9b3e9e242f5c97cc0c7657e5ac93dce7de61ca16 0 iQEcBAABAgAGBQJWDuAdAAoJEJ1bI/kYT6UUAlYH/ReCa7Im5tvy+ot5oAc7xey/O2rCVHp2h6i82tTWK/0i9EaS4DP+eTbAjV4WJA4qWF5DPenEJ3X9JhrTLNvGkR0f7lUqiFVMTJ472YlSsvIWg38gVFruzwk1cODRfq72o8ERYcRSfzrL4cDpIqjEd/vVVCV/gKVvPmzr4/FED/ZmS0X6T9gxWJo/eWSuLNAxHHtE/pCWDO3XEe+iOm+hHjkyz4Hn2r9/+ucrirnzycH6DnYO/kWvQzBnzgMjJm+1rLZ5cfU89V8zfhv6z0pd8CHZfpKGc2Z8EwVJq9LR+M4/76uDlYXx7IfZAxhRNqN6MC+yvPmDo3382dNr7Wkopi0=

53128b6b9a4ddb6ee9554cbb83a082a6d1316b42 rhodecode-0.0.1.0.0rc4

afd98d1f817e6a6b52172735c22160239e615a6b rhodecode-0.0.1.0.0

bee56f209c40a6880f2f633b02227b5ee1f8ff5a rhodecode-0.0.1.0.1

d85b0948e53925ebbbc49e9f7967013a04f866e9 rhodecode-0.0.1.0.2

d9c8dddb96af521e346f05b88d515c536eef3d17 rhodecode-0.0.1.1.0

344f748517814ed0408a49e392dc625f4cc37fdc rhodecode-0.0.1.1.1

6c01c12eafb8cc72d4c4cbd121400fad755b2862 rhodecode-0.0.1.1.2

4fa80e0484ef5c33feaa9c39fc66916f410ba353 rhodecode-0.0.1.1.3

cb77867d69d3c5931712aac486c980a42ee90745 rhodecode-0.0.1.1.5

cb77867d69d3c5931712aac486c980a42ee90745 rhodecode-0.0.1.1.5

008bdfdd95c8bd31ae6d89f76c75c1f49cbcd0bc rhodecode-0.0.1.1.5

c5af1d3c861fb36b156224e75c2f55a97f54657d rhodecode-0.0.1.1.6

7327a0d1584cf28d33e738048af1f6809d499451 rhodecode-0.0.1.1.7

bd102f45950f779995a1beae42b6eb099cdd27b3 rhodecode-0.0.1.1.7

c8974135732aa0ceb841cee6df66e29f089b4963 rhodecode-0.0.1.1.8

c252049af24cd98eef5f4143fa3abbff3c912e29 rhodecode-0.0.1.2.0

0b8fba8ab90b01f811a50e6e7384989cced21d38 rhodecode-0.0.1.2.1

22273bec00ba2fd860c60a9277d3d7229e288e18 rhodecode-0.0.1.2.2

1ff606a7858dbd8a5f70b3da5cc89524bd0d84f9 rhodecode-0.0.1.2.3

a7a282a902b207ce34e830d643c79b7ab52e3b35 rhodecode-0.0.1.2.4

b6b611e7722e754abebaae6e265cbb4c823d344d rhodecode-0.0.1.2.5

dbc82e3362a25d2aece42060089824c4342efd17 rhodecode-0.0.1.3.0

79a95f338fd0115b2cdb77118f39e17d22ff505c rhodecode-0.0.1.3.1

9ab21c5ddb84935bea5c743b4e147ed5a398b30c rhodecode-0.0.1.3.2

934906f028b582a254e0028ba25e5d20dd32b9cd rhodecode-0.0.1.3.3

af21362474e3ab5aa0e2fbb1c872356f2c16c4f3 rhodecode-0.0.1.3.4

0e2792e04bd316fe64335cbe6a476031ac60b29b rhodecode-0.0.1.3.5

edfff9f37916389144d3a3644d0a7d7adfd79b11 rhodecode-0.0.1.3.6

9ae95fdeca184f2404205645f06c6597b74ef2db rhodecode-0.0.1.4.0

909143a4dde53c46d4f24abb426ec870471c7de1 rhodecode-0.0.1.4.1

d998cc84cf726798486a438763053f0e1dc1b646 rhodecode-0.0.1.4.2

3f5d40b9dd99ccb009ea2211ee2d4b594c634946 rhodecode-0.0.1.4.3

3148c08cf86f1849917e2d50f7ab7766c1550b0a rhodecode-0.0.1.4.4

a5f0bc867edc88be23eb808693e5393a97d4c54a rhodecode-0.0.1.5.0

3259dc7caea48687eab018ee646ae6ad7e7ef377 rhodecode-0.0.1.5.1

efe23d6c178c11d575a0214181276a3452776e48 rhodecode-0.0.1.5.2

1a498b11f1540f5b94b6f6009298f5dc3eaad9e9 rhodecode-0.0.1.5.3

3447862ad8c9ceba85857774c526e39fde3a2281 rhodecode-0.0.1.5.4

c15d7b336af58df9f1bbc8f8957464e7ea618d4c rhodecode-0.0.1.6.0rc1

78b53ee0d247f90d51b028307ff5717851b6c265 rhodecode-0.0.1.6.0

351ad34d56321349ff5bd38f537bd768b8efef2e rhodecode-0.0.1.7.0

1f71ef689d2a3c9978cea6591a1f4e9107a5ca83 rhodecode-0.0.1.7.1

cc48c1541c7e2e84114bf92a0f9cd4b8b1341545 0.0

d17e88a1a88a29f6fac948c94498129e405a40d3 0.1

ad0ce803b40cb17fc3988373052943e041030b02 0.2

c6e32714336345403adf76abb6ebf9b8116fcdc7 0.2.1

14f488a5dc4ca6647bc6acf12534fd137e968aa8 0.2.2

9b3e9e242f5c97cc0c7657e5ac93dce7de61ca16 0.3

.. _contributing:

=========================

Contributing to Kallithea

=========================

Kallithea is developed and maintained by its users. Please join us and scratch

your own itch.

Infrastructure

--------------

The main repository is hosted on Our Own Kallithea (aka OOK) at

https://kallithea-scm.org/repos/kallithea/, our self-hosted instance

of Kallithea.

For now, we use Bitbucket_ for `pull requests`_ and `issue tracking`_. The

issue tracker is for tracking bugs, not for support, discussion, or ideas --

please use the `mailing list`_ or :ref:`IRC <readme>` to reach the community.

We use Weblate_ to translate the user interface messages into languages other

than English. Join our project on `Hosted Weblate`_ to help us.

To register, you can use your Bitbucket or GitHub account. See :ref:`translations`

for more details.

Getting started

---------------

To get started with development::

        hg clone https://kallithea-scm.org/repos/kallithea

        cd kallithea

        virtualenv ../kallithea-venv

        source ../kallithea-venv/bin/activate

        pip install --upgrade pip setuptools

        paster make-config Kallithea my.ini

        paster setup-db my.ini --user=user --email=user@example.com --password=password --repos=/tmp

        paster serve my.ini --reload &

        firefox http://127.0.0.1:5000/

You can also start out by forking https://bitbucket.org/conservancy/kallithea

on Bitbucket_ and create a local clone of your own fork.

Running tests

-------------

After finishing your changes make sure all tests pass cleanly. You can run

the testsuite running ``py.test`` from the project root, or if you use tox

run ``tox`` for Python 2.6--2.7 with multiple database test.

When running tests, Kallithea uses `kallithea/tests/test.ini` and populates the

SQLite database specified there.

It is possible to avoid recreating the full test database on each invocation of

the tests, thus eliminating the initial delay. To achieve this, run the tests as::

    paster serve kallithea/tests/test.ini --pid-file=test.pid --daemon

    KALLITHEA_WHOOSH_TEST_DISABLE=1 KALLITHEA_NO_TMP_PATH=1 py.test

    kill -9 $(cat test.pid)

In these commands, the following variables are used::

    KALLITHEA_WHOOSH_TEST_DISABLE=1 - skip whoosh index building and tests

    KALLITHEA_NO_TMP_PATH=1 - disable new temp path for tests, used mostly for testing_vcs_operations

You can run individual tests by specifying their path as argument to py.test.

py.test also has many more options, see `py.test -h`. Some useful options

are::

    -k EXPRESSION         only run tests which match the given substring

                          expression. An expression is a python evaluatable

                          expression where all names are substring-matched

                          against test names and their parent classes. Example:

    -x, --exitfirst       exit instantly on first error or failed test.

    --lf                  rerun only the tests that failed at the last run (or

                          all if none failed)

    --ff                  run all tests but run the last failures first. This

                          may re-order tests and thus lead to repeated fixture

                          setup/teardown

    --pdb                 start the interactive Python debugger on errors.

    -s, --capture=no      don't capture stdout (any stdout output will be

                          printed immediately)

.. _installation:

==========================

Installation on Unix/Linux

==========================

The following describes three different ways of installing Kallithea:

- :ref:`installation-source`: The simplest way to keep the installation

  up-to-date and track any local customizations is to run directly from

  source in a Kallithea repository clone, preferably inside a virtualenv

  virtual Python environment.

- :ref:`installation-virtualenv`: If you prefer to only use released versions

  of Kallithea, the recommended method is to install Kallithea in a virtual

  Python environment using `virtualenv`. The advantages of this method over

  direct installation is that Kallithea and its dependencies are completely

  contained inside the virtualenv (which also means you can have multiple

  installations side by side or remove it entirely by just removing the

  virtualenv directory) and does not require root privileges.

- :ref:`installation-without-virtualenv`: The alternative method of installing

  a Kallithea release is using standard pip. The package will be installed in

  the same location as all other Python packages you have ever installed. As a

  result, removing it is not as straightforward as with a virtualenv, as you'd

  have to remove its dependencies manually and make sure that they are not

  needed by other packages.

.. _installation-source:

Installation from repository source

-----------------------------------

To install Kallithea in a virtualenv_ using the stable branch of the development

repository, follow the instructions below::

        hg clone https://kallithea-scm.org/repos/kallithea -u stable

        cd kallithea

        virtualenv ../kallithea-venv

        source ../kallithea-venv/bin/activate

        pip install --upgrade pip setuptools

        python2 setup.py compile_catalog   # for translation of the UI

You can now proceed to :ref:`setup`.

To upgrade, simply update the repository with ``hg pull -u`` and restart the

server.

.. _installation-virtualenv:

Installing a released version in a virtualenv

---------------------------------------------

It is highly recommended to use a separate virtualenv_ for installing Kallithea.

This way, all libraries required by Kallithea will be installed separately from your

main Python installation and other applications and things will be less

problematic when upgrading the system or Kallithea.

An additional benefit of virtualenv_ is that it doesn't require root privileges.

- Assuming you have installed virtualenv_, create a new virtual environment

  for example, in `/srv/kallithea/venv`, using the virtualenv command::

    virtualenv /srv/kallithea/venv

- Activate the virtualenv_ in your current shell session and make sure the

  basic requirements are up-to-date by running::

    source /srv/kallithea/venv/bin/activate

    pip install --upgrade pip setuptools

.. note:: You can't use UNIX ``sudo`` to source the ``virtualenv`` script; it

   will "activate" a shell that terminates immediately. It is also perfectly

   acceptable (and desirable) to create a virtualenv as a normal user.

.. note:: Some dependencies are optional. If you need them, install them in

   the virtualenv too::

     pip install psycopg2

     pip install python-ldap

   This might require installation of development packages using your

   distribution's package manager.

- Make a folder for Kallithea data files, and configuration somewhere on the

  filesystem. For example::

    mkdir /srv/kallithea

- Go into the created directory and run this command to install Kallithea::

    pip install kallithea

  Alternatively, download a .tar.gz from http://pypi.python.org/pypi/Kallithea,

  extract it and run::

- This will install Kallithea together with pylons_ and all other required

  python libraries into the activated virtualenv.

You can now proceed to :ref:`setup`.

.. _installation-without-virtualenv:

Installing a released version without virtualenv

------------------------------------------------

For installation without virtualenv, 'just' use::

    pip install kallithea

Note that this method requires root privileges and will install packages

globally without using the system's package manager.

To install as a regular user in ``~/.local``, you can use::

    pip install --user kallithea

You can now proceed to :ref:`setup`.

Upgrading Kallithea from Python Package Index (PyPI)

----------------------------------------------------

.. note::

   It is strongly recommended that you **always** perform a database and

   configuration backup before doing an upgrade.

   These directions will use '{version}' to note that this is the version of

   Kallithea that these files were used with.  If backing up your Kallithea

   instance from version 0.1 to 0.2, the ``my.ini`` file could be

   backed up to ``my.ini.0-1``.

If using a SQLite database, stop the Kallithea process/daemon/service, and

then make a copy of the database file::

 service kallithea stop

 cp kallithea.db kallithea.db.{version}

Back up your configuration file::

 cp my.ini my.ini.{version}

installing Kallithea.

Python environment

------------------

**Kallithea** is written entirely in Python_ and requires Python version

2.6 or higher. Python 3.x is currently not supported.

Given a Python installation, there are different ways of providing the

environment for running Python applications. Each of them pretty much

corresponds to a ``site-packages`` directory somewhere where packages can be

installed.

Kallithea itself can be run from source or be installed, but even when running

from source, there are some dependencies that must be installed in the Python

environment used for running Kallithea.

- Packages *could* be installed in Python's ``site-packages`` directory ... but

  that would require running pip_ as root and it would be hard to uninstall or

  upgrade and is probably not a good idea unless using a package manager.

- Packages could also be installed in ``~/.local`` ... but that is probably

  only a good idea if using a dedicated user per application or instance.

- Finally, it can be installed in a virtualenv_. That is a very lightweight

  "container" where each Kallithea instance can get its own dedicated and

  self-contained virtual environment.

We recommend using virtualenv for installing Kallithea.

Installation methods

--------------------

Kallithea must be installed on a server. Kallithea is installed in a Python

environment so it can use packages that are installed there and make itself

available for other packages.

Two different cases will pretty much cover the options for how it can be

installed.

- The Kallithea source repository can be cloned and used -- it is kept stable and

  can be used in production. The Kallithea maintainers use the development

  branch in production. The advantage of installation from source and regularly

  updating it is that you take advantage of the most recent improvements. Using

  it directly from a DVCS also means that it is easy to track local customizations.

  necessary dependencies in the Python environment and create a

  ``.../site-packages/Kallithea.egg-link`` file there that points at the Kallithea

  source.

- Kallithea can also be installed from ready-made packages using a package manager.

  The official released versions are available on PyPI_ and can be downloaded and

  installed with all dependencies using ``pip install kallithea``.

  With this method, Kallithea is installed in the Python environment as any

  other package, usually as a ``.../site-packages/Kallithea-X-py2.7.egg/``

  directory with Python files and everything else that is needed.

  (``pip install kallithea`` from a source tree will do pretty much the same

  but build the Kallithea package itself locally instead of downloading it.)

Web server

----------

Kallithea is (primarily) a WSGI_ application that must be run from a web

server that serves WSGI applications over HTTP.

Kallithea itself is not serving HTTP (or HTTPS); that is the web server's

responsibility. Kallithea does however need to know its own user facing URL

(protocol, address, port and path) for each HTTP request. Kallithea will

usually use its own HTML/cookie based authentication but can also be configured

to use web server authentication.

There are several web server options:

- Kallithea uses the Paste_ tool as command line interface. Paste provides

  ``paster serve`` as a convenient way to launch a Python WSGI / web server

  from the command line. That is perfect for development and evaluation.

  Actual use in production might have different requirements and need extra

  work to make it manageable as a scalable system service.

  Paste comes with its own built-in web server but Kallithea defaults to use

  Waitress_. Gunicorn_ is also an option. These web servers have different

  limited feature sets.

  The web server used by ``paster`` is configured in the ``.ini`` file passed

  to it. The entry point for the WSGI application is configured

  in ``setup.py`` as ``kallithea.config.middleware:make_app``.

- `Apache httpd`_ can serve WSGI applications directly using mod_wsgi_ and a

  simple Python file with the necessary configuration. This is a good option if

  Apache is an option.

# -*- coding: utf-8 -*-

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

kallithea

~~~~~~~~~

Kallithea, a web based repository management based on pylons

versioning implementation: http://www.python.org/dev/peps/pep-0386/

This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: Apr 9, 2010

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, (C) 2014 Bradley M. Kuhn, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

import sys

import platform

BACKENDS = {

    'hg': 'Mercurial repository',

    'git': 'Git repository',

}

CELERY_ON = False

CELERY_EAGER = False

# link to config for pylons

CONFIG = {}

# Linked module for extensions

EXTENSIONS = {}

# BRAND controls internal references in database and config to the products

# own name.

#

# NOTE: If you want compatibility with a database that was originally created

#  for use with the RhodeCode software product, change BRAND to "rhodecode",

#  either by editing here or by creating a new file:

#  echo "BRAND = 'rhodecode'" > kallithea/brand.py

BRAND = "kallithea"

try:

    from kallithea.brand import BRAND

except ImportError:

    pass

# Prefix for the ui and settings table names

DB_PREFIX = (BRAND + "_") if BRAND != "kallithea" else ""

# Users.extern_type and .extern_name value for local users

EXTERN_TYPE_INTERNAL = BRAND if BRAND != 'kallithea' else 'internal'

# db_migrate_version.repository_id value, same as kallithea/lib/dbmigrate/migrate.cfg

DB_MIGRATIONS = BRAND + "_db_migrations"

try:

    from kallithea.lib import get_current_revision

    _rev = get_current_revision(quiet=True)

    if _rev and len(VERSION) > 3:

        VERSION += (_rev[0],)

except ImportError:

    pass

__version__ = ('.'.join((str(each) for each in VERSION[:3])))

__dbversion__ = 31  # defines current db version for migrations

__platform__ = platform.system()

# -*- coding: utf-8 -*-

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

kallithea.lib.auth_modules.auth_pam

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Kallithea authentication library for PAM

This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: Created on Apr 09, 2013

:author: Alexey Larikov

"""

import logging

import time

import pwd

import grp

import re

import socket

import threading

from kallithea.lib import auth_modules

from kallithea.lib.compat import formatted_json, hybrid_property

log = logging.getLogger(__name__)

# Cache to store PAM authenticated users

_auth_cache = dict()

_pam_lock = threading.Lock()

class KallitheaAuthPlugin(auth_modules.KallitheaExternalAuthPlugin):

    # PAM authnetication can be slow. Repository operations involve a lot of

    # auth calls. Little caching helps speedup push/pull operations significantly

    AUTH_CACHE_TTL = 4

    def __init__(self):

        global _auth_cache

        ts = time.time()

        cleared_cache = dict(

            [(k, v) for (k, v) in _auth_cache.items() if

             (v + KallitheaAuthPlugin.AUTH_CACHE_TTL > ts)])

        _auth_cache = cleared_cache

    @hybrid_property

    def name(self):

        return "pam"

    def settings(self):

        settings = [

            {

                "name": "service",

                "validator": self.validators.UnicodeString(strip=True),

                "type": "string",

                "description": "PAM service name to use for authentication",

                "default": "login",

                "formname": "PAM service name"

            },

            {

                "name": "gecos",

                "validator": self.validators.UnicodeString(strip=True),

                "type": "string",

                "description": "Regex for extracting user name/email etc "

                               "from Unix userinfo",

                "default": "(?P<last_name>.+),\s*(?P<first_name>\w+)",

                "formname": "Gecos Regex"

            }

        ]

        return settings

    def use_fake_password(self):

        return True

    def auth(self, userobj, username, password, settings, **kwargs):

        if not username:

            log.debug('Empty username - skipping...')

            return None

        if username not in _auth_cache:

            # Need lock here, as PAM authentication is not thread safe

            _pam_lock.acquire()

            try:

                                               settings["service"])

                # cache result only if we properly authenticated

                if auth_result:

                    _auth_cache[username] = time.time()

            finally:

                _pam_lock.release()

            if not auth_result:

                log.error("PAM was unable to authenticate user: %s", username)

                return None

        else:

            log.debug("Using cached auth for user: %s", username)

        # old attrs fetched from Kallithea database

        admin = getattr(userobj, 'admin', False)

        active = getattr(userobj, 'active', True)

        email = getattr(userobj, 'email', '') or "%s@%s" % (username, socket.gethostname())

        firstname = getattr(userobj, 'firstname', '')

        lastname = getattr(userobj, 'lastname', '')

        user_data = {

            'username': username,

            'firstname': firstname,

            'lastname': lastname,

            'groups': [g.gr_name for g in grp.getgrall() if username in g.gr_mem],

            'email': email,

            'admin': admin,

            'active': active,

            "active_from_extern": None,

            'extern_name': username,

        }

        try:

            user_pw_data = pwd.getpwnam(username)

            regex = settings["gecos"]

            match = re.search(regex, user_pw_data.pw_gecos)

            if match:

                user_data["firstname"] = match.group('first_name')

                user_data["lastname"] = match.group('last_name')

        except Exception:

            log.warning("Cannot extract additional info for PAM user %s", username)

            pass

        log.debug("pamuser: \n%s", formatted_json(user_data))

        log.info('user %s authenticated correctly', user_data['username'])

        return user_data

    def get_managed_fields(self):