('use_gravatar', True, 'bool'),

            ('gravatar_url', User.DEFAULT_GRAVATAR_URL, 'unicode'),

            ('clone_uri_tmpl', Repository.DEFAULT_CLONE_URI, 'unicode'),

            ('clone_ssh_tmpl', Repository.DEFAULT_CLONE_SSH, 'unicode'),

        ]

        for key, val, type_ in settings:

            sett = Setting(key, val, type_)

            self.sa.add(sett)

        self.create_auth_plugin_options()

        self.create_default_options()

        log.info('Populated Ui and Settings defaults')

    def create_user(self, username, password, email='', admin=False):

        log.info('creating user %s', username)

        UserModel().create_or_update(username, password, email,

                                     firstname='Kallithea', lastname='Admin',

                                     active=True, admin=admin,

                                     extern_type=User.DEFAULT_AUTH_TYPE)

    def create_default_user(self):

        log.info('creating default user')

        # create default user for handling default permissions.

                                            password=str(uuid.uuid1())[:20],

                                            email='anonymous@kallithea-scm.org',

                                            firstname='Anonymous',

                                            lastname='User')

        # based on configuration options activate/deactivate this user which

        # controls anonymous access

        if self.cli_args.get('public_access') is False:

            log.info('Public access disabled')

            user.active = False

            Session().commit()

    def create_permissions(self):

        """

        Creates all permissions defined in the system

        """

        # module.(access|create|change|delete)_[name]

        # module.(none|read|write|admin)

        log.info('creating permissions')

        PermissionModel().create_permissions()

    def populate_default_permissions(self):

        """

        Populate default permissions. It will create only the default

        permissions that are missing, and not alter already defined ones

        """

        log.info('creating default user permissions')

    @classmethod

    def get_repos_location(cls):

        return cls.get_by_key('paths', '/').ui_value

    @classmethod

    def create_or_update_hook(cls, key, val):

        new_ui = cls.get_or_create('hooks', key)

        new_ui.ui_active = True

        new_ui.ui_value = val

    def __repr__(self):

        return '<%s %s.%s=%r>' % (

            self.__class__.__name__,

            self.ui_section, self.ui_key, self.ui_value)

class User(Base, BaseDbModel):

    __tablename__ = 'users'

    __table_args__ = (

        Index('u_username_idx', 'username'),

        Index('u_email_idx', 'email'),

        _table_args_default_dict,

    )

    DEFAULT_GRAVATAR_URL = 'https://secure.gravatar.com/avatar/{md5email}?d=identicon&s={size}'

    # The name of the default auth type in extern_type, 'internal' lives in auth_internal.py

    DEFAULT_AUTH_TYPE = 'internal'

    user_id = Column(Integer(), primary_key=True)

    username = Column(String(255), nullable=False, unique=True)

    password = Column(String(255), nullable=False)

    active = Column(Boolean(), nullable=False, default=True)

    admin = Column(Boolean(), nullable=False, default=False)

    name = Column("firstname", Unicode(255), nullable=False)

    lastname = Column(Unicode(255), nullable=False)

    _email = Column("email", String(255), nullable=True, unique=True) # FIXME: not nullable?

    last_login = Column(DateTime(timezone=False), nullable=True)

    extern_type = Column(String(255), nullable=True) # FIXME: not nullable?

    extern_name = Column(String(255), nullable=True) # FIXME: not nullable?

    api_key = Column(String(255), nullable=False)

    created_on = Column(DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

    _user_data = Column("user_data", LargeBinary(), nullable=True)  # JSON data # FIXME: not nullable?

    user_log = relationship('UserLog')

    user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all')

    repositories = relationship('Repository')

    repo_groups = relationship('RepoGroup')

    @property

    def full_name_and_username(self):

        """

        Show full name and username as 'Firstname Lastname (username)'.

        If full name is not set, fall back to username.

        """

        return ('%s %s (%s)' % (self.firstname, self.lastname, self.username)

                if (self.firstname and self.lastname) else self.username)

    @property

    def full_contact(self):

        return '%s %s <%s>' % (self.firstname, self.lastname, self.email)

    @property

    def short_contact(self):

        return '%s %s' % (self.firstname, self.lastname)

    @property

    def is_admin(self):

        return self.admin

    @hybrid_property

    def is_default_user(self):

    @hybrid_property

    def user_data(self):

        if not self._user_data:

            return {}

        try:

            return ext_json.loads(self._user_data)

        except TypeError:

            return {}

    @user_data.setter

    def user_data(self, val):

        try:

            self._user_data = ascii_bytes(ext_json.dumps(val))

        except Exception:

            log.error(traceback.format_exc())

    def __repr__(self):

        return "<%s %s: %r>" % (self.__class__.__name__, self.user_id, self.username)

    @classmethod

    def guess_instance(cls, value):

        return super(User, cls).guess_instance(value, User.get_by_username)

        if _email:

            user = cls.get_by_email(_email)

            if user is not None:

                return user

        # Maybe we can match by username?

        _author = author_name(author)

        user = cls.get_by_username(_author, case_insensitive=True)

        if user is not None:

            return user

    def update_lastlogin(self):

        """Update user lastlogin"""

        self.last_login = datetime.datetime.now()

        log.debug('updated user %s lastlogin', self.username)

    @classmethod

    def get_first_admin(cls):

        user = User.query().filter(User.admin == True).first()

        if user is None:

            raise Exception('Missing administrative account!')

        return user

    @classmethod

    def get_default_user(cls):

        if user is None:

            raise Exception('Missing default account!')

        return user

    def get_api_data(self, details=False):

        """

        Common function for generating user related data for API

        """

        user = self

        data = dict(

            user_id=user.user_id,

            username=user.username,

            firstname=user.name,

            lastname=user.lastname,

            email=user.email,

            emails=user.emails,

            active=user.active,

            admin=user.admin,

        )

        if details:

            data.update(dict(

                extern_type=user.extern_type,

                extern_name=user.extern_name,

                api_key=user.api_key,

                Session().add(new_perm)

    def create_default_permissions(self, user, force=False):

        """

        Create missing default permissions for user. If force is set, the default

        permissions for the user are reset, otherwise only missing permissions are

        created.

        :param user:

        """

        user = User.guess_instance(user)

        def _make_perm(perm):

            new_perm = UserToPerm()

            new_perm.user = user

            new_perm.permission = Permission.get_by_key(perm)

            return new_perm

        def _get_group(perm_name):

            return '.'.join(perm_name.split('.')[:1])

        perms = UserToPerm.query().filter(UserToPerm.user == user).all()

        defined_perms_groups = set(_get_group(x.permission.permission_name) for x in perms)

        log.debug('GOT ALREADY DEFINED:%s', perms)

        if force:

            for perm in perms:

                Session().delete(perm)

            Session().commit()

            defined_perms_groups = []

        # For every default permission that needs to be created, we check if

        # its group is already defined. If it's not, we create default permission.

            gr = _get_group(perm_name)

            if gr not in defined_perms_groups:

                log.debug('GR:%s not found, creating permission %s',

                          gr, perm_name)

                new_perm = _make_perm(perm_name)

                Session().add(new_perm)

    def update(self, form_result):

        perm_user = User.get_by_username(username=form_result['perm_user_name'])

        try:

            # stage 1 set anonymous access

            if perm_user.is_default_user:

                perm_user.active = str2bool(form_result['anonymous'])

            # stage 2 reset defaults and set them from form data

            def _make_new(usr, perm_name):

                log.debug('Creating new permission:%s', perm_name)

                new = UserToPerm()

                new.user = usr

                new.permission = Permission.get_by_key(perm_name)

                return new

            # clear current entries, to make this function idempotent

            # it will fix even if we define more permissions or permissions

            # CLEAN OUT ORG VALUE FROM NEW MEMBERS, and group them using

            new_perms_group = defaultdict(dict)

            for k, v in value.copy().items():

                if k.startswith('perm_new_member'):

                    del value[k]

                    _type, part = k.split('perm_new_member_')

                    args = part.split('_')

                    if len(args) == 1:

                        new_perms_group[args[0]]['perm'] = v

                    elif len(args) == 2:

                        _key, pos = args

                        new_perms_group[pos][_key] = v

            # fill new permissions in order of how they were added

            for k in sorted(new_perms_group, key=lambda k: int(k)):

                perm_dict = new_perms_group[k]

                new_member = perm_dict.get('name')

                new_perm = perm_dict.get('perm')

                new_type = perm_dict.get('type')

                if new_member and new_perm and new_type:

                    perms_new.add((new_member, new_perm, new_type))

            for k, v in value.items():

                if k.startswith('u_perm_') or k.startswith('g_perm_'):

                    t = {'u': 'user',

                         'g': 'users_group'

                    }[k[0]]

                        if str2bool(value.get('repo_private')):

                            # set none for default when updating to

                            # private repo protects against form manipulation

                            v = EMPTY_PERM

            value['perms_updates'] = list(perms_update)

            value['perms_new'] = list(perms_new)

            # update permissions

            for k, v, t in perms_new:

                try:

                    if t == 'user':

                        _user_db = User.query() \

                            .filter(User.active == True) \

                            .filter(User.username == k).one()

                    if t == 'users_group':

                        _user_db = UserGroup.query() \

                            .filter(UserGroup.users_group_active == True) \

                            .filter(UserGroup.users_group_name == k).one()

                except Exception as e:

                    log.warning('Error validating %s permission %s', t, k)

                    msg = self.message('perm_new_member_type', state)

                    raise formencode.Invalid(msg, value, state,

                        error_dict=dict(perm_new_member_name=msg)

                    )

            return value

    return _validator

                         'permission': perm}

            members.append(user_data)

        for user_group in repo.users_group_to_perm:

            perm = user_group.permission.permission_name

            user_group_obj = user_group.users_group

            user_group_data = {'name': user_group_obj.users_group_name,

                               'type': "user_group", 'permission': perm}

            members.append(user_group_data)

        for user in repo.followers:

            followers.append(user.user.get_api_data())

        ret['members'] = members

        ret['followers'] = followers

        expected = ret

        try:

            self._compare_ok(id_, expected, given=response.body)

        finally:

            RepoModel().revoke_user_permission(self.REPO, self.TEST_USER_LOGIN)

    def test_api_get_repo_by_non_admin_no_permission_to_repo(self):

        RepoModel().grant_user_permission(repo=self.REPO,

                                          perm='repository.none')

        try:

            RepoModel().grant_user_permission(repo=self.REPO,

                                              user=self.TEST_USER_LOGIN,

                                              perm='repository.none')

            id_, params = _build_data(self.apikey_regular, 'get_repo',

                                      repoid=self.REPO)

            response = api_call(self, params)

            expected = 'repository `%s` does not exist' % (self.REPO)

            self._compare_error(id_, expected, given=response.body)

        finally:

            RepoModel().grant_user_permission(repo=self.REPO,

                                              perm='repository.read')

    def test_api_get_repo_that_doesn_not_exist(self):

        id_, params = _build_data(self.apikey, 'get_repo',

                                  repoid='no-such-repo')

        response = api_call(self, params)

        ret = 'repository `%s` does not exist' % 'no-such-repo'

        expected = ret

        self._compare_error(id_, expected, given=response.body)

    def test_api_get_repos(self):

        id_, params = _build_data(self.apikey, 'get_repos')

        response = api_call(self, params)

        expected = jsonify([

            repo.get_api_data()

            for repo in Repository.query()

        ])

        self._compare_ok(id_, expected, given=response.body)

    def test_api_get_repos_non_admin(self):

        id_, params = _build_data(self.apikey_regular, 'get_repos')

        ret = {

            'msg': 'Created fork of `%s` as `%s`' % (self.REPO,

                                                     fork_name),

            'success': True,

            'task': None,

        }

        expected = ret

        self._compare_ok(id_, expected, given=response.body)

        fixture.destroy_repo(fork_name)

    def test_api_fork_repo_non_admin_specify_owner(self):

        fork_name = 'api-repo-fork'

        id_, params = _build_data(self.apikey_regular, 'fork_repo',

                                  repoid=self.REPO,

                                  fork_name=fork_name,

                                  owner=base.TEST_USER_ADMIN_LOGIN,

        )

        response = api_call(self, params)

        expected = 'Only Kallithea admin can specify `owner` param'

        self._compare_error(id_, expected, given=response.body)

        fixture.destroy_repo(fork_name)

    def test_api_fork_repo_non_admin_no_permission_to_fork(self):

        RepoModel().grant_user_permission(repo=self.REPO,

                                          perm='repository.none')

        try:

            fork_name = 'api-repo-fork'

            id_, params = _build_data(self.apikey_regular, 'fork_repo',

                                      repoid=self.REPO,

                                      fork_name=fork_name,

            )

            response = api_call(self, params)

            expected = 'repository `%s` does not exist' % (self.REPO)

            self._compare_error(id_, expected, given=response.body)

        finally:

            RepoModel().grant_user_permission(repo=self.REPO,

                                              perm='repository.read')

            fixture.destroy_repo(fork_name)

    @base.parametrize('name,perm', [

        ('read', 'repository.read'),

        ('write', 'repository.write'),

        ('admin', 'repository.admin'),

    ])

    def test_api_fork_repo_non_admin_no_create_repo_permission(self, name, perm):

        fork_name = 'api-repo-fork'

        # regardless of base repository permission, forking is disallowed

        # when repository creation is disabled

        RepoModel().grant_user_permission(repo=self.REPO,

                                          user=self.TEST_USER_LOGIN,

                                          perm=perm)

        UserModel().revoke_perm('default', 'hg.create.repository')

        UserModel().grant_perm('default', 'hg.create.none')

        id_, params = _build_data(self.apikey_regular, 'fork_repo',

                                  repoid=self.REPO,

                                  fork_name=fork_name,

        )

        response = api_call(self, params)

        expected = 'no permission to create repositories'

        self._compare_error(id_, expected, given=response.body)

        inherited_perms = UserRepoToPerm.query() \

            .filter(UserRepoToPerm.repository_id == new_repo_id).all()

        assert len(inherited_perms) == 1

        # test if the repository was created on filesystem

        try:

            vcs.get_repo(os.path.join(Ui.get_by_key('paths', '/').ui_value, repo_name_full))

        except vcs.exceptions.VCSError:

            RepoGroupModel().delete(group_name)

            Session().commit()

            pytest.fail('no repo %s in filesystem' % repo_name)

        RepoModel().delete(repo_name_full)

        RepoGroupModel().delete(group_name)

        Session().commit()

    def test_create_in_group_without_needed_permissions(self):

        usr = self.log_user(base.TEST_USER_REGULAR_LOGIN, base.TEST_USER_REGULAR_PASS)

        # avoid spurious RepoGroup DetachedInstanceError ...

        session_csrf_secret_token = self.session_csrf_secret_token()

        # revoke

        user_model = UserModel()

        # disable fork and create on default user

        # disable on regular user

        user_model.revoke_perm(base.TEST_USER_REGULAR_LOGIN, 'hg.create.repository')

        user_model.grant_perm(base.TEST_USER_REGULAR_LOGIN, 'hg.create.none')

        user_model.revoke_perm(base.TEST_USER_REGULAR_LOGIN, 'hg.fork.repository')

        user_model.grant_perm(base.TEST_USER_REGULAR_LOGIN, 'hg.fork.none')

        Session().commit()

        ## create GROUP

        group_name = 'reg_sometest_%s' % self.REPO_TYPE

        gr = RepoGroupModel().create(group_name=group_name,

                                     group_description='test',

                                     owner=base.TEST_USER_ADMIN_LOGIN)

        Session().commit()

        group_name_allowed = 'reg_sometest_allowed_%s' % self.REPO_TYPE

        gr_allowed = RepoGroupModel().create(group_name=group_name_allowed,

                                     group_description='test',

                                     owner=base.TEST_USER_REGULAR_LOGIN)

        Session().commit()

        repo_name = 'ingroup'

        repo_name_full = db.URL_SEP.join([group_name, repo_name])

        description = 'description for newly created repo'

        self.log_user()

        ## mark it as None

        response = self.app.post(base.url('edit_repo_advanced_fork', repo_name=self.REPO),

                                params=dict(id_fork_of=None, _session_csrf_secret_token=self.session_csrf_secret_token()))

        repo = Repository.get_by_repo_name(self.REPO)

        repo2 = Repository.get_by_repo_name(self.OTHER_TYPE_REPO)

        self.checkSessionFlash(response,

                               'Marked repository %s as fork of %s'

                               % (repo.repo_name, "Nothing"))

        assert repo.fork is None

    def test_set_fork_of_same_repo(self):

        self.log_user()

        repo = Repository.get_by_repo_name(self.REPO)

        response = self.app.post(base.url('edit_repo_advanced_fork', repo_name=self.REPO),

                                params=dict(id_fork_of=repo.repo_id, _session_csrf_secret_token=self.session_csrf_secret_token()))

        self.checkSessionFlash(response,

                               'An error occurred during this operation')

    def test_create_on_top_level_without_permissions(self):

        usr = self.log_user(base.TEST_USER_REGULAR_LOGIN, base.TEST_USER_REGULAR_PASS)

        # revoke

        user_model = UserModel()

        # disable fork and create on default user

        # disable on regular user

        user_model.revoke_perm(base.TEST_USER_REGULAR_LOGIN, 'hg.create.repository')

        user_model.grant_perm(base.TEST_USER_REGULAR_LOGIN, 'hg.create.none')

        user_model.revoke_perm(base.TEST_USER_REGULAR_LOGIN, 'hg.fork.repository')

        user_model.grant_perm(base.TEST_USER_REGULAR_LOGIN, 'hg.fork.none')

        Session().commit()

        user = User.get(usr['user_id'])

        repo_name = self.NEW_REPO + 'no_perms'

        description = 'description for newly created repo'

        response = self.app.post(base.url('repos'),

                        fixture._get_repo_create_params(repo_private=False,

                                                repo_name=repo_name,

                                                repo_type=self.REPO_TYPE,

                                                repo_description=description,

                                                _session_csrf_secret_token=self.session_csrf_secret_token()))

        response.mustcontain('<span class="error-message">Invalid value</span>')

        RepoModel().delete(repo_name)

        Session().commit()

from kallithea.lib.auth import AuthUser

from kallithea.model import db

from kallithea.model.db import Permission, User, UserGroupRepoGroupToPerm, UserToPerm

from kallithea.model.meta import Session

from kallithea.model.permission import PermissionModel

from kallithea.model.repo import RepoModel

from kallithea.model.repo_group import RepoGroupModel

from kallithea.model.user import UserModel

from kallithea.model.user_group import UserGroupModel

from kallithea.tests import base

from kallithea.tests.fixture import Fixture

fixture = Fixture()

class TestPermissions(base.TestController):

    @classmethod

    def setup_class(cls):

        # recreate default user to get a clean start

                                                     force=True)

        Session().commit()

    def setup_method(self, method):

        self.u1 = UserModel().create_or_update(

            username='u1', password='qweqwe',

            email='u1@example.com', firstname='u1', lastname='u1'

        )

        self.u2 = UserModel().create_or_update(

            username='u2', password='qweqwe',

            email='u2@example.com', firstname='u2', lastname='u2'

        )

        self.u3 = UserModel().create_or_update(

            username='u3', password='qweqwe',

            email='u3@example.com', firstname='u3', lastname='u3'

        )

        self.anon = User.get_default_user()

        self.a1 = UserModel().create_or_update(

            username='a1', password='qweqwe',

            email='a1@example.com', firstname='a1', lastname='a1', admin=True

        )

        Session().commit()

    def teardown_method(self, method):