)

                else:

                    RepoModel().grant_users_group_permission(

                        repo=cur_repo, group_name=member, perm=perm

                    )

            # set new permissions

            for member, perm, member_type in form_data['perms_new']:

                if member_type == 'user':

                    RepoModel().grant_user_permission(

                        repo=cur_repo, user=member, perm=perm

                    )

                else:

                    RepoModel().grant_users_group_permission(

                        repo=cur_repo, group_name=member, perm=perm

                    )

            # update current repo

            for k, v in form_data.items():

                if k == 'user':

                    cur_repo.user = User.get_by_username(v)

                elif k == 'repo_name':

                    pass

                elif k == 'repo_group':

                    cur_repo.group = RepoGroup.get(v)

                else:

                    setattr(cur_repo, k, v)

            new_name = cur_repo.get_new_name(form_data['repo_name'])

            cur_repo.repo_name = new_name

            self.sa.add(cur_repo)

            if repo_name != new_name:

                # rename repository

                self.__rename_repo(old=repo_name, new=new_name)

            return cur_repo

        except:

            log.error(traceback.format_exc())

            raise

    def create_repo(self, repo_name, repo_type, description, owner,

                    private=False, clone_uri=None, repos_group=None,

                    landing_rev='tip', just_db=False, fork_of=None,

                    copy_fork_permissions=False):

        """

        Create repository

        """

        from rhodecode.model.scm import ScmModel

        owner = self._get_user(owner)

        fork_of = self._get_repo(fork_of)

        repos_group = self._get_repos_group(repos_group)

        try:

            # repo name is just a name of repository

            # while repo_name_full is a full qualified name that is combined

            # with name and path of group

            repo_name_full = repo_name

            repo_name = repo_name.split(self.URL_SEPARATOR)[-1]

            new_repo = Repository()

            new_repo.enable_statistics = False

            new_repo.repo_name = repo_name_full

            new_repo.repo_type = repo_type

            new_repo.user = owner

            new_repo.group = repos_group

            new_repo.description = description or repo_name

            new_repo.private = private

            new_repo.clone_uri = clone_uri

            new_repo.landing_rev = landing_rev

            if repos_group:

                new_repo.enable_locking = repos_group.enable_locking

            if fork_of:

                parent_repo = fork_of

                new_repo.fork = parent_repo

            self.sa.add(new_repo)

            def _create_default_perms():

                # create default permission

                repo_to_perm = UserRepoToPerm()

                default = 'repository.read'

                for p in User.get_by_username('default').user_perms:

                    if p.permission.permission_name.startswith('repository.'):

                        default = p.permission.permission_name

                        break

                default_perm = 'repository.none' if private else default

                repo_to_perm.permission_id = self.sa.query(Permission)\

                        .filter(Permission.permission_name == default_perm)\

                        .one().permission_id

                repo_to_perm.repository = new_repo

                repo_to_perm.user_id = User.get_by_username('default').user_id

                self.sa.add(repo_to_perm)

            if fork_of:

                if copy_fork_permissions:

                    repo = fork_of

                    user_perms = UserRepoToPerm.query()\

                        .filter(UserRepoToPerm.repository == repo).all()

                    group_perms = UsersGroupRepoToPerm.query()\

                        .filter(UsersGroupRepoToPerm.repository == repo).all()

                    for perm in user_perms:

                        UserRepoToPerm.create(perm.user, new_repo,

                                              perm.permission)

                    for perm in group_perms:

                        UsersGroupRepoToPerm.create(perm.users_group, new_repo,

                                                    perm.permission)

                else:

                    _create_default_perms()

            else:

                _create_default_perms()

            if not just_db:

                self.__create_repo(repo_name, repo_type,

                                   repos_group,

                                   clone_uri)

                log_create_repository(new_repo.get_dict(),

                                      created_by=owner.username)

            # now automatically start following this repository as owner

            ScmModel(self.sa).toggle_following_repo(new_repo.repo_id,

                                                    owner.user_id)

            return new_repo

        except:

            log.error(traceback.format_exc())

            raise

    def create(self, form_data, cur_user, just_db=False, fork=None):

        """

        Backward compatibility function, just a wrapper on top of create_repo

        :param form_data:

        :param cur_user:

        :param just_db:

        :param fork:

        """

        repo_name = form_data['repo_name_full']

        repo_type = form_data['repo_type']

        description = form_data['description']

        owner = cur_user

        private = form_data['private']

        clone_uri = form_data.get('clone_uri')

        repos_group = form_data['repo_group']

        landing_rev = form_data['landing_rev']

        copy_fork_permissions = form_data.get('copy_permissions')

        fork_of = form_data.get('fork_parent_id')

        return self.create_repo(

            repo_name, repo_type, description, owner, private, clone_uri,

            repos_group, landing_rev, just_db, fork_of, copy_fork_permissions

        )

    def create_fork(self, form_data, cur_user):

        """

        Simple wrapper into executing celery task for fork creation

        :param form_data:

        :param cur_user:

        """

        from rhodecode.lib.celerylib import tasks, run_task

        run_task(tasks.create_repo_fork, form_data, cur_user)

    def delete(self, repo):

        repo = self._get_repo(repo)

        if repo:

            old_repo_dict = repo.get_dict()

            owner = repo.user

            try:

                self.sa.delete(repo)

                self.__delete_repo(repo)

                log_delete_repository(old_repo_dict,

                                      deleted_by=owner.username)

            except:

                log.error(traceback.format_exc())

                raise

    def grant_user_permission(self, repo, user, perm):

        """

        Grant permission for user on given repository, or update existing one

        if found

        :param repo: Instance of Repository, repository_id, or repository name

        :param user: Instance of User, user_id or username

        :param perm: Instance of Permission, or permission_name

        """

        user = self._get_user(user)

        repo = self._get_repo(repo)

        permission = self._get_perm(perm)

        # check if we have that permission already

        obj = self.sa.query(UserRepoToPerm)\

            .filter(UserRepoToPerm.user == user)\

            .filter(UserRepoToPerm.repository == repo)\

            .scalar()

        if obj is None:

            # create new !

            obj = UserRepoToPerm()

        obj.repository = repo

        obj.user = user

        obj.permission = permission

        self.sa.add(obj)

        log.debug('Granted perm %s to %s on %s' % (perm, user, repo))

    def revoke_user_permission(self, repo, user):

        """

        Revoke permission for user on given repository

        :param repo: Instance of Repository, repository_id, or repository name

        :param user: Instance of User, user_id or username

        """

        user = self._get_user(user)

        repo = self._get_repo(repo)

        obj = self.sa.query(UserRepoToPerm)\

            .filter(UserRepoToPerm.repository == repo)\

            .filter(UserRepoToPerm.user == user)\

            .scalar()

        if obj:

            self.sa.delete(obj)

            log.debug('Revoked perm on %s on %s' % (repo, user))

    def grant_users_group_permission(self, repo, group_name, perm):

        """

        Grant permission for users group on given repository, or update

        existing one if found

        :param repo: Instance of Repository, repository_id, or repository name

        :param group_name: Instance of UserGroup, users_group_id,

            or users group name

        :param perm: Instance of Permission, or permission_name

        """

        repo = self._get_repo(repo)

        group_name = self.__get_users_group(group_name)

        permission = self._get_perm(perm)

        # check if we have that permission already

        obj = self.sa.query(UsersGroupRepoToPerm)\

            .filter(UsersGroupRepoToPerm.users_group == group_name)\

            .filter(UsersGroupRepoToPerm.repository == repo)\

            .scalar()

        if obj is None:

            # create new

            obj = UsersGroupRepoToPerm()

        obj.repository = repo

        obj.users_group = group_name

        obj.permission = permission

        self.sa.add(obj)

        log.debug('Granted perm %s to %s on %s' % (perm, group_name, repo))

    def revoke_users_group_permission(self, repo, group_name):

        """

        Revoke permission for users group on given repository

        :param repo: Instance of Repository, repository_id, or repository name

        :param group_name: Instance of UserGroup, users_group_id,

            or users group name

        """

        repo = self._get_repo(repo)

        group_name = self.__get_users_group(group_name)

        obj = self.sa.query(UsersGroupRepoToPerm)\

            .filter(UsersGroupRepoToPerm.repository == repo)\

            .filter(UsersGroupRepoToPerm.users_group == group_name)\

            .scalar()

        if obj:

            self.sa.delete(obj)

            log.debug('Revoked perm to %s on %s' % (repo, group_name))

    def delete_stats(self, repo_name):

        """

        removes stats for given repo

        :param repo_name:

        """

        try:

            obj = self.sa.query(Statistics)\

                    .filter(Statistics.repository ==

                            self.get_by_repo_name(repo_name))\

                    .one()

            self.sa.delete(obj)

        except:

            log.error(traceback.format_exc())

            raise

    def __create_repo(self, repo_name, alias, parent, clone_uri=False):

        """

        makes repository on filesystem. It's group aware means it'll create

        a repository within a group, and alter the paths accordingly of

        group location

        :param repo_name:

        :param alias:

        :param parent_id:

        :param clone_uri:

        """

        from rhodecode.lib.utils import is_valid_repo, is_valid_repos_group

        from rhodecode.model.scm import ScmModel

        if parent:

            new_parent_path = os.sep.join(parent.full_path_splitted)

        else:

            new_parent_path = ''

        # we need to make it str for mercurial

        repo_path = os.path.join(*map(lambda x: safe_str(x),

                                [self.repos_path, new_parent_path, repo_name]))

        # check if this path is not a repository

        if is_valid_repo(repo_path, self.repos_path):

            raise Exception('This path %s is a valid repository' % repo_path)

        # check if this path is a group

        if is_valid_repos_group(repo_path, self.repos_path):

            raise Exception('This path %s is a valid group' % repo_path)

        log.info('creating repo %s in %s @ %s' % (

                     repo_name, safe_unicode(repo_path), clone_uri

                )

        )

        backend = get_backend(alias)

        if alias == 'hg':

            backend(repo_path, create=True, src_url=clone_uri)

        elif alias == 'git':

            r = backend(repo_path, create=True, src_url=clone_uri, bare=True)

            # add rhodecode hook into this repo

            ScmModel().install_git_hook(repo=r)

        else:

            raise Exception('Undefined alias %s' % alias)

    def __rename_repo(self, old, new):

        """

        renames repository on filesystem

        :param old: old name

        :param new: new name

        """

        log.info('renaming repo from %s to %s' % (old, new))

        old_path = os.path.join(self.repos_path, old)

        new_path = os.path.join(self.repos_path, new)

        if os.path.isdir(new_path):

            raise Exception(

                'Was trying to rename to already existing dir %s' % new_path

            )

        shutil.move(old_path, new_path)

    def __delete_repo(self, repo):

        """

        removes repo from filesystem, the removal is acctually made by

        added rm__ prefix into dir, and rename internat .hg/.git dirs so this

        repository is no longer valid for rhodecode, can be undeleted later on

        by reverting the renames on this repository

        :param repo: repo object

        """

        rm_path = os.path.join(self.repos_path, repo.repo_name)

        log.info("Removing %s" % (rm_path))

        # disable hg/git internal that it doesn't get detected as repo

        alias = repo.repo_type

        bare = getattr(repo.scm_instance, 'bare', False)

        if not bare:

            # skip this for bare git repos

            shutil.move(os.path.join(rm_path, '.%s' % alias),

                        os.path.join(rm_path, 'rm__.%s' % alias))

        # disable repo

        _now = datetime.now()

        _ms = str(_now.microsecond).rjust(6, '0')

        _d = 'rm__%s__%s' % (_now.strftime('%Y%m%d_%H%M%S_' + _ms),

        shutil.move(rm_path, os.path.join(self.repos_path, _d))