## A backreference can be \1, \2, ... or \g<groupname> if you specified a named group

## called 'groupname' in issue_pat.

## The special token {repo} is replaced with the full repository name

## including repository groups, while {repo_name} is replaced with just

## the name of the repository.

issue_server_link = https://issues.example.com/{repo}/issue/\1

## substitution pattern to use as the link text

## If issue_sub is empty, the text matched by issue_pat is retained verbatim

## for the link text. Otherwise, the link text is that of issue_sub, with any

## backreferences to groups in issue_pat replaced.

issue_sub =

## issue_pat, issue_server_link and issue_sub can have suffixes to specify

## multiple patterns, to other issues server, wiki or others

## below an example how to create a wiki pattern

# wiki-some-id -> https://wiki.example.com/some-id

#issue_pat_wiki = wiki-(\S+)

#issue_server_link_wiki = https://wiki.example.com/\1

#issue_sub_wiki = WIKI-\1

## alternative return HTTP header for failed authentication. Default HTTP

## response is 401 HTTPUnauthorized. Currently Mercurial clients have trouble with

## handling that. Set this variable to 403 to return HTTPForbidden

auth_ret_code =

## allows to change the repository location in settings page

allow_repo_location_change = True

## allows to setup custom hooks in settings page

allow_custom_hooks_settings = True

## extra extensions for indexing, space separated and without the leading '.'.

# index.extensions =

#    gemfile

#    lock

## extra filenames for indexing, space separated

# index.filenames =

#    .dockerignore

#    .editorconfig

#    INSTALL

#    CHANGELOG

####################################

###        CELERY CONFIG        ####

####################################

use_celery = false

## Example: connect to the virtual host 'rabbitmqhost' on localhost as rabbitmq:

broker.url = amqp://rabbitmq:qewqew@localhost:5672/rabbitmqhost

celery.imports = kallithea.lib.celerylib.tasks

celery.accept.content = pickle

celery.result.backend = amqp

celery.result.dburi = amqp://

celery.result.serialier = json

#celery.send.task.error.emails = true

#celery.amqp.task.result.expires = 18000

celeryd.concurrency = 2

celeryd.max.tasks.per.child = 1

## If true, tasks will never be sent to the queue, but executed locally instead.

celery.always.eager = false

####################################

###         BEAKER CACHE        ####

####################################

beaker.cache.data_dir = %(here)s/data/cache/data

beaker.cache.lock_dir = %(here)s/data/cache/lock

beaker.cache.regions = short_term,long_term,sql_cache_short

beaker.cache.short_term.type = memory

beaker.cache.short_term.expire = 60

beaker.cache.short_term.key_length = 256

beaker.cache.long_term.type = memory

beaker.cache.long_term.expire = 36000

beaker.cache.long_term.key_length = 256

beaker.cache.sql_cache_short.type = memory

beaker.cache.sql_cache_short.expire = 10

beaker.cache.sql_cache_short.key_length = 256

####################################

###       BEAKER SESSION        ####

####################################

            # CSRF protection: Whenever a request has ambient authority (whether

            # through a session cookie or its origin IP address), it must include

            # the correct token, unless the HTTP method is GET or HEAD (and thus

            # guaranteed to be side effect free. In practice, the only situation

            # where we allow side effects without ambient authority is when the

            # authority comes from an API key; and that is handled above.

            token = request.POST.get(secure_form.token_key)

            if not token or token != secure_form.authentication_token():

                log.error('CSRF check failed')

                raise webob.exc.HTTPForbidden()

        c.kallithea_version = __version__

        rc_config = Setting.get_app_settings()

        # Visual options

        c.visual = AttributeDict({})

        ## DB stored

        c.visual.show_public_icon = str2bool(rc_config.get('show_public_icon'))

        c.visual.show_private_icon = str2bool(rc_config.get('show_private_icon'))

        c.visual.stylify_metalabels = str2bool(rc_config.get('stylify_metalabels'))

        c.visual.page_size = safe_int(rc_config.get('dashboard_items', 100))

        c.visual.admin_grid_items = safe_int(rc_config.get('admin_grid_items', 100))

        c.visual.repository_fields = str2bool(rc_config.get('repository_fields'))

        c.visual.show_version = str2bool(rc_config.get('show_version'))

        c.visual.use_gravatar = str2bool(rc_config.get('use_gravatar'))

        c.visual.gravatar_url = rc_config.get('gravatar_url')

        c.ga_code = rc_config.get('ga_code')

        # TODO: replace undocumented backwards compatibility hack with db upgrade and rename ga_code

        if c.ga_code and '<' not in c.ga_code:

            c.ga_code = '''<script type="text/javascript">

                var _gaq = _gaq || [];

                _gaq.push(['_setAccount', '%s']);

                _gaq.push(['_trackPageview']);

                (function() {

                    var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;

                    ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';

                    var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);

                    })();

            </script>''' % c.ga_code

        c.site_name = rc_config.get('title')

        c.clone_uri_tmpl = rc_config.get('clone_uri_tmpl') or Repository.DEFAULT_CLONE_URI

        ## INI stored

        c.visual.allow_repo_location_change = str2bool(config.get('allow_repo_location_change', True))

        c.visual.allow_custom_hooks_settings = str2bool(config.get('allow_custom_hooks_settings', True))

        c.instance_id = config.get('instance_id')

        c.issues_url = config.get('bugtracker', url('issues_url'))

        # END CONFIG VARS

        c.repo_name = get_repo_slug(request)  # can be empty

        c.backends = BACKENDS.keys()

        self.cut_off_limit = safe_int(config.get('cut_off_limit'))

        c.my_pr_count = PullRequest.query(reviewer_id=request.authuser.user_id, include_closed=False).count()

        self.scm_model = ScmModel()

    @staticmethod

    def _determine_auth_user(session_authuser, ip_addr):

        """

        Create an `AuthUser` object given the API key/bearer token

        (if any) and the value of the authuser session cookie.

        Returns None if no valid user is found (like not active or no access for IP).

        """

        # Authenticate by session cookie

        # In ancient login sessions, 'authuser' may not be a dict.

        # In that case, the user will have to log in again.

        # v0.3 and earlier included an 'is_authenticated' key; if present,

        # this must be True.

        if isinstance(session_authuser, dict) and session_authuser.get('is_authenticated', True):

            return AuthUser.from_cookie(session_authuser, ip_addr=ip_addr)

        # Authenticate by auth_container plugin (if enabled)

        if any(

            plugin.is_container_auth

            for plugin in auth_modules.get_auth_plugins()

        ):

            try:

                user_info = auth_modules.authenticate('', '', request.environ)

            except UserCreationError as e:

                from kallithea.lib import helpers as h

                h.flash(e, 'error', logf=log.error)

            else:

                if user_info is not None:

                    username = user_info['username']

                    user = User.get_by_username(username, case_insensitive=True)

                    return log_in_user(user, remember=False, is_external_auth=True, ip_addr=ip_addr)

        # User is default user (if active) or anonymous

        default_user = User.get_default_user(cache=True)

    @staticmethod

    def _get_ref_rev(repo, ref_type, ref_name, returnempty=False):

        """

        Safe way to get changeset. If error occurs show error.

        """

        from kallithea.lib import helpers as h

        try:

            return repo.scm_instance.get_ref_revision(ref_type, ref_name)

        except EmptyRepositoryError as e:

            if returnempty:

                return repo.scm_instance.EMPTY_CHANGESET

            h.flash(_('There are no changesets yet'), category='error')

            raise webob.exc.HTTPNotFound()

        except ChangesetDoesNotExistError as e:

            h.flash(_('Changeset for %s %s not found in %s') %

                              (ref_type, ref_name, repo.repo_name),

                    category='error')

            raise webob.exc.HTTPNotFound()

        except RepositoryError as e:

            log.error(traceback.format_exc())

            h.flash(safe_str(e), category='error')

            raise webob.exc.HTTPBadRequest()

@decorator.decorator

def jsonify(func, *args, **kwargs):

    """Action decorator that formats output for JSON

    Given a function that will return content, this decorator will turn

    the result into JSON, with a content-type of 'application/json' and

    output it.

    """

    response.headers['Content-Type'] = 'application/json; charset=utf-8'

    data = func(*args, **kwargs)

    if isinstance(data, (list, tuple)):

        # A JSON list response is syntactically valid JavaScript and can be

        # loaded and executed as JavaScript by a malicious third-party site

        # using <script>, which can lead to cross-site data leaks.

        # JSON responses should therefore be scalars or objects (i.e. Python

        # dicts), because a JSON object is a syntax error if intepreted as JS.

        msg = "JSON responses with Array envelopes are susceptible to " \

              "cross-site data leak attacks, see " \

              "https://web.archive.org/web/20120519231904/http://wiki.pylonshq.com/display/pylonsfaq/Warnings"

        warnings.warn(msg, Warning, 2)

        log.warning(msg)

    log.debug("Returning JSON wrapped action output")

    return json.dumps(data, encoding='utf-8')

<%text>## A backreference can be \1, \2, ... or \g<groupname> if you specified a named group</%text>

<%text>## called 'groupname' in issue_pat.</%text>

<%text>## The special token {repo} is replaced with the full repository name</%text>

<%text>## including repository groups, while {repo_name} is replaced with just</%text>

<%text>## the name of the repository.</%text>

issue_server_link = https://issues.example.com/{repo}/issue/\1

<%text>## substitution pattern to use as the link text</%text>

<%text>## If issue_sub is empty, the text matched by issue_pat is retained verbatim</%text>

<%text>## for the link text. Otherwise, the link text is that of issue_sub, with any</%text>

<%text>## backreferences to groups in issue_pat replaced.</%text>

issue_sub =

<%text>## issue_pat, issue_server_link and issue_sub can have suffixes to specify</%text>

<%text>## multiple patterns, to other issues server, wiki or others</%text>

<%text>## below an example how to create a wiki pattern</%text>

# wiki-some-id -> https://wiki.example.com/some-id

#issue_pat_wiki = wiki-(\S+)

#issue_server_link_wiki = https://wiki.example.com/\1

#issue_sub_wiki = WIKI-\1

<%text>## alternative return HTTP header for failed authentication. Default HTTP</%text>

<%text>## response is 401 HTTPUnauthorized. Currently Mercurial clients have trouble with</%text>

<%text>## handling that. Set this variable to 403 to return HTTPForbidden</%text>

auth_ret_code =

<%text>## allows to change the repository location in settings page</%text>

allow_repo_location_change = True

<%text>## allows to setup custom hooks in settings page</%text>

allow_custom_hooks_settings = True

<%text>## extra extensions for indexing, space separated and without the leading '.'.</%text>

# index.extensions =

#    gemfile

#    lock

<%text>## extra filenames for indexing, space separated</%text>

# index.filenames =

#    .dockerignore

#    .editorconfig

#    INSTALL

#    CHANGELOG

<%text>####################################</%text>

<%text>###        CELERY CONFIG        ####</%text>

<%text>####################################</%text>

use_celery = false

<%text>## Example: connect to the virtual host 'rabbitmqhost' on localhost as rabbitmq:</%text>

broker.url = amqp://rabbitmq:qewqew@localhost:5672/rabbitmqhost

celery.imports = kallithea.lib.celerylib.tasks

celery.accept.content = pickle

celery.result.backend = amqp

celery.result.dburi = amqp://

celery.result.serialier = json

#celery.send.task.error.emails = true

#celery.amqp.task.result.expires = 18000

celeryd.concurrency = 2

celeryd.max.tasks.per.child = 1

<%text>## If true, tasks will never be sent to the queue, but executed locally instead.</%text>

celery.always.eager = false

<%text>####################################</%text>

<%text>###         BEAKER CACHE        ####</%text>

<%text>####################################</%text>

beaker.cache.data_dir = %(here)s/data/cache/data

beaker.cache.lock_dir = %(here)s/data/cache/lock

beaker.cache.regions = short_term,long_term,sql_cache_short

beaker.cache.short_term.type = memory

beaker.cache.short_term.expire = 60

beaker.cache.short_term.key_length = 256

beaker.cache.long_term.type = memory

beaker.cache.long_term.expire = 36000

beaker.cache.long_term.key_length = 256

beaker.cache.sql_cache_short.type = memory

beaker.cache.sql_cache_short.expire = 10

beaker.cache.sql_cache_short.key_length = 256

<%text>####################################</%text>

<%text>###       BEAKER SESSION        ####</%text>

<%text>####################################</%text>

import os

import re

import sys

import logging

import pkg_resources

import time

import formencode

from paste.deploy import loadwsgi

from routes.util import URLGenerator

import pytest

from pytest_localserver.http import WSGIServer

from kallithea.controllers.root import RootController

from kallithea.lib import inifile

from kallithea.lib.utils import repo2db_mapper

from kallithea.model.user import UserModel

from kallithea.model.meta import Session

from kallithea.model.db import Setting, User, UserIpMap

from kallithea.model.scm import ScmModel

from kallithea.tests.base import invalidate_all_caches, TEST_USER_REGULAR_LOGIN, TESTS_TMP_PATH, \

    TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS

import kallithea.tests.base # FIXME: needed for setting testapp instance!!!

from tg.util.webtest import test_context

def pytest_configure():

    os.environ['TZ'] = 'UTC'

    if not kallithea.is_windows:

        time.tzset() # only available on Unix

    path = os.getcwd()

    sys.path.insert(0, path)

    pkg_resources.working_set.add_entry(path)

    # Disable INFO logging of test database creation, restore with NOTSET

    logging.disable(logging.INFO)

    ini_settings = {

        '[server:main]': {

            'port': '4999',

        },

        '[app:main]': {

            'app_instance_uuid': 'test',

            'show_revision_number': 'true',

            'beaker.cache.sql_cache_short.expire': '1',

            'session.secret': '{74e0cd75-b339-478b-b129-07dd221def1f}',

            #'i18n.lang': '',

        },

        '[handler_console]': {

            'formatter': 'color_formatter',

        },

        # The 'handler_console_sql' block is very similar to the one in

        # development.ini, but without the explicit 'level=DEBUG' setting:

        # it causes duplicate sqlalchemy debug logs, one through

        # handler_console_sql and another through another path.

        '[handler_console_sql]': {

            'formatter': 'color_formatter_sql',

        },

    }

    if os.environ.get('TEST_DB'):

        ini_settings['[app:main]']['sqlalchemy.url'] = os.environ.get('TEST_DB')

    test_ini_file = os.path.join(TESTS_TMP_PATH, 'test.ini')

    inifile.create(test_ini_file, None, ini_settings)

    context = loadwsgi.loadcontext(loadwsgi.APP, 'config:%s' % test_ini_file)

    from kallithea.tests.fixture import create_test_env, create_test_index

    # set KALLITHEA_NO_TMP_PATH=1 to disable re-creating the database and test repos

    if not int(os.environ.get('KALLITHEA_NO_TMP_PATH', 0)):

        create_test_env(TESTS_TMP_PATH, context.config())

    # set KALLITHEA_WHOOSH_TEST_DISABLE=1 to disable whoosh index during tests

    if not int(os.environ.get('KALLITHEA_WHOOSH_TEST_DISABLE', 0)):

        create_test_index(TESTS_TMP_PATH, context.config(), True)

    kallithea.tests.base.testapp = context.create()

    # do initial repo scan

    repo2db_mapper(ScmModel().repo_scan(TESTS_TMP_PATH))

    logging.disable(logging.NOTSET)

    kallithea.tests.base.url = URLGenerator(RootController().mapper, {'HTTP_HOST': 'example.com'})

    # set fixed language for form messages, regardless of environment settings

    formencode.api.set_stdtranslation(languages=[])

@pytest.fixture

def create_test_user():