u/pc/rhodecode-enterprise-ce-fork-pc Commit - r2932:9bfe4e0a

caches: new cache context managers....

marcink -

r2932:9bfe4e0a default

parent child

The requested changes are too big and content was truncated. Show full diff

configs/development.ini

0 0 -16

             ################################################################################
             ##                 RHODECODE COMMUNITY EDITION CONFIGURATION                  ##
             # The %(here)s variable will be replaced with the parent directory of this file#
             ################################################################################
             [DEFAULT]
             debug = true
             ################################################################################
             ##                            EMAIL CONFIGURATION                             ##
             ## Uncomment and replace with the email address which should receive          ##
             ## any error reports after an application crash                               ##
             ## Additionally these settings will be used by the RhodeCode mailing system   ##
             ################################################################################
             ## prefix all emails subjects with given prefix, helps filtering out emails
             #email_prefix = [RhodeCode]
             ## email FROM address all mails will be sent
             #app_email_from = rhodecode-noreply@localhost
             ## Uncomment and replace with the address which should receive any error report
             ## note: using appenlight for error handling doesn't need this to be uncommented
             #email_to = admin@localhost
             ## in case of Application errors, sent an error email form
             #error_email_from = rhodecode_error@localhost
             ## additional error message to be send in case of server crash
             #error_message =
             #smtp_server = mail.server.com
             #smtp_username =
             #smtp_password =
             #smtp_port =
             #smtp_use_tls = false
             #smtp_use_ssl = true
             ## Specify available auth parameters here (e.g. LOGIN PLAIN CRAM-MD5, etc.)
             #smtp_auth =
             [server:main]
             ## COMMON ##
             host = 127.0.0.1
             port = 5000
             ##################################
             ##     WAITRESS WSGI SERVER     ##
             ## Recommended for Development  ##
             ##################################
             use = egg:waitress#main
             ## number of worker threads
             threads = 5
             ## MAX BODY SIZE 100GB
             max_request_body_size = 107374182400
             ## Use poll instead of select, fixes file descriptors limits problems.
             ## May not work on old windows systems.
             asyncore_use_poll = true
             ##########################
             ## GUNICORN WSGI SERVER ##
             ##########################
             ## run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini
             #use = egg:gunicorn#main
             ## Sets the number of process workers. You must set `instance_id = *`
             ## when this option is set to more than one worker, recommended
             ## value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers
             ## The `instance_id = *` must be set in the [app:main] section below
             #workers = 2
             ## number of threads for each of the worker, must be set to 1 for gevent
             ## generally recommended to be at 1
             #threads = 1
             ## process name
             #proc_name = rhodecode
             ## type of worker class, one of sync, gevent
             ## recommended for bigger setup is using of of other than sync one
             #worker_class = gevent
             ## The maximum number of simultaneous clients. Valid only for Gevent
             #worker_connections = 10
             ## max number of requests that worker will handle before being gracefully
             ## restarted, could prevent memory leaks
             #max_requests = 1000
             #max_requests_jitter = 30
             ## amount of time a worker can spend with handling a request before it
             ## gets killed and restarted. Set to 6hrs
             #timeout = 21600
             ## prefix middleware for RhodeCode.
             ## recommended when using proxy setup.
             ## allows to set RhodeCode under a prefix in server.
             ## eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
             ## And set your prefix like: `prefix = /custom_prefix`
             ## be sure to also set beaker.session.cookie_path = /custom_prefix if you need
             ## to make your cookies only work on prefix url
             [filter:proxy-prefix]
             use = egg:PasteDeploy#prefix
             prefix = /
             [app:main]
             use = egg:rhodecode-enterprise-ce
             ## enable proxy prefix middleware, defined above
             #filter-with = proxy-prefix
             # During development the we want to have the debug toolbar enabled
             pyramid.includes =
                 pyramid_debugtoolbar
                 rhodecode.lib.middleware.request_wrapper
             pyramid.reload_templates = true
             debugtoolbar.hosts = 0.0.0.0/0
             debugtoolbar.exclude_prefixes =
                 /css
                 /fonts
                 /images
                 /js
             ## RHODECODE PLUGINS ##
             rhodecode.includes =
                 rhodecode.api
             # api prefix url
             rhodecode.api.url = /_admin/api
             ## END RHODECODE PLUGINS ##
             ## encryption key used to encrypt social plugin tokens,
             ## remote_urls with credentials etc, if not set it defaults to
             ## `beaker.session.secret`
             #rhodecode.encrypted_values.secret =
             ## decryption strict mode (enabled by default). It controls if decryption raises
             ## `SignatureVerificationError` in case of wrong key, or damaged encryption data.
             #rhodecode.encrypted_values.strict = false
             ## return gzipped responses from Rhodecode (static files/application)
             gzip_responses = false
             ## autogenerate javascript routes file on startup
             generate_js_files = false
             ## Optional Languages
             ## en(default), be, de, es, fr, it, ja, pl, pt, ru, zh
             lang = en
             ## perform a full repository scan on each server start, this should be
             ## set to false after first startup, to allow faster server restarts.
             startup.import_repos = false
             ## Uncomment and set this path to use archive download cache.
             ## Once enabled, generated archives will be cached at this location
             ## and served from the cache during subsequent requests for the same archive of
             ## the repository.
             #archive_cache_dir = /tmp/tarballcache
             ## URL at which the application is running. This is used for bootstraping
             ## requests in context when no web request is available. Used in ishell, or
             ## SSH calls. Set this for events to receive proper url for SSH calls.
             app.base_url = http://rhodecode.local
             ## change this to unique ID for security
             app_instance_uuid = rc-production
             ## cut off limit for large diffs (size in bytes). If overall diff size on
             ## commit, or pull request exceeds this limit this diff will be displayed
             ## partially. E.g 512000 == 512Kb
             cut_off_limit_diff = 512000
             ## cut off limit for large files inside diffs (size in bytes). Each individual
             ## file inside diff which exceeds this limit will be displayed partially.
             ##  E.g 128000 == 128Kb
             cut_off_limit_file = 128000
             ## use cache version of scm repo everywhere
             vcs_full_cache = true
             ## force https in RhodeCode, fixes https redirects, assumes it's always https
             ## Normally this is controlled by proper http flags sent from http server
             force_https = false
             ## use Strict-Transport-Security headers
             use_htsts = false
             ## git rev filter option, --all is the default filter, if you need to
             ## hide all refs in changelog switch this to --branches --tags
             git_rev_filter = --branches --tags
             # Set to true if your repos are exposed using the dumb protocol
             git_update_server_info = false
             ## RSS/ATOM feed options
             rss_cut_off_limit = 256000
             rss_items_per_page = 10
             rss_include_diff = false
             ## gist URL alias, used to create nicer urls for gist. This should be an
             ## url that does rewrites to _admin/gists/{gistid}.
             ## example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
             ## RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
             gist_alias_url =
             ## List of views (using glob pattern syntax) that AUTH TOKENS could be
             ## used for access.
             ## Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
             ## came from the the logged in user who own this authentication token.
             ## Additionally @TOKEN syntaxt can be used to bound the view to specific
             ## authentication token. Such view would be only accessible when used together
             ## with this authentication token
             ##
             ## list of all views can be found under `/_admin/permissions/auth_token_access`
             ## The list should be "," separated and on a single line.
             ##
             ## Most common views to enable:
             #    RepoCommitsView:repo_commit_download
             #    RepoCommitsView:repo_commit_patch
             #    RepoCommitsView:repo_commit_raw
             #    RepoCommitsView:repo_commit_raw@TOKEN
             #    RepoFilesView:repo_files_diff
             #    RepoFilesView:repo_archivefile
             #    RepoFilesView:repo_file_raw
             #    GistView:*
             api_access_controllers_whitelist =
             ## default encoding used to convert from and to unicode
             ## can be also a comma separated list of encoding in case of mixed encodings
             default_encoding = UTF-8
             ## instance-id prefix
             ## a prefix key for this instance used for cache invalidation when running
             ## multiple instances of rhodecode, make sure it's globally unique for
             ## all running rhodecode instances. Leave empty if you don't use it
             instance_id =
             ## Fallback authentication plugin. Set this to a plugin ID to force the usage
             ## of an authentication plugin also if it is disabled by it's settings.
             ## This could be useful if you are unable to log in to the system due to broken
             ## authentication settings. Then you can enable e.g. the internal rhodecode auth
             ## module to log in again and fix the settings.
             ##
             ## Available builtin plugin IDs (hash is part of the ID):
             ## egg:rhodecode-enterprise-ce#rhodecode
             ## egg:rhodecode-enterprise-ce#pam
             ## egg:rhodecode-enterprise-ce#ldap
             ## egg:rhodecode-enterprise-ce#jasig_cas
             ## egg:rhodecode-enterprise-ce#headers
             ## egg:rhodecode-enterprise-ce#crowd
             #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
             ## alternative return HTTP header for failed authentication. Default HTTP
             ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
             ## handling that causing a series of failed authentication calls.
             ## Set this variable to 403 to return HTTPForbidden, or any other HTTP code
             ## This will be served instead of default 401 on bad authnetication
             auth_ret_code =
             ## use special detection method when serving auth_ret_code, instead of serving
             ## ret_code directly, use 401 initially (Which triggers credentials prompt)
             ## and then serve auth_ret_code to clients
             auth_ret_code_detection = false
             ## locking return code. When repository is locked return this HTTP code. 2XX
             ## codes don't break the transactions while 4XX codes do
             lock_ret_code = 423
             ## allows to change the repository location in settings page
             allow_repo_location_change = true
             ## allows to setup custom hooks in settings page
             allow_custom_hooks_settings = true
             ## generated license token, goto license page in RhodeCode settings to obtain
             ## new token
             license_token =
             ## supervisor connection uri, for managing supervisor and logs.
             supervisor.uri =
             ## supervisord group name/id we only want this RC instance to handle
             supervisor.group_id = dev
             ## Display extended labs settings
             labs_settings_active = true
             ####################################
             ###        CELERY CONFIG        ####
             ####################################
             ## run: /path/to/celery worker \
             ##     -E --beat --app rhodecode.lib.celerylib.loader \
             ##     --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler \
             ##     --loglevel DEBUG --ini /path/to/rhodecode.ini
             use_celery = false
             ## connection url to the message broker (default rabbitmq)
             celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost
             ## maximum tasks to execute before worker restart
             celery.max_tasks_per_child = 100
             ## tasks will never be sent to the queue, but executed locally instead.
             celery.task_always_eager = false
             #####################################
             ###         DOGPILE CACHE        ####
             #####################################
             ## Default cache dir for caches.  Putting this into a ramdisk
             ## can boost performance, eg. /tmpfs/data_ramdisk, however this might require lots
             ## of space
             cache_dir = /tmp/rcdev/data
             ## cache settings for permission tree, auth TTL.
             rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_perms.expiration_time = 300
             rc_cache.cache_perms.arguments.filename = /tmp/rc_cache_1
             ## redis backend with distributed locks
             #rc_cache.cache_perms.backend = dogpile.cache.rc.redis
             #rc_cache.cache_perms.expiration_time = 300
             #rc_cache.cache_perms.arguments.host = localhost
             #rc_cache.cache_perms.arguments.port = 6379
             #rc_cache.cache_perms.arguments.db = 0
             #rc_cache.cache_perms.arguments.redis_expiration_time = 7200
             #rc_cache.cache_perms.arguments.distributed_lock = true
             rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_repo.expiration_time = 2592000
             rc_cache.cache_repo.arguments.filename = /tmp/rc_cache_2
             ## redis backend with distributed locks
             #rc_cache.cache_repo.backend = dogpile.cache.rc.redis
             #rc_cache.cache_repo.expiration_time = 2592000
             ## this needs to be greater then expiration_time
             #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400
             #rc_cache.cache_repo.arguments.host = localhost
             #rc_cache.cache_repo.arguments.port = 6379
             #rc_cache.cache_repo.arguments.db = 1
             #rc_cache.cache_repo.arguments.distributed_lock = true
             ## cache settings for SQL queries
             rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
             rc_cache.sql_cache_short.expiration_time = 30
             ####################################
-            ###         BEAKER CACHE        ####
-            ####################################
-            ## locking and default file storage for Beaker. Putting this into a ramdisk
-            ## can boost performance, eg. %(here)s/data_ramdisk/cache/beaker_data
-            beaker.cache.data_dir = %(here)s/data/cache/beaker_data
-            beaker.cache.lock_dir = %(here)s/data/cache/beaker_lock
-            beaker.cache.regions = long_term
-            beaker.cache.long_term.type = memorylru_base
-            beaker.cache.long_term.expire = 172800
-            beaker.cache.long_term.key_length = 256
-            ####################################
             ###       BEAKER SESSION        ####
             ####################################
             ## .session.type is type of storage options for the session, current allowed
             ## types are file, ext:memcached, ext:redis, ext:database, and memory (default).
             beaker.session.type = file
             beaker.session.data_dir = %(here)s/data/sessions
             ## db based session, fast, and allows easy management over logged in users
             #beaker.session.type = ext:database
             #beaker.session.table_name = db_session
             #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
             #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
             #beaker.session.sa.pool_recycle = 3600
             #beaker.session.sa.echo = false
             beaker.session.key = rhodecode
             beaker.session.secret = develop-rc-uytcxaz
             beaker.session.lock_dir = %(here)s/data/sessions/lock
             ## Secure encrypted cookie. Requires AES and AES python libraries
             ## you must disable beaker.session.secret to use this
             #beaker.session.encrypt_key = key_for_encryption
             #beaker.session.validate_key = validation_key
             ## sets session as invalid(also logging out user) if it haven not been
             ## accessed for given amount of time in seconds
             beaker.session.timeout = 2592000
             beaker.session.httponly = true
             ## Path to use for the cookie. Set to prefix if you use prefix middleware
             #beaker.session.cookie_path = /custom_prefix
             ## uncomment for https secure cookie
             beaker.session.secure = false
             ## auto save the session to not to use .save()
             beaker.session.auto = false
             ## default cookie expiration time in seconds, set to `true` to set expire
             ## at browser close
             #beaker.session.cookie_expires = 3600
             ###################################
             ## SEARCH INDEXING CONFIGURATION ##
             ###################################
             ## Full text search indexer is available in rhodecode-tools under
             ## `rhodecode-tools index` command
             ## WHOOSH Backend, doesn't require additional services to run
             ## it works good with few dozen repos
             search.module = rhodecode.lib.index.whoosh
             search.location = %(here)s/data/index
             ########################################
             ###    CHANNELSTREAM CONFIG         ####
             ########################################
             ## channelstream enables persistent connections and live notification
             ## in the system. It's also used by the chat system
             channelstream.enabled = false
             ## server address for channelstream server on the backend
             channelstream.server = 127.0.0.1:9800
             ## location of the channelstream server from outside world
             ## use ws:// for http or wss:// for https. This address needs to be handled
             ## by external HTTP server such as Nginx or Apache
             ## see nginx/apache configuration examples in our docs
             channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
             channelstream.secret = secret
             channelstream.history.location = %(here)s/channelstream_history
             ## Internal application path that Javascript uses to connect into.
             ## If you use proxy-prefix the prefix should be added before /_channelstream
             channelstream.proxy_path = /_channelstream
             ###################################
             ##       APPENLIGHT CONFIG       ##
             ###################################
             ## Appenlight is tailored to work with RhodeCode, see
             ## http://appenlight.com for details how to obtain an account
             ## appenlight integration enabled
             appenlight = false
             appenlight.server_url = https://api.appenlight.com
             appenlight.api_key = YOUR_API_KEY
             #appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5
             # used for JS client
             appenlight.api_public_key = YOUR_API_PUBLIC_KEY
             ## TWEAK AMOUNT OF INFO SENT HERE
             ## enables 404 error logging (default False)
             appenlight.report_404 = false
             ## time in seconds after request is considered being slow (default 1)
             appenlight.slow_request_time = 1
             ## record slow requests in application
             ## (needs to be enabled for slow datastore recording and time tracking)
             appenlight.slow_requests = true
             ## enable hooking to application loggers
             appenlight.logging = true
             ## minimum log level for log capture
             appenlight.logging.level = WARNING
             ## send logs only from erroneous/slow requests
             ## (saves API quota for intensive logging)
             appenlight.logging_on_error = false
             ## list of additonal keywords that should be grabbed from environ object
             ## can be string with comma separated list of words in lowercase
             ## (by default client will always send following info:
             ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
             ## start with HTTP* this list be extended with additional keywords here
             appenlight.environ_keys_whitelist =
             ## list of keywords that should be blanked from request object
             ## can be string with comma separated list of words in lowercase
             ## (by default client will always blank keys that contain following words
             ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
             ## this list be extended with additional keywords set here
             appenlight.request_keys_blacklist =
             ## list of namespaces that should be ignores when gathering log entries
             ## can be string with comma separated list of namespaces
             ## (by default the client ignores own entries: appenlight_client.client)
             appenlight.log_namespace_blacklist =
             ################################################################################
             ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT*  ##
             ## Debug mode will enable the interactive debugging tool, allowing ANYONE to  ##
             ## execute malicious code after an exception is raised.                       ##
             ################################################################################
             #set debug = false
             ##############
             ## STYLING  ##
             ##############
             debug_style = true
             ###########################################
             ###   MAIN RHODECODE DATABASE CONFIG    ###
             ###########################################
             #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
             #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
             #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode
             #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
             sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
             # see sqlalchemy docs for other advanced settings
             ## print the sql statements to output
             sqlalchemy.db1.echo = false
             ## recycle the connections after this amount of seconds
             sqlalchemy.db1.pool_recycle = 3600
             sqlalchemy.db1.convert_unicode = true
             ## the number of connections to keep open inside the connection pool.
             ## 0 indicates no limit
             #sqlalchemy.db1.pool_size = 5
             ## the number of connections to allow in connection pool "overflow", that is
             ## connections that can be opened above and beyond the pool_size setting,
             ## which defaults to five.
             #sqlalchemy.db1.max_overflow = 10
             ## Connection check ping, used to detect broken database connections
             ## could be enabled to better handle cases if MySQL has gone away errors
             #sqlalchemy.db1.ping_connection = true
             ##################
             ### VCS CONFIG ###
             ##################
             vcs.server.enable = true
             vcs.server = localhost:9900
             ## Web server connectivity protocol, responsible for web based VCS operatations
             ## Available protocols are:
             ## `http` - use http-rpc backend (default)
             vcs.server.protocol = http
             ## Push/Pull operations protocol, available options are:
             ## `http` - use http-rpc backend (default)
             ##
             vcs.scm_app_implementation = http
             ## Push/Pull operations hooks protocol, available options are:
             ## `http` - use http-rpc backend (default)
             vcs.hooks.protocol = http
             ## Host on which this instance is listening for hooks. If vcsserver is in other location
             ## this should be adjusted.
             vcs.hooks.host = 127.0.0.1
             vcs.server.log_level = debug
             ## Start VCSServer with this instance as a subprocess, usefull for development
             vcs.start_server = false
             ## List of enabled VCS backends, available options are:
             ## `hg`  - mercurial
             ## `git` - git
             ## `svn` - subversion
             vcs.backends = hg, git, svn
             vcs.connection_timeout = 3600
             ## Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
             ## Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
             #vcs.svn.compatible_version = pre-1.8-compatible
             ############################################################
             ### Subversion proxy support (mod_dav_svn)               ###
             ### Maps RhodeCode repo groups into SVN paths for Apache ###
             ############################################################
             ## Enable or disable the config file generation.
             svn.proxy.generate_config = false
             ## Generate config file with `SVNListParentPath` set to `On`.
             svn.proxy.list_parent_path = true
             ## Set location and file name of generated config file.
             svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
             ## alternative mod_dav config template. This needs to be a mako template
             #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
             ## Used as a prefix to the `Location` block in the generated config file.
             ## In most cases it should be set to `/`.
             svn.proxy.location_root = /
             ## Command to reload the mod dav svn configuration on change.
             ## Example: `/etc/init.d/apache2 reload`
             #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
             ## If the timeout expires before the reload command finishes, the command will
             ## be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
             #svn.proxy.reload_timeout = 10
             ############################################################
             ### SSH Support Settings                                 ###
             ############################################################
             ## Defines if a custom authorized_keys file should be created and written on
             ## any change user ssh keys. Setting this to false also disables posibility
             ## of adding SSH keys by users from web interface. Super admins can still
             ## manage SSH Keys.
             ssh.generate_authorized_keyfile = false
             ## Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
             # ssh.authorized_keys_ssh_opts =
             ## Path to the authrozied_keys file where the generate entries are placed.
             ## It is possible to have multiple key files specified in `sshd_config` e.g.
             ## AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
             ssh.authorized_keys_file_path = ~/.ssh/authorized_keys_rhodecode
             ## Command to execute the SSH wrapper. The binary is available in the
             ## rhodecode installation directory.
             ## e.g ~/.rccontrol/community-1/profile/bin/rc-ssh-wrapper
             ssh.wrapper_cmd = ~/.rccontrol/community-1/rc-ssh-wrapper
             ## Allow shell when executing the ssh-wrapper command
             ssh.wrapper_cmd_allow_shell = false
             ## Enables logging, and detailed output send back to the client during SSH
             ## operations. Usefull for debugging, shouldn't be used in production.
             ssh.enable_debug_logging = true
             ## Paths to binary executable, by default they are the names, but we can
             ## override them if we want to use a custom one
             ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
             ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
             ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
             ## Dummy marker to add new entries after.
             ## Add any custom entries below. Please don't remove.
             custom.conf = 1
             ################################
             ### LOGGING CONFIGURATION   ####
             ################################
             [loggers]
             keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper
             [handlers]
             keys = console, console_sql
             [formatters]
             keys = generic, color_formatter, color_formatter_sql
             #############
             ## LOGGERS ##
             #############
             [logger_root]
             level = NOTSET
             handlers = console
             [logger_sqlalchemy]
             level = INFO
             handlers = console_sql
             qualname = sqlalchemy.engine
             propagate = 0
             [logger_beaker]
             level = DEBUG
             handlers =
             qualname = beaker.container
             propagate = 1
             [logger_rhodecode]
             level = DEBUG
             handlers =
             qualname = rhodecode
             propagate = 1
             [logger_ssh_wrapper]
             level = DEBUG
             handlers =
             qualname = ssh_wrapper
             propagate = 1
             [logger_celery]
             level = DEBUG
             handlers =
             qualname = celery
             ##############
             ## HANDLERS ##
             ##############
             [handler_console]
             class = StreamHandler
             args = (sys.stderr, )
             level = DEBUG
             formatter = color_formatter
             [handler_console_sql]
             # "level = DEBUG" logs SQL queries and results.
             # "level = INFO" logs SQL queries.
             # "level = WARN" logs neither.  (Recommended for production systems.)
             class = StreamHandler
             args = (sys.stderr, )
             level = WARN
             formatter = color_formatter_sql
             ################
             ## FORMATTERS ##
             ################
             [formatter_generic]
             class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_color_formatter]
             class = rhodecode.lib.logging_formatter.ColorFormatter
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_color_formatter_sql]
             class = rhodecode.lib.logging_formatter.ColorFormatterSql
             format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S

configs/production.ini

0 0 -16

             ################################################################################
             ##                 RHODECODE COMMUNITY EDITION CONFIGURATION                  ##
             # The %(here)s variable will be replaced with the parent directory of this file#
             ################################################################################
             [DEFAULT]
             debug = true
             ################################################################################
             ##                            EMAIL CONFIGURATION                             ##
             ## Uncomment and replace with the email address which should receive          ##
             ## any error reports after an application crash                               ##
             ## Additionally these settings will be used by the RhodeCode mailing system   ##
             ################################################################################
             ## prefix all emails subjects with given prefix, helps filtering out emails
             #email_prefix = [RhodeCode]
             ## email FROM address all mails will be sent
             #app_email_from = rhodecode-noreply@localhost
             ## Uncomment and replace with the address which should receive any error report
             ## note: using appenlight for error handling doesn't need this to be uncommented
             #email_to = admin@localhost
             ## in case of Application errors, sent an error email form
             #error_email_from = rhodecode_error@localhost
             ## additional error message to be send in case of server crash
             #error_message =
             #smtp_server = mail.server.com
             #smtp_username =
             #smtp_password =
             #smtp_port =
             #smtp_use_tls = false
             #smtp_use_ssl = true
             ## Specify available auth parameters here (e.g. LOGIN PLAIN CRAM-MD5, etc.)
             #smtp_auth =
             [server:main]
             ## COMMON ##
             host = 127.0.0.1
             port = 5000
             ##################################
             ##     WAITRESS WSGI SERVER     ##
             ## Recommended for Development  ##
             ##################################
             #use = egg:waitress#main
             ## number of worker threads
             #threads = 5
             ## MAX BODY SIZE 100GB
             #max_request_body_size = 107374182400
             ## Use poll instead of select, fixes file descriptors limits problems.
             ## May not work on old windows systems.
             #asyncore_use_poll = true
             ##########################
             ## GUNICORN WSGI SERVER ##
             ##########################
             ## run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini
             use = egg:gunicorn#main
             ## Sets the number of process workers. You must set `instance_id = *`
             ## when this option is set to more than one worker, recommended
             ## value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers
             ## The `instance_id = *` must be set in the [app:main] section below
             workers = 2
             ## number of threads for each of the worker, must be set to 1 for gevent
             ## generally recommended to be at 1
             #threads = 1
             ## process name
             proc_name = rhodecode
             ## type of worker class, one of sync, gevent
             ## recommended for bigger setup is using of of other than sync one
             worker_class = gevent
             ## The maximum number of simultaneous clients. Valid only for Gevent
             #worker_connections = 10
             ## max number of requests that worker will handle before being gracefully
             ## restarted, could prevent memory leaks
             max_requests = 1000
             max_requests_jitter = 30
             ## amount of time a worker can spend with handling a request before it
             ## gets killed and restarted. Set to 6hrs
             timeout = 21600
             ## prefix middleware for RhodeCode.
             ## recommended when using proxy setup.
             ## allows to set RhodeCode under a prefix in server.
             ## eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
             ## And set your prefix like: `prefix = /custom_prefix`
             ## be sure to also set beaker.session.cookie_path = /custom_prefix if you need
             ## to make your cookies only work on prefix url
             [filter:proxy-prefix]
             use = egg:PasteDeploy#prefix
             prefix = /
             [app:main]
             use = egg:rhodecode-enterprise-ce
             ## enable proxy prefix middleware, defined above
             #filter-with = proxy-prefix
             ## encryption key used to encrypt social plugin tokens,
             ## remote_urls with credentials etc, if not set it defaults to
             ## `beaker.session.secret`
             #rhodecode.encrypted_values.secret =
             ## decryption strict mode (enabled by default). It controls if decryption raises
             ## `SignatureVerificationError` in case of wrong key, or damaged encryption data.
             #rhodecode.encrypted_values.strict = false
             ## return gzipped responses from Rhodecode (static files/application)
             gzip_responses = false
             ## autogenerate javascript routes file on startup
             generate_js_files = false
             ## Optional Languages
             ## en(default), be, de, es, fr, it, ja, pl, pt, ru, zh
             lang = en
             ## perform a full repository scan on each server start, this should be
             ## set to false after first startup, to allow faster server restarts.
             startup.import_repos = false
             ## Uncomment and set this path to use archive download cache.
             ## Once enabled, generated archives will be cached at this location
             ## and served from the cache during subsequent requests for the same archive of
             ## the repository.
             #archive_cache_dir = /tmp/tarballcache
             ## URL at which the application is running. This is used for bootstraping
             ## requests in context when no web request is available. Used in ishell, or
             ## SSH calls. Set this for events to receive proper url for SSH calls.
             app.base_url = http://rhodecode.local
             ## change this to unique ID for security
             app_instance_uuid = rc-production
             ## cut off limit for large diffs (size in bytes). If overall diff size on
             ## commit, or pull request exceeds this limit this diff will be displayed
             ## partially. E.g 512000 == 512Kb
             cut_off_limit_diff = 512000
             ## cut off limit for large files inside diffs (size in bytes). Each individual
             ## file inside diff which exceeds this limit will be displayed partially.
             ##  E.g 128000 == 128Kb
             cut_off_limit_file = 128000
             ## use cache version of scm repo everywhere
             vcs_full_cache = true
             ## force https in RhodeCode, fixes https redirects, assumes it's always https
             ## Normally this is controlled by proper http flags sent from http server
             force_https = false
             ## use Strict-Transport-Security headers
             use_htsts = false
             ## git rev filter option, --all is the default filter, if you need to
             ## hide all refs in changelog switch this to --branches --tags
             git_rev_filter = --branches --tags
             # Set to true if your repos are exposed using the dumb protocol
             git_update_server_info = false
             ## RSS/ATOM feed options
             rss_cut_off_limit = 256000
             rss_items_per_page = 10
             rss_include_diff = false
             ## gist URL alias, used to create nicer urls for gist. This should be an
             ## url that does rewrites to _admin/gists/{gistid}.
             ## example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
             ## RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
             gist_alias_url =
             ## List of views (using glob pattern syntax) that AUTH TOKENS could be
             ## used for access.
             ## Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
             ## came from the the logged in user who own this authentication token.
             ## Additionally @TOKEN syntaxt can be used to bound the view to specific
             ## authentication token. Such view would be only accessible when used together
             ## with this authentication token
             ##
             ## list of all views can be found under `/_admin/permissions/auth_token_access`
             ## The list should be "," separated and on a single line.
             ##
             ## Most common views to enable:
             #    RepoCommitsView:repo_commit_download
             #    RepoCommitsView:repo_commit_patch
             #    RepoCommitsView:repo_commit_raw
             #    RepoCommitsView:repo_commit_raw@TOKEN
             #    RepoFilesView:repo_files_diff
             #    RepoFilesView:repo_archivefile
             #    RepoFilesView:repo_file_raw
             #    GistView:*
             api_access_controllers_whitelist =
             ## default encoding used to convert from and to unicode
             ## can be also a comma separated list of encoding in case of mixed encodings
             default_encoding = UTF-8
             ## instance-id prefix
             ## a prefix key for this instance used for cache invalidation when running
             ## multiple instances of rhodecode, make sure it's globally unique for
             ## all running rhodecode instances. Leave empty if you don't use it
             instance_id =
             ## Fallback authentication plugin. Set this to a plugin ID to force the usage
             ## of an authentication plugin also if it is disabled by it's settings.
             ## This could be useful if you are unable to log in to the system due to broken
             ## authentication settings. Then you can enable e.g. the internal rhodecode auth
             ## module to log in again and fix the settings.
             ##
             ## Available builtin plugin IDs (hash is part of the ID):
             ## egg:rhodecode-enterprise-ce#rhodecode
             ## egg:rhodecode-enterprise-ce#pam
             ## egg:rhodecode-enterprise-ce#ldap
             ## egg:rhodecode-enterprise-ce#jasig_cas
             ## egg:rhodecode-enterprise-ce#headers
             ## egg:rhodecode-enterprise-ce#crowd
             #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
             ## alternative return HTTP header for failed authentication. Default HTTP
             ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
             ## handling that causing a series of failed authentication calls.
             ## Set this variable to 403 to return HTTPForbidden, or any other HTTP code
             ## This will be served instead of default 401 on bad authnetication
             auth_ret_code =
             ## use special detection method when serving auth_ret_code, instead of serving
             ## ret_code directly, use 401 initially (Which triggers credentials prompt)
             ## and then serve auth_ret_code to clients
             auth_ret_code_detection = false
             ## locking return code. When repository is locked return this HTTP code. 2XX
             ## codes don't break the transactions while 4XX codes do
             lock_ret_code = 423
             ## allows to change the repository location in settings page
             allow_repo_location_change = true
             ## allows to setup custom hooks in settings page
             allow_custom_hooks_settings = true
             ## generated license token, goto license page in RhodeCode settings to obtain
             ## new token
             license_token =
             ## supervisor connection uri, for managing supervisor and logs.
             supervisor.uri =
             ## supervisord group name/id we only want this RC instance to handle
             supervisor.group_id = prod
             ## Display extended labs settings
             labs_settings_active = true
             ####################################
             ###        CELERY CONFIG        ####
             ####################################
             ## run: /path/to/celery worker \
             ##     -E --beat --app rhodecode.lib.celerylib.loader \
             ##     --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler \
             ##     --loglevel DEBUG --ini /path/to/rhodecode.ini
             use_celery = false
             ## connection url to the message broker (default rabbitmq)
             celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost
             ## maximum tasks to execute before worker restart
             celery.max_tasks_per_child = 100
             ## tasks will never be sent to the queue, but executed locally instead.
             celery.task_always_eager = false
             #####################################
             ###         DOGPILE CACHE        ####
             #####################################
             ## Default cache dir for caches.  Putting this into a ramdisk
             ## can boost performance, eg. /tmpfs/data_ramdisk, however this might require lots
             ## of space
             cache_dir = /tmp/rcdev/data
             ## cache settings for permission tree, auth TTL.
             rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_perms.expiration_time = 300
             rc_cache.cache_perms.arguments.filename = /tmp/rc_cache_1
             ## redis backend with distributed locks
             #rc_cache.cache_perms.backend = dogpile.cache.rc.redis
             #rc_cache.cache_perms.expiration_time = 300
             #rc_cache.cache_perms.arguments.host = localhost
             #rc_cache.cache_perms.arguments.port = 6379
             #rc_cache.cache_perms.arguments.db = 0
             #rc_cache.cache_perms.arguments.redis_expiration_time = 7200
             #rc_cache.cache_perms.arguments.distributed_lock = true
             rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_repo.expiration_time = 2592000
             rc_cache.cache_repo.arguments.filename = /tmp/rc_cache_2
             ## redis backend with distributed locks
             #rc_cache.cache_repo.backend = dogpile.cache.rc.redis
             #rc_cache.cache_repo.expiration_time = 2592000
             ## this needs to be greater then expiration_time
             #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400
             #rc_cache.cache_repo.arguments.host = localhost
             #rc_cache.cache_repo.arguments.port = 6379
             #rc_cache.cache_repo.arguments.db = 1
             #rc_cache.cache_repo.arguments.distributed_lock = true
             ## cache settings for SQL queries
             rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
             rc_cache.sql_cache_short.expiration_time = 30
             ####################################
-            ###         BEAKER CACHE        ####
-            ####################################
-            ## locking and default file storage for Beaker. Putting this into a ramdisk
-            ## can boost performance, eg. %(here)s/data_ramdisk/cache/beaker_data
-            beaker.cache.data_dir = %(here)s/data/cache/beaker_data
-            beaker.cache.lock_dir = %(here)s/data/cache/beaker_lock
-            beaker.cache.regions = long_term
-            beaker.cache.long_term.type = memory
-            beaker.cache.long_term.expire = 172800
-            beaker.cache.long_term.key_length = 256
-            ####################################
             ###       BEAKER SESSION        ####
             ####################################
             ## .session.type is type of storage options for the session, current allowed
             ## types are file, ext:memcached, ext:redis, ext:database, and memory (default).
             beaker.session.type = file
             beaker.session.data_dir = %(here)s/data/sessions
             ## db based session, fast, and allows easy management over logged in users
             #beaker.session.type = ext:database
             #beaker.session.table_name = db_session
             #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
             #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
             #beaker.session.sa.pool_recycle = 3600
             #beaker.session.sa.echo = false
             beaker.session.key = rhodecode
             beaker.session.secret = production-rc-uytcxaz
             beaker.session.lock_dir = %(here)s/data/sessions/lock
             ## Secure encrypted cookie. Requires AES and AES python libraries
             ## you must disable beaker.session.secret to use this
             #beaker.session.encrypt_key = key_for_encryption
             #beaker.session.validate_key = validation_key
             ## sets session as invalid(also logging out user) if it haven not been
             ## accessed for given amount of time in seconds
             beaker.session.timeout = 2592000
             beaker.session.httponly = true
             ## Path to use for the cookie. Set to prefix if you use prefix middleware
             #beaker.session.cookie_path = /custom_prefix
             ## uncomment for https secure cookie
             beaker.session.secure = false
             ## auto save the session to not to use .save()
             beaker.session.auto = false
             ## default cookie expiration time in seconds, set to `true` to set expire
             ## at browser close
             #beaker.session.cookie_expires = 3600
             ###################################
             ## SEARCH INDEXING CONFIGURATION ##
             ###################################
             ## Full text search indexer is available in rhodecode-tools under
             ## `rhodecode-tools index` command
             ## WHOOSH Backend, doesn't require additional services to run
             ## it works good with few dozen repos
             search.module = rhodecode.lib.index.whoosh
             search.location = %(here)s/data/index
             ########################################
             ###    CHANNELSTREAM CONFIG         ####
             ########################################
             ## channelstream enables persistent connections and live notification
             ## in the system. It's also used by the chat system
             channelstream.enabled = false
             ## server address for channelstream server on the backend
             channelstream.server = 127.0.0.1:9800
             ## location of the channelstream server from outside world
             ## use ws:// for http or wss:// for https. This address needs to be handled
             ## by external HTTP server such as Nginx or Apache
             ## see nginx/apache configuration examples in our docs
             channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
             channelstream.secret = secret
             channelstream.history.location = %(here)s/channelstream_history
             ## Internal application path that Javascript uses to connect into.
             ## If you use proxy-prefix the prefix should be added before /_channelstream
             channelstream.proxy_path = /_channelstream
             ###################################
             ##       APPENLIGHT CONFIG       ##
             ###################################
             ## Appenlight is tailored to work with RhodeCode, see
             ## http://appenlight.com for details how to obtain an account
             ## appenlight integration enabled
             appenlight = false
             appenlight.server_url = https://api.appenlight.com
             appenlight.api_key = YOUR_API_KEY
             #appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5
             # used for JS client
             appenlight.api_public_key = YOUR_API_PUBLIC_KEY
             ## TWEAK AMOUNT OF INFO SENT HERE
             ## enables 404 error logging (default False)
             appenlight.report_404 = false
             ## time in seconds after request is considered being slow (default 1)
             appenlight.slow_request_time = 1
             ## record slow requests in application
             ## (needs to be enabled for slow datastore recording and time tracking)
             appenlight.slow_requests = true
             ## enable hooking to application loggers
             appenlight.logging = true
             ## minimum log level for log capture
             appenlight.logging.level = WARNING
             ## send logs only from erroneous/slow requests
             ## (saves API quota for intensive logging)
             appenlight.logging_on_error = false
             ## list of additonal keywords that should be grabbed from environ object
             ## can be string with comma separated list of words in lowercase
             ## (by default client will always send following info:
             ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
             ## start with HTTP* this list be extended with additional keywords here
             appenlight.environ_keys_whitelist =
             ## list of keywords that should be blanked from request object
             ## can be string with comma separated list of words in lowercase
             ## (by default client will always blank keys that contain following words
             ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
             ## this list be extended with additional keywords set here
             appenlight.request_keys_blacklist =
             ## list of namespaces that should be ignores when gathering log entries
             ## can be string with comma separated list of namespaces
             ## (by default the client ignores own entries: appenlight_client.client)
             appenlight.log_namespace_blacklist =
             ################################################################################
             ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT*  ##
             ## Debug mode will enable the interactive debugging tool, allowing ANYONE to  ##
             ## execute malicious code after an exception is raised.                       ##
             ################################################################################
             set debug = false
             ###########################################
             ###   MAIN RHODECODE DATABASE CONFIG    ###
             ###########################################
             #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
             #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
             #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode
             #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
             sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
             # see sqlalchemy docs for other advanced settings
             ## print the sql statements to output
             sqlalchemy.db1.echo = false
             ## recycle the connections after this amount of seconds
             sqlalchemy.db1.pool_recycle = 3600
             sqlalchemy.db1.convert_unicode = true
             ## the number of connections to keep open inside the connection pool.
             ## 0 indicates no limit
             #sqlalchemy.db1.pool_size = 5
             ## the number of connections to allow in connection pool "overflow", that is
             ## connections that can be opened above and beyond the pool_size setting,
             ## which defaults to five.
             #sqlalchemy.db1.max_overflow = 10
             ## Connection check ping, used to detect broken database connections
             ## could be enabled to better handle cases if MySQL has gone away errors
             #sqlalchemy.db1.ping_connection = true
             ##################
             ### VCS CONFIG ###
             ##################
             vcs.server.enable = true
             vcs.server = localhost:9900
             ## Web server connectivity protocol, responsible for web based VCS operatations
             ## Available protocols are:
             ## `http` - use http-rpc backend (default)
             vcs.server.protocol = http
             ## Push/Pull operations protocol, available options are:
             ## `http` - use http-rpc backend (default)
             ##
             vcs.scm_app_implementation = http
             ## Push/Pull operations hooks protocol, available options are:
             ## `http` - use http-rpc backend (default)
             vcs.hooks.protocol = http
             ## Host on which this instance is listening for hooks. If vcsserver is in other location
             ## this should be adjusted.
             vcs.hooks.host = 127.0.0.1
             vcs.server.log_level = info
             ## Start VCSServer with this instance as a subprocess, usefull for development
             vcs.start_server = false
             ## List of enabled VCS backends, available options are:
             ## `hg`  - mercurial
             ## `git` - git
             ## `svn` - subversion
             vcs.backends = hg, git, svn
             vcs.connection_timeout = 3600
             ## Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
             ## Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
             #vcs.svn.compatible_version = pre-1.8-compatible
             ############################################################
             ### Subversion proxy support (mod_dav_svn)               ###
             ### Maps RhodeCode repo groups into SVN paths for Apache ###
             ############################################################
             ## Enable or disable the config file generation.
             svn.proxy.generate_config = false
             ## Generate config file with `SVNListParentPath` set to `On`.
             svn.proxy.list_parent_path = true
             ## Set location and file name of generated config file.
             svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
             ## alternative mod_dav config template. This needs to be a mako template
             #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
             ## Used as a prefix to the `Location` block in the generated config file.
             ## In most cases it should be set to `/`.
             svn.proxy.location_root = /
             ## Command to reload the mod dav svn configuration on change.
             ## Example: `/etc/init.d/apache2 reload`
             #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
             ## If the timeout expires before the reload command finishes, the command will
             ## be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
             #svn.proxy.reload_timeout = 10
             ############################################################
             ### SSH Support Settings                                 ###
             ############################################################
             ## Defines if a custom authorized_keys file should be created and written on
             ## any change user ssh keys. Setting this to false also disables posibility
             ## of adding SSH keys by users from web interface. Super admins can still
             ## manage SSH Keys.
             ssh.generate_authorized_keyfile = false
             ## Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
             # ssh.authorized_keys_ssh_opts =
             ## Path to the authrozied_keys file where the generate entries are placed.
             ## It is possible to have multiple key files specified in `sshd_config` e.g.
             ## AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
             ssh.authorized_keys_file_path = ~/.ssh/authorized_keys_rhodecode
             ## Command to execute the SSH wrapper. The binary is available in the
             ## rhodecode installation directory.
             ## e.g ~/.rccontrol/community-1/profile/bin/rc-ssh-wrapper
             ssh.wrapper_cmd = ~/.rccontrol/community-1/rc-ssh-wrapper
             ## Allow shell when executing the ssh-wrapper command
             ssh.wrapper_cmd_allow_shell = false
             ## Enables logging, and detailed output send back to the client during SSH
             ## operations. Usefull for debugging, shouldn't be used in production.
             ssh.enable_debug_logging = false
             ## Paths to binary executable, by default they are the names, but we can
             ## override them if we want to use a custom one
             ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
             ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
             ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
             ## Dummy marker to add new entries after.
             ## Add any custom entries below. Please don't remove.
             custom.conf = 1
             ################################
             ### LOGGING CONFIGURATION   ####
             ################################
             [loggers]
             keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper
             [handlers]
             keys = console, console_sql
             [formatters]
             keys = generic, color_formatter, color_formatter_sql
             #############
             ## LOGGERS ##
             #############
             [logger_root]
             level = NOTSET
             handlers = console
             [logger_sqlalchemy]
             level = INFO
             handlers = console_sql
             qualname = sqlalchemy.engine
             propagate = 0
             [logger_beaker]
             level = DEBUG
             handlers =
             qualname = beaker.container
             propagate = 1
             [logger_rhodecode]
             level = DEBUG
             handlers =
             qualname = rhodecode
             propagate = 1
             [logger_ssh_wrapper]
             level = DEBUG
             handlers =
             qualname = ssh_wrapper
             propagate = 1
             [logger_celery]
             level = DEBUG
             handlers =
             qualname = celery
             ##############
             ## HANDLERS ##
             ##############
             [handler_console]
             class = StreamHandler
             args = (sys.stderr, )
             level = INFO
             formatter = generic
             [handler_console_sql]
             # "level = DEBUG" logs SQL queries and results.
             # "level = INFO" logs SQL queries.
             # "level = WARN" logs neither.  (Recommended for production systems.)
             class = StreamHandler
             args = (sys.stderr, )
             level = WARN
             formatter = generic
             ################
             ## FORMATTERS ##
             ################
             [formatter_generic]
             class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_color_formatter]
             class = rhodecode.lib.logging_formatter.ColorFormatter
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_color_formatter_sql]
             class = rhodecode.lib.logging_formatter.ColorFormatterSql
             format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S

rhodecode/apps/repository/views/repo_feed.py

0 +63 -39

             # -*- coding: utf-8 -*-
             # Copyright (C) 2017-2018 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
+            import time
             import pytz
             import logging
-            from beaker.cache import cache_region
             from pyramid.view import view_config
             from pyramid.response import Response
             from webhelpers.feedgenerator import Rss201rev2Feed, Atom1Feed
             from rhodecode.apps._base import RepoAppView
             from rhodecode.lib import audit_logger
+            from rhodecode.lib import rc_cache
             from rhodecode.lib import helpers as h
             from rhodecode.lib.auth import (
                 LoginRequired, HasRepoPermissionAnyDecorator)
             from rhodecode.lib.diffs import DiffProcessor, LimitedDiffContainer
             from rhodecode.lib.utils2 import str2bool, safe_int, md5_safe
             from rhodecode.model.db import UserApiKeys, CacheKey
             log = logging.getLogger(__name__)
             class RepoFeedView(RepoAppView):
                 def load_default_context(self):
                     c = self._get_local_tmpl_context()
                     self._load_defaults()
                     return c
                 def _get_config(self):
                     import rhodecode
                     config = rhodecode.CONFIG
                     return {
                         'language': 'en-us',
                         'feed_ttl': '5',  # TTL of feed,
                         'feed_include_diff':
                             str2bool(config.get('rss_include_diff', False)),
                         'feed_items_per_page':
                             safe_int(config.get('rss_items_per_page', 20)),
                         'feed_diff_limit':
                             # we need to protect from parsing huge diffs here other way
                             # we can kill the server
                             safe_int(config.get('rss_cut_off_limit', 32 * 1024)),
                     }
                 def _load_defaults(self):
                     _ = self.request.translate
                     config = self._get_config()
                     # common values for feeds
                     self.description = _('Changes on %s repository')
                     self.title = self.title = _('%s %s feed') % (self.db_repo_name, '%s')
                     self.language = config["language"]
                     self.ttl = config["feed_ttl"]
                     self.feed_include_diff = config['feed_include_diff']
                     self.feed_diff_limit = config['feed_diff_limit']
                     self.feed_items_per_page = config['feed_items_per_page']
                 def _changes(self, commit):
                     diff_processor = DiffProcessor(
                         commit.diff(), diff_limit=self.feed_diff_limit)
                     _parsed = diff_processor.prepare(inline_diff=False)
                     limited_diff = isinstance(_parsed, LimitedDiffContainer)
                     return diff_processor, _parsed, limited_diff
                 def _get_title(self, commit):
                     return h.shorter(commit.message, 160)
                 def _get_description(self, commit):
                     _renderer = self.request.get_partial_renderer(
                         'rhodecode:templates/feed/atom_feed_entry.mako')
                     diff_processor, parsed_diff, limited_diff = self._changes(commit)
                     filtered_parsed_diff, has_hidden_changes = self.path_filter.filter_patchset(parsed_diff)
                     return _renderer(
                         'body',
                         commit=commit,
                         parsed_diff=filtered_parsed_diff,
                         limited_diff=limited_diff,
                         feed_include_diff=self.feed_include_diff,
                         diff_processor=diff_processor,
                         has_hidden_changes=has_hidden_changes
                     )
                 def _set_timezone(self, date, tzinfo=pytz.utc):
                     if not getattr(date, "tzinfo", None):
                         date.replace(tzinfo=tzinfo)
                     return date
                 def _get_commits(self):
                     return list(self.rhodecode_vcs_repo[-self.feed_items_per_page:])
                 def uid(self, repo_id, commit_id):
                     return '{}:{}'.format(md5_safe(repo_id), md5_safe(commit_id))
                 @LoginRequired(auth_token_access=[UserApiKeys.ROLE_FEED])
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 @view_config(
                     route_name='atom_feed_home', request_method='GET',
                     renderer=None)
                 def atom(self):
                     """
                     Produce an atom-1.0 feed via feedgenerator module
                     """
                     self.load_default_context()
-                    def _generate_feed():
+                    cache_namespace_uid = 'cache_repo_instance.{}_{}'.format(
+                        self.db_repo.repo_id, CacheKey.CACHE_TYPE_FEED)
+                    invalidation_namespace = CacheKey.REPO_INVALIDATION_NAMESPACE.format(
+                        repo_id=self.db_repo.repo_id)
+                    region = rc_cache.get_or_create_region('cache_repo_longterm',
+                                                           cache_namespace_uid)
+                    condition = not self.path_filter.is_enabled
+                    @region.conditional_cache_on_arguments(namespace=cache_namespace_uid,
+                                                           condition=condition)
+                    def generate_atom_feed(repo_id, _repo_name, _feed_type):
                         feed = Atom1Feed(
-                            title=self.title % self.db_repo_name,
+                            title=self.title % _repo_name,
-                            link=h.route_url('repo_summary', repo_name=self.db_repo_name),
+                            link=h.route_url('repo_summary', repo_name=_repo_name),
-                            description=self.description % self.db_repo_name,
+                            description=self.description % _repo_name,
                             language=self.language,
                             ttl=self.ttl
                         )
                         for commit in reversed(self._get_commits()):
                             date = self._set_timezone(commit.date)
                             feed.add_item(
-                                unique_id=self.uid(self.db_repo.repo_id, commit.raw_id),
+                                unique_id=self.uid(repo_id, commit.raw_id),
                                 title=self._get_title(commit),
                                 author_name=commit.author,
                                 description=self._get_description(commit),
                                 link=h.route_url(
-                                    'repo_commit', repo_name=self.db_repo_name,
+                                    'repo_commit', repo_name=_repo_name,
                                     commit_id=commit.raw_id),
                                 pubdate=date,)
                         return feed.mime_type, feed.writeString('utf-8')
-                    @cache_region('long_term')
+                    start = time.time()
-                    def _generate_feed_and_cache(cache_key):
+                    inv_context_manager = rc_cache.InvalidationContext(
-                        return _generate_feed()
+                        uid=cache_namespace_uid, invalidation_namespace=invalidation_namespace)
+                    with inv_context_manager as invalidation_context:
+                        # check for stored invalidation signal, and maybe purge the cache
+                        # before computing it again
+                        if invalidation_context.should_invalidate():
+                            generate_atom_feed.invalidate(
+                                self.db_repo.repo_id, self.db_repo.repo_name, 'atom')
-                    if self.path_filter.is_enabled:
+                        mime_type, feed = generate_atom_feed(
-                        mime_type, feed = _generate_feed()
+                            self.db_repo.repo_id, self.db_repo.repo_name, 'atom')
-                    else:
+                        compute_time = time.time() - start
-                        invalidator_context = CacheKey.repo_context_cache(
+                        log.debug('Repo ATOM feed computed in %.3fs', compute_time)
-                            _generate_feed_and_cache, self.db_repo_name,
-                            CacheKey.CACHE_TYPE_ATOM)
-                        with invalidator_context as context:
-                            context.invalidate()
-                            mime_type, feed = context.compute()
                     response = Response(feed)
                     response.content_type = mime_type
                     return response
                 @LoginRequired(auth_token_access=[UserApiKeys.ROLE_FEED])
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 @view_config(
                     route_name='rss_feed_home', request_method='GET',
                     renderer=None)
                 def rss(self):
                     """
                     Produce an rss2 feed via feedgenerator module
                     """
                     self.load_default_context()
-                    def _generate_feed():
+                    cache_namespace_uid = 'cache_repo_instance.{}_{}'.format(
+                        self.db_repo.repo_id, CacheKey.CACHE_TYPE_FEED)
+                    invalidation_namespace = CacheKey.REPO_INVALIDATION_NAMESPACE.format(
+                        repo_id=self.db_repo.repo_id)
+                    region = rc_cache.get_or_create_region('cache_repo_longterm',
+                                                           cache_namespace_uid)
+                    condition = not self.path_filter.is_enabled
+                    @region.conditional_cache_on_arguments(namespace=cache_namespace_uid,
+                                                           condition=condition)
+                    def generate_rss_feed(repo_id, _repo_name, _feed_type):
                         feed = Rss201rev2Feed(
-                            title=self.title % self.db_repo_name,
+                            title=self.title % _repo_name,
-                            link=h.route_url('repo_summary', repo_name=self.db_repo_name),
+                            link=h.route_url('repo_summary', repo_name=_repo_name),
-                            description=self.description % self.db_repo_name,
+                            description=self.description % _repo_name,
                             language=self.language,
                             ttl=self.ttl
                         )
                         for commit in reversed(self._get_commits()):
                             date = self._set_timezone(commit.date)
                             feed.add_item(
-                                unique_id=self.uid(self.db_repo.repo_id, commit.raw_id),
+                                unique_id=self.uid(repo_id, commit.raw_id),
                                 title=self._get_title(commit),
                                 author_name=commit.author,
                                 description=self._get_description(commit),
                                 link=h.route_url(
-                                    'repo_commit', repo_name=self.db_repo_name,
+                                    'repo_commit', repo_name=_repo_name,
                                     commit_id=commit.raw_id),
                                 pubdate=date,)
                         return feed.mime_type, feed.writeString('utf-8')
-                    @cache_region('long_term')
+                    start = time.time()
-                    def _generate_feed_and_cache(cache_key):
+                    inv_context_manager = rc_cache.InvalidationContext(
-                        return _generate_feed()
+                        uid=cache_namespace_uid, invalidation_namespace=invalidation_namespace)
+                    with inv_context_manager as invalidation_context:
+                        # check for stored invalidation signal, and maybe purge the cache
+                        # before computing it again
+                        if invalidation_context.should_invalidate():
+                            generate_rss_feed.invalidate(
+                                self.db_repo.repo_id, self.db_repo.repo_name, 'rss')
-                    if self.path_filter.is_enabled:
+                        mime_type, feed = generate_rss_feed(
-                        mime_type, feed = _generate_feed()
+                            self.db_repo.repo_id, self.db_repo.repo_name, 'rss')
-                    else:
+                        compute_time = time.time() - start
-                        invalidator_context = CacheKey.repo_context_cache(
+                        log.debug('Repo RSS feed computed in %.3fs', compute_time)
-                            _generate_feed_and_cache, self.db_repo_name,
-                            CacheKey.CACHE_TYPE_RSS)
-                        with invalidator_context as context:
-                            context.invalidate()
-                            mime_type, feed = context.compute()
                     response = Response(feed)
                     response.content_type = mime_type
                     return response

rhodecode/apps/repository/views/repo_files.py

0 +1 -1

             # -*- coding: utf-8 -*-
             # Copyright (C) 2011-2018 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import itertools
             import logging
             import os
             import shutil
             import tempfile
             import collections
             from pyramid.httpexceptions import HTTPNotFound, HTTPBadRequest, HTTPFound
             from pyramid.view import view_config
             from pyramid.renderers import render
             from pyramid.response import Response
             import rhodecode
             from rhodecode.apps._base import RepoAppView
             from rhodecode.controllers.utils import parse_path_ref
-            from rhodecode.lib import diffs, helpers as h, caches, rc_cache
+            from rhodecode.lib import diffs, helpers as h, rc_cache
             from rhodecode.lib import audit_logger
             from rhodecode.lib.exceptions import NonRelativePathError
             from rhodecode.lib.codeblocks import (
                 filenode_as_lines_tokens, filenode_as_annotated_lines_tokens)
             from rhodecode.lib.utils2 import (
                 convert_line_endings, detect_mode, safe_str, str2bool, safe_int)
             from rhodecode.lib.auth import (
                 LoginRequired, HasRepoPermissionAnyDecorator, CSRFRequired)
             from rhodecode.lib.vcs import path as vcspath
             from rhodecode.lib.vcs.backends.base import EmptyCommit
             from rhodecode.lib.vcs.conf import settings
             from rhodecode.lib.vcs.nodes import FileNode
             from rhodecode.lib.vcs.exceptions import (
                 RepositoryError, CommitDoesNotExistError, EmptyRepositoryError,
                 ImproperArchiveTypeError, VCSError, NodeAlreadyExistsError,
                 NodeDoesNotExistError, CommitError, NodeError)
             from rhodecode.model.scm import ScmModel
             from rhodecode.model.db import Repository
             log = logging.getLogger(__name__)
             class RepoFilesView(RepoAppView):
                 @staticmethod
                 def adjust_file_path_for_svn(f_path, repo):
                     """
                     Computes the relative path of `f_path`.
                     This is mainly based on prefix matching of the recognized tags and
                     branches in the underlying repository.
                     """
                     tags_and_branches = itertools.chain(
                         repo.branches.iterkeys(),
                         repo.tags.iterkeys())
                     tags_and_branches = sorted(tags_and_branches, key=len, reverse=True)
                     for name in tags_and_branches:
                         if f_path.startswith('{}/'.format(name)):
                             f_path = vcspath.relpath(f_path, name)
                             break
                     return f_path
                 def load_default_context(self):
                     c = self._get_local_tmpl_context(include_app_defaults=True)
                     c.rhodecode_repo = self.rhodecode_vcs_repo
                     return c
                 def _ensure_not_locked(self):
                     _ = self.request.translate
                     repo = self.db_repo
                     if repo.enable_locking and repo.locked[0]:
                         h.flash(_('This repository has been locked by %s on %s')
                                 % (h.person_by_id(repo.locked[0]),
                                 h.format_date(h.time_to_datetime(repo.locked[1]))),
                                 'warning')
                         files_url = h.route_path(
                             'repo_files:default_path',
                             repo_name=self.db_repo_name, commit_id='tip')
                         raise HTTPFound(files_url)
                 def _get_commit_and_path(self):
                     default_commit_id = self.db_repo.landing_rev[1]
                     default_f_path = '/'
                     commit_id = self.request.matchdict.get(
                         'commit_id', default_commit_id)
                     f_path = self._get_f_path(self.request.matchdict, default_f_path)
                     return commit_id, f_path
                 def _get_default_encoding(self, c):
                     enc_list = getattr(c, 'default_encodings', [])
                     return enc_list[0] if enc_list else 'UTF-8'
                 def _get_commit_or_redirect(self, commit_id, redirect_after=True):
                     """
                     This is a safe way to get commit. If an error occurs it redirects to
                     tip with proper message
                     :param commit_id: id of commit to fetch
                     :param redirect_after: toggle redirection
                     """
                     _ = self.request.translate
                     try:
                         return self.rhodecode_vcs_repo.get_commit(commit_id)
                     except EmptyRepositoryError:
                         if not redirect_after:
                             return None
                         _url = h.route_path(
                             'repo_files_add_file',
                             repo_name=self.db_repo_name, commit_id=0, f_path='',
                             _anchor='edit')
                         if h.HasRepoPermissionAny(
                                 'repository.write', 'repository.admin')(self.db_repo_name):
                             add_new = h.link_to(
                                 _('Click here to add a new file.'), _url, class_="alert-link")
                         else:
                             add_new = ""
                         h.flash(h.literal(
                             _('There are no files yet. %s') % add_new), category='warning')
                         raise HTTPFound(
                             h.route_path('repo_summary', repo_name=self.db_repo_name))
                     except (CommitDoesNotExistError, LookupError):
                         msg = _('No such commit exists for this repository')
                         h.flash(msg, category='error')
                         raise HTTPNotFound()
                     except RepositoryError as e:
                         h.flash(safe_str(h.escape(e)), category='error')
                         raise HTTPNotFound()
                 def _get_filenode_or_redirect(self, commit_obj, path):
                     """
                     Returns file_node, if error occurs or given path is directory,
                     it'll redirect to top level path
                     """
                     _ = self.request.translate
                     try:
                         file_node = commit_obj.get_node(path)
                         if file_node.is_dir():
                             raise RepositoryError('The given path is a directory')
                     except CommitDoesNotExistError:
                         log.exception('No such commit exists for this repository')
                         h.flash(_('No such commit exists for this repository'), category='error')
                         raise HTTPNotFound()
                     except RepositoryError as e:
                         log.warning('Repository error while fetching '
                                     'filenode `%s`. Err:%s', path, e)
                         h.flash(safe_str(h.escape(e)), category='error')
                         raise HTTPNotFound()
                     return file_node
                 def _is_valid_head(self, commit_id, repo):
                     # check if commit is a branch identifier- basically we cannot
                     # create multiple heads via file editing
                     valid_heads = repo.branches.keys() + repo.branches.values()
                     if h.is_svn(repo) and not repo.is_empty():
                         # Note: Subversion only has one head, we add it here in case there
                         # is no branch matched.
                         valid_heads.append(repo.get_commit(commit_idx=-1).raw_id)
                     # check if commit is a branch name or branch hash
                     return commit_id in valid_heads
                 def _get_tree_at_commit(
                         self, c, commit_id, f_path, full_load=False):
                     repo_id = self.db_repo.repo_id
                     cache_seconds = safe_int(
                         rhodecode.CONFIG.get('rc_cache.cache_repo.expiration_time'))
                     cache_on = cache_seconds > 0
                     log.debug(
                         'Computing FILE TREE for repo_id %s commit_id `%s` and path `%s`'
                         'with caching: %s[TTL: %ss]' % (
                             repo_id, commit_id, f_path, cache_on, cache_seconds or 0))
                     cache_namespace_uid = 'cache_repo.{}'.format(repo_id)
                     region = rc_cache.get_or_create_region('cache_repo', cache_namespace_uid)
                     @region.conditional_cache_on_arguments(namespace=cache_namespace_uid,
                                                            condition=cache_on)
                     def compute_file_tree(repo_id, commit_id, f_path, full_load):
                         log.debug('Generating cached file tree for repo_id: %s, %s, %s',
                                   repo_id, commit_id, f_path)
                         c.full_load = full_load
                         return render(
                             'rhodecode:templates/files/files_browser_tree.mako',
                             self._get_template_context(c), self.request)
                     return compute_file_tree(self.db_repo.repo_id, commit_id, f_path, full_load)
                 def _get_archive_spec(self, fname):
                     log.debug('Detecting archive spec for: `%s`', fname)
                     fileformat = None
                     ext = None
                     content_type = None
                     for a_type, ext_data in settings.ARCHIVE_SPECS.items():
                         content_type, extension = ext_data
                         if fname.endswith(extension):
                             fileformat = a_type
                             log.debug('archive is of type: %s', fileformat)
                             ext = extension
                             break
                     if not fileformat:
                         raise ValueError()
                     # left over part of whole fname is the commit
                     commit_id = fname[:-len(ext)]
                     return commit_id, ext, fileformat, content_type
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 @view_config(
                     route_name='repo_archivefile', request_method='GET',
                     renderer=None)
                 def repo_archivefile(self):
                     # archive cache config
                     from rhodecode import CONFIG
                     _ = self.request.translate
                     self.load_default_context()
                     fname = self.request.matchdict['fname']
                     subrepos = self.request.GET.get('subrepos') == 'true'
                     if not self.db_repo.enable_downloads:
                         return Response(_('Downloads disabled'))
                     try:
                         commit_id, ext, fileformat, content_type = \
                             self._get_archive_spec(fname)
                     except ValueError:
                         return Response(_('Unknown archive type for: `{}`').format(
                             h.escape(fname)))
                     try:
                         commit = self.rhodecode_vcs_repo.get_commit(commit_id)
                     except CommitDoesNotExistError:
                         return Response(_('Unknown commit_id {}').format(
                             h.escape(commit_id)))
                     except EmptyRepositoryError:
                         return Response(_('Empty repository'))
                     archive_name = '%s-%s%s%s' % (
                         safe_str(self.db_repo_name.replace('/', '_')),
                         '-sub' if subrepos else '',
                         safe_str(commit.short_id), ext)
                     use_cached_archive = False
                     archive_cache_enabled = CONFIG.get(
                         'archive_cache_dir') and not self.request.GET.get('no_cache')
                     if archive_cache_enabled:
                         # check if we it's ok to write
                         if not os.path.isdir(CONFIG['archive_cache_dir']):
                             os.makedirs(CONFIG['archive_cache_dir'])
                         cached_archive_path = os.path.join(
                             CONFIG['archive_cache_dir'], archive_name)
                         if os.path.isfile(cached_archive_path):
                             log.debug('Found cached archive in %s', cached_archive_path)
                             fd, archive = None, cached_archive_path
                             use_cached_archive = True
                         else:
                             log.debug('Archive %s is not yet cached', archive_name)
                     if not use_cached_archive:
                         # generate new archive
                         fd, archive = tempfile.mkstemp()
                         log.debug('Creating new temp archive in %s', archive)
                         try:
                             commit.archive_repo(archive, kind=fileformat, subrepos=subrepos)
                         except ImproperArchiveTypeError:
                             return _('Unknown archive type')
                         if archive_cache_enabled:
                             # if we generated the archive and we have cache enabled
                             # let's use this for future
                             log.debug('Storing new archive in %s', cached_archive_path)
                             shutil.move(archive, cached_archive_path)
                             archive = cached_archive_path
                     # store download action
                     audit_logger.store_web(
                         'repo.archive.download', action_data={
                             'user_agent': self.request.user_agent,
                             'archive_name': archive_name,
                             'archive_spec': fname,
                             'archive_cached': use_cached_archive},
                         user=self._rhodecode_user,
                         repo=self.db_repo,
                         commit=True
                     )
                     def get_chunked_archive(archive):
                         with open(archive, 'rb') as stream:
                             while True:
                                 data = stream.read(16 * 1024)
                                 if not data:
                                     if fd:  # fd means we used temporary file
                                         os.close(fd)
                                     if not archive_cache_enabled:
                                         log.debug('Destroying temp archive %s', archive)
                                         os.remove(archive)
                                     break
                                 yield data
                     response = Response(app_iter=get_chunked_archive(archive))
                     response.content_disposition = str(
                         'attachment; filename=%s' % archive_name)
                     response.content_type = str(content_type)
                     return response
                 def _get_file_node(self, commit_id, f_path):
                     if commit_id not in ['', None, 'None', '0' * 12, '0' * 40]:
                         commit = self.rhodecode_vcs_repo.get_commit(commit_id=commit_id)
                         try:
                             node = commit.get_node(f_path)
                             if node.is_dir():
                                 raise NodeError('%s path is a %s not a file'
                                                 % (node, type(node)))
                         except NodeDoesNotExistError:
                             commit = EmptyCommit(
                                 commit_id=commit_id,
                                 idx=commit.idx,
                                 repo=commit.repository,
                                 alias=commit.repository.alias,
                                 message=commit.message,
                                 author=commit.author,
                                 date=commit.date)
                             node = FileNode(f_path, '', commit=commit)
                     else:
                         commit = EmptyCommit(
                             repo=self.rhodecode_vcs_repo,
                             alias=self.rhodecode_vcs_repo.alias)
                         node = FileNode(f_path, '', commit=commit)
                     return node
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 @view_config(
                     route_name='repo_files_diff', request_method='GET',
                     renderer=None)
                 def repo_files_diff(self):
                     c = self.load_default_context()
                     f_path = self._get_f_path(self.request.matchdict)
                     diff1 = self.request.GET.get('diff1', '')
                     diff2 = self.request.GET.get('diff2', '')
                     path1, diff1 = parse_path_ref(diff1, default_path=f_path)
                     ignore_whitespace = str2bool(self.request.GET.get('ignorews'))
                     line_context = self.request.GET.get('context', 3)
                     if not any((diff1, diff2)):
                         h.flash(
                             'Need query parameter "diff1" or "diff2" to generate a diff.',
                             category='error')
                         raise HTTPBadRequest()
                     c.action = self.request.GET.get('diff')
                     if c.action not in ['download', 'raw']:
                         compare_url = h.route_path(
                             'repo_compare',
                             repo_name=self.db_repo_name,
                             source_ref_type='rev',
                             source_ref=diff1,
                             target_repo=self.db_repo_name,
                             target_ref_type='rev',
                             target_ref=diff2,
                             _query=dict(f_path=f_path))
                         # redirect to new view if we render diff
                         raise HTTPFound(compare_url)
                     try:
                         node1 = self._get_file_node(diff1, path1)
                         node2 = self._get_file_node(diff2, f_path)
                     except (RepositoryError, NodeError):
                         log.exception("Exception while trying to get node from repository")
                         raise HTTPFound(
                             h.route_path('repo_files', repo_name=self.db_repo_name,
                                          commit_id='tip', f_path=f_path))
                     if all(isinstance(node.commit, EmptyCommit)
                            for node in (node1, node2)):
                         raise HTTPNotFound()
                     c.commit_1 = node1.commit
                     c.commit_2 = node2.commit
                     if c.action == 'download':
                         _diff = diffs.get_gitdiff(node1, node2,
                                                   ignore_whitespace=ignore_whitespace,
                                                   context=line_context)
                         diff = diffs.DiffProcessor(_diff, format='gitdiff')
                         response = Response(self.path_filter.get_raw_patch(diff))
                         response.content_type = 'text/plain'
                         response.content_disposition = (
                             'attachment; filename=%s_%s_vs_%s.diff' % (f_path, diff1, diff2)
                         )
                         charset = self._get_default_encoding(c)
                         if charset:
                             response.charset = charset
                         return response
                     elif c.action == 'raw':
                         _diff = diffs.get_gitdiff(node1, node2,
                                                   ignore_whitespace=ignore_whitespace,
                                                   context=line_context)
                         diff = diffs.DiffProcessor(_diff, format='gitdiff')
                         response = Response(self.path_filter.get_raw_patch(diff))
                         response.content_type = 'text/plain'
                         charset = self._get_default_encoding(c)
                         if charset:
                             response.charset = charset
                         return response
                     # in case we ever end up here
                     raise HTTPNotFound()
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 @view_config(
                     route_name='repo_files_diff_2way_redirect', request_method='GET',
                     renderer=None)
                 def repo_files_diff_2way_redirect(self):
                     """
                     Kept only to make OLD links work
                     """
                     f_path = self._get_f_path_unchecked(self.request.matchdict)
                     diff1 = self.request.GET.get('diff1', '')
                     diff2 = self.request.GET.get('diff2', '')
                     if not any((diff1, diff2)):
                         h.flash(
                             'Need query parameter "diff1" or "diff2" to generate a diff.',
                             category='error')
                         raise HTTPBadRequest()
                     compare_url = h.route_path(
                         'repo_compare',
                         repo_name=self.db_repo_name,
                         source_ref_type='rev',
                         source_ref=diff1,
                         target_ref_type='rev',
                         target_ref=diff2,
                         _query=dict(f_path=f_path, diffmode='sideside',
                                     target_repo=self.db_repo_name,))
                     raise HTTPFound(compare_url)
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 @view_config(
                     route_name='repo_files', request_method='GET',
                     renderer=None)
                 @view_config(
                     route_name='repo_files:default_path', request_method='GET',
                     renderer=None)
                 @view_config(
                     route_name='repo_files:default_commit', request_method='GET',
                     renderer=None)
                 @view_config(
                     route_name='repo_files:rendered', request_method='GET',
                     renderer=None)
                 @view_config(
                     route_name='repo_files:annotated', request_method='GET',
                     renderer=None)
                 def repo_files(self):
                     c = self.load_default_context()
                     view_name = getattr(self.request.matched_route, 'name', None)
                     c.annotate = view_name == 'repo_files:annotated'
                     # default is false, but .rst/.md files later are auto rendered, we can
                     # overwrite auto rendering by setting this GET flag
                     c.renderer = view_name == 'repo_files:rendered' or \
                                     not self.request.GET.get('no-render', False)
                     # redirect to given commit_id from form if given
                     get_commit_id = self.request.GET.get('at_rev', None)
                     if get_commit_id:
                         self._get_commit_or_redirect(get_commit_id)
                     commit_id, f_path = self._get_commit_and_path()
                     c.commit = self._get_commit_or_redirect(commit_id)
                     c.branch = self.request.GET.get('branch', None)
                     c.f_path = f_path
                     # prev link
                     try:
                         prev_commit = c.commit.prev(c.branch)
                         c.prev_commit = prev_commit
                         c.url_prev = h.route_path(
                             'repo_files', repo_name=self.db_repo_name,
                             commit_id=prev_commit.raw_id, f_path=f_path)
                         if c.branch:
                             c.url_prev += '?branch=%s' % c.branch
                     except (CommitDoesNotExistError, VCSError):
                         c.url_prev = '#'
                         c.prev_commit = EmptyCommit()
                     # next link
                     try:
                         next_commit = c.commit.next(c.branch)
                         c.next_commit = next_commit
                         c.url_next = h.route_path(
                             'repo_files', repo_name=self.db_repo_name,
                             commit_id=next_commit.raw_id, f_path=f_path)
                         if c.branch:
                             c.url_next += '?branch=%s' % c.branch
                     except (CommitDoesNotExistError, VCSError):
                         c.url_next = '#'
                         c.next_commit = EmptyCommit()
                     # files or dirs
                     try:
                         c.file = c.commit.get_node(f_path)
                         c.file_author = True
                         c.file_tree = ''
                         # load file content
                         if c.file.is_file():
                             c.lf_node = c.file.get_largefile_node()
                             c.file_source_page = 'true'
                             c.file_last_commit = c.file.last_commit
                             if c.file.size < c.visual.cut_off_limit_diff:
                                 if c.annotate:  # annotation has precedence over renderer
                                     c.annotated_lines = filenode_as_annotated_lines_tokens(
                                         c.file
                                     )
                                 else:
                                     c.renderer = (
                                         c.renderer and h.renderer_from_filename(c.file.path)
                                     )
                                     if not c.renderer:
                                         c.lines = filenode_as_lines_tokens(c.file)
                             c.on_branch_head = self._is_valid_head(
                                 commit_id, self.rhodecode_vcs_repo)
                             branch = c.commit.branch if (
                                 c.commit.branch and '/' not in c.commit.branch) else None
                             c.branch_or_raw_id = branch or c.commit.raw_id
                             c.branch_name = c.commit.branch or h.short_id(c.commit.raw_id)
                             author = c.file_last_commit.author
                             c.authors = [[
                                 h.email(author),
                                 h.person(author, 'username_or_name_or_email'),
                             ]]
                         else:  # load tree content at path
                             c.file_source_page = 'false'
                             c.authors = []
                             # this loads a simple tree without metadata to speed things up
                             # later via ajax we call repo_nodetree_full and fetch whole
                             c.file_tree = self._get_tree_at_commit(
                                 c, c.commit.raw_id, f_path)
                     except RepositoryError as e:
                         h.flash(safe_str(h.escape(e)), category='error')
                         raise HTTPNotFound()
                     if self.request.environ.get('HTTP_X_PJAX'):
                         html = render('rhodecode:templates/files/files_pjax.mako',
                                       self._get_template_context(c), self.request)
                     else:
                         html = render('rhodecode:templates/files/files.mako',
                                       self._get_template_context(c), self.request)
                     return Response(html)
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 @view_config(
                     route_name='repo_files:annotated_previous', request_method='GET',
                     renderer=None)
                 def repo_files_annotated_previous(self):
                     self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     commit = self._get_commit_or_redirect(commit_id)
                     prev_commit_id = commit.raw_id
                     line_anchor = self.request.GET.get('line_anchor')
                     is_file = False
                     try:
                         _file = commit.get_node(f_path)
                         is_file = _file.is_file()
                     except (NodeDoesNotExistError, CommitDoesNotExistError, VCSError):
                         pass
                     if is_file:
                         history = commit.get_file_history(f_path)
                         prev_commit_id = history[1].raw_id \
                             if len(history) > 1 else prev_commit_id
                     prev_url = h.route_path(
                         'repo_files:annotated', repo_name=self.db_repo_name,
                         commit_id=prev_commit_id, f_path=f_path,
                         _anchor='L{}'.format(line_anchor))
                     raise HTTPFound(prev_url)
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 @view_config(
                     route_name='repo_nodetree_full', request_method='GET',
                     renderer=None, xhr=True)
                 @view_config(
                     route_name='repo_nodetree_full:default_path', request_method='GET',
                     renderer=None, xhr=True)
                 def repo_nodetree_full(self):
                     """
                     Returns rendered html of file tree that contains commit date,
                     author, commit_id for the specified combination of
                     repo, commit_id and file path
                     """
                     c = self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     commit = self._get_commit_or_redirect(commit_id)
                     try:
                         dir_node = commit.get_node(f_path)
                     except RepositoryError as e:
                         return Response('error: {}'.format(h.escape(safe_str(e))))
                     if dir_node.is_file():
                         return Response('')
                     c.file = dir_node
                     c.commit = commit
                     html = self._get_tree_at_commit(
                         c, commit.raw_id, dir_node.path, full_load=True)
                     return Response(html)
                 def _get_attachement_disposition(self, f_path):
                     return 'attachment; filename=%s' % \
                         safe_str(f_path.split(Repository.NAME_SEP)[-1])
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 @view_config(
                     route_name='repo_file_raw', request_method='GET',
                     renderer=None)
                 def repo_file_raw(self):
                     """
                     Action for show as raw, some mimetypes are "rendered",
                     those include images, icons.
                     """
                     c = self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     commit = self._get_commit_or_redirect(commit_id)
                     file_node = self._get_filenode_or_redirect(commit, f_path)
                     raw_mimetype_mapping = {
                         # map original mimetype to a mimetype used for "show as raw"
                         # you can also provide a content-disposition to override the
                         # default "attachment" disposition.
                         # orig_type: (new_type, new_dispo)
                         # show images inline:
                         # Do not re-add SVG: it is unsafe and permits XSS attacks. One can
                         # for example render an SVG with javascript inside or even render
                         # HTML.
                         'image/x-icon': ('image/x-icon', 'inline'),
                         'image/png': ('image/png', 'inline'),
                         'image/gif': ('image/gif', 'inline'),
                         'image/jpeg': ('image/jpeg', 'inline'),
                         'application/pdf': ('application/pdf', 'inline'),
                     }
                     mimetype = file_node.mimetype
                     try:
                         mimetype, disposition = raw_mimetype_mapping[mimetype]
                     except KeyError:
                         # we don't know anything special about this, handle it safely
                         if file_node.is_binary:
                             # do same as download raw for binary files
                             mimetype, disposition = 'application/octet-stream', 'attachment'
                         else:
                             # do not just use the original mimetype, but force text/plain,
                             # otherwise it would serve text/html and that might be unsafe.
                             # Note: underlying vcs library fakes text/plain mimetype if the
                             # mimetype can not be determined and it thinks it is not
                             # binary.This might lead to erroneous text display in some
                             # cases, but helps in other cases, like with text files
                             # without extension.
                             mimetype, disposition = 'text/plain', 'inline'
                     if disposition == 'attachment':
                         disposition = self._get_attachement_disposition(f_path)
                     def stream_node():
                         yield file_node.raw_bytes
                     response = Response(app_iter=stream_node())
                     response.content_disposition = disposition
                     response.content_type = mimetype
                     charset = self._get_default_encoding(c)
                     if charset:
                         response.charset = charset
                     return response
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 @view_config(
                     route_name='repo_file_download', request_method='GET',
                     renderer=None)
                 @view_config(
                     route_name='repo_file_download:legacy', request_method='GET',
                     renderer=None)
                 def repo_file_download(self):
                     c = self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     commit = self._get_commit_or_redirect(commit_id)
                     file_node = self._get_filenode_or_redirect(commit, f_path)
                     if self.request.GET.get('lf'):
                         # only if lf get flag is passed, we download this file
                         # as LFS/Largefile
                         lf_node = file_node.get_largefile_node()
                         if lf_node:
                             # overwrite our pointer with the REAL large-file
                             file_node = lf_node
                     disposition = self._get_attachement_disposition(f_path)
                     def stream_node():
                         yield file_node.raw_bytes
                     response = Response(app_iter=stream_node())
                     response.content_disposition = disposition
                     response.content_type = file_node.mimetype
                     charset = self._get_default_encoding(c)
                     if charset:
                         response.charset = charset
                     return response
                 def _get_nodelist_at_commit(self, repo_name, repo_id, commit_id, f_path):
                     cache_seconds = safe_int(
                         rhodecode.CONFIG.get('rc_cache.cache_repo.expiration_time'))
                     cache_on = cache_seconds > 0
                     log.debug(
                         'Computing FILE SEARCH for repo_id %s commit_id `%s` and path `%s`'
                         'with caching: %s[TTL: %ss]' % (
                             repo_id, commit_id, f_path, cache_on, cache_seconds or 0))
                     cache_namespace_uid = 'cache_repo.{}'.format(repo_id)
                     region = rc_cache.get_or_create_region('cache_repo', cache_namespace_uid)
                     @region.conditional_cache_on_arguments(namespace=cache_namespace_uid,
                                                            condition=cache_on)
                     def compute_file_search(repo_id, commit_id, f_path):
                         log.debug('Generating cached nodelist for repo_id:%s, %s, %s',
                                   repo_id, commit_id, f_path)
                         try:
                             _d, _f = ScmModel().get_nodes(
                                 repo_name, commit_id, f_path, flat=False)
                         except (RepositoryError, CommitDoesNotExistError, Exception) as e:
                             log.exception(safe_str(e))
                             h.flash(safe_str(h.escape(e)), category='error')
                             raise HTTPFound(h.route_path(
                                 'repo_files', repo_name=self.db_repo_name,
                                 commit_id='tip', f_path='/'))
                         return _d + _f
                     return compute_file_search(self.db_repo.repo_id, commit_id, f_path)
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 @view_config(
                     route_name='repo_files_nodelist', request_method='GET',
                     renderer='json_ext', xhr=True)
                 def repo_nodelist(self):
                     self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     commit = self._get_commit_or_redirect(commit_id)
                     metadata = self._get_nodelist_at_commit(
                         self.db_repo_name, self.db_repo.repo_id, commit.raw_id, f_path)
                     return {'nodes': metadata}
                 def _create_references(
                         self, branches_or_tags, symbolic_reference, f_path):
                     items = []
                     for name, commit_id in branches_or_tags.items():
                         sym_ref = symbolic_reference(commit_id, name, f_path)
                         items.append((sym_ref, name))
                     return items
                 def _symbolic_reference(self, commit_id, name, f_path):
                     return commit_id
                 def _symbolic_reference_svn(self, commit_id, name, f_path):
                     new_f_path = vcspath.join(name, f_path)
                     return u'%s@%s' % (new_f_path, commit_id)
                 def _get_node_history(self, commit_obj, f_path, commits=None):
                     """
                     get commit history for given node
                     :param commit_obj: commit to calculate history
                     :param f_path: path for node to calculate history for
                     :param commits: if passed don't calculate history and take
                         commits defined in this list
                     """
                     _ = self.request.translate
                     # calculate history based on tip
                     tip = self.rhodecode_vcs_repo.get_commit()
                     if commits is None:
                         pre_load = ["author", "branch"]
                         try:
                             commits = tip.get_file_history(f_path, pre_load=pre_load)
                         except (NodeDoesNotExistError, CommitError):
                             # this node is not present at tip!
                             commits = commit_obj.get_file_history(f_path, pre_load=pre_load)
                     history = []
                     commits_group = ([], _("Changesets"))
                     for commit in commits:
                         branch = ' (%s)' % commit.branch if commit.branch else ''
                         n_desc = 'r%s:%s%s' % (commit.idx, commit.short_id, branch)
                         commits_group[0].append((commit.raw_id, n_desc,))
                     history.append(commits_group)
                     symbolic_reference = self._symbolic_reference
                     if self.rhodecode_vcs_repo.alias == 'svn':
                         adjusted_f_path = RepoFilesView.adjust_file_path_for_svn(
                             f_path, self.rhodecode_vcs_repo)
                         if adjusted_f_path != f_path:
                             log.debug(
                                 'Recognized svn tag or branch in file "%s", using svn '
                                 'specific symbolic references', f_path)
                             f_path = adjusted_f_path
                             symbolic_reference = self._symbolic_reference_svn
                     branches = self._create_references(
                         self.rhodecode_vcs_repo.branches, symbolic_reference, f_path)
                     branches_group = (branches, _("Branches"))
                     tags = self._create_references(
                         self.rhodecode_vcs_repo.tags, symbolic_reference, f_path)
                     tags_group = (tags, _("Tags"))
                     history.append(branches_group)
                     history.append(tags_group)
                     return history, commits
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 @view_config(
                     route_name='repo_file_history', request_method='GET',
                     renderer='json_ext')
                 def repo_file_history(self):
                     self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     commit = self._get_commit_or_redirect(commit_id)
                     file_node = self._get_filenode_or_redirect(commit, f_path)
                     if file_node.is_file():
                         file_history, _hist = self._get_node_history(commit, f_path)
                         res = []
                         for obj in file_history:
                             res.append({
                                 'text': obj[1],
                                 'children': [{'id': o[0], 'text': o[1]} for o in obj[0]]
                             })
                         data = {
                             'more': False,
                             'results': res
                         }
                         return data
                     log.warning('Cannot fetch history for directory')
                     raise HTTPBadRequest()
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 @view_config(
                     route_name='repo_file_authors', request_method='GET',
                     renderer='rhodecode:templates/files/file_authors_box.mako')
                 def repo_file_authors(self):
                     c = self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     commit = self._get_commit_or_redirect(commit_id)
                     file_node = self._get_filenode_or_redirect(commit, f_path)
                     if not file_node.is_file():
                         raise HTTPBadRequest()
                     c.file_last_commit = file_node.last_commit
                     if self.request.GET.get('annotate') == '1':
                         # use _hist from annotation if annotation mode is on
                         commit_ids = set(x[1] for x in file_node.annotate)
                         _hist = (
                             self.rhodecode_vcs_repo.get_commit(commit_id)
                             for commit_id in commit_ids)
                     else:
                         _f_history, _hist = self._get_node_history(commit, f_path)
                     c.file_author = False
                     unique = collections.OrderedDict()
                     for commit in _hist:
                         author = commit.author
                         if author not in unique:
                             unique[commit.author] = [
                                 h.email(author),
                                 h.person(author, 'username_or_name_or_email'),
 # counter
                             ]
                         else:
                             # increase counter
                             unique[commit.author][2] += 1
                     c.authors = [val for val in unique.values()]
                     return self._get_template_context(c)
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator('repository.write', 'repository.admin')
                 @view_config(
                     route_name='repo_files_remove_file', request_method='GET',
                     renderer='rhodecode:templates/files/files_delete.mako')
                 def repo_files_remove_file(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     self._ensure_not_locked()
                     if not self._is_valid_head(commit_id, self.rhodecode_vcs_repo):
                         h.flash(_('You can only delete files with commit '
                                   'being a valid branch '), category='warning')
                         raise HTTPFound(
                             h.route_path('repo_files',
                                          repo_name=self.db_repo_name, commit_id='tip',
                                          f_path=f_path))
                     c.commit = self._get_commit_or_redirect(commit_id)
                     c.file = self._get_filenode_or_redirect(c.commit, f_path)
                     c.default_message = _(
                         'Deleted file {} via RhodeCode Enterprise').format(f_path)
                     c.f_path = f_path
                     return self._get_template_context(c)
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator('repository.write', 'repository.admin')
                 @CSRFRequired()
                 @view_config(
                     route_name='repo_files_delete_file', request_method='POST',
                     renderer=None)
                 def repo_files_delete_file(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     self._ensure_not_locked()
                     if not self._is_valid_head(commit_id, self.rhodecode_vcs_repo):
                         h.flash(_('You can only delete files with commit '
                                   'being a valid branch '), category='warning')
                         raise HTTPFound(
                             h.route_path('repo_files',
                                          repo_name=self.db_repo_name, commit_id='tip',
                                          f_path=f_path))
                     c.commit = self._get_commit_or_redirect(commit_id)
                     c.file = self._get_filenode_or_redirect(c.commit, f_path)
                     c.default_message = _(
                         'Deleted file {} via RhodeCode Enterprise').format(f_path)
                     c.f_path = f_path
                     node_path = f_path
                     author = self._rhodecode_db_user.full_contact
                     message = self.request.POST.get('message') or c.default_message
                     try:
                         nodes = {
                             node_path: {
                                 'content': ''
                             }
                         }
                         ScmModel().delete_nodes(
                             user=self._rhodecode_db_user.user_id, repo=self.db_repo,
                             message=message,
                             nodes=nodes,
                             parent_commit=c.commit,
                             author=author,
                         )
                         h.flash(
                             _('Successfully deleted file `{}`').format(
                                 h.escape(f_path)), category='success')
                     except Exception:
                         log.exception('Error during commit operation')
                         h.flash(_('Error occurred during commit'), category='error')
                     raise HTTPFound(
                         h.route_path('repo_commit', repo_name=self.db_repo_name,
                                      commit_id='tip'))
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator('repository.write', 'repository.admin')
                 @view_config(
                     route_name='repo_files_edit_file', request_method='GET',
                     renderer='rhodecode:templates/files/files_edit.mako')
                 def repo_files_edit_file(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     self._ensure_not_locked()
                     if not self._is_valid_head(commit_id, self.rhodecode_vcs_repo):
                         h.flash(_('You can only edit files with commit '
                                   'being a valid branch '), category='warning')
                         raise HTTPFound(
                             h.route_path('repo_files',
                                          repo_name=self.db_repo_name, commit_id='tip',
                                          f_path=f_path))
                     c.commit = self._get_commit_or_redirect(commit_id)
                     c.file = self._get_filenode_or_redirect(c.commit, f_path)
                     if c.file.is_binary:
                         files_url = h.route_path(
                             'repo_files',
                             repo_name=self.db_repo_name,
                             commit_id=c.commit.raw_id, f_path=f_path)
                         raise HTTPFound(files_url)
                     c.default_message = _(
                         'Edited file {} via RhodeCode Enterprise').format(f_path)
                     c.f_path = f_path
                     return self._get_template_context(c)
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator('repository.write', 'repository.admin')
                 @CSRFRequired()
                 @view_config(
                     route_name='repo_files_update_file', request_method='POST',
                     renderer=None)
                 def repo_files_update_file(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     self._ensure_not_locked()
                     if not self._is_valid_head(commit_id, self.rhodecode_vcs_repo):
                         h.flash(_('You can only edit files with commit '
                                   'being a valid branch '), category='warning')
                         raise HTTPFound(
                             h.route_path('repo_files',
                                          repo_name=self.db_repo_name, commit_id='tip',
                                          f_path=f_path))
                     c.commit = self._get_commit_or_redirect(commit_id)
                     c.file = self._get_filenode_or_redirect(c.commit, f_path)
                     if c.file.is_binary:
                         raise HTTPFound(
                             h.route_path('repo_files',
                                          repo_name=self.db_repo_name,
                                          commit_id=c.commit.raw_id,
                                          f_path=f_path))
                     c.default_message = _(
                         'Edited file {} via RhodeCode Enterprise').format(f_path)
                     c.f_path = f_path
                     old_content = c.file.content
                     sl = old_content.splitlines(1)
                     first_line = sl[0] if sl else ''
                     r_post = self.request.POST
                     # modes:  0 - Unix, 1 - Mac, 2 - DOS
                     mode = detect_mode(first_line, 0)
                     content = convert_line_endings(r_post.get('content', ''), mode)
                     message = r_post.get('message') or c.default_message
                     org_f_path = c.file.unicode_path
                     filename = r_post['filename']
                     org_filename = c.file.name
                     if content == old_content and filename == org_filename:
                         h.flash(_('No changes'), category='warning')
                         raise HTTPFound(
                             h.route_path('repo_commit', repo_name=self.db_repo_name,
                                          commit_id='tip'))
                     try:
                         mapping = {
                             org_f_path: {
                                 'org_filename': org_f_path,
                                 'filename': os.path.join(c.file.dir_path, filename),
                                 'content': content,
                                 'lexer': '',
                                 'op': 'mod',
                             }
                         }
                         ScmModel().update_nodes(
                             user=self._rhodecode_db_user.user_id,
                             repo=self.db_repo,
                             message=message,
                             nodes=mapping,
                             parent_commit=c.commit,
                         )
                         h.flash(
                             _('Successfully committed changes to file `{}`').format(
                                 h.escape(f_path)), category='success')
                     except Exception:
                         log.exception('Error occurred during commit')
                         h.flash(_('Error occurred during commit'), category='error')
                     raise HTTPFound(
                         h.route_path('repo_commit', repo_name=self.db_repo_name,
                                      commit_id='tip'))
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator('repository.write', 'repository.admin')
                 @view_config(
                     route_name='repo_files_add_file', request_method='GET',
                     renderer='rhodecode:templates/files/files_add.mako')
                 def repo_files_add_file(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     self._ensure_not_locked()
                     c.commit = self._get_commit_or_redirect(commit_id, redirect_after=False)
                     if c.commit is None:
                         c.commit = EmptyCommit(alias=self.rhodecode_vcs_repo.alias)
                     c.default_message = (_('Added file via RhodeCode Enterprise'))
                     c.f_path = f_path.lstrip('/')  # ensure not relative path
                     return self._get_template_context(c)
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator('repository.write', 'repository.admin')
                 @CSRFRequired()
                 @view_config(
                     route_name='repo_files_create_file', request_method='POST',
                     renderer=None)
                 def repo_files_create_file(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     self._ensure_not_locked()
                     r_post = self.request.POST
                     c.commit = self._get_commit_or_redirect(
                         commit_id, redirect_after=False)
                     if c.commit is None:
                         c.commit = EmptyCommit(alias=self.rhodecode_vcs_repo.alias)
                     c.default_message = (_('Added file via RhodeCode Enterprise'))
                     c.f_path = f_path
                     unix_mode = 0
                     content = convert_line_endings(r_post.get('content', ''), unix_mode)
                     message = r_post.get('message') or c.default_message
                     filename = r_post.get('filename')
                     location = r_post.get('location', '')  # dir location
                     file_obj = r_post.get('upload_file', None)
                     if file_obj is not None and hasattr(file_obj, 'filename'):
                         filename = r_post.get('filename_upload')
                         content = file_obj.file
                         if hasattr(content, 'file'):
                             # non posix systems store real file under file attr
                             content = content.file
                     if self.rhodecode_vcs_repo.is_empty:
                         default_redirect_url = h.route_path(
                             'repo_summary', repo_name=self.db_repo_name)
                     else:
                         default_redirect_url = h.route_path(
                             'repo_commit', repo_name=self.db_repo_name, commit_id='tip')
                     # If there's no commit, redirect to repo summary
                     if type(c.commit) is EmptyCommit:
                         redirect_url = h.route_path(
                             'repo_summary', repo_name=self.db_repo_name)
                     else:
                         redirect_url = default_redirect_url
                     if not filename:
                         h.flash(_('No filename'), category='warning')
                         raise HTTPFound(redirect_url)
                     # extract the location from filename,
                     # allows using foo/bar.txt syntax to create subdirectories
                     subdir_loc = filename.rsplit('/', 1)
                     if len(subdir_loc) == 2:
                         location = os.path.join(location, subdir_loc[0])
                     # strip all crap out of file, just leave the basename
                     filename = os.path.basename(filename)
                     node_path = os.path.join(location, filename)
                     author = self._rhodecode_db_user.full_contact
                     try:
                         nodes = {
                             node_path: {
                                 'content': content
                             }
                         }
                         ScmModel().create_nodes(
                             user=self._rhodecode_db_user.user_id,
                             repo=self.db_repo,
                             message=message,
                             nodes=nodes,
                             parent_commit=c.commit,
                             author=author,
                         )
                         h.flash(
                             _('Successfully committed new file `{}`').format(
                                 h.escape(node_path)), category='success')
                     except NonRelativePathError:
                         log.exception('Non Relative path found')
                         h.flash(_(
                             'The location specified must be a relative path and must not '
                             'contain .. in the path'), category='warning')
                         raise HTTPFound(default_redirect_url)
                     except (NodeError, NodeAlreadyExistsError) as e:
                         h.flash(_(h.escape(e)), category='error')
                     except Exception:
                         log.exception('Error occurred during commit')
                         h.flash(_('Error occurred during commit'), category='error')
                     raise HTTPFound(default_redirect_url)

rhodecode/apps/repository/views/repo_summary.py

0 +28 -15

             # -*- coding: utf-8 -*-
             # Copyright (C) 2011-2018 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
+            import time
             import logging
             import string
             import rhodecode
             from pyramid.view import view_config
-            from beaker.cache import cache_region
             from rhodecode.controllers import utils
             from rhodecode.apps._base import RepoAppView
             from rhodecode.config.conf import (LANGUAGES_EXTENSIONS_MAP)
             from rhodecode.lib import helpers as h, rc_cache
             from rhodecode.lib.utils2 import safe_str, safe_int
             from rhodecode.lib.auth import LoginRequired, HasRepoPermissionAnyDecorator
             from rhodecode.lib.markup_renderer import MarkupRenderer, relative_links
             from rhodecode.lib.ext_json import json
             from rhodecode.lib.vcs.backends.base import EmptyCommit
             from rhodecode.lib.vcs.exceptions import (
                 CommitError, EmptyRepositoryError, CommitDoesNotExistError)
             from rhodecode.model.db import Statistics, CacheKey, User
             from rhodecode.model.meta import Session
             from rhodecode.model.repo import ReadmeFinder
             from rhodecode.model.scm import ScmModel
             log = logging.getLogger(__name__)
             class RepoSummaryView(RepoAppView):
                 def load_default_context(self):
                     c = self._get_local_tmpl_context(include_app_defaults=True)
                     c.rhodecode_repo = None
                     if not c.repository_requirements_missing:
                         c.rhodecode_repo = self.rhodecode_vcs_repo
                     return c
-                def _get_readme_data(self, db_repo, default_renderer):
+                def _get_readme_data(self, db_repo, renderer_type):
-                    repo_name = db_repo.repo_name
                     log.debug('Looking for README file')
-                    @cache_region('long_term')
+                    cache_namespace_uid = 'cache_repo_instance.{}_{}'.format(
-                    def _generate_readme(cache_key):
+                        db_repo.repo_id, CacheKey.CACHE_TYPE_README)
+                    invalidation_namespace = CacheKey.REPO_INVALIDATION_NAMESPACE.format(
+                        repo_id=self.db_repo.repo_id)
+                    region = rc_cache.get_or_create_region('cache_repo_longterm', cache_namespace_uid)
+                    @region.conditional_cache_on_arguments(namespace=cache_namespace_uid)
+                    def generate_repo_readme(repo_id, _repo_name, _renderer_type):
                         readme_data = None
                         readme_node = None
                         readme_filename = None
                         commit = self._get_landing_commit_or_none(db_repo)
                         if commit:
                             log.debug("Searching for a README file.")
-                            readme_node = ReadmeFinder(default_renderer).search(commit)
+                            readme_node = ReadmeFinder(_renderer_type).search(commit)
                         if readme_node:
                             relative_urls = {
                                 'raw': h.route_path(
-                                    'repo_file_raw', repo_name=repo_name,
+                                    'repo_file_raw', repo_name=_repo_name,
                                     commit_id=commit.raw_id, f_path=readme_node.path),
                                 'standard': h.route_path(
-                                    'repo_files', repo_name=repo_name,
+                                    'repo_files', repo_name=_repo_name,
                                     commit_id=commit.raw_id, f_path=readme_node.path),
                             }
                             readme_data = self._render_readme_or_none(
                                 commit, readme_node, relative_urls)
                             readme_filename = readme_node.path
                         return readme_data, readme_filename
-                    invalidator_context = CacheKey.repo_context_cache(
+                    start = time.time()
-                        _generate_readme, repo_name, CacheKey.CACHE_TYPE_README)
+                    inv_context_manager = rc_cache.InvalidationContext(
+                        uid=cache_namespace_uid, invalidation_namespace=invalidation_namespace)
+                    with inv_context_manager as invalidation_context:
+                        # check for stored invalidation signal, and maybe purge the cache
+                        # before computing it again
+                        if invalidation_context.should_invalidate():
+                            generate_repo_readme.invalidate(
+                                db_repo.repo_id, db_repo.repo_name, renderer_type)
-                    with invalidator_context as context:
+                        instance = generate_repo_readme(
-                        context.invalidate()
+                            db_repo.repo_id, db_repo.repo_name, renderer_type)
-                        computed = context.compute()
+                        compute_time = time.time() - start
+                        log.debug('Repo readme generated and computed in %.3fs', compute_time)
-                    return computed
+                        return instance
                 def _get_landing_commit_or_none(self, db_repo):
                     log.debug("Getting the landing commit.")
                     try:
                         commit = db_repo.get_landing_commit()
                         if not isinstance(commit, EmptyCommit):
                             return commit
                         else:
                             log.debug("Repository is empty, no README to render.")
                     except CommitError:
                         log.exception(
                             "Problem getting commit when trying to render the README.")
                 def _render_readme_or_none(self, commit, readme_node, relative_urls):
                     log.debug(
                         'Found README file `%s` rendering...', readme_node.path)
                     renderer = MarkupRenderer()
                     try:
                         html_source = renderer.render(
                             readme_node.content, filename=readme_node.path)
                         if relative_urls:
                             return relative_links(html_source, relative_urls)
                         return html_source
                     except Exception:
                         log.exception(
                             "Exception while trying to render the README")
                 def _load_commits_context(self, c):
                     p = safe_int(self.request.GET.get('page'), 1)
                     size = safe_int(self.request.GET.get('size'), 10)
                     def url_generator(**kw):
                         query_params = {
                             'size': size
                         }
                         query_params.update(kw)
                         return h.route_path(
                             'repo_summary_commits',
                             repo_name=c.rhodecode_db_repo.repo_name, _query=query_params)
                     pre_load = ['author', 'branch', 'date', 'message']
                     try:
                         collection = self.rhodecode_vcs_repo.get_commits(pre_load=pre_load)
                     except EmptyRepositoryError:
                         collection = self.rhodecode_vcs_repo
                     c.repo_commits = h.RepoPage(
                         collection, page=p, items_per_page=size, url=url_generator)
                     page_ids = [x.raw_id for x in c.repo_commits]
                     c.comments = self.db_repo.get_comments(page_ids)
                     c.statuses = self.db_repo.statuses(page_ids)
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 @view_config(
                     route_name='repo_summary_commits', request_method='GET',
                     renderer='rhodecode:templates/summary/summary_commits.mako')
                 def summary_commits(self):
                     c = self.load_default_context()
                     self._load_commits_context(c)
                     return self._get_template_context(c)
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 @view_config(
                     route_name='repo_summary', request_method='GET',
                     renderer='rhodecode:templates/summary/summary.mako')
                 @view_config(
                     route_name='repo_summary_slash', request_method='GET',
                     renderer='rhodecode:templates/summary/summary.mako')
                 @view_config(
                     route_name='repo_summary_explicit', request_method='GET',
                     renderer='rhodecode:templates/summary/summary.mako')
                 def summary(self):
                     c = self.load_default_context()
                     # Prepare the clone URL
                     username = ''
                     if self._rhodecode_user.username != User.DEFAULT_USER:
                         username = safe_str(self._rhodecode_user.username)
                     _def_clone_uri = _def_clone_uri_id = c.clone_uri_tmpl
                     _def_clone_uri_ssh = c.clone_uri_ssh_tmpl
                     if '{repo}' in _def_clone_uri:
                         _def_clone_uri_id = _def_clone_uri.replace(
                             '{repo}', '_{repoid}')
                     elif '{repoid}' in _def_clone_uri:
                         _def_clone_uri_id = _def_clone_uri.replace(
                             '_{repoid}', '{repo}')
                     c.clone_repo_url = self.db_repo.clone_url(
                         user=username, uri_tmpl=_def_clone_uri)
                     c.clone_repo_url_id = self.db_repo.clone_url(
                         user=username, uri_tmpl=_def_clone_uri_id)
                     c.clone_repo_url_ssh = self.db_repo.clone_url(
                         uri_tmpl=_def_clone_uri_ssh, ssh=True)
                     # If enabled, get statistics data
                     c.show_stats = bool(self.db_repo.enable_statistics)
                     stats = Session().query(Statistics) \
                         .filter(Statistics.repository == self.db_repo) \
                         .scalar()
                     c.stats_percentage = 0
                     if stats and stats.languages:
                         c.no_data = False is self.db_repo.enable_statistics
                         lang_stats_d = json.loads(stats.languages)
                         # Sort first by decreasing count and second by the file extension,
                         # so we have a consistent output.
                         lang_stats_items = sorted(lang_stats_d.iteritems(),
                                                   key=lambda k: (-k[1], k[0]))[:10]
                         lang_stats = [(x, {"count": y,
                                            "desc": LANGUAGES_EXTENSIONS_MAP.get(x)})
                                       for x, y in lang_stats_items]
                         c.trending_languages = json.dumps(lang_stats)
                     else:
                         c.no_data = True
                         c.trending_languages = json.dumps({})
                     scm_model = ScmModel()
                     c.enable_downloads = self.db_repo.enable_downloads
                     c.repository_followers = scm_model.get_followers(self.db_repo)
                     c.repository_forks = scm_model.get_forks(self.db_repo)
                     c.repository_is_user_following = scm_model.is_following_repo(
                         self.db_repo_name, self._rhodecode_user.user_id)
                     # first interaction with the VCS instance after here...
                     if c.repository_requirements_missing:
                         self.request.override_renderer = \
                             'rhodecode:templates/summary/missing_requirements.mako'
                         return self._get_template_context(c)
                     c.readme_data, c.readme_file = \
                         self._get_readme_data(self.db_repo, c.visual.default_renderer)
                     # loads the summary commits template context
                     self._load_commits_context(c)
                     return self._get_template_context(c)
                 def get_request_commit_id(self):
                     return self.request.matchdict['commit_id']
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 @view_config(
                     route_name='repo_stats', request_method='GET',
                     renderer='json_ext')
                 def repo_stats(self):
                     commit_id = self.get_request_commit_id()
                     show_stats = bool(self.db_repo.enable_statistics)
                     repo_id = self.db_repo.repo_id
                     cache_seconds = safe_int(
                         rhodecode.CONFIG.get('rc_cache.cache_repo.expiration_time'))
                     cache_on = cache_seconds > 0
                     log.debug(
                         'Computing REPO TREE for repo_id %s commit_id `%s` '
                         'with caching: %s[TTL: %ss]' % (
                             repo_id, commit_id, cache_on, cache_seconds or 0))
                     cache_namespace_uid = 'cache_repo.{}'.format(repo_id)
                     region = rc_cache.get_or_create_region('cache_repo', cache_namespace_uid)
                     @region.conditional_cache_on_arguments(namespace=cache_namespace_uid,
                                                            condition=cache_on)
                     def compute_stats(repo_id, commit_id, show_stats):
                         code_stats = {}
                         size = 0
                         try:
                             scm_instance = self.db_repo.scm_instance()
                             commit = scm_instance.get_commit(commit_id)
                             for node in commit.get_filenodes_generator():
                                 size += node.size
                                 if not show_stats:
                                     continue
                                 ext = string.lower(node.extension)
                                 ext_info = LANGUAGES_EXTENSIONS_MAP.get(ext)
                                 if ext_info:
                                     if ext in code_stats:
                                         code_stats[ext]['count'] += 1
                                     else:
                                         code_stats[ext] = {"count": 1, "desc": ext_info}
                         except (EmptyRepositoryError, CommitDoesNotExistError):
                             pass
                         return {'size': h.format_byte_size_binary(size),
                                 'code_stats': code_stats}
                     stats = compute_stats(self.db_repo.repo_id, commit_id, show_stats)
                     return stats
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 @view_config(
                     route_name='repo_refs_data', request_method='GET',
                     renderer='json_ext')
                 def repo_refs_data(self):
                     _ = self.request.translate
                     self.load_default_context()
                     repo = self.rhodecode_vcs_repo
                     refs_to_create = [
                         (_("Branch"), repo.branches, 'branch'),
                         (_("Tag"), repo.tags, 'tag'),
                         (_("Bookmark"), repo.bookmarks, 'book'),
                     ]
                     res = self._create_reference_data(
                         repo, self.db_repo_name, refs_to_create)
                     data = {
                         'more': False,
                         'results': res
                     }
                     return data
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 @view_config(
                     route_name='repo_refs_changelog_data', request_method='GET',
                     renderer='json_ext')
                 def repo_refs_changelog_data(self):
                     _ = self.request.translate
                     self.load_default_context()
                     repo = self.rhodecode_vcs_repo
                     refs_to_create = [
                         (_("Branches"), repo.branches, 'branch'),
                         (_("Closed branches"), repo.branches_closed, 'branch_closed'),
                         # TODO: enable when vcs can handle bookmarks filters
                         # (_("Bookmarks"), repo.bookmarks, "book"),
                     ]
                     res = self._create_reference_data(
                         repo, self.db_repo_name, refs_to_create)
                     data = {
                         'more': False,
                         'results': res
                     }
                     return data
                 def _create_reference_data(self, repo, full_repo_name, refs_to_create):
                     format_ref_id = utils.get_format_ref_id(repo)
                     result = []
                     for title, refs, ref_type in refs_to_create:
                         if refs:
                             result.append({
                                 'text': title,
                                 'children': self._create_reference_items(
                                     repo, full_repo_name, refs, ref_type,
                                     format_ref_id),
                             })
                     return result
                 def _create_reference_items(self, repo, full_repo_name, refs, ref_type,
                                             format_ref_id):
                     result = []
                     is_svn = h.is_svn(repo)
                     for ref_name, raw_id in refs.iteritems():
                         files_url = self._create_files_url(
                             repo, full_repo_name, ref_name, raw_id, is_svn)
                         result.append({
                             'text': ref_name,
                             'id': format_ref_id(ref_name, raw_id),
                             'raw_id': raw_id,
                             'type': ref_type,
                             'files_url': files_url,
                         })
                     return result
                 def _create_files_url(self, repo, full_repo_name, ref_name, raw_id, is_svn):
                     use_commit_id = '/' in ref_name or is_svn
                     return h.route_path(
                         'repo_files',
                         repo_name=full_repo_name,
                         f_path=ref_name if is_svn else '',
                         commit_id=raw_id if use_commit_id else ref_name,
                         _query=dict(at=ref_name))

rhodecode/authentication/base.py

0 +1 -1

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2018 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             Authentication modules
             """
             import socket
             import string
             import colander
             import copy
             import logging
             import time
             import traceback
             import warnings
             import functools
             from pyramid.threadlocal import get_current_registry
             from rhodecode.authentication.interface import IAuthnPluginRegistry
             from rhodecode.authentication.schema import AuthnPluginSettingsSchemaBase
-            from rhodecode.lib import caches, rc_cache
+            from rhodecode.lib import rc_cache
             from rhodecode.lib.auth import PasswordGenerator, _RhodeCodeCryptoBCrypt
             from rhodecode.lib.utils2 import safe_int, safe_str
             from rhodecode.lib.exceptions import LdapConnectionError
             from rhodecode.model.db import User
             from rhodecode.model.meta import Session
             from rhodecode.model.settings import SettingsModel
             from rhodecode.model.user import UserModel
             from rhodecode.model.user_group import UserGroupModel
             log = logging.getLogger(__name__)
             # auth types that authenticate() function can receive
             VCS_TYPE = 'vcs'
             HTTP_TYPE = 'http'
             class hybrid_property(object):
                 """
                 a property decorator that works both for instance and class
                 """
                 def __init__(self, fget, fset=None, fdel=None, expr=None):
                     self.fget = fget
                     self.fset = fset
                     self.fdel = fdel
                     self.expr = expr or fget
                     functools.update_wrapper(self, fget)
                 def __get__(self, instance, owner):
                     if instance is None:
                         return self.expr(owner)
                     else:
                         return self.fget(instance)
                 def __set__(self, instance, value):
                     self.fset(instance, value)
                 def __delete__(self, instance):
                     self.fdel(instance)
             class LazyFormencode(object):
                 def __init__(self, formencode_obj, *args, **kwargs):
                     self.formencode_obj = formencode_obj
                     self.args = args
                     self.kwargs = kwargs
                 def __call__(self, *args, **kwargs):
                     from inspect import isfunction
                     formencode_obj = self.formencode_obj
                     if isfunction(formencode_obj):
                         # case we wrap validators into functions
                         formencode_obj = self.formencode_obj(*args, **kwargs)
                     return formencode_obj(*self.args, **self.kwargs)
             class RhodeCodeAuthPluginBase(object):
                 # cache the authentication request for N amount of seconds. Some kind
                 # of authentication methods are very heavy and it's very efficient to cache
                 # the result of a call. If it's set to None (default) cache is off
                 AUTH_CACHE_TTL = None
                 AUTH_CACHE = {}
                 auth_func_attrs = {
                     "username": "unique username",
                     "firstname": "first name",
                     "lastname": "last name",
                     "email": "email address",
                     "groups": '["list", "of", "groups"]',
                     "user_group_sync":
                         'True|False defines if returned user groups should be synced',
                     "extern_name": "name in external source of record",
                     "extern_type": "type of external source of record",
                     "admin": 'True|False defines if user should be RhodeCode super admin',
                     "active":
                         'True|False defines active state of user internally for RhodeCode',
                     "active_from_extern":
                         "True|False\None, active state from the external auth, "
                         "None means use definition from RhodeCode extern_type active value"
                 }
                 # set on authenticate() method and via set_auth_type func.
                 auth_type = None
                 # set on authenticate() method and via set_calling_scope_repo, this is a
                 # calling scope repository when doing authentication most likely on VCS
                 # operations
                 acl_repo_name = None
                 # List of setting names to store encrypted. Plugins may override this list
                 # to store settings encrypted.
                 _settings_encrypted = []
                 # Mapping of python to DB settings model types. Plugins may override or
                 # extend this mapping.
                 _settings_type_map = {
                     colander.String: 'unicode',
                     colander.Integer: 'int',
                     colander.Boolean: 'bool',
                     colander.List: 'list',
                 }
                 # list of keys in settings that are unsafe to be logged, should be passwords
                 # or other crucial credentials
                 _settings_unsafe_keys = []
                 def __init__(self, plugin_id):
                     self._plugin_id = plugin_id
                 def __str__(self):
                     return self.get_id()
                 def _get_setting_full_name(self, name):
                     """
                     Return the full setting name used for storing values in the database.
                     """
                     # TODO: johbo: Using the name here is problematic. It would be good to
                     # introduce either new models in the database to hold Plugin and
                     # PluginSetting or to use the plugin id here.
                     return 'auth_{}_{}'.format(self.name, name)
                 def _get_setting_type(self, name):
                     """
                     Return the type of a setting. This type is defined by the SettingsModel
                     and determines how the setting is stored in DB. Optionally the suffix
                     `.encrypted` is appended to instruct SettingsModel to store it
                     encrypted.
                     """
                     schema_node = self.get_settings_schema().get(name)
                     db_type = self._settings_type_map.get(
                         type(schema_node.typ), 'unicode')
                     if name in self._settings_encrypted:
                         db_type = '{}.encrypted'.format(db_type)
                     return db_type
                 def is_enabled(self):
                     """
                     Returns true if this plugin is enabled. An enabled plugin can be
                     configured in the admin interface but it is not consulted during
                     authentication.
                     """
                     auth_plugins = SettingsModel().get_auth_plugins()
                     return self.get_id() in auth_plugins
                 def is_active(self, plugin_cached_settings=None):
                     """
                     Returns true if the plugin is activated. An activated plugin is
                     consulted during authentication, assumed it is also enabled.
                     """
                     return self.get_setting_by_name(
                         'enabled', plugin_cached_settings=plugin_cached_settings)
                 def get_id(self):
                     """
                     Returns the plugin id.
                     """
                     return self._plugin_id
                 def get_display_name(self):
                     """
                     Returns a translation string for displaying purposes.
                     """
                     raise NotImplementedError('Not implemented in base class')
                 def get_settings_schema(self):
                     """
                     Returns a colander schema, representing the plugin settings.
                     """
                     return AuthnPluginSettingsSchemaBase()
                 def get_settings(self):
                     """
                     Returns the plugin settings as dictionary.
                     """
                     settings = {}
                     raw_settings = SettingsModel().get_all_settings()
                     for node in self.get_settings_schema():
                         settings[node.name] = self.get_setting_by_name(
                             node.name, plugin_cached_settings=raw_settings)
                     return settings
                 def get_setting_by_name(self, name, default=None, plugin_cached_settings=None):
                     """
                     Returns a plugin setting by name.
                     """
                     full_name = 'rhodecode_{}'.format(self._get_setting_full_name(name))
                     if plugin_cached_settings:
                         plugin_settings = plugin_cached_settings
                     else:
                         plugin_settings = SettingsModel().get_all_settings()
                     if full_name in plugin_settings:
                         return plugin_settings[full_name]
                     else:
                         return default
                 def create_or_update_setting(self, name, value):
                     """
                     Create or update a setting for this plugin in the persistent storage.
                     """
                     full_name = self._get_setting_full_name(name)
                     type_ = self._get_setting_type(name)
                     db_setting = SettingsModel().create_or_update_setting(
                         full_name, value, type_)
                     return db_setting.app_settings_value
                 def log_safe_settings(self, settings):
                     """
                     returns a log safe representation of settings, without any secrets
                     """
                     settings_copy = copy.deepcopy(settings)
                     for k in self._settings_unsafe_keys:
                         if k in settings_copy:
                             del settings_copy[k]
                     return settings_copy
                 @hybrid_property
                 def name(self):
                     """
                     Returns the name of this authentication plugin.
                     :returns: string
                     """
                     raise NotImplementedError("Not implemented in base class")
                 def get_url_slug(self):
                     """
                     Returns a slug which should be used when constructing URLs which refer
                     to this plugin. By default it returns the plugin name. If the name is
                     not suitable for using it in an URL the plugin should override this
                     method.
                     """
                     return self.name
                 @property
                 def is_headers_auth(self):
                     """
                     Returns True if this authentication plugin uses HTTP headers as
                     authentication method.
                     """
                     return False
                 @hybrid_property
                 def is_container_auth(self):
                     """
                     Deprecated method that indicates if this authentication plugin uses
                     HTTP headers as authentication method.
                     """
                     warnings.warn(
                         'Use is_headers_auth instead.', category=DeprecationWarning)
                     return self.is_headers_auth
                 @hybrid_property
                 def allows_creating_users(self):
                     """
                     Defines if Plugin allows users to be created on-the-fly when
                     authentication is called. Controls how external plugins should behave
                     in terms if they are allowed to create new users, or not. Base plugins
                     should not be allowed to, but External ones should be !
                     :return: bool
                     """
                     return False
                 def set_auth_type(self, auth_type):
                     self.auth_type = auth_type
                 def set_calling_scope_repo(self, acl_repo_name):
                     self.acl_repo_name = acl_repo_name
                 def allows_authentication_from(
                         self, user, allows_non_existing_user=True,
                         allowed_auth_plugins=None, allowed_auth_sources=None):
                     """
                     Checks if this authentication module should accept a request for
                     the current user.
                     :param user: user object fetched using plugin's get_user() method.
                     :param allows_non_existing_user: if True, don't allow the
                         user to be empty, meaning not existing in our database
                     :param allowed_auth_plugins: if provided, users extern_type will be
                         checked against a list of provided extern types, which are plugin
                         auth_names in the end
                     :param allowed_auth_sources: authentication type allowed,
                         `http` or `vcs` default is both.
                         defines if plugin will accept only http authentication vcs
                         authentication(git/hg) or both
                     :returns: boolean
                     """
                     if not user and not allows_non_existing_user:
                         log.debug('User is empty but plugin does not allow empty users,'
                                   'not allowed to authenticate')
                         return False
                     expected_auth_plugins = allowed_auth_plugins or [self.name]
                     if user and (user.extern_type and
                                  user.extern_type not in expected_auth_plugins):
                         log.debug(
                             'User `%s` is bound to `%s` auth type. Plugin allows only '
                             '%s, skipping', user, user.extern_type, expected_auth_plugins)
                         return False
                     # by default accept both
                     expected_auth_from = allowed_auth_sources or [HTTP_TYPE, VCS_TYPE]
                     if self.auth_type not in expected_auth_from:
                         log.debug('Current auth source is %s but plugin only allows %s',
                                   self.auth_type, expected_auth_from)
                         return False
                     return True
                 def get_user(self, username=None, **kwargs):
                     """
                     Helper method for user fetching in plugins, by default it's using
                     simple fetch by username, but this method can be custimized in plugins
                     eg. headers auth plugin to fetch user by environ params
                     :param username: username if given to fetch from database
                     :param kwargs: extra arguments needed for user fetching.
                     """
                     user = None
                     log.debug(
                         'Trying to fetch user `%s` from RhodeCode database', username)
                     if username:
                         user = User.get_by_username(username)
                         if not user:
                             log.debug('User not found, fallback to fetch user in '
                                       'case insensitive mode')
                             user = User.get_by_username(username, case_insensitive=True)
                     else:
                         log.debug('provided username:`%s` is empty skipping...', username)
                     if not user:
                         log.debug('User `%s` not found in database', username)
                     else:
                         log.debug('Got DB user:%s', user)
                     return user
                 def user_activation_state(self):
                     """
                     Defines user activation state when creating new users
                     :returns: boolean
                     """
                     raise NotImplementedError("Not implemented in base class")
                 def auth(self, userobj, username, passwd, settings, **kwargs):
                     """
                     Given a user object (which may be null), username, a plaintext
                     password, and a settings object (containing all the keys needed as
                     listed in settings()), authenticate this user's login attempt.
                     Return None on failure. On success, return a dictionary of the form:
                         see: RhodeCodeAuthPluginBase.auth_func_attrs
                     This is later validated for correctness
                     """
                     raise NotImplementedError("not implemented in base class")
                 def _authenticate(self, userobj, username, passwd, settings, **kwargs):
                     """
                     Wrapper to call self.auth() that validates call on it
                     :param userobj: userobj
                     :param username: username
                     :param passwd: plaintext password
                     :param settings: plugin settings
                     """
                     auth = self.auth(userobj, username, passwd, settings, **kwargs)
                     if auth:
                         auth['_plugin'] = self.name
                         auth['_ttl_cache'] = self.get_ttl_cache(settings)
                         # check if hash should be migrated ?
                         new_hash = auth.get('_hash_migrate')
                         if new_hash:
                             self._migrate_hash_to_bcrypt(username, passwd, new_hash)
                         if 'user_group_sync' not in auth:
                             auth['user_group_sync'] = False
                         return self._validate_auth_return(auth)
                     return auth
                 def _migrate_hash_to_bcrypt(self, username, password, new_hash):
                     new_hash_cypher = _RhodeCodeCryptoBCrypt()
                     # extra checks, so make sure new hash is correct.
                     password_encoded = safe_str(password)
                     if new_hash and new_hash_cypher.hash_check(
                             password_encoded, new_hash):
                         cur_user = User.get_by_username(username)
                         cur_user.password = new_hash
                         Session().add(cur_user)
                         Session().flush()
                         log.info('Migrated user %s hash to bcrypt', cur_user)
                 def _validate_auth_return(self, ret):
                     if not isinstance(ret, dict):
                         raise Exception('returned value from auth must be a dict')
                     for k in self.auth_func_attrs:
                         if k not in ret:
                             raise Exception('Missing %s attribute from returned data' % k)
                     return ret
                 def get_ttl_cache(self, settings=None):
                     plugin_settings = settings or self.get_settings()
                     cache_ttl = 0
                     if isinstance(self.AUTH_CACHE_TTL, (int, long)):
                         # plugin cache set inside is more important than the settings value
                         cache_ttl = self.AUTH_CACHE_TTL
                     elif plugin_settings.get('cache_ttl'):
                         cache_ttl = safe_int(plugin_settings.get('cache_ttl'), 0)
                     plugin_cache_active = bool(cache_ttl and cache_ttl > 0)
                     return plugin_cache_active, cache_ttl
             class RhodeCodeExternalAuthPlugin(RhodeCodeAuthPluginBase):
                 @hybrid_property
                 def allows_creating_users(self):
                     return True
                 def use_fake_password(self):
                     """
                     Return a boolean that indicates whether or not we should set the user's
                     password to a random value when it is authenticated by this plugin.
                     If your plugin provides authentication, then you will generally
                     want this.
                     :returns: boolean
                     """
                     raise NotImplementedError("Not implemented in base class")
                 def _authenticate(self, userobj, username, passwd, settings, **kwargs):
                     # at this point _authenticate calls plugin's `auth()` function
                     auth = super(RhodeCodeExternalAuthPlugin, self)._authenticate(
                         userobj, username, passwd, settings, **kwargs)
                     if auth:
                         # maybe plugin will clean the username ?
                         # we should use the return value
                         username = auth['username']
                         # if external source tells us that user is not active, we should
                         # skip rest of the process. This can prevent from creating users in
                         # RhodeCode when using external authentication, but if it's
                         # inactive user we shouldn't create that user anyway
                         if auth['active_from_extern'] is False:
                             log.warning(
                                 "User %s authenticated against %s, but is inactive",
                                 username, self.__module__)
                             return None
                         cur_user = User.get_by_username(username, case_insensitive=True)
                         is_user_existing = cur_user is not None
                         if is_user_existing:
                             log.debug('Syncing user `%s` from '
                                       '`%s` plugin', username, self.name)
                         else:
                             log.debug('Creating non existing user `%s` from '
                                       '`%s` plugin', username, self.name)
                         if self.allows_creating_users:
                             log.debug('Plugin `%s` allows to '
                                       'create new users', self.name)
                         else:
                             log.debug('Plugin `%s` does not allow to '
                                       'create new users', self.name)
                         user_parameters = {
                             'username': username,
                             'email': auth["email"],
                             'firstname': auth["firstname"],
                             'lastname': auth["lastname"],
                             'active': auth["active"],
                             'admin': auth["admin"],
                             'extern_name': auth["extern_name"],
                             'extern_type': self.name,
                             'plugin': self,
                             'allow_to_create_user': self.allows_creating_users,
                         }
                         if not is_user_existing:
                             if self.use_fake_password():
                                 # Randomize the PW because we don't need it, but don't want
                                 # them blank either
                                 passwd = PasswordGenerator().gen_password(length=16)
                             user_parameters['password'] = passwd
                         else:
                             # Since the password is required by create_or_update method of
                             # UserModel, we need to set it explicitly.
                             # The create_or_update method is smart and recognises the
                             # password hashes as well.
                             user_parameters['password'] = cur_user.password
                         # we either create or update users, we also pass the flag
                         # that controls if this method can actually do that.
                         # raises NotAllowedToCreateUserError if it cannot, and we try to.
                         user = UserModel().create_or_update(**user_parameters)
                         Session().flush()
                         # enforce user is just in given groups, all of them has to be ones
                         # created from plugins. We store this info in _group_data JSON
                         # field
                         if auth['user_group_sync']:
                             try:
                                 groups = auth['groups'] or []
                                 log.debug(
                                     'Performing user_group sync based on set `%s` '
                                     'returned by `%s` plugin', groups, self.name)
                                 UserGroupModel().enforce_groups(user, groups, self.name)
                             except Exception:
                                 # for any reason group syncing fails, we should
                                 # proceed with login
                                 log.error(traceback.format_exc())
                         Session().commit()
                     return auth
             class AuthLdapBase(object):
                 @classmethod
                 def _build_servers(cls, ldap_server_type, ldap_server, port):
                     def host_resolver(host, port, full_resolve=True):
                         """
                         Main work for this function is to prevent ldap connection issues,
                         and detect them early using a "greenified" sockets
                         """
                         host = host.strip()
                         if not full_resolve:
                             return '{}:{}'.format(host, port)
                         log.debug('LDAP: Resolving IP for LDAP host %s', host)
                         try:
                             ip = socket.gethostbyname(host)
                             log.debug('Got LDAP server %s ip %s', host, ip)
                         except Exception:
                             raise LdapConnectionError(
                                 'Failed to resolve host: `{}`'.format(host))
                         log.debug('LDAP: Checking if IP %s is accessible', ip)
                         s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
                         try:
                             s.connect((ip, int(port)))
                             s.shutdown(socket.SHUT_RD)
                         except Exception:
                             raise LdapConnectionError(
                                 'Failed to connect to host: `{}:{}`'.format(host, port))
                         return '{}:{}'.format(host, port)
                     if len(ldap_server) == 1:
                         # in case of single server use resolver to detect potential
                         # connection issues
                         full_resolve = True
                     else:
                         full_resolve = False
                     return ', '.join(
                         ["{}://{}".format(
                             ldap_server_type,
                             host_resolver(host, port, full_resolve=full_resolve))
                          for host in ldap_server])
                 @classmethod
                 def _get_server_list(cls, servers):
                     return map(string.strip, servers.split(','))
                 @classmethod
                 def get_uid(cls, username, server_addresses):
                     uid = username
                     for server_addr in server_addresses:
                         uid = chop_at(username, "@%s" % server_addr)
                     return uid
             def loadplugin(plugin_id):
                 """
                 Loads and returns an instantiated authentication plugin.
                 Returns the RhodeCodeAuthPluginBase subclass on success,
                 or None on failure.
                 """
                 # TODO: Disusing pyramids thread locals to retrieve the registry.
                 authn_registry = get_authn_registry()
                 plugin = authn_registry.get_plugin(plugin_id)
                 if plugin is None:
                     log.error('Authentication plugin not found: "%s"', plugin_id)
                 return plugin
             def get_authn_registry(registry=None):
                 registry = registry or get_current_registry()
                 authn_registry = registry.getUtility(IAuthnPluginRegistry)
                 return authn_registry
             def authenticate(username, password, environ=None, auth_type=None,
                              skip_missing=False, registry=None, acl_repo_name=None):
                 """
                 Authentication function used for access control,
                 It tries to authenticate based on enabled authentication modules.
                 :param username: username can be empty for headers auth
                 :param password: password can be empty for headers auth
                 :param environ: environ headers passed for headers auth
                 :param auth_type: type of authentication, either `HTTP_TYPE` or `VCS_TYPE`
                 :param skip_missing: ignores plugins that are in db but not in environment
                 :returns: None if auth failed, plugin_user dict if auth is correct
                 """
                 if not auth_type or auth_type not in [HTTP_TYPE, VCS_TYPE]:
                     raise ValueError('auth type must be on of http, vcs got "%s" instead'
                                      % auth_type)
                 headers_only = environ and not (username and password)
                 authn_registry = get_authn_registry(registry)
                 plugins_to_check = authn_registry.get_plugins_for_authentication()
                 log.debug('Starting ordered authentication chain using %s plugins',
                           [x.name for x in plugins_to_check])
                 for plugin in plugins_to_check:
                     plugin.set_auth_type(auth_type)
                     plugin.set_calling_scope_repo(acl_repo_name)
                     if headers_only and not plugin.is_headers_auth:
                         log.debug('Auth type is for headers only and plugin `%s` is not '
                                   'headers plugin, skipping...', plugin.get_id())
                         continue
                     log.debug('Trying authentication using ** %s **', plugin.get_id())
                     # load plugin settings from RhodeCode database
                     plugin_settings = plugin.get_settings()
                     plugin_sanitized_settings = plugin.log_safe_settings(plugin_settings)
                     log.debug('Plugin `%s` settings:%s', plugin.get_id(), plugin_sanitized_settings)
                     # use plugin's method of user extraction.
                     user = plugin.get_user(username, environ=environ,
                                            settings=plugin_settings)
                     display_user = user.username if user else username
                     log.debug(
                         'Plugin %s extracted user is `%s`', plugin.get_id(), display_user)
                     if not plugin.allows_authentication_from(user):
                         log.debug('Plugin %s does not accept user `%s` for authentication',
                                   plugin.get_id(), display_user)
                         continue
                     else:
                         log.debug('Plugin %s accepted user `%s` for authentication',
                                   plugin.get_id(), display_user)
                     log.info('Authenticating user `%s` using %s plugin',
                              display_user, plugin.get_id())
                     plugin_cache_active, cache_ttl = plugin.get_ttl_cache(plugin_settings)
                     log.debug('AUTH_CACHE_TTL for plugin `%s` active: %s (TTL: %s)',
                               plugin.get_id(), plugin_cache_active, cache_ttl)
                     user_id = user.user_id if user else None
                     # don't cache for empty users
                     plugin_cache_active = plugin_cache_active and user_id
                     cache_namespace_uid = 'cache_user_auth.{}'.format(user_id)
                     region = rc_cache.get_or_create_region('cache_perms', cache_namespace_uid)
                     @region.conditional_cache_on_arguments(namespace=cache_namespace_uid,
                                                            expiration_time=cache_ttl,
                                                            condition=plugin_cache_active)
                     def compute_auth(
                             cache_name, plugin_name, username, password):
                         # _authenticate is a wrapper for .auth() method of plugin.
                         # it checks if .auth() sends proper data.
                         # For RhodeCodeExternalAuthPlugin it also maps users to
                         # Database and maps the attributes returned from .auth()
                         # to RhodeCode database. If this function returns data
                         # then auth is correct.
                         log.debug('Running plugin `%s` _authenticate method '
                                   'using username and password', plugin.get_id())
                         return plugin._authenticate(
                             user, username, password, plugin_settings,
                             environ=environ or {})
                     start = time.time()
                     # for environ based auth, password can be empty, but then the validation is
                     # on the server that fills in the env data needed for authentication
                     plugin_user = compute_auth('auth', plugin.name, username, (password or ''))
                     auth_time = time.time() - start
                     log.debug('Authentication for plugin `%s` completed in %.3fs, '
                               'expiration time of fetched cache %.1fs.',
                               plugin.get_id(), auth_time, cache_ttl)
                     log.debug('PLUGIN USER DATA: %s', plugin_user)
                     if plugin_user:
                         log.debug('Plugin returned proper authentication data')
                         return plugin_user
                     # we failed to Auth because .auth() method didn't return proper user
                     log.debug("User `%s` failed to authenticate against %s",
                               display_user, plugin.get_id())
                 # case when we failed to authenticate against all defined plugins
                 return None
             def chop_at(s, sub, inclusive=False):
                 """Truncate string ``s`` at the first occurrence of ``sub``.
                 If ``inclusive`` is true, truncate just after ``sub`` rather than at it.
                 >>> chop_at("plutocratic brats", "rat")
                 'plutoc'
                 >>> chop_at("plutocratic brats", "rat", True)
                 'plutocrat'
                 """
                 pos = s.find(sub)
                 if pos == -1:
                     return s
                 if inclusive:
                     return s[:pos+len(sub)]
                 return s[:pos]

rhodecode/config/middleware.py

0 +14 -1

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2018 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import os
             import sys
             import logging
             import collections
             import tempfile
             from paste.gzipper import make_gzip_middleware
             import pyramid.events
             from pyramid.wsgi import wsgiapp
             from pyramid.authorization import ACLAuthorizationPolicy
             from pyramid.config import Configurator
             from pyramid.settings import asbool, aslist
             from pyramid.httpexceptions import (
                 HTTPException, HTTPError, HTTPInternalServerError, HTTPFound, HTTPNotFound)
             from pyramid.renderers import render_to_response
             from rhodecode.model import meta
             from rhodecode.config import patches
             from rhodecode.config import utils as config_utils
             from rhodecode.config.environment import load_pyramid_environment
             import rhodecode.events
             from rhodecode.lib.middleware.vcs import VCSMiddleware
             from rhodecode.lib.request import Request
             from rhodecode.lib.vcs import VCSCommunicationError
             from rhodecode.lib.exceptions import VCSServerUnavailable
             from rhodecode.lib.middleware.appenlight import wrap_in_appenlight_if_enabled
             from rhodecode.lib.middleware.https_fixup import HttpsFixup
             from rhodecode.lib.celerylib.loader import configure_celery
             from rhodecode.lib.plugins.utils import register_rhodecode_plugin
             from rhodecode.lib.utils2 import aslist as rhodecode_aslist, AttributeDict
             from rhodecode.lib.exc_tracking import store_exception
             from rhodecode.subscribers import (
                 scan_repositories_if_enabled, write_js_routes_if_enabled,
                 write_metadata_if_needed, inject_app_settings)
             log = logging.getLogger(__name__)
             def is_http_error(response):
                 # error which should have traceback
                 return response.status_code > 499
             def make_pyramid_app(global_config, **settings):
                 """
                 Constructs the WSGI application based on Pyramid.
                 Specials:
                 * The application can also be integrated like a plugin via the call to
                   `includeme`. This is accompanied with the other utility functions which
                   are called. Changing this should be done with great care to not break
                   cases when these fragments are assembled from another place.
                 """
                 # Allows to use format style "{ENV_NAME}" placeholders in the configuration. It
                 # will be replaced by the value of the environment variable "NAME" in this case.
                 environ = {
                     'ENV_{}'.format(key): value for key, value in os.environ.items()}
                 global_config = _substitute_values(global_config, environ)
                 settings = _substitute_values(settings, environ)
                 sanitize_settings_and_apply_defaults(settings)
                 config = Configurator(settings=settings)
                 # Apply compatibility patches
                 patches.inspect_getargspec()
                 load_pyramid_environment(global_config, settings)
                 # Static file view comes first
                 includeme_first(config)
                 includeme(config)
                 pyramid_app = config.make_wsgi_app()
                 pyramid_app = wrap_app_in_wsgi_middlewares(pyramid_app, config)
                 pyramid_app.config = config
                 config.configure_celery(global_config['__file__'])
                 # creating the app uses a connection - return it after we are done
                 meta.Session.remove()
                 log.info('Pyramid app %s created and configured.', pyramid_app)
                 return pyramid_app
             def not_found_view(request):
                 """
                 This creates the view which should be registered as not-found-view to
                 pyramid.
                 """
                 if not getattr(request, 'vcs_call', None):
                     # handle like regular case with our error_handler
                     return error_handler(HTTPNotFound(), request)
                 # handle not found view as a vcs call
                 settings = request.registry.settings
                 ae_client = getattr(request, 'ae_client', None)
                 vcs_app = VCSMiddleware(
                     HTTPNotFound(), request.registry, settings,
                     appenlight_client=ae_client)
                 return wsgiapp(vcs_app)(None, request)
             def error_handler(exception, request):
                 import rhodecode
                 from rhodecode.lib import helpers
                 rhodecode_title = rhodecode.CONFIG.get('rhodecode_title') or 'RhodeCode'
                 base_response = HTTPInternalServerError()
                 # prefer original exception for the response since it may have headers set
                 if isinstance(exception, HTTPException):
                     base_response = exception
                 elif isinstance(exception, VCSCommunicationError):
                     base_response = VCSServerUnavailable()
                 if is_http_error(base_response):
                     log.exception(
                         'error occurred handling this request for path: %s', request.path)
                 error_explanation = base_response.explanation or str(base_response)
                 if base_response.status_code == 404:
                     error_explanation += " Or you don't have permission to access it."
                 c = AttributeDict()
                 c.error_message = base_response.status
                 c.error_explanation = error_explanation
                 c.visual = AttributeDict()
                 c.visual.rhodecode_support_url = (
                     request.registry.settings.get('rhodecode_support_url') or
                     request.route_url('rhodecode_support')
                 )
                 c.redirect_time = 0
                 c.rhodecode_name = rhodecode_title
                 if not c.rhodecode_name:
                     c.rhodecode_name = 'Rhodecode'
                 c.causes = []
                 if is_http_error(base_response):
                     c.causes.append('Server is overloaded.')
                     c.causes.append('Server database connection is lost.')
                     c.causes.append('Server expected unhandled error.')
                 if hasattr(base_response, 'causes'):
                     c.causes = base_response.causes
                 c.messages = helpers.flash.pop_messages(request=request)
                 exc_info = sys.exc_info()
                 c.exception_id = id(exc_info)
                 c.show_exception_id = isinstance(base_response, VCSServerUnavailable) \
                                       or base_response.status_code > 499
                 c.exception_id_url = request.route_url(
                     'admin_settings_exception_tracker_show', exception_id=c.exception_id)
                 if c.show_exception_id:
                     store_exception(c.exception_id, exc_info)
                 response = render_to_response(
                     '/errors/error_document.mako', {'c': c, 'h': helpers}, request=request,
                     response=base_response)
                 return response
             def includeme_first(config):
                 # redirect automatic browser favicon.ico requests to correct place
                 def favicon_redirect(context, request):
                     return HTTPFound(
                         request.static_path('rhodecode:public/images/favicon.ico'))
                 config.add_view(favicon_redirect, route_name='favicon')
                 config.add_route('favicon', '/favicon.ico')
                 def robots_redirect(context, request):
                     return HTTPFound(
                         request.static_path('rhodecode:public/robots.txt'))
                 config.add_view(robots_redirect, route_name='robots')
                 config.add_route('robots', '/robots.txt')
                 config.add_static_view(
                     '_static/deform', 'deform:static')
                 config.add_static_view(
                     '_static/rhodecode', path='rhodecode:public', cache_max_age=3600 * 24)
             def includeme(config):
                 settings = config.registry.settings
                 config.set_request_factory(Request)
                 # plugin information
                 config.registry.rhodecode_plugins = collections.OrderedDict()
                 config.add_directive(
                     'register_rhodecode_plugin', register_rhodecode_plugin)
                 config.add_directive('configure_celery', configure_celery)
                 if asbool(settings.get('appenlight', 'false')):
                     config.include('appenlight_client.ext.pyramid_tween')
                 # Includes which are required. The application would fail without them.
                 config.include('pyramid_mako')
                 config.include('pyramid_beaker')
-                config.include('rhodecode.lib.caches')
                 config.include('rhodecode.lib.rc_cache')
                 config.include('rhodecode.authentication')
                 config.include('rhodecode.integrations')
                 # apps
                 config.include('rhodecode.apps._base')
                 config.include('rhodecode.apps.ops')
                 config.include('rhodecode.apps.admin')
                 config.include('rhodecode.apps.channelstream')
                 config.include('rhodecode.apps.login')
                 config.include('rhodecode.apps.home')
                 config.include('rhodecode.apps.journal')
                 config.include('rhodecode.apps.repository')
                 config.include('rhodecode.apps.repo_group')
                 config.include('rhodecode.apps.user_group')
                 config.include('rhodecode.apps.search')
                 config.include('rhodecode.apps.user_profile')
                 config.include('rhodecode.apps.user_group_profile')
                 config.include('rhodecode.apps.my_account')
                 config.include('rhodecode.apps.svn_support')
                 config.include('rhodecode.apps.ssh_support')
                 config.include('rhodecode.apps.gist')
                 config.include('rhodecode.apps.debug_style')
                 config.include('rhodecode.tweens')
                 config.include('rhodecode.api')
                 config.add_route(
                     'rhodecode_support', 'https://rhodecode.com/help/', static=True)
                 config.add_translation_dirs('rhodecode:i18n/')
                 settings['default_locale_name'] = settings.get('lang', 'en')
                 # Add subscribers.
                 config.add_subscriber(inject_app_settings,
                                       pyramid.events.ApplicationCreated)
                 config.add_subscriber(scan_repositories_if_enabled,
                                       pyramid.events.ApplicationCreated)
                 config.add_subscriber(write_metadata_if_needed,
                                       pyramid.events.ApplicationCreated)
                 config.add_subscriber(write_js_routes_if_enabled,
                                       pyramid.events.ApplicationCreated)
                 # request custom methods
                 config.add_request_method(
                     'rhodecode.lib.partial_renderer.get_partial_renderer',
                     'get_partial_renderer')
                 # Set the authorization policy.
                 authz_policy = ACLAuthorizationPolicy()
                 config.set_authorization_policy(authz_policy)
                 # Set the default renderer for HTML templates to mako.
                 config.add_mako_renderer('.html')
                 config.add_renderer(
                     name='json_ext',
                     factory='rhodecode.lib.ext_json_renderer.pyramid_ext_json')
                 # include RhodeCode plugins
                 includes = aslist(settings.get('rhodecode.includes', []))
                 for inc in includes:
                     config.include(inc)
                 # custom not found view, if our pyramid app doesn't know how to handle
                 # the request pass it to potential VCS handling ap
                 config.add_notfound_view(not_found_view)
                 if not settings.get('debugtoolbar.enabled', False):
                     # disabled debugtoolbar handle all exceptions via the error_handlers
                     config.add_view(error_handler, context=Exception)
                 # all errors including 403/404/50X
                 config.add_view(error_handler, context=HTTPError)
             def wrap_app_in_wsgi_middlewares(pyramid_app, config):
                 """
                 Apply outer WSGI middlewares around the application.
                 """
                 registry = config.registry
                 settings = registry.settings
                 # enable https redirects based on HTTP_X_URL_SCHEME set by proxy
                 pyramid_app = HttpsFixup(pyramid_app, settings)
                 pyramid_app, _ae_client = wrap_in_appenlight_if_enabled(
                     pyramid_app, settings)
                 registry.ae_client = _ae_client
                 if settings['gzip_responses']:
                     pyramid_app = make_gzip_middleware(
                         pyramid_app, settings, compress_level=1)
                 # this should be the outer most middleware in the wsgi stack since
                 # middleware like Routes make database calls
                 def pyramid_app_with_cleanup(environ, start_response):
                     try:
                         return pyramid_app(environ, start_response)
                     finally:
                         # Dispose current database session and rollback uncommitted
                         # transactions.
                         meta.Session.remove()
                         # In a single threaded mode server, on non sqlite db we should have
                         # '0 Current Checked out connections' at the end of a request,
                         # if not, then something, somewhere is leaving a connection open
                         pool = meta.Base.metadata.bind.engine.pool
                         log.debug('sa pool status: %s', pool.status())
                         log.debug('Request processing finalized')
                 return pyramid_app_with_cleanup
             def sanitize_settings_and_apply_defaults(settings):
                 """
                 Applies settings defaults and does all type conversion.
                 We would move all settings parsing and preparation into this place, so that
                 we have only one place left which deals with this part. The remaining parts
                 of the application would start to rely fully on well prepared settings.
                 This piece would later be split up per topic to avoid a big fat monster
                 function.
                 """
                 settings.setdefault('rhodecode.edition', 'Community Edition')
                 if 'mako.default_filters' not in settings:
                     # set custom default filters if we don't have it defined
                     settings['mako.imports'] = 'from rhodecode.lib.base import h_filter'
                     settings['mako.default_filters'] = 'h_filter'
                 if 'mako.directories' not in settings:
                     mako_directories = settings.setdefault('mako.directories', [
                         # Base templates of the original application
                         'rhodecode:templates',
                     ])
                     log.debug(
                         "Using the following Mako template directories: %s",
                         mako_directories)
                 # Default includes, possible to change as a user
                 pyramid_includes = settings.setdefault('pyramid.includes', [
                     'rhodecode.lib.middleware.request_wrapper',
                 ])
                 log.debug(
                     "Using the following pyramid.includes: %s",
                     pyramid_includes)
                 # TODO: johbo: Re-think this, usually the call to config.include
                 # should allow to pass in a prefix.
                 settings.setdefault('rhodecode.api.url', '/_admin/api')
                 # Sanitize generic settings.
                 _list_setting(settings, 'default_encoding', 'UTF-8')
                 _bool_setting(settings, 'is_test', 'false')
                 _bool_setting(settings, 'gzip_responses', 'false')
                 # Call split out functions that sanitize settings for each topic.
                 _sanitize_appenlight_settings(settings)
                 _sanitize_vcs_settings(settings)
                 _sanitize_cache_settings(settings)
                 # configure instance id
                 config_utils.set_instance_id(settings)
                 return settings
             def _sanitize_appenlight_settings(settings):
                 _bool_setting(settings, 'appenlight', 'false')
             def _sanitize_vcs_settings(settings):
                 """
                 Applies settings defaults and does type conversion for all VCS related
                 settings.
                 """
                 _string_setting(settings, 'vcs.svn.compatible_version', '')
                 _string_setting(settings, 'git_rev_filter', '--all')
                 _string_setting(settings, 'vcs.hooks.protocol', 'http')
                 _string_setting(settings, 'vcs.hooks.host', '127.0.0.1')
                 _string_setting(settings, 'vcs.scm_app_implementation', 'http')
                 _string_setting(settings, 'vcs.server', '')
                 _string_setting(settings, 'vcs.server.log_level', 'debug')
                 _string_setting(settings, 'vcs.server.protocol', 'http')
                 _bool_setting(settings, 'startup.import_repos', 'false')
                 _bool_setting(settings, 'vcs.hooks.direct_calls', 'false')
                 _bool_setting(settings, 'vcs.server.enable', 'true')
                 _bool_setting(settings, 'vcs.start_server', 'false')
                 _list_setting(settings, 'vcs.backends', 'hg, git, svn')
                 _int_setting(settings, 'vcs.connection_timeout', 3600)
                 # Support legacy values of vcs.scm_app_implementation. Legacy
                 # configurations may use 'rhodecode.lib.middleware.utils.scm_app_http'
                 # which is now mapped to 'http'.
                 scm_app_impl = settings['vcs.scm_app_implementation']
                 if scm_app_impl == 'rhodecode.lib.middleware.utils.scm_app_http':
                     settings['vcs.scm_app_implementation'] = 'http'
             def _sanitize_cache_settings(settings):
                 _string_setting(settings, 'cache_dir',
                                 os.path.join(tempfile.gettempdir(), 'rc_cache'))
                 # cache_perms
                 _string_setting(
                     settings,
                     'rc_cache.cache_perms.backend',
                     'dogpile.cache.rc.file_namespace')
                 _int_setting(
                     settings,
                     'rc_cache.cache_perms.expiration_time',
 )
                 _string_setting(
                     settings,
                     'rc_cache.cache_perms.arguments.filename',
                     os.path.join(tempfile.gettempdir(), 'rc_cache_1'))
                 # cache_repo
                 _string_setting(
                     settings,
                     'rc_cache.cache_repo.backend',
                     'dogpile.cache.rc.file_namespace')
                 _int_setting(
                     settings,
                     'rc_cache.cache_repo.expiration_time',
 )
                 _string_setting(
                     settings,
                     'rc_cache.cache_repo.arguments.filename',
                     os.path.join(tempfile.gettempdir(), 'rc_cache_2'))
+                # cache_repo_longterm memory, 96H
+                _string_setting(
+                    settings,
+                    'rc_cache.cache_repo_longterm.backend',
+                    'dogpile.cache.rc.memory_lru')
+                _int_setting(
+                    settings,
+                    'rc_cache.cache_repo_longterm.expiration_time',
+)
+                _int_setting(
+                    settings,
+                    'rc_cache.cache_repo_longterm.max_size',
+)
                 # sql_cache_short
                 _string_setting(
                     settings,
                     'rc_cache.sql_cache_short.backend',
                     'dogpile.cache.rc.memory_lru')
                 _int_setting(
                     settings,
                     'rc_cache.sql_cache_short.expiration_time',
 )
                 _int_setting(
                     settings,
                     'rc_cache.sql_cache_short.max_size',
 )
             def _int_setting(settings, name, default):
                 settings[name] = int(settings.get(name, default))
             def _bool_setting(settings, name, default):
                 input_val = settings.get(name, default)
                 if isinstance(input_val, unicode):
                     input_val = input_val.encode('utf8')
                 settings[name] = asbool(input_val)
             def _list_setting(settings, name, default):
                 raw_value = settings.get(name, default)
                 old_separator = ','
                 if old_separator in raw_value:
                     # If we get a comma separated list, pass it to our own function.
                     settings[name] = rhodecode_aslist(raw_value, sep=old_separator)
                 else:
                     # Otherwise we assume it uses pyramids space/newline separation.
                     settings[name] = aslist(raw_value)
             def _string_setting(settings, name, default, lower=True):
                 value = settings.get(name, default)
                 if lower:
                     value = value.lower()
                 settings[name] = value
             def _substitute_values(mapping, substitutions):
                 result = {
                     # Note: Cannot use regular replacements, since they would clash
                     # with the implementation of ConfigParser. Using "format" instead.
                     key: value.format(**substitutions)
                     for key, value in mapping.items()
                 }
                 return result

rhodecode/lib/base.py

0 0 -1

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2018 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             The base Controller API
             Provides the BaseController class for subclassing. And usage in different
             controllers
             """
             import logging
             import socket
             import markupsafe
             import ipaddress
             from paste.auth.basic import AuthBasicAuthenticator
             from paste.httpexceptions import HTTPUnauthorized, HTTPForbidden, get_exception
             from paste.httpheaders import WWW_AUTHENTICATE, AUTHORIZATION
             import rhodecode
             from rhodecode.authentication.base import VCS_TYPE
             from rhodecode.lib import auth, utils2
             from rhodecode.lib import helpers as h
             from rhodecode.lib.auth import AuthUser, CookieStoreWrapper
             from rhodecode.lib.exceptions import UserCreationError
             from rhodecode.lib.utils import (password_changed, get_enabled_hook_classes)
             from rhodecode.lib.utils2 import (
                 str2bool, safe_unicode, AttributeDict, safe_int, sha1, aslist, safe_str)
             from rhodecode.model.db import Repository, User, ChangesetComment
             from rhodecode.model.notification import NotificationModel
             from rhodecode.model.settings import VcsSettingsModel, SettingsModel
             log = logging.getLogger(__name__)
             def _filter_proxy(ip):
                 """
                 Passed in IP addresses in HEADERS can be in a special format of multiple
                 ips. Those comma separated IPs are passed from various proxies in the
                 chain of request processing. The left-most being the original client.
                 We only care about the first IP which came from the org. client.
                 :param ip: ip string from headers
                 """
                 if ',' in ip:
                     _ips = ip.split(',')
                     _first_ip = _ips[0].strip()
                     log.debug('Got multiple IPs %s, using %s', ','.join(_ips), _first_ip)
                     return _first_ip
                 return ip
             def _filter_port(ip):
                 """
                 Removes a port from ip, there are 4 main cases to handle here.
                 - ipv4 eg. 127.0.0.1
                 - ipv6 eg. ::1
                 - ipv4+port eg. 127.0.0.1:8080
                 - ipv6+port eg. [::1]:8080
                 :param ip:
                 """
                 def is_ipv6(ip_addr):
                     if hasattr(socket, 'inet_pton'):
                         try:
                             socket.inet_pton(socket.AF_INET6, ip_addr)
                         except socket.error:
                             return False
                     else:
                         # fallback to ipaddress
                         try:
                             ipaddress.IPv6Address(safe_unicode(ip_addr))
                         except Exception:
                             return False
                     return True
                 if ':' not in ip:  # must be ipv4 pure ip
                     return ip
                 if '[' in ip and ']' in ip:  # ipv6 with port
                     return ip.split(']')[0][1:].lower()
                 # must be ipv6 or ipv4 with port
                 if is_ipv6(ip):
                     return ip
                 else:
                     ip, _port = ip.split(':')[:2]  # means ipv4+port
                     return ip
             def get_ip_addr(environ):
                 proxy_key = 'HTTP_X_REAL_IP'
                 proxy_key2 = 'HTTP_X_FORWARDED_FOR'
                 def_key = 'REMOTE_ADDR'
                 _filters = lambda x: _filter_port(_filter_proxy(x))
                 ip = environ.get(proxy_key)
                 if ip:
                     return _filters(ip)
                 ip = environ.get(proxy_key2)
                 if ip:
                     return _filters(ip)
                 ip = environ.get(def_key, '0.0.0.0')
                 return _filters(ip)
             def get_server_ip_addr(environ, log_errors=True):
                 hostname = environ.get('SERVER_NAME')
                 try:
                     return socket.gethostbyname(hostname)
                 except Exception as e:
                     if log_errors:
                         # in some cases this lookup is not possible, and we don't want to
                         # make it an exception in logs
                         log.exception('Could not retrieve server ip address: %s', e)
                     return hostname
             def get_server_port(environ):
                 return environ.get('SERVER_PORT')
             def get_access_path(environ):
                 path = environ.get('PATH_INFO')
                 org_req = environ.get('pylons.original_request')
                 if org_req:
                     path = org_req.environ.get('PATH_INFO')
                 return path
             def get_user_agent(environ):
                 return environ.get('HTTP_USER_AGENT')
             def vcs_operation_context(
                     environ, repo_name, username, action, scm, check_locking=True,
                     is_shadow_repo=False):
                 """
                 Generate the context for a vcs operation, e.g. push or pull.
                 This context is passed over the layers so that hooks triggered by the
                 vcs operation know details like the user, the user's IP address etc.
                 :param check_locking: Allows to switch of the computation of the locking
                     data. This serves mainly the need of the simplevcs middleware to be
                     able to disable this for certain operations.
                 """
                 # Tri-state value: False: unlock, None: nothing, True: lock
                 make_lock = None
                 locked_by = [None, None, None]
                 is_anonymous = username == User.DEFAULT_USER
                 user = User.get_by_username(username)
                 if not is_anonymous and check_locking:
                     log.debug('Checking locking on repository "%s"', repo_name)
                     repo = Repository.get_by_repo_name(repo_name)
                     make_lock, __, locked_by = repo.get_locking_state(
                         action, user.user_id)
                 user_id = user.user_id
                 settings_model = VcsSettingsModel(repo=repo_name)
                 ui_settings = settings_model.get_ui_settings()
                 extras = {
                     'ip': get_ip_addr(environ),
                     'username': username,
                     'user_id': user_id,
                     'action': action,
                     'repository': repo_name,
                     'scm': scm,
                     'config': rhodecode.CONFIG['__file__'],
                     'make_lock': make_lock,
                     'locked_by': locked_by,
                     'server_url': utils2.get_server_url(environ),
                     'user_agent': get_user_agent(environ),
                     'hooks': get_enabled_hook_classes(ui_settings),
                     'is_shadow_repo': is_shadow_repo,
                 }
                 return extras
             class BasicAuth(AuthBasicAuthenticator):
                 def __init__(self, realm, authfunc, registry, auth_http_code=None,
                              initial_call_detection=False, acl_repo_name=None):
                     self.realm = realm
                     self.initial_call = initial_call_detection
                     self.authfunc = authfunc
                     self.registry = registry
                     self.acl_repo_name = acl_repo_name
                     self._rc_auth_http_code = auth_http_code
                 def _get_response_from_code(self, http_code):
                     try:
                         return get_exception(safe_int(http_code))
                     except Exception:
                         log.exception('Failed to fetch response for code %s' % http_code)
                         return HTTPForbidden
                 def get_rc_realm(self):
                     return safe_str(self.registry.rhodecode_settings.get('rhodecode_realm'))
                 def build_authentication(self):
                     head = WWW_AUTHENTICATE.tuples('Basic realm="%s"' % self.realm)
                     if self._rc_auth_http_code and not self.initial_call:
                         # return alternative HTTP code if alternative http return code
                         # is specified in RhodeCode config, but ONLY if it's not the
                         # FIRST call
                         custom_response_klass = self._get_response_from_code(
                             self._rc_auth_http_code)
                         return custom_response_klass(headers=head)
                     return HTTPUnauthorized(headers=head)
                 def authenticate(self, environ):
                     authorization = AUTHORIZATION(environ)
                     if not authorization:
                         return self.build_authentication()
                     (authmeth, auth) = authorization.split(' ', 1)
                     if 'basic' != authmeth.lower():
                         return self.build_authentication()
                     auth = auth.strip().decode('base64')
                     _parts = auth.split(':', 1)
                     if len(_parts) == 2:
                         username, password = _parts
                         auth_data = self.authfunc(
                                 username, password, environ, VCS_TYPE,
                                 registry=self.registry, acl_repo_name=self.acl_repo_name)
                         if auth_data:
                             return {'username': username, 'auth_data': auth_data}
                         if username and password:
                             # we mark that we actually executed authentication once, at
                             # that point we can use the alternative auth code
                             self.initial_call = False
                     return self.build_authentication()
                 __call__ = authenticate
             def calculate_version_hash(config):
                 return sha1(
                     config.get('beaker.session.secret', '') +
                     rhodecode.__version__)[:8]
             def get_current_lang(request):
                 # NOTE(marcink): remove after pyramid move
                 try:
                     return translation.get_lang()[0]
                 except:
                     pass
                 return getattr(request, '_LOCALE_', request.locale_name)
             def attach_context_attributes(context, request, user_id):
                 """
                 Attach variables into template context called `c`.
                 """
                 config = request.registry.settings
                 rc_config = SettingsModel().get_all_settings(cache=True)
                 context.rhodecode_version = rhodecode.__version__
                 context.rhodecode_edition = config.get('rhodecode.edition')
                 # unique secret + version does not leak the version but keep consistency
                 context.rhodecode_version_hash = calculate_version_hash(config)
                 # Default language set for the incoming request
                 context.language = get_current_lang(request)
                 # Visual options
                 context.visual = AttributeDict({})
                 # DB stored Visual Items
                 context.visual.show_public_icon = str2bool(
                     rc_config.get('rhodecode_show_public_icon'))
                 context.visual.show_private_icon = str2bool(
                     rc_config.get('rhodecode_show_private_icon'))
                 context.visual.stylify_metatags = str2bool(
                     rc_config.get('rhodecode_stylify_metatags'))
                 context.visual.dashboard_items = safe_int(
                     rc_config.get('rhodecode_dashboard_items', 100))
                 context.visual.admin_grid_items = safe_int(
                     rc_config.get('rhodecode_admin_grid_items', 100))
                 context.visual.repository_fields = str2bool(
                     rc_config.get('rhodecode_repository_fields'))
                 context.visual.show_version = str2bool(
                     rc_config.get('rhodecode_show_version'))
                 context.visual.use_gravatar = str2bool(
                     rc_config.get('rhodecode_use_gravatar'))
                 context.visual.gravatar_url = rc_config.get('rhodecode_gravatar_url')
                 context.visual.default_renderer = rc_config.get(
                     'rhodecode_markup_renderer', 'rst')
                 context.visual.comment_types = ChangesetComment.COMMENT_TYPES
                 context.visual.rhodecode_support_url = \
                     rc_config.get('rhodecode_support_url') or h.route_url('rhodecode_support')
                 context.visual.affected_files_cut_off = 60
                 context.pre_code = rc_config.get('rhodecode_pre_code')
                 context.post_code = rc_config.get('rhodecode_post_code')
                 context.rhodecode_name = rc_config.get('rhodecode_title')
                 context.default_encodings = aslist(config.get('default_encoding'), sep=',')
                 # if we have specified default_encoding in the request, it has more
                 # priority
                 if request.GET.get('default_encoding'):
                     context.default_encodings.insert(0, request.GET.get('default_encoding'))
                 context.clone_uri_tmpl = rc_config.get('rhodecode_clone_uri_tmpl')
                 context.clone_uri_ssh_tmpl = rc_config.get('rhodecode_clone_uri_ssh_tmpl')
                 # INI stored
                 context.labs_active = str2bool(
                     config.get('labs_settings_active', 'false'))
                 context.ssh_enabled = str2bool(
                     config.get('ssh.generate_authorized_keyfile', 'false'))
                 context.visual.allow_repo_location_change = str2bool(
                     config.get('allow_repo_location_change', True))
                 context.visual.allow_custom_hooks_settings = str2bool(
                     config.get('allow_custom_hooks_settings', True))
                 context.debug_style = str2bool(config.get('debug_style', False))
                 context.rhodecode_instanceid = config.get('instance_id')
                 context.visual.cut_off_limit_diff = safe_int(
                     config.get('cut_off_limit_diff'))
                 context.visual.cut_off_limit_file = safe_int(
                     config.get('cut_off_limit_file'))
                 # AppEnlight
                 context.appenlight_enabled = str2bool(config.get('appenlight', 'false'))
                 context.appenlight_api_public_key = config.get(
                     'appenlight.api_public_key', '')
                 context.appenlight_server_url = config.get('appenlight.server_url', '')
                 # JS template context
                 context.template_context = {
                     'repo_name': None,
                     'repo_type': None,
                     'repo_landing_commit': None,
                     'rhodecode_user': {
                         'username': None,
                         'email': None,
                         'notification_status': False
                     },
                     'visual': {
                         'default_renderer': None
                     },
                     'commit_data': {
                         'commit_id': None
                     },
                     'pull_request_data': {'pull_request_id': None},
                     'timeago': {
                         'refresh_time': 120 * 1000,
                         'cutoff_limit': 1000 * 60 * 60 * 24 * 7
                     },
                     'pyramid_dispatch': {
                     },
                     'extra': {'plugins': {}}
                 }
                 # END CONFIG VARS
                 diffmode = 'sideside'
                 if request.GET.get('diffmode'):
                     if request.GET['diffmode'] == 'unified':
                         diffmode = 'unified'
                 elif request.session.get('diffmode'):
                     diffmode = request.session['diffmode']
                 context.diffmode = diffmode
                 if request.session.get('diffmode') != diffmode:
                     request.session['diffmode'] = diffmode
                 context.csrf_token = auth.get_csrf_token(session=request.session)
                 context.backends = rhodecode.BACKENDS.keys()
                 context.backends.sort()
                 context.unread_notifications = NotificationModel().get_unread_cnt_for_user(user_id)
                 # web case
                 if hasattr(request, 'user'):
                     context.auth_user = request.user
                     context.rhodecode_user = request.user
                 # api case
                 if hasattr(request, 'rpc_user'):
                     context.auth_user = request.rpc_user
                     context.rhodecode_user = request.rpc_user
                 # attach the whole call context to the request
                 request.call_context = context
             def get_auth_user(request):
                 environ = request.environ
                 session = request.session
                 ip_addr = get_ip_addr(environ)
                 # make sure that we update permissions each time we call controller
                 _auth_token = (request.GET.get('auth_token', '') or
                                request.GET.get('api_key', ''))
                 if _auth_token:
                     # when using API_KEY we assume user exists, and
                     # doesn't need auth based on cookies.
                     auth_user = AuthUser(api_key=_auth_token, ip_addr=ip_addr)
                     authenticated = False
                 else:
                     cookie_store = CookieStoreWrapper(session.get('rhodecode_user'))
                     try:
                         auth_user = AuthUser(user_id=cookie_store.get('user_id', None),
                                              ip_addr=ip_addr)
                     except UserCreationError as e:
                         h.flash(e, 'error')
                         # container auth or other auth functions that create users
                         # on the fly can throw this exception signaling that there's
                         # issue with user creation, explanation should be provided
                         # in Exception itself. We then create a simple blank
                         # AuthUser
                         auth_user = AuthUser(ip_addr=ip_addr)
                     # in case someone changes a password for user it triggers session
                     # flush and forces a re-login
                     if password_changed(auth_user, session):
                         session.invalidate()
                         cookie_store = CookieStoreWrapper(session.get('rhodecode_user'))
                         auth_user = AuthUser(ip_addr=ip_addr)
                     authenticated = cookie_store.get('is_authenticated')
                 if not auth_user.is_authenticated and auth_user.is_user_object:
                     # user is not authenticated and not empty
                     auth_user.set_authenticated(authenticated)
                 return auth_user
             def h_filter(s):
                 """
                 Custom filter for Mako templates. Mako by standard uses `markupsafe.escape`
                 we wrap this with additional functionality that converts None to empty
                 strings
                 """
                 if s is None:
                     return markupsafe.Markup()
                 return markupsafe.escape(s)
             def add_events_routes(config):
                 """
                 Adds routing that can be used in events. Because some events are triggered
                 outside of pyramid context, we need to bootstrap request with some
                 routing registered
                 """
                 from rhodecode.apps._base import ADMIN_PREFIX
                 config.add_route(name='home', pattern='/')
                 config.add_route(name='login', pattern=ADMIN_PREFIX + '/login')
                 config.add_route(name='logout', pattern=ADMIN_PREFIX + '/logout')
                 config.add_route(name='repo_summary', pattern='/{repo_name}')
                 config.add_route(name='repo_summary_explicit', pattern='/{repo_name}/summary')
                 config.add_route(name='repo_group_home', pattern='/{repo_group_name}')
                 config.add_route(name='pullrequest_show',
                                  pattern='/{repo_name}/pull-request/{pull_request_id}')
                 config.add_route(name='pull_requests_global',
                                  pattern='/pull-request/{pull_request_id}')
                 config.add_route(name='repo_commit',
                                  pattern='/{repo_name}/changeset/{commit_id}')
                 config.add_route(name='repo_files',
                                  pattern='/{repo_name}/files/{commit_id}/{f_path}')
             def bootstrap_config(request):
                 import pyramid.testing
                 registry = pyramid.testing.Registry('RcTestRegistry')
                 config = pyramid.testing.setUp(registry=registry, request=request)
                 # allow pyramid lookup in testing
                 config.include('pyramid_mako')
                 config.include('pyramid_beaker')
-                config.include('rhodecode.lib.caches')
                 config.include('rhodecode.lib.rc_cache')
                 add_events_routes(config)
                 return config
             def bootstrap_request(**kwargs):
                 import pyramid.testing
                 class TestRequest(pyramid.testing.DummyRequest):
                     application_url = kwargs.pop('application_url', 'http://example.com')
                     host = kwargs.pop('host', 'example.com:80')
                     domain = kwargs.pop('domain', 'example.com')
                     def translate(self, msg):
                         return msg
                     def plularize(self, singular, plural, n):
                         return singular
                     def get_partial_renderer(self, tmpl_name):
                         from rhodecode.lib.partial_renderer import get_partial_renderer
                         return get_partial_renderer(request=self, tmpl_name=tmpl_name)
                     _call_context = {}
                     @property
                     def call_context(self):
                         return self._call_context
                 class TestDummySession(pyramid.testing.DummySession):
                     def save(*arg, **kw):
                         pass
                 request = TestRequest(**kwargs)
                 request.session = TestDummySession()
                 return request

rhodecode/lib/dbmigrate/schema/db_1_2_0.py

0 +1 -11

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2018 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import os
             import logging
             import datetime
             import traceback
             from datetime import date
             from sqlalchemy import *
             from sqlalchemy.ext.hybrid import hybrid_property
             from sqlalchemy.orm import relationship, joinedload, class_mapper, validates
             from beaker.cache import cache_region, region_invalidate
             from rhodecode.lib.vcs import get_backend
             from rhodecode.lib.vcs.utils.helpers import get_scm
             from rhodecode.lib.vcs.exceptions import VCSError
             from zope.cachedescriptors.property import Lazy as LazyProperty
             from rhodecode.lib.auth import generate_auth_token
             from rhodecode.lib.utils2 import str2bool, safe_str, get_commit_safe, safe_unicode
             from rhodecode.lib.exceptions import UserGroupAssignedException
             from rhodecode.lib.ext_json import json
             from rhodecode.model.meta import Base, Session
             from rhodecode.lib.caching_query import FromCache
             log = logging.getLogger(__name__)
             #==============================================================================
             # BASE CLASSES
             #==============================================================================
             class ModelSerializer(json.JSONEncoder):
                 """
                 Simple Serializer for JSON,
                 usage::
                     to make object customized for serialization implement a __json__
                     method that will return a dict for serialization into json
                 example::
                     class Task(object):
                         def __init__(self, name, value):
                             self.name = name
                             self.value = value
                         def __json__(self):
                             return dict(name=self.name,
                                         value=self.value)
                 """
                 def default(self, obj):
                     if hasattr(obj, '__json__'):
                         return obj.__json__()
                     else:
                         return json.JSONEncoder.default(self, obj)
             class BaseModel(object):
                 """Base Model for all classess
                 """
                 @classmethod
                 def _get_keys(cls):
                     """return column names for this model """
                     return class_mapper(cls).c.keys()
                 def get_dict(self):
                     """return dict with keys and values corresponding
                     to this model data """
                     d = {}
                     for k in self._get_keys():
                         d[k] = getattr(self, k)
                     return d
                 def get_appstruct(self):
                     """return list with keys and values tupples corresponding
                     to this model data """
                     l = []
                     for k in self._get_keys():
                         l.append((k, getattr(self, k),))
                     return l
                 def populate_obj(self, populate_dict):
                     """populate model with data from given populate_dict"""
                     for k in self._get_keys():
                         if k in populate_dict:
                             setattr(self, k, populate_dict[k])
                 @classmethod
                 def query(cls):
                     return Session.query(cls)
                 @classmethod
                 def get(cls, id_):
                     if id_:
                         return cls.query().get(id_)
                 @classmethod
                 def getAll(cls):
                     return cls.query().all()
                 @classmethod
                 def delete(cls, id_):
                     obj = cls.query().get(id_)
                     Session.delete(obj)
                     Session.commit()
             class RhodeCodeSetting(Base, BaseModel):
                 __tablename__ = 'rhodecode_settings'
                 __table_args__ = (UniqueConstraint('app_settings_name'), {'extend_existing':True})
                 app_settings_id = Column("app_settings_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 app_settings_name = Column("app_settings_name", String(255), nullable=True, unique=None, default=None)
                 _app_settings_value = Column("app_settings_value", String(255), nullable=True, unique=None, default=None)
                 def __init__(self, k='', v=''):
                     self.app_settings_name = k
                     self.app_settings_value = v
                 @validates('_app_settings_value')
                 def validate_settings_value(self, key, val):
                     assert type(val) == unicode
                     return val
                 @hybrid_property
                 def app_settings_value(self):
                     v = self._app_settings_value
                     if v == 'ldap_active':
                         v = str2bool(v)
                     return v
                 @app_settings_value.setter
                 def app_settings_value(self, val):
                     """
                     Setter that will always make sure we use unicode in app_settings_value
                     :param val:
                     """
                     self._app_settings_value = safe_unicode(val)
                 def __repr__(self):
                     return "<%s('%s:%s')>" % (self.__class__.__name__,
                                               self.app_settings_name, self.app_settings_value)
                 @classmethod
                 def get_by_name(cls, ldap_key):
                     return cls.query()\
                         .filter(cls.app_settings_name == ldap_key).scalar()
                 @classmethod
                 def get_app_settings(cls, cache=False):
                     ret = cls.query()
                     if cache:
                         ret = ret.options(FromCache("sql_cache_short", "get_hg_settings"))
                     if not ret:
                         raise Exception('Could not get application settings !')
                     settings = {}
                     for each in ret:
                         settings['rhodecode_' + each.app_settings_name] = \
                             each.app_settings_value
                     return settings
                 @classmethod
                 def get_ldap_settings(cls, cache=False):
                     ret = cls.query()\
                             .filter(cls.app_settings_name.startswith('ldap_')).all()
                     fd = {}
                     for row in ret:
                         fd.update({row.app_settings_name:row.app_settings_value})
                     return fd
             class RhodeCodeUi(Base, BaseModel):
                 __tablename__ = 'rhodecode_ui'
                 __table_args__ = (UniqueConstraint('ui_key'), {'extend_existing':True})
                 HOOK_REPO_SIZE = 'changegroup.repo_size'
                 HOOK_PUSH = 'pretxnchangegroup.push_logger'
                 HOOK_PULL = 'preoutgoing.pull_logger'
                 ui_id = Column("ui_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 ui_section = Column("ui_section", String(255), nullable=True, unique=None, default=None)
                 ui_key = Column("ui_key", String(255), nullable=True, unique=None, default=None)
                 ui_value = Column("ui_value", String(255), nullable=True, unique=None, default=None)
                 ui_active = Column("ui_active", Boolean(), nullable=True, unique=None, default=True)
                 @classmethod
                 def get_by_key(cls, key):
                     return cls.query().filter(cls.ui_key == key)
                 @classmethod
                 def get_builtin_hooks(cls):
                     q = cls.query()
                     q = q.filter(cls.ui_key.in_([cls.HOOK_REPO_SIZE,
                                                  cls.HOOK_PUSH, cls.HOOK_PULL]))
                     return q.all()
                 @classmethod
                 def get_custom_hooks(cls):
                     q = cls.query()
                     q = q.filter(~cls.ui_key.in_([cls.HOOK_REPO_SIZE,
                                                   cls.HOOK_PUSH, cls.HOOK_PULL]))
                     q = q.filter(cls.ui_section == 'hooks')
                     return q.all()
                 @classmethod
                 def create_or_update_hook(cls, key, val):
                     new_ui = cls.get_by_key(key).scalar() or cls()
                     new_ui.ui_section = 'hooks'
                     new_ui.ui_active = True
                     new_ui.ui_key = key
                     new_ui.ui_value = val
                     Session.add(new_ui)
                     Session.commit()
             class User(Base, BaseModel):
                 __tablename__ = 'users'
                 __table_args__ = (UniqueConstraint('username'), UniqueConstraint('email'), {'extend_existing':True})
                 user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 username = Column("username", String(255), nullable=True, unique=None, default=None)
                 password = Column("password", String(255), nullable=True, unique=None, default=None)
                 active = Column("active", Boolean(), nullable=True, unique=None, default=None)
                 admin = Column("admin", Boolean(), nullable=True, unique=None, default=False)
                 name = Column("name", String(255), nullable=True, unique=None, default=None)
                 lastname = Column("lastname", String(255), nullable=True, unique=None, default=None)
                 email = Column("email", String(255), nullable=True, unique=None, default=None)
                 last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None)
                 ldap_dn = Column("ldap_dn", String(255), nullable=True, unique=None, default=None)
                 api_key = Column("api_key", String(255), nullable=True, unique=None, default=None)
                 user_log = relationship('UserLog', cascade='all')
                 user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all')
                 repositories = relationship('Repository')
                 user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all')
                 repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all')
                 group_member = relationship('UserGroupMember', cascade='all')
                 @property
                 def full_contact(self):
                     return '%s %s <%s>' % (self.name, self.lastname, self.email)
                 @property
                 def short_contact(self):
                     return '%s %s' % (self.name, self.lastname)
                 @property
                 def is_admin(self):
                     return self.admin
                 def __repr__(self):
                     try:
                         return "<%s('id:%s:%s')>" % (self.__class__.__name__,
                                                          self.user_id, self.username)
                     except:
                         return self.__class__.__name__
                 @classmethod
                 def get_by_username(cls, username, case_insensitive=False):
                     if case_insensitive:
                         return Session.query(cls).filter(cls.username.ilike(username)).scalar()
                     else:
                         return Session.query(cls).filter(cls.username == username).scalar()
                 @classmethod
                 def get_by_auth_token(cls, auth_token):
                     return cls.query().filter(cls.api_key == auth_token).one()
                 def update_lastlogin(self):
                     """Update user lastlogin"""
                     self.last_login = datetime.datetime.now()
                     Session.add(self)
                     Session.commit()
                     log.debug('updated user %s lastlogin' % self.username)
                 @classmethod
                 def create(cls, form_data):
                     from rhodecode.lib.auth import get_crypt_password
                     try:
                         new_user = cls()
                         for k, v in form_data.items():
                             if k == 'password':
                                 v = get_crypt_password(v)
                             setattr(new_user, k, v)
                         new_user.api_key = generate_auth_token(form_data['username'])
                         Session.add(new_user)
                         Session.commit()
                         return new_user
                     except:
                         log.error(traceback.format_exc())
                         Session.rollback()
                         raise
             class UserLog(Base, BaseModel):
                 __tablename__ = 'user_logs'
                 __table_args__ = {'extend_existing':True}
                 user_log_id = Column("user_log_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
                 repository_name = Column("repository_name", String(255), nullable=True, unique=None, default=None)
                 user_ip = Column("user_ip", String(255), nullable=True, unique=None, default=None)
                 action = Column("action", String(1200000), nullable=True, unique=None, default=None)
                 action_date = Column("action_date", DateTime(timezone=False), nullable=True, unique=None, default=None)
                 @property
                 def action_as_day(self):
                     return date(*self.action_date.timetuple()[:3])
                 user = relationship('User')
                 repository = relationship('Repository')
             class UserGroup(Base, BaseModel):
                 __tablename__ = 'users_groups'
                 __table_args__ = {'extend_existing':True}
                 users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 users_group_name = Column("users_group_name", String(255), nullable=False, unique=True, default=None)
                 users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None)
                 members = relationship('UserGroupMember', cascade="all, delete, delete-orphan", lazy="joined")
                 def __repr__(self):
                     return '<userGroup(%s)>' % (self.users_group_name)
                 @classmethod
                 def get_by_group_name(cls, group_name, cache=False, case_insensitive=False):
                     if case_insensitive:
                         gr = cls.query()\
                             .filter(cls.users_group_name.ilike(group_name))
                     else:
                         gr = cls.query()\
                             .filter(cls.users_group_name == group_name)
                     if cache:
                         gr = gr.options(FromCache("sql_cache_short",
                                                       "get_user_%s" % group_name))
                     return gr.scalar()
                 @classmethod
                 def get(cls, users_group_id, cache=False):
                     users_group = cls.query()
                     if cache:
                         users_group = users_group.options(FromCache("sql_cache_short",
                                                 "get_users_group_%s" % users_group_id))
                     return users_group.get(users_group_id)
                 @classmethod
                 def create(cls, form_data):
                     try:
                         new_user_group = cls()
                         for k, v in form_data.items():
                             setattr(new_user_group, k, v)
                         Session.add(new_user_group)
                         Session.commit()
                         return new_user_group
                     except:
                         log.error(traceback.format_exc())
                         Session.rollback()
                         raise
                 @classmethod
                 def update(cls, users_group_id, form_data):
                     try:
                         users_group = cls.get(users_group_id, cache=False)
                         for k, v in form_data.items():
                             if k == 'users_group_members':
                                 users_group.members = []
                                 Session.flush()
                                 members_list = []
                                 if v:
                                     v = [v] if isinstance(v, basestring) else v
                                     for u_id in set(v):
                                         member = UserGroupMember(users_group_id, u_id)
                                         members_list.append(member)
                                 setattr(users_group, 'members', members_list)
                             setattr(users_group, k, v)
                         Session.add(users_group)
                         Session.commit()
                     except:
                         log.error(traceback.format_exc())
                         Session.rollback()
                         raise
                 @classmethod
                 def delete(cls, user_group_id):
                     try:
                         # check if this group is not assigned to repo
                         assigned_groups = UserGroupRepoToPerm.query()\
                             .filter(UserGroupRepoToPerm.users_group_id ==
                                     user_group_id).all()
                         if assigned_groups:
                             raise UserGroupAssignedException(
                                 'UserGroup assigned to %s' % assigned_groups)
                         users_group = cls.get(user_group_id, cache=False)
                         Session.delete(users_group)
                         Session.commit()
                     except:
                         log.error(traceback.format_exc())
                         Session.rollback()
                         raise
             class UserGroupMember(Base, BaseModel):
                 __tablename__ = 'users_groups_members'
                 __table_args__ = {'extend_existing':True}
                 users_group_member_id = Column("users_group_member_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 user = relationship('User', lazy='joined')
                 users_group = relationship('UserGroup')
                 def __init__(self, gr_id='', u_id=''):
                     self.users_group_id = gr_id
                     self.user_id = u_id
                 @staticmethod
                 def add_user_to_group(group, user):
                     ugm = UserGroupMember()
                     ugm.users_group = group
                     ugm.user = user
                     Session.add(ugm)
                     Session.commit()
                     return ugm
             class Repository(Base, BaseModel):
                 __tablename__ = 'repositories'
                 __table_args__ = (UniqueConstraint('repo_name'), {'extend_existing':True},)
                 repo_id = Column("repo_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 repo_name = Column("repo_name", String(255), nullable=False, unique=True, default=None)
                 clone_uri = Column("clone_uri", String(255), nullable=True, unique=False, default=None)
                 repo_type = Column("repo_type", String(255), nullable=False, unique=False, default='hg')
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
                 private = Column("private", Boolean(), nullable=True, unique=None, default=None)
                 enable_statistics = Column("statistics", Boolean(), nullable=True, unique=None, default=True)
                 enable_downloads = Column("downloads", Boolean(), nullable=True, unique=None, default=True)
                 description = Column("description", String(10000), nullable=True, unique=None, default=None)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
                 fork_id = Column("fork_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=False, default=None)
                 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=False, default=None)
                 user = relationship('User')
                 fork = relationship('Repository', remote_side=repo_id)
                 group = relationship('RepoGroup')
                 repo_to_perm = relationship('UserRepoToPerm', cascade='all', order_by='UserRepoToPerm.repo_to_perm_id')
                 users_group_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
                 stats = relationship('Statistics', cascade='all', uselist=False)
                 followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id', cascade='all')
                 logs = relationship('UserLog', cascade='all')
                 def __repr__(self):
                     return "<%s('%s:%s')>" % (self.__class__.__name__,
                                               self.repo_id, self.repo_name)
                 @classmethod
                 def url_sep(cls):
                     return '/'
                 @classmethod
                 def get_by_repo_name(cls, repo_name):
                     q = Session.query(cls).filter(cls.repo_name == repo_name)
                     q = q.options(joinedload(Repository.fork))\
                             .options(joinedload(Repository.user))\
                             .options(joinedload(Repository.group))
                     return q.one()
                 @classmethod
                 def get_repo_forks(cls, repo_id):
                     return cls.query().filter(Repository.fork_id == repo_id)
                 @classmethod
                 def base_path(cls):
                     """
                     Returns base path when all repos are stored
                     :param cls:
                     """
                     q = Session.query(RhodeCodeUi).filter(RhodeCodeUi.ui_key ==
                                                           cls.url_sep())
                     q.options(FromCache("sql_cache_short", "repository_repo_path"))
                     return q.one().ui_value
                 @property
                 def just_name(self):
                     return self.repo_name.split(Repository.url_sep())[-1]
                 @property
                 def groups_with_parents(self):
                     groups = []
                     if self.group is None:
                         return groups
                     cur_gr = self.group
                     groups.insert(0, cur_gr)
                     while 1:
                         gr = getattr(cur_gr, 'parent_group', None)
                         cur_gr = cur_gr.parent_group
                         if gr is None:
                             break
                         groups.insert(0, gr)
                     return groups
                 @property
                 def groups_and_repo(self):
                     return self.groups_with_parents, self.just_name
                 @LazyProperty
                 def repo_path(self):
                     """
                     Returns base full path for that repository means where it actually
                     exists on a filesystem
                     """
                     q = Session.query(RhodeCodeUi).filter(RhodeCodeUi.ui_key ==
                                                           Repository.url_sep())
                     q.options(FromCache("sql_cache_short", "repository_repo_path"))
                     return q.one().ui_value
                 @property
                 def repo_full_path(self):
                     p = [self.repo_path]
                     # we need to split the name by / since this is how we store the
                     # names in the database, but that eventually needs to be converted
                     # into a valid system path
                     p += self.repo_name.split(Repository.url_sep())
                     return os.path.join(*p)
                 def get_new_name(self, repo_name):
                     """
                     returns new full repository name based on assigned group and new new
                     :param group_name:
                     """
                     path_prefix = self.group.full_path_splitted if self.group else []
                     return Repository.url_sep().join(path_prefix + [repo_name])
                 @property
                 def _config(self):
                     """
                     Returns db based config object.
                     """
                     from rhodecode.lib.utils import make_db_config
                     return make_db_config(clear_session=False)
                 @classmethod
                 def is_valid(cls, repo_name):
                     """
                     returns True if given repo name is a valid filesystem repository
                     :param cls:
                     :param repo_name:
                     """
                     from rhodecode.lib.utils import is_valid_repo
                     return is_valid_repo(repo_name, cls.base_path())
                 #==========================================================================
                 # SCM PROPERTIES
                 #==========================================================================
                 def get_commit(self, rev):
                     return get_commit_safe(self.scm_instance, rev)
                 @property
                 def tip(self):
                     return self.get_commit('tip')
                 @property
                 def author(self):
                     return self.tip.author
                 @property
                 def last_change(self):
                     return self.scm_instance.last_change
                 #==========================================================================
                 # SCM CACHE INSTANCE
                 #==========================================================================
                 @property
                 def invalidate(self):
                     return CacheInvalidation.invalidate(self.repo_name)
                 def set_invalidate(self):
                     """
                     set a cache for invalidation for this instance
                     """
                     CacheInvalidation.set_invalidate(self.repo_name)
                 @LazyProperty
                 def scm_instance(self):
                     return self.__get_instance()
                 @property
                 def scm_instance_cached(self):
-                    @cache_region('long_term')
+                    return self.__get_instance()
-                    def _c(repo_name):
-                        return self.__get_instance()
-                    rn = self.repo_name
-                    inv = self.invalidate
-                    if inv is not None:
-                        region_invalidate(_c, None, rn)
-                        # update our cache
-                        CacheInvalidation.set_valid(inv.cache_key)
-                    return _c(rn)
                 def __get_instance(self):
                     repo_full_path = self.repo_full_path
                     try:
                         alias = get_scm(repo_full_path)[0]
                         log.debug('Creating instance of %s repository' % alias)
                         backend = get_backend(alias)
                     except VCSError:
                         log.error(traceback.format_exc())
                         log.error('Perhaps this repository is in db and not in '
                                   'filesystem run rescan repositories with '
                                   '"destroy old data " option from admin panel')
                         return
                     if alias == 'hg':
                         repo = backend(safe_str(repo_full_path), create=False,
                                        config=self._config)
                     else:
                         repo = backend(repo_full_path, create=False)
                     return repo
             class Group(Base, BaseModel):
                 __tablename__ = 'groups'
                 __table_args__ = (UniqueConstraint('group_name', 'group_parent_id'),
                                   CheckConstraint('group_id != group_parent_id'), {'extend_existing':True},)
                 __mapper_args__ = {'order_by':'group_name'}
                 group_id = Column("group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 group_name = Column("group_name", String(255), nullable=False, unique=True, default=None)
                 group_parent_id = Column("group_parent_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)
                 group_description = Column("group_description", String(10000), nullable=True, unique=None, default=None)
                 parent_group = relationship('Group', remote_side=group_id)
                 def __init__(self, group_name='', parent_group=None):
                     self.group_name = group_name
                     self.parent_group = parent_group
                 def __repr__(self):
                     return "<%s('%s:%s')>" % (self.__class__.__name__, self.group_id,
                                               self.group_name)
                 @classmethod
                 def url_sep(cls):
                     return '/'
                 @classmethod
                 def get_by_group_name(cls, group_name, cache=False, case_insensitive=False):
                     if case_insensitive:
                         gr = cls.query()\
                             .filter(cls.group_name.ilike(group_name))
                     else:
                         gr = cls.query()\
                             .filter(cls.group_name == group_name)
                     if cache:
                         gr = gr.options(FromCache("sql_cache_short",
                                                       "get_group_%s" % group_name))
                     return gr.scalar()
                 @property
                 def parents(self):
                     parents_recursion_limit = 5
                     groups = []
                     if self.parent_group is None:
                         return groups
                     cur_gr = self.parent_group
                     groups.insert(0, cur_gr)
                     cnt = 0
                     while 1:
                         cnt += 1
                         gr = getattr(cur_gr, 'parent_group', None)
                         cur_gr = cur_gr.parent_group
                         if gr is None:
                             break
                         if cnt == parents_recursion_limit:
                             # this will prevent accidental infinit loops
                             log.error('group nested more than %s' %
                                       parents_recursion_limit)
                             break
                         groups.insert(0, gr)
                     return groups
                 @property
                 def children(self):
                     return Group.query().filter(Group.parent_group == self)
                 @property
                 def name(self):
                     return self.group_name.split(Group.url_sep())[-1]
                 @property
                 def full_path(self):
                     return self.group_name
                 @property
                 def full_path_splitted(self):
                     return self.group_name.split(Group.url_sep())
                 @property
                 def repositories(self):
                     return Repository.query().filter(Repository.group == self)
                 @property
                 def repositories_recursive_count(self):
                     cnt = self.repositories.count()
                     def children_count(group):
                         cnt = 0
                         for child in group.children:
                             cnt += child.repositories.count()
                             cnt += children_count(child)
                         return cnt
                     return cnt + children_count(self)
                 def get_new_name(self, group_name):
                     """
                     returns new full group name based on parent and new name
                     :param group_name:
                     """
                     path_prefix = (self.parent_group.full_path_splitted if
                                    self.parent_group else [])
                     return Group.url_sep().join(path_prefix + [group_name])
             class Permission(Base, BaseModel):
                 __tablename__ = 'permissions'
                 __table_args__ = {'extend_existing':True}
                 permission_id = Column("permission_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 permission_name = Column("permission_name", String(255), nullable=True, unique=None, default=None)
                 permission_longname = Column("permission_longname", String(255), nullable=True, unique=None, default=None)
                 def __repr__(self):
                     return "<%s('%s:%s')>" % (self.__class__.__name__,
                                               self.permission_id, self.permission_name)
                 @classmethod
                 def get_by_key(cls, key):
                     return cls.query().filter(cls.permission_name == key).scalar()
             class UserRepoToPerm(Base, BaseModel):
                 __tablename__ = 'repo_to_perm'
                 __table_args__ = (UniqueConstraint('user_id', 'repository_id'), {'extend_existing':True})
                 repo_to_perm_id = Column("repo_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
                 user = relationship('User')
                 permission = relationship('Permission')
                 repository = relationship('Repository')
             class UserToPerm(Base, BaseModel):
                 __tablename__ = 'user_to_perm'
                 __table_args__ = (UniqueConstraint('user_id', 'permission_id'), {'extend_existing':True})
                 user_to_perm_id = Column("user_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 user = relationship('User')
                 permission = relationship('Permission')
                 @classmethod
                 def has_perm(cls, user_id, perm):
                     if not isinstance(perm, Permission):
                         raise Exception('perm needs to be an instance of Permission class')
                     return cls.query().filter(cls.user_id == user_id)\
                         .filter(cls.permission == perm).scalar() is not None
                 @classmethod
                 def grant_perm(cls, user_id, perm):
                     if not isinstance(perm, Permission):
                         raise Exception('perm needs to be an instance of Permission class')
                     new = cls()
                     new.user_id = user_id
                     new.permission = perm
                     try:
                         Session.add(new)
                         Session.commit()
                     except:
                         Session.rollback()
                 @classmethod
                 def revoke_perm(cls, user_id, perm):
                     if not isinstance(perm, Permission):
                         raise Exception('perm needs to be an instance of Permission class')
                     try:
                         cls.query().filter(cls.user_id == user_id) \
                             .filter(cls.permission == perm).delete()
                         Session.commit()
                     except:
                         Session.rollback()
             class UserGroupRepoToPerm(Base, BaseModel):
                 __tablename__ = 'users_group_repo_to_perm'
                 __table_args__ = (UniqueConstraint('repository_id', 'users_group_id', 'permission_id'), {'extend_existing':True})
                 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
                 users_group = relationship('UserGroup')
                 permission = relationship('Permission')
                 repository = relationship('Repository')
                 def __repr__(self):
                     return '<userGroup:%s => %s >' % (self.users_group, self.repository)
             class UserGroupToPerm(Base, BaseModel):
                 __tablename__ = 'users_group_to_perm'
                 __table_args__ = {'extend_existing':True}
                 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 users_group = relationship('UserGroup')
                 permission = relationship('Permission')
                 @classmethod
                 def has_perm(cls, users_group_id, perm):
                     if not isinstance(perm, Permission):
                         raise Exception('perm needs to be an instance of Permission class')
                     return cls.query().filter(cls.users_group_id ==
                                                      users_group_id)\
                                                      .filter(cls.permission == perm)\
                                                      .scalar() is not None
                 @classmethod
                 def grant_perm(cls, users_group_id, perm):
                     if not isinstance(perm, Permission):
                         raise Exception('perm needs to be an instance of Permission class')
                     new = cls()
                     new.users_group_id = users_group_id
                     new.permission = perm
                     try:
                         Session.add(new)
                         Session.commit()
                     except:
                         Session.rollback()
                 @classmethod
                 def revoke_perm(cls, users_group_id, perm):
                     if not isinstance(perm, Permission):
                         raise Exception('perm needs to be an instance of Permission class')
                     try:
                         cls.query().filter(cls.users_group_id == users_group_id) \
                             .filter(cls.permission == perm).delete()
                         Session.commit()
                     except:
                         Session.rollback()
             class UserRepoGroupToPerm(Base, BaseModel):
                 __tablename__ = 'group_to_perm'
                 __table_args__ = (UniqueConstraint('group_id', 'permission_id'), {'extend_existing':True})
                 group_to_perm_id = Column("group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
                 user = relationship('User')
                 permission = relationship('Permission')
                 group = relationship('RepoGroup')
             class Statistics(Base, BaseModel):
                 __tablename__ = 'statistics'
                 __table_args__ = (UniqueConstraint('repository_id'), {'extend_existing':True})
                 stat_id = Column("stat_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=True, default=None)
                 stat_on_revision = Column("stat_on_revision", Integer(), nullable=False)
                 commit_activity = Column("commit_activity", LargeBinary(1000000), nullable=False)#JSON data
                 commit_activity_combined = Column("commit_activity_combined", LargeBinary(), nullable=False)#JSON data
                 languages = Column("languages", LargeBinary(1000000), nullable=False)#JSON data
                 repository = relationship('Repository', single_parent=True)
             class UserFollowing(Base, BaseModel):
                 __tablename__ = 'user_followings'
                 __table_args__ = (UniqueConstraint('user_id', 'follows_repository_id'),
                                   UniqueConstraint('user_id', 'follows_user_id')
                                   , {'extend_existing':True})
                 user_following_id = Column("user_following_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 follows_repo_id = Column("follows_repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)
                 follows_user_id = Column("follows_user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
                 follows_from = Column('follows_from', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
                 user = relationship('User', primaryjoin='User.user_id==UserFollowing.user_id')
                 follows_user = relationship('User', primaryjoin='User.user_id==UserFollowing.follows_user_id')
                 follows_repository = relationship('Repository', order_by='Repository.repo_name')
                 @classmethod
                 def get_repo_followers(cls, repo_id):
                     return cls.query().filter(cls.follows_repo_id == repo_id)
             class CacheInvalidation(Base, BaseModel):
                 __tablename__ = 'cache_invalidation'
                 __table_args__ = (UniqueConstraint('cache_key'), {'extend_existing':True})
                 cache_id = Column("cache_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 cache_key = Column("cache_key", String(255), nullable=True, unique=None, default=None)
                 cache_args = Column("cache_args", String(255), nullable=True, unique=None, default=None)
                 cache_active = Column("cache_active", Boolean(), nullable=True, unique=None, default=False)
                 def __init__(self, cache_key, cache_args=''):
                     self.cache_key = cache_key
                     self.cache_args = cache_args
                     self.cache_active = False
                 def __repr__(self):
                     return "<%s('%s:%s')>" % (self.__class__.__name__,
                                               self.cache_id, self.cache_key)
                 @classmethod
                 def invalidate(cls, key):
                     """
                     Returns Invalidation object if this given key should be invalidated
                     None otherwise. `cache_active = False` means that this cache
                     state is not valid and needs to be invalidated
                     :param key:
                     """
                     return cls.query()\
                             .filter(CacheInvalidation.cache_key == key)\
                             .filter(CacheInvalidation.cache_active == False)\
                             .scalar()
                 @classmethod
                 def set_invalidate(cls, key):
                     """
                     Mark this Cache key for invalidation
                     :param key:
                     """
                     log.debug('marking %s for invalidation' % key)
                     inv_obj = Session.query(cls)\
                         .filter(cls.cache_key == key).scalar()
                     if inv_obj:
                         inv_obj.cache_active = False
                     else:
                         log.debug('cache key not found in invalidation db -> creating one')
                         inv_obj = CacheInvalidation(key)
                     try:
                         Session.add(inv_obj)
                         Session.commit()
                     except Exception:
                         log.error(traceback.format_exc())
                         Session.rollback()
                 @classmethod
                 def set_valid(cls, key):
                     """
                     Mark this cache key as active and currently cached
                     :param key:
                     """
                     inv_obj = Session.query(CacheInvalidation)\
                         .filter(CacheInvalidation.cache_key == key).scalar()
                     inv_obj.cache_active = True
                     Session.add(inv_obj)
                     Session.commit()
             class DbMigrateVersion(Base, BaseModel):
                 __tablename__ = 'db_migrate_version'
                 __table_args__ = {'extend_existing':True}
                 repository_id = Column('repository_id', String(250), primary_key=True)
                 repository_path = Column('repository_path', Text)
                 version = Column('version', Integer)

rhodecode/lib/dbmigrate/schema/db_1_3_0.py

0 +1 -11

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2018 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import os
             import logging
             import datetime
             import traceback
             from collections import defaultdict
             from sqlalchemy import *
             from sqlalchemy.ext.hybrid import hybrid_property
             from sqlalchemy.orm import relationship, joinedload, class_mapper, validates
             from beaker.cache import cache_region, region_invalidate
             from rhodecode.lib.vcs import get_backend
             from rhodecode.lib.vcs.utils.helpers import get_scm
             from rhodecode.lib.vcs.exceptions import VCSError
             from zope.cachedescriptors.property import Lazy as LazyProperty
             from rhodecode.lib.utils2 import str2bool, safe_str, get_commit_safe, \
                 safe_unicode
             from rhodecode.lib.ext_json import json
             from rhodecode.lib.caching_query import FromCache
             from rhodecode.model.meta import Base, Session
             import hashlib
             log = logging.getLogger(__name__)
             #==============================================================================
             # BASE CLASSES
             #==============================================================================
             _hash_key = lambda k: hashlib.md5(safe_str(k)).hexdigest()
             class ModelSerializer(json.JSONEncoder):
                 """
                 Simple Serializer for JSON,
                 usage::
                     to make object customized for serialization implement a __json__
                     method that will return a dict for serialization into json
                 example::
                     class Task(object):
                         def __init__(self, name, value):
                             self.name = name
                             self.value = value
                         def __json__(self):
                             return dict(name=self.name,
                                         value=self.value)
                 """
                 def default(self, obj):
                     if hasattr(obj, '__json__'):
                         return obj.__json__()
                     else:
                         return json.JSONEncoder.default(self, obj)
             class BaseModel(object):
                 """
                 Base Model for all classess
                 """
                 @classmethod
                 def _get_keys(cls):
                     """return column names for this model """
                     return class_mapper(cls).c.keys()
                 def get_dict(self):
                     """
                     return dict with keys and values corresponding
                     to this model data """
                     d = {}
                     for k in self._get_keys():
                         d[k] = getattr(self, k)
                     # also use __json__() if present to get additional fields
                     for k, val in getattr(self, '__json__', lambda: {})().iteritems():
                         d[k] = val
                     return d
                 def get_appstruct(self):
                     """return list with keys and values tupples corresponding
                     to this model data """
                     l = []
                     for k in self._get_keys():
                         l.append((k, getattr(self, k),))
                     return l
                 def populate_obj(self, populate_dict):
                     """populate model with data from given populate_dict"""
                     for k in self._get_keys():
                         if k in populate_dict:
                             setattr(self, k, populate_dict[k])
                 @classmethod
                 def query(cls):
                     return Session.query(cls)
                 @classmethod
                 def get(cls, id_):
                     if id_:
                         return cls.query().get(id_)
                 @classmethod
                 def getAll(cls):
                     return cls.query().all()
                 @classmethod
                 def delete(cls, id_):
                     obj = cls.query().get(id_)
                     Session.delete(obj)
                 def __repr__(self):
                     if hasattr(self, '__unicode__'):
                         # python repr needs to return str
                         return safe_str(self.__unicode__())
                     return '<DB:%s>' % (self.__class__.__name__)
             class RhodeCodeSetting(Base, BaseModel):
                 __tablename__ = 'rhodecode_settings'
                 __table_args__ = (
                     UniqueConstraint('app_settings_name'),
                     {'extend_existing': True, 'mysql_engine':'InnoDB',
                      'mysql_charset': 'utf8'}
                 )
                 app_settings_id = Column("app_settings_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 app_settings_name = Column("app_settings_name", String(255), nullable=True, unique=None, default=None)
                 _app_settings_value = Column("app_settings_value", String(255), nullable=True, unique=None, default=None)
                 def __init__(self, k='', v=''):
                     self.app_settings_name = k
                     self.app_settings_value = v
                 @validates('_app_settings_value')
                 def validate_settings_value(self, key, val):
                     assert type(val) == unicode
                     return val
                 @hybrid_property
                 def app_settings_value(self):
                     v = self._app_settings_value
                     if self.app_settings_name == 'ldap_active':
                         v = str2bool(v)
                     return v
                 @app_settings_value.setter
                 def app_settings_value(self, val):
                     """
                     Setter that will always make sure we use unicode in app_settings_value
                     :param val:
                     """
                     self._app_settings_value = safe_unicode(val)
                 def __unicode__(self):
                     return u"<%s('%s:%s')>" % (
                         self.__class__.__name__,
                         self.app_settings_name, self.app_settings_value
                     )
                 @classmethod
                 def get_by_name(cls, ldap_key):
                     return cls.query()\
                         .filter(cls.app_settings_name == ldap_key).scalar()
                 @classmethod
                 def get_app_settings(cls, cache=False):
                     ret = cls.query()
                     if cache:
                         ret = ret.options(FromCache("sql_cache_short", "get_hg_settings"))
                     if not ret:
                         raise Exception('Could not get application settings !')
                     settings = {}
                     for each in ret:
                         settings['rhodecode_' + each.app_settings_name] = \
                             each.app_settings_value
                     return settings
                 @classmethod
                 def get_ldap_settings(cls, cache=False):
                     ret = cls.query()\
                             .filter(cls.app_settings_name.startswith('ldap_')).all()
                     fd = {}
                     for row in ret:
                         fd.update({row.app_settings_name:row.app_settings_value})
                     return fd
             class RhodeCodeUi(Base, BaseModel):
                 __tablename__ = 'rhodecode_ui'
                 __table_args__ = (
                     UniqueConstraint('ui_key'),
                     {'extend_existing': True, 'mysql_engine':'InnoDB',
                      'mysql_charset': 'utf8'}
                 )
                 HOOK_REPO_SIZE = 'changegroup.repo_size'
                 HOOK_PUSH = 'pretxnchangegroup.push_logger'
                 HOOK_PULL = 'preoutgoing.pull_logger'
                 ui_id = Column("ui_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 ui_section = Column("ui_section", String(255), nullable=True, unique=None, default=None)
                 ui_key = Column("ui_key", String(255), nullable=True, unique=None, default=None)
                 ui_value = Column("ui_value", String(255), nullable=True, unique=None, default=None)
                 ui_active = Column("ui_active", Boolean(), nullable=True, unique=None, default=True)
                 @classmethod
                 def get_by_key(cls, key):
                     return cls.query().filter(cls.ui_key == key)
                 @classmethod
                 def get_builtin_hooks(cls):
                     q = cls.query()
                     q = q.filter(cls.ui_key.in_([cls.HOOK_REPO_SIZE,
                                                  cls.HOOK_PUSH, cls.HOOK_PULL]))
                     return q.all()
                 @classmethod
                 def get_custom_hooks(cls):
                     q = cls.query()
                     q = q.filter(~cls.ui_key.in_([cls.HOOK_REPO_SIZE,
                                                   cls.HOOK_PUSH, cls.HOOK_PULL]))
                     q = q.filter(cls.ui_section == 'hooks')
                     return q.all()
                 @classmethod
                 def create_or_update_hook(cls, key, val):
                     new_ui = cls.get_by_key(key).scalar() or cls()
                     new_ui.ui_section = 'hooks'
                     new_ui.ui_active = True
                     new_ui.ui_key = key
                     new_ui.ui_value = val
                     Session.add(new_ui)
             class User(Base, BaseModel):
                 __tablename__ = 'users'
                 __table_args__ = (
                     UniqueConstraint('username'), UniqueConstraint('email'),
                     {'extend_existing': True, 'mysql_engine':'InnoDB',
                      'mysql_charset': 'utf8'}
                 )
                 user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 username = Column("username", String(255), nullable=True, unique=None, default=None)
                 password = Column("password", String(255), nullable=True, unique=None, default=None)
                 active = Column("active", Boolean(), nullable=True, unique=None, default=None)
                 admin = Column("admin", Boolean(), nullable=True, unique=None, default=False)
                 name = Column("name", String(255), nullable=True, unique=None, default=None)
                 lastname = Column("lastname", String(255), nullable=True, unique=None, default=None)
                 _email = Column("email", String(255), nullable=True, unique=None, default=None)
                 last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None)
                 ldap_dn = Column("ldap_dn", String(255), nullable=True, unique=None, default=None)
                 api_key = Column("api_key", String(255), nullable=True, unique=None, default=None)
                 user_log = relationship('UserLog', cascade='all')
                 user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all')
                 repositories = relationship('Repository')
                 user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all')
                 repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all')
                 repo_group_to_perm = relationship('UserRepoGroupToPerm', primaryjoin='UserRepoGroupToPerm.user_id==User.user_id', cascade='all')
                 group_member = relationship('UserGroupMember', cascade='all')
                 notifications = relationship('UserNotification', cascade='all')
                 # notifications assigned to this user
                 user_created_notifications = relationship('Notification', cascade='all')
                 # comments created by this user
                 user_comments = relationship('ChangesetComment', cascade='all')
                 @hybrid_property
                 def email(self):
                     return self._email
                 @email.setter
                 def email(self, val):
                     self._email = val.lower() if val else None
                 @property
                 def full_name(self):
                     return '%s %s' % (self.name, self.lastname)
                 @property
                 def full_name_or_username(self):
                     return ('%s %s' % (self.name, self.lastname)
                             if (self.name and self.lastname) else self.username)
                 @property
                 def full_contact(self):
                     return '%s %s <%s>' % (self.name, self.lastname, self.email)
                 @property
                 def short_contact(self):
                     return '%s %s' % (self.name, self.lastname)
                 @property
                 def is_admin(self):
                     return self.admin
                 def __unicode__(self):
                     return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
                                                  self.user_id, self.username)
                 @classmethod
                 def get_by_username(cls, username, case_insensitive=False, cache=False):
                     if case_insensitive:
                         q = cls.query().filter(cls.username.ilike(username))
                     else:
                         q = cls.query().filter(cls.username == username)
                     if cache:
                         q = q.options(FromCache(
                                         "sql_cache_short",
                                         "get_user_%s" % _hash_key(username)
                                       )
                         )
                     return q.scalar()
                 @classmethod
                 def get_by_auth_token(cls, auth_token, cache=False):
                     q = cls.query().filter(cls.api_key == auth_token)
                     if cache:
                         q = q.options(FromCache("sql_cache_short",
                                                 "get_auth_token_%s" % auth_token))
                     return q.scalar()
                 @classmethod
                 def get_by_email(cls, email, case_insensitive=False, cache=False):
                     if case_insensitive:
                         q = cls.query().filter(cls.email.ilike(email))
                     else:
                         q = cls.query().filter(cls.email == email)
                     if cache:
                         q = q.options(FromCache("sql_cache_short",
                                                 "get_auth_token_%s" % email))
                     return q.scalar()
                 def update_lastlogin(self):
                     """Update user lastlogin"""
                     self.last_login = datetime.datetime.now()
                     Session.add(self)
                     log.debug('updated user %s lastlogin' % self.username)
                 def __json__(self):
                     return dict(
                         user_id=self.user_id,
                         first_name=self.name,
                         last_name=self.lastname,
                         email=self.email,
                         full_name=self.full_name,
                         full_name_or_username=self.full_name_or_username,
                         short_contact=self.short_contact,
                         full_contact=self.full_contact
                     )
             class UserLog(Base, BaseModel):
                 __tablename__ = 'user_logs'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine':'InnoDB',
                      'mysql_charset': 'utf8'},
                 )
                 user_log_id = Column("user_log_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True)
                 repository_name = Column("repository_name", String(255), nullable=True, unique=None, default=None)
                 user_ip = Column("user_ip", String(255), nullable=True, unique=None, default=None)
                 action = Column("action", String(1200000), nullable=True, unique=None, default=None)
                 action_date = Column("action_date", DateTime(timezone=False), nullable=True, unique=None, default=None)
                 @property
                 def action_as_day(self):
                     return datetime.date(*self.action_date.timetuple()[:3])
                 user = relationship('User')
                 repository = relationship('Repository', cascade='')
             class UserGroup(Base, BaseModel):
                 __tablename__ = 'users_groups'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine':'InnoDB',
                      'mysql_charset': 'utf8'},
                 )
                 users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 users_group_name = Column("users_group_name", String(255), nullable=False, unique=True, default=None)
                 users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None)
                 members = relationship('UserGroupMember', cascade="all, delete, delete-orphan", lazy="joined")
                 users_group_to_perm = relationship('UserGroupToPerm', cascade='all')
                 users_group_repo_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
                 def __unicode__(self):
                     return u'<userGroup(%s)>' % (self.users_group_name)
                 @classmethod
                 def get_by_group_name(cls, group_name, cache=False,
                                       case_insensitive=False):
                     if case_insensitive:
                         q = cls.query().filter(cls.users_group_name.ilike(group_name))
                     else:
                         q = cls.query().filter(cls.users_group_name == group_name)
                     if cache:
                         q = q.options(FromCache(
                                         "sql_cache_short",
                                         "get_user_%s" % _hash_key(group_name)
                                       )
                         )
                     return q.scalar()
                 @classmethod
                 def get(cls, users_group_id, cache=False):
                     users_group = cls.query()
                     if cache:
                         users_group = users_group.options(FromCache("sql_cache_short",
                                                 "get_users_group_%s" % users_group_id))
                     return users_group.get(users_group_id)
             class UserGroupMember(Base, BaseModel):
                 __tablename__ = 'users_groups_members'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine':'InnoDB',
                      'mysql_charset': 'utf8'},
                 )
                 users_group_member_id = Column("users_group_member_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 user = relationship('User', lazy='joined')
                 users_group = relationship('UserGroup')
                 def __init__(self, gr_id='', u_id=''):
                     self.users_group_id = gr_id
                     self.user_id = u_id
             class Repository(Base, BaseModel):
                 __tablename__ = 'repositories'
                 __table_args__ = (
                     UniqueConstraint('repo_name'),
                     {'extend_existing': True, 'mysql_engine':'InnoDB',
                      'mysql_charset': 'utf8'},
                 )
                 repo_id = Column("repo_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 repo_name = Column("repo_name", String(255), nullable=False, unique=True, default=None)
                 clone_uri = Column("clone_uri", String(255), nullable=True, unique=False, default=None)
                 repo_type = Column("repo_type", String(255), nullable=False, unique=False, default='hg')
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
                 private = Column("private", Boolean(), nullable=True, unique=None, default=None)
                 enable_statistics = Column("statistics", Boolean(), nullable=True, unique=None, default=True)
                 enable_downloads = Column("downloads", Boolean(), nullable=True, unique=None, default=True)
                 description = Column("description", String(10000), nullable=True, unique=None, default=None)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
                 fork_id = Column("fork_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=False, default=None)
                 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=False, default=None)
                 user = relationship('User')
                 fork = relationship('Repository', remote_side=repo_id)
                 group = relationship('RepoGroup')
                 repo_to_perm = relationship('UserRepoToPerm', cascade='all', order_by='UserRepoToPerm.repo_to_perm_id')
                 users_group_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
                 stats = relationship('Statistics', cascade='all', uselist=False)
                 followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id', cascade='all')
                 logs = relationship('UserLog')
                 def __unicode__(self):
                     return u"<%s('%s:%s')>" % (self.__class__.__name__,self.repo_id,
                                                self.repo_name)
                 @classmethod
                 def url_sep(cls):
                     return '/'
                 @classmethod
                 def get_by_repo_name(cls, repo_name):
                     q = Session.query(cls).filter(cls.repo_name == repo_name)
                     q = q.options(joinedload(Repository.fork))\
                             .options(joinedload(Repository.user))\
                             .options(joinedload(Repository.group))
                     return q.scalar()
                 @classmethod
                 def get_repo_forks(cls, repo_id):
                     return cls.query().filter(Repository.fork_id == repo_id)
                 @classmethod
                 def base_path(cls):
                     """
                     Returns base path when all repos are stored
                     :param cls:
                     """
                     q = Session.query(RhodeCodeUi)\
                         .filter(RhodeCodeUi.ui_key == cls.url_sep())
                     q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
                     return q.one().ui_value
                 @property
                 def just_name(self):
                     return self.repo_name.split(Repository.url_sep())[-1]
                 @property
                 def groups_with_parents(self):
                     groups = []
                     if self.group is None:
                         return groups
                     cur_gr = self.group
                     groups.insert(0, cur_gr)
                     while 1:
                         gr = getattr(cur_gr, 'parent_group', None)
                         cur_gr = cur_gr.parent_group
                         if gr is None:
                             break
                         groups.insert(0, gr)
                     return groups
                 @property
                 def groups_and_repo(self):
                     return self.groups_with_parents, self.just_name
                 @LazyProperty
                 def repo_path(self):
                     """
                     Returns base full path for that repository means where it actually
                     exists on a filesystem
                     """
                     q = Session.query(RhodeCodeUi).filter(RhodeCodeUi.ui_key ==
                                                           Repository.url_sep())
                     q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
                     return q.one().ui_value
                 @property
                 def repo_full_path(self):
                     p = [self.repo_path]
                     # we need to split the name by / since this is how we store the
                     # names in the database, but that eventually needs to be converted
                     # into a valid system path
                     p += self.repo_name.split(Repository.url_sep())
                     return os.path.join(*p)
                 def get_new_name(self, repo_name):
                     """
                     returns new full repository name based on assigned group and new new
                     :param group_name:
                     """
                     path_prefix = self.group.full_path_splitted if self.group else []
                     return Repository.url_sep().join(path_prefix + [repo_name])
                 @property
                 def _config(self):
                     """
                     Returns db based config object.
                     """
                     from rhodecode.lib.utils import make_db_config
                     return make_db_config(clear_session=False)
                 @classmethod
                 def is_valid(cls, repo_name):
                     """
                     returns True if given repo name is a valid filesystem repository
                     :param cls:
                     :param repo_name:
                     """
                     from rhodecode.lib.utils import is_valid_repo
                     return is_valid_repo(repo_name, cls.base_path())
                 #==========================================================================
                 # SCM PROPERTIES
                 #==========================================================================
                 def get_commit(self, rev):
                     return get_commit_safe(self.scm_instance, rev)
                 @property
                 def tip(self):
                     return self.get_commit('tip')
                 @property
                 def author(self):
                     return self.tip.author
                 @property
                 def last_change(self):
                     return self.scm_instance.last_change
                 def comments(self, revisions=None):
                     """
                     Returns comments for this repository grouped by revisions
                     :param revisions: filter query by revisions only
                     """
                     cmts = ChangesetComment.query()\
                         .filter(ChangesetComment.repo == self)
                     if revisions:
                         cmts = cmts.filter(ChangesetComment.revision.in_(revisions))
                     grouped = defaultdict(list)
                     for cmt in cmts.all():
                         grouped[cmt.revision].append(cmt)
                     return grouped
                 #==========================================================================
                 # SCM CACHE INSTANCE
                 #==========================================================================
                 @property
                 def invalidate(self):
                     return CacheInvalidation.invalidate(self.repo_name)
                 def set_invalidate(self):
                     """
                     set a cache for invalidation for this instance
                     """
                     CacheInvalidation.set_invalidate(self.repo_name)
                 @LazyProperty
                 def scm_instance(self):
                     return self.__get_instance()
                 @property
                 def scm_instance_cached(self):
-                    @cache_region('long_term')
+                    return self.__get_instance()
-                    def _c(repo_name):
-                        return self.__get_instance()
-                    rn = self.repo_name
-                    log.debug('Getting cached instance of repo')
-                    inv = self.invalidate
-                    if inv is not None:
-                        region_invalidate(_c, None, rn)
-                        # update our cache
-                        CacheInvalidation.set_valid(inv.cache_key)
-                    return _c(rn)
                 def __get_instance(self):
                     repo_full_path = self.repo_full_path
                     try:
                         alias = get_scm(repo_full_path)[0]
                         log.debug('Creating instance of %s repository' % alias)
                         backend = get_backend(alias)
                     except VCSError:
                         log.error(traceback.format_exc())
                         log.error('Perhaps this repository is in db and not in '
                                   'filesystem run rescan repositories with '
                                   '"destroy old data " option from admin panel')
                         return
                     if alias == 'hg':
                         repo = backend(safe_str(repo_full_path), create=False,
                                        config=self._config)
                     else:
                         repo = backend(repo_full_path, create=False)
                     return repo
             class RepoGroup(Base, BaseModel):
                 __tablename__ = 'groups'
                 __table_args__ = (
                     UniqueConstraint('group_name', 'group_parent_id'),
                     CheckConstraint('group_id != group_parent_id'),
                     {'extend_existing': True, 'mysql_engine':'InnoDB',
                      'mysql_charset': 'utf8'},
                 )
                 __mapper_args__ = {'order_by': 'group_name'}
                 group_id = Column("group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 group_name = Column("group_name", String(255), nullable=False, unique=True, default=None)
                 group_parent_id = Column("group_parent_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)
                 group_description = Column("group_description", String(10000), nullable=True, unique=None, default=None)
                 repo_group_to_perm = relationship('UserRepoGroupToPerm', cascade='all', order_by='UserRepoGroupToPerm.group_to_perm_id')
                 users_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')
                 parent_group = relationship('RepoGroup', remote_side=group_id)
                 def __init__(self, group_name='', parent_group=None):
                     self.group_name = group_name
                     self.parent_group = parent_group
                 def __unicode__(self):
                     return u"<%s('%s:%s')>" % (self.__class__.__name__, self.group_id,
                                               self.group_name)
                 @classmethod
                 def url_sep(cls):
                     return '/'
                 @classmethod
                 def get_by_group_name(cls, group_name, cache=False, case_insensitive=False):
                     if case_insensitive:
                         gr = cls.query()\
                             .filter(cls.group_name.ilike(group_name))
                     else:
                         gr = cls.query()\
                             .filter(cls.group_name == group_name)
                     if cache:
                         gr = gr.options(FromCache(
                                         "sql_cache_short",
                                         "get_group_%s" % _hash_key(group_name)
                                         )
                         )
                     return gr.scalar()
                 @property
                 def parents(self):
                     parents_recursion_limit = 5
                     groups = []
                     if self.parent_group is None:
                         return groups
                     cur_gr = self.parent_group
                     groups.insert(0, cur_gr)
                     cnt = 0
                     while 1:
                         cnt += 1
                         gr = getattr(cur_gr, 'parent_group', None)
                         cur_gr = cur_gr.parent_group
                         if gr is None:
                             break
                         if cnt == parents_recursion_limit:
                             # this will prevent accidental infinit loops
                             log.error('group nested more than %s' %
                                       parents_recursion_limit)
                             break
                         groups.insert(0, gr)
                     return groups
                 @property
                 def children(self):
                     return RepoGroup.query().filter(RepoGroup.parent_group == self)
                 @property
                 def name(self):
                     return self.group_name.split(RepoGroup.url_sep())[-1]
                 @property
                 def full_path(self):
                     return self.group_name
                 @property
                 def full_path_splitted(self):
                     return self.group_name.split(RepoGroup.url_sep())
                 @property
                 def repositories(self):
                     return Repository.query()\
                             .filter(Repository.group == self)\
                             .order_by(Repository.repo_name)
                 @property
                 def repositories_recursive_count(self):
                     cnt = self.repositories.count()
                     def children_count(group):
                         cnt = 0
                         for child in group.children:
                             cnt += child.repositories.count()
                             cnt += children_count(child)
                         return cnt
                     return cnt + children_count(self)
                 def get_new_name(self, group_name):
                     """
                     returns new full group name based on parent and new name
                     :param group_name:
                     """
                     path_prefix = (self.parent_group.full_path_splitted if
                                    self.parent_group else [])
                     return RepoGroup.url_sep().join(path_prefix + [group_name])
             class Permission(Base, BaseModel):
                 __tablename__ = 'permissions'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine':'InnoDB',
                      'mysql_charset': 'utf8'},
                 )
                 permission_id = Column("permission_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 permission_name = Column("permission_name", String(255), nullable=True, unique=None, default=None)
                 permission_longname = Column("permission_longname", String(255), nullable=True, unique=None, default=None)
                 def __unicode__(self):
                     return u"<%s('%s:%s')>" % (
                         self.__class__.__name__, self.permission_id, self.permission_name
                     )
                 @classmethod
                 def get_by_key(cls, key):
                     return cls.query().filter(cls.permission_name == key).scalar()
                 @classmethod
                 def get_default_repo_perms(cls, default_user_id):
                     q = Session.query(UserRepoToPerm, Repository, cls)\
                      .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\
                      .join((cls, UserRepoToPerm.permission_id == cls.permission_id))\
                      .filter(UserRepoToPerm.user_id == default_user_id)
                     return q.all()
                 @classmethod
                 def get_default_group_perms(cls, default_user_id):
                     q = Session.query(UserRepoGroupToPerm, RepoGroup, cls)\
                      .join((RepoGroup, UserRepoGroupToPerm.group_id == RepoGroup.group_id))\
                      .join((cls, UserRepoGroupToPerm.permission_id == cls.permission_id))\
                      .filter(UserRepoGroupToPerm.user_id == default_user_id)
                     return q.all()
             class UserRepoToPerm(Base, BaseModel):
                 __tablename__ = 'repo_to_perm'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'repository_id', 'permission_id'),
                     {'extend_existing': True, 'mysql_engine':'InnoDB',
                      'mysql_charset': 'utf8'}
                 )
                 repo_to_perm_id = Column("repo_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
                 user = relationship('User')
                 repository = relationship('Repository')
                 permission = relationship('Permission')
                 @classmethod
                 def create(cls, user, repository, permission):
                     n = cls()
                     n.user = user
                     n.repository = repository
                     n.permission = permission
                     Session.add(n)
                     return n
                 def __unicode__(self):
                     return u'<user:%s => %s >' % (self.user, self.repository)
             class UserToPerm(Base, BaseModel):
                 __tablename__ = 'user_to_perm'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'permission_id'),
                     {'extend_existing': True, 'mysql_engine':'InnoDB',
                      'mysql_charset': 'utf8'}
                 )
                 user_to_perm_id = Column("user_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 user = relationship('User')
                 permission = relationship('Permission', lazy='joined')
             class UserGroupRepoToPerm(Base, BaseModel):
                 __tablename__ = 'users_group_repo_to_perm'
                 __table_args__ = (
                     UniqueConstraint('repository_id', 'users_group_id', 'permission_id'),
                     {'extend_existing': True, 'mysql_engine':'InnoDB',
                      'mysql_charset': 'utf8'}
                 )
                 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
                 users_group = relationship('UserGroup')
                 permission = relationship('Permission')
                 repository = relationship('Repository')
                 @classmethod
                 def create(cls, users_group, repository, permission):
                     n = cls()
                     n.users_group = users_group
                     n.repository = repository
                     n.permission = permission
                     Session.add(n)
                     return n
                 def __unicode__(self):
                     return u'<userGroup:%s => %s >' % (self.users_group, self.repository)
             class UserGroupToPerm(Base, BaseModel):
                 __tablename__ = 'users_group_to_perm'
                 __table_args__ = (
                     UniqueConstraint('users_group_id', 'permission_id',),
                     {'extend_existing': True, 'mysql_engine':'InnoDB',
                      'mysql_charset': 'utf8'}
                 )
                 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 users_group = relationship('UserGroup')
                 permission = relationship('Permission')
             class UserRepoGroupToPerm(Base, BaseModel):
                 __tablename__ = 'user_repo_group_to_perm'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'group_id', 'permission_id'),
                     {'extend_existing': True, 'mysql_engine':'InnoDB',
                      'mysql_charset': 'utf8'}
                 )
                 group_to_perm_id = Column("group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 user = relationship('User')
                 group = relationship('RepoGroup')
                 permission = relationship('Permission')
             class UserGroupRepoGroupToPerm(Base, BaseModel):
                 __tablename__ = 'users_group_repo_group_to_perm'
                 __table_args__ = (
                     UniqueConstraint('users_group_id', 'group_id'),
                     {'extend_existing': True, 'mysql_engine':'InnoDB',
                      'mysql_charset': 'utf8'}
                 )
                 users_group_repo_group_to_perm_id = Column("users_group_repo_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 users_group = relationship('UserGroup')
                 permission = relationship('Permission')
                 group = relationship('RepoGroup')
             class Statistics(Base, BaseModel):
                 __tablename__ = 'statistics'
                 __table_args__ = (
                      UniqueConstraint('repository_id'),
                      {'extend_existing': True, 'mysql_engine':'InnoDB',
                       'mysql_charset': 'utf8'}
                 )
                 stat_id = Column("stat_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=True, default=None)
                 stat_on_revision = Column("stat_on_revision", Integer(), nullable=False)
                 commit_activity = Column("commit_activity", LargeBinary(1000000), nullable=False)#JSON data
                 commit_activity_combined = Column("commit_activity_combined", LargeBinary(), nullable=False)#JSON data
                 languages = Column("languages", LargeBinary(1000000), nullable=False)#JSON data
                 repository = relationship('Repository', single_parent=True)
             class UserFollowing(Base, BaseModel):
                 __tablename__ = 'user_followings'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'follows_repository_id'),
                     UniqueConstraint('user_id', 'follows_user_id'),
                     {'extend_existing': True, 'mysql_engine':'InnoDB',
                      'mysql_charset': 'utf8'}
                 )
                 user_following_id = Column("user_following_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 follows_repo_id = Column("follows_repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)
                 follows_user_id = Column("follows_user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
                 follows_from = Column('follows_from', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
                 user = relationship('User', primaryjoin='User.user_id==UserFollowing.user_id')
                 follows_user = relationship('User', primaryjoin='User.user_id==UserFollowing.follows_user_id')
                 follows_repository = relationship('Repository', order_by='Repository.repo_name')
                 @classmethod
                 def get_repo_followers(cls, repo_id):
                     return cls.query().filter(cls.follows_repo_id == repo_id)
             class CacheInvalidation(Base, BaseModel):
                 __tablename__ = 'cache_invalidation'
                 __table_args__ = (
                     UniqueConstraint('cache_key'),
                     {'extend_existing': True, 'mysql_engine':'InnoDB',
                      'mysql_charset': 'utf8'},
                 )
                 cache_id = Column("cache_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 cache_key = Column("cache_key", String(255), nullable=True, unique=None, default=None)
                 cache_args = Column("cache_args", String(255), nullable=True, unique=None, default=None)
                 cache_active = Column("cache_active", Boolean(), nullable=True, unique=None, default=False)
                 def __init__(self, cache_key, cache_args=''):
                     self.cache_key = cache_key
                     self.cache_args = cache_args
                     self.cache_active = False
                 def __unicode__(self):
                     return u"<%s('%s:%s')>" % (self.__class__.__name__,
                                               self.cache_id, self.cache_key)
                 @classmethod
                 def _get_key(cls, key):
                     """
                     Wrapper for generating a key, together with a prefix
                     :param key:
                     """
                     import rhodecode
                     prefix = ''
                     iid = rhodecode.CONFIG.get('instance_id')
                     if iid:
                         prefix = iid
                     return "%s%s" % (prefix, key), prefix, key.rstrip('_README')
                 @classmethod
                 def get_by_key(cls, key):
                     return cls.query().filter(cls.cache_key == key).scalar()
                 @classmethod
                 def _get_or_create_key(cls, key, prefix, org_key):
                     inv_obj = Session.query(cls).filter(cls.cache_key == key).scalar()
                     if not inv_obj:
                         try:
                             inv_obj = CacheInvalidation(key, org_key)
                             Session.add(inv_obj)
                             Session.commit()
                         except Exception:
                             log.error(traceback.format_exc())
                             Session.rollback()
                     return inv_obj
                 @classmethod
                 def invalidate(cls, key):
                     """
                     Returns Invalidation object if this given key should be invalidated
                     None otherwise. `cache_active = False` means that this cache
                     state is not valid and needs to be invalidated
                     :param key:
                     """
                     key, _prefix, _org_key = cls._get_key(key)
                     inv = cls._get_or_create_key(key, _prefix, _org_key)
                     if inv and inv.cache_active is False:
                         return inv
                 @classmethod
                 def set_invalidate(cls, key):
                     """
                     Mark this Cache key for invalidation
                     :param key:
                     """
                     key, _prefix, _org_key = cls._get_key(key)
                     inv_objs = Session.query(cls).filter(cls.cache_args == _org_key).all()
                     log.debug('marking %s key[s] %s for invalidation' % (len(inv_objs),
                                                                          _org_key))
                     try:
                         for inv_obj in inv_objs:
                             if inv_obj:
                                 inv_obj.cache_active = False
                             Session.add(inv_obj)
                         Session.commit()
                     except Exception:
                         log.error(traceback.format_exc())
                         Session.rollback()
                 @classmethod
                 def set_valid(cls, key):
                     """
                     Mark this cache key as active and currently cached
                     :param key:
                     """
                     inv_obj = cls.get_by_key(key)
                     inv_obj.cache_active = True
                     Session.add(inv_obj)
                     Session.commit()
             class ChangesetComment(Base, BaseModel):
                 __tablename__ = 'changeset_comments'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine':'InnoDB',
                      'mysql_charset': 'utf8'},
                 )
                 comment_id = Column('comment_id', Integer(), nullable=False, primary_key=True)
                 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
                 revision = Column('revision', String(40), nullable=False)
                 line_no = Column('line_no', Unicode(10), nullable=True)
                 f_path = Column('f_path', Unicode(1000), nullable=True)
                 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
                 text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False)
                 modified_at = Column('modified_at', DateTime(), nullable=False, default=datetime.datetime.now)
                 author = relationship('User', lazy='joined')
                 repo = relationship('Repository')
                 @classmethod
                 def get_users(cls, revision):
                     """
                     Returns user associated with this changesetComment. ie those
                     who actually commented
                     :param cls:
                     :param revision:
                     """
                     return Session.query(User)\
                             .filter(cls.revision == revision)\
                             .join(ChangesetComment.author).all()
             class Notification(Base, BaseModel):
                 __tablename__ = 'notifications'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine':'InnoDB',
                      'mysql_charset': 'utf8'},
                 )
                 TYPE_CHANGESET_COMMENT = u'cs_comment'
                 TYPE_MESSAGE = u'message'
                 TYPE_MENTION = u'mention'
                 TYPE_REGISTRATION = u'registration'
                 notification_id = Column('notification_id', Integer(), nullable=False, primary_key=True)
                 subject = Column('subject', Unicode(512), nullable=True)
                 body = Column('body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True)
                 created_by = Column("created_by", Integer(), ForeignKey('users.user_id'), nullable=True)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 type_ = Column('type', Unicode(256))
                 created_by_user = relationship('User')
                 notifications_to_users = relationship('UserNotification', lazy='joined',
                                                       cascade="all, delete, delete-orphan")
                 @property
                 def recipients(self):
                     return [x.user for x in UserNotification.query()\
                             .filter(UserNotification.notification == self).all()]
                 @classmethod
                 def create(cls, created_by, subject, body, recipients, type_=None):
                     if type_ is None:
                         type_ = Notification.TYPE_MESSAGE
                     notification = cls()
                     notification.created_by_user = created_by
                     notification.subject = subject
                     notification.body = body
                     notification.type_ = type_
                     notification.created_on = datetime.datetime.now()
                     for u in recipients:
                         assoc = UserNotification()
                         assoc.notification = notification
                         u.notifications.append(assoc)
                     Session.add(notification)
                     return notification
                 @property
                 def description(self):
                     from rhodecode.model.notification import NotificationModel
                     return NotificationModel().make_description(self)
             class UserNotification(Base, BaseModel):
                 __tablename__ = 'user_to_notification'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'notification_id'),
                     {'extend_existing': True, 'mysql_engine':'InnoDB',
                      'mysql_charset': 'utf8'}
                 )
                 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
                 notification_id = Column("notification_id", Integer(), ForeignKey('notifications.notification_id'), primary_key=True)
                 read = Column('read', Boolean, default=False)
                 sent_on = Column('sent_on', DateTime(timezone=False), nullable=True, unique=None)
                 user = relationship('User', lazy="joined")
                 notification = relationship('Notification', lazy="joined",
                                             order_by=lambda: Notification.created_on.desc(),)
                 def mark_as_read(self):
                     self.read = True
                     Session.add(self)
             class DbMigrateVersion(Base, BaseModel):
                 __tablename__ = 'db_migrate_version'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine':'InnoDB',
                      'mysql_charset': 'utf8'},
                 )
                 repository_id = Column('repository_id', String(250), primary_key=True)
                 repository_path = Column('repository_path', Text)
                 version = Column('version', Integer)
             ## this is migration from 1_4_0, but now it's here to overcome a problem of
             ## attaching a FK to this from 1_3_0 !
             class PullRequest(Base, BaseModel):
                 __tablename__ = 'pull_requests'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8'},
                 )
                 STATUS_NEW = u'new'
                 STATUS_OPEN = u'open'
                 STATUS_CLOSED = u'closed'
                 pull_request_id = Column('pull_request_id', Integer(), nullable=False, primary_key=True)
                 title = Column('title', Unicode(256), nullable=True)
                 description = Column('description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'), nullable=True)
                 status = Column('status', Unicode(256), nullable=False, default=STATUS_NEW)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 updated_on = Column('updated_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None)
                 _revisions = Column('revisions', UnicodeText().with_variant(UnicodeText(20500), 'mysql'))  # 500 revisions max
                 org_repo_id = Column('org_repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
                 org_ref = Column('org_ref', Unicode(256), nullable=False)
                 other_repo_id = Column('other_repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
                 other_ref = Column('other_ref', Unicode(256), nullable=False)

rhodecode/lib/dbmigrate/schema/db_4_11_0_0.py

0 +1 -33

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2018 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             Database Models for RhodeCode Enterprise
             """
             import re
             import os
             import time
             import hashlib
             import logging
             import datetime
             import warnings
             import ipaddress
             import functools
             import traceback
             import collections
             from sqlalchemy import (
                 or_, and_, not_, func, TypeDecorator, event,
                 Index, Sequence, UniqueConstraint, ForeignKey, CheckConstraint, Column,
                 Boolean, String, Unicode, UnicodeText, DateTime, Integer, LargeBinary,
                 Text, Float, PickleType)
             from sqlalchemy.sql.expression import true, false
             from sqlalchemy.sql.functions import coalesce, count  # noqa
             from sqlalchemy.orm import (
                 relationship, joinedload, class_mapper, validates, aliased)
             from sqlalchemy.ext.declarative import declared_attr
             from sqlalchemy.ext.hybrid import hybrid_property
             from sqlalchemy.exc import IntegrityError  # noqa
             from sqlalchemy.dialects.mysql import LONGTEXT
             from beaker.cache import cache_region
             from zope.cachedescriptors.property import Lazy as LazyProperty
             from pyramid.threadlocal import get_current_request
             from rhodecode.translation import _
             from rhodecode.lib.vcs import get_vcs_instance
             from rhodecode.lib.vcs.backends.base import EmptyCommit, Reference
             from rhodecode.lib.utils2 import (
                 str2bool, safe_str, get_commit_safe, safe_unicode, md5_safe,
                 time_to_datetime, aslist, Optional, safe_int, get_clone_url, AttributeDict,
                 glob2re, StrictAttributeDict, cleaned_uri)
             from rhodecode.lib.jsonalchemy import MutationObj, MutationList, JsonType, \
                 JsonRaw
             from rhodecode.lib.ext_json import json
             from rhodecode.lib.caching_query import FromCache
             from rhodecode.lib.encrypt import AESCipher
             from rhodecode.model.meta import Base, Session
             URL_SEP = '/'
             log = logging.getLogger(__name__)
             # =============================================================================
             # BASE CLASSES
             # =============================================================================
             # this is propagated from .ini file rhodecode.encrypted_values.secret or
             # beaker.session.secret if first is not set.
             # and initialized at environment.py
             ENCRYPTION_KEY = None
             # used to sort permissions by types, '#' used here is not allowed to be in
             # usernames, and it's very early in sorted string.printable table.
             PERMISSION_TYPE_SORT = {
                 'admin': '####',
                 'write': '###',
                 'read':  '##',
                 'none':  '#',
             }
             def display_user_sort(obj):
                 """
                 Sort function used to sort permissions in .permissions() function of
                 Repository, RepoGroup, UserGroup. Also it put the default user in front
                 of all other resources
                 """
                 if obj.username == User.DEFAULT_USER:
                     return '#####'
                 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
                 return prefix + obj.username
             def display_user_group_sort(obj):
                 """
                 Sort function used to sort permissions in .permissions() function of
                 Repository, RepoGroup, UserGroup. Also it put the default user in front
                 of all other resources
                 """
                 prefix = PERMISSION_TYPE_SORT.get(obj.permission.split('.')[-1], '')
                 return prefix + obj.users_group_name
             def _hash_key(k):
                 return md5_safe(k)
             def in_filter_generator(qry, items, limit=500):
                 """
                 Splits IN() into multiple with OR
                 e.g.::
                 cnt = Repository.query().filter(
                     or_(
                         *in_filter_generator(Repository.repo_id, range(100000))
                     )).count()
                 """
                 if not items:
                     # empty list will cause empty query which might cause security issues
                     # this can lead to hidden unpleasant results
                     items = [-1]
                 parts = []
                 for chunk in xrange(0, len(items), limit):
                     parts.append(
                         qry.in_(items[chunk: chunk + limit])
                     )
                 return parts
             class EncryptedTextValue(TypeDecorator):
                 """
                 Special column for encrypted long text data, use like::
                     value = Column("encrypted_value", EncryptedValue(), nullable=False)
                 This column is intelligent so if value is in unencrypted form it return
                 unencrypted form, but on save it always encrypts
                 """
                 impl = Text
                 def process_bind_param(self, value, dialect):
                     if not value:
                         return value
                     if value.startswith('enc$aes$') or value.startswith('enc$aes_hmac$'):
                         # protect against double encrypting if someone manually starts
                         # doing
                         raise ValueError('value needs to be in unencrypted format, ie. '
                                          'not starting with enc$aes')
                     return 'enc$aes_hmac$%s' % AESCipher(
                         ENCRYPTION_KEY, hmac=True).encrypt(value)
                 def process_result_value(self, value, dialect):
                     import rhodecode
                     if not value:
                         return value
                     parts = value.split('$', 3)
                     if not len(parts) == 3:
                         # probably not encrypted values
                         return value
                     else:
                         if parts[0] != 'enc':
                             # parts ok but without our header ?
                             return value
                         enc_strict_mode = str2bool(rhodecode.CONFIG.get(
                             'rhodecode.encrypted_values.strict') or True)
                         # at that stage we know it's our encryption
                         if parts[1] == 'aes':
                             decrypted_data = AESCipher(ENCRYPTION_KEY).decrypt(parts[2])
                         elif parts[1] == 'aes_hmac':
                             decrypted_data = AESCipher(
                                 ENCRYPTION_KEY, hmac=True,
                                 strict_verification=enc_strict_mode).decrypt(parts[2])
                         else:
                             raise ValueError(
                                 'Encryption type part is wrong, must be `aes` '
                                 'or `aes_hmac`, got `%s` instead' % (parts[1]))
                         return decrypted_data
             class BaseModel(object):
                 """
                 Base Model for all classes
                 """
                 @classmethod
                 def _get_keys(cls):
                     """return column names for this model """
                     return class_mapper(cls).c.keys()
                 def get_dict(self):
                     """
                     return dict with keys and values corresponding
                     to this model data """
                     d = {}
                     for k in self._get_keys():
                         d[k] = getattr(self, k)
                     # also use __json__() if present to get additional fields
                     _json_attr = getattr(self, '__json__', None)
                     if _json_attr:
                         # update with attributes from __json__
                         if callable(_json_attr):
                             _json_attr = _json_attr()
                         for k, val in _json_attr.iteritems():
                             d[k] = val
                     return d
                 def get_appstruct(self):
                     """return list with keys and values tuples corresponding
                     to this model data """
                     lst = []
                     for k in self._get_keys():
                         lst.append((k, getattr(self, k),))
                     return lst
                 def populate_obj(self, populate_dict):
                     """populate model with data from given populate_dict"""
                     for k in self._get_keys():
                         if k in populate_dict:
                             setattr(self, k, populate_dict[k])
                 @classmethod
                 def query(cls):
                     return Session().query(cls)
                 @classmethod
                 def get(cls, id_):
                     if id_:
                         return cls.query().get(id_)
                 @classmethod
                 def get_or_404(cls, id_):
                     from pyramid.httpexceptions import HTTPNotFound
                     try:
                         id_ = int(id_)
                     except (TypeError, ValueError):
                         raise HTTPNotFound()
                     res = cls.query().get(id_)
                     if not res:
                         raise HTTPNotFound()
                     return res
                 @classmethod
                 def getAll(cls):
                     # deprecated and left for backward compatibility
                     return cls.get_all()
                 @classmethod
                 def get_all(cls):
                     return cls.query().all()
                 @classmethod
                 def delete(cls, id_):
                     obj = cls.query().get(id_)
                     Session().delete(obj)
                 @classmethod
                 def identity_cache(cls, session, attr_name, value):
                     exist_in_session = []
                     for (item_cls, pkey), instance in session.identity_map.items():
                         if cls == item_cls and getattr(instance, attr_name) == value:
                             exist_in_session.append(instance)
                     if exist_in_session:
                         if len(exist_in_session) == 1:
                             return exist_in_session[0]
                         log.exception(
                             'multiple objects with attr %s and '
                             'value %s found with same name: %r',
                             attr_name, value, exist_in_session)
                 def __repr__(self):
                     if hasattr(self, '__unicode__'):
                         # python repr needs to return str
                         try:
                             return safe_str(self.__unicode__())
                         except UnicodeDecodeError:
                             pass
                     return '<DB:%s>' % (self.__class__.__name__)
             class RhodeCodeSetting(Base, BaseModel):
                 __tablename__ = 'rhodecode_settings'
                 __table_args__ = (
                     UniqueConstraint('app_settings_name'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 SETTINGS_TYPES = {
                     'str': safe_str,
                     'int': safe_int,
                     'unicode': safe_unicode,
                     'bool': str2bool,
                     'list': functools.partial(aslist, sep=',')
                 }
                 DEFAULT_UPDATE_URL = 'https://rhodecode.com/api/v1/info/versions'
                 GLOBAL_CONF_KEY = 'app_settings'
                 app_settings_id = Column("app_settings_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 app_settings_name = Column("app_settings_name", String(255), nullable=True, unique=None, default=None)
                 _app_settings_value = Column("app_settings_value", String(4096), nullable=True, unique=None, default=None)
                 _app_settings_type = Column("app_settings_type", String(255), nullable=True, unique=None, default=None)
                 def __init__(self, key='', val='', type='unicode'):
                     self.app_settings_name = key
                     self.app_settings_type = type
                     self.app_settings_value = val
                 @validates('_app_settings_value')
                 def validate_settings_value(self, key, val):
                     assert type(val) == unicode
                     return val
                 @hybrid_property
                 def app_settings_value(self):
                     v = self._app_settings_value
                     _type = self.app_settings_type
                     if _type:
                         _type = self.app_settings_type.split('.')[0]
                         # decode the encrypted value
                         if 'encrypted' in self.app_settings_type:
                             cipher = EncryptedTextValue()
                             v = safe_unicode(cipher.process_result_value(v, None))
                     converter = self.SETTINGS_TYPES.get(_type) or \
                         self.SETTINGS_TYPES['unicode']
                     return converter(v)
                 @app_settings_value.setter
                 def app_settings_value(self, val):
                     """
                     Setter that will always make sure we use unicode in app_settings_value
                     :param val:
                     """
                     val = safe_unicode(val)
                     # encode the encrypted value
                     if 'encrypted' in self.app_settings_type:
                         cipher = EncryptedTextValue()
                         val = safe_unicode(cipher.process_bind_param(val, None))
                     self._app_settings_value = val
                 @hybrid_property
                 def app_settings_type(self):
                     return self._app_settings_type
                 @app_settings_type.setter
                 def app_settings_type(self, val):
                     if val.split('.')[0] not in self.SETTINGS_TYPES:
                         raise Exception('type must be one of %s got %s'
                                         % (self.SETTINGS_TYPES.keys(), val))
                     self._app_settings_type = val
                 def __unicode__(self):
                     return u"<%s('%s:%s[%s]')>" % (
                         self.__class__.__name__,
                         self.app_settings_name, self.app_settings_value,
                         self.app_settings_type
                     )
             class RhodeCodeUi(Base, BaseModel):
                 __tablename__ = 'rhodecode_ui'
                 __table_args__ = (
                     UniqueConstraint('ui_key'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 HOOK_REPO_SIZE = 'changegroup.repo_size'
                 # HG
                 HOOK_PRE_PULL = 'preoutgoing.pre_pull'
                 HOOK_PULL = 'outgoing.pull_logger'
                 HOOK_PRE_PUSH = 'prechangegroup.pre_push'
                 HOOK_PRETX_PUSH = 'pretxnchangegroup.pre_push'
                 HOOK_PUSH = 'changegroup.push_logger'
                 HOOK_PUSH_KEY = 'pushkey.key_push'
                 # TODO: johbo: Unify way how hooks are configured for git and hg,
                 # git part is currently hardcoded.
                 # SVN PATTERNS
                 SVN_BRANCH_ID = 'vcs_svn_branch'
                 SVN_TAG_ID = 'vcs_svn_tag'
                 ui_id = Column(
                     "ui_id", Integer(), nullable=False, unique=True, default=None,
                     primary_key=True)
                 ui_section = Column(
                     "ui_section", String(255), nullable=True, unique=None, default=None)
                 ui_key = Column(
                     "ui_key", String(255), nullable=True, unique=None, default=None)
                 ui_value = Column(
                     "ui_value", String(255), nullable=True, unique=None, default=None)
                 ui_active = Column(
                     "ui_active", Boolean(), nullable=True, unique=None, default=True)
                 def __repr__(self):
                     return '<%s[%s]%s=>%s]>' % (self.__class__.__name__, self.ui_section,
                                                 self.ui_key, self.ui_value)
             class RepoRhodeCodeSetting(Base, BaseModel):
                 __tablename__ = 'repo_rhodecode_settings'
                 __table_args__ = (
                     UniqueConstraint(
                         'app_settings_name', 'repository_id',
                         name='uq_repo_rhodecode_setting_name_repo_id'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 repository_id = Column(
                     "repository_id", Integer(), ForeignKey('repositories.repo_id'),
                     nullable=False)
                 app_settings_id = Column(
                     "app_settings_id", Integer(), nullable=False, unique=True,
                     default=None, primary_key=True)
                 app_settings_name = Column(
                     "app_settings_name", String(255), nullable=True, unique=None,
                     default=None)
                 _app_settings_value = Column(
                     "app_settings_value", String(4096), nullable=True, unique=None,
                     default=None)
                 _app_settings_type = Column(
                     "app_settings_type", String(255), nullable=True, unique=None,
                     default=None)
                 repository = relationship('Repository')
                 def __init__(self, repository_id, key='', val='', type='unicode'):
                     self.repository_id = repository_id
                     self.app_settings_name = key
                     self.app_settings_type = type
                     self.app_settings_value = val
                 @validates('_app_settings_value')
                 def validate_settings_value(self, key, val):
                     assert type(val) == unicode
                     return val
                 @hybrid_property
                 def app_settings_value(self):
                     v = self._app_settings_value
                     type_ = self.app_settings_type
                     SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
                     converter = SETTINGS_TYPES.get(type_) or SETTINGS_TYPES['unicode']
                     return converter(v)
                 @app_settings_value.setter
                 def app_settings_value(self, val):
                     """
                     Setter that will always make sure we use unicode in app_settings_value
                     :param val:
                     """
                     self._app_settings_value = safe_unicode(val)
                 @hybrid_property
                 def app_settings_type(self):
                     return self._app_settings_type
                 @app_settings_type.setter
                 def app_settings_type(self, val):
                     SETTINGS_TYPES = RhodeCodeSetting.SETTINGS_TYPES
                     if val not in SETTINGS_TYPES:
                         raise Exception('type must be one of %s got %s'
                                         % (SETTINGS_TYPES.keys(), val))
                     self._app_settings_type = val
                 def __unicode__(self):
                     return u"<%s('%s:%s:%s[%s]')>" % (
                         self.__class__.__name__, self.repository.repo_name,
                         self.app_settings_name, self.app_settings_value,
                         self.app_settings_type
                     )
             class RepoRhodeCodeUi(Base, BaseModel):
                 __tablename__ = 'repo_rhodecode_ui'
                 __table_args__ = (
                     UniqueConstraint(
                         'repository_id', 'ui_section', 'ui_key',
                         name='uq_repo_rhodecode_ui_repository_id_section_key'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 repository_id = Column(
                     "repository_id", Integer(), ForeignKey('repositories.repo_id'),
                     nullable=False)
                 ui_id = Column(
                     "ui_id", Integer(), nullable=False, unique=True, default=None,
                     primary_key=True)
                 ui_section = Column(
                     "ui_section", String(255), nullable=True, unique=None, default=None)
                 ui_key = Column(
                     "ui_key", String(255), nullable=True, unique=None, default=None)
                 ui_value = Column(
                     "ui_value", String(255), nullable=True, unique=None, default=None)
                 ui_active = Column(
                     "ui_active", Boolean(), nullable=True, unique=None, default=True)
                 repository = relationship('Repository')
                 def __repr__(self):
                     return '<%s[%s:%s]%s=>%s]>' % (
                         self.__class__.__name__, self.repository.repo_name,
                         self.ui_section, self.ui_key, self.ui_value)
             class User(Base, BaseModel):
                 __tablename__ = 'users'
                 __table_args__ = (
                     UniqueConstraint('username'), UniqueConstraint('email'),
                     Index('u_username_idx', 'username'),
                     Index('u_email_idx', 'email'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 DEFAULT_USER = 'default'
                 DEFAULT_USER_EMAIL = 'anonymous@rhodecode.org'
                 DEFAULT_GRAVATAR_URL = 'https://secure.gravatar.com/avatar/{md5email}?d=identicon&s={size}'
                 user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 username = Column("username", String(255), nullable=True, unique=None, default=None)
                 password = Column("password", String(255), nullable=True, unique=None, default=None)
                 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
                 admin = Column("admin", Boolean(), nullable=True, unique=None, default=False)
                 name = Column("firstname", String(255), nullable=True, unique=None, default=None)
                 lastname = Column("lastname", String(255), nullable=True, unique=None, default=None)
                 _email = Column("email", String(255), nullable=True, unique=None, default=None)
                 last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None)
                 last_activity = Column('last_activity', DateTime(timezone=False), nullable=True, unique=None, default=None)
                 extern_type = Column("extern_type", String(255), nullable=True, unique=None, default=None)
                 extern_name = Column("extern_name", String(255), nullable=True, unique=None, default=None)
                 _api_key = Column("api_key", String(255), nullable=True, unique=None, default=None)
                 inherit_default_permissions = Column("inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 _user_data = Column("user_data", LargeBinary(), nullable=True)  # JSON data
                 user_log = relationship('UserLog')
                 user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all')
                 repositories = relationship('Repository')
                 repository_groups = relationship('RepoGroup')
                 user_groups = relationship('UserGroup')
                 user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all')
                 followings = relationship('UserFollowing', primaryjoin='UserFollowing.user_id==User.user_id', cascade='all')
                 repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all')
                 repo_group_to_perm = relationship('UserRepoGroupToPerm', primaryjoin='UserRepoGroupToPerm.user_id==User.user_id', cascade='all')
                 user_group_to_perm = relationship('UserUserGroupToPerm', primaryjoin='UserUserGroupToPerm.user_id==User.user_id', cascade='all')
                 group_member = relationship('UserGroupMember', cascade='all')
                 notifications = relationship('UserNotification', cascade='all')
                 # notifications assigned to this user
                 user_created_notifications = relationship('Notification', cascade='all')
                 # comments created by this user
                 user_comments = relationship('ChangesetComment', cascade='all')
                 # user profile extra info
                 user_emails = relationship('UserEmailMap', cascade='all')
                 user_ip_map = relationship('UserIpMap', cascade='all')
                 user_auth_tokens = relationship('UserApiKeys', cascade='all')
                 user_ssh_keys = relationship('UserSshKeys', cascade='all')
                 # gists
                 user_gists = relationship('Gist', cascade='all')
                 # user pull requests
                 user_pull_requests = relationship('PullRequest', cascade='all')
                 # external identities
                 extenal_identities = relationship(
                     'ExternalIdentity',
                     primaryjoin="User.user_id==ExternalIdentity.local_user_id",
                     cascade='all')
                 # review rules
                 user_review_rules = relationship('RepoReviewRuleUser', cascade='all')
                 def __unicode__(self):
                     return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
                                                   self.user_id, self.username)
                 @hybrid_property
                 def email(self):
                     return self._email
                 @email.setter
                 def email(self, val):
                     self._email = val.lower() if val else None
                 @hybrid_property
                 def first_name(self):
                     from rhodecode.lib import helpers as h
                     if self.name:
                         return h.escape(self.name)
                     return self.name
                 @hybrid_property
                 def last_name(self):
                     from rhodecode.lib import helpers as h
                     if self.lastname:
                         return h.escape(self.lastname)
                     return self.lastname
                 @hybrid_property
                 def api_key(self):
                     """
                     Fetch if exist an auth-token with role ALL connected to this user
                     """
                     user_auth_token = UserApiKeys.query()\
                         .filter(UserApiKeys.user_id == self.user_id)\
                         .filter(or_(UserApiKeys.expires == -1,
                                         UserApiKeys.expires >= time.time()))\
                         .filter(UserApiKeys.role == UserApiKeys.ROLE_ALL).first()
                     if user_auth_token:
                         user_auth_token = user_auth_token.api_key
                     return user_auth_token
                 @api_key.setter
                 def api_key(self, val):
                     # don't allow to set API key this is deprecated for now
                     self._api_key = None
                 @property
                 def reviewer_pull_requests(self):
                     return PullRequestReviewers.query() \
                         .options(joinedload(PullRequestReviewers.pull_request)) \
                         .filter(PullRequestReviewers.user_id == self.user_id) \
                         .all()
                 @property
                 def firstname(self):
                     # alias for future
                     return self.name
                 @property
                 def emails(self):
                     other = UserEmailMap.query()\
                         .filter(UserEmailMap.user == self) \
                         .order_by(UserEmailMap.email_id.asc()) \
                         .all()
                     return [self.email] + [x.email for x in other]
                 @property
                 def auth_tokens(self):
                     auth_tokens = self.get_auth_tokens()
                     return [x.api_key for x in auth_tokens]
                 def get_auth_tokens(self):
                     return UserApiKeys.query()\
                         .filter(UserApiKeys.user == self)\
                         .order_by(UserApiKeys.user_api_key_id.asc())\
                         .all()
                 @property
                 def feed_token(self):
                     return self.get_feed_token()
                 def get_feed_token(self):
                     feed_tokens = UserApiKeys.query()\
                         .filter(UserApiKeys.user == self)\
                         .filter(UserApiKeys.role == UserApiKeys.ROLE_FEED)\
                         .all()
                     if feed_tokens:
                         return feed_tokens[0].api_key
                     return 'NO_FEED_TOKEN_AVAILABLE'
                 @classmethod
                 def get(cls, user_id, cache=False):
                     if not user_id:
                         return
                     user = cls.query()
                     if cache:
                         user = user.options(
                             FromCache("sql_cache_short", "get_users_%s" % user_id))
                     return user.get(user_id)
                 @classmethod
                 def extra_valid_auth_tokens(cls, user, role=None):
                     tokens = UserApiKeys.query().filter(UserApiKeys.user == user)\
                             .filter(or_(UserApiKeys.expires == -1,
                                         UserApiKeys.expires >= time.time()))
                     if role:
                         tokens = tokens.filter(or_(UserApiKeys.role == role,
                                                    UserApiKeys.role == UserApiKeys.ROLE_ALL))
                     return tokens.all()
                 def authenticate_by_token(self, auth_token, roles=None, scope_repo_id=None):
                     from rhodecode.lib import auth
                     log.debug('Trying to authenticate user: %s via auth-token, '
                               'and roles: %s', self, roles)
                     if not auth_token:
                         return False
                     crypto_backend = auth.crypto_backend()
                     roles = (roles or []) + [UserApiKeys.ROLE_ALL]
                     tokens_q = UserApiKeys.query()\
                         .filter(UserApiKeys.user_id == self.user_id)\
                         .filter(or_(UserApiKeys.expires == -1,
                                     UserApiKeys.expires >= time.time()))
                     tokens_q = tokens_q.filter(UserApiKeys.role.in_(roles))
                     plain_tokens = []
                     hash_tokens = []
                     for token in tokens_q.all():
                         # verify scope first
                         if token.repo_id:
                             # token has a scope, we need to verify it
                             if scope_repo_id != token.repo_id:
                                 log.debug(
                                     'Scope mismatch: token has a set repo scope: %s, '
                                     'and calling scope is:%s, skipping further checks',
                                      token.repo, scope_repo_id)
                                 # token has a scope, and it doesn't match, skip token
                                 continue
                         if token.api_key.startswith(crypto_backend.ENC_PREF):
                             hash_tokens.append(token.api_key)
                         else:
                             plain_tokens.append(token.api_key)
                     is_plain_match = auth_token in plain_tokens
                     if is_plain_match:
                         return True
                     for hashed in hash_tokens:
                         # TODO(marcink): this is expensive to calculate, but most secure
                         match = crypto_backend.hash_check(auth_token, hashed)
                         if match:
                             return True
                     return False
                 @property
                 def ip_addresses(self):
                     ret = UserIpMap.query().filter(UserIpMap.user == self).all()
                     return [x.ip_addr for x in ret]
                 @property
                 def username_and_name(self):
                     return '%s (%s %s)' % (self.username, self.first_name, self.last_name)
                 @property
                 def username_or_name_or_email(self):
                     full_name = self.full_name if self.full_name is not ' ' else None
                     return self.username or full_name or self.email
                 @property
                 def full_name(self):
                     return '%s %s' % (self.first_name, self.last_name)
                 @property
                 def full_name_or_username(self):
                     return ('%s %s' % (self.first_name, self.last_name)
                             if (self.first_name and self.last_name) else self.username)
                 @property
                 def full_contact(self):
                     return '%s %s <%s>' % (self.first_name, self.last_name, self.email)
                 @property
                 def short_contact(self):
                     return '%s %s' % (self.first_name, self.last_name)
                 @property
                 def is_admin(self):
                     return self.admin
                 def AuthUser(self, **kwargs):
                     """
                     Returns instance of AuthUser for this user
                     """
                     from rhodecode.lib.auth import AuthUser
                     return AuthUser(user_id=self.user_id, username=self.username, **kwargs)
                 @hybrid_property
                 def user_data(self):
                     if not self._user_data:
                         return {}
                     try:
                         return json.loads(self._user_data)
                     except TypeError:
                         return {}
                 @user_data.setter
                 def user_data(self, val):
                     if not isinstance(val, dict):
                         raise Exception('user_data must be dict, got %s' % type(val))
                     try:
                         self._user_data = json.dumps(val)
                     except Exception:
                         log.error(traceback.format_exc())
                 @classmethod
                 def get_by_username(cls, username, case_insensitive=False,
                                     cache=False, identity_cache=False):
                     session = Session()
                     if case_insensitive:
                         q = cls.query().filter(
                             func.lower(cls.username) == func.lower(username))
                     else:
                         q = cls.query().filter(cls.username == username)
                     if cache:
                         if identity_cache:
                             val = cls.identity_cache(session, 'username', username)
                             if val:
                                 return val
                         else:
                             cache_key = "get_user_by_name_%s" % _hash_key(username)
                             q = q.options(
                                 FromCache("sql_cache_short", cache_key))
                     return q.scalar()
                 @classmethod
                 def get_by_auth_token(cls, auth_token, cache=False):
                     q = UserApiKeys.query()\
                         .filter(UserApiKeys.api_key == auth_token)\
                         .filter(or_(UserApiKeys.expires == -1,
                                     UserApiKeys.expires >= time.time()))
                     if cache:
                         q = q.options(
                             FromCache("sql_cache_short", "get_auth_token_%s" % auth_token))
                     match = q.first()
                     if match:
                         return match.user
                 @classmethod
                 def get_by_email(cls, email, case_insensitive=False, cache=False):
                     if case_insensitive:
                         q = cls.query().filter(func.lower(cls.email) == func.lower(email))
                     else:
                         q = cls.query().filter(cls.email == email)
                     email_key = _hash_key(email)
                     if cache:
                         q = q.options(
                             FromCache("sql_cache_short", "get_email_key_%s" % email_key))
                     ret = q.scalar()
                     if ret is None:
                         q = UserEmailMap.query()
                         # try fetching in alternate email map
                         if case_insensitive:
                             q = q.filter(func.lower(UserEmailMap.email) == func.lower(email))
                         else:
                             q = q.filter(UserEmailMap.email == email)
                         q = q.options(joinedload(UserEmailMap.user))
                         if cache:
                             q = q.options(
                                 FromCache("sql_cache_short", "get_email_map_key_%s" % email_key))
                         ret = getattr(q.scalar(), 'user', None)
                     return ret
                 @classmethod
                 def get_from_cs_author(cls, author):
                     """
                     Tries to get User objects out of commit author string
                     :param author:
                     """
                     from rhodecode.lib.helpers import email, author_name
                     # Valid email in the attribute passed, see if they're in the system
                     _email = email(author)
                     if _email:
                         user = cls.get_by_email(_email, case_insensitive=True)
                         if user:
                             return user
                     # Maybe we can match by username?
                     _author = author_name(author)
                     user = cls.get_by_username(_author, case_insensitive=True)
                     if user:
                         return user
                 def update_userdata(self, **kwargs):
                     usr = self
                     old = usr.user_data
                     old.update(**kwargs)
                     usr.user_data = old
                     Session().add(usr)
                     log.debug('updated userdata with ', kwargs)
                 def update_lastlogin(self):
                     """Update user lastlogin"""
                     self.last_login = datetime.datetime.now()
                     Session().add(self)
                     log.debug('updated user %s lastlogin', self.username)
                 def update_lastactivity(self):
                     """Update user lastactivity"""
                     self.last_activity = datetime.datetime.now()
                     Session().add(self)
                     log.debug('updated user `%s` last activity', self.username)
                 def update_password(self, new_password):
                     from rhodecode.lib.auth import get_crypt_password
                     self.password = get_crypt_password(new_password)
                     Session().add(self)
                 @classmethod
                 def get_first_super_admin(cls):
                     user = User.query().filter(User.admin == true()).first()
                     if user is None:
                         raise Exception('FATAL: Missing administrative account!')
                     return user
                 @classmethod
                 def get_all_super_admins(cls):
                     """
                     Returns all admin accounts sorted by username
                     """
                     return User.query().filter(User.admin == true())\
                         .order_by(User.username.asc()).all()
                 @classmethod
                 def get_default_user(cls, cache=False, refresh=False):
                     user = User.get_by_username(User.DEFAULT_USER, cache=cache)
                     if user is None:
                         raise Exception('FATAL: Missing default account!')
                     if refresh:
                         # The default user might be based on outdated state which
                         # has been loaded from the cache.
                         # A call to refresh() ensures that the
                         # latest state from the database is used.
                         Session().refresh(user)
                     return user
                 def _get_default_perms(self, user, suffix=''):
                     from rhodecode.model.permission import PermissionModel
                     return PermissionModel().get_default_perms(user.user_perms, suffix)
                 def get_default_perms(self, suffix=''):
                     return self._get_default_perms(self, suffix)
                 def get_api_data(self, include_secrets=False, details='full'):
                     """
                     Common function for generating user related data for API
                     :param include_secrets: By default secrets in the API data will be replaced
                        by a placeholder value to prevent exposing this data by accident. In case
                        this data shall be exposed, set this flag to ``True``.
                     :param details: details can be 'basic|full' basic gives only a subset of
                        the available user information that includes user_id, name and emails.
                     """
                     user = self
                     user_data = self.user_data
                     data = {
                         'user_id': user.user_id,
                         'username': user.username,
                         'firstname': user.name,
                         'lastname': user.lastname,
                         'email': user.email,
                         'emails': user.emails,
                     }
                     if details == 'basic':
                         return data
                     auth_token_length = 40
                     auth_token_replacement = '*' * auth_token_length
                     extras = {
                         'auth_tokens': [auth_token_replacement],
                         'active': user.active,
                         'admin': user.admin,
                         'extern_type': user.extern_type,
                         'extern_name': user.extern_name,
                         'last_login': user.last_login,
                         'last_activity': user.last_activity,
                         'ip_addresses': user.ip_addresses,
                         'language': user_data.get('language')
                     }
                     data.update(extras)
                     if include_secrets:
                         data['auth_tokens'] = user.auth_tokens
                     return data
                 def __json__(self):
                     data = {
                         'full_name': self.full_name,
                         'full_name_or_username': self.full_name_or_username,
                         'short_contact': self.short_contact,
                         'full_contact': self.full_contact,
                     }
                     data.update(self.get_api_data())
                     return data
             class UserApiKeys(Base, BaseModel):
                 __tablename__ = 'user_api_keys'
                 __table_args__ = (
                     Index('uak_api_key_idx', 'api_key', unique=True),
                     Index('uak_api_key_expires_idx', 'api_key', 'expires'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 __mapper_args__ = {}
                 # ApiKey role
                 ROLE_ALL = 'token_role_all'
                 ROLE_HTTP = 'token_role_http'
                 ROLE_VCS = 'token_role_vcs'
                 ROLE_API = 'token_role_api'
                 ROLE_FEED = 'token_role_feed'
                 ROLE_PASSWORD_RESET = 'token_password_reset'
                 ROLES = [ROLE_ALL, ROLE_HTTP, ROLE_VCS, ROLE_API, ROLE_FEED]
                 user_api_key_id = Column("user_api_key_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
                 api_key = Column("api_key", String(255), nullable=False, unique=True)
                 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
                 expires = Column('expires', Float(53), nullable=False)
                 role = Column('role', String(255), nullable=True)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 # scope columns
                 repo_id = Column(
                     'repo_id', Integer(), ForeignKey('repositories.repo_id'),
                     nullable=True, unique=None, default=None)
                 repo = relationship('Repository', lazy='joined')
                 repo_group_id = Column(
                     'repo_group_id', Integer(), ForeignKey('groups.group_id'),
                     nullable=True, unique=None, default=None)
                 repo_group = relationship('RepoGroup', lazy='joined')
                 user = relationship('User', lazy='joined')
                 def __unicode__(self):
                     return u"<%s('%s')>" % (self.__class__.__name__, self.role)
                 def __json__(self):
                     data = {
                         'auth_token': self.api_key,
                         'role': self.role,
                         'scope': self.scope_humanized,
                         'expired': self.expired
                     }
                     return data
                 def get_api_data(self, include_secrets=False):
                     data = self.__json__()
                     if include_secrets:
                         return data
                     else:
                         data['auth_token'] = self.token_obfuscated
                         return data
                 @hybrid_property
                 def description_safe(self):
                     from rhodecode.lib import helpers as h
                     return h.escape(self.description)
                 @property
                 def expired(self):
                     if self.expires == -1:
                         return False
                     return time.time() > self.expires
                 @classmethod
                 def _get_role_name(cls, role):
                     return {
                         cls.ROLE_ALL: _('all'),
                         cls.ROLE_HTTP: _('http/web interface'),
                         cls.ROLE_VCS: _('vcs (git/hg/svn protocol)'),
                         cls.ROLE_API: _('api calls'),
                         cls.ROLE_FEED: _('feed access'),
                     }.get(role, role)
                 @property
                 def role_humanized(self):
                     return self._get_role_name(self.role)
                 def _get_scope(self):
                     if self.repo:
                         return repr(self.repo)
                     if self.repo_group:
                         return repr(self.repo_group) + ' (recursive)'
                     return 'global'
                 @property
                 def scope_humanized(self):
                     return self._get_scope()
                 @property
                 def token_obfuscated(self):
                     if self.api_key:
                         return self.api_key[:4] + "****"
             class UserEmailMap(Base, BaseModel):
                 __tablename__ = 'user_email_map'
                 __table_args__ = (
                     Index('uem_email_idx', 'email'),
                     UniqueConstraint('email'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 __mapper_args__ = {}
                 email_id = Column("email_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
                 _email = Column("email", String(255), nullable=True, unique=False, default=None)
                 user = relationship('User', lazy='joined')
                 @validates('_email')
                 def validate_email(self, key, email):
                     # check if this email is not main one
                     main_email = Session().query(User).filter(User.email == email).scalar()
                     if main_email is not None:
                         raise AttributeError('email %s is present is user table' % email)
                     return email
                 @hybrid_property
                 def email(self):
                     return self._email
                 @email.setter
                 def email(self, val):
                     self._email = val.lower() if val else None
             class UserIpMap(Base, BaseModel):
                 __tablename__ = 'user_ip_map'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'ip_addr'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 __mapper_args__ = {}
                 ip_id = Column("ip_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
                 ip_addr = Column("ip_addr", String(255), nullable=True, unique=False, default=None)
                 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
                 description = Column("description", String(10000), nullable=True, unique=None, default=None)
                 user = relationship('User', lazy='joined')
                 @hybrid_property
                 def description_safe(self):
                     from rhodecode.lib import helpers as h
                     return h.escape(self.description)
                 @classmethod
                 def _get_ip_range(cls, ip_addr):
                     net = ipaddress.ip_network(safe_unicode(ip_addr), strict=False)
                     return [str(net.network_address), str(net.broadcast_address)]
                 def __json__(self):
                     return {
                       'ip_addr': self.ip_addr,
                       'ip_range': self._get_ip_range(self.ip_addr),
                     }
                 def __unicode__(self):
                     return u"<%s('user_id:%s=>%s')>" % (self.__class__.__name__,
                                                         self.user_id, self.ip_addr)
             class UserSshKeys(Base, BaseModel):
                 __tablename__ = 'user_ssh_keys'
                 __table_args__ = (
                     Index('usk_ssh_key_fingerprint_idx', 'ssh_key_fingerprint'),
                     UniqueConstraint('ssh_key_fingerprint'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 __mapper_args__ = {}
                 ssh_key_id = Column('ssh_key_id', Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 ssh_key_data = Column('ssh_key_data', String(10240), nullable=False, unique=None, default=None)
                 ssh_key_fingerprint = Column('ssh_key_fingerprint', String(255), nullable=False, unique=None, default=None)
                 description = Column('description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 accessed_on = Column('accessed_on', DateTime(timezone=False), nullable=True, default=None)
                 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
                 user = relationship('User', lazy='joined')
                 def __json__(self):
                     data = {
                         'ssh_fingerprint': self.ssh_key_fingerprint,
                         'description': self.description,
                         'created_on': self.created_on
                     }
                     return data
                 def get_api_data(self):
                     data = self.__json__()
                     return data
             class UserLog(Base, BaseModel):
                 __tablename__ = 'user_logs'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                 )
                 VERSION_1 = 'v1'
                 VERSION_2 = 'v2'
                 VERSIONS = [VERSION_1, VERSION_2]
                 user_log_id = Column("user_log_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id',ondelete='SET NULL'), nullable=True, unique=None, default=None)
                 username = Column("username", String(255), nullable=True, unique=None, default=None)
                 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id', ondelete='SET NULL'), nullable=True, unique=None, default=None)
                 repository_name = Column("repository_name", String(255), nullable=True, unique=None, default=None)
                 user_ip = Column("user_ip", String(255), nullable=True, unique=None, default=None)
                 action = Column("action", Text().with_variant(Text(1200000), 'mysql'), nullable=True, unique=None, default=None)
                 action_date = Column("action_date", DateTime(timezone=False), nullable=True, unique=None, default=None)
                 version = Column("version", String(255), nullable=True, default=VERSION_1)
                 user_data = Column('user_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
                 action_data = Column('action_data_json', MutationObj.as_mutable(JsonType(dialect_map=dict(mysql=LONGTEXT()))))
                 def __unicode__(self):
                     return u"<%s('id:%s:%s')>" % (
                         self.__class__.__name__, self.repository_name, self.action)
                 def __json__(self):
                     return {
                         'user_id': self.user_id,
                         'username': self.username,
                         'repository_id': self.repository_id,
                         'repository_name': self.repository_name,
                         'user_ip': self.user_ip,
                         'action_date': self.action_date,
                         'action': self.action,
                     }
                 @hybrid_property
                 def entry_id(self):
                     return self.user_log_id
                 @property
                 def action_as_day(self):
                     return datetime.date(*self.action_date.timetuple()[:3])
                 user = relationship('User')
                 repository = relationship('Repository', cascade='')
             class UserGroup(Base, BaseModel):
                 __tablename__ = 'users_groups'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                 )
                 users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 users_group_name = Column("users_group_name", String(255), nullable=False, unique=True, default=None)
                 user_group_description = Column("user_group_description", String(10000), nullable=True, unique=None, default=None)
                 users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None)
                 inherit_default_permissions = Column("users_group_inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 _group_data = Column("group_data", LargeBinary(), nullable=True)  # JSON data
                 members = relationship('UserGroupMember', cascade="all, delete, delete-orphan", lazy="joined")
                 users_group_to_perm = relationship('UserGroupToPerm', cascade='all')
                 users_group_repo_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
                 users_group_repo_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')
                 user_user_group_to_perm = relationship('UserUserGroupToPerm', cascade='all')
                 user_group_user_group_to_perm = relationship('UserGroupUserGroupToPerm ', primaryjoin="UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id", cascade='all')
                 user_group_review_rules = relationship('RepoReviewRuleUserGroup', cascade='all')
                 user = relationship('User', primaryjoin="User.user_id==UserGroup.user_id")
                 @classmethod
                 def _load_group_data(cls, column):
                     if not column:
                         return {}
                     try:
                         return json.loads(column) or {}
                     except TypeError:
                         return {}
                 @hybrid_property
                 def description_safe(self):
                     from rhodecode.lib import helpers as h
                     return h.escape(self.description)
                 @hybrid_property
                 def group_data(self):
                     return self._load_group_data(self._group_data)
                 @group_data.expression
                 def group_data(self, **kwargs):
                     return self._group_data
                 @group_data.setter
                 def group_data(self, val):
                     try:
                         self._group_data = json.dumps(val)
                     except Exception:
                         log.error(traceback.format_exc())
                 def __unicode__(self):
                     return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
                                                   self.users_group_id,
                                                   self.users_group_name)
                 @classmethod
                 def get_by_group_name(cls, group_name, cache=False,
                                       case_insensitive=False):
                     if case_insensitive:
                         q = cls.query().filter(func.lower(cls.users_group_name) ==
                                                func.lower(group_name))
                     else:
                         q = cls.query().filter(cls.users_group_name == group_name)
                     if cache:
                         q = q.options(
                             FromCache("sql_cache_short", "get_group_%s" % _hash_key(group_name)))
                     return q.scalar()
                 @classmethod
                 def get(cls, user_group_id, cache=False):
                     if not user_group_id:
                         return
                     user_group = cls.query()
                     if cache:
                         user_group = user_group.options(
                             FromCache("sql_cache_short", "get_users_group_%s" % user_group_id))
                     return user_group.get(user_group_id)
                 def permissions(self, with_admins=True, with_owner=True):
                     q = UserUserGroupToPerm.query().filter(UserUserGroupToPerm.user_group == self)
                     q = q.options(joinedload(UserUserGroupToPerm.user_group),
                                   joinedload(UserUserGroupToPerm.user),
                                   joinedload(UserUserGroupToPerm.permission),)
                     # get owners and admins and permissions. We do a trick of re-writing
                     # objects from sqlalchemy to named-tuples due to sqlalchemy session
                     # has a global reference and changing one object propagates to all
                     # others. This means if admin is also an owner admin_row that change
                     # would propagate to both objects
                     perm_rows = []
                     for _usr in q.all():
                         usr = AttributeDict(_usr.user.get_dict())
                         usr.permission = _usr.permission.permission_name
                         perm_rows.append(usr)
                     # filter the perm rows by 'default' first and then sort them by
                     # admin,write,read,none permissions sorted again alphabetically in
                     # each group
                     perm_rows = sorted(perm_rows, key=display_user_sort)
                     _admin_perm = 'usergroup.admin'
                     owner_row = []
                     if with_owner:
                         usr = AttributeDict(self.user.get_dict())
                         usr.owner_row = True
                         usr.permission = _admin_perm
                         owner_row.append(usr)
                     super_admin_rows = []
                     if with_admins:
                         for usr in User.get_all_super_admins():
                             # if this admin is also owner, don't double the record
                             if usr.user_id == owner_row[0].user_id:
                                 owner_row[0].admin_row = True
                             else:
                                 usr = AttributeDict(usr.get_dict())
                                 usr.admin_row = True
                                 usr.permission = _admin_perm
                                 super_admin_rows.append(usr)
                     return super_admin_rows + owner_row + perm_rows
                 def permission_user_groups(self):
                     q = UserGroupUserGroupToPerm.query().filter(UserGroupUserGroupToPerm.target_user_group == self)
                     q = q.options(joinedload(UserGroupUserGroupToPerm.user_group),
                                   joinedload(UserGroupUserGroupToPerm.target_user_group),
                                   joinedload(UserGroupUserGroupToPerm.permission),)
                     perm_rows = []
                     for _user_group in q.all():
                         usr = AttributeDict(_user_group.user_group.get_dict())
                         usr.permission = _user_group.permission.permission_name
                         perm_rows.append(usr)
                     perm_rows = sorted(perm_rows, key=display_user_group_sort)
                     return perm_rows
                 def _get_default_perms(self, user_group, suffix=''):
                     from rhodecode.model.permission import PermissionModel
                     return PermissionModel().get_default_perms(user_group.users_group_to_perm, suffix)
                 def get_default_perms(self, suffix=''):
                     return self._get_default_perms(self, suffix)
                 def get_api_data(self, with_group_members=True, include_secrets=False):
                     """
                     :param include_secrets: See :meth:`User.get_api_data`, this parameter is
                        basically forwarded.
                     """
                     user_group = self
                     data = {
                         'users_group_id': user_group.users_group_id,
                         'group_name': user_group.users_group_name,
                         'group_description': user_group.user_group_description,
                         'active': user_group.users_group_active,
                         'owner': user_group.user.username,
                         'owner_email': user_group.user.email,
                     }
                     if with_group_members:
                         users = []
                         for user in user_group.members:
                             user = user.user
                             users.append(user.get_api_data(include_secrets=include_secrets))
                         data['users'] = users
                     return data
             class UserGroupMember(Base, BaseModel):
                 __tablename__ = 'users_groups_members'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                 )
                 users_group_member_id = Column("users_group_member_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 user = relationship('User', lazy='joined')
                 users_group = relationship('UserGroup')
                 def __init__(self, gr_id='', u_id=''):
                     self.users_group_id = gr_id
                     self.user_id = u_id
             class RepositoryField(Base, BaseModel):
                 __tablename__ = 'repositories_fields'
                 __table_args__ = (
                     UniqueConstraint('repository_id', 'field_key'),  # no-multi field
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                 )
                 PREFIX = 'ex_'  # prefix used in form to not conflict with already existing fields
                 repo_field_id = Column("repo_field_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
                 field_key = Column("field_key", String(250))
                 field_label = Column("field_label", String(1024), nullable=False)
                 field_value = Column("field_value", String(10000), nullable=False)
                 field_desc = Column("field_desc", String(1024), nullable=False)
                 field_type = Column("field_type", String(255), nullable=False, unique=None)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 repository = relationship('Repository')
                 @property
                 def field_key_prefixed(self):
                     return 'ex_%s' % self.field_key
                 @classmethod
                 def un_prefix_key(cls, key):
                     if key.startswith(cls.PREFIX):
                         return key[len(cls.PREFIX):]
                     return key
                 @classmethod
                 def get_by_key_name(cls, key, repo):
                     row = cls.query()\
                             .filter(cls.repository == repo)\
                             .filter(cls.field_key == key).scalar()
                     return row
             class Repository(Base, BaseModel):
                 __tablename__ = 'repositories'
                 __table_args__ = (
                     Index('r_repo_name_idx', 'repo_name', mysql_length=255),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                 )
                 DEFAULT_CLONE_URI = '{scheme}://{user}@{netloc}/{repo}'
                 DEFAULT_CLONE_URI_ID = '{scheme}://{user}@{netloc}/_{repoid}'
                 STATE_CREATED = 'repo_state_created'
                 STATE_PENDING = 'repo_state_pending'
                 STATE_ERROR = 'repo_state_error'
                 LOCK_AUTOMATIC = 'lock_auto'
                 LOCK_API = 'lock_api'
                 LOCK_WEB = 'lock_web'
                 LOCK_PULL = 'lock_pull'
                 NAME_SEP = URL_SEP
                 repo_id = Column(
                     "repo_id", Integer(), nullable=False, unique=True, default=None,
                     primary_key=True)
                 _repo_name = Column(
                     "repo_name", Text(), nullable=False, default=None)
                 _repo_name_hash = Column(
                     "repo_name_hash", String(255), nullable=False, unique=True)
                 repo_state = Column("repo_state", String(255), nullable=True)
                 clone_uri = Column(
                     "clone_uri", EncryptedTextValue(), nullable=True, unique=False,
                     default=None)
                 repo_type = Column(
                     "repo_type", String(255), nullable=False, unique=False, default=None)
                 user_id = Column(
                     "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
                     unique=False, default=None)
                 private = Column(
                     "private", Boolean(), nullable=True, unique=None, default=None)
                 enable_statistics = Column(
                     "statistics", Boolean(), nullable=True, unique=None, default=True)
                 enable_downloads = Column(
                     "downloads", Boolean(), nullable=True, unique=None, default=True)
                 description = Column(
                     "description", String(10000), nullable=True, unique=None, default=None)
                 created_on = Column(
                     'created_on', DateTime(timezone=False), nullable=True, unique=None,
                     default=datetime.datetime.now)
                 updated_on = Column(
                     'updated_on', DateTime(timezone=False), nullable=True, unique=None,
                     default=datetime.datetime.now)
                 _landing_revision = Column(
                     "landing_revision", String(255), nullable=False, unique=False,
                     default=None)
                 enable_locking = Column(
                     "enable_locking", Boolean(), nullable=False, unique=None,
                     default=False)
                 _locked = Column(
                     "locked", String(255), nullable=True, unique=False, default=None)
                 _changeset_cache = Column(
                     "changeset_cache", LargeBinary(), nullable=True)  # JSON data
                 fork_id = Column(
                     "fork_id", Integer(), ForeignKey('repositories.repo_id'),
                     nullable=True, unique=False, default=None)
                 group_id = Column(
                     "group_id", Integer(), ForeignKey('groups.group_id'), nullable=True,
                     unique=False, default=None)
                 user = relationship('User', lazy='joined')
                 fork = relationship('Repository', remote_side=repo_id, lazy='joined')
                 group = relationship('RepoGroup', lazy='joined')
                 repo_to_perm = relationship(
                     'UserRepoToPerm', cascade='all',
                     order_by='UserRepoToPerm.repo_to_perm_id')
                 users_group_to_perm = relationship('UserGroupRepoToPerm', cascade='all')
                 stats = relationship('Statistics', cascade='all', uselist=False)
                 followers = relationship(
                     'UserFollowing',
                     primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id',
                     cascade='all')
                 extra_fields = relationship(
                     'RepositoryField', cascade="all, delete, delete-orphan")
                 logs = relationship('UserLog')
                 comments = relationship(
                     'ChangesetComment', cascade="all, delete, delete-orphan")
                 pull_requests_source = relationship(
                     'PullRequest',
                     primaryjoin='PullRequest.source_repo_id==Repository.repo_id',
                     cascade="all, delete, delete-orphan")
                 pull_requests_target = relationship(
                     'PullRequest',
                     primaryjoin='PullRequest.target_repo_id==Repository.repo_id',
                     cascade="all, delete, delete-orphan")
                 ui = relationship('RepoRhodeCodeUi', cascade="all")
                 settings = relationship('RepoRhodeCodeSetting', cascade="all")
                 integrations = relationship('Integration',
                                             cascade="all, delete, delete-orphan")
                 def __unicode__(self):
                     return u"<%s('%s:%s')>" % (self.__class__.__name__, self.repo_id,
                                                safe_unicode(self.repo_name))
                 @hybrid_property
                 def description_safe(self):
                     from rhodecode.lib import helpers as h
                     return h.escape(self.description)
                 @hybrid_property
                 def landing_rev(self):
                     # always should return [rev_type, rev]
                     if self._landing_revision:
                         _rev_info = self._landing_revision.split(':')
                         if len(_rev_info) < 2:
                             _rev_info.insert(0, 'rev')
                         return [_rev_info[0], _rev_info[1]]
                     return [None, None]
                 @landing_rev.setter
                 def landing_rev(self, val):
                     if ':' not in val:
                         raise ValueError('value must be delimited with `:` and consist '
                                          'of <rev_type>:<rev>, got %s instead' % val)
                     self._landing_revision = val
                 @hybrid_property
                 def locked(self):
                     if self._locked:
                         user_id, timelocked, reason = self._locked.split(':')
                         lock_values = int(user_id), timelocked, reason
                     else:
                         lock_values = [None, None, None]
                     return lock_values
                 @locked.setter
                 def locked(self, val):
                     if val and isinstance(val, (list, tuple)):
                         self._locked = ':'.join(map(str, val))
                     else:
                         self._locked = None
                 @hybrid_property
                 def changeset_cache(self):
                     from rhodecode.lib.vcs.backends.base import EmptyCommit
                     dummy = EmptyCommit().__json__()
                     if not self._changeset_cache:
                         return dummy
                     try:
                         return json.loads(self._changeset_cache)
                     except TypeError:
                         return dummy
                     except Exception:
                         log.error(traceback.format_exc())
                         return dummy
                 @changeset_cache.setter
                 def changeset_cache(self, val):
                     try:
                         self._changeset_cache = json.dumps(val)
                     except Exception:
                         log.error(traceback.format_exc())
                 @hybrid_property
                 def repo_name(self):
                     return self._repo_name
                 @repo_name.setter
                 def repo_name(self, value):
                     self._repo_name = value
                     self._repo_name_hash = hashlib.sha1(safe_str(value)).hexdigest()
                 @classmethod
                 def normalize_repo_name(cls, repo_name):
                     """
                     Normalizes os specific repo_name to the format internally stored inside
                     database using URL_SEP
                     :param cls:
                     :param repo_name:
                     """
                     return cls.NAME_SEP.join(repo_name.split(os.sep))
                 @classmethod
                 def get_by_repo_name(cls, repo_name, cache=False, identity_cache=False):
                     session = Session()
                     q = session.query(cls).filter(cls.repo_name == repo_name)
                     if cache:
                         if identity_cache:
                             val = cls.identity_cache(session, 'repo_name', repo_name)
                             if val:
                                 return val
                         else:
                             cache_key = "get_repo_by_name_%s" % _hash_key(repo_name)
                             q = q.options(
                                 FromCache("sql_cache_short", cache_key))
                     return q.scalar()
                 @classmethod
                 def get_by_full_path(cls, repo_full_path):
                     repo_name = repo_full_path.split(cls.base_path(), 1)[-1]
                     repo_name = cls.normalize_repo_name(repo_name)
                     return cls.get_by_repo_name(repo_name.strip(URL_SEP))
                 @classmethod
                 def get_repo_forks(cls, repo_id):
                     return cls.query().filter(Repository.fork_id == repo_id)
                 @classmethod
                 def base_path(cls):
                     """
                     Returns base path when all repos are stored
                     :param cls:
                     """
                     q = Session().query(RhodeCodeUi)\
                         .filter(RhodeCodeUi.ui_key == cls.NAME_SEP)
                     q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
                     return q.one().ui_value
                 @classmethod
                 def is_valid(cls, repo_name):
                     """
                     returns True if given repo name is a valid filesystem repository
                     :param cls:
                     :param repo_name:
                     """
                     from rhodecode.lib.utils import is_valid_repo
                     return is_valid_repo(repo_name, cls.base_path())
                 @classmethod
                 def get_all_repos(cls, user_id=Optional(None), group_id=Optional(None),
                                   case_insensitive=True):
                     q = Repository.query()
                     if not isinstance(user_id, Optional):
                         q = q.filter(Repository.user_id == user_id)
                     if not isinstance(group_id, Optional):
                         q = q.filter(Repository.group_id == group_id)
                     if case_insensitive:
                         q = q.order_by(func.lower(Repository.repo_name))
                     else:
                         q = q.order_by(Repository.repo_name)
                     return q.all()
                 @property
                 def forks(self):
                     """
                     Return forks of this repo
                     """
                     return Repository.get_repo_forks(self.repo_id)
                 @property
                 def parent(self):
                     """
                     Returns fork parent
                     """
                     return self.fork
                 @property
                 def just_name(self):
                     return self.repo_name.split(self.NAME_SEP)[-1]
                 @property
                 def groups_with_parents(self):
                     groups = []
                     if self.group is None:
                         return groups
                     cur_gr = self.group
                     groups.insert(0, cur_gr)
                     while 1:
                         gr = getattr(cur_gr, 'parent_group', None)
                         cur_gr = cur_gr.parent_group
                         if gr is None:
                             break
                         groups.insert(0, gr)
                     return groups
                 @property
                 def groups_and_repo(self):
                     return self.groups_with_parents, self
                 @LazyProperty
                 def repo_path(self):
                     """
                     Returns base full path for that repository means where it actually
                     exists on a filesystem
                     """
                     q = Session().query(RhodeCodeUi).filter(
                         RhodeCodeUi.ui_key == self.NAME_SEP)
                     q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
                     return q.one().ui_value
                 @property
                 def repo_full_path(self):
                     p = [self.repo_path]
                     # we need to split the name by / since this is how we store the
                     # names in the database, but that eventually needs to be converted
                     # into a valid system path
                     p += self.repo_name.split(self.NAME_SEP)
                     return os.path.join(*map(safe_unicode, p))
                 @property
                 def cache_keys(self):
                     """
                     Returns associated cache keys for that repo
                     """
                     return CacheKey.query()\
                         .filter(CacheKey.cache_args == self.repo_name)\
                         .order_by(CacheKey.cache_key)\
                         .all()
                 def get_new_name(self, repo_name):
                     """
                     returns new full repository name based on assigned group and new new
                     :param group_name:
                     """
                     path_prefix = self.group.full_path_splitted if self.group else []
                     return self.NAME_SEP.join(path_prefix + [repo_name])
                 @property
                 def _config(self):
                     """
                     Returns db based config object.
                     """
                     from rhodecode.lib.utils import make_db_config
                     return make_db_config(clear_session=False, repo=self)
                 def permissions(self, with_admins=True, with_owner=True):
                     q = UserRepoToPerm.query().filter(UserRepoToPerm.repository == self)
                     q = q.options(joinedload(UserRepoToPerm.repository),
                                   joinedload(UserRepoToPerm.user),
                                   joinedload(UserRepoToPerm.permission),)
                     # get owners and admins and permissions. We do a trick of re-writing
                     # objects from sqlalchemy to named-tuples due to sqlalchemy session
                     # has a global reference and changing one object propagates to all
                     # others. This means if admin is also an owner admin_row that change
                     # would propagate to both objects
                     perm_rows = []
                     for _usr in q.all():
                         usr = AttributeDict(_usr.user.get_dict())
                         usr.permission = _usr.permission.permission_name
                         perm_rows.append(usr)
                     # filter the perm rows by 'default' first and then sort them by
                     # admin,write,read,none permissions sorted again alphabetically in
                     # each group
                     perm_rows = sorted(perm_rows, key=display_user_sort)
                     _admin_perm = 'repository.admin'
                     owner_row = []
                     if with_owner:
                         usr = AttributeDict(self.user.get_dict())
                         usr.owner_row = True
                         usr.permission = _admin_perm
                         owner_row.append(usr)
                     super_admin_rows = []
                     if with_admins:
                         for usr in User.get_all_super_admins():
                             # if this admin is also owner, don't double the record
                             if usr.user_id == owner_row[0].user_id:
                                 owner_row[0].admin_row = True
                             else:
                                 usr = AttributeDict(usr.get_dict())
                                 usr.admin_row = True
                                 usr.permission = _admin_perm
                                 super_admin_rows.append(usr)
                     return super_admin_rows + owner_row + perm_rows
                 def permission_user_groups(self):
                     q = UserGroupRepoToPerm.query().filter(
                         UserGroupRepoToPerm.repository == self)
                     q = q.options(joinedload(UserGroupRepoToPerm.repository),
                                   joinedload(UserGroupRepoToPerm.users_group),
                                   joinedload(UserGroupRepoToPerm.permission),)
                     perm_rows = []
                     for _user_group in q.all():
                         usr = AttributeDict(_user_group.users_group.get_dict())
                         usr.permission = _user_group.permission.permission_name
                         perm_rows.append(usr)
                     perm_rows = sorted(perm_rows, key=display_user_group_sort)
                     return perm_rows
                 def get_api_data(self, include_secrets=False):
                     """
                     Common function for generating repo api data
                     :param include_secrets: See :meth:`User.get_api_data`.
                     """
                     # TODO: mikhail: Here there is an anti-pattern, we probably need to
                     # move this methods on models level.
                     from rhodecode.model.settings import SettingsModel
                     from rhodecode.model.repo import RepoModel
                     repo = self
                     _user_id, _time, _reason = self.locked
                     data = {
                         'repo_id': repo.repo_id,
                         'repo_name': repo.repo_name,
                         'repo_type': repo.repo_type,
                         'clone_uri': repo.clone_uri or '',
                         'url': RepoModel().get_url(self),
                         'private': repo.private,
                         'created_on': repo.created_on,
                         'description': repo.description_safe,
                         'landing_rev': repo.landing_rev,
                         'owner': repo.user.username,
                         'fork_of': repo.fork.repo_name if repo.fork else None,
                         'fork_of_id': repo.fork.repo_id if repo.fork else None,
                         'enable_statistics': repo.enable_statistics,
                         'enable_locking': repo.enable_locking,
                         'enable_downloads': repo.enable_downloads,
                         'last_changeset': repo.changeset_cache,
                         'locked_by': User.get(_user_id).get_api_data(
                             include_secrets=include_secrets) if _user_id else None,
                         'locked_date': time_to_datetime(_time) if _time else None,
                         'lock_reason': _reason if _reason else None,
                     }
                     # TODO: mikhail: should be per-repo settings here
                     rc_config = SettingsModel().get_all_settings()
                     repository_fields = str2bool(
                         rc_config.get('rhodecode_repository_fields'))
                     if repository_fields:
                         for f in self.extra_fields:
                             data[f.field_key_prefixed] = f.field_value
                     return data
                 @classmethod
                 def lock(cls, repo, user_id, lock_time=None, lock_reason=None):
                     if not lock_time:
                         lock_time = time.time()
                     if not lock_reason:
                         lock_reason = cls.LOCK_AUTOMATIC
                     repo.locked = [user_id, lock_time, lock_reason]
                     Session().add(repo)
                     Session().commit()
                 @classmethod
                 def unlock(cls, repo):
                     repo.locked = None
                     Session().add(repo)
                     Session().commit()
                 @classmethod
                 def getlock(cls, repo):
                     return repo.locked
                 def is_user_lock(self, user_id):
                     if self.lock[0]:
                         lock_user_id = safe_int(self.lock[0])
                         user_id = safe_int(user_id)
                         # both are ints, and they are equal
                         return all([lock_user_id, user_id]) and lock_user_id == user_id
                     return False
                 def get_locking_state(self, action, user_id, only_when_enabled=True):
                     """
                     Checks locking on this repository, if locking is enabled and lock is
                     present returns a tuple of make_lock, locked, locked_by.
                     make_lock can have 3 states None (do nothing) True, make lock
                     False release lock, This value is later propagated to hooks, which
                     do the locking. Think about this as signals passed to hooks what to do.
                     """
                     # TODO: johbo: This is part of the business logic and should be moved
                     # into the RepositoryModel.
                     if action not in ('push', 'pull'):
                         raise ValueError("Invalid action value: %s" % repr(action))
                     # defines if locked error should be thrown to user
                     currently_locked = False
                     # defines if new lock should be made, tri-state
                     make_lock = None
                     repo = self
                     user = User.get(user_id)
                     lock_info = repo.locked
                     if repo and (repo.enable_locking or not only_when_enabled):
                         if action == 'push':
                             # check if it's already locked !, if it is compare users
                             locked_by_user_id = lock_info[0]
                             if user.user_id == locked_by_user_id:
                                 log.debug(
                                     'Got `push` action from user %s, now unlocking', user)
                                 # unlock if we have push from user who locked
                                 make_lock = False
                             else:
                                 # we're not the same user who locked, ban with
                                 # code defined in settings (default is 423 HTTP Locked) !
                                 log.debug('Repo %s is currently locked by %s', repo, user)
                                 currently_locked = True
                         elif action == 'pull':
                             # [0] user [1] date
                             if lock_info[0] and lock_info[1]:
                                 log.debug('Repo %s is currently locked by %s', repo, user)
                                 currently_locked = True
                             else:
                                 log.debug('Setting lock on repo %s by %s', repo, user)
                                 make_lock = True
                     else:
                         log.debug('Repository %s do not have locking enabled', repo)
                     log.debug('FINAL locking values make_lock:%s,locked:%s,locked_by:%s',
                               make_lock, currently_locked, lock_info)
                     from rhodecode.lib.auth import HasRepoPermissionAny
                     perm_check = HasRepoPermissionAny('repository.write', 'repository.admin')
                     if make_lock and not perm_check(repo_name=repo.repo_name, user=user):
                         # if we don't have at least write permission we cannot make a lock
                         log.debug('lock state reset back to FALSE due to lack '
                                   'of at least read permission')
                         make_lock = False
                     return make_lock, currently_locked, lock_info
                 @property
                 def last_db_change(self):
                     return self.updated_on
                 @property
                 def clone_uri_hidden(self):
                     clone_uri = self.clone_uri
                     if clone_uri:
                         import urlobject
                         url_obj = urlobject.URLObject(cleaned_uri(clone_uri))
                         if url_obj.password:
                             clone_uri = url_obj.with_password('*****')
                     return clone_uri
                 def clone_url(self, **override):
                     from rhodecode.model.settings import SettingsModel
                     uri_tmpl = None
                     if 'with_id' in override:
                         uri_tmpl = self.DEFAULT_CLONE_URI_ID
                         del override['with_id']
                     if 'uri_tmpl' in override:
                         uri_tmpl = override['uri_tmpl']
                         del override['uri_tmpl']
                     # we didn't override our tmpl from **overrides
                     if not uri_tmpl:
                         rc_config = SettingsModel().get_all_settings(cache=True)
                         uri_tmpl = rc_config.get(
                             'rhodecode_clone_uri_tmpl') or self.DEFAULT_CLONE_URI
                     request = get_current_request()
                     return get_clone_url(request=request,
                                          uri_tmpl=uri_tmpl,
                                          repo_name=self.repo_name,
                                          repo_id=self.repo_id, **override)
                 def set_state(self, state):
                     self.repo_state = state
                     Session().add(self)
                 #==========================================================================
                 # SCM PROPERTIES
                 #==========================================================================
                 def get_commit(self, commit_id=None, commit_idx=None, pre_load=None):
                     return get_commit_safe(
                         self.scm_instance(), commit_id, commit_idx, pre_load=pre_load)
                 def get_changeset(self, rev=None, pre_load=None):
                     warnings.warn("Use get_commit", DeprecationWarning)
                     commit_id = None
                     commit_idx = None
                     if isinstance(rev, basestring):
                         commit_id = rev
                     else:
                         commit_idx = rev
                     return self.get_commit(commit_id=commit_id, commit_idx=commit_idx,
                                            pre_load=pre_load)
                 def get_landing_commit(self):
                     """
                     Returns landing commit, or if that doesn't exist returns the tip
                     """
                     _rev_type, _rev = self.landing_rev
                     commit = self.get_commit(_rev)
                     if isinstance(commit, EmptyCommit):
                         return self.get_commit()
                     return commit
                 def update_commit_cache(self, cs_cache=None, config=None):
                     """
                     Update cache of last changeset for repository, keys should be::
                         short_id
                         raw_id
                         revision
                         parents
                         message
                         date
                         author
                     :param cs_cache:
                     """
                     from rhodecode.lib.vcs.backends.base import BaseChangeset
                     if cs_cache is None:
                         # use no-cache version here
                         scm_repo = self.scm_instance(cache=False, config=config)
                         if scm_repo:
                             cs_cache = scm_repo.get_commit(
                                 pre_load=["author", "date", "message", "parents"])
                         else:
                             cs_cache = EmptyCommit()
                     if isinstance(cs_cache, BaseChangeset):
                         cs_cache = cs_cache.__json__()
                     def is_outdated(new_cs_cache):
                         if (new_cs_cache['raw_id'] != self.changeset_cache['raw_id'] or
                             new_cs_cache['revision'] != self.changeset_cache['revision']):
                             return True
                         return False
                     # check if we have maybe already latest cached revision
                     if is_outdated(cs_cache) or not self.changeset_cache:
                         _default = datetime.datetime.fromtimestamp(0)
                         last_change = cs_cache.get('date') or _default
                         log.debug('updated repo %s with new cs cache %s',
                                   self.repo_name, cs_cache)
                         self.updated_on = last_change
                         self.changeset_cache = cs_cache
                         Session().add(self)
                         Session().commit()
                     else:
                         log.debug('Skipping update_commit_cache for repo:`%s` '
                                   'commit already with latest changes', self.repo_name)
                 @property
                 def tip(self):
                     return self.get_commit('tip')
                 @property
                 def author(self):
                     return self.tip.author
                 @property
                 def last_change(self):
                     return self.scm_instance().last_change
                 def get_comments(self, revisions=None):
                     """
                     Returns comments for this repository grouped by revisions
                     :param revisions: filter query by revisions only
                     """
                     cmts = ChangesetComment.query()\
                         .filter(ChangesetComment.repo == self)
                     if revisions:
                         cmts = cmts.filter(ChangesetComment.revision.in_(revisions))
                     grouped = collections.defaultdict(list)
                     for cmt in cmts.all():
                         grouped[cmt.revision].append(cmt)
                     return grouped
                 def statuses(self, revisions=None):
                     """
                     Returns statuses for this repository
                     :param revisions: list of revisions to get statuses for
                     """
                     statuses = ChangesetStatus.query()\
                         .filter(ChangesetStatus.repo == self)\
                         .filter(ChangesetStatus.version == 0)
                     if revisions:
                         # Try doing the filtering in chunks to avoid hitting limits
                         size = 500
                         status_results = []
                         for chunk in xrange(0, len(revisions), size):
                             status_results += statuses.filter(
                                 ChangesetStatus.revision.in_(
                                     revisions[chunk: chunk+size])
                             ).all()
                     else:
                         status_results = statuses.all()
                     grouped = {}
                     # maybe we have open new pullrequest without a status?
                     stat = ChangesetStatus.STATUS_UNDER_REVIEW
                     status_lbl = ChangesetStatus.get_status_lbl(stat)
                     for pr in PullRequest.query().filter(PullRequest.source_repo == self).all():
                         for rev in pr.revisions:
                             pr_id = pr.pull_request_id
                             pr_repo = pr.target_repo.repo_name
                             grouped[rev] = [stat, status_lbl, pr_id, pr_repo]
                     for stat in status_results:
                         pr_id = pr_repo = None
                         if stat.pull_request:
                             pr_id = stat.pull_request.pull_request_id
                             pr_repo = stat.pull_request.target_repo.repo_name
                         grouped[stat.revision] = [str(stat.status), stat.status_lbl,
                                                   pr_id, pr_repo]
                     return grouped
                 # ==========================================================================
                 # SCM CACHE INSTANCE
                 # ==========================================================================
                 def scm_instance(self, **kwargs):
                     import rhodecode
                     # Passing a config will not hit the cache currently only used
                     # for repo2dbmapper
                     config = kwargs.pop('config', None)
                     cache = kwargs.pop('cache', None)
                     full_cache = str2bool(rhodecode.CONFIG.get('vcs_full_cache'))
                     # if cache is NOT defined use default global, else we have a full
                     # control over cache behaviour
                     if cache is None and full_cache and not config:
                         return self._get_instance_cached()
                     return self._get_instance(cache=bool(cache), config=config)
                 def _get_instance_cached(self):
-                    @cache_region('long_term')
+                    self._get_instance()
-                    def _get_repo(cache_key):
-                        return self._get_instance()
-                    invalidator_context = CacheKey.repo_context_cache(
-                        _get_repo, self.repo_name, None, thread_scoped=True)
-                    with invalidator_context as context:
-                        context.invalidate()
-                        repo = context.compute()
-                    return repo
                 def _get_instance(self, cache=True, config=None):
                     config = config or self._config
                     custom_wire = {
                         'cache': cache  # controls the vcs.remote cache
                     }
                     repo = get_vcs_instance(
                         repo_path=safe_str(self.repo_full_path),
                         config=config,
                         with_wire=custom_wire,
                         create=False,
                         _vcs_alias=self.repo_type)
                     return repo
                 def __json__(self):
                     return {'landing_rev': self.landing_rev}
                 def get_dict(self):
                     # Since we transformed `repo_name` to a hybrid property, we need to
                     # keep compatibility with the code which uses `repo_name` field.
                     result = super(Repository, self).get_dict()
                     result['repo_name'] = result.pop('_repo_name', None)
                     return result
             class RepoGroup(Base, BaseModel):
                 __tablename__ = 'groups'
                 __table_args__ = (
                     UniqueConstraint('group_name', 'group_parent_id'),
                     CheckConstraint('group_id != group_parent_id'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                 )
                 __mapper_args__ = {'order_by': 'group_name'}
                 CHOICES_SEPARATOR = '/'  # used to generate select2 choices for nested groups
                 group_id = Column("group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 group_name = Column("group_name", String(255), nullable=False, unique=True, default=None)
                 group_parent_id = Column("group_parent_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)
                 group_description = Column("group_description", String(10000), nullable=True, unique=None, default=None)
                 enable_locking = Column("enable_locking", Boolean(), nullable=False, unique=None, default=False)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
                 personal = Column('personal', Boolean(), nullable=True, unique=None, default=None)
                 repo_group_to_perm = relationship('UserRepoGroupToPerm', cascade='all', order_by='UserRepoGroupToPerm.group_to_perm_id')
                 users_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')
                 parent_group = relationship('RepoGroup', remote_side=group_id)
                 user = relationship('User')
                 integrations = relationship('Integration',
                                             cascade="all, delete, delete-orphan")
                 def __init__(self, group_name='', parent_group=None):
                     self.group_name = group_name
                     self.parent_group = parent_group
                 def __unicode__(self):
                     return u"<%s('id:%s:%s')>" % (
                         self.__class__.__name__, self.group_id, self.group_name)
                 @hybrid_property
                 def description_safe(self):
                     from rhodecode.lib import helpers as h
                     return h.escape(self.group_description)
                 @classmethod
                 def _generate_choice(cls, repo_group):
                     from webhelpers.html import literal as _literal
                     _name = lambda k: _literal(cls.CHOICES_SEPARATOR.join(k))
                     return repo_group.group_id, _name(repo_group.full_path_splitted)
                 @classmethod
                 def groups_choices(cls, groups=None, show_empty_group=True):
                     if not groups:
                         groups = cls.query().all()
                     repo_groups = []
                     if show_empty_group:
                         repo_groups = [(-1, u'-- %s --' % _('No parent'))]
                     repo_groups.extend([cls._generate_choice(x) for x in groups])
                     repo_groups = sorted(
                         repo_groups, key=lambda t: t[1].split(cls.CHOICES_SEPARATOR)[0])
                     return repo_groups
                 @classmethod
                 def url_sep(cls):
                     return URL_SEP
                 @classmethod
                 def get_by_group_name(cls, group_name, cache=False, case_insensitive=False):
                     if case_insensitive:
                         gr = cls.query().filter(func.lower(cls.group_name)
                                                 == func.lower(group_name))
                     else:
                         gr = cls.query().filter(cls.group_name == group_name)
                     if cache:
                         name_key = _hash_key(group_name)
                         gr = gr.options(
                             FromCache("sql_cache_short", "get_group_%s" % name_key))
                     return gr.scalar()
                 @classmethod
                 def get_user_personal_repo_group(cls, user_id):
                     user = User.get(user_id)
                     if user.username == User.DEFAULT_USER:
                         return None
                     return cls.query()\
                         .filter(cls.personal == true()) \
                         .filter(cls.user == user).scalar()
                 @classmethod
                 def get_all_repo_groups(cls, user_id=Optional(None), group_id=Optional(None),
                                         case_insensitive=True):
                     q = RepoGroup.query()
                     if not isinstance(user_id, Optional):
                         q = q.filter(RepoGroup.user_id == user_id)
                     if not isinstance(group_id, Optional):
                         q = q.filter(RepoGroup.group_parent_id == group_id)
                     if case_insensitive:
                         q = q.order_by(func.lower(RepoGroup.group_name))
                     else:
                         q = q.order_by(RepoGroup.group_name)
                     return q.all()
                 @property
                 def parents(self):
                     parents_recursion_limit = 10
                     groups = []
                     if self.parent_group is None:
                         return groups
                     cur_gr = self.parent_group
                     groups.insert(0, cur_gr)
                     cnt = 0
                     while 1:
                         cnt += 1
                         gr = getattr(cur_gr, 'parent_group', None)
                         cur_gr = cur_gr.parent_group
                         if gr is None:
                             break
                         if cnt == parents_recursion_limit:
                             # this will prevent accidental infinit loops
                             log.error(('more than %s parents found for group %s, stopping '
                                        'recursive parent fetching' % (parents_recursion_limit, self)))
                             break
                         groups.insert(0, gr)
                     return groups
                 @property
                 def last_db_change(self):
                     return self.updated_on
                 @property
                 def children(self):
                     return RepoGroup.query().filter(RepoGroup.parent_group == self)
                 @property
                 def name(self):
                     return self.group_name.split(RepoGroup.url_sep())[-1]
                 @property
                 def full_path(self):
                     return self.group_name
                 @property
                 def full_path_splitted(self):
                     return self.group_name.split(RepoGroup.url_sep())
                 @property
                 def repositories(self):
                     return Repository.query()\
                             .filter(Repository.group == self)\
                             .order_by(Repository.repo_name)
                 @property
                 def repositories_recursive_count(self):
                     cnt = self.repositories.count()
                     def children_count(group):
                         cnt = 0
                         for child in group.children:
                             cnt += child.repositories.count()
                             cnt += children_count(child)
                         return cnt
                     return cnt + children_count(self)
                 def _recursive_objects(self, include_repos=True):
                     all_ = []
                     def _get_members(root_gr):
                         if include_repos:
                             for r in root_gr.repositories:
                                 all_.append(r)
                         childs = root_gr.children.all()
                         if childs:
                             for gr in childs:
                                 all_.append(gr)
                                 _get_members(gr)
                     _get_members(self)
                     return [self] + all_
                 def recursive_groups_and_repos(self):
                     """
                     Recursive return all groups, with repositories in those groups
                     """
                     return self._recursive_objects()
                 def recursive_groups(self):
                     """
                     Returns all children groups for this group including children of children
                     """
                     return self._recursive_objects(include_repos=False)
                 def get_new_name(self, group_name):
                     """
                     returns new full group name based on parent and new name
                     :param group_name:
                     """
                     path_prefix = (self.parent_group.full_path_splitted if
                                    self.parent_group else [])
                     return RepoGroup.url_sep().join(path_prefix + [group_name])
                 def permissions(self, with_admins=True, with_owner=True):
                     q = UserRepoGroupToPerm.query().filter(UserRepoGroupToPerm.group == self)
                     q = q.options(joinedload(UserRepoGroupToPerm.group),
                                   joinedload(UserRepoGroupToPerm.user),
                                   joinedload(UserRepoGroupToPerm.permission),)
                     # get owners and admins and permissions. We do a trick of re-writing
                     # objects from sqlalchemy to named-tuples due to sqlalchemy session
                     # has a global reference and changing one object propagates to all
                     # others. This means if admin is also an owner admin_row that change
                     # would propagate to both objects
                     perm_rows = []
                     for _usr in q.all():
                         usr = AttributeDict(_usr.user.get_dict())
                         usr.permission = _usr.permission.permission_name
                         perm_rows.append(usr)
                     # filter the perm rows by 'default' first and then sort them by
                     # admin,write,read,none permissions sorted again alphabetically in
                     # each group
                     perm_rows = sorted(perm_rows, key=display_user_sort)
                     _admin_perm = 'group.admin'
                     owner_row = []
                     if with_owner:
                         usr = AttributeDict(self.user.get_dict())
                         usr.owner_row = True
                         usr.permission = _admin_perm
                         owner_row.append(usr)
                     super_admin_rows = []
                     if with_admins:
                         for usr in User.get_all_super_admins():
                             # if this admin is also owner, don't double the record
                             if usr.user_id == owner_row[0].user_id:
                                 owner_row[0].admin_row = True
                             else:
                                 usr = AttributeDict(usr.get_dict())
                                 usr.admin_row = True
                                 usr.permission = _admin_perm
                                 super_admin_rows.append(usr)
                     return super_admin_rows + owner_row + perm_rows
                 def permission_user_groups(self):
                     q = UserGroupRepoGroupToPerm.query().filter(UserGroupRepoGroupToPerm.group == self)
                     q = q.options(joinedload(UserGroupRepoGroupToPerm.group),
                                   joinedload(UserGroupRepoGroupToPerm.users_group),
                                   joinedload(UserGroupRepoGroupToPerm.permission),)
                     perm_rows = []
                     for _user_group in q.all():
                         usr = AttributeDict(_user_group.users_group.get_dict())
                         usr.permission = _user_group.permission.permission_name
                         perm_rows.append(usr)
                     perm_rows = sorted(perm_rows, key=display_user_group_sort)
                     return perm_rows
                 def get_api_data(self):
                     """
                     Common function for generating api data
                     """
                     group = self
                     data = {
                         'group_id': group.group_id,
                         'group_name': group.group_name,
                         'group_description': group.description_safe,
                         'parent_group': group.parent_group.group_name if group.parent_group else None,
                         'repositories': [x.repo_name for x in group.repositories],
                         'owner': group.user.username,
                     }
                     return data
             class Permission(Base, BaseModel):
                 __tablename__ = 'permissions'
                 __table_args__ = (
                     Index('p_perm_name_idx', 'permission_name'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                 )
                 PERMS = [
                     ('hg.admin', _('RhodeCode Super Administrator')),
                     ('repository.none', _('Repository no access')),
                     ('repository.read', _('Repository read access')),
                     ('repository.write', _('Repository write access')),
                     ('repository.admin', _('Repository admin access')),
                     ('group.none', _('Repository group no access')),
                     ('group.read', _('Repository group read access')),
                     ('group.write', _('Repository group write access')),
                     ('group.admin', _('Repository group admin access')),
                     ('usergroup.none', _('User group no access')),
                     ('usergroup.read', _('User group read access')),
                     ('usergroup.write', _('User group write access')),
                     ('usergroup.admin', _('User group admin access')),
                     ('hg.repogroup.create.false', _('Repository Group creation disabled')),
                     ('hg.repogroup.create.true', _('Repository Group creation enabled')),
                     ('hg.usergroup.create.false', _('User Group creation disabled')),
                     ('hg.usergroup.create.true', _('User Group creation enabled')),
                     ('hg.create.none', _('Repository creation disabled')),
                     ('hg.create.repository', _('Repository creation enabled')),
                     ('hg.create.write_on_repogroup.true', _('Repository creation enabled with write permission to a repository group')),
                     ('hg.create.write_on_repogroup.false', _('Repository creation disabled with write permission to a repository group')),
                     ('hg.fork.none', _('Repository forking disabled')),
                     ('hg.fork.repository', _('Repository forking enabled')),
                     ('hg.register.none', _('Registration disabled')),
                     ('hg.register.manual_activate', _('User Registration with manual account activation')),
                     ('hg.register.auto_activate', _('User Registration with automatic account activation')),
                     ('hg.password_reset.enabled', _('Password reset enabled')),
                     ('hg.password_reset.hidden', _('Password reset hidden')),
                     ('hg.password_reset.disabled', _('Password reset disabled')),
                     ('hg.extern_activate.manual', _('Manual activation of external account')),
                     ('hg.extern_activate.auto', _('Automatic activation of external account')),
                     ('hg.inherit_default_perms.false', _('Inherit object permissions from default user disabled')),
                     ('hg.inherit_default_perms.true', _('Inherit object permissions from default user enabled')),
                 ]
                 # definition of system default permissions for DEFAULT user
                 DEFAULT_USER_PERMISSIONS = [
                     'repository.read',
                     'group.read',
                     'usergroup.read',
                     'hg.create.repository',
                     'hg.repogroup.create.false',
                     'hg.usergroup.create.false',
                     'hg.create.write_on_repogroup.true',
                     'hg.fork.repository',
                     'hg.register.manual_activate',
                     'hg.password_reset.enabled',
                     'hg.extern_activate.auto',
                     'hg.inherit_default_perms.true',
                 ]
                 # defines which permissions are more important higher the more important
                 # Weight defines which permissions are more important.
                 # The higher number the more important.
                 PERM_WEIGHTS = {
                     'repository.none': 0,
                     'repository.read': 1,
                     'repository.write': 3,
                     'repository.admin': 4,
                     'group.none': 0,
                     'group.read': 1,
                     'group.write': 3,
                     'group.admin': 4,
                     'usergroup.none': 0,
                     'usergroup.read': 1,
                     'usergroup.write': 3,
                     'usergroup.admin': 4,
                     'hg.repogroup.create.false': 0,
                     'hg.repogroup.create.true': 1,
                     'hg.usergroup.create.false': 0,
                     'hg.usergroup.create.true': 1,
                     'hg.fork.none': 0,
                     'hg.fork.repository': 1,
                     'hg.create.none': 0,
                     'hg.create.repository': 1
                 }
                 permission_id = Column("permission_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 permission_name = Column("permission_name", String(255), nullable=True, unique=None, default=None)
                 permission_longname = Column("permission_longname", String(255), nullable=True, unique=None, default=None)
                 def __unicode__(self):
                     return u"<%s('%s:%s')>" % (
                         self.__class__.__name__, self.permission_id, self.permission_name
                     )
                 @classmethod
                 def get_by_key(cls, key):
                     return cls.query().filter(cls.permission_name == key).scalar()
                 @classmethod
                 def get_default_repo_perms(cls, user_id, repo_id=None):
                     q = Session().query(UserRepoToPerm, Repository, Permission)\
                         .join((Permission, UserRepoToPerm.permission_id == Permission.permission_id))\
                         .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\
                         .filter(UserRepoToPerm.user_id == user_id)
                     if repo_id:
                         q = q.filter(UserRepoToPerm.repository_id == repo_id)
                     return q.all()
                 @classmethod
                 def get_default_repo_perms_from_user_group(cls, user_id, repo_id=None):
                     q = Session().query(UserGroupRepoToPerm, Repository, Permission)\
                         .join(
                             Permission,
                             UserGroupRepoToPerm.permission_id == Permission.permission_id)\
                         .join(
                             Repository,
                             UserGroupRepoToPerm.repository_id == Repository.repo_id)\
                         .join(
                             UserGroup,
                             UserGroupRepoToPerm.users_group_id ==
                             UserGroup.users_group_id)\
                         .join(
                             UserGroupMember,
                             UserGroupRepoToPerm.users_group_id ==
                             UserGroupMember.users_group_id)\
                         .filter(
                             UserGroupMember.user_id == user_id,
                             UserGroup.users_group_active == true())
                     if repo_id:
                         q = q.filter(UserGroupRepoToPerm.repository_id == repo_id)
                     return q.all()
                 @classmethod
                 def get_default_group_perms(cls, user_id, repo_group_id=None):
                     q = Session().query(UserRepoGroupToPerm, RepoGroup, Permission)\
                         .join((Permission, UserRepoGroupToPerm.permission_id == Permission.permission_id))\
                         .join((RepoGroup, UserRepoGroupToPerm.group_id == RepoGroup.group_id))\
                         .filter(UserRepoGroupToPerm.user_id == user_id)
                     if repo_group_id:
                         q = q.filter(UserRepoGroupToPerm.group_id == repo_group_id)
                     return q.all()
                 @classmethod
                 def get_default_group_perms_from_user_group(
                         cls, user_id, repo_group_id=None):
                     q = Session().query(UserGroupRepoGroupToPerm, RepoGroup, Permission)\
                         .join(
                             Permission,
                             UserGroupRepoGroupToPerm.permission_id ==
                             Permission.permission_id)\
                         .join(
                             RepoGroup,
                             UserGroupRepoGroupToPerm.group_id == RepoGroup.group_id)\
                         .join(
                             UserGroup,
                             UserGroupRepoGroupToPerm.users_group_id ==
                             UserGroup.users_group_id)\
                         .join(
                             UserGroupMember,
                             UserGroupRepoGroupToPerm.users_group_id ==
                             UserGroupMember.users_group_id)\
                         .filter(
                             UserGroupMember.user_id == user_id,
                             UserGroup.users_group_active == true())
                     if repo_group_id:
                         q = q.filter(UserGroupRepoGroupToPerm.group_id == repo_group_id)
                     return q.all()
                 @classmethod
                 def get_default_user_group_perms(cls, user_id, user_group_id=None):
                     q = Session().query(UserUserGroupToPerm, UserGroup, Permission)\
                         .join((Permission, UserUserGroupToPerm.permission_id == Permission.permission_id))\
                         .join((UserGroup, UserUserGroupToPerm.user_group_id == UserGroup.users_group_id))\
                         .filter(UserUserGroupToPerm.user_id == user_id)
                     if user_group_id:
                         q = q.filter(UserUserGroupToPerm.user_group_id == user_group_id)
                     return q.all()
                 @classmethod
                 def get_default_user_group_perms_from_user_group(
                         cls, user_id, user_group_id=None):
                     TargetUserGroup = aliased(UserGroup, name='target_user_group')
                     q = Session().query(UserGroupUserGroupToPerm, UserGroup, Permission)\
                         .join(
                             Permission,
                             UserGroupUserGroupToPerm.permission_id ==
                             Permission.permission_id)\
                         .join(
                             TargetUserGroup,
                             UserGroupUserGroupToPerm.target_user_group_id ==
                             TargetUserGroup.users_group_id)\
                         .join(
                             UserGroup,
                             UserGroupUserGroupToPerm.user_group_id ==
                             UserGroup.users_group_id)\
                         .join(
                             UserGroupMember,
                             UserGroupUserGroupToPerm.user_group_id ==
                             UserGroupMember.users_group_id)\
                         .filter(
                             UserGroupMember.user_id == user_id,
                             UserGroup.users_group_active == true())
                     if user_group_id:
                         q = q.filter(
                             UserGroupUserGroupToPerm.user_group_id == user_group_id)
                     return q.all()
             class UserRepoToPerm(Base, BaseModel):
                 __tablename__ = 'repo_to_perm'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'repository_id', 'permission_id'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 repo_to_perm_id = Column("repo_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
                 user = relationship('User')
                 repository = relationship('Repository')
                 permission = relationship('Permission')
                 @classmethod
                 def create(cls, user, repository, permission):
                     n = cls()
                     n.user = user
                     n.repository = repository
                     n.permission = permission
                     Session().add(n)
                     return n
                 def __unicode__(self):
                     return u'<%s => %s >' % (self.user, self.repository)
             class UserUserGroupToPerm(Base, BaseModel):
                 __tablename__ = 'user_user_group_to_perm'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'user_group_id', 'permission_id'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 user_user_group_to_perm_id = Column("user_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 user = relationship('User')
                 user_group = relationship('UserGroup')
                 permission = relationship('Permission')
                 @classmethod
                 def create(cls, user, user_group, permission):
                     n = cls()
                     n.user = user
                     n.user_group = user_group
                     n.permission = permission
                     Session().add(n)
                     return n
                 def __unicode__(self):
                     return u'<%s => %s >' % (self.user, self.user_group)
             class UserToPerm(Base, BaseModel):
                 __tablename__ = 'user_to_perm'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'permission_id'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 user_to_perm_id = Column("user_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 user = relationship('User')
                 permission = relationship('Permission', lazy='joined')
                 def __unicode__(self):
                     return u'<%s => %s >' % (self.user, self.permission)
             class UserGroupRepoToPerm(Base, BaseModel):
                 __tablename__ = 'users_group_repo_to_perm'
                 __table_args__ = (
                     UniqueConstraint('repository_id', 'users_group_id', 'permission_id'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
                 users_group = relationship('UserGroup')
                 permission = relationship('Permission')
                 repository = relationship('Repository')
                 @classmethod
                 def create(cls, users_group, repository, permission):
                     n = cls()
                     n.users_group = users_group
                     n.repository = repository
                     n.permission = permission
                     Session().add(n)
                     return n
                 def __unicode__(self):
                     return u'<UserGroupRepoToPerm:%s => %s >' % (self.users_group, self.repository)
             class UserGroupUserGroupToPerm(Base, BaseModel):
                 __tablename__ = 'user_group_user_group_to_perm'
                 __table_args__ = (
                     UniqueConstraint('target_user_group_id', 'user_group_id', 'permission_id'),
                     CheckConstraint('target_user_group_id != user_group_id'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 user_group_user_group_to_perm_id = Column("user_group_user_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 target_user_group_id = Column("target_user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 user_group_id = Column("user_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 target_user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id')
                 user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.user_group_id==UserGroup.users_group_id')
                 permission = relationship('Permission')
                 @classmethod
                 def create(cls, target_user_group, user_group, permission):
                     n = cls()
                     n.target_user_group = target_user_group
                     n.user_group = user_group
                     n.permission = permission
                     Session().add(n)
                     return n
                 def __unicode__(self):
                     return u'<UserGroupUserGroup:%s => %s >' % (self.target_user_group, self.user_group)
             class UserGroupToPerm(Base, BaseModel):
                 __tablename__ = 'users_group_to_perm'
                 __table_args__ = (
                     UniqueConstraint('users_group_id', 'permission_id',),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 users_group = relationship('UserGroup')
                 permission = relationship('Permission')
             class UserRepoGroupToPerm(Base, BaseModel):
                 __tablename__ = 'user_repo_group_to_perm'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'group_id', 'permission_id'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 group_to_perm_id = Column("group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 user = relationship('User')
                 group = relationship('RepoGroup')
                 permission = relationship('Permission')
                 @classmethod
                 def create(cls, user, repository_group, permission):
                     n = cls()
                     n.user = user
                     n.group = repository_group
                     n.permission = permission
                     Session().add(n)
                     return n
             class UserGroupRepoGroupToPerm(Base, BaseModel):
                 __tablename__ = 'users_group_repo_group_to_perm'
                 __table_args__ = (
                     UniqueConstraint('users_group_id', 'group_id'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 users_group_repo_group_to_perm_id = Column("users_group_repo_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 users_group = relationship('UserGroup')
                 permission = relationship('Permission')
                 group = relationship('RepoGroup')
                 @classmethod
                 def create(cls, user_group, repository_group, permission):
                     n = cls()
                     n.users_group = user_group
                     n.group = repository_group
                     n.permission = permission
                     Session().add(n)
                     return n
                 def __unicode__(self):
                     return u'<UserGroupRepoGroupToPerm:%s => %s >' % (self.users_group, self.group)
             class Statistics(Base, BaseModel):
                 __tablename__ = 'statistics'
                 __table_args__ = (
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 stat_id = Column("stat_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=True, default=None)
                 stat_on_revision = Column("stat_on_revision", Integer(), nullable=False)
                 commit_activity = Column("commit_activity", LargeBinary(1000000), nullable=False)#JSON data
                 commit_activity_combined = Column("commit_activity_combined", LargeBinary(), nullable=False)#JSON data
                 languages = Column("languages", LargeBinary(1000000), nullable=False)#JSON data
                 repository = relationship('Repository', single_parent=True)
             class UserFollowing(Base, BaseModel):
                 __tablename__ = 'user_followings'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'follows_repository_id'),
                     UniqueConstraint('user_id', 'follows_user_id'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 user_following_id = Column("user_following_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 follows_repo_id = Column("follows_repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)
                 follows_user_id = Column("follows_user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
                 follows_from = Column('follows_from', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
                 user = relationship('User', primaryjoin='User.user_id==UserFollowing.user_id')
                 follows_user = relationship('User', primaryjoin='User.user_id==UserFollowing.follows_user_id')
                 follows_repository = relationship('Repository', order_by='Repository.repo_name')
                 @classmethod
                 def get_repo_followers(cls, repo_id):
                     return cls.query().filter(cls.follows_repo_id == repo_id)
             class CacheKey(Base, BaseModel):
                 __tablename__ = 'cache_invalidation'
                 __table_args__ = (
                     UniqueConstraint('cache_key'),
                     Index('key_idx', 'cache_key'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                 )
                 CACHE_TYPE_ATOM = 'ATOM'
                 CACHE_TYPE_RSS = 'RSS'
                 CACHE_TYPE_README = 'README'
                 cache_id = Column("cache_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 cache_key = Column("cache_key", String(255), nullable=True, unique=None, default=None)
                 cache_args = Column("cache_args", String(255), nullable=True, unique=None, default=None)
                 cache_active = Column("cache_active", Boolean(), nullable=True, unique=None, default=False)
                 def __init__(self, cache_key, cache_args=''):
                     self.cache_key = cache_key
                     self.cache_args = cache_args
                     self.cache_active = False
                 def __unicode__(self):
                     return u"<%s('%s:%s[%s]')>" % (
                         self.__class__.__name__,
                         self.cache_id, self.cache_key, self.cache_active)
                 def _cache_key_partition(self):
                     prefix, repo_name, suffix = self.cache_key.partition(self.cache_args)
                     return prefix, repo_name, suffix
                 def get_prefix(self):
                     """
                     Try to extract prefix from existing cache key. The key could consist
                     of prefix, repo_name, suffix
                     """
                     # this returns prefix, repo_name, suffix
                     return self._cache_key_partition()[0]
                 def get_suffix(self):
                     """
                     get suffix that might have been used in _get_cache_key to
                     generate self.cache_key. Only used for informational purposes
                     in repo_edit.mako.
                     """
                     # prefix, repo_name, suffix
                     return self._cache_key_partition()[2]
                 @classmethod
                 def delete_all_cache(cls):
                     """
                     Delete all cache keys from database.
                     Should only be run when all instances are down and all entries
                     thus stale.
                     """
                     cls.query().delete()
                     Session().commit()
                 @classmethod
                 def get_cache_key(cls, repo_name, cache_type):
                     """
                     Generate a cache key for this process of RhodeCode instance.
                     Prefix most likely will be process id or maybe explicitly set
                     instance_id from .ini file.
                     """
                     import rhodecode
                     prefix = safe_unicode(rhodecode.CONFIG.get('instance_id') or '')
                     repo_as_unicode = safe_unicode(repo_name)
                     key = u'{}_{}'.format(repo_as_unicode, cache_type) \
                         if cache_type else repo_as_unicode
                     return u'{}{}'.format(prefix, key)
                 @classmethod
                 def set_invalidate(cls, repo_name, delete=False):
                     """
                     Mark all caches of a repo as invalid in the database.
                     """
                     try:
                         qry = Session().query(cls).filter(cls.cache_args == repo_name)
                         if delete:
                             log.debug('cache objects deleted for repo %s',
                                       safe_str(repo_name))
                             qry.delete()
                         else:
                             log.debug('cache objects marked as invalid for repo %s',
                                       safe_str(repo_name))
                             qry.update({"cache_active": False})
                         Session().commit()
                     except Exception:
                         log.exception(
                             'Cache key invalidation failed for repository %s',
                             safe_str(repo_name))
                         Session().rollback()
                 @classmethod
                 def get_active_cache(cls, cache_key):
                     inv_obj = cls.query().filter(cls.cache_key == cache_key).scalar()
                     if inv_obj:
                         return inv_obj
                     return None
-                @classmethod
-                def repo_context_cache(cls, compute_func, repo_name, cache_type,
-                                       thread_scoped=False):
-                    """
-                    @cache_region('long_term')
-                    def _heavy_calculation(cache_key):
-                        return 'result'
-                    cache_context = CacheKey.repo_context_cache(
-                        _heavy_calculation, repo_name, cache_type)
-                    with cache_context as context:
-                        context.invalidate()
-                        computed = context.compute()
-                    assert computed == 'result'
-                    """
-                    from rhodecode.lib import caches
-                    return caches.InvalidationContext(
-                        compute_func, repo_name, cache_type, thread_scoped=thread_scoped)
             class ChangesetComment(Base, BaseModel):
                 __tablename__ = 'changeset_comments'
                 __table_args__ = (
                     Index('cc_revision_idx', 'revision'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                 )
                 COMMENT_OUTDATED = u'comment_outdated'
                 COMMENT_TYPE_NOTE = u'note'
                 COMMENT_TYPE_TODO = u'todo'
                 COMMENT_TYPES = [COMMENT_TYPE_NOTE, COMMENT_TYPE_TODO]
                 comment_id = Column('comment_id', Integer(), nullable=False, primary_key=True)
                 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
                 revision = Column('revision', String(40), nullable=True)
                 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
                 pull_request_version_id = Column("pull_request_version_id", Integer(), ForeignKey('pull_request_versions.pull_request_version_id'), nullable=True)
                 line_no = Column('line_no', Unicode(10), nullable=True)
                 hl_lines = Column('hl_lines', Unicode(512), nullable=True)
                 f_path = Column('f_path', Unicode(1000), nullable=True)
                 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
                 text = Column('text', UnicodeText().with_variant(UnicodeText(25000), 'mysql'), nullable=False)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 renderer = Column('renderer', Unicode(64), nullable=True)
                 display_state = Column('display_state',  Unicode(128), nullable=True)
                 comment_type = Column('comment_type',  Unicode(128), nullable=True, default=COMMENT_TYPE_NOTE)
                 resolved_comment_id = Column('resolved_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'), nullable=True)
                 resolved_comment = relationship('ChangesetComment', remote_side=comment_id, backref='resolved_by')
                 author = relationship('User', lazy='joined')
                 repo = relationship('Repository')
                 status_change = relationship('ChangesetStatus', cascade="all, delete, delete-orphan", lazy='joined')
                 pull_request = relationship('PullRequest', lazy='joined')
                 pull_request_version = relationship('PullRequestVersion')
                 @classmethod
                 def get_users(cls, revision=None, pull_request_id=None):
                     """
                     Returns user associated with this ChangesetComment. ie those
                     who actually commented
                     :param cls:
                     :param revision:
                     """
                     q = Session().query(User)\
                             .join(ChangesetComment.author)
                     if revision:
                         q = q.filter(cls.revision == revision)
                     elif pull_request_id:
                         q = q.filter(cls.pull_request_id == pull_request_id)
                     return q.all()
                 @classmethod
                 def get_index_from_version(cls, pr_version, versions):
                     num_versions = [x.pull_request_version_id for x in versions]
                     try:
                         return num_versions.index(pr_version) +1
                     except (IndexError, ValueError):
                         return
                 @property
                 def outdated(self):
                     return self.display_state == self.COMMENT_OUTDATED
                 def outdated_at_version(self, version):
                     """
                     Checks if comment is outdated for given pull request version
                     """
                     return self.outdated and self.pull_request_version_id != version
                 def older_than_version(self, version):
                     """
                     Checks if comment is made from previous version than given
                     """
                     if version is None:
                         return self.pull_request_version_id is not None
                     return self.pull_request_version_id < version
                 @property
                 def resolved(self):
                     return self.resolved_by[0] if self.resolved_by else None
                 @property
                 def is_todo(self):
                     return self.comment_type == self.COMMENT_TYPE_TODO
                 @property
                 def is_inline(self):
                     return self.line_no and self.f_path
                 def get_index_version(self, versions):
                     return self.get_index_from_version(
                         self.pull_request_version_id, versions)
                 def __repr__(self):
                     if self.comment_id:
                         return '<DB:Comment #%s>' % self.comment_id
                     else:
                         return '<DB:Comment at %#x>' % id(self)
                 def get_api_data(self):
                     comment = self
                     data = {
                         'comment_id': comment.comment_id,
                         'comment_type': comment.comment_type,
                         'comment_text': comment.text,
                         'comment_status': comment.status_change,
                         'comment_f_path': comment.f_path,
                         'comment_lineno': comment.line_no,
                         'comment_author': comment.author,
                         'comment_created_on': comment.created_on
                     }
                     return data
                 def __json__(self):
                     data = dict()
                     data.update(self.get_api_data())
                     return data
             class ChangesetStatus(Base, BaseModel):
                 __tablename__ = 'changeset_statuses'
                 __table_args__ = (
                     Index('cs_revision_idx', 'revision'),
                     Index('cs_version_idx', 'version'),
                     UniqueConstraint('repo_id', 'revision', 'version'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 STATUS_NOT_REVIEWED = DEFAULT = 'not_reviewed'
                 STATUS_APPROVED = 'approved'
                 STATUS_REJECTED = 'rejected'
                 STATUS_UNDER_REVIEW = 'under_review'
                 STATUSES = [
                     (STATUS_NOT_REVIEWED, _("Not Reviewed")),  # (no icon) and default
                     (STATUS_APPROVED, _("Approved")),
                     (STATUS_REJECTED, _("Rejected")),
                     (STATUS_UNDER_REVIEW, _("Under Review")),
                 ]
                 changeset_status_id = Column('changeset_status_id', Integer(), nullable=False, primary_key=True)
                 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None)
                 revision = Column('revision', String(40), nullable=False)
                 status = Column('status', String(128), nullable=False, default=DEFAULT)
                 changeset_comment_id = Column('changeset_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'))
                 modified_at = Column('modified_at', DateTime(), nullable=False, default=datetime.datetime.now)
                 version = Column('version', Integer(), nullable=False, default=0)
                 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
                 author = relationship('User', lazy='joined')
                 repo = relationship('Repository')
                 comment = relationship('ChangesetComment', lazy='joined')
                 pull_request = relationship('PullRequest', lazy='joined')
                 def __unicode__(self):
                     return u"<%s('%s[v%s]:%s')>" % (
                         self.__class__.__name__,
                         self.status, self.version, self.author
                     )
                 @classmethod
                 def get_status_lbl(cls, value):
                     return dict(cls.STATUSES).get(value)
                 @property
                 def status_lbl(self):
                     return ChangesetStatus.get_status_lbl(self.status)
                 def get_api_data(self):
                     status = self
                     data = {
                         'status_id': status.changeset_status_id,
                         'status': status.status,
                     }
                     return data
                 def __json__(self):
                     data = dict()
                     data.update(self.get_api_data())
                     return data
             class _PullRequestBase(BaseModel):
                 """
                 Common attributes of pull request and version entries.
                 """
                 # .status values
                 STATUS_NEW = u'new'
                 STATUS_OPEN = u'open'
                 STATUS_CLOSED = u'closed'
                 title = Column('title', Unicode(255), nullable=True)
                 description = Column(
                     'description', UnicodeText().with_variant(UnicodeText(10240), 'mysql'),
                     nullable=True)
                 # new/open/closed status of pull request (not approve/reject/etc)
                 status = Column('status', Unicode(255), nullable=False, default=STATUS_NEW)
                 created_on = Column(
                     'created_on', DateTime(timezone=False), nullable=False,
                     default=datetime.datetime.now)
                 updated_on = Column(
                     'updated_on', DateTime(timezone=False), nullable=False,
                     default=datetime.datetime.now)
                 @declared_attr
                 def user_id(cls):
                     return Column(
                         "user_id", Integer(), ForeignKey('users.user_id'), nullable=False,
                         unique=None)
                 # 500 revisions max
                 _revisions = Column(
                     'revisions', UnicodeText().with_variant(UnicodeText(20500), 'mysql'))
                 @declared_attr
                 def source_repo_id(cls):
                     # TODO: dan: rename column to source_repo_id
                     return Column(
                         'org_repo_id', Integer(), ForeignKey('repositories.repo_id'),
                         nullable=False)
                 source_ref = Column('org_ref', Unicode(255), nullable=False)
                 @declared_attr
                 def target_repo_id(cls):
                     # TODO: dan: rename column to target_repo_id
                     return Column(
                         'other_repo_id', Integer(), ForeignKey('repositories.repo_id'),
                         nullable=False)
                 target_ref = Column('other_ref', Unicode(255), nullable=False)
                 _shadow_merge_ref = Column('shadow_merge_ref', Unicode(255), nullable=True)
                 # TODO: dan: rename column to last_merge_source_rev
                 _last_merge_source_rev = Column(
                     'last_merge_org_rev', String(40), nullable=True)
                 # TODO: dan: rename column to last_merge_target_rev
                 _last_merge_target_rev = Column(
                     'last_merge_other_rev', String(40), nullable=True)
                 _last_merge_status = Column('merge_status', Integer(), nullable=True)
                 merge_rev = Column('merge_rev', String(40), nullable=True)
                 reviewer_data = Column(
                     'reviewer_data_json', MutationObj.as_mutable(
                         JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
                 @property
                 def reviewer_data_json(self):
                     return json.dumps(self.reviewer_data)
                 @hybrid_property
                 def description_safe(self):
                     from rhodecode.lib import helpers as h
                     return h.escape(self.description)
                 @hybrid_property
                 def revisions(self):
                     return self._revisions.split(':') if self._revisions else []
                 @revisions.setter
                 def revisions(self, val):
                     self._revisions = ':'.join(val)
                 @hybrid_property
                 def last_merge_status(self):
                     return safe_int(self._last_merge_status)
                 @last_merge_status.setter
                 def last_merge_status(self, val):
                     self._last_merge_status = val
                 @declared_attr
                 def author(cls):
                     return relationship('User', lazy='joined')
                 @declared_attr
                 def source_repo(cls):
                     return relationship(
                         'Repository',
                         primaryjoin='%s.source_repo_id==Repository.repo_id' % cls.__name__)
                 @property
                 def source_ref_parts(self):
                     return self.unicode_to_reference(self.source_ref)
                 @declared_attr
                 def target_repo(cls):
                     return relationship(
                         'Repository',
                         primaryjoin='%s.target_repo_id==Repository.repo_id' % cls.__name__)
                 @property
                 def target_ref_parts(self):
                     return self.unicode_to_reference(self.target_ref)
                 @property
                 def shadow_merge_ref(self):
                     return self.unicode_to_reference(self._shadow_merge_ref)
                 @shadow_merge_ref.setter
                 def shadow_merge_ref(self, ref):
                     self._shadow_merge_ref = self.reference_to_unicode(ref)
                 def unicode_to_reference(self, raw):
                     """
                     Convert a unicode (or string) to a reference object.
                     If unicode evaluates to False it returns None.
                     """
                     if raw:
                         refs = raw.split(':')
                         return Reference(*refs)
                     else:
                         return None
                 def reference_to_unicode(self, ref):
                     """
                     Convert a reference object to unicode.
                     If reference is None it returns None.
                     """
                     if ref:
                         return u':'.join(ref)
                     else:
                         return None
                 def get_api_data(self, with_merge_state=True):
                     from rhodecode.model.pull_request import PullRequestModel
                     pull_request = self
                     if with_merge_state:
                         merge_status = PullRequestModel().merge_status(pull_request)
                         merge_state = {
                             'status': merge_status[0],
                             'message': safe_unicode(merge_status[1]),
                         }
                     else:
                         merge_state = {'status': 'not_available',
                                        'message': 'not_available'}
                     merge_data = {
                         'clone_url': PullRequestModel().get_shadow_clone_url(pull_request),
                         'reference': (
                             pull_request.shadow_merge_ref._asdict()
                             if pull_request.shadow_merge_ref else None),
                     }
                     data = {
                         'pull_request_id': pull_request.pull_request_id,
                         'url': PullRequestModel().get_url(pull_request),
                         'title': pull_request.title,
                         'description': pull_request.description,
                         'status': pull_request.status,
                         'created_on': pull_request.created_on,
                         'updated_on': pull_request.updated_on,
                         'commit_ids': pull_request.revisions,
                         'review_status': pull_request.calculated_review_status(),
                         'mergeable': merge_state,
                         'source': {
                             'clone_url': pull_request.source_repo.clone_url(),
                             'repository': pull_request.source_repo.repo_name,
                             'reference': {
                                 'name': pull_request.source_ref_parts.name,
                                 'type': pull_request.source_ref_parts.type,
                                 'commit_id': pull_request.source_ref_parts.commit_id,
                             },
                         },
                         'target': {
                             'clone_url': pull_request.target_repo.clone_url(),
                             'repository': pull_request.target_repo.repo_name,
                             'reference': {
                                 'name': pull_request.target_ref_parts.name,
                                 'type': pull_request.target_ref_parts.type,
                                 'commit_id': pull_request.target_ref_parts.commit_id,
                             },
                         },
                         'merge': merge_data,
                         'author': pull_request.author.get_api_data(include_secrets=False,
                                                                    details='basic'),
                         'reviewers': [
                             {
                                 'user': reviewer.get_api_data(include_secrets=False,
                                                               details='basic'),
                                 'reasons': reasons,
                                 'review_status': st[0][1].status if st else 'not_reviewed',
                             }
                             for reviewer, reasons, mandatory, st in
                             pull_request.reviewers_statuses()
                         ]
                     }
                     return data
             class PullRequest(Base, _PullRequestBase):
                 __tablename__ = 'pull_requests'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                 )
                 pull_request_id = Column(
                     'pull_request_id', Integer(), nullable=False, primary_key=True)
                 def __repr__(self):
                     if self.pull_request_id:
                         return '<DB:PullRequest #%s>' % self.pull_request_id
                     else:
                         return '<DB:PullRequest at %#x>' % id(self)
                 reviewers = relationship('PullRequestReviewers',
                                          cascade="all, delete, delete-orphan")
                 statuses = relationship('ChangesetStatus',
                                         cascade="all, delete, delete-orphan")
                 comments = relationship('ChangesetComment',
                                         cascade="all, delete, delete-orphan")
                 versions = relationship('PullRequestVersion',
                                         cascade="all, delete, delete-orphan",
                                         lazy='dynamic')
                 @classmethod
                 def get_pr_display_object(cls, pull_request_obj, org_pull_request_obj,
                                           internal_methods=None):
                     class PullRequestDisplay(object):
                         """
                         Special object wrapper for showing PullRequest data via Versions
                         It mimics PR object as close as possible. This is read only object
                         just for display
                         """
                         def __init__(self, attrs, internal=None):
                             self.attrs = attrs
                             # internal have priority over the given ones via attrs
                             self.internal = internal or ['versions']
                         def __getattr__(self, item):
                             if item in self.internal:
                                 return getattr(self, item)
                             try:
                                 return self.attrs[item]
                             except KeyError:
                                 raise AttributeError(
                                     '%s object has no attribute %s' % (self, item))
                         def __repr__(self):
                             return '<DB:PullRequestDisplay #%s>' % self.attrs.get('pull_request_id')
                         def versions(self):
                             return pull_request_obj.versions.order_by(
                                 PullRequestVersion.pull_request_version_id).all()
                         def is_closed(self):
                             return pull_request_obj.is_closed()
                         @property
                         def pull_request_version_id(self):
                             return getattr(pull_request_obj, 'pull_request_version_id', None)
                     attrs = StrictAttributeDict(pull_request_obj.get_api_data())
                     attrs.author = StrictAttributeDict(
                         pull_request_obj.author.get_api_data())
                     if pull_request_obj.target_repo:
                         attrs.target_repo = StrictAttributeDict(
                             pull_request_obj.target_repo.get_api_data())
                         attrs.target_repo.clone_url = pull_request_obj.target_repo.clone_url
                     if pull_request_obj.source_repo:
                         attrs.source_repo = StrictAttributeDict(
                             pull_request_obj.source_repo.get_api_data())
                         attrs.source_repo.clone_url = pull_request_obj.source_repo.clone_url
                     attrs.source_ref_parts = pull_request_obj.source_ref_parts
                     attrs.target_ref_parts = pull_request_obj.target_ref_parts
                     attrs.revisions = pull_request_obj.revisions
                     attrs.shadow_merge_ref = org_pull_request_obj.shadow_merge_ref
                     attrs.reviewer_data = org_pull_request_obj.reviewer_data
                     attrs.reviewer_data_json = org_pull_request_obj.reviewer_data_json
                     return PullRequestDisplay(attrs, internal=internal_methods)
                 def is_closed(self):
                     return self.status == self.STATUS_CLOSED
                 def __json__(self):
                     return {
                         'revisions': self.revisions,
                     }
                 def calculated_review_status(self):
                     from rhodecode.model.changeset_status import ChangesetStatusModel
                     return ChangesetStatusModel().calculated_review_status(self)
                 def reviewers_statuses(self):
                     from rhodecode.model.changeset_status import ChangesetStatusModel
                     return ChangesetStatusModel().reviewers_statuses(self)
                 @property
                 def workspace_id(self):
                     from rhodecode.model.pull_request import PullRequestModel
                     return PullRequestModel()._workspace_id(self)
                 def get_shadow_repo(self):
                     workspace_id = self.workspace_id
                     vcs_obj = self.target_repo.scm_instance()
                     shadow_repository_path = vcs_obj._get_shadow_repository_path(
                         workspace_id)
                     return vcs_obj._get_shadow_instance(shadow_repository_path)
             class PullRequestVersion(Base, _PullRequestBase):
                 __tablename__ = 'pull_request_versions'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                 )
                 pull_request_version_id = Column(
                     'pull_request_version_id', Integer(), nullable=False, primary_key=True)
                 pull_request_id = Column(
                     'pull_request_id', Integer(),
                     ForeignKey('pull_requests.pull_request_id'), nullable=False)
                 pull_request = relationship('PullRequest')
                 def __repr__(self):
                     if self.pull_request_version_id:
                         return '<DB:PullRequestVersion #%s>' % self.pull_request_version_id
                     else:
                         return '<DB:PullRequestVersion at %#x>' % id(self)
                 @property
                 def reviewers(self):
                     return self.pull_request.reviewers
                 @property
                 def versions(self):
                     return self.pull_request.versions
                 def is_closed(self):
                     # calculate from original
                     return self.pull_request.status == self.STATUS_CLOSED
                 def calculated_review_status(self):
                     return self.pull_request.calculated_review_status()
                 def reviewers_statuses(self):
                     return self.pull_request.reviewers_statuses()
             class PullRequestReviewers(Base, BaseModel):
                 __tablename__ = 'pull_request_reviewers'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                 )
                 @hybrid_property
                 def reasons(self):
                     if not self._reasons:
                         return []
                     return self._reasons
                 @reasons.setter
                 def reasons(self, val):
                     val = val or []
                     if any(not isinstance(x, basestring) for x in val):
                         raise Exception('invalid reasons type, must be list of strings')
                     self._reasons = val
                 pull_requests_reviewers_id = Column(
                     'pull_requests_reviewers_id', Integer(), nullable=False,
                     primary_key=True)
                 pull_request_id = Column(
                     "pull_request_id", Integer(),
                     ForeignKey('pull_requests.pull_request_id'), nullable=False)
                 user_id = Column(
                     "user_id", Integer(), ForeignKey('users.user_id'), nullable=True)
                 _reasons = Column(
                     'reason', MutationList.as_mutable(
                         JsonType('list', dialect_map=dict(mysql=UnicodeText(16384)))))
                 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
                 user = relationship('User')
                 pull_request = relationship('PullRequest')
             class Notification(Base, BaseModel):
                 __tablename__ = 'notifications'
                 __table_args__ = (
                     Index('notification_type_idx', 'type'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                 )
                 TYPE_CHANGESET_COMMENT = u'cs_comment'
                 TYPE_MESSAGE = u'message'
                 TYPE_MENTION = u'mention'
                 TYPE_REGISTRATION = u'registration'
                 TYPE_PULL_REQUEST = u'pull_request'
                 TYPE_PULL_REQUEST_COMMENT = u'pull_request_comment'
                 notification_id = Column('notification_id', Integer(), nullable=False, primary_key=True)
                 subject = Column('subject', Unicode(512), nullable=True)
                 body = Column('body', UnicodeText().with_variant(UnicodeText(50000), 'mysql'), nullable=True)
                 created_by = Column("created_by", Integer(), ForeignKey('users.user_id'), nullable=True)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 type_ = Column('type', Unicode(255))
                 created_by_user = relationship('User')
                 notifications_to_users = relationship('UserNotification', lazy='joined',
                                                       cascade="all, delete, delete-orphan")
                 @property
                 def recipients(self):
                     return [x.user for x in UserNotification.query()\
                             .filter(UserNotification.notification == self)\
                             .order_by(UserNotification.user_id.asc()).all()]
                 @classmethod
                 def create(cls, created_by, subject, body, recipients, type_=None):
                     if type_ is None:
                         type_ = Notification.TYPE_MESSAGE
                     notification = cls()
                     notification.created_by_user = created_by
                     notification.subject = subject
                     notification.body = body
                     notification.type_ = type_
                     notification.created_on = datetime.datetime.now()
                     for u in recipients:
                         assoc = UserNotification()
                         assoc.notification = notification
                         # if created_by is inside recipients mark his notification
                         # as read
                         if u.user_id == created_by.user_id:
                             assoc.read = True
                         u.notifications.append(assoc)
                     Session().add(notification)
                     return notification
             class UserNotification(Base, BaseModel):
                 __tablename__ = 'user_to_notification'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'notification_id'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
                 notification_id = Column("notification_id", Integer(), ForeignKey('notifications.notification_id'), primary_key=True)
                 read = Column('read', Boolean, default=False)
                 sent_on = Column('sent_on', DateTime(timezone=False), nullable=True, unique=None)
                 user = relationship('User', lazy="joined")
                 notification = relationship('Notification', lazy="joined",
                                             order_by=lambda: Notification.created_on.desc(),)
                 def mark_as_read(self):
                     self.read = True
                     Session().add(self)
             class Gist(Base, BaseModel):
                 __tablename__ = 'gists'
                 __table_args__ = (
                     Index('g_gist_access_id_idx', 'gist_access_id'),
                     Index('g_created_on_idx', 'created_on'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 GIST_PUBLIC = u'public'
                 GIST_PRIVATE = u'private'
                 DEFAULT_FILENAME = u'gistfile1.txt'
                 ACL_LEVEL_PUBLIC = u'acl_public'
                 ACL_LEVEL_PRIVATE = u'acl_private'
                 gist_id = Column('gist_id', Integer(), primary_key=True)
                 gist_access_id = Column('gist_access_id', Unicode(250))
                 gist_description = Column('gist_description', UnicodeText().with_variant(UnicodeText(1024), 'mysql'))
                 gist_owner = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=True)
                 gist_expires = Column('gist_expires', Float(53), nullable=False)
                 gist_type = Column('gist_type', Unicode(128), nullable=False)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 acl_level = Column('acl_level', Unicode(128), nullable=True)
                 owner = relationship('User')
                 def __repr__(self):
                     return '<Gist:[%s]%s>' % (self.gist_type, self.gist_access_id)
                 @hybrid_property
                 def description_safe(self):
                     from rhodecode.lib import helpers as h
                     return h.escape(self.gist_description)
                 @classmethod
                 def get_or_404(cls, id_):
                     from pyramid.httpexceptions import HTTPNotFound
                     res = cls.query().filter(cls.gist_access_id == id_).scalar()
                     if not res:
                         raise HTTPNotFound()
                     return res
                 @classmethod
                 def get_by_access_id(cls, gist_access_id):
                     return cls.query().filter(cls.gist_access_id == gist_access_id).scalar()
                 def gist_url(self):
                     from rhodecode.model.gist import GistModel
                     return GistModel().get_url(self)
                 @classmethod
                 def base_path(cls):
                     """
                     Returns base path when all gists are stored
                     :param cls:
                     """
                     from rhodecode.model.gist import GIST_STORE_LOC
                     q = Session().query(RhodeCodeUi)\
                         .filter(RhodeCodeUi.ui_key == URL_SEP)
                     q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
                     return os.path.join(q.one().ui_value, GIST_STORE_LOC)
                 def get_api_data(self):
                     """
                     Common function for generating gist related data for API
                     """
                     gist = self
                     data = {
                         'gist_id': gist.gist_id,
                         'type': gist.gist_type,
                         'access_id': gist.gist_access_id,
                         'description': gist.gist_description,
                         'url': gist.gist_url(),
                         'expires': gist.gist_expires,
                         'created_on': gist.created_on,
                         'modified_at': gist.modified_at,
                         'content': None,
                         'acl_level': gist.acl_level,
                     }
                     return data
                 def __json__(self):
                     data = dict(
                     )
                     data.update(self.get_api_data())
                     return data
                 # SCM functions
                 def scm_instance(self, **kwargs):
                     full_repo_path = os.path.join(self.base_path(), self.gist_access_id)
                     return get_vcs_instance(
                         repo_path=safe_str(full_repo_path), create=False)
             class ExternalIdentity(Base, BaseModel):
                 __tablename__ = 'external_identities'
                 __table_args__ = (
                     Index('local_user_id_idx', 'local_user_id'),
                     Index('external_id_idx', 'external_id'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8'})
                 external_id = Column('external_id', Unicode(255), default=u'',
                                      primary_key=True)
                 external_username = Column('external_username', Unicode(1024), default=u'')
                 local_user_id = Column('local_user_id', Integer(),
                                        ForeignKey('users.user_id'), primary_key=True)
                 provider_name = Column('provider_name', Unicode(255), default=u'',
                                        primary_key=True)
                 access_token = Column('access_token', String(1024), default=u'')
                 alt_token = Column('alt_token', String(1024), default=u'')
                 token_secret = Column('token_secret', String(1024), default=u'')
                 @classmethod
                 def by_external_id_and_provider(cls, external_id, provider_name,
                                                 local_user_id=None):
                     """
                     Returns ExternalIdentity instance based on search params
                     :param external_id:
                     :param provider_name:
                     :return: ExternalIdentity
                     """
                     query = cls.query()
                     query = query.filter(cls.external_id == external_id)
                     query = query.filter(cls.provider_name == provider_name)
                     if local_user_id:
                         query = query.filter(cls.local_user_id == local_user_id)
                     return query.first()
                 @classmethod
                 def user_by_external_id_and_provider(cls, external_id, provider_name):
                     """
                     Returns User instance based on search params
                     :param external_id:
                     :param provider_name:
                     :return: User
                     """
                     query = User.query()
                     query = query.filter(cls.external_id == external_id)
                     query = query.filter(cls.provider_name == provider_name)
                     query = query.filter(User.user_id == cls.local_user_id)
                     return query.first()
                 @classmethod
                 def by_local_user_id(cls, local_user_id):
                     """
                     Returns all tokens for user
                     :param local_user_id:
                     :return: ExternalIdentity
                     """
                     query = cls.query()
                     query = query.filter(cls.local_user_id == local_user_id)
                     return query
             class Integration(Base, BaseModel):
                 __tablename__ = 'integrations'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True}
                 )
                 integration_id = Column('integration_id', Integer(), primary_key=True)
                 integration_type = Column('integration_type', String(255))
                 enabled = Column('enabled', Boolean(), nullable=False)
                 name = Column('name', String(255), nullable=False)
                 child_repos_only = Column('child_repos_only', Boolean(), nullable=False,
                     default=False)
                 settings = Column(
                     'settings_json', MutationObj.as_mutable(
                         JsonType(dialect_map=dict(mysql=UnicodeText(16384)))))
                 repo_id = Column(
                     'repo_id', Integer(), ForeignKey('repositories.repo_id'),
                     nullable=True, unique=None, default=None)
                 repo = relationship('Repository', lazy='joined')
                 repo_group_id = Column(
                     'repo_group_id', Integer(), ForeignKey('groups.group_id'),
                     nullable=True, unique=None, default=None)
                 repo_group = relationship('RepoGroup', lazy='joined')
                 @property
                 def scope(self):
                     if self.repo:
                         return repr(self.repo)
                     if self.repo_group:
                         if self.child_repos_only:
                             return repr(self.repo_group) + ' (child repos only)'
                         else:
                             return repr(self.repo_group) + ' (recursive)'
                     if self.child_repos_only:
                         return 'root_repos'
                     return 'global'
                 def __repr__(self):
                     return '<Integration(%r, %r)>' % (self.integration_type, self.scope)
             class RepoReviewRuleUser(Base, BaseModel):
                 __tablename__ = 'repo_review_rules_users'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
                 )
                 repo_review_rule_user_id = Column('repo_review_rule_user_id', Integer(), primary_key=True)
                 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False)
                 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
                 user = relationship('User')
                 def rule_data(self):
                     return {
                         'mandatory': self.mandatory
                     }
             class RepoReviewRuleUserGroup(Base, BaseModel):
                 __tablename__ = 'repo_review_rules_users_groups'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
                 )
                 repo_review_rule_users_group_id = Column('repo_review_rule_users_group_id', Integer(), primary_key=True)
                 repo_review_rule_id = Column("repo_review_rule_id", Integer(), ForeignKey('repo_review_rules.repo_review_rule_id'))
                 users_group_id = Column("users_group_id", Integer(),ForeignKey('users_groups.users_group_id'), nullable=False)
                 mandatory = Column("mandatory", Boolean(), nullable=False, default=False)
                 users_group = relationship('UserGroup')
                 def rule_data(self):
                     return {
                         'mandatory': self.mandatory
                     }
             class RepoReviewRule(Base, BaseModel):
                 __tablename__ = 'repo_review_rules'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True,}
                 )
                 repo_review_rule_id = Column(
                     'repo_review_rule_id', Integer(), primary_key=True)
                 repo_id = Column(
                     "repo_id", Integer(), ForeignKey('repositories.repo_id'))
                 repo = relationship('Repository', backref='review_rules')
                 _branch_pattern = Column("branch_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*')  # glob
                 _file_pattern = Column("file_pattern", UnicodeText().with_variant(UnicodeText(255), 'mysql'), default=u'*')  # glob
                 use_authors_for_review = Column("use_authors_for_review", Boolean(), nullable=False, default=False)
                 forbid_author_to_review = Column("forbid_author_to_review", Boolean(), nullable=False, default=False)
                 forbid_commit_author_to_review = Column("forbid_commit_author_to_review", Boolean(), nullable=False, default=False)
                 forbid_adding_reviewers = Column("forbid_adding_reviewers", Boolean(), nullable=False, default=False)
                 rule_users = relationship('RepoReviewRuleUser')
                 rule_user_groups = relationship('RepoReviewRuleUserGroup')
                 @hybrid_property
                 def branch_pattern(self):
                     return self._branch_pattern or '*'
                 def _validate_glob(self, value):
                     re.compile('^' + glob2re(value) + '$')
                 @branch_pattern.setter
                 def branch_pattern(self, value):
                     self._validate_glob(value)
                     self._branch_pattern = value or '*'
                 @hybrid_property
                 def file_pattern(self):
                     return self._file_pattern or '*'
                 @file_pattern.setter
                 def file_pattern(self, value):
                     self._validate_glob(value)
                     self._file_pattern = value or '*'
                 def matches(self, branch, files_changed):
                     """
                     Check if this review rule matches a branch/files in a pull request
                     :param branch: branch name for the commit
                     :param files_changed: list of file paths changed in the pull request
                     """
                     branch = branch or ''
                     files_changed = files_changed or []
                     branch_matches = True
                     if branch:
                         branch_regex = re.compile('^' + glob2re(self.branch_pattern) + '$')
                         branch_matches = bool(branch_regex.search(branch))
                     files_matches = True
                     if self.file_pattern != '*':
                         files_matches = False
                         file_regex = re.compile(glob2re(self.file_pattern))
                         for filename in files_changed:
                             if file_regex.search(filename):
                                 files_matches = True
                                 break
                     return branch_matches and files_matches
                 @property
                 def review_users(self):
                     """ Returns the users which this rule applies to """
                     users = collections.OrderedDict()
                     for rule_user in self.rule_users:
                         if rule_user.user.active:
                             if rule_user.user not in users:
                                 users[rule_user.user.username] = {
                                     'user': rule_user.user,
                                     'source': 'user',
                                     'source_data': {},
                                     'data': rule_user.rule_data()
                                 }
                     for rule_user_group in self.rule_user_groups:
                         source_data = {
                             'name': rule_user_group.users_group.users_group_name,
                             'members': len(rule_user_group.users_group.members)
                         }
                         for member in rule_user_group.users_group.members:
                             if member.user.active:
                                 users[member.user.username] = {
                                     'user': member.user,
                                     'source': 'user_group',
                                     'source_data': source_data,
                                     'data': rule_user_group.rule_data()
                                 }
                     return users
                 def __repr__(self):
                     return '<RepoReviewerRule(id=%r, repo=%r)>' % (
                         self.repo_review_rule_id, self.repo)
             class ScheduleEntry(Base, BaseModel):
                 __tablename__ = 'schedule_entries'
                 __table_args__ = (
                     UniqueConstraint('schedule_name', name='s_schedule_name_idx'),
                     UniqueConstraint('task_uid', name='s_task_uid_idx'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                 )
                 schedule_types = ['crontab', 'timedelta', 'integer']
                 schedule_entry_id = Column('schedule_entry_id', Integer(), primary_key=True)
                 schedule_name = Column("schedule_name", String(255), nullable=False, unique=None, default=None)
                 schedule_description = Column("schedule_description", String(10000), nullable=True, unique=None, default=None)
                 schedule_enabled = Column("schedule_enabled", Boolean(), nullable=False, unique=None, default=True)
                 _schedule_type = Column("schedule_type", String(255), nullable=False, unique=None, default=None)
                 schedule_definition = Column('schedule_definition_json', MutationObj.as_mutable(JsonType(default=lambda: "", dialect_map=dict(mysql=LONGTEXT()))))
                 schedule_last_run = Column('schedule_last_run', DateTime(timezone=False), nullable=True, unique=None, default=None)
                 schedule_total_run_count = Column('schedule_total_run_count', Integer(), nullable=True, unique=None, default=0)
                 # task
                 task_uid = Column("task_uid", String(255), nullable=False, unique=None, default=None)
                 task_dot_notation = Column("task_dot_notation", String(4096), nullable=False, unique=None, default=None)
                 task_args = Column('task_args_json', MutationObj.as_mutable(JsonType(default=list, dialect_map=dict(mysql=LONGTEXT()))))
                 task_kwargs = Column('task_kwargs_json', MutationObj.as_mutable(JsonType(default=dict, dialect_map=dict(mysql=LONGTEXT()))))
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=None)
                 @hybrid_property
                 def schedule_type(self):
                     return self._schedule_type
                 @schedule_type.setter
                 def schedule_type(self, val):
                     if val not in self.schedule_types:
                         raise ValueError('Value must be on of `{}` and got `{}`'.format(
                             val, self.schedule_type))
                     self._schedule_type = val
                 @classmethod
                 def get_uid(cls, obj):
                     args = obj.task_args
                     kwargs = obj.task_kwargs
                     if isinstance(args, JsonRaw):
                         try:
                             args = json.loads(args)
                         except ValueError:
                             args = tuple()
                     if isinstance(kwargs, JsonRaw):
                         try:
                             kwargs = json.loads(kwargs)
                         except ValueError:
                             kwargs = dict()
                     dot_notation = obj.task_dot_notation
                     val = '.'.join(map(safe_str, [
                         sorted(dot_notation), args, sorted(kwargs.items())]))
                     return hashlib.sha1(val).hexdigest()
                 @classmethod
                 def get_by_schedule_name(cls, schedule_name):
                     return cls.query().filter(cls.schedule_name == schedule_name).scalar()
                 @classmethod
                 def get_by_schedule_id(cls, schedule_id):
                     return cls.query().filter(cls.schedule_entry_id == schedule_id).scalar()
                 @property
                 def task(self):
                     return self.task_dot_notation
                 @property
                 def schedule(self):
                     from rhodecode.lib.celerylib.utils import raw_2_schedule
                     schedule = raw_2_schedule(self.schedule_definition, self.schedule_type)
                     return schedule
                 @property
                 def args(self):
                     try:
                         return list(self.task_args or [])
                     except ValueError:
                         return list()
                 @property
                 def kwargs(self):
                     try:
                         return dict(self.task_kwargs or {})
                     except ValueError:
                         return dict()
                 def _as_raw(self, val):
                     if hasattr(val, 'de_coerce'):
                         val = val.de_coerce()
                         if val:
                             val = json.dumps(val)
                     return val
                 @property
                 def schedule_definition_raw(self):
                     return self._as_raw(self.schedule_definition)
                 @property
                 def args_raw(self):
                     return self._as_raw(self.task_args)
                 @property
                 def kwargs_raw(self):
                     return self._as_raw(self.task_kwargs)
                 def __repr__(self):
                     return '<DB:ScheduleEntry({}:{})>'.format(
                         self.schedule_entry_id, self.schedule_name)
             @event.listens_for(ScheduleEntry, 'before_update')
             def update_task_uid(mapper, connection, target):
                 target.task_uid = ScheduleEntry.get_uid(target)
             @event.listens_for(ScheduleEntry, 'before_insert')
             def set_task_uid(mapper, connection, target):
                 target.task_uid = ScheduleEntry.get_uid(target)
             class DbMigrateVersion(Base, BaseModel):
                 __tablename__ = 'db_migrate_version'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                 )
                 repository_id = Column('repository_id', String(250), primary_key=True)
                 repository_path = Column('repository_path', Text)
                 version = Column('version', Integer)
             class DbSession(Base, BaseModel):
                 __tablename__ = 'db_session'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8', 'sqlite_autoincrement': True},
                 )
                 def __repr__(self):
                     return '<DB:DbSession({})>'.format(self.id)
                 id = Column('id', Integer())
                 namespace = Column('namespace', String(255), primary_key=True)
                 accessed = Column('accessed', DateTime, nullable=False)
                 created = Column('created', DateTime, nullable=False)
                 data = Column('data', PickleType, nullable=False)

rhodecode/lib/dbmigrate/schema/db_4_3_0_0.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/lib/dbmigrate/schema/db_4_4_0_0.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/lib/dbmigrate/schema/db_4_4_0_1.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/lib/dbmigrate/schema/db_4_4_0_2.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/lib/dbmigrate/schema/db_4_5_0_0.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/lib/dbmigrate/schema/db_4_7_0_0.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/lib/dbmigrate/schema/db_4_7_0_1.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/lib/dbmigrate/schema/db_4_9_0_0.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/lib/middleware/simplesvn.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/lib/middleware/simplevcs.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/lib/rc_cache/__init__.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/lib/rc_cache/utils.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/model/db.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/model/scm.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/model/settings.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/templates/admin/repos/repo_edit_caches.mako

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/lib/test_caches.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/lib/test_libs.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/pylons_plugin.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/tests/vcs_operations/test_vcs_operations.py

0 0 0

	1	NO CONTENT: modified file			NO CONTENT: modified file
The requested commit or file is too big and content was truncated. Show full diff

rhodecode/lib/caches.py

0 removed 0 -188

NO CONTENT: file was removed

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages