import platform

VERSION = (0, 3, 99)

BACKENDS = {

    'hg': 'Mercurial repository',

    'git': 'Git repository',

}

CELERY_ON = False

CELERY_EAGER = False

# link to config for pylons

CONFIG = {}

# Linked module for extensions

EXTENSIONS = {}

try:

    import kallithea.brand

except ImportError:

    pass

else:

    assert False, 'Database rebranding is no longer supported; see README.'

__version__ = '.'.join(str(each) for each in VERSION)

__dbversion__ = 31  # defines current db version for migrations

__platform__ = platform.system()

__license__ = 'GPLv3'

__py_version__ = sys.version_info

__author__ = "Various Authors"

__url__ = 'https://kallithea-scm.org/'

is_windows = __platform__ in ['Windows']

is_unix = not is_windows

"""

kallithea.controllers.admin.my_account

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

my account controller for Kallithea admin

This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: August 20, 2013

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

import logging

import traceback

import formencode

from sqlalchemy import func

from formencode import htmlfill

from pylons import request, tmpl_context as c, url

from pylons.i18n.translation import _

from webob.exc import HTTPFound

from kallithea.lib import helpers as h

from kallithea.lib import auth_modules

from kallithea.lib.auth import LoginRequired, NotAnonymous, AuthUser

from kallithea.lib.base import BaseController, render

from kallithea.lib.utils2 import generate_api_key, safe_int

from kallithea.lib.compat import json

from kallithea.model.db import Repository, UserEmailMap, User, UserFollowing

from kallithea.model.forms import UserForm, PasswordChangeForm

from kallithea.model.user import UserModel

from kallithea.model.repo import RepoModel

from kallithea.model.api_key import ApiKeyModel

from kallithea.model.meta import Session

log = logging.getLogger(__name__)

class MyAccountController(BaseController):

    """REST Controller styled on the Atom Publishing Protocol"""

    # To properly map this controller, ensure your config/routing.py

    # file has a resource setup:

    #     map.resource('setting', 'settings', controller='admin/settings',

    #         path_prefix='/admin', name_prefix='admin_')

    @LoginRequired()

    @NotAnonymous()

    def __before__(self):

        super(MyAccountController, self).__before__()

    def __load_data(self):

        c.user = User.get(self.authuser.user_id)

        if c.user.username == User.DEFAULT_USER:

            h.flash(_("You can't edit this user since it's"

                      " crucial for entire application"), category='warning')

            raise HTTPFound(location=url('users'))

    def _load_my_repos_data(self, watched=False):

        if watched:

            admin = False

            repos_list = Session().query(Repository) \

                         .join(UserFollowing) \

                         .filter(UserFollowing.user_id ==

                                 self.authuser.user_id).all()

        else:

            admin = True

            repos_list = Session().query(Repository) \

                         .filter(Repository.user_id ==

                                 self.authuser.user_id).all()

        repos_data = RepoModel().get_repos_as_dict(repos_list=repos_list,

                                                   admin=admin)

        #json used to render the grid

        return json.dumps(repos_data)

    def my_account(self):

        c.active = 'profile'

        self.__load_data()

        c.perm_user = AuthUser(user_id=self.authuser.user_id)

        c.ip_addr = self.ip_addr

Original author and date, and relevant copyright and licensing information is below:

:created_on: Apr 4, 2010

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

import logging

import traceback

import formencode

from formencode import htmlfill

from pylons import request, tmpl_context as c, url, config

from pylons.i18n.translation import _

from sqlalchemy.sql.expression import func

from webob.exc import HTTPFound, HTTPNotFound

import kallithea

from kallithea.lib.exceptions import DefaultUserException, \

    UserOwnsReposException, UserCreationError

from kallithea.lib import helpers as h

from kallithea.lib.auth import LoginRequired, HasPermissionAnyDecorator, \

    AuthUser

from kallithea.lib import auth_modules

from kallithea.lib.base import BaseController, render

from kallithea.model.api_key import ApiKeyModel

from kallithea.model.db import User, UserEmailMap, UserIpMap, UserToPerm

from kallithea.model.forms import UserForm, CustomDefaultPermissionsForm

from kallithea.model.user import UserModel

from kallithea.model.meta import Session

from kallithea.lib.utils import action_logger

from kallithea.lib.compat import json

from kallithea.lib.utils2 import datetime_to_time, safe_int, generate_api_key

log = logging.getLogger(__name__)

class UsersController(BaseController):

    """REST Controller styled on the Atom Publishing Protocol"""

    @LoginRequired()

    @HasPermissionAnyDecorator('hg.admin')

    def __before__(self):

        super(UsersController, self).__before__()

        c.available_permissions = config['available_permissions']

    def index(self, format='html'):

        c.users_list = User.query().order_by(User.username) \

                        .filter(User.username != User.DEFAULT_USER) \

                        .order_by(func.lower(User.username)) \

                        .all()

        users_data = []

        total_records = len(c.users_list)

        _tmpl_lookup = kallithea.CONFIG['pylons.app_globals'].mako_lookup

        template = _tmpl_lookup.get_template('data_table/_dt_elements.html')

        grav_tmpl = '<div class="gravatar">%s</div>'

        username = lambda user_id, username: (

                template.get_def("user_name")

                .render(user_id, username, _=_, h=h, c=c))

        user_actions = lambda user_id, username: (

                template.get_def("user_actions")

                .render(user_id, username, _=_, h=h, c=c))

        for user in c.users_list:

            users_data.append({

                "raw_name": user.username,

                "username": username(user.user_id, user.username),

                "firstname": h.escape(user.name),

                "lastname": h.escape(user.lastname),

                "last_login": h.fmt_date(user.last_login),

                "last_login_raw": datetime_to_time(user.last_login),

                "active": h.boolicon(user.active),

                "admin": h.boolicon(user.admin),

                "extern_type": user.extern_type,

                "extern_name": user.extern_name,

                "action": user_actions(user.user_id, user.username),

            })

        c.data = json.dumps({

            "totalRecords": total_records,

            "startIndex": 0,

            "sort": None,

            "dir": "asc",

            "records": users_data

        })

        return render('admin/users/users.html')

    def create(self):

        user_model = UserModel()

        user_form = UserForm()()

        try:

            form_result = user_form.to_python(dict(request.POST))

            user = user_model.create(form_result)

            action_logger(self.authuser, 'admin_created_user:%s' % user.username,

                          None, self.ip_addr, self.sa)

            h.flash(_('Created user %s') % user.username,

                    category='success')

            Session().commit()

        except formencode.Invalid as errors:

            return htmlfill.render(

                render('admin/users/user_add.html'),

                defaults=errors.value,

                errors=errors.error_dict or {},

                prefix_error=False,

                encoding="UTF-8",

                force_defaults=False)

        except UserCreationError as e:

            h.flash(e, 'error')

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('Error occurred during creation of user %s') \

                    % request.POST.get('username'), category='error')

        raise HTTPFound(location=url('edit_user', id=user.user_id))

    def new(self, format='html'):

        return render('admin/users/user_add.html')

    def update(self, id):

        user_model = UserModel()

        user = user_model.get(id)

        _form = UserForm(edit=True, old_data={'user_id': id,

                                              'email': user.email})()

        form_result = {}

        try:

            form_result = _form.to_python(dict(request.POST))

            skip_attrs = ['extern_type', 'extern_name',

                         ] + auth_modules.get_managed_fields(user)

            user_model.update(id, form_result, skip_attrs=skip_attrs)

            usr = form_result['username']

            action_logger(self.authuser, 'admin_updated_user:%s' % usr,

                          None, self.ip_addr, self.sa)

            h.flash(_('User updated successfully'), category='success')

            Session().commit()

        except formencode.Invalid as errors:

            defaults = errors.value

            e = errors.error_dict or {}

            defaults.update({

                'create_repo_perm': user_model.has_perm(id,

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

kallithea.controllers.api.api

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

API controller for Kallithea

This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: Aug 20, 2011

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

import time

import traceback

import logging

from sqlalchemy import or_

from kallithea.controllers.api import JSONRPCController, JSONRPCError

from kallithea.lib.auth import (

    PasswordGenerator, AuthUser, HasPermissionAnyDecorator,

    HasPermissionAnyDecorator, HasPermissionAnyApi, HasRepoPermissionAnyApi,

    HasRepoGroupPermissionAnyApi, HasUserGroupPermissionAny)

from kallithea.lib.utils import map_groups, repo2db_mapper

from kallithea.lib.utils2 import (

    str2bool, time_to_datetime, safe_int, Optional, OAttr)

from kallithea.model.meta import Session

from kallithea.model.repo_group import RepoGroupModel

from kallithea.model.scm import ScmModel, UserGroupList

from kallithea.model.repo import RepoModel

from kallithea.model.user import UserModel

from kallithea.model.user_group import UserGroupModel

from kallithea.model.gist import GistModel

from kallithea.model.db import (

    Repository, Setting, UserIpMap, Permission, User, Gist,

    RepoGroup, UserGroup)

from kallithea.lib.compat import json

from kallithea.lib.exceptions import (

    DefaultUserException, UserGroupsAssignedException)

log = logging.getLogger(__name__)

        belonging to user with admin rights.

        :param apiuser: filled automatically from apikey

        :type apiuser: AuthUser

        OUTPUT::

            id : <id_given_in_input>

            result: [<user_object>, ...]

            error:  null

        """

        result = []

        users_list = User.query().order_by(User.username) \

            .filter(User.username != User.DEFAULT_USER) \

            .all()

        for user in users_list:

            result.append(user.get_api_data())

        return result

    @HasPermissionAnyDecorator('hg.admin')

    def create_user(self, apiuser, username, email, password=Optional(''),

                    firstname=Optional(''), lastname=Optional(''),

                    active=Optional(True), admin=Optional(False),

        """

        Creates new user. Returns new user object. This command can

        be executed only using api_key belonging to user with admin rights.

        :param apiuser: filled automatically from apikey

        :type apiuser: AuthUser

        :param username: new username

        :type username: str or int

        :param email: email

        :type email: str

        :param password: password

        :type password: Optional(str)

        :param firstname: firstname

        :type firstname: Optional(str)

        :param lastname: lastname

        :type lastname: Optional(str)

        :param active: active

        :type active: Optional(bool)

        :param admin: admin

        :type admin: Optional(bool)

        :param extern_name: name of extern

        :type extern_name: Optional(str)

        :param extern_type: extern_type

        :type extern_type: Optional(str)

# -*- coding: utf-8 -*-

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

Authentication modules

"""

import logging

import traceback

from kallithea.lib.compat import importlib

from kallithea.lib.utils2 import str2bool

from kallithea.lib.compat import formatted_json, hybrid_property

from kallithea.lib.auth import PasswordGenerator

from kallithea.model.user import UserModel

from kallithea.model.db import Setting, User

from kallithea.model.meta import Session

from kallithea.model.user_group import UserGroupModel

log = logging.getLogger(__name__)

class LazyFormencode(object):

    def __init__(self, formencode_obj, *args, **kwargs):

        self.formencode_obj = formencode_obj

        self.args = args

        self.kwargs = kwargs

    def __call__(self, *args, **kwargs):

        from inspect import isfunction

        formencode_obj = self.formencode_obj

        if isfunction(formencode_obj):

            #case we wrap validators into functions

            formencode_obj = self.formencode_obj(*args, **kwargs)

            # enforce user is just in given groups, all of them has to be ones

            # created from plugins. We store this info in _group_data JSON field

            groups = user_data['groups'] or []

            UserGroupModel().enforce_groups(user, groups, self.name)

            Session().commit()

        return user_data

def importplugin(plugin):

    """

    Imports and returns the authentication plugin in the module named by plugin

    (e.g., plugin='kallithea.lib.auth_modules.auth_internal'). Returns the

    KallitheaAuthPluginBase subclass on success, raises exceptions on failure.

    raises:

        AttributeError -- no KallitheaAuthPlugin class in the module

        TypeError -- if the KallitheaAuthPlugin is not a subclass of ours KallitheaAuthPluginBase

        ImportError -- if we couldn't import the plugin at all

    """

    log.debug("Importing %s", plugin)

    if not plugin.startswith(u'kallithea.lib.auth_modules.auth_'):

        parts = plugin.split(u'.lib.auth_modules.auth_', 1)

        if len(parts) == 2:

            _module, pn = parts

            plugin = u'kallithea.lib.auth_modules.auth_' + pn

    PLUGIN_CLASS_NAME = "KallitheaAuthPlugin"

    try:

        module = importlib.import_module(plugin)

    except (ImportError, TypeError):

        log.error(traceback.format_exc())

        # TODO: make this more error prone, if by some accident we screw up

        # the plugin name, the crash is pretty bad and hard to recover

        raise

    log.debug("Loaded auth plugin from %s (module:%s, file:%s)",

              plugin, module.__name__, module.__file__)

    pluginclass = getattr(module, PLUGIN_CLASS_NAME)

    if not issubclass(pluginclass, KallitheaAuthPluginBase):

        raise TypeError("Authentication class %s.KallitheaAuthPlugin is not "

                        "a subclass of %s" % (plugin, KallitheaAuthPluginBase))

    return pluginclass

def loadplugin(plugin):

    """

    Loads and returns an instantiated authentication plugin.

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

kallithea.lib.auth_modules.auth_internal

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Kallithea authentication plugin for built in internal auth

This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: Created on Nov 17, 2012

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

import logging

from kallithea.lib import auth_modules

from kallithea.lib.compat import formatted_json, hybrid_property

from kallithea.model.db import User

log = logging.getLogger(__name__)

class KallitheaAuthPlugin(auth_modules.KallitheaAuthPluginBase):

    def __init__(self):

        pass

    @hybrid_property

    def name(self):

    def settings(self):

        return []

    def user_activation_state(self):

        def_user_perms = User.get_default_user().AuthUser.permissions['global']

        return 'hg.register.auto_activate' in def_user_perms

    def accepts(self, user, accepts_empty=True):

        """

        Custom accepts for this auth that doesn't accept empty users. We

        know that user exists in database.

        """

        return super(KallitheaAuthPlugin, self).accepts(user,

                                                        accepts_empty=False)

    def auth(self, userobj, username, password, settings, **kwargs):

        if not userobj:

            log.debug('userobj was:%s skipping', userobj)

            return None

        if userobj.extern_type != self.name:

            log.warning("userobj:%s extern_type mismatch got:`%s` expected:`%s`",

                     userobj, userobj.extern_type, self.name)

            return None

kallithea.lib.db_manage

~~~~~~~~~~~~~~~~~~~~~~~

Database creation, and setup module for Kallithea. Used for creation

of database as well as for migration operations

This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: Apr 10, 2010

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

import os

import sys

import time

import uuid

import logging

from os.path import dirname

import alembic.config

import alembic.command

from kallithea.lib.paster_commands.common import ask_ok

from kallithea.model.user import UserModel

from kallithea.model import init_model

from kallithea.model.db import User, Permission, Ui, \

    Setting, UserToPerm, RepoGroup, \

    UserRepoGroupToPerm, CacheInvalidation, Repository

from sqlalchemy.engine import create_engine

from kallithea.model.repo_group import RepoGroupModel

#from kallithea.model import meta

from kallithea.model.meta import Session, Base

from kallithea.model.repo import RepoModel

from kallithea.model.permission import PermissionModel

log = logging.getLogger(__name__)

def notify(msg):

    """

    Notification for migrations messages

    """

    ml = len(msg) + (4 * 2)

    print('\n%s\n*** %s ***\n%s' % ('*' * ml, msg, '*' * ml)).upper()

            ('show_private_icon', True, 'bool'),

            ('stylify_metatags', False, 'bool'),

            ('dashboard_items', 100, 'int'),

            ('admin_grid_items', 25, 'int'),

            ('show_version', True, 'bool'),

            ('use_gravatar', True, 'bool'),

            ('gravatar_url', User.DEFAULT_GRAVATAR_URL, 'unicode'),

            ('clone_uri_tmpl', Repository.DEFAULT_CLONE_URI, 'unicode'),

            ('update_url', Setting.DEFAULT_UPDATE_URL, 'unicode'),

        ]

        for key, val, type_ in settings:

            sett = Setting(key, val, type_)

            self.sa.add(sett)

        self.create_auth_plugin_options()

        self.create_default_options()

        log.info('created ui config')

    def create_user(self, username, password, email='', admin=False):

        log.info('creating user %s', username)

        UserModel().create_or_update(username, password, email,

                                     firstname=u'Kallithea', lastname=u'Admin',

                                     active=True, admin=admin,

    def create_default_user(self):

        log.info('creating default user')

        # create default user for handling default permissions.

        user = UserModel().create_or_update(username=User.DEFAULT_USER,

                                            password=str(uuid.uuid1())[:20],

                                            email='anonymous@kallithea-scm.org',

                                            firstname=u'Anonymous',

                                            lastname=u'User')

        # based on configuration options activate/deactivate this user which

        # controls anonymous access

        if self.cli_args.get('public_access') is False:

            log.info('Public access disabled')

            user.active = False

            Session().add(user)

            Session().commit()

    def create_permissions(self):

        """

        Creates all permissions defined in the system

        """

        # module.(access|create|change|delete)_[name]

        # module.(none|read|write|admin)

        log.info('creating permissions')

    def get_repos_location(cls):

        return cls.get_by_key('paths', '/').ui_value

    @classmethod

    def create_or_update_hook(cls, key, val):

        new_ui = cls.get_or_create('hooks', key)

        new_ui.ui_active = True

        new_ui.ui_value = val

    def __repr__(self):

        return '<%s[%s]%s=>%s]>' % (self.__class__.__name__, self.ui_section,

                                    self.ui_key, self.ui_value)

class User(Base, BaseModel):

    __tablename__ = 'users'

    __table_args__ = (

        Index('u_username_idx', 'username'),

        Index('u_email_idx', 'email'),

        _table_args_default_dict,

    )

    DEFAULT_USER = 'default'

    DEFAULT_GRAVATAR_URL = 'https://secure.gravatar.com/avatar/{md5email}?d=identicon&s={size}'

    user_id = Column(Integer(), primary_key=True)

    username = Column(String(255), nullable=False, unique=True)

    password = Column(String(255), nullable=False)

    active = Column(Boolean(), nullable=False, default=True)

    admin = Column(Boolean(), nullable=False, default=False)

    name = Column("firstname", Unicode(255), nullable=False)

    lastname = Column(Unicode(255), nullable=False)

    _email = Column("email", String(255), nullable=True, unique=True) # FIXME: not nullable?

    last_login = Column(DateTime(timezone=False), nullable=True)

    extern_type = Column(String(255), nullable=True) # FIXME: not nullable?

    extern_name = Column(String(255), nullable=True) # FIXME: not nullable?

    api_key = Column(String(255), nullable=False)

    inherit_default_permissions = Column(Boolean(), nullable=False, default=True)

    created_on = Column(DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

    _user_data = Column("user_data", LargeBinary(), nullable=True)  # JSON data # FIXME: not nullable?

    user_log = relationship('UserLog')

    user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all')

    repositories = relationship('Repository')

    repo_groups = relationship('RepoGroup')

    user_groups = relationship('UserGroup')

    user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all')

~~~~~~~~~~~~~~~~~~~~

users model for Kallithea

This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: Apr 9, 2010

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

import hashlib

import hmac

import logging

import time

import traceback

from pylons import config

from pylons.i18n.translation import _

from sqlalchemy.exc import DatabaseError

from kallithea.lib.utils2 import safe_str, generate_api_key, get_current_authuser

from kallithea.lib.caching_query import FromCache

from kallithea.model import BaseModel

from kallithea.model.db import User, UserToPerm, Notification, \

    UserEmailMap, UserIpMap

from kallithea.lib.exceptions import DefaultUserException, \

    UserOwnsReposException

from kallithea.model.meta import Session

log = logging.getLogger(__name__)

class UserModel(BaseModel):

    password_reset_token_lifetime = 86400 # 24 hours

    def get(self, user_id, cache=False):

        user = self.sa.query(User)

        if cache:

            user = user.options(FromCache("sql_cache_short",

                                          "get_user_%s" % user_id))

        return user.get(user_id)

    def get_user(self, user):

            # set password only if creating an user or password is changed

            password_change = new_user.password and \

                not check_password(password, new_user.password)

            if not edit or password_change:

                reason = 'new password' if edit else 'new user'

                log.debug('Updating password reason=>%s', reason)

                new_user.password = get_crypt_password(password) \

                    if password else ''

            self.sa.add(new_user)

            if not edit:

                log_create_user(new_user.get_dict(), cur_user)

            return new_user

        except (DatabaseError,):

            log.error(traceback.format_exc())

            raise

    def create_registration(self, form_data):

        from kallithea.model.notification import NotificationModel

        import kallithea.lib.helpers as h

        form_data['admin'] = False

        new_user = self.create(form_data)

        self.sa.add(new_user)

        self.sa.flush()

        # notification to admins

        subject = _('New user registration')

        body = (

            u'New user registration\n'

            '---------------------\n'

            '- Username: {user.username}\n'

            '- Full Name: {user.full_name}\n'

            '- Email: {user.email}\n'

            ).format(user=new_user)

        edit_url = h.canonical_url('edit_user', id=new_user.user_id)

        email_kwargs = {

            'registered_user_url': edit_url,

            'new_username': new_user.username,

            'new_email': new_user.email,

            'new_full_name': new_user.full_name}

        NotificationModel().create(created_by=new_user, subject=subject,

                                   body=body, recipients=None,

                                   type_=Notification.TYPE_REGISTRATION,

                                   email_kwargs=email_kwargs)