# -*- coding: utf-8 -*-

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

kallithea.lib.auth

~~~~~~~~~~~~~~~~~~

authentication and permission libraries

This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: Apr 4, 2010

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

import os

import logging

import traceback

import hashlib

import itertools

import collections

from decorator import decorator

from tg import request, session

from tg.i18n import ugettext as _

from sqlalchemy.orm.exc import ObjectDeletedError

from sqlalchemy.orm import joinedload

from webob.exc import HTTPFound, HTTPBadRequest, HTTPForbidden, HTTPMethodNotAllowed

from kallithea import __platform__, is_windows, is_unix

from kallithea.config.routing import url

from kallithea.lib.vcs.utils.lazy import LazyProperty

from kallithea.model.meta import Session

from kallithea.model.user import UserModel

from kallithea.model.db import User, Repository, Permission, \

    UserToPerm, UserGroupRepoToPerm, UserGroupToPerm, UserGroupMember, \

    RepoGroup, UserGroupRepoGroupToPerm, UserIpMap, UserGroupUserGroupToPerm, \

    UserGroup, UserApiKeys

from kallithea.lib.utils2 import safe_str, safe_unicode, aslist

from kallithea.lib.utils import get_repo_slug, get_repo_group_slug, \

    get_user_group_slug, conditional_cache

from kallithea.lib.caching_query import FromCache

log = logging.getLogger(__name__)

class PasswordGenerator(object):

    """

    This is a simple class for generating password from different sets of

    characters

    usage::

        passwd_gen = PasswordGenerator()

        #print 8-letter password containing only big and small letters

            of alphabet

        passwd_gen.gen_password(8, passwd_gen.ALPHABETS_BIG_SMALL)

    """

    ALPHABETS_NUM = r'''1234567890'''

    ALPHABETS_SMALL = r'''qwertyuiopasdfghjklzxcvbnm'''

    ALPHABETS_BIG = r'''QWERTYUIOPASDFGHJKLZXCVBNM'''

    ALPHABETS_SPECIAL = r'''`-=[]\;',./~!@#$%^&*()_+{}|:"<>?'''

    ALPHABETS_FULL = ALPHABETS_BIG + ALPHABETS_SMALL \

        + ALPHABETS_NUM + ALPHABETS_SPECIAL

    ALPHABETS_ALPHANUM = ALPHABETS_BIG + ALPHABETS_SMALL + ALPHABETS_NUM

    ALPHABETS_BIG_SMALL = ALPHABETS_BIG + ALPHABETS_SMALL

    ALPHABETS_ALPHANUM_BIG = ALPHABETS_BIG + ALPHABETS_NUM

    ALPHABETS_ALPHANUM_SMALL = ALPHABETS_SMALL + ALPHABETS_NUM

    def gen_password(self, length, alphabet=ALPHABETS_FULL):

        assert len(alphabet) <= 256, alphabet

        l = []

        while len(l) < length:

            i = ord(os.urandom(1))

            if i < len(alphabet):

                l.append(alphabet[i])

        return ''.join(l)

def get_crypt_password(password):

    """

    Cryptographic function used for password hashing based on pybcrypt

    or Python's own OpenSSL wrapper on windows

    :param password: password to hash

    """

    if is_windows:

        return hashlib.sha256(password).hexdigest()

    elif is_unix:

        import bcrypt

        return bcrypt.hashpw(safe_str(password), bcrypt.gensalt(10))

    else:

        raise Exception('Unknown or unsupported platform %s'

                        % __platform__)

def check_password(password, hashed):

    """

    Checks matching password with it's hashed value, runs different

    implementation based on platform it runs on

    :param password: password

    :param hashed: password in hashed form

    """

    if is_windows:

        return hashlib.sha256(password).hexdigest() == hashed

    elif is_unix:

        import bcrypt

        try:

            return bcrypt.checkpw(safe_str(password), safe_str(hashed))

        except ValueError as e:

            # bcrypt will throw ValueError 'Invalid hashed_password salt' on all password errors

            log.error('error from bcrypt checking password: %s', e)

            return False

    else:

        raise Exception('Unknown or unsupported platform %s'

                        % __platform__)

    Checks for access permission for any of given predicates for specific

    user group. In order to fulfill the request any of predicates must be meet

    """

    def check_permissions(self, user):

        user_group_name = get_user_group_slug(request)

        return user.has_user_group_permission_level(user_group_name, self.required_perm)

#==============================================================================

# CHECK FUNCTIONS

#==============================================================================

class _PermsFunction(object):

    """Base function for other check functions with multiple permissions"""

    def __init__(self, *required_perms):

        self.required_perms = required_perms # usually very short - a list is thus fine

    def __nonzero__(self):

        """ Defend against accidentally forgetting to call the object

            and instead evaluating it directly in a boolean context,

            which could have security implications.

        """

        raise AssertionError(self.__class__.__name__ + ' is not a bool and must be called!')

    def __call__(self, *a, **b):

        raise NotImplementedError()

class HasPermissionAny(_PermsFunction):

    def __call__(self, purpose=None):

        global_permissions = request.authuser.permissions['global'] # usually very short

        ok = any(p in global_permissions for p in self.required_perms)

        log.debug('Check %s for global %s (%s): %s',

            request.authuser.username, self.required_perms, purpose, ok)

        return ok

class _PermFunction(_PermsFunction):

    """Base function for other check functions with a single permission"""

    def __init__(self, required_perm):

        _PermsFunction.__init__(self, [required_perm])

        self.required_perm = required_perm

class HasRepoPermissionLevel(_PermFunction):

    def __call__(self, repo_name, purpose=None):

        return request.authuser.has_repository_permission_level(repo_name, self.required_perm, purpose)

class HasRepoGroupPermissionLevel(_PermFunction):

    def __call__(self, group_name, purpose=None):

        return request.authuser.has_repository_group_permission_level(group_name, self.required_perm, purpose)

class HasUserGroupPermissionLevel(_PermFunction):

    def __call__(self, user_group_name, purpose=None):

        return request.authuser.has_user_group_permission_level(user_group_name, self.required_perm, purpose)

#==============================================================================

# SPECIAL VERSION TO HANDLE MIDDLEWARE AUTH

#==============================================================================

class HasPermissionAnyMiddleware(object):

    def __init__(self, *perms):

        self.required_perms = set(perms)

    def __call__(self, authuser, repo_name, purpose=None):

        # repo_name MUST be unicode, since we handle keys in ok

        # dict by unicode

        repo_name = safe_unicode(repo_name)

        try:

            ok = authuser.permissions['repositories'][repo_name] in self.required_perms

        except KeyError:

            ok = False

        log.debug('Middleware check %s for %s for repo %s (%s): %s', authuser.username, self.required_perms, repo_name, purpose, ok)

        return ok

def check_ip_access(source_ip, allowed_ips=None):

    """

    Checks if source_ip is a subnet of any of allowed_ips.

    :param source_ip:

    :param allowed_ips: list of allowed ips together with mask

    """

    source_ip = source_ip.split('%', 1)[0]

    log.debug('checking if ip:%s is subnet of %s', source_ip, allowed_ips)

    if isinstance(allowed_ips, (tuple, list, set)):

        for ip in allowed_ips:

            if ipaddr.IPAddress(source_ip) in ipaddr.IPNetwork(ip):

                log.debug('IP %s is network %s',

                          ipaddr.IPAddress(source_ip), ipaddr.IPNetwork(ip))

                return True

    return False

# -*- coding: utf-8 -*-

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

kallithea.model.db

~~~~~~~~~~~~~~~~~~

Database Models for Kallithea

This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: Apr 08, 2010

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

import os

import time

import logging

import datetime

import traceback

import hashlib

import collections

import functools

import sqlalchemy

from sqlalchemy import *

from sqlalchemy.ext.hybrid import hybrid_property

from sqlalchemy.orm import relationship, joinedload, class_mapper, validates

from beaker.cache import cache_region, region_invalidate

from webob.exc import HTTPNotFound

from tg.i18n import lazy_ugettext as _

import kallithea

from kallithea.lib.exceptions import DefaultUserException

from kallithea.lib.vcs import get_backend

from kallithea.lib.vcs.utils.helpers import get_scm

from kallithea.lib.vcs.utils.lazy import LazyProperty

from kallithea.lib.vcs.backends.base import EmptyChangeset

from kallithea.lib.utils2 import str2bool, safe_str, get_changeset_safe, \

    safe_unicode, remove_prefix, time_to_datetime, aslist, Optional, safe_int, \

    get_clone_url, urlreadable

from kallithea.lib.compat import json

from kallithea.lib.caching_query import FromCache

from kallithea.model.meta import Base, Session

URL_SEP = '/'

log = logging.getLogger(__name__)

#==============================================================================

# BASE CLASSES

#==============================================================================

_hash_key = lambda k: hashlib.md5(safe_str(k)).hexdigest()

class BaseDbModel(object):

    """

    Base Model for all classes

    """

    @classmethod

    def _get_keys(cls):

        """return column names for this model """

        return class_mapper(cls).c.keys()

    def get_dict(self):

        """

        return dict with keys and values corresponding

        to this model data """

        d = {}

        for k in self._get_keys():

            d[k] = getattr(self, k)

        # also use __json__() if present to get additional fields

        _json_attr = getattr(self, '__json__', None)

        if _json_attr:

            # update with attributes from __json__

            if callable(_json_attr):

                _json_attr = _json_attr()

            for k, val in _json_attr.iteritems():

                d[k] = val

        return d

    def get_appstruct(self):

        """return list with keys and values tuples corresponding

        to this model data """

        return [

            (k, getattr(self, k))

            for k in self._get_keys()

        ]

    def populate_obj(self, populate_dict):

        """populate model with data from given populate_dict"""

        for k in self._get_keys():

            if k in populate_dict:

                setattr(self, k, populate_dict[k])

    @classmethod

    def query(cls):

        return Session().query(cls)

    @classmethod

    def get(cls, id_):

        if id_:

            return cls.query().get(id_)

    @classmethod

    def guess_instance(cls, value, callback=None):

        """Haphazardly attempt to convert `value` to a `cls` instance.

        If `value` is None or already a `cls` instance, return it. If `value`

        is a number (or looks like one if you squint just right), assume it's

        a database primary key and let SQLAlchemy sort things out. Otherwise,

        fall back to resolving it using `callback` (if specified); this could

        e.g. be a function that looks up instances by name (though that won't

        work if the name begins with a digit). Otherwise, raise Exception.

        """

        if value is None:

            return None

            username=user.username,

            firstname=user.name,

            lastname=user.lastname,

            email=user.email,

            emails=user.emails,

            active=user.active,

            admin=user.admin,

        )

        if details:

            data.update(dict(

                extern_type=user.extern_type,

                extern_name=user.extern_name,

                api_key=user.api_key,

                api_keys=user.api_keys,

                last_login=user.last_login,

                ip_addresses=user.ip_addresses

                ))

        return data

    def __json__(self):

        data = dict(

            full_name=self.full_name,

            full_name_or_username=self.full_name_or_username,

            short_contact=self.short_contact,

            full_contact=self.full_contact

        )

        data.update(self.get_api_data())

        return data

class UserApiKeys(Base, BaseDbModel):

    __tablename__ = 'user_api_keys'

    __table_args__ = (

        Index('uak_api_key_idx', 'api_key'),

        Index('uak_api_key_expires_idx', 'api_key', 'expires'),

        _table_args_default_dict,

    )

    user_api_key_id = Column(Integer(), primary_key=True)

    user_id = Column(Integer(), ForeignKey('users.user_id'), nullable=False)

    api_key = Column(String(255), nullable=False, unique=True)

    description = Column(UnicodeText(), nullable=False)

    expires = Column(Float(53), nullable=False)

    created_on = Column(DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

    user = relationship('User')

    @hybrid_property

    def is_expired(self):

        return (self.expires != -1) & (time.time() > self.expires)

class UserEmailMap(Base, BaseDbModel):

    __tablename__ = 'user_email_map'

    __table_args__ = (

        Index('uem_email_idx', 'email'),

        _table_args_default_dict,

    )

    email_id = Column(Integer(), primary_key=True)

    user_id = Column(Integer(), ForeignKey('users.user_id'), nullable=False)

    _email = Column("email", String(255), nullable=False, unique=True)

    user = relationship('User')

    @validates('_email')

    def validate_email(self, key, email):

        # check if this email is not main one

        main_email = Session().query(User).filter(User.email == email).scalar()

        if main_email is not None:

            raise AttributeError('email %s is present is user table' % email)

        return email

    @hybrid_property

    def email(self):

        return self._email

    @email.setter

    def email(self, val):

        self._email = val.lower() if val else None

class UserIpMap(Base, BaseDbModel):

    __tablename__ = 'user_ip_map'

    __table_args__ = (

        UniqueConstraint('user_id', 'ip_addr'),

        _table_args_default_dict,

    )

    ip_id = Column(Integer(), primary_key=True)

    user_id = Column(Integer(), ForeignKey('users.user_id'), nullable=False)

    ip_addr = Column(String(255), nullable=False)

    active = Column(Boolean(), nullable=False, default=True)

    user = relationship('User')

    @classmethod

    def _get_ip_range(cls, ip_addr):

        net = ipaddr.IPNetwork(address=ip_addr)

        return [str(net.network), str(net.broadcast)]

    def __json__(self):

        return dict(

          ip_addr=self.ip_addr,

          ip_range=self._get_ip_range(self.ip_addr)

        )

    def __unicode__(self):

        return u"<%s('user_id:%s=>%s')>" % (self.__class__.__name__,

                                            self.user_id, self.ip_addr)

class UserLog(Base, BaseDbModel):

    __tablename__ = 'user_logs'

    __table_args__ = (

        _table_args_default_dict,

    )

    user_log_id = Column(Integer(), primary_key=True)

    user_id = Column(Integer(), ForeignKey('users.user_id'), nullable=True)

    username = Column(String(255), nullable=False)

    repository_id = Column(Integer(), ForeignKey('repositories.repo_id'), nullable=True)

    repository_name = Column(Unicode(255), nullable=False)

    user_ip = Column(String(255), nullable=True)

    action = Column(UnicodeText(), nullable=False)

    action_date = Column(DateTime(timezone=False), nullable=False)

    def __unicode__(self):

        return u"<%s('id:%s:%s')>" % (self.__class__.__name__,

                                      self.repository_name,

                                      self.action)

    @property

    def action_as_day(self):

        return datetime.date(*self.action_date.timetuple()[:3])

    user = relationship('User')

    repository = relationship('Repository', cascade='')

class UserGroup(Base, BaseDbModel):

    __tablename__ = 'users_groups'

    __table_args__ = (

        _table_args_default_dict,

    )

    users_group_id = Column(Integer(), primary_key=True)

    users_group_name = Column(Unicode(255), nullable=False, unique=True)

    user_group_description = Column(Unicode(10000), nullable=True) # FIXME: not nullable?

    users_group_active = Column(Boolean(), nullable=False)

    owner_id = Column('user_id', Integer(), ForeignKey('users.user_id'), nullable=False)

    created_on = Column(DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

    _group_data = Column("group_data", LargeBinary(), nullable=True)  # JSON data # FIXME: not nullable?

    members = relationship('UserGroupMember', cascade="all, delete-orphan")

    users_group_to_perm = relationship('UserGroupToPerm', cascade='all')

    users_group_repo_to_perm = relationship('UserGroupRepoToPerm', cascade='all')

    users_group_repo_group_to_perm = relationship('UserGroupRepoGroupToPerm', cascade='all')

    user_user_group_to_perm = relationship('UserUserGroupToPerm ', cascade='all')

    user_group_user_group_to_perm = relationship('UserGroupUserGroupToPerm ', primaryjoin="UserGroupUserGroupToPerm.target_user_group_id==UserGroup.users_group_id", cascade='all')

    owner = relationship('User')

    @hybrid_property

    def group_data(self):

        if not self._group_data:

            return {}

        try:

            return json.loads(self._group_data)

        except TypeError:

            return {}

    @group_data.setter

    def group_data(self, val):

        try:

            self._group_data = json.dumps(val)

        except Exception:

            log.error(traceback.format_exc())

    def __unicode__(self):

        return u"<%s('id:%s:%s')>" % (self.__class__.__name__,

                                      self.users_group_id,

                                      self.users_group_name)

    @classmethod

    def guess_instance(cls, value):

        return super(UserGroup, cls).guess_instance(value, UserGroup.get_by_group_name)

    @classmethod

    def get_by_group_name(cls, group_name, cache=False,

                          case_insensitive=False):

        if case_insensitive:

            q = cls.query().filter(func.lower(cls.users_group_name) == func.lower(group_name))

# -*- coding: utf-8 -*-

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

Set of generic validators

"""

import os

import re

import formencode

import logging

from collections import defaultdict

from tg.i18n import ugettext as _

from sqlalchemy import func

import sqlalchemy

from formencode.validators import (

    UnicodeString, OneOf, Int, Number, Regex, Email, Bool, StringBoolean, Set,

    NotEmpty, IPAddress, CIDR, String, FancyValidator

)

from kallithea.lib.compat import OrderedSet

from kallithea.lib.utils import is_valid_repo_uri

from kallithea.lib.utils2 import str2bool, aslist, repo_name_slug

from kallithea.model.db import RepoGroup, Repository, UserGroup, User

from kallithea.lib.exceptions import LdapImportError

from kallithea.config.routing import ADMIN_PREFIX

from kallithea.lib.auth import HasRepoGroupPermissionLevel, HasPermissionAny

# silence warnings and pylint

UnicodeString, OneOf, Int, Number, Regex, Email, Bool, StringBoolean, Set, \

    NotEmpty, IPAddress, CIDR, String, FancyValidator

log = logging.getLogger(__name__)

def UniqueListFromString():

    class _UniqueListFromString(formencode.FancyValidator):

        """

        Split value on ',' and make unique while preserving order

        """

        messages = dict(

            empty=_('Value cannot be an empty list'),

            missing_value=_('Value cannot be an empty list'),

        )

        def _convert_to_python(self, value, state):

            value = aslist(value, ',')

            seen = set()

            return [c for c in value if not (c in seen or seen.add(c))]

        def empty_value(self, value):

            return []

    return _UniqueListFromString

def ValidUsername(edit=False, old_data=None):

    old_data = old_data or {}

    class _validator(formencode.validators.FancyValidator):

        messages = {

            'username_exists': _('Username "%(username)s" already exists'),

            'system_invalid_username':

                _('Username "%(username)s" cannot be used'),

            'invalid_username':

                _('Username may only contain alphanumeric characters '

                  'underscores, periods or dashes and must begin with an '

                  'alphanumeric character or underscore')

        }

        def _validate_python(self, value, state):

            if value in ['default', 'new_user']:

                msg = self.message('system_invalid_username', state, username=value)

                raise formencode.Invalid(msg, value, state)

            # check if user is unique

            old_un = None

            if edit:

                old_un = User.get(old_data.get('user_id')).username

            if old_un != value or not edit:

                if User.get_by_username(value, case_insensitive=True):

                    msg = self.message('username_exists', state, username=value)

                    raise formencode.Invalid(msg, value, state)

            if re.match(r'^[a-zA-Z0-9\_]{1}[a-zA-Z0-9\-\_\.]*$', value) is None:

                msg = self.message('invalid_username', state)

                raise formencode.Invalid(msg, value, state)

    return _validator

def ValidRegex(msg=None):

    class _validator(formencode.validators.Regex):

        messages = dict(invalid=msg or _('The input is not valid'))

    return _validator

def ValidRepoUser():

    class _validator(formencode.validators.FancyValidator):

        messages = {

            'invalid_username': _('Username %(username)s is not valid')

        }

        def _validate_python(self, value, state):

            try:

                User.query().filter(User.active == True) \

                    .filter(User.username == value).one()

            except sqlalchemy.exc.InvalidRequestError: # NoResultFound/MultipleResultsFound

                msg = self.message('invalid_username', state, username=value)

                raise formencode.Invalid(msg, value, state,

                    error_dict=dict(username=msg)

                )

    return _validator

def ValidUserGroup(edit=False, old_data=None):

    old_data = old_data or {}

#!/usr/bin/env python2

# -*- coding: utf-8 -*-

import os

import sys

import platform

if sys.version_info < (2, 6) or sys.version_info >= (3,):

    raise Exception('Kallithea requires python 2.7')

here = os.path.abspath(os.path.dirname(__file__))

def _get_meta_var(name, data, callback_handler=None):

    import re

    matches = re.compile(r'(?:%s)\s*=\s*(.*)' % name).search(data)

    if matches:

        if not callable(callback_handler):

            callback_handler = lambda v: v

        return callback_handler(eval(matches.groups()[0]))

_meta = open(os.path.join(here, 'kallithea', '__init__.py'), 'rb')

_metadata = _meta.read()

_meta.close()

callback = lambda V: ('.'.join(map(str, V[:3])) + '.'.join(V[3:]))

__version__ = _get_meta_var('VERSION', _metadata, callback)

__license__ = _get_meta_var('__license__', _metadata)

__author__ = _get_meta_var('__author__', _metadata)

__url__ = _get_meta_var('__url__', _metadata)

# defines current platform

__platform__ = platform.system()

is_windows = __platform__ in ['Windows']

requirements = [

    "alembic >= 0.8.0, < 1.1",

    "gearbox < 1",

    "waitress >= 0.8.8, < 1.4",

    "WebOb >= 1.7, < 1.8", # turbogears2 2.3.12 requires WebOb<1.8.0

    "backlash >= 0.1.2, < 1",

    "TurboGears2 >= 2.3.10, < 2.4", # TODO: 2.4 drops Pylons compatibility

    "tgext.routes >= 0.2.0, < 1",

    "Beaker >= 1.7.0, < 2",

    "WebHelpers >= 1.3, < 1.4",

    "WebHelpers2 >= 2.0, < 2.1",

    "FormEncode >= 1.3.0, < 1.4",

    "SQLAlchemy >= 1.1, < 1.4",

    "Mako >= 0.9.0, < 1.1",

    "Pygments >= 2.0, < 2.5",

    "Whoosh >= 2.5.0, < 2.8",

    "celery >= 3.1, < 4.0", # TODO: celery 4 doesn't work

    "Babel >= 1.3, < 2.8",

    "python-dateutil >= 1.5.0, < 2.9",

    "Markdown >= 2.2.1, < 3.2",

    "docutils >= 0.11, < 0.15",

    "URLObject >= 2.3.4, < 2.5",

    "Routes >= 1.13, < 2", # TODO: bumping to 2.0 will make test_file_annotation fail

    "dulwich >= 0.14.1, < 0.20",

    "mercurial >= 4.5, < 5.2",

    "decorator >= 3.3.2, < 4.5",

    "Paste >= 2.0.3, < 3.1",

    "bleach >= 3.0, < 3.2",

    "Click >= 7.0, < 8",

]

if not is_windows:

    requirements.append("bcrypt >= 3.1.0, < 3.2")

dependency_links = [

]

classifiers = [

    'Development Status :: 4 - Beta',

    'Environment :: Web Environment',

    'Framework :: Pylons',

    'Intended Audience :: Developers',

    'License :: OSI Approved :: GNU General Public License (GPL)',

    'Operating System :: OS Independent',

    'Programming Language :: Python',

    'Programming Language :: Python :: 2.7',

    'Topic :: Software Development :: Version Control',

]

# additional files from project that goes somewhere in the filesystem

# relative to sys.prefix

data_files = []

description = ('Kallithea is a fast and powerful management tool '

               'for Mercurial and Git with a built in push/pull server, '

               'full text search and code-review.')

keywords = ' '.join([

    'kallithea', 'mercurial', 'git', 'code review',

    'repo groups', 'ldap', 'repository management', 'hgweb replacement',

    'hgwebdir', 'gitweb replacement', 'serving hgweb',

])

# long description

README_FILE = 'README.rst'

try:

    long_description = open(README_FILE).read()

except IOError as err:

    sys.stderr.write(

        "[WARNING] Cannot find file specified as long_description (%s)\n"

        % README_FILE

    )

    long_description = description

import setuptools

# monkey patch setuptools to use distutils owner/group functionality

from setuptools.command import sdist

sdist_org = sdist.sdist

class sdist_new(sdist_org):

    def initialize_options(self):

        sdist_org.initialize_options(self)

        self.owner = self.group = 'root'

sdist.sdist = sdist_new

packages = setuptools.find_packages(exclude=['ez_setup'])

setuptools.setup(

    name='Kallithea',

    version=__version__,

    description=description,

    long_description=long_description,

    keywords=keywords,

    license=__license__,

    author=__author__,

    author_email='kallithea@sfconservancy.org',

    dependency_links=dependency_links,

    url=__url__,

    install_requires=requirements,

    classifiers=classifiers,

    data_files=data_files,

    packages=packages,

    include_package_data=True,

    message_extractors={'kallithea': [

            ('**.py', 'python', None),

            ('templates/**.mako', 'mako', {'input_encoding': 'utf-8'}),

            ('templates/**.html', 'mako', {'input_encoding': 'utf-8'}),

            ('public/**', 'ignore', None)]},

    zip_safe=False,

    entry_points="""

    [console_scripts]

    kallithea-api =    kallithea.bin.kallithea_api:main

    kallithea-gist =   kallithea.bin.kallithea_gist:main

    kallithea-config = kallithea.bin.kallithea_config:main

    kallithea-cli =    kallithea.bin.kallithea_cli:cli

    [paste.app_factory]

    main = kallithea.config.middleware:make_app

    """,

)