"fork_of":           "<name_of_fork_parent>",

                "enable_downloads":  "<bool>",

                "enable_locking":    "<bool>",

                "enable_statistics": "<bool>",

              },

            }

    error:  null

fork_repo

---------

Creates a fork of given repo. In case of using celery this will

immidiatelly return success message, while fork is going to be created

asynchronous. This command can be executed only using api_key belonging to

user with admin rights or regular user that have fork permission, and at least

read access to forking repository. Regular users cannot specify owner parameter.

INPUT::

    id : <id_for_response>

    api_key : "<api_key>"

    method :  "fork_repo"

    args:     {

                "repoid" :          "<reponame or repo_id>",

                "fork_name":        "<forkname>",

                "owner":            "<username or user_id = Optional(=apiuser)>",

                "description":      "<description>",

                "copy_permissions": "<bool>",

                "private":          "<bool>",

                "landing_rev":      "<landing_rev>"

              }

OUTPUT::

    id : <id_given_in_input>

    result: {

              "msg": "Created fork of `<reponame>` as `<forkname>`",

              "success": true

            }

    error:  null

delete_repo

-----------

INPUT::

    id : <id_for_response>

    api_key : "<api_key>"

    method :  "delete_repo"

    args:     {

              }

OUTPUT::

    id : <id_given_in_input>

    result: {

              "msg": "Deleted repository `<reponame>`",

              "success": true

            }

    error:  null

grant_user_permission

---------------------

Grant permission for user on given repository, or update existing one

if found. This command can be executed only using api_key belonging to user

with admin rights.

INPUT::

    id : <id_for_response>

    api_key : "<api_key>"

    method :  "grant_user_permission"

    args:     {

                "repoid" : "<reponame or repo_id>"

                "userid" : "<username or user_id>"

                "perm" :       "(repository.(none|read|write|admin))",

              }

OUTPUT::

    id : <id_given_in_input>

    result: {

              "msg" : "Granted perm: `<perm>` for user: `<username>` in repo: `<reponame>`",

              "success": true

            }

    error:  null

revoke_user_permission

----------------------

Revoke permission for user on given repository. This command can be executed

only using api_key belonging to user with admin rights.

    Repositories controller for RhodeCode

    :created_on: Apr 7, 2010

    :author: marcink

    :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>

    :license: GPLv3, see COPYING for more details.

"""

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

import logging

import traceback

import formencode

from formencode import htmlfill

from webob.exc import HTTPInternalServerError, HTTPForbidden

from pylons import request, session, tmpl_context as c, url

from pylons.controllers.util import redirect

from pylons.i18n.translation import _

from sqlalchemy.exc import IntegrityError

import rhodecode

from rhodecode.lib import helpers as h

from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator, \

    HasPermissionAnyDecorator, HasRepoPermissionAllDecorator, NotAnonymous,\

    HasPermissionAny, HasReposGroupPermissionAny, HasRepoPermissionAnyDecorator

from rhodecode.lib.base import BaseRepoController, render

from rhodecode.lib.utils import invalidate_cache, action_logger, repo_name_slug

from rhodecode.lib.helpers import get_token

from rhodecode.model.meta import Session

from rhodecode.model.db import User, Repository, UserFollowing, RepoGroup,\

    RhodeCodeSetting, RepositoryField

from rhodecode.model.forms import RepoForm, RepoFieldForm, RepoPermsForm

from rhodecode.model.scm import ScmModel, GroupList

from rhodecode.model.repo import RepoModel

from rhodecode.lib.compat import json

from sqlalchemy.sql.expression import func

log = logging.getLogger(__name__)

class ReposController(BaseRepoController):

    """

    REST Controller styled on the Atom Publishing Protocol"""

    # To properly map this controller, ensure your config/routing.py

    # file has a resource setup:

    #     map.resource('repo', 'repos')

    @LoginRequired()

    def __before__(self):

        c.admin_user = session.get('admin_user')

        c.admin_username = session.get('admin_username')

        super(ReposController, self).__before__()

    def __load_defaults(self):

        acl_groups = GroupList(RepoGroup.query().all(),

                               perm_set=['group.write', 'group.admin'])

        c.repo_groups = RepoGroup.groups_choices(groups=acl_groups)

        c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups)

        repo_model = RepoModel()

        c.users_array = repo_model.get_users_js()

        c.users_groups_array = repo_model.get_users_groups_js()

        choices, c.landing_revs = ScmModel().get_repo_landing_revs()

        c.landing_revs_choices = choices

    def __load_data(self, repo_name=None):

        """

        Load defaults settings for edit, and update

        :param repo_name:

        """

        self.__load_defaults()

        c.repo_info = db_repo = Repository.get_by_repo_name(repo_name)

        repo = db_repo.scm_instance

        if c.repo_info is None:

            h.not_mapped_error(repo_name)

            return redirect(url('repos'))

        ##override defaults for exact repo info here git/hg etc

        choices, c.landing_revs = ScmModel().get_repo_landing_revs(c.repo_info)

        c.landing_revs_choices = choices

                                              'repo_group': repo.group.get_dict() \

                                              if repo.group else {}},

                         repo_groups=c.repo_groups_choices,

                         landing_revs=c.landing_revs_choices)()

        try:

            form_result = _form.to_python(dict(request.POST))

            repo = repo_model.update(repo_name, **form_result)

            invalidate_cache('get_repo_cached_%s' % repo_name)

            h.flash(_('Repository %s updated successfully') % repo_name,

                    category='success')

            changed_name = repo.repo_name

            action_logger(self.rhodecode_user, 'admin_updated_repo',

                              changed_name, self.ip_addr, self.sa)

            Session().commit()

        except formencode.Invalid, errors:

            defaults = self.__load_data(repo_name)

            defaults.update(errors.value)

            return htmlfill.render(

                render('admin/repos/repo_edit.html'),

                defaults=defaults,

                errors=errors.error_dict or {},

                prefix_error=False,

                encoding="UTF-8")

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('Error occurred during update of repository %s') \

                    % repo_name, category='error')

        return redirect(url('edit_repo', repo_name=changed_name))

    @HasRepoPermissionAllDecorator('repository.admin')

    def delete(self, repo_name):

        """

        DELETE /repos/repo_name: Delete an existing item"""

        # Forms posted to this method should contain a hidden field:

        #    <input type="hidden" name="_method" value="DELETE" />

        # Or using helpers:

        #    h.form(url('repo', repo_name=ID),

        #           method='delete')

        # url('repo', repo_name=ID)

        repo_model = RepoModel()

        repo = repo_model.get_by_repo_name(repo_name)

        if not repo:

            h.not_mapped_error(repo_name)

            return redirect(url('repos'))

        try:

            _forks = repo.forks.count()

            if _forks and request.POST.get('forks'):

                do = request.POST['forks']

                if do == 'detach_forks':

                    h.flash(_('Detached %s forks') % _forks, category='success')

                elif do == 'delete_forks':

                    h.flash(_('Deleted %s forks') % _forks, category='success')

            action_logger(self.rhodecode_user, 'admin_deleted_repo',

                              repo_name, self.ip_addr, self.sa)

            invalidate_cache('get_repo_cached_%s' % repo_name)

            h.flash(_('Deleted repository %s') % repo_name, category='success')

            Session().commit()

            log.error(traceback.format_exc())

            h.flash(_('An error occurred during deletion of %s') % repo_name,

                    category='error')

        return redirect(url('repos'))

    @HasRepoPermissionAllDecorator('repository.admin')

    def set_repo_perm_member(self, repo_name):

        form = RepoPermsForm()().to_python(request.POST)

        perms_new = form['perms_new']

        perms_updates = form['perms_updates']

        cur_repo = repo_name

        # update permissions

        for member, perm, member_type in perms_updates:

            if member_type == 'user':

                # this updates existing one

                RepoModel().grant_user_permission(

                    repo=cur_repo, user=member, perm=perm

                )

            else:

                RepoModel().grant_users_group_permission(

                    repo=cur_repo, group_name=member, perm=perm

                )

        # set new permissions

        for member, perm, member_type in perms_new:

            if member_type == 'user':

                RepoModel().grant_user_permission(

                    repo=cur_repo, user=member, perm=perm

                )

            else:

                RepoModel().grant_users_group_permission(

                    repo=cur_repo, group_name=member, perm=perm

                )

        #TODO: implement this

        #action_logger(self.rhodecode_user, 'admin_changed_repo_permissions',

        #              repo_name, self.ip_addr, self.sa)

        Session().commit()

        h.flash(_('updated repository permissions'), category='success')

        return redirect(url('edit_repo', repo_name=repo_name))

    @HasRepoPermissionAllDecorator('repository.admin')

    def delete_perm_user(self, repo_name):

        """

        DELETE an existing repository permission user

        :param repo_name:

            pass

        elif HasRepoPermissionAnyApi('repository.admin',

                                     'repository.write',

                                     'repository.read')(user=apiuser,

                                                        repo_name=repo.repo_name):

            if not isinstance(owner, Optional):

                #forbid setting owner for non-admins

                raise JSONRPCError(

                    'Only RhodeCode admin can specify `owner` param'

                )

        else:

            raise JSONRPCError('repository `%s` does not exist' % (repoid))

        if isinstance(owner, Optional):

            owner = apiuser.user_id

        owner = get_user_or_error(owner)

        try:

            # create structure of groups and return the last group

            group = map_groups(fork_name)

            form_data = dict(

                repo_name=fork_name,

                repo_name_full=fork_name,

                repo_group=group,

                repo_type=repo.repo_type,

                description=Optional.extract(description),

                private=Optional.extract(private),

                copy_permissions=Optional.extract(copy_permissions),

                landing_rev=Optional.extract(landing_rev),

                update_after_clone=False,

                fork_parent_id=repo.repo_id,

            )

            RepoModel().create_fork(form_data, cur_user=owner)

            return dict(

                msg='Created fork of `%s` as `%s`' % (repo.repo_name,

                                                      fork_name),

                success=True  # cannot return the repo data here since fork

                              # cann be done async

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError(

                'failed to fork repository `%s` as `%s`' % (repo_name,

                                                            fork_name)

            )

        """

        Deletes a given repository

        :param apiuser:

        :param repoid:

        """

        repo = get_repo_or_error(repoid)

        if HasPermissionAnyApi('hg.admin')(user=apiuser) is False:

            # check if we have admin permission for this repo !

            if HasRepoPermissionAnyApi('repository.admin')(user=apiuser,

                                            repo_name=repo.repo_name) is False:

                 raise JSONRPCError('repository `%s` does not exist' % (repoid))

        try:

            Session().commit()

            return dict(

                success=True

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError(

                'failed to delete repository `%s`' % repo.repo_name

            )

    @HasPermissionAllDecorator('hg.admin')

    def grant_user_permission(self, apiuser, repoid, userid, perm):

        """

        Grant permission for user on given repository, or update existing one

        if found

        :param repoid:

        :param userid:

        :param perm:

        """

        repo = get_repo_or_error(repoid)

        user = get_user_or_error(userid)

        perm = get_perm_or_error(perm)

        try:

            RepoModel().grant_user_permission(repo=repo, user=user, perm=perm)

            Session().commit()

            return dict(

                msg='Granted perm: `%s` for user: `%s` in repo: `%s`' % (

                    perm.permission_name, user.username, repo.repo_name

                ),

                success=True

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError(

                'failed to edit permission for user: `%s` in repo: `%s`' % (

                    userid, repoid

                )

            )

    @HasPermissionAllDecorator('hg.admin')

    def revoke_user_permission(self, apiuser, repoid, userid):

        """

        Revoke permission for user on given repository

        :param apiuser:

        :param repoid:

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

from webob.exc import HTTPClientError

class LdapUsernameError(Exception):

    pass

class LdapPasswordError(Exception):

    pass

class LdapConnectionError(Exception):

    pass

class LdapImportError(Exception):

    pass

class DefaultUserException(Exception):

    pass

class UserOwnsReposException(Exception):

    pass

class UserGroupsAssignedException(Exception):

    pass

class StatusChangeOnClosedPullRequestError(Exception):

    pass

class HTTPLockedRC(HTTPClientError):

    """

    Special Exception For locked Repos in RhodeCode, the return code can

    be overwritten by _code keyword argument passed into constructors

    """

    code = 423

    title = explanation = 'Repository Locked'

    def __init__(self, reponame, username, *args, **kwargs):

        from rhodecode import CONFIG

        from rhodecode.lib.utils2 import safe_int

        _code = CONFIG.get('lock_ret_code')

        self.code = safe_int(_code, self.code)

        self.title = self.explanation = ('Repository `%s` locked by '

                                         'user `%s`' % (reponame, username))

        super(HTTPLockedRC, self).__init__(*args, **kwargs)

# -*- coding: utf-8 -*-

"""

    rhodecode.model.repo

    ~~~~~~~~~~~~~~~~~~~~

    Repository model for rhodecode

    :created_on: Jun 5, 2010

    :author: marcink

    :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>

    :license: GPLv3, see COPYING for more details.

"""

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

from __future__ import with_statement

import os

import shutil

import logging

import traceback

from datetime import datetime

from rhodecode.lib.vcs.backends import get_backend

from rhodecode.lib.compat import json

from rhodecode.lib.utils2 import LazyProperty, safe_str, safe_unicode,\

    remove_prefix, obfuscate_url_pw

from rhodecode.lib.caching_query import FromCache

from rhodecode.lib.hooks import log_create_repository, log_delete_repository

from rhodecode.model import BaseModel

from rhodecode.model.db import Repository, UserRepoToPerm, User, Permission, \

    Statistics, UserGroup, UserGroupRepoToPerm, RhodeCodeUi, RepoGroup,\

    RhodeCodeSetting, RepositoryField

from rhodecode.lib import helpers as h

from rhodecode.lib.auth import HasRepoPermissionAny

log = logging.getLogger(__name__)

class RepoModel(BaseModel):

    cls = Repository

    URL_SEPARATOR = Repository.url_sep()

    def __get_users_group(self, users_group):

        return self._get_instance(UserGroup, users_group,

                                  callback=UserGroup.get_by_group_name)

    def _get_repos_group(self, repos_group):

        return self._get_instance(RepoGroup, repos_group,

                                  callback=RepoGroup.get_by_group_name)

    @LazyProperty

    def repos_path(self):

        """

        Get's the repositories root path from database

        """

        q = self.sa.query(RhodeCodeUi).filter(RhodeCodeUi.ui_key == '/').one()

        return q.ui_value

    def get(self, repo_id, cache=False):

        repo = self.sa.query(Repository)\

            .filter(Repository.repo_id == repo_id)

        if cache:

            repo = repo.options(FromCache("sql_cache_short",

                                          "get_repo_%s" % repo_id))

        return repo.scalar()

    def get_repo(self, repository):

        return self._get_repo(repository)

    def get_by_repo_name(self, repo_name, cache=False):

        repo = self.sa.query(Repository)\

            .filter(Repository.repo_name == repo_name)

        if cache:

            repo = repo.options(FromCache("sql_cache_short",

                                          "get_repo_%s" % repo_name))

        return repo.scalar()

    def get_all_user_repos(self, user):

                                                    owner.user_id)

            return new_repo

        except Exception:

            log.error(traceback.format_exc())

            raise

    def create(self, form_data, cur_user, just_db=False, fork=None):

        """

        Backward compatibility function, just a wrapper on top of create_repo

        :param form_data:

        :param cur_user:

        :param just_db:

        :param fork:

        """

        owner = cur_user

        repo_name = form_data['repo_name_full']

        repo_type = form_data['repo_type']

        description = form_data['repo_description']

        private = form_data['repo_private']

        clone_uri = form_data.get('clone_uri')

        repos_group = form_data['repo_group']

        landing_rev = form_data['repo_landing_rev']

        copy_fork_permissions = form_data.get('copy_permissions')

        fork_of = form_data.get('fork_parent_id')

        ## repo creation defaults, private and repo_type are filled in form

        defs = RhodeCodeSetting.get_default_repo_settings(strip_prefix=True)

        enable_statistics = defs.get('repo_enable_statistics')

        enable_locking = defs.get('repo_enable_locking')

        enable_downloads = defs.get('repo_enable_downloads')

        return self.create_repo(

            repo_name, repo_type, description, owner, private, clone_uri,

            repos_group, landing_rev, just_db, fork_of, copy_fork_permissions,

            enable_statistics, enable_locking, enable_downloads

        )

    def create_fork(self, form_data, cur_user):

        """

        Simple wrapper into executing celery task for fork creation

        :param form_data:

        :param cur_user:

        """

        from rhodecode.lib.celerylib import tasks, run_task

        run_task(tasks.create_repo_fork, form_data, cur_user)

        repo = self._get_repo(repo)

        if repo:

            old_repo_dict = repo.get_dict()

            owner = repo.user

            try:

                self.sa.delete(repo)

                self.__delete_repo(repo)

                log_delete_repository(old_repo_dict,

                                      deleted_by=owner.username)

            except Exception:

                log.error(traceback.format_exc())

                raise

    def grant_user_permission(self, repo, user, perm):

        """

        Grant permission for user on given repository, or update existing one

        if found

        :param repo: Instance of Repository, repository_id, or repository name

        :param user: Instance of User, user_id or username

        :param perm: Instance of Permission, or permission_name

        """

        user = self._get_user(user)

        repo = self._get_repo(repo)

        permission = self._get_perm(perm)

        # check if we have that permission already

        obj = self.sa.query(UserRepoToPerm)\

            .filter(UserRepoToPerm.user == user)\

            .filter(UserRepoToPerm.repository == repo)\

            .scalar()

        if obj is None:

            # create new !

            obj = UserRepoToPerm()

        obj.repository = repo

        obj.user = user

        obj.permission = permission

        self.sa.add(obj)

        log.debug('Granted perm %s to %s on %s' % (perm, user, repo))

    def revoke_user_permission(self, repo, user):

        """

        Revoke permission for user on given repository

        :param repo: Instance of Repository, repository_id, or repository name

        :param user: Instance of User, user_id or username

        """

        user = self._get_user(user)

        repo = self._get_repo(repo)