# -*- coding: utf-8 -*-

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

kallithea.lib.auth

~~~~~~~~~~~~~~~~~~

authentication and permission libraries

This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: Apr 4, 2010

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

from __future__ import with_statement

import time

import os

import logging

import traceback

import hashlib

import itertools

import collections

from decorator import decorator

from pylons import url, request

from pylons.controllers.util import abort, redirect

from pylons.i18n.translation import _

from webhelpers.pylonslib import secure_form

from sqlalchemy import or_

from sqlalchemy.orm.exc import ObjectDeletedError

from sqlalchemy.orm import joinedload

from kallithea import __platform__, is_windows, is_unix

from kallithea.lib.vcs.utils.lazy import LazyProperty

from kallithea.model import meta

from kallithea.model.meta import Session

from kallithea.model.user import UserModel

from kallithea.model.db import User, Repository, Permission, \

    UserToPerm, UserGroupRepoToPerm, UserGroupToPerm, UserGroupMember, \

    RepoGroup, UserGroupRepoGroupToPerm, UserIpMap, UserGroupUserGroupToPerm, \

    UserGroup, UserApiKeys

from kallithea.lib.utils2 import safe_unicode, aslist

from kallithea.lib.utils import get_repo_slug, get_repo_group_slug, \

    get_user_group_slug, conditional_cache

from kallithea.lib.caching_query import FromCache

log = logging.getLogger(__name__)

class PasswordGenerator(object):

    """

    This is a simple class for generating password from different sets of

    characters

    usage::

        passwd_gen = PasswordGenerator()

        #print 8-letter password containing only big and small letters

            of alphabet

        passwd_gen.gen_password(8, passwd_gen.ALPHABETS_BIG_SMALL)

    """

    ALPHABETS_NUM = r'''1234567890'''

    ALPHABETS_SMALL = r'''qwertyuiopasdfghjklzxcvbnm'''

    ALPHABETS_BIG = r'''QWERTYUIOPASDFGHJKLZXCVBNM'''

    ALPHABETS_SPECIAL = r'''`-=[]\;',./~!@#$%^&*()_+{}|:"<>?'''

    ALPHABETS_FULL = ALPHABETS_BIG + ALPHABETS_SMALL \

        + ALPHABETS_NUM + ALPHABETS_SPECIAL

    ALPHABETS_ALPHANUM = ALPHABETS_BIG + ALPHABETS_SMALL + ALPHABETS_NUM

    ALPHABETS_BIG_SMALL = ALPHABETS_BIG + ALPHABETS_SMALL

    ALPHABETS_ALPHANUM_BIG = ALPHABETS_BIG + ALPHABETS_NUM

    ALPHABETS_ALPHANUM_SMALL = ALPHABETS_SMALL + ALPHABETS_NUM

    def gen_password(self, length, alphabet=ALPHABETS_FULL):

        assert len(alphabet) <= 256, alphabet

        l = []

        while len(l) < length:

            i = ord(os.urandom(1))

            if i < len(alphabet):

                l.append(alphabet[i])

        return ''.join(l)

class KallitheaCrypto(object):

    @classmethod

    def hash_string(cls, str_):

        """

        Cryptographic function used for password hashing based on pybcrypt

        or pycrypto in windows

        :param password: password to hash

        """

        if is_windows:

            from hashlib import sha256

            return sha256(str_).hexdigest()

        elif is_unix:

            import bcrypt

            return bcrypt.hashpw(str_, bcrypt.gensalt(10))

        else:

            raise Exception('Unknown or unsupported platform %s' \

                            % __platform__)

    @classmethod

    def hash_check(cls, password, hashed):

        """

        Checks matching password with it's hashed value, runs different

        implementation based on platform it runs on

        :param password: password

        :param hashed: password in hashed form

        """

        if is_windows:

            from hashlib import sha256

            return sha256(password).hexdigest() == hashed

        elif is_unix:

            import bcrypt

            return bcrypt.hashpw(password, hashed) == hashed

        else:

            raise Exception('Unknown or unsupported platform %s' \

                            % __platform__)

def get_crypt_password(password):

    return KallitheaCrypto.hash_string(password)

def check_password(password, hashed):

    return KallitheaCrypto.hash_check(password, hashed)

def _cached_perms_data(user_id, user_is_admin, user_inherit_default_permissions,

                       explicit, algo):

    RK = 'repositories'

    GK = 'repositories_groups'

    UK = 'user_groups'

    GLOBAL = 'global'

    PERM_WEIGHTS = Permission.PERM_WEIGHTS

    permissions = {RK: {}, GK: {}, UK: {}, GLOBAL: set()}

    def _choose_perm(new_perm, cur_perm):

        new_perm_val = PERM_WEIGHTS[new_perm]

        cur_perm_val = PERM_WEIGHTS[cur_perm]

        if algo == 'higherwin':

            if new_perm_val > cur_perm_val:

                return new_perm

            return cur_perm

        elif algo == 'lowerwin':

            if new_perm_val < cur_perm_val:

                return new_perm

            return cur_perm

    #======================================================================

    # fetch default permissions

    #======================================================================

    default_user = User.get_by_username('default', cache=True)

    default_user_id = default_user.user_id

    default_repo_perms = Permission.get_default_perms(default_user_id)

    default_repo_groups_perms = Permission.get_default_group_perms(default_user_id)

    default_user_group_perms = Permission.get_default_user_group_perms(default_user_id)

    if user_is_admin:

        #==================================================================

        # admin users have all rights;

        # based on default permissions, just set everything to admin

        #==================================================================

        permissions[GLOBAL].add('hg.admin')

        permissions[GLOBAL].add('hg.create.write_on_repogroup.true')

        # repositories

        for perm in default_repo_perms:

            r_k = perm.UserRepoToPerm.repository.repo_name

            p = 'repository.admin'

            permissions[RK][r_k] = p

        # repository groups

        for perm in default_repo_groups_perms:

            rg_k = perm.UserRepoGroupToPerm.group.group_name

            p = 'group.admin'

            permissions[GK][rg_k] = p

        # user groups

        for perm in default_user_group_perms:

            u_k = perm.UserUserGroupToPerm.user_group.users_group_name

            p = 'usergroup.admin'

            permissions[UK][u_k] = p

        return permissions

    #==================================================================

    # SET DEFAULTS GLOBAL, REPOS, REPOSITORY GROUPS

    #==================================================================

    # default global permissions taken from the default user

    default_global_perms = UserToPerm.query()\

        .filter(UserToPerm.user_id == default_user_id)\

        .options(joinedload(UserToPerm.permission))

    for perm in default_global_perms:

        permissions[GLOBAL].add(perm.permission.permission_name)

    # defaults for repositories, taken from default user

    for perm in default_repo_perms:

        r_k = perm.UserRepoToPerm.repository.repo_name

        if perm.Repository.private and not (perm.Repository.user_id == user_id):

            # disable defaults for private repos,

            p = 'repository.none'

        elif perm.Repository.user_id == user_id:

            # set admin if owner

            p = 'repository.admin'

        else:

            p = perm.Permission.permission_name

        permissions[RK][r_k] = p

    # defaults for repository groups taken from default user permission

    # on given group

    for perm in default_repo_groups_perms:

        rg_k = perm.UserRepoGroupToPerm.group.group_name

        p = perm.Permission.permission_name

        permissions[GK][rg_k] = p

    # defaults for user groups taken from default user permission

    # on given user group

    for perm in default_user_group_perms:

        u_k = perm.UserUserGroupToPerm.user_group.users_group_name

        p = perm.Permission.permission_name

        permissions[UK][u_k] = p

    #======================================================================

    # !! OVERRIDE GLOBALS !! with user permissions if any found

    #======================================================================

    # those can be configured from groups or users explicitly

    _configurable = set([

        'hg.fork.none', 'hg.fork.repository',

        'hg.create.none', 'hg.create.repository',

        'hg.usergroup.create.false', 'hg.usergroup.create.true'

    ])

    # USER GROUPS comes first

    # user group global permissions

    user_perms_from_users_groups = Session().query(UserGroupToPerm)\

        .options(joinedload(UserGroupToPerm.permission))\

        .join((UserGroupMember, UserGroupToPerm.users_group_id ==

               UserGroupMember.users_group_id))\

        .filter(UserGroupMember.user_id == user_id)\

        .join((UserGroup, UserGroupMember.users_group_id ==

               UserGroup.users_group_id))\

        .filter(UserGroup.users_group_active == True)\

        .order_by(UserGroupToPerm.users_group_id)\

        .all()

    # need to group here by groups since user can be in more than

    # one group

    _grouped = [[x, list(y)] for x, y in

                itertools.groupby(user_perms_from_users_groups,

                                  lambda x:x.users_group)]

    for gr, perms in _grouped:

        # since user can be in multiple groups iterate over them and

        # select the lowest permissions first (more explicit)

        ##TODO: do this^^

        if not gr.inherit_default_permissions:

            # NEED TO IGNORE all configurable permissions and

            # replace them with explicitly set

            permissions[GLOBAL] = permissions[GLOBAL]\

                                            .difference(_configurable)

        for perm in perms:

            permissions[GLOBAL].add(perm.permission.permission_name)

    # user specific global permissions

    user_perms = Session().query(UserToPerm)\

            .options(joinedload(UserToPerm.permission))\

            .filter(UserToPerm.user_id == user_id).all()

    if not user_inherit_default_permissions:

        # NEED TO IGNORE all configurable permissions and

        # replace them with explicitly set

        permissions[GLOBAL] = permissions[GLOBAL]\

                                        .difference(_configurable)

        for perm in user_perms:

            permissions[GLOBAL].add(perm.permission.permission_name)

    ## END GLOBAL PERMISSIONS

    #======================================================================

    # !! PERMISSIONS FOR REPOSITORIES !!

    #======================================================================

    #======================================================================

    # check if user is part of user groups for this repository and

    # fill in his permission from it. _choose_perm decides of which

    # permission should be selected based on selected method

    #======================================================================

    # user group for repositories permissions

    user_repo_perms_from_users_groups = \

     Session().query(UserGroupRepoToPerm, Permission, Repository,)\

        .join((Repository, UserGroupRepoToPerm.repository_id ==

               Repository.repo_id))\

        .join((Permission, UserGroupRepoToPerm.permission_id ==

               Permission.permission_id))\

        .join((UserGroup, UserGroupRepoToPerm.users_group_id ==

               UserGroup.users_group_id))\

        .filter(UserGroup.users_group_active == True)\

        .join((UserGroupMember, UserGroupRepoToPerm.users_group_id ==

               UserGroupMember.users_group_id))\

        .filter(UserGroupMember.user_id == user_id)\

        .all()

    multiple_counter = collections.defaultdict(int)

    for perm in user_repo_perms_from_users_groups:

        r_k = perm.UserGroupRepoToPerm.repository.repo_name

        multiple_counter[r_k] += 1

        p = perm.Permission.permission_name

        cur_perm = permissions[RK][r_k]

        if perm.Repository.user_id == user_id:

            # set admin if owner

            p = 'repository.admin'

        else:

            if multiple_counter[r_k] > 1:

                p = _choose_perm(p, cur_perm)

        permissions[RK][r_k] = p

    # user explicit permissions for repositories, overrides any specified

    # by the group permission

    user_repo_perms = Permission.get_default_perms(user_id)

    for perm in user_repo_perms:

        r_k = perm.UserRepoToPerm.repository.repo_name

        cur_perm = permissions[RK][r_k]

        # set admin if owner

        if perm.Repository.user_id == user_id:

            p = 'repository.admin'

        else:

            p = perm.Permission.permission_name

            if not explicit:

                p = _choose_perm(p, cur_perm)

        permissions[RK][r_k] = p

    #======================================================================

    # !! PERMISSIONS FOR REPOSITORY GROUPS !!

    #======================================================================

    #======================================================================

    # check if user is part of user groups for this repository groups and

    # fill in his permission from it. _choose_perm decides of which

    # permission should be selected based on selected method

    #======================================================================

    # user group for repo groups permissions

    user_repo_group_perms_from_users_groups = \

     Session().query(UserGroupRepoGroupToPerm, Permission, RepoGroup)\

     .join((RepoGroup, UserGroupRepoGroupToPerm.group_id == RepoGroup.group_id))\

     .join((Permission, UserGroupRepoGroupToPerm.permission_id

            == Permission.permission_id))\

     .join((UserGroup, UserGroupRepoGroupToPerm.users_group_id ==

            UserGroup.users_group_id))\

     .filter(UserGroup.users_group_active == True)\

     .join((UserGroupMember, UserGroupRepoGroupToPerm.users_group_id

            == UserGroupMember.users_group_id))\

     .filter(UserGroupMember.user_id == user_id)\

     .all()

    multiple_counter = collections.defaultdict(int)

    for perm in user_repo_group_perms_from_users_groups:

        g_k = perm.UserGroupRepoGroupToPerm.group.group_name

        multiple_counter[g_k] += 1

        p = perm.Permission.permission_name

        cur_perm = permissions[GK][g_k]

        if multiple_counter[g_k] > 1:

            p = _choose_perm(p, cur_perm)

        permissions[GK][g_k] = p

    # user explicit permissions for repository groups

    user_repo_groups_perms = Permission.get_default_group_perms(user_id)

    for perm in user_repo_groups_perms:

        rg_k = perm.UserRepoGroupToPerm.group.group_name

        p = perm.Permission.permission_name

        cur_perm = permissions[GK][rg_k]

        if not explicit:

            p = _choose_perm(p, cur_perm)

        permissions[GK][rg_k] = p

    #======================================================================

    # !! PERMISSIONS FOR USER GROUPS !!

    #======================================================================

    # user group for user group permissions

    user_group_user_groups_perms = \

     Session().query(UserGroupUserGroupToPerm, Permission, UserGroup)\

     .join((UserGroup, UserGroupUserGroupToPerm.target_user_group_id

            == UserGroup.users_group_id))\

     .join((Permission, UserGroupUserGroupToPerm.permission_id

            == Permission.permission_id))\

     .join((UserGroupMember, UserGroupUserGroupToPerm.user_group_id

            == UserGroupMember.users_group_id))\

     .filter(UserGroupMember.user_id == user_id)\

     .join((UserGroup, UserGroupMember.users_group_id ==

            UserGroup.users_group_id), aliased=True, from_joinpoint=True)\

     .filter(UserGroup.users_group_active == True)\

     .all()

    multiple_counter = collections.defaultdict(int)

    for perm in user_group_user_groups_perms:

        g_k = perm.UserGroupUserGroupToPerm.target_user_group.users_group_name

        multiple_counter[g_k] += 1

        p = perm.Permission.permission_name

        cur_perm = permissions[UK][g_k]

        if multiple_counter[g_k] > 1:

# -*- coding: utf-8 -*-

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

Helper functions

Consists of functions to typically be used within templates, but also

available to Controllers. This module is available to both as 'h'.

"""

import hashlib

import StringIO

import math

import logging

import re

import urlparse

import textwrap

from pygments.formatters.html import HtmlFormatter

from pygments import highlight as code_highlight

from pylons import url

from pylons.i18n.translation import _, ungettext

from webhelpers.html import literal, HTML, escape

from webhelpers.html.tools import *

from webhelpers.html.builder import make_tag

from webhelpers.html.tags import auto_discovery_link, checkbox, css_classes, \

    end_form, file, hidden, image, javascript_link, link_to, \

    link_to_if, link_to_unless, ol, required_legend, select, stylesheet_link, \

    submit, text, password, textarea, title, ul, xml_declaration, radio

from webhelpers.html.tools import auto_link, button_to, highlight, \

    js_obfuscate, mail_to, strip_links, strip_tags, tag_re

from webhelpers.number import format_byte_size, format_bit_size

from webhelpers.pylonslib import Flash as _Flash

from webhelpers.pylonslib.secure_form import secure_form as form, authentication_token

from webhelpers.text import chop_at, collapse, convert_accented_entities, \

    convert_misc_entities, lchop, plural, rchop, remove_formatting, \

    replace_whitespace, urlify, truncate, wrap_paragraphs

from webhelpers.date import time_ago_in_words

from webhelpers.paginate import Page as _Page

from webhelpers.html.tags import _set_input_attrs, _set_id_attr, \

    convert_boolean_attrs, NotGiven, _make_safe_id_component

from kallithea.lib.annotate import annotate_highlight

from kallithea.lib.utils import repo_name_slug, get_custom_lexer

from kallithea.lib.utils2 import str2bool, safe_unicode, safe_str, \

    get_changeset_safe, datetime_to_time, time_to_datetime, AttributeDict,\

    safe_int

from kallithea.lib.markup_renderer import MarkupRenderer, url_re

from kallithea.lib.vcs.exceptions import ChangesetDoesNotExistError

from kallithea.lib.vcs.backends.base import BaseChangeset, EmptyChangeset

from kallithea.config.conf import DATE_FORMAT, DATETIME_FORMAT

from kallithea.model.changeset_status import ChangesetStatusModel

from kallithea.model.db import URL_SEP, Permission

log = logging.getLogger(__name__)

def canonical_url(*args, **kargs):

    '''Like url(x, qualified=True), but returns url that not only is qualified

    but also canonical, as configured in canonical_url'''

    from kallithea import CONFIG

    try:

        parts = CONFIG.get('canonical_url', '').split('://', 1)

        kargs['host'] = parts[1].split('/', 1)[0]

        kargs['protocol'] = parts[0]

    except IndexError:

        kargs['qualified'] = True

    return url(*args, **kargs)

def canonical_hostname():

    '''Return canonical hostname of system'''

    from kallithea import CONFIG

    try:

        parts = CONFIG.get('canonical_url', '').split('://', 1)

        return parts[1].split('/', 1)[0]

    except IndexError:

        parts = url('home', qualified=True).split('://', 1)

        return parts[1].split('/', 1)[0]

def html_escape(text):

    """Return string with all html escaped.

    This is also safe for javascript in html but not necessarily correct.

    """

    return (text

        .replace('&', '&')

        .replace(">", ">")

        .replace("<", "&lt;")

        .replace('"', """)

        .replace("'", "'")

        )

def shorter(text, size=20):

    postfix = '...'

    if len(text) > size:

        return text[:size - len(postfix)] + postfix

    return text

def _reset(name, value=None, id=NotGiven, type="reset", **attrs):

    """

    Reset button

    """

    _set_input_attrs(attrs, type, name, value)

    _set_id_attr(attrs, id, name)

    convert_boolean_attrs(attrs, ["disabled"])

    return HTML.input(**attrs)

reset = _reset

safeid = _make_safe_id_component

def FID(raw_id, path):

    """

    Creates a unique ID for filenode based on it's hash of path and revision

    it's safe to use in urls

    :param raw_id:

    :param path:

    """

class _GetError(object):

    """Get error from form_errors, and represent it as span wrapped error

    message

    :param field_name: field to fetch errors for

    :param form_errors: form errors dict

    """

    def __call__(self, field_name, form_errors):

        tmpl = """<span class="error_msg">%s</span>"""

        if form_errors and field_name in form_errors:

            return literal(tmpl % form_errors.get(field_name))

get_error = _GetError()

class _ToolTip(object):

    def __call__(self, tooltip_title, trim_at=50):

        """

        Special function just to wrap our text into nice formatted

        autowrapped text

        :param tooltip_title:

        """

        tooltip_title = escape(tooltip_title)

        tooltip_title = tooltip_title.replace('<', '&lt;').replace('>', '&gt;')

        return tooltip_title

tooltip = _ToolTip()

class _FilesBreadCrumbs(object):

    def __call__(self, repo_name, rev, paths):

        if isinstance(paths, str):

            paths = safe_unicode(paths)

        url_l = [link_to(repo_name, url('files_home',

                                        repo_name=repo_name,

                                        revision=rev, f_path=''),

                         class_='ypjax-link')]

        paths_l = paths.split('/')

        for cnt, p in enumerate(paths_l):

            if p != '':

                url_l.append(link_to(p,

                                     url('files_home',

                                         repo_name=repo_name,

                                         revision=rev,

                                         f_path='/'.join(paths_l[:cnt + 1])

                                         ),

                                     class_='ypjax-link'

                                     )

                             )

        return literal('/'.join(url_l))

files_breadcrumbs = _FilesBreadCrumbs()

class CodeHtmlFormatter(HtmlFormatter):

    """

    My code Html Formatter for source codes

    """

    def wrap(self, source, outfile):

        return self._wrap_div(self._wrap_pre(self._wrap_code(source)))

    def _wrap_code(self, source):

        for cnt, it in enumerate(source):

            i, t = it

            t = '<div id="L%s">%s</div>' % (cnt + 1, t)

            yield i, t

    def _wrap_tablelinenos(self, inner):

        dummyoutfile = StringIO.StringIO()

        lncount = 0

        for t, line in inner:

            if t:

                lncount += 1

            dummyoutfile.write(line)

        fl = self.linenostart

        mw = len(str(lncount + fl - 1))

        sp = self.linenospecial

        st = self.linenostep

        la = self.lineanchors

        aln = self.anchorlinenos

        nocls = self.noclasses

        if sp:

            lines = []

            for i in range(fl, fl + lncount):

                if i % st == 0:

                    if i % sp == 0:

                        if aln:

                            lines.append('<a href="#%s%d" class="special">%*d</a>' %

                                         (la, i, mw, i))

                        else:

                            lines.append('<span class="special">%*d</span>' % (mw, i))

                    else:

                        if aln:

                            lines.append('<a href="#%s%d">%*d</a>' % (la, i, mw, i))

                        else:

                            lines.append('%*d' % (mw, i))

                else:

                    lines.append('')

            ls = '\n'.join(lines)

        else:

            lines = []

            for i in range(fl, fl + lncount):

                if i % st == 0:

                    if aln:

                        lines.append('<a href="#%s%d">%*d</a>' % (la, i, mw, i))

                    else:

                        lines.append('%*d' % (mw, i))

                else:

                    lines.append('')

            ls = '\n'.join(lines)

        # in case you wonder about the seemingly redundant <div> here: since the

        # content in the other cell also is wrapped in a div, some browsers in

        # some configurations seem to mess up the formatting...

        if nocls:

            yield 0, ('<table class="%stable">' % self.cssclass +

                      '<tr><td><div class="linenodiv" '

                      'style="background-color: #f0f0f0; padding-right: 10px">'

                      '<pre style="line-height: 125%">' +

                      ls + '</pre></div></td><td id="hlcode" class="code">')

        else:

            yield 0, ('<table class="%stable">' % self.cssclass +

                      '<tr><td class="linenos"><div class="linenodiv"><pre>' +

                      ls + '</pre></div></td><td id="hlcode" class="code">')

        yield 0, dummyoutfile.getvalue()

        yield 0, '</td></tr></table>'

_whitespace_re = re.compile(r'(\t)|( )(?=\n|</div>)')

def _markup_whitespace(m):

    groups = m.groups()

    if groups[0]:

        return '<u>\t</u>'

    if groups[1]:

        return ' <i></i>'

def markup_whitespace(s):

    return _whitespace_re.sub(_markup_whitespace, s)

def pygmentize(filenode, **kwargs):

    """

    pygmentize function using pygments

    :param filenode:

    """

    lexer = get_custom_lexer(filenode.extension) or filenode.lexer

    return literal(markup_whitespace(

        code_highlight(filenode.content, lexer, CodeHtmlFormatter(**kwargs))))

def pygmentize_annotation(repo_name, filenode, **kwargs):

    """

    pygmentize function for annotation

    :param filenode:

    """

    color_dict = {}

    def gen_color(n=10000):

        """generator for getting n of evenly distributed colors using

        hsv color and golden ratio. It always return same order of colors

        :returns: RGB tuple

        """

        def hsv_to_rgb(h, s, v):

            if s == 0.0:

                return v, v, v

            i = int(h * 6.0)  # XXX assume int() truncates!

            f = (h * 6.0) - i

            p = v * (1.0 - s)

            q = v * (1.0 - s * f)

            t = v * (1.0 - s * (1.0 - f))

            i = i % 6

            if i == 0:

                return v, t, p

            if i == 1:

                return q, v, p

            if i == 2:

                return p, v, t

            if i == 3:

                return p, q, v

            if i == 4:

                return t, p, v

            if i == 5:

                return v, p, q

        golden_ratio = 0.618033988749895

        h = 0.22717784590367374

        for _unused in xrange(n):

            h += golden_ratio

            h %= 1

            HSV_tuple = [h, 0.95, 0.95]

            RGB_tuple = hsv_to_rgb(*HSV_tuple)

            yield map(lambda x: str(int(x * 256)), RGB_tuple)

    cgenerator = gen_color()

    def get_color_string(cs):

        if cs in color_dict:

            col = color_dict[cs]

        else:

            col = color_dict[cs] = cgenerator.next()

        return "color: rgb(%s)! important;" % (', '.join(col))

    def url_func(repo_name):

        def _url_func(changeset):

            author = escape(changeset.author)

            date = changeset.date

            message = escape(changeset.message)

            tooltip_html = ("<div style='font-size:0.8em'><b>Author:</b>"

                            " %s<br/><b>Date:</b> %s</b><br/><b>Message:"

                            "</b> %s<br/></div>")

            tooltip_html = tooltip_html % (author, date, message)

            lnk_format = show_id(changeset)

            uri = link_to(

                    lnk_format,

                    url('changeset_home', repo_name=repo_name,

                        revision=changeset.raw_id),

                    style=get_color_string(changeset.raw_id),

                    class_='tooltip safe-html-title',

                    title=tooltip_html

                  )

            uri += '\n'

            return uri

        return _url_func

    return literal(markup_whitespace(annotate_highlight(filenode, url_func(repo_name), **kwargs)))

def is_following_repo(repo_name, user_id):

    from kallithea.model.scm import ScmModel

    return ScmModel().is_following_repo(repo_name, user_id)

class _Message(object):

    """A message returned by ``Flash.pop_messages()``.

    Converting the message to a string returns the message text. Instances

    also have the following attributes:

    * ``message``: the message text.

    * ``category``: the category specified when the message was created.

    """

    def __init__(self, category, message):

        self.category = category

        self.message = message

    def __str__(self):

        return self.message

    __unicode__ = __str__

    def __html__(self):

        return escape(safe_unicode(self.message))

class Flash(_Flash):

    def __call__(self, message, category=None, ignore_duplicate=False, logf=None):

        """

        Show a message to the user _and_ log it through the specified function

        category: notice (default), warning, error, success

        logf: a custom log function - such as log.debug

        logf defaults to log.info, unless category equals 'success', in which

        case logf defaults to log.debug.

        """

        if logf is None:

            logf = log.info

            if category == 'success':

                logf = log.debug

        logf('Flash %s: %s', category, message)

        super(Flash, self).__call__(message, category, ignore_duplicate)

    def pop_messages(self):

        """Return all accumulated messages and delete them from the session.

        The return value is a list of ``Message`` objects.

        """

        from pylons import session

        messages = session.pop(self.session_key, [])

        session.save()

        return [_Message(*m) for m in messages]

flash = Flash()

#==============================================================================

# SCM FILTERS available via h.

#==============================================================================

from kallithea.lib.vcs.utils import author_name, author_email

from kallithea.lib.utils2 import credentials_filter, age as _age

from kallithea.model.db import User, ChangesetStatus, PullRequest

age = lambda  x, y=False: _age(x, y)

capitalize = lambda x: x.capitalize()

email = author_email

short_id = lambda x: x[:12]

hide_credentials = lambda x: ''.join(credentials_filter(x))