from kallithea.config.routing import url

from kallithea.lib import helpers as h

from kallithea.lib.exceptions import UserGroupsAssignedException, \

    RepoGroupAssignmentError

from kallithea.lib.utils2 import safe_unicode, safe_int

from kallithea.lib.auth import LoginRequired, \

from kallithea.lib.base import BaseController, render

from kallithea.model.scm import UserGroupList

from kallithea.model.user_group import UserGroupModel

from kallithea.model.repo import RepoModel

from kallithea.model.db import User, UserGroup, UserGroupToPerm, \

    UserGroupRepoToPerm, UserGroupRepoGroupToPerm

        return data

    def index(self, format='html'):

        _list = UserGroup.query() \

                        .order_by(func.lower(UserGroup.users_group_name)) \

                        .all()

        user_groups_data = []

        total_records = len(group_iter)

        _tmpl_lookup = kallithea.CONFIG['pylons.app_globals'].mako_lookup

        template = _tmpl_lookup.get_template('data_table/_dt_elements.html')

        user_group_name = lambda user_group_id, user_group_name: (

        raise HTTPFound(location=url('users_groups'))

    @HasPermissionAnyDecorator('hg.admin', 'hg.usergroup.create.true')

    def new(self, format='html'):

        return render('admin/user_groups/user_group_add.html')

    def update(self, id):

        c.user_group = UserGroup.get_or_404(id)

        c.active = 'settings'

        self.__load_data(id)

        available_members = [safe_unicode(x[0]) for x in c.available_members]

            log.error(traceback.format_exc())

            h.flash(_('Error occurred during update of user group %s') \

                    % request.POST.get('users_group_name'), category='error')

        raise HTTPFound(location=url('edit_users_group', id=id))

    def delete(self, id):

        usr_gr = UserGroup.get_or_404(id)

        try:

            UserGroupModel().delete(usr_gr)

            Session().commit()

            h.flash(_('Successfully deleted user group'), category='success')

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('An error occurred during deletion of user group'),

                    category='error')

        raise HTTPFound(location=url('users_groups'))

    def edit(self, id, format='html'):

        c.user_group = UserGroup.get_or_404(id)

        c.active = 'settings'

        self.__load_data(id)

        defaults = self.__load_defaults(id)

            render('admin/user_groups/user_group_edit.html'),

            defaults=defaults,

            encoding="UTF-8",

            force_defaults=False

        )

    def edit_perms(self, id):

        c.user_group = UserGroup.get_or_404(id)

        c.active = 'perms'

        repo_model = RepoModel()

        c.users_array = repo_model.get_users_js()

            render('admin/user_groups/user_group_edit.html'),

            defaults=defaults,

            encoding="UTF-8",

            force_defaults=False

        )

    def update_perms(self, id):

        """

        grant permission for given usergroup

        :param id:

        """

        #action_logger(request.authuser, 'admin_changed_repo_permissions',

        #              repo_name, request.ip_addr, self.sa)

        Session().commit()

        h.flash(_('User group permissions updated'), category='success')

        raise HTTPFound(location=url('edit_user_group_perms', id=id))

    def delete_perms(self, id):

        try:

            obj_type = request.POST.get('obj_type')

            obj_id = None

            if obj_type == 'user':

                obj_id = safe_int(request.POST.get('user_id'))

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('An error occurred during revoking of permission'),

                    category='error')

            raise HTTPInternalServerError()

    def edit_default_perms(self, id):

        c.user_group = UserGroup.get_or_404(id)

        c.active = 'default_perms'

        permissions = {

            'repositories': {},

            render('admin/user_groups/user_group_edit.html'),

            defaults=defaults,

            encoding="UTF-8",

            force_defaults=False

        )

    def update_default_perms(self, id):

        user_group = UserGroup.get_or_404(id)

        try:

            form = CustomDefaultPermissionsForm()()

            form_result = form.to_python(request.POST)

            log.error(traceback.format_exc())

            h.flash(_('An error occurred during permissions saving'),

                    category='error')

        raise HTTPFound(location=url('edit_user_group_default_perms', id=id))

    def edit_advanced(self, id):

        c.user_group = UserGroup.get_or_404(id)

        c.active = 'advanced'

        c.group_members_obj = sorted((x.user for x in c.user_group.members),

                                     key=lambda u: u.username.lower())

        return render('admin/user_groups/user_group_edit.html')

    def edit_members(self, id):

        c.user_group = UserGroup.get_or_404(id)

        c.active = 'members'

        c.group_members_obj = sorted((x.user for x in c.user_group.members),

                                     key=lambda u: u.username.lower())

from pylons import request

from kallithea.controllers.api import JSONRPCController, JSONRPCError

from kallithea.lib.auth import (

    PasswordGenerator, AuthUser, HasPermissionAnyDecorator,

    HasPermissionAnyDecorator, HasPermissionAny, HasRepoPermissionLevel,

from kallithea.lib.utils import map_groups, repo2db_mapper

from kallithea.lib.utils2 import (

    str2bool, time_to_datetime, safe_int, Optional, OAttr)

from kallithea.model.meta import Session

from kallithea.model.repo_group import RepoGroupModel

from kallithea.model.scm import ScmModel, UserGroupList

                     }

            error : null

        """

        user_group = get_user_group_or_error(usergroupid)

        if not HasPermissionAny('hg.admin')():

                raise JSONRPCError('user group `%s` does not exist' % (usergroupid,))

        data = user_group.get_api_data()

        return data

    # permission check inside

            id : <id_given_in_input>

            result : [<user_group_obj>,...]

            error : null

        """

        result = []

            result.append(user_group.get_api_data())

        return result

    @HasPermissionAnyDecorator('hg.admin', 'hg.usergroup.create.true')

    def create_user_group(self, group_name, description=Optional(''),

                          owner=Optional(OAttr('apiuser')), active=Optional(True)):

            "failed to update user group `<user group name>`"

          }

        """

        user_group = get_user_group_or_error(usergroupid)

        if not HasPermissionAny('hg.admin')():

                raise JSONRPCError('user group `%s` does not exist' % (usergroupid,))

        if not isinstance(owner, Optional):

            owner = get_user_or_error(owner)

        updates = {}

            "RepoGroup assigned to <repo_groups_list>"

          }

        """

        user_group = get_user_group_or_error(usergroupid)

        if not HasPermissionAny('hg.admin')():

                raise JSONRPCError('user group `%s` does not exist' % (usergroupid,))

        try:

            UserGroupModel().delete(user_group)

            Session().commit()

            return dict(

          }

        """

        user = get_user_or_error(userid)

        user_group = get_user_group_or_error(usergroupid)

        if not HasPermissionAny('hg.admin')():

                raise JSONRPCError('user group `%s` does not exist' % (usergroupid,))

        try:

            ugm = UserGroupModel().add_user_to_group(user_group, user)

            success = True if ugm != True else False

            msg = 'added member `%s` to user group `%s`' % (

            error:  null

        """

        user = get_user_or_error(userid)

        user_group = get_user_group_or_error(usergroupid)

        if not HasPermissionAny('hg.admin')():

                raise JSONRPCError('user group `%s` does not exist' % (usergroupid,))

        try:

            success = UserGroupModel().remove_user_from_group(user_group, user)

            msg = 'removed member `%s` from user group `%s`' % (

                user.username, user_group.users_group_name

        perm = get_perm_or_error(perm)

        user_group = get_user_group_or_error(usergroupid)

        if not HasPermissionAny('hg.admin')():

            if not HasRepoPermissionLevel('admin')(repo.repo_name):

                raise JSONRPCError('repository `%s` does not exist' % (repoid,))

                raise JSONRPCError('user group `%s` does not exist' % (usergroupid,))

        try:

            RepoModel().grant_user_group_permission(

                repo=repo, group_name=user_group, perm=perm)

        repo = get_repo_or_error(repoid)

        user_group = get_user_group_or_error(usergroupid)

        if not HasPermissionAny('hg.admin')():

            if not HasRepoPermissionLevel('admin')(repo.repo_name):

                raise JSONRPCError('repository `%s` does not exist' % (repoid,))

                raise JSONRPCError('user group `%s` does not exist' % (usergroupid,))

        try:

            RepoModel().revoke_user_group_permission(

                repo=repo, group_name=user_group)

        user_group = get_user_group_or_error(usergroupid)

        if not HasPermissionAny('hg.admin')():

            if not HasRepoGroupPermissionLevel('admin')(repo_group.group_name):

                raise JSONRPCError(

                    'repository group `%s` does not exist' % (repogroupid,))

                raise JSONRPCError(

                    'user group `%s` does not exist' % (usergroupid,))

        apply_to_children = Optional.extract(apply_to_children)

        try:

        user_group = get_user_group_or_error(usergroupid)

        if not HasPermissionAny('hg.admin')():

            if not HasRepoGroupPermissionLevel('admin')(repo_group.group_name):

                raise JSONRPCError(

                    'repository group `%s` does not exist' % (repogroupid,))

                raise JSONRPCError(

                    'user group `%s` does not exist' % (usergroupid,))

        apply_to_children = Optional.extract(apply_to_children)

        try:

        actual_perm = self.permissions['repositories_groups'].get(repo_group_name)

        ok = actual_perm in required_perms

        log.debug('Checking if user %r can %r repo group %r (%s): %s (has %r)',

            self.username, level, repo_group_name, purpose, ok, actual_perm)

        return ok

    @property

    def api_keys(self):

        return self._get_api_keys()

    def __get_perms(self, user, explicit=True, algo='higherwin', cache=False):

        """

    def check_permissions(self, user):

        repo_group_name = get_repo_group_slug(request)

        (level,) = self.required_perms

        return user.has_repository_group_permission_level(repo_group_name, level)

    """

    Checks for access permission for any of given predicates for specific

    user group. In order to fulfill the request any of predicates must be meet

    """

    def check_permissions(self, user):

        user_group_name = get_user_group_slug(request)

#==============================================================================

# CHECK FUNCTIONS

#==============================================================================

    def __call__(self, group_name, purpose=None):

        (level,) = self.required_perms

        return request.user.has_repository_group_permission_level(group_name, level, purpose)

    def __call__(self, user_group_name, purpose=None):

#==============================================================================

# SPECIAL VERSION TO HANDLE MIDDLEWARE AUTH

#==============================================================================

from kallithea.model.base import BaseModel

from kallithea.model.db import Repository, UserRepoToPerm, UserGroupRepoToPerm, \

    UserRepoGroupToPerm, UserGroupRepoGroupToPerm, User, Permission, \

    Statistics, UserGroup, Ui, RepoGroup, RepositoryField

from kallithea.lib import helpers as h

from kallithea.lib.exceptions import AttachedForksError

from kallithea.model.scm import UserGroupList

log = logging.getLogger(__name__)

    def get_user_groups_js(self):

        user_groups = self.sa.query(UserGroup) \

            .filter(UserGroup.users_group_active == True) \

            .order_by(UserGroup.users_group_name) \

            .options(subqueryload(UserGroup.members)) \

            .all()

        return json.dumps([

            {

                'id': gr.users_group_id,

                'grname': gr.users_group_name,

                'grmembers': len(gr.members),

            } for gr in user_groups]

            if member_type == 'user':

                # this updates existing one

                self.grant_user_permission(

                    repo=repo, user=member, perm=perm

                )

            else:

                    self.grant_user_group_permission(

                        repo=repo, group_name=member, perm=perm

                    )

            # set new permissions

        for member, perm, member_type in perms_new:

            if member_type == 'user':

                self.grant_user_permission(

                    repo=repo, user=member, perm=perm

                )

            else:

                    self.grant_user_group_permission(

                        repo=repo, group_name=member, perm=perm

                    )

    def create_fork(self, form_data, cur_user):

        """

            raise

    def _update_permissions(self, repo_group, perms_new=None,

                            perms_updates=None, recursive=None,

                            check_perms=True):

        from kallithea.model.repo import RepoModel

        if not perms_new:

            perms_new = []

        if not perms_updates:

            perms_updates = []

                ## set for user

                if member_type == 'user':

                    # this updates also current one if found

                    _set_perm_user(obj, user=member, perm=perm)

                ## set for user group

                else:

                        _set_perm_group(obj, users_group=member, perm=perm)

            # set new permissions

            for member, perm, member_type in perms_new:

                if member_type == 'user':

                    _set_perm_user(obj, user=member, perm=perm)

                else:

                        _set_perm_group(obj, users_group=member, perm=perm)

            updates.append(obj)

            # if it's not recursive call for all,repos,groups

            # break the loop and don't proceed with other changes

            if recursive not in ['all', 'repos', 'groups']:

                break

from kallithea import BACKENDS

from kallithea.lib import helpers as h

from kallithea.lib.utils2 import safe_str, safe_unicode, get_server_url, \

    _set_extras

from kallithea.lib.auth import HasRepoPermissionLevel, HasRepoGroupPermissionLevel, \

from kallithea.lib.utils import get_filesystem_repos, make_ui, \

    action_logger

from kallithea.model.base import BaseModel

from kallithea.model.db import Repository, Ui, CacheInvalidation, \

    UserFollowing, UserLog, User, RepoGroup, PullRequest

from kallithea.lib.hooks import log_push_action

                    perm_checker=HasRepoGroupPermissionLevel,

                    extra_kwargs=extra_kwargs)

class UserGroupList(_PermCheckIterator):

        super(UserGroupList, self).__init__(obj_list=db_user_group_list,

                    extra_kwargs=extra_kwargs)

class ScmModel(BaseModel):

    """

    Generic Scm Model

        user_group_to_perm.user_group = user_group

        user_group_to_perm.user_id = def_user.user_id

        return user_group_to_perm

    def _update_permissions(self, user_group, perms_new=None,

                            perms_updates=None):

        if not perms_new:

            perms_new = []

        if not perms_updates:

            perms_updates = []

        # update permissions

            if member_type == 'user':

                # this updates existing one

                self.grant_user_permission(

                    user_group=user_group, user=member, perm=perm

                )

            else:

                    self.grant_user_group_permission(

                        target_user_group=user_group, user_group=member, perm=perm

                    )

        # set new permissions

        for member, perm, member_type in perms_new:

            if member_type == 'user':

                self.grant_user_permission(

                    user_group=user_group, user=member, perm=perm

                )

            else:

                    self.grant_user_group_permission(

                        target_user_group=user_group, user_group=member, perm=perm

                    )

    def get(self, user_group_id, cache=False):

        return UserGroup.get(user_group_id)