# -*- coding: utf-8 -*-

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

kallithea.controllers.changelog

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

changelog controller for Kallithea

This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: Apr 21, 2010

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

import logging

import traceback

from pylons import request, url, session, tmpl_context as c

from pylons.controllers.util import redirect

from pylons.i18n.translation import _

from webob.exc import HTTPNotFound, HTTPBadRequest

import kallithea.lib.helpers as h

from kallithea.lib.auth import LoginRequired, HasRepoPermissionAnyDecorator

from kallithea.lib.base import BaseRepoController, render

from kallithea.lib.helpers import RepoPage

from kallithea.lib.compat import json

from kallithea.lib.graphmod import graph_data

from kallithea.lib.vcs.exceptions import RepositoryError, ChangesetDoesNotExistError,\

    ChangesetError, NodeDoesNotExistError, EmptyRepositoryError

from kallithea.lib.utils2 import safe_int, safe_str

log = logging.getLogger(__name__)

def _load_changelog_summary():

    p = safe_int(request.GET.get('page'), 1)

    size = safe_int(request.GET.get('size'), 10)

    def url_generator(**kw):

        return url('changelog_summary_home',

                   repo_name=c.db_repo.repo_name, size=size, **kw)

    collection = c.db_repo_scm_instance

    c.repo_changesets = RepoPage(collection, page=p,

                                 items_per_page=size,

                                 url=url_generator)

    page_revisions = [x.raw_id for x in list(c.repo_changesets)]

    c.comments = c.db_repo.get_comments(page_revisions)

    c.statuses = c.db_repo.statuses(page_revisions)

class ChangelogController(BaseRepoController):

    def __before__(self):

        super(ChangelogController, self).__before__()

        c.affected_files_cut_off = 60

    @staticmethod

    def __get_cs(rev, repo):

        """

        Safe way to get changeset. If error occur fail with error message.

        :param rev: revision to fetch

        :param repo: repo instance

        """

        try:

            return c.db_repo_scm_instance.get_changeset(rev)

        except EmptyRepositoryError as e:

        except RepositoryError as e:

            log.error(traceback.format_exc())

            h.flash(safe_str(e), category='error')

        raise HTTPBadRequest()

    @LoginRequired()

    @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',

                                   'repository.admin')

    def index(self, repo_name, revision=None, f_path=None):

        # Fix URL after page size form submission via GET

        # TODO: Somehow just don't send this extra junk in the GET URL

        if request.GET.get('set'):

            request.GET.pop('set', None)

            if revision is None:

                return redirect(url('changelog_home', repo_name=repo_name, **request.GET))

            return redirect(url('changelog_file_home', repo_name=repo_name, revision=revision, f_path=f_path, **request.GET))

        limit = 2000

        default = 100

        if request.GET.get('size'):

            c.size = max(min(safe_int(request.GET.get('size')), limit), 1)

            session['changelog_size'] = c.size

            session.save()

        else:

            c.size = int(session.get('changelog_size', default))

        # min size must be 1

        c.size = max(c.size, 1)

        p = safe_int(request.GET.get('page', 1), 1)

        branch_name = request.GET.get('branch', None)

        if (branch_name and

            branch_name not in c.db_repo_scm_instance.branches and

            branch_name not in c.db_repo_scm_instance.closed_branches and

            not revision):

            return redirect(url('changelog_file_home', repo_name=c.repo_name,

                                    revision=branch_name, f_path=f_path or ''))

        if revision == 'tip':

            revision = None

        c.changelog_for_path = f_path

        try:

            if f_path:

                log.debug('generating changelog for path %s', f_path)

                # get the history for the file !

                tip_cs = c.db_repo_scm_instance.get_changeset()

                try:

                    collection = tip_cs.get_file_history(f_path)

                except (NodeDoesNotExistError, ChangesetError):

                    #this node is not present at tip !

                    try:

                        cs = self.__get_cs(revision, repo_name)

                        collection = cs.get_file_history(f_path)

                    except RepositoryError as e:

                        h.flash(safe_str(e), category='warning')

                        redirect(h.url('changelog_home', repo_name=repo_name))

                collection = list(reversed(collection))

            else:

                collection = c.db_repo_scm_instance.get_changesets(start=0, end=revision,

                                                        branch_name=branch_name)

            c.total_cs = len(collection)

            c.pagination = RepoPage(collection, page=p, item_count=c.total_cs,

                                    items_per_page=c.size, branch=branch_name,)

            page_revisions = [x.raw_id for x in c.pagination]

            c.comments = c.db_repo.get_comments(page_revisions)

            c.statuses = c.db_repo.statuses(page_revisions)

        except EmptyRepositoryError as e:

            h.flash(safe_str(e), category='warning')

            return redirect(url('summary_home', repo_name=c.repo_name))

        except (RepositoryError, ChangesetDoesNotExistError, Exception) as e:

            log.error(traceback.format_exc())

            h.flash(safe_str(e), category='error')

            return redirect(url('changelog_home', repo_name=c.repo_name))

        c.branch_name = branch_name

        c.branch_filters = [('', _('None'))] + \

            [(k, k) for k in c.db_repo_scm_instance.branches.keys()]

        if c.db_repo_scm_instance.closed_branches:

            prefix = _('(closed)') + ' '

            c.branch_filters += [('-', '-')] + \

                [(k, prefix + k) for k in c.db_repo_scm_instance.closed_branches.keys()]

        revs = []

        if not f_path:

            revs = [x.revision for x in c.pagination]

        c.jsdata = json.dumps(graph_data(c.db_repo_scm_instance, revs))

        c.revision = revision # requested revision ref

        c.first_revision = c.pagination[0] # pagination is never empty here!

        return render('changelog/changelog.html')

    @LoginRequired()

    @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',

                                   'repository.admin')

    def changelog_details(self, cs):

        if request.environ.get('HTTP_X_PARTIAL_XHR'):

            c.cs = c.db_repo_scm_instance.get_changeset(cs)

            return render('changelog/changelog_details.html')

        raise HTTPNotFound()

    @LoginRequired()

    @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',

                                   'repository.admin')

    def changelog_summary(self, repo_name):

        if request.environ.get('HTTP_X_PARTIAL_XHR'):

            _load_changelog_summary()

            return render('changelog/changelog_summary_data.html')

        raise HTTPNotFound()

from kallithea.lib import diffs

from kallithea.lib.exceptions import UserInvalidException

from kallithea.lib.utils import action_logger, jsonify

from kallithea.lib.vcs.utils import safe_str

from kallithea.lib.vcs.exceptions import EmptyRepositoryError

from kallithea.lib.diffs import LimitedDiffContainer

from kallithea.model.db import PullRequest, ChangesetStatus, ChangesetComment,\

    PullRequestReviewers, User

from kallithea.model.pull_request import PullRequestModel

from kallithea.model.meta import Session

from kallithea.model.repo import RepoModel

from kallithea.model.comment import ChangesetCommentsModel

from kallithea.model.changeset_status import ChangesetStatusModel

from kallithea.model.forms import PullRequestForm, PullRequestPostForm

from kallithea.lib.utils2 import safe_int

from kallithea.controllers.changeset import _ignorews_url, _context_url

from kallithea.controllers.compare import CompareController

from kallithea.lib.graphmod import graph_data

log = logging.getLogger(__name__)

class PullrequestsController(BaseRepoController):

    def _get_repo_refs(self, repo, rev=None, branch=None, branch_rev=None):

        """return a structure with repo's interesting changesets, suitable for

        the selectors in pullrequest.html

        rev: a revision that must be in the list somehow and selected by default

        branch: a branch that must be in the list and selected by default - even if closed

        branch_rev: a revision of which peers should be preferred and available."""

        # list named branches that has been merged to this named branch - it should probably merge back

        peers = []

        if rev:

            rev = safe_str(rev)

        if branch:

            branch = safe_str(branch)

        if branch_rev:

            branch_rev = safe_str(branch_rev)

            # a revset not restricting to merge() would be better

            # (especially because it would get the branch point)

            # ... but is currently too expensive

            # including branches of children could be nice too

            peerbranches = set()

            for i in repo._repo.revs(

                "sort(parents(branch(id(%s)) and merge()) - branch(id(%s)), -rev)",

                branch_rev, branch_rev):

                abranch = repo.get_changeset(i).branch

                if abranch not in peerbranches:

                    n = 'branch:%s:%s' % (abranch, repo.get_changeset(abranch).raw_id)

                    peers.append((n, abranch))

                    peerbranches.add(abranch)

        selected = None

        tiprev = repo.tags.get('tip')

        tipbranch = None

        branches = []

        for abranch, branchrev in repo.branches.iteritems():

            n = 'branch:%s:%s' % (abranch, branchrev)

            desc = abranch

            if branchrev == tiprev:

                tipbranch = abranch

                desc = '%s (current tip)' % desc

            branches.append((n, desc))

            if rev == branchrev:

                selected = n

            if branch == abranch:

                if not rev:

                    selected = n

                branch = None

        if branch:  # branch not in list - it is probably closed

            branchrev = repo.closed_branches.get(branch)

            if branchrev:

                n = 'branch:%s:%s' % (branch, branchrev)

                branches.append((n, _('%s (closed)') % branch))

                selected = n

                branch = None

            if branch:

                log.debug('branch %r not found in %s', branch, repo)

        bookmarks = []

        for bookmark, bookmarkrev in repo.bookmarks.iteritems():

            n = 'book:%s:%s' % (bookmark, bookmarkrev)

            bookmarks.append((n, bookmark))

            if rev == bookmarkrev:

                selected = n

        tags = []

        for tag, tagrev in repo.tags.iteritems():

            if tag == 'tip':

                continue

            n = 'tag:%s:%s' % (tag, tagrev)

            tags.append((n, tag))

            if rev == tagrev:

                selected = n

        # prio 1: rev was selected as existing entry above

        # prio 2: create special entry for rev; rev _must_ be used

        specials = []

        if rev and selected is None:

            selected = 'rev:%s:%s' % (rev, rev)

            specials = [(selected, '%s: %s' % (_("Changeset"), rev[:12]))]

        # prio 3: most recent peer branch

        if peers and not selected:

            selected = peers[0][0]

        # prio 4: tip revision

        if not selected:

            if h.is_hg(repo):

                if tipbranch:

                    selected = 'branch:%s:%s' % (tipbranch, tiprev)

                else:

                    selected = 'tag:null:' + repo.EMPTY_CHANGESET

                    tags.append((selected, 'null'))

            else:

                if 'master' in repo.branches:

                    selected = 'branch:master:%s' % repo.branches['master']

                else:

                    k, v = repo.branches.items()[0]

                    selected = 'branch:%s:%s' % (k, v)

        groups = [(specials, _("Special")),

                  (peers, _("Peer branches")),

                  (bookmarks, _("Bookmarks")),

                  (branches, _("Branches")),

                  (tags, _("Tags")),

                  ]

        return [g for g in groups if g[0]], selected

    def _get_is_allowed_change_status(self, pull_request):

        if pull_request.is_closed():

            return False

        owner = self.authuser.user_id == pull_request.user_id

        reviewer = self.authuser.user_id in [x.user_id for x in

                                                   pull_request.reviewers]

        return self.authuser.admin or owner or reviewer

    @LoginRequired()

    @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',

                                   'repository.admin')

    def show_all(self, repo_name):

        c.from_ = request.GET.get('from_') or ''

        c.closed = request.GET.get('closed') or ''

        c.pull_requests = PullRequestModel().get_all(repo_name, from_=c.from_, closed=c.closed)

        c.repo_name = repo_name

        p = safe_int(request.GET.get('page', 1), 1)

        c.pullrequests_pager = Page(c.pull_requests, page=p, items_per_page=100)

        return render('/pullrequests/pullrequest_show_all.html')

    @LoginRequired()

    @NotAnonymous()

    def show_my(self):

        c.closed = request.GET.get('closed') or ''

        def _filter(pr):

            s = sorted(pr, key=lambda o: o.created_on, reverse=True)

            if not c.closed:

                s = filter(lambda p: p.status != PullRequest.STATUS_CLOSED, s)

            return s

        c.my_pull_requests = _filter(PullRequest.query()\

                                .filter(PullRequest.user_id ==

                                        self.authuser.user_id)\

                                .all())

        c.participate_in_pull_requests = _filter(PullRequest.query()\

                                .join(PullRequestReviewers)\

                                .filter(PullRequestReviewers.user_id ==

                                        self.authuser.user_id)\

                                                 )

        return render('/pullrequests/pullrequest_show_my.html')

    @LoginRequired()

    @NotAnonymous()

    @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',

                                   'repository.admin')

    def index(self):

        org_repo = c.db_repo

        org_scm_instance = org_repo.scm_instance

        try:

            org_scm_instance.get_changeset()

        except EmptyRepositoryError as e:

            redirect(url('summary_home', repo_name=org_repo.repo_name))

        org_rev = request.GET.get('rev_end')

        # rev_start is not directly useful - its parent could however be used

        # as default for other and thus give a simple compare view

        rev_start = request.GET.get('rev_start')

        other_rev = None

        if rev_start:

            starters = org_repo.get_changeset(rev_start).parents

            if starters:

                other_rev = starters[0].raw_id

            else:

                other_rev = org_repo.scm_instance.EMPTY_CHANGESET

        branch = request.GET.get('branch')

        c.cs_repos = [(org_repo.repo_name, org_repo.repo_name)]

        c.default_cs_repo = org_repo.repo_name

        c.cs_refs, c.default_cs_ref = self._get_repo_refs(org_scm_instance, rev=org_rev, branch=branch)

        default_cs_ref_type, default_cs_branch, default_cs_rev = c.default_cs_ref.split(':')

        if default_cs_ref_type != 'branch':

            default_cs_branch = org_repo.get_changeset(default_cs_rev).branch

        # add org repo to other so we can open pull request against peer branches on itself

        c.a_repos = [(org_repo.repo_name, '%s (self)' % org_repo.repo_name)]

        if org_repo.parent:

            # add parent of this fork also and select it.

            # use the same branch on destination as on source, if available.

            c.a_repos.append((org_repo.parent.repo_name, '%s (parent)' % org_repo.parent.repo_name))

            c.a_repo = org_repo.parent

            c.a_refs, c.default_a_ref = self._get_repo_refs(

                    org_repo.parent.scm_instance, branch=default_cs_branch, rev=other_rev)

        else:

            c.a_repo = org_repo

            c.a_refs, c.default_a_ref = self._get_repo_refs(org_scm_instance, rev=other_rev)

        # gather forks and add to this list ... even though it is rare to

        # request forks to pull from their parent

        for fork in org_repo.forks:

            c.a_repos.append((fork.repo_name, fork.repo_name))

        return render('/pullrequests/pullrequest.html')

    @LoginRequired()

    @NotAnonymous()

    @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',

                                   'repository.admin')

    @jsonify

    def repo_info(self, repo_name):

        repo = RepoModel()._get_repo(repo_name)

        refs, selected_ref = self._get_repo_refs(repo.scm_instance)

        return {

            'description': repo.description.split('\n', 1)[0],

            'selected_ref': selected_ref,

            'refs': refs,

            }

    @LoginRequired()

    @NotAnonymous()

    @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',

                                   'repository.admin')

    def create(self, repo_name):

        repo = RepoModel()._get_repo(repo_name)

        try:

            _form = PullRequestForm(repo.repo_id)().to_python(request.POST)

        except formencode.Invalid as errors:

            log.error(traceback.format_exc())

            log.error(str(errors))

            msg = _('Error creating pull request: %s') % errors.msg

            h.flash(msg, 'error')

            raise HTTPBadRequest

        # heads up: org and other might seem backward here ...

        org_repo_name = _form['org_repo']

        org_ref = _form['org_ref'] # will have merge_rev as rev but symbolic name

        org_repo = RepoModel()._get_repo(org_repo_name)

        (org_ref_type,

         org_ref_name,

         org_rev) = org_ref.split(':')

        if org_ref_type == 'rev':

            org_ref_type = 'branch'

            cs = org_repo.scm_instance.get_changeset(org_rev)

            org_ref = '%s:%s:%s' % (org_ref_type, cs.branch, cs.raw_id)

        other_repo_name = _form['other_repo']

        other_ref = _form['other_ref'] # will have symbolic name and head revision

        other_repo = RepoModel()._get_repo(other_repo_name)

        (other_ref_type,

         other_ref_name,

         other_rev) = other_ref.split(':')

        cs_ranges, _cs_ranges_not, ancestor_rev = \

            CompareController._get_changesets(org_repo.scm_instance.alias,

                                              other_repo.scm_instance, other_rev, # org and other "swapped"

                                              org_repo.scm_instance, org_rev,

                                              )

        if ancestor_rev is None:

            ancestor_rev = org_repo.scm_instance.EMPTY_CHANGESET

        revisions = [cs_.raw_id for cs_ in cs_ranges]

        # hack: ancestor_rev is not an other_rev but we want to show the

        # requested destination and have the exact ancestor

        other_ref = '%s:%s:%s' % (other_ref_type, other_ref_name, ancestor_rev)

        reviewers = _form['review_members']

        title = _form['pullrequest_title']

        if not title:

            if org_repo_name == other_repo_name:

                title = '%s to %s' % (h.short_ref(org_ref_type, org_ref_name),

                                      h.short_ref(other_ref_type, other_ref_name))

            else:

                title = '%s#%s to %s#%s' % (org_repo_name, h.short_ref(org_ref_type, org_ref_name),

                                            other_repo_name, h.short_ref(other_ref_type, other_ref_name))

        description = _form['pullrequest_desc'].strip() or _('No description')

        try:

            pull_request = PullRequestModel().create(

                self.authuser.user_id, org_repo_name, org_ref, other_repo_name,

                other_ref, revisions, reviewers, title, description

            )

            Session().commit()

            h.flash(_('Successfully opened new pull request'),

                    category='success')

        except UserInvalidException as u:

            h.flash(_('Invalid reviewer "%s" specified') % u, category='error')

            raise HTTPBadRequest()

        except Exception:

            h.flash(_('Error occurred while creating pull request'),

                    category='error')

            log.error(traceback.format_exc())

            return redirect(url('pullrequest_home', repo_name=repo_name))

        return redirect(pull_request.url())

    def create_update(self, old_pull_request, updaterev, title, description, reviewers_ids):

        org_repo = RepoModel()._get_repo(old_pull_request.org_repo.repo_name)

        org_ref_type, org_ref_name, org_rev = old_pull_request.org_ref.split(':')

        new_org_rev = self._get_ref_rev(org_repo, 'rev', updaterev)

        other_repo = RepoModel()._get_repo(old_pull_request.other_repo.repo_name)

        other_ref_type, other_ref_name, other_rev = old_pull_request.other_ref.split(':') # other_rev is ancestor

        #assert other_ref_type == 'branch', other_ref_type # TODO: what if not?

        new_other_rev = self._get_ref_rev(other_repo, other_ref_type, other_ref_name)

        cs_ranges, _cs_ranges_not, ancestor_rev = CompareController._get_changesets(org_repo.scm_instance.alias,

            other_repo.scm_instance, new_other_rev, # org and other "swapped"

            org_repo.scm_instance, new_org_rev)

        old_revisions = set(old_pull_request.revisions)

        revisions = [cs.raw_id for cs in cs_ranges]

        new_revisions = [r for r in revisions if r not in old_revisions]

        lost = old_revisions.difference(revisions)

        infos = ['This is an update of %s "%s".' %

                 (h.canonical_url('pullrequest_show', repo_name=old_pull_request.other_repo.repo_name,

                      pull_request_id=old_pull_request.pull_request_id),

                  old_pull_request.title)]

        if lost:

            infos.append(_('Missing changesets since the previous pull request:'))

            for r in old_pull_request.revisions:

                if r in lost:

                    rev_desc = org_repo.get_changeset(r).message.split('\n')[0]

                    infos.append('  %s "%s"' % (h.short_id(r), rev_desc))

        if new_revisions:

            infos.append(_('New changesets on %s %s since the previous pull request:') % (org_ref_type, org_ref_name))

            for r in reversed(revisions):

                if r in new_revisions:

                    rev_desc = org_repo.get_changeset(r).message.split('\n')[0]

                    infos.append('  %s %s' % (h.short_id(r), h.shorter(rev_desc, 80)))

            if ancestor_rev == other_rev:

                infos.append(_("Ancestor didn't change - show diff since previous version:"))

                infos.append(h.canonical_url('compare_url',

                                 repo_name=org_repo.repo_name, # other_repo is always same as repo_name

                                 org_ref_type='rev', org_ref_name=h.short_id(org_rev), # use old org_rev as base

                                 other_ref_type='rev', other_ref_name=h.short_id(new_org_rev),

                                 )) # note: linear diff, merge or not doesn't matter

            else:

                infos.append(_('This pull request is based on another %s revision and there is no simple diff.') % other_ref_name)

        else:

           infos.append(_('No changes found on %s %s since previous version.') % (org_ref_type, org_ref_name))

           # TODO: fail?

        # hack: ancestor_rev is not an other_ref but we want to show the

        # requested destination and have the exact ancestor

        new_other_ref = '%s:%s:%s' % (other_ref_type, other_ref_name, ancestor_rev)

        new_org_ref = '%s:%s:%s' % (org_ref_type, org_ref_name, new_org_rev)

        Checks that `dbuser` is `active` (and not None) before copying;

        returns True on success.

        """

        if dbuser is not None and dbuser.active:

            log.debug('filling %s data', dbuser)

            for k, v in dbuser.get_dict().iteritems():

                assert k not in ['api_keys', 'permissions']

                setattr(self, k, v)

            return True

        return False

    @LazyProperty

    def permissions(self):

        return self.__get_perms(user=self, cache=False)

    @property

    def api_keys(self):

        return self._get_api_keys()

    def __get_perms(self, user, explicit=True, algo='higherwin', cache=False):

        """

        Fills user permission attribute with permissions taken from database

        works for permissions given for repositories, and for permissions that

        are granted to groups

        :param user: `AuthUser` instance

        :param explicit: In case there are permissions both for user and a group

            that user is part of, explicit flag will define if user will

            explicitly override permissions from group, if it's False it will

            make decision based on the algo

        :param algo: algorithm to decide what permission should be choose if

            it's multiple defined, eg user in two different groups. It also

            decides if explicit flag is turned off how to specify the permission

            for case when user is in a group + have defined separate permission

        """

        user_id = user.user_id

        user_is_admin = user.is_admin

        user_inherit_default_permissions = user.inherit_default_permissions

        log.debug('Getting PERMISSION tree')

        compute = conditional_cache('short_term', 'cache_desc',

                                    condition=cache, func=_cached_perms_data)

        return compute(user_id, user_is_admin,

                       user_inherit_default_permissions, explicit, algo)

    def _get_api_keys(self):

        api_keys = [self.api_key]

        for api_key in UserApiKeys.query()\

                .filter(UserApiKeys.user_id == self.user_id)\

                .filter(or_(UserApiKeys.expires == -1,

                            UserApiKeys.expires >= time.time())).all():

            api_keys.append(api_key.api_key)

        return api_keys

    @property

    def is_admin(self):

        return self.admin

    @property

    def repositories_admin(self):

        """

        Returns list of repositories you're an admin of

        """

        return [x[0] for x in self.permissions['repositories'].iteritems()

                if x[1] == 'repository.admin']

    @property

    def repository_groups_admin(self):

        """

        Returns list of repository groups you're an admin of

        """

        return [x[0] for x in self.permissions['repositories_groups'].iteritems()

                if x[1] == 'group.admin']

    @property

    def user_groups_admin(self):

        """

        Returns list of user groups you're an admin of

        """

        return [x[0] for x in self.permissions['user_groups'].iteritems()

                if x[1] == 'usergroup.admin']

    @staticmethod

    def check_ip_allowed(user, ip_addr):

        """

        Check if the given IP address (a `str`) is allowed for the given

        user (an `AuthUser` or `db.User`).

        """

        allowed_ips = AuthUser.get_allowed_ips(user.user_id, cache=True,

            inherit_from_default=user.inherit_default_permissions)

        if check_ip_access(source_ip=ip_addr, allowed_ips=allowed_ips):

            log.debug('IP:%s is in range of %s', ip_addr, allowed_ips)

            return True

        else:

            log.info('Access for IP:%s forbidden, '

                     'not in %s' % (ip_addr, allowed_ips))

            return False

    def __repr__(self):

        return "<AuthUser('id:%s[%s] auth:%s')>"\

            % (self.user_id, self.username, self.is_authenticated)

    def set_authenticated(self, authenticated=True):

        if self.user_id != self.anonymous_user.user_id:

            self.is_authenticated = authenticated

    def to_cookie(self):

        """ Serializes this login session to a cookie `dict`. """

        return {

            'user_id': self.user_id,

            'is_authenticated': self.is_authenticated,

            'is_external_auth': self.is_external_auth,

        }

    @staticmethod

    def from_cookie(cookie):

        """

        Deserializes an `AuthUser` from a cookie `dict`.

        """

        au = AuthUser(

            user_id=cookie.get('user_id'),

            is_external_auth=cookie.get('is_external_auth', False),

        )

        if not au.is_authenticated and au.user_id is not None:

            # user is not authenticated and not empty

            au.set_authenticated(cookie.get('is_authenticated'))

        return au

    @classmethod

    def get_allowed_ips(cls, user_id, cache=False, inherit_from_default=False):

        _set = set()

        if inherit_from_default:

            default_ips = UserIpMap.query().filter(UserIpMap.user ==

                                            User.get_default_user(cache=True))

            if cache:

                default_ips = default_ips.options(FromCache("sql_cache_short",

                                                  "get_user_ips_default"))

            # populate from default user

            for ip in default_ips:

                try:

                    _set.add(ip.ip_addr)

                except ObjectDeletedError:

                    # since we use heavy caching sometimes it happens that we get

                    # deleted objects here, we just skip them

                    pass

        user_ips = UserIpMap.query().filter(UserIpMap.user_id == user_id)

        if cache:

            user_ips = user_ips.options(FromCache("sql_cache_short",

                                                  "get_user_ips_%s" % user_id))

        for ip in user_ips:

            try:

                _set.add(ip.ip_addr)

            except ObjectDeletedError:

                # since we use heavy caching sometimes it happens that we get

                # deleted objects here, we just skip them

                pass

        return _set or set(['0.0.0.0/0', '::/0'])

def set_available_permissions(config):

    """

    This function will propagate pylons globals with all available defined

    permission given in db. We don't want to check each time from db for new

    permissions since adding a new permission also requires application restart

    ie. to decorate new views with the newly created permission

    :param config: current pylons config instance

    """

    log.info('getting information about all available permissions')

    try:

        sa = meta.Session

        all_perms = sa.query(Permission).all()

        config['available_permissions'] = [x.permission_name for x in all_perms]

    finally:

        meta.Session.remove()

#==============================================================================

# CHECK DECORATORS

#==============================================================================

def redirect_to_login(message=None):

    from kallithea.lib import helpers as h

    p = request.path_qs

    if message:

    log.debug('Redirecting to login page, origin: %s', p)

    return redirect(url('login_home', came_from=p))

class LoginRequired(object):

    """

    Must be logged in to execute this function else

    redirect to login page

    :param api_access: if enabled this checks only for valid auth token

        and grants access based on valid token

    """

    def __init__(self, api_access=False):

        self.api_access = api_access

    def __call__(self, func):

        return decorator(self.__wrapper, func)

    def __wrapper(self, func, *fargs, **fkwargs):

        controller = fargs[0]

        user = controller.authuser

        loc = "%s:%s" % (controller.__class__.__name__, func.__name__)

        log.debug('Checking access for user %s @ %s', user, loc)

        if not AuthUser.check_ip_allowed(user, controller.ip_addr):

            return redirect_to_login(_('IP %s not allowed') % controller.ip_addr)

        # check if we used an API key and it's a valid one

        api_key = request.GET.get('api_key')

        if api_key is not None:

            # explicit controller is enabled or API is in our whitelist

            if self.api_access or allowed_api_access(loc, api_key=api_key):

                if api_key in user.api_keys:

                    log.info('user %s authenticated with API key ****%s @ %s',

                             user, api_key[-4:], loc)

                    return func(*fargs, **fkwargs)

                else:

                    log.warning('API key ****%s is NOT valid', api_key[-4:])

                    return redirect_to_login(_('Invalid API key'))

            else:

                # controller does not allow API access

                log.warning('API access to %s is not allowed', loc)

                return abort(403)

        # Only allow the following HTTP request methods. (We sometimes use POST

        # requests with a '_method' set to 'PUT' or 'DELETE'; but that is only

        # used for the route lookup, and does not affect request.method.)

        if request.method not in ['GET', 'HEAD', 'POST', 'PUT']:

            return abort(405)

        # Also verify the _method override. This is only permitted in POST

        # requests, and can specify PUT or DELETE.

        _method = request.params.get('_method')

        if _method is None:

            pass # no override, no problem

        elif request.method == 'POST' and _method.upper() in ['PUT', 'DELETE']:

            pass # permitted override

        else:

            raise HTTPMethodNotAllowed()

        # Make sure CSRF token never appears in the URL. If so, invalidate it.

        if secure_form.token_key in request.GET:

            log.error('CSRF key leak detected')

            session.pop(secure_form.token_key, None)

            session.save()

            from kallithea.lib import helpers as h

            h.flash(_("CSRF token leak has been detected - all form tokens have been expired"),

                    category='error')

        # CSRF protection: Whenever a request has ambient authority (whether

        # through a session cookie or its origin IP address), it must include

        # the correct token, unless the HTTP method is GET or HEAD (and thus

        # guaranteed to be side effect free. In practice, the only situation

        # where we allow side effects without ambient authority is when the

        # authority comes from an API key; and that is handled above.

        if request.method not in ['GET', 'HEAD']:

            token = request.POST.get(secure_form.token_key)

            if not token or token != secure_form.authentication_token():

                log.error('CSRF check failed')

                return abort(403)

        # WebOb already ignores request payload parameters for anything other

        # than POST/PUT, but double-check since other Kallithea code relies on

        # this assumption.