.. _changelog:

=========

Changelog

=========

1.4.0 (**2012-XX-XX**)

----------------------

:status: in-progress

:branch: beta

news

++++

- new codereview system

- email map, allowing users to have multiple email addresses mapped into

  their accounts

- improved git-hook system. Now all actions for git are logged into journal

  including pushed revisions, user and IP address

- changed setup-app into setup-rhodecode and added default options to it.

- new git repos are created as bare now by default

- #464 added links to groups in permission box

- #465 mentions autocomplete inside comments boxes

- #469 added --update-only option to whoosh to re-index only given list

  of repos in index 

- rhodecode-api CLI client

- new git http protocol replaced buggy dulwich implementation.

  Now based on pygrack & gitweb

- Improved RSS/ATOM feeds. Discoverable by browsers using proper headers, and 

  reformated based on user suggestions. Additional rss/atom feeds for user

  journal

- various i18n improvements

fixes

+++++

- improved translations

- fixes issue #455 Creating an archive generates an exception on Windows

- fixes #448 Download ZIP archive keeps file in /tmp open and results 

  in out of disk space

- fixes issue #454 Search results under Windows include proceeding

  backslash

- fixed issue #450. Rhodecode no longer will crash when bad revision is

  present in journal data.

- fix for issue #417, git execution was broken on windows for certain

  commands.

- fixed #413. Don't disable .git directory for bare repos on deleting

- fixed issue #459. Changed the way of obtaining logger in reindex task.

- fixed #453 added ID field in whoosh SCHEMA that solves the issue of

  reindexing modified files

1.3.6 (**2012-05-17**)

----------------------

news

++++

- chinese traditional translation

- changed setup-app into setup-rhodecode and added arguments for auto-setup 

  mode that doesn't need user interaction 

fixes

+++++

- fixed no scm found warning

- fixed __future__ import error on rcextensions

- made simplejson required lib for speedup on JSON encoding

- fixes #449 bad regex could get more than revisions from parsing history

- don't clear DB session when CELERY_EAGER is turned ON

1.3.5 (**2012-05-10**)

----------------------

news

++++

- use ext_json for json module

- unified annotation view with file source view

- notification improvements, better inbox + css

- #419 don't strip passwords for login forms, make rhodecode 

  more compatible with LDAP servers

- Added HTTP_X_FORWARDED_FOR as another method of extracting 

  IP for pull/push logs. - moved all to base controller  

- #415: Adding comment to changeset causes reload. 

  Comments are now added via ajax and doesn't reload the page

- #374 LDAP config is discarded when LDAP can't be activated

- limited push/pull operations are now logged for git in the journal

- bumped mercurial to 2.2.X series

- added support for displaying submodules in file-browser

- #421 added bookmarks in changelog view

fixes

+++++

- fixed dev-version marker for stable when served from source codes

- fixed missing permission checks on show forks page

- #418 cast to unicode fixes in notification objects

- #426 fixed mention extracting regex

- fixed remote-pulling for git remotes remopositories

- fixed #434: Error when accessing files or changesets of a git repository 

  with submodules

- fixed issue with empty APIKEYS for users after registration ref. #438

- fixed issue with getting README files from git repositories

1.3.4 (**2012-03-28**)

----------------------

news

++++

- Whoosh logging is now controlled by the .ini files logging setup

- added clone-url into edit form on /settings page

- added help text into repo add/edit forms

- created rcextensions module with additional mappings (ref #322) and

  post push/pull/create repo hooks callbacks

- implemented #377 Users view for his own permissions on account page

- #399 added inheritance of permissions for users group on repos groups

- #401 repository group is automatically pre-selected when adding repos 

  inside a repository group

- added alternative HTTP 403 response when client failed to authenticate. Helps 

  solving issues with Mercurial and LDAP

- #402 removed group prefix from repository name when listing repositories 

  inside a group

- added gravatars into permission view and permissions autocomplete

- #347 when running multiple RhodeCode instances, properly invalidates cache 

  for all registered servers

fixes

+++++

- fixed #390 cache invalidation problems on repos inside group

- fixed #385 clone by ID url was loosing proxy prefix in URL

- fixed some unicode problems with waitress

- fixed issue with escaping < and > in changeset commits

- fixed error occurring during recursive group creation in API 

  create_repo function

- fixed #393 py2.5 fixes for routes url generator

- fixed #397 Private repository groups shows up before login

- fixed #396 fixed problems with revoking users in nested groups

- fixed mysql unicode issues + specified InnoDB as default engine with 

  utf8 charset

- #406 trim long branch/tag names in changelog to not break UI

1.3.3 (**2012-03-02**)

----------------------

news

++++

fixes

+++++

- fixed some python2.5 compatibility issues 

- fixed issues with removed repos was accidentally added as groups, after

  full rescan of paths

- fixes #376 Cannot edit user (using container auth)

- fixes #378 Invalid image urls on changeset screen with proxy-prefix 

  configuration

- fixed initial sorting of repos inside repo group

- fixes issue when user tried to resubmit same permission into user/user_groups

- bumped beaker version that fixes #375 leap error bug

- fixed raw_changeset for git. It was generated with hg patch headers

- fixed vcs issue with last_changeset for filenodes

- fixed missing commit after hook delete

- fixed #372 issues with git operation detection that caused a security issue 

  for git repos

1.3.2 (**2012-02-28**)

----------------------

news

++++

fixes

+++++

- fixed git protocol issues with repos-groups

- fixed git remote repos validator that prevented from cloning remote git repos

- fixes #370 ending slashes fixes for repo and groups

- fixes #368 improved git-protocol detection to handle other clients

- fixes #366 When Setting Repository Group To Blank Repo Group Wont Be 

  Moved To Root

- fixes #371 fixed issues with beaker/sqlalchemy and non-ascii cache keys 

- fixed #373 missing cascade drop on user_group_to_perm table

1.3.1 (**2012-02-27**)

----------------------

news

++++

fixes

+++++

- redirection loop occurs when remember-me wasn't checked during login

- fixes issues with git blob history generation 

- don't fetch branch for git in file history dropdown. Causes unneeded slowness

1.3.0 (**2012-02-26**)

----------------------

news

++++

- code review, inspired by github code-comments 

- #215 rst and markdown README files support

- #252 Container-based and proxy pass-through authentication support

- #44 branch browser. Filtering of changelog by branches

- mercurial bookmarks support

- new hover top menu, optimized to add maximum size for important views

- configurable clone url template with possibility to specify  protocol like 

  ssh:// or http:// and also manually alter other parts of clone_url.

- enabled largefiles extension by default

- optimized summary file pages and saved a lot of unused space in them

- #239 option to manually mark repository as fork

- #320 mapping of commit authors to RhodeCode users

- #304 hashes are displayed using monospace font    

- diff configuration, toggle white lines and context lines

- #307 configurable diffs, whitespace toggle, increasing context lines

- sorting on branches, tags and bookmarks using YUI datatable

- improved file filter on files page

# -*- coding: utf-8 -*-

"""

    rhodecode.controllers.admin.users

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Users crud controller for pylons

    :created_on: Apr 4, 2010

    :author: marcink

    :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>

    :license: GPLv3, see COPYING for more details.

"""

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

import logging

import traceback

import formencode

from formencode import htmlfill

from pylons import request, session, tmpl_context as c, url, config

from pylons.controllers.util import redirect

from pylons.i18n.translation import _

from rhodecode.lib.exceptions import DefaultUserException, \

    UserOwnsReposException

from rhodecode.lib import helpers as h

from rhodecode.lib.base import BaseController, render

from rhodecode.model.db import User, Permission

from rhodecode.model.forms import UserForm

from rhodecode.model.user import UserModel

from rhodecode.model.meta import Session

from rhodecode.lib.utils import action_logger

log = logging.getLogger(__name__)

class UsersController(BaseController):

    """REST Controller styled on the Atom Publishing Protocol"""

    # To properly map this controller, ensure your config/routing.py

    # file has a resource setup:

    #     map.resource('user', 'users')

    @LoginRequired()

    @HasPermissionAllDecorator('hg.admin')

    def __before__(self):

        c.admin_user = session.get('admin_user')

        c.admin_username = session.get('admin_username')

        super(UsersController, self).__before__()

        c.available_permissions = config['available_permissions']

    def index(self, format='html'):

        """GET /users: All items in the collection"""

        # url('users')

        c.users_list = self.sa.query(User).all()

        return render('admin/users/users.html')

    def create(self):

        """POST /users: Create a new item"""

        # url('users')

        user_model = UserModel()

        user_form = UserForm()()

        try:

            form_result = user_form.to_python(dict(request.POST))

            user_model.create(form_result)

            usr = form_result['username']

            action_logger(self.rhodecode_user, 'admin_created_user:%s' % usr,

                          None, self.ip_addr, self.sa)

            h.flash(_('created user %s') % usr,

                    category='success')

            Session.commit()

        except formencode.Invalid, errors:

            return htmlfill.render(

                render('admin/users/user_add.html'),

                defaults=errors.value,

                errors=errors.error_dict or {},

                prefix_error=False,

                encoding="UTF-8")

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('error occurred during creation of user %s') \

                    % request.POST.get('username'), category='error')

        return redirect(url('users'))

    def new(self, format='html'):

        """GET /users/new: Form to create a new item"""

        # url('new_user')

        return render('admin/users/user_add.html')

    def update(self, id):

        """PUT /users/id: Update an existing item"""

        # Forms posted to this method should contain a hidden field:

        #    <input type="hidden" name="_method" value="PUT" />

        # Or using helpers:

        #    h.form(url('update_user', id=ID),

        #           method='put')

        # url('user', id=ID)

        user_model = UserModel()

        c.user = user_model.get(id)

        _form = UserForm(edit=True, old_data={'user_id': id,

                                              'email': c.user.email})()

        form_result = {}

        try:

            form_result = _form.to_python(dict(request.POST))

            user_model.update(id, form_result)

            usr = form_result['username']

            action_logger(self.rhodecode_user, 'admin_updated_user:%s' % usr,

                          None, self.ip_addr, self.sa)

            h.flash(_('User updated successfully'), category='success')

            Session.commit()

        except formencode.Invalid, errors:

            e = errors.error_dict or {}

            perm = Permission.get_by_key('hg.create.repository')

            e.update({'create_repo_perm': user_model.has_perm(id, perm)})

            return htmlfill.render(

                render('admin/users/user_edit.html'),

                defaults=errors.value,

                errors=e,

                prefix_error=False,

                encoding="UTF-8")

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('error occurred during update of user %s') \

                    % form_result.get('username'), category='error')

        return redirect(url('users'))

    def delete(self, id):

        """DELETE /users/id: Delete an existing item"""

        # Forms posted to this method should contain a hidden field:

        #    <input type="hidden" name="_method" value="DELETE" />

        # Or using helpers:

        #    h.form(url('delete_user', id=ID),

        #           method='delete')

        # url('user', id=ID)

        user_model = UserModel()

        try:

            user_model.delete(id)

            Session.commit()

            h.flash(_('successfully deleted user'), category='success')

        except (UserOwnsReposException, DefaultUserException), e:

            h.flash(e, category='warning')

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('An error occurred during deletion of user'),

                    category='error')

        return redirect(url('users'))

    def show(self, id, format='html'):

        """GET /users/id: Show a specific item"""

        # url('user', id=ID)

    def edit(self, id, format='html'):

        """GET /users/id/edit: Form to edit an existing item"""

        # url('edit_user', id=ID)

        c.user = User.get(id)

        if not c.user:

            return redirect(url('users'))

        if c.user.username == 'default':

            h.flash(_("You can't edit this user"), category='warning')

            return redirect(url('users'))

        c.user.permissions = {}

        c.granted_permissions = UserModel().fill_perms(c.user)\

            .permissions['global']

        defaults = c.user.get_dict()

        perm = Permission.get_by_key('hg.create.repository')

        defaults.update({'create_repo_perm': UserModel().has_perm(id, perm)})

        return htmlfill.render(

            render('admin/users/user_edit.html'),

            defaults=defaults,

            encoding="UTF-8",

            force_defaults=False

        )

    def update_perm(self, id):

        """PUT /users_perm/id: Update an existing item"""

        # url('user_perm', id=ID, method='put')

        grant_perm = request.POST.get('create_repo_perm', False)

        user_model = UserModel()

        if grant_perm:

            perm = Permission.get_by_key('hg.create.none')

            user_model.revoke_perm(id, perm)

            perm = Permission.get_by_key('hg.create.repository')

            user_model.grant_perm(id, perm)

            h.flash(_("Granted 'repository create' permission to user"),

                    category='success')

            Session.commit()

        else:

            perm = Permission.get_by_key('hg.create.repository')

            user_model.revoke_perm(id, perm)

            perm = Permission.get_by_key('hg.create.none')

            user_model.grant_perm(id, perm)

            h.flash(_("Revoked 'repository create' permission to user"),

                    category='success')

            Session.commit()

        return redirect(url('edit_user', id=id))

## -*- coding: utf-8 -*-

<%inherit file="/base/base.html"/>

<%def name="title()">

    ${_('Edit user')} ${c.user.username} - ${c.rhodecode_name}

</%def>

<%def name="breadcrumbs_links()">

    ${h.link_to(_('Admin'),h.url('admin_home'))}

    »

    ${h.link_to(_('Users'),h.url('users'))}

    »

    ${_('edit')} "${c.user.username}"

</%def>

<%def name="page_nav()">

	${self.menu('admin')}

</%def>

<%def name="main()">

<div class="box box-left">

    <!-- box / title -->

    <div class="title">

        ${self.breadcrumbs()}

    </div>

    <!-- end box / title -->

    ${h.form(url('update_user', id=c.user.user_id),method='put')}

    <div class="form">

        <div class="field">

           <div class="gravatar_box">

               <div class="gravatar"><img alt="gravatar" src="${h.gravatar_url(c.user.email)}"/></div>

                <p>

                %if c.use_gravatar:

                <strong>${_('Change your avatar at')} <a href="http://gravatar.com">gravatar.com</a></strong>

                <br/>${_('Using')} ${c.user.email}

                %else:

                <br/>${c.user.email}

                %endif

           </div>

        </div>

        <div class="field">

            <div class="label">

                <label>${_('API key')}</label> ${c.user.api_key}

            </div>

        </div>

        <div class="fields">

             <div class="field">

                <div class="label">

                    <label for="username">${_('Username')}:</label>

                </div>

                <div class="input">

                    ${h.text('username',class_='medium')}

                </div>

             </div>

             <div class="field">

                <div class="label">

                    <label for="ldap_dn">${_('LDAP DN')}:</label>

                </div>

                <div class="input">

                    ${h.text('ldap_dn',class_='medium disabled',readonly="readonly")}

                </div>

             </div>

             <div class="field">

                <div class="label">

                    <label for="new_password">${_('New password')}:</label>

                </div>

                <div class="input">

                    ${h.password('new_password',class_='medium',autocomplete="off")}

                </div>

             </div>

             <div class="field">

                <div class="label">

                    <label for="password_confirmation">${_('New password confirmation')}:</label>

                </div>

                <div class="input">

                    ${h.password('password_confirmation',class_="medium",autocomplete="off")}

                </div>

             </div>

             <div class="field">

                <div class="label">

                    <label for="name">${_('First Name')}:</label>

                </div>

                <div class="input">

                    ${h.text('name',class_='medium')}

                </div>

             </div>

             <div class="field">

                <div class="label">

                    <label for="lastname">${_('Last Name')}:</label>

                </div>

                <div class="input">

                    ${h.text('lastname',class_='medium')}

                </div>

             </div>

             <div class="field">

                <div class="label">

                    <label for="email">${_('Email')}:</label>

                </div>

                <div class="input">

                    ${h.text('email',class_='medium')}

                </div>

             </div>

             <div class="field">

                <div class="label label-checkbox">

                    <label for="active">${_('Active')}:</label>

                </div>

                <div class="checkboxes">

                    ${h.checkbox('active',value=True)}

                </div>

             </div>

             <div class="field">

                <div class="label label-checkbox">

                    <label for="admin">${_('Admin')}:</label>

                </div>

                <div class="checkboxes">

                    ${h.checkbox('admin',value=True)}

                </div>

             </div>

            <div class="buttons">

              ${h.submit('save',_('Save'),class_="ui-button")}

              ${h.reset('reset',_('Reset'),class_="ui-button")}

            </div>

    	</div>

    </div>

    ${h.end_form()}

</div>

<div class="box box-right">

    <!-- box / title -->

    <div class="title">

        <h5>${_('Permissions')}</h5>

    </div>

    ${h.form(url('user_perm', id=c.user.user_id),method='put')}

    <div class="form">

        <!-- fields -->

        <div class="fields">

             <div class="field">

                <div class="label label-checkbox">

                    <label for="create_repo_perm">${_('Create repositories')}:</label>

                </div>

                <div class="checkboxes">

                    ${h.checkbox('create_repo_perm',value=True)}

                </div>

             </div>

            <div class="buttons">

              ${h.submit('save',_('Save'),class_="ui-button")}

              ${h.reset('reset',_('Reset'),class_="ui-button")}

            </div>

        </div>

    </div>

    ${h.end_form()}

</div>

</%def>