# -*- coding: utf-8 -*-

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

kallithea.controllers.api.api

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

API controller for Kallithea

This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: Aug 20, 2011

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

import time

import traceback

import logging

from datetime import datetime

from sqlalchemy import or_

from tg import request

from kallithea.controllers.api import JSONRPCController, JSONRPCError

from kallithea.lib.auth import (

    PasswordGenerator, AuthUser, HasPermissionAnyDecorator,

    HasPermissionAnyDecorator, HasPermissionAny, HasRepoPermissionLevel,

    HasRepoGroupPermissionLevel, HasUserGroupPermissionLevel)

from kallithea.lib.utils import map_groups, repo2db_mapper

from kallithea.lib.utils2 import (

    str2bool, time_to_datetime, safe_int, Optional, OAttr)

from kallithea.model.meta import Session

from kallithea.model.repo_group import RepoGroupModel

from kallithea.model.scm import ScmModel, UserGroupList

from kallithea.model.repo import RepoModel

from kallithea.model.user import UserModel

from kallithea.model.user_group import UserGroupModel

from kallithea.model.gist import GistModel

from kallithea.model.changeset_status import ChangesetStatusModel

from kallithea.model.comment import ChangesetCommentsModel

from kallithea.model.pull_request import PullRequestModel

from kallithea.model.db import (

    Repository, Setting, UserIpMap, Permission, User, Gist,

    RepoGroup, UserGroup, PullRequest, ChangesetStatus)

from kallithea.lib.compat import json

from kallithea.lib.exceptions import (

    DefaultUserException, UserGroupsAssignedException)

from kallithea.lib.vcs.exceptions import ChangesetDoesNotExistError, EmptyRepositoryError

from kallithea.lib.vcs.backends.base import EmptyChangeset

from kallithea.lib.utils import action_logger

log = logging.getLogger(__name__)

def store_update(updates, attr, name):

    """

    Stores param in updates dict if it's not instance of Optional

    allows easy updates of passed in params

    """

    if not isinstance(attr, Optional):

        updates[name] = attr

def get_user_or_error(userid):

    """

    Get user by id or name or return JsonRPCError if not found

    :param userid:

    """

    user = UserModel().get_user(userid)

    if user is None:

        raise JSONRPCError("user `%s` does not exist" % (userid,))

    return user

def get_repo_or_error(repoid):

    """

    Get repo by id or name or return JsonRPCError if not found

    :param repoid:

    """

    repo = RepoModel().get_repo(repoid)

    if repo is None:

        raise JSONRPCError('repository `%s` does not exist' % (repoid,))

    return repo

def get_repo_group_or_error(repogroupid):

    """

    Get repo group by id or name or return JsonRPCError if not found

    :param repogroupid:

    """

    repo_group = RepoGroup.guess_instance(repogroupid)

    if repo_group is None:

        raise JSONRPCError(

            'repository group `%s` does not exist' % (repogroupid,))

    return repo_group

def get_user_group_or_error(usergroupid):

    """

    Get user group by id or name or return JsonRPCError if not found

    :param usergroupid:

    """

    user_group = UserGroupModel().get_group(usergroupid)

    if user_group is None:

        raise JSONRPCError('user group `%s` does not exist' % (usergroupid,))

    return user_group

def get_perm_or_error(permid, prefix=None):

    """

    Get permission by id or name or return JsonRPCError if not found

    :param permid:

    """

    perm = Permission.get_by_key(permid)

    if perm is None:

        raise JSONRPCError('permission `%s` does not exist' % (permid,))

    if prefix:

        if not perm.permission_name.startswith(prefix):

            raise JSONRPCError('permission `%s` is invalid, '

                               'should start with %s' % (permid, prefix))

    return perm

def get_gist_or_error(gistid):

    """

    Get gist by id or gist_access_id or return JsonRPCError if not found

    :param gistid:

    """

    gist = GistModel().get_gist(gistid)

    if gist is None:

        raise JSONRPCError('gist `%s` does not exist' % (gistid,))

    return gist

class ApiController(JSONRPCController):

    """

    API Controller

    The authenticated user can be found as request.authuser.

    Example function::

        def func(arg1, arg2,...):

            pass

    Each function should also **raise** JSONRPCError for any

    errors that happens.

    """

    @HasPermissionAnyDecorator('hg.admin')

    def test(self, args):

        return args

    @HasPermissionAnyDecorator('hg.admin')

        """

        Triggers a pull from remote location on given repo. Can be used to

        automatically keep remote repos up to date. This command can be executed

        only using api_key belonging to user with admin rights

        :param repoid: repository name or repository id

        :type repoid: str or int

        OUTPUT::

          id : <id_given_in_input>

          result : {

            "msg": "Pulled from `<repository name>`"

            "repository": "<repository name>"

          }

          error :  null

        ERROR OUTPUT::

          id : <id_given_in_input>

          result : null

          error :  {

            "Unable to pull changes from `<reponame>`"

          }

        """

        repo = get_repo_or_error(repoid)

        try:

            ScmModel().pull_changes(repo.repo_name,

            return dict(

                msg='Pulled from `%s`' % repo.repo_name,

                repository=repo.repo_name

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError(

                'Unable to pull changes from `%s`' % repo.repo_name

            )

    @HasPermissionAnyDecorator('hg.admin')

    def rescan_repos(self, remove_obsolete=Optional(False)):

        """

        Triggers rescan repositories action. If remove_obsolete is set

        than also delete repos that are in database but not in the filesystem.

        aka "clean zombies". This command can be executed only using api_key

        belonging to user with admin rights.

        :param remove_obsolete: deletes repositories from

            database that are not found on the filesystem

        :type remove_obsolete: Optional(bool)

        OUTPUT::

          id : <id_given_in_input>

          result : {

            'added': [<added repository name>,...]

            'removed': [<removed repository name>,...]

          }

          error :  null

        ERROR OUTPUT::

          id : <id_given_in_input>

          result : null

          error :  {

            'Error occurred during rescan repositories action'

          }

        """

        try:

            rm_obsolete = Optional.extract(remove_obsolete)

            added, removed = repo2db_mapper(ScmModel().repo_scan(),

                                            remove_obsolete=rm_obsolete)

            return {'added': added, 'removed': removed}

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError(

                'Error occurred during rescan repositories action'

            )

    def invalidate_cache(self, repoid):

        """

        Invalidate cache for repository.

        This command can be executed only using api_key belonging to user with admin

        rights or regular user that have write or admin or write access to repository.

        :param repoid: repository name or repository id

        :type repoid: str or int

        OUTPUT::

          id : <id_given_in_input>

          result : {

            'msg': Cache for repository `<repository name>` was invalidated,

            'repository': <repository name>

          }

          error :  null

        ERROR OUTPUT::

          id : <id_given_in_input>

          result : null

          error :  {

            'Error occurred during cache invalidation action'

          }

        """

        repo = get_repo_or_error(repoid)

        if not HasPermissionAny('hg.admin')():

            if not HasRepoPermissionLevel('write')(repo.repo_name):

                raise JSONRPCError('repository `%s` does not exist' % (repoid,))

        try:

            ScmModel().mark_for_invalidation(repo.repo_name)

            return dict(

                msg='Cache for repository `%s` was invalidated' % (repoid,),

                repository=repo.repo_name

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError(

                'Error occurred during cache invalidation action'

            )

    # permission check inside

    def lock(self, repoid, locked=Optional(None),

             userid=Optional(OAttr('apiuser'))):

        """

        Set locking state on given repository by given user. If userid param

        is skipped, then it is set to id of user who is calling this method.

        If locked param is skipped then function shows current lock state of

        given repo. This command can be executed only using api_key belonging

        to user with admin rights or regular user that have admin or write

        access to repository.

        :param repoid: repository name or repository id

        :type repoid: str or int

        :param locked: lock state to be set

        :type locked: Optional(bool)

        :param userid: set lock as user

        :type userid: Optional(str or int)

        OUTPUT::

          id : <id_given_in_input>

          result : {

            'repo': '<reponame>',

            'locked': <bool: lock state>,

            'locked_since': <int: lock timestamp>,

            'locked_by': <username of person who made the lock>,

            'lock_state_changed': <bool: True if lock state has been changed in this request>,

            'msg': 'Repo `<reponame>` locked by `<username>` on <timestamp>.'

            or

            'msg': 'Repo `<repository name>` not locked.'

            or

            'msg': 'User `<user name>` set lock state for repo `<repository name>` to `<new lock state>`'

          }

          error :  null

        ERROR OUTPUT::

          id : <id_given_in_input>

          result : null

          error :  {

            'Error occurred locking repository `<reponame>`

          }

        """

        repo = get_repo_or_error(repoid)

        if HasPermissionAny('hg.admin')():

            pass

        elif HasRepoPermissionLevel('write')(repo.repo_name):

            # make sure normal user does not pass someone else userid,

            # he is not allowed to do that

            if not isinstance(userid, Optional) and userid != request.authuser.user_id:

                raise JSONRPCError(

                    'userid is not the same as your user'

                )

        else:

            raise JSONRPCError('repository `%s` does not exist' % (repoid,))

        if isinstance(userid, Optional):

            userid = request.authuser.user_id

        user = get_user_or_error(userid)

        if isinstance(locked, Optional):

            lockobj = Repository.getlock(repo)

            if lockobj[0] is None:

                _d = {

                    'repo': repo.repo_name,

                    'locked': False,

                    'locked_since': None,

                    'locked_by': None,

                    'lock_state_changed': False,

                    'msg': 'Repo `%s` not locked.' % repo.repo_name

                }

                return _d

            else:

                userid, time_ = lockobj

                lock_user = get_user_or_error(userid)

                _d = {

                    'repo': repo.repo_name,

                    'locked': True,

                    'locked_since': time_,

                    'locked_by': lock_user.username,

                    'lock_state_changed': False,

                    'msg': ('Repo `%s` locked by `%s` on `%s`.'

                            % (repo.repo_name, lock_user.username,

                               json.dumps(time_to_datetime(time_))))

                }

                return _d

        # force locked state through a flag

        else:

            locked = str2bool(locked)

            try:

                if locked:

                    lock_time = time.time()

                    if path[0] == 'git' and path[0] in BACKENDS.keys():

                        repos[name] = klass(path[1])

            except OSError:

                continue

        log.debug('found %s paths with repositories', len(repos))

        return repos

    def get_repos(self, repos):

        """Return the repos the user has access to"""

        return RepoList(repos, perm_level='read')

    def get_repo_groups(self, groups=None):

        """Return the repo groups the user has access to

        If no groups are specified, use top level groups.

        """

        if groups is None:

            groups = RepoGroup.query() \

                .filter(RepoGroup.parent_group_id == None).all()

        return RepoGroupList(groups, perm_level='read')

    def mark_for_invalidation(self, repo_name):

        """

        Mark caches of this repo invalid in the database.

        :param repo_name: the repo for which caches should be marked invalid

        """

        CacheInvalidation.set_invalidate(repo_name)

        repo = Repository.get_by_repo_name(repo_name)

        if repo is not None:

            repo.update_changeset_cache()

    def toggle_following_repo(self, follow_repo_id, user_id):

        f = UserFollowing.query() \

            .filter(UserFollowing.follows_repository_id == follow_repo_id) \

            .filter(UserFollowing.user_id == user_id).scalar()

        if f is not None:

            try:

                Session().delete(f)

                action_logger(UserTemp(user_id),

                              'stopped_following_repo',

                              RepoTemp(follow_repo_id))

                return

            except Exception:

                log.error(traceback.format_exc())

                raise

        try:

            f = UserFollowing()

            f.user_id = user_id

            f.follows_repository_id = follow_repo_id

            Session().add(f)

            action_logger(UserTemp(user_id),

                          'started_following_repo',

                          RepoTemp(follow_repo_id))

        except Exception:

            log.error(traceback.format_exc())

            raise

    def toggle_following_user(self, follow_user_id, user_id):

        f = UserFollowing.query() \

            .filter(UserFollowing.follows_user_id == follow_user_id) \

            .filter(UserFollowing.user_id == user_id).scalar()

        if f is not None:

            try:

                Session().delete(f)

                return

            except Exception:

                log.error(traceback.format_exc())

                raise

        try:

            f = UserFollowing()

            f.user_id = user_id

            f.follows_user_id = follow_user_id

            Session().add(f)

        except Exception:

            log.error(traceback.format_exc())

            raise

    def is_following_repo(self, repo_name, user_id, cache=False):

        r = Repository.query() \

            .filter(Repository.repo_name == repo_name).scalar()

        f = UserFollowing.query() \

            .filter(UserFollowing.follows_repository == r) \

            .filter(UserFollowing.user_id == user_id).scalar()

        return f is not None

    def is_following_user(self, username, user_id, cache=False):

        u = User.get_by_username(username)

        f = UserFollowing.query() \

            .filter(UserFollowing.follows_user == u) \

            .filter(UserFollowing.user_id == user_id).scalar()

        return f is not None

    def get_followers(self, repo):

        repo = Repository.guess_instance(repo)

        return UserFollowing.query() \

                .filter(UserFollowing.follows_repository == repo).count()

    def get_forks(self, repo):

        repo = Repository.guess_instance(repo)

        return Repository.query() \

                .filter(Repository.fork == repo).count()

    def get_pull_requests(self, repo):

        repo = Repository.guess_instance(repo)

        return PullRequest.query() \

                .filter(PullRequest.other_repo == repo) \

                .filter(PullRequest.status != PullRequest.STATUS_CLOSED).count()

    def mark_as_fork(self, repo, fork, user):

        repo = self.__get_repo(repo)

        fork = self.__get_repo(fork)

        if fork and repo.repo_id == fork.repo_id:

            raise Exception("Cannot set repository as fork of itself")

        if fork and repo.repo_type != fork.repo_type:

            raise RepositoryError("Cannot set repository as fork of repository with other type")

        repo.fork = fork

        return repo

    def _handle_rc_scm_extras(self, username, repo_name, repo_alias,

                              action=None):

        from kallithea import CONFIG

        from kallithea.lib.base import _get_ip_addr

        try:

            from tg import request

            environ = request.environ

        except TypeError:

            # we might use this outside of request context, let's fake the

            # environ data

            from webob import Request

            environ = Request.blank('').environ

        extras = {

            'ip': _get_ip_addr(environ),

            'username': username,

            'action': action or 'push_local',

            'repository': repo_name,

            'scm': repo_alias,

            'config': CONFIG['__file__'],

            'server_url': get_server_url(environ),

            'make_lock': None,

            'locked_by': [None, None]

        }

        _set_extras(extras)

    def _handle_push(self, repo, username, action, repo_name, revisions):

        """

        Triggers push action hooks

        :param repo: SCM repo

        :param username: username who pushes

        :param action: push/push_local/push_remote

        :param repo_name: name of repo

        :param revisions: list of revisions that we pushed

        """

        self._handle_rc_scm_extras(username, repo_name, repo_alias=repo.alias)

        _scm_repo = repo._repo

        # trigger push hook

        if repo.alias == 'hg':

            log_push_action(_scm_repo.ui, _scm_repo, node=revisions[0])

        elif repo.alias == 'git':

            log_push_action(None, _scm_repo, _git_revs=revisions)

    def _get_IMC_module(self, scm_type):

        """

        Returns InMemoryCommit class based on scm_type

        :param scm_type:

        """

        if scm_type == 'hg':

            from kallithea.lib.vcs.backends.hg import MercurialInMemoryChangeset

            return MercurialInMemoryChangeset

        if scm_type == 'git':

            from kallithea.lib.vcs.backends.git import GitInMemoryChangeset

            return GitInMemoryChangeset

        raise Exception('Invalid scm_type, must be one of hg,git got %s'

                        % (scm_type,))

        """

        Pull from "clone URL" or fork origin.

        """

        dbrepo = self.__get_repo(repo)

        clone_uri = dbrepo.clone_uri or dbrepo.fork and dbrepo.fork.repo_full_path

        if not clone_uri:

            raise Exception("This repository doesn't have a clone uri")

        repo = dbrepo.scm_instance

        repo_name = dbrepo.repo_name

        try:

            if repo.alias == 'git':

                repo.fetch(clone_uri)

                # git doesn't really have something like post-fetch action

                # we fake that now. #TODO: extract fetched revisions somehow

                # here

                self._handle_push(repo,

                                  username=username,

                                  action='push_remote',

                                  repo_name=repo_name,

                                  revisions=[])

            else:

                self._handle_rc_scm_extras(username, dbrepo.repo_name,

                                           repo.alias, action='push_remote')

                repo.pull(clone_uri)

            self.mark_for_invalidation(repo_name)

        except Exception:

            log.error(traceback.format_exc())

            raise

    def commit_change(self, repo, repo_name, cs, user, author, message,

                      content, f_path):

        """

        Commit a change to a single file

        :param repo: a db_repo.scm_instance

        """

        user = User.guess_instance(user)

        IMC = self._get_IMC_module(repo.alias)

        # decoding here will force that we have proper encoded values

        # in any other case this will throw exceptions and deny commit

        content = safe_str(content)

        path = safe_str(f_path)

        # message and author needs to be unicode

        # proper backend should then translate that into required type

        message = safe_unicode(message)

        author = safe_unicode(author)

        imc = IMC(repo)

        imc.change(FileNode(path, content, mode=cs.get_file_mode(f_path)))

        try:

            tip = imc.commit(message=message, author=author,

                             parents=[cs], branch=cs.branch)

        except Exception as e:

            log.error(traceback.format_exc())

            raise IMCCommitError(str(e))

        finally:

            # always clear caches, if commit fails we want fresh object also

            self.mark_for_invalidation(repo_name)

        self._handle_push(repo,

                          username=user.username,

                          action='push_local',

                          repo_name=repo_name,

                          revisions=[tip.raw_id])

        return tip

    def _sanitize_path(self, f_path):

        if f_path.startswith('/') or f_path.startswith('.') or '../' in f_path:

            raise NonRelativePathError('%s is not an relative path' % f_path)

        if f_path:

            f_path = posixpath.normpath(f_path)

        return f_path

    def get_nodes(self, repo_name, revision, root_path='/', flat=True):

        """

        Recursively walk root dir and return a set of all paths found.

        :param repo_name: name of repository

        :param revision: revision for which to list nodes

        :param root_path: root path to list

        :param flat: return as a list, if False returns a dict with description

        """

        _files = list()

        _dirs = list()

        try:

            _repo = self.__get_repo(repo_name)

            changeset = _repo.scm_instance.get_changeset(revision)

            root_path = root_path.lstrip('/')

            for topnode, dirs, files in changeset.walk(root_path):

                for f in files:

                    _files.append(f.path if flat else {"name": f.path,

                                                       "type": "file"})

                for d in dirs:

                    _dirs.append(d.path if flat else {"name": d.path,

                                                      "type": "dir"})

        except RepositoryError:

            log.debug(traceback.format_exc())

            raise

        return _dirs, _files

    def create_nodes(self, user, repo, message, nodes, parent_cs=None,

                     author=None, trigger_push_hook=True):

        """

        Commits specified nodes to repo.

        :param user: Kallithea User object or user_id, the committer

        :param repo: Kallithea Repository object

        :param message: commit message

        :param nodes: mapping {filename:{'content':content},...}

        :param parent_cs: parent changeset, can be empty than it's initial commit

        :param author: author of commit, cna be different that committer only for git

        :param trigger_push_hook: trigger push hooks

        :returns: new committed changeset

        """

        user = User.guess_instance(user)

        scm_instance = repo.scm_instance_no_cache()

        processed_nodes = []

        for f_path in nodes:

            content = nodes[f_path]['content']

            f_path = self._sanitize_path(f_path)

            f_path = safe_str(f_path)

            # decoding here will force that we have proper encoded values

            # in any other case this will throw exceptions and deny commit

            if isinstance(content, (basestring,)):

                content = safe_str(content)

            elif isinstance(content, (file, cStringIO.OutputType,)):

                content = content.read()

            else:

                raise Exception('Content is of unrecognized type %s' % (

                    type(content)

                ))

            processed_nodes.append((f_path, content))

        message = safe_unicode(message)

        committer = user.full_contact

        author = safe_unicode(author) if author else committer

        IMC = self._get_IMC_module(scm_instance.alias)

        imc = IMC(scm_instance)

        if not parent_cs:

            parent_cs = EmptyChangeset(alias=scm_instance.alias)

        if isinstance(parent_cs, EmptyChangeset):

            # EmptyChangeset means we we're editing empty repository

            parents = None

        else:

            parents = [parent_cs]

        # add multiple nodes

        for path, content in processed_nodes:

            imc.add(FileNode(path, content=content))

        tip = imc.commit(message=message,

                         author=author,

                         parents=parents,

                         branch=parent_cs.branch)

        self.mark_for_invalidation(repo.repo_name)

        if trigger_push_hook:

            self._handle_push(scm_instance,

                              username=user.username,

                              action='push_local',

                              repo_name=repo.repo_name,

                              revisions=[tip.raw_id])

        return tip

    def update_nodes(self, user, repo, message, nodes, parent_cs=None,

                     author=None, trigger_push_hook=True):

        """

        Commits specified nodes to repo. Again.

        """

        user = User.guess_instance(user)

        scm_instance = repo.scm_instance_no_cache()

        message = safe_unicode(message)

        committer = user.full_contact

        author = safe_unicode(author) if author else committer

        imc_class = self._get_IMC_module(scm_instance.alias)

        imc = imc_class(scm_instance)

        if not parent_cs:

            parent_cs = EmptyChangeset(alias=scm_instance.alias)

        if isinstance(parent_cs, EmptyChangeset):

            # EmptyChangeset means we we're editing empty repository

            parents = None

        else:

            parents = [parent_cs]