.. _changelog:

=========

Changelog

=========

1.3.5 (**2012-XX-XX**)

----------------------

:status: in-progress

:branch: beta

news

++++

- use ext_json for json module

- unified annotation view with file source view

- notification improvements, better inbox + css

- #419 don't strip passwords for login forms, make rhodecode 

  more compatible with LDAP servers

- Added HTTP_X_FORWARDED_FOR as another method of extracting 

  IP for pull/push logs. - moved all to base controller  

- #415: Adding comment to changeset causes reload. 

  Comments are now added via ajax and doesn't reload the page

fixes

+++++

- fixed dev-version marker for stable when served from source codes

- fixed missing permission checks on show forks page

- #418 cast to unicode fixes in notification objects

1.3.4 (**2012-03-28**)

----------------------

news

++++

- Whoosh logging is now controlled by the .ini files logging setup

- added clone-url into edit form on /settings page

- added help text into repo add/edit forms

- created rcextensions module with additional mappings (ref #322) and

  post push/pull/create repo hooks callbacks

- implemented #377 Users view for his own permissions on account page

- #399 added inheritance of permissions for users group on repos groups

- #401 repository group is automatically pre-selected when adding repos 

  inside a repository group

- added alternative HTTP 403 response when client failed to authenticate. Helps 

  solving issues with Mercurial and LDAP

- #402 removed group prefix from repository name when listing repositories 

  inside a group

- added gravatars into permission view and permissions autocomplete

- #347 when running multiple RhodeCode instances, properly invalidates cache 

  for all registered servers

fixes

+++++

- fixed #390 cache invalidation problems on repos inside group

- fixed #385 clone by ID url was loosing proxy prefix in URL

- fixed some unicode problems with waitress

- fixed issue with escaping < and > in changeset commits

- fixed error occurring during recursive group creation in API 

  create_repo function

- fixed #393 py2.5 fixes for routes url generator

- fixed #397 Private repository groups shows up before login

- fixed #396 fixed problems with revoking users in nested groups

- fixed mysql unicode issues + specified InnoDB as default engine with 

  utf8 charset

- #406 trim long branch/tag names in changelog to not break UI

1.3.3 (**2012-03-02**)

----------------------

news

++++

fixes

+++++

- fixed some python2.5 compatibility issues 

- fixed issues with removed repos was accidentally added as groups, after

  full rescan of paths

- fixes #376 Cannot edit user (using container auth)

- fixes #378 Invalid image urls on changeset screen with proxy-prefix 

  configuration

- fixed initial sorting of repos inside repo group

- fixes issue when user tried to resubmit same permission into user/user_groups

- bumped beaker version that fixes #375 leap error bug

- fixed raw_changeset for git. It was generated with hg patch headers

- fixed vcs issue with last_changeset for filenodes

- fixed missing commit after hook delete

- fixed #372 issues with git operation detection that caused a security issue 

  for git repos

1.3.2 (**2012-02-28**)

----------------------

news

++++

fixes

+++++

- fixed git protocol issues with repos-groups

- fixed git remote repos validator that prevented from cloning remote git repos

- fixes #370 ending slashes fixes for repo and groups

- fixes #368 improved git-protocol detection to handle other clients

- fixes #366 When Setting Repository Group To Blank Repo Group Wont Be 

  Moved To Root

- fixes #371 fixed issues with beaker/sqlalchemy and non-ascii cache keys 

- fixed #373 missing cascade drop on user_group_to_perm table

1.3.1 (**2012-02-27**)

----------------------

news

++++

fixes

+++++

- redirection loop occurs when remember-me wasn't checked during login

- fixes issues with git blob history generation 

- don't fetch branch for git in file history dropdown. Causes unneeded slowness

1.3.0 (**2012-02-26**)

----------------------

news

++++

- code review, inspired by github code-comments 

- #215 rst and markdown README files support

- #252 Container-based and proxy pass-through authentication support

- #44 branch browser. Filtering of changelog by branches

- mercurial bookmarks support

- new hover top menu, optimized to add maximum size for important views

- configurable clone url template with possibility to specify  protocol like 

  ssh:// or http:// and also manually alter other parts of clone_url.

- enabled largefiles extension by default

- optimized summary file pages and saved a lot of unused space in them

- #239 option to manually mark repository as fork

- #320 mapping of commit authors to RhodeCode users

- #304 hashes are displayed using monospace font    

- diff configuration, toggle white lines and context lines

- #307 configurable diffs, whitespace toggle, increasing context lines

- sorting on branches, tags and bookmarks using YUI datatable

- improved file filter on files page

- implements #330 api method for listing nodes ar particular revision

- #73 added linking issues in commit messages to chosen issue tracker url

  based on user defined regular expression

- added linking of changesets in commit messages  

- new compact changelog with expandable commit messages

- firstname and lastname are optional in user creation

- #348 added post-create repository hook

- #212 global encoding settings is now configurable from .ini files 

- #227 added repository groups permissions

- markdown gets codehilite extensions

- new API methods, delete_repositories, grante/revoke permissions for groups 

  and repos

fixes

+++++

- rewrote dbsession management for atomic operations, and better error handling

- fixed sorting of repo tables

- #326 escape of special html entities in diffs

- normalized user_name => username in api attributes

- fixes #298 ldap created users with mixed case emails created conflicts 

  on saving a form

- fixes issue when owner of a repo couldn't revoke permissions for users 

  and groups

- fixes #271 rare JSON serialization problem with statistics

- fixes #337 missing validation check for conflicting names of a group with a

  repositories group

- #340 fixed session problem for mysql and celery tasks

- fixed #331 RhodeCode mangles repository names if the a repository group 

  contains the "full path" to the repositories

- #355 RhodeCode doesn't store encrypted LDAP passwords

1.2.5 (**2012-01-28**)

----------------------

news

++++

fixes

+++++

- #340 Celery complains about MySQL server gone away, added session cleanup

  for celery tasks

- #341 "scanning for repositories in None" log message during Rescan was missing

  a parameter

- fixed creating archives with subrepos. Some hooks were triggered during that

  operation leading to crash.

- fixed missing email in account page.

- Reverted Mercurial to 2.0.1 for windows due to bug in Mercurial that makes

  forking on windows impossible 

1.2.4 (**2012-01-19**)

----------------------

news

++++

- RhodeCode is bundled with mercurial series 2.0.X by default, with

  full support to largefiles extension. Enabled by default in new installations

- #329 Ability to Add/Remove Groups to/from a Repository via AP

- added requires.txt file with requirements

fixes

+++++

- fixes db session issues with celery when emailing admins

- #331 RhodeCode mangles repository names if the a repository group 

  contains the "full path" to the repositories

- #298 Conflicting e-mail addresses for LDAP and RhodeCode users

- DB session cleanup after hg protocol operations, fixes issues with

  `mysql has gone away` errors

- #333 doc fixes for get_repo api function

- #271 rare JSON serialization problem with statistics enabled

- #337 Fixes issues with validation of repository name conflicting with 

  a group name. A proper message is now displayed.

- #292 made ldap_dn in user edit readonly, to get rid of confusion that field

  doesn't work   

- #316 fixes issues with web description in hgrc files 

1.2.3 (**2011-11-02**)

----------------------

news

++++

- added option to manage repos group for non admin users

- added following API methods for get_users, create_user, get_users_groups, 

  get_users_group, create_users_group, add_user_to_users_groups, get_repos, 

  get_repo, create_repo, add_user_to_repo

- implements #237 added password confirmation for my account 

  and admin edit user.

- implements #291 email notification for global events are now sent to all

  administrator users, and global config email.

fixes

+++++

- added option for passing auth method for smtp mailer

- #276 issue with adding a single user with id>10 to usergroups

- #277 fixes windows LDAP settings in which missing values breaks the ldap auth 

- #288 fixes managing of repos in a group for non admin user

1.2.2 (**2011-10-17**)

----------------------

news

++++

- #226 repo groups are available by path instead of numerical id

fixes

+++++

- #259 Groups with the same name but with different parent group

- #260 Put repo in group, then move group to another group -> repo becomes unavailable

- #258 RhodeCode 1.2 assumes egg folder is writable (lockfiles problems)

- #265 ldap save fails sometimes on converting attributes to booleans, 

  added getter and setter into model that will prevent from this on db model level

- fixed problems with timestamps issues #251 and #213

- fixes #266 RhodeCode allows to create repo with the same name and in 

  the same parent as group

- fixes #245 Rescan of the repositories on Windows

- fixes #248 cannot edit repos inside a group on windows

- fixes #219 forking problems on windows

1.2.1 (**2011-10-08**)

----------------------

news

++++

fixes

+++++

- fixed problems with basic auth and push problems 

- gui fixes

- fixed logger

1.2.0 (**2011-10-07**)

----------------------

news

++++

- implemented #47 repository groups

- implemented #89 Can setup google analytics code from settings menu

- implemented #91 added nicer looking archive urls with more download options

  like tags, branches

- implemented #44 into file browsing, and added follow branch option

- implemented #84 downloads can be enabled/disabled for each repository

- anonymous repository can be cloned without having to pass default:default

  into clone url

- fixed #90 whoosh indexer can index chooses repositories passed in command 

  line

- extended journal with day aggregates and paging

- implemented #107 source code lines highlight ranges

- implemented #93 customizable changelog on combined revision ranges - 

  equivalent of githubs compare view 

- implemented #108 extended and more powerful LDAP configuration

- implemented #56 users groups

- major code rewrites optimized codes for speed and memory usage

- raw and diff downloads are now in git format

- setup command checks for write access to given path

- fixed many issues with international characters and unicode. It uses utf8

  decode with replace to provide less errors even with non utf8 encoded strings

- #125 added API KEY access to feeds

- #109 Repository can be created from external Mercurial link (aka. remote 

  repository, and manually updated (via pull) from admin panel

- beta git support - push/pull server + basic view for git repos

- added followers page and forks page

- server side file creation (with binary file upload interface) 

  and edition with commits powered by codemirror 

- #111 file browser file finder, quick lookup files on whole file tree 

- added quick login sliding menu into main page

- changelog uses lazy loading of affected files details, in some scenarios 

  this can improve speed of changelog page dramatically especially for 

  larger repositories.

- implements #214 added support for downloading subrepos in download menu.

- Added basic API for direct operations on rhodecode via JSON

- Implemented advanced hook management

fixes

+++++

- fixed file browser bug, when switching into given form revision the url was 

  not changing

- fixed propagation to error controller on simplehg and simplegit middlewares

- fixed error when trying to make a download on empty repository

- fixed problem with '[' chars in commit messages in journal

- fixed #99 Unicode errors, on file node paths with non utf-8 characters

- journal fork fixes

- removed issue with space inside renamed repository after deletion

- fixed strange issue on formencode imports

- fixed #126 Deleting repository on Windows, rename used incompatible chars. 

- #150 fixes for errors on repositories mapped in db but corrupted in 

  filesystem

- fixed problem with ascendant characters in realm #181

- fixed problem with sqlite file based database connection pool

- whoosh indexer and code stats share the same dynamic extensions map

- fixes #188 - relationship delete of repo_to_perm entry on user removal

- fixes issue #189 Trending source files shows "show more" when no more exist

- fixes issue #197 Relative paths for pidlocks

- fixes issue #198 password will require only 3 chars now for login form

- fixes issue #199 wrong redirection for non admin users after creating a repository

- fixes issues #202, bad db constraint made impossible to attach same group 

  more than one time. Affects only mysql/postgres

- fixes #218 os.kill patch for windows was missing sig param

- improved rendering of dag (they are not trimmed anymore when number of 

  heads exceeds 5)

1.1.8 (**2011-04-12**)

----------------------

news

++++

- improved windows support

fixes

+++++

- fixed #140 freeze of python dateutil library, since new version is python2.x

  incompatible

- setup-app will check for write permission in given path

- cleaned up license info issue #149

- fixes for issues #137,#116 and problems with unicode and accented characters.

- fixes crashes on gravatar, when passed in email as unicode

- fixed tooltip flickering problems

- fixed came_from redirection on windows

- fixed logging modules, and sql formatters

- windows fixes for os.kill issue #133

- fixes path splitting for windows issues #148

- fixed issue #143 wrong import on migration to 1.1.X

- fixed problems with displaying binary files, thanks to Thomas Waldmann

- removed name from archive files since it's breaking ui for long repo names

- fixed issue with archive headers sent to browser, thanks to Thomas Waldmann

- fixed compatibility for 1024px displays, and larger dpi settings, thanks to 

  Thomas Waldmann

- fixed issue #166 summary pager was skipping 10 revisions on second page

1.1.7 (**2011-03-23**)

----------------------

news

++++

fixes

+++++

- fixed (again) #136 installation support for FreeBSD

# -*- coding: utf-8 -*-

"""

    rhodecode.controllers.admin.ldap_settings

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    ldap controller for RhodeCode

    :created_on: Nov 26, 2010

    :author: marcink

    :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>

    :license: GPLv3, see COPYING for more details.

"""

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

import logging

import formencode

import traceback

from formencode import htmlfill

from pylons import request, response, session, tmpl_context as c, url

from pylons.controllers.util import abort, redirect

from pylons.i18n.translation import _

from sqlalchemy.exc import DatabaseError

from rhodecode.lib.base import BaseController, render

from rhodecode.lib import helpers as h

from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator

from rhodecode.lib.exceptions import LdapImportError

from rhodecode.model.forms import LdapSettingsForm

from rhodecode.model.db import RhodeCodeSetting

log = logging.getLogger(__name__)

class LdapSettingsController(BaseController):

    search_scope_choices = [('BASE', _('BASE'),),

                            ('ONELEVEL', _('ONELEVEL'),),

                            ('SUBTREE', _('SUBTREE'),),

                            ]

    search_scope_default = 'SUBTREE'

    tls_reqcert_choices = [('NEVER', _('NEVER'),),

                           ('ALLOW', _('ALLOW'),),

                           ('TRY', _('TRY'),),

                           ('DEMAND', _('DEMAND'),),

                           ('HARD', _('HARD'),),

                           ]

    tls_reqcert_default = 'DEMAND'

    tls_kind_choices = [('PLAIN', _('No encryption'),),

                        ('LDAPS', _('LDAPS connection'),),

                        ('START_TLS', _('START_TLS on LDAP connection'),)

                        ]

    tls_kind_default = 'PLAIN'

    @LoginRequired()

    @HasPermissionAllDecorator('hg.admin')

    def __before__(self):

        c.admin_user = session.get('admin_user')

        c.admin_username = session.get('admin_username')

        c.search_scope_choices = self.search_scope_choices

        c.tls_reqcert_choices = self.tls_reqcert_choices

        c.tls_kind_choices = self.tls_kind_choices

        c.search_scope_cur = self.search_scope_default

        c.tls_reqcert_cur = self.tls_reqcert_default

        c.tls_kind_cur = self.tls_kind_default

        super(LdapSettingsController, self).__before__()

    def index(self):

        defaults = RhodeCodeSetting.get_ldap_settings()

        c.search_scope_cur = defaults.get('ldap_search_scope')

        c.tls_reqcert_cur = defaults.get('ldap_tls_reqcert')

        c.tls_kind_cur = defaults.get('ldap_tls_kind')

        return htmlfill.render(

                    render('admin/ldap/ldap.html'),

                    defaults=defaults,

                    encoding="UTF-8",

                    force_defaults=True,)

    def ldap_settings(self):

        """POST ldap create and store ldap settings"""

        _form = LdapSettingsForm([x[0] for x in self.tls_reqcert_choices],

                                 [x[0] for x in self.search_scope_choices],

                                 [x[0] for x in self.tls_kind_choices])()

        try:

            form_result = _form.to_python(dict(request.POST))

            try:

                for k, v in form_result.items():

                    if k.startswith('ldap_'):

                        setting = RhodeCodeSetting.get_by_name(k)

                        setting.app_settings_value = v

                        self.sa.add(setting)

                self.sa.commit()

                h.flash(_('Ldap settings updated successfully'),

            except (DatabaseError,):

                raise

        except formencode.Invalid, errors:

            e = errors.error_dict or {}

            return htmlfill.render(

                render('admin/ldap/ldap.html'),

                defaults=errors.value,

                errors=e,

                prefix_error=False,

                encoding="UTF-8")

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('error occurred during update of ldap settings'),

                    category='error')

        return redirect(url('ldap_home'))

                    url_handler(repo_type, url, 'https', make_ui('db'))

                except Exception:

                    log.error(traceback.format_exc())

                    raise formencode.Invalid('', value, state, error_dict=e_dict)

            elif url.startswith('http'):

                try:

                    url_handler(repo_type, url, 'http', make_ui('db'))

                except Exception:

                    log.error(traceback.format_exc())

                    raise formencode.Invalid('', value, state, error_dict=e_dict)

            else:

                e_dict = {'clone_uri': _('Invalid clone url, provide a '

                                         'valid clone http\s url')}

                raise formencode.Invalid('', value, state, error_dict=e_dict)

            return value

    return _ValidCloneUri

def ValidForkType(old_data):

    class _ValidForkType(formencode.validators.FancyValidator):

        def to_python(self, value, state):

            if old_data['repo_type'] != value:

                raise formencode.Invalid(_('Fork have to be the same '

                                           'type as original'), value, state)

            return value

    return _ValidForkType

def ValidPerms(type_='repo'):

    if type_ == 'group':

        EMPTY_PERM = 'group.none'

    elif type_ == 'repo':

        EMPTY_PERM = 'repository.none'

    class _ValidPerms(formencode.validators.FancyValidator):

        messages = {

            'perm_new_member_name':

                _('This username or users group name is not valid')

        }

        def to_python(self, value, state):

            perms_update = []

            perms_new = []

            # build a list of permission to update and new permission to create

            for k, v in value.items():

                # means new added member to permissions

                if k.startswith('perm_new_member'):

                    new_perm = value.get('perm_new_member', False)

                    new_member = value.get('perm_new_member_name', False)

                    new_type = value.get('perm_new_member_type')

                    if new_member and new_perm:

                        if (new_member, new_perm, new_type) not in perms_new:

                            perms_new.append((new_member, new_perm, new_type))

                elif k.startswith('u_perm_') or k.startswith('g_perm_'):

                    member = k[7:]

                    t = {'u': 'user',

                         'g': 'users_group'

                    }[k[0]]

                    if member == 'default':

                        if value.get('private'):

                            # set none for default when updating to private repo

                            v = EMPTY_PERM

                    perms_update.append((member, v, t))

            value['perms_updates'] = perms_update

            value['perms_new'] = perms_new

            # update permissions

            for k, v, t in perms_new:

                try:

                    if t is 'user':

                        self.user_db = User.query()\

                            .filter(User.active == True)\

                            .filter(User.username == k).one()

                    if t is 'users_group':

                        self.user_db = UsersGroup.query()\

                            .filter(UsersGroup.users_group_active == True)\

                            .filter(UsersGroup.users_group_name == k).one()

                except Exception:

                    msg = self.message('perm_new_member_name',

                                         state=State_obj)

                    raise formencode.Invalid(

                        msg, value, state, error_dict={'perm_new_member_name': msg}

                    )

            return value

    return _ValidPerms

class ValidSettings(formencode.validators.FancyValidator):

    def to_python(self, value, state):

        # settings  form can't edit user

        if 'user' in value:

            del['value']['user']

        return value

class ValidPath(formencode.validators.FancyValidator):

    def to_python(self, value, state):

        if not os.path.isdir(value):

            msg = _('This is not a valid path')

            raise formencode.Invalid(msg, value, state,

                                     error_dict={'paths_root_path': msg})

        return value

def UniqSystemEmail(old_data):

    class _UniqSystemEmail(formencode.validators.FancyValidator):

        def to_python(self, value, state):

            value = value.lower()

            if (old_data.get('email') or '').lower() != value:

                user = User.get_by_email(value, case_insensitive=True)

                if user:

                    raise formencode.Invalid(

                        _("This e-mail address is already taken"), value, state

                    )

            return value

    return _UniqSystemEmail

class ValidSystemEmail(formencode.validators.FancyValidator):

    def to_python(self, value, state):

        value = value.lower()

        user = User.get_by_email(value, case_insensitive=True)

        if  user is None:

            raise formencode.Invalid(

                _("This e-mail address doesn't exist."), value, state

            )

        return value

class LdapLibValidator(formencode.validators.FancyValidator):

    def to_python(self, value, state):

        try:

            import ldap

        except ImportError:

            raise LdapImportError

        return value

class AttrLoginValidator(formencode.validators.FancyValidator):

    def to_python(self, value, state):

        if not value or not isinstance(value, (str, unicode)):

            raise formencode.Invalid(

                _("The LDAP Login attribute of the CN must be specified - "

                  "this is the name of the attribute that is equivalent "

                  "to 'username'"), value, state

            )

        return value

#==============================================================================

# FORMS

#==============================================================================

class LoginForm(formencode.Schema):

    allow_extra_fields = True

    filter_extra_fields = True

    username = UnicodeString(

        strip=True,

        min=1,

        not_empty=True,

        messages={

           'empty': _('Please enter a login'),

           'tooShort': _('Enter a value %(min)i characters long or more')}

    )

    password = UnicodeString(

        strip=False,

        min=3,

        not_empty=True,

        messages={

            'empty': _('Please enter a password'),

            'tooShort': _('Enter %(min)i characters or more')}

    )

    remember = StringBoolean(if_missing=False)

    chained_validators = [ValidAuth]

def UserForm(edit=False, old_data={}):

    class _UserForm(formencode.Schema):

        allow_extra_fields = True

        filter_extra_fields = True

        username = All(UnicodeString(strip=True, min=1, not_empty=True),

                       ValidUsername(edit, old_data))

        if edit:

            new_password = All(UnicodeString(strip=False, min=6, not_empty=False))

            password_confirmation = All(UnicodeString(strip=False, min=6,

                                                      not_empty=False))

            admin = StringBoolean(if_missing=False)

        else:

            password = All(UnicodeString(strip=False, min=6, not_empty=True))

            password_confirmation = All(UnicodeString(strip=False, min=6,

                                                      not_empty=False))

        active = StringBoolean(if_missing=False)

        name = UnicodeString(strip=True, min=1, not_empty=False)

        lastname = UnicodeString(strip=True, min=1, not_empty=False)

        email = All(Email(not_empty=True), UniqSystemEmail(old_data))

        chained_validators = [ValidPasswordsMatch, ValidPassword]

    return _UserForm

def UsersGroupForm(edit=False, old_data={}, available_members=[]):

    class _UsersGroupForm(formencode.Schema):

        allow_extra_fields = True

        filter_extra_fields = True

        users_group_name = All(UnicodeString(strip=True, min=1, not_empty=True),

                       ValidUsersGroup(edit, old_data))

        users_group_active = StringBoolean(if_missing=False)

        if edit:

            users_group_members = OneOf(available_members, hideList=False,

                                        testValueList=True,

                                        if_missing=None, not_empty=False)

    return _UsersGroupForm

def ReposGroupForm(edit=False, old_data={}, available_groups=[]):

    class _ReposGroupForm(formencode.Schema):

        allow_extra_fields = True

        filter_extra_fields = False

        group_name = All(UnicodeString(strip=True, min=1, not_empty=True),

                               SlugifyName())

        group_description = UnicodeString(strip=True, min=1,

                                                not_empty=True)

        group_parent_id = OneOf(available_groups, hideList=False,

                                        testValueList=True,

                                        if_missing=None, not_empty=False)

        chained_validators = [ValidReposGroup(edit, old_data), ValidPerms('group')]

    return _ReposGroupForm

def RegisterForm(edit=False, old_data={}):

    class _RegisterForm(formencode.Schema):

        allow_extra_fields = True

        filter_extra_fields = True

        username = All(ValidUsername(edit, old_data),

                       UnicodeString(strip=True, min=1, not_empty=True))

        password = All(UnicodeString(strip=False, min=6, not_empty=True))

        password_confirmation = All(UnicodeString(strip=False, min=6, not_empty=True))

        active = StringBoolean(if_missing=False)

        name = UnicodeString(strip=True, min=1, not_empty=False)

        lastname = UnicodeString(strip=True, min=1, not_empty=False)

        email = All(Email(not_empty=True), UniqSystemEmail(old_data))

        chained_validators = [ValidPasswordsMatch, ValidPassword]

    return _RegisterForm

def PasswordResetForm():

    class _PasswordResetForm(formencode.Schema):

        allow_extra_fields = True

        filter_extra_fields = True

        email = All(ValidSystemEmail(), Email(not_empty=True))

    return _PasswordResetForm

def RepoForm(edit=False, old_data={}, supported_backends=BACKENDS.keys(),

             repo_groups=[]):

    class _RepoForm(formencode.Schema):

        allow_extra_fields = True

        filter_extra_fields = False

        repo_name = All(UnicodeString(strip=True, min=1, not_empty=True),

                        SlugifyName())

        clone_uri = All(UnicodeString(strip=True, min=1, not_empty=False))

        repo_group = OneOf(repo_groups, hideList=True)

        repo_type = OneOf(supported_backends)

        description = UnicodeString(strip=True, min=1, not_empty=True)

        private = StringBoolean(if_missing=False)

        enable_statistics = StringBoolean(if_missing=False)

        enable_downloads = StringBoolean(if_missing=False)

        if edit:

            #this is repo owner

            user = All(UnicodeString(not_empty=True), ValidRepoUser)