self.__load_defaults()

        _defaults = {}

        # default plugins loaded

        formglobals = {

            "auth_plugins": ["kallithea.lib.auth_modules.auth_internal"]

        }

        formglobals.update(Setting.get_auth_settings())

        formglobals["plugin_settings"] = {}

        formglobals["auth_plugins_shortnames"] = {}

        _defaults["auth_plugins"] = formglobals["auth_plugins"]

        for module in formglobals["auth_plugins"]:

            plugin = auth_modules.loadplugin(module)

            plugin_name = plugin.name

            formglobals["auth_plugins_shortnames"][module] = plugin_name

            formglobals["plugin_settings"][module] = plugin.plugin_settings()

            for v in formglobals["plugin_settings"][module]:

                fullname = ("auth_" + plugin_name + "_" + v["name"])

                if "default" in v:

                    _defaults[fullname] = v["default"]

                # Current values will be the default on the form, if there are any

                setting = Setting.get_by_name(fullname)

                if setting:

                    _defaults[fullname] = setting.app_settings_value

        _defaults['auth_plugins'] = ','.join(_defaults['auth_plugins'])

        if defaults:

            _defaults.update(defaults)

        formglobals["defaults"] = _defaults

        # set template context variables

        for k, v in formglobals.iteritems():

            setattr(c, k, v)

        log.debug(pprint.pformat(formglobals, indent=4))

        log.debug(formatted_json(defaults))

        return formencode.htmlfill.render(

            render('admin/auth/auth_settings.html'),

            defaults=_defaults,

            errors=errors,

            prefix_error=prefix_error,

            encoding="UTF-8",

            force_defaults=True,

        )

    def auth_settings(self):

        """POST create and store auth settings"""

        self.__load_defaults()

        _form = AuthSettingsForm(c.enabled_plugins)()

                # raised if nothing was changed in repo itself. We anyway then

                # store only DB stuff for gist

                Session().commit()

                h.flash(_('Successfully updated gist data'), category='success')

            except Exception:

                log.error(traceback.format_exc())

                h.flash(_('Error occurred during update of gist %s') % gist_id,

                        category='error')

            return redirect(url('gist', gist_id=gist_id))

        return rendered

    @LoginRequired()

    @NotAnonymous()

    @jsonify

    def check_revision(self, gist_id):

        c.gist = Gist.get_or_404(gist_id)

        last_rev = c.gist.scm_instance.get_changeset()

        success = True

        revision = request.POST.get('revision')

        ##TODO: maybe move this to model ?

        if revision != last_rev.raw_id:

                      % (revision, last_rev))

            # our gist has newer version than we

            success = False

        return {'success': success}

        _repos = Repository.query().order_by(Repository.repo_name).all()

        read_access_repos = RepoList(_repos)

        c.repos_list = [(None, _('-- Not a fork --'))]

        c.repos_list += [(x.repo_id, x.repo_name)

                         for x in read_access_repos

                         if x.repo_id != c.repo_info.repo_id]

        defaults = {

            'id_fork_of': c.repo_info.fork.repo_id if c.repo_info.fork else ''

        }

        c.active = 'advanced'

        if request.POST:

            return redirect(url('repo_edit_advanced'))

        return htmlfill.render(

            render('admin/repos/repo_edit.html'),

            defaults=defaults,

            encoding="UTF-8",

            force_defaults=False)

    @HasRepoPermissionAllDecorator('repository.admin')

    def edit_advanced_journal(self, repo_name):

        """

        :param repo_name:

        """

        cur_token = request.POST.get('auth_token')

        token = get_token()

        if cur_token == token:

            try:

                repo_id = Repository.get_by_repo_name(repo_name).repo_id

                user_id = User.get_default_user().user_id

                self.scm_model.toggle_following_repo(repo_id, user_id)

                h.flash(_('Updated repository visibility in public journal'),

                        category='success')

                Session().commit()

            except Exception:

                h.flash(_('An error occurred during setting this'

                          ' repository in public journal'),

                        category='error')

        else:

            h.flash(_('Token mismatch'), category='error')

        return redirect(url('edit_repo_advanced', repo_name=repo_name))

        if not HasPermissionAnyApi('hg.admin')(user=apiuser):

            # check if we have admin permission for this repo !

            if not HasRepoPermissionAnyApi('repository.admin',

                                           'repository.write')(

                    user=apiuser, repo_name=repo.repo_name):

                raise JSONRPCError('repository `%s` does not exist' % (repoid,))

        try:

            ScmModel().mark_for_invalidation(repo.repo_name)

            return dict(

                msg='Cache for repository `%s` was invalidated' % (repoid,),

                repository=repo.repo_name

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError(

                'Error occurred during cache invalidation action'

            )

    # permission check inside

    def lock(self, apiuser, repoid, locked=Optional(None),

             userid=Optional(OAttr('apiuser'))):

        """

        Set locking state on given repository by given user. If userid param

        If locked param is skipped then function shows current lock state of

        given repo. This command can be executed only using api_key belonging

        to user with admin rights or regular user that have admin or write

        access to repository.

        :param apiuser: filled automatically from apikey

        :type apiuser: AuthUser

        :param repoid: repository name or repository id

        :type repoid: str or int

        :param locked: lock state to be set

        :type locked: Optional(bool)

        :param userid: set lock as user

        :type userid: Optional(str or int)

        OUTPUT::

          id : <id_given_in_input>

          result : {

            'repo': '<reponame>',

            'locked': <bool: lock state>,

            'locked_since': <int: lock timestamp>,

            'locked_by': <username of person who made the lock>,

            'lock_state_changed': <bool: True if lock state has been changed in this request>,

            'msg': 'Repo `<reponame>` locked by `<username>` on <timestamp>.'

                    lock_time = time.time()

                    Repository.lock(repo, user.user_id, lock_time)

                else:

                    lock_time = None

                    Repository.unlock(repo)

                _d = {

                    'repo': repo.repo_name,

                    'locked': locked,

                    'locked_since': lock_time,

                    'locked_by': user.username,

                    'lock_state_changed': True,

                    'msg': ('User `%s` set lock state for repo `%s` to `%s`'

                            % (user.username, repo.repo_name, locked))

                }

                return _d

            except Exception:

                log.error(traceback.format_exc())

                raise JSONRPCError(

                    'Error occurred locking repository `%s`' % repo.repo_name

                )

    def get_locks(self, apiuser, userid=Optional(OAttr('apiuser'))):

        """

        Get all repositories with locks for given userid, if

        who is calling this method, thus returning locks for himself.

        :param apiuser: filled automatically from apikey

        :type apiuser: AuthUser

        :param userid: User to get locks for

        :type userid: Optional(str or int)

        OUTPUT::

          id : <id_given_in_input>

          result : {

            [repo_object, repo_object,...]

          }

          error :  null

        """

        if not HasPermissionAnyApi('hg.admin')(user=apiuser):

            # make sure normal user does not pass someone else userid,

            # he is not allowed to do that

            if not isinstance(userid, Optional) and userid != apiuser.user_id:

                raise JSONRPCError(

                    'userid is not the same as your user'

                )

    @HasPermissionAllDecorator('hg.admin')

    def get_server_info(self, apiuser):

        """

        return server info, including Kallithea version and installed packages

        :param apiuser: filled automatically from apikey

        :type apiuser: AuthUser

        OUTPUT::

          id : <id_given_in_input>

          result : {

            'modules': [<module name>,...]

            'py_version': <python version>,

            'platform': <platform type>,

            'kallithea_version': <kallithea version>

          }

          error :  null

        """

        return Setting.get_server_info()

    def get_user(self, apiuser, userid=Optional(OAttr('apiuser'))):

        """

        not found. If userid param is skipped it is set to id of user who is

        calling this method. This command can be executed only using api_key

        belonging to user with admin rights, or regular users that cannot

        specify different userid than theirs

        :param apiuser: filled automatically from apikey

        :type apiuser: AuthUser

        :param userid: user to get data for

        :type userid: Optional(str or int)

        OUTPUT::

            id : <id_given_in_input>

            result: None if user does not exist or

                    {

                        "user_id" :     "<user_id>",

                        "api_key" :     "<api_key>",

                        "api_keys":     "[<list of all api keys including additional ones>]"

                        "username" :    "<username>",

                        "firstname":    "<firstname>",

                        "lastname" :    "<lastname>",

                        "email" :       "<email>",

                        "emails":       "[<list of all emails including additional ones>]",

                        "active" :      "<bool: user active>",

                        "admin" :       "<bool: user is admin>",

                        "extern_name" : "<extern_name>",

                        "extern_type" : "<extern type>

                        "last_login":   "<last_login>",

                        "permissions": {

                            "global": ["hg.create.repository",

                                       "repository.read",

                                       "hg.register.manual_activate"],

                            "repositories": {"repo1": "repository.none"},

                            "repositories_groups": {"Group1": "group.read"}

                         },

                    }

            error:  null

        """

        if not HasPermissionAnyApi('hg.admin')(user=apiuser):

            # make sure normal user does not pass someone else userid,

            # he is not allowed to do that

            if not isinstance(userid, Optional) and userid != apiuser.user_id:

                raise JSONRPCError(

                    'userid is not the same as your user'

                )

                repo_name=repo_name_cleaned,

                repo_name_full=repo_name,

                repo_type=repo_type,

                repo_description=description,

                owner=owner,

                repo_private=private,

                clone_uri=clone_uri,

                repo_group=repo_group,

                repo_landing_rev=landing_rev,

                enable_statistics=enable_statistics,

                enable_locking=enable_locking,

                enable_downloads=enable_downloads,

                repo_copy_permissions=copy_permissions,

            )

            task = RepoModel().create(form_data=data, cur_user=owner)

            from celery.result import BaseAsyncResult

            task_id = None

            if isinstance(task, BaseAsyncResult):

                task_id = task.task_id

            # no commit, it's done in RepoModel, or async via celery

            return dict(

                msg="Created new repository `%s`" % (repo_name,),

                success=True,  # cannot return the repo data here since fork

                task=task_id

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError(

                'failed to create repository `%s`' % (repo_name,))

    # permission check inside

    def update_repo(self, apiuser, repoid, name=Optional(None),

                    owner=Optional(OAttr('apiuser')),

                    group=Optional(None),

                    description=Optional(''), private=Optional(False),

                    clone_uri=Optional(None), landing_rev=Optional('rev:tip'),

                    enable_statistics=Optional(False),

                    enable_locking=Optional(False),

                    enable_downloads=Optional(False)):

        """

        Updates repo

        :param apiuser: filled automatically from apikey

        :type apiuser: AuthUser

        :param repoid: repository name or repository id

        :type repoid: str or int

            store_update(updates, private, 'repo_private')

            store_update(updates, clone_uri, 'clone_uri')

            store_update(updates, landing_rev, 'repo_landing_rev')

            store_update(updates, enable_statistics, 'repo_enable_statistics')

            store_update(updates, enable_locking, 'repo_enable_locking')

            store_update(updates, enable_downloads, 'repo_enable_downloads')

            RepoModel().update(repo, **updates)

            Session().commit()

            return dict(

                msg='updated repo ID:%s %s' % (repo.repo_id, repo.repo_name),

                repository=repo.get_api_data()

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError('failed to update repo `%s`' % repoid)

    @HasPermissionAnyDecorator('hg.admin', 'hg.fork.repository')

    def fork_repo(self, apiuser, repoid, fork_name,

                  owner=Optional(OAttr('apiuser')),

                  description=Optional(''), copy_permissions=Optional(False),

                  private=Optional(False), landing_rev=Optional('rev:tip')):

        """

        Creates a fork of given repo. In case of using celery this will

        asynchronous. This command can be executed only using api_key belonging to

        user with admin rights or regular user that have fork permission, and at least

        read access to forking repository. Regular users cannot specify owner parameter.

        :param apiuser: filled automatically from apikey

        :type apiuser: AuthUser

        :param repoid: repository name or repository id

        :type repoid: str or int

        :param fork_name:

        :param owner:

        :param description:

        :param copy_permissions:

        :param private:

        :param landing_rev:

        INPUT::

            id : <id_for_response>

            api_key : "<api_key>"

            args:     {

                        "repoid" :          "<reponame or repo_id>",

                        "fork_name":        "<forkname>",

                        "owner":            "<username or user_id = Optional(=apiuser)>",

                        "description":      "<description>",

            group = map_groups(fork_name)

            form_data = dict(

                repo_name=fork_name,

                repo_name_full=fork_name,

                repo_group=group,

                repo_type=repo.repo_type,

                description=Optional.extract(description),

                private=Optional.extract(private),

                copy_permissions=Optional.extract(copy_permissions),

                landing_rev=Optional.extract(landing_rev),

                update_after_clone=False,

                fork_parent_id=repo.repo_id,

            )

            task = RepoModel().create_fork(form_data, cur_user=owner)

            # no commit, it's done in RepoModel, or async via celery

            from celery.result import BaseAsyncResult

            task_id = None

            if isinstance(task, BaseAsyncResult):

                task_id = task.task_id

            return dict(

                msg='Created fork of `%s` as `%s`' % (repo.repo_name,

                                                      fork_name),

                success=True,  # cannot return the repo data here since fork

                task=task_id

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError(

                'failed to fork repository `%s` as `%s`' % (repo_name,

                                                            fork_name)

            )

    # permission check inside

    def delete_repo(self, apiuser, repoid, forks=Optional('')):

        """

        Deletes a repository. This command can be executed only using api_key belonging

        to user with admin rights or regular user that have admin access to repository.

        When `forks` param is set it's possible to detach or delete forks of deleting

        repository

        :param apiuser: filled automatically from apikey

        :type apiuser: AuthUser

        :param repoid: repository name or repository id

        :type repoid: str or int

        :param forks: `detach` or `delete`, what do do with attached forks for repo

        :type forks: Optional(str)

# -*- coding: utf-8 -*-

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

kallithea.controllers.changeset

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

revisions

This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: Apr 25, 2010

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

import logging

import traceback

from collections import defaultdict

from webob.exc import HTTPForbidden, HTTPBadRequest, HTTPNotFound

from pylons import tmpl_context as c, request, response

from pylons.i18n.translation import _

from pylons.controllers.util import redirect

from kallithea.lib.utils import jsonify

from kallithea.lib.vcs.exceptions import RepositoryError, \

    ChangesetDoesNotExistError

from kallithea.lib.compat import json

                log.debug('Archive %s is not yet cached' % (archive_name))

        if not use_cached_archive:

            # generate new archive

            fd, archive = tempfile.mkstemp()

            temp_stream = open(archive, 'wb')

            log.debug('Creating new temp archive in %s' % archive)

            cs.fill_archive(stream=temp_stream, kind=fileformat, subrepos=subrepos)

            temp_stream.close()

            if not subrepos and archive_cache_enabled:

                #if we generated the archive and use cache rename that

                log.debug('Storing new archive in %s' % cached_archive_path)

                shutil.move(archive, cached_archive_path)

                archive = cached_archive_path

        def get_chunked_archive(archive):

            stream = open(archive, 'rb')

            while True:

                data = stream.read(16 * 1024)

                if not data:

                    stream.close()

                    if fd:  # fd means we used temporary file

                        os.close(fd)

                    if not archive_cache_enabled:

                        os.remove(archive)

                    break

                yield data

        # store download action

        action_logger(user=c.authuser,

                      action='user_downloaded_archive:%s' % (archive_name),

                      repo=repo_name, ipaddr=self.ip_addr, commit=True)

        response.content_disposition = str('attachment; filename=%s' % (archive_name))

        response.content_type = str(content_type)

        return get_chunked_archive(archive)

    @LoginRequired()

    @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',

                                   'repository.admin')

    def diff(self, repo_name, f_path):

        ignore_whitespace = request.GET.get('ignorews') == '1'

        line_context = request.GET.get('context', 3)

        diff2 = request.GET.get('diff2', '')

        diff1 = request.GET.get('diff1', '') or diff2

        c.action = request.GET.get('diff')

        c.no_changes = diff1 == diff2

        c.f_path = f_path

        c.big_diff = False

        c.anchor_url = anchor_url

        org_scm_instance = c.cs_repo.scm_instance # property with expensive cache invalidation check!!!

        c.cs_repo = c.cs_repo

        c.cs_ranges = [org_scm_instance.get_changeset(x) for x in c.pull_request.revisions]

        c.cs_ranges_org = None # not stored and not important and moving target - could be calculated ...

        revs = [ctx.revision for ctx in reversed(c.cs_ranges)]

        c.jsdata = json.dumps(graph_data(org_scm_instance, revs))

        avail_revs = set()

        avail_show = []

        c.cs_branch_name = c.cs_ref_name

        other_scm_instance = c.a_repo.scm_instance

        c.update_msg = ""

        c.update_msg_other = ""

        if org_scm_instance.alias == 'hg' and c.a_ref_name != 'ancestor':

            if c.cs_ref_type != 'branch':

                c.cs_branch_name = org_scm_instance.get_changeset(c.cs_ref_name).branch # use ref_type ?

            c.a_branch_name = c.a_ref_name

            if c.a_ref_type != 'branch':

                try:

                    c.a_branch_name = other_scm_instance.get_changeset(c.a_ref_name).branch # use ref_type ?

                except EmptyRepositoryError:

                    c.a_branch_name = 'null' # not a branch name ... but close enough

            # candidates: descendants of old head that are on the right branch

            #             and not are the old head itself ...

            if other_scm_instance._repo.revs('present(%s)::&%s', c.cs_ranges[-1].raw_id, c.a_branch_name):

                c.update_msg = _('This pull request has already been merged to %s.') % c.a_branch_name

            elif c.pull_request.is_closed():

                c.update_msg = _('This pull request has been closed and can not be updated.')

            else: # look for descendants of PR head on source branch in org repo

                avail_revs = org_scm_instance._repo.revs('%s:: & branch(%s)',

                                                         revs[0], c.cs_branch_name)

                if len(avail_revs) > 1: # more than just revs[0]

                    # also show changesets that not are descendants but would be merged in

                    targethead = other_scm_instance.get_changeset(c.a_branch_name).raw_id

                    show = set(org_scm_instance._repo.revs('::%ld & !::%s & !::%s',

                                                           avail_revs, revs[0], targethead))

                    c.update_msg = _('This pull request can be updated with changes on %s:') % c.cs_branch_name

                else:

                    show = set()

                    c.update_msg = _('No changesets found for updating this pull request.')

                # TODO: handle branch heads that not are tip-most

                brevs = org_scm_instance._repo.revs('%s - %ld', c.cs_branch_name, avail_revs)

                if brevs:

                    # also show changesets that are on branch but neither ancestors nor descendants

                    show.update(org_scm_instance._repo.revs('::%ld - ::%ld - ::%s', brevs, avail_revs, c.a_branch_name))

                    show.add(revs[0]) # make sure graph shows this so we can see how they relate

                    c.update_msg_other = _('Note: Branch %s has another head: %s.') % (c.cs_branch_name,