Show More
@@ -1,995 +1,1008 b'' | |||||
1 | # -*- coding: utf-8 -*- |
|
1 | # -*- coding: utf-8 -*- | |
2 | """ |
|
2 | """ | |
3 | rhodecode.lib.auth |
|
3 | rhodecode.lib.auth | |
4 | ~~~~~~~~~~~~~~~~~~ |
|
4 | ~~~~~~~~~~~~~~~~~~ | |
5 |
|
5 | |||
6 | authentication and permission libraries |
|
6 | authentication and permission libraries | |
7 |
|
7 | |||
8 | :created_on: Apr 4, 2010 |
|
8 | :created_on: Apr 4, 2010 | |
9 | :author: marcink |
|
9 | :author: marcink | |
10 | :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com> |
|
10 | :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com> | |
11 | :license: GPLv3, see COPYING for more details. |
|
11 | :license: GPLv3, see COPYING for more details. | |
12 | """ |
|
12 | """ | |
13 | # This program is free software: you can redistribute it and/or modify |
|
13 | # This program is free software: you can redistribute it and/or modify | |
14 | # it under the terms of the GNU General Public License as published by |
|
14 | # it under the terms of the GNU General Public License as published by | |
15 | # the Free Software Foundation, either version 3 of the License, or |
|
15 | # the Free Software Foundation, either version 3 of the License, or | |
16 | # (at your option) any later version. |
|
16 | # (at your option) any later version. | |
17 | # |
|
17 | # | |
18 | # This program is distributed in the hope that it will be useful, |
|
18 | # This program is distributed in the hope that it will be useful, | |
19 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
19 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
20 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
20 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
21 | # GNU General Public License for more details. |
|
21 | # GNU General Public License for more details. | |
22 | # |
|
22 | # | |
23 | # You should have received a copy of the GNU General Public License |
|
23 | # You should have received a copy of the GNU General Public License | |
24 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
24 | # along with this program. If not, see <http://www.gnu.org/licenses/>. | |
25 |
|
25 | |||
26 | import random |
|
26 | import random | |
27 | import logging |
|
27 | import logging | |
28 | import traceback |
|
28 | import traceback | |
29 | import hashlib |
|
29 | import hashlib | |
30 |
|
30 | |||
31 | from tempfile import _RandomNameSequence |
|
31 | from tempfile import _RandomNameSequence | |
32 | from decorator import decorator |
|
32 | from decorator import decorator | |
33 |
|
33 | |||
34 | from pylons import config, url, request |
|
34 | from pylons import config, url, request | |
35 | from pylons.controllers.util import abort, redirect |
|
35 | from pylons.controllers.util import abort, redirect | |
36 | from pylons.i18n.translation import _ |
|
36 | from pylons.i18n.translation import _ | |
|
37 | from sqlalchemy.orm.exc import ObjectDeletedError | |||
37 |
|
38 | |||
38 | from rhodecode import __platform__, is_windows, is_unix |
|
39 | from rhodecode import __platform__, is_windows, is_unix | |
39 | from rhodecode.model.meta import Session |
|
40 | from rhodecode.model.meta import Session | |
40 |
|
41 | |||
41 | from rhodecode.lib.utils2 import str2bool, safe_unicode |
|
42 | from rhodecode.lib.utils2 import str2bool, safe_unicode | |
42 | from rhodecode.lib.exceptions import LdapPasswordError, LdapUsernameError |
|
43 | from rhodecode.lib.exceptions import LdapPasswordError, LdapUsernameError | |
43 | from rhodecode.lib.utils import get_repo_slug, get_repos_group_slug |
|
44 | from rhodecode.lib.utils import get_repo_slug, get_repos_group_slug | |
44 | from rhodecode.lib.auth_ldap import AuthLdap |
|
45 | from rhodecode.lib.auth_ldap import AuthLdap | |
45 |
|
46 | |||
46 | from rhodecode.model import meta |
|
47 | from rhodecode.model import meta | |
47 | from rhodecode.model.user import UserModel |
|
48 | from rhodecode.model.user import UserModel | |
48 | from rhodecode.model.db import Permission, RhodeCodeSetting, User, UserIpMap |
|
49 | from rhodecode.model.db import Permission, RhodeCodeSetting, User, UserIpMap | |
49 | from rhodecode.lib.caching_query import FromCache |
|
50 | from rhodecode.lib.caching_query import FromCache | |
50 |
|
51 | |||
51 | log = logging.getLogger(__name__) |
|
52 | log = logging.getLogger(__name__) | |
52 |
|
53 | |||
53 |
|
54 | |||
54 | class PasswordGenerator(object): |
|
55 | class PasswordGenerator(object): | |
55 | """ |
|
56 | """ | |
56 | This is a simple class for generating password from different sets of |
|
57 | This is a simple class for generating password from different sets of | |
57 | characters |
|
58 | characters | |
58 | usage:: |
|
59 | usage:: | |
59 |
|
60 | |||
60 | passwd_gen = PasswordGenerator() |
|
61 | passwd_gen = PasswordGenerator() | |
61 | #print 8-letter password containing only big and small letters |
|
62 | #print 8-letter password containing only big and small letters | |
62 | of alphabet |
|
63 | of alphabet | |
63 | passwd_gen.gen_password(8, passwd_gen.ALPHABETS_BIG_SMALL) |
|
64 | passwd_gen.gen_password(8, passwd_gen.ALPHABETS_BIG_SMALL) | |
64 | """ |
|
65 | """ | |
65 | ALPHABETS_NUM = r'''1234567890''' |
|
66 | ALPHABETS_NUM = r'''1234567890''' | |
66 | ALPHABETS_SMALL = r'''qwertyuiopasdfghjklzxcvbnm''' |
|
67 | ALPHABETS_SMALL = r'''qwertyuiopasdfghjklzxcvbnm''' | |
67 | ALPHABETS_BIG = r'''QWERTYUIOPASDFGHJKLZXCVBNM''' |
|
68 | ALPHABETS_BIG = r'''QWERTYUIOPASDFGHJKLZXCVBNM''' | |
68 | ALPHABETS_SPECIAL = r'''`-=[]\;',./~!@#$%^&*()_+{}|:"<>?''' |
|
69 | ALPHABETS_SPECIAL = r'''`-=[]\;',./~!@#$%^&*()_+{}|:"<>?''' | |
69 | ALPHABETS_FULL = ALPHABETS_BIG + ALPHABETS_SMALL \ |
|
70 | ALPHABETS_FULL = ALPHABETS_BIG + ALPHABETS_SMALL \ | |
70 | + ALPHABETS_NUM + ALPHABETS_SPECIAL |
|
71 | + ALPHABETS_NUM + ALPHABETS_SPECIAL | |
71 | ALPHABETS_ALPHANUM = ALPHABETS_BIG + ALPHABETS_SMALL + ALPHABETS_NUM |
|
72 | ALPHABETS_ALPHANUM = ALPHABETS_BIG + ALPHABETS_SMALL + ALPHABETS_NUM | |
72 | ALPHABETS_BIG_SMALL = ALPHABETS_BIG + ALPHABETS_SMALL |
|
73 | ALPHABETS_BIG_SMALL = ALPHABETS_BIG + ALPHABETS_SMALL | |
73 | ALPHABETS_ALPHANUM_BIG = ALPHABETS_BIG + ALPHABETS_NUM |
|
74 | ALPHABETS_ALPHANUM_BIG = ALPHABETS_BIG + ALPHABETS_NUM | |
74 | ALPHABETS_ALPHANUM_SMALL = ALPHABETS_SMALL + ALPHABETS_NUM |
|
75 | ALPHABETS_ALPHANUM_SMALL = ALPHABETS_SMALL + ALPHABETS_NUM | |
75 |
|
76 | |||
76 | def __init__(self, passwd=''): |
|
77 | def __init__(self, passwd=''): | |
77 | self.passwd = passwd |
|
78 | self.passwd = passwd | |
78 |
|
79 | |||
79 | def gen_password(self, length, type_=None): |
|
80 | def gen_password(self, length, type_=None): | |
80 | if type_ is None: |
|
81 | if type_ is None: | |
81 | type_ = self.ALPHABETS_FULL |
|
82 | type_ = self.ALPHABETS_FULL | |
82 | self.passwd = ''.join([random.choice(type_) for _ in xrange(length)]) |
|
83 | self.passwd = ''.join([random.choice(type_) for _ in xrange(length)]) | |
83 | return self.passwd |
|
84 | return self.passwd | |
84 |
|
85 | |||
85 |
|
86 | |||
86 | class RhodeCodeCrypto(object): |
|
87 | class RhodeCodeCrypto(object): | |
87 |
|
88 | |||
88 | @classmethod |
|
89 | @classmethod | |
89 | def hash_string(cls, str_): |
|
90 | def hash_string(cls, str_): | |
90 | """ |
|
91 | """ | |
91 | Cryptographic function used for password hashing based on pybcrypt |
|
92 | Cryptographic function used for password hashing based on pybcrypt | |
92 | or pycrypto in windows |
|
93 | or pycrypto in windows | |
93 |
|
94 | |||
94 | :param password: password to hash |
|
95 | :param password: password to hash | |
95 | """ |
|
96 | """ | |
96 | if is_windows: |
|
97 | if is_windows: | |
97 | from hashlib import sha256 |
|
98 | from hashlib import sha256 | |
98 | return sha256(str_).hexdigest() |
|
99 | return sha256(str_).hexdigest() | |
99 | elif is_unix: |
|
100 | elif is_unix: | |
100 | import bcrypt |
|
101 | import bcrypt | |
101 | return bcrypt.hashpw(str_, bcrypt.gensalt(10)) |
|
102 | return bcrypt.hashpw(str_, bcrypt.gensalt(10)) | |
102 | else: |
|
103 | else: | |
103 | raise Exception('Unknown or unsupported platform %s' \ |
|
104 | raise Exception('Unknown or unsupported platform %s' \ | |
104 | % __platform__) |
|
105 | % __platform__) | |
105 |
|
106 | |||
106 | @classmethod |
|
107 | @classmethod | |
107 | def hash_check(cls, password, hashed): |
|
108 | def hash_check(cls, password, hashed): | |
108 | """ |
|
109 | """ | |
109 | Checks matching password with it's hashed value, runs different |
|
110 | Checks matching password with it's hashed value, runs different | |
110 | implementation based on platform it runs on |
|
111 | implementation based on platform it runs on | |
111 |
|
112 | |||
112 | :param password: password |
|
113 | :param password: password | |
113 | :param hashed: password in hashed form |
|
114 | :param hashed: password in hashed form | |
114 | """ |
|
115 | """ | |
115 |
|
116 | |||
116 | if is_windows: |
|
117 | if is_windows: | |
117 | from hashlib import sha256 |
|
118 | from hashlib import sha256 | |
118 | return sha256(password).hexdigest() == hashed |
|
119 | return sha256(password).hexdigest() == hashed | |
119 | elif is_unix: |
|
120 | elif is_unix: | |
120 | import bcrypt |
|
121 | import bcrypt | |
121 | return bcrypt.hashpw(password, hashed) == hashed |
|
122 | return bcrypt.hashpw(password, hashed) == hashed | |
122 | else: |
|
123 | else: | |
123 | raise Exception('Unknown or unsupported platform %s' \ |
|
124 | raise Exception('Unknown or unsupported platform %s' \ | |
124 | % __platform__) |
|
125 | % __platform__) | |
125 |
|
126 | |||
126 |
|
127 | |||
127 | def get_crypt_password(password): |
|
128 | def get_crypt_password(password): | |
128 | return RhodeCodeCrypto.hash_string(password) |
|
129 | return RhodeCodeCrypto.hash_string(password) | |
129 |
|
130 | |||
130 |
|
131 | |||
131 | def check_password(password, hashed): |
|
132 | def check_password(password, hashed): | |
132 | return RhodeCodeCrypto.hash_check(password, hashed) |
|
133 | return RhodeCodeCrypto.hash_check(password, hashed) | |
133 |
|
134 | |||
134 |
|
135 | |||
135 | def generate_api_key(str_, salt=None): |
|
136 | def generate_api_key(str_, salt=None): | |
136 | """ |
|
137 | """ | |
137 | Generates API KEY from given string |
|
138 | Generates API KEY from given string | |
138 |
|
139 | |||
139 | :param str_: |
|
140 | :param str_: | |
140 | :param salt: |
|
141 | :param salt: | |
141 | """ |
|
142 | """ | |
142 |
|
143 | |||
143 | if salt is None: |
|
144 | if salt is None: | |
144 | salt = _RandomNameSequence().next() |
|
145 | salt = _RandomNameSequence().next() | |
145 |
|
146 | |||
146 | return hashlib.sha1(str_ + salt).hexdigest() |
|
147 | return hashlib.sha1(str_ + salt).hexdigest() | |
147 |
|
148 | |||
148 |
|
149 | |||
149 | def authfunc(environ, username, password): |
|
150 | def authfunc(environ, username, password): | |
150 | """ |
|
151 | """ | |
151 | Dummy authentication wrapper function used in Mercurial and Git for |
|
152 | Dummy authentication wrapper function used in Mercurial and Git for | |
152 | access control. |
|
153 | access control. | |
153 |
|
154 | |||
154 | :param environ: needed only for using in Basic auth |
|
155 | :param environ: needed only for using in Basic auth | |
155 | """ |
|
156 | """ | |
156 | return authenticate(username, password) |
|
157 | return authenticate(username, password) | |
157 |
|
158 | |||
158 |
|
159 | |||
159 | def authenticate(username, password): |
|
160 | def authenticate(username, password): | |
160 | """ |
|
161 | """ | |
161 | Authentication function used for access control, |
|
162 | Authentication function used for access control, | |
162 | firstly checks for db authentication then if ldap is enabled for ldap |
|
163 | firstly checks for db authentication then if ldap is enabled for ldap | |
163 | authentication, also creates ldap user if not in database |
|
164 | authentication, also creates ldap user if not in database | |
164 |
|
165 | |||
165 | :param username: username |
|
166 | :param username: username | |
166 | :param password: password |
|
167 | :param password: password | |
167 | """ |
|
168 | """ | |
168 |
|
169 | |||
169 | user_model = UserModel() |
|
170 | user_model = UserModel() | |
170 | user = User.get_by_username(username) |
|
171 | user = User.get_by_username(username) | |
171 |
|
172 | |||
172 | log.debug('Authenticating user using RhodeCode account') |
|
173 | log.debug('Authenticating user using RhodeCode account') | |
173 | if user is not None and not user.ldap_dn: |
|
174 | if user is not None and not user.ldap_dn: | |
174 | if user.active: |
|
175 | if user.active: | |
175 | if user.username == 'default' and user.active: |
|
176 | if user.username == 'default' and user.active: | |
176 | log.info('user %s authenticated correctly as anonymous user' % |
|
177 | log.info('user %s authenticated correctly as anonymous user' % | |
177 | username) |
|
178 | username) | |
178 | return True |
|
179 | return True | |
179 |
|
180 | |||
180 | elif user.username == username and check_password(password, |
|
181 | elif user.username == username and check_password(password, | |
181 | user.password): |
|
182 | user.password): | |
182 | log.info('user %s authenticated correctly' % username) |
|
183 | log.info('user %s authenticated correctly' % username) | |
183 | return True |
|
184 | return True | |
184 | else: |
|
185 | else: | |
185 | log.warning('user %s tried auth but is disabled' % username) |
|
186 | log.warning('user %s tried auth but is disabled' % username) | |
186 |
|
187 | |||
187 | else: |
|
188 | else: | |
188 | log.debug('Regular authentication failed') |
|
189 | log.debug('Regular authentication failed') | |
189 | user_obj = User.get_by_username(username, case_insensitive=True) |
|
190 | user_obj = User.get_by_username(username, case_insensitive=True) | |
190 |
|
191 | |||
191 | if user_obj is not None and not user_obj.ldap_dn: |
|
192 | if user_obj is not None and not user_obj.ldap_dn: | |
192 | log.debug('this user already exists as non ldap') |
|
193 | log.debug('this user already exists as non ldap') | |
193 | return False |
|
194 | return False | |
194 |
|
195 | |||
195 | ldap_settings = RhodeCodeSetting.get_ldap_settings() |
|
196 | ldap_settings = RhodeCodeSetting.get_ldap_settings() | |
196 | #====================================================================== |
|
197 | #====================================================================== | |
197 | # FALLBACK TO LDAP AUTH IF ENABLE |
|
198 | # FALLBACK TO LDAP AUTH IF ENABLE | |
198 | #====================================================================== |
|
199 | #====================================================================== | |
199 | if str2bool(ldap_settings.get('ldap_active')): |
|
200 | if str2bool(ldap_settings.get('ldap_active')): | |
200 | log.debug("Authenticating user using ldap") |
|
201 | log.debug("Authenticating user using ldap") | |
201 | kwargs = { |
|
202 | kwargs = { | |
202 | 'server': ldap_settings.get('ldap_host', ''), |
|
203 | 'server': ldap_settings.get('ldap_host', ''), | |
203 | 'base_dn': ldap_settings.get('ldap_base_dn', ''), |
|
204 | 'base_dn': ldap_settings.get('ldap_base_dn', ''), | |
204 | 'port': ldap_settings.get('ldap_port'), |
|
205 | 'port': ldap_settings.get('ldap_port'), | |
205 | 'bind_dn': ldap_settings.get('ldap_dn_user'), |
|
206 | 'bind_dn': ldap_settings.get('ldap_dn_user'), | |
206 | 'bind_pass': ldap_settings.get('ldap_dn_pass'), |
|
207 | 'bind_pass': ldap_settings.get('ldap_dn_pass'), | |
207 | 'tls_kind': ldap_settings.get('ldap_tls_kind'), |
|
208 | 'tls_kind': ldap_settings.get('ldap_tls_kind'), | |
208 | 'tls_reqcert': ldap_settings.get('ldap_tls_reqcert'), |
|
209 | 'tls_reqcert': ldap_settings.get('ldap_tls_reqcert'), | |
209 | 'ldap_filter': ldap_settings.get('ldap_filter'), |
|
210 | 'ldap_filter': ldap_settings.get('ldap_filter'), | |
210 | 'search_scope': ldap_settings.get('ldap_search_scope'), |
|
211 | 'search_scope': ldap_settings.get('ldap_search_scope'), | |
211 | 'attr_login': ldap_settings.get('ldap_attr_login'), |
|
212 | 'attr_login': ldap_settings.get('ldap_attr_login'), | |
212 | 'ldap_version': 3, |
|
213 | 'ldap_version': 3, | |
213 | } |
|
214 | } | |
214 | log.debug('Checking for ldap authentication') |
|
215 | log.debug('Checking for ldap authentication') | |
215 | try: |
|
216 | try: | |
216 | aldap = AuthLdap(**kwargs) |
|
217 | aldap = AuthLdap(**kwargs) | |
217 | (user_dn, ldap_attrs) = aldap.authenticate_ldap(username, |
|
218 | (user_dn, ldap_attrs) = aldap.authenticate_ldap(username, | |
218 | password) |
|
219 | password) | |
219 | log.debug('Got ldap DN response %s' % user_dn) |
|
220 | log.debug('Got ldap DN response %s' % user_dn) | |
220 |
|
221 | |||
221 | get_ldap_attr = lambda k: ldap_attrs.get(ldap_settings\ |
|
222 | get_ldap_attr = lambda k: ldap_attrs.get(ldap_settings\ | |
222 | .get(k), [''])[0] |
|
223 | .get(k), [''])[0] | |
223 |
|
224 | |||
224 | user_attrs = { |
|
225 | user_attrs = { | |
225 | 'name': safe_unicode(get_ldap_attr('ldap_attr_firstname')), |
|
226 | 'name': safe_unicode(get_ldap_attr('ldap_attr_firstname')), | |
226 | 'lastname': safe_unicode(get_ldap_attr('ldap_attr_lastname')), |
|
227 | 'lastname': safe_unicode(get_ldap_attr('ldap_attr_lastname')), | |
227 | 'email': get_ldap_attr('ldap_attr_email'), |
|
228 | 'email': get_ldap_attr('ldap_attr_email'), | |
228 | } |
|
229 | } | |
229 |
|
230 | |||
230 | # don't store LDAP password since we don't need it. Override |
|
231 | # don't store LDAP password since we don't need it. Override | |
231 | # with some random generated password |
|
232 | # with some random generated password | |
232 | _password = PasswordGenerator().gen_password(length=8) |
|
233 | _password = PasswordGenerator().gen_password(length=8) | |
233 | # create this user on the fly if it doesn't exist in rhodecode |
|
234 | # create this user on the fly if it doesn't exist in rhodecode | |
234 | # database |
|
235 | # database | |
235 | if user_model.create_ldap(username, _password, user_dn, |
|
236 | if user_model.create_ldap(username, _password, user_dn, | |
236 | user_attrs): |
|
237 | user_attrs): | |
237 | log.info('created new ldap user %s' % username) |
|
238 | log.info('created new ldap user %s' % username) | |
238 |
|
239 | |||
239 | Session().commit() |
|
240 | Session().commit() | |
240 | return True |
|
241 | return True | |
241 | except (LdapUsernameError, LdapPasswordError,): |
|
242 | except (LdapUsernameError, LdapPasswordError,): | |
242 | pass |
|
243 | pass | |
243 | except (Exception,): |
|
244 | except (Exception,): | |
244 | log.error(traceback.format_exc()) |
|
245 | log.error(traceback.format_exc()) | |
245 | pass |
|
246 | pass | |
246 | return False |
|
247 | return False | |
247 |
|
248 | |||
248 |
|
249 | |||
249 | def login_container_auth(username): |
|
250 | def login_container_auth(username): | |
250 | user = User.get_by_username(username) |
|
251 | user = User.get_by_username(username) | |
251 | if user is None: |
|
252 | if user is None: | |
252 | user_attrs = { |
|
253 | user_attrs = { | |
253 | 'name': username, |
|
254 | 'name': username, | |
254 | 'lastname': None, |
|
255 | 'lastname': None, | |
255 | 'email': None, |
|
256 | 'email': None, | |
256 | } |
|
257 | } | |
257 | user = UserModel().create_for_container_auth(username, user_attrs) |
|
258 | user = UserModel().create_for_container_auth(username, user_attrs) | |
258 | if not user: |
|
259 | if not user: | |
259 | return None |
|
260 | return None | |
260 | log.info('User %s was created by container authentication' % username) |
|
261 | log.info('User %s was created by container authentication' % username) | |
261 |
|
262 | |||
262 | if not user.active: |
|
263 | if not user.active: | |
263 | return None |
|
264 | return None | |
264 |
|
265 | |||
265 | user.update_lastlogin() |
|
266 | user.update_lastlogin() | |
266 | Session().commit() |
|
267 | Session().commit() | |
267 |
|
268 | |||
268 | log.debug('User %s is now logged in by container authentication', |
|
269 | log.debug('User %s is now logged in by container authentication', | |
269 | user.username) |
|
270 | user.username) | |
270 | return user |
|
271 | return user | |
271 |
|
272 | |||
272 |
|
273 | |||
273 | def get_container_username(environ, config, clean_username=False): |
|
274 | def get_container_username(environ, config, clean_username=False): | |
274 | """ |
|
275 | """ | |
275 | Get's the container_auth username (or email). It tries to get username |
|
276 | Get's the container_auth username (or email). It tries to get username | |
276 | from REMOTE_USER if container_auth_enabled is enabled, if that fails |
|
277 | from REMOTE_USER if container_auth_enabled is enabled, if that fails | |
277 | it tries to get username from HTTP_X_FORWARDED_USER if proxypass_auth_enabled |
|
278 | it tries to get username from HTTP_X_FORWARDED_USER if proxypass_auth_enabled | |
278 | is enabled. clean_username extracts the username from this data if it's |
|
279 | is enabled. clean_username extracts the username from this data if it's | |
279 | having @ in it. |
|
280 | having @ in it. | |
280 |
|
281 | |||
281 | :param environ: |
|
282 | :param environ: | |
282 | :param config: |
|
283 | :param config: | |
283 | :param clean_username: |
|
284 | :param clean_username: | |
284 | """ |
|
285 | """ | |
285 | username = None |
|
286 | username = None | |
286 |
|
287 | |||
287 | if str2bool(config.get('container_auth_enabled', False)): |
|
288 | if str2bool(config.get('container_auth_enabled', False)): | |
288 | from paste.httpheaders import REMOTE_USER |
|
289 | from paste.httpheaders import REMOTE_USER | |
289 | username = REMOTE_USER(environ) |
|
290 | username = REMOTE_USER(environ) | |
290 | log.debug('extracted REMOTE_USER:%s' % (username)) |
|
291 | log.debug('extracted REMOTE_USER:%s' % (username)) | |
291 |
|
292 | |||
292 | if not username and str2bool(config.get('proxypass_auth_enabled', False)): |
|
293 | if not username and str2bool(config.get('proxypass_auth_enabled', False)): | |
293 | username = environ.get('HTTP_X_FORWARDED_USER') |
|
294 | username = environ.get('HTTP_X_FORWARDED_USER') | |
294 | log.debug('extracted HTTP_X_FORWARDED_USER:%s' % (username)) |
|
295 | log.debug('extracted HTTP_X_FORWARDED_USER:%s' % (username)) | |
295 |
|
296 | |||
296 | if username and clean_username: |
|
297 | if username and clean_username: | |
297 | # Removing realm and domain from username |
|
298 | # Removing realm and domain from username | |
298 | username = username.partition('@')[0] |
|
299 | username = username.partition('@')[0] | |
299 | username = username.rpartition('\\')[2] |
|
300 | username = username.rpartition('\\')[2] | |
300 | log.debug('Received username %s from container' % username) |
|
301 | log.debug('Received username %s from container' % username) | |
301 |
|
302 | |||
302 | return username |
|
303 | return username | |
303 |
|
304 | |||
304 |
|
305 | |||
305 | class CookieStoreWrapper(object): |
|
306 | class CookieStoreWrapper(object): | |
306 |
|
307 | |||
307 | def __init__(self, cookie_store): |
|
308 | def __init__(self, cookie_store): | |
308 | self.cookie_store = cookie_store |
|
309 | self.cookie_store = cookie_store | |
309 |
|
310 | |||
310 | def __repr__(self): |
|
311 | def __repr__(self): | |
311 | return 'CookieStore<%s>' % (self.cookie_store) |
|
312 | return 'CookieStore<%s>' % (self.cookie_store) | |
312 |
|
313 | |||
313 | def get(self, key, other=None): |
|
314 | def get(self, key, other=None): | |
314 | if isinstance(self.cookie_store, dict): |
|
315 | if isinstance(self.cookie_store, dict): | |
315 | return self.cookie_store.get(key, other) |
|
316 | return self.cookie_store.get(key, other) | |
316 | elif isinstance(self.cookie_store, AuthUser): |
|
317 | elif isinstance(self.cookie_store, AuthUser): | |
317 | return self.cookie_store.__dict__.get(key, other) |
|
318 | return self.cookie_store.__dict__.get(key, other) | |
318 |
|
319 | |||
319 |
|
320 | |||
320 | class AuthUser(object): |
|
321 | class AuthUser(object): | |
321 | """ |
|
322 | """ | |
322 | A simple object that handles all attributes of user in RhodeCode |
|
323 | A simple object that handles all attributes of user in RhodeCode | |
323 |
|
324 | |||
324 | It does lookup based on API key,given user, or user present in session |
|
325 | It does lookup based on API key,given user, or user present in session | |
325 | Then it fills all required information for such user. It also checks if |
|
326 | Then it fills all required information for such user. It also checks if | |
326 | anonymous access is enabled and if so, it returns default user as logged |
|
327 | anonymous access is enabled and if so, it returns default user as logged | |
327 | in |
|
328 | in | |
328 | """ |
|
329 | """ | |
329 |
|
330 | |||
330 | def __init__(self, user_id=None, api_key=None, username=None, ip_addr=None): |
|
331 | def __init__(self, user_id=None, api_key=None, username=None, ip_addr=None): | |
331 |
|
332 | |||
332 | self.user_id = user_id |
|
333 | self.user_id = user_id | |
333 | self.api_key = None |
|
334 | self.api_key = None | |
334 | self.username = username |
|
335 | self.username = username | |
335 | self.ip_addr = ip_addr |
|
336 | self.ip_addr = ip_addr | |
336 |
|
337 | |||
337 | self.name = '' |
|
338 | self.name = '' | |
338 | self.lastname = '' |
|
339 | self.lastname = '' | |
339 | self.email = '' |
|
340 | self.email = '' | |
340 | self.is_authenticated = False |
|
341 | self.is_authenticated = False | |
341 | self.admin = False |
|
342 | self.admin = False | |
342 | self.inherit_default_permissions = False |
|
343 | self.inherit_default_permissions = False | |
343 | self.permissions = {} |
|
344 | self.permissions = {} | |
344 | self._api_key = api_key |
|
345 | self._api_key = api_key | |
345 | self.propagate_data() |
|
346 | self.propagate_data() | |
346 | self._instance = None |
|
347 | self._instance = None | |
347 |
|
348 | |||
348 | def propagate_data(self): |
|
349 | def propagate_data(self): | |
349 | user_model = UserModel() |
|
350 | user_model = UserModel() | |
350 | self.anonymous_user = User.get_by_username('default', cache=True) |
|
351 | self.anonymous_user = User.get_by_username('default', cache=True) | |
351 | is_user_loaded = False |
|
352 | is_user_loaded = False | |
352 |
|
353 | |||
353 | # try go get user by api key |
|
354 | # try go get user by api key | |
354 | if self._api_key and self._api_key != self.anonymous_user.api_key: |
|
355 | if self._api_key and self._api_key != self.anonymous_user.api_key: | |
355 | log.debug('Auth User lookup by API KEY %s' % self._api_key) |
|
356 | log.debug('Auth User lookup by API KEY %s' % self._api_key) | |
356 | is_user_loaded = user_model.fill_data(self, api_key=self._api_key) |
|
357 | is_user_loaded = user_model.fill_data(self, api_key=self._api_key) | |
357 | # lookup by userid |
|
358 | # lookup by userid | |
358 | elif (self.user_id is not None and |
|
359 | elif (self.user_id is not None and | |
359 | self.user_id != self.anonymous_user.user_id): |
|
360 | self.user_id != self.anonymous_user.user_id): | |
360 | log.debug('Auth User lookup by USER ID %s' % self.user_id) |
|
361 | log.debug('Auth User lookup by USER ID %s' % self.user_id) | |
361 | is_user_loaded = user_model.fill_data(self, user_id=self.user_id) |
|
362 | is_user_loaded = user_model.fill_data(self, user_id=self.user_id) | |
362 | # lookup by username |
|
363 | # lookup by username | |
363 | elif self.username and \ |
|
364 | elif self.username and \ | |
364 | str2bool(config.get('container_auth_enabled', False)): |
|
365 | str2bool(config.get('container_auth_enabled', False)): | |
365 |
|
366 | |||
366 | log.debug('Auth User lookup by USER NAME %s' % self.username) |
|
367 | log.debug('Auth User lookup by USER NAME %s' % self.username) | |
367 | dbuser = login_container_auth(self.username) |
|
368 | dbuser = login_container_auth(self.username) | |
368 | if dbuser is not None: |
|
369 | if dbuser is not None: | |
369 | log.debug('filling all attributes to object') |
|
370 | log.debug('filling all attributes to object') | |
370 | for k, v in dbuser.get_dict().items(): |
|
371 | for k, v in dbuser.get_dict().items(): | |
371 | setattr(self, k, v) |
|
372 | setattr(self, k, v) | |
372 | self.set_authenticated() |
|
373 | self.set_authenticated() | |
373 | is_user_loaded = True |
|
374 | is_user_loaded = True | |
374 | else: |
|
375 | else: | |
375 | log.debug('No data in %s that could been used to log in' % self) |
|
376 | log.debug('No data in %s that could been used to log in' % self) | |
376 |
|
377 | |||
377 | if not is_user_loaded: |
|
378 | if not is_user_loaded: | |
378 | # if we cannot authenticate user try anonymous |
|
379 | # if we cannot authenticate user try anonymous | |
379 | if self.anonymous_user.active is True: |
|
380 | if self.anonymous_user.active is True: | |
380 | user_model.fill_data(self, user_id=self.anonymous_user.user_id) |
|
381 | user_model.fill_data(self, user_id=self.anonymous_user.user_id) | |
381 | # then we set this user is logged in |
|
382 | # then we set this user is logged in | |
382 | self.is_authenticated = True |
|
383 | self.is_authenticated = True | |
383 | else: |
|
384 | else: | |
384 | self.user_id = None |
|
385 | self.user_id = None | |
385 | self.username = None |
|
386 | self.username = None | |
386 | self.is_authenticated = False |
|
387 | self.is_authenticated = False | |
387 |
|
388 | |||
388 | if not self.username: |
|
389 | if not self.username: | |
389 | self.username = 'None' |
|
390 | self.username = 'None' | |
390 |
|
391 | |||
391 | log.debug('Auth User is now %s' % self) |
|
392 | log.debug('Auth User is now %s' % self) | |
392 | user_model.fill_perms(self) |
|
393 | user_model.fill_perms(self) | |
393 |
|
394 | |||
394 | @property |
|
395 | @property | |
395 | def is_admin(self): |
|
396 | def is_admin(self): | |
396 | return self.admin |
|
397 | return self.admin | |
397 |
|
398 | |||
398 | @property |
|
399 | @property | |
399 | def ip_allowed(self): |
|
400 | def ip_allowed(self): | |
400 | """ |
|
401 | """ | |
401 | Checks if ip_addr used in constructor is allowed from defined list of |
|
402 | Checks if ip_addr used in constructor is allowed from defined list of | |
402 | allowed ip_addresses for user |
|
403 | allowed ip_addresses for user | |
403 |
|
404 | |||
404 | :returns: boolean, True if ip is in allowed ip range |
|
405 | :returns: boolean, True if ip is in allowed ip range | |
405 | """ |
|
406 | """ | |
406 | #check IP |
|
407 | #check IP | |
407 | allowed_ips = AuthUser.get_allowed_ips(self.user_id, cache=True) |
|
408 | allowed_ips = AuthUser.get_allowed_ips(self.user_id, cache=True) | |
408 | if check_ip_access(source_ip=self.ip_addr, allowed_ips=allowed_ips): |
|
409 | if check_ip_access(source_ip=self.ip_addr, allowed_ips=allowed_ips): | |
409 | log.debug('IP:%s is in range of %s' % (self.ip_addr, allowed_ips)) |
|
410 | log.debug('IP:%s is in range of %s' % (self.ip_addr, allowed_ips)) | |
410 | return True |
|
411 | return True | |
411 | else: |
|
412 | else: | |
412 | log.info('Access for IP:%s forbidden, ' |
|
413 | log.info('Access for IP:%s forbidden, ' | |
413 | 'not in %s' % (self.ip_addr, allowed_ips)) |
|
414 | 'not in %s' % (self.ip_addr, allowed_ips)) | |
414 | return False |
|
415 | return False | |
415 |
|
416 | |||
416 | def __repr__(self): |
|
417 | def __repr__(self): | |
417 | return "<AuthUser('id:%s:%s|%s')>" % (self.user_id, self.username, |
|
418 | return "<AuthUser('id:%s:%s|%s')>" % (self.user_id, self.username, | |
418 | self.is_authenticated) |
|
419 | self.is_authenticated) | |
419 |
|
420 | |||
420 | def set_authenticated(self, authenticated=True): |
|
421 | def set_authenticated(self, authenticated=True): | |
421 | if self.user_id != self.anonymous_user.user_id: |
|
422 | if self.user_id != self.anonymous_user.user_id: | |
422 | self.is_authenticated = authenticated |
|
423 | self.is_authenticated = authenticated | |
423 |
|
424 | |||
424 | def get_cookie_store(self): |
|
425 | def get_cookie_store(self): | |
425 | return {'username': self.username, |
|
426 | return {'username': self.username, | |
426 | 'user_id': self.user_id, |
|
427 | 'user_id': self.user_id, | |
427 | 'is_authenticated': self.is_authenticated} |
|
428 | 'is_authenticated': self.is_authenticated} | |
428 |
|
429 | |||
429 | @classmethod |
|
430 | @classmethod | |
430 | def from_cookie_store(cls, cookie_store): |
|
431 | def from_cookie_store(cls, cookie_store): | |
431 | """ |
|
432 | """ | |
432 | Creates AuthUser from a cookie store |
|
433 | Creates AuthUser from a cookie store | |
433 |
|
434 | |||
434 | :param cls: |
|
435 | :param cls: | |
435 | :param cookie_store: |
|
436 | :param cookie_store: | |
436 | """ |
|
437 | """ | |
437 | user_id = cookie_store.get('user_id') |
|
438 | user_id = cookie_store.get('user_id') | |
438 | username = cookie_store.get('username') |
|
439 | username = cookie_store.get('username') | |
439 | api_key = cookie_store.get('api_key') |
|
440 | api_key = cookie_store.get('api_key') | |
440 | return AuthUser(user_id, api_key, username) |
|
441 | return AuthUser(user_id, api_key, username) | |
441 |
|
442 | |||
442 | @classmethod |
|
443 | @classmethod | |
443 | def get_allowed_ips(cls, user_id, cache=False): |
|
444 | def get_allowed_ips(cls, user_id, cache=False): | |
444 | _set = set() |
|
445 | _set = set() | |
445 | user_ips = UserIpMap.query().filter(UserIpMap.user_id == user_id) |
|
446 | user_ips = UserIpMap.query().filter(UserIpMap.user_id == user_id) | |
446 | if cache: |
|
447 | if cache: | |
447 | user_ips = user_ips.options(FromCache("sql_cache_short", |
|
448 | user_ips = user_ips.options(FromCache("sql_cache_short", | |
448 | "get_user_ips_%s" % user_id)) |
|
449 | "get_user_ips_%s" % user_id)) | |
449 | for ip in user_ips: |
|
450 | for ip in user_ips: | |
450 | _set.add(ip.ip_addr) |
|
451 | try: | |
451 | return _set or set(['0.0.0.0/0']) |
|
452 | _set.add(ip.ip_addr) | |
|
453 | except ObjectDeletedError: | |||
|
454 | # since we use heavy caching sometimes it happens that we get | |||
|
455 | # deleted objects here, we just skip them | |||
|
456 | pass | |||
|
457 | return _set or set(['0.0.0.0/0', '::/0']) | |||
452 |
|
458 | |||
453 |
|
459 | |||
454 | def set_available_permissions(config): |
|
460 | def set_available_permissions(config): | |
455 | """ |
|
461 | """ | |
456 | This function will propagate pylons globals with all available defined |
|
462 | This function will propagate pylons globals with all available defined | |
457 | permission given in db. We don't want to check each time from db for new |
|
463 | permission given in db. We don't want to check each time from db for new | |
458 | permissions since adding a new permission also requires application restart |
|
464 | permissions since adding a new permission also requires application restart | |
459 | ie. to decorate new views with the newly created permission |
|
465 | ie. to decorate new views with the newly created permission | |
460 |
|
466 | |||
461 | :param config: current pylons config instance |
|
467 | :param config: current pylons config instance | |
462 |
|
468 | |||
463 | """ |
|
469 | """ | |
464 | log.info('getting information about all available permissions') |
|
470 | log.info('getting information about all available permissions') | |
465 | try: |
|
471 | try: | |
466 | sa = meta.Session |
|
472 | sa = meta.Session | |
467 | all_perms = sa.query(Permission).all() |
|
473 | all_perms = sa.query(Permission).all() | |
468 | except Exception: |
|
474 | except Exception: | |
469 | pass |
|
475 | pass | |
470 | finally: |
|
476 | finally: | |
471 | meta.Session.remove() |
|
477 | meta.Session.remove() | |
472 |
|
478 | |||
473 | config['available_permissions'] = [x.permission_name for x in all_perms] |
|
479 | config['available_permissions'] = [x.permission_name for x in all_perms] | |
474 |
|
480 | |||
475 |
|
481 | |||
476 | #============================================================================== |
|
482 | #============================================================================== | |
477 | # CHECK DECORATORS |
|
483 | # CHECK DECORATORS | |
478 | #============================================================================== |
|
484 | #============================================================================== | |
479 | class LoginRequired(object): |
|
485 | class LoginRequired(object): | |
480 | """ |
|
486 | """ | |
481 | Must be logged in to execute this function else |
|
487 | Must be logged in to execute this function else | |
482 | redirect to login page |
|
488 | redirect to login page | |
483 |
|
489 | |||
484 | :param api_access: if enabled this checks only for valid auth token |
|
490 | :param api_access: if enabled this checks only for valid auth token | |
485 | and grants access based on valid token |
|
491 | and grants access based on valid token | |
486 | """ |
|
492 | """ | |
487 |
|
493 | |||
488 | def __init__(self, api_access=False): |
|
494 | def __init__(self, api_access=False): | |
489 | self.api_access = api_access |
|
495 | self.api_access = api_access | |
490 |
|
496 | |||
491 | def __call__(self, func): |
|
497 | def __call__(self, func): | |
492 | return decorator(self.__wrapper, func) |
|
498 | return decorator(self.__wrapper, func) | |
493 |
|
499 | |||
494 | def __wrapper(self, func, *fargs, **fkwargs): |
|
500 | def __wrapper(self, func, *fargs, **fkwargs): | |
495 | cls = fargs[0] |
|
501 | cls = fargs[0] | |
496 | user = cls.rhodecode_user |
|
502 | user = cls.rhodecode_user | |
497 | loc = "%s:%s" % (cls.__class__.__name__, func.__name__) |
|
503 | loc = "%s:%s" % (cls.__class__.__name__, func.__name__) | |
498 |
|
504 | |||
499 | #check IP |
|
505 | #check IP | |
500 | ip_access_ok = True |
|
506 | ip_access_ok = True | |
501 | if not user.ip_allowed: |
|
507 | if not user.ip_allowed: | |
502 | from rhodecode.lib import helpers as h |
|
508 | from rhodecode.lib import helpers as h | |
503 | h.flash(h.literal(_('IP %s not allowed' % (user.ip_addr))), |
|
509 | h.flash(h.literal(_('IP %s not allowed' % (user.ip_addr))), | |
504 | category='warning') |
|
510 | category='warning') | |
505 | ip_access_ok = False |
|
511 | ip_access_ok = False | |
506 |
|
512 | |||
507 | api_access_ok = False |
|
513 | api_access_ok = False | |
508 | if self.api_access: |
|
514 | if self.api_access: | |
509 | log.debug('Checking API KEY access for %s' % cls) |
|
515 | log.debug('Checking API KEY access for %s' % cls) | |
510 | if user.api_key == request.GET.get('api_key'): |
|
516 | if user.api_key == request.GET.get('api_key'): | |
511 | api_access_ok = True |
|
517 | api_access_ok = True | |
512 | else: |
|
518 | else: | |
513 | log.debug("API KEY token not valid") |
|
519 | log.debug("API KEY token not valid") | |
514 |
|
520 | |||
515 | log.debug('Checking if %s is authenticated @ %s' % (user.username, loc)) |
|
521 | log.debug('Checking if %s is authenticated @ %s' % (user.username, loc)) | |
516 | if (user.is_authenticated or api_access_ok) and ip_access_ok: |
|
522 | if (user.is_authenticated or api_access_ok) and ip_access_ok: | |
517 | reason = 'RegularAuth' if user.is_authenticated else 'APIAuth' |
|
523 | reason = 'RegularAuth' if user.is_authenticated else 'APIAuth' | |
518 | log.info('user %s is authenticated and granted access to %s ' |
|
524 | log.info('user %s is authenticated and granted access to %s ' | |
519 | 'using %s' % (user.username, loc, reason) |
|
525 | 'using %s' % (user.username, loc, reason) | |
520 | ) |
|
526 | ) | |
521 | return func(*fargs, **fkwargs) |
|
527 | return func(*fargs, **fkwargs) | |
522 | else: |
|
528 | else: | |
523 | log.warn('user %s NOT authenticated on func: %s' % ( |
|
529 | log.warn('user %s NOT authenticated on func: %s' % ( | |
524 | user, loc) |
|
530 | user, loc) | |
525 | ) |
|
531 | ) | |
526 | p = url.current() |
|
532 | p = url.current() | |
527 |
|
533 | |||
528 | log.debug('redirecting to login page with %s' % p) |
|
534 | log.debug('redirecting to login page with %s' % p) | |
529 | return redirect(url('login_home', came_from=p)) |
|
535 | return redirect(url('login_home', came_from=p)) | |
530 |
|
536 | |||
531 |
|
537 | |||
532 | class NotAnonymous(object): |
|
538 | class NotAnonymous(object): | |
533 | """ |
|
539 | """ | |
534 | Must be logged in to execute this function else |
|
540 | Must be logged in to execute this function else | |
535 | redirect to login page""" |
|
541 | redirect to login page""" | |
536 |
|
542 | |||
537 | def __call__(self, func): |
|
543 | def __call__(self, func): | |
538 | return decorator(self.__wrapper, func) |
|
544 | return decorator(self.__wrapper, func) | |
539 |
|
545 | |||
540 | def __wrapper(self, func, *fargs, **fkwargs): |
|
546 | def __wrapper(self, func, *fargs, **fkwargs): | |
541 | cls = fargs[0] |
|
547 | cls = fargs[0] | |
542 | self.user = cls.rhodecode_user |
|
548 | self.user = cls.rhodecode_user | |
543 |
|
549 | |||
544 | log.debug('Checking if user is not anonymous @%s' % cls) |
|
550 | log.debug('Checking if user is not anonymous @%s' % cls) | |
545 |
|
551 | |||
546 | anonymous = self.user.username == 'default' |
|
552 | anonymous = self.user.username == 'default' | |
547 |
|
553 | |||
548 | if anonymous: |
|
554 | if anonymous: | |
549 | p = url.current() |
|
555 | p = url.current() | |
550 |
|
556 | |||
551 | import rhodecode.lib.helpers as h |
|
557 | import rhodecode.lib.helpers as h | |
552 | h.flash(_('You need to be a registered user to ' |
|
558 | h.flash(_('You need to be a registered user to ' | |
553 | 'perform this action'), |
|
559 | 'perform this action'), | |
554 | category='warning') |
|
560 | category='warning') | |
555 | return redirect(url('login_home', came_from=p)) |
|
561 | return redirect(url('login_home', came_from=p)) | |
556 | else: |
|
562 | else: | |
557 | return func(*fargs, **fkwargs) |
|
563 | return func(*fargs, **fkwargs) | |
558 |
|
564 | |||
559 |
|
565 | |||
560 | class PermsDecorator(object): |
|
566 | class PermsDecorator(object): | |
561 | """Base class for controller decorators""" |
|
567 | """Base class for controller decorators""" | |
562 |
|
568 | |||
563 | def __init__(self, *required_perms): |
|
569 | def __init__(self, *required_perms): | |
564 | available_perms = config['available_permissions'] |
|
570 | available_perms = config['available_permissions'] | |
565 | for perm in required_perms: |
|
571 | for perm in required_perms: | |
566 | if perm not in available_perms: |
|
572 | if perm not in available_perms: | |
567 | raise Exception("'%s' permission is not defined" % perm) |
|
573 | raise Exception("'%s' permission is not defined" % perm) | |
568 | self.required_perms = set(required_perms) |
|
574 | self.required_perms = set(required_perms) | |
569 | self.user_perms = None |
|
575 | self.user_perms = None | |
570 |
|
576 | |||
571 | def __call__(self, func): |
|
577 | def __call__(self, func): | |
572 | return decorator(self.__wrapper, func) |
|
578 | return decorator(self.__wrapper, func) | |
573 |
|
579 | |||
574 | def __wrapper(self, func, *fargs, **fkwargs): |
|
580 | def __wrapper(self, func, *fargs, **fkwargs): | |
575 | cls = fargs[0] |
|
581 | cls = fargs[0] | |
576 | self.user = cls.rhodecode_user |
|
582 | self.user = cls.rhodecode_user | |
577 | self.user_perms = self.user.permissions |
|
583 | self.user_perms = self.user.permissions | |
578 | log.debug('checking %s permissions %s for %s %s', |
|
584 | log.debug('checking %s permissions %s for %s %s', | |
579 | self.__class__.__name__, self.required_perms, cls, self.user) |
|
585 | self.__class__.__name__, self.required_perms, cls, self.user) | |
580 |
|
586 | |||
581 | if self.check_permissions(): |
|
587 | if self.check_permissions(): | |
582 | log.debug('Permission granted for %s %s' % (cls, self.user)) |
|
588 | log.debug('Permission granted for %s %s' % (cls, self.user)) | |
583 | return func(*fargs, **fkwargs) |
|
589 | return func(*fargs, **fkwargs) | |
584 |
|
590 | |||
585 | else: |
|
591 | else: | |
586 | log.debug('Permission denied for %s %s' % (cls, self.user)) |
|
592 | log.debug('Permission denied for %s %s' % (cls, self.user)) | |
587 | anonymous = self.user.username == 'default' |
|
593 | anonymous = self.user.username == 'default' | |
588 |
|
594 | |||
589 | if anonymous: |
|
595 | if anonymous: | |
590 | p = url.current() |
|
596 | p = url.current() | |
591 |
|
597 | |||
592 | import rhodecode.lib.helpers as h |
|
598 | import rhodecode.lib.helpers as h | |
593 | h.flash(_('You need to be a signed in to ' |
|
599 | h.flash(_('You need to be a signed in to ' | |
594 | 'view this page'), |
|
600 | 'view this page'), | |
595 | category='warning') |
|
601 | category='warning') | |
596 | return redirect(url('login_home', came_from=p)) |
|
602 | return redirect(url('login_home', came_from=p)) | |
597 |
|
603 | |||
598 | else: |
|
604 | else: | |
599 | # redirect with forbidden ret code |
|
605 | # redirect with forbidden ret code | |
600 | return abort(403) |
|
606 | return abort(403) | |
601 |
|
607 | |||
602 | def check_permissions(self): |
|
608 | def check_permissions(self): | |
603 | """Dummy function for overriding""" |
|
609 | """Dummy function for overriding""" | |
604 | raise Exception('You have to write this function in child class') |
|
610 | raise Exception('You have to write this function in child class') | |
605 |
|
611 | |||
606 |
|
612 | |||
607 | class HasPermissionAllDecorator(PermsDecorator): |
|
613 | class HasPermissionAllDecorator(PermsDecorator): | |
608 | """ |
|
614 | """ | |
609 | Checks for access permission for all given predicates. All of them |
|
615 | Checks for access permission for all given predicates. All of them | |
610 | have to be meet in order to fulfill the request |
|
616 | have to be meet in order to fulfill the request | |
611 | """ |
|
617 | """ | |
612 |
|
618 | |||
613 | def check_permissions(self): |
|
619 | def check_permissions(self): | |
614 | if self.required_perms.issubset(self.user_perms.get('global')): |
|
620 | if self.required_perms.issubset(self.user_perms.get('global')): | |
615 | return True |
|
621 | return True | |
616 | return False |
|
622 | return False | |
617 |
|
623 | |||
618 |
|
624 | |||
619 | class HasPermissionAnyDecorator(PermsDecorator): |
|
625 | class HasPermissionAnyDecorator(PermsDecorator): | |
620 | """ |
|
626 | """ | |
621 | Checks for access permission for any of given predicates. In order to |
|
627 | Checks for access permission for any of given predicates. In order to | |
622 | fulfill the request any of predicates must be meet |
|
628 | fulfill the request any of predicates must be meet | |
623 | """ |
|
629 | """ | |
624 |
|
630 | |||
625 | def check_permissions(self): |
|
631 | def check_permissions(self): | |
626 | if self.required_perms.intersection(self.user_perms.get('global')): |
|
632 | if self.required_perms.intersection(self.user_perms.get('global')): | |
627 | return True |
|
633 | return True | |
628 | return False |
|
634 | return False | |
629 |
|
635 | |||
630 |
|
636 | |||
631 | class HasRepoPermissionAllDecorator(PermsDecorator): |
|
637 | class HasRepoPermissionAllDecorator(PermsDecorator): | |
632 | """ |
|
638 | """ | |
633 | Checks for access permission for all given predicates for specific |
|
639 | Checks for access permission for all given predicates for specific | |
634 | repository. All of them have to be meet in order to fulfill the request |
|
640 | repository. All of them have to be meet in order to fulfill the request | |
635 | """ |
|
641 | """ | |
636 |
|
642 | |||
637 | def check_permissions(self): |
|
643 | def check_permissions(self): | |
638 | repo_name = get_repo_slug(request) |
|
644 | repo_name = get_repo_slug(request) | |
639 | try: |
|
645 | try: | |
640 | user_perms = set([self.user_perms['repositories'][repo_name]]) |
|
646 | user_perms = set([self.user_perms['repositories'][repo_name]]) | |
641 | except KeyError: |
|
647 | except KeyError: | |
642 | return False |
|
648 | return False | |
643 | if self.required_perms.issubset(user_perms): |
|
649 | if self.required_perms.issubset(user_perms): | |
644 | return True |
|
650 | return True | |
645 | return False |
|
651 | return False | |
646 |
|
652 | |||
647 |
|
653 | |||
648 | class HasRepoPermissionAnyDecorator(PermsDecorator): |
|
654 | class HasRepoPermissionAnyDecorator(PermsDecorator): | |
649 | """ |
|
655 | """ | |
650 | Checks for access permission for any of given predicates for specific |
|
656 | Checks for access permission for any of given predicates for specific | |
651 | repository. In order to fulfill the request any of predicates must be meet |
|
657 | repository. In order to fulfill the request any of predicates must be meet | |
652 | """ |
|
658 | """ | |
653 |
|
659 | |||
654 | def check_permissions(self): |
|
660 | def check_permissions(self): | |
655 | repo_name = get_repo_slug(request) |
|
661 | repo_name = get_repo_slug(request) | |
656 |
|
662 | |||
657 | try: |
|
663 | try: | |
658 | user_perms = set([self.user_perms['repositories'][repo_name]]) |
|
664 | user_perms = set([self.user_perms['repositories'][repo_name]]) | |
659 | except KeyError: |
|
665 | except KeyError: | |
660 | return False |
|
666 | return False | |
661 |
|
667 | |||
662 | if self.required_perms.intersection(user_perms): |
|
668 | if self.required_perms.intersection(user_perms): | |
663 | return True |
|
669 | return True | |
664 | return False |
|
670 | return False | |
665 |
|
671 | |||
666 |
|
672 | |||
667 | class HasReposGroupPermissionAllDecorator(PermsDecorator): |
|
673 | class HasReposGroupPermissionAllDecorator(PermsDecorator): | |
668 | """ |
|
674 | """ | |
669 | Checks for access permission for all given predicates for specific |
|
675 | Checks for access permission for all given predicates for specific | |
670 | repository. All of them have to be meet in order to fulfill the request |
|
676 | repository. All of them have to be meet in order to fulfill the request | |
671 | """ |
|
677 | """ | |
672 |
|
678 | |||
673 | def check_permissions(self): |
|
679 | def check_permissions(self): | |
674 | group_name = get_repos_group_slug(request) |
|
680 | group_name = get_repos_group_slug(request) | |
675 | try: |
|
681 | try: | |
676 | user_perms = set([self.user_perms['repositories_groups'][group_name]]) |
|
682 | user_perms = set([self.user_perms['repositories_groups'][group_name]]) | |
677 | except KeyError: |
|
683 | except KeyError: | |
678 | return False |
|
684 | return False | |
679 | if self.required_perms.issubset(user_perms): |
|
685 | if self.required_perms.issubset(user_perms): | |
680 | return True |
|
686 | return True | |
681 | return False |
|
687 | return False | |
682 |
|
688 | |||
683 |
|
689 | |||
684 | class HasReposGroupPermissionAnyDecorator(PermsDecorator): |
|
690 | class HasReposGroupPermissionAnyDecorator(PermsDecorator): | |
685 | """ |
|
691 | """ | |
686 | Checks for access permission for any of given predicates for specific |
|
692 | Checks for access permission for any of given predicates for specific | |
687 | repository. In order to fulfill the request any of predicates must be meet |
|
693 | repository. In order to fulfill the request any of predicates must be meet | |
688 | """ |
|
694 | """ | |
689 |
|
695 | |||
690 | def check_permissions(self): |
|
696 | def check_permissions(self): | |
691 | group_name = get_repos_group_slug(request) |
|
697 | group_name = get_repos_group_slug(request) | |
692 |
|
698 | |||
693 | try: |
|
699 | try: | |
694 | user_perms = set([self.user_perms['repositories_groups'][group_name]]) |
|
700 | user_perms = set([self.user_perms['repositories_groups'][group_name]]) | |
695 | except KeyError: |
|
701 | except KeyError: | |
696 | return False |
|
702 | return False | |
697 | if self.required_perms.intersection(user_perms): |
|
703 | if self.required_perms.intersection(user_perms): | |
698 | return True |
|
704 | return True | |
699 | return False |
|
705 | return False | |
700 |
|
706 | |||
701 |
|
707 | |||
702 | #============================================================================== |
|
708 | #============================================================================== | |
703 | # CHECK FUNCTIONS |
|
709 | # CHECK FUNCTIONS | |
704 | #============================================================================== |
|
710 | #============================================================================== | |
705 | class PermsFunction(object): |
|
711 | class PermsFunction(object): | |
706 | """Base function for other check functions""" |
|
712 | """Base function for other check functions""" | |
707 |
|
713 | |||
708 | def __init__(self, *perms): |
|
714 | def __init__(self, *perms): | |
709 | available_perms = config['available_permissions'] |
|
715 | available_perms = config['available_permissions'] | |
710 |
|
716 | |||
711 | for perm in perms: |
|
717 | for perm in perms: | |
712 | if perm not in available_perms: |
|
718 | if perm not in available_perms: | |
713 | raise Exception("'%s' permission is not defined" % perm) |
|
719 | raise Exception("'%s' permission is not defined" % perm) | |
714 | self.required_perms = set(perms) |
|
720 | self.required_perms = set(perms) | |
715 | self.user_perms = None |
|
721 | self.user_perms = None | |
716 | self.repo_name = None |
|
722 | self.repo_name = None | |
717 | self.group_name = None |
|
723 | self.group_name = None | |
718 |
|
724 | |||
719 | def __call__(self, check_Location=''): |
|
725 | def __call__(self, check_Location=''): | |
720 | user = request.user |
|
726 | user = request.user | |
721 | cls_name = self.__class__.__name__ |
|
727 | cls_name = self.__class__.__name__ | |
722 | check_scope = { |
|
728 | check_scope = { | |
723 | 'HasPermissionAll': '', |
|
729 | 'HasPermissionAll': '', | |
724 | 'HasPermissionAny': '', |
|
730 | 'HasPermissionAny': '', | |
725 | 'HasRepoPermissionAll': 'repo:%s' % self.repo_name, |
|
731 | 'HasRepoPermissionAll': 'repo:%s' % self.repo_name, | |
726 | 'HasRepoPermissionAny': 'repo:%s' % self.repo_name, |
|
732 | 'HasRepoPermissionAny': 'repo:%s' % self.repo_name, | |
727 | 'HasReposGroupPermissionAll': 'group:%s' % self.group_name, |
|
733 | 'HasReposGroupPermissionAll': 'group:%s' % self.group_name, | |
728 | 'HasReposGroupPermissionAny': 'group:%s' % self.group_name, |
|
734 | 'HasReposGroupPermissionAny': 'group:%s' % self.group_name, | |
729 | }.get(cls_name, '?') |
|
735 | }.get(cls_name, '?') | |
730 | log.debug('checking cls:%s %s usr:%s %s @ %s', cls_name, |
|
736 | log.debug('checking cls:%s %s usr:%s %s @ %s', cls_name, | |
731 | self.required_perms, user, check_scope, |
|
737 | self.required_perms, user, check_scope, | |
732 | check_Location or 'unspecified location') |
|
738 | check_Location or 'unspecified location') | |
733 | if not user: |
|
739 | if not user: | |
734 | log.debug('Empty request user') |
|
740 | log.debug('Empty request user') | |
735 | return False |
|
741 | return False | |
736 | self.user_perms = user.permissions |
|
742 | self.user_perms = user.permissions | |
737 | if self.check_permissions(): |
|
743 | if self.check_permissions(): | |
738 | log.debug('Permission to %s granted for user: %s @ %s', self.repo_name, user, |
|
744 | log.debug('Permission to %s granted for user: %s @ %s', self.repo_name, user, | |
739 | check_Location or 'unspecified location') |
|
745 | check_Location or 'unspecified location') | |
740 | return True |
|
746 | return True | |
741 |
|
747 | |||
742 | else: |
|
748 | else: | |
743 | log.debug('Permission to %s denied for user: %s @ %s', self.repo_name, user, |
|
749 | log.debug('Permission to %s denied for user: %s @ %s', self.repo_name, user, | |
744 | check_Location or 'unspecified location') |
|
750 | check_Location or 'unspecified location') | |
745 | return False |
|
751 | return False | |
746 |
|
752 | |||
747 | def check_permissions(self): |
|
753 | def check_permissions(self): | |
748 | """Dummy function for overriding""" |
|
754 | """Dummy function for overriding""" | |
749 | raise Exception('You have to write this function in child class') |
|
755 | raise Exception('You have to write this function in child class') | |
750 |
|
756 | |||
751 |
|
757 | |||
752 | class HasPermissionAll(PermsFunction): |
|
758 | class HasPermissionAll(PermsFunction): | |
753 | def check_permissions(self): |
|
759 | def check_permissions(self): | |
754 | if self.required_perms.issubset(self.user_perms.get('global')): |
|
760 | if self.required_perms.issubset(self.user_perms.get('global')): | |
755 | return True |
|
761 | return True | |
756 | return False |
|
762 | return False | |
757 |
|
763 | |||
758 |
|
764 | |||
759 | class HasPermissionAny(PermsFunction): |
|
765 | class HasPermissionAny(PermsFunction): | |
760 | def check_permissions(self): |
|
766 | def check_permissions(self): | |
761 | if self.required_perms.intersection(self.user_perms.get('global')): |
|
767 | if self.required_perms.intersection(self.user_perms.get('global')): | |
762 | return True |
|
768 | return True | |
763 | return False |
|
769 | return False | |
764 |
|
770 | |||
765 |
|
771 | |||
766 | class HasRepoPermissionAll(PermsFunction): |
|
772 | class HasRepoPermissionAll(PermsFunction): | |
767 | def __call__(self, repo_name=None, check_Location=''): |
|
773 | def __call__(self, repo_name=None, check_Location=''): | |
768 | self.repo_name = repo_name |
|
774 | self.repo_name = repo_name | |
769 | return super(HasRepoPermissionAll, self).__call__(check_Location) |
|
775 | return super(HasRepoPermissionAll, self).__call__(check_Location) | |
770 |
|
776 | |||
771 | def check_permissions(self): |
|
777 | def check_permissions(self): | |
772 | if not self.repo_name: |
|
778 | if not self.repo_name: | |
773 | self.repo_name = get_repo_slug(request) |
|
779 | self.repo_name = get_repo_slug(request) | |
774 |
|
780 | |||
775 | try: |
|
781 | try: | |
776 | self._user_perms = set( |
|
782 | self._user_perms = set( | |
777 | [self.user_perms['repositories'][self.repo_name]] |
|
783 | [self.user_perms['repositories'][self.repo_name]] | |
778 | ) |
|
784 | ) | |
779 | except KeyError: |
|
785 | except KeyError: | |
780 | return False |
|
786 | return False | |
781 | if self.required_perms.issubset(self._user_perms): |
|
787 | if self.required_perms.issubset(self._user_perms): | |
782 | return True |
|
788 | return True | |
783 | return False |
|
789 | return False | |
784 |
|
790 | |||
785 |
|
791 | |||
786 | class HasRepoPermissionAny(PermsFunction): |
|
792 | class HasRepoPermissionAny(PermsFunction): | |
787 | def __call__(self, repo_name=None, check_Location=''): |
|
793 | def __call__(self, repo_name=None, check_Location=''): | |
788 | self.repo_name = repo_name |
|
794 | self.repo_name = repo_name | |
789 | return super(HasRepoPermissionAny, self).__call__(check_Location) |
|
795 | return super(HasRepoPermissionAny, self).__call__(check_Location) | |
790 |
|
796 | |||
791 | def check_permissions(self): |
|
797 | def check_permissions(self): | |
792 | if not self.repo_name: |
|
798 | if not self.repo_name: | |
793 | self.repo_name = get_repo_slug(request) |
|
799 | self.repo_name = get_repo_slug(request) | |
794 |
|
800 | |||
795 | try: |
|
801 | try: | |
796 | self._user_perms = set( |
|
802 | self._user_perms = set( | |
797 | [self.user_perms['repositories'][self.repo_name]] |
|
803 | [self.user_perms['repositories'][self.repo_name]] | |
798 | ) |
|
804 | ) | |
799 | except KeyError: |
|
805 | except KeyError: | |
800 | return False |
|
806 | return False | |
801 | if self.required_perms.intersection(self._user_perms): |
|
807 | if self.required_perms.intersection(self._user_perms): | |
802 | return True |
|
808 | return True | |
803 | return False |
|
809 | return False | |
804 |
|
810 | |||
805 |
|
811 | |||
806 | class HasReposGroupPermissionAny(PermsFunction): |
|
812 | class HasReposGroupPermissionAny(PermsFunction): | |
807 | def __call__(self, group_name=None, check_Location=''): |
|
813 | def __call__(self, group_name=None, check_Location=''): | |
808 | self.group_name = group_name |
|
814 | self.group_name = group_name | |
809 | return super(HasReposGroupPermissionAny, self).__call__(check_Location) |
|
815 | return super(HasReposGroupPermissionAny, self).__call__(check_Location) | |
810 |
|
816 | |||
811 | def check_permissions(self): |
|
817 | def check_permissions(self): | |
812 | try: |
|
818 | try: | |
813 | self._user_perms = set( |
|
819 | self._user_perms = set( | |
814 | [self.user_perms['repositories_groups'][self.group_name]] |
|
820 | [self.user_perms['repositories_groups'][self.group_name]] | |
815 | ) |
|
821 | ) | |
816 | except KeyError: |
|
822 | except KeyError: | |
817 | return False |
|
823 | return False | |
818 | if self.required_perms.intersection(self._user_perms): |
|
824 | if self.required_perms.intersection(self._user_perms): | |
819 | return True |
|
825 | return True | |
820 | return False |
|
826 | return False | |
821 |
|
827 | |||
822 |
|
828 | |||
823 | class HasReposGroupPermissionAll(PermsFunction): |
|
829 | class HasReposGroupPermissionAll(PermsFunction): | |
824 | def __call__(self, group_name=None, check_Location=''): |
|
830 | def __call__(self, group_name=None, check_Location=''): | |
825 | self.group_name = group_name |
|
831 | self.group_name = group_name | |
826 | return super(HasReposGroupPermissionAll, self).__call__(check_Location) |
|
832 | return super(HasReposGroupPermissionAll, self).__call__(check_Location) | |
827 |
|
833 | |||
828 | def check_permissions(self): |
|
834 | def check_permissions(self): | |
829 | try: |
|
835 | try: | |
830 | self._user_perms = set( |
|
836 | self._user_perms = set( | |
831 | [self.user_perms['repositories_groups'][self.group_name]] |
|
837 | [self.user_perms['repositories_groups'][self.group_name]] | |
832 | ) |
|
838 | ) | |
833 | except KeyError: |
|
839 | except KeyError: | |
834 | return False |
|
840 | return False | |
835 | if self.required_perms.issubset(self._user_perms): |
|
841 | if self.required_perms.issubset(self._user_perms): | |
836 | return True |
|
842 | return True | |
837 | return False |
|
843 | return False | |
838 |
|
844 | |||
839 |
|
845 | |||
840 | #============================================================================== |
|
846 | #============================================================================== | |
841 | # SPECIAL VERSION TO HANDLE MIDDLEWARE AUTH |
|
847 | # SPECIAL VERSION TO HANDLE MIDDLEWARE AUTH | |
842 | #============================================================================== |
|
848 | #============================================================================== | |
843 | class HasPermissionAnyMiddleware(object): |
|
849 | class HasPermissionAnyMiddleware(object): | |
844 | def __init__(self, *perms): |
|
850 | def __init__(self, *perms): | |
845 | self.required_perms = set(perms) |
|
851 | self.required_perms = set(perms) | |
846 |
|
852 | |||
847 | def __call__(self, user, repo_name): |
|
853 | def __call__(self, user, repo_name): | |
848 | # repo_name MUST be unicode, since we handle keys in permission |
|
854 | # repo_name MUST be unicode, since we handle keys in permission | |
849 | # dict by unicode |
|
855 | # dict by unicode | |
850 | repo_name = safe_unicode(repo_name) |
|
856 | repo_name = safe_unicode(repo_name) | |
851 | usr = AuthUser(user.user_id) |
|
857 | usr = AuthUser(user.user_id) | |
852 | try: |
|
858 | try: | |
853 | self.user_perms = set([usr.permissions['repositories'][repo_name]]) |
|
859 | self.user_perms = set([usr.permissions['repositories'][repo_name]]) | |
854 | except Exception: |
|
860 | except Exception: | |
855 | log.error('Exception while accessing permissions %s' % |
|
861 | log.error('Exception while accessing permissions %s' % | |
856 | traceback.format_exc()) |
|
862 | traceback.format_exc()) | |
857 | self.user_perms = set() |
|
863 | self.user_perms = set() | |
858 | self.username = user.username |
|
864 | self.username = user.username | |
859 | self.repo_name = repo_name |
|
865 | self.repo_name = repo_name | |
860 | return self.check_permissions() |
|
866 | return self.check_permissions() | |
861 |
|
867 | |||
862 | def check_permissions(self): |
|
868 | def check_permissions(self): | |
863 | log.debug('checking VCS protocol ' |
|
869 | log.debug('checking VCS protocol ' | |
864 | 'permissions %s for user:%s repository:%s', self.user_perms, |
|
870 | 'permissions %s for user:%s repository:%s', self.user_perms, | |
865 | self.username, self.repo_name) |
|
871 | self.username, self.repo_name) | |
866 | if self.required_perms.intersection(self.user_perms): |
|
872 | if self.required_perms.intersection(self.user_perms): | |
867 | log.debug('permission granted for user:%s on repo:%s' % ( |
|
873 | log.debug('permission granted for user:%s on repo:%s' % ( | |
868 | self.username, self.repo_name |
|
874 | self.username, self.repo_name | |
869 | ) |
|
875 | ) | |
870 | ) |
|
876 | ) | |
871 | return True |
|
877 | return True | |
872 | log.debug('permission denied for user:%s on repo:%s' % ( |
|
878 | log.debug('permission denied for user:%s on repo:%s' % ( | |
873 | self.username, self.repo_name |
|
879 | self.username, self.repo_name | |
874 | ) |
|
880 | ) | |
875 | ) |
|
881 | ) | |
876 | return False |
|
882 | return False | |
877 |
|
883 | |||
878 |
|
884 | |||
879 | #============================================================================== |
|
885 | #============================================================================== | |
880 | # SPECIAL VERSION TO HANDLE API AUTH |
|
886 | # SPECIAL VERSION TO HANDLE API AUTH | |
881 | #============================================================================== |
|
887 | #============================================================================== | |
882 | class _BaseApiPerm(object): |
|
888 | class _BaseApiPerm(object): | |
883 | def __init__(self, *perms): |
|
889 | def __init__(self, *perms): | |
884 | self.required_perms = set(perms) |
|
890 | self.required_perms = set(perms) | |
885 |
|
891 | |||
886 | def __call__(self, check_location='unspecified', user=None, repo_name=None): |
|
892 | def __call__(self, check_location='unspecified', user=None, repo_name=None): | |
887 | cls_name = self.__class__.__name__ |
|
893 | cls_name = self.__class__.__name__ | |
888 | check_scope = 'user:%s, repo:%s' % (user, repo_name) |
|
894 | check_scope = 'user:%s, repo:%s' % (user, repo_name) | |
889 | log.debug('checking cls:%s %s %s @ %s', cls_name, |
|
895 | log.debug('checking cls:%s %s %s @ %s', cls_name, | |
890 | self.required_perms, check_scope, check_location) |
|
896 | self.required_perms, check_scope, check_location) | |
891 | if not user: |
|
897 | if not user: | |
892 | log.debug('Empty User passed into arguments') |
|
898 | log.debug('Empty User passed into arguments') | |
893 | return False |
|
899 | return False | |
894 |
|
900 | |||
895 | ## process user |
|
901 | ## process user | |
896 | if not isinstance(user, AuthUser): |
|
902 | if not isinstance(user, AuthUser): | |
897 | user = AuthUser(user.user_id) |
|
903 | user = AuthUser(user.user_id) | |
898 |
|
904 | |||
899 | if self.check_permissions(user.permissions, repo_name): |
|
905 | if self.check_permissions(user.permissions, repo_name): | |
900 | log.debug('Permission to %s granted for user: %s @ %s', repo_name, |
|
906 | log.debug('Permission to %s granted for user: %s @ %s', repo_name, | |
901 | user, check_location) |
|
907 | user, check_location) | |
902 | return True |
|
908 | return True | |
903 |
|
909 | |||
904 | else: |
|
910 | else: | |
905 | log.debug('Permission to %s denied for user: %s @ %s', repo_name, |
|
911 | log.debug('Permission to %s denied for user: %s @ %s', repo_name, | |
906 | user, check_location) |
|
912 | user, check_location) | |
907 | return False |
|
913 | return False | |
908 |
|
914 | |||
909 | def check_permissions(self, perm_defs, repo_name): |
|
915 | def check_permissions(self, perm_defs, repo_name): | |
910 | """ |
|
916 | """ | |
911 | implement in child class should return True if permissions are ok, |
|
917 | implement in child class should return True if permissions are ok, | |
912 | False otherwise |
|
918 | False otherwise | |
913 |
|
919 | |||
914 | :param perm_defs: dict with permission definitions |
|
920 | :param perm_defs: dict with permission definitions | |
915 | :param repo_name: repo name |
|
921 | :param repo_name: repo name | |
916 | """ |
|
922 | """ | |
917 | raise NotImplementedError() |
|
923 | raise NotImplementedError() | |
918 |
|
924 | |||
919 |
|
925 | |||
920 | class HasPermissionAllApi(_BaseApiPerm): |
|
926 | class HasPermissionAllApi(_BaseApiPerm): | |
921 | def __call__(self, user, check_location=''): |
|
927 | def __call__(self, user, check_location=''): | |
922 | return super(HasPermissionAllApi, self)\ |
|
928 | return super(HasPermissionAllApi, self)\ | |
923 | .__call__(check_location=check_location, user=user) |
|
929 | .__call__(check_location=check_location, user=user) | |
924 |
|
930 | |||
925 | def check_permissions(self, perm_defs, repo): |
|
931 | def check_permissions(self, perm_defs, repo): | |
926 | if self.required_perms.issubset(perm_defs.get('global')): |
|
932 | if self.required_perms.issubset(perm_defs.get('global')): | |
927 | return True |
|
933 | return True | |
928 | return False |
|
934 | return False | |
929 |
|
935 | |||
930 |
|
936 | |||
931 | class HasPermissionAnyApi(_BaseApiPerm): |
|
937 | class HasPermissionAnyApi(_BaseApiPerm): | |
932 | def __call__(self, user, check_location=''): |
|
938 | def __call__(self, user, check_location=''): | |
933 | return super(HasPermissionAnyApi, self)\ |
|
939 | return super(HasPermissionAnyApi, self)\ | |
934 | .__call__(check_location=check_location, user=user) |
|
940 | .__call__(check_location=check_location, user=user) | |
935 |
|
941 | |||
936 | def check_permissions(self, perm_defs, repo): |
|
942 | def check_permissions(self, perm_defs, repo): | |
937 | if self.required_perms.intersection(perm_defs.get('global')): |
|
943 | if self.required_perms.intersection(perm_defs.get('global')): | |
938 | return True |
|
944 | return True | |
939 | return False |
|
945 | return False | |
940 |
|
946 | |||
941 |
|
947 | |||
942 | class HasRepoPermissionAllApi(_BaseApiPerm): |
|
948 | class HasRepoPermissionAllApi(_BaseApiPerm): | |
943 | def __call__(self, user, repo_name, check_location=''): |
|
949 | def __call__(self, user, repo_name, check_location=''): | |
944 | return super(HasRepoPermissionAllApi, self)\ |
|
950 | return super(HasRepoPermissionAllApi, self)\ | |
945 | .__call__(check_location=check_location, user=user, |
|
951 | .__call__(check_location=check_location, user=user, | |
946 | repo_name=repo_name) |
|
952 | repo_name=repo_name) | |
947 |
|
953 | |||
948 | def check_permissions(self, perm_defs, repo_name): |
|
954 | def check_permissions(self, perm_defs, repo_name): | |
949 |
|
955 | |||
950 | try: |
|
956 | try: | |
951 | self._user_perms = set( |
|
957 | self._user_perms = set( | |
952 | [perm_defs['repositories'][repo_name]] |
|
958 | [perm_defs['repositories'][repo_name]] | |
953 | ) |
|
959 | ) | |
954 | except KeyError: |
|
960 | except KeyError: | |
955 | log.warning(traceback.format_exc()) |
|
961 | log.warning(traceback.format_exc()) | |
956 | return False |
|
962 | return False | |
957 | if self.required_perms.issubset(self._user_perms): |
|
963 | if self.required_perms.issubset(self._user_perms): | |
958 | return True |
|
964 | return True | |
959 | return False |
|
965 | return False | |
960 |
|
966 | |||
961 |
|
967 | |||
962 | class HasRepoPermissionAnyApi(_BaseApiPerm): |
|
968 | class HasRepoPermissionAnyApi(_BaseApiPerm): | |
963 | def __call__(self, user, repo_name, check_location=''): |
|
969 | def __call__(self, user, repo_name, check_location=''): | |
964 | return super(HasRepoPermissionAnyApi, self)\ |
|
970 | return super(HasRepoPermissionAnyApi, self)\ | |
965 | .__call__(check_location=check_location, user=user, |
|
971 | .__call__(check_location=check_location, user=user, | |
966 | repo_name=repo_name) |
|
972 | repo_name=repo_name) | |
967 |
|
973 | |||
968 | def check_permissions(self, perm_defs, repo_name): |
|
974 | def check_permissions(self, perm_defs, repo_name): | |
969 |
|
975 | |||
970 | try: |
|
976 | try: | |
971 | _user_perms = set( |
|
977 | _user_perms = set( | |
972 | [perm_defs['repositories'][repo_name]] |
|
978 | [perm_defs['repositories'][repo_name]] | |
973 | ) |
|
979 | ) | |
974 | except KeyError: |
|
980 | except KeyError: | |
975 | log.warning(traceback.format_exc()) |
|
981 | log.warning(traceback.format_exc()) | |
976 | return False |
|
982 | return False | |
977 | if self.required_perms.intersection(_user_perms): |
|
983 | if self.required_perms.intersection(_user_perms): | |
978 | return True |
|
984 | return True | |
979 | return False |
|
985 | return False | |
980 |
|
986 | |||
981 |
|
987 | |||
982 | def check_ip_access(source_ip, allowed_ips=None): |
|
988 | def check_ip_access(source_ip, allowed_ips=None): | |
983 | """ |
|
989 | """ | |
984 | Checks if source_ip is a subnet of any of allowed_ips. |
|
990 | Checks if source_ip is a subnet of any of allowed_ips. | |
985 |
|
991 | |||
986 | :param source_ip: |
|
992 | :param source_ip: | |
987 | :param allowed_ips: list of allowed ips together with mask |
|
993 | :param allowed_ips: list of allowed ips together with mask | |
988 | """ |
|
994 | """ | |
989 | from rhodecode.lib import ipaddr |
|
995 | from rhodecode.lib import ipaddr | |
990 | log.debug('checking if ip:%s is subnet of %s' % (source_ip, allowed_ips)) |
|
996 | log.debug('checking if ip:%s is subnet of %s' % (source_ip, allowed_ips)) | |
991 | if isinstance(allowed_ips, (tuple, list, set)): |
|
997 | if isinstance(allowed_ips, (tuple, list, set)): | |
992 | for ip in allowed_ips: |
|
998 | for ip in allowed_ips: | |
993 | if ipaddr.IPAddress(source_ip) in ipaddr.IPNetwork(ip): |
|
999 | try: | |
994 | return True |
|
1000 | if ipaddr.IPAddress(source_ip) in ipaddr.IPNetwork(ip): | |
|
1001 | return True | |||
|
1002 | # for any case we cannot determine the IP, don't crash just | |||
|
1003 | # skip it and log as error, we want to say forbidden still when | |||
|
1004 | # sending bad IP | |||
|
1005 | except Exception: | |||
|
1006 | log.error(traceback.format_exc()) | |||
|
1007 | continue | |||
995 | return False |
|
1008 | return False |
@@ -1,1968 +1,1968 b'' | |||||
1 | # -*- coding: utf-8 -*- |
|
1 | # -*- coding: utf-8 -*- | |
2 | """ |
|
2 | """ | |
3 | rhodecode.model.db |
|
3 | rhodecode.model.db | |
4 | ~~~~~~~~~~~~~~~~~~ |
|
4 | ~~~~~~~~~~~~~~~~~~ | |
5 |
|
5 | |||
6 | Database Models for RhodeCode |
|
6 | Database Models for RhodeCode | |
7 |
|
7 | |||
8 | :created_on: Apr 08, 2010 |
|
8 | :created_on: Apr 08, 2010 | |
9 | :author: marcink |
|
9 | :author: marcink | |
10 | :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com> |
|
10 | :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com> | |
11 | :license: GPLv3, see COPYING for more details. |
|
11 | :license: GPLv3, see COPYING for more details. | |
12 | """ |
|
12 | """ | |
13 | # This program is free software: you can redistribute it and/or modify |
|
13 | # This program is free software: you can redistribute it and/or modify | |
14 | # it under the terms of the GNU General Public License as published by |
|
14 | # it under the terms of the GNU General Public License as published by | |
15 | # the Free Software Foundation, either version 3 of the License, or |
|
15 | # the Free Software Foundation, either version 3 of the License, or | |
16 | # (at your option) any later version. |
|
16 | # (at your option) any later version. | |
17 | # |
|
17 | # | |
18 | # This program is distributed in the hope that it will be useful, |
|
18 | # This program is distributed in the hope that it will be useful, | |
19 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
19 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
20 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
20 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
21 | # GNU General Public License for more details. |
|
21 | # GNU General Public License for more details. | |
22 | # |
|
22 | # | |
23 | # You should have received a copy of the GNU General Public License |
|
23 | # You should have received a copy of the GNU General Public License | |
24 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
24 | # along with this program. If not, see <http://www.gnu.org/licenses/>. | |
25 |
|
25 | |||
26 | import os |
|
26 | import os | |
27 | import logging |
|
27 | import logging | |
28 | import datetime |
|
28 | import datetime | |
29 | import traceback |
|
29 | import traceback | |
30 | import hashlib |
|
30 | import hashlib | |
31 | import time |
|
31 | import time | |
32 | from collections import defaultdict |
|
32 | from collections import defaultdict | |
33 |
|
33 | |||
34 | from sqlalchemy import * |
|
34 | from sqlalchemy import * | |
35 | from sqlalchemy.ext.hybrid import hybrid_property |
|
35 | from sqlalchemy.ext.hybrid import hybrid_property | |
36 | from sqlalchemy.orm import relationship, joinedload, class_mapper, validates |
|
36 | from sqlalchemy.orm import relationship, joinedload, class_mapper, validates | |
37 | from sqlalchemy.exc import DatabaseError |
|
37 | from sqlalchemy.exc import DatabaseError | |
38 | from beaker.cache import cache_region, region_invalidate |
|
38 | from beaker.cache import cache_region, region_invalidate | |
39 | from webob.exc import HTTPNotFound |
|
39 | from webob.exc import HTTPNotFound | |
40 |
|
40 | |||
41 | from pylons.i18n.translation import lazy_ugettext as _ |
|
41 | from pylons.i18n.translation import lazy_ugettext as _ | |
42 |
|
42 | |||
43 | from rhodecode.lib.vcs import get_backend |
|
43 | from rhodecode.lib.vcs import get_backend | |
44 | from rhodecode.lib.vcs.utils.helpers import get_scm |
|
44 | from rhodecode.lib.vcs.utils.helpers import get_scm | |
45 | from rhodecode.lib.vcs.exceptions import VCSError |
|
45 | from rhodecode.lib.vcs.exceptions import VCSError | |
46 | from rhodecode.lib.vcs.utils.lazy import LazyProperty |
|
46 | from rhodecode.lib.vcs.utils.lazy import LazyProperty | |
47 |
|
47 | |||
48 | from rhodecode.lib.utils2 import str2bool, safe_str, get_changeset_safe, \ |
|
48 | from rhodecode.lib.utils2 import str2bool, safe_str, get_changeset_safe, \ | |
49 | safe_unicode, remove_suffix, remove_prefix |
|
49 | safe_unicode, remove_suffix, remove_prefix | |
50 | from rhodecode.lib.compat import json |
|
50 | from rhodecode.lib.compat import json | |
51 | from rhodecode.lib.caching_query import FromCache |
|
51 | from rhodecode.lib.caching_query import FromCache | |
52 |
|
52 | |||
53 | from rhodecode.model.meta import Base, Session |
|
53 | from rhodecode.model.meta import Base, Session | |
54 |
|
54 | |||
55 | URL_SEP = '/' |
|
55 | URL_SEP = '/' | |
56 | log = logging.getLogger(__name__) |
|
56 | log = logging.getLogger(__name__) | |
57 |
|
57 | |||
58 | #============================================================================== |
|
58 | #============================================================================== | |
59 | # BASE CLASSES |
|
59 | # BASE CLASSES | |
60 | #============================================================================== |
|
60 | #============================================================================== | |
61 |
|
61 | |||
62 | _hash_key = lambda k: hashlib.md5(safe_str(k)).hexdigest() |
|
62 | _hash_key = lambda k: hashlib.md5(safe_str(k)).hexdigest() | |
63 |
|
63 | |||
64 |
|
64 | |||
65 | class BaseModel(object): |
|
65 | class BaseModel(object): | |
66 | """ |
|
66 | """ | |
67 | Base Model for all classess |
|
67 | Base Model for all classess | |
68 | """ |
|
68 | """ | |
69 |
|
69 | |||
70 | @classmethod |
|
70 | @classmethod | |
71 | def _get_keys(cls): |
|
71 | def _get_keys(cls): | |
72 | """return column names for this model """ |
|
72 | """return column names for this model """ | |
73 | return class_mapper(cls).c.keys() |
|
73 | return class_mapper(cls).c.keys() | |
74 |
|
74 | |||
75 | def get_dict(self): |
|
75 | def get_dict(self): | |
76 | """ |
|
76 | """ | |
77 | return dict with keys and values corresponding |
|
77 | return dict with keys and values corresponding | |
78 | to this model data """ |
|
78 | to this model data """ | |
79 |
|
79 | |||
80 | d = {} |
|
80 | d = {} | |
81 | for k in self._get_keys(): |
|
81 | for k in self._get_keys(): | |
82 | d[k] = getattr(self, k) |
|
82 | d[k] = getattr(self, k) | |
83 |
|
83 | |||
84 | # also use __json__() if present to get additional fields |
|
84 | # also use __json__() if present to get additional fields | |
85 | _json_attr = getattr(self, '__json__', None) |
|
85 | _json_attr = getattr(self, '__json__', None) | |
86 | if _json_attr: |
|
86 | if _json_attr: | |
87 | # update with attributes from __json__ |
|
87 | # update with attributes from __json__ | |
88 | if callable(_json_attr): |
|
88 | if callable(_json_attr): | |
89 | _json_attr = _json_attr() |
|
89 | _json_attr = _json_attr() | |
90 | for k, val in _json_attr.iteritems(): |
|
90 | for k, val in _json_attr.iteritems(): | |
91 | d[k] = val |
|
91 | d[k] = val | |
92 | return d |
|
92 | return d | |
93 |
|
93 | |||
94 | def get_appstruct(self): |
|
94 | def get_appstruct(self): | |
95 | """return list with keys and values tupples corresponding |
|
95 | """return list with keys and values tupples corresponding | |
96 | to this model data """ |
|
96 | to this model data """ | |
97 |
|
97 | |||
98 | l = [] |
|
98 | l = [] | |
99 | for k in self._get_keys(): |
|
99 | for k in self._get_keys(): | |
100 | l.append((k, getattr(self, k),)) |
|
100 | l.append((k, getattr(self, k),)) | |
101 | return l |
|
101 | return l | |
102 |
|
102 | |||
103 | def populate_obj(self, populate_dict): |
|
103 | def populate_obj(self, populate_dict): | |
104 | """populate model with data from given populate_dict""" |
|
104 | """populate model with data from given populate_dict""" | |
105 |
|
105 | |||
106 | for k in self._get_keys(): |
|
106 | for k in self._get_keys(): | |
107 | if k in populate_dict: |
|
107 | if k in populate_dict: | |
108 | setattr(self, k, populate_dict[k]) |
|
108 | setattr(self, k, populate_dict[k]) | |
109 |
|
109 | |||
110 | @classmethod |
|
110 | @classmethod | |
111 | def query(cls): |
|
111 | def query(cls): | |
112 | return Session().query(cls) |
|
112 | return Session().query(cls) | |
113 |
|
113 | |||
114 | @classmethod |
|
114 | @classmethod | |
115 | def get(cls, id_): |
|
115 | def get(cls, id_): | |
116 | if id_: |
|
116 | if id_: | |
117 | return cls.query().get(id_) |
|
117 | return cls.query().get(id_) | |
118 |
|
118 | |||
119 | @classmethod |
|
119 | @classmethod | |
120 | def get_or_404(cls, id_): |
|
120 | def get_or_404(cls, id_): | |
121 | try: |
|
121 | try: | |
122 | id_ = int(id_) |
|
122 | id_ = int(id_) | |
123 | except (TypeError, ValueError): |
|
123 | except (TypeError, ValueError): | |
124 | raise HTTPNotFound |
|
124 | raise HTTPNotFound | |
125 |
|
125 | |||
126 | res = cls.query().get(id_) |
|
126 | res = cls.query().get(id_) | |
127 | if not res: |
|
127 | if not res: | |
128 | raise HTTPNotFound |
|
128 | raise HTTPNotFound | |
129 | return res |
|
129 | return res | |
130 |
|
130 | |||
131 | @classmethod |
|
131 | @classmethod | |
132 | def getAll(cls): |
|
132 | def getAll(cls): | |
133 | return cls.query().all() |
|
133 | return cls.query().all() | |
134 |
|
134 | |||
135 | @classmethod |
|
135 | @classmethod | |
136 | def delete(cls, id_): |
|
136 | def delete(cls, id_): | |
137 | obj = cls.query().get(id_) |
|
137 | obj = cls.query().get(id_) | |
138 | Session().delete(obj) |
|
138 | Session().delete(obj) | |
139 |
|
139 | |||
140 | def __repr__(self): |
|
140 | def __repr__(self): | |
141 | if hasattr(self, '__unicode__'): |
|
141 | if hasattr(self, '__unicode__'): | |
142 | # python repr needs to return str |
|
142 | # python repr needs to return str | |
143 | return safe_str(self.__unicode__()) |
|
143 | return safe_str(self.__unicode__()) | |
144 | return '<DB:%s>' % (self.__class__.__name__) |
|
144 | return '<DB:%s>' % (self.__class__.__name__) | |
145 |
|
145 | |||
146 |
|
146 | |||
147 | class RhodeCodeSetting(Base, BaseModel): |
|
147 | class RhodeCodeSetting(Base, BaseModel): | |
148 | __tablename__ = 'rhodecode_settings' |
|
148 | __tablename__ = 'rhodecode_settings' | |
149 | __table_args__ = ( |
|
149 | __table_args__ = ( | |
150 | UniqueConstraint('app_settings_name'), |
|
150 | UniqueConstraint('app_settings_name'), | |
151 | {'extend_existing': True, 'mysql_engine': 'InnoDB', |
|
151 | {'extend_existing': True, 'mysql_engine': 'InnoDB', | |
152 | 'mysql_charset': 'utf8'} |
|
152 | 'mysql_charset': 'utf8'} | |
153 | ) |
|
153 | ) | |
154 | app_settings_id = Column("app_settings_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) |
|
154 | app_settings_id = Column("app_settings_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) | |
155 | app_settings_name = Column("app_settings_name", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) |
|
155 | app_settings_name = Column("app_settings_name", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) | |
156 | _app_settings_value = Column("app_settings_value", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) |
|
156 | _app_settings_value = Column("app_settings_value", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) | |
157 |
|
157 | |||
158 | def __init__(self, k='', v=''): |
|
158 | def __init__(self, k='', v=''): | |
159 | self.app_settings_name = k |
|
159 | self.app_settings_name = k | |
160 | self.app_settings_value = v |
|
160 | self.app_settings_value = v | |
161 |
|
161 | |||
162 | @validates('_app_settings_value') |
|
162 | @validates('_app_settings_value') | |
163 | def validate_settings_value(self, key, val): |
|
163 | def validate_settings_value(self, key, val): | |
164 | assert type(val) == unicode |
|
164 | assert type(val) == unicode | |
165 | return val |
|
165 | return val | |
166 |
|
166 | |||
167 | @hybrid_property |
|
167 | @hybrid_property | |
168 | def app_settings_value(self): |
|
168 | def app_settings_value(self): | |
169 | v = self._app_settings_value |
|
169 | v = self._app_settings_value | |
170 | if self.app_settings_name in ["ldap_active", |
|
170 | if self.app_settings_name in ["ldap_active", | |
171 | "default_repo_enable_statistics", |
|
171 | "default_repo_enable_statistics", | |
172 | "default_repo_enable_locking", |
|
172 | "default_repo_enable_locking", | |
173 | "default_repo_private", |
|
173 | "default_repo_private", | |
174 | "default_repo_enable_downloads"]: |
|
174 | "default_repo_enable_downloads"]: | |
175 | v = str2bool(v) |
|
175 | v = str2bool(v) | |
176 | return v |
|
176 | return v | |
177 |
|
177 | |||
178 | @app_settings_value.setter |
|
178 | @app_settings_value.setter | |
179 | def app_settings_value(self, val): |
|
179 | def app_settings_value(self, val): | |
180 | """ |
|
180 | """ | |
181 | Setter that will always make sure we use unicode in app_settings_value |
|
181 | Setter that will always make sure we use unicode in app_settings_value | |
182 |
|
182 | |||
183 | :param val: |
|
183 | :param val: | |
184 | """ |
|
184 | """ | |
185 | self._app_settings_value = safe_unicode(val) |
|
185 | self._app_settings_value = safe_unicode(val) | |
186 |
|
186 | |||
187 | def __unicode__(self): |
|
187 | def __unicode__(self): | |
188 | return u"<%s('%s:%s')>" % ( |
|
188 | return u"<%s('%s:%s')>" % ( | |
189 | self.__class__.__name__, |
|
189 | self.__class__.__name__, | |
190 | self.app_settings_name, self.app_settings_value |
|
190 | self.app_settings_name, self.app_settings_value | |
191 | ) |
|
191 | ) | |
192 |
|
192 | |||
193 | @classmethod |
|
193 | @classmethod | |
194 | def get_by_name(cls, key): |
|
194 | def get_by_name(cls, key): | |
195 | return cls.query()\ |
|
195 | return cls.query()\ | |
196 | .filter(cls.app_settings_name == key).scalar() |
|
196 | .filter(cls.app_settings_name == key).scalar() | |
197 |
|
197 | |||
198 | @classmethod |
|
198 | @classmethod | |
199 | def get_by_name_or_create(cls, key): |
|
199 | def get_by_name_or_create(cls, key): | |
200 | res = cls.get_by_name(key) |
|
200 | res = cls.get_by_name(key) | |
201 | if not res: |
|
201 | if not res: | |
202 | res = cls(key) |
|
202 | res = cls(key) | |
203 | return res |
|
203 | return res | |
204 |
|
204 | |||
205 | @classmethod |
|
205 | @classmethod | |
206 | def get_app_settings(cls, cache=False): |
|
206 | def get_app_settings(cls, cache=False): | |
207 |
|
207 | |||
208 | ret = cls.query() |
|
208 | ret = cls.query() | |
209 |
|
209 | |||
210 | if cache: |
|
210 | if cache: | |
211 | ret = ret.options(FromCache("sql_cache_short", "get_hg_settings")) |
|
211 | ret = ret.options(FromCache("sql_cache_short", "get_hg_settings")) | |
212 |
|
212 | |||
213 | if not ret: |
|
213 | if not ret: | |
214 | raise Exception('Could not get application settings !') |
|
214 | raise Exception('Could not get application settings !') | |
215 | settings = {} |
|
215 | settings = {} | |
216 | for each in ret: |
|
216 | for each in ret: | |
217 | settings['rhodecode_' + each.app_settings_name] = \ |
|
217 | settings['rhodecode_' + each.app_settings_name] = \ | |
218 | each.app_settings_value |
|
218 | each.app_settings_value | |
219 |
|
219 | |||
220 | return settings |
|
220 | return settings | |
221 |
|
221 | |||
222 | @classmethod |
|
222 | @classmethod | |
223 | def get_ldap_settings(cls, cache=False): |
|
223 | def get_ldap_settings(cls, cache=False): | |
224 | ret = cls.query()\ |
|
224 | ret = cls.query()\ | |
225 | .filter(cls.app_settings_name.startswith('ldap_')).all() |
|
225 | .filter(cls.app_settings_name.startswith('ldap_')).all() | |
226 | fd = {} |
|
226 | fd = {} | |
227 | for row in ret: |
|
227 | for row in ret: | |
228 | fd.update({row.app_settings_name: row.app_settings_value}) |
|
228 | fd.update({row.app_settings_name: row.app_settings_value}) | |
229 |
|
229 | |||
230 | return fd |
|
230 | return fd | |
231 |
|
231 | |||
232 | @classmethod |
|
232 | @classmethod | |
233 | def get_default_repo_settings(cls, cache=False, strip_prefix=False): |
|
233 | def get_default_repo_settings(cls, cache=False, strip_prefix=False): | |
234 | ret = cls.query()\ |
|
234 | ret = cls.query()\ | |
235 | .filter(cls.app_settings_name.startswith('default_')).all() |
|
235 | .filter(cls.app_settings_name.startswith('default_')).all() | |
236 | fd = {} |
|
236 | fd = {} | |
237 | for row in ret: |
|
237 | for row in ret: | |
238 | key = row.app_settings_name |
|
238 | key = row.app_settings_name | |
239 | if strip_prefix: |
|
239 | if strip_prefix: | |
240 | key = remove_prefix(key, prefix='default_') |
|
240 | key = remove_prefix(key, prefix='default_') | |
241 | fd.update({key: row.app_settings_value}) |
|
241 | fd.update({key: row.app_settings_value}) | |
242 |
|
242 | |||
243 | return fd |
|
243 | return fd | |
244 |
|
244 | |||
245 |
|
245 | |||
246 | class RhodeCodeUi(Base, BaseModel): |
|
246 | class RhodeCodeUi(Base, BaseModel): | |
247 | __tablename__ = 'rhodecode_ui' |
|
247 | __tablename__ = 'rhodecode_ui' | |
248 | __table_args__ = ( |
|
248 | __table_args__ = ( | |
249 | UniqueConstraint('ui_key'), |
|
249 | UniqueConstraint('ui_key'), | |
250 | {'extend_existing': True, 'mysql_engine': 'InnoDB', |
|
250 | {'extend_existing': True, 'mysql_engine': 'InnoDB', | |
251 | 'mysql_charset': 'utf8'} |
|
251 | 'mysql_charset': 'utf8'} | |
252 | ) |
|
252 | ) | |
253 |
|
253 | |||
254 | HOOK_UPDATE = 'changegroup.update' |
|
254 | HOOK_UPDATE = 'changegroup.update' | |
255 | HOOK_REPO_SIZE = 'changegroup.repo_size' |
|
255 | HOOK_REPO_SIZE = 'changegroup.repo_size' | |
256 | HOOK_PUSH = 'changegroup.push_logger' |
|
256 | HOOK_PUSH = 'changegroup.push_logger' | |
257 | HOOK_PRE_PUSH = 'prechangegroup.pre_push' |
|
257 | HOOK_PRE_PUSH = 'prechangegroup.pre_push' | |
258 | HOOK_PULL = 'outgoing.pull_logger' |
|
258 | HOOK_PULL = 'outgoing.pull_logger' | |
259 | HOOK_PRE_PULL = 'preoutgoing.pre_pull' |
|
259 | HOOK_PRE_PULL = 'preoutgoing.pre_pull' | |
260 |
|
260 | |||
261 | ui_id = Column("ui_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) |
|
261 | ui_id = Column("ui_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) | |
262 | ui_section = Column("ui_section", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) |
|
262 | ui_section = Column("ui_section", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) | |
263 | ui_key = Column("ui_key", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) |
|
263 | ui_key = Column("ui_key", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) | |
264 | ui_value = Column("ui_value", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) |
|
264 | ui_value = Column("ui_value", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) | |
265 | ui_active = Column("ui_active", Boolean(), nullable=True, unique=None, default=True) |
|
265 | ui_active = Column("ui_active", Boolean(), nullable=True, unique=None, default=True) | |
266 |
|
266 | |||
267 | @classmethod |
|
267 | @classmethod | |
268 | def get_by_key(cls, key): |
|
268 | def get_by_key(cls, key): | |
269 | return cls.query().filter(cls.ui_key == key).scalar() |
|
269 | return cls.query().filter(cls.ui_key == key).scalar() | |
270 |
|
270 | |||
271 | @classmethod |
|
271 | @classmethod | |
272 | def get_builtin_hooks(cls): |
|
272 | def get_builtin_hooks(cls): | |
273 | q = cls.query() |
|
273 | q = cls.query() | |
274 | q = q.filter(cls.ui_key.in_([cls.HOOK_UPDATE, cls.HOOK_REPO_SIZE, |
|
274 | q = q.filter(cls.ui_key.in_([cls.HOOK_UPDATE, cls.HOOK_REPO_SIZE, | |
275 | cls.HOOK_PUSH, cls.HOOK_PRE_PUSH, |
|
275 | cls.HOOK_PUSH, cls.HOOK_PRE_PUSH, | |
276 | cls.HOOK_PULL, cls.HOOK_PRE_PULL])) |
|
276 | cls.HOOK_PULL, cls.HOOK_PRE_PULL])) | |
277 | return q.all() |
|
277 | return q.all() | |
278 |
|
278 | |||
279 | @classmethod |
|
279 | @classmethod | |
280 | def get_custom_hooks(cls): |
|
280 | def get_custom_hooks(cls): | |
281 | q = cls.query() |
|
281 | q = cls.query() | |
282 | q = q.filter(~cls.ui_key.in_([cls.HOOK_UPDATE, cls.HOOK_REPO_SIZE, |
|
282 | q = q.filter(~cls.ui_key.in_([cls.HOOK_UPDATE, cls.HOOK_REPO_SIZE, | |
283 | cls.HOOK_PUSH, cls.HOOK_PRE_PUSH, |
|
283 | cls.HOOK_PUSH, cls.HOOK_PRE_PUSH, | |
284 | cls.HOOK_PULL, cls.HOOK_PRE_PULL])) |
|
284 | cls.HOOK_PULL, cls.HOOK_PRE_PULL])) | |
285 | q = q.filter(cls.ui_section == 'hooks') |
|
285 | q = q.filter(cls.ui_section == 'hooks') | |
286 | return q.all() |
|
286 | return q.all() | |
287 |
|
287 | |||
288 | @classmethod |
|
288 | @classmethod | |
289 | def get_repos_location(cls): |
|
289 | def get_repos_location(cls): | |
290 | return cls.get_by_key('/').ui_value |
|
290 | return cls.get_by_key('/').ui_value | |
291 |
|
291 | |||
292 | @classmethod |
|
292 | @classmethod | |
293 | def create_or_update_hook(cls, key, val): |
|
293 | def create_or_update_hook(cls, key, val): | |
294 | new_ui = cls.get_by_key(key) or cls() |
|
294 | new_ui = cls.get_by_key(key) or cls() | |
295 | new_ui.ui_section = 'hooks' |
|
295 | new_ui.ui_section = 'hooks' | |
296 | new_ui.ui_active = True |
|
296 | new_ui.ui_active = True | |
297 | new_ui.ui_key = key |
|
297 | new_ui.ui_key = key | |
298 | new_ui.ui_value = val |
|
298 | new_ui.ui_value = val | |
299 |
|
299 | |||
300 | Session().add(new_ui) |
|
300 | Session().add(new_ui) | |
301 |
|
301 | |||
302 | def __repr__(self): |
|
302 | def __repr__(self): | |
303 | return '<DB:%s[%s:%s]>' % (self.__class__.__name__, self.ui_key, |
|
303 | return '<DB:%s[%s:%s]>' % (self.__class__.__name__, self.ui_key, | |
304 | self.ui_value) |
|
304 | self.ui_value) | |
305 |
|
305 | |||
306 |
|
306 | |||
307 | class User(Base, BaseModel): |
|
307 | class User(Base, BaseModel): | |
308 | __tablename__ = 'users' |
|
308 | __tablename__ = 'users' | |
309 | __table_args__ = ( |
|
309 | __table_args__ = ( | |
310 | UniqueConstraint('username'), UniqueConstraint('email'), |
|
310 | UniqueConstraint('username'), UniqueConstraint('email'), | |
311 | Index('u_username_idx', 'username'), |
|
311 | Index('u_username_idx', 'username'), | |
312 | Index('u_email_idx', 'email'), |
|
312 | Index('u_email_idx', 'email'), | |
313 | {'extend_existing': True, 'mysql_engine': 'InnoDB', |
|
313 | {'extend_existing': True, 'mysql_engine': 'InnoDB', | |
314 | 'mysql_charset': 'utf8'} |
|
314 | 'mysql_charset': 'utf8'} | |
315 | ) |
|
315 | ) | |
316 | DEFAULT_USER = 'default' |
|
316 | DEFAULT_USER = 'default' | |
317 | DEFAULT_PERMISSIONS = [ |
|
317 | DEFAULT_PERMISSIONS = [ | |
318 | 'hg.register.manual_activate', 'hg.create.repository', |
|
318 | 'hg.register.manual_activate', 'hg.create.repository', | |
319 | 'hg.fork.repository', 'repository.read', 'group.read' |
|
319 | 'hg.fork.repository', 'repository.read', 'group.read' | |
320 | ] |
|
320 | ] | |
321 | user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) |
|
321 | user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) | |
322 | username = Column("username", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) |
|
322 | username = Column("username", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) | |
323 | password = Column("password", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) |
|
323 | password = Column("password", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) | |
324 | active = Column("active", Boolean(), nullable=True, unique=None, default=True) |
|
324 | active = Column("active", Boolean(), nullable=True, unique=None, default=True) | |
325 | admin = Column("admin", Boolean(), nullable=True, unique=None, default=False) |
|
325 | admin = Column("admin", Boolean(), nullable=True, unique=None, default=False) | |
326 | name = Column("firstname", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) |
|
326 | name = Column("firstname", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) | |
327 | lastname = Column("lastname", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) |
|
327 | lastname = Column("lastname", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) | |
328 | _email = Column("email", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) |
|
328 | _email = Column("email", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) | |
329 | last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None) |
|
329 | last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None) | |
330 | ldap_dn = Column("ldap_dn", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) |
|
330 | ldap_dn = Column("ldap_dn", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) | |
331 | api_key = Column("api_key", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) |
|
331 | api_key = Column("api_key", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) | |
332 | inherit_default_permissions = Column("inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True) |
|
332 | inherit_default_permissions = Column("inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True) | |
333 |
|
333 | |||
334 | user_log = relationship('UserLog') |
|
334 | user_log = relationship('UserLog') | |
335 | user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all') |
|
335 | user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all') | |
336 |
|
336 | |||
337 | repositories = relationship('Repository') |
|
337 | repositories = relationship('Repository') | |
338 | user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all') |
|
338 | user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all') | |
339 | followings = relationship('UserFollowing', primaryjoin='UserFollowing.user_id==User.user_id', cascade='all') |
|
339 | followings = relationship('UserFollowing', primaryjoin='UserFollowing.user_id==User.user_id', cascade='all') | |
340 |
|
340 | |||
341 | repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all') |
|
341 | repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all') | |
342 | repo_group_to_perm = relationship('UserRepoGroupToPerm', primaryjoin='UserRepoGroupToPerm.user_id==User.user_id', cascade='all') |
|
342 | repo_group_to_perm = relationship('UserRepoGroupToPerm', primaryjoin='UserRepoGroupToPerm.user_id==User.user_id', cascade='all') | |
343 |
|
343 | |||
344 | group_member = relationship('UsersGroupMember', cascade='all') |
|
344 | group_member = relationship('UsersGroupMember', cascade='all') | |
345 |
|
345 | |||
346 | notifications = relationship('UserNotification', cascade='all') |
|
346 | notifications = relationship('UserNotification', cascade='all') | |
347 | # notifications assigned to this user |
|
347 | # notifications assigned to this user | |
348 | user_created_notifications = relationship('Notification', cascade='all') |
|
348 | user_created_notifications = relationship('Notification', cascade='all') | |
349 | # comments created by this user |
|
349 | # comments created by this user | |
350 | user_comments = relationship('ChangesetComment', cascade='all') |
|
350 | user_comments = relationship('ChangesetComment', cascade='all') | |
351 | #extra emails for this user |
|
351 | #extra emails for this user | |
352 | user_emails = relationship('UserEmailMap', cascade='all') |
|
352 | user_emails = relationship('UserEmailMap', cascade='all') | |
353 |
|
353 | |||
354 | @hybrid_property |
|
354 | @hybrid_property | |
355 | def email(self): |
|
355 | def email(self): | |
356 | return self._email |
|
356 | return self._email | |
357 |
|
357 | |||
358 | @email.setter |
|
358 | @email.setter | |
359 | def email(self, val): |
|
359 | def email(self, val): | |
360 | self._email = val.lower() if val else None |
|
360 | self._email = val.lower() if val else None | |
361 |
|
361 | |||
362 | @property |
|
362 | @property | |
363 | def firstname(self): |
|
363 | def firstname(self): | |
364 | # alias for future |
|
364 | # alias for future | |
365 | return self.name |
|
365 | return self.name | |
366 |
|
366 | |||
367 | @property |
|
367 | @property | |
368 | def emails(self): |
|
368 | def emails(self): | |
369 | other = UserEmailMap.query().filter(UserEmailMap.user==self).all() |
|
369 | other = UserEmailMap.query().filter(UserEmailMap.user==self).all() | |
370 | return [self.email] + [x.email for x in other] |
|
370 | return [self.email] + [x.email for x in other] | |
371 |
|
371 | |||
372 | @property |
|
372 | @property | |
373 | def ip_addresses(self): |
|
373 | def ip_addresses(self): | |
374 | ret = UserIpMap.query().filter(UserIpMap.user == self).all() |
|
374 | ret = UserIpMap.query().filter(UserIpMap.user == self).all() | |
375 | return [x.ip_addr for x in ret] |
|
375 | return [x.ip_addr for x in ret] | |
376 |
|
376 | |||
377 | @property |
|
377 | @property | |
378 | def username_and_name(self): |
|
378 | def username_and_name(self): | |
379 | return '%s (%s %s)' % (self.username, self.firstname, self.lastname) |
|
379 | return '%s (%s %s)' % (self.username, self.firstname, self.lastname) | |
380 |
|
380 | |||
381 | @property |
|
381 | @property | |
382 | def full_name(self): |
|
382 | def full_name(self): | |
383 | return '%s %s' % (self.firstname, self.lastname) |
|
383 | return '%s %s' % (self.firstname, self.lastname) | |
384 |
|
384 | |||
385 | @property |
|
385 | @property | |
386 | def full_name_or_username(self): |
|
386 | def full_name_or_username(self): | |
387 | return ('%s %s' % (self.firstname, self.lastname) |
|
387 | return ('%s %s' % (self.firstname, self.lastname) | |
388 | if (self.firstname and self.lastname) else self.username) |
|
388 | if (self.firstname and self.lastname) else self.username) | |
389 |
|
389 | |||
390 | @property |
|
390 | @property | |
391 | def full_contact(self): |
|
391 | def full_contact(self): | |
392 | return '%s %s <%s>' % (self.firstname, self.lastname, self.email) |
|
392 | return '%s %s <%s>' % (self.firstname, self.lastname, self.email) | |
393 |
|
393 | |||
394 | @property |
|
394 | @property | |
395 | def short_contact(self): |
|
395 | def short_contact(self): | |
396 | return '%s %s' % (self.firstname, self.lastname) |
|
396 | return '%s %s' % (self.firstname, self.lastname) | |
397 |
|
397 | |||
398 | @property |
|
398 | @property | |
399 | def is_admin(self): |
|
399 | def is_admin(self): | |
400 | return self.admin |
|
400 | return self.admin | |
401 |
|
401 | |||
402 | def __unicode__(self): |
|
402 | def __unicode__(self): | |
403 | return u"<%s('id:%s:%s')>" % (self.__class__.__name__, |
|
403 | return u"<%s('id:%s:%s')>" % (self.__class__.__name__, | |
404 | self.user_id, self.username) |
|
404 | self.user_id, self.username) | |
405 |
|
405 | |||
406 | @classmethod |
|
406 | @classmethod | |
407 | def get_by_username(cls, username, case_insensitive=False, cache=False): |
|
407 | def get_by_username(cls, username, case_insensitive=False, cache=False): | |
408 | if case_insensitive: |
|
408 | if case_insensitive: | |
409 | q = cls.query().filter(cls.username.ilike(username)) |
|
409 | q = cls.query().filter(cls.username.ilike(username)) | |
410 | else: |
|
410 | else: | |
411 | q = cls.query().filter(cls.username == username) |
|
411 | q = cls.query().filter(cls.username == username) | |
412 |
|
412 | |||
413 | if cache: |
|
413 | if cache: | |
414 | q = q.options(FromCache( |
|
414 | q = q.options(FromCache( | |
415 | "sql_cache_short", |
|
415 | "sql_cache_short", | |
416 | "get_user_%s" % _hash_key(username) |
|
416 | "get_user_%s" % _hash_key(username) | |
417 | ) |
|
417 | ) | |
418 | ) |
|
418 | ) | |
419 | return q.scalar() |
|
419 | return q.scalar() | |
420 |
|
420 | |||
421 | @classmethod |
|
421 | @classmethod | |
422 | def get_by_api_key(cls, api_key, cache=False): |
|
422 | def get_by_api_key(cls, api_key, cache=False): | |
423 | q = cls.query().filter(cls.api_key == api_key) |
|
423 | q = cls.query().filter(cls.api_key == api_key) | |
424 |
|
424 | |||
425 | if cache: |
|
425 | if cache: | |
426 | q = q.options(FromCache("sql_cache_short", |
|
426 | q = q.options(FromCache("sql_cache_short", | |
427 | "get_api_key_%s" % api_key)) |
|
427 | "get_api_key_%s" % api_key)) | |
428 | return q.scalar() |
|
428 | return q.scalar() | |
429 |
|
429 | |||
430 | @classmethod |
|
430 | @classmethod | |
431 | def get_by_email(cls, email, case_insensitive=False, cache=False): |
|
431 | def get_by_email(cls, email, case_insensitive=False, cache=False): | |
432 | if case_insensitive: |
|
432 | if case_insensitive: | |
433 | q = cls.query().filter(cls.email.ilike(email)) |
|
433 | q = cls.query().filter(cls.email.ilike(email)) | |
434 | else: |
|
434 | else: | |
435 | q = cls.query().filter(cls.email == email) |
|
435 | q = cls.query().filter(cls.email == email) | |
436 |
|
436 | |||
437 | if cache: |
|
437 | if cache: | |
438 | q = q.options(FromCache("sql_cache_short", |
|
438 | q = q.options(FromCache("sql_cache_short", | |
439 | "get_email_key_%s" % email)) |
|
439 | "get_email_key_%s" % email)) | |
440 |
|
440 | |||
441 | ret = q.scalar() |
|
441 | ret = q.scalar() | |
442 | if ret is None: |
|
442 | if ret is None: | |
443 | q = UserEmailMap.query() |
|
443 | q = UserEmailMap.query() | |
444 | # try fetching in alternate email map |
|
444 | # try fetching in alternate email map | |
445 | if case_insensitive: |
|
445 | if case_insensitive: | |
446 | q = q.filter(UserEmailMap.email.ilike(email)) |
|
446 | q = q.filter(UserEmailMap.email.ilike(email)) | |
447 | else: |
|
447 | else: | |
448 | q = q.filter(UserEmailMap.email == email) |
|
448 | q = q.filter(UserEmailMap.email == email) | |
449 | q = q.options(joinedload(UserEmailMap.user)) |
|
449 | q = q.options(joinedload(UserEmailMap.user)) | |
450 | if cache: |
|
450 | if cache: | |
451 | q = q.options(FromCache("sql_cache_short", |
|
451 | q = q.options(FromCache("sql_cache_short", | |
452 | "get_email_map_key_%s" % email)) |
|
452 | "get_email_map_key_%s" % email)) | |
453 | ret = getattr(q.scalar(), 'user', None) |
|
453 | ret = getattr(q.scalar(), 'user', None) | |
454 |
|
454 | |||
455 | return ret |
|
455 | return ret | |
456 |
|
456 | |||
457 | @classmethod |
|
457 | @classmethod | |
458 | def get_from_cs_author(cls, author): |
|
458 | def get_from_cs_author(cls, author): | |
459 | """ |
|
459 | """ | |
460 | Tries to get User objects out of commit author string |
|
460 | Tries to get User objects out of commit author string | |
461 |
|
461 | |||
462 | :param author: |
|
462 | :param author: | |
463 | """ |
|
463 | """ | |
464 | from rhodecode.lib.helpers import email, author_name |
|
464 | from rhodecode.lib.helpers import email, author_name | |
465 | # Valid email in the attribute passed, see if they're in the system |
|
465 | # Valid email in the attribute passed, see if they're in the system | |
466 | _email = email(author) |
|
466 | _email = email(author) | |
467 | if _email: |
|
467 | if _email: | |
468 | user = cls.get_by_email(_email, case_insensitive=True) |
|
468 | user = cls.get_by_email(_email, case_insensitive=True) | |
469 | if user: |
|
469 | if user: | |
470 | return user |
|
470 | return user | |
471 | # Maybe we can match by username? |
|
471 | # Maybe we can match by username? | |
472 | _author = author_name(author) |
|
472 | _author = author_name(author) | |
473 | user = cls.get_by_username(_author, case_insensitive=True) |
|
473 | user = cls.get_by_username(_author, case_insensitive=True) | |
474 | if user: |
|
474 | if user: | |
475 | return user |
|
475 | return user | |
476 |
|
476 | |||
477 | def update_lastlogin(self): |
|
477 | def update_lastlogin(self): | |
478 | """Update user lastlogin""" |
|
478 | """Update user lastlogin""" | |
479 | self.last_login = datetime.datetime.now() |
|
479 | self.last_login = datetime.datetime.now() | |
480 | Session().add(self) |
|
480 | Session().add(self) | |
481 | log.debug('updated user %s lastlogin' % self.username) |
|
481 | log.debug('updated user %s lastlogin' % self.username) | |
482 |
|
482 | |||
483 | def get_api_data(self): |
|
483 | def get_api_data(self): | |
484 | """ |
|
484 | """ | |
485 | Common function for generating user related data for API |
|
485 | Common function for generating user related data for API | |
486 | """ |
|
486 | """ | |
487 | user = self |
|
487 | user = self | |
488 | data = dict( |
|
488 | data = dict( | |
489 | user_id=user.user_id, |
|
489 | user_id=user.user_id, | |
490 | username=user.username, |
|
490 | username=user.username, | |
491 | firstname=user.name, |
|
491 | firstname=user.name, | |
492 | lastname=user.lastname, |
|
492 | lastname=user.lastname, | |
493 | email=user.email, |
|
493 | email=user.email, | |
494 | emails=user.emails, |
|
494 | emails=user.emails, | |
495 | api_key=user.api_key, |
|
495 | api_key=user.api_key, | |
496 | active=user.active, |
|
496 | active=user.active, | |
497 | admin=user.admin, |
|
497 | admin=user.admin, | |
498 | ldap_dn=user.ldap_dn, |
|
498 | ldap_dn=user.ldap_dn, | |
499 | last_login=user.last_login, |
|
499 | last_login=user.last_login, | |
500 | ip_addresses=user.ip_addresses |
|
500 | ip_addresses=user.ip_addresses | |
501 | ) |
|
501 | ) | |
502 | return data |
|
502 | return data | |
503 |
|
503 | |||
504 | def __json__(self): |
|
504 | def __json__(self): | |
505 | data = dict( |
|
505 | data = dict( | |
506 | full_name=self.full_name, |
|
506 | full_name=self.full_name, | |
507 | full_name_or_username=self.full_name_or_username, |
|
507 | full_name_or_username=self.full_name_or_username, | |
508 | short_contact=self.short_contact, |
|
508 | short_contact=self.short_contact, | |
509 | full_contact=self.full_contact |
|
509 | full_contact=self.full_contact | |
510 | ) |
|
510 | ) | |
511 | data.update(self.get_api_data()) |
|
511 | data.update(self.get_api_data()) | |
512 | return data |
|
512 | return data | |
513 |
|
513 | |||
514 |
|
514 | |||
515 | class UserEmailMap(Base, BaseModel): |
|
515 | class UserEmailMap(Base, BaseModel): | |
516 | __tablename__ = 'user_email_map' |
|
516 | __tablename__ = 'user_email_map' | |
517 | __table_args__ = ( |
|
517 | __table_args__ = ( | |
518 | Index('uem_email_idx', 'email'), |
|
518 | Index('uem_email_idx', 'email'), | |
519 | UniqueConstraint('email'), |
|
519 | UniqueConstraint('email'), | |
520 | {'extend_existing': True, 'mysql_engine': 'InnoDB', |
|
520 | {'extend_existing': True, 'mysql_engine': 'InnoDB', | |
521 | 'mysql_charset': 'utf8'} |
|
521 | 'mysql_charset': 'utf8'} | |
522 | ) |
|
522 | ) | |
523 | __mapper_args__ = {} |
|
523 | __mapper_args__ = {} | |
524 |
|
524 | |||
525 | email_id = Column("email_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) |
|
525 | email_id = Column("email_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) | |
526 | user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None) |
|
526 | user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None) | |
527 | _email = Column("email", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=False, default=None) |
|
527 | _email = Column("email", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=False, default=None) | |
528 | user = relationship('User', lazy='joined') |
|
528 | user = relationship('User', lazy='joined') | |
529 |
|
529 | |||
530 | @validates('_email') |
|
530 | @validates('_email') | |
531 | def validate_email(self, key, email): |
|
531 | def validate_email(self, key, email): | |
532 | # check if this email is not main one |
|
532 | # check if this email is not main one | |
533 | main_email = Session().query(User).filter(User.email == email).scalar() |
|
533 | main_email = Session().query(User).filter(User.email == email).scalar() | |
534 | if main_email is not None: |
|
534 | if main_email is not None: | |
535 | raise AttributeError('email %s is present is user table' % email) |
|
535 | raise AttributeError('email %s is present is user table' % email) | |
536 | return email |
|
536 | return email | |
537 |
|
537 | |||
538 | @hybrid_property |
|
538 | @hybrid_property | |
539 | def email(self): |
|
539 | def email(self): | |
540 | return self._email |
|
540 | return self._email | |
541 |
|
541 | |||
542 | @email.setter |
|
542 | @email.setter | |
543 | def email(self, val): |
|
543 | def email(self, val): | |
544 | self._email = val.lower() if val else None |
|
544 | self._email = val.lower() if val else None | |
545 |
|
545 | |||
546 |
|
546 | |||
547 | class UserIpMap(Base, BaseModel): |
|
547 | class UserIpMap(Base, BaseModel): | |
548 | __tablename__ = 'user_ip_map' |
|
548 | __tablename__ = 'user_ip_map' | |
549 | __table_args__ = ( |
|
549 | __table_args__ = ( | |
550 | UniqueConstraint('user_id', 'ip_addr'), |
|
550 | UniqueConstraint('user_id', 'ip_addr'), | |
551 | {'extend_existing': True, 'mysql_engine': 'InnoDB', |
|
551 | {'extend_existing': True, 'mysql_engine': 'InnoDB', | |
552 | 'mysql_charset': 'utf8'} |
|
552 | 'mysql_charset': 'utf8'} | |
553 | ) |
|
553 | ) | |
554 | __mapper_args__ = {} |
|
554 | __mapper_args__ = {} | |
555 |
|
555 | |||
556 | ip_id = Column("ip_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) |
|
556 | ip_id = Column("ip_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) | |
557 | user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None) |
|
557 | user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None) | |
558 | ip_addr = Column("ip_addr", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=False, default=None) |
|
558 | ip_addr = Column("ip_addr", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=False, default=None) | |
559 | active = Column("active", Boolean(), nullable=True, unique=None, default=True) |
|
559 | active = Column("active", Boolean(), nullable=True, unique=None, default=True) | |
560 | user = relationship('User', lazy='joined') |
|
560 | user = relationship('User', lazy='joined') | |
561 |
|
561 | |||
562 | @classmethod |
|
562 | @classmethod | |
563 | def _get_ip_range(cls, ip_addr): |
|
563 | def _get_ip_range(cls, ip_addr): | |
564 | from rhodecode.lib import ipaddr |
|
564 | from rhodecode.lib import ipaddr | |
565 |
net = ipaddr.IP |
|
565 | net = ipaddr.IPNetwork(address=ip_addr) | |
566 | return [str(net.network), str(net.broadcast)] |
|
566 | return [str(net.network), str(net.broadcast)] | |
567 |
|
567 | |||
568 | def __json__(self): |
|
568 | def __json__(self): | |
569 | return dict( |
|
569 | return dict( | |
570 | ip_addr=self.ip_addr, |
|
570 | ip_addr=self.ip_addr, | |
571 | ip_range=self._get_ip_range(self.ip_addr) |
|
571 | ip_range=self._get_ip_range(self.ip_addr) | |
572 | ) |
|
572 | ) | |
573 |
|
573 | |||
574 |
|
574 | |||
575 | class UserLog(Base, BaseModel): |
|
575 | class UserLog(Base, BaseModel): | |
576 | __tablename__ = 'user_logs' |
|
576 | __tablename__ = 'user_logs' | |
577 | __table_args__ = ( |
|
577 | __table_args__ = ( | |
578 | {'extend_existing': True, 'mysql_engine': 'InnoDB', |
|
578 | {'extend_existing': True, 'mysql_engine': 'InnoDB', | |
579 | 'mysql_charset': 'utf8'}, |
|
579 | 'mysql_charset': 'utf8'}, | |
580 | ) |
|
580 | ) | |
581 | user_log_id = Column("user_log_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) |
|
581 | user_log_id = Column("user_log_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) | |
582 | user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None) |
|
582 | user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None) | |
583 | username = Column("username", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) |
|
583 | username = Column("username", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) | |
584 | repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True) |
|
584 | repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True) | |
585 | repository_name = Column("repository_name", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) |
|
585 | repository_name = Column("repository_name", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) | |
586 | user_ip = Column("user_ip", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) |
|
586 | user_ip = Column("user_ip", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) | |
587 | action = Column("action", UnicodeText(1200000, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) |
|
587 | action = Column("action", UnicodeText(1200000, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) | |
588 | action_date = Column("action_date", DateTime(timezone=False), nullable=True, unique=None, default=None) |
|
588 | action_date = Column("action_date", DateTime(timezone=False), nullable=True, unique=None, default=None) | |
589 |
|
589 | |||
590 | @property |
|
590 | @property | |
591 | def action_as_day(self): |
|
591 | def action_as_day(self): | |
592 | return datetime.date(*self.action_date.timetuple()[:3]) |
|
592 | return datetime.date(*self.action_date.timetuple()[:3]) | |
593 |
|
593 | |||
594 | user = relationship('User') |
|
594 | user = relationship('User') | |
595 | repository = relationship('Repository', cascade='') |
|
595 | repository = relationship('Repository', cascade='') | |
596 |
|
596 | |||
597 |
|
597 | |||
598 | class UsersGroup(Base, BaseModel): |
|
598 | class UsersGroup(Base, BaseModel): | |
599 | __tablename__ = 'users_groups' |
|
599 | __tablename__ = 'users_groups' | |
600 | __table_args__ = ( |
|
600 | __table_args__ = ( | |
601 | {'extend_existing': True, 'mysql_engine': 'InnoDB', |
|
601 | {'extend_existing': True, 'mysql_engine': 'InnoDB', | |
602 | 'mysql_charset': 'utf8'}, |
|
602 | 'mysql_charset': 'utf8'}, | |
603 | ) |
|
603 | ) | |
604 |
|
604 | |||
605 | users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) |
|
605 | users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) | |
606 | users_group_name = Column("users_group_name", String(255, convert_unicode=False, assert_unicode=None), nullable=False, unique=True, default=None) |
|
606 | users_group_name = Column("users_group_name", String(255, convert_unicode=False, assert_unicode=None), nullable=False, unique=True, default=None) | |
607 | users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None) |
|
607 | users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None) | |
608 | inherit_default_permissions = Column("users_group_inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True) |
|
608 | inherit_default_permissions = Column("users_group_inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True) | |
609 |
|
609 | |||
610 | members = relationship('UsersGroupMember', cascade="all, delete, delete-orphan", lazy="joined") |
|
610 | members = relationship('UsersGroupMember', cascade="all, delete, delete-orphan", lazy="joined") | |
611 | users_group_to_perm = relationship('UsersGroupToPerm', cascade='all') |
|
611 | users_group_to_perm = relationship('UsersGroupToPerm', cascade='all') | |
612 | users_group_repo_to_perm = relationship('UsersGroupRepoToPerm', cascade='all') |
|
612 | users_group_repo_to_perm = relationship('UsersGroupRepoToPerm', cascade='all') | |
613 |
|
613 | |||
614 | def __unicode__(self): |
|
614 | def __unicode__(self): | |
615 | return u'<userGroup(%s)>' % (self.users_group_name) |
|
615 | return u'<userGroup(%s)>' % (self.users_group_name) | |
616 |
|
616 | |||
617 | @classmethod |
|
617 | @classmethod | |
618 | def get_by_group_name(cls, group_name, cache=False, |
|
618 | def get_by_group_name(cls, group_name, cache=False, | |
619 | case_insensitive=False): |
|
619 | case_insensitive=False): | |
620 | if case_insensitive: |
|
620 | if case_insensitive: | |
621 | q = cls.query().filter(cls.users_group_name.ilike(group_name)) |
|
621 | q = cls.query().filter(cls.users_group_name.ilike(group_name)) | |
622 | else: |
|
622 | else: | |
623 | q = cls.query().filter(cls.users_group_name == group_name) |
|
623 | q = cls.query().filter(cls.users_group_name == group_name) | |
624 | if cache: |
|
624 | if cache: | |
625 | q = q.options(FromCache( |
|
625 | q = q.options(FromCache( | |
626 | "sql_cache_short", |
|
626 | "sql_cache_short", | |
627 | "get_user_%s" % _hash_key(group_name) |
|
627 | "get_user_%s" % _hash_key(group_name) | |
628 | ) |
|
628 | ) | |
629 | ) |
|
629 | ) | |
630 | return q.scalar() |
|
630 | return q.scalar() | |
631 |
|
631 | |||
632 | @classmethod |
|
632 | @classmethod | |
633 | def get(cls, users_group_id, cache=False): |
|
633 | def get(cls, users_group_id, cache=False): | |
634 | users_group = cls.query() |
|
634 | users_group = cls.query() | |
635 | if cache: |
|
635 | if cache: | |
636 | users_group = users_group.options(FromCache("sql_cache_short", |
|
636 | users_group = users_group.options(FromCache("sql_cache_short", | |
637 | "get_users_group_%s" % users_group_id)) |
|
637 | "get_users_group_%s" % users_group_id)) | |
638 | return users_group.get(users_group_id) |
|
638 | return users_group.get(users_group_id) | |
639 |
|
639 | |||
640 | def get_api_data(self): |
|
640 | def get_api_data(self): | |
641 | users_group = self |
|
641 | users_group = self | |
642 |
|
642 | |||
643 | data = dict( |
|
643 | data = dict( | |
644 | users_group_id=users_group.users_group_id, |
|
644 | users_group_id=users_group.users_group_id, | |
645 | group_name=users_group.users_group_name, |
|
645 | group_name=users_group.users_group_name, | |
646 | active=users_group.users_group_active, |
|
646 | active=users_group.users_group_active, | |
647 | ) |
|
647 | ) | |
648 |
|
648 | |||
649 | return data |
|
649 | return data | |
650 |
|
650 | |||
651 |
|
651 | |||
652 | class UsersGroupMember(Base, BaseModel): |
|
652 | class UsersGroupMember(Base, BaseModel): | |
653 | __tablename__ = 'users_groups_members' |
|
653 | __tablename__ = 'users_groups_members' | |
654 | __table_args__ = ( |
|
654 | __table_args__ = ( | |
655 | {'extend_existing': True, 'mysql_engine': 'InnoDB', |
|
655 | {'extend_existing': True, 'mysql_engine': 'InnoDB', | |
656 | 'mysql_charset': 'utf8'}, |
|
656 | 'mysql_charset': 'utf8'}, | |
657 | ) |
|
657 | ) | |
658 |
|
658 | |||
659 | users_group_member_id = Column("users_group_member_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) |
|
659 | users_group_member_id = Column("users_group_member_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) | |
660 | users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None) |
|
660 | users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None) | |
661 | user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None) |
|
661 | user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None) | |
662 |
|
662 | |||
663 | user = relationship('User', lazy='joined') |
|
663 | user = relationship('User', lazy='joined') | |
664 | users_group = relationship('UsersGroup') |
|
664 | users_group = relationship('UsersGroup') | |
665 |
|
665 | |||
666 | def __init__(self, gr_id='', u_id=''): |
|
666 | def __init__(self, gr_id='', u_id=''): | |
667 | self.users_group_id = gr_id |
|
667 | self.users_group_id = gr_id | |
668 | self.user_id = u_id |
|
668 | self.user_id = u_id | |
669 |
|
669 | |||
670 |
|
670 | |||
671 | class Repository(Base, BaseModel): |
|
671 | class Repository(Base, BaseModel): | |
672 | __tablename__ = 'repositories' |
|
672 | __tablename__ = 'repositories' | |
673 | __table_args__ = ( |
|
673 | __table_args__ = ( | |
674 | UniqueConstraint('repo_name'), |
|
674 | UniqueConstraint('repo_name'), | |
675 | Index('r_repo_name_idx', 'repo_name'), |
|
675 | Index('r_repo_name_idx', 'repo_name'), | |
676 | {'extend_existing': True, 'mysql_engine': 'InnoDB', |
|
676 | {'extend_existing': True, 'mysql_engine': 'InnoDB', | |
677 | 'mysql_charset': 'utf8'}, |
|
677 | 'mysql_charset': 'utf8'}, | |
678 | ) |
|
678 | ) | |
679 |
|
679 | |||
680 | repo_id = Column("repo_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) |
|
680 | repo_id = Column("repo_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) | |
681 | repo_name = Column("repo_name", String(255, convert_unicode=False, assert_unicode=None), nullable=False, unique=True, default=None) |
|
681 | repo_name = Column("repo_name", String(255, convert_unicode=False, assert_unicode=None), nullable=False, unique=True, default=None) | |
682 | clone_uri = Column("clone_uri", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=False, default=None) |
|
682 | clone_uri = Column("clone_uri", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=False, default=None) | |
683 | repo_type = Column("repo_type", String(255, convert_unicode=False, assert_unicode=None), nullable=False, unique=False, default=None) |
|
683 | repo_type = Column("repo_type", String(255, convert_unicode=False, assert_unicode=None), nullable=False, unique=False, default=None) | |
684 | user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None) |
|
684 | user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None) | |
685 | private = Column("private", Boolean(), nullable=True, unique=None, default=None) |
|
685 | private = Column("private", Boolean(), nullable=True, unique=None, default=None) | |
686 | enable_statistics = Column("statistics", Boolean(), nullable=True, unique=None, default=True) |
|
686 | enable_statistics = Column("statistics", Boolean(), nullable=True, unique=None, default=True) | |
687 | enable_downloads = Column("downloads", Boolean(), nullable=True, unique=None, default=True) |
|
687 | enable_downloads = Column("downloads", Boolean(), nullable=True, unique=None, default=True) | |
688 | description = Column("description", String(10000, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) |
|
688 | description = Column("description", String(10000, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) | |
689 | created_on = Column('created_on', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now) |
|
689 | created_on = Column('created_on', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now) | |
690 | updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now) |
|
690 | updated_on = Column('updated_on', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now) | |
691 | landing_rev = Column("landing_revision", String(255, convert_unicode=False, assert_unicode=None), nullable=False, unique=False, default=None) |
|
691 | landing_rev = Column("landing_revision", String(255, convert_unicode=False, assert_unicode=None), nullable=False, unique=False, default=None) | |
692 | enable_locking = Column("enable_locking", Boolean(), nullable=False, unique=None, default=False) |
|
692 | enable_locking = Column("enable_locking", Boolean(), nullable=False, unique=None, default=False) | |
693 | _locked = Column("locked", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=False, default=None) |
|
693 | _locked = Column("locked", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=False, default=None) | |
694 | _changeset_cache = Column("changeset_cache", LargeBinary(), nullable=True) #JSON data |
|
694 | _changeset_cache = Column("changeset_cache", LargeBinary(), nullable=True) #JSON data | |
695 |
|
695 | |||
696 | fork_id = Column("fork_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=False, default=None) |
|
696 | fork_id = Column("fork_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=False, default=None) | |
697 | group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=False, default=None) |
|
697 | group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=False, default=None) | |
698 |
|
698 | |||
699 | user = relationship('User') |
|
699 | user = relationship('User') | |
700 | fork = relationship('Repository', remote_side=repo_id) |
|
700 | fork = relationship('Repository', remote_side=repo_id) | |
701 | group = relationship('RepoGroup') |
|
701 | group = relationship('RepoGroup') | |
702 | repo_to_perm = relationship('UserRepoToPerm', cascade='all', order_by='UserRepoToPerm.repo_to_perm_id') |
|
702 | repo_to_perm = relationship('UserRepoToPerm', cascade='all', order_by='UserRepoToPerm.repo_to_perm_id') | |
703 | users_group_to_perm = relationship('UsersGroupRepoToPerm', cascade='all') |
|
703 | users_group_to_perm = relationship('UsersGroupRepoToPerm', cascade='all') | |
704 | stats = relationship('Statistics', cascade='all', uselist=False) |
|
704 | stats = relationship('Statistics', cascade='all', uselist=False) | |
705 |
|
705 | |||
706 | followers = relationship('UserFollowing', |
|
706 | followers = relationship('UserFollowing', | |
707 | primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id', |
|
707 | primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id', | |
708 | cascade='all') |
|
708 | cascade='all') | |
709 |
|
709 | |||
710 | logs = relationship('UserLog') |
|
710 | logs = relationship('UserLog') | |
711 | comments = relationship('ChangesetComment', cascade="all, delete, delete-orphan") |
|
711 | comments = relationship('ChangesetComment', cascade="all, delete, delete-orphan") | |
712 |
|
712 | |||
713 | pull_requests_org = relationship('PullRequest', |
|
713 | pull_requests_org = relationship('PullRequest', | |
714 | primaryjoin='PullRequest.org_repo_id==Repository.repo_id', |
|
714 | primaryjoin='PullRequest.org_repo_id==Repository.repo_id', | |
715 | cascade="all, delete, delete-orphan") |
|
715 | cascade="all, delete, delete-orphan") | |
716 |
|
716 | |||
717 | pull_requests_other = relationship('PullRequest', |
|
717 | pull_requests_other = relationship('PullRequest', | |
718 | primaryjoin='PullRequest.other_repo_id==Repository.repo_id', |
|
718 | primaryjoin='PullRequest.other_repo_id==Repository.repo_id', | |
719 | cascade="all, delete, delete-orphan") |
|
719 | cascade="all, delete, delete-orphan") | |
720 |
|
720 | |||
721 | def __unicode__(self): |
|
721 | def __unicode__(self): | |
722 | return u"<%s('%s:%s')>" % (self.__class__.__name__, self.repo_id, |
|
722 | return u"<%s('%s:%s')>" % (self.__class__.__name__, self.repo_id, | |
723 | self.repo_name) |
|
723 | self.repo_name) | |
724 |
|
724 | |||
725 | @hybrid_property |
|
725 | @hybrid_property | |
726 | def locked(self): |
|
726 | def locked(self): | |
727 | # always should return [user_id, timelocked] |
|
727 | # always should return [user_id, timelocked] | |
728 | if self._locked: |
|
728 | if self._locked: | |
729 | _lock_info = self._locked.split(':') |
|
729 | _lock_info = self._locked.split(':') | |
730 | return int(_lock_info[0]), _lock_info[1] |
|
730 | return int(_lock_info[0]), _lock_info[1] | |
731 | return [None, None] |
|
731 | return [None, None] | |
732 |
|
732 | |||
733 | @locked.setter |
|
733 | @locked.setter | |
734 | def locked(self, val): |
|
734 | def locked(self, val): | |
735 | if val and isinstance(val, (list, tuple)): |
|
735 | if val and isinstance(val, (list, tuple)): | |
736 | self._locked = ':'.join(map(str, val)) |
|
736 | self._locked = ':'.join(map(str, val)) | |
737 | else: |
|
737 | else: | |
738 | self._locked = None |
|
738 | self._locked = None | |
739 |
|
739 | |||
740 | @hybrid_property |
|
740 | @hybrid_property | |
741 | def changeset_cache(self): |
|
741 | def changeset_cache(self): | |
742 | from rhodecode.lib.vcs.backends.base import EmptyChangeset |
|
742 | from rhodecode.lib.vcs.backends.base import EmptyChangeset | |
743 | dummy = EmptyChangeset().__json__() |
|
743 | dummy = EmptyChangeset().__json__() | |
744 | if not self._changeset_cache: |
|
744 | if not self._changeset_cache: | |
745 | return dummy |
|
745 | return dummy | |
746 | try: |
|
746 | try: | |
747 | return json.loads(self._changeset_cache) |
|
747 | return json.loads(self._changeset_cache) | |
748 | except TypeError: |
|
748 | except TypeError: | |
749 | return dummy |
|
749 | return dummy | |
750 |
|
750 | |||
751 | @changeset_cache.setter |
|
751 | @changeset_cache.setter | |
752 | def changeset_cache(self, val): |
|
752 | def changeset_cache(self, val): | |
753 | try: |
|
753 | try: | |
754 | self._changeset_cache = json.dumps(val) |
|
754 | self._changeset_cache = json.dumps(val) | |
755 | except: |
|
755 | except: | |
756 | log.error(traceback.format_exc()) |
|
756 | log.error(traceback.format_exc()) | |
757 |
|
757 | |||
758 | @classmethod |
|
758 | @classmethod | |
759 | def url_sep(cls): |
|
759 | def url_sep(cls): | |
760 | return URL_SEP |
|
760 | return URL_SEP | |
761 |
|
761 | |||
762 | @classmethod |
|
762 | @classmethod | |
763 | def normalize_repo_name(cls, repo_name): |
|
763 | def normalize_repo_name(cls, repo_name): | |
764 | """ |
|
764 | """ | |
765 | Normalizes os specific repo_name to the format internally stored inside |
|
765 | Normalizes os specific repo_name to the format internally stored inside | |
766 | dabatabase using URL_SEP |
|
766 | dabatabase using URL_SEP | |
767 |
|
767 | |||
768 | :param cls: |
|
768 | :param cls: | |
769 | :param repo_name: |
|
769 | :param repo_name: | |
770 | """ |
|
770 | """ | |
771 | return cls.url_sep().join(repo_name.split(os.sep)) |
|
771 | return cls.url_sep().join(repo_name.split(os.sep)) | |
772 |
|
772 | |||
773 | @classmethod |
|
773 | @classmethod | |
774 | def get_by_repo_name(cls, repo_name): |
|
774 | def get_by_repo_name(cls, repo_name): | |
775 | q = Session().query(cls).filter(cls.repo_name == repo_name) |
|
775 | q = Session().query(cls).filter(cls.repo_name == repo_name) | |
776 | q = q.options(joinedload(Repository.fork))\ |
|
776 | q = q.options(joinedload(Repository.fork))\ | |
777 | .options(joinedload(Repository.user))\ |
|
777 | .options(joinedload(Repository.user))\ | |
778 | .options(joinedload(Repository.group)) |
|
778 | .options(joinedload(Repository.group)) | |
779 | return q.scalar() |
|
779 | return q.scalar() | |
780 |
|
780 | |||
781 | @classmethod |
|
781 | @classmethod | |
782 | def get_by_full_path(cls, repo_full_path): |
|
782 | def get_by_full_path(cls, repo_full_path): | |
783 | repo_name = repo_full_path.split(cls.base_path(), 1)[-1] |
|
783 | repo_name = repo_full_path.split(cls.base_path(), 1)[-1] | |
784 | repo_name = cls.normalize_repo_name(repo_name) |
|
784 | repo_name = cls.normalize_repo_name(repo_name) | |
785 | return cls.get_by_repo_name(repo_name.strip(URL_SEP)) |
|
785 | return cls.get_by_repo_name(repo_name.strip(URL_SEP)) | |
786 |
|
786 | |||
787 | @classmethod |
|
787 | @classmethod | |
788 | def get_repo_forks(cls, repo_id): |
|
788 | def get_repo_forks(cls, repo_id): | |
789 | return cls.query().filter(Repository.fork_id == repo_id) |
|
789 | return cls.query().filter(Repository.fork_id == repo_id) | |
790 |
|
790 | |||
791 | @classmethod |
|
791 | @classmethod | |
792 | def base_path(cls): |
|
792 | def base_path(cls): | |
793 | """ |
|
793 | """ | |
794 | Returns base path when all repos are stored |
|
794 | Returns base path when all repos are stored | |
795 |
|
795 | |||
796 | :param cls: |
|
796 | :param cls: | |
797 | """ |
|
797 | """ | |
798 | q = Session().query(RhodeCodeUi)\ |
|
798 | q = Session().query(RhodeCodeUi)\ | |
799 | .filter(RhodeCodeUi.ui_key == cls.url_sep()) |
|
799 | .filter(RhodeCodeUi.ui_key == cls.url_sep()) | |
800 | q = q.options(FromCache("sql_cache_short", "repository_repo_path")) |
|
800 | q = q.options(FromCache("sql_cache_short", "repository_repo_path")) | |
801 | return q.one().ui_value |
|
801 | return q.one().ui_value | |
802 |
|
802 | |||
803 | @property |
|
803 | @property | |
804 | def forks(self): |
|
804 | def forks(self): | |
805 | """ |
|
805 | """ | |
806 | Return forks of this repo |
|
806 | Return forks of this repo | |
807 | """ |
|
807 | """ | |
808 | return Repository.get_repo_forks(self.repo_id) |
|
808 | return Repository.get_repo_forks(self.repo_id) | |
809 |
|
809 | |||
810 | @property |
|
810 | @property | |
811 | def parent(self): |
|
811 | def parent(self): | |
812 | """ |
|
812 | """ | |
813 | Returns fork parent |
|
813 | Returns fork parent | |
814 | """ |
|
814 | """ | |
815 | return self.fork |
|
815 | return self.fork | |
816 |
|
816 | |||
817 | @property |
|
817 | @property | |
818 | def just_name(self): |
|
818 | def just_name(self): | |
819 | return self.repo_name.split(Repository.url_sep())[-1] |
|
819 | return self.repo_name.split(Repository.url_sep())[-1] | |
820 |
|
820 | |||
821 | @property |
|
821 | @property | |
822 | def groups_with_parents(self): |
|
822 | def groups_with_parents(self): | |
823 | groups = [] |
|
823 | groups = [] | |
824 | if self.group is None: |
|
824 | if self.group is None: | |
825 | return groups |
|
825 | return groups | |
826 |
|
826 | |||
827 | cur_gr = self.group |
|
827 | cur_gr = self.group | |
828 | groups.insert(0, cur_gr) |
|
828 | groups.insert(0, cur_gr) | |
829 | while 1: |
|
829 | while 1: | |
830 | gr = getattr(cur_gr, 'parent_group', None) |
|
830 | gr = getattr(cur_gr, 'parent_group', None) | |
831 | cur_gr = cur_gr.parent_group |
|
831 | cur_gr = cur_gr.parent_group | |
832 | if gr is None: |
|
832 | if gr is None: | |
833 | break |
|
833 | break | |
834 | groups.insert(0, gr) |
|
834 | groups.insert(0, gr) | |
835 |
|
835 | |||
836 | return groups |
|
836 | return groups | |
837 |
|
837 | |||
838 | @property |
|
838 | @property | |
839 | def groups_and_repo(self): |
|
839 | def groups_and_repo(self): | |
840 | return self.groups_with_parents, self.just_name |
|
840 | return self.groups_with_parents, self.just_name | |
841 |
|
841 | |||
842 | @LazyProperty |
|
842 | @LazyProperty | |
843 | def repo_path(self): |
|
843 | def repo_path(self): | |
844 | """ |
|
844 | """ | |
845 | Returns base full path for that repository means where it actually |
|
845 | Returns base full path for that repository means where it actually | |
846 | exists on a filesystem |
|
846 | exists on a filesystem | |
847 | """ |
|
847 | """ | |
848 | q = Session().query(RhodeCodeUi).filter(RhodeCodeUi.ui_key == |
|
848 | q = Session().query(RhodeCodeUi).filter(RhodeCodeUi.ui_key == | |
849 | Repository.url_sep()) |
|
849 | Repository.url_sep()) | |
850 | q = q.options(FromCache("sql_cache_short", "repository_repo_path")) |
|
850 | q = q.options(FromCache("sql_cache_short", "repository_repo_path")) | |
851 | return q.one().ui_value |
|
851 | return q.one().ui_value | |
852 |
|
852 | |||
853 | @property |
|
853 | @property | |
854 | def repo_full_path(self): |
|
854 | def repo_full_path(self): | |
855 | p = [self.repo_path] |
|
855 | p = [self.repo_path] | |
856 | # we need to split the name by / since this is how we store the |
|
856 | # we need to split the name by / since this is how we store the | |
857 | # names in the database, but that eventually needs to be converted |
|
857 | # names in the database, but that eventually needs to be converted | |
858 | # into a valid system path |
|
858 | # into a valid system path | |
859 | p += self.repo_name.split(Repository.url_sep()) |
|
859 | p += self.repo_name.split(Repository.url_sep()) | |
860 | return os.path.join(*p) |
|
860 | return os.path.join(*p) | |
861 |
|
861 | |||
862 | @property |
|
862 | @property | |
863 | def cache_keys(self): |
|
863 | def cache_keys(self): | |
864 | """ |
|
864 | """ | |
865 | Returns associated cache keys for that repo |
|
865 | Returns associated cache keys for that repo | |
866 | """ |
|
866 | """ | |
867 | return CacheInvalidation.query()\ |
|
867 | return CacheInvalidation.query()\ | |
868 | .filter(CacheInvalidation.cache_args == self.repo_name)\ |
|
868 | .filter(CacheInvalidation.cache_args == self.repo_name)\ | |
869 | .order_by(CacheInvalidation.cache_key)\ |
|
869 | .order_by(CacheInvalidation.cache_key)\ | |
870 | .all() |
|
870 | .all() | |
871 |
|
871 | |||
872 | def get_new_name(self, repo_name): |
|
872 | def get_new_name(self, repo_name): | |
873 | """ |
|
873 | """ | |
874 | returns new full repository name based on assigned group and new new |
|
874 | returns new full repository name based on assigned group and new new | |
875 |
|
875 | |||
876 | :param group_name: |
|
876 | :param group_name: | |
877 | """ |
|
877 | """ | |
878 | path_prefix = self.group.full_path_splitted if self.group else [] |
|
878 | path_prefix = self.group.full_path_splitted if self.group else [] | |
879 | return Repository.url_sep().join(path_prefix + [repo_name]) |
|
879 | return Repository.url_sep().join(path_prefix + [repo_name]) | |
880 |
|
880 | |||
881 | @property |
|
881 | @property | |
882 | def _ui(self): |
|
882 | def _ui(self): | |
883 | """ |
|
883 | """ | |
884 | Creates an db based ui object for this repository |
|
884 | Creates an db based ui object for this repository | |
885 | """ |
|
885 | """ | |
886 | from rhodecode.lib.utils import make_ui |
|
886 | from rhodecode.lib.utils import make_ui | |
887 | return make_ui('db', clear_session=False) |
|
887 | return make_ui('db', clear_session=False) | |
888 |
|
888 | |||
889 | @classmethod |
|
889 | @classmethod | |
890 | def inject_ui(cls, repo, extras={}): |
|
890 | def inject_ui(cls, repo, extras={}): | |
891 | from rhodecode.lib.vcs.backends.hg import MercurialRepository |
|
891 | from rhodecode.lib.vcs.backends.hg import MercurialRepository | |
892 | from rhodecode.lib.vcs.backends.git import GitRepository |
|
892 | from rhodecode.lib.vcs.backends.git import GitRepository | |
893 | required = (MercurialRepository, GitRepository) |
|
893 | required = (MercurialRepository, GitRepository) | |
894 | if not isinstance(repo, required): |
|
894 | if not isinstance(repo, required): | |
895 | raise Exception('repo must be instance of %s' % required) |
|
895 | raise Exception('repo must be instance of %s' % required) | |
896 |
|
896 | |||
897 | # inject ui extra param to log this action via push logger |
|
897 | # inject ui extra param to log this action via push logger | |
898 | for k, v in extras.items(): |
|
898 | for k, v in extras.items(): | |
899 | repo._repo.ui.setconfig('rhodecode_extras', k, v) |
|
899 | repo._repo.ui.setconfig('rhodecode_extras', k, v) | |
900 |
|
900 | |||
901 | @classmethod |
|
901 | @classmethod | |
902 | def is_valid(cls, repo_name): |
|
902 | def is_valid(cls, repo_name): | |
903 | """ |
|
903 | """ | |
904 | returns True if given repo name is a valid filesystem repository |
|
904 | returns True if given repo name is a valid filesystem repository | |
905 |
|
905 | |||
906 | :param cls: |
|
906 | :param cls: | |
907 | :param repo_name: |
|
907 | :param repo_name: | |
908 | """ |
|
908 | """ | |
909 | from rhodecode.lib.utils import is_valid_repo |
|
909 | from rhodecode.lib.utils import is_valid_repo | |
910 |
|
910 | |||
911 | return is_valid_repo(repo_name, cls.base_path()) |
|
911 | return is_valid_repo(repo_name, cls.base_path()) | |
912 |
|
912 | |||
913 | def get_api_data(self): |
|
913 | def get_api_data(self): | |
914 | """ |
|
914 | """ | |
915 | Common function for generating repo api data |
|
915 | Common function for generating repo api data | |
916 |
|
916 | |||
917 | """ |
|
917 | """ | |
918 | repo = self |
|
918 | repo = self | |
919 | data = dict( |
|
919 | data = dict( | |
920 | repo_id=repo.repo_id, |
|
920 | repo_id=repo.repo_id, | |
921 | repo_name=repo.repo_name, |
|
921 | repo_name=repo.repo_name, | |
922 | repo_type=repo.repo_type, |
|
922 | repo_type=repo.repo_type, | |
923 | clone_uri=repo.clone_uri, |
|
923 | clone_uri=repo.clone_uri, | |
924 | private=repo.private, |
|
924 | private=repo.private, | |
925 | created_on=repo.created_on, |
|
925 | created_on=repo.created_on, | |
926 | description=repo.description, |
|
926 | description=repo.description, | |
927 | landing_rev=repo.landing_rev, |
|
927 | landing_rev=repo.landing_rev, | |
928 | owner=repo.user.username, |
|
928 | owner=repo.user.username, | |
929 | fork_of=repo.fork.repo_name if repo.fork else None, |
|
929 | fork_of=repo.fork.repo_name if repo.fork else None, | |
930 | enable_statistics=repo.enable_statistics, |
|
930 | enable_statistics=repo.enable_statistics, | |
931 | enable_locking=repo.enable_locking, |
|
931 | enable_locking=repo.enable_locking, | |
932 | enable_downloads=repo.enable_downloads, |
|
932 | enable_downloads=repo.enable_downloads, | |
933 | last_changeset=repo.changeset_cache |
|
933 | last_changeset=repo.changeset_cache | |
934 | ) |
|
934 | ) | |
935 |
|
935 | |||
936 | return data |
|
936 | return data | |
937 |
|
937 | |||
938 | @classmethod |
|
938 | @classmethod | |
939 | def lock(cls, repo, user_id): |
|
939 | def lock(cls, repo, user_id): | |
940 | repo.locked = [user_id, time.time()] |
|
940 | repo.locked = [user_id, time.time()] | |
941 | Session().add(repo) |
|
941 | Session().add(repo) | |
942 | Session().commit() |
|
942 | Session().commit() | |
943 |
|
943 | |||
944 | @classmethod |
|
944 | @classmethod | |
945 | def unlock(cls, repo): |
|
945 | def unlock(cls, repo): | |
946 | repo.locked = None |
|
946 | repo.locked = None | |
947 | Session().add(repo) |
|
947 | Session().add(repo) | |
948 | Session().commit() |
|
948 | Session().commit() | |
949 |
|
949 | |||
950 | @property |
|
950 | @property | |
951 | def last_db_change(self): |
|
951 | def last_db_change(self): | |
952 | return self.updated_on |
|
952 | return self.updated_on | |
953 |
|
953 | |||
954 | def clone_url(self, **override): |
|
954 | def clone_url(self, **override): | |
955 | from pylons import url |
|
955 | from pylons import url | |
956 | from urlparse import urlparse |
|
956 | from urlparse import urlparse | |
957 | import urllib |
|
957 | import urllib | |
958 | parsed_url = urlparse(url('home', qualified=True)) |
|
958 | parsed_url = urlparse(url('home', qualified=True)) | |
959 | default_clone_uri = '%(scheme)s://%(user)s%(pass)s%(netloc)s%(prefix)s%(path)s' |
|
959 | default_clone_uri = '%(scheme)s://%(user)s%(pass)s%(netloc)s%(prefix)s%(path)s' | |
960 | decoded_path = safe_unicode(urllib.unquote(parsed_url.path)) |
|
960 | decoded_path = safe_unicode(urllib.unquote(parsed_url.path)) | |
961 | args = { |
|
961 | args = { | |
962 | 'user': '', |
|
962 | 'user': '', | |
963 | 'pass': '', |
|
963 | 'pass': '', | |
964 | 'scheme': parsed_url.scheme, |
|
964 | 'scheme': parsed_url.scheme, | |
965 | 'netloc': parsed_url.netloc, |
|
965 | 'netloc': parsed_url.netloc, | |
966 | 'prefix': decoded_path, |
|
966 | 'prefix': decoded_path, | |
967 | 'path': self.repo_name |
|
967 | 'path': self.repo_name | |
968 | } |
|
968 | } | |
969 |
|
969 | |||
970 | args.update(override) |
|
970 | args.update(override) | |
971 | return default_clone_uri % args |
|
971 | return default_clone_uri % args | |
972 |
|
972 | |||
973 | #========================================================================== |
|
973 | #========================================================================== | |
974 | # SCM PROPERTIES |
|
974 | # SCM PROPERTIES | |
975 | #========================================================================== |
|
975 | #========================================================================== | |
976 |
|
976 | |||
977 | def get_changeset(self, rev=None): |
|
977 | def get_changeset(self, rev=None): | |
978 | return get_changeset_safe(self.scm_instance, rev) |
|
978 | return get_changeset_safe(self.scm_instance, rev) | |
979 |
|
979 | |||
980 | def get_landing_changeset(self): |
|
980 | def get_landing_changeset(self): | |
981 | """ |
|
981 | """ | |
982 | Returns landing changeset, or if that doesn't exist returns the tip |
|
982 | Returns landing changeset, or if that doesn't exist returns the tip | |
983 | """ |
|
983 | """ | |
984 | cs = self.get_changeset(self.landing_rev) or self.get_changeset() |
|
984 | cs = self.get_changeset(self.landing_rev) or self.get_changeset() | |
985 | return cs |
|
985 | return cs | |
986 |
|
986 | |||
987 | def update_changeset_cache(self, cs_cache=None): |
|
987 | def update_changeset_cache(self, cs_cache=None): | |
988 | """ |
|
988 | """ | |
989 | Update cache of last changeset for repository, keys should be:: |
|
989 | Update cache of last changeset for repository, keys should be:: | |
990 |
|
990 | |||
991 | short_id |
|
991 | short_id | |
992 | raw_id |
|
992 | raw_id | |
993 | revision |
|
993 | revision | |
994 | message |
|
994 | message | |
995 | date |
|
995 | date | |
996 | author |
|
996 | author | |
997 |
|
997 | |||
998 | :param cs_cache: |
|
998 | :param cs_cache: | |
999 | """ |
|
999 | """ | |
1000 | from rhodecode.lib.vcs.backends.base import BaseChangeset |
|
1000 | from rhodecode.lib.vcs.backends.base import BaseChangeset | |
1001 | if cs_cache is None: |
|
1001 | if cs_cache is None: | |
1002 | cs_cache = self.get_changeset() |
|
1002 | cs_cache = self.get_changeset() | |
1003 | if isinstance(cs_cache, BaseChangeset): |
|
1003 | if isinstance(cs_cache, BaseChangeset): | |
1004 | cs_cache = cs_cache.__json__() |
|
1004 | cs_cache = cs_cache.__json__() | |
1005 |
|
1005 | |||
1006 | if cs_cache != self.changeset_cache: |
|
1006 | if cs_cache != self.changeset_cache: | |
1007 | last_change = cs_cache.get('date') or self.last_change |
|
1007 | last_change = cs_cache.get('date') or self.last_change | |
1008 | log.debug('updated repo %s with new cs cache %s' % (self, cs_cache)) |
|
1008 | log.debug('updated repo %s with new cs cache %s' % (self, cs_cache)) | |
1009 | self.updated_on = last_change |
|
1009 | self.updated_on = last_change | |
1010 | self.changeset_cache = cs_cache |
|
1010 | self.changeset_cache = cs_cache | |
1011 | Session().add(self) |
|
1011 | Session().add(self) | |
1012 | Session().commit() |
|
1012 | Session().commit() | |
1013 |
|
1013 | |||
1014 | @property |
|
1014 | @property | |
1015 | def tip(self): |
|
1015 | def tip(self): | |
1016 | return self.get_changeset('tip') |
|
1016 | return self.get_changeset('tip') | |
1017 |
|
1017 | |||
1018 | @property |
|
1018 | @property | |
1019 | def author(self): |
|
1019 | def author(self): | |
1020 | return self.tip.author |
|
1020 | return self.tip.author | |
1021 |
|
1021 | |||
1022 | @property |
|
1022 | @property | |
1023 | def last_change(self): |
|
1023 | def last_change(self): | |
1024 | return self.scm_instance.last_change |
|
1024 | return self.scm_instance.last_change | |
1025 |
|
1025 | |||
1026 | def get_comments(self, revisions=None): |
|
1026 | def get_comments(self, revisions=None): | |
1027 | """ |
|
1027 | """ | |
1028 | Returns comments for this repository grouped by revisions |
|
1028 | Returns comments for this repository grouped by revisions | |
1029 |
|
1029 | |||
1030 | :param revisions: filter query by revisions only |
|
1030 | :param revisions: filter query by revisions only | |
1031 | """ |
|
1031 | """ | |
1032 | cmts = ChangesetComment.query()\ |
|
1032 | cmts = ChangesetComment.query()\ | |
1033 | .filter(ChangesetComment.repo == self) |
|
1033 | .filter(ChangesetComment.repo == self) | |
1034 | if revisions: |
|
1034 | if revisions: | |
1035 | cmts = cmts.filter(ChangesetComment.revision.in_(revisions)) |
|
1035 | cmts = cmts.filter(ChangesetComment.revision.in_(revisions)) | |
1036 | grouped = defaultdict(list) |
|
1036 | grouped = defaultdict(list) | |
1037 | for cmt in cmts.all(): |
|
1037 | for cmt in cmts.all(): | |
1038 | grouped[cmt.revision].append(cmt) |
|
1038 | grouped[cmt.revision].append(cmt) | |
1039 | return grouped |
|
1039 | return grouped | |
1040 |
|
1040 | |||
1041 | def statuses(self, revisions=None): |
|
1041 | def statuses(self, revisions=None): | |
1042 | """ |
|
1042 | """ | |
1043 | Returns statuses for this repository |
|
1043 | Returns statuses for this repository | |
1044 |
|
1044 | |||
1045 | :param revisions: list of revisions to get statuses for |
|
1045 | :param revisions: list of revisions to get statuses for | |
1046 | :type revisions: list |
|
1046 | :type revisions: list | |
1047 | """ |
|
1047 | """ | |
1048 |
|
1048 | |||
1049 | statuses = ChangesetStatus.query()\ |
|
1049 | statuses = ChangesetStatus.query()\ | |
1050 | .filter(ChangesetStatus.repo == self)\ |
|
1050 | .filter(ChangesetStatus.repo == self)\ | |
1051 | .filter(ChangesetStatus.version == 0) |
|
1051 | .filter(ChangesetStatus.version == 0) | |
1052 | if revisions: |
|
1052 | if revisions: | |
1053 | statuses = statuses.filter(ChangesetStatus.revision.in_(revisions)) |
|
1053 | statuses = statuses.filter(ChangesetStatus.revision.in_(revisions)) | |
1054 | grouped = {} |
|
1054 | grouped = {} | |
1055 |
|
1055 | |||
1056 | #maybe we have open new pullrequest without a status ? |
|
1056 | #maybe we have open new pullrequest without a status ? | |
1057 | stat = ChangesetStatus.STATUS_UNDER_REVIEW |
|
1057 | stat = ChangesetStatus.STATUS_UNDER_REVIEW | |
1058 | status_lbl = ChangesetStatus.get_status_lbl(stat) |
|
1058 | status_lbl = ChangesetStatus.get_status_lbl(stat) | |
1059 | for pr in PullRequest.query().filter(PullRequest.org_repo == self).all(): |
|
1059 | for pr in PullRequest.query().filter(PullRequest.org_repo == self).all(): | |
1060 | for rev in pr.revisions: |
|
1060 | for rev in pr.revisions: | |
1061 | pr_id = pr.pull_request_id |
|
1061 | pr_id = pr.pull_request_id | |
1062 | pr_repo = pr.other_repo.repo_name |
|
1062 | pr_repo = pr.other_repo.repo_name | |
1063 | grouped[rev] = [stat, status_lbl, pr_id, pr_repo] |
|
1063 | grouped[rev] = [stat, status_lbl, pr_id, pr_repo] | |
1064 |
|
1064 | |||
1065 | for stat in statuses.all(): |
|
1065 | for stat in statuses.all(): | |
1066 | pr_id = pr_repo = None |
|
1066 | pr_id = pr_repo = None | |
1067 | if stat.pull_request: |
|
1067 | if stat.pull_request: | |
1068 | pr_id = stat.pull_request.pull_request_id |
|
1068 | pr_id = stat.pull_request.pull_request_id | |
1069 | pr_repo = stat.pull_request.other_repo.repo_name |
|
1069 | pr_repo = stat.pull_request.other_repo.repo_name | |
1070 | grouped[stat.revision] = [str(stat.status), stat.status_lbl, |
|
1070 | grouped[stat.revision] = [str(stat.status), stat.status_lbl, | |
1071 | pr_id, pr_repo] |
|
1071 | pr_id, pr_repo] | |
1072 | return grouped |
|
1072 | return grouped | |
1073 |
|
1073 | |||
1074 | #========================================================================== |
|
1074 | #========================================================================== | |
1075 | # SCM CACHE INSTANCE |
|
1075 | # SCM CACHE INSTANCE | |
1076 | #========================================================================== |
|
1076 | #========================================================================== | |
1077 |
|
1077 | |||
1078 | @property |
|
1078 | @property | |
1079 | def invalidate(self): |
|
1079 | def invalidate(self): | |
1080 | return CacheInvalidation.invalidate(self.repo_name) |
|
1080 | return CacheInvalidation.invalidate(self.repo_name) | |
1081 |
|
1081 | |||
1082 | def set_invalidate(self): |
|
1082 | def set_invalidate(self): | |
1083 | """ |
|
1083 | """ | |
1084 | set a cache for invalidation for this instance |
|
1084 | set a cache for invalidation for this instance | |
1085 | """ |
|
1085 | """ | |
1086 | CacheInvalidation.set_invalidate(repo_name=self.repo_name) |
|
1086 | CacheInvalidation.set_invalidate(repo_name=self.repo_name) | |
1087 |
|
1087 | |||
1088 | @LazyProperty |
|
1088 | @LazyProperty | |
1089 | def scm_instance(self): |
|
1089 | def scm_instance(self): | |
1090 | import rhodecode |
|
1090 | import rhodecode | |
1091 | full_cache = str2bool(rhodecode.CONFIG.get('vcs_full_cache')) |
|
1091 | full_cache = str2bool(rhodecode.CONFIG.get('vcs_full_cache')) | |
1092 | if full_cache: |
|
1092 | if full_cache: | |
1093 | return self.scm_instance_cached() |
|
1093 | return self.scm_instance_cached() | |
1094 | return self.__get_instance() |
|
1094 | return self.__get_instance() | |
1095 |
|
1095 | |||
1096 | def scm_instance_cached(self, cache_map=None): |
|
1096 | def scm_instance_cached(self, cache_map=None): | |
1097 | @cache_region('long_term') |
|
1097 | @cache_region('long_term') | |
1098 | def _c(repo_name): |
|
1098 | def _c(repo_name): | |
1099 | return self.__get_instance() |
|
1099 | return self.__get_instance() | |
1100 | rn = self.repo_name |
|
1100 | rn = self.repo_name | |
1101 | log.debug('Getting cached instance of repo') |
|
1101 | log.debug('Getting cached instance of repo') | |
1102 |
|
1102 | |||
1103 | if cache_map: |
|
1103 | if cache_map: | |
1104 | # get using prefilled cache_map |
|
1104 | # get using prefilled cache_map | |
1105 | invalidate_repo = cache_map[self.repo_name] |
|
1105 | invalidate_repo = cache_map[self.repo_name] | |
1106 | if invalidate_repo: |
|
1106 | if invalidate_repo: | |
1107 | invalidate_repo = (None if invalidate_repo.cache_active |
|
1107 | invalidate_repo = (None if invalidate_repo.cache_active | |
1108 | else invalidate_repo) |
|
1108 | else invalidate_repo) | |
1109 | else: |
|
1109 | else: | |
1110 | # get from invalidate |
|
1110 | # get from invalidate | |
1111 | invalidate_repo = self.invalidate |
|
1111 | invalidate_repo = self.invalidate | |
1112 |
|
1112 | |||
1113 | if invalidate_repo is not None: |
|
1113 | if invalidate_repo is not None: | |
1114 | region_invalidate(_c, None, rn) |
|
1114 | region_invalidate(_c, None, rn) | |
1115 | # update our cache |
|
1115 | # update our cache | |
1116 | CacheInvalidation.set_valid(invalidate_repo.cache_key) |
|
1116 | CacheInvalidation.set_valid(invalidate_repo.cache_key) | |
1117 | return _c(rn) |
|
1117 | return _c(rn) | |
1118 |
|
1118 | |||
1119 | def __get_instance(self): |
|
1119 | def __get_instance(self): | |
1120 | repo_full_path = self.repo_full_path |
|
1120 | repo_full_path = self.repo_full_path | |
1121 | try: |
|
1121 | try: | |
1122 | alias = get_scm(repo_full_path)[0] |
|
1122 | alias = get_scm(repo_full_path)[0] | |
1123 | log.debug('Creating instance of %s repository' % alias) |
|
1123 | log.debug('Creating instance of %s repository' % alias) | |
1124 | backend = get_backend(alias) |
|
1124 | backend = get_backend(alias) | |
1125 | except VCSError: |
|
1125 | except VCSError: | |
1126 | log.error(traceback.format_exc()) |
|
1126 | log.error(traceback.format_exc()) | |
1127 | log.error('Perhaps this repository is in db and not in ' |
|
1127 | log.error('Perhaps this repository is in db and not in ' | |
1128 | 'filesystem run rescan repositories with ' |
|
1128 | 'filesystem run rescan repositories with ' | |
1129 | '"destroy old data " option from admin panel') |
|
1129 | '"destroy old data " option from admin panel') | |
1130 | return |
|
1130 | return | |
1131 |
|
1131 | |||
1132 | if alias == 'hg': |
|
1132 | if alias == 'hg': | |
1133 |
|
1133 | |||
1134 | repo = backend(safe_str(repo_full_path), create=False, |
|
1134 | repo = backend(safe_str(repo_full_path), create=False, | |
1135 | baseui=self._ui) |
|
1135 | baseui=self._ui) | |
1136 | # skip hidden web repository |
|
1136 | # skip hidden web repository | |
1137 | if repo._get_hidden(): |
|
1137 | if repo._get_hidden(): | |
1138 | return |
|
1138 | return | |
1139 | else: |
|
1139 | else: | |
1140 | repo = backend(repo_full_path, create=False) |
|
1140 | repo = backend(repo_full_path, create=False) | |
1141 |
|
1141 | |||
1142 | return repo |
|
1142 | return repo | |
1143 |
|
1143 | |||
1144 |
|
1144 | |||
1145 | class RepoGroup(Base, BaseModel): |
|
1145 | class RepoGroup(Base, BaseModel): | |
1146 | __tablename__ = 'groups' |
|
1146 | __tablename__ = 'groups' | |
1147 | __table_args__ = ( |
|
1147 | __table_args__ = ( | |
1148 | UniqueConstraint('group_name', 'group_parent_id'), |
|
1148 | UniqueConstraint('group_name', 'group_parent_id'), | |
1149 | CheckConstraint('group_id != group_parent_id'), |
|
1149 | CheckConstraint('group_id != group_parent_id'), | |
1150 | {'extend_existing': True, 'mysql_engine': 'InnoDB', |
|
1150 | {'extend_existing': True, 'mysql_engine': 'InnoDB', | |
1151 | 'mysql_charset': 'utf8'}, |
|
1151 | 'mysql_charset': 'utf8'}, | |
1152 | ) |
|
1152 | ) | |
1153 | __mapper_args__ = {'order_by': 'group_name'} |
|
1153 | __mapper_args__ = {'order_by': 'group_name'} | |
1154 |
|
1154 | |||
1155 | group_id = Column("group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) |
|
1155 | group_id = Column("group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) | |
1156 | group_name = Column("group_name", String(255, convert_unicode=False, assert_unicode=None), nullable=False, unique=True, default=None) |
|
1156 | group_name = Column("group_name", String(255, convert_unicode=False, assert_unicode=None), nullable=False, unique=True, default=None) | |
1157 | group_parent_id = Column("group_parent_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None) |
|
1157 | group_parent_id = Column("group_parent_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None) | |
1158 | group_description = Column("group_description", String(10000, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) |
|
1158 | group_description = Column("group_description", String(10000, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) | |
1159 | enable_locking = Column("enable_locking", Boolean(), nullable=False, unique=None, default=False) |
|
1159 | enable_locking = Column("enable_locking", Boolean(), nullable=False, unique=None, default=False) | |
1160 |
|
1160 | |||
1161 | repo_group_to_perm = relationship('UserRepoGroupToPerm', cascade='all', order_by='UserRepoGroupToPerm.group_to_perm_id') |
|
1161 | repo_group_to_perm = relationship('UserRepoGroupToPerm', cascade='all', order_by='UserRepoGroupToPerm.group_to_perm_id') | |
1162 | users_group_to_perm = relationship('UsersGroupRepoGroupToPerm', cascade='all') |
|
1162 | users_group_to_perm = relationship('UsersGroupRepoGroupToPerm', cascade='all') | |
1163 |
|
1163 | |||
1164 | parent_group = relationship('RepoGroup', remote_side=group_id) |
|
1164 | parent_group = relationship('RepoGroup', remote_side=group_id) | |
1165 |
|
1165 | |||
1166 | def __init__(self, group_name='', parent_group=None): |
|
1166 | def __init__(self, group_name='', parent_group=None): | |
1167 | self.group_name = group_name |
|
1167 | self.group_name = group_name | |
1168 | self.parent_group = parent_group |
|
1168 | self.parent_group = parent_group | |
1169 |
|
1169 | |||
1170 | def __unicode__(self): |
|
1170 | def __unicode__(self): | |
1171 | return u"<%s('%s:%s')>" % (self.__class__.__name__, self.group_id, |
|
1171 | return u"<%s('%s:%s')>" % (self.__class__.__name__, self.group_id, | |
1172 | self.group_name) |
|
1172 | self.group_name) | |
1173 |
|
1173 | |||
1174 | @classmethod |
|
1174 | @classmethod | |
1175 | def groups_choices(cls, check_perms=False): |
|
1175 | def groups_choices(cls, check_perms=False): | |
1176 | from webhelpers.html import literal as _literal |
|
1176 | from webhelpers.html import literal as _literal | |
1177 | from rhodecode.model.scm import ScmModel |
|
1177 | from rhodecode.model.scm import ScmModel | |
1178 | groups = cls.query().all() |
|
1178 | groups = cls.query().all() | |
1179 | if check_perms: |
|
1179 | if check_perms: | |
1180 | #filter group user have access to, it's done |
|
1180 | #filter group user have access to, it's done | |
1181 | #magically inside ScmModel based on current user |
|
1181 | #magically inside ScmModel based on current user | |
1182 | groups = ScmModel().get_repos_groups(groups) |
|
1182 | groups = ScmModel().get_repos_groups(groups) | |
1183 | repo_groups = [('', '')] |
|
1183 | repo_groups = [('', '')] | |
1184 | sep = ' » ' |
|
1184 | sep = ' » ' | |
1185 | _name = lambda k: _literal(sep.join(k)) |
|
1185 | _name = lambda k: _literal(sep.join(k)) | |
1186 |
|
1186 | |||
1187 | repo_groups.extend([(x.group_id, _name(x.full_path_splitted)) |
|
1187 | repo_groups.extend([(x.group_id, _name(x.full_path_splitted)) | |
1188 | for x in groups]) |
|
1188 | for x in groups]) | |
1189 |
|
1189 | |||
1190 | repo_groups = sorted(repo_groups, key=lambda t: t[1].split(sep)[0]) |
|
1190 | repo_groups = sorted(repo_groups, key=lambda t: t[1].split(sep)[0]) | |
1191 | return repo_groups |
|
1191 | return repo_groups | |
1192 |
|
1192 | |||
1193 | @classmethod |
|
1193 | @classmethod | |
1194 | def url_sep(cls): |
|
1194 | def url_sep(cls): | |
1195 | return URL_SEP |
|
1195 | return URL_SEP | |
1196 |
|
1196 | |||
1197 | @classmethod |
|
1197 | @classmethod | |
1198 | def get_by_group_name(cls, group_name, cache=False, case_insensitive=False): |
|
1198 | def get_by_group_name(cls, group_name, cache=False, case_insensitive=False): | |
1199 | if case_insensitive: |
|
1199 | if case_insensitive: | |
1200 | gr = cls.query()\ |
|
1200 | gr = cls.query()\ | |
1201 | .filter(cls.group_name.ilike(group_name)) |
|
1201 | .filter(cls.group_name.ilike(group_name)) | |
1202 | else: |
|
1202 | else: | |
1203 | gr = cls.query()\ |
|
1203 | gr = cls.query()\ | |
1204 | .filter(cls.group_name == group_name) |
|
1204 | .filter(cls.group_name == group_name) | |
1205 | if cache: |
|
1205 | if cache: | |
1206 | gr = gr.options(FromCache( |
|
1206 | gr = gr.options(FromCache( | |
1207 | "sql_cache_short", |
|
1207 | "sql_cache_short", | |
1208 | "get_group_%s" % _hash_key(group_name) |
|
1208 | "get_group_%s" % _hash_key(group_name) | |
1209 | ) |
|
1209 | ) | |
1210 | ) |
|
1210 | ) | |
1211 | return gr.scalar() |
|
1211 | return gr.scalar() | |
1212 |
|
1212 | |||
1213 | @property |
|
1213 | @property | |
1214 | def parents(self): |
|
1214 | def parents(self): | |
1215 | parents_recursion_limit = 5 |
|
1215 | parents_recursion_limit = 5 | |
1216 | groups = [] |
|
1216 | groups = [] | |
1217 | if self.parent_group is None: |
|
1217 | if self.parent_group is None: | |
1218 | return groups |
|
1218 | return groups | |
1219 | cur_gr = self.parent_group |
|
1219 | cur_gr = self.parent_group | |
1220 | groups.insert(0, cur_gr) |
|
1220 | groups.insert(0, cur_gr) | |
1221 | cnt = 0 |
|
1221 | cnt = 0 | |
1222 | while 1: |
|
1222 | while 1: | |
1223 | cnt += 1 |
|
1223 | cnt += 1 | |
1224 | gr = getattr(cur_gr, 'parent_group', None) |
|
1224 | gr = getattr(cur_gr, 'parent_group', None) | |
1225 | cur_gr = cur_gr.parent_group |
|
1225 | cur_gr = cur_gr.parent_group | |
1226 | if gr is None: |
|
1226 | if gr is None: | |
1227 | break |
|
1227 | break | |
1228 | if cnt == parents_recursion_limit: |
|
1228 | if cnt == parents_recursion_limit: | |
1229 | # this will prevent accidental infinit loops |
|
1229 | # this will prevent accidental infinit loops | |
1230 | log.error('group nested more than %s' % |
|
1230 | log.error('group nested more than %s' % | |
1231 | parents_recursion_limit) |
|
1231 | parents_recursion_limit) | |
1232 | break |
|
1232 | break | |
1233 |
|
1233 | |||
1234 | groups.insert(0, gr) |
|
1234 | groups.insert(0, gr) | |
1235 | return groups |
|
1235 | return groups | |
1236 |
|
1236 | |||
1237 | @property |
|
1237 | @property | |
1238 | def children(self): |
|
1238 | def children(self): | |
1239 | return RepoGroup.query().filter(RepoGroup.parent_group == self) |
|
1239 | return RepoGroup.query().filter(RepoGroup.parent_group == self) | |
1240 |
|
1240 | |||
1241 | @property |
|
1241 | @property | |
1242 | def name(self): |
|
1242 | def name(self): | |
1243 | return self.group_name.split(RepoGroup.url_sep())[-1] |
|
1243 | return self.group_name.split(RepoGroup.url_sep())[-1] | |
1244 |
|
1244 | |||
1245 | @property |
|
1245 | @property | |
1246 | def full_path(self): |
|
1246 | def full_path(self): | |
1247 | return self.group_name |
|
1247 | return self.group_name | |
1248 |
|
1248 | |||
1249 | @property |
|
1249 | @property | |
1250 | def full_path_splitted(self): |
|
1250 | def full_path_splitted(self): | |
1251 | return self.group_name.split(RepoGroup.url_sep()) |
|
1251 | return self.group_name.split(RepoGroup.url_sep()) | |
1252 |
|
1252 | |||
1253 | @property |
|
1253 | @property | |
1254 | def repositories(self): |
|
1254 | def repositories(self): | |
1255 | return Repository.query()\ |
|
1255 | return Repository.query()\ | |
1256 | .filter(Repository.group == self)\ |
|
1256 | .filter(Repository.group == self)\ | |
1257 | .order_by(Repository.repo_name) |
|
1257 | .order_by(Repository.repo_name) | |
1258 |
|
1258 | |||
1259 | @property |
|
1259 | @property | |
1260 | def repositories_recursive_count(self): |
|
1260 | def repositories_recursive_count(self): | |
1261 | cnt = self.repositories.count() |
|
1261 | cnt = self.repositories.count() | |
1262 |
|
1262 | |||
1263 | def children_count(group): |
|
1263 | def children_count(group): | |
1264 | cnt = 0 |
|
1264 | cnt = 0 | |
1265 | for child in group.children: |
|
1265 | for child in group.children: | |
1266 | cnt += child.repositories.count() |
|
1266 | cnt += child.repositories.count() | |
1267 | cnt += children_count(child) |
|
1267 | cnt += children_count(child) | |
1268 | return cnt |
|
1268 | return cnt | |
1269 |
|
1269 | |||
1270 | return cnt + children_count(self) |
|
1270 | return cnt + children_count(self) | |
1271 |
|
1271 | |||
1272 | def recursive_groups_and_repos(self): |
|
1272 | def recursive_groups_and_repos(self): | |
1273 | """ |
|
1273 | """ | |
1274 | Recursive return all groups, with repositories in those groups |
|
1274 | Recursive return all groups, with repositories in those groups | |
1275 | """ |
|
1275 | """ | |
1276 | all_ = [] |
|
1276 | all_ = [] | |
1277 |
|
1277 | |||
1278 | def _get_members(root_gr): |
|
1278 | def _get_members(root_gr): | |
1279 | for r in root_gr.repositories: |
|
1279 | for r in root_gr.repositories: | |
1280 | all_.append(r) |
|
1280 | all_.append(r) | |
1281 | childs = root_gr.children.all() |
|
1281 | childs = root_gr.children.all() | |
1282 | if childs: |
|
1282 | if childs: | |
1283 | for gr in childs: |
|
1283 | for gr in childs: | |
1284 | all_.append(gr) |
|
1284 | all_.append(gr) | |
1285 | _get_members(gr) |
|
1285 | _get_members(gr) | |
1286 |
|
1286 | |||
1287 | _get_members(self) |
|
1287 | _get_members(self) | |
1288 | return [self] + all_ |
|
1288 | return [self] + all_ | |
1289 |
|
1289 | |||
1290 | def get_new_name(self, group_name): |
|
1290 | def get_new_name(self, group_name): | |
1291 | """ |
|
1291 | """ | |
1292 | returns new full group name based on parent and new name |
|
1292 | returns new full group name based on parent and new name | |
1293 |
|
1293 | |||
1294 | :param group_name: |
|
1294 | :param group_name: | |
1295 | """ |
|
1295 | """ | |
1296 | path_prefix = (self.parent_group.full_path_splitted if |
|
1296 | path_prefix = (self.parent_group.full_path_splitted if | |
1297 | self.parent_group else []) |
|
1297 | self.parent_group else []) | |
1298 | return RepoGroup.url_sep().join(path_prefix + [group_name]) |
|
1298 | return RepoGroup.url_sep().join(path_prefix + [group_name]) | |
1299 |
|
1299 | |||
1300 |
|
1300 | |||
1301 | class Permission(Base, BaseModel): |
|
1301 | class Permission(Base, BaseModel): | |
1302 | __tablename__ = 'permissions' |
|
1302 | __tablename__ = 'permissions' | |
1303 | __table_args__ = ( |
|
1303 | __table_args__ = ( | |
1304 | Index('p_perm_name_idx', 'permission_name'), |
|
1304 | Index('p_perm_name_idx', 'permission_name'), | |
1305 | {'extend_existing': True, 'mysql_engine': 'InnoDB', |
|
1305 | {'extend_existing': True, 'mysql_engine': 'InnoDB', | |
1306 | 'mysql_charset': 'utf8'}, |
|
1306 | 'mysql_charset': 'utf8'}, | |
1307 | ) |
|
1307 | ) | |
1308 | PERMS = [ |
|
1308 | PERMS = [ | |
1309 | ('repository.none', _('Repository no access')), |
|
1309 | ('repository.none', _('Repository no access')), | |
1310 | ('repository.read', _('Repository read access')), |
|
1310 | ('repository.read', _('Repository read access')), | |
1311 | ('repository.write', _('Repository write access')), |
|
1311 | ('repository.write', _('Repository write access')), | |
1312 | ('repository.admin', _('Repository admin access')), |
|
1312 | ('repository.admin', _('Repository admin access')), | |
1313 |
|
1313 | |||
1314 | ('group.none', _('Repositories Group no access')), |
|
1314 | ('group.none', _('Repositories Group no access')), | |
1315 | ('group.read', _('Repositories Group read access')), |
|
1315 | ('group.read', _('Repositories Group read access')), | |
1316 | ('group.write', _('Repositories Group write access')), |
|
1316 | ('group.write', _('Repositories Group write access')), | |
1317 | ('group.admin', _('Repositories Group admin access')), |
|
1317 | ('group.admin', _('Repositories Group admin access')), | |
1318 |
|
1318 | |||
1319 | ('hg.admin', _('RhodeCode Administrator')), |
|
1319 | ('hg.admin', _('RhodeCode Administrator')), | |
1320 | ('hg.create.none', _('Repository creation disabled')), |
|
1320 | ('hg.create.none', _('Repository creation disabled')), | |
1321 | ('hg.create.repository', _('Repository creation enabled')), |
|
1321 | ('hg.create.repository', _('Repository creation enabled')), | |
1322 | ('hg.fork.none', _('Repository forking disabled')), |
|
1322 | ('hg.fork.none', _('Repository forking disabled')), | |
1323 | ('hg.fork.repository', _('Repository forking enabled')), |
|
1323 | ('hg.fork.repository', _('Repository forking enabled')), | |
1324 | ('hg.register.none', _('Register disabled')), |
|
1324 | ('hg.register.none', _('Register disabled')), | |
1325 | ('hg.register.manual_activate', _('Register new user with RhodeCode ' |
|
1325 | ('hg.register.manual_activate', _('Register new user with RhodeCode ' | |
1326 | 'with manual activation')), |
|
1326 | 'with manual activation')), | |
1327 |
|
1327 | |||
1328 | ('hg.register.auto_activate', _('Register new user with RhodeCode ' |
|
1328 | ('hg.register.auto_activate', _('Register new user with RhodeCode ' | |
1329 | 'with auto activation')), |
|
1329 | 'with auto activation')), | |
1330 | ] |
|
1330 | ] | |
1331 |
|
1331 | |||
1332 | # defines which permissions are more important higher the more important |
|
1332 | # defines which permissions are more important higher the more important | |
1333 | PERM_WEIGHTS = { |
|
1333 | PERM_WEIGHTS = { | |
1334 | 'repository.none': 0, |
|
1334 | 'repository.none': 0, | |
1335 | 'repository.read': 1, |
|
1335 | 'repository.read': 1, | |
1336 | 'repository.write': 3, |
|
1336 | 'repository.write': 3, | |
1337 | 'repository.admin': 4, |
|
1337 | 'repository.admin': 4, | |
1338 |
|
1338 | |||
1339 | 'group.none': 0, |
|
1339 | 'group.none': 0, | |
1340 | 'group.read': 1, |
|
1340 | 'group.read': 1, | |
1341 | 'group.write': 3, |
|
1341 | 'group.write': 3, | |
1342 | 'group.admin': 4, |
|
1342 | 'group.admin': 4, | |
1343 |
|
1343 | |||
1344 | 'hg.fork.none': 0, |
|
1344 | 'hg.fork.none': 0, | |
1345 | 'hg.fork.repository': 1, |
|
1345 | 'hg.fork.repository': 1, | |
1346 | 'hg.create.none': 0, |
|
1346 | 'hg.create.none': 0, | |
1347 | 'hg.create.repository':1 |
|
1347 | 'hg.create.repository':1 | |
1348 | } |
|
1348 | } | |
1349 |
|
1349 | |||
1350 | permission_id = Column("permission_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) |
|
1350 | permission_id = Column("permission_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) | |
1351 | permission_name = Column("permission_name", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) |
|
1351 | permission_name = Column("permission_name", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) | |
1352 | permission_longname = Column("permission_longname", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) |
|
1352 | permission_longname = Column("permission_longname", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) | |
1353 |
|
1353 | |||
1354 | def __unicode__(self): |
|
1354 | def __unicode__(self): | |
1355 | return u"<%s('%s:%s')>" % ( |
|
1355 | return u"<%s('%s:%s')>" % ( | |
1356 | self.__class__.__name__, self.permission_id, self.permission_name |
|
1356 | self.__class__.__name__, self.permission_id, self.permission_name | |
1357 | ) |
|
1357 | ) | |
1358 |
|
1358 | |||
1359 | @classmethod |
|
1359 | @classmethod | |
1360 | def get_by_key(cls, key): |
|
1360 | def get_by_key(cls, key): | |
1361 | return cls.query().filter(cls.permission_name == key).scalar() |
|
1361 | return cls.query().filter(cls.permission_name == key).scalar() | |
1362 |
|
1362 | |||
1363 | @classmethod |
|
1363 | @classmethod | |
1364 | def get_default_perms(cls, default_user_id): |
|
1364 | def get_default_perms(cls, default_user_id): | |
1365 | q = Session().query(UserRepoToPerm, Repository, cls)\ |
|
1365 | q = Session().query(UserRepoToPerm, Repository, cls)\ | |
1366 | .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\ |
|
1366 | .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\ | |
1367 | .join((cls, UserRepoToPerm.permission_id == cls.permission_id))\ |
|
1367 | .join((cls, UserRepoToPerm.permission_id == cls.permission_id))\ | |
1368 | .filter(UserRepoToPerm.user_id == default_user_id) |
|
1368 | .filter(UserRepoToPerm.user_id == default_user_id) | |
1369 |
|
1369 | |||
1370 | return q.all() |
|
1370 | return q.all() | |
1371 |
|
1371 | |||
1372 | @classmethod |
|
1372 | @classmethod | |
1373 | def get_default_group_perms(cls, default_user_id): |
|
1373 | def get_default_group_perms(cls, default_user_id): | |
1374 | q = Session().query(UserRepoGroupToPerm, RepoGroup, cls)\ |
|
1374 | q = Session().query(UserRepoGroupToPerm, RepoGroup, cls)\ | |
1375 | .join((RepoGroup, UserRepoGroupToPerm.group_id == RepoGroup.group_id))\ |
|
1375 | .join((RepoGroup, UserRepoGroupToPerm.group_id == RepoGroup.group_id))\ | |
1376 | .join((cls, UserRepoGroupToPerm.permission_id == cls.permission_id))\ |
|
1376 | .join((cls, UserRepoGroupToPerm.permission_id == cls.permission_id))\ | |
1377 | .filter(UserRepoGroupToPerm.user_id == default_user_id) |
|
1377 | .filter(UserRepoGroupToPerm.user_id == default_user_id) | |
1378 |
|
1378 | |||
1379 | return q.all() |
|
1379 | return q.all() | |
1380 |
|
1380 | |||
1381 |
|
1381 | |||
1382 | class UserRepoToPerm(Base, BaseModel): |
|
1382 | class UserRepoToPerm(Base, BaseModel): | |
1383 | __tablename__ = 'repo_to_perm' |
|
1383 | __tablename__ = 'repo_to_perm' | |
1384 | __table_args__ = ( |
|
1384 | __table_args__ = ( | |
1385 | UniqueConstraint('user_id', 'repository_id', 'permission_id'), |
|
1385 | UniqueConstraint('user_id', 'repository_id', 'permission_id'), | |
1386 | {'extend_existing': True, 'mysql_engine': 'InnoDB', |
|
1386 | {'extend_existing': True, 'mysql_engine': 'InnoDB', | |
1387 | 'mysql_charset': 'utf8'} |
|
1387 | 'mysql_charset': 'utf8'} | |
1388 | ) |
|
1388 | ) | |
1389 | repo_to_perm_id = Column("repo_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) |
|
1389 | repo_to_perm_id = Column("repo_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) | |
1390 | user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None) |
|
1390 | user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None) | |
1391 | permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None) |
|
1391 | permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None) | |
1392 | repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None) |
|
1392 | repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None) | |
1393 |
|
1393 | |||
1394 | user = relationship('User') |
|
1394 | user = relationship('User') | |
1395 | repository = relationship('Repository') |
|
1395 | repository = relationship('Repository') | |
1396 | permission = relationship('Permission') |
|
1396 | permission = relationship('Permission') | |
1397 |
|
1397 | |||
1398 | @classmethod |
|
1398 | @classmethod | |
1399 | def create(cls, user, repository, permission): |
|
1399 | def create(cls, user, repository, permission): | |
1400 | n = cls() |
|
1400 | n = cls() | |
1401 | n.user = user |
|
1401 | n.user = user | |
1402 | n.repository = repository |
|
1402 | n.repository = repository | |
1403 | n.permission = permission |
|
1403 | n.permission = permission | |
1404 | Session().add(n) |
|
1404 | Session().add(n) | |
1405 | return n |
|
1405 | return n | |
1406 |
|
1406 | |||
1407 | def __unicode__(self): |
|
1407 | def __unicode__(self): | |
1408 | return u'<user:%s => %s >' % (self.user, self.repository) |
|
1408 | return u'<user:%s => %s >' % (self.user, self.repository) | |
1409 |
|
1409 | |||
1410 |
|
1410 | |||
1411 | class UserToPerm(Base, BaseModel): |
|
1411 | class UserToPerm(Base, BaseModel): | |
1412 | __tablename__ = 'user_to_perm' |
|
1412 | __tablename__ = 'user_to_perm' | |
1413 | __table_args__ = ( |
|
1413 | __table_args__ = ( | |
1414 | UniqueConstraint('user_id', 'permission_id'), |
|
1414 | UniqueConstraint('user_id', 'permission_id'), | |
1415 | {'extend_existing': True, 'mysql_engine': 'InnoDB', |
|
1415 | {'extend_existing': True, 'mysql_engine': 'InnoDB', | |
1416 | 'mysql_charset': 'utf8'} |
|
1416 | 'mysql_charset': 'utf8'} | |
1417 | ) |
|
1417 | ) | |
1418 | user_to_perm_id = Column("user_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) |
|
1418 | user_to_perm_id = Column("user_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) | |
1419 | user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None) |
|
1419 | user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None) | |
1420 | permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None) |
|
1420 | permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None) | |
1421 |
|
1421 | |||
1422 | user = relationship('User') |
|
1422 | user = relationship('User') | |
1423 | permission = relationship('Permission', lazy='joined') |
|
1423 | permission = relationship('Permission', lazy='joined') | |
1424 |
|
1424 | |||
1425 |
|
1425 | |||
1426 | class UsersGroupRepoToPerm(Base, BaseModel): |
|
1426 | class UsersGroupRepoToPerm(Base, BaseModel): | |
1427 | __tablename__ = 'users_group_repo_to_perm' |
|
1427 | __tablename__ = 'users_group_repo_to_perm' | |
1428 | __table_args__ = ( |
|
1428 | __table_args__ = ( | |
1429 | UniqueConstraint('repository_id', 'users_group_id', 'permission_id'), |
|
1429 | UniqueConstraint('repository_id', 'users_group_id', 'permission_id'), | |
1430 | {'extend_existing': True, 'mysql_engine': 'InnoDB', |
|
1430 | {'extend_existing': True, 'mysql_engine': 'InnoDB', | |
1431 | 'mysql_charset': 'utf8'} |
|
1431 | 'mysql_charset': 'utf8'} | |
1432 | ) |
|
1432 | ) | |
1433 | users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) |
|
1433 | users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) | |
1434 | users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None) |
|
1434 | users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None) | |
1435 | permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None) |
|
1435 | permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None) | |
1436 | repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None) |
|
1436 | repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None) | |
1437 |
|
1437 | |||
1438 | users_group = relationship('UsersGroup') |
|
1438 | users_group = relationship('UsersGroup') | |
1439 | permission = relationship('Permission') |
|
1439 | permission = relationship('Permission') | |
1440 | repository = relationship('Repository') |
|
1440 | repository = relationship('Repository') | |
1441 |
|
1441 | |||
1442 | @classmethod |
|
1442 | @classmethod | |
1443 | def create(cls, users_group, repository, permission): |
|
1443 | def create(cls, users_group, repository, permission): | |
1444 | n = cls() |
|
1444 | n = cls() | |
1445 | n.users_group = users_group |
|
1445 | n.users_group = users_group | |
1446 | n.repository = repository |
|
1446 | n.repository = repository | |
1447 | n.permission = permission |
|
1447 | n.permission = permission | |
1448 | Session().add(n) |
|
1448 | Session().add(n) | |
1449 | return n |
|
1449 | return n | |
1450 |
|
1450 | |||
1451 | def __unicode__(self): |
|
1451 | def __unicode__(self): | |
1452 | return u'<userGroup:%s => %s >' % (self.users_group, self.repository) |
|
1452 | return u'<userGroup:%s => %s >' % (self.users_group, self.repository) | |
1453 |
|
1453 | |||
1454 |
|
1454 | |||
1455 | class UsersGroupToPerm(Base, BaseModel): |
|
1455 | class UsersGroupToPerm(Base, BaseModel): | |
1456 | __tablename__ = 'users_group_to_perm' |
|
1456 | __tablename__ = 'users_group_to_perm' | |
1457 | __table_args__ = ( |
|
1457 | __table_args__ = ( | |
1458 | UniqueConstraint('users_group_id', 'permission_id',), |
|
1458 | UniqueConstraint('users_group_id', 'permission_id',), | |
1459 | {'extend_existing': True, 'mysql_engine': 'InnoDB', |
|
1459 | {'extend_existing': True, 'mysql_engine': 'InnoDB', | |
1460 | 'mysql_charset': 'utf8'} |
|
1460 | 'mysql_charset': 'utf8'} | |
1461 | ) |
|
1461 | ) | |
1462 | users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) |
|
1462 | users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) | |
1463 | users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None) |
|
1463 | users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None) | |
1464 | permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None) |
|
1464 | permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None) | |
1465 |
|
1465 | |||
1466 | users_group = relationship('UsersGroup') |
|
1466 | users_group = relationship('UsersGroup') | |
1467 | permission = relationship('Permission') |
|
1467 | permission = relationship('Permission') | |
1468 |
|
1468 | |||
1469 |
|
1469 | |||
1470 | class UserRepoGroupToPerm(Base, BaseModel): |
|
1470 | class UserRepoGroupToPerm(Base, BaseModel): | |
1471 | __tablename__ = 'user_repo_group_to_perm' |
|
1471 | __tablename__ = 'user_repo_group_to_perm' | |
1472 | __table_args__ = ( |
|
1472 | __table_args__ = ( | |
1473 | UniqueConstraint('user_id', 'group_id', 'permission_id'), |
|
1473 | UniqueConstraint('user_id', 'group_id', 'permission_id'), | |
1474 | {'extend_existing': True, 'mysql_engine': 'InnoDB', |
|
1474 | {'extend_existing': True, 'mysql_engine': 'InnoDB', | |
1475 | 'mysql_charset': 'utf8'} |
|
1475 | 'mysql_charset': 'utf8'} | |
1476 | ) |
|
1476 | ) | |
1477 |
|
1477 | |||
1478 | group_to_perm_id = Column("group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) |
|
1478 | group_to_perm_id = Column("group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) | |
1479 | user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None) |
|
1479 | user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None) | |
1480 | group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None) |
|
1480 | group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None) | |
1481 | permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None) |
|
1481 | permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None) | |
1482 |
|
1482 | |||
1483 | user = relationship('User') |
|
1483 | user = relationship('User') | |
1484 | group = relationship('RepoGroup') |
|
1484 | group = relationship('RepoGroup') | |
1485 | permission = relationship('Permission') |
|
1485 | permission = relationship('Permission') | |
1486 |
|
1486 | |||
1487 |
|
1487 | |||
1488 | class UsersGroupRepoGroupToPerm(Base, BaseModel): |
|
1488 | class UsersGroupRepoGroupToPerm(Base, BaseModel): | |
1489 | __tablename__ = 'users_group_repo_group_to_perm' |
|
1489 | __tablename__ = 'users_group_repo_group_to_perm' | |
1490 | __table_args__ = ( |
|
1490 | __table_args__ = ( | |
1491 | UniqueConstraint('users_group_id', 'group_id'), |
|
1491 | UniqueConstraint('users_group_id', 'group_id'), | |
1492 | {'extend_existing': True, 'mysql_engine': 'InnoDB', |
|
1492 | {'extend_existing': True, 'mysql_engine': 'InnoDB', | |
1493 | 'mysql_charset': 'utf8'} |
|
1493 | 'mysql_charset': 'utf8'} | |
1494 | ) |
|
1494 | ) | |
1495 |
|
1495 | |||
1496 | users_group_repo_group_to_perm_id = Column("users_group_repo_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) |
|
1496 | users_group_repo_group_to_perm_id = Column("users_group_repo_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) | |
1497 | users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None) |
|
1497 | users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None) | |
1498 | group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None) |
|
1498 | group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None) | |
1499 | permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None) |
|
1499 | permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None) | |
1500 |
|
1500 | |||
1501 | users_group = relationship('UsersGroup') |
|
1501 | users_group = relationship('UsersGroup') | |
1502 | permission = relationship('Permission') |
|
1502 | permission = relationship('Permission') | |
1503 | group = relationship('RepoGroup') |
|
1503 | group = relationship('RepoGroup') | |
1504 |
|
1504 | |||
1505 |
|
1505 | |||
1506 | class Statistics(Base, BaseModel): |
|
1506 | class Statistics(Base, BaseModel): | |
1507 | __tablename__ = 'statistics' |
|
1507 | __tablename__ = 'statistics' | |
1508 | __table_args__ = ( |
|
1508 | __table_args__ = ( | |
1509 | UniqueConstraint('repository_id'), |
|
1509 | UniqueConstraint('repository_id'), | |
1510 | {'extend_existing': True, 'mysql_engine': 'InnoDB', |
|
1510 | {'extend_existing': True, 'mysql_engine': 'InnoDB', | |
1511 | 'mysql_charset': 'utf8'} |
|
1511 | 'mysql_charset': 'utf8'} | |
1512 | ) |
|
1512 | ) | |
1513 | stat_id = Column("stat_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) |
|
1513 | stat_id = Column("stat_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) | |
1514 | repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=True, default=None) |
|
1514 | repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=True, default=None) | |
1515 | stat_on_revision = Column("stat_on_revision", Integer(), nullable=False) |
|
1515 | stat_on_revision = Column("stat_on_revision", Integer(), nullable=False) | |
1516 | commit_activity = Column("commit_activity", LargeBinary(1000000), nullable=False)#JSON data |
|
1516 | commit_activity = Column("commit_activity", LargeBinary(1000000), nullable=False)#JSON data | |
1517 | commit_activity_combined = Column("commit_activity_combined", LargeBinary(), nullable=False)#JSON data |
|
1517 | commit_activity_combined = Column("commit_activity_combined", LargeBinary(), nullable=False)#JSON data | |
1518 | languages = Column("languages", LargeBinary(1000000), nullable=False)#JSON data |
|
1518 | languages = Column("languages", LargeBinary(1000000), nullable=False)#JSON data | |
1519 |
|
1519 | |||
1520 | repository = relationship('Repository', single_parent=True) |
|
1520 | repository = relationship('Repository', single_parent=True) | |
1521 |
|
1521 | |||
1522 |
|
1522 | |||
1523 | class UserFollowing(Base, BaseModel): |
|
1523 | class UserFollowing(Base, BaseModel): | |
1524 | __tablename__ = 'user_followings' |
|
1524 | __tablename__ = 'user_followings' | |
1525 | __table_args__ = ( |
|
1525 | __table_args__ = ( | |
1526 | UniqueConstraint('user_id', 'follows_repository_id'), |
|
1526 | UniqueConstraint('user_id', 'follows_repository_id'), | |
1527 | UniqueConstraint('user_id', 'follows_user_id'), |
|
1527 | UniqueConstraint('user_id', 'follows_user_id'), | |
1528 | {'extend_existing': True, 'mysql_engine': 'InnoDB', |
|
1528 | {'extend_existing': True, 'mysql_engine': 'InnoDB', | |
1529 | 'mysql_charset': 'utf8'} |
|
1529 | 'mysql_charset': 'utf8'} | |
1530 | ) |
|
1530 | ) | |
1531 |
|
1531 | |||
1532 | user_following_id = Column("user_following_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) |
|
1532 | user_following_id = Column("user_following_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) | |
1533 | user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None) |
|
1533 | user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None) | |
1534 | follows_repo_id = Column("follows_repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None) |
|
1534 | follows_repo_id = Column("follows_repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None) | |
1535 | follows_user_id = Column("follows_user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None) |
|
1535 | follows_user_id = Column("follows_user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None) | |
1536 | follows_from = Column('follows_from', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now) |
|
1536 | follows_from = Column('follows_from', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now) | |
1537 |
|
1537 | |||
1538 | user = relationship('User', primaryjoin='User.user_id==UserFollowing.user_id') |
|
1538 | user = relationship('User', primaryjoin='User.user_id==UserFollowing.user_id') | |
1539 |
|
1539 | |||
1540 | follows_user = relationship('User', primaryjoin='User.user_id==UserFollowing.follows_user_id') |
|
1540 | follows_user = relationship('User', primaryjoin='User.user_id==UserFollowing.follows_user_id') | |
1541 | follows_repository = relationship('Repository', order_by='Repository.repo_name') |
|
1541 | follows_repository = relationship('Repository', order_by='Repository.repo_name') | |
1542 |
|
1542 | |||
1543 | @classmethod |
|
1543 | @classmethod | |
1544 | def get_repo_followers(cls, repo_id): |
|
1544 | def get_repo_followers(cls, repo_id): | |
1545 | return cls.query().filter(cls.follows_repo_id == repo_id) |
|
1545 | return cls.query().filter(cls.follows_repo_id == repo_id) | |
1546 |
|
1546 | |||
1547 |
|
1547 | |||
1548 | class CacheInvalidation(Base, BaseModel): |
|
1548 | class CacheInvalidation(Base, BaseModel): | |
1549 | __tablename__ = 'cache_invalidation' |
|
1549 | __tablename__ = 'cache_invalidation' | |
1550 | __table_args__ = ( |
|
1550 | __table_args__ = ( | |
1551 | UniqueConstraint('cache_key'), |
|
1551 | UniqueConstraint('cache_key'), | |
1552 | Index('key_idx', 'cache_key'), |
|
1552 | Index('key_idx', 'cache_key'), | |
1553 | {'extend_existing': True, 'mysql_engine': 'InnoDB', |
|
1553 | {'extend_existing': True, 'mysql_engine': 'InnoDB', | |
1554 | 'mysql_charset': 'utf8'}, |
|
1554 | 'mysql_charset': 'utf8'}, | |
1555 | ) |
|
1555 | ) | |
1556 | cache_id = Column("cache_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) |
|
1556 | cache_id = Column("cache_id", Integer(), nullable=False, unique=True, default=None, primary_key=True) | |
1557 | cache_key = Column("cache_key", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) |
|
1557 | cache_key = Column("cache_key", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) | |
1558 | cache_args = Column("cache_args", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) |
|
1558 | cache_args = Column("cache_args", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) | |
1559 | cache_active = Column("cache_active", Boolean(), nullable=True, unique=None, default=False) |
|
1559 | cache_active = Column("cache_active", Boolean(), nullable=True, unique=None, default=False) | |
1560 |
|
1560 | |||
1561 | def __init__(self, cache_key, cache_args=''): |
|
1561 | def __init__(self, cache_key, cache_args=''): | |
1562 | self.cache_key = cache_key |
|
1562 | self.cache_key = cache_key | |
1563 | self.cache_args = cache_args |
|
1563 | self.cache_args = cache_args | |
1564 | self.cache_active = False |
|
1564 | self.cache_active = False | |
1565 |
|
1565 | |||
1566 | def __unicode__(self): |
|
1566 | def __unicode__(self): | |
1567 | return u"<%s('%s:%s')>" % (self.__class__.__name__, |
|
1567 | return u"<%s('%s:%s')>" % (self.__class__.__name__, | |
1568 | self.cache_id, self.cache_key) |
|
1568 | self.cache_id, self.cache_key) | |
1569 |
|
1569 | |||
1570 | @property |
|
1570 | @property | |
1571 | def prefix(self): |
|
1571 | def prefix(self): | |
1572 | _split = self.cache_key.split(self.cache_args, 1) |
|
1572 | _split = self.cache_key.split(self.cache_args, 1) | |
1573 | if _split and len(_split) == 2: |
|
1573 | if _split and len(_split) == 2: | |
1574 | return _split[0] |
|
1574 | return _split[0] | |
1575 | return '' |
|
1575 | return '' | |
1576 |
|
1576 | |||
1577 | @classmethod |
|
1577 | @classmethod | |
1578 | def clear_cache(cls): |
|
1578 | def clear_cache(cls): | |
1579 | cls.query().delete() |
|
1579 | cls.query().delete() | |
1580 |
|
1580 | |||
1581 | @classmethod |
|
1581 | @classmethod | |
1582 | def _get_key(cls, key): |
|
1582 | def _get_key(cls, key): | |
1583 | """ |
|
1583 | """ | |
1584 | Wrapper for generating a key, together with a prefix |
|
1584 | Wrapper for generating a key, together with a prefix | |
1585 |
|
1585 | |||
1586 | :param key: |
|
1586 | :param key: | |
1587 | """ |
|
1587 | """ | |
1588 | import rhodecode |
|
1588 | import rhodecode | |
1589 | prefix = '' |
|
1589 | prefix = '' | |
1590 | org_key = key |
|
1590 | org_key = key | |
1591 | iid = rhodecode.CONFIG.get('instance_id') |
|
1591 | iid = rhodecode.CONFIG.get('instance_id') | |
1592 | if iid: |
|
1592 | if iid: | |
1593 | prefix = iid |
|
1593 | prefix = iid | |
1594 |
|
1594 | |||
1595 | return "%s%s" % (prefix, key), prefix, org_key |
|
1595 | return "%s%s" % (prefix, key), prefix, org_key | |
1596 |
|
1596 | |||
1597 | @classmethod |
|
1597 | @classmethod | |
1598 | def get_by_key(cls, key): |
|
1598 | def get_by_key(cls, key): | |
1599 | return cls.query().filter(cls.cache_key == key).scalar() |
|
1599 | return cls.query().filter(cls.cache_key == key).scalar() | |
1600 |
|
1600 | |||
1601 | @classmethod |
|
1601 | @classmethod | |
1602 | def get_by_repo_name(cls, repo_name): |
|
1602 | def get_by_repo_name(cls, repo_name): | |
1603 | return cls.query().filter(cls.cache_args == repo_name).all() |
|
1603 | return cls.query().filter(cls.cache_args == repo_name).all() | |
1604 |
|
1604 | |||
1605 | @classmethod |
|
1605 | @classmethod | |
1606 | def _get_or_create_key(cls, key, repo_name, commit=True): |
|
1606 | def _get_or_create_key(cls, key, repo_name, commit=True): | |
1607 | inv_obj = Session().query(cls).filter(cls.cache_key == key).scalar() |
|
1607 | inv_obj = Session().query(cls).filter(cls.cache_key == key).scalar() | |
1608 | if not inv_obj: |
|
1608 | if not inv_obj: | |
1609 | try: |
|
1609 | try: | |
1610 | inv_obj = CacheInvalidation(key, repo_name) |
|
1610 | inv_obj = CacheInvalidation(key, repo_name) | |
1611 | Session().add(inv_obj) |
|
1611 | Session().add(inv_obj) | |
1612 | if commit: |
|
1612 | if commit: | |
1613 | Session().commit() |
|
1613 | Session().commit() | |
1614 | except Exception: |
|
1614 | except Exception: | |
1615 | log.error(traceback.format_exc()) |
|
1615 | log.error(traceback.format_exc()) | |
1616 | Session().rollback() |
|
1616 | Session().rollback() | |
1617 | return inv_obj |
|
1617 | return inv_obj | |
1618 |
|
1618 | |||
1619 | @classmethod |
|
1619 | @classmethod | |
1620 | def invalidate(cls, key): |
|
1620 | def invalidate(cls, key): | |
1621 | """ |
|
1621 | """ | |
1622 | Returns Invalidation object if this given key should be invalidated |
|
1622 | Returns Invalidation object if this given key should be invalidated | |
1623 | None otherwise. `cache_active = False` means that this cache |
|
1623 | None otherwise. `cache_active = False` means that this cache | |
1624 | state is not valid and needs to be invalidated |
|
1624 | state is not valid and needs to be invalidated | |
1625 |
|
1625 | |||
1626 | :param key: |
|
1626 | :param key: | |
1627 | """ |
|
1627 | """ | |
1628 | repo_name = key |
|
1628 | repo_name = key | |
1629 | repo_name = remove_suffix(repo_name, '_README') |
|
1629 | repo_name = remove_suffix(repo_name, '_README') | |
1630 | repo_name = remove_suffix(repo_name, '_RSS') |
|
1630 | repo_name = remove_suffix(repo_name, '_RSS') | |
1631 | repo_name = remove_suffix(repo_name, '_ATOM') |
|
1631 | repo_name = remove_suffix(repo_name, '_ATOM') | |
1632 |
|
1632 | |||
1633 | # adds instance prefix |
|
1633 | # adds instance prefix | |
1634 | key, _prefix, _org_key = cls._get_key(key) |
|
1634 | key, _prefix, _org_key = cls._get_key(key) | |
1635 | inv = cls._get_or_create_key(key, repo_name) |
|
1635 | inv = cls._get_or_create_key(key, repo_name) | |
1636 |
|
1636 | |||
1637 | if inv and inv.cache_active is False: |
|
1637 | if inv and inv.cache_active is False: | |
1638 | return inv |
|
1638 | return inv | |
1639 |
|
1639 | |||
1640 | @classmethod |
|
1640 | @classmethod | |
1641 | def set_invalidate(cls, key=None, repo_name=None): |
|
1641 | def set_invalidate(cls, key=None, repo_name=None): | |
1642 | """ |
|
1642 | """ | |
1643 | Mark this Cache key for invalidation, either by key or whole |
|
1643 | Mark this Cache key for invalidation, either by key or whole | |
1644 | cache sets based on repo_name |
|
1644 | cache sets based on repo_name | |
1645 |
|
1645 | |||
1646 | :param key: |
|
1646 | :param key: | |
1647 | """ |
|
1647 | """ | |
1648 | if key: |
|
1648 | if key: | |
1649 | key, _prefix, _org_key = cls._get_key(key) |
|
1649 | key, _prefix, _org_key = cls._get_key(key) | |
1650 | inv_objs = Session().query(cls).filter(cls.cache_key == key).all() |
|
1650 | inv_objs = Session().query(cls).filter(cls.cache_key == key).all() | |
1651 | elif repo_name: |
|
1651 | elif repo_name: | |
1652 | inv_objs = Session().query(cls).filter(cls.cache_args == repo_name).all() |
|
1652 | inv_objs = Session().query(cls).filter(cls.cache_args == repo_name).all() | |
1653 |
|
1653 | |||
1654 | log.debug('marking %s key[s] for invalidation based on key=%s,repo_name=%s' |
|
1654 | log.debug('marking %s key[s] for invalidation based on key=%s,repo_name=%s' | |
1655 | % (len(inv_objs), key, repo_name)) |
|
1655 | % (len(inv_objs), key, repo_name)) | |
1656 | try: |
|
1656 | try: | |
1657 | for inv_obj in inv_objs: |
|
1657 | for inv_obj in inv_objs: | |
1658 | inv_obj.cache_active = False |
|
1658 | inv_obj.cache_active = False | |
1659 | Session().add(inv_obj) |
|
1659 | Session().add(inv_obj) | |
1660 | Session().commit() |
|
1660 | Session().commit() | |
1661 | except Exception: |
|
1661 | except Exception: | |
1662 | log.error(traceback.format_exc()) |
|
1662 | log.error(traceback.format_exc()) | |
1663 | Session().rollback() |
|
1663 | Session().rollback() | |
1664 |
|
1664 | |||
1665 | @classmethod |
|
1665 | @classmethod | |
1666 | def set_valid(cls, key): |
|
1666 | def set_valid(cls, key): | |
1667 | """ |
|
1667 | """ | |
1668 | Mark this cache key as active and currently cached |
|
1668 | Mark this cache key as active and currently cached | |
1669 |
|
1669 | |||
1670 | :param key: |
|
1670 | :param key: | |
1671 | """ |
|
1671 | """ | |
1672 | inv_obj = cls.get_by_key(key) |
|
1672 | inv_obj = cls.get_by_key(key) | |
1673 | inv_obj.cache_active = True |
|
1673 | inv_obj.cache_active = True | |
1674 | Session().add(inv_obj) |
|
1674 | Session().add(inv_obj) | |
1675 | Session().commit() |
|
1675 | Session().commit() | |
1676 |
|
1676 | |||
1677 | @classmethod |
|
1677 | @classmethod | |
1678 | def get_cache_map(cls): |
|
1678 | def get_cache_map(cls): | |
1679 |
|
1679 | |||
1680 | class cachemapdict(dict): |
|
1680 | class cachemapdict(dict): | |
1681 |
|
1681 | |||
1682 | def __init__(self, *args, **kwargs): |
|
1682 | def __init__(self, *args, **kwargs): | |
1683 | fixkey = kwargs.get('fixkey') |
|
1683 | fixkey = kwargs.get('fixkey') | |
1684 | if fixkey: |
|
1684 | if fixkey: | |
1685 | del kwargs['fixkey'] |
|
1685 | del kwargs['fixkey'] | |
1686 | self.fixkey = fixkey |
|
1686 | self.fixkey = fixkey | |
1687 | super(cachemapdict, self).__init__(*args, **kwargs) |
|
1687 | super(cachemapdict, self).__init__(*args, **kwargs) | |
1688 |
|
1688 | |||
1689 | def __getattr__(self, name): |
|
1689 | def __getattr__(self, name): | |
1690 | key = name |
|
1690 | key = name | |
1691 | if self.fixkey: |
|
1691 | if self.fixkey: | |
1692 | key, _prefix, _org_key = cls._get_key(key) |
|
1692 | key, _prefix, _org_key = cls._get_key(key) | |
1693 | if key in self.__dict__: |
|
1693 | if key in self.__dict__: | |
1694 | return self.__dict__[key] |
|
1694 | return self.__dict__[key] | |
1695 | else: |
|
1695 | else: | |
1696 | return self[key] |
|
1696 | return self[key] | |
1697 |
|
1697 | |||
1698 | def __getitem__(self, key): |
|
1698 | def __getitem__(self, key): | |
1699 | if self.fixkey: |
|
1699 | if self.fixkey: | |
1700 | key, _prefix, _org_key = cls._get_key(key) |
|
1700 | key, _prefix, _org_key = cls._get_key(key) | |
1701 | try: |
|
1701 | try: | |
1702 | return super(cachemapdict, self).__getitem__(key) |
|
1702 | return super(cachemapdict, self).__getitem__(key) | |
1703 | except KeyError: |
|
1703 | except KeyError: | |
1704 | return |
|
1704 | return | |
1705 |
|
1705 | |||
1706 | cache_map = cachemapdict(fixkey=True) |
|
1706 | cache_map = cachemapdict(fixkey=True) | |
1707 | for obj in cls.query().all(): |
|
1707 | for obj in cls.query().all(): | |
1708 | cache_map[obj.cache_key] = cachemapdict(obj.get_dict()) |
|
1708 | cache_map[obj.cache_key] = cachemapdict(obj.get_dict()) | |
1709 | return cache_map |
|
1709 | return cache_map | |
1710 |
|
1710 | |||
1711 |
|
1711 | |||
1712 | class ChangesetComment(Base, BaseModel): |
|
1712 | class ChangesetComment(Base, BaseModel): | |
1713 | __tablename__ = 'changeset_comments' |
|
1713 | __tablename__ = 'changeset_comments' | |
1714 | __table_args__ = ( |
|
1714 | __table_args__ = ( | |
1715 | Index('cc_revision_idx', 'revision'), |
|
1715 | Index('cc_revision_idx', 'revision'), | |
1716 | {'extend_existing': True, 'mysql_engine': 'InnoDB', |
|
1716 | {'extend_existing': True, 'mysql_engine': 'InnoDB', | |
1717 | 'mysql_charset': 'utf8'}, |
|
1717 | 'mysql_charset': 'utf8'}, | |
1718 | ) |
|
1718 | ) | |
1719 | comment_id = Column('comment_id', Integer(), nullable=False, primary_key=True) |
|
1719 | comment_id = Column('comment_id', Integer(), nullable=False, primary_key=True) | |
1720 | repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False) |
|
1720 | repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False) | |
1721 | revision = Column('revision', String(40), nullable=True) |
|
1721 | revision = Column('revision', String(40), nullable=True) | |
1722 | pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True) |
|
1722 | pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True) | |
1723 | line_no = Column('line_no', Unicode(10), nullable=True) |
|
1723 | line_no = Column('line_no', Unicode(10), nullable=True) | |
1724 | hl_lines = Column('hl_lines', Unicode(512), nullable=True) |
|
1724 | hl_lines = Column('hl_lines', Unicode(512), nullable=True) | |
1725 | f_path = Column('f_path', Unicode(1000), nullable=True) |
|
1725 | f_path = Column('f_path', Unicode(1000), nullable=True) | |
1726 | user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False) |
|
1726 | user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False) | |
1727 | text = Column('text', UnicodeText(25000), nullable=False) |
|
1727 | text = Column('text', UnicodeText(25000), nullable=False) | |
1728 | created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now) |
|
1728 | created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now) | |
1729 | modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now) |
|
1729 | modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now) | |
1730 |
|
1730 | |||
1731 | author = relationship('User', lazy='joined') |
|
1731 | author = relationship('User', lazy='joined') | |
1732 | repo = relationship('Repository') |
|
1732 | repo = relationship('Repository') | |
1733 | status_change = relationship('ChangesetStatus', cascade="all, delete, delete-orphan") |
|
1733 | status_change = relationship('ChangesetStatus', cascade="all, delete, delete-orphan") | |
1734 | pull_request = relationship('PullRequest', lazy='joined') |
|
1734 | pull_request = relationship('PullRequest', lazy='joined') | |
1735 |
|
1735 | |||
1736 | @classmethod |
|
1736 | @classmethod | |
1737 | def get_users(cls, revision=None, pull_request_id=None): |
|
1737 | def get_users(cls, revision=None, pull_request_id=None): | |
1738 | """ |
|
1738 | """ | |
1739 | Returns user associated with this ChangesetComment. ie those |
|
1739 | Returns user associated with this ChangesetComment. ie those | |
1740 | who actually commented |
|
1740 | who actually commented | |
1741 |
|
1741 | |||
1742 | :param cls: |
|
1742 | :param cls: | |
1743 | :param revision: |
|
1743 | :param revision: | |
1744 | """ |
|
1744 | """ | |
1745 | q = Session().query(User)\ |
|
1745 | q = Session().query(User)\ | |
1746 | .join(ChangesetComment.author) |
|
1746 | .join(ChangesetComment.author) | |
1747 | if revision: |
|
1747 | if revision: | |
1748 | q = q.filter(cls.revision == revision) |
|
1748 | q = q.filter(cls.revision == revision) | |
1749 | elif pull_request_id: |
|
1749 | elif pull_request_id: | |
1750 | q = q.filter(cls.pull_request_id == pull_request_id) |
|
1750 | q = q.filter(cls.pull_request_id == pull_request_id) | |
1751 | return q.all() |
|
1751 | return q.all() | |
1752 |
|
1752 | |||
1753 |
|
1753 | |||
1754 | class ChangesetStatus(Base, BaseModel): |
|
1754 | class ChangesetStatus(Base, BaseModel): | |
1755 | __tablename__ = 'changeset_statuses' |
|
1755 | __tablename__ = 'changeset_statuses' | |
1756 | __table_args__ = ( |
|
1756 | __table_args__ = ( | |
1757 | Index('cs_revision_idx', 'revision'), |
|
1757 | Index('cs_revision_idx', 'revision'), | |
1758 | Index('cs_version_idx', 'version'), |
|
1758 | Index('cs_version_idx', 'version'), | |
1759 | UniqueConstraint('repo_id', 'revision', 'version'), |
|
1759 | UniqueConstraint('repo_id', 'revision', 'version'), | |
1760 | {'extend_existing': True, 'mysql_engine': 'InnoDB', |
|
1760 | {'extend_existing': True, 'mysql_engine': 'InnoDB', | |
1761 | 'mysql_charset': 'utf8'} |
|
1761 | 'mysql_charset': 'utf8'} | |
1762 | ) |
|
1762 | ) | |
1763 | STATUS_NOT_REVIEWED = DEFAULT = 'not_reviewed' |
|
1763 | STATUS_NOT_REVIEWED = DEFAULT = 'not_reviewed' | |
1764 | STATUS_APPROVED = 'approved' |
|
1764 | STATUS_APPROVED = 'approved' | |
1765 | STATUS_REJECTED = 'rejected' |
|
1765 | STATUS_REJECTED = 'rejected' | |
1766 | STATUS_UNDER_REVIEW = 'under_review' |
|
1766 | STATUS_UNDER_REVIEW = 'under_review' | |
1767 |
|
1767 | |||
1768 | STATUSES = [ |
|
1768 | STATUSES = [ | |
1769 | (STATUS_NOT_REVIEWED, _("Not Reviewed")), # (no icon) and default |
|
1769 | (STATUS_NOT_REVIEWED, _("Not Reviewed")), # (no icon) and default | |
1770 | (STATUS_APPROVED, _("Approved")), |
|
1770 | (STATUS_APPROVED, _("Approved")), | |
1771 | (STATUS_REJECTED, _("Rejected")), |
|
1771 | (STATUS_REJECTED, _("Rejected")), | |
1772 | (STATUS_UNDER_REVIEW, _("Under Review")), |
|
1772 | (STATUS_UNDER_REVIEW, _("Under Review")), | |
1773 | ] |
|
1773 | ] | |
1774 |
|
1774 | |||
1775 | changeset_status_id = Column('changeset_status_id', Integer(), nullable=False, primary_key=True) |
|
1775 | changeset_status_id = Column('changeset_status_id', Integer(), nullable=False, primary_key=True) | |
1776 | repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False) |
|
1776 | repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False) | |
1777 | user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None) |
|
1777 | user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None) | |
1778 | revision = Column('revision', String(40), nullable=False) |
|
1778 | revision = Column('revision', String(40), nullable=False) | |
1779 | status = Column('status', String(128), nullable=False, default=DEFAULT) |
|
1779 | status = Column('status', String(128), nullable=False, default=DEFAULT) | |
1780 | changeset_comment_id = Column('changeset_comment_id', Integer(), ForeignKey('changeset_comments.comment_id')) |
|
1780 | changeset_comment_id = Column('changeset_comment_id', Integer(), ForeignKey('changeset_comments.comment_id')) | |
1781 | modified_at = Column('modified_at', DateTime(), nullable=False, default=datetime.datetime.now) |
|
1781 | modified_at = Column('modified_at', DateTime(), nullable=False, default=datetime.datetime.now) | |
1782 | version = Column('version', Integer(), nullable=False, default=0) |
|
1782 | version = Column('version', Integer(), nullable=False, default=0) | |
1783 | pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True) |
|
1783 | pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True) | |
1784 |
|
1784 | |||
1785 | author = relationship('User', lazy='joined') |
|
1785 | author = relationship('User', lazy='joined') | |
1786 | repo = relationship('Repository') |
|
1786 | repo = relationship('Repository') | |
1787 | comment = relationship('ChangesetComment', lazy='joined') |
|
1787 | comment = relationship('ChangesetComment', lazy='joined') | |
1788 | pull_request = relationship('PullRequest', lazy='joined') |
|
1788 | pull_request = relationship('PullRequest', lazy='joined') | |
1789 |
|
1789 | |||
1790 | def __unicode__(self): |
|
1790 | def __unicode__(self): | |
1791 | return u"<%s('%s:%s')>" % ( |
|
1791 | return u"<%s('%s:%s')>" % ( | |
1792 | self.__class__.__name__, |
|
1792 | self.__class__.__name__, | |
1793 | self.status, self.author |
|
1793 | self.status, self.author | |
1794 | ) |
|
1794 | ) | |
1795 |
|
1795 | |||
1796 | @classmethod |
|
1796 | @classmethod | |
1797 | def get_status_lbl(cls, value): |
|
1797 | def get_status_lbl(cls, value): | |
1798 | return dict(cls.STATUSES).get(value) |
|
1798 | return dict(cls.STATUSES).get(value) | |
1799 |
|
1799 | |||
1800 | @property |
|
1800 | @property | |
1801 | def status_lbl(self): |
|
1801 | def status_lbl(self): | |
1802 | return ChangesetStatus.get_status_lbl(self.status) |
|
1802 | return ChangesetStatus.get_status_lbl(self.status) | |
1803 |
|
1803 | |||
1804 |
|
1804 | |||
1805 | class PullRequest(Base, BaseModel): |
|
1805 | class PullRequest(Base, BaseModel): | |
1806 | __tablename__ = 'pull_requests' |
|
1806 | __tablename__ = 'pull_requests' | |
1807 | __table_args__ = ( |
|
1807 | __table_args__ = ( | |
1808 | {'extend_existing': True, 'mysql_engine': 'InnoDB', |
|
1808 | {'extend_existing': True, 'mysql_engine': 'InnoDB', | |
1809 | 'mysql_charset': 'utf8'}, |
|
1809 | 'mysql_charset': 'utf8'}, | |
1810 | ) |
|
1810 | ) | |
1811 |
|
1811 | |||
1812 | STATUS_NEW = u'new' |
|
1812 | STATUS_NEW = u'new' | |
1813 | STATUS_OPEN = u'open' |
|
1813 | STATUS_OPEN = u'open' | |
1814 | STATUS_CLOSED = u'closed' |
|
1814 | STATUS_CLOSED = u'closed' | |
1815 |
|
1815 | |||
1816 | pull_request_id = Column('pull_request_id', Integer(), nullable=False, primary_key=True) |
|
1816 | pull_request_id = Column('pull_request_id', Integer(), nullable=False, primary_key=True) | |
1817 | title = Column('title', Unicode(256), nullable=True) |
|
1817 | title = Column('title', Unicode(256), nullable=True) | |
1818 | description = Column('description', UnicodeText(10240), nullable=True) |
|
1818 | description = Column('description', UnicodeText(10240), nullable=True) | |
1819 | status = Column('status', Unicode(256), nullable=False, default=STATUS_NEW) |
|
1819 | status = Column('status', Unicode(256), nullable=False, default=STATUS_NEW) | |
1820 | created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now) |
|
1820 | created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now) | |
1821 | updated_on = Column('updated_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now) |
|
1821 | updated_on = Column('updated_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now) | |
1822 | user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None) |
|
1822 | user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None) | |
1823 | _revisions = Column('revisions', UnicodeText(20500)) # 500 revisions max |
|
1823 | _revisions = Column('revisions', UnicodeText(20500)) # 500 revisions max | |
1824 | org_repo_id = Column('org_repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False) |
|
1824 | org_repo_id = Column('org_repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False) | |
1825 | org_ref = Column('org_ref', Unicode(256), nullable=False) |
|
1825 | org_ref = Column('org_ref', Unicode(256), nullable=False) | |
1826 | other_repo_id = Column('other_repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False) |
|
1826 | other_repo_id = Column('other_repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False) | |
1827 | other_ref = Column('other_ref', Unicode(256), nullable=False) |
|
1827 | other_ref = Column('other_ref', Unicode(256), nullable=False) | |
1828 |
|
1828 | |||
1829 | @hybrid_property |
|
1829 | @hybrid_property | |
1830 | def revisions(self): |
|
1830 | def revisions(self): | |
1831 | return self._revisions.split(':') |
|
1831 | return self._revisions.split(':') | |
1832 |
|
1832 | |||
1833 | @revisions.setter |
|
1833 | @revisions.setter | |
1834 | def revisions(self, val): |
|
1834 | def revisions(self, val): | |
1835 | self._revisions = ':'.join(val) |
|
1835 | self._revisions = ':'.join(val) | |
1836 |
|
1836 | |||
1837 | @property |
|
1837 | @property | |
1838 | def org_ref_parts(self): |
|
1838 | def org_ref_parts(self): | |
1839 | return self.org_ref.split(':') |
|
1839 | return self.org_ref.split(':') | |
1840 |
|
1840 | |||
1841 | @property |
|
1841 | @property | |
1842 | def other_ref_parts(self): |
|
1842 | def other_ref_parts(self): | |
1843 | return self.other_ref.split(':') |
|
1843 | return self.other_ref.split(':') | |
1844 |
|
1844 | |||
1845 | author = relationship('User', lazy='joined') |
|
1845 | author = relationship('User', lazy='joined') | |
1846 | reviewers = relationship('PullRequestReviewers', |
|
1846 | reviewers = relationship('PullRequestReviewers', | |
1847 | cascade="all, delete, delete-orphan") |
|
1847 | cascade="all, delete, delete-orphan") | |
1848 | org_repo = relationship('Repository', primaryjoin='PullRequest.org_repo_id==Repository.repo_id') |
|
1848 | org_repo = relationship('Repository', primaryjoin='PullRequest.org_repo_id==Repository.repo_id') | |
1849 | other_repo = relationship('Repository', primaryjoin='PullRequest.other_repo_id==Repository.repo_id') |
|
1849 | other_repo = relationship('Repository', primaryjoin='PullRequest.other_repo_id==Repository.repo_id') | |
1850 | statuses = relationship('ChangesetStatus') |
|
1850 | statuses = relationship('ChangesetStatus') | |
1851 | comments = relationship('ChangesetComment', |
|
1851 | comments = relationship('ChangesetComment', | |
1852 | cascade="all, delete, delete-orphan") |
|
1852 | cascade="all, delete, delete-orphan") | |
1853 |
|
1853 | |||
1854 | def is_closed(self): |
|
1854 | def is_closed(self): | |
1855 | return self.status == self.STATUS_CLOSED |
|
1855 | return self.status == self.STATUS_CLOSED | |
1856 |
|
1856 | |||
1857 | def __json__(self): |
|
1857 | def __json__(self): | |
1858 | return dict( |
|
1858 | return dict( | |
1859 | revisions=self.revisions |
|
1859 | revisions=self.revisions | |
1860 | ) |
|
1860 | ) | |
1861 |
|
1861 | |||
1862 |
|
1862 | |||
1863 | class PullRequestReviewers(Base, BaseModel): |
|
1863 | class PullRequestReviewers(Base, BaseModel): | |
1864 | __tablename__ = 'pull_request_reviewers' |
|
1864 | __tablename__ = 'pull_request_reviewers' | |
1865 | __table_args__ = ( |
|
1865 | __table_args__ = ( | |
1866 | {'extend_existing': True, 'mysql_engine': 'InnoDB', |
|
1866 | {'extend_existing': True, 'mysql_engine': 'InnoDB', | |
1867 | 'mysql_charset': 'utf8'}, |
|
1867 | 'mysql_charset': 'utf8'}, | |
1868 | ) |
|
1868 | ) | |
1869 |
|
1869 | |||
1870 | def __init__(self, user=None, pull_request=None): |
|
1870 | def __init__(self, user=None, pull_request=None): | |
1871 | self.user = user |
|
1871 | self.user = user | |
1872 | self.pull_request = pull_request |
|
1872 | self.pull_request = pull_request | |
1873 |
|
1873 | |||
1874 | pull_requests_reviewers_id = Column('pull_requests_reviewers_id', Integer(), nullable=False, primary_key=True) |
|
1874 | pull_requests_reviewers_id = Column('pull_requests_reviewers_id', Integer(), nullable=False, primary_key=True) | |
1875 | pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=False) |
|
1875 | pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=False) | |
1876 | user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True) |
|
1876 | user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True) | |
1877 |
|
1877 | |||
1878 | user = relationship('User') |
|
1878 | user = relationship('User') | |
1879 | pull_request = relationship('PullRequest') |
|
1879 | pull_request = relationship('PullRequest') | |
1880 |
|
1880 | |||
1881 |
|
1881 | |||
1882 | class Notification(Base, BaseModel): |
|
1882 | class Notification(Base, BaseModel): | |
1883 | __tablename__ = 'notifications' |
|
1883 | __tablename__ = 'notifications' | |
1884 | __table_args__ = ( |
|
1884 | __table_args__ = ( | |
1885 | Index('notification_type_idx', 'type'), |
|
1885 | Index('notification_type_idx', 'type'), | |
1886 | {'extend_existing': True, 'mysql_engine': 'InnoDB', |
|
1886 | {'extend_existing': True, 'mysql_engine': 'InnoDB', | |
1887 | 'mysql_charset': 'utf8'}, |
|
1887 | 'mysql_charset': 'utf8'}, | |
1888 | ) |
|
1888 | ) | |
1889 |
|
1889 | |||
1890 | TYPE_CHANGESET_COMMENT = u'cs_comment' |
|
1890 | TYPE_CHANGESET_COMMENT = u'cs_comment' | |
1891 | TYPE_MESSAGE = u'message' |
|
1891 | TYPE_MESSAGE = u'message' | |
1892 | TYPE_MENTION = u'mention' |
|
1892 | TYPE_MENTION = u'mention' | |
1893 | TYPE_REGISTRATION = u'registration' |
|
1893 | TYPE_REGISTRATION = u'registration' | |
1894 | TYPE_PULL_REQUEST = u'pull_request' |
|
1894 | TYPE_PULL_REQUEST = u'pull_request' | |
1895 | TYPE_PULL_REQUEST_COMMENT = u'pull_request_comment' |
|
1895 | TYPE_PULL_REQUEST_COMMENT = u'pull_request_comment' | |
1896 |
|
1896 | |||
1897 | notification_id = Column('notification_id', Integer(), nullable=False, primary_key=True) |
|
1897 | notification_id = Column('notification_id', Integer(), nullable=False, primary_key=True) | |
1898 | subject = Column('subject', Unicode(512), nullable=True) |
|
1898 | subject = Column('subject', Unicode(512), nullable=True) | |
1899 | body = Column('body', UnicodeText(50000), nullable=True) |
|
1899 | body = Column('body', UnicodeText(50000), nullable=True) | |
1900 | created_by = Column("created_by", Integer(), ForeignKey('users.user_id'), nullable=True) |
|
1900 | created_by = Column("created_by", Integer(), ForeignKey('users.user_id'), nullable=True) | |
1901 | created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now) |
|
1901 | created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now) | |
1902 | type_ = Column('type', Unicode(256)) |
|
1902 | type_ = Column('type', Unicode(256)) | |
1903 |
|
1903 | |||
1904 | created_by_user = relationship('User') |
|
1904 | created_by_user = relationship('User') | |
1905 | notifications_to_users = relationship('UserNotification', lazy='joined', |
|
1905 | notifications_to_users = relationship('UserNotification', lazy='joined', | |
1906 | cascade="all, delete, delete-orphan") |
|
1906 | cascade="all, delete, delete-orphan") | |
1907 |
|
1907 | |||
1908 | @property |
|
1908 | @property | |
1909 | def recipients(self): |
|
1909 | def recipients(self): | |
1910 | return [x.user for x in UserNotification.query()\ |
|
1910 | return [x.user for x in UserNotification.query()\ | |
1911 | .filter(UserNotification.notification == self)\ |
|
1911 | .filter(UserNotification.notification == self)\ | |
1912 | .order_by(UserNotification.user_id.asc()).all()] |
|
1912 | .order_by(UserNotification.user_id.asc()).all()] | |
1913 |
|
1913 | |||
1914 | @classmethod |
|
1914 | @classmethod | |
1915 | def create(cls, created_by, subject, body, recipients, type_=None): |
|
1915 | def create(cls, created_by, subject, body, recipients, type_=None): | |
1916 | if type_ is None: |
|
1916 | if type_ is None: | |
1917 | type_ = Notification.TYPE_MESSAGE |
|
1917 | type_ = Notification.TYPE_MESSAGE | |
1918 |
|
1918 | |||
1919 | notification = cls() |
|
1919 | notification = cls() | |
1920 | notification.created_by_user = created_by |
|
1920 | notification.created_by_user = created_by | |
1921 | notification.subject = subject |
|
1921 | notification.subject = subject | |
1922 | notification.body = body |
|
1922 | notification.body = body | |
1923 | notification.type_ = type_ |
|
1923 | notification.type_ = type_ | |
1924 | notification.created_on = datetime.datetime.now() |
|
1924 | notification.created_on = datetime.datetime.now() | |
1925 |
|
1925 | |||
1926 | for u in recipients: |
|
1926 | for u in recipients: | |
1927 | assoc = UserNotification() |
|
1927 | assoc = UserNotification() | |
1928 | assoc.notification = notification |
|
1928 | assoc.notification = notification | |
1929 | u.notifications.append(assoc) |
|
1929 | u.notifications.append(assoc) | |
1930 | Session().add(notification) |
|
1930 | Session().add(notification) | |
1931 | return notification |
|
1931 | return notification | |
1932 |
|
1932 | |||
1933 | @property |
|
1933 | @property | |
1934 | def description(self): |
|
1934 | def description(self): | |
1935 | from rhodecode.model.notification import NotificationModel |
|
1935 | from rhodecode.model.notification import NotificationModel | |
1936 | return NotificationModel().make_description(self) |
|
1936 | return NotificationModel().make_description(self) | |
1937 |
|
1937 | |||
1938 |
|
1938 | |||
1939 | class UserNotification(Base, BaseModel): |
|
1939 | class UserNotification(Base, BaseModel): | |
1940 | __tablename__ = 'user_to_notification' |
|
1940 | __tablename__ = 'user_to_notification' | |
1941 | __table_args__ = ( |
|
1941 | __table_args__ = ( | |
1942 | UniqueConstraint('user_id', 'notification_id'), |
|
1942 | UniqueConstraint('user_id', 'notification_id'), | |
1943 | {'extend_existing': True, 'mysql_engine': 'InnoDB', |
|
1943 | {'extend_existing': True, 'mysql_engine': 'InnoDB', | |
1944 | 'mysql_charset': 'utf8'} |
|
1944 | 'mysql_charset': 'utf8'} | |
1945 | ) |
|
1945 | ) | |
1946 | user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), primary_key=True) |
|
1946 | user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), primary_key=True) | |
1947 | notification_id = Column("notification_id", Integer(), ForeignKey('notifications.notification_id'), primary_key=True) |
|
1947 | notification_id = Column("notification_id", Integer(), ForeignKey('notifications.notification_id'), primary_key=True) | |
1948 | read = Column('read', Boolean, default=False) |
|
1948 | read = Column('read', Boolean, default=False) | |
1949 | sent_on = Column('sent_on', DateTime(timezone=False), nullable=True, unique=None) |
|
1949 | sent_on = Column('sent_on', DateTime(timezone=False), nullable=True, unique=None) | |
1950 |
|
1950 | |||
1951 | user = relationship('User', lazy="joined") |
|
1951 | user = relationship('User', lazy="joined") | |
1952 | notification = relationship('Notification', lazy="joined", |
|
1952 | notification = relationship('Notification', lazy="joined", | |
1953 | order_by=lambda: Notification.created_on.desc(),) |
|
1953 | order_by=lambda: Notification.created_on.desc(),) | |
1954 |
|
1954 | |||
1955 | def mark_as_read(self): |
|
1955 | def mark_as_read(self): | |
1956 | self.read = True |
|
1956 | self.read = True | |
1957 | Session().add(self) |
|
1957 | Session().add(self) | |
1958 |
|
1958 | |||
1959 |
|
1959 | |||
1960 | class DbMigrateVersion(Base, BaseModel): |
|
1960 | class DbMigrateVersion(Base, BaseModel): | |
1961 | __tablename__ = 'db_migrate_version' |
|
1961 | __tablename__ = 'db_migrate_version' | |
1962 | __table_args__ = ( |
|
1962 | __table_args__ = ( | |
1963 | {'extend_existing': True, 'mysql_engine': 'InnoDB', |
|
1963 | {'extend_existing': True, 'mysql_engine': 'InnoDB', | |
1964 | 'mysql_charset': 'utf8'}, |
|
1964 | 'mysql_charset': 'utf8'}, | |
1965 | ) |
|
1965 | ) | |
1966 | repository_id = Column('repository_id', String(250), primary_key=True) |
|
1966 | repository_id = Column('repository_id', String(250), primary_key=True) | |
1967 | repository_path = Column('repository_path', Text) |
|
1967 | repository_path = Column('repository_path', Text) | |
1968 | version = Column('version', Integer) |
|
1968 | version = Column('version', Integer) |
@@ -1,745 +1,742 b'' | |||||
1 | """ |
|
1 | """ | |
2 | Set of generic validators |
|
2 | Set of generic validators | |
3 | """ |
|
3 | """ | |
4 | import os |
|
4 | import os | |
5 | import re |
|
5 | import re | |
6 | import formencode |
|
6 | import formencode | |
7 | import logging |
|
7 | import logging | |
8 | from collections import defaultdict |
|
8 | from collections import defaultdict | |
9 | from pylons.i18n.translation import _ |
|
9 | from pylons.i18n.translation import _ | |
10 | from webhelpers.pylonslib.secure_form import authentication_token |
|
10 | from webhelpers.pylonslib.secure_form import authentication_token | |
11 |
|
11 | |||
12 | from formencode.validators import ( |
|
12 | from formencode.validators import ( | |
13 | UnicodeString, OneOf, Int, Number, Regex, Email, Bool, StringBoolean, Set, |
|
13 | UnicodeString, OneOf, Int, Number, Regex, Email, Bool, StringBoolean, Set, | |
14 | NotEmpty, IPAddress, CIDR |
|
14 | NotEmpty, IPAddress, CIDR | |
15 | ) |
|
15 | ) | |
16 | from rhodecode.lib.compat import OrderedSet |
|
16 | from rhodecode.lib.compat import OrderedSet | |
|
17 | from rhodecode.lib import ipaddr | |||
17 | from rhodecode.lib.utils import repo_name_slug |
|
18 | from rhodecode.lib.utils import repo_name_slug | |
18 | from rhodecode.model.db import RepoGroup, Repository, UsersGroup, User,\ |
|
19 | from rhodecode.model.db import RepoGroup, Repository, UsersGroup, User,\ | |
19 | ChangesetStatus |
|
20 | ChangesetStatus | |
20 | from rhodecode.lib.exceptions import LdapImportError |
|
21 | from rhodecode.lib.exceptions import LdapImportError | |
21 | from rhodecode.config.routing import ADMIN_PREFIX |
|
22 | from rhodecode.config.routing import ADMIN_PREFIX | |
22 | from rhodecode.lib.auth import HasReposGroupPermissionAny |
|
23 | from rhodecode.lib.auth import HasReposGroupPermissionAny | |
23 |
|
24 | |||
24 | # silence warnings and pylint |
|
25 | # silence warnings and pylint | |
25 | UnicodeString, OneOf, Int, Number, Regex, Email, Bool, StringBoolean, Set, \ |
|
26 | UnicodeString, OneOf, Int, Number, Regex, Email, Bool, StringBoolean, Set, \ | |
26 | NotEmpty, IPAddress, CIDR |
|
27 | NotEmpty, IPAddress, CIDR | |
27 |
|
28 | |||
28 | log = logging.getLogger(__name__) |
|
29 | log = logging.getLogger(__name__) | |
29 |
|
30 | |||
30 |
|
31 | |||
31 | class UniqueList(formencode.FancyValidator): |
|
32 | class UniqueList(formencode.FancyValidator): | |
32 | """ |
|
33 | """ | |
33 | Unique List ! |
|
34 | Unique List ! | |
34 | """ |
|
35 | """ | |
35 | messages = dict( |
|
36 | messages = dict( | |
36 | empty=_('Value cannot be an empty list'), |
|
37 | empty=_('Value cannot be an empty list'), | |
37 | missing_value=_('Value cannot be an empty list'), |
|
38 | missing_value=_('Value cannot be an empty list'), | |
38 | ) |
|
39 | ) | |
39 |
|
40 | |||
40 | def _to_python(self, value, state): |
|
41 | def _to_python(self, value, state): | |
41 | if isinstance(value, list): |
|
42 | if isinstance(value, list): | |
42 | return value |
|
43 | return value | |
43 | elif isinstance(value, set): |
|
44 | elif isinstance(value, set): | |
44 | return list(value) |
|
45 | return list(value) | |
45 | elif isinstance(value, tuple): |
|
46 | elif isinstance(value, tuple): | |
46 | return list(value) |
|
47 | return list(value) | |
47 | elif value is None: |
|
48 | elif value is None: | |
48 | return [] |
|
49 | return [] | |
49 | else: |
|
50 | else: | |
50 | return [value] |
|
51 | return [value] | |
51 |
|
52 | |||
52 | def empty_value(self, value): |
|
53 | def empty_value(self, value): | |
53 | return [] |
|
54 | return [] | |
54 |
|
55 | |||
55 |
|
56 | |||
56 | class StateObj(object): |
|
57 | class StateObj(object): | |
57 | """ |
|
58 | """ | |
58 | this is needed to translate the messages using _() in validators |
|
59 | this is needed to translate the messages using _() in validators | |
59 | """ |
|
60 | """ | |
60 | _ = staticmethod(_) |
|
61 | _ = staticmethod(_) | |
61 |
|
62 | |||
62 |
|
63 | |||
63 | def M(self, key, state=None, **kwargs): |
|
64 | def M(self, key, state=None, **kwargs): | |
64 | """ |
|
65 | """ | |
65 | returns string from self.message based on given key, |
|
66 | returns string from self.message based on given key, | |
66 | passed kw params are used to substitute %(named)s params inside |
|
67 | passed kw params are used to substitute %(named)s params inside | |
67 | translated strings |
|
68 | translated strings | |
68 |
|
69 | |||
69 | :param msg: |
|
70 | :param msg: | |
70 | :param state: |
|
71 | :param state: | |
71 | """ |
|
72 | """ | |
72 | if state is None: |
|
73 | if state is None: | |
73 | state = StateObj() |
|
74 | state = StateObj() | |
74 | else: |
|
75 | else: | |
75 | state._ = staticmethod(_) |
|
76 | state._ = staticmethod(_) | |
76 | #inject validator into state object |
|
77 | #inject validator into state object | |
77 | return self.message(key, state, **kwargs) |
|
78 | return self.message(key, state, **kwargs) | |
78 |
|
79 | |||
79 |
|
80 | |||
80 | def ValidUsername(edit=False, old_data={}): |
|
81 | def ValidUsername(edit=False, old_data={}): | |
81 | class _validator(formencode.validators.FancyValidator): |
|
82 | class _validator(formencode.validators.FancyValidator): | |
82 | messages = { |
|
83 | messages = { | |
83 | 'username_exists': _(u'Username "%(username)s" already exists'), |
|
84 | 'username_exists': _(u'Username "%(username)s" already exists'), | |
84 | 'system_invalid_username': |
|
85 | 'system_invalid_username': | |
85 | _(u'Username "%(username)s" is forbidden'), |
|
86 | _(u'Username "%(username)s" is forbidden'), | |
86 | 'invalid_username': |
|
87 | 'invalid_username': | |
87 | _(u'Username may only contain alphanumeric characters ' |
|
88 | _(u'Username may only contain alphanumeric characters ' | |
88 | 'underscores, periods or dashes and must begin with ' |
|
89 | 'underscores, periods or dashes and must begin with ' | |
89 | 'alphanumeric character') |
|
90 | 'alphanumeric character') | |
90 | } |
|
91 | } | |
91 |
|
92 | |||
92 | def validate_python(self, value, state): |
|
93 | def validate_python(self, value, state): | |
93 | if value in ['default', 'new_user']: |
|
94 | if value in ['default', 'new_user']: | |
94 | msg = M(self, 'system_invalid_username', state, username=value) |
|
95 | msg = M(self, 'system_invalid_username', state, username=value) | |
95 | raise formencode.Invalid(msg, value, state) |
|
96 | raise formencode.Invalid(msg, value, state) | |
96 | #check if user is unique |
|
97 | #check if user is unique | |
97 | old_un = None |
|
98 | old_un = None | |
98 | if edit: |
|
99 | if edit: | |
99 | old_un = User.get(old_data.get('user_id')).username |
|
100 | old_un = User.get(old_data.get('user_id')).username | |
100 |
|
101 | |||
101 | if old_un != value or not edit: |
|
102 | if old_un != value or not edit: | |
102 | if User.get_by_username(value, case_insensitive=True): |
|
103 | if User.get_by_username(value, case_insensitive=True): | |
103 | msg = M(self, 'username_exists', state, username=value) |
|
104 | msg = M(self, 'username_exists', state, username=value) | |
104 | raise formencode.Invalid(msg, value, state) |
|
105 | raise formencode.Invalid(msg, value, state) | |
105 |
|
106 | |||
106 | if re.match(r'^[a-zA-Z0-9]{1}[a-zA-Z0-9\-\_\.]*$', value) is None: |
|
107 | if re.match(r'^[a-zA-Z0-9]{1}[a-zA-Z0-9\-\_\.]*$', value) is None: | |
107 | msg = M(self, 'invalid_username', state) |
|
108 | msg = M(self, 'invalid_username', state) | |
108 | raise formencode.Invalid(msg, value, state) |
|
109 | raise formencode.Invalid(msg, value, state) | |
109 | return _validator |
|
110 | return _validator | |
110 |
|
111 | |||
111 |
|
112 | |||
112 | def ValidRepoUser(): |
|
113 | def ValidRepoUser(): | |
113 | class _validator(formencode.validators.FancyValidator): |
|
114 | class _validator(formencode.validators.FancyValidator): | |
114 | messages = { |
|
115 | messages = { | |
115 | 'invalid_username': _(u'Username %(username)s is not valid') |
|
116 | 'invalid_username': _(u'Username %(username)s is not valid') | |
116 | } |
|
117 | } | |
117 |
|
118 | |||
118 | def validate_python(self, value, state): |
|
119 | def validate_python(self, value, state): | |
119 | try: |
|
120 | try: | |
120 | User.query().filter(User.active == True)\ |
|
121 | User.query().filter(User.active == True)\ | |
121 | .filter(User.username == value).one() |
|
122 | .filter(User.username == value).one() | |
122 | except Exception: |
|
123 | except Exception: | |
123 | msg = M(self, 'invalid_username', state, username=value) |
|
124 | msg = M(self, 'invalid_username', state, username=value) | |
124 | raise formencode.Invalid(msg, value, state, |
|
125 | raise formencode.Invalid(msg, value, state, | |
125 | error_dict=dict(username=msg) |
|
126 | error_dict=dict(username=msg) | |
126 | ) |
|
127 | ) | |
127 |
|
128 | |||
128 | return _validator |
|
129 | return _validator | |
129 |
|
130 | |||
130 |
|
131 | |||
131 | def ValidUsersGroup(edit=False, old_data={}): |
|
132 | def ValidUsersGroup(edit=False, old_data={}): | |
132 | class _validator(formencode.validators.FancyValidator): |
|
133 | class _validator(formencode.validators.FancyValidator): | |
133 | messages = { |
|
134 | messages = { | |
134 | 'invalid_group': _(u'Invalid users group name'), |
|
135 | 'invalid_group': _(u'Invalid users group name'), | |
135 | 'group_exist': _(u'Users group "%(usersgroup)s" already exists'), |
|
136 | 'group_exist': _(u'Users group "%(usersgroup)s" already exists'), | |
136 | 'invalid_usersgroup_name': |
|
137 | 'invalid_usersgroup_name': | |
137 | _(u'users group name may only contain alphanumeric ' |
|
138 | _(u'users group name may only contain alphanumeric ' | |
138 | 'characters underscores, periods or dashes and must begin ' |
|
139 | 'characters underscores, periods or dashes and must begin ' | |
139 | 'with alphanumeric character') |
|
140 | 'with alphanumeric character') | |
140 | } |
|
141 | } | |
141 |
|
142 | |||
142 | def validate_python(self, value, state): |
|
143 | def validate_python(self, value, state): | |
143 | if value in ['default']: |
|
144 | if value in ['default']: | |
144 | msg = M(self, 'invalid_group', state) |
|
145 | msg = M(self, 'invalid_group', state) | |
145 | raise formencode.Invalid(msg, value, state, |
|
146 | raise formencode.Invalid(msg, value, state, | |
146 | error_dict=dict(users_group_name=msg) |
|
147 | error_dict=dict(users_group_name=msg) | |
147 | ) |
|
148 | ) | |
148 | #check if group is unique |
|
149 | #check if group is unique | |
149 | old_ugname = None |
|
150 | old_ugname = None | |
150 | if edit: |
|
151 | if edit: | |
151 | old_id = old_data.get('users_group_id') |
|
152 | old_id = old_data.get('users_group_id') | |
152 | old_ugname = UsersGroup.get(old_id).users_group_name |
|
153 | old_ugname = UsersGroup.get(old_id).users_group_name | |
153 |
|
154 | |||
154 | if old_ugname != value or not edit: |
|
155 | if old_ugname != value or not edit: | |
155 | is_existing_group = UsersGroup.get_by_group_name(value, |
|
156 | is_existing_group = UsersGroup.get_by_group_name(value, | |
156 | case_insensitive=True) |
|
157 | case_insensitive=True) | |
157 | if is_existing_group: |
|
158 | if is_existing_group: | |
158 | msg = M(self, 'group_exist', state, usersgroup=value) |
|
159 | msg = M(self, 'group_exist', state, usersgroup=value) | |
159 | raise formencode.Invalid(msg, value, state, |
|
160 | raise formencode.Invalid(msg, value, state, | |
160 | error_dict=dict(users_group_name=msg) |
|
161 | error_dict=dict(users_group_name=msg) | |
161 | ) |
|
162 | ) | |
162 |
|
163 | |||
163 | if re.match(r'^[a-zA-Z0-9]{1}[a-zA-Z0-9\-\_\.]+$', value) is None: |
|
164 | if re.match(r'^[a-zA-Z0-9]{1}[a-zA-Z0-9\-\_\.]+$', value) is None: | |
164 | msg = M(self, 'invalid_usersgroup_name', state) |
|
165 | msg = M(self, 'invalid_usersgroup_name', state) | |
165 | raise formencode.Invalid(msg, value, state, |
|
166 | raise formencode.Invalid(msg, value, state, | |
166 | error_dict=dict(users_group_name=msg) |
|
167 | error_dict=dict(users_group_name=msg) | |
167 | ) |
|
168 | ) | |
168 |
|
169 | |||
169 | return _validator |
|
170 | return _validator | |
170 |
|
171 | |||
171 |
|
172 | |||
172 | def ValidReposGroup(edit=False, old_data={}): |
|
173 | def ValidReposGroup(edit=False, old_data={}): | |
173 | class _validator(formencode.validators.FancyValidator): |
|
174 | class _validator(formencode.validators.FancyValidator): | |
174 | messages = { |
|
175 | messages = { | |
175 | 'group_parent_id': _(u'Cannot assign this group as parent'), |
|
176 | 'group_parent_id': _(u'Cannot assign this group as parent'), | |
176 | 'group_exists': _(u'Group "%(group_name)s" already exists'), |
|
177 | 'group_exists': _(u'Group "%(group_name)s" already exists'), | |
177 | 'repo_exists': |
|
178 | 'repo_exists': | |
178 | _(u'Repository with name "%(group_name)s" already exists') |
|
179 | _(u'Repository with name "%(group_name)s" already exists') | |
179 | } |
|
180 | } | |
180 |
|
181 | |||
181 | def validate_python(self, value, state): |
|
182 | def validate_python(self, value, state): | |
182 | # TODO WRITE VALIDATIONS |
|
183 | # TODO WRITE VALIDATIONS | |
183 | group_name = value.get('group_name') |
|
184 | group_name = value.get('group_name') | |
184 | group_parent_id = value.get('group_parent_id') |
|
185 | group_parent_id = value.get('group_parent_id') | |
185 |
|
186 | |||
186 | # slugify repo group just in case :) |
|
187 | # slugify repo group just in case :) | |
187 | slug = repo_name_slug(group_name) |
|
188 | slug = repo_name_slug(group_name) | |
188 |
|
189 | |||
189 | # check for parent of self |
|
190 | # check for parent of self | |
190 | parent_of_self = lambda: ( |
|
191 | parent_of_self = lambda: ( | |
191 | old_data['group_id'] == int(group_parent_id) |
|
192 | old_data['group_id'] == int(group_parent_id) | |
192 | if group_parent_id else False |
|
193 | if group_parent_id else False | |
193 | ) |
|
194 | ) | |
194 | if edit and parent_of_self(): |
|
195 | if edit and parent_of_self(): | |
195 | msg = M(self, 'group_parent_id', state) |
|
196 | msg = M(self, 'group_parent_id', state) | |
196 | raise formencode.Invalid(msg, value, state, |
|
197 | raise formencode.Invalid(msg, value, state, | |
197 | error_dict=dict(group_parent_id=msg) |
|
198 | error_dict=dict(group_parent_id=msg) | |
198 | ) |
|
199 | ) | |
199 |
|
200 | |||
200 | old_gname = None |
|
201 | old_gname = None | |
201 | if edit: |
|
202 | if edit: | |
202 | old_gname = RepoGroup.get(old_data.get('group_id')).group_name |
|
203 | old_gname = RepoGroup.get(old_data.get('group_id')).group_name | |
203 |
|
204 | |||
204 | if old_gname != group_name or not edit: |
|
205 | if old_gname != group_name or not edit: | |
205 |
|
206 | |||
206 | # check group |
|
207 | # check group | |
207 | gr = RepoGroup.query()\ |
|
208 | gr = RepoGroup.query()\ | |
208 | .filter(RepoGroup.group_name == slug)\ |
|
209 | .filter(RepoGroup.group_name == slug)\ | |
209 | .filter(RepoGroup.group_parent_id == group_parent_id)\ |
|
210 | .filter(RepoGroup.group_parent_id == group_parent_id)\ | |
210 | .scalar() |
|
211 | .scalar() | |
211 |
|
212 | |||
212 | if gr: |
|
213 | if gr: | |
213 | msg = M(self, 'group_exists', state, group_name=slug) |
|
214 | msg = M(self, 'group_exists', state, group_name=slug) | |
214 | raise formencode.Invalid(msg, value, state, |
|
215 | raise formencode.Invalid(msg, value, state, | |
215 | error_dict=dict(group_name=msg) |
|
216 | error_dict=dict(group_name=msg) | |
216 | ) |
|
217 | ) | |
217 |
|
218 | |||
218 | # check for same repo |
|
219 | # check for same repo | |
219 | repo = Repository.query()\ |
|
220 | repo = Repository.query()\ | |
220 | .filter(Repository.repo_name == slug)\ |
|
221 | .filter(Repository.repo_name == slug)\ | |
221 | .scalar() |
|
222 | .scalar() | |
222 |
|
223 | |||
223 | if repo: |
|
224 | if repo: | |
224 | msg = M(self, 'repo_exists', state, group_name=slug) |
|
225 | msg = M(self, 'repo_exists', state, group_name=slug) | |
225 | raise formencode.Invalid(msg, value, state, |
|
226 | raise formencode.Invalid(msg, value, state, | |
226 | error_dict=dict(group_name=msg) |
|
227 | error_dict=dict(group_name=msg) | |
227 | ) |
|
228 | ) | |
228 |
|
229 | |||
229 | return _validator |
|
230 | return _validator | |
230 |
|
231 | |||
231 |
|
232 | |||
232 | def ValidPassword(): |
|
233 | def ValidPassword(): | |
233 | class _validator(formencode.validators.FancyValidator): |
|
234 | class _validator(formencode.validators.FancyValidator): | |
234 | messages = { |
|
235 | messages = { | |
235 | 'invalid_password': |
|
236 | 'invalid_password': | |
236 | _(u'Invalid characters (non-ascii) in password') |
|
237 | _(u'Invalid characters (non-ascii) in password') | |
237 | } |
|
238 | } | |
238 |
|
239 | |||
239 | def validate_python(self, value, state): |
|
240 | def validate_python(self, value, state): | |
240 | try: |
|
241 | try: | |
241 | (value or '').decode('ascii') |
|
242 | (value or '').decode('ascii') | |
242 | except UnicodeError: |
|
243 | except UnicodeError: | |
243 | msg = M(self, 'invalid_password', state) |
|
244 | msg = M(self, 'invalid_password', state) | |
244 | raise formencode.Invalid(msg, value, state,) |
|
245 | raise formencode.Invalid(msg, value, state,) | |
245 | return _validator |
|
246 | return _validator | |
246 |
|
247 | |||
247 |
|
248 | |||
248 | def ValidPasswordsMatch(): |
|
249 | def ValidPasswordsMatch(): | |
249 | class _validator(formencode.validators.FancyValidator): |
|
250 | class _validator(formencode.validators.FancyValidator): | |
250 | messages = { |
|
251 | messages = { | |
251 | 'password_mismatch': _(u'Passwords do not match'), |
|
252 | 'password_mismatch': _(u'Passwords do not match'), | |
252 | } |
|
253 | } | |
253 |
|
254 | |||
254 | def validate_python(self, value, state): |
|
255 | def validate_python(self, value, state): | |
255 |
|
256 | |||
256 | pass_val = value.get('password') or value.get('new_password') |
|
257 | pass_val = value.get('password') or value.get('new_password') | |
257 | if pass_val != value['password_confirmation']: |
|
258 | if pass_val != value['password_confirmation']: | |
258 | msg = M(self, 'password_mismatch', state) |
|
259 | msg = M(self, 'password_mismatch', state) | |
259 | raise formencode.Invalid(msg, value, state, |
|
260 | raise formencode.Invalid(msg, value, state, | |
260 | error_dict=dict(password_confirmation=msg) |
|
261 | error_dict=dict(password_confirmation=msg) | |
261 | ) |
|
262 | ) | |
262 | return _validator |
|
263 | return _validator | |
263 |
|
264 | |||
264 |
|
265 | |||
265 | def ValidAuth(): |
|
266 | def ValidAuth(): | |
266 | class _validator(formencode.validators.FancyValidator): |
|
267 | class _validator(formencode.validators.FancyValidator): | |
267 | messages = { |
|
268 | messages = { | |
268 | 'invalid_password': _(u'invalid password'), |
|
269 | 'invalid_password': _(u'invalid password'), | |
269 | 'invalid_username': _(u'invalid user name'), |
|
270 | 'invalid_username': _(u'invalid user name'), | |
270 | 'disabled_account': _(u'Your account is disabled') |
|
271 | 'disabled_account': _(u'Your account is disabled') | |
271 | } |
|
272 | } | |
272 |
|
273 | |||
273 | def validate_python(self, value, state): |
|
274 | def validate_python(self, value, state): | |
274 | from rhodecode.lib.auth import authenticate |
|
275 | from rhodecode.lib.auth import authenticate | |
275 |
|
276 | |||
276 | password = value['password'] |
|
277 | password = value['password'] | |
277 | username = value['username'] |
|
278 | username = value['username'] | |
278 |
|
279 | |||
279 | if not authenticate(username, password): |
|
280 | if not authenticate(username, password): | |
280 | user = User.get_by_username(username) |
|
281 | user = User.get_by_username(username) | |
281 | if user and user.active is False: |
|
282 | if user and user.active is False: | |
282 | log.warning('user %s is disabled' % username) |
|
283 | log.warning('user %s is disabled' % username) | |
283 | msg = M(self, 'disabled_account', state) |
|
284 | msg = M(self, 'disabled_account', state) | |
284 | raise formencode.Invalid(msg, value, state, |
|
285 | raise formencode.Invalid(msg, value, state, | |
285 | error_dict=dict(username=msg) |
|
286 | error_dict=dict(username=msg) | |
286 | ) |
|
287 | ) | |
287 | else: |
|
288 | else: | |
288 | log.warning('user %s failed to authenticate' % username) |
|
289 | log.warning('user %s failed to authenticate' % username) | |
289 | msg = M(self, 'invalid_username', state) |
|
290 | msg = M(self, 'invalid_username', state) | |
290 | msg2 = M(self, 'invalid_password', state) |
|
291 | msg2 = M(self, 'invalid_password', state) | |
291 | raise formencode.Invalid(msg, value, state, |
|
292 | raise formencode.Invalid(msg, value, state, | |
292 | error_dict=dict(username=msg, password=msg2) |
|
293 | error_dict=dict(username=msg, password=msg2) | |
293 | ) |
|
294 | ) | |
294 | return _validator |
|
295 | return _validator | |
295 |
|
296 | |||
296 |
|
297 | |||
297 | def ValidAuthToken(): |
|
298 | def ValidAuthToken(): | |
298 | class _validator(formencode.validators.FancyValidator): |
|
299 | class _validator(formencode.validators.FancyValidator): | |
299 | messages = { |
|
300 | messages = { | |
300 | 'invalid_token': _(u'Token mismatch') |
|
301 | 'invalid_token': _(u'Token mismatch') | |
301 | } |
|
302 | } | |
302 |
|
303 | |||
303 | def validate_python(self, value, state): |
|
304 | def validate_python(self, value, state): | |
304 | if value != authentication_token(): |
|
305 | if value != authentication_token(): | |
305 | msg = M(self, 'invalid_token', state) |
|
306 | msg = M(self, 'invalid_token', state) | |
306 | raise formencode.Invalid(msg, value, state) |
|
307 | raise formencode.Invalid(msg, value, state) | |
307 | return _validator |
|
308 | return _validator | |
308 |
|
309 | |||
309 |
|
310 | |||
310 | def ValidRepoName(edit=False, old_data={}): |
|
311 | def ValidRepoName(edit=False, old_data={}): | |
311 | class _validator(formencode.validators.FancyValidator): |
|
312 | class _validator(formencode.validators.FancyValidator): | |
312 | messages = { |
|
313 | messages = { | |
313 | 'invalid_repo_name': |
|
314 | 'invalid_repo_name': | |
314 | _(u'Repository name %(repo)s is disallowed'), |
|
315 | _(u'Repository name %(repo)s is disallowed'), | |
315 | 'repository_exists': |
|
316 | 'repository_exists': | |
316 | _(u'Repository named %(repo)s already exists'), |
|
317 | _(u'Repository named %(repo)s already exists'), | |
317 | 'repository_in_group_exists': _(u'Repository "%(repo)s" already ' |
|
318 | 'repository_in_group_exists': _(u'Repository "%(repo)s" already ' | |
318 | 'exists in group "%(group)s"'), |
|
319 | 'exists in group "%(group)s"'), | |
319 | 'same_group_exists': _(u'Repositories group with name "%(repo)s" ' |
|
320 | 'same_group_exists': _(u'Repositories group with name "%(repo)s" ' | |
320 | 'already exists') |
|
321 | 'already exists') | |
321 | } |
|
322 | } | |
322 |
|
323 | |||
323 | def _to_python(self, value, state): |
|
324 | def _to_python(self, value, state): | |
324 | repo_name = repo_name_slug(value.get('repo_name', '')) |
|
325 | repo_name = repo_name_slug(value.get('repo_name', '')) | |
325 | repo_group = value.get('repo_group') |
|
326 | repo_group = value.get('repo_group') | |
326 | if repo_group: |
|
327 | if repo_group: | |
327 | gr = RepoGroup.get(repo_group) |
|
328 | gr = RepoGroup.get(repo_group) | |
328 | group_path = gr.full_path |
|
329 | group_path = gr.full_path | |
329 | group_name = gr.group_name |
|
330 | group_name = gr.group_name | |
330 | # value needs to be aware of group name in order to check |
|
331 | # value needs to be aware of group name in order to check | |
331 | # db key This is an actual just the name to store in the |
|
332 | # db key This is an actual just the name to store in the | |
332 | # database |
|
333 | # database | |
333 | repo_name_full = group_path + RepoGroup.url_sep() + repo_name |
|
334 | repo_name_full = group_path + RepoGroup.url_sep() + repo_name | |
334 | else: |
|
335 | else: | |
335 | group_name = group_path = '' |
|
336 | group_name = group_path = '' | |
336 | repo_name_full = repo_name |
|
337 | repo_name_full = repo_name | |
337 |
|
338 | |||
338 | value['repo_name'] = repo_name |
|
339 | value['repo_name'] = repo_name | |
339 | value['repo_name_full'] = repo_name_full |
|
340 | value['repo_name_full'] = repo_name_full | |
340 | value['group_path'] = group_path |
|
341 | value['group_path'] = group_path | |
341 | value['group_name'] = group_name |
|
342 | value['group_name'] = group_name | |
342 | return value |
|
343 | return value | |
343 |
|
344 | |||
344 | def validate_python(self, value, state): |
|
345 | def validate_python(self, value, state): | |
345 |
|
346 | |||
346 | repo_name = value.get('repo_name') |
|
347 | repo_name = value.get('repo_name') | |
347 | repo_name_full = value.get('repo_name_full') |
|
348 | repo_name_full = value.get('repo_name_full') | |
348 | group_path = value.get('group_path') |
|
349 | group_path = value.get('group_path') | |
349 | group_name = value.get('group_name') |
|
350 | group_name = value.get('group_name') | |
350 |
|
351 | |||
351 | if repo_name in [ADMIN_PREFIX, '']: |
|
352 | if repo_name in [ADMIN_PREFIX, '']: | |
352 | msg = M(self, 'invalid_repo_name', state, repo=repo_name) |
|
353 | msg = M(self, 'invalid_repo_name', state, repo=repo_name) | |
353 | raise formencode.Invalid(msg, value, state, |
|
354 | raise formencode.Invalid(msg, value, state, | |
354 | error_dict=dict(repo_name=msg) |
|
355 | error_dict=dict(repo_name=msg) | |
355 | ) |
|
356 | ) | |
356 |
|
357 | |||
357 | rename = old_data.get('repo_name') != repo_name_full |
|
358 | rename = old_data.get('repo_name') != repo_name_full | |
358 | create = not edit |
|
359 | create = not edit | |
359 | if rename or create: |
|
360 | if rename or create: | |
360 |
|
361 | |||
361 | if group_path != '': |
|
362 | if group_path != '': | |
362 | if Repository.get_by_repo_name(repo_name_full): |
|
363 | if Repository.get_by_repo_name(repo_name_full): | |
363 | msg = M(self, 'repository_in_group_exists', state, |
|
364 | msg = M(self, 'repository_in_group_exists', state, | |
364 | repo=repo_name, group=group_name) |
|
365 | repo=repo_name, group=group_name) | |
365 | raise formencode.Invalid(msg, value, state, |
|
366 | raise formencode.Invalid(msg, value, state, | |
366 | error_dict=dict(repo_name=msg) |
|
367 | error_dict=dict(repo_name=msg) | |
367 | ) |
|
368 | ) | |
368 | elif RepoGroup.get_by_group_name(repo_name_full): |
|
369 | elif RepoGroup.get_by_group_name(repo_name_full): | |
369 | msg = M(self, 'same_group_exists', state, |
|
370 | msg = M(self, 'same_group_exists', state, | |
370 | repo=repo_name) |
|
371 | repo=repo_name) | |
371 | raise formencode.Invalid(msg, value, state, |
|
372 | raise formencode.Invalid(msg, value, state, | |
372 | error_dict=dict(repo_name=msg) |
|
373 | error_dict=dict(repo_name=msg) | |
373 | ) |
|
374 | ) | |
374 |
|
375 | |||
375 | elif Repository.get_by_repo_name(repo_name_full): |
|
376 | elif Repository.get_by_repo_name(repo_name_full): | |
376 | msg = M(self, 'repository_exists', state, |
|
377 | msg = M(self, 'repository_exists', state, | |
377 | repo=repo_name) |
|
378 | repo=repo_name) | |
378 | raise formencode.Invalid(msg, value, state, |
|
379 | raise formencode.Invalid(msg, value, state, | |
379 | error_dict=dict(repo_name=msg) |
|
380 | error_dict=dict(repo_name=msg) | |
380 | ) |
|
381 | ) | |
381 | return value |
|
382 | return value | |
382 | return _validator |
|
383 | return _validator | |
383 |
|
384 | |||
384 |
|
385 | |||
385 | def ValidForkName(*args, **kwargs): |
|
386 | def ValidForkName(*args, **kwargs): | |
386 | return ValidRepoName(*args, **kwargs) |
|
387 | return ValidRepoName(*args, **kwargs) | |
387 |
|
388 | |||
388 |
|
389 | |||
389 | def SlugifyName(): |
|
390 | def SlugifyName(): | |
390 | class _validator(formencode.validators.FancyValidator): |
|
391 | class _validator(formencode.validators.FancyValidator): | |
391 |
|
392 | |||
392 | def _to_python(self, value, state): |
|
393 | def _to_python(self, value, state): | |
393 | return repo_name_slug(value) |
|
394 | return repo_name_slug(value) | |
394 |
|
395 | |||
395 | def validate_python(self, value, state): |
|
396 | def validate_python(self, value, state): | |
396 | pass |
|
397 | pass | |
397 |
|
398 | |||
398 | return _validator |
|
399 | return _validator | |
399 |
|
400 | |||
400 |
|
401 | |||
401 | def ValidCloneUri(): |
|
402 | def ValidCloneUri(): | |
402 | from rhodecode.lib.utils import make_ui |
|
403 | from rhodecode.lib.utils import make_ui | |
403 |
|
404 | |||
404 | def url_handler(repo_type, url, ui=None): |
|
405 | def url_handler(repo_type, url, ui=None): | |
405 | if repo_type == 'hg': |
|
406 | if repo_type == 'hg': | |
406 | from rhodecode.lib.vcs.backends.hg.repository import MercurialRepository |
|
407 | from rhodecode.lib.vcs.backends.hg.repository import MercurialRepository | |
407 | from mercurial.httppeer import httppeer |
|
408 | from mercurial.httppeer import httppeer | |
408 | if url.startswith('http'): |
|
409 | if url.startswith('http'): | |
409 | ## initially check if it's at least the proper URL |
|
410 | ## initially check if it's at least the proper URL | |
410 | ## or does it pass basic auth |
|
411 | ## or does it pass basic auth | |
411 | MercurialRepository._check_url(url) |
|
412 | MercurialRepository._check_url(url) | |
412 | httppeer(ui, url)._capabilities() |
|
413 | httppeer(ui, url)._capabilities() | |
413 | elif url.startswith('svn+http'): |
|
414 | elif url.startswith('svn+http'): | |
414 | from hgsubversion.svnrepo import svnremoterepo |
|
415 | from hgsubversion.svnrepo import svnremoterepo | |
415 | svnremoterepo(ui, url).capabilities |
|
416 | svnremoterepo(ui, url).capabilities | |
416 | elif url.startswith('git+http'): |
|
417 | elif url.startswith('git+http'): | |
417 | raise NotImplementedError() |
|
418 | raise NotImplementedError() | |
418 |
|
419 | |||
419 | elif repo_type == 'git': |
|
420 | elif repo_type == 'git': | |
420 | from rhodecode.lib.vcs.backends.git.repository import GitRepository |
|
421 | from rhodecode.lib.vcs.backends.git.repository import GitRepository | |
421 | if url.startswith('http'): |
|
422 | if url.startswith('http'): | |
422 | ## initially check if it's at least the proper URL |
|
423 | ## initially check if it's at least the proper URL | |
423 | ## or does it pass basic auth |
|
424 | ## or does it pass basic auth | |
424 | GitRepository._check_url(url) |
|
425 | GitRepository._check_url(url) | |
425 | elif url.startswith('svn+http'): |
|
426 | elif url.startswith('svn+http'): | |
426 | raise NotImplementedError() |
|
427 | raise NotImplementedError() | |
427 | elif url.startswith('hg+http'): |
|
428 | elif url.startswith('hg+http'): | |
428 | raise NotImplementedError() |
|
429 | raise NotImplementedError() | |
429 |
|
430 | |||
430 | class _validator(formencode.validators.FancyValidator): |
|
431 | class _validator(formencode.validators.FancyValidator): | |
431 | messages = { |
|
432 | messages = { | |
432 | 'clone_uri': _(u'invalid clone url'), |
|
433 | 'clone_uri': _(u'invalid clone url'), | |
433 | 'invalid_clone_uri': _(u'Invalid clone url, provide a ' |
|
434 | 'invalid_clone_uri': _(u'Invalid clone url, provide a ' | |
434 | 'valid clone http(s)/svn+http(s) url') |
|
435 | 'valid clone http(s)/svn+http(s) url') | |
435 | } |
|
436 | } | |
436 |
|
437 | |||
437 | def validate_python(self, value, state): |
|
438 | def validate_python(self, value, state): | |
438 | repo_type = value.get('repo_type') |
|
439 | repo_type = value.get('repo_type') | |
439 | url = value.get('clone_uri') |
|
440 | url = value.get('clone_uri') | |
440 |
|
441 | |||
441 | if not url: |
|
442 | if not url: | |
442 | pass |
|
443 | pass | |
443 | else: |
|
444 | else: | |
444 | try: |
|
445 | try: | |
445 | url_handler(repo_type, url, make_ui('db', clear_session=False)) |
|
446 | url_handler(repo_type, url, make_ui('db', clear_session=False)) | |
446 | except Exception: |
|
447 | except Exception: | |
447 | log.exception('Url validation failed') |
|
448 | log.exception('Url validation failed') | |
448 | msg = M(self, 'clone_uri') |
|
449 | msg = M(self, 'clone_uri') | |
449 | raise formencode.Invalid(msg, value, state, |
|
450 | raise formencode.Invalid(msg, value, state, | |
450 | error_dict=dict(clone_uri=msg) |
|
451 | error_dict=dict(clone_uri=msg) | |
451 | ) |
|
452 | ) | |
452 | return _validator |
|
453 | return _validator | |
453 |
|
454 | |||
454 |
|
455 | |||
455 | def ValidForkType(old_data={}): |
|
456 | def ValidForkType(old_data={}): | |
456 | class _validator(formencode.validators.FancyValidator): |
|
457 | class _validator(formencode.validators.FancyValidator): | |
457 | messages = { |
|
458 | messages = { | |
458 | 'invalid_fork_type': _(u'Fork have to be the same type as parent') |
|
459 | 'invalid_fork_type': _(u'Fork have to be the same type as parent') | |
459 | } |
|
460 | } | |
460 |
|
461 | |||
461 | def validate_python(self, value, state): |
|
462 | def validate_python(self, value, state): | |
462 | if old_data['repo_type'] != value: |
|
463 | if old_data['repo_type'] != value: | |
463 | msg = M(self, 'invalid_fork_type', state) |
|
464 | msg = M(self, 'invalid_fork_type', state) | |
464 | raise formencode.Invalid(msg, value, state, |
|
465 | raise formencode.Invalid(msg, value, state, | |
465 | error_dict=dict(repo_type=msg) |
|
466 | error_dict=dict(repo_type=msg) | |
466 | ) |
|
467 | ) | |
467 | return _validator |
|
468 | return _validator | |
468 |
|
469 | |||
469 |
|
470 | |||
470 | def CanWriteGroup(): |
|
471 | def CanWriteGroup(): | |
471 | class _validator(formencode.validators.FancyValidator): |
|
472 | class _validator(formencode.validators.FancyValidator): | |
472 | messages = { |
|
473 | messages = { | |
473 | 'permission_denied': _(u"You don't have permissions " |
|
474 | 'permission_denied': _(u"You don't have permissions " | |
474 | "to create repository in this group") |
|
475 | "to create repository in this group") | |
475 | } |
|
476 | } | |
476 |
|
477 | |||
477 | def validate_python(self, value, state): |
|
478 | def validate_python(self, value, state): | |
478 | gr = RepoGroup.get(value) |
|
479 | gr = RepoGroup.get(value) | |
479 | if not HasReposGroupPermissionAny( |
|
480 | if not HasReposGroupPermissionAny( | |
480 | 'group.write', 'group.admin' |
|
481 | 'group.write', 'group.admin' | |
481 | )(gr.group_name, 'get group of repo form'): |
|
482 | )(gr.group_name, 'get group of repo form'): | |
482 | msg = M(self, 'permission_denied', state) |
|
483 | msg = M(self, 'permission_denied', state) | |
483 | raise formencode.Invalid(msg, value, state, |
|
484 | raise formencode.Invalid(msg, value, state, | |
484 | error_dict=dict(repo_type=msg) |
|
485 | error_dict=dict(repo_type=msg) | |
485 | ) |
|
486 | ) | |
486 | return _validator |
|
487 | return _validator | |
487 |
|
488 | |||
488 |
|
489 | |||
489 | def ValidPerms(type_='repo'): |
|
490 | def ValidPerms(type_='repo'): | |
490 | if type_ == 'group': |
|
491 | if type_ == 'group': | |
491 | EMPTY_PERM = 'group.none' |
|
492 | EMPTY_PERM = 'group.none' | |
492 | elif type_ == 'repo': |
|
493 | elif type_ == 'repo': | |
493 | EMPTY_PERM = 'repository.none' |
|
494 | EMPTY_PERM = 'repository.none' | |
494 |
|
495 | |||
495 | class _validator(formencode.validators.FancyValidator): |
|
496 | class _validator(formencode.validators.FancyValidator): | |
496 | messages = { |
|
497 | messages = { | |
497 | 'perm_new_member_name': |
|
498 | 'perm_new_member_name': | |
498 | _(u'This username or users group name is not valid') |
|
499 | _(u'This username or users group name is not valid') | |
499 | } |
|
500 | } | |
500 |
|
501 | |||
501 | def to_python(self, value, state): |
|
502 | def to_python(self, value, state): | |
502 | perms_update = OrderedSet() |
|
503 | perms_update = OrderedSet() | |
503 | perms_new = OrderedSet() |
|
504 | perms_new = OrderedSet() | |
504 | # build a list of permission to update and new permission to create |
|
505 | # build a list of permission to update and new permission to create | |
505 |
|
506 | |||
506 | #CLEAN OUT ORG VALUE FROM NEW MEMBERS, and group them using |
|
507 | #CLEAN OUT ORG VALUE FROM NEW MEMBERS, and group them using | |
507 | new_perms_group = defaultdict(dict) |
|
508 | new_perms_group = defaultdict(dict) | |
508 | for k, v in value.copy().iteritems(): |
|
509 | for k, v in value.copy().iteritems(): | |
509 | if k.startswith('perm_new_member'): |
|
510 | if k.startswith('perm_new_member'): | |
510 | del value[k] |
|
511 | del value[k] | |
511 | _type, part = k.split('perm_new_member_') |
|
512 | _type, part = k.split('perm_new_member_') | |
512 | args = part.split('_') |
|
513 | args = part.split('_') | |
513 | if len(args) == 1: |
|
514 | if len(args) == 1: | |
514 | new_perms_group[args[0]]['perm'] = v |
|
515 | new_perms_group[args[0]]['perm'] = v | |
515 | elif len(args) == 2: |
|
516 | elif len(args) == 2: | |
516 | _key, pos = args |
|
517 | _key, pos = args | |
517 | new_perms_group[pos][_key] = v |
|
518 | new_perms_group[pos][_key] = v | |
518 |
|
519 | |||
519 | # fill new permissions in order of how they were added |
|
520 | # fill new permissions in order of how they were added | |
520 | for k in sorted(map(int, new_perms_group.keys())): |
|
521 | for k in sorted(map(int, new_perms_group.keys())): | |
521 | perm_dict = new_perms_group[str(k)] |
|
522 | perm_dict = new_perms_group[str(k)] | |
522 | new_member = perm_dict.get('name') |
|
523 | new_member = perm_dict.get('name') | |
523 | new_perm = perm_dict.get('perm') |
|
524 | new_perm = perm_dict.get('perm') | |
524 | new_type = perm_dict.get('type') |
|
525 | new_type = perm_dict.get('type') | |
525 | if new_member and new_perm and new_type: |
|
526 | if new_member and new_perm and new_type: | |
526 | perms_new.add((new_member, new_perm, new_type)) |
|
527 | perms_new.add((new_member, new_perm, new_type)) | |
527 |
|
528 | |||
528 | for k, v in value.iteritems(): |
|
529 | for k, v in value.iteritems(): | |
529 | if k.startswith('u_perm_') or k.startswith('g_perm_'): |
|
530 | if k.startswith('u_perm_') or k.startswith('g_perm_'): | |
530 | member = k[7:] |
|
531 | member = k[7:] | |
531 | t = {'u': 'user', |
|
532 | t = {'u': 'user', | |
532 | 'g': 'users_group' |
|
533 | 'g': 'users_group' | |
533 | }[k[0]] |
|
534 | }[k[0]] | |
534 | if member == 'default': |
|
535 | if member == 'default': | |
535 | if value.get('private'): |
|
536 | if value.get('private'): | |
536 | # set none for default when updating to |
|
537 | # set none for default when updating to | |
537 | # private repo |
|
538 | # private repo | |
538 | v = EMPTY_PERM |
|
539 | v = EMPTY_PERM | |
539 | perms_update.add((member, v, t)) |
|
540 | perms_update.add((member, v, t)) | |
540 |
|
541 | |||
541 | value['perms_updates'] = list(perms_update) |
|
542 | value['perms_updates'] = list(perms_update) | |
542 | value['perms_new'] = list(perms_new) |
|
543 | value['perms_new'] = list(perms_new) | |
543 |
|
544 | |||
544 | # update permissions |
|
545 | # update permissions | |
545 | for k, v, t in perms_new: |
|
546 | for k, v, t in perms_new: | |
546 | try: |
|
547 | try: | |
547 | if t is 'user': |
|
548 | if t is 'user': | |
548 | self.user_db = User.query()\ |
|
549 | self.user_db = User.query()\ | |
549 | .filter(User.active == True)\ |
|
550 | .filter(User.active == True)\ | |
550 | .filter(User.username == k).one() |
|
551 | .filter(User.username == k).one() | |
551 | if t is 'users_group': |
|
552 | if t is 'users_group': | |
552 | self.user_db = UsersGroup.query()\ |
|
553 | self.user_db = UsersGroup.query()\ | |
553 | .filter(UsersGroup.users_group_active == True)\ |
|
554 | .filter(UsersGroup.users_group_active == True)\ | |
554 | .filter(UsersGroup.users_group_name == k).one() |
|
555 | .filter(UsersGroup.users_group_name == k).one() | |
555 |
|
556 | |||
556 | except Exception: |
|
557 | except Exception: | |
557 | log.exception('Updated permission failed') |
|
558 | log.exception('Updated permission failed') | |
558 | msg = M(self, 'perm_new_member_type', state) |
|
559 | msg = M(self, 'perm_new_member_type', state) | |
559 | raise formencode.Invalid(msg, value, state, |
|
560 | raise formencode.Invalid(msg, value, state, | |
560 | error_dict=dict(perm_new_member_name=msg) |
|
561 | error_dict=dict(perm_new_member_name=msg) | |
561 | ) |
|
562 | ) | |
562 | return value |
|
563 | return value | |
563 | return _validator |
|
564 | return _validator | |
564 |
|
565 | |||
565 |
|
566 | |||
566 | def ValidSettings(): |
|
567 | def ValidSettings(): | |
567 | class _validator(formencode.validators.FancyValidator): |
|
568 | class _validator(formencode.validators.FancyValidator): | |
568 | def _to_python(self, value, state): |
|
569 | def _to_python(self, value, state): | |
569 | # settings form for users that are not admin |
|
570 | # settings form for users that are not admin | |
570 | # can't edit certain parameters, it's extra backup if they mangle |
|
571 | # can't edit certain parameters, it's extra backup if they mangle | |
571 | # with forms |
|
572 | # with forms | |
572 |
|
573 | |||
573 | forbidden_params = [ |
|
574 | forbidden_params = [ | |
574 | 'user', 'repo_type', 'repo_enable_locking', |
|
575 | 'user', 'repo_type', 'repo_enable_locking', | |
575 | 'repo_enable_downloads', 'repo_enable_statistics' |
|
576 | 'repo_enable_downloads', 'repo_enable_statistics' | |
576 | ] |
|
577 | ] | |
577 |
|
578 | |||
578 | for param in forbidden_params: |
|
579 | for param in forbidden_params: | |
579 | if param in value: |
|
580 | if param in value: | |
580 | del value[param] |
|
581 | del value[param] | |
581 | return value |
|
582 | return value | |
582 |
|
583 | |||
583 | def validate_python(self, value, state): |
|
584 | def validate_python(self, value, state): | |
584 | pass |
|
585 | pass | |
585 | return _validator |
|
586 | return _validator | |
586 |
|
587 | |||
587 |
|
588 | |||
588 | def ValidPath(): |
|
589 | def ValidPath(): | |
589 | class _validator(formencode.validators.FancyValidator): |
|
590 | class _validator(formencode.validators.FancyValidator): | |
590 | messages = { |
|
591 | messages = { | |
591 | 'invalid_path': _(u'This is not a valid path') |
|
592 | 'invalid_path': _(u'This is not a valid path') | |
592 | } |
|
593 | } | |
593 |
|
594 | |||
594 | def validate_python(self, value, state): |
|
595 | def validate_python(self, value, state): | |
595 | if not os.path.isdir(value): |
|
596 | if not os.path.isdir(value): | |
596 | msg = M(self, 'invalid_path', state) |
|
597 | msg = M(self, 'invalid_path', state) | |
597 | raise formencode.Invalid(msg, value, state, |
|
598 | raise formencode.Invalid(msg, value, state, | |
598 | error_dict=dict(paths_root_path=msg) |
|
599 | error_dict=dict(paths_root_path=msg) | |
599 | ) |
|
600 | ) | |
600 | return _validator |
|
601 | return _validator | |
601 |
|
602 | |||
602 |
|
603 | |||
603 | def UniqSystemEmail(old_data={}): |
|
604 | def UniqSystemEmail(old_data={}): | |
604 | class _validator(formencode.validators.FancyValidator): |
|
605 | class _validator(formencode.validators.FancyValidator): | |
605 | messages = { |
|
606 | messages = { | |
606 | 'email_taken': _(u'This e-mail address is already taken') |
|
607 | 'email_taken': _(u'This e-mail address is already taken') | |
607 | } |
|
608 | } | |
608 |
|
609 | |||
609 | def _to_python(self, value, state): |
|
610 | def _to_python(self, value, state): | |
610 | return value.lower() |
|
611 | return value.lower() | |
611 |
|
612 | |||
612 | def validate_python(self, value, state): |
|
613 | def validate_python(self, value, state): | |
613 | if (old_data.get('email') or '').lower() != value: |
|
614 | if (old_data.get('email') or '').lower() != value: | |
614 | user = User.get_by_email(value, case_insensitive=True) |
|
615 | user = User.get_by_email(value, case_insensitive=True) | |
615 | if user: |
|
616 | if user: | |
616 | msg = M(self, 'email_taken', state) |
|
617 | msg = M(self, 'email_taken', state) | |
617 | raise formencode.Invalid(msg, value, state, |
|
618 | raise formencode.Invalid(msg, value, state, | |
618 | error_dict=dict(email=msg) |
|
619 | error_dict=dict(email=msg) | |
619 | ) |
|
620 | ) | |
620 | return _validator |
|
621 | return _validator | |
621 |
|
622 | |||
622 |
|
623 | |||
623 | def ValidSystemEmail(): |
|
624 | def ValidSystemEmail(): | |
624 | class _validator(formencode.validators.FancyValidator): |
|
625 | class _validator(formencode.validators.FancyValidator): | |
625 | messages = { |
|
626 | messages = { | |
626 | 'non_existing_email': _(u'e-mail "%(email)s" does not exist.') |
|
627 | 'non_existing_email': _(u'e-mail "%(email)s" does not exist.') | |
627 | } |
|
628 | } | |
628 |
|
629 | |||
629 | def _to_python(self, value, state): |
|
630 | def _to_python(self, value, state): | |
630 | return value.lower() |
|
631 | return value.lower() | |
631 |
|
632 | |||
632 | def validate_python(self, value, state): |
|
633 | def validate_python(self, value, state): | |
633 | user = User.get_by_email(value, case_insensitive=True) |
|
634 | user = User.get_by_email(value, case_insensitive=True) | |
634 | if user is None: |
|
635 | if user is None: | |
635 | msg = M(self, 'non_existing_email', state, email=value) |
|
636 | msg = M(self, 'non_existing_email', state, email=value) | |
636 | raise formencode.Invalid(msg, value, state, |
|
637 | raise formencode.Invalid(msg, value, state, | |
637 | error_dict=dict(email=msg) |
|
638 | error_dict=dict(email=msg) | |
638 | ) |
|
639 | ) | |
639 |
|
640 | |||
640 | return _validator |
|
641 | return _validator | |
641 |
|
642 | |||
642 |
|
643 | |||
643 | def LdapLibValidator(): |
|
644 | def LdapLibValidator(): | |
644 | class _validator(formencode.validators.FancyValidator): |
|
645 | class _validator(formencode.validators.FancyValidator): | |
645 | messages = { |
|
646 | messages = { | |
646 |
|
647 | |||
647 | } |
|
648 | } | |
648 |
|
649 | |||
649 | def validate_python(self, value, state): |
|
650 | def validate_python(self, value, state): | |
650 | try: |
|
651 | try: | |
651 | import ldap |
|
652 | import ldap | |
652 | ldap # pyflakes silence ! |
|
653 | ldap # pyflakes silence ! | |
653 | except ImportError: |
|
654 | except ImportError: | |
654 | raise LdapImportError() |
|
655 | raise LdapImportError() | |
655 |
|
656 | |||
656 | return _validator |
|
657 | return _validator | |
657 |
|
658 | |||
658 |
|
659 | |||
659 | def AttrLoginValidator(): |
|
660 | def AttrLoginValidator(): | |
660 | class _validator(formencode.validators.FancyValidator): |
|
661 | class _validator(formencode.validators.FancyValidator): | |
661 | messages = { |
|
662 | messages = { | |
662 | 'invalid_cn': |
|
663 | 'invalid_cn': | |
663 | _(u'The LDAP Login attribute of the CN must be specified - ' |
|
664 | _(u'The LDAP Login attribute of the CN must be specified - ' | |
664 | 'this is the name of the attribute that is equivalent ' |
|
665 | 'this is the name of the attribute that is equivalent ' | |
665 | 'to "username"') |
|
666 | 'to "username"') | |
666 | } |
|
667 | } | |
667 |
|
668 | |||
668 | def validate_python(self, value, state): |
|
669 | def validate_python(self, value, state): | |
669 | if not value or not isinstance(value, (str, unicode)): |
|
670 | if not value or not isinstance(value, (str, unicode)): | |
670 | msg = M(self, 'invalid_cn', state) |
|
671 | msg = M(self, 'invalid_cn', state) | |
671 | raise formencode.Invalid(msg, value, state, |
|
672 | raise formencode.Invalid(msg, value, state, | |
672 | error_dict=dict(ldap_attr_login=msg) |
|
673 | error_dict=dict(ldap_attr_login=msg) | |
673 | ) |
|
674 | ) | |
674 |
|
675 | |||
675 | return _validator |
|
676 | return _validator | |
676 |
|
677 | |||
677 |
|
678 | |||
678 | def NotReviewedRevisions(repo_id): |
|
679 | def NotReviewedRevisions(repo_id): | |
679 | class _validator(formencode.validators.FancyValidator): |
|
680 | class _validator(formencode.validators.FancyValidator): | |
680 | messages = { |
|
681 | messages = { | |
681 | 'rev_already_reviewed': |
|
682 | 'rev_already_reviewed': | |
682 | _(u'Revisions %(revs)s are already part of pull request ' |
|
683 | _(u'Revisions %(revs)s are already part of pull request ' | |
683 | 'or have set status') |
|
684 | 'or have set status') | |
684 | } |
|
685 | } | |
685 |
|
686 | |||
686 | def validate_python(self, value, state): |
|
687 | def validate_python(self, value, state): | |
687 | # check revisions if they are not reviewed, or a part of another |
|
688 | # check revisions if they are not reviewed, or a part of another | |
688 | # pull request |
|
689 | # pull request | |
689 | statuses = ChangesetStatus.query()\ |
|
690 | statuses = ChangesetStatus.query()\ | |
690 | .filter(ChangesetStatus.revision.in_(value))\ |
|
691 | .filter(ChangesetStatus.revision.in_(value))\ | |
691 | .filter(ChangesetStatus.repo_id == repo_id)\ |
|
692 | .filter(ChangesetStatus.repo_id == repo_id)\ | |
692 | .all() |
|
693 | .all() | |
693 |
|
694 | |||
694 | errors = [] |
|
695 | errors = [] | |
695 | for cs in statuses: |
|
696 | for cs in statuses: | |
696 | if cs.pull_request_id: |
|
697 | if cs.pull_request_id: | |
697 | errors.append(['pull_req', cs.revision[:12]]) |
|
698 | errors.append(['pull_req', cs.revision[:12]]) | |
698 | elif cs.status: |
|
699 | elif cs.status: | |
699 | errors.append(['status', cs.revision[:12]]) |
|
700 | errors.append(['status', cs.revision[:12]]) | |
700 |
|
701 | |||
701 | if errors: |
|
702 | if errors: | |
702 | revs = ','.join([x[1] for x in errors]) |
|
703 | revs = ','.join([x[1] for x in errors]) | |
703 | msg = M(self, 'rev_already_reviewed', state, revs=revs) |
|
704 | msg = M(self, 'rev_already_reviewed', state, revs=revs) | |
704 | raise formencode.Invalid(msg, value, state, |
|
705 | raise formencode.Invalid(msg, value, state, | |
705 | error_dict=dict(revisions=revs) |
|
706 | error_dict=dict(revisions=revs) | |
706 | ) |
|
707 | ) | |
707 |
|
708 | |||
708 | return _validator |
|
709 | return _validator | |
709 |
|
710 | |||
710 |
|
711 | |||
711 | def ValidIp(): |
|
712 | def ValidIp(): | |
712 | class _validator(CIDR): |
|
713 | class _validator(CIDR): | |
713 | messages = dict( |
|
714 | messages = dict( | |
714 |
badFormat=_('Please enter a valid IP address |
|
715 | badFormat=_('Please enter a valid IPv4 or IpV6 address'), | |
715 | illegalOctets=_('The octets must be within the range of 0-255' |
|
|||
716 | ' (not %(octet)r)'), |
|
|||
717 | illegalBits=_('The network size (bits) must be within the range' |
|
716 | illegalBits=_('The network size (bits) must be within the range' | |
718 | ' of 0-32 (not %(bits)r)')) |
|
717 | ' of 0-32 (not %(bits)r)')) | |
719 |
|
718 | |||
|
719 | def to_python(self, value, state): | |||
|
720 | v = super(_validator, self).to_python(value, state) | |||
|
721 | v = v.strip() | |||
|
722 | net = ipaddr.IPNetwork(address=v) | |||
|
723 | if isinstance(net, ipaddr.IPv4Network): | |||
|
724 | #if IPv4 doesn't end with a mask, add /32 | |||
|
725 | if '/' not in value: | |||
|
726 | v += '/32' | |||
|
727 | if isinstance(net, ipaddr.IPv6Network): | |||
|
728 | #if IPv6 doesn't end with a mask, add /128 | |||
|
729 | if '/' not in value: | |||
|
730 | v += '/128' | |||
|
731 | return v | |||
|
732 | ||||
720 | def validate_python(self, value, state): |
|
733 | def validate_python(self, value, state): | |
721 | try: |
|
734 | try: | |
722 | # Split into octets and bits |
|
735 | addr = value.strip() | |
723 | if '/' in value: # a.b.c.d/e |
|
736 | #this raises an ValueError if address is not IpV4 or IpV6 | |
724 | addr, bits = value.split('/') |
|
737 | ipaddr.IPNetwork(address=addr) | |
725 | else: # a.b.c.d |
|
|||
726 | addr, bits = value, 32 |
|
|||
727 | # Use IPAddress validator to validate the IP part |
|
|||
728 | IPAddress.validate_python(self, addr, state) |
|
|||
729 | # Bits (netmask) correct? |
|
|||
730 | if not 0 <= int(bits) <= 32: |
|
|||
731 | raise formencode.Invalid( |
|
|||
732 | self.message('illegalBits', state, bits=bits), |
|
|||
733 | value, state) |
|
|||
734 | # Splitting faild: wrong syntax |
|
|||
735 | except ValueError: |
|
738 | except ValueError: | |
736 | raise formencode.Invalid(self.message('badFormat', state), |
|
739 | raise formencode.Invalid(self.message('badFormat', state), | |
737 | value, state) |
|
740 | value, state) | |
738 |
|
741 | |||
739 | def to_python(self, value, state): |
|
|||
740 | v = super(_validator, self).to_python(value, state) |
|
|||
741 | #if IP doesn't end with a mask, add /32 |
|
|||
742 | if '/' not in value: |
|
|||
743 | v += '/32' |
|
|||
744 | return v |
|
|||
745 | return _validator |
|
742 | return _validator |
General Comments 0
You need to be logged in to leave comments.
Login now