('default_repo_enable_downloads', False, 'bool'),

            ('default_repo_enable_statistics', False, 'bool'),

            ('default_repo_private', False, 'bool'),

            ('default_repo_type', 'hg', 'unicode')]:

            if skip_existing and Setting.get_by_name(k) is not None:

                log.debug('Skipping option %s', k)

                continue

            setting = Setting(k, v, t)

            self.sa.add(setting)

    def fixup_groups(self):

        def_usr = User.get_default_user()

        for g in RepoGroup.query().all():

            g.group_name = g.get_new_name(g.name)

            self.sa.add(g)

            # get default perm

            default = UserRepoGroupToPerm.query() \

                .filter(UserRepoGroupToPerm.group == g) \

                .filter(UserRepoGroupToPerm.user == def_usr) \

                .scalar()

            if default is None:

                log.debug('missing default permission for group %s adding', g)

    def reset_permissions(self, username):

        """

        Resets permissions to default state, useful when old systems had

        bad permissions, we must clean them up

        :param username:

        """

        default_user = User.get_by_username(username)

        if not default_user:

            return

        u2p = UserToPerm.query() \

            .filter(UserToPerm.user == default_user).all()

        fixed = False

        if len(u2p) != len(Permission.DEFAULT_USER_PERMISSIONS):

            for p in u2p:

                Session().delete(p)

            fixed = True

            self.populate_default_permissions()

        return fixed

    def update_repo_info(self):

        for repo in Repository.query():

    groups = path.split(Repository.url_sep())

    parent = None

    group = None

    # last element is repo in nested groups structure

    groups = groups[:-1]

    rgm = RepoGroupModel(sa)

    owner = User.get_first_admin()

    for lvl, group_name in enumerate(groups):

        group_name = u'/'.join(groups[:lvl] + [group_name])

        group = RepoGroup.get_by_group_name(group_name)

        desc = '%s group' % group_name

        # skip folders that are now removed repos

        if REMOVED_REPO_PAT.match(group_name):

            break

        if group is None:

            log.debug('creating group level: %s group_name: %s',

                      lvl, group_name)

            group = RepoGroup(group_name, parent)

            group.group_description = desc

            group.owner = owner

            sa.add(group)

            sa.flush()

        parent = group

    return group

def repo2db_mapper(initial_repo_list, remove_obsolete=False,

                   install_git_hooks=False, user=None, overwrite_git_hooks=False):

    """

    maps all repos given in initial_repo_list, non existing repositories

    are created, if remove_obsolete is True it also check for db entries

    that are not in initial_repo_list and removes them.

    :param initial_repo_list: list of repositories found by scanning methods

    :param remove_obsolete: check for obsolete entries in database

    :param install_git_hooks: if this is True, also check and install git hook

        for a repo if missing

    :param overwrite_git_hooks: if this is True, overwrite any existing git hooks

        that may be encountered (even if user-deployed)

    """

    from kallithea.model.repo import RepoModel

    from kallithea.model.scm import ScmModel

    sa = meta.Session()

    repo_model = RepoModel()

log = logging.getLogger(__name__)

class RepoModel(BaseModel):

    URL_SEPARATOR = Repository.url_sep()

    def _create_default_perms(self, repository, private):

        # create default permission

        default = 'repository.read'

        def_user = User.get_default_user()

        for p in def_user.user_perms:

            if p.permission.permission_name.startswith('repository.'):

                default = p.permission.permission_name

                break

        default_perm = 'repository.none' if private else default

        repo_to_perm = UserRepoToPerm()

        repo_to_perm.permission = Permission.get_by_key(default_perm)

        repo_to_perm.repository = repository

        repo_to_perm.user_id = def_user.user_id

        return repo_to_perm

    @LazyProperty

    def repos_path(self):

        """

        Gets the repositories root path from database

        """

        q = self.sa.query(Ui).filter(Ui.ui_key == '/').one()

        return q.ui_value

    def get(self, repo_id, cache=False):

        repo = self.sa.query(Repository) \

            .filter(Repository.repo_id == repo_id)

        if cache:

            repo = repo.options(FromCache("sql_cache_short",

                                          "get_repo_%s" % repo_id))

        return repo.scalar()

    def get_repo(self, repository):

        return Repository.guess_instance(repository)

                for perm in group_perms:

                    UserGroupRepoToPerm.create(perm.users_group, new_repo,

                                               perm.permission)

            elif repo_group and copy_group_permissions:

                user_perms = UserRepoGroupToPerm.query() \

                    .filter(UserRepoGroupToPerm.group == repo_group).all()

                group_perms = UserGroupRepoGroupToPerm.query() \

                    .filter(UserGroupRepoGroupToPerm.group == repo_group).all()

                for perm in user_perms:

                    perm_name = perm.permission.permission_name.replace('group.', 'repository.')

                    perm_obj = Permission.get_by_key(perm_name)

                    UserRepoToPerm.create(perm.user, new_repo, perm_obj)

                for perm in group_perms:

                    perm_name = perm.permission.permission_name.replace('group.', 'repository.')

                    perm_obj = Permission.get_by_key(perm_name)

                    UserGroupRepoToPerm.create(perm.users_group, new_repo, perm_obj)

            else:

            # now automatically start following this repository as owner

            ScmModel(self.sa).toggle_following_repo(new_repo.repo_id,

                                                    owner.user_id)

            # we need to flush here, in order to check if database won't

            # throw any exceptions, create filesystem dirs at the very end

            self.sa.flush()

            return new_repo

        except Exception:

            log.error(traceback.format_exc())

            raise

    def create(self, form_data, cur_user):

        """

        Create repository using celery tasks

        :param form_data:

        :param cur_user:

        """

        from kallithea.lib.celerylib import tasks

        return tasks.create_repo(form_data, cur_user)

    def _update_permissions(self, repo, perms_new=None, perms_updates=None,

                            check_perms=True):

    @LazyProperty

    def repos_path(self):

        """

        Gets the repositories root path from database

        """

        q = Ui.get_by_key('paths', '/')

        return q.ui_value

    def _create_default_perms(self, new_group):

        # create default permission

        default_perm = 'group.read'

        def_user = User.get_default_user()

        for p in def_user.user_perms:

            if p.permission.permission_name.startswith('group.'):

                default_perm = p.permission.permission_name

                break

        repo_group_to_perm = UserRepoGroupToPerm()

        repo_group_to_perm.permission = Permission.get_by_key(default_perm)

        repo_group_to_perm.group = new_group

        repo_group_to_perm.user_id = def_user.user_id

        return repo_group_to_perm

    def _create_group(self, group_name):

        """

        makes repository group on filesystem

        :param repo_name:

        :param parent_id:

        """

        create_path = os.path.join(self.repos_path, group_name)

        log.debug('creating new group in %s', create_path)

        if os.path.isdir(create_path):

            raise Exception('That directory already exists !')

        os.makedirs(create_path)

        log.debug('Created group in %s', create_path)

    def _rename_group(self, old, new):

        """

        Renames a group on filesystem

        :param group_name:

            # create an ADMIN permission for owner except if we're super admin,

            # later owner should go into the owner field of groups

            if not owner.is_admin:

                self.grant_user_permission(repo_group=new_repo_group,

                                           user=owner, perm='group.admin')

            if parent_group and copy_permissions:

                # copy permissions from parent

                user_perms = UserRepoGroupToPerm.query() \

                    .filter(UserRepoGroupToPerm.group == parent_group).all()

                group_perms = UserGroupRepoGroupToPerm.query() \

                    .filter(UserGroupRepoGroupToPerm.group == parent_group).all()

                for perm in user_perms:

                    # don't copy over the permission for user who is creating

                    # this group, if he is not super admin he get's admin

                    # permission set above

                    if perm.user != owner or owner.is_admin:

                        UserRepoGroupToPerm.create(perm.user, new_repo_group, perm.permission)

                for perm in group_perms:

                    UserGroupRepoGroupToPerm.create(perm.users_group, new_repo_group, perm.permission)

            else:

            if not just_db:

                # we need to flush here, in order to check if database won't

                # throw any exceptions, create filesystem dirs at the very end

                self.sa.flush()

                self._create_group(new_repo_group.group_name)

            return new_repo_group

        except Exception:

            log.error(traceback.format_exc())

            raise

    def _update_permissions(self, repo_group, perms_new=None,

                            perms_updates=None, recursive=None,

                            check_perms=True):

        from kallithea.model.repo import RepoModel

        from kallithea.lib.auth import HasUserGroupPermissionLevel

        if not perms_new:

            perms_new = []

        if not perms_updates:

            perms_updates = []

        def _set_perm_user(obj, user, perm):

    UserGroupRepoToPerm, Permission, UserGroupToPerm, User, UserUserGroupToPerm, \

    UserGroupUserGroupToPerm

from kallithea.lib.exceptions import UserGroupsAssignedException, \

    RepoGroupAssignmentError

log = logging.getLogger(__name__)

class UserGroupModel(BaseModel):

    def _create_default_perms(self, user_group):

        # create default permission

        default_perm = 'usergroup.read'

        def_user = User.get_default_user()

        for p in def_user.user_perms:

            if p.permission.permission_name.startswith('usergroup.'):

                default_perm = p.permission.permission_name

                break

        user_group_to_perm = UserUserGroupToPerm()

        user_group_to_perm.permission = Permission.get_by_key(default_perm)

        user_group_to_perm.user_group = user_group

        user_group_to_perm.user_id = def_user.user_id

        return user_group_to_perm

    def _update_permissions(self, user_group, perms_new=None,

                            perms_updates=None):

        from kallithea.lib.auth import HasUserGroupPermissionLevel

        if not perms_new:

            perms_new = []

        if not perms_updates:

            perms_updates = []

        # update permissions

        for member, perm, member_type in perms_updates:

            if member_type == 'user':

                # this updates existing one

                self.grant_user_permission(

                    user_group=user_group, user=member, perm=perm

                )

            else:

                #check if we have permissions to alter this usergroup's access

                if HasUserGroupPermissionLevel('read')(member):

                    self.grant_user_group_permission(

                        target_user_group=user_group, user_group=member, perm=perm

                    )

        # set new permissions

                if HasUserGroupPermissionLevel('read')(member):

                    self.grant_user_group_permission(

                        target_user_group=user_group, user_group=member, perm=perm

                    )

    def get(self, user_group_id, cache=False):

        return UserGroup.get(user_group_id)

    def get_group(self, user_group):

        return UserGroup.guess_instance(user_group)

    def get_by_name(self, name, cache=False, case_insensitive=False):

        return UserGroup.get_by_group_name(name, cache, case_insensitive)

    def create(self, name, description, owner, active=True, group_data=None):

        try:

            new_user_group = UserGroup()

            new_user_group.owner = User.guess_instance(owner)

            new_user_group.users_group_name = name

            new_user_group.user_group_description = description

            new_user_group.users_group_active = active

            if group_data:

                new_user_group.group_data = group_data

            self.sa.add(new_user_group)

            self.grant_user_permission(user_group=new_user_group,

                                       user=owner, perm='usergroup.admin')

            return new_user_group

        except Exception:

            log.error(traceback.format_exc())

            raise

    def update(self, user_group, form_data):

        try:

            user_group = UserGroup.guess_instance(user_group)

            for k, v in form_data.items():

                if k == 'users_group_members':

                    members_list = []

                    if v:

                        v = [v] if isinstance(v, basestring) else v

                        for u_id in set(v):

                            member = UserGroupMember(user_group.users_group_id, u_id)

                            members_list.append(member)

                            self.sa.add(member)

                    user_group.members = members_list