news

++++

fixes

+++++

1.5.4 (**2013-03-13**)

----------------------

news

++++

fixes

+++++

- fixed webtest dependency issues

- fixed issues with celery tasks for password reset

- fixed #763 gravatar helper function should fallback into default image

  if email is empty

- fixes #762 user global activation flag is also respected for LDAP created

  accounts

- use password obfuscate when clonning a remote repo with credentials inside

- disallow cloning from file:/// URIs

- handle all cases with multiple IP addresses in proxy headers

1.5.3 (**2013-02-12**)

----------------------

news

++++

- IP restrictions now also enabled for IPv6

fixes

+++++

- fixed issues with private checkbox not always working

- fixed #746 unicodeDedode errors on feed controllers

- fixes issue #756 cleanup repos didn't properly compose paths of repos to be cleaned up.

- fixed cache invalidation issues together with vcs_full_cache option

- repo scan should skip directories with starting with '.'

- fixes for issue #731, update-repoinfo sometimes failed to update data when changesets

  were initial commits

- recursive mode of setting permission skips private repositories

1.5.2 (**2013-01-14**)

+++++

- fixed #570 explicit user group permissions can overwrite owner permissions

- fixed #578 set proper PATH with current Python for Git

  hooks to execute within same Python as RhodeCode

- fixed issue with Git bare repos that ends with .git in name

1.4.2 (**2012-09-12**)

----------------------

news

++++

- added option to menu to quick lock/unlock repository for users that have

  write access to

- Implemented permissions for writing to repo

  groups. Now only write access to group allows to create a repostiory

  within that group

- #565 Add support for {netloc} and {scheme} to alternative_gravatar_url

- updated translation for zh_CN

fixes

+++++

- fixed issues with non-ascii search terms in search, and indexers

- fixed parsing of page number in GET parameters

- fixed issues with generating pull-request overview for repos with

  bookmarks and tags, also preview doesn't loose chosen revision from

  select dropdown

1.4.1 (**2012-09-07**)

----------------------

news

++++

- always put a comment about code-review status change even if user send

  empty data

- modified_on column saves repository update and it's going to be used

  later for light version of main page ref #500

- pull request notifications send much nicer emails with details about pull

  request

- #551 show breadcrumbs in summary view for repositories inside a group

fixes

+++++

- fixed migrations of permissions that can lead to inconsistency.

+++++

- fixed dev-version marker for stable when served from source codes

- fixed missing permission checks on show forks page

- #418 cast to unicode fixes in notification objects

- #426 fixed mention extracting regex

- fixed remote-pulling for git remotes remopositories

- fixed #434: Error when accessing files or changesets of a git repository

  with submodules

- fixed issue with empty APIKEYS for users after registration ref. #438

- fixed issue with getting README files from git repositories

1.3.4 (**2012-03-28**)

----------------------

news

++++

- Whoosh logging is now controlled by the .ini files logging setup

- added clone-url into edit form on /settings page

- added help text into repo add/edit forms

- created rcextensions module with additional mappings (ref #322) and

  post push/pull/create repo hooks callbacks

- implemented #377 Users view for his own permissions on account page

- #401 repository group is automatically pre-selected when adding repos

  inside a repository group

- added alternative HTTP 403 response when client failed to authenticate. Helps

  solving issues with Mercurial and LDAP

- #402 removed group prefix from repository name when listing repositories

  inside a group

- added gravatars into permission view and permissions autocomplete

- #347 when running multiple RhodeCode instances, properly invalidates cache

  for all registered servers

fixes

+++++

- fixed #390 cache invalidation problems on repos inside group

- fixed #385 clone by ID url was loosing proxy prefix in URL

- fixed some unicode problems with waitress

- fixed issue with escaping < and > in changeset commits

- fixed error occurring during recursive group creation in API

  create_repo function

- fixed #393 py2.5 fixes for routes url generator

- fixed #397 Private repository groups shows up before login

- fixed #396 fixed problems with revoking users in nested groups

- fixed mysql unicode issues + specified InnoDB as default engine with

  utf8 charset

fixes

+++++

- fixes db session issues with celery when emailing admins

- #331 RhodeCode mangles repository names if the a repository group

  contains the "full path" to the repositories

- #298 Conflicting e-mail addresses for LDAP and RhodeCode users

- DB session cleanup after hg protocol operations, fixes issues with

  `mysql has gone away` errors

- #333 doc fixes for get_repo api function

- #271 rare JSON serialization problem with statistics enabled

- #337 Fixes issues with validation of repository name conflicting with

  a group name. A proper message is now displayed.

- #292 made ldap_dn in user edit readonly, to get rid of confusion that field

  doesn't work

- #316 fixes issues with web description in hgrc files

1.2.3 (**2011-11-02**)

----------------------

news

++++

- added following API methods for get_users, create_user, get_users_groups,

  get_users_group, create_users_group, add_user_to_users_groups, get_repos,

  get_repo, create_repo, add_user_to_repo

- implements #237 added password confirmation for my account

  and admin edit user.

- implements #291 email notification for global events are now sent to all

  administrator users, and global config email.

fixes

+++++

- added option for passing auth method for smtp mailer

- #276 issue with adding a single user with id>10 to usergroups

- #277 fixes windows LDAP settings in which missing values breaks the ldap auth

- #288 fixes managing of repos in a group for non admin user

1.2.2 (**2011-10-17**)

----------------------

news

++++

- #226 repo groups are available by path instead of numerical id

                  action="index", conditions=dict(method=["GET"]))

        m.connect("new_repos_group", "/repos_groups/new",

                  action="new", conditions=dict(method=["GET"]))

        m.connect("formatted_new_repos_group", "/repos_groups/new.{format}",

                  action="new", conditions=dict(method=["GET"]))

        m.connect("update_repos_group", "/repos_groups/{group_name:.*?}",

                  action="update", conditions=dict(method=["PUT"],

                                                   function=check_group))

        m.connect("delete_repos_group", "/repos_groups/{group_name:.*?}",

                  action="delete", conditions=dict(method=["DELETE"],

                                                   function=check_group_skip_path))

        m.connect("edit_repos_group", "/repos_groups/{group_name:.*?}/edit",

                  action="edit", conditions=dict(method=["GET"],

                                                 function=check_group))

        m.connect("formatted_edit_repos_group",

                  "/repos_groups/{group_name:.*?}.{format}/edit",

                  action="edit", conditions=dict(method=["GET"],

                                                 function=check_group))

        m.connect("repos_group", "/repos_groups/{group_name:.*?}",

                  action="show", conditions=dict(method=["GET"],

                                                 function=check_group))

        m.connect("formatted_repos_group", "/repos_groups/{group_name:.*?}.{format}",

                  action="show", conditions=dict(method=["GET"],

                                                 function=check_group))

        m.connect('delete_repos_group_user_perm',

                  "/delete_repos_group_user_perm/{group_name:.*?}",

             action="delete_repos_group_user_perm",

             conditions=dict(method=["DELETE"], function=check_group))

        m.connect('delete_repos_group_users_group_perm',

                  "/delete_repos_group_users_group_perm/{group_name:.*?}",

                  action="delete_repos_group_users_group_perm",

                  conditions=dict(method=["DELETE"], function=check_group))

    #ADMIN USER REST ROUTES

    with rmap.submapper(path_prefix=ADMIN_PREFIX,

                        controller='admin/users') as m:

        m.connect("users", "/users",

                  action="create", conditions=dict(method=["POST"]))

        m.connect("users", "/users",

                  action="index", conditions=dict(method=["GET"]))

        m.connect("formatted_users", "/users.{format}",

                  action="index", conditions=dict(method=["GET"]))

        m.connect("new_user", "/users/new",

                  action="new", conditions=dict(method=["GET"]))

        m.connect("formatted_new_user", "/users/new.{format}",

                  action="new", conditions=dict(method=["GET"]))

        m.connect("update_user", "/users/{id}",

                  action="update", conditions=dict(method=["PUT"]))

        m.connect("delete_user", "/users/{id}",

                  action="delete", conditions=dict(method=["DELETE"]))

        m.connect("edit_user", "/users/{id}/edit",

                  action="edit", conditions=dict(method=["GET"]))

        group_iter = GroupList(RepoGroup.query().all(), perm_set=['group.admin'])

        sk = lambda g: g.parents[0].group_name if g.parents else g.group_name

        c.groups = sorted(group_iter, key=sk)

        return render('admin/repos_groups/repos_groups_show.html')

    def create(self):

        """POST /repos_groups: Create a new item"""

        # url('repos_groups')

        self.__load_defaults()

        # permissions for can create group based on parent_id are checked

        # here in the Form

        repos_group_form = ReposGroupForm(available_groups=

                                map(lambda k: unicode(k[0]), c.repo_groups))()

        try:

            form_result = repos_group_form.to_python(dict(request.POST))

            ReposGroupModel().create(

                    group_name=form_result['group_name'],

                    group_description=form_result['group_description'],

                    parent=form_result['group_parent_id'],

                    owner=self.rhodecode_user.user_id

            )

            Session().commit()

                    % form_result['group_name'], category='success')

            #TODO: in futureaction_logger(, '', '', '', self.sa)

        except formencode.Invalid, errors:

            return htmlfill.render(

                render('admin/repos_groups/repos_groups_add.html'),

                defaults=errors.value,

                errors=errors.error_dict or {},

                prefix_error=False,

                encoding="UTF-8")

        except Exception:

            log.error(traceback.format_exc())

                    % request.POST.get('group_name'), category='error')

        parent_group_id = form_result['group_parent_id']

        #TODO: maybe we should get back to the main view, not the admin one

        return redirect(url('repos_groups', parent_group=parent_group_id))

    def new(self, format='html'):

        """GET /repos_groups/new: Form to create a new item"""

        # url('new_repos_group')

        if HasPermissionAll('hg.admin')('group create'):

            #we're global admin, we're ok and we can create TOP level groups

            pass

        else:

            # we pass in parent group into creation form, thus we know

            # what would be the group, we can check perms here !

            group_id = safe_int(request.GET.get('parent_group'))

            group = RepoGroup.get(group_id) if group_id else None

            group_name = group.group_name if group else None

            if HasReposGroupPermissionAll('group.admin')(group_name, 'group create'):

                pass

            else:

                return abort(403)

        self.__load_defaults()

        return render('admin/repos_groups/repos_groups_add.html')

            allow_empty_group = True

        elif not c.repos_group.parent_group:

            allow_empty_group = True

        else:

            allow_empty_group = False

        self.__load_defaults(allow_empty_group=allow_empty_group,

                             exclude_group_ids=[c.repos_group.group_id])

        repos_group_form = ReposGroupForm(

            edit=True,

            old_data=c.repos_group.get_dict(),

            available_groups=c.repo_groups_choices,

            can_create_in_root=allow_empty_group,

        )()

        try:

            form_result = repos_group_form.to_python(dict(request.POST))

            if not c.rhodecode_user.is_admin:

                if self._revoke_perms_on_yourself(form_result):

                    msg = _('Cannot revoke permission for yourself as admin')

                    h.flash(msg, category='warning')

                    raise Exception('revoke admin permission on self')

            new_gr = ReposGroupModel().update(group_name, form_result)

            Session().commit()

                    % form_result['group_name'], category='success')

            # we now have new name !

            group_name = new_gr.group_name

            #TODO: in future action_logger(, '', '', '', self.sa)

        except formencode.Invalid, errors:

            return htmlfill.render(

                render('admin/repos_groups/repos_groups_edit.html'),

                defaults=errors.value,

                errors=errors.error_dict or {},

                prefix_error=False,

                encoding="UTF-8")

        except Exception:

            log.error(traceback.format_exc())

                    % request.POST.get('group_name'), category='error')

        return redirect(url('edit_repos_group', group_name=group_name))

    @HasReposGroupPermissionAnyDecorator('group.admin')

    def delete(self, group_name):

        """DELETE /repos_groups/group_name: Delete an existing item"""

        # Forms posted to this method should contain a hidden field:

        #    <input type="hidden" name="_method" value="DELETE" />

        # Or using helpers:

        #    h.form(url('repos_group', group_name=GROUP_NAME),

        #           method='delete')

        # url('repos_group', group_name=GROUP_NAME)

        gr = c.repos_group = ReposGroupModel()._get_repos_group(group_name)

        repos = gr.repositories.all()

        if repos:

            h.flash(_('This group contains %s repositores and cannot be '

                      'deleted') % len(repos), category='warning')

            return redirect(url('repos_groups'))

        children = gr.children.all()

        if children:

            h.flash(_('This group contains %s subgroups and cannot be deleted'

                      % (len(children))), category='warning')

            return redirect(url('repos_groups'))

        try:

            ReposGroupModel().delete(group_name)

            Session().commit()

                    category='success')

            #TODO: in future action_logger(, '', '', '', self.sa)

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('Error occurred during deletion of repos '

                      'group %s') % group_name, category='error')

        return redirect(url('repos_groups'))

    @HasReposGroupPermissionAnyDecorator('group.admin')

    def delete_repos_group_user_perm(self, group_name):

        """

        DELETE an existing repository group permission user

        :param group_name:

        """

        try:

            if not c.rhodecode_user.is_admin:

                if c.rhodecode_user.user_id == safe_int(request.POST['user_id']):

                    msg = _('Cannot revoke permission for yourself as admin')

                    h.flash(msg, category='warning')

                    raise Exception('revoke admin permission on self')

            recursive = str2bool(request.POST.get('recursive', False))

            ReposGroupModel().delete_permission(

    """

    Returns True if given path is a valid repository False otherwise.

    If scm param is given also compare if given scm is the same as expected

    from scm parameter

    :param repo_name:

    :param base_path:

    :param scm:

    :return True: if given path is a valid repository

    """

    full_path = os.path.join(safe_str(base_path), safe_str(repo_name))

    try:

        scm_ = get_scm(full_path)

        if scm:

            return scm_[0] == scm

        return True

    except VCSError:

        return False

def is_valid_repos_group(repos_group_name, base_path, skip_path_check=False):

    """

    :param repo_name:

    :param base_path:

    """

    full_path = os.path.join(safe_str(base_path), safe_str(repos_group_name))

    # check if it's not a repo

    if is_valid_repo(repos_group_name, base_path):

        return False

    try:

        # we need to check bare git repos at higher level

        # since we might match branches/hooks/info/objects or possible

        # other things inside bare git repo

        get_scm(os.path.dirname(full_path))

        return False

    except VCSError:

        pass

    # check if it's a valid path

    if skip_path_check or os.path.isdir(full_path):

        return True

    return False

        :param repo_name:

        :param parent_id:

        """

        create_path = os.path.join(self.repos_path, group_name)

        log.debug('creating new group in %s' % create_path)

        if os.path.isdir(create_path):

            raise Exception('That directory already exists !')

        os.makedirs(create_path)

    def __rename_group(self, old, new):

        """

        Renames a group on filesystem

        :param group_name:

        """

        if old == new:

            log.debug('skipping group rename')

            return

        old_path = os.path.join(self.repos_path, old)

        new_path = os.path.join(self.repos_path, new)

        log.debug('renaming repos paths from %s to %s' % (old_path, new_path))

        if os.path.isdir(new_path):

            raise Exception('Was trying to rename to already '

                            'existing dir %s' % new_path)

        shutil.move(old_path, new_path)

    def __delete_group(self, group, force_delete=False):

        """

        Deletes a group from a filesystem

        :param group: instance of group from database

        :param force_delete: use shutil rmtree to remove all objects

        """

        paths = group.full_path.split(RepoGroup.url_sep())

        paths = os.sep.join(paths)

        rm_path = os.path.join(self.repos_path, paths)

        log.info("Removing group %s" % (rm_path))

        # delete only if that path really exists

        default_repo_perms = Permission.get_default_perms(default_user_id)

        default_repo_groups_perms = Permission.get_default_group_perms(default_user_id)

        if user.is_admin:

            #==================================================================

            # admin user have all default rights for repositories

            # and groups set to admin

            #==================================================================

            user.permissions[GLOBAL].add('hg.admin')

            # repositories

            for perm in default_repo_perms:

                r_k = perm.UserRepoToPerm.repository.repo_name

                p = 'repository.admin'

                user.permissions[RK][r_k] = p

            # repository groups

            for perm in default_repo_groups_perms:

                rg_k = perm.UserRepoGroupToPerm.group.group_name

                p = 'group.admin'

                user.permissions[GK][rg_k] = p

            return user

        #==================================================================

        #==================================================================

        uid = user.user_id

        # default global permissions taken fron the default user

        default_global_perms = self.sa.query(UserToPerm)\

            .filter(UserToPerm.user_id == default_user_id)

        for perm in default_global_perms:

            user.permissions[GLOBAL].add(perm.permission.permission_name)

        # defaults for repositories, taken from default user

        for perm in default_repo_perms:

            r_k = perm.UserRepoToPerm.repository.repo_name

            if perm.Repository.private and not (perm.Repository.user_id == uid):

                # disable defaults for private repos,

                p = 'repository.none'

            elif perm.Repository.user_id == uid:

                # set admin if owner

                p = 'repository.admin'

            else:

                p = perm.Permission.permission_name

            user.permissions[RK][r_k] = p

        try:

            users_group = self.__get_users_group(users_group)

            for k, v in form_data.items():

                if k == 'users_group_members':

                    users_group.members = []

                    self.sa.flush()

                    members_list = []

                    if v:

                        v = [v] if isinstance(v, basestring) else v

                        for u_id in set(v):

                            member = UserGroupMember(users_group.users_group_id, u_id)

                            members_list.append(member)

                    setattr(users_group, 'members', members_list)

                setattr(users_group, k, v)

            self.sa.add(users_group)

        except Exception:

            log.error(traceback.format_exc())

            raise

    def delete(self, users_group, force=False):

        """

        raises exception if there are members in that group, else deletes

        group and users

        :param users_group:

        :param force:

        """

        try:

            users_group = self.__get_users_group(users_group)

            # check if this group is not assigned to repo

            assigned_groups = UserGroupRepoToPerm.query()\

                .filter(UserGroupRepoToPerm.users_group == users_group).all()

            if assigned_groups and not force:

                raise UserGroupsAssignedException('RepoGroup assigned to %s' %

                                                   assigned_groups)

            self.sa.delete(users_group)

        except Exception:

            log.error(traceback.format_exc())

            raise

    def add_user_to_group(self, users_group, user):

        users_group = self.__get_users_group(users_group)

## -*- coding: utf-8 -*-

<%inherit file="/base/base.html"/>

<%def name="title()">

</%def>

<%def name="breadcrumbs_links()">

    ${h.link_to(_('Admin'),h.url('admin_home'))}

    »

    »

</%def>

<%def name="page_nav()">

    ${self.menu('admin')}

</%def>

<%def name="main()">

<div class="box">

    <!-- box / title -->

    <div class="title">

        ${self.breadcrumbs()}

    </div>

    <!-- end box / title -->

    ${h.form(url('repos_groups'))}

    <div class="form">

        <!-- fields -->

        <div class="fields">

             <div class="field">

                <div class="label">

                    <label for="group_name">${_('Group name')}:</label>

                </div>

                <div class="input">

                    ${h.text('group_name',class_='medium')}

                </div>

## -*- coding: utf-8 -*-

<%inherit file="/base/base.html"/>

<%def name="title()">

</%def>

<%def name="breadcrumbs_links()">

    ${h.link_to(_('Admin'),h.url('admin_home'))}

    »

    »

</%def>

<%def name="page_nav()">

    ${self.menu('admin')}

</%def>

<%def name="main()">

<div class="box">

    <!-- box / title -->

    <div class="title">

        ${self.breadcrumbs()}

        <ul class="links">

          <li>

            <span>${h.link_to(_(u'Add child group'),h.url('new_repos_group', parent_group=c.repos_group.group_id))}</span>

          </li>

        </ul>

    </div>

    <!-- end box / title -->

    ${h.form(url('repos_group',group_name=c.repos_group.group_name),method='put')}

    <div class="form">

        <!-- fields -->

        <div class="fields">

            <div class="field">

                <div class="label">