# -*- coding: utf-8 -*-

"""

    rhodecode.controllers.login

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Login controller for rhodeocode

    :created_on: Apr 22, 2010

    :author: marcink

    :copyright: (C) 2009-2011 Marcin Kuzminski <marcin@python-works.com>

    :license: GPLv3, see COPYING for more details.

"""

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

import logging

import formencode

from formencode import htmlfill

from pylons.i18n.translation import _

from pylons.controllers.util import abort, redirect

from pylons import request, response, session, tmpl_context as c, url

import rhodecode.lib.helpers as h

from rhodecode.lib.auth import AuthUser, HasPermissionAnyDecorator

from rhodecode.lib.base import BaseController, render

from rhodecode.model.db import User

from rhodecode.model.forms import LoginForm, RegisterForm, PasswordResetForm

from rhodecode.model.user import UserModel

from rhodecode.model.meta import Session

log = logging.getLogger(__name__)

class LoginController(BaseController):

    def __before__(self):

        super(LoginController, self).__before__()

    def index(self):

        # redirect if already logged in

        c.came_from = request.GET.get('came_from', None)

        if self.rhodecode_user.is_authenticated \

                            and self.rhodecode_user.username != 'default':

            return redirect(url('home'))

        if request.POST:

            # import Login Form validator class

            login_form = LoginForm()

            try:

                c.form_result = login_form.to_python(dict(request.POST))

                # form checks for username/password, now we're authenticated

                username = c.form_result['username']

                user = User.get_by_username(username, case_insensitive=True)

                auth_user = AuthUser(user.user_id)

                auth_user.set_authenticated()

                cs = auth_user.get_cookie_store()

                session['rhodecode_user'] = cs

                session.save()

                log.info('user %s is now authenticated and stored in '

                         'session, session attrs %s' % (username, cs))

                user.update_lastlogin()

                Session.commit()

                if c.came_from:

                    return redirect(c.came_from)

                else:

                    return redirect(url('home'))

            except formencode.Invalid, errors:

                return htmlfill.render(

                    render('/login.html'),

                    defaults=errors.value,

                    errors=errors.error_dict or {},

                    prefix_error=False,

                    encoding="UTF-8")

        return render('/login.html')

    @HasPermissionAnyDecorator('hg.admin', 'hg.register.auto_activate',

                               'hg.register.manual_activate')

    def register(self):

        c.auto_active = False

        for perm in User.get_by_username('default').user_perms:

            if perm.permission.permission_name == 'hg.register.auto_activate':

                c.auto_active = True

                break

        if request.POST:

            register_form = RegisterForm()()

            try:

                form_result = register_form.to_python(dict(request.POST))

                form_result['active'] = c.auto_active

                UserModel().create_registration(form_result)

                h.flash(_('You have successfully registered into rhodecode'),

                            category='success')

                Session.commit()

                return redirect(url('login_home'))

            except formencode.Invalid, errors:

                return htmlfill.render(

                    render('/register.html'),

                    defaults=errors.value,

                    errors=errors.error_dict or {},

                    prefix_error=False,

                    encoding="UTF-8")

        return render('/register.html')

    def password_reset(self):

        if request.POST:

            password_reset_form = PasswordResetForm()()

            try:

                form_result = password_reset_form.to_python(dict(request.POST))

                UserModel().reset_password_link(form_result)

                h.flash(_('Your password reset link was sent'),

                            category='success')

                return redirect(url('login_home'))

            except formencode.Invalid, errors:

                return htmlfill.render(

                    render('/password_reset.html'),

                    defaults=errors.value,

                    errors=errors.error_dict or {},

                    prefix_error=False,

                    encoding="UTF-8")

        return render('/password_reset.html')

    def password_reset_confirmation(self):

        if request.GET and request.GET.get('key'):

            try:

                user = User.get_by_api_key(request.GET.get('key'))

                data = dict(email=user.email)

                UserModel().reset_password(data)

                h.flash(_('Your password reset was successful, '

                          'new password has been sent to your email'),

                            category='success')

            except Exception, e:

                log.error(e)

                return redirect(url('reset_password'))

        return redirect(url('login_home'))

    def logout(self):

        redirect(url('home'))

            except Exception:

                msg = self.message('perm_new_member_name',

                                     state=State_obj)

                raise formencode.Invalid(msg, value, state,

                                         error_dict={'perm_new_member_name':msg})

        return value

class ValidSettings(formencode.validators.FancyValidator):

    def to_python(self, value, state):

        # settings  form can't edit user

        if value.has_key('user'):

            del['value']['user']

        return value

class ValidPath(formencode.validators.FancyValidator):

    def to_python(self, value, state):

        if not os.path.isdir(value):

            msg = _('This is not a valid path')

            raise formencode.Invalid(msg, value, state,

                                     error_dict={'paths_root_path':msg})

        return value

def UniqSystemEmail(old_data):

    class _UniqSystemEmail(formencode.validators.FancyValidator):

        def to_python(self, value, state):

            value = value.lower()

            if old_data.get('email','').lower() != value:

                user = User.get_by_email(value, case_insensitive=True)

                if user:

                    raise formencode.Invalid(

                                    _("This e-mail address is already taken"),

                                    value, state)

            return value

    return _UniqSystemEmail

class ValidSystemEmail(formencode.validators.FancyValidator):

    def to_python(self, value, state):

        value = value.lower()

        user = User.get_by_email(value, case_insensitive=True)

        if  user is None:

            raise formencode.Invalid(_("This e-mail address doesn't exist.") ,

                                     value, state)

        return value

class LdapLibValidator(formencode.validators.FancyValidator):

    def to_python(self, value, state):

        try:

            import ldap

        except ImportError:

            raise LdapImportError

        return value

class AttrLoginValidator(formencode.validators.FancyValidator):

    def to_python(self, value, state):

        if not value or not isinstance(value, (str, unicode)):

            raise formencode.Invalid(_("The LDAP Login attribute of the CN "

                                       "must be specified - this is the name "

                                       "of the attribute that is equivalent "

                                       "to 'username'"),

                                     value, state)

        return value

#===============================================================================

# FORMS

#===============================================================================

class LoginForm(formencode.Schema):

    allow_extra_fields = True

    filter_extra_fields = True

    username = UnicodeString(

                             strip=True,

                             min=1,

                             not_empty=True,

                             messages={

                                'empty':_('Please enter a login'),

                                'tooShort':_('Enter a value %(min)i characters long or more')}

                            )

    password = UnicodeString(

                            strip=True,

                            min=3,

                            not_empty=True,

                            messages={

                                'empty':_('Please enter a password'),

                                'tooShort':_('Enter %(min)i characters or more')}

                                )

    chained_validators = [ValidAuth]

def UserForm(edit=False, old_data={}):

    class _UserForm(formencode.Schema):

        allow_extra_fields = True

        filter_extra_fields = True

        username = All(UnicodeString(strip=True, min=1, not_empty=True),

                       ValidUsername(edit, old_data))

        if edit:

            new_password = All(UnicodeString(strip=True, min=6, not_empty=False))

            password_confirmation = All(UnicodeString(strip=True, min=6, not_empty=False))

            admin = StringBoolean(if_missing=False)

        else:

            password = All(UnicodeString(strip=True, min=6, not_empty=True))

            password_confirmation = All(UnicodeString(strip=True, min=6, not_empty=False))

        active = StringBoolean(if_missing=False)

        name = UnicodeString(strip=True, min=1, not_empty=True)

        lastname = UnicodeString(strip=True, min=1, not_empty=True)

        email = All(Email(not_empty=True), UniqSystemEmail(old_data))

        chained_validators = [ValidPasswordsMatch, ValidPassword]

    return _UserForm

def UsersGroupForm(edit=False, old_data={}, available_members=[]):

    class _UsersGroupForm(formencode.Schema):

        allow_extra_fields = True

        filter_extra_fields = True

        users_group_name = All(UnicodeString(strip=True, min=1, not_empty=True),

                       ValidUsersGroup(edit, old_data))

        users_group_active = StringBoolean(if_missing=False)

        if edit:

            users_group_members = OneOf(available_members, hideList=False,

                                        testValueList=True,

                                        if_missing=None, not_empty=False)

    return _UsersGroupForm

def ReposGroupForm(edit=False, old_data={}, available_groups=[]):

    class _ReposGroupForm(formencode.Schema):

        allow_extra_fields = True

        filter_extra_fields = True

        group_name = All(UnicodeString(strip=True, min=1, not_empty=True),

                               SlugifyName())

        group_description = UnicodeString(strip=True, min=1,

                                                not_empty=True)

        group_parent_id = OneOf(available_groups, hideList=False,

                                        testValueList=True,

                                        if_missing=None, not_empty=False)

        chained_validators = [ValidReposGroup(edit, old_data)]

    return _ReposGroupForm

def RegisterForm(edit=False, old_data={}):

    class _RegisterForm(formencode.Schema):

        allow_extra_fields = True

        filter_extra_fields = True

        username = All(ValidUsername(edit, old_data),

                       UnicodeString(strip=True, min=1, not_empty=True))

        password = All(UnicodeString(strip=True, min=6, not_empty=True))

        password_confirmation = All(UnicodeString(strip=True, min=6, not_empty=True))

        active = StringBoolean(if_missing=False)

        name = UnicodeString(strip=True, min=1, not_empty=True)

        lastname = UnicodeString(strip=True, min=1, not_empty=True)

        email = All(Email(not_empty=True), UniqSystemEmail(old_data))

        chained_validators = [ValidPasswordsMatch, ValidPassword]

    return _RegisterForm

def PasswordResetForm():

    class _PasswordResetForm(formencode.Schema):

        allow_extra_fields = True

        filter_extra_fields = True

        email = All(ValidSystemEmail(), Email(not_empty=True))

    return _PasswordResetForm

def RepoForm(edit=False, old_data={}, supported_backends=BACKENDS.keys(),

             repo_groups=[]):

    class _RepoForm(formencode.Schema):

        allow_extra_fields = True

        filter_extra_fields = False

        repo_name = All(UnicodeString(strip=True, min=1, not_empty=True),

                        SlugifyName())

        clone_uri = All(UnicodeString(strip=True, min=1, not_empty=False),

                        ValidCloneUri()())

        repo_group = OneOf(repo_groups, hideList=True)

        repo_type = OneOf(supported_backends)

        description = UnicodeString(strip=True, min=1, not_empty=True)

## -*- coding: utf-8 -*-

<%inherit file="base/root.html"/>

<%def name="title()">

    ${_('Sign In')} - ${c.rhodecode_name}

</%def>

<div id="login">

<div class="flash_msg">

    <% messages = h.flash.pop_messages() %>

    % if messages:

    <ul id="flash-messages">

        % for message in messages:

        <li class="${message.category}_msg">${message}</li>

        % endfor

    </ul>

    % endif

</div>          

    <!-- login -->

    <div class="title top-left-rounded-corner top-right-rounded-corner">

        <h5>${_('Sign In to')} ${c.rhodecode_name}</h5>

    </div>

    <div class="inner">            

        ${h.form(h.url.current(came_from=c.came_from))}

        <div class="form">

            <!-- fields -->

            <div class="fields">

                <div class="field">

                    <div class="label">

                        <label for="username">${_('Username')}:</label>

                    </div>

                    <div class="input">

                        ${h.text('username',class_='focus',size=40)}

                    </div>

                </div>                     

                <div class="field">

                    <div class="label">

                        <label for="password">${_('Password')}:</label>

                    </div>

                    <div class="input">

                        ${h.password('password',class_='focus',size=40)}

                    </div>

                </div>

                <div class="buttons">

                    ${h.submit('sign_in',_('Sign In'),class_="ui-button")}

                </div>

            </div>

            <!-- end fields -->

            <!-- links -->

            <div class="links">

                ${h.link_to(_('Forgot your password ?'),h.url('reset_password'))}

                %if h.HasPermissionAny('hg.admin', 'hg.register.auto_activate', 'hg.register.manual_activate')():

                  / 

                 ${h.link_to(_("Don't have an account ?"),h.url('register'))}

                %endif

            </div>

            <!-- end links -->

        </div>

        ${h.end_form()}

        <script type="text/javascript">

        YUE.onDOMReady(function(){

        	YUD.get('username').focus();

        })

        </script>

    </div>

    <!-- end login -->

</div>