c.is_range = False

        try:

            if c.a_ref_type == 'rev': # this looks like a free range where target is ancestor

                cs_a = org_scm_instance.get_changeset(c.a_rev)

                root_parents = c.cs_ranges[0].parents

                c.is_range = cs_a in root_parents

                #c.merge_root = len(root_parents) > 1 # a range starting with a merge might deserve a warning

        except ChangesetDoesNotExistError: # probably because c.a_rev not found

            pass

        except IndexError: # probably because c.cs_ranges is empty, probably because revisions are missing

            pass

        avail_revs = set()

        avail_show = []

        c.cs_branch_name = c.cs_ref_name

        c.a_branch_name = None

        other_scm_instance = c.a_repo.scm_instance

        c.update_msg = ""

        c.update_msg_other = ""

        try:

            if not c.cs_ranges:

                c.update_msg = _('Error: changesets not found when displaying pull request from %s.') % c.cs_rev

            elif org_scm_instance.alias == 'hg' and c.a_ref_name != 'ancestor':

                if c.cs_ref_type != 'branch':

                    c.cs_branch_name = org_scm_instance.get_changeset(c.cs_ref_name).branch # use ref_type ?

                c.a_branch_name = c.a_ref_name

                if c.a_ref_type != 'branch':

                    try:

                        c.a_branch_name = other_scm_instance.get_changeset(c.a_ref_name).branch # use ref_type ?

                    except EmptyRepositoryError:

                        c.a_branch_name = 'null' # not a branch name ... but close enough

                # candidates: descendants of old head that are on the right branch

                #             and not are the old head itself ...

                #             and nothing at all if old head is a descendant of target ref name

                if not c.is_range and other_scm_instance._repo.revs('present(%s)::&%s', c.cs_ranges[-1].raw_id, c.a_branch_name):

                    c.update_msg = _('This pull request has already been merged to %s.') % c.a_branch_name

                elif c.pull_request.is_closed():

                    c.update_msg = _('This pull request has been closed and can not be updated.')

                else: # look for descendants of PR head on source branch in org repo

                    avail_revs = org_scm_instance._repo.revs('%s:: & branch(%s)',

                                                             revs[0], c.cs_branch_name)

                    if len(avail_revs) > 1: # more than just revs[0]

                        # also show changesets that not are descendants but would be merged in

                        targethead = other_scm_instance.get_changeset(c.a_branch_name).raw_id

                        if org_scm_instance.path != other_scm_instance.path:

                            # Note: org_scm_instance.path must come first so all

                            # valid revision numbers are 100% org_scm compatible

                            # - both for avail_revs and for revset results

                            hgrepo = unionrepo.unionrepository(org_scm_instance.baseui,

                                                               org_scm_instance.path,

                                                               other_scm_instance.path)

                        else:

                            hgrepo = org_scm_instance._repo

                        show = set(hgrepo.revs('::%ld & !::parents(%s) & !::%s',

                                               avail_revs, revs[0], targethead))

                        if show:

                            c.update_msg = _('The following additional changes are available on %s:') % c.cs_branch_name

                        else:

                            c.update_msg = _('No additional changesets found for iterating on this pull request.')

                    else:

                        show = set()

                        avail_revs = set() # drop revs[0]

                        c.update_msg = _('No additional changesets found for iterating on this pull request.')

                    # TODO: handle branch heads that not are tip-most

                    brevs = org_scm_instance._repo.revs('%s - %ld - %s', c.cs_branch_name, avail_revs, revs[0])

                    if brevs:

                        # also show changesets that are on branch but neither ancestors nor descendants

                        show.update(org_scm_instance._repo.revs('::%ld - ::%ld - ::%s', brevs, avail_revs, c.a_branch_name))

                        show.add(revs[0]) # make sure graph shows this so we can see how they relate

                        c.update_msg_other = _('Note: Branch %s has another head: %s.') % (c.cs_branch_name,

                            h.short_id(org_scm_instance.get_changeset((max(brevs))).raw_id))

                    avail_show = sorted(show, reverse=True)

            elif org_scm_instance.alias == 'git':

                c.cs_repo.scm_instance.get_changeset(c.cs_rev) # check it exists - raise ChangesetDoesNotExistError if not

                c.update_msg = _("Git pull requests don't support iterating yet.")

        except ChangesetDoesNotExistError:

            c.update_msg = _('Error: some changesets not found when displaying pull request from %s.') % c.cs_rev

        c.avail_revs = avail_revs

        c.avail_cs = [org_scm_instance.get_changeset(r) for r in avail_show]

        c.avail_jsdata = graph_data(org_scm_instance, avail_show)

        raw_ids = [x.raw_id for x in c.cs_ranges]

        c.cs_comments = c.cs_repo.get_comments(raw_ids)

        c.cs_statuses = c.cs_repo.statuses(raw_ids)

        ignore_whitespace = request.GET.get('ignorews') == '1'

        line_context = safe_int(request.GET.get('context'), 3)

        c.ignorews_url = _ignorews_url

        c.context_url = _context_url

        fulldiff = request.GET.get('fulldiff')

        diff_limit = None if fulldiff else self.cut_off_limit

# -*- coding: utf-8 -*-

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

kallithea.model.user

~~~~~~~~~~~~~~~~~~~~

users model for Kallithea

This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: Apr 9, 2010

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

import hashlib

import hmac

import logging

import time

import traceback

from sqlalchemy.exc import DatabaseError

from tg import config

from tg.i18n import ugettext as _

from kallithea.lib.caching_query import FromCache

from kallithea.lib.exceptions import DefaultUserException, UserOwnsReposException

from kallithea.model.db import Permission, User, UserEmailMap, UserIpMap, UserToPerm

from kallithea.model.meta import Session

log = logging.getLogger(__name__)

class UserModel(object):

    password_reset_token_lifetime = 86400 # 24 hours

    def get(self, user_id, cache=False):

        user = User.query()

        if cache:

            user = user.options(FromCache("sql_cache_short",

                                          "get_user_%s" % user_id))

        return user.get(user_id)

    def get_user(self, user):

        return User.guess_instance(user)

    def create(self, form_data, cur_user=None):

        if not cur_user:

            cur_user = getattr(get_current_authuser(), 'username', None)

        from kallithea.lib.hooks import log_create_user, \

            check_allowed_create_user

        _fd = form_data

        user_data = {

            'username': _fd['username'],

            'password': _fd['password'],

            'email': _fd['email'],

            'firstname': _fd['firstname'],

            'lastname': _fd['lastname'],

            'active': _fd['active'],

            'admin': False

        }

        # raises UserCreationError if it's not allowed

        check_allowed_create_user(user_data, cur_user)

        from kallithea.lib.auth import get_crypt_password

        new_user = User()

        for k, v in form_data.items():

            if k == 'password':

                v = get_crypt_password(v)

            if k == 'firstname':

                k = 'name'

            setattr(new_user, k, v)

    def create_or_update(self, username, password, email, firstname=u'',

                         lastname=u'', active=True, admin=False,

                         extern_type=None, extern_name=None, cur_user=None):

        """

        Creates a new instance if not found, or updates current one

        :param username:

        :param password:

        :param email:

        :param active:

        :param firstname:

        :param lastname:

        :param active:

        :param admin:

        :param extern_name:

        :param extern_type:

        :param cur_user:

        """

        if not cur_user:

            cur_user = getattr(get_current_authuser(), 'username', None)

        from kallithea.lib.auth import get_crypt_password, check_password

        from kallithea.lib.hooks import log_create_user, \

            check_allowed_create_user

        user_data = {

            'username': username, 'password': password,

            'email': email, 'firstname': firstname, 'lastname': lastname,

            'active': active, 'admin': admin

        }

        # raises UserCreationError if it's not allowed

        check_allowed_create_user(user_data, cur_user)

        log.debug('Checking for %s account in Kallithea database', username)

        user = User.get_by_username(username, case_insensitive=True)

        if user is None:

            log.debug('creating new user %s', username)

            new_user = User()

            edit = False

        else:

            log.debug('updating user %s', username)

            new_user = user

            edit = True

        try:

            new_user.username = username

            new_user.admin = admin

            new_user.email = email

            new_user.active = active

                if extern_name else None

                if extern_type else None

            new_user.name = firstname

            new_user.lastname = lastname

            if not edit:

                new_user.api_key = generate_api_key()

            # set password only if creating an user or password is changed

            password_change = new_user.password and \

                not check_password(password, new_user.password)

            if not edit or password_change:

                reason = 'new password' if edit else 'new user'

                log.debug('Updating password reason=>%s', reason)

                new_user.password = get_crypt_password(password) \

                    if password else ''

            if user is None:

                Session().add(new_user)

                Session().flush() # make database assign new_user.user_id

            if not edit:

                log_create_user(new_user.get_dict(), cur_user)

            return new_user

        except (DatabaseError,):

            log.error(traceback.format_exc())

            raise

    def create_registration(self, form_data):

        from kallithea.model.notification import NotificationModel

        import kallithea.lib.helpers as h

        form_data['admin'] = False

        form_data['extern_type'] = User.DEFAULT_AUTH_TYPE

        form_data['extern_name'] = ''

        new_user = self.create(form_data)

        # notification to admins

        subject = _('New user registration')

        body = (

            u'New user registration\n'

            '---------------------\n'

            '- Username: {user.username}\n'

            '- Full Name: {user.full_name}\n'

            '- Email: {user.email}\n'

            ).format(user=new_user)

        edit_url = h.canonical_url('edit_user', id=new_user.user_id)

        email_kwargs = {