_path = defaults.get('repos_location')

        if retries == 3:

            log.info('Setting up repositories config')

        if _path is not None:

            path = _path

        elif not self.tests and not test_repo_path:

            path = raw_input(

                 'Enter a valid absolute path to store repositories. '

                 'All repositories in that path will be added automatically:'

            )

        else:

            path = test_repo_path

        path_ok = True

        # check proper dir

        if not os.path.isdir(path):

            path_ok = False

            log.error('Given path %s is not a valid directory', path)

        elif not os.path.isabs(path):

            path_ok = False

            log.error('Given path %s is not an absolute path', path)

        # check if path is at least readable.

        if not os.access(path, os.R_OK):

            path_ok = False

            log.error('Given path %s is not readable', path)

        # check write access, warn user about non writeable paths

        elif not os.access(path, os.W_OK) and path_ok:

            log.warning('No write permission to given path %s', path)

            if not ask_ok('Given path %s is not writeable, do you want to '

                          'continue with read only mode ? [y/n]' % (path,)):

                log.error('Canceled by user')

                sys.exit(-1)

        if retries == 0:

            sys.exit('max retries reached')

        if not path_ok:

            retries -= 1

            return self.config_prompt(test_repo_path, retries)

        real_path = os.path.normpath(os.path.realpath(path))

        if real_path != os.path.normpath(path):

            log.warning('Using normalized path %s instead of %s', real_path, path)

        return real_path

    def create_settings(self, path):

        self.create_ui_settings(path)

        ui_config = [

            ('web', 'push_ssl', 'false'),

            ('web', 'allow_archive', 'gz zip bz2'),

            ('web', 'allow_push', '*'),

            ('web', 'baseurl', '/'),

            ('paths', '/', path),

            #('phases', 'publish', 'false')

        ]

        for section, key, value in ui_config:

            ui_conf = Ui()

            setattr(ui_conf, 'ui_section', section)

            setattr(ui_conf, 'ui_key', key)

            setattr(ui_conf, 'ui_value', value)

            self.sa.add(ui_conf)

        settings = [

            ('realm', 'Kallithea', 'unicode'),

            ('title', '', 'unicode'),

            ('ga_code', '', 'unicode'),

            ('show_public_icon', True, 'bool'),

            ('show_private_icon', True, 'bool'),

            ('stylify_metatags', False, 'bool'),

            ('dashboard_items', 100, 'int'),

            ('admin_grid_items', 25, 'int'),

            ('show_version', True, 'bool'),

            ('use_gravatar', True, 'bool'),

            ('gravatar_url', User.DEFAULT_GRAVATAR_URL, 'unicode'),

            ('clone_uri_tmpl', Repository.DEFAULT_CLONE_URI, 'unicode'),

            ('update_url', Setting.DEFAULT_UPDATE_URL, 'unicode'),

        ]

        for key, val, type_ in settings:

            sett = Setting(key, val, type_)

            self.sa.add(sett)

        self.create_auth_plugin_options()

        self.create_default_options()

        log.info('created ui config')

    def create_user(self, username, password, email='', admin=False):

        log.info('creating user %s', username)

        UserModel().create_or_update(username, password, email,

                                     active=True, admin=admin,

                                     extern_type=EXTERN_TYPE_INTERNAL)

    def create_default_user(self):

        log.info('creating default user')

        # create default user for handling default permissions.

        user = UserModel().create_or_update(username=User.DEFAULT_USER,

                                            password=str(uuid.uuid1())[:20],

                                            email='anonymous@kallithea-scm.org',

        # based on configuration options activate/deactivate this user which

        # controls anonymous access

        if self.cli_args.get('public_access') is False:

            log.info('Public access disabled')

            user.active = False

            Session().add(user)

            Session().commit()

    def create_permissions(self):

        """

        Creates all permissions defined in the system

        """

        # module.(access|create|change|delete)_[name]

        # module.(none|read|write|admin)

        log.info('creating permissions')

        PermissionModel(self.sa).create_permissions()

    def populate_default_permissions(self):

        """

        Populate default permissions. It will create only the default

        permissions that are missing, and not alter already defined ones

        """

        log.info('creating default user permissions')

        PermissionModel(self.sa).create_default_permissions(user=User.DEFAULT_USER)

    @staticmethod

    def check_waitress():

        """

        Function executed at the end of setup

        """

        if not __py_version__ >= (2, 6):

            notify('Python2.5 detected, please switch '

                   'egg:waitress#main -> egg:Paste#http '

                   'in your .ini file')

    slug = strip_tags(slug)

    for c in """`?=[]\;'"<>,/~!@#$%^&*()+{}|: """:

        slug = slug.replace(c, '-')

    slug = recursive_replace(slug, '-')

    slug = collapse(slug, '-')

    return slug

#==============================================================================

# PERM DECORATOR HELPERS FOR EXTRACTING NAMES FOR PERM CHECKS

#==============================================================================

def get_repo_slug(request):

    _repo = request.environ['pylons.routes_dict'].get('repo_name')

    if _repo:

        _repo = _repo.rstrip('/')

    return _repo

def get_repo_group_slug(request):

    _group = request.environ['pylons.routes_dict'].get('group_name')

    if _group:

        _group = _group.rstrip('/')

    return _group

def get_user_group_slug(request):

    _group = request.environ['pylons.routes_dict'].get('id')

    _group = UserGroup.get(_group)

    if _group:

        return _group.users_group_name

    return None

def _extract_id_from_repo_name(repo_name):

    if repo_name.startswith('/'):

        repo_name = repo_name.lstrip('/')

    by_id_match = re.match(r'^_(\d{1,})', repo_name)

    if by_id_match:

        return by_id_match.groups()[0]

def get_repo_by_id(repo_name):

    """

    Extracts repo_name by id from special urls. Example url is _11/repo_name

    :param repo_name:

    :return: repo_name if matched else None

    """

    _repo_id = _extract_id_from_repo_name(repo_name)

    if _repo_id:

        from kallithea.model.db import Repository

        repo = Repository.get(_repo_id)

        if repo:

            # TODO: return repo instead of reponame? or would that be a layering violation?

            return repo.repo_name

    return None

def action_logger(user, action, repo, ipaddr='', sa=None, commit=False):

    """

    Action logger for various actions made by users

    :param user: user that made this action, can be a unique username string or

        object containing user_id attribute

    :param action: action to log, should be on of predefined unique actions for

        easy translations

    :param repo: string name of repository or object containing repo_id,

        that action was made on

    :param ipaddr: optional IP address from what the action was made

    :param sa: optional sqlalchemy session

    """

    if not sa:

        sa = meta.Session()

    # if we don't get explicit IP address try to get one from registered user

    # in tmpl context var

    if not ipaddr:

        ipaddr = getattr(get_current_authuser(), 'ip_addr', '')

    if getattr(user, 'user_id', None):

        user_obj = User.get(user.user_id)

    elif isinstance(user, basestring):

        user_obj = User.get_by_username(user)

    else:

        raise Exception('You have to provide a user object or a username')

    if getattr(repo, 'repo_id', None):

        repo_obj = Repository.get(repo.repo_id)

        repo_name = repo_obj.repo_name

    elif isinstance(repo, basestring):

        repo_name = repo.lstrip('/')

        repo_obj = Repository.get_by_repo_name(repo_name)

    else:

        repo_obj = None

    user_log = UserLog()

    user_log.user_id = user_obj.user_id

    user_log.username = user_obj.username

    user_log.action = safe_unicode(action)

    user_log.repository = repo_obj

    user_log.repository_name = repo_name

    user_log.action_date = datetime.datetime.now()

    user_log.user_ip = ipaddr

    sa.add(user_log)

    log.info('Logging action:%s on %s by user:%s ip:%s',

             action, safe_unicode(repo), user_obj, ipaddr)

    if commit:

        sa.commit()

def get_filesystem_repos(path, recursive=False, skip_removed_repos=True):

    """

    Scans given path for repos and return (name,(type,path)) tuple

    :param path: path to scan for repositories

    :param recursive: recursive search and return names with subdirs in front

    """

    # remove ending slash for better results

    path = path.rstrip(os.sep)

    log.debug('now scanning in %s location recursive:%s...', path, recursive)

    def _get_repos(p):

        if not os.access(p, os.R_OK) or not os.access(p, os.X_OK):

            log.warning('ignoring repo path without access: %s', p)

            return

        if not os.access(p, os.W_OK):

            log.warning('repo path without write access: %s', p)

        for dirpath in os.listdir(p):

            if os.path.isfile(os.path.join(p, dirpath)):

                continue

            cur_path = os.path.join(p, dirpath)

            # skip removed repos

            if skip_removed_repos and REMOVED_REPO_PAT.match(dirpath):

                continue

            #skip .<somethin> dirs

            if dirpath.startswith('.'):

                continue

            try:

                scm_info = get_scm(cur_path)

                yield scm_info[1].split(path, 1)[-1].lstrip(os.sep), scm_info

            except VCSError:

                if not recursive:

                    continue

                #check if this dir containts other repos for recursive scan

                rec_path = os.path.join(p, dirpath)

                if not os.path.islink(rec_path) and os.path.isdir(rec_path):

                    for inner_scm in _get_repos(rec_path):

                        yield inner_scm

    return _get_repos(path)

def is_valid_repo(repo_name, base_path, scm=None):

    """

    Returns True if given path is a valid repository False otherwise.

    If scm param is given also compare if given scm is the same as expected

    from scm parameter

    :param repo_name:

    :param base_path:

    :param scm:

    :return True: if given path is a valid repository

    """

    full_path = os.path.join(safe_str(base_path), safe_str(repo_name))

    try:

        scm_ = get_scm(full_path)

        if scm:

            return scm_[0] == scm

        return True

    except VCSError:

        return False

def is_valid_repo_group(repo_group_name, base_path, skip_path_check=False):

    """

    Returns True if given path is a repository group False otherwise

    :param repo_name:

    :param base_path:

    """

    full_path = os.path.join(safe_str(base_path), safe_str(repo_group_name))

                log.debug('settings ui from file: [%s] %s=%s', section, k, v)

                baseui.setconfig(safe_str(section), safe_str(k), safe_str(v))

    elif read_from == 'db':

        sa = meta.Session()

        ret = sa.query(Ui).all()

        hg_ui = ret

        for ui_ in hg_ui:

            if ui_.ui_active:

                ui_val = safe_str(ui_.ui_value)

                if ui_.ui_section == 'hooks' and BRAND != 'kallithea' and ui_val.startswith('python:' + BRAND + '.lib.hooks.'):

                    ui_val = ui_val.replace('python:' + BRAND + '.lib.hooks.', 'python:kallithea.lib.hooks.')

                log.debug('settings ui from db: [%s] %s=%s', ui_.ui_section,

                          ui_.ui_key, ui_val)

                baseui.setconfig(safe_str(ui_.ui_section), safe_str(ui_.ui_key),

                                 ui_val)

            if ui_.ui_key == 'push_ssl':

                # force set push_ssl requirement to False, kallithea

                # handles that

                baseui.setconfig(safe_str(ui_.ui_section), safe_str(ui_.ui_key),

                                 False)

        if clear_session:

            meta.Session.remove()

        # prevent interactive questions for ssh password / passphrase

        ssh = baseui.config('ui', 'ssh', default='ssh')

        baseui.setconfig('ui', 'ssh', '%s -oBatchMode=yes -oIdentitiesOnly=yes' % ssh)

    return baseui

def set_app_settings(config):

    """

    Updates pylons config with new settings from database

    :param config:

    """

    hgsettings = Setting.get_app_settings()

    for k, v in hgsettings.items():

        config[k] = v

def set_vcs_config(config):

    """

    Patch VCS config with some Kallithea specific stuff

    :param config: kallithea.CONFIG

    """

    from kallithea.lib.vcs import conf

    from kallithea.lib.utils2 import aslist

    conf.settings.BACKENDS = {

        'hg': 'kallithea.lib.vcs.backends.hg.MercurialRepository',

        'git': 'kallithea.lib.vcs.backends.git.GitRepository',

    }

    conf.settings.GIT_EXECUTABLE_PATH = config.get('git_path', 'git')

    conf.settings.GIT_REV_FILTER = config.get('git_rev_filter', '--all').strip()

    conf.settings.DEFAULT_ENCODINGS = aslist(config.get('default_encoding',

                                                        'utf8'), sep=',')

def set_indexer_config(config):

    """

    Update Whoosh index mapping

    :param config: kallithea.CONFIG

    """

    from kallithea.config import conf

    log.debug('adding extra into INDEX_EXTENSIONS')

    conf.INDEX_EXTENSIONS.extend(re.split('\s+', config.get('index.extensions', '')))

    log.debug('adding extra into INDEX_FILENAMES')

    conf.INDEX_FILENAMES.extend(re.split('\s+', config.get('index.filenames', '')))

def map_groups(path):

    """

    Given a full path to a repository, create all nested groups that this

    repo is inside. This function creates parent-child relationships between

    groups and creates default perms for all new groups.

    :param paths: full path to repository

    """

    sa = meta.Session()

    groups = path.split(Repository.url_sep())

    parent = None

    group = None

    # last element is repo in nested groups structure

    groups = groups[:-1]

    rgm = RepoGroupModel(sa)

    owner = User.get_first_admin()

    for lvl, group_name in enumerate(groups):

        group = RepoGroup.get_by_group_name(group_name)

        desc = '%s group' % group_name

        # skip folders that are now removed repos

        if REMOVED_REPO_PAT.match(group_name):

            break

        if group is None:

            log.debug('creating group level: %s group_name: %s',

                      lvl, group_name)

            group = RepoGroup(group_name, parent)

            group.group_description = desc

            group.user = owner

            sa.add(group)

            perm_obj = rgm._create_default_perms(group)

            sa.add(perm_obj)

            sa.flush()

        parent = group

    return group

def repo2db_mapper(initial_repo_list, remove_obsolete=False,

                   install_git_hooks=False, user=None, overwrite_git_hooks=False):

    """

    maps all repos given in initial_repo_list, non existing repositories

    are created, if remove_obsolete is True it also check for db entries

    that are not in initial_repo_list and removes them.

    :param initial_repo_list: list of repositories found by scanning methods

    :param remove_obsolete: check for obsolete entries in database

    :param install_git_hooks: if this is True, also check and install git hook

        for a repo if missing

    :param overwrite_git_hooks: if this is True, overwrite any existing git hooks

        that may be encountered (even if user-deployed)

    """

    from kallithea.model.repo import RepoModel

    from kallithea.model.scm import ScmModel

    sa = meta.Session()

    repo_model = RepoModel()

    if user is None:

        user = User.get_first_admin()

    added = []

    ##creation defaults

    defs = Setting.get_default_repo_settings(strip_prefix=True)

    enable_statistics = defs.get('repo_enable_statistics')

    enable_locking = defs.get('repo_enable_locking')

    enable_downloads = defs.get('repo_enable_downloads')

    private = defs.get('repo_private')

    for name, repo in initial_repo_list.items():

        group = map_groups(name)

        unicode_name = safe_unicode(name)

        db_repo = repo_model.get_by_repo_name(unicode_name)

        # found repo that is on filesystem not in Kallithea database

        if not db_repo:

            log.info('repository %s not found, creating now', name)

            added.append(name)

            desc = (repo.description

                    if repo.description != 'unknown'

                    else '%s repository' % name)

            new_repo = repo_model._create_repo(

                repo_name=name,

                repo_type=repo.alias,

                description=desc,

                repo_group=getattr(group, 'group_id', None),

                owner=user,

                enable_locking=enable_locking,

                enable_downloads=enable_downloads,

                enable_statistics=enable_statistics,

                private=private,

                state=Repository.STATE_CREATED

            )

            sa.commit()

            # we added that repo just now, and make sure it has githook

            # installed, and updated server info

            if new_repo.repo_type == 'git':

                git_repo = new_repo.scm_instance

                ScmModel().install_git_hooks(git_repo)

                # update repository server-info

                log.debug('Running update server info')

                git_repo._update_server_info()

            new_repo.update_changeset_cache()

        elif install_git_hooks:

            if db_repo.repo_type == 'git':

                ScmModel().install_git_hooks(db_repo.scm_instance, force_create=overwrite_git_hooks)

    removed = []

    # remove from database those repositories that are not in the filesystem

    for repo in sa.query(Repository).all():

        if repo.repo_name not in initial_repo_list.keys():

            if remove_obsolete:

                log.debug("Removing non-existing repository found in db `%s`",

                          repo.repo_name)

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

kallithea.model.user

~~~~~~~~~~~~~~~~~~~~

users model for Kallithea

This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: Apr 9, 2010

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

import hashlib

import hmac

import logging

import time

import traceback

from pylons import config

from pylons.i18n.translation import _

from sqlalchemy.exc import DatabaseError

from kallithea import EXTERN_TYPE_INTERNAL

from kallithea.lib.utils2 import safe_str, generate_api_key, get_current_authuser

from kallithea.lib.caching_query import FromCache

from kallithea.model import BaseModel

from kallithea.model.db import User, UserToPerm, Notification, \

    UserEmailMap, UserIpMap

from kallithea.lib.exceptions import DefaultUserException, \

    UserOwnsReposException

from kallithea.model.meta import Session

log = logging.getLogger(__name__)

class UserModel(BaseModel):

    password_reset_token_lifetime = 86400 # 24 hours

    cls = User

    def get(self, user_id, cache=False):

        user = self.sa.query(User)

        if cache:

            user = user.options(FromCache("sql_cache_short",

                                          "get_user_%s" % user_id))

        return user.get(user_id)

    def get_user(self, user):

        return self._get_user(user)

    def create(self, form_data, cur_user=None):

        if not cur_user:

            cur_user = getattr(get_current_authuser(), 'username', None)

        from kallithea.lib.hooks import log_create_user, \

            check_allowed_create_user

        _fd = form_data

        user_data = {

            'username': _fd['username'],

            'password': _fd['password'],

            'email': _fd['email'],

            'firstname': _fd['firstname'],

            'lastname': _fd['lastname'],

            'active': _fd['active'],

            'admin': False

        }

        # raises UserCreationError if it's not allowed

        check_allowed_create_user(user_data, cur_user)

        from kallithea.lib.auth import get_crypt_password

        new_user = User()

        for k, v in form_data.items():

            if k == 'password':

                v = get_crypt_password(v)

            if k == 'firstname':

                k = 'name'

            setattr(new_user, k, v)

        new_user.api_key = generate_api_key()

        self.sa.add(new_user)

        log_create_user(new_user.get_dict(), cur_user)

        return new_user

                         extern_type=None, extern_name=None, cur_user=None):

        """

        Creates a new instance if not found, or updates current one

        :param username:

        :param password:

        :param email:

        :param active:

        :param firstname:

        :param lastname:

        :param active:

        :param admin:

        :param extern_name:

        :param extern_type:

        :param cur_user:

        """

        if not cur_user:

            cur_user = getattr(get_current_authuser(), 'username', None)

        from kallithea.lib.auth import get_crypt_password, check_password

        from kallithea.lib.hooks import log_create_user, \

            check_allowed_create_user

        user_data = {

            'username': username, 'password': password,

            'email': email, 'firstname': firstname, 'lastname': lastname,

            'active': active, 'admin': admin

        }

        # raises UserCreationError if it's not allowed

        check_allowed_create_user(user_data, cur_user)

        log.debug('Checking for %s account in Kallithea database', username)

        user = User.get_by_username(username, case_insensitive=True)

        if user is None:

            log.debug('creating new user %s', username)

            new_user = User()

            edit = False

        else:

            log.debug('updating user %s', username)

            new_user = user

            edit = True

        try:

            new_user.username = username

            new_user.admin = admin

            new_user.email = email

            new_user.active = active

            new_user.extern_name = safe_str(extern_name) \

                if extern_name else None

            new_user.extern_type = safe_str(extern_type) \

                if extern_type else None

            new_user.name = firstname

            new_user.lastname = lastname

            if not edit:

                new_user.api_key = generate_api_key()

            # set password only if creating an user or password is changed

            password_change = new_user.password and \

                not check_password(password, new_user.password)

            if not edit or password_change:

                reason = 'new password' if edit else 'new user'

                log.debug('Updating password reason=>%s', reason)

                new_user.password = get_crypt_password(password) \

                    if password else None

            self.sa.add(new_user)

            if not edit:

                log_create_user(new_user.get_dict(), cur_user)

            return new_user

        except (DatabaseError,):

            log.error(traceback.format_exc())

            raise

    def create_registration(self, form_data):

        from kallithea.model.notification import NotificationModel

        import kallithea.lib.helpers as h

        form_data['admin'] = False

        form_data['extern_name'] = EXTERN_TYPE_INTERNAL

        form_data['extern_type'] = EXTERN_TYPE_INTERNAL

        new_user = self.create(form_data)

        self.sa.add(new_user)

        self.sa.flush()

        # notification to admins

        subject = _('New user registration')

        body = (

            '---------------------\n'

            '- Username: {user.username}\n'

            '- Full Name: {user.full_name}\n'

            '- Email: {user.email}\n'

            ).format(user=new_user)

        edit_url = h.canonical_url('edit_user', id=new_user.user_id)

        email_kwargs = {

            'registered_user_url': edit_url,

            'new_username': new_user.username}

        NotificationModel().create(created_by=new_user, subject=subject,

                                   body=body, recipients=None,

                                   type_=Notification.TYPE_REGISTRATION,

                                   email_kwargs=email_kwargs)

    def update(self, user_id, form_data, skip_attrs=None):

        from kallithea.lib.auth import get_crypt_password

        skip_attrs = skip_attrs or []

        user = self.get(user_id, cache=False)

        if user.username == User.DEFAULT_USER:

            raise DefaultUserException(

                            _("You can't edit this user since it's "

                              "crucial for entire application"))

        for k, v in form_data.items():

            if k in skip_attrs:

                continue

            if k == 'new_password' and v:

                user.password = get_crypt_password(v)

            else:

                # old legacy thing orm models store firstname as name,

                # need proper refactor to username

                if k == 'firstname':

                    k = 'name'

                setattr(user, k, v)

        self.sa.add(user)

    def update_user(self, user, **kwargs):

        from kallithea.lib.auth import get_crypt_password

        user = self._get_user(user)

        if user.username == User.DEFAULT_USER:

            raise DefaultUserException(

                _("You can't edit this user since it's"

                  " crucial for entire application")

            )

        for k, v in kwargs.items():

            if k == 'password' and v:

                v = get_crypt_password(v)

            setattr(user, k, v)

        self.sa.add(user)

        return user

    def delete(self, user, cur_user=None):

        if cur_user is None:

            cur_user = getattr(get_current_authuser(), 'username', None)

        user = self._get_user(user)

        if user.username == User.DEFAULT_USER:

            raise DefaultUserException(

                _("You can't remove this user since it is"

                  " crucial for the entire application"))

        if user.repositories:

            repos = [x.repo_name for x in user.repositories]

            raise UserOwnsReposException(

                _('User "%s" still owns %s repositories and cannot be '

                  'removed. Switch owners or remove those repositories: %s')

                % (user.username, len(repos), ', '.join(repos)))

        if user.repo_groups:

            repogroups = [x.group_name for x in user.repo_groups]

            raise UserOwnsReposException(_(

                'User "%s" still owns %s repository groups and cannot be '

                'removed. Switch owners or remove those repository groups: %s')

                % (user.username, len(repogroups), ', '.join(repogroups)))

        if user.user_groups:

            usergroups = [x.users_group_name for x in user.user_groups]

            raise UserOwnsReposException(

                _('User "%s" still owns %s user groups and cannot be '

                  'removed. Switch owners or remove those user groups: %s')

                % (user.username, len(usergroups), ', '.join(usergroups)))

        self.sa.delete(user)

        from kallithea.lib.hooks import log_delete_user

        log_delete_user(user.get_dict(), cur_user)

    def can_change_password(self, user):

        from kallithea.lib import auth_modules

        managed_fields = auth_modules.get_managed_fields(user)

        return 'password' not in managed_fields

    def get_reset_password_token(self, user, timestamp, session_id):

        """

        The token is a 40-digit hexstring, calculated as a HMAC-SHA1.

        In a traditional HMAC scenario, an attacker is unable to know or

        obj.user_group = user_group

        obj.user = user

        obj.permission = permission

        self.sa.add(obj)

        log.debug('Granted perm %s to %s on %s', perm, user, user_group)

        return obj

    def revoke_user_permission(self, user_group, user):

        """

        Revoke permission for user on given repository group

        :param user_group: Instance of RepoGroup, repositories_group_id,

            or repositories_group name

        :param user: Instance of User, user_id or username

        """

        user_group = self._get_user_group(user_group)

        user = self._get_user(user)

        obj = self.sa.query(UserUserGroupToPerm) \

            .filter(UserUserGroupToPerm.user == user) \

            .filter(UserUserGroupToPerm.user_group == user_group) \

            .scalar()

        if obj is not None:

            self.sa.delete(obj)

            log.debug('Revoked perm on %s on %s', user_group, user)

    def grant_user_group_permission(self, target_user_group, user_group, perm):

        """

        Grant user group permission for given target_user_group

        :param target_user_group:

        :param user_group:

        :param perm:

        """

        target_user_group = self._get_user_group(target_user_group)

        user_group = self._get_user_group(user_group)

        permission = self._get_perm(perm)

        # forbid assigning same user group to itself

        if target_user_group == user_group:

            raise RepoGroupAssignmentError('target repo:%s cannot be '

                                           'assigned to itself' % target_user_group)