################################################################################

################################################################################

# RhodeCode - Pylons environment configuration                                 #

#                                                                              # 

# The %(here)s variable will be replaced with the parent directory of this file#

################################################################################

[DEFAULT]

debug = true

pdebug = false

################################################################################

## Uncomment and replace with the address which should receive                ## 

## any error reports after application crash                                  ##

## Additionally those settings will be used by RhodeCode mailing system       ##

################################################################################

#email_to = admin@localhost

#error_email_from = paste_error@localhost

#app_email_from = rhodecode-noreply@localhost

#error_message =

#email_prefix = [RhodeCode]

#smtp_server = mail.server.com

#smtp_username = 

#smtp_password = 

#smtp_port = 

#smtp_use_tls = false

#smtp_use_ssl = true

# Specify available auth parameters here (e.g. LOGIN PLAIN CRAM-MD5, etc.)

#smtp_auth = 

[server:main]

##nr of threads to spawn

threadpool_workers = 5

##max request before thread respawn

threadpool_max_requests = 10

##option to use threads of process

use_threadpool = true

use = egg:Paste#http

host = 0.0.0.0

port = 5000

[app:main]

use = egg:rhodecode

full_stack = true

static_files = true

lang = en

cache_dir = %(here)s/data

index_dir = %(here)s/data/index

app_instance_uuid = rc-develop

cut_off_limit = 256000

force_https = false

commit_parse_limit = 25

use_gravatar = true

container_auth_enabled = false

proxypass_auth_enabled = false

default_encoding = utf8

## overwrite schema of clone url

## available vars:

## scheme - http/https

## user - current user

## pass - password 

## netloc - network location

## path - usually repo_name

#clone_uri = {scheme}://{user}{pass}{netloc}{path}

## issue tracking mapping for commits messages

## comment out issue_pat, issue_server, issue_prefix to enable

## pattern to get the issues from commit messages

## default one used here is #<numbers> with a regex passive group for `#`

## {id} will be all groups matched from this pattern

issue_pat = (?:\s*#)(\d+)

## server url to the issue, each {id} will be replaced with match

## fetched from the regex and {repo} is replaced with repository name

issue_server_link = https://myissueserver.com/{repo}/issue/{id}

## prefix to add to link to indicate it's an url

## #314 will be replaced by <issue_prefix><id>

issue_prefix = #

## instance-id prefix

## a prefix key for this instance used for cache invalidation when running 

## multiple instances of rhodecode, make sure it's globally unique for 

## all running rhodecode instances. Leave empty if you don't use it

instance_id = 

####################################

###        CELERY CONFIG        ####

####################################

use_celery = false

broker.host = localhost

broker.vhost = rabbitmqhost

broker.port = 5672

broker.user = rabbitmq

broker.password = qweqwe

celery.imports = rhodecode.lib.celerylib.tasks

celery.result.backend = amqp

celery.result.dburi = amqp://

celery.result.serialier = json

#celery.send.task.error.emails = true

#celery.amqp.task.result.expires = 18000

celeryd.concurrency = 2

#celeryd.log.file = celeryd.log

celeryd.log.level = debug

celeryd.max.tasks.per.child = 1

#tasks will never be sent to the queue, but executed locally instead.

celery.always.eager = false

####################################

###         BEAKER CACHE        ####

####################################

beaker.cache.data_dir=%(here)s/data/cache/data

beaker.cache.lock_dir=%(here)s/data/cache/lock

beaker.cache.regions=super_short_term,short_term,long_term,sql_cache_short,sql_cache_med,sql_cache_long

beaker.cache.super_short_term.type=memory

beaker.cache.super_short_term.expire=10

beaker.cache.super_short_term.key_length = 256

beaker.cache.short_term.type=memory

beaker.cache.short_term.expire=60

beaker.cache.short_term.key_length = 256

beaker.cache.long_term.type=memory

beaker.cache.long_term.expire=36000

beaker.cache.long_term.key_length = 256

beaker.cache.sql_cache_short.type=memory

beaker.cache.sql_cache_short.expire=10

beaker.cache.sql_cache_short.key_length = 256

beaker.cache.sql_cache_med.type=memory

beaker.cache.sql_cache_med.expire=360

beaker.cache.sql_cache_med.key_length = 256

beaker.cache.sql_cache_long.type=file

beaker.cache.sql_cache_long.expire=3600

beaker.cache.sql_cache_long.key_length = 256

####################################

###       BEAKER SESSION        ####

####################################

## Type of storage used for the session, current types are 

## dbm, file, memcached, database, and memory. 

## The storage uses the Container API 

## that is also used by the cache system.

## db session example

#beaker.session.type = ext:database

#beaker.session.sa.url = postgresql://postgres:qwe@localhost/rhodecode

#beaker.session.table_name = db_session 

## encrypted cookie session, good for many instances

#beaker.session.type = cookie

beaker.session.type = file

beaker.session.key = rhodecode

# secure cookie requires AES python libraries

#beaker.session.encrypt_key = g654dcno0-9873jhgfreyu

#beaker.session.validate_key = 9712sds2212c--zxc123

beaker.session.timeout = 36000

beaker.session.httponly = true

## uncomment for https secure cookie

beaker.session.secure = false

##auto save the session to not to use .save()

beaker.session.auto = False

##true exire at browser close

#beaker.session.cookie_expires = 3600

################################################################################

## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT*  ##

.. _changelog:

=========

Changelog

=========

1.3.4 (**2012-XX-XX**)

----------------------

:status: in-progress

:branch: beta

news

++++

- Whoosh logging is now controlled by the .ini files logging setup

- added clone-url into edit form on /settings page

- added help text into repo add/edit forms

- created rcextensions module with additional mappings (ref #322) and

  post push/pull/create repo hooks callbacks

- implemented #377 Users view for his own permissions on account page

- #399 added inheritance of permissions for users group on repos groups

- #401 repository group is automatically pre-selected when adding repos 

  inside a repository group

fixes

+++++

- fixed #390 cache invalidation problems on repos inside group

- fixed #385 clone by ID url was loosing proxy prefix in URL

- fixed some unicode problems with waitress

- fixed issue with escaping < and > in changeset commits

- fixed error occurring during recursive group creation in API 

  create_repo function

- fixed #393 py2.5 fixes for routes url generator

- fixed #397 Private repository groups shows up before login

- fixed #396 fixed problems with revoking users in nested groups

1.3.3 (**2012-03-02**)

----------------------

news

++++

fixes

+++++

- fixed some python2.5 compatibility issues 

- fixed issues with removed repos was accidentally added as groups, after

  full rescan of paths

- fixes #376 Cannot edit user (using container auth)

- fixes #378 Invalid image urls on changeset screen with proxy-prefix 

  configuration

- fixed initial sorting of repos inside repo group

- fixes issue when user tried to resubmit same permission into user/user_groups

- bumped beaker version that fixes #375 leap error bug

- fixed raw_changeset for git. It was generated with hg patch headers

- fixed vcs issue with last_changeset for filenodes

- fixed missing commit after hook delete

- fixed #372 issues with git operation detection that caused a security issue 

  for git repos

1.3.2 (**2012-02-28**)

----------------------

news

++++

fixes

+++++

- fixed git protocol issues with repos-groups

- fixed git remote repos validator that prevented from cloning remote git repos

- fixes #370 ending slashes fixes for repo and groups

- fixes #368 improved git-protocol detection to handle other clients

- fixes #366 When Setting Repository Group To Blank Repo Group Wont Be 

  Moved To Root

- fixes #371 fixed issues with beaker/sqlalchemy and non-ascii cache keys 

- fixed #373 missing cascade drop on user_group_to_perm table

1.3.1 (**2012-02-27**)

----------------------

news

++++

fixes

+++++

- redirection loop occurs when remember-me wasn't checked during login

- fixes issues with git blob history generation 

- don't fetch branch for git in file history dropdown. Causes unneeded slowness

1.3.0 (**2012-02-26**)

----------------------

news

++++

- code review, inspired by github code-comments 

- #215 rst and markdown README files support

- #252 Container-based and proxy pass-through authentication support

- #44 branch browser. Filtering of changelog by branches

- mercurial bookmarks support

- new hover top menu, optimized to add maximum size for important views

- configurable clone url template with possibility to specify  protocol like 

  ssh:// or http:// and also manually alter other parts of clone_url.

- enabled largefiles extension by default

- optimized summary file pages and saved a lot of unused space in them

- #239 option to manually mark repository as fork

- #320 mapping of commit authors to RhodeCode users

- #304 hashes are displayed using monospace font    

- diff configuration, toggle white lines and context lines

- #307 configurable diffs, whitespace toggle, increasing context lines

- sorting on branches, tags and bookmarks using YUI datatable

- improved file filter on files page

- implements #330 api method for listing nodes ar particular revision

################################################################################

################################################################################

# RhodeCode - Pylons environment configuration                                 #

#                                                                              # 

# The %(here)s variable will be replaced with the parent directory of this file#

################################################################################

[DEFAULT]

debug = true

pdebug = false

################################################################################

## Uncomment and replace with the address which should receive                ## 

## any error reports after application crash                                  ##

## Additionally those settings will be used by RhodeCode mailing system       ##

################################################################################

#email_to = admin@localhost

#error_email_from = paste_error@localhost

#app_email_from = rhodecode-noreply@localhost

#error_message =

#email_prefix = [RhodeCode]

#smtp_server = mail.server.com

#smtp_username = 

#smtp_password = 

#smtp_port = 

#smtp_use_tls = false

#smtp_use_ssl = true

# Specify available auth parameters here (e.g. LOGIN PLAIN CRAM-MD5, etc.)

#smtp_auth = 

[server:main]

##nr of threads to spawn

threadpool_workers = 5

##max request before thread respawn

threadpool_max_requests = 10

##option to use threads of process

use_threadpool = true

use = egg:Paste#http

host = 127.0.0.1

port = 8001

[app:main]

use = egg:rhodecode

full_stack = true

static_files = true

lang = en

cache_dir = %(here)s/data

index_dir = %(here)s/data/index

app_instance_uuid = rc-production

cut_off_limit = 256000

force_https = false

commit_parse_limit = 50

use_gravatar = true

container_auth_enabled = false

proxypass_auth_enabled = false

default_encoding = utf8

## overwrite schema of clone url

## available vars:

## scheme - http/https

## user - current user

## pass - password 

## netloc - network location

## path - usually repo_name

#clone_uri = {scheme}://{user}{pass}{netloc}{path}

## issue tracking mapping for commits messages

## comment out issue_pat, issue_server, issue_prefix to enable

## pattern to get the issues from commit messages

## default one used here is #<numbers> with a regex passive group for `#`

## {id} will be all groups matched from this pattern

issue_pat = (?:\s*#)(\d+)

## server url to the issue, each {id} will be replaced with match

## fetched from the regex and {repo} is replaced with repository name

issue_server_link = https://myissueserver.com/{repo}/issue/{id}

## prefix to add to link to indicate it's an url

## #314 will be replaced by <issue_prefix><id>

issue_prefix = #

## instance-id prefix

## a prefix key for this instance used for cache invalidation when running 

## multiple instances of rhodecode, make sure it's globally unique for 

## all running rhodecode instances. Leave empty if you don't use it

instance_id = 

####################################

###        CELERY CONFIG        ####

####################################

use_celery = false

broker.host = localhost

broker.vhost = rabbitmqhost

broker.port = 5672

broker.user = rabbitmq

broker.password = qweqwe

celery.imports = rhodecode.lib.celerylib.tasks

celery.result.backend = amqp

celery.result.dburi = amqp://

celery.result.serialier = json

#celery.send.task.error.emails = true

#celery.amqp.task.result.expires = 18000

celeryd.concurrency = 2

#celeryd.log.file = celeryd.log

celeryd.log.level = debug

celeryd.max.tasks.per.child = 1

#tasks will never be sent to the queue, but executed locally instead.

celery.always.eager = false

####################################

###         BEAKER CACHE        ####

####################################

beaker.cache.data_dir=%(here)s/data/cache/data

beaker.cache.lock_dir=%(here)s/data/cache/lock

beaker.cache.regions=super_short_term,short_term,long_term,sql_cache_short,sql_cache_med,sql_cache_long

beaker.cache.super_short_term.type=memory

beaker.cache.super_short_term.expire=10

beaker.cache.super_short_term.key_length = 256

beaker.cache.short_term.type=memory

beaker.cache.short_term.expire=60

beaker.cache.short_term.key_length = 256

beaker.cache.long_term.type=memory

beaker.cache.long_term.expire=36000

beaker.cache.long_term.key_length = 256

beaker.cache.sql_cache_short.type=memory

beaker.cache.sql_cache_short.expire=10

beaker.cache.sql_cache_short.key_length = 256

beaker.cache.sql_cache_med.type=memory

beaker.cache.sql_cache_med.expire=360

beaker.cache.sql_cache_med.key_length = 256

beaker.cache.sql_cache_long.type=file

beaker.cache.sql_cache_long.expire=3600

beaker.cache.sql_cache_long.key_length = 256

####################################

###       BEAKER SESSION        ####

####################################

## Type of storage used for the session, current types are 

## dbm, file, memcached, database, and memory. 

## The storage uses the Container API 

## that is also used by the cache system.

## db session example

#beaker.session.type = ext:database

#beaker.session.sa.url = postgresql://postgres:qwe@localhost/rhodecode

#beaker.session.table_name = db_session 

## encrypted cookie session, good for many instances

#beaker.session.type = cookie

beaker.session.type = file

beaker.session.key = rhodecode

# secure cookie requires AES python libraries

#beaker.session.encrypt_key = g654dcno0-9873jhgfreyu

#beaker.session.validate_key = 9712sds2212c--zxc123

beaker.session.timeout = 36000

beaker.session.httponly = true

## uncomment for https secure cookie

beaker.session.secure = false

##auto save the session to not to use .save()

beaker.session.auto = False

##true exire at browser close

#beaker.session.cookie_expires = 3600

################################################################################

## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT*  ##

################################################################################

################################################################################

# RhodeCode - Pylons environment configuration                                 #

#                                                                              # 

# The %(here)s variable will be replaced with the parent directory of this file#

################################################################################

[DEFAULT]

debug = true

pdebug = false

################################################################################

## Uncomment and replace with the address which should receive                ## 

## any error reports after application crash                                  ##

## Additionally those settings will be used by RhodeCode mailing system       ##

################################################################################

#email_to = admin@localhost

#error_email_from = paste_error@localhost

#app_email_from = rhodecode-noreply@localhost

#error_message =

#email_prefix = [RhodeCode]

#smtp_server = mail.server.com

#smtp_username = 

#smtp_password = 

#smtp_port = 

#smtp_use_tls = false

#smtp_use_ssl = true

# Specify available auth parameters here (e.g. LOGIN PLAIN CRAM-MD5, etc.)

#smtp_auth = 

[server:main]

##nr of threads to spawn

threadpool_workers = 5

##max request before thread respawn

threadpool_max_requests = 10

##option to use threads of process

use_threadpool = true

use = egg:Paste#http

host = 127.0.0.1

port = 5000

[app:main]

use = egg:rhodecode

full_stack = true

static_files = true

lang = en

cache_dir = %(here)s/data

index_dir = %(here)s/data/index

app_instance_uuid = ${app_instance_uuid}

cut_off_limit = 256000

force_https = false

commit_parse_limit = 50

use_gravatar = true

container_auth_enabled = false

proxypass_auth_enabled = false

default_encoding = utf8

## overwrite schema of clone url

## available vars:

## scheme - http/https

## user - current user

## pass - password 

## netloc - network location

## path - usually repo_name

#clone_uri = {scheme}://{user}{pass}{netloc}{path}

## issue tracking mapping for commits messages

## comment out issue_pat, issue_server, issue_prefix to enable

## pattern to get the issues from commit messages

## default one used here is #<numbers> with a regex passive group for `#`

## {id} will be all groups matched from this pattern

issue_pat = (?:\s*#)(\d+)

## server url to the issue, each {id} will be replaced with match

## fetched from the regex and {repo} is replaced with repository name

issue_server_link = https://myissueserver.com/{repo}/issue/{id}

## prefix to add to link to indicate it's an url

## #314 will be replaced by <issue_prefix><id>

issue_prefix = #

## instance-id prefix

## a prefix key for this instance used for cache invalidation when running 

## multiple instances of rhodecode, make sure it's globally unique for 

## all running rhodecode instances. Leave empty if you don't use it

instance_id = 

####################################

###        CELERY CONFIG        ####

####################################

use_celery = false

broker.host = localhost

broker.vhost = rabbitmqhost

broker.port = 5672

broker.user = rabbitmq

broker.password = qweqwe

celery.imports = rhodecode.lib.celerylib.tasks

celery.result.backend = amqp

celery.result.dburi = amqp://

celery.result.serialier = json

#celery.send.task.error.emails = true

#celery.amqp.task.result.expires = 18000

celeryd.concurrency = 2

#celeryd.log.file = celeryd.log

celeryd.log.level = debug

celeryd.max.tasks.per.child = 1

#tasks will never be sent to the queue, but executed locally instead.

celery.always.eager = false

####################################

###         BEAKER CACHE        ####

####################################

beaker.cache.data_dir=%(here)s/data/cache/data

beaker.cache.lock_dir=%(here)s/data/cache/lock

beaker.cache.regions=super_short_term,short_term,long_term,sql_cache_short,sql_cache_med,sql_cache_long

beaker.cache.super_short_term.type=memory

beaker.cache.super_short_term.expire=10

beaker.cache.super_short_term.key_length = 256

beaker.cache.short_term.type=memory

beaker.cache.short_term.expire=60

beaker.cache.short_term.key_length = 256

beaker.cache.long_term.type=memory

beaker.cache.long_term.expire=36000

beaker.cache.long_term.key_length = 256

beaker.cache.sql_cache_short.type=memory

beaker.cache.sql_cache_short.expire=10

beaker.cache.sql_cache_short.key_length = 256

beaker.cache.sql_cache_med.type=memory

beaker.cache.sql_cache_med.expire=360

beaker.cache.sql_cache_med.key_length = 256

beaker.cache.sql_cache_long.type=file

beaker.cache.sql_cache_long.expire=3600

beaker.cache.sql_cache_long.key_length = 256

####################################

###       BEAKER SESSION        ####

####################################

## Type of storage used for the session, current types are 

## dbm, file, memcached, database, and memory. 

## The storage uses the Container API 

## that is also used by the cache system.

## db session example

#beaker.session.type = ext:database

#beaker.session.sa.url = postgresql://postgres:qwe@localhost/rhodecode

#beaker.session.table_name = db_session 

## encrypted cookie session, good for many instances

#beaker.session.type = cookie

beaker.session.type = file

beaker.session.key = rhodecode

# secure cookie requires AES python libraries

#beaker.session.encrypt_key = ${app_instance_secret}

#beaker.session.validate_key = ${app_instance_secret}

beaker.session.timeout = 36000

beaker.session.httponly = true

## uncomment for https secure cookie

beaker.session.secure = false

##auto save the session to not to use .save()

beaker.session.auto = False

##true exire at browser close

#beaker.session.cookie_expires = 3600

################################################################################

## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT*  ##

"""The base Controller API

Provides the BaseController class for subclassing.

"""

import logging

import time

import traceback

from paste.auth.basic import AuthBasicAuthenticator

from pylons import config, tmpl_context as c, request, session, url

from pylons.controllers import WSGIController

from pylons.controllers.util import redirect

from pylons.templating import render_mako as render

from rhodecode import __version__, BACKENDS

from rhodecode.lib.utils2 import str2bool, safe_unicode

from rhodecode.lib.auth import AuthUser, get_container_username, authfunc,\

    HasPermissionAnyMiddleware, CookieStoreWrapper

from rhodecode.lib.utils import get_repo_slug, invalidate_cache

from rhodecode.model import meta

from rhodecode.model.db import Repository

from rhodecode.model.notification import NotificationModel

from rhodecode.model.scm import ScmModel

log = logging.getLogger(__name__)

class BaseVCSController(object):

    def __init__(self, application, config):

        self.application = application

        self.config = config

        # base path of repo locations

        self.basepath = self.config['base_path']

        #authenticate this mercurial request using authfunc

        self.ipaddr = '0.0.0.0'

    def _handle_request(self, environ, start_response):

        raise NotImplementedError()

    def _get_by_id(self, repo_name):

        """

        Get's a special pattern _<ID> from clone url and tries to replace it

        with a repository_name for support of _<ID> non changable urls

        :param repo_name:

        """

        try:

            data = repo_name.split('/')

            if len(data) >= 2:

                by_id = data[1].split('_')

                if len(by_id) == 2 and by_id[1].isdigit():

                    _repo_name = Repository.get(by_id[1]).repo_name

                    data[1] = _repo_name

        except:

            log.debug('Failed to extract repo_name from id %s' % (

                      traceback.format_exc()

                      )

            )

        return '/'.join(data)

    def _invalidate_cache(self, repo_name):

        """

        Set's cache for this repository for invalidation on next access

        :param repo_name: full repo name, also a cache key

        """

        invalidate_cache('get_repo_cached_%s' % repo_name)

    def _check_permission(self, action, user, repo_name):

        """

        Checks permissions using action (push/pull) user and repository

        name

        :param action: push or pull action

        :param user: user instance

        :param repo_name: repository name

        """

        if action == 'push':

            if not HasPermissionAnyMiddleware('repository.write',

                                              'repository.admin')(user,

                                                                  repo_name):

                return False

        else:

            #any other action need at least read permission

            if not HasPermissionAnyMiddleware('repository.read',

                                              'repository.write',

                                              'repository.admin')(user,

                                                                  repo_name):

                return False

        return True

    def __call__(self, environ, start_response):

        start = time.time()

        try:

            return self._handle_request(environ, start_response)

        finally:

            log = logging.getLogger('rhodecode.' + self.__class__.__name__)

            log.debug('Request time: %.3fs' % (time.time() - start))

            meta.Session.remove()

class BaseController(WSGIController):

    def __before__(self):

        c.rhodecode_version = __version__

        c.rhodecode_instanceid = config.get('instance_id')

        c.rhodecode_name = config.get('rhodecode_title')

        c.use_gravatar = str2bool(config.get('use_gravatar'))

        c.ga_code = config.get('rhodecode_ga_code')

        c.repo_name = get_repo_slug(request)

        c.backends = BACKENDS.keys()

        c.unread_notifications = NotificationModel()\

                        .get_unread_cnt_for_user(c.rhodecode_user.user_id)

        self.cut_off_limit = int(config.get('cut_off_limit'))

        self.sa = meta.Session

        self.scm_model = ScmModel(self.sa)