return True

    def check_int(environ, match_dict):

        return match_dict.get('id').isdigit()

    # The ErrorController route (handles 404/500 error pages); it should

    # likely stay at the top, ensuring it can always be resolved

    rmap.connect('/error/{action}', controller='error')

    rmap.connect('/error/{action}/{id}', controller='error')

    #==========================================================================

    # CUSTOM ROUTES HERE

    #==========================================================================

    #MAIN PAGE

    rmap.connect('home', '/', controller='home', action='index')

    rmap.connect('about', '/about', controller='home', action='about')

    rmap.connect('repo_switcher_data', '/_repos', controller='home',

                 action='repo_switcher_data')

    rmap.connect('rst_help',

                 "http://docutils.sourceforge.net/docs/user/rst/quickref.html",

                 _static=True)

    rmap.connect('kallithea_project_url', "https://kallithea-scm.org/", _static=True)

    rmap.connect('issues_url', 'https://bitbucket.org/conservancy/kallithea/issues', _static=True)

    #ADMIN REPOSITORY ROUTES

    with rmap.submapper(path_prefix=ADMIN_PREFIX,

                        controller='admin/repos') as m:

        m.connect("repos", "/repos",

                  action="create", conditions=dict(method=["POST"]))

        m.connect("repos", "/repos",

                  action="index", conditions=dict(method=["GET"]))

        m.connect("new_repo", "/create_repository",

                  action="create_repository", conditions=dict(method=["GET"]))

        m.connect("put_repo", "/repos/{repo_name:.*?}",

                  action="update", conditions=dict(method=["PUT"],

                  function=check_repo))

        m.connect("delete_repo", "/repos/{repo_name:.*?}",

                  action="delete", conditions=dict(method=["DELETE"],

                  ))

    #ADMIN REPOSITORY GROUPS ROUTES

    with rmap.submapper(path_prefix=ADMIN_PREFIX,

                        controller='admin/repo_groups') as m:

        m.connect("repos_groups", "/repo_groups",

                  action="create", conditions=dict(method=["POST"]))

        m.connect("repos_groups", "/repo_groups",

                  action="index", conditions=dict(method=["GET"]))

        m.connect("new_repos_group", "/repo_groups/new",

                  action="new", conditions=dict(method=["GET"]))

        m.connect("update_repos_group", "/repo_groups/{group_name:.*?}",

                  action="update", conditions=dict(method=["PUT"],

                                                   function=check_group))

        m.connect("repos_group", "/repo_groups/{group_name:.*?}",

                  action="show", conditions=dict(method=["GET"],

                                                 function=check_group))

        #EXTRAS REPO GROUP ROUTES

        m.connect("edit_repo_group", "/repo_groups/{group_name:.*?}/edit",

                  action="edit",

                  conditions=dict(method=["GET"], function=check_group))

        m.connect("edit_repo_group_advanced", "/repo_groups/{group_name:.*?}/edit/advanced",

                  action="edit_repo_group_advanced",

                  conditions=dict(method=["GET"], function=check_group))

        m.connect("edit_repo_group_perms", "/repo_groups/{group_name:.*?}/edit/permissions",

                  action="edit_repo_group_perms",

                  conditions=dict(method=["GET"], function=check_group))

        m.connect("edit_repo_group_perms", "/repo_groups/{group_name:.*?}/edit/permissions",

                  action="update_perms",

                  conditions=dict(method=["PUT"], function=check_group))

        m.connect("edit_repo_group_perms_delete", "/repo_groups/{group_name:.*?}/edit/permissions/delete",

                  action="delete_perms",

                  conditions=dict(method=["POST"], function=check_group))

        m.connect("delete_repo_group", "/repo_groups/{group_name:.*?}/delete",

                  action="delete", conditions=dict(method=["POST"],

                                                   function=check_group_skip_path))

    #ADMIN USER ROUTES

    with rmap.submapper(path_prefix=ADMIN_PREFIX,

                        controller='admin/users') as m:

        m.connect("users", "/users",

                  action="create", conditions=dict(method=["POST"]))

        m.connect("users", "/users",

                  action="index", conditions=dict(method=["GET"]))

        m.connect("formatted_users", "/users.{format}",

                  action="index", conditions=dict(method=["GET"]))

        m.connect("new_user", "/users/new",

                  action="new", conditions=dict(method=["GET"]))

        m.connect("update_user", "/users/{id}",

                  action="update", conditions=dict(method=["PUT"]))

        m.connect("edit_user", "/users/{id}/edit",

                  action="edit", conditions=dict(method=["GET"]))

        #EXTRAS USER ROUTES

        m.connect("edit_user_advanced", "/users/{id}/edit/advanced",

                  action="edit_advanced", conditions=dict(method=["GET"]))

        m.connect("edit_user_api_keys", "/users/{id}/edit/api_keys",

                  action="edit_api_keys", conditions=dict(method=["GET"]))

        m.connect("edit_user_api_keys", "/users/{id}/edit/api_keys",

                  action="add_api_key", conditions=dict(method=["POST"]))

        m.connect("edit_user_api_keys_delete", "/users/{id}/edit/api_keys/delete",

                  action="delete_api_key", conditions=dict(method=["POST"]))

        m.connect("edit_user_perms", "/users/{id}/edit/permissions",

                  action="edit_perms", conditions=dict(method=["GET"]))

        m.connect("edit_user_perms", "/users/{id}/edit/permissions",

                  action="update_perms", conditions=dict(method=["PUT"]))

        m.connect("edit_user_emails", "/users/{id}/edit/emails",

                  action="edit_emails", conditions=dict(method=["GET"]))

        m.connect("edit_user_emails", "/users/{id}/edit/emails",

                  action="add_email", conditions=dict(method=["PUT"]))

        m.connect("edit_user_emails", "/users/{id}/edit/emails",

                  action="delete_email", conditions=dict(method=["DELETE"]))

        m.connect("edit_user_ips", "/users/{id}/edit/ips",

                  action="edit_ips", conditions=dict(method=["GET"]))

        m.connect("edit_user_ips", "/users/{id}/edit/ips",

                  action="add_ip", conditions=dict(method=["PUT"]))

        m.connect("edit_user_ips_delete", "/users/{id}/edit/ips/delete",

                  action="delete_ip", conditions=dict(method=["POST"]))

    #ADMIN USER GROUPS REST ROUTES

    with rmap.submapper(path_prefix=ADMIN_PREFIX,

                        controller='admin/user_groups') as m:

        m.connect("users_groups", "/user_groups",

                  action="create", conditions=dict(method=["POST"]))

        m.connect("users_groups", "/user_groups",

                  action="index", conditions=dict(method=["GET"]))

        m.connect("new_users_group", "/user_groups/new",

                  action="new", conditions=dict(method=["GET"]))

        m.connect("update_users_group", "/user_groups/{id}",

                  action="update", conditions=dict(method=["PUT"]))

        m.connect("delete_users_group", "/user_groups/{id}",

                  action="delete", conditions=dict(method=["DELETE"]))

        m.connect("edit_users_group", "/user_groups/{id}/edit",

                  action="edit", conditions=dict(method=["GET"]),

                  function=check_user_group)

        #EXTRAS USER GROUP ROUTES

        m.connect("edit_user_group_default_perms", "/user_groups/{id}/edit/default_perms",

                  action="edit_default_perms", conditions=dict(method=["GET"]))

        m.connect("edit_user_group_default_perms", "/user_groups/{id}/edit/default_perms",

                  action="update_default_perms", conditions=dict(method=["PUT"]))

        m.connect("edit_user_group_perms", "/user_groups/{id}/edit/perms",

                  action="edit_perms", conditions=dict(method=["GET"]))

        m.connect("edit_user_group_perms", "/user_groups/{id}/edit/perms",

                  action="update_perms", conditions=dict(method=["PUT"]))

        m.connect("edit_user_group_perms_delete", "/user_groups/{id}/edit/perms/delete",

                  action="delete_perms", conditions=dict(method=["POST"]))

        m.connect("edit_user_group_advanced", "/user_groups/{id}/edit/advanced",

                  action="edit_advanced", conditions=dict(method=["GET"]))

        m.connect("edit_user_group_members", "/user_groups/{id}/edit/members",

                  action="edit_members", conditions=dict(method=["GET"]))

    #ADMIN PERMISSIONS ROUTES

    with rmap.submapper(path_prefix=ADMIN_PREFIX,

                        controller='admin/permissions') as m:

        m.connect("admin_permissions", "/permissions",

                  action="permission_globals", conditions=dict(method=["POST"]))

        m.connect("admin_permissions", "/permissions",

                  action="permission_globals", conditions=dict(method=["GET"]))

        m.connect("admin_permissions_ips", "/permissions/ips",

                  action="permission_ips", conditions=dict(method=["GET"]))

        m.connect("admin_permissions_perms", "/permissions/perms",

                  action="permission_perms", conditions=dict(method=["GET"]))

    #ADMIN DEFAULTS ROUTES

    with rmap.submapper(path_prefix=ADMIN_PREFIX,

                        controller='admin/defaults') as m:

        m.connect('defaults', 'defaults',

                  action="index")

        m.connect('defaults_update', 'defaults/{id}/update',

                  action="update", conditions=dict(method=["POST"]))

    #ADMIN AUTH SETTINGS

<div style="font-size: 24px; color: #666666; padding: 0px 0px 10px 0px">${_('User: %s') % c.user.username}</div>

<dl class="dl-horizontal">

<%

 elems = [

    (_('Repositories'), len(c.user.repositories), ', '.join((x.repo_name for x in c.user.repositories))),

    (_('Source of Record'), c.user.extern_type, ''),

    (_('Created on'), h.fmt_date(c.user.created_on), ''),

    (_('Last Login'), c.user.last_login or '-', ''),

    (_('Member of User Groups'), len(c.user.group_member), ', '.join((x.users_group.users_group_name for x in c.user.group_member))),

 ]

%>

%for dt, dd, tt in elems:

  <dt style="width:150px; text-align: left">${dt}:</dt>

  <dd style="margin-left: 160px" title="${tt}">${dd}</dd>

%endfor

</dl>

    <button class="btn btn-small btn-danger" type="submit"

            onclick="return confirm('${_('Confirm to delete this user: %s') % c.user.username}');">

        <i class="icon-minus-circled"></i>

        ${_('Delete this user')}

    </button>

${h.end_form()}

        return name.split('/')[-1]

      else:

        return name

    %>

  <div class="dt_repo ${'dt_repo_pending' if rstate == 'repo_state_pending' else ''}">

    ##NAME

    <a href="${h.url('edit_repo' if admin else 'summary_home', repo_name=name)}">

    ##TYPE OF REPO

    ${base.repotag(rtype)}

    ##PRIVATE/PUBLIC

    %if private and c.visual.show_private_icon:

      <i class="icon-keyhole-circled" title="${_('Private repository')}"></i>

    %elif not private and c.visual.show_public_icon:

      <i class="icon-globe" title="${_('Public repository')}"></i>

    %else:

      <span style="margin: 0px 8px 0px 8px"></span>

    %endif

    <span class="dt_repo_name">${get_name(name)}</span>

    </a>

    %if fork_of:

      <a href="${h.url('summary_home',repo_name=fork_of.repo_name)}"><i class="icon-fork"></i></a>

    %endif

    %if rstate == 'repo_state_pending':

      <i class="icon-wrench" title="${_('Repository creation in progress...')}"></i>

    %endif

  </div>

</%def>

<%def name="last_change(last_change)">

  <span class="tooltip" date="${last_change}" title="${h.fmt_date(last_change)}">${h.age(last_change)}</span>

</%def>

<%def name="revision(name,rev,tip,author,last_msg)">

  <div>

  %if rev >= 0:

      <a title="${'%s:\n\n%s' % (h.escape(author), h.escape(last_msg))}" class="tooltip revision-link safe-html-title" href="${h.url('changeset_home',repo_name=name,revision=tip)}">${'r%s:%s' % (rev,h.short_id(tip))}</a>

  %else:

      ${_('No changesets yet')}

  %endif

  </div>

</%def>

<%def name="rss(name)">

  %if c.authuser.username != 'default':

    <a title="${_('Subscribe to %s rss feed')% name}" href="${h.url('rss_feed_home',repo_name=name,api_key=c.authuser.api_key)}"><i class="icon-rss-squared"></i></a>

  %else:

    <a title="${_('Subscribe to %s rss feed')% name}" href="${h.url('rss_feed_home',repo_name=name)}"><i class="icon-rss-squared"></i></a>

  %endif

</%def>

<%def name="atom(name)">

  %if c.authuser.username != 'default':

    <a title="${_('Subscribe to %s atom feed')% name}" href="${h.url('atom_feed_home',repo_name=name,api_key=c.authuser.api_key)}"><i class="icon-rss-squared"></i></a>

  %else:

    <a title="${_('Subscribe to %s atom feed')% name}" href="${h.url('atom_feed_home',repo_name=name)}"><i class="icon-rss-squared"></i></a>

  %endif

</%def>

<%def name="repo_actions(repo_name, super_user=True)">

  <div>

    <div style="float:left; margin-right:5px;" class="grid_edit">

      <a href="${h.url('edit_repo',repo_name=repo_name)}" title="${_('Edit')}">

        <i class="icon-pencil"></i> ${h.submit('edit_%s' % repo_name,_('Edit'),class_="action_button")}

      </a>

    </div>

    <div style="float:left" class="grid_delete">

      ${h.form(h.url('delete_repo', repo_name=repo_name), method='delete')}

        <i class="icon-minus-circled" style="color:#FF4444"></i>

        ${h.submit('remove_%s' % repo_name,_('Delete'),class_="action_button",

        onclick="return confirm('"+_('Confirm to delete this repository: %s') % repo_name+"');")}

      ${h.end_form()}

    </div>

  </div>

</%def>

<%def name="repo_state(repo_state)">

  <div>

    %if repo_state == u'repo_state_pending':

        <div class="btn btn-mini btn-info disabled">${_('Creating')}</div>

    %elif repo_state == u'repo_state_created':

        <div class="btn btn-mini btn-success disabled">${_('Created')}</div>

    %else:

        <div class="btn btn-mini btn-danger disabled" title="${repo_state}">invalid</div>

    %endif

  </div>

</%def>

<%def name="user_actions(user_id, username)">

 <div style="float:left" class="grid_edit">

   <a href="${h.url('edit_user',id=user_id)}" title="${_('Edit')}">

     <i class="icon-pencil"></i> ${h.submit('edit_%s' % username,_('Edit'),class_="action_button")}

   </a>

 </div>

 <div style="float:left" class="grid_delete">

    <i class="icon-minus-circled" style="color:#FF4444"></i>

    ${h.submit('remove_',_('Delete'),id="remove_user_%s" % user_id, class_="action_button",

    onclick="return confirm('"+_('Confirm to delete this user: %s') % username+"');")}

  ${h.end_form()}

 </div>

</%def>

<%def name="user_group_actions(user_group_id, user_group_name)">

 <div style="float:left" class="grid_edit">

    <a href="${h.url('edit_users_group', id=user_group_id)}" title="${_('Edit')}">

    <i class="icon-pencil"></i>

     ${h.submit('edit_%s' % user_group_name,_('Edit'),class_="action_button", id_="submit_user_group_edit")}

    </a>

 </div>

 <div style="float:left" class="grid_delete">

    ${h.form(h.url('users_group', id=user_group_id),method='delete')}

      <i class="icon-minus-circled" style="color:#FF4444"></i>

      ${h.submit('remove_',_('Delete'),id="remove_group_%s" % user_group_id, class_="action_button",

      onclick="return confirm('"+_('Confirm to delete this user group: %s') % user_group_name+"');")}

    ${h.end_form()}

 </div>

</%def>

<%def name="repo_group_actions(repo_group_id, repo_group_name, gr_count)">

 <div style="float:left" class="grid_edit">

    <a href="${h.url('edit_repo_group',group_name=repo_group_name)}" title="${_('Edit')}">

    <i class="icon-pencil"></i>

     ${h.submit('edit_%s' % repo_group_name, _('Edit'),class_="action_button")}

    </a>

 </div>

 <div style="float:left" class="grid_delete">

    ${h.form(h.url('delete_repos_group', group_name=repo_group_name))}

        <i class="icon-minus-circled" style="color:#FF4444"></i>

        ${h.submit('remove_%s' % repo_group_name,_('Delete'),class_="action_button",

        onclick="return confirm('"+ungettext('Confirm to delete this group: %s with %s repository','Confirm to delete this group: %s with %s repositories',gr_count) % (repo_group_name, gr_count)+"');")}

    ${h.end_form()}

 </div>

</%def>

<%def name="user_name(user_id, username)">

    ${h.link_to(username,h.url('edit_user', id=user_id))}

</%def>

<%def name="repo_group_name(repo_group_name, children_groups)">

  <div style="white-space: nowrap">

  <a href="${h.url('repos_group_home',group_name=repo_group_name)}">

    <i class="icon-folder" title="${_('Repository group')}"></i> ${h.literal(' &raquo; '.join(children_groups))}</a>

  </div>

</%def>

<%def name="user_group_name(user_group_id, user_group_name)">

  <div style="white-space: nowrap">

  <a href="${h.url('edit_users_group', id=user_group_id)}">

    <i class="icon-users" title="${_('User group')}"></i> ${user_group_name}</a>

  </div>

</%def>

<%def name="toggle_follow(repo_id)">

  <span id="follow_toggle_${repo_id}" class="following" title="${_('Stop following this repository')}"

        onclick="toggleFollowingRepo(this, ${repo_id})">

  </span>

</%def>

        response.follow()

        response = response.follow()

        response.mustcontain("""newtestuser""")

    def test_create_err(self):

        self.log_user()

        username = 'new_user'

        password = ''

        name = u'name'

        lastname = u'lastname'

        email = 'errmail.example.com'

        response = self.app.post(url('users'), {'username': username,

                                               'password': password,

                                               'name': name,

                                               'active': False,

                                               'lastname': lastname,

                                               'email': email,

                                               '_authentication_token': self.authentication_token()})

        msg = validators.ValidUsername(False, {})._messages['system_invalid_username']

        msg = h.html_escape(msg % {'username': 'new_user'})

        response.mustcontain("""<span class="error-message">%s</span>""" % msg)

        response.mustcontain("""<span class="error-message">Please enter a value</span>""")

        response.mustcontain("""<span class="error-message">An email address must contain a single @</span>""")

        def get_user():

            Session().query(User).filter(User.username == username).one()

        with pytest.raises(NoResultFound):

            get_user(), 'found user in database'

    def test_new(self):

        self.log_user()

        response = self.app.get(url('new_user'))

    @parametrize('name,attrs',

        [('firstname', {'firstname': 'new_username'}),

         ('lastname', {'lastname': 'new_username'}),

         ('admin', {'admin': True}),

         ('admin', {'admin': False}),

         ('extern_type', {'extern_type': 'ldap'}),

         ('extern_type', {'extern_type': None}),

         ('extern_name', {'extern_name': 'test'}),

         ('extern_name', {'extern_name': None}),

         ('active', {'active': False}),

         ('active', {'active': True}),

         ('email', {'email': 'someemail@example.com'}),

        # ('new_password', {'new_password': 'foobar123',

        #                   'password_confirmation': 'foobar123'})

        ])

    def test_update(self, name, attrs):

        self.log_user()

        usr = fixture.create_user(self.test_user_1, password='qweqwe',

                                  email='testme@example.com',

                                  extern_type='internal',

                                  extern_name=self.test_user_1,

                                  skip_if_exists=True)

        Session().commit()

        params = usr.get_api_data(True)

        params.update({'password_confirmation': ''})

        params.update({'new_password': ''})

        params.update(attrs)

        if name == 'email':

            params['emails'] = [attrs['email']]

        if name == 'extern_type':

            #cannot update this via form, expected value is original one

            params['extern_type'] = "internal"

        if name == 'extern_name':

            #cannot update this via form, expected value is original one

            params['extern_name'] = self.test_user_1

            # special case since this user is not

                                          # logged in yet his data is not filled

                                          # so we use creation data

        params.update({'_authentication_token': self.authentication_token()})

        response = self.app.put(url('user', id=usr.user_id), params)

        self.checkSessionFlash(response, 'User updated successfully')

        params.pop('_authentication_token')

        updated_user = User.get_by_username(self.test_user_1)

        updated_params = updated_user.get_api_data(True)

        updated_params.update({'password_confirmation': ''})

        updated_params.update({'new_password': ''})

        assert params == updated_params

    def test_delete(self):

        self.log_user()

        username = 'newtestuserdeleteme'

        fixture.create_user(name=username)

        new_user = Session().query(User) \

            .filter(User.username == username).one()

        self.checkSessionFlash(response, 'Successfully deleted user')

    def test_delete_repo_err(self):

        self.log_user()

        username = 'repoerr'

        reponame = u'repoerr_fail'

        fixture.create_user(name=username)

        fixture.create_repo(name=reponame, cur_user=username)

        new_user = Session().query(User) \

            .filter(User.username == username).one()

        self.checkSessionFlash(response, 'User "%s" still '

                               'owns 1 repositories and cannot be removed. '

                               'Switch owners or remove those repositories: '

                               '%s' % (username, reponame))

        response = self.app.post(url('delete_repo', repo_name=reponame),

            params={'_method': 'delete', '_authentication_token': self.authentication_token()})

        self.checkSessionFlash(response, 'Deleted repository %s' % reponame)

        self.checkSessionFlash(response, 'Successfully deleted user')

    def test_delete_repo_group_err(self):

        self.log_user()

        username = 'repogrouperr'

        groupname = u'repogroup_fail'

        fixture.create_user(name=username)

        fixture.create_repo_group(name=groupname, cur_user=username)

        new_user = Session().query(User) \

            .filter(User.username == username).one()

        self.checkSessionFlash(response, 'User "%s" still '

                               'owns 1 repository groups and cannot be removed. '

                               'Switch owners or remove those repository groups: '

                               '%s' % (username, groupname))

        # Relevant _if_ the user deletion succeeded to make sure we can render groups without owner

        # rg = RepoGroup.get_by_group_name(group_name=groupname)

        # response = self.app.get(url('repos_groups', id=rg.group_id))

        response = self.app.post(url('delete_repo_group', group_name=groupname),

            params={'_authentication_token': self.authentication_token()})

        self.checkSessionFlash(response, 'Removed repository group %s' % groupname)

        self.checkSessionFlash(response, 'Successfully deleted user')

    def test_delete_user_group_err(self):

        self.log_user()

        username = 'usergrouperr'

        groupname = u'usergroup_fail'

        fixture.create_user(name=username)

        ug = fixture.create_user_group(name=groupname, cur_user=username)

        new_user = Session().query(User) \

            .filter(User.username == username).one()

        self.checkSessionFlash(response, 'User "%s" still '

                               'owns 1 user groups and cannot be removed. '

                               'Switch owners or remove those user groups: '

                               '%s' % (username, groupname))

        # TODO: why do this fail?

        #response = self.app.delete(url('delete_users_group', id=groupname))

        #self.checkSessionFlash(response, 'Removed user group %s' % groupname)

        fixture.destroy_user_group(ug.users_group_id)

        self.checkSessionFlash(response, 'Successfully deleted user')

    def test_edit(self):

        self.log_user()

        user = User.get_by_username(TEST_USER_ADMIN_LOGIN)

        response = self.app.get(url('edit_user', id=user.user_id))

    def test_add_perm_create_repo(self):

        self.log_user()

        perm_none = Permission.get_by_key('hg.create.none')

        perm_create = Permission.get_by_key('hg.create.repository')

        user = UserModel().create_or_update(username='dummy', password='qwe',

                                            email='dummy', firstname=u'a',

                                            lastname=u'b')

        Session().commit()

        uid = user.user_id

        try:

            #User should have None permission on creation repository

            assert UserModel().has_perm(user, perm_none) == False

            assert UserModel().has_perm(user, perm_create) == False

            response = self.app.post(url('edit_user_perms', id=uid),

                                     params=dict(_method='put',

                                                 create_repo_perm=True,

                                                 _authentication_token=self.authentication_token()))

            perm_none = Permission.get_by_key('hg.create.none')

            perm_create = Permission.get_by_key('hg.create.repository')

            #User should have None permission on creation repository

            assert UserModel().has_perm(uid, perm_none) == False

            assert UserModel().has_perm(uid, perm_create) == True

        finally:

            UserModel().delete(uid)

            Session().commit()

    def test_revoke_perm_create_repo(self):

        self.log_user()

        perm_none = Permission.get_by_key('hg.create.none')

        perm_create = Permission.get_by_key('hg.create.repository')

        user = UserModel().create_or_update(username='dummy', password='qwe',

                                            email='dummy', firstname=u'a',

                                            lastname=u'b')

        Session().commit()

        uid = user.user_id

        try:

            #User should have None permission on creation repository

            assert UserModel().has_perm(user, perm_none) == False

            assert UserModel().has_perm(user, perm_create) == False

            response = self.app.post(url('edit_user_perms', id=uid),

                                     params=dict(_method='put', _authentication_token=self.authentication_token()))

            perm_none = Permission.get_by_key('hg.create.none')

            perm_create = Permission.get_by_key('hg.create.repository')

            #User should have None permission on creation repository

            assert UserModel().has_perm(uid, perm_none) == True

            assert UserModel().has_perm(uid, perm_create) == False

        finally:

            UserModel().delete(uid)

            Session().commit()

    def test_add_perm_fork_repo(self):

        self.log_user()

        perm_none = Permission.get_by_key('hg.fork.none')

        perm_fork = Permission.get_by_key('hg.fork.repository')

        user = UserModel().create_or_update(username='dummy', password='qwe',

                                            email='dummy', firstname=u'a',

                                            lastname=u'b')

        Session().commit()

        uid = user.user_id

        try:

            #User should have None permission on creation repository

            assert UserModel().has_perm(user, perm_none) == False

            assert UserModel().has_perm(user, perm_fork) == False

            response = self.app.post(url('edit_user_perms', id=uid),

                                     params=dict(_method='put',

                                                 create_repo_perm=True,

                                                 _authentication_token=self.authentication_token()))

            perm_none = Permission.get_by_key('hg.create.none')

            perm_create = Permission.get_by_key('hg.create.repository')

            #User should have None permission on creation repository

            assert UserModel().has_perm(uid, perm_none) == False

            assert UserModel().has_perm(uid, perm_create) == True

        finally:

            UserModel().delete(uid)