List of contributors to RhodeCode project:

    Marcin Kuźmiński <marcin@python-works.com>

    Lukasz Balcerzak <lukaszbalcerzak@gmail.com>

    Jason Harris <jason@jasonfharris.com>

    Thayne Harbaugh  <thayne@fusionio.com>

    cejones

    Thomas Waldmann <tw-public@gmx.de>

    Lorenzo M. Catucci <lorenzo@sancho.ccd.uniroma2.it>

    Dmitri Kuznetsov

    Jared Bunting <jared.bunting@peachjean.com>

    Steve Romanow <slestak989@gmail.com>

    Augosto Hermann <augusto.herrmann@planejamento.gov.br>    

    Ankit Solanki <ankit.solanki@gmail.com>    

    Liad Shani <liadff@gmail.com>

    Les Peabody <lpeabody@gmail.com>

    Jonas Oberschweiber <jonas.oberschweiber@d-velop.de>

    Matt Zuba <matt.zuba@goodwillaz.org>

.. _changelog:

Changelog

=========

1.3.2 (**2012-XX-XX**)

----------------------

:status: in-progress

:branch: beta

news

++++

fixes

+++++

- fixed git protocol issues with repos-groups

- fixed git remote repos validator that prevented from cloning remote git repos

- fixes #370 ending slashes fixes for repo and groups

1.3.1 (**2012-02-27**)

----------------------

news

++++

fixes

+++++

- redirection loop occurs when remember-me wasn't checked during login

- fixes issues with git blob history generation 

- don't fetch branch for git in file history dropdown. Causes unneeded slowness

1.3.0 (**2012-02-26**)

----------------------

news

++++

- code review, inspired by github code-comments 

- #215 rst and markdown README files support

- #252 Container-based and proxy pass-through authentication support

- #44 branch browser. Filtering of changelog by branches

- mercurial bookmarks support

- new hover top menu, optimized to add maximum size for important views

- configurable clone url template with possibility to specify  protocol like 

  ssh:// or http:// and also manually alter other parts of clone_url.

- enabled largefiles extension by default

- optimized summary file pages and saved a lot of unused space in them

- #239 option to manually mark repository as fork

- #320 mapping of commit authors to RhodeCode users

- #304 hashes are displayed using monospace font    

- diff configuration, toggle white lines and context lines

- #307 configurable diffs, whitespace toggle, increasing context lines

- sorting on branches, tags and bookmarks using YUI datatable

- improved file filter on files page

- implements #330 api method for listing nodes ar particular revision

- #73 added linking issues in commit messages to chosen issue tracker url

  based on user defined regular expression

- added linking of changesets in commit messages  

- new compact changelog with expandable commit messages

- firstname and lastname are optional in user creation

- #348 added post-create repository hook

- #212 global encoding settings is now configurable from .ini files 

- #227 added repository groups permissions

- markdown gets codehilite extensions

- new API methods, delete_repositories, grante/revoke permissions for groups 

  and repos

fixes

+++++

- rewrote dbsession management for atomic operations, and better error handling

- fixed sorting of repo tables

- #326 escape of special html entities in diffs

- normalized user_name => username in api attributes

- fixes #298 ldap created users with mixed case emails created conflicts 

  on saving a form

- fixes issue when owner of a repo couldn't revoke permissions for users 

  and groups

- fixes #271 rare JSON serialization problem with statistics

- fixes #337 missing validation check for conflicting names of a group with a

  repositories group

- #340 fixed session problem for mysql and celery tasks

- fixed #331 RhodeCode mangles repository names if the a repository group 

  contains the "full path" to the repositories

- #355 RhodeCode doesn't store encrypted LDAP passwords

1.2.5 (**2012-01-28**)

----------------------

news

++++

fixes

+++++

- #340 Celery complains about MySQL server gone away, added session cleanup

  for celery tasks

- #341 "scanning for repositories in None" log message during Rescan was missing

  a parameter

- fixed creating archives with subrepos. Some hooks were triggered during that

  operation leading to crash.

- fixed missing email in account page.

- Reverted Mercurial to 2.0.1 for windows due to bug in Mercurial that makes

  forking on windows impossible 

1.2.4 (**2012-01-19**)

----------------------

news

++++

# -*- coding: utf-8 -*-

"""

    rhodecode.lib.middleware.simplegit

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    SimpleGit middleware for handling git protocol request (push/clone etc.)

    It's implemented with basic auth function

    :created_on: Apr 28, 2010

    :author: marcink

    :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>

    :license: GPLv3, see COPYING for more details.

"""

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

import os

import re

import logging

import traceback

from dulwich import server as dulserver

class SimpleGitUploadPackHandler(dulserver.UploadPackHandler):

    def handle(self):

        write = lambda x: self.proto.write_sideband(1, x)

        graph_walker = dulserver.ProtocolGraphWalker(self,

                                                     self.repo.object_store,

                                                     self.repo.get_peeled)

        objects_iter = self.repo.fetch_objects(

          graph_walker.determine_wants, graph_walker, self.progress,

          get_tagged=self.get_tagged)

        # Do they want any objects?

        if objects_iter is None or len(objects_iter) == 0:

            return

        self.progress("counting objects: %d, done.\n" % len(objects_iter))

        dulserver.write_pack_objects(dulserver.ProtocolFile(None, write),

                                  objects_iter, len(objects_iter))

        messages = []

        messages.append('thank you for using rhodecode')

        for msg in messages:

            self.progress(msg + "\n")

        # we are done

        self.proto.write("0000")

dulserver.DEFAULT_HANDLERS = {

  'git-upload-pack': SimpleGitUploadPackHandler,

  'git-receive-pack': dulserver.ReceivePackHandler,

}

from dulwich.repo import Repo

from dulwich.web import HTTPGitApplication

from paste.httpheaders import REMOTE_USER, AUTH_TYPE

from rhodecode.lib import safe_str

from rhodecode.lib.base import BaseVCSController

from rhodecode.lib.auth import get_container_username

from rhodecode.lib.utils import is_valid_repo

from rhodecode.model.db import User

from webob.exc import HTTPNotFound, HTTPForbidden, HTTPInternalServerError

log = logging.getLogger(__name__)

GIT_PROTO_PAT = re.compile(r'git-upload-pack|git-receive-pack|info\/refs')

def is_git(action):

    return action in ['pull','push']

class SimpleGit(BaseVCSController):

    def _handle_request(self, environ, start_response):

        #======================================================================

        # GET ACTION PULL or PUSH

        #======================================================================

        action = self.__get_action(environ)

        if not is_git(action):

            return self.application(environ, start_response)

        proxy_key = 'HTTP_X_REAL_IP'

        def_key = 'REMOTE_ADDR'

        ipaddr = environ.get(proxy_key, environ.get(def_key, '0.0.0.0'))

        username = None

        # skip passing error to error controller

        environ['pylons.status_code_redirect'] = True

        #======================================================================

        # EXTRACT REPOSITORY NAME FROM ENV

        #======================================================================

        try:

            repo_name = self.__get_repository(environ)

            log.debug('Extracted repo name is %s' % repo_name)

        except:

            return HTTPInternalServerError()(environ, start_response)

        #======================================================================

        # CHECK ANONYMOUS PERMISSION

        #======================================================================

        if action in ['pull', 'push']:

            anonymous_user = self.__get_user('default')

            username = anonymous_user.username

            anonymous_perm = self._check_permission(action, anonymous_user,

                                                    repo_name)

            if anonymous_perm is not True or anonymous_user.active is False:

                if anonymous_perm is not True:

                    log.debug('Not enough credentials to access this '

                              'repository as anonymous user')

                if anonymous_user.active is False:

                    log.debug('Anonymous access is disabled, running '

                              'authentication')

                #==============================================================

                # DEFAULT PERM FAILED OR ANONYMOUS ACCESS IS DISABLED SO WE

                # NEED TO AUTHENTICATE AND ASK FOR AUTH USER PERMISSIONS

                #==============================================================

                # Attempting to retrieve username from the container

                username = get_container_username(environ, self.config)

                # If not authenticated by the container, running basic auth

                if not username:

                    self.authenticate.realm = \

                        safe_str(self.config['rhodecode_realm'])

                    result = self.authenticate(environ)

                    if isinstance(result, str):

                        AUTH_TYPE.update(environ, 'basic')

                        REMOTE_USER.update(environ, result)

                        username = result

                    else:

                        return result.wsgi_application(environ, start_response)

                #==============================================================

                # CHECK PERMISSIONS FOR THIS REQUEST USING GIVEN USERNAME

                #==============================================================

                if action in ['pull', 'push']:

                    try:

                        user = self.__get_user(username)

                        if user is None or not user.active:

                            return HTTPForbidden()(environ, start_response)

                        username = user.username

                    except:

                        log.error(traceback.format_exc())

                        return HTTPInternalServerError()(environ,

                                                         start_response)

                    #check permissions for this repository

                    perm = self._check_permission(action, user,

                                                   repo_name)

                    if perm is not True:

                        return HTTPForbidden()(environ, start_response)

        #===================================================================

        # GIT REQUEST HANDLING

        #===================================================================

        repo_path = safe_str(os.path.join(self.basepath, repo_name))

        log.debug('Repository path is %s' % repo_path)

        # quick check if that dir exists...

        if is_valid_repo(repo_name, self.basepath) is False:

            return HTTPNotFound()(environ, start_response)

        try:

            #invalidate cache on push

            if action == 'push':

                self._invalidate_cache(repo_name)

            log.info('%s action on GIT repo "%s"' % (action, repo_name))

            app = self.__make_app(repo_name, repo_path)

            return app(environ, start_response)

        except Exception:

            log.error(traceback.format_exc())

            return HTTPInternalServerError()(environ, start_response)

    def __make_app(self, repo_name, repo_path):

        """

        Make an wsgi application using dulserver

        :param repo_name: name of the repository

        :param repo_path: full path to the repository

        """

        _d = {'/' + repo_name: Repo(repo_path)}

        backend = dulserver.DictBackend(_d)

        gitserve = HTTPGitApplication(backend)

        return gitserve

    def __get_repository(self, environ):

        """

        Get's repository name out of PATH_INFO header

        :param environ: environ where PATH_INFO is stored

        """

        try:

            environ['PATH_INFO'] = self._get_by_id(environ['PATH_INFO'])

            repo_name = '/'.join(environ['PATH_INFO'].split('/')[1:])

            repo_name = GIT_PROTO_PAT.split(repo_name)

            if repo_name:

                repo_name = repo_name[0]

            if repo_name.endswith('/'):

                repo_name = repo_name.rstrip('/')

        except:

            log.error(traceback.format_exc())

            raise

        return repo_name

    def __get_user(self, username):

        return User.get_by_username(username)

    def __get_action(self, environ):

        :param environ:

        """

        service = environ['QUERY_STRING'].split('=')

        if len(service) > 1:

            service_cmd = service[1]

                       'git-upload-pack': 'pull',

                       }

            return mapping.get(service_cmd,

                               service_cmd if service_cmd else 'other')

        else:

            return 'other'