c.admin_username = session.get('admin_username')

        super(ReposController, self).__before__()

    def __load_defaults(self):

        acl_groups = GroupList(RepoGroup.query().all(),

                               perm_set=['group.write', 'group.admin'])

        c.repo_groups = RepoGroup.groups_choices(groups=acl_groups)

        c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups)

        repo_model = RepoModel()

        c.users_array = repo_model.get_users_js()

        c.users_groups_array = repo_model.get_users_groups_js()

        choices, c.landing_revs = ScmModel().get_repo_landing_revs()

        c.landing_revs_choices = choices

    def __load_data(self, repo_name=None):

        """

        Load defaults settings for edit, and update

        :param repo_name:

        """

        self.__load_defaults()

        c.repo_info = db_repo = Repository.get_by_repo_name(repo_name)

        repo = db_repo.scm_instance

        if c.repo_info is None:

            h.not_mapped_error(repo_name)

            return redirect(url('repos'))

        ##override defaults for exact repo info here git/hg etc

        choices, c.landing_revs = ScmModel().get_repo_landing_revs(c.repo_info)

        c.landing_revs_choices = choices

        c.default_user_id = User.get_by_username('default').user_id

        c.in_public_journal = UserFollowing.query()\

            .filter(UserFollowing.user_id == c.default_user_id)\

            .filter(UserFollowing.follows_repository == c.repo_info).scalar()

        if c.repo_info.stats:

            # this is on what revision we ended up so we add +1 for count

            last_rev = c.repo_info.stats.stat_on_revision + 1

        else:

            last_rev = 0

        c.stats_revision = last_rev

        c.repo_last_rev = repo.count() if repo.revisions else 0

        if last_rev == 0 or c.repo_last_rev == 0:

            c.stats_percentage = 0

        else:

            c.stats_percentage = '%.2f' % ((float((last_rev)) /

                                            c.repo_last_rev) * 100)

        c.repo_fields = RepositoryField.query()\

            .filter(RepositoryField.repository == db_repo).all()

        defaults = RepoModel()._get_defaults(repo_name)

        c.repos_list = [('', _('--REMOVE FORK--'))]

        c.repos_list += [(x.repo_id, x.repo_name) for x in

                    Repository.query().order_by(Repository.repo_name).all()

                    if x.repo_id != c.repo_info.repo_id]

        defaults['id_fork_of'] = db_repo.fork.repo_id if db_repo.fork else ''

        return defaults

    @HasPermissionAllDecorator('hg.admin')

    def index(self, format='html'):

        """GET /repos: All items in the collection"""

        # url('repos')

        c.repos_list = Repository.query()\

                        .order_by(func.lower(Repository.repo_name))\

                        .all()

        repos_data = RepoModel().get_repos_as_dict(repos_list=c.repos_list,

                                                   admin=True,

                                                   super_user_actions=True)

        #json used to render the grid

        c.data = json.dumps(repos_data)

        return render('admin/repos/repos.html')

    @NotAnonymous()

    def create(self):

        """

        POST /repos: Create a new item"""

        # url('repos')

        self.__load_defaults()

        form_result = {}

        try:

            form_result = RepoForm(repo_groups=c.repo_groups_choices,

                                   landing_revs=c.landing_revs_choices)()\

                            .to_python(dict(request.POST))

            new_repo = RepoModel().create(form_result,

                                          self.rhodecode_user.user_id)

            if form_result['clone_uri']:

                h.flash(_('created repository %s from %s') \

                    % (form_result['repo_name'], form_result['clone_uri']),

                    category='success')

            else:

                h.flash(_('created repository %s') % form_result['repo_name'],

                    category='success')

            if request.POST.get('user_created'):

                # created by regular non admin user

                action_logger(self.rhodecode_user, 'user_created_repo',

                              form_result['repo_name_full'], self.ip_addr,

                              self.sa)

            else:

                action_logger(self.rhodecode_user, 'admin_created_repo',

                              form_result['repo_name_full'], self.ip_addr,

                              self.sa)

            Session().commit()

        except formencode.Invalid, errors:

            return htmlfill.render(

                render('admin/repos/repo_add.html'),

                defaults=errors.value,

                errors=errors.error_dict or {},

                prefix_error=False,

                encoding="UTF-8")

        except Exception:

            log.error(traceback.format_exc())

            msg = _('error occurred during creation of repository %s') \

                    % form_result.get('repo_name')

            h.flash(msg, category='error')

            if c.rhodecode_user.is_admin:

                return redirect(url('repos'))

            return redirect(url('home'))

        #redirect to our new repo !

        return redirect(url('summary_home', repo_name=new_repo.repo_name))

    @HasPermissionAllDecorator('hg.admin')

    def new(self, format='html'):

        """

        WARNING: this function is depracated see settings.create_repo !!

        GET /repos/new: Form to create a new item

        """

        parent_group = request.GET.get('parent_group')

        self.__load_defaults()

        ## apply the defaults from defaults page

        defaults = RhodeCodeSetting.get_default_repo_settings(strip_prefix=True)

        if parent_group:

            defaults.update({'repo_group': parent_group})

        return htmlfill.render(

            render('admin/repos/repo_add.html'),

            defaults=defaults,

            errors={},

            prefix_error=False,

            encoding="UTF-8"

        )

    @HasPermissionAllDecorator('hg.admin')

    def update(self, repo_name):

        """

        PUT /repos/repo_name: Update an existing item"""

        # Forms posted to this method should contain a hidden field:

        #    <input type="hidden" name="_method" value="PUT" />

        # Or using helpers:

        #    h.form(url('repo', repo_name=ID),

        #           method='put')

        # url('repo', repo_name=ID)

        self.__load_defaults()

        repo_model = RepoModel()

        changed_name = repo_name

        #override the choices with extracted revisions !

        choices, c.landing_revs = ScmModel().get_repo_landing_revs(repo_name)

        c.landing_revs_choices = choices

        _form = RepoForm(edit=True, old_data={'repo_name': repo_name},

                         repo_groups=c.repo_groups_choices,

                         landing_revs=c.landing_revs_choices)()

        try:

            form_result = _form.to_python(dict(request.POST))

            repo = repo_model.update(repo_name, **form_result)

            invalidate_cache('get_repo_cached_%s' % repo_name)

            h.flash(_('Repository %s updated successfully') % repo_name,

                    category='success')

            changed_name = repo.repo_name

            action_logger(self.rhodecode_user, 'admin_updated_repo',

                              changed_name, self.ip_addr, self.sa)

            Session().commit()

        except formencode.Invalid, errors:

            defaults = self.__load_data(repo_name)

            defaults.update(errors.value)

"""

Set of generic validators

"""

import os

import re

import formencode

import logging

from collections import defaultdict

from pylons.i18n.translation import _

from webhelpers.pylonslib.secure_form import authentication_token

from formencode.validators import (

    UnicodeString, OneOf, Int, Number, Regex, Email, Bool, StringBoolean, Set,

    NotEmpty, IPAddress, CIDR

)

from rhodecode.lib.compat import OrderedSet

from rhodecode.lib import ipaddr

from rhodecode.lib.utils import repo_name_slug

from rhodecode.model.db import RepoGroup, Repository, UsersGroup, User,\

    ChangesetStatus

from rhodecode.lib.exceptions import LdapImportError

from rhodecode.config.routing import ADMIN_PREFIX

# silence warnings and pylint

UnicodeString, OneOf, Int, Number, Regex, Email, Bool, StringBoolean, Set, \

    NotEmpty, IPAddress, CIDR

log = logging.getLogger(__name__)

class UniqueList(formencode.FancyValidator):

    """

    Unique List !

    """

    messages = dict(

        empty=_('Value cannot be an empty list'),

        missing_value=_('Value cannot be an empty list'),

    )

    def _to_python(self, value, state):

        if isinstance(value, list):

            return value

        elif isinstance(value, set):

            return list(value)

        elif isinstance(value, tuple):

            return list(value)

        elif value is None:

            return []

        else:

            return [value]

    def empty_value(self, value):

        return []

class StateObj(object):

    """

    this is needed to translate the messages using _() in validators

    """

    _ = staticmethod(_)

def M(self, key, state=None, **kwargs):

    """

    returns string from self.message based on given key,

    passed kw params are used to substitute %(named)s params inside

    translated strings

    :param msg:

    :param state:

    """

    if state is None:

        state = StateObj()

    else:

        state._ = staticmethod(_)

    #inject validator into state object

    return self.message(key, state, **kwargs)

def ValidUsername(edit=False, old_data={}):

    class _validator(formencode.validators.FancyValidator):

        messages = {

            'username_exists': _(u'Username "%(username)s" already exists'),

            'system_invalid_username':

                _(u'Username "%(username)s" is forbidden'),

            'invalid_username':

                _(u'Username may only contain alphanumeric characters '

                  'underscores, periods or dashes and must begin with '

                  'alphanumeric character')

        }

        def validate_python(self, value, state):

            if value in ['default', 'new_user']:

                msg = M(self, 'system_invalid_username', state, username=value)

                raise formencode.Invalid(msg, value, state)

            #check if user is unique

            old_un = None

            if edit:

                old_un = User.get(old_data.get('user_id')).username

            if old_un != value or not edit:

                if User.get_by_username(value, case_insensitive=True):

                    msg = M(self, 'username_exists', state, username=value)

                    raise formencode.Invalid(msg, value, state)

            if re.match(r'^[a-zA-Z0-9]{1}[a-zA-Z0-9\-\_\.]*$', value) is None:

                msg = M(self, 'invalid_username', state)

                raise formencode.Invalid(msg, value, state)

    return _validator

def ValidRepoUser():

    class _validator(formencode.validators.FancyValidator):

        messages = {

            'invalid_username': _(u'Username %(username)s is not valid')

        }

        def validate_python(self, value, state):

                        raise formencode.Invalid(msg, value, state,

                            error_dict=dict(repo_name=msg)

                        )

            return value

    return _validator

def ValidForkName(*args, **kwargs):

    return ValidRepoName(*args, **kwargs)

def SlugifyName():

    class _validator(formencode.validators.FancyValidator):

        def _to_python(self, value, state):

            return repo_name_slug(value)

        def validate_python(self, value, state):

            pass

    return _validator

def ValidCloneUri():

    from rhodecode.lib.utils import make_ui

    def url_handler(repo_type, url, ui=None):

        if repo_type == 'hg':

            from rhodecode.lib.vcs.backends.hg.repository import MercurialRepository

            from mercurial.httppeer import httppeer

            if url.startswith('http'):

                ## initially check if it's at least the proper URL

                ## or does it pass basic auth

                MercurialRepository._check_url(url)

                httppeer(ui, url)._capabilities()

            elif url.startswith('svn+http'):

                from hgsubversion.svnrepo import svnremoterepo

                svnremoterepo(ui, url).capabilities

            elif url.startswith('git+http'):

                raise NotImplementedError()

        elif repo_type == 'git':

            from rhodecode.lib.vcs.backends.git.repository import GitRepository

            if url.startswith('http'):

                ## initially check if it's at least the proper URL

                ## or does it pass basic auth

                GitRepository._check_url(url)

            elif url.startswith('svn+http'):

                raise NotImplementedError()

            elif url.startswith('hg+http'):

                raise NotImplementedError()

    class _validator(formencode.validators.FancyValidator):

        messages = {

            'clone_uri': _(u'invalid clone url'),

            'invalid_clone_uri': _(u'Invalid clone url, provide a '

                                    'valid clone http(s)/svn+http(s) url')

        }

        def validate_python(self, value, state):

            repo_type = value.get('repo_type')

            url = value.get('clone_uri')

            if not url:

                pass

            else:

                try:

                    url_handler(repo_type, url, make_ui('db', clear_session=False))

                except Exception:

                    log.exception('Url validation failed')

                    msg = M(self, 'clone_uri')

                    raise formencode.Invalid(msg, value, state,

                        error_dict=dict(clone_uri=msg)

                    )

    return _validator

def ValidForkType(old_data={}):

    class _validator(formencode.validators.FancyValidator):

        messages = {

            'invalid_fork_type': _(u'Fork have to be the same type as parent')

        }

        def validate_python(self, value, state):

            if old_data['repo_type'] != value:

                msg = M(self, 'invalid_fork_type', state)

                raise formencode.Invalid(msg, value, state,

                    error_dict=dict(repo_type=msg)

                )

    return _validator

def CanWriteGroup():

    class _validator(formencode.validators.FancyValidator):

        messages = {

            'permission_denied': _(u"You don't have permissions "

        }

            #root location

            if value in [-1, "-1"]:

                return None

            return value

        def validate_python(self, value, state):

            gr = RepoGroup.get(value)

            gr_name = gr.group_name if gr else None  # None means ROOT location

            val = HasReposGroupPermissionAny('group.write', 'group.admin')

            forbidden = not val(gr_name, 'can write into group validator')

            #parent group need to be existing

            if gr and forbidden:

                msg = M(self, 'permission_denied', state)

                raise formencode.Invalid(msg, value, state,

                    error_dict=dict(repo_type=msg)

                )

    return _validator

def CanCreateGroup(can_create_in_root=False):

    class _validator(formencode.validators.FancyValidator):

        messages = {

            'permission_denied': _(u"You don't have permissions "

                                   "to create a group in this location")

        }

        def to_python(self, value, state):

            #root location

            if value in [-1, "-1"]:

                return None

            return value

        def validate_python(self, value, state):

            gr = RepoGroup.get(value)

            gr_name = gr.group_name if gr else None  # None means ROOT location

            if can_create_in_root and gr is None:

                #we can create in root, we're fine no validations required

                return

            forbidden_in_root = gr is None and can_create_in_root is False

            val = HasReposGroupPermissionAny('group.admin')

            forbidden = not val(gr_name, 'can create group validator')

            if forbidden_in_root or forbidden:

                msg = M(self, 'permission_denied', state)

                raise formencode.Invalid(msg, value, state,

                    error_dict=dict(group_parent_id=msg)

                )

    return _validator

def ValidPerms(type_='repo'):

    if type_ == 'group':

        EMPTY_PERM = 'group.none'

    elif type_ == 'repo':

        EMPTY_PERM = 'repository.none'

    class _validator(formencode.validators.FancyValidator):

        messages = {

            'perm_new_member_name':

                _(u'This username or users group name is not valid')

        }

        def to_python(self, value, state):

            perms_update = OrderedSet()

            perms_new = OrderedSet()

            # build a list of permission to update and new permission to create

            #CLEAN OUT ORG VALUE FROM NEW MEMBERS, and group them using

            new_perms_group = defaultdict(dict)

            for k, v in value.copy().iteritems():

                if k.startswith('perm_new_member'):

                    del value[k]

                    _type, part = k.split('perm_new_member_')

                    args = part.split('_')

                    if len(args) == 1:

                        new_perms_group[args[0]]['perm'] = v

                    elif len(args) == 2:

                        _key, pos = args

                        new_perms_group[pos][_key] = v

            # fill new permissions in order of how they were added

            for k in sorted(map(int, new_perms_group.keys())):

                perm_dict = new_perms_group[str(k)]

                new_member = perm_dict.get('name')

                new_perm = perm_dict.get('perm')

                new_type = perm_dict.get('type')

                if new_member and new_perm and new_type:

                    perms_new.add((new_member, new_perm, new_type))

            for k, v in value.iteritems():

                if k.startswith('u_perm_') or k.startswith('g_perm_'):

                    member = k[7:]

                    t = {'u': 'user',

                         'g': 'users_group'

                    }[k[0]]

                    if member == 'default':

                        if value.get('repo_private'):

                            # set none for default when updating to

                            # private repo

                            v = EMPTY_PERM

                    perms_update.add((member, v, t))

            #always set NONE when private flag is set

            if value.get('repo_private'):

                perms_update.add(('default', EMPTY_PERM, 'user'))

            value['perms_updates'] = list(perms_update)

            value['perms_new'] = list(perms_new)

            # update permissions

            for k, v, t in perms_new: