.options(joinedload(UserFollowing.follows_repository)) \

            .all()

        return self._atom_feed(following, public=False)

    @LoginRequired(api_access=True)

    @NotAnonymous()

    def journal_rss(self):

        """

        Produce an rss feed via feedgenerator module

        """

        following = UserFollowing.query() \

            .filter(UserFollowing.user_id == request.authuser.user_id) \

            .options(joinedload(UserFollowing.follows_repository)) \

            .all()

        return self._rss_feed(following, public=False)

    @LoginRequired()

    @NotAnonymous()

    def toggle_following(self):

        user_id = request.POST.get('follows_user_id')

        if user_id:

            try:

                self.scm_model.toggle_following_user(user_id,

                                            request.authuser.user_id)

                return 'ok'

            except Exception:

                log.error(traceback.format_exc())

                raise HTTPBadRequest()

        repo_id = request.POST.get('follows_repository_id')

        if repo_id:

            try:

                self.scm_model.toggle_following_repo(repo_id,

                                            request.authuser.user_id)

                return 'ok'

            except Exception:

                log.error(traceback.format_exc())

                raise HTTPBadRequest()

        raise HTTPBadRequest()

    @LoginRequired()

    def public_journal(self):

        # Return a rendered template

        p = safe_int(request.GET.get('page'), 1)

        c.following = UserFollowing.query() \

            .filter(UserFollowing.user_id == request.authuser.user_id) \

            .options(joinedload(UserFollowing.follows_repository)) \

            .all()

        journal = self._get_journal_data(c.following)

        c.journal_pager = Page(journal, page=p, items_per_page=20)

        c.journal_day_aggregate = self._get_daily_aggregate(c.journal_pager)

        if request.environ.get('HTTP_X_PARTIAL_XHR'):

:created_on: Apr 4, 2010

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

import os

import logging

import traceback

import hashlib

import itertools

import collections

from decorator import decorator

from tg import request, session

from tg.i18n import ugettext as _

from webhelpers.pylonslib import secure_form

from sqlalchemy.orm.exc import ObjectDeletedError

from sqlalchemy.orm import joinedload

from webob.exc import HTTPFound, HTTPBadRequest, HTTPForbidden, HTTPMethodNotAllowed

from kallithea import __platform__, is_windows, is_unix

from kallithea.config.routing import url

from kallithea.lib.vcs.utils.lazy import LazyProperty

from kallithea.model.meta import Session

from kallithea.model.user import UserModel

from kallithea.model.db import User, Repository, Permission, \

    UserToPerm, UserGroupRepoToPerm, UserGroupToPerm, UserGroupMember, \

    RepoGroup, UserGroupRepoGroupToPerm, UserIpMap, UserGroupUserGroupToPerm, \

    UserGroup, UserApiKeys

from kallithea.lib.utils2 import safe_str, safe_unicode, aslist

from kallithea.lib.utils import get_repo_slug, get_repo_group_slug, \

    get_user_group_slug, conditional_cache

from kallithea.lib.caching_query import FromCache

log = logging.getLogger(__name__)

class PasswordGenerator(object):

    """

    This is a simple class for generating password from different sets of

    characters

    usage::

        passwd_gen = PasswordGenerator()

        #print 8-letter password containing only big and small letters

                                                  "get_user_ips_%s" % user_id))

        for ip in user_ips:

            try:

                _set.add(ip.ip_addr)

            except ObjectDeletedError:

                # since we use heavy caching sometimes it happens that we get

                # deleted objects here, we just skip them

                pass

        return _set or set(['0.0.0.0/0', '::/0'])

def set_available_permissions(config):

    """

    This function will propagate globals with all available defined

    permission given in db. We don't want to check each time from db for new

    permissions since adding a new permission also requires application restart

    ie. to decorate new views with the newly created permission

    :param config: current config instance

    """

    log.info('getting information about all available permissions')

    try:

        config['available_permissions'] = [x.permission_name for x in all_perms]

    finally:

#==============================================================================

# CHECK DECORATORS

#==============================================================================

def _redirect_to_login(message=None):

    """Return an exception that must be raised. It will redirect to the login

    page which will redirect back to the current URL after authentication.

    The optional message will be shown in a flash message."""

    from kallithea.lib import helpers as h

    if message:

        h.flash(h.literal(message), category='warning')

    p = request.path_qs

    log.debug('Redirecting to login page, origin: %s', p)

    return HTTPFound(location=url('login_home', came_from=p))

# Use as decorator

class LoginRequired(object):

    """Client must be logged in as a valid User (but the "default" user,

    if enabled, is considered valid), or we'll redirect to the login page.

    Also checks that IP address is allowed, and if using API key instead

    def test_api_get_user_without_giving_userid_non_admin(self):

        id_, params = _build_data(self.apikey_regular, 'get_user')

        response = api_call(self, params)

        usr = User.get_by_username(self.TEST_USER_LOGIN)

        ret = usr.get_api_data()

        ret['permissions'] = AuthUser(dbuser=usr).permissions

        expected = ret

        self._compare_ok(id_, expected, given=response.body)

    def test_api_get_user_with_giving_userid_non_admin(self):

        id_, params = _build_data(self.apikey_regular, 'get_user',

                                  userid=self.TEST_USER_LOGIN)

        response = api_call(self, params)

        expected = 'userid is not the same as your user'

        self._compare_error(id_, expected, given=response.body)

    def test_api_pull(self):

        repo_name = u'test_pull'

        r = fixture.create_repo(repo_name, repo_type=self.REPO_TYPE)

        r.clone_uri = os.path.join(Ui.get_by_key('paths', '/').ui_value, self.REPO)

        id_, params = _build_data(self.apikey, 'pull',

                                  repoid=repo_name,)

        response = api_call(self, params)

        expected = {'msg': 'Pulled from `%s`' % repo_name,

                    'repository': repo_name}

        self._compare_ok(id_, expected, given=response.body)

        fixture.destroy_repo(repo_name)

    def test_api_pull_error(self):

        id_, params = _build_data(self.apikey, 'pull',

                                  repoid=self.REPO, )

        response = api_call(self, params)

        expected = 'Unable to pull changes from `%s`' % self.REPO

        self._compare_error(id_, expected, given=response.body)

    def test_api_rescan_repos(self):

        id_, params = _build_data(self.apikey, 'rescan_repos')

        response = api_call(self, params)

        expected = {'added': [], 'removed': []}

                'updaterev': 'fb95b340e0d03fa51f33c56c991c08077c99303e',

                'pullrequest_title': 'title',

                'pullrequest_desc': 'description',

                'owner': TEST_USER_REGULAR_LOGIN,

                '_authentication_token': self.authentication_token(),

             },

             status=302)

        pr3_id = int(re.search('/pull-request/(\d+)/', response.location).group(1))

        pr2 = PullRequest.get(pr2_id)

        pr3 = PullRequest.get(pr3_id)

        assert pr3_id != pr2_id

        assert pr2.status == PullRequest.STATUS_CLOSED

        assert pr3.org_ref == 'branch:webvcs:fb95b340e0d03fa51f33c56c991c08077c99303e'

        assert pr3.other_ref == 'branch:default:41d2568309a05f422cffb8008e599d385f8af439'

@pytest.mark.usefixtures("test_context_fixture") # apply fixture for all test methods

class TestPullrequestsGetRepoRefs(TestController):

    def setup_method(self, method):

        self.repo_name = u'main'

        repo = fixture.create_repo(self.repo_name, repo_type='hg')

        self.repo_scm_instance = repo.scm_instance

        self.c = PullrequestsController()

    def teardown_method(self, method):

        fixture.destroy_repo(u'main')

        Session.remove()

    def test_repo_refs_empty_repo(self):

        # empty repo with no commits, no branches, no bookmarks, just one tag

        refs, default = self.c._get_repo_refs(self.repo_scm_instance)

        assert default == 'tag:null:0000000000000000000000000000000000000000'

    def test_repo_refs_one_commit_no_hints(self):

        cs0 = fixture.commit_change(self.repo_name, filename='file1',

                content='line1\n', message='commit1', vcs_type='hg',

                parent=None, newfile=True)

        refs, default = self.c._get_repo_refs(self.repo_scm_instance)

        assert default == 'branch:default:%s' % cs0.raw_id

        assert ([('branch:default:%s' % cs0.raw_id, 'default (current tip)')],

                'Branches') in refs

    def test_repo_refs_one_commit_rev_hint(self):

        cs0 = fixture.commit_change(self.repo_name, filename='file1',

                content='line1\n', message='commit1', vcs_type='hg',

                parent=None, newfile=True)

        refs, default = self.c._get_repo_refs(self.repo_scm_instance, rev=cs0.raw_id)

        expected = 'branch:default:%s' % cs0.raw_id