning', msg, cls.MERGE_CHECK, None)
1540
1540
1541 if fail_early:
1541 if fail_early:
1542 return merge_check
1542 return merge_check
1543
1543
1544 return merge_check
1544 return merge_check
1545
1545
1546
1546
1547 ChangeTuple = namedtuple('ChangeTuple',
1547 ChangeTuple = namedtuple('ChangeTuple',
1548 ['added', 'common', 'removed', 'total'])
1548 ['added', 'common', 'removed', 'total'])
1549
1549
1550 FileChangeTuple = namedtuple('FileChangeTuple',
1550 FileChangeTuple = namedtuple('FileChangeTuple',
1551 ['added', 'modified', 'removed'])
1551 ['added', 'modified', 'removed'])
Show file before | Show file after | Hide comments
@@ -1,902 +1,907 b''
1 # -*- coding: utf-8 -*-
1 # -*- coding: utf-8 -*-
2
2
3 # Copyright (C) 2010-2017 RhodeCode GmbH
3 # Copyright (C) 2010-2017 RhodeCode GmbH
4 #
4 #
5 # This program is free software: you can redistribute it and/or modify
5 # This program is free software: you can redistribute it and/or modify
6 # it under the terms of the GNU Affero General Public License, version 3
6 # it under the terms of the GNU Affero General Public License, version 3
7 # (only), as published by the Free Software Foundation.
7 # (only), as published by the Free Software Foundation.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU Affero General Public License
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 #
16 #
17 # This program is dual-licensed. If you wish to learn more about the
17 # This program is dual-licensed. If you wish to learn more about the
18 # RhodeCode Enterprise Edition, including its added features, Support services,
18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20
20
21 """
21 """
22 users model for RhodeCode
22 users model for RhodeCode
23 """
23 """
24
24
25 import logging
25 import logging
26 import traceback
26 import traceback
27
27
28 import datetime
28 import datetime
29 from pylons.i18n.translation import _
29 from pylons.i18n.translation import _
30
30
31 import ipaddress
31 import ipaddress
32 from sqlalchemy.exc import DatabaseError
32 from sqlalchemy.exc import DatabaseError
33
33
34 from rhodecode import events
34 from rhodecode import events
35 from rhodecode.lib.user_log_filter import user_log_filter
35 from rhodecode.lib.user_log_filter import user_log_filter
36 from rhodecode.lib.utils2 import (
36 from rhodecode.lib.utils2 import (
37 safe_unicode, get_current_rhodecode_user, action_logger_generic,
37 safe_unicode, get_current_rhodecode_user, action_logger_generic,
38 AttributeDict, str2bool)
38 AttributeDict, str2bool)
39 from rhodecode.lib.exceptions import (
39 from rhodecode.lib.exceptions import (
40 DefaultUserException, UserOwnsReposException, UserOwnsRepoGroupsException,
40 DefaultUserException, UserOwnsReposException, UserOwnsRepoGroupsException,
41 UserOwnsUserGroupsException, NotAllowedToCreateUserError)
41 UserOwnsUserGroupsException, NotAllowedToCreateUserError)
42 from rhodecode.lib.caching_query import FromCache
42 from rhodecode.lib.caching_query import FromCache
43 from rhodecode.model import BaseModel
43 from rhodecode.model import BaseModel
44 from rhodecode.model.auth_token import AuthTokenModel
44 from rhodecode.model.auth_token import AuthTokenModel
45 from rhodecode.model.db import (
45 from rhodecode.model.db import (
46 _hash_key, true, false, or_, joinedload, User, UserToPerm,
46 _hash_key, true, false, or_, joinedload, User, UserToPerm,
47 UserEmailMap, UserIpMap, UserLog)
47 UserEmailMap, UserIpMap, UserLog)
48 from rhodecode.model.meta import Session
48 from rhodecode.model.meta import Session
49 from rhodecode.model.repo_group import RepoGroupModel
49 from rhodecode.model.repo_group import RepoGroupModel
50
50
51
51
52 log = logging.getLogger(__name__)
52 log = logging.getLogger(__name__)
53
53
54
54
55 class UserModel(BaseModel):
55 class UserModel(BaseModel):
56 cls = User
56 cls = User
57
57
58 def get(self, user_id, cache=False):
58 def get(self, user_id, cache=False):
59 user = self.sa.query(User)
59 user = self.sa.query(User)
60 if cache:
60 if cache:
61 user = user.options(
61 user = user.options(
62 FromCache("sql_cache_short", "get_user_%s" % user_id))
62 FromCache("sql_cache_short", "get_user_%s" % user_id))
63 return user.get(user_id)
63 return user.get(user_id)
64
64
65 def get_user(self, user):
65 def get_user(self, user):
66 return self._get_user(user)
66 return self._get_user(user)
67
67
68 def _serialize_user(self, user):
68 def _serialize_user(self, user):
69 import rhodecode.lib.helpers as h
69 import rhodecode.lib.helpers as h
70
70
71 return {
71 return {
72 'id': user.user_id,
72 'id': user.user_id,
73 'first_name': h.escape(user.name),
73 'first_name': user.first_name,
74 'last_name': h.escape(user.lastname),
74 'last_name': user.last_name,
75 'username': user.username,
75 'username': user.username,
76 'email': user.email,
76 'email': user.email,
77 'icon_link': h.gravatar_url(user.email, 30),
77 'icon_link': h.gravatar_url(user.email, 30),
78 'value_display': h.escape(h.person(user)),
78 'value_display': h.escape(h.person(user)),
79 'value': user.username,
79 'value': user.username,
80 'value_type': 'user',
80 'value_type': 'user',
81 'active': user.active,
81 'active': user.active,
82 }
82 }
83
83
84 def get_users(self, name_contains=None, limit=20, only_active=True):
84 def get_users(self, name_contains=None, limit=20, only_active=True):
85
85
86 query = self.sa.query(User)
86 query = self.sa.query(User)
87 if only_active:
87 if only_active:
88 query = query.filter(User.active == true())
88 query = query.filter(User.active == true())
89
89
90 if name_contains:
90 if name_contains:
91 ilike_expression = u'%{}%'.format(safe_unicode(name_contains))
91 ilike_expression = u'%{}%'.format(safe_unicode(name_contains))
92 query = query.filter(
92 query = query.filter(
93 or_(
93 or_(
94 User.name.ilike(ilike_expression),
94 User.name.ilike(ilike_expression),
95 User.lastname.ilike(ilike_expression),
95 User.lastname.ilike(ilike_expression),
96 User.username.ilike(ilike_expression)
96 User.username.ilike(ilike_expression)
97 )
97 )
98 )
98 )
99 query = query.limit(limit)
99 query = query.limit(limit)
100 users = query.all()
100 users = query.all()
101
101
102 _users = [
102 _users = [
103 self._serialize_user(user) for user in users
103 self._serialize_user(user) for user in users
104 ]
104 ]
105 return _users
105 return _users
106
106
107 def get_by_username(self, username, cache=False, case_insensitive=False):
107 def get_by_username(self, username, cache=False, case_insensitive=False):
108
108
109 if case_insensitive:
109 if case_insensitive:
110 user = self.sa.query(User).filter(User.username.ilike(username))
110 user = self.sa.query(User).filter(User.username.ilike(username))
111 else:
111 else:
112 user = self.sa.query(User)\
112 user = self.sa.query(User)\
113 .filter(User.username == username)
113 .filter(User.username == username)
114 if cache:
114 if cache:
115 name_key = _hash_key(username)
115 name_key = _hash_key(username)
116 user = user.options(
116 user = user.options(
117 FromCache("sql_cache_short", "get_user_%s" % name_key))
117 FromCache("sql_cache_short", "get_user_%s" % name_key))
118 return user.scalar()
118 return user.scalar()
119
119
120 def get_by_email(self, email, cache=False, case_insensitive=False):
120 def get_by_email(self, email, cache=False, case_insensitive=False):
121 return User.get_by_email(email, case_insensitive, cache)
121 return User.get_by_email(email, case_insensitive, cache)
122
122
123 def get_by_auth_token(self, auth_token, cache=False):
123 def get_by_auth_token(self, auth_token, cache=False):
124 return User.get_by_auth_token(auth_token, cache)
124 return User.get_by_auth_token(auth_token, cache)
125
125
126 def get_active_user_count(self, cache=False):
126 def get_active_user_count(self, cache=False):
127 return User.query().filter(
127 return User.query().filter(
128 User.active == True).filter(
128 User.active == True).filter(
129 User.username != User.DEFAULT_USER).count()
129 User.username != User.DEFAULT_USER).count()
130
130
131 def create(self, form_data, cur_user=None):
131 def create(self, form_data, cur_user=None):
132 if not cur_user:
132 if not cur_user:
133 cur_user = getattr(get_current_rhodecode_user(), 'username', None)
133 cur_user = getattr(get_current_rhodecode_user(), 'username', None)
134
134
135 user_data = {
135 user_data = {
136 'username': form_data['username'],
136 'username': form_data['username'],
137 'password': form_data['password'],
137 'password': form_data['password'],
138 'email': form_data['email'],
138 'email': form_data['email'],
139 'firstname': form_data['firstname'],
139 'firstname': form_data['firstname'],
140 'lastname': form_data['lastname'],
140 'lastname': form_data['lastname'],
141 'active': form_data['active'],
141 'active': form_data['active'],
142 'extern_type': form_data['extern_type'],
142 'extern_type': form_data['extern_type'],
143 'extern_name': form_data['extern_name'],
143 'extern_name': form_data['extern_name'],
144 'admin': False,
144 'admin': False,
145 'cur_user': cur_user
145 'cur_user': cur_user
146 }
146 }
147
147
148 if 'create_repo_group' in form_data:
148 if 'create_repo_group' in form_data:
149 user_data['create_repo_group'] = str2bool(
149 user_data['create_repo_group'] = str2bool(
150 form_data.get('create_repo_group'))
150 form_data.get('create_repo_group'))
151
151
152 try:
152 try:
153 if form_data.get('password_change'):
153 if form_data.get('password_change'):
154 user_data['force_password_change'] = True
154 user_data['force_password_change'] = True
155 return UserModel().create_or_update(**user_data)
155 return UserModel().create_or_update(**user_data)
156 except Exception:
156 except Exception:
157 log.error(traceback.format_exc())
157 log.error(traceback.format_exc())
158 raise
158 raise
159
159
160 def update_user(self, user, skip_attrs=None, **kwargs):
160 def update_user(self, user, skip_attrs=None, **kwargs):
161 from rhodecode.lib.auth import get_crypt_password
161 from rhodecode.lib.auth import get_crypt_password
162
162
163 user = self._get_user(user)
163 user = self._get_user(user)
164 if user.username == User.DEFAULT_USER:
164 if user.username == User.DEFAULT_USER:
165 raise DefaultUserException(
165 raise DefaultUserException(
166 _("You can't Edit this user since it's"
166 _("You can't Edit this user since it's"
167 " crucial for entire application"))
167 " crucial for entire application"))
168
168
169 # first store only defaults
169 # first store only defaults
170 user_attrs = {
170 user_attrs = {
171 'updating_user_id': user.user_id,
171 'updating_user_id': user.user_id,
172 'username': user.username,
172 'username': user.username,
173 'password': user.password,
173 'password': user.password,
174 'email': user.email,
174 'email': user.email,
175 'firstname': user.name,
175 'firstname': user.name,
176 'lastname': user.lastname,
176 'lastname': user.lastname,
177 'active': user.active,
177 'active': user.active,
178 'admin': user.admin,
178 'admin': user.admin,
179 'extern_name': user.extern_name,
179 'extern_name': user.extern_name,
180 'extern_type': user.extern_type,
180 'extern_type': user.extern_type,
181 'language': user.user_data.get('language')
181 'language': user.user_data.get('language')
182 }
182 }
183
183
184 # in case there's new_password, that comes from form, use it to
184 # in case there's new_password, that comes from form, use it to
185 # store password
185 # store password
186 if kwargs.get('new_password'):
186 if kwargs.get('new_password'):
187 kwargs['password'] = kwargs['new_password']
187 kwargs['password'] = kwargs['new_password']
188
188
189 # cleanups, my_account password change form
189 # cleanups, my_account password change form
190 kwargs.pop('current_password', None)
190 kwargs.pop('current_password', None)
191 kwargs.pop('new_password', None)
191 kwargs.pop('new_password', None)
192
192
193 # cleanups, user edit password change form
193 # cleanups, user edit password change form
194 kwargs.pop('password_confirmation', None)
194 kwargs.pop('password_confirmation', None)
195 kwargs.pop('password_change', None)
195 kwargs.pop('password_change', None)
196
196
197 # create repo group on user creation
197 # create repo group on user creation
198 kwargs.pop('create_repo_group', None)
198 kwargs.pop('create_repo_group', None)
199
199
200 # legacy forms send name, which is the firstname
200 # legacy forms send name, which is the firstname
201 firstname = kwargs.pop('name', None)
201 firstname = kwargs.pop('name', None)
202 if firstname:
202 if firstname:
203 kwargs['firstname'] = firstname
203 kwargs['firstname'] = firstname
204
204
205 for k, v in kwargs.items():
205 for k, v in kwargs.items():
206 # skip if we don't want to update this
206 # skip if we don't want to update this
207 if skip_attrs and k in skip_attrs:
207 if skip_attrs and k in skip_attrs:
208 continue
208 continue
209
209
210 user_attrs[k] = v
210 user_attrs[k] = v
211
211
212 try:
212 try:
213 return self.create_or_update(**user_attrs)
213 return self.create_or_update(**user_attrs)
214 except Exception:
214 except Exception:
215 log.error(traceback.format_exc())
215 log.error(traceback.format_exc())
216 raise
216 raise
217
217
218 def create_or_update(
218 def create_or_update(
219 self, username, password, email, firstname='', lastname='',
219 self, username, password, email, firstname='', lastname='',
220 active=True, admin=False, extern_type=None, extern_name=None,
220 active=True, admin=False, extern_type=None, extern_name=None,
221 cur_user=None, plugin=None, force_password_change=False,
221 cur_user=None, plugin=None, force_password_change=False,
222 allow_to_create_user=True, create_repo_group=None,
222 allow_to_create_user=True, create_repo_group=None,
223 updating_user_id=None, language=None, strict_creation_check=True):
223 updating_user_id=None, language=None, strict_creation_check=True):
224 """
224 """
225 Creates a new instance if not found, or updates current one
225 Creates a new instance if not found, or updates current one
226
226
227 :param username:
227 :param username:
228 :param password:
228 :param password:
229 :param email:
229 :param email:
230 :param firstname:
230 :param firstname:
231 :param lastname:
231 :param lastname:
232 :param active:
232 :param active:
233 :param admin:
233 :param admin:
234 :param extern_type:
234 :param extern_type:
235 :param extern_name:
235 :param extern_name:
236 :param cur_user:
236 :param cur_user:
237 :param plugin: optional plugin this method was called from
237 :param plugin: optional plugin this method was called from
238 :param force_password_change: toggles new or existing user flag
238 :param force_password_change: toggles new or existing user flag
239 for password change
239 for password change
240 :param allow_to_create_user: Defines if the method can actually create
240 :param allow_to_create_user: Defines if the method can actually create
241 new users
241 new users
242 :param create_repo_group: Defines if the method should also
242 :param create_repo_group: Defines if the method should also
243 create an repo group with user name, and owner
243 create an repo group with user name, and owner
244 :param updating_user_id: if we set it up this is the user we want to
244 :param updating_user_id: if we set it up this is the user we want to
245 update this allows to editing username.
245 update this allows to editing username.
246 :param language: language of user from interface.
246 :param language: language of user from interface.
247
247
248 :returns: new User object with injected `is_new_user` attribute.
248 :returns: new User object with injected `is_new_user` attribute.
249 """
249 """
250 if not cur_user:
250 if not cur_user:
251 cur_user = getattr(get_current_rhodecode_user(), 'username', None)
251 cur_user = getattr(get_current_rhodecode_user(), 'username', None)
252
252
253 from rhodecode.lib.auth import (
253 from rhodecode.lib.auth import (
254 get_crypt_password, check_password, generate_auth_token)
254 get_crypt_password, check_password, generate_auth_token)
255 from rhodecode.lib.hooks_base import (
255 from rhodecode.lib.hooks_base import (
256 log_create_user, check_allowed_create_user)
256 log_create_user, check_allowed_create_user)
257
257
258 def _password_change(new_user, password):
258 def _password_change(new_user, password):
259 # empty password
259 # empty password
260 if not new_user.password:
260 if not new_user.password:
261 return False
261 return False
262
262
263 # password check is only needed for RhodeCode internal auth calls
263 # password check is only needed for RhodeCode internal auth calls
264 # in case it's a plugin we don't care
264 # in case it's a plugin we don't care
265 if not plugin:
265 if not plugin:
266
266
267 # first check if we gave crypted password back, and if it
267 # first check if we gave crypted password back, and if it
268 # matches it's not password change
268 # matches it's not password change
269 if new_user.password == password:
269 if new_user.password == password:
270 return False
270 return False
271
271
272 password_match = check_password(password, new_user.password)
272 password_match = check_password(password, new_user.password)
273 if not password_match:
273 if not password_match:
274 return True
274 return True
275
275
276 return False
276 return False
277
277
278 # read settings on default personal repo group creation
278 # read settings on default personal repo group creation
279 if create_repo_group is None:
279 if create_repo_group is None:
280 default_create_repo_group = RepoGroupModel()\
280 default_create_repo_group = RepoGroupModel()\
281 .get_default_create_personal_repo_group()
281 .get_default_create_personal_repo_group()
282 create_repo_group = default_create_repo_group
282 create_repo_group = default_create_repo_group
283
283
284 user_data = {
284 user_data = {
285 'username': username,
285 'username': username,
286 'password': password,
286 'password': password,
287 'email': email,
287 'email': email,
288 'firstname': firstname,
288 'firstname': firstname,
289 'lastname': lastname,
289 'lastname': lastname,
290 'active': active,
290 'active': active,
291 'admin': admin
291 'admin': admin
292 }
292 }
293
293
294 if updating_user_id:
294 if updating_user_id:
295 log.debug('Checking for existing account in RhodeCode '
295 log.debug('Checking for existing account in RhodeCode '
296 'database with user_id `%s` ' % (updating_user_id,))
296 'database with user_id `%s` ' % (updating_user_id,))
297 user = User.get(updating_user_id)
297 user = User.get(updating_user_id)
298 else:
298 else:
299 log.debug('Checking for existing account in RhodeCode '
299 log.debug('Checking for existing account in RhodeCode '
300 'database with username `%s` ' % (username,))
300 'database with username `%s` ' % (username,))
301 user = User.get_by_username(username, case_insensitive=True)
301 user = User.get_by_username(username, case_insensitive=True)
302
302
303 if user is None:
303 if user is None:
304 # we check internal flag if this method is actually allowed to
304 # we check internal flag if this method is actually allowed to
305 # create new user
305 # create new user
306 if not allow_to_create_user:
306 if not allow_to_create_user:
307 msg = ('Method wants to create new user, but it is not '
307 msg = ('Method wants to create new user, but it is not '
308 'allowed to do so')
308 'allowed to do so')
309 log.warning(msg)
309 log.warning(msg)
310 raise NotAllowedToCreateUserError(msg)
310 raise NotAllowedToCreateUserError(msg)
311
311
312 log.debug('Creating new user %s', username)
312 log.debug('Creating new user %s', username)
313
313
314 # only if we create user that is active
314 # only if we create user that is active
315 new_active_user = active
315 new_active_user = active
316 if new_active_user and strict_creation_check:
316 if new_active_user and strict_creation_check:
317 # raises UserCreationError if it's not allowed for any reason to
317 # raises UserCreationError if it's not allowed for any reason to
318 # create new active user, this also executes pre-create hooks
318 # create new active user, this also executes pre-create hooks
319 check_allowed_create_user(user_data, cur_user, strict_check=True)
319 check_allowed_create_user(user_data, cur_user, strict_check=True)
320 events.trigger(events.UserPreCreate(user_data))
320 events.trigger(events.UserPreCreate(user_data))
321 new_user = User()
321 new_user = User()
322 edit = False
322 edit = False
323 else:
323 else:
324 log.debug('updating user %s', username)
324 log.debug('updating user %s', username)
325 events.trigger(events.UserPreUpdate(user, user_data))
325 events.trigger(events.UserPreUpdate(user, user_data))
326 new_user = user
326 new_user = user
327 edit = True
327 edit = True
328
328
329 # we're not allowed to edit default user
329 # we're not allowed to edit default user
330 if user.username == User.DEFAULT_USER:
330 if user.username == User.DEFAULT_USER:
331 raise DefaultUserException(
331 raise DefaultUserException(
332 _("You can't edit this user (`%(username)s`) since it's "
332 _("You can't edit this user (`%(username)s`) since it's "
333 "crucial for entire application") % {'username': user.username})
333 "crucial for entire application") % {'username': user.username})
334
334
335 # inject special attribute that will tell us if User is new or old
335 # inject special attribute that will tell us if User is new or old
336 new_user.is_new_user = not edit
336 new_user.is_new_user = not edit
337 # for users that didn's specify auth type, we use RhodeCode built in
337 # for users that didn's specify auth type, we use RhodeCode built in
338 from rhodecode.authentication.plugins import auth_rhodecode
338 from rhodecode.authentication.plugins import auth_rhodecode
339 extern_name = extern_name or auth_rhodecode.RhodeCodeAuthPlugin.name
339 extern_name = extern_name or auth_rhodecode.RhodeCodeAuthPlugin.name
340 extern_type = extern_type or auth_rhodecode.RhodeCodeAuthPlugin.name
340 extern_type = extern_type or auth_rhodecode.RhodeCodeAuthPlugin.name
341
341
342 try:
342 try:
343 new_user.username = username
343 new_user.username = username
344 new_user.admin = admin
344 new_user.admin = admin
345 new_user.email = email
345 new_user.email = email
346 new_user.active = active
346 new_user.active = active
347 new_user.extern_name = safe_unicode(extern_name)
347 new_user.extern_name = safe_unicode(extern_name)
348 new_user.extern_type = safe_unicode(extern_type)
348 new_user.extern_type = safe_unicode(extern_type)
349 new_user.name = firstname
349 new_user.name = firstname
350 new_user.lastname = lastname
350 new_user.lastname = lastname
351
351
352 # set password only if creating an user or password is changed
352 # set password only if creating an user or password is changed
353 if not edit or _password_change(new_user, password):
353 if not edit or _password_change(new_user, password):
354 reason = 'new password' if edit else 'new user'
354 reason = 'new password' if edit else 'new user'
355 log.debug('Updating password reason=>%s', reason)
355 log.debug('Updating password reason=>%s', reason)
356 new_user.password = get_crypt_password(password) if password else None
356 new_user.password = get_crypt_password(password) if password else None
357
357
358 if force_password_change:
358 if force_password_change:
359 new_user.update_userdata(force_password_change=True)
359 new_user.update_userdata(force_password_change=True)
360 if language:
360 if language:
361 new_user.update_userdata(language=language)
361 new_user.update_userdata(language=language)
362 new_user.update_userdata(notification_status=True)
362 new_user.update_userdata(notification_status=True)
363
363
364 self.sa.add(new_user)
364 self.sa.add(new_user)
365
365
366 if not edit and create_repo_group:
366 if not edit and create_repo_group:
367 RepoGroupModel().create_personal_repo_group(
367 RepoGroupModel().create_personal_repo_group(
368 new_user, commit_early=False)
368 new_user, commit_early=False)
369
369
370 if not edit:
370 if not edit:
371 # add the RSS token
371 # add the RSS token
372 AuthTokenModel().create(username,
372 AuthTokenModel().create(username,
373 description='Generated feed token',
373 description='Generated feed token',
374 role=AuthTokenModel.cls.ROLE_FEED)
374 role=AuthTokenModel.cls.ROLE_FEED)
375 log_create_user(created_by=cur_user, **new_user.get_dict())
375 log_create_user(created_by=cur_user, **new_user.get_dict())
376 events.trigger(events.UserPostCreate(user_data))
376 events.trigger(events.UserPostCreate(user_data))
377 return new_user
377 return new_user
378 except (DatabaseError,):
378 except (DatabaseError,):
379 log.error(traceback.format_exc())
379 log.error(traceback.format_exc())
380 raise
380 raise
381
381
382 def create_registration(self, form_data):
382 def create_registration(self, form_data):
383 from rhodecode.model.notification import NotificationModel
383 from rhodecode.model.notification import NotificationModel
384 from rhodecode.model.notification import EmailNotificationModel
384 from rhodecode.model.notification import EmailNotificationModel
385
385
386 try:
386 try:
387 form_data['admin'] = False
387 form_data['admin'] = False
388 form_data['extern_name'] = 'rhodecode'
388 form_data['extern_name'] = 'rhodecode'
389 form_data['extern_type'] = 'rhodecode'
389 form_data['extern_type'] = 'rhodecode'
390 new_user = self.create(form_data)
390 new_user = self.create(form_data)
391
391
392 self.sa.add(new_user)
392 self.sa.add(new_user)
393 self.sa.flush()
393 self.sa.flush()
394
394
395 user_data = new_user.get_dict()
395 user_data = new_user.get_dict()
396 kwargs = {
396 kwargs = {
397 # use SQLALCHEMY safe dump of user data
397 # use SQLALCHEMY safe dump of user data
398 'user': AttributeDict(user_data),
398 'user': AttributeDict(user_data),
399 'date': datetime.datetime.now()
399 'date': datetime.datetime.now()
400 }
400 }
401 notification_type = EmailNotificationModel.TYPE_REGISTRATION
401 notification_type = EmailNotificationModel.TYPE_REGISTRATION
402 # pre-generate the subject for notification itself
402 # pre-generate the subject for notification itself
403 (subject,
403 (subject,
404 _h, _e, # we don't care about those
404 _h, _e, # we don't care about those
405 body_plaintext) = EmailNotificationModel().render_email(
405 body_plaintext) = EmailNotificationModel().render_email(
406 notification_type, **kwargs)
406 notification_type, **kwargs)
407
407
408 # create notification objects, and emails
408 # create notification objects, and emails
409 NotificationModel().create(
409 NotificationModel().create(
410 created_by=new_user,
410 created_by=new_user,
411 notification_subject=subject,
411 notification_subject=subject,
412 notification_body=body_plaintext,
412 notification_body=body_plaintext,
413 notification_type=notification_type,
413 notification_type=notification_type,
414 recipients=None, # all admins
414 recipients=None, # all admins
415 email_kwargs=kwargs,
415 email_kwargs=kwargs,
416 )
416 )
417
417
418 return new_user
418 return new_user
419 except Exception:
419 except Exception:
420 log.error(traceback.format_exc())
420 log.error(traceback.format_exc())
421 raise
421 raise
422
422
423 def _handle_user_repos(self, username, repositories, handle_mode=None):
423 def _handle_user_repos(self, username, repositories, handle_mode=None):
424 _superadmin = self.cls.get_first_super_admin()
424 _superadmin = self.cls.get_first_super_admin()
425 left_overs = True
425 left_overs = True
426
426
427 from rhodecode.model.repo import RepoModel
427 from rhodecode.model.repo import RepoModel
428
428
429 if handle_mode == 'detach':
429 if handle_mode == 'detach':
430 for obj in repositories:
430 for obj in repositories:
431 obj.user = _superadmin
431 obj.user = _superadmin
432 # set description we know why we super admin now owns
432 # set description we know why we super admin now owns
433 # additional repositories that were orphaned !
433 # additional repositories that were orphaned !
434 obj.description += ' \n::detached repository from deleted user: %s' % (username,)
434 obj.description += ' \n::detached repository from deleted user: %s' % (username,)
435 self.sa.add(obj)
435 self.sa.add(obj)
436 left_overs = False
436 left_overs = False
437 elif handle_mode == 'delete':
437 elif handle_mode == 'delete':
438 for obj in repositories:
438 for obj in repositories:
439 RepoModel().delete(obj, forks='detach')
439 RepoModel().delete(obj, forks='detach')
440 left_overs = False
440 left_overs = False
441
441
442 # if nothing is done we have left overs left
442 # if nothing is done we have left overs left
443 return left_overs
443 return left_overs
444
444
445 def _handle_user_repo_groups(self, username, repository_groups,
445 def _handle_user_repo_groups(self, username, repository_groups,
446 handle_mode=None):
446 handle_mode=None):
447 _superadmin = self.cls.get_first_super_admin()
447 _superadmin = self.cls.get_first_super_admin()
448 left_overs = True
448 left_overs = True
449
449
450 from rhodecode.model.repo_group import RepoGroupModel
450 from rhodecode.model.repo_group import RepoGroupModel
451
451
452 if handle_mode == 'detach':
452 if handle_mode == 'detach':
453 for r in repository_groups:
453 for r in repository_groups:
454 r.user = _superadmin
454 r.user = _superadmin
455 # set description we know why we super admin now owns
455 # set description we know why we super admin now owns
456 # additional repositories that were orphaned !
456 # additional repositories that were orphaned !
457 r.group_description += ' \n::detached repository group from deleted user: %s' % (username,)
457 r.group_description += ' \n::detached repository group from deleted user: %s' % (username,)
458 self.sa.add(r)
458 self.sa.add(r)
459 left_overs = False
459 left_overs = False
460 elif handle_mode == 'delete':
460 elif handle_mode == 'delete':
461 for r in repository_groups:
461 for r in repository_groups:
462 RepoGroupModel().delete(r)
462 RepoGroupModel().delete(r)
463 left_overs = False
463 left_overs = False
464
464
465 # if nothing is done we have left overs left
465 # if nothing is done we have left overs left
466 return left_overs
466 return left_overs
467
467
468 def _handle_user_user_groups(self, username, user_groups, handle_mode=None):
468 def _handle_user_user_groups(self, username, user_groups, handle_mode=None):
469 _superadmin = self.cls.get_first_super_admin()
469 _superadmin = self.cls.get_first_super_admin()
470 left_overs = True
470 left_overs = True
471
471
472 from rhodecode.model.user_group import UserGroupModel
472 from rhodecode.model.user_group import UserGroupModel
473
473
474 if handle_mode == 'detach':
474 if handle_mode == 'detach':
475 for r in user_groups:
475 for r in user_groups:
476 for user_user_group_to_perm in r.user_user_group_to_perm:
476 for user_user_group_to_perm in r.user_user_group_to_perm:
477 if user_user_group_to_perm.user.username == username:
477 if user_user_group_to_perm.user.username == username:
478 user_user_group_to_perm.user = _superadmin
478 user_user_group_to_perm.user = _superadmin
479 r.user = _superadmin
479 r.user = _superadmin
480 # set description we know why we super admin now owns
480 # set description we know why we super admin now owns
481 # additional repositories that were orphaned !
481 # additional repositories that were orphaned !
482 r.user_group_description += ' \n::detached user group from deleted user: %s' % (username,)
482 r.user_group_description += ' \n::detached user group from deleted user: %s' % (username,)
483 self.sa.add(r)
483 self.sa.add(r)
484 left_overs = False
484 left_overs = False
485 elif handle_mode == 'delete':
485 elif handle_mode == 'delete':
486 for r in user_groups:
486 for r in user_groups:
487 UserGroupModel().delete(r)
487 UserGroupModel().delete(r)
488 left_overs = False
488 left_overs = False
489
489
490 # if nothing is done we have left overs left
490 # if nothing is done we have left overs left
491 return left_overs
491 return left_overs
492
492
493 def delete(self, user, cur_user=None, handle_repos=None,
493 def delete(self, user, cur_user=None, handle_repos=None,
494 handle_repo_groups=None, handle_user_groups=None):
494 handle_repo_groups=None, handle_user_groups=None):
495 if not cur_user:
495 if not cur_user:
496 cur_user = getattr(get_current_rhodecode_user(), 'username', None)
496 cur_user = getattr(get_current_rhodecode_user(), 'username', None)
497 user = self._get_user(user)
497 user = self._get_user(user)
498
498
499 try:
499 try:
500 if user.username == User.DEFAULT_USER:
500 if user.username == User.DEFAULT_USER:
501 raise DefaultUserException(
501 raise DefaultUserException(
502 _(u"You can't remove this user since it's"
502 _(u"You can't remove this user since it's"
503 u" crucial for entire application"))
503 u" crucial for entire application"))
504
504
505 left_overs = self._handle_user_repos(
505 left_overs = self._handle_user_repos(
506 user.username, user.repositories, handle_repos)
506 user.username, user.repositories, handle_repos)
507 if left_overs and user.repositories:
507 if left_overs and user.repositories:
508 repos = [x.repo_name for x in user.repositories]
508 repos = [x.repo_name for x in user.repositories]
509 raise UserOwnsReposException(
509 raise UserOwnsReposException(
510 _(u'user "%s" still owns %s repositories and cannot be '
510 _(u'user "%s" still owns %s repositories and cannot be '
511 u'removed. Switch owners or remove those repositories:%s')
511 u'removed. Switch owners or remove those repositories:%s')
512 % (user.username, len(repos), ', '.join(repos)))
512 % (user.username, len(repos), ', '.join(repos)))
513
513
514 left_overs = self._handle_user_repo_groups(
514 left_overs = self._handle_user_repo_groups(
515 user.username, user.repository_groups, handle_repo_groups)
515 user.username, user.repository_groups, handle_repo_groups)
516 if left_overs and user.repository_groups:
516 if left_overs and user.repository_groups:
517 repo_groups = [x.group_name for x in user.repository_groups]
517 repo_groups = [x.group_name for x in user.repository_groups]
518 raise UserOwnsRepoGroupsException(
518 raise UserOwnsRepoGroupsException(
519 _(u'user "%s" still owns %s repository groups and cannot be '
519 _(u'user "%s" still owns %s repository groups and cannot be '
520 u'removed. Switch owners or remove those repository groups:%s')
520 u'removed. Switch owners or remove those repository groups:%s')
521 % (user.username, len(repo_groups), ', '.join(repo_groups)))
521 % (user.username, len(repo_groups), ', '.join(repo_groups)))
522
522
523 left_overs = self._handle_user_user_groups(
523 left_overs = self._handle_user_user_groups(
524 user.username, user.user_groups, handle_user_groups)
524 user.username, user.user_groups, handle_user_groups)
525 if left_overs and user.user_groups:
525 if left_overs and user.user_groups:
526 user_groups = [x.users_group_name for x in user.user_groups]
526 user_groups = [x.users_group_name for x in user.user_groups]
527 raise UserOwnsUserGroupsException(
527 raise UserOwnsUserGroupsException(
528 _(u'user "%s" still owns %s user groups and cannot be '
528 _(u'user "%s" still owns %s user groups and cannot be '
529 u'removed. Switch owners or remove those user groups:%s')
529 u'removed. Switch owners or remove those user groups:%s')
530 % (user.username, len(user_groups), ', '.join(user_groups)))
530 % (user.username, len(user_groups), ', '.join(user_groups)))
531
531
532 # we might change the user data with detach/delete, make sure
532 # we might change the user data with detach/delete, make sure
533 # the object is marked as expired before actually deleting !
533 # the object is marked as expired before actually deleting !
534 self.sa.expire(user)
534 self.sa.expire(user)
535 self.sa.delete(user)
535 self.sa.delete(user)
536 from rhodecode.lib.hooks_base import log_delete_user
536 from rhodecode.lib.hooks_base import log_delete_user
537 log_delete_user(deleted_by=cur_user, **user.get_dict())
537 log_delete_user(deleted_by=cur_user, **user.get_dict())
538 except Exception:
538 except Exception:
539 log.error(traceback.format_exc())
539 log.error(traceback.format_exc())
540 raise
540 raise
541
541
542 def reset_password_link(self, data, pwd_reset_url):
542 def reset_password_link(self, data, pwd_reset_url):
543 from rhodecode.lib.celerylib import tasks, run_task
543 from rhodecode.lib.celerylib import tasks, run_task
544 from rhodecode.model.notification import EmailNotificationModel
544 from rhodecode.model.notification import EmailNotificationModel
545 user_email = data['email']
545 user_email = data['email']
546 try:
546 try:
547 user = User.get_by_email(user_email)
547 user = User.get_by_email(user_email)
548 if user:
548 if user:
549 log.debug('password reset user found %s', user)
549 log.debug('password reset user found %s', user)
550
550
551 email_kwargs = {
551 email_kwargs = {
552 'password_reset_url': pwd_reset_url,
552 'password_reset_url': pwd_reset_url,
553 'user': user,
553 'user': user,
554 'email': user_email,
554 'email': user_email,
555 'date': datetime.datetime.now()
555 'date': datetime.datetime.now()
556 }
556 }
557
557
558 (subject, headers, email_body,
558 (subject, headers, email_body,
559 email_body_plaintext) = EmailNotificationModel().render_email(
559 email_body_plaintext) = EmailNotificationModel().render_email(
560 EmailNotificationModel.TYPE_PASSWORD_RESET, **email_kwargs)
560 EmailNotificationModel.TYPE_PASSWORD_RESET, **email_kwargs)
561
561
562 recipients = [user_email]
562 recipients = [user_email]
563
563
564 action_logger_generic(
564 action_logger_generic(
565 'sending password reset email to user: {}'.format(
565 'sending password reset email to user: {}'.format(
566 user), namespace='security.password_reset')
566 user), namespace='security.password_reset')
567
567
568 run_task(tasks.send_email, recipients, subject,
568 run_task(tasks.send_email, recipients, subject,
569 email_body_plaintext, email_body)
569 email_body_plaintext, email_body)
570
570
571 else:
571 else:
572 log.debug("password reset email %s not found", user_email)
572 log.debug("password reset email %s not found", user_email)
573 except Exception:
573 except Exception:
574 log.error(traceback.format_exc())
574 log.error(traceback.format_exc())
575 return False
575 return False
576
576
577 return True
577 return True
578
578
579 def reset_password(self, data):
579 def reset_password(self, data):
580 from rhodecode.lib.celerylib import tasks, run_task
580 from rhodecode.lib.celerylib import tasks, run_task
581 from rhodecode.model.notification import EmailNotificationModel
581 from rhodecode.model.notification import EmailNotificationModel
582 from rhodecode.lib import auth
582 from rhodecode.lib import auth
583 user_email = data['email']
583 user_email = data['email']
584 pre_db = True
584 pre_db = True
585 try:
585 try:
586 user = User.get_by_email(user_email)
586 user = User.get_by_email(user_email)
587 new_passwd = auth.PasswordGenerator().gen_password(
587 new_passwd = auth.PasswordGenerator().gen_password(
588 12, auth.PasswordGenerator.ALPHABETS_BIG_SMALL)
588 12, auth.PasswordGenerator.ALPHABETS_BIG_SMALL)
589 if user:
589 if user:
590 user.password = auth.get_crypt_password(new_passwd)
590 user.password = auth.get_crypt_password(new_passwd)
591 # also force this user to reset his password !
591 # also force this user to reset his password !
592 user.update_userdata(force_password_change=True)
592 user.update_userdata(force_password_change=True)
593
593
594 Session().add(user)
594 Session().add(user)
595
595
596 # now delete the token in question
596 # now delete the token in question
597 UserApiKeys = AuthTokenModel.cls
597 UserApiKeys = AuthTokenModel.cls
598 UserApiKeys().query().filter(
598 UserApiKeys().query().filter(
599 UserApiKeys.api_key == data['token']).delete()
599 UserApiKeys.api_key == data['token']).delete()
600
600
601 Session().commit()
601 Session().commit()
602 log.info('successfully reset password for `%s`', user_email)
602 log.info('successfully reset password for `%s`', user_email)
603
603
604 if new_passwd is None:
604 if new_passwd is None:
605 raise Exception('unable to generate new password')
605 raise Exception('unable to generate new password')
606
606
607 pre_db = False
607 pre_db = False
608
608
609 email_kwargs = {
609 email_kwargs = {
610 'new_password': new_passwd,
610 'new_password': new_passwd,
611 'user': user,
611 'user': user,
612 'email': user_email,
612 'email': user_email,
613 'date': datetime.datetime.now()
613 'date': datetime.datetime.now()
614 }
614 }
615
615
616 (subject, headers, email_body,
616 (subject, headers, email_body,
617 email_body_plaintext) = EmailNotificationModel().render_email(
617 email_body_plaintext) = EmailNotificationModel().render_email(
618 EmailNotificationModel.TYPE_PASSWORD_RESET_CONFIRMATION,
618 EmailNotificationModel.TYPE_PASSWORD_RESET_CONFIRMATION,
619 **email_kwargs)
619 **email_kwargs)
620
620
621 recipients = [user_email]
621 recipients = [user_email]
622
622
623 action_logger_generic(
623 action_logger_generic(
624 'sent new password to user: {} with email: {}'.format(
624 'sent new password to user: {} with email: {}'.format(
625 user, user_email), namespace='security.password_reset')
625 user, user_email), namespace='security.password_reset')
626
626
627 run_task(tasks.send_email, recipients, subject,
627 run_task(tasks.send_email, recipients, subject,
628 email_body_plaintext, email_body)
628 email_body_plaintext, email_body)
629
629
630 except Exception:
630 except Exception:
631 log.error('Failed to update user password')
631 log.error('Failed to update user password')
632 log.error(traceback.format_exc())
632 log.error(traceback.format_exc())
633 if pre_db:
633 if pre_db:
634 # we rollback only if local db stuff fails. If it goes into
634 # we rollback only if local db stuff fails. If it goes into
635 # run_task, we're pass rollback state this wouldn't work then
635 # run_task, we're pass rollback state this wouldn't work then
636 Session().rollback()
636 Session().rollback()
637
637
638 return True
638 return True
639
639
640 def fill_data(self, auth_user, user_id=None, api_key=None, username=None):
640 def fill_data(self, auth_user, user_id=None, api_key=None, username=None):
641 """
641 """
642 Fetches auth_user by user_id,or api_key if present.
642 Fetches auth_user by user_id,or api_key if present.
643 Fills auth_user attributes with those taken from database.
643 Fills auth_user attributes with those taken from database.
644 Additionally set's is_authenitated if lookup fails
644 Additionally set's is_authenitated if lookup fails
645 present in database
645 present in database
646
646
647 :param auth_user: instance of user to set attributes
647 :param auth_user: instance of user to set attributes
648 :param user_id: user id to fetch by
648 :param user_id: user id to fetch by
649 :param api_key: api key to fetch by
649 :param api_key: api key to fetch by
650 :param username: username to fetch by
650 :param username: username to fetch by
651 """
651 """
652 if user_id is None and api_key is None and username is None:
652 if user_id is None and api_key is None and username is None:
653 raise Exception('You need to pass user_id, api_key or username')
653 raise Exception('You need to pass user_id, api_key or username')
654
654
655 log.debug(
655 log.debug(
656 'doing fill data based on: user_id:%s api_key:%s username:%s',
656 'doing fill data based on: user_id:%s api_key:%s username:%s',
657 user_id, api_key, username)
657 user_id, api_key, username)
658 try:
658 try:
659 dbuser = None
659 dbuser = None
660 if user_id:
660 if user_id:
661 dbuser = self.get(user_id)
661 dbuser = self.get(user_id)
662 elif api_key:
662 elif api_key:
663 dbuser = self.get_by_auth_token(api_key)
663 dbuser = self.get_by_auth_token(api_key)
664 elif username:
664 elif username:
665 dbuser = self.get_by_username(username)
665 dbuser = self.get_by_username(username)
666
666
667 if not dbuser:
667 if not dbuser:
668 log.warning(
668 log.warning(
669 'Unable to lookup user by id:%s api_key:%s username:%s',
669 'Unable to lookup user by id:%s api_key:%s username:%s',
670 user_id, api_key, username)
670 user_id, api_key, username)
671 return False
671 return False
672 if not dbuser.active:
672 if not dbuser.active:
673 log.debug('User `%s:%s` is inactive, skipping fill data',
673 log.debug('User `%s:%s` is inactive, skipping fill data',
674 username, user_id)
674 username, user_id)
675 return False
675 return False
676
676
677 log.debug('filling user:%s data', dbuser)
677 log.debug('filling user:%s data', dbuser)
678
678
679 # TODO: johbo: Think about this and find a clean solution
679 # TODO: johbo: Think about this and find a clean solution
680 user_data = dbuser.get_dict()
680 user_data = dbuser.get_dict()
681 user_data.update(dbuser.get_api_data(include_secrets=True))
681 user_data.update(dbuser.get_api_data(include_secrets=True))
682 user_data.update({
683 # set explicit the safe escaped values
684 'first_name': dbuser.first_name,
685 'last_name': dbuser.last_name,
686 })
682
687
683 for k, v in user_data.iteritems():
688 for k, v in user_data.iteritems():
684 # properties of auth user we dont update
689 # properties of auth user we dont update
685 if k not in ['auth_tokens', 'permissions']:
690 if k not in ['auth_tokens', 'permissions']:
686 setattr(auth_user, k, v)
691 setattr(auth_user, k, v)
687
692
688 # few extras
693 # few extras
689 setattr(auth_user, 'feed_token', dbuser.feed_token)
694 setattr(auth_user, 'feed_token', dbuser.feed_token)
690 except Exception:
695 except Exception:
691 log.error(traceback.format_exc())
696 log.error(traceback.format_exc())
692 auth_user.is_authenticated = False
697 auth_user.is_authenticated = False
693 return False
698 return False
694
699
695 return True
700 return True
696
701
697 def has_perm(self, user, perm):
702 def has_perm(self, user, perm):
698 perm = self._get_perm(perm)
703 perm = self._get_perm(perm)
699 user = self._get_user(user)
704 user = self._get_user(user)
700
705
701 return UserToPerm.query().filter(UserToPerm.user == user)\
706 return UserToPerm.query().filter(UserToPerm.user == user)\
702 .filter(UserToPerm.permission == perm).scalar() is not None
707 .filter(UserToPerm.permission == perm).scalar() is not None
703
708
704 def grant_perm(self, user, perm):
709 def grant_perm(self, user, perm):
705 """
710 """
706 Grant user global permissions
711 Grant user global permissions
707
712
708 :param user:
713 :param user:
709 :param perm:
714 :param perm:
710 """
715 """
711 user = self._get_user(user)
716 user = self._get_user(user)
712 perm = self._get_perm(perm)
717 perm = self._get_perm(perm)
713 # if this permission is already granted skip it
718 # if this permission is already granted skip it
714 _perm = UserToPerm.query()\
719 _perm = UserToPerm.query()\
715 .filter(UserToPerm.user == user)\
720 .filter(UserToPerm.user == user)\
716 .filter(UserToPerm.permission == perm)\
721 .filter(UserToPerm.permission == perm)\
717 .scalar()
722 .scalar()
718 if _perm:
723 if _perm:
719 return
724 return
720 new = UserToPerm()
725 new = UserToPerm()
721 new.user = user
726 new.user = user
722 new.permission = perm
727 new.permission = perm
723 self.sa.add(new)
728 self.sa.add(new)
724 return new
729 return new
725
730
726 def revoke_perm(self, user, perm):
731 def revoke_perm(self, user, perm):
727 """
732 """
728 Revoke users global permissions
733 Revoke users global permissions
729
734
730 :param user:
735 :param user:
731 :param perm:
736 :param perm:
732 """
737 """
733 user = self._get_user(user)
738 user = self._get_user(user)
734 perm = self._get_perm(perm)
739 perm = self._get_perm(perm)
735
740
736 obj = UserToPerm.query()\
741 obj = UserToPerm.query()\
737 .filter(UserToPerm.user == user)\
742 .filter(UserToPerm.user == user)\
738 .filter(UserToPerm.permission == perm)\
743 .filter(UserToPerm.permission == perm)\
739 .scalar()
744 .scalar()
740 if obj:
745 if obj:
741 self.sa.delete(obj)
746 self.sa.delete(obj)
742
747
743 def add_extra_email(self, user, email):
748 def add_extra_email(self, user, email):
744 """
749 """
745 Adds email address to UserEmailMap
750 Adds email address to UserEmailMap
746
751
747 :param user:
752 :param user:
748 :param email:
753 :param email:
749 """
754 """
750 from rhodecode.model import forms
755 from rhodecode.model import forms
751 form = forms.UserExtraEmailForm()()
756 form = forms.UserExtraEmailForm()()
752 data = form.to_python({'email': email})
757 data = form.to_python({'email': email})
753 user = self._get_user(user)
758 user = self._get_user(user)
754
759
755 obj = UserEmailMap()
760 obj = UserEmailMap()
756 obj.user = user
761 obj.user = user
757 obj.email = data['email']
762 obj.email = data['email']
758 self.sa.add(obj)
763 self.sa.add(obj)
759 return obj
764 return obj
760
765
761 def delete_extra_email(self, user, email_id):
766 def delete_extra_email(self, user, email_id):
762 """
767 """
763 Removes email address from UserEmailMap
768 Removes email address from UserEmailMap
764
769
765 :param user:
770 :param user:
766 :param email_id:
771 :param email_id:
767 """
772 """
768 user = self._get_user(user)
773 user = self._get_user(user)
769 obj = UserEmailMap.query().get(email_id)
774 obj = UserEmailMap.query().get(email_id)
770 if obj and obj.user_id == user.user_id:
775 if obj and obj.user_id == user.user_id:
771 self.sa.delete(obj)
776 self.sa.delete(obj)
772
777
773 def parse_ip_range(self, ip_range):
778 def parse_ip_range(self, ip_range):
774 ip_list = []
779 ip_list = []
775 def make_unique(value):
780 def make_unique(value):
776 seen = []
781 seen = []
777 return [c for c in value if not (c in seen or seen.append(c))]
782 return [c for c in value if not (c in seen or seen.append(c))]
778
783
779 # firsts split by commas
784 # firsts split by commas
780 for ip_range in ip_range.split(','):
785 for ip_range in ip_range.split(','):
781 if not ip_range:
786 if not ip_range:
782 continue
787 continue
783 ip_range = ip_range.strip()
788 ip_range = ip_range.strip()
784 if '-' in ip_range:
789 if '-' in ip_range:
785 start_ip, end_ip = ip_range.split('-', 1)
790 start_ip, end_ip = ip_range.split('-', 1)
786 start_ip = ipaddress.ip_address(start_ip.strip())
791 start_ip = ipaddress.ip_address(start_ip.strip())
787 end_ip = ipaddress.ip_address(end_ip.strip())
792 end_ip = ipaddress.ip_address(end_ip.strip())
788 parsed_ip_range = []
793 parsed_ip_range = []
789
794
790 for index in xrange(int(start_ip), int(end_ip) + 1):
795 for index in xrange(int(start_ip), int(end_ip) + 1):
791 new_ip = ipaddress.ip_address(index)
796 new_ip = ipaddress.ip_address(index)
792 parsed_ip_range.append(str(new_ip))
797 parsed_ip_range.append(str(new_ip))
793 ip_list.extend(parsed_ip_range)
798 ip_list.extend(parsed_ip_range)
794 else:
799 else:
795 ip_list.append(ip_range)
800 ip_list.append(ip_range)
796
801
797 return make_unique(ip_list)
802 return make_unique(ip_list)
798
803
799 def add_extra_ip(self, user, ip, description=None):
804 def add_extra_ip(self, user, ip, description=None):
800 """
805 """
801 Adds ip address to UserIpMap
806 Adds ip address to UserIpMap
802
807
803 :param user:
808 :param user:
804 :param ip:
809 :param ip:
805 """
810 """
806 from rhodecode.model import forms
811 from rhodecode.model import forms
807 form = forms.UserExtraIpForm()()
812 form = forms.UserExtraIpForm()()
808 data = form.to_python({'ip': ip})
813 data = form.to_python({'ip': ip})
809 user = self._get_user(user)
814 user = self._get_user(user)
810
815
811 obj = UserIpMap()
816 obj = UserIpMap()
812 obj.user = user
817 obj.user = user
813 obj.ip_addr = data['ip']
818 obj.ip_addr = data['ip']
814 obj.description = description
819 obj.description = description
815 self.sa.add(obj)
820 self.sa.add(obj)
816 return obj
821 return obj
817
822
818 def delete_extra_ip(self, user, ip_id):
823 def delete_extra_ip(self, user, ip_id):
819 """
824 """
820 Removes ip address from UserIpMap
825 Removes ip address from UserIpMap
821
826
822 :param user:
827 :param user:
823 :param ip_id:
828 :param ip_id:
824 """
829 """
825 user = self._get_user(user)
830 user = self._get_user(user)
826 obj = UserIpMap.query().get(ip_id)
831 obj = UserIpMap.query().get(ip_id)
827 if obj and obj.user_id == user.user_id:
832 if obj and obj.user_id == user.user_id:
828 self.sa.delete(obj)
833 self.sa.delete(obj)
829
834
830 def get_accounts_in_creation_order(self, current_user=None):
835 def get_accounts_in_creation_order(self, current_user=None):
831 """
836 """
832 Get accounts in order of creation for deactivation for license limits
837 Get accounts in order of creation for deactivation for license limits
833
838
834 pick currently logged in user, and append to the list in position 0
839 pick currently logged in user, and append to the list in position 0
835 pick all super-admins in order of creation date and add it to the list
840 pick all super-admins in order of creation date and add it to the list
836 pick all other accounts in order of creation and add it to the list.
841 pick all other accounts in order of creation and add it to the list.
837
842
838 Based on that list, the last accounts can be disabled as they are
843 Based on that list, the last accounts can be disabled as they are
839 created at the end and don't include any of the super admins as well
844 created at the end and don't include any of the super admins as well
840 as the current user.
845 as the current user.
841
846
842 :param current_user: optionally current user running this operation
847 :param current_user: optionally current user running this operation
843 """
848 """
844
849
845 if not current_user:
850 if not current_user:
846 current_user = get_current_rhodecode_user()
851 current_user = get_current_rhodecode_user()
847 active_super_admins = [
852 active_super_admins = [
848 x.user_id for x in User.query()
853 x.user_id for x in User.query()
849 .filter(User.user_id != current_user.user_id)
854 .filter(User.user_id != current_user.user_id)
850 .filter(User.active == true())
855 .filter(User.active == true())
851 .filter(User.admin == true())
856 .filter(User.admin == true())
852 .order_by(User.created_on.asc())]
857 .order_by(User.created_on.asc())]
853
858
854 active_regular_users = [
859 active_regular_users = [
855 x.user_id for x in User.query()
860 x.user_id for x in User.query()
856 .filter(User.user_id != current_user.user_id)
861 .filter(User.user_id != current_user.user_id)
857 .filter(User.active == true())
862 .filter(User.active == true())
858 .filter(User.admin == false())
863 .filter(User.admin == false())
859 .order_by(User.created_on.asc())]
864 .order_by(User.created_on.asc())]
860
865
861 list_of_accounts = [current_user.user_id]
866 list_of_accounts = [current_user.user_id]
862 list_of_accounts += active_super_admins
867 list_of_accounts += active_super_admins
863 list_of_accounts += active_regular_users
868 list_of_accounts += active_regular_users
864
869
865 return list_of_accounts
870 return list_of_accounts
866
871
867 def deactivate_last_users(self, expected_users):
872 def deactivate_last_users(self, expected_users):
868 """
873 """
869 Deactivate accounts that are over the license limits.
874 Deactivate accounts that are over the license limits.
870 Algorithm of which accounts to disabled is based on the formula:
875 Algorithm of which accounts to disabled is based on the formula:
871
876
872 Get current user, then super admins in creation order, then regular
877 Get current user, then super admins in creation order, then regular
873 active users in creation order.
878 active users in creation order.
874
879
875 Using that list we mark all accounts from the end of it as inactive.
880 Using that list we mark all accounts from the end of it as inactive.
876 This way we block only latest created accounts.
881 This way we block only latest created accounts.
877
882
878 :param expected_users: list of users in special order, we deactivate
883 :param expected_users: list of users in special order, we deactivate
879 the end N ammoun of users from that list
884 the end N ammoun of users from that list
880 """
885 """
881
886
882 list_of_accounts = self.get_accounts_in_creation_order()
887 list_of_accounts = self.get_accounts_in_creation_order()
883
888
884 for acc_id in list_of_accounts[expected_users + 1:]:
889 for acc_id in list_of_accounts[expected_users + 1:]:
885 user = User.get(acc_id)
890 user = User.get(acc_id)
886 log.info('Deactivating account %s for license unlock', user)
891 log.info('Deactivating account %s for license unlock', user)
887 user.active = False
892 user.active = False
888 Session().add(user)
893 Session().add(user)
889 Session().commit()
894 Session().commit()
890
895
891 return
896 return
892
897
893 def get_user_log(self, user, filter_term):
898 def get_user_log(self, user, filter_term):
894 user_log = UserLog.query()\
899 user_log = UserLog.query()\
895 .filter(or_(UserLog.user_id == user.user_id,
900 .filter(or_(UserLog.user_id == user.user_id,
896 UserLog.username == user.username))\
901 UserLog.username == user.username))\
897 .options(joinedload(UserLog.user))\
902 .options(joinedload(UserLog.user))\
898 .options(joinedload(UserLog.repository))\
903 .options(joinedload(UserLog.repository))\
899 .order_by(UserLog.action_date.desc())
904 .order_by(UserLog.action_date.desc())
900
905
901 user_log = user_log_filter(user_log, filter_term)
906 user_log = user_log_filter(user_log, filter_term)
902 return user_log
907 return user_log
Show file before | Show file after | Hide comments
1 NO CONTENT: modified file
NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff
Show file before | Show file after | Hide comments
1 NO CONTENT: modified file
NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff
Show file before | Show file after | Hide comments
1 NO CONTENT: modified file
NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff
Show file before | Show file after | Hide comments
1 NO CONTENT: modified file
NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff
Show file before | Show file after | Hide comments
1 NO CONTENT: modified file
NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff
Show file before | Show file after | Hide comments
1 NO CONTENT: modified file
NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff
General Comments 0
You need to be logged in to leave comments. Login now