install_git_hooks = request.POST.get('hooks', False)

            invalidate_cache = request.POST.get('invalidate', False)

            log.debug('rescanning repo location with destroy obsolete=%s and '

                      'install git hooks=%s' % (rm_obsolete,install_git_hooks))

            if invalidate_cache:

                log.debug('invalidating all repositories cache')

                for repo in Repository.get_all():

                    ScmModel().mark_for_invalidation(repo.repo_name, delete=True)

            filesystem_repos = ScmModel().repo_scan()

            added, removed = repo2db_mapper(filesystem_repos, rm_obsolete,

                                            install_git_hook=install_git_hooks)

            _repr = lambda l: ', '.join(map(safe_unicode, l)) or '-'

            h.flash(_('Repositories successfully '

                      'rescanned added: %s ; removed: %s') %

                    (_repr(added), _repr(removed)),

                    category='success')

            return redirect(url('admin_settings_mapping'))

        defaults = Setting.get_app_settings()

        defaults.update(self._get_hg_ui_settings())

        return htmlfill.render(

            render('admin/settings/settings.html'),

            defaults=defaults,

            encoding="UTF-8",

            force_defaults=False)

    @HasPermissionAllDecorator('hg.admin')

    def settings_global(self):

        """GET /admin/settings/global: All items in the collection"""

        # url('admin_settings_global')

        c.active = 'global'

        if request.POST:

            application_form = ApplicationSettingsForm()()

            try:

                form_result = application_form.to_python(dict(request.POST))

            except formencode.Invalid, errors:

                return htmlfill.render(

                    render('admin/settings/settings.html'),

                    defaults=errors.value,

                    errors=errors.error_dict or {},

                    prefix_error=False,

                    encoding="UTF-8")

            try:

                sett1 = Setting.create_or_update('title',

                Session().add(sett1)

                sett2 = Setting.create_or_update('realm',

                Session().add(sett2)

                sett3 = Setting.create_or_update('ga_code',

                Session().add(sett3)

                sett4 = Setting.create_or_update('captcha_public_key',

                Session().add(sett4)

                sett5 = Setting.create_or_update('captcha_private_key',

                Session().add(sett5)

                Session().commit()

                set_app_settings(config)

                h.flash(_('Updated application settings'), category='success')

            except Exception:

                log.error(traceback.format_exc())

                h.flash(_('Error occurred during updating '

                          'application settings'),

                          category='error')

            return redirect(url('admin_settings_global'))

        defaults = Setting.get_app_settings()

        defaults.update(self._get_hg_ui_settings())

        return htmlfill.render(

            render('admin/settings/settings.html'),

            defaults=defaults,

            encoding="UTF-8",

            force_defaults=False)

    @HasPermissionAllDecorator('hg.admin')

    def settings_visual(self):

        """GET /admin/settings/visual: All items in the collection"""

        # url('admin_settings_visual')

        c.active = 'visual'

        if request.POST:

            application_form = ApplicationVisualisationForm()()

            try:

                form_result = application_form.to_python(dict(request.POST))

            except formencode.Invalid, errors:

                return htmlfill.render(

                    render('admin/settings/settings.html'),

                    defaults=errors.value,

                    errors=errors.error_dict or {},

                    prefix_error=False,

                    encoding="UTF-8"

                )

            try:

                settings = [

                ]

                for setting, form_key, type_ in settings:

                    sett = Setting.create_or_update(setting,

                                        form_result[form_key], type_)

                    Session().add(sett)

                Session().commit()

                set_app_settings(config)

                h.flash(_('Updated visualisation settings'),

                        category='success')

            except Exception:

                log.error(traceback.format_exc())

                h.flash(_('Error occurred during updating '

                          'visualisation settings'),

                        category='error')

            return redirect(url('admin_settings_visual'))

        defaults = Setting.get_app_settings()

        defaults.update(self._get_hg_ui_settings())

        return htmlfill.render(

            render('admin/settings/settings.html'),

            defaults=defaults,

            encoding="UTF-8",

            force_defaults=False)

    @HasPermissionAllDecorator('hg.admin')

    def settings_email(self):

        """GET /admin/settings/email: All items in the collection"""

        # url('admin_settings_email')

        c.active = 'email'

        if request.POST:

            test_email = request.POST.get('test_email')

            test_email_subj = 'Kallithea test email'

            test_email_body = ('Kallithea Email test, '

                               'Kallithea version: %s' % c.kallithea_version)

            if not test_email:

                h.flash(_('Please enter email address'), category='error')

                return redirect(url('admin_settings_email'))

            test_email_html_body = EmailNotificationModel()\

                .get_email_tmpl(EmailNotificationModel.TYPE_DEFAULT,

                                body=test_email_body)

            recipients = [test_email] if test_email else None

                            category='error')

                return redirect(url('admin_settings_hooks'))

        defaults = Setting.get_app_settings()

        defaults.update(self._get_hg_ui_settings())

        c.hooks = Ui.get_builtin_hooks()

        c.custom_hooks = Ui.get_custom_hooks()

        return htmlfill.render(

            render('admin/settings/settings.html'),

            defaults=defaults,

            encoding="UTF-8",

            force_defaults=False)

    @HasPermissionAllDecorator('hg.admin')

    def settings_search(self):

        """GET /admin/settings/search: All items in the collection"""

        # url('admin_settings_search')

        c.active = 'search'

        if request.POST:

            repo_location = self._get_hg_ui_settings()['paths_root_path']

            full_index = request.POST.get('full_index', False)

            run_task(tasks.whoosh_index, repo_location, full_index)

            h.flash(_('Whoosh reindex task scheduled'), category='success')

            return redirect(url('admin_settings_search'))

        defaults = Setting.get_app_settings()

        defaults.update(self._get_hg_ui_settings())

        return htmlfill.render(

            render('admin/settings/settings.html'),

            defaults=defaults,

            encoding="UTF-8",

            force_defaults=False)

    @HasPermissionAllDecorator('hg.admin')

    def settings_system(self):

        """GET /admin/settings/system: All items in the collection"""

        # url('admin_settings_system')

        c.active = 'system'

        defaults = Setting.get_app_settings()

        defaults.update(self._get_hg_ui_settings())

        import kallithea

        c.ini = kallithea.CONFIG

        server_info = Setting.get_server_info()

        for key, val in server_info.iteritems():

            setattr(c, key, val)

        return htmlfill.render(

            render('admin/settings/settings.html'),

            defaults=defaults,

            encoding="UTF-8",

            force_defaults=False)

    @HasPermissionAllDecorator('hg.admin')

    def settings_system_update(self):

        """GET /admin/settings/system/updates: All items in the collection"""

        # url('admin_settings_system_update')

        import json

        import urllib2

        from kallithea.lib.verlib import NormalizedVersion

        from kallithea import __version__

        defaults = Setting.get_app_settings()

        defaults.update(self._get_hg_ui_settings())

        _update_url = "" # FIXME: disabled

        _err = lambda s: '<div style="color:#ff8888; padding:4px 0px">%s</div>' % (s)

        try:

            import kallithea

            ver = kallithea.__version__

            log.debug('Checking for upgrade on `%s` server' % _update_url)

            opener = urllib2.build_opener()

            opener.addheaders = [('User-agent', 'Kallithea-SCM/%s' % ver)]

            response = opener.open(_update_url)

            response_data = response.read()

            data = json.loads(response_data)

        except urllib2.URLError, e:

            log.error(traceback.format_exc())

            return _err('Failed to contact upgrade server: %r' % e)

        except ValueError, e:

            log.error(traceback.format_exc())

            return _err('Bad data sent from update server')

        latest = data['versions'][0]

        c.update_url = _update_url

        c.latest_data = latest

        c.latest_ver = latest['version']

        c.cur_ver = __version__

        c.should_upgrade = False

        if NormalizedVersion(c.latest_ver) > NormalizedVersion(c.cur_ver):

            c.should_upgrade = True

        c.important_notices = latest['general']

        return render('admin/settings/settings_system_update.html'),

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

kallithea.controllers.error

~~~~~~~~~~~~~~~~~~~~~~~~~~~

Kallithea error controller

This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: Dec 8, 2010

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

import os

import cgi

import logging

import paste.fileapp

from pylons import tmpl_context as c, request, config, url

from pylons.i18n.translation import _

from pylons.middleware import  media_path

from kallithea.lib.base import BaseController, render

log = logging.getLogger(__name__)

class ErrorController(BaseController):

    """Generates error documents as and when they are required.

    The ErrorDocuments middleware forwards to ErrorController when error

    related status codes are returned from the application.

    This behavior can be altered by changing the parameters to the

    ErrorDocuments middleware in your config/middleware.py file.

    """

    def __before__(self):

        #disable all base actions since we don't need them here

        pass

    def document(self):

        resp = request.environ.get('pylons.original_response')

        log.debug('### %s ###' % resp.status)

        e = request.environ

        c.serv_p = r'%(protocol)s://%(host)s/' \

                                    % {'protocol': e.get('wsgi.url_scheme'),

                                       'host': e.get('HTTP_HOST'), }

        c.error_message = cgi.escape(request.GET.get('code', str(resp.status)))

        c.error_explanation = self.get_error_explanation(resp.status_int)

        #  redirect to when error with given seconds

        c.redirect_time = 0

        c.redirect_module = _('Home page')

        c.url_redirect = "/"

        return render('/errors/error_document.html')

    def img(self, id):

        """Serve Pylons' stock images"""

        return self._serve_file(os.path.join(media_path, 'img', id))

    def style(self, id):

        """Serve Pylons' stock stylesheets"""

        return self._serve_file(os.path.join(media_path, 'style', id))

    def _serve_file(self, path):

        """Call Paste's FileApp (a WSGI application) to serve the file

        at the specified path

        """

        fapp = paste.fileapp.FileApp(path)

        return fapp(request.environ, self.start_response)

    def get_error_explanation(self, code):

        """ get the error explanations of int codes

            [400, 401, 403, 404, 500]"""

        try:

            code = int(code)

        except Exception:

            code = 500

        if code == 400:

            return _('The request could not be understood by the server'

                     ' due to malformed syntax.')

        if code == 401:

            return _('Unauthorized access to resource')

        if code == 403:

            return _("You don't have permission to view this page")

                session.invalidate()

                c.form_result = login_form.to_python(dict(request.POST))

                # form checks for username/password, now we're authenticated

                headers = self._store_user_in_session(

                                        username=c.form_result['username'],

                                        remember=c.form_result['remember'])

                raise HTTPFound(location=c.came_from, headers=headers)

            except formencode.Invalid, errors:

                defaults = errors.value

                # remove password from filling in form again

                del defaults['password']

                return htmlfill.render(

                    render('/login.html'),

                    defaults=errors.value,

                    errors=errors.error_dict or {},

                    prefix_error=False,

                    encoding="UTF-8")

            except UserCreationError, e:

                # container auth or other auth functions that create users on

                # the fly can throw this exception signaling that there's issue

                # with user creation, explanation should be provided in

                # Exception itself

                h.flash(e, 'error')

        # check if we use container plugin, and try to login using it.

        auth_plugins = Setting.get_auth_plugins()

        if any((importplugin(name).is_container_auth for name in auth_plugins)):

            from kallithea.lib import auth_modules

            try:

                auth_info = auth_modules.authenticate('', '', request.environ)

            except UserCreationError, e:

                log.error(e)

                h.flash(e, 'error')

                # render login, with flash message about limit

                return render('/login.html')

            if auth_info:

                headers = self._store_user_in_session(auth_info.get('username'))

                raise HTTPFound(location=c.came_from, headers=headers)

        return render('/login.html')

    @HasPermissionAnyDecorator('hg.admin', 'hg.register.auto_activate',

                               'hg.register.manual_activate')

    def register(self):

        c.auto_active = 'hg.register.auto_activate' in User.get_default_user()\

            .AuthUser.permissions['global']

        settings = Setting.get_app_settings()

        c.captcha_active = bool(captcha_private_key)

        if request.POST:

            register_form = RegisterForm()()

            try:

                form_result = register_form.to_python(dict(request.POST))

                form_result['active'] = c.auto_active

                if c.captcha_active:

                    from kallithea.lib.recaptcha import submit

                    response = submit(request.POST.get('recaptcha_challenge_field'),

                                      request.POST.get('recaptcha_response_field'),

                                      private_key=captcha_private_key,

                                      remoteip=self.ip_addr)

                    if c.captcha_active and not response.is_valid:

                        _value = form_result

                        _msg = _('bad captcha')

                        error_dict = {'recaptcha_field': _msg}

                        raise formencode.Invalid(_msg, _value, None,

                                                 error_dict=error_dict)

                UserModel().create_registration(form_result)

                h.flash(_('You have successfully registered into Kallithea'),

                        category='success')

                Session().commit()

                return redirect(url('login_home'))

            except formencode.Invalid, errors:

                return htmlfill.render(

                    render('/register.html'),

                    defaults=errors.value,

                    errors=errors.error_dict or {},

                    prefix_error=False,

                    encoding="UTF-8")

            except UserCreationError, e:

                # container auth or other auth functions that create users on

                # the fly can throw this exception signaling that there's issue

                # with user creation, explanation should be provided in

                # Exception itself

                h.flash(e, 'error')

        return render('/register.html')

    def password_reset(self):

        settings = Setting.get_app_settings()

        c.captcha_active = bool(captcha_private_key)

        if request.POST:

            password_reset_form = PasswordResetForm()()

            try:

                form_result = password_reset_form.to_python(dict(request.POST))

                if c.captcha_active:

                    from kallithea.lib.recaptcha import submit

                    response = submit(request.POST.get('recaptcha_challenge_field'),

                                      request.POST.get('recaptcha_response_field'),

                                      private_key=captcha_private_key,

                                      remoteip=self.ip_addr)

                    if c.captcha_active and not response.is_valid:

                        _value = form_result

                        _msg = _('bad captcha')

                        error_dict = {'recaptcha_field': _msg}

                        raise formencode.Invalid(_msg, _value, None,

                                                 error_dict=error_dict)

                UserModel().reset_password_link(form_result)

                h.flash(_('Your password reset link was sent'),

                            category='success')

                return redirect(url('login_home'))

            except formencode.Invalid, errors:

                return htmlfill.render(

                    render('/password_reset.html'),

                    defaults=errors.value,

                    errors=errors.error_dict or {},

                    prefix_error=False,

                    encoding="UTF-8")

        return render('/password_reset.html')

    def password_reset_confirmation(self):

        if request.GET and request.GET.get('key'):

            try:

                user = User.get_by_api_key(request.GET.get('key'))

                data = dict(email=user.email)

                UserModel().reset_password(data)

                h.flash(_('Your password reset was successful, '

                          'new password has been sent to your email'),

                            category='success')

            except Exception, e:

                log.error(e)

                return redirect(url('reset_password'))

        return redirect(url('login_home'))

    def logout(self):

        locked_by = repo.locked

        if repo and repo.enable_locking and not obsolete_call:

            if action == 'push':

                #check if it's already locked !, if it is compare users

                user_id, _date = repo.locked

                if user.user_id == user_id:

                    log.debug('Got push from user %s, now unlocking' % (user))

                    # unlock if we have push from user who locked

                    make_lock = False

                else:

                    # we're not the same user who locked, ban with 423 !

                    locked = True

            if action == 'pull':

                if repo.locked[0] and repo.locked[1]:

                    locked = True

                else:

                    log.debug('Setting lock on repo %s by %s' % (repo, user))

                    make_lock = True

        else:

            log.debug('Repository %s do not have locking enabled' % (repo))

        log.debug('FINAL locking values make_lock:%s,locked:%s,locked_by:%s'

                  % (make_lock, locked, locked_by))

        return make_lock, locked, locked_by

    def __call__(self, environ, start_response):

        start = time.time()

        try:

            return self._handle_request(environ, start_response)

        finally:

            log = logging.getLogger('kallithea.' + self.__class__.__name__)

            log.debug('Request time: %.3fs' % (time.time() - start))

            meta.Session.remove()

class BaseController(WSGIController):

    def __before__(self):

        """

        __before__ is called before controller methods and after __call__

        """

        c.kallithea_version = __version__

        rc_config = Setting.get_app_settings()

        # Visual options

        c.visual = AttributeDict({})

        ## DB stored

        ## INI stored

        c.visual.allow_repo_location_change = str2bool(config.get('allow_repo_location_change', True))

        c.visual.allow_custom_hooks_settings = str2bool(config.get('allow_custom_hooks_settings', True))

        c.instance_id = config.get('instance_id')

        c.issues_url = config.get('bugtracker', url('issues_url'))

        # END CONFIG VARS

        c.repo_name = get_repo_slug(request)  # can be empty

        c.backends = BACKENDS.keys()

        c.unread_notifications = NotificationModel()\

                        .get_unread_cnt_for_user(c.authuser.user_id)

        self.cut_off_limit = safe_int(config.get('cut_off_limit'))

        self.sa = meta.Session

        self.scm_model = ScmModel(self.sa)

    def __call__(self, environ, start_response):

        """Invoke the Controller"""

        # WSGIController.__call__ dispatches to the Controller method

        # the request is routed to. This routing information is

        # available in environ['pylons.routes_dict']

        try:

            self.ip_addr = _get_ip_addr(environ)

            # make sure that we update permissions each time we call controller

            api_key = request.GET.get('api_key')

            if api_key:

                # when using API_KEY we are sure user exists.

                auth_user = AuthUser(api_key=api_key, ip_addr=self.ip_addr)

                authenticated = False

            else:

                cookie_store = CookieStoreWrapper(session.get('authuser'))

                try:

                    auth_user = AuthUser(user_id=cookie_store.get('user_id', None),

                                         ip_addr=self.ip_addr)

                except UserCreationError, e:

                    from kallithea.lib import helpers as h

                    h.flash(e, 'error')

                    # container auth or other auth functions that create users on

                    # the fly can throw this exception signaling that there's issue

                    # with user creation, explanation should be provided in

                    # Exception itself

                    auth_user = AuthUser(ip_addr=self.ip_addr)

                authenticated = cookie_store.get('is_authenticated')

    def __init__(self, k='', v=''):

        self.app_settings_name = k

        self.app_settings_value = v

    @validates('_app_settings_value')

    def validate_settings_value(self, key, val):

        assert type(val) == unicode

        return val

    @hybrid_property

    def app_settings_value(self):

        v = self._app_settings_value

        if v == 'ldap_active':

            v = str2bool(v)

        return v

    @app_settings_value.setter

    def app_settings_value(self, val):

        """

        Setter that will always make sure we use unicode in app_settings_value

        :param val:

        """

        self._app_settings_value = safe_unicode(val)

    def __repr__(self):

        return "<%s('%s:%s')>" % (self.__class__.__name__,

                                  self.app_settings_name, self.app_settings_value)

    @classmethod

    def get_by_name(cls, ldap_key):

        return cls.query()\

            .filter(cls.app_settings_name == ldap_key).scalar()

    @classmethod

    def get_app_settings(cls, cache=False):

        ret = cls.query()

        if cache:

            ret = ret.options(FromCache("sql_cache_short", "get_hg_settings"))

        if not ret:

            raise Exception('Could not get application settings !')

        settings = {}

        for each in ret:

                each.app_settings_value

        return settings

    @classmethod

    def get_ldap_settings(cls, cache=False):

        ret = cls.query()\

                .filter(cls.app_settings_name.startswith('ldap_')).all()

        fd = {}

        for row in ret:

            fd.update({row.app_settings_name:row.app_settings_value})

        return fd

class Ui(Base, BaseModel):

    __tablename__ = 'rhodecode_ui'

    __table_args__ = (UniqueConstraint('ui_key'), {'extend_existing':True})

    HOOK_UPDATE = 'changegroup.update'

    HOOK_REPO_SIZE = 'changegroup.repo_size'

    HOOK_PUSH = 'pretxnchangegroup.push_logger'

    HOOK_PULL = 'preoutgoing.pull_logger'

    ui_id = Column("ui_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

    ui_section = Column("ui_section", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)

    ui_key = Column("ui_key", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)

    ui_value = Column("ui_value", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)

    ui_active = Column("ui_active", Boolean(), nullable=True, unique=None, default=True)

    @classmethod

    def get_by_key(cls, key):

        return cls.query().filter(cls.ui_key == key)

    @classmethod

    def get_builtin_hooks(cls):

        q = cls.query()

        q = q.filter(cls.ui_key.in_([cls.HOOK_UPDATE,

                                    cls.HOOK_REPO_SIZE,

                                    cls.HOOK_PUSH, cls.HOOK_PULL]))

        return q.all()

    @classmethod

    def get_custom_hooks(cls):

        q = cls.query()

        q = q.filter(~cls.ui_key.in_([cls.HOOK_UPDATE,

    def __init__(self, k='', v=''):

        self.app_settings_name = k

        self.app_settings_value = v

    @validates('_app_settings_value')

    def validate_settings_value(self, key, val):

        assert type(val) == unicode

        return val

    @hybrid_property

    def app_settings_value(self):

        v = self._app_settings_value

        if self.app_settings_name == 'ldap_active':

            v = str2bool(v)

        return v

    @app_settings_value.setter

    def app_settings_value(self, val):

        """

        Setter that will always make sure we use unicode in app_settings_value

        :param val:

        """

        self._app_settings_value = safe_unicode(val)

    def __unicode__(self):

        return u"<%s('%s:%s')>" % (

            self.__class__.__name__,

            self.app_settings_name, self.app_settings_value

        )

    @classmethod

    def get_by_name(cls, ldap_key):

        return cls.query()\

            .filter(cls.app_settings_name == ldap_key).scalar()

    @classmethod

    def get_app_settings(cls, cache=False):

        ret = cls.query()

        if cache:

            ret = ret.options(FromCache("sql_cache_short", "get_hg_settings"))

        if not ret:

            raise Exception('Could not get application settings !')

        settings = {}

        for each in ret:

                each.app_settings_value

        return settings

    @classmethod

    def get_ldap_settings(cls, cache=False):

        ret = cls.query()\

                .filter(cls.app_settings_name.startswith('ldap_')).all()

        fd = {}

        for row in ret:

            fd.update({row.app_settings_name:row.app_settings_value})

        return fd

class Ui(Base, BaseModel):

    __tablename__ = 'rhodecode_ui'

    __table_args__ = (

        UniqueConstraint('ui_key'),

        {'extend_existing': True, 'mysql_engine':'InnoDB',

         'mysql_charset': 'utf8'}

    )

    HOOK_UPDATE = 'changegroup.update'

    HOOK_REPO_SIZE = 'changegroup.repo_size'

    HOOK_PUSH = 'pretxnchangegroup.push_logger'

    HOOK_PULL = 'preoutgoing.pull_logger'

    ui_id = Column("ui_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

    ui_section = Column("ui_section", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)