# -*- coding: utf-8 -*-

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

kallithea.controllers.admin.settings

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

settings controller for Kallithea admin

This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: Jul 14, 2010

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

import logging

import traceback

import formencode

from formencode import htmlfill

from pylons import request, tmpl_context as c, url, config

from pylons.i18n.translation import _

from webob.exc import HTTPFound

from kallithea.lib import helpers as h

from kallithea.lib.auth import LoginRequired, HasPermissionAllDecorator

from kallithea.lib.base import BaseController, render

from kallithea.lib.celerylib import tasks, run_task

from kallithea.lib.exceptions import HgsubversionImportError

from kallithea.lib.utils import repo2db_mapper, set_app_settings

from kallithea.model.db import Ui, Repository, Setting

from kallithea.model.forms import ApplicationSettingsForm, \

    ApplicationUiSettingsForm, ApplicationVisualisationForm

from kallithea.model.scm import ScmModel

from kallithea.model.notification import EmailNotificationModel

from kallithea.model.meta import Session

from kallithea.lib.utils2 import str2bool, safe_unicode

log = logging.getLogger(__name__)

class SettingsController(BaseController):

    """REST Controller styled on the Atom Publishing Protocol"""

    # To properly map this controller, ensure your config/routing.py

    # file has a resource setup:

    #     map.resource('setting', 'settings', controller='admin/settings',

    #         path_prefix='/admin', name_prefix='admin_')

    @LoginRequired()

    def __before__(self):

        super(SettingsController, self).__before__()

    def _get_hg_ui_settings(self):

        ret = Ui.query().all()

        if not ret:

            raise Exception('Could not get application ui settings !')

        settings = {}

        for each in ret:

            k = each.ui_key

            v = each.ui_value

            if k == '/':

                k = 'root_path'

            if k == 'push_ssl':

                v = str2bool(v)

            if k.find('.') != -1:

                k = k.replace('.', '_')

            if each.ui_section in ['hooks', 'extensions']:

                v = each.ui_active

            settings[each.ui_section + '_' + k] = v

        return settings

    @HasPermissionAllDecorator('hg.admin')

    def settings_vcs(self):

        """GET /admin/settings: All items in the collection"""

        # url('admin_settings')

        c.active = 'vcs'

        if request.POST:

            application_form = ApplicationUiSettingsForm()()

            try:

                form_result = application_form.to_python(dict(request.POST))

            except formencode.Invalid as errors:

                return htmlfill.render(

                     render('admin/settings/settings.html'),

                     defaults=errors.value,

                     errors=errors.error_dict or {},

                     prefix_error=False,

                     encoding="UTF-8",

                     force_defaults=False)

            try:

                sett = Ui.get_by_key('push_ssl')

                sett.ui_value = form_result['web_push_ssl']

                if c.visual.allow_repo_location_change:

                    sett = Ui.get_by_key('/')

                    sett.ui_value = form_result['paths_root_path']

                #HOOKS

                sett = Ui.get_by_key(Ui.HOOK_UPDATE)

                sett.ui_active = form_result['hooks_changegroup_update']

                sett = Ui.get_by_key(Ui.HOOK_REPO_SIZE)

                sett.ui_active = form_result['hooks_changegroup_repo_size']

                sett = Ui.get_by_key(Ui.HOOK_PUSH)

                sett.ui_active = form_result['hooks_changegroup_push_logger']

                sett = Ui.get_by_key(Ui.HOOK_PULL)

                sett.ui_active = form_result['hooks_outgoing_pull_logger']

                ## EXTENSIONS

                sett.ui_active = form_result['extensions_largefiles']

                sett.ui_active = form_result['extensions_hgsubversion']

                if sett.ui_active:

                    try:

                        import hgsubversion  # pragma: no cover

                    except ImportError:

                        raise HgsubversionImportError

#                sett.ui_active = form_result['extensions_hggit']

                Session().commit()

                h.flash(_('Updated VCS settings'), category='success')

            except HgsubversionImportError:

                log.error(traceback.format_exc())

                h.flash(_('Unable to activate hgsubversion support. '

                          'The "hgsubversion" library is missing'),

                        category='error')

            except Exception:

                log.error(traceback.format_exc())

                h.flash(_('Error occurred while updating '

                          'application settings'), category='error')

        defaults = Setting.get_app_settings()

        defaults.update(self._get_hg_ui_settings())

        return htmlfill.render(

            render('admin/settings/settings.html'),

            defaults=defaults,

            encoding="UTF-8",

            force_defaults=False)

    @HasPermissionAllDecorator('hg.admin')

    def settings_mapping(self):

        """GET /admin/settings/mapping: All items in the collection"""

        # url('admin_settings_mapping')

        c.active = 'mapping'

        if request.POST:

            rm_obsolete = request.POST.get('destroy', False)

            install_git_hooks = request.POST.get('hooks', False)

            overwrite_git_hooks = request.POST.get('hooks_overwrite', False);

            invalidate_cache = request.POST.get('invalidate', False)

            log.debug('rescanning repo location with destroy obsolete=%s, '

                      'install git hooks=%s and '

                      'overwrite git hooks=%s' % (rm_obsolete, install_git_hooks, overwrite_git_hooks))

            if invalidate_cache:

                log.debug('invalidating all repositories cache')

                for repo in Repository.get_all():

                    ScmModel().mark_for_invalidation(repo.repo_name)

            filesystem_repos = ScmModel().repo_scan()

            added, removed = repo2db_mapper(filesystem_repos, rm_obsolete,

                                            install_git_hooks=install_git_hooks,

                                            user=c.authuser.username,

                                            overwrite_git_hooks=overwrite_git_hooks)

            h.flash(h.literal(_('Repositories successfully rescanned. Added: %s. Removed: %s.') %

                (', '.join(h.link_to(safe_unicode(repo_name), h.url('summary_home', repo_name=repo_name))

                 for repo_name in added) or '-',

                 ', '.join(h.escape(safe_unicode(repo_name)) for repo_name in removed) or '-')),

                category='success')

            raise HTTPFound(location=url('admin_settings_mapping'))

        defaults = Setting.get_app_settings()

        defaults.update(self._get_hg_ui_settings())

        return htmlfill.render(

            render('admin/settings/settings.html'),

            defaults=defaults,

            encoding="UTF-8",

            force_defaults=False)

    @HasPermissionAllDecorator('hg.admin')

    def settings_global(self):

        """GET /admin/settings/global: All items in the collection"""

        # url('admin_settings_global')

        c.active = 'global'

        if request.POST:

            application_form = ApplicationSettingsForm()()

            try:

                form_result = application_form.to_python(dict(request.POST))

            except formencode.Invalid as errors:

                return htmlfill.render(

                    render('admin/settings/settings.html'),

                    defaults=errors.value,

                    errors=errors.error_dict or {},

                    prefix_error=False,

                    encoding="UTF-8",

                    force_defaults=False)

            try:

                sett1 = Setting.create_or_update('title',

                                            form_result['title'])

                Session().add(sett1)

                sett2 = Setting.create_or_update('realm',

                                            form_result['realm'])

                Session().add(sett2)

                sett3 = Setting.create_or_update('ga_code',

                                            form_result['ga_code'])

                Session().add(sett3)

                sett4 = Setting.create_or_update('captcha_public_key',

                                    form_result['captcha_public_key'])

                Session().add(sett4)

                sett5 = Setting.create_or_update('captcha_private_key',

                                    form_result['captcha_private_key'])

                Session().add(sett5)

                Session().commit()

                set_app_settings(config)

                h.flash(_('Updated application settings'), category='success')

            except Exception:

                log.error(traceback.format_exc())

                h.flash(_('Error occurred while updating '

                          'application settings'),

                          category='error')

            raise HTTPFound(location=url('admin_settings_global'))

        defaults = Setting.get_app_settings()

        defaults.update(self._get_hg_ui_settings())

        return htmlfill.render(

            render('admin/settings/settings.html'),

            defaults=defaults,

            encoding="UTF-8",

            force_defaults=False)

    @HasPermissionAllDecorator('hg.admin')

    def settings_visual(self):

        """GET /admin/settings/visual: All items in the collection"""

        # url('admin_settings_visual')

        c.active = 'visual'

        if request.POST:

            application_form = ApplicationVisualisationForm()()

            try:

                form_result = application_form.to_python(dict(request.POST))

            except formencode.Invalid as errors:

                return htmlfill.render(

                    render('admin/settings/settings.html'),

                    defaults=errors.value,

                    errors=errors.error_dict or {},

                    prefix_error=False,

                    encoding="UTF-8",

                    force_defaults=False)

            try:

                settings = [

                    ('show_public_icon', 'show_public_icon', 'bool'),

                    ('show_private_icon', 'show_private_icon', 'bool'),

                    ('stylify_metatags', 'stylify_metatags', 'bool'),

                    ('repository_fields', 'repository_fields', 'bool'),

                    ('dashboard_items', 'dashboard_items', 'int'),

                    ('admin_grid_items', 'admin_grid_items', 'int'),

                    ('show_version', 'show_version', 'bool'),

                    ('use_gravatar', 'use_gravatar', 'bool'),

                    ('gravatar_url', 'gravatar_url', 'unicode'),

                    ('clone_uri_tmpl', 'clone_uri_tmpl', 'unicode'),

                ]

                for setting, form_key, type_ in settings:

                    sett = Setting.create_or_update(setting,

                                        form_result[form_key], type_)

                    Session().add(sett)

                Session().commit()

                set_app_settings(config)

                h.flash(_('Updated visualisation settings'),

                        category='success')

            except Exception:

                log.error(traceback.format_exc())

                h.flash(_('Error occurred during updating '

                          'visualisation settings'),

                        category='error')

            raise HTTPFound(location=url('admin_settings_visual'))

        defaults = Setting.get_app_settings()

        defaults.update(self._get_hg_ui_settings())

        return htmlfill.render(

            render('admin/settings/settings.html'),

            defaults=defaults,

            encoding="UTF-8",

            force_defaults=False)

    @HasPermissionAllDecorator('hg.admin')

    def settings_email(self):

        """GET /admin/settings/email: All items in the collection"""

        # url('admin_settings_email')

        c.active = 'email'

        if request.POST:

            test_email = request.POST.get('test_email')

            test_email_subj = 'Kallithea test email'

                            'mysql_charset': 'utf8',

                            'sqlite_autoincrement': True,

                           }

class Setting(Base, BaseModel):

    __tablename__ = DB_PREFIX + 'settings'

    __table_args__ = (

        _table_args_default_dict,

    )

    SETTINGS_TYPES = {

        'str': safe_str,

        'int': safe_int,

        'unicode': safe_unicode,

        'bool': str2bool,

        'list': functools.partial(aslist, sep=',')

    }

    DEFAULT_UPDATE_URL = ''

    app_settings_id = Column(Integer(), unique=True, primary_key=True)

    app_settings_name = Column(String(255), nullable=False, unique=True)

    _app_settings_value = Column("app_settings_value", Unicode(4096), nullable=False)

    _app_settings_type = Column("app_settings_type", String(255), nullable=True) # FIXME: not nullable?

    def __init__(self, key='', val='', type='unicode'):

        self.app_settings_name = key

        self.app_settings_value = val

        self.app_settings_type = type

    @validates('_app_settings_value')

    def validate_settings_value(self, key, val):

        assert type(val) == unicode

        return val

    @hybrid_property

    def app_settings_value(self):

        v = self._app_settings_value

        _type = self.app_settings_type

        converter = self.SETTINGS_TYPES.get(_type) or self.SETTINGS_TYPES['unicode']

        return converter(v)

    @app_settings_value.setter

    def app_settings_value(self, val):

        """

        Setter that will always make sure we use unicode in app_settings_value

        :param val:

        """

        self._app_settings_value = safe_unicode(val)

    @hybrid_property

    def app_settings_type(self):

        return self._app_settings_type

    @app_settings_type.setter

    def app_settings_type(self, val):

        if val not in self.SETTINGS_TYPES:

            raise Exception('type must be one of %s got %s'

                            % (self.SETTINGS_TYPES.keys(), val))

        self._app_settings_type = val

    def __unicode__(self):

        return u"<%s('%s:%s[%s]')>" % (

            self.__class__.__name__,

            self.app_settings_name, self.app_settings_value, self.app_settings_type

        )

    @classmethod

    def get_by_name(cls, key):

        return cls.query() \

            .filter(cls.app_settings_name == key).scalar()

    @classmethod

    def get_by_name_or_create(cls, key, val='', type='unicode'):

        res = cls.get_by_name(key)

        if res is None:

            res = cls(key, val, type)

        return res

    @classmethod

    def create_or_update(cls, key, val=Optional(''), type=Optional('unicode')):

        """

        Creates or updates Kallithea setting. If updates are triggered, it will only

        update parameters that are explicitly set. Optional instance will be skipped.

        :param key:

        :param val:

        :param type:

        :return:

        """

        res = cls.get_by_name(key)

        if res is None:

            val = Optional.extract(val)

            type = Optional.extract(type)

            res = cls(key, val, type)

        else:

            res.app_settings_name = key

            if not isinstance(val, Optional):

                # update if set

                res.app_settings_value = val

            if not isinstance(type, Optional):

                # update if set

                res.app_settings_type = type

        return res

    @classmethod

    def get_app_settings(cls, cache=False):

        ret = cls.query()

        if cache:

            ret = ret.options(FromCache("sql_cache_short", "get_hg_settings"))

        if ret is None:

            raise Exception('Could not get application settings !')

        settings = {}

        for each in ret:

            settings[each.app_settings_name] = \

                each.app_settings_value

        return settings

    @classmethod

    def get_auth_plugins(cls, cache=False):

        auth_plugins = cls.get_by_name("auth_plugins").app_settings_value

        return auth_plugins

    @classmethod

    def get_auth_settings(cls, cache=False):

        ret = cls.query() \

                .filter(cls.app_settings_name.startswith('auth_')).all()

        fd = {}

        for row in ret:

            fd[row.app_settings_name] = row.app_settings_value

        return fd

    @classmethod

    def get_default_repo_settings(cls, cache=False, strip_prefix=False):

        ret = cls.query() \

                .filter(cls.app_settings_name.startswith('default_')).all()

        fd = {}

        for row in ret:

            key = row.app_settings_name

            if strip_prefix:

                key = remove_prefix(key, prefix='default_')

            fd.update({key: row.app_settings_value})

        return fd

    @classmethod

    def get_server_info(cls):

        import pkg_resources

        import platform

        import kallithea

        from kallithea.lib.utils import check_git_version

        mods = [(p.project_name, p.version) for p in pkg_resources.working_set]

        info = {

            'modules': sorted(mods, key=lambda k: k[0].lower()),

            'py_version': platform.python_version(),

            'platform': safe_unicode(platform.platform()),

            'kallithea_version': kallithea.__version__,

            'git_version': safe_unicode(check_git_version()),

            'git_path': kallithea.CONFIG.get('git_path')

        }

        return info

class Ui(Base, BaseModel):

    __tablename__ = DB_PREFIX + 'ui'

    __table_args__ = (

        # FIXME: ui_key as key is wrong and should be removed when the corresponding

        # Ui.get_by_key has been replaced by the composite key

        UniqueConstraint('ui_key'),

        UniqueConstraint('ui_section', 'ui_key'),

        _table_args_default_dict,

    )

    HOOK_UPDATE = 'changegroup.update'

    HOOK_REPO_SIZE = 'changegroup.repo_size'

    HOOK_PUSH = 'changegroup.push_logger'

    HOOK_PRE_PUSH = 'prechangegroup.pre_push'

    HOOK_PULL = 'outgoing.pull_logger'

    HOOK_PRE_PULL = 'preoutgoing.pre_pull'

    ui_id = Column(Integer(), unique=True, primary_key=True)

    ui_section = Column(String(255), nullable=False)

    ui_key = Column(String(255), nullable=False)

    ui_value = Column(String(255), nullable=True) # FIXME: not nullable?

    ui_active = Column(Boolean(), nullable=False, default=True)

    @classmethod

    def get_by_key(cls, key):

        return cls.query().filter(cls.ui_key == key).scalar()

    @classmethod

    def get_builtin_hooks(cls):

        q = cls.query()

        q = q.filter(cls.ui_key.in_([cls.HOOK_UPDATE, cls.HOOK_REPO_SIZE,

                                     cls.HOOK_PUSH, cls.HOOK_PRE_PUSH,

                                     cls.HOOK_PULL, cls.HOOK_PRE_PULL]))

        return q.all()

    @classmethod

    def get_custom_hooks(cls):

        q = cls.query()

        q = q.filter(~cls.ui_key.in_([cls.HOOK_UPDATE, cls.HOOK_REPO_SIZE,

                                      cls.HOOK_PUSH, cls.HOOK_PRE_PUSH,

                                      cls.HOOK_PULL, cls.HOOK_PRE_PULL]))

        q = q.filter(cls.ui_section == 'hooks')

        return q.all()

    @classmethod

    def get_repos_location(cls):

        return cls.get_by_key('/').ui_value

    @classmethod

    def create_or_update_hook(cls, key, val):

        new_ui.ui_active = True

        new_ui.ui_value = val

    def __repr__(self):

        return '<%s[%s]%s=>%s]>' % (self.__class__.__name__, self.ui_section,

                                    self.ui_key, self.ui_value)

class User(Base, BaseModel):

    __tablename__ = 'users'

    __table_args__ = (

        Index('u_username_idx', 'username'),

        Index('u_email_idx', 'email'),

        _table_args_default_dict,

    )

    DEFAULT_USER = 'default'

    DEFAULT_GRAVATAR_URL = 'https://secure.gravatar.com/avatar/{md5email}?d=identicon&s={size}'

    user_id = Column(Integer(), unique=True, primary_key=True)

    username = Column(String(255), nullable=False, unique=True)

    password = Column(String(255), nullable=False)

    active = Column(Boolean(), nullable=False, default=True)

    admin = Column(Boolean(), nullable=False, default=False)

    name = Column("firstname", Unicode(255), nullable=False)

    lastname = Column(Unicode(255), nullable=False)

    _email = Column("email", String(255), nullable=True, unique=True) # FIXME: not nullable?

    last_login = Column(DateTime(timezone=False), nullable=True)

    extern_type = Column(String(255), nullable=True) # FIXME: not nullable?

    extern_name = Column(String(255), nullable=True) # FIXME: not nullable?

    api_key = Column(String(255), nullable=False)

    inherit_default_permissions = Column(Boolean(), nullable=False, default=True)

    created_on = Column(DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

    _user_data = Column("user_data", LargeBinary(), nullable=True)  # JSON data # FIXME: not nullable?

    user_log = relationship('UserLog')

    user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all')

    repositories = relationship('Repository')

    repo_groups = relationship('RepoGroup')

    user_groups = relationship('UserGroup')

    user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all')

    followings = relationship('UserFollowing', primaryjoin='UserFollowing.user_id==User.user_id', cascade='all')

    repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all')

    repo_group_to_perm = relationship('UserRepoGroupToPerm', primaryjoin='UserRepoGroupToPerm.user_id==User.user_id', cascade='all')

    group_member = relationship('UserGroupMember', cascade='all')

    notifications = relationship('UserNotification', cascade='all')

    # notifications assigned to this user

    user_created_notifications = relationship('Notification', cascade='all')

    # comments created by this user

    user_comments = relationship('ChangesetComment', cascade='all')

    #extra emails for this user

    user_emails = relationship('UserEmailMap', cascade='all')

    #extra API keys

    user_api_keys = relationship('UserApiKeys', cascade='all')

    @hybrid_property

    def email(self):

        return self._email

    @email.setter

    def email(self, val):

        self._email = val.lower() if val else None

    @property

    def firstname(self):

        # alias for future

        return self.name

    @property

    def emails(self):

        other = UserEmailMap.query().filter(UserEmailMap.user==self).all()

        return [self.email] + [x.email for x in other]

    @property

    def api_keys(self):

        other = UserApiKeys.query().filter(UserApiKeys.user==self).all()

        return [self.api_key] + [x.api_key for x in other]

    @property

    def ip_addresses(self):

        ret = UserIpMap.query().filter(UserIpMap.user == self).all()

        return [x.ip_addr for x in ret]

    @property

    def full_name(self):

        return '%s %s' % (self.firstname, self.lastname)

    @property

    def full_name_or_username(self):

        """

        Show full name.

        If full name is not set, fall back to username.

        """

        return ('%s %s' % (self.firstname, self.lastname)

                if (self.firstname and self.lastname) else self.username)

    @property

    def full_name_and_username(self):

        """

        Show full name and username as 'Firstname Lastname (username)'.

        If full name is not set, fall back to username.

        """

        return ('%s %s (%s)' % (self.firstname, self.lastname, self.username)

                if (self.firstname and self.lastname) else self.username)

    @property

    def full_contact(self):

        return '%s %s <%s>' % (self.firstname, self.lastname, self.email)

    @property

    def short_contact(self):

        return '%s %s' % (self.firstname, self.lastname)

    @property

    def is_admin(self):

        return self.admin

    @property

    def AuthUser(self):

        """

        Returns instance of AuthUser for this user

        """

        from kallithea.lib.auth import AuthUser

        return AuthUser(dbuser=self)

    @hybrid_property

    def user_data(self):

        if not self._user_data:

            return {}

        try:

            return json.loads(self._user_data)

        except TypeError:

            return {}

    @user_data.setter

    def user_data(self, val):

        try:

            self._user_data = json.dumps(val)

        except Exception:

            log.error(traceback.format_exc())

    def __unicode__(self):

        return u"<%s('id:%s:%s')>" % (self.__class__.__name__,

                                      self.user_id, self.username)

    @classmethod

    def get_or_404(cls, id_, allow_default=True):

        '''

        Overridden version of BaseModel.get_or_404, with an extra check on

        the default user.

        '''

        user = super(User, cls).get_or_404(id_)

        if allow_default == False:

            if user.username == User.DEFAULT_USER:

                raise DefaultUserException

        return user

    @classmethod

    def get_by_username(cls, username, case_insensitive=False, cache=False):

        if case_insensitive:

            q = cls.query().filter(cls.username.ilike(username))

        else:

            q = cls.query().filter(cls.username == username)

        if cache:

            q = q.options(FromCache(

                            "sql_cache_short",

                            "get_user_%s" % _hash_key(username)

                          )

            )

        return q.scalar()

    @classmethod

    def get_by_api_key(cls, api_key, cache=False, fallback=True):

        if len(api_key) != 40 or not api_key.isalnum():

            return None

        q = cls.query().filter(cls.api_key == api_key)

        if cache:

            q = q.options(FromCache("sql_cache_short",

                                    "get_api_key_%s" % api_key))

        res = q.scalar()

        if fallback and not res:

            #fallback to additional keys

            _res = UserApiKeys.query() \

                .filter(UserApiKeys.api_key == api_key) \

                .filter(or_(UserApiKeys.expires == -1,