self.permissions = {}

        self._api_key = api_key

        self.propagate_data()

    def propagate_data(self):

        user_model = UserModel()

        is_user_loaded = False

        # try go get user by api key

        if self._api_key and self._api_key != self.anonymous_user.api_key:

            log.debug('Auth User lookup by API KEY %s', self._api_key)

            is_user_loaded = user_model.fill_data(self, api_key=self._api_key)

        if self.check_permissions():

            log.debug('Permission granted for %s %s', cls, self.user)

            return func(*fargs, **fkwargs)

        else:

            log.warning('Permission denied for %s %s', cls, self.user)

            anonymous = self.user.username == 'default'

            if anonymous:

                p = url.current()

                import rhodecode.lib.helpers as h

        self.required_perms = set(perms)

        self.user_perms = None

        self.granted_for = ''

        self.repo_name = None

    def __call__(self, check_Location=''):

        if not user:

            return False

        self.user_perms = user.permissions

        self.granted_for = user

        log.debug('checking %s %s %s', self.__class__.__name__,

                  self.required_perms, user)

            api_key = request.GET.get('api_key')

            cookie_store = session.get('rhodecode_user') or {}

            user_id = cookie_store.get('user_id', None)

            username = get_container_username(environ, config)

            auth_user = AuthUser(user_id, api_key, username)

            self.rhodecode_user = c.rhodecode_user = auth_user

            if not self.rhodecode_user.is_authenticated and \

                       self.rhodecode_user.user_id is not None:

                self.rhodecode_user\

                    .set_authenticated(cookie_store.get('is_authenticated'))

        address from field 'email_to' is used instead

    :param subject: subject of the mail

    :param body: body of the mail

    :param html_body: html version of body

    """

    log = get_logger(send_email)

    email_config = config

    subject = "%s %s" % (email_config.get('email_prefix'), subject)

    if not recipients:

        # if recipients are not defined we send to email_config + all admins

        admins = [u.email for u in User.query()

                  .filter(User.admin == True).all()]

        recipients = [email_config.get('email_to')] + admins

from rhodecode.lib.utils import BasePasterCommand, Command

from celery.app import app_or_default

from celery.bin import camqadm, celerybeat, celeryd, celeryev

from rhodecode.lib import str2bool

        except KeyError:

            CELERY_ON = False

        if CELERY_ON == False:

            raise Exception('Please enable celery_on in .ini config '

                            'file before running celeryd')

        cmd = self.celery_command(app_or_default())

        return cmd.run(**vars(self.options))

class CeleryDaemonCommand(CeleryCommand):

    """Start the celery worker

    members = relationship('UsersGroupMember', cascade="all, delete, delete-orphan", lazy="joined")

    def __repr__(self):

        return '<userGroup(%s)>' % (self.users_group_name)

    @classmethod

        if case_insensitive:

        else:

        if cache:

    @classmethod

    def get(cls, users_group_id, cache=False):

        users_group = cls.query()

        if cache:

    def base_path(cls):

        """

        Returns base path when all repos are stored

        :param cls:

        """

        return q.one().ui_value

    @property

    def just_name(self):

        return self.repo_name.split(Repository.url_sep())[-1]

                                  self.permission_id, self.permission_name)

    @classmethod

    def get_by_key(cls, key):

        return cls.query().filter(cls.permission_name == key).scalar()

class UserRepoToPerm(Base, BaseModel):

    __tablename__ = 'repo_to_perm'

    __table_args__ = (UniqueConstraint('user_id', 'repository_id'), {'extend_existing':True})

    repo_to_perm_id = Column("repo_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

    user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)

    permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

    __table_args__ = (UniqueConstraint('user_id', 'permission_id'), {'extend_existing':True})

    user_to_perm_id = Column("user_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

    user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)

    permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

    user = relationship('User')

    @classmethod

    def has_perm(cls, user_id, perm):

        if not isinstance(perm, Permission):

            raise Exception('perm needs to be an instance of Permission class')

    def __repr__(self):

        return '<%s (%s)>' % (self.__class__.__name__, self.__len__())

    def __iter__(self):

        for dbr in self.db_repo_list:

            scmr = dbr.scm_instance_cached

            # check permission at this level

            if not HasRepoPermissionAny('repository.read', 'repository.write',

                                        'repository.admin')(dbr.repo_name,

                                                            'get repo check'):

                continue

            tmp_d = {}

            tmp_d['name'] = dbr.repo_name

            tmp_d['name_sort'] = tmp_d['name'].lower()

            tmp_d['description'] = dbr.description

            tmp_d['description_sort'] = tmp_d['description']

            tmp_d['last_change'] = last_change

            tmp_d['tip'] = tip.raw_id

            tmp_d['tip_sort'] = tip.revision

            tmp_d['rev'] = tip.revision

            tmp_d['contact'] = dbr.user.full_contact

            tmp_d['contact_sort'] = tmp_d['contact']

            tmp_d['owner_sort'] = tmp_d['contact']

            tmp_d['repo_archives'] = list(scmr._get_archives())

            tmp_d['last_msg'] = tip.message

            tmp_d['author'] = tip.author

            tmp_d['dbrepo'] = dbr.get_dict()

            yield tmp_d

class ScmModel(BaseModel):

    """

    Generic Scm Model

    """

        except:

            log.error(traceback.format_exc())

            self.sa.rollback()

            raise

                         active=True, admin=False, ldap_dn=None):

        """

        Creates a new instance if not found, or updates current one

        :param username:

        :param password:

        :param name:

        :param lastname:

        :param active:

        :param admin:

        :param ldap_dn:

        """

        from rhodecode.lib.auth import get_crypt_password

        log.debug('Checking for %s account in RhodeCode database', username)

        user = User.get_by_username(username, case_insensitive=True)

        if user is None:

            new_user = User()

        else:

            new_user = user

        try:

            new_user.username = username

            new_user.admin = admin

            new_user.password = get_crypt_password(password)

            new_user.api_key = generate_api_key(username)

            new_user.email = email

            self.sa.commit()

            return new_user

        except (DatabaseError,):

            log.error(traceback.format_exc())

            self.sa.rollback()

            raise

    def create_for_container_auth(self, username, attrs):

        """

        Creates the given user if it's not already in the database

        :param username:

        :param attrs:

        user.permissions['repositories'] = {}

        user.permissions['global'] = set()

        #======================================================================

        # fetch default permissions

        #======================================================================

        if user.is_admin:

            #==================================================================

            # #admin have all default rights set to admin

            #==================================================================

            user.permissions['global'].add('hg.admin')

            # set default permissions

            #==================================================================

            uid = user.user_id

            #default global

            default_global_perms = self.sa.query(UserToPerm)\

            for perm in default_global_perms:

                user.permissions['global'].add(perm.permission.permission_name)

            #default for repositories

            for perm in default_perms:

                if perm.Repository.private and not (perm.Repository.user_id ==

                                                    uid):

                    p = 'repository.none'

                elif perm.Repository.user_id == uid:

                    #set admin if owner

                    p = 'repository.admin'

                else:

                    p = perm.Permission.permission_name

            #==================================================================

            # check if user is part of groups for this repository and fill in

            # (or replace with higher) permissions

            #==================================================================

            user_perms_from_users_groups = self.sa.query(UsersGroupToPerm)\

                .options(joinedload(UsersGroupToPerm.permission))\

                .join((UsersGroupMember, UsersGroupToPerm.users_group_id ==

                       UsersGroupMember.users_group_id))\

                .filter(UsersGroupMember.user_id == uid).all()

            for perm in user_perms_from_users_groups:

                user.permissions['global'].add(perm.permission.permission_name)

            user_repo_perms_from_users_groups = self.sa.query(

                                                UsersGroupRepoToPerm,

                                                Permission, Repository,)\

                .join((Repository, UsersGroupRepoToPerm.repository_id ==

                       Repository.repo_id))\

                .join((Permission, UsersGroupRepoToPerm.permission_id ==

            for perm in user_repo_perms_from_users_groups:

                p = perm.Permission.permission_name

                cur_perm = user.permissions['repositories'][perm.

                                                    UsersGroupRepoToPerm.

                                                    repository.repo_name]

                # given from other sources

                if PERM_WEIGHTS[p] > PERM_WEIGHTS[cur_perm]:

                    user.permissions['repositories'][perm.UsersGroupRepoToPerm.

                                                     repository.repo_name] = p

        return user

	margin: 0 0 0 200px;

}

#content div.box div.form div.fields div.field div.input.summary {

    margin: 0 0 0 110px;

}

#content div.box div.form div.fields div.field div.file {

	margin: 0 0 0 200px;

}

#content div.box-left div.form div.fields div.field div.input,#content div.box-right div.form div.fields div.field div.input

	{

</%def>

<%def name="page_nav()">

	${self.menu('summary')}    

</%def>

<%def name="main()">

    %if c.show_stats:

        <div class="box box-left">

    %else:

        <div class="box">

    %endif

    <!-- box / title -->

	  <div id="summary" class="fields">

			 <div class="field">

			  <div class="label-summary">

			      <label>${_('Name')}:</label>

			  </div>

                  <div style="float:right;padding:5px 0px 0px 5px">		  

                     %if c.rhodecode_user.username != 'default':

                      ${h.link_to(_('RSS'),h.url('rss_feed_home',repo_name=c.dbrepo.repo_name,api_key=c.rhodecode_user.api_key),class_='rss_icon')}

                      ${h.link_to(_('ATOM'),h.url('atom_feed_home',repo_name=c.dbrepo.repo_name,api_key=c.rhodecode_user.api_key),class_='atom_icon')}

                     %else:

                      ${h.link_to(_('RSS'),h.url('rss_feed_home',repo_name=c.dbrepo.repo_name),class_='rss_icon')}

			 </div>

			 <div class="field">

			  <div class="label-summary">

			      <label>${_('Description')}:</label>

			  </div>

			 </div>

			 <div class="field">

			  <div class="label-summary">

			      <label>${_('Contact')}:</label>

			  </div>

			  	<div class="gravatar">

			  		<img alt="gravatar" src="${h.gravatar_url(c.dbrepo.user.email)}"/>

			  	</div>

			  		${_('Username')}: ${c.dbrepo.user.username}<br/>

			  		${_('Name')}: ${c.dbrepo.user.name} ${c.dbrepo.user.lastname}<br/>

			  		${_('Email')}: <a href="mailto:${c.dbrepo.user.email}">${c.dbrepo.user.email}</a>

			 </div>

			 <div class="field">

			  <div class="label-summary">

			      <label>${_('Last change')}:</label>

			  </div>

                  <b>${'r%s:%s' % (h.get_changeset_safe(c.rhodecode_repo,'tip').revision,

                            h.get_changeset_safe(c.rhodecode_repo,'tip').short_id)}</b> - 

			      <span class="tooltip" title="${c.rhodecode_repo.last_change}">

			      ${h.age(c.rhodecode_repo.last_change)}</span>

			      ${_('by')} ${h.get_changeset_safe(c.rhodecode_repo,'tip').author} 

			  </div>

			 </div>

			 <div class="field">

			  <div class="label-summary">

			      <label>${_('Clone url')}:</label>

			  </div>

			      <input type="text" id="clone_url" readonly="readonly" value="${c.rhodecode_repo.alias} clone ${c.clone_repo_url}" size="70"/>

			  </div>

			 </div>

			 <div class="field">

			  <div class="label-summary">

			      <label>${_('Trending files')}:</label>

			  </div>

                %if c.show_stats:

			    <div id="lang_stats"></div>

                %else:

                   %if h.HasPermissionAll('hg.admin')('enable stats on from summary'):

                %endif		   

			  </div>

			 </div>

			 <div class="field">

			  <div class="label-summary">

			      <label>${_('Download')}:</label>

			  </div>

		        %if len(c.rhodecode_repo.revisions) == 0:

		          ${_('There are no downloads yet')}

		        %elif c.enable_downloads is False:

		          ${_('Downloads are disabled for this repository')}

                    %if h.HasPermissionAll('hg.admin')('enable downloads on from summary'):

                        ${h.link_to(_('enable'),h.url('edit_repo',repo_name=c.repo_name),class_="ui-button-small")}