#fill repository groups

        for p in c.repo_info.users_group_to_perm:

            defaults.update({'g_perm_%s' % p.users_group.users_group_name:

                             p.permission.permission_name})

        return defaults

    @HasPermissionAllDecorator('hg.admin')

    def index(self, format='html'):

        """GET /repos: All items in the collection"""

        # url('repos')

        cached_repo_list = ScmModel().get_repos()

        c.repos_list = sorted(cached_repo_list, key=itemgetter('name_sort'))

        return render('admin/repos/repos.html')

    @HasPermissionAnyDecorator('hg.admin', 'hg.create.repository')

    def create(self):

        """

        POST /repos: Create a new item"""

        # url('repos')

        repo_model = RepoModel()

        self.__load_defaults()

        form_result = {}

        try:

            form_result = RepoForm(repo_groups=c.repo_groups_choices)()\

                            .to_python(dict(request.POST))

            repo_model.create(form_result, self.rhodecode_user)

            if form_result['clone_uri']:

                h.flash(_('created repository %s from %s') \

                    % (form_result['repo_name'], form_result['clone_uri']),

                    category='success')

            else:

                h.flash(_('created repository %s') % form_result['repo_name'],

                    category='success')

            if request.POST.get('user_created'):

                action_logger(self.rhodecode_user, 'user_created_repo',

                              form_result['repo_name'], '', self.sa)

            else:

                action_logger(self.rhodecode_user, 'admin_created_repo',

                              form_result['repo_name'], '', self.sa)

        except formencode.Invalid, errors:

            c.new_repo = errors.value['repo_name']

            if request.POST.get('user_created'):

                r = render('admin/repos/repo_add_create_repository.html')

            else:

                r = render('admin/repos/repo_add.html')

            return htmlfill.render(

                r,

                defaults=errors.value,

                errors=errors.error_dict or {},

                prefix_error=False,

                encoding="UTF-8")

        except Exception:

            log.error(traceback.format_exc())

            msg = _('error occurred during creation of repository %s') \

                    % form_result.get('repo_name')

            h.flash(msg, category='error')

        if request.POST.get('user_created'):

            return redirect(url('home'))

        return redirect(url('repos'))

    @HasPermissionAllDecorator('hg.admin')

    def new(self, format='html'):

        """GET /repos/new: Form to create a new item"""

        new_repo = request.GET.get('repo', '')

        c.new_repo = repo_name_slug(new_repo)

        self.__load_defaults()

        return render('admin/repos/repo_add.html')

    @HasPermissionAllDecorator('hg.admin')

    def update(self, repo_name):

        """

        PUT /repos/repo_name: Update an existing item"""

        # Forms posted to this method should contain a hidden field:

        #    <input type="hidden" name="_method" value="PUT" />

        # Or using helpers:

        #    h.form(url('repo', repo_name=ID),

        #           method='put')

        # url('repo', repo_name=ID)

        self.__load_defaults()

        repo_model = RepoModel()

        changed_name = repo_name

        _form = RepoForm(edit=True, old_data={'repo_name': repo_name},

                         repo_groups=c.repo_groups_choices)()

        try:

            form_result = _form.to_python(dict(request.POST))

            repo_model.update(repo_name, form_result)

            invalidate_cache('get_repo_cached_%s' % repo_name)

            h.flash(_('Repository %s updated successfully' % repo_name),

                    category='success')

            action_logger(self.rhodecode_user, 'admin_updated_repo',

                              changed_name, '', self.sa)

        except formencode.Invalid, errors:

            defaults = self.__load_data(repo_name)

            defaults.update(errors.value)

            return htmlfill.render(

                render('admin/repos/repo_edit.html'),

                defaults=defaults,

                errors=errors.error_dict or {},

                prefix_error=False,

                encoding="UTF-8")

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('error occurred during update of repository %s') \

                    % repo_name, category='error')

        return redirect(url('edit_repo', repo_name=changed_name))

    @HasPermissionAllDecorator('hg.admin')

    def delete(self, repo_name):

        """

        DELETE /repos/repo_name: Delete an existing item"""

        # Forms posted to this method should contain a hidden field:

        #    <input type="hidden" name="_method" value="DELETE" />

        # Or using helpers:

        #    h.form(url('repo', repo_name=ID),

        #           method='delete')

        # url('repo', repo_name=ID)

        repo_model = RepoModel()

        repo = repo_model.get_by_repo_name(repo_name)

        if not repo:

            h.flash(_('%s repository is not mapped to db perhaps'

                      ' it was moved or renamed  from the filesystem'

                      ' please run the application again'

                      ' in order to rescan repositories') % repo_name,

                      category='error')

            return redirect(url('repos'))

        try:

            action_logger(self.rhodecode_user, 'admin_deleted_repo',

                              repo_name, '', self.sa)

            repo_model.delete(repo)

            invalidate_cache('get_repo_cached_%s' % repo_name)

            h.flash(_('deleted repository %s') % repo_name, category='success')

        except Exception, e:

            log.error(traceback.format_exc())

            h.flash(_('An error occurred during deletion of %s') % repo_name,

                    category='error')

        return redirect(url('repos'))

    @HasPermissionAllDecorator('hg.admin')

    def delete_perm_user(self, repo_name):

        """

        DELETE an existing repository permission user

        :param repo_name:

        """

        try:

            repo_model = RepoModel()

            repo_model.delete_perm_user(request.POST, repo_name)

        except Exception, e:

            h.flash(_('An error occurred during deletion of repository user'),

                    category='error')

            raise HTTPInternalServerError()

    @HasPermissionAllDecorator('hg.admin')

    def delete_perm_users_group(self, repo_name):

        """

        DELETE an existing repository permission users group

        :param repo_name:

        """

        try:

            repo_model = RepoModel()

            repo_model.delete_perm_users_group(request.POST, repo_name)

        except Exception, e:

            h.flash(_('An error occurred during deletion of repository'

                      ' users groups'),

                    category='error')

            raise HTTPInternalServerError()

    @HasPermissionAllDecorator('hg.admin')

    def repo_stats(self, repo_name):

        """

        DELETE an existing repository statistics

        :param repo_name:

        """

        try:

            repo_model = RepoModel()

    repo_type = Column("repo_type", String(length=255, convert_unicode=False, assert_unicode=None), nullable=False, unique=False, default='hg')

    user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)

    private = Column("private", Boolean(), nullable=True, unique=None, default=None)

    enable_statistics = Column("statistics", Boolean(), nullable=True, unique=None, default=True)

    enable_downloads = Column("downloads", Boolean(), nullable=True, unique=None, default=True)

    description = Column("description", String(length=10000, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)

    created_on = Column('created_on', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)

    fork_id = Column("fork_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=False, default=None)

    group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=False, default=None)

    user = relationship('User')

    fork = relationship('Repository', remote_side=repo_id)

    group = relationship('Group')

    repo_to_perm = relationship('RepoToPerm', cascade='all', order_by='RepoToPerm.repo_to_perm_id')

    users_group_to_perm = relationship('UsersGroupRepoToPerm', cascade='all')

    stats = relationship('Statistics', cascade='all', uselist=False)

    followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id', cascade='all')

    logs = relationship('UserLog', cascade='all')

    def __repr__(self):

        return "<%s('%s:%s')>" % (self.__class__.__name__,

                                  self.repo_id, self.repo_name)

    @classmethod

    def by_repo_name(cls, repo_name):

        return Session.query(cls).filter(cls.repo_name == repo_name).one()

    @classmethod

    def get_repo_forks(cls, repo_id):

        return Session.query(cls).filter(Repository.fork_id == repo_id)

    @property

    def just_name(self):

        return self.repo_name.split(os.sep)[-1]

    @property

    def groups_with_parents(self):

        groups = []

        if self.group is None:

            return groups

        cur_gr = self.group

        groups.insert(0, cur_gr)

        while 1:

            gr = getattr(cur_gr, 'parent_group', None)

            cur_gr = cur_gr.parent_group

            if gr is None:

                break

            groups.insert(0, gr)

        return groups

    @property

    def groups_and_repo(self):

        return self.groups_with_parents, self.just_name

class Group(Base):

    __tablename__ = 'groups'

    __table_args__ = (UniqueConstraint('group_name'), {'useexisting':True},)

    group_id = Column("group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

    group_name = Column("group_name", String(length=255, convert_unicode=False, assert_unicode=None), nullable=False, unique=True, default=None)

    group_parent_id = Column("group_parent_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)

    parent_group = relationship('Group', remote_side=group_id)

    def __init__(self, group_name='', parent_group=None):

        self.group_name = group_name

        self.parent_group = parent_group

    def __repr__(self):

        return "<%s('%s:%s')>" % (self.__class__.__name__, self.group_id,

                                  self.group_name)

    @property

    def parents(self):

        groups = []

        if self.parent_group is None:

            return groups

        cur_gr = self.parent_group

        groups.insert(0, cur_gr)

        while 1:

            gr = getattr(cur_gr, 'parent_group', None)

            cur_gr = cur_gr.parent_group

            if gr is None:

                break

            groups.insert(0, gr)

        return groups

    @property

    def repositories(self):

        return Session.query(Repository).filter(Repository.group == self).all()

class Permission(Base):

    __tablename__ = 'permissions'

    __table_args__ = {'useexisting':True}

    permission_id = Column("permission_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

    permission_name = Column("permission_name", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)

    permission_longname = Column("permission_longname", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)

    def __repr__(self):

        return "<%s('%s:%s')>" % (self.__class__.__name__,

                                  self.permission_id, self.permission_name)

    @classmethod

    def get_by_key(cls, key):

        return Session.query(cls).filter(cls.permission_name == key).scalar()

class RepoToPerm(Base):

    __tablename__ = 'repo_to_perm'

    __table_args__ = (UniqueConstraint('user_id', 'repository_id'), {'useexisting':True})

    repo_to_perm_id = Column("repo_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

    user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)

    permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

    repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)

    user = relationship('User')

    permission = relationship('Permission')

    repository = relationship('Repository')

class UserToPerm(Base):

    __tablename__ = 'user_to_perm'

    __table_args__ = (UniqueConstraint('user_id', 'permission_id'), {'useexisting':True})

    user_to_perm_id = Column("user_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

    user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)

    permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

    user = relationship('User')

    permission = relationship('Permission')

    @classmethod

    def has_perm(cls, user_id, perm):

        if not isinstance(perm, Permission):

            raise Exception('perm needs to be an instance of Permission class')

        return Session.query(cls).filter(cls.user_id == user_id)\

            .filter(cls.permission == perm).scalar() is not None

    @classmethod

    def grant_perm(cls, user_id, perm):

        if not isinstance(perm, Permission):

            raise Exception('perm needs to be an instance of Permission class')

        new = cls()

        new.user_id = user_id

        new.permission = perm

        try:

            Session.add(new)

            Session.commit()

        except:

            Session.rollback()

    @classmethod

    def revoke_perm(cls, user_id, perm):

        if not isinstance(perm, Permission):

            raise Exception('perm needs to be an instance of Permission class')

        try:

            Session.query(cls).filter(cls.user_id == user_id)\

                .filter(cls.permission == perm).delete()

            Session.commit()

        except:

            Session.rollback()

class UsersGroupRepoToPerm(Base):

    __tablename__ = 'users_group_repo_to_perm'

    __table_args__ = (UniqueConstraint('users_group_id', 'permission_id'), {'useexisting':True})

    users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

    users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)

    permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

    repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)

    users_group = relationship('UsersGroup')

    permission = relationship('Permission')

    repository = relationship('Repository')

class UsersGroupToPerm(Base):

    __tablename__ = 'users_group_to_perm'

    users_group_to_perm_id = Column("users_group_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

    users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)

    permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)

    users_group = relationship('UsersGroup')

""" this is forms validation classes

http://formencode.org/module-formencode.validators.html

for list off all availible validators

we can create our own validators

The table below outlines the options which can be used in a schema in addition to the validators themselves

pre_validators          []     These validators will be applied before the schema

chained_validators      []     These validators will be applied after the schema

allow_extra_fields      False     If True, then it is not an error when keys that aren't associated with a validator are present

filter_extra_fields     False     If True, then keys that aren't associated with a validator are removed

if_key_missing          NoDefault If this is given, then any keys that aren't available but are expected will be replaced with this value (and then validated). This does not override a present .if_missing attribute on validators. NoDefault is a special FormEncode class to mean that no default values has been specified and therefore missing keys shouldn't take a default value.

ignore_key_missing      False     If True, then missing keys will be missing in the result, if the validator doesn't have .if_missing on it already

<name> = formencode.validators.<name of validator>

<name> must equal form name

list=[1,2,3,4,5]

for SELECT use formencode.All(OneOf(list), Int())

"""

import os

import re

import logging

import traceback

import formencode

from formencode import All

from formencode.validators import UnicodeString, OneOf, Int, Number, Regex, \

    Email, Bool, StringBoolean, Set

from pylons.i18n.translation import _

from webhelpers.pylonslib.secure_form import authentication_token

from rhodecode.lib.utils import repo_name_slug

from rhodecode.lib.auth import authenticate, get_crypt_password

from rhodecode.lib.exceptions import LdapImportError

from rhodecode.model import meta

from rhodecode.model.user import UserModel

from rhodecode.model.repo import RepoModel

from rhodecode import BACKENDS

log = logging.getLogger(__name__)

#this is needed to translate the messages using _() in validators

class State_obj(object):

    _ = staticmethod(_)

#==============================================================================

# VALIDATORS

#==============================================================================

class ValidAuthToken(formencode.validators.FancyValidator):

    messages = {'invalid_token':_('Token mismatch')}

    def validate_python(self, value, state):

        if value != authentication_token():

            raise formencode.Invalid(self.message('invalid_token', state,

                                            search_number=value), value, state)

def ValidUsername(edit, old_data):

    class _ValidUsername(formencode.validators.FancyValidator):

        def validate_python(self, value, state):

            if value in ['default', 'new_user']:

                raise formencode.Invalid(_('Invalid username'), value, state)

            #check if user is unique

            old_un = None

            if edit:

                old_un = UserModel().get(old_data.get('user_id')).username

            if old_un != value or not edit:

                if UserModel().get_by_username(value, cache=False,

                                               case_insensitive=True):

                    raise formencode.Invalid(_('This username already '

                                               'exists') , value, state)

            if re.match(r'^[a-zA-Z0-9]{1}[a-zA-Z0-9\-\_\.]+$', value) is None:

                raise formencode.Invalid(_('Username may only contain '

                                           'alphanumeric characters '

                                           'underscores, periods or dashes '

                                           'and must begin with alphanumeric '

                                           'character'), value, state)

    return _ValidUsername

def ValidUsersGroup(edit, old_data):

    class _ValidUsersGroup(formencode.validators.FancyValidator):

        def validate_python(self, value, state):

            if value in ['default']:

                raise formencode.Invalid(_('Invalid group name'), value, state)

            #check if group is unique

            old_ugname = None

            if edit:

                old_ugname = UsersGroup.get(

                            old_data.get('users_group_id')).users_group_name

            if old_ugname != value or not edit:

                if UsersGroup.get_by_group_name(value, cache=False,

                                               case_insensitive=True):

                    raise formencode.Invalid(_('This users group '

                                               'already exists') , value,

                                             state)

            if re.match(r'^[a-zA-Z0-9]{1}[a-zA-Z0-9\-\_\.]+$', value) is None:

                raise formencode.Invalid(_('Group name may only contain '

                                           'alphanumeric characters '

                                           'underscores, periods or dashes '

                                           'and must begin with alphanumeric '

                                           'character'), value, state)

    return _ValidUsersGroup

class ValidPassword(formencode.validators.FancyValidator):

    def to_python(self, value, state):

        if value:

            if value.get('password'):

                try:

                    value['password'] = get_crypt_password(value['password'])

                except UnicodeEncodeError:

                    e_dict = {'password':_('Invalid characters in password')}

                    raise formencode.Invalid('', value, state, error_dict=e_dict)

            if value.get('password_confirmation'):

                try:

                    value['password_confirmation'] = \

                        get_crypt_password(value['password_confirmation'])

                except UnicodeEncodeError:

                    e_dict = {'password_confirmation':_('Invalid characters in password')}

                    raise formencode.Invalid('', value, state, error_dict=e_dict)

            if value.get('new_password'):

                try:

                    value['new_password'] = \

                        get_crypt_password(value['new_password'])

                except UnicodeEncodeError:

                    e_dict = {'new_password':_('Invalid characters in password')}

                    raise formencode.Invalid('', value, state, error_dict=e_dict)

            return value

class ValidPasswordsMatch(formencode.validators.FancyValidator):

    def validate_python(self, value, state):

        if value['password'] != value['password_confirmation']:

            e_dict = {'password_confirmation':

                   _('Password do not match')}

            raise formencode.Invalid('', value, state, error_dict=e_dict)

class ValidAuth(formencode.validators.FancyValidator):

    messages = {

            'invalid_password':_('invalid password'),

            'invalid_login':_('invalid user name'),

            'disabled_account':_('Your account is disabled')

            }

    #error mapping

    e_dict = {'username':messages['invalid_login'],

              'password':messages['invalid_password']}

    e_dict_disable = {'username':messages['disabled_account']}

    def validate_python(self, value, state):

        password = value['password']

        username = value['username']

        user = UserModel().get_by_username(username)

        if authenticate(username, password):

            return value

        else:

            if user and user.active is False:

                log.warning('user %s is disabled', username)

                raise formencode.Invalid(self.message('disabled_account',

                                         state=State_obj),

                                         value, state,

                                         error_dict=self.e_dict_disable)

            else:

                log.warning('user %s not authenticated', username)

                raise formencode.Invalid(self.message('invalid_password',

                                         state=State_obj), value, state,

                                         error_dict=self.e_dict)

class ValidRepoUser(formencode.validators.FancyValidator):

    def to_python(self, value, state):

        sa = meta.Session()

        try:

            self.user_db = sa.query(User)\

                .filter(User.active == True)\

                .filter(User.username == value).one()

        except Exception:

            raise formencode.Invalid(_('This username is not valid'),

                                     value, state)

        finally:

            meta.Session.remove()

def ValidRepoName(edit, old_data):

    class _ValidRepoName(formencode.validators.FancyValidator):

    return _ValidRepoName

def ValidCloneUri():

    from mercurial.httprepo import httprepository, httpsrepository

    from rhodecode.lib.utils import make_ui

    class _ValidCloneUri(formencode.validators.FancyValidator):

        def to_python(self, value, state):

            if not value:

                pass

            elif value.startswith('https'):

                try:

                    httpsrepository(make_ui('db'), value).capabilities

                except Exception, e:

                    log.error(traceback.format_exc())

                    raise formencode.Invalid(_('invalid clone url'), value,

                                             state)

            elif value.startswith('http'):

                try:

                    httprepository(make_ui('db'), value).capabilities

                except Exception, e:

                    log.error(traceback.format_exc())

                    raise formencode.Invalid(_('invalid clone url'), value,

                                             state)

            else:

                raise formencode.Invalid(_('Invalid clone url, provide a '

                                           'valid clone http\s url'), value,

                                         state)

            return value

    return _ValidCloneUri

def ValidForkType(old_data):

    class _ValidForkType(formencode.validators.FancyValidator):

        def to_python(self, value, state):

            if old_data['repo_type'] != value:

                raise formencode.Invalid(_('Fork have to be the same '

                                           'type as original'), value, state)

            return value

    return _ValidForkType

class ValidPerms(formencode.validators.FancyValidator):

    messages = {'perm_new_member_name':_('This username or users group name'

                                         ' is not valid')}

    def to_python(self, value, state):

        perms_update = []

        perms_new = []

        #build a list of permission to update and new permission to create

        for k, v in value.items():

            #means new added member to permissions

            if k.startswith('perm_new_member'):

                new_perm = value.get('perm_new_member', False)

                new_member = value.get('perm_new_member_name', False)

                new_type = value.get('perm_new_member_type')

                if new_member and new_perm:

                    if (new_member, new_perm, new_type) not in perms_new:

                        perms_new.append((new_member, new_perm, new_type))

            elif k.startswith('u_perm_') or k.startswith('g_perm_'):

                member = k[7:]

                t = {'u':'user',

                     'g':'users_group'}[k[0]]

                if member == 'default':

                    if value['private']:

                        #set none for default when updating to private repo

                        v = 'repository.none'

                perms_update.append((member, v, t))

        value['perms_updates'] = perms_update

        value['perms_new'] = perms_new

        #update permissions

        sa = meta.Session

        for k, v, t in perms_new:

            try:

                if t is 'user':

                    self.user_db = sa.query(User)\

                        .filter(User.active == True)\

                        .filter(User.username == k).one()

                if t is 'users_group':

                    self.user_db = sa.query(UsersGroup)\

                        .filter(UsersGroup.users_group_active == True)\

                        .filter(UsersGroup.users_group_name == k).one()

            except Exception:

                msg = self.message('perm_new_member_name',

                                     state=State_obj)

                raise formencode.Invalid(msg, value, state,

                                         error_dict={'perm_new_member_name':msg})

        return value

class ValidSettings(formencode.validators.FancyValidator):

    def to_python(self, value, state):

        #settings  form can't edit user

#===============================================================================

# FORMS

#===============================================================================

class LoginForm(formencode.Schema):

    allow_extra_fields = True

    filter_extra_fields = True

    username = UnicodeString(

                             strip=True,

                             min=1,

                             not_empty=True,

                             messages={

                                       'empty':_('Please enter a login'),

                                       'tooShort':_('Enter a value %(min)i characters long or more')}

                            )

    password = UnicodeString(

                            strip=True,

                            min=6,

                            not_empty=True,

                            messages={

                                      'empty':_('Please enter a password'),

                                      'tooShort':_('Enter %(min)i characters or more')}

                                )

    #chained validators have access to all data

    chained_validators = [ValidAuth]

def UserForm(edit=False, old_data={}):

    class _UserForm(formencode.Schema):

        allow_extra_fields = True

        filter_extra_fields = True

        username = All(UnicodeString(strip=True, min=1, not_empty=True),

                       ValidUsername(edit, old_data))

        if edit:

            new_password = All(UnicodeString(strip=True, min=6, not_empty=False))

            admin = StringBoolean(if_missing=False)

        else:

            password = All(UnicodeString(strip=True, min=6, not_empty=True))

        active = StringBoolean(if_missing=False)

        name = UnicodeString(strip=True, min=1, not_empty=True)

        lastname = UnicodeString(strip=True, min=1, not_empty=True)

        email = All(Email(not_empty=True), UniqSystemEmail(old_data))

        chained_validators = [ValidPassword]

    return _UserForm

def UsersGroupForm(edit=False, old_data={}, available_members=[]):

    class _UsersGroupForm(formencode.Schema):

        allow_extra_fields = True

        filter_extra_fields = True

        users_group_name = All(UnicodeString(strip=True, min=1, not_empty=True),

                       ValidUsersGroup(edit, old_data))

        users_group_active = StringBoolean(if_missing=False)

        if edit:

            users_group_members = OneOf(available_members, hideList=False,

                                        testValueList=True,

                                        if_missing=None, not_empty=False)

    return _UsersGroupForm

def RegisterForm(edit=False, old_data={}):

    class _RegisterForm(formencode.Schema):

        allow_extra_fields = True

        filter_extra_fields = True

        username = All(ValidUsername(edit, old_data),

                       UnicodeString(strip=True, min=1, not_empty=True))

        password = All(UnicodeString(strip=True, min=6, not_empty=True))

        password_confirmation = All(UnicodeString(strip=True, min=6, not_empty=True))

        active = StringBoolean(if_missing=False)

        name = UnicodeString(strip=True, min=1, not_empty=True)

        lastname = UnicodeString(strip=True, min=1, not_empty=True)

        email = All(Email(not_empty=True), UniqSystemEmail(old_data))

        chained_validators = [ValidPasswordsMatch, ValidPassword]

    return _RegisterForm

def PasswordResetForm():

    class _PasswordResetForm(formencode.Schema):

        allow_extra_fields = True

        filter_extra_fields = True

        email = All(ValidSystemEmail(), Email(not_empty=True))

    return _PasswordResetForm

def RepoForm(edit=False, old_data={}, supported_backends=BACKENDS.keys(),

             repo_groups=[]):

    class _RepoForm(formencode.Schema):

        allow_extra_fields = True

        filter_extra_fields = False

        repo_name = All(UnicodeString(strip=True, min=1, not_empty=True),

        clone_uri = All(UnicodeString(strip=True, min=1, not_empty=False),

                        ValidCloneUri()())

        repo_group = OneOf(repo_groups, hideList=True)

        repo_type = OneOf(supported_backends)

        description = UnicodeString(strip=True, min=1, not_empty=True)

        private = StringBoolean(if_missing=False)

        enable_statistics = StringBoolean(if_missing=False)

        enable_downloads = StringBoolean(if_missing=False)

        if edit:

            #this is repo owner