u/pc/rhodecode-enterprise-ce-fork-pc Commit - r1774:90a81bb6

home: moved home and repo group views into pyramid....

marcink -

r1774:90a81bb6 default

parent child

The requested changes are too big and content was truncated. Show full diff

rhodecode/apps/repo_group/__init__.py

0 created 644 +33 0

@@ -0,0 +1,33 b''
	1	# -- coding: utf-8 --
	2
	3	# Copyright (C) 2016-2017 RhodeCode GmbH
	4	#
	5	# This program is free software: you can redistribute it and/or modify
	6	# it under the terms of the GNU Affero General Public License, version 3
	7	# (only), as published by the Free Software Foundation.
	8	#
	9	# This program is distributed in the hope that it will be useful,
	10	# but WITHOUT ANY WARRANTY; without even the implied warranty of
	11	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	12	# GNU General Public License for more details.
	13	#
	14	# You should have received a copy of the GNU Affero General Public License
	15	# along with this program. If not, see <http://www.gnu.org/licenses/>.
	16	#
	17	# This program is dual-licensed. If you wish to learn more about the
	18	# RhodeCode Enterprise Edition, including its added features, Support services,
	19	# and proprietary license terms, please see https://rhodecode.com/licenses/
	20	from rhodecode.apps._base import add_route_with_slash
	21
	22
	23	def includeme(config):
	24
	25	# Summary
	26	add_route_with_slash(
	27	config,
	28	name='repo_group_home',
	29	pattern='/{repo_group_name:.*?[^/]}', repo_group_route=True)
	30
	31	# Scan module for configuration decorators.
	32	config.scan()
	33

rhodecode/api/tests/test_get_gist.py

0 +4 -4

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import pytest
             from rhodecode.model.db import Gist
             from rhodecode.api.tests.utils import (
                 build_data, api_call, assert_error, assert_ok)
             @pytest.mark.usefixtures("testuser_api", "app")
             class TestApiGetGist(object):
-                def test_api_get_gist(self, gist_util):
+                def test_api_get_gist(self, gist_util, http_host_stub):
                     gist = gist_util.create_gist()
                     gist_id = gist.gist_access_id
                     gist_created_on = gist.created_on
                     gist_modified_at = gist.modified_at
                     id_, params = build_data(
                         self.apikey, 'get_gist', gistid=gist_id, )
                     response = api_call(self.app, params)
                     expected = {
                         'access_id': gist_id,
                         'created_on': gist_created_on,
                         'modified_at': gist_modified_at,
                         'description': 'new-gist',
                         'expires': -1.0,
                         'gist_id': int(gist_id),
                         'type': 'public',
-                        'url': 'http://test.example.com:80/_admin/gists/%s' % (gist_id,),
+                        'url': 'http://%s/_admin/gists/%s' % (http_host_stub, gist_id,),
                         'acl_level': Gist.ACL_LEVEL_PUBLIC,
                         'content': None,
                     }
                     assert_ok(id_, expected, given=response.body)
-                def test_api_get_gist_with_content(self, gist_util):
+                def test_api_get_gist_with_content(self, gist_util, http_host_stub):
                     mapping = {
                         u'filename1.txt': {'content': u'hello world'},
                         u'filename1ą.txt': {'content': u'hello worldę'}
                     }
                     gist = gist_util.create_gist(gist_mapping=mapping)
                     gist_id = gist.gist_access_id
                     gist_created_on = gist.created_on
                     gist_modified_at = gist.modified_at
                     id_, params = build_data(
                         self.apikey, 'get_gist', gistid=gist_id, content=True)
                     response = api_call(self.app, params)
                     expected = {
                         'access_id': gist_id,
                         'created_on': gist_created_on,
                         'modified_at': gist_modified_at,
                         'description': 'new-gist',
                         'expires': -1.0,
                         'gist_id': int(gist_id),
                         'type': 'public',
-                        'url': 'http://test.example.com:80/_admin/gists/%s' % (gist_id,),
+                        'url': 'http://%s/_admin/gists/%s' % (http_host_stub, gist_id,),
                         'acl_level': Gist.ACL_LEVEL_PUBLIC,
                         'content': {
                             u'filename1.txt': u'hello world',
                             u'filename1ą.txt': u'hello worldę'
                         },
                     }
                     assert_ok(id_, expected, given=response.body)
                 def test_api_get_gist_not_existing(self):
                     id_, params = build_data(
                         self.apikey_regular, 'get_gist', gistid='12345', )
                     response = api_call(self.app, params)
                     expected = 'gist `%s` does not exist' % ('12345',)
                     assert_error(id_, expected, given=response.body)
                 def test_api_get_gist_private_gist_without_permission(self, gist_util):
                     gist = gist_util.create_gist()
                     gist_id = gist.gist_access_id
                     id_, params = build_data(
                         self.apikey_regular, 'get_gist', gistid=gist_id, )
                     response = api_call(self.app, params)
                     expected = 'gist `%s` does not exist' % (gist_id,)
                     assert_error(id_, expected, given=response.body)

rhodecode/api/tests/test_get_pull_request.py

0 +11 -11

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
-            import mock
             import pytest
             import urlobject
             from pylons import url
             from rhodecode.api.tests.utils import (
                 build_data, api_call, assert_error, assert_ok)
+            from rhodecode.lib.utils2 import safe_unicode
             pytestmark = pytest.mark.backends("git", "hg")
             @pytest.mark.usefixtures("testuser_api", "app")
             class TestGetPullRequest(object):
-                def test_api_get_pull_request(self, pr_util):
+                def test_api_get_pull_request(self, pr_util, http_host_stub, http_host_only_stub):
                     from rhodecode.model.pull_request import PullRequestModel
                     pull_request = pr_util.create_pull_request(mergeable=True)
                     id_, params = build_data(
                         self.apikey, 'get_pull_request',
                         repoid=pull_request.target_repo.repo_name,
                         pullrequestid=pull_request.pull_request_id)
                     response = api_call(self.app, params)
                     assert response.status == '200 OK'
                     url_obj = urlobject.URLObject(
                         url(
                             'pullrequest_show',
                             repo_name=pull_request.target_repo.repo_name,
                             pull_request_id=pull_request.pull_request_id, qualified=True))
-                    pr_url = unicode(
-                        url_obj.with_netloc('test.example.com:80'))
+                    pr_url = safe_unicode(
-                    source_url = unicode(
+                        url_obj.with_netloc(http_host_stub))
-                        pull_request.source_repo.clone_url()
+                    source_url = safe_unicode(
-                            .with_netloc('test.example.com:80'))
+                        pull_request.source_repo.clone_url().with_netloc(http_host_only_stub))
-                    target_url = unicode(
+                    target_url = safe_unicode(
-                        pull_request.target_repo.clone_url()
+                        pull_request.target_repo.clone_url().with_netloc(http_host_only_stub))
-                            .with_netloc('test.example.com:80'))
+                    shadow_url = safe_unicode(
-                    shadow_url = unicode(
                         PullRequestModel().get_shadow_clone_url(pull_request))
                     expected = {
                         'pull_request_id': pull_request.pull_request_id,
                         'url': pr_url,
                         'title': pull_request.title,
                         'description': pull_request.description,
                         'status': pull_request.status,
                         'created_on': pull_request.created_on,
                         'updated_on': pull_request.updated_on,
                         'commit_ids': pull_request.revisions,
                         'review_status': pull_request.calculated_review_status(),
                         'mergeable': {
                             'status': True,
                             'message': 'This pull request can be automatically merged.',
                         },
                         'source': {
                             'clone_url': source_url,
                             'repository': pull_request.source_repo.repo_name,
                             'reference': {
                                 'name': pull_request.source_ref_parts.name,
                                 'type': pull_request.source_ref_parts.type,
                                 'commit_id': pull_request.source_ref_parts.commit_id,
                             },
                         },
                         'target': {
                             'clone_url': target_url,
                             'repository': pull_request.target_repo.repo_name,
                             'reference': {
                                 'name': pull_request.target_ref_parts.name,
                                 'type': pull_request.target_ref_parts.type,
                                 'commit_id': pull_request.target_ref_parts.commit_id,
                             },
                         },
                         'merge': {
                             'clone_url': shadow_url,
                             'reference': {
                                 'name': pull_request.shadow_merge_ref.name,
                                 'type': pull_request.shadow_merge_ref.type,
                                 'commit_id': pull_request.shadow_merge_ref.commit_id,
                             },
                         },
                         'author': pull_request.author.get_api_data(include_secrets=False,
                                                                    details='basic'),
                         'reviewers': [
                             {
                                 'user': reviewer.get_api_data(include_secrets=False,
                                                               details='basic'),
                                 'reasons': reasons,
                                 'review_status': st[0][1].status if st else 'not_reviewed',
                             }
                             for reviewer, reasons, mandatory, st in
                             pull_request.reviewers_statuses()
                         ]
                     }
                     assert_ok(id_, expected, response.body)
                 def test_api_get_pull_request_repo_error(self):
                     id_, params = build_data(
                         self.apikey, 'get_pull_request',
                         repoid=666, pullrequestid=1)
                     response = api_call(self.app, params)
                     expected = 'repository `666` does not exist'
                     assert_error(id_, expected, given=response.body)
                 def test_api_get_pull_request_pull_request_error(self):
                     id_, params = build_data(
                         self.apikey, 'get_pull_request',
                         repoid=1, pullrequestid=666)
                     response = api_call(self.app, params)
                     expected = 'pull request `666` does not exist'
                     assert_error(id_, expected, given=response.body)

rhodecode/api/tests/test_update_repo.py

0 +4 -3

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import mock
             import pytest
             from rhodecode.model.repo import RepoModel
             from rhodecode.tests import TEST_USER_ADMIN_LOGIN, TEST_USER_REGULAR_LOGIN
             from rhodecode.api.tests.utils import (
                 build_data, api_call, assert_error, assert_ok, crash, jsonify)
             from rhodecode.tests.fixture import Fixture
+            from rhodecode.tests.plugin import http_host_stub, http_host_only_stub
             fixture = Fixture()
             UPDATE_REPO_NAME = 'api_update_me'
             class SAME_AS_UPDATES(object):
                 """ Constant used for tests below """
             @pytest.mark.usefixtures("testuser_api", "app")
             class TestApiUpdateRepo(object):
                 @pytest.mark.parametrize("updates, expected", [
                     ({'owner': TEST_USER_REGULAR_LOGIN},
                      SAME_AS_UPDATES),
                     ({'description': 'new description'},
                      SAME_AS_UPDATES),
                     ({'clone_uri': 'http://foo.com/repo'},
                      SAME_AS_UPDATES),
                     ({'clone_uri': None},
                      {'clone_uri': ''}),
                     ({'clone_uri': ''},
                      {'clone_uri': ''}),
                     ({'landing_rev': 'rev:tip'},
                      {'landing_rev': ['rev', 'tip']}),
                     ({'enable_statistics': True},
                      SAME_AS_UPDATES),
                     ({'enable_locking': True},
                      SAME_AS_UPDATES),
                     ({'enable_downloads': True},
                      SAME_AS_UPDATES),
                     ({'repo_name': 'new_repo_name'},
                      {
                         'repo_name': 'new_repo_name',
-                        'url': 'http://test.example.com:80/new_repo_name'
+                        'url': 'http://{}/new_repo_name'.format(http_host_only_stub())
                      }),
                     ({'repo_name': 'test_group_for_update/{}'.format(UPDATE_REPO_NAME),
                       '_group': 'test_group_for_update'},
                      {
                         'repo_name': 'test_group_for_update/{}'.format(UPDATE_REPO_NAME),
-                        'url': 'http://test.example.com:80/test_group_for_update/{}'.format(UPDATE_REPO_NAME)
+                        'url': 'http://{}/test_group_for_update/{}'.format(
+                            http_host_only_stub(), UPDATE_REPO_NAME)
                      }),
                 ])
                 def test_api_update_repo(self, updates, expected, backend):
                     repo_name = UPDATE_REPO_NAME
                     repo = fixture.create_repo(repo_name, repo_type=backend.alias)
                     if updates.get('_group'):
                         fixture.create_repo_group(updates['_group'])
                     expected_api_data = repo.get_api_data(include_secrets=True)
                     if expected is SAME_AS_UPDATES:
                         expected_api_data.update(updates)
                     else:
                         expected_api_data.update(expected)
                     id_, params = build_data(
                         self.apikey, 'update_repo', repoid=repo_name, **updates)
                     response = api_call(self.app, params)
                     if updates.get('repo_name'):
                         repo_name = updates['repo_name']
                     try:
                         expected = {
                             'msg': 'updated repo ID:%s %s' % (repo.repo_id, repo_name),
                             'repository': jsonify(expected_api_data)
                         }
                         assert_ok(id_, expected, given=response.body)
                     finally:
                         fixture.destroy_repo(repo_name)
                         if updates.get('_group'):
                             fixture.destroy_repo_group(updates['_group'])
                 def test_api_update_repo_fork_of_field(self, backend):
                     master_repo = backend.create_repo()
                     repo = backend.create_repo()
                     updates = {
                         'fork_of': master_repo.repo_name
                     }
                     expected_api_data = repo.get_api_data(include_secrets=True)
                     expected_api_data.update(updates)
                     id_, params = build_data(
                         self.apikey, 'update_repo', repoid=repo.repo_name, **updates)
                     response = api_call(self.app, params)
                     expected = {
                         'msg': 'updated repo ID:%s %s' % (repo.repo_id, repo.repo_name),
                         'repository': jsonify(expected_api_data)
                     }
                     assert_ok(id_, expected, given=response.body)
                     result = response.json['result']['repository']
                     assert result['fork_of'] == master_repo.repo_name
                 def test_api_update_repo_fork_of_not_found(self, backend):
                     master_repo_name = 'fake-parent-repo'
                     repo = backend.create_repo()
                     updates = {
                         'fork_of': master_repo_name
                     }
                     id_, params = build_data(
                         self.apikey, 'update_repo', repoid=repo.repo_name, **updates)
                     response = api_call(self.app, params)
                     expected = {
                         'repo_fork_of': 'Fork with id `{}` does not exists'.format(
                             master_repo_name)}
                     assert_error(id_, expected, given=response.body)
                 def test_api_update_repo_with_repo_group_not_existing(self):
                     repo_name = 'admin_owned'
                     fake_repo_group = 'test_group_for_update'
                     fixture.create_repo(repo_name)
                     updates = {'repo_name': '{}/{}'.format(fake_repo_group, repo_name)}
                     id_, params = build_data(
                         self.apikey, 'update_repo', repoid=repo_name, **updates)
                     response = api_call(self.app, params)
                     try:
                         expected = {
                             'repo_group': 'Repository group `{}` does not exist'.format(fake_repo_group)
                         }
                         assert_error(id_, expected, given=response.body)
                     finally:
                         fixture.destroy_repo(repo_name)
                 def test_api_update_repo_regular_user_not_allowed(self):
                     repo_name = 'admin_owned'
                     fixture.create_repo(repo_name)
                     updates = {'active': False}
                     id_, params = build_data(
                         self.apikey_regular, 'update_repo', repoid=repo_name, **updates)
                     response = api_call(self.app, params)
                     try:
                         expected = 'repository `%s` does not exist' % (repo_name,)
                         assert_error(id_, expected, given=response.body)
                     finally:
                         fixture.destroy_repo(repo_name)
                 @mock.patch.object(RepoModel, 'update', crash)
                 def test_api_update_repo_exception_occurred(self, backend):
                     repo_name = UPDATE_REPO_NAME
                     fixture.create_repo(repo_name, repo_type=backend.alias)
                     id_, params = build_data(
                         self.apikey, 'update_repo', repoid=repo_name,
                         owner=TEST_USER_ADMIN_LOGIN,)
                     response = api_call(self.app, params)
                     try:
                         expected = 'failed to update repo `%s`' % (repo_name,)
                         assert_error(id_, expected, given=response.body)
                     finally:
                         fixture.destroy_repo(repo_name)

rhodecode/apps/__init__.py

0 +19 0

@@ -0,0 +1,19 b''
	1	# -- coding: utf-8 --
	2
	3	# Copyright (C) 2016-2017 RhodeCode GmbH
	4	#
	5	# This program is free software: you can redistribute it and/or modify
	6	# it under the terms of the GNU Affero General Public License, version 3
	7	# (only), as published by the Free Software Foundation.
	8	#
	9	# This program is distributed in the hope that it will be useful,
	10	# but WITHOUT ANY WARRANTY; without even the implied warranty of
	11	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	12	# GNU General Public License for more details.
	13	#
	14	# You should have received a copy of the GNU Affero General Public License
	15	# along with this program. If not, see <http://www.gnu.org/licenses/>.
	16	#
	17	# This program is dual-licensed. If you wish to learn more about the
	18	# RhodeCode Enterprise Edition, including its added features, Support services,
	19	# and proprietary license terms, please see https://rhodecode.com/licenses/

rhodecode/apps/_base/__init__.py

0 +33 -3

             # -*- coding: utf-8 -*-
             # Copyright (C) 2016-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import time
             import logging
             from pylons import tmpl_context as c
             from pyramid.httpexceptions import HTTPFound
             from rhodecode.lib import helpers as h
             from rhodecode.lib.utils import PartialRenderer
             from rhodecode.lib.utils2 import StrictAttributeDict, safe_int, datetime_to_time
             from rhodecode.lib.vcs.exceptions import RepositoryRequirementError
             from rhodecode.lib.ext_json import json
             from rhodecode.model import repo
+            from rhodecode.model import repo_group
             from rhodecode.model.db import User
             from rhodecode.model.scm import ScmModel
             log = logging.getLogger(__name__)
             ADMIN_PREFIX = '/_admin'
             STATIC_FILE_PREFIX = '/_static'
+            def add_route_with_slash(config,name, pattern, **kw):
+                config.add_route(name, pattern, **kw)
+                if not pattern.endswith('/'):
+                    config.add_route(name + '_slash', pattern + '/', **kw)
             def get_format_ref_id(repo):
                 """Returns a `repo` specific reference formatter function"""
                 if h.is_svn(repo):
                     return _format_ref_id_svn
                 else:
                     return _format_ref_id
             def _format_ref_id(name, raw_id):
                 """Default formatting of a given reference `name`"""
                 return name
             def _format_ref_id_svn(name, raw_id):
                 """Special way of formatting a reference for Subversion including path"""
                 return '%s@%s' % (name, raw_id)
             class TemplateArgs(StrictAttributeDict):
                 pass
             class BaseAppView(object):
                 def __init__(self, context, request):
                     self.request = request
                     self.context = context
                     self.session = request.session
                     self._rhodecode_user = request.user  # auth user
                     self._rhodecode_db_user = self._rhodecode_user.get_instance()
                     self._maybe_needs_password_change(
                         request.matched_route.name, self._rhodecode_db_user)
                 def _maybe_needs_password_change(self, view_name, user_obj):
                     log.debug('Checking if user %s needs password change on view %s',
                               user_obj, view_name)
                     skip_user_views = [
                         'logout', 'login',
                         'my_account_password', 'my_account_password_update'
                     ]
                     if not user_obj:
                         return
                     if user_obj.username == User.DEFAULT_USER:
                         return
                     now = time.time()
                     should_change = user_obj.user_data.get('force_password_change')
                     change_after = safe_int(should_change) or 0
                     if should_change and now > change_after:
                         log.debug('User %s requires password change', user_obj)
                         h.flash('You are required to change your password', 'warning',
                                 ignore_duplicate=True)
                         if view_name not in skip_user_views:
                             raise HTTPFound(
                                 self.request.route_path('my_account_password'))
                 def _get_local_tmpl_context(self):
                     c = TemplateArgs()
                     c.auth_user = self.request.user
                     return c
                 def _register_global_c(self, tmpl_args):
                     """
                     Registers attributes to pylons global `c`
                     """
                     # TODO(marcink): remove once pyramid migration is finished
                     for k, v in tmpl_args.items():
                         setattr(c, k, v)
                 def _get_template_context(self, tmpl_args):
                     self._register_global_c(tmpl_args)
                     local_tmpl_args = {
                         'defaults': {},
                         'errors': {},
                     }
                     local_tmpl_args.update(tmpl_args)
                     return local_tmpl_args
                 def load_default_context(self):
                     """
                     example:
                     def load_default_context(self):
                         c = self._get_local_tmpl_context()
                         c.custom_var = 'foobar'
                         self._register_global_c(c)
                         return c
                     """
                     raise NotImplementedError('Needs implementation in view class')
             class RepoAppView(BaseAppView):
                 def __init__(self, context, request):
                     super(RepoAppView, self).__init__(context, request)
                     self.db_repo = request.db_repo
                     self.db_repo_name = self.db_repo.repo_name
                     self.db_repo_pull_requests = ScmModel().get_pull_requests(self.db_repo)
                 def _handle_missing_requirements(self, error):
                     log.error(
                         'Requirements are missing for repository %s: %s',
                         self.db_repo_name, error.message)
                 def _get_local_tmpl_context(self):
                     c = super(RepoAppView, self)._get_local_tmpl_context()
                     # register common vars for this type of view
                     c.rhodecode_db_repo = self.db_repo
                     c.repo_name = self.db_repo_name
                     c.repository_pull_requests = self.db_repo_pull_requests
                     c.repository_requirements_missing = False
                     try:
                         self.rhodecode_vcs_repo = self.db_repo.scm_instance()
                     except RepositoryRequirementError as e:
                         c.repository_requirements_missing = True
                         self._handle_missing_requirements(e)
                     return c
             class DataGridAppView(object):
                 """
                 Common class to have re-usable grid rendering components
                 """
                 def _extract_ordering(self, request, column_map=None):
                     column_map = column_map or {}
                     column_index = safe_int(request.GET.get('order[0][column]'))
                     order_dir = request.GET.get(
                         'order[0][dir]', 'desc')
                     order_by = request.GET.get(
                         'columns[%s][data][sort]' % column_index, 'name_raw')
                     # translate datatable to DB columns
                     order_by = column_map.get(order_by) or order_by
                     search_q = request.GET.get('search[value]')
                     return search_q, order_by, order_dir
                 def _extract_chunk(self, request):
                     start = safe_int(request.GET.get('start'), 0)
                     length = safe_int(request.GET.get('length'), 25)
                     draw = safe_int(request.GET.get('draw'))
                     return draw, start, length
             class BaseReferencesView(RepoAppView):
                 """
                 Base for reference view for branches, tags and bookmarks.
                 """
                 def load_default_context(self):
                     c = self._get_local_tmpl_context()
                     # TODO(marcink): remove repo_info and use c.rhodecode_db_repo instead
                     c.repo_info = self.db_repo
                     self._register_global_c(c)
                     return c
                 def load_refs_context(self, ref_items, partials_template):
                     _render = PartialRenderer(partials_template)
                     _data = []
                     pre_load = ["author", "date", "message"]
                     is_svn = h.is_svn(self.rhodecode_vcs_repo)
                     format_ref_id = get_format_ref_id(self.rhodecode_vcs_repo)
                     for ref_name, commit_id in ref_items:
                         commit = self.rhodecode_vcs_repo.get_commit(
                             commit_id=commit_id, pre_load=pre_load)
                         # TODO: johbo: Unify generation of reference links
                         use_commit_id = '/' in ref_name or is_svn
                         files_url = h.url(
                             'files_home',
                             repo_name=c.repo_name,
                             f_path=ref_name if is_svn else '',
                             revision=commit_id if use_commit_id else ref_name,
                             at=ref_name)
                         _data.append({
                             "name": _render('name', ref_name, files_url),
                             "name_raw": ref_name,
                             "date": _render('date', commit.date),
                             "date_raw": datetime_to_time(commit.date),
                             "author": _render('author', commit.author),
                             "commit": _render(
                                 'commit', commit.message, commit.raw_id, commit.idx),
                             "commit_raw": commit.idx,
                             "compare": _render(
                                 'compare', format_ref_id(ref_name, commit.raw_id)),
                         })
                     c.has_references = bool(_data)
                     c.data = json.dumps(_data)
             class RepoRoutePredicate(object):
                 def __init__(self, val, config):
                     self.val = val
                 def text(self):
                     return 'repo_route = %s' % self.val
                 phash = text
                 def __call__(self, info, request):
                     repo_name = info['match']['repo_name']
                     repo_model = repo.RepoModel()
                     by_name_match = repo_model.get_by_repo_name(repo_name, cache=True)
-                    # if we match quickly from database, short circuit the operation,
-                    # and validate repo based on the type.
                     if by_name_match:
                         # register this as request object we can re-use later
                         request.db_repo = by_name_match
                         return True
                     by_id_match = repo_model.get_repo_by_id(repo_name)
                     if by_id_match:
                         request.db_repo = by_id_match
                         return True
                     return False
             class RepoTypeRoutePredicate(object):
                 def __init__(self, val, config):
                     self.val = val or ['hg', 'git', 'svn']
                 def text(self):
                     return 'repo_accepted_type = %s' % self.val
                 phash = text
                 def __call__(self, info, request):
                     rhodecode_db_repo = request.db_repo
                     log.debug(
                         '%s checking repo type for %s in %s',
                         self.__class__.__name__, rhodecode_db_repo.repo_type, self.val)
                     if rhodecode_db_repo.repo_type in self.val:
                         return True
                     else:
                         log.warning('Current view is not supported for repo type:%s',
                                     rhodecode_db_repo.repo_type)
                         #
                         # h.flash(h.literal(
                         #     _('Action not supported for %s.' % rhodecode_repo.alias)),
                         #     category='warning')
                         # return redirect(
                         #     url('summary_home', repo_name=cls.rhodecode_db_repo.repo_name))
                         return False
+            class RepoGroupRoutePredicate(object):
+                def __init__(self, val, config):
+                    self.val = val
+                def text(self):
+                    return 'repo_group_route = %s' % self.val
+                phash = text
+                def __call__(self, info, request):
+                    repo_group_name = info['match']['repo_group_name']
+                    repo_group_model = repo_group.RepoGroupModel()
+                    by_name_match = repo_group_model.get_by_group_name(
+                        repo_group_name, cache=True)
+                    if by_name_match:
+                        # register this as request object we can re-use later
+                        request.db_repo_group = by_name_match
+                        return True
+                    return False
             def includeme(config):
                 config.add_route_predicate(
                     'repo_route', RepoRoutePredicate)
                 config.add_route_predicate(
-                    'repo_accepted_types', RepoTypeRoutePredicate)
  No newline at end of file
+                    'repo_accepted_types', RepoTypeRoutePredicate)
+                config.add_route_predicate(
+                    'repo_group_route', RepoGroupRoutePredicate)

rhodecode/apps/home/tests/test_home.py ~~rhodecode/tests/functional/test_home.py~~

0 renamed +20 -12

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import pytest
             from pylons import tmpl_context as c
             import rhodecode
             from rhodecode.model.db import Repository, User
             from rhodecode.model.meta import Session
             from rhodecode.model.repo import RepoModel
             from rhodecode.model.repo_group import RepoGroupModel
             from rhodecode.model.settings import SettingsModel
-            from rhodecode.tests import TestController, url
+            from rhodecode.tests import TestController
             from rhodecode.tests.fixture import Fixture
             fixture = Fixture()
+            def route_path(name, **kwargs):
+                return {
+                    'home': '/',
+                    'repo_group_home': '/{repo_group_name}'
+                }[name].format(**kwargs)
             class TestHomeController(TestController):
                 def test_index(self):
                     self.log_user()
-                    response = self.app.get(url(controller='home', action='index'))
+                    response = self.app.get(route_path('home'))
                     # if global permission is set
                     response.mustcontain('Add Repository')
                     # search for objects inside the JavaScript JSON
                     for repo in Repository.getAll():
                         response.mustcontain('"name_raw": "%s"' % repo.repo_name)
                 def test_index_contains_statics_with_ver(self):
                     self.log_user()
-                    response = self.app.get(url(controller='home', action='index'))
+                    response = self.app.get(route_path('home'))
                     rhodecode_version_hash = c.rhodecode_version_hash
                     response.mustcontain('style.css?ver={0}'.format(rhodecode_version_hash))
                     response.mustcontain('rhodecode-components.js?ver={0}'.format(rhodecode_version_hash))
                 def test_index_contains_backend_specific_details(self, backend):
                     self.log_user()
-                    response = self.app.get(url(controller='home', action='index'))
+                    response = self.app.get(route_path('home'))
                     tip = backend.repo.get_commit().raw_id
                     # html in javascript variable:
                     response.mustcontain(r'<i class=\"icon-%s\"' % (backend.alias, ))
                     response.mustcontain(r'href=\"/%s\"' % (backend.repo_name, ))
                     response.mustcontain("""/%s/changeset/%s""" % (backend.repo_name, tip))
                     response.mustcontain("""Added a symlink""")
                 def test_index_with_anonymous_access_disabled(self):
                     with fixture.anon_access(False):
-                        response = self.app.get(url(controller='home', action='index'),
+                        response = self.app.get(route_path('home'), status=302)
-                                                status=302)
                         assert 'login' in response.location
                 def test_index_page_on_groups(self, autologin_user, repo_group):
-                    response = self.app.get(url('repo_group_home', group_name='gr1'))
+                    response = self.app.get(route_path('repo_group_home', repo_group_name='gr1'))
                     response.mustcontain("gr1/repo_in_group")
                 def test_index_page_on_group_with_trailing_slash(
                         self, autologin_user, repo_group):
-                    response = self.app.get(url('repo_group_home', group_name='gr1') + '/')
+                    response = self.app.get(route_path('repo_group_home', repo_group_name='gr1') + '/')
                     response.mustcontain("gr1/repo_in_group")
                 @pytest.fixture(scope='class')
                 def repo_group(self, request):
                     gr = fixture.create_repo_group('gr1')
                     fixture.create_repo(name='gr1/repo_in_group', repo_group=gr)
                     @request.addfinalizer
                     def cleanup():
                         RepoModel().delete('gr1/repo_in_group')
                         RepoGroupModel().delete(repo_group='gr1', force_delete=True)
                         Session().commit()
-                def test_index_with_name_with_tags(self, autologin_user):
+                def test_index_with_name_with_tags(self, user_util, autologin_user):
-                    user = User.get_by_username('test_admin')
+                    user = user_util.create_user()
+                    username = user.username
                     user.name = '<img src="/image1" onload="alert(\'Hello, World!\');">'
                     user.lastname = (
                         '<img src="/image2" onload="alert(\'Hello, World!\');">')
                     Session().add(user)
                     Session().commit()
+                    user_util.create_repo(owner=username)
-                    response = self.app.get(url(controller='home', action='index'))
+                    response = self.app.get(route_path('home'))
                     response.mustcontain(
                         '&lt;img src=&#34;/image1&#34; onload=&#34;'
                         'alert(&#39;Hello, World!&#39;);&#34;&gt;')
                     response.mustcontain(
                         '&lt;img src=&#34;/image2&#34; onload=&#34;'
                         'alert(&#39;Hello, World!&#39;);&#34;&gt;')
                 @pytest.mark.parametrize("name, state", [
                     ('Disabled', False),
                     ('Enabled', True),
                 ])
                 def test_index_show_version(self, autologin_user, name, state):
                     version_string = 'RhodeCode Enterprise %s' % rhodecode.__version__
                     sett = SettingsModel().create_or_update_setting(
                         'show_version', state, 'bool')
                     Session().add(sett)
                     Session().commit()
                     SettingsModel().invalidate_settings_cache()
-                    response = self.app.get(url(controller='home', action='index'))
+                    response = self.app.get(route_path('home'))
                     if state is True:
                         response.mustcontain(version_string)
                     if state is False:
                         response.mustcontain(no=[version_string])

rhodecode/apps/home/views.py

0 +59 -3

             # -*- coding: utf-8 -*-
             # Copyright (C) 2016-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import re
             import logging
             from pyramid.view import view_config
             from rhodecode.apps._base import BaseAppView
             from rhodecode.lib import helpers as h
-            from rhodecode.lib.auth import LoginRequired, NotAnonymous
+            from rhodecode.lib.auth import LoginRequired, NotAnonymous, \
+                HasRepoGroupPermissionAnyDecorator
             from rhodecode.lib.index import searcher_from_config
             from rhodecode.lib.utils2 import safe_unicode, str2bool
+            from rhodecode.lib.ext_json import json
             from rhodecode.model.db import func, Repository, RepoGroup
             from rhodecode.model.repo import RepoModel
-            from rhodecode.model.scm import ScmModel
+            from rhodecode.model.repo_group import RepoGroupModel
+            from rhodecode.model.scm import ScmModel, RepoGroupList, RepoList
             from rhodecode.model.user import UserModel
             from rhodecode.model.user_group import UserGroupModel
             log = logging.getLogger(__name__)
             class HomeView(BaseAppView):
                 def load_default_context(self):
                     c = self._get_local_tmpl_context()
                     c.user = c.auth_user.get_instance()
                     self._register_global_c(c)
                     return c
                 @LoginRequired()
                 @view_config(
                     route_name='user_autocomplete_data', request_method='GET',
                     renderer='json_ext', xhr=True)
                 def user_autocomplete_data(self):
                     query = self.request.GET.get('query')
                     active = str2bool(self.request.GET.get('active') or True)
                     include_groups = str2bool(self.request.GET.get('user_groups'))
                     expand_groups = str2bool(self.request.GET.get('user_groups_expand'))
                     skip_default_user = str2bool(self.request.GET.get('skip_default_user'))
                     log.debug('generating user list, query:%s, active:%s, with_groups:%s',
                               query, active, include_groups)
                     _users = UserModel().get_users(
                         name_contains=query, only_active=active)
                     def maybe_skip_default_user(usr):
                         if skip_default_user and usr['username'] == UserModel.cls.DEFAULT_USER:
                             return False
                         return True
                     _users = filter(maybe_skip_default_user, _users)
                     if include_groups:
                         # extend with user groups
                         _user_groups = UserGroupModel().get_user_groups(
                             name_contains=query, only_active=active,
                             expand_groups=expand_groups)
                         _users = _users + _user_groups
                     return {'suggestions': _users}
                 @LoginRequired()
                 @NotAnonymous()
                 @view_config(
                     route_name='user_group_autocomplete_data', request_method='GET',
                     renderer='json_ext', xhr=True)
                 def user_group_autocomplete_data(self):
                     query = self.request.GET.get('query')
                     active = str2bool(self.request.GET.get('active') or True)
                     expand_groups = str2bool(self.request.GET.get('user_groups_expand'))
                     log.debug('generating user group list, query:%s, active:%s',
                               query, active)
                     _user_groups = UserGroupModel().get_user_groups(
                         name_contains=query, only_active=active,
                         expand_groups=expand_groups)
                     _user_groups = _user_groups
                     return {'suggestions': _user_groups}
                 def _get_repo_list(self, name_contains=None, repo_type=None, limit=20):
                     query = Repository.query()\
                         .order_by(func.length(Repository.repo_name))\
                         .order_by(Repository.repo_name)
                     if repo_type:
                         query = query.filter(Repository.repo_type == repo_type)
                     if name_contains:
                         ilike_expression = u'%{}%'.format(safe_unicode(name_contains))
                         query = query.filter(
                             Repository.repo_name.ilike(ilike_expression))
                         query = query.limit(limit)
                     all_repos = query.all()
                     # permission checks are inside this function
                     repo_iter = ScmModel().get_repos(all_repos)
                     return [
                         {
                             'id': obj['name'],
                             'text': obj['name'],
                             'type': 'repo',
                             'obj': obj['dbrepo'],
                             'url': h.url('summary_home', repo_name=obj['name'])
                         }
                         for obj in repo_iter]
                 def _get_repo_group_list(self, name_contains=None, limit=20):
                     query = RepoGroup.query()\
                         .order_by(func.length(RepoGroup.group_name))\
                         .order_by(RepoGroup.group_name)
                     if name_contains:
                         ilike_expression = u'%{}%'.format(safe_unicode(name_contains))
                         query = query.filter(
                             RepoGroup.group_name.ilike(ilike_expression))
                         query = query.limit(limit)
                     all_groups = query.all()
                     repo_groups_iter = ScmModel().get_repo_groups(all_groups)
                     return [
                         {
                             'id': obj.group_name,
                             'text': obj.group_name,
                             'type': 'group',
                             'obj': {},
-                            'url': h.url('repo_group_home', group_name=obj.group_name)
+                            'url': h.route_path('repo_group_home', repo_group_name=obj.group_name)
                         }
                         for obj in repo_groups_iter]
                 def _get_hash_commit_list(self, auth_user, hash_starts_with=None):
                     if not hash_starts_with or len(hash_starts_with) < 3:
                         return []
                     commit_hashes = re.compile('([0-9a-f]{2,40})').findall(hash_starts_with)
                     if len(commit_hashes) != 1:
                         return []
                     commit_hash_prefix = commit_hashes[0]
                     searcher = searcher_from_config(self.request.registry.settings)
                     result = searcher.search(
                         'commit_id:%s*' % commit_hash_prefix, 'commit', auth_user,
                         raise_on_exc=False)
                     return [
                         {
                             'id': entry['commit_id'],
                             'text': entry['commit_id'],
                             'type': 'commit',
                             'obj': {'repo': entry['repository']},
                             'url': h.url('changeset_home',
                                          repo_name=entry['repository'],
                                          revision=entry['commit_id'])
                         }
                         for entry in result['results']]
                 @LoginRequired()
                 @view_config(
                     route_name='repo_list_data', request_method='GET',
                     renderer='json_ext', xhr=True)
                 def repo_list_data(self):
                     _ = self.request.translate
                     query = self.request.GET.get('query')
                     repo_type = self.request.GET.get('repo_type')
                     log.debug('generating repo list, query:%s, repo_type:%s',
                               query, repo_type)
                     res = []
                     repos = self._get_repo_list(query, repo_type=repo_type)
                     if repos:
                         res.append({
                             'text': _('Repositories'),
                             'children': repos
                         })
                     data = {
                         'more': False,
                         'results': res
                     }
                     return data
                 @LoginRequired()
                 @view_config(
                     route_name='goto_switcher_data', request_method='GET',
                     renderer='json_ext', xhr=True)
                 def goto_switcher_data(self):
                     c = self.load_default_context()
                     _ = self.request.translate
                     query = self.request.GET.get('query')
                     log.debug('generating goto switcher list, query %s', query)
                     res = []
                     repo_groups = self._get_repo_group_list(query)
                     if repo_groups:
                         res.append({
                             'text': _('Groups'),
                             'children': repo_groups
                         })
                     repos = self._get_repo_list(query)
                     if repos:
                         res.append({
                             'text': _('Repositories'),
                             'children': repos
                         })
                     commits = self._get_hash_commit_list(c.auth_user, query)
                     if commits:
                         unique_repos = {}
                         for commit in commits:
                             unique_repos.setdefault(commit['obj']['repo'], []
                                 ).append(commit)
                         for repo in unique_repos:
                             res.append({
                                 'text': _('Commits in %(repo)s') % {'repo': repo},
                                 'children': unique_repos[repo]
                             })
                     data = {
                         'more': False,
                         'results': res
                     }
                     return data
+                def _get_groups_and_repos(self, repo_group_id=None):
+                    # repo groups groups
+                    repo_group_list = RepoGroup.get_all_repo_groups(group_id=repo_group_id)
+                    _perms = ['group.read', 'group.write', 'group.admin']
+                    repo_group_list_acl = RepoGroupList(repo_group_list, perm_set=_perms)
+                    repo_group_data = RepoGroupModel().get_repo_groups_as_dict(
+                        repo_group_list=repo_group_list_acl, admin=False)
+                    # repositories
+                    repo_list = Repository.get_all_repos(group_id=repo_group_id)
+                    _perms = ['repository.read', 'repository.write', 'repository.admin']
+                    repo_list_acl = RepoList(repo_list, perm_set=_perms)
+                    repo_data = RepoModel().get_repos_as_dict(
+                        repo_list=repo_list_acl, admin=False)
+                    return repo_data, repo_group_data
+                @LoginRequired()
+                @view_config(
+                    route_name='home', request_method='GET',
+                    renderer='rhodecode:templates/index.mako')
+                def main_page(self):
+                    c = self.load_default_context()
+                    c.repo_group = None
+                    repo_data, repo_group_data = self._get_groups_and_repos()
+                    # json used to render the grids
+                    c.repos_data = json.dumps(repo_data)
+                    c.repo_groups_data = json.dumps(repo_group_data)
+                    return self._get_template_context(c)
+                @LoginRequired()
+                @HasRepoGroupPermissionAnyDecorator(
+                    'group.read', 'group.write', 'group.admin')
+                @view_config(
+                    route_name='repo_group_home', request_method='GET',
+                    renderer='rhodecode:templates/index_repo_group.mako')
+                @view_config(
+                    route_name='repo_group_home_slash', request_method='GET',
+                    renderer='rhodecode:templates/index_repo_group.mako')
+                def repo_group_main_page(self):
+                    c = self.load_default_context()
+                    c.repo_group = self.request.db_repo_group
+                    repo_data, repo_group_data = self._get_groups_and_repos(
+                        c.repo_group.group_id)
+                    # json used to render the grids
+                    c.repos_data = json.dumps(repo_data)
+                    c.repo_groups_data = json.dumps(repo_group_data)
+                    return self._get_template_context(c)

rhodecode/apps/login/views.py

0 +6 -6

             # -*- coding: utf-8 -*-
             # Copyright (C) 2016-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import time
             import collections
             import datetime
             import formencode
             import logging
             import urlparse
-            from pylons import url
             from pyramid.httpexceptions import HTTPFound
             from pyramid.view import view_config
             from recaptcha.client.captcha import submit
             from rhodecode.apps._base import BaseAppView
             from rhodecode.authentication.base import authenticate, HTTP_TYPE
             from rhodecode.events import UserRegistered
             from rhodecode.lib import helpers as h
             from rhodecode.lib import audit_logger
             from rhodecode.lib.auth import (
                 AuthUser, HasPermissionAnyDecorator, CSRFRequired)
             from rhodecode.lib.base import get_ip_addr
             from rhodecode.lib.exceptions import UserCreationError
             from rhodecode.lib.utils2 import safe_str
             from rhodecode.model.db import User, UserApiKeys
             from rhodecode.model.forms import LoginForm, RegisterForm, PasswordResetForm
             from rhodecode.model.meta import Session
             from rhodecode.model.auth_token import AuthTokenModel
             from rhodecode.model.settings import SettingsModel
             from rhodecode.model.user import UserModel
             from rhodecode.translation import _
             log = logging.getLogger(__name__)
             CaptchaData = collections.namedtuple(
                 'CaptchaData', 'active, private_key, public_key')
             def _store_user_in_session(session, username, remember=False):
                 user = User.get_by_username(username, case_insensitive=True)
                 auth_user = AuthUser(user.user_id)
                 auth_user.set_authenticated()
                 cs = auth_user.get_cookie_store()
                 session['rhodecode_user'] = cs
                 user.update_lastlogin()
                 Session().commit()
                 # If they want to be remembered, update the cookie
                 if remember:
                     _year = (datetime.datetime.now() +
                              datetime.timedelta(seconds=60 * 60 * 24 * 365))
                     session._set_cookie_expires(_year)
                 session.save()
                 safe_cs = cs.copy()
                 safe_cs['password'] = '****'
                 log.info('user %s is now authenticated and stored in '
                          'session, session attrs %s', username, safe_cs)
                 # dumps session attrs back to cookie
                 session._update_cookie_out()
                 # we set new cookie
                 headers = None
                 if session.request['set_cookie']:
                     # send set-cookie headers back to response to update cookie
                     headers = [('Set-Cookie', session.request['cookie_out'])]
                 return headers
             def get_came_from(request):
                 came_from = safe_str(request.GET.get('came_from', ''))
                 parsed = urlparse.urlparse(came_from)
                 allowed_schemes = ['http', 'https']
+                default_came_from = h.route_path('home')
                 if parsed.scheme and parsed.scheme not in allowed_schemes:
                     log.error('Suspicious URL scheme detected %s for url %s' %
                               (parsed.scheme, parsed))
-                    came_from = url('home')
+                    came_from = default_came_from
                 elif parsed.netloc and request.host != parsed.netloc:
                     log.error('Suspicious NETLOC detected %s for url %s server url '
                               'is: %s' % (parsed.netloc, parsed, request.host))
-                    came_from = url('home')
+                    came_from = default_came_from
                 elif any(bad_str in parsed.path for bad_str in ('\r', '\n')):
                     log.error('Header injection detected `%s` for url %s server url ' %
                               (parsed.path, parsed))
-                    came_from = url('home')
+                    came_from = default_came_from
-                return came_from or url('home')
+                return came_from or default_came_from
             class LoginView(BaseAppView):
                 def load_default_context(self):
                     c = self._get_local_tmpl_context()
                     c.came_from = get_came_from(self.request)
                     self._register_global_c(c)
                     return c
                 def _get_captcha_data(self):
                     settings = SettingsModel().get_all_settings()
                     private_key = settings.get('rhodecode_captcha_private_key')
                     public_key = settings.get('rhodecode_captcha_public_key')
                     active = bool(private_key)
                     return CaptchaData(
                         active=active, private_key=private_key, public_key=public_key)
                 @view_config(
                     route_name='login', request_method='GET',
                     renderer='rhodecode:templates/login.mako')
                 def login(self):
                     c = self.load_default_context()
                     auth_user = self._rhodecode_user
                     # redirect if already logged in
                     if (auth_user.is_authenticated and
                             not auth_user.is_default and auth_user.ip_allowed):
                         raise HTTPFound(c.came_from)
                     # check if we use headers plugin, and try to login using it.
                     try:
                         log.debug('Running PRE-AUTH for headers based authentication')
                         auth_info = authenticate(
                             '', '', self.request.environ, HTTP_TYPE, skip_missing=True)
                         if auth_info:
                             headers = _store_user_in_session(
                                 self.session, auth_info.get('username'))
                             raise HTTPFound(c.came_from, headers=headers)
                     except UserCreationError as e:
                         log.error(e)
                         self.session.flash(e, queue='error')
                     return self._get_template_context(c)
                 @view_config(
                     route_name='login', request_method='POST',
                     renderer='rhodecode:templates/login.mako')
                 def login_post(self):
                     c = self.load_default_context()
                     login_form = LoginForm()()
                     try:
                         self.session.invalidate()
                         form_result = login_form.to_python(self.request.params)
                         # form checks for username/password, now we're authenticated
                         headers = _store_user_in_session(
                             self.session,
                             username=form_result['username'],
                             remember=form_result['remember'])
                         log.debug('Redirecting to "%s" after login.', c.came_from)
                         audit_user = audit_logger.UserWrap(
                             username=self.request.params.get('username'),
                             ip_addr=self.request.remote_addr)
                         action_data = {'user_agent': self.request.user_agent}
                         audit_logger.store(
                             action='user.login.success', action_data=action_data,
                             user=audit_user, commit=True)
                         raise HTTPFound(c.came_from, headers=headers)
                     except formencode.Invalid as errors:
                         defaults = errors.value
                         # remove password from filling in form again
                         defaults.pop('password', None)
                         render_ctx = self._get_template_context(c)
                         render_ctx.update({
                             'errors': errors.error_dict,
                             'defaults': defaults,
                         })
                         audit_user = audit_logger.UserWrap(
                             username=self.request.params.get('username'),
                             ip_addr=self.request.remote_addr)
                         action_data = {'user_agent': self.request.user_agent}
                         audit_logger.store(
                             action='user.login.failure', action_data=action_data,
                             user=audit_user, commit=True)
                         return render_ctx
                     except UserCreationError as e:
                         # headers auth or other auth functions that create users on
                         # the fly can throw this exception signaling that there's issue
                         # with user creation, explanation should be provided in
                         # Exception itself
                         self.session.flash(e, queue='error')
                         return self._get_template_context(c)
                 @CSRFRequired()
                 @view_config(route_name='logout', request_method='POST')
                 def logout(self):
                     auth_user = self._rhodecode_user
                     log.info('Deleting session for user: `%s`', auth_user)
                     action_data = {'user_agent': self.request.user_agent}
                     audit_logger.store(
                         action='user.logout', action_data=action_data,
                         user=auth_user, commit=True)
                     self.session.delete()
-                    return HTTPFound(url('home'))
+                    return HTTPFound(h.route_path('home'))
                 @HasPermissionAnyDecorator(
                     'hg.admin', 'hg.register.auto_activate', 'hg.register.manual_activate')
                 @view_config(
                     route_name='register', request_method='GET',
                     renderer='rhodecode:templates/register.mako',)
                 def register(self, defaults=None, errors=None):
                     c = self.load_default_context()
                     defaults = defaults or {}
                     errors = errors or {}
                     settings = SettingsModel().get_all_settings()
                     register_message = settings.get('rhodecode_register_message') or ''
                     captcha = self._get_captcha_data()
                     auto_active = 'hg.register.auto_activate' in User.get_default_user()\
                         .AuthUser.permissions['global']
                     render_ctx = self._get_template_context(c)
                     render_ctx.update({
                         'defaults': defaults,
                         'errors': errors,
                         'auto_active': auto_active,
                         'captcha_active': captcha.active,
                         'captcha_public_key': captcha.public_key,
                         'register_message': register_message,
                     })
                     return render_ctx
                 @HasPermissionAnyDecorator(
                     'hg.admin', 'hg.register.auto_activate', 'hg.register.manual_activate')
                 @view_config(
                     route_name='register', request_method='POST',
                     renderer='rhodecode:templates/register.mako')
                 def register_post(self):
                     captcha = self._get_captcha_data()
                     auto_active = 'hg.register.auto_activate' in User.get_default_user()\
                         .AuthUser.permissions['global']
                     register_form = RegisterForm()()
                     try:
                         form_result = register_form.to_python(self.request.params)
                         form_result['active'] = auto_active
                         if captcha.active:
                             response = submit(
                                 self.request.params.get('recaptcha_challenge_field'),
                                 self.request.params.get('recaptcha_response_field'),
                                 private_key=captcha.private_key,
                                 remoteip=get_ip_addr(self.request.environ))
                             if not response.is_valid:
                                 _value = form_result
                                 _msg = _('Bad captcha')
                                 error_dict = {'recaptcha_field': _msg}
                                 raise formencode.Invalid(_msg, _value, None,
                                                          error_dict=error_dict)
                         new_user = UserModel().create_registration(form_result)
                         event = UserRegistered(user=new_user, session=self.session)
                         self.request.registry.notify(event)
                         self.session.flash(
                             _('You have successfully registered with RhodeCode'),
                             queue='success')
                         Session().commit()
                         redirect_ro = self.request.route_path('login')
                         raise HTTPFound(redirect_ro)
                     except formencode.Invalid as errors:
                         errors.value.pop('password', None)
                         errors.value.pop('password_confirmation', None)
                         return self.register(
                             defaults=errors.value, errors=errors.error_dict)
                     except UserCreationError as e:
                         # container auth or other auth functions that create users on
                         # the fly can throw this exception signaling that there's issue
                         # with user creation, explanation should be provided in
                         # Exception itself
                         self.session.flash(e, queue='error')
                         return self.register()
                 @view_config(
                     route_name='reset_password', request_method=('GET', 'POST'),
                     renderer='rhodecode:templates/password_reset.mako')
                 def password_reset(self):
                     captcha = self._get_captcha_data()
                     render_ctx = {
                         'captcha_active': captcha.active,
                         'captcha_public_key': captcha.public_key,
                         'defaults': {},
                         'errors': {},
                     }
                     # always send implicit message to prevent from discovery of
                     # matching emails
                     msg = _('If such email exists, a password reset link was sent to it.')
                     if self.request.POST:
                         if h.HasPermissionAny('hg.password_reset.disabled')():
                             _email = self.request.POST.get('email', '')
                             log.error('Failed attempt to reset password for `%s`.', _email)
                             self.session.flash(_('Password reset has been disabled.'),
                                                queue='error')
                             return HTTPFound(self.request.route_path('reset_password'))
                         password_reset_form = PasswordResetForm()()
                         try:
                             form_result = password_reset_form.to_python(
                                 self.request.params)
                             user_email = form_result['email']
                             if captcha.active:
                                 response = submit(
                                     self.request.params.get('recaptcha_challenge_field'),
                                     self.request.params.get('recaptcha_response_field'),
                                     private_key=captcha.private_key,
                                     remoteip=get_ip_addr(self.request.environ))
                                 if not response.is_valid:
                                     _value = form_result
                                     _msg = _('Bad captcha')
                                     error_dict = {'recaptcha_field': _msg}
                                     raise formencode.Invalid(
                                         _msg, _value, None, error_dict=error_dict)
                             # Generate reset URL and send mail.
                             user = User.get_by_email(user_email)
                             # generate password reset token that expires in 10minutes
                             desc = 'Generated token for password reset from {}'.format(
                                 datetime.datetime.now().isoformat())
                             reset_token = AuthTokenModel().create(
                                 user, lifetime=10,
                                 description=desc,
                                 role=UserApiKeys.ROLE_PASSWORD_RESET)
                             Session().commit()
                             log.debug('Successfully created password recovery token')
                             password_reset_url = self.request.route_url(
                                 'reset_password_confirmation',
                                 _query={'key': reset_token.api_key})
                             UserModel().reset_password_link(
                                 form_result, password_reset_url)
                             # Display success message and redirect.
                             self.session.flash(msg, queue='success')
                             action_data = {'email': user_email,
                                            'user_agent': self.request.user_agent}
                             audit_logger.store(action='user.password.reset_request',
                                                action_data=action_data,
                                                user=self._rhodecode_user, commit=True)
                             return HTTPFound(self.request.route_path('reset_password'))
                         except formencode.Invalid as errors:
                             render_ctx.update({
                                 'defaults': errors.value,
                                 'errors': errors.error_dict,
                             })
                             if not self.request.params.get('email'):
                                 # case of empty email, we want to report that
                                 return render_ctx
                             if 'recaptcha_field' in errors.error_dict:
                                 # case of failed captcha
                                 return render_ctx
                         log.debug('faking response on invalid password reset')
                         # make this take 2s, to prevent brute forcing.
                         time.sleep(2)
                         self.session.flash(msg, queue='success')
                         return HTTPFound(self.request.route_path('reset_password'))
                     return render_ctx
                 @view_config(route_name='reset_password_confirmation',
                              request_method='GET')
                 def password_reset_confirmation(self):
                     if self.request.GET and self.request.GET.get('key'):
                         # make this take 2s, to prevent brute forcing.
                         time.sleep(2)
                         token = AuthTokenModel().get_auth_token(
                             self.request.GET.get('key'))
                         # verify token is the correct role
                         if token is None or token.role != UserApiKeys.ROLE_PASSWORD_RESET:
                             log.debug('Got token with role:%s expected is %s',
                                       getattr(token, 'role', 'EMPTY_TOKEN'),
                                       UserApiKeys.ROLE_PASSWORD_RESET)
                             self.session.flash(
                                 _('Given reset token is invalid'), queue='error')
                             return HTTPFound(self.request.route_path('reset_password'))
                         try:
                             owner = token.user
                             data = {'email': owner.email, 'token': token.api_key}
                             UserModel().reset_password(data)
                             self.session.flash(
                                 _('Your password reset was successful, '
                                   'a new password has been sent to your email'),
                                 queue='success')
                         except Exception as e:
                             log.error(e)
                             return HTTPFound(self.request.route_path('reset_password'))
                     return HTTPFound(self.request.route_path('login'))

rhodecode/apps/my_account/tests/test_my_account_password.py

0 +2 -1

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import pytest
             import mock
             from rhodecode.apps._base import ADMIN_PREFIX
             from rhodecode.lib import helpers as h
             from rhodecode.lib.auth import check_password
             from rhodecode.model.meta import Session
             from rhodecode.model.user import UserModel
             from rhodecode.tests import assert_session_flash
             from rhodecode.tests.fixture import Fixture, TestController, error_function
             fixture = Fixture()
             def route_path(name, **kwargs):
                 return {
                     'home': '/',
                     'my_account_password':
                         ADMIN_PREFIX + '/my_account/password',
                 }[name].format(**kwargs)
             test_user_1 = 'testme'
             test_user_1_password = '0jd83nHNS/d23n'
             class TestMyAccountPassword(TestController):
                 def test_valid_change_password(self, user_util):
                     new_password = 'my_new_valid_password'
                     user = user_util.create_user(password=test_user_1_password)
                     self.log_user(user.username, test_user_1_password)
                     form_data = [
                         ('current_password', test_user_1_password),
                         ('__start__', 'new_password:mapping'),
                         ('new_password', new_password),
                         ('new_password-confirm', new_password),
                         ('__end__', 'new_password:mapping'),
                         ('csrf_token', self.csrf_token),
                     ]
                     response = self.app.post(route_path('my_account_password'), form_data).follow()
                     assert 'Successfully updated password' in response
                     # check_password depends on user being in session
                     Session().add(user)
                     try:
                         assert check_password(new_password, user.password)
                     finally:
                         Session().expunge(user)
                 @pytest.mark.parametrize('current_pw, new_pw, confirm_pw', [
                     ('', 'abcdef123', 'abcdef123'),
                     ('wrong_pw', 'abcdef123', 'abcdef123'),
                     (test_user_1_password, test_user_1_password, test_user_1_password),
                     (test_user_1_password, '', ''),
                     (test_user_1_password, 'abcdef123', ''),
                     (test_user_1_password, '', 'abcdef123'),
                     (test_user_1_password, 'not_the', 'same_pw'),
                     (test_user_1_password, 'short', 'short'),
                 ])
                 def test_invalid_change_password(self, current_pw, new_pw, confirm_pw,
                                                  user_util):
                     user = user_util.create_user(password=test_user_1_password)
                     self.log_user(user.username, test_user_1_password)
                     form_data = [
                         ('current_password', current_pw),
                         ('__start__', 'new_password:mapping'),
                         ('new_password', new_pw),
                         ('new_password-confirm', confirm_pw),
                         ('__end__', 'new_password:mapping'),
                         ('csrf_token', self.csrf_token),
                     ]
                     response = self.app.post(route_path('my_account_password'), form_data)
                     assert_response = response.assert_response()
                     assert assert_response.get_elements('.error-block')
                 @mock.patch.object(UserModel, 'update_user', error_function)
                 def test_invalid_change_password_exception(self, user_util):
                     user = user_util.create_user(password=test_user_1_password)
                     self.log_user(user.username, test_user_1_password)
                     form_data = [
                         ('current_password', test_user_1_password),
                         ('__start__', 'new_password:mapping'),
                         ('new_password', '123456'),
                         ('new_password-confirm', '123456'),
                         ('__end__', 'new_password:mapping'),
                         ('csrf_token', self.csrf_token),
                     ]
                     response = self.app.post(route_path('my_account_password'), form_data)
                     assert_session_flash(
                         response, 'Error occurred during update of user password')
                 def test_password_is_updated_in_session_on_password_change(self, user_util):
                     old_password = 'abcdef123'
                     new_password = 'abcdef124'
                     user = user_util.create_user(password=old_password)
                     session = self.log_user(user.username, old_password)
                     old_password_hash = session['password']
                     form_data = [
                         ('current_password', old_password),
                         ('__start__', 'new_password:mapping'),
                         ('new_password', new_password),
                         ('new_password-confirm', new_password),
                         ('__end__', 'new_password:mapping'),
                         ('csrf_token', self.csrf_token),
                     ]
                     self.app.post(route_path('my_account_password'), form_data)
                     response = self.app.get(route_path('home'))
-                    new_password_hash = response.session['rhodecode_user']['password']
+                    session = response.get_session_from_response()
+                    new_password_hash = session['rhodecode_user']['password']
                     assert old_password_hash != new_password_hash

rhodecode/apps/repository/__init__.py

0 +4 0

             # -*- coding: utf-8 -*-
             # Copyright (C) 2016-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             def includeme(config):
                 # Summary
                 config.add_route(
+                    name='repo_summary',
+                    pattern='/{repo_name:.*?[^/]}', repo_route=True)
+                config.add_route(
                     name='repo_summary_explicit',
                     pattern='/{repo_name:.*?[^/]}/summary', repo_route=True)
                 # Tags
                 config.add_route(
                     name='tags_home',
                     pattern='/{repo_name:.*?[^/]}/tags', repo_route=True)
                 # Branches
                 config.add_route(
                     name='branches_home',
                     pattern='/{repo_name:.*?[^/]}/branches', repo_route=True)
                 # Bookmarks
                 config.add_route(
                     name='bookmarks_home',
                     pattern='/{repo_name:.*?[^/]}/bookmarks', repo_route=True)
                 # Pull Requests
                 config.add_route(
                     name='pullrequest_show',
                     pattern='/{repo_name:.*?[^/]}/pull-request/{pull_request_id}',
                     repo_route=True)
                 config.add_route(
                     name='pullrequest_show_all',
                     pattern='/{repo_name:.*?[^/]}/pull-request',
                     repo_route=True, repo_accepted_types=['hg', 'git'])
                 config.add_route(
                     name='pullrequest_show_all_data',
                     pattern='/{repo_name:.*?[^/]}/pull-request-data',
                     repo_route=True, repo_accepted_types=['hg', 'git'])
                 # Settings
                 config.add_route(
                     name='edit_repo',
                     pattern='/{repo_name:.*?[^/]}/settings', repo_route=True)
                 # Settings advanced
                 config.add_route(
                     name='edit_repo_advanced',
                     pattern='/{repo_name:.*?[^/]}/settings/advanced', repo_route=True)
                 config.add_route(
                     name='edit_repo_advanced_delete',
                     pattern='/{repo_name:.*?[^/]}/settings/advanced/delete', repo_route=True)
                 config.add_route(
                     name='edit_repo_advanced_locking',
                     pattern='/{repo_name:.*?[^/]}/settings/advanced/locking', repo_route=True)
                 config.add_route(
                     name='edit_repo_advanced_journal',
                     pattern='/{repo_name:.*?[^/]}/settings/advanced/journal', repo_route=True)
                 config.add_route(
                     name='edit_repo_advanced_fork',
                     pattern='/{repo_name:.*?[^/]}/settings/advanced/fork', repo_route=True)
                 # Caches
                 config.add_route(
                     name='edit_repo_caches',
                     pattern='/{repo_name:.*?[^/]}/settings/caches', repo_route=True)
                 # Permissions
                 config.add_route(
                     name='edit_repo_perms',
                     pattern='/{repo_name:.*?[^/]}/settings/permissions', repo_route=True)
                 # Repo Review Rules
                 config.add_route(
                     name='repo_reviewers',
                     pattern='/{repo_name:.*?[^/]}/settings/review/rules', repo_route=True)
                 config.add_route(
                     name='repo_default_reviewers_data',
                     pattern='/{repo_name:.*?[^/]}/settings/review/default-reviewers', repo_route=True)
                 # Maintenance
                 config.add_route(
                     name='repo_maintenance',
                     pattern='/{repo_name:.*?[^/]}/settings/maintenance', repo_route=True)
                 config.add_route(
                     name='repo_maintenance_execute',
                     pattern='/{repo_name:.*?[^/]}/settings/maintenance/execute', repo_route=True)
                 # Strip
                 config.add_route(
                     name='strip',
                     pattern='/{repo_name:.*?[^/]}/settings/strip', repo_route=True)
                 config.add_route(
                     name='strip_check',
                     pattern='/{repo_name:.*?[^/]}/settings/strip_check', repo_route=True)
                 config.add_route(
                     name='strip_execute',
                     pattern='/{repo_name:.*?[^/]}/settings/strip_execute', repo_route=True)
                 # NOTE(marcink): needs to be at the end for catch-all
                 # config.add_route(
                 #     name='repo_summary',
                 #     pattern='/{repo_name:.*?[^/]}', repo_route=True)
                 # Scan module for configuration decorators.
                 config.scan()

rhodecode/config/middleware.py

0 +1 0

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             Pylons middleware initialization
             """
             import logging
             from collections import OrderedDict
             from paste.registry import RegistryManager
             from paste.gzipper import make_gzip_middleware
             from pylons.wsgiapp import PylonsApp
             from pyramid.authorization import ACLAuthorizationPolicy
             from pyramid.config import Configurator
             from pyramid.settings import asbool, aslist
             from pyramid.wsgi import wsgiapp
             from pyramid.httpexceptions import (
                 HTTPException, HTTPError, HTTPInternalServerError, HTTPFound)
             from pyramid.events import ApplicationCreated
             from pyramid.renderers import render_to_response
             from routes.middleware import RoutesMiddleware
             import routes.util
             import rhodecode
             from rhodecode.model import meta
             from rhodecode.config import patches
             from rhodecode.config.routing import STATIC_FILE_PREFIX
             from rhodecode.config.environment import (
                 load_environment, load_pyramid_environment)
             from rhodecode.lib.middleware import csrf
             from rhodecode.lib.middleware.appenlight import wrap_in_appenlight_if_enabled
             from rhodecode.lib.middleware.error_handling import (
                 PylonsErrorHandlingMiddleware)
             from rhodecode.lib.middleware.https_fixup import HttpsFixup
             from rhodecode.lib.middleware.vcs import VCSMiddleware
             from rhodecode.lib.plugins.utils import register_rhodecode_plugin
             from rhodecode.lib.utils2 import aslist as rhodecode_aslist
             from rhodecode.subscribers import (
                 scan_repositories_if_enabled, write_js_routes_if_enabled,
                 write_metadata_if_needed)
             log = logging.getLogger(__name__)
             # this is used to avoid avoid the route lookup overhead in routesmiddleware
             # for certain routes which won't go to pylons to - eg. static files, debugger
             # it is only needed for the pylons migration and can be removed once complete
             class SkippableRoutesMiddleware(RoutesMiddleware):
                 """ Routes middleware that allows you to skip prefixes """
                 def __init__(self, *args, **kw):
                     self.skip_prefixes = kw.pop('skip_prefixes', [])
                     super(SkippableRoutesMiddleware, self).__init__(*args, **kw)
                 def __call__(self, environ, start_response):
                     for prefix in self.skip_prefixes:
                         if environ['PATH_INFO'].startswith(prefix):
                             # added to avoid the case when a missing /_static route falls
                             # through to pylons and causes an exception as pylons is
                             # expecting wsgiorg.routingargs to be set in the environ
                             # by RoutesMiddleware.
                             if 'wsgiorg.routing_args' not in environ:
                                 environ['wsgiorg.routing_args'] = (None, {})
                             return self.app(environ, start_response)
                     return super(SkippableRoutesMiddleware, self).__call__(
                         environ, start_response)
             def make_app(global_conf, static_files=True, **app_conf):
                 """Create a Pylons WSGI application and return it
                 ``global_conf``
                     The inherited configuration for this application. Normally from
                     the [DEFAULT] section of the Paste ini file.
                 ``app_conf``
                     The application's local configuration. Normally specified in
                     the [app:<name>] section of the Paste ini file (where <name>
                     defaults to main).
                 """
                 # Apply compatibility patches
                 patches.kombu_1_5_1_python_2_7_11()
                 patches.inspect_getargspec()
                 # Configure the Pylons environment
                 config = load_environment(global_conf, app_conf)
                 # The Pylons WSGI app
                 app = PylonsApp(config=config)
                 if rhodecode.is_test:
                     app = csrf.CSRFDetector(app)
                 expected_origin = config.get('expected_origin')
                 if expected_origin:
                     # The API can be accessed from other Origins.
                     app = csrf.OriginChecker(app, expected_origin,
                                              skip_urls=[routes.util.url_for('api')])
                 # Establish the Registry for this application
                 app = RegistryManager(app)
                 app.config = config
                 return app
             def make_pyramid_app(global_config, **settings):
                 """
                 Constructs the WSGI application based on Pyramid and wraps the Pylons based
                 application.
                 Specials:
                 * We migrate from Pylons to Pyramid. While doing this, we keep both
                   frameworks functional. This involves moving some WSGI middlewares around
                   and providing access to some data internals, so that the old code is
                   still functional.
                 * The application can also be integrated like a plugin via the call to
                   `includeme`. This is accompanied with the other utility functions which
                   are called. Changing this should be done with great care to not break
                   cases when these fragments are assembled from another place.
                 """
                 # The edition string should be available in pylons too, so we add it here
                 # before copying the settings.
                 settings.setdefault('rhodecode.edition', 'Community Edition')
                 # As long as our Pylons application does expect "unprepared" settings, make
                 # sure that we keep an unmodified copy. This avoids unintentional change of
                 # behavior in the old application.
                 settings_pylons = settings.copy()
                 sanitize_settings_and_apply_defaults(settings)
                 config = Configurator(settings=settings)
                 add_pylons_compat_data(config.registry, global_config, settings_pylons)
                 load_pyramid_environment(global_config, settings)
                 includeme_first(config)
                 includeme(config)
                 pyramid_app = config.make_wsgi_app()
                 pyramid_app = wrap_app_in_wsgi_middlewares(pyramid_app, config)
                 pyramid_app.config = config
                 # creating the app uses a connection - return it after we are done
                 meta.Session.remove()
                 return pyramid_app
             def make_not_found_view(config):
                 """
                 This creates the view which should be registered as not-found-view to
                 pyramid. Basically it contains of the old pylons app, converted to a view.
                 Additionally it is wrapped by some other middlewares.
                 """
                 settings = config.registry.settings
                 vcs_server_enabled = settings['vcs.server.enable']
                 # Make pylons app from unprepared settings.
                 pylons_app = make_app(
                     config.registry._pylons_compat_global_config,
                     **config.registry._pylons_compat_settings)
                 config.registry._pylons_compat_config = pylons_app.config
                 # Appenlight monitoring.
                 pylons_app, appenlight_client = wrap_in_appenlight_if_enabled(
                     pylons_app, settings)
                 # The pylons app is executed inside of the pyramid 404 exception handler.
                 # Exceptions which are raised inside of it are not handled by pyramid
                 # again. Therefore we add a middleware that invokes the error handler in
                 # case of an exception or error response. This way we return proper error
                 # HTML pages in case of an error.
                 reraise = (settings.get('debugtoolbar.enabled', False) or
                            rhodecode.disable_error_handler)
                 pylons_app = PylonsErrorHandlingMiddleware(
                     pylons_app, error_handler, reraise)
                 # The VCSMiddleware shall operate like a fallback if pyramid doesn't find a
                 # view to handle the request. Therefore it is wrapped around the pylons
                 # app. It has to be outside of the error handling otherwise error responses
                 # from the vcsserver are converted to HTML error pages. This confuses the
                 # command line tools and the user won't get a meaningful error message.
                 if vcs_server_enabled:
                     pylons_app = VCSMiddleware(
                         pylons_app, settings, appenlight_client, registry=config.registry)
                 # Convert WSGI app to pyramid view and return it.
                 return wsgiapp(pylons_app)
             def add_pylons_compat_data(registry, global_config, settings):
                 """
                 Attach data to the registry to support the Pylons integration.
                 """
                 registry._pylons_compat_global_config = global_config
                 registry._pylons_compat_settings = settings
             def error_handler(exception, request):
                 import rhodecode
                 from rhodecode.lib.utils2 import AttributeDict
                 from rhodecode.lib import helpers
                 rhodecode_title = rhodecode.CONFIG.get('rhodecode_title') or 'RhodeCode'
                 base_response = HTTPInternalServerError()
                 # prefer original exception for the response since it may have headers set
                 if isinstance(exception, HTTPException):
                     base_response = exception
                 def is_http_error(response):
                     # error which should have traceback
                     return response.status_code > 499
                 if is_http_error(base_response):
                     log.exception(
                         'error occurred handling this request for path: %s', request.path)
                 c = AttributeDict()
                 c.error_message = base_response.status
                 c.error_explanation = base_response.explanation or str(base_response)
                 c.visual = AttributeDict()
                 c.visual.rhodecode_support_url = (
                     request.registry.settings.get('rhodecode_support_url') or
                     request.route_url('rhodecode_support')
                 )
                 c.redirect_time = 0
                 c.rhodecode_name = rhodecode_title
                 if not c.rhodecode_name:
                     c.rhodecode_name = 'Rhodecode'
                 c.causes = []
                 if hasattr(base_response, 'causes'):
                     c.causes = base_response.causes
                 c.messages = helpers.flash.pop_messages()
                 response = render_to_response(
                     '/errors/error_document.mako', {'c': c, 'h': helpers}, request=request,
                     response=base_response)
                 return response
             def includeme(config):
                 settings = config.registry.settings
                 # plugin information
                 config.registry.rhodecode_plugins = OrderedDict()
                 config.add_directive(
                     'register_rhodecode_plugin', register_rhodecode_plugin)
                 if asbool(settings.get('appenlight', 'false')):
                     config.include('appenlight_client.ext.pyramid_tween')
                 # Includes which are required. The application would fail without them.
                 config.include('pyramid_mako')
                 config.include('pyramid_beaker')
                 config.include('rhodecode.authentication')
                 config.include('rhodecode.integrations')
                 # apps
                 config.include('rhodecode.apps._base')
                 config.include('rhodecode.apps.ops')
                 config.include('rhodecode.apps.admin')
                 config.include('rhodecode.apps.channelstream')
                 config.include('rhodecode.apps.login')
                 config.include('rhodecode.apps.home')
                 config.include('rhodecode.apps.repository')
+                config.include('rhodecode.apps.repo_group')
                 config.include('rhodecode.apps.search')
                 config.include('rhodecode.apps.user_profile')
                 config.include('rhodecode.apps.my_account')
                 config.include('rhodecode.apps.svn_support')
                 config.include('rhodecode.tweens')
                 config.include('rhodecode.api')
                 config.add_route(
                     'rhodecode_support', 'https://rhodecode.com/help/', static=True)
                 config.add_translation_dirs('rhodecode:i18n/')
                 settings['default_locale_name'] = settings.get('lang', 'en')
                 # Add subscribers.
                 config.add_subscriber(scan_repositories_if_enabled, ApplicationCreated)
                 config.add_subscriber(write_metadata_if_needed, ApplicationCreated)
                 config.add_subscriber(write_js_routes_if_enabled, ApplicationCreated)
                 # Set the authorization policy.
                 authz_policy = ACLAuthorizationPolicy()
                 config.set_authorization_policy(authz_policy)
                 # Set the default renderer for HTML templates to mako.
                 config.add_mako_renderer('.html')
                 config.add_renderer(
                     name='json_ext',
                     factory='rhodecode.lib.ext_json_renderer.pyramid_ext_json')
                 # include RhodeCode plugins
                 includes = aslist(settings.get('rhodecode.includes', []))
                 for inc in includes:
                     config.include(inc)
                 # This is the glue which allows us to migrate in chunks. By registering the
                 # pylons based application as the "Not Found" view in Pyramid, we will
                 # fallback to the old application each time the new one does not yet know
                 # how to handle a request.
                 config.add_notfound_view(make_not_found_view(config))
                 if not settings.get('debugtoolbar.enabled', False):
                     # if no toolbar, then any exception gets caught and rendered
                     config.add_view(error_handler, context=Exception)
                 config.add_view(error_handler, context=HTTPError)
             def includeme_first(config):
                 # redirect automatic browser favicon.ico requests to correct place
                 def favicon_redirect(context, request):
                     return HTTPFound(
                         request.static_path('rhodecode:public/images/favicon.ico'))
                 config.add_view(favicon_redirect, route_name='favicon')
                 config.add_route('favicon', '/favicon.ico')
                 def robots_redirect(context, request):
                     return HTTPFound(
                         request.static_path('rhodecode:public/robots.txt'))
                 config.add_view(robots_redirect, route_name='robots')
                 config.add_route('robots', '/robots.txt')
                 config.add_static_view(
                     '_static/deform', 'deform:static')
                 config.add_static_view(
                     '_static/rhodecode', path='rhodecode:public', cache_max_age=3600 * 24)
             def wrap_app_in_wsgi_middlewares(pyramid_app, config):
                 """
                 Apply outer WSGI middlewares around the application.
                 Part of this has been moved up from the Pylons layer, so that the
                 data is also available if old Pylons code is hit through an already ported
                 view.
                 """
                 settings = config.registry.settings
                 # enable https redirects based on HTTP_X_URL_SCHEME set by proxy
                 pyramid_app = HttpsFixup(pyramid_app, settings)
                 # Add RoutesMiddleware to support the pylons compatibility tween during
                 # migration to pyramid.
                 pyramid_app = SkippableRoutesMiddleware(
                     pyramid_app, config.registry._pylons_compat_config['routes.map'],
                     skip_prefixes=(STATIC_FILE_PREFIX, '/_debug_toolbar'))
                 pyramid_app, _ = wrap_in_appenlight_if_enabled(pyramid_app, settings)
                 if settings['gzip_responses']:
                     pyramid_app = make_gzip_middleware(
                         pyramid_app, settings, compress_level=1)
                 # this should be the outer most middleware in the wsgi stack since
                 # middleware like Routes make database calls
                 def pyramid_app_with_cleanup(environ, start_response):
                     try:
                         return pyramid_app(environ, start_response)
                     finally:
                         # Dispose current database session and rollback uncommitted
                         # transactions.
                         meta.Session.remove()
                         # In a single threaded mode server, on non sqlite db we should have
                         # '0 Current Checked out connections' at the end of a request,
                         # if not, then something, somewhere is leaving a connection open
                         pool = meta.Base.metadata.bind.engine.pool
                         log.debug('sa pool status: %s', pool.status())
                 return pyramid_app_with_cleanup
             def sanitize_settings_and_apply_defaults(settings):
                 """
                 Applies settings defaults and does all type conversion.
                 We would move all settings parsing and preparation into this place, so that
                 we have only one place left which deals with this part. The remaining parts
                 of the application would start to rely fully on well prepared settings.
                 This piece would later be split up per topic to avoid a big fat monster
                 function.
                 """
                 # Pyramid's mako renderer has to search in the templates folder so that the
                 # old templates still work. Ported and new templates are expected to use
                 # real asset specifications for the includes.
                 mako_directories = settings.setdefault('mako.directories', [
                     # Base templates of the original Pylons application
                     'rhodecode:templates',
                 ])
                 log.debug(
                     "Using the following Mako template directories: %s",
                     mako_directories)
                 # Default includes, possible to change as a user
                 pyramid_includes = settings.setdefault('pyramid.includes', [
                     'rhodecode.lib.middleware.request_wrapper',
                 ])
                 log.debug(
                     "Using the following pyramid.includes: %s",
                     pyramid_includes)
                 # TODO: johbo: Re-think this, usually the call to config.include
                 # should allow to pass in a prefix.
                 settings.setdefault('rhodecode.api.url', '/_admin/api')
                 # Sanitize generic settings.
                 _list_setting(settings, 'default_encoding', 'UTF-8')
                 _bool_setting(settings, 'is_test', 'false')
                 _bool_setting(settings, 'gzip_responses', 'false')
                 # Call split out functions that sanitize settings for each topic.
                 _sanitize_appenlight_settings(settings)
                 _sanitize_vcs_settings(settings)
                 return settings
             def _sanitize_appenlight_settings(settings):
                 _bool_setting(settings, 'appenlight', 'false')
             def _sanitize_vcs_settings(settings):
                 """
                 Applies settings defaults and does type conversion for all VCS related
                 settings.
                 """
                 _string_setting(settings, 'vcs.svn.compatible_version', '')
                 _string_setting(settings, 'git_rev_filter', '--all')
                 _string_setting(settings, 'vcs.hooks.protocol', 'http')
                 _string_setting(settings, 'vcs.scm_app_implementation', 'http')
                 _string_setting(settings, 'vcs.server', '')
                 _string_setting(settings, 'vcs.server.log_level', 'debug')
                 _string_setting(settings, 'vcs.server.protocol', 'http')
                 _bool_setting(settings, 'startup.import_repos', 'false')
                 _bool_setting(settings, 'vcs.hooks.direct_calls', 'false')
                 _bool_setting(settings, 'vcs.server.enable', 'true')
                 _bool_setting(settings, 'vcs.start_server', 'false')
                 _list_setting(settings, 'vcs.backends', 'hg, git, svn')
                 _int_setting(settings, 'vcs.connection_timeout', 3600)
                 # Support legacy values of vcs.scm_app_implementation. Legacy
                 # configurations may use 'rhodecode.lib.middleware.utils.scm_app_http'
                 # which is now mapped to 'http'.
                 scm_app_impl = settings['vcs.scm_app_implementation']
                 if scm_app_impl == 'rhodecode.lib.middleware.utils.scm_app_http':
                     settings['vcs.scm_app_implementation'] = 'http'
             def _int_setting(settings, name, default):
                 settings[name] = int(settings.get(name, default))
             def _bool_setting(settings, name, default):
                 input = settings.get(name, default)
                 if isinstance(input, unicode):
                     input = input.encode('utf8')
                 settings[name] = asbool(input)
             def _list_setting(settings, name, default):
                 raw_value = settings.get(name, default)
                 old_separator = ','
                 if old_separator in raw_value:
                     # If we get a comma separated list, pass it to our own function.
                     settings[name] = rhodecode_aslist(raw_value, sep=old_separator)
                 else:
                     # Otherwise we assume it uses pyramids space/newline separation.
                     settings[name] = aslist(raw_value)
             def _string_setting(settings, name, default, lower=True):
                 value = settings.get(name, default)
                 if lower:
                     value = value.lower()
                 settings[name] = value

rhodecode/config/routing.py

0 0 -10

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             Routes configuration
             The more specific and detailed routes should be defined first so they
             may take precedent over the more generic routes. For more information
             refer to the routes manual at http://routes.groovie.org/docs/
             IMPORTANT: if you change any routing here, make sure to take a look at lib/base.py
             and _route_name variable which uses some of stored naming here to do redirects.
             """
             import os
             import re
             from routes import Mapper
             # prefix for non repository related links needs to be prefixed with `/`
             ADMIN_PREFIX = '/_admin'
             STATIC_FILE_PREFIX = '/_static'
             # Default requirements for URL parts
             URL_NAME_REQUIREMENTS = {
                 # group name can have a slash in them, but they must not end with a slash
                 'group_name': r'.*?[^/]',
                 'repo_group_name': r'.*?[^/]',
                 # repo names can have a slash in them, but they must not end with a slash
                 'repo_name': r'.*?[^/]',
                 # file path eats up everything at the end
                 'f_path': r'.*',
                 # reference types
                 'source_ref_type': '(branch|book|tag|rev|\%\(source_ref_type\)s)',
                 'target_ref_type': '(branch|book|tag|rev|\%\(target_ref_type\)s)',
             }
             def add_route_requirements(route_path, requirements):
                 """
                 Adds regex requirements to pyramid routes using a mapping dict
                 >>> add_route_requirements('/{action}/{id}', {'id': r'\d+'})
                 '/{action}/{id:\d+}'
                  """
                 for key, regex in requirements.items():
                     route_path = route_path.replace('{%s}' % key, '{%s:%s}' % (key, regex))
                 return route_path
             class JSRoutesMapper(Mapper):
                 """
                 Wrapper for routes.Mapper to make pyroutes compatible url definitions
                 """
                 _named_route_regex = re.compile(r'^[a-z-_0-9A-Z]+$')
                 _argument_prog = re.compile('\{(.*?)\}|:\((.*)\)')
                 def __init__(self, *args, **kw):
                     super(JSRoutesMapper, self).__init__(*args, **kw)
                     self._jsroutes = []
                 def connect(self, *args, **kw):
                     """
                     Wrapper for connect to take an extra argument jsroute=True
                     :param jsroute: boolean, if True will add the route to the pyroutes list
                     """
                     if kw.pop('jsroute', False):
                         if not self._named_route_regex.match(args[0]):
                             raise Exception('only named routes can be added to pyroutes')
                         self._jsroutes.append(args[0])
                     super(JSRoutesMapper, self).connect(*args, **kw)
                 def _extract_route_information(self, route):
                     """
                     Convert a route into tuple(name, path, args), eg:
                         ('show_user', '/profile/%(username)s', ['username'])
                     """
                     routepath = route.routepath
                     def replace(matchobj):
                         if matchobj.group(1):
                             return "%%(%s)s" % matchobj.group(1).split(':')[0]
                         else:
                             return "%%(%s)s" % matchobj.group(2)
                     routepath = self._argument_prog.sub(replace, routepath)
                     return (
                         route.name,
                         routepath,
                         [(arg[0].split(':')[0] if arg[0] != '' else arg[1])
                           for arg in self._argument_prog.findall(route.routepath)]
                     )
                 def jsroutes(self):
                     """
                     Return a list of pyroutes.js compatible routes
                     """
                     for route_name in self._jsroutes:
                         yield self._extract_route_information(self._routenames[route_name])
             def make_map(config):
                 """Create, configure and return the routes Mapper"""
                 rmap = JSRoutesMapper(directory=config['pylons.paths']['controllers'],
                               always_scan=config['debug'])
                 rmap.minimization = False
                 rmap.explicit = False
                 from rhodecode.lib.utils2 import str2bool
                 from rhodecode.model import repo, repo_group
                 def check_repo(environ, match_dict):
                     """
                     check for valid repository for proper 404 handling
                     :param environ:
                     :param match_dict:
                     """
                     repo_name = match_dict.get('repo_name')
                     if match_dict.get('f_path'):
                         # fix for multiple initial slashes that causes errors
                         match_dict['f_path'] = match_dict['f_path'].lstrip('/')
                     repo_model = repo.RepoModel()
                     by_name_match = repo_model.get_by_repo_name(repo_name)
                     # if we match quickly from database, short circuit the operation,
                     # and validate repo based on the type.
                     if by_name_match:
                         return True
                     by_id_match = repo_model.get_repo_by_id(repo_name)
                     if by_id_match:
                         repo_name = by_id_match.repo_name
                         match_dict['repo_name'] = repo_name
                         return True
                     return False
                 def check_group(environ, match_dict):
                     """
                     check for valid repository group path for proper 404 handling
                     :param environ:
                     :param match_dict:
                     """
                     repo_group_name = match_dict.get('group_name')
                     repo_group_model = repo_group.RepoGroupModel()
                     by_name_match = repo_group_model.get_by_group_name(repo_group_name)
                     if by_name_match:
                         return True
                     return False
                 def check_user_group(environ, match_dict):
                     """
                     check for valid user group for proper 404 handling
                     :param environ:
                     :param match_dict:
                     """
                     return True
                 def check_int(environ, match_dict):
                     return match_dict.get('id').isdigit()
                 #==========================================================================
                 # CUSTOM ROUTES HERE
                 #==========================================================================
-                # MAIN PAGE
-                rmap.connect('home', '/', controller='home', action='index')
                 # ping and pylons error test
                 rmap.connect('ping', '%s/ping' % (ADMIN_PREFIX,), controller='home', action='ping')
                 rmap.connect('error_test', '%s/error_test' % (ADMIN_PREFIX,), controller='home', action='error_test')
                 # ADMIN REPOSITORY ROUTES
                 with rmap.submapper(path_prefix=ADMIN_PREFIX,
                                     controller='admin/repos') as m:
                     m.connect('repos', '/repos',
                               action='create', conditions={'method': ['POST']})
                     m.connect('repos', '/repos',
                               action='index', conditions={'method': ['GET']})
                     m.connect('new_repo', '/create_repository', jsroute=True,
                               action='create_repository', conditions={'method': ['GET']})
                     m.connect('delete_repo', '/repos/{repo_name}',
                               action='delete', conditions={'method': ['DELETE']},
                               requirements=URL_NAME_REQUIREMENTS)
                     m.connect('repo', '/repos/{repo_name}',
                               action='show', conditions={'method': ['GET'],
                                                          'function': check_repo},
                               requirements=URL_NAME_REQUIREMENTS)
                 # ADMIN REPOSITORY GROUPS ROUTES
                 with rmap.submapper(path_prefix=ADMIN_PREFIX,
                                     controller='admin/repo_groups') as m:
                     m.connect('repo_groups', '/repo_groups',
                               action='create', conditions={'method': ['POST']})
                     m.connect('repo_groups', '/repo_groups',
                               action='index', conditions={'method': ['GET']})
                     m.connect('new_repo_group', '/repo_groups/new',
                               action='new', conditions={'method': ['GET']})
                     m.connect('update_repo_group', '/repo_groups/{group_name}',
                               action='update', conditions={'method': ['PUT'],
                                                            'function': check_group},
                               requirements=URL_NAME_REQUIREMENTS)
                     # EXTRAS REPO GROUP ROUTES
                     m.connect('edit_repo_group', '/repo_groups/{group_name}/edit',
                               action='edit',
                               conditions={'method': ['GET'], 'function': check_group},
                               requirements=URL_NAME_REQUIREMENTS)
                     m.connect('edit_repo_group', '/repo_groups/{group_name}/edit',
                               action='edit',
                               conditions={'method': ['PUT'], 'function': check_group},
                               requirements=URL_NAME_REQUIREMENTS)
                     m.connect('edit_repo_group_advanced', '/repo_groups/{group_name}/edit/advanced',
                               action='edit_repo_group_advanced',
                               conditions={'method': ['GET'], 'function': check_group},
                               requirements=URL_NAME_REQUIREMENTS)
                     m.connect('edit_repo_group_advanced', '/repo_groups/{group_name}/edit/advanced',
                               action='edit_repo_group_advanced',
                               conditions={'method': ['PUT'], 'function': check_group},
                               requirements=URL_NAME_REQUIREMENTS)
                     m.connect('edit_repo_group_perms', '/repo_groups/{group_name}/edit/permissions',
                               action='edit_repo_group_perms',
                               conditions={'method': ['GET'], 'function': check_group},
                               requirements=URL_NAME_REQUIREMENTS)
                     m.connect('edit_repo_group_perms', '/repo_groups/{group_name}/edit/permissions',
                               action='update_perms',
                               conditions={'method': ['PUT'], 'function': check_group},
                               requirements=URL_NAME_REQUIREMENTS)
                     m.connect('delete_repo_group', '/repo_groups/{group_name}',
                               action='delete', conditions={'method': ['DELETE'],
                                                            'function': check_group},
                               requirements=URL_NAME_REQUIREMENTS)
                 # ADMIN USER ROUTES
                 with rmap.submapper(path_prefix=ADMIN_PREFIX,
                                     controller='admin/users') as m:
                     m.connect('users', '/users',
                               action='create', conditions={'method': ['POST']})
                     m.connect('new_user', '/users/new',
                               action='new', conditions={'method': ['GET']})
                     m.connect('update_user', '/users/{user_id}',
                               action='update', conditions={'method': ['PUT']})
                     m.connect('delete_user', '/users/{user_id}',
                               action='delete', conditions={'method': ['DELETE']})
                     m.connect('edit_user', '/users/{user_id}/edit',
                               action='edit', conditions={'method': ['GET']}, jsroute=True)
                     m.connect('user', '/users/{user_id}',
                               action='show', conditions={'method': ['GET']})
                     m.connect('force_password_reset_user', '/users/{user_id}/password_reset',
                               action='reset_password', conditions={'method': ['POST']})
                     m.connect('create_personal_repo_group', '/users/{user_id}/create_repo_group',
                               action='create_personal_repo_group', conditions={'method': ['POST']})
                     # EXTRAS USER ROUTES
                     m.connect('edit_user_advanced', '/users/{user_id}/edit/advanced',
                               action='edit_advanced', conditions={'method': ['GET']})
                     m.connect('edit_user_advanced', '/users/{user_id}/edit/advanced',
                               action='update_advanced', conditions={'method': ['PUT']})
                     m.connect('edit_user_global_perms', '/users/{user_id}/edit/global_permissions',
                               action='edit_global_perms', conditions={'method': ['GET']})
                     m.connect('edit_user_global_perms', '/users/{user_id}/edit/global_permissions',
                               action='update_global_perms', conditions={'method': ['PUT']})
                     m.connect('edit_user_perms_summary', '/users/{user_id}/edit/permissions_summary',
                               action='edit_perms_summary', conditions={'method': ['GET']})
                     m.connect('edit_user_emails', '/users/{user_id}/edit/emails',
                               action='edit_emails', conditions={'method': ['GET']})
                     m.connect('edit_user_emails', '/users/{user_id}/edit/emails',
                               action='add_email', conditions={'method': ['PUT']})
                     m.connect('edit_user_emails', '/users/{user_id}/edit/emails',
                               action='delete_email', conditions={'method': ['DELETE']})
                     m.connect('edit_user_ips', '/users/{user_id}/edit/ips',
                               action='edit_ips', conditions={'method': ['GET']})
                     m.connect('edit_user_ips', '/users/{user_id}/edit/ips',
                               action='add_ip', conditions={'method': ['PUT']})
                     m.connect('edit_user_ips', '/users/{user_id}/edit/ips',
                               action='delete_ip', conditions={'method': ['DELETE']})
                 # ADMIN USER GROUPS REST ROUTES
                 with rmap.submapper(path_prefix=ADMIN_PREFIX,
                                     controller='admin/user_groups') as m:
                     m.connect('users_groups', '/user_groups',
                               action='create', conditions={'method': ['POST']})
                     m.connect('users_groups', '/user_groups',
                               action='index', conditions={'method': ['GET']})
                     m.connect('new_users_group', '/user_groups/new',
                               action='new', conditions={'method': ['GET']})
                     m.connect('update_users_group', '/user_groups/{user_group_id}',
                               action='update', conditions={'method': ['PUT']})
                     m.connect('delete_users_group', '/user_groups/{user_group_id}',
                               action='delete', conditions={'method': ['DELETE']})
                     m.connect('edit_users_group', '/user_groups/{user_group_id}/edit',
                               action='edit', conditions={'method': ['GET']},
                               function=check_user_group)
                     # EXTRAS USER GROUP ROUTES
                     m.connect('edit_user_group_global_perms',
                               '/user_groups/{user_group_id}/edit/global_permissions',
                               action='edit_global_perms', conditions={'method': ['GET']})
                     m.connect('edit_user_group_global_perms',
                               '/user_groups/{user_group_id}/edit/global_permissions',
                               action='update_global_perms', conditions={'method': ['PUT']})
                     m.connect('edit_user_group_perms_summary',
                               '/user_groups/{user_group_id}/edit/permissions_summary',
                               action='edit_perms_summary', conditions={'method': ['GET']})
                     m.connect('edit_user_group_perms',
                               '/user_groups/{user_group_id}/edit/permissions',
                               action='edit_perms', conditions={'method': ['GET']})
                     m.connect('edit_user_group_perms',
                               '/user_groups/{user_group_id}/edit/permissions',
                               action='update_perms', conditions={'method': ['PUT']})
                     m.connect('edit_user_group_advanced',
                               '/user_groups/{user_group_id}/edit/advanced',
                               action='edit_advanced', conditions={'method': ['GET']})
                     m.connect('edit_user_group_advanced_sync',
                               '/user_groups/{user_group_id}/edit/advanced/sync',
                               action='edit_advanced_set_synchronization', conditions={'method': ['POST']})
                     m.connect('edit_user_group_members',
                               '/user_groups/{user_group_id}/edit/members', jsroute=True,
                               action='user_group_members', conditions={'method': ['GET']})
                 # ADMIN PERMISSIONS ROUTES
                 with rmap.submapper(path_prefix=ADMIN_PREFIX,
                                     controller='admin/permissions') as m:
                     m.connect('admin_permissions_application', '/permissions/application',
                               action='permission_application_update', conditions={'method': ['POST']})
                     m.connect('admin_permissions_application', '/permissions/application',
                               action='permission_application', conditions={'method': ['GET']})
                     m.connect('admin_permissions_global', '/permissions/global',
                               action='permission_global_update', conditions={'method': ['POST']})
                     m.connect('admin_permissions_global', '/permissions/global',
                               action='permission_global', conditions={'method': ['GET']})
                     m.connect('admin_permissions_object', '/permissions/object',
                               action='permission_objects_update', conditions={'method': ['POST']})
                     m.connect('admin_permissions_object', '/permissions/object',
                               action='permission_objects', conditions={'method': ['GET']})
                     m.connect('admin_permissions_ips', '/permissions/ips',
                               action='permission_ips', conditions={'method': ['POST']})
                     m.connect('admin_permissions_ips', '/permissions/ips',
                               action='permission_ips', conditions={'method': ['GET']})
                     m.connect('admin_permissions_overview', '/permissions/overview',
                               action='permission_perms', conditions={'method': ['GET']})
                 # ADMIN DEFAULTS REST ROUTES
                 with rmap.submapper(path_prefix=ADMIN_PREFIX,
                                     controller='admin/defaults') as m:
                     m.connect('admin_defaults_repositories', '/defaults/repositories',
                               action='update_repository_defaults', conditions={'method': ['POST']})
                     m.connect('admin_defaults_repositories', '/defaults/repositories',
                               action='index', conditions={'method': ['GET']})
                 # ADMIN DEBUG STYLE ROUTES
                 if str2bool(config.get('debug_style')):
                     with rmap.submapper(path_prefix=ADMIN_PREFIX + '/debug_style',
                                         controller='debug_style') as m:
                         m.connect('debug_style_home', '',
                                   action='index', conditions={'method': ['GET']})
                         m.connect('debug_style_template', '/t/{t_path}',
                                   action='template', conditions={'method': ['GET']})
                 # ADMIN SETTINGS ROUTES
                 with rmap.submapper(path_prefix=ADMIN_PREFIX,
                                     controller='admin/settings') as m:
                     # default
                     m.connect('admin_settings', '/settings',
                               action='settings_global_update',
                               conditions={'method': ['POST']})
                     m.connect('admin_settings', '/settings',
                               action='settings_global', conditions={'method': ['GET']})
                     m.connect('admin_settings_vcs', '/settings/vcs',
                               action='settings_vcs_update',
                               conditions={'method': ['POST']})
                     m.connect('admin_settings_vcs', '/settings/vcs',
                               action='settings_vcs',
                               conditions={'method': ['GET']})
                     m.connect('admin_settings_vcs', '/settings/vcs',
                               action='delete_svn_pattern',
                               conditions={'method': ['DELETE']})
                     m.connect('admin_settings_mapping', '/settings/mapping',
                               action='settings_mapping_update',
                               conditions={'method': ['POST']})
                     m.connect('admin_settings_mapping', '/settings/mapping',
                               action='settings_mapping', conditions={'method': ['GET']})
                     m.connect('admin_settings_global', '/settings/global',
                               action='settings_global_update',
                               conditions={'method': ['POST']})
                     m.connect('admin_settings_global', '/settings/global',
                               action='settings_global', conditions={'method': ['GET']})
                     m.connect('admin_settings_visual', '/settings/visual',
                               action='settings_visual_update',
                               conditions={'method': ['POST']})
                     m.connect('admin_settings_visual', '/settings/visual',
                               action='settings_visual', conditions={'method': ['GET']})
                     m.connect('admin_settings_issuetracker',
                               '/settings/issue-tracker', action='settings_issuetracker',
                               conditions={'method': ['GET']})
                     m.connect('admin_settings_issuetracker_save',
                               '/settings/issue-tracker/save',
                               action='settings_issuetracker_save',
                               conditions={'method': ['POST']})
                     m.connect('admin_issuetracker_test', '/settings/issue-tracker/test',
                               action='settings_issuetracker_test',
                               conditions={'method': ['POST']})
                     m.connect('admin_issuetracker_delete',
                               '/settings/issue-tracker/delete',
                               action='settings_issuetracker_delete',
                               conditions={'method': ['DELETE']})
                     m.connect('admin_settings_email', '/settings/email',
                               action='settings_email_update',
                               conditions={'method': ['POST']})
                     m.connect('admin_settings_email', '/settings/email',
                               action='settings_email', conditions={'method': ['GET']})
                     m.connect('admin_settings_hooks', '/settings/hooks',
                               action='settings_hooks_update',
                               conditions={'method': ['POST', 'DELETE']})
                     m.connect('admin_settings_hooks', '/settings/hooks',
                               action='settings_hooks', conditions={'method': ['GET']})
                     m.connect('admin_settings_search', '/settings/search',
                               action='settings_search', conditions={'method': ['GET']})
                     m.connect('admin_settings_supervisor', '/settings/supervisor',
                               action='settings_supervisor', conditions={'method': ['GET']})
                     m.connect('admin_settings_supervisor_log', '/settings/supervisor/{procid}/log',
                               action='settings_supervisor_log', conditions={'method': ['GET']})
                     m.connect('admin_settings_labs', '/settings/labs',
                               action='settings_labs_update',
                               conditions={'method': ['POST']})
                     m.connect('admin_settings_labs', '/settings/labs',
                               action='settings_labs', conditions={'method': ['GET']})
                 # ADMIN MY ACCOUNT
                 with rmap.submapper(path_prefix=ADMIN_PREFIX,
                                     controller='admin/my_account') as m:
                     m.connect('my_account_edit', '/my_account/edit',
                               action='my_account_edit', conditions={'method': ['GET']})
                     m.connect('my_account', '/my_account/update',
                               action='my_account_update', conditions={'method': ['POST']})
                     # NOTE(marcink): this needs to be kept for password force flag to be
                     # handler, remove after migration to pyramid
                     m.connect('my_account_password', '/my_account/password',
                               action='my_account_password', conditions={'method': ['GET']})
                     m.connect('my_account_repos', '/my_account/repos',
                               action='my_account_repos', conditions={'method': ['GET']})
                     m.connect('my_account_watched', '/my_account/watched',
                               action='my_account_watched', conditions={'method': ['GET']})
                     m.connect('my_account_pullrequests', '/my_account/pull_requests',
                               action='my_account_pullrequests', conditions={'method': ['GET']})
                     m.connect('my_account_perms', '/my_account/perms',
                               action='my_account_perms', conditions={'method': ['GET']})
                     m.connect('my_account_emails', '/my_account/emails',
                               action='my_account_emails', conditions={'method': ['GET']})
                     m.connect('my_account_emails', '/my_account/emails',
                               action='my_account_emails_add', conditions={'method': ['POST']})
                     m.connect('my_account_emails', '/my_account/emails',
                               action='my_account_emails_delete', conditions={'method': ['DELETE']})
                     m.connect('my_account_notifications', '/my_account/notifications',
                               action='my_notifications',
                               conditions={'method': ['GET']})
                     m.connect('my_account_notifications_toggle_visibility',
                               '/my_account/toggle_visibility',
                               action='my_notifications_toggle_visibility',
                               conditions={'method': ['POST']})
                 # NOTIFICATION REST ROUTES
                 with rmap.submapper(path_prefix=ADMIN_PREFIX,
                                     controller='admin/notifications') as m:
                     m.connect('notifications', '/notifications',
                               action='index', conditions={'method': ['GET']})
                     m.connect('notifications_mark_all_read', '/notifications/mark_all_read',
                               action='mark_all_read', conditions={'method': ['POST']})
                     m.connect('/notifications/{notification_id}',
                               action='update', conditions={'method': ['PUT']})
                     m.connect('/notifications/{notification_id}',
                               action='delete', conditions={'method': ['DELETE']})
                     m.connect('notification', '/notifications/{notification_id}',
                               action='show', conditions={'method': ['GET']})
                 # ADMIN GIST
                 with rmap.submapper(path_prefix=ADMIN_PREFIX,
                                     controller='admin/gists') as m:
                     m.connect('gists', '/gists',
                               action='create', conditions={'method': ['POST']})
                     m.connect('gists', '/gists', jsroute=True,
                               action='index', conditions={'method': ['GET']})
                     m.connect('new_gist', '/gists/new', jsroute=True,
                               action='new', conditions={'method': ['GET']})
                     m.connect('/gists/{gist_id}',
                               action='delete', conditions={'method': ['DELETE']})
                     m.connect('edit_gist', '/gists/{gist_id}/edit',
                               action='edit_form', conditions={'method': ['GET']})
                     m.connect('edit_gist', '/gists/{gist_id}/edit',
                               action='edit', conditions={'method': ['POST']})
                     m.connect(
                         'edit_gist_check_revision', '/gists/{gist_id}/edit/check_revision',
                         action='check_revision', conditions={'method': ['GET']})
                     m.connect('gist', '/gists/{gist_id}',
                               action='show', conditions={'method': ['GET']})
                     m.connect('gist_rev', '/gists/{gist_id}/{revision}',
                               revision='tip',
                               action='show', conditions={'method': ['GET']})
                     m.connect('formatted_gist', '/gists/{gist_id}/{revision}/{format}',
                               revision='tip',
                               action='show', conditions={'method': ['GET']})
                     m.connect('formatted_gist_file', '/gists/{gist_id}/{revision}/{format}/{f_path}',
                               revision='tip',
                               action='show', conditions={'method': ['GET']},
                               requirements=URL_NAME_REQUIREMENTS)
                 # USER JOURNAL
                 rmap.connect('journal', '%s/journal' % (ADMIN_PREFIX,),
                              controller='journal', action='index')
                 rmap.connect('journal_rss', '%s/journal/rss' % (ADMIN_PREFIX,),
                              controller='journal', action='journal_rss')
                 rmap.connect('journal_atom', '%s/journal/atom' % (ADMIN_PREFIX,),
                              controller='journal', action='journal_atom')
                 rmap.connect('public_journal', '%s/public_journal' % (ADMIN_PREFIX,),
                              controller='journal', action='public_journal')
                 rmap.connect('public_journal_rss', '%s/public_journal/rss' % (ADMIN_PREFIX,),
                              controller='journal', action='public_journal_rss')
                 rmap.connect('public_journal_rss_old', '%s/public_journal_rss' % (ADMIN_PREFIX,),
                              controller='journal', action='public_journal_rss')
                 rmap.connect('public_journal_atom',
                              '%s/public_journal/atom' % (ADMIN_PREFIX,), controller='journal',
                              action='public_journal_atom')
                 rmap.connect('public_journal_atom_old',
                              '%s/public_journal_atom' % (ADMIN_PREFIX,), controller='journal',
                              action='public_journal_atom')
                 rmap.connect('toggle_following', '%s/toggle_following' % (ADMIN_PREFIX,),
                              controller='journal', action='toggle_following', jsroute=True,
                              conditions={'method': ['POST']})
                 # FEEDS
                 rmap.connect('rss_feed_home', '/{repo_name}/feed/rss',
                              controller='feed', action='rss',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('atom_feed_home', '/{repo_name}/feed/atom',
                              controller='feed', action='atom',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 #==========================================================================
                 # REPOSITORY ROUTES
                 #==========================================================================
                 rmap.connect('repo_creating_home', '/{repo_name}/repo_creating',
                              controller='admin/repos', action='repo_creating',
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('repo_check_home', '/{repo_name}/crepo_check',
                              controller='admin/repos', action='repo_check',
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('repo_stats', '/{repo_name}/repo_stats/{commit_id}',
                              controller='summary', action='repo_stats',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('repo_refs_data', '/{repo_name}/refs-data',
                              controller='summary', action='repo_refs_data',
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('repo_refs_changelog_data', '/{repo_name}/refs-data-changelog',
                              controller='summary', action='repo_refs_changelog_data',
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('changeset_home', '/{repo_name}/changeset/{revision}',
                              controller='changeset', revision='tip',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('changeset_children', '/{repo_name}/changeset_children/{revision}',
                              controller='changeset', revision='tip', action='changeset_children',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('changeset_parents', '/{repo_name}/changeset_parents/{revision}',
                              controller='changeset', revision='tip', action='changeset_parents',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 # repo edit options
                 rmap.connect('edit_repo_fields', '/{repo_name}/settings/fields',
                              controller='admin/repos', action='edit_fields',
                              conditions={'method': ['GET'], 'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('create_repo_fields', '/{repo_name}/settings/fields/new',
                              controller='admin/repos', action='create_repo_field',
                              conditions={'method': ['PUT'], 'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('delete_repo_fields', '/{repo_name}/settings/fields/{field_id}',
                              controller='admin/repos', action='delete_repo_field',
                              conditions={'method': ['DELETE'], 'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('toggle_locking', '/{repo_name}/settings/advanced/locking_toggle',
                              controller='admin/repos', action='toggle_locking',
                              conditions={'method': ['GET'], 'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('edit_repo_remote', '/{repo_name}/settings/remote',
                              controller='admin/repos', action='edit_remote_form',
                              conditions={'method': ['GET'], 'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('edit_repo_remote', '/{repo_name}/settings/remote',
                              controller='admin/repos', action='edit_remote',
                              conditions={'method': ['PUT'], 'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('edit_repo_statistics', '/{repo_name}/settings/statistics',
                              controller='admin/repos', action='edit_statistics_form',
                              conditions={'method': ['GET'], 'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('edit_repo_statistics', '/{repo_name}/settings/statistics',
                              controller='admin/repos', action='edit_statistics',
                              conditions={'method': ['PUT'], 'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('repo_settings_issuetracker',
                              '/{repo_name}/settings/issue-tracker',
                              controller='admin/repos', action='repo_issuetracker',
                              conditions={'method': ['GET'], 'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('repo_issuetracker_test',
                              '/{repo_name}/settings/issue-tracker/test',
                              controller='admin/repos', action='repo_issuetracker_test',
                              conditions={'method': ['POST'], 'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('repo_issuetracker_delete',
                              '/{repo_name}/settings/issue-tracker/delete',
                              controller='admin/repos', action='repo_issuetracker_delete',
                              conditions={'method': ['DELETE'], 'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('repo_issuetracker_save',
                              '/{repo_name}/settings/issue-tracker/save',
                              controller='admin/repos', action='repo_issuetracker_save',
                              conditions={'method': ['POST'], 'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('repo_vcs_settings', '/{repo_name}/settings/vcs',
                              controller='admin/repos', action='repo_settings_vcs_update',
                              conditions={'method': ['POST'], 'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('repo_vcs_settings', '/{repo_name}/settings/vcs',
                              controller='admin/repos', action='repo_settings_vcs',
                              conditions={'method': ['GET'], 'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('repo_vcs_settings', '/{repo_name}/settings/vcs',
                              controller='admin/repos', action='repo_delete_svn_pattern',
                              conditions={'method': ['DELETE'], 'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('repo_pullrequest_settings', '/{repo_name}/settings/pullrequest',
                              controller='admin/repos', action='repo_settings_pullrequest',
                              conditions={'method': ['GET', 'POST'], 'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 # still working url for backward compat.
                 rmap.connect('raw_changeset_home_depraced',
                              '/{repo_name}/raw-changeset/{revision}',
                              controller='changeset', action='changeset_raw',
                              revision='tip', conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 # new URLs
                 rmap.connect('changeset_raw_home',
                              '/{repo_name}/changeset-diff/{revision}',
                              controller='changeset', action='changeset_raw',
                              revision='tip', conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('changeset_patch_home',
                              '/{repo_name}/changeset-patch/{revision}',
                              controller='changeset', action='changeset_patch',
                              revision='tip', conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('changeset_download_home',
                              '/{repo_name}/changeset-download/{revision}',
                              controller='changeset', action='changeset_download',
                              revision='tip', conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('changeset_comment',
                              '/{repo_name}/changeset/{revision}/comment', jsroute=True,
                              controller='changeset', revision='tip', action='comment',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('changeset_comment_preview',
                              '/{repo_name}/changeset/comment/preview', jsroute=True,
                              controller='changeset', action='preview_comment',
                              conditions={'function': check_repo, 'method': ['POST']},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('changeset_comment_delete',
                              '/{repo_name}/changeset/comment/{comment_id}/delete',
                              controller='changeset', action='delete_comment',
                              conditions={'function': check_repo, 'method': ['DELETE']},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('changeset_info', '/{repo_name}/changeset_info/{revision}',
                              controller='changeset', action='changeset_info',
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('compare_home',
                              '/{repo_name}/compare',
                              controller='compare', action='index',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('compare_url',
                              '/{repo_name}/compare/{source_ref_type}@{source_ref:.*?}...{target_ref_type}@{target_ref:.*?}',
                              controller='compare', action='compare',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('pullrequest_home',
                              '/{repo_name}/pull-request/new', controller='pullrequests',
                              action='index', conditions={'function': check_repo,
                                                          'method': ['GET']},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('pullrequest',
                              '/{repo_name}/pull-request/new', controller='pullrequests',
                              action='create', conditions={'function': check_repo,
                                                           'method': ['POST']},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('pullrequest_repo_refs',
                              '/{repo_name}/pull-request/refs/{target_repo_name:.*?[^/]}',
                              controller='pullrequests',
                              action='get_repo_refs',
                              conditions={'function': check_repo, 'method': ['GET']},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('pullrequest_repo_destinations',
                              '/{repo_name}/pull-request/repo-destinations',
                              controller='pullrequests',
                              action='get_repo_destinations',
                              conditions={'function': check_repo, 'method': ['GET']},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('pullrequest_show',
                              '/{repo_name}/pull-request/{pull_request_id}',
                              controller='pullrequests',
                              action='show', conditions={'function': check_repo,
                                                         'method': ['GET']},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('pullrequest_update',
                              '/{repo_name}/pull-request/{pull_request_id}',
                              controller='pullrequests',
                              action='update', conditions={'function': check_repo,
                                                           'method': ['PUT']},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('pullrequest_merge',
                              '/{repo_name}/pull-request/{pull_request_id}',
                              controller='pullrequests',
                              action='merge', conditions={'function': check_repo,
                                                          'method': ['POST']},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('pullrequest_delete',
                              '/{repo_name}/pull-request/{pull_request_id}',
                              controller='pullrequests',
                              action='delete', conditions={'function': check_repo,
                                                           'method': ['DELETE']},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('pullrequest_comment',
                              '/{repo_name}/pull-request-comment/{pull_request_id}',
                              controller='pullrequests',
                              action='comment', conditions={'function': check_repo,
                                                            'method': ['POST']},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('pullrequest_comment_delete',
                              '/{repo_name}/pull-request-comment/{comment_id}/delete',
                              controller='pullrequests', action='delete_comment',
                              conditions={'function': check_repo, 'method': ['DELETE']},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('summary_home_explicit', '/{repo_name}/summary',
                              controller='summary', conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('changelog_home', '/{repo_name}/changelog', jsroute=True,
                              controller='changelog', conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('changelog_summary_home', '/{repo_name}/changelog_summary',
                              controller='changelog', action='changelog_summary',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('changelog_file_home',
                              '/{repo_name}/changelog/{revision}/{f_path}',
                              controller='changelog', f_path=None,
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('changelog_elements', '/{repo_name}/changelog_details',
                              controller='changelog', action='changelog_elements',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('files_home',  '/{repo_name}/files/{revision}/{f_path}',
                              controller='files', revision='tip', f_path='',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('files_home_simple_catchrev',
                              '/{repo_name}/files/{revision}',
                              controller='files', revision='tip', f_path='',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('files_home_simple_catchall',
                              '/{repo_name}/files',
                              controller='files', revision='tip', f_path='',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('files_history_home',
                              '/{repo_name}/history/{revision}/{f_path}',
                              controller='files', action='history', revision='tip', f_path='',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('files_authors_home',
                              '/{repo_name}/authors/{revision}/{f_path}',
                              controller='files', action='authors', revision='tip', f_path='',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('files_diff_home', '/{repo_name}/diff/{f_path}',
                              controller='files', action='diff', f_path='',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('files_diff_2way_home',
                              '/{repo_name}/diff-2way/{f_path}',
                              controller='files', action='diff_2way', f_path='',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('files_rawfile_home',
                              '/{repo_name}/rawfile/{revision}/{f_path}',
                              controller='files', action='rawfile', revision='tip',
                              f_path='', conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('files_raw_home',
                              '/{repo_name}/raw/{revision}/{f_path}',
                              controller='files', action='raw', revision='tip', f_path='',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('files_render_home',
                              '/{repo_name}/render/{revision}/{f_path}',
                              controller='files', action='index', revision='tip', f_path='',
                              rendered=True, conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('files_annotate_home',
                              '/{repo_name}/annotate/{revision}/{f_path}',
                              controller='files', action='index', revision='tip',
                              f_path='', annotate=True, conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('files_annotate_previous',
                              '/{repo_name}/annotate-previous/{revision}/{f_path}',
                              controller='files', action='annotate_previous', revision='tip',
                              f_path='', annotate=True, conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('files_edit',
                              '/{repo_name}/edit/{revision}/{f_path}',
                              controller='files', action='edit', revision='tip',
                              f_path='',
                              conditions={'function': check_repo, 'method': ['POST']},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('files_edit_home',
                              '/{repo_name}/edit/{revision}/{f_path}',
                              controller='files', action='edit_home', revision='tip',
                              f_path='', conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('files_add',
                              '/{repo_name}/add/{revision}/{f_path}',
                              controller='files', action='add', revision='tip',
                              f_path='',
                              conditions={'function': check_repo, 'method': ['POST']},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('files_add_home',
                              '/{repo_name}/add/{revision}/{f_path}',
                              controller='files', action='add_home', revision='tip',
                              f_path='', conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('files_delete',
                              '/{repo_name}/delete/{revision}/{f_path}',
                              controller='files', action='delete', revision='tip',
                              f_path='',
                              conditions={'function': check_repo, 'method': ['POST']},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('files_delete_home',
                              '/{repo_name}/delete/{revision}/{f_path}',
                              controller='files', action='delete_home', revision='tip',
                              f_path='', conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('files_archive_home', '/{repo_name}/archive/{fname}',
                              controller='files', action='archivefile',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('files_nodelist_home',
                              '/{repo_name}/nodelist/{revision}/{f_path}',
                              controller='files', action='nodelist',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('files_nodetree_full',
                              '/{repo_name}/nodetree_full/{commit_id}/{f_path}',
                              controller='files', action='nodetree_full',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS, jsroute=True)
                 rmap.connect('repo_fork_create_home', '/{repo_name}/fork',
                              controller='forks', action='fork_create',
                              conditions={'function': check_repo, 'method': ['POST']},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('repo_fork_home', '/{repo_name}/fork',
                              controller='forks', action='fork',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
                 rmap.connect('repo_forks_home', '/{repo_name}/forks',
                              controller='forks', action='forks',
                              conditions={'function': check_repo},
                              requirements=URL_NAME_REQUIREMENTS)
-                # must be here for proper group/repo catching pattern
-                _connect_with_slash(
-                    rmap, 'repo_group_home', '/{group_name}',
-                    controller='home', action='index_repo_group',
-                    conditions={'function': check_group},
-                    requirements=URL_NAME_REQUIREMENTS)
                 # catch all, at the end
                 _connect_with_slash(
                     rmap, 'summary_home', '/{repo_name}', jsroute=True,
                     controller='summary', action='index',
                     conditions={'function': check_repo},
                     requirements=URL_NAME_REQUIREMENTS)
                 return rmap
             def _connect_with_slash(mapper, name, path, *args, **kwargs):
                 """
                 Connect a route with an optional trailing slash in `path`.
                 """
                 mapper.connect(name + '_slash', path + '/', *args, **kwargs)
                 mapper.connect(name, path, *args, **kwargs)

rhodecode/controllers/admin/repo_groups.py

0 +2 -4

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             Repository groups controller for RhodeCode
             """
             import logging
             import formencode
             from formencode import htmlfill
             from pylons import request, tmpl_context as c, url
             from pylons.controllers.util import abort, redirect
             from pylons.i18n.translation import _, ungettext
             from rhodecode.lib import auth
             from rhodecode.lib import helpers as h
             from rhodecode.lib.ext_json import json
             from rhodecode.lib.auth import (
                 LoginRequired, NotAnonymous, HasPermissionAll,
                 HasRepoGroupPermissionAll, HasRepoGroupPermissionAnyDecorator)
             from rhodecode.lib.base import BaseController, render
             from rhodecode.model.db import RepoGroup, User
             from rhodecode.model.scm import RepoGroupList
             from rhodecode.model.repo_group import RepoGroupModel
             from rhodecode.model.forms import RepoGroupForm, RepoGroupPermsForm
             from rhodecode.model.meta import Session
             from rhodecode.lib.utils2 import safe_int
             log = logging.getLogger(__name__)
             class RepoGroupsController(BaseController):
                 """REST Controller styled on the Atom Publishing Protocol"""
                 @LoginRequired()
                 def __before__(self):
                     super(RepoGroupsController, self).__before__()
                 def __load_defaults(self, allow_empty_group=False, repo_group=None):
                     if self._can_create_repo_group():
                         # we're global admin, we're ok and we can create TOP level groups
                         allow_empty_group = True
                     # override the choices for this form, we need to filter choices
                     # and display only those we have ADMIN right
                     groups_with_admin_rights = RepoGroupList(
                         RepoGroup.query().all(),
                         perm_set=['group.admin'])
                     c.repo_groups = RepoGroup.groups_choices(
                         groups=groups_with_admin_rights,
                         show_empty_group=allow_empty_group)
                     if repo_group:
                         # exclude filtered ids
                         exclude_group_ids = [repo_group.group_id]
                         c.repo_groups = filter(lambda x: x[0] not in exclude_group_ids,
                                                c.repo_groups)
                         c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups)
                         parent_group = repo_group.parent_group
                         add_parent_group = (parent_group and (
                             unicode(parent_group.group_id) not in c.repo_groups_choices))
                         if add_parent_group:
                             c.repo_groups_choices.append(unicode(parent_group.group_id))
                             c.repo_groups.append(RepoGroup._generate_choice(parent_group))
                 def __load_data(self, group_id):
                     """
                     Load defaults settings for edit, and update
                     :param group_id:
                     """
                     repo_group = RepoGroup.get_or_404(group_id)
                     data = repo_group.get_dict()
                     data['group_name'] = repo_group.name
                     # fill owner
                     if repo_group.user:
                         data.update({'user': repo_group.user.username})
                     else:
                         replacement_user = User.get_first_super_admin().username
                         data.update({'user': replacement_user})
                     # fill repository group users
                     for p in repo_group.repo_group_to_perm:
                         data.update({
                             'u_perm_%s' % p.user.user_id: p.permission.permission_name})
                     # fill repository group user groups
                     for p in repo_group.users_group_to_perm:
                         data.update({
                             'g_perm_%s' % p.users_group.users_group_id:
                             p.permission.permission_name})
                     # html and form expects -1 as empty parent group
                     data['group_parent_id'] = data['group_parent_id'] or -1
                     return data
                 def _revoke_perms_on_yourself(self, form_result):
                     _updates = filter(lambda u: c.rhodecode_user.user_id == int(u[0]),
                                       form_result['perm_updates'])
                     _additions = filter(lambda u: c.rhodecode_user.user_id == int(u[0]),
                                         form_result['perm_additions'])
                     _deletions = filter(lambda u: c.rhodecode_user.user_id == int(u[0]),
                                         form_result['perm_deletions'])
                     admin_perm = 'group.admin'
                     if _updates and _updates[0][1] != admin_perm or \
                        _additions and _additions[0][1] != admin_perm or \
                        _deletions and _deletions[0][1] != admin_perm:
                         return True
                     return False
                 def _can_create_repo_group(self, parent_group_id=None):
                     is_admin = HasPermissionAll('hg.admin')('group create controller')
                     create_repo_group = HasPermissionAll(
                         'hg.repogroup.create.true')('group create controller')
                     if is_admin or (create_repo_group and not parent_group_id):
                         # we're global admin, or we have global repo group create
                         # permission
                         # we're ok and we can create TOP level groups
                         return True
                     elif parent_group_id:
                         # we check the permission if we can write to parent group
                         group = RepoGroup.get(parent_group_id)
                         group_name = group.group_name if group else None
                         if HasRepoGroupPermissionAll('group.admin')(
                                 group_name, 'check if user is an admin of group'):
                             # we're an admin of passed in group, we're ok.
                             return True
                         else:
                             return False
                     return False
                 @NotAnonymous()
                 def index(self):
                     """GET /repo_groups: All items in the collection"""
                     # url('repo_groups')
                     repo_group_list = RepoGroup.get_all_repo_groups()
                     _perms = ['group.admin']
                     repo_group_list_acl = RepoGroupList(repo_group_list, perm_set=_perms)
                     repo_group_data = RepoGroupModel().get_repo_groups_as_dict(
                         repo_group_list=repo_group_list_acl, admin=True)
                     c.data = json.dumps(repo_group_data)
                     return render('admin/repo_groups/repo_groups.mako')
                 # perm checks inside
                 @NotAnonymous()
                 @auth.CSRFRequired()
                 def create(self):
                     """POST /repo_groups: Create a new item"""
                     # url('repo_groups')
                     parent_group_id = safe_int(request.POST.get('group_parent_id'))
                     can_create = self._can_create_repo_group(parent_group_id)
                     self.__load_defaults()
                     # permissions for can create group based on parent_id are checked
                     # here in the Form
                     available_groups = map(lambda k: unicode(k[0]), c.repo_groups)
                     repo_group_form = RepoGroupForm(available_groups=available_groups,
                                                     can_create_in_root=can_create)()
                     try:
                         owner = c.rhodecode_user
                         form_result = repo_group_form.to_python(dict(request.POST))
                         RepoGroupModel().create(
                             group_name=form_result['group_name_full'],
                             group_description=form_result['group_description'],
                             owner=owner.user_id,
                             copy_permissions=form_result['group_copy_permissions']
                         )
                         Session().commit()
                         _new_group_name = form_result['group_name_full']
                         repo_group_url = h.link_to(
                             _new_group_name,
-                            h.url('repo_group_home', group_name=_new_group_name))
+                            h.route_path('repo_group_home', repo_group_name=_new_group_name))
                         h.flash(h.literal(_('Created repository group %s')
                                 % repo_group_url), category='success')
-                        # TODO: in futureaction_logger(, '', '', '', self.sa)
+                        # TODO: in future action_logger(, '', '', '', self.sa)
                     except formencode.Invalid as errors:
                         return htmlfill.render(
                             render('admin/repo_groups/repo_group_add.mako'),
                             defaults=errors.value,
                             errors=errors.error_dict or {},
                             prefix_error=False,
                             encoding="UTF-8",
                             force_defaults=False)
                     except Exception:
                         log.exception("Exception during creation of repository group")
                         h.flash(_('Error occurred during creation of repository group %s')
                                 % request.POST.get('group_name'), category='error')
                     # TODO: maybe we should get back to the main view, not the admin one
                     return redirect(url('repo_groups', parent_group=parent_group_id))
                 # perm checks inside
                 @NotAnonymous()
                 def new(self):
                     """GET /repo_groups/new: Form to create a new item"""
                     # url('new_repo_group')
                     # perm check for admin, create_group perm or admin of parent_group
                     parent_group_id = safe_int(request.GET.get('parent_group'))
                     if not self._can_create_repo_group(parent_group_id):
                         return abort(403)
                     self.__load_defaults()
                     return render('admin/repo_groups/repo_group_add.mako')
                 @HasRepoGroupPermissionAnyDecorator('group.admin')
                 @auth.CSRFRequired()
                 def update(self, group_name):
                     """PUT /repo_groups/group_name: Update an existing item"""
                     # Forms posted to this method should contain a hidden field:
                     #    <input type="hidden" name="_method" value="PUT" />
                     # Or using helpers:
                     #    h.form(url('repos_group', group_name=GROUP_NAME), method='put')
-                    # url('repo_group_home', group_name=GROUP_NAME)
                     c.repo_group = RepoGroupModel()._get_repo_group(group_name)
                     can_create_in_root = self._can_create_repo_group()
                     show_root_location = can_create_in_root
                     if not c.repo_group.parent_group:
                         # this group don't have a parrent so we should show empty value
                         show_root_location = True
                     self.__load_defaults(allow_empty_group=show_root_location,
                                          repo_group=c.repo_group)
                     repo_group_form = RepoGroupForm(
                         edit=True, old_data=c.repo_group.get_dict(),
                         available_groups=c.repo_groups_choices,
                         can_create_in_root=can_create_in_root, allow_disabled=True)()
                     try:
                         form_result = repo_group_form.to_python(dict(request.POST))
                         gr_name = form_result['group_name']
                         new_gr = RepoGroupModel().update(group_name, form_result)
                         Session().commit()
                         h.flash(_('Updated repository group %s') % (gr_name,),
                                 category='success')
                         # we now have new name !
                         group_name = new_gr.group_name
                         # TODO: in future action_logger(, '', '', '', self.sa)
                     except formencode.Invalid as errors:
                         c.active = 'settings'
                         return htmlfill.render(
                             render('admin/repo_groups/repo_group_edit.mako'),
                             defaults=errors.value,
                             errors=errors.error_dict or {},
                             prefix_error=False,
                             encoding="UTF-8",
                             force_defaults=False)
                     except Exception:
                         log.exception("Exception during update or repository group")
                         h.flash(_('Error occurred during update of repository group %s')
                                 % request.POST.get('group_name'), category='error')
                     return redirect(url('edit_repo_group', group_name=group_name))
                 @HasRepoGroupPermissionAnyDecorator('group.admin')
                 @auth.CSRFRequired()
                 def delete(self, group_name):
                     """DELETE /repo_groups/group_name: Delete an existing item"""
                     # Forms posted to this method should contain a hidden field:
                     #    <input type="hidden" name="_method" value="DELETE" />
                     # Or using helpers:
                     #    h.form(url('repos_group', group_name=GROUP_NAME), method='delete')
-                    # url('repo_group_home', group_name=GROUP_NAME)
                     gr = c.repo_group = RepoGroupModel()._get_repo_group(group_name)
                     repos = gr.repositories.all()
                     if repos:
                         msg = ungettext(
                             'This group contains %(num)d repository and cannot be deleted',
                             'This group contains %(num)d repositories and cannot be'
                             ' deleted',
                             len(repos)) % {'num': len(repos)}
                         h.flash(msg, category='warning')
                         return redirect(url('repo_groups'))
                     children = gr.children.all()
                     if children:
                         msg = ungettext(
                             'This group contains %(num)d subgroup and cannot be deleted',
                             'This group contains %(num)d subgroups and cannot be deleted',
                             len(children)) % {'num': len(children)}
                         h.flash(msg, category='warning')
                         return redirect(url('repo_groups'))
                     try:
                         RepoGroupModel().delete(group_name)
                         Session().commit()
                         h.flash(_('Removed repository group %s') % group_name,
                                 category='success')
                         # TODO: in future action_logger(, '', '', '', self.sa)
                     except Exception:
                         log.exception("Exception during deletion of repository group")
                         h.flash(_('Error occurred during deletion of repository group %s')
                                 % group_name, category='error')
                     return redirect(url('repo_groups'))
                 @HasRepoGroupPermissionAnyDecorator('group.admin')
                 def edit(self, group_name):
                     """GET /repo_groups/group_name/edit: Form to edit an existing item"""
                     # url('edit_repo_group', group_name=GROUP_NAME)
                     c.active = 'settings'
                     c.repo_group = RepoGroupModel()._get_repo_group(group_name)
                     # we can only allow moving empty group if it's already a top-level
                     # group, ie has no parents, or we're admin
                     can_create_in_root = self._can_create_repo_group()
                     show_root_location = can_create_in_root
                     if not c.repo_group.parent_group:
                         # this group don't have a parrent so we should show empty value
                         show_root_location = True
                     self.__load_defaults(allow_empty_group=show_root_location,
                                          repo_group=c.repo_group)
                     defaults = self.__load_data(c.repo_group.group_id)
                     return htmlfill.render(
                         render('admin/repo_groups/repo_group_edit.mako'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False
                     )
                 @HasRepoGroupPermissionAnyDecorator('group.admin')
                 def edit_repo_group_advanced(self, group_name):
                     """GET /repo_groups/group_name/edit: Form to edit an existing item"""
                     # url('edit_repo_group', group_name=GROUP_NAME)
                     c.active = 'advanced'
                     c.repo_group = RepoGroupModel()._get_repo_group(group_name)
                     return render('admin/repo_groups/repo_group_edit.mako')
                 @HasRepoGroupPermissionAnyDecorator('group.admin')
                 def edit_repo_group_perms(self, group_name):
                     """GET /repo_groups/group_name/edit: Form to edit an existing item"""
                     # url('edit_repo_group', group_name=GROUP_NAME)
                     c.active = 'perms'
                     c.repo_group = RepoGroupModel()._get_repo_group(group_name)
                     self.__load_defaults()
                     defaults = self.__load_data(c.repo_group.group_id)
                     return htmlfill.render(
                         render('admin/repo_groups/repo_group_edit.mako'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False
                     )
                 @HasRepoGroupPermissionAnyDecorator('group.admin')
                 @auth.CSRFRequired()
                 def update_perms(self, group_name):
                     """
                     Update permissions for given repository group
                     :param group_name:
                     """
                     c.repo_group = RepoGroupModel()._get_repo_group(group_name)
                     valid_recursive_choices = ['none', 'repos', 'groups', 'all']
                     form = RepoGroupPermsForm(valid_recursive_choices)().to_python(
                         request.POST)
                     if not c.rhodecode_user.is_admin:
                         if self._revoke_perms_on_yourself(form):
                             msg = _('Cannot change permission for yourself as admin')
                             h.flash(msg, category='warning')
                             return redirect(
                                 url('edit_repo_group_perms', group_name=group_name))
                     # iterate over all members(if in recursive mode) of this groups and
                     # set the permissions !
                     # this can be potentially heavy operation
                     RepoGroupModel().update_permissions(
                         c.repo_group,
                         form['perm_additions'], form['perm_updates'],
                         form['perm_deletions'], form['recursive'])
                     # TODO: implement this
                     # action_logger(c.rhodecode_user, 'admin_changed_repo_permissions',
                     #               repo_name, self.ip_addr, self.sa)
                     Session().commit()
                     h.flash(_('Repository Group permissions updated'), category='success')
                     return redirect(url('edit_repo_group_perms', group_name=group_name))

rhodecode/controllers/admin/repos.py

0 +2 -2

             # -*- coding: utf-8 -*-
             # Copyright (C) 2013-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             Repositories controller for RhodeCode
             """
             import logging
             import traceback
             import formencode
             from formencode import htmlfill
             from pylons import request, tmpl_context as c, url
             from pylons.controllers.util import redirect
             from pylons.i18n.translation import _
             from webob.exc import HTTPForbidden, HTTPNotFound, HTTPBadRequest
             import rhodecode
             from rhodecode.lib import auth, helpers as h
             from rhodecode.lib.auth import (
                 LoginRequired, HasPermissionAllDecorator,
                 HasRepoPermissionAllDecorator, NotAnonymous, HasPermissionAny,
                 HasRepoGroupPermissionAny, HasRepoPermissionAnyDecorator)
             from rhodecode.lib.base import BaseRepoController, render
             from rhodecode.lib.ext_json import json
             from rhodecode.lib.exceptions import AttachedForksError
             from rhodecode.lib.utils import action_logger, repo_name_slug, jsonify
             from rhodecode.lib.utils2 import safe_int, str2bool
             from rhodecode.lib.vcs import RepositoryError
             from rhodecode.model.db import (
                 User, Repository, UserFollowing, RepoGroup, RepositoryField)
             from rhodecode.model.forms import (
                 RepoForm, RepoFieldForm, RepoPermsForm, RepoVcsSettingsForm,
                 IssueTrackerPatternsForm)
             from rhodecode.model.meta import Session
             from rhodecode.model.repo import RepoModel
             from rhodecode.model.scm import ScmModel, RepoGroupList, RepoList
             from rhodecode.model.settings import (
                 SettingsModel, IssueTrackerSettingsModel, VcsSettingsModel,
                 SettingNotFound)
             log = logging.getLogger(__name__)
             class ReposController(BaseRepoController):
                 """
                 REST Controller styled on the Atom Publishing Protocol"""
                 # To properly map this controller, ensure your config/routing.py
                 # file has a resource setup:
                 #     map.resource('repo', 'repos')
                 @LoginRequired()
                 def __before__(self):
                     super(ReposController, self).__before__()
                 def _load_repo(self, repo_name):
                     repo_obj = Repository.get_by_repo_name(repo_name)
                     if repo_obj is None:
                         h.not_mapped_error(repo_name)
                         return redirect(url('repos'))
                     return repo_obj
                 def __load_defaults(self, repo=None):
                     acl_groups = RepoGroupList(RepoGroup.query().all(),
                                            perm_set=['group.write', 'group.admin'])
                     c.repo_groups = RepoGroup.groups_choices(groups=acl_groups)
                     c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups)
                     # in case someone no longer have a group.write access to a repository
                     # pre fill the list with this entry, we don't care if this is the same
                     # but it will allow saving repo data properly.
                     repo_group = None
                     if repo:
                         repo_group = repo.group
                     if repo_group and unicode(repo_group.group_id) not in c.repo_groups_choices:
                         c.repo_groups_choices.append(unicode(repo_group.group_id))
                         c.repo_groups.append(RepoGroup._generate_choice(repo_group))
                     choices, c.landing_revs = ScmModel().get_repo_landing_revs()
                     c.landing_revs_choices = choices
                 def __load_data(self, repo_name=None):
                     """
                     Load defaults settings for edit, and update
                     :param repo_name:
                     """
                     c.repo_info = self._load_repo(repo_name)
                     self.__load_defaults(c.repo_info)
                     # override defaults for exact repo info here git/hg etc
                     if not c.repository_requirements_missing:
                         choices, c.landing_revs = ScmModel().get_repo_landing_revs(
                             c.repo_info)
                         c.landing_revs_choices = choices
                     defaults = RepoModel()._get_defaults(repo_name)
                     return defaults
                 def _log_creation_exception(self, e, repo_name):
                         reason = None
                         if len(e.args) == 2:
                             reason = e.args[1]
                         if reason == 'INVALID_CERTIFICATE':
                             log.exception(
                                 'Exception creating a repository: invalid certificate')
                             msg = (_('Error creating repository %s: invalid certificate')
                                    % repo_name)
                         else:
                             log.exception("Exception creating a repository")
                             msg = (_('Error creating repository %s')
                                    % repo_name)
                         return msg
                 @NotAnonymous()
                 def index(self, format='html'):
                     """GET /repos: All items in the collection"""
                     # url('repos')
                     repo_list = Repository.get_all_repos()
                     c.repo_list = RepoList(repo_list, perm_set=['repository.admin'])
                     repos_data = RepoModel().get_repos_as_dict(
                         repo_list=c.repo_list, admin=True, super_user_actions=True)
                     # json used to render the grid
                     c.data = json.dumps(repos_data)
                     return render('admin/repos/repos.mako')
                 # perms check inside
                 @NotAnonymous()
                 @auth.CSRFRequired()
                 def create(self):
                     """
                     POST /repos: Create a new item"""
                     # url('repos')
                     self.__load_defaults()
                     form_result = {}
                     task_id = None
                     c.personal_repo_group = c.rhodecode_user.personal_repo_group
                     try:
                         # CanWriteToGroup validators checks permissions of this POST
                         form_result = RepoForm(repo_groups=c.repo_groups_choices,
                                                landing_revs=c.landing_revs_choices)()\
                                         .to_python(dict(request.POST))
                         # create is done sometimes async on celery, db transaction
                         # management is handled there.
                         task = RepoModel().create(form_result, c.rhodecode_user.user_id)
                         from celery.result import BaseAsyncResult
                         if isinstance(task, BaseAsyncResult):
                             task_id = task.task_id
                     except formencode.Invalid as errors:
                         return htmlfill.render(
                             render('admin/repos/repo_add.mako'),
                             defaults=errors.value,
                             errors=errors.error_dict or {},
                             prefix_error=False,
                             encoding="UTF-8",
                             force_defaults=False)
                     except Exception as e:
                         msg = self._log_creation_exception(e, form_result.get('repo_name'))
                         h.flash(msg, category='error')
-                        return redirect(url('home'))
+                        return redirect(h.route_path('home'))
                     return redirect(h.url('repo_creating_home',
                                           repo_name=form_result['repo_name_full'],
                                           task_id=task_id))
                 # perms check inside
                 @NotAnonymous()
                 def create_repository(self):
                     """GET /_admin/create_repository: Form to create a new item"""
                     new_repo = request.GET.get('repo', '')
                     parent_group = safe_int(request.GET.get('parent_group'))
                     _gr = RepoGroup.get(parent_group)
                     if not HasPermissionAny('hg.admin', 'hg.create.repository')():
                         # you're not super admin nor have global create permissions,
                         # but maybe you have at least write permission to a parent group ?
                         gr_name = _gr.group_name if _gr else None
                         # create repositories with write permission on group is set to true
                         create_on_write = HasPermissionAny('hg.create.write_on_repogroup.true')()
                         group_admin = HasRepoGroupPermissionAny('group.admin')(group_name=gr_name)
                         group_write = HasRepoGroupPermissionAny('group.write')(group_name=gr_name)
                         if not (group_admin or (group_write and create_on_write)):
                             raise HTTPForbidden
                     acl_groups = RepoGroupList(RepoGroup.query().all(),
                                            perm_set=['group.write', 'group.admin'])
                     c.repo_groups = RepoGroup.groups_choices(groups=acl_groups)
                     c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups)
                     choices, c.landing_revs = ScmModel().get_repo_landing_revs()
                     c.personal_repo_group = c.rhodecode_user.personal_repo_group
                     c.new_repo = repo_name_slug(new_repo)
                     # apply the defaults from defaults page
                     defaults = SettingsModel().get_default_repo_settings(strip_prefix=True)
                     # set checkbox to autochecked
                     defaults['repo_copy_permissions'] = True
                     parent_group_choice = '-1'
                     if not c.rhodecode_user.is_admin and c.rhodecode_user.personal_repo_group:
                         parent_group_choice = c.rhodecode_user.personal_repo_group
                     if parent_group and _gr:
                         if parent_group in [x[0] for x in c.repo_groups]:
                             parent_group_choice = unicode(parent_group)
                     defaults.update({'repo_group': parent_group_choice})
                     return htmlfill.render(
                         render('admin/repos/repo_add.mako'),
                         defaults=defaults,
                         errors={},
                         prefix_error=False,
                         encoding="UTF-8",
                         force_defaults=False
                     )
                 @NotAnonymous()
                 def repo_creating(self, repo_name):
                     c.repo = repo_name
                     c.task_id = request.GET.get('task_id')
                     if not c.repo:
                         raise HTTPNotFound()
                     return render('admin/repos/repo_creating.mako')
                 @NotAnonymous()
                 @jsonify
                 def repo_check(self, repo_name):
                     c.repo = repo_name
                     task_id = request.GET.get('task_id')
                     if task_id and task_id not in ['None']:
                         import rhodecode
                         from celery.result import AsyncResult
                         if rhodecode.CELERY_ENABLED:
                             task = AsyncResult(task_id)
                             if task.failed():
                                 msg = self._log_creation_exception(task.result, c.repo)
                                 h.flash(msg, category='error')
-                                return redirect(url('home'), code=501)
+                                return redirect(h.route_path('home'), code=501)
                     repo = Repository.get_by_repo_name(repo_name)
                     if repo and repo.repo_state == Repository.STATE_CREATED:
                         if repo.clone_uri:
                             clone_uri = repo.clone_uri_hidden
                             h.flash(_('Created repository %s from %s')
                                     % (repo.repo_name, clone_uri), category='success')
                         else:
                             repo_url = h.link_to(repo.repo_name,
                                                  h.url('summary_home',
                                                        repo_name=repo.repo_name))
                             fork = repo.fork
                             if fork:
                                 fork_name = fork.repo_name
                                 h.flash(h.literal(_('Forked repository %s as %s')
                                         % (fork_name, repo_url)), category='success')
                             else:
                                 h.flash(h.literal(_('Created repository %s') % repo_url),
                                         category='success')
                         return {'result': True}
                     return {'result': False}
                 @HasPermissionAllDecorator('hg.admin')
                 def show(self, repo_name, format='html'):
                     """GET /repos/repo_name: Show a specific item"""
                     # url('repo', repo_name=ID)
                 @HasRepoPermissionAllDecorator('repository.admin')
                 def edit_fields(self, repo_name):
                     """GET /repo_name/settings: Form to edit an existing item"""
                     c.repo_info = self._load_repo(repo_name)
                     c.repo_fields = RepositoryField.query()\
                         .filter(RepositoryField.repository == c.repo_info).all()
                     c.active = 'fields'
                     if request.POST:
                         return redirect(url('repo_edit_fields'))
                     return render('admin/repos/repo_edit.mako')
                 @HasRepoPermissionAllDecorator('repository.admin')
                 @auth.CSRFRequired()
                 def create_repo_field(self, repo_name):
                     try:
                         form_result = RepoFieldForm()().to_python(dict(request.POST))
                         RepoModel().add_repo_field(
                             repo_name, form_result['new_field_key'],
                             field_type=form_result['new_field_type'],
                             field_value=form_result['new_field_value'],
                             field_label=form_result['new_field_label'],
                             field_desc=form_result['new_field_desc'])
                         Session().commit()
                     except Exception as e:
                         log.exception("Exception creating field")
                         msg = _('An error occurred during creation of field')
                         if isinstance(e, formencode.Invalid):
                             msg += ". " + e.msg
                         h.flash(msg, category='error')
                     return redirect(url('edit_repo_fields', repo_name=repo_name))
                 @HasRepoPermissionAllDecorator('repository.admin')
                 @auth.CSRFRequired()
                 def delete_repo_field(self, repo_name, field_id):
                     field = RepositoryField.get_or_404(field_id)
                     try:
                         RepoModel().delete_repo_field(repo_name, field.field_key)
                         Session().commit()
                     except Exception as e:
                         log.exception("Exception during removal of field")
                         msg = _('An error occurred during removal of field')
                         h.flash(msg, category='error')
                     return redirect(url('edit_repo_fields', repo_name=repo_name))
                 @HasRepoPermissionAnyDecorator('repository.write', 'repository.admin')
                 @auth.CSRFRequired()
                 def toggle_locking(self, repo_name):
                     """
                     Toggle locking of repository by simple GET call to url
                     :param repo_name:
                     """
                     try:
                         repo = Repository.get_by_repo_name(repo_name)
                         if repo.enable_locking:
                             if repo.locked[0]:
                                 Repository.unlock(repo)
                                 action = _('Unlocked')
                             else:
                                 Repository.lock(repo, c.rhodecode_user.user_id,
                                                 lock_reason=Repository.LOCK_WEB)
                                 action = _('Locked')
                             h.flash(_('Repository has been %s') % action,
                                     category='success')
                     except Exception:
                         log.exception("Exception during unlocking")
                         h.flash(_('An error occurred during unlocking'),
                                 category='error')
                     return redirect(url('summary_home', repo_name=repo_name))
                 @HasRepoPermissionAllDecorator('repository.admin')
                 @auth.CSRFRequired()
                 def edit_remote(self, repo_name):
                     """PUT /{repo_name}/settings/remote: edit the repo remote."""
                     try:
                         ScmModel().pull_changes(repo_name, c.rhodecode_user.username)
                         h.flash(_('Pulled from remote location'), category='success')
                     except Exception:
                         log.exception("Exception during pull from remote")
                         h.flash(_('An error occurred during pull from remote location'),
                                 category='error')
                     return redirect(url('edit_repo_remote', repo_name=c.repo_name))
                 @HasRepoPermissionAllDecorator('repository.admin')
                 def edit_remote_form(self, repo_name):
                     """GET /repo_name/settings: Form to edit an existing item"""
                     c.repo_info = self._load_repo(repo_name)
                     c.active = 'remote'
                     return render('admin/repos/repo_edit.mako')
                 @HasRepoPermissionAllDecorator('repository.admin')
                 @auth.CSRFRequired()
                 def edit_statistics(self, repo_name):
                     """PUT /{repo_name}/settings/statistics: reset the repo statistics."""
                     try:
                         RepoModel().delete_stats(repo_name)
                         Session().commit()
                     except Exception as e:
                         log.error(traceback.format_exc())
                         h.flash(_('An error occurred during deletion of repository stats'),
                                 category='error')
                     return redirect(url('edit_repo_statistics', repo_name=c.repo_name))
                 @HasRepoPermissionAllDecorator('repository.admin')
                 def edit_statistics_form(self, repo_name):
                     """GET /repo_name/settings: Form to edit an existing item"""
                     c.repo_info = self._load_repo(repo_name)
                     repo = c.repo_info.scm_instance()
                     if c.repo_info.stats:
                         # this is on what revision we ended up so we add +1 for count
                         last_rev = c.repo_info.stats.stat_on_revision + 1
                     else:
                         last_rev = 0
                     c.stats_revision = last_rev
                     c.repo_last_rev = repo.count()
                     if last_rev == 0 or c.repo_last_rev == 0:
                         c.stats_percentage = 0
                     else:
                         c.stats_percentage = '%.2f' % ((float((last_rev)) / c.repo_last_rev) * 100)
                     c.active = 'statistics'
                     return render('admin/repos/repo_edit.mako')
                 @HasRepoPermissionAllDecorator('repository.admin')
                 @auth.CSRFRequired()
                 def repo_issuetracker_test(self, repo_name):
                     if request.is_xhr:
                         return h.urlify_commit_message(
                             request.POST.get('test_text', ''),
                             repo_name)
                     else:
                         raise HTTPBadRequest()
                 @HasRepoPermissionAllDecorator('repository.admin')
                 @auth.CSRFRequired()
                 def repo_issuetracker_delete(self, repo_name):
                     uid = request.POST.get('uid')
                     repo_settings = IssueTrackerSettingsModel(repo=repo_name)
                     try:
                         repo_settings.delete_entries(uid)
                     except Exception:
                         h.flash(_('Error occurred during deleting issue tracker entry'),
                                 category='error')
                     else:
                         h.flash(_('Removed issue tracker entry'), category='success')
                     return redirect(url('repo_settings_issuetracker',
                                     repo_name=repo_name))
                 def _update_patterns(self, form, repo_settings):
                     for uid in form['delete_patterns']:
                         repo_settings.delete_entries(uid)
                     for pattern in form['patterns']:
                         for setting, value, type_ in pattern:
                             sett = repo_settings.create_or_update_setting(
                                 setting, value, type_)
                             Session().add(sett)
                         Session().commit()
                 @HasRepoPermissionAllDecorator('repository.admin')
                 @auth.CSRFRequired()
                 def repo_issuetracker_save(self, repo_name):
                     # Save inheritance
                     repo_settings = IssueTrackerSettingsModel(repo=repo_name)
                     inherited = (request.POST.get('inherit_global_issuetracker')
                                  == "inherited")
                     repo_settings.inherit_global_settings = inherited
                     Session().commit()
                     form = IssueTrackerPatternsForm()().to_python(request.POST)
                     if form:
                         self._update_patterns(form, repo_settings)
                     h.flash(_('Updated issue tracker entries'), category='success')
                     return redirect(url('repo_settings_issuetracker',
                                     repo_name=repo_name))
                 @HasRepoPermissionAllDecorator('repository.admin')
                 def repo_issuetracker(self, repo_name):
                     """GET /admin/settings/issue-tracker: All items in the collection"""
                     c.active = 'issuetracker'
                     c.data = 'data'
                     c.repo_info = self._load_repo(repo_name)
                     repo = Repository.get_by_repo_name(repo_name)
                     c.settings_model = IssueTrackerSettingsModel(repo=repo)
                     c.global_patterns = c.settings_model.get_global_settings()
                     c.repo_patterns = c.settings_model.get_repo_settings()
                     return render('admin/repos/repo_edit.mako')
                 @HasRepoPermissionAllDecorator('repository.admin')
                 def repo_settings_vcs(self, repo_name):
                     """GET /{repo_name}/settings/vcs/: All items in the collection"""
                     model = VcsSettingsModel(repo=repo_name)
                     c.active = 'vcs'
                     c.global_svn_branch_patterns = model.get_global_svn_branch_patterns()
                     c.global_svn_tag_patterns = model.get_global_svn_tag_patterns()
                     c.svn_branch_patterns = model.get_repo_svn_branch_patterns()
                     c.svn_tag_patterns = model.get_repo_svn_tag_patterns()
                     c.repo_info = self._load_repo(repo_name)
                     defaults = self._vcs_form_defaults(repo_name)
                     c.inherit_global_settings = defaults['inherit_global_settings']
                     c.labs_active = str2bool(
                         rhodecode.CONFIG.get('labs_settings_active', 'true'))
                     return htmlfill.render(
                         render('admin/repos/repo_edit.mako'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False)
                 @HasRepoPermissionAllDecorator('repository.admin')
                 @auth.CSRFRequired()
                 def repo_settings_vcs_update(self, repo_name):
                     """POST /{repo_name}/settings/vcs/: All items in the collection"""
                     c.active = 'vcs'
                     model = VcsSettingsModel(repo=repo_name)
                     c.global_svn_branch_patterns = model.get_global_svn_branch_patterns()
                     c.global_svn_tag_patterns = model.get_global_svn_tag_patterns()
                     c.svn_branch_patterns = model.get_repo_svn_branch_patterns()
                     c.svn_tag_patterns = model.get_repo_svn_tag_patterns()
                     c.repo_info = self._load_repo(repo_name)
                     defaults = self._vcs_form_defaults(repo_name)
                     c.inherit_global_settings = defaults['inherit_global_settings']
                     application_form = RepoVcsSettingsForm(repo_name)()
                     try:
                         form_result = application_form.to_python(dict(request.POST))
                     except formencode.Invalid as errors:
                         h.flash(
                             _("Some form inputs contain invalid data."),
                             category='error')
                         return htmlfill.render(
                             render('admin/repos/repo_edit.mako'),
                             defaults=errors.value,
                             errors=errors.error_dict or {},
                             prefix_error=False,
                             encoding="UTF-8",
                             force_defaults=False
                         )
                     try:
                         inherit_global_settings = form_result['inherit_global_settings']
                         model.create_or_update_repo_settings(
                             form_result, inherit_global_settings=inherit_global_settings)
                     except Exception:
                         log.exception("Exception while updating settings")
                         h.flash(
                             _('Error occurred during updating repository VCS settings'),
                             category='error')
                     else:
                         Session().commit()
                         h.flash(_('Updated VCS settings'), category='success')
                         return redirect(url('repo_vcs_settings', repo_name=repo_name))
                     return htmlfill.render(
                         render('admin/repos/repo_edit.mako'),
                         defaults=self._vcs_form_defaults(repo_name),
                         encoding="UTF-8",
                         force_defaults=False)
                 @HasRepoPermissionAllDecorator('repository.admin')
                 @auth.CSRFRequired()
                 @jsonify
                 def repo_delete_svn_pattern(self, repo_name):
                     if not request.is_xhr:
                         return False
                     delete_pattern_id = request.POST.get('delete_svn_pattern')
                     model = VcsSettingsModel(repo=repo_name)
                     try:
                         model.delete_repo_svn_pattern(delete_pattern_id)
                     except SettingNotFound:
                         raise HTTPBadRequest()
                     Session().commit()
                     return True
                 def _vcs_form_defaults(self, repo_name):
                     model = VcsSettingsModel(repo=repo_name)
                     global_defaults = model.get_global_settings()
                     repo_defaults = {}
                     repo_defaults.update(global_defaults)
                     repo_defaults.update(model.get_repo_settings())
                     global_defaults = {
                         '{}_inherited'.format(k): global_defaults[k]
                         for k in global_defaults}
                     defaults = {
                         'inherit_global_settings': model.inherit_global_settings
                     }
                     defaults.update(global_defaults)
                     defaults.update(repo_defaults)
                     defaults.update({
                         'new_svn_branch': '',
                         'new_svn_tag': '',
                     })
                     return defaults

rhodecode/controllers/forks.py

0 +1 -1

             # -*- coding: utf-8 -*-
             # Copyright (C) 2011-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             forks controller for rhodecode
             """
             import formencode
             import logging
             from formencode import htmlfill
             from pylons import tmpl_context as c, request, url
             from pylons.controllers.util import redirect
             from pylons.i18n.translation import _
             import rhodecode.lib.helpers as h
             from rhodecode.lib import auth
             from rhodecode.lib.helpers import Page
             from rhodecode.lib.auth import (
                 LoginRequired, HasRepoPermissionAnyDecorator, NotAnonymous,
                 HasRepoPermissionAny, HasPermissionAnyDecorator, HasAcceptedRepoType)
             from rhodecode.lib.base import BaseRepoController, render
             from rhodecode.model.db import Repository, RepoGroup, UserFollowing, User
             from rhodecode.model.repo import RepoModel
             from rhodecode.model.forms import RepoForkForm
             from rhodecode.model.scm import ScmModel, RepoGroupList
             from rhodecode.lib.utils2 import safe_int
             log = logging.getLogger(__name__)
             class ForksController(BaseRepoController):
                 def __before__(self):
                     super(ForksController, self).__before__()
                 def __load_defaults(self):
                     acl_groups = RepoGroupList(
                         RepoGroup.query().all(),
                         perm_set=['group.write', 'group.admin'])
                     c.repo_groups = RepoGroup.groups_choices(groups=acl_groups)
                     c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups)
                     choices, c.landing_revs = ScmModel().get_repo_landing_revs()
                     c.landing_revs_choices = choices
                     c.personal_repo_group = c.rhodecode_user.personal_repo_group
                 def __load_data(self, repo_name=None):
                     """
                     Load defaults settings for edit, and update
                     :param repo_name:
                     """
                     self.__load_defaults()
                     c.repo_info = Repository.get_by_repo_name(repo_name)
                     repo = c.repo_info.scm_instance()
                     if c.repo_info is None:
                         h.not_mapped_error(repo_name)
                         return redirect(url('repos'))
                     c.default_user_id = User.get_default_user().user_id
                     c.in_public_journal = UserFollowing.query()\
                         .filter(UserFollowing.user_id == c.default_user_id)\
                         .filter(UserFollowing.follows_repository == c.repo_info).scalar()
                     if c.repo_info.stats:
                         last_rev = c.repo_info.stats.stat_on_revision+1
                     else:
                         last_rev = 0
                     c.stats_revision = last_rev
                     c.repo_last_rev = repo.count()
                     if last_rev == 0 or c.repo_last_rev == 0:
                         c.stats_percentage = 0
                     else:
                         c.stats_percentage = '%.2f' % ((float((last_rev)) /
                                                         c.repo_last_rev) * 100)
                     defaults = RepoModel()._get_defaults(repo_name)
                     # alter the description to indicate a fork
                     defaults['description'] = ('fork of repository: %s \n%s'
                                                % (defaults['repo_name'],
                                                   defaults['description']))
                     # add suffix to fork
                     defaults['repo_name'] = '%s-fork' % defaults['repo_name']
                     return defaults
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
                                                'repository.admin')
                 @HasAcceptedRepoType('git', 'hg')
                 def forks(self, repo_name):
                     p = safe_int(request.GET.get('page', 1), 1)
                     repo_id = c.rhodecode_db_repo.repo_id
                     d = []
                     for r in Repository.get_repo_forks(repo_id):
                         if not HasRepoPermissionAny(
                             'repository.read', 'repository.write', 'repository.admin'
                         )(r.repo_name, 'get forks check'):
                             continue
                         d.append(r)
                     c.forks_pager = Page(d, page=p, items_per_page=20)
                     c.forks_data = render('/forks/forks_data.mako')
                     if request.environ.get('HTTP_X_PJAX'):
                         return c.forks_data
                     return render('/forks/forks.mako')
                 @LoginRequired()
                 @NotAnonymous()
                 @HasPermissionAnyDecorator('hg.admin', 'hg.fork.repository')
                 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
                                                'repository.admin')
                 @HasAcceptedRepoType('git', 'hg')
                 def fork(self, repo_name):
                     c.repo_info = Repository.get_by_repo_name(repo_name)
                     if not c.repo_info:
                         h.not_mapped_error(repo_name)
-                        return redirect(url('home'))
+                        return redirect(h.route_path('home'))
                     defaults = self.__load_data(repo_name)
                     return htmlfill.render(
                         render('forks/fork.mako'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False
                     )
                 @LoginRequired()
                 @NotAnonymous()
                 @HasPermissionAnyDecorator('hg.admin', 'hg.fork.repository')
                 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
                                                'repository.admin')
                 @HasAcceptedRepoType('git', 'hg')
                 @auth.CSRFRequired()
                 def fork_create(self, repo_name):
                     self.__load_defaults()
                     c.repo_info = Repository.get_by_repo_name(repo_name)
                     _form = RepoForkForm(old_data={'repo_type': c.repo_info.repo_type},
                                          repo_groups=c.repo_groups_choices,
                                          landing_revs=c.landing_revs_choices)()
                     form_result = {}
                     task_id = None
                     try:
                         form_result = _form.to_python(dict(request.POST))
                         # create fork is done sometimes async on celery, db transaction
                         # management is handled there.
                         task = RepoModel().create_fork(
                             form_result, c.rhodecode_user.user_id)
                         from celery.result import BaseAsyncResult
                         if isinstance(task, BaseAsyncResult):
                             task_id = task.task_id
                     except formencode.Invalid as errors:
                         c.new_repo = errors.value['repo_name']
                         return htmlfill.render(
                             render('forks/fork.mako'),
                             defaults=errors.value,
                             errors=errors.error_dict or {},
                             prefix_error=False,
                             encoding="UTF-8",
                             force_defaults=False)
                     except Exception:
                         log.exception(
                             u'Exception while trying to fork the repository %s', repo_name)
                         msg = (
                             _('An error occurred during repository forking %s') %
                             (repo_name, ))
                         h.flash(msg, category='error')
                     return redirect(h.url('repo_creating_home',
                                           repo_name=form_result['repo_name_full'],
                                           task_id=task_id))

rhodecode/controllers/home.py

0 0 -43

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             Home controller for RhodeCode Enterprise
             """
             import logging
             import time
             from pylons import tmpl_context as c
             from rhodecode.lib.auth import (
                 LoginRequired, HasPermissionAllDecorator,
                 HasRepoGroupPermissionAnyDecorator)
             from rhodecode.lib.base import BaseController, render
             from rhodecode.lib.ext_json import json
             from rhodecode.model.db import Repository, RepoGroup
             from rhodecode.model.repo import RepoModel
             from rhodecode.model.repo_group import RepoGroupModel
             from rhodecode.model.scm import RepoList, RepoGroupList
             log = logging.getLogger(__name__)
             class HomeController(BaseController):
                 def __before__(self):
                     super(HomeController, self).__before__()
                 def ping(self):
                     """
                     Ping, doesn't require login, good for checking out the platform
                     """
                     instance_id = getattr(c, 'rhodecode_instanceid', '')
                     return 'pong[%s] => %s' % (instance_id, self.ip_addr,)
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 def error_test(self):
                     """
                     Test exception handling and emails on errors
                     """
                     class TestException(Exception):
                         pass
                     msg = ('RhodeCode Enterprise %s test exception. Generation time: %s'
                            % (c.rhodecode_name, time.time()))
                     raise TestException(msg)
-                def _get_groups_and_repos(self, repo_group_id=None):
-                    # repo groups groups
-                    repo_group_list = RepoGroup.get_all_repo_groups(group_id=repo_group_id)
-                    _perms = ['group.read', 'group.write', 'group.admin']
-                    repo_group_list_acl = RepoGroupList(repo_group_list, perm_set=_perms)
-                    repo_group_data = RepoGroupModel().get_repo_groups_as_dict(
-                        repo_group_list=repo_group_list_acl, admin=False)
-                    # repositories
-                    repo_list = Repository.get_all_repos(group_id=repo_group_id)
-                    _perms = ['repository.read', 'repository.write', 'repository.admin']
-                    repo_list_acl = RepoList(repo_list, perm_set=_perms)
-                    repo_data = RepoModel().get_repos_as_dict(
-                        repo_list=repo_list_acl, admin=False)
-                    return repo_data, repo_group_data
-                @LoginRequired()
-                def index(self):
-                    c.repo_group = None
-                    repo_data, repo_group_data = self._get_groups_and_repos()
-                    # json used to render the grids
-                    c.repos_data = json.dumps(repo_data)
-                    c.repo_groups_data = json.dumps(repo_group_data)
-                    return render('/index.mako')
-                @LoginRequired()
-                @HasRepoGroupPermissionAnyDecorator('group.read', 'group.write',
-                                                    'group.admin')
-                def index_repo_group(self, group_name):
-                    """GET /repo_group_name: Show a specific item"""
-                    c.repo_group = RepoGroupModel()._get_repo_group(group_name)
-                    repo_data, repo_group_data = self._get_groups_and_repos(
-                        c.repo_group.group_id)
-                    # json used to render the grids
-                    c.repos_data = json.dumps(repo_data)
-                    c.repo_groups_data = json.dumps(repo_group_data)
-                    return render('index_repo_group.mako')

rhodecode/events/base.py

0 +1 -1

             # Copyright (C) 2016-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import logging
             from datetime import datetime
             from pyramid.threadlocal import get_current_request
             from rhodecode.lib.utils2 import AttributeDict
             # this is a user object to be used for events caused by the system (eg. shell)
             SYSTEM_USER = AttributeDict(dict(
                 username='__SYSTEM__',
                 user_id='__SYSTEM_ID__'
             ))
             log = logging.getLogger(__name__)
             class RhodecodeEvent(object):
                 """
                 Base event class for all Rhodecode events
                 """
                 name = "RhodeCodeEvent"
                 def __init__(self):
                     self.request = get_current_request()
                     self.utc_timestamp = datetime.utcnow()
                 @property
                 def auth_user(self):
                     if not self.request:
                         return
                     user = getattr(self.request, 'user', None)
                     if user:
                         return user
                     api_user = getattr(self.request, 'rpc_user', None)
                     if api_user:
                         return api_user
                 @property
                 def actor(self):
                     auth_user = self.auth_user
                     if auth_user:
                         instance = auth_user.get_instance()
                         if not instance:
                             return AttributeDict(dict(
                                 username=auth_user.username,
                                 user_id=auth_user.user_id,
                             ))
                         return instance
                     return SYSTEM_USER
                 @property
                 def actor_ip(self):
                     auth_user = self.auth_user
                     if auth_user:
                         return auth_user.ip_addr
                     return '<no ip available>'
                 @property
                 def server_url(self):
                     default = '<no server_url available>'
                     if self.request:
                         from rhodecode.lib import helpers as h
                         try:
-                            return h.url('home', qualified=True)
+                            return h.route_url('home')
                         except Exception:
                             log.exception('Failed to fetch URL for server')
                             return default
                     return default
                 def as_dict(self):
                     data = {
                         'name': self.name,
                         'utc_timestamp': self.utc_timestamp,
                         'actor_ip': self.actor_ip,
                         'actor': {
                             'username': self.actor.username,
                             'user_id': self.actor.user_id
                         },
                         'server_url': self.server_url
                     }
                     return data

rhodecode/lib/auth.py

0 +21 -1

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             authentication and permission libraries
             """
             import os
             import inspect
             import collections
             import fnmatch
             import hashlib
             import itertools
             import logging
             import random
             import traceback
             from functools import wraps
             import ipaddress
             from pyramid.httpexceptions import HTTPForbidden, HTTPFound
             from pylons import url, request
             from pylons.controllers.util import abort, redirect
             from pylons.i18n.translation import _
             from sqlalchemy.orm.exc import ObjectDeletedError
             from sqlalchemy.orm import joinedload
             from zope.cachedescriptors.property import Lazy as LazyProperty
             import rhodecode
             from rhodecode.model import meta
             from rhodecode.model.meta import Session
             from rhodecode.model.user import UserModel
             from rhodecode.model.db import (
                 User, Repository, Permission, UserToPerm, UserGroupToPerm, UserGroupMember,
                 UserIpMap, UserApiKeys, RepoGroup)
             from rhodecode.lib import caches
             from rhodecode.lib.utils2 import safe_unicode, aslist, safe_str, md5
             from rhodecode.lib.utils import (
                 get_repo_slug, get_repo_group_slug, get_user_group_slug)
             from rhodecode.lib.caching_query import FromCache
             if rhodecode.is_unix:
                 import bcrypt
             log = logging.getLogger(__name__)
             csrf_token_key = "csrf_token"
             class PasswordGenerator(object):
                 """
                 This is a simple class for generating password from different sets of
                 characters
                 usage::
                     passwd_gen = PasswordGenerator()
                     #print 8-letter password containing only big and small letters
                         of alphabet
                     passwd_gen.gen_password(8, passwd_gen.ALPHABETS_BIG_SMALL)
                 """
                 ALPHABETS_NUM = r'''1234567890'''
                 ALPHABETS_SMALL = r'''qwertyuiopasdfghjklzxcvbnm'''
                 ALPHABETS_BIG = r'''QWERTYUIOPASDFGHJKLZXCVBNM'''
                 ALPHABETS_SPECIAL = r'''`-=[]\;',./~!@#$%^&*()_+{}|:"<>?'''
                 ALPHABETS_FULL = ALPHABETS_BIG + ALPHABETS_SMALL \
                     + ALPHABETS_NUM + ALPHABETS_SPECIAL
                 ALPHABETS_ALPHANUM = ALPHABETS_BIG + ALPHABETS_SMALL + ALPHABETS_NUM
                 ALPHABETS_BIG_SMALL = ALPHABETS_BIG + ALPHABETS_SMALL
                 ALPHABETS_ALPHANUM_BIG = ALPHABETS_BIG + ALPHABETS_NUM
                 ALPHABETS_ALPHANUM_SMALL = ALPHABETS_SMALL + ALPHABETS_NUM
                 def __init__(self, passwd=''):
                     self.passwd = passwd
                 def gen_password(self, length, type_=None):
                     if type_ is None:
                         type_ = self.ALPHABETS_FULL
                     self.passwd = ''.join([random.choice(type_) for _ in xrange(length)])
                     return self.passwd
             class _RhodeCodeCryptoBase(object):
                 ENC_PREF = None
                 def hash_create(self, str_):
                     """
                     hash the string using
                     :param str_: password to hash
                     """
                     raise NotImplementedError
                 def hash_check_with_upgrade(self, password, hashed):
                     """
                     Returns tuple in which first element is boolean that states that
                     given password matches it's hashed version, and the second is new hash
                     of the password, in case this password should be migrated to new
                     cipher.
                     """
                     checked_hash = self.hash_check(password, hashed)
                     return checked_hash, None
                 def hash_check(self, password, hashed):
                     """
                     Checks matching password with it's hashed value.
                     :param password: password
                     :param hashed: password in hashed form
                     """
                     raise NotImplementedError
                 def _assert_bytes(self, value):
                     """
                     Passing in an `unicode` object can lead to hard to detect issues
                     if passwords contain non-ascii characters.  Doing a type check
                     during runtime, so that such mistakes are detected early on.
                     """
                     if not isinstance(value, str):
                         raise TypeError(
                             "Bytestring required as input, got %r." % (value, ))
             class _RhodeCodeCryptoBCrypt(_RhodeCodeCryptoBase):
                 ENC_PREF = ('$2a$10', '$2b$10')
                 def hash_create(self, str_):
                     self._assert_bytes(str_)
                     return bcrypt.hashpw(str_, bcrypt.gensalt(10))
                 def hash_check_with_upgrade(self, password, hashed):
                     """
                     Returns tuple in which first element is boolean that states that
                     given password matches it's hashed version, and the second is new hash
                     of the password, in case this password should be migrated to new
                     cipher.
                     This implements special upgrade logic which works like that:
                      - check if the given password == bcrypted hash, if yes then we
                        properly used password and it was already in bcrypt. Proceed
                        without any changes
                      - if bcrypt hash check is not working try with sha256. If hash compare
                        is ok, it means we using correct but old hashed password. indicate
                        hash change and proceed
                     """
                     new_hash = None
                     # regular pw check
                     password_match_bcrypt = self.hash_check(password, hashed)
                     # now we want to know if the password was maybe from sha256
                     # basically calling _RhodeCodeCryptoSha256().hash_check()
                     if not password_match_bcrypt:
                         if _RhodeCodeCryptoSha256().hash_check(password, hashed):
                             new_hash = self.hash_create(password)  # make new bcrypt hash
                             password_match_bcrypt = True
                     return password_match_bcrypt, new_hash
                 def hash_check(self, password, hashed):
                     """
                     Checks matching password with it's hashed value.
                     :param password: password
                     :param hashed: password in hashed form
                     """
                     self._assert_bytes(password)
                     try:
                         return bcrypt.hashpw(password, hashed) == hashed
                     except ValueError as e:
                         # we're having a invalid salt here probably, we should not crash
                         # just return with False as it would be a wrong password.
                         log.debug('Failed to check password hash using bcrypt %s',
                                   safe_str(e))
                     return False
             class _RhodeCodeCryptoSha256(_RhodeCodeCryptoBase):
                 ENC_PREF = '_'
                 def hash_create(self, str_):
                     self._assert_bytes(str_)
                     return hashlib.sha256(str_).hexdigest()
                 def hash_check(self, password, hashed):
                     """
                     Checks matching password with it's hashed value.
                     :param password: password
                     :param hashed: password in hashed form
                     """
                     self._assert_bytes(password)
                     return hashlib.sha256(password).hexdigest() == hashed
             class _RhodeCodeCryptoMd5(_RhodeCodeCryptoBase):
                 ENC_PREF = '_'
                 def hash_create(self, str_):
                     self._assert_bytes(str_)
                     return hashlib.md5(str_).hexdigest()
                 def hash_check(self, password, hashed):
                     """
                     Checks matching password with it's hashed value.
                     :param password: password
                     :param hashed: password in hashed form
                     """
                     self._assert_bytes(password)
                     return hashlib.md5(password).hexdigest() == hashed
             def crypto_backend():
                 """
                 Return the matching crypto backend.
                 Selection is based on if we run tests or not, we pick md5 backend to run
                 tests faster since BCRYPT is expensive to calculate
                 """
                 if rhodecode.is_test:
                     RhodeCodeCrypto = _RhodeCodeCryptoMd5()
                 else:
                     RhodeCodeCrypto = _RhodeCodeCryptoBCrypt()
                 return RhodeCodeCrypto
             def get_crypt_password(password):
                 """
                 Create the hash of `password` with the active crypto backend.
                 :param password: The cleartext password.
                 :type password: unicode
                 """
                 password = safe_str(password)
                 return crypto_backend().hash_create(password)
             def check_password(password, hashed):
                 """
                 Check if the value in `password` matches the hash in `hashed`.
                 :param password: The cleartext password.
                 :type password: unicode
                 :param hashed: The expected hashed version of the password.
                 :type hashed: The hash has to be passed in in text representation.
                 """
                 password = safe_str(password)
                 return crypto_backend().hash_check(password, hashed)
             def generate_auth_token(data, salt=None):
                 """
                 Generates API KEY from given string
                 """
                 if salt is None:
                     salt = os.urandom(16)
                 return hashlib.sha1(safe_str(data) + salt).hexdigest()
             class CookieStoreWrapper(object):
                 def __init__(self, cookie_store):
                     self.cookie_store = cookie_store
                 def __repr__(self):
                     return 'CookieStore<%s>' % (self.cookie_store)
                 def get(self, key, other=None):
                     if isinstance(self.cookie_store, dict):
                         return self.cookie_store.get(key, other)
                     elif isinstance(self.cookie_store, AuthUser):
                         return self.cookie_store.__dict__.get(key, other)
             def _cached_perms_data(user_id, scope, user_is_admin,
                                    user_inherit_default_permissions, explicit, algo):
                 permissions = PermissionCalculator(
                     user_id, scope, user_is_admin, user_inherit_default_permissions,
                     explicit, algo)
                 return permissions.calculate()
             class PermOrigin:
                 ADMIN = 'superadmin'
                 REPO_USER = 'user:%s'
                 REPO_USERGROUP = 'usergroup:%s'
                 REPO_OWNER = 'repo.owner'
                 REPO_DEFAULT = 'repo.default'
                 REPO_PRIVATE = 'repo.private'
                 REPOGROUP_USER = 'user:%s'
                 REPOGROUP_USERGROUP = 'usergroup:%s'
                 REPOGROUP_OWNER = 'group.owner'
                 REPOGROUP_DEFAULT = 'group.default'
                 USERGROUP_USER = 'user:%s'
                 USERGROUP_USERGROUP = 'usergroup:%s'
                 USERGROUP_OWNER = 'usergroup.owner'
                 USERGROUP_DEFAULT = 'usergroup.default'
             class PermOriginDict(dict):
                 """
                 A special dict used for tracking permissions along with their origins.
                 `__setitem__` has been overridden to expect a tuple(perm, origin)
                 `__getitem__` will return only the perm
                 `.perm_origin_stack` will return the stack of (perm, origin) set per key
                 >>> perms = PermOriginDict()
                 >>> perms['resource'] = 'read', 'default'
                 >>> perms['resource']
                 'read'
                 >>> perms['resource'] = 'write', 'admin'
                 >>> perms['resource']
                 'write'
                 >>> perms.perm_origin_stack
                 {'resource': [('read', 'default'), ('write', 'admin')]}
                 """
                 def __init__(self, *args, **kw):
                     dict.__init__(self, *args, **kw)
                     self.perm_origin_stack = {}
                 def __setitem__(self, key, (perm, origin)):
                     self.perm_origin_stack.setdefault(key, []).append((perm, origin))
                     dict.__setitem__(self, key, perm)
             class PermissionCalculator(object):
                 def __init__(
                         self, user_id, scope, user_is_admin,
                         user_inherit_default_permissions, explicit, algo):
                     self.user_id = user_id
                     self.user_is_admin = user_is_admin
                     self.inherit_default_permissions = user_inherit_default_permissions
                     self.explicit = explicit
                     self.algo = algo
                     scope = scope or {}
                     self.scope_repo_id = scope.get('repo_id')
                     self.scope_repo_group_id = scope.get('repo_group_id')
                     self.scope_user_group_id = scope.get('user_group_id')
                     self.default_user_id = User.get_default_user(cache=True).user_id
                     self.permissions_repositories = PermOriginDict()
                     self.permissions_repository_groups = PermOriginDict()
                     self.permissions_user_groups = PermOriginDict()
                     self.permissions_global = set()
                     self.default_repo_perms = Permission.get_default_repo_perms(
                         self.default_user_id, self.scope_repo_id)
                     self.default_repo_groups_perms = Permission.get_default_group_perms(
                         self.default_user_id, self.scope_repo_group_id)
                     self.default_user_group_perms = \
                         Permission.get_default_user_group_perms(
                             self.default_user_id, self.scope_user_group_id)
                 def calculate(self):
                     if self.user_is_admin:
                         return self._admin_permissions()
                     self._calculate_global_default_permissions()
                     self._calculate_global_permissions()
                     self._calculate_default_permissions()
                     self._calculate_repository_permissions()
                     self._calculate_repository_group_permissions()
                     self._calculate_user_group_permissions()
                     return self._permission_structure()
                 def _admin_permissions(self):
                     """
                     admin user have all default rights for repositories
                     and groups set to admin
                     """
                     self.permissions_global.add('hg.admin')
                     self.permissions_global.add('hg.create.write_on_repogroup.true')
                     # repositories
                     for perm in self.default_repo_perms:
                         r_k = perm.UserRepoToPerm.repository.repo_name
                         p = 'repository.admin'
                         self.permissions_repositories[r_k] = p, PermOrigin.ADMIN
                     # repository groups
                     for perm in self.default_repo_groups_perms:
                         rg_k = perm.UserRepoGroupToPerm.group.group_name
                         p = 'group.admin'
                         self.permissions_repository_groups[rg_k] = p, PermOrigin.ADMIN
                     # user groups
                     for perm in self.default_user_group_perms:
                         u_k = perm.UserUserGroupToPerm.user_group.users_group_name
                         p = 'usergroup.admin'
                         self.permissions_user_groups[u_k] = p, PermOrigin.ADMIN
                     return self._permission_structure()
                 def _calculate_global_default_permissions(self):
                     """
                     global permissions taken from the default user
                     """
                     default_global_perms = UserToPerm.query()\
                         .filter(UserToPerm.user_id == self.default_user_id)\
                         .options(joinedload(UserToPerm.permission))
                     for perm in default_global_perms:
                         self.permissions_global.add(perm.permission.permission_name)
                 def _calculate_global_permissions(self):
                     """
                     Set global system permissions with user permissions or permissions
                     taken from the user groups of the current user.
                     The permissions include repo creating, repo group creating, forking
                     etc.
                     """
                     # now we read the defined permissions and overwrite what we have set
                     # before those can be configured from groups or users explicitly.
                     # TODO: johbo: This seems to be out of sync, find out the reason
                     # for the comment below and update it.
                     # In case we want to extend this list we should be always in sync with
                     # User.DEFAULT_USER_PERMISSIONS definitions
                     _configurable = frozenset([
                         'hg.fork.none', 'hg.fork.repository',
                         'hg.create.none', 'hg.create.repository',
                         'hg.usergroup.create.false', 'hg.usergroup.create.true',
                         'hg.repogroup.create.false', 'hg.repogroup.create.true',
                         'hg.create.write_on_repogroup.false',
                         'hg.create.write_on_repogroup.true',
                         'hg.inherit_default_perms.false', 'hg.inherit_default_perms.true'
                     ])
                     # USER GROUPS comes first user group global permissions
                     user_perms_from_users_groups = Session().query(UserGroupToPerm)\
                         .options(joinedload(UserGroupToPerm.permission))\
                         .join((UserGroupMember, UserGroupToPerm.users_group_id ==
                                UserGroupMember.users_group_id))\
                         .filter(UserGroupMember.user_id == self.user_id)\
                         .order_by(UserGroupToPerm.users_group_id)\
                         .all()
                     # need to group here by groups since user can be in more than
                     # one group, so we get all groups
                     _explicit_grouped_perms = [
                         [x, list(y)] for x, y in
                         itertools.groupby(user_perms_from_users_groups,
                                           lambda _x: _x.users_group)]
                     for gr, perms in _explicit_grouped_perms:
                         # since user can be in multiple groups iterate over them and
                         # select the lowest permissions first (more explicit)
                         # TODO: marcink: do this^^
                         # group doesn't inherit default permissions so we actually set them
                         if not gr.inherit_default_permissions:
                             # NEED TO IGNORE all previously set configurable permissions
                             # and replace them with explicitly set from this user
                             # group permissions
                             self.permissions_global = self.permissions_global.difference(
                                 _configurable)
                             for perm in perms:
                                 self.permissions_global.add(perm.permission.permission_name)
                     # user explicit global permissions
                     user_perms = Session().query(UserToPerm)\
                         .options(joinedload(UserToPerm.permission))\
                         .filter(UserToPerm.user_id == self.user_id).all()
                     if not self.inherit_default_permissions:
                         # NEED TO IGNORE all configurable permissions and
                         # replace them with explicitly set from this user permissions
                         self.permissions_global = self.permissions_global.difference(
                             _configurable)
                         for perm in user_perms:
                             self.permissions_global.add(perm.permission.permission_name)
                 def _calculate_default_permissions(self):
                     """
                     Set default user permissions for repositories, repository groups
                     taken from the default user.
                     Calculate inheritance of object permissions based on what we have now
                     in GLOBAL permissions. We check if .false is in GLOBAL since this is
                     explicitly set. Inherit is the opposite of .false being there.
                     .. note::
                        the syntax is little bit odd but what we need to check here is
                        the opposite of .false permission being in the list so even for
                        inconsistent state when both .true/.false is there
                        .false is more important
                     """
                     user_inherit_object_permissions = not ('hg.inherit_default_perms.false'
                                                            in self.permissions_global)
                     # defaults for repositories, taken from `default` user permissions
                     # on given repo
                     for perm in self.default_repo_perms:
                         r_k = perm.UserRepoToPerm.repository.repo_name
                         o = PermOrigin.REPO_DEFAULT
                         if perm.Repository.private and not (
                                 perm.Repository.user_id == self.user_id):
                             # disable defaults for private repos,
                             p = 'repository.none'
                             o = PermOrigin.REPO_PRIVATE
                         elif perm.Repository.user_id == self.user_id:
                             # set admin if owner
                             p = 'repository.admin'
                             o = PermOrigin.REPO_OWNER
                         else:
                             p = perm.Permission.permission_name
                             # if we decide this user isn't inheriting permissions from
                             # default user we set him to .none so only explicit
                             # permissions work
                             if not user_inherit_object_permissions:
                                 p = 'repository.none'
                         self.permissions_repositories[r_k] = p, o
                     # defaults for repository groups taken from `default` user permission
                     # on given group
                     for perm in self.default_repo_groups_perms:
                         rg_k = perm.UserRepoGroupToPerm.group.group_name
                         o = PermOrigin.REPOGROUP_DEFAULT
                         if perm.RepoGroup.user_id == self.user_id:
                             # set admin if owner
                             p = 'group.admin'
                             o = PermOrigin.REPOGROUP_OWNER
                         else:
                             p = perm.Permission.permission_name
                         # if we decide this user isn't inheriting permissions from default
                         # user we set him to .none so only explicit permissions work
                         if not user_inherit_object_permissions:
                             p = 'group.none'
                         self.permissions_repository_groups[rg_k] = p, o
                     # defaults for user groups taken from `default` user permission
                     # on given user group
                     for perm in self.default_user_group_perms:
                         u_k = perm.UserUserGroupToPerm.user_group.users_group_name
                         o = PermOrigin.USERGROUP_DEFAULT
                         if perm.UserGroup.user_id == self.user_id:
                             # set admin if owner
                             p = 'usergroup.admin'
                             o = PermOrigin.USERGROUP_OWNER
                         else:
                             p = perm.Permission.permission_name
                         # if we decide this user isn't inheriting permissions from default
                         # user we set him to .none so only explicit permissions work
                         if not user_inherit_object_permissions:
                             p = 'usergroup.none'
                         self.permissions_user_groups[u_k] = p, o
                 def _calculate_repository_permissions(self):
                     """
                     Repository permissions for the current user.
                     Check if the user is part of user groups for this repository and
                     fill in the permission from it. `_choose_permission` decides of which
                     permission should be selected based on selected method.
                     """
                     # user group for repositories permissions
                     user_repo_perms_from_user_group = Permission\
                         .get_default_repo_perms_from_user_group(
                             self.user_id, self.scope_repo_id)
                     multiple_counter = collections.defaultdict(int)
                     for perm in user_repo_perms_from_user_group:
                         r_k = perm.UserGroupRepoToPerm.repository.repo_name
                         ug_k = perm.UserGroupRepoToPerm.users_group.users_group_name
                         multiple_counter[r_k] += 1
                         p = perm.Permission.permission_name
                         o = PermOrigin.REPO_USERGROUP % ug_k
                         if perm.Repository.user_id == self.user_id:
                             # set admin if owner
                             p = 'repository.admin'
                             o = PermOrigin.REPO_OWNER
                         else:
                             if multiple_counter[r_k] > 1:
                                 cur_perm = self.permissions_repositories[r_k]
                                 p = self._choose_permission(p, cur_perm)
                         self.permissions_repositories[r_k] = p, o
                     # user explicit permissions for repositories, overrides any specified
                     # by the group permission
                     user_repo_perms = Permission.get_default_repo_perms(
                         self.user_id, self.scope_repo_id)
                     for perm in user_repo_perms:
                         r_k = perm.UserRepoToPerm.repository.repo_name
                         o = PermOrigin.REPO_USER % perm.UserRepoToPerm.user.username
                         # set admin if owner
                         if perm.Repository.user_id == self.user_id:
                             p = 'repository.admin'
                             o = PermOrigin.REPO_OWNER
                         else:
                             p = perm.Permission.permission_name
                             if not self.explicit:
                                 cur_perm = self.permissions_repositories.get(
                                     r_k, 'repository.none')
                                 p = self._choose_permission(p, cur_perm)
                         self.permissions_repositories[r_k] = p, o
                 def _calculate_repository_group_permissions(self):
                     """
                     Repository group permissions for the current user.
                     Check if the user is part of user groups for repository groups and
                     fill in the permissions from it. `_choose_permmission` decides of which
                     permission should be selected based on selected method.
                     """
                     # user group for repo groups permissions
                     user_repo_group_perms_from_user_group = Permission\
                         .get_default_group_perms_from_user_group(
                             self.user_id, self.scope_repo_group_id)
                     multiple_counter = collections.defaultdict(int)
                     for perm in user_repo_group_perms_from_user_group:
                         g_k = perm.UserGroupRepoGroupToPerm.group.group_name
                         ug_k = perm.UserGroupRepoGroupToPerm.users_group.users_group_name
                         o = PermOrigin.REPOGROUP_USERGROUP % ug_k
                         multiple_counter[g_k] += 1
                         p = perm.Permission.permission_name
                         if perm.RepoGroup.user_id == self.user_id:
                             # set admin if owner, even for member of other user group
                             p = 'group.admin'
                             o = PermOrigin.REPOGROUP_OWNER
                         else:
                             if multiple_counter[g_k] > 1:
                                 cur_perm = self.permissions_repository_groups[g_k]
                                 p = self._choose_permission(p, cur_perm)
                         self.permissions_repository_groups[g_k] = p, o
                     # user explicit permissions for repository groups
                     user_repo_groups_perms = Permission.get_default_group_perms(
                         self.user_id, self.scope_repo_group_id)
                     for perm in user_repo_groups_perms:
                         rg_k = perm.UserRepoGroupToPerm.group.group_name
                         u_k = perm.UserRepoGroupToPerm.user.username
                         o = PermOrigin.REPOGROUP_USER % u_k
                         if perm.RepoGroup.user_id == self.user_id:
                             # set admin if owner
                             p = 'group.admin'
                             o = PermOrigin.REPOGROUP_OWNER
                         else:
                             p = perm.Permission.permission_name
                             if not self.explicit:
                                 cur_perm = self.permissions_repository_groups.get(
                                     rg_k, 'group.none')
                                 p = self._choose_permission(p, cur_perm)
                         self.permissions_repository_groups[rg_k] = p, o
                 def _calculate_user_group_permissions(self):
                     """
                     User group permissions for the current user.
                     """
                     # user group for user group permissions
                     user_group_from_user_group = Permission\
                         .get_default_user_group_perms_from_user_group(
                             self.user_id, self.scope_user_group_id)
                     multiple_counter = collections.defaultdict(int)
                     for perm in user_group_from_user_group:
                         g_k = perm.UserGroupUserGroupToPerm\
                             .target_user_group.users_group_name
                         u_k = perm.UserGroupUserGroupToPerm\
                             .user_group.users_group_name
                         o = PermOrigin.USERGROUP_USERGROUP % u_k
                         multiple_counter[g_k] += 1
                         p = perm.Permission.permission_name
                         if perm.UserGroup.user_id == self.user_id:
                             # set admin if owner, even for member of other user group
                             p = 'usergroup.admin'
                             o = PermOrigin.USERGROUP_OWNER
                         else:
                             if multiple_counter[g_k] > 1:
                                 cur_perm = self.permissions_user_groups[g_k]
                                 p = self._choose_permission(p, cur_perm)
                         self.permissions_user_groups[g_k] = p, o
                     # user explicit permission for user groups
                     user_user_groups_perms = Permission.get_default_user_group_perms(
                         self.user_id, self.scope_user_group_id)
                     for perm in user_user_groups_perms:
                         ug_k = perm.UserUserGroupToPerm.user_group.users_group_name
                         u_k = perm.UserUserGroupToPerm.user.username
                         o = PermOrigin.USERGROUP_USER % u_k
                         if perm.UserGroup.user_id == self.user_id:
                             # set admin if owner
                             p = 'usergroup.admin'
                             o = PermOrigin.USERGROUP_OWNER
                         else:
                             p = perm.Permission.permission_name
                             if not self.explicit:
                                 cur_perm = self.permissions_user_groups.get(
                                     ug_k, 'usergroup.none')
                                 p = self._choose_permission(p, cur_perm)
                         self.permissions_user_groups[ug_k] = p, o
                 def _choose_permission(self, new_perm, cur_perm):
                     new_perm_val = Permission.PERM_WEIGHTS[new_perm]
                     cur_perm_val = Permission.PERM_WEIGHTS[cur_perm]
                     if self.algo == 'higherwin':
                         if new_perm_val > cur_perm_val:
                             return new_perm
                         return cur_perm
                     elif self.algo == 'lowerwin':
                         if new_perm_val < cur_perm_val:
                             return new_perm
                         return cur_perm
                 def _permission_structure(self):
                     return {
                         'global': self.permissions_global,
                         'repositories': self.permissions_repositories,
                         'repositories_groups': self.permissions_repository_groups,
                         'user_groups': self.permissions_user_groups,
                     }
             def allowed_auth_token_access(controller_name, whitelist=None, auth_token=None):
                 """
                 Check if given controller_name is in whitelist of auth token access
                 """
                 if not whitelist:
                     from rhodecode import CONFIG
                     whitelist = aslist(
                         CONFIG.get('api_access_controllers_whitelist'), sep=',')
                     log.debug(
                         'Allowed controllers for AUTH TOKEN access: %s' % (whitelist,))
                 auth_token_access_valid = False
                 for entry in whitelist:
                     if fnmatch.fnmatch(controller_name, entry):
                         auth_token_access_valid = True
                         break
                 if auth_token_access_valid:
                     log.debug('controller:%s matches entry in whitelist'
                               % (controller_name,))
                 else:
                     msg = ('controller: %s does *NOT* match any entry in whitelist'
                            % (controller_name,))
                     if auth_token:
                         # if we use auth token key and don't have access it's a warning
                         log.warning(msg)
                     else:
                         log.debug(msg)
                 return auth_token_access_valid
             class AuthUser(object):
                 """
                 A simple object that handles all attributes of user in RhodeCode
                 It does lookup based on API key,given user, or user present in session
                 Then it fills all required information for such user. It also checks if
                 anonymous access is enabled and if so, it returns default user as logged in
                 """
                 GLOBAL_PERMS = [x[0] for x in Permission.PERMS]
                 def __init__(self, user_id=None, api_key=None, username=None, ip_addr=None):
                     self.user_id = user_id
                     self._api_key = api_key
                     self.api_key = None
                     self.feed_token = ''
                     self.username = username
                     self.ip_addr = ip_addr
                     self.name = ''
                     self.lastname = ''
                     self.email = ''
                     self.is_authenticated = False
                     self.admin = False
                     self.inherit_default_permissions = False
                     self.password = ''
                     self.anonymous_user = None  # propagated on propagate_data
                     self.propagate_data()
                     self._instance = None
                     self._permissions_scoped_cache = {}  # used to bind scoped calculation
                 @LazyProperty
                 def permissions(self):
                     return self.get_perms(user=self, cache=False)
                 def permissions_with_scope(self, scope):
                     """
                     Call the get_perms function with scoped data. The scope in that function
                     narrows the SQL calls to the given ID of objects resulting in fetching
                     Just particular permission we want to obtain. If scope is an empty dict
                     then it basically narrows the scope to GLOBAL permissions only.
                     :param scope: dict
                     """
                     if 'repo_name' in scope:
                         obj = Repository.get_by_repo_name(scope['repo_name'])
                         if obj:
                             scope['repo_id'] = obj.repo_id
                     _scope = {
                         'repo_id': -1,
                         'user_group_id': -1,
                         'repo_group_id': -1,
                     }
                     _scope.update(scope)
                     cache_key = "_".join(map(safe_str, reduce(lambda a, b: a+b,
                                                               _scope.items())))
                     if cache_key not in self._permissions_scoped_cache:
                         # store in cache to mimic how the @LazyProperty works,
                         # the difference here is that we use the unique key calculated
                         # from params and values
                         res = self.get_perms(user=self, cache=False, scope=_scope)
                         self._permissions_scoped_cache[cache_key] = res
                     return self._permissions_scoped_cache[cache_key]
                 def get_instance(self):
                     return User.get(self.user_id)
                 def update_lastactivity(self):
                     if self.user_id:
                         User.get(self.user_id).update_lastactivity()
                 def propagate_data(self):
                     """
                     Fills in user data and propagates values to this instance. Maps fetched
                     user attributes to this class instance attributes
                     """
                     log.debug('starting data propagation for new potential AuthUser')
                     user_model = UserModel()
                     anon_user = self.anonymous_user = User.get_default_user(cache=True)
                     is_user_loaded = False
                     # lookup by userid
                     if self.user_id is not None and self.user_id != anon_user.user_id:
                         log.debug('Trying Auth User lookup by USER ID: `%s`' % self.user_id)
                         is_user_loaded = user_model.fill_data(self, user_id=self.user_id)
                     # try go get user by api key
                     elif self._api_key and self._api_key != anon_user.api_key:
                         log.debug('Trying Auth User lookup by API KEY: `%s`' % self._api_key)
                         is_user_loaded = user_model.fill_data(self, api_key=self._api_key)
                     # lookup by username
                     elif self.username:
                         log.debug('Trying Auth User lookup by USER NAME: `%s`' % self.username)
                         is_user_loaded = user_model.fill_data(self, username=self.username)
                     else:
                         log.debug('No data in %s that could been used to log in' % self)
                     if not is_user_loaded:
                         log.debug('Failed to load user. Fallback to default user')
                         # if we cannot authenticate user try anonymous
                         if anon_user.active:
                             user_model.fill_data(self, user_id=anon_user.user_id)
                             # then we set this user is logged in
                             self.is_authenticated = True
                         else:
                             # in case of disabled anonymous user we reset some of the
                             # parameters so such user is "corrupted", skipping the fill_data
                             for attr in ['user_id', 'username', 'admin', 'active']:
                                 setattr(self, attr, None)
                             self.is_authenticated = False
                     if not self.username:
                         self.username = 'None'
                     log.debug('Auth User is now %s' % self)
                 def get_perms(self, user, scope=None, explicit=True, algo='higherwin',
                               cache=False):
                     """
                     Fills user permission attribute with permissions taken from database
                     works for permissions given for repositories, and for permissions that
                     are granted to groups
                     :param user: instance of User object from database
                     :param explicit: In case there are permissions both for user and a group
                         that user is part of, explicit flag will defiine if user will
                         explicitly override permissions from group, if it's False it will
                         make decision based on the algo
                     :param algo: algorithm to decide what permission should be choose if
                         it's multiple defined, eg user in two different groups. It also
                         decides if explicit flag is turned off how to specify the permission
                         for case when user is in a group + have defined separate permission
                     """
                     user_id = user.user_id
                     user_is_admin = user.is_admin
                     # inheritance of global permissions like create repo/fork repo etc
                     user_inherit_default_permissions = user.inherit_default_permissions
                     log.debug('Computing PERMISSION tree for scope %s' % (scope, ))
                     compute = caches.conditional_cache(
                         'short_term', 'cache_desc',
                         condition=cache, func=_cached_perms_data)
                     result = compute(user_id, scope, user_is_admin,
                                      user_inherit_default_permissions, explicit, algo)
                     result_repr = []
                     for k in result:
                         result_repr.append((k, len(result[k])))
                     log.debug('PERMISSION tree computed %s' % (result_repr,))
                     return result
                 @property
                 def is_default(self):
                     return self.username == User.DEFAULT_USER
                 @property
                 def is_admin(self):
                     return self.admin
                 @property
                 def is_user_object(self):
                     return self.user_id is not None
                 @property
                 def repositories_admin(self):
                     """
                     Returns list of repositories you're an admin of
                     """
                     return [
                         x[0] for x in self.permissions['repositories'].iteritems()
                         if x[1] == 'repository.admin']
                 @property
                 def repository_groups_admin(self):
                     """
                     Returns list of repository groups you're an admin of
                     """
                     return [
                         x[0] for x in self.permissions['repositories_groups'].iteritems()
                         if x[1] == 'group.admin']
                 @property
                 def user_groups_admin(self):
                     """
                     Returns list of user groups you're an admin of
                     """
                     return [
                         x[0] for x in self.permissions['user_groups'].iteritems()
                         if x[1] == 'usergroup.admin']
                 @property
                 def ip_allowed(self):
                     """
                     Checks if ip_addr used in constructor is allowed from defined list of
                     allowed ip_addresses for user
                     :returns: boolean, True if ip is in allowed ip range
                     """
                     # check IP
                     inherit = self.inherit_default_permissions
                     return AuthUser.check_ip_allowed(self.user_id, self.ip_addr,
                                                      inherit_from_default=inherit)
                 @property
                 def personal_repo_group(self):
                     return RepoGroup.get_user_personal_repo_group(self.user_id)
                 @classmethod
                 def check_ip_allowed(cls, user_id, ip_addr, inherit_from_default):
                     allowed_ips = AuthUser.get_allowed_ips(
                         user_id, cache=True, inherit_from_default=inherit_from_default)
                     if check_ip_access(source_ip=ip_addr, allowed_ips=allowed_ips):
                         log.debug('IP:%s is in range of %s' % (ip_addr, allowed_ips))
                         return True
                     else:
                         log.info('Access for IP:%s forbidden, '
                                  'not in %s' % (ip_addr, allowed_ips))
                         return False
                 def __repr__(self):
                     return "<AuthUser('id:%s[%s] ip:%s auth:%s')>"\
                         % (self.user_id, self.username, self.ip_addr, self.is_authenticated)
                 def set_authenticated(self, authenticated=True):
                     if self.user_id != self.anonymous_user.user_id:
                         self.is_authenticated = authenticated
                 def get_cookie_store(self):
                     return {
                         'username': self.username,
                         'password': md5(self.password),
                         'user_id': self.user_id,
                         'is_authenticated': self.is_authenticated
                     }
                 @classmethod
                 def from_cookie_store(cls, cookie_store):
                     """
                     Creates AuthUser from a cookie store
                     :param cls:
                     :param cookie_store:
                     """
                     user_id = cookie_store.get('user_id')
                     username = cookie_store.get('username')
                     api_key = cookie_store.get('api_key')
                     return AuthUser(user_id, api_key, username)
                 @classmethod
                 def get_allowed_ips(cls, user_id, cache=False, inherit_from_default=False):
                     _set = set()
                     if inherit_from_default:
                         default_ips = UserIpMap.query().filter(
                             UserIpMap.user == User.get_default_user(cache=True))
                         if cache:
                             default_ips = default_ips.options(
                                 FromCache("sql_cache_short", "get_user_ips_default"))
                         # populate from default user
                         for ip in default_ips:
                             try:
                                 _set.add(ip.ip_addr)
                             except ObjectDeletedError:
                                 # since we use heavy caching sometimes it happens that
                                 # we get deleted objects here, we just skip them
                                 pass
                     user_ips = UserIpMap.query().filter(UserIpMap.user_id == user_id)
                     if cache:
                         user_ips = user_ips.options(
                             FromCache("sql_cache_short", "get_user_ips_%s" % user_id))
                     for ip in user_ips:
                         try:
                             _set.add(ip.ip_addr)
                         except ObjectDeletedError:
                             # since we use heavy caching sometimes it happens that we get
                             # deleted objects here, we just skip them
                             pass
                     return _set or set(['0.0.0.0/0', '::/0'])
             def set_available_permissions(config):
                 """
                 This function will propagate pylons globals with all available defined
                 permission given in db. We don't want to check each time from db for new
                 permissions since adding a new permission also requires application restart
                 ie. to decorate new views with the newly created permission
                 :param config: current pylons config instance
                 """
                 log.info('getting information about all available permissions')
                 try:
                     sa = meta.Session
                     all_perms = sa.query(Permission).all()
                     config['available_permissions'] = [x.permission_name for x in all_perms]
                 except Exception:
                     log.error(traceback.format_exc())
                 finally:
                     meta.Session.remove()
             def get_csrf_token(session=None, force_new=False, save_if_missing=True):
                 """
                 Return the current authentication token, creating one if one doesn't
                 already exist and the save_if_missing flag is present.
                 :param session: pass in the pylons session, else we use the global ones
                 :param force_new: force to re-generate the token and store it in session
                 :param save_if_missing: save the newly generated token if it's missing in
                     session
                 """
                 if not session:
                     from pylons import session
                 if (csrf_token_key not in session and save_if_missing) or force_new:
                     token = hashlib.sha1(str(random.getrandbits(128))).hexdigest()
                     session[csrf_token_key] = token
                     if hasattr(session, 'save'):
                         session.save()
                 return session.get(csrf_token_key)
             # CHECK DECORATORS
             class CSRFRequired(object):
                 """
                 Decorator for authenticating a form
                 This decorator uses an authorization token stored in the client's
                 session for prevention of certain Cross-site request forgery (CSRF)
                 attacks (See
                 http://en.wikipedia.org/wiki/Cross-site_request_forgery for more
                 information).
                 For use with the ``webhelpers.secure_form`` helper functions.
                 """
                 def __init__(self, token=csrf_token_key, header='X-CSRF-Token',
                     except_methods=None):
                     self.token = token
                     self.header = header
                     self.except_methods = except_methods or []
                 def __call__(self, func):
                     return get_cython_compat_decorator(self.__wrapper, func)
                 def _get_csrf(self, _request):
                     return _request.POST.get(self.token, _request.headers.get(self.header))
                 def check_csrf(self, _request, cur_token):
                     supplied_token = self._get_csrf(_request)
                     return supplied_token and supplied_token == cur_token
                 def __wrapper(self, func, *fargs, **fkwargs):
                     if request.method in self.except_methods:
                         return func(*fargs, **fkwargs)
                     cur_token = get_csrf_token(save_if_missing=False)
                     if self.check_csrf(request, cur_token):
                         if request.POST.get(self.token):
                             del request.POST[self.token]
                         return func(*fargs, **fkwargs)
                     else:
                         reason = 'token-missing'
                         supplied_token = self._get_csrf(request)
                         if supplied_token and cur_token != supplied_token:
                             reason = 'token-mismatch [%s:%s]' % (cur_token or ''[:6],
                                                                  supplied_token or ''[:6])
                         csrf_message = \
                             ("Cross-site request forgery detected, request denied. See "
                              "http://en.wikipedia.org/wiki/Cross-site_request_forgery for "
                              "more information.")
                     log.warn('Cross-site request forgery detected, request %r DENIED: %s '
                              'REMOTE_ADDR:%s, HEADERS:%s' % (
                                  request, reason, request.remote_addr, request.headers))
                     raise HTTPForbidden(explanation=csrf_message)
             class LoginRequired(object):
                 """
                 Must be logged in to execute this function else
                 redirect to login page
                 :param api_access: if enabled this checks only for valid auth token
                     and grants access based on valid token
                 """
                 def __init__(self, auth_token_access=None):
                     self.auth_token_access = auth_token_access
                 def __call__(self, func):
                     return get_cython_compat_decorator(self.__wrapper, func)
                 def __wrapper(self, func, *fargs, **fkwargs):
                     from rhodecode.lib import helpers as h
                     cls = fargs[0]
                     user = cls._rhodecode_user
                     loc = "%s:%s" % (cls.__class__.__name__, func.__name__)
                     log.debug('Starting login restriction checks for user: %s' % (user,))
                     # check if our IP is allowed
                     ip_access_valid = True
                     if not user.ip_allowed:
                         h.flash(h.literal(_('IP %s not allowed' % (user.ip_addr,))),
                                 category='warning')
                         ip_access_valid = False
                     # check if we used an APIKEY and it's a valid one
                     # defined white-list of controllers which API access will be enabled
                     _auth_token = request.GET.get(
                         'auth_token', '') or request.GET.get('api_key', '')
                     auth_token_access_valid = allowed_auth_token_access(
                         loc, auth_token=_auth_token)
                     # explicit controller is enabled or API is in our whitelist
                     if self.auth_token_access or auth_token_access_valid:
                         log.debug('Checking AUTH TOKEN access for %s' % (cls,))
                         db_user = user.get_instance()
                         if db_user:
                             if self.auth_token_access:
                                 roles = self.auth_token_access
                             else:
                                 roles = [UserApiKeys.ROLE_HTTP]
                             token_match = db_user.authenticate_by_token(
                                 _auth_token, roles=roles)
                         else:
                             log.debug('Unable to fetch db instance for auth user: %s', user)
                             token_match = False
                         if _auth_token and token_match:
                             auth_token_access_valid = True
                             log.debug('AUTH TOKEN ****%s is VALID' % (_auth_token[-4:],))
                         else:
                             auth_token_access_valid = False
                             if not _auth_token:
                                 log.debug("AUTH TOKEN *NOT* present in request")
                             else:
                                 log.warning(
                                     "AUTH TOKEN ****%s *NOT* valid" % _auth_token[-4:])
                     log.debug('Checking if %s is authenticated @ %s' % (user.username, loc))
                     reason = 'RHODECODE_AUTH' if user.is_authenticated \
                         else 'AUTH_TOKEN_AUTH'
                     if ip_access_valid and (
                             user.is_authenticated or auth_token_access_valid):
                         log.info(
                             'user %s authenticating with:%s IS authenticated on func %s'
                             % (user, reason, loc))
                         # update user data to check last activity
                         user.update_lastactivity()
                         Session().commit()
                         return func(*fargs, **fkwargs)
                     else:
                         log.warning(
                             'user %s authenticating with:%s NOT authenticated on '
                             'func: %s: IP_ACCESS:%s AUTH_TOKEN_ACCESS:%s'
                             % (user, reason, loc, ip_access_valid,
                                auth_token_access_valid))
                         # we preserve the get PARAM
                         came_from = request.path_qs
                         log.debug('redirecting to login page with %s' % (came_from,))
                         return redirect(
                             h.route_path('login', _query={'came_from': came_from}))
             class NotAnonymous(object):
                 """
                 Must be logged in to execute this function else
                 redirect to login page"""
                 def __call__(self, func):
                     return get_cython_compat_decorator(self.__wrapper, func)
                 def __wrapper(self, func, *fargs, **fkwargs):
                     import rhodecode.lib.helpers as h
                     cls = fargs[0]
                     self.user = cls._rhodecode_user
                     log.debug('Checking if user is not anonymous @%s' % cls)
                     anonymous = self.user.username == User.DEFAULT_USER
                     if anonymous:
                         came_from = request.path_qs
                         h.flash(_('You need to be a registered user to '
                                   'perform this action'),
                                 category='warning')
                         return redirect(
                             h.route_path('login', _query={'came_from': came_from}))
                     else:
                         return func(*fargs, **fkwargs)
             class XHRRequired(object):
                 def __call__(self, func):
                     return get_cython_compat_decorator(self.__wrapper, func)
                 def __wrapper(self, func, *fargs, **fkwargs):
                     log.debug('Checking if request is XMLHttpRequest (XHR)')
                     xhr_message = 'This is not a valid XMLHttpRequest (XHR) request'
                     if not request.is_xhr:
                         abort(400, detail=xhr_message)
                     return func(*fargs, **fkwargs)
             class HasAcceptedRepoType(object):
                 """
                 Check if requested repo is within given repo type aliases
                 TODO: anderson: not sure where to put this decorator
                 """
                 def __init__(self, *repo_type_list):
                     self.repo_type_list = set(repo_type_list)
                 def __call__(self, func):
                     return get_cython_compat_decorator(self.__wrapper, func)
                 def __wrapper(self, func, *fargs, **fkwargs):
                     import rhodecode.lib.helpers as h
                     cls = fargs[0]
                     rhodecode_repo = cls.rhodecode_repo
                     log.debug('%s checking repo type for %s in %s',
                               self.__class__.__name__,
                               rhodecode_repo.alias, self.repo_type_list)
                     if rhodecode_repo.alias in self.repo_type_list:
                         return func(*fargs, **fkwargs)
                     else:
                         h.flash(h.literal(
                             _('Action not supported for %s.' % rhodecode_repo.alias)),
                             category='warning')
                         return redirect(
                             url('summary_home', repo_name=cls.rhodecode_db_repo.repo_name))
             class PermsDecorator(object):
                 """
                 Base class for controller decorators, we extract the current user from
                 the class itself, which has it stored in base controllers
                 """
                 def __init__(self, *required_perms):
                     self.required_perms = set(required_perms)
                 def __call__(self, func):
                     return get_cython_compat_decorator(self.__wrapper, func)
                 def _get_request(self):
                     from pyramid.threadlocal import get_current_request
                     pyramid_request = get_current_request()
                     if not pyramid_request:
                         # return global request of pylons in case pyramid isn't available
                         return request
                     return pyramid_request
                 def _get_came_from(self):
                     _request = self._get_request()
                     # both pylons/pyramid has this attribute
                     return _request.path_qs
                 def __wrapper(self, func, *fargs, **fkwargs):
                     import rhodecode.lib.helpers as h
                     cls = fargs[0]
                     _user = cls._rhodecode_user
                     log.debug('checking %s permissions %s for %s %s',
                               self.__class__.__name__, self.required_perms, cls, _user)
                     if self.check_permissions(_user):
                         log.debug('Permission granted for %s %s', cls, _user)
                         return func(*fargs, **fkwargs)
                     else:
                         log.debug('Permission denied for %s %s', cls, _user)
                         anonymous = _user.username == User.DEFAULT_USER
                         if anonymous:
                             came_from = self._get_came_from()
                             h.flash(_('You need to be signed in to view this page'),
-                                           category='warning')
+                                    category='warning')
                             raise HTTPFound(
                                 h.route_path('login', _query={'came_from': came_from}))
                         else:
                             # redirect with forbidden ret code
                             raise HTTPForbidden()
                 def check_permissions(self, user):
                     """Dummy function for overriding"""
                     raise NotImplementedError(
                         'You have to write this function in child class')
             class HasPermissionAllDecorator(PermsDecorator):
                 """
                 Checks for access permission for all given predicates. All of them
                 have to be meet in order to fulfill the request
                 """
                 def check_permissions(self, user):
                     perms = user.permissions_with_scope({})
                     if self.required_perms.issubset(perms['global']):
                         return True
                     return False
             class HasPermissionAnyDecorator(PermsDecorator):
                 """
                 Checks for access permission for any of given predicates. In order to
                 fulfill the request any of predicates must be meet
                 """
                 def check_permissions(self, user):
                     perms = user.permissions_with_scope({})
                     if self.required_perms.intersection(perms['global']):
                         return True
                     return False
             class HasRepoPermissionAllDecorator(PermsDecorator):
                 """
                 Checks for access permission for all given predicates for specific
                 repository. All of them have to be meet in order to fulfill the request
                 """
                 def _get_repo_name(self):
                     _request = self._get_request()
                     return get_repo_slug(_request)
                 def check_permissions(self, user):
                     perms = user.permissions
                     repo_name = self._get_repo_name()
                     try:
                         user_perms = set([perms['repositories'][repo_name]])
                     except KeyError:
+                        log.debug('cannot locate repo with name: `%s` in permissions defs',
+                                  repo_name)
                         return False
+                    log.debug('checking `%s` permissions for repo `%s`',
+                              user_perms, repo_name)
                     if self.required_perms.issubset(user_perms):
                         return True
                     return False
             class HasRepoPermissionAnyDecorator(PermsDecorator):
                 """
                 Checks for access permission for any of given predicates for specific
                 repository. In order to fulfill the request any of predicates must be meet
                 """
                 def _get_repo_name(self):
                     _request = self._get_request()
                     return get_repo_slug(_request)
                 def check_permissions(self, user):
                     perms = user.permissions
                     repo_name = self._get_repo_name()
                     try:
                         user_perms = set([perms['repositories'][repo_name]])
                     except KeyError:
+                        log.debug('cannot locate repo with name: `%s` in permissions defs',
+                                  repo_name)
                         return False
+                    log.debug('checking `%s` permissions for repo `%s`',
+                              user_perms, repo_name)
                     if self.required_perms.intersection(user_perms):
                         return True
                     return False
             class HasRepoGroupPermissionAllDecorator(PermsDecorator):
                 """
                 Checks for access permission for all given predicates for specific
                 repository group. All of them have to be meet in order to
                 fulfill the request
                 """
                 def _get_repo_group_name(self):
                     _request = self._get_request()
                     return get_repo_group_slug(_request)
                 def check_permissions(self, user):
                     perms = user.permissions
                     group_name = self._get_repo_group_name()
                     try:
                         user_perms = set([perms['repositories_groups'][group_name]])
                     except KeyError:
+                        log.debug('cannot locate repo group with name: `%s` in permissions defs',
+                                  group_name)
                         return False
+                    log.debug('checking `%s` permissions for repo group `%s`',
+                              user_perms, group_name)
                     if self.required_perms.issubset(user_perms):
                         return True
                     return False
             class HasRepoGroupPermissionAnyDecorator(PermsDecorator):
                 """
                 Checks for access permission for any of given predicates for specific
                 repository group. In order to fulfill the request any
                 of predicates must be met
                 """
                 def _get_repo_group_name(self):
                     _request = self._get_request()
                     return get_repo_group_slug(_request)
                 def check_permissions(self, user):
                     perms = user.permissions
                     group_name = self._get_repo_group_name()
                     try:
                         user_perms = set([perms['repositories_groups'][group_name]])
                     except KeyError:
+                        log.debug('cannot locate repo group with name: `%s` in permissions defs',
+                                  group_name)
                         return False
+                    log.debug('checking `%s` permissions for repo group `%s`',
+                              user_perms, group_name)
                     if self.required_perms.intersection(user_perms):
                         return True
                     return False
             class HasUserGroupPermissionAllDecorator(PermsDecorator):
                 """
                 Checks for access permission for all given predicates for specific
                 user group. All of them have to be meet in order to fulfill the request
                 """
                 def _get_user_group_name(self):
                     _request = self._get_request()
                     return get_user_group_slug(_request)
                 def check_permissions(self, user):
                     perms = user.permissions
                     group_name = self._get_user_group_name()
                     try:
                         user_perms = set([perms['user_groups'][group_name]])
                     except KeyError:
                         return False
                     if self.required_perms.issubset(user_perms):
                         return True
                     return False
             class HasUserGroupPermissionAnyDecorator(PermsDecorator):
                 """
                 Checks for access permission for any of given predicates for specific
                 user group. In order to fulfill the request any of predicates must be meet
                 """
                 def _get_user_group_name(self):
                     _request = self._get_request()
                     return get_user_group_slug(_request)
                 def check_permissions(self, user):
                     perms = user.permissions
                     group_name = self._get_user_group_name()
                     try:
                         user_perms = set([perms['user_groups'][group_name]])
                     except KeyError:
                         return False
                     if self.required_perms.intersection(user_perms):
                         return True
                     return False
             # CHECK FUNCTIONS
             class PermsFunction(object):
                 """Base function for other check functions"""
                 def __init__(self, *perms):
                     self.required_perms = set(perms)
                     self.repo_name = None
                     self.repo_group_name = None
                     self.user_group_name = None
                 def __bool__(self):
                     frame = inspect.currentframe()
                     stack_trace = traceback.format_stack(frame)
                     log.error('Checking bool value on a class instance of perm '
                               'function is not allowed: %s' % ''.join(stack_trace))
                     # rather than throwing errors, here we always return False so if by
                     # accident someone checks truth for just an instance it will always end
                     # up in returning False
                     return False
                 __nonzero__ = __bool__
                 def __call__(self, check_location='', user=None):
                     if not user:
                         log.debug('Using user attribute from global request')
                         # TODO: remove this someday,put as user as attribute here
                         user = request.user
                     # init auth user if not already given
                     if not isinstance(user, AuthUser):
                         log.debug('Wrapping user %s into AuthUser', user)
                         user = AuthUser(user.user_id)
                     cls_name = self.__class__.__name__
                     check_scope = self._get_check_scope(cls_name)
                     check_location = check_location or 'unspecified location'
                     log.debug('checking cls:%s %s usr:%s %s @ %s', cls_name,
                               self.required_perms, user, check_scope, check_location)
                     if not user:
                         log.warning('Empty user given for permission check')
                         return False
                     if self.check_permissions(user):
                         log.debug('Permission to repo:`%s` GRANTED for user:`%s` @ %s',
                                   check_scope, user, check_location)
                         return True
                     else:
                         log.debug('Permission to repo:`%s` DENIED for user:`%s` @ %s',
                                   check_scope, user, check_location)
                         return False
                 def _get_request(self):
                     from pyramid.threadlocal import get_current_request
                     pyramid_request = get_current_request()
                     if not pyramid_request:
                         # return global request of pylons incase pyramid one isn't available
                         return request
                     return pyramid_request
                 def _get_check_scope(self, cls_name):
                     return {
                         'HasPermissionAll':          'GLOBAL',
                         'HasPermissionAny':          'GLOBAL',
                         'HasRepoPermissionAll':      'repo:%s' % self.repo_name,
                         'HasRepoPermissionAny':      'repo:%s' % self.repo_name,
                         'HasRepoGroupPermissionAll': 'repo_group:%s' % self.repo_group_name,
                         'HasRepoGroupPermissionAny': 'repo_group:%s' % self.repo_group_name,
                         'HasUserGroupPermissionAll': 'user_group:%s' % self.user_group_name,
                         'HasUserGroupPermissionAny': 'user_group:%s' % self.user_group_name,
                     }.get(cls_name, '?:%s' % cls_name)
                 def check_permissions(self, user):
                     """Dummy function for overriding"""
                     raise Exception('You have to write this function in child class')
             class HasPermissionAll(PermsFunction):
                 def check_permissions(self, user):
                     perms = user.permissions_with_scope({})
                     if self.required_perms.issubset(perms.get('global')):
                         return True
                     return False
             class HasPermissionAny(PermsFunction):
                 def check_permissions(self, user):
                     perms = user.permissions_with_scope({})
                     if self.required_perms.intersection(perms.get('global')):
                         return True
                     return False
             class HasRepoPermissionAll(PermsFunction):
                 def __call__(self, repo_name=None, check_location='', user=None):
                     self.repo_name = repo_name
                     return super(HasRepoPermissionAll, self).__call__(check_location, user)
                 def _get_repo_name(self):
                     if not self.repo_name:
                         _request = self._get_request()
                         self.repo_name = get_repo_slug(_request)
                     return self.repo_name
                 def check_permissions(self, user):
                     self.repo_name = self._get_repo_name()
                     perms = user.permissions
                     try:
                         user_perms = set([perms['repositories'][self.repo_name]])
                     except KeyError:
                         return False
                     if self.required_perms.issubset(user_perms):
                         return True
                     return False
             class HasRepoPermissionAny(PermsFunction):
                 def __call__(self, repo_name=None, check_location='', user=None):
                     self.repo_name = repo_name
                     return super(HasRepoPermissionAny, self).__call__(check_location, user)
                 def _get_repo_name(self):
                     if not self.repo_name:
                         self.repo_name = get_repo_slug(request)
                     return self.repo_name
                 def check_permissions(self, user):
                     self.repo_name = self._get_repo_name()
                     perms = user.permissions
                     try:
                         user_perms = set([perms['repositories'][self.repo_name]])
                     except KeyError:
                         return False
                     if self.required_perms.intersection(user_perms):
                         return True
                     return False
             class HasRepoGroupPermissionAny(PermsFunction):
                 def __call__(self, group_name=None, check_location='', user=None):
                     self.repo_group_name = group_name
                     return super(HasRepoGroupPermissionAny, self).__call__(
                         check_location, user)
                 def check_permissions(self, user):
                     perms = user.permissions
                     try:
                         user_perms = set(
                             [perms['repositories_groups'][self.repo_group_name]])
                     except KeyError:
                         return False
                     if self.required_perms.intersection(user_perms):
                         return True
                     return False
             class HasRepoGroupPermissionAll(PermsFunction):
                 def __call__(self, group_name=None, check_location='', user=None):
                     self.repo_group_name = group_name
                     return super(HasRepoGroupPermissionAll, self).__call__(
                         check_location, user)
                 def check_permissions(self, user):
                     perms = user.permissions
                     try:
                         user_perms = set(
                             [perms['repositories_groups'][self.repo_group_name]])
                     except KeyError:
                         return False
                     if self.required_perms.issubset(user_perms):
                         return True
                     return False
             class HasUserGroupPermissionAny(PermsFunction):
                 def __call__(self, user_group_name=None, check_location='', user=None):
                     self.user_group_name = user_group_name
                     return super(HasUserGroupPermissionAny, self).__call__(
                         check_location, user)
                 def check_permissions(self, user):
                     perms = user.permissions
                     try:
                         user_perms = set([perms['user_groups'][self.user_group_name]])
                     except KeyError:
                         return False
                     if self.required_perms.intersection(user_perms):
                         return True
                     return False
             class HasUserGroupPermissionAll(PermsFunction):
                 def __call__(self, user_group_name=None, check_location='', user=None):
                     self.user_group_name = user_group_name
                     return super(HasUserGroupPermissionAll, self).__call__(
                         check_location, user)
                 def check_permissions(self, user):
                     perms = user.permissions
                     try:
                         user_perms = set([perms['user_groups'][self.user_group_name]])
                     except KeyError:
                         return False
                     if self.required_perms.issubset(user_perms):
                         return True
                     return False
             # SPECIAL VERSION TO HANDLE MIDDLEWARE AUTH
             class HasPermissionAnyMiddleware(object):
                 def __init__(self, *perms):
                     self.required_perms = set(perms)
                 def __call__(self, user, repo_name):
                     # repo_name MUST be unicode, since we handle keys in permission
                     # dict by unicode
                     repo_name = safe_unicode(repo_name)
                     user = AuthUser(user.user_id)
                     log.debug(
                         'Checking VCS protocol permissions %s for user:%s repo:`%s`',
                         self.required_perms, user, repo_name)
                     if self.check_permissions(user, repo_name):
                         log.debug('Permission to repo:`%s` GRANTED for user:%s @ %s',
                                   repo_name, user, 'PermissionMiddleware')
                         return True
                     else:
                         log.debug('Permission to repo:`%s` DENIED for user:%s @ %s',
                                   repo_name, user, 'PermissionMiddleware')
                         return False
                 def check_permissions(self, user, repo_name):
                     perms = user.permissions_with_scope({'repo_name': repo_name})
                     try:
                         user_perms = set([perms['repositories'][repo_name]])
                     except Exception:
                         log.exception('Error while accessing user permissions')
                         return False
                     if self.required_perms.intersection(user_perms):
                         return True
                     return False
             # SPECIAL VERSION TO HANDLE API AUTH
             class _BaseApiPerm(object):
                 def __init__(self, *perms):
                     self.required_perms = set(perms)
                 def __call__(self, check_location=None, user=None, repo_name=None,
                              group_name=None, user_group_name=None):
                     cls_name = self.__class__.__name__
                     check_scope = 'global:%s' % (self.required_perms,)
                     if repo_name:
                         check_scope += ', repo_name:%s' % (repo_name,)
                     if group_name:
                         check_scope += ', repo_group_name:%s' % (group_name,)
                     if user_group_name:
                         check_scope += ', user_group_name:%s' % (user_group_name,)
                     log.debug(
                         'checking cls:%s %s %s @ %s'
                         % (cls_name, self.required_perms, check_scope, check_location))
                     if not user:
                         log.debug('Empty User passed into arguments')
                         return False
                     # process user
                     if not isinstance(user, AuthUser):
                         user = AuthUser(user.user_id)
                     if not check_location:
                         check_location = 'unspecified'
                     if self.check_permissions(user.permissions, repo_name, group_name,
                                               user_group_name):
                         log.debug('Permission to repo:`%s` GRANTED for user:`%s` @ %s',
                                   check_scope, user, check_location)
                         return True
                     else:
                         log.debug('Permission to repo:`%s` DENIED for user:`%s` @ %s',
                                   check_scope, user, check_location)
                         return False
                 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
                                       user_group_name=None):
                     """
                     implement in child class should return True if permissions are ok,
                     False otherwise
                     :param perm_defs: dict with permission definitions
                     :param repo_name: repo name
                     """
                     raise NotImplementedError()
             class HasPermissionAllApi(_BaseApiPerm):
                 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
                                       user_group_name=None):
                     if self.required_perms.issubset(perm_defs.get('global')):
                         return True
                     return False
             class HasPermissionAnyApi(_BaseApiPerm):
                 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
                                       user_group_name=None):
                     if self.required_perms.intersection(perm_defs.get('global')):
                         return True
                     return False
             class HasRepoPermissionAllApi(_BaseApiPerm):
                 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
                                       user_group_name=None):
                     try:
                         _user_perms = set([perm_defs['repositories'][repo_name]])
                     except KeyError:
                         log.warning(traceback.format_exc())
                         return False
                     if self.required_perms.issubset(_user_perms):
                         return True
                     return False
             class HasRepoPermissionAnyApi(_BaseApiPerm):
                 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
                                       user_group_name=None):
                     try:
                         _user_perms = set([perm_defs['repositories'][repo_name]])
                     except KeyError:
                         log.warning(traceback.format_exc())
                         return False
                     if self.required_perms.intersection(_user_perms):
                         return True
                     return False
             class HasRepoGroupPermissionAnyApi(_BaseApiPerm):
                 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
                                       user_group_name=None):
                     try:
                         _user_perms = set([perm_defs['repositories_groups'][group_name]])
                     except KeyError:
                         log.warning(traceback.format_exc())
                         return False
                     if self.required_perms.intersection(_user_perms):
                         return True
                     return False
             class HasRepoGroupPermissionAllApi(_BaseApiPerm):
                 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
                                       user_group_name=None):
                     try:
                         _user_perms = set([perm_defs['repositories_groups'][group_name]])
                     except KeyError:
                         log.warning(traceback.format_exc())
                         return False
                     if self.required_perms.issubset(_user_perms):
                         return True
                     return False
             class HasUserGroupPermissionAnyApi(_BaseApiPerm):
                 def check_permissions(self, perm_defs, repo_name=None, group_name=None,
                                       user_group_name=None):
                     try:
                         _user_perms = set([perm_defs['user_groups'][user_group_name]])
                     except KeyError:
                         log.warning(traceback.format_exc())
                         return False
                     if self.required_perms.intersection(_user_perms):
                         return True
                     return False
             def check_ip_access(source_ip, allowed_ips=None):
                 """
                 Checks if source_ip is a subnet of any of allowed_ips.
                 :param source_ip:
                 :param allowed_ips: list of allowed ips together with mask
                 """
                 log.debug('checking if ip:%s is subnet of %s' % (source_ip, allowed_ips))
                 source_ip_address = ipaddress.ip_address(source_ip)
                 if isinstance(allowed_ips, (tuple, list, set)):
                     for ip in allowed_ips:
                         try:
                             network_address = ipaddress.ip_network(ip, strict=False)
                             if source_ip_address in network_address:
                                 log.debug('IP %s is network %s' %
                                           (source_ip_address, network_address))
                                 return True
                             # for any case we cannot determine the IP, don't crash just
                             # skip it and log as error, we want to say forbidden still when
                             # sending bad IP
                         except Exception:
                             log.error(traceback.format_exc())
                             continue
                 return False
             def get_cython_compat_decorator(wrapper, func):
                 """
                 Creates a cython compatible decorator. The previously used
                 decorator.decorator() function seems to be incompatible with cython.
                 :param wrapper: __wrapper method of the decorator class
                 :param func: decorated function
                 """
                 @wraps(func)
                 def local_wrapper(*args, **kwds):
                     return wrapper(func, *args, **kwds)
                 local_wrapper.__wrapped__ = func
                 return local_wrapper

rhodecode/lib/base.py

0 +1 -1

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             The base Controller API
             Provides the BaseController class for subclassing. And usage in different
             controllers
             """
             import logging
             import socket
             import ipaddress
             import pyramid.threadlocal
             from paste.auth.basic import AuthBasicAuthenticator
             from paste.httpexceptions import HTTPUnauthorized, HTTPForbidden, get_exception
             from paste.httpheaders import WWW_AUTHENTICATE, AUTHORIZATION
             from pylons import config, tmpl_context as c, request, session, url
             from pylons.controllers import WSGIController
             from pylons.controllers.util import redirect
             from pylons.i18n import translation
             # marcink: don't remove this import
             from pylons.templating import render_mako as render  # noqa
             from pylons.i18n.translation import _
             from webob.exc import HTTPFound
             import rhodecode
             from rhodecode.authentication.base import VCS_TYPE
             from rhodecode.lib import auth, utils2
             from rhodecode.lib import helpers as h
             from rhodecode.lib.auth import AuthUser, CookieStoreWrapper
             from rhodecode.lib.exceptions import UserCreationError
             from rhodecode.lib.utils import (
                 get_repo_slug, set_rhodecode_config, password_changed,
                 get_enabled_hook_classes)
             from rhodecode.lib.utils2 import (
                 str2bool, safe_unicode, AttributeDict, safe_int, md5, aslist)
             from rhodecode.lib.vcs.exceptions import RepositoryRequirementError
             from rhodecode.model import meta
             from rhodecode.model.db import Repository, User, ChangesetComment
             from rhodecode.model.notification import NotificationModel
             from rhodecode.model.scm import ScmModel
             from rhodecode.model.settings import VcsSettingsModel, SettingsModel
             log = logging.getLogger(__name__)
             def _filter_proxy(ip):
                 """
                 Passed in IP addresses in HEADERS can be in a special format of multiple
                 ips. Those comma separated IPs are passed from various proxies in the
                 chain of request processing. The left-most being the original client.
                 We only care about the first IP which came from the org. client.
                 :param ip: ip string from headers
                 """
                 if ',' in ip:
                     _ips = ip.split(',')
                     _first_ip = _ips[0].strip()
                     log.debug('Got multiple IPs %s, using %s', ','.join(_ips), _first_ip)
                     return _first_ip
                 return ip
             def _filter_port(ip):
                 """
                 Removes a port from ip, there are 4 main cases to handle here.
                 - ipv4 eg. 127.0.0.1
                 - ipv6 eg. ::1
                 - ipv4+port eg. 127.0.0.1:8080
                 - ipv6+port eg. [::1]:8080
                 :param ip:
                 """
                 def is_ipv6(ip_addr):
                     if hasattr(socket, 'inet_pton'):
                         try:
                             socket.inet_pton(socket.AF_INET6, ip_addr)
                         except socket.error:
                             return False
                     else:
                         # fallback to ipaddress
                         try:
                             ipaddress.IPv6Address(ip_addr)
                         except Exception:
                             return False
                     return True
                 if ':' not in ip:  # must be ipv4 pure ip
                     return ip
                 if '[' in ip and ']' in ip:  # ipv6 with port
                     return ip.split(']')[0][1:].lower()
                 # must be ipv6 or ipv4 with port
                 if is_ipv6(ip):
                     return ip
                 else:
                     ip, _port = ip.split(':')[:2]  # means ipv4+port
                     return ip
             def get_ip_addr(environ):
                 proxy_key = 'HTTP_X_REAL_IP'
                 proxy_key2 = 'HTTP_X_FORWARDED_FOR'
                 def_key = 'REMOTE_ADDR'
                 _filters = lambda x: _filter_port(_filter_proxy(x))
                 ip = environ.get(proxy_key)
                 if ip:
                     return _filters(ip)
                 ip = environ.get(proxy_key2)
                 if ip:
                     return _filters(ip)
                 ip = environ.get(def_key, '0.0.0.0')
                 return _filters(ip)
             def get_server_ip_addr(environ, log_errors=True):
                 hostname = environ.get('SERVER_NAME')
                 try:
                     return socket.gethostbyname(hostname)
                 except Exception as e:
                     if log_errors:
                         # in some cases this lookup is not possible, and we don't want to
                         # make it an exception in logs
                         log.exception('Could not retrieve server ip address: %s', e)
                     return hostname
             def get_server_port(environ):
                 return environ.get('SERVER_PORT')
             def get_access_path(environ):
                 path = environ.get('PATH_INFO')
                 org_req = environ.get('pylons.original_request')
                 if org_req:
                     path = org_req.environ.get('PATH_INFO')
                 return path
             def get_user_agent(environ):
                 return environ.get('HTTP_USER_AGENT')
             def vcs_operation_context(
                     environ, repo_name, username, action, scm, check_locking=True,
                     is_shadow_repo=False):
                 """
                 Generate the context for a vcs operation, e.g. push or pull.
                 This context is passed over the layers so that hooks triggered by the
                 vcs operation know details like the user, the user's IP address etc.
                 :param check_locking: Allows to switch of the computation of the locking
                     data. This serves mainly the need of the simplevcs middleware to be
                     able to disable this for certain operations.
                 """
                 # Tri-state value: False: unlock, None: nothing, True: lock
                 make_lock = None
                 locked_by = [None, None, None]
                 is_anonymous = username == User.DEFAULT_USER
                 if not is_anonymous and check_locking:
                     log.debug('Checking locking on repository "%s"', repo_name)
                     user = User.get_by_username(username)
                     repo = Repository.get_by_repo_name(repo_name)
                     make_lock, __, locked_by = repo.get_locking_state(
                         action, user.user_id)
                 settings_model = VcsSettingsModel(repo=repo_name)
                 ui_settings = settings_model.get_ui_settings()
                 extras = {
                     'ip': get_ip_addr(environ),
                     'username': username,
                     'action': action,
                     'repository': repo_name,
                     'scm': scm,
                     'config': rhodecode.CONFIG['__file__'],
                     'make_lock': make_lock,
                     'locked_by': locked_by,
                     'server_url': utils2.get_server_url(environ),
                     'user_agent': get_user_agent(environ),
                     'hooks': get_enabled_hook_classes(ui_settings),
                     'is_shadow_repo': is_shadow_repo,
                 }
                 return extras
             class BasicAuth(AuthBasicAuthenticator):
                 def __init__(self, realm, authfunc, registry, auth_http_code=None,
                              initial_call_detection=False, acl_repo_name=None):
                     self.realm = realm
                     self.initial_call = initial_call_detection
                     self.authfunc = authfunc
                     self.registry = registry
                     self.acl_repo_name = acl_repo_name
                     self._rc_auth_http_code = auth_http_code
                 def _get_response_from_code(self, http_code):
                     try:
                         return get_exception(safe_int(http_code))
                     except Exception:
                         log.exception('Failed to fetch response for code %s' % http_code)
                         return HTTPForbidden
                 def build_authentication(self):
                     head = WWW_AUTHENTICATE.tuples('Basic realm="%s"' % self.realm)
                     if self._rc_auth_http_code and not self.initial_call:
                         # return alternative HTTP code if alternative http return code
                         # is specified in RhodeCode config, but ONLY if it's not the
                         # FIRST call
                         custom_response_klass = self._get_response_from_code(
                             self._rc_auth_http_code)
                         return custom_response_klass(headers=head)
                     return HTTPUnauthorized(headers=head)
                 def authenticate(self, environ):
                     authorization = AUTHORIZATION(environ)
                     if not authorization:
                         return self.build_authentication()
                     (authmeth, auth) = authorization.split(' ', 1)
                     if 'basic' != authmeth.lower():
                         return self.build_authentication()
                     auth = auth.strip().decode('base64')
                     _parts = auth.split(':', 1)
                     if len(_parts) == 2:
                         username, password = _parts
                         if self.authfunc(
                                 username, password, environ, VCS_TYPE,
                                 registry=self.registry, acl_repo_name=self.acl_repo_name):
                             return username
                         if username and password:
                             # we mark that we actually executed authentication once, at
                             # that point we can use the alternative auth code
                             self.initial_call = False
                     return self.build_authentication()
                 __call__ = authenticate
             def attach_context_attributes(context, request):
                 """
                 Attach variables into template context called `c`, please note that
                 request could be pylons or pyramid request in here.
                 """
                 rc_config = SettingsModel().get_all_settings(cache=True)
                 context.rhodecode_version = rhodecode.__version__
                 context.rhodecode_edition = config.get('rhodecode.edition')
                 # unique secret + version does not leak the version but keep consistency
                 context.rhodecode_version_hash = md5(
                     config.get('beaker.session.secret', '') +
                     rhodecode.__version__)[:8]
                 # Default language set for the incoming request
                 context.language = translation.get_lang()[0]
                 # Visual options
                 context.visual = AttributeDict({})
                 # DB stored Visual Items
                 context.visual.show_public_icon = str2bool(
                     rc_config.get('rhodecode_show_public_icon'))
                 context.visual.show_private_icon = str2bool(
                     rc_config.get('rhodecode_show_private_icon'))
                 context.visual.stylify_metatags = str2bool(
                     rc_config.get('rhodecode_stylify_metatags'))
                 context.visual.dashboard_items = safe_int(
                     rc_config.get('rhodecode_dashboard_items', 100))
                 context.visual.admin_grid_items = safe_int(
                     rc_config.get('rhodecode_admin_grid_items', 100))
                 context.visual.repository_fields = str2bool(
                     rc_config.get('rhodecode_repository_fields'))
                 context.visual.show_version = str2bool(
                     rc_config.get('rhodecode_show_version'))
                 context.visual.use_gravatar = str2bool(
                     rc_config.get('rhodecode_use_gravatar'))
                 context.visual.gravatar_url = rc_config.get('rhodecode_gravatar_url')
                 context.visual.default_renderer = rc_config.get(
                     'rhodecode_markup_renderer', 'rst')
                 context.visual.comment_types = ChangesetComment.COMMENT_TYPES
                 context.visual.rhodecode_support_url = \
                     rc_config.get('rhodecode_support_url') or h.route_url('rhodecode_support')
                 context.pre_code = rc_config.get('rhodecode_pre_code')
                 context.post_code = rc_config.get('rhodecode_post_code')
                 context.rhodecode_name = rc_config.get('rhodecode_title')
                 context.default_encodings = aslist(config.get('default_encoding'), sep=',')
                 # if we have specified default_encoding in the request, it has more
                 # priority
                 if request.GET.get('default_encoding'):
                     context.default_encodings.insert(0, request.GET.get('default_encoding'))
                 context.clone_uri_tmpl = rc_config.get('rhodecode_clone_uri_tmpl')
                 # INI stored
                 context.labs_active = str2bool(
                     config.get('labs_settings_active', 'false'))
                 context.visual.allow_repo_location_change = str2bool(
                     config.get('allow_repo_location_change', True))
                 context.visual.allow_custom_hooks_settings = str2bool(
                     config.get('allow_custom_hooks_settings', True))
                 context.debug_style = str2bool(config.get('debug_style', False))
                 context.rhodecode_instanceid = config.get('instance_id')
                 # AppEnlight
                 context.appenlight_enabled = str2bool(config.get('appenlight', 'false'))
                 context.appenlight_api_public_key = config.get(
                     'appenlight.api_public_key', '')
                 context.appenlight_server_url = config.get('appenlight.server_url', '')
                 # JS template context
                 context.template_context = {
                     'repo_name': None,
                     'repo_type': None,
                     'repo_landing_commit': None,
                     'rhodecode_user': {
                         'username': None,
                         'email': None,
                         'notification_status': False
                     },
                     'visual': {
                         'default_renderer': None
                     },
                     'commit_data': {
                         'commit_id': None
                     },
                     'pull_request_data': {'pull_request_id': None},
                     'timeago': {
                         'refresh_time': 120 * 1000,
                         'cutoff_limit': 1000 * 60 * 60 * 24 * 7
                     },
                     'pylons_dispatch': {
                         # 'controller': request.environ['pylons.routes_dict']['controller'],
                         # 'action': request.environ['pylons.routes_dict']['action'],
                     },
                     'pyramid_dispatch': {
                     },
                     'extra': {'plugins': {}}
                 }
                 # END CONFIG VARS
                 # TODO: This dosn't work when called from pylons compatibility tween.
                 # Fix this and remove it from base controller.
                 # context.repo_name = get_repo_slug(request)  # can be empty
                 diffmode = 'sideside'
                 if request.GET.get('diffmode'):
                     if request.GET['diffmode'] == 'unified':
                         diffmode = 'unified'
                 elif request.session.get('diffmode'):
                     diffmode = request.session['diffmode']
                 context.diffmode = diffmode
                 if request.session.get('diffmode') != diffmode:
                     request.session['diffmode'] = diffmode
                 context.csrf_token = auth.get_csrf_token()
                 context.backends = rhodecode.BACKENDS.keys()
                 context.backends.sort()
                 context.unread_notifications = NotificationModel().get_unread_cnt_for_user(
                     context.rhodecode_user.user_id)
                 context.pyramid_request = pyramid.threadlocal.get_current_request()
             def get_auth_user(environ):
                 ip_addr = get_ip_addr(environ)
                 # make sure that we update permissions each time we call controller
                 _auth_token = (request.GET.get('auth_token', '') or
                                request.GET.get('api_key', ''))
                 if _auth_token:
                     # when using API_KEY we assume user exists, and
                     # doesn't need auth based on cookies.
                     auth_user = AuthUser(api_key=_auth_token, ip_addr=ip_addr)
                     authenticated = False
                 else:
                     cookie_store = CookieStoreWrapper(session.get('rhodecode_user'))
                     try:
                         auth_user = AuthUser(user_id=cookie_store.get('user_id', None),
                                              ip_addr=ip_addr)
                     except UserCreationError as e:
                         h.flash(e, 'error')
                         # container auth or other auth functions that create users
                         # on the fly can throw this exception signaling that there's
                         # issue with user creation, explanation should be provided
                         # in Exception itself. We then create a simple blank
                         # AuthUser
                         auth_user = AuthUser(ip_addr=ip_addr)
                     if password_changed(auth_user, session):
                         session.invalidate()
                         cookie_store = CookieStoreWrapper(session.get('rhodecode_user'))
                         auth_user = AuthUser(ip_addr=ip_addr)
                     authenticated = cookie_store.get('is_authenticated')
                 if not auth_user.is_authenticated and auth_user.is_user_object:
                     # user is not authenticated and not empty
                     auth_user.set_authenticated(authenticated)
                 return auth_user
             class BaseController(WSGIController):
                 def __before__(self):
                     """
                     __before__ is called before controller methods and after __call__
                     """
                     # on each call propagate settings calls into global settings.
                     set_rhodecode_config(config)
                     attach_context_attributes(c, request)
                     # TODO: Remove this when fixed in attach_context_attributes()
                     c.repo_name = get_repo_slug(request)  # can be empty
                     self.cut_off_limit_diff = safe_int(config.get('cut_off_limit_diff'))
                     self.cut_off_limit_file = safe_int(config.get('cut_off_limit_file'))
                     self.sa = meta.Session
                     self.scm_model = ScmModel(self.sa)
                     # set user language
                     user_lang = getattr(c.pyramid_request, '_LOCALE_', None)
                     if user_lang:
                         translation.set_lang(user_lang)
                         log.debug('set language to %s for user %s',
                                   user_lang, self._rhodecode_user)
                 def _dispatch_redirect(self, with_url, environ, start_response):
                     resp = HTTPFound(with_url)
                     environ['SCRIPT_NAME'] = ''  # handle prefix middleware
                     environ['PATH_INFO'] = with_url
                     return resp(environ, start_response)
                 def __call__(self, environ, start_response):
                     """Invoke the Controller"""
                     # WSGIController.__call__ dispatches to the Controller method
                     # the request is routed to. This routing information is
                     # available in environ['pylons.routes_dict']
                     from rhodecode.lib import helpers as h
                     # Provide the Pylons context to Pyramid's debugtoolbar if it asks
                     if environ.get('debugtoolbar.wants_pylons_context', False):
                         environ['debugtoolbar.pylons_context'] = c._current_obj()
                     _route_name = '.'.join([environ['pylons.routes_dict']['controller'],
                                             environ['pylons.routes_dict']['action']])
                     self.rc_config = SettingsModel().get_all_settings(cache=True)
                     self.ip_addr = get_ip_addr(environ)
                     # The rhodecode auth user is looked up and passed through the
                     # environ by the pylons compatibility tween in pyramid.
                     # So we can just grab it from there.
                     auth_user = environ['rc_auth_user']
                     # set globals for auth user
                     request.user = auth_user
                     c.rhodecode_user = self._rhodecode_user = auth_user
                     log.info('IP: %s User: %s accessed %s [%s]' % (
                         self.ip_addr, auth_user, safe_unicode(get_access_path(environ)),
                         _route_name)
                     )
                     user_obj = auth_user.get_instance()
                     if user_obj and user_obj.user_data.get('force_password_change'):
                         h.flash('You are required to change your password', 'warning',
                                 ignore_duplicate=True)
                         return self._dispatch_redirect(
                             url('my_account_password'), environ, start_response)
                     return WSGIController.__call__(self, environ, start_response)
             class BaseRepoController(BaseController):
                 """
                 Base class for controllers responsible for loading all needed data for
                 repository loaded items are
                 c.rhodecode_repo: instance of scm repository
                 c.rhodecode_db_repo: instance of db
                 c.repository_requirements_missing: shows that repository specific data
                     could not be displayed due to the missing requirements
                 c.repository_pull_requests: show number of open pull requests
                 """
                 def __before__(self):
                     super(BaseRepoController, self).__before__()
                     if c.repo_name:  # extracted from routes
                         db_repo = Repository.get_by_repo_name(c.repo_name)
                         if not db_repo:
                             return
                         log.debug(
                             'Found repository in database %s with state `%s`',
                             safe_unicode(db_repo), safe_unicode(db_repo.repo_state))
                         route = getattr(request.environ.get('routes.route'), 'name', '')
                         # allow to delete repos that are somehow damages in filesystem
                         if route in ['delete_repo']:
                             return
                         if db_repo.repo_state in [Repository.STATE_PENDING]:
                             if route in ['repo_creating_home']:
                                 return
                             check_url = url('repo_creating_home', repo_name=c.repo_name)
                             return redirect(check_url)
                         self.rhodecode_db_repo = db_repo
                         missing_requirements = False
                         try:
                             self.rhodecode_repo = self.rhodecode_db_repo.scm_instance()
                         except RepositoryRequirementError as e:
                             missing_requirements = True
                             self._handle_missing_requirements(e)
                         if self.rhodecode_repo is None and not missing_requirements:
                             log.error('%s this repository is present in database but it '
                                       'cannot be created as an scm instance', c.repo_name)
                             h.flash(_(
                                 "The repository at %(repo_name)s cannot be located.") %
                                 {'repo_name': c.repo_name},
                                 category='error', ignore_duplicate=True)
-                            redirect(url('home'))
+                            redirect(h.route_path('home'))
                         # update last change according to VCS data
                         if not missing_requirements:
                             commit = db_repo.get_commit(
                                 pre_load=["author", "date", "message", "parents"])
                             db_repo.update_commit_cache(commit)
                         # Prepare context
                         c.rhodecode_db_repo = db_repo
                         c.rhodecode_repo = self.rhodecode_repo
                         c.repository_requirements_missing = missing_requirements
                         self._update_global_counters(self.scm_model, db_repo)
                 def _update_global_counters(self, scm_model, db_repo):
                     """
                     Base variables that are exposed to every page of repository
                     """
                     c.repository_pull_requests = scm_model.get_pull_requests(db_repo)
                 def _handle_missing_requirements(self, error):
                     self.rhodecode_repo = None
                     log.error(
                         'Requirements are missing for repository %s: %s',
                         c.repo_name, error.message)
                     summary_url = url('summary_home', repo_name=c.repo_name)
                     statistics_url = url('edit_repo_statistics', repo_name=c.repo_name)
                     settings_update_url = url('repo', repo_name=c.repo_name)
                     path = request.path
                     should_redirect = (
                         path not in (summary_url, settings_update_url)
                         and '/settings' not in path or path == statistics_url
                     )
                     if should_redirect:
                         redirect(summary_url)

rhodecode/lib/helpers.py

0 +5 -5

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             Helper functions
             Consists of functions to typically be used within templates, but also
             available to Controllers. This module is available to both as 'h'.
             """
             import random
             import hashlib
             import StringIO
             import urllib
             import math
             import logging
             import re
             import urlparse
             import time
             import string
             import hashlib
             from collections import OrderedDict
             import pygments
             import itertools
             import fnmatch
             from datetime import datetime
             from functools import partial
             from pygments.formatters.html import HtmlFormatter
             from pygments import highlight as code_highlight
             from pygments.lexers import (
                 get_lexer_by_name, get_lexer_for_filename, get_lexer_for_mimetype)
             from pylons import url as pylons_url
             from pylons.i18n.translation import _, ungettext
             from pyramid.threadlocal import get_current_request
             from webhelpers.html import literal, HTML, escape
             from webhelpers.html.tools import *
             from webhelpers.html.builder import make_tag
             from webhelpers.html.tags import auto_discovery_link, checkbox, css_classes, \
                 end_form, file, form as wh_form, hidden, image, javascript_link, link_to, \
                 link_to_if, link_to_unless, ol, required_legend, select, stylesheet_link, \
                 submit, text, password, textarea, title, ul, xml_declaration, radio
             from webhelpers.html.tools import auto_link, button_to, highlight, \
                 js_obfuscate, mail_to, strip_links, strip_tags, tag_re
             from webhelpers.pylonslib import Flash as _Flash
             from webhelpers.text import chop_at, collapse, convert_accented_entities, \
                 convert_misc_entities, lchop, plural, rchop, remove_formatting, \
                 replace_whitespace, urlify, truncate, wrap_paragraphs
             from webhelpers.date import time_ago_in_words
             from webhelpers.paginate import Page as _Page
             from webhelpers.html.tags import _set_input_attrs, _set_id_attr, \
                 convert_boolean_attrs, NotGiven, _make_safe_id_component
             from webhelpers2.number import format_byte_size
             from rhodecode.lib.action_parser import action_parser
             from rhodecode.lib.ext_json import json
             from rhodecode.lib.utils import repo_name_slug, get_custom_lexer
             from rhodecode.lib.utils2 import str2bool, safe_unicode, safe_str, \
                 get_commit_safe, datetime_to_time, time_to_datetime, time_to_utcdatetime, \
                 AttributeDict, safe_int, md5, md5_safe
             from rhodecode.lib.markup_renderer import MarkupRenderer, relative_links
             from rhodecode.lib.vcs.exceptions import CommitDoesNotExistError
             from rhodecode.lib.vcs.backends.base import BaseChangeset, EmptyCommit
             from rhodecode.config.conf import DATE_FORMAT, DATETIME_FORMAT
             from rhodecode.model.changeset_status import ChangesetStatusModel
             from rhodecode.model.db import Permission, User, Repository
             from rhodecode.model.repo_group import RepoGroupModel
             from rhodecode.model.settings import IssueTrackerSettingsModel
             log = logging.getLogger(__name__)
             DEFAULT_USER = User.DEFAULT_USER
             DEFAULT_USER_EMAIL = User.DEFAULT_USER_EMAIL
             def url(*args, **kw):
                 return pylons_url(*args, **kw)
             def pylons_url_current(*args, **kw):
                 """
                 This function overrides pylons.url.current() which returns the current
                 path so that it will also work from a pyramid only context. This
                 should be removed once port to pyramid is complete.
                 """
                 if not args and not kw:
                     request = get_current_request()
                     return request.path
                 return pylons_url.current(*args, **kw)
             url.current = pylons_url_current
             def url_replace(**qargs):
                 """ Returns the current request url while replacing query string args """
                 request = get_current_request()
                 new_args = request.GET.mixed()
                 new_args.update(qargs)
                 return url('', **new_args)
             def asset(path, ver=None, **kwargs):
                 """
                 Helper to generate a static asset file path for rhodecode assets
                 eg. h.asset('images/image.png', ver='3923')
                 :param path: path of asset
                 :param ver: optional version query param to append as ?ver=
                 """
                 request = get_current_request()
                 query = {}
                 query.update(kwargs)
                 if ver:
                     query = {'ver': ver}
                 return request.static_path(
                     'rhodecode:public/{}'.format(path), _query=query)
             default_html_escape_table = {
                 ord('&'): u'&amp;',
                 ord('<'): u'&lt;',
                 ord('>'): u'&gt;',
                 ord('"'): u'&quot;',
                 ord("'"): u'&#39;',
             }
             def html_escape(text, html_escape_table=default_html_escape_table):
                 """Produce entities within text."""
                 return text.translate(html_escape_table)
             def chop_at_smart(s, sub, inclusive=False, suffix_if_chopped=None):
                 """
                 Truncate string ``s`` at the first occurrence of ``sub``.
                 If ``inclusive`` is true, truncate just after ``sub`` rather than at it.
                 """
                 suffix_if_chopped = suffix_if_chopped or ''
                 pos = s.find(sub)
                 if pos == -1:
                     return s
                 if inclusive:
                     pos += len(sub)
                 chopped = s[:pos]
                 left = s[pos:].strip()
                 if left and suffix_if_chopped:
                     chopped += suffix_if_chopped
                 return chopped
             def shorter(text, size=20):
                 postfix = '...'
                 if len(text) > size:
                     return text[:size - len(postfix)] + postfix
                 return text
             def _reset(name, value=None, id=NotGiven, type="reset", **attrs):
                 """
                 Reset button
                 """
                 _set_input_attrs(attrs, type, name, value)
                 _set_id_attr(attrs, id, name)
                 convert_boolean_attrs(attrs, ["disabled"])
                 return HTML.input(**attrs)
             reset = _reset
             safeid = _make_safe_id_component
             def branding(name, length=40):
                 return truncate(name, length, indicator="")
             def FID(raw_id, path):
                 """
                 Creates a unique ID for filenode based on it's hash of path and commit
                 it's safe to use in urls
                 :param raw_id:
                 :param path:
                 """
                 return 'c-%s-%s' % (short_id(raw_id), md5_safe(path)[:12])
             class _GetError(object):
                 """Get error from form_errors, and represent it as span wrapped error
                 message
                 :param field_name: field to fetch errors for
                 :param form_errors: form errors dict
                 """
                 def __call__(self, field_name, form_errors):
                     tmpl = """<span class="error_msg">%s</span>"""
                     if form_errors and field_name in form_errors:
                         return literal(tmpl % form_errors.get(field_name))
             get_error = _GetError()
             class _ToolTip(object):
                 def __call__(self, tooltip_title, trim_at=50):
                     """
                     Special function just to wrap our text into nice formatted
                     autowrapped text
                     :param tooltip_title:
                     """
                     tooltip_title = escape(tooltip_title)
                     tooltip_title = tooltip_title.replace('<', '&lt;').replace('>', '&gt;')
                     return tooltip_title
             tooltip = _ToolTip()
             def files_breadcrumbs(repo_name, commit_id, file_path):
                 if isinstance(file_path, str):
                     file_path = safe_unicode(file_path)
                 # TODO: johbo: Is this always a url like path, or is this operating
                 # system dependent?
                 path_segments = file_path.split('/')
                 repo_name_html = escape(repo_name)
                 if len(path_segments) == 1 and path_segments[0] == '':
                     url_segments = [repo_name_html]
                 else:
                     url_segments = [
                         link_to(
                             repo_name_html,
                             url('files_home',
                                 repo_name=repo_name,
                                 revision=commit_id,
                                 f_path=''),
                             class_='pjax-link')]
                 last_cnt = len(path_segments) - 1
                 for cnt, segment in enumerate(path_segments):
                     if not segment:
                         continue
                     segment_html = escape(segment)
                     if cnt != last_cnt:
                         url_segments.append(
                             link_to(
                                 segment_html,
                                 url('files_home',
                                     repo_name=repo_name,
                                     revision=commit_id,
                                     f_path='/'.join(path_segments[:cnt + 1])),
                                 class_='pjax-link'))
                     else:
                         url_segments.append(segment_html)
                 return literal('/'.join(url_segments))
             class CodeHtmlFormatter(HtmlFormatter):
                 """
                 My code Html Formatter for source codes
                 """
                 def wrap(self, source, outfile):
                     return self._wrap_div(self._wrap_pre(self._wrap_code(source)))
                 def _wrap_code(self, source):
                     for cnt, it in enumerate(source):
                         i, t = it
                         t = '<div id="L%s">%s</div>' % (cnt + 1, t)
                         yield i, t
                 def _wrap_tablelinenos(self, inner):
                     dummyoutfile = StringIO.StringIO()
                     lncount = 0
                     for t, line in inner:
                         if t:
                             lncount += 1
                         dummyoutfile.write(line)
                     fl = self.linenostart
                     mw = len(str(lncount + fl - 1))
                     sp = self.linenospecial
                     st = self.linenostep
                     la = self.lineanchors
                     aln = self.anchorlinenos
                     nocls = self.noclasses
                     if sp:
                         lines = []
                         for i in range(fl, fl + lncount):
                             if i % st == 0:
                                 if i % sp == 0:
                                     if aln:
                                         lines.append('<a href="#%s%d" class="special">%*d</a>' %
                                                      (la, i, mw, i))
                                     else:
                                         lines.append('<span class="special">%*d</span>' % (mw, i))
                                 else:
                                     if aln:
                                         lines.append('<a href="#%s%d">%*d</a>' % (la, i, mw, i))
                                     else:
                                         lines.append('%*d' % (mw, i))
                             else:
                                 lines.append('')
                         ls = '\n'.join(lines)
                     else:
                         lines = []
                         for i in range(fl, fl + lncount):
                             if i % st == 0:
                                 if aln:
                                     lines.append('<a href="#%s%d">%*d</a>' % (la, i, mw, i))
                                 else:
                                     lines.append('%*d' % (mw, i))
                             else:
                                 lines.append('')
                         ls = '\n'.join(lines)
                     # in case you wonder about the seemingly redundant <div> here: since the
                     # content in the other cell also is wrapped in a div, some browsers in
                     # some configurations seem to mess up the formatting...
                     if nocls:
                         yield 0, ('<table class="%stable">' % self.cssclass +
                                   '<tr><td><div class="linenodiv" '
                                   'style="background-color: #f0f0f0; padding-right: 10px">'
                                   '<pre style="line-height: 125%">' +
                                   ls + '</pre></div></td><td id="hlcode" class="code">')
                     else:
                         yield 0, ('<table class="%stable">' % self.cssclass +
                                   '<tr><td class="linenos"><div class="linenodiv"><pre>' +
                                   ls + '</pre></div></td><td id="hlcode" class="code">')
                     yield 0, dummyoutfile.getvalue()
                     yield 0, '</td></tr></table>'
             class SearchContentCodeHtmlFormatter(CodeHtmlFormatter):
                 def __init__(self, **kw):
                     # only show these line numbers if set
                     self.only_lines = kw.pop('only_line_numbers', [])
                     self.query_terms = kw.pop('query_terms', [])
                     self.max_lines = kw.pop('max_lines', 5)
                     self.line_context = kw.pop('line_context', 3)
                     self.url = kw.pop('url', None)
                     super(CodeHtmlFormatter, self).__init__(**kw)
                 def _wrap_code(self, source):
                     for cnt, it in enumerate(source):
                         i, t = it
                         t = '<pre>%s</pre>' % t
                         yield i, t
                 def _wrap_tablelinenos(self, inner):
                     yield 0, '<table class="code-highlight %stable">' % self.cssclass
                     last_shown_line_number = 0
                     current_line_number = 1
                     for t, line in inner:
                         if not t:
                             yield t, line
                             continue
                         if current_line_number in self.only_lines:
                             if last_shown_line_number + 1 != current_line_number:
                                 yield 0, '<tr>'
                                 yield 0, '<td class="line">...</td>'
                                 yield 0, '<td id="hlcode" class="code"></td>'
                                 yield 0, '</tr>'
                             yield 0, '<tr>'
                             if self.url:
                                 yield 0, '<td class="line"><a href="%s#L%i">%i</a></td>' % (
                                     self.url, current_line_number, current_line_number)
                             else:
                                 yield 0, '<td class="line"><a href="">%i</a></td>' % (
                                     current_line_number)
                             yield 0, '<td id="hlcode" class="code">' + line + '</td>'
                             yield 0, '</tr>'
                             last_shown_line_number = current_line_number
                         current_line_number += 1
                     yield 0, '</table>'
             def extract_phrases(text_query):
                 """
                 Extracts phrases from search term string making sure phrases
                 contained in double quotes are kept together - and discarding empty values
                 or fully whitespace values eg.
                 'some   text "a phrase" more' => ['some', 'text', 'a phrase', 'more']
                 """
                 in_phrase = False
                 buf = ''
                 phrases = []
                 for char in text_query:
                     if in_phrase:
                         if char == '"': # end phrase
                             phrases.append(buf)
                             buf = ''
                             in_phrase = False
                             continue
                         else:
                             buf += char
                             continue
                     else:
                         if char == '"': # start phrase
                             in_phrase = True
                             phrases.append(buf)
                             buf = ''
                             continue
                         elif char == ' ':
                             phrases.append(buf)
                             buf = ''
                             continue
                         else:
                             buf += char
                 phrases.append(buf)
                 phrases = [phrase.strip() for phrase in phrases if phrase.strip()]
                 return phrases
             def get_matching_offsets(text, phrases):
                 """
                 Returns a list of string offsets in `text` that the list of `terms` match
                 >>> get_matching_offsets('some text here', ['some', 'here'])
                 [(0, 4), (10, 14)]
                 """
                 offsets = []
                 for phrase in phrases:
                     for match in re.finditer(phrase, text):
                         offsets.append((match.start(), match.end()))
                 return offsets
             def normalize_text_for_matching(x):
                 """
                 Replaces all non alnum characters to spaces and lower cases the string,
                 useful for comparing two text strings without punctuation
                 """
                 return re.sub(r'[^\w]', ' ', x.lower())
             def get_matching_line_offsets(lines, terms):
                 """ Return a set of `lines` indices (starting from 1) matching a
                 text search query, along with `context` lines above/below matching lines
                 :param lines: list of strings representing lines
                 :param terms: search term string to match in lines eg. 'some text'
                 :param context: number of lines above/below a matching line to add to result
                 :param max_lines: cut off for lines of interest
                  eg.
                 text = '''
                 words words words
                 words words words
                 some text some
                 words words words
                 words words words
                 text here what
                 '''
                 get_matching_line_offsets(text, 'text', context=1)
                 {3: [(5, 9)], 6: [(0, 4)]]
                 """
                 matching_lines = {}
                 phrases = [normalize_text_for_matching(phrase)
                            for phrase in extract_phrases(terms)]
                 for line_index, line in enumerate(lines, start=1):
                     match_offsets = get_matching_offsets(
                         normalize_text_for_matching(line), phrases)
                     if match_offsets:
                         matching_lines[line_index] = match_offsets
                 return matching_lines
             def hsv_to_rgb(h, s, v):
                 """ Convert hsv color values to rgb """
                 if s == 0.0:
                     return v, v, v
                 i = int(h * 6.0)  # XXX assume int() truncates!
                 f = (h * 6.0) - i
                 p = v * (1.0 - s)
                 q = v * (1.0 - s * f)
                 t = v * (1.0 - s * (1.0 - f))
                 i = i % 6
                 if i == 0:
                     return v, t, p
                 if i == 1:
                     return q, v, p
                 if i == 2:
                     return p, v, t
                 if i == 3:
                     return p, q, v
                 if i == 4:
                     return t, p, v
                 if i == 5:
                     return v, p, q
             def unique_color_generator(n=10000, saturation=0.10, lightness=0.95):
                 """
                 Generator for getting n of evenly distributed colors using
                 hsv color and golden ratio. It always return same order of colors
                 :param n: number of colors to generate
                 :param saturation: saturation of returned colors
                 :param lightness: lightness of returned colors
                 :returns: RGB tuple
                 """
                 golden_ratio = 0.618033988749895
                 h = 0.22717784590367374
                 for _ in xrange(n):
                     h += golden_ratio
                     h %= 1
                     HSV_tuple = [h, saturation, lightness]
                     RGB_tuple = hsv_to_rgb(*HSV_tuple)
                     yield map(lambda x: str(int(x * 256)), RGB_tuple)
             def color_hasher(n=10000, saturation=0.10, lightness=0.95):
                 """
                 Returns a function which when called with an argument returns a unique
                 color for that argument, eg.
                 :param n: number of colors to generate
                 :param saturation: saturation of returned colors
                 :param lightness: lightness of returned colors
                 :returns: css RGB string
                 >>> color_hash = color_hasher()
                 >>> color_hash('hello')
                 'rgb(34, 12, 59)'
                 >>> color_hash('hello')
                 'rgb(34, 12, 59)'
                 >>> color_hash('other')
                 'rgb(90, 224, 159)'
                 """
                 color_dict = {}
                 cgenerator = unique_color_generator(
                     saturation=saturation, lightness=lightness)
                 def get_color_string(thing):
                     if thing in color_dict:
                         col = color_dict[thing]
                     else:
                         col = color_dict[thing] = cgenerator.next()
                     return "rgb(%s)" % (', '.join(col))
                 return get_color_string
             def get_lexer_safe(mimetype=None, filepath=None):
                 """
                 Tries to return a relevant pygments lexer using mimetype/filepath name,
                 defaulting to plain text if none could be found
                 """
                 lexer = None
                 try:
                     if mimetype:
                         lexer = get_lexer_for_mimetype(mimetype)
                     if not lexer:
                         lexer = get_lexer_for_filename(filepath)
                 except pygments.util.ClassNotFound:
                     pass
                 if not lexer:
                     lexer = get_lexer_by_name('text')
                 return lexer
             def get_lexer_for_filenode(filenode):
                 lexer = get_custom_lexer(filenode.extension) or filenode.lexer
                 return lexer
             def pygmentize(filenode, **kwargs):
                 """
                 pygmentize function using pygments
                 :param filenode:
                 """
                 lexer = get_lexer_for_filenode(filenode)
                 return literal(code_highlight(filenode.content, lexer,
                                               CodeHtmlFormatter(**kwargs)))
             def is_following_repo(repo_name, user_id):
                 from rhodecode.model.scm import ScmModel
                 return ScmModel().is_following_repo(repo_name, user_id)
             class _Message(object):
                 """A message returned by ``Flash.pop_messages()``.
                 Converting the message to a string returns the message text. Instances
                 also have the following attributes:
                 * ``message``: the message text.
                 * ``category``: the category specified when the message was created.
                 """
                 def __init__(self, category, message):
                     self.category = category
                     self.message = message
                 def __str__(self):
                     return self.message
                 __unicode__ = __str__
                 def __html__(self):
                     return escape(safe_unicode(self.message))
             class Flash(_Flash):
                 def pop_messages(self):
                     """Return all accumulated messages and delete them from the session.
                     The return value is a list of ``Message`` objects.
                     """
                     from pylons import session
                     messages = []
                     # Pop the 'old' pylons flash messages. They are tuples of the form
                     # (category, message)
                     for cat, msg in session.pop(self.session_key, []):
                         messages.append(_Message(cat, msg))
                     # Pop the 'new' pyramid flash messages for each category as list
                     # of strings.
                     for cat in self.categories:
                         for msg in session.pop_flash(queue=cat):
                             messages.append(_Message(cat, msg))
                     # Map messages from the default queue to the 'notice' category.
                     for msg in session.pop_flash():
                         messages.append(_Message('notice', msg))
                     session.save()
                     return messages
                 def json_alerts(self):
                     payloads = []
                     messages = flash.pop_messages()
                     if messages:
                         for message in messages:
                             subdata = {}
                             if hasattr(message.message, 'rsplit'):
                                 flash_data = message.message.rsplit('|DELIM|', 1)
                                 org_message = flash_data[0]
                                 if len(flash_data) > 1:
                                     subdata = json.loads(flash_data[1])
                             else:
                                 org_message = message.message
                             payloads.append({
                                 'message': {
                                     'message': u'{}'.format(org_message),
                                     'level': message.category,
                                     'force': True,
                                     'subdata': subdata
                                 }
                             })
                     return json.dumps(payloads)
             flash = Flash()
             #==============================================================================
             # SCM FILTERS available via h.
             #==============================================================================
             from rhodecode.lib.vcs.utils import author_name, author_email
             from rhodecode.lib.utils2 import credentials_filter, age as _age
             from rhodecode.model.db import User, ChangesetStatus
             age = _age
             capitalize = lambda x: x.capitalize()
             email = author_email
             short_id = lambda x: x[:12]
             hide_credentials = lambda x: ''.join(credentials_filter(x))
             def age_component(datetime_iso, value=None, time_is_local=False):
                 title = value or format_date(datetime_iso)
                 tzinfo = '+00:00'
                 # detect if we have a timezone info, otherwise, add it
                 if isinstance(datetime_iso, datetime) and not datetime_iso.tzinfo:
                     if time_is_local:
                         tzinfo = time.strftime("+%H:%M",
                             time.gmtime(
                                 (datetime.now() - datetime.utcnow()).seconds + 1
                             )
                         )
                 return literal(
                     '<time class="timeago tooltip" '
                     'title="{1}{2}" datetime="{0}{2}">{1}</time>'.format(
                         datetime_iso, title, tzinfo))
             def _shorten_commit_id(commit_id):
                 from rhodecode import CONFIG
                 def_len = safe_int(CONFIG.get('rhodecode_show_sha_length', 12))
                 return commit_id[:def_len]
             def show_id(commit):
                 """
                 Configurable function that shows ID
                 by default it's r123:fffeeefffeee
                 :param commit: commit instance
                 """
                 from rhodecode import CONFIG
                 show_idx = str2bool(CONFIG.get('rhodecode_show_revision_number', True))
                 raw_id = _shorten_commit_id(commit.raw_id)
                 if show_idx:
                     return 'r%s:%s' % (commit.idx, raw_id)
                 else:
                     return '%s' % (raw_id, )
             def format_date(date):
                 """
                 use a standardized formatting for dates used in RhodeCode
                 :param date: date/datetime object
                 :return: formatted date
                 """
                 if date:
                     _fmt = "%a, %d %b %Y %H:%M:%S"
                     return safe_unicode(date.strftime(_fmt))
                 return u""
             class _RepoChecker(object):
                 def __init__(self, backend_alias):
                     self._backend_alias = backend_alias
                 def __call__(self, repository):
                     if hasattr(repository, 'alias'):
                         _type = repository.alias
                     elif hasattr(repository, 'repo_type'):
                         _type = repository.repo_type
                     else:
                         _type = repository
                     return _type == self._backend_alias
             is_git = _RepoChecker('git')
             is_hg = _RepoChecker('hg')
             is_svn = _RepoChecker('svn')
             def get_repo_type_by_name(repo_name):
                 repo = Repository.get_by_repo_name(repo_name)
                 return repo.repo_type
             def is_svn_without_proxy(repository):
                 if is_svn(repository):
                     from rhodecode.model.settings import VcsSettingsModel
                     conf = VcsSettingsModel().get_ui_settings_as_config_obj()
                     return not str2bool(conf.get('vcs_svn_proxy', 'http_requests_enabled'))
                 return False
             def discover_user(author):
                 """
                 Tries to discover RhodeCode User based on the autho string. Author string
                 is typically `FirstName LastName <email@address.com>`
                 """
                 # if author is already an instance use it for extraction
                 if isinstance(author, User):
                     return author
                 # Valid email in the attribute passed, see if they're in the system
                 _email = author_email(author)
                 if _email != '':
                     user = User.get_by_email(_email, case_insensitive=True, cache=True)
                     if user is not None:
                         return user
                 # Maybe it's a username, we try to extract it and fetch by username ?
                 _author = author_name(author)
                 user = User.get_by_username(_author, case_insensitive=True, cache=True)
                 if user is not None:
                     return user
                 return None
             def email_or_none(author):
                 # extract email from the commit string
                 _email = author_email(author)
                 # If we have an email, use it, otherwise
                 # see if it contains a username we can get an email from
                 if _email != '':
                     return _email
                 else:
                     user = User.get_by_username(
                         author_name(author), case_insensitive=True, cache=True)
                 if user is not None:
                         return user.email
                 # No valid email, not a valid user in the system, none!
                 return None
             def link_to_user(author, length=0, **kwargs):
                 user = discover_user(author)
                 # user can be None, but if we have it already it means we can re-use it
                 # in the person() function, so we save 1 intensive-query
                 if user:
                     author = user
                 display_person = person(author, 'username_or_name_or_email')
                 if length:
                     display_person = shorter(display_person, length)
                 if user:
                     return link_to(
                         escape(display_person),
                         route_path('user_profile', username=user.username),
                         **kwargs)
                 else:
                     return escape(display_person)
             def person(author, show_attr="username_and_name"):
                 user = discover_user(author)
                 if user:
                     return getattr(user, show_attr)
                 else:
                     _author = author_name(author)
                     _email = email(author)
                     return _author or _email
             def author_string(email):
                 if email:
                     user = User.get_by_email(email, case_insensitive=True, cache=True)
                     if user:
                         if user.firstname or user.lastname:
                             return '%s %s &lt;%s&gt;' % (user.firstname, user.lastname, email)
                         else:
                             return email
                     else:
                         return email
                 else:
                     return None
             def person_by_id(id_, show_attr="username_and_name"):
                 # attr to return from fetched user
                 person_getter = lambda usr: getattr(usr, show_attr)
                 #maybe it's an ID ?
                 if str(id_).isdigit() or isinstance(id_, int):
                     id_ = int(id_)
                     user = User.get(id_)
                     if user is not None:
                         return person_getter(user)
                 return id_
             def gravatar_with_user(author, show_disabled=False):
                 from rhodecode.lib.utils import PartialRenderer
                 _render = PartialRenderer('base/base.mako')
                 return _render('gravatar_with_user', author, show_disabled=show_disabled)
             def desc_stylize(value):
                 """
                 converts tags from value into html equivalent
                 :param value:
                 """
                 if not value:
                     return ''
                 value = re.sub(r'\[see\ \=\>\ *([a-zA-Z0-9\/\=\?\&\ \:\/\.\-]*)\]',
                                '<div class="metatag" tag="see">see =&gt; \\1 </div>', value)
                 value = re.sub(r'\[license\ \=\>\ *([a-zA-Z0-9\/\=\?\&\ \:\/\.\-]*)\]',
                                '<div class="metatag" tag="license"><a href="http:\/\/www.opensource.org/licenses/\\1">\\1</a></div>', value)
                 value = re.sub(r'\[(requires|recommends|conflicts|base)\ \=\>\ *([a-zA-Z0-9\-\/]*)\]',
                                '<div class="metatag" tag="\\1">\\1 =&gt; <a href="/\\2">\\2</a></div>', value)
                 value = re.sub(r'\[(lang|language)\ \=\>\ *([a-zA-Z\-\/\#\+]*)\]',
                                '<div class="metatag" tag="lang">\\2</div>', value)
                 value = re.sub(r'\[([a-z]+)\]',
                                '<div class="metatag" tag="\\1">\\1</div>', value)
                 return value
             def escaped_stylize(value):
                 """
                 converts tags from value into html equivalent, but escaping its value first
                 """
                 if not value:
                     return ''
                 # Using default webhelper escape method, but has to force it as a
                 # plain unicode instead of a markup tag to be used in regex expressions
                 value = unicode(escape(safe_unicode(value)))
                 value = re.sub(r'\[see\ \=\&gt;\ *([a-zA-Z0-9\/\=\?\&amp;\ \:\/\.\-]*)\]',
                                '<div class="metatag" tag="see">see =&gt; \\1 </div>', value)
                 value = re.sub(r'\[license\ \=\&gt;\ *([a-zA-Z0-9\/\=\?\&amp;\ \:\/\.\-]*)\]',
                                '<div class="metatag" tag="license"><a href="http:\/\/www.opensource.org/licenses/\\1">\\1</a></div>', value)
                 value = re.sub(r'\[(requires|recommends|conflicts|base)\ \=\&gt;\ *([a-zA-Z0-9\-\/]*)\]',
                                '<div class="metatag" tag="\\1">\\1 =&gt; <a href="/\\2">\\2</a></div>', value)
                 value = re.sub(r'\[(lang|language)\ \=\&gt;\ *([a-zA-Z\-\/\#\+]*)\]',
                                '<div class="metatag" tag="lang">\\2</div>', value)
                 value = re.sub(r'\[([a-z]+)\]',
                                '<div class="metatag" tag="\\1">\\1</div>', value)
                 return value
             def bool2icon(value):
                 """
                 Returns boolean value of a given value, represented as html element with
                 classes that will represent icons
                 :param value: given value to convert to html node
                 """
                 if value:  # does bool conversion
                     return HTML.tag('i', class_="icon-true")
                 else:  # not true as bool
                     return HTML.tag('i', class_="icon-false")
             #==============================================================================
             # PERMS
             #==============================================================================
             from rhodecode.lib.auth import HasPermissionAny, HasPermissionAll, \
             HasRepoPermissionAny, HasRepoPermissionAll, HasRepoGroupPermissionAll, \
             HasRepoGroupPermissionAny, HasRepoPermissionAnyApi, get_csrf_token, \
             csrf_token_key
             #==============================================================================
             # GRAVATAR URL
             #==============================================================================
             class InitialsGravatar(object):
                 def __init__(self, email_address, first_name, last_name, size=30,
                              background=None, text_color='#fff'):
                     self.size = size
                     self.first_name = first_name
                     self.last_name = last_name
                     self.email_address = email_address
                     self.background = background or self.str2color(email_address)
                     self.text_color = text_color
                 def get_color_bank(self):
                     """
                     returns a predefined list of colors that gravatars can use.
                     Those are randomized distinct colors that guarantee readability and
                     uniqueness.
                     generated with: http://phrogz.net/css/distinct-colors.html
                     """
                     return [
                         '#bf3030', '#a67f53', '#00ff00', '#5989b3', '#392040', '#d90000',
                         '#402910', '#204020', '#79baf2', '#a700b3', '#bf6060', '#7f5320',
                         '#008000', '#003059', '#ee00ff', '#ff0000', '#8c4b00', '#007300',
                         '#005fb3', '#de73e6', '#ff4040', '#ffaa00', '#3df255', '#203140',
                         '#47004d', '#591616', '#664400', '#59b365', '#0d2133', '#83008c',
                         '#592d2d', '#bf9f60', '#73e682', '#1d3f73', '#73006b', '#402020',
                         '#b2862d', '#397341', '#597db3', '#e600d6', '#a60000', '#736039',
                         '#00b318', '#79aaf2', '#330d30', '#ff8080', '#403010', '#16591f',
                         '#002459', '#8c4688', '#e50000', '#ffbf40', '#00732e', '#102340',
                         '#bf60ac', '#8c4646', '#cc8800', '#00a642', '#1d3473', '#b32d98',
                         '#660e00', '#ffd580', '#80ffb2', '#7391e6', '#733967', '#d97b6c',
                         '#8c5e00', '#59b389', '#3967e6', '#590047', '#73281d', '#665200',
                         '#00e67a', '#2d50b3', '#8c2377', '#734139', '#b2982d', '#16593a',
                         '#001859', '#ff00aa', '#a65e53', '#ffcc00', '#0d3321', '#2d3959',
                         '#731d56', '#401610', '#4c3d00', '#468c6c', '#002ca6', '#d936a3',
                         '#d94c36', '#403920', '#36d9a3', '#0d1733', '#592d4a', '#993626',
                         '#cca300', '#00734d', '#46598c', '#8c005e', '#7f1100', '#8c7000',
                         '#00a66f', '#7382e6', '#b32d74', '#d9896c', '#ffe680', '#1d7362',
                         '#364cd9', '#73003d', '#d93a00', '#998a4d', '#59b3a1', '#5965b3',
                         '#e5007a', '#73341d', '#665f00', '#00b38f', '#0018b3', '#59163a',
                         '#b2502d', '#bfb960', '#00ffcc', '#23318c', '#a6537f', '#734939',
                         '#b2a700', '#104036', '#3d3df2', '#402031', '#e56739', '#736f39',
                         '#79f2ea', '#000059', '#401029', '#4c1400', '#ffee00', '#005953',
                         '#101040', '#990052', '#402820', '#403d10', '#00ffee', '#0000d9',
                         '#ff80c4', '#a66953', '#eeff00', '#00ccbe', '#8080ff', '#e673a1',
                         '#a62c00', '#474d00', '#1a3331', '#46468c', '#733950', '#662900',
                         '#858c23', '#238c85', '#0f0073', '#b20047', '#d9986c', '#becc00',
                         '#396f73', '#281d73', '#ff0066', '#ff6600', '#dee673', '#59adb3',
                         '#6559b3', '#590024', '#b2622d', '#98b32d', '#36ced9', '#332d59',
                         '#40001a', '#733f1d', '#526600', '#005359', '#242040', '#bf6079',
                         '#735039', '#cef23d', '#007780', '#5630bf', '#66001b', '#b24700',
                         '#acbf60', '#1d6273', '#25008c', '#731d34', '#a67453', '#50592d',
                         '#00ccff', '#6600ff', '#ff0044', '#4c1f00', '#8a994d', '#79daf2',
                         '#a173e6', '#d93662', '#402310', '#aaff00', '#2d98b3', '#8c40ff',
                         '#592d39', '#ff8c40', '#354020', '#103640', '#1a0040', '#331a20',
                         '#331400', '#334d00', '#1d5673', '#583973', '#7f0022', '#4c3626',
                         '#88cc00', '#36a3d9', '#3d0073', '#d9364c', '#33241a', '#698c23',
                         '#5995b3', '#300059', '#e57382', '#7f3300', '#366600', '#00aaff',
                         '#3a1659', '#733941', '#663600', '#74b32d', '#003c59', '#7f53a6',
                         '#73000f', '#ff8800', '#baf279', '#79caf2', '#291040', '#a6293a',
                         '#b2742d', '#587339', '#0077b3', '#632699', '#400009', '#d9a66c',
                         '#294010', '#2d4a59', '#aa00ff', '#4c131b', '#b25f00', '#5ce600',
                         '#267399', '#a336d9', '#990014', '#664e33', '#86bf60', '#0088ff',
                         '#7700b3', '#593a16', '#073300', '#1d4b73', '#ac60bf', '#e59539',
                         '#4f8c46', '#368dd9', '#5c0073'
                     ]
                 def rgb_to_hex_color(self, rgb_tuple):
                     """
                     Converts an rgb_tuple passed to an hex color.
                     :param rgb_tuple: tuple with 3 ints represents rgb color space
                     """
                     return '#' + ("".join(map(chr, rgb_tuple)).encode('hex'))
                 def email_to_int_list(self, email_str):
                     """
                     Get every byte of the hex digest value of email and turn it to integer.
                     It's going to be always between 0-255
                     """
                     digest = md5_safe(email_str.lower())
                     return [int(digest[i * 2:i * 2 + 2], 16) for i in range(16)]
                 def pick_color_bank_index(self, email_str, color_bank):
                     return self.email_to_int_list(email_str)[0] % len(color_bank)
                 def str2color(self, email_str):
                     """
                     Tries to map in a stable algorithm an email to color
                     :param email_str:
                     """
                     color_bank = self.get_color_bank()
                     # pick position (module it's length so we always find it in the
                     # bank even if it's smaller than 256 values
                     pos = self.pick_color_bank_index(email_str, color_bank)
                     return color_bank[pos]
                 def normalize_email(self, email_address):
                     import unicodedata
                     # default host used to fill in the fake/missing email
                     default_host = u'localhost'
                     if not email_address:
                         email_address = u'%s@%s' % (User.DEFAULT_USER, default_host)
                     email_address = safe_unicode(email_address)
                     if u'@' not in email_address:
                         email_address = u'%s@%s' % (email_address, default_host)
                     if email_address.endswith(u'@'):
                         email_address = u'%s%s' % (email_address, default_host)
                     email_address = unicodedata.normalize('NFKD', email_address)\
                         .encode('ascii', 'ignore')
                     return email_address
                 def get_initials(self):
                     """
                     Returns 2 letter initials calculated based on the input.
                     The algorithm picks first given email address, and takes first letter
                     of part before @, and then the first letter of server name. In case
                     the part before @ is in a format of `somestring.somestring2` it replaces
                     the server letter with first letter of somestring2
                     In case function was initialized with both first and lastname, this
                     overrides the extraction from email by first letter of the first and
                     last name. We add special logic to that functionality, In case Full name
                     is compound, like Guido Von Rossum, we use last part of the last name
                     (Von Rossum) picking `R`.
                     Function also normalizes the non-ascii characters to they ascii
                     representation, eg Ą => A
                     """
                     import unicodedata
                     # replace non-ascii to ascii
                     first_name = unicodedata.normalize(
                         'NFKD', safe_unicode(self.first_name)).encode('ascii', 'ignore')
                     last_name = unicodedata.normalize(
                         'NFKD', safe_unicode(self.last_name)).encode('ascii', 'ignore')
                     # do NFKD encoding, and also make sure email has proper format
                     email_address = self.normalize_email(self.email_address)
                     # first push the email initials
                     prefix, server = email_address.split('@', 1)
                     # check if prefix is maybe a 'firstname.lastname' syntax
                     _dot_split = prefix.rsplit('.', 1)
                     if len(_dot_split) == 2:
                         initials = [_dot_split[0][0], _dot_split[1][0]]
                     else:
                         initials = [prefix[0], server[0]]
                     # then try to replace either firtname or lastname
                     fn_letter = (first_name or " ")[0].strip()
                     ln_letter = (last_name.split(' ', 1)[-1] or " ")[0].strip()
                     if fn_letter:
                         initials[0] = fn_letter
                     if ln_letter:
                         initials[1] = ln_letter
                     return ''.join(initials).upper()
                 def get_img_data_by_type(self, font_family, img_type):
                     default_user = """
                     <svg xmlns="http://www.w3.org/2000/svg"
                     version="1.1" x="0px" y="0px" width="{size}" height="{size}"
                     viewBox="-15 -10 439.165 429.164"
                     xml:space="preserve"
                     style="background:{background};" >
                     <path d="M204.583,216.671c50.664,0,91.74-48.075,
 .74-107.378c0-82.237-41.074-107.377-91.74-107.377
                              c-50.668,0-91.74,25.14-91.74,107.377C112.844,
 .596,153.916,216.671,
 .583,216.671z" fill="{text_color}"/>
                     <path d="M407.164,374.717L360.88,
 .454c-2.117-4.771-5.836-8.728-10.465-11.138l-71.83-37.392
                              c-1.584-0.823-3.502-0.663-4.926,0.415c-20.316,
 .366-44.203,23.488-69.076,23.488c-24.877,
 -48.762-8.122-69.078-23.488
                              c-1.428-1.078-3.346-1.238-4.93-0.415L58.75,
 .316c-4.631,2.41-8.346,6.365-10.465,11.138L2.001,374.717
                              c-3.191,7.188-2.537,15.412,1.75,22.005c4.285,
 .592,11.537,10.526,19.4,10.526h362.861c7.863,0,15.117-3.936,
 .402-10.527 C409.699,390.129,
 .355,381.902,407.164,374.717z" fill="{text_color}"/>
                     </svg>""".format(
                         size=self.size,
                         background='#979797',  # @grey4
                         text_color=self.text_color,
                         font_family=font_family)
                     return {
                         "default_user": default_user
                     }[img_type]
                 def get_img_data(self, svg_type=None):
                     """
                     generates the svg metadata for image
                     """
                     font_family = ','.join([
                         'proximanovaregular',
                         'Proxima Nova Regular',
                         'Proxima Nova',
                         'Arial',
                         'Lucida Grande',
                         'sans-serif'
                         ])
                     if svg_type:
                         return self.get_img_data_by_type(font_family, svg_type)
                     initials = self.get_initials()
                     img_data = """
                     <svg xmlns="http://www.w3.org/2000/svg" pointer-events="none"
                          width="{size}" height="{size}"
                          style="width: 100%; height: 100%; background-color: {background}"
                          viewBox="0 0 {size} {size}">
                         <text text-anchor="middle" y="50%" x="50%" dy="0.35em"
                               pointer-events="auto" fill="{text_color}"
                               font-family="{font_family}"
                               style="font-weight: 400; font-size: {f_size}px;">{text}
                         </text>
                     </svg>""".format(
                         size=self.size,
                         f_size=self.size/1.85,  # scale the text inside the box nicely
                         background=self.background,
                         text_color=self.text_color,
                         text=initials.upper(),
                         font_family=font_family)
                     return img_data
                 def generate_svg(self, svg_type=None):
                     img_data = self.get_img_data(svg_type)
                     return "data:image/svg+xml;base64,%s" % img_data.encode('base64')
             def initials_gravatar(email_address, first_name, last_name, size=30):
                 svg_type = None
                 if email_address == User.DEFAULT_USER_EMAIL:
                     svg_type = 'default_user'
                 klass = InitialsGravatar(email_address, first_name, last_name, size)
                 return klass.generate_svg(svg_type=svg_type)
             def gravatar_url(email_address, size=30):
                 # doh, we need to re-import those to mock it later
                 from pylons import tmpl_context as c
                 _use_gravatar = c.visual.use_gravatar
                 _gravatar_url = c.visual.gravatar_url or User.DEFAULT_GRAVATAR_URL
                 email_address = email_address or User.DEFAULT_USER_EMAIL
                 if isinstance(email_address, unicode):
                     # hashlib crashes on unicode items
                     email_address = safe_str(email_address)
                 # empty email or default user
                 if not email_address or email_address == User.DEFAULT_USER_EMAIL:
                     return initials_gravatar(User.DEFAULT_USER_EMAIL, '', '', size=size)
                 if _use_gravatar:
                     # TODO: Disuse pyramid thread locals. Think about another solution to
                     # get the host and schema here.
                     request = get_current_request()
                     tmpl = safe_str(_gravatar_url)
                     tmpl = tmpl.replace('{email}', email_address)\
                                .replace('{md5email}', md5_safe(email_address.lower())) \
                                .replace('{netloc}', request.host)\
                                .replace('{scheme}', request.scheme)\
                                .replace('{size}', safe_str(size))
                     return tmpl
                 else:
                     return initials_gravatar(email_address, '', '', size=size)
             class Page(_Page):
                 """
                 Custom pager to match rendering style with paginator
                 """
                 def _get_pos(self, cur_page, max_page, items):
                     edge = (items / 2) + 1
                     if (cur_page <= edge):
                         radius = max(items / 2, items - cur_page)
                     elif (max_page - cur_page) < edge:
                         radius = (items - 1) - (max_page - cur_page)
                     else:
                         radius = items / 2
                     left = max(1, (cur_page - (radius)))
                     right = min(max_page, cur_page + (radius))
                     return left, cur_page, right
                 def _range(self, regexp_match):
                     """
                     Return range of linked pages (e.g. '1 2 [3] 4 5 6 7 8').
                     Arguments:
                     regexp_match
                         A "re" (regular expressions) match object containing the
                         radius of linked pages around the current page in
                         regexp_match.group(1) as a string
                     This function is supposed to be called as a callable in
                     re.sub.
                     """
                     radius = int(regexp_match.group(1))
                     # Compute the first and last page number within the radius
                     # e.g. '1 .. 5 6 [7] 8 9 .. 12'
                     # -> leftmost_page  = 5
                     # -> rightmost_page = 9
                     leftmost_page, _cur, rightmost_page = self._get_pos(self.page,
                                                                         self.last_page,
                                                                         (radius * 2) + 1)
                     nav_items = []
                     # Create a link to the first page (unless we are on the first page
                     # or there would be no need to insert '..' spacers)
                     if self.page != self.first_page and self.first_page < leftmost_page:
                         nav_items.append(self._pagerlink(self.first_page, self.first_page))
                     # Insert dots if there are pages between the first page
                     # and the currently displayed page range
                     if leftmost_page - self.first_page > 1:
                         # Wrap in a SPAN tag if nolink_attr is set
                         text = '..'
                         if self.dotdot_attr:
                             text = HTML.span(c=text, **self.dotdot_attr)
                         nav_items.append(text)
                     for thispage in xrange(leftmost_page, rightmost_page + 1):
                         # Hilight the current page number and do not use a link
                         if thispage == self.page:
                             text = '%s' % (thispage,)
                             # Wrap in a SPAN tag if nolink_attr is set
                             if self.curpage_attr:
                                 text = HTML.span(c=text, **self.curpage_attr)
                             nav_items.append(text)
                         # Otherwise create just a link to that page
                         else:
                             text = '%s' % (thispage,)
                             nav_items.append(self._pagerlink(thispage, text))
                     # Insert dots if there are pages between the displayed
                     # page numbers and the end of the page range
                     if self.last_page - rightmost_page > 1:
                         text = '..'
                         # Wrap in a SPAN tag if nolink_attr is set
                         if self.dotdot_attr:
                             text = HTML.span(c=text, **self.dotdot_attr)
                         nav_items.append(text)
                     # Create a link to the very last page (unless we are on the last
                     # page or there would be no need to insert '..' spacers)
                     if self.page != self.last_page and rightmost_page < self.last_page:
                         nav_items.append(self._pagerlink(self.last_page, self.last_page))
                     ## prerender links
                     #_page_link = url.current()
                     #nav_items.append(literal('<link rel="prerender" href="%s?page=%s">' % (_page_link, str(int(self.page)+1))))
                     #nav_items.append(literal('<link rel="prefetch" href="%s?page=%s">' % (_page_link, str(int(self.page)+1))))
                     return self.separator.join(nav_items)
                 def pager(self, format='~2~', page_param='page', partial_param='partial',
                     show_if_single_page=False, separator=' ', onclick=None,
                     symbol_first='<<', symbol_last='>>',
                     symbol_previous='<', symbol_next='>',
                     link_attr={'class': 'pager_link', 'rel': 'prerender'},
                     curpage_attr={'class': 'pager_curpage'},
                     dotdot_attr={'class': 'pager_dotdot'}, **kwargs):
                     self.curpage_attr = curpage_attr
                     self.separator = separator
                     self.pager_kwargs = kwargs
                     self.page_param = page_param
                     self.partial_param = partial_param
                     self.onclick = onclick
                     self.link_attr = link_attr
                     self.dotdot_attr = dotdot_attr
                     # Don't show navigator if there is no more than one page
                     if self.page_count == 0 or (self.page_count == 1 and not show_if_single_page):
                         return ''
                     from string import Template
                     # Replace ~...~ in token format by range of pages
                     result = re.sub(r'~(\d+)~', self._range, format)
                     # Interpolate '%' variables
                     result = Template(result).safe_substitute({
                         'first_page': self.first_page,
                         'last_page': self.last_page,
                         'page': self.page,
                         'page_count': self.page_count,
                         'items_per_page': self.items_per_page,
                         'first_item': self.first_item,
                         'last_item': self.last_item,
                         'item_count': self.item_count,
                         'link_first': self.page > self.first_page and \
                                 self._pagerlink(self.first_page, symbol_first) or '',
                         'link_last': self.page < self.last_page and \
                                 self._pagerlink(self.last_page, symbol_last) or '',
                         'link_previous': self.previous_page and \
                                 self._pagerlink(self.previous_page, symbol_previous) \
                                 or HTML.span(symbol_previous, class_="pg-previous disabled"),
                         'link_next': self.next_page and \
                                 self._pagerlink(self.next_page, symbol_next) \
                                 or HTML.span(symbol_next, class_="pg-next disabled")
                     })
                     return literal(result)
             #==============================================================================
             # REPO PAGER, PAGER FOR REPOSITORY
             #==============================================================================
             class RepoPage(Page):
                 def __init__(self, collection, page=1, items_per_page=20,
                              item_count=None, url=None, **kwargs):
                     """Create a "RepoPage" instance. special pager for paging
                     repository
                     """
                     self._url_generator = url
                     # Safe the kwargs class-wide so they can be used in the pager() method
                     self.kwargs = kwargs
                     # Save a reference to the collection
                     self.original_collection = collection
                     self.collection = collection
                     # The self.page is the number of the current page.
                     # The first page has the number 1!
                     try:
                         self.page = int(page)  # make it int() if we get it as a string
                     except (ValueError, TypeError):
                         self.page = 1
                     self.items_per_page = items_per_page
                     # Unless the user tells us how many items the collections has
                     # we calculate that ourselves.
                     if item_count is not None:
                         self.item_count = item_count
                     else:
                         self.item_count = len(self.collection)
                     # Compute the number of the first and last available page
                     if self.item_count > 0:
                         self.first_page = 1
                         self.page_count = int(math.ceil(float(self.item_count) /
                                                         self.items_per_page))
                         self.last_page = self.first_page + self.page_count - 1
                         # Make sure that the requested page number is the range of
                         # valid pages
                         if self.page > self.last_page:
                             self.page = self.last_page
                         elif self.page < self.first_page:
                             self.page = self.first_page
                         # Note: the number of items on this page can be less than
                         #       items_per_page if the last page is not full
                         self.first_item = max(0, (self.item_count) - (self.page *
                                                                       items_per_page))
                         self.last_item = ((self.item_count - 1) - items_per_page *
                                           (self.page - 1))
                         self.items = list(self.collection[self.first_item:self.last_item + 1])
                         # Links to previous and next page
                         if self.page > self.first_page:
                             self.previous_page = self.page - 1
                         else:
                             self.previous_page = None
                         if self.page < self.last_page:
                             self.next_page = self.page + 1
                         else:
                             self.next_page = None
                     # No items available
                     else:
                         self.first_page = None
                         self.page_count = 0
                         self.last_page = None
                         self.first_item = None
                         self.last_item = None
                         self.previous_page = None
                         self.next_page = None
                         self.items = []
                     # This is a subclass of the 'list' type. Initialise the list now.
                     list.__init__(self, reversed(self.items))
             def changed_tooltip(nodes):
                 """
                 Generates a html string for changed nodes in commit page.
                 It limits the output to 30 entries
                 :param nodes: LazyNodesGenerator
                 """
                 if nodes:
                     pref = ': <br/> '
                     suf = ''
                     if len(nodes) > 30:
                         suf = '<br/>' + _(' and %s more') % (len(nodes) - 30)
                     return literal(pref + '<br/> '.join([safe_unicode(x.path)
                                                          for x in nodes[:30]]) + suf)
                 else:
                     return ': ' + _('No Files')
             def breadcrumb_repo_link(repo):
                 """
                 Makes a breadcrumbs path link to repo
                 ex::
                     group >> subgroup >> repo
                 :param repo: a Repository instance
                 """
                 path = [
-                    link_to(group.name, url('repo_group_home', group_name=group.group_name))
+                    link_to(group.name, route_path('repo_group_home', repo_group_name=group.group_name))
                     for group in repo.groups_with_parents
                 ] + [
                     link_to(repo.just_name, url('summary_home', repo_name=repo.repo_name))
                 ]
                 return literal(' &raquo; '.join(path))
             def format_byte_size_binary(file_size):
                 """
                 Formats file/folder sizes to standard.
                 """
                 formatted_size = format_byte_size(file_size, binary=True)
                 return formatted_size
             def urlify_text(text_, safe=True):
                 """
                 Extrac urls from text and make html links out of them
                 :param text_:
                 """
                 url_pat = re.compile(r'''(http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@#.&+]'''
                                      '''|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+)''')
                 def url_func(match_obj):
                     url_full = match_obj.groups()[0]
                     return '<a href="%(url)s">%(url)s</a>' % ({'url': url_full})
                 _newtext = url_pat.sub(url_func, text_)
                 if safe:
                     return literal(_newtext)
                 return _newtext
             def urlify_commits(text_, repository):
                 """
                 Extract commit ids from text and make link from them
                 :param text_:
                 :param repository: repo name to build the URL with
                 """
                 from pylons import url  # doh, we need to re-import url to mock it later
                 URL_PAT = re.compile(r'(^|\s)([0-9a-fA-F]{12,40})($|\s)')
                 def url_func(match_obj):
                     commit_id = match_obj.groups()[1]
                     pref = match_obj.groups()[0]
                     suf = match_obj.groups()[2]
                     tmpl = (
                         '%(pref)s<a class="%(cls)s" href="%(url)s">'
                         '%(commit_id)s</a>%(suf)s'
                     )
                     return tmpl % {
                         'pref': pref,
                         'cls': 'revision-link',
                         'url': url('changeset_home', repo_name=repository,
                                    revision=commit_id, qualified=True),
                         'commit_id': commit_id,
                         'suf': suf
                     }
                 newtext = URL_PAT.sub(url_func, text_)
                 return newtext
             def _process_url_func(match_obj, repo_name, uid, entry,
                                   return_raw_data=False, link_format='html'):
                 pref = ''
                 if match_obj.group().startswith(' '):
                     pref = ' '
                 issue_id = ''.join(match_obj.groups())
                 if link_format == 'html':
                     tmpl = (
                         '%(pref)s<a class="%(cls)s" href="%(url)s">'
                         '%(issue-prefix)s%(id-repr)s'
                         '</a>')
                 elif link_format == 'rst':
                     tmpl = '`%(issue-prefix)s%(id-repr)s <%(url)s>`_'
                 elif link_format == 'markdown':
                     tmpl = '[%(issue-prefix)s%(id-repr)s](%(url)s)'
                 else:
                     raise ValueError('Bad link_format:{}'.format(link_format))
                 (repo_name_cleaned,
                  parent_group_name) = RepoGroupModel().\
                     _get_group_name_and_parent(repo_name)
                 # variables replacement
                 named_vars = {
                     'id': issue_id,
                     'repo': repo_name,
                     'repo_name': repo_name_cleaned,
                     'group_name': parent_group_name
                 }
                 # named regex variables
                 named_vars.update(match_obj.groupdict())
                 _url = string.Template(entry['url']).safe_substitute(**named_vars)
                 data = {
                     'pref': pref,
                     'cls': 'issue-tracker-link',
                     'url': _url,
                     'id-repr': issue_id,
                     'issue-prefix': entry['pref'],
                     'serv': entry['url'],
                 }
                 if return_raw_data:
                     return {
                         'id': issue_id,
                         'url': _url
                     }
                 return tmpl % data
             def process_patterns(text_string, repo_name, link_format='html'):
                 allowed_formats = ['html', 'rst', 'markdown']
                 if link_format not in allowed_formats:
                     raise ValueError('Link format can be only one of:{} got {}'.format(
                                      allowed_formats, link_format))
                 repo = None
                 if repo_name:
                     # Retrieving repo_name to avoid invalid repo_name to explode on
                     # IssueTrackerSettingsModel but still passing invalid name further down
                     repo = Repository.get_by_repo_name(repo_name, cache=True)
                 settings_model = IssueTrackerSettingsModel(repo=repo)
                 active_entries = settings_model.get_settings(cache=True)
                 issues_data = []
                 newtext = text_string
                 for uid, entry in active_entries.items():
                     log.debug('found issue tracker entry with uid %s' % (uid,))
                     if not (entry['pat'] and entry['url']):
                         log.debug('skipping due to missing data')
                         continue
                     log.debug('issue tracker entry: uid: `%s` PAT:%s URL:%s PREFIX:%s'
                               % (uid, entry['pat'], entry['url'], entry['pref']))
                     try:
                         pattern = re.compile(r'%s' % entry['pat'])
                     except re.error:
                         log.exception(
                             'issue tracker pattern: `%s` failed to compile',
                             entry['pat'])
                         continue
                     data_func = partial(
                         _process_url_func, repo_name=repo_name, entry=entry, uid=uid,
                         return_raw_data=True)
                     for match_obj in pattern.finditer(text_string):
                         issues_data.append(data_func(match_obj))
                     url_func = partial(
                         _process_url_func, repo_name=repo_name, entry=entry, uid=uid,
                         link_format=link_format)
                     newtext = pattern.sub(url_func, newtext)
                     log.debug('processed prefix:uid `%s`' % (uid,))
                 return newtext, issues_data
             def urlify_commit_message(commit_text, repository=None):
                 """
                 Parses given text message and makes proper links.
                 issues are linked to given issue-server, and rest is a commit link
                 :param commit_text:
                 :param repository:
                 """
                 from pylons import url  # doh, we need to re-import url to mock it later
                 def escaper(string):
                     return string.replace('<', '&lt;').replace('>', '&gt;')
                 newtext = escaper(commit_text)
                 # extract http/https links and make them real urls
                 newtext = urlify_text(newtext, safe=False)
                 # urlify commits - extract commit ids and make link out of them, if we have
                 # the scope of repository present.
                 if repository:
                     newtext = urlify_commits(newtext, repository)
                 # process issue tracker patterns
                 newtext, issues = process_patterns(newtext, repository or '')
                 return literal(newtext)
             def render_binary(repo_name, file_obj):
                 """
                 Choose how to render a binary file
                 """
                 filename = file_obj.name
                 # images
                 for ext in ['*.png', '*.jpg', '*.ico', '*.gif']:
                     if fnmatch.fnmatch(filename, pat=ext):
                         alt = filename
                         src = url('files_raw_home', repo_name=repo_name,
                                   revision=file_obj.commit.raw_id, f_path=file_obj.path)
                         return literal('<img class="rendered-binary" alt="{}" src="{}">'.format(alt, src))
             def renderer_from_filename(filename, exclude=None):
                 """
                 choose a renderer based on filename, this works only for text based files
                 """
                 # ipython
                 for ext in ['*.ipynb']:
                     if fnmatch.fnmatch(filename, pat=ext):
                         return 'jupyter'
                 is_markup = MarkupRenderer.renderer_from_filename(filename, exclude=exclude)
                 if is_markup:
                     return is_markup
                 return None
             def render(source, renderer='rst', mentions=False, relative_url=None,
                        repo_name=None):
                 def maybe_convert_relative_links(html_source):
                     if relative_url:
                         return relative_links(html_source, relative_url)
                     return html_source
                 if renderer == 'rst':
                     if repo_name:
                         # process patterns on comments if we pass in repo name
                         source, issues = process_patterns(
                             source, repo_name, link_format='rst')
                     return literal(
                         '<div class="rst-block">%s</div>' %
                         maybe_convert_relative_links(
                             MarkupRenderer.rst(source, mentions=mentions)))
                 elif renderer == 'markdown':
                     if repo_name:
                         # process patterns on comments if we pass in repo name
                         source, issues = process_patterns(
                             source, repo_name, link_format='markdown')
                     return literal(
                         '<div class="markdown-block">%s</div>' %
                         maybe_convert_relative_links(
                             MarkupRenderer.markdown(source, flavored=True,
                                                     mentions=mentions)))
                 elif renderer == 'jupyter':
                     return literal(
                         '<div class="ipynb">%s</div>' %
                         maybe_convert_relative_links(
                             MarkupRenderer.jupyter(source)))
                 # None means just show the file-source
                 return None
             def commit_status(repo, commit_id):
                 return ChangesetStatusModel().get_status(repo, commit_id)
             def commit_status_lbl(commit_status):
                 return dict(ChangesetStatus.STATUSES).get(commit_status)
             def commit_time(repo_name, commit_id):
                 repo = Repository.get_by_repo_name(repo_name)
                 commit = repo.get_commit(commit_id=commit_id)
                 return commit.date
             def get_permission_name(key):
                 return dict(Permission.PERMS).get(key)
             def journal_filter_help():
                 return _(
                     'Example filter terms:\n' +
                     '     repository:vcs\n' +
                     '     username:marcin\n' +
                     '     action:*push*\n' +
                     '     ip:127.0.0.1\n' +
                     '     date:20120101\n' +
                     '     date:[20120101100000 TO 20120102]\n' +
                     '\n' +
                     'Generate wildcards using \'*\' character:\n' +
                     '     "repository:vcs*" - search everything starting with \'vcs\'\n' +
                     '     "repository:*vcs*" - search for repository containing \'vcs\'\n' +
                     '\n' +
                     'Optional AND / OR operators in queries\n' +
                     '     "repository:vcs OR repository:test"\n' +
                     '     "username:test AND repository:test*"\n'
                 )
             def search_filter_help(searcher):
                 terms = ''
                 return _(
                     'Example filter terms for `{searcher}` search:\n' +
                     '{terms}\n' +
                     'Generate wildcards using \'*\' character:\n' +
                     '     "repo_name:vcs*" - search everything starting with \'vcs\'\n' +
                     '     "repo_name:*vcs*" - search for repository containing \'vcs\'\n' +
                     '\n' +
                     'Optional AND / OR operators in queries\n' +
                     '     "repo_name:vcs OR repo_name:test"\n' +
                     '     "owner:test AND repo_name:test*"\n' +
                     'More: {search_doc}'
                 ).format(searcher=searcher.name,
                          terms=terms, search_doc=searcher.query_lang_doc)
             def not_mapped_error(repo_name):
                 flash(_('%s repository is not mapped to db perhaps'
                         ' it was created or renamed from the filesystem'
                         ' please run the application again'
                         ' in order to rescan repositories') % repo_name, category='error')
             def ip_range(ip_addr):
                 from rhodecode.model.db import UserIpMap
                 s, e = UserIpMap._get_ip_range(ip_addr)
                 return '%s - %s' % (s, e)
             def form(url, method='post', needs_csrf_token=True, **attrs):
                 """Wrapper around webhelpers.tags.form to prevent CSRF attacks."""
                 if method.lower() != 'get' and needs_csrf_token:
                     raise Exception(
                         'Forms to POST/PUT/DELETE endpoints should have (in general) a ' +
                         'CSRF token. If the endpoint does not require such token you can ' +
                         'explicitly set the parameter needs_csrf_token to false.')
                 return wh_form(url, method=method, **attrs)
             def secure_form(url, method="POST", multipart=False, **attrs):
                 """Start a form tag that points the action to an url. This
                 form tag will also include the hidden field containing
                 the auth token.
                 The url options should be given either as a string, or as a
                 ``url()`` function. The method for the form defaults to POST.
                 Options:
                 ``multipart``
                     If set to True, the enctype is set to "multipart/form-data".
                 ``method``
                     The method to use when submitting the form, usually either
                     "GET" or "POST". If "PUT", "DELETE", or another verb is used, a
                     hidden input with name _method is added to simulate the verb
                     over POST.
                 """
                 from webhelpers.pylonslib.secure_form import insecure_form
                 form = insecure_form(url, method, multipart, **attrs)
                 token = csrf_input()
                 return literal("%s\n%s" % (form, token))
             def csrf_input():
                 return literal(
                     '<input type="hidden" id="{}" name="{}" value="{}">'.format(
                     csrf_token_key, csrf_token_key, get_csrf_token()))
             def dropdownmenu(name, selected, options, enable_filter=False, **attrs):
                 select_html = select(name, selected, options, **attrs)
                 select2 = """
                     <script>
                         $(document).ready(function() {
                               $('#%s').select2({
                                   containerCssClass: 'drop-menu',
                                   dropdownCssClass: 'drop-menu-dropdown',
                                   dropdownAutoWidth: true%s
                               });
                         });
                     </script>
                 """
                 filter_option = """,
                                     minimumResultsForSearch: -1
                 """
                 input_id = attrs.get('id') or name
                 filter_enabled = "" if enable_filter else filter_option
                 select_script = literal(select2 % (input_id, filter_enabled))
                 return literal(select_html+select_script)
             def get_visual_attr(tmpl_context_var, attr_name):
                 """
                 A safe way to get a variable from visual variable of template context
                 :param tmpl_context_var: instance of tmpl_context, usually present as `c`
                 :param attr_name: name of the attribute we fetch from the c.visual
                 """
                 visual = getattr(tmpl_context_var, 'visual', None)
                 if not visual:
                     return
                 else:
                     return getattr(visual, attr_name, None)
             def get_last_path_part(file_node):
                 if not file_node.path:
                     return u''
                 path = safe_unicode(file_node.path.split('/')[-1])
                 return u'../' + path
-            def route_url(*args, **kwds):
+            def route_url(*args, **kwargs):
                 """
                 Wrapper around pyramids `route_url` (fully qualified url) function.
                 It is used to generate URLs from within pylons views or templates.
                 This will be removed when pyramid migration if finished.
                 """
                 req = get_current_request()
-                return req.route_url(*args, **kwds)
+                return req.route_url(*args, **kwargs)
-            def route_path(*args, **kwds):
+            def route_path(*args, **kwargs):
                 """
                 Wrapper around pyramids `route_path` function. It is used to generate
                 URLs from within pylons views or templates. This will be removed when
                 pyramid migration if finished.
                 """
                 req = get_current_request()
-                return req.route_path(*args, **kwds)
+                return req.route_path(*args, **kwargs)
             def route_path_or_none(*args, **kwargs):
                 try:
                     return route_path(*args, **kwargs)
                 except KeyError:
                     return None
             def static_url(*args, **kwds):
                 """
                 Wrapper around pyramids `route_path` function. It is used to generate
                 URLs from within pylons views or templates. This will be removed when
                 pyramid migration if finished.
                 """
                 req = get_current_request()
                 return req.static_url(*args, **kwds)
             def resource_path(*args, **kwds):
                 """
                 Wrapper around pyramids `route_path` function. It is used to generate
                 URLs from within pylons views or templates. This will be removed when
                 pyramid migration if finished.
                 """
                 req = get_current_request()
                 return req.resource_path(*args, **kwds)
             def api_call_example(method, args):
                 """
                 Generates an API call example via CURL
                 """
                 args_json = json.dumps(OrderedDict([
                     ('id', 1),
                     ('auth_token', 'SECRET'),
                     ('method', method),
                     ('args', args)
                 ]))
                 return literal(
                     "curl {api_url} -X POST -H 'content-type:text/plain' --data-binary '{data}'"
                     "<br/><br/>SECRET can be found in <a href=\"{token_url}\">auth-tokens</a> page, "
                     "and needs to be of `api calls` role."
                     .format(
                         api_url=route_url('apiv2'),
                         token_url=route_url('my_account_auth_tokens'),
                         data=args_json))

rhodecode/lib/utils.py

0 +4 -3

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             Utilities library for RhodeCode
             """
             import datetime
             import decorator
             import json
             import logging
             import os
             import re
             import shutil
             import tempfile
             import traceback
             import tarfile
             import warnings
             import hashlib
             from os.path import join as jn
             import paste
             import pkg_resources
             from paste.script.command import Command, BadCommand
             from webhelpers.text import collapse, remove_formatting, strip_tags
             from mako import exceptions
             from pyramid.threadlocal import get_current_registry
             from pyramid.request import Request
             from rhodecode.lib.fakemod import create_module
             from rhodecode.lib.vcs.backends.base import Config
             from rhodecode.lib.vcs.exceptions import VCSError
             from rhodecode.lib.vcs.utils.helpers import get_scm, get_scm_backend
             from rhodecode.lib.utils2 import (
                 safe_str, safe_unicode, get_current_rhodecode_user, md5)
             from rhodecode.model import meta
             from rhodecode.model.db import (
                 Repository, User, RhodeCodeUi, UserLog, RepoGroup, UserGroup)
             from rhodecode.model.meta import Session
             log = logging.getLogger(__name__)
             REMOVED_REPO_PAT = re.compile(r'rm__\d{8}_\d{6}_\d{6}__.*')
             # String which contains characters that are not allowed in slug names for
             # repositories or repository groups. It is properly escaped to use it in
             # regular expressions.
             SLUG_BAD_CHARS = re.escape('`?=[]\;\'"<>,/~!@#$%^&*()+{}|:')
             # Regex that matches forbidden characters in repo/group slugs.
             SLUG_BAD_CHAR_RE = re.compile('[{}]'.format(SLUG_BAD_CHARS))
             # Regex that matches allowed characters in repo/group slugs.
             SLUG_GOOD_CHAR_RE = re.compile('[^{}]'.format(SLUG_BAD_CHARS))
             # Regex that matches whole repo/group slugs.
             SLUG_RE = re.compile('[^{}]+'.format(SLUG_BAD_CHARS))
             _license_cache = None
             def repo_name_slug(value):
                 """
                 Return slug of name of repository
                 This function is called on each creation/modification
                 of repository to prevent bad names in repo
                 """
                 replacement_char = '-'
                 slug = remove_formatting(value)
                 slug = SLUG_BAD_CHAR_RE.sub('', slug)
                 slug = re.sub('[\s]+', '-', slug)
                 slug = collapse(slug, replacement_char)
                 return slug
             #==============================================================================
             # PERM DECORATOR HELPERS FOR EXTRACTING NAMES FOR PERM CHECKS
             #==============================================================================
             def get_repo_slug(request):
-                if isinstance(request, Request) and getattr(request, 'matchdict', None):
+                if isinstance(request, Request) and getattr(request, 'db_repo', None):
                     # pyramid
-                    _repo = request.matchdict.get('repo_name')
+                    _repo = request.db_repo.repo_name
                 else:
+                    # TODO(marcink): remove after pylons migration...
                     _repo = request.environ['pylons.routes_dict'].get('repo_name')
                 if _repo:
                     _repo = _repo.rstrip('/')
                 return _repo
             def get_repo_group_slug(request):
                 if isinstance(request, Request) and getattr(request, 'matchdict', None):
                     # pyramid
-                    _group = request.matchdict.get('group_name')
+                    _group = request.matchdict.get('repo_group_name')
                 else:
                     _group = request.environ['pylons.routes_dict'].get('group_name')
                 if _group:
                     _group = _group.rstrip('/')
                 return _group
             def get_user_group_slug(request):
                 if isinstance(request, Request) and getattr(request, 'matchdict', None):
                     # pyramid
                     _group = request.matchdict.get('user_group_id')
                 else:
                     _group = request.environ['pylons.routes_dict'].get('user_group_id')
                 try:
                     _group = UserGroup.get(_group)
                     if _group:
                         _group = _group.users_group_name
                 except Exception:
                     log.debug(traceback.format_exc())
                     # catch all failures here
                     pass
                 return _group
             def action_logger(user, action, repo, ipaddr='', sa=None, commit=False):
                 """
                 Action logger for various actions made by users
                 :param user: user that made this action, can be a unique username string or
                     object containing user_id attribute
                 :param action: action to log, should be on of predefined unique actions for
                     easy translations
                 :param repo: string name of repository or object containing repo_id,
                     that action was made on
                 :param ipaddr: optional ip address from what the action was made
                 :param sa: optional sqlalchemy session
                 """
                 if not sa:
                     sa = meta.Session()
                 # if we don't get explicit IP address try to get one from registered user
                 # in tmpl context var
                 if not ipaddr:
                     ipaddr = getattr(get_current_rhodecode_user(), 'ip_addr', '')
                 try:
                     if getattr(user, 'user_id', None):
                         user_obj = User.get(user.user_id)
                     elif isinstance(user, basestring):
                         user_obj = User.get_by_username(user)
                     else:
                         raise Exception('You have to provide a user object or a username')
                     if getattr(repo, 'repo_id', None):
                         repo_obj = Repository.get(repo.repo_id)
                         repo_name = repo_obj.repo_name
                     elif isinstance(repo, basestring):
                         repo_name = repo.lstrip('/')
                         repo_obj = Repository.get_by_repo_name(repo_name)
                     else:
                         repo_obj = None
                         repo_name = ''
                     user_log = UserLog()
                     user_log.user_id = user_obj.user_id
                     user_log.username = user_obj.username
                     action = safe_unicode(action)
                     user_log.action = action[:1200000]
                     user_log.repository = repo_obj
                     user_log.repository_name = repo_name
                     user_log.action_date = datetime.datetime.now()
                     user_log.user_ip = ipaddr
                     sa.add(user_log)
                     log.info('Logging action:`%s` on repo:`%s` by user:%s ip:%s',
                              action, safe_unicode(repo), user_obj, ipaddr)
                     if commit:
                         sa.commit()
                 except Exception:
                     log.error(traceback.format_exc())
                     raise
             def get_filesystem_repos(path, recursive=False, skip_removed_repos=True):
                 """
                 Scans given path for repos and return (name,(type,path)) tuple
                 :param path: path to scan for repositories
                 :param recursive: recursive search and return names with subdirs in front
                 """
                 # remove ending slash for better results
                 path = path.rstrip(os.sep)
                 log.debug('now scanning in %s location recursive:%s...', path, recursive)
                 def _get_repos(p):
                     dirpaths = _get_dirpaths(p)
                     if not _is_dir_writable(p):
                         log.warning('repo path without write access: %s', p)
                     for dirpath in dirpaths:
                         if os.path.isfile(os.path.join(p, dirpath)):
                             continue
                         cur_path = os.path.join(p, dirpath)
                         # skip removed repos
                         if skip_removed_repos and REMOVED_REPO_PAT.match(dirpath):
                             continue
                         #skip .<somethin> dirs
                         if dirpath.startswith('.'):
                             continue
                         try:
                             scm_info = get_scm(cur_path)
                             yield scm_info[1].split(path, 1)[-1].lstrip(os.sep), scm_info
                         except VCSError:
                             if not recursive:
                                 continue
                             #check if this dir containts other repos for recursive scan
                             rec_path = os.path.join(p, dirpath)
                             if os.path.isdir(rec_path):
                                 for inner_scm in _get_repos(rec_path):
                                     yield inner_scm
                 return _get_repos(path)
             def _get_dirpaths(p):
                 try:
                     # OS-independable way of checking if we have at least read-only
                     # access or not.
                     dirpaths = os.listdir(p)
                 except OSError:
                     log.warning('ignoring repo path without read access: %s', p)
                     return []
                 # os.listpath has a tweak: If a unicode is passed into it, then it tries to
                 # decode paths and suddenly returns unicode objects itself. The items it
                 # cannot decode are returned as strings and cause issues.
                 #
                 # Those paths are ignored here until a solid solution for path handling has
                 # been built.
                 expected_type = type(p)
                 def _has_correct_type(item):
                     if type(item) is not expected_type:
                         log.error(
                             u"Ignoring path %s since it cannot be decoded into unicode.",
                             # Using "repr" to make sure that we see the byte value in case
                             # of support.
                             repr(item))
                         return False
                     return True
                 dirpaths = [item for item in dirpaths if _has_correct_type(item)]
                 return dirpaths
             def _is_dir_writable(path):
                 """
                 Probe if `path` is writable.
                 Due to trouble on Cygwin / Windows, this is actually probing if it is
                 possible to create a file inside of `path`, stat does not produce reliable
                 results in this case.
                 """
                 try:
                     with tempfile.TemporaryFile(dir=path):
                         pass
                 except OSError:
                     return False
                 return True
             def is_valid_repo(repo_name, base_path, expect_scm=None, explicit_scm=None):
                 """
                 Returns True if given path is a valid repository False otherwise.
                 If expect_scm param is given also, compare if given scm is the same
                 as expected from scm parameter. If explicit_scm is given don't try to
                 detect the scm, just use the given one to check if repo is valid
                 :param repo_name:
                 :param base_path:
                 :param expect_scm:
                 :param explicit_scm:
                 :return True: if given path is a valid repository
                 """
                 full_path = os.path.join(safe_str(base_path), safe_str(repo_name))
                 log.debug('Checking if `%s` is a valid path for repository. '
                           'Explicit type: %s', repo_name, explicit_scm)
                 try:
                     if explicit_scm:
                         detected_scms = [get_scm_backend(explicit_scm)]
                     else:
                         detected_scms = get_scm(full_path)
                     if expect_scm:
                         return detected_scms[0] == expect_scm
                     log.debug('path: %s is an vcs object:%s', full_path, detected_scms)
                     return True
                 except VCSError:
                     log.debug('path: %s is not a valid repo !', full_path)
                     return False
             def is_valid_repo_group(repo_group_name, base_path, skip_path_check=False):
                 """
                 Returns True if given path is a repository group, False otherwise
                 :param repo_name:
                 :param base_path:
                 """
                 full_path = os.path.join(safe_str(base_path), safe_str(repo_group_name))
                 log.debug('Checking if `%s` is a valid path for repository group',
                           repo_group_name)
                 # check if it's not a repo
                 if is_valid_repo(repo_group_name, base_path):
                     log.debug('Repo called %s exist, it is not a valid '
                               'repo group' % repo_group_name)
                     return False
                 try:
                     # we need to check bare git repos at higher level
                     # since we might match branches/hooks/info/objects or possible
                     # other things inside bare git repo
                     scm_ = get_scm(os.path.dirname(full_path))
                     log.debug('path: %s is a vcs object:%s, not valid '
                               'repo group' % (full_path, scm_))
                     return False
                 except VCSError:
                     pass
                 # check if it's a valid path
                 if skip_path_check or os.path.isdir(full_path):
                     log.debug('path: %s is a valid repo group !', full_path)
                     return True
                 log.debug('path: %s is not a valid repo group !', full_path)
                 return False
             def ask_ok(prompt, retries=4, complaint='[y]es or [n]o please!'):
                 while True:
                     ok = raw_input(prompt)
                     if ok.lower() in ('y', 'ye', 'yes'):
                         return True
                     if ok.lower() in ('n', 'no', 'nop', 'nope'):
                         return False
                     retries = retries - 1
                     if retries < 0:
                         raise IOError
                     print(complaint)
             # propagated from mercurial documentation
             ui_sections = [
                 'alias', 'auth',
                 'decode/encode', 'defaults',
                 'diff', 'email',
                 'extensions', 'format',
                 'merge-patterns', 'merge-tools',
                 'hooks', 'http_proxy',
                 'smtp', 'patch',
                 'paths', 'profiling',
                 'server', 'trusted',
                 'ui', 'web', ]
             def config_data_from_db(clear_session=True, repo=None):
                 """
                 Read the configuration data from the database and return configuration
                 tuples.
                 """
                 from rhodecode.model.settings import VcsSettingsModel
                 config = []
                 sa = meta.Session()
                 settings_model = VcsSettingsModel(repo=repo, sa=sa)
                 ui_settings = settings_model.get_ui_settings()
                 for setting in ui_settings:
                     if setting.active:
                         log.debug(
                             'settings ui from db: [%s] %s=%s',
                             setting.section, setting.key, setting.value)
                         config.append((
                             safe_str(setting.section), safe_str(setting.key),
                             safe_str(setting.value)))
                     if setting.key == 'push_ssl':
                         # force set push_ssl requirement to False, rhodecode
                         # handles that
                         config.append((
                             safe_str(setting.section), safe_str(setting.key), False))
                 if clear_session:
                     meta.Session.remove()
                 # TODO: mikhail: probably it makes no sense to re-read hooks information.
                 # It's already there and activated/deactivated
                 skip_entries = []
                 enabled_hook_classes = get_enabled_hook_classes(ui_settings)
                 if 'pull' not in enabled_hook_classes:
                     skip_entries.append(('hooks', RhodeCodeUi.HOOK_PRE_PULL))
                 if 'push' not in enabled_hook_classes:
                     skip_entries.append(('hooks', RhodeCodeUi.HOOK_PRE_PUSH))
                     skip_entries.append(('hooks', RhodeCodeUi.HOOK_PRETX_PUSH))
                     skip_entries.append(('hooks', RhodeCodeUi.HOOK_PUSH_KEY))
                 config = [entry for entry in config if entry[:2] not in skip_entries]
                 return config
             def make_db_config(clear_session=True, repo=None):
                 """
                 Create a :class:`Config` instance based on the values in the database.
                 """
                 config = Config()
                 config_data = config_data_from_db(clear_session=clear_session, repo=repo)
                 for section, option, value in config_data:
                     config.set(section, option, value)
                 return config
             def get_enabled_hook_classes(ui_settings):
                 """
                 Return the enabled hook classes.
                 :param ui_settings: List of ui_settings as returned
                     by :meth:`VcsSettingsModel.get_ui_settings`
                 :return: a list with the enabled hook classes. The order is not guaranteed.
                 :rtype: list
                 """
                 enabled_hooks = []
                 active_hook_keys = [
                     key for section, key, value, active in ui_settings
                     if section == 'hooks' and active]
                 hook_names = {
                     RhodeCodeUi.HOOK_PUSH: 'push',
                     RhodeCodeUi.HOOK_PULL: 'pull',
                     RhodeCodeUi.HOOK_REPO_SIZE: 'repo_size'
                 }
                 for key in active_hook_keys:
                     hook = hook_names.get(key)
                     if hook:
                         enabled_hooks.append(hook)
                 return enabled_hooks
             def set_rhodecode_config(config):
                 """
                 Updates pylons config with new settings from database
                 :param config:
                 """
                 from rhodecode.model.settings import SettingsModel
                 app_settings = SettingsModel().get_all_settings()
                 for k, v in app_settings.items():
                     config[k] = v
             def get_rhodecode_realm():
                 """
                 Return the rhodecode realm from database.
                 """
                 from rhodecode.model.settings import SettingsModel
                 realm = SettingsModel().get_setting_by_name('realm')
                 return safe_str(realm.app_settings_value)
             def get_rhodecode_base_path():
                 """
                 Returns the base path. The base path is the filesystem path which points
                 to the repository store.
                 """
                 from rhodecode.model.settings import SettingsModel
                 paths_ui = SettingsModel().get_ui_by_section_and_key('paths', '/')
                 return safe_str(paths_ui.ui_value)
             def map_groups(path):
                 """
                 Given a full path to a repository, create all nested groups that this
                 repo is inside. This function creates parent-child relationships between
                 groups and creates default perms for all new groups.
                 :param paths: full path to repository
                 """
                 from rhodecode.model.repo_group import RepoGroupModel
                 sa = meta.Session()
                 groups = path.split(Repository.NAME_SEP)
                 parent = None
                 group = None
                 # last element is repo in nested groups structure
                 groups = groups[:-1]
                 rgm = RepoGroupModel(sa)
                 owner = User.get_first_super_admin()
                 for lvl, group_name in enumerate(groups):
                     group_name = '/'.join(groups[:lvl] + [group_name])
                     group = RepoGroup.get_by_group_name(group_name)
                     desc = '%s group' % group_name
                     # skip folders that are now removed repos
                     if REMOVED_REPO_PAT.match(group_name):
                         break
                     if group is None:
                         log.debug('creating group level: %s group_name: %s',
                                    lvl, group_name)
                         group = RepoGroup(group_name, parent)
                         group.group_description = desc
                         group.user = owner
                         sa.add(group)
                         perm_obj = rgm._create_default_perms(group)
                         sa.add(perm_obj)
                         sa.flush()
                     parent = group
                 return group
             def repo2db_mapper(initial_repo_list, remove_obsolete=False):
                 """
                 maps all repos given in initial_repo_list, non existing repositories
                 are created, if remove_obsolete is True it also checks for db entries
                 that are not in initial_repo_list and removes them.
                 :param initial_repo_list: list of repositories found by scanning methods
                 :param remove_obsolete: check for obsolete entries in database
                 """
                 from rhodecode.model.repo import RepoModel
                 from rhodecode.model.scm import ScmModel
                 from rhodecode.model.repo_group import RepoGroupModel
                 from rhodecode.model.settings import SettingsModel
                 sa = meta.Session()
                 repo_model = RepoModel()
                 user = User.get_first_super_admin()
                 added = []
                 # creation defaults
                 defs = SettingsModel().get_default_repo_settings(strip_prefix=True)
                 enable_statistics = defs.get('repo_enable_statistics')
                 enable_locking = defs.get('repo_enable_locking')
                 enable_downloads = defs.get('repo_enable_downloads')
                 private = defs.get('repo_private')
                 for name, repo in initial_repo_list.items():
                     group = map_groups(name)
                     unicode_name = safe_unicode(name)
                     db_repo = repo_model.get_by_repo_name(unicode_name)
                     # found repo that is on filesystem not in RhodeCode database
                     if not db_repo:
                         log.info('repository %s not found, creating now', name)
                         added.append(name)
                         desc = (repo.description
                                 if repo.description != 'unknown'
                                 else '%s repository' % name)
                         db_repo = repo_model._create_repo(
                             repo_name=name,
                             repo_type=repo.alias,
                             description=desc,
                             repo_group=getattr(group, 'group_id', None),
                             owner=user,
                             enable_locking=enable_locking,
                             enable_downloads=enable_downloads,
                             enable_statistics=enable_statistics,
                             private=private,
                             state=Repository.STATE_CREATED
                         )
                         sa.commit()
                         # we added that repo just now, and make sure we updated server info
                         if db_repo.repo_type == 'git':
                             git_repo = db_repo.scm_instance()
                             # update repository server-info
                             log.debug('Running update server info')
                             git_repo._update_server_info()
                         db_repo.update_commit_cache()
                     config = db_repo._config
                     config.set('extensions', 'largefiles', '')
                     ScmModel().install_hooks(
                         db_repo.scm_instance(config=config),
                         repo_type=db_repo.repo_type)
                 removed = []
                 if remove_obsolete:
                     # remove from database those repositories that are not in the filesystem
                     for repo in sa.query(Repository).all():
                         if repo.repo_name not in initial_repo_list.keys():
                             log.debug("Removing non-existing repository found in db `%s`",
                                       repo.repo_name)
                             try:
                                 RepoModel(sa).delete(repo, forks='detach', fs_remove=False)
                                 sa.commit()
                                 removed.append(repo.repo_name)
                             except Exception:
                                 # don't hold further removals on error
                                 log.error(traceback.format_exc())
                                 sa.rollback()
                     def splitter(full_repo_name):
                         _parts = full_repo_name.rsplit(RepoGroup.url_sep(), 1)
                         gr_name = None
                         if len(_parts) == 2:
                             gr_name = _parts[0]
                         return gr_name
                     initial_repo_group_list = [splitter(x) for x in
                                                initial_repo_list.keys() if splitter(x)]
                     # remove from database those repository groups that are not in the
                     # filesystem due to parent child relationships we need to delete them
                     # in a specific order of most nested first
                     all_groups = [x.group_name for x in sa.query(RepoGroup).all()]
                     nested_sort = lambda gr: len(gr.split('/'))
                     for group_name in sorted(all_groups, key=nested_sort, reverse=True):
                         if group_name not in initial_repo_group_list:
                             repo_group = RepoGroup.get_by_group_name(group_name)
                             if (repo_group.children.all() or
                                 not RepoGroupModel().check_exist_filesystem(
                                     group_name=group_name, exc_on_failure=False)):
                                 continue
                             log.info(
                                 'Removing non-existing repository group found in db `%s`',
                                 group_name)
                             try:
                                 RepoGroupModel(sa).delete(group_name, fs_remove=False)
                                 sa.commit()
                                 removed.append(group_name)
                             except Exception:
                                 # don't hold further removals on error
                                 log.exception(
                                     'Unable to remove repository group `%s`',
                                     group_name)
                                 sa.rollback()
                                 raise
                 return added, removed
             def get_default_cache_settings(settings):
                 cache_settings = {}
                 for key in settings.keys():
                     for prefix in ['beaker.cache.', 'cache.']:
                         if key.startswith(prefix):
                             name = key.split(prefix)[1].strip()
                             cache_settings[name] = settings[key].strip()
                 return cache_settings
             # set cache regions for beaker so celery can utilise it
             def add_cache(settings):
                 from rhodecode.lib import caches
                 cache_settings = {'regions': None}
                 # main cache settings used as default ...
                 cache_settings.update(get_default_cache_settings(settings))
                 if cache_settings['regions']:
                     for region in cache_settings['regions'].split(','):
                         region = region.strip()
                         region_settings = {}
                         for key, value in cache_settings.items():
                             if key.startswith(region):
                                 region_settings[key.split('.')[1]] = value
                         caches.configure_cache_region(
                             region, region_settings, cache_settings)
             def load_rcextensions(root_path):
                 import rhodecode
                 from rhodecode.config import conf
                 path = os.path.join(root_path, 'rcextensions', '__init__.py')
                 if os.path.isfile(path):
                     rcext = create_module('rc', path)
                     EXT = rhodecode.EXTENSIONS = rcext
                     log.debug('Found rcextensions now loading %s...', rcext)
                     # Additional mappings that are not present in the pygments lexers
                     conf.LANGUAGES_EXTENSIONS_MAP.update(getattr(EXT, 'EXTRA_MAPPINGS', {}))
                     # auto check if the module is not missing any data, set to default if is
                     # this will help autoupdate new feature of rcext module
                     #from rhodecode.config import rcextensions
                     #for k in dir(rcextensions):
                     #    if not k.startswith('_') and not hasattr(EXT, k):
                     #        setattr(EXT, k, getattr(rcextensions, k))
             def get_custom_lexer(extension):
                 """
                 returns a custom lexer if it is defined in rcextensions module, or None
                 if there's no custom lexer defined
                 """
                 import rhodecode
                 from pygments import lexers
                 # custom override made by RhodeCode
                 if extension in ['mako']:
                     return lexers.get_lexer_by_name('html+mako')
                 # check if we didn't define this extension as other lexer
                 extensions = rhodecode.EXTENSIONS and getattr(rhodecode.EXTENSIONS, 'EXTRA_LEXERS', None)
                 if extensions and extension in rhodecode.EXTENSIONS.EXTRA_LEXERS:
                     _lexer_name = rhodecode.EXTENSIONS.EXTRA_LEXERS[extension]
                     return lexers.get_lexer_by_name(_lexer_name)
             #==============================================================================
             # TEST FUNCTIONS AND CREATORS
             #==============================================================================
             def create_test_index(repo_location, config):
                 """
                 Makes default test index.
                 """
                 import rc_testdata
                 rc_testdata.extract_search_index(
                     'vcs_search_index', os.path.dirname(config['search.location']))
             def create_test_directory(test_path):
                 """
                 Create test directory if it doesn't exist.
                 """
                 if not os.path.isdir(test_path):
                     log.debug('Creating testdir %s', test_path)
                     os.makedirs(test_path)
             def create_test_database(test_path, config):
                 """
                 Makes a fresh database.
                 """
                 from rhodecode.lib.db_manage import DbManage
                 # PART ONE create db
                 dbconf = config['sqlalchemy.db1.url']
                 log.debug('making test db %s', dbconf)
                 dbmanage = DbManage(log_sql=False, dbconf=dbconf, root=config['here'],
                                     tests=True, cli_args={'force_ask': True})
                 dbmanage.create_tables(override=True)
                 dbmanage.set_db_version()
                 # for tests dynamically set new root paths based on generated content
                 dbmanage.create_settings(dbmanage.config_prompt(test_path))
                 dbmanage.create_default_user()
                 dbmanage.create_test_admin_and_users()
                 dbmanage.create_permissions()
                 dbmanage.populate_default_permissions()
                 Session().commit()
             def create_test_repositories(test_path, config):
                 """
                 Creates test repositories in the temporary directory. Repositories are
                 extracted from archives within the rc_testdata package.
                 """
                 import rc_testdata
                 from rhodecode.tests import HG_REPO, GIT_REPO, SVN_REPO
                 log.debug('making test vcs repositories')
                 idx_path = config['search.location']
                 data_path = config['cache_dir']
                 # clean index and data
                 if idx_path and os.path.exists(idx_path):
                     log.debug('remove %s', idx_path)
                     shutil.rmtree(idx_path)
                 if data_path and os.path.exists(data_path):
                     log.debug('remove %s', data_path)
                     shutil.rmtree(data_path)
                 rc_testdata.extract_hg_dump('vcs_test_hg', jn(test_path, HG_REPO))
                 rc_testdata.extract_git_dump('vcs_test_git', jn(test_path, GIT_REPO))
                 # Note: Subversion is in the process of being integrated with the system,
                 # until we have a properly packed version of the test svn repository, this
                 # tries to copy over the repo from a package "rc_testdata"
                 svn_repo_path = rc_testdata.get_svn_repo_archive()
                 with tarfile.open(svn_repo_path) as tar:
                     tar.extractall(jn(test_path, SVN_REPO))
             #==============================================================================
             # PASTER COMMANDS
             #==============================================================================
             class BasePasterCommand(Command):
                 """
                 Abstract Base Class for paster commands.
                 The celery commands are somewhat aggressive about loading
                 celery.conf, and since our module sets the `CELERY_LOADER`
                 environment variable to our loader, we have to bootstrap a bit and
                 make sure we've had a chance to load the pylons config off of the
                 command line, otherwise everything fails.
                 """
                 min_args = 1
                 min_args_error = "Please provide a paster config file as an argument."
                 takes_config_file = 1
                 requires_config_file = True
                 def notify_msg(self, msg, log=False):
                     """Make a notification to user, additionally if logger is passed
                     it logs this action using given logger
                     :param msg: message that will be printed to user
                     :param log: logging instance, to use to additionally log this message
                     """
                     if log and isinstance(log, logging):
                         log(msg)
                 def run(self, args):
                     """
                     Overrides Command.run
                     Checks for a config file argument and loads it.
                     """
                     if len(args) < self.min_args:
                         raise BadCommand(
                             self.min_args_error % {'min_args': self.min_args,
                                                    'actual_args': len(args)})
                     # Decrement because we're going to lob off the first argument.
                     # @@ This is hacky
                     self.min_args -= 1
                     self.bootstrap_config(args[0])
                     self.update_parser()
                     return super(BasePasterCommand, self).run(args[1:])
                 def update_parser(self):
                     """
                     Abstract method.  Allows for the class' parser to be updated
                     before the superclass' `run` method is called.  Necessary to
                     allow options/arguments to be passed through to the underlying
                     celery command.
                     """
                     raise NotImplementedError("Abstract Method.")
                 def bootstrap_config(self, conf):
                     """
                     Loads the pylons configuration.
                     """
                     from pylons import config as pylonsconfig
                     self.path_to_ini_file = os.path.realpath(conf)
                     conf = paste.deploy.appconfig('config:' + self.path_to_ini_file)
                     pylonsconfig.init_app(conf.global_conf, conf.local_conf)
                 def _init_session(self):
                     """
                     Inits SqlAlchemy Session
                     """
                     logging.config.fileConfig(self.path_to_ini_file)
                     from pylons import config
                     from rhodecode.config.utils import initialize_database
                     # get to remove repos !!
                     add_cache(config)
                     initialize_database(config)
             @decorator.decorator
             def jsonify(func, *args, **kwargs):
                 """Action decorator that formats output for JSON
                 Given a function that will return content, this decorator will turn
                 the result into JSON, with a content-type of 'application/json' and
                 output it.
                 """
                 from pylons.decorators.util import get_pylons
                 from rhodecode.lib.ext_json import json
                 pylons = get_pylons(args)
                 pylons.response.headers['Content-Type'] = 'application/json; charset=utf-8'
                 data = func(*args, **kwargs)
                 if isinstance(data, (list, tuple)):
                     msg = "JSON responses with Array envelopes are susceptible to " \
                           "cross-site data leak attacks, see " \
                           "http://wiki.pylonshq.com/display/pylonsfaq/Warnings"
                     warnings.warn(msg, Warning, 2)
                     log.warning(msg)
                 log.debug("Returning JSON wrapped action output")
                 return json.dumps(data, encoding='utf-8')
             class PartialRenderer(object):
                 """
                 Partial renderer used to render chunks of html used in datagrids
                 use like::
                     _render = PartialRenderer('data_table/_dt_elements.mako')
                     _render('quick_menu', args, kwargs)
                     PartialRenderer.h,
                                     c,
                                     _,
                                     ungettext
                     are the template stuff initialized inside and can be re-used later
                 :param tmpl_name: template path relate to /templates/ dir
                 """
                 def __init__(self, tmpl_name):
                     import rhodecode
                     from pylons import request, tmpl_context as c
                     from pylons.i18n.translation import _, ungettext
                     from rhodecode.lib import helpers as h
                     self.tmpl_name = tmpl_name
                     self.rhodecode = rhodecode
                     self.c = c
                     self._ = _
                     self.ungettext = ungettext
                     self.h = h
                     self.request = request
                 def _mako_lookup(self):
                     _tmpl_lookup = self.rhodecode.CONFIG['pylons.app_globals'].mako_lookup
                     return _tmpl_lookup.get_template(self.tmpl_name)
                 def _update_kwargs_for_render(self, kwargs):
                     """
                     Inject params required for Mako rendering
                     """
                     _kwargs = {
                         '_': self._,
                         'h': self.h,
                         'c': self.c,
                         'request': self.request,
                         'ungettext': self.ungettext,
                     }
                     _kwargs.update(kwargs)
                     return _kwargs
                 def _render_with_exc(self, render_func, args, kwargs):
                     try:
                         return render_func.render(*args, **kwargs)
                     except:
                         log.error(exceptions.text_error_template().render())
                         raise
                 def _get_template(self, template_obj, def_name):
                     if def_name:
                         tmpl = template_obj.get_def(def_name)
                     else:
                         tmpl = template_obj
                     return tmpl
                 def render(self, def_name, *args, **kwargs):
                     lookup_obj = self._mako_lookup()
                     tmpl = self._get_template(lookup_obj, def_name=def_name)
                     kwargs = self._update_kwargs_for_render(kwargs)
                     return self._render_with_exc(tmpl, args, kwargs)
                 def __call__(self, tmpl, *args, **kwargs):
                     return self.render(tmpl, *args, **kwargs)
             def password_changed(auth_user, session):
                 # Never report password change in case of default user or anonymous user.
                 if auth_user.username == User.DEFAULT_USER or auth_user.user_id is None:
                     return False
                 password_hash = md5(auth_user.password) if auth_user.password else None
                 rhodecode_user = session.get('rhodecode_user', {})
                 session_password_hash = rhodecode_user.get('password', '')
                 return password_hash != session_password_hash
             def read_opensource_licenses():
                 global _license_cache
                 if not _license_cache:
                     licenses = pkg_resources.resource_string(
                         'rhodecode', 'config/licenses.json')
                     _license_cache = json.loads(licenses)
                 return _license_cache
             def get_registry(request):
                 """
                 Utility to get the pyramid registry from a request. During migration to
                 pyramid we sometimes want to use the pyramid registry from pylons context.
                 Therefore this utility returns `request.registry` for pyramid requests and
                 uses `get_current_registry()` for pylons requests.
                 """
                 try:
                     return request.registry
                 except AttributeError:
                     return get_current_registry()
             def generate_platform_uuid():
                 """
                 Generates platform UUID based on it's name
                 """
                 import platform
                 try:
                     uuid_list = [platform.platform()]
                     return hashlib.sha256(':'.join(uuid_list)).hexdigest()
                 except Exception as e:
                     log.error('Failed to generate host uuid: %s' % e)
                     return 'UNDEFINED'

rhodecode/lib/utils2.py

0 +2 -1

             # -*- coding: utf-8 -*-
             # Copyright (C) 2011-2017 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             Some simple helper functions
             """
             import collections
             import datetime
             import dateutil.relativedelta
             import hashlib
             import logging
             import re
             import sys
             import time
             import threading
             import urllib
             import urlobject
             import uuid
             import pygments.lexers
             import sqlalchemy
             import sqlalchemy.engine.url
             import webob
             import routes.util
             import rhodecode
             from rhodecode.translation import _, _pluralize
             def md5(s):
                 return hashlib.md5(s).hexdigest()
             def md5_safe(s):
                 return md5(safe_str(s))
             def __get_lem(extra_mapping=None):
                 """
                 Get language extension map based on what's inside pygments lexers
                 """
                 d = collections.defaultdict(lambda: [])
                 def __clean(s):
                     s = s.lstrip('*')
                     s = s.lstrip('.')
                     if s.find('[') != -1:
                         exts = []
                         start, stop = s.find('['), s.find(']')
                         for suffix in s[start + 1:stop]:
                             exts.append(s[:s.find('[')] + suffix)
                         return [e.lower() for e in exts]
                     else:
                         return [s.lower()]
                 for lx, t in sorted(pygments.lexers.LEXERS.items()):
                     m = map(__clean, t[-2])
                     if m:
                         m = reduce(lambda x, y: x + y, m)
                         for ext in m:
                             desc = lx.replace('Lexer', '')
                             d[ext].append(desc)
                 data = dict(d)
                 extra_mapping = extra_mapping or {}
                 if extra_mapping:
                     for k, v in extra_mapping.items():
                         if k not in data:
                             # register new mapping2lexer
                             data[k] = [v]
                 return data
             def str2bool(_str):
                 """
                 returns True/False value from given string, it tries to translate the
                 string into boolean
                 :param _str: string value to translate into boolean
                 :rtype: boolean
                 :returns: boolean from given string
                 """
                 if _str is None:
                     return False
                 if _str in (True, False):
                     return _str
                 _str = str(_str).strip().lower()
                 return _str in ('t', 'true', 'y', 'yes', 'on', '1')
             def aslist(obj, sep=None, strip=True):
                 """
                 Returns given string separated by sep as list
                 :param obj:
                 :param sep:
                 :param strip:
                 """
                 if isinstance(obj, (basestring,)):
                     lst = obj.split(sep)
                     if strip:
                         lst = [v.strip() for v in lst]
                     return lst
                 elif isinstance(obj, (list, tuple)):
                     return obj
                 elif obj is None:
                     return []
                 else:
                     return [obj]
             def convert_line_endings(line, mode):
                 """
                 Converts a given line  "line end" accordingly to given mode
                 Available modes are::
 - Unix
 - Mac
 - DOS
                 :param line: given line to convert
                 :param mode: mode to convert to
                 :rtype: str
                 :return: converted line according to mode
                 """
                 if mode == 0:
                     line = line.replace('\r\n', '\n')
                     line = line.replace('\r', '\n')
                 elif mode == 1:
                     line = line.replace('\r\n', '\r')
                     line = line.replace('\n', '\r')
                 elif mode == 2:
                     line = re.sub('\r(?!\n)|(?<!\r)\n', '\r\n', line)
                 return line
             def detect_mode(line, default):
                 """
                 Detects line break for given line, if line break couldn't be found
                 given default value is returned
                 :param line: str line
                 :param default: default
                 :rtype: int
                 :return: value of line end on of 0 - Unix, 1 - Mac, 2 - DOS
                 """
                 if line.endswith('\r\n'):
                     return 2
                 elif line.endswith('\n'):
                     return 0
                 elif line.endswith('\r'):
                     return 1
                 else:
                     return default
             def safe_int(val, default=None):
                 """
                 Returns int() of val if val is not convertable to int use default
                 instead
                 :param val:
                 :param default:
                 """
                 try:
                     val = int(val)
                 except (ValueError, TypeError):
                     val = default
                 return val
             def safe_unicode(str_, from_encoding=None):
                 """
                 safe unicode function. Does few trick to turn str_ into unicode
                 In case of UnicodeDecode error, we try to return it with encoding detected
                 by chardet library if it fails fallback to unicode with errors replaced
                 :param str_: string to decode
                 :rtype: unicode
                 :returns: unicode object
                 """
                 if isinstance(str_, unicode):
                     return str_
                 if not from_encoding:
                     DEFAULT_ENCODINGS = aslist(rhodecode.CONFIG.get('default_encoding',
                                                                     'utf8'), sep=',')
                     from_encoding = DEFAULT_ENCODINGS
                 if not isinstance(from_encoding, (list, tuple)):
                     from_encoding = [from_encoding]
                 try:
                     return unicode(str_)
                 except UnicodeDecodeError:
                     pass
                 for enc in from_encoding:
                     try:
                         return unicode(str_, enc)
                     except UnicodeDecodeError:
                         pass
                 try:
                     import chardet
                     encoding = chardet.detect(str_)['encoding']
                     if encoding is None:
                         raise Exception()
                     return str_.decode(encoding)
                 except (ImportError, UnicodeDecodeError, Exception):
                     return unicode(str_, from_encoding[0], 'replace')
             def safe_str(unicode_, to_encoding=None):
                 """
                 safe str function. Does few trick to turn unicode_ into string
                 In case of UnicodeEncodeError, we try to return it with encoding detected
                 by chardet library if it fails fallback to string with errors replaced
                 :param unicode_: unicode to encode
                 :rtype: str
                 :returns: str object
                 """
                 # if it's not basestr cast to str
                 if not isinstance(unicode_, basestring):
                     return str(unicode_)
                 if isinstance(unicode_, str):
                     return unicode_
                 if not to_encoding:
                     DEFAULT_ENCODINGS = aslist(rhodecode.CONFIG.get('default_encoding',
                                                                     'utf8'), sep=',')
                     to_encoding = DEFAULT_ENCODINGS
                 if not isinstance(to_encoding, (list, tuple)):
                     to_encoding = [to_encoding]
                 for enc in to_encoding:
                     try:
                         return unicode_.encode(enc)
                     except UnicodeEncodeError:
                         pass
                 try:
                     import chardet
                     encoding = chardet.detect(unicode_)['encoding']
                     if encoding is None:
                         raise UnicodeEncodeError()
                     return unicode_.encode(encoding)
                 except (ImportError, UnicodeEncodeError):
                     return unicode_.encode(to_encoding[0], 'replace')
             def remove_suffix(s, suffix):
                 if s.endswith(suffix):
                     s = s[:-1 * len(suffix)]
                 return s
             def remove_prefix(s, prefix):
                 if s.startswith(prefix):
                     s = s[len(prefix):]
                 return s
             def find_calling_context(ignore_modules=None):
                 """
                 Look through the calling stack and return the frame which called
                 this function and is part of core module ( ie. rhodecode.* )
                 :param ignore_modules: list of modules to ignore eg. ['rhodecode.lib']
                 """
                 ignore_modules = ignore_modules or []
                 f = sys._getframe(2)
                 while f.f_back is not None:
                     name = f.f_globals.get('__name__')
                     if name and name.startswith(__name__.split('.')[0]):
                         if name not in ignore_modules:
                             return f
                     f = f.f_back
                 return None
             def engine_from_config(configuration, prefix='sqlalchemy.', **kwargs):
                 """Custom engine_from_config functions."""
                 log = logging.getLogger('sqlalchemy.engine')
                 engine = sqlalchemy.engine_from_config(configuration, prefix, **kwargs)
                 def color_sql(sql):
                     color_seq = '\033[1;33m'  # This is yellow: code 33
                     normal = '\x1b[0m'
                     return ''.join([color_seq, sql, normal])
                 if configuration['debug']:
                     # attach events only for debug configuration
                     def before_cursor_execute(conn, cursor, statement,
                                               parameters, context, executemany):
                         setattr(conn, 'query_start_time', time.time())
                         log.info(color_sql(">>>>> STARTING QUERY >>>>>"))
                         calling_context = find_calling_context(ignore_modules=[
                             'rhodecode.lib.caching_query',
                             'rhodecode.model.settings',
                         ])
                         if calling_context:
                             log.info(color_sql('call context %s:%s' % (
                                 calling_context.f_code.co_filename,
                                 calling_context.f_lineno,
                             )))
                     def after_cursor_execute(conn, cursor, statement,
                                              parameters, context, executemany):
                         delattr(conn, 'query_start_time')
                     sqlalchemy.event.listen(engine, "before_cursor_execute",
                                             before_cursor_execute)
                     sqlalchemy.event.listen(engine, "after_cursor_execute",
                                             after_cursor_execute)
                 return engine
             def get_encryption_key(config):
                 secret = config.get('rhodecode.encrypted_values.secret')
                 default = config['beaker.session.secret']
                 return secret or default
             def age(prevdate, now=None, show_short_version=False, show_suffix=True,
                     short_format=False):
                 """
                 Turns a datetime into an age string.
                 If show_short_version is True, this generates a shorter string with
                 an approximate age; ex. '1 day ago', rather than '1 day and 23 hours ago'.
                 * IMPORTANT*
                 Code of this function is written in special way so it's easier to
                 backport it to javascript. If you mean to update it, please also update
                 `jquery.timeago-extension.js` file
                 :param prevdate: datetime object
                 :param now: get current time, if not define we use
                     `datetime.datetime.now()`
                 :param show_short_version: if it should approximate the date and
                     return a shorter string
                 :param show_suffix:
                 :param short_format: show short format, eg 2D instead of 2 days
                 :rtype: unicode
                 :returns: unicode words describing age
                 """
                 def _get_relative_delta(now, prevdate):
                     base = dateutil.relativedelta.relativedelta(now, prevdate)
                     return {
                         'year': base.years,
                         'month': base.months,
                         'day': base.days,
                         'hour': base.hours,
                         'minute': base.minutes,
                         'second': base.seconds,
                     }
                 def _is_leap_year(year):
                     return year % 4 == 0 and (year % 100 != 0 or year % 400 == 0)
                 def get_month(prevdate):
                     return prevdate.month
                 def get_year(prevdate):
                     return prevdate.year
                 now = now or datetime.datetime.now()
                 order = ['year', 'month', 'day', 'hour', 'minute', 'second']
                 deltas = {}
                 future = False
                 if prevdate > now:
                     now_old = now
                     now = prevdate
                     prevdate = now_old
                     future = True
                 if future:
                     prevdate = prevdate.replace(microsecond=0)
                 # Get date parts deltas
                 for part in order:
                     rel_delta = _get_relative_delta(now, prevdate)
                     deltas[part] = rel_delta[part]
                 # Fix negative offsets (there is 1 second between 10:59:59 and 11:00:00,
                 # not 1 hour, -59 minutes and -59 seconds)
                 offsets = [[5, 60], [4, 60], [3, 24]]
                 for element in offsets:  # seconds, minutes, hours
                     num = element[0]
                     length = element[1]
                     part = order[num]
                     carry_part = order[num - 1]
                     if deltas[part] < 0:
                         deltas[part] += length
                         deltas[carry_part] -= 1
                 # Same thing for days except that the increment depends on the (variable)
                 # number of days in the month
                 month_lengths = [31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31]
                 if deltas['day'] < 0:
                     if get_month(prevdate) == 2 and _is_leap_year(get_year(prevdate)):
                         deltas['day'] += 29
                     else:
                         deltas['day'] += month_lengths[get_month(prevdate) - 1]
                     deltas['month'] -= 1
                 if deltas['month'] < 0:
                     deltas['month'] += 12
                     deltas['year'] -= 1
                 # Format the result
                 if short_format:
                     fmt_funcs = {
                         'year': lambda d: u'%dy' % d,
                         'month': lambda d: u'%dm' % d,
                         'day': lambda d: u'%dd' % d,
                         'hour': lambda d: u'%dh' % d,
                         'minute': lambda d: u'%dmin' % d,
                         'second': lambda d: u'%dsec' % d,
                     }
                 else:
                     fmt_funcs = {
                         'year': lambda d: _pluralize(u'${num} year', u'${num} years', d, mapping={'num': d}).interpolate(),
                         'month': lambda d: _pluralize(u'${num} month', u'${num} months', d, mapping={'num': d}).interpolate(),
                         'day': lambda d: _pluralize(u'${num} day', u'${num} days', d, mapping={'num': d}).interpolate(),
                         'hour': lambda d: _pluralize(u'${num} hour', u'${num} hours', d, mapping={'num': d}).interpolate(),
                         'minute': lambda d: _pluralize(u'${num} minute', u'${num} minutes', d, mapping={'num': d}).interpolate(),
                         'second': lambda d: _pluralize(u'${num} second', u'${num} seconds', d, mapping={'num': d}).interpolate(),
                     }
                 i = 0
                 for part in order:
                     value = deltas[part]
                     if value != 0:
                         if i < 5:
                             sub_part = order[i + 1]
                             sub_value = deltas[sub_part]
                         else:
                             sub_value = 0
                         if sub_value == 0 or show_short_version:
                             _val = fmt_funcs[part](value)
                             if future:
                                 if show_suffix:
                                     return _(u'in ${ago}', mapping={'ago': _val})
                                 else:
                                     return _(_val)
                             else:
                                 if show_suffix:
                                     return _(u'${ago} ago', mapping={'ago': _val})
                                 else:
                                     return _(_val)
                         val = fmt_funcs[part](value)
                         val_detail = fmt_funcs[sub_part](sub_value)
                         mapping = {'val': val, 'detail': val_detail}
                         if short_format:
                             datetime_tmpl = _(u'${val}, ${detail}', mapping=mapping)
                             if show_suffix:
                                 datetime_tmpl = _(u'${val}, ${detail} ago', mapping=mapping)
                                 if future:
                                     datetime_tmpl = _(u'in ${val}, ${detail}', mapping=mapping)
                         else:
                             datetime_tmpl = _(u'${val} and ${detail}', mapping=mapping)
                             if show_suffix:
                                 datetime_tmpl = _(u'${val} and ${detail} ago', mapping=mapping)
                                 if future:
                                     datetime_tmpl = _(u'in ${val} and ${detail}', mapping=mapping)
                         return datetime_tmpl
                     i += 1
                 return _(u'just now')
             def cleaned_uri(uri):
                 """
                 Quotes '[' and ']' from uri if there is only one of them.
                     according to RFC3986 we cannot use such chars in uri
                 :param uri:
                 :return: uri without this chars
                 """
                 return urllib.quote(uri, safe='@$:/')
             def uri_filter(uri):
                 """
                 Removes user:password from given url string
                 :param uri:
                 :rtype: unicode
                 :returns: filtered list of strings
                 """
                 if not uri:
                     return ''
                 proto = ''
                 for pat in ('https://', 'http://'):
                     if uri.startswith(pat):
                         uri = uri[len(pat):]
                         proto = pat
                         break
                 # remove passwords and username
                 uri = uri[uri.find('@') + 1:]
                 # get the port
                 cred_pos = uri.find(':')
                 if cred_pos == -1:
                     host, port = uri, None
                 else:
                     host, port = uri[:cred_pos], uri[cred_pos + 1:]
                 return filter(None, [proto, host, port])
             def credentials_filter(uri):
                 """
                 Returns a url with removed credentials
                 :param uri:
                 """
                 uri = uri_filter(uri)
                 # check if we have port
                 if len(uri) > 2 and uri[2]:
                     uri[2] = ':' + uri[2]
                 return ''.join(uri)
-            def get_clone_url(uri_tmpl, qualifed_home_url, repo_name, repo_id, **override):
+            def get_clone_url(request, uri_tmpl, repo_name, repo_id, **override):
+                qualifed_home_url = request.route_url('home')
                 parsed_url = urlobject.URLObject(qualifed_home_url)
                 decoded_path = safe_unicode(urllib.unquote(parsed_url.path.rstrip('/')))
                 args = {
                     'scheme': parsed_url.scheme,
                     'user': '',
                     # path if we use proxy-prefix
                     'netloc': parsed_url.netloc+decoded_path,
                     'prefix': decoded_path,
                     'repo': repo_name,
                     'repoid': str(repo_id)
                 }
                 args.update(override)
                 args['user'] = urllib.quote(safe_str(args['user']))
                 for k, v in args.items():
                     uri_tmpl = uri_tmpl.replace('{%s}' % k, v)
                 # remove leading @ sign if it's present. Case of empty user
                 url_obj = urlobject.URLObject(uri_tmpl)
                 url = url_obj.with_netloc(url_obj.netloc.lstrip('@'))
                 return safe_unicode(url)
             def get_commit_safe(repo, commit_id=None, commit_idx=None, pre_load=None):
                 """
                 Safe version of get_commit if this commit doesn't exists for a
                 repository it returns a Dummy one instead
                 :param repo: repository instance
                 :param commit_id: commit id as str
                 :param pre_load: optional list of commit attributes to load
                 """
                 # TODO(skreft): remove these circular imports
                 from rhodecode.lib.vcs.backends.base import BaseRepository, EmptyCommit
                 from rhodecode.lib.vcs.exceptions import RepositoryError
                 if not isinstance(repo, BaseRepository):
                     raise Exception('You must pass an Repository '
                                     'object as first argument got %s', type(repo))
                 try:
                     commit = repo.get_commit(
                         commit_id=commit_id, commit_idx=commit_idx, pre_load=pre_load)
                 except (RepositoryError, LookupError):
                     commit = EmptyCommit()
                 return commit
             def datetime_to_time(dt):
                 if dt:
                     return time.mktime(dt.timetuple())
             def time_to_datetime(tm):
                 if tm:
                     if isinstance(tm, basestring):
                         try:
                             tm = float(tm)
                         except ValueError:
                             return
                     return datetime.datetime.fromtimestamp(tm)
             def time_to_utcdatetime(tm):
                 if tm:
                     if isinstance(tm, basestring):
                         try:
                             tm = float(tm)
                         except ValueError:
                             return
                     return datetime.datetime.utcfromtimestamp(tm)
             MENTIONS_REGEX = re.compile(
                 # ^@ or @ without any special chars in front
                 r'(?:^@|[^a-zA-Z0-9\-\_\.]@)'
                 # main body starts with letter, then can be . - _
                 r'([a-zA-Z0-9]{1}[a-zA-Z0-9\-\_\.]+)',
                 re.VERBOSE | re.MULTILINE)
             def extract_mentioned_users(s):
                 """
                 Returns unique usernames from given string s that have @mention
                 :param s: string to get mentions
                 """
                 usrs = set()
                 for username in MENTIONS_REGEX.findall(s):
                     usrs.add(username)
                 return sorted(list(usrs), key=lambda k: k.lower())
             class StrictAttributeDict(dict):
                 """
                 Strict Version of Attribute dict which raises an Attribute error when
                 requested attribute is not set
                 """
                 def __getattr__(self, attr):
                     try:
                         return self[attr]
                     except KeyError:
                         raise AttributeError('%s object has no attribute %s' % (
                             self.__class__, attr))
                 __setattr__ = dict.__setitem__
                 __delattr__ = dict.__delitem__
             class AttributeDict(dict):
                 def __getattr__(self, attr):
                     return self.get(attr, None)
                 __setattr__ = dict.__setitem__
                 __delattr__ = dict.__delitem__
             def fix_PATH(os_=None):
                 """
                 Get current active python path, and append it to PATH variable to fix
                 issues of subprocess calls and different python versions
                 """
                 if os_ is None:
                     import os
                 else:
                     os = os_
                 cur_path = os.path.split(sys.executable)[0]
                 if not os.environ['PATH'].startswith(cur_path):
                     os.environ['PATH'] = '%s:%s' % (cur_path, os.environ['PATH'])
             def obfuscate_url_pw(engine):
                 _url = engine or ''
                 try:
                     _url = sqlalchemy.engine.url.make_url(engine)
                     if _url.password:
                         _url.password = 'XXXXX'
                 except Exception:
                     pass
                 return unicode(_url)
             def get_server_url(environ):
                 req = webob.Request(environ)
                 return req.host_url + req.script_name
             def unique_id(hexlen=32):
                 alphabet = "23456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghjklmnpqrstuvwxyz"
                 return suuid(truncate_to=hexlen, alphabet=alphabet)
             def suuid(url=None, truncate_to=22, alphabet=None):
                 """
                 Generate and return a short URL safe UUID.
                 If the url parameter is provided, set the namespace to the provided
                 URL and generate a UUID.
                 :param url to get the uuid for
                 :truncate_to: truncate the basic 22 UUID to shorter version
                 The IDs won't be universally unique any longer, but the probability of
                 a collision will still be very low.
                 """
                 # Define our alphabet.
                 _ALPHABET = alphabet or "23456789ABCDEFGHJKLMNPQRSTUVWXYZ"
                 # If no URL is given, generate a random UUID.
                 if url is None:
                     unique_id = uuid.uuid4().int
                 else:
                     unique_id = uuid.uuid3(uuid.NAMESPACE_URL, url).int
                 alphabet_length = len(_ALPHABET)
                 output = []
                 while unique_id > 0:
                     digit = unique_id % alphabet_length
                     output.append(_ALPHABET[digit])
                     unique_id = int(unique_id / alphabet_length)
                 return "".join(output)[:truncate_to]
             def get_current_rhodecode_user():
                 """
                 Gets rhodecode user from threadlocal tmpl_context variable if it's
                 defined, else returns None.
                 """
                 from pylons import tmpl_context as c
                 if hasattr(c, 'rhodecode_user'):
                     return c.rhodecode_user
                 return None
             def action_logger_generic(action, namespace=''):
                 """
                 A generic logger for actions useful to the system overview, tries to find
                 an acting user for the context of the call otherwise reports unknown user
                 :param action: logging message eg 'comment 5 deleted'
                 :param type: string
                 :param namespace: namespace of the logging message eg. 'repo.comments'
                 :param type: string
                 """
                 logger_name = 'rhodecode.actions'
                 if namespace:
                     logger_name += '.' + namespace
                 log = logging.getLogger(logger_name)
                 # get a user if we can
                 user = get_current_rhodecode_user()
                 logfunc = log.info
                 if not user:
                     user = '<unknown user>'
                     logfunc = log.warning
                 logfunc('Logging action by {}: {}'.format(user, action))
             def escape_split(text, sep=',', maxsplit=-1):
                 r"""
                 Allows for escaping of the separator: e.g. arg='foo\, bar'
                 It should be noted that the way bash et. al. do command line parsing, those
                 single quotes are required.
                 """
                 escaped_sep = r'\%s' % sep
                 if escaped_sep not in text:
                     return text.split(sep, maxsplit)
                 before, _mid, after = text.partition(escaped_sep)
                 startlist = before.split(sep, maxsplit)  # a regular split is fine here
                 unfinished = startlist[-1]
                 startlist = startlist[:-1]
                 # recurse because there may be more escaped separators
                 endlist = escape_split(after, sep, maxsplit)
                 # finish building the escaped value. we use endlist[0] becaue the first
                 # part of the string sent in recursion is the rest of the escaped value.
                 unfinished += sep + endlist[0]
                 return startlist + [unfinished] + endlist[1:]  # put together all the parts
             class OptionalAttr(object):
                 """
                 Special Optional Option that defines other attribute. Example::
                     def test(apiuser, userid=Optional(OAttr('apiuser')):
                         user = Optional.extract(userid)
                         # calls
                 """
                 def __init__(self, attr_name):
                     self.attr_name = attr_name
                 def __repr__(self):
                     return '<OptionalAttr:%s>' % self.attr_name
                 def __call__(self):
                     return self
             # alias
             OAttr = OptionalAttr
             class Optional(object):
                 """
                 Defines an optional parameter::
                     param = param.getval() if isinstance(param, Optional) else param
                     param = param() if isinstance(param, Optional) else param
                 is equivalent of::
                     param = Optional.extract(param)
                 """
                 def __init__(self, type_):
                     self.type_ = type_
                 def __repr__(self):
                     return '<Optional:%s>' % self.type_.__repr__()
                 def __call__(self):
                     return self.getval()
                 def getval(self):
                     """
                     returns value from this Optional instance
                     """
                     if isinstance(self.type_, OAttr):
                         # use params name
                         return self.type_.attr_name
                     return self.type_
                 @classmethod
                 def extract(cls, val):
                     """
                     Extracts value from Optional() instance
                     :param val:
                     :return: original value if it's not Optional instance else
                         value of instance
                     """
                     if isinstance(val, cls):
                         return val.getval()
                     return val
             def get_routes_generator_for_server_url(server_url):
                 parsed_url = urlobject.URLObject(server_url)
                 netloc = safe_str(parsed_url.netloc)
                 script_name = safe_str(parsed_url.path)
                 if ':' in netloc:
                     server_name, server_port = netloc.split(':')
                 else:
                     server_name = netloc
                     server_port = (parsed_url.scheme == 'https' and '443' or '80')
                 environ = {
                     'REQUEST_METHOD': 'GET',
                     'PATH_INFO': '/',
                     'SERVER_NAME': server_name,
                     'SERVER_PORT': server_port,
                     'SCRIPT_NAME': script_name,
                 }
                 if parsed_url.scheme == 'https':
                     environ['HTTPS'] = 'on'
                     environ['wsgi.url_scheme'] = 'https'
                 return routes.util.URLGenerator(rhodecode.CONFIG['routes.map'], environ)
             def glob2re(pat):
                 """
                 Translate a shell PATTERN to a regular expression.
                 There is no way to quote meta-characters.
                 """
                 i, n = 0, len(pat)
                 res = ''
                 while i < n:
                     c = pat[i]
                     i = i+1
                     if c == '*':
                         #res = res + '.*'
                         res = res + '[^/]*'
                     elif c == '?':
                         #res = res + '.'
                         res = res + '[^/]'
                     elif c == '[':
                         j = i
                         if j < n and pat[j] == '!':
                             j = j+1
                         if j < n and pat[j] == ']':
                             j = j+1
                         while j < n and pat[j] != ']':
                             j = j+1
                         if j >= n:
                             res = res + '\\['
                         else:
                             stuff = pat[i:j].replace('\\','\\\\')
                             i = j+1
                             if stuff[0] == '!':
                                 stuff = '^' + stuff[1:]
                             elif stuff[0] == '^':
                                 stuff = '\\' + stuff
                             res = '%s[%s]' % (res, stuff)
                     else:
                         res = res + re.escape(c)
                 return res + '\Z(?ms)'

rhodecode/model/db.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/model/notification.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/model/repo.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/public/js/rhodecode/routes.js

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/templates/admin/integrations/list.mako

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/templates/admin/repo_groups/repo_group_edit.mako

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/templates/admin/repos/repo_creating.mako

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/templates/admin/users/user_edit_advanced.mako

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/templates/base/base.mako

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/templates/base/perms_summary.mako

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/templates/base/root.mako

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/templates/data_table/_dt_elements.mako

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/templates/index_repo_group.mako

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/templates/login.mako

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/templates/password_reset.mako

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/templates/register.mako

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/__init__.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/events/test_pullrequest.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/events/test_repo.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/functional/test_admin_gists.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/functional/test_admin_my_account.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/functional/test_admin_repo_groups.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/functional/test_delegated_admin.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/functional/test_login.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/functional/test_sessions.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/functional/test_summary.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/lib/middleware/test_simplevcs.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/lib/test_codeblocks.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/lib/test_helpers.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/lib/test_mako_emails.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/models/test_changeset_status.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/models/test_notifications.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/models/test_pullrequest.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/models/test_pullrequest_git.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/other/test_libs.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/other/vcs_operations/conftest.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/other/vcs_operations/test_vcs_calls_custom_auth_code_403.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/other/vcs_operations/test_vcs_calls_custom_auth_code_404.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/other/vcs_operations/test_vcs_calls_custom_auth_code_bad_code.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/other/vcs_operations/test_vcs_operations.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/other/vcs_operations/test_vcs_operations_locking.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/other/vcs_operations/test_vcs_operations_locking_custom_code.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/plugin.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/scripts/test_concurency.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/utils.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/vcs/test_hg_vcsserver_cache_invalidation.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages