@HasPermissionAnyDecorator('hg.admin', 'hg.create.repository')

    def create(self):

        """

        POST /repos: Create a new item"""

        # url('repos')

        self.__load_defaults()

        form_result = {}

        try:

            form_result = RepoForm(repo_groups=c.repo_groups_choices)()\

                            .to_python(dict(request.POST))

            RepoModel().create(form_result, self.rhodecode_user)

            if form_result['clone_uri']:

                h.flash(_('created repository %s from %s') \

                    % (form_result['repo_name'], form_result['clone_uri']),

                    category='success')

            else:

                h.flash(_('created repository %s') % form_result['repo_name'],

                    category='success')

            if request.POST.get('user_created'):

                # created by regular non admin user

                action_logger(self.rhodecode_user, 'user_created_repo',

            else:

                action_logger(self.rhodecode_user, 'admin_created_repo',

            Session.commit()

        except formencode.Invalid, errors:

            c.new_repo = errors.value['repo_name']

            if request.POST.get('user_created'):

                r = render('admin/repos/repo_add_create_repository.html')

            else:

                r = render('admin/repos/repo_add.html')

            return htmlfill.render(

                r,

                defaults=errors.value,

                errors=errors.error_dict or {},

                prefix_error=False,

                encoding="UTF-8")

        except Exception:

            log.error(traceback.format_exc())

            msg = _('error occurred during creation of repository %s') \

                    % form_result.get('repo_name')

            h.flash(msg, category='error')

        if request.POST.get('user_created'):

            return redirect(url('home'))

    @HasPermissionAllDecorator('hg.admin')

    def update(self, repo_name):

        """

        PUT /repos/repo_name: Update an existing item"""

        # Forms posted to this method should contain a hidden field:

        #    <input type="hidden" name="_method" value="PUT" />

        # Or using helpers:

        #    h.form(url('repo', repo_name=ID),

        #           method='put')

        # url('repo', repo_name=ID)

        self.__load_defaults()

        repo_model = RepoModel()

        changed_name = repo_name

        _form = RepoForm(edit=True, old_data={'repo_name': repo_name},

                         repo_groups=c.repo_groups_choices)()

        try:

            form_result = _form.to_python(dict(request.POST))

            repo = repo_model.update(repo_name, form_result)

            invalidate_cache('get_repo_cached_%s' % repo_name)

            h.flash(_('Repository %s updated successfully' % repo_name),

                    category='success')

            changed_name = repo.repo_name

            action_logger(self.rhodecode_user, 'admin_updated_repo',

            Session.commit()

        except formencode.Invalid, errors:

            defaults = self.__load_data(repo_name)

            defaults.update(errors.value)

            return htmlfill.render(

                render('admin/repos/repo_edit.html'),

                defaults=defaults,

                errors=errors.error_dict or {},

                prefix_error=False,

                encoding="UTF-8")

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('error occurred during update of repository %s') \

                    % repo_name, category='error')

        return redirect(url('edit_repo', repo_name=changed_name))

    @HasPermissionAllDecorator('hg.admin')

    def delete(self, repo_name):

        """

        DELETE /repos/repo_name: Delete an existing item"""

        # Forms posted to this method should contain a hidden field:

        #    <input type="hidden" name="_method" value="DELETE" />

        # Or using helpers:

        #    h.form(url('repo', repo_name=ID),

        #           method='delete')

        # url('repo', repo_name=ID)

        repo_model = RepoModel()

        repo = repo_model.get_by_repo_name(repo_name)

        if not repo:

            h.flash(_('%s repository is not mapped to db perhaps'

                      ' it was moved or renamed  from the filesystem'

                      ' please run the application again'

                      ' in order to rescan repositories') % repo_name,

                      category='error')

            return redirect(url('repos'))

        try:

            action_logger(self.rhodecode_user, 'admin_deleted_repo',

            repo_model.delete(repo)

            invalidate_cache('get_repo_cached_%s' % repo_name)

            h.flash(_('deleted repository %s') % repo_name, category='success')

            Session.commit()

        except IntegrityError, e:

            if e.message.find('repositories_fork_id_fkey') != -1:

                log.error(traceback.format_exc())

                h.flash(_('Cannot delete %s it still contains attached '

                          'forks') % repo_name,

                        category='warning')

            else:

                log.error(traceback.format_exc())

                h.flash(_('An error occurred during '

                          'deletion of %s') % repo_name,

                        category='error')

        except Exception, e:

            log.error(traceback.format_exc())

            h.flash(_('An error occurred during deletion of %s') % repo_name,

                    category='error')

        return redirect(url('repos'))

    @HasRepoPermissionAllDecorator('repository.admin')

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

import logging

import traceback

import formencode

from formencode import htmlfill

from pylons import request, session, tmpl_context as c, url, config

from pylons.controllers.util import redirect

from pylons.i18n.translation import _

from rhodecode.lib.exceptions import DefaultUserException, \

    UserOwnsReposException

from rhodecode.lib import helpers as h

from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator

from rhodecode.lib.base import BaseController, render

from rhodecode.model.db import User, Permission

from rhodecode.model.forms import UserForm

from rhodecode.model.user import UserModel

from rhodecode.model.meta import Session

log = logging.getLogger(__name__)

class UsersController(BaseController):

    """REST Controller styled on the Atom Publishing Protocol"""

    # To properly map this controller, ensure your config/routing.py

    # file has a resource setup:

    #     map.resource('user', 'users')

    @LoginRequired()

    @HasPermissionAllDecorator('hg.admin')

    def __before__(self):

        c.admin_user = session.get('admin_user')

        c.admin_username = session.get('admin_username')

        super(UsersController, self).__before__()

        c.available_permissions = config['available_permissions']

    def index(self, format='html'):

        """GET /users: All items in the collection"""

        # url('users')

        c.users_list = self.sa.query(User).all()

        return render('admin/users/users.html')

    def create(self):

        """POST /users: Create a new item"""

        # url('users')

        user_model = UserModel()

        user_form = UserForm()()

        try:

            form_result = user_form.to_python(dict(request.POST))

            user_model.create(form_result)

                    category='success')

            Session.commit()

        except formencode.Invalid, errors:

            return htmlfill.render(

                render('admin/users/user_add.html'),

                defaults=errors.value,

                errors=errors.error_dict or {},

                prefix_error=False,

                encoding="UTF-8")

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('error occurred during creation of user %s') \

                    % request.POST.get('username'), category='error')

        return redirect(url('users'))

    def new(self, format='html'):

        """GET /users/new: Form to create a new item"""

        # url('new_user')

        return render('admin/users/user_add.html')

    def update(self, id):

        """PUT /users/id: Update an existing item"""

        # Forms posted to this method should contain a hidden field:

        #    <input type="hidden" name="_method" value="PUT" />

        # Or using helpers:

        #    h.form(url('update_user', id=ID),

        #           method='put')

        # url('user', id=ID)

        user_model = UserModel()

        c.user = user_model.get(id)

        _form = UserForm(edit=True, old_data={'user_id': id,

                                              'email': c.user.email})()

        form_result = {}

        try:

            form_result = _form.to_python(dict(request.POST))

            user_model.update(id, form_result)

            h.flash(_('User updated successfully'), category='success')

            Session.commit()

        except formencode.Invalid, errors:

            e = errors.error_dict or {}

            perm = Permission.get_by_key('hg.create.repository')

            e.update({'create_repo_perm': user_model.has_perm(id, perm)})

            return htmlfill.render(

                render('admin/users/user_edit.html'),

                defaults=errors.value,

                errors=e,

                prefix_error=False,

                encoding="UTF-8")

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('error occurred during update of user %s') \

                    % form_result.get('username'), category='error')

        return redirect(url('users'))

    def delete(self, id):

        """DELETE /users/id: Delete an existing item"""

        # Forms posted to this method should contain a hidden field:

        #    <input type="hidden" name="_method" value="DELETE" />

        # Or using helpers:

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

import logging

import traceback

import formencode

from formencode import htmlfill

from pylons import request, session, tmpl_context as c, url, config

from pylons.controllers.util import abort, redirect

from pylons.i18n.translation import _

from rhodecode.lib import helpers as h

from rhodecode.lib.exceptions import UsersGroupsAssignedException

from rhodecode.lib.utils2 import safe_unicode

from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator

from rhodecode.lib.base import BaseController, render

from rhodecode.model.users_group import UsersGroupModel

from rhodecode.model.db import User, UsersGroup, Permission, UsersGroupToPerm

from rhodecode.model.forms import UsersGroupForm

from rhodecode.model.meta import Session

log = logging.getLogger(__name__)

class UsersGroupsController(BaseController):

    """REST Controller styled on the Atom Publishing Protocol"""

    # To properly map this controller, ensure your config/routing.py

    # file has a resource setup:

    #     map.resource('users_group', 'users_groups')

    @LoginRequired()

    @HasPermissionAllDecorator('hg.admin')

    def __before__(self):

        c.admin_user = session.get('admin_user')

        c.admin_username = session.get('admin_username')

        super(UsersGroupsController, self).__before__()

        c.available_permissions = config['available_permissions']

    def index(self, format='html'):

        """GET /users_groups: All items in the collection"""

        # url('users_groups')

        c.users_groups_list = self.sa.query(UsersGroup).all()

        return render('admin/users_groups/users_groups.html')

    def create(self):

        """POST /users_groups: Create a new item"""

        # url('users_groups')

        users_group_form = UsersGroupForm()()

        try:

            form_result = users_group_form.to_python(dict(request.POST))

            UsersGroupModel().create(name=form_result['users_group_name'],

                                     active=form_result['users_group_active'])

            Session.commit()

        except formencode.Invalid, errors:

            return htmlfill.render(

                render('admin/users_groups/users_group_add.html'),

                defaults=errors.value,

                errors=errors.error_dict or {},

                prefix_error=False,

                encoding="UTF-8")

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('error occurred during creation of users group %s') \

                    % request.POST.get('users_group_name'), category='error')

        return redirect(url('users_groups'))

    def new(self, format='html'):

        """GET /users_groups/new: Form to create a new item"""

        # url('new_users_group')

        return render('admin/users_groups/users_group_add.html')

    def update(self, id):

        """PUT /users_groups/id: Update an existing item"""

        # Forms posted to this method should contain a hidden field:

        #    <input type="hidden" name="_method" value="PUT" />

        # Or using helpers:

        #    h.form(url('users_group', id=ID),

        #           method='put')

        # url('users_group', id=ID)

        c.users_group = UsersGroup.get(id)

        c.group_members_obj = [x.user for x in c.users_group.members]

        c.group_members = [(x.user_id, x.username) for x in

                           c.group_members_obj]

        c.available_members = [(x.user_id, x.username) for x in

                               self.sa.query(User).all()]

        available_members = [safe_unicode(x[0]) for x in c.available_members]

        users_group_form = UsersGroupForm(edit=True,

                                          old_data=c.users_group.get_dict(),

                                          available_members=available_members)()

        try:

            form_result = users_group_form.to_python(request.POST)

            UsersGroupModel().update(c.users_group, form_result)

            Session.commit()

        except formencode.Invalid, errors:

            e = errors.error_dict or {}

            perm = Permission.get_by_key('hg.create.repository')

            e.update({'create_repo_perm':

                         UsersGroupModel().has_perm(id, perm)})

            return htmlfill.render(

                render('admin/users_groups/users_group_edit.html'),

                defaults=errors.value,

                errors=e,

                prefix_error=False,

                encoding="UTF-8")

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('error occurred during update of users group %s') \

                    % request.POST.get('users_group_name'), category='error')

        return redirect(url('users_groups'))

    def delete(self, id):

        """DELETE /users_groups/id: Delete an existing item"""

        # Forms posted to this method should contain a hidden field:

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

import logging

import traceback

from collections import defaultdict

from webob.exc import HTTPForbidden

from pylons import tmpl_context as c, url, request, response

from pylons.i18n.translation import _

from pylons.controllers.util import redirect

from pylons.decorators import jsonify

from rhodecode.lib.vcs.exceptions import RepositoryError, ChangesetError, \

    ChangesetDoesNotExistError

from rhodecode.lib.vcs.nodes import FileNode

import rhodecode.lib.helpers as h

from rhodecode.lib.auth import LoginRequired, HasRepoPermissionAnyDecorator

from rhodecode.lib.base import BaseRepoController, render

from rhodecode.lib.compat import OrderedDict

from rhodecode.lib import diffs

from rhodecode.model.db import ChangesetComment

from rhodecode.model.comment import ChangesetCommentsModel

from rhodecode.model.meta import Session

from rhodecode.lib.diffs import wrapped_diff

from rhodecode.model.repo import RepoModel

log = logging.getLogger(__name__)

def _update_with_GET(params, GET):

    for k in ['diff1', 'diff2', 'diff']:

        params[k] += GET.getall(k)

def anchor_url(revision, path, GET):

    fid = h.FID(revision, path)

    return h.url.current(anchor=fid, **dict(GET))

def get_ignore_ws(fid, GET):

    ig_ws_global = GET.get('ignorews')

    ig_ws = filter(lambda k: k.startswith('WS'), GET.getall(fid))

        if method == 'download':

            response.content_disposition = 'attachment; filename=%s.patch' \

                                            % revision

        c.parent_tmpl = ''.join(['# Parent  %s\n' % x.raw_id

                                 for x in c.changeset.parents])

        c.diffs = ''

        for x in c.changes:

            c.diffs += x[2]

        return render('changeset/raw_changeset.html')

    @jsonify

    def comment(self, repo_name, revision):

        comm = ChangesetCommentsModel().create(

            text=request.POST.get('text'),

            repo_id=c.rhodecode_db_repo.repo_id,

            user_id=c.rhodecode_user.user_id,

            revision=revision,

            f_path=request.POST.get('f_path'),

            line_no=request.POST.get('line')

        )

        Session.commit()

        if not request.environ.get('HTTP_X_PARTIAL_XHR'):

            return redirect(h.url('changeset_home', repo_name=repo_name,

                                  revision=revision))

        data = {

           'target_id': h.safeid(h.safe_unicode(request.POST.get('f_path'))),

        }

        if comm:

            c.co = comm

            data.update(comm.get_dict())

            data.update({'rendered_text':

                         render('changeset/changeset_comment_block.html')})

        return data

    @jsonify

    def delete_comment(self, repo_name, comment_id):

        co = ChangesetComment.get(comment_id)

        owner = lambda: co.author.user_id == c.rhodecode_user.user_id

        if h.HasPermissionAny('hg.admin', 'repository.admin')() or owner:

            ChangesetCommentsModel().delete(comment=co)

            Session.commit()

            return True

        else:

        c.journal_data = render('journal/journal_data.html')

        if request.environ.get('HTTP_X_PARTIAL_XHR'):

            return c.journal_data

        return render('journal/public_journal.html')

    @LoginRequired(api_access=True)

    def public_journal_atom(self):

        """

        Produce an atom-1.0 feed via feedgenerator module

        """

        c.following = self.sa.query(UserFollowing)\

            .filter(UserFollowing.user_id == self.rhodecode_user.user_id)\

            .options(joinedload(UserFollowing.follows_repository))\

            .all()

        journal = self._get_journal_data(c.following)

        feed = Atom1Feed(title=self.title % 'atom',

                         link=url('public_journal_atom', qualified=True),

                         description=_('Public journal'),

                         language=self.language,

                         ttl=self.ttl)

        for entry in journal[:self.feed_nr]:

            action, action_extra = h.action_parser(entry, feed=True)

            title = "%s - %s %s" % (entry.user.short_contact, action,

                                 entry.repository.repo_name)

            desc = action_extra()

            feed.add_item(title=title,

                          pubdate=entry.action_date,

                          link=url('', qualified=True),

                          author_email=entry.user.email,

                          author_name=entry.user.full_contact,

                          description=desc)

        response.content_type = feed.mime_type

        return feed.writeString('utf-8')

    @LoginRequired(api_access=True)

    def public_journal_rss(self):

        """

        Produce an rss2 feed via feedgenerator module

        """

        c.following = self.sa.query(UserFollowing)\

            .filter(UserFollowing.user_id == self.rhodecode_user.user_id)\

            .options(joinedload(UserFollowing.follows_repository))\

            .all()

        journal = self._get_journal_data(c.following)

        feed = Rss201rev2Feed(title=self.title % 'rss',

                         link=url('public_journal_rss', qualified=True),

                         description=_('Public journal'),

                         language=self.language,

                         ttl=self.ttl)

        for entry in journal[:self.feed_nr]:

            action, action_extra = h.action_parser(entry, feed=True)

            title = "%s - %s %s" % (entry.user.short_contact, action,

                                 entry.repository.repo_name)

            desc = action_extra()

            feed.add_item(title=title,

                          pubdate=entry.action_date,

                          link=url('', qualified=True),

                          author_email=entry.user.email,

                          author_name=entry.user.full_contact,

                          description=desc)

        response.content_type = feed.mime_type

        return feed.writeString('utf-8')

            defaults=defaults,

            encoding="UTF-8",

            force_defaults=False

        )

    @HasRepoPermissionAllDecorator('repository.admin')

    def update(self, repo_name):

        repo_model = RepoModel()

        changed_name = repo_name

        self.__load_defaults()

        _form = RepoSettingsForm(edit=True,

                                 old_data={'repo_name': repo_name},

                                 repo_groups=c.repo_groups_choices)()

        try:

            form_result = _form.to_python(dict(request.POST))

            repo_model.update(repo_name, form_result)

            invalidate_cache('get_repo_cached_%s' % repo_name)

            h.flash(_('Repository %s updated successfully' % repo_name),

                    category='success')

            changed_name = form_result['repo_name_full']

            action_logger(self.rhodecode_user, 'user_updated_repo',

            Session.commit()

        except formencode.Invalid, errors:

            c.repo_info = repo_model.get_by_repo_name(repo_name)

            c.users_array = repo_model.get_users_js()

            errors.value.update({'user': c.repo_info.user.username})

            return htmlfill.render(

                render('settings/repo_settings.html'),

                defaults=errors.value,

                errors=errors.error_dict or {},

                prefix_error=False,

                encoding="UTF-8")

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('error occurred during update of repository %s') \

                    % repo_name, category='error')

        return redirect(url('repo_settings_home', repo_name=changed_name))

    @HasRepoPermissionAllDecorator('repository.admin')

    def delete(self, repo_name):

        """DELETE /repos/repo_name: Delete an existing item"""

        # Forms posted to this method should contain a hidden field:

        #    <input type="hidden" name="_method" value="DELETE" />

        # Or using helpers:

        #    h.form(url('repo_settings_delete', repo_name=ID),

        #           method='delete')

        # url('repo_settings_delete', repo_name=ID)

        repo_model = RepoModel()

        repo = repo_model.get_by_repo_name(repo_name)

        if not repo:

            h.flash(_('%s repository is not mapped to db perhaps'

                      ' it was moved or renamed  from the filesystem'

                      ' please run the application again'

                      ' in order to rescan repositories') % repo_name,

                      category='error')

            return redirect(url('home'))

        try:

            action_logger(self.rhodecode_user, 'user_deleted_repo',

            repo_model.delete(repo)

            invalidate_cache('get_repo_cached_%s' % repo_name)

            h.flash(_('deleted repository %s') % repo_name, category='success')

            Session.commit()

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('An error occurred during deletion of %s') % repo_name,

                    category='error')

        return redirect(url('home'))

                )

            if not feed:

                html_tmpl = '<span id="%s" style="display:none">, %s </span>'

            else:

                html_tmpl = '<span id="%s"> %s </span>'

            morelinks = ', '.join(

              [lnk(rev, repo_name) for rev in revs[revs_limit:]]

            )

            if len(revs_ids) > revs_top_limit:

                morelinks += ', ...'

            cs_links.append(html_tmpl % (uniq_id, morelinks))

        if len(revs) > 1:

            cs_links.append(compare_view)

        return ''.join(cs_links)

    def get_fork_name():

        repo_name = action_params

        return _('fork name ') + str(link_to(action_params, url('summary_home',

                                          repo_name=repo_name,)))

    action_str = action_map.get(action, action)

    if feed:

        action = action_str[0].replace('[', '').replace(']', '')

    else:

        action = action_str[0]\

            .replace('[', '<span class="journal_highlight">')\

            .replace(']', '</span>')

    action_params_func = lambda: ""

    if callable(action_str[1]):

        action_params_func = action_str[1]

#==============================================================================

# PERMS

#==============================================================================

from rhodecode.lib.auth import HasPermissionAny, HasPermissionAll, \

HasRepoPermissionAny, HasRepoPermissionAll

#==============================================================================

# GRAVATAR URL

#==============================================================================

def gravatar_url(email_address, size=30):

    if (not str2bool(config['app_conf'].get('use_gravatar')) or

        not email_address or email_address == 'anonymous@rhodecode.org'):

        f = lambda a, l: min(l, key=lambda x: abs(x - a))

        return url("/images/user%s.png" % f(size, [14, 16, 20, 24, 30]))

    ssl_enabled = 'https' == request.environ.get('wsgi.url_scheme')