@property

    def author(self):

        return self.tip.author

    @property

    def last_change(self):

        return self.scm_instance.last_change

    def get_comments(self, revisions=None):

        """

        Returns comments for this repository grouped by revisions

        :param revisions: filter query by revisions only

        """

        cmts = ChangesetComment.query() \

            .filter(ChangesetComment.repo == self)

        if revisions is not None:

            if not revisions:

                return [] # don't use sql 'in' on empty set

            cmts = cmts.filter(ChangesetComment.revision.in_(revisions))

        grouped = collections.defaultdict(list)

        for cmt in cmts.all():

            grouped[cmt.revision].append(cmt)

        return grouped

    def statuses(self, revisions):

        """

        Returns statuses for this repository.

        PRs without any votes do _not_ show up as unreviewed.

        :param revisions: list of revisions to get statuses for

        """

        if not revisions:

            return {}

        statuses = ChangesetStatus.query() \

            .filter(ChangesetStatus.repo == self) \

            .filter(ChangesetStatus.version == 0) \

            .filter(ChangesetStatus.revision.in_(revisions))

        grouped = {}

        for stat in statuses.all():

            pr_id = pr_nice_id = pr_repo = None

            if stat.pull_request:

                pr_id = stat.pull_request.pull_request_id

                pr_nice_id = PullRequest.make_nice_id(pr_id)

                pr_repo = stat.pull_request.other_repo.repo_name

            grouped[stat.revision] = [str(stat.status), stat.status_lbl,

                                      pr_id, pr_repo, pr_nice_id]

        return grouped

    def _repo_size(self):

        from kallithea.lib import helpers as h

        log.debug('calculating repository size...')

        return h.format_byte_size(self.scm_instance.size)

    #==========================================================================

    # SCM CACHE INSTANCE

    #==========================================================================

    def set_invalidate(self):

        """

        Mark caches of this repo as invalid.

        """

        CacheInvalidation.set_invalidate(self.repo_name)

    def scm_instance_no_cache(self):

        return self.__get_instance()

    @property

    def scm_instance(self):

        import kallithea

        full_cache = str2bool(kallithea.CONFIG.get('vcs_full_cache'))

        if full_cache:

            return self.scm_instance_cached()

        return self.__get_instance()

    def scm_instance_cached(self, valid_cache_keys=None):

        @cache_region('long_term')

        def _c(repo_name):

            return self.__get_instance()

        rn = self.repo_name

        valid = CacheInvalidation.test_and_set_valid(rn, None, valid_cache_keys=valid_cache_keys)

        if not valid:

            log.debug('Cache for %s invalidated, getting new object', rn)

            region_invalidate(_c, None, rn)

        else:

            log.debug('Getting scm_instance of %s from cache', rn)

        return _c(rn)

    def __get_instance(self):

        repo_full_path = self.repo_full_path

        alias = get_scm(safe_str(repo_full_path))[0]

        log.debug('Creating instance of %s repository from %s',

                  alias, repo_full_path)

        backend = get_backend(alias)

        if alias == 'hg':

            repo = backend(safe_str(repo_full_path), create=False,

                           baseui=self._ui)

        else:

            repo = backend(repo_full_path, create=False)

        return repo

    def __json__(self):

        return dict(landing_rev = self.landing_rev)

class RepoGroup(Base, BaseModel):

    __tablename__ = 'groups'

    __table_args__ = (

        UniqueConstraint('group_name', 'group_parent_id'),

        CheckConstraint('group_id != group_parent_id'),

        _table_args_default_dict,

    )

    __mapper_args__ = {'order_by': 'group_name'}

    SEP = ' » '

    group_id = Column(Integer(), nullable=False, unique=True, primary_key=True)

    group_name = Column(String(255, convert_unicode=False), nullable=False, unique=True, default=None)

    group_parent_id = Column(Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)

    group_description = Column(String(10000, convert_unicode=False), nullable=True, unique=None, default=None)

    enable_locking = Column(Boolean(), nullable=False, unique=None, default=False)

    user_id = Column(Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)

    created_on = Column(DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

    repo_group_to_perm = relationship('UserRepoGroupToPerm', cascade='all', order_by='UserRepoGroupToPerm.group_to_perm_id')

    users_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')

    parent_group = relationship('RepoGroup', remote_side=group_id)

    user = relationship('User')

    def __init__(self, group_name='', parent_group=None):

        self.group_name = group_name

        self.parent_group = parent_group

    def __unicode__(self):

        return u"<%s('id:%s:%s')>" % (self.__class__.__name__, self.group_id,

                                      self.group_name)

    @classmethod

    def _generate_choice(cls, repo_group):

        """Return tuple with group_id and name as html literal"""

        from webhelpers.html import literal

        if repo_group is None:

            return (-1, u'-- %s --' % _('top level'))

        return repo_group.group_id, literal(cls.SEP.join(repo_group.full_path_splitted))

    @classmethod

    def groups_choices(cls, groups):

        """Return tuples with group_id and name as html literal."""

        return sorted((cls._generate_choice(g) for g in groups),

                      key=lambda c: c[1].split(cls.SEP))

    @classmethod

    def url_sep(cls):

        return URL_SEP

    @classmethod

    def get_by_group_name(cls, group_name, cache=False, case_insensitive=False):

        if case_insensitive:

            gr = cls.query() \

                .filter(cls.group_name.ilike(group_name))

        else:

            gr = cls.query() \

                .filter(cls.group_name == group_name)

        if cache:

            gr = gr.options(FromCache(

                            "sql_cache_short",

                            "get_group_%s" % _hash_key(group_name)

                            )

            )

        return gr.scalar()

    @property

    def parents(self):

        parents_recursion_limit = 10

        groups = []

        if self.parent_group is None:

            return groups

        cur_gr = self.parent_group

        groups.insert(0, cur_gr)

        cnt = 0

        while 1:

            cnt += 1

            gr = getattr(cur_gr, 'parent_group', None)

            cur_gr = cur_gr.parent_group

            if gr is None:

                break

            if cnt == parents_recursion_limit:

                # this will prevent accidental infinite loops

                log.error(('more than %s parents found for group %s, stopping '

                           'recursive parent fetching' % (parents_recursion_limit, self)))

                break

            groups.insert(0, gr)

        return groups

    @property

    def children(self):

        return RepoGroup.query().filter(RepoGroup.parent_group == self)

    @property

    def name(self):

        return self.group_name.split(RepoGroup.url_sep())[-1]

    @property

    def full_path(self):

        return self.group_name

    @property

    def full_path_splitted(self):

        return self.group_name.split(RepoGroup.url_sep())

    @property

    def repositories(self):

        return Repository.query() \

                .filter(Repository.group == self) \

                .order_by(Repository.repo_name)

    @property

    def repositories_recursive_count(self):

        cnt = self.repositories.count()

        def children_count(group):

            cnt = 0

            for child in group.children:

                cnt += child.repositories.count()

                cnt += children_count(child)

            return cnt

        return cnt + children_count(self)

    def _recursive_objects(self, include_repos=True):

        all_ = []

        def _get_members(root_gr):

            if include_repos:

                for r in root_gr.repositories:

                    all_.append(r)

            childs = root_gr.children.all()

            if childs:

                for gr in childs:

                    all_.append(gr)

                    _get_members(gr)

        _get_members(self)

        return [self] + all_

    def recursive_groups_and_repos(self):

        """

        Recursive return all groups, with repositories in those groups

        """

        return self._recursive_objects()

    def recursive_groups(self):

        """

        Returns all children groups for this group including children of children

        """

        return self._recursive_objects(include_repos=False)

    def get_new_name(self, group_name):

        """

        returns new full group name based on parent and new name

        :param group_name:

        """

        path_prefix = (self.parent_group.full_path_splitted if

                       self.parent_group else [])

        return RepoGroup.url_sep().join(path_prefix + [group_name])

    def get_api_data(self):

        """

        Common function for generating api data

        """

        group = self

        data = dict(

            group_id=group.group_id,

            group_name=group.group_name,

            group_description=group.group_description,

            parent_group=group.parent_group.group_name if group.parent_group else None,

            repositories=[x.repo_name for x in group.repositories],

            owner=group.user.username

        )

        return data

class Permission(Base, BaseModel):

    __tablename__ = 'permissions'

    __table_args__ = (

        Index('p_perm_name_idx', 'permission_name'),

        _table_args_default_dict,

    )

    PERMS = [

        ('hg.admin', _('Kallithea Administrator')),

        ('repository.none', _('Default user has no access to new repositories')),

        ('repository.read', _('Default user has read access to new repositories')),

        ('repository.write', _('Default user has write access to new repositories')),

        ('repository.admin', _('Default user has admin access to new repositories')),

        ('group.none', _('Default user has no access to new repository groups')),

        ('group.read', _('Default user has read access to new repository groups')),

        ('group.write', _('Default user has write access to new repository groups')),

        ('group.admin', _('Default user has admin access to new repository groups')),

        ('usergroup.none', _('Default user has no access to new user groups')),

        ('usergroup.read', _('Default user has read access to new user groups')),

        ('usergroup.write', _('Default user has write access to new user groups')),

        ('usergroup.admin', _('Default user has admin access to new user groups')),

        ('hg.repogroup.create.false', _('Only admins can create repository groups')),

        ('hg.repogroup.create.true', _('Non-admins can create repository groups')),

        ('hg.usergroup.create.false', _('Only admins can create user groups')),

        ('hg.usergroup.create.true', _('Non-admins can create user groups')),

        ('hg.create.none', _('Only admins can create top level repositories')),

        ('hg.create.repository', _('Non-admins can create top level repositories')),

        ('hg.create.write_on_repogroup.true', _('Repository creation enabled with write permission to a repository group')),

        ('hg.create.write_on_repogroup.false', _('Repository creation disabled with write permission to a repository group')),

        ('hg.fork.none', _('Only admins can fork repositories')),

        ('hg.fork.repository', _('Non-admins can fork repositories')),

        ('hg.register.none', _('Registration disabled')),

        ('hg.register.manual_activate', _('User registration with manual account activation')),

        ('hg.register.auto_activate', _('User registration with automatic account activation')),

        ('hg.extern_activate.manual', _('Manual activation of external account')),

        ('hg.extern_activate.auto', _('Automatic activation of external account')),

    ]

    #definition of system default permissions for DEFAULT user

    DEFAULT_USER_PERMISSIONS = [

        'repository.read',

        'group.read',

        'usergroup.read',

        'hg.create.repository',

        'hg.create.write_on_repogroup.true',

        'hg.fork.repository',

        'hg.register.manual_activate',

        'hg.extern_activate.auto',

    ]

    # defines which permissions are more important higher the more important

    # Weight defines which permissions are more important.

    # The higher number the more important.

    PERM_WEIGHTS = {

        'repository.none': 0,

        'repository.read': 1,

        'repository.write': 3,

        'repository.admin': 4,

        'group.none': 0,

        'group.read': 1,

        'group.write': 3,

        'group.admin': 4,

        'usergroup.none': 0,

        'usergroup.read': 1,

        'usergroup.write': 3,

        'usergroup.admin': 4,

        'hg.repogroup.create.false': 0,

        'hg.repogroup.create.true': 1,

        'hg.usergroup.create.false': 0,

        'hg.usergroup.create.true': 1,

        'hg.fork.none': 0,

        'hg.fork.repository': 1,

        'hg.create.none': 0,

        'hg.create.repository': 1

    }

    permission_id = Column(Integer(), nullable=False, unique=True, primary_key=True)

    permission_name = Column(String(255, convert_unicode=False), nullable=True, unique=None, default=None)

    def __unicode__(self):

        return u"<%s('%s:%s')>" % (

            self.__class__.__name__, self.permission_id, self.permission_name

        )

    @classmethod

    def get_by_key(cls, key):

        return cls.query().filter(cls.permission_name == key).scalar()

    @classmethod

    def get_default_perms(cls, default_user_id):

        q = Session().query(UserRepoToPerm, Repository, cls) \

         .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id)) \

         .join((cls, UserRepoToPerm.permission_id == cls.permission_id)) \

         .filter(UserRepoToPerm.user_id == default_user_id)

        return q.all()

    @classmethod

    def get_default_group_perms(cls, default_user_id):

        q = Session().query(UserRepoGroupToPerm, RepoGroup, cls) \

         .join((RepoGroup, UserRepoGroupToPerm.group_id == RepoGroup.group_id)) \

         .join((cls, UserRepoGroupToPerm.permission_id == cls.permission_id)) \

         .filter(UserRepoGroupToPerm.user_id == default_user_id)

        return q.all()

    @classmethod

    def get_default_user_group_perms(cls, default_user_id):

        q = Session().query(UserUserGroupToPerm, UserGroup, cls) \

         .join((UserGroup, UserUserGroupToPerm.user_group_id == UserGroup.users_group_id)) \

         .join((cls, UserUserGroupToPerm.permission_id == cls.permission_id)) \

         .filter(UserUserGroupToPerm.user_id == default_user_id)

        return q.all()

class UserRepoToPerm(Base, BaseModel):

    __tablename__ = 'repo_to_perm'

    __table_args__ = (

        UniqueConstraint('user_id', 'repository_id', 'permission_id'),

        _table_args_default_dict,

    )

    repo_to_perm_id = Column(Integer(), nullable=False, unique=True, primary_key=True)

    user_id = Column(Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)

    permission_id = Column(Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

    repository_id = Column(Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)

    user = relationship('User')

    repository = relationship('Repository')

    permission = relationship('Permission')

    @classmethod

    def create(cls, user, repository, permission):

        n = cls()

        n.user = user

        n.repository = repository

        n.permission = permission

        Session().add(n)

        return n

    def __unicode__(self):

        return u'<%s => %s >' % (self.user, self.repository)

class UserUserGroupToPerm(Base, BaseModel):

    __tablename__ = 'user_user_group_to_perm'

    __table_args__ = (

        UniqueConstraint('user_id', 'user_group_id', 'permission_id'),

        _table_args_default_dict,

    )

    user_user_group_to_perm_id = Column(Integer(), nullable=False, unique=True, primary_key=True)

    user_id = Column(Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)

    permission_id = Column(Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

    user_group_id = Column(Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)

    user = relationship('User')

    user_group = relationship('UserGroup')

    permission = relationship('Permission')

    @classmethod

    def create(cls, user, user_group, permission):

        n = cls()

        n.user = user

        n.user_group = user_group

        n.permission = permission

        Session().add(n)

        return n

    def __unicode__(self):

        return u'<%s => %s >' % (self.user, self.user_group)

class UserToPerm(Base, BaseModel):

    __tablename__ = 'user_to_perm'

    __table_args__ = (

        UniqueConstraint('user_id', 'permission_id'),

        _table_args_default_dict,

    )

    user_to_perm_id = Column(Integer(), nullable=False, unique=True, primary_key=True)

    user_id = Column(Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)

    permission_id = Column(Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

    user = relationship('User')

    permission = relationship('Permission')

    def __unicode__(self):

        return u'<%s => %s >' % (self.user, self.permission)

class UserGroupRepoToPerm(Base, BaseModel):

    __tablename__ = 'users_group_repo_to_perm'

    __table_args__ = (

        UniqueConstraint('repository_id', 'users_group_id', 'permission_id'),

        _table_args_default_dict,

    )

    users_group_to_perm_id = Column(Integer(), nullable=False, unique=True, primary_key=True)

    users_group_id = Column(Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)

    permission_id = Column(Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

    repository_id = Column(Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)

    users_group = relationship('UserGroup')

    permission = relationship('Permission')

    repository = relationship('Repository')

    @classmethod

    def create(cls, users_group, repository, permission):

        n = cls()

        n.users_group = users_group

        n.repository = repository

        n.permission = permission

        Session().add(n)

        return n

    def __unicode__(self):

        return u'<UserGroupRepoToPerm:%s => %s >' % (self.users_group, self.repository)

class UserGroupUserGroupToPerm(Base, BaseModel):

    __tablename__ = 'user_group_user_group_to_perm'

    __table_args__ = (

        UniqueConstraint('target_user_group_id', 'user_group_id', 'permission_id'),

        CheckConstraint('target_user_group_id != user_group_id'),

        _table_args_default_dict,

    )

    user_group_user_group_to_perm_id = Column(Integer(), nullable=False, unique=True, primary_key=True)

    target_user_group_id = Column(Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)

    permission_id = Column(Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

    user_group_id = Column(Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)

    target_user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id')

    user_group = relationship('UserGroup', primaryjoin='UserGroupUserGroupToPerm.user_group_id==UserGroup.users_group_id')

    permission = relationship('Permission')

    @classmethod

    def create(cls, target_user_group, user_group, permission):

        n = cls()

        n.target_user_group = target_user_group

        n.user_group = user_group

        n.permission = permission

        Session().add(n)

        return n

    def __unicode__(self):

        return u'<UserGroupUserGroup:%s => %s >' % (self.target_user_group, self.user_group)

class UserGroupToPerm(Base, BaseModel):

    __tablename__ = 'users_group_to_perm'

    __table_args__ = (

        UniqueConstraint('users_group_id', 'permission_id',),

        _table_args_default_dict,

    )

    users_group_to_perm_id = Column(Integer(), nullable=False, unique=True, primary_key=True)

    users_group_id = Column(Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)

    permission_id = Column(Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

    users_group = relationship('UserGroup')

    permission = relationship('Permission')

class UserRepoGroupToPerm(Base, BaseModel):

    __tablename__ = 'user_repo_group_to_perm'

    __table_args__ = (

        UniqueConstraint('user_id', 'group_id', 'permission_id'),

        _table_args_default_dict,

    )

    group_to_perm_id = Column(Integer(), nullable=False, unique=True, primary_key=True)

    user_id = Column(Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)

    group_id = Column(Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)

    permission_id = Column(Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

    user = relationship('User')

    group = relationship('RepoGroup')

    permission = relationship('Permission')

    @classmethod

    def create(cls, user, repository_group, permission):

        n = cls()

        n.user = user

        n.group = repository_group

        n.permission = permission

        Session().add(n)

        return n

class UserGroupRepoGroupToPerm(Base, BaseModel):

    __tablename__ = 'users_group_repo_group_to_perm'

    __table_args__ = (

        UniqueConstraint('users_group_id', 'group_id'),

        _table_args_default_dict,

    )

    users_group_repo_group_to_perm_id = Column(Integer(), nullable=False, unique=True, primary_key=True)

    users_group_id = Column(Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)

    group_id = Column(Integer(), ForeignKey('groups.group_id'), nullable=False, unique=None, default=None)

    permission_id = Column(Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

    users_group = relationship('UserGroup')

    permission = relationship('Permission')

    group = relationship('RepoGroup')

    @classmethod

    def create(cls, user_group, repository_group, permission):

        n = cls()

        n.users_group = user_group

        n.group = repository_group

        n.permission = permission

        Session().add(n)

        return n

class Statistics(Base, BaseModel):

    __tablename__ = 'statistics'

    __table_args__ = (

         _table_args_default_dict,

    )

    stat_id = Column(Integer(), nullable=False, unique=True, primary_key=True)

    repository_id = Column(Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=True, default=None)

    stat_on_revision = Column(Integer(), nullable=False)

    commit_activity = Column(LargeBinary(1000000), nullable=False)#JSON data

    commit_activity_combined = Column(LargeBinary(), nullable=False)#JSON data

    languages = Column(LargeBinary(1000000), nullable=False)#JSON data

    repository = relationship('Repository', single_parent=True)

class UserFollowing(Base, BaseModel):

    __tablename__ = 'user_followings'

    __table_args__ = (

        UniqueConstraint('user_id', 'follows_repository_id'),

        UniqueConstraint('user_id', 'follows_user_id'),

        _table_args_default_dict,

    )

    user_following_id = Column(Integer(), nullable=False, unique=True, primary_key=True)

    user_id = Column(Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)

    follows_repo_id = Column("follows_repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=None, default=None)

    follows_user_id = Column(Integer(), ForeignKey('users.user_id'), nullable=True, unique=None, default=None)

    follows_from = Column(DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)

    user = relationship('User', primaryjoin='User.user_id==UserFollowing.user_id')

    follows_user = relationship('User', primaryjoin='User.user_id==UserFollowing.follows_user_id')

    follows_repository = relationship('Repository', order_by='Repository.repo_name')

    @classmethod

    def get_repo_followers(cls, repo_id):

        return cls.query().filter(cls.follows_repo_id == repo_id)

class CacheInvalidation(Base, BaseModel):

    __tablename__ = 'cache_invalidation'

    __table_args__ = (

        UniqueConstraint('cache_key'),

        Index('key_idx', 'cache_key'),

        _table_args_default_dict,

    )

    # cache_id, not used

    cache_id = Column(Integer(), nullable=False, unique=True, primary_key=True)

    # cache_key as created by _get_cache_key

    cache_key = Column(String(255, convert_unicode=False))

    # cache_args is a repo_name

    cache_args = Column(String(255, convert_unicode=False))

    # instance sets cache_active True when it is caching, other instances set

    # cache_active to False to indicate that this cache is invalid

    cache_active = Column(Boolean(), nullable=True, unique=None, default=False)

    def __init__(self, cache_key, repo_name=''):

        self.cache_key = cache_key

        self.cache_args = repo_name

        self.cache_active = False

    def __unicode__(self):

        return u"<%s('%s:%s[%s]')>" % (

            self.__class__.__name__,

            self.cache_id, self.cache_key, self.cache_active)

    def _cache_key_partition(self):

        prefix, repo_name, suffix = self.cache_key.partition(self.cache_args)

        return prefix, repo_name, suffix

    def get_prefix(self):

        """

        get prefix that might have been used in _get_cache_key to

        generate self.cache_key. Only used for informational purposes

        in repo_edit.html.

        """

        # prefix, repo_name, suffix

        return self._cache_key_partition()[0]

    def get_suffix(self):

        """

        get suffix that might have been used in _get_cache_key to

        generate self.cache_key. Only used for informational purposes

        in repo_edit.html.

        """

        # prefix, repo_name, suffix

        return self._cache_key_partition()[2]

    @classmethod

    def clear_cache(cls):

        """

        Delete all cache keys from database.

        Should only be run when all instances are down and all entries thus stale.

        """

        cls.query().delete()

        Session().commit()

    @classmethod

    def _get_cache_key(cls, key):

        """

        Wrapper for generating a unique cache key for this instance and "key".

        key must / will start with a repo_name which will be stored in .cache_args .

        """

        import kallithea

        prefix = kallithea.CONFIG.get('instance_id', '')

        return "%s%s" % (prefix, key)

    @classmethod

    def set_invalidate(cls, repo_name):

        """

        Mark all caches of a repo as invalid in the database.

        """

        inv_objs = Session().query(cls).filter(cls.cache_args == repo_name).all()

        log.debug('for repo %s got %s invalidation objects',

                  safe_str(repo_name), inv_objs)

        for inv_obj in inv_objs:

            log.debug('marking %s key for invalidation based on repo_name=%s',

                      inv_obj, safe_str(repo_name))

            Session().delete(inv_obj)

        Session().commit()

    @classmethod

    def test_and_set_valid(cls, repo_name, kind, valid_cache_keys=None):

        """

        Mark this cache key as active and currently cached.

        Return True if the existing cache registration still was valid.

        Return False to indicate that it had been invalidated and caches should be refreshed.

        """

        key = (repo_name + '_' + kind) if kind else repo_name

        cache_key = cls._get_cache_key(key)

        if valid_cache_keys and cache_key in valid_cache_keys:

            return True

        inv_obj = cls.query().filter(cls.cache_key == cache_key).scalar()

        if inv_obj is None:

            inv_obj = CacheInvalidation(cache_key, repo_name)

        elif inv_obj.cache_active:

            return True

        inv_obj.cache_active = True

# -*- coding: utf-8 -*-

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

kallithea.model.permission

~~~~~~~~~~~~~~~~~~~~~~~~~~

permissions model for Kallithea

This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: Aug 20, 2010

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

import logging

import traceback

from sqlalchemy.exc import DatabaseError

from kallithea.model import BaseModel

from kallithea.model.db import User, Permission, UserToPerm, UserRepoToPerm, \

    UserRepoGroupToPerm, UserUserGroupToPerm

from kallithea.lib.utils2 import str2bool

log = logging.getLogger(__name__)

class PermissionModel(BaseModel):

    """

    Permissions model for Kallithea

    """

    cls = Permission

    def create_permissions(self):

        """

        Create permissions for whole system

        """

        for p in Permission.PERMS:

            if not Permission.get_by_key(p[0]):

                new_perm = Permission()

                new_perm.permission_name = p[0]

                self.sa.add(new_perm)

    def create_default_permissions(self, user, force=False):

        """

        Create missing default permissions for user. If force is set, the default

        permissions for the user are reset, otherwise only missing permissions are

        created.

        :param user:

        """

        user = self._get_user(user)

        def _make_perm(perm):

            new_perm = UserToPerm()

            new_perm.user = user

            new_perm.permission = Permission.get_by_key(perm)

            return new_perm

        def _get_group(perm_name):

            return '.'.join(perm_name.split('.')[:1])

        perms = UserToPerm.query().filter(UserToPerm.user == user).all()

        defined_perms_groups = map(_get_group,

                                (x.permission.permission_name for x in perms))

        log.debug('GOT ALREADY DEFINED:%s', perms)

        DEFAULT_PERMS = Permission.DEFAULT_USER_PERMISSIONS

        if force:

            for perm in perms:

                self.sa.delete(perm)

            self.sa.commit()

            defined_perms_groups = []

        # For every default permission that needs to be created, we check if

        # its group is already defined. If it's not, we create default permission.

        for perm_name in DEFAULT_PERMS:

            gr = _get_group(perm_name)

            if gr not in defined_perms_groups:

                log.debug('GR:%s not found, creating permission %s',

                          gr, perm_name)

                new_perm = _make_perm(perm_name)

                self.sa.add(new_perm)

    def update(self, form_result):

        perm_user = User.get_by_username(username=form_result['perm_user_name'])

        try:

            # stage 1 set anonymous access