#!/usr/bin/env python

# encoding: utf-8

# settings controller for pylons

# Copyright (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com>

# 

# This program is free software; you can redistribute it and/or

# modify it under the terms of the GNU General Public License

# as published by the Free Software Foundation; version 2

# of the License or (at your opinion) any later version of the license.

# 

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

# 

# You should have received a copy of the GNU General Public License

# along with this program; if not, write to the Free Software

# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,

# MA  02110-1301, USA.

from formencode import htmlfill

from pylons import tmpl_context as c, request, url

from pylons.controllers.util import redirect

from pylons.i18n.translation import _

from pylons_app.lib.auth import LoginRequired, HasRepoPermissionAllDecorator

from pylons_app.lib.base import BaseController, render

from pylons_app.lib.utils import invalidate_cache

from pylons_app.model.forms import RepoSettingsForm

from pylons_app.model.repo_model import RepoModel

import formencode

import logging

import pylons_app.lib.helpers as h

import traceback

log = logging.getLogger(__name__)

class SettingsController(BaseController):

    @LoginRequired()

    @HasRepoPermissionAllDecorator('repository.admin')           

    def __before__(self):

        super(SettingsController, self).__before__()

    def index(self, repo_name):

        repo_model = RepoModel()

        c.repo_info = repo = repo_model.get(repo_name)

        if not repo:

            h.flash(_('%s repository is not mapped to db perhaps' 

                      ' it was created or renamed from the filesystem'

                      ' please run the application again'

                      ' in order to rescan repositories') % repo_name,

                      category='error')

            return redirect(url('repos'))        

        defaults = c.repo_info.__dict__

        defaults.update({'user':c.repo_info.user.username})

        c.users_array = repo_model.get_users_js()

        for p in c.repo_info.repo2perm:

            defaults.update({'perm_%s' % p.user.username: 

                             p.permission.permission_name})

        return htmlfill.render(

            render('settings/repo_settings.html'),

            defaults=defaults,

            encoding="UTF-8",

            force_defaults=False

        )  

    def update(self, repo_name):

        repo_model = RepoModel()

        _form = RepoSettingsForm(edit=True, old_data={'repo_name':repo_name})()

        try:

            form_result = _form.to_python(dict(request.POST))

            repo_model.update(repo_name, form_result)

            invalidate_cache('cached_repo_list')

            h.flash(_('Repository %s updated succesfully' % repo_name),

                    category='success')

        except formencode.Invalid as errors:

            c.repo_info = repo_model.get(repo_name)

            c.users_array = repo_model.get_users_js()

            errors.value.update({'user':c.repo_info.user.username})

            return htmlfill.render(

                render('settings/repo_settings.html'),

                defaults=errors.value,

                errors=errors.error_dict or {},

                prefix_error=False,

                encoding="UTF-8") 

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('error occured during update of repository %s') \

        self.permissions = {}

def set_available_permissions(config):

    """

    This function will propagate pylons globals with all available defined

    permission given in db. We don't wannt to check each time from db for new 

    permissions since adding a new permission also requires application restart

    ie. to decorate new views with the newly created permission

    @param config:

    """

    log.info('getting information about all available permissions')

    try:

        sa = meta.Session

        all_perms = sa.query(Permission).all()

    finally:

        meta.Session.remove()

    config['available_permissions'] = [x.permission_name for x in all_perms]

def set_base_path(config):

    config['base_path'] = config['pylons.app_globals'].base_path

def fill_perms(user):

    sa = meta.Session

    user.permissions['repositories'] = {}

    #first fetch default permissions

    default_perms = sa.query(Repo2Perm, Repository, Permission)\

        .join((Permission, Repo2Perm.permission_id == Permission.permission_id))\

        .filter(Repo2Perm.user_id == sa.query(User).filter(User.username == 

                                            'default').one().user_id).all()

    if user.is_admin:

        user.permissions['global'] = set(['hg.admin'])

        #admin have all rights full

        for perm in default_perms:

            p = 'repository.admin'

    else:

        user.permissions['global'] = set()

        for perm in default_perms:

            if perm.Repository.private:

                #disable defaults for private repos,

                p = 'repository.none'

            elif perm.Repository.user_id == user.user_id:

                #set admin if owner

                p = 'repository.admin'

            else:

                p = perm.Permission.permission_name

        user_perms = sa.query(Repo2Perm, Permission, Repository)\

            .join((Permission, Repo2Perm.permission_id == Permission.permission_id))\

            .filter(Repo2Perm.user_id == user.user_id).all()

        #overwrite userpermissions with defaults

        for perm in user_perms:

            #set write if owner

            if perm.Repository.user_id == user.user_id:

                p = 'repository.write'

            else:

                p = perm.Permission.permission_name

    meta.Session.remove()         

    return user

def get_user(session):

    """

    Gets user from session, and wraps permissions into user

    @param session:

    """

    user = session.get('hg_app_user', AuthUser())

    if user.is_authenticated:

        user = fill_perms(user)

    session['hg_app_user'] = user

    session.save()

    return user

#===============================================================================

# CHECK DECORATORS

#===============================================================================

class LoginRequired(object):

    """

    Must be logged in to execute this function else redirect to login page

    """

    def __call__(self, func):

        @wraps(func)

        def _wrapper(*fargs, **fkwargs):

            user = session.get('hg_app_user', AuthUser())

            log.debug('Checking login required for user:%s', user.username)

            if user.is_authenticated:

                log.debug('user %s is authenticated', user.username)

                func(*fargs)

            else:

                log.warn('user %s not authenticated', user.username)

                log.debug('redirecting to login page')

                return redirect(url('login_home'))

        web2.ui_key = 'allow_archive'

        web2.ui_value = 'gz zip bz2'

        web3 = HgAppUi()

        web3.ui_section = 'web'

        web3.ui_key = 'allow_push'

        web3.ui_value = '*'

        web4 = HgAppUi()

        web4.ui_section = 'web'

        web4.ui_key = 'baseurl'

        web4.ui_value = '/'                        

        paths = HgAppUi()

        paths.ui_section = 'paths'

        paths.ui_key = '/'

        paths.ui_value = os.path.join(path, '*')

        hgsettings = HgAppSettings()

        hgsettings.app_auth_realm = 'hg-app authentication'

        hgsettings.app_title = 'hg-app'

        try:

            self.sa.add(web1)

            self.sa.add(web2)

            self.sa.add(web3)

            self.sa.add(web4)

            self.sa.add(paths)

            self.sa.add(hgsettings)

            self.sa.commit()

        except:

            self.sa.rollback()

            raise        

        log.info('created ui config')

    def create_user(self, username, password, admin=False):

        log.info('creating default user')

        #create default user for handling default permissions.

        def_user = User()

        def_user.username = 'default'

        def_user.password = get_crypt_password(str(uuid.uuid1())[:8])

        def_user.name = 'default'

        def_user.lastname = 'default'

        def_user.email = 'default@default.com'

        def_user.admin = False

        def_user.active = False

    revision = -1

    message = ''

    @LazyProperty

    def raw_id(self):

        """

        Returns raw string identifing this changeset, useful for web

        representation.

        """

        return '0' * 12

def repo2db_mapper(initial_repo_list, remove_obsolete=False):

    """

    maps all found repositories into db

    """

    from pylons_app.model.repo_model import RepoModel

    sa = meta.Session

    user = sa.query(User).filter(User.admin == True).first()

    rm = RepoModel()

    for name, repo in initial_repo_list.items():

            log.info('repository %s not found creating default', name)

            form_data = {

                         'repo_name':name,

                         'description':repo.description if repo.description != 'unknown' else \

                                        'auto description for %s' % name,

                         'private':False

                         }

            rm.create(form_data, user, just_db=True)

    if remove_obsolete:

        #remove from database those repositories that are not in the filesystem

        for repo in sa.query(Repository).all():

            if repo.repo_name not in initial_repo_list.keys():

                sa.delete(repo)

                sa.commit()

    meta.Session.remove()

from UserDict import DictMixin

class OrderedDict(dict, DictMixin):

    user_log = relation('UserLog')

    @LazyProperty

    def full_contact(self):

        return '%s %s <%s>' % (self.name, self.lastname, self.email)

    def __repr__(self):

        return "<User('%s:%s')>" % (self.user_id, self.username)

class UserLog(Base): 

    __tablename__ = 'user_logs'

    __table_args__ = {'useexisting':True}

    user_log_id = Column("user_log_id", INTEGER(), nullable=False, unique=True, default=None, primary_key=True)

    user_id = Column("user_id", INTEGER(), ForeignKey(u'users.user_id'), nullable=False, unique=None, default=None)

    user_ip = Column("user_ip", TEXT(length=None, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) 

    repository = Column("repository", TEXT(length=None, convert_unicode=False, assert_unicode=None), ForeignKey(u'repositories.repo_name'), nullable=False, unique=None, default=None)

    action = Column("action", TEXT(length=None, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)

    action_date = Column("action_date", DATETIME(timezone=False), nullable=True, unique=None, default=None)

    user = relation('User')

class Repository(Base):

    __tablename__ = 'repositories'

    user_id = Column("user_id", INTEGER(), ForeignKey(u'users.user_id'), nullable=False, unique=False, default=None)

    private = Column("private", BOOLEAN(), nullable=True, unique=None, default=None)

    description = Column("description", TEXT(length=None, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)

    user = relation('User')

    repo2perm = relation('Repo2Perm', cascade='all')

class Permission(Base):

    __tablename__ = 'permissions'

    __table_args__ = {'useexisting':True}

    permission_id = Column("permission_id", INTEGER(), nullable=False, unique=True, default=None, primary_key=True)

    permission_name = Column("permission_name", TEXT(length=None, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)

    permission_longname = Column("permission_longname", TEXT(length=None, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)

    def __repr__(self):

        return "<Permission('%s:%s')>" % (self.permission_id, self.permission_name)

class Repo2Perm(Base):

    __tablename__ = 'repo_to_perm'

    repo2perm_id = Column("repo2perm_id", INTEGER(), nullable=False, unique=True, default=None, primary_key=True)

    user_id = Column("user_id", INTEGER(), ForeignKey(u'users.user_id'), nullable=False, unique=None, default=None)

    permission_id = Column("permission_id", INTEGER(), ForeignKey(u'permissions.permission_id'), nullable=False, unique=None, default=None)

    user = relation('User')

    permission = relation('Permission')

class ValidRepoUser(formencode.validators.FancyValidator):

    def to_python(self, value, state):

        sa = meta.Session

        try:

            self.user_db = sa.query(User)\

                .filter(User.active == True)\

                .filter(User.username == value).one()

        except Exception:

            raise formencode.Invalid(_('This username is not valid'),

                                     value, state)

        meta.Session.remove()            

        return self.user_db.user_id

def ValidRepoName(edit, old_data):    

    class _ValidRepoName(formencode.validators.FancyValidator):

        def to_python(self, value, state):

            slug = h.repo_name_slug(value)

            if slug in ['_admin']:

                raise formencode.Invalid(_('This repository name is disallowed'),

                                         value, state)

            if old_data.get('repo_name') != value or not edit:    

                sa = meta.Session

                    raise formencode.Invalid(_('This repository already exists') ,

                                             value, state)

                meta.Session.remove()

            return slug 

    return _ValidRepoName

class ValidPerms(formencode.validators.FancyValidator):

    messages = {'perm_new_user_name':_('This username is not valid')}

    def to_python(self, value, state):

        perms_update = []

        perms_new = []

        #build a list of permission to update and new permission to create

        for k, v in value.items():

            if k.startswith('perm_'):

                if  k.startswith('perm_new_user'):

                    new_perm = value.get('perm_new_user', False)

                    new_user = value.get('perm_new_user_name', False)

                    if new_user and new_perm:

                        if (new_user, new_perm) not in perms_new:

                            perms_new.append((new_user, new_perm))

                else:

#!/usr/bin/env python

# encoding: utf-8

# model for handling repositories actions

# Copyright (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com>

# This program is free software; you can redistribute it and/or

# modify it under the terms of the GNU General Public License

# as published by the Free Software Foundation; version 2

# of the License or (at your opinion) any later version of the license.

# 

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

# 

# You should have received a copy of the GNU General Public License

# along with this program; if not, write to the Free Software

# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,

# MA  02110-1301, USA.

"""

Created on Jun 5, 2010

model for handling repositories actions

@author: marcink

"""

from pylons_app.model.db import Repository, Repo2Perm, User, Permission

import os

import traceback

log = logging.getLogger(__name__)

class RepoModel(object):

    def __init__(self):

        self.sa = Session()

    def get(self, id):

    def get_users_js(self):

        users = self.sa.query(User).filter(User.active == True).all()

        u_tmpl = '''{id:%s, fname:"%s", lname:"%s", nname:"%s"},'''

        users_array = '[%s];' % '\n'.join([u_tmpl % (u.user_id, u.name,

                                                    u.lastname, u.username) 

                                        for u in users])

        return users_array        

        try:

            #update permissions

            for username, perm in form_data['perms_updates']:

                r2p = self.sa.query(Repo2Perm)\

                        .filter(Repo2Perm.user == self.sa.query(User)\

                                .filter(User.username == username).one())\

                r2p.permission_id = self.sa.query(Permission).filter(

                                                Permission.permission_name == 

                                                perm).one().permission_id

                self.sa.add(r2p)

            for username, perm in form_data['perms_new']:

                r2p = Repo2Perm()

                r2p.user = self.sa.query(User)\

                                .filter(User.username == username).one()

                r2p.permission_id = self.sa.query(Permission).filter(

                self.sa.add(r2p)

            self.sa.add(cur_repo)

            self.sa.commit()

        except:

            log.error(traceback.format_exc())

            self.sa.rollback()

            raise    

    def create(self, form_data, cur_user, just_db=False):

        try:

            repo_name = form_data['repo_name']

            new_repo = Repository()

            for k, v in form_data.items():

                setattr(new_repo, k, v)

            new_repo.user_id = cur_user.user_id

            self.sa.add(new_repo)

            #create default permission

            repo2perm = Repo2Perm()

            default_perm = 'repository.none' if form_data['private'] \

                                                        else 'repository.read'

            repo2perm.permission_id = self.sa.query(Permission)\

                    .filter(Permission.permission_name == default_perm)\

                    .one().permission_id

            repo2perm.user_id = self.sa.query(User)\

                    .filter(User.username == 'default').one().user_id 

            self.sa.add(repo2perm)

            self.sa.commit()

            if not just_db:

                self.__create_repo(repo_name)

        except:

            log.error(traceback.format_exc())

            self.sa.rollback()

            raise    

    def delete(self, repo):

        try:

            self.sa.delete(repo)

            self.sa.commit()

            self.__delete_repo(repo.repo_name)

        except:

            log.error(traceback.format_exc())

            self.sa.rollback()

            raise

    def delete_perm_user(self, form_data, repo_name):

        try:

            self.sa.commit()

        except:

            log.error(traceback.format_exc())

            self.sa.rollback()

            raise

    def __create_repo(self, repo_name):        

        repo_path = os.path.join(g.base_path, repo_name)

        if check_repo(repo_name, g.base_path):

            log.info('creating repo %s in %s', repo_name, repo_path)

            from vcs.backends.hg import MercurialRepository

            MercurialRepository(repo_path, create=True)

    def __rename_repo(self, old, new):

        log.info('renaming repo from %s to %s', old, new)

        old_path = os.path.join(g.base_path, old)

        new_path = os.path.join(g.base_path, new)

        if os.path.isdir(new_path):

            raise Exception('Was trying to rename to already existing dir %s',

                            new_path)        

        shutil.move(old_path, new_path)

    def __delete_repo(self, name):