"""

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

import logging

import traceback

import formencode

from formencode import htmlfill

from pylons import request, session, tmpl_context as c, url, config

from pylons.controllers.util import abort, redirect

from pylons.i18n.translation import _

from rhodecode.lib import helpers as h

from rhodecode.lib.utils2 import safe_unicode, str2bool

from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator

from rhodecode.lib.base import BaseController, render

from rhodecode.model.meta import Session

from rhodecode.lib.utils import action_logger

from sqlalchemy.orm import joinedload

log = logging.getLogger(__name__)

class UsersGroupsController(BaseController):

    """REST Controller styled on the Atom Publishing Protocol"""

    # To properly map this controller, ensure your config/routing.py

    # file has a resource setup:

    #     map.resource('users_group', 'users_groups')

    @LoginRequired()

    @HasPermissionAllDecorator('hg.admin')

    def __before__(self):

        c.admin_user = session.get('admin_user')

        c.admin_username = session.get('admin_username')

        super(UsersGroupsController, self).__before__()

        c.available_permissions = config['available_permissions']

    def index(self, format='html'):

        """GET /users_groups: All items in the collection"""

        # url('users_groups')

        return render('admin/users_groups/users_groups.html')

    def create(self):

        """POST /users_groups: Create a new item"""

        # url('users_groups')

        try:

            form_result = users_group_form.to_python(dict(request.POST))

                                     active=form_result['users_group_active'])

            gr = form_result['users_group_name']

            action_logger(self.rhodecode_user,

                          'admin_created_users_group:%s' % gr,

                          None, self.ip_addr, self.sa)

            h.flash(_('created user group %s') % gr, category='success')

            Session().commit()

        except formencode.Invalid, errors:

            return htmlfill.render(

                render('admin/users_groups/users_group_add.html'),

                defaults=errors.value,

                errors=errors.error_dict or {},

                prefix_error=False,

                encoding="UTF-8")

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('error occurred during creation of user group %s') \

                    % request.POST.get('users_group_name'), category='error')

        return redirect(url('users_groups'))

    def new(self, format='html'):

        """GET /users_groups/new: Form to create a new item"""

        # url('new_users_group')

        return render('admin/users_groups/users_group_add.html')

    def _load_data(self, id):

        c.users_group.permissions = {

            'repositories': {},

            'repositories_groups': {}

        }

            .all()

        for gr in ugroup_repo_perms:

            c.users_group.permissions['repositories'][gr.repository.repo_name]  \

                = gr.permission.permission_name

            .all()

        for gr in ugroup_group_perms:

            c.users_group.permissions['repositories_groups'][gr.group.group_name] \

                = gr.permission.permission_name

        c.group_members_obj = [x.user for x in c.users_group.members]

        c.group_members = [(x.user_id, x.username) for x in

                           c.group_members_obj]

        c.available_members = [(x.user_id, x.username) for x in

                               User.query().all()]

    def update(self, id):

        """PUT /users_groups/id: Update an existing item"""

        # Forms posted to this method should contain a hidden field:

        #    <input type="hidden" name="_method" value="PUT" />

        # Or using helpers:

        #    h.form(url('users_group', id=ID),

        #           method='put')

        # url('users_group', id=ID)

        self._load_data(id)

        available_members = [safe_unicode(x[0]) for x in c.available_members]

                                          old_data=c.users_group.get_dict(),

                                          available_members=available_members)()

        try:

            form_result = users_group_form.to_python(request.POST)

            gr = form_result['users_group_name']

            action_logger(self.rhodecode_user,

                          'admin_updated_users_group:%s' % gr,

                          None, self.ip_addr, self.sa)

            h.flash(_('updated user group %s') % gr, category='success')

            Session().commit()

        except formencode.Invalid, errors:

            defaults = errors.value

            e = errors.error_dict or {}

            defaults.update({

                'create_repo_perm': ug_model.has_perm(id,

                                                      'hg.create.repository'),

                'fork_repo_perm': ug_model.has_perm(id,

                                                    'hg.fork.repository'),

                '_method': 'put'

            })

            return htmlfill.render(

                render('admin/users_groups/users_group_edit.html'),

                defaults=defaults,

                errors=e,

                prefix_error=False,

                encoding="UTF-8")

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('error occurred during update of user group %s') \

                    % request.POST.get('users_group_name'), category='error')

        return redirect(url('edit_users_group', id=id))

    def delete(self, id):

        """DELETE /users_groups/id: Delete an existing item"""

        # Forms posted to this method should contain a hidden field:

        #    <input type="hidden" name="_method" value="DELETE" />

        # Or using helpers:

        #    h.form(url('users_group', id=ID),

        #           method='delete')

        # url('users_group', id=ID)

        try:

            Session().commit()

            h.flash(_('successfully deleted user group'), category='success')

            h.flash(e, category='error')

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('An error occurred during deletion of user group'),

                    category='error')

        return redirect(url('users_groups'))

    def show(self, id, format='html'):

        """GET /users_groups/id: Show a specific item"""

        # url('users_group', id=ID)

    def edit(self, id, format='html'):

        """GET /users_groups/id/edit: Form to edit an existing item"""

        # url('edit_users_group', id=ID)

        self._load_data(id)

        defaults = c.users_group.get_dict()

        defaults.update({

            'create_repo_perm': ug_model.has_perm(c.users_group,

                                                  'hg.create.repository'),

            'fork_repo_perm': ug_model.has_perm(c.users_group,

                                                'hg.fork.repository'),

        })

        return htmlfill.render(

            render('admin/users_groups/users_group_edit.html'),

            defaults=defaults,

            encoding="UTF-8",

            force_defaults=False

        )

    def update_perm(self, id):

        """PUT /users_perm/id: Update an existing item"""

        # url('users_group_perm', id=ID, method='put')

        grant_create_perm = str2bool(request.POST.get('create_repo_perm'))

        grant_fork_perm = str2bool(request.POST.get('fork_repo_perm'))

        inherit_perms = str2bool(request.POST.get('inherit_default_permissions'))

        try:

            users_group.inherit_default_permissions = inherit_perms

            Session().add(users_group)

            if grant_create_perm:

                h.flash(_("Granted 'repository create' permission to user group"),

                        category='success')

            else:

                h.flash(_("Revoked 'repository create' permission to user group"),

                        category='success')

            if grant_fork_perm:

                h.flash(_("Granted 'repository fork' permission to user group"),

                        category='success')

            else:

                h.flash(_("Revoked 'repository fork' permission to user group"),

                        category='success')

            Session().commit()

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('An error occurred during permissions saving'),

                    category='error')

        return redirect(url('edit_users_group', id=id))

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program; if not, write to the Free Software

# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,

# MA  02110-1301, USA.

import traceback

import logging

from pylons.controllers.util import abort

from rhodecode.controllers.api import JSONRPCController, JSONRPCError

from rhodecode.lib.auth import PasswordGenerator, AuthUser, \

    HasPermissionAllDecorator, HasPermissionAnyDecorator, \

    HasPermissionAnyApi, HasRepoPermissionAnyApi

from rhodecode.lib.utils import map_groups, repo2db_mapper

from rhodecode.model.meta import Session

from rhodecode.model.scm import ScmModel

from rhodecode.model.repo import RepoModel

from rhodecode.model.user import UserModel

from rhodecode.model.permission import PermissionModel

from rhodecode.model.db import Repository, RhodeCodeSetting, UserIpMap

log = logging.getLogger(__name__)

class OptionalAttr(object):

    """

    Special Optional Option that defines other attribute

    """

    def __init__(self, attr_name):

        self.attr_name = attr_name

    def __repr__(self):

        return '<OptionalAttr:%s>' % self.attr_name

    def __call__(self):

        return self

#alias

OAttr = OptionalAttr

class Optional(object):

    """

    user = UserModel().get_user(userid)

    if user is None:

        raise JSONRPCError("user `%s` does not exist" % userid)

    return user

def get_repo_or_error(repoid):

    """

    Get repo by id or name or return JsonRPCError if not found

    :param userid:

    """

    repo = RepoModel().get_repo(repoid)

    if repo is None:

        raise JSONRPCError('repository `%s` does not exist' % (repoid))

    return repo

def get_users_group_or_error(usersgroupid):

    """

    Get user group by id or name or return JsonRPCError if not found

    :param userid:

    """

    if users_group is None:

        raise JSONRPCError('user group `%s` does not exist' % usersgroupid)

    return users_group

def get_perm_or_error(permid):

    """

    Get permission by id or name or return JsonRPCError if not found

    :param userid:

    """

    perm = PermissionModel().get_permission_by_name(permid)

    if perm is None:

        raise JSONRPCError('permission `%s` does not exist' % (permid))

    return perm

class ApiController(JSONRPCController):

    """

    API Controller

    Each method needs to have USER as argument this is then based on given

    API_KEY propagated as instance of user object

        :param apiuser:

        :param usersgroupid:

        """

        users_group = get_users_group_or_error(usersgroupid)

        data = users_group.get_api_data()

        members = []

        for user in users_group.members:

            user = user.user

            members.append(user.get_api_data())

        data['members'] = members

        return data

    @HasPermissionAllDecorator('hg.admin')

    def get_users_groups(self, apiuser):

        """"

        Get all user groups

        :param apiuser:

        """

        result = []

            result.append(users_group.get_api_data())

        return result

    @HasPermissionAllDecorator('hg.admin')

    def create_users_group(self, apiuser, group_name, active=Optional(True)):

        """

        Creates an new usergroup

        :param apiuser:

        :param group_name:

        :param active:

        """

            raise JSONRPCError("user group `%s` already exist" % group_name)

        try:

            active = Optional.extract(active)

            Session().commit()

            return dict(

                msg='created new user group `%s`' % group_name,

                users_group=ug.get_api_data()

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError('failed to create group `%s`' % group_name)

    @HasPermissionAllDecorator('hg.admin')

    def add_user_to_users_group(self, apiuser, usersgroupid, userid):

        """"

        Add a user to a user group

        :param apiuser:

        :param usersgroupid:

        :param userid:

        """

        user = get_user_or_error(userid)

        users_group = get_users_group_or_error(usersgroupid)

        try:

            success = True if ugm != True else False

            msg = 'added member `%s` to user group `%s`' % (

                        user.username, users_group.users_group_name

                    )

            msg = msg if success else 'User is already in that group'

            Session().commit()

            return dict(

                success=success,

                msg=msg

            )

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError(

                'failed to add member to user group `%s`' % (

                    users_group.users_group_name

                )

            )

    @HasPermissionAllDecorator('hg.admin')

    def remove_user_from_users_group(self, apiuser, usersgroupid, userid):

        """

        Remove user from a group

        :param apiuser:

        :param usersgroupid:

        :param userid:

        """

        user = get_user_or_error(userid)

        users_group = get_users_group_or_error(usersgroupid)

        try:

                                                               user)

            msg = 'removed member `%s` from user group `%s`' % (

                        user.username, users_group.users_group_name

                    )

            msg = msg if success else "User wasn't in group"

            Session().commit()

            return dict(success=success, msg=msg)

        except Exception:

            log.error(traceback.format_exc())

            raise JSONRPCError(

                'failed to remove member from user group `%s`' % (

                        users_group.users_group_name

                    )

            )

    def get_repo(self, apiuser, repoid):

        """"

        Get repository by name

        :param apiuser:

        :param repoid:

        """

        repo = get_repo_or_error(repoid)

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

import os

import logging

import datetime

import traceback

from datetime import date

from sqlalchemy import *

from sqlalchemy.ext.hybrid import hybrid_property

from sqlalchemy.orm import relationship, joinedload, class_mapper, validates

from beaker.cache import cache_region, region_invalidate

from rhodecode.lib.vcs import get_backend

from rhodecode.lib.vcs.utils.helpers import get_scm

from rhodecode.lib.vcs.exceptions import VCSError

from rhodecode.lib.vcs.utils.lazy import LazyProperty

from rhodecode.lib.utils2 import str2bool, safe_str, get_changeset_safe, \

    generate_api_key, safe_unicode

from rhodecode.lib.compat import json

from rhodecode.model.meta import Base, Session

from rhodecode.lib.caching_query import FromCache

log = logging.getLogger(__name__)

#==============================================================================

# BASE CLASSES

#==============================================================================

class ModelSerializer(json.JSONEncoder):

    """

    Simple Serializer for JSON,

    usage::

        to make object customized for serialization implement a __json__

        method that will return a dict for serialization into json

    example::

        class Task(object):

class User(Base, BaseModel):

    __tablename__ = 'users'

    __table_args__ = (UniqueConstraint('username'), UniqueConstraint('email'), {'extend_existing':True})

    user_id = Column("user_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

    username = Column("username", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)

    password = Column("password", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)

    active = Column("active", Boolean(), nullable=True, unique=None, default=None)

    admin = Column("admin", Boolean(), nullable=True, unique=None, default=False)

    name = Column("name", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)

    lastname = Column("lastname", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)

    email = Column("email", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)

    last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None)

    ldap_dn = Column("ldap_dn", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)

    api_key = Column("api_key", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)

    user_log = relationship('UserLog', cascade='all')

    user_perms = relationship('UserToPerm', primaryjoin="User.user_id==UserToPerm.user_id", cascade='all')

    repositories = relationship('Repository')

    user_followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_user_id==User.user_id', cascade='all')

    repo_to_perm = relationship('UserRepoToPerm', primaryjoin='UserRepoToPerm.user_id==User.user_id', cascade='all')

    @property

    def full_contact(self):

        return '%s %s <%s>' % (self.name, self.lastname, self.email)

    @property

    def short_contact(self):

        return '%s %s' % (self.name, self.lastname)

    @property

    def is_admin(self):

        return self.admin

    def __repr__(self):

        try:

            return "<%s('id:%s:%s')>" % (self.__class__.__name__,

                                             self.user_id, self.username)

        except:

            return self.__class__.__name__

    @classmethod

    def get_by_username(cls, username, case_insensitive=False):

        if case_insensitive:

            return Session.query(cls).filter(cls.username.ilike(username)).scalar()

        except:

            log.error(traceback.format_exc())

            Session.rollback()

            raise

class UserLog(Base, BaseModel):

    __tablename__ = 'user_logs'

    __table_args__ = {'extend_existing':True}

    user_log_id = Column("user_log_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

    user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)

    repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)

    repository_name = Column("repository_name", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)

    user_ip = Column("user_ip", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)

    action = Column("action", UnicodeText(length=1200000, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)

    action_date = Column("action_date", DateTime(timezone=False), nullable=True, unique=None, default=None)

    @property

    def action_as_day(self):

        return date(*self.action_date.timetuple()[:3])

    user = relationship('User')

    repository = relationship('Repository')

    __tablename__ = 'users_groups'

    __table_args__ = {'extend_existing':True}

    users_group_id = Column("users_group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

    users_group_name = Column("users_group_name", String(length=255, convert_unicode=False, assert_unicode=None), nullable=False, unique=True, default=None)

    users_group_active = Column("users_group_active", Boolean(), nullable=True, unique=None, default=None)

    def __repr__(self):

        return '<userGroup(%s)>' % (self.users_group_name)

    @classmethod

    def get_by_group_name(cls, group_name, cache=False, case_insensitive=False):

        if case_insensitive:

            gr = cls.query()\

                .filter(cls.users_group_name.ilike(group_name))

        else:

            gr = cls.query()\

                .filter(cls.users_group_name == group_name)

        if cache:

            gr = gr.options(FromCache("sql_cache_short",

                                          "get_user_%s" % group_name))

        return gr.scalar()

    @classmethod

    def get(cls, users_group_id, cache=False):

        users_group = cls.query()

        if cache:

            users_group = users_group.options(FromCache("sql_cache_short",

                                    "get_users_group_%s" % users_group_id))

                setattr(new_users_group, k, v)

            Session.add(new_users_group)

            Session.commit()

            return new_users_group

        except:

            log.error(traceback.format_exc())

            Session.rollback()

            raise

    @classmethod

    def update(cls, users_group_id, form_data):

        try:

            users_group = cls.get(users_group_id, cache=False)

            for k, v in form_data.items():

                if k == 'users_group_members':

                    users_group.members = []

                    Session.flush()

                    members_list = []

                    if v:

                        v = [v] if isinstance(v, basestring) else v

                        for u_id in set(v):

                            members_list.append(member)

                    setattr(users_group, 'members', members_list)

                setattr(users_group, k, v)

            Session.add(users_group)

            Session.commit()

        except:

            log.error(traceback.format_exc())

            Session.rollback()

            raise

    @classmethod

    def delete(cls, users_group_id):

        try:

            # check if this group is not assigned to repo

                        users_group_id).all()

            if assigned_groups:

                                                   assigned_groups)

            users_group = cls.get(users_group_id, cache=False)

            Session.delete(users_group)

            Session.commit()

        except:

            log.error(traceback.format_exc())

            Session.rollback()

            raise

    __tablename__ = 'users_groups_members'

    __table_args__ = {'extend_existing':True}

    users_group_member_id = Column("users_group_member_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

    users_group_id = Column("users_group_id", Integer(), ForeignKey('users_groups.users_group_id'), nullable=False, unique=None, default=None)

    user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)

    user = relationship('User', lazy='joined')

    def __init__(self, gr_id='', u_id=''):

        self.users_group_id = gr_id

        self.user_id = u_id

    @staticmethod

    def add_user_to_group(group, user):

        ugm.users_group = group

        ugm.user = user

        Session.add(ugm)

        Session.commit()

        return ugm

class Repository(Base, BaseModel):

    __tablename__ = 'repositories'

    __table_args__ = (UniqueConstraint('repo_name'), {'extend_existing':True},)

    repo_id = Column("repo_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)

    repo_name = Column("repo_name", String(length=255, convert_unicode=False, assert_unicode=None), nullable=False, unique=True, default=None)

    clone_uri = Column("clone_uri", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=False, default=None)

    repo_type = Column("repo_type", String(length=255, convert_unicode=False, assert_unicode=None), nullable=False, unique=False, default='hg')

    user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=False, default=None)

    private = Column("private", Boolean(), nullable=True, unique=None, default=None)

    enable_statistics = Column("statistics", Boolean(), nullable=True, unique=None, default=True)

    enable_downloads = Column("downloads", Boolean(), nullable=True, unique=None, default=True)

    description = Column("description", String(length=10000, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)

    created_on = Column('created_on', DateTime(timezone=False), nullable=True, unique=None, default=datetime.datetime.now)

    fork_id = Column("fork_id", Integer(), ForeignKey('repositories.repo_id'), nullable=True, unique=False, default=None)

    group_id = Column("group_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=False, default=None)

    user = relationship('User')

    fork = relationship('Repository', remote_side=repo_id)

    group = relationship('RepoGroup')

    repo_to_perm = relationship('UserRepoToPerm', cascade='all', order_by='UserRepoToPerm.repo_to_perm_id')

    stats = relationship('Statistics', cascade='all', uselist=False)

    followers = relationship('UserFollowing', primaryjoin='UserFollowing.follows_repo_id==Repository.repo_id', cascade='all')

    logs = relationship('UserLog', cascade='all')

    def __repr__(self):

        return "<%s('%s:%s')>" % (self.__class__.__name__,

                                  self.repo_id, self.repo_name)

    @classmethod

    def url_sep(cls):

        return '/'

    @classmethod

    def get_by_repo_name(cls, repo_name):

        q = Session.query(cls).filter(cls.repo_name == repo_name)

        q = q.options(joinedload(Repository.fork))\

                .options(joinedload(Repository.user))\

                .options(joinedload(Repository.group))

        return q.one()

    @classmethod

    def get_repo_forks(cls, repo_id):

            raise Exception('perm needs to be an instance of Permission class')