## hide all refs in changelog switch this to --branches --tags

#git_rev_filter = --branches --tags

## RSS feed options

rss_cut_off_limit = 256000

rss_items_per_page = 10

rss_include_diff = false

## options for showing and identifying changesets

show_sha_length = 12

show_revision_number = false

## Canonical URL to use when creating full URLs in UI and texts.

## Useful when the site is available under different names or protocols.

## Defaults to what is provided in the WSGI environment.

#canonical_url = https://kallithea.example.com/repos

## gist URL alias, used to create nicer urls for gist. This should be an

## url that does rewrites to _admin/gists/<gistid>.

## example: http://gist.example.com/{gistid}. Empty means use the internal

## Kallithea url, ie. http[s]://kallithea.example.com/_admin/gists/<gistid>

gist_alias_url =

## default encoding used to convert from and to unicode

## can be also a comma separated list of encoding in case of mixed encodings

default_encoding = utf-8

## Set Mercurial encoding, similar to setting HGENCODING before launching Kallithea

hgencoding = utf-8

## issue tracker for Kallithea (leave blank to disable, absent for default)

#bugtracker = https://bitbucket.org/conservancy/kallithea/issues

## issue tracking mapping for commit messages, comments, PR descriptions, ...

## Refer to the documentation ("Integration with issue trackers") for more details.

## regular expression to match issue references

## This pattern may/should contain parenthesized groups, that can

## be referred to in issue_server_link or issue_sub using Python backreferences

## (e.g. \1, \2, ...). You can also create named groups with '(?P<groupname>)'.

## To require mandatory whitespace before the issue pattern, use:

## (?:^|(?<=\s)) before the actual pattern, and for mandatory whitespace

## behind the issue pattern, use (?:$|(?=\s)) after the actual pattern.

issue_pat = #(\d+)

## server url to the issue

## This pattern may/should contain backreferences to parenthesized groups in issue_pat.

## A backreference can be \1, \2, ... or \g<groupname> if you specified a named group

## called 'groupname' in issue_pat.

## The special token {repo} is replaced with the full repository name

## including repository groups, while {repo_name} is replaced with just

## the name of the repository.

issue_server_link = https://issues.example.com/{repo}/issue/\1

## substitution pattern to use as the link text

## If issue_sub is empty, the text matched by issue_pat is retained verbatim

## for the link text. Otherwise, the link text is that of issue_sub, with any

## backreferences to groups in issue_pat replaced.

issue_sub =

## issue_pat, issue_server_link and issue_sub can have suffixes to specify

## multiple patterns, to other issues server, wiki or others

## below an example how to create a wiki pattern

# wiki-some-id -> https://wiki.example.com/some-id

#issue_pat_wiki = wiki-(\S+)

#issue_server_link_wiki = https://wiki.example.com/\1

#issue_sub_wiki = WIKI-\1

## alternative return HTTP header for failed authentication. Default HTTP

## response is 401 HTTPUnauthorized. Currently Mercurial clients have trouble with

## handling that. Set this variable to 403 to return HTTPForbidden

auth_ret_code =

## allows to change the repository location in settings page

allow_repo_location_change = True

## allows to setup custom hooks in settings page

allow_custom_hooks_settings = True

## extra extensions for indexing, space separated and without the leading '.'.

# index.extensions =

#    gemfile

#    lock

## extra filenames for indexing, space separated

# index.filenames =

#    .dockerignore

#    .editorconfig

#    INSTALL

#    CHANGELOG

####################################

###        CELERY CONFIG        ####

####################################

use_celery = false

## Example: connect to the virtual host 'rabbitmqhost' on localhost as rabbitmq:

broker.url = amqp://rabbitmq:qewqew@localhost:5672/rabbitmqhost

celery.imports = kallithea.lib.celerylib.tasks

celery.accept.content = pickle

celery.result.backend = amqp

celery.result.dburi = amqp://

celery.result.serialier = json

#celery.send.task.error.emails = true

#celery.amqp.task.result.expires = 18000

celeryd.concurrency = 2

celeryd.max.tasks.per.child = 1

## If true, tasks will never be sent to the queue, but executed locally instead.

celery.always.eager = false

####################################

###         BEAKER CACHE        ####

####################################

beaker.cache.data_dir = %(here)s/data/cache/data

beaker.cache.lock_dir = %(here)s/data/cache/lock

beaker.cache.regions = short_term,long_term,sql_cache_short

beaker.cache.short_term.type = memory

beaker.cache.short_term.expire = 60

beaker.cache.short_term.key_length = 256

beaker.cache.long_term.type = memory

beaker.cache.long_term.expire = 36000

beaker.cache.long_term.key_length = 256

beaker.cache.sql_cache_short.type = memory

beaker.cache.sql_cache_short.expire = 10

beaker.cache.sql_cache_short.key_length = 256

####################################

###       BEAKER SESSION        ####

####################################

## Name of session cookie. Should be unique for a given host and path, even when running

## on different ports. Otherwise, cookie sessions will be shared and messed up.

session.key = kallithea

## Sessions should always only be accessible by the browser, not directly by JavaScript.

session.httponly = true

## Session lifetime. 2592000 seconds is 30 days.

session.timeout = 2592000

## Server secret used with HMAC to ensure integrity of cookies.

#session.secret = VERY-SECRET

session.secret = development-not-secret

## Further, encrypt the data with AES.

#session.encrypt_key = <key_for_encryption>

#session.validate_key = <validation_key>

## Type of storage used for the session, current types are

## dbm, file, memcached, database, and memory.

## File system storage of session data. (default)

#session.type = file

## Cookie only, store all session data inside the cookie. Requires secure secrets.

#session.type = cookie

## Database storage of session data.

#session.type = ext:database

#session.sa.url = postgresql://postgres:qwe@localhost/kallithea

#session.table_name = db_session

############################

## ERROR HANDLING SYSTEMS ##

############################

# Propagate email settings to ErrorReporter of TurboGears2

# You do not normally need to change these lines

get trace_errors.error_email = email_to

get trace_errors.smtp_server = smtp_server

get trace_errors.smtp_port = smtp_port

get trace_errors.from_address = error_email_from

################################################################################

## WARNING: *DEBUG MODE MUST BE OFF IN A PRODUCTION ENVIRONMENT*              ##

## Debug mode will enable the interactive debugging tool, allowing ANYONE to  ##

## execute malicious code after an exception is raised.                       ##

################################################################################

#debug = false

debug = true

            environ['pylons.status_code_redirect'] = True

            # quick check if repo exists...

            if not is_valid_repo(parsed_request.repo_name, self.basepath, self.scm_alias):

                raise webob.exc.HTTPNotFound()

            if parsed_request.action is None:

                # Note: the client doesn't get the helpful error message

                raise webob.exc.HTTPBadRequest('Unable to detect pull/push action for %r! Are you using a nonstandard command or client?' % parsed_request.repo_name)

            #======================================================================

            # CHECK PERMISSIONS

            #======================================================================

            ip_addr = self._get_ip_addr(environ)

            user, response_app = self._authorize(environ, parsed_request.action, parsed_request.repo_name, ip_addr)

            if response_app is not None:

                return response_app(environ, start_response)

            #======================================================================

            # REQUEST HANDLING

            #======================================================================

            set_hook_environment(user.username, ip_addr,

                parsed_request.repo_name, self.scm_alias, parsed_request.action)

            try:

                log.info('%s action on %s repo "%s" by "%s" from %s',

                         parsed_request.action, self.scm_alias, parsed_request.repo_name, safe_str(user.username), ip_addr)

                app = self._make_app(parsed_request)

                return app(environ, start_response)

            except Exception:

                log.error(traceback.format_exc())

                raise webob.exc.HTTPInternalServerError()

        except webob.exc.HTTPException as e:

            return e(environ, start_response)

        finally:

            log_ = logging.getLogger('kallithea.' + self.__class__.__name__)

            log_.debug('Request time: %.3fs', time.time() - start)

            meta.Session.remove()

class BaseController(TGController):

    def _before(self, *args, **kwargs):

        """

        _before is called before controller methods and after __call__

        """

        if request.needs_csrf_check:

            # CSRF protection: Whenever a request has ambient authority (whether

            # through a session cookie or its origin IP address), it must include

            # the correct token, unless the HTTP method is GET or HEAD (and thus

            # guaranteed to be side effect free. In practice, the only situation

            # where we allow side effects without ambient authority is when the

            # authority comes from an API key; and that is handled above.

            token = request.POST.get(secure_form.token_key)

            if not token or token != secure_form.authentication_token():

                log.error('CSRF check failed')

                raise webob.exc.HTTPForbidden()

        c.kallithea_version = __version__

        rc_config = Setting.get_app_settings()

        # Visual options

        c.visual = AttributeDict({})

        ## DB stored

        c.visual.show_public_icon = str2bool(rc_config.get('show_public_icon'))

        c.visual.show_private_icon = str2bool(rc_config.get('show_private_icon'))

        c.visual.stylify_metalabels = str2bool(rc_config.get('stylify_metalabels'))

        c.visual.page_size = safe_int(rc_config.get('dashboard_items', 100))

        c.visual.admin_grid_items = safe_int(rc_config.get('admin_grid_items', 100))

        c.visual.repository_fields = str2bool(rc_config.get('repository_fields'))

        c.visual.show_version = str2bool(rc_config.get('show_version'))

        c.visual.use_gravatar = str2bool(rc_config.get('use_gravatar'))

        c.visual.gravatar_url = rc_config.get('gravatar_url')

        c.ga_code = rc_config.get('ga_code')

        # TODO: replace undocumented backwards compatibility hack with db upgrade and rename ga_code

        if c.ga_code and '<' not in c.ga_code:

            c.ga_code = '''<script type="text/javascript">

                var _gaq = _gaq || [];

                _gaq.push(['_setAccount', '%s']);

                _gaq.push(['_trackPageview']);

                (function() {

                    var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;

                    ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';

                    var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);

                    })();

            </script>''' % c.ga_code

        c.site_name = rc_config.get('title')

        c.clone_uri_tmpl = rc_config.get('clone_uri_tmpl') or Repository.DEFAULT_CLONE_URI

        ## INI stored

        c.visual.allow_repo_location_change = str2bool(config.get('allow_repo_location_change', True))

        c.visual.allow_custom_hooks_settings = str2bool(config.get('allow_custom_hooks_settings', True))

        c.instance_id = config.get('instance_id')

        c.issues_url = config.get('bugtracker', url('issues_url'))

        # END CONFIG VARS

        c.repo_name = get_repo_slug(request)  # can be empty

        c.backends = BACKENDS.keys()

        self.cut_off_limit = safe_int(config.get('cut_off_limit'))

        c.my_pr_count = PullRequest.query(reviewer_id=request.authuser.user_id, include_closed=False).count()

        self.scm_model = ScmModel()

    @staticmethod

    def _determine_auth_user(session_authuser, ip_addr):

        """

        Create an `AuthUser` object given the API key/bearer token

        (if any) and the value of the authuser session cookie.

        Returns None if no valid user is found (like not active or no access for IP).

        """

        # Authenticate by session cookie

        # In ancient login sessions, 'authuser' may not be a dict.

        # In that case, the user will have to log in again.

        # v0.3 and earlier included an 'is_authenticated' key; if present,

        # this must be True.

        if isinstance(session_authuser, dict) and session_authuser.get('is_authenticated', True):

            return AuthUser.from_cookie(session_authuser, ip_addr=ip_addr)

        # Authenticate by auth_container plugin (if enabled)

        if any(

            plugin.is_container_auth

            for plugin in auth_modules.get_auth_plugins()

        ):

            try:

                user_info = auth_modules.authenticate('', '', request.environ)

            except UserCreationError as e:

                from kallithea.lib import helpers as h

                h.flash(e, 'error', logf=log.error)

            else:

                if user_info is not None:

                    username = user_info['username']

                    user = User.get_by_username(username, case_insensitive=True)

                    return log_in_user(user, remember=False, is_external_auth=True, ip_addr=ip_addr)

        # User is default user (if active) or anonymous

        default_user = User.get_default_user(cache=True)

        authuser = AuthUser.make(dbuser=default_user, ip_addr=ip_addr)

        if authuser is None: # fall back to anonymous

            authuser = AuthUser(dbuser=default_user) # TODO: somehow use .make?

        return authuser

    @staticmethod

    def _basic_security_checks():

        """Perform basic security/sanity checks before processing the request."""

        # Only allow the following HTTP request methods.

        if request.method not in ['GET', 'HEAD', 'POST']:

            raise webob.exc.HTTPMethodNotAllowed()

        # Also verify the _method override - no longer allowed.

        if request.params.get('_method') is None:

            pass # no override, no problem

        else:

            raise webob.exc.HTTPMethodNotAllowed()

        # Make sure CSRF token never appears in the URL. If so, invalidate it.

        if secure_form.token_key in request.GET:

            log.error('CSRF key leak detected')

            session.pop(secure_form.token_key, None)

            session.save()

            from kallithea.lib import helpers as h

            h.flash(_('CSRF token leak has been detected - all form tokens have been expired'),

                    category='error')

        # WebOb already ignores request payload parameters for anything other

        # than POST/PUT, but double-check since other Kallithea code relies on

        # this assumption.

        if request.method not in ['POST', 'PUT'] and request.POST:

            log.error('%r request with payload parameters; WebOb should have stopped this', request.method)

            raise webob.exc.HTTPBadRequest()

    def __call__(self, environ, context):

        try:

            ip_addr = _get_ip_addr(environ)

            self._basic_security_checks()

            api_key = request.GET.get('api_key')

            try:

                # Request.authorization may raise ValueError on invalid input

                type, params = request.authorization

            except (ValueError, TypeError):

                pass

            else:

                if type.lower() == 'bearer':

    """

    Base class for controllers responsible for loading all needed data for

    repository loaded items are

    c.db_repo_scm_instance: instance of scm repository

    c.db_repo: instance of db

    c.repository_followers: number of followers

    c.repository_forks: number of forks

    c.repository_following: weather the current user is following the current repo

    """

    def _before(self, *args, **kwargs):

        super(BaseRepoController, self)._before(*args, **kwargs)

        if c.repo_name:  # extracted from routes

            _dbr = Repository.get_by_repo_name(c.repo_name)

            if not _dbr:

                return

            log.debug('Found repository in database %s with state `%s`',

                      safe_unicode(_dbr), safe_unicode(_dbr.repo_state))

            route = getattr(request.environ.get('routes.route'), 'name', '')

            # allow to delete repos that are somehow damages in filesystem

            if route in ['delete_repo']:

                return

            if _dbr.repo_state in [Repository.STATE_PENDING]:

                if route in ['repo_creating_home']:

                    return

                check_url = url('repo_creating_home', repo_name=c.repo_name)

                raise webob.exc.HTTPFound(location=check_url)

            dbr = c.db_repo = _dbr

            c.db_repo_scm_instance = c.db_repo.scm_instance

            if c.db_repo_scm_instance is None:

                log.error('%s this repository is present in database but it '

                          'cannot be created as an scm instance', c.repo_name)

                from kallithea.lib import helpers as h

                h.flash(_('Repository not found in the filesystem'),

                        category='error')

                raise webob.exc.HTTPNotFound()

            # some globals counter for menu

            c.repository_followers = self.scm_model.get_followers(dbr)

            c.repository_forks = self.scm_model.get_forks(dbr)

            c.repository_pull_requests = self.scm_model.get_pull_requests(dbr)

            c.repository_following = self.scm_model.is_following_repo(

                                    c.repo_name, request.authuser.user_id)

    @staticmethod

    def _get_ref_rev(repo, ref_type, ref_name, returnempty=False):

        """

        Safe way to get changeset. If error occurs show error.

        """

        from kallithea.lib import helpers as h

        try:

            return repo.scm_instance.get_ref_revision(ref_type, ref_name)

        except EmptyRepositoryError as e:

            if returnempty:

                return repo.scm_instance.EMPTY_CHANGESET

            h.flash(_('There are no changesets yet'), category='error')

            raise webob.exc.HTTPNotFound()

        except ChangesetDoesNotExistError as e:

            h.flash(_('Changeset for %s %s not found in %s') %

                              (ref_type, ref_name, repo.repo_name),

                    category='error')

            raise webob.exc.HTTPNotFound()

        except RepositoryError as e:

            log.error(traceback.format_exc())

            h.flash(safe_str(e), category='error')

            raise webob.exc.HTTPBadRequest()

@decorator.decorator

def jsonify(func, *args, **kwargs):

    """Action decorator that formats output for JSON

    Given a function that will return content, this decorator will turn

    the result into JSON, with a content-type of 'application/json' and

    output it.

    """

    response.headers['Content-Type'] = 'application/json; charset=utf-8'

    data = func(*args, **kwargs)

    if isinstance(data, (list, tuple)):

        # A JSON list response is syntactically valid JavaScript and can be

        # loaded and executed as JavaScript by a malicious third-party site

        # using <script>, which can lead to cross-site data leaks.

        # JSON responses should therefore be scalars or objects (i.e. Python

        # dicts), because a JSON object is a syntax error if intepreted as JS.

        msg = "JSON responses with Array envelopes are susceptible to " \

              "cross-site data leak attacks, see " \

              "https://web.archive.org/web/20120519231904/http://wiki.pylonshq.com/display/pylonsfaq/Warnings"

        warnings.warn(msg, Warning, 2)

        log.warning(msg)

    log.debug("Returning JSON wrapped action output")

    return json.dumps(data, encoding='utf-8')

<%text>## hide all refs in changelog switch this to --branches --tags</%text>

#git_rev_filter = --branches --tags

<%text>## RSS feed options</%text>

rss_cut_off_limit = 256000

rss_items_per_page = 10

rss_include_diff = false

<%text>## options for showing and identifying changesets</%text>

show_sha_length = 12

show_revision_number = false

<%text>## Canonical URL to use when creating full URLs in UI and texts.</%text>

<%text>## Useful when the site is available under different names or protocols.</%text>

<%text>## Defaults to what is provided in the WSGI environment.</%text>

#canonical_url = https://kallithea.example.com/repos

<%text>## gist URL alias, used to create nicer urls for gist. This should be an</%text>

<%text>## url that does rewrites to _admin/gists/<gistid>.</%text>

<%text>## example: http://gist.example.com/{gistid}. Empty means use the internal</%text>

<%text>## Kallithea url, ie. http[s]://kallithea.example.com/_admin/gists/<gistid></%text>

gist_alias_url =

<%text>## default encoding used to convert from and to unicode</%text>

<%text>## can be also a comma separated list of encoding in case of mixed encodings</%text>

default_encoding = utf-8

<%text>## Set Mercurial encoding, similar to setting HGENCODING before launching Kallithea</%text>

hgencoding = utf-8

<%text>## issue tracker for Kallithea (leave blank to disable, absent for default)</%text>

#bugtracker = https://bitbucket.org/conservancy/kallithea/issues

<%text>## issue tracking mapping for commit messages, comments, PR descriptions, ...</%text>

<%text>## Refer to the documentation ("Integration with issue trackers") for more details.</%text>

<%text>## regular expression to match issue references</%text>

<%text>## This pattern may/should contain parenthesized groups, that can</%text>

<%text>## be referred to in issue_server_link or issue_sub using Python backreferences</%text>

<%text>## (e.g. \1, \2, ...). You can also create named groups with '(?P<groupname>)'.</%text>

<%text>## To require mandatory whitespace before the issue pattern, use:</%text>

<%text>## (?:^|(?<=\s)) before the actual pattern, and for mandatory whitespace</%text>

<%text>## behind the issue pattern, use (?:$|(?=\s)) after the actual pattern.</%text>

issue_pat = #(\d+)

<%text>## server url to the issue</%text>

<%text>## This pattern may/should contain backreferences to parenthesized groups in issue_pat.</%text>

<%text>## A backreference can be \1, \2, ... or \g<groupname> if you specified a named group</%text>

<%text>## called 'groupname' in issue_pat.</%text>

<%text>## The special token {repo} is replaced with the full repository name</%text>

<%text>## including repository groups, while {repo_name} is replaced with just</%text>

<%text>## the name of the repository.</%text>

issue_server_link = https://issues.example.com/{repo}/issue/\1

<%text>## substitution pattern to use as the link text</%text>

<%text>## If issue_sub is empty, the text matched by issue_pat is retained verbatim</%text>

<%text>## for the link text. Otherwise, the link text is that of issue_sub, with any</%text>

<%text>## backreferences to groups in issue_pat replaced.</%text>

issue_sub =

<%text>## issue_pat, issue_server_link and issue_sub can have suffixes to specify</%text>

<%text>## multiple patterns, to other issues server, wiki or others</%text>

<%text>## below an example how to create a wiki pattern</%text>

# wiki-some-id -> https://wiki.example.com/some-id

#issue_pat_wiki = wiki-(\S+)

#issue_server_link_wiki = https://wiki.example.com/\1

#issue_sub_wiki = WIKI-\1

<%text>## alternative return HTTP header for failed authentication. Default HTTP</%text>

<%text>## response is 401 HTTPUnauthorized. Currently Mercurial clients have trouble with</%text>

<%text>## handling that. Set this variable to 403 to return HTTPForbidden</%text>

auth_ret_code =

<%text>## allows to change the repository location in settings page</%text>

allow_repo_location_change = True

<%text>## allows to setup custom hooks in settings page</%text>

allow_custom_hooks_settings = True

<%text>## extra extensions for indexing, space separated and without the leading '.'.</%text>

# index.extensions =

#    gemfile

#    lock

<%text>## extra filenames for indexing, space separated</%text>

# index.filenames =

#    .dockerignore

#    .editorconfig

#    INSTALL

#    CHANGELOG

<%text>####################################</%text>

<%text>###        CELERY CONFIG        ####</%text>

<%text>####################################</%text>

use_celery = false

<%text>## Example: connect to the virtual host 'rabbitmqhost' on localhost as rabbitmq:</%text>

broker.url = amqp://rabbitmq:qewqew@localhost:5672/rabbitmqhost

celery.imports = kallithea.lib.celerylib.tasks

celery.accept.content = pickle

celery.result.backend = amqp

celery.result.dburi = amqp://

celery.result.serialier = json

#celery.send.task.error.emails = true

#celery.amqp.task.result.expires = 18000

celeryd.concurrency = 2

celeryd.max.tasks.per.child = 1

<%text>## If true, tasks will never be sent to the queue, but executed locally instead.</%text>

celery.always.eager = false

<%text>####################################</%text>

<%text>###         BEAKER CACHE        ####</%text>

<%text>####################################</%text>

beaker.cache.data_dir = %(here)s/data/cache/data

beaker.cache.lock_dir = %(here)s/data/cache/lock

beaker.cache.regions = short_term,long_term,sql_cache_short

beaker.cache.short_term.type = memory

beaker.cache.short_term.expire = 60

beaker.cache.short_term.key_length = 256

beaker.cache.long_term.type = memory

beaker.cache.long_term.expire = 36000

beaker.cache.long_term.key_length = 256

beaker.cache.sql_cache_short.type = memory

beaker.cache.sql_cache_short.expire = 10

beaker.cache.sql_cache_short.key_length = 256

<%text>####################################</%text>

<%text>###       BEAKER SESSION        ####</%text>

<%text>####################################</%text>

<%text>## Name of session cookie. Should be unique for a given host and path, even when running</%text>

<%text>## on different ports. Otherwise, cookie sessions will be shared and messed up.</%text>

session.key = kallithea

<%text>## Sessions should always only be accessible by the browser, not directly by JavaScript.</%text>

session.httponly = true

<%text>## Session lifetime. 2592000 seconds is 30 days.</%text>

session.timeout = 2592000

<%text>## Server secret used with HMAC to ensure integrity of cookies.</%text>

session.secret = ${uuid()}

<%text>## Further, encrypt the data with AES.</%text>

#session.encrypt_key = <key_for_encryption>

#session.validate_key = <validation_key>

<%text>## Type of storage used for the session, current types are</%text>

<%text>## dbm, file, memcached, database, and memory.</%text>

<%text>## File system storage of session data. (default)</%text>

#session.type = file

<%text>## Cookie only, store all session data inside the cookie. Requires secure secrets.</%text>

#session.type = cookie

<%text>## Database storage of session data.</%text>

#session.type = ext:database

#session.sa.url = postgresql://postgres:qwe@localhost/kallithea

#session.table_name = db_session

<%text>############################</%text>

<%text>## ERROR HANDLING SYSTEMS ##</%text>

<%text>############################</%text>

# Propagate email settings to ErrorReporter of TurboGears2

# You do not normally need to change these lines

get trace_errors.error_email = email_to

get trace_errors.smtp_server = smtp_server

get trace_errors.smtp_port = smtp_port

get trace_errors.from_address = error_email_from

%if error_aggregation_service == 'appenlight':

<%text>####################</%text>

<%text>### [appenlight] ###</%text>

<%text>####################</%text>

<%text>## AppEnlight is tailored to work with Kallithea, see</%text>

<%text>## http://appenlight.com for details how to obtain an account</%text>

<%text>## you must install python package `appenlight_client` to make it work</%text>

import os

import re

import sys

import logging

import pkg_resources

import time

import formencode

from paste.deploy import loadwsgi

from routes.util import URLGenerator

import pytest

from pytest_localserver.http import WSGIServer

from kallithea.controllers.root import RootController

from kallithea.lib import inifile

from kallithea.lib.utils import repo2db_mapper

from kallithea.model.user import UserModel

from kallithea.model.meta import Session

from kallithea.model.db import Setting, User, UserIpMap

from kallithea.model.scm import ScmModel

from kallithea.tests.base import invalidate_all_caches, TEST_USER_REGULAR_LOGIN, TESTS_TMP_PATH, \

    TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS

import kallithea.tests.base # FIXME: needed for setting testapp instance!!!

from tg.util.webtest import test_context

def pytest_configure():

    os.environ['TZ'] = 'UTC'

    if not kallithea.is_windows:

        time.tzset() # only available on Unix

    path = os.getcwd()

    sys.path.insert(0, path)

    pkg_resources.working_set.add_entry(path)

    # Disable INFO logging of test database creation, restore with NOTSET

    logging.disable(logging.INFO)

    ini_settings = {

        '[server:main]': {

            'port': '4999',

        },

        '[app:main]': {

            'app_instance_uuid': 'test',

            'show_revision_number': 'true',

            'beaker.cache.sql_cache_short.expire': '1',

            'session.secret': '{74e0cd75-b339-478b-b129-07dd221def1f}',

            #'i18n.lang': '',

        },

        '[handler_console]': {

            'formatter': 'color_formatter',

        },

        # The 'handler_console_sql' block is very similar to the one in

        # development.ini, but without the explicit 'level=DEBUG' setting:

        # it causes duplicate sqlalchemy debug logs, one through

        # handler_console_sql and another through another path.

        '[handler_console_sql]': {

            'formatter': 'color_formatter_sql',

        },

    }

    if os.environ.get('TEST_DB'):

        ini_settings['[app:main]']['sqlalchemy.url'] = os.environ.get('TEST_DB')

    test_ini_file = os.path.join(TESTS_TMP_PATH, 'test.ini')

    inifile.create(test_ini_file, None, ini_settings)

    context = loadwsgi.loadcontext(loadwsgi.APP, 'config:%s' % test_ini_file)

    from kallithea.tests.fixture import create_test_env, create_test_index

    # set KALLITHEA_NO_TMP_PATH=1 to disable re-creating the database and test repos

    if not int(os.environ.get('KALLITHEA_NO_TMP_PATH', 0)):

        create_test_env(TESTS_TMP_PATH, context.config())

    # set KALLITHEA_WHOOSH_TEST_DISABLE=1 to disable whoosh index during tests

    if not int(os.environ.get('KALLITHEA_WHOOSH_TEST_DISABLE', 0)):

        create_test_index(TESTS_TMP_PATH, context.config(), True)

    kallithea.tests.base.testapp = context.create()

    # do initial repo scan

    repo2db_mapper(ScmModel().repo_scan(TESTS_TMP_PATH))

    logging.disable(logging.NOTSET)

    kallithea.tests.base.url = URLGenerator(RootController().mapper, {'HTTP_HOST': 'example.com'})

    # set fixed language for form messages, regardless of environment settings

    formencode.api.set_stdtranslation(languages=[])

@pytest.fixture

def create_test_user():

    """Provide users that automatically disappear after test is over."""

    test_user_ids = []

    def _create_test_user(user_form):

        user = UserModel().create(user_form)

        test_user_ids.append(user.user_id)

        return user

    yield _create_test_user

    for user_id in test_user_ids:

        UserModel().delete(user_id)

    Session().commit()

def _set_settings(*kvtseq):

    session = Session()

    for kvt in kvtseq:

        assert len(kvt) in (2, 3)

        k = kvt[0]

        v = kvt[1]

        t = kvt[2] if len(kvt) == 3 else 'unicode'

        Setting.create_or_update(k, v, t)

    session.commit()

@pytest.fixture

def set_test_settings():

    """Restore settings after test is over."""

    # Save settings.

    settings_snapshot = [

        (s.app_settings_name, s.app_settings_value, s.app_settings_type)

        for s in Setting.query().all()]

    yield _set_settings

    # Restore settings.

    session = Session()

    keys = frozenset(k for (k, v, t) in settings_snapshot)

    for s in Setting.query().all():

        if s.app_settings_name not in keys:

            session.delete(s)

    for k, v, t in settings_snapshot:

        if t == 'list' and hasattr(v, '__iter__'):

            v = ','.join(v) # Quirk: must format list value manually.

        Setting.create_or_update(k, v, t)

    session.commit()

@pytest.fixture

def auto_clear_ip_permissions():

    """Fixture that provides nothing but clearing IP permissions upon test