"active":"<bool> = True"

              }

OUTPUT::

    result: {

              "id":  "<newusersgroupid>",

              "msg": "created new users group <groupname>"

            }

    error:  null

add_user_to_users_group

-----------------------

Adds a user to a users group. If user exists in that group success will be 

`false`. This command can be executed only using api_key

belonging to user with admin rights

INPUT::

    api_key : "<api_key>"

    method :  "add_user_users_group"

    args:     {

                "group_name" :  "<groupname>",

                "username" :   "<username>"

              }

OUTPUT::

    result: {

              "id":  "<newusersgroupmemberid>",

              "success": True|False # depends on if member is in group

              "msg": "added member <username> to users group <groupname> | 

                      User is already in that group"

            }

    error:  null

remove_user_from_users_group

----------------------------

Removes a user from a users group. If user is not in given group success will

be `false`. This command can be executed only 

using api_key belonging to user with admin rights

INPUT::

    api_key : "<api_key>"

    method :  "remove_user_from_users_group"

    args:     {

                "group_name" :  "<groupname>",

                "username" :   "<username>"

              }

OUTPUT::

    result: {

              "success":  True|False,  # depends on if member is in group

              "msg": "removed member <username> from users group <groupname> | 

                      User wasn't in group"

            }

    error:  null

get_repo

--------

Gets an existing repository. This command can be executed only using api_key

belonging to user with admin rights

INPUT::

    api_key : "<api_key>"

    method :  "get_repo"

    args:     {

                "repo_name" : "<reponame>"

              }

OUTPUT::

    result: None if repository does not exist or

            {

                "id" :          "<id>",

                "repo_name" :   "<reponame>"

                "type" :        "<type>",

                "description" : "<description>",

                "members" :     [

                                  { "id" :         "<userid>",

                                    "username" :   "<username>",

                                    "firstname":   "<firstname>",

                                    "lastname" :   "<lastname>",

                                    "email" :      "<email>",

                                    "active" :     "<bool>",

                                    "admin" :      "<bool>",

                                    "ldap" :       "<ldap_dn>",

                                    "permission" : "repository.(read|write|admin)"

                                  },

                                  …

                                  {

                                    "id" :       "<usersgroupid>",

                                    "name" :     "<usersgroupname>",

                                    "active":    "<bool>",

                                    "permission" : "repository.(read|write|admin)"

                                  },

                                  …

                                ]

            }

    error:  null

get_repos

---------

Lists all existing repositories. This command can be executed only using api_key

belonging to user with admin rights

INPUT::

    api_key : "<api_key>"

    method :  "get_repos"

    args:     { }

OUTPUT::

    result: [

              {

                "id" :          "<id>",

                "repo_name" :   "<reponame>"

                "type" :        "<type>",

                "description" : "<description>"

              },

              …

            ]

    error:  null

get_repo_nodes

--------------

returns a list of nodes and it's children in a flat list for a given path 

at given revision. It's possible to specify ret_type to show only `files` or 

`dirs`. This command can be executed only using api_key belonging to user 

with admin rights

INPUT::

    api_key : "<api_key>"

    method :  "get_repo_nodes"

    args:     {

                "repo_name" : "<reponame>",

                "revision"  : "<revision>",

                "root_path" : "<root_path>",

                "ret_type"  : "<ret_type>" = 'all'

              }

OUTPUT::

    result: [

              {

                "name" :        "<name>"

                "type" :        "<type>",

              },

              …

            ]

    error:  null

create_repo

-----------

Creates a repository. This command can be executed only using api_key

belonging to user with admin rights.

If repository name contains "/", all needed repository groups will be created.

For example "foo/bar/baz" will create groups "foo", "bar" (with "foo" as parent),

and create "baz" repository with "bar" as group.

INPUT::

    api_key : "<api_key>"

    method :  "create_repo"

    args:     {

                "repo_name" :   "<reponame>",

                "owner_name" :  "<ownername>",

                "description" : "<description> = ''",

                "repo_type" :   "<type> = 'hg'",

              }

OUTPUT::

    result: {

              "id": "<newrepoid>",

              "msg": "Created new repository <reponame>",

            }

    error:  null

delete_repo

-----------

Deletes a repository. This command can be executed only using api_key

belonging to user with admin rights.

INPUT::

    api_key : "<api_key>"

    method :  "delete_repo"

    args:     {

                "repo_name" :   "<reponame>",

              }

OUTPUT::

    result: {

              "msg": "Deleted repository <reponame>",

            }

    error:  null

grant_user_permission

---------------------

Grant permission for user on given repository, or update existing one

if found. This command can be executed only using api_key belonging to user 

with admin rights.

INPUT::

    api_key : "<api_key>"

    method :  "grant_user_permission"

    args:     {

                "repo_name" :  "<reponame>",

                "username" :   "<username>",

                "perm" :       "(repository.(none|read|write|admin))",

              }

OUTPUT::

    result: {

              "msg" : "Granted perm: <perm> for user: <username> in repo: <reponame>"

            }

    error:  null

revoke_user_permission

----------------------

Revoke permission for user on given repository. This command can be executed 

only using api_key belonging to user with admin rights.

INPUT::

    api_key : "<api_key>"

    method  : "revoke_user_permission"

    args:     {

                "repo_name" :  "<reponame>",

                "username" :   "<username>",

              }

OUTPUT::

    result: {

              "msg" : "Revoked perm for user: <suername> in repo: <reponame>"

            }

    error:  null

grant_users_group_permission

----------------------------

Grant permission for users group on given repository, or update

existing one if found. This command can be executed only using 

api_key belonging to user with admin rights.

INPUT::

    api_key : "<api_key>"

    method :  "grant_users_group_permission"

    args:     {

                "repo_name" : "<reponame>",

                "group_name" : "<usersgroupname>",

                "perm" : "(repository.(none|read|write|admin))",

              }

OUTPUT::

    result: {

              "msg" : "Granted perm: <perm> for group: <usersgroupname> in repo: <reponame>"

            }

    error:  null

revoke_users_group_permission

-----------------------------

Revoke permission for users group on given repository.This command can be 

executed only using api_key belonging to user with admin rights.

INPUT::

    api_key : "<api_key>"

    method  : "revoke_users_group_permission"

    args:     {

                "repo_name" :  "<reponame>",

                "users_group" :   "<usersgroupname>",

              }

OUTPUT::

    result: {

              "msg" : "Revoked perm for group: <usersgroupname> in repo: <reponame>"

            }

    error:  null

            result.append(dict(id=users_group.users_group_id,

                                group_name=users_group.users_group_name,

                                active=users_group.users_group_active,

                                members=members))

        return result

    @HasPermissionAllDecorator('hg.admin')

    def create_users_group(self, apiuser, group_name, active=True):

        """

        Creates an new usergroup

        :param group_name:

        :param active:

        """

        if self.get_users_group(apiuser, group_name):

            raise JSONRPCError("users group %s already exist" % group_name)

        try:

            ug = UsersGroupModel().create(name=group_name, active=active)

            Session.commit()

            return dict(id=ug.users_group_id,

                        msg='created new users group %s' % group_name)

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError('failed to create group %s' % group_name)

    @HasPermissionAllDecorator('hg.admin')

    def add_user_to_users_group(self, apiuser, group_name, username):

        """"

        Add a user to a group

        :param apiuser:

        :param group_name:

        :param username:

        """

        try:

            users_group = UsersGroup.get_by_group_name(group_name)

            if not users_group:

                raise JSONRPCError('unknown users group %s' % group_name)

            user = User.get_by_username(username)

            if user is None:

                raise JSONRPCError('unknown user %s' % username)

            ugm = UsersGroupModel().add_user_to_group(users_group, user)

            success = True if ugm != True else False

            msg = 'added member %s to users group %s' % (username, group_name)

            msg = msg if success else 'User is already in that group'

            Session.commit()

            return dict(

                id=ugm.users_group_member_id if ugm != True else None,

                success=success,

                msg=msg

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError('failed to add users group member')

    @HasPermissionAllDecorator('hg.admin')

    def remove_user_from_users_group(self, apiuser, group_name, username):

        """

        Remove user from a group

        :param apiuser

        :param group_name

        :param username

        """

        try:

            users_group = UsersGroup.get_by_group_name(group_name)

            if not users_group:

                raise JSONRPCError('unknown users group %s' % group_name)

            user = User.get_by_username(username)

            if user is None:

                raise JSONRPCError('unknown user %s' % username)

            success = UsersGroupModel().remove_user_from_group(users_group, user)

            msg = 'removed member %s from users group %s' % (username, group_name)

            msg = msg if success else "User wasn't in group"

            Session.commit()

            return dict(success=success, msg=msg)

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError('failed to remove user from group')

    @HasPermissionAnyDecorator('hg.admin')

    def get_repo(self, apiuser, repo_name):

        """"

        Get repository by name

        :param apiuser:

        :param repo_name:

        """

        repo = Repository.get_by_repo_name(repo_name)

        if repo is None:

            raise JSONRPCError('unknown repository %s' % repo)

        members = []

        for user in repo.repo_to_perm:

            perm = user.permission.permission_name

            user = user.user

            members.append(

                dict(

                    type_="user",

                    id=user.user_id,

                    username=user.username,

                    firstname=user.name,

                    lastname=user.lastname,

                    email=user.email,

                    active=user.active,

                    admin=user.admin,

                    ldap=user.ldap_dn,

                    permission=perm

                )

            )

        for users_group in repo.users_group_to_perm:

            perm = users_group.permission.permission_name

            users_group = users_group.users_group

            members.append(

                dict(

                    type_="users_group",

                    id=users_group.users_group_id,

                    name=users_group.users_group_name,

                    active=users_group.users_group_active,

                    permission=perm

                )

            )

        return dict(

            id=repo.repo_id,

            repo_name=repo.repo_name,

            type=repo.repo_type,

            description=repo.description,

            members=members

        )

    @HasPermissionAnyDecorator('hg.admin')

    def get_repos(self, apiuser):

        """"

        Get all repositories

        :param apiuser:

        """

        result = []

        for repository in Repository.getAll():

            result.append(

                dict(

                    id=repository.repo_id,

                    repo_name=repository.repo_name,

                    type=repository.repo_type,

                    description=repository.description

                )

            )

        return result

    @HasPermissionAnyDecorator('hg.admin')

    def get_repo_nodes(self, apiuser, repo_name, revision, root_path,

                       ret_type='all'):

        """

        returns a list of nodes and it's children

        for a given path at given revision. It's possible to specify ret_type

        to show only files or dirs

        :param apiuser:

        :param repo_name: name of repository

        :param revision: revision for which listing should be done

        :param root_path: path from which start displaying

        :param ret_type: return type 'all|files|dirs' nodes

        """

        try:

            _d, _f = ScmModel().get_nodes(repo_name, revision, root_path,

                                          flat=False)

            _map = {

                'all': _d + _f,

                'files': _f,

                'dirs': _d,

            }

            return _map[ret_type]

        except KeyError:

            raise JSONRPCError('ret_type must be one of %s' % _map.keys())

        except Exception, e:

            raise JSONRPCError(e)

    @HasPermissionAnyDecorator('hg.admin', 'hg.create.repository')

    def create_repo(self, apiuser, repo_name, owner_name, description='',

        """

        :param apiuser:

        :param repo_name:

        :param description:

        :param private:

        """

        try:

            owner = User.get_by_username(owner_name)

            if owner is None:

                raise JSONRPCError('unknown user %s' % owner_name)

            if Repository.get_by_repo_name(repo_name):

                raise JSONRPCError("repo %s already exist" % repo_name)

            groups = repo_name.split('/')

            real_name = groups[-1]

            groups = groups[:-1]

            parent_id = None

            for g in groups:

                group = RepoGroup.get_by_group_name(g)

                if not group:

                    group = ReposGroupModel().create(g, '', parent_id)

                parent_id = group.group_id

            repo = RepoModel().create(

                dict(

                    repo_name=real_name,

                    repo_name_full=repo_name,

                    description=description,

                    private=private,

                    repo_type=repo_type,

                    repo_group=parent_id,

                ),

                owner

            )

            Session.commit()

            return dict(

                id=repo.repo_id,

                msg="Created new repository %s" % repo.repo_name

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError('failed to create repository %s' % repo_name)

    @HasPermissionAnyDecorator('hg.admin')

    def delete_repo(self, apiuser, repo_name):

        """

        Deletes a given repository

        :param repo_name:

        """

        if not Repository.get_by_repo_name(repo_name):

            raise JSONRPCError("repo %s does not exist" % repo_name)

        try:

            RepoModel().delete(repo_name)

            Session.commit()

            return dict(

                msg='Deleted repository %s' % repo_name

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError('failed to delete repository %s' % repo_name)

    @HasPermissionAnyDecorator('hg.admin')

    def grant_user_permission(self, apiuser, repo_name, username, perm):

        """

        Grant permission for user on given repository, or update existing one

        if found

        :param repo_name:

        :param username:

        :param perm:

        """

        try:

            repo = Repository.get_by_repo_name(repo_name)

            if repo is None:

                raise JSONRPCError('unknown repository %s' % repo)

            user = User.get_by_username(username)

            if user is None:

                raise JSONRPCError('unknown user %s' % username)

            RepoModel().grant_user_permission(repo=repo, user=user, perm=perm)

            Session.commit()

            return dict(

                msg='Granted perm: %s for user: %s in repo: %s' % (

                    perm, username, repo_name

                )

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError(

                'failed to edit permission %(repo)s for %(user)s' % dict(

                    user=username, repo=repo_name

                )

            )

    @HasPermissionAnyDecorator('hg.admin')

    def revoke_user_permission(self, apiuser, repo_name, username):

        """

        Revoke permission for user on given repository

        :param repo_name:

        :param username:

        """

        try:

            repo = Repository.get_by_repo_name(repo_name)

            if repo is None:

                raise JSONRPCError('unknown repository %s' % repo)

            user = User.get_by_username(username)

            if user is None:

                raise JSONRPCError('unknown user %s' % username)

            RepoModel().revoke_user_permission(repo=repo_name, user=username)

            Session.commit()

            return dict(

                msg='Revoked perm for user: %s in repo: %s' % (

                    username, repo_name

                )

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError(

                'failed to edit permission %(repo)s for %(user)s' % dict(

                    user=username, repo=repo_name

                )

            )

    @HasPermissionAnyDecorator('hg.admin')

    def grant_users_group_permission(self, apiuser, repo_name, group_name, perm):

        """

        Grant permission for users group on given repository, or update

        existing one if found

        :param repo_name:

        :param group_name:

        :param perm:

        """

        try:

            repo = Repository.get_by_repo_name(repo_name)

            if repo is None:

                raise JSONRPCError('unknown repository %s' % repo)

            user_group = UsersGroup.get_by_group_name(group_name)

            if user_group is None:

                raise JSONRPCError('unknown users group %s' % user_group)

            RepoModel().grant_users_group_permission(repo=repo_name,

                                                     group_name=group_name,

                                                     perm=perm)

            Session.commit()

            return dict(

                msg='Granted perm: %s for group: %s in repo: %s' % (

                    perm, group_name, repo_name

                )

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError(

                'failed to edit permission %(repo)s for %(usersgr)s' % dict(

                    usersgr=group_name, repo=repo_name

                )

            )

    @HasPermissionAnyDecorator('hg.admin')

    def revoke_users_group_permission(self, apiuser, repo_name, group_name):

        """

        Revoke permission for users group on given repository

        :param repo_name:

        :param group_name:

        """

        try:

            repo = Repository.get_by_repo_name(repo_name)

            if repo is None:

                raise JSONRPCError('unknown repository %s' % repo)

            user_group = UsersGroup.get_by_group_name(group_name)

            if user_group is None:

                raise JSONRPCError('unknown users group %s' % user_group)

            RepoModel().revoke_users_group_permission(repo=repo_name,

                                                      group_name=group_name)

            Session.commit()

            return dict(

                msg='Revoked perm for group: %s in repo: %s' % (

                    group_name, repo_name

                )

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError(

                'failed to edit permission %(repo)s for %(usersgr)s' % dict(

                    usersgr=group_name, repo=repo_name

                )

            )

# -*- coding: utf-8 -*-

"""

    rhodecode.lib.db_manage

    ~~~~~~~~~~~~~~~~~~~~~~~

    Database creation, and setup module for RhodeCode. Used for creation

    of database as well as for migration operations

    :created_on: Apr 10, 2010

    :author: marcink

    :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>

    :license: GPLv3, see COPYING for more details.

"""

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

import os

import sys

import uuid

import logging

from os.path import dirname as dn, join as jn

from rhodecode import __dbversion__

from rhodecode.model import meta

from rhodecode.model.user import UserModel

from rhodecode.lib.utils import ask_ok

from rhodecode.model import init_model

from rhodecode.model.db import User, Permission, RhodeCodeUi, \

    RhodeCodeSetting, UserToPerm, DbMigrateVersion, RepoGroup,\

    UserRepoGroupToPerm

from sqlalchemy.engine import create_engine

from rhodecode.model.repos_group import ReposGroupModel

log = logging.getLogger(__name__)

class DbManage(object):

    def __init__(self, log_sql, dbconf, root, tests=False):

        self.dbname = dbconf.split('/')[-1]

        self.tests = tests

        self.root = root

        self.dburi = dbconf

        self.log_sql = log_sql

        self.db_exists = False

        self.init_db()

    def init_db(self):

        engine = create_engine(self.dburi, echo=self.log_sql)

        init_model(engine)

        self.sa = meta.Session

    def create_tables(self, override=False):

        """

        Create a auth database

        """

        log.info("Any existing database is going to be destroyed")

        if self.tests:

            destroy = True

        else:

            destroy = ask_ok('Are you sure to destroy old database ? [y/n]')

        if not destroy:

            sys.exit()

        if destroy:

            meta.Base.metadata.drop_all()

        checkfirst = not override

        meta.Base.metadata.create_all(checkfirst=checkfirst)

        log.info('Created tables for %s' % self.dbname)

    def set_db_version(self):

        ver = DbMigrateVersion()

        ver.version = __dbversion__

        ver.repository_id = 'rhodecode_db_migrations'

        ver.repository_path = 'versions'

        self.sa.add(ver)

        log.info('db version set to: %s' % __dbversion__)

    def upgrade(self):

        """

        Upgrades given database schema to given revision following

        all needed steps, to perform the upgrade

        """

        from rhodecode.lib.dbmigrate.migrate.versioning import api

        from rhodecode.lib.dbmigrate.migrate.exceptions import \

            DatabaseNotControlledError

        if 'sqlite' in self.dburi:

            print (

               '********************** WARNING **********************\n'

               'Make sure your version of sqlite is at least 3.7.X.  \n'

               'Earlier versions are known to fail on some migrations\n'

               '*****************************************************\n'

            )

        upgrade = ask_ok('You are about to perform database upgrade, make '

                         'sure You backed up your database before. '

                         'Continue ? [y/n]')

        if not upgrade:

            sys.exit('Nothing done')

        repository_path = jn(dn(dn(dn(os.path.realpath(__file__)))),

                             'rhodecode/lib/dbmigrate')

        db_uri = self.dburi

        try:

            curr_version = api.db_version(db_uri, repository_path)

            msg = ('Found current database under version'

                 ' control with version %s' % curr_version)

        except (RuntimeError, DatabaseNotControlledError):

            curr_version = 1

            msg = ('Current database is not under version control. Setting'

                   ' as version %s' % curr_version)

            api.version_control(db_uri, repository_path, curr_version)