# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

kallithea.lib.base

~~~~~~~~~~~~~~~~~~

The base Controller API

Provides the BaseController class for subclassing. And usage in different

controllers

This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: Oct 06, 2010

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

import datetime

import decorator

import logging

import time

import traceback

import warnings

import webob.exc

import paste.httpexceptions

import paste.auth.basic

import paste.httpheaders

from webhelpers.pylonslib import secure_form

from tg import config, tmpl_context as c, request, response, session, render_template

from tg import TGController

from tg.i18n import ugettext as _

from kallithea import __version__, BACKENDS

from kallithea.config.routing import url

from kallithea.lib.utils2 import str2bool, safe_unicode, AttributeDict, \

from kallithea.lib import auth_modules

from kallithea.lib.auth import AuthUser, HasPermissionAnyMiddleware

from kallithea.lib.compat import json

from kallithea.lib.utils import get_repo_slug, is_valid_repo

from kallithea.lib.exceptions import UserCreationError

from kallithea.lib.vcs.exceptions import RepositoryError, EmptyRepositoryError, ChangesetDoesNotExistError

from kallithea.model import meta

from kallithea.model.db import PullRequest, Repository, User, Setting

from kallithea.model.scm import ScmModel

log = logging.getLogger(__name__)

def render(template_path):

    return render_template({'url': url}, 'mako', template_path)

def _filter_proxy(ip):

    """

    HEADERS can have multiple ips inside the left-most being the original

    client, and each successive proxy that passed the request adding the IP

    address where it received the request from.

    :param ip:

    """

    if ',' in ip:

        _ips = ip.split(',')

        _first_ip = _ips[0].strip()

        log.debug('Got multiple IPs %s, using %s', ','.join(_ips), _first_ip)

        return _first_ip

    return ip

def _get_ip_addr(environ):

    proxy_key = 'HTTP_X_REAL_IP'

    proxy_key2 = 'HTTP_X_FORWARDED_FOR'

    def_key = 'REMOTE_ADDR'

    ip = environ.get(proxy_key)

    if ip:

        return _filter_proxy(ip)

    ip = environ.get(proxy_key2)

    if ip:

        return _filter_proxy(ip)

    ip = environ.get(def_key, '0.0.0.0')

            if not HasPermissionAnyMiddleware('repository.write',

                                              'repository.admin')(authuser,

                                                                  repo_name):

                return False

        else:

            #any other action need at least read permission

            if not HasPermissionAnyMiddleware('repository.read',

                                              'repository.write',

                                              'repository.admin')(authuser,

                                                                  repo_name):

                return False

        return True

    def _get_ip_addr(self, environ):

        return _get_ip_addr(environ)

    def __call__(self, environ, start_response):

        start = time.time()

        try:

            # try parsing a request for this VCS - if it fails, call the wrapped app

            parsed_request = self.parse_request(environ)

            if parsed_request is None:

                return self.application(environ, start_response)

            # skip passing error to error controller

            environ['pylons.status_code_redirect'] = True

            # quick check if repo exists...

            if not is_valid_repo(parsed_request.repo_name, self.basepath, self.scm_alias):

                raise webob.exc.HTTPNotFound()

            if parsed_request.action is None:

                # Note: the client doesn't get the helpful error message

                raise webob.exc.HTTPBadRequest('Unable to detect pull/push action for %r! Are you using a nonstandard command or client?' % parsed_request.repo_name)

            #======================================================================

            # CHECK PERMISSIONS

            #======================================================================

            ip_addr = self._get_ip_addr(environ)

            user, response_app = self._authorize(environ, parsed_request.action, parsed_request.repo_name, ip_addr)

            if response_app is not None:

                return response_app(environ, start_response)

            #======================================================================

            # REQUEST HANDLING

            #======================================================================

                parsed_request.repo_name, self.scm_alias, parsed_request.action)

            try:

                log.info('%s action on %s repo "%s" by "%s" from %s',

                         parsed_request.action, self.scm_alias, parsed_request.repo_name, safe_str(user.username), ip_addr)

                app = self._make_app(parsed_request)

                return app(environ, start_response)

            except Exception:

                log.error(traceback.format_exc())

                raise webob.exc.HTTPInternalServerError()

        except webob.exc.HTTPException as e:

            return e(environ, start_response)

        finally:

            log_ = logging.getLogger('kallithea.' + self.__class__.__name__)

            log_.debug('Request time: %.3fs', time.time() - start)

            meta.Session.remove()

class BaseController(TGController):

    def _before(self, *args, **kwargs):

        """

        _before is called before controller methods and after __call__

        """

        if request.needs_csrf_check:

            # CSRF protection: Whenever a request has ambient authority (whether

            # through a session cookie or its origin IP address), it must include

            # the correct token, unless the HTTP method is GET or HEAD (and thus

            # guaranteed to be side effect free. In practice, the only situation

            # where we allow side effects without ambient authority is when the

            # authority comes from an API key; and that is handled above.

            token = request.POST.get(secure_form.token_key)

            if not token or token != secure_form.authentication_token():

                log.error('CSRF check failed')

                raise webob.exc.HTTPForbidden()

        c.kallithea_version = __version__

        rc_config = Setting.get_app_settings()

        # Visual options

        c.visual = AttributeDict({})

        ## DB stored

        c.visual.show_public_icon = str2bool(rc_config.get('show_public_icon'))

        c.visual.show_private_icon = str2bool(rc_config.get('show_private_icon'))

        c.visual.stylify_metalabels = str2bool(rc_config.get('stylify_metalabels'))

        c.visual.page_size = safe_int(rc_config.get('dashboard_items', 100))

# -*- coding: utf-8 -*-

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

kallithea.lib.hooks

~~~~~~~~~~~~~~~~~~~

Hooks run by Kallithea

This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: Aug 6, 2010

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

import os

import time

import binascii

from kallithea.lib.vcs.utils.hgcompat import nullrev, revrange

from kallithea.lib import helpers as h

from kallithea.lib.utils import action_logger

from kallithea.lib.vcs.backends.base import EmptyChangeset

from kallithea.lib.exceptions import UserCreationError

from kallithea.lib.utils import make_ui, setup_cache_regions

from kallithea.model.db import Repository, User, Ui

def _get_scm_size(alias, root_path):

    if not alias.startswith('.'):

        alias += '.'

    size_scm, size_root = 0, 0

    for path, dirs, files in os.walk(safe_str(root_path)):

        if path.find(alias) != -1:

            for f in files:

                try:

                    size_scm += os.path.getsize(os.path.join(path, f))

                except OSError:

                    pass

        else:

            for f in files:

                try:

                    size_root += os.path.getsize(os.path.join(path, f))

                except OSError:

                    pass

    size_scm_f = h.format_byte_size(size_scm)

    size_root_f = h.format_byte_size(size_root)

    size_total_f = h.format_byte_size(size_root + size_scm)

    return size_scm_f, size_root_f, size_total_f

def repo_size(ui, repo, hooktype=None, **kwargs):

    """Presents size of repository after push"""

    size_hg_f, size_root_f, size_total_f = _get_scm_size('.hg', repo.root)

    last_cs = repo[len(repo) - 1]

    msg = ('Repository size .hg: %s Checkout: %s Total: %s\n'

           'Last revision is now r%s:%s\n') % (

        size_hg_f, size_root_f, size_total_f, last_cs.rev(), last_cs.hex()[:12]

    )

    ui.status(msg)

def log_pull_action(ui, repo, **kwargs):

    """Logs user last pull action

    Called as Mercurial hook outgoing.pull_logger or from Kallithea before invoking Git.

    Does *not* use the action from the hook environment but is always 'pull'.

    """

    user = User.get_by_username(ex.username)

    action = 'pull'

    action_logger(user, action, ex.repository, ex.ip, commit=True)

    # extension hook call

    from kallithea import EXTENSIONS

    callback = getattr(EXTENSIONS, 'PULL_HOOK', None)

    if callable(callback):

        kw = {}

        kw.update(ex)

        callback(**kw)

    return 0

def log_push_action(ui, repo, node, node_last, **kwargs):

    """

    Entry point for Mercurial hook changegroup.push_logger.

    The pushed changesets is given by the revset 'node:node_last'.

    Note: This hook is not only logging, but also the side effect invalidating

    cahes! The function should perhaps be renamed.

    """

    _h = binascii.hexlify

    revs = [_h(repo[r].node()) for r in revrange(repo, [node + ':' + node_last])]

    process_pushed_raw_ids(revs)

    return 0

def process_pushed_raw_ids(revs):

    """

    Register that changes have been added to the repo - log the action *and* invalidate caches.

    Called from  Mercurial changegroup.push_logger calling hook log_push_action,

    or from the Git post-receive hook calling handle_git_post_receive ...

    or from scm _handle_push.

    """

    action = '%s:%s' % (ex.action, ','.join(revs))

    action_logger(ex.username, action, ex.repository, ex.ip, commit=True)

    from kallithea.model.scm import ScmModel

    ScmModel().mark_for_invalidation(ex.repository)

    # extension hook call

    from kallithea import EXTENSIONS

    callback = getattr(EXTENSIONS, 'PUSH_HOOK', None)

    if callable(callback):

        kw = {'pushed_revs': revs}

        kw.update(ex)

        callback(**kw)

def log_create_repository(repository_dict, created_by, **kwargs):

    """

    Post create repository Hook.

    :param repository: dict dump of repository object

    :param created_by: username who created repository

    available keys of repository_dict:

     'repo_type',

     'description',

     'private',

     'created_on',

     'enable_downloads',

     'repo_id',

     'owner_id',

     'enable_statistics',

     'clone_uri',

     'fork_id',

     'group_id',

     'repo_name'

    """

    from kallithea import EXTENSIONS

    callback = getattr(EXTENSIONS, 'CREATE_REPO_HOOK', None)

    if callable(callback):

        kw = {}

        kw.update(repository_dict)

        kw.update({'created_by': created_by})

        kw.update(kwargs)

        return callback(**kw)

    Post delete user Hook.

    :param user_dict: dict dump of user object

    available keys for user_dict:

     'username',

     'full_name_or_username',

     'full_contact',

     'user_id',

     'name',

     'firstname',

     'short_contact',

     'admin',

     'lastname',

     'ip_addresses',

     'ldap_dn',

     'email',

     'api_key',

     'last_login',

     'full_name',

     'active',

     'password',

     'emails',

    """

    from kallithea import EXTENSIONS

    callback = getattr(EXTENSIONS, 'DELETE_USER_HOOK', None)

    if callable(callback):

        return callback(deleted_by=deleted_by, **user_dict)

    return 0

def _hook_environment(repo_path):

    """

    Create a light-weight environment for stand-alone scripts and return an UI and the

    db repository.

    Git hooks are executed as subprocess of Git while Kallithea is waiting, and

    they thus need enough info to be able to create an app environment and

    connect to the database.

    """

    from paste.deploy import appconfig

    from sqlalchemy import engine_from_config

    from kallithea.config.environment import load_environment

    from kallithea.model.base import init_model

    ini_file_path = extras['config']

    #logging.config.fileConfig(ini_file_path) # Note: we are in a different process - don't use configured logging

    app_conf = appconfig('config:%s' % ini_file_path)

    conf = load_environment(app_conf.global_conf, app_conf.local_conf)

    setup_cache_regions(conf)

    engine = engine_from_config(conf, 'sqlalchemy.')

    init_model(engine)

    repo_path = safe_unicode(repo_path)

    # fix if it's not a bare repo

    if repo_path.endswith(os.sep + '.git'):

        repo_path = repo_path[:-5]

    repo = Repository.get_by_full_path(repo_path)

    if not repo:

        raise OSError('Repository %s not found in database'

                      % (safe_str(repo_path)))

    baseui = make_ui()

    return baseui, repo

def handle_git_pre_receive(repo_path, git_stdin_lines):

    """Called from Git pre-receive hook"""

    # Currently unused. TODO: remove?

    return 0

def handle_git_post_receive(repo_path, git_stdin_lines):

    """Called from Git post-receive hook"""

    baseui, repo = _hook_environment(repo_path)

    # the post push hook should never use the cached instance

    scm_repo = repo.scm_instance_no_cache()

    rev_data = []

    for l in git_stdin_lines:

        old_rev, new_rev, ref = l.strip().split(' ')

        _ref_data = ref.split('/')

        if _ref_data[1] in ['tags', 'heads']:

            rev_data.append({'old_rev': old_rev,

                             'new_rev': new_rev,

                             'ref': ref,

                             'type': _ref_data[1],

                             'name': '/'.join(_ref_data[2:])})

# Must match regexp in kallithea/public/js/base.js MentionsAutoComplete()

# Check char before @ - it must not look like we are in an email addresses.

# Matching is greedy so we don't have to look beyond the end.

MENTIONS_REGEX = re.compile(r'(?:^|(?<=[^a-zA-Z0-9]))@([a-zA-Z0-9][-_.a-zA-Z0-9]*[a-zA-Z0-9])')

def extract_mentioned_usernames(text):

    r"""

    Returns list of (possible) usernames @mentioned in given text.

    >>> extract_mentioned_usernames('@1-2.a_X,@1234 not@not @ddd@not @n @ee @ff @gg, @gg;@hh @n\n@zz,')

    ['1-2.a_X', '1234', 'ddd', 'ee', 'ff', 'gg', 'gg', 'hh', 'zz']

    """

    return MENTIONS_REGEX.findall(text)

def extract_mentioned_users(text):

    """ Returns set of actual database Users @mentioned in given text. """

    from kallithea.model.db import User

    result = set()

    for name in extract_mentioned_usernames(text):

        user = User.get_by_username(name, case_insensitive=True)

        if user is not None and not user.is_default_user:

            result.add(user)

    return result

class AttributeDict(dict):

    def __getattr__(self, attr):

        return self.get(attr, None)

    __setattr__ = dict.__setitem__

    __delattr__ = dict.__delitem__

def obfuscate_url_pw(engine):

    from sqlalchemy.engine import url as sa_url

    from sqlalchemy.exc import ArgumentError

    try:

        _url = sa_url.make_url(engine or '')

    except ArgumentError:

        return engine

    if _url.password:

        _url.password = 'XXXXX'

    return str(_url)

    """

    """

    try:

        extras = json.loads(os.environ['KALLITHEA_EXTRAS'])

    except KeyError:

        raise Exception("Environment variable KALLITHEA_EXTRAS not found")

    try:

        for k in ['username', 'repository', 'scm', 'action', 'ip']:

            extras[k]

    except KeyError:

        raise Exception('Missing key %s in KALLITHEA_EXTRAS %s' % (k, extras))

    return AttributeDict(extras)

    os.environ['KALLITHEA_EXTRAS'] = json.dumps(extras)

def get_current_authuser():

    """

    Gets kallithea user from threadlocal tmpl_context variable if it's

    defined, else returns None.

    """

    from tg import tmpl_context

    if hasattr(tmpl_context, 'authuser'):

        return tmpl_context.authuser

    return None

class OptionalAttr(object):

    """

    Special Optional Option that defines other attribute. Example::

        def test(apiuser, userid=Optional(OAttr('apiuser')):

            user = Optional.extract(userid)

            # calls

    """

    def __init__(self, attr_name):

        self.attr_name = attr_name

    def __repr__(self):

        return '<OptionalAttr:%s>' % self.attr_name

    def __call__(self):

        return self

# alias

OAttr = OptionalAttr

class Optional(object):

    """

    Defines an optional parameter::

        param = param.getval() if isinstance(param, Optional) else param

        param = param() if isinstance(param, Optional) else param

    is equivalent of::

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

kallithea.model.scm

~~~~~~~~~~~~~~~~~~~

Scm model for Kallithea

This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: Apr 9, 2010

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

import os

import sys

import posixpath

import re

import time

import traceback

import logging

import cStringIO

import pkg_resources

from sqlalchemy import func

from tg.i18n import ugettext as _

import kallithea

from kallithea.lib.vcs import get_backend

from kallithea.lib.vcs.exceptions import RepositoryError

from kallithea.lib.vcs.utils.lazy import LazyProperty

from kallithea.lib.vcs.nodes import FileNode

from kallithea.lib.vcs.backends.base import EmptyChangeset

from kallithea import BACKENDS

from kallithea.lib import helpers as h

from kallithea.lib.auth import HasRepoPermissionLevel, HasRepoGroupPermissionLevel, \

    HasUserGroupPermissionLevel, HasPermissionAny, HasPermissionAny

from kallithea.lib.utils import get_filesystem_repos, make_ui, \

    action_logger

from kallithea.model.db import Repository, Session, Ui, CacheInvalidation, \

    UserFollowing, UserLog, User, RepoGroup, PullRequest

from kallithea.lib.hooks import process_pushed_raw_ids

from kallithea.lib.exceptions import NonRelativePathError, IMCCommitError

log = logging.getLogger(__name__)

class UserTemp(object):

    def __init__(self, user_id):

        self.user_id = user_id

    def __repr__(self):

        return "<%s('id:%s')>" % (self.__class__.__name__, self.user_id)

class RepoTemp(object):

    def __init__(self, repo_id):

        self.repo_id = repo_id

    def __repr__(self):

        return "<%s('id:%s')>" % (self.__class__.__name__, self.repo_id)

class _PermCheckIterator(object):

    def __init__(self, obj_list, obj_attr, perm_set, perm_checker, extra_kwargs=None):

        """

        Creates iterator from given list of objects, additionally

        checking permission for them from perm_set var

        :param obj_list: list of db objects

        :param obj_attr: attribute of object to pass into perm_checker

        :param perm_set: list of permissions to check

        :param perm_checker: callable to check permissions against

        """

        self.obj_list = obj_list

        self.obj_attr = obj_attr

        self.perm_set = perm_set

        self.perm_checker = perm_checker

        self.extra_kwargs = extra_kwargs or {}

    def __len__(self):

        return len(self.obj_list)

    def is_following_repo(self, repo_name, user_id, cache=False):

        r = Repository.query() \

            .filter(Repository.repo_name == repo_name).scalar()

        f = UserFollowing.query() \

            .filter(UserFollowing.follows_repository == r) \

            .filter(UserFollowing.user_id == user_id).scalar()

        return f is not None

    def is_following_user(self, username, user_id, cache=False):

        u = User.get_by_username(username)

        f = UserFollowing.query() \

            .filter(UserFollowing.follows_user == u) \

            .filter(UserFollowing.user_id == user_id).scalar()

        return f is not None

    def get_followers(self, repo):

        repo = Repository.guess_instance(repo)

        return UserFollowing.query() \

                .filter(UserFollowing.follows_repository == repo).count()

    def get_forks(self, repo):

        repo = Repository.guess_instance(repo)

        return Repository.query() \

                .filter(Repository.fork == repo).count()

    def get_pull_requests(self, repo):

        repo = Repository.guess_instance(repo)

        return PullRequest.query() \

                .filter(PullRequest.other_repo == repo) \

                .filter(PullRequest.status != PullRequest.STATUS_CLOSED).count()

    def mark_as_fork(self, repo, fork, user):

        repo = self.__get_repo(repo)

        fork = self.__get_repo(fork)

        if fork and repo.repo_id == fork.repo_id:

            raise Exception("Cannot set repository as fork of itself")

        if fork and repo.repo_type != fork.repo_type:

            raise RepositoryError("Cannot set repository as fork of repository with other type")

        repo.fork = fork

        return repo

    def _handle_push(self, repo, username, ip_addr, action, repo_name, revisions):

        """

        Handle that the repository has changed.

        Adds an action log entry with the new revisions, and the head revision

        cache and in-memory caches are invalidated/updated.

        :param username: username who pushes

        :param action: push/push_local/push_remote

        :param repo_name: name of repo

        :param revisions: list of revisions that we pushed

        """

        process_pushed_raw_ids(revisions) # also calls mark_for_invalidation

    def _get_IMC_module(self, scm_type):

        """

        Returns InMemoryCommit class based on scm_type

        :param scm_type:

        """

        if scm_type == 'hg':

            from kallithea.lib.vcs.backends.hg import MercurialInMemoryChangeset

            return MercurialInMemoryChangeset

        if scm_type == 'git':

            from kallithea.lib.vcs.backends.git import GitInMemoryChangeset

            return GitInMemoryChangeset

        raise Exception('Invalid scm_type, must be one of hg,git got %s'

                        % (scm_type,))

    def pull_changes(self, repo, username, ip_addr, clone_uri=None):

        """

        Pull from "clone URL" or fork origin.

        """

        dbrepo = self.__get_repo(repo)

        if clone_uri is None:

            clone_uri = dbrepo.clone_uri or dbrepo.fork and dbrepo.fork.repo_full_path

        if not clone_uri:

            raise Exception("This repository doesn't have a clone uri")

        repo = dbrepo.scm_instance

        repo_name = dbrepo.repo_name

        try:

            if repo.alias == 'git':

                repo.fetch(clone_uri)

                # git doesn't really have something like post-fetch action

                # we fake that now.

                # TODO: extract fetched revisions ... somehow ...

                self._handle_push(repo,

                                  username=username,

                                  ip_addr=ip_addr,

                                  action='push_remote',

                                  repo_name=repo_name,

                                  revisions=[])

            else:

                                           repo.alias, action='push_remote')

                repo.pull(clone_uri)

            self.mark_for_invalidation(repo_name)

        except Exception:

            log.error(traceback.format_exc())

            raise

    def commit_change(self, repo, repo_name, cs, user, ip_addr, author, message,

                      content, f_path):

        """

        Commit a change to a single file

        :param repo: a db_repo.scm_instance

        """

        user = User.guess_instance(user)

        IMC = self._get_IMC_module(repo.alias)

        # decoding here will force that we have proper encoded values

        # in any other case this will throw exceptions and deny commit

        content = safe_str(content)

        path = safe_str(f_path)

        # message and author needs to be unicode

        # proper backend should then translate that into required type

        message = safe_unicode(message)

        author = safe_unicode(author)

        imc = IMC(repo)

        imc.change(FileNode(path, content, mode=cs.get_file_mode(f_path)))