# CHECK LOCKING only if it's not ANONYMOUS USER

        elif not user.is_default_user:

            log.debug('Checking locking on repository')

            make_lock, locked, locked_by = check_locking_state(action, repo_name, user)

            # store the make_lock for later evaluation in hooks

            extras.update({'make_lock': make_lock,

                           'locked_by': locked_by})

        fix_PATH()

        log.debug('HOOKS extras is %s', extras)

        baseui = make_ui('db')

        self.__inject_extras(repo_path, baseui, extras)

        try:

            log.info('%s action on Mercurial repo "%s" by "%s" from %s',

                     action, str_repo_name, safe_str(user.username), ip_addr)

            app = self.__make_app(repo_path, baseui, extras)

            result = app(environ, start_response)

            if action == 'push':

                result = WSGIResultCloseCallback(result,

                    lambda: self._invalidate_cache(repo_name))

            return result

        except RepoError as e:

            if str(e).find('not found') != -1:

                return HTTPNotFound()(environ, start_response)

        except HTTPLockedRC as e:

            # Before Mercurial 3.6, lock exceptions were caught here

            log.debug('Locked, response %s: %s', e.code, e.title)

            return e(environ, start_response)

        except Exception:

            log.error(traceback.format_exc())

            return HTTPInternalServerError()(environ, start_response)

    def __make_app(self, repo_name, baseui, extras):

        """

        Make an wsgi application using hgweb, and inject generated baseui

        instance, additionally inject some extras into ui object

        """

        class HgWebWrapper(hgweb_mod.hgweb):

            # Work-around for Mercurial 3.6+ causing lock exceptions to be

            # thrown late

            def _runwsgi(self, req, repo):

                try:

                    return super(HgWebWrapper, self)._runwsgi(req, repo)

                except HTTPLockedRC as e:

                    log.debug('Locked, response %s: %s', e.code, e.title)

                    req.respond(e.status, 'text/plain')

                    return ''

        return HgWebWrapper(repo_name, name=repo_name, baseui=baseui)

    def __get_repository(self, environ):

        """

        Gets repository name out of PATH_INFO header

        :param environ: environ where PATH_INFO is stored

        """

        try:

            environ['PATH_INFO'] = self._get_by_id(environ['PATH_INFO'])

            repo_name = '/'.join(environ['PATH_INFO'].split('/')[1:])

            if repo_name.endswith('/'):

                repo_name = repo_name.rstrip('/')

        except Exception:

            log.error(traceback.format_exc())

            raise

        return repo_name

    def __get_action(self, environ):

        """

        Maps mercurial request commands into a pull or push command.

        Raises HTTPBadRequest if the request environment doesn't look like a hg client.

        """

        mapping = {'unbundle': 'push',

                   'pushkey': 'push'}

        for qry in environ['QUERY_STRING'].split('&'):

            if qry.startswith('cmd'):

                cmd = qry.split('=')[-1]

                return mapping.get(cmd, 'pull')

        # Note: the client doesn't get the helpful error message

        raise HTTPBadRequest('Unable to detect pull/push action! Are you using non standard command or client?')

    def __inject_extras(self, repo_path, baseui, extras=None):

        """

        Injects some extra params into baseui instance

        also overwrites global settings with those takes from local hgrc file

        :param baseui: baseui instance

        :param extras: dict with extra params to put into baseui

        """

        hgrc = os.path.join(repo_path, '.hg', 'hgrc')

        if repoui:

            #overwrite our ui instance with the section from hgrc file

            for section in ui_sections:

                for k, v in repoui.configitems(section):

                    baseui.setconfig(section, k, v)

        _set_extras(extras or {})

                log.warning('ignoring non-bare Git repo: %s', cur_path)

                continue

            if (isdir(cur_path, '.hg') or

                isdir(cur_path, '.svn') or

                isdir(cur_path, 'objects') and (isdir(cur_path, 'refs') or

                                                os.path.isfile(os.path.join(cur_path, 'packed-refs')))):

                if not os.access(cur_path, os.R_OK) or not os.access(cur_path, os.X_OK):

                    log.warning('ignoring repo path without access: %s', cur_path)

                    continue

                if not os.access(cur_path, os.W_OK):

                    log.warning('repo path without write access: %s', cur_path)

                try:

                    scm_info = get_scm(cur_path)

                    assert cur_path.startswith(path)

                    repo_path = cur_path[len(path) + 1:]

                    yield repo_path, scm_info

                    continue # no recursion

                except VCSError:

                    # We should perhaps ignore such broken repos, but especially

                    # the bare git detection is unreliable so we dive into it

                    pass

            recurse_dirs.append(subdir)

        dirs[:] = recurse_dirs

def is_valid_repo(repo_name, base_path, scm=None):

    """

    Returns True if given path is a valid repository False otherwise.

    If scm param is given also compare if given scm is the same as expected

    from scm parameter

    :param repo_name:

    :param base_path:

    :param scm:

    :return True: if given path is a valid repository

    """

    full_path = os.path.join(safe_str(base_path), safe_str(repo_name))

    try:

        scm_ = get_scm(full_path)

        if scm:

            return scm_[0] == scm

        return True

    except VCSError:

        return False

def is_valid_repo_group(repo_group_name, base_path, skip_path_check=False):

    """

    Returns True if given path is a repository group False otherwise

    :param repo_name:

    :param base_path:

    """

    full_path = os.path.join(safe_str(base_path), safe_str(repo_group_name))

    # check if it's not a repo

    if is_valid_repo(repo_group_name, base_path):

        return False

    try:

        # we need to check bare git repos at higher level

        # since we might match branches/hooks/info/objects or possible

        # other things inside bare git repo

        get_scm(os.path.dirname(full_path))

        return False

    except VCSError:

        pass

    # check if it's a valid path

    if skip_path_check or os.path.isdir(full_path):

        return True

    return False

#propagated from mercurial documentation

ui_sections = ['alias', 'auth',

                'decode/encode', 'defaults',

                'diff', 'email',

                'extensions', 'format',

                'merge-patterns', 'merge-tools',

                'hooks', 'http_proxy',

                'smtp', 'patch',

                'paths', 'profiling',

                'server', 'trusted',

                'ui', 'web', ]

    """

    A function that will read python rc files or database

    and make an mercurial ui object from read options

    :param path: path to mercurial config file

    :param read_from: read from 'file' or 'db'

    """

    baseui = ui.ui()

    # clean the baseui object

    baseui._ocfg = config.config()

    baseui._ucfg = config.config()

    baseui._tcfg = config.config()

    if read_from == 'file':

        if not os.path.isfile(path):

            log.debug('hgrc file is not present at %s, skipping...', path)

            return False

        log.debug('reading hgrc from %s', path)

        cfg = config.config()

        cfg.read(path)

        for section in ui_sections:

            for k, v in cfg.items(section):

                log.debug('settings ui from file: [%s] %s=%s', section, k, v)

                baseui.setconfig(safe_str(section), safe_str(k), safe_str(v))

    elif read_from == 'db':

        sa = meta.Session()

        ret = sa.query(Ui).all()

        hg_ui = ret

        for ui_ in hg_ui:

            if ui_.ui_active:

                ui_val = '' if ui_.ui_value is None else safe_str(ui_.ui_value)

                log.debug('settings ui from db: [%s] %s=%r', ui_.ui_section,

                          ui_.ui_key, ui_val)

                baseui.setconfig(safe_str(ui_.ui_section), safe_str(ui_.ui_key),

                                 ui_val)

        if clear_session:

            meta.Session.remove()

        # force set push_ssl requirement to False, Kallithea handles that

        baseui.setconfig('web', 'push_ssl', False)

        baseui.setconfig('web', 'allow_push', '*')

        # prevent interactive questions for ssh password / passphrase

        ssh = baseui.config('ui', 'ssh', default='ssh')

        baseui.setconfig('ui', 'ssh', '%s -oBatchMode=yes -oIdentitiesOnly=yes' % ssh)

    return baseui

def set_app_settings(config):

    """

    Updates app config with new settings from database

    :param config:

    """

    hgsettings = Setting.get_app_settings()

    for k, v in hgsettings.items():

        config[k] = v

def set_vcs_config(config):

    """

    Patch VCS config with some Kallithea specific stuff

    :param config: kallithea.CONFIG

    """

    from kallithea.lib.vcs import conf

    from kallithea.lib.utils2 import aslist

    conf.settings.BACKENDS = {

        'hg': 'kallithea.lib.vcs.backends.hg.MercurialRepository',

        'git': 'kallithea.lib.vcs.backends.git.GitRepository',

    }

    conf.settings.GIT_EXECUTABLE_PATH = config.get('git_path', 'git')

    conf.settings.GIT_REV_FILTER = config.get('git_rev_filter', '--all').strip()

    conf.settings.DEFAULT_ENCODINGS = aslist(config.get('default_encoding',

                                                        'utf8'), sep=',')

def set_indexer_config(config):

    """

    Update Whoosh index mapping

    :param config: kallithea.CONFIG

    """

    from kallithea.config import conf

    log.debug('adding extra into INDEX_EXTENSIONS')

    conf.INDEX_EXTENSIONS.extend(re.split('\s+', config.get('index.extensions', '')))

    log.debug('adding extra into INDEX_FILENAMES')

    conf.INDEX_FILENAMES.extend(re.split('\s+', config.get('index.filenames', '')))

def map_groups(path):

    """

    Given a full path to a repository, create all nested groups that this