@HasPermissionAllDecorator('hg.admin')    

    def edit(self, repo_name, format='html'):

        """GET /repos/repo_name/edit: Form to edit an existing item"""

        # url('edit_repo', repo_name=ID)

        repo_model = RepoModel()

        c.repo_info = repo = repo_model.get(repo_name)

        if not repo:

            h.flash(_('%s repository is not mapped to db perhaps' 

                      ' it was created or renamed from the filesystem'

                      ' please run the application again'

                      ' in order to rescan repositories') % repo_name,

                      category='error')

            return redirect(url('repos'))        

        defaults = c.repo_info.__dict__

        if c.repo_info.user:

            defaults.update({'user':c.repo_info.user.username})

        else:

            replacement_user = self.sa.query(User)\

            .filter(User.admin == True).first().username

            defaults.update({'user':replacement_user})

        c.users_array = repo_model.get_users_js()

            defaults.update({'perm_%s' % p.user.username: 

                             p.permission.permission_name})

        return htmlfill.render(

            render('admin/repos/repo_edit.html'),

            defaults=defaults,

            encoding="UTF-8",

            force_defaults=False

        )          

log = logging.getLogger(__name__)

class SettingsController(BaseController):

    @LoginRequired()

    @HasRepoPermissionAllDecorator('repository.admin')           

    def __before__(self):

        super(SettingsController, self).__before__()

    def index(self, repo_name):

        repo_model = RepoModel()

        c.repo_info = repo = repo_model.get(repo_name)

        if not repo:

            h.flash(_('%s repository is not mapped to db perhaps' 

                      ' it was created or renamed from the filesystem'

                      ' please run the application again'

                      ' in order to rescan repositories') % repo_name,

                      category='error')

            return redirect(url('repos'))        

        defaults = c.repo_info.__dict__

        defaults.update({'user':c.repo_info.user.username})

        c.users_array = repo_model.get_users_js()

            defaults.update({'perm_%s' % p.user.username: 

                             p.permission.permission_name})

        return htmlfill.render(

            render('settings/repo_settings.html'),

            defaults=defaults,

            encoding="UTF-8",

            force_defaults=False

        )  

    def update(self, repo_name):

        repo_model = RepoModel()

        changed_name = repo_name

        _form = RepoSettingsForm(edit=True, old_data={'repo_name':repo_name})()

        try:

            form_result = _form.to_python(dict(request.POST))

            repo_model.update(repo_name, form_result)

            invalidate_cache('cached_repo_list')

            h.flash(_('Repository %s updated succesfully' % repo_name),

                    category='success')

            changed_name = form_result['repo_name']               

        except formencode.Invalid as errors:

            c.repo_info = repo_model.get(repo_name)

            c.users_array = repo_model.get_users_js()

# This program is free software; you can redistribute it and/or

# modify it under the terms of the GNU General Public License

# as published by the Free Software Foundation; version 2

# of the License or (at your opinion) any later version of the license.

# 

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

# 

# You should have received a copy of the GNU General Public License

# along with this program; if not, write to the Free Software

# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,

# MA  02110-1301, USA.

"""

Created on April 4, 2010

@author: marcink

"""

from beaker.cache import cache_region

from pylons import config, session, url, request

from pylons.controllers.util import abort, redirect

from pylons_app.lib.utils import get_repo_slug

from pylons_app.model import meta

from sqlalchemy.exc import OperationalError

from sqlalchemy.orm.exc import NoResultFound, MultipleResultsFound

import crypt

from decorator import decorator

import logging

log = logging.getLogger(__name__) 

def get_crypt_password(password):

    """

    Cryptographic function used for password hashing

    @param password: password to hash

    """

    return crypt.crypt(password, '6a')

@cache_region('super_short_term', 'cached_user')

def get_user_cached(username):

    sa = meta.Session

    try:

        user = sa.query(User).filter(User.username == username).one()

    finally:

        meta.Session.remove()

    return user

    """

    sa = meta.Session

    dbuser = sa.query(User).get(user.user_id)

    if dbuser:

        user.username = dbuser.username

        user.is_admin = dbuser.admin

        user.name = dbuser.name

        user.lastname = dbuser.lastname

    else:

        user.is_authenticated = False

    meta.Session.remove()

    return user

def fill_perms(user):

    """

    Fills user permission attribute with permissions taken from database

    @param user:

    """

    sa = meta.Session

    user.permissions['repositories'] = {}

    user.permissions['global'] = set()

    #first fetch default permissions

                                            'default').one().user_id).all()

    if user.is_admin:

        user.permissions['global'].add('hg.admin')

        #admin have all rights set to admin

        for perm in default_perms:

            p = 'repository.admin'

    else:

        user.permissions['global'].add('repository.create')

        for perm in default_perms:

            if perm.Repository.private and not perm.Repository.user_id == user.user_id:

                #disable defaults for private repos,

                p = 'repository.none'

            elif perm.Repository.user_id == user.user_id:

                #set admin if owner

                p = 'repository.admin'

            else:

                p = perm.Permission.permission_name

        #overwrite userpermissions with defaults

        for perm in user_perms:

            #set write if owner

            if perm.Repository.user_id == user.user_id:

                p = 'repository.write'

            else:

                p = perm.Permission.permission_name

    meta.Session.remove()         

    return user

def get_user(session):

    """

    Gets user from session, and wraps permissions into user

    @param session:

    """

    user = session.get('hg_app_user', AuthUser())

    if user.is_authenticated:

        user = fill_data(user)

        user = fill_perms(user)

    session['hg_app_user'] = user

    session.save()

    return user

#===============================================================================

# CHECK DECORATORS

#===============================================================================

class LoginRequired(object):

    """Must be logged in to execute this function else redirect to login page"""

    def __call__(self, func):

        return decorator(self.__wrapper, func)

        return "<User('%s:%s')>" % (self.user_id, self.username)

class UserLog(Base): 

    __tablename__ = 'user_logs'

    __table_args__ = {'useexisting':True}

    user_log_id = Column("user_log_id", INTEGER(), nullable=False, unique=True, default=None, primary_key=True)

    user_id = Column("user_id", INTEGER(), ForeignKey(u'users.user_id'), nullable=False, unique=None, default=None)

    user_ip = Column("user_ip", TEXT(length=None, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None) 

    repository = Column("repository", TEXT(length=None, convert_unicode=False, assert_unicode=None), ForeignKey(u'repositories.repo_name'), nullable=False, unique=None, default=None)

    action = Column("action", TEXT(length=None, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)

    action_date = Column("action_date", DATETIME(timezone=False), nullable=True, unique=None, default=None)

    user = relation('User')

class Repository(Base):

    __tablename__ = 'repositories'

    __table_args__ = (UniqueConstraint('repo_name'), {'useexisting':True},)

    repo_id = Column("repo_id", INTEGER(), nullable=False, unique=True, default=None, primary_key=True)

    repo_name = Column("repo_name", TEXT(length=None, convert_unicode=False, assert_unicode=None), nullable=False, unique=True, default=None)

    user_id = Column("user_id", INTEGER(), ForeignKey(u'users.user_id'), nullable=False, unique=False, default=None)

    private = Column("private", BOOLEAN(), nullable=True, unique=None, default=None)

    description = Column("description", TEXT(length=None, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)

    user = relation('User')

class Permission(Base):

    __tablename__ = 'permissions'

    __table_args__ = {'useexisting':True}

    permission_id = Column("permission_id", INTEGER(), nullable=False, unique=True, default=None, primary_key=True)

    permission_name = Column("permission_name", TEXT(length=None, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)

    permission_longname = Column("permission_longname", TEXT(length=None, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)

    def __repr__(self):

        return "<Permission('%s:%s')>" % (self.permission_id, self.permission_name)

    __tablename__ = 'repo_to_perm'

    __table_args__ = (UniqueConstraint('user_id', 'repository_id'), {'useexisting':True})

    user_id = Column("user_id", INTEGER(), ForeignKey(u'users.user_id'), nullable=False, unique=None, default=None)

    permission_id = Column("permission_id", INTEGER(), ForeignKey(u'permissions.permission_id'), nullable=False, unique=None, default=None)

    repository_id = Column("repository_id", INTEGER(), ForeignKey(u'repositories.repo_id'), nullable=False, unique=None, default=None) 

    user = relation('User')

    permission = relation('Permission')

    repository = relation('Repository')

# model for handling repositories actions

# Copyright (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com>

# This program is free software; you can redistribute it and/or

# modify it under the terms of the GNU General Public License

# as published by the Free Software Foundation; version 2

# of the License or (at your opinion) any later version of the license.

# 

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

# 

# You should have received a copy of the GNU General Public License

# along with this program; if not, write to the Free Software

# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,

# MA  02110-1301, USA.

"""

Created on Jun 5, 2010

model for handling repositories actions

@author: marcink

"""

from datetime import datetime

from pylons import app_globals as g

from pylons_app.lib.utils import check_repo

from pylons_app.model.meta import Session

import logging

import os

import shutil

import traceback

log = logging.getLogger(__name__)

class RepoModel(object):

    def __init__(self):

        self.sa = Session()

    def get(self, id):

        return self.sa.query(Repository).filter(Repository.repo_name == id).scalar()

    def get_users_js(self):

        users = self.sa.query(User).filter(User.active == True).all()

        u_tmpl = '''{id:%s, fname:"%s", lname:"%s", nname:"%s"},'''

        users_array = '[%s];' % '\n'.join([u_tmpl % (u.user_id, u.name,

                                                    u.lastname, u.username) 

                                        for u in users])

        return users_array        

    def update(self, repo_name, form_data):

        try:

            #update permissions

            for username, perm in form_data['perms_updates']:

                                .filter(User.username == username).one())\

                        .one()

                r2p.permission_id = self.sa.query(Permission).filter(

                                                Permission.permission_name == 

                                                perm).one().permission_id

                self.sa.add(r2p)

            #set new permissions

            for username, perm in form_data['perms_new']:

                r2p.repository = self.get(repo_name)

                r2p.user = self.sa.query(User)\

                                .filter(User.username == username).one()

                r2p.permission_id = self.sa.query(Permission).filter(

                                        Permission.permission_name == perm)\

                                        .one().permission_id

                self.sa.add(r2p)

            #update current repo

            cur_repo = self.get(repo_name)

            for k, v in form_data.items():

                if k == 'user':

                    cur_repo.user_id = v

                else:

                    setattr(cur_repo, k, v)

            self.sa.add(cur_repo)

            if repo_name != form_data['repo_name']:

                #rename our data

                self.__rename_repo(repo_name, form_data['repo_name'])            

            self.sa.commit()

        except:

            log.error(traceback.format_exc())

            self.sa.rollback()

            raise    

    def create(self, form_data, cur_user, just_db=False):

        try:

            repo_name = form_data['repo_name']

            new_repo = Repository()

            for k, v in form_data.items():

                setattr(new_repo, k, v)

            new_repo.user_id = cur_user.user_id

            self.sa.add(new_repo)

            #create default permission

            default_perm = 'repository.none' if form_data['private'] \

                                                        else 'repository.read'

                    .filter(Permission.permission_name == default_perm)\

                    .one().permission_id

                    .filter(User.username == 'default').one().user_id 

            self.sa.commit()

            if not just_db:

                self.__create_repo(repo_name)

        except:

            log.error(traceback.format_exc())

            self.sa.rollback()

            raise    

    def delete(self, repo):

        try:

            self.sa.delete(repo)

            self.sa.commit()

            self.__delete_repo(repo.repo_name)

        except:

            log.error(traceback.format_exc())

            self.sa.rollback()

            raise

    def delete_perm_user(self, form_data, repo_name):

        try:

            self.sa.commit()

        except:

            log.error(traceback.format_exc())

            self.sa.rollback()

            raise

    def __create_repo(self, repo_name):        

        repo_path = os.path.join(g.base_path, repo_name)

        if check_repo(repo_name, g.base_path):

            log.info('creating repo %s in %s', repo_name, repo_path)

            from vcs.backends.hg import MercurialRepository

            MercurialRepository(repo_path, create=True)

    def __rename_repo(self, old, new):

        log.info('renaming repo from %s to %s', old, new)

        old_path = os.path.join(g.base_path, old)

        new_path = os.path.join(g.base_path, new)

        if os.path.isdir(new_path):

            raise Exception('Was trying to rename to already existing dir %s',

                            new_path)        

        shutil.move(old_path, new_path)

    def __delete_repo(self, name):

                </div>

                <div class="input input-small ac">

                    <div class="perm_ac">

                       ${h.text('user',class_='yui-ac-input')}

                       <div id="owner_container"></div>

                    </div>

                </div>

             </div>                

            <div class="field">

                <div class="label">

                    <label for="input">${_('Permissions')}:</label>

                </div>

                <div class="input">

                    <table id="permissions_manage">

                        <tr>

                            <td>${_('none')}</td>

                            <td>${_('read')}</td>

                            <td>${_('write')}</td>

                            <td>${_('admin')}</td>

                            <td>${_('user')}</td>

                            <td></td>

                        </tr>

                            %if r2p.user.username =='default' and c.repo_info.private:

                                <tr>

                                    <td colspan="4">

                                        <span class="private_repo_msg">

                                        ${_('private repository')}

                                        </span>

                                    </td>

                                    <td class="private_repo_msg">${r2p.user.username}</td>

                                </tr>

                            %else:

                            <tr id="id${id(r2p.user.username)}">

                                <td>${h.radio('perm_%s' % r2p.user.username,'repository.none')}</td>

                                <td>${h.radio('perm_%s' % r2p.user.username,'repository.read')}</td>

                                <td>${h.radio('perm_%s' % r2p.user.username,'repository.write')}</td>

                                <td>${h.radio('perm_%s' % r2p.user.username,'repository.admin')}</td>

                                <td>${r2p.user.username}</td>

                                <td>

                                  %if r2p.user.username !='default':

                                    <span class="delete_icon action_button" onclick="ajaxAction(${r2p.user.user_id},'${'id%s'%id(r2p.user.username)}')">

                                        <script type="text/javascript">

                                            function ajaxAction(user_id,field_id){

                                                var sUrl = "${h.url('delete_repo_user',repo_name=c.repo_name)}";

                                                var callback = { success:function(o){

                                                var tr = YAHOO.util.Dom.get(String(field_id));

            <div class="field">

                <div class="label label-checkbox">

                    <label for="private">${_('Private')}:</label>

                </div>

                <div class="checkboxes">

                    ${h.checkbox('private',value="True")}

                </div>

            </div>

             <div class="field">

                <div class="label">

                    <label for="">${_('Permissions')}:</label>

                </div>

                <div class="input">

                    <table id="permissions_manage">

                        <tr>

                            <td>${_('none')}</td>

                            <td>${_('read')}</td>

                            <td>${_('write')}</td>

                            <td>${_('admin')}</td>

                            <td>${_('user')}</td>

                            <td></td>

                        </tr>

                            %if r2p.user.username =='default' and c.repo_info.private:

                                <tr>

                                    <td colspan="4">

                                        <span class="private_repo_msg">

                                        ${_('private repository')}

                                        </span>

                                    </td>

                                    <td class="private_repo_msg">${r2p.user.username}</td>

                                </tr>

                            %else:

                            <tr id="id${id(r2p.user.username)}">

                                <td>${h.radio('perm_%s' % r2p.user.username,'repository.none')}</td>

                                <td>${h.radio('perm_%s' % r2p.user.username,'repository.read')}</td>

                                <td>${h.radio('perm_%s' % r2p.user.username,'repository.write')}</td>

                                <td>${h.radio('perm_%s' % r2p.user.username,'repository.admin')}</td>

                                <td>${r2p.user.username}</td>

                                <td>

                                  %if r2p.user.username !='default':

                                    <span class="delete_icon action_button" onclick="ajaxAction(${r2p.user.user_id},'${'id%s'%id(r2p.user.username)}')">

                                        <script type="text/javascript">

                                            function ajaxAction(user_id,field_id){

                                                var sUrl = "${h.url('delete_repo_user',repo_name=c.repo_name)}";

                                                var callback = { success:function(o){

                                                var tr = YAHOO.util.Dom.get(String(field_id));