.. _changelog:

=========

Changelog

=========

1.4.0 (**2012-XX-XX**)

----------------------

:status: in-progress

:branch: beta

news

++++

- new codereview system

- email map, allowing users to have multiple email addresses mapped into

  their accounts

- improved git-hook system. Now all actions for git are logged into journal

  including pushed revisions, user and IP address

- changed setup-app into setup-rhodecode and added default options to it.

- new git repos are created as bare now by default

- #464 added links to groups in permission box

- #465 mentions autocomplete inside comments boxes

- #469 added --update-only option to whoosh to re-index only given list

  of repos in index 

- rhodecode-api CLI client

- new git http protocol replaced buggy dulwich implementation.

  Now based on pygrack & gitweb

- Improved RSS/ATOM feeds. Discoverable by browsers using proper headers, and 

  reformated based on user suggestions. Additional rss/atom feeds for user

  journal

- various i18n improvements

- #478 permissions overview for admin in user edit view

fixes

+++++

- improved translations

- fixes issue #455 Creating an archive generates an exception on Windows

- fixes #448 Download ZIP archive keeps file in /tmp open and results 

  in out of disk space

- fixes issue #454 Search results under Windows include proceeding

  backslash

- fixed issue #450. Rhodecode no longer will crash when bad revision is

  present in journal data.

- fix for issue #417, git execution was broken on windows for certain

  commands.

- fixed #413. Don't disable .git directory for bare repos on deleting

- fixed issue #459. Changed the way of obtaining logger in reindex task.

- fixed #453 added ID field in whoosh SCHEMA that solves the issue of

  reindexing modified files

1.3.6 (**2012-05-17**)

----------------------

news

++++

- chinese traditional translation

- changed setup-app into setup-rhodecode and added arguments for auto-setup 

  mode that doesn't need user interaction 

fixes

+++++

- fixed no scm found warning

- fixed __future__ import error on rcextensions

- made simplejson required lib for speedup on JSON encoding

- fixes #449 bad regex could get more than revisions from parsing history

- don't clear DB session when CELERY_EAGER is turned ON

1.3.5 (**2012-05-10**)

----------------------

news

++++

- use ext_json for json module

- unified annotation view with file source view

- notification improvements, better inbox + css

- #419 don't strip passwords for login forms, make rhodecode 

  more compatible with LDAP servers

- Added HTTP_X_FORWARDED_FOR as another method of extracting 

  IP for pull/push logs. - moved all to base controller  

- #415: Adding comment to changeset causes reload. 

  Comments are now added via ajax and doesn't reload the page

- #374 LDAP config is discarded when LDAP can't be activated

- limited push/pull operations are now logged for git in the journal

- bumped mercurial to 2.2.X series

- added support for displaying submodules in file-browser

- #421 added bookmarks in changelog view

fixes

+++++

- fixed dev-version marker for stable when served from source codes

- fixed missing permission checks on show forks page

- #418 cast to unicode fixes in notification objects

- #426 fixed mention extracting regex

- fixed remote-pulling for git remotes remopositories

- fixed #434: Error when accessing files or changesets of a git repository 

  with submodules

- fixed issue with empty APIKEYS for users after registration ref. #438

- fixed issue with getting README files from git repositories

1.3.4 (**2012-03-28**)

----------------------

news

++++

- Whoosh logging is now controlled by the .ini files logging setup

- added clone-url into edit form on /settings page

- added help text into repo add/edit forms

- created rcextensions module with additional mappings (ref #322) and

  post push/pull/create repo hooks callbacks

- implemented #377 Users view for his own permissions on account page

- #399 added inheritance of permissions for users group on repos groups

- #401 repository group is automatically pre-selected when adding repos 

  inside a repository group

- added alternative HTTP 403 response when client failed to authenticate. Helps 

  solving issues with Mercurial and LDAP

- #402 removed group prefix from repository name when listing repositories 

  inside a group

- added gravatars into permission view and permissions autocomplete

- #347 when running multiple RhodeCode instances, properly invalidates cache 

  for all registered servers

fixes

+++++

- fixed #390 cache invalidation problems on repos inside group

- fixed #385 clone by ID url was loosing proxy prefix in URL

- fixed some unicode problems with waitress

- fixed issue with escaping < and > in changeset commits

- fixed error occurring during recursive group creation in API 

  create_repo function

- fixed #393 py2.5 fixes for routes url generator

- fixed #397 Private repository groups shows up before login

- fixed #396 fixed problems with revoking users in nested groups

- fixed mysql unicode issues + specified InnoDB as default engine with 

  utf8 charset

- #406 trim long branch/tag names in changelog to not break UI

1.3.3 (**2012-03-02**)

----------------------

news

++++

fixes

+++++

- fixed some python2.5 compatibility issues 

- fixed issues with removed repos was accidentally added as groups, after

  full rescan of paths

- fixes #376 Cannot edit user (using container auth)

- fixes #378 Invalid image urls on changeset screen with proxy-prefix 

  configuration

- fixed initial sorting of repos inside repo group

- fixes issue when user tried to resubmit same permission into user/user_groups

- bumped beaker version that fixes #375 leap error bug

- fixed raw_changeset for git. It was generated with hg patch headers

- fixed vcs issue with last_changeset for filenodes

- fixed missing commit after hook delete

- fixed #372 issues with git operation detection that caused a security issue 

  for git repos

1.3.2 (**2012-02-28**)

----------------------

news

++++

fixes

+++++

- fixed git protocol issues with repos-groups

- fixed git remote repos validator that prevented from cloning remote git repos

- fixes #370 ending slashes fixes for repo and groups

- fixes #368 improved git-protocol detection to handle other clients

- fixes #366 When Setting Repository Group To Blank Repo Group Wont Be 

  Moved To Root

- fixes #371 fixed issues with beaker/sqlalchemy and non-ascii cache keys 

- fixed #373 missing cascade drop on user_group_to_perm table

1.3.1 (**2012-02-27**)

----------------------

news

++++

fixes

+++++

- redirection loop occurs when remember-me wasn't checked during login

- fixes issues with git blob history generation 

- don't fetch branch for git in file history dropdown. Causes unneeded slowness

1.3.0 (**2012-02-26**)

----------------------

news

++++

- code review, inspired by github code-comments 

- #215 rst and markdown README files support

- #252 Container-based and proxy pass-through authentication support

- #44 branch browser. Filtering of changelog by branches

- mercurial bookmarks support

- new hover top menu, optimized to add maximum size for important views

- configurable clone url template with possibility to specify  protocol like 

  ssh:// or http:// and also manually alter other parts of clone_url.

- enabled largefiles extension by default

- optimized summary file pages and saved a lot of unused space in them

- #239 option to manually mark repository as fork

- #320 mapping of commit authors to RhodeCode users

- #304 hashes are displayed using monospace font    

- diff configuration, toggle white lines and context lines

- #307 configurable diffs, whitespace toggle, increasing context lines

- sorting on branches, tags and bookmarks using YUI datatable

- improved file filter on files page

- implements #330 api method for listing nodes ar particular revision

- #73 added linking issues in commit messages to chosen issue tracker url

  based on user defined regular expression

- added linking of changesets in commit messages  

- new compact changelog with expandable commit messages

- firstname and lastname are optional in user creation

- #348 added post-create repository hook

- #212 global encoding settings is now configurable from .ini files 

- #227 added repository groups permissions

- markdown gets codehilite extensions

- new API methods, delete_repositories, grante/revoke permissions for groups 

  and repos

fixes

+++++

- rewrote dbsession management for atomic operations, and better error handling

- fixed sorting of repo tables

- #326 escape of special html entities in diffs

- normalized user_name => username in api attributes

- fixes #298 ldap created users with mixed case emails created conflicts 

  on saving a form

- fixes issue when owner of a repo couldn't revoke permissions for users 

  and groups

- fixes #271 rare JSON serialization problem with statistics

- fixes #337 missing validation check for conflicting names of a group with a

  repositories group

- #340 fixed session problem for mysql and celery tasks

- fixed #331 RhodeCode mangles repository names if the a repository group 

  contains the "full path" to the repositories

- #355 RhodeCode doesn't store encrypted LDAP passwords

1.2.5 (**2012-01-28**)

----------------------

news

++++

fixes

+++++

- #340 Celery complains about MySQL server gone away, added session cleanup

  for celery tasks

- #341 "scanning for repositories in None" log message during Rescan was missing

  a parameter

- fixed creating archives with subrepos. Some hooks were triggered during that

  operation leading to crash.

- fixed missing email in account page.

- Reverted Mercurial to 2.0.1 for windows due to bug in Mercurial that makes

  forking on windows impossible 

1.2.4 (**2012-01-19**)

----------------------

news

++++

- RhodeCode is bundled with mercurial series 2.0.X by default, with

  full support to largefiles extension. Enabled by default in new installations

- #329 Ability to Add/Remove Groups to/from a Repository via AP

- added requires.txt file with requirements

fixes

+++++

- fixes db session issues with celery when emailing admins

- #331 RhodeCode mangles repository names if the a repository group 

  contains the "full path" to the repositories

- #298 Conflicting e-mail addresses for LDAP and RhodeCode users

- DB session cleanup after hg protocol operations, fixes issues with

  `mysql has gone away` errors

- #333 doc fixes for get_repo api function

- #271 rare JSON serialization problem with statistics enabled

- #337 Fixes issues with validation of repository name conflicting with 

  a group name. A proper message is now displayed.

- #292 made ldap_dn in user edit readonly, to get rid of confusion that field

  doesn't work   

- #316 fixes issues with web description in hgrc files 

1.2.3 (**2011-11-02**)

----------------------

news

++++

- added option to manage repos group for non admin users

- added following API methods for get_users, create_user, get_users_groups, 

  get_users_group, create_users_group, add_user_to_users_groups, get_repos, 

  get_repo, create_repo, add_user_to_repo

- implements #237 added password confirmation for my account 

  and admin edit user.

- implements #291 email notification for global events are now sent to all

  administrator users, and global config email.

fixes

+++++

- added option for passing auth method for smtp mailer

- #276 issue with adding a single user with id>10 to usergroups

- #277 fixes windows LDAP settings in which missing values breaks the ldap auth 

- #288 fixes managing of repos in a group for non admin user

1.2.2 (**2011-10-17**)

----------------------

news

++++

- #226 repo groups are available by path instead of numerical id

fixes

+++++

- #259 Groups with the same name but with different parent group

- #260 Put repo in group, then move group to another group -> repo becomes unavailable

- #258 RhodeCode 1.2 assumes egg folder is writable (lockfiles problems)

- #265 ldap save fails sometimes on converting attributes to booleans, 

  added getter and setter into model that will prevent from this on db model level

- fixed problems with timestamps issues #251 and #213

- fixes #266 RhodeCode allows to create repo with the same name and in 

  the same parent as group

- fixes #245 Rescan of the repositories on Windows

- fixes #248 cannot edit repos inside a group on windows

- fixes #219 forking problems on windows

1.2.1 (**2011-10-08**)

----------------------

news

++++

fixes

+++++

- fixed problems with basic auth and push problems 

- gui fixes

- fixed logger

1.2.0 (**2011-10-07**)

----------------------

news

++++

- implemented #47 repository groups

- implemented #89 Can setup google analytics code from settings menu

- implemented #91 added nicer looking archive urls with more download options

  like tags, branches

- implemented #44 into file browsing, and added follow branch option

- implemented #84 downloads can be enabled/disabled for each repository

- anonymous repository can be cloned without having to pass default:default

  into clone url

- fixed #90 whoosh indexer can index chooses repositories passed in command 

  line

- extended journal with day aggregates and paging

- implemented #107 source code lines highlight ranges

- implemented #93 customizable changelog on combined revision ranges - 

  equivalent of githubs compare view 

- implemented #108 extended and more powerful LDAP configuration

- implemented #56 users groups

- major code rewrites optimized codes for speed and memory usage

- raw and diff downloads are now in git format

- setup command checks for write access to given path

- fixed many issues with international characters and unicode. It uses utf8

  decode with replace to provide less errors even with non utf8 encoded strings

- #125 added API KEY access to feeds

- #109 Repository can be created from external Mercurial link (aka. remote 

  repository, and manually updated (via pull) from admin panel

- beta git support - push/pull server + basic view for git repos

- added followers page and forks page

- server side file creation (with binary file upload interface) 

  and edition with commits powered by codemirror 

- #111 file browser file finder, quick lookup files on whole file tree 

- added quick login sliding menu into main page

- changelog uses lazy loading of affected files details, in some scenarios 

  this can improve speed of changelog page dramatically especially for 

  larger repositories.

- implements #214 added support for downloading subrepos in download menu.

- Added basic API for direct operations on rhodecode via JSON

- Implemented advanced hook management

fixes

+++++

- fixed file browser bug, when switching into given form revision the url was 

  not changing

- fixed propagation to error controller on simplehg and simplegit middlewares

- fixed error when trying to make a download on empty repository

- fixed problem with '[' chars in commit messages in journal

- fixed #99 Unicode errors, on file node paths with non utf-8 characters

- journal fork fixes

- removed issue with space inside renamed repository after deletion

- fixed strange issue on formencode imports

- fixed #126 Deleting repository on Windows, rename used incompatible chars. 

- #150 fixes for errors on repositories mapped in db but corrupted in 

  filesystem

- fixed problem with ascendant characters in realm #181

- fixed problem with sqlite file based database connection pool

- whoosh indexer and code stats share the same dynamic extensions map

- fixes #188 - relationship delete of repo_to_perm entry on user removal

- fixes issue #189 Trending source files shows "show more" when no more exist

- fixes issue #197 Relative paths for pidlocks

- fixes issue #198 password will require only 3 chars now for login form

- fixes issue #199 wrong redirection for non admin users after creating a repository

- fixes issues #202, bad db constraint made impossible to attach same group 

  more than one time. Affects only mysql/postgres

- fixes #218 os.kill patch for windows was missing sig param

- improved rendering of dag (they are not trimmed anymore when number of 

from rhodecode.lib.rcmail.response import MailResponse

from rhodecode.lib.rcmail.exceptions import BadHeaders

from rhodecode.lib.rcmail.exceptions import InvalidMessage

class Attachment(object):

    """

    Encapsulates file attachment information.

    :param filename: filename of attachment

    :param content_type: file mimetype

    :param data: the raw file data, either as string or file obj

    :param disposition: content-disposition (if any)

    """

    def __init__(self,

                 filename=None,

                 content_type=None,

                 data=None,

                 disposition=None):

        self.filename = filename

        self.content_type = content_type

        self.disposition = disposition or 'attachment'

        self._data = data

    @property

    def data(self):

        if isinstance(self._data, basestring):

            return self._data

        self._data = self._data.read()

        return self._data

class Message(object):

    """

    Encapsulates an email message.

    :param subject: email subject header

    :param recipients: list of email addresses

    :param body: plain text message

    :param html: HTML message

    :param sender: email sender address

    :param cc: CC list

    :param bcc: BCC list

    :param extra_headers: dict of extra email headers

    :param attachments: list of Attachment instances

    :param recipients_separator: alternative separator for any of

        'From', 'To', 'Delivered-To', 'Cc', 'Bcc' fields

    """

    def __init__(self,

                 subject=None,

                 recipients=None,

                 body=None,

                 html=None,

                 sender=None,

                 cc=None,

                 bcc=None,

                 extra_headers=None,

                 attachments=None,

                 recipients_separator="; "):

        self.subject = subject or ''

        self.sender = sender

        self.body = body

        self.html = html

        self.recipients = recipients or []

        self.attachments = attachments or []

        self.cc = cc or []

        self.bcc = bcc or []

        self.extra_headers = extra_headers or {}

        self.recipients_separator = recipients_separator

    @property

    def send_to(self):

        return set(self.recipients) | set(self.bcc or ()) | set(self.cc or ())

    def to_message(self):

        """

        Returns raw email.Message instance.Validates message first.

        """

        self.validate()

        return self.get_response().to_message()

    def get_response(self):

        """

        Creates a Lamson MailResponse instance

        """

        response = MailResponse(Subject=self.subject,

                                To=self.recipients,

                                From=self.sender,

                                Body=self.body,

                                Html=self.html,

                                separator=self.recipients_separator)

        if self.cc:

            response.base['Cc'] = self.cc

        for attachment in self.attachments:

            response.attach(attachment.filename,

                            attachment.content_type,

                            attachment.data,

                            attachment.disposition)

        response.update(self.extra_headers)

        return response

    def is_bad_headers(self):

        """

        Checks for bad headers i.e. newlines in subject, sender or recipients.

        """

        headers = [self.subject, self.sender]

        headers += list(self.send_to)

        headers += self.extra_headers.values()

        for val in headers:

            for c in '\r\n':

                if c in val:

                    return True

        return False

    def validate(self):

        """

        Checks if message is valid and raises appropriate exception.

        """

        if not self.recipients:

        if not self.body and not self.html:

        if not self.sender:

        if self.is_bad_headers():

            raise BadHeaders

    def add_recipient(self, recipient):

        """

        Adds another recipient to the message.

        :param recipient: email address of recipient.

        """

        self.recipients.append(recipient)

    def add_cc(self, recipient):

        """

        Adds an email address to the CC list.

        :param recipient: email address of recipient.

        """

        self.cc.append(recipient)

    def add_bcc(self, recipient):

        """

        Adds an email address to the BCC list.

        :param recipient: email address of recipient.

        """

        self.bcc.append(recipient)

    def attach(self, attachment):

        """

        Adds an attachment to the message.

        :param attachment: an **Attachment** instance.

        """

        self.attachments.append(attachment)

# The code in this module is entirely lifted from the Lamson project

# (http://lamsonproject.org/).  Its copyright is:

# Copyright (c) 2008, Zed A. Shaw

# All rights reserved.

# It is provided under this license:

# Redistribution and use in source and binary forms, with or without

# modification, are permitted provided that the following conditions are met:

# * Redistributions of source code must retain the above copyright notice, this

#   list of conditions and the following disclaimer.

# * Redistributions in binary form must reproduce the above copyright notice,

#   this list of conditions and the following disclaimer in the documentation

#   and/or other materials provided with the distribution.

# * Neither the name of the Zed A. Shaw nor the names of its contributors may

#   be used to endorse or promote products derived from this software without

#   specific prior written permission.

# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS

# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT

# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS

# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE

# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,

# INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES

# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR

# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE

# POSSIBILITY OF SUCH DAMAGE.

import os

import mimetypes

import string

from email import encoders

from email.charset import Charset

from email.utils import parseaddr

from email.mime.base import MIMEBase

ADDRESS_HEADERS_WHITELIST = ['From', 'To', 'Delivered-To', 'Cc']

DEFAULT_ENCODING = "utf-8"

VALUE_IS_EMAIL_ADDRESS = lambda v: '@' in v

def normalize_header(header):

    return string.capwords(header.lower(), '-')

class EncodingError(Exception):

    """Thrown when there is an encoding error."""

    pass

class MailBase(object):

    """MailBase is used as the basis of lamson.mail and contains the basics of

    encoding an email.  You actually can do all your email processing with this

    class, but it's more raw.

    """

    def __init__(self, items=()):

        self.headers = dict(items)

        self.parts = []

        self.body = None

        self.content_encoding = {'Content-Type': (None, {}),

                                 'Content-Disposition': (None, {}),

                                 'Content-Transfer-Encoding': (None, {})}

    def __getitem__(self, key):

        return self.headers.get(normalize_header(key), None)

    def __len__(self):

        return len(self.headers)

    def __iter__(self):

        return iter(self.headers)

    def __contains__(self, key):

        return normalize_header(key) in self.headers

    def __setitem__(self, key, value):

        self.headers[normalize_header(key)] = value

    def __delitem__(self, key):

        del self.headers[normalize_header(key)]

    def __nonzero__(self):

        return self.body != None or len(self.headers) > 0 or len(self.parts) > 0

    def keys(self):

        """Returns the sorted keys."""

        return sorted(self.headers.keys())

    def attach_file(self, filename, data, ctype, disposition):

        """

        A file attachment is a raw attachment with a disposition that

        indicates the file name.

        """

        assert filename, "You can't attach a file without a filename."

        ctype = ctype.lower()

        part = MailBase()

        part.body = data

        part.content_encoding['Content-Type'] = (ctype, {'name': filename})

        part.content_encoding['Content-Disposition'] = (disposition,

                                                        {'filename': filename})

        self.parts.append(part)

    def attach_text(self, data, ctype):

        """

        This attaches a simpler text encoded part, which doesn't have a

        filename.

        """

        ctype = ctype.lower()

        part = MailBase()

        part.body = data

        part.content_encoding['Content-Type'] = (ctype, {})

        self.parts.append(part)

    def walk(self):

        for p in self.parts:

            yield p

            for x in p.walk():

                yield x

class MailResponse(object):

    """

    You are given MailResponse objects from the lamson.view methods, and

    whenever you want to generate an email to send to someone.  It has the

    same basic functionality as MailRequest, but it is designed to be written

    to, rather than read from (although you can do both).

    You can easily set a Body or Html during creation or after by passing it

    as __init__ parameters, or by setting those attributes.

    You can initially set the From, To, and Subject, but they are headers so

    use the dict notation to change them: msg['From'] = 'joe@test.com'.

    The message is not fully crafted until right when you convert it with

    MailResponse.to_message.  This lets you change it and work with it, then

    send it out when it's ready.

    """

    def __init__(self, To=None, From=None, Subject=None, Body=None, Html=None,

                 separator="; "):

        self.Body = Body

        self.Html = Html

        self.base = MailBase([('To', To), ('From', From), ('Subject', Subject)])

        self.multipart = self.Body and self.Html

        self.attachments = []

        self.separator = separator

    def __contains__(self, key):

        return self.base.__contains__(key)

    def __getitem__(self, key):

        return self.base.__getitem__(key)

    def __setitem__(self, key, val):

        return self.base.__setitem__(key, val)

    def __delitem__(self, name):

        del self.base[name]

    def attach(self, filename=None, content_type=None, data=None,

               disposition=None):

        """

        Simplifies attaching files from disk or data as files.  To attach

        simple text simple give data and a content_type.  To attach a file,

        give the data/content_type/filename/disposition combination.

        For convenience, if you don't give data and only a filename, then it

        will read that file's contents when you call to_message() later.  If

        you give data and filename then it will assume you've filled data

        with what the file's contents are and filename is just the name to

        use.

        """

        assert filename or data, ("You must give a filename or some data to "

                                  "attach.")

        assert data or os.path.exists(filename), ("File doesn't exist, and no "

                                                  "data given.")

        self.multipart = True

        if filename and not content_type:

            content_type, encoding = mimetypes.guess_type(filename)

        assert content_type, ("No content type given, and couldn't guess "

                              "from the filename: %r" % filename)

        self.attachments.append({'filename': filename,

                                 'content_type': content_type,

                                 'data': data,

                                 'disposition': disposition,})

    def attach_part(self, part):

        """

        Attaches a raw MailBase part from a MailRequest (or anywhere)

        so that you can copy it over.

        """

        self.multipart = True

        self.attachments.append({'filename': None,

                                 'content_type': None,

                                 'data': None,

                                 'disposition': None,

                                 'part': part,

                                 })

    def attach_all_parts(self, mail_request):

        """

        Used for copying the attachment parts of a mail.MailRequest

        object for mailing lists that need to maintain attachments.

        """

        for part in mail_request.all_parts():

            self.attach_part(part)

        self.base.content_encoding = mail_request.base.content_encoding.copy()

    def clear(self):

        """

        Clears out the attachments so you can redo them.  Use this to keep the

        headers for a series of different messages with different attachments.

        """

        del self.attachments[:]

        del self.base.parts[:]

        self.multipart = False

    def update(self, message):

        """

        Used to easily set a bunch of heading from another dict

        like object.

        """