upstream/kallithea Commit - r1835:971ce5e2

1

# -*- coding: utf-8 -*-

1

# -*- coding: utf-8 -*-

2

"""

2

"""

3

rhodecode.lib.db_manage

3

rhodecode.lib.db_manage

4

~~~~~~~~~~~~~~~~~~~~~~~

4

~~~~~~~~~~~~~~~~~~~~~~~

5

6

Database creation, and setup module for RhodeCode. Used for creation

6

Database creation, and setup module for RhodeCode. Used for creation

7

of database as well as for migration operations

7

of database as well as for migration operations

8

9

:created_on: Apr 10, 2010

9

:created_on: Apr 10, 2010

10

:author: marcink

10

:author: marcink

11

12

:license: GPLv3, see COPYING for more details.

12

:license: GPLv3, see COPYING for more details.

13

"""

13

"""

14

# This program is free software: you can redistribute it and/or modify

14

# This program is free software: you can redistribute it and/or modify

15

# it under the terms of the GNU General Public License as published by

15

# it under the terms of the GNU General Public License as published by

16

# the Free Software Foundation, either version 3 of the License, or

16

# the Free Software Foundation, either version 3 of the License, or

17

# (at your option) any later version.

17

# (at your option) any later version.

18

#

18

#

19

# This program is distributed in the hope that it will be useful,

19

# This program is distributed in the hope that it will be useful,

20

# but WITHOUT ANY WARRANTY; without even the implied warranty of

20

# but WITHOUT ANY WARRANTY; without even the implied warranty of

21

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

21

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

22

# GNU General Public License for more details.

22

# GNU General Public License for more details.

23

#

23

#

24

# You should have received a copy of the GNU General Public License

24

# You should have received a copy of the GNU General Public License

25

# along with this program. If not, see <http://www.gnu.org/licenses/>.

25

# along with this program. If not, see <http://www.gnu.org/licenses/>.

26

27

import os

27

import os

28

import sys

28

import sys

29

import uuid

29

import uuid

30

import logging

30

import logging

31

from os.path import dirname as dn, join as jn

31

from os.path import dirname as dn, join as jn

32

33

from rhodecode import __dbversion__

33

from rhodecode import __dbversion__

34

from rhodecode.model import meta

34

from rhodecode.model import meta

35

36

from rhodecode.model.user import UserModel

36

from rhodecode.model.user import UserModel

37

from rhodecode.lib.utils import ask_ok

37

from rhodecode.lib.utils import ask_ok

38

from rhodecode.model import init_model

38

from rhodecode.model import init_model

39

from rhodecode.model.db import User, Permission, RhodeCodeUi, \

39

from rhodecode.model.db import User, Permission, RhodeCodeUi, \

40

RhodeCodeSetting, UserToPerm, DbMigrateVersion

40

RhodeCodeSetting, UserToPerm, DbMigrateVersion

41

42

from sqlalchemy.engine import create_engine

42

from sqlalchemy.engine import create_engine

43

44

log = logging.getLogger(__name__)

44

log = logging.getLogger(__name__)

45

46

47

class DbManage(object):

47

class DbManage(object):

48

def __init__(self, log_sql, dbconf, root, tests=False):

48

def __init__(self, log_sql, dbconf, root, tests=False):

49

self.dbname = dbconf.split('/')[-1]

49

self.dbname = dbconf.split('/')[-1]

50

self.tests = tests

50

self.tests = tests

51

self.root = root

51

self.root = root

52

self.dburi = dbconf

52

self.dburi = dbconf

53

self.log_sql = log_sql

53

self.log_sql = log_sql

54

self.db_exists = False

54

self.db_exists = False

55

self.init_db()

55

self.init_db()

56

57

def init_db(self):

57

def init_db(self):

58

engine = create_engine(self.dburi, echo=self.log_sql)

58

engine = create_engine(self.dburi, echo=self.log_sql)

59

init_model(engine)

59

init_model(engine)

60

self.sa = meta.Session

60

self.sa = meta.Session

61

62

def create_tables(self, override=False):

62

def create_tables(self, override=False):

63

"""

63

"""

64

Create a auth database

64

Create a auth database

65

"""

65

"""

66

67

log.info("Any existing database is going to be destroyed")

67

log.info("Any existing database is going to be destroyed")

68

if self.tests:

68

if self.tests:

69

destroy = True

69

destroy = True

70

else:

70

else:

71

destroy = ask_ok('Are you sure to destroy old database ? [y/n]')

71

destroy = ask_ok('Are you sure to destroy old database ? [y/n]')

72

if not destroy:

72

if not destroy:

73

sys.exit()

73

sys.exit()

74

if destroy:

74

if destroy:

75

meta.Base.metadata.drop_all()

75

meta.Base.metadata.drop_all()

76

77

checkfirst = not override

77

checkfirst = not override

78

meta.Base.metadata.create_all(checkfirst=checkfirst)

78

meta.Base.metadata.create_all(checkfirst=checkfirst)

79

log.info('Created tables for %s', self.dbname)

79

log.info('Created tables for %s', self.dbname)

80

81

def set_db_version(self):

81

def set_db_version(self):

82

ver = DbMigrateVersion()

82

ver = DbMigrateVersion()

83

ver.version = __dbversion__

83

ver.version = __dbversion__

84

ver.repository_id = 'rhodecode_db_migrations'

84

ver.repository_id = 'rhodecode_db_migrations'

85

ver.repository_path = 'versions'

85

ver.repository_path = 'versions'

86

self.sa.add(ver)

86

self.sa.add(ver)

87

log.info('db version set to: %s', __dbversion__)

87

log.info('db version set to: %s', __dbversion__)

88

89

def upgrade(self):

89

def upgrade(self):

90

"""

90

"""

91

Upgrades given database schema to given revision following

91

Upgrades given database schema to given revision following

92

all needed steps, to perform the upgrade

92

all needed steps, to perform the upgrade

93

94

"""

94

"""

95

96

from rhodecode.lib.dbmigrate.migrate.versioning import api

96

from rhodecode.lib.dbmigrate.migrate.versioning import api

97

from rhodecode.lib.dbmigrate.migrate.exceptions import \

97

from rhodecode.lib.dbmigrate.migrate.exceptions import \

98

DatabaseNotControlledError

98

DatabaseNotControlledError

99

100

if 'sqlite' in self.dburi:

101

print (

102

'********************** WARNING **********************\n'

103

'Make sure your version of sqlite is at least 3.7.X. \n'

104

'Earlier versions are known to fail on some migrations\n'

105

'*****************************************************\n'

106

)

100

upgrade = ask_ok('You are about to perform database upgrade, make '

107

upgrade = ask_ok('You are about to perform database upgrade, make '

101

'sure You backed up your database before. '

108

'sure You backed up your database before. '

102

'Continue ? [y/n]')

109

'Continue ? [y/n]')

103

if not upgrade:

110

if not upgrade:

104

sys.exit('Nothing done')

111

sys.exit('Nothing done')

105

112

106

repository_path = jn(dn(dn(dn(os.path.realpath(__file__)))),

113

repository_path = jn(dn(dn(dn(os.path.realpath(__file__)))),

107

'rhodecode/lib/dbmigrate')

114

'rhodecode/lib/dbmigrate')

108

db_uri = self.dburi

115

db_uri = self.dburi

109

116

110

try:

117

try:

111

curr_version = api.db_version(db_uri, repository_path)

118

curr_version = api.db_version(db_uri, repository_path)

112

msg = ('Found current database under version'

119

msg = ('Found current database under version'

113

' control with version %s' % curr_version)

120

' control with version %s' % curr_version)

114

121

115

except (RuntimeError, DatabaseNotControlledError):

122

except (RuntimeError, DatabaseNotControlledError):

116

curr_version = 1

123

curr_version = 1

117

msg = ('Current database is not under version control. Setting'

124

msg = ('Current database is not under version control. Setting'

118

' as version %s' % curr_version)

125

' as version %s' % curr_version)

119

api.version_control(db_uri, repository_path, curr_version)

126

api.version_control(db_uri, repository_path, curr_version)

120

127

121

print (msg)

128

print (msg)

122

129

123

if curr_version == __dbversion__:

130

if curr_version == __dbversion__:

124

sys.exit('This database is already at the newest version')

131

sys.exit('This database is already at the newest version')

125

132

126

#======================================================================

133

#======================================================================

127

# UPGRADE STEPS

134

# UPGRADE STEPS

128

#======================================================================

135

#======================================================================

129

class UpgradeSteps(object):

136

class UpgradeSteps(object):

130

"""

137

"""

131

Those steps follow schema versions so for example schema

138

Those steps follow schema versions so for example schema

132

for example schema with seq 002 == step_2 and so on.

139

for example schema with seq 002 == step_2 and so on.

133

"""

140

"""

134

141

135

def __init__(self, klass):

142

def __init__(self, klass):

136

self.klass = klass

143

self.klass = klass

137

144

138

def step_0(self):

145

def step_0(self):

139

# step 0 is the schema upgrade, and than follow proper upgrades

146

# step 0 is the schema upgrade, and than follow proper upgrades

140

print ('attempting to do database upgrade to version %s' \

147

print ('attempting to do database upgrade to version %s' \

141

% __dbversion__)

148

% __dbversion__)

142

api.upgrade(db_uri, repository_path, __dbversion__)

149

api.upgrade(db_uri, repository_path, __dbversion__)

143

print ('Schema upgrade completed')

150

print ('Schema upgrade completed')

144

151

145

def step_1(self):

152

def step_1(self):

146

pass

153

pass

147

154

148

def step_2(self):

155

def step_2(self):

149

print ('Patching repo paths for newer version of RhodeCode')

156

print ('Patching repo paths for newer version of RhodeCode')

150

self.klass.fix_repo_paths()

157

self.klass.fix_repo_paths()

151

158

152

print ('Patching default user of RhodeCode')

159

print ('Patching default user of RhodeCode')

153

self.klass.fix_default_user()

160

self.klass.fix_default_user()

154

161

155

log.info('Changing ui settings')

162

log.info('Changing ui settings')

156

self.klass.create_ui_settings()

163

self.klass.create_ui_settings()

157

164

158

def step_3(self):

165

def step_3(self):

159

print ('Adding additional settings into RhodeCode db')

166

print ('Adding additional settings into RhodeCode db')

160

self.klass.fix_settings()

167

self.klass.fix_settings()

161

print ('Adding ldap defaults')

168

print ('Adding ldap defaults')

162

self.klass.create_ldap_options(skip_existing=True)

169

self.klass.create_ldap_options(skip_existing=True)

163

170

171

def step_4(self):

172

print ('TODO:')

173

164

upgrade_steps = [0] + range(curr_version + 1, __dbversion__ + 1)

174

upgrade_steps = [0] + range(curr_version + 1, __dbversion__ + 1)

165

175

166

# CALL THE PROPER ORDER OF STEPS TO PERFORM FULL UPGRADE

176

# CALL THE PROPER ORDER OF STEPS TO PERFORM FULL UPGRADE

167

for step in upgrade_steps:

177

for step in upgrade_steps:

168

print ('performing upgrade step %s' % step)

178

print ('performing upgrade step %s' % step)

169

getattr(UpgradeSteps(self), 'step_%s' % step)()

179

getattr(UpgradeSteps(self), 'step_%s' % step)()

170

180

171

def fix_repo_paths(self):

181

def fix_repo_paths(self):

172

"""

182

"""

173

Fixes a old rhodecode version path into new one without a '*'

183

Fixes a old rhodecode version path into new one without a '*'

174

"""

184

"""

175

185

176

paths = self.sa.query(RhodeCodeUi)\

186

paths = self.sa.query(RhodeCodeUi)\

177

.filter(RhodeCodeUi.ui_key == '/')\

187

.filter(RhodeCodeUi.ui_key == '/')\

178

.scalar()

188

.scalar()

179

189

180

paths.ui_value = paths.ui_value.replace('*', '')

190

paths.ui_value = paths.ui_value.replace('*', '')

181

191

182

try:

192

try:

183

self.sa.add(paths)

193

self.sa.add(paths)

184

self.sa.commit()

194

self.sa.commit()

185

except:

195

except:

186

self.sa.rollback()

196

self.sa.rollback()

187

raise

197

raise

188

198

189

def fix_default_user(self):

199

def fix_default_user(self):

190

"""

200

"""

191

Fixes a old default user with some 'nicer' default values,

201

Fixes a old default user with some 'nicer' default values,

192

used mostly for anonymous access

202

used mostly for anonymous access

193

"""

203

"""

194

def_user = self.sa.query(User)\

204

def_user = self.sa.query(User)\

195

.filter(User.username == 'default')\

205

.filter(User.username == 'default')\

196

.one()

206

.one()

197

207

198

def_user.name = 'Anonymous'

208

def_user.name = 'Anonymous'

199

def_user.lastname = 'User'

209

def_user.lastname = 'User'

200

def_user.email = 'anonymous@rhodecode.org'

210

def_user.email = 'anonymous@rhodecode.org'

201

211

202

try:

212

try:

203

self.sa.add(def_user)

213

self.sa.add(def_user)

204

self.sa.commit()

214

self.sa.commit()

205

except:

215

except:

206

self.sa.rollback()

216

self.sa.rollback()

207

raise

217

raise

208

218

209

def fix_settings(self):

219

def fix_settings(self):

210

"""

220

"""

211

Fixes rhodecode settings adds ga_code key for google analytics

221

Fixes rhodecode settings adds ga_code key for google analytics

212

"""

222

"""

213

223

214

hgsettings3 = RhodeCodeSetting('ga_code', '')

224

hgsettings3 = RhodeCodeSetting('ga_code', '')

215

225

216

try:

226

try:

217

self.sa.add(hgsettings3)

227

self.sa.add(hgsettings3)

218

self.sa.commit()

228

self.sa.commit()

219

except:

229

except:

220

self.sa.rollback()

230

self.sa.rollback()

221

raise

231

raise

222

232

223

def admin_prompt(self, second=False):

233

def admin_prompt(self, second=False):

224

if not self.tests:

234

if not self.tests:

225

import getpass

235

import getpass

226

236

227

def get_password():

237

def get_password():

228

password = getpass.getpass('Specify admin password '

238

password = getpass.getpass('Specify admin password '

229

'(min 6 chars):')

239

'(min 6 chars):')

230

confirm = getpass.getpass('Confirm password:')

240

confirm = getpass.getpass('Confirm password:')

231

241

232

if password != confirm:

242

if password != confirm:

233

log.error('passwords mismatch')

243

log.error('passwords mismatch')

234

return False

244

return False

235

if len(password) < 6:

245

if len(password) < 6:

236

log.error('password is to short use at least 6 characters')

246

log.error('password is to short use at least 6 characters')

237

return False

247

return False

238

248

239

return password

249

return password

240

250

241

username = raw_input('Specify admin username:')

251

username = raw_input('Specify admin username:')

242

252

243

password = get_password()

253

password = get_password()

244

if not password:

254

if not password:

245

#second try

255

#second try

246

password = get_password()

256

password = get_password()

247

if not password:

257

if not password:

248

sys.exit()

258

sys.exit()

249

259

250

email = raw_input('Specify admin email:')

260

email = raw_input('Specify admin email:')

251

self.create_user(username, password, email, True)

261

self.create_user(username, password, email, True)

252

else:

262

else:

253

log.info('creating admin and regular test users')

263

log.info('creating admin and regular test users')

254

from rhodecode.tests import TEST_USER_ADMIN_LOGIN,\

264

from rhodecode.tests import TEST_USER_ADMIN_LOGIN,\

255

TEST_USER_ADMIN_PASS, TEST_USER_ADMIN_EMAIL,\

265

TEST_USER_ADMIN_PASS, TEST_USER_ADMIN_EMAIL,\

256

TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS,\

266

TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS,\

257

TEST_USER_REGULAR_EMAIL, TEST_USER_REGULAR2_LOGIN, \

267

TEST_USER_REGULAR_EMAIL, TEST_USER_REGULAR2_LOGIN, \

258

TEST_USER_REGULAR2_PASS, TEST_USER_REGULAR2_EMAIL

268

TEST_USER_REGULAR2_PASS, TEST_USER_REGULAR2_EMAIL

259

269

260

self.create_user(TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS,

270

self.create_user(TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS,

261

TEST_USER_ADMIN_EMAIL, True)

271

TEST_USER_ADMIN_EMAIL, True)

262

272

263

self.create_user(TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS,

273

self.create_user(TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS,

264

TEST_USER_REGULAR_EMAIL, False)

274

TEST_USER_REGULAR_EMAIL, False)

265

275

266

self.create_user(TEST_USER_REGULAR2_LOGIN, TEST_USER_REGULAR2_PASS,

276

self.create_user(TEST_USER_REGULAR2_LOGIN, TEST_USER_REGULAR2_PASS,

267

TEST_USER_REGULAR2_EMAIL, False)

277

TEST_USER_REGULAR2_EMAIL, False)

268

278

269

def create_ui_settings(self):

279

def create_ui_settings(self):

270

"""

280

"""

271

Creates ui settings, fills out hooks

281

Creates ui settings, fills out hooks

272

and disables dotencode

282

and disables dotencode

273

"""

283

"""

274

284

275

#HOOKS

285

#HOOKS

276

hooks1_key = RhodeCodeUi.HOOK_UPDATE

286

hooks1_key = RhodeCodeUi.HOOK_UPDATE

277

hooks1_ = self.sa.query(RhodeCodeUi)\

287

hooks1_ = self.sa.query(RhodeCodeUi)\

278

.filter(RhodeCodeUi.ui_key == hooks1_key).scalar()

288

.filter(RhodeCodeUi.ui_key == hooks1_key).scalar()

279

289

280

hooks1 = RhodeCodeUi() if hooks1_ is None else hooks1_

290

hooks1 = RhodeCodeUi() if hooks1_ is None else hooks1_

281

hooks1.ui_section = 'hooks'

291

hooks1.ui_section = 'hooks'

282

hooks1.ui_key = hooks1_key

292

hooks1.ui_key = hooks1_key

283

hooks1.ui_value = 'hg update >&2'

293

hooks1.ui_value = 'hg update >&2'

284

hooks1.ui_active = False

294

hooks1.ui_active = False

285

295

286

hooks2_key = RhodeCodeUi.HOOK_REPO_SIZE

296

hooks2_key = RhodeCodeUi.HOOK_REPO_SIZE

287

hooks2_ = self.sa.query(RhodeCodeUi)\

297

hooks2_ = self.sa.query(RhodeCodeUi)\

288

.filter(RhodeCodeUi.ui_key == hooks2_key).scalar()

298

.filter(RhodeCodeUi.ui_key == hooks2_key).scalar()

289

299

290

hooks2 = RhodeCodeUi() if hooks2_ is None else hooks2_

300

hooks2 = RhodeCodeUi() if hooks2_ is None else hooks2_

291

hooks2.ui_section = 'hooks'

301

hooks2.ui_section = 'hooks'

292

hooks2.ui_key = hooks2_key

302

hooks2.ui_key = hooks2_key

293

hooks2.ui_value = 'python:rhodecode.lib.hooks.repo_size'

303

hooks2.ui_value = 'python:rhodecode.lib.hooks.repo_size'

294

304

295

hooks3 = RhodeCodeUi()

305

hooks3 = RhodeCodeUi()

296

hooks3.ui_section = 'hooks'

306

hooks3.ui_section = 'hooks'

297

hooks3.ui_key = RhodeCodeUi.HOOK_PUSH

307

hooks3.ui_key = RhodeCodeUi.HOOK_PUSH

298

hooks3.ui_value = 'python:rhodecode.lib.hooks.log_push_action'

308

hooks3.ui_value = 'python:rhodecode.lib.hooks.log_push_action'

299

309

300

hooks4 = RhodeCodeUi()

310

hooks4 = RhodeCodeUi()

301

hooks4.ui_section = 'hooks'

311

hooks4.ui_section = 'hooks'

302

hooks4.ui_key = RhodeCodeUi.HOOK_PULL

312

hooks4.ui_key = RhodeCodeUi.HOOK_PULL

303

hooks4.ui_value = 'python:rhodecode.lib.hooks.log_pull_action'

313

hooks4.ui_value = 'python:rhodecode.lib.hooks.log_pull_action'

304

314

305

# For mercurial 1.7 set backward comapatibility with format

315

# For mercurial 1.7 set backward comapatibility with format

306

dotencode_disable = RhodeCodeUi()

316

dotencode_disable = RhodeCodeUi()

307

dotencode_disable.ui_section = 'format'

317

dotencode_disable.ui_section = 'format'

308

dotencode_disable.ui_key = 'dotencode'

318

dotencode_disable.ui_key = 'dotencode'

309

dotencode_disable.ui_value = 'false'

319

dotencode_disable.ui_value = 'false'

310

320

311

# enable largefiles

321

# enable largefiles

312

largefiles = RhodeCodeUi()

322

largefiles = RhodeCodeUi()

313

largefiles.ui_section = 'extensions'

323

largefiles.ui_section = 'extensions'

314

largefiles.ui_key = 'largefiles'

324

largefiles.ui_key = 'largefiles'

315

largefiles.ui_value = ''

325

largefiles.ui_value = ''

316

326

317

self.sa.add(hooks1)

327

self.sa.add(hooks1)

318

self.sa.add(hooks2)

328

self.sa.add(hooks2)

319

self.sa.add(hooks3)

329

self.sa.add(hooks3)

320

self.sa.add(hooks4)

330

self.sa.add(hooks4)

321

self.sa.add(largefiles)

331

self.sa.add(largefiles)

322

332

323

def create_ldap_options(self, skip_existing=False):

333

def create_ldap_options(self, skip_existing=False):

324

"""Creates ldap settings"""

334

"""Creates ldap settings"""

325

335

326

for k, v in [('ldap_active', 'false'), ('ldap_host', ''),

336

for k, v in [('ldap_active', 'false'), ('ldap_host', ''),

327

('ldap_port', '389'), ('ldap_tls_kind', 'PLAIN'),

337

('ldap_port', '389'), ('ldap_tls_kind', 'PLAIN'),

328

('ldap_tls_reqcert', ''), ('ldap_dn_user', ''),

338

('ldap_tls_reqcert', ''), ('ldap_dn_user', ''),

329

('ldap_dn_pass', ''), ('ldap_base_dn', ''),

339

('ldap_dn_pass', ''), ('ldap_base_dn', ''),

330

('ldap_filter', ''), ('ldap_search_scope', ''),

340

('ldap_filter', ''), ('ldap_search_scope', ''),

331

('ldap_attr_login', ''), ('ldap_attr_firstname', ''),

341

('ldap_attr_login', ''), ('ldap_attr_firstname', ''),

332

('ldap_attr_lastname', ''), ('ldap_attr_email', '')]:

342

('ldap_attr_lastname', ''), ('ldap_attr_email', '')]:

333

343

334

if skip_existing and RhodeCodeSetting.get_by_name(k) != None:

344

if skip_existing and RhodeCodeSetting.get_by_name(k) != None:

335

log.debug('Skipping option %s' % k)

345

log.debug('Skipping option %s' % k)

336

continue

346

continue

337

setting = RhodeCodeSetting(k, v)

347

setting = RhodeCodeSetting(k, v)

338

self.sa.add(setting)

348

self.sa.add(setting)

339

349

340

def config_prompt(self, test_repo_path='', retries=3):

350

def config_prompt(self, test_repo_path='', retries=3):

341

if retries == 3:

351

if retries == 3:

342

log.info('Setting up repositories config')

352

log.info('Setting up repositories config')

343

353

344

if not self.tests and not test_repo_path:

354

if not self.tests and not test_repo_path:

345

path = raw_input('Specify valid full path to your repositories'

355

path = raw_input('Specify valid full path to your repositories'

346

' you can change this later in application settings:')

356

' you can change this later in application settings:')

347

else:

357

else:

348

path = test_repo_path

358

path = test_repo_path

349

path_ok = True

359

path_ok = True

350

360

351

# check proper dir

361

# check proper dir

352

if not os.path.isdir(path):

362

if not os.path.isdir(path):

353

path_ok = False

363

path_ok = False

354

log.error('Given path %s is not a valid directory', path)

364

log.error('Given path %s is not a valid directory', path)

355

365

356

# check write access

366

# check write access

357

if not os.access(path, os.W_OK) and path_ok:

367

if not os.access(path, os.W_OK) and path_ok:

358

path_ok = False

368

path_ok = False

359

log.error('No write permission to given path %s', path)

369

log.error('No write permission to given path %s', path)

360

370

361

if retries == 0:

371

if retries == 0:

362

sys.exit('max retries reached')

372

sys.exit('max retries reached')

363

if path_ok is False:

373

if path_ok is False:

364

retries -= 1

374

retries -= 1

365

return self.config_prompt(test_repo_path, retries)

375

return self.config_prompt(test_repo_path, retries)

366

376

367

return path

377

return path

368

378

369

def create_settings(self, path):

379

def create_settings(self, path):

370

380

371

self.create_ui_settings()

381

self.create_ui_settings()

372

382

373

#HG UI OPTIONS

383

#HG UI OPTIONS

374

web1 = RhodeCodeUi()

384

web1 = RhodeCodeUi()

375

web1.ui_section = 'web'

385

web1.ui_section = 'web'

376

web1.ui_key = 'push_ssl'

386

web1.ui_key = 'push_ssl'

377

web1.ui_value = 'false'

387

web1.ui_value = 'false'

378

388

379

web2 = RhodeCodeUi()

389

web2 = RhodeCodeUi()

380

web2.ui_section = 'web'

390

web2.ui_section = 'web'

381

web2.ui_key = 'allow_archive'

391

web2.ui_key = 'allow_archive'

382

web2.ui_value = 'gz zip bz2'

392

web2.ui_value = 'gz zip bz2'

383

393

384

web3 = RhodeCodeUi()

394

web3 = RhodeCodeUi()

385

web3.ui_section = 'web'

395

web3.ui_section = 'web'

386

web3.ui_key = 'allow_push'

396

web3.ui_key = 'allow_push'

387

web3.ui_value = '*'

397

web3.ui_value = '*'

388

398

389

web4 = RhodeCodeUi()

399

web4 = RhodeCodeUi()

390

web4.ui_section = 'web'

400

web4.ui_section = 'web'

391

web4.ui_key = 'baseurl'

401

web4.ui_key = 'baseurl'

392

web4.ui_value = '/'

402

web4.ui_value = '/'

393

403

394

paths = RhodeCodeUi()

404

paths = RhodeCodeUi()

395

paths.ui_section = 'paths'

405

paths.ui_section = 'paths'

396

paths.ui_key = '/'

406

paths.ui_key = '/'

397

paths.ui_value = path

407

paths.ui_value = path

398

408

399

hgsettings1 = RhodeCodeSetting('realm', 'RhodeCode authentication')

409

hgsettings1 = RhodeCodeSetting('realm', 'RhodeCode authentication')

400

hgsettings2 = RhodeCodeSetting('title', 'RhodeCode')

410

hgsettings2 = RhodeCodeSetting('title', 'RhodeCode')

401

hgsettings3 = RhodeCodeSetting('ga_code', '')

411

hgsettings3 = RhodeCodeSetting('ga_code', '')

402

412

403

self.sa.add(web1)

413

self.sa.add(web1)

404

self.sa.add(web2)

414

self.sa.add(web2)

405

self.sa.add(web3)

415

self.sa.add(web3)

406

self.sa.add(web4)

416

self.sa.add(web4)

407

self.sa.add(paths)

417

self.sa.add(paths)

408

self.sa.add(hgsettings1)

418

self.sa.add(hgsettings1)

409

self.sa.add(hgsettings2)

419

self.sa.add(hgsettings2)

410

self.sa.add(hgsettings3)

420

self.sa.add(hgsettings3)

411

421

412

self.create_ldap_options()

422

self.create_ldap_options()

413

423

414

log.info('created ui config')

424

log.info('created ui config')

415

425

416

def create_user(self, username, password, email='', admin=False):

426

def create_user(self, username, password, email='', admin=False):

417

log.info('creating user %s', username)

427

log.info('creating user %s', username)

418

UserModel().create_or_update(username, password, email,

428

UserModel().create_or_update(username, password, email,

419

name='RhodeCode', lastname='Admin',

429

name='RhodeCode', lastname='Admin',

420

active=True, admin=admin)

430

active=True, admin=admin)

421

431

422

def create_default_user(self):

432

def create_default_user(self):

423

log.info('creating default user')

433

log.info('creating default user')

424

# create default user for handling default permissions.

434

# create default user for handling default permissions.

425

UserModel().create_or_update(username='default',

435

UserModel().create_or_update(username='default',

426

password=str(uuid.uuid1())[:8],

436

password=str(uuid.uuid1())[:8],

427

email='anonymous@rhodecode.org',

437

email='anonymous@rhodecode.org',

428

name='Anonymous', lastname='User')

438

name='Anonymous', lastname='User')

429

439

430

def create_permissions(self):

440

def create_permissions(self):

431

# module.(access|create|change|delete)_[name]

441

# module.(access|create|change|delete)_[name]

432

# module.(read|write|owner)

442

# module.(read|write|owner)

433

perms = [('repository.none', 'Repository no access'),

443

perms = [('repository.none', 'Repository no access'),

434

('repository.read', 'Repository read access'),

444

('repository.read', 'Repository read access'),

435

('repository.write', 'Repository write access'),

445

('repository.write', 'Repository write access'),

436

('repository.admin', 'Repository admin access'),

446

('repository.admin', 'Repository admin access'),

437

('hg.admin', 'Hg Administrator'),

447

('hg.admin', 'Hg Administrator'),

438

('hg.create.repository', 'Repository create'),

448

('hg.create.repository', 'Repository create'),

439

('hg.create.none', 'Repository creation disabled'),

449

('hg.create.none', 'Repository creation disabled'),

440

('hg.register.none', 'Register disabled'),

450

('hg.register.none', 'Register disabled'),

441

('hg.register.manual_activate', 'Register new user with '

451

('hg.register.manual_activate', 'Register new user with '

442

'RhodeCode without manual'

452

'RhodeCode without manual'

443

'activation'),

453

'activation'),

444

454

445

('hg.register.auto_activate', 'Register new user with '

455

('hg.register.auto_activate', 'Register new user with '

446

'RhodeCode without auto '

456

'RhodeCode without auto '

447

'activation'),

457

'activation'),

448

]

458

]

449

459

450

for p in perms:

460

for p in perms:

451

new_perm = Permission()

461

new_perm = Permission()

452

new_perm.permission_name = p[0]

462

new_perm.permission_name = p[0]

453

new_perm.permission_longname = p[1]

463

new_perm.permission_longname = p[1]

454

self.sa.add(new_perm)

464

self.sa.add(new_perm)

455

465

456

def populate_default_permissions(self):

466

def populate_default_permissions(self):

457

log.info('creating default user permissions')

467

log.info('creating default user permissions')

458

468

459

default_user = self.sa.query(User)\

469

default_user = self.sa.query(User)\

460

.filter(User.username == 'default').scalar()

470

.filter(User.username == 'default').scalar()

461

471

462

reg_perm = UserToPerm()

472

reg_perm = UserToPerm()

463

reg_perm.user = default_user

473

reg_perm.user = default_user

464

reg_perm.permission = self.sa.query(Permission)\

474

reg_perm.permission = self.sa.query(Permission)\

465

.filter(Permission.permission_name == 'hg.register.manual_activate')\

475

.filter(Permission.permission_name == 'hg.register.manual_activate')\

466

.scalar()

476

.scalar()

467

477

468

create_repo_perm = UserToPerm()

478

create_repo_perm = UserToPerm()

469

create_repo_perm.user = default_user

479

create_repo_perm.user = default_user

470

create_repo_perm.permission = self.sa.query(Permission)\

480

create_repo_perm.permission = self.sa.query(Permission)\

471

.filter(Permission.permission_name == 'hg.create.repository')\

481

.filter(Permission.permission_name == 'hg.create.repository')\

472

.scalar()

482

.scalar()

473

483

474

default_repo_perm = UserToPerm()

484

default_repo_perm = UserToPerm()

475

default_repo_perm.user = default_user

485

default_repo_perm.user = default_user

476

default_repo_perm.permission = self.sa.query(Permission)\

486

default_repo_perm.permission = self.sa.query(Permission)\

477

.filter(Permission.permission_name == 'repository.read')\

487

.filter(Permission.permission_name == 'repository.read')\

478

.scalar()

488

.scalar()

479

489

480

self.sa.add(reg_perm)

490

self.sa.add(reg_perm)

481

self.sa.add(create_repo_perm)

491

self.sa.add(create_repo_perm)

482

self.sa.add(default_repo_perm)

492

self.sa.add(default_repo_perm)

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

             # -*- coding: utf-8 -*-
             """
                 rhodecode.lib.db_manage
                 ~~~~~~~~~~~~~~~~~~~~~~~
                 Database creation, and setup module for RhodeCode. Used for creation
                 of database as well as for migration operations
                 :created_on: Apr 10, 2010
                 :author: marcink
                 :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
                 :license: GPLv3, see COPYING for more details.
             """
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU General Public License as published by
             # the Free Software Foundation, either version 3 of the License, or
             # (at your option) any later version.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             import os
             import sys
             import uuid
             import logging
             from os.path import dirname as dn, join as jn
             from rhodecode import __dbversion__
             from rhodecode.model import meta
             from rhodecode.model.user import UserModel
             from rhodecode.lib.utils import ask_ok
             from rhodecode.model import init_model
             from rhodecode.model.db import User, Permission, RhodeCodeUi, \
                 RhodeCodeSetting, UserToPerm, DbMigrateVersion
             from sqlalchemy.engine import create_engine
             log = logging.getLogger(__name__)
             class DbManage(object):
                 def __init__(self, log_sql, dbconf, root, tests=False):
                     self.dbname = dbconf.split('/')[-1]
                     self.tests = tests
                     self.root = root
                     self.dburi = dbconf
                     self.log_sql = log_sql
                     self.db_exists = False
                     self.init_db()
                 def init_db(self):
                     engine = create_engine(self.dburi, echo=self.log_sql)
                     init_model(engine)
                     self.sa = meta.Session
                 def create_tables(self, override=False):
                     """
                     Create a auth database
                     """
                     log.info("Any existing database is going to be destroyed")
                     if self.tests:
                         destroy = True
                     else:
                         destroy = ask_ok('Are you sure to destroy old database ? [y/n]')
                     if not destroy:
                         sys.exit()
                     if destroy:
                         meta.Base.metadata.drop_all()
                     checkfirst = not override
                     meta.Base.metadata.create_all(checkfirst=checkfirst)
                     log.info('Created tables for %s', self.dbname)
                 def set_db_version(self):
                     ver = DbMigrateVersion()
                     ver.version = __dbversion__
                     ver.repository_id = 'rhodecode_db_migrations'
                     ver.repository_path = 'versions'
                     self.sa.add(ver)
                     log.info('db version set to: %s', __dbversion__)
                 def upgrade(self):
                     """
                     Upgrades given database schema to given revision following
                     all needed steps, to perform the upgrade
                     """
                     from rhodecode.lib.dbmigrate.migrate.versioning import api
                     from rhodecode.lib.dbmigrate.migrate.exceptions import \
                         DatabaseNotControlledError
+                    if 'sqlite' in self.dburi:
+                        print (
+                           '********************** WARNING **********************\n'
+                           'Make sure your version of sqlite is at least 3.7.X.  \n'
+                           'Earlier versions are known to fail on some migrations\n'
+                           '*****************************************************\n'
+                        )
                     upgrade = ask_ok('You are about to perform database upgrade, make '
                                      'sure You backed up your database before. '
                                      'Continue ? [y/n]')
                     if not upgrade:
                         sys.exit('Nothing done')
                     repository_path = jn(dn(dn(dn(os.path.realpath(__file__)))),
                                          'rhodecode/lib/dbmigrate')
                     db_uri = self.dburi
                     try:
                         curr_version = api.db_version(db_uri, repository_path)
                         msg = ('Found current database under version'
                              ' control with version %s' % curr_version)
                     except (RuntimeError, DatabaseNotControlledError):
                         curr_version = 1
                         msg = ('Current database is not under version control. Setting'
                                ' as version %s' % curr_version)
                         api.version_control(db_uri, repository_path, curr_version)
                     print (msg)
                     if curr_version == __dbversion__:
                         sys.exit('This database is already at the newest version')
                     #======================================================================
                     # UPGRADE STEPS
                     #======================================================================
                     class UpgradeSteps(object):
                         """
                         Those steps follow schema versions so for example schema
                         for example schema with seq 002 == step_2 and so on.
                         """
                         def __init__(self, klass):
                             self.klass = klass
                         def step_0(self):
                             # step 0 is the schema upgrade, and than follow proper upgrades
                             print ('attempting to do database upgrade to version %s' \
                                             % __dbversion__)
                             api.upgrade(db_uri, repository_path, __dbversion__)
                             print ('Schema upgrade completed')
                         def step_1(self):
                             pass
                         def step_2(self):
                             print ('Patching repo paths for newer version of RhodeCode')
                             self.klass.fix_repo_paths()
                             print ('Patching default user of RhodeCode')
                             self.klass.fix_default_user()
                             log.info('Changing ui settings')
                             self.klass.create_ui_settings()
                         def step_3(self):
                             print ('Adding additional settings into RhodeCode db')
                             self.klass.fix_settings()
                             print ('Adding ldap defaults')
                             self.klass.create_ldap_options(skip_existing=True)
+                        def step_4(self):
+                            print ('TODO:')
                     upgrade_steps = [0] + range(curr_version + 1, __dbversion__ + 1)
                     # CALL THE PROPER ORDER OF STEPS TO PERFORM FULL UPGRADE
                     for step in upgrade_steps:
                         print ('performing upgrade step %s' % step)
                         getattr(UpgradeSteps(self), 'step_%s' % step)()
                 def fix_repo_paths(self):
                     """
                     Fixes a old rhodecode version path into new one without a '*'
                     """
                     paths = self.sa.query(RhodeCodeUi)\
                             .filter(RhodeCodeUi.ui_key == '/')\
                             .scalar()
                     paths.ui_value = paths.ui_value.replace('*', '')
                     try:
                         self.sa.add(paths)
                         self.sa.commit()
                     except:
                         self.sa.rollback()
                         raise
                 def fix_default_user(self):
                     """
                     Fixes a old default user with some 'nicer' default values,
                     used mostly for anonymous access
                     """
                     def_user = self.sa.query(User)\
                             .filter(User.username == 'default')\
                             .one()
                     def_user.name = 'Anonymous'
                     def_user.lastname = 'User'
                     def_user.email = 'anonymous@rhodecode.org'
                     try:
                         self.sa.add(def_user)
                         self.sa.commit()
                     except:
                         self.sa.rollback()
                         raise
                 def fix_settings(self):
                     """
                     Fixes rhodecode settings adds ga_code key for google analytics
                     """
                     hgsettings3 = RhodeCodeSetting('ga_code', '')
                     try:
                         self.sa.add(hgsettings3)
                         self.sa.commit()
                     except:
                         self.sa.rollback()
                         raise
                 def admin_prompt(self, second=False):
                     if not self.tests:
                         import getpass
                         def get_password():
                             password = getpass.getpass('Specify admin password '
                                                        '(min 6 chars):')
                             confirm = getpass.getpass('Confirm password:')
                             if password != confirm:
                                 log.error('passwords mismatch')
                                 return False
                             if len(password) < 6:
                                 log.error('password is to short use at least 6 characters')
                                 return False
                             return password
                         username = raw_input('Specify admin username:')
                         password = get_password()
                         if not password:
                             #second try
                             password = get_password()
                             if not password:
                                 sys.exit()
                         email = raw_input('Specify admin email:')
                         self.create_user(username, password, email, True)
                     else:
                         log.info('creating admin and regular test users')
                         from rhodecode.tests import TEST_USER_ADMIN_LOGIN,\
                         TEST_USER_ADMIN_PASS, TEST_USER_ADMIN_EMAIL,\
                         TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS,\
                         TEST_USER_REGULAR_EMAIL, TEST_USER_REGULAR2_LOGIN, \
                         TEST_USER_REGULAR2_PASS, TEST_USER_REGULAR2_EMAIL
                         self.create_user(TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS,
                                          TEST_USER_ADMIN_EMAIL, True)
                         self.create_user(TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS,
                                          TEST_USER_REGULAR_EMAIL, False)
                         self.create_user(TEST_USER_REGULAR2_LOGIN, TEST_USER_REGULAR2_PASS,
                                          TEST_USER_REGULAR2_EMAIL, False)
                 def create_ui_settings(self):
                     """
                     Creates ui settings, fills out hooks
                     and disables dotencode
                     """
                     #HOOKS
                     hooks1_key = RhodeCodeUi.HOOK_UPDATE
                     hooks1_ = self.sa.query(RhodeCodeUi)\
                         .filter(RhodeCodeUi.ui_key == hooks1_key).scalar()
                     hooks1 = RhodeCodeUi() if hooks1_ is None else hooks1_
                     hooks1.ui_section = 'hooks'
                     hooks1.ui_key = hooks1_key
                     hooks1.ui_value = 'hg update >&2'
                     hooks1.ui_active = False
                     hooks2_key = RhodeCodeUi.HOOK_REPO_SIZE
                     hooks2_ = self.sa.query(RhodeCodeUi)\
                         .filter(RhodeCodeUi.ui_key == hooks2_key).scalar()
                     hooks2 = RhodeCodeUi() if hooks2_ is None else hooks2_
                     hooks2.ui_section = 'hooks'
                     hooks2.ui_key = hooks2_key
                     hooks2.ui_value = 'python:rhodecode.lib.hooks.repo_size'
                     hooks3 = RhodeCodeUi()
                     hooks3.ui_section = 'hooks'
                     hooks3.ui_key = RhodeCodeUi.HOOK_PUSH
                     hooks3.ui_value = 'python:rhodecode.lib.hooks.log_push_action'
                     hooks4 = RhodeCodeUi()
                     hooks4.ui_section = 'hooks'
                     hooks4.ui_key = RhodeCodeUi.HOOK_PULL
                     hooks4.ui_value = 'python:rhodecode.lib.hooks.log_pull_action'
                     # For mercurial 1.7 set backward comapatibility with format
                     dotencode_disable = RhodeCodeUi()
                     dotencode_disable.ui_section = 'format'
                     dotencode_disable.ui_key = 'dotencode'
                     dotencode_disable.ui_value = 'false'
                     # enable largefiles
                     largefiles = RhodeCodeUi()
                     largefiles.ui_section = 'extensions'
                     largefiles.ui_key = 'largefiles'
                     largefiles.ui_value = ''
                     self.sa.add(hooks1)
                     self.sa.add(hooks2)
                     self.sa.add(hooks3)
                     self.sa.add(hooks4)
                     self.sa.add(largefiles)
                 def create_ldap_options(self, skip_existing=False):
                     """Creates ldap settings"""
                     for k, v in [('ldap_active', 'false'), ('ldap_host', ''),
                                 ('ldap_port', '389'), ('ldap_tls_kind', 'PLAIN'),
                                 ('ldap_tls_reqcert', ''), ('ldap_dn_user', ''),
                                 ('ldap_dn_pass', ''), ('ldap_base_dn', ''),
                                 ('ldap_filter', ''), ('ldap_search_scope', ''),
                                 ('ldap_attr_login', ''), ('ldap_attr_firstname', ''),
                                 ('ldap_attr_lastname', ''), ('ldap_attr_email', '')]:
                         if skip_existing and RhodeCodeSetting.get_by_name(k) != None:
                             log.debug('Skipping option %s' % k)
                             continue
                         setting = RhodeCodeSetting(k, v)
                         self.sa.add(setting)
                 def config_prompt(self, test_repo_path='', retries=3):
                     if retries == 3:
                         log.info('Setting up repositories config')
                     if not self.tests and not test_repo_path:
                         path = raw_input('Specify valid full path to your repositories'
                                     ' you can change this later in application settings:')
                     else:
                         path = test_repo_path
                     path_ok = True
                     # check proper dir
                     if not os.path.isdir(path):
                         path_ok = False
                         log.error('Given path %s is not a valid directory', path)
                     # check write access
                     if not os.access(path, os.W_OK) and path_ok:
                         path_ok = False
                         log.error('No write permission to given path %s', path)
                     if retries == 0:
                         sys.exit('max retries reached')
                     if path_ok is False:
                         retries -= 1
                         return self.config_prompt(test_repo_path, retries)
                     return path
                 def create_settings(self, path):
                     self.create_ui_settings()
                     #HG UI OPTIONS
                     web1 = RhodeCodeUi()
                     web1.ui_section = 'web'
                     web1.ui_key = 'push_ssl'
                     web1.ui_value = 'false'
                     web2 = RhodeCodeUi()
                     web2.ui_section = 'web'
                     web2.ui_key = 'allow_archive'
                     web2.ui_value = 'gz zip bz2'
                     web3 = RhodeCodeUi()
                     web3.ui_section = 'web'
                     web3.ui_key = 'allow_push'
                     web3.ui_value = '*'
                     web4 = RhodeCodeUi()
                     web4.ui_section = 'web'
                     web4.ui_key = 'baseurl'
                     web4.ui_value = '/'
                     paths = RhodeCodeUi()
                     paths.ui_section = 'paths'
                     paths.ui_key = '/'
                     paths.ui_value = path
                     hgsettings1 = RhodeCodeSetting('realm', 'RhodeCode authentication')
                     hgsettings2 = RhodeCodeSetting('title', 'RhodeCode')
                     hgsettings3 = RhodeCodeSetting('ga_code', '')
                     self.sa.add(web1)
                     self.sa.add(web2)
                     self.sa.add(web3)
                     self.sa.add(web4)
                     self.sa.add(paths)
                     self.sa.add(hgsettings1)
                     self.sa.add(hgsettings2)
                     self.sa.add(hgsettings3)
                     self.create_ldap_options()
                     log.info('created ui config')
                 def create_user(self, username, password, email='', admin=False):
                     log.info('creating user %s', username)
                     UserModel().create_or_update(username, password, email,
                                                  name='RhodeCode', lastname='Admin',
                                                  active=True, admin=admin)
                 def create_default_user(self):
                     log.info('creating default user')
                     # create default user for handling default permissions.
                     UserModel().create_or_update(username='default',
                                           password=str(uuid.uuid1())[:8],
                                           email='anonymous@rhodecode.org',
                                           name='Anonymous', lastname='User')
                 def create_permissions(self):
                     # module.(access|create|change|delete)_[name]
                     # module.(read|write|owner)
                     perms = [('repository.none', 'Repository no access'),
                              ('repository.read', 'Repository read access'),
                              ('repository.write', 'Repository write access'),
                              ('repository.admin', 'Repository admin access'),
                              ('hg.admin', 'Hg Administrator'),
                              ('hg.create.repository', 'Repository create'),
                              ('hg.create.none', 'Repository creation disabled'),
                              ('hg.register.none', 'Register disabled'),
                              ('hg.register.manual_activate', 'Register new user with '
                                                              'RhodeCode without manual'
                                                              'activation'),
                              ('hg.register.auto_activate', 'Register new user with '
                                                            'RhodeCode without auto '
                                                            'activation'),
                             ]
                     for p in perms:
                         new_perm = Permission()
                         new_perm.permission_name = p[0]
                         new_perm.permission_longname = p[1]
                         self.sa.add(new_perm)
                 def populate_default_permissions(self):
                     log.info('creating default user permissions')
                     default_user = self.sa.query(User)\
                     .filter(User.username == 'default').scalar()
                     reg_perm = UserToPerm()
                     reg_perm.user = default_user
                     reg_perm.permission = self.sa.query(Permission)\
                     .filter(Permission.permission_name == 'hg.register.manual_activate')\
                     .scalar()
                     create_repo_perm = UserToPerm()
                     create_repo_perm.user = default_user
                     create_repo_perm.permission = self.sa.query(Permission)\
                     .filter(Permission.permission_name == 'hg.create.repository')\
                     .scalar()
                     default_repo_perm = UserToPerm()
                     default_repo_perm.user = default_user
                     default_repo_perm.permission = self.sa.query(Permission)\
                     .filter(Permission.permission_name == 'repository.read')\
                     .scalar()
                     self.sa.add(reg_perm)
                     self.sa.add(create_repo_perm)
                     self.sa.add(default_repo_perm)