# -*- coding: utf-8 -*- # Copyright (C) 2011-2017 RhodeCode GmbH # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU Affero General Public License, version 3 # (only), as published by the Free Software Foundation. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. # # This program is dual-licensed. If you wish to learn more about the # RhodeCode Enterprise Edition, including its added features, Support services, # and proprietary license terms, please see https://rhodecode.com/licenses/ import logging import time import rhodecode from rhodecode.api import ( jsonrpc_method, JSONRPCError, JSONRPCForbidden, JSONRPCValidationError) from rhodecode.api.utils import ( has_superadmin_permission, Optional, OAttr, get_repo_or_error, get_user_group_or_error, get_user_or_error, validate_repo_permissions, get_perm_or_error, parse_args, get_origin, build_commit_data, validate_set_owner_permissions) from rhodecode.lib import audit_logger from rhodecode.lib import repo_maintenance from rhodecode.lib.auth import HasPermissionAnyApi, HasUserGroupPermissionAnyApi from rhodecode.lib.utils2 import str2bool, time_to_datetime from rhodecode.lib.ext_json import json from rhodecode.lib.exceptions import StatusChangeOnClosedPullRequestError from rhodecode.model.changeset_status import ChangesetStatusModel from rhodecode.model.comment import CommentsModel from rhodecode.model.db import ( Session, ChangesetStatus, RepositoryField, Repository, RepoGroup, ChangesetComment) from rhodecode.model.repo import RepoModel from rhodecode.model.scm import ScmModel, RepoList from rhodecode.model.settings import SettingsModel, VcsSettingsModel from rhodecode.model import validation_schema from rhodecode.model.validation_schema.schemas import repo_schema log = logging.getLogger(__name__) @jsonrpc_method() def get_repo(request, apiuser, repoid, cache=Optional(True)): """ Gets an existing repository by its name or repository_id. The members section so the output returns users groups or users associated with that repository. This command can only be run using an |authtoken| with admin rights, or users with at least read rights to the |repo|. :param apiuser: This is filled automatically from the |authtoken|. :type apiuser: AuthUser :param repoid: The repository name or repository id. :type repoid: str or int :param cache: use the cached value for last changeset :type: cache: Optional(bool) Example output: .. code-block:: bash { "error": null, "id": <repo_id>, "result": { "clone_uri": null, "created_on": "timestamp", "description": "repo description", "enable_downloads": false, "enable_locking": false, "enable_statistics": false, "followers": [ { "active": true, "admin": false, "api_key": "****************************************", "api_keys": [ "****************************************" ], "email": "user@example.com", "emails": [ "user@example.com" ], "extern_name": "rhodecode", "extern_type": "rhodecode", "firstname": "username", "ip_addresses": [], "language": null, "last_login": "2015-09-16T17:16:35.854", "lastname": "surname", "user_id": <user_id>, "username": "name" } ], "fork_of": "parent-repo", "landing_rev": [ "rev", "tip" ], "last_changeset": { "author": "User <user@example.com>", "branch": "default", "date": "timestamp", "message": "last commit message", "parents": [ { "raw_id": "commit-id" } ], "raw_id": "commit-id", "revision": <revision number>, "short_id": "short id" }, "lock_reason": null, "locked_by": null, "locked_date": null, "members": [ { "name": "super-admin-name", "origin": "super-admin", "permission": "repository.admin", "type": "user" }, { "name": "owner-name", "origin": "owner", "permission": "repository.admin", "type": "user" }, { "name": "user-group-name", "origin": "permission", "permission": "repository.write", "type": "user_group" } ], "owner": "owner-name", "permissions": [ { "name": "super-admin-name", "origin": "super-admin", "permission": "repository.admin", "type": "user" }, { "name": "owner-name", "origin": "owner", "permission": "repository.admin", "type": "user" }, { "name": "user-group-name", "origin": "permission", "permission": "repository.write", "type": "user_group" } ], "private": true, "repo_id": 676, "repo_name": "user-group/repo-name", "repo_type": "hg" } } """ repo = get_repo_or_error(repoid) cache = Optional.extract(cache) include_secrets = False if has_superadmin_permission(apiuser): include_secrets = True else: # check if we have at least read permission for this repo ! _perms = ( 'repository.admin', 'repository.write', 'repository.read',) validate_repo_permissions(apiuser, repoid, repo, _perms) permissions = [] for _user in repo.permissions(): user_data = { 'name': _user.username, 'permission': _user.permission, 'origin': get_origin(_user), 'type': "user", } permissions.append(user_data) for _user_group in repo.permission_user_groups(): user_group_data = { 'name': _user_group.users_group_name, 'permission': _user_group.permission, 'origin': get_origin(_user_group), 'type': "user_group", } permissions.append(user_group_data) following_users = [ user.user.get_api_data(include_secrets=include_secrets) for user in repo.followers] if not cache: repo.update_commit_cache() data = repo.get_api_data(include_secrets=include_secrets) data['members'] = permissions # TODO: this should be deprecated soon data['permissions'] = permissions data['followers'] = following_users return data @jsonrpc_method() def get_repos(request, apiuser, root=Optional(None), traverse=Optional(True)): """ Lists all existing repositories. This command can only be run using an |authtoken| with admin rights, or users with at least read rights to |repos|. :param apiuser: This is filled automatically from the |authtoken|. :type apiuser: AuthUser :param root: specify root repository group to fetch repositories. filters the returned repositories to be members of given root group. :type root: Optional(None) :param traverse: traverse given root into subrepositories. With this flag set to False, it will only return top-level repositories from `root`. if root is empty it will return just top-level repositories. :type traverse: Optional(True) Example output: .. code-block:: bash id : <id_given_in_input> result: [ { "repo_id" : "<repo_id>", "repo_name" : "<reponame>" "repo_type" : "<repo_type>", "clone_uri" : "<clone_uri>", "private": : "<bool>", "created_on" : "<datetimecreated>", "description" : "<description>", "landing_rev": "<landing_rev>", "owner": "<repo_owner>", "fork_of": "<name_of_fork_parent>", "enable_downloads": "<bool>", "enable_locking": "<bool>", "enable_statistics": "<bool>", }, ... ] error: null """ include_secrets = has_superadmin_permission(apiuser) _perms = ('repository.read', 'repository.write', 'repository.admin',) extras = {'user': apiuser} root = Optional.extract(root) traverse = Optional.extract(traverse, binary=True) if root: # verify parent existance, if it's empty return an error parent = RepoGroup.get_by_group_name(root) if not parent: raise JSONRPCError( 'Root repository group `{}` does not exist'.format(root)) if traverse: repos = RepoModel().get_repos_for_root(root=root, traverse=traverse) else: repos = RepoModel().get_repos_for_root(root=parent) else: if traverse: repos = RepoModel().get_all() else: # return just top-level repos = RepoModel().get_repos_for_root(root=None) repo_list = RepoList(repos, perm_set=_perms, extra_kwargs=extras) return [repo.get_api_data(include_secrets=include_secrets) for repo in repo_list] @jsonrpc_method() def get_repo_changeset(request, apiuser, repoid, revision, details=Optional('basic')): """ Returns information about a changeset. Additionally parameters define the amount of details returned by this function. This command can only be run using an |authtoken| with admin rights, or users with at least read rights to the |repo|. :param apiuser: This is filled automatically from the |authtoken|. :type apiuser: AuthUser :param repoid: The repository name or repository id :type repoid: str or int :param revision: revision for which listing should be done :type revision: str :param details: details can be 'basic|extended|full' full gives diff info details like the diff itself, and number of changed files etc. :type details: Optional(str) """ repo = get_repo_or_error(repoid) if not has_superadmin_permission(apiuser): _perms = ( 'repository.admin', 'repository.write', 'repository.read',) validate_repo_permissions(apiuser, repoid, repo, _perms) changes_details = Optional.extract(details) _changes_details_types = ['basic', 'extended', 'full'] if changes_details not in _changes_details_types: raise JSONRPCError( 'ret_type must be one of %s' % ( ','.join(_changes_details_types))) pre_load = ['author', 'branch', 'date', 'message', 'parents', 'status', '_commit', '_file_paths'] try: cs = repo.get_commit(commit_id=revision, pre_load=pre_load) except TypeError as e: raise JSONRPCError(e.message) _cs_json = cs.__json__() _cs_json['diff'] = build_commit_data(cs, changes_details) if changes_details == 'full': _cs_json['refs'] = { 'branches': [cs.branch], 'bookmarks': getattr(cs, 'bookmarks', []), 'tags': cs.tags } return _cs_json @jsonrpc_method() def get_repo_changesets(request, apiuser, repoid, start_rev, limit, details=Optional('basic')): """ Returns a set of commits limited by the number starting from the `start_rev` option. Additional parameters define the amount of details returned by this function. This command can only be run using an |authtoken| with admin rights, or users with at least read rights to |repos|. :param apiuser: This is filled automatically from the |authtoken|. :type apiuser: AuthUser :param repoid: The repository name or repository ID. :type repoid: str or int :param start_rev: The starting revision from where to get changesets. :type start_rev: str :param limit: Limit the number of commits to this amount :type limit: str or int :param details: Set the level of detail returned. Valid option are: ``basic``, ``extended`` and ``full``. :type details: Optional(str) .. note:: Setting the parameter `details` to the value ``full`` is extensive and returns details like the diff itself, and the number of changed files. """ repo = get_repo_or_error(repoid) if not has_superadmin_permission(apiuser): _perms = ( 'repository.admin', 'repository.write', 'repository.read',) validate_repo_permissions(apiuser, repoid, repo, _perms) changes_details = Optional.extract(details) _changes_details_types = ['basic', 'extended', 'full'] if changes_details not in _changes_details_types: raise JSONRPCError( 'ret_type must be one of %s' % ( ','.join(_changes_details_types))) limit = int(limit) pre_load = ['author', 'branch', 'date', 'message', 'parents', 'status', '_commit', '_file_paths'] vcs_repo = repo.scm_instance() # SVN needs a special case to distinguish its index and commit id if vcs_repo and vcs_repo.alias == 'svn' and (start_rev == '0'): start_rev = vcs_repo.commit_ids[0] try: commits = vcs_repo.get_commits( start_id=start_rev, pre_load=pre_load) except TypeError as e: raise JSONRPCError(e.message) except Exception: log.exception('Fetching of commits failed') raise JSONRPCError('Error occurred during commit fetching') ret = [] for cnt, commit in enumerate(commits): if cnt >= limit != -1: break _cs_json = commit.__json__() _cs_json['diff'] = build_commit_data(commit, changes_details) if changes_details == 'full': _cs_json['refs'] = { 'branches': [commit.branch], 'bookmarks': getattr(commit, 'bookmarks', []), 'tags': commit.tags } ret.append(_cs_json) return ret @jsonrpc_method() def get_repo_nodes(request, apiuser, repoid, revision, root_path, ret_type=Optional('all'), details=Optional('basic'), max_file_bytes=Optional(None)): """ Returns a list of nodes and children in a flat list for a given path at given revision. It's possible to specify ret_type to show only `files` or `dirs`. This command can only be run using an |authtoken| with admin rights, or users with at least read rights to |repos|. :param apiuser: This is filled automatically from the |authtoken|. :type apiuser: AuthUser :param repoid: The repository name or repository ID. :type repoid: str or int :param revision: The revision for which listing should be done. :type revision: str :param root_path: The path from which to start displaying. :type root_path: str :param ret_type: Set the return type. Valid options are ``all`` (default), ``files`` and ``dirs``. :type ret_type: Optional(str) :param details: Returns extended information about nodes, such as md5, binary, and or content. The valid options are ``basic`` and ``full``. :type details: Optional(str) :param max_file_bytes: Only return file content under this file size bytes :type details: Optional(int) Example output: .. code-block:: bash id : <id_given_in_input> result: [ { "name" : "<name>" "type" : "<type>", "binary": "<true|false>" (only in extended mode) "md5" : "<md5 of file content>" (only in extended mode) }, ... ] error: null """ repo = get_repo_or_error(repoid) if not has_superadmin_permission(apiuser): _perms = ( 'repository.admin', 'repository.write', 'repository.read',) validate_repo_permissions(apiuser, repoid, repo, _perms) ret_type = Optional.extract(ret_type) details = Optional.extract(details) _extended_types = ['basic', 'full'] if details not in _extended_types: raise JSONRPCError( 'ret_type must be one of %s' % (','.join(_extended_types))) extended_info = False content = False if details == 'basic': extended_info = True if details == 'full': extended_info = content = True _map = {} try: # check if repo is not empty by any chance, skip quicker if it is. _scm = repo.scm_instance() if _scm.is_empty(): return [] _d, _f = ScmModel().get_nodes( repo, revision, root_path, flat=False, extended_info=extended_info, content=content, max_file_bytes=max_file_bytes) _map = { 'all': _d + _f, 'files': _f, 'dirs': _d, } return _map[ret_type] except KeyError: raise JSONRPCError( 'ret_type must be one of %s' % (','.join(sorted(_map.keys())))) except Exception: log.exception("Exception occurred while trying to get repo nodes") raise JSONRPCError( 'failed to get repo: `%s` nodes' % repo.repo_name ) @jsonrpc_method() def get_repo_refs(request, apiuser, repoid): """ Returns a dictionary of current references. It returns bookmarks, branches, closed_branches, and tags for given repository It's possible to specify ret_type to show only `files` or `dirs`. This command can only be run using an |authtoken| with admin rights, or users with at least read rights to |repos|. :param apiuser: This is filled automatically from the |authtoken|. :type apiuser: AuthUser :param repoid: The repository name or repository ID. :type repoid: str or int Example output: .. code-block:: bash id : <id_given_in_input> "result": { "bookmarks": { "dev": "5611d30200f4040ba2ab4f3d64e5b06408a02188", "master": "367f590445081d8ec8c2ea0456e73ae1f1c3d6cf" }, "branches": { "default": "5611d30200f4040ba2ab4f3d64e5b06408a02188", "stable": "367f590445081d8ec8c2ea0456e73ae1f1c3d6cf" }, "branches_closed": {}, "tags": { "tip": "5611d30200f4040ba2ab4f3d64e5b06408a02188", "v4.4.0": "1232313f9e6adac5ce5399c2a891dc1e72b79022", "v4.4.1": "cbb9f1d329ae5768379cdec55a62ebdd546c4e27", "v4.4.2": "24ffe44a27fcd1c5b6936144e176b9f6dd2f3a17", } } error: null """ repo = get_repo_or_error(repoid) if not has_superadmin_permission(apiuser): _perms = ('repository.admin', 'repository.write', 'repository.read',) validate_repo_permissions(apiuser, repoid, repo, _perms) try: # check if repo is not empty by any chance, skip quicker if it is. vcs_instance = repo.scm_instance() refs = vcs_instance.refs() return refs except Exception: log.exception("Exception occurred while trying to get repo refs") raise JSONRPCError( 'failed to get repo: `%s` references' % repo.repo_name ) @jsonrpc_method() def create_repo( request, apiuser, repo_name, repo_type, owner=Optional(OAttr('apiuser')), description=Optional(''), private=Optional(False), clone_uri=Optional(None), landing_rev=Optional('rev:tip'), enable_statistics=Optional(False), enable_locking=Optional(False), enable_downloads=Optional(False), copy_permissions=Optional(False)): """ Creates a repository. * If the repository name contains "/", repository will be created inside a repository group or nested repository groups For example "foo/bar/repo1" will create |repo| called "repo1" inside group "foo/bar". You have to have permissions to access and write to the last repository group ("bar" in this example) This command can only be run using an |authtoken| with at least permissions to create repositories, or write permissions to parent repository groups. :param apiuser: This is filled automatically from the |authtoken|. :type apiuser: AuthUser :param repo_name: Set the repository name. :type repo_name: str :param repo_type: Set the repository type; 'hg','git', or 'svn'. :type repo_type: str :param owner: user_id or username :type owner: Optional(str) :param description: Set the repository description. :type description: Optional(str) :param private: set repository as private :type private: bool :param clone_uri: set clone_uri :type clone_uri: str :param landing_rev: <rev_type>:<rev> :type landing_rev: str :param enable_locking: :type enable_locking: bool :param enable_downloads: :type enable_downloads: bool :param enable_statistics: :type enable_statistics: bool :param copy_permissions: Copy permission from group in which the repository is being created. :type copy_permissions: bool Example output: .. code-block:: bash id : <id_given_in_input> result: { "msg": "Created new repository `<reponame>`", "success": true, "task": "<celery task id or None if done sync>" } error: null Example error output: .. code-block:: bash id : <id_given_in_input> result : null error : { 'failed to create repository `<repo_name>`' } """ owner = validate_set_owner_permissions(apiuser, owner) description = Optional.extract(description) copy_permissions = Optional.extract(copy_permissions) clone_uri = Optional.extract(clone_uri) landing_commit_ref = Optional.extract(landing_rev) defs = SettingsModel().get_default_repo_settings(strip_prefix=True) if isinstance(private, Optional): private = defs.get('repo_private') or Optional.extract(private) if isinstance(repo_type, Optional): repo_type = defs.get('repo_type') if isinstance(enable_statistics, Optional): enable_statistics = defs.get('repo_enable_statistics') if isinstance(enable_locking, Optional): enable_locking = defs.get('repo_enable_locking') if isinstance(enable_downloads, Optional): enable_downloads = defs.get('repo_enable_downloads') schema = repo_schema.RepoSchema().bind( repo_type_options=rhodecode.BACKENDS.keys(), # user caller user=apiuser) try: schema_data = schema.deserialize(dict( repo_name=repo_name, repo_type=repo_type, repo_owner=owner.username, repo_description=description, repo_landing_commit_ref=landing_commit_ref, repo_clone_uri=clone_uri, repo_private=private, repo_copy_permissions=copy_permissions, repo_enable_statistics=enable_statistics, repo_enable_downloads=enable_downloads, repo_enable_locking=enable_locking)) except validation_schema.Invalid as err: raise JSONRPCValidationError(colander_exc=err) try: data = { 'owner': owner, 'repo_name': schema_data['repo_group']['repo_name_without_group'], 'repo_name_full': schema_data['repo_name'], 'repo_group': schema_data['repo_group']['repo_group_id'], 'repo_type': schema_data['repo_type'], 'repo_description': schema_data['repo_description'], 'repo_private': schema_data['repo_private'], 'clone_uri': schema_data['repo_clone_uri'], 'repo_landing_rev': schema_data['repo_landing_commit_ref'], 'enable_statistics': schema_data['repo_enable_statistics'], 'enable_locking': schema_data['repo_enable_locking'], 'enable_downloads': schema_data['repo_enable_downloads'], 'repo_copy_permissions': schema_data['repo_copy_permissions'], } task = RepoModel().create(form_data=data, cur_user=owner) from celery.result import BaseAsyncResult task_id = None if isinstance(task, BaseAsyncResult): task_id = task.task_id # no commit, it's done in RepoModel, or async via celery return { 'msg': "Created new repository `%s`" % (schema_data['repo_name'],), 'success': True, # cannot return the repo data here since fork # can be done async 'task': task_id } except Exception: log.exception( u"Exception while trying to create the repository %s", schema_data['repo_name']) raise JSONRPCError( 'failed to create repository `%s`' % (schema_data['repo_name'],)) @jsonrpc_method() def add_field_to_repo(request, apiuser, repoid, key, label=Optional(''), description=Optional('')): """ Adds an extra field to a repository. This command can only be run using an |authtoken| with at least write permissions to the |repo|. :param apiuser: This is filled automatically from the |authtoken|. :type apiuser: AuthUser :param repoid: Set the repository name or repository id. :type repoid: str or int :param key: Create a unique field key for this repository. :type key: str :param label: :type label: Optional(str) :param description: :type description: Optional(str) """ repo = get_repo_or_error(repoid) if not has_superadmin_permission(apiuser): _perms = ('repository.admin',) validate_repo_permissions(apiuser, repoid, repo, _perms) label = Optional.extract(label) or key description = Optional.extract(description) field = RepositoryField.get_by_key_name(key, repo) if field: raise JSONRPCError('Field with key ' '`%s` exists for repo `%s`' % (key, repoid)) try: RepoModel().add_repo_field(repo, key, field_label=label, field_desc=description) Session().commit() return { 'msg': "Added new repository field `%s`" % (key,), 'success': True, } except Exception: log.exception("Exception occurred while trying to add field to repo") raise JSONRPCError( 'failed to create new field for repository `%s`' % (repoid,)) @jsonrpc_method() def remove_field_from_repo(request, apiuser, repoid, key): """ Removes an extra field from a repository. This command can only be run using an |authtoken| with at least write permissions to the |repo|. :param apiuser: This is filled automatically from the |authtoken|. :type apiuser: AuthUser :param repoid: Set the repository name or repository ID. :type repoid: str or int :param key: Set the unique field key for this repository. :type key: str """ repo = get_repo_or_error(repoid) if not has_superadmin_permission(apiuser): _perms = ('repository.admin',) validate_repo_permissions(apiuser, repoid, repo, _perms) field = RepositoryField.get_by_key_name(key, repo) if not field: raise JSONRPCError('Field with key `%s` does not ' 'exists for repo `%s`' % (key, repoid)) try: RepoModel().delete_repo_field(repo, field_key=key) Session().commit() return { 'msg': "Deleted repository field `%s`" % (key,), 'success': True, } except Exception: log.exception( "Exception occurred while trying to delete field from repo") raise JSONRPCError( 'failed to delete field for repository `%s`' % (repoid,)) @jsonrpc_method() def update_repo( request, apiuser, repoid, repo_name=Optional(None), owner=Optional(OAttr('apiuser')), description=Optional(''), private=Optional(False), clone_uri=Optional(None), landing_rev=Optional('rev:tip'), fork_of=Optional(None), enable_statistics=Optional(False), enable_locking=Optional(False), enable_downloads=Optional(False), fields=Optional('')): """ Updates a repository with the given information. This command can only be run using an |authtoken| with at least admin permissions to the |repo|. * If the repository name contains "/", repository will be updated accordingly with a repository group or nested repository groups For example repoid=repo-test name="foo/bar/repo-test" will update |repo| called "repo-test" and place it inside group "foo/bar". You have to have permissions to access and write to the last repository group ("bar" in this example) :param apiuser: This is filled automatically from the |authtoken|. :type apiuser: AuthUser :param repoid: repository name or repository ID. :type repoid: str or int :param repo_name: Update the |repo| name, including the repository group it's in. :type repo_name: str :param owner: Set the |repo| owner. :type owner: str :param fork_of: Set the |repo| as fork of another |repo|. :type fork_of: str :param description: Update the |repo| description. :type description: str :param private: Set the |repo| as private. (True | False) :type private: bool :param clone_uri: Update the |repo| clone URI. :type clone_uri: str :param landing_rev: Set the |repo| landing revision. Default is ``rev:tip``. :type landing_rev: str :param enable_statistics: Enable statistics on the |repo|, (True | False). :type enable_statistics: bool :param enable_locking: Enable |repo| locking. :type enable_locking: bool :param enable_downloads: Enable downloads from the |repo|, (True | False). :type enable_downloads: bool :param fields: Add extra fields to the |repo|. Use the following example format: ``field_key=field_val,field_key2=fieldval2``. Escape ', ' with \, :type fields: str """ repo = get_repo_or_error(repoid) include_secrets = False if not has_superadmin_permission(apiuser): validate_repo_permissions(apiuser, repoid, repo, ('repository.admin',)) else: include_secrets = True updates = dict( repo_name=repo_name if not isinstance(repo_name, Optional) else repo.repo_name, fork_id=fork_of if not isinstance(fork_of, Optional) else repo.fork.repo_name if repo.fork else None, user=owner if not isinstance(owner, Optional) else repo.user.username, repo_description=description if not isinstance(description, Optional) else repo.description, repo_private=private if not isinstance(private, Optional) else repo.private, clone_uri=clone_uri if not isinstance(clone_uri, Optional) else repo.clone_uri, repo_landing_rev=landing_rev if not isinstance(landing_rev, Optional) else repo._landing_revision, repo_enable_statistics=enable_statistics if not isinstance(enable_statistics, Optional) else repo.enable_statistics, repo_enable_locking=enable_locking if not isinstance(enable_locking, Optional) else repo.enable_locking, repo_enable_downloads=enable_downloads if not isinstance(enable_downloads, Optional) else repo.enable_downloads) ref_choices, _labels = ScmModel().get_repo_landing_revs(repo=repo) schema = repo_schema.RepoSchema().bind( repo_type_options=rhodecode.BACKENDS.keys(), repo_ref_options=ref_choices, # user caller user=apiuser, old_values=repo.get_api_data()) try: schema_data = schema.deserialize(dict( # we save old value, users cannot change type repo_type=repo.repo_type, repo_name=updates['repo_name'], repo_owner=updates['user'], repo_description=updates['repo_description'], repo_clone_uri=updates['clone_uri'], repo_fork_of=updates['fork_id'], repo_private=updates['repo_private'], repo_landing_commit_ref=updates['repo_landing_rev'], repo_enable_statistics=updates['repo_enable_statistics'], repo_enable_downloads=updates['repo_enable_downloads'], repo_enable_locking=updates['repo_enable_locking'])) except validation_schema.Invalid as err: raise JSONRPCValidationError(colander_exc=err) # save validated data back into the updates dict validated_updates = dict( repo_name=schema_data['repo_group']['repo_name_without_group'], repo_group=schema_data['repo_group']['repo_group_id'], user=schema_data['repo_owner'], repo_description=schema_data['repo_description'], repo_private=schema_data['repo_private'], clone_uri=schema_data['repo_clone_uri'], repo_landing_rev=schema_data['repo_landing_commit_ref'], repo_enable_statistics=schema_data['repo_enable_statistics'], repo_enable_locking=schema_data['repo_enable_locking'], repo_enable_downloads=schema_data['repo_enable_downloads'], ) if schema_data['repo_fork_of']: fork_repo = get_repo_or_error(schema_data['repo_fork_of']) validated_updates['fork_id'] = fork_repo.repo_id # extra fields fields = parse_args(Optional.extract(fields), key_prefix='ex_') if fields: validated_updates.update(fields) try: RepoModel().update(repo, **validated_updates) Session().commit() return { 'msg': 'updated repo ID:%s %s' % (repo.repo_id, repo.repo_name), 'repository': repo.get_api_data(include_secrets=include_secrets) } except Exception: log.exception( u"Exception while trying to update the repository %s", repoid) raise JSONRPCError('failed to update repo `%s`' % repoid) @jsonrpc_method() def fork_repo(request, apiuser, repoid, fork_name, owner=Optional(OAttr('apiuser')), description=Optional(''), private=Optional(False), clone_uri=Optional(None), landing_rev=Optional('rev:tip'), copy_permissions=Optional(False)): """ Creates a fork of the specified |repo|. * If the fork_name contains "/", fork will be created inside a repository group or nested repository groups For example "foo/bar/fork-repo" will create fork called "fork-repo" inside group "foo/bar". You have to have permissions to access and write to the last repository group ("bar" in this example) This command can only be run using an |authtoken| with minimum read permissions of the forked repo, create fork permissions for an user. :param apiuser: This is filled automatically from the |authtoken|. :type apiuser: AuthUser :param repoid: Set repository name or repository ID. :type repoid: str or int :param fork_name: Set the fork name, including it's repository group membership. :type fork_name: str :param owner: Set the fork owner. :type owner: str :param description: Set the fork description. :type description: str :param copy_permissions: Copy permissions from parent |repo|. The default is False. :type copy_permissions: bool :param private: Make the fork private. The default is False. :type private: bool :param landing_rev: Set the landing revision. The default is tip. Example output: .. code-block:: bash id : <id_for_response> api_key : "<api_key>" args: { "repoid" : "<reponame or repo_id>", "fork_name": "<forkname>", "owner": "<username or user_id = Optional(=apiuser)>", "description": "<description>", "copy_permissions": "<bool>", "private": "<bool>", "landing_rev": "<landing_rev>" } Example error output: .. code-block:: bash id : <id_given_in_input> result: { "msg": "Created fork of `<reponame>` as `<forkname>`", "success": true, "task": "<celery task id or None if done sync>" } error: null """ repo = get_repo_or_error(repoid) repo_name = repo.repo_name if not has_superadmin_permission(apiuser): # check if we have at least read permission for # this repo that we fork ! _perms = ( 'repository.admin', 'repository.write', 'repository.read') validate_repo_permissions(apiuser, repoid, repo, _perms) # check if the regular user has at least fork permissions as well if not HasPermissionAnyApi('hg.fork.repository')(user=apiuser): raise JSONRPCForbidden() # check if user can set owner parameter owner = validate_set_owner_permissions(apiuser, owner) description = Optional.extract(description) copy_permissions = Optional.extract(copy_permissions) clone_uri = Optional.extract(clone_uri) landing_commit_ref = Optional.extract(landing_rev) private = Optional.extract(private) schema = repo_schema.RepoSchema().bind( repo_type_options=rhodecode.BACKENDS.keys(), # user caller user=apiuser) try: schema_data = schema.deserialize(dict( repo_name=fork_name, repo_type=repo.repo_type, repo_owner=owner.username, repo_description=description, repo_landing_commit_ref=landing_commit_ref, repo_clone_uri=clone_uri, repo_private=private, repo_copy_permissions=copy_permissions)) except validation_schema.Invalid as err: raise JSONRPCValidationError(colander_exc=err) try: data = { 'fork_parent_id': repo.repo_id, 'repo_name': schema_data['repo_group']['repo_name_without_group'], 'repo_name_full': schema_data['repo_name'], 'repo_group': schema_data['repo_group']['repo_group_id'], 'repo_type': schema_data['repo_type'], 'description': schema_data['repo_description'], 'private': schema_data['repo_private'], 'copy_permissions': schema_data['repo_copy_permissions'], 'landing_rev': schema_data['repo_landing_commit_ref'], } task = RepoModel().create_fork(data, cur_user=owner) # no commit, it's done in RepoModel, or async via celery from celery.result import BaseAsyncResult task_id = None if isinstance(task, BaseAsyncResult): task_id = task.task_id return { 'msg': 'Created fork of `%s` as `%s`' % ( repo.repo_name, schema_data['repo_name']), 'success': True, # cannot return the repo data here since fork # can be done async 'task': task_id } except Exception: log.exception( u"Exception while trying to create fork %s", schema_data['repo_name']) raise JSONRPCError( 'failed to fork repository `%s` as `%s`' % ( repo_name, schema_data['repo_name'])) @jsonrpc_method() def delete_repo(request, apiuser, repoid, forks=Optional('')): """ Deletes a repository. * When the `forks` parameter is set it's possible to detach or delete forks of deleted repository. This command can only be run using an |authtoken| with admin permissions on the |repo|. :param apiuser: This is filled automatically from the |authtoken|. :type apiuser: AuthUser :param repoid: Set the repository name or repository ID. :type repoid: str or int :param forks: Set to `detach` or `delete` forks from the |repo|. :type forks: Optional(str) Example error output: .. code-block:: bash id : <id_given_in_input> result: { "msg": "Deleted repository `<reponame>`", "success": true } error: null """ repo = get_repo_or_error(repoid) repo_name = repo.repo_name if not has_superadmin_permission(apiuser): _perms = ('repository.admin',) validate_repo_permissions(apiuser, repoid, repo, _perms) try: handle_forks = Optional.extract(forks) _forks_msg = '' _forks = [f for f in repo.forks] if handle_forks == 'detach': _forks_msg = ' ' + 'Detached %s forks' % len(_forks) elif handle_forks == 'delete': _forks_msg = ' ' + 'Deleted %s forks' % len(_forks) elif _forks: raise JSONRPCError( 'Cannot delete `%s` it still contains attached forks' % (repo.repo_name,) ) repo_data = repo.get_api_data() RepoModel().delete(repo, forks=forks) repo = audit_logger.RepoWrap(repo_id=None, repo_name=repo.repo_name) audit_logger.store_api( action='repo.delete', action_data={'data': repo_data}, user=apiuser, repo=repo) ScmModel().mark_for_invalidation(repo_name, delete=True) Session().commit() return { 'msg': 'Deleted repository `%s`%s' % (repo_name, _forks_msg), 'success': True } except Exception: log.exception("Exception occurred while trying to delete repo") raise JSONRPCError( 'failed to delete repository `%s`' % (repo_name,) ) #TODO: marcink, change name ? @jsonrpc_method() def invalidate_cache(request, apiuser, repoid, delete_keys=Optional(False)): """ Invalidates the cache for the specified repository. This command can only be run using an |authtoken| with admin rights to the specified repository. This command takes the following options: :param apiuser: This is filled automatically from |authtoken|. :type apiuser: AuthUser :param repoid: Sets the repository name or repository ID. :type repoid: str or int :param delete_keys: This deletes the invalidated keys instead of just flagging them. :type delete_keys: Optional(``True`` | ``False``) Example output: .. code-block:: bash id : <id_given_in_input> result : { 'msg': Cache for repository `<repository name>` was invalidated, 'repository': <repository name> } error : null Example error output: .. code-block:: bash id : <id_given_in_input> result : null error : { 'Error occurred during cache invalidation action' } """ repo = get_repo_or_error(repoid) if not has_superadmin_permission(apiuser): _perms = ('repository.admin', 'repository.write',) validate_repo_permissions(apiuser, repoid, repo, _perms) delete = Optional.extract(delete_keys) try: ScmModel().mark_for_invalidation(repo.repo_name, delete=delete) return { 'msg': 'Cache for repository `%s` was invalidated' % (repoid,), 'repository': repo.repo_name } except Exception: log.exception( "Exception occurred while trying to invalidate repo cache") raise JSONRPCError( 'Error occurred during cache invalidation action' ) #TODO: marcink, change name ? @jsonrpc_method() def lock(request, apiuser, repoid, locked=Optional(None), userid=Optional(OAttr('apiuser'))): """ Sets the lock state of the specified |repo| by the given user. From more information, see :ref:`repo-locking`. * If the ``userid`` option is not set, the repository is locked to the user who called the method. * If the ``locked`` parameter is not set, the current lock state of the repository is displayed. This command can only be run using an |authtoken| with admin rights to the specified repository. This command takes the following options: :param apiuser: This is filled automatically from the |authtoken|. :type apiuser: AuthUser :param repoid: Sets the repository name or repository ID. :type repoid: str or int :param locked: Sets the lock state. :type locked: Optional(``True`` | ``False``) :param userid: Set the repository lock to this user. :type userid: Optional(str or int) Example error output: .. code-block:: bash id : <id_given_in_input> result : { 'repo': '<reponame>', 'locked': <bool: lock state>, 'locked_since': <int: lock timestamp>, 'locked_by': <username of person who made the lock>, 'lock_reason': <str: reason for locking>, 'lock_state_changed': <bool: True if lock state has been changed in this request>, 'msg': 'Repo `<reponame>` locked by `<username>` on <timestamp>.' or 'msg': 'Repo `<repository name>` not locked.' or 'msg': 'User `<user name>` set lock state for repo `<repository name>` to `<new lock state>`' } error : null Example error output: .. code-block:: bash id : <id_given_in_input> result : null error : { 'Error occurred locking repository `<reponame>`' } """ repo = get_repo_or_error(repoid) if not has_superadmin_permission(apiuser): # check if we have at least write permission for this repo ! _perms = ('repository.admin', 'repository.write',) validate_repo_permissions(apiuser, repoid, repo, _perms) # make sure normal user does not pass someone else userid, # he is not allowed to do that if not isinstance(userid, Optional) and userid != apiuser.user_id: raise JSONRPCError('userid is not the same as your user') if isinstance(userid, Optional): userid = apiuser.user_id user = get_user_or_error(userid) if isinstance(locked, Optional): lockobj = repo.locked if lockobj[0] is None: _d = { 'repo': repo.repo_name, 'locked': False, 'locked_since': None, 'locked_by': None, 'lock_reason': None, 'lock_state_changed': False, 'msg': 'Repo `%s` not locked.' % repo.repo_name } return _d else: _user_id, _time, _reason = lockobj lock_user = get_user_or_error(userid) _d = { 'repo': repo.repo_name, 'locked': True, 'locked_since': _time, 'locked_by': lock_user.username, 'lock_reason': _reason, 'lock_state_changed': False, 'msg': ('Repo `%s` locked by `%s` on `%s`.' % (repo.repo_name, lock_user.username, json.dumps(time_to_datetime(_time)))) } return _d # force locked state through a flag else: locked = str2bool(locked) lock_reason = Repository.LOCK_API try: if locked: lock_time = time.time() Repository.lock(repo, user.user_id, lock_time, lock_reason) else: lock_time = None Repository.unlock(repo) _d = { 'repo': repo.repo_name, 'locked': locked, 'locked_since': lock_time, 'locked_by': user.username, 'lock_reason': lock_reason, 'lock_state_changed': True, 'msg': ('User `%s` set lock state for repo `%s` to `%s`' % (user.username, repo.repo_name, locked)) } return _d except Exception: log.exception( "Exception occurred while trying to lock repository") raise JSONRPCError( 'Error occurred locking repository `%s`' % repo.repo_name ) @jsonrpc_method() def comment_commit( request, apiuser, repoid, commit_id, message, status=Optional(None), comment_type=Optional(ChangesetComment.COMMENT_TYPE_NOTE), resolves_comment_id=Optional(None), userid=Optional(OAttr('apiuser'))): """ Set a commit comment, and optionally change the status of the commit. :param apiuser: This is filled automatically from the |authtoken|. :type apiuser: AuthUser :param repoid: Set the repository name or repository ID. :type repoid: str or int :param commit_id: Specify the commit_id for which to set a comment. :type commit_id: str :param message: The comment text. :type message: str :param status: (**Optional**) status of commit, one of: 'not_reviewed', 'approved', 'rejected', 'under_review' :type status: str :param comment_type: Comment type, one of: 'note', 'todo' :type comment_type: Optional(str), default: 'note' :param userid: Set the user name of the comment creator. :type userid: Optional(str or int) Example error output: .. code-block:: bash { "id" : <id_given_in_input>, "result" : { "msg": "Commented on commit `<commit_id>` for repository `<repoid>`", "status_change": null or <status>, "success": true }, "error" : null } """ repo = get_repo_or_error(repoid) if not has_superadmin_permission(apiuser): _perms = ('repository.read', 'repository.write', 'repository.admin') validate_repo_permissions(apiuser, repoid, repo, _perms) try: commit_id = repo.scm_instance().get_commit(commit_id=commit_id).raw_id except Exception as e: log.exception('Failed to fetch commit') raise JSONRPCError(e.message) if isinstance(userid, Optional): userid = apiuser.user_id user = get_user_or_error(userid) status = Optional.extract(status) comment_type = Optional.extract(comment_type) resolves_comment_id = Optional.extract(resolves_comment_id) allowed_statuses = [x[0] for x in ChangesetStatus.STATUSES] if status and status not in allowed_statuses: raise JSONRPCError('Bad status, must be on ' 'of %s got %s' % (allowed_statuses, status,)) if resolves_comment_id: comment = ChangesetComment.get(resolves_comment_id) if not comment: raise JSONRPCError( 'Invalid resolves_comment_id `%s` for this commit.' % resolves_comment_id) if comment.comment_type != ChangesetComment.COMMENT_TYPE_TODO: raise JSONRPCError( 'Comment `%s` is wrong type for setting status to resolved.' % resolves_comment_id) try: rc_config = SettingsModel().get_all_settings() renderer = rc_config.get('rhodecode_markup_renderer', 'rst') status_change_label = ChangesetStatus.get_status_lbl(status) comm = CommentsModel().create( message, repo, user, commit_id=commit_id, status_change=status_change_label, status_change_type=status, renderer=renderer, comment_type=comment_type, resolves_comment_id=resolves_comment_id ) if status: # also do a status change try: ChangesetStatusModel().set_status( repo, status, user, comm, revision=commit_id, dont_allow_on_closed_pull_request=True ) except StatusChangeOnClosedPullRequestError: log.exception( "Exception occurred while trying to change repo commit status") msg = ('Changing status on a changeset associated with ' 'a closed pull request is not allowed') raise JSONRPCError(msg) Session().commit() return { 'msg': ( 'Commented on commit `%s` for repository `%s`' % ( comm.revision, repo.repo_name)), 'status_change': status, 'success': True, } except JSONRPCError: # catch any inside errors, and re-raise them to prevent from # below global catch to silence them raise except Exception: log.exception("Exception occurred while trying to comment on commit") raise JSONRPCError( 'failed to set comment on repository `%s`' % (repo.repo_name,) ) @jsonrpc_method() def grant_user_permission(request, apiuser, repoid, userid, perm): """ Grant permissions for the specified user on the given repository, or update existing permissions if found. This command can only be run using an |authtoken| with admin permissions on the |repo|. :param apiuser: This is filled automatically from the |authtoken|. :type apiuser: AuthUser :param repoid: Set the repository name or repository ID. :type repoid: str or int :param userid: Set the user name. :type userid: str :param perm: Set the user permissions, using the following format ``(repository.(none|read|write|admin))`` :type perm: str Example output: .. code-block:: bash id : <id_given_in_input> result: { "msg" : "Granted perm: `<perm>` for user: `<username>` in repo: `<reponame>`", "success": true } error: null """ repo = get_repo_or_error(repoid) user = get_user_or_error(userid) perm = get_perm_or_error(perm) if not has_superadmin_permission(apiuser): _perms = ('repository.admin',) validate_repo_permissions(apiuser, repoid, repo, _perms) try: RepoModel().grant_user_permission(repo=repo, user=user, perm=perm) Session().commit() return { 'msg': 'Granted perm: `%s` for user: `%s` in repo: `%s`' % ( perm.permission_name, user.username, repo.repo_name ), 'success': True } except Exception: log.exception( "Exception occurred while trying edit permissions for repo") raise JSONRPCError( 'failed to edit permission for user: `%s` in repo: `%s`' % ( userid, repoid ) ) @jsonrpc_method() def revoke_user_permission(request, apiuser, repoid, userid): """ Revoke permission for a user on the specified repository. This command can only be run using an |authtoken| with admin permissions on the |repo|. :param apiuser: This is filled automatically from the |authtoken|. :type apiuser: AuthUser :param repoid: Set the repository name or repository ID. :type repoid: str or int :param userid: Set the user name of revoked user. :type userid: str or int Example error output: .. code-block:: bash id : <id_given_in_input> result: { "msg" : "Revoked perm for user: `<username>` in repo: `<reponame>`", "success": true } error: null """ repo = get_repo_or_error(repoid) user = get_user_or_error(userid) if not has_superadmin_permission(apiuser): _perms = ('repository.admin',) validate_repo_permissions(apiuser, repoid, repo, _perms) try: RepoModel().revoke_user_permission(repo=repo, user=user) Session().commit() return { 'msg': 'Revoked perm for user: `%s` in repo: `%s`' % ( user.username, repo.repo_name ), 'success': True } except Exception: log.exception( "Exception occurred while trying revoke permissions to repo") raise JSONRPCError( 'failed to edit permission for user: `%s` in repo: `%s`' % ( userid, repoid ) ) @jsonrpc_method() def grant_user_group_permission(request, apiuser, repoid, usergroupid, perm): """ Grant permission for a user group on the specified repository, or update existing permissions. This command can only be run using an |authtoken| with admin permissions on the |repo|. :param apiuser: This is filled automatically from the |authtoken|. :type apiuser: AuthUser :param repoid: Set the repository name or repository ID. :type repoid: str or int :param usergroupid: Specify the ID of the user group. :type usergroupid: str or int :param perm: Set the user group permissions using the following format: (repository.(none|read|write|admin)) :type perm: str Example output: .. code-block:: bash id : <id_given_in_input> result : { "msg" : "Granted perm: `<perm>` for group: `<usersgroupname>` in repo: `<reponame>`", "success": true } error : null Example error output: .. code-block:: bash id : <id_given_in_input> result : null error : { "failed to edit permission for user group: `<usergroup>` in repo `<repo>`' } """ repo = get_repo_or_error(repoid) perm = get_perm_or_error(perm) if not has_superadmin_permission(apiuser): _perms = ('repository.admin',) validate_repo_permissions(apiuser, repoid, repo, _perms) user_group = get_user_group_or_error(usergroupid) if not has_superadmin_permission(apiuser): # check if we have at least read permission for this user group ! _perms = ('usergroup.read', 'usergroup.write', 'usergroup.admin',) if not HasUserGroupPermissionAnyApi(*_perms)( user=apiuser, user_group_name=user_group.users_group_name): raise JSONRPCError( 'user group `%s` does not exist' % (usergroupid,)) try: RepoModel().grant_user_group_permission( repo=repo, group_name=user_group, perm=perm) Session().commit() return { 'msg': 'Granted perm: `%s` for user group: `%s` in ' 'repo: `%s`' % ( perm.permission_name, user_group.users_group_name, repo.repo_name ), 'success': True } except Exception: log.exception( "Exception occurred while trying change permission on repo") raise JSONRPCError( 'failed to edit permission for user group: `%s` in ' 'repo: `%s`' % ( usergroupid, repo.repo_name ) ) @jsonrpc_method() def revoke_user_group_permission(request, apiuser, repoid, usergroupid): """ Revoke the permissions of a user group on a given repository. This command can only be run using an |authtoken| with admin permissions on the |repo|. :param apiuser: This is filled automatically from the |authtoken|. :type apiuser: AuthUser :param repoid: Set the repository name or repository ID. :type repoid: str or int :param usergroupid: Specify the user group ID. :type usergroupid: str or int Example output: .. code-block:: bash id : <id_given_in_input> result: { "msg" : "Revoked perm for group: `<usersgroupname>` in repo: `<reponame>`", "success": true } error: null """ repo = get_repo_or_error(repoid) if not has_superadmin_permission(apiuser): _perms = ('repository.admin',) validate_repo_permissions(apiuser, repoid, repo, _perms) user_group = get_user_group_or_error(usergroupid) if not has_superadmin_permission(apiuser): # check if we have at least read permission for this user group ! _perms = ('usergroup.read', 'usergroup.write', 'usergroup.admin',) if not HasUserGroupPermissionAnyApi(*_perms)( user=apiuser, user_group_name=user_group.users_group_name): raise JSONRPCError( 'user group `%s` does not exist' % (usergroupid,)) try: RepoModel().revoke_user_group_permission( repo=repo, group_name=user_group) Session().commit() return { 'msg': 'Revoked perm for user group: `%s` in repo: `%s`' % ( user_group.users_group_name, repo.repo_name ), 'success': True } except Exception: log.exception("Exception occurred while trying revoke " "user group permission on repo") raise JSONRPCError( 'failed to edit permission for user group: `%s` in ' 'repo: `%s`' % ( user_group.users_group_name, repo.repo_name ) ) @jsonrpc_method() def pull(request, apiuser, repoid): """ Triggers a pull on the given repository from a remote location. You can use this to keep remote repositories up-to-date. This command can only be run using an |authtoken| with admin rights to the specified repository. For more information, see :ref:`config-token-ref`. This command takes the following options: :param apiuser: This is filled automatically from the |authtoken|. :type apiuser: AuthUser :param repoid: The repository name or repository ID. :type repoid: str or int Example output: .. code-block:: bash id : <id_given_in_input> result : { "msg": "Pulled from `<repository name>`" "repository": "<repository name>" } error : null Example error output: .. code-block:: bash id : <id_given_in_input> result : null error : { "Unable to pull changes from `<reponame>`" } """ repo = get_repo_or_error(repoid) if not has_superadmin_permission(apiuser): _perms = ('repository.admin',) validate_repo_permissions(apiuser, repoid, repo, _perms) try: ScmModel().pull_changes(repo.repo_name, apiuser.username) return { 'msg': 'Pulled from `%s`' % repo.repo_name, 'repository': repo.repo_name } except Exception: log.exception("Exception occurred while trying to " "pull changes from remote location") raise JSONRPCError( 'Unable to pull changes from `%s`' % repo.repo_name ) @jsonrpc_method() def strip(request, apiuser, repoid, revision, branch): """ Strips the given revision from the specified repository. * This will remove the revision and all of its decendants. This command can only be run using an |authtoken| with admin rights to the specified repository. This command takes the following options: :param apiuser: This is filled automatically from the |authtoken|. :type apiuser: AuthUser :param repoid: The repository name or repository ID. :type repoid: str or int :param revision: The revision you wish to strip. :type revision: str :param branch: The branch from which to strip the revision. :type branch: str Example output: .. code-block:: bash id : <id_given_in_input> result : { "msg": "'Stripped commit <commit_hash> from repo `<repository name>`'" "repository": "<repository name>" } error : null Example error output: .. code-block:: bash id : <id_given_in_input> result : null error : { "Unable to strip commit <commit_hash> from repo `<repository name>`" } """ repo = get_repo_or_error(repoid) if not has_superadmin_permission(apiuser): _perms = ('repository.admin',) validate_repo_permissions(apiuser, repoid, repo, _perms) try: ScmModel().strip(repo, revision, branch) return { 'msg': 'Stripped commit %s from repo `%s`' % ( revision, repo.repo_name), 'repository': repo.repo_name } except Exception: log.exception("Exception while trying to strip") raise JSONRPCError( 'Unable to strip commit %s from repo `%s`' % ( revision, repo.repo_name) ) @jsonrpc_method() def get_repo_settings(request, apiuser, repoid, key=Optional(None)): """ Returns all settings for a repository. If key is given it only returns the setting identified by the key or null. :param apiuser: This is filled automatically from the |authtoken|. :type apiuser: AuthUser :param repoid: The repository name or repository id. :type repoid: str or int :param key: Key of the setting to return. :type: key: Optional(str) Example output: .. code-block:: bash { "error": null, "id": 237, "result": { "extensions_largefiles": true, "extensions_evolve": true, "hooks_changegroup_push_logger": true, "hooks_changegroup_repo_size": false, "hooks_outgoing_pull_logger": true, "phases_publish": "True", "rhodecode_hg_use_rebase_for_merging": true, "rhodecode_pr_merge_enabled": true, "rhodecode_use_outdated_comments": true } } """ # Restrict access to this api method to admins only. if not has_superadmin_permission(apiuser): raise JSONRPCForbidden() try: repo = get_repo_or_error(repoid) settings_model = VcsSettingsModel(repo=repo) settings = settings_model.get_global_settings() settings.update(settings_model.get_repo_settings()) # If only a single setting is requested fetch it from all settings. key = Optional.extract(key) if key is not None: settings = settings.get(key, None) except Exception: msg = 'Failed to fetch settings for repository `{}`'.format(repoid) log.exception(msg) raise JSONRPCError(msg) return settings @jsonrpc_method() def set_repo_settings(request, apiuser, repoid, settings): """ Update repository settings. Returns true on success. :param apiuser: This is filled automatically from the |authtoken|. :type apiuser: AuthUser :param repoid: The repository name or repository id. :type repoid: str or int :param settings: The new settings for the repository. :type: settings: dict Example output: .. code-block:: bash { "error": null, "id": 237, "result": true } """ # Restrict access to this api method to admins only. if not has_superadmin_permission(apiuser): raise JSONRPCForbidden() if type(settings) is not dict: raise JSONRPCError('Settings have to be a JSON Object.') try: settings_model = VcsSettingsModel(repo=repoid) # Merge global, repo and incoming settings. new_settings = settings_model.get_global_settings() new_settings.update(settings_model.get_repo_settings()) new_settings.update(settings) # Update the settings. inherit_global_settings = new_settings.get( 'inherit_global_settings', False) settings_model.create_or_update_repo_settings( new_settings, inherit_global_settings=inherit_global_settings) Session().commit() except Exception: msg = 'Failed to update settings for repository `{}`'.format(repoid) log.exception(msg) raise JSONRPCError(msg) # Indicate success. return True @jsonrpc_method() def maintenance(request, apiuser, repoid): """ Triggers a maintenance on the given repository. This command can only be run using an |authtoken| with admin rights to the specified repository. For more information, see :ref:`config-token-ref`. This command takes the following options: :param apiuser: This is filled automatically from the |authtoken|. :type apiuser: AuthUser :param repoid: The repository name or repository ID. :type repoid: str or int Example output: .. code-block:: bash id : <id_given_in_input> result : { "msg": "executed maintenance command", "executed_actions": [ <action_message>, <action_message2>... ], "repository": "<repository name>" } error : null Example error output: .. code-block:: bash id : <id_given_in_input> result : null error : { "Unable to execute maintenance on `<reponame>`" } """ repo = get_repo_or_error(repoid) if not has_superadmin_permission(apiuser): _perms = ('repository.admin',) validate_repo_permissions(apiuser, repoid, repo, _perms) try: maintenance = repo_maintenance.RepoMaintenance() executed_actions = maintenance.execute(repo) return { 'msg': 'executed maintenance command', 'executed_actions': executed_actions, 'repository': repo.repo_name } except Exception: log.exception("Exception occurred while trying to run maintenance") raise JSONRPCError( 'Unable to execute maintenance on `%s`' % repo.repo_name)