id : <id_given_in_input>

    result: {

              "msg": "created new users group `<groupname>`",

              "users_group": {

                     "users_group_id" : "<id>",

                     "group_name" :     "<groupname>",

                     "active":          "<bool>",

               },

            }

    error:  null

add_user_to_users_group

-----------------------

Adds a user to a users group. If user exists in that group success will be 

`false`. This command can be executed only using api_key

belonging to user with admin rights

INPUT::

    id : <id_for_response>

    api_key : "<api_key>"

    method :  "add_user_users_group"

    args:     {

                "usersgroupid" : "<users group id or name>",

                "userid" : "<user_id or username>",

              }

OUTPUT::

    id : <id_given_in_input>

    result: {

              "success": True|False # depends on if member is in group

              "msg": "added member `<username>` to users group `<groupname>` | 

                      User is already in that group"

            }

    error:  null

remove_user_from_users_group

----------------------------

Removes a user from a users group. If user is not in given group success will

be `false`. This command can be executed only 

using api_key belonging to user with admin rights

INPUT::

    id : <id_for_response>

    api_key : "<api_key>"

    method :  "remove_user_from_users_group"

    args:     {

                "usersgroupid" : "<users group id or name>",

                "userid" : "<user_id or username>",

              }

OUTPUT::

    id : <id_given_in_input>

    result: {

              "success":  True|False,  # depends on if member is in group

              "msg": "removed member <username> from users group <groupname> | 

                      User wasn't in group"

            }

    error:  null

get_repo

--------

Gets an existing repository by it's name or repository_id. Members will return

either users_group or user associated to that repository. This command can 

be executed only using api_key belonging to user with admin rights.

INPUT::

    id : <id_for_response>

    api_key : "<api_key>"

    method :  "get_repo"

    args:     {

                "repoid" : "<reponame or repo_id>"

              }

OUTPUT::

    id : <id_given_in_input>

    result: None if repository does not exist or

            {

                "repo_id" :     "<repo_id>",

                "repo_name" :   "<reponame>"

                "repo_type" :   "<repo_type>",

                "clone_uri" :   "<clone_uri>",

                "created_on" :  "<datetimecreated>",                

                "description" : "<description>",

                "landing_rev":  "<landing_rev>",

                "owner":        "<repo_owner>",

                "fork_of":  "<name_of_fork_parent>",

                "members" :     [

                                  { 

                                    "type": "user",

                                    "user_id" :  "<user_id>",

                                    "username" : "<username>",

                                    "firstname": "<firstname>",

                                    "lastname" : "<lastname>",

                                    "email" :    "<email>",

                                    "emails":    "<list_of_all_additional_emails>",

                                    "active" :   "<bool>",

                                    "admin" :    "<bool>",

                                    "ldap_dn" :  "<ldap_dn>",

                                    "last_login": "<last_login>",

                                    "permission" : "repository.(read|write|admin)"

                                  },

                                  …

                                  { 

                                    "type": "users_group",

                                    "id" :       "<usersgroupid>",

                                    "name" :     "<usersgroupname>",

                                    "active":    "<bool>",

                                    "permission" : "repository.(read|write|admin)"

                                  },

                                  …

                                ]

            }

    error:  null

get_repos

---------

Lists all existing repositories. This command can be executed only using api_key

belonging to user with admin rights

INPUT::

    id : <id_for_response>

    api_key : "<api_key>"

    method :  "get_repos"

    args:     { }

OUTPUT::

    id : <id_given_in_input>

    result: [

              {

                "repo_id" :     "<repo_id>",

                "repo_name" :   "<reponame>"

                "repo_type" :   "<repo_type>",

                "clone_uri" :   "<clone_uri>",

                "private": :    "<bool>",

                "created_on" :  "<datetimecreated>",                

                "description" : "<description>",

                "landing_rev":  "<landing_rev>",

                "owner":        "<repo_owner>",

                "fork_of":  "<name_of_fork_parent>",

              },

              …

            ]

    error:  null

get_repo_nodes

--------------

returns a list of nodes and it's children in a flat list for a given path 

at given revision. It's possible to specify ret_type to show only `files` or 

`dirs`. This command can be executed only using api_key belonging to user 

with admin rights

INPUT::

    id : <id_for_response>

    api_key : "<api_key>"

    method :  "get_repo_nodes"

    args:     {

                "repoid" : "<reponame or repo_id>"

                "revision"  : "<revision>",

                "root_path" : "<root_path>",

                "ret_type"  : "<ret_type> = Optional('all')"

              }

OUTPUT::

    id : <id_given_in_input>

    result: [

              {

                "name" :        "<name>"

                "type" :        "<type>",

              },

              …

            ]

    error:  null

create_repo

-----------

Creates a repository. This command can be executed only using api_key

belonging to user with admin rights.

If repository name contains "/", all needed repository groups will be created.

For example "foo/bar/baz" will create groups "foo", "bar" (with "foo" as parent),

and create "baz" repository with "bar" as group.

INPUT::

    id : <id_for_response>

    api_key : "<api_key>"

    method :  "create_repo"

    args:     {

                "repo_name" :   "<reponame>",

                "owner" :       "<onwer_name_or_id>",

                "description" : "<description> = Optional('')",

                "private" :     "<bool> = Optional(False)",

                "clone_uri" :   "<clone_uri> = Optional(None)",

                "landing_rev" : "<landing_rev> = Optional('tip')",

              }

OUTPUT::

    id : <id_given_in_input>

    result: {

              "msg": "Created new repository `<reponame>`",

              "repo": {

                "repo_id" :     "<repo_id>",

                "repo_name" :   "<reponame>"

                "repo_type" :   "<repo_type>",

                "clone_uri" :   "<clone_uri>",

                "private": :    "<bool>",

                "created_on" :  "<datetimecreated>",                

                "description" : "<description>",

                "landing_rev":  "<landing_rev>",

                "owner":        "<repo_owner>",

                "fork_of":  "<name_of_fork_parent>",

              },

            }

    error:  null

delete_repo

-----------

Deletes a repository. This command can be executed only using api_key

belonging to user with admin rights.

INPUT::

    id : <id_for_response>

    api_key : "<api_key>"

    method :  "delete_repo"

    args:     {

                "repoid" : "<reponame or repo_id>"

              }

OUTPUT::

    id : <id_given_in_input>

    result: {

              "msg": "Deleted repository `<reponame>`",

              "success": true

            }

    error:  null

grant_user_permission

---------------------

Grant permission for user on given repository, or update existing one

if found. This command can be executed only using api_key belonging to user 

with admin rights.

INPUT::

    id : <id_for_response>

    api_key : "<api_key>"

    method :  "grant_user_permission"

    args:     {

                "repoid" : "<reponame or repo_id>"

                "userid" : "<username or user_id>"

                "perm" :       "(repository.(none|read|write|admin))",

              }

OUTPUT::

    id : <id_given_in_input>

    result: {

              "msg" : "Granted perm: `<perm>` for user: `<username>` in repo: `<reponame>`",

              "success": true

            }

    error:  null

revoke_user_permission

----------------------

Revoke permission for user on given repository. This command can be executed 

only using api_key belonging to user with admin rights.

INPUT::

    id : <id_for_response>

    api_key : "<api_key>"

    method  : "revoke_user_permission"

    args:     {

                "repoid" : "<reponame or repo_id>"

                "userid" : "<username or user_id>"

              }

OUTPUT::

    id : <id_given_in_input>

    result: {

              "msg" : "Revoked perm for user: `<username>` in repo: `<reponame>`",

              "success": true

            }

    error:  null

grant_users_group_permission

----------------------------

Grant permission for users group on given repository, or update

existing one if found. This command can be executed only using 

api_key belonging to user with admin rights.

INPUT::

# -*- coding: utf-8 -*-

"""

    rhodecode.controllers.api

    ~~~~~~~~~~~~~~~~~~~~~~~~~

    API controller for RhodeCode

    :created_on: Aug 20, 2011

    :author: marcink

    :copyright: (C) 2011-2012 Marcin Kuzminski <marcin@python-works.com>

    :license: GPLv3, see COPYING for more details.

"""

# This program is free software; you can redistribute it and/or

# modify it under the terms of the GNU General Public License

# as published by the Free Software Foundation; version 2

# of the License or (at your opinion) any later version of the license.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program; if not, write to the Free Software

# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,

# MA  02110-1301, USA.

import traceback

import logging

from rhodecode.controllers.api import JSONRPCController, JSONRPCError

from rhodecode.lib.auth import HasPermissionAllDecorator, \

    HasPermissionAnyDecorator, PasswordGenerator, AuthUser

from rhodecode.lib.utils import map_groups, repo2db_mapper

from rhodecode.model.meta import Session

from rhodecode.model.scm import ScmModel

from rhodecode.model.repo import RepoModel

from rhodecode.model.user import UserModel

from rhodecode.model.users_group import UsersGroupModel

from rhodecode.model.permission import PermissionModel

log = logging.getLogger(__name__)

class Optional(object):

    """

    Defines an optional parameter::

        param = param.getval() if isinstance(param, Optional) else param

        param = param() if isinstance(param, Optional) else param

    is equivalent of::

        param = Optional.extract(param)

    """

    def __init__(self, type_):

        self.type_ = type_

    def __repr__(self):

        return '<Optional:%s>' % self.type_.__repr__()

    def __call__(self):

        return self.getval()

    def getval(self):

        """

        returns value from this Optional instance

        """

        return self.type_

    @classmethod

    def extract(cls, val):

        if isinstance(val, cls):

            return val.getval()

        return val

def get_user_or_error(userid):

    """

    Get user by id or name or return JsonRPCError if not found

    :param userid:

    """

    user = UserModel().get_user(userid)

    if user is None:

        raise JSONRPCError("user `%s` does not exist" % userid)

    return user

def get_repo_or_error(repoid):

    """

    Get repo by id or name or return JsonRPCError if not found

    :param userid:

    """

    repo = RepoModel().get_repo(repoid)

    if repo is None:

        raise JSONRPCError('repository `%s` does not exist' % (repoid))

    return repo

def get_users_group_or_error(usersgroupid):

    """

    Get users group by id or name or return JsonRPCError if not found

    :param userid:

    """

    users_group = UsersGroupModel().get_group(usersgroupid)

    if users_group is None:

        raise JSONRPCError('users group `%s` does not exist' % usersgroupid)

    return users_group

def get_perm_or_error(permid):

    """

    Get permission by id or name or return JsonRPCError if not found

    :param userid:

    """

    perm = PermissionModel().get_permission_by_name(permid)

    if perm is None:

        raise JSONRPCError('permission `%s` does not exist' % (permid))

    return perm

class ApiController(JSONRPCController):

    """

    API Controller

    Each method needs to have USER as argument this is then based on given

    API_KEY propagated as instance of user object

    Preferably this should be first argument also

        users_group = get_users_group_or_error(usersgroupid)

        try:

            success = UsersGroupModel().remove_user_from_group(users_group,

                                                               user)

            msg = 'removed member `%s` from users group `%s`' % (

                        user.username, users_group.users_group_name

                    )

            msg = msg if success else "User wasn't in group"

            Session().commit()

            return dict(success=success, msg=msg)

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError(

                'failed to remove member from users group `%s`' % (

                        users_group.users_group_name

                    )

            )

    @HasPermissionAnyDecorator('hg.admin')

    def get_repo(self, apiuser, repoid):

        """"

        Get repository by name

        :param apiuser:

        :param repoid:

        """

        repo = get_repo_or_error(repoid)

        members = []

        for user in repo.repo_to_perm:

            perm = user.permission.permission_name

            user = user.user

            user_data = user.get_api_data()

            user_data['type'] = "user"

            user_data['permission'] = perm

            members.append(user_data)

        for users_group in repo.users_group_to_perm:

            perm = users_group.permission.permission_name

            users_group = users_group.users_group

            users_group_data = users_group.get_api_data()

            users_group_data['type'] = "users_group"

            users_group_data['permission'] = perm

            members.append(users_group_data)

        data = repo.get_api_data()

        data['members'] = members

        return data

    @HasPermissionAnyDecorator('hg.admin')

    def get_repos(self, apiuser):

        """"

        Get all repositories

        :param apiuser:

        """

        result = []

        for repo in RepoModel().get_all():

            result.append(repo.get_api_data())

        return result

    @HasPermissionAnyDecorator('hg.admin')

    def get_repo_nodes(self, apiuser, repoid, revision, root_path,

                       ret_type='all'):

        """

        returns a list of nodes and it's children

        for a given path at given revision. It's possible to specify ret_type

        to show only files or dirs

        :param apiuser:

        :param repoid: name or id of repository

        :param revision: revision for which listing should be done

        :param root_path: path from which start displaying

        :param ret_type: return type 'all|files|dirs' nodes

        """

        repo = get_repo_or_error(repoid)

        try:

            _d, _f = ScmModel().get_nodes(repo, revision, root_path,

                                          flat=False)

            _map = {

                'all': _d + _f,

                'files': _f,

                'dirs': _d,

            }

            return _map[ret_type]

        except KeyError:

            raise JSONRPCError('ret_type must be one of %s' % _map.keys())

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError(

                'failed to get repo: `%s` nodes' % repo.repo_name

            )

    @HasPermissionAnyDecorator('hg.admin', 'hg.create.repository')

                    description=Optional(''), private=Optional(False),

        """

        Create repository, if clone_url is given it makes a remote clone

        if repo_name is withina  group name the groups will be created

        automatically if they aren't present

        :param apiuser:

        :param repo_name:

        :param onwer:

        :param repo_type:

        :param description:

        :param private:

        :param clone_uri:

        :param landing_rev:

        """

        owner = get_user_or_error(owner)

        if RepoModel().get_by_repo_name(repo_name):

            raise JSONRPCError("repo `%s` already exist" % repo_name)

        clone_uri = Optional.extract(clone_uri)

        description = Optional.extract(description)

        landing_rev = Optional.extract(landing_rev)

        try:

            # create structure of groups and return the last group

            group = map_groups(repo_name)

            repo = RepoModel().create_repo(

                repo_name=repo_name,

                repo_type=repo_type,

                description=description,

                owner=owner,

                private=private,

                clone_uri=clone_uri,

                repos_group=group,

                landing_rev=landing_rev,

            )

            Session().commit()

            return dict(

                msg="Created new repository `%s`" % (repo.repo_name),

                repo=repo.get_api_data()

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError('failed to create repository `%s`' % repo_name)

    @HasPermissionAnyDecorator('hg.admin')

    def fork_repo(self, apiuser, repoid, fork_name, owner,

                  description=Optional(''), copy_permissions=Optional(False),

                  private=Optional(False), landing_rev=Optional('tip')):

        repo = get_repo_or_error(repoid)

        repo_name = repo.repo_name

        owner = get_user_or_error(owner)

        _repo = RepoModel().get_by_repo_name(fork_name)

        if _repo:

            type_ = 'fork' if _repo.fork else 'repo'

            raise JSONRPCError("%s `%s` already exist" % (type_, fork_name))

        try:

            # create structure of groups and return the last group

            group = map_groups(fork_name)

            form_data = dict(

                repo_name=fork_name,

                repo_name_full=fork_name,

                repo_group=group,

                repo_type=repo.repo_type,

                description=Optional.extract(description),

                private=Optional.extract(private),

                copy_permissions=Optional.extract(copy_permissions),

                landing_rev=Optional.extract(landing_rev),

                update_after_clone=False,

                fork_parent_id=repo.repo_id,

            )

            RepoModel().create_fork(form_data, cur_user=owner)

            return dict(

                msg='Created fork of `%s` as `%s`' % (repo.repo_name,

                                                      fork_name),

                success=True  # cannot return the repo data here since fork

                              # cann be done async

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError(

                'failed to fork repository `%s` as `%s`' % (repo_name,

                                                            fork_name)

            )

    @HasPermissionAnyDecorator('hg.admin')

    def delete_repo(self, apiuser, repoid):

        """

        Deletes a given repository

        :param apiuser:

        :param repoid:

        """

        repo = get_repo_or_error(repoid)

        try:

            RepoModel().delete(repo)

            Session().commit()

            return dict(

                msg='Deleted repository `%s`' % repo.repo_name,

                success=True

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError(

                'failed to delete repository `%s`' % repo.repo_name

            )

    @HasPermissionAnyDecorator('hg.admin')

    def grant_user_permission(self, apiuser, repoid, userid, perm):

        """

        Grant permission for user on given repository, or update existing one

        if found

        :param repoid:

        :param userid:

        :param perm:

        """

        repo = get_repo_or_error(repoid)

        user = get_user_or_error(userid)

        perm = get_perm_or_error(perm)

        try:

            RepoModel().grant_user_permission(repo=repo, user=user, perm=perm)

                # handles that

                baseui.setconfig(safe_str(ui_.ui_section), safe_str(ui_.ui_key),

                                 False)

        if clear_session:

            meta.Session.remove()

    return baseui

def set_rhodecode_config(config):

    """

    Updates pylons config with new settings from database

    :param config:

    """

    hgsettings = RhodeCodeSetting.get_app_settings()

    for k, v in hgsettings.items():

        config[k] = v

def invalidate_cache(cache_key, *args):

    """

    Puts cache invalidation task into db for

    further global cache invalidation

    """

    from rhodecode.model.scm import ScmModel

    if cache_key.startswith('get_repo_cached_'):

        name = cache_key.split('get_repo_cached_')[-1]

        ScmModel().mark_for_invalidation(name)

def map_groups(path):

    """

    Given a full path to a repository, create all nested groups that this

    repo is inside. This function creates parent-child relationships between

    groups and creates default perms for all new groups.

    :param paths: full path to repository

    """

    sa = meta.Session()

    groups = path.split(Repository.url_sep())

    parent = None

    group = None

    # last element is repo in nested groups structure

    groups = groups[:-1]

    rgm = ReposGroupModel(sa)

    for lvl, group_name in enumerate(groups):

        group_name = '/'.join(groups[:lvl] + [group_name])

        group = RepoGroup.get_by_group_name(group_name)

        desc = '%s group' % group_name

        # skip folders that are now removed repos

        if REMOVED_REPO_PAT.match(group_name):

            break

        if group is None:

            log.debug('creating group level: %s group_name: %s' % (lvl,

                                                                   group_name))

            group = RepoGroup(group_name, parent)

            group.group_description = desc

            sa.add(group)

            rgm._create_default_perms(group)

            sa.flush()

        parent = group

    return group

def repo2db_mapper(initial_repo_list, remove_obsolete=False,

                   install_git_hook=False):

    """

    maps all repos given in initial_repo_list, non existing repositories

    are created, if remove_obsolete is True it also check for db entries

    that are not in initial_repo_list and removes them.

    :param initial_repo_list: list of repositories found by scanning methods

    :param remove_obsolete: check for obsolete entries in database

    :param install_git_hook: if this is True, also check and install githook

        for a repo if missing

    """

    from rhodecode.model.repo import RepoModel

    from rhodecode.model.scm import ScmModel

    sa = meta.Session()

    rm = RepoModel()

    user = sa.query(User).filter(User.admin == True).first()

    if user is None:

        raise Exception('Missing administrative account!')

    added = []

#    # clear cache keys

#    log.debug("Clearing cache keys now...")

#    CacheInvalidation.clear_cache()

#    sa.commit()

    for name, repo in initial_repo_list.items():

        group = map_groups(name)

        db_repo = rm.get_by_repo_name(name)

        # found repo that is on filesystem not in RhodeCode database

        if not db_repo:

            log.info('repository %s not found, creating now' % name)

            added.append(name)

            desc = (repo.description

                    if repo.description != 'unknown'

                    else '%s repository' % name)

            new_repo = rm.create_repo(

                repo_name=name,

                repo_type=repo.alias,

                description=desc,

                repos_group=getattr(group, 'group_id', None),

                owner=user,