user = None

    if user:

        if user.active:

            if user.username == username and user.password == password_crypt:

                log.info('user %s authenticated correctly', username)

                return True

        else:

            log.error('user %s is disabled', username)

    return False

class  AuthUser(object):

    """

    A simple object that handles a mercurial username for authentication

    """

    def __init__(self):

        self.username = 'None'

        self.name = ''

        self.lastname = ''

        self.user_id = None

        self.is_authenticated = False

        self.is_admin = False

        self.permissions = {}

def set_available_permissions(config):

    """

    This function will propagate pylons globals with all available defined

    permission given in db. We don't wannt to check each time from db for new 

    permissions since adding a new permission also requires application restart

    ie. to decorate new views with the newly created permission

    @param config:

    """

    log.info('getting information about all available permissions')

    try:

        sa = meta.Session

        all_perms = sa.query(Permission).all()

    finally:

        meta.Session.remove()

    config['available_permissions'] = [x.permission_name for x in all_perms]

def set_base_path(config):

    config['base_path'] = config['pylons.app_globals'].base_path

def fill_data(user):

    """

    @param user:

    """

    sa = meta.Session

    dbuser = sa.query(User).get(user.user_id)

    user.username = dbuser.username

    user.is_admin = dbuser.admin

    user.name = dbuser.name

    user.lastname = dbuser.lastname

    meta.Session.remove()

    return user

def fill_perms(user):

    """

    Fills user permission attribute with permissions taken from database

    @param user:

    """

    sa = meta.Session

    user.permissions['repositories'] = {}

    user.permissions['global'] = set()

    #first fetch default permissions

    default_perms = sa.query(Repo2Perm, Repository, Permission)\

        .join((Repository, Repo2Perm.repository_id == Repository.repo_id))\

        .join((Permission, Repo2Perm.permission_id == Permission.permission_id))\

        .filter(Repo2Perm.user_id == sa.query(User).filter(User.username == 

                                            'default').one().user_id).all()

    if user.is_admin:

        user.permissions['global'].add('hg.admin')

        #admin have all rights set to admin

        for perm in default_perms:

            p = 'repository.admin'

            user.permissions['repositories'][perm.Repo2Perm.repository.repo_name] = p

    else:

        user.permissions['global'].add('repository.create')

        for perm in default_perms:

            if perm.Repository.private and not perm.Repository.user_id == user.user_id:

                #disable defaults for private repos,

                p = 'repository.none'

            elif perm.Repository.user_id == user.user_id:

                #set admin if owner

                p = 'repository.admin'

            else:

                p = perm.Permission.permission_name

            user.permissions['repositories'][perm.Repo2Perm.repository.repo_name] = p

        user_perms = sa.query(Repo2Perm, Permission, Repository)\

            .join((Repository, Repo2Perm.repository_id == Repository.repo_id))\

            .join((Permission, Repo2Perm.permission_id == Permission.permission_id))\

            .filter(Repo2Perm.user_id == user.user_id).all()

        #overwrite userpermissions with defaults

        for perm in user_perms: