upstream/kallithea Commit - r1986:367d76f5

1

# -*- coding: utf-8 -*-

1

# -*- coding: utf-8 -*-

2

"""

2

"""

3

rhodecode.lib.db_manage

3

rhodecode.lib.db_manage

4

~~~~~~~~~~~~~~~~~~~~~~~

4

~~~~~~~~~~~~~~~~~~~~~~~

5

6

Database creation, and setup module for RhodeCode. Used for creation

6

Database creation, and setup module for RhodeCode. Used for creation

7

of database as well as for migration operations

7

of database as well as for migration operations

8

9

:created_on: Apr 10, 2010

9

:created_on: Apr 10, 2010

10

:author: marcink

10

:author: marcink

11

12

:license: GPLv3, see COPYING for more details.

12

:license: GPLv3, see COPYING for more details.

13

"""

13

"""

14

# This program is free software: you can redistribute it and/or modify

14

# This program is free software: you can redistribute it and/or modify

15

# it under the terms of the GNU General Public License as published by

15

# it under the terms of the GNU General Public License as published by

16

# the Free Software Foundation, either version 3 of the License, or

16

# the Free Software Foundation, either version 3 of the License, or

17

# (at your option) any later version.

17

# (at your option) any later version.

18

#

18

#

19

# This program is distributed in the hope that it will be useful,

19

# This program is distributed in the hope that it will be useful,

20

# but WITHOUT ANY WARRANTY; without even the implied warranty of

20

# but WITHOUT ANY WARRANTY; without even the implied warranty of

21

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

21

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

22

# GNU General Public License for more details.

22

# GNU General Public License for more details.

23

#

23

#

24

# You should have received a copy of the GNU General Public License

24

# You should have received a copy of the GNU General Public License

25

# along with this program. If not, see <http://www.gnu.org/licenses/>.

25

# along with this program. If not, see <http://www.gnu.org/licenses/>.

26

27

import os

27

import os

28

import sys

28

import sys

29

import uuid

29

import uuid

30

import logging

30

import logging

31

from os.path import dirname as dn, join as jn

31

from os.path import dirname as dn, join as jn

32

33

from rhodecode import __dbversion__

33

from rhodecode import __dbversion__

34

from rhodecode.model import meta

34

from rhodecode.model import meta

35

36

from rhodecode.model.user import UserModel

36

from rhodecode.model.user import UserModel

37

from rhodecode.lib.utils import ask_ok

37

from rhodecode.lib.utils import ask_ok

38

from rhodecode.model import init_model

38

from rhodecode.model import init_model

39

from rhodecode.model.db import User, Permission, RhodeCodeUi, \

39

from rhodecode.model.db import User, Permission, RhodeCodeUi, \

40

RhodeCodeSetting, UserToPerm, DbMigrateVersion, RepoGroup,\

40

RhodeCodeSetting, UserToPerm, DbMigrateVersion, RepoGroup,\

41

UserRepoGroupToPerm

41

UserRepoGroupToPerm

42

43

from sqlalchemy.engine import create_engine

43

from sqlalchemy.engine import create_engine

44

from rhodecode.model.repos_group import ReposGroupModel

44

from rhodecode.model.repos_group import ReposGroupModel

45

46

log = logging.getLogger(__name__)

46

log = logging.getLogger(__name__)

47

48

49

class DbManage(object):

49

class DbManage(object):

50

def __init__(self, log_sql, dbconf, root, tests=False):

50

def __init__(self, log_sql, dbconf, root, tests=False):

51

self.dbname = dbconf.split('/')[-1]

51

self.dbname = dbconf.split('/')[-1]

52

self.tests = tests

52

self.tests = tests

53

self.root = root

53

self.root = root

54

self.dburi = dbconf

54

self.dburi = dbconf

55

self.log_sql = log_sql

55

self.log_sql = log_sql

56

self.db_exists = False

56

self.db_exists = False

57

self.init_db()

57

self.init_db()

58

59

def init_db(self):

59

def init_db(self):

60

engine = create_engine(self.dburi, echo=self.log_sql)

60

engine = create_engine(self.dburi, echo=self.log_sql)

61

init_model(engine)

61

init_model(engine)

62

self.sa = meta.Session

62

self.sa = meta.Session

63

64

def create_tables(self, override=False):

64

def create_tables(self, override=False):

65

"""

65

"""

66

Create a auth database

66

Create a auth database

67

"""

67

"""

68

69

log.info("Any existing database is going to be destroyed")

69

log.info("Any existing database is going to be destroyed")

70

if self.tests:

70

if self.tests:

71

destroy = True

71

destroy = True

72

else:

72

else:

73

destroy = ask_ok('Are you sure to destroy old database ? [y/n]')

73

destroy = ask_ok('Are you sure to destroy old database ? [y/n]')

74

if not destroy:

74

if not destroy:

75

sys.exit()

75

sys.exit()

76

if destroy:

76

if destroy:

77

meta.Base.metadata.drop_all()

77

meta.Base.metadata.drop_all()

78

79

checkfirst = not override

79

checkfirst = not override

80

meta.Base.metadata.create_all(checkfirst=checkfirst)

80

meta.Base.metadata.create_all(checkfirst=checkfirst)

81

log.info('Created tables for %s' % self.dbname)

81

log.info('Created tables for %s' % self.dbname)

82

83

def set_db_version(self):

83

def set_db_version(self):

84

ver = DbMigrateVersion()

84

ver = DbMigrateVersion()

85

ver.version = __dbversion__

85

ver.version = __dbversion__

86

ver.repository_id = 'rhodecode_db_migrations'

86

ver.repository_id = 'rhodecode_db_migrations'

87

ver.repository_path = 'versions'

87

ver.repository_path = 'versions'

88

self.sa.add(ver)

88

self.sa.add(ver)

89

log.info('db version set to: %s' % __dbversion__)

89

log.info('db version set to: %s' % __dbversion__)

90

91

def upgrade(self):

91

def upgrade(self):

92

"""

92

"""

93

Upgrades given database schema to given revision following

93

Upgrades given database schema to given revision following

94

all needed steps, to perform the upgrade

94

all needed steps, to perform the upgrade

95

96

"""

96

"""

97

98

from rhodecode.lib.dbmigrate.migrate.versioning import api

98

from rhodecode.lib.dbmigrate.migrate.versioning import api

99

from rhodecode.lib.dbmigrate.migrate.exceptions import \

99

from rhodecode.lib.dbmigrate.migrate.exceptions import \

100

DatabaseNotControlledError

100

DatabaseNotControlledError

101

102

if 'sqlite' in self.dburi:

102

if 'sqlite' in self.dburi:

103

print (

103

print (

104

'********************** WARNING **********************\n'

104

'********************** WARNING **********************\n'

105

'Make sure your version of sqlite is at least 3.7.X. \n'

105

'Make sure your version of sqlite is at least 3.7.X. \n'

106

'Earlier versions are known to fail on some migrations\n'

106

'Earlier versions are known to fail on some migrations\n'

107

'*****************************************************\n'

107

'*****************************************************\n'

108

)

108

)

109

upgrade = ask_ok('You are about to perform database upgrade, make '

109

upgrade = ask_ok('You are about to perform database upgrade, make '

110

'sure You backed up your database before. '

110

'sure You backed up your database before. '

111

'Continue ? [y/n]')

111

'Continue ? [y/n]')

112

if not upgrade:

112

if not upgrade:

113

sys.exit('Nothing done')

113

sys.exit('Nothing done')

114

115

repository_path = jn(dn(dn(dn(os.path.realpath(__file__)))),

115

repository_path = jn(dn(dn(dn(os.path.realpath(__file__)))),

116

'rhodecode/lib/dbmigrate')

116

'rhodecode/lib/dbmigrate')

117

db_uri = self.dburi

117

db_uri = self.dburi

118

119

try:

119

try:

120

curr_version = api.db_version(db_uri, repository_path)

120

curr_version = api.db_version(db_uri, repository_path)

121

msg = ('Found current database under version'

121

msg = ('Found current database under version'

122

' control with version %s' % curr_version)

122

' control with version %s' % curr_version)

123

124

except (RuntimeError, DatabaseNotControlledError):

124

except (RuntimeError, DatabaseNotControlledError):

125

curr_version = 1

125

curr_version = 1

126

msg = ('Current database is not under version control. Setting'

126

msg = ('Current database is not under version control. Setting'

127

' as version %s' % curr_version)

127

' as version %s' % curr_version)

128

api.version_control(db_uri, repository_path, curr_version)

128

api.version_control(db_uri, repository_path, curr_version)

129

130

print (msg)

130

print (msg)

131

132

if curr_version == __dbversion__:

132

if curr_version == __dbversion__:

133

sys.exit('This database is already at the newest version')

133

sys.exit('This database is already at the newest version')

134

135

#======================================================================

135

#======================================================================

136

# UPGRADE STEPS

136

# UPGRADE STEPS

137

#======================================================================

137

#======================================================================

138

class UpgradeSteps(object):

138

class UpgradeSteps(object):

139

"""

139

"""

140

Those steps follow schema versions so for example schema

140

Those steps follow schema versions so for example schema

141

for example schema with seq 002 == step_2 and so on.

141

for example schema with seq 002 == step_2 and so on.

142

"""

142

"""

143

144

def __init__(self, klass):

144

def __init__(self, klass):

145

self.klass = klass

145

self.klass = klass

146

147

def step_0(self):

147

def step_0(self):

148

# step 0 is the schema upgrade, and than follow proper upgrades

148

# step 0 is the schema upgrade, and than follow proper upgrades

149

print ('attempting to do database upgrade to version %s' \

149

print ('attempting to do database upgrade to version %s' \

150

% __dbversion__)

150

% __dbversion__)

151

api.upgrade(db_uri, repository_path, __dbversion__)

151

api.upgrade(db_uri, repository_path, __dbversion__)

152

print ('Schema upgrade completed')

152

print ('Schema upgrade completed')

153

154

def step_1(self):

154

def step_1(self):

155

pass

155

pass

156

157

def step_2(self):

157

def step_2(self):

158

print ('Patching repo paths for newer version of RhodeCode')

158

print ('Patching repo paths for newer version of RhodeCode')

159

self.klass.fix_repo_paths()

159

self.klass.fix_repo_paths()

160

161

print ('Patching default user of RhodeCode')

161

print ('Patching default user of RhodeCode')

162

self.klass.fix_default_user()

162

self.klass.fix_default_user()

163

164

log.info('Changing ui settings')

164

log.info('Changing ui settings')

165

self.klass.create_ui_settings()

165

self.klass.create_ui_settings()

166

167

def step_3(self):

167

def step_3(self):

168

print ('Adding additional settings into RhodeCode db')

168

print ('Adding additional settings into RhodeCode db')

169

self.klass.fix_settings()

169

self.klass.fix_settings()

170

print ('Adding ldap defaults')

170

print ('Adding ldap defaults')

171

self.klass.create_ldap_options(skip_existing=True)

171

self.klass.create_ldap_options(skip_existing=True)

172

173

def step_4(self):

173

def step_4(self):

174

print ('TODO:')

174

print ('TODO:')

175

self.create_permissions()

175

self.klass.fixup_groups()

176

self.klass.fixup_groups()

176

177

upgrade_steps = [0] + range(curr_version + 1, __dbversion__ + 1)

178

upgrade_steps = [0] + range(curr_version + 1, __dbversion__ + 1)

178

179

# CALL THE PROPER ORDER OF STEPS TO PERFORM FULL UPGRADE

180

# CALL THE PROPER ORDER OF STEPS TO PERFORM FULL UPGRADE

180

for step in upgrade_steps:

181

for step in upgrade_steps:

181

print ('performing upgrade step %s' % step)

182

print ('performing upgrade step %s' % step)

182

getattr(UpgradeSteps(self), 'step_%s' % step)()

183

getattr(UpgradeSteps(self), 'step_%s' % step)()

183

184

def fix_repo_paths(self):

185

def fix_repo_paths(self):

185

"""

186

"""

186

Fixes a old rhodecode version path into new one without a '*'

187

Fixes a old rhodecode version path into new one without a '*'

187

"""

188

"""

188

189

paths = self.sa.query(RhodeCodeUi)\

190

paths = self.sa.query(RhodeCodeUi)\

190

.filter(RhodeCodeUi.ui_key == '/')\

191

.filter(RhodeCodeUi.ui_key == '/')\

191

.scalar()

192

.scalar()

192

193

paths.ui_value = paths.ui_value.replace('*', '')

194

paths.ui_value = paths.ui_value.replace('*', '')

194

195

try:

196

try:

196

self.sa.add(paths)

197

self.sa.add(paths)

197

self.sa.commit()

198

self.sa.commit()

198

except:

199

except:

199

self.sa.rollback()

200

self.sa.rollback()

200

raise

201

raise

201

202

def fix_default_user(self):

203

def fix_default_user(self):

203

"""

204

"""

204

Fixes a old default user with some 'nicer' default values,

205

Fixes a old default user with some 'nicer' default values,

205

used mostly for anonymous access

206

used mostly for anonymous access

206

"""

207

"""

207

def_user = self.sa.query(User)\

208

def_user = self.sa.query(User)\

208

.filter(User.username == 'default')\

209

.filter(User.username == 'default')\

209

.one()

210

.one()

210

211

def_user.name = 'Anonymous'

212

def_user.name = 'Anonymous'

212

def_user.lastname = 'User'

213

def_user.lastname = 'User'

213

def_user.email = 'anonymous@rhodecode.org'

214

def_user.email = 'anonymous@rhodecode.org'

214

215

try:

216

try:

216

self.sa.add(def_user)

217

self.sa.add(def_user)

217

self.sa.commit()

218

self.sa.commit()

218

except:

219

except:

219

self.sa.rollback()

220

self.sa.rollback()

220

raise

221

raise

221

222

def fix_settings(self):

223

def fix_settings(self):

223

"""

224

"""

224

Fixes rhodecode settings adds ga_code key for google analytics

225

Fixes rhodecode settings adds ga_code key for google analytics

225

"""

226

"""

226

227

hgsettings3 = RhodeCodeSetting('ga_code', '')

228

hgsettings3 = RhodeCodeSetting('ga_code', '')

228

229

try:

230

try:

230

self.sa.add(hgsettings3)

231

self.sa.add(hgsettings3)

231

self.sa.commit()

232

self.sa.commit()

232

except:

233

except:

233

self.sa.rollback()

234

self.sa.rollback()

234

raise

235

raise

235

236

def admin_prompt(self, second=False):

237

def admin_prompt(self, second=False):

237

if not self.tests:

238

if not self.tests:

238

import getpass

239

import getpass

239

240

def get_password():

241

def get_password():

241

password = getpass.getpass('Specify admin password '

242

password = getpass.getpass('Specify admin password '

242

'(min 6 chars):')

243

'(min 6 chars):')

243

confirm = getpass.getpass('Confirm password:')

244

confirm = getpass.getpass('Confirm password:')

244

245

if password != confirm:

246

if password != confirm:

246

log.error('passwords mismatch')

247

log.error('passwords mismatch')

247

return False

248

return False

248

if len(password) < 6:

249

if len(password) < 6:

249

log.error('password is to short use at least 6 characters')

250

log.error('password is to short use at least 6 characters')

250

return False

251

return False

251

252

return password

253

return password

253

254

username = raw_input('Specify admin username:')

255

username = raw_input('Specify admin username:')

255

256

password = get_password()

257

password = get_password()

257

if not password:

258

if not password:

258

#second try

259

#second try

259

password = get_password()

260

password = get_password()

260

if not password:

261

if not password:

261

sys.exit()

262

sys.exit()

262

263

email = raw_input('Specify admin email:')

264

email = raw_input('Specify admin email:')

264

self.create_user(username, password, email, True)

265

self.create_user(username, password, email, True)

265

else:

266

else:

266

log.info('creating admin and regular test users')

267

log.info('creating admin and regular test users')

267

from rhodecode.tests import TEST_USER_ADMIN_LOGIN,\

268

from rhodecode.tests import TEST_USER_ADMIN_LOGIN,\

268

TEST_USER_ADMIN_PASS, TEST_USER_ADMIN_EMAIL,\

269

TEST_USER_ADMIN_PASS, TEST_USER_ADMIN_EMAIL,\

269

TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS,\

270

TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS,\

270

TEST_USER_REGULAR_EMAIL, TEST_USER_REGULAR2_LOGIN, \

271

TEST_USER_REGULAR_EMAIL, TEST_USER_REGULAR2_LOGIN, \

271

TEST_USER_REGULAR2_PASS, TEST_USER_REGULAR2_EMAIL

272

TEST_USER_REGULAR2_PASS, TEST_USER_REGULAR2_EMAIL

272

273

self.create_user(TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS,

274

self.create_user(TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS,

274

TEST_USER_ADMIN_EMAIL, True)

275

TEST_USER_ADMIN_EMAIL, True)

275

276

self.create_user(TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS,

277

self.create_user(TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS,

277

TEST_USER_REGULAR_EMAIL, False)

278

TEST_USER_REGULAR_EMAIL, False)

278

279

self.create_user(TEST_USER_REGULAR2_LOGIN, TEST_USER_REGULAR2_PASS,

280

self.create_user(TEST_USER_REGULAR2_LOGIN, TEST_USER_REGULAR2_PASS,

280

TEST_USER_REGULAR2_EMAIL, False)

281

TEST_USER_REGULAR2_EMAIL, False)

281

282

def create_ui_settings(self):

283

def create_ui_settings(self):

283

"""

284

"""

284

Creates ui settings, fills out hooks

285

Creates ui settings, fills out hooks

285

and disables dotencode

286

and disables dotencode

286

"""

287

"""

287

288

#HOOKS

289

#HOOKS

289

hooks1_key = RhodeCodeUi.HOOK_UPDATE

290

hooks1_key = RhodeCodeUi.HOOK_UPDATE

290

hooks1_ = self.sa.query(RhodeCodeUi)\

291

hooks1_ = self.sa.query(RhodeCodeUi)\

291

.filter(RhodeCodeUi.ui_key == hooks1_key).scalar()

292

.filter(RhodeCodeUi.ui_key == hooks1_key).scalar()

292

293

hooks1 = RhodeCodeUi() if hooks1_ is None else hooks1_

294

hooks1 = RhodeCodeUi() if hooks1_ is None else hooks1_

294

hooks1.ui_section = 'hooks'

295

hooks1.ui_section = 'hooks'

295

hooks1.ui_key = hooks1_key

296

hooks1.ui_key = hooks1_key

296

hooks1.ui_value = 'hg update >&2'

297

hooks1.ui_value = 'hg update >&2'

297

hooks1.ui_active = False

298

hooks1.ui_active = False

298

299

hooks2_key = RhodeCodeUi.HOOK_REPO_SIZE

300

hooks2_key = RhodeCodeUi.HOOK_REPO_SIZE

300

hooks2_ = self.sa.query(RhodeCodeUi)\

301

hooks2_ = self.sa.query(RhodeCodeUi)\

301

.filter(RhodeCodeUi.ui_key == hooks2_key).scalar()

302

.filter(RhodeCodeUi.ui_key == hooks2_key).scalar()

302

303

hooks2 = RhodeCodeUi() if hooks2_ is None else hooks2_

304

hooks2 = RhodeCodeUi() if hooks2_ is None else hooks2_

304

hooks2.ui_section = 'hooks'

305

hooks2.ui_section = 'hooks'

305

hooks2.ui_key = hooks2_key

306

hooks2.ui_key = hooks2_key

306

hooks2.ui_value = 'python:rhodecode.lib.hooks.repo_size'

307

hooks2.ui_value = 'python:rhodecode.lib.hooks.repo_size'

307

308

hooks3 = RhodeCodeUi()

309

hooks3 = RhodeCodeUi()

309

hooks3.ui_section = 'hooks'

310

hooks3.ui_section = 'hooks'

310

hooks3.ui_key = RhodeCodeUi.HOOK_PUSH

311

hooks3.ui_key = RhodeCodeUi.HOOK_PUSH

311

hooks3.ui_value = 'python:rhodecode.lib.hooks.log_push_action'

312

hooks3.ui_value = 'python:rhodecode.lib.hooks.log_push_action'

312

313

hooks4 = RhodeCodeUi()

314

hooks4 = RhodeCodeUi()

314

hooks4.ui_section = 'hooks'

315

hooks4.ui_section = 'hooks'

315

hooks4.ui_key = RhodeCodeUi.HOOK_PULL

316

hooks4.ui_key = RhodeCodeUi.HOOK_PULL

316

hooks4.ui_value = 'python:rhodecode.lib.hooks.log_pull_action'

317

hooks4.ui_value = 'python:rhodecode.lib.hooks.log_pull_action'

317

318

# For mercurial 1.7 set backward comapatibility with format

319

# For mercurial 1.7 set backward comapatibility with format

319

dotencode_disable = RhodeCodeUi()

320

dotencode_disable = RhodeCodeUi()

320

dotencode_disable.ui_section = 'format'

321

dotencode_disable.ui_section = 'format'

321

dotencode_disable.ui_key = 'dotencode'

322

dotencode_disable.ui_key = 'dotencode'

322

dotencode_disable.ui_value = 'false'

323

dotencode_disable.ui_value = 'false'

323

324

# enable largefiles

325

# enable largefiles

325

largefiles = RhodeCodeUi()

326

largefiles = RhodeCodeUi()

326

largefiles.ui_section = 'extensions'

327

largefiles.ui_section = 'extensions'

327

largefiles.ui_key = 'largefiles'

328

largefiles.ui_key = 'largefiles'

328

largefiles.ui_value = ''

329

largefiles.ui_value = ''

329

330

self.sa.add(hooks1)

331

self.sa.add(hooks1)

331

self.sa.add(hooks2)

332

self.sa.add(hooks2)

332

self.sa.add(hooks3)

333

self.sa.add(hooks3)

333

self.sa.add(hooks4)

334

self.sa.add(hooks4)

334

self.sa.add(largefiles)

335

self.sa.add(largefiles)

335

336

def create_ldap_options(self, skip_existing=False):

337

def create_ldap_options(self, skip_existing=False):

337

"""Creates ldap settings"""

338

"""Creates ldap settings"""

338

339

for k, v in [('ldap_active', 'false'), ('ldap_host', ''),

340

for k, v in [('ldap_active', 'false'), ('ldap_host', ''),

340

('ldap_port', '389'), ('ldap_tls_kind', 'PLAIN'),

341

('ldap_port', '389'), ('ldap_tls_kind', 'PLAIN'),

341

('ldap_tls_reqcert', ''), ('ldap_dn_user', ''),

342

('ldap_tls_reqcert', ''), ('ldap_dn_user', ''),

342

('ldap_dn_pass', ''), ('ldap_base_dn', ''),

343

('ldap_dn_pass', ''), ('ldap_base_dn', ''),

343

('ldap_filter', ''), ('ldap_search_scope', ''),

344

('ldap_filter', ''), ('ldap_search_scope', ''),

344

('ldap_attr_login', ''), ('ldap_attr_firstname', ''),

345

('ldap_attr_login', ''), ('ldap_attr_firstname', ''),

345

('ldap_attr_lastname', ''), ('ldap_attr_email', '')]:

346

('ldap_attr_lastname', ''), ('ldap_attr_email', '')]:

346

347

if skip_existing and RhodeCodeSetting.get_by_name(k) != None:

348

if skip_existing and RhodeCodeSetting.get_by_name(k) != None:

348

log.debug('Skipping option %s' % k)

349

log.debug('Skipping option %s' % k)

349

continue

350

continue

350

setting = RhodeCodeSetting(k, v)

351

setting = RhodeCodeSetting(k, v)

351

self.sa.add(setting)

352

self.sa.add(setting)

352

353

def fixup_groups(self):

354

def fixup_groups(self):

354

def_usr = User.get_by_username('default')

355

def_usr = User.get_by_username('default')

355

for g in RepoGroup.query().all():

356

for g in RepoGroup.query().all():

356

g.group_name = g.get_new_name(g.name)

357

g.group_name = g.get_new_name(g.name)

357

self.sa.add(g)

358

self.sa.add(g)

358

# get default perm

359

# get default perm

359

default = UserRepoGroupToPerm.query()\

360

default = UserRepoGroupToPerm.query()\

360

.filter(UserRepoGroupToPerm.group == g)\

361

.filter(UserRepoGroupToPerm.group == g)\

361

.filter(UserRepoGroupToPerm.user == def_usr)\

362

.filter(UserRepoGroupToPerm.user == def_usr)\

362

.scalar()

363

.scalar()

363

364

if default is None:

365

if default is None:

365

log.debug('missing default permission for group %s adding' % g)

366

log.debug('missing default permission for group %s adding' % g)

366

ReposGroupModel()._create_default_perms(g)

367

ReposGroupModel()._create_default_perms(g)

367

368

def config_prompt(self, test_repo_path='', retries=3):

369

def config_prompt(self, test_repo_path='', retries=3):

369

if retries == 3:

370

if retries == 3:

370

log.info('Setting up repositories config')

371

log.info('Setting up repositories config')

371

372

if not self.tests and not test_repo_path:

373

if not self.tests and not test_repo_path:

373

path = raw_input(

374

path = raw_input(

374

'Enter a valid path to store repositories. '

375

'Enter a valid path to store repositories. '

375

'All repositories in that path will be added automatically:'

376

'All repositories in that path will be added automatically:'

376

)

377

)

377

else:

378

else:

378

path = test_repo_path

379

path = test_repo_path

379

path_ok = True

380

path_ok = True

380

381

# check proper dir

382

# check proper dir

382

if not os.path.isdir(path):

383

if not os.path.isdir(path):

383

path_ok = False

384

path_ok = False

384

log.error('Given path %s is not a valid directory' % path)

385

log.error('Given path %s is not a valid directory' % path)

385

386

# check write access

387

# check write access

387

if not os.access(path, os.W_OK) and path_ok:

388

if not os.access(path, os.W_OK) and path_ok:

388

path_ok = False

389

path_ok = False

389

log.error('No write permission to given path %s' % path)

390

log.error('No write permission to given path %s' % path)

390

391

if retries == 0:

392

if retries == 0:

392

sys.exit('max retries reached')

393

sys.exit('max retries reached')

393

if path_ok is False:

394

if path_ok is False:

394

retries -= 1

395

retries -= 1

395

return self.config_prompt(test_repo_path, retries)

396

return self.config_prompt(test_repo_path, retries)

396

397

return path

398

return path

398

399

def create_settings(self, path):

400

def create_settings(self, path):

400

401

self.create_ui_settings()

402

self.create_ui_settings()

402

403

#HG UI OPTIONS

404

#HG UI OPTIONS

404

web1 = RhodeCodeUi()

405

web1 = RhodeCodeUi()

405

web1.ui_section = 'web'

406

web1.ui_section = 'web'

406

web1.ui_key = 'push_ssl'

407

web1.ui_key = 'push_ssl'

407

web1.ui_value = 'false'

408

web1.ui_value = 'false'

408

409

web2 = RhodeCodeUi()

410

web2 = RhodeCodeUi()

410

web2.ui_section = 'web'

411

web2.ui_section = 'web'

411

web2.ui_key = 'allow_archive'

412

web2.ui_key = 'allow_archive'

412

web2.ui_value = 'gz zip bz2'

413

web2.ui_value = 'gz zip bz2'

413

414

web3 = RhodeCodeUi()

415

web3 = RhodeCodeUi()

415

web3.ui_section = 'web'

416

web3.ui_section = 'web'

416

web3.ui_key = 'allow_push'

417

web3.ui_key = 'allow_push'

417

web3.ui_value = '*'

418

web3.ui_value = '*'

418

419

web4 = RhodeCodeUi()

420

web4 = RhodeCodeUi()

420

web4.ui_section = 'web'

421

web4.ui_section = 'web'

421

web4.ui_key = 'baseurl'

422

web4.ui_key = 'baseurl'

422

web4.ui_value = '/'

423

web4.ui_value = '/'

423

424

paths = RhodeCodeUi()

425

paths = RhodeCodeUi()

425

paths.ui_section = 'paths'

426

paths.ui_section = 'paths'

426

paths.ui_key = '/'

427

paths.ui_key = '/'

427

paths.ui_value = path

428

paths.ui_value = path

428

429

hgsettings1 = RhodeCodeSetting('realm', 'RhodeCode authentication')

430

hgsettings1 = RhodeCodeSetting('realm', 'RhodeCode authentication')

430

hgsettings2 = RhodeCodeSetting('title', 'RhodeCode')

431

hgsettings2 = RhodeCodeSetting('title', 'RhodeCode')

431

hgsettings3 = RhodeCodeSetting('ga_code', '')

432

hgsettings3 = RhodeCodeSetting('ga_code', '')

432

433

self.sa.add(web1)

434

self.sa.add(web1)

434

self.sa.add(web2)

435

self.sa.add(web2)

435

self.sa.add(web3)

436

self.sa.add(web3)

436

self.sa.add(web4)

437

self.sa.add(web4)

437

self.sa.add(paths)

438

self.sa.add(paths)

438

self.sa.add(hgsettings1)

439

self.sa.add(hgsettings1)

439

self.sa.add(hgsettings2)

440

self.sa.add(hgsettings2)

440

self.sa.add(hgsettings3)

441

self.sa.add(hgsettings3)

441

442

self.create_ldap_options()

443

self.create_ldap_options()

443

444

log.info('created ui config')

445

log.info('created ui config')

445

446

def create_user(self, username, password, email='', admin=False):

447

def create_user(self, username, password, email='', admin=False):

447

log.info('creating user %s' % username)

448

log.info('creating user %s' % username)

448

UserModel().create_or_update(username, password, email,

449

UserModel().create_or_update(username, password, email,

449

name='RhodeCode', lastname='Admin',

450

name='RhodeCode', lastname='Admin',

450

active=True, admin=admin)

451

active=True, admin=admin)

451

452

def create_default_user(self):

453

def create_default_user(self):

453

log.info('creating default user')

454

log.info('creating default user')

454

# create default user for handling default permissions.

455

# create default user for handling default permissions.

455

UserModel().create_or_update(username='default',

456

UserModel().create_or_update(username='default',

456

password=str(uuid.uuid1())[:8],

457

password=str(uuid.uuid1())[:8],

457

email='anonymous@rhodecode.org',

458

email='anonymous@rhodecode.org',

458

name='Anonymous', lastname='User')

459

name='Anonymous', lastname='User')

459

460

def create_permissions(self):

461

def create_permissions(self):

461

# module.(access|create|change|delete)_[name]

462

# module.(access|create|change|delete)_[name]

462

# module.(none|read|write|admin)

463

# module.(none|read|write|admin)

463

perms = [

464

perms = [

464

('repository.none', 'Repository no access'),

465

('repository.none', 'Repository no access'),

465

('repository.read', 'Repository read access'),

466

('repository.read', 'Repository read access'),

466

('repository.write', 'Repository write access'),

467

('repository.write', 'Repository write access'),

467

('repository.admin', 'Repository admin access'),

468

('repository.admin', 'Repository admin access'),

468

469

('group.none', 'Repositories Group no access'),

470

('group.none', 'Repositories Group no access'),

470

('group.read', 'Repositories Group read access'),

471

('group.read', 'Repositories Group read access'),

471

('group.write', 'Repositories Group write access'),

472

('group.write', 'Repositories Group write access'),

472

('group.admin', 'Repositories Group admin access'),

473

('group.admin', 'Repositories Group admin access'),

473

474

('hg.admin', 'Hg Administrator'),

475

('hg.admin', 'Hg Administrator'),

475

('hg.create.repository', 'Repository create'),

476

('hg.create.repository', 'Repository create'),

476

('hg.create.none', 'Repository creation disabled'),

477

('hg.create.none', 'Repository creation disabled'),

477

('hg.register.none', 'Register disabled'),

478

('hg.register.none', 'Register disabled'),

478

('hg.register.manual_activate', 'Register new user with RhodeCode '

479

('hg.register.manual_activate', 'Register new user with RhodeCode '

479

'without manual activation'),

480

'without manual activation'),

480

481

('hg.register.auto_activate', 'Register new user with RhodeCode '

482

('hg.register.auto_activate', 'Register new user with RhodeCode '

482

'without auto activation'),

483

'without auto activation'),

483

]

484

]

484

485

for p in perms:

486

for p in perms:

487

if not Permission.get_by_key(p):

486

new_perm = Permission()

488

new_perm = Permission()

487

new_perm.permission_name = p[0]

489

new_perm.permission_name = p[0]

488

new_perm.permission_longname = p[1]

490

new_perm.permission_longname = p[1]

489

self.sa.add(new_perm)

491

self.sa.add(new_perm)

490

492

491

def populate_default_permissions(self):

493

def populate_default_permissions(self):

492

log.info('creating default user permissions')

494

log.info('creating default user permissions')

493

495

494

default_user = self.sa.query(User)\

496

default_user = self.sa.query(User)\

495

.filter(User.username == 'default').scalar()

497

.filter(User.username == 'default').scalar()

496

498

497

reg_perm = UserToPerm()

499

reg_perm = UserToPerm()

498

reg_perm.user = default_user

500

reg_perm.user = default_user

499

reg_perm.permission = self.sa.query(Permission)\

501

reg_perm.permission = self.sa.query(Permission)\

500

.filter(Permission.permission_name == 'hg.register.manual_activate')\

502

.filter(Permission.permission_name == 'hg.register.manual_activate')\

501

.scalar()

503

.scalar()

502

504

503

create_repo_perm = UserToPerm()

505

create_repo_perm = UserToPerm()

504

create_repo_perm.user = default_user

506

create_repo_perm.user = default_user

505

create_repo_perm.permission = self.sa.query(Permission)\

507

create_repo_perm.permission = self.sa.query(Permission)\

506

.filter(Permission.permission_name == 'hg.create.repository')\

508

.filter(Permission.permission_name == 'hg.create.repository')\

507

.scalar()

509

.scalar()

508

510

509

default_repo_perm = UserToPerm()

511

default_repo_perm = UserToPerm()

510

default_repo_perm.user = default_user

512

default_repo_perm.user = default_user

511

default_repo_perm.permission = self.sa.query(Permission)\

513

default_repo_perm.permission = self.sa.query(Permission)\

512

.filter(Permission.permission_name == 'repository.read')\

514

.filter(Permission.permission_name == 'repository.read')\

513

.scalar()

515

.scalar()

514

516

515

self.sa.add(reg_perm)

517

self.sa.add(reg_perm)

516

self.sa.add(create_repo_perm)

518

self.sa.add(create_repo_perm)

517

self.sa.add(default_repo_perm)

519

self.sa.add(default_repo_perm)

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

             # -*- coding: utf-8 -*-
             """
                 rhodecode.lib.db_manage
                 ~~~~~~~~~~~~~~~~~~~~~~~
                 Database creation, and setup module for RhodeCode. Used for creation
                 of database as well as for migration operations
                 :created_on: Apr 10, 2010
                 :author: marcink
                 :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
                 :license: GPLv3, see COPYING for more details.
             """
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU General Public License as published by
             # the Free Software Foundation, either version 3 of the License, or
             # (at your option) any later version.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             import os
             import sys
             import uuid
             import logging
             from os.path import dirname as dn, join as jn
             from rhodecode import __dbversion__
             from rhodecode.model import meta
             from rhodecode.model.user import UserModel
             from rhodecode.lib.utils import ask_ok
             from rhodecode.model import init_model
             from rhodecode.model.db import User, Permission, RhodeCodeUi, \
                 RhodeCodeSetting, UserToPerm, DbMigrateVersion, RepoGroup,\
                 UserRepoGroupToPerm
             from sqlalchemy.engine import create_engine
             from rhodecode.model.repos_group import ReposGroupModel
             log = logging.getLogger(__name__)
             class DbManage(object):
                 def __init__(self, log_sql, dbconf, root, tests=False):
                     self.dbname = dbconf.split('/')[-1]
                     self.tests = tests
                     self.root = root
                     self.dburi = dbconf
                     self.log_sql = log_sql
                     self.db_exists = False
                     self.init_db()
                 def init_db(self):
                     engine = create_engine(self.dburi, echo=self.log_sql)
                     init_model(engine)
                     self.sa = meta.Session
                 def create_tables(self, override=False):
                     """
                     Create a auth database
                     """
                     log.info("Any existing database is going to be destroyed")
                     if self.tests:
                         destroy = True
                     else:
                         destroy = ask_ok('Are you sure to destroy old database ? [y/n]')
                     if not destroy:
                         sys.exit()
                     if destroy:
                         meta.Base.metadata.drop_all()
                     checkfirst = not override
                     meta.Base.metadata.create_all(checkfirst=checkfirst)
                     log.info('Created tables for %s' % self.dbname)
                 def set_db_version(self):
                     ver = DbMigrateVersion()
                     ver.version = __dbversion__
                     ver.repository_id = 'rhodecode_db_migrations'
                     ver.repository_path = 'versions'
                     self.sa.add(ver)
                     log.info('db version set to: %s' % __dbversion__)
                 def upgrade(self):
                     """
                     Upgrades given database schema to given revision following
                     all needed steps, to perform the upgrade
                     """
                     from rhodecode.lib.dbmigrate.migrate.versioning import api
                     from rhodecode.lib.dbmigrate.migrate.exceptions import \
                         DatabaseNotControlledError
                     if 'sqlite' in self.dburi:
                         print (
                            '********************** WARNING **********************\n'
                            'Make sure your version of sqlite is at least 3.7.X.  \n'
                            'Earlier versions are known to fail on some migrations\n'
                            '*****************************************************\n'
                         )
                     upgrade = ask_ok('You are about to perform database upgrade, make '
                                      'sure You backed up your database before. '
                                      'Continue ? [y/n]')
                     if not upgrade:
                         sys.exit('Nothing done')
                     repository_path = jn(dn(dn(dn(os.path.realpath(__file__)))),
                                          'rhodecode/lib/dbmigrate')
                     db_uri = self.dburi
                     try:
                         curr_version = api.db_version(db_uri, repository_path)
                         msg = ('Found current database under version'
                              ' control with version %s' % curr_version)
                     except (RuntimeError, DatabaseNotControlledError):
                         curr_version = 1
                         msg = ('Current database is not under version control. Setting'
                                ' as version %s' % curr_version)
                         api.version_control(db_uri, repository_path, curr_version)
                     print (msg)
                     if curr_version == __dbversion__:
                         sys.exit('This database is already at the newest version')
                     #======================================================================
                     # UPGRADE STEPS
                     #======================================================================
                     class UpgradeSteps(object):
                         """
                         Those steps follow schema versions so for example schema
                         for example schema with seq 002 == step_2 and so on.
                         """
                         def __init__(self, klass):
                             self.klass = klass
                         def step_0(self):
                             # step 0 is the schema upgrade, and than follow proper upgrades
                             print ('attempting to do database upgrade to version %s' \
                                             % __dbversion__)
                             api.upgrade(db_uri, repository_path, __dbversion__)
                             print ('Schema upgrade completed')
                         def step_1(self):
                             pass
                         def step_2(self):
                             print ('Patching repo paths for newer version of RhodeCode')
                             self.klass.fix_repo_paths()
                             print ('Patching default user of RhodeCode')
                             self.klass.fix_default_user()
                             log.info('Changing ui settings')
                             self.klass.create_ui_settings()
                         def step_3(self):
                             print ('Adding additional settings into RhodeCode db')
                             self.klass.fix_settings()
                             print ('Adding ldap defaults')
                             self.klass.create_ldap_options(skip_existing=True)
                         def step_4(self):
                             print ('TODO:')
+                            self.create_permissions()
                             self.klass.fixup_groups()
                     upgrade_steps = [0] + range(curr_version + 1, __dbversion__ + 1)
                     # CALL THE PROPER ORDER OF STEPS TO PERFORM FULL UPGRADE
                     for step in upgrade_steps:
                         print ('performing upgrade step %s' % step)
                         getattr(UpgradeSteps(self), 'step_%s' % step)()
                 def fix_repo_paths(self):
                     """
                     Fixes a old rhodecode version path into new one without a '*'
                     """
                     paths = self.sa.query(RhodeCodeUi)\
                             .filter(RhodeCodeUi.ui_key == '/')\
                             .scalar()
                     paths.ui_value = paths.ui_value.replace('*', '')
                     try:
                         self.sa.add(paths)
                         self.sa.commit()
                     except:
                         self.sa.rollback()
                         raise
                 def fix_default_user(self):
                     """
                     Fixes a old default user with some 'nicer' default values,
                     used mostly for anonymous access
                     """
                     def_user = self.sa.query(User)\
                             .filter(User.username == 'default')\
                             .one()
                     def_user.name = 'Anonymous'
                     def_user.lastname = 'User'
                     def_user.email = 'anonymous@rhodecode.org'
                     try:
                         self.sa.add(def_user)
                         self.sa.commit()
                     except:
                         self.sa.rollback()
                         raise
                 def fix_settings(self):
                     """
                     Fixes rhodecode settings adds ga_code key for google analytics
                     """
                     hgsettings3 = RhodeCodeSetting('ga_code', '')
                     try:
                         self.sa.add(hgsettings3)
                         self.sa.commit()
                     except:
                         self.sa.rollback()
                         raise
                 def admin_prompt(self, second=False):
                     if not self.tests:
                         import getpass
                         def get_password():
                             password = getpass.getpass('Specify admin password '
                                                        '(min 6 chars):')
                             confirm = getpass.getpass('Confirm password:')
                             if password != confirm:
                                 log.error('passwords mismatch')
                                 return False
                             if len(password) < 6:
                                 log.error('password is to short use at least 6 characters')
                                 return False
                             return password
                         username = raw_input('Specify admin username:')
                         password = get_password()
                         if not password:
                             #second try
                             password = get_password()
                             if not password:
                                 sys.exit()
                         email = raw_input('Specify admin email:')
                         self.create_user(username, password, email, True)
                     else:
                         log.info('creating admin and regular test users')
                         from rhodecode.tests import TEST_USER_ADMIN_LOGIN,\
                         TEST_USER_ADMIN_PASS, TEST_USER_ADMIN_EMAIL,\
                         TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS,\
                         TEST_USER_REGULAR_EMAIL, TEST_USER_REGULAR2_LOGIN, \
                         TEST_USER_REGULAR2_PASS, TEST_USER_REGULAR2_EMAIL
                         self.create_user(TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS,
                                          TEST_USER_ADMIN_EMAIL, True)
                         self.create_user(TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS,
                                          TEST_USER_REGULAR_EMAIL, False)
                         self.create_user(TEST_USER_REGULAR2_LOGIN, TEST_USER_REGULAR2_PASS,
                                          TEST_USER_REGULAR2_EMAIL, False)
                 def create_ui_settings(self):
                     """
                     Creates ui settings, fills out hooks
                     and disables dotencode
                     """
                     #HOOKS
                     hooks1_key = RhodeCodeUi.HOOK_UPDATE
                     hooks1_ = self.sa.query(RhodeCodeUi)\
                         .filter(RhodeCodeUi.ui_key == hooks1_key).scalar()
                     hooks1 = RhodeCodeUi() if hooks1_ is None else hooks1_
                     hooks1.ui_section = 'hooks'
                     hooks1.ui_key = hooks1_key
                     hooks1.ui_value = 'hg update >&2'
                     hooks1.ui_active = False
                     hooks2_key = RhodeCodeUi.HOOK_REPO_SIZE
                     hooks2_ = self.sa.query(RhodeCodeUi)\
                         .filter(RhodeCodeUi.ui_key == hooks2_key).scalar()
                     hooks2 = RhodeCodeUi() if hooks2_ is None else hooks2_
                     hooks2.ui_section = 'hooks'
                     hooks2.ui_key = hooks2_key
                     hooks2.ui_value = 'python:rhodecode.lib.hooks.repo_size'
                     hooks3 = RhodeCodeUi()
                     hooks3.ui_section = 'hooks'
                     hooks3.ui_key = RhodeCodeUi.HOOK_PUSH
                     hooks3.ui_value = 'python:rhodecode.lib.hooks.log_push_action'
                     hooks4 = RhodeCodeUi()
                     hooks4.ui_section = 'hooks'
                     hooks4.ui_key = RhodeCodeUi.HOOK_PULL
                     hooks4.ui_value = 'python:rhodecode.lib.hooks.log_pull_action'
                     # For mercurial 1.7 set backward comapatibility with format
                     dotencode_disable = RhodeCodeUi()
                     dotencode_disable.ui_section = 'format'
                     dotencode_disable.ui_key = 'dotencode'
                     dotencode_disable.ui_value = 'false'
                     # enable largefiles
                     largefiles = RhodeCodeUi()
                     largefiles.ui_section = 'extensions'
                     largefiles.ui_key = 'largefiles'
                     largefiles.ui_value = ''
                     self.sa.add(hooks1)
                     self.sa.add(hooks2)
                     self.sa.add(hooks3)
                     self.sa.add(hooks4)
                     self.sa.add(largefiles)
                 def create_ldap_options(self, skip_existing=False):
                     """Creates ldap settings"""
                     for k, v in [('ldap_active', 'false'), ('ldap_host', ''),
                                 ('ldap_port', '389'), ('ldap_tls_kind', 'PLAIN'),
                                 ('ldap_tls_reqcert', ''), ('ldap_dn_user', ''),
                                 ('ldap_dn_pass', ''), ('ldap_base_dn', ''),
                                 ('ldap_filter', ''), ('ldap_search_scope', ''),
                                 ('ldap_attr_login', ''), ('ldap_attr_firstname', ''),
                                 ('ldap_attr_lastname', ''), ('ldap_attr_email', '')]:
                         if skip_existing and RhodeCodeSetting.get_by_name(k) != None:
                             log.debug('Skipping option %s' % k)
                             continue
                         setting = RhodeCodeSetting(k, v)
                         self.sa.add(setting)
                 def fixup_groups(self):
                     def_usr = User.get_by_username('default')
                     for g in RepoGroup.query().all():
                         g.group_name = g.get_new_name(g.name)
                         self.sa.add(g)
                         # get default perm
                         default = UserRepoGroupToPerm.query()\
                             .filter(UserRepoGroupToPerm.group == g)\
                             .filter(UserRepoGroupToPerm.user == def_usr)\
                             .scalar()
                         if default is None:
                             log.debug('missing default permission for group %s adding' % g)
                             ReposGroupModel()._create_default_perms(g)
                 def config_prompt(self, test_repo_path='', retries=3):
                     if retries == 3:
                         log.info('Setting up repositories config')
                     if not self.tests and not test_repo_path:
                         path = raw_input(
                              'Enter a valid path to store repositories. '
                              'All repositories in that path will be added automatically:'
                         )
                     else:
                         path = test_repo_path
                     path_ok = True
                     # check proper dir
                     if not os.path.isdir(path):
                         path_ok = False
                         log.error('Given path %s is not a valid directory' % path)
                     # check write access
                     if not os.access(path, os.W_OK) and path_ok:
                         path_ok = False
                         log.error('No write permission to given path %s' % path)
                     if retries == 0:
                         sys.exit('max retries reached')
                     if path_ok is False:
                         retries -= 1
                         return self.config_prompt(test_repo_path, retries)
                     return path
                 def create_settings(self, path):
                     self.create_ui_settings()
                     #HG UI OPTIONS
                     web1 = RhodeCodeUi()
                     web1.ui_section = 'web'
                     web1.ui_key = 'push_ssl'
                     web1.ui_value = 'false'
                     web2 = RhodeCodeUi()
                     web2.ui_section = 'web'
                     web2.ui_key = 'allow_archive'
                     web2.ui_value = 'gz zip bz2'
                     web3 = RhodeCodeUi()
                     web3.ui_section = 'web'
                     web3.ui_key = 'allow_push'
                     web3.ui_value = '*'
                     web4 = RhodeCodeUi()
                     web4.ui_section = 'web'
                     web4.ui_key = 'baseurl'
                     web4.ui_value = '/'
                     paths = RhodeCodeUi()
                     paths.ui_section = 'paths'
                     paths.ui_key = '/'
                     paths.ui_value = path
                     hgsettings1 = RhodeCodeSetting('realm', 'RhodeCode authentication')
                     hgsettings2 = RhodeCodeSetting('title', 'RhodeCode')
                     hgsettings3 = RhodeCodeSetting('ga_code', '')
                     self.sa.add(web1)
                     self.sa.add(web2)
                     self.sa.add(web3)
                     self.sa.add(web4)
                     self.sa.add(paths)
                     self.sa.add(hgsettings1)
                     self.sa.add(hgsettings2)
                     self.sa.add(hgsettings3)
                     self.create_ldap_options()
                     log.info('created ui config')
                 def create_user(self, username, password, email='', admin=False):
                     log.info('creating user %s' % username)
                     UserModel().create_or_update(username, password, email,
                                                  name='RhodeCode', lastname='Admin',
                                                  active=True, admin=admin)
                 def create_default_user(self):
                     log.info('creating default user')
                     # create default user for handling default permissions.
                     UserModel().create_or_update(username='default',
                                           password=str(uuid.uuid1())[:8],
                                           email='anonymous@rhodecode.org',
                                           name='Anonymous', lastname='User')
                 def create_permissions(self):
                     # module.(access|create|change|delete)_[name]
                     # module.(none|read|write|admin)
                     perms = [
                      ('repository.none', 'Repository no access'),
                      ('repository.read', 'Repository read access'),
                      ('repository.write', 'Repository write access'),
                      ('repository.admin', 'Repository admin access'),
                      ('group.none', 'Repositories Group no access'),
                      ('group.read', 'Repositories Group read access'),
                      ('group.write', 'Repositories Group write access'),
                      ('group.admin', 'Repositories Group admin access'),
                      ('hg.admin', 'Hg Administrator'),
                      ('hg.create.repository', 'Repository create'),
                      ('hg.create.none', 'Repository creation disabled'),
                      ('hg.register.none', 'Register disabled'),
                      ('hg.register.manual_activate', 'Register new user with RhodeCode '
                                                      'without manual activation'),
                      ('hg.register.auto_activate', 'Register new user with RhodeCode '
                                                     'without auto activation'),
                     ]
                     for p in perms:
+                        if not Permission.get_by_key(p):
                             new_perm = Permission()
                             new_perm.permission_name = p[0]
                             new_perm.permission_longname = p[1]
                             self.sa.add(new_perm)
                 def populate_default_permissions(self):
                     log.info('creating default user permissions')
                     default_user = self.sa.query(User)\
                     .filter(User.username == 'default').scalar()
                     reg_perm = UserToPerm()
                     reg_perm.user = default_user
                     reg_perm.permission = self.sa.query(Permission)\
                     .filter(Permission.permission_name == 'hg.register.manual_activate')\
                     .scalar()
                     create_repo_perm = UserToPerm()
                     create_repo_perm.user = default_user
                     create_repo_perm.permission = self.sa.query(Permission)\
                     .filter(Permission.permission_name == 'hg.create.repository')\
                     .scalar()
                     default_repo_perm = UserToPerm()
                     default_repo_perm.user = default_user
                     default_repo_perm.permission = self.sa.query(Permission)\
                     .filter(Permission.permission_name == 'repository.read')\
                     .scalar()
                     self.sa.add(reg_perm)
                     self.sa.add(create_repo_perm)
                     self.sa.add(default_repo_perm)