# -*- coding: utf-8 -*-

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

kallithea.lib.auth

~~~~~~~~~~~~~~~~~~

authentication and permission libraries

This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: Apr 4, 2010

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

from __future__ import with_statement

import time

import os

import logging

import traceback

import hashlib

import itertools

import collections

from decorator import decorator

from pylons import url, request

from pylons.controllers.util import abort, redirect

from pylons.i18n.translation import _

from webhelpers.pylonslib import secure_form

from sqlalchemy import or_

from sqlalchemy.orm.exc import ObjectDeletedError

from sqlalchemy.orm import joinedload

from kallithea import __platform__, is_windows, is_unix

from kallithea.lib.vcs.utils.lazy import LazyProperty

from kallithea.model import meta

from kallithea.model.meta import Session

from kallithea.model.user import UserModel

from kallithea.model.db import User, Repository, Permission, \

    UserToPerm, UserGroupRepoToPerm, UserGroupToPerm, UserGroupMember, \

    RepoGroup, UserGroupRepoGroupToPerm, UserIpMap, UserGroupUserGroupToPerm, \

    UserGroup, UserApiKeys

from kallithea.lib.utils2 import safe_unicode, aslist

from kallithea.lib.utils import get_repo_slug, get_repo_group_slug, \

    get_user_group_slug, conditional_cache

from kallithea.lib.caching_query import FromCache

log = logging.getLogger(__name__)

class PasswordGenerator(object):

    """

    This is a simple class for generating password from different sets of

    characters

    usage::

        passwd_gen = PasswordGenerator()

        #print 8-letter password containing only big and small letters

            of alphabet

        passwd_gen.gen_password(8, passwd_gen.ALPHABETS_BIG_SMALL)

    """

    ALPHABETS_NUM = r'''1234567890'''

    ALPHABETS_SMALL = r'''qwertyuiopasdfghjklzxcvbnm'''

    ALPHABETS_BIG = r'''QWERTYUIOPASDFGHJKLZXCVBNM'''

    ALPHABETS_SPECIAL = r'''`-=[]\;',./~!@#$%^&*()_+{}|:"<>?'''

    ALPHABETS_FULL = ALPHABETS_BIG + ALPHABETS_SMALL \

        + ALPHABETS_NUM + ALPHABETS_SPECIAL

    ALPHABETS_ALPHANUM = ALPHABETS_BIG + ALPHABETS_SMALL + ALPHABETS_NUM

    ALPHABETS_BIG_SMALL = ALPHABETS_BIG + ALPHABETS_SMALL

    ALPHABETS_ALPHANUM_BIG = ALPHABETS_BIG + ALPHABETS_NUM

    ALPHABETS_ALPHANUM_SMALL = ALPHABETS_SMALL + ALPHABETS_NUM

    def gen_password(self, length, alphabet=ALPHABETS_FULL):

        assert len(alphabet) <= 256, alphabet

        l = []

        while len(l) < length:

            i = ord(os.urandom(1))

            if i < len(alphabet):

                l.append(alphabet[i])

        return ''.join(l)

class KallitheaCrypto(object):

    @classmethod

    def hash_string(cls, str_):

        """

        Cryptographic function used for password hashing based on pybcrypt

        or pycrypto in windows

        :param password: password to hash

        """

        if is_windows:

            from hashlib import sha256

            return sha256(str_).hexdigest()

        elif is_unix:

            import bcrypt

            return bcrypt.hashpw(str_, bcrypt.gensalt(10))

        else:

            raise Exception('Unknown or unsupported platform %s' \

                            % __platform__)

    @classmethod

    def hash_check(cls, password, hashed):

        """

        Checks matching password with it's hashed value, runs different

        implementation based on platform it runs on

        :param password: password

        :param hashed: password in hashed form

        """

        if is_windows:

            from hashlib import sha256

            return sha256(password).hexdigest() == hashed

        elif is_unix:

            import bcrypt

# -*- coding: utf-8 -*-

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

Helper functions

Consists of functions to typically be used within templates, but also

available to Controllers. This module is available to both as 'h'.

"""

import hashlib

import StringIO

import math

import logging

import re

import urlparse

import textwrap

from pygments.formatters.html import HtmlFormatter

from pygments import highlight as code_highlight

from pylons import url

from pylons.i18n.translation import _, ungettext

from webhelpers.html import literal, HTML, escape

from webhelpers.html.tools import *

from webhelpers.html.builder import make_tag

from webhelpers.html.tags import auto_discovery_link, checkbox, css_classes, \

    end_form, file, hidden, image, javascript_link, link_to, \

    link_to_if, link_to_unless, ol, required_legend, select, stylesheet_link, \

    submit, text, password, textarea, title, ul, xml_declaration, radio

from webhelpers.html.tools import auto_link, button_to, highlight, \

    js_obfuscate, mail_to, strip_links, strip_tags, tag_re

from webhelpers.number import format_byte_size, format_bit_size

from webhelpers.pylonslib import Flash as _Flash

from webhelpers.pylonslib.secure_form import secure_form as form, authentication_token

from webhelpers.text import chop_at, collapse, convert_accented_entities, \

    convert_misc_entities, lchop, plural, rchop, remove_formatting, \

    replace_whitespace, urlify, truncate, wrap_paragraphs

from webhelpers.date import time_ago_in_words

from webhelpers.paginate import Page as _Page

from webhelpers.html.tags import _set_input_attrs, _set_id_attr, \

    convert_boolean_attrs, NotGiven, _make_safe_id_component

from kallithea.lib.annotate import annotate_highlight

from kallithea.lib.utils import repo_name_slug, get_custom_lexer

from kallithea.lib.utils2 import str2bool, safe_unicode, safe_str, \

    get_changeset_safe, datetime_to_time, time_to_datetime, AttributeDict,\

    safe_int

from kallithea.lib.markup_renderer import MarkupRenderer, url_re

from kallithea.lib.vcs.exceptions import ChangesetDoesNotExistError

from kallithea.lib.vcs.backends.base import BaseChangeset, EmptyChangeset

from kallithea.config.conf import DATE_FORMAT, DATETIME_FORMAT

from kallithea.model.changeset_status import ChangesetStatusModel

from kallithea.model.db import URL_SEP, Permission

log = logging.getLogger(__name__)

def canonical_url(*args, **kargs):

    '''Like url(x, qualified=True), but returns url that not only is qualified

    but also canonical, as configured in canonical_url'''

    from kallithea import CONFIG

    try:

        parts = CONFIG.get('canonical_url', '').split('://', 1)

        kargs['host'] = parts[1].split('/', 1)[0]

        kargs['protocol'] = parts[0]

    except IndexError:

        kargs['qualified'] = True

    return url(*args, **kargs)

def canonical_hostname():

    '''Return canonical hostname of system'''

    from kallithea import CONFIG

    try:

        parts = CONFIG.get('canonical_url', '').split('://', 1)

        return parts[1].split('/', 1)[0]

    except IndexError:

        parts = url('home', qualified=True).split('://', 1)

        return parts[1].split('/', 1)[0]

def html_escape(text):

    """Return string with all html escaped.

    This is also safe for javascript in html but not necessarily correct.

    """

    return (text

        .replace('&', '&')

        .replace(">", ">")

        .replace("<", "&lt;")

        .replace('"', """)

        .replace("'", "'")

        )

def shorter(text, size=20):

    postfix = '...'

    if len(text) > size:

        return text[:size - len(postfix)] + postfix

    return text

def _reset(name, value=None, id=NotGiven, type="reset", **attrs):

    """

    Reset button

    """

    _set_input_attrs(attrs, type, name, value)

    _set_id_attr(attrs, id, name)

    convert_boolean_attrs(attrs, ["disabled"])

    return HTML.input(**attrs)

reset = _reset

safeid = _make_safe_id_component

def FID(raw_id, path):

    """

    Creates a unique ID for filenode based on it's hash of path and revision

    it's safe to use in urls

    :param raw_id:

    :param path:

    """

class _GetError(object):

    """Get error from form_errors, and represent it as span wrapped error

    message

    :param field_name: field to fetch errors for

    :param form_errors: form errors dict

    """

    def __call__(self, field_name, form_errors):

        tmpl = """<span class="error_msg">%s</span>"""

        if form_errors and field_name in form_errors:

            return literal(tmpl % form_errors.get(field_name))

get_error = _GetError()

class _ToolTip(object):

    def __call__(self, tooltip_title, trim_at=50):

        """

        Special function just to wrap our text into nice formatted

        autowrapped text

        :param tooltip_title:

        """

        tooltip_title = escape(tooltip_title)

        tooltip_title = tooltip_title.replace('<', '&lt;').replace('>', '&gt;')

        return tooltip_title

tooltip = _ToolTip()

class _FilesBreadCrumbs(object):

    def __call__(self, repo_name, rev, paths):

        if isinstance(paths, str):

            paths = safe_unicode(paths)

        url_l = [link_to(repo_name, url('files_home',

                                        repo_name=repo_name,

                                        revision=rev, f_path=''),

                         class_='ypjax-link')]

        paths_l = paths.split('/')

        for cnt, p in enumerate(paths_l):

            if p != '':

                url_l.append(link_to(p,

                                     url('files_home',

                                         repo_name=repo_name,

                                         revision=rev,

                                         f_path='/'.join(paths_l[:cnt + 1])

                                         ),

                                     class_='ypjax-link'

                                     )

                             )

        return literal('/'.join(url_l))

files_breadcrumbs = _FilesBreadCrumbs()

class CodeHtmlFormatter(HtmlFormatter):

    """

    My code Html Formatter for source codes

    """

    def wrap(self, source, outfile):

        return self._wrap_div(self._wrap_pre(self._wrap_code(source)))

    def _wrap_code(self, source):

        for cnt, it in enumerate(source):

            i, t = it

            t = '<div id="L%s">%s</div>' % (cnt + 1, t)

            yield i, t

    def _wrap_tablelinenos(self, inner):

        dummyoutfile = StringIO.StringIO()

        lncount = 0

        for t, line in inner:

            if t:

                lncount += 1

            dummyoutfile.write(line)

        fl = self.linenostart

        mw = len(str(lncount + fl - 1))

        sp = self.linenospecial

        st = self.linenostep

        la = self.lineanchors

        aln = self.anchorlinenos

        nocls = self.noclasses

        if sp:

            lines = []

            for i in range(fl, fl + lncount):

                if i % st == 0:

                    if i % sp == 0:

                        if aln: