private = Optional.extract(private)

        clone_uri = Optional.extract(clone_uri)

        description = Optional.extract(description)

        landing_rev = Optional.extract(landing_rev)

        try:

            # create structure of groups and return the last group

            group = map_groups(repo_name)

            repo = RepoModel().create_repo(

                repo_name=repo_name,

                repo_type=repo_type,

                description=description,

                owner=owner,

                private=private,

                clone_uri=clone_uri,

                repos_group=group,

                landing_rev=landing_rev,

            )

            Session().commit()

            return dict(

                msg="Created new repository `%s`" % (repo.repo_name),

                repo=repo.get_api_data()

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError('failed to create repository `%s`' % repo_name)

    @HasPermissionAnyDecorator('hg.admin')

    def fork_repo(self, apiuser, repoid, fork_name, owner,

                  description=Optional(''), copy_permissions=Optional(False),

                  private=Optional(False), landing_rev=Optional('tip')):

        repo = get_repo_or_error(repoid)

        repo_name = repo.repo_name

        owner = get_user_or_error(owner)

        _repo = RepoModel().get_by_repo_name(fork_name)

        if _repo:

            type_ = 'fork' if _repo.fork else 'repo'

            raise JSONRPCError("%s `%s` already exist" % (type_, fork_name))

        try:

            # create structure of groups and return the last group

            group = map_groups(fork_name)

            form_data = dict(

                repo_name=fork_name,

                repo_name_full=fork_name,

                repo_group=group,

                repo_type=repo.repo_type,

                description=Optional.extract(description),

                private=Optional.extract(private),

                copy_permissions=Optional.extract(copy_permissions),

                landing_rev=Optional.extract(landing_rev),

                update_after_clone=False,

                fork_parent_id=repo.repo_id,

            )

            RepoModel().create_fork(form_data, cur_user=owner)

            return dict(

                msg='Created fork of `%s` as `%s`' % (repo.repo_name,

                                                      fork_name),

                success=True  # cannot return the repo data here since fork

                              # cann be done async

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError(

                'failed to fork repository `%s` as `%s`' % (repo_name,

                                                            fork_name)

            )

    @HasPermissionAnyDecorator('hg.admin')

    def delete_repo(self, apiuser, repoid):

        """

        Deletes a given repository

        :param apiuser:

        :param repoid:

        """

        repo = get_repo_or_error(repoid)

        try:

            RepoModel().delete(repo)

            Session().commit()

            return dict(

                msg='Deleted repository `%s`' % repo.repo_name,

                success=True

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError(

                'failed to delete repository `%s`' % repo.repo_name

            )

    @HasPermissionAnyDecorator('hg.admin')

    def grant_user_permission(self, apiuser, repoid, userid, perm):

        """

        Grant permission for user on given repository, or update existing one

        if found

        :param repoid:

        :param userid:

        :param perm:

        """

        repo = get_repo_or_error(repoid)

        user = get_user_or_error(userid)

        perm = get_perm_or_error(perm)

        try:

            RepoModel().grant_user_permission(repo=repo, user=user, perm=perm)

            Session().commit()

            return dict(

                msg='Granted perm: `%s` for user: `%s` in repo: `%s`' % (

                    perm.permission_name, user.username, repo.repo_name

                ),

                success=True

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError(

                'failed to edit permission for user: `%s` in repo: `%s`' % (

                    userid, repoid

                )

            )

    @HasPermissionAnyDecorator('hg.admin')

    def revoke_user_permission(self, apiuser, repoid, userid):

        """

        Revoke permission for user on given repository

        :param apiuser:

        :param repoid:

        :param userid:

        """

        repo = get_repo_or_error(repoid)

        user = get_user_or_error(userid)

        try:

            RepoModel().revoke_user_permission(repo=repo, user=user)

            Session().commit()

            return dict(

                msg='Revoked perm for user: `%s` in repo: `%s`' % (

                    user.username, repo.repo_name

                ),

                success=True

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError(

                'failed to edit permission for user: `%s` in repo: `%s`' % (

                    userid, repoid

                )

            )

    @HasPermissionAnyDecorator('hg.admin')

    def grant_users_group_permission(self, apiuser, repoid, usersgroupid,

                                     perm):

        """

        Grant permission for users group on given repository, or update

        existing one if found

        :param apiuser:

        :param repoid:

        :param usersgroupid:

        :param perm:

        """

        repo = get_repo_or_error(repoid)

        perm = get_perm_or_error(perm)

        users_group = get_users_group_or_error(usersgroupid)

        try:

            RepoModel().grant_users_group_permission(repo=repo,

                                                     group_name=users_group,

                                                     perm=perm)

            Session().commit()

            return dict(

                msg='Granted perm: `%s` for users group: `%s` in '

                    'repo: `%s`' % (

                    perm.permission_name, users_group.users_group_name,

                    repo.repo_name

                ),

                success=True

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError(

                'failed to edit permission for users group: `%s` in '

                'repo: `%s`' % (

                    usersgroupid, repo.repo_name

                )

            )

    @HasPermissionAnyDecorator('hg.admin')

    def revoke_users_group_permission(self, apiuser, repoid, usersgroupid):

        """

        Revoke permission for users group on given repository

        :param apiuser:

        :param repoid:

        :param usersgroupid:

        """

        repo = get_repo_or_error(repoid)

        users_group = get_users_group_or_error(usersgroupid)

        try:

            RepoModel().revoke_users_group_permission(repo=repo,

                                                      group_name=users_group)

            Session().commit()

            return dict(

                msg='Revoked perm for users group: `%s` in repo: `%s`' % (

                    users_group.users_group_name, repo.repo_name

                ),

                success=True

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError(

                'failed to edit permission for users group: `%s` in '

                'repo: `%s`' % (

                    users_group.users_group_name, repo.repo_name

                )

            )

    users_group = relationship('UsersGroup')

    permission = relationship('Permission')

class UserRepoGroupToPerm(Base, BaseModel):

    __tablename__ = 'user_repo_group_to_perm'

    __table_args__ = (

        UniqueConstraint('user_id', 'group_id', 'permission_id'),

        {'extend_existing': True, 'mysql_engine': 'InnoDB',

         'mysql_charset': 'utf8'}

    )

    group_to_perm_id = Column("group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

    user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)

    group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)

    permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

    user = relationship('User')

    group = relationship('RepoGroup')

    permission = relationship('Permission')

class UsersGroupRepoGroupToPerm(Base, BaseModel):

    __tablename__ = 'users_group_repo_group_to_perm'

    __table_args__ = (

        UniqueConstraint('users_group_id', 'group_id'),

        {'extend_existing': True, 'mysql_engine': 'InnoDB',

         'mysql_charset': 'utf8'}

    )

    users_group_repo_group_to_perm_id = Column("users_group_repo_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

    users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)

    group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)

    permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

    users_group = relationship('UsersGroup')

    permission = relationship('Permission')

    group = relationship('RepoGroup')

class Statistics(Base, BaseModel):

    __tablename__ = 'statistics'

    __table_args__ = (

         UniqueConstraint('repository_id'),

         {'extend_existing': True, 'mysql_engine': 'InnoDB',

          'mysql_charset': 'utf8'}

    )

    stat_id = Column("stat_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

    repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=True, default=None)

    stat_on_revision = Column("stat_on_revision", Integer(), nullable=False)

    commit_activity = Column("commit_activity", LargeBinary(1000000), nullable=False)#JSON data

    commit_activity_combined = Column("commit_activity_combined", LargeBinary(), nullable=False)#JSON data

    languages = Column("languages", LargeBinary(1000000), nullable=False)#JSON data

    repository = relationship('Repository', single_parent=True)

class UserFollowing(Base, BaseModel):

    __tablename__ = 'user_followings'

    __table_args__ = (

        UniqueConstraint('user_id', 'follows_repository_id'),

        UniqueConstraint('user_id', 'follows_user_id'),

        {'extend_existing': True, 'mysql_engine': 'InnoDB',

         'mysql_charset': 'utf8'}

    )

    user_following_id = Column("user_following_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

    user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)

    follows_repo_id = Column("follows_repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)

    follows_user_id = Column("follows_user_id", Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)

    follows_from = Column('follows_from', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)

    user = relationship('User', primaryjoin='User.user_id==UserFollowing.user_id')

    follows_user = relationship('User', primaryjoin='User.user_id==UserFollowing.follows_user_id')

    follows_repository = relationship('Repository', order_by='Repository.repo_name')

    @classmethod

    def get_repo_followers(cls, repo_id):

        return cls.query().filter(cls.follows_repo_id == repo_id)

class CacheInvalidation(Base, BaseModel):

    __tablename__ = 'cache_invalidation'

    __table_args__ = (

        UniqueConstraint('cache_key'),

        Index('key_idx', 'cache_key'),

        {'extend_existing': True, 'mysql_engine': 'InnoDB',

         'mysql_charset': 'utf8'},

    )

    cache_id = Column("cache_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

    cache_key = Column("cache_key", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)

    cache_args = Column("cache_args", String(255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)

    cache_active = Column("cache_active", Boolean(), nullable=True, unique=None, default=False)

    def __init__(self, cache_key, cache_args=''):

        self.cache_key = cache_key

        self.cache_args = cache_args

        self.cache_active = False

    def __unicode__(self):

        return u"<%s('%s:%s')>" % (self.__class__.__name__,

                                  self.cache_id, self.cache_key)

    @property

    def prefix(self):

        _split = self.cache_key.split(self.cache_args, 1)

        if _split and len(_split) == 2:

            return _split[0]

        return ''

    @classmethod

    def clear_cache(cls):

        cls.query().delete()

    @classmethod

    def _get_key(cls, key):

        """

        Wrapper for generating a key, together with a prefix

        :param key:

        """

        import rhodecode

        prefix = ''

        org_key = key

        iid = rhodecode.CONFIG.get('instance_id')

        if iid:

            prefix = iid

        return "%s%s" % (prefix, key), prefix, org_key

    @classmethod

    def get_by_key(cls, key):

        return cls.query().filter(cls.cache_key == key).scalar()

    @classmethod

    def get_by_repo_name(cls, repo_name):

        return cls.query().filter(cls.cache_args == repo_name).all()

    @classmethod

    def _get_or_create_key(cls, key, repo_name, commit=True):

        inv_obj = Session().query(cls).filter(cls.cache_key == key).scalar()

        if not inv_obj:

            try:

                inv_obj = CacheInvalidation(key, repo_name)

                Session().add(inv_obj)

                if commit:

                    Session().commit()

            except Exception:

                log.error(traceback.format_exc())

                Session().rollback()

        return inv_obj

    @classmethod

    def invalidate(cls, key):

        """

        Returns Invalidation object if this given key should be invalidated

        None otherwise. `cache_active = False` means that this cache

        state is not valid and needs to be invalidated

        :param key:

        """

        repo_name = key

        repo_name = remove_suffix(repo_name, '_README')

        repo_name = remove_suffix(repo_name, '_RSS')

        repo_name = remove_suffix(repo_name, '_ATOM')

        # adds instance prefix

        key, _prefix, _org_key = cls._get_key(key)

        inv = cls._get_or_create_key(key, repo_name)

        if inv and inv.cache_active is False:

            return inv

    @classmethod

    def set_invalidate(cls, key=None, repo_name=None):

        """

        Mark this Cache key for invalidation, either by key or whole

        cache sets based on repo_name

        :param key:

        """

        if key:

            key, _prefix, _org_key = cls._get_key(key)

            inv_objs = Session().query(cls).filter(cls.cache_key == key).all()

        elif repo_name:

            inv_objs = Session().query(cls).filter(cls.cache_args == repo_name).all()

        log.debug('marking %s key[s] for invalidation based on key=%s,repo_name=%s'

                  % (len(inv_objs), key, repo_name))

        try:

            for inv_obj in inv_objs:

                inv_obj.cache_active = False

                Session().add(inv_obj)

            Session().commit()

        except Exception:

            log.error(traceback.format_exc())

            Session().rollback()

    @classmethod

    def set_valid(cls, key):

        """

        Mark this cache key as active and currently cached

        :param key:

        """

        inv_obj = cls.get_by_key(key)

        inv_obj.cache_active = True

        Session().add(inv_obj)

        Session().commit()

    @classmethod

    def get_cache_map(cls):

        class cachemapdict(dict):

            def __init__(self, *args, **kwargs):

                fixkey = kwargs.get('fixkey')

                if fixkey:

                    del kwargs['fixkey']

                self.fixkey = fixkey

                super(cachemapdict, self).__init__(*args, **kwargs)

            def __getattr__(self, name):

                key = name

                if self.fixkey:

                    key, _prefix, _org_key = cls._get_key(key)

                if key in self.__dict__:

                    return self.__dict__[key]

                else:

                    return self[key]

            def __getitem__(self, key):

                if self.fixkey:

                    key, _prefix, _org_key = cls._get_key(key)

                try:

                    return super(cachemapdict, self).__getitem__(key)

                except KeyError:

                    return

        cache_map = cachemapdict(fixkey=True)

        for obj in cls.query().all():

            cache_map[obj.cache_key] = cachemapdict(obj.get_dict())

        return cache_map

class ChangesetComment(Base, BaseModel):

    __tablename__ = 'changeset_comments'

    __table_args__ = (

        Index('cc_revision_idx', 'revision'),

        {'extend_existing': True, 'mysql_engine': 'InnoDB',

         'mysql_charset': 'utf8'},

    )

    comment_id = Column('comment_id', Integer(), nullable=False, primary_key=True)

    repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)

    revision = Column('revision', String(40), nullable=True)

    pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)

    line_no = Column('line_no', Unicode(10), nullable=True)

    hl_lines = Column('hl_lines', Unicode(512), nullable=True)

    f_path = Column('f_path', Unicode(1000), nullable=True)

    user_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)

    text = Column('text', UnicodeText(25000), nullable=False)

    created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

    modified_at = Column('modified_at', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

    author = relationship('User', lazy='joined')

    repo = relationship('Repository')

    status_change = relationship('ChangesetStatus', cascade="all, delete, delete-orphan")

    pull_request = relationship('PullRequest', lazy='joined')

    @classmethod

    def get_users(cls, revision=None, pull_request_id=None):

        """

        Returns user associated with this ChangesetComment. ie those

        who actually commented

        :param cls:

        :param revision:

        """

        q = Session().query(User)\

                .join(ChangesetComment.author)

        if revision:

            q = q.filter(cls.revision == revision)

        elif pull_request_id:

            q = q.filter(cls.pull_request_id == pull_request_id)

        return q.all()

class ChangesetStatus(Base, BaseModel):

    __tablename__ = 'changeset_statuses'

    __table_args__ = (

        Index('cs_revision_idx', 'revision'),

        Index('cs_version_idx', 'version'),

        UniqueConstraint('repo_id', 'revision', 'version'),

        {'extend_existing': True, 'mysql_engine': 'InnoDB',

         'mysql_charset': 'utf8'}

    )

    STATUS_NOT_REVIEWED = DEFAULT = 'not_reviewed'

    STATUS_APPROVED = 'approved'

    STATUS_REJECTED = 'rejected'

    STATUS_UNDER_REVIEW = 'under_review'

    STATUSES = [

        (STATUS_NOT_REVIEWED, _("Not Reviewed")),  # (no icon) and default

        (STATUS_APPROVED, _("Approved")),

        (STATUS_REJECTED, _("Rejected")),

        (STATUS_UNDER_REVIEW, _("Under Review")),

    ]

    changeset_status_id = Column('changeset_status_id', Integer(), nullable=False, primary_key=True)

    repo_id = Column('repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)

    user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None)

    revision = Column('revision', String(40), nullable=False)

    status = Column('status', String(128), nullable=False, default=DEFAULT)

    changeset_comment_id = Column('changeset_comment_id', Integer(), ForeignKey('changeset_comments.comment_id'))

    modified_at = Column('modified_at', DateTime(), nullable=False, default=datetime.datetime.now)

    version = Column('version', Integer(), nullable=False, default=0)

    pull_request_id = Column("pull_request_id", Integer(), ForeignKey('pull_requests.pull_request_id'), nullable=True)

    author = relationship('User', lazy='joined')

    repo = relationship('Repository')

    comment = relationship('ChangesetComment', lazy='joined')

    pull_request = relationship('PullRequest', lazy='joined')

    def __unicode__(self):

        return u"<%s('%s:%s')>" % (

            self.__class__.__name__,

            self.status, self.author

        )

    @classmethod

    def get_status_lbl(cls, value):

        return dict(cls.STATUSES).get(value)

    @property

    def status_lbl(self):

        return ChangesetStatus.get_status_lbl(self.status)

class PullRequest(Base, BaseModel):

    __tablename__ = 'pull_requests'

    __table_args__ = (

        {'extend_existing': True, 'mysql_engine': 'InnoDB',

         'mysql_charset': 'utf8'},

    )

    STATUS_NEW = u'new'

    STATUS_OPEN = u'open'

    STATUS_CLOSED = u'closed'

    pull_request_id = Column('pull_request_id', Integer(), nullable=False, primary_key=True)

    title = Column('title', Unicode(256), nullable=True)

    description = Column('description', UnicodeText(10240), nullable=True)

    status = Column('status', Unicode(256), nullable=False, default=STATUS_NEW)

    created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

    updated_on = Column('updated_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

    user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None)

    _revisions = Column('revisions', UnicodeText(20500))  # 500 revisions max

    org_repo_id = Column('org_repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)

    org_ref = Column('org_ref', Unicode(256), nullable=False)

    other_repo_id = Column('other_repo_id', Integer(), ForeignKey('repositories.repo_id'), nullable=False)

    other_ref = Column('other_ref', Unicode(256), nullable=False)

    @hybrid_property

    def revisions(self):

        return self._revisions.split(':')

    @revisions.setter

    def revisions(self, val):

        self._revisions = ':'.join(val)

    author = relationship('User', lazy='joined')

    reviewers = relationship('PullRequestReviewers',

                             cascade="all, delete, delete-orphan")

    org_repo = relationship('Repository', primaryjoin='PullRequest.org_repo_id==Repository.repo_id')

    other_repo = relationship('Repository', primaryjoin='PullRequest.other_repo_id==Repository.repo_id')

    statuses = relationship('ChangesetStatus')

    comments = relationship('ChangesetComment',

                             cascade="all, delete, delete-orphan")

    def is_closed(self):

        return self.status == self.STATUS_CLOSED

    def __json__(self):

from rhodecode.tests import *

from rhodecode.model.db import RhodeCodeSetting

from nose.plugins.skip import SkipTest

skip_ldap_test = False

try:

    import ldap

except ImportError:

    # means that python-ldap is not installed

    skip_ldap_test = True

    pass

class TestLdapSettingsController(TestController):

    def test_index(self):

        self.log_user()

        response = self.app.get(url(controller='admin/ldap_settings',

                                    action='index'))

        self.assertTrue('LDAP administration' in response.body)

    def test_ldap_save_settings(self):

        self.log_user()

        if skip_ldap_test:

            raise SkipTest('skipping due to missing ldap lib')

        test_url = url(controller='admin/ldap_settings',

                       action='ldap_settings')

        response = self.app.post(url=test_url,

            params={'ldap_host' : u'dc.example.com',

                    'ldap_port' : '999',

                    'ldap_tls_kind' : 'PLAIN',

                    'ldap_tls_reqcert' : 'NEVER',

                    'ldap_dn_user':'test_user',

                    'ldap_dn_pass':'test_pass',

                    'ldap_base_dn':'test_base_dn',

                    'ldap_filter':'test_filter',

                    'ldap_search_scope':'BASE',

                    'ldap_attr_login':'test_attr_login',

                    'ldap_attr_firstname':'ima',

                    'ldap_attr_lastname':'tester',

                    'ldap_attr_email':'test@example.com' })

        new_settings = RhodeCodeSetting.get_ldap_settings()

        self.assertEqual(new_settings['ldap_host'], u'dc.example.com',

                         'fail db write compare')

        self.checkSessionFlash(response,

                               'Ldap settings updated successfully')

    def test_ldap_error_form(self):

        self.log_user()

        if skip_ldap_test:

            raise SkipTest('skipping due to missing ldap lib')

        test_url = url(controller='admin/ldap_settings',

                       action='ldap_settings')

        response = self.app.post(url=test_url,

            params={'ldap_host' : '',

                    'ldap_port' : 'i-should-be-number',

                    'ldap_tls_kind' : 'PLAIN',

                    'ldap_tls_reqcert' : 'NEVER',

                    'ldap_dn_user':'',

                    'ldap_dn_pass':'',

                    'ldap_base_dn':'',

                    'ldap_filter':'',

                    'ldap_search_scope':'BASE',

                    'ldap_attr_login':'', #  <----- missing required input

                    'ldap_attr_firstname':'',

                    'ldap_attr_lastname':'',

                    'ldap_attr_email':'' })

        self.assertTrue("""<span class="error-message">The LDAP Login"""

                        """ attribute of the CN must be specified""" in

                        response.body)

        self.assertTrue("""<span class="error-message">Please """

                        """enter a number</span>""" in response.body)

    def test_ldap_login(self):

        pass

    def test_ldap_login_incorrect(self):

        pass