upstream/kallithea Commit - r2004:f2b7bebc

1

# -*- coding: utf-8 -*-

1

# -*- coding: utf-8 -*-

2

"""

2

"""

3

rhodecode.controllers.api

3

rhodecode.controllers.api

4

~~~~~~~~~~~~~~~~~~~~~~~~~

4

~~~~~~~~~~~~~~~~~~~~~~~~~

5

6

API controller for RhodeCode

6

API controller for RhodeCode

7

8

:created_on: Aug 20, 2011

8

:created_on: Aug 20, 2011

9

:author: marcink

9

:author: marcink

10

11

:license: GPLv3, see COPYING for more details.

11

:license: GPLv3, see COPYING for more details.

12

"""

12

"""

13

# This program is free software; you can redistribute it and/or

13

# This program is free software; you can redistribute it and/or

14

# modify it under the terms of the GNU General Public License

14

# modify it under the terms of the GNU General Public License

15

# as published by the Free Software Foundation; version 2

15

# as published by the Free Software Foundation; version 2

16

# of the License or (at your opinion) any later version of the license.

16

# of the License or (at your opinion) any later version of the license.

17

#

17

#

18

# This program is distributed in the hope that it will be useful,

18

# This program is distributed in the hope that it will be useful,

19

# but WITHOUT ANY WARRANTY; without even the implied warranty of

19

# but WITHOUT ANY WARRANTY; without even the implied warranty of

20

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

20

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

21

# GNU General Public License for more details.

21

# GNU General Public License for more details.

22

#

22

#

23

# You should have received a copy of the GNU General Public License

23

# You should have received a copy of the GNU General Public License

24

# along with this program; if not, write to the Free Software

24

# along with this program; if not, write to the Free Software

25

# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,

25

# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,

26

# MA 02110-1301, USA.

26

# MA 02110-1301, USA.

27

28

import traceback

28

import traceback

29

import logging

29

import logging

30

31

from sqlalchemy.orm.exc import NoResultFound

31

from sqlalchemy.orm.exc import NoResultFound

32

33

from rhodecode.controllers.api import JSONRPCController, JSONRPCError

33

from rhodecode.controllers.api import JSONRPCController, JSONRPCError

34

from rhodecode.lib.auth import HasPermissionAllDecorator, \

34

from rhodecode.lib.auth import HasPermissionAllDecorator, \

35

HasPermissionAnyDecorator

35

HasPermissionAnyDecorator

36

37

from rhodecode.model.meta import Session

37

from rhodecode.model.meta import Session

38

from rhodecode.model.scm import ScmModel

38

from rhodecode.model.scm import ScmModel

39

from rhodecode.model.db import User, UsersGroup, RepoGroup, Repository

39

from rhodecode.model.db import User, UsersGroup, RepoGroup, Repository

40

from rhodecode.model.repo import RepoModel

40

from rhodecode.model.repo import RepoModel

41

from rhodecode.model.user import UserModel

41

from rhodecode.model.user import UserModel

42

from rhodecode.model.repo_permission import RepositoryPermissionModel

42

from rhodecode.model.repo_permission import RepositoryPermissionModel

43

from rhodecode.model.users_group import UsersGroupModel

43

from rhodecode.model.users_group import UsersGroupModel

44

from rhodecode.model.repos_group import ReposGroupModel

44

from rhodecode.model.repos_group import ReposGroupModel

45

46

47

log = logging.getLogger(__name__)

47

log = logging.getLogger(__name__)

48

49

50

class ApiController(JSONRPCController):

50

class ApiController(JSONRPCController):

51

"""

51

"""

52

API Controller

52

API Controller

53

54

55

Each method needs to have USER as argument this is then based on given

55

Each method needs to have USER as argument this is then based on given

56

API_KEY propagated as instance of user object

56

API_KEY propagated as instance of user object

57

58

Preferably this should be first argument also

58

Preferably this should be first argument also

59

60

61

Each function should also **raise** JSONRPCError for any

61

Each function should also **raise** JSONRPCError for any

62

errors that happens

62

errors that happens

63

64

"""

64

"""

65

66

@HasPermissionAllDecorator('hg.admin')

66

@HasPermissionAllDecorator('hg.admin')

67

def pull(self, apiuser, repo_name):

67

def pull(self, apiuser, repo_name):

68

"""

68

"""

69

Dispatch pull action on given repo

69

Dispatch pull action on given repo

70

71

72

:param user:

72

:param user:

73

:param repo_name:

73

:param repo_name:

74

"""

74

"""

75

76

if Repository.is_valid(repo_name) is False:

76

if Repository.is_valid(repo_name) is False:

77

raise JSONRPCError('Unknown repo "%s"' % repo_name)

77

raise JSONRPCError('Unknown repo "%s"' % repo_name)

78

79

try:

79

try:

80

ScmModel().pull_changes(repo_name, self.rhodecode_user.username)

80

ScmModel().pull_changes(repo_name, self.rhodecode_user.username)

81

return 'Pulled from %s' % repo_name

81

return 'Pulled from %s' % repo_name

82

except Exception:

82

except Exception:

83

raise JSONRPCError('Unable to pull changes from "%s"' % repo_name)

83

raise JSONRPCError('Unable to pull changes from "%s"' % repo_name)

84

85

@HasPermissionAllDecorator('hg.admin')

85

@HasPermissionAllDecorator('hg.admin')

86

def get_user(self, apiuser, username):

86

def get_user(self, apiuser, username):

87

""""

87

""""

88

Get a user by username

88

Get a user by username

89

90

:param apiuser:

90

:param apiuser:

91

:param username:

91

:param username:

92

"""

92

"""

93

94

user = User.get_by_username(username)

94

user = User.get_by_username(username)

95

if user is None:

95

if user is None:

96

return user

96

return user

97

98

return dict(

98

return dict(

99

id=user.user_id,

99

id=user.user_id,

100

username=user.username,

100

username=user.username,

101

firstname=user.name,

101

firstname=user.name,

102

lastname=user.lastname,

102

lastname=user.lastname,

103

email=user.email,

103

email=user.email,

104

active=user.active,

104

active=user.active,

105

admin=user.admin,

105

admin=user.admin,

106

ldap=user.ldap_dn

106

ldap=user.ldap_dn

107

)

107

)

108

109

@HasPermissionAllDecorator('hg.admin')

109

@HasPermissionAllDecorator('hg.admin')

110

def get_users(self, apiuser):

110

def get_users(self, apiuser):

111

""""

111

""""

112

Get all users

112

Get all users

113

114

:param apiuser:

114

:param apiuser:

115

"""

115

"""

116

117

result = []

117

result = []

118

for user in User.getAll():

118

for user in User.getAll():

119

result.append(

119

result.append(

120

dict(

120

dict(

121

id=user.user_id,

121

id=user.user_id,

122

username=user.username,

122

username=user.username,

123

firstname=user.name,

123

firstname=user.name,

124

lastname=user.lastname,

124

lastname=user.lastname,

125

email=user.email,

125

email=user.email,

126

active=user.active,

126

active=user.active,

127

admin=user.admin,

127

admin=user.admin,

128

ldap=user.ldap_dn

128

ldap=user.ldap_dn

129

)

129

)

130

)

130

)

131

return result

131

return result

132

133

@HasPermissionAllDecorator('hg.admin')

133

@HasPermissionAllDecorator('hg.admin')

134

def create_user(self, apiuser, username, password, email, firstname=None,

134

def create_user(self, apiuser, username, password, email, firstname=None,

135

lastname=None, active=True, admin=False, ldap_dn=None):

135

lastname=None, active=True, admin=False, ldap_dn=None):

136

"""

136

"""

137

Create new user

137

Create new user

138

139

:param apiuser:

139

:param apiuser:

140

:param username:

140

:param username:

141

:param password:

141

:param password:

142

:param email:

142

:param email:

143

:param name:

143

:param name:

144

:param lastname:

144

:param lastname:

145

:param active:

145

:param active:

146

:param admin:

146

:param admin:

147

:param ldap_dn:

147

:param ldap_dn:

148

"""

148

"""

149

if User.get_by_username(username):

149

if User.get_by_username(username):

150

raise JSONRPCError("user %s already exist" % username)

150

raise JSONRPCError("user %s already exist" % username)

151

152

try:

152

try:

153

usr = UserModel().create_or_update(

153

usr = UserModel().create_or_update(

154

username, password, email, firstname,

154

username, password, email, firstname,

155

lastname, active, admin, ldap_dn

155

lastname, active, admin, ldap_dn

156

)

156

)

157

Session.commit()

157

Session.commit()

158

return dict(

158

return dict(

159

id=usr.user_id,

159

id=usr.user_id,

160

msg='created new user %s' % username

160

msg='created new user %s' % username

161

)

161

)

162

except Exception:

162

except Exception:

163

log.error(traceback.format_exc())

163

log.error(traceback.format_exc())

164

raise JSONRPCError('failed to create user %s' % username)

164

raise JSONRPCError('failed to create user %s' % username)

165

166

@HasPermissionAllDecorator('hg.admin')

166

@HasPermissionAllDecorator('hg.admin')

167

def update_user(self, apiuser, username, password, email, firstname=None,

167

def update_user(self, apiuser, username, password, email, firstname=None,

168

lastname=None, active=True, admin=False, ldap_dn=None):

168

lastname=None, active=True, admin=False, ldap_dn=None):

169

"""

169

"""

170

Updates given user

170

Updates given user

171

172

:param apiuser:

172

:param apiuser:

173

:param username:

173

:param username:

174

:param password:

174

:param password:

175

:param email:

175

:param email:

176

:param name:

176

:param name:

177

:param lastname:

177

:param lastname:

178

:param active:

178

:param active:

179

:param admin:

179

:param admin:

180

:param ldap_dn:

180

:param ldap_dn:

181

"""

181

"""

182

if not User.get_by_username(username):

182

if not User.get_by_username(username):

183

raise JSONRPCError("user %s does not exist" % username)

183

raise JSONRPCError("user %s does not exist" % username)

184

185

try:

185

try:

186

usr = UserModel().create_or_update(

186

usr = UserModel().create_or_update(

187

username, password, email, firstname,

187

username, password, email, firstname,

188

lastname, active, admin, ldap_dn

188

lastname, active, admin, ldap_dn

189

)

189

)

190

Session.commit()

190

Session.commit()

191

return dict(

191

return dict(

192

id=usr.user_id,

192

id=usr.user_id,

193

msg='updated user %s' % username

193

msg='updated user %s' % username

194

)

194

)

195

except Exception:

195

except Exception:

196

log.error(traceback.format_exc())

196

log.error(traceback.format_exc())

197

raise JSONRPCError('failed to update user %s' % username)

197

raise JSONRPCError('failed to update user %s' % username)

198

199

@HasPermissionAllDecorator('hg.admin')

199

@HasPermissionAllDecorator('hg.admin')

200

def get_users_group(self, apiuser, group_name):

200

def get_users_group(self, apiuser, group_name):

201

""""

201

""""

202

Get users group by name

202

Get users group by name

203

204

:param apiuser:

204

:param apiuser:

205

:param group_name:

205

:param group_name:

206

"""

206

"""

207

208

users_group = UsersGroup.get_by_group_name(group_name)

208

users_group = UsersGroup.get_by_group_name(group_name)

209

if not users_group:

209

if not users_group:

210

return None

210

return None

211

212

members = []

212

members = []

213

for user in users_group.members:

213

for user in users_group.members:

214

user = user.user

214

user = user.user

215

members.append(dict(id=user.user_id,

215

members.append(dict(id=user.user_id,

216

username=user.username,

216

username=user.username,

217

firstname=user.name,

217

firstname=user.name,

218

lastname=user.lastname,

218

lastname=user.lastname,

219

email=user.email,

219

email=user.email,

220

active=user.active,

220

active=user.active,

221

admin=user.admin,

221

admin=user.admin,

222

ldap=user.ldap_dn))

222

ldap=user.ldap_dn))

223

224

return dict(id=users_group.users_group_id,

224

return dict(id=users_group.users_group_id,

225

group_name=users_group.users_group_name,

225

group_name=users_group.users_group_name,

226

active=users_group.users_group_active,

226

active=users_group.users_group_active,

227

members=members)

227

members=members)

228

229

@HasPermissionAllDecorator('hg.admin')

229

@HasPermissionAllDecorator('hg.admin')

230

def get_users_groups(self, apiuser):

230

def get_users_groups(self, apiuser):

231

""""

231

""""

232

Get all users groups

232

Get all users groups

233

234

:param apiuser:

234

:param apiuser:

235

"""

235

"""

236

237

result = []

237

result = []

238

for users_group in UsersGroup.getAll():

238

for users_group in UsersGroup.getAll():

239

members = []

239

members = []

240

for user in users_group.members:

240

for user in users_group.members:

241

user = user.user

241

user = user.user

242

members.append(dict(id=user.user_id,

242

members.append(dict(id=user.user_id,

243

username=user.username,

243

username=user.username,

244

firstname=user.name,

244

firstname=user.name,

245

lastname=user.lastname,

245

lastname=user.lastname,

246

email=user.email,

246

email=user.email,

247

active=user.active,

247

active=user.active,

248

admin=user.admin,

248

admin=user.admin,

249

ldap=user.ldap_dn))

249

ldap=user.ldap_dn))

250

251

result.append(dict(id=users_group.users_group_id,

251

result.append(dict(id=users_group.users_group_id,

252

group_name=users_group.users_group_name,

252

group_name=users_group.users_group_name,

253

active=users_group.users_group_active,

253

active=users_group.users_group_active,

254

members=members))

254

members=members))

255

return result

255

return result

256

257

@HasPermissionAllDecorator('hg.admin')

257

@HasPermissionAllDecorator('hg.admin')

258

def create_users_group(self, apiuser, group_name, active=True):

258

def create_users_group(self, apiuser, group_name, active=True):

259

"""

259

"""

260

Creates an new usergroup

260

Creates an new usergroup

261

262

:param group_name:

262

:param group_name:

263

:param active:

263

:param active:

264

"""

264

"""

265

266

if self.get_users_group(apiuser, group_name):

266

if self.get_users_group(apiuser, group_name):

267

raise JSONRPCError("users group %s already exist" % group_name)

267

raise JSONRPCError("users group %s already exist" % group_name)

268

269

try:

269

try:

270

ug = UsersGroupModel().create(name=group_name, active=active)

270

ug = UsersGroupModel().create(name=group_name, active=active)

271

Session.commit()

271

Session.commit()

272

return dict(id=ug.users_group_id,

272

return dict(id=ug.users_group_id,

273

msg='created new users group %s' % group_name)

273

msg='created new users group %s' % group_name)

274

except Exception:

274

except Exception:

275

log.error(traceback.format_exc())

275

log.error(traceback.format_exc())

276

raise JSONRPCError('failed to create group %s' % group_name)

276

raise JSONRPCError('failed to create group %s' % group_name)

277

278

@HasPermissionAllDecorator('hg.admin')

278

@HasPermissionAllDecorator('hg.admin')

279

def add_user_to_users_group(self, apiuser, group_name, username):

279

def add_user_to_users_group(self, apiuser, group_name, username):

280

""""

280

""""

281

Add a user to a group

281

Add a user to a group

282

283

:param apiuser:

283

:param apiuser:

284

:param group_name:

284

:param group_name:

285

:param username:

285

:param username:

286

"""

286

"""

287

288

try:

288

try:

289

users_group = UsersGroup.get_by_group_name(group_name)

289

users_group = UsersGroup.get_by_group_name(group_name)

290

if not users_group:

290

if not users_group:

291

raise JSONRPCError('unknown users group %s' % group_name)

291

raise JSONRPCError('unknown users group %s' % group_name)

292

293

user = User.get_by_username(username)

293

user = User.get_by_username(username)

294

if user is None:

294

if user is None:

295

raise JSONRPCError('unknown user %s' % username)

295

raise JSONRPCError('unknown user %s' % username)

296

297

ugm = UsersGroupModel().add_user_to_group(users_group, user)

297

ugm = UsersGroupModel().add_user_to_group(users_group, user)

298

success = True if ugm != True else False

298

success = True if ugm != True else False

299

msg = 'added member %s to users group %s' % (username, group_name)

299

msg = 'added member %s to users group %s' % (username, group_name)

300

msg = msg if success else 'User is already in that group'

300

msg = msg if success else 'User is already in that group'

301

Session.commit()

301

Session.commit()

302

303

return dict(

303

return dict(

304

id=ugm.users_group_member_id if ugm != True else None,

304

id=ugm.users_group_member_id if ugm != True else None,

305

success=success,

305

success=success,

306

msg=msg

306

msg=msg

307

)

307

)

308

except Exception:

308

except Exception:

309

log.error(traceback.format_exc())

309

log.error(traceback.format_exc())

310

raise JSONRPCError('failed to add users group member')

310

raise JSONRPCError('failed to add users group member')

311

312

@HasPermissionAllDecorator('hg.admin')

312

@HasPermissionAllDecorator('hg.admin')

313

def remove_user_from_users_group(self, apiuser, group_name, username):

313

def remove_user_from_users_group(self, apiuser, group_name, username):

314

"""

314

"""

315

Remove user from a group

315

Remove user from a group

316

317

:param apiuser

317

:param apiuser

318

:param group_name

318

:param group_name

319

:param username

319

:param username

320

"""

320

"""

321

322

try:

322

try:

323

users_group = UsersGroup.get_by_group_name(group_name)

323

users_group = UsersGroup.get_by_group_name(group_name)

324

if not users_group:

324

if not users_group:

325

raise JSONRPCError('unknown users group %s' % group_name)

325

raise JSONRPCError('unknown users group %s' % group_name)

326

327

user = User.get_by_username(username)

327

user = User.get_by_username(username)

328

if user is None:

328

if user is None:

329

raise JSONRPCError('unknown user %s' % username)

329

raise JSONRPCError('unknown user %s' % username)

330

331

success = UsersGroupModel().remove_user_from_group(users_group, user)

331

success = UsersGroupModel().remove_user_from_group(users_group, user)

332

msg = 'removed member %s from users group %s' % (username, group_name)

332

msg = 'removed member %s from users group %s' % (username, group_name)

333

msg = msg if success else "User wasn't in group"

333

msg = msg if success else "User wasn't in group"

334

Session.commit()

334

Session.commit()

335

return dict(success=success, msg=msg)

335

return dict(success=success, msg=msg)

336

except Exception:

336

except Exception:

337

log.error(traceback.format_exc())

337

log.error(traceback.format_exc())

338

raise JSONRPCError('failed to remove user from group')

338

raise JSONRPCError('failed to remove user from group')

339

340

@HasPermissionAnyDecorator('hg.admin')

340

@HasPermissionAnyDecorator('hg.admin')

341

def get_repo(self, apiuser, repo_name):

341

def get_repo(self, apiuser, repo_name):

342

""""

342

""""

343

Get repository by name

343

Get repository by name

344

345

:param apiuser:

345

:param apiuser:

346

:param repo_name:

346

:param repo_name:

347

"""

347

"""

348

349

repo = Repository.get_by_repo_name(repo_name)

349

repo = Repository.get_by_repo_name(repo_name)

350

if repo is None:

350

if repo is None:

351

raise JSONRPCError('unknown repository %s' % repo)

351

raise JSONRPCError('unknown repository %s' % repo)

352

353

members = []

353

members = []

354

for user in repo.repo_to_perm:

354

for user in repo.repo_to_perm:

355

perm = user.permission.permission_name

355

perm = user.permission.permission_name

356

user = user.user

356

user = user.user

357

members.append(

357

members.append(

358

dict(

358

dict(

359

type_="user",

359

type_="user",

360

id=user.user_id,

360

id=user.user_id,

361

username=user.username,

361

username=user.username,

362

firstname=user.name,

362

firstname=user.name,

363

lastname=user.lastname,

363

lastname=user.lastname,

364

email=user.email,

364

email=user.email,

365

active=user.active,

365

active=user.active,

366

admin=user.admin,

366

admin=user.admin,

367

ldap=user.ldap_dn,

367

ldap=user.ldap_dn,

368

permission=perm

368

permission=perm

369

)

369

)

370

)

370

)

371

for users_group in repo.users_group_to_perm:

371

for users_group in repo.users_group_to_perm:

372

perm = users_group.permission.permission_name

372

perm = users_group.permission.permission_name

373

users_group = users_group.users_group

373

users_group = users_group.users_group

374

members.append(

374

members.append(

375

dict(

375

dict(

376

type_="users_group",

376

type_="users_group",

377

id=users_group.users_group_id,

377

id=users_group.users_group_id,

378

name=users_group.users_group_name,

378

name=users_group.users_group_name,

379

active=users_group.users_group_active,

379

active=users_group.users_group_active,

380

permission=perm

380

permission=perm

381

)

381

)

382

)

382

)

383

384

return dict(

384

return dict(

385

id=repo.repo_id,

385

id=repo.repo_id,

386

repo_name=repo.repo_name,

386

repo_name=repo.repo_name,

387

type=repo.repo_type,

387

type=repo.repo_type,

388

description=repo.description,

388

description=repo.description,

389

members=members

389

members=members

390

)

390

)

391

392

@HasPermissionAnyDecorator('hg.admin')

392

@HasPermissionAnyDecorator('hg.admin')

393

def get_repos(self, apiuser):

393

def get_repos(self, apiuser):

394

""""

394

""""

395

Get all repositories

395

Get all repositories

396

397

:param apiuser:

397

:param apiuser:

398

"""

398

"""

399

400

result = []

400

result = []

401

for repository in Repository.getAll():

401

for repository in Repository.getAll():

402

result.append(

402

result.append(

403

dict(

403

dict(

404

id=repository.repo_id,

404

id=repository.repo_id,

405

repo_name=repository.repo_name,

405

repo_name=repository.repo_name,

406

type=repository.repo_type,

406

type=repository.repo_type,

407

description=repository.description

407

description=repository.description

408

)

408

)

409

)

409

)

410

return result

410

return result

411

412

@HasPermissionAnyDecorator('hg.admin')

412

@HasPermissionAnyDecorator('hg.admin')

413

def get_repo_nodes(self, apiuser, repo_name, revision, root_path,

413

def get_repo_nodes(self, apiuser, repo_name, revision, root_path,

414

ret_type='all'):

414

ret_type='all'):

415

"""

415

"""

416

returns a list of nodes and it's children

416

returns a list of nodes and it's children

417

for a given path at given revision. It's possible to specify ret_type

417

for a given path at given revision. It's possible to specify ret_type

418

to show only files or dirs

418

to show only files or dirs

419

420

:param apiuser:

420

:param apiuser:

421

:param repo_name: name of repository

421

:param repo_name: name of repository

422

:param revision: revision for which listing should be done

422

:param revision: revision for which listing should be done

423

:param root_path: path from which start displaying

423

:param root_path: path from which start displaying

424

:param ret_type: return type 'all|files|dirs' nodes

424

:param ret_type: return type 'all|files|dirs' nodes

425

"""

425

"""

426

try:

426

try:

427

_d, _f = ScmModel().get_nodes(repo_name, revision, root_path,

427

_d, _f = ScmModel().get_nodes(repo_name, revision, root_path,

428

flat=False)

428

flat=False)

429

_map = {

429

_map = {

430

'all': _d + _f,

430

'all': _d + _f,

431

'files': _f,

431

'files': _f,

432

'dirs': _d,

432

'dirs': _d,

433

}

433

}

434

return _map[ret_type]

434

return _map[ret_type]

435

except KeyError:

435

except KeyError:

436

raise JSONRPCError('ret_type must be one of %s' % _map.keys())

436

raise JSONRPCError('ret_type must be one of %s' % _map.keys())

437

except Exception, e:

437

except Exception, e:

438

raise JSONRPCError(e)

438

raise JSONRPCError(e)

439

440

@HasPermissionAnyDecorator('hg.admin', 'hg.create.repository')

440

@HasPermissionAnyDecorator('hg.admin', 'hg.create.repository')

441

def create_repo(self, apiuser, repo_name, owner_name, description='',

441

def create_repo(self, apiuser, repo_name, owner_name, description='',

442

repo_type='hg', private=False):

442

repo_type='hg', private=False):

443

"""

443

"""

444

Create a repository

444

Create a repository

445

446

:param apiuser:

446

:param apiuser:

447

:param repo_name:

447

:param repo_name:

448

:param description:

448

:param description:

449

:param type:

449

:param type:

450

:param private:

450

:param private:

451

:param owner_name:

451

:param owner_name:

452

"""

452

"""

453

454

try:

454

try:

455

owner = User.get_by_username(owner_name)

455

owner = User.get_by_username(owner_name)

456

if owner is None:

456

if owner is None:

457

raise JSONRPCError('unknown user %s' % owner_name)

457

raise JSONRPCError('unknown user %s' % owner_name)

458

459

if Repository.get_by_repo_name(repo_name):

459

if Repository.get_by_repo_name(repo_name):

460

raise JSONRPCError("repo %s already exist" % repo_name)

460

raise JSONRPCError("repo %s already exist" % repo_name)

461

462

groups = repo_name.split('/')

462

groups = repo_name.split('/')

463

real_name = groups[-1]

463

real_name = groups[-1]

464

groups = groups[:-1]

464

groups = groups[:-1]

465

parent_id = None

465

parent_id = None

466

for g in groups:

466

for g in groups:

467

group = RepoGroup.get_by_group_name(g)

467

group = RepoGroup.get_by_group_name(g)

468

if not group:

468

if not group:

469

group = ReposGroupModel().create(g, '', parent_id)

469

group = ReposGroupModel().create(g, '', parent_id)

470

parent_id = group.group_id

470

parent_id = group.group_id

471

472

repo = RepoModel().create(

472

repo = RepoModel().create(

473

dict(

473

dict(

474

repo_name=real_name,

474

repo_name=real_name,

475

repo_name_full=repo_name,

475

repo_name_full=repo_name,

476

description=description,

476

description=description,

477

private=private,

477

private=private,

478

repo_type=repo_type,

478

repo_type=repo_type,

479

repo_group=parent_id,

479

repo_group=parent_id,

480

clone_uri=None

480

clone_uri=None

481

),

481

),

482

owner

482

owner

483

)

483

)

484

Session.commit()

484

Session.commit()

485

486

return dict(

486

return dict(

487

id=repo.repo_id,

487

id=repo.repo_id,

488

msg="Created new repository %s" % repo.repo_name

488

msg="Created new repository %s" % repo.repo_name

489

)

489

)

490

491

except Exception:

491

except Exception:

492

log.error(traceback.format_exc())

492

log.error(traceback.format_exc())

493

raise JSONRPCError('failed to create repository %s' % repo_name)

493

raise JSONRPCError('failed to create repository %s' % repo_name)

494

495

@HasPermissionAnyDecorator('hg.admin')

495

@HasPermissionAnyDecorator('hg.admin')

496

def delete_repo(self, apiuser, repo_name):

496

def delete_repo(self, apiuser, repo_name):

497

"""

497

"""

498

Deletes a given repository

498

Deletes a given repository

499

500

:param repo_name:

500

:param repo_name:

501

"""

501

"""

502

if not Repository.get_by_repo_name(repo_name):

502

if not Repository.get_by_repo_name(repo_name):

503

raise JSONRPCError("repo %s does not exist" % repo_name)

503

raise JSONRPCError("repo %s does not exist" % repo_name)

504

try:

504

try:

505

RepoModel().delete(repo_name)

505

RepoModel().delete(repo_name)

506

Session.commit()

506

Session.commit()

507

return dict(

507

return dict(

508

msg='Deleted repository %s' % repo_name

508

msg='Deleted repository %s' % repo_name

509

)

509

)

510

except Exception:

510

except Exception:

511

log.error(traceback.format_exc())

511

log.error(traceback.format_exc())

512

raise JSONRPCError('failed to delete repository %s' % repo_name)

512

raise JSONRPCError('failed to delete repository %s' % repo_name)

513

514

@HasPermissionAnyDecorator('hg.admin')

514

@HasPermissionAnyDecorator('hg.admin')

515

def grant_user_permission(self, repo_name, username, perm):

515

def grant_user_permission(self, apiuser, repo_name, username, perm):

516

"""

516

"""

517

Grant permission for user on given repository, or update existing one

517

Grant permission for user on given repository, or update existing one

518

if found

518

if found

519

520

:param repo_name:

520

:param repo_name:

521

:param username:

521

:param username:

522

:param perm:

522

:param perm:

523

"""

523

"""

524

525

try:

525

try:

526

repo = Repository.get_by_repo_name(repo_name)

526

repo = Repository.get_by_repo_name(repo_name)

527

if repo is None:

527

if repo is None:

528

raise JSONRPCError('unknown repository %s' % repo)

528

raise JSONRPCError('unknown repository %s' % repo)

529

530

user = User.get_by_username(username)

530

user = User.get_by_username(username)

531

if user is None:

531

if user is None:

532

raise JSONRPCError('unknown user %s' % username)

532

raise JSONRPCError('unknown user %s' % username)

533

534

RepoModel().grant_user_permission(repo=repo, user=user, perm=perm)

534

RepoModel().grant_user_permission(repo=repo, user=user, perm=perm)

535

536

Session.commit()

536

Session.commit()

537

return dict(

537

return dict(

538

msg='Granted perm: %s for user: %s in repo: %s' % (

538

msg='Granted perm: %s for user: %s in repo: %s' % (

539

perm, username, repo_name

539

perm, username, repo_name

540

)

540

)

541

)

541

)

542

except Exception:

542

except Exception:

543

log.error(traceback.format_exc())

543

log.error(traceback.format_exc())

544

raise JSONRPCError(

544

raise JSONRPCError(

545

'failed to edit permission %(repo)s for %(user)s' % dict(

545

'failed to edit permission %(repo)s for %(user)s' % dict(

546

user=username, repo=repo_name

546

user=username, repo=repo_name

547

)

547

)

548

)

548

)

549

550

@HasPermissionAnyDecorator('hg.admin')

550

@HasPermissionAnyDecorator('hg.admin')

551

def revoke_user_permission(self, repo_name, username):

551

def revoke_user_permission(self, apiuser, repo_name, username):

552

"""

552

"""

553

Revoke permission for user on given repository

553

Revoke permission for user on given repository

554

555

:param repo_name:

555

:param repo_name:

556

:param username:

556

:param username:

557

"""

557

"""

558

559

try:

559

try:

560

repo = Repository.get_by_repo_name(repo_name)

560

repo = Repository.get_by_repo_name(repo_name)

561

if repo is None:

561

if repo is None:

562

raise JSONRPCError('unknown repository %s' % repo)

562

raise JSONRPCError('unknown repository %s' % repo)

563

564

user = User.get_by_username(username)

564

user = User.get_by_username(username)

565

if user is None:

565

if user is None:

566

raise JSONRPCError('unknown user %s' % username)

566

raise JSONRPCError('unknown user %s' % username)

567

568

RepoModel().revoke_user_permission(repo=repo_name, user=username)

568

RepoModel().revoke_user_permission(repo=repo_name, user=username)

569

570

Session.commit()

570

Session.commit()

571

return dict(

571

return dict(

572

msg='Revoked perm for user: %s in repo: %s' % (

572

msg='Revoked perm for user: %s in repo: %s' % (

573

username, repo_name

573

username, repo_name

574

)

574

)

575

)

575

)

576

except Exception:

576

except Exception:

577

log.error(traceback.format_exc())

577

log.error(traceback.format_exc())

578

raise JSONRPCError(

578

raise JSONRPCError(

579

'failed to edit permission %(repo)s for %(user)s' % dict(

579

'failed to edit permission %(repo)s for %(user)s' % dict(

580

user=username, repo=repo_name

580

user=username, repo=repo_name

581

)

581

)

582

)

582

)

583

584

@HasPermissionAnyDecorator('hg.admin')

584

@HasPermissionAnyDecorator('hg.admin')

585

def grant_users_group_permission(self, repo_name, group_name, perm):

585

def grant_users_group_permission(self, apiuser, repo_name, group_name, perm):

586

"""

586

"""

587

Grant permission for users group on given repository, or update

587

Grant permission for users group on given repository, or update

588

existing one if found

588

existing one if found

589

590

:param repo_name:

590

:param repo_name:

591

:param group_name:

591

:param group_name:

592

:param perm:

592

:param perm:

593

"""

593

"""

594

595

try:

595

try:

596

repo = Repository.get_by_repo_name(repo_name)

596

repo = Repository.get_by_repo_name(repo_name)

597

if repo is None:

597

if repo is None:

598

raise JSONRPCError('unknown repository %s' % repo)

598

raise JSONRPCError('unknown repository %s' % repo)

599

600

user_group = UsersGroup.get_by_group_name(group_name)

600

user_group = UsersGroup.get_by_group_name(group_name)

601

if user_group is None:

601

if user_group is None:

602

raise JSONRPCError('unknown users group %s' % user_group)

602

raise JSONRPCError('unknown users group %s' % user_group)

603

604

RepoModel().grant_users_group_permission(repo=repo_name,

604

RepoModel().grant_users_group_permission(repo=repo_name,

605

group_name=group_name,

605

group_name=group_name,

606

perm=perm)

606

perm=perm)

607

608

Session.commit()

608

Session.commit()

609

return dict(

609

return dict(

610

msg='Granted perm: %s for group: %s in repo: %s' % (

610

msg='Granted perm: %s for group: %s in repo: %s' % (

611

perm, group_name, repo_name

611

perm, group_name, repo_name

612

)

612

)

613

)

613

)

614

except Exception:

614

except Exception:

615

log.error(traceback.format_exc())

615

log.error(traceback.format_exc())

616

raise JSONRPCError(

616

raise JSONRPCError(

617

'failed to edit permission %(repo)s for %(usersgr)s' % dict(

617

'failed to edit permission %(repo)s for %(usersgr)s' % dict(

618

usersgr=group_name, repo=repo_name

618

usersgr=group_name, repo=repo_name

619

)

619

)

620

)

620

)

621

622

@HasPermissionAnyDecorator('hg.admin')

622

@HasPermissionAnyDecorator('hg.admin')

623

def revoke_users_group_permission(self, repo_name, group_name):

623

def revoke_users_group_permission(self, apiuser, repo_name, group_name):

624

"""

624

"""

625

Revoke permission for users group on given repository

625

Revoke permission for users group on given repository

626

627

:param repo_name:

627

:param repo_name:

628

:param group_name:

628

:param group_name:

629

"""

629

"""

630

631

try:

631

try:

632

repo = Repository.get_by_repo_name(repo_name)

632

repo = Repository.get_by_repo_name(repo_name)

633

if repo is None:

633

if repo is None:

634

raise JSONRPCError('unknown repository %s' % repo)

634

raise JSONRPCError('unknown repository %s' % repo)

635

636

user_group = UsersGroup.get_by_group_name(group_name)

636

user_group = UsersGroup.get_by_group_name(group_name)

637

if user_group is None:

637

if user_group is None:

638

raise JSONRPCError('unknown users group %s' % user_group)

638

raise JSONRPCError('unknown users group %s' % user_group)

639

640

RepoModel().revoke_users_group_permission(repo=repo_name,

640

RepoModel().revoke_users_group_permission(repo=repo_name,

641

group_name=group_name)

641

group_name=group_name)

642

643

Session.commit()

643

Session.commit()

644

return dict(

644

return dict(

645

msg='Revoked perm for group: %s in repo: %s' % (

645

msg='Revoked perm for group: %s in repo: %s' % (

646

group_name, repo_name

646

group_name, repo_name

647

)

647

)

648

)

648

)

649

except Exception:

649

except Exception:

650

log.error(traceback.format_exc())

650

log.error(traceback.format_exc())

651

raise JSONRPCError(

651

raise JSONRPCError(

652

'failed to edit permission %(repo)s for %(usersgr)s' % dict(

652

'failed to edit permission %(repo)s for %(usersgr)s' % dict(

653

usersgr=group_name, repo=repo_name

653

usersgr=group_name, repo=repo_name

654

)

654

)

655

)

655

)

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

             # -*- coding: utf-8 -*-
             """
                 rhodecode.controllers.api
                 ~~~~~~~~~~~~~~~~~~~~~~~~~
                 API controller for RhodeCode
                 :created_on: Aug 20, 2011
                 :author: marcink
                 :copyright: (C) 2011-2012 Marcin Kuzminski <marcin@python-works.com>
                 :license: GPLv3, see COPYING for more details.
             """
             # This program is free software; you can redistribute it and/or
             # modify it under the terms of the GNU General Public License
             # as published by the Free Software Foundation; version 2
             # of the License or (at your opinion) any later version of the license.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU General Public License
             # along with this program; if not, write to the Free Software
             # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
             # MA  02110-1301, USA.
             import traceback
             import logging
             from sqlalchemy.orm.exc import NoResultFound
             from rhodecode.controllers.api import JSONRPCController, JSONRPCError
             from rhodecode.lib.auth import HasPermissionAllDecorator, \
                 HasPermissionAnyDecorator
             from rhodecode.model.meta import Session
             from rhodecode.model.scm import ScmModel
             from rhodecode.model.db import User, UsersGroup, RepoGroup, Repository
             from rhodecode.model.repo import RepoModel
             from rhodecode.model.user import UserModel
             from rhodecode.model.repo_permission import RepositoryPermissionModel
             from rhodecode.model.users_group import UsersGroupModel
             from rhodecode.model.repos_group import ReposGroupModel
             log = logging.getLogger(__name__)
             class ApiController(JSONRPCController):
                 """
                 API Controller
                 Each method needs to have USER as argument this is then based on given
                 API_KEY propagated as instance of user object
                 Preferably this should be first argument also
                 Each function should also **raise** JSONRPCError for any
                 errors that happens
                 """
                 @HasPermissionAllDecorator('hg.admin')
                 def pull(self, apiuser, repo_name):
                     """
                     Dispatch pull action on given repo
                     :param user:
                     :param repo_name:
                     """
                     if Repository.is_valid(repo_name) is False:
                         raise JSONRPCError('Unknown repo "%s"' % repo_name)
                     try:
                         ScmModel().pull_changes(repo_name, self.rhodecode_user.username)
                         return 'Pulled from %s' % repo_name
                     except Exception:
                         raise JSONRPCError('Unable to pull changes from "%s"' % repo_name)
                 @HasPermissionAllDecorator('hg.admin')
                 def get_user(self, apiuser, username):
                     """"
                     Get a user by username
                     :param apiuser:
                     :param username:
                     """
                     user = User.get_by_username(username)
                     if user is None:
                         return user
                     return dict(
                         id=user.user_id,
                         username=user.username,
                         firstname=user.name,
                         lastname=user.lastname,
                         email=user.email,
                         active=user.active,
                         admin=user.admin,
                         ldap=user.ldap_dn
                     )
                 @HasPermissionAllDecorator('hg.admin')
                 def get_users(self, apiuser):
                     """"
                     Get all users
                     :param apiuser:
                     """
                     result = []
                     for user in User.getAll():
                         result.append(
                             dict(
                                 id=user.user_id,
                                 username=user.username,
                                 firstname=user.name,
                                 lastname=user.lastname,
                                 email=user.email,
                                 active=user.active,
                                 admin=user.admin,
                                 ldap=user.ldap_dn
                             )
                         )
                     return result
                 @HasPermissionAllDecorator('hg.admin')
                 def create_user(self, apiuser, username, password, email, firstname=None,
                                 lastname=None, active=True, admin=False, ldap_dn=None):
                     """
                     Create new user
                     :param apiuser:
                     :param username:
                     :param password:
                     :param email:
                     :param name:
                     :param lastname:
                     :param active:
                     :param admin:
                     :param ldap_dn:
                     """
                     if User.get_by_username(username):
                         raise JSONRPCError("user %s already exist" % username)
                     try:
                         usr = UserModel().create_or_update(
                             username, password, email, firstname,
                             lastname, active, admin, ldap_dn
                         )
                         Session.commit()
                         return dict(
                             id=usr.user_id,
                             msg='created new user %s' % username
                         )
                     except Exception:
                         log.error(traceback.format_exc())
                         raise JSONRPCError('failed to create user %s' % username)
                 @HasPermissionAllDecorator('hg.admin')
                 def update_user(self, apiuser, username, password, email, firstname=None,
                                 lastname=None, active=True, admin=False, ldap_dn=None):
                     """
                     Updates given user
                     :param apiuser:
                     :param username:
                     :param password:
                     :param email:
                     :param name:
                     :param lastname:
                     :param active:
                     :param admin:
                     :param ldap_dn:
                     """
                     if not User.get_by_username(username):
                         raise JSONRPCError("user %s does not exist" % username)
                     try:
                         usr = UserModel().create_or_update(
                             username, password, email, firstname,
                             lastname, active, admin, ldap_dn
                         )
                         Session.commit()
                         return dict(
                             id=usr.user_id,
                             msg='updated user %s' % username
                         )
                     except Exception:
                         log.error(traceback.format_exc())
                         raise JSONRPCError('failed to update user %s' % username)
                 @HasPermissionAllDecorator('hg.admin')
                 def get_users_group(self, apiuser, group_name):
                     """"
                     Get users group by name
                     :param apiuser:
                     :param group_name:
                     """
                     users_group = UsersGroup.get_by_group_name(group_name)
                     if not users_group:
                         return None
                     members = []
                     for user in users_group.members:
                         user = user.user
                         members.append(dict(id=user.user_id,
                                         username=user.username,
                                         firstname=user.name,
                                         lastname=user.lastname,
                                         email=user.email,
                                         active=user.active,
                                         admin=user.admin,
                                         ldap=user.ldap_dn))
                     return dict(id=users_group.users_group_id,
                                 group_name=users_group.users_group_name,
                                 active=users_group.users_group_active,
                                 members=members)
                 @HasPermissionAllDecorator('hg.admin')
                 def get_users_groups(self, apiuser):
                     """"
                     Get all users groups
                     :param apiuser:
                     """
                     result = []
                     for users_group in UsersGroup.getAll():
                         members = []
                         for user in users_group.members:
                             user = user.user
                             members.append(dict(id=user.user_id,
                                             username=user.username,
                                             firstname=user.name,
                                             lastname=user.lastname,
                                             email=user.email,
                                             active=user.active,
                                             admin=user.admin,
                                             ldap=user.ldap_dn))
                         result.append(dict(id=users_group.users_group_id,
                                             group_name=users_group.users_group_name,
                                             active=users_group.users_group_active,
                                             members=members))
                     return result
                 @HasPermissionAllDecorator('hg.admin')
                 def create_users_group(self, apiuser, group_name, active=True):
                     """
                     Creates an new usergroup
                     :param group_name:
                     :param active:
                     """
                     if self.get_users_group(apiuser, group_name):
                         raise JSONRPCError("users group %s already exist" % group_name)
                     try:
                         ug = UsersGroupModel().create(name=group_name, active=active)
                         Session.commit()
                         return dict(id=ug.users_group_id,
                                     msg='created new users group %s' % group_name)
                     except Exception:
                         log.error(traceback.format_exc())
                         raise JSONRPCError('failed to create group %s' % group_name)
                 @HasPermissionAllDecorator('hg.admin')
                 def add_user_to_users_group(self, apiuser, group_name, username):
                     """"
                     Add a user to a group
                     :param apiuser:
                     :param group_name:
                     :param username:
                     """
                     try:
                         users_group = UsersGroup.get_by_group_name(group_name)
                         if not users_group:
                             raise JSONRPCError('unknown users group %s' % group_name)
                         user = User.get_by_username(username)
                         if user is None:
                             raise JSONRPCError('unknown user %s' % username)
                         ugm = UsersGroupModel().add_user_to_group(users_group, user)
                         success = True if ugm != True else False
                         msg = 'added member %s to users group %s' % (username, group_name)
                         msg = msg if success else 'User is already in that group'
                         Session.commit()
                         return dict(
                             id=ugm.users_group_member_id if ugm != True else None,
                             success=success,
                             msg=msg
                         )
                     except Exception:
                         log.error(traceback.format_exc())
                         raise JSONRPCError('failed to add users group member')
                 @HasPermissionAllDecorator('hg.admin')
                 def remove_user_from_users_group(self, apiuser, group_name, username):
                     """
                     Remove user from a group
                     :param apiuser
                     :param group_name
                     :param username
                     """
                     try:
                         users_group = UsersGroup.get_by_group_name(group_name)
                         if not users_group:
                             raise JSONRPCError('unknown users group %s' % group_name)
                         user = User.get_by_username(username)
                         if user is None:
                             raise JSONRPCError('unknown user %s' % username)
                         success = UsersGroupModel().remove_user_from_group(users_group, user)
                         msg = 'removed member %s from users group %s' % (username, group_name)
                         msg = msg if success else "User wasn't in group"
                         Session.commit()
                         return dict(success=success, msg=msg)
                     except Exception:
                         log.error(traceback.format_exc())
                         raise JSONRPCError('failed to remove user from group')
                 @HasPermissionAnyDecorator('hg.admin')
                 def get_repo(self, apiuser, repo_name):
                     """"
                     Get repository by name
                     :param apiuser:
                     :param repo_name:
                     """
                     repo = Repository.get_by_repo_name(repo_name)
                     if repo is None:
                         raise JSONRPCError('unknown repository %s' % repo)
                     members = []
                     for user in repo.repo_to_perm:
                         perm = user.permission.permission_name
                         user = user.user
                         members.append(
                             dict(
                                 type_="user",
                                 id=user.user_id,
                                 username=user.username,
                                 firstname=user.name,
                                 lastname=user.lastname,
                                 email=user.email,
                                 active=user.active,
                                 admin=user.admin,
                                 ldap=user.ldap_dn,
                                 permission=perm
                             )
                         )
                     for users_group in repo.users_group_to_perm:
                         perm = users_group.permission.permission_name
                         users_group = users_group.users_group
                         members.append(
                             dict(
                                 type_="users_group",
                                 id=users_group.users_group_id,
                                 name=users_group.users_group_name,
                                 active=users_group.users_group_active,
                                 permission=perm
                             )
                         )
                     return dict(
                         id=repo.repo_id,
                         repo_name=repo.repo_name,
                         type=repo.repo_type,
                         description=repo.description,
                         members=members
                     )
                 @HasPermissionAnyDecorator('hg.admin')
                 def get_repos(self, apiuser):
                     """"
                     Get all repositories
                     :param apiuser:
                     """
                     result = []
                     for repository in Repository.getAll():
                         result.append(
                             dict(
                                 id=repository.repo_id,
                                 repo_name=repository.repo_name,
                                 type=repository.repo_type,
                                 description=repository.description
                             )
                         )
                     return result
                 @HasPermissionAnyDecorator('hg.admin')
                 def get_repo_nodes(self, apiuser, repo_name, revision, root_path,
                                    ret_type='all'):
                     """
                     returns a list of nodes and it's children
                     for a given path at given revision. It's possible to specify ret_type
                     to show only files or dirs
                     :param apiuser:
                     :param repo_name: name of repository
                     :param revision: revision for which listing should be done
                     :param root_path: path from which start displaying
                     :param ret_type: return type 'all|files|dirs' nodes
                     """
                     try:
                         _d, _f = ScmModel().get_nodes(repo_name, revision, root_path,
                                                       flat=False)
                         _map = {
                             'all': _d + _f,
                             'files': _f,
                             'dirs': _d,
                         }
                         return _map[ret_type]
                     except KeyError:
                         raise JSONRPCError('ret_type must be one of %s' % _map.keys())
                     except Exception, e:
                         raise JSONRPCError(e)
                 @HasPermissionAnyDecorator('hg.admin', 'hg.create.repository')
                 def create_repo(self, apiuser, repo_name, owner_name, description='',
                                 repo_type='hg', private=False):
                     """
                     Create a repository
                     :param apiuser:
                     :param repo_name:
                     :param description:
                     :param type:
                     :param private:
                     :param owner_name:
                     """
                     try:
                         owner = User.get_by_username(owner_name)
                         if owner is None:
                             raise JSONRPCError('unknown user %s' % owner_name)
                         if Repository.get_by_repo_name(repo_name):
                             raise JSONRPCError("repo %s already exist" % repo_name)
                         groups = repo_name.split('/')
                         real_name = groups[-1]
                         groups = groups[:-1]
                         parent_id = None
                         for g in groups:
                             group = RepoGroup.get_by_group_name(g)
                             if not group:
                                 group = ReposGroupModel().create(g, '', parent_id)
                             parent_id = group.group_id
                         repo = RepoModel().create(
                             dict(
                                 repo_name=real_name,
                                 repo_name_full=repo_name,
                                 description=description,
                                 private=private,
                                 repo_type=repo_type,
                                 repo_group=parent_id,
                                 clone_uri=None
                             ),
                             owner
                         )
                         Session.commit()
                         return dict(
                             id=repo.repo_id,
                             msg="Created new repository %s" % repo.repo_name
                         )
                     except Exception:
                         log.error(traceback.format_exc())
                         raise JSONRPCError('failed to create repository %s' % repo_name)
                 @HasPermissionAnyDecorator('hg.admin')
                 def delete_repo(self, apiuser, repo_name):
                     """
                     Deletes a given repository
                     :param repo_name:
                     """
                     if not Repository.get_by_repo_name(repo_name):
                         raise JSONRPCError("repo %s does not exist" % repo_name)
                     try:
                         RepoModel().delete(repo_name)
                         Session.commit()
                         return dict(
                             msg='Deleted repository %s' % repo_name
                         )
                     except Exception:
                         log.error(traceback.format_exc())
                         raise JSONRPCError('failed to delete repository %s' % repo_name)
                 @HasPermissionAnyDecorator('hg.admin')
-                def grant_user_permission(self, repo_name, username, perm):
+                def grant_user_permission(self, apiuser, repo_name, username, perm):
                     """
                     Grant permission for user on given repository, or update existing one
                     if found
                     :param repo_name:
                     :param username:
                     :param perm:
                     """
                     try:
                         repo = Repository.get_by_repo_name(repo_name)
                         if repo is None:
                             raise JSONRPCError('unknown repository %s' % repo)
                         user = User.get_by_username(username)
                         if user is None:
                             raise JSONRPCError('unknown user %s' % username)
                         RepoModel().grant_user_permission(repo=repo, user=user, perm=perm)
                         Session.commit()
                         return dict(
                             msg='Granted perm: %s for user: %s in repo: %s' % (
                                 perm, username, repo_name
                             )
                         )
                     except Exception:
                         log.error(traceback.format_exc())
                         raise JSONRPCError(
                             'failed to edit permission %(repo)s for %(user)s' % dict(
                                 user=username, repo=repo_name
                             )
                         )
                 @HasPermissionAnyDecorator('hg.admin')
-                def revoke_user_permission(self, repo_name, username):
+                def revoke_user_permission(self, apiuser, repo_name, username):
                     """
                     Revoke permission for user on given repository
                     :param repo_name:
                     :param username:
                     """
                     try:
                         repo = Repository.get_by_repo_name(repo_name)
                         if repo is None:
                             raise JSONRPCError('unknown repository %s' % repo)
                         user = User.get_by_username(username)
                         if user is None:
                             raise JSONRPCError('unknown user %s' % username)
                         RepoModel().revoke_user_permission(repo=repo_name, user=username)
                         Session.commit()
                         return dict(
                             msg='Revoked perm for user: %s in repo: %s' % (
                                 username, repo_name
                             )
                         )
                     except Exception:
                         log.error(traceback.format_exc())
                         raise JSONRPCError(
                             'failed to edit permission %(repo)s for %(user)s' % dict(
                                 user=username, repo=repo_name
                             )
                         )
                 @HasPermissionAnyDecorator('hg.admin')
-                def grant_users_group_permission(self, repo_name, group_name, perm):
+                def grant_users_group_permission(self, apiuser, repo_name, group_name, perm):
                     """
                     Grant permission for users group on given repository, or update
                     existing one if found
                     :param repo_name:
                     :param group_name:
                     :param perm:
                     """
                     try:
                         repo = Repository.get_by_repo_name(repo_name)
                         if repo is None:
                             raise JSONRPCError('unknown repository %s' % repo)
                         user_group = UsersGroup.get_by_group_name(group_name)
                         if user_group is None:
                             raise JSONRPCError('unknown users group %s' % user_group)
                         RepoModel().grant_users_group_permission(repo=repo_name,
                                                                  group_name=group_name,
                                                                  perm=perm)
                         Session.commit()
                         return dict(
                             msg='Granted perm: %s for group: %s in repo: %s' % (
                                 perm, group_name, repo_name
                             )
                         )
                     except Exception:
                         log.error(traceback.format_exc())
                         raise JSONRPCError(
                             'failed to edit permission %(repo)s for %(usersgr)s' % dict(
                                 usersgr=group_name, repo=repo_name
                             )
                         )
                 @HasPermissionAnyDecorator('hg.admin')
-                def revoke_users_group_permission(self, repo_name, group_name):
+                def revoke_users_group_permission(self, apiuser, repo_name, group_name):
                     """
                     Revoke permission for users group on given repository
                     :param repo_name:
                     :param group_name:
                     """
                     try:
                         repo = Repository.get_by_repo_name(repo_name)
                         if repo is None:
                             raise JSONRPCError('unknown repository %s' % repo)
                         user_group = UsersGroup.get_by_group_name(group_name)
                         if user_group is None:
                             raise JSONRPCError('unknown users group %s' % user_group)
                         RepoModel().revoke_users_group_permission(repo=repo_name,
                                                                   group_name=group_name)
                         Session.commit()
                         return dict(
                             msg='Revoked perm for group: %s in repo: %s' % (
                                 group_name, repo_name
                             )
                         )
                     except Exception:
                         log.error(traceback.format_exc())
                         raise JSONRPCError(
                             'failed to edit permission %(repo)s for %(usersgr)s' % dict(
                                 usersgr=group_name, repo=repo_name
                             )
                         )