#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

kallithea.controllers.admin.settings

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

settings controller for Kallithea admin

This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: Jul 14, 2010

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

import logging

import traceback

import formencode

from formencode import htmlfill

from pylons import request, tmpl_context as c, url, config

from pylons.i18n.translation import _

from webob.exc import HTTPFound

from kallithea.lib import helpers as h

from kallithea.lib.auth import LoginRequired, HasPermissionAllDecorator

from kallithea.lib.base import BaseController, render

from kallithea.lib.celerylib import tasks, run_task

from kallithea.lib.exceptions import HgsubversionImportError

from kallithea.lib.utils import repo2db_mapper, set_app_settings

from kallithea.model.db import Ui, Repository, Setting

from kallithea.model.forms import ApplicationSettingsForm, \

    ApplicationUiSettingsForm, ApplicationVisualisationForm

from kallithea.model.scm import ScmModel

from kallithea.model.notification import EmailNotificationModel

from kallithea.model.meta import Session

from kallithea.lib.utils2 import str2bool, safe_unicode

log = logging.getLogger(__name__)

class SettingsController(BaseController):

    """REST Controller styled on the Atom Publishing Protocol"""

    # To properly map this controller, ensure your config/routing.py

    # file has a resource setup:

    #     map.resource('setting', 'settings', controller='admin/settings',

    #         path_prefix='/admin', name_prefix='admin_')

    @LoginRequired()

    def __before__(self):

        super(SettingsController, self).__before__()

    def _get_hg_ui_settings(self):

        ret = Ui.query().all()

        if not ret:

            raise Exception('Could not get application ui settings !')

        settings = {}

        for each in ret:

            k = each.ui_key

            v = each.ui_value

            if k == '/':

                k = 'root_path'

            if k == 'push_ssl':

                v = str2bool(v)

            if k.find('.') != -1:

                k = k.replace('.', '_')

            if each.ui_section in ['hooks', 'extensions']:

                v = each.ui_active

            settings[each.ui_section + '_' + k] = v

        return settings

    @HasPermissionAllDecorator('hg.admin')

    def settings_vcs(self):

        """GET /admin/settings: All items in the collection"""

        # url('admin_settings')

        c.active = 'vcs'

        if request.POST:

            application_form = ApplicationUiSettingsForm()()

            try:

                form_result = application_form.to_python(dict(request.POST))

            except formencode.Invalid as errors:

                return htmlfill.render(

                     render('admin/settings/settings.html'),

                     defaults=errors.value,

                     errors=errors.error_dict or {},

                     prefix_error=False,

                     encoding="UTF-8",

                     force_defaults=False)

            try:

                sett.ui_value = form_result['web_push_ssl']

                if c.visual.allow_repo_location_change:

                    sett.ui_value = form_result['paths_root_path']

                #HOOKS

                sett.ui_active = form_result['hooks_changegroup_update']

                sett.ui_active = form_result['hooks_changegroup_repo_size']

                sett.ui_active = form_result['hooks_changegroup_push_logger']

                sett.ui_active = form_result['hooks_outgoing_pull_logger']

                ## EXTENSIONS

                sett = Ui.get_or_create('extensions', 'largefiles')

                sett.ui_active = form_result['extensions_largefiles']

                sett = Ui.get_or_create('extensions', 'hgsubversion')

                sett.ui_active = form_result['extensions_hgsubversion']

                if sett.ui_active:

                    try:

                        import hgsubversion  # pragma: no cover

                    except ImportError:

                        raise HgsubversionImportError

#                sett = Ui.get_or_create('extensions', 'hggit')

#                sett.ui_active = form_result['extensions_hggit']

                Session().commit()

                h.flash(_('Updated VCS settings'), category='success')

            except HgsubversionImportError:

                log.error(traceback.format_exc())

                h.flash(_('Unable to activate hgsubversion support. '

                          'The "hgsubversion" library is missing'),

                        category='error')

            except Exception:

                log.error(traceback.format_exc())

                h.flash(_('Error occurred while updating '

                          'application settings'), category='error')

        defaults = Setting.get_app_settings()

        defaults.update(self._get_hg_ui_settings())

        return htmlfill.render(

            render('admin/settings/settings.html'),

            defaults=defaults,

            encoding="UTF-8",

            force_defaults=False)

    @HasPermissionAllDecorator('hg.admin')

    def settings_mapping(self):

        """GET /admin/settings/mapping: All items in the collection"""

        # url('admin_settings_mapping')

        c.active = 'mapping'

        if request.POST:

            rm_obsolete = request.POST.get('destroy', False)

            install_git_hooks = request.POST.get('hooks', False)

            overwrite_git_hooks = request.POST.get('hooks_overwrite', False);

            invalidate_cache = request.POST.get('invalidate', False)

            log.debug('rescanning repo location with destroy obsolete=%s, '

                      'install git hooks=%s and '

                      'overwrite git hooks=%s' % (rm_obsolete, install_git_hooks, overwrite_git_hooks))

            if invalidate_cache:

                log.debug('invalidating all repositories cache')

                for repo in Repository.get_all():

                    ScmModel().mark_for_invalidation(repo.repo_name)

            filesystem_repos = ScmModel().repo_scan()

            added, removed = repo2db_mapper(filesystem_repos, rm_obsolete,

                                            install_git_hooks=install_git_hooks,

                                            user=c.authuser.username,

                                            overwrite_git_hooks=overwrite_git_hooks)

            h.flash(h.literal(_('Repositories successfully rescanned. Added: %s. Removed: %s.') %

                (', '.join(h.link_to(safe_unicode(repo_name), h.url('summary_home', repo_name=repo_name))

                 for repo_name in added) or '-',

                 ', '.join(h.escape(safe_unicode(repo_name)) for repo_name in removed) or '-')),

                category='success')

            raise HTTPFound(location=url('admin_settings_mapping'))

        defaults = Setting.get_app_settings()

        defaults.update(self._get_hg_ui_settings())

        return htmlfill.render(

            render('admin/settings/settings.html'),

            defaults=defaults,

            encoding="UTF-8",

            force_defaults=False)

    @HasPermissionAllDecorator('hg.admin')

    def settings_global(self):

        """GET /admin/settings/global: All items in the collection"""

        # url('admin_settings_global')

        c.active = 'global'

        if request.POST:

            application_form = ApplicationSettingsForm()()

            try:

                form_result = application_form.to_python(dict(request.POST))

            except formencode.Invalid as errors:

                return htmlfill.render(

                    render('admin/settings/settings.html'),

                    defaults=errors.value,

                    errors=errors.error_dict or {},

                    prefix_error=False,

# -*- coding: utf-8 -*-

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

kallithea.controllers.forks

~~~~~~~~~~~~~~~~~~~~~~~~~~~

forks controller for Kallithea

This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: Apr 23, 2011

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

import logging

import formencode

import traceback

from formencode import htmlfill

from pylons import tmpl_context as c, request, url

from pylons.i18n.translation import _

from webob.exc import HTTPFound

import kallithea.lib.helpers as h

from kallithea.lib.helpers import Page

from kallithea.lib.auth import LoginRequired, HasRepoPermissionAnyDecorator, \

    NotAnonymous, HasRepoPermissionAny, HasPermissionAnyDecorator, HasPermissionAny

from kallithea.lib.base import BaseRepoController, render

from kallithea.model.db import Repository, UserFollowing, User, Ui

from kallithea.model.repo import RepoModel

from kallithea.model.forms import RepoForkForm

from kallithea.model.scm import ScmModel, AvailableRepoGroupChoices

from kallithea.lib.utils2 import safe_int

log = logging.getLogger(__name__)

class ForksController(BaseRepoController):

    def __before__(self):

        super(ForksController, self).__before__()

    def __load_defaults(self):

        repo_group_perms = ['group.admin']

        if HasPermissionAny('hg.create.write_on_repogroup.true')():

            repo_group_perms.append('group.write')

        c.repo_groups = AvailableRepoGroupChoices(['hg.create.repository'], repo_group_perms)

        c.landing_revs_choices, c.landing_revs = ScmModel().get_repo_landing_revs()

    def __load_data(self, repo_name=None):

        """

        Load defaults settings for edit, and update

        :param repo_name:

        """

        self.__load_defaults()

        c.repo_info = db_repo = Repository.get_by_repo_name(repo_name)

        repo = db_repo.scm_instance

        if c.repo_info is None:

            h.not_mapped_error(repo_name)

            raise HTTPFound(location=url('repos'))

        c.default_user_id = User.get_default_user().user_id

        c.in_public_journal = UserFollowing.query() \

            .filter(UserFollowing.user_id == c.default_user_id) \

            .filter(UserFollowing.follows_repository == c.repo_info).scalar()

        if c.repo_info.stats:

            last_rev = c.repo_info.stats.stat_on_revision+1

        else:

            last_rev = 0

        c.stats_revision = last_rev

        c.repo_last_rev = repo.count() if repo.revisions else 0

        if last_rev == 0 or c.repo_last_rev == 0:

            c.stats_percentage = 0

        else:

            c.stats_percentage = '%.2f' % ((float((last_rev)) /

                                            c.repo_last_rev) * 100)

        defaults = RepoModel()._get_defaults(repo_name)

        # alter the description to indicate a fork

        defaults['description'] = ('fork of repository: %s \n%s'

                                   % (defaults['repo_name'],

                                      defaults['description']))

        # add suffix to fork

        defaults['repo_name'] = '%s-fork' % defaults['repo_name']

        return defaults

    @LoginRequired()

    @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',

                                   'repository.admin')

    def forks(self, repo_name):

        p = safe_int(request.GET.get('page', 1), 1)

        repo_id = c.db_repo.repo_id

        d = []

        for r in Repository.get_repo_forks(repo_id):

            if not HasRepoPermissionAny(

                'repository.read', 'repository.write', 'repository.admin'

            )(r.repo_name, 'get forks check'):

                continue

            d.append(r)

        c.forks_pager = Page(d, page=p, items_per_page=20)

        if request.environ.get('HTTP_X_PARTIAL_XHR'):

            return render('/forks/forks_data.html')

        return render('/forks/forks.html')

    @LoginRequired()

    @NotAnonymous()

    @HasPermissionAnyDecorator('hg.admin', 'hg.fork.repository')

    @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',

                                   'repository.admin')

    def fork(self, repo_name):

        c.repo_info = Repository.get_by_repo_name(repo_name)

        if not c.repo_info:

            h.not_mapped_error(repo_name)

            raise HTTPFound(location=url('home'))

        defaults = self.__load_data(repo_name)

        return htmlfill.render(

            render('forks/fork.html'),

            defaults=defaults,

            encoding="UTF-8",

            force_defaults=False)

    @LoginRequired()

    @NotAnonymous()

    @HasPermissionAnyDecorator('hg.admin', 'hg.fork.repository')

    @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',

                                   'repository.admin')

    def fork_create(self, repo_name):

        self.__load_defaults()

        c.repo_info = Repository.get_by_repo_name(repo_name)

        _form = RepoForkForm(old_data={'repo_type': c.repo_info.repo_type},

                             repo_groups=c.repo_groups,

                             landing_revs=c.landing_revs_choices)()

        form_result = {}

        task_id = None

        try:

            form_result = _form.to_python(dict(request.POST))

            # an approximation that is better than nothing

                form_result['update_after_clone'] = False

            # create fork is done sometimes async on celery, db transaction

            # management is handled there.

            task = RepoModel().create_fork(form_result, self.authuser.user_id)

            from celery.result import BaseAsyncResult

            if isinstance(task, BaseAsyncResult):

                task_id = task.task_id

        except formencode.Invalid as errors:

            return htmlfill.render(

                render('forks/fork.html'),

                defaults=errors.value,

                errors=errors.error_dict or {},

                prefix_error=False,

                encoding="UTF-8",

                force_defaults=False)

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('An error occurred during repository forking %s') %

                    repo_name, category='error')

        raise HTTPFound(location=h.url('repo_creating_home',

                              repo_name=form_result['repo_name_full'],

                              task_id=task_id))

            return self.build_authentication()

        (authmeth, auth) = authorization.split(' ', 1)

        if 'basic' != authmeth.lower():

            return self.build_authentication()

        auth = auth.strip().decode('base64')

        _parts = auth.split(':', 1)

        if len(_parts) == 2:

            username, password = _parts

            if self.authfunc(username, password, environ) is not None:

                return username

        return self.build_authentication()

    __call__ = authenticate

class BaseVCSController(object):

    def __init__(self, application, config):

        self.application = application

        self.config = config

        # base path of repo locations

        self.basepath = self.config['base_path']

        # authenticate this VCS request using the authentication modules

        self.authenticate = BasicAuth('', auth_modules.authenticate,

                                      config.get('auth_ret_code'))

        self.ip_addr = '0.0.0.0'

    def _handle_request(self, environ, start_response):

        raise NotImplementedError()

    def _get_by_id(self, repo_name):

        """

        Gets a special pattern _<ID> from clone url and tries to replace it

        with a repository_name for support of _<ID> permanent URLs

        :param repo_name:

        """

        data = repo_name.split('/')

        if len(data) >= 2:

            from kallithea.lib.utils import get_repo_by_id

            by_id_match = get_repo_by_id(repo_name)

            if by_id_match:

                data[1] = by_id_match

        return '/'.join(data)

    def _invalidate_cache(self, repo_name):

        """

        Sets cache for this repository for invalidation on next access

        :param repo_name: full repo name, also a cache key

        """

        ScmModel().mark_for_invalidation(repo_name)

    def _check_permission(self, action, user, repo_name, ip_addr=None):

        """

        Checks permissions using action (push/pull) user and repository

        name

        :param action: push or pull action

        :param user: `User` instance

        :param repo_name: repository name

        """

        # check IP

        ip_allowed = AuthUser.check_ip_allowed(user, ip_addr)

        if ip_allowed:

            log.info('Access for IP:%s allowed', ip_addr)

        else:

            return False

        if action == 'push':

            if not HasPermissionAnyMiddleware('repository.write',

                                              'repository.admin')(user,

                                                                  repo_name):

                return False

        else:

            #any other action need at least read permission

            if not HasPermissionAnyMiddleware('repository.read',

                                              'repository.write',

                                              'repository.admin')(user,

                                                                  repo_name):

                return False

        return True

    def _get_ip_addr(self, environ):

        return _get_ip_addr(environ)

    def _check_ssl(self, environ):

        """

        Checks the SSL check flag and returns False if SSL is not present

        and required True otherwise

        """

        #check if we have SSL required  ! if not it's a bad request !

            org_proto = environ.get('wsgi._org_proto', environ['wsgi.url_scheme'])

            if org_proto != 'https':

                log.debug('proto is %s and SSL is required BAD REQUEST !',

                          org_proto)

                return False

        return True

    def _check_locking_state(self, environ, action, repo, user_id):

        """

        Checks locking on this repository, if locking is enabled and lock is

        present returns a tuple of make_lock, locked, locked_by.

        make_lock can have 3 states None (do nothing) True, make lock

        False release lock, This value is later propagated to hooks, which

        do the locking. Think about this as signals passed to hooks what to do.

        """

        locked = False  # defines that locked error should be thrown to user

        make_lock = None

        repo = Repository.get_by_repo_name(repo)

        user = User.get(user_id)

        # this is kind of hacky, but due to how mercurial handles client-server

        # server see all operation on changeset; bookmarks, phases and

        # obsolescence marker in different transaction, we don't want to check

        # locking on those

        obsolete_call = environ['QUERY_STRING'] in ['cmd=listkeys',]

        locked_by = repo.locked

        if repo and repo.enable_locking and not obsolete_call:

            if action == 'push':

                #check if it's already locked !, if it is compare users

                user_id, _date = repo.locked

                if user.user_id == user_id:

                    log.debug('Got push from user %s, now unlocking', user)

                    # unlock if we have push from user who locked

                    make_lock = False

                else:

                    # we're not the same user who locked, ban with 423 !

                    locked = True

            if action == 'pull':

                if repo.locked[0] and repo.locked[1]:

                    locked = True

                else:

                    log.debug('Setting lock on repo %s by %s', repo, user)

                    make_lock = True

        else:

            log.debug('Repository %s do not have locking enabled', repo)

        log.debug('FINAL locking values make_lock:%s,locked:%s,locked_by:%s',

                  make_lock, locked, locked_by)

        return make_lock, locked, locked_by

    def __call__(self, environ, start_response):

        start = time.time()

        try:

            return self._handle_request(environ, start_response)

        finally:

            log = logging.getLogger('kallithea.' + self.__class__.__name__)

            log.debug('Request time: %.3fs', time.time() - start)

            meta.Session.remove()

class BaseController(WSGIController):

    def __before__(self):

        """

        __before__ is called before controller methods and after __call__

        """

        c.kallithea_version = __version__

        rc_config = Setting.get_app_settings()

        # Visual options

        c.visual = AttributeDict({})

        ## DB stored

        c.visual.show_public_icon = str2bool(rc_config.get('show_public_icon'))

        c.visual.show_private_icon = str2bool(rc_config.get('show_private_icon'))

        c.visual.stylify_metatags = str2bool(rc_config.get('stylify_metatags'))

        c.visual.dashboard_items = safe_int(rc_config.get('dashboard_items', 100))

        c.visual.admin_grid_items = safe_int(rc_config.get('admin_grid_items', 100))

        c.visual.repository_fields = str2bool(rc_config.get('repository_fields'))

        c.visual.show_version = str2bool(rc_config.get('show_version'))

        c.visual.use_gravatar = str2bool(rc_config.get('use_gravatar'))

        c.visual.gravatar_url = rc_config.get('gravatar_url')

        c.ga_code = rc_config.get('ga_code')

        # TODO: replace undocumented backwards compatibility hack with db upgrade and rename ga_code

        if c.ga_code and '<' not in c.ga_code:

            c.ga_code = '''<script type="text/javascript">

                var _gaq = _gaq || [];

                _gaq.push(['_setAccount', '%s']);

                _gaq.push(['_trackPageview']);

                (function() {

                    var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;

                    ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';

                    var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);

        else:

            res.app_settings_name = key

            if not isinstance(val, Optional):

                # update if set

                res.app_settings_value = val

            if not isinstance(type, Optional):

                # update if set

                res.app_settings_type = type

        return res

    @classmethod

    def get_app_settings(cls, cache=False):

        ret = cls.query()

        if cache:

            ret = ret.options(FromCache("sql_cache_short", "get_hg_settings"))

        if ret is None:

            raise Exception('Could not get application settings !')

        settings = {}

        for each in ret:

            settings[each.app_settings_name] = \

                each.app_settings_value

        return settings

    @classmethod

    def get_auth_plugins(cls, cache=False):

        auth_plugins = cls.get_by_name("auth_plugins").app_settings_value

        return auth_plugins

    @classmethod

    def get_auth_settings(cls, cache=False):

        ret = cls.query() \

                .filter(cls.app_settings_name.startswith('auth_')).all()

        fd = {}

        for row in ret:

            fd[row.app_settings_name] = row.app_settings_value

        return fd

    @classmethod

    def get_default_repo_settings(cls, cache=False, strip_prefix=False):

        ret = cls.query() \

                .filter(cls.app_settings_name.startswith('default_')).all()

        fd = {}

        for row in ret:

            key = row.app_settings_name

            if strip_prefix:

                key = remove_prefix(key, prefix='default_')

            fd.update({key: row.app_settings_value})

        return fd

    @classmethod

    def get_server_info(cls):

        import pkg_resources

        import platform

        import kallithea

        from kallithea.lib.utils import check_git_version

        mods = [(p.project_name, p.version) for p in pkg_resources.working_set]

        info = {

            'modules': sorted(mods, key=lambda k: k[0].lower()),

            'py_version': platform.python_version(),

            'platform': safe_unicode(platform.platform()),

            'kallithea_version': kallithea.__version__,

            'git_version': safe_unicode(check_git_version()),

            'git_path': kallithea.CONFIG.get('git_path')

        }

        return info

class Ui(Base, BaseModel):

    __tablename__ = DB_PREFIX + 'ui'

    __table_args__ = (

        # FIXME: ui_key as key is wrong and should be removed when the corresponding

        # Ui.get_by_key has been replaced by the composite key

        UniqueConstraint('ui_key'),

        UniqueConstraint('ui_section', 'ui_key'),

        _table_args_default_dict,

    )

    HOOK_UPDATE = 'changegroup.update'

    HOOK_REPO_SIZE = 'changegroup.repo_size'

    HOOK_PUSH = 'changegroup.push_logger'

    HOOK_PRE_PUSH = 'prechangegroup.pre_push'

    HOOK_PULL = 'outgoing.pull_logger'

    HOOK_PRE_PULL = 'preoutgoing.pre_pull'

    ui_id = Column(Integer(), unique=True, primary_key=True)

    ui_section = Column(String(255), nullable=False)

    ui_key = Column(String(255), nullable=False)

    ui_value = Column(String(255), nullable=True) # FIXME: not nullable?

    ui_active = Column(Boolean(), nullable=False, default=True)

    @classmethod

        """ Return specified Ui object, or None if not found. """

    @classmethod

    def get_or_create(cls, section, key):

        """ Return specified Ui object, creating it if necessary. """

        if setting is None:

            setting = cls(ui_section=section, ui_key=key)

            Session().add(setting)

        return setting

    @classmethod

    def get_builtin_hooks(cls):

        q = cls.query()

        q = q.filter(cls.ui_key.in_([cls.HOOK_UPDATE, cls.HOOK_REPO_SIZE,

                                     cls.HOOK_PUSH, cls.HOOK_PRE_PUSH,

                                     cls.HOOK_PULL, cls.HOOK_PRE_PULL]))

        return q.all()

    @classmethod

    def get_custom_hooks(cls):

        q = cls.query()

        q = q.filter(~cls.ui_key.in_([cls.HOOK_UPDATE, cls.HOOK_REPO_SIZE,

                                      cls.HOOK_PUSH, cls.HOOK_PRE_PUSH,

                                      cls.HOOK_PULL, cls.HOOK_PRE_PULL]))

        q = q.filter(cls.ui_section == 'hooks')

        return q.all()

    @classmethod

    def get_repos_location(cls):

    @classmethod

    def create_or_update_hook(cls, key, val):

        new_ui = cls.get_or_create('hooks', key)

        new_ui.ui_active = True

        new_ui.ui_value = val

    def __repr__(self):

        return '<%s[%s]%s=>%s]>' % (self.__class__.__name__, self.ui_section,

                                    self.ui_key, self.ui_value)

class User(Base, BaseModel):

    __tablename__ = 'users'

    __table_args__ = (

        Index('u_username_idx', 'username'),

        Index('u_email_idx', 'email'),

        _table_args_default_dict,

    )

    DEFAULT_USER = 'default'

    DEFAULT_GRAVATAR_URL = 'https://secure.gravatar.com/avatar/{md5email}?d=identicon&s={size}'

    user_id = Column(Integer(), unique=True, primary_key=True)

    username = Column(String(255), nullable=False, unique=True)

    password = Column(String(255), nullable=False)

    active = Column(Boolean(), nullable=False, default=True)

    admin = Column(Boolean(), nullable=False, default=False)

    name = Column("firstname", Unicode(255), nullable=False)

    lastname = Column(Unicode(255), nullable=False)

    _email = Column("email", String(255), nullable=True, unique=True) # FIXME: not nullable?

    last_login = Column(DateTime(timezone=False), nullable=True)

    extern_type = Column(String(255), nullable=True) # FIXME: not nullable?

    extern_name = Column(String(255), nullable=True) # FIXME: not nullable?

    api_key = Column(String(255), nullable=False)

    inherit_default_permissions = Column(Boolean(), nullable=False, default=True)

    created_on = Column(DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

    _user_data = Column("user_data", LargeBinary(), nullable=True)  # JSON data # FIXME: not nullable?

    user_log = relationship('UserLog')

    user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all')

    repositories = relationship('Repository')

    repo_groups = relationship('RepoGroup')

    user_groups = relationship('UserGroup')

    user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all')

    followings = relationship('UserFollowing', primaryjoin='UserFollowing.user_id==User.user_id', cascade='all')

    repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all')

    repo_group_to_perm = relationship('UserRepoGroupToPerm', primaryjoin='UserRepoGroupToPerm.user_id==User.user_id', cascade='all')

    group_member = relationship('UserGroupMember', cascade='all')

    notifications = relationship('UserNotification', cascade='all')

    # notifications assigned to this user

    user_created_notifications = relationship('Notification', cascade='all')

    # comments created by this user

    user_comments = relationship('ChangesetComment', cascade='all')

    #extra emails for this user

    user_emails = relationship('UserEmailMap', cascade='all')

    #extra API keys

    user_api_keys = relationship('UserApiKeys', cascade='all')

    @hybrid_property

    def email(self):

        return self._email

    @email.setter

    def email(self, val):

        self._email = val.lower() if val else None

    @property

    def firstname(self):

        # alias for future

        return self.name

    @property

    def emails(self):

        other = UserEmailMap.query().filter(UserEmailMap.user==self).all()

        return [self.email] + [x.email for x in other]

    @property

    def api_keys(self):

        other = UserApiKeys.query().filter(UserApiKeys.user==self).all()

        return [self.api_key] + [x.api_key for x in other]

    @property

    def ip_addresses(self):

        ret = UserIpMap.query().filter(UserIpMap.user == self).all()

        return [x.ip_addr for x in ret]

    @property

    def full_name(self):

        return '%s %s' % (self.firstname, self.lastname)

# -*- coding: utf-8 -*-

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

kallithea.model.repo_group

~~~~~~~~~~~~~~~~~~~~~~~~~~

repo group model for Kallithea

This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: Jan 25, 2011

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.