data.update({'g_perm_%s' % p.users_group.users_group_name:

                             p.permission.permission_name})

        return data

    def _revoke_perms_on_yourself(self, form_result):

        _up = filter(lambda u: request.authuser.username == u[0],

                     form_result['perms_updates'])

        _new = filter(lambda u: request.authuser.username == u[0],

                      form_result['perms_new'])

        if _new and _new[0][1] != 'group.admin' or _up and _up[0][1] != 'group.admin':

            return True

        return False

    def index(self, format='html'):

        _list = RepoGroup.query(sorted=True).all()

        group_iter = RepoGroupList(_list, perm_level='admin')

        repo_groups_data = []

        total_records = len(group_iter)

        _tmpl_lookup = app_globals.mako_lookup

        template = _tmpl_lookup.get_template('data_table/_dt_elements.html')

        repo_group_name = lambda repo_group_name, children_groups: (

            template.get_def("repo_group_name")

            .render(repo_group_name, children_groups, _=_, h=h, c=c)

        )

        repo_group_actions = lambda repo_group_id, repo_group_name, gr_count: (

            template.get_def("repo_group_actions")

            .render(repo_group_id, repo_group_name, gr_count, _=_, h=h, c=c,

                    ungettext=ungettext)

        )

        for repo_gr in group_iter:

            children_groups = map(h.safe_unicode,

                itertools.chain((g.name for g in repo_gr.parents),

                                (x.name for x in [repo_gr])))

            repo_count = repo_gr.repositories.count()

            repo_groups_data.append({

                "raw_name": repo_gr.group_name,

                "group_name": repo_group_name(repo_gr.group_name, children_groups),

                "desc": h.escape(repo_gr.group_description),

                "repos": repo_count,

                "owner": h.person(repo_gr.owner),

                "action": repo_group_actions(repo_gr.group_id, repo_gr.group_name,

                                             repo_count)

            })

        c.data = {

            "sort": None,

            "dir": "asc",

            "records": repo_groups_data

        }

        return render('admin/repo_groups/repo_groups.html')

    def create(self):

        self.__load_defaults()

        # permissions for can create group based on parent_id are checked

        # here in the Form

        repo_group_form = RepoGroupForm(repo_groups=c.repo_groups)

        try:

            form_result = repo_group_form.to_python(dict(request.POST))

            gr = RepoGroupModel().create(

                group_name=form_result['group_name'],

                group_description=form_result['group_description'],

                parent=form_result['parent_group_id'],

                owner=request.authuser.user_id, # TODO: make editable

                copy_permissions=form_result['group_copy_permissions']

            )

            Session().commit()

            # TODO: in future action_logger(, '', '', '')

        except formencode.Invalid as errors:

            return htmlfill.render(

                render('admin/repo_groups/repo_group_add.html'),

                defaults=errors.value,

                errors=errors.error_dict or {},

                prefix_error=False,

                encoding="UTF-8",

                force_defaults=False)

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('Error occurred during creation of repository group %s')

                    % request.POST.get('group_name'), category='error')

            parent_group_id = form_result['parent_group_id']

            # TODO: maybe we should get back to the main view, not the admin one

            raise HTTPFound(location=url('repos_groups', parent_group=parent_group_id))

        h.flash(_('Created repository group %s') % gr.group_name,

                category='success')

        raise HTTPFound(location=url('repos_group_home', group_name=gr.group_name))

    def new(self):

        if HasPermissionAny('hg.admin')('group create'):

            # we're global admin, we're ok and we can create TOP level groups

            pass

        else:

        c.group_members = [(x.user_id, x.username) for x in c.group_members_obj]

        c.available_members = sorted(((x.user_id, x.username) for x in

                                      User.query().all()),

                                     key=lambda u: u[1].lower())

    def __load_defaults(self, user_group_id):

        """

        Load defaults settings for edit, and update

        :param user_group_id:

        """

        user_group = UserGroup.get_or_404(user_group_id)

        data = user_group.get_dict()

        return data

    def index(self, format='html'):

        _list = UserGroup.query() \

                        .order_by(func.lower(UserGroup.users_group_name)) \

                        .all()

        group_iter = UserGroupList(_list, perm_level='admin')

        user_groups_data = []

        total_records = len(group_iter)

        _tmpl_lookup = app_globals.mako_lookup

        template = _tmpl_lookup.get_template('data_table/_dt_elements.html')

        user_group_name = lambda user_group_id, user_group_name: (

            template.get_def("user_group_name")

            .render(user_group_id, user_group_name, _=_, h=h, c=c)

        )

        user_group_actions = lambda user_group_id, user_group_name: (

            template.get_def("user_group_actions")

            .render(user_group_id, user_group_name, _=_, h=h, c=c)

        )

        for user_gr in group_iter:

            user_groups_data.append({

                "raw_name": user_gr.users_group_name,

                "group_name": user_group_name(user_gr.users_group_id,

                                              user_gr.users_group_name),

                "desc": h.escape(user_gr.user_group_description),

                "members": len(user_gr.members),

                "active": h.boolicon(user_gr.users_group_active),

                "owner": h.person(user_gr.owner.username),

                "action": user_group_actions(user_gr.users_group_id, user_gr.users_group_name)

            })

        c.data = {

            "sort": None,

            "dir": "asc",

            "records": user_groups_data

        }

        return render('admin/user_groups/user_groups.html')

    @HasPermissionAnyDecorator('hg.admin', 'hg.usergroup.create.true')

    def create(self):

        users_group_form = UserGroupForm()()

        try:

            form_result = users_group_form.to_python(dict(request.POST))

            ug = UserGroupModel().create(name=form_result['users_group_name'],

                                         description=form_result['user_group_description'],

                                         owner=request.authuser.user_id,

                                         active=form_result['users_group_active'])

            gr = form_result['users_group_name']

            action_logger(request.authuser,

                          'admin_created_users_group:%s' % gr,

                          None, request.ip_addr)

            h.flash(h.literal(_('Created user group %s') % h.link_to(h.escape(gr), url('edit_users_group', id=ug.users_group_id))),

                category='success')

            Session().commit()

        except formencode.Invalid as errors:

            return htmlfill.render(

                render('admin/user_groups/user_group_add.html'),

                defaults=errors.value,

                errors=errors.error_dict or {},

                prefix_error=False,

                encoding="UTF-8",

                force_defaults=False)

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('Error occurred during creation of user group %s')

                    % request.POST.get('users_group_name'), category='error')

        raise HTTPFound(location=url('users_groups'))

    @HasPermissionAnyDecorator('hg.admin', 'hg.usergroup.create.true')

    def new(self, format='html'):

        return render('admin/user_groups/user_group_add.html')

    @HasUserGroupPermissionLevelDecorator('admin')

    def update(self, id):

        c.user_group = UserGroup.get_or_404(id)

        c.active = 'settings'

        self.__load_data(id)

class UsersController(BaseController):

    """REST Controller styled on the Atom Publishing Protocol"""

    @LoginRequired()

    @HasPermissionAnyDecorator('hg.admin')

    def _before(self, *args, **kwargs):

        super(UsersController, self)._before(*args, **kwargs)

        c.available_permissions = config['available_permissions']

    def index(self, format='html'):

        c.users_list = User.query().order_by(User.username) \

                        .filter_by(is_default_user=False) \

                        .order_by(func.lower(User.username)) \

                        .all()

        users_data = []

        total_records = len(c.users_list)

        _tmpl_lookup = app_globals.mako_lookup

        template = _tmpl_lookup.get_template('data_table/_dt_elements.html')

        grav_tmpl = '<div class="gravatar">%s</div>'

        username = lambda user_id, username: (

                template.get_def("user_name")

                .render(user_id, username, _=_, h=h, c=c))

        user_actions = lambda user_id, username: (

                template.get_def("user_actions")

                .render(user_id, username, _=_, h=h, c=c))

        for user in c.users_list:

            users_data.append({

                "gravatar": grav_tmpl % h.gravatar(user.email, size=20),

                "raw_name": user.username,

                "username": username(user.user_id, user.username),

                "firstname": h.escape(user.name),

                "lastname": h.escape(user.lastname),

                "last_login": h.fmt_date(user.last_login),

                "last_login_raw": datetime_to_time(user.last_login),

                "active": h.boolicon(user.active),

                "admin": h.boolicon(user.admin),

                "extern_type": user.extern_type,

                "extern_name": user.extern_name,

                "action": user_actions(user.user_id, user.username),

            })

        c.data = {

            "sort": None,

            "dir": "asc",

            "records": users_data

        }

        return render('admin/users/users.html')

    def create(self):

        c.default_extern_type = User.DEFAULT_AUTH_TYPE

        c.default_extern_name = ''

        user_model = UserModel()

        user_form = UserForm()()

        try:

            form_result = user_form.to_python(dict(request.POST))

            user = user_model.create(form_result)

            action_logger(request.authuser, 'admin_created_user:%s' % user.username,

                          None, request.ip_addr)

            h.flash(_('Created user %s') % user.username,

                    category='success')

            Session().commit()

        except formencode.Invalid as errors:

            return htmlfill.render(

                render('admin/users/user_add.html'),

                defaults=errors.value,

                errors=errors.error_dict or {},

                prefix_error=False,

                encoding="UTF-8",

                force_defaults=False)

        except UserCreationError as e:

            h.flash(e, 'error')

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('Error occurred during creation of user %s')

                    % request.POST.get('username'), category='error')

        raise HTTPFound(location=url('edit_user', id=user.user_id))

    def new(self, format='html'):

        c.default_extern_type = User.DEFAULT_AUTH_TYPE

        c.default_extern_name = ''

        return render('admin/users/user_add.html')

    def update(self, id):

        user_model = UserModel()

        user = user_model.get(id)

        _form = UserForm(edit=True, old_data={'user_id': id,

                                              'email': user.email})()

        form_result = {}

        try:

            return _render('revision', repo_name, cs_cache.get('revision'),

                           cs_cache.get('raw_id'), cs_cache.get('author'),

                           cs_cache.get('message'))

        def desc(desc):

            return h.urlify_text(desc, truncate=80, stylize=c.visual.stylify_metatags)

        def state(repo_state):

            return _render("repo_state", repo_state)

        def repo_actions(repo_name):

            return _render('repo_actions', repo_name, super_user_actions)

        def owner_actions(owner_id, username):

            return _render('user_name', owner_id, username)

        repos_data = []

        for repo in repos_list:

            if perm_check:

                # check permission at this level

                if not HasRepoPermissionLevel('read')(repo.repo_name, 'get_repos_as_dict check'):

                    continue

            cs_cache = repo.changeset_cache

            row = {

                "raw_name": repo.repo_name,

                "just_name": repo.just_name,

                "name": repo_lnk(repo.repo_name, repo.repo_type,

                                 repo.repo_state, repo.private, repo.fork),

                "last_change_iso": repo.last_db_change.isoformat(),

                "last_change": last_change(repo.last_db_change),

                "last_changeset": last_rev(repo.repo_name, cs_cache),

                "last_rev_raw": cs_cache.get('revision'),

                "desc": desc(repo.description),

                "owner": h.person(repo.owner),

                "state": state(repo.repo_state),

                "rss": rss_lnk(repo.repo_name),

                "atom": atom_lnk(repo.repo_name),

            }

            if admin:

                row.update({

                    "action": repo_actions(repo.repo_name),

                    "owner": owner_actions(repo.owner_id,

                                           h.person(repo.owner))

                })

            repos_data.append(row)

        return {

            "sort": "name",

            "dir": "asc",

            "records": repos_data

        }

    def _get_defaults(self, repo_name):

        """

        Gets information about repository, and returns a dict for

        usage in forms

        :param repo_name:

        """

        repo_info = Repository.get_by_repo_name(repo_name)

        if repo_info is None:

            return None

        defaults = repo_info.get_dict()

        defaults['repo_name'] = repo_info.just_name

        defaults['repo_group'] = repo_info.group_id

        for strip, k in [(0, 'repo_type'), (1, 'repo_enable_downloads'),

                         (1, 'repo_description'), (1, 'repo_enable_locking'),

                         (1, 'repo_landing_rev'), (0, 'clone_uri'),

                         (1, 'repo_private'), (1, 'repo_enable_statistics')]:

            attr = k

            if strip:

                attr = remove_prefix(k, 'repo_')

            val = defaults[attr]

            if k == 'repo_landing_rev':

                val = ':'.join(defaults[attr])

            defaults[k] = val

            if k == 'clone_uri':

                defaults['clone_uri_hidden'] = repo_info.clone_uri_hidden

        # fill owner

        if repo_info.owner:

            defaults.update({'owner': repo_info.owner.username})

        else:

            replacement_user = User.query().filter(User.admin ==

                                                   True).first().username

            defaults.update({'owner': replacement_user})

        # fill repository users

        for p in repo_info.repo_to_perm:

            defaults.update({'u_perm_%s' % p.user.username:

from kallithea.tests.base import *

from kallithea.tests.fixture import Fixture

from kallithea.model.meta import Session

from kallithea.model.db import Repository

from kallithea.model.repo import RepoModel

from kallithea.model.repo_group import RepoGroupModel

fixture = Fixture()

class TestHomeController(TestController):

    def test_index(self):

        self.log_user()

        response = self.app.get(url(controller='home', action='index'))

        # if global permission is set

        response.mustcontain('Add Repository')

        response.mustcontain('<span class="repotag">git')

        # html in javascript variable:

        response.mustcontain(r'href=\"/%s\"' % HG_REPO)

        response.mustcontain(r'\x3ci class=\"icon-globe\"')

        response.mustcontain(r'\"fixes issue with having custom format for git-log\n\"')

        response.mustcontain(r'\"/%s/changeset/5f2c6ee195929b0be80749243c18121c9864a3b3\"' % GIT_REPO)

        response.mustcontain(r'\"disable security checks on hg clone for travis\"')

        response.mustcontain(r'\"/%s/changeset/96507bd11ecc815ebc6270fdf6db110928c09c1e\"' % HG_REPO)

    def test_repo_summary_with_anonymous_access_disabled(self):

        with fixture.anon_access(False):

            response = self.app.get(url(controller='summary',

                                        action='index', repo_name=HG_REPO),

                                        status=302)

            assert 'login' in response.location

    def test_index_with_anonymous_access_disabled(self):

        with fixture.anon_access(False):

            response = self.app.get(url(controller='home', action='index'),

                                    status=302)

            assert 'login' in response.location

    def test_index_page_on_groups(self):

        self.log_user()

        gr = fixture.create_repo_group(u'gr1')

        fixture.create_repo(name=u'gr1/repo_in_group', repo_group=gr)

        response = self.app.get(url('repos_group_home', group_name=u'gr1'))

        try:

            response.mustcontain(u"gr1/repo_in_group")

        finally:

            RepoModel().delete(u'gr1/repo_in_group')

            RepoGroupModel().delete(repo_group=u'gr1', force_delete=True)

            Session().commit()

# -*- coding: utf-8 -*-

from kallithea.model.db import User, UserFollowing, Repository, UserApiKeys

from kallithea.tests.base import *

from kallithea.tests.fixture import Fixture

from kallithea.lib import helpers as h

from kallithea.model.user import UserModel

from kallithea.model.meta import Session

from tg.util.webtest import test_context

fixture = Fixture()

class TestMyAccountController(TestController):

    test_user_1 = 'testme'

    @classmethod

    def teardown_class(cls):

        if User.get_by_username(cls.test_user_1):

            UserModel().delete(cls.test_user_1)

            Session().commit()

    def test_my_account(self):

        self.log_user()

        response = self.app.get(url('my_account'))

        response.mustcontain('value="%s' % TEST_USER_ADMIN_LOGIN)

    def test_my_account_my_repos(self):

        self.log_user()

        response = self.app.get(url('my_account_repos'))

        cnt = Repository.query().filter(Repository.owner ==

                           User.get_by_username(TEST_USER_ADMIN_LOGIN)).count()

    def test_my_account_my_watched(self):

        self.log_user()

        response = self.app.get(url('my_account_watched'))

        cnt = UserFollowing.query().filter(UserFollowing.user ==

                            User.get_by_username(TEST_USER_ADMIN_LOGIN)).count()

    def test_my_account_my_emails(self):

        self.log_user()

        response = self.app.get(url('my_account_emails'))

        response.mustcontain('No additional emails specified')

    def test_my_account_my_emails_add_existing_email(self):

        self.log_user()

        response = self.app.get(url('my_account_emails'))

        response.mustcontain('No additional emails specified')

        response = self.app.post(url('my_account_emails'),

                                 {'new_email': TEST_USER_REGULAR_EMAIL, '_authentication_token': self.authentication_token()})

        self.checkSessionFlash(response, 'This email address is already in use')

    def test_my_account_my_emails_add_missing_email_in_form(self):

        self.log_user()

        response = self.app.get(url('my_account_emails'))

        response.mustcontain('No additional emails specified')

        response = self.app.post(url('my_account_emails'),

            {'_authentication_token': self.authentication_token()})

        self.checkSessionFlash(response, 'Please enter an email address')

    def test_my_account_my_emails_add_remove(self):

        self.log_user()

        response = self.app.get(url('my_account_emails'))

        response.mustcontain('No additional emails specified')

        response = self.app.post(url('my_account_emails'),

                                 {'new_email': 'barz@example.com', '_authentication_token': self.authentication_token()})

        response = self.app.get(url('my_account_emails'))

        from kallithea.model.db import UserEmailMap

        email_id = UserEmailMap.query() \

            .filter(UserEmailMap.user == User.get_by_username(TEST_USER_ADMIN_LOGIN)) \

            .filter(UserEmailMap.email == 'barz@example.com').one().email_id

        response.mustcontain('barz@example.com')

        response.mustcontain('<input id="del_email_id" name="del_email_id" type="hidden" value="%s" />' % email_id)

        response = self.app.post(url('my_account_emails_delete'),

                                 {'del_email_id': email_id, '_authentication_token': self.authentication_token()})

        self.checkSessionFlash(response, 'Removed email from user')

        response = self.app.get(url('my_account_emails'))

        response.mustcontain('No additional emails specified')

    @parametrize('name,attrs',

from kallithea.tests.base import *

class TestRepoGroupsController(TestController):

    def test_index(self):

        self.log_user()

        response = self.app.get(url('repos_groups'))

    def test_new(self):

        self.log_user()

        response = self.app.get(url('new_repos_group'))

    def test_create(self):

        self.log_user()

        group_name = 'foo'

        # creation with form error

        response = self.app.post(url('repos_groups'),

                                         {'group_name': group_name,

                                          '_authentication_token': self.authentication_token()})

        response.mustcontain('name="group_name" type="text" value="%s"' % group_name)

        response.mustcontain('<!-- for: group_description -->')

        # creation

        response = self.app.post(url('repos_groups'),

                                         {'group_name': group_name,

                                         'group_description': 'lala',

                                         'parent_group_id': '-1',

                                         'group_copy_permissions': 'True',

                                          '_authentication_token': self.authentication_token()})

        self.checkSessionFlash(response, 'Created repository group %s' % group_name)

        # edit form

        response = self.app.get(url('edit_repo_group', group_name=group_name))

        response.mustcontain('>lala<')

        # edit with form error

        response = self.app.post(url('update_repos_group', group_name=group_name),

                                         {'group_name': group_name,

                                          '_authentication_token': self.authentication_token()})

        response.mustcontain('name="group_name" type="text" value="%s"' % group_name)

        response.mustcontain('<!-- for: group_description -->')

        # edit

        response = self.app.post(url('update_repos_group', group_name=group_name),

                                         {'group_name': group_name,

                                         'group_description': 'lolo',

                                          '_authentication_token': self.authentication_token()})

        self.checkSessionFlash(response, 'Updated repository group %s' % group_name)

        response = response.follow()

        response.mustcontain('name="group_name" type="text" value="%s"' % group_name)

        response.mustcontain(no='<!-- for: group_description -->')

        response.mustcontain('>lolo<')

        # listing

        response = self.app.get(url('repos_groups'))

        response.mustcontain('raw_name": "%s"' % group_name)

        # show

        response = self.app.get(url('repos_group', group_name=group_name))

        response.mustcontain('href="/_admin/repo_groups/%s/edit"' % group_name)

        # show ignores extra trailing slashes in the URL

        response = self.app.get(url('repos_group', group_name='%s//' % group_name))

        response.mustcontain('href="/_admin/repo_groups/%s/edit"' % group_name)

        # delete

        response = self.app.post(url('delete_repo_group', group_name=group_name),

                                 {'_authentication_token': self.authentication_token()})

        self.checkSessionFlash(response, 'Removed repository group %s' % group_name)

    def test_new_by_regular_user(self):

        self.log_user(TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS)

        response = self.app.get(url('new_repos_group'), status=403)