self.__load_defaults()

        return render('admin/repo_groups/repo_group_add.html')

    @HasRepoGroupPermissionAnyDecorator('group.admin')

    def update(self, group_name):

        self.__load_defaults(extras=[c.repo_group.parent_group],

                             exclude=[c.repo_group])

        # TODO: kill allow_empty_group - it is only used for redundant form validation!

        if HasPermissionAny('hg.admin')('group edit'):

            #we're global admin, we're ok and we can create TOP level groups

                    % request.POST.get('group_name'), category='error')

        raise HTTPFound(location=url('edit_repo_group', group_name=group_name))

    @HasRepoGroupPermissionAnyDecorator('group.admin')

    def delete(self, group_name):

        repos = gr.repositories.all()

        if repos:

            h.flash(_('This group contains %s repositories and cannot be '

                      'deleted') % len(repos), category='warning')

            raise HTTPFound(location=url('repos_groups'))

    @HasRepoGroupPermissionAnyDecorator('group.read', 'group.write',

                                         'group.admin')

    def show(self, group_name):

        c.active = 'settings'

        groups = RepoGroup.query(sorted=True).filter_by(parent_group=c.group).all()

        c.groups = self.scm_model.get_repo_groups(groups)

        repos_list = Repository.query(sorted=True).filter_by(group=c.group).all()

        repos_data = RepoModel().get_repos_as_dict(repos_list=repos_list,

        return render('admin/repo_groups/repo_group_show.html')

    @HasRepoGroupPermissionAnyDecorator('group.admin')

    def edit(self, group_name):

        c.active = 'settings'

        self.__load_defaults(extras=[c.repo_group.parent_group],

                             exclude=[c.repo_group])

        defaults = self.__load_data(c.repo_group.group_id)

        return htmlfill.render(

            render('admin/repo_groups/repo_group_edit.html'),

            force_defaults=False

        )

    @HasRepoGroupPermissionAnyDecorator('group.admin')

    def edit_repo_group_advanced(self, group_name):

        c.active = 'advanced'

        return render('admin/repo_groups/repo_group_edit.html')

    @HasRepoGroupPermissionAnyDecorator('group.admin')

    def edit_repo_group_perms(self, group_name):

        c.active = 'perms'

        self.__load_defaults()

        defaults = self.__load_data(c.repo_group.group_id)

        return htmlfill.render(

            render('admin/repo_groups/repo_group_edit.html'),

            defaults=defaults,

        """

        Update permissions for given repository group

        :param group_name:

        """

        valid_recursive_choices = ['none', 'repos', 'groups', 'all']

        form_result = RepoGroupPermsForm(valid_recursive_choices)().to_python(request.POST)

        if not request.authuser.is_admin:

            if self._revoke_perms_on_yourself(form_result):

                msg = _('Cannot revoke permission for yourself as admin')

                h.flash(msg, category='warning')

def get_repo_group_or_error(repogroupid):

    """

    Get repo group by id or name or return JsonRPCError if not found

    :param repogroupid:

    """

    if repo_group is None:

        raise JSONRPCError(

            'repository group `%s` does not exist' % (repogroupid,))

    return repo_group

from kallithea.lib.utils import setup_cache_regions, action_logger

from kallithea.lib.utils2 import str2bool

from kallithea.lib.vcs.utils import author_email

from kallithea.lib.compat import json, OrderedDict

from kallithea.lib.hooks import log_create_repository

setup_cache_regions(config)  # pragma: no cover

__all__ = ['whoosh_index', 'get_commits_stats', 'send_email']

        DBS.commit()

        # now create this repo on Filesystem

        RepoModel(DBS)._create_filesystem_repo(

            repo_name=repo_name,

            repo_type=repo_type,

            clone_uri=clone_uri,

        )

        repo = Repository.get_by_repo_name(repo_name_full)

        log_create_repository(repo.get_dict(), created_by=owner.username)

        # update repo changeset caches initially

        source_repo_path = os.path.join(base_path, fork_of.repo_name)

        # now create this repo on Filesystem

        RepoModel(DBS)._create_filesystem_repo(

            repo_name=repo_name,

            repo_type=repo_type,

            clone_uri=source_repo_path,

        )

        repo = Repository.get_by_repo_name(repo_name_full)

        log_create_repository(repo.get_dict(), created_by=owner.username)

        # update repo changeset caches initially

class RepoModel(BaseModel):

    URL_SEPARATOR = Repository.url_sep()

    def _create_default_perms(self, repository, private):

        # create default permission

        default = 'repository.read'

        def_user = User.get_default_user()

        for p in def_user.user_perms:

            if p.permission.permission_name.startswith('repository.'):

        """

        from kallithea.model.scm import ScmModel

        owner = User.guess_instance(owner)

        fork_of = Repository.guess_instance(fork_of)

        try:

            repo_name = safe_unicode(repo_name)

            description = safe_unicode(description)

            # repo name is just a name of repository

            # while repo_name_full is a full qualified name that is combined

            # with name and path of group

        :param repo: Instance of Repository, repository_id, or repository name

        :param group_name: Instance of UserGroup, users_group_id,

            or user group name

        :param perm: Instance of Permission, or permission_name

        """

        repo = Repository.guess_instance(repo)

        permission = Permission.guess_instance(perm)

        # check if we have that permission already

        obj = self.sa.query(UserGroupRepoToPerm) \

            .filter(UserGroupRepoToPerm.users_group == group_name) \

            .filter(UserGroupRepoToPerm.repository == repo) \

        :param repo: Instance of Repository, repository_id, or repository name

        :param group_name: Instance of UserGroup, users_group_id,

            or user group name

        """

        repo = Repository.guess_instance(repo)

        obj = self.sa.query(UserGroupRepoToPerm) \

            .filter(UserGroupRepoToPerm.repository == repo) \

            .filter(UserGroupRepoToPerm.users_group == group_name) \

            .scalar()

        if obj is not None:

log = logging.getLogger(__name__)

class RepoGroupModel(BaseModel):

    @LazyProperty

    def repos_path(self):

        """

        Gets the repositories root path from database

        """

                shutil.move(rm_path, os.path.join(self.repos_path, _d))

    def create(self, group_name, group_description, owner, parent=None,

               just_db=False, copy_permissions=False):

        try:

            owner = User.guess_instance(owner)

            new_repo_group = RepoGroup()

            new_repo_group.owner = owner

            new_repo_group.group_description = group_description or group_name

            new_repo_group.parent_group = parent_group

            new_repo_group.group_name = new_repo_group.get_new_name(group_name)

        return updates

    def update(self, repo_group, form_data):

        try:

            old_path = repo_group.full_path

            # change properties

            repo_group.group_description = form_data['group_description']

            repo_group.parent_group_id = form_data['parent_group_id']

            repo_group.enable_locking = form_data['enable_locking']

            return repo_group

        except Exception:

            log.error(traceback.format_exc())

            raise

    def delete(self, repo_group, force_delete=False):

        try:

            self.sa.delete(repo_group)

            self._delete_group(repo_group, force_delete)

        except Exception:

            log.error('Error removing repo_group %s', repo_group)

            raise

    def add_permission(self, repo_group, obj, obj_type, perm, recursive):

        from kallithea.model.repo import RepoModel

        perm = Permission.guess_instance(perm)

        for el in repo_group.recursive_groups_and_repos():

            # iterated obj is an instance of a repos group or repository in

            # that group, recursive option can be: none, repos, groups, all

            if recursive == 'all':

        :param repo_group:

        :param obj: user or user group id

        :param obj_type: user or user group type

        :param recursive: recurse to all children of group

        """

        from kallithea.model.repo import RepoModel

        for el in repo_group.recursive_groups_and_repos():

            # iterated obj is an instance of a repos group or repository in

            # that group, recursive option can be: none, repos, groups, all

            if recursive == 'all':

                pass

        :param repo_group: Instance of RepoGroup, repositories_group_id,

            or repositories_group name

        :param user: Instance of User, user_id or username

        :param perm: Instance of Permission, or permission_name

        """

        user = User.guess_instance(user)

        permission = Permission.guess_instance(perm)

        # check if we have that permission already

        obj = self.sa.query(UserRepoGroupToPerm) \

            .filter(UserRepoGroupToPerm.user == user) \

        :param repo_group: Instance of RepoGroup, repositories_group_id,

            or repositories_group name

        :param user: Instance of User, user_id or username

        """

        user = User.guess_instance(user)

        obj = self.sa.query(UserRepoGroupToPerm) \

            .filter(UserRepoGroupToPerm.user == user) \

            .filter(UserRepoGroupToPerm.group == repo_group) \

            .scalar()

        :param repo_group: Instance of RepoGroup, repositories_group_id,

            or repositories_group name

        :param group_name: Instance of UserGroup, users_group_id,

            or user group name

        :param perm: Instance of Permission, or permission_name

        """

        permission = Permission.guess_instance(perm)

        # check if we have that permission already

        obj = self.sa.query(UserGroupRepoGroupToPerm) \

            .filter(UserGroupRepoGroupToPerm.group == repo_group) \

            .filter(UserGroupRepoGroupToPerm.users_group == group_name) \

        :param repo_group: Instance of RepoGroup, repositories_group_id,

            or repositories_group name

        :param group_name: Instance of UserGroup, users_group_id,

            or user group name

        """

        obj = self.sa.query(UserGroupRepoGroupToPerm) \

            .filter(UserGroupRepoGroupToPerm.group == repo_group) \

            .filter(UserGroupRepoGroupToPerm.users_group == group_name) \

            .scalar()

        if obj is not None:

log = logging.getLogger(__name__)

class UserGroupModel(BaseModel):

    def _create_default_perms(self, user_group):

        # create default permission

        default_perm = 'usergroup.read'

        def_user = User.get_default_user()

        for p in def_user.user_perms:

            if p.permission.permission_name.startswith('usergroup.'):

                    )

    def get(self, user_group_id, cache=False):

        return UserGroup.get(user_group_id)

    def get_group(self, user_group):

    def get_by_name(self, name, cache=False, case_insensitive=False):

        return UserGroup.get_by_group_name(name, cache, case_insensitive)

    def create(self, name, description, owner, active=True, group_data=None):

        try:

            log.error(traceback.format_exc())

            raise

    def update(self, user_group, form_data):

        try:

            for k, v in form_data.items():

                if k == 'users_group_members':

                    members_list = []

                    if v:

                        v = [v] if isinstance(v, basestring) else v

        raises exception if there are members in that group, else deletes

        group and users

        :param user_group:

        :param force:

        """

        try:

            # check if this group is not assigned to repo

            assigned_groups = UserGroupRepoToPerm.query() \

                .filter(UserGroupRepoToPerm.users_group == user_group).all()

            assigned_groups = [x.repository.repo_name for x in assigned_groups]

            self.sa.delete(user_group)

        except Exception:

            log.error(traceback.format_exc())

            raise

    def add_user_to_group(self, user_group, user):

        user = User.guess_instance(user)

        for m in user_group.members:

            u = m.user

            if u.user_id == user.user_id:

                # user already in the group, skip

            return user_group_member

        except Exception:

            log.error(traceback.format_exc())

            raise

    def remove_user_from_group(self, user_group, user):

        user = User.guess_instance(user)

        user_group_member = None

        for m in user_group.members:

            if m.user_id == user.user_id:

                # Found this user's membership row

                raise

        else:

            # User isn't in that group

            return False

    def has_perm(self, user_group, perm):

        perm = Permission.guess_instance(perm)

        return UserGroupToPerm.query() \

            .filter(UserGroupToPerm.users_group == user_group) \

            .filter(UserGroupToPerm.permission == perm).scalar() is not None

    def grant_perm(self, user_group, perm):

        perm = Permission.guess_instance(perm)

        # if this permission is already granted skip it

        _perm = UserGroupToPerm.query() \

            .filter(UserGroupToPerm.users_group == user_group) \

            .filter(UserGroupToPerm.permission == perm) \

        new.users_group = user_group

        new.permission = perm

        self.sa.add(new)

        return new

    def revoke_perm(self, user_group, perm):

        perm = Permission.guess_instance(perm)

        obj = UserGroupToPerm.query() \

            .filter(UserGroupToPerm.users_group == user_group) \

            .filter(UserGroupToPerm.permission == perm).scalar()

        if obj is not None:

        :param user_group: Instance of UserGroup, users_group_id,

            or users_group_name

        :param user: Instance of User, user_id or username

        :param perm: Instance of Permission, or permission_name

        """

        user = User.guess_instance(user)

        permission = Permission.guess_instance(perm)

        # check if we have that permission already

        obj = self.sa.query(UserUserGroupToPerm) \

            .filter(UserUserGroupToPerm.user == user) \

        :param user_group: Instance of RepoGroup, repositories_group_id,

            or repositories_group name

        :param user: Instance of User, user_id or username

        """

        user = User.guess_instance(user)

        obj = self.sa.query(UserUserGroupToPerm) \

            .filter(UserUserGroupToPerm.user == user) \

            .filter(UserUserGroupToPerm.user_group == user_group) \

            .scalar()

        Grant user group permission for given target_user_group

        :param target_user_group:

        :param user_group:

        :param perm:

        """

        permission = Permission.guess_instance(perm)

        # forbid assigning same user group to itself

        if target_user_group == user_group:

            raise RepoGroupAssignmentError('target repo:%s cannot be '

                                           'assigned to itself' % target_user_group)

        """

        Revoke user group permission for given target_user_group

        :param target_user_group:

        :param user_group:

        """

        obj = self.sa.query(UserGroupUserGroupToPerm) \

            .filter(UserGroupUserGroupToPerm.target_user_group == target_user_group) \

            .filter(UserGroupUserGroupToPerm.user_group == user_group) \

            .scalar()

        if obj is not None: