upstream/kallithea Commit - r2726:aa17c7a1

Implemented basic locking functionality....

marcink -

r2726:aa17c7a1 beta

parent child

docs/usage/locking.rst

0 created 644 +41 0

@@ -0,0 +1,41 b''
	1	.. _locking:
	2
	3	===================================
	4	RhodeCode repository locking system
	5	===================================
	6
	7
	8	\| Repos with locking function=disabled is the default, that's how repos work
	9	today.
	10	\| Repos with locking function=enabled behaves like follows:
	11
	12	Repos have a state called `locked` that can be true or false.
	13	The hg/git commands `hg/git clone`, `hg/git pull`, and `hg/git push`
	14	influence this state:
	15
	16	- The command `hg/git pull <repo>` will lock that repo (locked=true)
	17	if the user has write/admin permissions on this repo
	18
	19	- The command `hg/git clone <repo>` will lock that repo (locked=true) if the
	20	user has write/admin permissions on this repo
	21
	22
	23	RhodeCode will remember the user id who locked the repo
	24	only this specific user can unlock the repo (locked=false) by calling
	25
	26	- `hg/git push <repo>`
	27
	28	every other command on that repo from this user and
	29	every command from any other user will result in http return code 423 (locked)
	30
	31
	32	additionally the http error includes the <user> that locked the repo
	33	(e.g. “repository <repo> locked by user <user>”)
	34
	35
	36	So the scenario of use for repos with `locking function` enabled is that
	37	every initial clone and every pull gives users (with write permission)
	38	the exclusive right to do a push.
	39
	40
	41	Each repo can be manually unlocked by admin from the repo settings menu. No newline at end of file

rhodecode/config/pre_receive_tmpl.py

0 created 644 +31 0

@@ -0,0 +1,31 b''
	1	#!/usr/bin/env python
	2	import os
	3	import sys
	4
	5	try:
	6	import rhodecode
	7	RC_HOOK_VER = '_TMPL_'
	8	os.environ['RC_HOOK_VER'] = RC_HOOK_VER
	9	from rhodecode.lib.hooks import handle_git_pre_receive
	10	except ImportError:
	11	rhodecode = None
	12
	13
	14	def main():
	15	if rhodecode is None:
	16	# exit with success if we cannot import rhodecode !!
	17	# this allows simply push to this repo even without
	18	# rhodecode
	19	sys.exit(0)
	20
	21	repo_path = os.path.abspath('.')
	22	push_data = sys.stdin.readlines()
	23	# os.environ is modified here by a subprocess call that
	24	# runs git and later git executes this hook.
	25	# Environ get's some additional info from rhodecode system
	26	# like IP or username from basic-auth
	27	handle_git_pre_receive(repo_path, push_data, os.environ)
	28	sys.exit(0)
	29
	30	if __name__ == '__main__':
	31	main()

docs/index.rst

0 +1 0

             .. _index:
             .. include:: ./../README.rst
             Users Guide
             -----------
             **Installation:**
             .. toctree::
                :maxdepth: 1
                installation
                setup
                upgrade
             **Usage**
             .. toctree::
                :maxdepth: 1
                usage/general
                usage/git_support
                usage/performance
+               usage/locking
                usage/statistics
                usage/backup
                usage/debugging
                usage/troubleshooting
             **Develop**
             .. toctree::
                :maxdepth: 1
                contributing
                changelog
             **API**
             .. toctree::
                :maxdepth: 1
                api/api
                api/models
             Other topics
             ------------
             * :ref:`genindex`
             * :ref:`search`
             .. _virtualenv: http://pypi.python.org/pypi/virtualenv
             .. _python: http://www.python.org/
             .. _django: http://www.djangoproject.com/
             .. _mercurial: http://mercurial.selenic.com/
             .. _bitbucket: http://bitbucket.org/
             .. _subversion: http://subversion.tigris.org/
             .. _git: http://git-scm.com/
             .. _celery: http://celeryproject.org/
             .. _Sphinx: http://sphinx.pocoo.org/
             .. _vcs: http://pypi.python.org/pypi/vcs

rhodecode/config/routing.py

0 +3 -1

             """
             Routes configuration
             The more specific and detailed routes should be defined first so they
             may take precedent over the more generic routes. For more information
             refer to the routes manual at http://routes.groovie.org/docs/
             """
             from __future__ import with_statement
             from routes import Mapper
             # prefix for non repository related links needs to be prefixed with `/`
             ADMIN_PREFIX = '/_admin'
             def make_map(config):
                 """Create, configure and return the routes Mapper"""
                 rmap = Mapper(directory=config['pylons.paths']['controllers'],
                              always_scan=config['debug'])
                 rmap.minimization = False
                 rmap.explicit = False
                 from rhodecode.lib.utils import is_valid_repo
                 from rhodecode.lib.utils import is_valid_repos_group
                 def check_repo(environ, match_dict):
                     """
                     check for valid repository for proper 404 handling
                     :param environ:
                     :param match_dict:
                     """
                     from rhodecode.model.db import Repository
                     repo_name = match_dict.get('repo_name')
                     try:
                         by_id = repo_name.split('_')
                         if len(by_id) == 2 and by_id[1].isdigit():
                             repo_name = Repository.get(by_id[1]).repo_name
                             match_dict['repo_name'] = repo_name
                     except:
                         pass
                     return is_valid_repo(repo_name, config['base_path'])
                 def check_group(environ, match_dict):
                     """
                     check for valid repositories group for proper 404 handling
                     :param environ:
                     :param match_dict:
                     """
                     repos_group_name = match_dict.get('group_name')
                     return is_valid_repos_group(repos_group_name, config['base_path'])
                 def check_int(environ, match_dict):
                     return match_dict.get('id').isdigit()
                 # The ErrorController route (handles 404/500 error pages); it should
                 # likely stay at the top, ensuring it can always be resolved
                 rmap.connect('/error/{action}', controller='error')
                 rmap.connect('/error/{action}/{id}', controller='error')
                 #==========================================================================
                 # CUSTOM ROUTES HERE
                 #==========================================================================
                 #MAIN PAGE
                 rmap.connect('home', '/', controller='home', action='index')
                 rmap.connect('repo_switcher', '/repos', controller='home',
                              action='repo_switcher')
                 rmap.connect('branch_tag_switcher', '/branches-tags/{repo_name:.*?}',
                              controller='home', action='branch_tag_switcher')
                 rmap.connect('bugtracker',
                              "http://bitbucket.org/marcinkuzminski/rhodecode/issues",
                              _static=True)
                 rmap.connect('rst_help',
                              "http://docutils.sourceforge.net/docs/user/rst/quickref.html",
                              _static=True)
                 rmap.connect('rhodecode_official', "http://rhodecode.org", _static=True)
                 #ADMIN REPOSITORY REST ROUTES
                 with rmap.submapper(path_prefix=ADMIN_PREFIX,
                                     controller='admin/repos') as m:
                     m.connect("repos", "/repos",
                          action="create", conditions=dict(method=["POST"]))
                     m.connect("repos", "/repos",
                          action="index", conditions=dict(method=["GET"]))
                     m.connect("formatted_repos", "/repos.{format}",
                          action="index",
                         conditions=dict(method=["GET"]))
                     m.connect("new_repo", "/repos/new",
                          action="new", conditions=dict(method=["GET"]))
                     m.connect("formatted_new_repo", "/repos/new.{format}",
                          action="new", conditions=dict(method=["GET"]))
                     m.connect("/repos/{repo_name:.*?}",
                          action="update", conditions=dict(method=["PUT"],
                                                           function=check_repo))
                     m.connect("/repos/{repo_name:.*?}",
                          action="delete", conditions=dict(method=["DELETE"],
                                                           function=check_repo))
                     m.connect("edit_repo", "/repos/{repo_name:.*?}/edit",
                          action="edit", conditions=dict(method=["GET"],
                                                         function=check_repo))
                     m.connect("formatted_edit_repo", "/repos/{repo_name:.*?}.{format}/edit",
                          action="edit", conditions=dict(method=["GET"],
                                                         function=check_repo))
                     m.connect("repo", "/repos/{repo_name:.*?}",
                          action="show", conditions=dict(method=["GET"],
                                                         function=check_repo))
                     m.connect("formatted_repo", "/repos/{repo_name:.*?}.{format}",
                          action="show", conditions=dict(method=["GET"],
                                                         function=check_repo))
                     #ajax delete repo perm user
                     m.connect('delete_repo_user', "/repos_delete_user/{repo_name:.*?}",
                          action="delete_perm_user",
                          conditions=dict(method=["DELETE"], function=check_repo))
                     #ajax delete repo perm users_group
                     m.connect('delete_repo_users_group',
                               "/repos_delete_users_group/{repo_name:.*?}",
                               action="delete_perm_users_group",
                               conditions=dict(method=["DELETE"], function=check_repo))
                     #settings actions
                     m.connect('repo_stats', "/repos_stats/{repo_name:.*?}",
                               action="repo_stats", conditions=dict(method=["DELETE"],
                                                                    function=check_repo))
                     m.connect('repo_cache', "/repos_cache/{repo_name:.*?}",
                               action="repo_cache", conditions=dict(method=["DELETE"],
                                                                    function=check_repo))
                     m.connect('repo_public_journal', "/repos_public_journal/{repo_name:.*?}",
                               action="repo_public_journal", conditions=dict(method=["PUT"],
                                                                     function=check_repo))
                     m.connect('repo_pull', "/repo_pull/{repo_name:.*?}",
                               action="repo_pull", conditions=dict(method=["PUT"],
                                                                   function=check_repo))
                     m.connect('repo_as_fork', "/repo_as_fork/{repo_name:.*?}",
                               action="repo_as_fork", conditions=dict(method=["PUT"],
                                                                   function=check_repo))
+                    m.connect('repo_locking', "/repo_locking/{repo_name:.*?}",
+                              action="repo_locking", conditions=dict(method=["PUT"],
+                                                                  function=check_repo))
                 with rmap.submapper(path_prefix=ADMIN_PREFIX,
                                     controller='admin/repos_groups') as m:
                     m.connect("repos_groups", "/repos_groups",
                               action="create", conditions=dict(method=["POST"]))
                     m.connect("repos_groups", "/repos_groups",
                               action="index", conditions=dict(method=["GET"]))
                     m.connect("formatted_repos_groups", "/repos_groups.{format}",
                               action="index", conditions=dict(method=["GET"]))
                     m.connect("new_repos_group", "/repos_groups/new",
                               action="new", conditions=dict(method=["GET"]))
                     m.connect("formatted_new_repos_group", "/repos_groups/new.{format}",
                               action="new", conditions=dict(method=["GET"]))
                     m.connect("update_repos_group", "/repos_groups/{id}",
                               action="update", conditions=dict(method=["PUT"],
                                                                function=check_int))
                     m.connect("delete_repos_group", "/repos_groups/{id}",
                               action="delete", conditions=dict(method=["DELETE"],
                                                                function=check_int))
                     m.connect("edit_repos_group", "/repos_groups/{id}/edit",
                               action="edit", conditions=dict(method=["GET"],))
                     m.connect("formatted_edit_repos_group",
                               "/repos_groups/{id}.{format}/edit",
                               action="edit", conditions=dict(method=["GET"],
                                                              function=check_int))
                     m.connect("repos_group", "/repos_groups/{id}",
                               action="show", conditions=dict(method=["GET"],
                                                              function=check_int))
                     m.connect("formatted_repos_group", "/repos_groups/{id}.{format}",
                               action="show", conditions=dict(method=["GET"],
                                                              function=check_int))
                     # ajax delete repos group perm user
                     m.connect('delete_repos_group_user_perm',
                               "/delete_repos_group_user_perm/{group_name:.*}",
                          action="delete_repos_group_user_perm",
                          conditions=dict(method=["DELETE"], function=check_group))
                     # ajax delete repos group perm users_group
                     m.connect('delete_repos_group_users_group_perm',
                               "/delete_repos_group_users_group_perm/{group_name:.*}",
                               action="delete_repos_group_users_group_perm",
                               conditions=dict(method=["DELETE"], function=check_group))
                 #ADMIN USER REST ROUTES
                 with rmap.submapper(path_prefix=ADMIN_PREFIX,
                                     controller='admin/users') as m:
                     m.connect("users", "/users",
                               action="create", conditions=dict(method=["POST"]))
                     m.connect("users", "/users",
                               action="index", conditions=dict(method=["GET"]))
                     m.connect("formatted_users", "/users.{format}",
                               action="index", conditions=dict(method=["GET"]))
                     m.connect("new_user", "/users/new",
                               action="new", conditions=dict(method=["GET"]))
                     m.connect("formatted_new_user", "/users/new.{format}",
                               action="new", conditions=dict(method=["GET"]))
                     m.connect("update_user", "/users/{id}",
                               action="update", conditions=dict(method=["PUT"]))
                     m.connect("delete_user", "/users/{id}",
                               action="delete", conditions=dict(method=["DELETE"]))
                     m.connect("edit_user", "/users/{id}/edit",
                               action="edit", conditions=dict(method=["GET"]))
                     m.connect("formatted_edit_user",
                               "/users/{id}.{format}/edit",
                               action="edit", conditions=dict(method=["GET"]))
                     m.connect("user", "/users/{id}",
                               action="show", conditions=dict(method=["GET"]))
                     m.connect("formatted_user", "/users/{id}.{format}",
                               action="show", conditions=dict(method=["GET"]))
                     #EXTRAS USER ROUTES
                     m.connect("user_perm", "/users_perm/{id}",
                               action="update_perm", conditions=dict(method=["PUT"]))
                     m.connect("user_emails", "/users_emails/{id}",
                               action="add_email", conditions=dict(method=["PUT"]))
                     m.connect("user_emails_delete", "/users_emails/{id}",
                               action="delete_email", conditions=dict(method=["DELETE"]))
                 #ADMIN USERS GROUPS REST ROUTES
                 with rmap.submapper(path_prefix=ADMIN_PREFIX,
                                     controller='admin/users_groups') as m:
                     m.connect("users_groups", "/users_groups",
                               action="create", conditions=dict(method=["POST"]))
                     m.connect("users_groups", "/users_groups",
                               action="index", conditions=dict(method=["GET"]))
                     m.connect("formatted_users_groups", "/users_groups.{format}",
                               action="index", conditions=dict(method=["GET"]))
                     m.connect("new_users_group", "/users_groups/new",
                               action="new", conditions=dict(method=["GET"]))
                     m.connect("formatted_new_users_group", "/users_groups/new.{format}",
                               action="new", conditions=dict(method=["GET"]))
                     m.connect("update_users_group", "/users_groups/{id}",
                               action="update", conditions=dict(method=["PUT"]))
                     m.connect("delete_users_group", "/users_groups/{id}",
                               action="delete", conditions=dict(method=["DELETE"]))
                     m.connect("edit_users_group", "/users_groups/{id}/edit",
                               action="edit", conditions=dict(method=["GET"]))
                     m.connect("formatted_edit_users_group",
                               "/users_groups/{id}.{format}/edit",
                               action="edit", conditions=dict(method=["GET"]))
                     m.connect("users_group", "/users_groups/{id}",
                               action="show", conditions=dict(method=["GET"]))
                     m.connect("formatted_users_group", "/users_groups/{id}.{format}",
                               action="show", conditions=dict(method=["GET"]))
                     #EXTRAS USER ROUTES
                     m.connect("users_group_perm", "/users_groups_perm/{id}",
                               action="update_perm", conditions=dict(method=["PUT"]))
                 #ADMIN GROUP REST ROUTES
                 rmap.resource('group', 'groups',
                               controller='admin/groups', path_prefix=ADMIN_PREFIX)
                 #ADMIN PERMISSIONS REST ROUTES
                 rmap.resource('permission', 'permissions',
                               controller='admin/permissions', path_prefix=ADMIN_PREFIX)
                 ##ADMIN LDAP SETTINGS
                 rmap.connect('ldap_settings', '%s/ldap' % ADMIN_PREFIX,
                              controller='admin/ldap_settings', action='ldap_settings',
                              conditions=dict(method=["POST"]))
                 rmap.connect('ldap_home', '%s/ldap' % ADMIN_PREFIX,
                              controller='admin/ldap_settings')
                 #ADMIN SETTINGS REST ROUTES
                 with rmap.submapper(path_prefix=ADMIN_PREFIX,
                                     controller='admin/settings') as m:
                     m.connect("admin_settings", "/settings",
                               action="create", conditions=dict(method=["POST"]))
                     m.connect("admin_settings", "/settings",
                               action="index", conditions=dict(method=["GET"]))
                     m.connect("formatted_admin_settings", "/settings.{format}",
                               action="index", conditions=dict(method=["GET"]))
                     m.connect("admin_new_setting", "/settings/new",
                               action="new", conditions=dict(method=["GET"]))
                     m.connect("formatted_admin_new_setting", "/settings/new.{format}",
                               action="new", conditions=dict(method=["GET"]))
                     m.connect("/settings/{setting_id}",
                               action="update", conditions=dict(method=["PUT"]))
                     m.connect("/settings/{setting_id}",
                               action="delete", conditions=dict(method=["DELETE"]))
                     m.connect("admin_edit_setting", "/settings/{setting_id}/edit",
                               action="edit", conditions=dict(method=["GET"]))
                     m.connect("formatted_admin_edit_setting",
                               "/settings/{setting_id}.{format}/edit",
                               action="edit", conditions=dict(method=["GET"]))
                     m.connect("admin_setting", "/settings/{setting_id}",
                               action="show", conditions=dict(method=["GET"]))
                     m.connect("formatted_admin_setting", "/settings/{setting_id}.{format}",
                               action="show", conditions=dict(method=["GET"]))
                     m.connect("admin_settings_my_account", "/my_account",
                               action="my_account", conditions=dict(method=["GET"]))
                     m.connect("admin_settings_my_account_update", "/my_account_update",
                               action="my_account_update", conditions=dict(method=["PUT"]))
                     m.connect("admin_settings_create_repository", "/create_repository",
                               action="create_repository", conditions=dict(method=["GET"]))
                     m.connect("admin_settings_my_repos", "/my_account/repos",
                               action="my_account_my_repos", conditions=dict(method=["GET"]))
                     m.connect("admin_settings_my_pullrequests", "/my_account/pull_requests",
                               action="my_account_my_pullrequests", conditions=dict(method=["GET"]))
                 #NOTIFICATION REST ROUTES
                 with rmap.submapper(path_prefix=ADMIN_PREFIX,
                                     controller='admin/notifications') as m:
                     m.connect("notifications", "/notifications",
                               action="create", conditions=dict(method=["POST"]))
                     m.connect("notifications", "/notifications",
                               action="index", conditions=dict(method=["GET"]))
                     m.connect("notifications_mark_all_read", "/notifications/mark_all_read",
                               action="mark_all_read", conditions=dict(method=["GET"]))
                     m.connect("formatted_notifications", "/notifications.{format}",
                               action="index", conditions=dict(method=["GET"]))
                     m.connect("new_notification", "/notifications/new",
                               action="new", conditions=dict(method=["GET"]))
                     m.connect("formatted_new_notification", "/notifications/new.{format}",
                               action="new", conditions=dict(method=["GET"]))
                     m.connect("/notification/{notification_id}",
                               action="update", conditions=dict(method=["PUT"]))
                     m.connect("/notification/{notification_id}",
                               action="delete", conditions=dict(method=["DELETE"]))
                     m.connect("edit_notification", "/notification/{notification_id}/edit",
                               action="edit", conditions=dict(method=["GET"]))
                     m.connect("formatted_edit_notification",
                               "/notification/{notification_id}.{format}/edit",
                               action="edit", conditions=dict(method=["GET"]))
                     m.connect("notification", "/notification/{notification_id}",
                               action="show", conditions=dict(method=["GET"]))
                     m.connect("formatted_notification", "/notifications/{notification_id}.{format}",
                               action="show", conditions=dict(method=["GET"]))
                 #ADMIN MAIN PAGES
                 with rmap.submapper(path_prefix=ADMIN_PREFIX,
                                     controller='admin/admin') as m:
                     m.connect('admin_home', '', action='index')
                     m.connect('admin_add_repo', '/add_repo/{new_repo:[a-z0-9\. _-]*}',
                               action='add_repo')
                 #==========================================================================
                 # API V2
                 #==========================================================================
                 with rmap.submapper(path_prefix=ADMIN_PREFIX,
                                     controller='api/api') as m:
                     m.connect('api', '/api')
                 #USER JOURNAL
                 rmap.connect('journal', '%s/journal' % ADMIN_PREFIX,
                              controller='journal', action='index')
                 rmap.connect('journal_rss', '%s/journal/rss' % ADMIN_PREFIX,
                              controller='journal', action='journal_rss')
                 rmap.connect('journal_atom', '%s/journal/atom' % ADMIN_PREFIX,
                              controller='journal', action='journal_atom')
                 rmap.connect('public_journal', '%s/public_journal' % ADMIN_PREFIX,
                              controller='journal', action="public_journal")
                 rmap.connect('public_journal_rss', '%s/public_journal/rss' % ADMIN_PREFIX,
                              controller='journal', action="public_journal_rss")
                 rmap.connect('public_journal_rss_old', '%s/public_journal_rss' % ADMIN_PREFIX,
                              controller='journal', action="public_journal_rss")
                 rmap.connect('public_journal_atom',
                              '%s/public_journal/atom' % ADMIN_PREFIX, controller='journal',
                              action="public_journal_atom")
                 rmap.connect('public_journal_atom_old',
                              '%s/public_journal_atom' % ADMIN_PREFIX, controller='journal',
                              action="public_journal_atom")
                 rmap.connect('toggle_following', '%s/toggle_following' % ADMIN_PREFIX,
                              controller='journal', action='toggle_following',
                              conditions=dict(method=["POST"]))
                 #SEARCH
                 rmap.connect('search', '%s/search' % ADMIN_PREFIX, controller='search',)
                 rmap.connect('search_repo', '%s/search/{search_repo:.*}' % ADMIN_PREFIX,
                               controller='search')
                 #LOGIN/LOGOUT/REGISTER/SIGN IN
                 rmap.connect('login_home', '%s/login' % ADMIN_PREFIX, controller='login')
                 rmap.connect('logout_home', '%s/logout' % ADMIN_PREFIX, controller='login',
                              action='logout')
                 rmap.connect('register', '%s/register' % ADMIN_PREFIX, controller='login',
                              action='register')
                 rmap.connect('reset_password', '%s/password_reset' % ADMIN_PREFIX,
                              controller='login', action='password_reset')
                 rmap.connect('reset_password_confirmation',
                              '%s/password_reset_confirmation' % ADMIN_PREFIX,
                              controller='login', action='password_reset_confirmation')
                 #FEEDS
                 rmap.connect('rss_feed_home', '/{repo_name:.*?}/feed/rss',
                             controller='feed', action='rss',
                             conditions=dict(function=check_repo))
                 rmap.connect('atom_feed_home', '/{repo_name:.*?}/feed/atom',
                             controller='feed', action='atom',
                             conditions=dict(function=check_repo))
                 #==========================================================================
                 # REPOSITORY ROUTES
                 #==========================================================================
                 rmap.connect('summary_home', '/{repo_name:.*?}',
                             controller='summary',
                             conditions=dict(function=check_repo))
                 rmap.connect('repos_group_home', '/{group_name:.*}',
                             controller='admin/repos_groups', action="show_by_name",
                             conditions=dict(function=check_group))
                 rmap.connect('changeset_home', '/{repo_name:.*?}/changeset/{revision}',
                             controller='changeset', revision='tip',
                             conditions=dict(function=check_repo))
                 rmap.connect('changeset_comment',
                              '/{repo_name:.*?}/changeset/{revision}/comment',
                             controller='changeset', revision='tip', action='comment',
                             conditions=dict(function=check_repo))
                 rmap.connect('changeset_comment_delete',
                              '/{repo_name:.*?}/changeset/comment/{comment_id}/delete',
                             controller='changeset', action='delete_comment',
                             conditions=dict(function=check_repo, method=["DELETE"]))
                 rmap.connect('raw_changeset_home',
                              '/{repo_name:.*?}/raw-changeset/{revision}',
                              controller='changeset', action='raw_changeset',
                              revision='tip', conditions=dict(function=check_repo))
                 rmap.connect('compare_url',
                              '/{repo_name:.*?}/compare/{org_ref_type}@{org_ref}...{other_ref_type}@{other_ref}',
                              controller='compare', action='index',
                              conditions=dict(function=check_repo),
                              requirements=dict(
                                         org_ref_type='(branch|book|tag|rev|org_ref_type)',
                                         other_ref_type='(branch|book|tag|rev|other_ref_type)')
                              )
                 rmap.connect('pullrequest_home',
                              '/{repo_name:.*?}/pull-request/new', controller='pullrequests',
                              action='index', conditions=dict(function=check_repo,
                                                              method=["GET"]))
                 rmap.connect('pullrequest',
                              '/{repo_name:.*?}/pull-request/new', controller='pullrequests',
                              action='create', conditions=dict(function=check_repo,
                                                               method=["POST"]))
                 rmap.connect('pullrequest_show',
                              '/{repo_name:.*?}/pull-request/{pull_request_id}',
                              controller='pullrequests',
                              action='show', conditions=dict(function=check_repo,
                                                             method=["GET"]))
                 rmap.connect('pullrequest_update',
                              '/{repo_name:.*?}/pull-request/{pull_request_id}',
                              controller='pullrequests',
                              action='update', conditions=dict(function=check_repo,
                                                             method=["PUT"]))
                 rmap.connect('pullrequest_show_all',
                              '/{repo_name:.*?}/pull-request',
                              controller='pullrequests',
                              action='show_all', conditions=dict(function=check_repo,
                                                             method=["GET"]))
                 rmap.connect('pullrequest_comment',
                              '/{repo_name:.*?}/pull-request-comment/{pull_request_id}',
                              controller='pullrequests',
                              action='comment', conditions=dict(function=check_repo,
                                                             method=["POST"]))
                 rmap.connect('pullrequest_comment_delete',
                              '/{repo_name:.*?}/pull-request-comment/{comment_id}/delete',
                             controller='pullrequests', action='delete_comment',
                             conditions=dict(function=check_repo, method=["DELETE"]))
                 rmap.connect('summary_home', '/{repo_name:.*?}/summary',
                             controller='summary', conditions=dict(function=check_repo))
                 rmap.connect('shortlog_home', '/{repo_name:.*?}/shortlog',
                             controller='shortlog', conditions=dict(function=check_repo))
                 rmap.connect('branches_home', '/{repo_name:.*?}/branches',
                             controller='branches', conditions=dict(function=check_repo))
                 rmap.connect('tags_home', '/{repo_name:.*?}/tags',
                             controller='tags', conditions=dict(function=check_repo))
                 rmap.connect('bookmarks_home', '/{repo_name:.*?}/bookmarks',
                             controller='bookmarks', conditions=dict(function=check_repo))
                 rmap.connect('changelog_home', '/{repo_name:.*?}/changelog',
                             controller='changelog', conditions=dict(function=check_repo))
                 rmap.connect('changelog_details', '/{repo_name:.*?}/changelog_details/{cs}',
                             controller='changelog', action='changelog_details',
                             conditions=dict(function=check_repo))
                 rmap.connect('files_home', '/{repo_name:.*?}/files/{revision}/{f_path:.*}',
                             controller='files', revision='tip', f_path='',
                             conditions=dict(function=check_repo))
                 rmap.connect('files_diff_home', '/{repo_name:.*?}/diff/{f_path:.*}',
                             controller='files', action='diff', revision='tip', f_path='',
                             conditions=dict(function=check_repo))
                 rmap.connect('files_rawfile_home',
                              '/{repo_name:.*?}/rawfile/{revision}/{f_path:.*}',
                              controller='files', action='rawfile', revision='tip',
                              f_path='', conditions=dict(function=check_repo))
                 rmap.connect('files_raw_home',
                              '/{repo_name:.*?}/raw/{revision}/{f_path:.*}',
                              controller='files', action='raw', revision='tip', f_path='',
                              conditions=dict(function=check_repo))
                 rmap.connect('files_annotate_home',
                              '/{repo_name:.*?}/annotate/{revision}/{f_path:.*}',
                              controller='files', action='index', revision='tip',
                              f_path='', annotate=True, conditions=dict(function=check_repo))
                 rmap.connect('files_edit_home',
                              '/{repo_name:.*?}/edit/{revision}/{f_path:.*}',
                              controller='files', action='edit', revision='tip',
                              f_path='', conditions=dict(function=check_repo))
                 rmap.connect('files_add_home',
                              '/{repo_name:.*?}/add/{revision}/{f_path:.*}',
                              controller='files', action='add', revision='tip',
                              f_path='', conditions=dict(function=check_repo))
                 rmap.connect('files_archive_home', '/{repo_name:.*?}/archive/{fname}',
                             controller='files', action='archivefile',
                             conditions=dict(function=check_repo))
                 rmap.connect('files_nodelist_home',
                              '/{repo_name:.*?}/nodelist/{revision}/{f_path:.*}',
                             controller='files', action='nodelist',
                             conditions=dict(function=check_repo))
                 rmap.connect('repo_settings_delete', '/{repo_name:.*?}/settings',
                             controller='settings', action="delete",
                             conditions=dict(method=["DELETE"], function=check_repo))
                 rmap.connect('repo_settings_update', '/{repo_name:.*?}/settings',
                             controller='settings', action="update",
                             conditions=dict(method=["PUT"], function=check_repo))
                 rmap.connect('repo_settings_home', '/{repo_name:.*?}/settings',
                             controller='settings', action='index',
                             conditions=dict(function=check_repo))
                 rmap.connect('repo_fork_create_home', '/{repo_name:.*?}/fork',
                             controller='forks', action='fork_create',
                             conditions=dict(function=check_repo, method=["POST"]))
                 rmap.connect('repo_fork_home', '/{repo_name:.*?}/fork',
                             controller='forks', action='fork',
                             conditions=dict(function=check_repo))
                 rmap.connect('repo_forks_home', '/{repo_name:.*?}/forks',
                              controller='forks', action='forks',
                              conditions=dict(function=check_repo))
                 rmap.connect('repo_followers_home', '/{repo_name:.*?}/followers',
                              controller='followers', action='followers',
                              conditions=dict(function=check_repo))
                 return rmap

rhodecode/controllers/admin/repos.py

0 +22 0

             # -*- coding: utf-8 -*-
             """
                 rhodecode.controllers.admin.repos
                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                 Repositories controller for RhodeCode
                 :created_on: Apr 7, 2010
                 :author: marcink
                 :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
                 :license: GPLv3, see COPYING for more details.
             """
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU General Public License as published by
             # the Free Software Foundation, either version 3 of the License, or
             # (at your option) any later version.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             import logging
             import traceback
             import formencode
             from formencode import htmlfill
             from webob.exc import HTTPInternalServerError
             from pylons import request, session, tmpl_context as c, url
             from pylons.controllers.util import redirect
             from pylons.i18n.translation import _
             from sqlalchemy.exc import IntegrityError
             import rhodecode
             from rhodecode.lib import helpers as h
             from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator, \
                 HasPermissionAnyDecorator, HasRepoPermissionAllDecorator
             from rhodecode.lib.base import BaseController, render
             from rhodecode.lib.utils import invalidate_cache, action_logger, repo_name_slug
             from rhodecode.lib.helpers import get_token
             from rhodecode.model.meta import Session
             from rhodecode.model.db import User, Repository, UserFollowing, RepoGroup
             from rhodecode.model.forms import RepoForm
             from rhodecode.model.scm import ScmModel
             from rhodecode.model.repo import RepoModel
             from rhodecode.lib.compat import json
             log = logging.getLogger(__name__)
             class ReposController(BaseController):
                 """
                 REST Controller styled on the Atom Publishing Protocol"""
                 # To properly map this controller, ensure your config/routing.py
                 # file has a resource setup:
                 #     map.resource('repo', 'repos')
                 @LoginRequired()
                 @HasPermissionAnyDecorator('hg.admin', 'hg.create.repository')
                 def __before__(self):
                     c.admin_user = session.get('admin_user')
                     c.admin_username = session.get('admin_username')
                     super(ReposController, self).__before__()
                 def __load_defaults(self):
                     c.repo_groups = RepoGroup.groups_choices()
                     c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups)
                     repo_model = RepoModel()
                     c.users_array = repo_model.get_users_js()
                     c.users_groups_array = repo_model.get_users_groups_js()
                     choices, c.landing_revs = ScmModel().get_repo_landing_revs()
                     c.landing_revs_choices = choices
                 def __load_data(self, repo_name=None):
                     """
                     Load defaults settings for edit, and update
                     :param repo_name:
                     """
                     self.__load_defaults()
                     c.repo_info = db_repo = Repository.get_by_repo_name(repo_name)
                     repo = db_repo.scm_instance
                     if c.repo_info is None:
                         h.flash(_('%s repository is not mapped to db perhaps'
                                   ' it was created or renamed from the filesystem'
                                   ' please run the application again'
                                   ' in order to rescan repositories') % repo_name,
                                   category='error')
                         return redirect(url('repos'))
                     choices, c.landing_revs = ScmModel().get_repo_landing_revs(c.repo_info)
                     c.landing_revs_choices = choices
                     c.default_user_id = User.get_by_username('default').user_id
                     c.in_public_journal = UserFollowing.query()\
                         .filter(UserFollowing.user_id == c.default_user_id)\
                         .filter(UserFollowing.follows_repository == c.repo_info).scalar()
                     if c.repo_info.stats:
                         # this is on what revision we ended up so we add +1 for count
                         last_rev = c.repo_info.stats.stat_on_revision + 1
                     else:
                         last_rev = 0
                     c.stats_revision = last_rev
                     c.repo_last_rev = repo.count() if repo.revisions else 0
                     if last_rev == 0 or c.repo_last_rev == 0:
                         c.stats_percentage = 0
                     else:
                         c.stats_percentage = '%.2f' % ((float((last_rev)) /
                                                         c.repo_last_rev) * 100)
                     defaults = RepoModel()._get_defaults(repo_name)
                     c.repos_list = [('', _('--REMOVE FORK--'))]
                     c.repos_list += [(x.repo_id, x.repo_name) for x in
                                 Repository.query().order_by(Repository.repo_name).all()
                                 if x.repo_id != c.repo_info.repo_id]
                     defaults['id_fork_of'] = db_repo.fork.repo_id if db_repo.fork else ''
                     return defaults
                 @HasPermissionAllDecorator('hg.admin')
                 def index(self, format='html'):
                     """GET /repos: All items in the collection"""
                     # url('repos')
                     c.repos_list = Repository.query()\
                                     .order_by(Repository.repo_name)\
                                     .all()
                     repos_data = []
                     total_records = len(c.repos_list)
                     _tmpl_lookup = rhodecode.CONFIG['pylons.app_globals'].mako_lookup
                     template = _tmpl_lookup.get_template('data_table/_dt_elements.html')
                     quick_menu = lambda repo_name: (template.get_def("quick_menu")
                                                     .render(repo_name, _=_, h=h, c=c))
                     repo_lnk = lambda name, rtype, private, fork_of: (
                         template.get_def("repo_name")
                         .render(name, rtype, private, fork_of, short_name=False,
                                 admin=True, _=_, h=h, c=c))
                     repo_actions = lambda repo_name: (template.get_def("repo_actions")
                                                    .render(repo_name, _=_, h=h, c=c))
                     for repo in c.repos_list:
                         repos_data.append({
                             "menu": quick_menu(repo.repo_name),
                             "raw_name": repo.repo_name,
                             "name": repo_lnk(repo.repo_name, repo.repo_type,
                                              repo.private, repo.fork),
                             "desc": repo.description,
                             "owner": repo.user.username,
                             "action": repo_actions(repo.repo_name),
                         })
                     c.data = json.dumps({
                         "totalRecords": total_records,
                         "startIndex": 0,
                         "sort": "name",
                         "dir": "asc",
                         "records": repos_data
                     })
                     return render('admin/repos/repos.html')
                 @HasPermissionAnyDecorator('hg.admin', 'hg.create.repository')
                 def create(self):
                     """
                     POST /repos: Create a new item"""
                     # url('repos')
                     self.__load_defaults()
                     form_result = {}
                     try:
                         form_result = RepoForm(repo_groups=c.repo_groups_choices,
                                                landing_revs=c.landing_revs_choices)()\
                                         .to_python(dict(request.POST))
                         new_repo = RepoModel().create(form_result,
                                                       self.rhodecode_user.user_id)
                         if form_result['clone_uri']:
                             h.flash(_('created repository %s from %s') \
                                 % (form_result['repo_name'], form_result['clone_uri']),
                                 category='success')
                         else:
                             h.flash(_('created repository %s') % form_result['repo_name'],
                                 category='success')
                         if request.POST.get('user_created'):
                             # created by regular non admin user
                             action_logger(self.rhodecode_user, 'user_created_repo',
                                           form_result['repo_name_full'], self.ip_addr,
                                           self.sa)
                         else:
                             action_logger(self.rhodecode_user, 'admin_created_repo',
                                           form_result['repo_name_full'], self.ip_addr,
                                           self.sa)
                         Session().commit()
                     except formencode.Invalid, errors:
                         c.new_repo = errors.value['repo_name']
                         if request.POST.get('user_created'):
                             r = render('admin/repos/repo_add_create_repository.html')
                         else:
                             r = render('admin/repos/repo_add.html')
                         return htmlfill.render(
                             r,
                             defaults=errors.value,
                             errors=errors.error_dict or {},
                             prefix_error=False,
                             encoding="UTF-8")
                     except Exception:
                         log.error(traceback.format_exc())
                         msg = _('error occurred during creation of repository %s') \
                                 % form_result.get('repo_name')
                         h.flash(msg, category='error')
                         return redirect(url('repos'))
                     #redirect to our new repo !
                     return redirect(url('summary_home', repo_name=new_repo.repo_name))
                 @HasPermissionAllDecorator('hg.admin')
                 def new(self, format='html'):
                     """GET /repos/new: Form to create a new item"""
                     new_repo = request.GET.get('repo', '')
                     c.new_repo = repo_name_slug(new_repo)
                     self.__load_defaults()
                     return render('admin/repos/repo_add.html')
                 @HasPermissionAllDecorator('hg.admin')
                 def update(self, repo_name):
                     """
                     PUT /repos/repo_name: Update an existing item"""
                     # Forms posted to this method should contain a hidden field:
                     #    <input type="hidden" name="_method" value="PUT" />
                     # Or using helpers:
                     #    h.form(url('repo', repo_name=ID),
                     #           method='put')
                     # url('repo', repo_name=ID)
                     self.__load_defaults()
                     repo_model = RepoModel()
                     changed_name = repo_name
                     #override the choices with extracted revisions !
                     choices, c.landing_revs = ScmModel().get_repo_landing_revs(repo_name)
                     c.landing_revs_choices = choices
                     _form = RepoForm(edit=True, old_data={'repo_name': repo_name},
                                      repo_groups=c.repo_groups_choices,
                                      landing_revs=c.landing_revs_choices)()
                     try:
                         form_result = _form.to_python(dict(request.POST))
                         repo = repo_model.update(repo_name, form_result)
                         invalidate_cache('get_repo_cached_%s' % repo_name)
                         h.flash(_('Repository %s updated successfully') % repo_name,
                                 category='success')
                         changed_name = repo.repo_name
                         action_logger(self.rhodecode_user, 'admin_updated_repo',
                                           changed_name, self.ip_addr, self.sa)
                         Session().commit()
                     except formencode.Invalid, errors:
                         defaults = self.__load_data(repo_name)
                         defaults.update(errors.value)
                         return htmlfill.render(
                             render('admin/repos/repo_edit.html'),
                             defaults=defaults,
                             errors=errors.error_dict or {},
                             prefix_error=False,
                             encoding="UTF-8")
                     except Exception:
                         log.error(traceback.format_exc())
                         h.flash(_('error occurred during update of repository %s') \
                                 % repo_name, category='error')
                     return redirect(url('edit_repo', repo_name=changed_name))
                 @HasPermissionAllDecorator('hg.admin')
                 def delete(self, repo_name):
                     """
                     DELETE /repos/repo_name: Delete an existing item"""
                     # Forms posted to this method should contain a hidden field:
                     #    <input type="hidden" name="_method" value="DELETE" />
                     # Or using helpers:
                     #    h.form(url('repo', repo_name=ID),
                     #           method='delete')
                     # url('repo', repo_name=ID)
                     repo_model = RepoModel()
                     repo = repo_model.get_by_repo_name(repo_name)
                     if not repo:
                         h.flash(_('%s repository is not mapped to db perhaps'
                                   ' it was moved or renamed  from the filesystem'
                                   ' please run the application again'
                                   ' in order to rescan repositories') % repo_name,
                                   category='error')
                         return redirect(url('repos'))
                     try:
                         action_logger(self.rhodecode_user, 'admin_deleted_repo',
                                           repo_name, self.ip_addr, self.sa)
                         repo_model.delete(repo)
                         invalidate_cache('get_repo_cached_%s' % repo_name)
                         h.flash(_('deleted repository %s') % repo_name, category='success')
                         Session().commit()
                     except IntegrityError, e:
                         if e.message.find('repositories_fork_id_fkey') != -1:
                             log.error(traceback.format_exc())
                             h.flash(_('Cannot delete %s it still contains attached '
                                       'forks') % repo_name,
                                     category='warning')
                         else:
                             log.error(traceback.format_exc())
                             h.flash(_('An error occurred during '
                                       'deletion of %s') % repo_name,
                                     category='error')
                     except Exception, e:
                         log.error(traceback.format_exc())
                         h.flash(_('An error occurred during deletion of %s') % repo_name,
                                 category='error')
                     return redirect(url('repos'))
                 @HasRepoPermissionAllDecorator('repository.admin')
                 def delete_perm_user(self, repo_name):
                     """
                     DELETE an existing repository permission user
                     :param repo_name:
                     """
                     try:
                         RepoModel().revoke_user_permission(repo=repo_name,
                                                            user=request.POST['user_id'])
                         Session().commit()
                     except Exception:
                         log.error(traceback.format_exc())
                         h.flash(_('An error occurred during deletion of repository user'),
                                 category='error')
                         raise HTTPInternalServerError()
                 @HasRepoPermissionAllDecorator('repository.admin')
                 def delete_perm_users_group(self, repo_name):
                     """
                     DELETE an existing repository permission users group
                     :param repo_name:
                     """
                     try:
                         RepoModel().revoke_users_group_permission(
                             repo=repo_name, group_name=request.POST['users_group_id']
                         )
                         Session().commit()
                     except Exception:
                         log.error(traceback.format_exc())
                         h.flash(_('An error occurred during deletion of repository'
                                   ' users groups'),
                                 category='error')
                         raise HTTPInternalServerError()
                 @HasPermissionAllDecorator('hg.admin')
                 def repo_stats(self, repo_name):
                     """
                     DELETE an existing repository statistics
                     :param repo_name:
                     """
                     try:
                         RepoModel().delete_stats(repo_name)
                         Session().commit()
                     except Exception, e:
+                        log.error(traceback.format_exc())
                         h.flash(_('An error occurred during deletion of repository stats'),
                                 category='error')
                     return redirect(url('edit_repo', repo_name=repo_name))
                 @HasPermissionAllDecorator('hg.admin')
                 def repo_cache(self, repo_name):
                     """
                     INVALIDATE existing repository cache
                     :param repo_name:
                     """
                     try:
                         ScmModel().mark_for_invalidation(repo_name)
                         Session().commit()
                     except Exception, e:
+                        log.error(traceback.format_exc())
                         h.flash(_('An error occurred during cache invalidation'),
                                 category='error')
                     return redirect(url('edit_repo', repo_name=repo_name))
                 @HasPermissionAllDecorator('hg.admin')
+                def repo_locking(self, repo_name):
+                    """
+                    Unlock repository when it is locked !
+                    :param repo_name:
+                    """
+                    try:
+                        repo = Repository.get_by_repo_name(repo_name)
+                        if request.POST.get('set_lock'):
+                            Repository.lock(repo, c.rhodecode_user.user_id)
+                        elif request.POST.get('set_unlock'):
+                            Repository.unlock(repo)
+                    except Exception, e:
+                        log.error(traceback.format_exc())
+                        h.flash(_('An error occurred during unlocking'),
+                                category='error')
+                    return redirect(url('edit_repo', repo_name=repo_name))
+                @HasPermissionAllDecorator('hg.admin')
                 def repo_public_journal(self, repo_name):
                     """
                     Set's this repository to be visible in public journal,
                     in other words assing default user to follow this repo
                     :param repo_name:
                     """
                     cur_token = request.POST.get('auth_token')
                     token = get_token()
                     if cur_token == token:
                         try:
                             repo_id = Repository.get_by_repo_name(repo_name).repo_id
                             user_id = User.get_by_username('default').user_id
                             self.scm_model.toggle_following_repo(repo_id, user_id)
                             h.flash(_('Updated repository visibility in public journal'),
                                     category='success')
                             Session().commit()
                         except:
                             h.flash(_('An error occurred during setting this'
                                       ' repository in public journal'),
                                     category='error')
                     else:
                         h.flash(_('Token mismatch'), category='error')
                     return redirect(url('edit_repo', repo_name=repo_name))
                 @HasPermissionAllDecorator('hg.admin')
                 def repo_pull(self, repo_name):
                     """
                     Runs task to update given repository with remote changes,
                     ie. make pull on remote location
                     :param repo_name:
                     """
                     try:
                         ScmModel().pull_changes(repo_name, self.rhodecode_user.username)
                         h.flash(_('Pulled from remote location'), category='success')
                     except Exception, e:
                         h.flash(_('An error occurred during pull from remote location'),
                                 category='error')
                     return redirect(url('edit_repo', repo_name=repo_name))
                 @HasPermissionAllDecorator('hg.admin')
                 def repo_as_fork(self, repo_name):
                     """
                     Mark given repository as a fork of another
                     :param repo_name:
                     """
                     try:
                         fork_id = request.POST.get('id_fork_of')
                         repo = ScmModel().mark_as_fork(repo_name, fork_id,
                                                 self.rhodecode_user.username)
                         fork = repo.fork.repo_name if repo.fork else _('Nothing')
                         Session().commit()
                         h.flash(_('Marked repo %s as fork of %s') % (repo_name, fork),
                                 category='success')
                     except Exception, e:
                         log.error(traceback.format_exc())
                         h.flash(_('An error occurred during this operation'),
                                 category='error')
                     return redirect(url('edit_repo', repo_name=repo_name))
                 @HasPermissionAllDecorator('hg.admin')
                 def show(self, repo_name, format='html'):
                     """GET /repos/repo_name: Show a specific item"""
                     # url('repo', repo_name=ID)
                 @HasPermissionAllDecorator('hg.admin')
                 def edit(self, repo_name, format='html'):
                     """GET /repos/repo_name/edit: Form to edit an existing item"""
                     # url('edit_repo', repo_name=ID)
                     defaults = self.__load_data(repo_name)
                     return htmlfill.render(
                         render('admin/repos/repo_edit.html'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False
                     )

rhodecode/lib/auth.py

0 +1 -1

             # -*- coding: utf-8 -*-
             """
                 rhodecode.lib.auth
                 ~~~~~~~~~~~~~~~~~~
                 authentication and permission libraries
                 :created_on: Apr 4, 2010
                 :author: marcink
                 :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
                 :license: GPLv3, see COPYING for more details.
             """
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU General Public License as published by
             # the Free Software Foundation, either version 3 of the License, or
             # (at your option) any later version.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             import random
             import logging
             import traceback
             import hashlib
             from tempfile import _RandomNameSequence
             from decorator import decorator
             from pylons import config, url, request
             from pylons.controllers.util import abort, redirect
             from pylons.i18n.translation import _
             from rhodecode import __platform__, is_windows, is_unix
             from rhodecode.model.meta import Session
             from rhodecode.lib.utils2 import str2bool, safe_unicode
             from rhodecode.lib.exceptions import LdapPasswordError, LdapUsernameError
             from rhodecode.lib.utils import get_repo_slug, get_repos_group_slug
             from rhodecode.lib.auth_ldap import AuthLdap
             from rhodecode.model import meta
             from rhodecode.model.user import UserModel
             from rhodecode.model.db import Permission, RhodeCodeSetting, User
             log = logging.getLogger(__name__)
             class PasswordGenerator(object):
                 """
                 This is a simple class for generating password from different sets of
                 characters
                 usage::
                     passwd_gen = PasswordGenerator()
                     #print 8-letter password containing only big and small letters
                         of alphabet
                     passwd_gen.gen_password(8, passwd_gen.ALPHABETS_BIG_SMALL)
                 """
                 ALPHABETS_NUM = r'''1234567890'''
                 ALPHABETS_SMALL = r'''qwertyuiopasdfghjklzxcvbnm'''
                 ALPHABETS_BIG = r'''QWERTYUIOPASDFGHJKLZXCVBNM'''
                 ALPHABETS_SPECIAL = r'''`-=[]\;',./~!@#$%^&*()_+{}|:"<>?'''
                 ALPHABETS_FULL = ALPHABETS_BIG + ALPHABETS_SMALL \
                     + ALPHABETS_NUM + ALPHABETS_SPECIAL
                 ALPHABETS_ALPHANUM = ALPHABETS_BIG + ALPHABETS_SMALL + ALPHABETS_NUM
                 ALPHABETS_BIG_SMALL = ALPHABETS_BIG + ALPHABETS_SMALL
                 ALPHABETS_ALPHANUM_BIG = ALPHABETS_BIG + ALPHABETS_NUM
                 ALPHABETS_ALPHANUM_SMALL = ALPHABETS_SMALL + ALPHABETS_NUM
                 def __init__(self, passwd=''):
                     self.passwd = passwd
                 def gen_password(self, length, type_=None):
                     if type_ is None:
                         type_ = self.ALPHABETS_FULL
                     self.passwd = ''.join([random.choice(type_) for _ in xrange(length)])
                     return self.passwd
             class RhodeCodeCrypto(object):
                 @classmethod
                 def hash_string(cls, str_):
                     """
                     Cryptographic function used for password hashing based on pybcrypt
                     or pycrypto in windows
                     :param password: password to hash
                     """
                     if is_windows:
                         from hashlib import sha256
                         return sha256(str_).hexdigest()
                     elif is_unix:
                         import bcrypt
                         return bcrypt.hashpw(str_, bcrypt.gensalt(10))
                     else:
                         raise Exception('Unknown or unsupported platform %s' \
                                         % __platform__)
                 @classmethod
                 def hash_check(cls, password, hashed):
                     """
                     Checks matching password with it's hashed value, runs different
                     implementation based on platform it runs on
                     :param password: password
                     :param hashed: password in hashed form
                     """
                     if is_windows:
                         from hashlib import sha256
                         return sha256(password).hexdigest() == hashed
                     elif is_unix:
                         import bcrypt
                         return bcrypt.hashpw(password, hashed) == hashed
                     else:
                         raise Exception('Unknown or unsupported platform %s' \
                                         % __platform__)
             def get_crypt_password(password):
                 return RhodeCodeCrypto.hash_string(password)
             def check_password(password, hashed):
                 return RhodeCodeCrypto.hash_check(password, hashed)
             def generate_api_key(str_, salt=None):
                 """
                 Generates API KEY from given string
                 :param str_:
                 :param salt:
                 """
                 if salt is None:
                     salt = _RandomNameSequence().next()
                 return hashlib.sha1(str_ + salt).hexdigest()
             def authfunc(environ, username, password):
                 """
                 Dummy authentication wrapper function used in Mercurial and Git for
                 access control.
                 :param environ: needed only for using in Basic auth
                 """
                 return authenticate(username, password)
             def authenticate(username, password):
                 """
                 Authentication function used for access control,
                 firstly checks for db authentication then if ldap is enabled for ldap
                 authentication, also creates ldap user if not in database
                 :param username: username
                 :param password: password
                 """
                 user_model = UserModel()
                 user = User.get_by_username(username)
                 log.debug('Authenticating user using RhodeCode account')
                 if user is not None and not user.ldap_dn:
                     if user.active:
                         if user.username == 'default' and user.active:
                             log.info('user %s authenticated correctly as anonymous user' %
                                      username)
                             return True
                         elif user.username == username and check_password(password,
                                                                           user.password):
                             log.info('user %s authenticated correctly' % username)
                             return True
                     else:
                         log.warning('user %s tried auth but is disabled' % username)
                 else:
                     log.debug('Regular authentication failed')
                     user_obj = User.get_by_username(username, case_insensitive=True)
                     if user_obj is not None and not user_obj.ldap_dn:
                         log.debug('this user already exists as non ldap')
                         return False
                     ldap_settings = RhodeCodeSetting.get_ldap_settings()
                     #======================================================================
                     # FALLBACK TO LDAP AUTH IF ENABLE
                     #======================================================================
                     if str2bool(ldap_settings.get('ldap_active')):
                         log.debug("Authenticating user using ldap")
                         kwargs = {
                               'server': ldap_settings.get('ldap_host', ''),
                               'base_dn': ldap_settings.get('ldap_base_dn', ''),
                               'port': ldap_settings.get('ldap_port'),
                               'bind_dn': ldap_settings.get('ldap_dn_user'),
                               'bind_pass': ldap_settings.get('ldap_dn_pass'),
                               'tls_kind': ldap_settings.get('ldap_tls_kind'),
                               'tls_reqcert': ldap_settings.get('ldap_tls_reqcert'),
                               'ldap_filter': ldap_settings.get('ldap_filter'),
                               'search_scope': ldap_settings.get('ldap_search_scope'),
                               'attr_login': ldap_settings.get('ldap_attr_login'),
                               'ldap_version': 3,
                               }
                         log.debug('Checking for ldap authentication')
                         try:
                             aldap = AuthLdap(**kwargs)
                             (user_dn, ldap_attrs) = aldap.authenticate_ldap(username,
                                                                             password)
                             log.debug('Got ldap DN response %s' % user_dn)
                             get_ldap_attr = lambda k: ldap_attrs.get(ldap_settings\
                                                                        .get(k), [''])[0]
                             user_attrs = {
                              'name': safe_unicode(get_ldap_attr('ldap_attr_firstname')),
                              'lastname': safe_unicode(get_ldap_attr('ldap_attr_lastname')),
                              'email': get_ldap_attr('ldap_attr_email'),
                             }
                             # don't store LDAP password since we don't need it. Override
                             # with some random generated password
                             _password = PasswordGenerator().gen_password(length=8)
                             # create this user on the fly if it doesn't exist in rhodecode
                             # database
                             if user_model.create_ldap(username, _password, user_dn,
                                                       user_attrs):
                                 log.info('created new ldap user %s' % username)
                             Session().commit()
                             return True
                         except (LdapUsernameError, LdapPasswordError,):
                             pass
                         except (Exception,):
                             log.error(traceback.format_exc())
                             pass
                 return False
             def login_container_auth(username):
                 user = User.get_by_username(username)
                 if user is None:
                     user_attrs = {
                         'name': username,
                         'lastname': None,
                         'email': None,
                     }
                     user = UserModel().create_for_container_auth(username, user_attrs)
                     if not user:
                         return None
                     log.info('User %s was created by container authentication' % username)
                 if not user.active:
                     return None
                 user.update_lastlogin()
                 Session().commit()
                 log.debug('User %s is now logged in by container authentication',
                           user.username)
                 return user
             def get_container_username(environ, config):
                 username = None
                 if str2bool(config.get('container_auth_enabled', False)):
                     from paste.httpheaders import REMOTE_USER
                     username = REMOTE_USER(environ)
                 if not username and str2bool(config.get('proxypass_auth_enabled', False)):
                     username = environ.get('HTTP_X_FORWARDED_USER')
                 if username:
                     # Removing realm and domain from username
                     username = username.partition('@')[0]
                     username = username.rpartition('\\')[2]
                     log.debug('Received username %s from container' % username)
                 return username
             class CookieStoreWrapper(object):
                 def __init__(self, cookie_store):
                     self.cookie_store = cookie_store
                 def __repr__(self):
                     return 'CookieStore<%s>' % (self.cookie_store)
                 def get(self, key, other=None):
                     if isinstance(self.cookie_store, dict):
                         return self.cookie_store.get(key, other)
                     elif isinstance(self.cookie_store, AuthUser):
                         return self.cookie_store.__dict__.get(key, other)
             class  AuthUser(object):
                 """
                 A simple object that handles all attributes of user in RhodeCode
                 It does lookup based on API key,given user, or user present in session
                 Then it fills all required information for such user. It also checks if
                 anonymous access is enabled and if so, it returns default user as logged
                 in
                 """
                 def __init__(self, user_id=None, api_key=None, username=None):
                     self.user_id = user_id
                     self.api_key = None
                     self.username = username
                     self.name = ''
                     self.lastname = ''
                     self.email = ''
                     self.is_authenticated = False
                     self.admin = False
                     self.inherit_default_permissions = False
                     self.permissions = {}
                     self._api_key = api_key
                     self.propagate_data()
                     self._instance = None
                 def propagate_data(self):
                     user_model = UserModel()
                     self.anonymous_user = User.get_by_username('default', cache=True)
                     is_user_loaded = False
                     # try go get user by api key
                     if self._api_key and self._api_key != self.anonymous_user.api_key:
                         log.debug('Auth User lookup by API KEY %s' % self._api_key)
                         is_user_loaded = user_model.fill_data(self, api_key=self._api_key)
                     # lookup by userid
                     elif (self.user_id is not None and
                           self.user_id != self.anonymous_user.user_id):
                         log.debug('Auth User lookup by USER ID %s' % self.user_id)
                         is_user_loaded = user_model.fill_data(self, user_id=self.user_id)
                     # lookup by username
                     elif self.username and \
                         str2bool(config.get('container_auth_enabled', False)):
                         log.debug('Auth User lookup by USER NAME %s' % self.username)
                         dbuser = login_container_auth(self.username)
                         if dbuser is not None:
                             log.debug('filling all attributes to object')
                             for k, v in dbuser.get_dict().items():
                                 setattr(self, k, v)
                             self.set_authenticated()
                             is_user_loaded = True
                     else:
                         log.debug('No data in %s that could been used to log in' % self)
                     if not is_user_loaded:
                         # if we cannot authenticate user try anonymous
                         if self.anonymous_user.active is True:
                             user_model.fill_data(self, user_id=self.anonymous_user.user_id)
                             # then we set this user is logged in
                             self.is_authenticated = True
                         else:
                             self.user_id = None
                             self.username = None
                             self.is_authenticated = False
                     if not self.username:
                         self.username = 'None'
                     log.debug('Auth User is now %s' % self)
                     user_model.fill_perms(self)
                 @property
                 def is_admin(self):
                     return self.admin
                 def __repr__(self):
                     return "<AuthUser('id:%s:%s|%s')>" % (self.user_id, self.username,
                                                           self.is_authenticated)
                 def set_authenticated(self, authenticated=True):
                     if self.user_id != self.anonymous_user.user_id:
                         self.is_authenticated = authenticated
                 def get_cookie_store(self):
                     return {'username': self.username,
                             'user_id': self.user_id,
                             'is_authenticated': self.is_authenticated}
                 @classmethod
                 def from_cookie_store(cls, cookie_store):
                     """
                     Creates AuthUser from a cookie store
                     :param cls:
                     :param cookie_store:
                     """
                     user_id = cookie_store.get('user_id')
                     username = cookie_store.get('username')
                     api_key = cookie_store.get('api_key')
                     return AuthUser(user_id, api_key, username)
             def set_available_permissions(config):
                 """
                 This function will propagate pylons globals with all available defined
                 permission given in db. We don't want to check each time from db for new
                 permissions since adding a new permission also requires application restart
                 ie. to decorate new views with the newly created permission
                 :param config: current pylons config instance
                 """
                 log.info('getting information about all available permissions')
                 try:
                     sa = meta.Session
                     all_perms = sa.query(Permission).all()
                 except Exception:
                     pass
                 finally:
                     meta.Session.remove()
                 config['available_permissions'] = [x.permission_name for x in all_perms]
             #==============================================================================
             # CHECK DECORATORS
             #==============================================================================
             class LoginRequired(object):
                 """
                 Must be logged in to execute this function else
                 redirect to login page
                 :param api_access: if enabled this checks only for valid auth token
                     and grants access based on valid token
                 """
                 def __init__(self, api_access=False):
                     self.api_access = api_access
                 def __call__(self, func):
                     return decorator(self.__wrapper, func)
                 def __wrapper(self, func, *fargs, **fkwargs):
                     cls = fargs[0]
                     user = cls.rhodecode_user
                     api_access_ok = False
                     if self.api_access:
                         log.debug('Checking API KEY access for %s' % cls)
                         if user.api_key == request.GET.get('api_key'):
                             api_access_ok = True
                         else:
                             log.debug("API KEY token not valid")
                     loc = "%s:%s" % (cls.__class__.__name__, func.__name__)
                     log.debug('Checking if %s is authenticated @ %s' % (user.username, loc))
                     if user.is_authenticated or api_access_ok:
                         reason = 'RegularAuth' if user.is_authenticated else 'APIAuth'
                         log.info('user %s is authenticated and granted access to %s '
                                  'using %s' % (user.username, loc, reason)
                         )
                         return func(*fargs, **fkwargs)
                     else:
                         log.warn('user %s NOT authenticated on func: %s' % (
                             user, loc)
                         )
                         p = url.current()
                         log.debug('redirecting to login page with %s' % p)
                         return redirect(url('login_home', came_from=p))
             class NotAnonymous(object):
                 """
                 Must be logged in to execute this function else
                 redirect to login page"""
                 def __call__(self, func):
                     return decorator(self.__wrapper, func)
                 def __wrapper(self, func, *fargs, **fkwargs):
                     cls = fargs[0]
                     self.user = cls.rhodecode_user
                     log.debug('Checking if user is not anonymous @%s' % cls)
                     anonymous = self.user.username == 'default'
                     if anonymous:
                         p = url.current()
                         import rhodecode.lib.helpers as h
                         h.flash(_('You need to be a registered user to '
                                   'perform this action'),
                                 category='warning')
                         return redirect(url('login_home', came_from=p))
                     else:
                         return func(*fargs, **fkwargs)
             class PermsDecorator(object):
                 """Base class for controller decorators"""
                 def __init__(self, *required_perms):
                     available_perms = config['available_permissions']
                     for perm in required_perms:
                         if perm not in available_perms:
                             raise Exception("'%s' permission is not defined" % perm)
                     self.required_perms = set(required_perms)
                     self.user_perms = None
                 def __call__(self, func):
                     return decorator(self.__wrapper, func)
                 def __wrapper(self, func, *fargs, **fkwargs):
                     cls = fargs[0]
                     self.user = cls.rhodecode_user
                     self.user_perms = self.user.permissions
                     log.debug('checking %s permissions %s for %s %s',
                        self.__class__.__name__, self.required_perms, cls, self.user)
                     if self.check_permissions():
                         log.debug('Permission granted for %s %s' % (cls, self.user))
                         return func(*fargs, **fkwargs)
                     else:
                         log.debug('Permission denied for %s %s' % (cls, self.user))
                         anonymous = self.user.username == 'default'
                         if anonymous:
                             p = url.current()
                             import rhodecode.lib.helpers as h
                             h.flash(_('You need to be a signed in to '
                                       'view this page'),
                                     category='warning')
                             return redirect(url('login_home', came_from=p))
                         else:
                             # redirect with forbidden ret code
                             return abort(403)
                 def check_permissions(self):
                     """Dummy function for overriding"""
                     raise Exception('You have to write this function in child class')
             class HasPermissionAllDecorator(PermsDecorator):
                 """
                 Checks for access permission for all given predicates. All of them
                 have to be meet in order to fulfill the request
                 """
                 def check_permissions(self):
                     if self.required_perms.issubset(self.user_perms.get('global')):
                         return True
                     return False
             class HasPermissionAnyDecorator(PermsDecorator):
                 """
                 Checks for access permission for any of given predicates. In order to
                 fulfill the request any of predicates must be meet
                 """
                 def check_permissions(self):
                     if self.required_perms.intersection(self.user_perms.get('global')):
                         return True
                     return False
             class HasRepoPermissionAllDecorator(PermsDecorator):
                 """
                 Checks for access permission for all given predicates for specific
                 repository. All of them have to be meet in order to fulfill the request
                 """
                 def check_permissions(self):
                     repo_name = get_repo_slug(request)
                     try:
                         user_perms = set([self.user_perms['repositories'][repo_name]])
                     except KeyError:
                         return False
                     if self.required_perms.issubset(user_perms):
                         return True
                     return False
             class HasRepoPermissionAnyDecorator(PermsDecorator):
                 """
                 Checks for access permission for any of given predicates for specific
                 repository. In order to fulfill the request any of predicates must be meet
                 """
                 def check_permissions(self):
                     repo_name = get_repo_slug(request)
                     try:
                         user_perms = set([self.user_perms['repositories'][repo_name]])
                     except KeyError:
                         return False
                     if self.required_perms.intersection(user_perms):
                         return True
                     return False
             class HasReposGroupPermissionAllDecorator(PermsDecorator):
                 """
                 Checks for access permission for all given predicates for specific
                 repository. All of them have to be meet in order to fulfill the request
                 """
                 def check_permissions(self):
                     group_name = get_repos_group_slug(request)
                     try:
                         user_perms = set([self.user_perms['repositories_groups'][group_name]])
                     except KeyError:
                         return False
                     if self.required_perms.issubset(user_perms):
                         return True
                     return False
             class HasReposGroupPermissionAnyDecorator(PermsDecorator):
                 """
                 Checks for access permission for any of given predicates for specific
                 repository. In order to fulfill the request any of predicates must be meet
                 """
                 def check_permissions(self):
                     group_name = get_repos_group_slug(request)
                     try:
                         user_perms = set([self.user_perms['repositories_groups'][group_name]])
                     except KeyError:
                         return False
                     if self.required_perms.intersection(user_perms):
                         return True
                     return False
             #==============================================================================
             # CHECK FUNCTIONS
             #==============================================================================
             class PermsFunction(object):
                 """Base function for other check functions"""
                 def __init__(self, *perms):
                     available_perms = config['available_permissions']
                     for perm in perms:
                         if perm not in available_perms:
                             raise Exception("'%s' permission is not defined" % perm)
                     self.required_perms = set(perms)
                     self.user_perms = None
                     self.repo_name = None
                     self.group_name = None
                 def __call__(self, check_Location=''):
                     user = request.user
                     cls_name = self.__class__.__name__
                     check_scope = {
                         'HasPermissionAll': '',
                         'HasPermissionAny': '',
                         'HasRepoPermissionAll': 'repo:%s' % self.repo_name,
                         'HasRepoPermissionAny': 'repo:%s' % self.repo_name,
                         'HasReposGroupPermissionAll': 'group:%s' % self.group_name,
                         'HasReposGroupPermissionAny': 'group:%s' % self.group_name,
                     }.get(cls_name, '?')
                     log.debug('checking cls:%s %s usr:%s %s @ %s', cls_name,
                               self.required_perms, user, check_scope,
                               check_Location or 'unspecified location')
                     if not user:
                         log.debug('Empty request user')
                         return False
                     self.user_perms = user.permissions
                     if self.check_permissions():
                         log.debug('Permission granted for user: %s @ %s', user,
                                   check_Location or 'unspecified location')
                         return True
                     else:
                         log.debug('Permission denied for user: %s @ %s', user,
                                     check_Location or 'unspecified location')
                         return False
                 def check_permissions(self):
                     """Dummy function for overriding"""
                     raise Exception('You have to write this function in child class')
             class HasPermissionAll(PermsFunction):
                 def check_permissions(self):
                     if self.required_perms.issubset(self.user_perms.get('global')):
                         return True
                     return False
             class HasPermissionAny(PermsFunction):
                 def check_permissions(self):
                     if self.required_perms.intersection(self.user_perms.get('global')):
                         return True
                     return False
             class HasRepoPermissionAll(PermsFunction):
                 def __call__(self, repo_name=None, check_Location=''):
                     self.repo_name = repo_name
                     return super(HasRepoPermissionAll, self).__call__(check_Location)
                 def check_permissions(self):
                     if not self.repo_name:
                         self.repo_name = get_repo_slug(request)
                     try:
                         self._user_perms = set(
                             [self.user_perms['repositories'][self.repo_name]]
                         )
                     except KeyError:
                         return False
                     if self.required_perms.issubset(self._user_perms):
                         return True
                     return False
             class HasRepoPermissionAny(PermsFunction):
                 def __call__(self, repo_name=None, check_Location=''):
                     self.repo_name = repo_name
                     return super(HasRepoPermissionAny, self).__call__(check_Location)
                 def check_permissions(self):
                     if not self.repo_name:
                         self.repo_name = get_repo_slug(request)
                     try:
                         self._user_perms = set(
                             [self.user_perms['repositories'][self.repo_name]]
                         )
                     except KeyError:
                         return False
                     if self.required_perms.intersection(self._user_perms):
                         return True
                     return False
             class HasReposGroupPermissionAny(PermsFunction):
                 def __call__(self, group_name=None, check_Location=''):
                     self.group_name = group_name
                     return super(HasReposGroupPermissionAny, self).__call__(check_Location)
                 def check_permissions(self):
                     try:
                         self._user_perms = set(
                             [self.user_perms['repositories_groups'][self.group_name]]
                         )
                     except KeyError:
                         return False
                     if self.required_perms.intersection(self._user_perms):
                         return True
                     return False
             class HasReposGroupPermissionAll(PermsFunction):
                 def __call__(self, group_name=None, check_Location=''):
                     self.group_name = group_name
                     return super(HasReposGroupPermissionAll, self).__call__(check_Location)
                 def check_permissions(self):
                     try:
                         self._user_perms = set(
                             [self.user_perms['repositories_groups'][self.group_name]]
                         )
                     except KeyError:
                         return False
                     if self.required_perms.issubset(self._user_perms):
                         return True
                     return False
             #==============================================================================
             # SPECIAL VERSION TO HANDLE MIDDLEWARE AUTH
             #==============================================================================
             class HasPermissionAnyMiddleware(object):
                 def __init__(self, *perms):
                     self.required_perms = set(perms)
                 def __call__(self, user, repo_name):
                     # repo_name MUST be unicode, since we handle keys in permission
                     # dict by unicode
                     repo_name = safe_unicode(repo_name)
                     usr = AuthUser(user.user_id)
                     try:
                         self.user_perms = set([usr.permissions['repositories'][repo_name]])
                     except Exception:
                         log.error('Exception while accessing permissions %s' %
                                   traceback.format_exc())
                         self.user_perms = set()
                     self.username = user.username
                     self.repo_name = repo_name
                     return self.check_permissions()
                 def check_permissions(self):
-                    log.debug('checking mercurial protocol '
+                    log.debug('checking VCS protocol '
                               'permissions %s for user:%s repository:%s', self.user_perms,
                                                             self.username, self.repo_name)
                     if self.required_perms.intersection(self.user_perms):
                         log.debug('permission granted for user:%s on repo:%s' % (
                                       self.username, self.repo_name
                                  )
                         )
                         return True
                     log.debug('permission denied for user:%s on repo:%s' % (
                                   self.username, self.repo_name
                              )
                     )
                     return False

rhodecode/lib/base.py

0 +48 -2

             """The base Controller API
             Provides the BaseController class for subclassing.
             """
             import logging
             import time
             import traceback
             from paste.auth.basic import AuthBasicAuthenticator
             from paste.httpexceptions import HTTPUnauthorized, HTTPForbidden
+            from webob.exc import HTTPClientError
             from paste.httpheaders import WWW_AUTHENTICATE
             from pylons import config, tmpl_context as c, request, session, url
             from pylons.controllers import WSGIController
             from pylons.controllers.util import redirect
             from pylons.templating import render_mako as render
             from rhodecode import __version__, BACKENDS
-            from rhodecode.lib.utils2 import str2bool, safe_unicode, AttributeDict
+            from rhodecode.lib.utils2 import str2bool, safe_unicode, AttributeDict,\
+                safe_str
             from rhodecode.lib.auth import AuthUser, get_container_username, authfunc,\
                 HasPermissionAnyMiddleware, CookieStoreWrapper
             from rhodecode.lib.utils import get_repo_slug, invalidate_cache
             from rhodecode.model import meta
-            from rhodecode.model.db import Repository, RhodeCodeUi
+            from rhodecode.model.db import Repository, RhodeCodeUi, User
             from rhodecode.model.notification import NotificationModel
             from rhodecode.model.scm import ScmModel
+            from rhodecode.model.meta import Session
             log = logging.getLogger(__name__)
             def _get_ip_addr(environ):
                 proxy_key = 'HTTP_X_REAL_IP'
                 proxy_key2 = 'HTTP_X_FORWARDED_FOR'
                 def_key = 'REMOTE_ADDR'
                 ip = environ.get(proxy_key2)
                 if ip:
                     return ip
                 ip = environ.get(proxy_key)
                 if ip:
                     return ip
                 ip = environ.get(def_key, '0.0.0.0')
                 return ip
             def _get_access_path(environ):
                 path = environ.get('PATH_INFO')
                 org_req = environ.get('pylons.original_request')
                 if org_req:
                     path = org_req.environ.get('PATH_INFO')
                 return path
             class BasicAuth(AuthBasicAuthenticator):
                 def __init__(self, realm, authfunc, auth_http_code=None):
                     self.realm = realm
                     self.authfunc = authfunc
                     self._rc_auth_http_code = auth_http_code
                 def build_authentication(self):
                     head = WWW_AUTHENTICATE.tuples('Basic realm="%s"' % self.realm)
                     if self._rc_auth_http_code and self._rc_auth_http_code == '403':
                         # return 403 if alternative http return code is specified in
                         # RhodeCode config
                         return HTTPForbidden(headers=head)
                     return HTTPUnauthorized(headers=head)
             class BaseVCSController(object):
                 def __init__(self, application, config):
                     self.application = application
                     self.config = config
                     # base path of repo locations
                     self.basepath = self.config['base_path']
                     #authenticate this mercurial request using authfunc
                     self.authenticate = BasicAuth('', authfunc,
                                                   config.get('auth_ret_code'))
                     self.ipaddr = '0.0.0.0'
                 def _handle_request(self, environ, start_response):
                     raise NotImplementedError()
                 def _get_by_id(self, repo_name):
                     """
                     Get's a special pattern _<ID> from clone url and tries to replace it
                     with a repository_name for support of _<ID> non changable urls
                     :param repo_name:
                     """
                     try:
                         data = repo_name.split('/')
                         if len(data) >= 2:
                             by_id = data[1].split('_')
                             if len(by_id) == 2 and by_id[1].isdigit():
                                 _repo_name = Repository.get(by_id[1]).repo_name
                                 data[1] = _repo_name
                     except:
                         log.debug('Failed to extract repo_name from id %s' % (
                                   traceback.format_exc()
                                   )
                         )
                     return '/'.join(data)
                 def _invalidate_cache(self, repo_name):
                     """
                     Set's cache for this repository for invalidation on next access
                     :param repo_name: full repo name, also a cache key
                     """
                     invalidate_cache('get_repo_cached_%s' % repo_name)
                 def _check_permission(self, action, user, repo_name):
                     """
                     Checks permissions using action (push/pull) user and repository
                     name
                     :param action: push or pull action
                     :param user: user instance
                     :param repo_name: repository name
                     """
                     if action == 'push':
                         if not HasPermissionAnyMiddleware('repository.write',
                                                           'repository.admin')(user,
                                                                               repo_name):
                             return False
                     else:
                         #any other action need at least read permission
                         if not HasPermissionAnyMiddleware('repository.read',
                                                           'repository.write',
                                                           'repository.admin')(user,
                                                                               repo_name):
                             return False
                     return True
                 def _get_ip_addr(self, environ):
                     return _get_ip_addr(environ)
                 def _check_ssl(self, environ, start_response):
                     """
                     Checks the SSL check flag and returns False if SSL is not present
                     and required True otherwise
                     """
                     org_proto = environ['wsgi._org_proto']
                     #check if we have SSL required  ! if not it's a bad request !
                     require_ssl = str2bool(RhodeCodeUi.get_by_key('push_ssl').ui_value)
                     if require_ssl and org_proto == 'http':
                         log.debug('proto is %s and SSL is required BAD REQUEST !'
                                   % org_proto)
                         return False
                     return True
+                def _check_locking_state(self, environ, action, repo, user_id):
+                    """
+                    Checks locking on this repository, if locking is enabled and lock is
+                    present returns a tuple of make_lock, locked, locked_by.
+                    make_lock can have 3 states None (do nothing) True, make lock
+                    False release lock, This value is later propagated to hooks, which
+                    do the locking. Think about this as signals passed to hooks what to do.
+                    """
+                    locked = False
+                    make_lock = None
+                    repo = Repository.get_by_repo_name(repo)
+                    user = User.get(user_id)
+                    # this is kind of hacky, but due to how mercurial handles client-server
+                    # server see all operation on changeset; bookmarks, phases and
+                    # obsolescence marker in different transaction, we don't want to check
+                    # locking on those
+                    obsolete_call = environ['QUERY_STRING'] in ['cmd=listkeys',]
+                    locked_by = repo.locked
+                    if repo and repo.enable_locking and not obsolete_call:
+                        if action == 'push':
+                            #check if it's already locked !, if it is compare users
+                            user_id, _date = repo.locked
+                            if user.user_id == user_id:
+                                log.debug('Got push from user, now unlocking' % (user))
+                                # unlock if we have push from user who locked
+                                make_lock = False
+                            else:
+                                # we're not the same user who locked, ban with 423 !
+                                locked = True
+                        if action == 'pull':
+                            if repo.locked[0] and repo.locked[1]:
+                                locked = True
+                            else:
+                                log.debug('Setting lock on repo %s by %s' % (repo, user))
+                                make_lock = True
+                    else:
+                        log.debug('Repository %s do not have locking enabled' % (repo))
+                    return make_lock, locked, locked_by
                 def __call__(self, environ, start_response):
                     start = time.time()
                     try:
                         return self._handle_request(environ, start_response)
                     finally:
                         log = logging.getLogger('rhodecode.' + self.__class__.__name__)
                         log.debug('Request time: %.3fs' % (time.time() - start))
                         meta.Session.remove()
             class BaseController(WSGIController):
                 def __before__(self):
                     c.rhodecode_version = __version__
                     c.rhodecode_instanceid = config.get('instance_id')
                     c.rhodecode_name = config.get('rhodecode_title')
                     c.use_gravatar = str2bool(config.get('use_gravatar'))
                     c.ga_code = config.get('rhodecode_ga_code')
                     # Visual options
                     c.visual = AttributeDict({})
                     c.visual.show_public_icon = str2bool(config.get('rhodecode_show_public_icon'))
                     c.visual.show_private_icon = str2bool(config.get('rhodecode_show_private_icon'))
                     c.visual.stylify_metatags = str2bool(config.get('rhodecode_stylify_metatags'))
                     c.repo_name = get_repo_slug(request)
                     c.backends = BACKENDS.keys()
                     c.unread_notifications = NotificationModel()\
                                     .get_unread_cnt_for_user(c.rhodecode_user.user_id)
                     self.cut_off_limit = int(config.get('cut_off_limit'))
                     self.sa = meta.Session
                     self.scm_model = ScmModel(self.sa)
                     self.ip_addr = ''
                 def __call__(self, environ, start_response):
                     """Invoke the Controller"""
                     # WSGIController.__call__ dispatches to the Controller method
                     # the request is routed to. This routing information is
                     # available in environ['pylons.routes_dict']
                     start = time.time()
                     try:
                         self.ip_addr = _get_ip_addr(environ)
                         # make sure that we update permissions each time we call controller
                         api_key = request.GET.get('api_key')
                         cookie_store = CookieStoreWrapper(session.get('rhodecode_user'))
                         user_id = cookie_store.get('user_id', None)
                         username = get_container_username(environ, config)
                         auth_user = AuthUser(user_id, api_key, username)
                         request.user = auth_user
                         self.rhodecode_user = c.rhodecode_user = auth_user
                         if not self.rhodecode_user.is_authenticated and \
                                    self.rhodecode_user.user_id is not None:
                             self.rhodecode_user.set_authenticated(
                                 cookie_store.get('is_authenticated')
                             )
                         log.info('IP: %s User: %s accessed %s' % (
                            self.ip_addr, auth_user, safe_unicode(_get_access_path(environ)))
                         )
                         return WSGIController.__call__(self, environ, start_response)
                     finally:
                         log.info('IP: %s Request to %s time: %.3fs' % (
                             _get_ip_addr(environ),
                             safe_unicode(_get_access_path(environ)), time.time() - start)
                         )
                         meta.Session.remove()
             class BaseRepoController(BaseController):
                 """
                 Base class for controllers responsible for loading all needed data for
                 repository loaded items are
                 c.rhodecode_repo: instance of scm repository
                 c.rhodecode_db_repo: instance of db
                 c.repository_followers: number of followers
                 c.repository_forks: number of forks
                 """
                 def __before__(self):
                     super(BaseRepoController, self).__before__()
                     if c.repo_name:
                         dbr = c.rhodecode_db_repo = Repository.get_by_repo_name(c.repo_name)
                         c.rhodecode_repo = c.rhodecode_db_repo.scm_instance
                         if c.rhodecode_repo is None:
                             log.error('%s this repository is present in database but it '
                                       'cannot be created as an scm instance', c.repo_name)
                             redirect(url('home'))
                         # some globals counter for menu
                         c.repository_followers = self.scm_model.get_followers(dbr)
                         c.repository_forks = self.scm_model.get_forks(dbr)
                         c.repository_pull_requests = self.scm_model.get_pull_requests(dbr)

rhodecode/lib/db_manage.py

0 +24 -15

             # -*- coding: utf-8 -*-
             """
                 rhodecode.lib.db_manage
                 ~~~~~~~~~~~~~~~~~~~~~~~
                 Database creation, and setup module for RhodeCode. Used for creation
                 of database as well as for migration operations
                 :created_on: Apr 10, 2010
                 :author: marcink
                 :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
                 :license: GPLv3, see COPYING for more details.
             """
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU General Public License as published by
             # the Free Software Foundation, either version 3 of the License, or
             # (at your option) any later version.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             import os
             import sys
             import uuid
             import logging
             from os.path import dirname as dn, join as jn
             from rhodecode import __dbversion__
             from rhodecode.model import meta
             from rhodecode.model.user import UserModel
             from rhodecode.lib.utils import ask_ok
             from rhodecode.model import init_model
             from rhodecode.model.db import User, Permission, RhodeCodeUi, \
                 RhodeCodeSetting, UserToPerm, DbMigrateVersion, RepoGroup,\
                 UserRepoGroupToPerm
             from sqlalchemy.engine import create_engine
             from rhodecode.model.repos_group import ReposGroupModel
             log = logging.getLogger(__name__)
             class DbManage(object):
                 def __init__(self, log_sql, dbconf, root, tests=False):
                     self.dbname = dbconf.split('/')[-1]
                     self.tests = tests
                     self.root = root
                     self.dburi = dbconf
                     self.log_sql = log_sql
                     self.db_exists = False
                     self.init_db()
                 def init_db(self):
                     engine = create_engine(self.dburi, echo=self.log_sql)
                     init_model(engine)
                     self.sa = meta.Session()
                 def create_tables(self, override=False, defaults={}):
                     """
                     Create a auth database
                     """
                     quiet = defaults.get('quiet')
                     log.info("Any existing database is going to be destroyed")
                     if self.tests or quiet:
                         destroy = True
                     else:
                         destroy = ask_ok('Are you sure to destroy old database ? [y/n]')
                     if not destroy:
                         sys.exit()
                     if destroy:
                         meta.Base.metadata.drop_all()
                     checkfirst = not override
                     meta.Base.metadata.create_all(checkfirst=checkfirst)
                     log.info('Created tables for %s' % self.dbname)
                 def set_db_version(self):
                     ver = DbMigrateVersion()
                     ver.version = __dbversion__
                     ver.repository_id = 'rhodecode_db_migrations'
                     ver.repository_path = 'versions'
                     self.sa.add(ver)
                     log.info('db version set to: %s' % __dbversion__)
                 def upgrade(self):
                     """
                     Upgrades given database schema to given revision following
                     all needed steps, to perform the upgrade
                     """
                     from rhodecode.lib.dbmigrate.migrate.versioning import api
                     from rhodecode.lib.dbmigrate.migrate.exceptions import \
                         DatabaseNotControlledError
                     if 'sqlite' in self.dburi:
                         print (
                            '********************** WARNING **********************\n'
                            'Make sure your version of sqlite is at least 3.7.X.  \n'
                            'Earlier versions are known to fail on some migrations\n'
                            '*****************************************************\n'
                         )
                     upgrade = ask_ok('You are about to perform database upgrade, make '
                                      'sure You backed up your database before. '
                                      'Continue ? [y/n]')
                     if not upgrade:
                         sys.exit('Nothing done')
                     repository_path = jn(dn(dn(dn(os.path.realpath(__file__)))),
                                          'rhodecode/lib/dbmigrate')
                     db_uri = self.dburi
                     try:
                         curr_version = api.db_version(db_uri, repository_path)
                         msg = ('Found current database under version'
                              ' control with version %s' % curr_version)
                     except (RuntimeError, DatabaseNotControlledError):
                         curr_version = 1
                         msg = ('Current database is not under version control. Setting'
                                ' as version %s' % curr_version)
                         api.version_control(db_uri, repository_path, curr_version)
                     print (msg)
                     if curr_version == __dbversion__:
                         sys.exit('This database is already at the newest version')
                     #======================================================================
                     # UPGRADE STEPS
                     #======================================================================
                     class UpgradeSteps(object):
                         """
                         Those steps follow schema versions so for example schema
                         for example schema with seq 002 == step_2 and so on.
                         """
                         def __init__(self, klass):
                             self.klass = klass
                         def step_0(self):
                             # step 0 is the schema upgrade, and than follow proper upgrades
                             print ('attempting to do database upgrade to version %s' \
                                             % __dbversion__)
                             api.upgrade(db_uri, repository_path, __dbversion__)
                             print ('Schema upgrade completed')
                         def step_1(self):
                             pass
                         def step_2(self):
                             print ('Patching repo paths for newer version of RhodeCode')
                             self.klass.fix_repo_paths()
                             print ('Patching default user of RhodeCode')
                             self.klass.fix_default_user()
                             log.info('Changing ui settings')
                             self.klass.create_ui_settings()
                         def step_3(self):
                             print ('Adding additional settings into RhodeCode db')
                             self.klass.fix_settings()
                             print ('Adding ldap defaults')
                             self.klass.create_ldap_options(skip_existing=True)
                         def step_4(self):
                             print ('create permissions and fix groups')
                             self.klass.create_permissions()
                             self.klass.fixup_groups()
                         def step_5(self):
                             pass
                         def step_6(self):
                             pass
                     upgrade_steps = [0] + range(curr_version + 1, __dbversion__ + 1)
                     # CALL THE PROPER ORDER OF STEPS TO PERFORM FULL UPGRADE
                     for step in upgrade_steps:
                         print ('performing upgrade step %s' % step)
                         getattr(UpgradeSteps(self), 'step_%s' % step)()
                         self.sa.commit()
                 def fix_repo_paths(self):
                     """
                     Fixes a old rhodecode version path into new one without a '*'
                     """
                     paths = self.sa.query(RhodeCodeUi)\
                             .filter(RhodeCodeUi.ui_key == '/')\
                             .scalar()
                     paths.ui_value = paths.ui_value.replace('*', '')
                     try:
                         self.sa.add(paths)
                         self.sa.commit()
                     except:
                         self.sa.rollback()
                         raise
                 def fix_default_user(self):
                     """
                     Fixes a old default user with some 'nicer' default values,
                     used mostly for anonymous access
                     """
                     def_user = self.sa.query(User)\
                             .filter(User.username == 'default')\
                             .one()
                     def_user.name = 'Anonymous'
                     def_user.lastname = 'User'
                     def_user.email = 'anonymous@rhodecode.org'
                     try:
                         self.sa.add(def_user)
                         self.sa.commit()
                     except:
                         self.sa.rollback()
                         raise
                 def fix_settings(self):
                     """
                     Fixes rhodecode settings adds ga_code key for google analytics
                     """
                     hgsettings3 = RhodeCodeSetting('ga_code', '')
                     try:
                         self.sa.add(hgsettings3)
                         self.sa.commit()
                     except:
                         self.sa.rollback()
                         raise
                 def admin_prompt(self, second=False, defaults={}):
                     if not self.tests:
                         import getpass
                         # defaults
                         username = defaults.get('username')
                         password = defaults.get('password')
                         email = defaults.get('email')
                         def get_password():
                             password = getpass.getpass('Specify admin password '
                                                        '(min 6 chars):')
                             confirm = getpass.getpass('Confirm password:')
                             if password != confirm:
                                 log.error('passwords mismatch')
                                 return False
                             if len(password) < 6:
                                 log.error('password is to short use at least 6 characters')
                                 return False
                             return password
                         if username is None:
                             username = raw_input('Specify admin username:')
                         if password is None:
                             password = get_password()
                             if not password:
                                 #second try
                                 password = get_password()
                                 if not password:
                                     sys.exit()
                         if email is None:
                             email = raw_input('Specify admin email:')
                         self.create_user(username, password, email, True)
                     else:
                         log.info('creating admin and regular test users')
                         from rhodecode.tests import TEST_USER_ADMIN_LOGIN,\
                         TEST_USER_ADMIN_PASS, TEST_USER_ADMIN_EMAIL,\
                         TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS,\
                         TEST_USER_REGULAR_EMAIL, TEST_USER_REGULAR2_LOGIN, \
                         TEST_USER_REGULAR2_PASS, TEST_USER_REGULAR2_EMAIL
                         self.create_user(TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS,
                                          TEST_USER_ADMIN_EMAIL, True)
                         self.create_user(TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS,
                                          TEST_USER_REGULAR_EMAIL, False)
                         self.create_user(TEST_USER_REGULAR2_LOGIN, TEST_USER_REGULAR2_PASS,
                                          TEST_USER_REGULAR2_EMAIL, False)
                 def create_ui_settings(self):
                     """
                     Creates ui settings, fills out hooks
                     and disables dotencode
                     """
                     #HOOKS
                     hooks1_key = RhodeCodeUi.HOOK_UPDATE
                     hooks1_ = self.sa.query(RhodeCodeUi)\
                         .filter(RhodeCodeUi.ui_key == hooks1_key).scalar()
                     hooks1 = RhodeCodeUi() if hooks1_ is None else hooks1_
                     hooks1.ui_section = 'hooks'
                     hooks1.ui_key = hooks1_key
                     hooks1.ui_value = 'hg update >&2'
                     hooks1.ui_active = False
+                    self.sa.add(hooks1)
                     hooks2_key = RhodeCodeUi.HOOK_REPO_SIZE
                     hooks2_ = self.sa.query(RhodeCodeUi)\
                         .filter(RhodeCodeUi.ui_key == hooks2_key).scalar()
                     hooks2 = RhodeCodeUi() if hooks2_ is None else hooks2_
                     hooks2.ui_section = 'hooks'
                     hooks2.ui_key = hooks2_key
                     hooks2.ui_value = 'python:rhodecode.lib.hooks.repo_size'
+                    self.sa.add(hooks2)
                     hooks3 = RhodeCodeUi()
                     hooks3.ui_section = 'hooks'
                     hooks3.ui_key = RhodeCodeUi.HOOK_PUSH
                     hooks3.ui_value = 'python:rhodecode.lib.hooks.log_push_action'
+                    self.sa.add(hooks3)
                     hooks4 = RhodeCodeUi()
                     hooks4.ui_section = 'hooks'
-                    hooks4.ui_key = RhodeCodeUi.HOOK_PULL
+                    hooks4.ui_key = RhodeCodeUi.HOOK_PRE_PUSH
-                    hooks4.ui_value = 'python:rhodecode.lib.hooks.log_pull_action'
+                    hooks4.ui_value = 'python:rhodecode.lib.hooks.pre_push'
+                    self.sa.add(hooks4)
-                    # For mercurial 1.7 set backward comapatibility with format
+                    hooks5 = RhodeCodeUi()
-                    dotencode_disable = RhodeCodeUi()
+                    hooks5.ui_section = 'hooks'
-                    dotencode_disable.ui_section = 'format'
+                    hooks5.ui_key = RhodeCodeUi.HOOK_PULL
-                    dotencode_disable.ui_key = 'dotencode'
+                    hooks5.ui_value = 'python:rhodecode.lib.hooks.log_pull_action'
-                    dotencode_disable.ui_value = 'false'
+                    self.sa.add(hooks5)
+                    hooks6 = RhodeCodeUi()
+                    hooks6.ui_section = 'hooks'
+                    hooks6.ui_key = RhodeCodeUi.HOOK_PRE_PULL
+                    hooks6.ui_value = 'python:rhodecode.lib.hooks.pre_pull'
+                    self.sa.add(hooks6)
                     # enable largefiles
                     largefiles = RhodeCodeUi()
                     largefiles.ui_section = 'extensions'
                     largefiles.ui_key = 'largefiles'
                     largefiles.ui_value = ''
+                    self.sa.add(largefiles)
                     # enable hgsubversion disabled by default
                     hgsubversion = RhodeCodeUi()
                     hgsubversion.ui_section = 'extensions'
                     hgsubversion.ui_key = 'hgsubversion'
                     hgsubversion.ui_value = ''
                     hgsubversion.ui_active = False
+                    self.sa.add(hgsubversion)
                     # enable hggit disabled by default
                     hggit = RhodeCodeUi()
                     hggit.ui_section = 'extensions'
                     hggit.ui_key = 'hggit'
                     hggit.ui_value = ''
                     hggit.ui_active = False
-                    self.sa.add(hooks1)
-                    self.sa.add(hooks2)
-                    self.sa.add(hooks3)
-                    self.sa.add(hooks4)
-                    self.sa.add(largefiles)
-                    self.sa.add(hgsubversion)
                     self.sa.add(hggit)
                 def create_ldap_options(self, skip_existing=False):
                     """Creates ldap settings"""
                     for k, v in [('ldap_active', 'false'), ('ldap_host', ''),
                                 ('ldap_port', '389'), ('ldap_tls_kind', 'PLAIN'),
                                 ('ldap_tls_reqcert', ''), ('ldap_dn_user', ''),
                                 ('ldap_dn_pass', ''), ('ldap_base_dn', ''),
                                 ('ldap_filter', ''), ('ldap_search_scope', ''),
                                 ('ldap_attr_login', ''), ('ldap_attr_firstname', ''),
                                 ('ldap_attr_lastname', ''), ('ldap_attr_email', '')]:
                         if skip_existing and RhodeCodeSetting.get_by_name(k) != None:
                             log.debug('Skipping option %s' % k)
                             continue
                         setting = RhodeCodeSetting(k, v)
                         self.sa.add(setting)
                 def fixup_groups(self):
                     def_usr = User.get_by_username('default')
                     for g in RepoGroup.query().all():
                         g.group_name = g.get_new_name(g.name)
                         self.sa.add(g)
                         # get default perm
                         default = UserRepoGroupToPerm.query()\
                             .filter(UserRepoGroupToPerm.group == g)\
                             .filter(UserRepoGroupToPerm.user == def_usr)\
                             .scalar()
                         if default is None:
                             log.debug('missing default permission for group %s adding' % g)
                             ReposGroupModel()._create_default_perms(g)
                 def config_prompt(self, test_repo_path='', retries=3, defaults={}):
                     _path = defaults.get('repos_location')
                     if retries == 3:
                         log.info('Setting up repositories config')
                     if _path is not None:
                         path = _path
                     elif not self.tests and not test_repo_path:
                         path = raw_input(
                              'Enter a valid absolute path to store repositories. '
                              'All repositories in that path will be added automatically:'
                         )
                     else:
                         path = test_repo_path
                     path_ok = True
                     # check proper dir
                     if not os.path.isdir(path):
                         path_ok = False
                         log.error('Given path %s is not a valid directory' % path)
                     elif not os.path.isabs(path):
                         path_ok = False
                         log.error('Given path %s is not an absolute path' % path)
                     # check write access
                     elif not os.access(path, os.W_OK) and path_ok:
                         path_ok = False
                         log.error('No write permission to given path %s' % path)
                     if retries == 0:
                         sys.exit('max retries reached')
                     if path_ok is False:
                         retries -= 1
                         return self.config_prompt(test_repo_path, retries)
                     return path
                 def create_settings(self, path):
                     self.create_ui_settings()
                     #HG UI OPTIONS
                     web1 = RhodeCodeUi()
                     web1.ui_section = 'web'
                     web1.ui_key = 'push_ssl'
                     web1.ui_value = 'false'
                     web2 = RhodeCodeUi()
                     web2.ui_section = 'web'
                     web2.ui_key = 'allow_archive'
                     web2.ui_value = 'gz zip bz2'
                     web3 = RhodeCodeUi()
                     web3.ui_section = 'web'
                     web3.ui_key = 'allow_push'
                     web3.ui_value = '*'
                     web4 = RhodeCodeUi()
                     web4.ui_section = 'web'
                     web4.ui_key = 'baseurl'
                     web4.ui_value = '/'
                     paths = RhodeCodeUi()
                     paths.ui_section = 'paths'
                     paths.ui_key = '/'
                     paths.ui_value = path
+                    phases = RhodeCodeUi()
+                    phases.ui_section = 'phases'
+                    phases.ui_key = 'publish'
+                    phases.ui_value = False
                     sett1 = RhodeCodeSetting('realm', 'RhodeCode authentication')
                     sett2 = RhodeCodeSetting('title', 'RhodeCode')
                     sett3 = RhodeCodeSetting('ga_code', '')
                     sett4 = RhodeCodeSetting('show_public_icon', True)
                     sett5 = RhodeCodeSetting('show_private_icon', True)
                     sett6 = RhodeCodeSetting('stylify_metatags', False)
                     self.sa.add(web1)
                     self.sa.add(web2)
                     self.sa.add(web3)
                     self.sa.add(web4)
                     self.sa.add(paths)
                     self.sa.add(sett1)
                     self.sa.add(sett2)
                     self.sa.add(sett3)
                     self.sa.add(sett4)
                     self.sa.add(sett5)
                     self.sa.add(sett6)
                     self.create_ldap_options()
                     log.info('created ui config')
                 def create_user(self, username, password, email='', admin=False):
                     log.info('creating user %s' % username)
                     UserModel().create_or_update(username, password, email,
                                                  firstname='RhodeCode', lastname='Admin',
                                                  active=True, admin=admin)
                 def create_default_user(self):
                     log.info('creating default user')
                     # create default user for handling default permissions.
                     UserModel().create_or_update(username='default',
                                           password=str(uuid.uuid1())[:8],
                                           email='anonymous@rhodecode.org',
                                           firstname='Anonymous', lastname='User')
                 def create_permissions(self):
                     # module.(access|create|change|delete)_[name]
                     # module.(none|read|write|admin)
                     for p in Permission.PERMS:
                         if not Permission.get_by_key(p[0]):
                             new_perm = Permission()
                             new_perm.permission_name = p[0]
                             new_perm.permission_longname = p[0]
                             self.sa.add(new_perm)
                 def populate_default_permissions(self):
                     log.info('creating default user permissions')
                     default_user = User.get_by_username('default')
                     reg_perm = UserToPerm()
                     reg_perm.user = default_user
                     reg_perm.permission = self.sa.query(Permission)\
                      .filter(Permission.permission_name == 'hg.register.manual_activate')\
                      .scalar()
                     self.sa.add(reg_perm)
                     create_repo_perm = UserToPerm()
                     create_repo_perm.user = default_user
                     create_repo_perm.permission = self.sa.query(Permission)\
                      .filter(Permission.permission_name == 'hg.create.repository')\
                      .scalar()
                     self.sa.add(create_repo_perm)
                     default_fork_perm = UserToPerm()
                     default_fork_perm.user = default_user
                     default_fork_perm.permission = self.sa.query(Permission)\
                      .filter(Permission.permission_name == 'hg.fork.repository')\
                      .scalar()
                     self.sa.add(default_fork_perm)
                     default_repo_perm = UserToPerm()
                     default_repo_perm.user = default_user
                     default_repo_perm.permission = self.sa.query(Permission)\
                      .filter(Permission.permission_name == 'repository.read')\
                      .scalar()
                     self.sa.add(default_repo_perm)

rhodecode/lib/exceptions.py

0 +16 -1

             # -*- coding: utf-8 -*-
             """
                 rhodecode.lib.exceptions
                 ~~~~~~~~~~~~~~~~~~~~~~~~
                 Set of custom exceptions used in RhodeCode
                 :created_on: Nov 17, 2010
                 :author: marcink
                 :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
                 :license: GPLv3, see COPYING for more details.
             """
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU General Public License as published by
             # the Free Software Foundation, either version 3 of the License, or
             # (at your option) any later version.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
+            from webob.exc import HTTPClientError
             class LdapUsernameError(Exception):
                 pass
             class LdapPasswordError(Exception):
                 pass
             class LdapConnectionError(Exception):
                 pass
             class LdapImportError(Exception):
                 pass
             class DefaultUserException(Exception):
                 pass
             class UserOwnsReposException(Exception):
                 pass
             class UsersGroupsAssignedException(Exception):
                 pass
             class StatusChangeOnClosedPullRequestError(Exception):
-                pass
  No newline at end of file
+                pass
+            class HTTPLockedRC(HTTPClientError):
+                """
+                Special Exception For locked Repos in RhodeCode
+                """
+                code = 423
+                title = explanation = 'Repository Locked'
+                def __init__(self, reponame, username, *args, **kwargs):
+                    self.title = self.explanation = ('Repository `%s` locked by '
+                                                     'user `%s`' % (reponame, username))
+                    super(HTTPLockedRC, self).__init__(*args, **kwargs)

rhodecode/lib/helpers.py

0 +14 -1

             """Helper functions
             Consists of functions to typically be used within templates, but also
             available to Controllers. This module is available to both as 'h'.
             """
             import random
             import hashlib
             import StringIO
             import urllib
             import math
             import logging
             import re
             from datetime import datetime
             from pygments.formatters.html import HtmlFormatter
             from pygments import highlight as code_highlight
             from pylons import url, request, config
             from pylons.i18n.translation import _, ungettext
             from hashlib import md5
             from webhelpers.html import literal, HTML, escape
             from webhelpers.html.tools import *
             from webhelpers.html.builder import make_tag
             from webhelpers.html.tags import auto_discovery_link, checkbox, css_classes, \
                 end_form, file, form, hidden, image, javascript_link, link_to, \
                 link_to_if, link_to_unless, ol, required_legend, select, stylesheet_link, \
                 submit, text, password, textarea, title, ul, xml_declaration, radio
             from webhelpers.html.tools import auto_link, button_to, highlight, \
                 js_obfuscate, mail_to, strip_links, strip_tags, tag_re
             from webhelpers.number import format_byte_size, format_bit_size
             from webhelpers.pylonslib import Flash as _Flash
             from webhelpers.pylonslib.secure_form import secure_form
             from webhelpers.text import chop_at, collapse, convert_accented_entities, \
                 convert_misc_entities, lchop, plural, rchop, remove_formatting, \
                 replace_whitespace, urlify, truncate, wrap_paragraphs
             from webhelpers.date import time_ago_in_words
             from webhelpers.paginate import Page
             from webhelpers.html.tags import _set_input_attrs, _set_id_attr, \
                 convert_boolean_attrs, NotGiven, _make_safe_id_component
             from rhodecode.lib.annotate import annotate_highlight
             from rhodecode.lib.utils import repo_name_slug
             from rhodecode.lib.utils2 import str2bool, safe_unicode, safe_str, \
-                get_changeset_safe
+                get_changeset_safe, datetime_to_time, time_to_datetime
             from rhodecode.lib.markup_renderer import MarkupRenderer
             from rhodecode.lib.vcs.exceptions import ChangesetDoesNotExistError
             from rhodecode.lib.vcs.backends.base import BaseChangeset
             from rhodecode.config.conf import DATE_FORMAT, DATETIME_FORMAT
             from rhodecode.model.changeset_status import ChangesetStatusModel
             from rhodecode.model.db import URL_SEP, Permission
             log = logging.getLogger(__name__)
             html_escape_table = {
                 "&": "&amp;",
                 '"': "&quot;",
                 "'": "&apos;",
                 ">": "&gt;",
                 "<": "&lt;",
             }
             def html_escape(text):
                 """Produce entities within text."""
                 return "".join(html_escape_table.get(c,c) for c in text)
             def shorter(text, size=20):
                 postfix = '...'
                 if len(text) > size:
                     return text[:size - len(postfix)] + postfix
                 return text
             def _reset(name, value=None, id=NotGiven, type="reset", **attrs):
                 """
                 Reset button
                 """
                 _set_input_attrs(attrs, type, name, value)
                 _set_id_attr(attrs, id, name)
                 convert_boolean_attrs(attrs, ["disabled"])
                 return HTML.input(**attrs)
             reset = _reset
             safeid = _make_safe_id_component
             def FID(raw_id, path):
                 """
                 Creates a uniqe ID for filenode based on it's hash of path and revision
                 it's safe to use in urls
                 :param raw_id:
                 :param path:
                 """
                 return 'C-%s-%s' % (short_id(raw_id), md5(safe_str(path)).hexdigest()[:12])
             def get_token():
                 """Return the current authentication token, creating one if one doesn't
                 already exist.
                 """
                 token_key = "_authentication_token"
                 from pylons import session
                 if not token_key in session:
                     try:
                         token = hashlib.sha1(str(random.getrandbits(128))).hexdigest()
                     except AttributeError:  # Python < 2.4
                         token = hashlib.sha1(str(random.randrange(2 ** 128))).hexdigest()
                     session[token_key] = token
                     if hasattr(session, 'save'):
                         session.save()
                 return session[token_key]
             class _GetError(object):
                 """Get error from form_errors, and represent it as span wrapped error
                 message
                 :param field_name: field to fetch errors for
                 :param form_errors: form errors dict
                 """
                 def __call__(self, field_name, form_errors):
                     tmpl = """<span class="error_msg">%s</span>"""
                     if form_errors and field_name in form_errors:
                         return literal(tmpl % form_errors.get(field_name))
             get_error = _GetError()
             class _ToolTip(object):
                 def __call__(self, tooltip_title, trim_at=50):
                     """
                     Special function just to wrap our text into nice formatted
                     autowrapped text
                     :param tooltip_title:
                     """
                     tooltip_title = escape(tooltip_title)
                     tooltip_title = tooltip_title.replace('<', '&lt;').replace('>', '&gt;')
                     return tooltip_title
             tooltip = _ToolTip()
             class _FilesBreadCrumbs(object):
                 def __call__(self, repo_name, rev, paths):
                     if isinstance(paths, str):
                         paths = safe_unicode(paths)
                     url_l = [link_to(repo_name, url('files_home',
                                                     repo_name=repo_name,
                                                     revision=rev, f_path=''),
                                      class_='ypjax-link')]
                     paths_l = paths.split('/')
                     for cnt, p in enumerate(paths_l):
                         if p != '':
                             url_l.append(link_to(p,
                                                  url('files_home',
                                                      repo_name=repo_name,
                                                      revision=rev,
                                                      f_path='/'.join(paths_l[:cnt + 1])
                                                      ),
                                                  class_='ypjax-link'
                                                  )
                                          )
                     return literal('/'.join(url_l))
             files_breadcrumbs = _FilesBreadCrumbs()
             class CodeHtmlFormatter(HtmlFormatter):
                 """
                 My code Html Formatter for source codes
                 """
                 def wrap(self, source, outfile):
                     return self._wrap_div(self._wrap_pre(self._wrap_code(source)))
                 def _wrap_code(self, source):
                     for cnt, it in enumerate(source):
                         i, t = it
                         t = '<div id="L%s">%s</div>' % (cnt + 1, t)
                         yield i, t
                 def _wrap_tablelinenos(self, inner):
                     dummyoutfile = StringIO.StringIO()
                     lncount = 0
                     for t, line in inner:
                         if t:
                             lncount += 1
                         dummyoutfile.write(line)
                     fl = self.linenostart
                     mw = len(str(lncount + fl - 1))
                     sp = self.linenospecial
                     st = self.linenostep
                     la = self.lineanchors
                     aln = self.anchorlinenos
                     nocls = self.noclasses
                     if sp:
                         lines = []
                         for i in range(fl, fl + lncount):
                             if i % st == 0:
                                 if i % sp == 0:
                                     if aln:
                                         lines.append('<a href="#%s%d" class="special">%*d</a>' %
                                                      (la, i, mw, i))
                                     else:
                                         lines.append('<span class="special">%*d</span>' % (mw, i))
                                 else:
                                     if aln:
                                         lines.append('<a href="#%s%d">%*d</a>' % (la, i, mw, i))
                                     else:
                                         lines.append('%*d' % (mw, i))
                             else:
                                 lines.append('')
                         ls = '\n'.join(lines)
                     else:
                         lines = []
                         for i in range(fl, fl + lncount):
                             if i % st == 0:
                                 if aln:
                                     lines.append('<a href="#%s%d">%*d</a>' % (la, i, mw, i))
                                 else:
                                     lines.append('%*d' % (mw, i))
                             else:
                                 lines.append('')
                         ls = '\n'.join(lines)
                     # in case you wonder about the seemingly redundant <div> here: since the
                     # content in the other cell also is wrapped in a div, some browsers in
                     # some configurations seem to mess up the formatting...
                     if nocls:
                         yield 0, ('<table class="%stable">' % self.cssclass +
                                   '<tr><td><div class="linenodiv" '
                                   'style="background-color: #f0f0f0; padding-right: 10px">'
                                   '<pre style="line-height: 125%">' +
                                   ls + '</pre></div></td><td id="hlcode" class="code">')
                     else:
                         yield 0, ('<table class="%stable">' % self.cssclass +
                                   '<tr><td class="linenos"><div class="linenodiv"><pre>' +
                                   ls + '</pre></div></td><td id="hlcode" class="code">')
                     yield 0, dummyoutfile.getvalue()
                     yield 0, '</td></tr></table>'
             def pygmentize(filenode, **kwargs):
                 """pygmentize function using pygments
                 :param filenode:
                 """
                 return literal(code_highlight(filenode.content,
                                               filenode.lexer, CodeHtmlFormatter(**kwargs)))
             def pygmentize_annotation(repo_name, filenode, **kwargs):
                 """
                 pygmentize function for annotation
                 :param filenode:
                 """
                 color_dict = {}
                 def gen_color(n=10000):
                     """generator for getting n of evenly distributed colors using
                     hsv color and golden ratio. It always return same order of colors
                     :returns: RGB tuple
                     """
                     def hsv_to_rgb(h, s, v):
                         if s == 0.0:
                             return v, v, v
                         i = int(h * 6.0)  # XXX assume int() truncates!
                         f = (h * 6.0) - i
                         p = v * (1.0 - s)
                         q = v * (1.0 - s * f)
                         t = v * (1.0 - s * (1.0 - f))
                         i = i % 6
                         if i == 0:
                             return v, t, p
                         if i == 1:
                             return q, v, p
                         if i == 2:
                             return p, v, t
                         if i == 3:
                             return p, q, v
                         if i == 4:
                             return t, p, v
                         if i == 5:
                             return v, p, q
                     golden_ratio = 0.618033988749895
                     h = 0.22717784590367374
                     for _ in xrange(n):
                         h += golden_ratio
                         h %= 1
                         HSV_tuple = [h, 0.95, 0.95]
                         RGB_tuple = hsv_to_rgb(*HSV_tuple)
                         yield map(lambda x: str(int(x * 256)), RGB_tuple)
                 cgenerator = gen_color()
                 def get_color_string(cs):
                     if cs in color_dict:
                         col = color_dict[cs]
                     else:
                         col = color_dict[cs] = cgenerator.next()
                     return "color: rgb(%s)! important;" % (', '.join(col))
                 def url_func(repo_name):
                     def _url_func(changeset):
                         author = changeset.author
                         date = changeset.date
                         message = tooltip(changeset.message)
                         tooltip_html = ("<div style='font-size:0.8em'><b>Author:</b>"
                                         " %s<br/><b>Date:</b> %s</b><br/><b>Message:"
                                         "</b> %s<br/></div>")
                         tooltip_html = tooltip_html % (author, date, message)
                         lnk_format = '%5s:%s' % ('r%s' % changeset.revision,
                                                  short_id(changeset.raw_id))
                         uri = link_to(
                                 lnk_format,
                                 url('changeset_home', repo_name=repo_name,
                                     revision=changeset.raw_id),
                                 style=get_color_string(changeset.raw_id),
                                 class_='tooltip',
                                 title=tooltip_html
                               )
                         uri += '\n'
                         return uri
                     return _url_func
                 return literal(annotate_highlight(filenode, url_func(repo_name), **kwargs))
             def is_following_repo(repo_name, user_id):
                 from rhodecode.model.scm import ScmModel
                 return ScmModel().is_following_repo(repo_name, user_id)
             flash = _Flash()
             #==============================================================================
             # SCM FILTERS available via h.
             #==============================================================================
             from rhodecode.lib.vcs.utils import author_name, author_email
             from rhodecode.lib.utils2 import credentials_filter, age as _age
             from rhodecode.model.db import User, ChangesetStatus
             age = lambda  x: _age(x)
             capitalize = lambda x: x.capitalize()
             email = author_email
             short_id = lambda x: x[:12]
             hide_credentials = lambda x: ''.join(credentials_filter(x))
             def fmt_date(date):
                 if date:
                     _fmt = _(u"%a, %d %b %Y %H:%M:%S").encode('utf8')
                     return date.strftime(_fmt).decode('utf8')
                 return ""
             def is_git(repository):
                 if hasattr(repository, 'alias'):
                     _type = repository.alias
                 elif hasattr(repository, 'repo_type'):
                     _type = repository.repo_type
                 else:
                     _type = repository
                 return _type == 'git'
             def is_hg(repository):
                 if hasattr(repository, 'alias'):
                     _type = repository.alias
                 elif hasattr(repository, 'repo_type'):
                     _type = repository.repo_type
                 else:
                     _type = repository
                 return _type == 'hg'
             def email_or_none(author):
                 # extract email from the commit string
                 _email = email(author)
                 if _email != '':
                     # check it against RhodeCode database, and use the MAIN email for this
                     # user
                     user = User.get_by_email(_email, case_insensitive=True, cache=True)
                     if user is not None:
                         return user.email
                     return _email
                 # See if it contains a username we can get an email from
                 user = User.get_by_username(author_name(author), case_insensitive=True,
                                             cache=True)
                 if user is not None:
                     return user.email
                 # No valid email, not a valid user in the system, none!
                 return None
             def person(author):
                 # attr to return from fetched user
                 person_getter = lambda usr: usr.username
                 # Valid email in the attribute passed, see if they're in the system
                 _email = email(author)
                 if _email != '':
                     user = User.get_by_email(_email, case_insensitive=True, cache=True)
                     if user is not None:
                         return person_getter(user)
                     return _email
                 # Maybe it's a username?
                 _author = author_name(author)
                 user = User.get_by_username(_author, case_insensitive=True,
                                             cache=True)
                 if user is not None:
                     return person_getter(user)
                 # Still nothing?  Just pass back the author name then
                 return _author
+            def person_by_id(id_):
+                # attr to return from fetched user
+                person_getter = lambda usr: usr.username
+                #maybe it's an ID ?
+                if str(id_).isdigit() or isinstance(id_, int):
+                    id_ = int(id_)
+                    user = User.get(id_)
+                    if user is not None:
+                        return person_getter(user)
+                return id_
             def desc_stylize(value):
                 """
                 converts tags from value into html equivalent
                 :param value:
                 """
                 value = re.sub(r'\[see\ \=\>\ *([a-zA-Z0-9\/\=\?\&\ \:\/\.\-]*)\]',
                                '<div class="metatag" tag="see">see =&gt; \\1 </div>', value)
                 value = re.sub(r'\[license\ \=\>\ *([a-zA-Z0-9\/\=\?\&\ \:\/\.\-]*)\]',
                                '<div class="metatag" tag="license"><a href="http:\/\/www.opensource.org/licenses/\\1">\\1</a></div>', value)
                 value = re.sub(r'\[(requires|recommends|conflicts|base)\ \=\>\ *([a-zA-Z\-\/]*)\]',
                                '<div class="metatag" tag="\\1">\\1 =&gt; <a href="/\\2">\\2</a></div>', value)
                 value = re.sub(r'\[(lang|language)\ \=\>\ *([a-zA-Z\-\/]*)\]',
                                '<div class="metatag" tag="lang">\\2</div>', value)
                 value = re.sub(r'\[([a-z]+)\]',
                               '<div class="metatag" tag="\\1">\\1</div>', value)
                 return value
             def bool2icon(value):
                 """Returns True/False values represented as small html image of true/false
                 icons
                 :param value: bool value
                 """
                 if value is True:
                     return HTML.tag('img', src=url("/images/icons/accept.png"),
                                     alt=_('True'))
                 if value is False:
                     return HTML.tag('img', src=url("/images/icons/cancel.png"),
                                     alt=_('False'))
                 return value
             def action_parser(user_log, feed=False):
                 """
                 This helper will action_map the specified string action into translated
                 fancy names with icons and links
                 :param user_log: user log instance
                 :param feed: use output for feeds (no html and fancy icons)
                 """
                 action = user_log.action
                 action_params = ' '
                 x = action.split(':')
                 if len(x) > 1:
                     action, action_params = x
                 def get_cs_links():
                     revs_limit = 3  # display this amount always
                     revs_top_limit = 50  # show upto this amount of changesets hidden
                     revs_ids = action_params.split(',')
                     deleted = user_log.repository is None
                     if deleted:
                         return ','.join(revs_ids)
                     repo_name = user_log.repository.repo_name
                     repo = user_log.repository.scm_instance
                     def lnk(rev, repo_name):
                         if isinstance(rev, BaseChangeset):
                             lbl = 'r%s:%s' % (rev.revision, rev.short_id)
                             _url = url('changeset_home', repo_name=repo_name,
                                        revision=rev.raw_id)
                             title = tooltip(rev.message)
                         else:
                             lbl = '%s' % rev
                             _url = '#'
                             title = _('Changeset not found')
                         return link_to(lbl, _url, title=title, class_='tooltip',)
                     revs = []
                     if len(filter(lambda v: v != '', revs_ids)) > 0:
                         for rev in revs_ids[:revs_top_limit]:
                             try:
                                 rev = repo.get_changeset(rev)
                                 revs.append(rev)
                             except ChangesetDoesNotExistError:
                                 log.error('cannot find revision %s in this repo' % rev)
                                 revs.append(rev)
                                 continue
                     cs_links = []
                     cs_links.append(" " + ', '.join(
                         [lnk(rev, repo_name) for rev in revs[:revs_limit]]
                         )
                     )
                     compare_view = (
                         ' <div class="compare_view tooltip" title="%s">'
                         '<a href="%s">%s</a> </div>' % (
                             _('Show all combined changesets %s->%s') % (
                                 revs_ids[0], revs_ids[-1]
                             ),
                             url('changeset_home', repo_name=repo_name,
                                 revision='%s...%s' % (revs_ids[0], revs_ids[-1])
                             ),
                             _('compare view')
                         )
                     )
                     # if we have exactly one more than normally displayed
                     # just display it, takes less space than displaying
                     # "and 1 more revisions"
                     if len(revs_ids) == revs_limit + 1:
                         rev = revs[revs_limit]
                         cs_links.append(", " + lnk(rev, repo_name))
                     # hidden-by-default ones
                     if len(revs_ids) > revs_limit + 1:
                         uniq_id = revs_ids[0]
                         html_tmpl = (
                             '<span> %s <a class="show_more" id="_%s" '
                             'href="#more">%s</a> %s</span>'
                         )
                         if not feed:
                             cs_links.append(html_tmpl % (
                                   _('and'),
                                   uniq_id, _('%s more') % (len(revs_ids) - revs_limit),
                                   _('revisions')
                                 )
                             )
                         if not feed:
                             html_tmpl = '<span id="%s" style="display:none">, %s </span>'
                         else:
                             html_tmpl = '<span id="%s"> %s </span>'
                         morelinks = ', '.join(
                           [lnk(rev, repo_name) for rev in revs[revs_limit:]]
                         )
                         if len(revs_ids) > revs_top_limit:
                             morelinks += ', ...'
                         cs_links.append(html_tmpl % (uniq_id, morelinks))
                     if len(revs) > 1:
                         cs_links.append(compare_view)
                     return ''.join(cs_links)
                 def get_fork_name():
                     repo_name = action_params
                     return _('fork name ') + str(link_to(action_params, url('summary_home',
                                                       repo_name=repo_name,)))
                 def get_user_name():
                     user_name = action_params
                     return user_name
                 def get_users_group():
                     group_name = action_params
                     return group_name
                 def get_pull_request():
                     pull_request_id = action_params
                     repo_name = user_log.repository.repo_name
                     return link_to(_('Pull request #%s') % pull_request_id,
                                 url('pullrequest_show', repo_name=repo_name,
                                 pull_request_id=pull_request_id))
                 # action : translated str, callback(extractor), icon
                 action_map = {
                 'user_deleted_repo':           (_('[deleted] repository'),
                                                 None, 'database_delete.png'),
                 'user_created_repo':           (_('[created] repository'),
                                                 None, 'database_add.png'),
                 'user_created_fork':           (_('[created] repository as fork'),
                                                 None, 'arrow_divide.png'),
                 'user_forked_repo':            (_('[forked] repository'),
                                                 get_fork_name, 'arrow_divide.png'),
                 'user_updated_repo':           (_('[updated] repository'),
                                                 None, 'database_edit.png'),
                 'admin_deleted_repo':          (_('[delete] repository'),
                                                 None, 'database_delete.png'),
                 'admin_created_repo':          (_('[created] repository'),
                                                 None, 'database_add.png'),
                 'admin_forked_repo':           (_('[forked] repository'),
                                                 None, 'arrow_divide.png'),
                 'admin_updated_repo':          (_('[updated] repository'),
                                                 None, 'database_edit.png'),
                 'admin_created_user':          (_('[created] user'),
                                                 get_user_name, 'user_add.png'),
                 'admin_updated_user':          (_('[updated] user'),
                                                 get_user_name, 'user_edit.png'),
                 'admin_created_users_group':   (_('[created] users group'),
                                                 get_users_group, 'group_add.png'),
                 'admin_updated_users_group':   (_('[updated] users group'),
                                                 get_users_group, 'group_edit.png'),
                 'user_commented_revision':     (_('[commented] on revision in repository'),
                                                 get_cs_links, 'comment_add.png'),
                 'user_commented_pull_request': (_('[commented] on pull request for'),
                                                 get_pull_request, 'comment_add.png'),
                 'user_closed_pull_request':    (_('[closed] pull request for'),
                                                 get_pull_request, 'tick.png'),
                 'push':                        (_('[pushed] into'),
                                                 get_cs_links, 'script_add.png'),
                 'push_local':                  (_('[committed via RhodeCode] into repository'),
                                                 get_cs_links, 'script_edit.png'),
                 'push_remote':                 (_('[pulled from remote] into repository'),
                                                 get_cs_links, 'connect.png'),
                 'pull':                        (_('[pulled] from'),
                                                 None, 'down_16.png'),
                 'started_following_repo':      (_('[started following] repository'),
                                                 None, 'heart_add.png'),
                 'stopped_following_repo':      (_('[stopped following] repository'),
                                                 None, 'heart_delete.png'),
                 }
                 action_str = action_map.get(action, action)
                 if feed:
                     action = action_str[0].replace('[', '').replace(']', '')
                 else:
                     action = action_str[0]\
                         .replace('[', '<span class="journal_highlight">')\
                         .replace(']', '</span>')
                 action_params_func = lambda: ""
                 if callable(action_str[1]):
                     action_params_func = action_str[1]
                 def action_parser_icon():
                     action = user_log.action
                     action_params = None
                     x = action.split(':')
                     if len(x) > 1:
                         action, action_params = x
                     tmpl = """<img src="%s%s" alt="%s"/>"""
                     ico = action_map.get(action, ['', '', ''])[2]
                     return literal(tmpl % ((url('/images/icons/')), ico, action))
                 # returned callbacks we need to call to get
                 return [lambda: literal(action), action_params_func, action_parser_icon]
             #==============================================================================
             # PERMS
             #==============================================================================
             from rhodecode.lib.auth import HasPermissionAny, HasPermissionAll, \
             HasRepoPermissionAny, HasRepoPermissionAll
             #==============================================================================
             # GRAVATAR URL
             #==============================================================================
             def gravatar_url(email_address, size=30):
                 if (not str2bool(config['app_conf'].get('use_gravatar')) or
                     not email_address or email_address == 'anonymous@rhodecode.org'):
                     f = lambda a, l: min(l, key=lambda x: abs(x - a))
                     return url("/images/user%s.png" % f(size, [14, 16, 20, 24, 30]))
                 ssl_enabled = 'https' == request.environ.get('wsgi.url_scheme')
                 default = 'identicon'
                 baseurl_nossl = "http://www.gravatar.com/avatar/"
                 baseurl_ssl = "https://secure.gravatar.com/avatar/"
                 baseurl = baseurl_ssl if ssl_enabled else baseurl_nossl
                 if isinstance(email_address, unicode):
                     #hashlib crashes on unicode items
                     email_address = safe_str(email_address)
                 # construct the url
                 gravatar_url = baseurl + hashlib.md5(email_address.lower()).hexdigest() + "?"
                 gravatar_url += urllib.urlencode({'d': default, 's': str(size)})
                 return gravatar_url
             #==============================================================================
             # REPO PAGER, PAGER FOR REPOSITORY
             #==============================================================================
             class RepoPage(Page):
                 def __init__(self, collection, page=1, items_per_page=20,
                              item_count=None, url=None, **kwargs):
                     """Create a "RepoPage" instance. special pager for paging
                     repository
                     """
                     self._url_generator = url
                     # Safe the kwargs class-wide so they can be used in the pager() method
                     self.kwargs = kwargs
                     # Save a reference to the collection
                     self.original_collection = collection
                     self.collection = collection
                     # The self.page is the number of the current page.
                     # The first page has the number 1!
                     try:
                         self.page = int(page)  # make it int() if we get it as a string
                     except (ValueError, TypeError):
                         self.page = 1
                     self.items_per_page = items_per_page
                     # Unless the user tells us how many items the collections has
                     # we calculate that ourselves.
                     if item_count is not None:
                         self.item_count = item_count
                     else:
                         self.item_count = len(self.collection)
                     # Compute the number of the first and last available page
                     if self.item_count > 0:
                         self.first_page = 1
                         self.page_count = int(math.ceil(float(self.item_count) /
                                                         self.items_per_page))
                         self.last_page = self.first_page + self.page_count - 1
                         # Make sure that the requested page number is the range of
                         # valid pages
                         if self.page > self.last_page:
                             self.page = self.last_page
                         elif self.page < self.first_page:
                             self.page = self.first_page
                         # Note: the number of items on this page can be less than
                         #       items_per_page if the last page is not full
                         self.first_item = max(0, (self.item_count) - (self.page *
                                                                       items_per_page))
                         self.last_item = ((self.item_count - 1) - items_per_page *
                                           (self.page - 1))
                         self.items = list(self.collection[self.first_item:self.last_item + 1])
                         # Links to previous and next page
                         if self.page > self.first_page:
                             self.previous_page = self.page - 1
                         else:
                             self.previous_page = None
                         if self.page < self.last_page:
                             self.next_page = self.page + 1
                         else:
                             self.next_page = None
                     # No items available
                     else:
                         self.first_page = None
                         self.page_count = 0
                         self.last_page = None
                         self.first_item = None
                         self.last_item = None
                         self.previous_page = None
                         self.next_page = None
                         self.items = []
                     # This is a subclass of the 'list' type. Initialise the list now.
                     list.__init__(self, reversed(self.items))
             def changed_tooltip(nodes):
                 """
                 Generates a html string for changed nodes in changeset page.
                 It limits the output to 30 entries
                 :param nodes: LazyNodesGenerator
                 """
                 if nodes:
                     pref = ': <br/> '
                     suf = ''
                     if len(nodes) > 30:
                         suf = '<br/>' + _(' and %s more') % (len(nodes) - 30)
                     return literal(pref + '<br/> '.join([safe_unicode(x.path)
                                                          for x in nodes[:30]]) + suf)
                 else:
                     return ': ' + _('No Files')
             def repo_link(groups_and_repos):
                 """
                 Makes a breadcrumbs link to repo within a group
                 joins &raquo; on each group to create a fancy link
                 ex::
                     group >> subgroup >> repo
                 :param groups_and_repos:
                 """
                 groups, repo_name = groups_and_repos
                 if not groups:
                     return repo_name
                 else:
                     def make_link(group):
                         return link_to(group.name, url('repos_group_home',
                                                        group_name=group.group_name))
                     return literal(' &raquo; '.join(map(make_link, groups)) + \
                                    " &raquo; " + repo_name)
             def fancy_file_stats(stats):
                 """
                 Displays a fancy two colored bar for number of added/deleted
                 lines of code on file
                 :param stats: two element list of added/deleted lines of code
                 """
                 a, d, t = stats[0], stats[1], stats[0] + stats[1]
                 width = 100
                 unit = float(width) / (t or 1)
                 # needs > 9% of width to be visible or 0 to be hidden
                 a_p = max(9, unit * a) if a > 0 else 0
                 d_p = max(9, unit * d) if d > 0 else 0
                 p_sum = a_p + d_p
                 if p_sum > width:
                     #adjust the percentage to be == 100% since we adjusted to 9
                     if a_p > d_p:
                         a_p = a_p - (p_sum - width)
                     else:
                         d_p = d_p - (p_sum - width)
                 a_v = a if a > 0 else ''
                 d_v = d if d > 0 else ''
                 def cgen(l_type):
                     mapping = {'tr': 'top-right-rounded-corner-mid',
                                'tl': 'top-left-rounded-corner-mid',
                                'br': 'bottom-right-rounded-corner-mid',
                                'bl': 'bottom-left-rounded-corner-mid'}
                     map_getter = lambda x: mapping[x]
                     if l_type == 'a' and d_v:
                         #case when added and deleted are present
                         return ' '.join(map(map_getter, ['tl', 'bl']))
                     if l_type == 'a' and not d_v:
                         return ' '.join(map(map_getter, ['tr', 'br', 'tl', 'bl']))
                     if l_type == 'd' and a_v:
                         return ' '.join(map(map_getter, ['tr', 'br']))
                     if l_type == 'd' and not a_v:
                         return ' '.join(map(map_getter, ['tr', 'br', 'tl', 'bl']))
                 d_a = '<div class="added %s" style="width:%s%%">%s</div>' % (
                     cgen('a'), a_p, a_v
                 )
                 d_d = '<div class="deleted %s" style="width:%s%%">%s</div>' % (
                     cgen('d'), d_p, d_v
                 )
                 return literal('<div style="width:%spx">%s%s</div>' % (width, d_a, d_d))
             def urlify_text(text_):
                 import re
                 url_pat = re.compile(r'''(http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]'''
                                      '''|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+)''')
                 def url_func(match_obj):
                     url_full = match_obj.groups()[0]
                     return '<a href="%(url)s">%(url)s</a>' % ({'url': url_full})
                 return literal(url_pat.sub(url_func, text_))
             def urlify_changesets(text_, repository):
                 """
                 Extract revision ids from changeset and make link from them
                 :param text_:
                 :param repository:
                 """
                 import re
                 URL_PAT = re.compile(r'([0-9a-fA-F]{12,})')
                 def url_func(match_obj):
                     rev = match_obj.groups()[0]
                     pref = ''
                     if match_obj.group().startswith(' '):
                         pref = ' '
                     tmpl = (
                     '%(pref)s<a class="%(cls)s" href="%(url)s">'
                     '%(rev)s'
                     '</a>'
                     )
                     return tmpl % {
                      'pref': pref,
                      'cls': 'revision-link',
                      'url': url('changeset_home', repo_name=repository, revision=rev),
                      'rev': rev,
                     }
                 newtext = URL_PAT.sub(url_func, text_)
                 return newtext
             def urlify_commit(text_, repository=None, link_=None):
                 """
                 Parses given text message and makes proper links.
                 issues are linked to given issue-server, and rest is a changeset link
                 if link_ is given, in other case it's a plain text
                 :param text_:
                 :param repository:
                 :param link_: changeset link
                 """
                 import re
                 import traceback
                 def escaper(string):
                     return string.replace('<', '&lt;').replace('>', '&gt;')
                 def linkify_others(t, l):
                     urls = re.compile(r'(\<a.*?\<\/a\>)',)
                     links = []
                     for e in urls.split(t):
                         if not urls.match(e):
                             links.append('<a class="message-link" href="%s">%s</a>' % (l, e))
                         else:
                             links.append(e)
                     return ''.join(links)
                 # urlify changesets - extrac revisions and make link out of them
                 text_ = urlify_changesets(escaper(text_), repository)
                 try:
                     conf = config['app_conf']
                     URL_PAT = re.compile(r'%s' % conf.get('issue_pat'))
                     if URL_PAT:
                         ISSUE_SERVER_LNK = conf.get('issue_server_link')
                         ISSUE_PREFIX = conf.get('issue_prefix')
                         def url_func(match_obj):
                             pref = ''
                             if match_obj.group().startswith(' '):
                                 pref = ' '
                             issue_id = ''.join(match_obj.groups())
                             tmpl = (
                             '%(pref)s<a class="%(cls)s" href="%(url)s">'
                             '%(issue-prefix)s%(id-repr)s'
                             '</a>'
                             )
                             url = ISSUE_SERVER_LNK.replace('{id}', issue_id)
                             if repository:
                                 url = url.replace('{repo}', repository)
                                 repo_name = repository.split(URL_SEP)[-1]
                                 url = url.replace('{repo_name}', repo_name)
                             return tmpl % {
                                  'pref': pref,
                                  'cls': 'issue-tracker-link',
                                  'url': url,
                                  'id-repr': issue_id,
                                  'issue-prefix': ISSUE_PREFIX,
                                  'serv': ISSUE_SERVER_LNK,
                             }
                         newtext = URL_PAT.sub(url_func, text_)
                         if link_:
                             # wrap not links into final link => link_
                             newtext = linkify_others(newtext, link_)
                         return literal(newtext)
                 except:
                     log.error(traceback.format_exc())
                     pass
                 return text_
             def rst(source):
                 return literal('<div class="rst-block">%s</div>' %
                                MarkupRenderer.rst(source))
             def rst_w_mentions(source):
                 """
                 Wrapped rst renderer with @mention highlighting
                 :param source:
                 """
                 return literal('<div class="rst-block">%s</div>' %
                                MarkupRenderer.rst_with_mentions(source))
             def changeset_status(repo, revision):
                 return ChangesetStatusModel().get_status(repo, revision)
             def changeset_status_lbl(changeset_status):
                 return dict(ChangesetStatus.STATUSES).get(changeset_status)
             def get_permission_name(key):
                 return dict(Permission.PERMS).get(key)

rhodecode/lib/hooks.py

0 +87 -13

             # -*- coding: utf-8 -*-
             """
                 rhodecode.lib.hooks
                 ~~~~~~~~~~~~~~~~~~~
                 Hooks runned by rhodecode
                 :created_on: Aug 6, 2010
                 :author: marcink
                 :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
                 :license: GPLv3, see COPYING for more details.
             """
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU General Public License as published by
             # the Free Software Foundation, either version 3 of the License, or
             # (at your option) any later version.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             import os
             import sys
             import binascii
             from inspect import isfunction
             from mercurial.scmutil import revrange
             from mercurial.node import nullrev
             from rhodecode.lib import helpers as h
             from rhodecode.lib.utils import action_logger
             from rhodecode.lib.vcs.backends.base import EmptyChangeset
             from rhodecode.lib.compat import json
+            from rhodecode.model.db import Repository, User
+            from rhodecode.lib.utils2 import safe_str
+            from rhodecode.lib.exceptions import HTTPLockedRC
             def _get_scm_size(alias, root_path):
                 if not alias.startswith('.'):
                     alias += '.'
                 size_scm, size_root = 0, 0
                 for path, dirs, files in os.walk(root_path):
                     if path.find(alias) != -1:
                         for f in files:
                             try:
                                 size_scm += os.path.getsize(os.path.join(path, f))
                             except OSError:
                                 pass
                     else:
                         for f in files:
                             try:
                                 size_root += os.path.getsize(os.path.join(path, f))
                             except OSError:
                                 pass
                 size_scm_f = h.format_byte_size(size_scm)
                 size_root_f = h.format_byte_size(size_root)
                 size_total_f = h.format_byte_size(size_root + size_scm)
                 return size_scm_f, size_root_f, size_total_f
             def repo_size(ui, repo, hooktype=None, **kwargs):
                 """
                 Presents size of repository after push
                 :param ui:
                 :param repo:
                 :param hooktype:
                 """
                 size_hg_f, size_root_f, size_total_f = _get_scm_size('.hg', repo.root)
                 last_cs = repo[len(repo) - 1]
                 msg = ('Repository size .hg:%s repo:%s total:%s\n'
                        'Last revision is now r%s:%s\n') % (
                     size_hg_f, size_root_f, size_total_f, last_cs.rev(), last_cs.hex()[:12]
                 )
                 sys.stdout.write(msg)
+            def pre_push(ui, repo, **kwargs):
+                # pre push function, currently used to ban pushing when
+                # repository is locked
+                try:
+                    rc_extras = json.loads(os.environ.get('RC_SCM_DATA', "{}"))
+                except:
+                    rc_extras = {}
+                extras = dict(repo.ui.configitems('rhodecode_extras'))
+                if 'username' in extras:
+                    username = extras['username']
+                    repository = extras['repository']
+                    scm = extras['scm']
+                    locked_by = extras['locked_by']
+                elif 'username' in rc_extras:
+                    username = rc_extras['username']
+                    repository = rc_extras['repository']
+                    scm = rc_extras['scm']
+                    locked_by = rc_extras['locked_by']
+                else:
+                    raise Exception('Missing data in repo.ui and os.environ')
+                usr = User.get_by_username(username)
+                if locked_by[0] and usr.user_id != int(locked_by[0]):
+                    raise HTTPLockedRC(username, repository)
+            def pre_pull(ui, repo, **kwargs):
+                # pre push function, currently used to ban pushing when
+                # repository is locked
+                try:
+                    rc_extras = json.loads(os.environ.get('RC_SCM_DATA', "{}"))
+                except:
+                    rc_extras = {}
+                extras = dict(repo.ui.configitems('rhodecode_extras'))
+                if 'username' in extras:
+                    username = extras['username']
+                    repository = extras['repository']
+                    scm = extras['scm']
+                    locked_by = extras['locked_by']
+                elif 'username' in rc_extras:
+                    username = rc_extras['username']
+                    repository = rc_extras['repository']
+                    scm = rc_extras['scm']
+                    locked_by = rc_extras['locked_by']
+                else:
+                    raise Exception('Missing data in repo.ui and os.environ')
+                if locked_by[0]:
+                    raise HTTPLockedRC(username, repository)
             def log_pull_action(ui, repo, **kwargs):
                 """
                 Logs user last pull action
                 :param ui:
                 :param repo:
                 """
                 try:
                     rc_extras = json.loads(os.environ.get('RC_SCM_DATA', "{}"))
                 except:
                     rc_extras = {}
                 extras = dict(repo.ui.configitems('rhodecode_extras'))
                 if 'username' in extras:
                     username = extras['username']
                     repository = extras['repository']
                     scm = extras['scm']
+                    make_lock = extras['make_lock']
                 elif 'username' in rc_extras:
                     username = rc_extras['username']
                     repository = rc_extras['repository']
                     scm = rc_extras['scm']
+                    make_lock = rc_extras['make_lock']
                 else:
                     raise Exception('Missing data in repo.ui and os.environ')
+                user = User.get_by_username(username)
                 action = 'pull'
-                action_logger(username, action, repository, extras['ip'], commit=True)
+                action_logger(user, action, repository, extras['ip'], commit=True)
                 # extension hook call
                 from rhodecode import EXTENSIONS
                 callback = getattr(EXTENSIONS, 'PULL_HOOK', None)
                 if isfunction(callback):
                     kw = {}
                     kw.update(extras)
                     callback(**kw)
+                if make_lock is True:
+                    Repository.lock(Repository.get_by_repo_name(repository), user.user_id)
+                    #msg = 'Made lock on repo `%s`' % repository
+                    #sys.stdout.write(msg)
                 return 0
             def log_push_action(ui, repo, **kwargs):
                 """
                 Maps user last push action to new changeset id, from mercurial
                 :param ui:
                 :param repo: repo object containing the `ui` object
                 """
                 try:
                     rc_extras = json.loads(os.environ.get('RC_SCM_DATA', "{}"))
                 except:
                     rc_extras = {}
                 extras = dict(repo.ui.configitems('rhodecode_extras'))
                 if 'username' in extras:
                     username = extras['username']
                     repository = extras['repository']
                     scm = extras['scm']
+                    make_lock = extras['make_lock']
                 elif 'username' in rc_extras:
                     username = rc_extras['username']
                     repository = rc_extras['repository']
                     scm = rc_extras['scm']
+                    make_lock = rc_extras['make_lock']
                 else:
                     raise Exception('Missing data in repo.ui and os.environ')
                 action = 'push' + ':%s'
                 if scm == 'hg':
                     node = kwargs['node']
                     def get_revs(repo, rev_opt):
                         if rev_opt:
                             revs = revrange(repo, rev_opt)
                             if len(revs) == 0:
                                 return (nullrev, nullrev)
                             return (max(revs), min(revs))
                         else:
                             return (len(repo) - 1, 0)
                     stop, start = get_revs(repo, [node + ':'])
                     h = binascii.hexlify
                     revs = [h(repo[r].node()) for r in xrange(start, stop + 1)]
                 elif scm == 'git':
                     revs = kwargs.get('_git_revs', [])
                     if '_git_revs' in kwargs:
                         kwargs.pop('_git_revs')
                 action = action % ','.join(revs)
                 action_logger(username, action, repository, extras['ip'], commit=True)
                 # extension hook call
                 from rhodecode import EXTENSIONS
                 callback = getattr(EXTENSIONS, 'PUSH_HOOK', None)
                 if isfunction(callback):
                     kw = {'pushed_revs': revs}
                     kw.update(extras)
                     callback(**kw)
+                if make_lock is False:
+                    Repository.unlock(Repository.get_by_repo_name(repository))
+                    msg = 'Released lock on repo `%s`\n' % repository
+                    sys.stdout.write(msg)
                 return 0
             def log_create_repository(repository_dict, created_by, **kwargs):
                 """
                 Post create repository Hook. This is a dummy function for admins to re-use
                 if needed. It's taken from rhodecode-extensions module and executed
                 if present
                 :param repository: dict dump of repository object
                 :param created_by: username who created repository
                 :param created_date: date of creation
                 available keys of repository_dict:
                  'repo_type',
                  'description',
                  'private',
                  'created_on',
                  'enable_downloads',
                  'repo_id',
                  'user_id',
                  'enable_statistics',
                  'clone_uri',
                  'fork_id',
                  'group_id',
                  'repo_name'
                 """
                 from rhodecode import EXTENSIONS
                 callback = getattr(EXTENSIONS, 'CREATE_REPO_HOOK', None)
                 if isfunction(callback):
                     kw = {}
                     kw.update(repository_dict)
                     kw.update({'created_by': created_by})
                     kw.update(kwargs)
                     return callback(**kw)
                 return 0
+            handle_git_pre_receive = (lambda repo_path, revs, env:
+                handle_git_receive(repo_path, revs, env, hook_type='pre'))
+            handle_git_post_receive = (lambda repo_path, revs, env:
+                handle_git_receive(repo_path, revs, env, hook_type='post'))
-            def handle_git_post_receive(repo_path, revs, env):
+            def handle_git_receive(repo_path, revs, env, hook_type='post'):
                 """
                 A really hacky method that is runned by git post-receive hook and logs
                 an push action together with pushed revisions. It's executed by subprocess
                 thus needs all info to be able to create a on the fly pylons enviroment,
                 connect to database and run the logging code. Hacky as sh*t but works.
                 :param repo_path:
                 :type repo_path:
                 :param revs:
                 :type revs:
                 :param env:
                 :type env:
                 """
                 from paste.deploy import appconfig
                 from sqlalchemy import engine_from_config
                 from rhodecode.config.environment import load_environment
                 from rhodecode.model import init_model
                 from rhodecode.model.db import RhodeCodeUi
                 from rhodecode.lib.utils import make_ui
-                from rhodecode.model.db import Repository
                 path, ini_name = os.path.split(env['RHODECODE_CONFIG_FILE'])
                 conf = appconfig('config:%s' % ini_name, relative_to=path)
                 load_environment(conf.global_conf, conf.local_conf)
                 engine = engine_from_config(conf, 'sqlalchemy.db1.')
                 init_model(engine)
                 baseui = make_ui('db')
                 # fix if it's not a bare repo
                 if repo_path.endswith('.git'):
                     repo_path = repo_path[:-4]
                 repo = Repository.get_by_full_path(repo_path)
                 _hooks = dict(baseui.configitems('hooks')) or {}
-                # if push hook is enabled via web interface
-                if repo and _hooks.get(RhodeCodeUi.HOOK_PUSH):
-                    extras = {
+                extras = json.loads(env['RHODECODE_EXTRAS'])
-                     'username': env['RHODECODE_USER'],
-                     'repository': repo.repo_name,
-                     'scm': 'git',
-                     'action': 'push',
-                     'ip': env['RHODECODE_CONFIG_IP'],
                 for k, v in extras.items():
                     baseui.setconfig('rhodecode_extras', k, v)
                 repo = repo.scm_instance
                 repo.ui = baseui
+                if hook_type == 'pre':
+                    pre_push(baseui, repo)
+                # if push hook is enabled via web interface
+                elif hook_type == 'post' and _hooks.get(RhodeCodeUi.HOOK_PUSH):
                     rev_data = []
                     for l in revs:
                         old_rev, new_rev, ref = l.split(' ')
                         _ref_data = ref.split('/')
                         if _ref_data[1] in ['tags', 'heads']:
                             rev_data.append({'old_rev': old_rev,
                                              'new_rev': new_rev,
                                              'ref': ref,
                                              'type': _ref_data[1],
                                              'name': _ref_data[2].strip()})
                     git_revs = []
                     for push_ref  in rev_data:
                         _type = push_ref['type']
                         if _type == 'heads':
                             if push_ref['old_rev'] == EmptyChangeset().raw_id:
                                 cmd = "for-each-ref --format='%(refname)' 'refs/heads/*'"
                                 heads = repo.run_git_command(cmd)[0]
                                 heads = heads.replace(push_ref['ref'], '')
                                 heads = ' '.join(map(lambda c: c.strip('\n').strip(),
                                                      heads.splitlines()))
                                 cmd = (('log %(new_rev)s' % push_ref) +
                                        ' --reverse --pretty=format:"%H" --not ' + heads)
                             else:
                                 cmd = (('log %(old_rev)s..%(new_rev)s' % push_ref) +
                                        ' --reverse --pretty=format:"%H"')
                             git_revs += repo.run_git_command(cmd)[0].splitlines()
                         elif _type == 'tags':
                             git_revs += [push_ref['name']]
                     log_push_action(baseui, repo, _git_revs=git_revs)

rhodecode/lib/middleware/pygrack.py

0 +10 -11

             import os
             import socket
             import logging
             import subprocess
             from webob import Request, Response, exc
             from rhodecode.lib import subprocessio
             log = logging.getLogger(__name__)
             class FileWrapper(object):
                 def __init__(self, fd, content_length):
                     self.fd = fd
                     self.content_length = content_length
                     self.remain = content_length
                 def read(self, size):
                     if size <= self.remain:
                         try:
                             data = self.fd.read(size)
                         except socket.error:
                             raise IOError(self)
                         self.remain -= size
                     elif self.remain:
                         data = self.fd.read(self.remain)
                         self.remain = 0
                     else:
                         data = None
                     return data
                 def __repr__(self):
                     return '<FileWrapper %s len: %s, read: %s>' % (
                         self.fd, self.content_length, self.content_length - self.remain
                     )
             class GitRepository(object):
                 git_folder_signature = set(['config', 'head', 'info', 'objects', 'refs'])
                 commands = ['git-upload-pack', 'git-receive-pack']
-                def __init__(self, repo_name, content_path, username):
+                def __init__(self, repo_name, content_path, extras):
                     files = set([f.lower() for f in os.listdir(content_path)])
                     if  not (self.git_folder_signature.intersection(files)
                             == self.git_folder_signature):
                         raise OSError('%s missing git signature' % content_path)
                     self.content_path = content_path
                     self.valid_accepts = ['application/x-%s-result' %
                                           c for c in self.commands]
                     self.repo_name = repo_name
-                    self.username = username
+                    self.extras = extras
                 def _get_fixedpath(self, path):
                     """
                     Small fix for repo_path
                     :param path:
                     :type path:
                     """
                     return path.split(self.repo_name, 1)[-1].strip('/')
                 def inforefs(self, request, environ):
                     """
                     WSGI Response producer for HTTP GET Git Smart
                     HTTP /info/refs request.
                     """
-                    git_command = request.GET['service']
+                    git_command = request.GET.get('service')
                     if git_command not in self.commands:
                         log.debug('command %s not allowed' % git_command)
                         return exc.HTTPMethodNotAllowed()
                     # note to self:
                     # please, resist the urge to add '\n' to git capture and increment
                     # line count by 1.
                     # The code in Git client not only does NOT need '\n', but actually
                     # blows up if you sprinkle "flush" (0000) as "0001\n".
                     # It reads binary, per number of bytes specified.
                     # if you do add '\n' as part of data, count it.
                     server_advert = '# service=%s' % git_command
                     packet_len = str(hex(len(server_advert) + 4)[2:].rjust(4, '0')).lower()
                     try:
                         out = subprocessio.SubprocessIOChunker(
                             r'git %s --stateless-rpc --advertise-refs "%s"' % (
                                             git_command[4:], self.content_path),
                             starting_values=[
                                 packet_len + server_advert + '0000'
                             ]
                         )
                     except EnvironmentError, e:
                         log.exception(e)
                         raise exc.HTTPExpectationFailed()
                     resp = Response()
                     resp.content_type = 'application/x-%s-advertisement' % str(git_command)
                     resp.charset = None
                     resp.app_iter = out
                     return resp
                 def backend(self, request, environ):
                     """
                     WSGI Response producer for HTTP POST Git Smart HTTP requests.
                     Reads commands and data from HTTP POST's body.
                     returns an iterator obj with contents of git command's
                     response to stdout
                     """
                     git_command = self._get_fixedpath(request.path_info)
                     if git_command not in self.commands:
                         log.debug('command %s not allowed' % git_command)
                         return exc.HTTPMethodNotAllowed()
                     if 'CONTENT_LENGTH' in environ:
                         inputstream = FileWrapper(environ['wsgi.input'],
                                                   request.content_length)
                     else:
                         inputstream = environ['wsgi.input']
                     try:
                         gitenv = os.environ
                         from rhodecode import CONFIG
-                        from rhodecode.lib.base import _get_ip_addr
+                        from rhodecode.lib.compat import json
-                        gitenv['RHODECODE_USER'] = self.username
+                        gitenv['RHODECODE_EXTRAS'] = json.dumps(self.extras)
-                        gitenv['RHODECODE_CONFIG_IP'] = _get_ip_addr(environ)
                         # forget all configs
                         gitenv['GIT_CONFIG_NOGLOBAL'] = '1'
                         # we need current .ini file used to later initialize rhodecode
                         # env and connect to db
                         gitenv['RHODECODE_CONFIG_FILE'] = CONFIG['__file__']
                         opts = dict(
                             env=gitenv,
                             cwd=os.getcwd()
                         )
                         out = subprocessio.SubprocessIOChunker(
                             r'git %s --stateless-rpc "%s"' % (git_command[4:],
                                                               self.content_path),
                             inputstream=inputstream,
                             **opts
                         )
                     except EnvironmentError, e:
                         log.exception(e)
                         raise exc.HTTPExpectationFailed()
                     if git_command in [u'git-receive-pack']:
                         # updating refs manually after each push.
                         # Needed for pre-1.7.0.4 git clients using regular HTTP mode.
                         subprocess.call(u'git --git-dir "%s" '
                                         'update-server-info' % self.content_path,
                                         shell=True)
                     resp = Response()
                     resp.content_type = 'application/x-%s-result' % git_command.encode('utf8')
                     resp.charset = None
                     resp.app_iter = out
                     return resp
                 def __call__(self, environ, start_response):
                     request = Request(environ)
                     _path = self._get_fixedpath(request.path_info)
                     if _path.startswith('info/refs'):
                         app = self.inforefs
                     elif [a for a in self.valid_accepts if a in request.accept]:
                         app = self.backend
                     try:
                         resp = app(request, environ)
                     except exc.HTTPException, e:
                         resp = e
                         log.exception(e)
                     except Exception, e:
                         log.exception(e)
                         resp = exc.HTTPInternalServerError()
                     return resp(environ, start_response)
             class GitDirectory(object):
-                def __init__(self, repo_root, repo_name, username):
+                def __init__(self, repo_root, repo_name, extras):
                     repo_location = os.path.join(repo_root, repo_name)
                     if not os.path.isdir(repo_location):
                         raise OSError(repo_location)
                     self.content_path = repo_location
                     self.repo_name = repo_name
                     self.repo_location = repo_location
-                    self.username = username
+                    self.extras = extras
                 def __call__(self, environ, start_response):
                     content_path = self.content_path
                     try:
-                        app = GitRepository(self.repo_name, content_path, self.username)
+                        app = GitRepository(self.repo_name, content_path, self.extras)
                     except (AssertionError, OSError):
                         if os.path.isdir(os.path.join(content_path, '.git')):
                             app = GitRepository(self.repo_name,
                                                 os.path.join(content_path, '.git'),
                                                 self.username)
                         else:
                             return exc.HTTPNotFound()(environ, start_response)
                     return app(environ, start_response)
-            def make_wsgi_app(repo_name, repo_root, username):
+            def make_wsgi_app(repo_name, repo_root, extras):
-                return GitDirectory(repo_root, repo_name, username)
+                return GitDirectory(repo_root, repo_name, extras)

rhodecode/lib/middleware/simplegit.py

0 +33 -6

             # -*- coding: utf-8 -*-
             """
                 rhodecode.lib.middleware.simplegit
                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                 SimpleGit middleware for handling git protocol request (push/clone etc.)
                 It's implemented with basic auth function
                 :created_on: Apr 28, 2010
                 :author: marcink
                 :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
                 :license: GPLv3, see COPYING for more details.
             """
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU General Public License as published by
             # the Free Software Foundation, either version 3 of the License, or
             # (at your option) any later version.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             import os
             import re
             import logging
             import traceback
             from dulwich import server as dulserver
             from dulwich.web import LimitedInputFilter, GunzipFilter
+            from rhodecode.lib.exceptions import HTTPLockedRC
+            from rhodecode.lib.hooks import pre_pull
             class SimpleGitUploadPackHandler(dulserver.UploadPackHandler):
                 def handle(self):
                     write = lambda x: self.proto.write_sideband(1, x)
                     graph_walker = dulserver.ProtocolGraphWalker(self,
                                                                  self.repo.object_store,
                                                                  self.repo.get_peeled)
                     objects_iter = self.repo.fetch_objects(
                       graph_walker.determine_wants, graph_walker, self.progress,
                       get_tagged=self.get_tagged)
                     # Did the process short-circuit (e.g. in a stateless RPC call)? Note
                     # that the client still expects a 0-object pack in most cases.
                     if objects_iter is None:
                         return
                     self.progress("counting objects: %d, done.\n" % len(objects_iter))
                     dulserver.write_pack_objects(dulserver.ProtocolFile(None, write),
                                                  objects_iter)
                     messages = []
                     messages.append('thank you for using rhodecode')
                     for msg in messages:
                         self.progress(msg + "\n")
                     # we are done
                     self.proto.write("0000")
             dulserver.DEFAULT_HANDLERS = {
               #git-ls-remote, git-clone, git-fetch and git-pull
               'git-upload-pack': SimpleGitUploadPackHandler,
               #git-push
               'git-receive-pack': dulserver.ReceivePackHandler,
             }
             # not used for now until dulwich get's fixed
             #from dulwich.repo import Repo
             #from dulwich.web import make_wsgi_chain
             from paste.httpheaders import REMOTE_USER, AUTH_TYPE
             from webob.exc import HTTPNotFound, HTTPForbidden, HTTPInternalServerError, \
                 HTTPBadRequest, HTTPNotAcceptable
             from rhodecode.lib.utils2 import safe_str
             from rhodecode.lib.base import BaseVCSController
             from rhodecode.lib.auth import get_container_username
             from rhodecode.lib.utils import is_valid_repo, make_ui
             from rhodecode.lib.compat import json
             from rhodecode.model.db import User, RhodeCodeUi
             log = logging.getLogger(__name__)
             GIT_PROTO_PAT = re.compile(r'^/(.+)/(info/refs|git-upload-pack|git-receive-pack)')
             def is_git(environ):
                 path_info = environ['PATH_INFO']
                 isgit_path = GIT_PROTO_PAT.match(path_info)
                 log.debug('pathinfo: %s detected as GIT %s' % (
                     path_info, isgit_path != None)
                 )
                 return isgit_path
             class SimpleGit(BaseVCSController):
                 def _handle_request(self, environ, start_response):
                     if not is_git(environ):
                         return self.application(environ, start_response)
                     if not self._check_ssl(environ, start_response):
                         return HTTPNotAcceptable('SSL REQUIRED !')(environ, start_response)
                     ipaddr = self._get_ip_addr(environ)
                     username = None
                     self._git_first_op = False
                     # skip passing error to error controller
                     environ['pylons.status_code_redirect'] = True
                     #======================================================================
                     # EXTRACT REPOSITORY NAME FROM ENV
                     #======================================================================
                     try:
                         repo_name = self.__get_repository(environ)
                         log.debug('Extracted repo name is %s' % repo_name)
                     except:
                         return HTTPInternalServerError()(environ, start_response)
                     # quick check if that dir exists...
                     if is_valid_repo(repo_name, self.basepath, 'git') is False:
                         return HTTPNotFound()(environ, start_response)
                     #======================================================================
                     # GET ACTION PULL or PUSH
                     #======================================================================
                     action = self.__get_action(environ)
                     #======================================================================
                     # CHECK ANONYMOUS PERMISSION
                     #======================================================================
                     if action in ['pull', 'push']:
                         anonymous_user = self.__get_user('default')
                         username = anonymous_user.username
                         anonymous_perm = self._check_permission(action, anonymous_user,
                                                                 repo_name)
                         if anonymous_perm is not True or anonymous_user.active is False:
                             if anonymous_perm is not True:
                                 log.debug('Not enough credentials to access this '
                                           'repository as anonymous user')
                             if anonymous_user.active is False:
                                 log.debug('Anonymous access is disabled, running '
                                           'authentication')
                             #==============================================================
                             # DEFAULT PERM FAILED OR ANONYMOUS ACCESS IS DISABLED SO WE
                             # NEED TO AUTHENTICATE AND ASK FOR AUTH USER PERMISSIONS
                             #==============================================================
                             # Attempting to retrieve username from the container
                             username = get_container_username(environ, self.config)
                             # If not authenticated by the container, running basic auth
                             if not username:
                                 self.authenticate.realm = \
                                     safe_str(self.config['rhodecode_realm'])
                                 result = self.authenticate(environ)
                                 if isinstance(result, str):
                                     AUTH_TYPE.update(environ, 'basic')
                                     REMOTE_USER.update(environ, result)
                                     username = result
                                 else:
                                     return result.wsgi_application(environ, start_response)
                             #==============================================================
                             # CHECK PERMISSIONS FOR THIS REQUEST USING GIVEN USERNAME
                             #==============================================================
                             try:
                                 user = self.__get_user(username)
                                 if user is None or not user.active:
                                     return HTTPForbidden()(environ, start_response)
                                 username = user.username
                             except:
                                 log.error(traceback.format_exc())
                                 return HTTPInternalServerError()(environ, start_response)
                             #check permissions for this repository
                             perm = self._check_permission(action, user, repo_name)
                             if perm is not True:
                                 return HTTPForbidden()(environ, start_response)
+                    # extras are injected into UI object and later available
+                    # in hooks executed by rhodecode
                     extras = {
                         'ip': ipaddr,
                         'username': username,
                         'action': action,
                         'repository': repo_name,
                         'scm': 'git',
+                        'make_lock': None,
+                        'locked_by': [None, None]
                     }
-                    # set the environ variables for this request
-                    os.environ['RC_SCM_DATA'] = json.dumps(extras)
                     #===================================================================
                     # GIT REQUEST HANDLING
                     #===================================================================
                     repo_path = os.path.join(safe_str(self.basepath), safe_str(repo_name))
                     log.debug('Repository path is %s' % repo_path)
+                    # CHECK LOCKING only if it's not ANONYMOUS USER
+                    if username != User.DEFAULT_USER:
+                        log.debug('Checking locking on repository')
+                        (make_lock,
+                         locked,
+                         locked_by) = self._check_locking_state(
+                                        environ=environ, action=action,
+                                        repo=repo_name, user_id=user.user_id
+                                   )
+                        # store the make_lock for later evaluation in hooks
+                        extras.update({'make_lock': make_lock,
+                                       'locked_by': locked_by})
+                    # set the environ variables for this request
+                    os.environ['RC_SCM_DATA'] = json.dumps(extras)
+                    log.debug('HOOKS extras is %s' % extras)
                     baseui = make_ui('db')
                     self.__inject_extras(repo_path, baseui, extras)
                     try:
                         # invalidate cache on push
                         if action == 'push':
                             self._invalidate_cache(repo_name)
                         self._handle_githooks(repo_name, action, baseui, environ)
                         log.info('%s action on GIT repo "%s"' % (action, repo_name))
-                        app = self.__make_app(repo_name, repo_path, username)
+                        app = self.__make_app(repo_name, repo_path, extras)
                         return app(environ, start_response)
+                    except HTTPLockedRC, e:
+                        log.debug('Repositry LOCKED ret code 423!')
+                        return e(environ, start_response)
                     except Exception:
                         log.error(traceback.format_exc())
                         return HTTPInternalServerError()(environ, start_response)
-                def __make_app(self, repo_name, repo_path, username):
+                def __make_app(self, repo_name, repo_path, extras):
                     """
                     Make an wsgi application using dulserver
                     :param repo_name: name of the repository
                     :param repo_path: full path to the repository
                     """
                     from rhodecode.lib.middleware.pygrack import make_wsgi_app
                     app = make_wsgi_app(
                         repo_root=safe_str(self.basepath),
                         repo_name=repo_name,
-                        username=username,
+                        extras=extras,
                     )
                     app = GunzipFilter(LimitedInputFilter(app))
                     return app
                 def __get_repository(self, environ):
                     """
                     Get's repository name out of PATH_INFO header
                     :param environ: environ where PATH_INFO is stored
                     """
                     try:
                         environ['PATH_INFO'] = self._get_by_id(environ['PATH_INFO'])
                         repo_name = GIT_PROTO_PAT.match(environ['PATH_INFO']).group(1)
                     except:
                         log.error(traceback.format_exc())
                         raise
                     return repo_name
                 def __get_user(self, username):
                     return User.get_by_username(username)
                 def __get_action(self, environ):
                     """
                     Maps git request commands into a pull or push command.
                     :param environ:
                     """
                     service = environ['QUERY_STRING'].split('=')
                     if len(service) > 1:
                         service_cmd = service[1]
                         mapping = {
                             'git-receive-pack': 'push',
                             'git-upload-pack': 'pull',
                         }
                         op = mapping[service_cmd]
                         self._git_stored_op = op
                         return op
                     else:
                         # try to fallback to stored variable as we don't know if the last
                         # operation is pull/push
                         op = getattr(self, '_git_stored_op', 'pull')
                     return op
                 def _handle_githooks(self, repo_name, action, baseui, environ):
                     """
                     Handles pull action, push is handled by post-receive hook
                     """
                     from rhodecode.lib.hooks import log_pull_action
                     service = environ['QUERY_STRING'].split('=')
                     if len(service) < 2:
                         return
                     from rhodecode.model.db import Repository
                     _repo = Repository.get_by_repo_name(repo_name)
                     _repo = _repo.scm_instance
                     _repo._repo.ui = baseui
                     _hooks = dict(baseui.configitems('hooks')) or {}
+                    if action == 'pull':
+                        # stupid git, emulate pre-pull hook !
+                        pre_pull(ui=baseui, repo=_repo._repo)
                     if action == 'pull' and _hooks.get(RhodeCodeUi.HOOK_PULL):
                         log_pull_action(ui=baseui, repo=_repo._repo)
                 def __inject_extras(self, repo_path, baseui, extras={}):
                     """
                     Injects some extra params into baseui instance
                     :param baseui: baseui instance
                     :param extras: dict with extra params to put into baseui
                     """
                     # make our hgweb quiet so it doesn't print output
                     baseui.setconfig('ui', 'quiet', 'true')
                     #inject some additional parameters that will be available in ui
                     #for hooks
                     for k, v in extras.items():
                         baseui.setconfig('rhodecode_extras', k, v)

rhodecode/lib/middleware/simplehg.py

0 +22 -2

             # -*- coding: utf-8 -*-
             """
                 rhodecode.lib.middleware.simplehg
                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                 SimpleHG middleware for handling mercurial protocol request
                 (push/clone etc.). It's implemented with basic auth function
                 :created_on: Apr 28, 2010
                 :author: marcink
                 :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
                 :license: GPLv3, see COPYING for more details.
             """
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU General Public License as published by
             # the Free Software Foundation, either version 3 of the License, or
             # (at your option) any later version.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             import os
             import logging
             import traceback
             import urllib
             from mercurial.error import RepoError
             from mercurial.hgweb import hgweb_mod
             from paste.httpheaders import REMOTE_USER, AUTH_TYPE
             from webob.exc import HTTPNotFound, HTTPForbidden, HTTPInternalServerError, \
                 HTTPBadRequest, HTTPNotAcceptable
             from rhodecode.lib.utils2 import safe_str
             from rhodecode.lib.base import BaseVCSController
             from rhodecode.lib.auth import get_container_username
             from rhodecode.lib.utils import make_ui, is_valid_repo, ui_sections
             from rhodecode.lib.compat import json
             from rhodecode.model.db import User
+            from rhodecode.lib.exceptions import HTTPLockedRC
             log = logging.getLogger(__name__)
             def is_mercurial(environ):
                 """
                 Returns True if request's target is mercurial server - header
                 ``HTTP_ACCEPT`` of such request would start with ``application/mercurial``.
                 """
                 http_accept = environ.get('HTTP_ACCEPT')
                 path_info = environ['PATH_INFO']
                 if http_accept and http_accept.startswith('application/mercurial'):
                     ishg_path = True
                 else:
                     ishg_path = False
                 log.debug('pathinfo: %s detected as HG %s' % (
                     path_info, ishg_path)
                 )
                 return ishg_path
             class SimpleHg(BaseVCSController):
                 def _handle_request(self, environ, start_response):
                     if not is_mercurial(environ):
                         return self.application(environ, start_response)
                     if not self._check_ssl(environ, start_response):
                         return HTTPNotAcceptable('SSL REQUIRED !')(environ, start_response)
                     ipaddr = self._get_ip_addr(environ)
                     username = None
                     # skip passing error to error controller
                     environ['pylons.status_code_redirect'] = True
                     #======================================================================
                     # EXTRACT REPOSITORY NAME FROM ENV
                     #======================================================================
                     try:
                         repo_name = environ['REPO_NAME'] = self.__get_repository(environ)
                         log.debug('Extracted repo name is %s' % repo_name)
                     except:
                         return HTTPInternalServerError()(environ, start_response)
                     # quick check if that dir exists...
                     if is_valid_repo(repo_name, self.basepath, 'hg') is False:
                         return HTTPNotFound()(environ, start_response)
                     #======================================================================
                     # GET ACTION PULL or PUSH
                     #======================================================================
                     action = self.__get_action(environ)
                     #======================================================================
                     # CHECK ANONYMOUS PERMISSION
                     #======================================================================
                     if action in ['pull', 'push']:
                         anonymous_user = self.__get_user('default')
                         username = anonymous_user.username
                         anonymous_perm = self._check_permission(action, anonymous_user,
                                                                 repo_name)
                         if anonymous_perm is not True or anonymous_user.active is False:
                             if anonymous_perm is not True:
                                 log.debug('Not enough credentials to access this '
                                           'repository as anonymous user')
                             if anonymous_user.active is False:
                                 log.debug('Anonymous access is disabled, running '
                                           'authentication')
                             #==============================================================
                             # DEFAULT PERM FAILED OR ANONYMOUS ACCESS IS DISABLED SO WE
                             # NEED TO AUTHENTICATE AND ASK FOR AUTH USER PERMISSIONS
                             #==============================================================
                             # Attempting to retrieve username from the container
                             username = get_container_username(environ, self.config)
                             # If not authenticated by the container, running basic auth
                             if not username:
                                 self.authenticate.realm = \
                                     safe_str(self.config['rhodecode_realm'])
                                 result = self.authenticate(environ)
                                 if isinstance(result, str):
                                     AUTH_TYPE.update(environ, 'basic')
                                     REMOTE_USER.update(environ, result)
                                     username = result
                                 else:
                                     return result.wsgi_application(environ, start_response)
                             #==============================================================
                             # CHECK PERMISSIONS FOR THIS REQUEST USING GIVEN USERNAME
                             #==============================================================
                             try:
                                 user = self.__get_user(username)
                                 if user is None or not user.active:
                                     return HTTPForbidden()(environ, start_response)
                                 username = user.username
                             except:
                                 log.error(traceback.format_exc())
                                 return HTTPInternalServerError()(environ, start_response)
                             #check permissions for this repository
                             perm = self._check_permission(action, user, repo_name)
                             if perm is not True:
                                 return HTTPForbidden()(environ, start_response)
                     # extras are injected into mercurial UI object and later available
                     # in hg hooks executed by rhodecode
                     extras = {
                         'ip': ipaddr,
                         'username': username,
                         'action': action,
                         'repository': repo_name,
                         'scm': 'hg',
+                        'make_lock': None,
+                        'locked_by': [None, None]
                     }
-                    # set the environ variables for this request
-                    os.environ['RC_SCM_DATA'] = json.dumps(extras)
                     #======================================================================
                     # MERCURIAL REQUEST HANDLING
                     #======================================================================
                     repo_path = os.path.join(safe_str(self.basepath), safe_str(repo_name))
                     log.debug('Repository path is %s' % repo_path)
+                    # CHECK LOCKING only if it's not ANONYMOUS USER
+                    if username != User.DEFAULT_USER:
+                        log.debug('Checking locking on repository')
+                        (make_lock,
+                         locked,
+                         locked_by) = self._check_locking_state(
+                                        environ=environ, action=action,
+                                        repo=repo_name, user_id=user.user_id
+                                   )
+                        # store the make_lock for later evaluation in hooks
+                        extras.update({'make_lock': make_lock,
+                                       'locked_by': locked_by})
+                    # set the environ variables for this request
+                    os.environ['RC_SCM_DATA'] = json.dumps(extras)
+                    log.debug('HOOKS extras is %s' % extras)
                     baseui = make_ui('db')
                     self.__inject_extras(repo_path, baseui, extras)
                     try:
                         # invalidate cache on push
                         if action == 'push':
                             self._invalidate_cache(repo_name)
                         log.info('%s action on HG repo "%s"' % (action, repo_name))
                         app = self.__make_app(repo_path, baseui, extras)
                         return app(environ, start_response)
                     except RepoError, e:
                         if str(e).find('not found') != -1:
                             return HTTPNotFound()(environ, start_response)
+                    except HTTPLockedRC, e:
+                        log.debug('Repositry LOCKED ret code 423!')
+                        return e(environ, start_response)
                     except Exception:
                         log.error(traceback.format_exc())
                         return HTTPInternalServerError()(environ, start_response)
                 def __make_app(self, repo_name, baseui, extras):
                     """
                     Make an wsgi application using hgweb, and inject generated baseui
                     instance, additionally inject some extras into ui object
                     """
                     return hgweb_mod.hgweb(repo_name, name=repo_name, baseui=baseui)
                 def __get_repository(self, environ):
                     """
                     Get's repository name out of PATH_INFO header
                     :param environ: environ where PATH_INFO is stored
                     """
                     try:
                         environ['PATH_INFO'] = self._get_by_id(environ['PATH_INFO'])
                         repo_name = '/'.join(environ['PATH_INFO'].split('/')[1:])
                         if repo_name.endswith('/'):
                             repo_name = repo_name.rstrip('/')
                     except:
                         log.error(traceback.format_exc())
                         raise
                     return repo_name
                 def __get_user(self, username):
                     return User.get_by_username(username)
                 def __get_action(self, environ):
                     """
                     Maps mercurial request commands into a clone,pull or push command.
                     This should always return a valid command string
                     :param environ:
                     """
                     mapping = {'changegroup': 'pull',
                                'changegroupsubset': 'pull',
                                'stream_out': 'pull',
                                'listkeys': 'pull',
                                'unbundle': 'push',
                                'pushkey': 'push', }
                     for qry in environ['QUERY_STRING'].split('&'):
                         if qry.startswith('cmd'):
                             cmd = qry.split('=')[-1]
                             if cmd in mapping:
                                 return mapping[cmd]
                             return 'pull'
                     raise Exception('Unable to detect pull/push action !!'
                                     'Are you using non standard command or client ?')
                 def __inject_extras(self, repo_path, baseui, extras={}):
                     """
                     Injects some extra params into baseui instance
                     also overwrites global settings with those takes from local hgrc file
                     :param baseui: baseui instance
                     :param extras: dict with extra params to put into baseui
                     """
                     hgrc = os.path.join(repo_path, '.hg', 'hgrc')
                     # make our hgweb quiet so it doesn't print output
                     baseui.setconfig('ui', 'quiet', 'true')
                     #inject some additional parameters that will be available in ui
                     #for hooks
                     for k, v in extras.items():
                         baseui.setconfig('rhodecode_extras', k, v)
                     repoui = make_ui('file', hgrc, False)
                     if repoui:
                         #overwrite our ui instance with the section from hgrc file
                         for section in ui_sections:
                             for k, v in repoui.configitems(section):
                                 baseui.setconfig(section, k, v)

rhodecode/lib/utils2.py

0 +11 -2

             # -*- coding: utf-8 -*-
             """
                 rhodecode.lib.utils
                 ~~~~~~~~~~~~~~~~~~~
                 Some simple helper functions
                 :created_on: Jan 5, 2011
                 :author: marcink
                 :copyright: (C) 2011-2012 Marcin Kuzminski <marcin@python-works.com>
                 :license: GPLv3, see COPYING for more details.
             """
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU General Public License as published by
             # the Free Software Foundation, either version 3 of the License, or
             # (at your option) any later version.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             import re
             import time
-            from datetime import datetime
+            import datetime
             from pylons.i18n.translation import _, ungettext
             from rhodecode.lib.vcs.utils.lazy import LazyProperty
             def __get_lem():
                 """
                 Get language extension map based on what's inside pygments lexers
                 """
                 from pygments import lexers
                 from string import lower
                 from collections import defaultdict
                 d = defaultdict(lambda: [])
                 def __clean(s):
                     s = s.lstrip('*')
                     s = s.lstrip('.')
                     if s.find('[') != -1:
                         exts = []
                         start, stop = s.find('['), s.find(']')
                         for suffix in s[start + 1:stop]:
                             exts.append(s[:s.find('[')] + suffix)
                         return map(lower, exts)
                     else:
                         return map(lower, [s])
                 for lx, t in sorted(lexers.LEXERS.items()):
                     m = map(__clean, t[-2])
                     if m:
                         m = reduce(lambda x, y: x + y, m)
                         for ext in m:
                             desc = lx.replace('Lexer', '')
                             d[ext].append(desc)
                 return dict(d)
             def str2bool(_str):
                 """
                 returs True/False value from given string, it tries to translate the
                 string into boolean
                 :param _str: string value to translate into boolean
                 :rtype: boolean
                 :returns: boolean from given string
                 """
                 if _str is None:
                     return False
                 if _str in (True, False):
                     return _str
                 _str = str(_str).strip().lower()
                 return _str in ('t', 'true', 'y', 'yes', 'on', '1')
             def convert_line_endings(line, mode):
                 """
                 Converts a given line  "line end" accordingly to given mode
                 Available modes are::
 - Unix
 - Mac
 - DOS
                 :param line: given line to convert
                 :param mode: mode to convert to
                 :rtype: str
                 :return: converted line according to mode
                 """
                 from string import replace
                 if mode == 0:
                         line = replace(line, '\r\n', '\n')
                         line = replace(line, '\r', '\n')
                 elif mode == 1:
                         line = replace(line, '\r\n', '\r')
                         line = replace(line, '\n', '\r')
                 elif mode == 2:
                         line = re.sub("\r(?!\n)|(?<!\r)\n", "\r\n", line)
                 return line
             def detect_mode(line, default):
                 """
                 Detects line break for given line, if line break couldn't be found
                 given default value is returned
                 :param line: str line
                 :param default: default
                 :rtype: int
                 :return: value of line end on of 0 - Unix, 1 - Mac, 2 - DOS
                 """
                 if line.endswith('\r\n'):
                     return 2
                 elif line.endswith('\n'):
                     return 0
                 elif line.endswith('\r'):
                     return 1
                 else:
                     return default
             def generate_api_key(username, salt=None):
                 """
                 Generates unique API key for given username, if salt is not given
                 it'll be generated from some random string
                 :param username: username as string
                 :param salt: salt to hash generate KEY
                 :rtype: str
                 :returns: sha1 hash from username+salt
                 """
                 from tempfile import _RandomNameSequence
                 import hashlib
                 if salt is None:
                     salt = _RandomNameSequence().next()
                 return hashlib.sha1(username + salt).hexdigest()
             def safe_unicode(str_, from_encoding=None):
                 """
                 safe unicode function. Does few trick to turn str_ into unicode
                 In case of UnicodeDecode error we try to return it with encoding detected
                 by chardet library if it fails fallback to unicode with errors replaced
                 :param str_: string to decode
                 :rtype: unicode
                 :returns: unicode object
                 """
                 if isinstance(str_, unicode):
                     return str_
                 if not from_encoding:
                     import rhodecode
                     DEFAULT_ENCODING = rhodecode.CONFIG.get('default_encoding','utf8')
                     from_encoding = DEFAULT_ENCODING
                 try:
                     return unicode(str_)
                 except UnicodeDecodeError:
                     pass
                 try:
                     return unicode(str_, from_encoding)
                 except UnicodeDecodeError:
                     pass
                 try:
                     import chardet
                     encoding = chardet.detect(str_)['encoding']
                     if encoding is None:
                         raise Exception()
                     return str_.decode(encoding)
                 except (ImportError, UnicodeDecodeError, Exception):
                     return unicode(str_, from_encoding, 'replace')
             def safe_str(unicode_, to_encoding=None):
                 """
                 safe str function. Does few trick to turn unicode_ into string
                 In case of UnicodeEncodeError we try to return it with encoding detected
                 by chardet library if it fails fallback to string with errors replaced
                 :param unicode_: unicode to encode
                 :rtype: str
                 :returns: str object
                 """
                 # if it's not basestr cast to str
                 if not isinstance(unicode_, basestring):
                     return str(unicode_)
                 if isinstance(unicode_, str):
                     return unicode_
                 if not to_encoding:
                     import rhodecode
                     DEFAULT_ENCODING = rhodecode.CONFIG.get('default_encoding','utf8')
                     to_encoding = DEFAULT_ENCODING
                 try:
                     return unicode_.encode(to_encoding)
                 except UnicodeEncodeError:
                     pass
                 try:
                     import chardet
                     encoding = chardet.detect(unicode_)['encoding']
                     if encoding is None:
                         raise UnicodeEncodeError()
                     return unicode_.encode(encoding)
                 except (ImportError, UnicodeEncodeError):
                     return unicode_.encode(to_encoding, 'replace')
                 return safe_str
             def engine_from_config(configuration, prefix='sqlalchemy.', **kwargs):
                 """
                 Custom engine_from_config functions that makes sure we use NullPool for
                 file based sqlite databases. This prevents errors on sqlite. This only
                 applies to sqlalchemy versions < 0.7.0
                 """
                 import sqlalchemy
                 from sqlalchemy import engine_from_config as efc
                 import logging
                 if int(sqlalchemy.__version__.split('.')[1]) < 7:
                     # This solution should work for sqlalchemy < 0.7.0, and should use
                     # proxy=TimerProxy() for execution time profiling
                     from sqlalchemy.pool import NullPool
                     url = configuration[prefix + 'url']
                     if url.startswith('sqlite'):
                         kwargs.update({'poolclass': NullPool})
                     return efc(configuration, prefix, **kwargs)
                 else:
                     import time
                     from sqlalchemy import event
                     from sqlalchemy.engine import Engine
                     log = logging.getLogger('sqlalchemy.engine')
                     BLACK, RED, GREEN, YELLOW, BLUE, MAGENTA, CYAN, WHITE = xrange(30, 38)
                     engine = efc(configuration, prefix, **kwargs)
                     def color_sql(sql):
                         COLOR_SEQ = "\033[1;%dm"
                         COLOR_SQL = YELLOW
                         normal = '\x1b[0m'
                         return ''.join([COLOR_SEQ % COLOR_SQL, sql, normal])
                     if configuration['debug']:
                         #attach events only for debug configuration
                         def before_cursor_execute(conn, cursor, statement,
                                                 parameters, context, executemany):
                             context._query_start_time = time.time()
                             log.info(color_sql(">>>>> STARTING QUERY >>>>>"))
                         def after_cursor_execute(conn, cursor, statement,
                                                 parameters, context, executemany):
                             total = time.time() - context._query_start_time
                             log.info(color_sql("<<<<< TOTAL TIME: %f <<<<<" % total))
                         event.listen(engine, "before_cursor_execute",
                                      before_cursor_execute)
                         event.listen(engine, "after_cursor_execute",
                                      after_cursor_execute)
                 return engine
             def age(prevdate):
                 """
                 turns a datetime into an age string.
                 :param prevdate: datetime object
                 :rtype: unicode
                 :returns: unicode words describing age
                 """
                 order = ['year', 'month', 'day', 'hour', 'minute', 'second']
                 deltas = {}
                 # Get date parts deltas
-                now = datetime.now()
+                now = datetime.datetime.now()
                 for part in order:
                     deltas[part] = getattr(now, part) - getattr(prevdate, part)
                 # Fix negative offsets (there is 1 second between 10:59:59 and 11:00:00,
                 # not 1 hour, -59 minutes and -59 seconds)
                 for num, length in [(5, 60), (4, 60), (3, 24)]:  # seconds, minutes, hours
                     part = order[num]
                     carry_part = order[num - 1]
                     if deltas[part] < 0:
                         deltas[part] += length
                         deltas[carry_part] -= 1
                 # Same thing for days except that the increment depends on the (variable)
                 # number of days in the month
                 month_lengths = [31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31]
                 if deltas['day'] < 0:
                     if prevdate.month == 2 and (prevdate.year % 4 == 0 and
                         (prevdate.year % 100 != 0 or prevdate.year % 400 == 0)):
                         deltas['day'] += 29
                     else:
                         deltas['day'] += month_lengths[prevdate.month - 1]
                     deltas['month'] -= 1
                 if deltas['month'] < 0:
                     deltas['month'] += 12
                     deltas['year'] -= 1
                 # Format the result
                 fmt_funcs = {
                     'year': lambda d: ungettext(u'%d year', '%d years', d) % d,
                     'month': lambda d: ungettext(u'%d month', '%d months', d) % d,
                     'day': lambda d: ungettext(u'%d day', '%d days', d) % d,
                     'hour': lambda d: ungettext(u'%d hour', '%d hours', d) % d,
                     'minute': lambda d: ungettext(u'%d minute', '%d minutes', d) % d,
                     'second': lambda d: ungettext(u'%d second', '%d seconds', d) % d,
                 }
                 for i, part in enumerate(order):
                     value = deltas[part]
                     if value == 0:
                         continue
                     if i < 5:
                         sub_part = order[i + 1]
                         sub_value = deltas[sub_part]
                     else:
                         sub_value = 0
                     if sub_value == 0:
                         return _(u'%s ago') % fmt_funcs[part](value)
                     return _(u'%s and %s ago') % (fmt_funcs[part](value),
                         fmt_funcs[sub_part](sub_value))
                 return _(u'just now')
             def uri_filter(uri):
                 """
                 Removes user:password from given url string
                 :param uri:
                 :rtype: unicode
                 :returns: filtered list of strings
                 """
                 if not uri:
                     return ''
                 proto = ''
                 for pat in ('https://', 'http://'):
                     if uri.startswith(pat):
                         uri = uri[len(pat):]
                         proto = pat
                         break
                 # remove passwords and username
                 uri = uri[uri.find('@') + 1:]
                 # get the port
                 cred_pos = uri.find(':')
                 if cred_pos == -1:
                     host, port = uri, None
                 else:
                     host, port = uri[:cred_pos], uri[cred_pos + 1:]
                 return filter(None, [proto, host, port])
             def credentials_filter(uri):
                 """
                 Returns a url with removed credentials
                 :param uri:
                 """
                 uri = uri_filter(uri)
                 #check if we have port
                 if len(uri) > 2 and uri[2]:
                     uri[2] = ':' + uri[2]
                 return ''.join(uri)
             def get_changeset_safe(repo, rev):
                 """
                 Safe version of get_changeset if this changeset doesn't exists for a
                 repo it returns a Dummy one instead
                 :param repo:
                 :param rev:
                 """
                 from rhodecode.lib.vcs.backends.base import BaseRepository
                 from rhodecode.lib.vcs.exceptions import RepositoryError
                 from rhodecode.lib.vcs.backends.base import EmptyChangeset
                 if not isinstance(repo, BaseRepository):
                     raise Exception('You must pass an Repository '
                                     'object as first argument got %s', type(repo))
                 try:
                     cs = repo.get_changeset(rev)
                 except RepositoryError:
                     cs = EmptyChangeset(requested_revision=rev)
                 return cs
             def datetime_to_time(dt):
                 if dt:
                     return time.mktime(dt.timetuple())
+            def time_to_datetime(tm):
+                if tm:
+                    if isinstance(tm, basestring):
+                        try:
+                            tm = float(tm)
+                        except ValueError:
+                            return
+                    return datetime.datetime.fromtimestamp(tm)
             MENTIONS_REGEX = r'(?:^@|\s@)([a-zA-Z0-9]{1}[a-zA-Z0-9\-\_\.]+)(?:\s{1})'
             def extract_mentioned_users(s):
                 """
                 Returns unique usernames from given string s that have @mention
                 :param s: string to get mentions
                 """
                 usrs = set()
                 for username in re.findall(MENTIONS_REGEX, s):
                     usrs.add(username)
                 return sorted(list(usrs), key=lambda k: k.lower())
             class AttributeDict(dict):
                 def __getattr__(self, attr):
                     return self.get(attr, None)
                 __setattr__ = dict.__setitem__
                 __delattr__ = dict.__delitem__

rhodecode/model/db.py

0 +44 -7

             # -*- coding: utf-8 -*-
             """
                 rhodecode.model.db
                 ~~~~~~~~~~~~~~~~~~
                 Database Models for RhodeCode
                 :created_on: Apr 08, 2010
                 :author: marcink
                 :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
                 :license: GPLv3, see COPYING for more details.
             """
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU General Public License as published by
             # the Free Software Foundation, either version 3 of the License, or
             # (at your option) any later version.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             import os
             import logging
             import datetime
             import traceback
             import hashlib
+            import time
             from collections import defaultdict
             from sqlalchemy import *
             from sqlalchemy.ext.hybrid import hybrid_property
             from sqlalchemy.orm import relationship, joinedload, class_mapper, validates
             from sqlalchemy.exc import DatabaseError
             from beaker.cache import cache_region, region_invalidate
             from webob.exc import HTTPNotFound
             from pylons.i18n.translation import lazy_ugettext as _
             from rhodecode.lib.vcs import get_backend
             from rhodecode.lib.vcs.utils.helpers import get_scm
             from rhodecode.lib.vcs.exceptions import VCSError
             from rhodecode.lib.vcs.utils.lazy import LazyProperty
             from rhodecode.lib.utils2 import str2bool, safe_str, get_changeset_safe, \
                 safe_unicode
             from rhodecode.lib.compat import json
             from rhodecode.lib.caching_query import FromCache
             from rhodecode.model.meta import Base, Session
             URL_SEP = '/'
             log = logging.getLogger(__name__)
             #==============================================================================
             # BASE CLASSES
             #==============================================================================
             _hash_key = lambda k: hashlib.md5(safe_str(k)).hexdigest()
             class BaseModel(object):
                 """
                 Base Model for all classess
                 """
                 @classmethod
                 def _get_keys(cls):
                     """return column names for this model """
                     return class_mapper(cls).c.keys()
                 def get_dict(self):
                     """
                     return dict with keys and values corresponding
                     to this model data """
                     d = {}
                     for k in self._get_keys():
                         d[k] = getattr(self, k)
                     # also use __json__() if present to get additional fields
                     _json_attr = getattr(self, '__json__', None)
                     if _json_attr:
                         # update with attributes from __json__
                         if callable(_json_attr):
                             _json_attr = _json_attr()
                         for k, val in _json_attr.iteritems():
                             d[k] = val
                     return d
                 def get_appstruct(self):
                     """return list with keys and values tupples corresponding
                     to this model data """
                     l = []
                     for k in self._get_keys():
                         l.append((k, getattr(self, k),))
                     return l
                 def populate_obj(self, populate_dict):
                     """populate model with data from given populate_dict"""
                     for k in self._get_keys():
                         if k in populate_dict:
                             setattr(self, k, populate_dict[k])
                 @classmethod
                 def query(cls):
                     return Session().query(cls)
                 @classmethod
                 def get(cls, id_):
                     if id_:
                         return cls.query().get(id_)
                 @classmethod
                 def get_or_404(cls, id_):
                     if id_:
                         res = cls.query().get(id_)
                         if not res:
                             raise HTTPNotFound
                         return res
                 @classmethod
                 def getAll(cls):
                     return cls.query().all()
                 @classmethod
                 def delete(cls, id_):
                     obj = cls.query().get(id_)
                     Session().delete(obj)
                 def __repr__(self):
                     if hasattr(self, '__unicode__'):
                         # python repr needs to return str
                         return safe_str(self.__unicode__())
                     return '<DB:%s>' % (self.__class__.__name__)
             class RhodeCodeSetting(Base, BaseModel):
                 __tablename__ = 'rhodecode_settings'
                 __table_args__ = (
                     UniqueConstraint('app_settings_name'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8'}
                 )
                 app_settings_id = Column("app_settings_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 app_settings_name = Column("app_settings_name", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
                 _app_settings_value = Column("app_settings_value", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
                 def __init__(self, k='', v=''):
                     self.app_settings_name = k
                     self.app_settings_value = v
                 @validates('_app_settings_value')
                 def validate_settings_value(self, key, val):
                     assert type(val) == unicode
                     return val
                 @hybrid_property
                 def app_settings_value(self):
                     v = self._app_settings_value
                     if self.app_settings_name == 'ldap_active':
                         v = str2bool(v)
                     return v
                 @app_settings_value.setter
                 def app_settings_value(self, val):
                     """
                     Setter that will always make sure we use unicode in app_settings_value
                     :param val:
                     """
                     self._app_settings_value = safe_unicode(val)
                 def __unicode__(self):
                     return u"<%s('%s:%s')>" % (
                         self.__class__.__name__,
                         self.app_settings_name, self.app_settings_value
                     )
                 @classmethod
                 def get_by_name(cls, key):
                     return cls.query()\
                         .filter(cls.app_settings_name == key).scalar()
                 @classmethod
                 def get_by_name_or_create(cls, key):
                     res = cls.get_by_name(key)
                     if not res:
                         res = cls(key)
                     return res
                 @classmethod
                 def get_app_settings(cls, cache=False):
                     ret = cls.query()
                     if cache:
                         ret = ret.options(FromCache("sql_cache_short", "get_hg_settings"))
                     if not ret:
                         raise Exception('Could not get application settings !')
                     settings = {}
                     for each in ret:
                         settings['rhodecode_' + each.app_settings_name] = \
                             each.app_settings_value
                     return settings
                 @classmethod
                 def get_ldap_settings(cls, cache=False):
                     ret = cls.query()\
                             .filter(cls.app_settings_name.startswith('ldap_')).all()
                     fd = {}
                     for row in ret:
                         fd.update({row.app_settings_name: row.app_settings_value})
                     return fd
             class RhodeCodeUi(Base, BaseModel):
                 __tablename__ = 'rhodecode_ui'
                 __table_args__ = (
                     UniqueConstraint('ui_key'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8'}
                 )
                 HOOK_UPDATE = 'changegroup.update'
                 HOOK_REPO_SIZE = 'changegroup.repo_size'
                 HOOK_PUSH = 'changegroup.push_logger'
-                HOOK_PULL = 'preoutgoing.pull_logger'
+                HOOK_PRE_PUSH = 'prechangegroup.pre_push'
+                HOOK_PULL = 'outgoing.pull_logger'
+                HOOK_PRE_PULL = 'preoutgoing.pre_pull'
                 ui_id = Column("ui_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 ui_section = Column("ui_section", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
                 ui_key = Column("ui_key", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
                 ui_value = Column("ui_value", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
                 ui_active = Column("ui_active", Boolean(), nullable=True, unique=None, default=True)
                 @classmethod
                 def get_by_key(cls, key):
                     return cls.query().filter(cls.ui_key == key).scalar()
                 @classmethod
                 def get_builtin_hooks(cls):
                     q = cls.query()
-                    q = q.filter(cls.ui_key.in_([cls.HOOK_UPDATE,
+                    q = q.filter(cls.ui_key.in_([cls.HOOK_UPDATE, cls.HOOK_REPO_SIZE,
-                                                cls.HOOK_REPO_SIZE,
+                                                 cls.HOOK_PUSH, cls.HOOK_PRE_PUSH,
-                                                cls.HOOK_PUSH, cls.HOOK_PULL]))
+                                                 cls.HOOK_PULL, cls.HOOK_PRE_PULL]))
                     return q.all()
                 @classmethod
                 def get_custom_hooks(cls):
                     q = cls.query()
-                    q = q.filter(~cls.ui_key.in_([cls.HOOK_UPDATE,
+                    q = q.filter(~cls.ui_key.in_([cls.HOOK_UPDATE, cls.HOOK_REPO_SIZE,
-                                                cls.HOOK_REPO_SIZE,
+                                                  cls.HOOK_PUSH, cls.HOOK_PRE_PUSH,
-                                                cls.HOOK_PUSH, cls.HOOK_PULL]))
+                                                  cls.HOOK_PULL, cls.HOOK_PRE_PULL]))
                     q = q.filter(cls.ui_section == 'hooks')
                     return q.all()
                 @classmethod
                 def get_repos_location(cls):
                     return cls.get_by_key('/').ui_value
                 @classmethod
                 def create_or_update_hook(cls, key, val):
                     new_ui = cls.get_by_key(key) or cls()
                     new_ui.ui_section = 'hooks'
                     new_ui.ui_active = True
                     new_ui.ui_key = key
                     new_ui.ui_value = val
                     Session().add(new_ui)
             class User(Base, BaseModel):
                 __tablename__ = 'users'
                 __table_args__ = (
                     UniqueConstraint('username'), UniqueConstraint('email'),
+                    Index('u_username_idx', 'username'),
+                    Index('u_email_idx', 'email'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8'}
                 )
+                DEFAULT_USER = 'default'
                 user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 username = Column("username", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
                 password = Column("password", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
                 active = Column("active", Boolean(), nullable=True, unique=None, default=True)
                 admin = Column("admin", Boolean(), nullable=True, unique=None, default=False)
                 name = Column("firstname", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
                 lastname = Column("lastname", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
                 _email = Column("email", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
                 last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None)
                 ldap_dn = Column("ldap_dn", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
                 api_key = Column("api_key", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
                 inherit_default_permissions = Column("inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
                 user_log = relationship('UserLog', cascade='all')
                 user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all')
                 repositories = relationship('Repository')
                 user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all')
                 repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all')
                 repo_group_to_perm = relationship('UserRepoGroupToPerm', primaryjoin='UserRepoGroupToPerm.user_id==User.user_id', cascade='all')
                 group_member = relationship('UsersGroupMember', cascade='all')
                 notifications = relationship('UserNotification', cascade='all')
                 # notifications assigned to this user
                 user_created_notifications = relationship('Notification', cascade='all')
                 # comments created by this user
                 user_comments = relationship('ChangesetComment', cascade='all')
                 #extra emails for this user
                 user_emails = relationship('UserEmailMap', cascade='all')
                 @hybrid_property
                 def email(self):
                     return self._email
                 @email.setter
                 def email(self, val):
                     self._email = val.lower() if val else None
                 @property
                 def emails(self):
                     other = UserEmailMap.query().filter(UserEmailMap.user==self).all()
                     return [self.email] + [x.email for x in other]
                 @property
                 def full_name(self):
                     return '%s %s' % (self.name, self.lastname)
                 @property
                 def full_name_or_username(self):
                     return ('%s %s' % (self.name, self.lastname)
                             if (self.name and self.lastname) else self.username)
                 @property
                 def full_contact(self):
                     return '%s %s <%s>' % (self.name, self.lastname, self.email)
                 @property
                 def short_contact(self):
                     return '%s %s' % (self.name, self.lastname)
                 @property
                 def is_admin(self):
                     return self.admin
                 def __unicode__(self):
                     return u"<%s('id:%s:%s')>" % (self.__class__.__name__,
                                                  self.user_id, self.username)
                 @classmethod
                 def get_by_username(cls, username, case_insensitive=False, cache=False):
                     if case_insensitive:
                         q = cls.query().filter(cls.username.ilike(username))
                     else:
                         q = cls.query().filter(cls.username == username)
                     if cache:
                         q = q.options(FromCache(
                                         "sql_cache_short",
                                         "get_user_%s" % _hash_key(username)
                                       )
                         )
                     return q.scalar()
                 @classmethod
                 def get_by_api_key(cls, api_key, cache=False):
                     q = cls.query().filter(cls.api_key == api_key)
                     if cache:
                         q = q.options(FromCache("sql_cache_short",
                                                 "get_api_key_%s" % api_key))
                     return q.scalar()
                 @classmethod
                 def get_by_email(cls, email, case_insensitive=False, cache=False):
                     if case_insensitive:
                         q = cls.query().filter(cls.email.ilike(email))
                     else:
                         q = cls.query().filter(cls.email == email)
                     if cache:
                         q = q.options(FromCache("sql_cache_short",
                                                 "get_email_key_%s" % email))
                     ret = q.scalar()
                     if ret is None:
                         q = UserEmailMap.query()
                         # try fetching in alternate email map
                         if case_insensitive:
                             q = q.filter(UserEmailMap.email.ilike(email))
                         else:
                             q = q.filter(UserEmailMap.email == email)
                         q = q.options(joinedload(UserEmailMap.user))
                         if cache:
                             q = q.options(FromCache("sql_cache_short",
                                                     "get_email_map_key_%s" % email))
                         ret = getattr(q.scalar(), 'user', None)
                     return ret
                 def update_lastlogin(self):
                     """Update user lastlogin"""
                     self.last_login = datetime.datetime.now()
                     Session().add(self)
                     log.debug('updated user %s lastlogin' % self.username)
                 def get_api_data(self):
                     """
                     Common function for generating user related data for API
                     """
                     user = self
                     data = dict(
                         user_id=user.user_id,
                         username=user.username,
                         firstname=user.name,
                         lastname=user.lastname,
                         email=user.email,
                         emails=user.emails,
                         api_key=user.api_key,
                         active=user.active,
                         admin=user.admin,
                         ldap_dn=user.ldap_dn,
                         last_login=user.last_login,
                     )
                     return data
                 def __json__(self):
                     data = dict(
                         full_name=self.full_name,
                         full_name_or_username=self.full_name_or_username,
                         short_contact=self.short_contact,
                         full_contact=self.full_contact
                     )
                     data.update(self.get_api_data())
                     return data
             class UserEmailMap(Base, BaseModel):
                 __tablename__ = 'user_email_map'
                 __table_args__ = (
                     Index('uem_email_idx', 'email'),
                     UniqueConstraint('email'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8'}
                 )
                 __mapper_args__ = {}
                 email_id = Column("email_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
                 _email = Column("email", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=False, default=None)
                 user = relationship('User', lazy='joined')
                 @validates('_email')
                 def validate_email(self, key, email):
                     # check if this email is not main one
                     main_email = Session().query(User).filter(User.email == email).scalar()
                     if main_email is not None:
                         raise AttributeError('email %s is present is user table' % email)
                     return email
                 @hybrid_property
                 def email(self):
                     return self._email
                 @email.setter
                 def email(self, val):
                     self._email = val.lower() if val else None
             class UserLog(Base, BaseModel):
                 __tablename__ = 'user_logs'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8'},
                 )
                 user_log_id = Column("user_log_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True)
                 repository_name = Column("repository_name", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
                 user_ip = Column("user_ip", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
                 action = Column("action", UnicodeText(1200000, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
                 action_date = Column("action_date", DateTime(timezone=False), nullable=True, unique=None, default=None)
                 @property
                 def action_as_day(self):
                     return datetime.date(*self.action_date.timetuple()[:3])
                 user = relationship('User')
                 repository = relationship('Repository', cascade='')
             class UsersGroup(Base, BaseModel):
                 __tablename__ = 'users_groups'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8'},
                 )
                 users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 users_group_name = Column("users_group_name", String(255, convert_unicode=False, assert_unicode=None), nullable=False, unique=True, default=None)
                 users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None)
                 inherit_default_permissions = Column("users_group_inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
                 members = relationship('UsersGroupMember', cascade="all, delete, delete-orphan", lazy="joined")
                 users_group_to_perm = relationship('UsersGroupToPerm', cascade='all')
                 users_group_repo_to_perm = relationship('UsersGroupRepoToPerm', cascade='all')
                 def __unicode__(self):
                     return u'<userGroup(%s)>' % (self.users_group_name)
                 @classmethod
                 def get_by_group_name(cls, group_name, cache=False,
                                       case_insensitive=False):
                     if case_insensitive:
                         q = cls.query().filter(cls.users_group_name.ilike(group_name))
                     else:
                         q = cls.query().filter(cls.users_group_name == group_name)
                     if cache:
                         q = q.options(FromCache(
                                         "sql_cache_short",
                                         "get_user_%s" % _hash_key(group_name)
                                       )
                         )
                     return q.scalar()
                 @classmethod
                 def get(cls, users_group_id, cache=False):
                     users_group = cls.query()
                     if cache:
                         users_group = users_group.options(FromCache("sql_cache_short",
                                                 "get_users_group_%s" % users_group_id))
                     return users_group.get(users_group_id)
                 def get_api_data(self):
                     users_group = self
                     data = dict(
                         users_group_id=users_group.users_group_id,
                         group_name=users_group.users_group_name,
                         active=users_group.users_group_active,
                     )
                     return data
             class UsersGroupMember(Base, BaseModel):
                 __tablename__ = 'users_groups_members'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8'},
                 )
                 users_group_member_id = Column("users_group_member_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 user = relationship('User', lazy='joined')
                 users_group = relationship('UsersGroup')
                 def __init__(self, gr_id='', u_id=''):
                     self.users_group_id = gr_id
                     self.user_id = u_id
             class Repository(Base, BaseModel):
                 __tablename__ = 'repositories'
                 __table_args__ = (
                     UniqueConstraint('repo_name'),
+                    Index('r_repo_name_idx', 'repo_name'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8'},
                 )
                 repo_id = Column("repo_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 repo_name = Column("repo_name", String(255, convert_unicode=False, assert_unicode=None), nullable=False, unique=True, default=None)
                 clone_uri = Column("clone_uri", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=False, default=None)
                 repo_type = Column("repo_type", String(255, convert_unicode=False, assert_unicode=None), nullable=False, unique=False, default=None)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)
                 private = Column("private", Boolean(), nullable=True, unique=None, default=None)
                 enable_statistics = Column("statistics", Boolean(), nullable=True, unique=None, default=True)
                 enable_downloads = Column("downloads", Boolean(), nullable=True, unique=None, default=True)
                 description = Column("description", String(10000, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
                 landing_rev = Column("landing_revision", String(255, convert_unicode=False, assert_unicode=None), nullable=False, unique=False, default=None)
+                enable_locking = Column("enable_locking", Boolean(), nullable=False, unique=None, default=False)
+                _locked = Column("locked", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=False, default=None)
                 fork_id = Column("fork_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=False, default=None)
                 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=False, default=None)
                 user = relationship('User')
                 fork = relationship('Repository', remote_side=repo_id)
                 group = relationship('RepoGroup')
                 repo_to_perm = relationship('UserRepoToPerm', cascade='all', order_by='UserRepoToPerm.repo_to_perm_id')
                 users_group_to_perm = relationship('UsersGroupRepoToPerm', cascade='all')
                 stats = relationship('Statistics', cascade='all', uselist=False)
                 followers = relationship('UserFollowing',
                                          primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id',
                                          cascade='all')
                 logs = relationship('UserLog')
                 comments = relationship('ChangesetComment', cascade="all, delete, delete-orphan")
                 pull_requests_org = relationship('PullRequest',
                                 primaryjoin='PullRequest.org_repo_id==Repository.repo_id',
                                 cascade="all, delete, delete-orphan")
                 pull_requests_other = relationship('PullRequest',
                                 primaryjoin='PullRequest.other_repo_id==Repository.repo_id',
                                 cascade="all, delete, delete-orphan")
                 def __unicode__(self):
                     return u"<%s('%s:%s')>" % (self.__class__.__name__, self.repo_id,
                                                self.repo_name)
+                @hybrid_property
+                def locked(self):
+                    # always should return [user_id, timelocked]
+                    if self._locked:
+                        _lock_info = self._locked.split(':')
+                        return int(_lock_info[0]), _lock_info[1]
+                    return [None, None]
+                @locked.setter
+                def locked(self, val):
+                    if val and isinstance(val, (list, tuple)):
+                        self._locked = ':'.join(map(str, val))
+                    else:
+                        self._locked = None
                 @classmethod
                 def url_sep(cls):
                     return URL_SEP
                 @classmethod
                 def get_by_repo_name(cls, repo_name):
                     q = Session().query(cls).filter(cls.repo_name == repo_name)
                     q = q.options(joinedload(Repository.fork))\
                             .options(joinedload(Repository.user))\
                             .options(joinedload(Repository.group))
                     return q.scalar()
                 @classmethod
                 def get_by_full_path(cls, repo_full_path):
                     repo_name = repo_full_path.split(cls.base_path(), 1)[-1]
                     return cls.get_by_repo_name(repo_name.strip(URL_SEP))
                 @classmethod
                 def get_repo_forks(cls, repo_id):
                     return cls.query().filter(Repository.fork_id == repo_id)
                 @classmethod
                 def base_path(cls):
                     """
                     Returns base path when all repos are stored
                     :param cls:
                     """
                     q = Session().query(RhodeCodeUi)\
                         .filter(RhodeCodeUi.ui_key == cls.url_sep())
                     q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
                     return q.one().ui_value
                 @property
                 def forks(self):
                     """
                     Return forks of this repo
                     """
                     return Repository.get_repo_forks(self.repo_id)
                 @property
                 def parent(self):
                     """
                     Returns fork parent
                     """
                     return self.fork
                 @property
                 def just_name(self):
                     return self.repo_name.split(Repository.url_sep())[-1]
                 @property
                 def groups_with_parents(self):
                     groups = []
                     if self.group is None:
                         return groups
                     cur_gr = self.group
                     groups.insert(0, cur_gr)
                     while 1:
                         gr = getattr(cur_gr, 'parent_group', None)
                         cur_gr = cur_gr.parent_group
                         if gr is None:
                             break
                         groups.insert(0, gr)
                     return groups
                 @property
                 def groups_and_repo(self):
                     return self.groups_with_parents, self.just_name
                 @LazyProperty
                 def repo_path(self):
                     """
                     Returns base full path for that repository means where it actually
                     exists on a filesystem
                     """
                     q = Session().query(RhodeCodeUi).filter(RhodeCodeUi.ui_key ==
                                                           Repository.url_sep())
                     q = q.options(FromCache("sql_cache_short", "repository_repo_path"))
                     return q.one().ui_value
                 @property
                 def repo_full_path(self):
                     p = [self.repo_path]
                     # we need to split the name by / since this is how we store the
                     # names in the database, but that eventually needs to be converted
                     # into a valid system path
                     p += self.repo_name.split(Repository.url_sep())
                     return os.path.join(*p)
                 def get_new_name(self, repo_name):
                     """
                     returns new full repository name based on assigned group and new new
                     :param group_name:
                     """
                     path_prefix = self.group.full_path_splitted if self.group else []
                     return Repository.url_sep().join(path_prefix + [repo_name])
                 @property
                 def _ui(self):
                     """
                     Creates an db based ui object for this repository
                     """
                     from mercurial import ui
                     from mercurial import config
                     baseui = ui.ui()
                     #clean the baseui object
                     baseui._ocfg = config.config()
                     baseui._ucfg = config.config()
                     baseui._tcfg = config.config()
                     ret = RhodeCodeUi.query()\
                         .options(FromCache("sql_cache_short", "repository_repo_ui")).all()
                     hg_ui = ret
                     for ui_ in hg_ui:
                         if ui_.ui_active:
                             log.debug('settings ui from db[%s]%s:%s', ui_.ui_section,
                                       ui_.ui_key, ui_.ui_value)
                             baseui.setconfig(ui_.ui_section, ui_.ui_key, ui_.ui_value)
                         if ui_.ui_key == 'push_ssl':
                             # force set push_ssl requirement to False, rhodecode
                             # handles that
                             baseui.setconfig(ui_.ui_section, ui_.ui_key, False)
                     return baseui
                 @classmethod
                 def inject_ui(cls, repo, extras={}):
                     from rhodecode.lib.vcs.backends.hg import MercurialRepository
                     from rhodecode.lib.vcs.backends.git import GitRepository
                     required = (MercurialRepository, GitRepository)
                     if not isinstance(repo, required):
                         raise Exception('repo must be instance of %s' % required)
                     # inject ui extra param to log this action via push logger
                     for k, v in extras.items():
                         repo._repo.ui.setconfig('rhodecode_extras', k, v)
                 @classmethod
                 def is_valid(cls, repo_name):
                     """
                     returns True if given repo name is a valid filesystem repository
                     :param cls:
                     :param repo_name:
                     """
                     from rhodecode.lib.utils import is_valid_repo
                     return is_valid_repo(repo_name, cls.base_path())
                 def get_api_data(self):
                     """
                     Common function for generating repo api data
                     """
                     repo = self
                     data = dict(
                         repo_id=repo.repo_id,
                         repo_name=repo.repo_name,
                         repo_type=repo.repo_type,
                         clone_uri=repo.clone_uri,
                         private=repo.private,
                         created_on=repo.created_on,
                         description=repo.description,
                         landing_rev=repo.landing_rev,
                         owner=repo.user.username,
                         fork_of=repo.fork.repo_name if repo.fork else None
                     )
                     return data
+                @classmethod
+                def lock(cls, repo, user_id):
+                    repo.locked = [user_id, time.time()]
+                    Session().add(repo)
+                    Session().commit()
+                @classmethod
+                def unlock(cls, repo):
+                    repo.locked = None
+                    Session().add(repo)
+                    Session().commit()
                 #==========================================================================
                 # SCM PROPERTIES
                 #==========================================================================
                 def get_changeset(self, rev=None):
                     return get_changeset_safe(self.scm_instance, rev)
                 def get_landing_changeset(self):
                     """
                     Returns landing changeset, or if that doesn't exist returns the tip
                     """
                     cs = self.get_changeset(self.landing_rev) or self.get_changeset()
                     return cs
                 @property
                 def tip(self):
                     return self.get_changeset('tip')
                 @property
                 def author(self):
                     return self.tip.author
                 @property
                 def last_change(self):
                     return self.scm_instance.last_change
                 def get_comments(self, revisions=None):
                     """
                     Returns comments for this repository grouped by revisions
                     :param revisions: filter query by revisions only
                     """
                     cmts = ChangesetComment.query()\
                         .filter(ChangesetComment.repo == self)
                     if revisions:
                         cmts = cmts.filter(ChangesetComment.revision.in_(revisions))
                     grouped = defaultdict(list)
                     for cmt in cmts.all():
                         grouped[cmt.revision].append(cmt)
                     return grouped
                 def statuses(self, revisions=None):
                     """
                     Returns statuses for this repository
                     :param revisions: list of revisions to get statuses for
                     :type revisions: list
                     """
                     statuses = ChangesetStatus.query()\
                         .filter(ChangesetStatus.repo == self)\
                         .filter(ChangesetStatus.version == 0)
                     if revisions:
                         statuses = statuses.filter(ChangesetStatus.revision.in_(revisions))
                     grouped = {}
                     #maybe we have open new pullrequest without a status ?
                     stat = ChangesetStatus.STATUS_UNDER_REVIEW
                     status_lbl = ChangesetStatus.get_status_lbl(stat)
                     for pr in PullRequest.query().filter(PullRequest.org_repo == self).all():
                         for rev in pr.revisions:
                             pr_id = pr.pull_request_id
                             pr_repo = pr.other_repo.repo_name
                             grouped[rev] = [stat, status_lbl, pr_id, pr_repo]
                     for stat in statuses.all():
                         pr_id = pr_repo = None
                         if stat.pull_request:
                             pr_id = stat.pull_request.pull_request_id
                             pr_repo = stat.pull_request.other_repo.repo_name
                         grouped[stat.revision] = [str(stat.status), stat.status_lbl,
                                                   pr_id, pr_repo]
                     return grouped
                 #==========================================================================
                 # SCM CACHE INSTANCE
                 #==========================================================================
                 @property
                 def invalidate(self):
                     return CacheInvalidation.invalidate(self.repo_name)
                 def set_invalidate(self):
                     """
                     set a cache for invalidation for this instance
                     """
                     CacheInvalidation.set_invalidate(self.repo_name)
                 @LazyProperty
                 def scm_instance(self):
                     return self.__get_instance()
                 def scm_instance_cached(self, cache_map=None):
                     @cache_region('long_term')
                     def _c(repo_name):
                         return self.__get_instance()
                     rn = self.repo_name
                     log.debug('Getting cached instance of repo')
                     if cache_map:
                         # get using prefilled cache_map
                         invalidate_repo = cache_map[self.repo_name]
                         if invalidate_repo:
                             invalidate_repo = (None if invalidate_repo.cache_active
                                                else invalidate_repo)
                     else:
                         # get from invalidate
                         invalidate_repo = self.invalidate
                     if invalidate_repo is not None:
                         region_invalidate(_c, None, rn)
                         # update our cache
                         CacheInvalidation.set_valid(invalidate_repo.cache_key)
                     return _c(rn)
                 def __get_instance(self):
                     repo_full_path = self.repo_full_path
                     try:
                         alias = get_scm(repo_full_path)[0]
                         log.debug('Creating instance of %s repository' % alias)
                         backend = get_backend(alias)
                     except VCSError:
                         log.error(traceback.format_exc())
                         log.error('Perhaps this repository is in db and not in '
                                   'filesystem run rescan repositories with '
                                   '"destroy old data " option from admin panel')
                         return
                     if alias == 'hg':
                         repo = backend(safe_str(repo_full_path), create=False,
                                        baseui=self._ui)
                         # skip hidden web repository
                         if repo._get_hidden():
                             return
                     else:
                         repo = backend(repo_full_path, create=False)
                     return repo
             class RepoGroup(Base, BaseModel):
                 __tablename__ = 'groups'
                 __table_args__ = (
                     UniqueConstraint('group_name', 'group_parent_id'),
                     CheckConstraint('group_id != group_parent_id'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8'},
                 )
                 __mapper_args__ = {'order_by': 'group_name'}
                 group_id = Column("group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 group_name = Column("group_name", String(255, convert_unicode=False, assert_unicode=None), nullable=False, unique=True, default=None)
                 group_parent_id = Column("group_parent_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)
                 group_description = Column("group_description", String(10000, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
                 repo_group_to_perm = relationship('UserRepoGroupToPerm', cascade='all', order_by='UserRepoGroupToPerm.group_to_perm_id')
                 users_group_to_perm = relationship('UsersGroupRepoGroupToPerm', cascade='all')
                 parent_group = relationship('RepoGroup', remote_side=group_id)
                 def __init__(self, group_name='', parent_group=None):
                     self.group_name = group_name
                     self.parent_group = parent_group
                 def __unicode__(self):
                     return u"<%s('%s:%s')>" % (self.__class__.__name__, self.group_id,
                                               self.group_name)
                 @classmethod
                 def groups_choices(cls):
                     from webhelpers.html import literal as _literal
                     repo_groups = [('', '')]
                     sep = ' &raquo; '
                     _name = lambda k: _literal(sep.join(k))
                     repo_groups.extend([(x.group_id, _name(x.full_path_splitted))
                                           for x in cls.query().all()])
                     repo_groups = sorted(repo_groups, key=lambda t: t[1].split(sep)[0])
                     return repo_groups
                 @classmethod
                 def url_sep(cls):
                     return URL_SEP
                 @classmethod
                 def get_by_group_name(cls, group_name, cache=False, case_insensitive=False):
                     if case_insensitive:
                         gr = cls.query()\
                             .filter(cls.group_name.ilike(group_name))
                     else:
                         gr = cls.query()\
                             .filter(cls.group_name == group_name)
                     if cache:
                         gr = gr.options(FromCache(
                                         "sql_cache_short",
                                         "get_group_%s" % _hash_key(group_name)
                                         )
                         )
                     return gr.scalar()
                 @property
                 def parents(self):
                     parents_recursion_limit = 5
                     groups = []
                     if self.parent_group is None:
                         return groups
                     cur_gr = self.parent_group
                     groups.insert(0, cur_gr)
                     cnt = 0
                     while 1:
                         cnt += 1
                         gr = getattr(cur_gr, 'parent_group', None)
                         cur_gr = cur_gr.parent_group
                         if gr is None:
                             break
                         if cnt == parents_recursion_limit:
                             # this will prevent accidental infinit loops
                             log.error('group nested more than %s' %
                                       parents_recursion_limit)
                             break
                         groups.insert(0, gr)
                     return groups
                 @property
                 def children(self):
                     return RepoGroup.query().filter(RepoGroup.parent_group == self)
                 @property
                 def name(self):
                     return self.group_name.split(RepoGroup.url_sep())[-1]
                 @property
                 def full_path(self):
                     return self.group_name
                 @property
                 def full_path_splitted(self):
                     return self.group_name.split(RepoGroup.url_sep())
                 @property
                 def repositories(self):
                     return Repository.query()\
                             .filter(Repository.group == self)\
                             .order_by(Repository.repo_name)
                 @property
                 def repositories_recursive_count(self):
                     cnt = self.repositories.count()
                     def children_count(group):
                         cnt = 0
                         for child in group.children:
                             cnt += child.repositories.count()
                             cnt += children_count(child)
                         return cnt
                     return cnt + children_count(self)
                 def get_new_name(self, group_name):
                     """
                     returns new full group name based on parent and new name
                     :param group_name:
                     """
                     path_prefix = (self.parent_group.full_path_splitted if
                                    self.parent_group else [])
                     return RepoGroup.url_sep().join(path_prefix + [group_name])
             class Permission(Base, BaseModel):
                 __tablename__ = 'permissions'
                 __table_args__ = (
                     Index('p_perm_name_idx', 'permission_name'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8'},
                 )
                 PERMS = [
                     ('repository.none', _('Repository no access')),
                     ('repository.read', _('Repository read access')),
                     ('repository.write', _('Repository write access')),
                     ('repository.admin', _('Repository admin access')),
                     ('group.none', _('Repositories Group no access')),
                     ('group.read', _('Repositories Group read access')),
                     ('group.write', _('Repositories Group write access')),
                     ('group.admin', _('Repositories Group admin access')),
                     ('hg.admin', _('RhodeCode Administrator')),
                     ('hg.create.none', _('Repository creation disabled')),
                     ('hg.create.repository', _('Repository creation enabled')),
                     ('hg.fork.none', _('Repository forking disabled')),
                     ('hg.fork.repository', _('Repository forking enabled')),
                     ('hg.register.none', _('Register disabled')),
                     ('hg.register.manual_activate', _('Register new user with RhodeCode '
                                                       'with manual activation')),
                     ('hg.register.auto_activate', _('Register new user with RhodeCode '
                                                     'with auto activation')),
                 ]
                 # defines which permissions are more important higher the more important
                 PERM_WEIGHTS = {
                     'repository.none': 0,
                     'repository.read': 1,
                     'repository.write': 3,
                     'repository.admin': 4,
                     'group.none': 0,
                     'group.read': 1,
                     'group.write': 3,
                     'group.admin': 4,
                     'hg.fork.none': 0,
                     'hg.fork.repository': 1,
                     'hg.create.none': 0,
                     'hg.create.repository':1
                 }
                 permission_id = Column("permission_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 permission_name = Column("permission_name", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
                 permission_longname = Column("permission_longname", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
                 def __unicode__(self):
                     return u"<%s('%s:%s')>" % (
                         self.__class__.__name__, self.permission_id, self.permission_name
                     )
                 @classmethod
                 def get_by_key(cls, key):
                     return cls.query().filter(cls.permission_name == key).scalar()
                 @classmethod
                 def get_default_perms(cls, default_user_id):
                     q = Session().query(UserRepoToPerm, Repository, cls)\
                      .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\
                      .join((cls, UserRepoToPerm.permission_id == cls.permission_id))\
                      .filter(UserRepoToPerm.user_id == default_user_id)
                     return q.all()
                 @classmethod
                 def get_default_group_perms(cls, default_user_id):
                     q = Session().query(UserRepoGroupToPerm, RepoGroup, cls)\
                      .join((RepoGroup, UserRepoGroupToPerm.group_id == RepoGroup.group_id))\
                      .join((cls, UserRepoGroupToPerm.permission_id == cls.permission_id))\
                      .filter(UserRepoGroupToPerm.user_id == default_user_id)
                     return q.all()
             class UserRepoToPerm(Base, BaseModel):
                 __tablename__ = 'repo_to_perm'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'repository_id', 'permission_id'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8'}
                 )
                 repo_to_perm_id = Column("repo_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
                 user = relationship('User')
                 repository = relationship('Repository')
                 permission = relationship('Permission')
                 @classmethod
                 def create(cls, user, repository, permission):
                     n = cls()
                     n.user = user
                     n.repository = repository
                     n.permission = permission
                     Session().add(n)
                     return n
                 def __unicode__(self):
                     return u'<user:%s => %s >' % (self.user, self.repository)
             class UserToPerm(Base, BaseModel):
                 __tablename__ = 'user_to_perm'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'permission_id'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8'}
                 )
                 user_to_perm_id = Column("user_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 user = relationship('User')
                 permission = relationship('Permission', lazy='joined')
             class UsersGroupRepoToPerm(Base, BaseModel):
                 __tablename__ = 'users_group_repo_to_perm'
                 __table_args__ = (
                     UniqueConstraint('repository_id', 'users_group_id', 'permission_id'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8'}
                 )
                 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
                 users_group = relationship('UsersGroup')
                 permission = relationship('Permission')
                 repository = relationship('Repository')
                 @classmethod
                 def create(cls, users_group, repository, permission):
                     n = cls()
                     n.users_group = users_group
                     n.repository = repository
                     n.permission = permission
                     Session().add(n)
                     return n
                 def __unicode__(self):
                     return u'<userGroup:%s => %s >' % (self.users_group, self.repository)
             class UsersGroupToPerm(Base, BaseModel):
                 __tablename__ = 'users_group_to_perm'
                 __table_args__ = (
                     UniqueConstraint('users_group_id', 'permission_id',),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8'}
                 )
                 users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 users_group = relationship('UsersGroup')
                 permission = relationship('Permission')
             class UserRepoGroupToPerm(Base, BaseModel):
                 __tablename__ = 'user_repo_group_to_perm'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'group_id', 'permission_id'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8'}
                 )
                 group_to_perm_id = Column("group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 user = relationship('User')
                 group = relationship('RepoGroup')
                 permission = relationship('Permission')
             class UsersGroupRepoGroupToPerm(Base, BaseModel):
                 __tablename__ = 'users_group_repo_group_to_perm'
                 __table_args__ = (
                     UniqueConstraint('users_group_id', 'group_id'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8'}
                 )
                 users_group_repo_group_to_perm_id = Column("users_group_repo_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)
                 group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)
                 permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
                 users_group = relationship('UsersGroup')
                 permission = relationship('Permission')
                 group = relationship('RepoGroup')
             class Statistics(Base, BaseModel):
                 __tablename__ = 'statistics'
                 __table_args__ = (
                      UniqueConstraint('repository_id'),
                      {'extend_existing': True, 'mysql_engine': 'InnoDB',
                       'mysql_charset': 'utf8'}
                 )
                 stat_id = Column("stat_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=True, default=None)
                 stat_on_revision = Column("stat_on_revision", Integer(), nullable=False)
                 commit_activity = Column("commit_activity", LargeBinary(1000000), nullable=False)#JSON data
                 commit_activity_combined = Column("commit_activity_combined", LargeBinary(), nullable=False)#JSON data
                 languages = Column("languages", LargeBinary(1000000), nullable=False)#JSON data
                 repository = relationship('Repository', single_parent=True)
             class UserFollowing(Base, BaseModel):
                 __tablename__ = 'user_followings'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'follows_repository_id'),
                     UniqueConstraint('user_id', 'follows_user_id'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8'}
                 )
                 user_following_id = Column("user_following_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
                 follows_repo_id = Column("follows_repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)
                 follows_user_id = Column("follows_user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)
                 follows_from = Column('follows_from', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)
                 user = relationship('User', primaryjoin='User.user_id==UserFollowing.user_id')
                 follows_user = relationship('User', primaryjoin='User.user_id==UserFollowing.follows_user_id')
                 follows_repository = relationship('Repository', order_by='Repository.repo_name')
                 @classmethod
                 def get_repo_followers(cls, repo_id):
                     return cls.query().filter(cls.follows_repo_id == repo_id)
             class CacheInvalidation(Base, BaseModel):
                 __tablename__ = 'cache_invalidation'
                 __table_args__ = (
                     UniqueConstraint('cache_key'),
                     Index('key_idx', 'cache_key'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8'},
                 )
                 cache_id = Column("cache_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
                 cache_key = Column("cache_key", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
                 cache_args = Column("cache_args", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
                 cache_active = Column("cache_active", Boolean(), nullable=True, unique=None, default=False)
                 def __init__(self, cache_key, cache_args=''):
                     self.cache_key = cache_key
                     self.cache_args = cache_args
                     self.cache_active = False
                 def __unicode__(self):
                     return u"<%s('%s:%s')>" % (self.__class__.__name__,
                                               self.cache_id, self.cache_key)
                 @classmethod
                 def clear_cache(cls):
                     cls.query().delete()
                 @classmethod
                 def _get_key(cls, key):
                     """
                     Wrapper for generating a key, together with a prefix
                     :param key:
                     """
                     import rhodecode
                     prefix = ''
                     iid = rhodecode.CONFIG.get('instance_id')
                     if iid:
                         prefix = iid
                     return "%s%s" % (prefix, key), prefix, key.rstrip('_README')
                 @classmethod
                 def get_by_key(cls, key):
                     return cls.query().filter(cls.cache_key == key).scalar()
                 @classmethod
                 def _get_or_create_key(cls, key, prefix, org_key):
                     inv_obj = Session().query(cls).filter(cls.cache_key == key).scalar()
                     if not inv_obj:
                         try:
                             inv_obj = CacheInvalidation(key, org_key)
                             Session().add(inv_obj)
                             Session().commit()
                         except Exception:
                             log.error(traceback.format_exc())
                             Session().rollback()
                     return inv_obj
                 @classmethod
                 def invalidate(cls, key):
                     """
                     Returns Invalidation object if this given key should be invalidated
                     None otherwise. `cache_active = False` means that this cache
                     state is not valid and needs to be invalidated
                     :param key:
                     """
                     key, _prefix, _org_key = cls._get_key(key)
                     inv = cls._get_or_create_key(key, _prefix, _org_key)
                     if inv and inv.cache_active is False:
                         return inv
                 @classmethod
                 def set_invalidate(cls, key):
                     """
                     Mark this Cache key for invalidation
                     :param key:
                     """
                     key, _prefix, _org_key = cls._get_key(key)
                     inv_objs = Session().query(cls).filter(cls.cache_args == _org_key).all()
                     log.debug('marking %s key[s] %s for invalidation' % (len(inv_objs),
                                                                          _org_key))
                     try:
                         for inv_obj in inv_objs:
                             if inv_obj:
                                 inv_obj.cache_active = False
                             Session().add(inv_obj)
                         Session().commit()
                     except Exception:
                         log.error(traceback.format_exc())
                         Session().rollback()
                 @classmethod
                 def set_valid(cls, key):
                     """
                     Mark this cache key as active and currently cached
                     :param key:
                     """
                     inv_obj = cls.get_by_key(key)
                     inv_obj.cache_active = True
                     Session().add(inv_obj)
                     Session().commit()
                 @classmethod
                 def get_cache_map(cls):
                     class cachemapdict(dict):
                         def __init__(self, *args, **kwargs):
                             fixkey = kwargs.get('fixkey')
                             if fixkey:
                                 del kwargs['fixkey']
                             self.fixkey = fixkey
                             super(cachemapdict, self).__init__(*args, **kwargs)
                         def __getattr__(self, name):
                             key = name
                             if self.fixkey:
                                 key, _prefix, _org_key = cls._get_key(key)
                             if key in self.__dict__:
                                 return self.__dict__[key]
                             else:
                                 return self[key]
                         def __getitem__(self, key):
                             if self.fixkey:
                                 key, _prefix, _org_key = cls._get_key(key)
                             try:
                                 return super(cachemapdict, self).__getitem__(key)
                             except KeyError:
                                 return
                     cache_map = cachemapdict(fixkey=True)
                     for obj in cls.query().all():
                         cache_map[obj.cache_key] = cachemapdict(obj.get_dict())
                     return cache_map
             class ChangesetComment(Base, BaseModel):
                 __tablename__ = 'changeset_comments'
                 __table_args__ = (
                     Index('cc_revision_idx', 'revision'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8'},
                 )
                 comment_id = Column('comment_id', Integer(), nullable=False, primary_key=True)
                 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
                 revision = Column('revision', String(40), nullable=True)
                 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
                 line_no = Column('line_no', Unicode(10), nullable=True)
                 hl_lines = Column('hl_lines', Unicode(512), nullable=True)
                 f_path = Column('f_path', Unicode(1000), nullable=True)
                 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)
                 text = Column('text', Unicode(25000), nullable=False)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 author = relationship('User', lazy='joined')
                 repo = relationship('Repository')
                 status_change = relationship('ChangesetStatus', cascade="all, delete, delete-orphan")
                 pull_request = relationship('PullRequest', lazy='joined')
                 @classmethod
                 def get_users(cls, revision=None, pull_request_id=None):
                     """
                     Returns user associated with this ChangesetComment. ie those
                     who actually commented
                     :param cls:
                     :param revision:
                     """
                     q = Session().query(User)\
                             .join(ChangesetComment.author)
                     if revision:
                         q = q.filter(cls.revision == revision)
                     elif pull_request_id:
                         q = q.filter(cls.pull_request_id == pull_request_id)
                     return q.all()
             class ChangesetStatus(Base, BaseModel):
                 __tablename__ = 'changeset_statuses'
                 __table_args__ = (
                     Index('cs_revision_idx', 'revision'),
                     Index('cs_version_idx', 'version'),
                     UniqueConstraint('repo_id', 'revision', 'version'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8'}
                 )
                 STATUS_NOT_REVIEWED = DEFAULT = 'not_reviewed'
                 STATUS_APPROVED = 'approved'
                 STATUS_REJECTED = 'rejected'
                 STATUS_UNDER_REVIEW = 'under_review'
                 STATUSES = [
                     (STATUS_NOT_REVIEWED, _("Not Reviewed")),  # (no icon) and default
                     (STATUS_APPROVED, _("Approved")),
                     (STATUS_REJECTED, _("Rejected")),
                     (STATUS_UNDER_REVIEW, _("Under Review")),
                 ]
                 changeset_status_id = Column('changeset_status_id', Integer(), nullable=False, primary_key=True)
                 repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None)
                 revision = Column('revision', String(40), nullable=False)
                 status = Column('status', String(128), nullable=False, default=DEFAULT)
                 changeset_comment_id = Column('changeset_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'))
                 modified_at = Column('modified_at', DateTime(), nullable=False, default=datetime.datetime.now)
                 version = Column('version', Integer(), nullable=False, default=0)
                 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)
                 author = relationship('User', lazy='joined')
                 repo = relationship('Repository')
                 comment = relationship('ChangesetComment', lazy='joined')
                 pull_request = relationship('PullRequest', lazy='joined')
                 def __unicode__(self):
                     return u"<%s('%s:%s')>" % (
                         self.__class__.__name__,
                         self.status, self.author
                     )
                 @classmethod
                 def get_status_lbl(cls, value):
                     return dict(cls.STATUSES).get(value)
                 @property
                 def status_lbl(self):
                     return ChangesetStatus.get_status_lbl(self.status)
             class PullRequest(Base, BaseModel):
                 __tablename__ = 'pull_requests'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8'},
                 )
                 STATUS_NEW = u'new'
                 STATUS_OPEN = u'open'
                 STATUS_CLOSED = u'closed'
                 pull_request_id = Column('pull_request_id', Integer(), nullable=False, primary_key=True)
                 title = Column('title', Unicode(256), nullable=True)
                 description = Column('description', UnicodeText(10240), nullable=True)
                 status = Column('status', Unicode(256), nullable=False, default=STATUS_NEW)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 updated_on = Column('updated_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None)
                 _revisions = Column('revisions', UnicodeText(20500))  # 500 revisions max
                 org_repo_id = Column('org_repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
                 org_ref = Column('org_ref', Unicode(256), nullable=False)
                 other_repo_id = Column('other_repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)
                 other_ref = Column('other_ref', Unicode(256), nullable=False)
                 @hybrid_property
                 def revisions(self):
                     return self._revisions.split(':')
                 @revisions.setter
                 def revisions(self, val):
                     self._revisions = ':'.join(val)
                 author = relationship('User', lazy='joined')
                 reviewers = relationship('PullRequestReviewers',
                                          cascade="all, delete, delete-orphan")
                 org_repo = relationship('Repository', primaryjoin='PullRequest.org_repo_id==Repository.repo_id')
                 other_repo = relationship('Repository', primaryjoin='PullRequest.other_repo_id==Repository.repo_id')
                 statuses = relationship('ChangesetStatus')
                 comments = relationship('ChangesetComment',
                                          cascade="all, delete, delete-orphan")
                 def is_closed(self):
                     return self.status == self.STATUS_CLOSED
                 def __json__(self):
                     return dict(
                       revisions=self.revisions
                     )
             class PullRequestReviewers(Base, BaseModel):
                 __tablename__ = 'pull_request_reviewers'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8'},
                 )
                 def __init__(self, user=None, pull_request=None):
                     self.user = user
                     self.pull_request = pull_request
                 pull_requests_reviewers_id = Column('pull_requests_reviewers_id', Integer(), nullable=False, primary_key=True)
                 pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=False)
                 user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=True)
                 user = relationship('User')
                 pull_request = relationship('PullRequest')
             class Notification(Base, BaseModel):
                 __tablename__ = 'notifications'
                 __table_args__ = (
                     Index('notification_type_idx', 'type'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8'},
                 )
                 TYPE_CHANGESET_COMMENT = u'cs_comment'
                 TYPE_MESSAGE = u'message'
                 TYPE_MENTION = u'mention'
                 TYPE_REGISTRATION = u'registration'
                 TYPE_PULL_REQUEST = u'pull_request'
                 TYPE_PULL_REQUEST_COMMENT = u'pull_request_comment'
                 notification_id = Column('notification_id', Integer(), nullable=False, primary_key=True)
                 subject = Column('subject', Unicode(512), nullable=True)
                 body = Column('body', UnicodeText(50000), nullable=True)
                 created_by = Column("created_by", Integer(), ForeignKey('users.user_id'), nullable=True)
                 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
                 type_ = Column('type', Unicode(256))
                 created_by_user = relationship('User')
                 notifications_to_users = relationship('UserNotification', lazy='joined',
                                                       cascade="all, delete, delete-orphan")
                 @property
                 def recipients(self):
                     return [x.user for x in UserNotification.query()\
                             .filter(UserNotification.notification == self)\
                             .order_by(UserNotification.user_id.asc()).all()]
                 @classmethod
                 def create(cls, created_by, subject, body, recipients, type_=None):
                     if type_ is None:
                         type_ = Notification.TYPE_MESSAGE
                     notification = cls()
                     notification.created_by_user = created_by
                     notification.subject = subject
                     notification.body = body
                     notification.type_ = type_
                     notification.created_on = datetime.datetime.now()
                     for u in recipients:
                         assoc = UserNotification()
                         assoc.notification = notification
                         u.notifications.append(assoc)
                     Session().add(notification)
                     return notification
                 @property
                 def description(self):
                     from rhodecode.model.notification import NotificationModel
                     return NotificationModel().make_description(self)
             class UserNotification(Base, BaseModel):
                 __tablename__ = 'user_to_notification'
                 __table_args__ = (
                     UniqueConstraint('user_id', 'notification_id'),
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8'}
                 )
                 user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), primary_key=True)
                 notification_id = Column("notification_id", Integer(), ForeignKey('notifications.notification_id'), primary_key=True)
                 read = Column('read', Boolean, default=False)
                 sent_on = Column('sent_on', DateTime(timezone=False), nullable=True, unique=None)
                 user = relationship('User', lazy="joined")
                 notification = relationship('Notification', lazy="joined",
                                             order_by=lambda: Notification.created_on.desc(),)
                 def mark_as_read(self):
                     self.read = True
                     Session().add(self)
             class DbMigrateVersion(Base, BaseModel):
                 __tablename__ = 'db_migrate_version'
                 __table_args__ = (
                     {'extend_existing': True, 'mysql_engine': 'InnoDB',
                      'mysql_charset': 'utf8'},
                 )
                 repository_id = Column('repository_id', String(250), primary_key=True)
                 repository_path = Column('repository_path', Text)
                 version = Column('version', Integer)

rhodecode/model/forms.py

0 +2 -1

             """ this is forms validation classes
             http://formencode.org/module-formencode.validators.html
             for list off all availible validators
             we can create our own validators
             The table below outlines the options which can be used in a schema in addition to the validators themselves
             pre_validators          []     These validators will be applied before the schema
             chained_validators      []     These validators will be applied after the schema
             allow_extra_fields      False     If True, then it is not an error when keys that aren't associated with a validator are present
             filter_extra_fields     False     If True, then keys that aren't associated with a validator are removed
             if_key_missing          NoDefault If this is given, then any keys that aren't available but are expected will be replaced with this value (and then validated). This does not override a present .if_missing attribute on validators. NoDefault is a special FormEncode class to mean that no default values has been specified and therefore missing keys shouldn't take a default value.
             ignore_key_missing      False     If True, then missing keys will be missing in the result, if the validator doesn't have .if_missing on it already
             <name> = formencode.validators.<name of validator>
             <name> must equal form name
             list=[1,2,3,4,5]
             for SELECT use formencode.All(OneOf(list), Int())
             """
             import logging
             import formencode
             from formencode import All
             from pylons.i18n.translation import _
             from rhodecode.model import validators as v
             from rhodecode import BACKENDS
             log = logging.getLogger(__name__)
             class LoginForm(formencode.Schema):
                 allow_extra_fields = True
                 filter_extra_fields = True
                 username = v.UnicodeString(
                     strip=True,
                     min=1,
                     not_empty=True,
                     messages={
                        'empty': _(u'Please enter a login'),
                        'tooShort': _(u'Enter a value %(min)i characters long or more')}
                 )
                 password = v.UnicodeString(
                     strip=False,
                     min=3,
                     not_empty=True,
                     messages={
                         'empty': _(u'Please enter a password'),
                         'tooShort': _(u'Enter %(min)i characters or more')}
                 )
                 remember = v.StringBoolean(if_missing=False)
                 chained_validators = [v.ValidAuth()]
             def UserForm(edit=False, old_data={}):
                 class _UserForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     username = All(v.UnicodeString(strip=True, min=1, not_empty=True),
                                    v.ValidUsername(edit, old_data))
                     if edit:
                         new_password = All(
                             v.ValidPassword(),
                             v.UnicodeString(strip=False, min=6, not_empty=False)
                         )
                         password_confirmation = All(
                             v.ValidPassword(),
                             v.UnicodeString(strip=False, min=6, not_empty=False),
                         )
                         admin = v.StringBoolean(if_missing=False)
                     else:
                         password = All(
                             v.ValidPassword(),
                             v.UnicodeString(strip=False, min=6, not_empty=True)
                         )
                         password_confirmation = All(
                             v.ValidPassword(),
                             v.UnicodeString(strip=False, min=6, not_empty=False)
                         )
                     active = v.StringBoolean(if_missing=False)
                     firstname = v.UnicodeString(strip=True, min=1, not_empty=False)
                     lastname = v.UnicodeString(strip=True, min=1, not_empty=False)
                     email = All(v.Email(not_empty=True), v.UniqSystemEmail(old_data))
                     chained_validators = [v.ValidPasswordsMatch()]
                 return _UserForm
             def UsersGroupForm(edit=False, old_data={}, available_members=[]):
                 class _UsersGroupForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     users_group_name = All(
                         v.UnicodeString(strip=True, min=1, not_empty=True),
                         v.ValidUsersGroup(edit, old_data)
                     )
                     users_group_active = v.StringBoolean(if_missing=False)
                     if edit:
                         users_group_members = v.OneOf(
                             available_members, hideList=False, testValueList=True,
                             if_missing=None, not_empty=False
                         )
                 return _UsersGroupForm
             def ReposGroupForm(edit=False, old_data={}, available_groups=[]):
                 class _ReposGroupForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     group_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
                                            v.SlugifyName())
                     group_description = v.UnicodeString(strip=True, min=1,
                                                             not_empty=True)
                     group_parent_id = v.OneOf(available_groups, hideList=False,
                                                     testValueList=True,
                                                     if_missing=None, not_empty=False)
                     chained_validators = [v.ValidReposGroup(edit, old_data),
                                           v.ValidPerms('group')]
                 return _ReposGroupForm
             def RegisterForm(edit=False, old_data={}):
                 class _RegisterForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     username = All(
                         v.ValidUsername(edit, old_data),
                         v.UnicodeString(strip=True, min=1, not_empty=True)
                     )
                     password = All(
                         v.ValidPassword(),
                         v.UnicodeString(strip=False, min=6, not_empty=True)
                     )
                     password_confirmation = All(
                         v.ValidPassword(),
                         v.UnicodeString(strip=False, min=6, not_empty=True)
                     )
                     active = v.StringBoolean(if_missing=False)
                     firstname = v.UnicodeString(strip=True, min=1, not_empty=False)
                     lastname = v.UnicodeString(strip=True, min=1, not_empty=False)
                     email = All(v.Email(not_empty=True), v.UniqSystemEmail(old_data))
                     chained_validators = [v.ValidPasswordsMatch()]
                 return _RegisterForm
             def PasswordResetForm():
                 class _PasswordResetForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     email = All(v.ValidSystemEmail(), v.Email(not_empty=True))
                 return _PasswordResetForm
             def RepoForm(edit=False, old_data={}, supported_backends=BACKENDS.keys(),
                          repo_groups=[], landing_revs=[]):
                 class _RepoForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     repo_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
                                     v.SlugifyName())
                     clone_uri = All(v.UnicodeString(strip=True, min=1, not_empty=False))
                     repo_group = v.OneOf(repo_groups, hideList=True)
                     repo_type = v.OneOf(supported_backends)
                     description = v.UnicodeString(strip=True, min=1, not_empty=False)
                     private = v.StringBoolean(if_missing=False)
                     enable_statistics = v.StringBoolean(if_missing=False)
                     enable_downloads = v.StringBoolean(if_missing=False)
+                    enable_locking = v.StringBoolean(if_missing=False)
                     landing_rev = v.OneOf(landing_revs, hideList=True)
                     if edit:
                         #this is repo owner
                         user = All(v.UnicodeString(not_empty=True), v.ValidRepoUser())
                     chained_validators = [v.ValidCloneUri(),
                                           v.ValidRepoName(edit, old_data),
                                           v.ValidPerms()]
                 return _RepoForm
             def RepoForkForm(edit=False, old_data={}, supported_backends=BACKENDS.keys(),
                              repo_groups=[], landing_revs=[]):
                 class _RepoForkForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     repo_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
                                     v.SlugifyName())
                     repo_group = v.OneOf(repo_groups, hideList=True)
                     repo_type = All(v.ValidForkType(old_data), v.OneOf(supported_backends))
                     description = v.UnicodeString(strip=True, min=1, not_empty=True)
                     private = v.StringBoolean(if_missing=False)
                     copy_permissions = v.StringBoolean(if_missing=False)
                     update_after_clone = v.StringBoolean(if_missing=False)
                     fork_parent_id = v.UnicodeString()
                     chained_validators = [v.ValidForkName(edit, old_data)]
                     landing_rev = v.OneOf(landing_revs, hideList=True)
                 return _RepoForkForm
             def RepoSettingsForm(edit=False, old_data={},
                                  supported_backends=BACKENDS.keys(), repo_groups=[],
                                  landing_revs=[]):
                 class _RepoForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     repo_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),
                                     v.SlugifyName())
                     description = v.UnicodeString(strip=True, min=1, not_empty=True)
                     repo_group = v.OneOf(repo_groups, hideList=True)
                     private = v.StringBoolean(if_missing=False)
                     landing_rev = v.OneOf(landing_revs, hideList=True)
                     chained_validators = [v.ValidRepoName(edit, old_data), v.ValidPerms(),
                                           v.ValidSettings()]
                 return _RepoForm
             def ApplicationSettingsForm():
                 class _ApplicationSettingsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     rhodecode_title = v.UnicodeString(strip=True, min=1, not_empty=True)
                     rhodecode_realm = v.UnicodeString(strip=True, min=1, not_empty=True)
                     rhodecode_ga_code = v.UnicodeString(strip=True, min=1, not_empty=False)
                 return _ApplicationSettingsForm
             def ApplicationVisualisationForm():
                 class _ApplicationVisualisationForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     rhodecode_show_public_icon = v.StringBoolean(if_missing=False)
                     rhodecode_show_private_icon = v.StringBoolean(if_missing=False)
                     rhodecode_stylify_metatags = v.StringBoolean(if_missing=False)
                 return _ApplicationVisualisationForm
             def ApplicationUiSettingsForm():
                 class _ApplicationUiSettingsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = False
                     web_push_ssl = v.StringBoolean(if_missing=False)
                     paths_root_path = All(
                         v.ValidPath(),
                         v.UnicodeString(strip=True, min=1, not_empty=True)
                     )
                     hooks_changegroup_update = v.StringBoolean(if_missing=False)
                     hooks_changegroup_repo_size = v.StringBoolean(if_missing=False)
                     hooks_changegroup_push_logger = v.StringBoolean(if_missing=False)
-                    hooks_preoutgoing_pull_logger = v.StringBoolean(if_missing=False)
+                    hooks_outgoing_pull_logger = v.StringBoolean(if_missing=False)
                     extensions_largefiles = v.StringBoolean(if_missing=False)
                     extensions_hgsubversion = v.StringBoolean(if_missing=False)
                     extensions_hggit = v.StringBoolean(if_missing=False)
                 return _ApplicationUiSettingsForm
             def DefaultPermissionsForm(perms_choices, register_choices, create_choices,
                                        fork_choices):
                 class _DefaultPermissionsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     overwrite_default = v.StringBoolean(if_missing=False)
                     anonymous = v.StringBoolean(if_missing=False)
                     default_perm = v.OneOf(perms_choices)
                     default_register = v.OneOf(register_choices)
                     default_create = v.OneOf(create_choices)
                     default_fork = v.OneOf(fork_choices)
                 return _DefaultPermissionsForm
             def LdapSettingsForm(tls_reqcert_choices, search_scope_choices,
                                  tls_kind_choices):
                 class _LdapSettingsForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     #pre_validators = [LdapLibValidator]
                     ldap_active = v.StringBoolean(if_missing=False)
                     ldap_host = v.UnicodeString(strip=True,)
                     ldap_port = v.Number(strip=True,)
                     ldap_tls_kind = v.OneOf(tls_kind_choices)
                     ldap_tls_reqcert = v.OneOf(tls_reqcert_choices)
                     ldap_dn_user = v.UnicodeString(strip=True,)
                     ldap_dn_pass = v.UnicodeString(strip=True,)
                     ldap_base_dn = v.UnicodeString(strip=True,)
                     ldap_filter = v.UnicodeString(strip=True,)
                     ldap_search_scope = v.OneOf(search_scope_choices)
                     ldap_attr_login = All(
                         v.AttrLoginValidator(),
                         v.UnicodeString(strip=True,)
                     )
                     ldap_attr_firstname = v.UnicodeString(strip=True,)
                     ldap_attr_lastname = v.UnicodeString(strip=True,)
                     ldap_attr_email = v.UnicodeString(strip=True,)
                 return _LdapSettingsForm
             def UserExtraEmailForm():
                 class _UserExtraEmailForm(formencode.Schema):
                     email = All(v.UniqSystemEmail(), v.Email)
                 return _UserExtraEmailForm
             def PullRequestForm():
                 class _PullRequestForm(formencode.Schema):
                     allow_extra_fields = True
                     filter_extra_fields = True
                     user = v.UnicodeString(strip=True, required=True)
                     org_repo = v.UnicodeString(strip=True, required=True)
                     org_ref = v.UnicodeString(strip=True, required=True)
                     other_repo = v.UnicodeString(strip=True, required=True)
                     other_ref = v.UnicodeString(strip=True, required=True)
                     revisions = All(v.NotReviewedRevisions()(), v.UniqueList(not_empty=True))
                     review_members = v.UniqueList(not_empty=True)
                     pullrequest_title = v.UnicodeString(strip=True, required=True, min=3)
                     pullrequest_desc = v.UnicodeString(strip=True, required=False)
                 return _PullRequestForm

rhodecode/model/scm.py

0 +10 -3

             # -*- coding: utf-8 -*-
             """
                 rhodecode.model.scm
                 ~~~~~~~~~~~~~~~~~~~
                 Scm model for RhodeCode
                 :created_on: Apr 9, 2010
                 :author: marcink
                 :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
                 :license: GPLv3, see COPYING for more details.
             """
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU General Public License as published by
             # the Free Software Foundation, either version 3 of the License, or
             # (at your option) any later version.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             from __future__ import with_statement
             import os
             import re
             import time
             import traceback
             import logging
             import cStringIO
             import pkg_resources
             from os.path import dirname as dn, join as jn
             from sqlalchemy import func
             from pylons.i18n.translation import _
             import rhodecode
             from rhodecode.lib.vcs import get_backend
             from rhodecode.lib.vcs.exceptions import RepositoryError
             from rhodecode.lib.vcs.utils.lazy import LazyProperty
             from rhodecode.lib.vcs.nodes import FileNode
             from rhodecode.lib.vcs.backends.base import EmptyChangeset
             from rhodecode import BACKENDS
             from rhodecode.lib import helpers as h
             from rhodecode.lib.utils2 import safe_str, safe_unicode
             from rhodecode.lib.auth import HasRepoPermissionAny, HasReposGroupPermissionAny
             from rhodecode.lib.utils import get_repos as get_filesystem_repos, make_ui, \
                 action_logger, REMOVED_REPO_PAT
             from rhodecode.model import BaseModel
             from rhodecode.model.db import Repository, RhodeCodeUi, CacheInvalidation, \
                 UserFollowing, UserLog, User, RepoGroup, PullRequest
             log = logging.getLogger(__name__)
             class UserTemp(object):
                 def __init__(self, user_id):
                     self.user_id = user_id
                 def __repr__(self):
                     return "<%s('id:%s')>" % (self.__class__.__name__, self.user_id)
             class RepoTemp(object):
                 def __init__(self, repo_id):
                     self.repo_id = repo_id
                 def __repr__(self):
                     return "<%s('id:%s')>" % (self.__class__.__name__, self.repo_id)
             class CachedRepoList(object):
                 """
                 Cached repo list, uses in-memory cache after initialization, that is
                 super fast
                 """
                 def __init__(self, db_repo_list, repos_path, order_by=None):
                     self.db_repo_list = db_repo_list
                     self.repos_path = repos_path
                     self.order_by = order_by
                     self.reversed = (order_by or '').startswith('-')
                 def __len__(self):
                     return len(self.db_repo_list)
                 def __repr__(self):
                     return '<%s (%s)>' % (self.__class__.__name__, self.__len__())
                 def __iter__(self):
                     # pre-propagated cache_map to save executing select statements
                     # for each repo
                     cache_map = CacheInvalidation.get_cache_map()
                     for dbr in self.db_repo_list:
                         scmr = dbr.scm_instance_cached(cache_map)
                         # check permission at this level
                         if not HasRepoPermissionAny(
                             'repository.read', 'repository.write', 'repository.admin'
                         )(dbr.repo_name, 'get repo check'):
                             continue
                         if scmr is None:
                             log.error(
                                 '%s this repository is present in database but it '
                                 'cannot be created as an scm instance' % dbr.repo_name
                             )
                             continue
                         last_change = scmr.last_change
                         tip = h.get_changeset_safe(scmr, 'tip')
                         tmp_d = {}
                         tmp_d['name'] = dbr.repo_name
                         tmp_d['name_sort'] = tmp_d['name'].lower()
                         tmp_d['description'] = dbr.description
                         tmp_d['description_sort'] = tmp_d['description'].lower()
                         tmp_d['last_change'] = last_change
                         tmp_d['last_change_sort'] = time.mktime(last_change.timetuple())
                         tmp_d['tip'] = tip.raw_id
                         tmp_d['tip_sort'] = tip.revision
                         tmp_d['rev'] = tip.revision
                         tmp_d['contact'] = dbr.user.full_contact
                         tmp_d['contact_sort'] = tmp_d['contact']
                         tmp_d['owner_sort'] = tmp_d['contact']
                         tmp_d['repo_archives'] = list(scmr._get_archives())
                         tmp_d['last_msg'] = tip.message
                         tmp_d['author'] = tip.author
                         tmp_d['dbrepo'] = dbr.get_dict()
                         tmp_d['dbrepo_fork'] = dbr.fork.get_dict() if dbr.fork else {}
                         yield tmp_d
             class SimpleCachedRepoList(CachedRepoList):
                 """
                 Lighter version of CachedRepoList without the scm initialisation
                 """
                 def __iter__(self):
                     for dbr in self.db_repo_list:
                         # check permission at this level
                         if not HasRepoPermissionAny(
                             'repository.read', 'repository.write', 'repository.admin'
                         )(dbr.repo_name, 'get repo check'):
                             continue
                         tmp_d = {}
                         tmp_d['name'] = dbr.repo_name
                         tmp_d['name_sort'] = tmp_d['name'].lower()
                         tmp_d['description'] = dbr.description
                         tmp_d['description_sort'] = tmp_d['description'].lower()
                         tmp_d['dbrepo'] = dbr.get_dict()
                         tmp_d['dbrepo_fork'] = dbr.fork.get_dict() if dbr.fork else {}
                         yield tmp_d
             class GroupList(object):
                 def __init__(self, db_repo_group_list):
                     self.db_repo_group_list = db_repo_group_list
                 def __len__(self):
                     return len(self.db_repo_group_list)
                 def __repr__(self):
                     return '<%s (%s)>' % (self.__class__.__name__, self.__len__())
                 def __iter__(self):
                     for dbgr in self.db_repo_group_list:
                         # check permission at this level
                         if not HasReposGroupPermissionAny(
                             'group.read', 'group.write', 'group.admin'
                         )(dbgr.group_name, 'get group repo check'):
                             continue
                         yield dbgr
             class ScmModel(BaseModel):
                 """
                 Generic Scm Model
                 """
                 def __get_repo(self, instance):
                     cls = Repository
                     if isinstance(instance, cls):
                         return instance
                     elif isinstance(instance, int) or safe_str(instance).isdigit():
                         return cls.get(instance)
                     elif isinstance(instance, basestring):
                         return cls.get_by_repo_name(instance)
                     elif instance:
                         raise Exception('given object must be int, basestr or Instance'
                                         ' of %s got %s' % (type(cls), type(instance)))
                 @LazyProperty
                 def repos_path(self):
                     """
                     Get's the repositories root path from database
                     """
                     q = self.sa.query(RhodeCodeUi).filter(RhodeCodeUi.ui_key == '/').one()
                     return q.ui_value
                 def repo_scan(self, repos_path=None):
                     """
                     Listing of repositories in given path. This path should not be a
                     repository itself. Return a dictionary of repository objects
                     :param repos_path: path to directory containing repositories
                     """
                     if repos_path is None:
                         repos_path = self.repos_path
                     log.info('scanning for repositories in %s' % repos_path)
                     baseui = make_ui('db')
                     repos = {}
                     for name, path in get_filesystem_repos(repos_path, recursive=True):
                         # skip removed repos
                         if REMOVED_REPO_PAT.match(name):
                             continue
                         # name need to be decomposed and put back together using the /
                         # since this is internal storage separator for rhodecode
                         name = Repository.url_sep().join(name.split(os.sep))
                         try:
                             if name in repos:
                                 raise RepositoryError('Duplicate repository name %s '
                                                       'found in %s' % (name, path))
                             else:
                                 klass = get_backend(path[0])
                                 if path[0] == 'hg' and path[0] in BACKENDS.keys():
                                     repos[name] = klass(safe_str(path[1]), baseui=baseui)
                                 if path[0] == 'git' and path[0] in BACKENDS.keys():
                                     repos[name] = klass(path[1])
                         except OSError:
                             continue
                     return repos
                 def get_repos(self, all_repos=None, sort_key=None, simple=False):
                     """
                     Get all repos from db and for each repo create it's
                     backend instance and fill that backed with information from database
                     :param all_repos: list of repository names as strings
                         give specific repositories list, good for filtering
                     :param sort_key: initial sorting of repos
                     :param simple: use SimpleCachedList - one without the SCM info
                     """
                     if all_repos is None:
                         all_repos = self.sa.query(Repository)\
                                     .filter(Repository.group_id == None)\
                                     .order_by(func.lower(Repository.repo_name)).all()
                     if simple:
                         repo_iter = SimpleCachedRepoList(all_repos,
                                                          repos_path=self.repos_path,
                                                          order_by=sort_key)
                     else:
                         repo_iter = CachedRepoList(all_repos,
                                                    repos_path=self.repos_path,
                                                    order_by=sort_key)
                     return repo_iter
                 def get_repos_groups(self, all_groups=None):
                     if all_groups is None:
                         all_groups = RepoGroup.query()\
                             .filter(RepoGroup.group_parent_id == None).all()
                     group_iter = GroupList(all_groups)
                     return group_iter
                 def mark_for_invalidation(self, repo_name):
                     """
                     Puts cache invalidation task into db for
                     further global cache invalidation
                     :param repo_name: this repo that should invalidation take place
                     """
                     CacheInvalidation.set_invalidate(repo_name)
                 def toggle_following_repo(self, follow_repo_id, user_id):
                     f = self.sa.query(UserFollowing)\
                         .filter(UserFollowing.follows_repo_id == follow_repo_id)\
                         .filter(UserFollowing.user_id == user_id).scalar()
                     if f is not None:
                         try:
                             self.sa.delete(f)
                             action_logger(UserTemp(user_id),
                                           'stopped_following_repo',
                                           RepoTemp(follow_repo_id))
                             return
                         except:
                             log.error(traceback.format_exc())
                             raise
                     try:
                         f = UserFollowing()
                         f.user_id = user_id
                         f.follows_repo_id = follow_repo_id
                         self.sa.add(f)
                         action_logger(UserTemp(user_id),
                                       'started_following_repo',
                                       RepoTemp(follow_repo_id))
                     except:
                         log.error(traceback.format_exc())
                         raise
                 def toggle_following_user(self, follow_user_id, user_id):
                     f = self.sa.query(UserFollowing)\
                         .filter(UserFollowing.follows_user_id == follow_user_id)\
                         .filter(UserFollowing.user_id == user_id).scalar()
                     if f is not None:
                         try:
                             self.sa.delete(f)
                             return
                         except:
                             log.error(traceback.format_exc())
                             raise
                     try:
                         f = UserFollowing()
                         f.user_id = user_id
                         f.follows_user_id = follow_user_id
                         self.sa.add(f)
                     except:
                         log.error(traceback.format_exc())
                         raise
                 def is_following_repo(self, repo_name, user_id, cache=False):
                     r = self.sa.query(Repository)\
                         .filter(Repository.repo_name == repo_name).scalar()
                     f = self.sa.query(UserFollowing)\
                         .filter(UserFollowing.follows_repository == r)\
                         .filter(UserFollowing.user_id == user_id).scalar()
                     return f is not None
                 def is_following_user(self, username, user_id, cache=False):
                     u = User.get_by_username(username)
                     f = self.sa.query(UserFollowing)\
                         .filter(UserFollowing.follows_user == u)\
                         .filter(UserFollowing.user_id == user_id).scalar()
                     return f is not None
                 def get_followers(self, repo):
                     repo = self._get_repo(repo)
                     return self.sa.query(UserFollowing)\
                             .filter(UserFollowing.follows_repository == repo).count()
                 def get_forks(self, repo):
                     repo = self._get_repo(repo)
                     return self.sa.query(Repository)\
                             .filter(Repository.fork == repo).count()
                 def get_pull_requests(self, repo):
                     repo = self._get_repo(repo)
                     return self.sa.query(PullRequest)\
                             .filter(PullRequest.other_repo == repo).count()
                 def mark_as_fork(self, repo, fork, user):
                     repo = self.__get_repo(repo)
                     fork = self.__get_repo(fork)
                     if fork and repo.repo_id == fork.repo_id:
                         raise Exception("Cannot set repository as fork of itself")
                     repo.fork = fork
                     self.sa.add(repo)
                     return repo
                 def pull_changes(self, repo, username):
                     dbrepo = self.__get_repo(repo)
                     clone_uri = dbrepo.clone_uri
                     if not clone_uri:
                         raise Exception("This repository doesn't have a clone uri")
                     repo = dbrepo.scm_instance
                     try:
                         extras = {
                             'ip': '',
                             'username': username,
                             'action': 'push_remote',
                             'repository': dbrepo.repo_name,
                             'scm': repo.alias,
                         }
                         Repository.inject_ui(repo, extras=extras)
                         if repo.alias == 'git':
                             repo.fetch(clone_uri)
                         else:
                             repo.pull(clone_uri)
                         self.mark_for_invalidation(dbrepo.repo_name)
                     except:
                         log.error(traceback.format_exc())
                         raise
                 def commit_change(self, repo, repo_name, cs, user, author, message,
                                   content, f_path):
                     """
                     Commits changes
                     :param repo: SCM instance
                     """
                     if repo.alias == 'hg':
                         from rhodecode.lib.vcs.backends.hg import \
                             MercurialInMemoryChangeset as IMC
                     elif repo.alias == 'git':
                         from rhodecode.lib.vcs.backends.git import \
                             GitInMemoryChangeset as IMC
                     # decoding here will force that we have proper encoded values
                     # in any other case this will throw exceptions and deny commit
                     content = safe_str(content)
                     path = safe_str(f_path)
                     # message and author needs to be unicode
                     # proper backend should then translate that into required type
                     message = safe_unicode(message)
                     author = safe_unicode(author)
                     m = IMC(repo)
                     m.change(FileNode(path, content))
                     tip = m.commit(message=message,
                                    author=author,
                                    parents=[cs], branch=cs.branch)
                     action = 'push_local:%s' % tip.raw_id
                     action_logger(user, action, repo_name)
                     self.mark_for_invalidation(repo_name)
                     return tip
                 def create_node(self, repo, repo_name, cs, user, author, message, content,
                                   f_path):
                     if repo.alias == 'hg':
                         from rhodecode.lib.vcs.backends.hg import MercurialInMemoryChangeset as IMC
                     elif repo.alias == 'git':
                         from rhodecode.lib.vcs.backends.git import GitInMemoryChangeset as IMC
                     # decoding here will force that we have proper encoded values
                     # in any other case this will throw exceptions and deny commit
                     if isinstance(content, (basestring,)):
                         content = safe_str(content)
                     elif isinstance(content, (file, cStringIO.OutputType,)):
                         content = content.read()
                     else:
                         raise Exception('Content is of unrecognized type %s' % (
                             type(content)
                         ))
                     message = safe_unicode(message)
                     author = safe_unicode(author)
                     path = safe_str(f_path)
                     m = IMC(repo)
                     if isinstance(cs, EmptyChangeset):
                         # EmptyChangeset means we we're editing empty repository
                         parents = None
                     else:
                         parents = [cs]
                     m.add(FileNode(path, content=content))
                     tip = m.commit(message=message,
                                    author=author,
                                    parents=parents, branch=cs.branch)
                     action = 'push_local:%s' % tip.raw_id
                     action_logger(user, action, repo_name)
                     self.mark_for_invalidation(repo_name)
                     return tip
                 def get_nodes(self, repo_name, revision, root_path='/', flat=True):
                     """
                     recursive walk in root dir and return a set of all path in that dir
                     based on repository walk function
                     :param repo_name: name of repository
                     :param revision: revision for which to list nodes
                     :param root_path: root path to list
                     :param flat: return as a list, if False returns a dict with decription
                     """
                     _files = list()
                     _dirs = list()
                     try:
                         _repo = self.__get_repo(repo_name)
                         changeset = _repo.scm_instance.get_changeset(revision)
                         root_path = root_path.lstrip('/')
                         for topnode, dirs, files in changeset.walk(root_path):
                             for f in files:
                                 _files.append(f.path if flat else {"name": f.path,
                                                                    "type": "file"})
                             for d in dirs:
                                 _dirs.append(d.path if flat else {"name": d.path,
                                                                   "type": "dir"})
                     except RepositoryError:
                         log.debug(traceback.format_exc())
                         raise
                     return _dirs, _files
                 def get_unread_journal(self):
                     return self.sa.query(UserLog).count()
                 def get_repo_landing_revs(self, repo=None):
                     """
                     Generates select option with tags branches and bookmarks (for hg only)
                     grouped by type
                     :param repo:
                     :type repo:
                     """
                     hist_l = []
                     choices = []
                     repo = self.__get_repo(repo)
                     hist_l.append(['tip', _('latest tip')])
                     choices.append('tip')
                     if not repo:
                         return choices, hist_l
                     repo = repo.scm_instance
                     branches_group = ([(k, k) for k, v in
                                        repo.branches.iteritems()], _("Branches"))
                     hist_l.append(branches_group)
                     choices.extend([x[0] for x in branches_group[0]])
                     if repo.alias == 'hg':
                         bookmarks_group = ([(k, k) for k, v in
                                             repo.bookmarks.iteritems()], _("Bookmarks"))
                         hist_l.append(bookmarks_group)
                         choices.extend([x[0] for x in bookmarks_group[0]])
                     tags_group = ([(k, k) for k, v in
                                    repo.tags.iteritems()], _("Tags"))
                     hist_l.append(tags_group)
                     choices.extend([x[0] for x in tags_group[0]])
                     return choices, hist_l
                 def install_git_hook(self, repo, force_create=False):
                     """
                     Creates a rhodecode hook inside a git repository
                     :param repo: Instance of VCS repo
                     :param force_create: Create even if same name hook exists
                     """
                     loc = jn(repo.path, 'hooks')
                     if not repo.bare:
                         loc = jn(repo.path, '.git', 'hooks')
                     if not os.path.isdir(loc):
                         os.makedirs(loc)
-                    tmpl = pkg_resources.resource_string(
+                    tmpl_post = pkg_resources.resource_string(
                         'rhodecode', jn('config', 'post_receive_tmpl.py')
                     )
+                    tmpl_pre = pkg_resources.resource_string(
+                        'rhodecode', jn('config', 'pre_receive_tmpl.py')
+                    )
-                    _hook_file = jn(loc, 'post-receive')
+                    for h_type, tmpl in [('pre', tmpl_pre), ('post', tmpl_post)]:
+                        _hook_file = jn(loc, '%s-receive' % h_type)
                         _rhodecode_hook = False
                         log.debug('Installing git hook in repo %s' % repo)
                         if os.path.exists(_hook_file):
                             # let's take a look at this hook, maybe it's rhodecode ?
                             log.debug('hook exists, checking if it is from rhodecode')
                             _HOOK_VER_PAT = re.compile(r'^RC_HOOK_VER')
                             with open(_hook_file, 'rb') as f:
                                 data = f.read()
                                 matches = re.compile(r'(?:%s)\s*=\s*(.*)'
                                                      % 'RC_HOOK_VER').search(data)
                                 if matches:
                                     try:
                                         ver = matches.groups()[0]
                                         log.debug('got %s it is rhodecode' % (ver))
                                         _rhodecode_hook = True
                                     except:
                                         log.error(traceback.format_exc())
+                        else:
+                            # there is no hook in this dir, so we want to create one
+                            _rhodecode_hook = True
                         if _rhodecode_hook or force_create:
-                        log.debug('writing hook file !')
+                            log.debug('writing %s hook file !' % h_type)
                             with open(_hook_file, 'wb') as f:
                                 tmpl = tmpl.replace('_TMPL_', rhodecode.__version__)
                                 f.write(tmpl)
                             os.chmod(_hook_file, 0755)
                         else:
                             log.debug('skipping writing hook file')

rhodecode/templates/admin/repos/repo_edit.html

0 +35 -7

             ## -*- coding: utf-8 -*-
             <%inherit file="/base/base.html"/>
             <%def name="title()">
                 ${_('Edit repository')} ${c.repo_info.repo_name} - ${c.rhodecode_name}
             </%def>
             <%def name="breadcrumbs_links()">
                 ${h.link_to(_('Admin'),h.url('admin_home'))}
                 &raquo;
                 ${h.link_to(_('Repositories'),h.url('repos'))}
                 &raquo;
                 ${_('edit')} &raquo; ${h.link_to(c.repo_info.just_name,h.url('summary_home',repo_name=c.repo_name))}
             </%def>
             <%def name="page_nav()">
             	${self.menu('admin')}
             </%def>
             <%def name="main()">
             <div class="box box-left">
                 <!-- box / title -->
                 <div class="title">
                     ${self.breadcrumbs()}
                 </div>
                 ${h.form(url('repo', repo_name=c.repo_info.repo_name),method='put')}
                 <div class="form">
                     <!-- fields -->
                     <div class="fields">
                         <div class="field">
                             <div class="label">
                                 <label for="repo_name">${_('Name')}:</label>
                             </div>
                             <div class="input">
                                 ${h.text('repo_name',class_="medium")}
                             </div>
                        </div>
             	       <div class="field">
             	           <div class="label">
             	               <label for="clone_uri">${_('Clone uri')}:</label>
             	           </div>
             	           <div class="input">
             	               ${h.text('clone_uri',class_="medium")}
                              <span class="help-block">${_('Optional http[s] url from which repository should be cloned.')}</span>
             	           </div>
             	        </div>
             	        <div class="field">
             	            <div class="label">
             	                <label for="repo_group">${_('Repository group')}:</label>
             	            </div>
             	            <div class="input">
             	                ${h.select('repo_group','',c.repo_groups,class_="medium")}
                                 <span class="help-block">${_('Optional select a group to put this repository into.')}</span>
             	            </div>
             	        </div>
                         <div class="field">
                             <div class="label">
                                 <label for="repo_type">${_('Type')}:</label>
                             </div>
                             <div class="input">
                                 ${h.select('repo_type','hg',c.backends,class_="medium")}
                             </div>
                         </div>
                         <div class="field">
                             <div class="label">
                                 <label for="landing_rev">${_('Landing revision')}:</label>
                             </div>
                             <div class="input">
                                 ${h.select('landing_rev','',c.landing_revs,class_="medium")}
                                 <span class="help-block">${_('Default revision for files page, downloads, whoosh and readme')}</span>
                             </div>
                         </div>
                         <div class="field">
                             <div class="label label-textarea">
                                 <label for="description">${_('Description')}:</label>
                             </div>
                             <div class="textarea text-area editor">
                                 ${h.textarea('description')}
                                 <span class="help-block">${_('Keep it short and to the point. Use a README file for longer descriptions.')}</span>
                             </div>
                         </div>
                         <div class="field">
                             <div class="label label-checkbox">
                                 <label for="private">${_('Private repository')}:</label>
                             </div>
                             <div class="checkboxes">
                                 ${h.checkbox('private',value="True")}
                                 <span class="help-block">${_('Private repositories are only visible to people explicitly added as collaborators.')}</span>
                             </div>
                         </div>
                         <div class="field">
                             <div class="label label-checkbox">
                                 <label for="enable_statistics">${_('Enable statistics')}:</label>
                             </div>
                             <div class="checkboxes">
                                 ${h.checkbox('enable_statistics',value="True")}
                                 <span class="help-block">${_('Enable statistics window on summary page.')}</span>
                             </div>
                         </div>
                         <div class="field">
                             <div class="label label-checkbox">
                                 <label for="enable_downloads">${_('Enable downloads')}:</label>
                             </div>
                             <div class="checkboxes">
                                 ${h.checkbox('enable_downloads',value="True")}
                                 <span class="help-block">${_('Enable download menu on summary page.')}</span>
                             </div>
                         </div>
                         <div class="field">
+                            <div class="label label-checkbox">
+                                <label for="enable_locking">${_('Enable locking')}:</label>
+                            </div>
+                            <div class="checkboxes">
+                                ${h.checkbox('enable_locking',value="True")}
+                                <span class="help-block">${_('Enable lock-by-pulling on repository.')}</span>
+                            </div>
+                        </div>
+                        <div class="field">
                             <div class="label">
                                 <label for="user">${_('Owner')}:</label>
                             </div>
                             <div class="input input-medium ac">
                                 <div class="perm_ac">
                                    ${h.text('user',class_='yui-ac-input')}
                                    <span class="help-block">${_('Change owner of this repository.')}</span>
                                    <div id="owner_container"></div>
                                 </div>
                             </div>
                          </div>
                         <div class="field">
                             <div class="label">
                                 <label for="input">${_('Permissions')}:</label>
                             </div>
                             <div class="input">
                                 <%include file="repo_edit_perms.html"/>
                             </div>
                             <div class="buttons">
                               ${h.submit('save',_('Save'),class_="ui-btn large")}
                               ${h.reset('reset',_('Reset'),class_="ui-btn large")}
                             </div>
                         </div>
                 </div>
                 </div>
                 ${h.end_form()}
             </div>
             <div class="box box-right">
                 <div class="title">
                     <h5>${_('Administration')}</h5>
                 </div>
                     <h3>${_('Statistics')}</h3>
                     ${h.form(url('repo_stats', repo_name=c.repo_info.repo_name),method='delete')}
                     <div class="form">
                        <div class="fields">
                            ${h.submit('reset_stats_%s' % c.repo_info.repo_name,_('Reset current statistics'),class_="ui-btn",onclick="return confirm('"+_('Confirm to remove current statistics')+"');")}
                            <div class="field" style="border:none;color:#888">
                            <ul>
                                 <li>${_('Fetched to rev')}: ${c.stats_revision}/${c.repo_last_rev}</li>
                                 <li>${_('Stats gathered')}: ${c.stats_percentage}%</li>
                            </ul>
                            </div>
                        </div>
                     </div>
                     ${h.end_form()}
                     %if c.repo_info.clone_uri:
                     <h3>${_('Remote')}</h3>
                     ${h.form(url('repo_pull', repo_name=c.repo_info.repo_name),method='put')}
                     <div class="form">
                        <div class="fields">
                            ${h.submit('remote_pull_%s' % c.repo_info.repo_name,_('Pull changes from remote location'),class_="ui-btn",onclick="return confirm('"+_('Confirm to pull changes from remote side')+"');")}
                            <div class="field" style="border:none">
                            <ul>
                                 <li><a href="${c.repo_info.clone_uri}">${c.repo_info.clone_uri}</a></li>
                            </ul>
                            </div>
                        </div>
                     </div>
                     ${h.end_form()}
                     %endif
                     <h3>${_('Cache')}</h3>
                     ${h.form(url('repo_cache', repo_name=c.repo_info.repo_name),method='delete')}
                     <div class="form">
                        <div class="fields">
                            ${h.submit('reset_cache_%s' % c.repo_info.repo_name,_('Invalidate repository cache'),class_="ui-btn",onclick="return confirm('"+_('Confirm to invalidate repository cache')+"');")}
                        </div>
                     </div>
                     ${h.end_form()}
                     <h3>${_('Public journal')}</h3>
                     ${h.form(url('repo_public_journal', repo_name=c.repo_info.repo_name),method='put')}
                     <div class="form">
                             ${h.hidden('auth_token',str(h.get_token()))}
                             <div class="field">
                             %if c.in_public_journal:
                                 ${h.submit('set_public_%s' % c.repo_info.repo_name,_('Remove from public journal'),class_="ui-btn")}
                             %else:
             		            ${h.submit('set_public_%s' % c.repo_info.repo_name,_('Add to public journal'),class_="ui-btn")}
             		        %endif
                             </div>
                            <div class="field" style="border:none;color:#888">
                            <ul>
-                                <li>${_('''All actions made on this repository will be accessible to everyone in public journal''')}
+                                <li>${_('All actions made on this repository will be accessible to everyone in public journal')}
                                 </li>
                            </ul>
                            </div>
                     </div>
                     ${h.end_form()}
-                    <h3>${_('Delete')}</h3>
+                    <h3>${_('Locking')}</h3>
-                    ${h.form(url('repo', repo_name=c.repo_info.repo_name),method='delete')}
+                    ${h.form(url('repo_locking', repo_name=c.repo_info.repo_name),method='put')}
                     <div class="form">
                        <div class="fields">
-                           ${h.submit('remove_%s' % c.repo_info.repo_name,_('Remove this repository'),class_="ui-btn red",onclick="return confirm('"+_('Confirm to delete this repository')+"');")}
+                          %if c.repo_info.locked[0]:
+                           ${h.submit('set_unlock' ,_('Unlock locked repo'),class_="ui-btn",onclick="return confirm('"+_('Confirm to unlock repository')+"');")}
+                           ${'Locked by %s on %s' % (h.person_by_id(c.repo_info.locked[0]),h.fmt_date(h.time_to_datetime(c.repo_info.locked[1])))}
+                          %else:
+                            ${h.submit('set_lock',_('lock repo'),class_="ui-btn",onclick="return confirm('"+_('Confirm to lock repository')+"');")}
+                            ${_('Repository is not locked')}
+                          %endif
                        </div>
                        <div class="field" style="border:none;color:#888">
                        <ul>
-                            <li>${_('''This repository will be renamed in a special way in order to be unaccesible for RhodeCode and VCS systems.
+                            <li>${_('Force locking on repository. Works only when anonymous access is disabled')}
-                                     If you need fully delete it from filesystem please do it manually''')}
                             </li>
                        </ul>
                        </div>
                     </div>
                     ${h.end_form()}
                     <h3>${_('Set as fork of')}</h3>
                     ${h.form(url('repo_as_fork', repo_name=c.repo_info.repo_name),method='put')}
                     <div class="form">
                        <div class="fields">
                            ${h.select('id_fork_of','',c.repos_list,class_="medium")}
                            ${h.submit('set_as_fork_%s' % c.repo_info.repo_name,_('set'),class_="ui-btn",)}
                        </div>
                            <div class="field" style="border:none;color:#888">
                            <ul>
                                 <li>${_('''Manually set this repository as a fork of another from the list''')}</li>
                            </ul>
                            </div>
                     </div>
                     ${h.end_form()}
+                    <h3>${_('Delete')}</h3>
+                    ${h.form(url('repo', repo_name=c.repo_info.repo_name),method='delete')}
+                    <div class="form">
+                       <div class="fields">
+                           ${h.submit('remove_%s' % c.repo_info.repo_name,_('Remove this repository'),class_="ui-btn red",onclick="return confirm('"+_('Confirm to delete this repository')+"');")}
+                       </div>
+                       <div class="field" style="border:none;color:#888">
+                       <ul>
+                            <li>${_('''This repository will be renamed in a special way in order to be unaccesible for RhodeCode and VCS systems.
+                                     If you need fully delete it from filesystem please do it manually''')}
+                            </li>
+                       </ul>
+                       </div>
+                    </div>
+                    ${h.end_form()}
             </div>
             </%def>

rhodecode/templates/admin/settings/settings.html

0 +2 -2

             ## -*- coding: utf-8 -*-
             <%inherit file="/base/base.html"/>
             <%def name="title()">
                 ${_('Settings administration')} - ${c.rhodecode_name}
             </%def>
             <%def name="breadcrumbs_links()">
                 ${h.link_to(_('Admin'),h.url('admin_home'))} &raquo; ${_('Settings')}
             </%def>
             <%def name="page_nav()">
             	${self.menu('admin')}
             </%def>
             <%def name="main()">
             <div class="box">
                 <!-- box / title -->
                 <div class="title">
                     ${self.breadcrumbs()}
                 </div>
                 <!-- end box / title -->
                 <h3>${_('Remap and rescan repositories')}</h3>
                 ${h.form(url('admin_setting', setting_id='mapping'),method='put')}
                 <div class="form">
                     <!-- fields -->
                     <div class="fields">
             			<div class="field">
             		        <div class="label label-checkbox">
             		            <label for="destroy">${_('rescan option')}:</label>
             		        </div>
             		        <div class="checkboxes">
             		            <div class="checkbox">
             		                ${h.checkbox('destroy',True)}
             		                <label for="destroy">
             		                <span class="tooltip" title="${h.tooltip(_('In case a repository was deleted from filesystem and there are leftovers in the database check this option to scan obsolete data in database and remove it.'))}">
             		                ${_('destroy old data')}</span> </label>
             		            </div>
                                 <span class="help-block">${_('Rescan repositories location for new repositories. Also deletes obsolete if `destroy` flag is checked ')}</span>
             		        </div>
             			</div>
                         <div class="buttons">
                         ${h.submit('rescan',_('Rescan repositories'),class_="ui-btn large")}
                         </div>
                     </div>
                 </div>
                 ${h.end_form()}
                 <h3>${_('Whoosh indexing')}</h3>
                 ${h.form(url('admin_setting', setting_id='whoosh'),method='put')}
                 <div class="form">
                     <!-- fields -->
                     <div class="fields">
                         <div class="field">
                             <div class="label label-checkbox">
                                 <label>${_('index build option')}:</label>
                             </div>
                             <div class="checkboxes">
                                 <div class="checkbox">
                                     ${h.checkbox('full_index',True)}
                                     <label for="full_index">${_('build from scratch')}</label>
                                 </div>
                             </div>
                         </div>
                         <div class="buttons">
                         ${h.submit('reindex',_('Reindex'),class_="ui-btn large")}
                         </div>
                     </div>
                 </div>
                 ${h.end_form()}
                 <h3>${_('Global application settings')}</h3>
                 ${h.form(url('admin_setting', setting_id='global'),method='put')}
                 <div class="form">
                     <!-- fields -->
                     <div class="fields">
                          <div class="field">
                             <div class="label">
                                 <label for="rhodecode_title">${_('Application name')}:</label>
                             </div>
                             <div class="input">
                                 ${h.text('rhodecode_title',size=30)}
                             </div>
                          </div>
                         <div class="field">
                             <div class="label">
                                 <label for="rhodecode_realm">${_('Realm text')}:</label>
                             </div>
                             <div class="input">
                                 ${h.text('rhodecode_realm',size=30)}
                             </div>
                         </div>
                         <div class="field">
                             <div class="label">
                                 <label for="rhodecode_ga_code">${_('GA code')}:</label>
                             </div>
                             <div class="input">
                                 ${h.text('rhodecode_ga_code',size=30)}
                             </div>
                         </div>
                         <div class="buttons">
                             ${h.submit('save',_('Save settings'),class_="ui-btn large")}
                             ${h.reset('reset',_('Reset'),class_="ui-btn large")}
                        </div>
                     </div>
                 </div>
                 ${h.end_form()}
                 <h3>${_('Visualisation settings')}</h3>
                 ${h.form(url('admin_setting', setting_id='visual'),method='put')}
                 <div class="form">
                     <!-- fields -->
                     <div class="fields">
                          <div class="field">
                             <div class="label label-checkbox">
                                 <label>${_('Icons')}:</label>
                             </div>
                             <div class="checkboxes">
                                 <div class="checkbox">
                                     ${h.checkbox('rhodecode_show_public_icon','True')}
                                     <label for="rhodecode_show_public_icon">${_('Show public repo icon on repositories')}</label>
                                 </div>
                                 <div class="checkbox">
                                     ${h.checkbox('rhodecode_show_private_icon','True')}
                                     <label for="rhodecode_show_private_icon">${_('Show private repo icon on repositories')}</label>
                                 </div>
                              </div>
                          </div>
                          <div class="field">
                             <div class="label label-checkbox">
                                 <label>${_('Meta-Tagging')}:</label>
                             </div>
                             <div class="checkboxes">
                                 <div class="checkbox">
                                     ${h.checkbox('rhodecode_stylify_metatags','True')}
                                     <label for="rhodecode_stylify_metatags">${_('Stylify recognised metatags:')}</label>
                                 </div>
                                 <div style="padding-left: 20px;">
                                     <ul> <!-- Fix style here -->
                                         <li>[featured] <span class="metatag" tag="featured">featured</span></li>
                                         <li>[stale] <span class="metatag" tag="stale">stale</span></li>
                                         <li>[dead] <span class="metatag" tag="dead">dead</span></li>
                                         <li>[lang =&gt; lang] <span class="metatag" tag="lang" >lang</span></li>
                                         <li>[license =&gt; License] <span class="metatag" tag="license"><a href="http://www.opensource.org/licenses/License" >License</a></span></li>
                                         <li>[requires =&gt; Repo] <span class="metatag" tag="requires" >requires =&gt; <a href="#" >Repo</a></span></li>
                                         <li>[recommends =&gt; Repo] <span class="metatag" tag="recommends" >recommends =&gt; <a href="#" >Repo</a></span></li>
                                         <li>[see =&gt; URI] <span class="metatag" tag="see">see =&gt; <a href="#">URI</a> </span></li>
                                     </ul>
                                 </div>
                              </div>
                          </div>
                          <div class="buttons">
                              ${h.submit('save',_('Save settings'),class_="ui-btn large")}
                              ${h.reset('reset',_('Reset'),class_="ui-btn large")}
                          </div>
                     </div>
                 </div>
                 ${h.end_form()}
                 <h3>${_('VCS settings')}</h3>
                 ${h.form(url('admin_setting', setting_id='vcs'),method='put')}
                 <div class="form">
                     <!-- fields -->
                     <div class="fields">
                          <div class="field">
                             <div class="label label-checkbox">
                                 <label>${_('Web')}:</label>
                             </div>
                             <div class="checkboxes">
             					<div class="checkbox">
             						${h.checkbox('web_push_ssl','true')}
             						<label for="web_push_ssl">${_('require ssl for vcs operations')}</label>
             					</div>
                                 <span class="help-block">${_('RhodeCode will require SSL for pushing or pulling. If SSL is missing it will return HTTP Error 406: Not Acceptable')}</span>
             				</div>
                          </div>
                          <div class="field">
                             <div class="label label-checkbox">
                                 <label>${_('Hooks')}:</label>
                             </div>
                             <div class="checkboxes">
             					<div class="checkbox">
             						${h.checkbox('hooks_changegroup_update','True')}
             						<label for="hooks_changegroup_update">${_('Update repository after push (hg update)')}</label>
             					</div>
             					<div class="checkbox">
             						${h.checkbox('hooks_changegroup_repo_size','True')}
             						<label for="hooks_changegroup_repo_size">${_('Show repository size after push')}</label>
             					</div>
                                 <div class="checkbox">
                                     ${h.checkbox('hooks_changegroup_push_logger','True')}
                                     <label for="hooks_changegroup_push_logger">${_('Log user push commands')}</label>
                                 </div>
                                 <div class="checkbox">
-                                    ${h.checkbox('hooks_preoutgoing_pull_logger','True')}
+                                    ${h.checkbox('hooks_outgoing_pull_logger','True')}
-                                    <label for="hooks_preoutgoing_pull_logger">${_('Log user pull commands')}</label>
+                                    <label for="hooks_outgoing_pull_logger">${_('Log user pull commands')}</label>
                                 </div>
             				</div>
                             <div class="input" style="margin-top:10px">
                                 ${h.link_to(_('advanced setup'),url('admin_edit_setting',setting_id='hooks'),class_="ui-btn")}
                             </div>
                          </div>
                          <div class="field">
                             <div class="label label-checkbox">
                                 <label>${_('Mercurial Extensions')}:</label>
                             </div>
                             <div class="checkboxes">
                                 <div class="checkbox">
                                     ${h.checkbox('extensions_largefiles','True')}
                                     <label for="extensions_hgsubversion">${_('largefiles extensions')}</label>
                                 </div>
                                 <div class="checkbox">
                                     ${h.checkbox('extensions_hgsubversion','True')}
                                     <label for="extensions_hgsubversion">${_('hgsubversion extensions')}</label>
                                 </div>
                                 <span class="help-block">${_('Requires hgsubversion library installed. Allows clonning from svn remote locations')}</span>
                                 ##<div class="checkbox">
                                 ##    ${h.checkbox('extensions_hggit','True')}
                                 ##    <label for="extensions_hggit">${_('hg-git extensions')}</label>
                                 ##</div>
                                 ##<span class="help-block">${_('Requires hg-git library installed. Allows clonning from git remote locations')}</span>
                             </div>
                          </div>
                         <div class="field">
                             <div class="label">
                                 <label for="paths_root_path">${_('Repositories location')}:</label>
                             </div>
                             <div class="input">
                                 ${h.text('paths_root_path',size=30,readonly="readonly")}
             					<span id="path_unlock" class="tooltip"
             						title="${h.tooltip(_('This a crucial application setting. If you are really sure you need to change this, you must restart application in order to make this setting take effect. Click this label to unlock.'))}">
             		                ${_('unlock')}</span>
                                 <span class="help-block">${_('Location where repositories are stored. After changing this value a restart, and rescan is required')}</span>
                             </div>
                         </div>
                         <div class="buttons">
                             ${h.submit('save',_('Save settings'),class_="ui-btn large")}
                             ${h.reset('reset',_('Reset'),class_="ui-btn large")}
                        </div>
                     </div>
                 </div>
                 ${h.end_form()}
                 <script type="text/javascript">
                     YAHOO.util.Event.onDOMReady(function(){
                         YAHOO.util.Event.addListener('path_unlock','click',function(){
                             YAHOO.util.Dom.get('paths_root_path').removeAttribute('readonly');
                         });
                     });
                 </script>
                 <h3>${_('Test Email')}</h3>
                 ${h.form(url('admin_setting', setting_id='email'),method='put')}
                 <div class="form">
                     <!-- fields -->
                     <div class="fields">
                         <div class="field">
                             <div class="label">
                                 <label for="test_email">${_('Email to')}:</label>
                             </div>
                             <div class="input">
                                 ${h.text('test_email',size=30)}
                             </div>
                         </div>
                         <div class="buttons">
                         ${h.submit('send',_('Send'),class_="ui-btn large")}
                         </div>
                     </div>
                 </div>
                 ${h.end_form()}
                 <h3>${_('System Info and Packages')}</h3>
                 <div class="form">
                 <div>
                     <h5 id="expand_modules" style="cursor: pointer">&darr; ${_('show')} &darr;</h5>
                 </div>
                   <div id="expand_modules_table"  style="display:none">
                   <h5>Python - ${c.py_version}</h5>
                   <h5>System - ${c.platform}</h5>
                   <table class="table" style="margin:0px 0px 0px 20px">
                       <colgroup>
                           <col style="width:220px">
                       </colgroup>
                       <tbody>
                           %for key, value in c.modules:
                               <tr>
                                   <th style="text-align: right;padding-right:5px;">${key}</th>
                                   <td>${value}</td>
                               </tr>
                           %endfor
                       </tbody>
                   </table>
                   </div>
                 </div>
                 <script type="text/javascript">
                 YUE.on('expand_modules','click',function(e){
                 	YUD.setStyle('expand_modules_table','display','');
                 	YUD.setStyle('expand_modules','display','none');
                 })
                 </script>
             </div>
             </%def>

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages