upstream/kallithea Commit - r4941:c04c2734

controllers: consistently use formfill.render with force_defaults=False...

Mads Kiilerich -

r4941:c04c2734 default

parent child

kallithea/controllers/admin/auth_settings.py

0 +1 -2

             # -*- coding: utf-8 -*-
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU General Public License as published by
             # the Free Software Foundation, either version 3 of the License, or
             # (at your option) any later version.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             """
             kallithea.controllers.admin.auth_settings
             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
             pluggable authentication controller for Kallithea
             This file was forked by the Kallithea project in July 2014.
             Original author and date, and relevant copyright and licensing information is below:
             :created_on: Nov 26, 2010
             :author: akesterson
             """
             import pprint
             import logging
             import formencode.htmlfill
             import traceback
             from pylons import request, tmpl_context as c, url
             from pylons.controllers.util import redirect
             from pylons.i18n.translation import _
             from kallithea.lib import helpers as h
             from kallithea.lib.compat import formatted_json
             from kallithea.lib.base import BaseController, render
             from kallithea.lib.auth import LoginRequired, HasPermissionAllDecorator
             from kallithea.lib import auth_modules
             from kallithea.model.forms import AuthSettingsForm
             from kallithea.model.db import Setting
             from kallithea.model.meta import Session
             log = logging.getLogger(__name__)
             class AuthSettingsController(BaseController):
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 def __before__(self):
                     super(AuthSettingsController, self).__before__()
                 def __load_defaults(self):
                     c.available_plugins = [
                         'kallithea.lib.auth_modules.auth_internal',
                         'kallithea.lib.auth_modules.auth_container',
                         'kallithea.lib.auth_modules.auth_ldap',
                         'kallithea.lib.auth_modules.auth_crowd',
                         'kallithea.lib.auth_modules.auth_pam'
                     ]
                     c.enabled_plugins = Setting.get_auth_plugins()
                 def index(self, defaults=None, errors=None, prefix_error=False):
                     self.__load_defaults()
                     _defaults = {}
                     # default plugins loaded
                     formglobals = {
                         "auth_plugins": ["kallithea.lib.auth_modules.auth_internal"]
                     }
                     formglobals.update(Setting.get_auth_settings())
                     formglobals["plugin_settings"] = {}
                     formglobals["auth_plugins_shortnames"] = {}
                     _defaults["auth_plugins"] = formglobals["auth_plugins"]
                     for module in formglobals["auth_plugins"]:
                         plugin = auth_modules.loadplugin(module)
                         plugin_name = plugin.name
                         formglobals["auth_plugins_shortnames"][module] = plugin_name
                         formglobals["plugin_settings"][module] = plugin.plugin_settings()
                         for v in formglobals["plugin_settings"][module]:
                             fullname = ("auth_" + plugin_name + "_" + v["name"])
                             if "default" in v:
                                 _defaults[fullname] = v["default"]
                             # Current values will be the default on the form, if there are any
                             setting = Setting.get_by_name(fullname)
                             if setting:
                                 _defaults[fullname] = setting.app_settings_value
                     # we want to show , separated list of enabled plugins
                     _defaults['auth_plugins'] = ','.join(_defaults['auth_plugins'])
                     if defaults:
                         _defaults.update(defaults)
                     formglobals["defaults"] = _defaults
                     # set template context variables
                     for k, v in formglobals.iteritems():
                         setattr(c, k, v)
                     log.debug(pprint.pformat(formglobals, indent=4))
                     log.debug(formatted_json(defaults))
                     return formencode.htmlfill.render(
                         render('admin/auth/auth_settings.html'),
                         defaults=_defaults,
                         errors=errors,
                         prefix_error=prefix_error,
                         encoding="UTF-8",
-                        force_defaults=True,
+                        force_defaults=False)
                 def auth_settings(self):
                     """POST create and store auth settings"""
                     self.__load_defaults()
                     _form = AuthSettingsForm(c.enabled_plugins)()
                     log.debug("POST Result: %s" % formatted_json(dict(request.POST)))
                     try:
                         form_result = _form.to_python(dict(request.POST))
                         for k, v in form_result.items():
                             if k == 'auth_plugins':
                                 # we want to store it comma separated inside our settings
                                 v = ','.join(v)
                             log.debug("%s = %s" % (k, str(v)))
                             setting = Setting.create_or_update(k, v)
                             Session().add(setting)
                         Session().commit()
                         h.flash(_('Auth settings updated successfully'),
                                    category='success')
                     except formencode.Invalid, errors:
                         log.error(traceback.format_exc())
                         e = errors.error_dict or {}
                         return self.index(
                             defaults=errors.value,
                             errors=e,
                             prefix_error=False)
                     except Exception:
                         log.error(traceback.format_exc())
                         h.flash(_('error occurred during update of auth settings'),
                                 category='error')
                     return redirect(url('auth_home'))

kallithea/controllers/admin/defaults.py

0 +2 -1

             # -*- coding: utf-8 -*-
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU General Public License as published by
             # the Free Software Foundation, either version 3 of the License, or
             # (at your option) any later version.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             """
             kallithea.controllers.admin.defaults
             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
             default settings controller for Kallithea
             This file was forked by the Kallithea project in July 2014.
             Original author and date, and relevant copyright and licensing information is below:
             :created_on: Apr 27, 2010
             :author: marcink
             :copyright: (c) 2013 RhodeCode GmbH, and others.
             :license: GPLv3, see LICENSE.md for more details.
             """
             import logging
             import traceback
             import formencode
             from formencode import htmlfill
             from pylons import request, tmpl_context as c, url
             from pylons.controllers.util import redirect
             from pylons.i18n.translation import _
             from kallithea.lib import helpers as h
             from kallithea.lib.auth import LoginRequired, HasPermissionAllDecorator
             from kallithea.lib.base import BaseController, render
             from kallithea.model.forms import DefaultsForm
             from kallithea.model.meta import Session
             from kallithea import BACKENDS
             from kallithea.model.db import Setting
             log = logging.getLogger(__name__)
             class DefaultsController(BaseController):
                 """REST Controller styled on the Atom Publishing Protocol"""
                 # To properly map this controller, ensure your config/routing.py
                 # file has a resource setup:
                 #     map.resource('default', 'defaults')
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 def __before__(self):
                     super(DefaultsController, self).__before__()
                 def index(self, format='html'):
                     """GET /defaults: All items in the collection"""
                     # url('defaults')
                     c.backends = BACKENDS.keys()
                     defaults = Setting.get_default_repo_settings()
                     return htmlfill.render(
                         render('admin/defaults/defaults.html'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False
                     )
                 def create(self):
                     """POST /defaults: Create a new item"""
                     # url('defaults')
                 def new(self, format='html'):
                     """GET /defaults/new: Form to create a new item"""
                     # url('new_default')
                 def update(self, id):
                     """PUT /defaults/id: Update an existing item"""
                     # Forms posted to this method should contain a hidden field:
                     #    <input type="hidden" name="_method" value="PUT" />
                     # Or using helpers:
                     #    h.form(url('default', id=ID),
                     #           method='put')
                     # url('default', id=ID)
                     _form = DefaultsForm()()
                     try:
                         form_result = _form.to_python(dict(request.POST))
                         for k, v in form_result.iteritems():
                             setting = Setting.create_or_update(k, v)
                             Session().add(setting)
                         Session().commit()
                         h.flash(_('Default settings updated successfully'),
                                 category='success')
                     except formencode.Invalid, errors:
                         defaults = errors.value
                         return htmlfill.render(
                             render('admin/defaults/defaults.html'),
                             defaults=defaults,
                             errors=errors.error_dict or {},
                             prefix_error=False,
-                            encoding="UTF-8")
+                            encoding="UTF-8",
+                            force_defaults=False)
                     except Exception:
                         log.error(traceback.format_exc())
                         h.flash(_('Error occurred during update of defaults'),
                                 category='error')
                     return redirect(url('defaults'))
                 def delete(self, id):
                     """DELETE /defaults/id: Delete an existing item"""
                     # Forms posted to this method should contain a hidden field:
                     #    <input type="hidden" name="_method" value="DELETE" />
                     # Or using helpers:
                     #    h.form(url('default', id=ID),
                     #           method='delete')
                     # url('default', id=ID)
                 def show(self, id, format='html'):
                     """GET /defaults/id: Show a specific item"""
                     # url('default', id=ID)
                 def edit(self, id, format='html'):
                     """GET /defaults/id/edit: Form to edit an existing item"""
                     # url('edit_default', id=ID)

kallithea/controllers/admin/gists.py

0 +2 -2

             # -*- coding: utf-8 -*-
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU General Public License as published by
             # the Free Software Foundation, either version 3 of the License, or
             # (at your option) any later version.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             """
             kallithea.controllers.admin.gist
             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
             gist controller for Kallithea
             This file was forked by the Kallithea project in July 2014.
             Original author and date, and relevant copyright and licensing information is below:
             :created_on: May 9, 2013
             :author: marcink
             :copyright: (c) 2013 RhodeCode GmbH, and others.
             :license: GPLv3, see LICENSE.md for more details.
             """
             import time
             import logging
             import traceback
             import formencode.htmlfill
             from pylons import request, response, tmpl_context as c, url
             from pylons.controllers.util import redirect
             from pylons.i18n.translation import _
             from kallithea.model.forms import GistForm
             from kallithea.model.gist import GistModel
             from kallithea.model.meta import Session
             from kallithea.model.db import Gist, User
             from kallithea.lib import helpers as h
             from kallithea.lib.base import BaseController, render
             from kallithea.lib.auth import LoginRequired, NotAnonymous
             from kallithea.lib.utils import jsonify
             from kallithea.lib.utils2 import safe_int, time_to_datetime
             from kallithea.lib.helpers import Page
             from webob.exc import HTTPNotFound, HTTPForbidden
             from sqlalchemy.sql.expression import or_
             from kallithea.lib.vcs.exceptions import VCSError, NodeNotChangedError
             log = logging.getLogger(__name__)
             class GistsController(BaseController):
                 """REST Controller styled on the Atom Publishing Protocol"""
                 def __load_defaults(self, extra_values=None):
                     c.lifetime_values = [
                         (str(-1), _('forever')),
                         (str(5), _('5 minutes')),
                         (str(60), _('1 hour')),
                         (str(60 * 24), _('1 day')),
                         (str(60 * 24 * 30), _('1 month')),
                     ]
                     if extra_values:
                         c.lifetime_values.append(extra_values)
                     c.lifetime_options = [(c.lifetime_values, _("Lifetime"))]
                 @LoginRequired()
                 def index(self):
                     """GET /admin/gists: All items in the collection"""
                     # url('gists')
                     not_default_user = c.authuser.username != User.DEFAULT_USER
                     c.show_private = request.GET.get('private') and not_default_user
                     c.show_public = request.GET.get('public') and not_default_user
                     gists = Gist().query()\
                         .filter(or_(Gist.gist_expires == -1, Gist.gist_expires >= time.time()))\
                         .order_by(Gist.created_on.desc())
                     # MY private
                     if c.show_private and not c.show_public:
                         gists = gists.filter(Gist.gist_type == Gist.GIST_PRIVATE)\
                                          .filter(Gist.gist_owner == c.authuser.user_id)
                     # MY public
                     elif c.show_public and not c.show_private:
                         gists = gists.filter(Gist.gist_type == Gist.GIST_PUBLIC)\
                                          .filter(Gist.gist_owner == c.authuser.user_id)
                     # MY public+private
                     elif c.show_private and c.show_public:
                         gists = gists.filter(or_(Gist.gist_type == Gist.GIST_PUBLIC,
                                                  Gist.gist_type == Gist.GIST_PRIVATE))\
                                          .filter(Gist.gist_owner == c.authuser.user_id)
                     # default show ALL public gists
                     if not c.show_public and not c.show_private:
                         gists = gists.filter(Gist.gist_type == Gist.GIST_PUBLIC)
                     c.gists = gists
                     p = safe_int(request.GET.get('page', 1), 1)
                     c.gists_pager = Page(c.gists, page=p, items_per_page=10)
                     return render('admin/gists/index.html')
                 @LoginRequired()
                 @NotAnonymous()
                 def create(self):
                     """POST /admin/gists: Create a new item"""
                     # url('gists')
                     self.__load_defaults()
                     gist_form = GistForm([x[0] for x in c.lifetime_values])()
                     try:
                         form_result = gist_form.to_python(dict(request.POST))
                         #TODO: multiple files support, from the form
                         filename = form_result['filename'] or Gist.DEFAULT_FILENAME
                         nodes = {
                             filename: {
                                 'content': form_result['content'],
                                 'lexer': form_result['mimetype']  # None is autodetect
                             }
                         }
                         _public = form_result['public']
                         gist_type = Gist.GIST_PUBLIC if _public else Gist.GIST_PRIVATE
                         gist = GistModel().create(
                             description=form_result['description'],
                             owner=c.authuser.user_id,
                             gist_mapping=nodes,
                             gist_type=gist_type,
                             lifetime=form_result['lifetime']
                         )
                         Session().commit()
                         new_gist_id = gist.gist_access_id
                     except formencode.Invalid, errors:
                         defaults = errors.value
                         return formencode.htmlfill.render(
                             render('admin/gists/new.html'),
                             defaults=defaults,
                             errors=errors.error_dict or {},
                             prefix_error=False,
-                            encoding="UTF-8"
+                            encoding="UTF-8",
+                            force_defaults=False)
                     except Exception, e:
                         log.error(traceback.format_exc())
                         h.flash(_('Error occurred during gist creation'), category='error')
                         return redirect(url('new_gist'))
                     return redirect(url('gist', gist_id=new_gist_id))
                 @LoginRequired()
                 @NotAnonymous()
                 def new(self, format='html'):
                     """GET /admin/gists/new: Form to create a new item"""
                     # url('new_gist')
                     self.__load_defaults()
                     return render('admin/gists/new.html')
                 @LoginRequired()
                 @NotAnonymous()
                 def update(self, gist_id):
                     """PUT /admin/gists/gist_id: Update an existing item"""
                     # Forms posted to this method should contain a hidden field:
                     #    <input type="hidden" name="_method" value="PUT" />
                     # Or using helpers:
                     #    h.form(url('gist', gist_id=ID),
                     #           method='put')
                     # url('gist', gist_id=ID)
                 @LoginRequired()
                 @NotAnonymous()
                 def delete(self, gist_id):
                     """DELETE /admin/gists/gist_id: Delete an existing item"""
                     # Forms posted to this method should contain a hidden field:
                     #    <input type="hidden" name="_method" value="DELETE" />
                     # Or using helpers:
                     #    h.form(url('gist', gist_id=ID),
                     #           method='delete')
                     # url('gist', gist_id=ID)
                     gist = GistModel().get_gist(gist_id)
                     owner = gist.gist_owner == c.authuser.user_id
                     if h.HasPermissionAny('hg.admin')() or owner:
                         GistModel().delete(gist)
                         Session().commit()
                         h.flash(_('Deleted gist %s') % gist.gist_access_id, category='success')
                     else:
                         raise HTTPForbidden()
                     return redirect(url('gists'))
                 @LoginRequired()
                 def show(self, gist_id, revision='tip', format='html', f_path=None):
                     """GET /admin/gists/gist_id: Show a specific item"""
                     # url('gist', gist_id=ID)
                     c.gist = Gist.get_or_404(gist_id)
                     #check if this gist is not expired
                     if c.gist.gist_expires != -1:
                         if time.time() > c.gist.gist_expires:
                             log.error('Gist expired at %s' %
                                       (time_to_datetime(c.gist.gist_expires)))
                             raise HTTPNotFound()
                     try:
                         c.file_changeset, c.files = GistModel().get_gist_files(gist_id,
                                                                         revision=revision)
                     except VCSError:
                         log.error(traceback.format_exc())
                         raise HTTPNotFound()
                     if format == 'raw':
                         content = '\n\n'.join([f.content for f in c.files if (f_path is None or f.path == f_path)])
                         response.content_type = 'text/plain'
                         return content
                     return render('admin/gists/show.html')
                 @LoginRequired()
                 @NotAnonymous()
                 def edit(self, gist_id, format='html'):
                     """GET /admin/gists/gist_id/edit: Form to edit an existing item"""
                     # url('edit_gist', gist_id=ID)
                     c.gist = Gist.get_or_404(gist_id)
                     #check if this gist is not expired
                     if c.gist.gist_expires != -1:
                         if time.time() > c.gist.gist_expires:
                             log.error('Gist expired at %s' %
                                       (time_to_datetime(c.gist.gist_expires)))
                             raise HTTPNotFound()
                     try:
                         c.file_changeset, c.files = GistModel().get_gist_files(gist_id)
                     except VCSError:
                         log.error(traceback.format_exc())
                         raise HTTPNotFound()
                     self.__load_defaults(extra_values=('0', _('unmodified')))
                     rendered = render('admin/gists/edit.html')
                     if request.POST:
                         rpost = request.POST
                         nodes = {}
                         for org_filename, filename, mimetype, content in zip(
                                                                 rpost.getall('org_files'),
                                                                 rpost.getall('files'),
                                                                 rpost.getall('mimetypes'),
                                                                 rpost.getall('contents')):
                             nodes[org_filename] = {
                                 'org_filename': org_filename,
                                 'filename': filename,
                                 'content': content,
                                 'lexer': mimetype,
                             }
                         try:
                             GistModel().update(
                                 gist=c.gist,
                                 description=rpost['description'],
                                 owner=c.gist.owner,
                                 gist_mapping=nodes,
                                 gist_type=c.gist.gist_type,
                                 lifetime=rpost['lifetime']
                             )
                             Session().commit()
                             h.flash(_('Successfully updated gist content'), category='success')
                         except NodeNotChangedError:
                             # raised if nothing was changed in repo itself. We anyway then
                             # store only DB stuff for gist
                             Session().commit()
                             h.flash(_('Successfully updated gist data'), category='success')
                         except Exception:
                             log.error(traceback.format_exc())
                             h.flash(_('Error occurred during update of gist %s') % gist_id,
                                     category='error')
                         return redirect(url('gist', gist_id=gist_id))
                     return rendered
                 @LoginRequired()
                 @NotAnonymous()
                 @jsonify
                 def check_revision(self, gist_id):
                     c.gist = Gist.get_or_404(gist_id)
                     last_rev = c.gist.scm_instance.get_changeset()
                     success = True
                     revision = request.POST.get('revision')
                     ##TODO: maybe move this to model ?
                     if revision != last_rev.raw_id:
                         log.error('Last revision %s is different than submitted %s'
                                   % (revision, last_rev))
                         # our gist has newer version than we
                         success = False
                     return {'success': success}

kallithea/controllers/admin/my_account.py

0 +5 -4

             # -*- coding: utf-8 -*-
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU General Public License as published by
             # the Free Software Foundation, either version 3 of the License, or
             # (at your option) any later version.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             """
             kallithea.controllers.admin.my_account
             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
             my account controller for Kallithea admin
             This file was forked by the Kallithea project in July 2014.
             Original author and date, and relevant copyright and licensing information is below:
             :created_on: August 20, 2013
             :author: marcink
             :copyright: (c) 2013 RhodeCode GmbH, and others.
             :license: GPLv3, see LICENSE.md for more details.
             """
             import logging
             import traceback
             import formencode
             from sqlalchemy import func
             from formencode import htmlfill
             from pylons import request, tmpl_context as c, url
             from pylons.controllers.util import redirect
             from pylons.i18n.translation import _
             from kallithea import EXTERN_TYPE_INTERNAL
             from kallithea.lib import helpers as h
             from kallithea.lib.auth import LoginRequired, NotAnonymous, AuthUser
             from kallithea.lib.base import BaseController, render
             from kallithea.lib.utils2 import generate_api_key, safe_int
             from kallithea.lib.compat import json
             from kallithea.model.db import Repository, \
                 UserEmailMap, UserApiKeys, User, UserFollowing
             from kallithea.model.forms import UserForm, PasswordChangeForm
             from kallithea.model.user import UserModel
             from kallithea.model.repo import RepoModel
             from kallithea.model.api_key import ApiKeyModel
             from kallithea.model.meta import Session
             log = logging.getLogger(__name__)
             class MyAccountController(BaseController):
                 """REST Controller styled on the Atom Publishing Protocol"""
                 # To properly map this controller, ensure your config/routing.py
                 # file has a resource setup:
                 #     map.resource('setting', 'settings', controller='admin/settings',
                 #         path_prefix='/admin', name_prefix='admin_')
                 @LoginRequired()
                 @NotAnonymous()
                 def __before__(self):
                     super(MyAccountController, self).__before__()
                 def __load_data(self):
                     c.user = User.get(self.authuser.user_id)
                     if c.user.username == User.DEFAULT_USER:
                         h.flash(_("You can't edit this user since it's"
                                   " crucial for entire application"), category='warning')
                         return redirect(url('users'))
                     c.EXTERN_TYPE_INTERNAL = EXTERN_TYPE_INTERNAL
                 def _load_my_repos_data(self, watched=False):
                     if watched:
                         admin = False
                         repos_list = [x.follows_repository for x in
                                       Session().query(UserFollowing).filter(
                                           UserFollowing.user_id ==
                                           self.authuser.user_id).all()]
                     else:
                         admin = True
                         repos_list = Session().query(Repository)\
                                      .filter(Repository.user_id ==
                                              self.authuser.user_id)\
                                      .order_by(func.lower(Repository.repo_name)).all()
                     repos_data = RepoModel().get_repos_as_dict(repos_list=repos_list,
                                                                admin=admin)
                     #json used to render the grid
                     return json.dumps(repos_data)
                 def my_account(self):
                     """
                     GET /_admin/my_account Displays info about my account
                     """
                     # url('my_account')
                     c.active = 'profile'
                     self.__load_data()
                     c.perm_user = AuthUser(user_id=self.authuser.user_id,
                                            ip_addr=self.ip_addr)
                     c.extern_type = c.user.extern_type
                     c.extern_name = c.user.extern_name
                     defaults = c.user.get_dict()
                     update = False
                     if request.POST:
                         _form = UserForm(edit=True,
                                          old_data={'user_id': self.authuser.user_id,
                                                    'email': self.authuser.email})()
                         form_result = {}
                         try:
                             post_data = dict(request.POST)
                             post_data['new_password'] = ''
                             post_data['password_confirmation'] = ''
                             form_result = _form.to_python(post_data)
                             # skip updating those attrs for my account
                             skip_attrs = ['admin', 'active', 'extern_type', 'extern_name',
                                           'new_password', 'password_confirmation']
                             #TODO: plugin should define if username can be updated
                             if c.extern_type != EXTERN_TYPE_INTERNAL:
                                 # forbid updating username for external accounts
                                 skip_attrs.append('username')
                             UserModel().update(self.authuser.user_id, form_result,
                                                skip_attrs=skip_attrs)
                             h.flash(_('Your account was updated successfully'),
                                     category='success')
                             Session().commit()
                             update = True
                         except formencode.Invalid, errors:
                             return htmlfill.render(
                                 render('admin/my_account/my_account.html'),
                                 defaults=errors.value,
                                 errors=errors.error_dict or {},
                                 prefix_error=False,
-                                encoding="UTF-8")
+                                encoding="UTF-8",
+                                force_defaults=False)
                         except Exception:
                             log.error(traceback.format_exc())
                             h.flash(_('Error occurred during update of user %s') \
                                     % form_result.get('username'), category='error')
                     if update:
                         return redirect('my_account')
                     return htmlfill.render(
                         render('admin/my_account/my_account.html'),
                         defaults=defaults,
                         encoding="UTF-8",
-                        force_defaults=False
+                        force_defaults=False)
                 def my_account_password(self):
                     c.active = 'password'
                     self.__load_data()
                     if request.POST:
                         _form = PasswordChangeForm(self.authuser.username)()
                         try:
                             form_result = _form.to_python(request.POST)
                             UserModel().update(self.authuser.user_id, form_result)
                             Session().commit()
                             h.flash(_("Successfully updated password"), category='success')
                         except formencode.Invalid as errors:
                             return htmlfill.render(
                                 render('admin/my_account/my_account.html'),
                                 defaults=errors.value,
                                 errors=errors.error_dict or {},
                                 prefix_error=False,
-                                encoding="UTF-8")
+                                encoding="UTF-8",
+                                force_defaults=False)
                         except Exception:
                             log.error(traceback.format_exc())
                             h.flash(_('Error occurred during update of user password'),
                                     category='error')
                     return render('admin/my_account/my_account.html')
                 def my_account_repos(self):
                     c.active = 'repos'
                     self.__load_data()
                     #json used to render the grid
                     c.data = self._load_my_repos_data()
                     return render('admin/my_account/my_account.html')
                 def my_account_watched(self):
                     c.active = 'watched'
                     self.__load_data()
                     #json used to render the grid
                     c.data = self._load_my_repos_data(watched=True)
                     return render('admin/my_account/my_account.html')
                 def my_account_perms(self):
                     c.active = 'perms'
                     self.__load_data()
                     c.perm_user = AuthUser(user_id=self.authuser.user_id,
                                            ip_addr=self.ip_addr)
                     return render('admin/my_account/my_account.html')
                 def my_account_emails(self):
                     c.active = 'emails'
                     self.__load_data()
                     c.user_email_map = UserEmailMap.query()\
                         .filter(UserEmailMap.user == c.user).all()
                     return render('admin/my_account/my_account.html')
                 def my_account_emails_add(self):
                     email = request.POST.get('new_email')
                     try:
                         UserModel().add_extra_email(self.authuser.user_id, email)
                         Session().commit()
                         h.flash(_("Added email %s to user") % email, category='success')
                     except formencode.Invalid, error:
                         msg = error.error_dict['email']
                         h.flash(msg, category='error')
                     except Exception:
                         log.error(traceback.format_exc())
                         h.flash(_('An error occurred during email saving'),
                                 category='error')
                     return redirect(url('my_account_emails'))
                 def my_account_emails_delete(self):
                     email_id = request.POST.get('del_email_id')
                     user_model = UserModel()
                     user_model.delete_extra_email(self.authuser.user_id, email_id)
                     Session().commit()
                     h.flash(_("Removed email from user"), category='success')
                     return redirect(url('my_account_emails'))
                 def my_account_api_keys(self):
                     c.active = 'api_keys'
                     self.__load_data()
                     show_expired = True
                     c.lifetime_values = [
                         (str(-1), _('forever')),
                         (str(5), _('5 minutes')),
                         (str(60), _('1 hour')),
                         (str(60 * 24), _('1 day')),
                         (str(60 * 24 * 30), _('1 month')),
                     ]
                     c.lifetime_options = [(c.lifetime_values, _("Lifetime"))]
                     c.user_api_keys = ApiKeyModel().get_api_keys(self.authuser.user_id,
                                                                  show_expired=show_expired)
                     return render('admin/my_account/my_account.html')
                 def my_account_api_keys_add(self):
                     lifetime = safe_int(request.POST.get('lifetime'), -1)
                     description = request.POST.get('description')
                     ApiKeyModel().create(self.authuser.user_id, description, lifetime)
                     Session().commit()
                     h.flash(_("Api key successfully created"), category='success')
                     return redirect(url('my_account_api_keys'))
                 def my_account_api_keys_delete(self):
                     api_key = request.POST.get('del_api_key')
                     user_id = self.authuser.user_id
                     if request.POST.get('del_api_key_builtin'):
                         user = User.get(user_id)
                         if user:
                             user.api_key = generate_api_key(user.username)
                             Session().add(user)
                             Session().commit()
                             h.flash(_("Api key successfully reset"), category='success')
                     elif api_key:
                         ApiKeyModel().delete(api_key, self.authuser.user_id)
                         Session().commit()
                         h.flash(_("Api key successfully deleted"), category='success')
                     return redirect(url('my_account_api_keys'))

kallithea/controllers/admin/permissions.py

0 +2 -1

             # -*- coding: utf-8 -*-
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU General Public License as published by
             # the Free Software Foundation, either version 3 of the License, or
             # (at your option) any later version.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             """
             kallithea.controllers.admin.permissions
             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
             permissions controller for Kallithea
             This file was forked by the Kallithea project in July 2014.
             Original author and date, and relevant copyright and licensing information is below:
             :created_on: Apr 27, 2010
             :author: marcink
             :copyright: (c) 2013 RhodeCode GmbH, and others.
             :license: GPLv3, see LICENSE.md for more details.
             """
             import logging
             import traceback
             import formencode
             from formencode import htmlfill
             from pylons import request, tmpl_context as c, url
             from pylons.controllers.util import redirect
             from pylons.i18n.translation import _
             from kallithea.lib import helpers as h
             from kallithea.lib.auth import LoginRequired, HasPermissionAllDecorator,\
                 AuthUser
             from kallithea.lib.base import BaseController, render
             from kallithea.model.forms import DefaultPermissionsForm
             from kallithea.model.permission import PermissionModel
             from kallithea.model.db import User, UserIpMap
             from kallithea.model.meta import Session
             log = logging.getLogger(__name__)
             class PermissionsController(BaseController):
                 """REST Controller styled on the Atom Publishing Protocol"""
                 # To properly map this controller, ensure your config/routing.py
                 # file has a resource setup:
                 #     map.resource('permission', 'permissions')
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 def __before__(self):
                     super(PermissionsController, self).__before__()
                 def __load_data(self):
                     c.repo_perms_choices = [('repository.none', _('None'),),
                                                ('repository.read', _('Read'),),
                                                ('repository.write', _('Write'),),
                                                ('repository.admin', _('Admin'),)]
                     c.group_perms_choices = [('group.none', _('None'),),
                                              ('group.read', _('Read'),),
                                              ('group.write', _('Write'),),
                                              ('group.admin', _('Admin'),)]
                     c.user_group_perms_choices = [('usergroup.none', _('None'),),
                                                   ('usergroup.read', _('Read'),),
                                                   ('usergroup.write', _('Write'),),
                                                   ('usergroup.admin', _('Admin'),)]
                     c.register_choices = [
                         ('hg.register.none',
                             _('Disabled')),
                         ('hg.register.manual_activate',
                             _('Allowed with manual account activation')),
                         ('hg.register.auto_activate',
                             _('Allowed with automatic account activation')), ]
                     c.extern_activate_choices = [
                         ('hg.extern_activate.manual', _('Manual activation of external account')),
                         ('hg.extern_activate.auto', _('Automatic activation of external account')),
                     ]
                     c.repo_create_choices = [('hg.create.none', _('Disabled')),
                                              ('hg.create.repository', _('Enabled'))]
                     c.repo_create_on_write_choices = [
                         ('hg.create.write_on_repogroup.true', _('Enabled')),
                         ('hg.create.write_on_repogroup.false', _('Disabled')),
                     ]
                     c.user_group_create_choices = [('hg.usergroup.create.false', _('Disabled')),
                                                    ('hg.usergroup.create.true', _('Enabled'))]
                     c.repo_group_create_choices = [('hg.repogroup.create.false', _('Disabled')),
                                                    ('hg.repogroup.create.true', _('Enabled'))]
                     c.fork_choices = [('hg.fork.none', _('Disabled')),
                                       ('hg.fork.repository', _('Enabled'))]
                 def permission_globals(self):
                     c.active = 'globals'
                     self.__load_data()
                     if request.POST:
                         _form = DefaultPermissionsForm(
                             [x[0] for x in c.repo_perms_choices],
                             [x[0] for x in c.group_perms_choices],
                             [x[0] for x in c.user_group_perms_choices],
                             [x[0] for x in c.repo_create_choices],
                             [x[0] for x in c.repo_create_on_write_choices],
                             [x[0] for x in c.repo_group_create_choices],
                             [x[0] for x in c.user_group_create_choices],
                             [x[0] for x in c.fork_choices],
                             [x[0] for x in c.register_choices],
                             [x[0] for x in c.extern_activate_choices])()
                         try:
                             form_result = _form.to_python(dict(request.POST))
                             form_result.update({'perm_user_name': 'default'})
                             PermissionModel().update(form_result)
                             Session().commit()
                             h.flash(_('Global permissions updated successfully'),
                                     category='success')
                         except formencode.Invalid, errors:
                             defaults = errors.value
                             return htmlfill.render(
                                 render('admin/permissions/permissions.html'),
                                 defaults=defaults,
                                 errors=errors.error_dict or {},
                                 prefix_error=False,
-                                encoding="UTF-8")
+                                encoding="UTF-8",
+                                force_defaults=False)
                         except Exception:
                             log.error(traceback.format_exc())
                             h.flash(_('Error occurred during update of permissions'),
                                     category='error')
                         return redirect(url('admin_permissions'))
                     c.user = User.get_default_user()
                     defaults = {'anonymous': c.user.active}
                     for p in c.user.user_perms:
                         if p.permission.permission_name.startswith('repository.'):
                             defaults['default_repo_perm'] = p.permission.permission_name
                         if p.permission.permission_name.startswith('group.'):
                             defaults['default_group_perm'] = p.permission.permission_name
                         if p.permission.permission_name.startswith('usergroup.'):
                             defaults['default_user_group_perm'] = p.permission.permission_name
                         if p.permission.permission_name.startswith('hg.create.write_on_repogroup'):
                             defaults['create_on_write'] = p.permission.permission_name
                         elif p.permission.permission_name.startswith('hg.create.'):
                             defaults['default_repo_create'] = p.permission.permission_name
                         if p.permission.permission_name.startswith('hg.repogroup.'):
                             defaults['default_repo_group_create'] = p.permission.permission_name
                         if p.permission.permission_name.startswith('hg.usergroup.'):
                             defaults['default_user_group_create'] = p.permission.permission_name
                         if p.permission.permission_name.startswith('hg.register.'):
                             defaults['default_register'] = p.permission.permission_name
                         if p.permission.permission_name.startswith('hg.extern_activate.'):
                             defaults['default_extern_activate'] = p.permission.permission_name
                         if p.permission.permission_name.startswith('hg.fork.'):
                             defaults['default_fork'] = p.permission.permission_name
                     return htmlfill.render(
                         render('admin/permissions/permissions.html'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False)
                 def permission_ips(self):
                     c.active = 'ips'
                     c.user = User.get_default_user()
                     c.user_ip_map = UserIpMap.query()\
                                     .filter(UserIpMap.user == c.user).all()
                     return render('admin/permissions/permissions.html')
                 def permission_perms(self):
                     c.active = 'perms'
                     c.user = User.get_default_user()
                     c.perm_user = c.user.AuthUser
                     return render('admin/permissions/permissions.html')

kallithea/controllers/admin/repo_groups.py

0 +4 -2

             # -*- coding: utf-8 -*-
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU General Public License as published by
             # the Free Software Foundation, either version 3 of the License, or
             # (at your option) any later version.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             """
             kallithea.controllers.admin.repo_groups
             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
             Repository groups controller for Kallithea
             This file was forked by the Kallithea project in July 2014.
             Original author and date, and relevant copyright and licensing information is below:
             :created_on: Mar 23, 2010
             :author: marcink
             :copyright: (c) 2013 RhodeCode GmbH, and others.
             :license: GPLv3, see LICENSE.md for more details.
             """
             import logging
             import traceback
             import formencode
             import itertools
             from formencode import htmlfill
             from pylons import request, tmpl_context as c, url
             from pylons.controllers.util import abort, redirect
             from pylons.i18n.translation import _, ungettext
             import kallithea
             from kallithea.lib import helpers as h
             from kallithea.lib.compat import json
             from kallithea.lib.auth import LoginRequired, HasPermissionAnyDecorator,\
                 HasRepoGroupPermissionAnyDecorator, HasRepoGroupPermissionAll,\
                 HasPermissionAll
             from kallithea.lib.base import BaseController, render
             from kallithea.model.db import RepoGroup, Repository
             from kallithea.model.scm import RepoGroupList
             from kallithea.model.repo_group import RepoGroupModel
             from kallithea.model.forms import RepoGroupForm, RepoGroupPermsForm
             from kallithea.model.meta import Session
             from kallithea.model.repo import RepoModel
             from webob.exc import HTTPInternalServerError, HTTPNotFound
             from kallithea.lib.utils2 import safe_int
             from sqlalchemy.sql.expression import func
             log = logging.getLogger(__name__)
             class RepoGroupsController(BaseController):
                 """REST Controller styled on the Atom Publishing Protocol"""
                 @LoginRequired()
                 def __before__(self):
                     super(RepoGroupsController, self).__before__()
                 def __load_defaults(self, allow_empty_group=False, exclude_group_ids=[]):
                     if HasPermissionAll('hg.admin')('group edit'):
                         #we're global admin, we're ok and we can create TOP level groups
                         allow_empty_group = True
                     #override the choices for this form, we need to filter choices
                     #and display only those we have ADMIN right
                     groups_with_admin_rights = RepoGroupList(RepoGroup.query().all(),
                                                              perm_set=['group.admin'])
                     c.repo_groups = RepoGroup.groups_choices(groups=groups_with_admin_rights,
                                                              show_empty_group=allow_empty_group)
                     # exclude filtered ids
                     c.repo_groups = filter(lambda x: x[0] not in exclude_group_ids,
                                            c.repo_groups)
                     c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups)
                     repo_model = RepoModel()
                     c.users_array = repo_model.get_users_js()
                     c.user_groups_array = repo_model.get_user_groups_js()
                 def __load_data(self, group_id):
                     """
                     Load defaults settings for edit, and update
                     :param group_id:
                     """
                     repo_group = RepoGroup.get_or_404(group_id)
                     data = repo_group.get_dict()
                     data['group_name'] = repo_group.name
                     # fill repository group users
                     for p in repo_group.repo_group_to_perm:
                         data.update({'u_perm_%s' % p.user.username:
                                          p.permission.permission_name})
                     # fill repository group groups
                     for p in repo_group.users_group_to_perm:
                         data.update({'g_perm_%s' % p.users_group.users_group_name:
                                          p.permission.permission_name})
                     return data
                 def _revoke_perms_on_yourself(self, form_result):
                     _up = filter(lambda u: c.authuser.username == u[0],
                                  form_result['perms_updates'])
                     _new = filter(lambda u: c.authuser.username == u[0],
                                   form_result['perms_new'])
                     if _new and _new[0][1] != 'group.admin' or _up and _up[0][1] != 'group.admin':
                         return True
                     return False
                 def index(self, format='html'):
                     """GET /repo_groups: All items in the collection"""
                     # url('repos_groups')
                     _list = RepoGroup.query()\
                                 .order_by(func.lower(RepoGroup.group_name))\
                                 .all()
                     group_iter = RepoGroupList(_list, perm_set=['group.admin'])
                     repo_groups_data = []
                     total_records = len(group_iter)
                     _tmpl_lookup = kallithea.CONFIG['pylons.app_globals'].mako_lookup
                     template = _tmpl_lookup.get_template('data_table/_dt_elements.html')
                     repo_group_name = lambda repo_group_name, children_groups: (
                         template.get_def("repo_group_name")
                         .render(repo_group_name, children_groups, _=_, h=h, c=c)
                     )
                     repo_group_actions = lambda repo_group_id, repo_group_name, gr_count: (
                         template.get_def("repo_group_actions")
                         .render(repo_group_id, repo_group_name, gr_count, _=_, h=h, c=c,
                                 ungettext=ungettext)
                     )
                     for repo_gr in group_iter:
                         children_groups = map(h.safe_unicode,
                             itertools.chain((g.name for g in repo_gr.parents),
                                             (x.name for x in [repo_gr])))
                         repo_count = repo_gr.repositories.count()
                         repo_groups_data.append({
                             "raw_name": repo_gr.group_name,
                             "group_name": repo_group_name(repo_gr.group_name, children_groups),
                             "desc": repo_gr.group_description,
                             "repos": repo_count,
                             "owner": h.person(repo_gr.user),
                             "action": repo_group_actions(repo_gr.group_id, repo_gr.group_name,
                                                          repo_count)
                         })
                     c.data = json.dumps({
                         "totalRecords": total_records,
                         "startIndex": 0,
                         "sort": None,
                         "dir": "asc",
                         "records": repo_groups_data
                     })
                     return render('admin/repo_groups/repo_groups.html')
                 def create(self):
                     """POST /repo_groups: Create a new item"""
                     # url('repos_groups')
                     self.__load_defaults()
                     # permissions for can create group based on parent_id are checked
                     # here in the Form
                     repo_group_form = RepoGroupForm(available_groups=
                                             map(lambda k: unicode(k[0]), c.repo_groups))()
                     try:
                         form_result = repo_group_form.to_python(dict(request.POST))
                         RepoGroupModel().create(
                             group_name=form_result['group_name'],
                             group_description=form_result['group_description'],
                             parent=form_result['group_parent_id'],
                             owner=self.authuser.user_id,
                             copy_permissions=form_result['group_copy_permissions']
                         )
                         Session().commit()
                         h.flash(_('Created repository group %s') \
                                 % form_result['group_name'], category='success')
                         #TODO: in futureaction_logger(, '', '', '', self.sa)
                     except formencode.Invalid, errors:
                         return htmlfill.render(
                             render('admin/repo_groups/repo_group_add.html'),
                             defaults=errors.value,
                             errors=errors.error_dict or {},
                             prefix_error=False,
-                            encoding="UTF-8")
+                            encoding="UTF-8",
+                            force_defaults=False)
                     except Exception:
                         log.error(traceback.format_exc())
                         h.flash(_('Error occurred during creation of repository group %s') \
                                 % request.POST.get('group_name'), category='error')
                     parent_group_id = form_result['group_parent_id']
                     #TODO: maybe we should get back to the main view, not the admin one
                     return redirect(url('repos_groups', parent_group=parent_group_id))
                 def new(self):
                     """GET /repo_groups/new: Form to create a new item"""
                     # url('new_repos_group')
                     if HasPermissionAll('hg.admin')('group create'):
                         #we're global admin, we're ok and we can create TOP level groups
                         pass
                     else:
                         # we pass in parent group into creation form, thus we know
                         # what would be the group, we can check perms here !
                         group_id = safe_int(request.GET.get('parent_group'))
                         group = RepoGroup.get(group_id) if group_id else None
                         group_name = group.group_name if group else None
                         if HasRepoGroupPermissionAll('group.admin')(group_name, 'group create'):
                             pass
                         else:
                             return abort(403)
                     self.__load_defaults()
                     return render('admin/repo_groups/repo_group_add.html')
                 @HasRepoGroupPermissionAnyDecorator('group.admin')
                 def update(self, group_name):
                     """PUT /repo_groups/group_name: Update an existing item"""
                     # Forms posted to this method should contain a hidden field:
                     #    <input type="hidden" name="_method" value="PUT" />
                     # Or using helpers:
                     #    h.form(url('repos_group', group_name=GROUP_NAME),
                     #           method='put')
                     # url('repos_group', group_name=GROUP_NAME)
                     c.repo_group = RepoGroupModel()._get_repo_group(group_name)
                     if HasPermissionAll('hg.admin')('group edit'):
                         #we're global admin, we're ok and we can create TOP level groups
                         allow_empty_group = True
                     elif not c.repo_group.parent_group:
                         allow_empty_group = True
                     else:
                         allow_empty_group = False
                     self.__load_defaults(allow_empty_group=allow_empty_group,
                                          exclude_group_ids=[c.repo_group.group_id])
                     repo_group_form = RepoGroupForm(
                         edit=True,
                         old_data=c.repo_group.get_dict(),
                         available_groups=c.repo_groups_choices,
                         can_create_in_root=allow_empty_group,
                     )()
                     try:
                         form_result = repo_group_form.to_python(dict(request.POST))
                         new_gr = RepoGroupModel().update(group_name, form_result)
                         Session().commit()
                         h.flash(_('Updated repository group %s') \
                                 % form_result['group_name'], category='success')
                         # we now have new name !
                         group_name = new_gr.group_name
                         #TODO: in future action_logger(, '', '', '', self.sa)
                     except formencode.Invalid, errors:
                         return htmlfill.render(
                             render('admin/repo_groups/repo_group_edit.html'),
                             defaults=errors.value,
                             errors=errors.error_dict or {},
                             prefix_error=False,
-                            encoding="UTF-8")
+                            encoding="UTF-8",
+                            force_defaults=False)
                     except Exception:
                         log.error(traceback.format_exc())
                         h.flash(_('Error occurred during update of repository group %s') \
                                 % request.POST.get('group_name'), category='error')
                     return redirect(url('edit_repo_group', group_name=group_name))
                 @HasRepoGroupPermissionAnyDecorator('group.admin')
                 def delete(self, group_name):
                     """DELETE /repo_groups/group_name: Delete an existing item"""
                     # Forms posted to this method should contain a hidden field:
                     #    <input type="hidden" name="_method" value="DELETE" />
                     # Or using helpers:
                     #    h.form(url('repos_group', group_name=GROUP_NAME),
                     #           method='delete')
                     # url('repos_group', group_name=GROUP_NAME)
                     gr = c.repo_group = RepoGroupModel()._get_repo_group(group_name)
                     repos = gr.repositories.all()
                     if repos:
                         h.flash(_('This group contains %s repositories and cannot be '
                                   'deleted') % len(repos), category='warning')
                         return redirect(url('repos_groups'))
                     children = gr.children.all()
                     if children:
                         h.flash(_('This group contains %s subgroups and cannot be deleted'
                                   % (len(children))), category='warning')
                         return redirect(url('repos_groups'))
                     try:
                         RepoGroupModel().delete(group_name)
                         Session().commit()
                         h.flash(_('Removed repository group %s') % group_name,
                                 category='success')
                         #TODO: in future action_logger(, '', '', '', self.sa)
                     except Exception:
                         log.error(traceback.format_exc())
                         h.flash(_('Error occurred during deletion of repository group %s')
                                 % group_name, category='error')
                     if gr.parent_group:
                         return redirect(url('repos_group_home', group_name=gr.parent_group.group_name))
                     return redirect(url('repos_groups'))
                 def show_by_name(self, group_name):
                     """
                     This is a proxy that does a lookup group_name -> id, and shows
                     the group by id view instead
                     """
                     group_name = group_name.rstrip('/')
                     id_ = RepoGroup.get_by_group_name(group_name)
                     if id_:
                         return self.show(group_name)
                     raise HTTPNotFound
                 @HasRepoGroupPermissionAnyDecorator('group.read', 'group.write',
                                                      'group.admin')
                 def show(self, group_name):
                     """GET /repo_groups/group_name: Show a specific item"""
                     # url('repos_group', group_name=GROUP_NAME)
                     c.active = 'settings'
                     c.group = c.repo_group = RepoGroupModel()._get_repo_group(group_name)
                     c.group_repos = c.group.repositories.all()
                     #overwrite our cached list with current filter
                     c.repo_cnt = 0
                     groups = RepoGroup.query().order_by(RepoGroup.group_name)\
                         .filter(RepoGroup.group_parent_id == c.group.group_id).all()
                     c.groups = self.scm_model.get_repo_groups(groups)
                     c.repos_list = Repository.query()\
                                     .filter(Repository.group_id == c.group.group_id)\
                                     .order_by(func.lower(Repository.repo_name))\
                                     .all()
                     repos_data = RepoModel().get_repos_as_dict(repos_list=c.repos_list,
                                                                admin=False)
                     #json used to render the grid
                     c.data = json.dumps(repos_data)
                     return render('admin/repo_groups/repo_group_show.html')
                 @HasRepoGroupPermissionAnyDecorator('group.admin')
                 def edit(self, group_name):
                     """GET /repo_groups/group_name/edit: Form to edit an existing item"""
                     # url('edit_repo_group', group_name=GROUP_NAME)
                     c.active = 'settings'
                     c.repo_group = RepoGroupModel()._get_repo_group(group_name)
                     #we can only allow moving empty group if it's already a top-level
                     #group, ie has no parents, or we're admin
                     if HasPermissionAll('hg.admin')('group edit'):
                         #we're global admin, we're ok and we can create TOP level groups
                         allow_empty_group = True
                     elif not c.repo_group.parent_group:
                         allow_empty_group = True
                     else:
                         allow_empty_group = False
                     self.__load_defaults(allow_empty_group=allow_empty_group,
                                          exclude_group_ids=[c.repo_group.group_id])
                     defaults = self.__load_data(c.repo_group.group_id)
                     return htmlfill.render(
                         render('admin/repo_groups/repo_group_edit.html'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False
                     )
                 @HasRepoGroupPermissionAnyDecorator('group.admin')
                 def edit_repo_group_advanced(self, group_name):
                     """GET /repo_groups/group_name/edit: Form to edit an existing item"""
                     # url('edit_repo_group', group_name=GROUP_NAME)
                     c.active = 'advanced'
                     c.repo_group = RepoGroupModel()._get_repo_group(group_name)
                     return render('admin/repo_groups/repo_group_edit.html')
                 @HasRepoGroupPermissionAnyDecorator('group.admin')
                 def edit_repo_group_perms(self, group_name):
                     """GET /repo_groups/group_name/edit: Form to edit an existing item"""
                     # url('edit_repo_group', group_name=GROUP_NAME)
                     c.active = 'perms'
                     c.repo_group = RepoGroupModel()._get_repo_group(group_name)
                     self.__load_defaults()
                     defaults = self.__load_data(c.repo_group.group_id)
                     return htmlfill.render(
                         render('admin/repo_groups/repo_group_edit.html'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False
                     )
                 @HasRepoGroupPermissionAnyDecorator('group.admin')
                 def update_perms(self, group_name):
                     """
                     Update permissions for given repository group
                     :param group_name:
                     """
                     c.repo_group = RepoGroupModel()._get_repo_group(group_name)
                     valid_recursive_choices = ['none', 'repos', 'groups', 'all']
                     form_result = RepoGroupPermsForm(valid_recursive_choices)().to_python(request.POST)
                     if not c.authuser.is_admin:
                         if self._revoke_perms_on_yourself(form_result):
                             msg = _('Cannot revoke permission for yourself as admin')
                             h.flash(msg, category='warning')
                             return redirect(url('edit_repo_group_perms', group_name=group_name))
                     recursive = form_result['recursive']
                     # iterate over all members(if in recursive mode) of this groups and
                     # set the permissions !
                     # this can be potentially heavy operation
                     RepoGroupModel()._update_permissions(c.repo_group,
                                                          form_result['perms_new'],
                                                          form_result['perms_updates'],
                                                          recursive)
                     #TODO: implement this
                     #action_logger(self.authuser, 'admin_changed_repo_permissions',
                     #              repo_name, self.ip_addr, self.sa)
                     Session().commit()
                     h.flash(_('Repository Group permissions updated'), category='success')
                     return redirect(url('edit_repo_group_perms', group_name=group_name))
                 @HasRepoGroupPermissionAnyDecorator('group.admin')
                 def delete_perms(self, group_name):
                     """
                     DELETE an existing repository group permission user
                     :param group_name:
                     """
                     try:
                         obj_type = request.POST.get('obj_type')
                         obj_id = None
                         if obj_type == 'user':
                             obj_id = safe_int(request.POST.get('user_id'))
                         elif obj_type == 'user_group':
                             obj_id = safe_int(request.POST.get('user_group_id'))
                         if not c.authuser.is_admin:
                             if obj_type == 'user' and c.authuser.user_id == obj_id:
                                 msg = _('Cannot revoke permission for yourself as admin')
                                 h.flash(msg, category='warning')
                                 raise Exception('revoke admin permission on self')
                         recursive = request.POST.get('recursive', 'none')
                         if obj_type == 'user':
                             RepoGroupModel().delete_permission(repo_group=group_name,
                                                                obj=obj_id, obj_type='user',
                                                                recursive=recursive)
                         elif obj_type == 'user_group':
                             RepoGroupModel().delete_permission(repo_group=group_name,
                                                                obj=obj_id,
                                                                obj_type='user_group',
                                                                recursive=recursive)
                         Session().commit()
                     except Exception:
                         log.error(traceback.format_exc())
                         h.flash(_('An error occurred during revoking of permission'),
                                 category='error')
                         raise HTTPInternalServerError()

kallithea/controllers/admin/repos.py

0 +5 -3

             # -*- coding: utf-8 -*-
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU General Public License as published by
             # the Free Software Foundation, either version 3 of the License, or
             # (at your option) any later version.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             """
             kallithea.controllers.admin.repos
             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
             Repositories controller for Kallithea
             This file was forked by the Kallithea project in July 2014.
             Original author and date, and relevant copyright and licensing information is below:
             :created_on: Apr 7, 2010
             :author: marcink
             :copyright: (c) 2013 RhodeCode GmbH, and others.
             :license: GPLv3, see LICENSE.md for more details.
             """
             import logging
             import traceback
             import formencode
             from formencode import htmlfill
             from webob.exc import HTTPInternalServerError, HTTPForbidden, HTTPNotFound
             from pylons import request, tmpl_context as c, url
             from pylons.controllers.util import redirect
             from pylons.i18n.translation import _
             from sqlalchemy.sql.expression import func
             from kallithea.lib import helpers as h
             from kallithea.lib.auth import LoginRequired, HasPermissionAllDecorator, \
                 HasRepoPermissionAllDecorator, NotAnonymous,HasPermissionAny, \
                 HasRepoGroupPermissionAny, HasRepoPermissionAnyDecorator
             from kallithea.lib.base import BaseRepoController, render
             from kallithea.lib.utils import action_logger, repo_name_slug, jsonify
             from kallithea.lib.helpers import get_token
             from kallithea.lib.vcs import RepositoryError
             from kallithea.model.meta import Session
             from kallithea.model.db import User, Repository, UserFollowing, RepoGroup,\
                 Setting, RepositoryField
             from kallithea.model.forms import RepoForm, RepoFieldForm, RepoPermsForm
             from kallithea.model.scm import ScmModel, RepoGroupList, RepoList
             from kallithea.model.repo import RepoModel
             from kallithea.lib.compat import json
             from kallithea.lib.exceptions import AttachedForksError
             from kallithea.lib.utils2 import safe_int
             log = logging.getLogger(__name__)
             class ReposController(BaseRepoController):
                 """
                 REST Controller styled on the Atom Publishing Protocol"""
                 # To properly map this controller, ensure your config/routing.py
                 # file has a resource setup:
                 #     map.resource('repo', 'repos')
                 @LoginRequired()
                 def __before__(self):
                     super(ReposController, self).__before__()
                 def _load_repo(self, repo_name):
                     repo_obj = Repository.get_by_repo_name(repo_name)
                     if repo_obj is None:
                         h.not_mapped_error(repo_name)
                         return redirect(url('repos'))
                     return repo_obj
                 def __load_defaults(self, repo=None):
                     acl_groups = RepoGroupList(RepoGroup.query().all(),
                                            perm_set=['group.write', 'group.admin'])
                     c.repo_groups = RepoGroup.groups_choices(groups=acl_groups)
                     c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups)
                     # in case someone no longer have a group.write access to a repository
                     # pre fill the list with this entry, we don't care if this is the same
                     # but it will allow saving repo data properly.
                     repo_group = None
                     if repo:
                         repo_group = repo.group
                     if repo_group and unicode(repo_group.group_id) not in c.repo_groups_choices:
                         c.repo_groups_choices.append(unicode(repo_group.group_id))
                         c.repo_groups.append(RepoGroup._generate_choice(repo_group))
                     choices, c.landing_revs = ScmModel().get_repo_landing_revs()
                     c.landing_revs_choices = choices
                 def __load_data(self, repo_name=None):
                     """
                     Load defaults settings for edit, and update
                     :param repo_name:
                     """
                     c.repo_info = self._load_repo(repo_name)
                     self.__load_defaults(c.repo_info)
                     ##override defaults for exact repo info here git/hg etc
                     choices, c.landing_revs = ScmModel().get_repo_landing_revs(c.repo_info)
                     c.landing_revs_choices = choices
                     defaults = RepoModel()._get_defaults(repo_name)
                     return defaults
                 def index(self, format='html'):
                     """GET /repos: All items in the collection"""
                     # url('repos')
                     _list = Repository.query()\
                                     .order_by(func.lower(Repository.repo_name))\
                                     .all()
                     c.repos_list = RepoList(_list, perm_set=['repository.admin'])
                     repos_data = RepoModel().get_repos_as_dict(repos_list=c.repos_list,
                                                                admin=True,
                                                                super_user_actions=True)
                     #json used to render the grid
                     c.data = json.dumps(repos_data)
                     return render('admin/repos/repos.html')
                 @NotAnonymous()
                 def create(self):
                     """
                     POST /repos: Create a new item"""
                     # url('repos')
                     self.__load_defaults()
                     form_result = {}
                     task_id = None
                     try:
                         # CanWriteToGroup validators checks permissions of this POST
                         form_result = RepoForm(repo_groups=c.repo_groups_choices,
                                                landing_revs=c.landing_revs_choices)()\
                                         .to_python(dict(request.POST))
                         # create is done sometimes async on celery, db transaction
                         # management is handled there.
                         task = RepoModel().create(form_result, self.authuser.user_id)
                         from celery.result import BaseAsyncResult
                         if isinstance(task, BaseAsyncResult):
                             task_id = task.task_id
                     except formencode.Invalid, errors:
                         return htmlfill.render(
                             render('admin/repos/repo_add.html'),
                             defaults=errors.value,
                             errors=errors.error_dict or {},
                             prefix_error=False,
+                            force_defaults=False,
                             encoding="UTF-8")
                     except Exception:
                         log.error(traceback.format_exc())
                         msg = (_('Error creating repository %s')
                                % form_result.get('repo_name'))
                         h.flash(msg, category='error')
                         return redirect(url('home'))
                     return redirect(h.url('repo_creating_home',
                                           repo_name=form_result['repo_name_full'],
                                           task_id=task_id))
                 @NotAnonymous()
                 def create_repository(self):
                     """GET /_admin/create_repository: Form to create a new item"""
                     new_repo = request.GET.get('repo', '')
                     parent_group = request.GET.get('parent_group')
                     if not HasPermissionAny('hg.admin', 'hg.create.repository')():
                         #you're not super admin nor have global create permissions,
                         #but maybe you have at least write permission to a parent group ?
                         _gr = RepoGroup.get(parent_group)
                         gr_name = _gr.group_name if _gr else None
                         # create repositories with write permission on group is set to true
                         create_on_write = HasPermissionAny('hg.create.write_on_repogroup.true')()
                         group_admin = HasRepoGroupPermissionAny('group.admin')(group_name=gr_name)
                         group_write = HasRepoGroupPermissionAny('group.write')(group_name=gr_name)
                         if not (group_admin or (group_write and create_on_write)):
                             raise HTTPForbidden
                     acl_groups = RepoGroupList(RepoGroup.query().all(),
                                            perm_set=['group.write', 'group.admin'])
                     c.repo_groups = RepoGroup.groups_choices(groups=acl_groups)
                     c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups)
                     choices, c.landing_revs = ScmModel().get_repo_landing_revs()
                     c.new_repo = repo_name_slug(new_repo)
                     ## apply the defaults from defaults page
                     defaults = Setting.get_default_repo_settings(strip_prefix=True)
                     if parent_group:
                         defaults.update({'repo_group': parent_group})
                     return htmlfill.render(
                         render('admin/repos/repo_add.html'),
                         defaults=defaults,
                         errors={},
                         prefix_error=False,
-                        encoding="UTF-8"
+                        encoding="UTF-8",
+                        force_defaults=False)
                 @LoginRequired()
                 @NotAnonymous()
                 def repo_creating(self, repo_name):
                     c.repo = repo_name
                     c.task_id = request.GET.get('task_id')
                     if not c.repo:
                         raise HTTPNotFound()
                     return render('admin/repos/repo_creating.html')
                 @LoginRequired()
                 @NotAnonymous()
                 @jsonify
                 def repo_check(self, repo_name):
                     c.repo = repo_name
                     task_id = request.GET.get('task_id')
                     if task_id and task_id not in ['None']:
                         from kallithea import CELERY_ON
                         from celery.result import AsyncResult
                         if CELERY_ON:
                             task = AsyncResult(task_id)
                             if task.failed():
                                 raise HTTPInternalServerError(task.traceback)
                     repo = Repository.get_by_repo_name(repo_name)
                     if repo and repo.repo_state == Repository.STATE_CREATED:
                         if repo.clone_uri:
                             clone_uri = repo.clone_uri_hidden
                             h.flash(_('Created repository %s from %s')
                                     % (repo.repo_name, clone_uri), category='success')
                         else:
                             repo_url = h.link_to(repo.repo_name,
                                                  h.url('summary_home',
                                                        repo_name=repo.repo_name))
                             fork = repo.fork
                             if fork:
                                 fork_name = fork.repo_name
                                 h.flash(h.literal(_('Forked repository %s as %s')
                                         % (fork_name, repo_url)), category='success')
                             else:
                                 h.flash(h.literal(_('Created repository %s') % repo_url),
                                         category='success')
                         return {'result': True}
                     return {'result': False}
                 @HasRepoPermissionAllDecorator('repository.admin')
                 def update(self, repo_name):
                     """
                     PUT /repos/repo_name: Update an existing item"""
                     # Forms posted to this method should contain a hidden field:
                     #    <input type="hidden" name="_method" value="PUT" />
                     # Or using helpers:
                     #    h.form(url('repo', repo_name=ID),
                     #           method='put')
                     # url('repo', repo_name=ID)
                     c.repo_info = self._load_repo(repo_name)
                     c.active = 'settings'
                     c.repo_fields = RepositoryField.query()\
                         .filter(RepositoryField.repository == c.repo_info).all()
                     self.__load_defaults(c.repo_info)
                     repo_model = RepoModel()
                     changed_name = repo_name
                     #override the choices with extracted revisions !
                     choices, c.landing_revs = ScmModel().get_repo_landing_revs(repo_name)
                     c.landing_revs_choices = choices
                     repo = Repository.get_by_repo_name(repo_name)
                     old_data = {
                         'repo_name': repo_name,
                         'repo_group': repo.group.get_dict() if repo.group else {},
                         'repo_type': repo.repo_type,
                     }
                     _form = RepoForm(edit=True, old_data=old_data,
                                      repo_groups=c.repo_groups_choices,
                                      landing_revs=c.landing_revs_choices)()
                     try:
                         form_result = _form.to_python(dict(request.POST))
                         repo = repo_model.update(repo_name, **form_result)
                         ScmModel().mark_for_invalidation(repo_name)
                         h.flash(_('Repository %s updated successfully') % repo_name,
                                 category='success')
                         changed_name = repo.repo_name
                         action_logger(self.authuser, 'admin_updated_repo',
                                           changed_name, self.ip_addr, self.sa)
                         Session().commit()
                     except formencode.Invalid, errors:
                         defaults = self.__load_data(repo_name)
                         defaults.update(errors.value)
                         return htmlfill.render(
                             render('admin/repos/repo_edit.html'),
                             defaults=defaults,
                             errors=errors.error_dict or {},
                             prefix_error=False,
-                            encoding="UTF-8")
+                            encoding="UTF-8",
+                            force_defaults=False)
                     except Exception:
                         log.error(traceback.format_exc())
                         h.flash(_('Error occurred during update of repository %s') \
                                 % repo_name, category='error')
                     return redirect(url('edit_repo', repo_name=changed_name))
                 @HasRepoPermissionAllDecorator('repository.admin')
                 def delete(self, repo_name):
                     """
                     DELETE /repos/repo_name: Delete an existing item"""
                     # Forms posted to this method should contain a hidden field:
                     #    <input type="hidden" name="_method" value="DELETE" />
                     # Or using helpers:
                     #    h.form(url('repo', repo_name=ID),
                     #           method='delete')
                     # url('repo', repo_name=ID)
                     repo_model = RepoModel()
                     repo = repo_model.get_by_repo_name(repo_name)
                     if not repo:
                         h.not_mapped_error(repo_name)
                         return redirect(url('repos'))
                     try:
                         _forks = repo.forks.count()
                         handle_forks = None
                         if _forks and request.POST.get('forks'):
                             do = request.POST['forks']
                             if do == 'detach_forks':
                                 handle_forks = 'detach'
                                 h.flash(_('Detached %s forks') % _forks, category='success')
                             elif do == 'delete_forks':
                                 handle_forks = 'delete'
                                 h.flash(_('Deleted %s forks') % _forks, category='success')
                         repo_model.delete(repo, forks=handle_forks)
                         action_logger(self.authuser, 'admin_deleted_repo',
                               repo_name, self.ip_addr, self.sa)
                         ScmModel().mark_for_invalidation(repo_name)
                         h.flash(_('Deleted repository %s') % repo_name, category='success')
                         Session().commit()
                     except AttachedForksError:
                         h.flash(_('Cannot delete %s it still contains attached forks')
                                     % repo_name, category='warning')
                     except Exception:
                         log.error(traceback.format_exc())
                         h.flash(_('An error occurred during deletion of %s') % repo_name,
                                 category='error')
                     if repo.group:
                         return redirect(url('repos_group_home', group_name=repo.group.group_name))
                     return redirect(url('repos'))
                 @HasPermissionAllDecorator('hg.admin')
                 def show(self, repo_name, format='html'):
                     """GET /repos/repo_name: Show a specific item"""
                     # url('repo', repo_name=ID)
                 @HasRepoPermissionAllDecorator('repository.admin')
                 def edit(self, repo_name):
                     """GET /repo_name/settings: Form to edit an existing item"""
                     # url('edit_repo', repo_name=ID)
                     defaults = self.__load_data(repo_name)
                     if 'clone_uri' in defaults:
                         del defaults['clone_uri']
                     c.repo_fields = RepositoryField.query()\
                         .filter(RepositoryField.repository == c.repo_info).all()
                     c.active = 'settings'
                     return htmlfill.render(
                         render('admin/repos/repo_edit.html'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False)
                 @HasRepoPermissionAllDecorator('repository.admin')
                 def edit_permissions(self, repo_name):
                     """GET /repo_name/settings: Form to edit an existing item"""
                     # url('edit_repo', repo_name=ID)
                     c.repo_info = self._load_repo(repo_name)
                     repo_model = RepoModel()
                     c.users_array = repo_model.get_users_js()
                     c.user_groups_array = repo_model.get_user_groups_js()
                     c.active = 'permissions'
                     defaults = RepoModel()._get_defaults(repo_name)
                     return htmlfill.render(
                         render('admin/repos/repo_edit.html'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False)
                 def edit_permissions_update(self, repo_name):
                     form = RepoPermsForm()().to_python(request.POST)
                     RepoModel()._update_permissions(repo_name, form['perms_new'],
                                                     form['perms_updates'])
                     #TODO: implement this
                     #action_logger(self.authuser, 'admin_changed_repo_permissions',
                     #              repo_name, self.ip_addr, self.sa)
                     Session().commit()
                     h.flash(_('Repository permissions updated'), category='success')
                     return redirect(url('edit_repo_perms', repo_name=repo_name))
                 def edit_permissions_revoke(self, repo_name):
                     try:
                         obj_type = request.POST.get('obj_type')
                         obj_id = None
                         if obj_type == 'user':
                             obj_id = safe_int(request.POST.get('user_id'))
                         elif obj_type == 'user_group':
                             obj_id = safe_int(request.POST.get('user_group_id'))
                         if obj_type == 'user':
                             RepoModel().revoke_user_permission(repo=repo_name, user=obj_id)
                         elif obj_type == 'user_group':
                             RepoModel().revoke_user_group_permission(
                                 repo=repo_name, group_name=obj_id
                             )
                         #TODO: implement this
                         #action_logger(self.authuser, 'admin_revoked_repo_permissions',
                         #              repo_name, self.ip_addr, self.sa)
                         Session().commit()
                     except Exception:
                         log.error(traceback.format_exc())
                         h.flash(_('An error occurred during revoking of permission'),
                                 category='error')
                         raise HTTPInternalServerError()
                 @HasRepoPermissionAllDecorator('repository.admin')
                 def edit_fields(self, repo_name):
                     """GET /repo_name/settings: Form to edit an existing item"""
                     # url('edit_repo', repo_name=ID)
                     c.repo_info = self._load_repo(repo_name)
                     c.repo_fields = RepositoryField.query()\
                         .filter(RepositoryField.repository == c.repo_info).all()
                     c.active = 'fields'
                     if request.POST:
                         return redirect(url('repo_edit_fields'))
                     return render('admin/repos/repo_edit.html')
                 @HasRepoPermissionAllDecorator('repository.admin')
                 def create_repo_field(self, repo_name):
                     try:
                         form_result = RepoFieldForm()().to_python(dict(request.POST))
                         new_field = RepositoryField()
                         new_field.repository = Repository.get_by_repo_name(repo_name)
                         new_field.field_key = form_result['new_field_key']
                         new_field.field_type = form_result['new_field_type']  # python type
                         new_field.field_value = form_result['new_field_value']  # set initial blank value
                         new_field.field_desc = form_result['new_field_desc']
                         new_field.field_label = form_result['new_field_label']
                         Session().add(new_field)
                         Session().commit()
                     except Exception, e:
                         log.error(traceback.format_exc())
                         msg = _('An error occurred during creation of field')
                         if isinstance(e, formencode.Invalid):
                             msg += ". " + e.msg
                         h.flash(msg, category='error')
                     return redirect(url('edit_repo_fields', repo_name=repo_name))
                 @HasRepoPermissionAllDecorator('repository.admin')
                 def delete_repo_field(self, repo_name, field_id):
                     field = RepositoryField.get_or_404(field_id)
                     try:
                         Session().delete(field)
                         Session().commit()
                     except Exception, e:
                         log.error(traceback.format_exc())
                         msg = _('An error occurred during removal of field')
                         h.flash(msg, category='error')
                     return redirect(url('edit_repo_fields', repo_name=repo_name))
                 @HasRepoPermissionAllDecorator('repository.admin')
                 def edit_advanced(self, repo_name):
                     """GET /repo_name/settings: Form to edit an existing item"""
                     # url('edit_repo', repo_name=ID)
                     c.repo_info = self._load_repo(repo_name)
                     c.default_user_id = User.get_default_user().user_id
                     c.in_public_journal = UserFollowing.query()\
                         .filter(UserFollowing.user_id == c.default_user_id)\
                         .filter(UserFollowing.follows_repository == c.repo_info).scalar()
                     _repos = Repository.query().order_by(Repository.repo_name).all()
                     read_access_repos = RepoList(_repos)
                     c.repos_list = [(None, _('-- Not a fork --'))]
                     c.repos_list += [(x.repo_id, x.repo_name)
                                      for x in read_access_repos
                                      if x.repo_id != c.repo_info.repo_id]
                     defaults = {
                         'id_fork_of': c.repo_info.fork.repo_id if c.repo_info.fork else ''
                     }
                     c.active = 'advanced'
                     if request.POST:
                         return redirect(url('repo_edit_advanced'))
                     return htmlfill.render(
                         render('admin/repos/repo_edit.html'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False)
                 @HasRepoPermissionAllDecorator('repository.admin')
                 def edit_advanced_journal(self, repo_name):
                     """
                     Sets this repository to be visible in public journal,
                     in other words asking default user to follow this repo
                     :param repo_name:
                     """
                     cur_token = request.POST.get('auth_token')
                     token = get_token()
                     if cur_token == token:
                         try:
                             repo_id = Repository.get_by_repo_name(repo_name).repo_id
                             user_id = User.get_default_user().user_id
                             self.scm_model.toggle_following_repo(repo_id, user_id)
                             h.flash(_('Updated repository visibility in public journal'),
                                     category='success')
                             Session().commit()
                         except Exception:
                             h.flash(_('An error occurred during setting this'
                                       ' repository in public journal'),
                                     category='error')
                     else:
                         h.flash(_('Token mismatch'), category='error')
                     return redirect(url('edit_repo_advanced', repo_name=repo_name))
                 @HasRepoPermissionAllDecorator('repository.admin')
                 def edit_advanced_fork(self, repo_name):
                     """
                     Mark given repository as a fork of another
                     :param repo_name:
                     """
                     try:
                         fork_id = request.POST.get('id_fork_of')
                         repo = ScmModel().mark_as_fork(repo_name, fork_id,
                                                        self.authuser.username)
                         fork = repo.fork.repo_name if repo.fork else _('Nothing')
                         Session().commit()
                         h.flash(_('Marked repo %s as fork of %s') % (repo_name, fork),
                                 category='success')
                     except RepositoryError, e:
                         log.error(traceback.format_exc())
                         h.flash(str(e), category='error')
                     except Exception, e:
                         log.error(traceback.format_exc())
                         h.flash(_('An error occurred during this operation'),
                                 category='error')
                     return redirect(url('edit_repo_advanced', repo_name=repo_name))
                 @HasRepoPermissionAllDecorator('repository.admin')
                 def edit_advanced_locking(self, repo_name):
                     """
                     Unlock repository when it is locked !
                     :param repo_name:
                     """
                     try:
                         repo = Repository.get_by_repo_name(repo_name)
                         if request.POST.get('set_lock'):
                             Repository.lock(repo, c.authuser.user_id)
                             h.flash(_('Locked repository'), category='success')
                         elif request.POST.get('set_unlock'):
                             Repository.unlock(repo)
                             h.flash(_('Unlocked repository'), category='success')
                     except Exception, e:
                         log.error(traceback.format_exc())
                         h.flash(_('An error occurred during unlocking'),
                                 category='error')
                     return redirect(url('edit_repo_advanced', repo_name=repo_name))
                 @HasRepoPermissionAnyDecorator('repository.write', 'repository.admin')
                 def toggle_locking(self, repo_name):
                     """
                     Toggle locking of repository by simple GET call to url
                     :param repo_name:
                     """
                     try:
                         repo = Repository.get_by_repo_name(repo_name)
                         if repo.enable_locking:
                             if repo.locked[0]:
                                 Repository.unlock(repo)
                                 action = _('Unlocked')
                             else:
                                 Repository.lock(repo, c.authuser.user_id)
                                 action = _('Locked')
                             h.flash(_('Repository has been %s') % action,
                                     category='success')
                     except Exception, e:
                         log.error(traceback.format_exc())
                         h.flash(_('An error occurred during unlocking'),
                                 category='error')
                     return redirect(url('summary_home', repo_name=repo_name))
                 @HasRepoPermissionAllDecorator('repository.admin')
                 def edit_caches(self, repo_name):
                     """GET /repo_name/settings: Form to edit an existing item"""
                     # url('edit_repo', repo_name=ID)
                     c.repo_info = self._load_repo(repo_name)
                     c.active = 'caches'
                     if request.POST:
                         try:
                             ScmModel().mark_for_invalidation(repo_name, delete=True)
                             Session().commit()
                             h.flash(_('Cache invalidation successful'),
                                     category='success')
                         except Exception, e:
                             log.error(traceback.format_exc())
                             h.flash(_('An error occurred during cache invalidation'),
                                     category='error')
                         return redirect(url('edit_repo_caches', repo_name=c.repo_name))
                     return render('admin/repos/repo_edit.html')
                 @HasRepoPermissionAllDecorator('repository.admin')
                 def edit_remote(self, repo_name):
                     """GET /repo_name/settings: Form to edit an existing item"""
                     # url('edit_repo', repo_name=ID)
                     c.repo_info = self._load_repo(repo_name)
                     c.active = 'remote'
                     if request.POST:
                         try:
                             ScmModel().pull_changes(repo_name, self.authuser.username)
                             h.flash(_('Pulled from remote location'), category='success')
                         except Exception, e:
                             log.error(traceback.format_exc())
                             h.flash(_('An error occurred during pull from remote location'),
                                     category='error')
                         return redirect(url('edit_repo_remote', repo_name=c.repo_name))
                     return render('admin/repos/repo_edit.html')
                 @HasRepoPermissionAllDecorator('repository.admin')
                 def edit_statistics(self, repo_name):
                     """GET /repo_name/settings: Form to edit an existing item"""
                     # url('edit_repo', repo_name=ID)
                     c.repo_info = self._load_repo(repo_name)
                     repo = c.repo_info.scm_instance
                     if c.repo_info.stats:
                         # this is on what revision we ended up so we add +1 for count
                         last_rev = c.repo_info.stats.stat_on_revision + 1
                     else:
                         last_rev = 0
                     c.stats_revision = last_rev
                     c.repo_last_rev = repo.count() if repo.revisions else 0
                     if last_rev == 0 or c.repo_last_rev == 0:
                         c.stats_percentage = 0
                     else:
                         c.stats_percentage = '%.2f' % ((float((last_rev)) / c.repo_last_rev) * 100)
                     c.active = 'statistics'
                     if request.POST:
                         try:
                             RepoModel().delete_stats(repo_name)
                             Session().commit()
                         except Exception, e:
                             log.error(traceback.format_exc())
                             h.flash(_('An error occurred during deletion of repository stats'),
                                     category='error')
                         return redirect(url('edit_repo_statistics', repo_name=c.repo_name))
                     return render('admin/repos/repo_edit.html')

kallithea/controllers/admin/settings.py

0 +6 -5

             # -*- coding: utf-8 -*-
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU General Public License as published by
             # the Free Software Foundation, either version 3 of the License, or
             # (at your option) any later version.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             """
             kallithea.controllers.admin.settings
             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
             settings controller for Kallithea admin
             This file was forked by the Kallithea project in July 2014.
             Original author and date, and relevant copyright and licensing information is below:
             :created_on: Jul 14, 2010
             :author: marcink
             :copyright: (c) 2013 RhodeCode GmbH, and others.
             :license: GPLv3, see LICENSE.md for more details.
             """
             import logging
             import traceback
             import formencode
             from formencode import htmlfill
             from pylons import request, tmpl_context as c, url, config
             from pylons.controllers.util import redirect
             from pylons.i18n.translation import _
             from kallithea.lib import helpers as h
             from kallithea.lib.auth import LoginRequired, HasPermissionAllDecorator
             from kallithea.lib.base import BaseController, render
             from kallithea.lib.celerylib import tasks, run_task
             from kallithea.lib.exceptions import HgsubversionImportError
             from kallithea.lib.utils import repo2db_mapper, set_app_settings
             from kallithea.model.db import Ui, Repository, Setting
             from kallithea.model.forms import ApplicationSettingsForm, \
                 ApplicationUiSettingsForm, ApplicationVisualisationForm
             from kallithea.model.scm import ScmModel
             from kallithea.model.notification import EmailNotificationModel
             from kallithea.model.meta import Session
             from kallithea.lib.utils2 import str2bool, safe_unicode
             log = logging.getLogger(__name__)
             class SettingsController(BaseController):
                 """REST Controller styled on the Atom Publishing Protocol"""
                 # To properly map this controller, ensure your config/routing.py
                 # file has a resource setup:
                 #     map.resource('setting', 'settings', controller='admin/settings',
                 #         path_prefix='/admin', name_prefix='admin_')
                 @LoginRequired()
                 def __before__(self):
                     super(SettingsController, self).__before__()
                 def _get_hg_ui_settings(self):
                     ret = Ui.query().all()
                     if not ret:
                         raise Exception('Could not get application ui settings !')
                     settings = {}
                     for each in ret:
                         k = each.ui_key
                         v = each.ui_value
                         if k == '/':
                             k = 'root_path'
                         if k == 'push_ssl':
                             v = str2bool(v)
                         if k.find('.') != -1:
                             k = k.replace('.', '_')
                         if each.ui_section in ['hooks', 'extensions']:
                             v = each.ui_active
                         settings[each.ui_section + '_' + k] = v
                     return settings
                 @HasPermissionAllDecorator('hg.admin')
                 def settings_vcs(self):
                     """GET /admin/settings: All items in the collection"""
                     # url('admin_settings')
                     c.active = 'vcs'
                     if request.POST:
                         application_form = ApplicationUiSettingsForm()()
                         try:
                             form_result = application_form.to_python(dict(request.POST))
                         except formencode.Invalid, errors:
                             return htmlfill.render(
                                  render('admin/settings/settings.html'),
                                  defaults=errors.value,
                                  errors=errors.error_dict or {},
                                  prefix_error=False,
-                                 encoding="UTF-8"
+                                 encoding="UTF-8",
+                                 force_defaults=False)
                         try:
                             sett = Ui.get_by_key('push_ssl')
                             sett.ui_value = form_result['web_push_ssl']
                             Session().add(sett)
                             if c.visual.allow_repo_location_change:
                                 sett = Ui.get_by_key('/')
                                 sett.ui_value = form_result['paths_root_path']
                                 Session().add(sett)
                             #HOOKS
                             sett = Ui.get_by_key(Ui.HOOK_UPDATE)
                             sett.ui_active = form_result['hooks_changegroup_update']
                             Session().add(sett)
                             sett = Ui.get_by_key(Ui.HOOK_REPO_SIZE)
                             sett.ui_active = form_result['hooks_changegroup_repo_size']
                             Session().add(sett)
                             sett = Ui.get_by_key(Ui.HOOK_PUSH)
                             sett.ui_active = form_result['hooks_changegroup_push_logger']
                             Session().add(sett)
                             sett = Ui.get_by_key(Ui.HOOK_PULL)
                             sett.ui_active = form_result['hooks_outgoing_pull_logger']
                             Session().add(sett)
                             ## EXTENSIONS
                             sett = Ui.get_by_key('largefiles')
                             if not sett:
                                 #make one if it's not there !
                                 sett = Ui()
                                 sett.ui_key = 'largefiles'
                                 sett.ui_section = 'extensions'
                             sett.ui_active = form_result['extensions_largefiles']
                             Session().add(sett)
                             sett = Ui.get_by_key('hgsubversion')
                             if not sett:
                                 #make one if it's not there !
                                 sett = Ui()
                                 sett.ui_key = 'hgsubversion'
                                 sett.ui_section = 'extensions'
                             sett.ui_active = form_result['extensions_hgsubversion']
                             if sett.ui_active:
                                 try:
                                     import hgsubversion  # pragma: no cover
                                 except ImportError:
                                     raise HgsubversionImportError
                             Session().add(sett)
             #                sett = Ui.get_by_key('hggit')
             #                if not sett:
             #                    #make one if it's not there !
             #                    sett = Ui()
             #                    sett.ui_key = 'hggit'
             #                    sett.ui_section = 'extensions'
             #
             #                sett.ui_active = form_result['extensions_hggit']
             #                Session().add(sett)
                             Session().commit()
                             h.flash(_('Updated VCS settings'), category='success')
                         except HgsubversionImportError:
                             log.error(traceback.format_exc())
                             h.flash(_('Unable to activate hgsubversion support. '
                                       'The "hgsubversion" library is missing'),
                                     category='error')
                         except Exception:
                             log.error(traceback.format_exc())
                             h.flash(_('Error occurred during updating '
                                       'application settings'), category='error')
                     defaults = Setting.get_app_settings()
                     defaults.update(self._get_hg_ui_settings())
                     return htmlfill.render(
                         render('admin/settings/settings.html'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False)
                 @HasPermissionAllDecorator('hg.admin')
                 def settings_mapping(self):
                     """GET /admin/settings/mapping: All items in the collection"""
                     # url('admin_settings_mapping')
                     c.active = 'mapping'
                     if request.POST:
                         rm_obsolete = request.POST.get('destroy', False)
                         install_git_hooks = request.POST.get('hooks', False)
                         invalidate_cache = request.POST.get('invalidate', False)
                         log.debug('rescanning repo location with destroy obsolete=%s and '
                                   'install git hooks=%s' % (rm_obsolete,install_git_hooks))
                         if invalidate_cache:
                             log.debug('invalidating all repositories cache')
                             for repo in Repository.get_all():
                                 ScmModel().mark_for_invalidation(repo.repo_name, delete=True)
                         filesystem_repos = ScmModel().repo_scan()
                         added, removed = repo2db_mapper(filesystem_repos, rm_obsolete,
                                                         install_git_hook=install_git_hooks,
                                                         user=c.authuser.username)
                         h.flash(h.literal(_('Repositories successfully rescanned. Added: %s. Removed: %s.') %
                             (', '.join(h.link_to(safe_unicode(repo_name), h.url('summary_home', repo_name=repo_name))
                              for repo_name in added) or '-',
                              ', '.join(h.escape(safe_unicode(repo_name)) for repo_name in removed) or '-')),
                             category='success')
                         return redirect(url('admin_settings_mapping'))
                     defaults = Setting.get_app_settings()
                     defaults.update(self._get_hg_ui_settings())
                     return htmlfill.render(
                         render('admin/settings/settings.html'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False)
                 @HasPermissionAllDecorator('hg.admin')
                 def settings_global(self):
                     """GET /admin/settings/global: All items in the collection"""
                     # url('admin_settings_global')
                     c.active = 'global'
                     if request.POST:
                         application_form = ApplicationSettingsForm()()
                         try:
                             form_result = application_form.to_python(dict(request.POST))
                         except formencode.Invalid, errors:
                             return htmlfill.render(
                                 render('admin/settings/settings.html'),
                                 defaults=errors.value,
                                 errors=errors.error_dict or {},
                                 prefix_error=False,
-                                encoding="UTF-8")
+                                encoding="UTF-8",
+                                force_defaults=False)
                         try:
                             sett1 = Setting.create_or_update('title',
                                                         form_result['title'])
                             Session().add(sett1)
                             sett2 = Setting.create_or_update('realm',
                                                         form_result['realm'])
                             Session().add(sett2)
                             sett3 = Setting.create_or_update('ga_code',
                                                         form_result['ga_code'])
                             Session().add(sett3)
                             sett4 = Setting.create_or_update('captcha_public_key',
                                                 form_result['captcha_public_key'])
                             Session().add(sett4)
                             sett5 = Setting.create_or_update('captcha_private_key',
                                                 form_result['captcha_private_key'])
                             Session().add(sett5)
                             Session().commit()
                             set_app_settings(config)
                             h.flash(_('Updated application settings'), category='success')
                         except Exception:
                             log.error(traceback.format_exc())
                             h.flash(_('Error occurred during updating '
                                       'application settings'),
                                       category='error')
                         return redirect(url('admin_settings_global'))
                     defaults = Setting.get_app_settings()
                     defaults.update(self._get_hg_ui_settings())
                     return htmlfill.render(
                         render('admin/settings/settings.html'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False)
                 @HasPermissionAllDecorator('hg.admin')
                 def settings_visual(self):
                     """GET /admin/settings/visual: All items in the collection"""
                     # url('admin_settings_visual')
                     c.active = 'visual'
                     if request.POST:
                         application_form = ApplicationVisualisationForm()()
                         try:
                             form_result = application_form.to_python(dict(request.POST))
                         except formencode.Invalid, errors:
                             return htmlfill.render(
                                 render('admin/settings/settings.html'),
                                 defaults=errors.value,
                                 errors=errors.error_dict or {},
                                 prefix_error=False,
-                                encoding="UTF-8"
+                                encoding="UTF-8",
+                                force_defaults=False)
                         try:
                             settings = [
                                 ('show_public_icon', 'show_public_icon', 'bool'),
                                 ('show_private_icon', 'show_private_icon', 'bool'),
                                 ('stylify_metatags', 'stylify_metatags', 'bool'),
                                 ('repository_fields', 'repository_fields', 'bool'),
                                 ('dashboard_items', 'dashboard_items', 'int'),
                                 ('admin_grid_items', 'admin_grid_items', 'int'),
                                 ('show_version', 'show_version', 'bool'),
                                 ('use_gravatar', 'use_gravatar', 'bool'),
                                 ('gravatar_url', 'gravatar_url', 'unicode'),
                                 ('clone_uri_tmpl', 'clone_uri_tmpl', 'unicode'),
                             ]
                             for setting, form_key, type_ in settings:
                                 sett = Setting.create_or_update(setting,
                                                     form_result[form_key], type_)
                                 Session().add(sett)
                             Session().commit()
                             set_app_settings(config)
                             h.flash(_('Updated visualisation settings'),
                                     category='success')
                         except Exception:
                             log.error(traceback.format_exc())
                             h.flash(_('Error occurred during updating '
                                       'visualisation settings'),
                                     category='error')
                         return redirect(url('admin_settings_visual'))
                     defaults = Setting.get_app_settings()
                     defaults.update(self._get_hg_ui_settings())
                     return htmlfill.render(
                         render('admin/settings/settings.html'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False)
                 @HasPermissionAllDecorator('hg.admin')
                 def settings_email(self):
                     """GET /admin/settings/email: All items in the collection"""
                     # url('admin_settings_email')
                     c.active = 'email'
                     if request.POST:
                         test_email = request.POST.get('test_email')
                         test_email_subj = 'Kallithea test email'
                         test_body = ('Kallithea Email test, '
                                            'Kallithea version: %s' % c.kallithea_version)
                         if not test_email:
                             h.flash(_('Please enter email address'), category='error')
                             return redirect(url('admin_settings_email'))
                         test_email_txt_body = EmailNotificationModel()\
                             .get_email_tmpl(EmailNotificationModel.TYPE_DEFAULT,
                                             'txt', body=test_body)
                         test_email_html_body = EmailNotificationModel()\
                             .get_email_tmpl(EmailNotificationModel.TYPE_DEFAULT,
                                             'html', body=test_body)
                         recipients = [test_email] if test_email else None
                         run_task(tasks.send_email, recipients, test_email_subj,
                                  test_email_txt_body, test_email_html_body)
                         h.flash(_('Send email task created'), category='success')
                         return redirect(url('admin_settings_email'))
                     defaults = Setting.get_app_settings()
                     defaults.update(self._get_hg_ui_settings())
                     import kallithea
                     c.ini = kallithea.CONFIG
                     return htmlfill.render(
                         render('admin/settings/settings.html'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False)
                 @HasPermissionAllDecorator('hg.admin')
                 def settings_hooks(self):
                     """GET /admin/settings/hooks: All items in the collection"""
                     # url('admin_settings_hooks')
                     c.active = 'hooks'
                     if request.POST:
                         if c.visual.allow_custom_hooks_settings:
                             ui_key = request.POST.get('new_hook_ui_key')
                             ui_value = request.POST.get('new_hook_ui_value')
                             hook_id = request.POST.get('hook_id')
                             try:
                                 ui_key = ui_key and ui_key.strip()
                                 if ui_value and ui_key:
                                     Ui.create_or_update_hook(ui_key, ui_value)
                                     h.flash(_('Added new hook'), category='success')
                                 elif hook_id:
                                     Ui.delete(hook_id)
                                     Session().commit()
                                 # check for edits
                                 update = False
                                 _d = request.POST.dict_of_lists()
                                 for k, v in zip(_d.get('hook_ui_key', []),
                                                 _d.get('hook_ui_value_new', [])):
                                     Ui.create_or_update_hook(k, v)
                                     update = True
                                 if update:
                                     h.flash(_('Updated hooks'), category='success')
                                 Session().commit()
                             except Exception:
                                 log.error(traceback.format_exc())
                                 h.flash(_('Error occurred during hook creation'),
                                         category='error')
                             return redirect(url('admin_settings_hooks'))
                     defaults = Setting.get_app_settings()
                     defaults.update(self._get_hg_ui_settings())
                     c.hooks = Ui.get_builtin_hooks()
                     c.custom_hooks = Ui.get_custom_hooks()
                     return htmlfill.render(
                         render('admin/settings/settings.html'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False)
                 @HasPermissionAllDecorator('hg.admin')
                 def settings_search(self):
                     """GET /admin/settings/search: All items in the collection"""
                     # url('admin_settings_search')
                     c.active = 'search'
                     if request.POST:
                         repo_location = self._get_hg_ui_settings()['paths_root_path']
                         full_index = request.POST.get('full_index', False)
                         run_task(tasks.whoosh_index, repo_location, full_index)
                         h.flash(_('Whoosh reindex task scheduled'), category='success')
                         return redirect(url('admin_settings_search'))
                     defaults = Setting.get_app_settings()
                     defaults.update(self._get_hg_ui_settings())
                     return htmlfill.render(
                         render('admin/settings/settings.html'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False)
                 @HasPermissionAllDecorator('hg.admin')
                 def settings_system(self):
                     """GET /admin/settings/system: All items in the collection"""
                     # url('admin_settings_system')
                     c.active = 'system'
                     defaults = Setting.get_app_settings()
                     defaults.update(self._get_hg_ui_settings())
                     import kallithea
                     c.ini = kallithea.CONFIG
                     c.update_url = defaults.get('update_url')
                     server_info = Setting.get_server_info()
                     for key, val in server_info.iteritems():
                         setattr(c, key, val)
                     return htmlfill.render(
                         render('admin/settings/settings.html'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False)
                 @HasPermissionAllDecorator('hg.admin')
                 def settings_system_update(self):
                     """GET /admin/settings/system/updates: All items in the collection"""
                     # url('admin_settings_system_update')
                     import json
                     import urllib2
                     from kallithea.lib.verlib import NormalizedVersion
                     from kallithea import __version__
                     defaults = Setting.get_app_settings()
                     defaults.update(self._get_hg_ui_settings())
                     _update_url = defaults.get('update_url', '')
                     _update_url = "" # FIXME: disabled
                     _err = lambda s: '<div style="color:#ff8888; padding:4px 0px">%s</div>' % (s)
                     try:
                         import kallithea
                         ver = kallithea.__version__
                         log.debug('Checking for upgrade on `%s` server' % _update_url)
                         opener = urllib2.build_opener()
                         opener.addheaders = [('User-agent', 'Kallithea-SCM/%s' % ver)]
                         response = opener.open(_update_url)
                         response_data = response.read()
                         data = json.loads(response_data)
                     except urllib2.URLError, e:
                         log.error(traceback.format_exc())
                         return _err('Failed to contact upgrade server: %r' % e)
                     except ValueError, e:
                         log.error(traceback.format_exc())
                         return _err('Bad data sent from update server')
                     latest = data['versions'][0]
                     c.update_url = _update_url
                     c.latest_data = latest
                     c.latest_ver = latest['version']
                     c.cur_ver = __version__
                     c.should_upgrade = False
                     if NormalizedVersion(c.latest_ver) > NormalizedVersion(c.cur_ver):
                         c.should_upgrade = True
                     c.important_notices = latest['general']
                     return render('admin/settings/settings_system_update.html'),

kallithea/controllers/admin/user_groups.py

0 +4 -2

             # -*- coding: utf-8 -*-
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU General Public License as published by
             # the Free Software Foundation, either version 3 of the License, or
             # (at your option) any later version.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             """
             kallithea.controllers.admin.users_groups
             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
             User Groups crud controller for pylons
             This file was forked by the Kallithea project in July 2014.
             Original author and date, and relevant copyright and licensing information is below:
             :created_on: Jan 25, 2011
             :author: marcink
             :copyright: (c) 2013 RhodeCode GmbH, and others.
             :license: GPLv3, see LICENSE.md for more details.
             """
             import logging
             import traceback
             import formencode
             from formencode import htmlfill
             from pylons import request, tmpl_context as c, url, config
             from pylons.controllers.util import redirect
             from pylons.i18n.translation import _
             from sqlalchemy.orm import joinedload
             from sqlalchemy.sql.expression import func
             from webob.exc import HTTPInternalServerError
             import kallithea
             from kallithea.lib import helpers as h
             from kallithea.lib.exceptions import UserGroupsAssignedException,\
                 RepoGroupAssignmentError
             from kallithea.lib.utils2 import safe_unicode, safe_int
             from kallithea.lib.auth import LoginRequired, HasPermissionAllDecorator,\
                 HasUserGroupPermissionAnyDecorator, HasPermissionAnyDecorator
             from kallithea.lib.base import BaseController, render
             from kallithea.model.scm import UserGroupList
             from kallithea.model.user_group import UserGroupModel
             from kallithea.model.repo import RepoModel
             from kallithea.model.db import User, UserGroup, UserGroupToPerm,\
                 UserGroupRepoToPerm, UserGroupRepoGroupToPerm
             from kallithea.model.forms import UserGroupForm, UserGroupPermsForm,\
                 CustomDefaultPermissionsForm
             from kallithea.model.meta import Session
             from kallithea.lib.utils import action_logger
             from kallithea.lib.compat import json
             log = logging.getLogger(__name__)
             class UserGroupsController(BaseController):
                 """REST Controller styled on the Atom Publishing Protocol"""
                 @LoginRequired()
                 def __before__(self):
                     super(UserGroupsController, self).__before__()
                     c.available_permissions = config['available_permissions']
                 def __load_data(self, user_group_id):
                     c.group_members_obj = sorted((x.user for x in c.user_group.members),
                                                  key=lambda u: u.username.lower())
                     c.group_members = [(x.user_id, x.username) for x in c.group_members_obj]
                     c.available_members = sorted(((x.user_id, x.username) for x in
                                                   User.query().all()),
                                                  key=lambda u: u[1].lower())
                 def __load_defaults(self, user_group_id):
                     """
                     Load defaults settings for edit, and update
                     :param user_group_id:
                     """
                     user_group = UserGroup.get_or_404(user_group_id)
                     data = user_group.get_dict()
                     return data
                 def index(self, format='html'):
                     """GET /users_groups: All items in the collection"""
                     # url('users_groups')
                     _list = UserGroup.query()\
                                     .order_by(func.lower(UserGroup.users_group_name))\
                                     .all()
                     group_iter = UserGroupList(_list, perm_set=['usergroup.admin'])
                     user_groups_data = []
                     total_records = len(group_iter)
                     _tmpl_lookup = kallithea.CONFIG['pylons.app_globals'].mako_lookup
                     template = _tmpl_lookup.get_template('data_table/_dt_elements.html')
                     user_group_name = lambda user_group_id, user_group_name: (
                         template.get_def("user_group_name")
                         .render(user_group_id, user_group_name, _=_, h=h, c=c)
                     )
                     user_group_actions = lambda user_group_id, user_group_name: (
                         template.get_def("user_group_actions")
                         .render(user_group_id, user_group_name, _=_, h=h, c=c)
                     )
                     for user_gr in group_iter:
                         user_groups_data.append({
                             "raw_name": user_gr.users_group_name,
                             "group_name": user_group_name(user_gr.users_group_id,
                                                           user_gr.users_group_name),
                             "desc": user_gr.user_group_description,
                             "members": len(user_gr.members),
                             "active": h.boolicon(user_gr.users_group_active),
                             "owner": h.person(user_gr.user.username),
                             "action": user_group_actions(user_gr.users_group_id, user_gr.users_group_name)
                         })
                     c.data = json.dumps({
                         "totalRecords": total_records,
                         "startIndex": 0,
                         "sort": None,
                         "dir": "asc",
                         "records": user_groups_data
                     })
                     return render('admin/user_groups/user_groups.html')
                 @HasPermissionAnyDecorator('hg.admin', 'hg.usergroup.create.true')
                 def create(self):
                     """POST /users_groups: Create a new item"""
                     # url('users_groups')
                     users_group_form = UserGroupForm()()
                     try:
                         form_result = users_group_form.to_python(dict(request.POST))
                         ug = UserGroupModel().create(name=form_result['users_group_name'],
                                                      description=form_result['user_group_description'],
                                                      owner=self.authuser.user_id,
                                                      active=form_result['users_group_active'])
                         gr = form_result['users_group_name']
                         action_logger(self.authuser,
                                       'admin_created_users_group:%s' % gr,
                                       None, self.ip_addr, self.sa)
                         h.flash(h.literal(_('Created user group %s') % h.link_to(h.escape(gr), url('edit_users_group', id=ug.users_group_id))),
                             category='success')
                         Session().commit()
                     except formencode.Invalid, errors:
                         return htmlfill.render(
                             render('admin/user_groups/user_group_add.html'),
                             defaults=errors.value,
                             errors=errors.error_dict or {},
                             prefix_error=False,
-                            encoding="UTF-8")
+                            encoding="UTF-8",
+                            force_defaults=False)
                     except Exception:
                         log.error(traceback.format_exc())
                         h.flash(_('Error occurred during creation of user group %s') \
                                 % request.POST.get('users_group_name'), category='error')
                     return redirect(url('users_groups'))
                 @HasPermissionAnyDecorator('hg.admin', 'hg.usergroup.create.true')
                 def new(self, format='html'):
                     """GET /user_groups/new: Form to create a new item"""
                     # url('new_users_group')
                     return render('admin/user_groups/user_group_add.html')
                 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
                 def update(self, id):
                     """PUT /user_groups/id: Update an existing item"""
                     # Forms posted to this method should contain a hidden field:
                     #    <input type="hidden" name="_method" value="PUT" />
                     # Or using helpers:
                     #    h.form(url('users_group', id=ID),
                     #           method='put')
                     # url('users_group', id=ID)
                     c.user_group = UserGroup.get_or_404(id)
                     c.active = 'settings'
                     self.__load_data(id)
                     available_members = [safe_unicode(x[0]) for x in c.available_members]
                     users_group_form = UserGroupForm(edit=True,
                                                      old_data=c.user_group.get_dict(),
                                                      available_members=available_members)()
                     try:
                         form_result = users_group_form.to_python(request.POST)
                         UserGroupModel().update(c.user_group, form_result)
                         gr = form_result['users_group_name']
                         action_logger(self.authuser,
                                       'admin_updated_users_group:%s' % gr,
                                       None, self.ip_addr, self.sa)
                         h.flash(_('Updated user group %s') % gr, category='success')
                         Session().commit()
                     except formencode.Invalid, errors:
                         ug_model = UserGroupModel()
                         defaults = errors.value
                         e = errors.error_dict or {}
                         defaults.update({
                             'create_repo_perm': ug_model.has_perm(id,
                                                                   'hg.create.repository'),
                             'fork_repo_perm': ug_model.has_perm(id,
                                                                 'hg.fork.repository'),
                             '_method': 'put'
                         })
                         return htmlfill.render(
                             render('admin/user_groups/user_group_edit.html'),
                             defaults=defaults,
                             errors=e,
                             prefix_error=False,
-                            encoding="UTF-8")
+                            encoding="UTF-8",
+                            force_defaults=False)
                     except Exception:
                         log.error(traceback.format_exc())
                         h.flash(_('Error occurred during update of user group %s') \
                                 % request.POST.get('users_group_name'), category='error')
                     return redirect(url('edit_users_group', id=id))
                 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
                 def delete(self, id):
                     """DELETE /user_groups/id: Delete an existing item"""
                     # Forms posted to this method should contain a hidden field:
                     #    <input type="hidden" name="_method" value="DELETE" />
                     # Or using helpers:
                     #    h.form(url('users_group', id=ID),
                     #           method='delete')
                     # url('users_group', id=ID)
                     usr_gr = UserGroup.get_or_404(id)
                     try:
                         UserGroupModel().delete(usr_gr)
                         Session().commit()
                         h.flash(_('Successfully deleted user group'), category='success')
                     except UserGroupsAssignedException, e:
                         h.flash(e, category='error')
                     except Exception:
                         log.error(traceback.format_exc())
                         h.flash(_('An error occurred during deletion of user group'),
                                 category='error')
                     return redirect(url('users_groups'))
                 def show(self, id, format='html'):
                     """GET /user_groups/id: Show a specific item"""
                     # url('users_group', id=ID)
                 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
                 def edit(self, id, format='html'):
                     """GET /user_groups/id/edit: Form to edit an existing item"""
                     # url('edit_users_group', id=ID)
                     c.user_group = UserGroup.get_or_404(id)
                     c.active = 'settings'
                     self.__load_data(id)
                     defaults = self.__load_defaults(id)
                     return htmlfill.render(
                         render('admin/user_groups/user_group_edit.html'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False
                     )
                 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
                 def edit_perms(self, id):
                     c.user_group = UserGroup.get_or_404(id)
                     c.active = 'perms'
                     repo_model = RepoModel()
                     c.users_array = repo_model.get_users_js()
                     c.user_groups_array = repo_model.get_user_groups_js()
                     defaults = {}
                     # fill user group users
                     for p in c.user_group.user_user_group_to_perm:
                         defaults.update({'u_perm_%s' % p.user.username:
                                          p.permission.permission_name})
                     for p in c.user_group.user_group_user_group_to_perm:
                         defaults.update({'g_perm_%s' % p.user_group.users_group_name:
                                          p.permission.permission_name})
                     return htmlfill.render(
                         render('admin/user_groups/user_group_edit.html'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False
                     )
                 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
                 def update_perms(self, id):
                     """
                     grant permission for given usergroup
                     :param id:
                     """
                     user_group = UserGroup.get_or_404(id)
                     form = UserGroupPermsForm()().to_python(request.POST)
                     # set the permissions !
                     try:
                         UserGroupModel()._update_permissions(user_group, form['perms_new'],
                                                              form['perms_updates'])
                     except RepoGroupAssignmentError:
                         h.flash(_('Target group cannot be the same'), category='error')
                         return redirect(url('edit_user_group_perms', id=id))
                     #TODO: implement this
                     #action_logger(self.authuser, 'admin_changed_repo_permissions',
                     #              repo_name, self.ip_addr, self.sa)
                     Session().commit()
                     h.flash(_('User Group permissions updated'), category='success')
                     return redirect(url('edit_user_group_perms', id=id))
                 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
                 def delete_perms(self, id):
                     """
                     DELETE an existing repository group permission user
                     :param group_name:
                     """
                     try:
                         obj_type = request.POST.get('obj_type')
                         obj_id = None
                         if obj_type == 'user':
                             obj_id = safe_int(request.POST.get('user_id'))
                         elif obj_type == 'user_group':
                             obj_id = safe_int(request.POST.get('user_group_id'))
                         if not c.authuser.is_admin:
                             if obj_type == 'user' and c.authuser.user_id == obj_id:
                                 msg = _('Cannot revoke permission for yourself as admin')
                                 h.flash(msg, category='warning')
                                 raise Exception('revoke admin permission on self')
                         if obj_type == 'user':
                             UserGroupModel().revoke_user_permission(user_group=id,
                                                                     user=obj_id)
                         elif obj_type == 'user_group':
                             UserGroupModel().revoke_user_group_permission(target_user_group=id,
                                                                           user_group=obj_id)
                         Session().commit()
                     except Exception:
                         log.error(traceback.format_exc())
                         h.flash(_('An error occurred during revoking of permission'),
                                 category='error')
                         raise HTTPInternalServerError()
                 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
                 def edit_default_perms(self, id):
                     c.user_group = UserGroup.get_or_404(id)
                     c.active = 'default_perms'
                     permissions = {
                         'repositories': {},
                         'repositories_groups': {}
                     }
                     ugroup_repo_perms = UserGroupRepoToPerm.query()\
                         .options(joinedload(UserGroupRepoToPerm.permission))\
                         .options(joinedload(UserGroupRepoToPerm.repository))\
                         .filter(UserGroupRepoToPerm.users_group_id == id)\
                         .all()
                     for gr in ugroup_repo_perms:
                         permissions['repositories'][gr.repository.repo_name]  \
                             = gr.permission.permission_name
                     ugroup_group_perms = UserGroupRepoGroupToPerm.query()\
                         .options(joinedload(UserGroupRepoGroupToPerm.permission))\
                         .options(joinedload(UserGroupRepoGroupToPerm.group))\
                         .filter(UserGroupRepoGroupToPerm.users_group_id == id)\
                         .all()
                     for gr in ugroup_group_perms:
                         permissions['repositories_groups'][gr.group.group_name] \
                             = gr.permission.permission_name
                     c.permissions = permissions
                     ug_model = UserGroupModel()
                     defaults = c.user_group.get_dict()
                     defaults.update({
                         'create_repo_perm': ug_model.has_perm(c.user_group,
                                                               'hg.create.repository'),
                         'create_user_group_perm': ug_model.has_perm(c.user_group,
                                                                     'hg.usergroup.create.true'),
                         'fork_repo_perm': ug_model.has_perm(c.user_group,
                                                             'hg.fork.repository'),
                     })
                     return htmlfill.render(
                         render('admin/user_groups/user_group_edit.html'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False
                     )
                 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
                 def update_default_perms(self, id):
                     """PUT /users_perm/id: Update an existing item"""
                     # url('users_group_perm', id=ID, method='put')
                     user_group = UserGroup.get_or_404(id)
                     try:
                         form = CustomDefaultPermissionsForm()()
                         form_result = form.to_python(request.POST)
                         inherit_perms = form_result['inherit_default_permissions']
                         user_group.inherit_default_permissions = inherit_perms
                         Session().add(user_group)
                         usergroup_model = UserGroupModel()
                         defs = UserGroupToPerm.query()\
                             .filter(UserGroupToPerm.users_group == user_group)\
                             .all()
                         for ug in defs:
                             Session().delete(ug)
                         if form_result['create_repo_perm']:
                             usergroup_model.grant_perm(id, 'hg.create.repository')
                         else:
                             usergroup_model.grant_perm(id, 'hg.create.none')
                         if form_result['create_user_group_perm']:
                             usergroup_model.grant_perm(id, 'hg.usergroup.create.true')
                         else:
                             usergroup_model.grant_perm(id, 'hg.usergroup.create.false')
                         if form_result['fork_repo_perm']:
                             usergroup_model.grant_perm(id, 'hg.fork.repository')
                         else:
                             usergroup_model.grant_perm(id, 'hg.fork.none')
                         h.flash(_("Updated permissions"), category='success')
                         Session().commit()
                     except Exception:
                         log.error(traceback.format_exc())
                         h.flash(_('An error occurred during permissions saving'),
                                 category='error')
                     return redirect(url('edit_user_group_default_perms', id=id))
                 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
                 def edit_advanced(self, id):
                     c.user_group = UserGroup.get_or_404(id)
                     c.active = 'advanced'
                     c.group_members_obj = sorted((x.user for x in c.user_group.members),
                                                  key=lambda u: u.username.lower())
                     return render('admin/user_groups/user_group_edit.html')
                 @HasUserGroupPermissionAnyDecorator('usergroup.admin')
                 def edit_members(self, id):
                     c.user_group = UserGroup.get_or_404(id)
                     c.active = 'members'
                     c.group_members_obj = sorted((x.user for x in c.user_group.members),
                                                  key=lambda u: u.username.lower())
                     c.group_members = [(x.user_id, x.username) for x in c.group_members_obj]
                     return render('admin/user_groups/user_group_edit.html')

kallithea/controllers/admin/users.py

0 +4 -2

             # -*- coding: utf-8 -*-
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU General Public License as published by
             # the Free Software Foundation, either version 3 of the License, or
             # (at your option) any later version.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             """
             kallithea.controllers.admin.users
             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
             Users crud controller for pylons
             This file was forked by the Kallithea project in July 2014.
             Original author and date, and relevant copyright and licensing information is below:
             :created_on: Apr 4, 2010
             :author: marcink
             :copyright: (c) 2013 RhodeCode GmbH, and others.
             :license: GPLv3, see LICENSE.md for more details.
             """
             import logging
             import traceback
             import formencode
             from formencode import htmlfill
             from pylons import request, tmpl_context as c, url, config
             from pylons.controllers.util import redirect
             from pylons.i18n.translation import _
             from sqlalchemy.sql.expression import func
             import kallithea
             from kallithea.lib.exceptions import DefaultUserException, \
                 UserOwnsReposException, UserCreationError
             from kallithea.lib import helpers as h
             from kallithea.lib.auth import LoginRequired, HasPermissionAllDecorator, \
                 AuthUser, generate_api_key
             import kallithea.lib.auth_modules.auth_internal
             from kallithea.lib import auth_modules
             from kallithea.lib.base import BaseController, render
             from kallithea.model.api_key import ApiKeyModel
             from kallithea.model.db import User, UserEmailMap, UserIpMap, UserToPerm
             from kallithea.model.forms import UserForm, CustomDefaultPermissionsForm
             from kallithea.model.user import UserModel
             from kallithea.model.meta import Session
             from kallithea.lib.utils import action_logger
             from kallithea.lib.compat import json
             from kallithea.lib.utils2 import datetime_to_time, safe_int
             log = logging.getLogger(__name__)
             class UsersController(BaseController):
                 """REST Controller styled on the Atom Publishing Protocol"""
                 @LoginRequired()
                 @HasPermissionAllDecorator('hg.admin')
                 def __before__(self):
                     super(UsersController, self).__before__()
                     c.available_permissions = config['available_permissions']
                     c.EXTERN_TYPE_INTERNAL = kallithea.EXTERN_TYPE_INTERNAL
                 def index(self, format='html'):
                     """GET /users: All items in the collection"""
                     # url('users')
                     c.users_list = User.query().order_by(User.username)\
                                     .filter(User.username != User.DEFAULT_USER)\
                                     .order_by(func.lower(User.username))\
                                     .all()
                     users_data = []
                     total_records = len(c.users_list)
                     _tmpl_lookup = kallithea.CONFIG['pylons.app_globals'].mako_lookup
                     template = _tmpl_lookup.get_template('data_table/_dt_elements.html')
                     grav_tmpl = '<div class="gravatar">%s</div>'
                     username = lambda user_id, username: (
                             template.get_def("user_name")
                             .render(user_id, username, _=_, h=h, c=c))
                     user_actions = lambda user_id, username: (
                             template.get_def("user_actions")
                             .render(user_id, username, _=_, h=h, c=c))
                     for user in c.users_list:
                         users_data.append({
                             "gravatar": grav_tmpl % h.gravatar(user.email, size=20),
                             "raw_name": user.username,
                             "username": username(user.user_id, user.username),
                             "firstname": user.name,
                             "lastname": user.lastname,
                             "last_login": h.fmt_date(user.last_login),
                             "last_login_raw": datetime_to_time(user.last_login),
                             "active": h.boolicon(user.active),
                             "admin": h.boolicon(user.admin),
                             "extern_type": user.extern_type,
                             "extern_name": user.extern_name,
                             "action": user_actions(user.user_id, user.username),
                         })
                     c.data = json.dumps({
                         "totalRecords": total_records,
                         "startIndex": 0,
                         "sort": None,
                         "dir": "asc",
                         "records": users_data
                     })
                     return render('admin/users/users.html')
                 def create(self):
                     """POST /users: Create a new item"""
                     # url('users')
                     c.default_extern_type = auth_modules.auth_internal.KallitheaAuthPlugin.name
                     user_model = UserModel()
                     user_form = UserForm()()
                     try:
                         form_result = user_form.to_python(dict(request.POST))
                         user = user_model.create(form_result)
                         usr = form_result['username']
                         action_logger(self.authuser, 'admin_created_user:%s' % usr,
                                       None, self.ip_addr, self.sa)
                         h.flash(h.literal(_('Created user %s') % h.link_to(h.escape(usr), url('edit_user', id=user.user_id))),
                                 category='success')
                         Session().commit()
                     except formencode.Invalid, errors:
                         return htmlfill.render(
                             render('admin/users/user_add.html'),
                             defaults=errors.value,
                             errors=errors.error_dict or {},
                             prefix_error=False,
-                            encoding="UTF-8")
+                            encoding="UTF-8",
+                            force_defaults=False)
                     except UserCreationError, e:
                         h.flash(e, 'error')
                     except Exception:
                         log.error(traceback.format_exc())
                         h.flash(_('Error occurred during creation of user %s') \
                                 % request.POST.get('username'), category='error')
                     return redirect(url('users'))
                 def new(self, format='html'):
                     """GET /users/new: Form to create a new item"""
                     # url('new_user')
                     c.default_extern_type = auth_modules.auth_internal.KallitheaAuthPlugin.name
                     return render('admin/users/user_add.html')
                 def update(self, id):
                     """PUT /users/id: Update an existing item"""
                     # Forms posted to this method should contain a hidden field:
                     #    <input type="hidden" name="_method" value="PUT" />
                     # Or using helpers:
                     #    h.form(url('update_user', id=ID),
                     #           method='put')
                     # url('user', id=ID)
                     c.active = 'profile'
                     user_model = UserModel()
                     c.user = user_model.get(id)
                     c.extern_type = c.user.extern_type
                     c.extern_name = c.user.extern_name
                     c.perm_user = AuthUser(user_id=id, ip_addr=self.ip_addr)
                     _form = UserForm(edit=True, old_data={'user_id': id,
                                                           'email': c.user.email})()
                     form_result = {}
                     try:
                         form_result = _form.to_python(dict(request.POST))
                         skip_attrs = ['extern_type', 'extern_name']
                         #TODO: plugin should define if username can be updated
                         if c.extern_type != kallithea.EXTERN_TYPE_INTERNAL:
                             # forbid updating username for external accounts
                             skip_attrs.append('username')
                         user_model.update(id, form_result, skip_attrs=skip_attrs)
                         usr = form_result['username']
                         action_logger(self.authuser, 'admin_updated_user:%s' % usr,
                                       None, self.ip_addr, self.sa)
                         h.flash(_('User updated successfully'), category='success')
                         Session().commit()
                     except formencode.Invalid, errors:
                         defaults = errors.value
                         e = errors.error_dict or {}
                         defaults.update({
                             'create_repo_perm': user_model.has_perm(id,
                                                                     'hg.create.repository'),
                             'fork_repo_perm': user_model.has_perm(id, 'hg.fork.repository'),
                             '_method': 'put'
                         })
                         return htmlfill.render(
                             render('admin/users/user_edit.html'),
                             defaults=defaults,
                             errors=e,
                             prefix_error=False,
-                            encoding="UTF-8")
+                            encoding="UTF-8",
+                            force_defaults=False)
                     except Exception:
                         log.error(traceback.format_exc())
                         h.flash(_('Error occurred during update of user %s') \
                                 % form_result.get('username'), category='error')
                     return redirect(url('edit_user', id=id))
                 def delete(self, id):
                     """DELETE /users/id: Delete an existing item"""
                     # Forms posted to this method should contain a hidden field:
                     #    <input type="hidden" name="_method" value="DELETE" />
                     # Or using helpers:
                     #    h.form(url('delete_user', id=ID),
                     #           method='delete')
                     # url('user', id=ID)
                     usr = User.get_or_404(id)
                     try:
                         UserModel().delete(usr)
                         Session().commit()
                         h.flash(_('Successfully deleted user'), category='success')
                     except (UserOwnsReposException, DefaultUserException), e:
                         h.flash(e, category='warning')
                     except Exception:
                         log.error(traceback.format_exc())
                         h.flash(_('An error occurred during deletion of user'),
                                 category='error')
                     return redirect(url('users'))
                 def show(self, id, format='html'):
                     """GET /users/id: Show a specific item"""
                     # url('user', id=ID)
                     User.get_or_404(-1)
                 def edit(self, id, format='html'):
                     """GET /users/id/edit: Form to edit an existing item"""
                     # url('edit_user', id=ID)
                     c.user = User.get_or_404(id)
                     if c.user.username == User.DEFAULT_USER:
                         h.flash(_("You can't edit this user"), category='warning')
                         return redirect(url('users'))
                     c.active = 'profile'
                     c.extern_type = c.user.extern_type
                     c.extern_name = c.user.extern_name
                     c.perm_user = AuthUser(user_id=id, ip_addr=self.ip_addr)
                     defaults = c.user.get_dict()
                     return htmlfill.render(
                         render('admin/users/user_edit.html'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False)
                 def edit_advanced(self, id):
                     c.user = User.get_or_404(id)
                     if c.user.username == User.DEFAULT_USER:
                         h.flash(_("You can't edit this user"), category='warning')
                         return redirect(url('users'))
                     c.active = 'advanced'
                     c.perm_user = AuthUser(user_id=id, ip_addr=self.ip_addr)
                     umodel = UserModel()
                     defaults = c.user.get_dict()
                     defaults.update({
                         'create_repo_perm': umodel.has_perm(c.user, 'hg.create.repository'),
                         'create_user_group_perm': umodel.has_perm(c.user,
                                                                   'hg.usergroup.create.true'),
                         'fork_repo_perm': umodel.has_perm(c.user, 'hg.fork.repository'),
                     })
                     return htmlfill.render(
                         render('admin/users/user_edit.html'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False)
                 def edit_api_keys(self, id):
                     c.user = User.get_or_404(id)
                     if c.user.username == User.DEFAULT_USER:
                         h.flash(_("You can't edit this user"), category='warning')
                         return redirect(url('users'))
                     c.active = 'api_keys'
                     show_expired = True
                     c.lifetime_values = [
                         (str(-1), _('forever')),
                         (str(5), _('5 minutes')),
                         (str(60), _('1 hour')),
                         (str(60 * 24), _('1 day')),
                         (str(60 * 24 * 30), _('1 month')),
                     ]
                     c.lifetime_options = [(c.lifetime_values, _("Lifetime"))]
                     c.user_api_keys = ApiKeyModel().get_api_keys(c.user.user_id,
                                                                  show_expired=show_expired)
                     defaults = c.user.get_dict()
                     return htmlfill.render(
                         render('admin/users/user_edit.html'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False)
                 def add_api_key(self, id):
                     c.user = User.get_or_404(id)
                     if c.user.username == User.DEFAULT_USER:
                         h.flash(_("You can't edit this user"), category='warning')
                         return redirect(url('users'))
                     lifetime = safe_int(request.POST.get('lifetime'), -1)
                     description = request.POST.get('description')
                     ApiKeyModel().create(c.user.user_id, description, lifetime)
                     Session().commit()
                     h.flash(_("Api key successfully created"), category='success')
                     return redirect(url('edit_user_api_keys', id=c.user.user_id))
                 def delete_api_key(self, id):
                     c.user = User.get_or_404(id)
                     if c.user.username == User.DEFAULT_USER:
                         h.flash(_("You can't edit this user"), category='warning')
                         return redirect(url('users'))
                     api_key = request.POST.get('del_api_key')
                     if request.POST.get('del_api_key_builtin'):
                         user = User.get(c.user.user_id)
                         if user:
                             user.api_key = generate_api_key(user.username)
                             Session().add(user)
                             Session().commit()
                             h.flash(_("Api key successfully reset"), category='success')
                     elif api_key:
                         ApiKeyModel().delete(api_key, c.user.user_id)
                         Session().commit()
                         h.flash(_("Api key successfully deleted"), category='success')
                     return redirect(url('edit_user_api_keys', id=c.user.user_id))
                 def update_account(self, id):
                     pass
                 def edit_perms(self, id):
                     c.user = User.get_or_404(id)
                     if c.user.username == User.DEFAULT_USER:
                         h.flash(_("You can't edit this user"), category='warning')
                         return redirect(url('users'))
                     c.active = 'perms'
                     c.perm_user = AuthUser(user_id=id, ip_addr=self.ip_addr)
                     umodel = UserModel()
                     defaults = c.user.get_dict()
                     defaults.update({
                         'create_repo_perm': umodel.has_perm(c.user, 'hg.create.repository'),
                         'create_user_group_perm': umodel.has_perm(c.user,
                                                                   'hg.usergroup.create.true'),
                         'fork_repo_perm': umodel.has_perm(c.user, 'hg.fork.repository'),
                     })
                     return htmlfill.render(
                         render('admin/users/user_edit.html'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False)
                 def update_perms(self, id):
                     """PUT /users_perm/id: Update an existing item"""
                     # url('user_perm', id=ID, method='put')
                     user = User.get_or_404(id)
                     try:
                         form = CustomDefaultPermissionsForm()()
                         form_result = form.to_python(request.POST)
                         inherit_perms = form_result['inherit_default_permissions']
                         user.inherit_default_permissions = inherit_perms
                         Session().add(user)
                         user_model = UserModel()
                         defs = UserToPerm.query()\
                             .filter(UserToPerm.user == user)\
                             .all()
                         for ug in defs:
                             Session().delete(ug)
                         if form_result['create_repo_perm']:
                             user_model.grant_perm(id, 'hg.create.repository')
                         else:
                             user_model.grant_perm(id, 'hg.create.none')
                         if form_result['create_user_group_perm']:
                             user_model.grant_perm(id, 'hg.usergroup.create.true')
                         else:
                             user_model.grant_perm(id, 'hg.usergroup.create.false')
                         if form_result['fork_repo_perm']:
                             user_model.grant_perm(id, 'hg.fork.repository')
                         else:
                             user_model.grant_perm(id, 'hg.fork.none')
                         h.flash(_("Updated permissions"), category='success')
                         Session().commit()
                     except Exception:
                         log.error(traceback.format_exc())
                         h.flash(_('An error occurred during permissions saving'),
                                 category='error')
                     return redirect(url('edit_user_perms', id=id))
                 def edit_emails(self, id):
                     c.user = User.get_or_404(id)
                     if c.user.username == User.DEFAULT_USER:
                         h.flash(_("You can't edit this user"), category='warning')
                         return redirect(url('users'))
                     c.active = 'emails'
                     c.user_email_map = UserEmailMap.query()\
                         .filter(UserEmailMap.user == c.user).all()
                     defaults = c.user.get_dict()
                     return htmlfill.render(
                         render('admin/users/user_edit.html'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False)
                 def add_email(self, id):
                     """POST /user_emails:Add an existing item"""
                     # url('user_emails', id=ID, method='put')
                     email = request.POST.get('new_email')
                     user_model = UserModel()
                     try:
                         user_model.add_extra_email(id, email)
                         Session().commit()
                         h.flash(_("Added email %s to user") % email, category='success')
                     except formencode.Invalid, error:
                         msg = error.error_dict['email']
                         h.flash(msg, category='error')
                     except Exception:
                         log.error(traceback.format_exc())
                         h.flash(_('An error occurred during email saving'),
                                 category='error')
                     return redirect(url('edit_user_emails', id=id))
                 def delete_email(self, id):
                     """DELETE /user_emails_delete/id: Delete an existing item"""
                     # url('user_emails_delete', id=ID, method='delete')
                     email_id = request.POST.get('del_email_id')
                     user_model = UserModel()
                     user_model.delete_extra_email(id, email_id)
                     Session().commit()
                     h.flash(_("Removed email from user"), category='success')
                     return redirect(url('edit_user_emails', id=id))
                 def edit_ips(self, id):
                     c.user = User.get_or_404(id)
                     if c.user.username == User.DEFAULT_USER:
                         h.flash(_("You can't edit this user"), category='warning')
                         return redirect(url('users'))
                     c.active = 'ips'
                     c.user_ip_map = UserIpMap.query()\
                         .filter(UserIpMap.user == c.user).all()
                     c.inherit_default_ips = c.user.inherit_default_permissions
                     c.default_user_ip_map = UserIpMap.query()\
                         .filter(UserIpMap.user == User.get_default_user()).all()
                     defaults = c.user.get_dict()
                     return htmlfill.render(
                         render('admin/users/user_edit.html'),
                         defaults=defaults,
                         encoding="UTF-8",
                         force_defaults=False)
                 def add_ip(self, id):
                     """POST /user_ips:Add an existing item"""
                     # url('user_ips', id=ID, method='put')
                     ip = request.POST.get('new_ip')
                     user_model = UserModel()
                     try:
                         user_model.add_extra_ip(id, ip)
                         Session().commit()
                         h.flash(_("Added ip %s to user whitelist") % ip, category='success')
                     except formencode.Invalid, error:
                         msg = error.error_dict['ip']
                         h.flash(msg, category='error')
                     except Exception:
                         log.error(traceback.format_exc())
                         h.flash(_('An error occurred during ip saving'),
                                 category='error')
                     if 'default_user' in request.POST:
                         return redirect(url('admin_permissions_ips'))
                     return redirect(url('edit_user_ips', id=id))
                 def delete_ip(self, id):
                     """DELETE /user_ips_delete/id: Delete an existing item"""
                     # url('user_ips_delete', id=ID, method='delete')
                     ip_id = request.POST.get('del_ip_id')
                     user_model = UserModel()
                     user_model.delete_extra_ip(id, ip_id)
                     Session().commit()
                     h.flash(_("Removed ip address from user whitelist"), category='success')
                     if 'default_user' in request.POST:
                         return redirect(url('admin_permissions_ips'))
                     return redirect(url('edit_user_ips', id=id))

kallithea/controllers/forks.py

0 +3 -3

             # -*- coding: utf-8 -*-
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU General Public License as published by
             # the Free Software Foundation, either version 3 of the License, or
             # (at your option) any later version.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             """
             kallithea.controllers.forks
             ~~~~~~~~~~~~~~~~~~~~~~~~~~~
             forks controller for Kallithea
             This file was forked by the Kallithea project in July 2014.
             Original author and date, and relevant copyright and licensing information is below:
             :created_on: Apr 23, 2011
             :author: marcink
             :copyright: (c) 2013 RhodeCode GmbH, and others.
             :license: GPLv3, see LICENSE.md for more details.
             """
             import logging
             import formencode
             import traceback
             from formencode import htmlfill
             from pylons import tmpl_context as c, request, url
             from pylons.controllers.util import redirect
             from pylons.i18n.translation import _
             import kallithea.lib.helpers as h
             from kallithea.lib.helpers import Page
             from kallithea.lib.auth import LoginRequired, HasRepoPermissionAnyDecorator, \
                 NotAnonymous, HasRepoPermissionAny, HasPermissionAnyDecorator
             from kallithea.lib.base import BaseRepoController, render
             from kallithea.model.db import Repository, RepoGroup, UserFollowing, User,\
                 Ui
             from kallithea.model.repo import RepoModel
             from kallithea.model.forms import RepoForkForm
             from kallithea.model.scm import ScmModel, RepoGroupList
             from kallithea.lib.utils2 import safe_int
             log = logging.getLogger(__name__)
             class ForksController(BaseRepoController):
                 def __before__(self):
                     super(ForksController, self).__before__()
                 def __load_defaults(self):
                     acl_groups = RepoGroupList(RepoGroup.query().all(),
                                            perm_set=['group.write', 'group.admin'])
                     c.repo_groups = RepoGroup.groups_choices(groups=acl_groups)
                     c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups)
                     choices, c.landing_revs = ScmModel().get_repo_landing_revs()
                     c.landing_revs_choices = choices
                     c.can_update = Ui.get_by_key(Ui.HOOK_UPDATE).ui_active
                 def __load_data(self, repo_name=None):
                     """
                     Load defaults settings for edit, and update
                     :param repo_name:
                     """
                     self.__load_defaults()
                     c.repo_info = db_repo = Repository.get_by_repo_name(repo_name)
                     repo = db_repo.scm_instance
                     if c.repo_info is None:
                         h.not_mapped_error(repo_name)
                         return redirect(url('repos'))
                     c.default_user_id = User.get_default_user().user_id
                     c.in_public_journal = UserFollowing.query()\
                         .filter(UserFollowing.user_id == c.default_user_id)\
                         .filter(UserFollowing.follows_repository == c.repo_info).scalar()
                     if c.repo_info.stats:
                         last_rev = c.repo_info.stats.stat_on_revision+1
                     else:
                         last_rev = 0
                     c.stats_revision = last_rev
                     c.repo_last_rev = repo.count() if repo.revisions else 0
                     if last_rev == 0 or c.repo_last_rev == 0:
                         c.stats_percentage = 0
                     else:
                         c.stats_percentage = '%.2f' % ((float((last_rev)) /
                                                         c.repo_last_rev) * 100)
                     defaults = RepoModel()._get_defaults(repo_name)
                     # alter the description to indicate a fork
                     defaults['description'] = ('fork of repository: %s \n%s'
                                                % (defaults['repo_name'],
                                                   defaults['description']))
                     # add suffix to fork
                     defaults['repo_name'] = '%s-fork' % defaults['repo_name']
                     return defaults
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
                                                'repository.admin')
                 def forks(self, repo_name):
                     p = safe_int(request.GET.get('page', 1), 1)
                     repo_id = c.db_repo.repo_id
                     d = []
                     for r in Repository.get_repo_forks(repo_id):
                         if not HasRepoPermissionAny(
                             'repository.read', 'repository.write', 'repository.admin'
                         )(r.repo_name, 'get forks check'):
                             continue
                         d.append(r)
                     c.forks_pager = Page(d, page=p, items_per_page=20)
                     if request.environ.get('HTTP_X_PARTIAL_XHR'):
                         return render('/forks/forks_data.html')
                     return render('/forks/forks.html')
                 @LoginRequired()
                 @NotAnonymous()
                 @HasPermissionAnyDecorator('hg.admin', 'hg.fork.repository')
                 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
                                                'repository.admin')
                 def fork(self, repo_name):
                     c.repo_info = Repository.get_by_repo_name(repo_name)
                     if not c.repo_info:
                         h.not_mapped_error(repo_name)
                         return redirect(url('home'))
                     defaults = self.__load_data(repo_name)
                     return htmlfill.render(
                         render('forks/fork.html'),
                         defaults=defaults,
                         encoding="UTF-8",
-                        force_defaults=False
+                        force_defaults=False)
                 @LoginRequired()
                 @NotAnonymous()
                 @HasPermissionAnyDecorator('hg.admin', 'hg.fork.repository')
                 @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
                                                'repository.admin')
                 def fork_create(self, repo_name):
                     self.__load_defaults()
                     c.repo_info = Repository.get_by_repo_name(repo_name)
                     _form = RepoForkForm(old_data={'repo_type': c.repo_info.repo_type},
                                          repo_groups=c.repo_groups_choices,
                                          landing_revs=c.landing_revs_choices)()
                     form_result = {}
                     task_id = None
                     try:
                         form_result = _form.to_python(dict(request.POST))
                         # an approximation that is better than nothing
                         if not Ui.get_by_key(Ui.HOOK_UPDATE).ui_active:
                             form_result['update_after_clone'] = False
                         # create fork is done sometimes async on celery, db transaction
                         # management is handled there.
                         task = RepoModel().create_fork(form_result, self.authuser.user_id)
                         from celery.result import BaseAsyncResult
                         if isinstance(task, BaseAsyncResult):
                             task_id = task.task_id
                     except formencode.Invalid, errors:
                         c.new_repo = errors.value['repo_name']
                         return htmlfill.render(
                             render('forks/fork.html'),
                             defaults=errors.value,
                             errors=errors.error_dict or {},
                             prefix_error=False,
-                            encoding="UTF-8")
+                            encoding="UTF-8",
+                            force_defaults=False)
                     except Exception:
                         log.error(traceback.format_exc())
                         h.flash(_('An error occurred during repository forking %s') %
                                 repo_name, category='error')
                     return redirect(h.url('repo_creating_home',
                                           repo_name=form_result['repo_name_full'],
                                           task_id=task_id))

kallithea/controllers/login.py

0 +6 -3

             # -*- coding: utf-8 -*-
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU General Public License as published by
             # the Free Software Foundation, either version 3 of the License, or
             # (at your option) any later version.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             """
             kallithea.controllers.login
             ~~~~~~~~~~~~~~~~~~~~~~~~~~~
             Login controller for Kallithea
             This file was forked by the Kallithea project in July 2014.
             Original author and date, and relevant copyright and licensing information is below:
             :created_on: Apr 22, 2010
             :author: marcink
             :copyright: (c) 2013 RhodeCode GmbH, and others.
             :license: GPLv3, see LICENSE.md for more details.
             """
             import logging
             import formencode
             import datetime
             import urlparse
             from formencode import htmlfill
             from webob.exc import HTTPFound
             from pylons.i18n.translation import _
             from pylons.controllers.util import redirect
             from pylons import request, session, tmpl_context as c, url
             import kallithea.lib.helpers as h
             from kallithea.lib.auth import AuthUser, HasPermissionAnyDecorator
             from kallithea.lib.auth_modules import importplugin
             from kallithea.lib.base import BaseController, render
             from kallithea.lib.exceptions import UserCreationError
             from kallithea.model.db import User, Setting
             from kallithea.model.forms import LoginForm, RegisterForm, PasswordResetForm
             from kallithea.model.user import UserModel
             from kallithea.model.meta import Session
             log = logging.getLogger(__name__)
             class LoginController(BaseController):
                 def __before__(self):
                     super(LoginController, self).__before__()
                 def _store_user_in_session(self, username, remember=False):
                     user = User.get_by_username(username, case_insensitive=True)
                     auth_user = AuthUser(user.user_id)
                     auth_user.set_authenticated()
                     cs = auth_user.get_cookie_store()
                     session['authuser'] = cs
                     user.update_lastlogin()
                     Session().commit()
                     # If they want to be remembered, update the cookie
                     if remember:
                         _year = (datetime.datetime.now() +
                                  datetime.timedelta(seconds=60 * 60 * 24 * 365))
                         session._set_cookie_expires(_year)
                     session.save()
                     log.info('user %s is now authenticated and stored in '
                              'session, session attrs %s' % (username, cs))
                     # dumps session attrs back to cookie
                     session._update_cookie_out()
                     # we set new cookie
                     headers = None
                     if session.request['set_cookie']:
                         # send set-cookie headers back to response to update cookie
                         headers = [('Set-Cookie', session.request['cookie_out'])]
                     return headers
                 def _validate_came_from(self, came_from):
                     if not came_from:
                         return came_from
                     parsed = urlparse.urlparse(came_from)
                     server_parsed = urlparse.urlparse(url.current())
                     allowed_schemes = ['http', 'https']
                     if parsed.scheme and parsed.scheme not in allowed_schemes:
                         log.error('Suspicious URL scheme detected %s for url %s' %
                                  (parsed.scheme, parsed))
                         came_from = url('home')
                     elif server_parsed.netloc != parsed.netloc:
                         log.error('Suspicious NETLOC detected %s for url %s server url '
                                   'is: %s' % (parsed.netloc, parsed, server_parsed))
                         came_from = url('home')
                     return came_from
                 def index(self):
                     _default_came_from = url('home')
                     came_from = self._validate_came_from(request.GET.get('came_from'))
                     c.came_from = came_from or _default_came_from
                     not_default = self.authuser.username != User.DEFAULT_USER
                     ip_allowed = self.authuser.ip_allowed
                     # redirect if already logged in
                     if self.authuser.is_authenticated and not_default and ip_allowed:
                         raise HTTPFound(location=c.came_from)
                     if request.POST:
                         # import Login Form validator class
                         login_form = LoginForm()
                         try:
                             session.invalidate()
                             c.form_result = login_form.to_python(dict(request.POST))
                             # form checks for username/password, now we're authenticated
                             headers = self._store_user_in_session(
                                                     username=c.form_result['username'],
                                                     remember=c.form_result['remember'])
                             raise HTTPFound(location=c.came_from, headers=headers)
                         except formencode.Invalid, errors:
                             defaults = errors.value
                             # remove password from filling in form again
                             del defaults['password']
                             return htmlfill.render(
                                 render('/login.html'),
                                 defaults=errors.value,
                                 errors=errors.error_dict or {},
                                 prefix_error=False,
-                                encoding="UTF-8")
+                                encoding="UTF-8",
+                                force_defaults=False)
                         except UserCreationError, e:
                             # container auth or other auth functions that create users on
                             # the fly can throw this exception signaling that there's issue
                             # with user creation, explanation should be provided in
                             # Exception itself
                             h.flash(e, 'error')
                     # check if we use container plugin, and try to login using it.
                     auth_plugins = Setting.get_auth_plugins()
                     if any((importplugin(name).is_container_auth for name in auth_plugins)):
                         from kallithea.lib import auth_modules
                         try:
                             auth_info = auth_modules.authenticate('', '', request.environ)
                         except UserCreationError, e:
                             log.error(e)
                             h.flash(e, 'error')
                             # render login, with flash message about limit
                             return render('/login.html')
                         if auth_info:
                             headers = self._store_user_in_session(auth_info.get('username'))
                             raise HTTPFound(location=c.came_from, headers=headers)
                     return render('/login.html')
                 @HasPermissionAnyDecorator('hg.admin', 'hg.register.auto_activate',
                                            'hg.register.manual_activate')
                 def register(self):
                     c.auto_active = 'hg.register.auto_activate' in User.get_default_user()\
                         .AuthUser.permissions['global']
                     settings = Setting.get_app_settings()
                     captcha_private_key = settings.get('captcha_private_key')
                     c.captcha_active = bool(captcha_private_key)
                     c.captcha_public_key = settings.get('captcha_public_key')
                     if request.POST:
                         register_form = RegisterForm()()
                         try:
                             form_result = register_form.to_python(dict(request.POST))
                             form_result['active'] = c.auto_active
                             if c.captcha_active:
                                 from kallithea.lib.recaptcha import submit
                                 response = submit(request.POST.get('recaptcha_challenge_field'),
                                                   request.POST.get('recaptcha_response_field'),
                                                   private_key=captcha_private_key,
                                                   remoteip=self.ip_addr)
                                 if c.captcha_active and not response.is_valid:
                                     _value = form_result
                                     _msg = _('bad captcha')
                                     error_dict = {'recaptcha_field': _msg}
                                     raise formencode.Invalid(_msg, _value, None,
                                                              error_dict=error_dict)
                             UserModel().create_registration(form_result)
                             h.flash(_('You have successfully registered into Kallithea'),
                                     category='success')
                             Session().commit()
                             return redirect(url('login_home'))
                         except formencode.Invalid, errors:
                             return htmlfill.render(
                                 render('/register.html'),
                                 defaults=errors.value,
                                 errors=errors.error_dict or {},
                                 prefix_error=False,
-                                encoding="UTF-8")
+                                encoding="UTF-8",
+                                force_defaults=False)
                         except UserCreationError, e:
                             # container auth or other auth functions that create users on
                             # the fly can throw this exception signaling that there's issue
                             # with user creation, explanation should be provided in
                             # Exception itself
                             h.flash(e, 'error')
                     return render('/register.html')
                 def password_reset(self):
                     settings = Setting.get_app_settings()
                     captcha_private_key = settings.get('captcha_private_key')
                     c.captcha_active = bool(captcha_private_key)
                     c.captcha_public_key = settings.get('captcha_public_key')
                     if request.POST:
                         password_reset_form = PasswordResetForm()()
                         try:
                             form_result = password_reset_form.to_python(dict(request.POST))
                             if c.captcha_active:
                                 from kallithea.lib.recaptcha import submit
                                 response = submit(request.POST.get('recaptcha_challenge_field'),
                                                   request.POST.get('recaptcha_response_field'),
                                                   private_key=captcha_private_key,
                                                   remoteip=self.ip_addr)
                                 if c.captcha_active and not response.is_valid:
                                     _value = form_result
                                     _msg = _('bad captcha')
                                     error_dict = {'recaptcha_field': _msg}
                                     raise formencode.Invalid(_msg, _value, None,
                                                              error_dict=error_dict)
                             UserModel().reset_password_link(form_result)
                             h.flash(_('Your password reset link was sent'),
                                         category='success')
                             return redirect(url('login_home'))
                         except formencode.Invalid, errors:
                             return htmlfill.render(
                                 render('/password_reset.html'),
                                 defaults=errors.value,
                                 errors=errors.error_dict or {},
                                 prefix_error=False,
-                                encoding="UTF-8")
+                                encoding="UTF-8",
+                                force_defaults=False)
                     return render('/password_reset.html')
                 def password_reset_confirmation(self):
                     if request.GET and request.GET.get('key'):
                         try:
                             user = User.get_by_api_key(request.GET.get('key'))
                             data = dict(email=user.email)
                             UserModel().reset_password(data)
                             h.flash(_('Your password reset was successful, '
                                       'new password has been sent to your email'),
                                         category='success')
                         except Exception, e:
                             log.error(e)
                             return redirect(url('reset_password'))
                     return redirect(url('login_home'))
                 def logout(self):
                     session.delete()
                     log.info('Logging out and deleting session for user')
                     redirect(url('home'))

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages