c.current_filter = 'all'

        if _current_filter == [c.pull_request_type]:

            c.current_filter = 'pull_request'

        elif _current_filter == c.comment_type:

            c.current_filter = 'comment'

        return render('admin/notifications/notifications.html')

    def mark_all_read(self):

        if request.environ.get('HTTP_X_PARTIAL_XHR'):

            nm = NotificationModel()

            # mark all read

            nm.mark_all_read_for_user(self.authuser.user_id,

                                      filter_=request.GET.getall('type'))

            Session().commit()

            c.user = self.authuser

            notif = nm.query_for_user(self.authuser.user_id,

                                      filter_=request.GET.getall('type'))

            c.notifications = Page(notif, page=1, items_per_page=10)

            return render('admin/notifications/notifications_data.html')

    def update(self, notification_id):

        try:

            no = Notification.get(notification_id)

                        for un in no.notifications_to_users)

            if h.HasPermissionAny('hg.admin')() or owner:

                # deletes only notification2user

                NotificationModel().mark_read(c.authuser.user_id, no)

                Session().commit()

                return 'ok'

        except Exception:

            Session().rollback()

            log.error(traceback.format_exc())

        raise HTTPBadRequest()

    def delete(self, notification_id):

        try:

            no = Notification.get(notification_id)

                        for un in no.notifications_to_users)

            if h.HasPermissionAny('hg.admin')() or owner:

                # deletes only notification2user

                NotificationModel().delete(c.authuser.user_id, no)

                Session().commit()

                return 'ok'

        except Exception:

            Session().rollback()

            log.error(traceback.format_exc())

        raise HTTPBadRequest()

    def show(self, notification_id, format='html'):

        notification = Notification.get_or_404(notification_id)

        unotification = NotificationModel() \

            .get_user_notification(self.authuser.user_id, notification)

        # if this association to user is not valid, we don't want to show

        # this message

        if unotification is None:

            raise HTTPForbidden()

        if not unotification.read:

            unotification.mark_as_read()

            Session().delete(field)

            Session().commit()

        except Exception as e:

            log.error(traceback.format_exc())

            msg = _('An error occurred during removal of field')

            h.flash(msg, category='error')

        raise HTTPFound(location=url('edit_repo_fields', repo_name=repo_name))

    @HasRepoPermissionAnyDecorator('repository.admin')

    def edit_advanced(self, repo_name):

        c.repo_info = self._load_repo()

        c.default_user_id = User.get_default_user().user_id

        c.in_public_journal = UserFollowing.query() \

            .filter(UserFollowing.user_id == c.default_user_id) \

            .filter(UserFollowing.follows_repository == c.repo_info).scalar()

        _repos = Repository.query(sorted=True).all()

        read_access_repos = RepoList(_repos)

        c.repos_list = [(None, _('-- Not a fork --'))]

        c.repos_list += [(x.repo_id, x.repo_name)

                         for x in read_access_repos

                         if x.repo_id != c.repo_info.repo_id]

        defaults = {

        }

        c.active = 'advanced'

        if request.POST:

            raise HTTPFound(location=url('repo_edit_advanced'))

        return htmlfill.render(

            render('admin/repos/repo_edit.html'),

            defaults=defaults,

            encoding="UTF-8",

            force_defaults=False)

    @HasRepoPermissionAnyDecorator('repository.admin')

    def edit_advanced_journal(self, repo_name):

        """

        Sets this repository to be visible in public journal,

        in other words asking default user to follow this repo

        :param repo_name:

        """

        try:

            repo_id = Repository.get_by_repo_name(repo_name).repo_id

            user_id = User.get_default_user().user_id

            self.scm_model.toggle_following_repo(repo_id, user_id)

                      'user_commented_revision:%s' % revision,

                      c.db_repo, self.ip_addr, self.sa)

        Session().commit()

        data = {

           'target_id': h.safeid(h.safe_unicode(request.POST.get('f_path'))),

        }

        if c.comment is not None:

            data.update(c.comment.get_dict())

            data.update({'rendered_text':

                         render('changeset/changeset_comment_block.html')})

        return data

    @LoginRequired()

    @NotAnonymous()

    @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',

                                   'repository.admin')

    @jsonify

    def delete_comment(self, repo_name, comment_id):

        co = ChangesetComment.get_or_404(comment_id)

        if co.repo.repo_name != repo_name:

            raise HTTPNotFound()

        repo_admin = h.HasRepoPermissionAny('repository.admin')(repo_name)

        if h.HasPermissionAny('hg.admin')() or repo_admin or owner:

            ChangesetCommentsModel().delete(comment=co)

            Session().commit()

            return True

        else:

            raise HTTPForbidden()

    @LoginRequired()

    @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',

                                   'repository.admin')

    @jsonify

    def changeset_info(self, repo_name, revision):

        if request.is_xhr:

            try:

                return c.db_repo_scm_instance.get_changeset(revision)

            except ChangesetDoesNotExistError as e:

                return EmptyChangeset(message=str(e))

        else:

            raise HTTPBadRequest()

    @LoginRequired()

    @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',

                                   'repository.admin')

class JournalController(BaseController):

    def __before__(self):

        super(JournalController, self).__before__()

        self.language = 'en-us'

        self.ttl = "5"

        self.feed_nr = 20

        c.search_term = request.GET.get('filter')

    def _get_daily_aggregate(self, journal):

        groups = []

        for k, g in groupby(journal, lambda x: x.action_as_day):

            user_group = []

            #groupby username if it's a present value, else fallback to journal username

            for _unused, g2 in groupby(list(g), lambda x: x.user.username if x.user else x.username):

                l = list(g2)

                user_group.append((l[0].user, l))

            groups.append((k, user_group,))

        return groups

    def _get_journal_data(self, following_repos):

        filtering_criterion = None

        if repo_ids and user_ids:

            filtering_criterion = or_(UserLog.repository_id.in_(repo_ids),

                        UserLog.user_id.in_(user_ids))

        if repo_ids and not user_ids:

            filtering_criterion = UserLog.repository_id.in_(repo_ids)

        if not repo_ids and user_ids:

            filtering_criterion = UserLog.user_id.in_(user_ids)

        if filtering_criterion is not None:

            journal = self.sa.query(UserLog) \

                .options(joinedload(UserLog.user)) \

                .options(joinedload(UserLog.repository))

            #filter

            journal = _journal_filter(journal, c.search_term)

            journal = journal.filter(filtering_criterion) \

                        .order_by(UserLog.action_date.desc())

        else:

            journal = []

        return journal

    def _atom_feed(self, repos, public=True):

        # using a mail-like separator, insert new iteration info in description with latest first

        descriptions = description.replace('\r\n', '\n').split('\n-- \n', 1)

        description = descriptions[0].strip() + '\n\n-- \n' + '\n'.join(infos)

        if len(descriptions) > 1:

            description += '\n\n' + descriptions[1].strip()

        try:

            pull_request = PullRequestModel().create(

                self.authuser.user_id,

                old_pull_request.org_repo.repo_name, new_org_ref,

                old_pull_request.other_repo.repo_name, new_other_ref,

                revisions, reviewers_ids, title, description

            )

        except UserInvalidException as u:

            h.flash(_('Invalid reviewer "%s" specified') % u, category='error')

            raise HTTPBadRequest()

        except Exception:

            h.flash(_('Error occurred while creating pull request'),

                    category='error')

            log.error(traceback.format_exc())

            raise HTTPFound(location=old_pull_request.url())

        ChangesetCommentsModel().create(

            text=_('Closed, next iteration: %s .') % pull_request.url(canonical=True),

            author=c.authuser.user_id,

            pull_request=old_pull_request.pull_request_id,

            closing_pr=True)

        PullRequestModel().close_pull_request(old_pull_request.pull_request_id)

        Session().commit()

        h.flash(_('New pull request iteration created'),

                category='success')

        raise HTTPFound(location=pull_request.url())

    # pullrequest_post for PR editing

    @LoginRequired()

    @NotAnonymous()

    @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',

                                   'repository.admin')

    def post(self, repo_name, pull_request_id):

        pull_request = PullRequest.get_or_404(pull_request_id)

        if pull_request.is_closed():

            raise HTTPForbidden()

        assert pull_request.other_repo.repo_name == repo_name

        #only owner or admin can update it

        owner = pull_request.owner_id == c.authuser.user_id

        repo_admin = h.HasRepoPermissionAny('repository.admin')(c.repo_name)

        pull_request.title = _form['pullrequest_title']

        pull_request.description = _form['pullrequest_desc'].strip() or _('No description')

        pull_request.owner = User.get_by_username(_form['owner'])

        user = User.get(c.authuser.user_id)

        try:

            PullRequestModel().mention_from_description(user, pull_request, old_description)

            PullRequestModel().update_reviewers(user, pull_request_id, reviewers_ids)

        except UserInvalidException as u:

            h.flash(_('Invalid reviewer "%s" specified') % u, category='error')

            raise HTTPBadRequest()

        Session().commit()

        h.flash(_('Pull request updated'), category='success')

        raise HTTPFound(location=pull_request.url())

    @LoginRequired()

    @NotAnonymous()

    @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',

                                   'repository.admin')

    @jsonify

    def delete(self, repo_name, pull_request_id):

        pull_request = PullRequest.get_or_404(pull_request_id)

        #only owner can delete it !

            PullRequestModel().delete(pull_request)

            Session().commit()

            h.flash(_('Successfully deleted pull request'),

                    category='success')

            raise HTTPFound(location=url('my_pullrequests'))

        raise HTTPForbidden()

    @LoginRequired()

    @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',

                                   'repository.admin')

    def show(self, repo_name, pull_request_id, extra=None):

        repo_model = RepoModel()

        c.users_array = repo_model.get_users_js()

        c.user_groups_array = repo_model.get_user_groups_js()

        c.pull_request = PullRequest.get_or_404(pull_request_id)

        c.allowed_to_change_status = self._get_is_allowed_change_status(c.pull_request)

        cc_model = ChangesetCommentsModel()

        cs_model = ChangesetStatusModel()

        # pull_requests repo_name we opened it against

        # ie. other_repo must match

        if repo_name != c.pull_request.other_repo.repo_name:

            raise HTTPNotFound

    @NotAnonymous()

    @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',

                                   'repository.admin')

    @jsonify

    def comment(self, repo_name, pull_request_id):

        pull_request = PullRequest.get_or_404(pull_request_id)

        status = request.POST.get('changeset_status')

        close_pr = request.POST.get('save_close')

        delete = request.POST.get('save_delete')

        f_path = request.POST.get('f_path')

        line_no = request.POST.get('line')

        if (status or close_pr or delete) and (f_path or line_no):

            # status votes and closing is only possible in general comments

            raise HTTPBadRequest()

        allowed_to_change_status = self._get_is_allowed_change_status(pull_request)

        if not allowed_to_change_status:

            if status or close_pr:

                h.flash(_('No permission to change pull request status'), 'error')

                raise HTTPForbidden()

        if delete == "delete":

                h.HasPermissionAny('hg.admin')() or

                h.HasRepoPermissionAny('repository.admin')(pull_request.org_repo.repo_name) or

                h.HasRepoPermissionAny('repository.admin')(pull_request.other_repo.repo_name)

                ) and not pull_request.is_closed():

                PullRequestModel().delete(pull_request)

                Session().commit()

                h.flash(_('Successfully deleted pull request %s') % pull_request_id,

                        category='success')

                return {

                   'location': url('my_pullrequests'), # or repo pr list?

                }

                raise HTTPFound(location=url('my_pullrequests')) # or repo pr list?

            raise HTTPForbidden()

        text = request.POST.get('text', '').strip()

        comment = create_comment(

            text,

            status,

            pull_request_id=pull_request_id,

            f_path=f_path,

            line_no=line_no,

            closing_pr=close_pr,

        )

            raise HTTPFound(location=pull_request.url())

        data = {

           'target_id': h.safeid(h.safe_unicode(request.POST.get('f_path'))),

        }

        if comment is not None:

            c.comment = comment

            data.update(comment.get_dict())

            data.update({'rendered_text':

                         render('changeset/changeset_comment_block.html')})

        return data

    @LoginRequired()

    @NotAnonymous()

    @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',

                                   'repository.admin')

    @jsonify

    def delete_comment(self, repo_name, comment_id):

        co = ChangesetComment.get(comment_id)

        if co.pull_request.is_closed():

            #don't allow deleting comments on closed pull request

            raise HTTPForbidden()

        repo_admin = h.HasRepoPermissionAny('repository.admin')(c.repo_name)

        if h.HasPermissionAny('hg.admin')() or repo_admin or owner:

            ChangesetCommentsModel().delete(comment=co)

            Session().commit()

            return True

        else:

            raise HTTPForbidden()

            if u.user_id == user.user_id:

                # user already in the group, skip

                return True

        try:

            user_group_member = UserGroupMember()

            user_group_member.user = user

            user_group_member.users_group = user_group

            user_group.members.append(user_group_member)

            user.group_member.append(user_group_member)

            self.sa.add(user_group_member)

            return user_group_member

        except Exception:

            log.error(traceback.format_exc())

            raise

    def remove_user_from_group(self, user_group, user):

        user_group = self._get_user_group(user_group)

        user = self._get_user(user)

        user_group_member = None

        for m in user_group.members:

                # Found this user's membership row

                user_group_member = m

                break

        if user_group_member:

            try:

                self.sa.delete(user_group_member)

                return True

            except Exception:

                log.error(traceback.format_exc())

                raise

        else:

            # User isn't in that group

            return False

    def has_perm(self, user_group, perm):

        user_group = self._get_user_group(user_group)

        perm = self._get_perm(perm)

        return UserGroupToPerm.query() \

            .filter(UserGroupToPerm.users_group == user_group) \

            .filter(UserGroupToPerm.permission == perm).scalar() is not None

    def grant_perm(self, user_group, perm):

## <%namespace name="comment" file="/changeset/changeset_file_comment.html"/>

## ${comment.comment_block(co)}

##

<%def name="comment_block(co)">

  <div class="comment" id="comment-${co.comment_id}" line="${co.line_no}">

    <div class="comment-prev-next-links"></div>

    <div class="comment-wrapp">

      <div class="meta">

          ${h.gravatar_div(co.author.email, size=20, div_style="float:left")}

          <div class="user">

              ${co.author.full_name_and_username}

          </div>

          <span>

              ${h.age(co.modified_at)}

              %if co.pull_request:

                ${_('on pull request')}

                <a href="${co.pull_request.url()}">"${co.pull_request.title or _("No title")}"</a>

              %else:

                ${_('on this changeset')}

              %endif

              <a class="permalink" href="${co.url()}">&para;</a>

          </span>

            %if co.deletable():

              <div onClick="confirm('${_("Delete comment?")}') && deleteComment(${co.comment_id})" class="buttons delete-comment btn btn-mini" style="margin:0 5px">${_('Delete')}</div>

            %endif

          %endif

      </div>

      <div class="text">

        %if co.status_change:

           <div class="automatic-comment">

             <p>

               <span title="${_('Changeset status')}" class="changeset-status-lbl">${_("Status change")}: ${co.status_change[0].status_lbl}</span>

               <span class="changeset-status-ico"><i class="icon-circle changeset-status-${co.status_change[0].status}"></i></span>

             </p>

           </div>

        %endif

        %if co.text:

          ${h.render_w_mentions(co.text, c.repo_name)|n}

        %endif

      </div>

    </div>

  </div>

</%def>

<%def name="comment_inline_form()">

        <div class="mentions-container"></div>

        <textarea name="text" class="comment-block-ta yui-ac-input"></textarea>

        <div id="status_block_container" class="status-block general-only hidden">

                %if c.pull_request is None:

                  ${_('Set changeset status')}:

                %else:

                  ${_('Vote for pull request status')}:

                %endif

                <span class="general-only cs-only">

                </span>

                <input type="radio" class="status_change_radio" name="changeset_status" id="changeset_status_unchanged" value="" checked="checked" />

                <label for="changeset_status_unchanged">

                  ${_('No change')}

                </label>

                %for status, lbl in c.changeset_statuses:

                    <label>

                      <input type="radio" class="status_change_radio" name="changeset_status" id="${status}" value="${status}">

                      ${lbl}<i class="icon-circle changeset-status-${status}" /></i>

                    </label>

                %endfor

                %if c.pull_request is not None and ( \

                    h.HasPermissionAny('hg.admin')() or h.HasRepoPermissionAny('repository.admin')(c.repo_name) \

                <div>

                  ${_('Finish pull request')}:

                  <label>

                    <input id="save_close" type="checkbox" name="save_close">

                    ${_("Close")}

                  </label>

                  <label>

                    <input id="save_delete" type="checkbox" name="save_delete" value="delete">

                    ${_("Delete")}

                  </label>

                </div>

                %endif

        </div>

      </div>

      <div class="comment-button">

        <div class="submitting-overlay">${_('Submitting ...')}</div>

        ${h.submit('save', _('Comment'), class_='btn btn-small save-inline-form')}

        ${h.reset('hide-inline-form', _('Cancel'), class_='btn btn-small hide-inline-form')}

      </div>

    ${h.end_form()}

  %else:

      ${h.form('')}

      <div class="clearfix">

        %endif

        </a>

      </td>

      <td>

        ${pr.owner.full_name_and_username}

      </td>

      <td>

        <span class="tooltip" title="${h.fmt_date(pr.created_on)}">

          ${h.age(pr.created_on)}

        </span>

      </td>

      <td>

        <% org_ref_name=pr.org_ref.rsplit(':', 2)[-2] %>

        <a href="${h.url('summary_home', repo_name=pr.org_repo.repo_name, anchor=org_ref_name)}">

          ${pr.org_repo.repo_name}#${org_ref_name}

        </a>

      </td>

      <td>

        <% other_ref_name=pr.other_ref.rsplit(':', 2)[-2] %>

        <a href="${h.url('summary_home', repo_name=pr.other_repo.repo_name, anchor=other_ref_name)}">

          ${pr.other_repo.repo_name}#${other_ref_name}

        </a>

      </td>

      <td style="text-align:right">

          ${h.form(url('pullrequest_delete', repo_name=pr.other_repo.repo_name, pull_request_id=pr.pull_request_id), style="display:inline-block")}

          <button class="action_button"

                  id="remove_${pr.pull_request_id}"

                  name="remove_${pr.pull_request_id}"

                  title="${_('Delete Pull Request')}"

                  onclick="return confirm('${_('Confirm to delete this pull request')}')

                      && ((${len(pr.comments)} == 0) ||

                          confirm('${_('Confirm again to delete this pull request with %s comments') % len(pr.comments)}'))

                      ">

            <i class="icon-minus-circled"></i>

          </button>

          ${h.end_form()}

        %endif

      </td>

    </tr>

% endfor

  </table>

</div>

%if hasattr(pullrequests, 'pager'):

<div class="notification-paginator">

  <div class="pagination-wh pagination-left">

  ${pullrequests.pager('$link_previous ~2~ $link_next', **request.GET.mixed())}

  </div>

<%inherit file="/base/base.html"/>

<%namespace name="comment" file="/changeset/changeset_file_comment.html"/>

<%block name="title">

    ${_('%s Pull Request %s') % (c.repo_name, c.pull_request.nice_id())}

</%block>

<%def name="breadcrumbs_links()">

    ${_('Pull request %s from %s#%s') % (c.pull_request.nice_id(), c.pull_request.org_repo.repo_name, c.cs_branch_name)}

</%def>

<%block name="header_menu">

    ${self.menu('repositories')}

</%block>

<%def name="main()">

${self.repo_context_bar('showpullrequest')}

<div class="box">

  <!-- box / title -->

  <div class="title">

    ${self.breadcrumbs()}

  </div>

  ${h.form(url('pullrequest_post', repo_name=c.repo_name, pull_request_id=c.pull_request.pull_request_id), method='post', id='pull_request_form')}

    <div class="form pr-box" style="float: left">

      <div class="pr-details-title ${'closed' if c.pull_request.is_closed() else ''}">

          ${_('Title')}: ${c.pull_request.title}

          %if c.pull_request.is_closed():

              (${_('Closed')})

          %endif

      </div>

      <div id="pr-summary" class="fields">

        <div class="field pr-not-edit" style="min-height:37px">

          <div class="label-summary">

            <label>${_('Description')}:</label>

            %if editable:

            <div style="margin: 5px">

              <a class="btn btn-small" onclick="$('.pr-do-edit').show();$('.pr-not-edit').hide()">${_("Edit")}</a>

            </div>

        def send_email(recipients, subject, body='', html_body='', headers=None, author=None):

            assert recipients == ['u2@example.com']

            assert subject == 'Test Message'

            assert body == u"hi there"

            assert '>hi there<' in html_body

            assert author.username == 'u1'

        with mock.patch.object(kallithea.lib.celerylib.tasks, 'send_email', send_email):

            notification = NotificationModel().create(created_by=self.u1,

                                               subject=u'subj', body=u'hi there',

                                               recipients=usrs)

        Session().commit()

        u1 = User.get(self.u1)

        u2 = User.get(self.u2)

        u3 = User.get(self.u3)

        notifications = Notification.query().all()

        assert len(notifications) == 1

        assert notifications[0].recipients == [u1, u2]

        assert notification.notification_id == notifications[0].notification_id

        unotification = UserNotification.query() \

            .filter(UserNotification.notification == notification).all()

        assert len(unotification) == len(usrs)

    def test_user_notifications(self):

        notification1 = NotificationModel().create(created_by=self.u1,

                                            subject=u'subj', body=u'hi there1',

                                            recipients=[self.u3])

        Session().commit()

        notification2 = NotificationModel().create(created_by=self.u1,

                                            subject=u'subj', body=u'hi there2',

                                            recipients=[self.u3])

        Session().commit()

        u3 = Session().query(User).get(self.u3)

        assert sorted([x.notification for x in u3.notifications]) == sorted([notification2, notification1])

    def test_delete_notifications(self):

        notification = NotificationModel().create(created_by=self.u1,

                                           subject=u'title', body=u'hi there3',

                                    recipients=[self.u3, self.u1, self.u2])

        Session().commit()

        notifications = Notification.query().all()

        assert notification in notifications

        Notification.delete(notification.notification_id)

        Session().commit()