# -*- coding: utf-8 -*-

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

kallithea.lib.middleware.simplegit

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

SimpleGit middleware for handling Git protocol requests (push/clone etc.)

It's implemented with basic auth function

This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: Apr 28, 2010

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

import os

import re

import logging

import traceback

from webob.exc import HTTPNotFound, HTTPForbidden, HTTPInternalServerError, \

    HTTPNotAcceptable

from kallithea.model.db import Ui

    _set_extras

from kallithea.lib.base import BaseVCSController

from kallithea.lib.utils import make_ui, is_valid_repo

from kallithea.lib.middleware.pygrack import make_wsgi_app

log = logging.getLogger(__name__)

GIT_PROTO_PAT = re.compile(r'^/(.+)/(info/refs|git-upload-pack|git-receive-pack)')

def is_git(environ):

    path_info = environ['PATH_INFO']

    isgit_path = GIT_PROTO_PAT.match(path_info)

    log.debug('pathinfo: %s detected as Git %s',

        path_info, isgit_path is not None

    )

    return isgit_path

class SimpleGit(BaseVCSController):

    _git_stored_op = 'pull' # most recent kind of command

    def _handle_request(self, environ, start_response):

        if not is_git(environ):

            return self.application(environ, start_response)

        ip_addr = self._get_ip_addr(environ)

        # skip passing error to error controller

        environ['pylons.status_code_redirect'] = True

        #======================================================================

        # EXTRACT REPOSITORY NAME FROM ENV

        #======================================================================

        try:

            str_repo_name = self.__get_repository(environ)

            repo_name = safe_unicode(str_repo_name)

            log.debug('Extracted repo name is %s', repo_name)

        except Exception as e:

            log.error('error extracting repo_name: %r', e)

            return HTTPInternalServerError()(environ, start_response)

        # quick check if that dir exists...

        if not is_valid_repo(repo_name, self.basepath, 'git'):

            return HTTPNotFound()(environ, start_response)

        #======================================================================

        # GET ACTION PULL or PUSH

        #======================================================================

        action = self.__get_action(environ)

        #======================================================================

        # CHECK PERMISSIONS

        #======================================================================

        user, response_app = self._authorize(environ, start_response, action, repo_name, ip_addr)

        if response_app is not None:

            return response_app(environ, start_response)

        # extras are injected into Mercurial UI object and later available

        # in hooks executed by Kallithea

        from kallithea import CONFIG

        server_url = get_server_url(environ)

        extras = {

            'ip': ip_addr,

            'username': user.username,

            'action': action,

            'repository': repo_name,

            'scm': 'git',

            'config': CONFIG['__file__'],

            'server_url': server_url,

        }

        #===================================================================

        # GIT REQUEST HANDLING

        #===================================================================

        log.debug('HOOKS extras is %s', extras)

        baseui = make_ui()

        _set_extras(extras or {})

        try:

            self._handle_githooks(repo_name, action, baseui, environ)

            log.info('%s action on Git repo "%s" by "%s" from %s',

                     action, str_repo_name, safe_str(user.username), ip_addr)

            app = self.__make_app(repo_name)

            return app(environ, start_response)

        except Exception:

            log.error(traceback.format_exc())

            return HTTPInternalServerError()(environ, start_response)

    def __make_app(self, repo_name):

        """

        Return a pygrack wsgi application.

        """

        return make_wsgi_app(repo_name, safe_str(self.basepath)) # FIXME: safe_str???

    def __get_repository(self, environ):

        """

        Gets repository name out of PATH_INFO header

        :param environ: environ where PATH_INFO is stored

        """

        try:

            environ['PATH_INFO'] = self._get_by_id(environ['PATH_INFO'])

            repo_name = GIT_PROTO_PAT.match(environ['PATH_INFO']).group(1)

        except Exception:

            log.error(traceback.format_exc())

            raise

        return repo_name

    def __get_action(self, environ):

        """

        Maps Git request commands into a pull or push command.

        :param environ:

        """

        service = environ['QUERY_STRING'].split('=')

        if len(service) > 1:

            service_cmd = service[1]

            mapping = {

                'git-receive-pack': 'push',

                'git-upload-pack': 'pull',

            }

            op = mapping[service_cmd]

            self._git_stored_op = op

            # try to fallback to stored variable as we don't know if the last

            # operation is pull/push

        return self._git_stored_op

    def _handle_githooks(self, repo_name, action, baseui, environ):

        """

        Handles pull action, push is handled by post-receive hook

        """

        from kallithea.lib.hooks import log_pull_action

        service = environ['QUERY_STRING'].split('=')

        if len(service) < 2:

            return

        from kallithea.model.db import Repository

        _repo = Repository.get_by_repo_name(repo_name)

        _repo = _repo.scm_instance

        if action == 'pull':

            log_pull_action(ui=baseui, repo=_repo._repo)

# -*- coding: utf-8 -*-

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

kallithea.lib.middleware.simplehg

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

SimpleHg middleware for handling Mercurial protocol requests (push/clone etc.).

It's implemented with basic auth function

This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: Apr 28, 2010

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

import os

import logging

import traceback

import urllib

from webob.exc import HTTPNotFound, HTTPForbidden, HTTPInternalServerError, \

    HTTPNotAcceptable, HTTPBadRequest

    _set_extras

from kallithea.lib.base import BaseVCSController

from kallithea.lib.utils import make_ui, is_valid_repo

from kallithea.lib.vcs.utils.hgcompat import RepoError, hgweb_mod

log = logging.getLogger(__name__)

def is_mercurial(environ):

    """

    Returns True if request's target is mercurial server - header

    ``HTTP_ACCEPT`` of such request would start with ``application/mercurial``.

    """

    http_accept = environ.get('HTTP_ACCEPT')

    path_info = environ['PATH_INFO']

    if http_accept and http_accept.startswith('application/mercurial'):

        ishg_path = True

    else:

        ishg_path = False

    log.debug('pathinfo: %s detected as Mercurial %s',

        path_info, ishg_path

    )

    return ishg_path

def get_header_hgarg(environ):

    """Decode the special Mercurial encoding of big requests over multiple headers.

    >>> get_header_hgarg({})

    ''

    >>> get_header_hgarg({'HTTP_X_HGARG_0': ' ', 'HTTP_X_HGARG_1': 'a','HTTP_X_HGARG_2': '','HTTP_X_HGARG_3': 'b+c %20'})

    'ab+c %20'

    """

    chunks = []

    i = 1

    while True:

        v = environ.get('HTTP_X_HGARG_%d' % i)

        if v is None:

            break

        chunks.append(v)

        i += 1

    return ''.join(chunks)

class SimpleHg(BaseVCSController):

    def _handle_request(self, environ, start_response):

        if not is_mercurial(environ):

            return self.application(environ, start_response)

        ip_addr = self._get_ip_addr(environ)

        # skip passing error to error controller

        environ['pylons.status_code_redirect'] = True

        #======================================================================

        # EXTRACT REPOSITORY NAME FROM ENV

        #======================================================================

        try:

            str_repo_name = self.__get_repository(environ)

            repo_name = safe_unicode(str_repo_name)

            log.debug('Extracted repo name is %s', repo_name)

        except Exception as e:

            log.error('error extracting repo_name: %r', e)

            return HTTPInternalServerError()(environ, start_response)

        # quick check if that dir exists...

        if not is_valid_repo(repo_name, self.basepath, 'hg'):

            return HTTPNotFound()(environ, start_response)

        #======================================================================

        # GET ACTION PULL or PUSH

        #======================================================================

        try:

            action = self.__get_action(environ)

        except HTTPBadRequest as e:

            return e(environ, start_response)

        #======================================================================

        # CHECK PERMISSIONS

        #======================================================================

        user, response_app = self._authorize(environ, start_response, action, repo_name, ip_addr)

        if response_app is not None:

            return response_app(environ, start_response)

        # extras are injected into Mercurial UI object and later available

        # in hooks executed by Kallithea

        from kallithea import CONFIG

        server_url = get_server_url(environ)

        extras = {

            'ip': ip_addr,

            'username': user.username,

            'action': action,

            'repository': repo_name,

            'scm': 'hg',

            'config': CONFIG['__file__'],

            'server_url': server_url,

        }

        #======================================================================

        # MERCURIAL REQUEST HANDLING

        #======================================================================

        repo_path = os.path.join(safe_str(self.basepath), str_repo_name)

        log.debug('Repository path is %s', repo_path)

        log.debug('HOOKS extras is %s', extras)

        baseui = make_ui(repo_path=repo_path)

        _set_extras(extras or {})

        try:

            log.info('%s action on Mercurial repo "%s" by "%s" from %s',

                     action, str_repo_name, safe_str(user.username), ip_addr)

            environ['REPO_NAME'] = str_repo_name # used by hgweb_mod.hgweb

            app = self.__make_app(repo_path, baseui)

            return app(environ, start_response)

        except Exception:

            log.error(traceback.format_exc())

            return HTTPInternalServerError()(environ, start_response)

    def __make_app(self, repo_name, baseui):

        """

        Make an hgweb wsgi application using baseui.

        """

        return hgweb_mod.hgweb(repo_name, name=repo_name, baseui=baseui)

    def __get_repository(self, environ):

        """

        Gets repository name out of PATH_INFO header

        :param environ: environ where PATH_INFO is stored

        """

        try:

            environ['PATH_INFO'] = self._get_by_id(environ['PATH_INFO'])

            repo_name = '/'.join(environ['PATH_INFO'].split('/')[1:])

            if repo_name.endswith('/'):

                repo_name = repo_name.rstrip('/')

        except Exception:

            log.error(traceback.format_exc())

            raise

        return repo_name

    def __get_action(self, environ):

        """

        Maps Mercurial request commands into 'pull' or 'push'.

        Raises HTTPBadRequest if the request environment doesn't look like a hg client.

        """

        mapping = {

            # 'batch' is not in this list - it is handled explicitly

            'between': 'pull',

            'branches': 'pull',

            'branchmap': 'pull',

            'capabilities': 'pull',

            'changegroup': 'pull',

            'changegroupsubset': 'pull',

            'changesetdata': 'pull',

            'clonebundles': 'pull',

            'debugwireargs': 'pull',

            'filedata': 'pull',

            'getbundle': 'pull',

            'getlfile': 'pull',

            'heads': 'pull',

            'hello': 'pull',

            'known': 'pull',

            'lheads': 'pull',

            'listkeys': 'pull',

            'lookup': 'pull',

            'manifestdata': 'pull',

            'narrow_widen': 'pull',

            'protocaps': 'pull',

            'statlfile': 'pull',

            'stream_out': 'pull',

            'pushkey': 'push',

            'putlfile': 'push',

            'unbundle': 'push',

            }

        for qry in environ['QUERY_STRING'].split('&'):

            parts = qry.split('=', 1)

            if len(parts) == 2 and parts[0] == 'cmd':

                cmd = parts[1]

                if cmd == 'batch':

                    hgarg = get_header_hgarg(environ)

                    if not hgarg.startswith('cmds='):

                        return 'push' # paranoid and safe

                    for cmd_arg in hgarg[5:].split(';'):

                        cmd, _args = urllib.unquote_plus(cmd_arg).split(' ', 1)

                        op = mapping.get(cmd, 'push')

                        if op != 'pull':

                            assert op == 'push'

                            return 'push'

                    return 'pull'

                return mapping.get(cmd, 'push')

        # Note: the client doesn't get the helpful error message

        raise HTTPBadRequest('Unable to detect pull/push action! Are you using non standard command or client?')

        deltas['year'] -= 1

    # In short version, we want nicer handling of ages of more than a year

    if show_short_version:

        if deltas['year'] == 1:

            # ages between 1 and 2 years: show as months

            deltas['month'] += 12

            deltas['year'] = 0

        if deltas['year'] >= 2:

            # ages 2+ years: round

            if deltas['month'] > 6:

                deltas['year'] += 1

                deltas['month'] = 0

    # Format the result

    fmt_funcs = {

        'year': lambda d: ungettext(u'%d year', '%d years', d) % d,

        'month': lambda d: ungettext(u'%d month', '%d months', d) % d,

        'day': lambda d: ungettext(u'%d day', '%d days', d) % d,

        'hour': lambda d: ungettext(u'%d hour', '%d hours', d) % d,

        'minute': lambda d: ungettext(u'%d minute', '%d minutes', d) % d,

        'second': lambda d: ungettext(u'%d second', '%d seconds', d) % d,

    }

    for i, part in enumerate(order):

        value = deltas[part]

        if value == 0:

            continue

        if i < 5:

            sub_part = order[i + 1]

            sub_value = deltas[sub_part]

        else:

            sub_value = 0

        if sub_value == 0 or show_short_version:

            if future:

                return _('in %s') % fmt_funcs[part](value)

            else:

                return _('%s ago') % fmt_funcs[part](value)

        if future:

            return _('in %s and %s') % (fmt_funcs[part](value),

                fmt_funcs[sub_part](sub_value))

        else:

            return _('%s and %s ago') % (fmt_funcs[part](value),

                fmt_funcs[sub_part](sub_value))

    return _('just now')

def uri_filter(uri):

    """

    Removes user:password from given url string

    :param uri:

    :rtype: unicode

    :returns: filtered list of strings

    """

    if not uri:

        return ''

    proto = ''

    for pat in ('https://', 'http://', 'git://'):

        if uri.startswith(pat):

            uri = uri[len(pat):]

            proto = pat

            break

    # remove passwords and username

    uri = uri[uri.find('@') + 1:]

    # get the port

    cred_pos = uri.find(':')

    if cred_pos == -1:

        host, port = uri, None

    else:

        host, port = uri[:cred_pos], uri[cred_pos + 1:]

    return filter(None, [proto, host, port])

def credentials_filter(uri):

    """

    Returns a url with removed credentials

    :param uri:

    """

    uri = uri_filter(uri)

    # check if we have port

    if len(uri) > 2 and uri[2]:

        uri[2] = ':' + uri[2]

    return ''.join(uri)

def get_clone_url(uri_tmpl, qualified_home_url, repo_name, repo_id, **override):

    parsed_url = urlobject.URLObject(qualified_home_url)

    decoded_path = safe_unicode(urllib.unquote(parsed_url.path.rstrip('/')))

    args = {

        'scheme': parsed_url.scheme,

        'user': '',

        'netloc': parsed_url.netloc+decoded_path,  # path if we use proxy-prefix

        'prefix': decoded_path,

        'repo': repo_name,

        'repoid': str(repo_id)

    }

    args.update(override)

    args['user'] = urllib.quote(safe_str(args['user']))

    for k, v in args.items():

        uri_tmpl = uri_tmpl.replace('{%s}' % k, v)

    # remove leading @ sign if it's present. Case of empty user

    url_obj = urlobject.URLObject(uri_tmpl)

    url = url_obj.with_netloc(url_obj.netloc.lstrip('@'))

    return safe_unicode(url)

def get_changeset_safe(repo, rev):

    """

    Safe version of get_changeset if this changeset doesn't exists for a

    repo it returns a Dummy one instead

    :param repo:

    :param rev:

    """

    from kallithea.lib.vcs.backends.base import BaseRepository

    from kallithea.lib.vcs.exceptions import RepositoryError

    from kallithea.lib.vcs.backends.base import EmptyChangeset

    if not isinstance(repo, BaseRepository):

        raise Exception('You must pass an Repository '

                        'object as first argument got %s', type(repo))

    try:

        cs = repo.get_changeset(rev)

    except (RepositoryError, LookupError):

        cs = EmptyChangeset(requested_revision=rev)

    return cs

def datetime_to_time(dt):

    if dt:

        return time.mktime(dt.timetuple())

def time_to_datetime(tm):

    if tm:

        if isinstance(tm, basestring):

            try:

                tm = float(tm)

            except ValueError:

                return

        return datetime.datetime.fromtimestamp(tm)

# Must match regexp in kallithea/public/js/base.js MentionsAutoComplete()

# Check char before @ - it must not look like we are in an email addresses.

# Matching is greedy so we don't have to look beyond the end.

MENTIONS_REGEX = re.compile(r'(?:^|(?<=[^a-zA-Z0-9]))@([a-zA-Z0-9][-_.a-zA-Z0-9]*[a-zA-Z0-9])')

def extract_mentioned_usernames(text):

    r"""

    Returns list of (possible) usernames @mentioned in given text.

    >>> extract_mentioned_usernames('@1-2.a_X,@1234 not@not @ddd@not @n @ee @ff @gg, @gg;@hh @n\n@zz,')

    ['1-2.a_X', '1234', 'ddd', 'ee', 'ff', 'gg', 'gg', 'hh', 'zz']

    """

    return MENTIONS_REGEX.findall(text)

def extract_mentioned_users(text):

    """ Returns set of actual database Users @mentioned in given text. """

    from kallithea.model.db import User

    result = set()

    for name in extract_mentioned_usernames(text):

        user = User.get_by_username(name, case_insensitive=True)

        if user is not None and not user.is_default_user:

            result.add(user)

    return result

class AttributeDict(dict):

    def __getattr__(self, attr):

        return self.get(attr, None)

    __setattr__ = dict.__setitem__

    __delattr__ = dict.__delitem__

def obfuscate_url_pw(engine):

    from sqlalchemy.engine import url as sa_url

    from sqlalchemy.exc import ArgumentError

    try:

        _url = sa_url.make_url(engine or '')

    except ArgumentError:

        return engine

    if _url.password:

        _url.password = 'XXXXX'

    return str(_url)

def get_server_url(environ):

    req = webob.Request(environ)

    return req.host_url + req.script_name

def _extract_extras():

    """

    Extracts the Kallithea extras data from os.environ, and wraps it into named

    AttributeDict object

    """

    try:

        extras = json.loads(os.environ['KALLITHEA_EXTRAS'])

    except KeyError:

        raise Exception("Environment variable KALLITHEA_EXTRAS not found")

    try:

        for k in ['username', 'repository', 'scm', 'action', 'ip']:

            extras[k]

    except KeyError:

        raise Exception('Missing key %s in KALLITHEA_EXTRAS %s' % (k, extras))

    return AttributeDict(extras)

def _set_extras(extras):

    os.environ['KALLITHEA_EXTRAS'] = json.dumps(extras)

def get_current_authuser():

    """

    Gets kallithea user from threadlocal tmpl_context variable if it's

    defined, else returns None.

    """

    from tg import tmpl_context

    if hasattr(tmpl_context, 'authuser'):

        return tmpl_context.authuser

    return None

class OptionalAttr(object):

    """

    Special Optional Option that defines other attribute. Example::

        def test(apiuser, userid=Optional(OAttr('apiuser')):

            user = Optional.extract(userid)

            # calls

    """

    def __init__(self, attr_name):

        self.attr_name = attr_name

    def __repr__(self):

        return '<OptionalAttr:%s>' % self.attr_name

    def __call__(self):

        return self

# alias

OAttr = OptionalAttr

class Optional(object):

    """

    Defines an optional parameter::

        param = param.getval() if isinstance(param, Optional) else param

        param = param() if isinstance(param, Optional) else param

    is equivalent of::

        param = Optional.extract(param)

    """

    def __init__(self, type_):

        self.type_ = type_

    def __repr__(self):

        return '<Optional:%s>' % self.type_.__repr__()

    def __call__(self):

        return self.getval()

    def getval(self):

        """

        returns value from this Optional instance

        """

        if isinstance(self.type_, OAttr):

            # use params name

            return self.type_.attr_name

        return self.type_

    @classmethod

    def extract(cls, val):

        """

        Extracts value from Optional() instance

        :param val:

        :return: original value if it's not Optional instance else

            value of instance

        """

        if isinstance(val, cls):

            return val.getval()

        return val

def urlreadable(s, _cleanstringsub=re.compile('[^-a-zA-Z0-9./]+').sub):

    return _cleanstringsub('_', safe_str(s)).rstrip('_')

def recursive_replace(str_, replace=' '):

    """

    Recursive replace of given sign to just one instance

    :param str_: given string

    :param replace: char to find and replace multiple instances

    Examples::

    >>> recursive_replace("Mighty---Mighty-Bo--sstones",'-')

    'Mighty-Mighty-Bo-sstones'

    """

    if str_.find(replace * 2) == -1:

        return str_

    else:

        str_ = str_.replace(replace * 2, replace)

        return recursive_replace(str_, replace)

def repo_name_slug(value):

    """

    Return slug of name of repository

    This function is called on each creation/modification

    of repository to prevent bad names in repo

    """

    slug = remove_formatting(value)

    slug = strip_tags(slug)

    for c in """`?=[]\;'"<>,/~!@#$%^&*()+{}|: """:

        slug = slug.replace(c, '-')

    slug = recursive_replace(slug, '-')

    slug = collapse(slug, '-')

    return slug

def ask_ok(prompt, retries=4, complaint='Yes or no please!'):

    while True:

        ok = raw_input(prompt)

        if ok in ('y', 'ye', 'yes'):

            return True

        if ok in ('n', 'no', 'nop', 'nope'):

            return False

        retries = retries - 1

        if retries < 0:

            raise IOError

        print complaint