celery.worker_max_tasks_per_child = 1

## If true, tasks will never be sent to the queue, but executed locally instead.

celery.task_always_eager = false

####################################

###         BEAKER CACHE        ####

####################################

beaker.cache.data_dir = %(here)s/data/cache/data

beaker.cache.lock_dir = %(here)s/data/cache/lock

beaker.cache.short_term.type = memory

beaker.cache.short_term.expire = 60

beaker.cache.short_term.key_length = 256

beaker.cache.long_term.type = memory

beaker.cache.long_term.expire = 36000

beaker.cache.long_term.key_length = 256

beaker.cache.long_term_file.type = file

beaker.cache.long_term_file.expire = 604800

beaker.cache.long_term_file.key_length = 256

####################################

###       BEAKER SESSION        ####

####################################

## Name of session cookie. Should be unique for a given host and path, even when running

## on different ports. Otherwise, cookie sessions will be shared and messed up.

session.key = kallithea

## Sessions should always only be accessible by the browser, not directly by JavaScript.

import string

import bcrypt

import ipaddr

from decorator import decorator

from sqlalchemy.orm import joinedload

from sqlalchemy.orm.exc import ObjectDeletedError

from tg import request

from tg.i18n import ugettext as _

from webob.exc import HTTPForbidden, HTTPFound

from kallithea.config.routing import url

from kallithea.lib.utils import conditional_cache, get_repo_group_slug, get_repo_slug, get_user_group_slug

from kallithea.lib.utils2 import ascii_bytes, ascii_str, safe_bytes

from kallithea.lib.vcs.utils.lazy import LazyProperty

from kallithea.model.db import (Permission, User, UserApiKeys, UserGroup, UserGroupMember, UserGroupRepoGroupToPerm, UserGroupRepoToPerm, UserGroupToPerm,

                                UserGroupUserGroupToPerm, UserIpMap, UserToPerm)

from kallithea.model.meta import Session

from kallithea.model.user import UserModel

log = logging.getLogger(__name__)

        Assuming the permissions are comparable, set the new permission if it

        has higher weight, else drop it and keep the old permission.

        """

        cur_perm = permissions[kind][key]

        new_perm_val = PERM_WEIGHTS[new_perm]

        cur_perm_val = PERM_WEIGHTS[cur_perm]

        if new_perm_val > cur_perm_val:

            permissions[kind][key] = new_perm

    #======================================================================

    # fetch default permissions

    #======================================================================

    default_user_id = default_user.user_id

    default_repo_perms = Permission.get_default_perms(default_user_id)

    default_repo_groups_perms = Permission.get_default_group_perms(default_user_id)

    default_user_group_perms = Permission.get_default_user_group_perms(default_user_id)

    if user_is_admin:

        #==================================================================

        # admin users have all rights;

        # based on default permissions, just set everything to admin

        #==================================================================

        permissions[GLOBAL].add('hg.admin')

    @classmethod

    def make(cls, dbuser=None, is_external_auth=False, ip_addr=None):

        """Create an AuthUser to be authenticated ... or return None if user for some reason can't be authenticated.

        Checks that a non-None dbuser is provided, is active, and that the IP address is ok.

        """

        assert ip_addr is not None

        if dbuser is None:

            log.info('No db user for authentication')

            return None

        if not dbuser.active:

            log.info('Db user %s not active', dbuser.username)

            return None

        if not check_ip_access(source_ip=ip_addr, allowed_ips=allowed_ips):

            log.info('Access for %s from %s forbidden - not in %s', dbuser.username, ip_addr, allowed_ips)

            return None

        return cls(dbuser=dbuser, is_external_auth=is_external_auth)

    def __init__(self, user_id=None, dbuser=None, is_external_auth=False):

        self.is_external_auth = is_external_auth # container auth - don't show logout option

        # These attributes will be overridden below if the requested user is

        # found or anonymous access (using the default user) is enabled.

        self.user_id = None

        self.username = None

    @staticmethod

    def from_cookie(cookie, ip_addr):

        """

        Deserializes an `AuthUser` from a cookie `dict` ... or return None.

        """

        return AuthUser.make(

            dbuser=UserModel().get(cookie.get('user_id')),

            is_external_auth=cookie.get('is_external_auth', False),

            ip_addr=ip_addr,

        )

    @classmethod

        _set = set()

        default_ips = UserIpMap.query().filter(UserIpMap.user_id ==

        for ip in default_ips:

            try:

                _set.add(ip.ip_addr)

            except ObjectDeletedError:

                # since we use heavy caching sometimes it happens that we get

                # deleted objects here, we just skip them

                pass

        user_ips = UserIpMap.query().filter(UserIpMap.user_id == user_id)

        for ip in user_ips:

            try:

                _set.add(ip.ip_addr)

            except ObjectDeletedError:

                # since we use heavy caching sometimes it happens that we get

                # deleted objects here, we just skip them

                pass

        return _set or set(['0.0.0.0/0', '::/0'])

#==============================================================================

# CHECK DECORATORS

    def _authorize(self, environ, action, repo_name, ip_addr):

        """Authenticate and authorize user.

        Since we're dealing with a VCS client and not a browser, we only

        support HTTP basic authentication, either directly via raw header

        inspection, or by using container authentication to delegate the

        authentication to the web server.

        Returns (user, None) on successful authentication and authorization.

        Returns (None, wsgi_app) to send the wsgi_app response to the client.

        """

        # Use anonymous access if allowed for action on repo.

        default_authuser = AuthUser.make(dbuser=default_user, ip_addr=ip_addr)

        if default_authuser is None:

            log.debug('No anonymous access at all') # move on to proper user auth

        else:

            if self._check_permission(action, default_authuser, repo_name):

                return default_authuser, None

            log.debug('Not authorized to access this repository as anonymous user')

        username = None

        #==============================================================

        # DEFAULT PERM FAILED OR ANONYMOUS ACCESS IS DISABLED SO WE

        # NEED TO AUTHENTICATE AND ASK FOR AUTH USER PERMISSIONS

            try:

                user_info = auth_modules.authenticate('', '', request.environ)

            except UserCreationError as e:

                from kallithea.lib import helpers as h

                h.flash(e, 'error', logf=log.error)

            else:

                if user_info is not None:

                    username = user_info['username']

                    user = User.get_by_username(username, case_insensitive=True)

                    return log_in_user(user, remember=False, is_external_auth=True, ip_addr=ip_addr)

        # User is default user (if active) or anonymous

        authuser = AuthUser.make(dbuser=default_user, ip_addr=ip_addr)

        if authuser is None: # fall back to anonymous

            authuser = AuthUser(dbuser=default_user) # TODO: somehow use .make?

        return authuser

    @staticmethod

    def _basic_security_checks():

        """Perform basic security/sanity checks before processing the request."""

        # Only allow the following HTTP request methods.

        if request.method not in ['GET', 'HEAD', 'POST']:

            raise webob.exc.HTTPMethodNotAllowed()

    else:

        _type = repository

    return _type == 'hg'

@cache_region('long_term', 'user_attr_or_none')

def user_attr_or_none(author, show_attr):

    """Try to match email part of VCS committer string with a local user and return show_attr

    - or return None if user not found"""

    email = author_email(author)

    if email:

        from kallithea.model.db import User

        if user is not None:

            return getattr(user, show_attr)

    return None

def email_or_none(author):

    """Try to match email part of VCS committer string with a local user.

    Return primary email of user, email part of the specified author name, or None."""

    if not author:

        return None

    email = user_attr_or_none(author, 'email')

    if email is not None:

celery.worker_max_tasks_per_child = 1

<%text>## If true, tasks will never be sent to the queue, but executed locally instead.</%text>

celery.task_always_eager = false

<%text>####################################</%text>

<%text>###         BEAKER CACHE        ####</%text>

<%text>####################################</%text>

beaker.cache.data_dir = %(here)s/data/cache/data

beaker.cache.lock_dir = %(here)s/data/cache/lock

beaker.cache.short_term.type = memory

beaker.cache.short_term.expire = 60

beaker.cache.short_term.key_length = 256

beaker.cache.long_term.type = memory

beaker.cache.long_term.expire = 36000

beaker.cache.long_term.key_length = 256

beaker.cache.long_term_file.type = file

beaker.cache.long_term_file.expire = 604800

beaker.cache.long_term_file.key_length = 256

<%text>####################################</%text>

<%text>###       BEAKER SESSION        ####</%text>

<%text>####################################</%text>

<%text>## Name of session cookie. Should be unique for a given host and path, even when running</%text>

<%text>## on different ports. Otherwise, cookie sessions will be shared and messed up.</%text>

session.key = kallithea

<%text>## Sessions should always only be accessible by the browser, not directly by JavaScript.</%text>

import ipaddr

import sqlalchemy

from beaker.cache import cache_region, region_invalidate

from sqlalchemy import Boolean, Column, DateTime, Float, ForeignKey, Index, Integer, LargeBinary, String, Unicode, UnicodeText, UniqueConstraint

from sqlalchemy.ext.hybrid import hybrid_property

from sqlalchemy.orm import class_mapper, joinedload, relationship, validates

from tg.i18n import lazy_ugettext as _

from webob.exc import HTTPNotFound

import kallithea

from kallithea.lib import ext_json

from kallithea.lib.exceptions import DefaultUserException

from kallithea.lib.utils2 import (Optional, ascii_bytes, aslist, get_changeset_safe, get_clone_url, remove_prefix, safe_bytes, safe_int, safe_str, str2bool,

                                  urlreadable)

from kallithea.lib.vcs import get_backend

from kallithea.lib.vcs.backends.base import EmptyChangeset

from kallithea.lib.vcs.utils.helpers import get_scm

from kallithea.model.meta import Base, Session

URL_SEP = '/'

log = logging.getLogger(__name__)

            Session().add(res)

        else:

            res.app_settings_name = key

            if not isinstance(val, Optional):

                # update if set

                res.app_settings_value = val

            if not isinstance(type, Optional):

                # update if set

                res.app_settings_type = type

        return res

    @classmethod

        ret = cls.query()

        if ret is None:

            raise Exception('Could not get application settings !')

        settings = {}

        for each in ret:

            settings[each.app_settings_name] = \

                each.app_settings_value

        return settings

    @classmethod

        ret = cls.query() \

                .filter(cls.app_settings_name.startswith('auth_')).all()

        fd = {}

        for row in ret:

            fd[row.app_settings_name] = row.app_settings_value

        return fd

    @classmethod

        ret = cls.query() \

                .filter(cls.app_settings_name.startswith('default_')).all()

        fd = {}

        for row in ret:

            key = row.app_settings_name

            if strip_prefix:

                key = remove_prefix(key, prefix='default_')

            fd.update({key: row.app_settings_value})

        return fd

    @classmethod

    @classmethod

    def get_or_404(cls, id_, allow_default=True):

        '''

        Overridden version of BaseDbModel.get_or_404, with an extra check on

        the default user.

        '''

        user = super(User, cls).get_or_404(id_)

        if not allow_default and user.is_default_user:

            raise DefaultUserException()

        return user

    @classmethod

        """

        For anything that looks like an email address, look up by the email address (matching

        case insensitively).

        For anything else, try to look up by the user name.

        This assumes no normal username can have '@' symbol.

        """

        if '@' in username_or_email:

        else:

    @classmethod

        if case_insensitive:

            q = cls.query().filter(sqlalchemy.func.lower(cls.username) == sqlalchemy.func.lower(username))

        else:

            q = cls.query().filter(cls.username == username)

        return q.scalar()

    @classmethod

        if len(api_key) != 40 or not api_key.isalnum():

            return None

        q = cls.query().filter(cls.api_key == api_key)

        res = q.scalar()

        if fallback and not res:

            # fallback to additional keys

            _res = UserApiKeys.query().filter_by(api_key=api_key, is_expired=False).first()

            if _res:

                res = _res.user

        if res is None or not res.active or res.is_default_user:

            return None

        return res

    @classmethod

    def get_by_email(cls, email, cache=False):

        q = cls.query().filter(sqlalchemy.func.lower(cls.email) == sqlalchemy.func.lower(email))

        ret = q.scalar()

        if ret is None:

            q = UserEmailMap.query()

            # try fetching in alternate email map

            q = q.filter(sqlalchemy.func.lower(UserEmailMap.email) == sqlalchemy.func.lower(email))

            q = q.options(joinedload(UserEmailMap.user))

            ret = getattr(q.scalar(), 'user', None)

        return ret

    @classmethod

    def get_from_cs_author(cls, author):

        """

        Tries to get User objects out of commit author string

        :param author:

        """

        from kallithea.lib.helpers import email, author_name

        """Update user lastlogin"""

        self.last_login = datetime.datetime.now()

        log.debug('updated user %s lastlogin', self.username)

    @classmethod

    def get_first_admin(cls):

        user = User.query().filter(User.admin == True).first()

        if user is None:

            raise Exception('Missing administrative account!')

        return user

    @classmethod

        if user is None:

            raise Exception('Missing default account!')

        return user

    def get_api_data(self, details=False):

        """

        Common function for generating user related data for API

        """

        user = self

        data = dict(

            user_id=user.user_id,

            username=user.username,

            log.error(traceback.format_exc())

    def __repr__(self):

        return "<%s %s: %r')>" % (self.__class__.__name__,

                                  self.users_group_id,

                                  self.users_group_name)

    @classmethod

    def guess_instance(cls, value):

        return super(UserGroup, cls).guess_instance(value, UserGroup.get_by_group_name)

    @classmethod

        if case_insensitive:

            q = cls.query().filter(sqlalchemy.func.lower(cls.users_group_name) == sqlalchemy.func.lower(group_name))

        else:

            q = cls.query().filter(cls.users_group_name == group_name)

        return q.scalar()

    @classmethod

        user_group = cls.query()

        return user_group.get(user_group_id)

    def get_api_data(self, with_members=True):

        user_group = self

        data = dict(

            users_group_id=user_group.users_group_id,

            group_name=user_group.users_group_name,

            group_description=user_group.user_group_description,

            active=user_group.users_group_active,

            owner=user_group.owner.username,

        )

    @classmethod

    def groups_choices(cls, groups):

        """Return tuples with group_id and name as html literal."""

        return sorted((cls._generate_choice(g) for g in groups),

                      key=lambda c: c[1].split(cls.SEP))

    @classmethod

    def guess_instance(cls, value):

        return super(RepoGroup, cls).guess_instance(value, RepoGroup.get_by_group_name)

    @classmethod

        group_name = group_name.rstrip('/')

        if case_insensitive:

            gr = cls.query() \

                .filter(sqlalchemy.func.lower(cls.group_name) == sqlalchemy.func.lower(group_name))

        else:

            gr = cls.query() \

                .filter(cls.group_name == group_name)

        return gr.scalar()

    @property

    def parents(self):

        groups = []

        group = self.parent_group

        while group is not None:

            groups.append(group)

            group = group.parent_group

            assert group not in groups, group # avoid recursion on bad db content

        groups.reverse()

        return groups

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

SQLAlchemy Metadata and Session object

"""

from beaker import cache

from sqlalchemy.ext.declarative import declarative_base

from sqlalchemy.orm import scoped_session, sessionmaker

# Beaker CacheManager.  A home base for cache configurations.

cache_manager = cache.CacheManager()

__all__ = ['Base', 'Session']

#

# SQLAlchemy session manager.

#

Session = scoped_session(session_factory)

# The base class for declarative schemas in db.py

# Engine is injected when model.__init__.init_model() sets meta.Base.metadata.bind

Base = declarative_base()

# Define naming conventions for foreign keys, primary keys, indexes,

# check constraints, and unique constraints, respectively.

Base.metadata.naming_convention = {

    'fk': 'fk_%(table_name)s_%(column_0_name)s',

    'pk': 'pk_%(table_name)s',

    'ix': 'ix_%(column_0_label)s',

    'ck': 'ck_%(table_name)s_%(column_0_name)s',

    'uq': 'uq_%(table_name)s_%(column_0_name)s',

}

# For custom CheckConstraints (not those autogenerated e.g. for Boolean

# types), a name should be given explicitly, since "column_0" is here a

    @LazyProperty

    def repos_path(self):

        """

        Gets the repositories root path from database

        """

        q = Ui.query().filter(Ui.ui_key == '/').one()

        return q.ui_value

    def get(self, repo_id):

        repo = Repository.query() \

            .filter(Repository.repo_id == repo_id)

        return repo.scalar()

    def get_repo(self, repository):

        return Repository.guess_instance(repository)

    def get_by_repo_name(self, repo_name):

        repo = Repository.query() \

            .filter(Repository.repo_name == repo_name)

        return repo.scalar()

    def get_all_user_repos(self, user):

        """

        Gets all repositories that user have at least read access

        :param user:

        """

        from kallithea.lib.auth import AuthUser

        auth_user = AuthUser(dbuser=User.guess_instance(user))

        repos = [repo_name

            for repo_name, perm in auth_user.permissions['repositories'].items()

import hashlib

import hmac

import logging

import time

import traceback

from sqlalchemy.exc import DatabaseError

from tg import config

from tg.i18n import ugettext as _

from kallithea.lib.exceptions import DefaultUserException, UserOwnsReposException

from kallithea.lib.utils2 import generate_api_key, get_current_authuser

from kallithea.model.db import Permission, User, UserEmailMap, UserIpMap, UserToPerm

from kallithea.model.meta import Session

log = logging.getLogger(__name__)

class UserModel(object):

    password_reset_token_lifetime = 86400 # 24 hours

        user = User.query()

        return user.get(user_id)

    def get_user(self, user):

        return User.guess_instance(user)

    def create(self, form_data, cur_user=None):

        if not cur_user:

            cur_user = getattr(get_current_authuser(), 'username', None)

        from kallithea.lib.hooks import log_create_user, \

            check_allowed_create_user

        _fd = form_data

            'registered_user_url': edit_url,

            'new_username': new_user.username,

            'new_email': new_user.email,

            'new_full_name': new_user.full_name}

        NotificationModel().create(created_by=new_user, subject=subject,

                                   body=body, recipients=None,

                                   type_=NotificationModel.TYPE_REGISTRATION,

                                   email_kwargs=email_kwargs)

    def update(self, user_id, form_data, skip_attrs=None):

        from kallithea.lib.auth import get_crypt_password

        skip_attrs = skip_attrs or []

        if user.is_default_user:

            raise DefaultUserException(

                            _("You can't edit this user since it's "

                              "crucial for entire application"))

        for k, v in form_data.items():

            if k in skip_attrs:

                continue

            if k == 'new_password' and v:

                user.password = get_crypt_password(v)

            else:

                # old legacy thing orm models store firstname as name,

                # check if we have permissions to alter this usergroup's access

                if HasUserGroupPermissionLevel('read')(member):

                    self.grant_user_group_permission(

                        target_user_group=user_group, user_group=member, perm=perm

                    )

    def get(self, user_group_id):

        return UserGroup.get(user_group_id)

    def get_group(self, user_group):

        return UserGroup.guess_instance(user_group)

    def create(self, name, description, owner, active=True, group_data=None):

        try:

            new_user_group = UserGroup()

            new_user_group.owner = User.guess_instance(owner)

            new_user_group.users_group_name = name

            new_user_group.user_group_description = description

            new_user_group.users_group_active = active

            if group_data:

                new_user_group.group_data = group_data

            Session().add(new_user_group)

            self._create_default_perms(new_user_group)

    ini_settings = {

        '[server:main]': {

            'port': '4999',

        },

        '[app:main]': {

            'ssh_enabled': 'true',

            # Mainly to safeguard against accidentally overwriting the real one:

            'ssh_authorized_keys': os.path.join(TESTS_TMP_PATH, 'authorized_keys'),

            #'ssh_locale': 'C',

            'app_instance_uuid': 'test',

            'show_revision_number': 'true',

            'session.secret': '{74e0cd75-b339-478b-b129-07dd221def1f}',

            #'i18n.lang': '',

        },

        '[handler_console]': {

            'formatter': 'color_formatter',

        },

        # The 'handler_console_sql' block is very similar to the one in

        # development.ini, but without the explicit 'level=DEBUG' setting:

        # it causes duplicate sqlalchemy debug logs, one through

        # handler_console_sql and another through another path.

        '[handler_console_sql]': {

            'formatter': 'color_formatter_sql',