#init new sessions

            engine = create_engine(self.dburi, echo=self.log_sql)

            init_model(engine)

            self.sa = Session()

    def create_tables(self, override=False):

        """

        Create a auth database

        """

        log.info("Any existing database is going to be destroyed")

        if self.tests:

            destroy = True

        else:

            destroy = self._ask_ok('Are you sure to destroy old database ? [y/n]')

        if not destroy:

            print 'Nothing done.'

            sys.exit(0)

        if destroy:

            Base.metadata.drop_all()

        checkfirst = not override

        Base.metadata.create_all(checkfirst=checkfirst)

        # Create an Alembic configuration and generate the version table,

        # "stamping" it with the most recent Alembic migration revision, to

        # tell Alembic that all the schema upgrades are already in effect.

        alembic_cfg = alembic.config.Config()

        alembic_cfg.set_main_option('script_location', 'kallithea:alembic')

        alembic_cfg.set_main_option('sqlalchemy.url', self.dburi)

        # This command will give an error in an Alembic multi-head scenario,

        # but in practice, such a scenario should not come up during database

        # creation, even during development.

        alembic.command.stamp(alembic_cfg, 'head')

        log.info('Created tables for %s', self.dbname)

    def fix_repo_paths(self):

        """

        Fixes a old kallithea version path into new one without a '*'

        """

        paths = self.sa.query(Ui) \

                .filter(Ui.ui_key == '/') \

                .scalar()

        paths.ui_value = paths.ui_value.replace('*', '')

        self.sa.commit()

    def fix_default_user(self):

        """

        Fixes a old default user with some 'nicer' default values,

        used mostly for anonymous access

        """

        def_user = self.sa.query(User).filter_by(is_default_user=True).one()

        def_user.name = 'Anonymous'

        def_user.lastname = 'User'

        def_user.email = 'anonymous@kallithea-scm.org'

        self.sa.commit()

    def fix_settings(self):

        """

        Fixes kallithea settings adds ga_code key for google analytics

        """

        hgsettings3 = Setting('ga_code', '')

        self.sa.add(hgsettings3)

        self.sa.commit()

    def admin_prompt(self, second=False):

        if not self.tests:

            import getpass

            username = self.cli_args.get('username')

            password = self.cli_args.get('password')

            email = self.cli_args.get('email')

            def get_password():

                password = getpass.getpass('Specify admin password '

                                           '(min 6 chars):')

                confirm = getpass.getpass('Confirm password:')

                if password != confirm:

                    log.error('passwords mismatch')

                    return False

                if len(password) < 6:

                    log.error('password is to short use at least 6 characters')

                    return False

                return password

            if username is None:

                username = raw_input('Specify admin username:')

            if password is None:

                password = get_password()

                if not password:

                    #second try

                    password = get_password()

                    if not password:

                        sys.exit()

            if email is None:

                email = raw_input('Specify admin email:')

            self.create_user(username, password, email, True)

        else:

            log.info('creating admin and regular test users')

            from kallithea.tests.base import TEST_USER_ADMIN_LOGIN, \

        hgsubversion.ui_key = 'hgsubversion'

        hgsubversion.ui_value = ''

        hgsubversion.ui_active = False

        self.sa.add(hgsubversion)

        # enable hggit disabled by default

        hggit = Ui()

        hggit.ui_section = 'extensions'

        hggit.ui_key = 'hggit'

        hggit.ui_value = ''

        hggit.ui_active = False

        self.sa.add(hggit)

    def create_auth_plugin_options(self, skip_existing=False):

        """

        Create default auth plugin settings, and make it active

        :param skip_existing:

        """

        for k, v, t in [('auth_plugins', 'kallithea.lib.auth_modules.auth_internal', 'list'),

                     ('auth_internal_enabled', 'True', 'bool')]:

            if skip_existing and Setting.get_by_name(k) != None:

                log.debug('Skipping option %s', k)

                continue

            setting = Setting(k, v, t)

            self.sa.add(setting)

    def create_default_options(self, skip_existing=False):

        """Creates default settings"""

        for k, v, t in [

            ('default_repo_enable_locking',  False, 'bool'),

            ('default_repo_enable_downloads', False, 'bool'),

            ('default_repo_enable_statistics', False, 'bool'),

            ('default_repo_private', False, 'bool'),

            ('default_repo_type', 'hg', 'unicode')]:

            if skip_existing and Setting.get_by_name(k) is not None:

                log.debug('Skipping option %s', k)

                continue

            setting = Setting(k, v, t)

            self.sa.add(setting)

    def fixup_groups(self):

        def_usr = User.get_default_user()

        for g in RepoGroup.query().all():

            g.group_name = g.get_new_name(g.name)

            # get default perm

            default = UserRepoGroupToPerm.query() \

                .filter(UserRepoGroupToPerm.group == g) \

                .filter(UserRepoGroupToPerm.user == def_usr) \

                .scalar()

            if default is None:

                log.debug('missing default permission for group %s adding', g)

                RepoGroupModel()._create_default_perms(g)

    def reset_permissions(self, username):

        """

        Resets permissions to default state, useful when old systems had

        bad permissions, we must clean them up

        :param username:

        """

        default_user = User.get_by_username(username)

        if not default_user:

            return

        u2p = UserToPerm.query() \

            .filter(UserToPerm.user == default_user).all()

        fixed = False

        if len(u2p) != len(Permission.DEFAULT_USER_PERMISSIONS):

            for p in u2p:

                Session().delete(p)

            fixed = True

            self.populate_default_permissions()

        return fixed

    def update_repo_info(self):

        for repo in Repository.query():

            repo.update_changeset_cache()

    def config_prompt(self, test_repo_path='', retries=3):

        _path = self.cli_args.get('repos_location')

        if retries == 3:

            log.info('Setting up repositories config')

        if _path is not None:

            path = _path

        elif not self.tests and not test_repo_path:

            path = raw_input(

                 'Enter a valid absolute path to store repositories. '

                 'All repositories in that path will be added automatically:'

            )

        else:

            return str(status.status) if status else ChangesetStatus.DEFAULT

        return status

    def set_status(self, repo, status, user, comment, revision=None,

                   pull_request=None, dont_allow_on_closed_pull_request=False):

        """

        Creates new status for changeset or updates the old ones bumping their

        version, leaving the current status at the value of 'status'.

        :param repo:

        :param status:

        :param user:

        :param comment:

        :param revision:

        :param pull_request:

        :param dont_allow_on_closed_pull_request: don't allow a status change

            if last status was for pull request and it's closed. We shouldn't

            mess around this manually

        """

        repo = Repository.guess_instance(repo)

        q = ChangesetStatus.query()

        if revision is not None:

            assert pull_request is None

            q = q.filter(ChangesetStatus.repo == repo)

            q = q.filter(ChangesetStatus.revision == revision)

            revisions = [revision]

        else:

            assert pull_request is not None

            pull_request = PullRequest.guess_instance(pull_request)

            repo = pull_request.org_repo

            q = q.filter(ChangesetStatus.repo == repo)

            q = q.filter(ChangesetStatus.revision.in_(pull_request.revisions))

            revisions = pull_request.revisions

        cur_statuses = q.all()

        #if statuses exists and last is associated with a closed pull request

        # we need to check if we can allow this status change

        if (dont_allow_on_closed_pull_request and cur_statuses

            and getattr(cur_statuses[0].pull_request, 'status', '')

                == PullRequest.STATUS_CLOSED):

            raise StatusChangeOnClosedPullRequestError(

                'Changing status on closed pull request is not allowed'

            )

        #update all current statuses with older version

        for st in cur_statuses:

            st.version += 1

        new_statuses = []

        for rev in revisions:

            new_status = ChangesetStatus()

            new_status.version = 0 # default

            new_status.author = User.guess_instance(user)

            new_status.repo = Repository.guess_instance(repo)

            new_status.status = status

            new_status.comment = comment

            new_status.revision = rev

            new_status.pull_request = pull_request

            new_statuses.append(new_status)

            self.sa.add(new_status)

        return new_statuses

            'gist_updated': time.time(),

        }

        with open(os.path.join(repo.path, '.hg', GIST_METADATA_FILE), 'wb') as f:

            f.write(json.dumps(metadata))

    def get_gist(self, gist):

        return Gist.guess_instance(gist)

    def get_gist_files(self, gist_access_id, revision=None):

        """

        Get files for given gist

        :param gist_access_id:

        """

        repo = Gist.get_by_access_id(gist_access_id)

        cs = repo.scm_instance.get_changeset(revision)

        return cs, [n for n in cs.get_node('/')]

    def create(self, description, owner, gist_mapping,

               gist_type=Gist.GIST_PUBLIC, lifetime=-1):

        """

        :param description: description of the gist

        :param owner: user who created this gist

        :param gist_mapping: mapping {filename:{'content':content},...}

        :param gist_type: type of gist private/public

        :param lifetime: in minutes, -1 == forever

        """

        owner = User.guess_instance(owner)

        gist_id = make_gist_id()

        lifetime = safe_int(lifetime, -1)

        gist_expires = time.time() + (lifetime * 60) if lifetime != -1 else -1

        log.debug('set GIST expiration date to: %s',

                  time_to_datetime(gist_expires)

                   if gist_expires != -1 else 'forever')

        #create the Database version

        gist = Gist()

        gist.gist_description = description

        gist.gist_access_id = gist_id

        gist.owner_id = owner.user_id

        gist.gist_expires = gist_expires

        gist.gist_type = safe_unicode(gist_type)

        self.sa.add(gist)

        self.sa.flush() # make database assign gist.gist_id

        if gist_type == Gist.GIST_PUBLIC:

            # use DB ID for easy to use GIST ID

            gist_id = safe_unicode(gist.gist_id)

            gist.gist_access_id = gist_id

        gist_repo_path = os.path.join(GIST_STORE_LOC, gist_id)

        log.debug('Creating new %s GIST repo in %s', gist_type, gist_repo_path)

        repo = RepoModel()._create_filesystem_repo(

            repo_name=gist_id, repo_type='hg', repo_group=GIST_STORE_LOC)

        processed_mapping = {}

        for filename in gist_mapping:

            if filename != os.path.basename(filename):

                raise Exception('Filename cannot be inside a directory')

            content = gist_mapping[filename]['content']

            #TODO: expand support for setting explicit lexers

#             if lexer is None:

#                 try:

#                     guess_lexer = pygments.lexers.guess_lexer_for_filename

#                     lexer = guess_lexer(filename,content)

#                 except pygments.util.ClassNotFound:

#                     lexer = 'text'

            processed_mapping[filename] = {'content': content}

        # now create single multifile commit

        message = 'added file'

        message += 's: ' if len(processed_mapping) > 1 else ': '

        message += ', '.join([x for x in processed_mapping])

        #fake Kallithea Repository object

        fake_repo = AttributeDict(dict(

            repo_name=gist_repo_path,

            scm_instance_no_cache=lambda: repo,

        ))

        ScmModel().create_nodes(

            user=owner.user_id, repo=fake_repo,

            message=message,

            nodes=processed_mapping,

            trigger_push_hook=False

        )

        self._store_metadata(repo, gist.gist_id, gist.gist_access_id,

                             owner.user_id, gist.gist_type, gist.gist_expires)

        return gist

    def delete(self, gist, fs_remove=True):

        gist = Gist.guess_instance(gist)

        try:

            self.sa.delete(gist)

            if fs_remove:

                self.__delete_gist(gist)

    def create_default_permissions(self, user, force=False):

        """

        Create missing default permissions for user. If force is set, the default

        permissions for the user are reset, otherwise only missing permissions are

        created.

        :param user:

        """

        user = User.guess_instance(user)

        def _make_perm(perm):

            new_perm = UserToPerm()

            new_perm.user = user

            new_perm.permission = Permission.get_by_key(perm)

            return new_perm

        def _get_group(perm_name):

            return '.'.join(perm_name.split('.')[:1])

        perms = UserToPerm.query().filter(UserToPerm.user == user).all()

        defined_perms_groups = map(_get_group,

                                (x.permission.permission_name for x in perms))

        log.debug('GOT ALREADY DEFINED:%s', perms)

        DEFAULT_PERMS = Permission.DEFAULT_USER_PERMISSIONS

        if force:

            for perm in perms:

                self.sa.delete(perm)

            self.sa.commit()

            defined_perms_groups = []

        # For every default permission that needs to be created, we check if

        # its group is already defined. If it's not, we create default permission.

        for perm_name in DEFAULT_PERMS:

            gr = _get_group(perm_name)

            if gr not in defined_perms_groups:

                log.debug('GR:%s not found, creating permission %s',

                          gr, perm_name)

                new_perm = _make_perm(perm_name)

                self.sa.add(new_perm)

    def update(self, form_result):

        perm_user = User.get_by_username(username=form_result['perm_user_name'])

        try:

            # stage 1 set anonymous access

            if perm_user.is_default_user:

                perm_user.active = str2bool(form_result['anonymous'])

            # stage 2 reset defaults and set them from form data

            def _make_new(usr, perm_name):

                log.debug('Creating new permission:%s', perm_name)

                new = UserToPerm()

                new.user = usr

                new.permission = Permission.get_by_key(perm_name)

                return new

            # clear current entries, to make this function idempotent

            # it will fix even if we define more permissions or permissions

            # are somehow missing

            u2p = self.sa.query(UserToPerm) \

                .filter(UserToPerm.user == perm_user) \

                .all()

            for p in u2p:

                self.sa.delete(p)

            #create fresh set of permissions

            for def_perm_key in ['default_repo_perm',

                                 'default_group_perm',

                                 'default_user_group_perm',

                                 'default_repo_create',

                                 'create_on_write', # special case for create repos on write access to group

                                 #'default_repo_group_create', #not implemented yet

                                 'default_user_group_create',

                                 'default_fork',

                                 'default_register',

                                 'default_extern_activate']:

                p = _make_new(perm_user, form_result[def_perm_key])

                self.sa.add(p)

            #stage 3 update all default permissions for repos if checked

            if form_result['overwrite_default_repo']:

                _def_name = form_result['default_repo_perm'].split('repository.')[-1]

                _def = Permission.get_by_key('repository.' + _def_name)

                # repos

                for r2p in self.sa.query(UserRepoToPerm) \

                               .filter(UserRepoToPerm.user == perm_user) \

                               .all():

                    #don't reset PRIVATE repositories

                    if not r2p.repository.private:

                        r2p.permission = _def

            if form_result['overwrite_default_group']:

                _def_name = form_result['default_group_perm'].split('group.')[-1]

                # groups

                _def = Permission.get_by_key('group.' + _def_name)

                for g2p in self.sa.query(UserRepoGroupToPerm) \

                               .filter(UserRepoGroupToPerm.user == perm_user) \

                               .all():

                    g2p.permission = _def

            if form_result['overwrite_default_user_group']:

                _def_name = form_result['default_user_group_perm'].split('usergroup.')[-1]

                # groups

                _def = Permission.get_by_key('usergroup.' + _def_name)

                for g2p in self.sa.query(UserUserGroupToPerm) \

                               .filter(UserUserGroupToPerm.user == perm_user) \

                               .all():

                    g2p.permission = _def

            self.sa.commit()

        except (DatabaseError,):

            log.error(traceback.format_exc())

            self.sa.rollback()

            raise

        # fill repository groups

        for p in repo_info.users_group_to_perm:

            defaults.update({'g_perm_%s' % p.users_group.users_group_name:

                                 p.permission.permission_name})

        return defaults

    def update(self, repo, **kwargs):

        try:

            cur_repo = Repository.guess_instance(repo)

            org_repo_name = cur_repo.repo_name

            if 'owner' in kwargs:

                cur_repo.owner = User.get_by_username(kwargs['owner'])

            if 'repo_group' in kwargs:

                cur_repo.group = RepoGroup.get(kwargs['repo_group'])

                cur_repo.repo_name = cur_repo.get_new_name(cur_repo.just_name)

            log.debug('Updating repo %s with params:%s', cur_repo, kwargs)

            for k in ['repo_enable_downloads',

                      'repo_description',

                      'repo_enable_locking',

                      'repo_landing_rev',

                      'repo_private',

                      'repo_enable_statistics',

                      ]:

                if k in kwargs:

                    setattr(cur_repo, remove_prefix(k, 'repo_'), kwargs[k])

            clone_uri = kwargs.get('clone_uri')

            if clone_uri is not None and clone_uri != cur_repo.clone_uri_hidden:

                cur_repo.clone_uri = clone_uri

            if 'repo_name' in kwargs:

                cur_repo.repo_name = cur_repo.get_new_name(kwargs['repo_name'])

            #if private flag is set, reset default permission to NONE

            if kwargs.get('repo_private'):

                EMPTY_PERM = 'repository.none'

                RepoModel().grant_user_permission(

                    repo=cur_repo, user='default', perm=EMPTY_PERM

                )

                #handle extra fields

            for field in filter(lambda k: k.startswith(RepositoryField.PREFIX),

                                kwargs):

                k = RepositoryField.un_prefix_key(field)

                ex_field = RepositoryField.get_by_key_name(key=k, repo=cur_repo)

                if ex_field:

                    ex_field.field_value = kwargs[field]

            if org_repo_name != cur_repo.repo_name:

                # rename repository

                self._rename_filesystem_repo(old=org_repo_name, new=cur_repo.repo_name)

            return cur_repo

        except Exception:

            log.error(traceback.format_exc())

            raise

    def _create_repo(self, repo_name, repo_type, description, owner,

                     private=False, clone_uri=None, repo_group=None,

                     landing_rev='rev:tip', fork_of=None,

                     copy_fork_permissions=False, enable_statistics=False,

                     enable_locking=False, enable_downloads=False,

                     copy_group_permissions=False, state=Repository.STATE_PENDING):

        """

        Create repository inside database with PENDING state. This should only be

        executed by create() repo, with exception of importing existing repos.

        """

        from kallithea.model.scm import ScmModel

        owner = User.guess_instance(owner)

        fork_of = Repository.guess_instance(fork_of)

        repo_group = RepoGroup.guess_instance(repo_group)

        try:

            repo_name = safe_unicode(repo_name)

            description = safe_unicode(description)

            # repo name is just a name of repository

            # while repo_name_full is a full qualified name that is combined

            # with name and path of group

            repo_name_full = repo_name

            repo_name = repo_name.split(self.URL_SEPARATOR)[-1]

            new_repo = Repository()

            new_repo.repo_state = state

            new_repo.enable_statistics = False

            new_repo.repo_name = repo_name_full

            new_repo.repo_type = repo_type

            new_repo.owner = owner

            new_repo.group = repo_group

            new_repo.description = description or repo_name

            new_repo.private = private

            new_repo.clone_uri = clone_uri

            new_repo.landing_rev = landing_rev

            new_repo.enable_statistics = enable_statistics

                    repo=repo, user=member, perm=perm

                )

            else:

                #check if we have permissions to alter this usergroup's access

                if not check_perms or HasUserGroupPermissionLevel('read')(member):

                    self.grant_user_group_permission(

                        repo=repo, group_name=member, perm=perm

                    )

            # set new permissions

        for member, perm, member_type in perms_new:

            if member_type == 'user':

                self.grant_user_permission(

                    repo=repo, user=member, perm=perm

                )

            else:

                #check if we have permissions to alter this usergroup's access

                if not check_perms or HasUserGroupPermissionLevel('read')(member):

                    self.grant_user_group_permission(

                        repo=repo, group_name=member, perm=perm

                    )

    def create_fork(self, form_data, cur_user):

        """

        Simple wrapper into executing celery task for fork creation

        :param form_data:

        :param cur_user:

        """

        from kallithea.lib.celerylib import tasks

        return tasks.create_repo_fork(form_data, cur_user)

    def delete(self, repo, forks=None, fs_remove=True, cur_user=None):

        """

        Delete given repository, forks parameter defines what do do with

        attached forks. Throws AttachedForksError if deleted repo has attached

        forks

        :param repo:

        :param forks: str 'delete' or 'detach'

        :param fs_remove: remove(archive) repo from filesystem

        """

        if not cur_user:

            cur_user = getattr(get_current_authuser(), 'username', None)

        repo = Repository.guess_instance(repo)

        if repo is not None:

            if forks == 'detach':

                for r in repo.forks:

                    r.fork = None

            elif forks == 'delete':

                for r in repo.forks:

                    self.delete(r, forks='delete')

            elif [f for f in repo.forks]:

                raise AttachedForksError()

            old_repo_dict = repo.get_dict()

            try:

                self.sa.delete(repo)

                if fs_remove:

                    self._delete_filesystem_repo(repo)

                else:

                    log.debug('skipping removal from filesystem')

                log_delete_repository(old_repo_dict,

                                      deleted_by=cur_user)

            except Exception:

                log.error(traceback.format_exc())

                raise

    def grant_user_permission(self, repo, user, perm):

        """

        Grant permission for user on given repository, or update existing one

        if found

        :param repo: Instance of Repository, repository_id, or repository name

        :param user: Instance of User, user_id or username

        :param perm: Instance of Permission, or permission_name

        """

        user = User.guess_instance(user)

        repo = Repository.guess_instance(repo)

        permission = Permission.guess_instance(perm)

        # check if we have that permission already

        obj = self.sa.query(UserRepoToPerm) \

            .filter(UserRepoToPerm.user == user) \

            .filter(UserRepoToPerm.repository == repo) \

            .scalar()

        if obj is None:

            # create new !

            obj = UserRepoToPerm()

        obj.repository = repo

        obj.user = user

        obj.permission = permission

        log.debug('Granted perm %s to %s on %s', perm, user, repo)

        return obj

    def revoke_user_permission(self, repo, user):

        """

        Revoke permission for user on given repository

        :param repo: Instance of Repository, repository_id, or repository name

        :param user: Instance of User, user_id or username

        """

        user = User.guess_instance(user)

        repo = Repository.guess_instance(repo)

        obj = self.sa.query(UserRepoToPerm) \

            .filter(UserRepoToPerm.repository == repo) \

            .filter(UserRepoToPerm.user == user) \

            .scalar()

        if obj is not None:

            self.sa.delete(obj)

            log.debug('Revoked perm on %s on %s', repo, user)

    def grant_user_group_permission(self, repo, group_name, perm):

        """

        Grant permission for user group on given repository, or update

        existing one if found

        :param repo: Instance of Repository, repository_id, or repository name

        :param group_name: Instance of UserGroup, users_group_id,

            or user group name

        :param perm: Instance of Permission, or permission_name

        """

        repo = Repository.guess_instance(repo)

        group_name = UserGroup.guess_instance(group_name)

        permission = Permission.guess_instance(perm)

        # check if we have that permission already

        obj = self.sa.query(UserGroupRepoToPerm) \

            .filter(UserGroupRepoToPerm.users_group == group_name) \

            .filter(UserGroupRepoToPerm.repository == repo) \

            .scalar()

        if obj is None:

            # create new

            obj = UserGroupRepoToPerm()

        obj.repository = repo

        obj.users_group = group_name

        obj.permission = permission

        log.debug('Granted perm %s to %s on %s', perm, group_name, repo)

        return obj

    def revoke_user_group_permission(self, repo, group_name):

        """

        Revoke permission for user group on given repository

        :param repo: Instance of Repository, repository_id, or repository name

        :param group_name: Instance of UserGroup, users_group_id,

            or user group name

        """

        repo = Repository.guess_instance(repo)

        group_name = UserGroup.guess_instance(group_name)

        obj = self.sa.query(UserGroupRepoToPerm) \

            .filter(UserGroupRepoToPerm.repository == repo) \

            .filter(UserGroupRepoToPerm.users_group == group_name) \

            .scalar()

        if obj is not None:

            self.sa.delete(obj)

            log.debug('Revoked perm to %s on %s', repo, group_name)

    def delete_stats(self, repo_name):

        """

        removes stats for given repo

        :param repo_name:

        """

        repo = Repository.guess_instance(repo_name)

        try:

            obj = self.sa.query(Statistics) \

                .filter(Statistics.repository == repo).scalar()

            if obj is not None:

                self.sa.delete(obj)

        except Exception:

            log.error(traceback.format_exc())

            raise

    def _create_filesystem_repo(self, repo_name, repo_type, repo_group,

                                clone_uri=None, repo_store_location=None):

        """

        Makes repository on filesystem. Operation is group aware, meaning that it will create

        a repository within a group, and alter the paths accordingly to the group location.

        :param repo_name:

        :param alias:

        :param parent:

        :param clone_uri:

                    #check if we have permissions to alter this usergroup's access

                    if not check_perms or HasUserGroupPermissionLevel('read')(member):

                        _set_perm_group(obj, users_group=member, perm=perm)

            updates.append(obj)

            # if it's not recursive call for all,repos,groups

            # break the loop and don't proceed with other changes

            if recursive not in ['all', 'repos', 'groups']:

                break

        return updates

    def update(self, repo_group, form_data):

        try:

            repo_group = RepoGroup.guess_instance(repo_group)

            old_path = repo_group.full_path

            # change properties

            repo_group.group_description = form_data['group_description']

            repo_group.parent_group_id = form_data['parent_group_id']

            repo_group.enable_locking = form_data['enable_locking']

            repo_group.parent_group = RepoGroup.get(form_data['parent_group_id'])

            repo_group.group_name = repo_group.get_new_name(form_data['group_name'])

            new_path = repo_group.full_path

            self.sa.add(repo_group)

            # iterate over all members of this groups and do fixes

            # set locking if given

            # if obj is a repoGroup also fix the name of the group according

            # to the parent

            # if obj is a Repo fix it's name

            # this can be potentially heavy operation

            for obj in repo_group.recursive_groups_and_repos():

                #set the value from it's parent

                obj.enable_locking = repo_group.enable_locking

                if isinstance(obj, RepoGroup):

                    new_name = obj.get_new_name(obj.name)

                    log.debug('Fixing group %s to new name %s' \

                                % (obj.group_name, new_name))

                    obj.group_name = new_name

                elif isinstance(obj, Repository):

                    # we need to get all repositories from this new group and

                    # rename them accordingly to new group path

                    new_name = obj.get_new_name(obj.just_name)

                    log.debug('Fixing repo %s to new name %s' \

                                % (obj.repo_name, new_name))

                    obj.repo_name = new_name

            self._rename_group(old_path, new_path)

            return repo_group

        except Exception:

            log.error(traceback.format_exc())

            raise

    def delete(self, repo_group, force_delete=False):

        repo_group = RepoGroup.guess_instance(repo_group)

        try:

            self.sa.delete(repo_group)

            self._delete_group(repo_group, force_delete)

        except Exception:

            log.error('Error removing repo_group %s', repo_group)

            raise

    def add_permission(self, repo_group, obj, obj_type, perm, recursive):

        from kallithea.model.repo import RepoModel

        repo_group = RepoGroup.guess_instance(repo_group)

        perm = Permission.guess_instance(perm)

        for el in repo_group.recursive_groups_and_repos():