- added linking of changesets in commit messages

- new compact changelog with expandable commit messages

- firstname and lastname are optional in user creation

- #348 added post-create repository hook

- #212 global encoding settings is now configurable from .ini files

- #227 added repository groups permissions

- markdown gets codehilite extensions

- new API methods, delete_repositories, grante/revoke permissions for groups

  and repos

fixes

+++++

- rewrote dbsession management for atomic operations, and better error handling

- fixed sorting of repo tables

- #326 escape of special html entities in diffs

- normalized user_name => username in api attributes

- fixes #298 ldap created users with mixed case emails created conflicts

  on saving a form

- fixes issue when owner of a repo couldn't revoke permissions for users

  and groups

- fixes #271 rare JSON serialization problem with statistics

- fixes #337 missing validation check for conflicting names of a group with a

- #340 fixed session problem for mysql and celery tasks

- fixed #331 RhodeCode mangles repository names if the a repository group

  contains the "full path" to the repositories

- #355 RhodeCode doesn't store encrypted LDAP passwords

1.2.5 (**2012-01-28**)

----------------------

news

++++

fixes

+++++

- #340 Celery complains about MySQL server gone away, added session cleanup

  for celery tasks

- #341 "scanning for repositories in None" log message during Rescan was missing

  a parameter

- fixed creating archives with subrepos. Some hooks were triggered during that

  operation leading to crash.

- fixed missing email in account page.

- Reverted Mercurial to 2.0.1 for windows due to bug in Mercurial that makes

  forking on windows impossible

        check for valid repository for proper 404 handling

        :param environ:

        :param match_dict:

        """

        from rhodecode.model.db import Repository

        repo_name = match_dict.get('repo_name')

        if match_dict.get('f_path'):

            #fix for multiple initial slashes that causes errors

            match_dict['f_path'] = match_dict['f_path'].lstrip('/')

        try:

            by_id = repo_name.split('_')

            if len(by_id) == 2 and by_id[1].isdigit() and by_id[0] == '':

                repo_name = Repository.get(by_id[1]).repo_name

                match_dict['repo_name'] = repo_name

        except:

            pass

        return is_valid_repo(repo_name, config['base_path'])

    def check_group(environ, match_dict):

        """

        :param environ:

        :param match_dict:

        """

        repos_group_name = match_dict.get('group_name')

        return is_valid_repos_group(repos_group_name, config['base_path'])

    def check_int(environ, match_dict):

        return match_dict.get('id').isdigit()

    # The ErrorController route (handles 404/500 error pages); it should

    # likely stay at the top, ensuring it can always be resolved

    rmap.connect('/error/{action}', controller='error')

    rmap.connect('/error/{action}/{id}', controller='error')

    #==========================================================================

    # CUSTOM ROUTES HERE

    #==========================================================================

    #MAIN PAGE

    rmap.connect('home', '/', controller='home', action='index')

    rmap.connect('repo_switcher', '/repos', controller='home',

                 action='repo_switcher')

    rmap.connect('branch_tag_switcher', '/branches-tags/{repo_name:.*?}',

    def get_new_name(self, group_name):

        """

        returns new full group name based on parent and new name

        :param group_name:

        """

        path_prefix = (self.parent_group.full_path_splitted if

                       self.parent_group else [])

        return RepoGroup.url_sep().join(path_prefix + [group_name])

class Permission(Base, BaseModel):

    __tablename__ = 'permissions'

    __table_args__ = (

        Index('p_perm_name_idx', 'permission_name'),

        {'extend_existing': True, 'mysql_engine': 'InnoDB',

         'mysql_charset': 'utf8'},

    )

    PERMS = [

        ('repository.none', _('Repository no access')),

        ('repository.read', _('Repository read access')),

        ('repository.write', _('Repository write access')),

        ('repository.admin', _('Repository admin access')),

        ('hg.admin', _('RhodeCode Administrator')),

        ('hg.create.none', _('Repository creation disabled')),

        ('hg.create.repository', _('Repository creation enabled')),

        ('hg.fork.none', _('Repository forking disabled')),

        ('hg.fork.repository', _('Repository forking enabled')),

        ('hg.register.none', _('Register disabled')),

        ('hg.register.manual_activate', _('Register new user with RhodeCode '

                                          'with manual activation')),

        ('hg.register.auto_activate', _('Register new user with RhodeCode '

                                        'with auto activation')),

    ]

    # defines which permissions are more important higher the more important

    PERM_WEIGHTS = {

        'repository.none': 0,

        'repository.read': 1,

        'repository.write': 3,

        'repository.admin': 4,

        'group.none': 0,

        'group.read': 1,

        'group.write': 3,

        q = RhodeCodeUi.get_by_key('/')

        return q.ui_value

    def _create_default_perms(self, new_group):

        # create default permission

        repo_group_to_perm = UserRepoGroupToPerm()

        default_perm = 'group.read'

        for p in User.get_by_username('default').user_perms:

            if p.permission.permission_name.startswith('group.'):

                default_perm = p.permission.permission_name

                break

        repo_group_to_perm.permission_id = self.sa.query(Permission)\

                .filter(Permission.permission_name == default_perm)\

                .one().permission_id

        repo_group_to_perm.group = new_group

        repo_group_to_perm.user_id = User.get_by_username('default').user_id

        self.sa.add(repo_group_to_perm)

    def __create_group(self, group_name):

        """

        :param repo_name:

        :param parent_id:

        """

        create_path = os.path.join(self.repos_path, group_name)

        log.debug('creating new group in %s' % create_path)

        if os.path.isdir(create_path):

            raise Exception('That directory already exists !')

        os.makedirs(create_path)

    def __rename_group(self, old, new):

        """

        Renames a group on filesystem

        :param group_name:

        """

        if old == new:

            log.debug('skipping group rename')

            return

                el = repos_group

            if isinstance(el, RepoGroup):

                if obj_type == 'user':

                    ReposGroupModel().revoke_user_permission(el, user=obj)

                elif obj_type == 'users_group':

                    ReposGroupModel().revoke_users_group_permission(el, group_name=obj)

                else:

                    raise Exception('undefined object type %s' % obj_type)

            elif isinstance(el, Repository):

                if obj_type == 'user':

                    RepoModel().revoke_user_permission(el, user=obj)

                elif obj_type == 'users_group':

                    RepoModel().revoke_users_group_permission(el, group_name=obj)

                else:

                    raise Exception('undefined object type %s' % obj_type)

            #if it's not recursive call

            # break the loop and don't proceed with other changes

            if not recursive:

                break

    def grant_user_permission(self, repos_group, user, perm):

        """

        existing one if found

        :param repos_group: Instance of ReposGroup, repositories_group_id,

            or repositories_group name

        :param user: Instance of User, user_id or username

        :param perm: Instance of Permission, or permission_name

        """

        repos_group = self._get_repos_group(repos_group)

        user = self._get_user(user)

        permission = self._get_perm(perm)

        # check if we have that permission already

        obj = self.sa.query(UserRepoGroupToPerm)\

            .filter(UserRepoGroupToPerm.user == user)\

            .filter(UserRepoGroupToPerm.group == repos_group)\

            .scalar()

        if obj is None:

            # create new !

            obj = UserRepoGroupToPerm()

        obj.group = repos_group

        obj.user = user

        obj.permission = permission

        self.sa.add(obj)

        log.debug('Granted perm %s to %s on %s' % (perm, user, repos_group))

    def revoke_user_permission(self, repos_group, user):

        """

        :param repos_group: Instance of ReposGroup, repositories_group_id,

            or repositories_group name

        :param user: Instance of User, user_id or username

        """

        repos_group = self._get_repos_group(repos_group)

        user = self._get_user(user)

        obj = self.sa.query(UserRepoGroupToPerm)\

            .filter(UserRepoGroupToPerm.user == user)\

            .filter(UserRepoGroupToPerm.group == repos_group)\

            .scalar()

        if obj:

            self.sa.delete(obj)

            log.debug('Revoked perm on %s on %s' % (repos_group, user))

    def grant_users_group_permission(self, repos_group, group_name, perm):

        """

        existing one if found

        :param repos_group: Instance of ReposGroup, repositories_group_id,

            or repositories_group name

        :param group_name: Instance of UserGroup, users_group_id,

            or user group name

        :param perm: Instance of Permission, or permission_name

        """

        repos_group = self._get_repos_group(repos_group)

        group_name = self.__get_users_group(group_name)

        permission = self._get_perm(perm)

        # check if we have that permission already

        obj = self.sa.query(UsersGroupRepoGroupToPerm)\

            .filter(UsersGroupRepoGroupToPerm.group == repos_group)\

            .filter(UsersGroupRepoGroupToPerm.users_group == group_name)\

            .scalar()

        if obj is None:

            # create new

            obj = UsersGroupRepoGroupToPerm()

        obj.group = repos_group

        obj.users_group = group_name

        obj.permission = permission

        self.sa.add(obj)

        log.debug('Granted perm %s to %s on %s' % (perm, group_name, repos_group))

    def revoke_users_group_permission(self, repos_group, group_name):

        """

        :param repos_group: Instance of ReposGroup, repositories_group_id,

            or repositories_group name

        :param group_name: Instance of UserGroup, users_group_id,

            or user group name

        """

        repos_group = self._get_repos_group(repos_group)

        group_name = self.__get_users_group(group_name)

        obj = self.sa.query(UsersGroupRepoGroupToPerm)\

            .filter(UsersGroupRepoGroupToPerm.group == repos_group)\

            .filter(UsersGroupRepoGroupToPerm.users_group == group_name)\

            .scalar()

        if obj:

            self.sa.delete(obj)

            log.debug('Revoked perm to %s on %s' % (repos_group, group_name))

def ValidRepoUser():

    class _validator(formencode.validators.FancyValidator):

        messages = {

            'invalid_username': _(u'Username %(username)s is not valid')

        }

        def validate_python(self, value, state):

            try:

                User.query().filter(User.active == True)\

                    .filter(User.username == value).one()

            except Exception:

                msg = M(self, 'invalid_username', state, username=value)

                raise formencode.Invalid(msg, value, state,

                    error_dict=dict(username=msg)

                )

    return _validator

def ValidUsersGroup(edit=False, old_data={}):

    class _validator(formencode.validators.FancyValidator):

        messages = {

            'invalid_group': _(u'Invalid user group name'),

            'invalid_usersgroup_name':

                _(u'user group name may only contain  alphanumeric '

                  'characters underscores, periods or dashes and must begin '

                  'with alphanumeric character')

        }

        def validate_python(self, value, state):

            if value in ['default']:

                msg = M(self, 'invalid_group', state)

                raise formencode.Invalid(msg, value, state,

                    error_dict=dict(users_group_name=msg)

                )

            #check if group is unique

            old_ugname = None

            if edit:

                old_id = old_data.get('users_group_id')

                old_ugname = UsersGroup.get(old_id).users_group_name

            if old_ugname != value or not edit:

                is_existing_group = UsersGroup.get_by_group_name(value,

                                                        case_insensitive=True)

                if is_existing_group:

                    msg = M(self, 'group_exist', state, usersgroup=value)

                    raise formencode.Invalid(msg, value, state,

def ValidAuthToken():

    class _validator(formencode.validators.FancyValidator):

        messages = {

            'invalid_token': _(u'Token mismatch')

        }

        def validate_python(self, value, state):

            if value != authentication_token():

                msg = M(self, 'invalid_token', state)

                raise formencode.Invalid(msg, value, state)

    return _validator

def ValidRepoName(edit=False, old_data={}):

    class _validator(formencode.validators.FancyValidator):

        messages = {

            'invalid_repo_name':

                _(u'Repository name %(repo)s is disallowed'),

            'repository_exists':

                _(u'Repository named %(repo)s already exists'),

            'repository_in_group_exists': _(u'Repository "%(repo)s" already '

                                            'exists in group "%(group)s"'),

                                   'already exists')

        }

        def _to_python(self, value, state):

            repo_name = repo_name_slug(value.get('repo_name', ''))

            repo_group = value.get('repo_group')

            if repo_group:

                gr = RepoGroup.get(repo_group)

                group_path = gr.full_path

                group_name = gr.group_name

                # value needs to be aware of group name in order to check

                # db key This is an actual just the name to store in the

                # database

                repo_name_full = group_path + RepoGroup.url_sep() + repo_name

            else:

                group_name = group_path = ''

                repo_name_full = repo_name

            value['repo_name'] = repo_name

            value['repo_name_full'] = repo_name_full

            value['group_path'] = group_path

            value['group_name'] = group_name

            return value

            </div>

            <div class="field">

                <div class="label">

                    <label for="default_repo_perm">${_('Repository')}:</label>

                </div>

                <div class="select">

                    ${h.select('default_repo_perm','',c.repo_perms_choices)}

                    ${h.checkbox('overwrite_default_repo','true')}

                    <label for="overwrite_default_repo">

                    <span class="tooltip"

                    title="${h.tooltip(_('All default permissions on each repository will be reset to choosen permission, note that all custom default permission on repositories will be lost'))}">

                    ${_('overwrite existing settings')}</span> </label>

                </div>

            </div>

            <div class="field">

                <div class="label">

                    <label for="default_group_perm">${_('Repository group')}:</label>

                </div>

                <div class="select">

                    ${h.select('default_group_perm','',c.group_perms_choices)}

                    ${h.checkbox('overwrite_default_group','true')}

                    <label for="overwrite_default_group">

                    <span class="tooltip"

                    ${_('overwrite existing settings')}</span> </label>

                </div>

            </div>

            <div class="field">

                <div class="label">

                    <label for="default_register">${_('Registration')}:</label>

                </div>

                <div class="select">

                    ${h.select('default_register','',c.register_choices)}

                </div>

            </div>

             <div class="field">

                <div class="label">

                    <label for="default_create">${_('Repository creation')}:</label>

                </div>

                <div class="select">

                    ${h.select('default_create','',c.create_choices)}

                </div>

             </div>

             <div class="field">

                <div class="label">

                    <label for="default_fork">${_('Repository forking')}:</label>

                </div>

                    <span>${h.link_to(_('Edit group'),h.url('edit_repos_group',group_name=c.group.group_name), title=_('You have admin right to this group, and can edit it'))}</span>

                </li>

                %endif

              </ul>

            %endif

        </div>

        <!-- end box / title -->

        <div class="table">

           % if c.groups:

            <div id='groups_list_wrap' class="yui-skin-sam">

              <table id="groups_list">

                  <thead>

                      <tr>

                          <th class="left"><a href="#">${_('Group name')}</a></th>

                          <th class="left"><a href="#">${_('Description')}</a></th>

                          ##<th class="left"><a href="#">${_('Number of repositories')}</a></th>

                      </tr>

                  </thead>

                  ## REPO GROUPS

                  % for gr in c.groups:

                    <tr>

                        <td>

                            <div style="white-space: nowrap">

                            ${h.link_to(gr.name,url('repos_group_home',group_name=gr.group_name))}

                            </div>

                        </td>

                        %if c.visual.stylify_metatags:

                            <td>${h.urlify_text(h.desc_stylize(gr.group_description))}</td>

                        %else:

                            <td>${gr.group_description}</td>

                        %endif

                        ## this is commented out since for multi nested repos can be HEAVY!

                        ## in number of executed queries during traversing uncomment at will

                        ##<td><b>${gr.repositories_recursive_count}</b></td>

                    </tr>

                  % endfor

              </table>

            </div>

            <div id="group-user-paginator" style="padding: 0px 0px 0px 0px"></div>

            <div style="height: 20px"></div>

            % endif

            <div id="welcome" style="display:none;text-align:center">

                <h1><a href="${h.url('home')}">${c.rhodecode_name} ${c.rhodecode_version}</a></h1>

            </div>

             <%cnt=0%>

             <%namespace name="dt" file="/data_table/_dt_elements.html"/>

            % if c.visual.lightweight_dashboard is False: