# -*- coding: utf-8 -*-

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

kallithea.controllers.admin.repo_groups

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Repository groups controller for Kallithea

This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: Mar 23, 2010

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

import logging

import traceback

import formencode

from formencode import htmlfill

from tg import app_globals, request

from tg import tmpl_context as c

from tg.i18n import ugettext as _

from tg.i18n import ungettext

from webob.exc import HTTPForbidden, HTTPFound, HTTPInternalServerError, HTTPNotFound

from kallithea.config.routing import url

from kallithea.lib import helpers as h

from kallithea.lib.auth import HasPermissionAny, HasRepoGroupPermissionLevel, HasRepoGroupPermissionLevelDecorator, LoginRequired

from kallithea.lib.base import BaseController, render

from kallithea.lib.utils2 import safe_int

from kallithea.model.db import RepoGroup, Repository

from kallithea.model.forms import RepoGroupForm, RepoGroupPermsForm

from kallithea.model.meta import Session

from kallithea.model.repo import RepoModel

from kallithea.model.repo_group import RepoGroupModel

from kallithea.model.scm import AvailableRepoGroupChoices, RepoGroupList

log = logging.getLogger(__name__)

class RepoGroupsController(BaseController):

    @LoginRequired(allow_default_user=True)

    def _before(self, *args, **kwargs):

        super(RepoGroupsController, self)._before(*args, **kwargs)

    def __load_defaults(self, extras=(), exclude=()):

        """extras is used for keeping current parent ignoring permissions

        exclude is used for not moving group to itself TODO: also exclude descendants

        Note: only admin can create top level groups

        """

        repo_groups = AvailableRepoGroupChoices([], 'admin', extras)

        exclude_group_ids = set(rg.group_id for rg in exclude)

        c.repo_groups = [rg for rg in repo_groups

                         if rg[0] not in exclude_group_ids]

    def __load_data(self, group_id):

        """

        Load defaults settings for edit, and update

        :param group_id:

        """

        repo_group = RepoGroup.get_or_404(group_id)

        data = repo_group.get_dict()

        data['group_name'] = repo_group.name

        # fill repository group users

        for p in repo_group.repo_group_to_perm:

            data.update({'u_perm_%s' % p.user.username:

                             p.permission.permission_name})

        # fill repository group groups

        for p in repo_group.users_group_to_perm:

            data.update({'g_perm_%s' % p.users_group.users_group_name:

                             p.permission.permission_name})

        return data

    def _revoke_perms_on_yourself(self, form_result):

        _up = [u for u in form_result['perms_updates'] if request.authuser.username == u[0]]

        _new = [u for u in form_result['perms_new'] if request.authuser.username == u[0]]

        if _new and _new[0][1] != 'group.admin' or _up and _up[0][1] != 'group.admin':

            return True

        return False

    def index(self, format='html'):

        _list = RepoGroup.query(sorted=True).all()

        group_iter = RepoGroupList(_list, perm_level='admin')

        repo_groups_data = []

        _tmpl_lookup = app_globals.mako_lookup

        template = _tmpl_lookup.get_template('data_table/_dt_elements.html')

        def repo_group_name(repo_group_name, children_groups):

            return template.get_def("repo_group_name") \

                .render_unicode(repo_group_name, children_groups, _=_, h=h, c=c)

        def repo_group_actions(repo_group_id, repo_group_name, gr_count):

            return template.get_def("repo_group_actions") \

                .render_unicode(repo_group_id, repo_group_name, gr_count, _=_, h=h, c=c,

                        ungettext=ungettext)

        for repo_gr in group_iter:

            children_groups = [g.name for g in repo_gr.parents] + [repo_gr.name]

            repo_count = repo_gr.repositories.count()

            repo_groups_data.append({

                "raw_name": h.escape(repo_gr.group_name),

                "group_name": repo_group_name(repo_gr.group_name, children_groups),

                "desc": h.escape(repo_gr.group_description),

                "repos": repo_count,

                "owner": h.person(repo_gr.owner),

                "action": repo_group_actions(repo_gr.group_id, repo_gr.group_name,

                                             repo_count)

            })

        c.data = {

            "sort": None,

            "dir": "asc",

            "records": repo_groups_data

        }

        return render('admin/repo_groups/repo_groups.html')

    def create(self):

        self.__load_defaults()

        # permissions for can create group based on parent_id are checked

        # here in the Form

        repo_group_form = RepoGroupForm(repo_groups=c.repo_groups)

        form_result = None

        try:

            form_result = repo_group_form.to_python(dict(request.POST))

            gr = RepoGroupModel().create(

                group_name=form_result['group_name'],

                group_description=form_result['group_description'],

                parent=form_result['parent_group_id'],

                owner=request.authuser.user_id, # TODO: make editable

                copy_permissions=form_result['group_copy_permissions']

            )

            Session().commit()

            # TODO: in future action_logger(, '', '', '')

        except formencode.Invalid as errors:

            return htmlfill.render(

                render('admin/repo_groups/repo_group_add.html'),

                defaults=errors.value,

                errors=errors.error_dict or {},

                prefix_error=False,

                encoding="UTF-8",

                force_defaults=False)

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('Error occurred during creation of repository group %s')

                    % request.POST.get('group_name'), category='error')

            if form_result is None:

                raise

            parent_group_id = form_result['parent_group_id']

            # TODO: maybe we should get back to the main view, not the admin one

            raise HTTPFound(location=url('repos_groups', parent_group=parent_group_id))

        h.flash(_('Created repository group %s') % gr.group_name,

                category='success')

        raise HTTPFound(location=url('repos_group_home', group_name=gr.group_name))

    def new(self):

        if HasPermissionAny('hg.admin')('group create'):

            # we're global admin, we're ok and we can create TOP level groups

            pass

        else:

            # we pass in parent group into creation form, thus we know

            # what would be the group, we can check perms here !

            group_name = group.group_name if group else None

            if HasRepoGroupPermissionLevel('admin')(group_name, 'group create'):

                pass

            else:

                raise HTTPForbidden()

        self.__load_defaults()

    @HasRepoGroupPermissionLevelDecorator('admin')

    def update(self, group_name):

        c.repo_group = RepoGroup.guess_instance(group_name)

        self.__load_defaults(extras=[c.repo_group.parent_group],

                             exclude=[c.repo_group])

        # TODO: kill allow_empty_group - it is only used for redundant form validation!

        if HasPermissionAny('hg.admin')('group edit'):

            # we're global admin, we're ok and we can create TOP level groups

            allow_empty_group = True

        elif not c.repo_group.parent_group:

            allow_empty_group = True

        else:

            allow_empty_group = False

        repo_group_form = RepoGroupForm(

            edit=True,

            old_data=c.repo_group.get_dict(),

            repo_groups=c.repo_groups,

            can_create_in_root=allow_empty_group,

        )()

        try:

            form_result = repo_group_form.to_python(dict(request.POST))

            new_gr = RepoGroupModel().update(group_name, form_result)

            Session().commit()

            h.flash(_('Updated repository group %s')

                    % form_result['group_name'], category='success')

            # we now have new name !

            group_name = new_gr.group_name

            # TODO: in future action_logger(, '', '', '')

        except formencode.Invalid as errors:

            c.active = 'settings'

            return htmlfill.render(

                render('admin/repo_groups/repo_group_edit.html'),

                defaults=errors.value,

                errors=errors.error_dict or {},

                prefix_error=False,

                encoding="UTF-8",

                force_defaults=False)

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('Error occurred during update of repository group %s')

                    % request.POST.get('group_name'), category='error')

        raise HTTPFound(location=url('edit_repo_group', group_name=group_name))

    @HasRepoGroupPermissionLevelDecorator('admin')

    def delete(self, group_name):

        gr = c.repo_group = RepoGroup.guess_instance(group_name)

        repos = gr.repositories.all()

        if repos:

            h.flash(_('This group contains %s repositories and cannot be '

                      'deleted') % len(repos), category='warning')

            raise HTTPFound(location=url('repos_groups'))

        children = gr.children.all()

        if children:

            h.flash(_('This group contains %s subgroups and cannot be deleted'

                      % (len(children))), category='warning')

            raise HTTPFound(location=url('repos_groups'))

        try:

            RepoGroupModel().delete(group_name)

            Session().commit()

            h.flash(_('Removed repository group %s') % group_name,

                    category='success')

            # TODO: in future action_logger(, '', '', '')

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('Error occurred during deletion of repository group %s')

                    % group_name, category='error')

        if gr.parent_group:

            raise HTTPFound(location=url('repos_group_home', group_name=gr.parent_group.group_name))

        raise HTTPFound(location=url('repos_groups'))

    def show_by_name(self, group_name):

        """

        This is a proxy that does a lookup group_name -> id, and shows

        the group by id view instead

        """

        group_name = group_name.rstrip('/')

        id_ = RepoGroup.get_by_group_name(group_name)

        if id_:

            return self.show(group_name)

        raise HTTPNotFound

    @HasRepoGroupPermissionLevelDecorator('read')

    def show(self, group_name):

        c.active = 'settings'

        c.group = c.repo_group = RepoGroup.guess_instance(group_name)

        groups = RepoGroup.query(sorted=True).filter_by(parent_group=c.group).all()

        repo_groups_list = self.scm_model.get_repo_groups(groups)

        repos_list = Repository.query(sorted=True).filter_by(group=c.group).all()

        c.data = RepoModel().get_repos_as_dict(repos_list,

                                               repo_groups_list=repo_groups_list,

                                               short_name=True)

        return render('admin/repo_groups/repo_group_show.html')

    @HasRepoGroupPermissionLevelDecorator('admin')

    def edit(self, group_name):

        c.active = 'settings'

        c.repo_group = RepoGroup.guess_instance(group_name)

        self.__load_defaults(extras=[c.repo_group.parent_group],

                             exclude=[c.repo_group])

        defaults = self.__load_data(c.repo_group.group_id)

        return htmlfill.render(

            render('admin/repo_groups/repo_group_edit.html'),

            defaults=defaults,

            encoding="UTF-8",

            force_defaults=False

        )

    @HasRepoGroupPermissionLevelDecorator('admin')

    def edit_repo_group_advanced(self, group_name):

        c.active = 'advanced'

        c.repo_group = RepoGroup.guess_instance(group_name)

        return render('admin/repo_groups/repo_group_edit.html')

    @HasRepoGroupPermissionLevelDecorator('admin')

    def edit_repo_group_perms(self, group_name):

        c.active = 'perms'

        c.repo_group = RepoGroup.guess_instance(group_name)

        self.__load_defaults()

        defaults = self.__load_data(c.repo_group.group_id)

        return htmlfill.render(

            render('admin/repo_groups/repo_group_edit.html'),

            defaults=defaults,

            encoding="UTF-8",

            force_defaults=False

        )

    @HasRepoGroupPermissionLevelDecorator('admin')

    def update_perms(self, group_name):

        """

        Update permissions for given repository group

        :param group_name:

        """

        c.repo_group = RepoGroup.guess_instance(group_name)

        valid_recursive_choices = ['none', 'repos', 'groups', 'all']

        form_result = RepoGroupPermsForm(valid_recursive_choices)().to_python(request.POST)

        if not request.authuser.is_admin:

            if self._revoke_perms_on_yourself(form_result):

                msg = _('Cannot revoke permission for yourself as admin')

                h.flash(msg, category='warning')

                raise HTTPFound(location=url('edit_repo_group_perms', group_name=group_name))

        recursive = form_result['recursive']

        # iterate over all members(if in recursive mode) of this groups and

        # set the permissions !

        # this can be potentially heavy operation

        RepoGroupModel()._update_permissions(c.repo_group,

                                             form_result['perms_new'],

                                             form_result['perms_updates'],

                                             recursive)

        # TODO: implement this

        #action_logger(request.authuser, 'admin_changed_repo_permissions',

        #              repo_name, request.ip_addr)

        Session().commit()

        h.flash(_('Repository group permissions updated'), category='success')

        raise HTTPFound(location=url('edit_repo_group_perms', group_name=group_name))

    @HasRepoGroupPermissionLevelDecorator('admin')

    def delete_perms(self, group_name):

        try:

            obj_type = request.POST.get('obj_type')

            obj_id = None

            if obj_type == 'user':

                obj_id = safe_int(request.POST.get('user_id'))

            elif obj_type == 'user_group':

                obj_id = safe_int(request.POST.get('user_group_id'))

            if not request.authuser.is_admin:

                if obj_type == 'user' and request.authuser.user_id == obj_id:

                    msg = _('Cannot revoke permission for yourself as admin')

                    h.flash(msg, category='warning')

                    raise Exception('revoke admin permission on self')

            recursive = request.POST.get('recursive', 'none')

            if obj_type == 'user':

                RepoGroupModel().delete_permission(repo_group=group_name,

                                                   obj=obj_id, obj_type='user',

                                                   recursive=recursive)

# -*- coding: utf-8 -*-

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

kallithea.controllers.admin.repos

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Repositories controller for Kallithea

This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: Apr 7, 2010

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

import logging

import traceback

import celery.result

import formencode

from formencode import htmlfill

from tg import request

from tg import tmpl_context as c

from tg.i18n import ugettext as _

from webob.exc import HTTPForbidden, HTTPFound, HTTPInternalServerError, HTTPNotFound

import kallithea

from kallithea.config.routing import url

from kallithea.lib import helpers as h

from kallithea.lib.auth import HasPermissionAny, HasRepoPermissionLevelDecorator, LoginRequired, NotAnonymous

from kallithea.lib.base import BaseRepoController, jsonify, render

from kallithea.lib.exceptions import AttachedForksError

from kallithea.lib.utils import action_logger

from kallithea.lib.utils2 import safe_int

from kallithea.lib.vcs import RepositoryError

from kallithea.model.db import RepoGroup, Repository, RepositoryField, Setting, UserFollowing

from kallithea.model.forms import RepoFieldForm, RepoForm, RepoPermsForm

from kallithea.model.meta import Session

from kallithea.model.repo import RepoModel

from kallithea.model.scm import AvailableRepoGroupChoices, RepoList, ScmModel

log = logging.getLogger(__name__)

class ReposController(BaseRepoController):

    """

    REST Controller styled on the Atom Publishing Protocol"""

    # To properly map this controller, ensure your config/routing.py

    # file has a resource setup:

    #     map.resource('repo', 'repos')

    @LoginRequired(allow_default_user=True)

    def _before(self, *args, **kwargs):

        super(ReposController, self)._before(*args, **kwargs)

    def _load_repo(self):

        repo_obj = c.db_repo

        if repo_obj is None:

            h.not_mapped_error(c.repo_name)

            raise HTTPFound(location=url('repos'))

        return repo_obj

    def __load_defaults(self, repo=None):

        top_perms = ['hg.create.repository']

        if HasPermissionAny('hg.create.write_on_repogroup.true')():

            repo_group_perm_level = 'write'

        else:

            repo_group_perm_level = 'admin'

        extras = [] if repo is None else [repo.group]

        c.repo_groups = AvailableRepoGroupChoices(top_perms, repo_group_perm_level, extras)

        c.landing_revs_choices, c.landing_revs = ScmModel().get_repo_landing_revs(repo)

    def __load_data(self):

        """

        Load defaults settings for edit, and update

        """

        c.repo_info = self._load_repo()

        self.__load_defaults(c.repo_info)

        defaults = RepoModel()._get_defaults(c.repo_name)

        defaults['clone_uri'] = c.repo_info.clone_uri_hidden # don't show password

        defaults['permanent_url'] = c.repo_info.clone_url(clone_uri_tmpl=c.clone_uri_tmpl, with_id=True)

        return defaults

    def index(self, format='html'):

        repos_list = RepoList(Repository.query(sorted=True).all(), perm_level='admin')

        # the repo list will be filtered to only show repos where the user has read permissions

        repos_data = RepoModel().get_repos_as_dict(repos_list, admin=True)

        # data used to render the grid

        c.data = repos_data

        return render('admin/repos/repos.html')

    @NotAnonymous()

    def create(self):

        self.__load_defaults()

        try:

            # CanWriteGroup validators checks permissions of this POST

            form_result = RepoForm(repo_groups=c.repo_groups,

                                   landing_revs=c.landing_revs_choices)() \

                            .to_python(dict(request.POST))

        except formencode.Invalid as errors:

            log.info(errors)

            return htmlfill.render(

                render('admin/repos/repo_add.html'),

                defaults=errors.value,

                errors=errors.error_dict or {},

                prefix_error=False,

                force_defaults=False,

                encoding="UTF-8")

        try:

            # create is done sometimes async on celery, db transaction

            # management is handled there.

            task = RepoModel().create(form_result, request.authuser.user_id)

            task_id = task.task_id

        except Exception:

            log.error(traceback.format_exc())

            msg = (_('Error creating repository %s')

                   % form_result.get('repo_name'))

            h.flash(msg, category='error')

            raise HTTPFound(location=url('home'))

        raise HTTPFound(location=h.url('repo_creating_home',

                              repo_name=form_result['repo_name_full'],

                              task_id=task_id))

    @NotAnonymous()

    def create_repository(self):

        self.__load_defaults()

        if not c.repo_groups:

            raise HTTPForbidden

        parent_group = request.GET.get('parent_group')

        ## apply the defaults from defaults page

        defaults = Setting.get_default_repo_settings(strip_prefix=True)

        if parent_group:

            prg = RepoGroup.get(parent_group)

            if prg is None or not any(rgc[0] == prg.group_id

                                      for rgc in c.repo_groups):

                raise HTTPForbidden

        return htmlfill.render(

            render('admin/repos/repo_add.html'),

            defaults=defaults,

            errors={},

            prefix_error=False,

            encoding="UTF-8",

            force_defaults=False)

    @LoginRequired()

    def repo_creating(self, repo_name):

        c.repo = repo_name

        c.task_id = request.GET.get('task_id')

        if not c.repo:

            raise HTTPNotFound()

        return render('admin/repos/repo_creating.html')

    @LoginRequired()

    @jsonify

    def repo_check(self, repo_name):

        c.repo = repo_name

        task_id = request.GET.get('task_id')

        if task_id and task_id not in ['None']:

            if kallithea.CELERY_APP:

                task_result = celery.result.AsyncResult(task_id, app=kallithea.CELERY_APP)

                if task_result.failed():

                    raise HTTPInternalServerError(task_result.traceback)

        repo = Repository.get_by_repo_name(repo_name)

        if repo and repo.repo_state == Repository.STATE_CREATED:

            if repo.clone_uri:

                h.flash(_('Created repository %s from %s')

                        % (repo.repo_name, repo.clone_uri_hidden), category='success')

            else:

                repo_url = h.link_to(repo.repo_name,

                                     h.url('summary_home',

                                           repo_name=repo.repo_name))

                fork = repo.fork

                if fork is not None:

                    fork_name = fork.repo_name

                    h.flash(h.HTML(_('Forked repository %s as %s'))

                            % (fork_name, repo_url), category='success')

                else:

                    h.flash(h.HTML(_('Created repository %s')) % repo_url,

                            category='success')

            return {'result': True}

        return {'result': False}

    @HasRepoPermissionLevelDecorator('admin')

    def update(self, repo_name):

        c.repo_info = self._load_repo()

        self.__load_defaults(c.repo_info)

        c.active = 'settings'

        c.repo_fields = RepositoryField.query() \

            .filter(RepositoryField.repository == c.repo_info).all()

        repo_model = RepoModel()

        changed_name = repo_name

        repo = Repository.get_by_repo_name(repo_name)

        old_data = {

            'repo_name': repo_name,

            'repo_group': repo.group.get_dict() if repo.group else {},

            'repo_type': repo.repo_type,

        }

        _form = RepoForm(edit=True, old_data=old_data,

                         repo_groups=c.repo_groups,

                         landing_revs=c.landing_revs_choices)()

        try:

            form_result = _form.to_python(dict(request.POST))

            repo = repo_model.update(repo_name, **form_result)

            ScmModel().mark_for_invalidation(repo_name)

            h.flash(_('Repository %s updated successfully') % repo_name,

                    category='success')

            changed_name = repo.repo_name

            action_logger(request.authuser, 'admin_updated_repo',

                changed_name, request.ip_addr)

            Session().commit()

        except formencode.Invalid as errors:

            log.info(errors)

            defaults = self.__load_data()

            defaults.update(errors.value)

            return htmlfill.render(

                render('admin/repos/repo_edit.html'),

                defaults=defaults,

                errors=errors.error_dict or {},

                prefix_error=False,

                encoding="UTF-8",

                force_defaults=False)

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('Error occurred during update of repository %s')

                    % repo_name, category='error')

        raise HTTPFound(location=url('edit_repo', repo_name=changed_name))

    @HasRepoPermissionLevelDecorator('admin')

    def delete(self, repo_name):

        repo_model = RepoModel()

        repo = repo_model.get_by_repo_name(repo_name)

        if not repo:

            h.not_mapped_error(repo_name)

            raise HTTPFound(location=url('repos'))

        try:

            _forks = repo.forks.count()

            handle_forks = None

            if _forks and request.POST.get('forks'):

                do = request.POST['forks']

                if do == 'detach_forks':

                    handle_forks = 'detach'

                    h.flash(_('Detached %s forks') % _forks, category='success')

                elif do == 'delete_forks':

                    handle_forks = 'delete'

                    h.flash(_('Deleted %s forks') % _forks, category='success')

            repo_model.delete(repo, forks=handle_forks)

            action_logger(request.authuser, 'admin_deleted_repo',

                repo_name, request.ip_addr)

            ScmModel().mark_for_invalidation(repo_name)

            h.flash(_('Deleted repository %s') % repo_name, category='success')

            Session().commit()

        except AttachedForksError:

            h.flash(_('Cannot delete repository %s which still has forks')

                        % repo_name, category='warning')

        except Exception:

            log.error(traceback.format_exc())

            h.flash(_('An error occurred during deletion of %s') % repo_name,

                    category='error')

        if repo.group:

            raise HTTPFound(location=url('repos_group_home', group_name=repo.group.group_name))

        raise HTTPFound(location=url('repos'))

    @HasRepoPermissionLevelDecorator('admin')

    def edit(self, repo_name):

        defaults = self.__load_data()

        c.repo_fields = RepositoryField.query() \

            .filter(RepositoryField.repository == c.repo_info).all()

        c.active = 'settings'

        return htmlfill.render(

            render('admin/repos/repo_edit.html'),

            defaults=defaults,

            encoding="UTF-8",

            force_defaults=False)

    @HasRepoPermissionLevelDecorator('admin')

    def edit_permissions(self, repo_name):

        c.repo_info = self._load_repo()

        c.active = 'permissions'

        defaults = RepoModel()._get_defaults(repo_name)

        return htmlfill.render(

            render('admin/repos/repo_edit.html'),

            defaults=defaults,

            encoding="UTF-8",

            force_defaults=False)

    @HasRepoPermissionLevelDecorator('admin')

    def edit_permissions_update(self, repo_name):

        form = RepoPermsForm()().to_python(request.POST)

        RepoModel()._update_permissions(repo_name, form['perms_new'],

                                        form['perms_updates'])

        # TODO: implement this

        #action_logger(request.authuser, 'admin_changed_repo_permissions',

        #              repo_name, request.ip_addr)

        Session().commit()

        h.flash(_('Repository permissions updated'), category='success')

        raise HTTPFound(location=url('edit_repo_perms', repo_name=repo_name))

    @HasRepoPermissionLevelDecorator('admin')

    def edit_permissions_revoke(self, repo_name):

        try:

            obj_type = request.POST.get('obj_type')

            obj_id = None

            if obj_type == 'user':

                obj_id = safe_int(request.POST.get('user_id'))

            elif obj_type == 'user_group':

                obj_id = safe_int(request.POST.get('user_group_id'))

            else:

                assert False

            if obj_type == 'user':

                RepoModel().revoke_user_permission(repo=repo_name, user=obj_id)

            elif obj_type == 'user_group':

                RepoModel().revoke_user_group_permission(

                    repo=repo_name, group_name=obj_id

                )

            else:

                assert False

            # TODO: implement this

            #action_logger(request.authuser, 'admin_revoked_repo_permissions',

## -*- coding: utf-8 -*-

<%inherit file="/base/base.html"/>

<%block name="title">

    ${_('Add Repository Group')}

</%block>

<%def name="breadcrumbs_links()">

    ${h.link_to(_('Admin'),h.url('admin_home'))}

    »

    ${h.link_to(_('Repository Groups'),h.url('repos_groups'))}

    »

    ${_('Add Repository Group')}

</%def>

<%block name="header_menu">

    ${self.menu('admin')}

</%block>

<%def name="main()">

<div class="panel panel-primary">

    <div class="panel-heading clearfix">

        ${self.breadcrumbs()}

    </div>

    ${h.form(url('repos_groups'))}

    <div class="form panel-body settings">

            <div class="form-group">

                <label class="control-label" for="group_name">${_('Group name')}:</label>

                <div>

                    ${h.text('group_name',class_='form-control')}

                </div>

            </div>

            <div class="form-group">

                <label class="control-label" for="group_description">${_('Description')}:</label>

                <div>

                    ${h.textarea('group_description',cols=23,rows=5,class_='form-control')}

                </div>

            </div>

            <div class="form-group">

                <label class="control-label" for="parent_group_id">${_('Group parent')}:</label>

                <div>

                </div>

            </div>

            <div id="copy_perms" class="form-group">

                <label class="control-label" for="group_copy_permissions">${_('Copy parent group permissions')}:</label>

                <div>

                    ${h.checkbox('group_copy_permissions',value="True")}

                    <span class="help-block">${_('Copy permission set from parent repository group.')}</span>

                </div>

            </div>

            <div class="form-group">

                <div class="buttons">

                    ${h.submit('save',_('Save'),class_="btn btn-default")}

                </div>

            </div>

    </div>

    ${h.end_form()}

</div>

<script>'use strict';

    $(document).ready(function(){

        function setCopyPermsOption(group_val){

            if(group_val != "-1"){

                $('#copy_perms').show();

            }

            else{

                $('#copy_perms').hide();

            }

        }

        $("#parent_group_id").select2({

            'dropdownAutoWidth': true

        });

        setCopyPermsOption($('#parent_group_id').val());

        $("#parent_group_id").on("change", function(e) {

            setCopyPermsOption(e.val);

        });

        $('#group_name').focus();

    });

</script>

</%def>

## -*- coding: utf-8 -*-

${h.form(url('repos'))}

<div class="form">

        <div class="form-group">

            <label class="control-label" for="repo_name">${_('Name')}:</label>

            <div>

                ${h.text('repo_name',class_='form-control')}

            </div>

         </div>

        <div id="remote_clone" class="form-group">

            <label class="control-label" for="clone_uri">${_('Clone remote repository')}:</label>

            <div>

                ${h.text('clone_uri',class_='form-control')}

                <span class="help-block">

                    ${_('Optional: URL of a remote repository. If set, the repository will be created as a clone from this URL.')}

                </span>

            </div>

        </div>

        <div class="form-group">

            <label class="control-label" for="repo_description">${_('Description')}:</label>

            <div>

                ${h.textarea('repo_description',class_='form-control')}

                <span class="help-block">${_('Keep it short and to the point. Use a README file for longer descriptions.')}</span>

            </div>

        </div>

        <div class="form-group">

            <label class="control-label" for="repo_group">${_('Repository group')}:</label>

            <div>

                <span class="help-block">${_('Optionally select a group to put this repository into.')}</span>