#!/usr/bin/env python

# encoding: utf-8

# permissions controller for pylons

# Copyright (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com>

# This program is free software; you can redistribute it and/or

# modify it under the terms of the GNU General Public License

# as published by the Free Software Foundation; version 2

# of the License or (at your opinion) any later version of the license.

# 

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

# 

# You should have received a copy of the GNU General Public License

# along with this program; if not, write to the Free Software

# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,

# MA  02110-1301, USA.

"""

Created on April 27, 2010

permissions controller for pylons

@author: marcink

"""

from formencode import htmlfill

from pylons import request, session, tmpl_context as c, url

from pylons.controllers.util import abort, redirect

from pylons.i18n.translation import _

from pylons_app.lib import helpers as h

from pylons_app.lib.auth import LoginRequired, HasPermissionAllDecorator

from pylons_app.lib.base import BaseController, render

from pylons_app.model.db import User, UserLog

from pylons_app.model.user_model import UserModel

import formencode

import logging

log = logging.getLogger(__name__)

class PermissionsController(BaseController):

    """REST Controller styled on the Atom Publishing Protocol"""

    # To properly map this controller, ensure your config/routing.py

    # file has a resource setup:

    #     map.resource('permission', 'permissions')

    @LoginRequired()

    def __before__(self):

        c.admin_user = session.get('admin_user')

        c.admin_username = session.get('admin_username')

        super(PermissionsController, self).__before__()

    def index(self, format='html'):

        """GET /permissions: All items in the collection"""

        # url('permissions')

    def create(self):

        """POST /permissions: Create a new item"""

        # url('permissions')

    def new(self, format='html'):

        """GET /permissions/new: Form to create a new item"""

        # url('new_permission')

    def update(self, id):

        """PUT /permissions/id: Update an existing item"""

        # Forms posted to this method should contain a hidden field:

        #    <input type="hidden" name="_method" value="PUT" />

        # Or using helpers:

        #    h.form(url('permission', id=ID),

        #           method='put')

        # url('permission', id=ID)

    def delete(self, id):

        """DELETE /permissions/id: Delete an existing item"""

        # Forms posted to this method should contain a hidden field:

        #    <input type="hidden" name="_method" value="DELETE" />

        # Or using helpers:

        #    h.form(url('permission', id=ID),

        #           method='delete')

        # url('permission', id=ID)

    def show(self, id, format='html'):

        """GET /permissions/id: Show a specific item"""

        # url('permission', id=ID)

    def edit(self, id, format='html'):

        """GET /permissions/id/edit: Form to edit an existing item"""

#!/usr/bin/env python

# encoding: utf-8

# repos controller for pylons

# Copyright (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com>

#

# This program is free software; you can redistribute it and/or

# modify it under the terms of the GNU General Public License

# as published by the Free Software Foundation; version 2

# of the License or (at your opinion) any later version of the license.

# 

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

# 

# You should have received a copy of the GNU General Public License

# along with this program; if not, write to the Free Software

# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,

# MA  02110-1301, USA.

"""

Created on April 7, 2010

admin controller for pylons

@author: marcink

"""

from formencode import htmlfill

from operator import itemgetter

from paste.httpexceptions import HTTPInternalServerError

from pylons import request, response, session, tmpl_context as c, url

from pylons.controllers.util import abort, redirect

from pylons.i18n.translation import _

from pylons_app.lib import helpers as h

from pylons_app.lib.auth import LoginRequired, HasPermissionAllDecorator, \

    HasPermissionAnyDecorator

from pylons_app.lib.base import BaseController, render

from pylons_app.lib.utils import invalidate_cache

from pylons_app.model.db import User

from pylons_app.model.forms import RepoForm

from pylons_app.model.hg_model import HgModel

from pylons_app.model.repo_model import RepoModel

import formencode

import logging

import traceback

log = logging.getLogger(__name__)

class ReposController(BaseController):

    """REST Controller styled on the Atom Publishing Protocol"""

    # To properly map this controller, ensure your config/routing.py

    # file has a resource setup:

    #     map.resource('repo', 'repos')

    @LoginRequired()

    def __before__(self):

        c.admin_user = session.get('admin_user')

        c.admin_username = session.get('admin_username')

        super(ReposController, self).__before__()

    @HasPermissionAllDecorator('hg.admin')            

    def index(self, format='html'):

        """GET /repos: All items in the collection"""

        # url('repos')

        cached_repo_list = HgModel().get_repos()

        c.repos_list = sorted(cached_repo_list, key=itemgetter('name_sort'))

        return render('admin/repos/repos.html')

    def create(self):

        """POST /repos: Create a new item"""

        # url('repos')

        repo_model = RepoModel()

        _form = RepoForm()()

        form_result = {}

        try:

            form_result = _form.to_python(dict(request.POST))

            repo_model.create(form_result, c.hg_app_user)

            invalidate_cache('cached_repo_list')

            h.flash(_('created repository %s') % form_result['repo_name'],

                    category='success')

        except formencode.Invalid as errors:

            c.new_repo = errors.value['repo_name']

            if request.POST.get('user_created'):

                r = render('admin/repos/repo_add_create_repository.html')

            else:

                r = render('admin/repos/repo_add.html')

            return htmlfill.render(

                r,

                defaults=errors.value,

                errors=errors.error_dict or {},

                prefix_error=False,

                encoding="UTF-8")      

        except Exception:

            log.error(traceback.format_exc())

            msg = _('error occured during creation of repository %s') \

                    % form_result.get('repo_name')

            h.flash(msg, category='error')

        if request.POST.get('user_created'):

            return redirect(url('hg_home'))    

        return redirect(url('repos'))

    @HasPermissionAllDecorator('hg.admin')

    def new(self, format='html'):

        """GET /repos/new: Form to create a new item"""

        new_repo = request.GET.get('repo', '')

        c.new_repo = h.repo_name_slug(new_repo)

        return render('admin/repos/repo_add.html')

    @HasPermissionAllDecorator('hg.admin')

    def update(self, repo_name):

        """PUT /repos/repo_name: Update an existing item"""

        # Forms posted to this method should contain a hidden field:

        #    <input type="hidden" name="_method" value="PUT" />

        # Or using helpers:

        #    h.form(url('repo', repo_name=ID),

        #           method='put')

        # url('repo', repo_name=ID)

        repo_model = RepoModel()

        changed_name = repo_name

        _form = RepoForm(edit=True, old_data={'repo_name':repo_name})()

        try:

            form_result = _form.to_python(dict(request.POST))

            repo_model.update(repo_name, form_result)

            invalidate_cache('cached_repo_list')

            h.flash(_('Repository %s updated succesfully' % repo_name),

                    category='success')

            changed_name = form_result['repo_name']

        except formencode.Invalid as errors:

            c.repo_info = repo_model.get(repo_name)

            c.users_array = repo_model.get_users_js()

            errors.value.update({'user':c.repo_info.user.username})

            return htmlfill.render(

                render('admin/repos/repo_edit.html'),

                defaults=errors.value,

                errors=errors.error_dict or {},

                prefix_error=False,

                encoding="UTF-8")

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('error occured during update of repository %s') \

                    % repo_name, category='error')

        return redirect(url('edit_repo', repo_name=changed_name))

    @HasPermissionAllDecorator('hg.admin')

    def delete(self, repo_name):

        """DELETE /repos/repo_name: Delete an existing item"""

        # Forms posted to this method should contain a hidden field:

        #    <input type="hidden" name="_method" value="DELETE" />

        # Or using helpers:

        #    h.form(url('repo', repo_name=ID),

        #           method='delete')

        # url('repo', repo_name=ID)

        repo_model = RepoModel()

        repo = repo_model.get(repo_name)

        if not repo:

            h.flash(_('%s repository is not mapped to db perhaps' 

                      ' it was moved or renamed  from the filesystem'

                      ' please run the application again'

                      ' in order to rescan repositories') % repo_name,

                      category='error')

            return redirect(url('repos'))

        try:

            repo_model.delete(repo)            

            invalidate_cache('cached_repo_list')

            h.flash(_('deleted repository %s') % repo_name, category='success')

        except Exception:

            h.flash(_('An error occured during deletion of %s') % repo_name,

                    category='error')

        return redirect(url('repos'))

    @HasPermissionAllDecorator('hg.admin')        

    def delete_perm_user(self, repo_name):

        """

        DELETE an existing repository permission user

        @param repo_name:

        """

        try:

            repo_model = RepoModel()

            repo_model.delete_perm_user(request.POST, repo_name)            

        except Exception as e:

            h.flash(_('An error occured during deletion of repository user'),

                    category='error')

            raise HTTPInternalServerError()

    @HasPermissionAllDecorator('hg.admin')    

    def show(self, repo_name, format='html'):

        """GET /repos/repo_name: Show a specific item"""

        # url('repo', repo_name=ID)

    @HasPermissionAllDecorator('hg.admin')    

    def edit(self, repo_name, format='html'):

        """GET /repos/repo_name/edit: Form to edit an existing item"""

        # url('edit_repo', repo_name=ID)

        repo_model = RepoModel()

        c.repo_info = repo = repo_model.get(repo_name)

        if not repo:

            h.flash(_('%s repository is not mapped to db perhaps' 

                      ' it was created or renamed from the filesystem'

                      ' please run the application again'

                      ' in order to rescan repositories') % repo_name,

                      category='error')

            return redirect(url('repos'))        

        defaults = c.repo_info.__dict__

        if c.repo_info.user:

            defaults.update({'user':c.repo_info.user.username})

        else:

            replacement_user = self.sa.query(User)\

            .filter(User.admin == True).first().username

            defaults.update({'user':replacement_user})

        c.users_array = repo_model.get_users_js()

        for p in c.repo_info.repo_to_perm:

            defaults.update({'perm_%s' % p.user.username: 

                             p.permission.permission_name})

        return htmlfill.render(

            render('admin/repos/repo_edit.html'),

            defaults=defaults,

            encoding="UTF-8",

            force_defaults=False

        )          

#!/usr/bin/env python

# encoding: utf-8

# settings controller for pylons

# Copyright (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com>

#

# This program is free software; you can redistribute it and/or

# modify it under the terms of the GNU General Public License

# as published by the Free Software Foundation; version 2

# of the License or (at your opinion) any later version of the license.

# 

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

# 

# You should have received a copy of the GNU General Public License

# along with this program; if not, write to the Free Software

# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,

# MA  02110-1301, USA.

"""

Created on July 14, 2010

settings controller for pylons

@author: marcink

"""

from formencode import htmlfill

from pylons import request, session, tmpl_context as c, url, app_globals as g, \

    config

from pylons.controllers.util import abort, redirect

from pylons.i18n.translation import _

from pylons_app.lib import helpers as h

from pylons_app.lib.auth import LoginRequired, HasPermissionAllDecorator, \

    HasPermissionAnyDecorator

from pylons_app.lib.base import BaseController, render

from pylons_app.lib.utils import repo2db_mapper, invalidate_cache, \

    set_hg_app_config, get_hg_settings, get_hg_ui_settings, make_ui

from pylons_app.model.db import User, UserLog, HgAppSettings, HgAppUi

from pylons_app.model.forms import UserForm, ApplicationSettingsForm, \

    ApplicationUiSettingsForm

from pylons_app.model.hg_model import HgModel

from pylons_app.model.user_model import UserModel

import formencode

import logging

import traceback

log = logging.getLogger(__name__)

class SettingsController(BaseController):

    """REST Controller styled on the Atom Publishing Protocol"""

    # To properly map this controller, ensure your config/routing.py

    # file has a resource setup:

    #     map.resource('setting', 'settings', controller='admin/settings', 

    #         path_prefix='/admin', name_prefix='admin_')

    @LoginRequired()

    def __before__(self):

        c.admin_user = session.get('admin_user')

        c.admin_username = session.get('admin_username')

        super(SettingsController, self).__before__()

    @HasPermissionAllDecorator('hg.admin')    

    def index(self, format='html'):

        """GET /admin/settings: All items in the collection"""

        # url('admin_settings')

        defaults = get_hg_settings()

        defaults.update(get_hg_ui_settings())

        return htmlfill.render(

            render('admin/settings/settings.html'),

            defaults=defaults,

            encoding="UTF-8",

            force_defaults=False

        )  

    @HasPermissionAllDecorator('hg.admin')

    def create(self):

        """POST /admin/settings: Create a new item"""

        # url('admin_settings')

    @HasPermissionAllDecorator('hg.admin')

    def new(self, format='html'):

        """GET /admin/settings/new: Form to create a new item"""

        # url('admin_new_setting')

    @HasPermissionAllDecorator('hg.admin')

    def update(self, setting_id):

        """PUT /admin/settings/setting_id: Update an existing item"""

        # Forms posted to this method should contain a hidden field:

        #    <input type="hidden" name="_method" value="PUT" />

        # Or using helpers:

        #    h.form(url('admin_setting', setting_id=ID),

        #           method='put')

        # url('admin_setting', setting_id=ID)

        if setting_id == 'mapping':

            rm_obsolete = request.POST.get('destroy', False)

            log.debug('Rescanning directories with destroy=%s', rm_obsolete)

            initial = HgModel.repo_scan(g.paths[0][0], g.paths[0][1], g.baseui)

            repo2db_mapper(initial, rm_obsolete)

            invalidate_cache('cached_repo_list')

            h.flash(_('Repositories sucessfully rescanned'), category='success')            

        if setting_id == 'global':

            application_form = ApplicationSettingsForm()()

            try:

                form_result = application_form.to_python(dict(request.POST))

                try:

                    hgsettings1 = self.sa.query(HgAppSettings)\

                    .filter(HgAppSettings.app_settings_name == 'title').one()

                    hgsettings1.app_settings_value = form_result['hg_app_title'] 

                    hgsettings2 = self.sa.query(HgAppSettings)\

                    .filter(HgAppSettings.app_settings_name == 'realm').one()

                    hgsettings2.app_settings_value = form_result['hg_app_realm'] 

                    self.sa.add(hgsettings1)

                    self.sa.add(hgsettings2)

                    self.sa.commit()

                    set_hg_app_config(config)

                    h.flash(_('Updated application settings'),

                            category='success')

                except:

                    log.error(traceback.format_exc())

                    h.flash(_('error occured during updating application settings'),

                            category='error')

                    self.sa.rollback()

            except formencode.Invalid as errors:

                return htmlfill.render(

                     render('admin/settings/settings.html'),

                     defaults=errors.value,

                     errors=errors.error_dict or {},

                     prefix_error=False,

                     encoding="UTF-8") 

        if setting_id == 'mercurial':

            application_form = ApplicationUiSettingsForm()()

            try:

                form_result = application_form.to_python(dict(request.POST))

                try:

                    hgsettings1 = self.sa.query(HgAppUi)\

                    .filter(HgAppUi.ui_key == 'push_ssl').one()

                    hgsettings1.ui_value = form_result['web_push_ssl']

                    hgsettings2 = self.sa.query(HgAppUi)\

                    .filter(HgAppUi.ui_key == '/').one()

                    hgsettings2.ui_value = form_result['paths_root_path']                    

                    #HOOKS

                    hgsettings3 = self.sa.query(HgAppUi)\

                    .filter(HgAppUi.ui_key == 'changegroup.update').one()

                    hgsettings3.ui_active = bool(form_result['hooks_changegroup_update'])  

                    hgsettings4 = self.sa.query(HgAppUi)\

                    .filter(HgAppUi.ui_key == 'changegroup.repo_size').one()

                    hgsettings4.ui_active = bool(form_result['hooks_changegroup_repo_size'])                                          

                    self.sa.add(hgsettings1)

                    self.sa.add(hgsettings2)

                    self.sa.add(hgsettings3)

                    self.sa.add(hgsettings4)

                    self.sa.commit()

                    h.flash(_('Updated mercurial settings'),

                            category='success')

                except:

                    log.error(traceback.format_exc())

                    h.flash(_('error occured during updating application settings'),

                            category='error')

                    self.sa.rollback()

            except formencode.Invalid as errors:

                return htmlfill.render(

                     render('admin/settings/settings.html'),

                     defaults=errors.value,

                     errors=errors.error_dict or {},

                     prefix_error=False,

                     encoding="UTF-8") 

        return redirect(url('admin_settings'))

    @HasPermissionAllDecorator('hg.admin')

    def delete(self, setting_id):

        """DELETE /admin/settings/setting_id: Delete an existing item"""

        # Forms posted to this method should contain a hidden field:

        #    <input type="hidden" name="_method" value="DELETE" />

        # Or using helpers:

        #    h.form(url('admin_setting', setting_id=ID),

        #           method='delete')

        # url('admin_setting', setting_id=ID)

    @HasPermissionAllDecorator('hg.admin')

    def show(self, setting_id, format='html'):

        """GET /admin/settings/setting_id: Show a specific item"""

        # url('admin_setting', setting_id=ID)

    @HasPermissionAllDecorator('hg.admin')         

    def edit(self, setting_id, format='html'):

        """GET /admin/settings/setting_id/edit: Form to edit an existing item"""

        # url('admin_edit_setting', setting_id=ID)

    def my_account(self):

        """

        GET /_admin/my_account Displays info about my account 

        """

        # url('admin_settings_my_account')

        c.user = self.sa.query(User).get(c.hg_app_user.user_id)

        if c.user.username == 'default':

            h.flash(_("You can't edit this user since it's" 

              " crucial for entire application"), category='warning')

            return redirect(url('users'))

        defaults = c.user.__dict__

        return htmlfill.render(

            render('admin/users/user_edit_my_account.html'),

            defaults=defaults,

            encoding="UTF-8",

            force_defaults=False

        ) 

    def my_account_update(self):

        """PUT /_admin/my_account_update: Update an existing item"""

        # Forms posted to this method should contain a hidden field:

        #    <input type="hidden" name="_method" value="PUT" />

        # Or using helpers:

        #    h.form(url('admin_settings_my_account_update'),

        #           method='put')

        # url('admin_settings_my_account_update', id=ID)

        user_model = UserModel()

        uid = c.hg_app_user.user_id

        _form = UserForm(edit=True, old_data={'user_id':uid})()

        form_result = {}

        try:

            form_result = _form.to_python(dict(request.POST))

            user_model.update_my_account(uid, form_result)

            h.flash(_('Your account was updated succesfully'),

                    category='success')

        except formencode.Invalid as errors:

            #c.user = self.sa.query(User).get(c.hg_app_user.user_id)

            return htmlfill.render(

                render('admin/users/user_edit_my_account.html'),

                defaults=errors.value,

                errors=errors.error_dict or {},

                prefix_error=False,

                encoding="UTF-8")

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('error occured during update of user %s') \

                    % form_result.get('username'), category='error')

        return redirect(url('my_account'))

    def create_repository(self):

        """GET /_admin/create_repository: Form to create a new item"""

        new_repo = request.GET.get('repo', '')

        c.new_repo = h.repo_name_slug(new_repo)

        return render('admin/repos/repo_add_create_repository.html')

#!/usr/bin/env python

# encoding: utf-8

# users controller for pylons

# Copyright (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com>

# 

# This program is free software; you can redistribute it and/or

# modify it under the terms of the GNU General Public License

# as published by the Free Software Foundation; version 2

# of the License or (at your opinion) any later version of the license.

# 

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

# 

# You should have received a copy of the GNU General Public License

# along with this program; if not, write to the Free Software

# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,

# MA  02110-1301, USA.

"""

Created on April 4, 2010

users controller for pylons

@author: marcink

"""

from formencode import htmlfill

from pylons import request, session, tmpl_context as c, url

from pylons.controllers.util import abort, redirect

from pylons.i18n.translation import _

from pylons_app.lib import helpers as h

from pylons_app.lib.auth import LoginRequired, HasPermissionAllDecorator

from pylons_app.lib.base import BaseController, render

from pylons_app.model.db import User, UserLog

from pylons_app.model.forms import UserForm

from pylons_app.model.user_model import UserModel, DefaultUserException

import formencode

import logging

import traceback

log = logging.getLogger(__name__)

class UsersController(BaseController):

    """REST Controller styled on the Atom Publishing Protocol"""

    # To properly map this controller, ensure your config/routing.py

    # file has a resource setup:

    #     map.resource('user', 'users')

    @LoginRequired()

    @HasPermissionAllDecorator('hg.admin')

    def __before__(self):

        c.admin_user = session.get('admin_user')

        c.admin_username = session.get('admin_username')

        super(UsersController, self).__before__()

    def index(self, format='html'):

        """GET /users: All items in the collection"""

        # url('users')

        c.users_list = self.sa.query(User).all()     

        return render('admin/users/users.html')

    def create(self):

        """POST /users: Create a new item"""

        # url('users')

        user_model = UserModel()

        login_form = UserForm()()

        try:

            form_result = login_form.to_python(dict(request.POST))

            user_model.create(form_result)

            h.flash(_('created user %s') % form_result['username'],

                    category='success')

        except formencode.Invalid as errors:

            return htmlfill.render(

                render('admin/users/user_add.html'),

                defaults=errors.value,

                errors=errors.error_dict or {},

                prefix_error=False,

                encoding="UTF-8") 

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('error occured during creation of user %s') \

                    % request.POST.get('username'), category='error')            

        return redirect(url('users'))

    def new(self, format='html'):

        """GET /users/new: Form to create a new item"""

        # url('new_user')

        return render('admin/users/user_add.html')

    def update(self, id):

        """PUT /users/id: Update an existing item"""

        # Forms posted to this method should contain a hidden field:

        #    <input type="hidden" name="_method" value="PUT" />

        # Or using helpers:

        #    h.form(url('user', id=ID),

        #           method='put')

        # url('user', id=ID)

        user_model = UserModel()

        _form = UserForm(edit=True, old_data={'user_id':id})()

        form_result = {}

        try:

            form_result = _form.to_python(dict(request.POST))

            user_model.update(id, form_result)

            h.flash(_('User updated succesfully'), category='success')

        except formencode.Invalid as errors:

            c.user = user_model.get_user(id)

            return htmlfill.render(

                render('admin/users/user_edit.html'),

                defaults=errors.value,

                errors=errors.error_dict or {},

                prefix_error=False,

                encoding="UTF-8") 

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('error occured during update of user %s') \

                    % form_result.get('username'), category='error')

        return redirect(url('users'))

    def delete(self, id):

        """DELETE /users/id: Delete an existing item"""

        # Forms posted to this method should contain a hidden field:

        #    <input type="hidden" name="_method" value="DELETE" />

        # Or using helpers:

        #    h.form(url('user', id=ID),

        #           method='delete')

        # url('user', id=ID)

        user_model = UserModel()

        try:

            user_model.delete(id)

            h.flash(_('sucessfully deleted user'), category='success')

        except DefaultUserException as e:

            h.flash(str(e), category='warning')

        except Exception:

            h.flash(_('An error occured during deletion of user'),

                    category='error')            

        return redirect(url('users'))

    def show(self, id, format='html'):

        """GET /users/id: Show a specific item"""

        # url('user', id=ID)

    def edit(self, id, format='html'):

        """GET /users/id/edit: Form to edit an existing item"""

        # url('edit_user', id=ID)

        c.user = self.sa.query(User).get(id)