#

# This file is execfile()d with the current directory set to its containing dir.

#

# Note that not all possible configuration values are present in this

# autogenerated file.

#

# All configuration values have a default; values that are commented out

# serve to show the default.

import os

import sys

# If extensions (or modules to document with autodoc) are in another directory,

# add these directories to sys.path here. If the directory is relative to the

# documentation root, use os.path.abspath to make it absolute, like shown here.

sys.path.insert(0, os.path.abspath('..'))

# -- General configuration -----------------------------------------------------

# If your documentation needs a minimal Sphinx version, state it here.

#needs_sphinx = '1.0'

# General information about the project.

project = 'Kallithea'

copyright = '2010-2020 by various authors, licensed as GPLv3.'

# The version info for the project you're documenting, acts as replacement for

# |version| and |release|, also used in various other places throughout the

# built documents.

#

# The short X.Y version.

root = os.path.dirname(os.path.dirname(__file__))

sys.path.append(root)

# The full version, including alpha/beta/rc tags.

# The language for content autogenerated by Sphinx. Refer to documentation

# for a list of supported languages.

#language = None

# There are two options for replacing |today|: either, you set today to some

# non-false value, then it is used:

#today = ''

# Else, today_fmt is used as the format for a strftime call.

#today_fmt = '%B %d, %Y'

# List of patterns, relative to source directory, that match files and

import traceback

import warnings

import decorator

import paste.auth.basic

import paste.httpexceptions

import paste.httpheaders

import webob.exc

from tg import TGController, config, render_template, request, response, session

from tg import tmpl_context as c

from tg.i18n import ugettext as _

from kallithea.config.routing import url

from kallithea.lib import auth_modules, ext_json

from kallithea.lib.auth import AuthUser, HasPermissionAnyMiddleware

from kallithea.lib.exceptions import UserCreationError

from kallithea.lib.utils import get_repo_slug, is_valid_repo

from kallithea.lib.utils2 import AttributeDict, asbool, ascii_bytes, safe_int, safe_str, set_hook_environment

from kallithea.lib.vcs.exceptions import ChangesetDoesNotExistError, EmptyRepositoryError, RepositoryError

from kallithea.model import meta

from kallithea.model.db import PullRequest, Repository, Setting, User

from kallithea.model.scm import ScmModel

            # CSRF protection: Whenever a request has ambient authority (whether

            # through a session cookie or its origin IP address), it must include

            # the correct token, unless the HTTP method is GET or HEAD (and thus

            # guaranteed to be side effect free. In practice, the only situation

            # where we allow side effects without ambient authority is when the

            # authority comes from an API key; and that is handled above.

            from kallithea.lib import helpers as h

            token = request.POST.get(h.session_csrf_secret_name)

            if not token or token != h.session_csrf_secret_token():

                log.error('CSRF check failed')

                raise webob.exc.HTTPForbidden()

        rc_config = Setting.get_app_settings()

        # Visual options

        c.visual = AttributeDict({})

        ## DB stored

        c.visual.show_public_icon = asbool(rc_config.get('show_public_icon'))

        c.visual.show_private_icon = asbool(rc_config.get('show_private_icon'))

        c.visual.stylify_metalabels = asbool(rc_config.get('stylify_metalabels'))

        c.visual.page_size = safe_int(rc_config.get('dashboard_items', 100))

        c.visual.admin_grid_items = safe_int(rc_config.get('admin_grid_items', 100))

        c.visual.repository_fields = asbool(rc_config.get('repository_fields'))

        c.clone_ssh_tmpl = rc_config.get('clone_ssh_tmpl') or Repository.DEFAULT_CLONE_SSH

        ## INI stored

        c.visual.allow_repo_location_change = asbool(config.get('allow_repo_location_change', True))

        c.visual.allow_custom_hooks_settings = asbool(config.get('allow_custom_hooks_settings', True))

        c.ssh_enabled = asbool(config.get('ssh_enabled', False))

        c.instance_id = config.get('instance_id')

        c.issues_url = config.get('bugtracker', url('issues_url'))

        # END CONFIG VARS

        c.repo_name = get_repo_slug(request)  # can be empty

        self.cut_off_limit = safe_int(config.get('cut_off_limit'))

        c.my_pr_count = PullRequest.query(reviewer_id=request.authuser.user_id, include_closed=False).count()

        self.scm_model = ScmModel()

    @staticmethod

    def _determine_auth_user(session_authuser, ip_addr):

        """

        Create an `AuthUser` object given the API key/bearer token

        (if any) and the value of the authuser session cookie.

:created_on: Aug 6, 2010

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

import os

import sys

import time

import mercurial.scmutil

from kallithea.lib import helpers as h

from kallithea.lib.exceptions import UserCreationError

from kallithea.lib.utils import action_logger, make_ui

from kallithea.lib.utils2 import HookEnvironmentError, ascii_str, get_hook_environment, safe_bytes, safe_str

from kallithea.lib.vcs.backends.base import EmptyChangeset

from kallithea.model.db import Repository, User

def _get_scm_size(alias, root_path):

    if not alias.startswith('.'):

        alias += '.'

    """Logs user last pull action

    Called as Mercurial hook outgoing.pull_logger or from Kallithea before invoking Git.

    Does *not* use the action from the hook environment but is always 'pull'.

    """

    ex = get_hook_environment()

    user = User.get_by_username(ex.username)

    action = 'pull'

    action_logger(user, action, ex.repository, ex.ip, commit=True)

    # extension hook call

    if callable(callback):

        kw = {}

        kw.update(ex)

        callback(**kw)

def log_push_action(ui, repo, node, node_last, **kwargs):

    """

    Register that changes have been added to the repo - log the action *and* invalidate caches.

    Note: This hook is not only logging, but also the side effect invalidating

    caches! The function should perhaps be renamed.

    or from the Git post-receive hook calling handle_git_post_receive ...

    or from scm _handle_push.

    """

    ex = get_hook_environment()

    action = '%s:%s' % (ex.action, ','.join(revs))

    action_logger(ex.username, action, ex.repository, ex.ip, commit=True)

    from kallithea.model.scm import ScmModel

    ScmModel().mark_for_invalidation(ex.repository)

    # extension hook call

    if callable(callback):

        kw = {'pushed_revs': revs}

        kw.update(ex)

        callback(**kw)

def log_create_repository(repository_dict, created_by, **kwargs):

    """

    Post create repository Hook.

    :param repository: dict dump of repository object

    :param created_by: username who created repository

     'private',

     'created_on',

     'enable_downloads',

     'repo_id',

     'owner_id',

     'enable_statistics',

     'clone_uri',

     'fork_id',

     'group_id',

     'repo_name'

    """

    if callable(callback):

        kw = {}

        kw.update(repository_dict)

        kw.update({'created_by': created_by})

        kw.update(kwargs)

        callback(**kw)

def check_allowed_create_user(user_dict, created_by, **kwargs):

    # pre create hooks

    if callable(callback):

        allowed, reason = callback(created_by=created_by, **user_dict)

        if not allowed:

            raise UserCreationError(reason)

def log_create_user(user_dict, created_by, **kwargs):

    """

    Post create user Hook.

    :param user_dict: dict dump of user object

     'lastname',

     'ip_addresses',

     'ldap_dn',

     'email',

     'api_key',

     'last_login',

     'full_name',

     'active',

     'password',

     'emails',

    """

    if callable(callback):

        callback(created_by=created_by, **user_dict)

def log_create_pullrequest(pullrequest_dict, created_by, **kwargs):

    """

    Post create pull request hook.

    :param pullrequest_dict: dict dump of pull request object

    """

    if callable(callback):

        return callback(created_by=created_by, **pullrequest_dict)

    return 0

def log_delete_repository(repository_dict, deleted_by, **kwargs):

    """

    Post delete repository Hook.

    :param repository: dict dump of repository object

    :param deleted_by: username who deleted the repository

     'private',

     'created_on',

     'enable_downloads',

     'repo_id',

     'owner_id',

     'enable_statistics',

     'clone_uri',

     'fork_id',

     'group_id',

     'repo_name'

    """

    if callable(callback):

        kw = {}

        kw.update(repository_dict)

        kw.update({'deleted_by': deleted_by,

                   'deleted_on': time.time()})

        kw.update(kwargs)

        callback(**kw)

def log_delete_user(user_dict, deleted_by, **kwargs):

    """

    Post delete user Hook.

     'lastname',

     'ip_addresses',

     'ldap_dn',

     'email',

     'api_key',

     'last_login',

     'full_name',

     'active',

     'password',

     'emails',

    """

    if callable(callback):

        callback(deleted_by=deleted_by, **user_dict)

def _hook_environment(repo_path):

    """

    Create a light-weight environment for stand-alone scripts and return an UI and the

    db repository.

    Git hooks are executed as subprocess of Git while Kallithea is waiting, and

    they thus need enough info to be able to create an app environment and

    connect to the database.

import json

import os

import re

import time

import urllib.parse

import urlobject

from tg.i18n import ugettext as _

from tg.i18n import ungettext

from tg.support.converters import asbool, aslist

from webhelpers2.text import collapse, remove_formatting, strip_tags

from kallithea.lib.vcs.utils import ascii_bytes, ascii_str, safe_bytes, safe_str  # re-export

from kallithea.lib.vcs.utils.lazy import LazyProperty

try:

    import pwd

except ImportError:

    pass

# mute pyflakes "imported but unused"

assert asbool

    return AttributeDict(extras)

def set_hook_environment(username, ip_addr, repo_name, repo_alias, action=None):

    """Prepare global context for running hooks by serializing data in the

    global KALLITHEA_EXTRAS environment variable.

    Most importantly, this allow Git hooks to do proper logging and updating of

    caches after pushes.

    Must always be called before anything with hooks are invoked.

    """

    extras = {

        'ip': ip_addr, # used in log_push/pull_action action_logger

        'username': username,

        'action': action or 'push_local', # used in log_push_action_raw_ids action_logger

        'repository': repo_name,

        'scm': repo_alias, # used to pick hack in log_push_action_raw_ids

    }

    os.environ['KALLITHEA_EXTRAS'] = json.dumps(extras)

def get_current_authuser():

    """

    Gets kallithea user from threadlocal tmpl_context variable if it's

    defined, else returns None.

    """

    from tg import tmpl_context

    try:

        return getattr(tmpl_context, 'authuser', None)

<name> = formencode.validators.<name of validator>

<name> must equal form name

list=[1,2,3,4,5]

for SELECT use formencode.All(OneOf(list), Int())

"""

import logging

import formencode

from formencode import All

from tg.i18n import ugettext as _

from kallithea.model import validators as v

log = logging.getLogger(__name__)

def LoginForm():

    class _LoginForm(formencode.Schema):

        allow_extra_fields = True

        filter_extra_fields = True

        username = v.UnicodeString(

            strip=True,

        email = v.UnicodeString(strip=True, not_empty=True)

        timestamp = v.Number(strip=True, not_empty=True)

        token = v.UnicodeString(strip=True, not_empty=True)

        password = All(v.ValidPassword(), v.UnicodeString(strip=False, min=6))

        password_confirm = All(v.ValidPassword(), v.UnicodeString(strip=False, min=6))

        chained_validators = [v.ValidPasswordsMatch('password',

                                                    'password_confirm')]

    return _PasswordResetConfirmationForm

             repo_groups=None, landing_revs=None):

    old_data = old_data or {}

    repo_groups = repo_groups or []

    landing_revs = landing_revs or []

    repo_group_ids = [rg[0] for rg in repo_groups]

    class _RepoForm(formencode.Schema):

        allow_extra_fields = True

        filter_extra_fields = False

        repo_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),

                        v.SlugifyName())

        repo_group = All(v.CanWriteGroup(old_data),

        new_field_key = All(v.FieldKey(),

                            v.UnicodeString(strip=True, min=3, not_empty=True))

        new_field_value = v.UnicodeString(not_empty=False, if_missing='')

        new_field_type = v.OneOf(['str', 'unicode', 'list', 'tuple'],

                                 if_missing='str')

        new_field_label = v.UnicodeString(not_empty=False)

        new_field_desc = v.UnicodeString(not_empty=False)

    return _RepoFieldForm

                 repo_groups=None, landing_revs=None):

    old_data = old_data or {}

    repo_groups = repo_groups or []

    landing_revs = landing_revs or []

    repo_group_ids = [rg[0] for rg in repo_groups]

    class _RepoForkForm(formencode.Schema):

        allow_extra_fields = True

        filter_extra_fields = False

        repo_name = All(v.UnicodeString(strip=True, min=1, not_empty=True),

                        v.SlugifyName())

        repo_group = All(v.CanWriteGroup(),

        filter_extra_fields = True

        allow_extra_fields = True

        create_repo_perm = v.StringBoolean(if_missing=False)

        create_user_group_perm = v.StringBoolean(if_missing=False)

        #create_repo_group_perm Impl. later

        fork_repo_perm = v.StringBoolean(if_missing=False)

    return _CustomDefaultPermissionsForm

    class _DefaultsForm(formencode.Schema):

        allow_extra_fields = True

        filter_extra_fields = True

        default_repo_type = v.OneOf(supported_backends)

        default_repo_private = v.StringBoolean(if_missing=False)

        default_repo_enable_statistics = v.StringBoolean(if_missing=False)

        default_repo_enable_downloads = v.StringBoolean(if_missing=False)

    return _DefaultsForm

def AuthSettingsForm(current_active_modules):

import logging

import os

import posixpath

import re

import sys

import traceback

import pkg_resources

from tg.i18n import ugettext as _

import kallithea

from kallithea.lib.auth import HasPermissionAny, HasRepoGroupPermissionLevel, HasRepoPermissionLevel, HasUserGroupPermissionLevel

from kallithea.lib.exceptions import IMCCommitError, NonRelativePathError

from kallithea.lib.hooks import process_pushed_raw_ids

from kallithea.lib.utils import action_logger, get_filesystem_repos, make_ui

from kallithea.lib.utils2 import safe_bytes, set_hook_environment

from kallithea.lib.vcs import get_backend

from kallithea.lib.vcs.backends.base import EmptyChangeset

from kallithea.lib.vcs.exceptions import RepositoryError

from kallithea.lib.vcs.nodes import FileNode

from kallithea.lib.vcs.utils.lazy import LazyProperty

from kallithea.model.db import PullRequest, RepoGroup, Repository, Session, Ui, User, UserFollowing, UserLog

            # name need to be decomposed and put back together using the /

            # since this is internal storage separator for kallithea

            name = Repository.normalize_repo_name(name)

            try:

                if name in repos:

                    raise RepositoryError('Duplicate repository name %s '

                                          'found in %s' % (name, path))

                else:

                    klass = get_backend(path[0])

                        repos[name] = klass(path[1], baseui=baseui)

                        repos[name] = klass(path[1])

            except OSError:

                continue

        log.debug('found %s paths with repositories', len(repos))

        return repos

    def get_repos(self, repos):

        """Return the repos the user has access to"""

        return RepoList(repos, perm_level='read')

    def get_repo_groups(self, groups=None):

        """Return the repo groups the user has access to