from formencode import htmlfill

from pylons import request, session, tmpl_context as c, url

from pylons.controllers.util import abort, redirect

from pylons.i18n.translation import _

from rhodecode.lib import helpers as h

from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator

from rhodecode.lib.base import BaseController, render

from rhodecode.model.forms import DefaultPermissionsForm

from rhodecode.model.permission import PermissionModel

from rhodecode.model.db import User

log = logging.getLogger(__name__)

class PermissionsController(BaseController):

    """REST Controller styled on the Atom Publishing Protocol"""

    # To properly map this controller, ensure your config/routing.py

    # file has a resource setup:

    #     map.resource('permission', 'permissions')

    @LoginRequired()

    @HasPermissionAllDecorator('hg.admin')

        # url('permission', id=ID)

        permission_model = PermissionModel()

        _form = DefaultPermissionsForm([x[0] for x in self.perms_choices],

                                       [x[0] for x in self.register_choices],

                                       [x[0] for x in self.create_choices])()

        try:

            form_result = _form.to_python(dict(request.POST))

            form_result.update({'perm_user_name': id})

            permission_model.update(form_result)

            h.flash(_('Default permissions updated successfully'),

                    category='success')

        except formencode.Invalid, errors:

            c.perms_choices = self.perms_choices

            c.register_choices = self.register_choices

            c.create_choices = self.create_choices

            defaults = errors.value

            return htmlfill.render(

                render('admin/permissions/permissions.html'),

                defaults=defaults,

from pylons import request, response, session, tmpl_context as c, url

from pylons.controllers.util import abort, redirect

from pylons.i18n.translation import _

from sqlalchemy.exc import IntegrityError

from rhodecode.lib import helpers as h

from rhodecode.lib.auth import LoginRequired, HasPermissionAnyDecorator

from rhodecode.lib.base import BaseController, render

from rhodecode.model.db import RepoGroup

from rhodecode.model.repos_group import ReposGroupModel

from rhodecode.model.forms import ReposGroupForm

log = logging.getLogger(__name__)

class ReposGroupsController(BaseController):

    """REST Controller styled on the Atom Publishing Protocol"""

    # To properly map this controller, ensure your config/routing.py

    # file has a resource setup:

    #     map.resource('repos_group', 'repos_groups')

    @LoginRequired()

    def __before__(self):

        """GET /repos_groups: All items in the collection"""

        # url('repos_groups')

        sk = lambda g:g.parents[0].group_name if g.parents else g.group_name

        c.groups = sorted(RepoGroup.query().all(), key=sk)

        return render('admin/repos_groups/repos_groups_show.html')

    @HasPermissionAnyDecorator('hg.admin')

    def create(self):

        """POST /repos_groups: Create a new item"""

        # url('repos_groups')

        self.__load_defaults()

        repos_group_form = ReposGroupForm(available_groups=

                                          c.repo_groups_choices)()

        try:

            form_result = repos_group_form.to_python(dict(request.POST))

            h.flash(_('created repos group %s') \

                    % form_result['group_name'], category='success')

            #TODO: in futureaction_logger(, '', '', '', self.sa)

        except formencode.Invalid, errors:

            return htmlfill.render(

                render('admin/repos_groups/repos_groups_add.html'),

                defaults=errors.value,

                errors=errors.error_dict or {},

                prefix_error=False,

                encoding="UTF-8")

        except Exception:

    def update(self, id):

        """PUT /repos_groups/id: Update an existing item"""

        # Forms posted to this method should contain a hidden field:

        #    <input type="hidden" name="_method" value="PUT" />

        # Or using helpers:

        #    h.form(url('repos_group', id=ID),

        #           method='put')

        # url('repos_group', id=ID)

        self.__load_defaults()

        c.repos_group = RepoGroup.get(id)

        repos_group_form = ReposGroupForm(edit=True,

                                          old_data=c.repos_group.get_dict(),

                                          available_groups=

                                            c.repo_groups_choices)()

        try:

            form_result = repos_group_form.to_python(dict(request.POST))

            h.flash(_('updated repos group %s') \

                    % form_result['group_name'], category='success')

            #TODO: in futureaction_logger(, '', '', '', self.sa)

        except formencode.Invalid, errors:

            return htmlfill.render(

                render('admin/repos_groups/repos_groups_edit.html'),

                defaults=errors.value,

                errors=errors.error_dict or {},

                prefix_error=False,

                encoding="UTF-8")

        except Exception:

    @HasPermissionAnyDecorator('hg.admin')

    def delete(self, id):

        """DELETE /repos_groups/id: Delete an existing item"""

        # Forms posted to this method should contain a hidden field:

        #    <input type="hidden" name="_method" value="DELETE" />

        # Or using helpers:

        #    h.form(url('repos_group', id=ID),

        #           method='delete')

        # url('repos_group', id=ID)

        gr = RepoGroup.get(id)

        repos = gr.repositories.all()

        if repos:

            h.flash(_('This group contains %s repositores and cannot be '

                      'deleted' % len(repos)),

                    category='error')

            return redirect(url('repos_groups'))

        try:

            h.flash(_('removed repos group %s' % gr.group_name), category='success')

            #TODO: in future action_logger(, '', '', '', self.sa)

        except IntegrityError, e:

            if e.message.find('groups_group_parent_id_fkey'):

                log.error(traceback.format_exc())

                h.flash(_('Cannot delete this group it still contains '

                          'subgroups'),

                        category='warning')

            else:

                log.error(traceback.format_exc())

                h.flash(_('error occurred during deletion of repos '

                          'group %s' % gr.group_name), category='error')

import traceback

import logging

from rhodecode.controllers.api import JSONRPCController, JSONRPCError

from rhodecode.lib.auth import HasPermissionAllDecorator, \

    HasPermissionAnyDecorator

from rhodecode.model.scm import ScmModel

from rhodecode.model.db import User, UsersGroup, RepoGroup, Repository

from rhodecode.model.repo import RepoModel

from rhodecode.model.user import UserModel

from rhodecode.model.repo_permission import RepositoryPermissionModel

from rhodecode.model.users_group import UsersGroupModel

from rhodecode.model.repos_group import ReposGroupModel

log = logging.getLogger(__name__)

class ApiController(JSONRPCController):

    """

    API Controller

    Each method needs to have USER as argument this is then based on given

    API_KEY propagated as instance of user object

        :param name:

        :param lastname:

        :param email:

        :param active:

        :param admin:

        :param ldap_dn:

        """

        if User.get_by_username(username):

            raise JSONRPCError("user %s already exist" % username)

        try:

                                         lastname, active, admin, ldap_dn)

            return dict(msg='created new user %s' % username)

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError('failed to create user %s' % username)

    @HasPermissionAllDecorator('hg.admin')

    def get_users_group(self, apiuser, group_name):

        """"

        Get users group by name

        :param apiuser

        :param group_name

    def create_users_group(self, apiuser, name, active=True):

        """

        Creates an new usergroup

        :param name:

        :param active:

        """

        if self.get_users_group(apiuser, name):

            raise JSONRPCError("users group %s already exist" % name)

        try:

            return dict(id=ug.users_group_id,

                        msg='created new users group %s' % name)

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError('failed to create group %s' % name)

    @HasPermissionAllDecorator('hg.admin')

    def add_user_to_users_group(self, apiuser, group_name, user_name):

        """"

        Add a user to a group

        :param apiuser

        try:

            users_group = UsersGroup.get_by_group_name(group_name)

            if not users_group:

                raise JSONRPCError('unknown users group %s' % group_name)

            try:

                user = User.get_by_username(user_name)

            except NoResultFound:

                raise JSONRPCError('unknown user %s' % user_name)

            ugm = UsersGroupModel().add_user_to_group(users_group, user)

            return dict(id=ugm.users_group_member_id,

                        msg='created new users group member')

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError('failed to create users group member')

    @HasPermissionAnyDecorator('hg.admin')

    def get_repo(self, apiuser, repo_name):

        """"

        Get repository by name

        :param apiuser

        :param apiuser

        """

        result = []

        for repository in Repository.getAll():

            result.append(dict(id=repository.repo_id,

                                name=repository.repo_name,

                                type=repository.repo_type,

                                description=repository.description))

        return result

    @HasPermissionAnyDecorator('hg.admin', 'hg.create.repository')

                    repo_type='hg', private=False):

        """

        Create a repository

        :param apiuser

        :param name

        :param description

        :param type

        :param private

        :param owner_name

        """

                    group = ReposGroupModel().create(dict(group_name=g,

                                                  group_description='',

                                                  group_parent_id=parent_id))

                parent_id = group.group_id

            RepoModel().create(dict(repo_name=real_name,

                                     repo_name_full=name,

                                     description=description,

                                     private=private,

                                     repo_type=repo_type,

                                     repo_group=parent_id,

                                     clone_uri=None), owner)

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError('failed to create repository %s' % name)

    @HasPermissionAnyDecorator('hg.admin')

    def add_user_to_repo(self, apiuser, repo_name, user_name, perm):

        """

        Add permission for a user to a repository

        :param apiuser

        :param repo_name

        :param user_name

            try:

                repo = Repository.get_by_repo_name(repo_name)

            except NoResultFound:

                raise JSONRPCError('unknown repository %s' % repo)

            try:

                user = User.get_by_username(user_name)

            except NoResultFound:

                raise JSONRPCError('unknown user %s' % user)

            RepositoryPermissionModel()\

                .update_or_delete_user_permission(repo, user, perm)

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError('failed to edit permission %(repo)s for %(user)s'

                            % dict(user=user_name, repo=repo_name))

        else:

            destroy = ask_ok('Are you sure to destroy old database ? [y/n]')

        if not destroy:

            sys.exit()

        if destroy:

            meta.Base.metadata.drop_all()

        checkfirst = not override

        meta.Base.metadata.create_all(checkfirst=checkfirst)

        log.info('Created tables for %s', self.dbname)

    def set_db_version(self):

        log.info('db version set to: %s', __dbversion__)

    def upgrade(self):

        """Upgrades given database schema to given revision following

        all needed steps, to perform the upgrade

        """

        from rhodecode.lib.dbmigrate.migrate.versioning import api

        from rhodecode.lib.dbmigrate.migrate.exceptions import \

            DatabaseNotControlledError

                print ('Patching default user of RhodeCode')

                self.klass.fix_default_user()

                log.info('Changing ui settings')

                self.klass.create_ui_settings()

            def step_3(self):

                print ('Adding additional settings into RhodeCode db')

                self.klass.fix_settings()

                print ('Adding ldap defaults')

                self.klass.create_ldap_options(skip_existing=True)

        upgrade_steps = [0] + range(curr_version + 1, __dbversion__ + 1)

        #CALL THE PROPER ORDER OF STEPS TO PERFORM FULL UPGRADE

        for step in upgrade_steps:

            print ('performing upgrade step %s' % step)

            getattr(UpgradeSteps(self), 'step_%s' % step)()

    def fix_repo_paths(self):

        """Fixes a old rhodecode version path into new one without a '*'

        """

        paths = self.sa.query(RhodeCodeUi)\

        hooks4 = RhodeCodeUi()

        hooks4.ui_section = 'hooks'

        hooks4.ui_key = RhodeCodeUi.HOOK_PULL

        hooks4.ui_value = 'python:rhodecode.lib.hooks.log_pull_action'

        # For mercurial 1.7 set backward comapatibility with format

        dotencode_disable = RhodeCodeUi()

        dotencode_disable.ui_section = 'format'

        dotencode_disable.ui_key = 'dotencode'

        dotencode_disable.ui_value = 'false'

        # enable largefiles

        """Creates ldap settings"""

    def config_prompt(self, test_repo_path='', retries=3):

        if retries == 3:

            log.info('Setting up repositories config')

        if not self.tests and not test_repo_path:

            path = raw_input('Specify valid full path to your repositories'

                        ' you can change this later in application settings:')

        else:

            path = test_repo_path

        path_ok = True

        web4.ui_key = 'baseurl'

        web4.ui_value = '/'

        paths = RhodeCodeUi()

        paths.ui_section = 'paths'

        paths.ui_key = '/'

        paths.ui_value = path

        hgsettings1 = RhodeCodeSetting('realm', 'RhodeCode authentication')

        hgsettings2 = RhodeCodeSetting('title', 'RhodeCode')

        hgsettings3 = RhodeCodeSetting('ga_code', '')

        self.create_ldap_options()

        log.info('created ui config')

    def create_user(self, username, password, email='', admin=False):

        log.info('creating user %s', username)

                                     active=True, admin=admin)

    def create_default_user(self):

        log.info('creating default user')

        # create default user for handling default permissions.

                              name='Anonymous', lastname='User')

    def create_permissions(self):

        #module.(access|create|change|delete)_[name]

        #module.(read|write|owner)

        perms = [('repository.none', 'Repository no access'),

                 ('repository.read', 'Repository read access'),

                 ('repository.write', 'Repository write access'),

                 ('repository.admin', 'Repository admin access'),

                 ('hg.admin', 'Hg Administrator'),

                 ('hg.create.repository', 'Repository create'),

                 ('hg.create.none', 'Repository creation disabled'),

                 ('hg.register.none', 'Register disabled'),

                 ('hg.register.manual_activate', 'Register new user with '

                                                 'RhodeCode without manual'

                                                 'activation'),

                 ('hg.register.auto_activate', 'Register new user with '

                                               'RhodeCode without auto '

                                               'activation'),

                ]

        for p in perms:

            new_perm = Permission()

            new_perm.permission_name = p[0]

            new_perm.permission_longname = p[1]

    def populate_default_permissions(self):

        log.info('creating default user permissions')

        default_user = self.sa.query(User)\

        .filter(User.username == 'default').scalar()

        reg_perm = UserToPerm()

        reg_perm.user = default_user

        reg_perm.permission = self.sa.query(Permission)\

        .filter(Permission.permission_name == 'hg.register.manual_activate')\

        .scalar()

        create_repo_perm = UserToPerm()

        create_repo_perm.user = default_user

        create_repo_perm.permission = self.sa.query(Permission)\

        .filter(Permission.permission_name == 'hg.create.repository')\

        .scalar()

        default_repo_perm = UserToPerm()

        default_repo_perm.user = default_user

        default_repo_perm.permission = self.sa.query(Permission)\

        .filter(Permission.permission_name == 'repository.read')\

        .scalar()

from vcs import get_backend

from vcs.backends.base import BaseChangeset

from vcs.utils.lazy import LazyProperty

from vcs.utils.helpers import get_scm

from vcs.exceptions import VCSError

from rhodecode.lib.caching_query import FromCache

from rhodecode.model import meta

from rhodecode.model.db import Repository, User, RhodeCodeUi, \

    UserLog, RepoGroup, RhodeCodeSetting

log = logging.getLogger(__name__)

def recursive_replace(str_, replace=' '):

    """Recursive replace of given sign to just one instance

    :param str_: given string

    :param replace: char to find and replace multiple instances

    Examples::

    >>> recursive_replace("Mighty---Mighty-Bo--sstones",'-')

    if not os.path.isdir(repos_test_path):

        log.debug('Creating testdir %s' % repos_test_path)

        os.makedirs(repos_test_path)

    dbmanage = DbManage(log_sql=True, dbconf=dbconf, root=config['here'],

                        tests=True)

    dbmanage.create_tables(override=True)

    dbmanage.create_settings(dbmanage.config_prompt(repos_test_path))

    dbmanage.create_default_user()

    dbmanage.admin_prompt()

    dbmanage.create_permissions()

    dbmanage.populate_default_permissions()

    # PART TWO make test repo

    log.debug('making test vcs repositories')

    idx_path = config['app_conf']['index_dir']

    data_path = config['app_conf']['cache_dir']

    #clean index and data

    if idx_path and os.path.exists(idx_path):

        log.debug('remove %s' % idx_path)

        shutil.rmtree(idx_path)

    if data_path and os.path.exists(data_path):

                                   body=body, recipients=recipients,

                                   type_=Notification.TYPE_CHANGESET_COMMENT)

            mention_recipients = set(self._extract_mentions(body))\

                                    .difference(recipients)

            if mention_recipients:

                subj = _('[Mention]') + ' ' + subj

                NotificationModel().create(created_by=user_id, subject=subj,

                                    body=body,

                                    recipients=mention_recipients,

                                    type_=Notification.TYPE_CHANGESET_COMMENT)

            return comment

    def delete(self, comment):

        """

        Deletes given comment

        :param comment_id:

        """

        comment = self.__get_changeset_comment(comment)

        self.sa.delete(comment)

        return comment

        :param name: name to fetch

        :param cache: Use cache for this query

        """

        perm = self.sa.query(Permission)\

            .filter(Permission.permission_name == name)

        if cache:

            perm = perm.options(FromCache("sql_cache_short",

                                          "get_permission_%s" % name))

        return perm.scalar()

    def update(self, form_result):

        perm_user = self.sa.query(User)\

        u2p = self.sa.query(UserToPerm).filter(UserToPerm.user ==

                                               perm_user).all()

        if len(u2p) != 3:

            raise Exception('Defined: %s should be 3  permissions for default'

                            ' user. This should not happen please verify'

                            ' your database' % len(u2p))

        try:

            # stage 1 change defaults

            for p in u2p:

                if p.permission.permission_name.startswith('repository.'):

                    p.permission = self.get_permission_by_name(

            if form_result['overwrite_default'] == True:

                for r2p in self.sa.query(UserRepoToPerm)\

                               .filter(UserRepoToPerm.user == perm_user).all():

                    r2p.permission = self.get_permission_by_name(

                                         form_result['default_perm'])

                    self.sa.add(r2p)

            # stage 3 set anonymous access

            if perm_user.username == 'default':

                perm_user.active = bool(form_result['anonymous'])

                self.sa.add(perm_user)

        except (DatabaseError,):

            log.error(traceback.format_exc())

            raise

    def update_user_permission(self, repository, user, permission):

        permission = Permission.get_by_key(permission)

        current = self.get_user_permission(repository, user)

        if current:

            if not current.permission is permission:

                current.permission = permission

        else:

            p = UserRepoToPerm()

            p.user = user

            p.repository = repository

            p.permission = permission

            self.sa.add(p)

    def delete_user_permission(self, repository, user):

        current = self.get_user_permission(repository, user)

        if current:

            self.sa.delete(current)

    def update_or_delete_user_permission(self, repository, user, permission):

        if permission:

            self.update_user_permission(repository, user, permission)

        else:

            self.delete_user_permission(repository, user)

        if os.path.isdir(rm_path):

            # delete only if that path really exists

            os.rmdir(rm_path)

    def create(self, form_data):

        try:

            new_repos_group = RepoGroup()

            new_repos_group.group_description = form_data['group_description']

            new_repos_group.parent_group = RepoGroup.get(form_data['group_parent_id'])

            new_repos_group.group_name = new_repos_group.get_new_name(form_data['group_name'])

            self.sa.add(new_repos_group)

            self.__create_group(new_repos_group.group_name)

            return new_repos_group

        except:

            log.error(traceback.format_exc())

            raise

    def update(self, repos_group_id, form_data):

        try:

            repos_group = RepoGroup.get(repos_group_id)

            old_path = repos_group.full_path

            # change properties

            repos_group.group_description = form_data['group_description']

            repos_group.parent_group = RepoGroup.get(form_data['group_parent_id'])

            repos_group.group_name = repos_group.get_new_name(form_data['group_name'])

            new_path = repos_group.full_path

            self.sa.add(repos_group)

            self.__rename_group(old_path, new_path)