""" this is forms validation classes

http://formencode.org/module-formencode.validators.html

for list off all availible validators

we can create our own validators

The table below outlines the options which can be used in a schema in addition to the validators themselves

pre_validators          []     These validators will be applied before the schema

chained_validators      []     These validators will be applied after the schema

allow_extra_fields      False     If True, then it is not an error when keys that aren't associated with a validator are present

filter_extra_fields     False     If True, then keys that aren't associated with a validator are removed

if_key_missing          NoDefault If this is given, then any keys that aren't available but are expected will be replaced with this value (and then validated). This does not override a present .if_missing attribute on validators. NoDefault is a special FormEncode class to mean that no default values has been specified and therefore missing keys shouldn't take a default value.

ignore_key_missing      False     If True, then missing keys will be missing in the result, if the validator doesn't have .if_missing on it already    

<name> = formencode.validators.<name of validator>

<name> must equal form name

list=[1,2,3,4,5]

for SELECT use formencode.All(OneOf(list), Int())

"""

import os

import re

import logging

import formencode

from formencode import All

from formencode.validators import UnicodeString, OneOf, Int, Number, Regex, \

    Email, Bool, StringBoolean, Set

from pylons.i18n.translation import _

import rhodecode.lib.helpers as h

from rhodecode.lib.auth import authenticate, get_crypt_password

from rhodecode.lib.exceptions import LdapImportError

from rhodecode.model import meta

from rhodecode.model.user import UserModel

from rhodecode.model.repo import RepoModel

from rhodecode.model.users_group import UsersGroupModel

from rhodecode import BACKENDS

from webhelpers.pylonslib.secure_form import authentication_token

log = logging.getLogger(__name__)

#this is needed to translate the messages using _() in validators

class State_obj(object):

    _ = staticmethod(_)

#===============================================================================

# VALIDATORS

#===============================================================================

class ValidAuthToken(formencode.validators.FancyValidator):

    messages = {'invalid_token':_('Token mismatch')}

    def validate_python(self, value, state):

        if value != authentication_token():

            raise formencode.Invalid(self.message('invalid_token', state,

                                            search_number=value), value, state)

def ValidUsername(edit, old_data):

    class _ValidUsername(formencode.validators.FancyValidator):

        def validate_python(self, value, state):

            if value in ['default', 'new_user']:

                raise formencode.Invalid(_('Invalid username'), value, state)

            #check if user is unique

            old_un = None

            if edit:

                old_un = UserModel().get(old_data.get('user_id')).username

            if old_un != value or not edit:

                if UserModel().get_by_username(value, cache=False,

                                               case_insensitive=True):

                    raise formencode.Invalid(_('This username already exists') ,

                                             value, state)

            if re.match(r'^[a-zA-Z0-9]{1}[a-zA-Z0-9\-\_\.]+$', value) is None:

                raise formencode.Invalid(_('Username may only contain '

                                           'alphanumeric characters underscores, '

                                           'periods or dashes and must begin with '

                                           'alphanumeric character'),

                                      value, state)

    return _ValidUsername

def ValidUsersGroup(edit, old_data):

    class _ValidUsersGroup(formencode.validators.FancyValidator):

        def validate_python(self, value, state):

            if value in ['default']:

                raise formencode.Invalid(_('Invalid group name'), value, state)

            #check if group is unique

            old_ugname = None

            if edit:

                old_ugname = UsersGroupModel()\

                    .get(old_data.get('users_group_id')).users_group_name

            if old_ugname != value or not edit:

                if UsersGroupModel().get_by_groupname(value, cache=False,

                                               case_insensitive=True):

                    raise formencode.Invalid(_('This users group already exists') ,

                                             value, state)

            if re.match(r'^[a-zA-Z0-9]{1}[a-zA-Z0-9\-\_\.]+$', value) is None:

                raise formencode.Invalid(_('Group name may only contain '

                                           'alphanumeric characters underscores, '

                                           'periods or dashes and must begin with '

                                           'alphanumeric character'),

                                      value, state)

    return _ValidUsersGroup

class ValidPassword(formencode.validators.FancyValidator):

    def to_python(self, value, state):

        if value:

            if value.get('password'):

                try:

                    value['password'] = get_crypt_password(value['password'])

                except UnicodeEncodeError:

                    e_dict = {'password':_('Invalid characters in password')}

                    raise formencode.Invalid('', value, state, error_dict=e_dict)

            if value.get('password_confirmation'):

                try:

                    value['password_confirmation'] = \

                        get_crypt_password(value['password_confirmation'])

                except UnicodeEncodeError:

                    e_dict = {'password_confirmation':_('Invalid characters in password')}

                    raise formencode.Invalid('', value, state, error_dict=e_dict)

            if value.get('new_password'):

                try:

                    value['new_password'] = \

                        get_crypt_password(value['new_password'])

                except UnicodeEncodeError:

                    e_dict = {'new_password':_('Invalid characters in password')}

                    raise formencode.Invalid('', value, state, error_dict=e_dict)

            return value

class ValidPasswordsMatch(formencode.validators.FancyValidator):

    def validate_python(self, value, state):

        if value['password'] != value['password_confirmation']:

            e_dict = {'password_confirmation':

                   _('Password do not match')}

            raise formencode.Invalid('', value, state, error_dict=e_dict)

class ValidAuth(formencode.validators.FancyValidator):

    messages = {

            'invalid_password':_('invalid password'),

            'invalid_login':_('invalid user name'),

            'disabled_account':_('Your account is disabled')

            }

    #error mapping

    e_dict = {'username':messages['invalid_login'],

              'password':messages['invalid_password']}

    e_dict_disable = {'username':messages['disabled_account']}

    def validate_python(self, value, state):

        password = value['password']

        username = value['username']

        user = UserModel().get_by_username(username)

        if authenticate(username, password):

            return value

        else:

            if user and user.active is False:

                log.warning('user %s is disabled', username)

                raise formencode.Invalid(self.message('disabled_account',

                                         state=State_obj),

                                         value, state,

                                         error_dict=self.e_dict_disable)

            else:

                log.warning('user %s not authenticated', username)

                raise formencode.Invalid(self.message('invalid_password',

                                         state=State_obj), value, state,

                                         error_dict=self.e_dict)

class ValidRepoUser(formencode.validators.FancyValidator):

    def to_python(self, value, state):

        sa = meta.Session()

        try:

            self.user_db = sa.query(User)\

                .filter(User.active == True)\

                .filter(User.username == value).one()

        except Exception:

            raise formencode.Invalid(_('This username is not valid'),

                                     value, state)

        finally:

            meta.Session.remove()

        return self.user_db.user_id

def ValidRepoName(edit, old_data):

    class _ValidRepoName(formencode.validators.FancyValidator):

        def to_python(self, value, state):

            slug = h.repo_name_slug(value)

            if slug in ['_admin']:

                raise formencode.Invalid(_('This repository name is disallowed'),

                                         value, state)

            if old_data.get('repo_name') != value or not edit:

                if RepoModel().get_by_repo_name(slug, cache=False):

                    raise formencode.Invalid(_('This repository already exists') ,

                                             value, state)

            return slug

    return _ValidRepoName

def ValidForkType(old_data):

    class _ValidForkType(formencode.validators.FancyValidator):

        def to_python(self, value, state):

            if old_data['repo_type'] != value:

                raise formencode.Invalid(_('Fork have to be the same type as original'),

                                         value, state)

            return value

    return _ValidForkType

class ValidPerms(formencode.validators.FancyValidator):

    def to_python(self, value, state):

        perms_update = []

        perms_new = []

        #build a list of permission to update and new permission to create

        for k, v in value.items():

            if k.startswith('perm_'):

                else:

                    usr = k[5:]

                    if usr == 'default':

                        if value['private']:

                            #set none for default when updating to private repo

                            v = 'repository.none'

        value['perms_updates'] = perms_update

        value['perms_new'] = perms_new

        sa = meta.Session

            try:

            except Exception:

                                     state=State_obj)

                raise formencode.Invalid(msg, value, state,

        return value

class ValidSettings(formencode.validators.FancyValidator):

    def to_python(self, value, state):

        #settings  form can't edit user

        if value.has_key('user'):

            del['value']['user']

        return value

class ValidPath(formencode.validators.FancyValidator):

    def to_python(self, value, state):

        if not os.path.isdir(value):

            msg = _('This is not a valid path')

            raise formencode.Invalid(msg, value, state,

                                     error_dict={'paths_root_path':msg})

        return value

def UniqSystemEmail(old_data):

    class _UniqSystemEmail(formencode.validators.FancyValidator):

        def to_python(self, value, state):

            value = value.lower()

            if old_data.get('email') != value:

                sa = meta.Session()

                try:

                    user = sa.query(User).filter(User.email == value).scalar()

                    if user:

                        raise formencode.Invalid(_("This e-mail address is already taken") ,

                                                 value, state)

                finally:

                    meta.Session.remove()

            return value

    return _UniqSystemEmail

class ValidSystemEmail(formencode.validators.FancyValidator):

    def to_python(self, value, state):

        value = value.lower()

        sa = meta.Session

        try:

            user = sa.query(User).filter(User.email == value).scalar()

            if  user is None:

                raise formencode.Invalid(_("This e-mail address doesn't exist.") ,

                                         value, state)

        finally:

            meta.Session.remove()

        return value

class LdapLibValidator(formencode.validators.FancyValidator):

    def to_python(self, value, state):

        try:

            import ldap

        except ImportError:

            raise LdapImportError

        return value

class AttrLoginValidator(formencode.validators.FancyValidator):

    def to_python(self, value, state):

        if not value or not isinstance(value, (str, unicode)):

            raise formencode.Invalid(_("The LDAP Login attribute of the CN must be specified "

                                       "- this is the name of the attribute that is equivalent to 'username'"),

                                     value, state)

        return value

#===============================================================================

# FORMS        

#===============================================================================

class LoginForm(formencode.Schema):

    allow_extra_fields = True

    filter_extra_fields = True

    username = UnicodeString(

                             strip=True,

                             min=1,

                             not_empty=True,

                             messages={

                                       'empty':_('Please enter a login'),

                                       'tooShort':_('Enter a value %(min)i characters long or more')}

                            )

    password = UnicodeString(

                            strip=True,

                            min=6,

                            not_empty=True,

                            messages={

                                      'empty':_('Please enter a password'),

                                      'tooShort':_('Enter %(min)i characters or more')}

                                )

    #chained validators have access to all data

    chained_validators = [ValidAuth]

def UserForm(edit=False, old_data={}):

    class _UserForm(formencode.Schema):

        allow_extra_fields = True

        filter_extra_fields = True

        username = All(UnicodeString(strip=True, min=1, not_empty=True),

                       ValidUsername(edit, old_data))

        if edit:

            new_password = All(UnicodeString(strip=True, min=6, not_empty=False))

            admin = StringBoolean(if_missing=False)

        else:

            password = All(UnicodeString(strip=True, min=6, not_empty=True))

        active = StringBoolean(if_missing=False)

        name = UnicodeString(strip=True, min=1, not_empty=True)

        lastname = UnicodeString(strip=True, min=1, not_empty=True)

        email = All(Email(not_empty=True), UniqSystemEmail(old_data))

        chained_validators = [ValidPassword]

    return _UserForm

def UsersGroupForm(edit=False, old_data={}, available_members=[]):

    class _UsersGroupForm(formencode.Schema):

        allow_extra_fields = True

        filter_extra_fields = True

        users_group_name = All(UnicodeString(strip=True, min=1, not_empty=True),

                       ValidUsersGroup(edit, old_data))

        users_group_active = StringBoolean(if_missing=False)

        if edit:

            users_group_members = OneOf(available_members, hideList=False,

                                        testValueList=True,

                                        if_missing=None, not_empty=False)

    return _UsersGroupForm

def RegisterForm(edit=False, old_data={}):

    class _RegisterForm(formencode.Schema):

        allow_extra_fields = True

        filter_extra_fields = True

        username = All(ValidUsername(edit, old_data),

                       UnicodeString(strip=True, min=1, not_empty=True))

        password = All(UnicodeString(strip=True, min=6, not_empty=True))

        password_confirmation = All(UnicodeString(strip=True, min=6, not_empty=True))

        active = StringBoolean(if_missing=False)

        name = UnicodeString(strip=True, min=1, not_empty=True)

        lastname = UnicodeString(strip=True, min=1, not_empty=True)

        email = All(Email(not_empty=True), UniqSystemEmail(old_data))

        chained_validators = [ValidPasswordsMatch, ValidPassword]

    return _RegisterForm

def PasswordResetForm():

    class _PasswordResetForm(formencode.Schema):

        allow_extra_fields = True

        filter_extra_fields = True

        email = All(ValidSystemEmail(), Email(not_empty=True))

    return _PasswordResetForm

def RepoForm(edit=False, old_data={}, supported_backends=BACKENDS.keys()):

    class _RepoForm(formencode.Schema):

        allow_extra_fields = True

        filter_extra_fields = False

        repo_name = All(UnicodeString(strip=True, min=1, not_empty=True),

                        ValidRepoName(edit, old_data))

        description = UnicodeString(strip=True, min=1, not_empty=True)

        private = StringBoolean(if_missing=False)

        enable_statistics = StringBoolean(if_missing=False)

        enable_downloads = StringBoolean(if_missing=False)

        repo_type = OneOf(supported_backends)

        if edit:

            user = All(Int(not_empty=True), ValidRepoUser)

        chained_validators = [ValidPerms]

    return _RepoForm

def RepoForkForm(edit=False, old_data={}, supported_backends=BACKENDS.keys()):

    class _RepoForkForm(formencode.Schema):

        allow_extra_fields = True

        filter_extra_fields = False

        fork_name = All(UnicodeString(strip=True, min=1, not_empty=True),

                        ValidRepoName(edit, old_data))

        description = UnicodeString(strip=True, min=1, not_empty=True)

        private = StringBoolean(if_missing=False)

        repo_type = All(ValidForkType(old_data), OneOf(supported_backends))

    return _RepoForkForm

def RepoSettingsForm(edit=False, old_data={}):

# -*- coding: utf-8 -*-

"""

    rhodecode.model.repo

    ~~~~~~~~~~~~~~~~~~~~

    Repository model for rhodecode

    :created_on: Jun 5, 2010

    :author: marcink

    :copyright: (C) 2009-2011 Marcin Kuzminski <marcin@python-works.com>    

    :license: GPLv3, see COPYING for more details.

"""

# This program is free software; you can redistribute it and/or

# modify it under the terms of the GNU General Public License

# as published by the Free Software Foundation; version 2

# of the License or (at your opinion) any later version of the license.

# 

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

# 

# You should have received a copy of the GNU General Public License

# along with this program; if not, write to the Free Software

# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,

# MA  02110-1301, USA.

import os

import shutil

import logging

import traceback

from datetime import datetime

from rhodecode.model import BaseModel

from rhodecode.model.caching_query import FromCache

from rhodecode.model.db import Repository, RepoToPerm, User, Permission, \

from rhodecode.model.user import UserModel

from vcs.backends import get_backend

log = logging.getLogger(__name__)

class RepoModel(BaseModel):

    def get(self, repo_id, cache=False):

        repo = self.sa.query(Repository)\

            .filter(Repository.repo_id == repo_id)

        if cache:

            repo = repo.options(FromCache("sql_cache_short",

                                          "get_repo_%s" % repo_id))

        return repo.scalar()

    def get_by_repo_name(self, repo_name, cache=False):

        repo = self.sa.query(Repository)\

            .filter(Repository.repo_name == repo_name)

        if cache:

            repo = repo.options(FromCache("sql_cache_short",

                                          "get_repo_%s" % repo_name))

        return repo.scalar()

    def get_users_js(self):

        users = self.sa.query(User).filter(User.active == True).all()

        u_tmpl = '''{id:%s, fname:"%s", lname:"%s", nname:"%s"},'''

                                                    u.lastname, u.username)

                                        for u in users])

        return users_array

    def update(self, repo_name, form_data):

        try:

            cur_repo = self.get_by_repo_name(repo_name, cache=False)

            user_model = UserModel(self.sa)

            #update permissions

                r2p = self.sa.query(RepoToPerm)\

                        .filter(RepoToPerm.user == user_model.get_by_username(username))\

                        .filter(RepoToPerm.repository == cur_repo)\

                        .one()

                r2p.permission = self.sa.query(Permission)\

                                    .filter(Permission.permission_name == perm)\

                                    .scalar()

                self.sa.add(r2p)

            #set new permissions

                r2p = RepoToPerm()

                r2p.repository = cur_repo

                r2p.user = user_model.get_by_username(username, cache=False)

                r2p.permission = self.sa.query(Permission)\

                                    .filter(Permission.permission_name == perm)\

                                    .scalar()

                self.sa.add(r2p)

            #update current repo

            for k, v in form_data.items():

                if k == 'user':

                    cur_repo.user = user_model.get(v)

                else:

                    setattr(cur_repo, k, v)

            self.sa.add(cur_repo)

            if repo_name != form_data['repo_name']:

                #rename our data

                self.__rename_repo(repo_name, form_data['repo_name'])

            self.sa.commit()

        except:

            log.error(traceback.format_exc())

            self.sa.rollback()

            raise

    def create(self, form_data, cur_user, just_db=False, fork=False):

        try:

            if fork:

                #force str since hg doesn't go with unicode

                repo_name = str(form_data['fork_name'])

                org_name = str(form_data['repo_name'])

            else:

                org_name = repo_name = str(form_data['repo_name'])

            new_repo = Repository()

            new_repo.enable_statistics = True

            for k, v in form_data.items():

                if k == 'repo_name':

                    v = repo_name

                setattr(new_repo, k, v)

            if fork:

                parent_repo = self.sa.query(Repository)\

                        .filter(Repository.repo_name == org_name).scalar()

                new_repo.fork = parent_repo

            new_repo.user_id = cur_user.user_id

            self.sa.add(new_repo)

            #create default permission

            repo_to_perm = RepoToPerm()

            default = 'repository.read'

            for p in UserModel(self.sa).get_by_username('default', cache=False).user_perms:

                if p.permission.permission_name.startswith('repository.'):

                    default = p.permission.permission_name

                    break

            default_perm = 'repository.none' if form_data['private'] else default

            repo_to_perm.permission_id = self.sa.query(Permission)\

                    .filter(Permission.permission_name == default_perm)\

                    .one().permission_id

            repo_to_perm.repository_id = new_repo.repo_id

            repo_to_perm.user_id = UserModel(self.sa)\

                .get_by_username('default', cache=False).user_id

            self.sa.add(repo_to_perm)

            self.sa.commit()

            #now automatically start following this repository as owner

            from rhodecode.model.scm import ScmModel

            ScmModel(self.sa).toggle_following_repo(new_repo.repo_id,

                                             cur_user.user_id)

            if not just_db:

                self.__create_repo(repo_name, form_data['repo_type'])

        except:

            log.error(traceback.format_exc())

            self.sa.rollback()

            raise

    def create_fork(self, form_data, cur_user):

        from rhodecode.lib.celerylib import tasks, run_task

        run_task(tasks.create_repo_fork, form_data, cur_user)

    def delete(self, repo):

        try:

            self.sa.delete(repo)

            self.__delete_repo(repo)

            self.sa.commit()

        except:

            log.error(traceback.format_exc())

            self.sa.rollback()

            raise

    def delete_perm_user(self, form_data, repo_name):

        try:

            self.sa.query(RepoToPerm)\

                .filter(RepoToPerm.repository \

                        == self.get_by_repo_name(repo_name))\

                .filter(RepoToPerm.user_id == form_data['user_id']).delete()

            self.sa.commit()

        except:

            log.error(traceback.format_exc())

            self.sa.rollback()

            raise

    def delete_stats(self, repo_name):

        try:

            self.sa.query(Statistics)\

                .filter(Statistics.repository == \

                        self.get_by_repo_name(repo_name)).delete()

            self.sa.commit()

        except:

            log.error(traceback.format_exc())

            self.sa.rollback()

            raise

    def __create_repo(self, repo_name, alias):

        """

        makes repository on filesystem

        :param repo_name:

        :param alias:

        """

        from rhodecode.lib.utils import check_repo

            log.info('creating repo %s in %s', repo_name, repo_path)

            backend = get_backend(alias)

            backend(repo_path, create=True)

    def __rename_repo(self, old, new):

        """

        renames repository on filesystem

        :param old: old name

        :param new: new name

        """

        log.info('renaming repo from %s to %s', old, new)

        if os.path.isdir(new_path):

            raise Exception('Was trying to rename to already existing dir %s',

                            new_path)

        shutil.move(old_path, new_path)

    def __delete_repo(self, repo):

        """

        removes repo from filesystem, the removal is acctually made by

        added rm__ prefix into dir, and rename internat .hg/.git dirs so this

        repository is no longer valid for rhodecode, can be undeleted later on

        by reverting the renames on this repository

        :param repo: repo object

        """

        log.info("Removing %s", rm_path)

        #disable hg/git

        alias = repo.repo_type

        shutil.move(os.path.join(rm_path, '.%s' % alias),

                    os.path.join(rm_path, 'rm__.%s' % alias))

        #disable repo

                                          % (datetime.today(), repo.repo_name)))