'repository.admin')

    def changeset_raw(self, revision):

        return self._index(revision, method='raw')

    @LoginRequired()

    @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',

                                   'repository.admin')

    def changeset_patch(self, revision):

        return self._index(revision, method='patch')

    @LoginRequired()

    @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',

                                   'repository.admin')

    def changeset_download(self, revision):

        return self._index(revision, method='download')

    @LoginRequired()

    @NotAnonymous()

    @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',

                                   'repository.admin')

    @jsonify

    def comment(self, repo_name, revision):

        status = request.POST.get('changeset_status')

        text = request.POST.get('text', '').strip()

        c.comment = comment = ChangesetCommentsModel().create(

            text=text,

            repo=c.db_repo.repo_id,

            user=c.authuser.user_id,

            revision=revision,

            f_path=request.POST.get('f_path'),

            line_no=request.POST.get('line'),

            status_change=(ChangesetStatus.get_status_lbl(status)

                           if status else None)

        )

        # get status if set !

        if status:

            # if latest status was from pull request and it's closed

            # disallow changing status !

            # dont_allow_on_closed_pull_request = True !

            try:

                ChangesetStatusModel().set_status(

                    c.db_repo.repo_id,

                    status,

                    c.authuser.user_id,

                    comment,

                    revision=revision,

                    dont_allow_on_closed_pull_request=True

                )

            except StatusChangeOnClosedPullRequestError:

                log.debug(traceback.format_exc())

                msg = _('Changing status on a changeset associated with '

                        'a closed pull request is not allowed')

                h.flash(msg, category='warning')

                return redirect(h.url('changeset_home', repo_name=repo_name,

                                      revision=revision))

        action_logger(self.authuser,

                      'user_commented_revision:%s' % revision,

                      c.db_repo, self.ip_addr, self.sa)

        Session().commit()

        if not request.environ.get('HTTP_X_PARTIAL_XHR'):

            return redirect(h.url('changeset_home', repo_name=repo_name,

                                  revision=revision))

        #only ajax below

        data = {

           'target_id': h.safeid(h.safe_unicode(request.POST.get('f_path'))),

        }

        if comment is not None:

            data.update(comment.get_dict())

            data.update({'rendered_text':

                         render('changeset/changeset_comment_block.html')})

        return data

    @LoginRequired()

    @NotAnonymous()

    @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',

                                   'repository.admin')

    def preview_comment(self):

        if not request.environ.get('HTTP_X_PARTIAL_XHR'):

            raise HTTPBadRequest()

        text = request.POST.get('text')

        if text:

            return h.rst_w_mentions(text)

        return ''

    @LoginRequired()

    @NotAnonymous()

    @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',

                                   'repository.admin')

    @jsonify

    def delete_comment(self, repo_name, comment_id):

        owner = co.author.user_id == c.authuser.user_id

        if h.HasPermissionAny('hg.admin')() or repo_admin or owner:

            ChangesetCommentsModel().delete(comment=co)

            Session().commit()

            return True

        else:

            raise HTTPForbidden()

    @LoginRequired()

    @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',

                                   'repository.admin')

    @jsonify

    def changeset_info(self, repo_name, revision):

        if request.is_xhr:

            try:

                return c.db_repo_scm_instance.get_changeset(revision)

            except ChangesetDoesNotExistError as e:

                return EmptyChangeset(message=str(e))

        else:

            raise HTTPBadRequest()

    @LoginRequired()

    @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',

                                   'repository.admin')

    @jsonify

    def changeset_children(self, repo_name, revision):

        if request.is_xhr:

            changeset = c.db_repo_scm_instance.get_changeset(revision)

            result = {"results": []}

            if changeset.children:

                result = {"results": changeset.children}

            return result

        else:

            raise HTTPBadRequest()

    @LoginRequired()

    @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',

                                   'repository.admin')

    @jsonify

    def changeset_parents(self, repo_name, revision):

        if request.is_xhr:

            changeset = c.db_repo_scm_instance.get_changeset(revision)

            result = {"results": []}

            if changeset.parents:

                result = {"results": changeset.parents}

            return result

        else:

            raise HTTPBadRequest()

        new_revisions = [r for r in revisions if r not in old_revisions]

        lost = old_revisions.difference(revisions)

        infos = ['This is an update of %s "%s".' %

                 (h.canonical_url('pullrequest_show', repo_name=old_pull_request.other_repo.repo_name,

                      pull_request_id=old_pull_request.pull_request_id),

                  old_pull_request.title)]

        if lost:

            infos.append(_('Missing changesets since the previous pull request:'))

            for r in old_pull_request.revisions:

                if r in lost:

                    rev_desc = org_repo.get_changeset(r).message.split('\n')[0]

                    infos.append('  %s "%s"' % (h.short_id(r), rev_desc))

        if new_revisions:

            infos.append(_('New changesets on %s %s since the previous pull request:') % (org_ref_type, org_ref_name))

            for r in reversed(revisions):

                if r in new_revisions:

                    rev_desc = org_repo.get_changeset(r).message.split('\n')[0]

                    infos.append('  %s %s' % (h.short_id(r), h.shorter(rev_desc, 80)))

            if ancestor_rev == other_rev:

                infos.append(_("Ancestor didn't change - show diff since previous version:"))

                infos.append(h.canonical_url('compare_url',

                                 repo_name=org_repo.repo_name, # other_repo is always same as repo_name

                                 org_ref_type='rev', org_ref_name=h.short_id(org_rev), # use old org_rev as base

                                 other_ref_type='rev', other_ref_name=h.short_id(new_org_rev),

                                 )) # note: linear diff, merge or not doesn't matter

            else:

                infos.append(_('This pull request is based on another %s revision and there is no simple diff.') % other_ref_name)

        else:

           infos.append(_('No changes found on %s %s since previous version.') % (org_ref_type, org_ref_name))

           # TODO: fail?

        # hack: ancestor_rev is not an other_ref but we want to show the

        # requested destination and have the exact ancestor

        new_other_ref = '%s:%s:%s' % (other_ref_type, other_ref_name, ancestor_rev)

        new_org_ref = '%s:%s:%s' % (org_ref_type, org_ref_name, new_org_rev)

        try:

            title, old_v = re.match(r'(.*)\(v(\d+)\)\s*$', title).groups()

            v = int(old_v) + 1

        except (AttributeError, ValueError):

            v = 2

        title = '%s (v%s)' % (title.strip(), v)

        # using a mail-like separator, insert new update info at the top of the list

        descriptions = description.replace('\r\n', '\n').split('\n-- \n', 1)

        description = descriptions[0].strip() + '\n\n-- \n' + '\n'.join(infos)

        if len(descriptions) > 1:

            description += '\n\n' + descriptions[1].strip()

        try:

            pull_request = PullRequestModel().create(

                self.authuser.user_id,

                old_pull_request.org_repo.repo_name, new_org_ref,

                old_pull_request.other_repo.repo_name, new_other_ref,

                revisions, reviewers_ids, title, description

            )

        except UserInvalidException as u:

            h.flash(_('Invalid reviewer "%s" specified') % u, category='error')

            raise HTTPBadRequest()

        except Exception:

            h.flash(_('Error occurred while creating pull request'),

                    category='error')

            log.error(traceback.format_exc())

            return redirect(old_pull_request.url())

        ChangesetCommentsModel().create(

            text=_('Closed, replaced by %s .') % pull_request.url(canonical=True),

            repo=old_pull_request.other_repo.repo_id,

            user=c.authuser.user_id,

            pull_request=old_pull_request.pull_request_id,

            closing_pr=True)

        PullRequestModel().close_pull_request(old_pull_request.pull_request_id)

        Session().commit()

        h.flash(_('Pull request update created'),

                category='success')

        return redirect(pull_request.url())

    # pullrequest_post for PR editing

    @LoginRequired()

    @NotAnonymous()

    @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',

                                   'repository.admin')

    def post(self, repo_name, pull_request_id):

        pull_request = PullRequest.get_or_404(pull_request_id)

        if pull_request.is_closed():

            raise HTTPForbidden()

        assert pull_request.other_repo.repo_name == repo_name

        #only owner or admin can update it

        owner = pull_request.owner.user_id == c.authuser.user_id

        repo_admin = h.HasRepoPermissionAny('repository.admin')(c.repo_name)

            raise HTTPForbidden()

        _form = PullRequestPostForm()().to_python(request.POST)

        reviewers_ids = [int(s) for s in _form['review_members']]

        if _form['updaterev']:

            return self.create_update(pull_request,

                                      _form['updaterev'],

                                      _form['pullrequest_title'],

                                      _form['pullrequest_desc'],

                                      reviewers_ids)

        old_description = pull_request.description

        pull_request.title = _form['pullrequest_title']

        pull_request.description = _form['pullrequest_desc'].strip() or _('No description')

        pull_request.owner = User.get_by_username(_form['owner'])

        user = User.get(c.authuser.user_id)

        try:

            PullRequestModel().mention_from_description(user, pull_request, old_description)

            PullRequestModel().update_reviewers(user, pull_request_id, reviewers_ids)

        except UserInvalidException as u:

            h.flash(_('Invalid reviewer "%s" specified') % u, category='error')

            raise HTTPBadRequest()

        Session().commit()

        h.flash(_('Pull request updated'), category='success')

        return redirect(pull_request.url())

    @LoginRequired()

    @NotAnonymous()

    @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',

                                   'repository.admin')

    @jsonify

    def delete(self, repo_name, pull_request_id):

        pull_request = PullRequest.get_or_404(pull_request_id)

        #only owner can delete it !

        if pull_request.owner.user_id == c.authuser.user_id:

            PullRequestModel().delete(pull_request)

            Session().commit()

            h.flash(_('Successfully deleted pull request'),

                    category='success')

            return redirect(url('my_pullrequests'))

        raise HTTPForbidden()

    @LoginRequired()

    @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',

                                   'repository.admin')

    def show(self, repo_name, pull_request_id, extra=None):

        repo_model = RepoModel()

        c.users_array = repo_model.get_users_js()

        c.user_groups_array = repo_model.get_user_groups_js()

        c.pull_request = PullRequest.get_or_404(pull_request_id)

        c.allowed_to_change_status = self._get_is_allowed_change_status(c.pull_request)

        cc_model = ChangesetCommentsModel()

        cs_model = ChangesetStatusModel()

        # pull_requests repo_name we opened it against

        # ie. other_repo must match

        if repo_name != c.pull_request.other_repo.repo_name:

            raise HTTPNotFound

        # load compare data into template context

        c.cs_repo = c.pull_request.org_repo

        (c.cs_ref_type,

         c.cs_ref_name,

         c.cs_rev) = c.pull_request.org_ref.split(':')

        c.a_repo = c.pull_request.other_repo

        (c.a_ref_type,

         c.a_ref_name,

         c.a_rev) = c.pull_request.other_ref.split(':') # other_rev is ancestor

        org_scm_instance = c.cs_repo.scm_instance # property with expensive cache invalidation check!!!

        c.cs_repo = c.cs_repo

        c.cs_ranges = [org_scm_instance.get_changeset(x) for x in c.pull_request.revisions]

        c.cs_ranges_org = None # not stored and not important and moving target - could be calculated ...

        revs = [ctx.revision for ctx in reversed(c.cs_ranges)]

        c.jsdata = json.dumps(graph_data(org_scm_instance, revs))

        c.is_range = False

        if c.a_ref_type == 'rev': # this looks like a free range where target is ancestor

            cs_a = org_scm_instance.get_changeset(c.a_rev)

            root_parents = c.cs_ranges[0].parents

            c.is_range = cs_a in root_parents

            #c.merge_root = len(root_parents) > 1 # a range starting with a merge might deserve a warning

        avail_revs = set()

        avail_show = []

        c.cs_branch_name = c.cs_ref_name

        other_scm_instance = c.a_repo.scm_instance

        c.update_msg = ""

        c.update_msg_other = ""

        if org_scm_instance.alias == 'hg' and c.a_ref_name != 'ancestor':

            if c.cs_ref_type != 'branch':

                c.cs_branch_name = org_scm_instance.get_changeset(c.cs_ref_name).branch # use ref_type ?

         c.pull_request_pending_reviewers,

         c.current_voting_result,

         ) = cs_model.calculate_pull_request_result(c.pull_request)

        c.changeset_statuses = ChangesetStatus.STATUSES

        c.as_form = False

        c.ancestor = None # there is one - but right here we don't know which

        return render('/pullrequests/pullrequest_show.html')

    @LoginRequired()

    @NotAnonymous()

    @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',

                                   'repository.admin')

    @jsonify

    def comment(self, repo_name, pull_request_id):

        pull_request = PullRequest.get_or_404(pull_request_id)

        status = request.POST.get('changeset_status')

        close_pr = request.POST.get('save_close')

        f_path = request.POST.get('f_path')

        line_no = request.POST.get('line')

        if (status or close_pr) and (f_path or line_no):

            # status votes and closing is only possible in general comments

            raise HTTPBadRequest()

        allowed_to_change_status = self._get_is_allowed_change_status(pull_request)

        if not allowed_to_change_status:

            if status or close_pr:

                h.flash(_('No permission to change pull request status'), 'error')

                raise HTTPForbidden()

        text = request.POST.get('text', '').strip()

        if close_pr:

            text = _('Closing.') + '\n' + text

        comment = ChangesetCommentsModel().create(

            text=text,

            repo=c.db_repo.repo_id,

            user=c.authuser.user_id,

            pull_request=pull_request_id,

            f_path=f_path,

            line_no=line_no,

            status_change=(ChangesetStatus.get_status_lbl(status)

                           if status and allowed_to_change_status else None),

            closing_pr=close_pr

        )

        action_logger(self.authuser,

                      'user_commented_pull_request:%s' % pull_request_id,

                      c.db_repo, self.ip_addr, self.sa)

        if status:

            ChangesetStatusModel().set_status(

                c.db_repo.repo_id,

                status,

                c.authuser.user_id,

                comment,

                pull_request=pull_request_id

            )

        if close_pr:

            PullRequestModel().close_pull_request(pull_request_id)

            action_logger(self.authuser,

                          'user_closed_pull_request:%s' % pull_request_id,

                          c.db_repo, self.ip_addr, self.sa)

        Session().commit()

        if not request.environ.get('HTTP_X_PARTIAL_XHR'):

            return redirect(pull_request.url())

        data = {

           'target_id': h.safeid(h.safe_unicode(request.POST.get('f_path'))),

        }

        if comment is not None:

            c.comment = comment

            data.update(comment.get_dict())

            data.update({'rendered_text':

                         render('changeset/changeset_comment_block.html')})

        return data

    @LoginRequired()

    @NotAnonymous()

    @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',

                                   'repository.admin')

    @jsonify

    def delete_comment(self, repo_name, comment_id):

        co = ChangesetComment.get(comment_id)

        if co.pull_request.is_closed():

            #don't allow deleting comments on closed pull request

            raise HTTPForbidden()

        owner = co.author.user_id == c.authuser.user_id

        repo_admin = h.HasRepoPermissionAny('repository.admin')(c.repo_name)

            ChangesetCommentsModel().delete(comment=co)

            Session().commit()

            return True

        else:

            raise HTTPForbidden()