kallithea Changeset - 87f0800abc7b

Changeset - 87f0800abc7b

Parent rev.

Child rev.

[Not reviewed]

beta

0 27 1

Marcin Kuzminski - 14 years ago 2012-01-28 00:06:29
marcin@python-works.com

#227 Initial version of repository groups permissions system
- implemented none/read/write/admin permissions for groups
- wrote more tests for permissions, and new permissions groups
- a lot of code garden, splitted logic into proper models
- permissions on groups doesn't propagate yet to repositories
- deprecated some methods on api for managing permissions on
repositories for users, and users groups

28 files changed with 1463 insertions and 394 deletions:

README.rst

docs/api/api.rst

rhodecode/config/middleware.py

rhodecode/config/routing.py

rhodecode/controllers/admin/repos.py

rhodecode/controllers/admin/repos_groups.py

rhodecode/controllers/api/api.py

rhodecode/controllers/home.py

rhodecode/lib/__init__.py

rhodecode/lib/auth.py

rhodecode/lib/db_manage.py

rhodecode/lib/hooks.py

rhodecode/lib/utils.py

rhodecode/model/__init__.py

rhodecode/model/db.py

rhodecode/model/forms.py

rhodecode/model/notification.py

rhodecode/model/repo.py

130

rhodecode/model/repo_permission.py

rhodecode/model/repos_group.py

164

rhodecode/model/scm.py

rhodecode/model/user.py

101

rhodecode/model/users_group.py

rhodecode/templates/admin/repos_groups/repos_group_edit_perms.html

270

rhodecode/templates/admin/repos_groups/repos_groups_edit.html

rhodecode/templates/index_base.html

rhodecode/tests/test_models.py

192

test.ini

0 comments (0 inline, 0 general)

README.rst

➞

Show inline comments

 ========================
 RhodeCode documentation!
 ========================
 ``RhodeCode`` is a fast and powerful management tool for Mercurial_ and GIT_
 with a built in push/pull server and full text search.
+with a built in push/pull server and full text search and code-review.
 It works on http/https and has a built in permission/authentication system with
-the ability to authenticate via LDAP or ActiveDirectory. RhodeCode also supports
+the ability to authenticate via LDAP or ActiveDirectory. RhodeCode also provides
 simple API so it's easy integrable with existing external systems.
 RhodeCode is similar in some respects to github or bitbucket_,
 however RhodeCode can be run as standalone hosted application on your own server.
 It is open source and donation ware and focuses more on providing a customized,
 self administered interface for Mercurial and GIT repositories.
 RhodeCode is powered by a vcs_ library that Lukasz Balcerzak and I created to
 handle multiple different version control systems.
 RhodeCode uses `Semantic Versioning <http://semver.org/>`_
 RhodeCode demo
 --------------
 http://demo.rhodecode.org
 The default access is anonymous but you can login to an administrative account
 using the following credentials:
 - username: demo
 - password: demo12
 Source code
 -----------
 The latest sources can be obtained from official RhodeCode instance
 https://secure.rhodecode.org
 MIRRORS:
 Issue tracker and sources at bitbucket_
 http://bitbucket.org/marcinkuzminski/rhodecode
 Sources at github_
 https://github.com/marcinkuzminski/rhodecode
 Installation
 ------------
 Please visit http://packages.python.org/RhodeCode/installation.html
 RhodeCode Features
 ------------------

docs/api/api.rst

➞

Show inline comments

@@ @@ -46,428 +46,496 @@ Simply provide @@
     api_key can be found in your user account page
 RhodeCode API will return always a JSON-RPC response::
+    {
         "id":<id>,
         "result": "<result>",
         "error": null
+    }
 All responses from API will be `HTTP/1.0 200 OK`, if there's an error while
 calling api *error* key from response will contain failure description
 and result will be null.
 API METHODS
 +++++++++++
 pull
 ----
 Pulls given repo from remote location. Can be used to automatically keep
 remote repos up to date. This command can be executed only using api_key
 belonging to user with admin rights
 INPUT::
     api_key : "<api_key>"
     method :  "pull"
     args :    {
                 "repo_name" : "<reponame>"
+              }
 OUTPUT::
     result : "Pulled from <reponame>"
     error :  null
 get_user
 --------
 Get's an user by username, Returns empty result if user is not found.
 This command can be executed only using api_key belonging to user with admin
 rights.
 INPUT::
     api_key : "<api_key>"
     method :  "get_user"
     args :    {
                 "username" : "<username>"
+              }
 OUTPUT::
     result: None if user does not exist or
+            {
                 "id" :       "<id>",
                 "username" : "<username>",
                 "firstname": "<firstname>",
                 "lastname" : "<lastname>",
                 "email" :    "<email>",
                 "active" :   "<bool>",
                 "admin" :    "<bool>",
                 "ldap" :     "<ldap_dn>"
+            }
     error:  null
 get_users
 ---------
 Lists all existing users. This command can be executed only using api_key
 belonging to user with admin rights.
 INPUT::
     api_key : "<api_key>"
     method :  "get_users"
     args :    { }
 OUTPUT::
     result: [
+              {
                 "id" :       "<id>",
                 "username" : "<username>",
                 "firstname": "<firstname>",
                 "lastname" : "<lastname>",
                 "email" :    "<email>",
                 "active" :   "<bool>",
                 "admin" :    "<bool>",
                 "ldap" :     "<ldap_dn>"
               },
     	      …
+            ]
     error:  null
 create_user
 -----------
 Creates new user or updates current one if such user exists. This command can
 be executed only using api_key belonging to user with admin rights.
 INPUT::
     api_key : "<api_key>"
     method :  "create_user"
     args :    {
                 "username" :  "<username>",
                 "password" :  "<password>",
                 "email" :     "<useremail>",
                 "firstname" : "<firstname> = None",
                 "lastname" :  "<lastname> = None",
                 "active" :    "<bool> = True",
                 "admin" :     "<bool> = False",
                 "ldap_dn" :   "<ldap_dn> = None"
+              }
 OUTPUT::
     result: {
               "id" : "<new_user_id>",
               "msg" : "created new user <username>"
+            }
     error:  null
 get_users_group
 ---------------
 Gets an existing users group. This command can be executed only using api_key
 belonging to user with admin rights.
 INPUT::
     api_key : "<api_key>"
     method :  "get_users_group"
     args :    {
                 "group_name" : "<name>"
+              }
 OUTPUT::
     result : None if group not exist
+             {
                "id" :         "<id>",
                "group_name" : "<groupname>",
                "active":      "<bool>",
                "members" :  [
                               { "id" :       "<userid>",
                                 "username" : "<username>",
                                 "firstname": "<firstname>",
                                 "lastname" : "<lastname>",
                                 "email" :    "<email>",
                                 "active" :   "<bool>",
                                 "admin" :    "<bool>",
                                 "ldap" :     "<ldap_dn>"
                               },
                               …
+                            ]
+             }
     error : null
 get_users_groups
 ----------------
 Lists all existing users groups. This command can be executed only using
 api_key belonging to user with admin rights.
 INPUT::
     api_key : "<api_key>"
     method :  "get_users_groups"
     args :    { }
 OUTPUT::
     result : [
+               {
                  "id" :         "<id>",
                  "group_name" : "<groupname>",
                  "active":      "<bool>",
                  "members" :  [
+	    	                    {
 	    	                      "id" :       "<userid>",
 	                              "username" : "<username>",
 	                              "firstname": "<firstname>",
 	                              "lastname" : "<lastname>",
 	                              "email" :    "<email>",
 	                              "active" :   "<bool>",
 	                              "admin" :    "<bool>",
 	                              "ldap" :     "<ldap_dn>"
 	                            },
 	    	                    …
+	                          ]
+	            }
+              ]
     error : null
 create_users_group
 ------------------
 Creates new users group. This command can be executed only using api_key
 belonging to user with admin rights
 INPUT::
     api_key : "<api_key>"
     method :  "create_users_group"
     args:     {
                 "group_name":  "<groupname>",
                 "active":"<bool> = True"
+              }
 OUTPUT::
     result: {
               "id":  "<newusersgroupid>",
               "msg": "created new users group <groupname>"
+            }
     error:  null
 add_user_to_users_group
 -----------------------
 Adds a user to a users group. This command can be executed only using api_key
 belonging to user with admin rights
 INPUT::
     api_key : "<api_key>"
     method :  "add_user_users_group"
     args:     {
                 "group_name" :  "<groupname>",
                 "username" :   "<username>"
+              }
 OUTPUT::
     result: {
               "id":  "<newusersgroupmemberid>",
               "msg": "created new users group member"
+            }
     error:  null
 get_repo
 --------
 Gets an existing repository. This command can be executed only using api_key
 belonging to user with admin rights
 INPUT::
     api_key : "<api_key>"
     method :  "get_repo"
     args:     {
                 "repo_name" : "<reponame>"
+              }
 OUTPUT::
     result: None if repository does not exist or
+            {
                 "id" :          "<id>",
                 "repo_name" :   "<reponame>"
                 "type" :        "<type>",
                 "description" : "<description>",
                 "members" :     [
                                   { "id" :         "<userid>",
                                     "username" :   "<username>",
                                     "firstname":   "<firstname>",
                                     "lastname" :   "<lastname>",
                                     "email" :      "<email>",
                                     "active" :     "<bool>",
                                     "admin" :      "<bool>",
                                     "ldap" :       "<ldap_dn>",
                                     "permission" : "repository.(read|write|admin)"
                                   },
                                   …
+                                  {
                                     "id" :       "<usersgroupid>",
                                     "name" :     "<usersgroupname>",
                                     "active":    "<bool>",
                                     "permission" : "repository.(read|write|admin)"
                                   },
                                   …
+                                ]
+            }
     error:  null
 get_repos
 ---------
 Lists all existing repositories. This command can be executed only using api_key
 belonging to user with admin rights
 INPUT::
     api_key : "<api_key>"
     method :  "get_repos"
     args:     { }
 OUTPUT::
     result: [
+              {
                 "id" :          "<id>",
                 "repo_name" :   "<reponame>"
                 "type" :        "<type>",
                 "description" : "<description>"
               },
               …
+            ]
     error:  null
 get_repo_nodes
 --------------
 returns a list of nodes and it's children in a flat list for a given path
 at given revision. It's possible to specify ret_type to show only `files` or
 `dirs`. This command can be executed only using api_key belonging to user
 with admin rights
 INPUT::
     api_key : "<api_key>"
     method :  "get_repo_nodes"
     args:     {
                 "repo_name" : "<reponame>",
                 "revision"  : "<revision>",
                 "root_path" : "<root_path>",
                 "ret_type"  : "<ret_type>" = 'all'
+              }
 OUTPUT::
     result: [
+              {
                 "name" :        "<name>"
                 "type" :        "<type>",
               },
               …
+            ]
     error:  null
 create_repo
 -----------
 Creates a repository. This command can be executed only using api_key
 belonging to user with admin rights.
 If repository name contains "/", all needed repository groups will be created.
 For example "foo/bar/baz" will create groups "foo", "bar" (with "foo" as parent),
 and create "baz" repository with "bar" as group.
 INPUT::
     api_key : "<api_key>"
     method :  "create_repo"
     args:     {
                 "repo_name" :   "<reponame>",
                 "owner_name" :  "<ownername>",
                 "description" : "<description> = ''",
                 "repo_type" :   "<type> = 'hg'",
                 "private" :     "<bool> = False"
+              }
 OUTPUT::
     result: {
                 "id": "<newrepoid>",
                 "msg": "Created new repository <reponame>",
               "id": "<newrepoid>",
               "msg": "Created new repository <reponame>",
+            }
     error:  null
 add_user_to_repo
 ----------------
 grant_user_permission
 ---------------------
 Add a user to a repository. This command can be executed only using api_key
 belonging to user with admin rights.
 If "perm" is None, user will be removed from the repository.
 Grant permission for user on given repository, or update existing one
 if found. This command can be executed only using api_key belonging to user
 with admin rights.
 INPUT::
     api_key : "<api_key>"
-    method :  "add_user_to_repo"
+    method :  "grant_user_permission"
     args:     {
                 "repo_name" :  "<reponame>",
                 "username" :   "<username>",
                 "perm" :       "(None|repository.(read|write|admin))",
                 "perm" :       "(repository.(none|read|write|admin))",
+              }
 OUTPUT::
     result: {
               "msg" : "Granted perm: <perm> for user: <username> in repo: <reponame>"
+            }
     error:  null
 revoke_user_permission
 ----------------------
 Revoke permission for user on given repository. This command can be executed
 only using api_key belonging to user with admin rights.
 INPUT::
     api_key : "<api_key>"
     method  : "revoke_user_permission"
     args:     {
                 "repo_name" :  "<reponame>",
                 "username" :   "<username>",
+              }
 OUTPUT::
     result: {
-                "msg" : "Added perm: <perm> for <username> in repo: <reponame>"
+              "msg" : "Revoked perm for user: <suername> in repo: <reponame>"
+            }
     error:  null
 add_users_group_to_repo
 -----------------------
 grant_users_group_permission
 ----------------------------
 Add a users group to a repository. This command can be executed only using
 api_key belonging to user with admin rights. If "perm" is None, group will
 be removed from the repository.
 Grant permission for users group on given repository, or update
 existing one if found. This command can be executed only using
 api_key belonging to user with admin rights.
 INPUT::
     api_key : "<api_key>"
     method :  "add_users_group_to_repo"
     method :  "grant_users_group_permission"
     args:     {
                 "repo_name" : "<reponame>",
                 "group_name" : "<usersgroupname>",
                 "perm" : "(repository.(none|read|write|admin))",
+              }
 OUTPUT::
     result: {
               "msg" : "Granted perm: <perm> for group: <usersgroupname> in repo: <reponame>"
+            }
     error:  null
 revoke_users_group_permission
 -----------------------------
 Revoke permission for users group on given repository.This command can be
 executed only using api_key belonging to user with admin rights.
 INPUT::
     api_key : "<api_key>"
     method  : "revoke_users_group_permission"
     args:     {
                 "repo_name" :  "<reponame>",
                 "group_name" : "<groupname>",
                 "perm" :       "(None|repository.(read|write|admin))",
                 "users_group" :   "<usersgroupname>",
+              }
 OUTPUT::
     result: {
-                "msg" : Added perm: <perm> for <groupname> in repo: <reponame>"
+              "msg" : "Revoked perm for group: <usersgroupname> in repo: <reponame>"
+            }
+    error:  null
@@ \ No newline at end of file @@

rhodecode/config/middleware.py

➞

Show inline comments

@@ @@ -6,81 +6,80 @@ from paste.cascade import Cascade @@
 from paste.registry import RegistryManager
 from paste.urlparser import StaticURLParser
 from paste.deploy.converters import asbool
 from paste.gzipper import make_gzip_middleware
 from pylons.middleware import ErrorHandler, StatusCodeRedirect
 from pylons.wsgiapp import PylonsApp
 from rhodecode.lib.middleware.simplehg import SimpleHg
 from rhodecode.lib.middleware.simplegit import SimpleGit
 from rhodecode.lib.middleware.https_fixup import HttpsFixup
 from rhodecode.config.environment import load_environment
 def make_app(global_conf, full_stack=True, static_files=True, **app_conf):
     """Create a Pylons WSGI application and return it
     ``global_conf``
         The inherited configuration for this application. Normally from
         the [DEFAULT] section of the Paste ini file.
     ``full_stack``
         Whether or not this application provides a full WSGI stack (by
         default, meaning it handles its own exceptions and errors).
         Disable full_stack when this application is "managed" by
         another WSGI middleware.
     ``app_conf``
         The application's local configuration. Normally specified in
         the [app:<name>] section of the Paste ini file (where <name>
         defaults to main).
     """
     # Configure the Pylons environment
     config = load_environment(global_conf, app_conf)
     # The Pylons WSGI app
     app = PylonsApp(config=config)
     # Routing/Session/Cache Middleware
     app = RoutesMiddleware(app, config['routes.map'])
     app = SessionMiddleware(app, config)
     # CUSTOM MIDDLEWARE HERE (filtered by error handling middlewares)
     if asbool(config['pdebug']):
         from rhodecode.lib.profiler import ProfilingMiddleware
         app = ProfilingMiddleware(app)
     if asbool(full_stack):
     if asbool(full_stack):
         # Handle Python exceptions
         app = ErrorHandler(app, global_conf, **config['pylons.errorware'])
         # we want our low level middleware to get to the request ASAP. We don't
         # need any pylons stack middleware in them
         app = SimpleHg(app, config)
         app = SimpleGit(app, config)
         # Display error documents for 401, 403, 404 status codes (and
         # 500 when debug is disabled)
         if asbool(config['debug']):
             app = StatusCodeRedirect(app)
         else:
             app = StatusCodeRedirect(app, [400, 401, 403, 404, 500])
     #enable https redirets based on HTTP_X_URL_SCHEME set by proxy
     app = HttpsFixup(app, config)
     # Establish the Registry for this application
     app = RegistryManager(app)
     if asbool(static_files):
         # Serve static files
         static_app = StaticURLParser(config['pylons.paths']['static_files'])
         app = Cascade([static_app, app])
         app = make_gzip_middleware(app, global_conf, compress_level=1)
     app.config = config
     return app

rhodecode/config/routing.py

➞

Show inline comments

@@ @@ -68,152 +68,164 @@ def make_map(config): @@
     #MAIN PAGE
     rmap.connect('home', '/', controller='home', action='index')
     rmap.connect('repo_switcher', '/repos', controller='home',
                  action='repo_switcher')
     rmap.connect('branch_tag_switcher', '/branches-tags/{repo_name:.*}',
                  controller='home', action='branch_tag_switcher')
     rmap.connect('bugtracker',
                  "http://bitbucket.org/marcinkuzminski/rhodecode/issues",
                  _static=True)
     rmap.connect('rst_help',
                  "http://docutils.sourceforge.net/docs/user/rst/quickref.html",
                  _static=True)
     rmap.connect('rhodecode_official', "http://rhodecode.org", _static=True)
     #ADMIN REPOSITORY REST ROUTES
     with rmap.submapper(path_prefix=ADMIN_PREFIX,
                         controller='admin/repos') as m:
         m.connect("repos", "/repos",
              action="create", conditions=dict(method=["POST"]))
         m.connect("repos", "/repos",
              action="index", conditions=dict(method=["GET"]))
         m.connect("formatted_repos", "/repos.{format}",
              action="index",
             conditions=dict(method=["GET"]))
         m.connect("new_repo", "/repos/new",
              action="new", conditions=dict(method=["GET"]))
         m.connect("formatted_new_repo", "/repos/new.{format}",
              action="new", conditions=dict(method=["GET"]))
         m.connect("/repos/{repo_name:.*}",
              action="update", conditions=dict(method=["PUT"],
                                               function=check_repo))
         m.connect("/repos/{repo_name:.*}",
              action="delete", conditions=dict(method=["DELETE"],
                                               function=check_repo))
         m.connect("edit_repo", "/repos/{repo_name:.*}/edit",
              action="edit", conditions=dict(method=["GET"],
                                             function=check_repo))
         m.connect("formatted_edit_repo", "/repos/{repo_name:.*}.{format}/edit",
              action="edit", conditions=dict(method=["GET"],
                                             function=check_repo))
         m.connect("repo", "/repos/{repo_name:.*}",
              action="show", conditions=dict(method=["GET"],
                                             function=check_repo))
         m.connect("formatted_repo", "/repos/{repo_name:.*}.{format}",
              action="show", conditions=dict(method=["GET"],
                                             function=check_repo))
         #ajax delete repo perm user
         m.connect('delete_repo_user', "/repos_delete_user/{repo_name:.*}",
              action="delete_perm_user", conditions=dict(method=["DELETE"],
                                                         function=check_repo))
              action="delete_perm_user",
              conditions=dict(method=["DELETE"], function=check_repo))
         #ajax delete repo perm users_group
         m.connect('delete_repo_users_group',
                   "/repos_delete_users_group/{repo_name:.*}",
                   action="delete_perm_users_group",
                   conditions=dict(method=["DELETE"], function=check_repo))
         #settings actions
         m.connect('repo_stats', "/repos_stats/{repo_name:.*}",
                   action="repo_stats", conditions=dict(method=["DELETE"],
                                                        function=check_repo))
         m.connect('repo_cache', "/repos_cache/{repo_name:.*}",
                   action="repo_cache", conditions=dict(method=["DELETE"],
                                                        function=check_repo))
         m.connect('repo_public_journal',"/repos_public_journal/{repo_name:.*}",
+        m.connect('repo_public_journal', "/repos_public_journal/{repo_name:.*}",
                   action="repo_public_journal", conditions=dict(method=["PUT"],
                                                         function=check_repo))
         m.connect('repo_pull', "/repo_pull/{repo_name:.*}",
                   action="repo_pull", conditions=dict(method=["PUT"],
                                                       function=check_repo))
         m.connect('repo_as_fork', "/repo_as_fork/{repo_name:.*}",
                   action="repo_as_fork", conditions=dict(method=["PUT"],
                                                       function=check_repo))
     with rmap.submapper(path_prefix=ADMIN_PREFIX,
                         controller='admin/repos_groups') as m:
         m.connect("repos_groups", "/repos_groups",
                   action="create", conditions=dict(method=["POST"]))
         m.connect("repos_groups", "/repos_groups",
                   action="index", conditions=dict(method=["GET"]))
         m.connect("formatted_repos_groups", "/repos_groups.{format}",
                   action="index", conditions=dict(method=["GET"]))
         m.connect("new_repos_group", "/repos_groups/new",
                   action="new", conditions=dict(method=["GET"]))
         m.connect("formatted_new_repos_group", "/repos_groups/new.{format}",
                   action="new", conditions=dict(method=["GET"]))
         m.connect("update_repos_group", "/repos_groups/{id}",
                   action="update", conditions=dict(method=["PUT"],
                                                    function=check_int))
         m.connect("delete_repos_group", "/repos_groups/{id}",
                   action="delete", conditions=dict(method=["DELETE"],
                                                    function=check_int))
         m.connect("edit_repos_group", "/repos_groups/{id}/edit",
                   action="edit", conditions=dict(method=["GET"],
                                                  function=check_int))
         m.connect("formatted_edit_repos_group",
                   "/repos_groups/{id}.{format}/edit",
                   action="edit", conditions=dict(method=["GET"],
                                                  function=check_int))
         m.connect("repos_group", "/repos_groups/{id}",
                   action="show", conditions=dict(method=["GET"],
                                                  function=check_int))
         m.connect("formatted_repos_group", "/repos_groups/{id}.{format}",
                   action="show", conditions=dict(method=["GET"],
                                                  function=check_int))
         # ajax delete repos group perm user
         m.connect('delete_repos_group_user_perm',
                   "/delete_repos_group_user_perm/{group_name:.*}",
              action="delete_repos_group_user_perm",
              conditions=dict(method=["DELETE"], function=check_group))
         # ajax delete repos group perm users_group
         m.connect('delete_repos_group_users_group_perm',
                   "/delete_repos_group_users_group_perm/{group_name:.*}",
                   action="delete_repos_group_users_group_perm",
                   conditions=dict(method=["DELETE"], function=check_group))
     #ADMIN USER REST ROUTES
     with rmap.submapper(path_prefix=ADMIN_PREFIX,
                         controller='admin/users') as m:
         m.connect("users", "/users",
                   action="create", conditions=dict(method=["POST"]))
         m.connect("users", "/users",
                   action="index", conditions=dict(method=["GET"]))
         m.connect("formatted_users", "/users.{format}",
                   action="index", conditions=dict(method=["GET"]))
         m.connect("new_user", "/users/new",
                   action="new", conditions=dict(method=["GET"]))
         m.connect("formatted_new_user", "/users/new.{format}",
                   action="new", conditions=dict(method=["GET"]))
         m.connect("update_user", "/users/{id}",
                   action="update", conditions=dict(method=["PUT"]))
         m.connect("delete_user", "/users/{id}",
                   action="delete", conditions=dict(method=["DELETE"]))
         m.connect("edit_user", "/users/{id}/edit",
                   action="edit", conditions=dict(method=["GET"]))
         m.connect("formatted_edit_user",
                   "/users/{id}.{format}/edit",
                   action="edit", conditions=dict(method=["GET"]))
         m.connect("user", "/users/{id}",
                   action="show", conditions=dict(method=["GET"]))
         m.connect("formatted_user", "/users/{id}.{format}",
                   action="show", conditions=dict(method=["GET"]))
         #EXTRAS USER ROUTES
         m.connect("user_perm", "/users_perm/{id}",
                   action="update_perm", conditions=dict(method=["PUT"]))
     #ADMIN USERS REST ROUTES
     with rmap.submapper(path_prefix=ADMIN_PREFIX,
                         controller='admin/users_groups') as m:
         m.connect("users_groups", "/users_groups",
                   action="create", conditions=dict(method=["POST"]))
         m.connect("users_groups", "/users_groups",
                   action="index", conditions=dict(method=["GET"]))
         m.connect("formatted_users_groups", "/users_groups.{format}",
                   action="index", conditions=dict(method=["GET"]))
         m.connect("new_users_group", "/users_groups/new",
                   action="new", conditions=dict(method=["GET"]))
         m.connect("formatted_new_users_group", "/users_groups/new.{format}",
                   action="new", conditions=dict(method=["GET"]))
         m.connect("update_users_group", "/users_groups/{id}",
                   action="update", conditions=dict(method=["PUT"]))
         m.connect("delete_users_group", "/users_groups/{id}",
@@ @@ -265,179 +277,178 @@ def make_map(config): @@
                   action="update", conditions=dict(method=["PUT"]))
         m.connect("/settings/{setting_id}",
                   action="delete", conditions=dict(method=["DELETE"]))
         m.connect("admin_edit_setting", "/settings/{setting_id}/edit",
                   action="edit", conditions=dict(method=["GET"]))
         m.connect("formatted_admin_edit_setting",
                   "/settings/{setting_id}.{format}/edit",
                   action="edit", conditions=dict(method=["GET"]))
         m.connect("admin_setting", "/settings/{setting_id}",
                   action="show", conditions=dict(method=["GET"]))
         m.connect("formatted_admin_setting", "/settings/{setting_id}.{format}",
                   action="show", conditions=dict(method=["GET"]))
         m.connect("admin_settings_my_account", "/my_account",
                   action="my_account", conditions=dict(method=["GET"]))
         m.connect("admin_settings_my_account_update", "/my_account_update",
                   action="my_account_update", conditions=dict(method=["PUT"]))
         m.connect("admin_settings_create_repository", "/create_repository",
                   action="create_repository", conditions=dict(method=["GET"]))
     #NOTIFICATION REST ROUTES
     with rmap.submapper(path_prefix=ADMIN_PREFIX,
                         controller='admin/notifications') as m:
         m.connect("notifications", "/notifications",
                   action="create", conditions=dict(method=["POST"]))
         m.connect("notifications", "/notifications",
                   action="index", conditions=dict(method=["GET"]))
         m.connect("notifications_mark_all_read", "/notifications/mark_all_read",
                   action="mark_all_read", conditions=dict(method=["GET"]))
         m.connect("formatted_notifications", "/notifications.{format}",
                   action="index", conditions=dict(method=["GET"]))
         m.connect("new_notification", "/notifications/new",
                   action="new", conditions=dict(method=["GET"]))
         m.connect("formatted_new_notification", "/notifications/new.{format}",
                   action="new", conditions=dict(method=["GET"]))
         m.connect("/notification/{notification_id}",
                   action="update", conditions=dict(method=["PUT"]))
         m.connect("/notification/{notification_id}",
                   action="delete", conditions=dict(method=["DELETE"]))
         m.connect("edit_notification", "/notification/{notification_id}/edit",
                   action="edit", conditions=dict(method=["GET"]))
         m.connect("formatted_edit_notification",
                   "/notification/{notification_id}.{format}/edit",
                   action="edit", conditions=dict(method=["GET"]))
         m.connect("notification", "/notification/{notification_id}",
                   action="show", conditions=dict(method=["GET"]))
         m.connect("formatted_notification", "/notifications/{notification_id}.{format}",
                   action="show", conditions=dict(method=["GET"]))
     #ADMIN MAIN PAGES
     with rmap.submapper(path_prefix=ADMIN_PREFIX,
                         controller='admin/admin') as m:
         m.connect('admin_home', '', action='index')
         m.connect('admin_add_repo', '/add_repo/{new_repo:[a-z0-9\. _-]*}',
                   action='add_repo')
     #==========================================================================
-    # API V1
+    # API V2
     #==========================================================================
     with rmap.submapper(path_prefix=ADMIN_PREFIX,
                         controller='api/api') as m:
         m.connect('api', '/api')
     #USER JOURNAL
     rmap.connect('journal', '%s/journal' % ADMIN_PREFIX, controller='journal')
     rmap.connect('public_journal', '%s/public_journal' % ADMIN_PREFIX,
                  controller='journal', action="public_journal")
     rmap.connect('public_journal_rss', '%s/public_journal_rss' % ADMIN_PREFIX,
                  controller='journal', action="public_journal_rss")
     rmap.connect('public_journal_atom',
                  '%s/public_journal_atom' % ADMIN_PREFIX, controller='journal',
                  action="public_journal_atom")
     rmap.connect('toggle_following', '%s/toggle_following' % ADMIN_PREFIX,
                  controller='journal', action='toggle_following',
                  conditions=dict(method=["POST"]))
     #SEARCH
     rmap.connect('search', '%s/search' % ADMIN_PREFIX, controller='search',)
     rmap.connect('search_repo', '%s/search/{search_repo:.*}' % ADMIN_PREFIX,
                   controller='search')
     #LOGIN/LOGOUT/REGISTER/SIGN IN
     rmap.connect('login_home', '%s/login' % ADMIN_PREFIX, controller='login')
     rmap.connect('logout_home', '%s/logout' % ADMIN_PREFIX, controller='login',
                  action='logout')
     rmap.connect('register', '%s/register' % ADMIN_PREFIX, controller='login',
                  action='register')
     rmap.connect('reset_password', '%s/password_reset' % ADMIN_PREFIX,
                  controller='login', action='password_reset')
     rmap.connect('reset_password_confirmation',
                  '%s/password_reset_confirmation' % ADMIN_PREFIX,
                  controller='login', action='password_reset_confirmation')
     #FEEDS
     rmap.connect('rss_feed_home', '/{repo_name:.*}/feed/rss',
                 controller='feed', action='rss',
                 conditions=dict(function=check_repo))
     rmap.connect('atom_feed_home', '/{repo_name:.*}/feed/atom',
                 controller='feed', action='atom',
                 conditions=dict(function=check_repo))
     #==========================================================================
     # REPOSITORY ROUTES
     #==========================================================================
     rmap.connect('summary_home', '/{repo_name:.*}',
                 controller='summary',
                 conditions=dict(function=check_repo))
     rmap.connect('repos_group_home', '/{group_name:.*}',
                 controller='admin/repos_groups', action="show_by_name",
                 conditions=dict(function=check_group))
     rmap.connect('changeset_home', '/{repo_name:.*}/changeset/{revision}',
                 controller='changeset', revision='tip',
                 conditions=dict(function=check_repo))
     rmap.connect('changeset_comment', '/{repo_name:.*}/changeset/{revision}/comment',
     rmap.connect('changeset_comment',
                  '/{repo_name:.*}/changeset/{revision}/comment',
                 controller='changeset', revision='tip', action='comment',
                 conditions=dict(function=check_repo))
     rmap.connect('changeset_comment_delete', '/{repo_name:.*}/changeset/comment/{comment_id}/delete',
     rmap.connect('changeset_comment_delete',
                  '/{repo_name:.*}/changeset/comment/{comment_id}/delete',
                 controller='changeset', action='delete_comment',
                 conditions=dict(function=check_repo, method=["DELETE"]))
     rmap.connect('raw_changeset_home',
                  '/{repo_name:.*}/raw-changeset/{revision}',
                  controller='changeset', action='raw_changeset',
                  revision='tip', conditions=dict(function=check_repo))
     rmap.connect('summary_home', '/{repo_name:.*}/summary',
                 controller='summary', conditions=dict(function=check_repo))
     rmap.connect('shortlog_home', '/{repo_name:.*}/shortlog',
                 controller='shortlog', conditions=dict(function=check_repo))
     rmap.connect('branches_home', '/{repo_name:.*}/branches',
                 controller='branches', conditions=dict(function=check_repo))
     rmap.connect('tags_home', '/{repo_name:.*}/tags',
                 controller='tags', conditions=dict(function=check_repo))
     rmap.connect('bookmarks_home', '/{repo_name:.*}/bookmarks',
                 controller='bookmarks', conditions=dict(function=check_repo))
     rmap.connect('changelog_home', '/{repo_name:.*}/changelog',
                 controller='changelog', conditions=dict(function=check_repo))
     rmap.connect('changelog_details', '/{repo_name:.*}/changelog_details/{cs}',
                 controller='changelog', action='changelog_details',
                 conditions=dict(function=check_repo))
     rmap.connect('files_home', '/{repo_name:.*}/files/{revision}/{f_path:.*}',
                 controller='files', revision='tip', f_path='',
                 conditions=dict(function=check_repo))
     rmap.connect('files_diff_home', '/{repo_name:.*}/diff/{f_path:.*}',
                 controller='files', action='diff', revision='tip', f_path='',
                 conditions=dict(function=check_repo))
     rmap.connect('files_rawfile_home',
                  '/{repo_name:.*}/rawfile/{revision}/{f_path:.*}',
                  controller='files', action='rawfile', revision='tip',
                  f_path='', conditions=dict(function=check_repo))
     rmap.connect('files_raw_home',
                  '/{repo_name:.*}/raw/{revision}/{f_path:.*}',
                  controller='files', action='raw', revision='tip', f_path='',
                  conditions=dict(function=check_repo))
@@ @@ -448,50 +459,49 @@ def make_map(config): @@
     rmap.connect('files_edit_home',
                  '/{repo_name:.*}/edit/{revision}/{f_path:.*}',
                  controller='files', action='edit', revision='tip',
                  f_path='', conditions=dict(function=check_repo))
     rmap.connect('files_add_home',
                  '/{repo_name:.*}/add/{revision}/{f_path:.*}',
                  controller='files', action='add', revision='tip',
                  f_path='', conditions=dict(function=check_repo))
     rmap.connect('files_archive_home', '/{repo_name:.*}/archive/{fname}',
                 controller='files', action='archivefile',
                 conditions=dict(function=check_repo))
     rmap.connect('files_nodelist_home',
                  '/{repo_name:.*}/nodelist/{revision}/{f_path:.*}',
                 controller='files', action='nodelist',
                 conditions=dict(function=check_repo))
     rmap.connect('repo_settings_delete', '/{repo_name:.*}/settings',
                 controller='settings', action="delete",
                 conditions=dict(method=["DELETE"], function=check_repo))
     rmap.connect('repo_settings_update', '/{repo_name:.*}/settings',
                 controller='settings', action="update",
                 conditions=dict(method=["PUT"], function=check_repo))
     rmap.connect('repo_settings_home', '/{repo_name:.*}/settings',
                 controller='settings', action='index',
                 conditions=dict(function=check_repo))
     rmap.connect('repo_fork_create_home', '/{repo_name:.*}/fork',
                 controller='forks', action='fork_create',
                 conditions=dict(function=check_repo, method=["POST"]))
     rmap.connect('repo_fork_home', '/{repo_name:.*}/fork',
                 controller='forks', action='fork',
                 conditions=dict(function=check_repo))
     rmap.connect('repo_forks_home', '/{repo_name:.*}/forks',
                  controller='forks', action='forks',
                  conditions=dict(function=check_repo))
     rmap.connect('repo_followers_home', '/{repo_name:.*}/followers',
                  controller='followers', action='followers',
                  conditions=dict(function=check_repo))
     return rmap

rhodecode/controllers/admin/repos.py

➞

Show inline comments

 # -*- coding: utf-8 -*-
 """
     rhodecode.controllers.admin.repos
     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-    Admin controller for RhodeCode
+    Repositories controller for RhodeCode
     :created_on: Apr 7, 2010
     :author: marcink
     :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
     :license: GPLv3, see COPYING for more details.
 """
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
+#
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
+#
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 import logging
 import traceback
 import formencode
 from formencode import htmlfill
 from paste.httpexceptions import HTTPInternalServerError
 from pylons import request, session, tmpl_context as c, url
 from pylons.controllers.util import redirect
 from pylons.i18n.translation import _
 from sqlalchemy.exc import IntegrityError
 from rhodecode.lib import helpers as h
 from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator, \
     HasPermissionAnyDecorator, HasRepoPermissionAllDecorator
 from rhodecode.lib.base import BaseController, render
 from rhodecode.lib.utils import invalidate_cache, action_logger, repo_name_slug
 from rhodecode.lib.helpers import get_token
 from rhodecode.model.meta import Session
 from rhodecode.model.db import User, Repository, UserFollowing, RepoGroup
 from rhodecode.model.forms import RepoForm
 from rhodecode.model.scm import ScmModel
 from rhodecode.model.repo import RepoModel
 log = logging.getLogger(__name__)
 class ReposController(BaseController):
     """
     REST Controller styled on the Atom Publishing Protocol"""
@@ @@ -232,142 +232,144 @@ class ReposController(BaseController): @@
     @HasPermissionAllDecorator('hg.admin')
     def delete(self, repo_name):
         """
         DELETE /repos/repo_name: Delete an existing item"""
         # Forms posted to this method should contain a hidden field:
         #    <input type="hidden" name="_method" value="DELETE" />
         # Or using helpers:
         #    h.form(url('repo', repo_name=ID),
         #           method='delete')
         # url('repo', repo_name=ID)
         repo_model = RepoModel()
         repo = repo_model.get_by_repo_name(repo_name)
         if not repo:
             h.flash(_('%s repository is not mapped to db perhaps'
                       ' it was moved or renamed  from the filesystem'
                       ' please run the application again'
                       ' in order to rescan repositories') % repo_name,
                       category='error')
             return redirect(url('repos'))
         try:
             action_logger(self.rhodecode_user, 'admin_deleted_repo',
                               repo_name, '', self.sa)
             repo_model.delete(repo)
             invalidate_cache('get_repo_cached_%s' % repo_name)
             h.flash(_('deleted repository %s') % repo_name, category='success')
             Session.commit()
         except IntegrityError, e:
             if e.message.find('repositories_fork_id_fkey') != -1:
                 log.error(traceback.format_exc())
                 h.flash(_('Cannot delete %s it still contains attached '
                           'forks') % repo_name,
                         category='warning')
             else:
                 log.error(traceback.format_exc())
                 h.flash(_('An error occurred during '
                           'deletion of %s') % repo_name,
                         category='error')
         except Exception, e:
             log.error(traceback.format_exc())
             h.flash(_('An error occurred during deletion of %s') % repo_name,
                     category='error')
         return redirect(url('repos'))
     @HasRepoPermissionAllDecorator('repository.admin')
     def delete_perm_user(self, repo_name):
         """
         DELETE an existing repository permission user
         :param repo_name:
         """
         try:
             repo_model = RepoModel()
             repo_model.delete_perm_user(request.POST, repo_name)
             RepoModel().revoke_user_permission(repo=repo_name,
                                                user=request.POST['user_id'])
             Session.commit()
         except Exception, e:
         except Exception:
             log.error(traceback.format_exc())
             h.flash(_('An error occurred during deletion of repository user'),
                     category='error')
             raise HTTPInternalServerError()
     @HasRepoPermissionAllDecorator('repository.admin')
     def delete_perm_users_group(self, repo_name):
         """
         DELETE an existing repository permission users group
         :param repo_name:
         """
         try:
             repo_model = RepoModel()
             repo_model.delete_perm_users_group(request.POST, repo_name)
             RepoModel().revoke_users_group_permission(
                 repo=repo_name, group_name=request.POST['users_group_id']
+            )
             Session.commit()
         except Exception, e:
         except Exception:
             log.error(traceback.format_exc())
             h.flash(_('An error occurred during deletion of repository'
                       ' users groups'),
                     category='error')
             raise HTTPInternalServerError()
     @HasPermissionAllDecorator('hg.admin')
     def repo_stats(self, repo_name):
         """
         DELETE an existing repository statistics
         :param repo_name:
         """
         try:
             repo_model = RepoModel()
             repo_model.delete_stats(repo_name)
             RepoModel().delete_stats(repo_name)
             Session.commit()
         except Exception, e:
             h.flash(_('An error occurred during deletion of repository stats'),
                     category='error')
         return redirect(url('edit_repo', repo_name=repo_name))
     @HasPermissionAllDecorator('hg.admin')
     def repo_cache(self, repo_name):
         """
         INVALIDATE existing repository cache
         :param repo_name:
         """
         try:
             ScmModel().mark_for_invalidation(repo_name)
             Session.commit()
         except Exception, e:
             h.flash(_('An error occurred during cache invalidation'),
                     category='error')
         return redirect(url('edit_repo', repo_name=repo_name))
     @HasPermissionAllDecorator('hg.admin')
     def repo_public_journal(self, repo_name):
         """
         Set's this repository to be visible in public journal,
         in other words assing default user to follow this repo
         :param repo_name:
         """
         cur_token = request.POST.get('auth_token')
         token = get_token()
         if cur_token == token:
             try:
                 repo_id = Repository.get_by_repo_name(repo_name).repo_id
                 user_id = User.get_by_username('default').user_id
                 self.scm_model.toggle_following_repo(repo_id, user_id)
                 h.flash(_('Updated repository visibility in public journal'),
                         category='success')
                 Session.commit()
             except:
                 h.flash(_('An error occurred during setting this'
                           ' repository in public journal'),
                         category='error')
         else:
             h.flash(_('Token mismatch'), category='error')

rhodecode/controllers/admin/repos_groups.py

➞

Show inline comments

 # -*- coding: utf-8 -*-
 """
     rhodecode.controllers.admin.repos_groups
     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-    repos groups controller for RhodeCode
+    Repositories groups controller for RhodeCode
     :created_on: Mar 23, 2010
     :author: marcink
     :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
     :license: GPLv3, see COPYING for more details.
 """
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
+#
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
+#
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 import logging
 import traceback
 import formencode
 from formencode import htmlfill
 from pylons import request, response, session, tmpl_context as c, url
 from pylons.controllers.util import abort, redirect
 from pylons import request, tmpl_context as c, url
 from pylons.controllers.util import redirect
 from pylons.i18n.translation import _
 from sqlalchemy.exc import IntegrityError
 from rhodecode.lib import helpers as h
 from rhodecode.lib.auth import LoginRequired, HasPermissionAnyDecorator
 from rhodecode.lib.auth import LoginRequired, HasPermissionAnyDecorator,\
     HasReposGroupPermissionAnyDecorator
 from rhodecode.lib.base import BaseController, render
 from rhodecode.model.db import RepoGroup
 from rhodecode.model.repos_group import ReposGroupModel
 from rhodecode.model.forms import ReposGroupForm
 from rhodecode.model.meta import Session
 from rhodecode.model.repo import RepoModel
 from webob.exc import HTTPInternalServerError
 log = logging.getLogger(__name__)
 class ReposGroupsController(BaseController):
     """REST Controller styled on the Atom Publishing Protocol"""
     # To properly map this controller, ensure your config/routing.py
     # file has a resource setup:
     #     map.resource('repos_group', 'repos_groups')
     @LoginRequired()
     def __before__(self):
         super(ReposGroupsController, self).__before__()
     def __load_defaults(self):
         c.repo_groups = RepoGroup.groups_choices()
         c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups)
         repo_model = RepoModel()
         c.users_array = repo_model.get_users_js()
         c.users_groups_array = repo_model.get_users_groups_js()
     def __load_data(self, group_id):
         """
         Load defaults settings for edit, and update
         :param group_id:
         """
         self.__load_defaults()
         repo_group = RepoGroup.get(group_id)
         data = repo_group.get_dict()
         data['group_name'] = repo_group.name
         # fill repository users
         for p in repo_group.repo_group_to_perm:
             data.update({'u_perm_%s' % p.user.username:
                              p.permission.permission_name})
         # fill repository groups
         for p in repo_group.users_group_to_perm:
             data.update({'g_perm_%s' % p.users_group.users_group_name:
                              p.permission.permission_name})
         return data
     @HasPermissionAnyDecorator('hg.admin')
     def index(self, format='html'):
         """GET /repos_groups: All items in the collection"""
         # url('repos_groups')
         sk = lambda g: g.parents[0].group_name if g.parents else g.group_name
         c.groups = sorted(RepoGroup.query().all(), key=sk)
         return render('admin/repos_groups/repos_groups_show.html')
     @HasPermissionAnyDecorator('hg.admin')
     def create(self):
         """POST /repos_groups: Create a new item"""
         # url('repos_groups')
         self.__load_defaults()
         repos_group_form = ReposGroupForm(available_groups =
                                           c.repo_groups_choices)()
         try:
             form_result = repos_group_form.to_python(dict(request.POST))
             ReposGroupModel().create(form_result)
             ReposGroupModel().create(
                     group_name=form_result['group_name'],
                     group_description=form_result['group_description'],
                     parent=form_result['group_parent_id']
+            )
             Session.commit()
             h.flash(_('created repos group %s') \
                     % form_result['group_name'], category='success')
             #TODO: in futureaction_logger(, '', '', '', self.sa)
         except formencode.Invalid, errors:
             return htmlfill.render(
                 render('admin/repos_groups/repos_groups_add.html'),
                 defaults=errors.value,
                 errors=errors.error_dict or {},
                 prefix_error=False,
                 encoding="UTF-8")
         except Exception:
             log.error(traceback.format_exc())
             h.flash(_('error occurred during creation of repos group %s') \
                     % request.POST.get('group_name'), category='error')
         return redirect(url('repos_groups'))
     @HasPermissionAnyDecorator('hg.admin')
     def new(self, format='html'):
         """GET /repos_groups/new: Form to create a new item"""
         # url('new_repos_group')
         self.__load_defaults()
         return render('admin/repos_groups/repos_groups_add.html')
     @HasPermissionAnyDecorator('hg.admin')
     def update(self, id):
         """PUT /repos_groups/id: Update an existing item"""
         # Forms posted to this method should contain a hidden field:
         #    <input type="hidden" name="_method" value="PUT" />
         # Or using helpers:
         #    h.form(url('repos_group', id=ID),
         #           method='put')
         # url('repos_group', id=ID)
         self.__load_defaults()
         c.repos_group = RepoGroup.get(id)
         repos_group_form = ReposGroupForm(edit=True,
                                           old_data=c.repos_group.get_dict(),
                                           available_groups=
                                             c.repo_groups_choices)()
         repos_group_form = ReposGroupForm(
             edit=True,
             old_data=c.repos_group.get_dict(),
             available_groups=c.repo_groups_choices
         )()
         try:
             form_result = repos_group_form.to_python(dict(request.POST))
             ReposGroupModel().update(id, form_result)
             Session.commit()
             h.flash(_('updated repos group %s') \
                     % form_result['group_name'], category='success')
             #TODO: in futureaction_logger(, '', '', '', self.sa)
         except formencode.Invalid, errors:
             return htmlfill.render(
                 render('admin/repos_groups/repos_groups_edit.html'),
                 defaults=errors.value,
                 errors=errors.error_dict or {},
                 prefix_error=False,
                 encoding="UTF-8")
         except Exception:
             log.error(traceback.format_exc())
             h.flash(_('error occurred during update of repos group %s') \
                     % request.POST.get('group_name'), category='error')
         return redirect(url('repos_groups'))
     @HasPermissionAnyDecorator('hg.admin')
     def delete(self, id):
         """DELETE /repos_groups/id: Delete an existing item"""
         # Forms posted to this method should contain a hidden field:
         #    <input type="hidden" name="_method" value="DELETE" />
         # Or using helpers:
         #    h.form(url('repos_group', id=ID),
         #           method='delete')
         # url('repos_group', id=ID)
         gr = RepoGroup.get(id)
         repos = gr.repositories.all()
         if repos:
             h.flash(_('This group contains %s repositores and cannot be '
                       'deleted' % len(repos)),
                     category='error')
             return redirect(url('repos_groups'))
         try:
             ReposGroupModel().delete(id)
             Session.commit()
             h.flash(_('removed repos group %s' % gr.group_name), category='success')
             #TODO: in future action_logger(, '', '', '', self.sa)
         except IntegrityError, e:
             if e.message.find('groups_group_parent_id_fkey') != -1:
                 log.error(traceback.format_exc())
                 h.flash(_('Cannot delete this group it still contains '
                           'subgroups'),
                         category='warning')
             else:
                 log.error(traceback.format_exc())
                 h.flash(_('error occurred during deletion of repos '
                           'group %s' % gr.group_name), category='error')
         except Exception:
             log.error(traceback.format_exc())
             h.flash(_('error occurred during deletion of repos '
                       'group %s' % gr.group_name), category='error')
         return redirect(url('repos_groups'))
     @HasReposGroupPermissionAnyDecorator('group.admin')
     def delete_repos_group_user_perm(self, group_name):
         """
         DELETE an existing repositories group permission user
         :param group_name:
         """
         try:
             ReposGroupModel().revoke_user_permission(
                 repos_group=group_name, user=request.POST['user_id']
+            )
             Session.commit()
         except Exception:
             log.error(traceback.format_exc())
             h.flash(_('An error occurred during deletion of group user'),
                     category='error')
             raise HTTPInternalServerError()
     @HasReposGroupPermissionAnyDecorator('group.admin')
     def delete_repos_group_users_group_perm(self, group_name):
         """
         DELETE an existing repositories group permission users group
         :param group_name:
         """
         try:
             ReposGroupModel().revoke_users_group_permission(
                 repos_group=group_name,
                 group_name=request.POST['users_group_id']
+            )
             Session.commit()
         except Exception:
             log.error(traceback.format_exc())
             h.flash(_('An error occurred during deletion of group'
                       ' users groups'),
                     category='error')
             raise HTTPInternalServerError()
     def show_by_name(self, group_name):
         id_ = RepoGroup.get_by_group_name(group_name).group_id
         return self.show(id_)
     @HasReposGroupPermissionAnyDecorator('group.read', 'group.write',
                                          'group.admin')
     def show(self, id, format='html'):
         """GET /repos_groups/id: Show a specific item"""
         # url('repos_group', id=ID)
         c.group = RepoGroup.get(id)
         if c.group:
             c.group_repos = c.group.repositories.all()
         else:
             return redirect(url('home'))
         #overwrite our cached list with current filter
         gr_filter = c.group_repos
         c.cached_repo_list = self.scm_model.get_repos(all_repos=gr_filter)
         c.repos_list = c.cached_repo_list
         c.repo_cnt = 0
         c.groups = self.sa.query(RepoGroup).order_by(RepoGroup.group_name)\
             .filter(RepoGroup.group_parent_id == id).all()
         return render('admin/repos_groups/repos_groups.html')
     @HasPermissionAnyDecorator('hg.admin')
     def edit(self, id, format='html'):
         """GET /repos_groups/id/edit: Form to edit an existing item"""
         # url('edit_repos_group', id=ID)
         id_ = int(id)
         c.repos_group = RepoGroup.get(id_)
         defaults = self.__load_data(id_)
         # we need to exclude this group from the group list for editing
         c.repo_groups = filter(lambda x:x[0] != id_, c.repo_groups)
+        c.repo_groups = filter(lambda x: x[0] != id_, c.repo_groups)
         return htmlfill.render(
             render('admin/repos_groups/repos_groups_edit.html'),
             defaults=defaults,
             encoding="UTF-8",
             force_defaults=False
+        )

rhodecode/controllers/api/api.py

➞

Show inline comments

@@ @@ -356,155 +356,216 @@ class ApiController(JSONRPCController): @@
         :param revision: revision for which listing should be done
         :param root_path: path from which start displaying
         :param ret_type: return type 'all|files|dirs' nodes
         """
         try:
             _d, _f = ScmModel().get_nodes(repo_name, revision, root_path,
                                           flat=False)
             _map = {
                 'all': _d + _f,
                 'files': _f,
                 'dirs': _d,
+            }
             return _map[ret_type]
         except KeyError:
             raise JSONRPCError('ret_type must be one of %s' % _map.keys())
         except Exception, e:
             raise JSONRPCError(e)
     @HasPermissionAnyDecorator('hg.admin', 'hg.create.repository')
     def create_repo(self, apiuser, repo_name, owner_name, description='',
                     repo_type='hg', private=False):
         """
         Create a repository
         :param apiuser:
         :param repo_name:
         :param description:
         :param type:
         :param private:
         :param owner_name:
         """
         try:
             try:
                 owner = User.get_by_username(owner_name)
             except NoResultFound:
                 raise JSONRPCError('unknown user %s' % owner)
             if Repository.get_by_repo_name(repo_name):
                 raise JSONRPCError("repo %s already exist" % repo_name)
             groups = repo_name.split('/')
             real_name = groups[-1]
             groups = groups[:-1]
             parent_id = None
             for g in groups:
                 group = RepoGroup.get_by_group_name(g)
                 if not group:
                     group = ReposGroupModel().create(
                         dict(
                             group_name=g,
                             group_description='',
                             group_parent_id=parent_id
+                        )
+                    )
                     group = ReposGroupModel().create(g, '', parent_id)
                 parent_id = group.group_id
             repo = RepoModel().create(
                 dict(
                     repo_name=real_name,
                     repo_name_full=repo_name,
                     description=description,
                     private=private,
                     repo_type=repo_type,
                     repo_group=parent_id,
                     clone_uri=None
                 ),
                 owner
+            )
             Session.commit()
             return dict(
                 id=repo.repo_id,
                 msg="Created new repository %s" % repo.repo_name
+            )
         except Exception:
             log.error(traceback.format_exc())
             raise JSONRPCError('failed to create repository %s' % repo_name)
     @HasPermissionAnyDecorator('hg.admin')
-    def add_user_to_repo(self, apiuser, repo_name, username, perm):
+    def grant_user_permission(self, repo_name, username, perm):
         """
         Add permission for a user to a repository
         Grant permission for user on given repository, or update existing one
         if found
         :param apiuser:
         :param repo_name:
         :param username:
         :param perm:
         """
         try:
             repo = Repository.get_by_repo_name(repo_name)
             if repo is None:
                 raise JSONRPCError('unknown repository %s' % repo)
             try:
                 user = User.get_by_username(username)
             except NoResultFound:
                 raise JSONRPCError('unknown user %s' % user)
             user = User.get_by_username(username)
             if user is None:
                 raise JSONRPCError('unknown user %s' % username)
             RepositoryPermissionModel()\
                 .update_or_delete_user_permission(repo, user, perm)
             RepoModel().grant_user_permission(repo=repo, user=user, perm=perm)
             Session.commit()
             return dict(
-                msg='Added perm: %s for %s in repo: %s' % (
+                msg='Granted perm: %s for user: %s in repo: %s' % (
                     perm, username, repo_name
+                )
+            )
         except Exception:
             log.error(traceback.format_exc())
             raise JSONRPCError(
                 'failed to edit permission %(repo)s for %(user)s' % dict(
                     user=username, repo=repo_name
+                )
+            )
     @HasPermissionAnyDecorator('hg.admin')
     def add_users_group_to_repo(self, apiuser, repo_name, group_name, perm):
     def revoke_user_permission(self, repo_name, username):
         """
         Revoke permission for user on given repository
         :param repo_name:
         :param username:
         """
         Add permission for a users group to a repository
         try:
             repo = Repository.get_by_repo_name(repo_name)
             if repo is None:
                 raise JSONRPCError('unknown repository %s' % repo)
             user = User.get_by_username(username)
             if user is None:
                 raise JSONRPCError('unknown user %s' % username)
             RepoModel().revoke_user_permission(repo=repo_name, user=username)
         :param apiuser:
             Session.commit()
             return dict(
                 msg='Revoked perm for user: %s in repo: %s' % (
                     username, repo_name
+                )
+            )
         except Exception:
             log.error(traceback.format_exc())
             raise JSONRPCError(
                 'failed to edit permission %(repo)s for %(user)s' % dict(
                     user=username, repo=repo_name
+                )
+            )
     @HasPermissionAnyDecorator('hg.admin')
     def grant_users_group_permission(self, repo_name, group_name, perm):
         """
         Grant permission for users group on given repository, or update
         existing one if found
         :param repo_name:
         :param group_name:
         :param perm:
         """
         try:
             repo = Repository.get_by_repo_name(repo_name)
             if repo is None:
                 raise JSONRPCError('unknown repository %s' % repo)
             try:
                 user_group = UsersGroup.get_by_group_name(group_name)
             except NoResultFound:
             user_group = UsersGroup.get_by_group_name(group_name)
             if user_group is None:
                 raise JSONRPCError('unknown users group %s' % user_group)
             RepositoryPermissionModel()\
                 .update_or_delete_users_group_permission(repo, user_group,
                                                          perm)
             RepoModel().grant_users_group_permission(repo=repo_name,
                                                      group_name=group_name,
                                                      perm=perm)
             Session.commit()
             return dict(
-                msg='Added perm: %s for %s in repo: %s' % (
+                msg='Granted perm: %s for group: %s in repo: %s' % (
                     perm, group_name, repo_name
+                )
+            )
         except Exception:
             log.error(traceback.format_exc())
             raise JSONRPCError(
                 'failed to edit permission %(repo)s for %(usergr)s' % dict(
                     usergr=group_name, repo=repo_name
                 'failed to edit permission %(repo)s for %(usersgr)s' % dict(
                     usersgr=group_name, repo=repo_name
+                )
+            )
     @HasPermissionAnyDecorator('hg.admin')
     def revoke_users_group_permission(self, repo_name, group_name):
         """
         Revoke permission for users group on given repository
         :param repo_name:
         :param group_name:
         """
         try:
             repo = Repository.get_by_repo_name(repo_name)
             if repo is None:
                 raise JSONRPCError('unknown repository %s' % repo)
             user_group = UsersGroup.get_by_group_name(group_name)
             if user_group is None:
                 raise JSONRPCError('unknown users group %s' % user_group)
             RepoModel().revoke_users_group_permission(repo=repo_name,
                                                       group_name=group_name)
             Session.commit()
             return dict(
                 msg='Revoked perm for group: %s in repo: %s' % (
                     group_name, repo_name
+                )
+            )
         except Exception:
             log.error(traceback.format_exc())
             raise JSONRPCError(
                 'failed to edit permission %(repo)s for %(usersgr)s' % dict(
                     usersgr=group_name, repo=repo_name
+                )
+            )

rhodecode/controllers/home.py

➞

Show inline comments

 # -*- coding: utf-8 -*-
 """
     rhodecode.controllers.home
     ~~~~~~~~~~~~~~~~~~~~~~~~~~
     Home controller for Rhodecode
     :created_on: Feb 18, 2010
     :author: marcink
     :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
     :license: GPLv3, see COPYING for more details.
 """
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
+#
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
+#
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 import logging
 from pylons import tmpl_context as c, request
 from paste.httpexceptions import HTTPBadRequest
 from rhodecode.lib.auth import LoginRequired
 from rhodecode.lib.base import BaseController, render
-from rhodecode.model.db import RepoGroup, Repository
 from rhodecode.model.db import Repository
 log = logging.getLogger(__name__)
 class HomeController(BaseController):
     @LoginRequired()
     def __before__(self):
         super(HomeController, self).__before__()
     def index(self):
         c.repos_list = self.scm_model.get_repos()
         c.groups = RepoGroup.query()\
             .filter(RepoGroup.group_parent_id == None).all()
         c.groups = self.scm_model.get_repos_groups()
         return render('/index.html')
     def repo_switcher(self):
         if request.is_xhr:
             all_repos = Repository.query().order_by(Repository.repo_name).all()
             c.repos_list = self.scm_model.get_repos(all_repos,
                                                     sort_key='name_sort')
             return render('/repo_switcher_list.html')
         else:
             return HTTPBadRequest()
     def branch_tag_switcher(self, repo_name):
         if request.is_xhr:
             c.rhodecode_db_repo = Repository.get_by_repo_name(c.repo_name)
             c.rhodecode_repo = c.rhodecode_db_repo.scm_instance
             return render('/switch_to_list.html')
         else:
             return HTTPBadRequest()

rhodecode/lib/__init__.py

➞

Show inline comments

 # -*- coding: utf-8 -*-
 """
     rhodecode.lib.__init__
     ~~~~~~~~~~~~~~~~~~~~~~~
     Some simple helper functions
     :created_on: Jan 5, 2011
     :author: marcink
     :copyright: (C) 2011-2012 Marcin Kuzminski <marcin@python-works.com>
     :license: GPLv3, see COPYING for more details.
 """
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
+#
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
+#
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 import os
 import re
 from vcs.utils.lazy import LazyProperty
 def __get_lem():
     from pygments import lexers
     from string import lower
     from collections import defaultdict
     d = defaultdict(lambda: [])
     def __clean(s):
         s = s.lstrip('*')
         s = s.lstrip('.')
         if s.find('[') != -1:
             exts = []
             start, stop = s.find('['), s.find(']')
             for suffix in s[start + 1:stop]:
                 exts.append(s[:s.find('[')] + suffix)
             return map(lower, exts)
         else:
             return map(lower, [s])
     for lx, t in sorted(lexers.LEXERS.items()):
         m = map(__clean, t[-2])
         if m:
             m = reduce(lambda x, y: x + y, m)
             for ext in m:
                 desc = lx.replace('Lexer', '')
                 d[ext].append(desc)
     return dict(d)
 # language map is also used by whoosh indexer, which for those specified
 # extensions will index it's content
 LANGUAGES_EXTENSIONS_MAP = __get_lem()
 # Additional mappings that are not present in the pygments lexers
 # NOTE: that this will overide any mappings in LANGUAGES_EXTENSIONS_MAP
 ADDITIONAL_MAPPINGS = {'xaml': 'XAML'}
 LANGUAGES_EXTENSIONS_MAP.update(ADDITIONAL_MAPPINGS)
 # list of readme files to search in file tree and display in summary
 # attached weights defines the search  order lower is first
 ALL_READMES = [
     ('readme', 0), ('README', 0), ('Readme', 0),
     ('doc/readme', 1), ('doc/README', 1), ('doc/Readme', 1),
     ('Docs/readme', 2), ('Docs/README', 2), ('Docs/Readme', 2),
@@ @@ -168,134 +170,134 @@ def generate_api_key(username, salt=None @@
     :param username: username as string
     :param salt: salt to hash generate KEY
     :rtype: str
     :returns: sha1 hash from username+salt
     """
     from tempfile import _RandomNameSequence
     import hashlib
     if salt is None:
         salt = _RandomNameSequence().next()
     return hashlib.sha1(username + salt).hexdigest()
 def safe_unicode(str_, from_encoding='utf8'):
     """
     safe unicode function. Does few trick to turn str_ into unicode
     In case of UnicodeDecode error we try to return it with encoding detected
     by chardet library if it fails fallback to unicode with errors replaced
     :param str_: string to decode
     :rtype: unicode
     :returns: unicode object
     """
     if isinstance(str_, unicode):
         return str_
     try:
         return unicode(str_)
     except UnicodeDecodeError:
         pass
     try:
         return unicode(str_, from_encoding)
     except UnicodeDecodeError:
         pass
     try:
         import chardet
         encoding = chardet.detect(str_)['encoding']
         if encoding is None:
             raise Exception()
         return str_.decode(encoding)
     except (ImportError, UnicodeDecodeError, Exception):
         return unicode(str_, from_encoding, 'replace')
 def safe_str(unicode_, to_encoding='utf8'):
     """
     safe str function. Does few trick to turn unicode_ into string
     In case of UnicodeEncodeError we try to return it with encoding detected
     by chardet library if it fails fallback to string with errors replaced
     :param unicode_: unicode to encode
     :rtype: str
     :returns: str object
     """
     if not isinstance(unicode_, basestring):
         return str(unicode_)
     if isinstance(unicode_, str):
         return unicode_
     try:
         return unicode_.encode(to_encoding)
     except UnicodeEncodeError:
         pass
     try:
         import chardet
         encoding = chardet.detect(unicode_)['encoding']
         print encoding
         if encoding is None:
             raise UnicodeEncodeError()
         return unicode_.encode(encoding)
     except (ImportError, UnicodeEncodeError):
         return unicode_.encode(to_encoding, 'replace')
     return safe_str
 def engine_from_config(configuration, prefix='sqlalchemy.', **kwargs):
     """
     Custom engine_from_config functions that makes sure we use NullPool for
     file based sqlite databases. This prevents errors on sqlite. This only
     applies to sqlalchemy versions < 0.7.0
     """
     import sqlalchemy
     from sqlalchemy import engine_from_config as efc
     import logging
     if int(sqlalchemy.__version__.split('.')[1]) < 7:
         # This solution should work for sqlalchemy < 0.7.0, and should use
         # proxy=TimerProxy() for execution time profiling
         from sqlalchemy.pool import NullPool
         url = configuration[prefix + 'url']
         if url.startswith('sqlite'):
             kwargs.update({'poolclass': NullPool})
         return efc(configuration, prefix, **kwargs)
     else:
         import time
         from sqlalchemy import event
         from sqlalchemy.engine import Engine
         log = logging.getLogger('sqlalchemy.engine')
         BLACK, RED, GREEN, YELLOW, BLUE, MAGENTA, CYAN, WHITE = xrange(30, 38)
         engine = efc(configuration, prefix, **kwargs)
         def color_sql(sql):
             COLOR_SEQ = "\033[1;%dm"
             COLOR_SQL = YELLOW
             normal = '\x1b[0m'
             return ''.join([COLOR_SEQ % COLOR_SQL, sql, normal])
         if configuration['debug']:
             #attach events only for debug configuration
             def before_cursor_execute(conn, cursor, statement,
                                     parameters, context, executemany):
                 context._query_start_time = time.time()
                 log.info(color_sql(">>>>> STARTING QUERY >>>>>"))
             def after_cursor_execute(conn, cursor, statement,
                                     parameters, context, executemany):
@@ @@ -348,103 +350,105 @@ def age(curdate): @@
 def uri_filter(uri):
     """
     Removes user:password from given url string
     :param uri:
     :rtype: unicode
     :returns: filtered list of strings
     """
     if not uri:
         return ''
     proto = ''
     for pat in ('https://', 'http://'):
         if uri.startswith(pat):
             uri = uri[len(pat):]
             proto = pat
             break
     # remove passwords and username
     uri = uri[uri.find('@') + 1:]
     # get the port
     cred_pos = uri.find(':')
     if cred_pos == -1:
         host, port = uri, None
     else:
         host, port = uri[:cred_pos], uri[cred_pos + 1:]
     return filter(None, [proto, host, port])
 def credentials_filter(uri):
     """
     Returns a url with removed credentials
     :param uri:
     """
     uri = uri_filter(uri)
     #check if we have port
     if len(uri) > 2 and uri[2]:
         uri[2] = ':' + uri[2]
     return ''.join(uri)
 def get_changeset_safe(repo, rev):
     """
     Safe version of get_changeset if this changeset doesn't exists for a
     repo it returns a Dummy one instead
     :param repo:
     :param rev:
     """
     from vcs.backends.base import BaseRepository
     from vcs.exceptions import RepositoryError
     if not isinstance(repo, BaseRepository):
         raise Exception('You must pass an Repository '
                         'object as first argument got %s', type(repo))
     try:
         cs = repo.get_changeset(rev)
     except RepositoryError:
         from rhodecode.lib.utils import EmptyChangeset
         cs = EmptyChangeset(requested_revision=rev)
     return cs
 def get_current_revision(quiet=False):
     """
     Returns tuple of (number, id) from repository containing this package
     or None if repository could not be found.
     :param quiet: prints error for fetching revision if True
     """
     try:
         from vcs import get_repo
         from vcs.utils.helpers import get_scm
         repopath = os.path.join(os.path.dirname(__file__), '..', '..')
         scm = get_scm(repopath)[0]
         repo = get_repo(path=repopath, alias=scm)
         tip = repo.get_changeset()
         return (tip.revision, tip.short_id)
     except Exception, err:
         if not quiet:
             print ("Cannot retrieve rhodecode's revision. Original error "
                    "was: %s" % err)
         return None
 def extract_mentioned_users(s):
     """
     Returns unique usernames from given string s that have @mention
     :param s: string to get mentions
     """
     usrs = {}
     for username in re.findall(r'(?:^@|\s@)(\w+)', s):
         usrs[username] = username
     return sorted(usrs.keys())

rhodecode/lib/auth.py

➞

Show inline comments

 # -*- coding: utf-8 -*-
 """
     rhodecode.lib.auth
     ~~~~~~~~~~~~~~~~~~
     authentication and permission libraries
     :created_on: Apr 4, 2010
     :author: marcink
     :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
     :license: GPLv3, see COPYING for more details.
 """
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
+#
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
+#
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 import random
 import logging
 import traceback
 import hashlib
 from tempfile import _RandomNameSequence
 from decorator import decorator
-from pylons import config, session, url, request
 from pylons import config, url, request
 from pylons.controllers.util import abort, redirect
 from pylons.i18n.translation import _
 from rhodecode import __platform__, PLATFORM_WIN, PLATFORM_OTHERS
 from rhodecode.model.meta import Session
 if __platform__ in PLATFORM_WIN:
     from hashlib import sha256
 if __platform__ in PLATFORM_OTHERS:
     import bcrypt
 from rhodecode.lib import str2bool, safe_unicode
 from rhodecode.lib.exceptions import LdapPasswordError, LdapUsernameError
 from rhodecode.lib.utils import get_repo_slug
+from rhodecode.lib.utils import get_repo_slug, get_repos_group_slug
 from rhodecode.lib.auth_ldap import AuthLdap
 from rhodecode.model import meta
 from rhodecode.model.user import UserModel
 from rhodecode.model.db import Permission, RhodeCodeSetting, User
 log = logging.getLogger(__name__)
 class PasswordGenerator(object):
     """
     This is a simple class for generating password from different sets of
     characters
     usage::
         passwd_gen = PasswordGenerator()
         #print 8-letter password containing only big and small letters
             of alphabet
         print passwd_gen.gen_password(8, passwd_gen.ALPHABETS_BIG_SMALL)
     """
     ALPHABETS_NUM = r'''1234567890'''
     ALPHABETS_SMALL = r'''qwertyuiopasdfghjklzxcvbnm'''
     ALPHABETS_BIG = r'''QWERTYUIOPASDFGHJKLZXCVBNM'''
     ALPHABETS_SPECIAL = r'''`-=[]\;',./~!@#$%^&*()_+{}|:"<>?'''
     ALPHABETS_FULL = ALPHABETS_BIG + ALPHABETS_SMALL \
         + ALPHABETS_NUM + ALPHABETS_SPECIAL
     ALPHABETS_ALPHANUM = ALPHABETS_BIG + ALPHABETS_SMALL + ALPHABETS_NUM
     ALPHABETS_BIG_SMALL = ALPHABETS_BIG + ALPHABETS_SMALL
     ALPHABETS_ALPHANUM_BIG = ALPHABETS_BIG + ALPHABETS_NUM
     ALPHABETS_ALPHANUM_SMALL = ALPHABETS_SMALL + ALPHABETS_NUM
     def __init__(self, passwd=''):
         self.passwd = passwd
     def gen_password(self, len, type):
         self.passwd = ''.join([random.choice(type) for _ in xrange(len)])
     def gen_password(self, length, type_):
         self.passwd = ''.join([random.choice(type_) for _ in xrange(length)])
         return self.passwd
 class RhodeCodeCrypto(object):
     @classmethod
     def hash_string(cls, str_):
         """
         Cryptographic function used for password hashing based on pybcrypt
         or pycrypto in windows
         :param password: password to hash
         """
         if __platform__ in PLATFORM_WIN:
             return sha256(str_).hexdigest()
         elif __platform__ in PLATFORM_OTHERS:
             return bcrypt.hashpw(str_, bcrypt.gensalt(10))
         else:
             raise Exception('Unknown or unsupported platform %s' \
                             % __platform__)
     @classmethod
     def hash_check(cls, password, hashed):
         """
         Checks matching password with it's hashed value, runs different
         implementation based on platform it runs on
         :param password: password
         :param hashed: password in hashed form
         """
         if __platform__ in PLATFORM_WIN:
             return sha256(password).hexdigest() == hashed
         elif __platform__ in PLATFORM_OTHERS:
             return bcrypt.hashpw(password, hashed) == hashed
         else:
             raise Exception('Unknown or unsupported platform %s' \
                             % __platform__)
 def get_crypt_password(password):
     return RhodeCodeCrypto.hash_string(password)
 def check_password(password, hashed):
     return RhodeCodeCrypto.hash_check(password, hashed)
@@ @@ -530,172 +530,245 @@ class HasPermissionAllDecorator(PermsDec @@
 class HasPermissionAnyDecorator(PermsDecorator):
     """
     Checks for access permission for any of given predicates. In order to
     fulfill the request any of predicates must be meet
     """
     def check_permissions(self):
         if self.required_perms.intersection(self.user_perms.get('global')):
             return True
         return False
 class HasRepoPermissionAllDecorator(PermsDecorator):
     """
     Checks for access permission for all given predicates for specific
     repository. All of them have to be meet in order to fulfill the request
     """
     def check_permissions(self):
         repo_name = get_repo_slug(request)
         try:
             user_perms = set([self.user_perms['repositories'][repo_name]])
         except KeyError:
             return False
         if self.required_perms.issubset(user_perms):
             return True
         return False
 class HasRepoPermissionAnyDecorator(PermsDecorator):
     """
     Checks for access permission for any of given predicates for specific
     repository. In order to fulfill the request any of predicates must be meet
     """
     def check_permissions(self):
         repo_name = get_repo_slug(request)
         try:
             user_perms = set([self.user_perms['repositories'][repo_name]])
         except KeyError:
             return False
         if self.required_perms.intersection(user_perms):
             return True
         return False
 class HasReposGroupPermissionAllDecorator(PermsDecorator):
     """
     Checks for access permission for all given predicates for specific
     repository. All of them have to be meet in order to fulfill the request
     """
     def check_permissions(self):
         group_name = get_repos_group_slug(request)
         try:
             user_perms = set([self.user_perms['repositories_groups'][group_name]])
         except KeyError:
             return False
         if self.required_perms.issubset(user_perms):
             return True
         return False
 class HasReposGroupPermissionAnyDecorator(PermsDecorator):
     """
     Checks for access permission for any of given predicates for specific
     repository. In order to fulfill the request any of predicates must be meet
     """
     def check_permissions(self):
         group_name = get_repos_group_slug(request)
         try:
             user_perms = set([self.user_perms['repositories_groups'][group_name]])
         except KeyError:
             return False
         if self.required_perms.intersection(user_perms):
             return True
         return False
 #==============================================================================
 # CHECK FUNCTIONS
 #==============================================================================
 class PermsFunction(object):
     """Base function for other check functions"""
     def __init__(self, *perms):
         available_perms = config['available_permissions']
         for perm in perms:
             if perm not in available_perms:
                 raise Exception("'%s' permission in not defined" % perm)
         self.required_perms = set(perms)
         self.user_perms = None
         self.granted_for = ''
         self.repo_name = None
     def __call__(self, check_Location=''):
         user = request.user
         if not user:
             return False
         self.user_perms = user.permissions
         self.granted_for = user
         log.debug('checking %s %s %s', self.__class__.__name__,
                   self.required_perms, user)
         if self.check_permissions():
             log.debug('Permission granted %s @ %s', self.granted_for,
                       check_Location or 'unspecified location')
             return True
         else:
             log.warning('Permission denied for %s @ %s', self.granted_for,
                         check_Location or 'unspecified location')
             return False
     def check_permissions(self):
         """Dummy function for overriding"""
         raise Exception('You have to write this function in child class')
 class HasPermissionAll(PermsFunction):
     def check_permissions(self):
         if self.required_perms.issubset(self.user_perms.get('global')):
             return True
         return False
 class HasPermissionAny(PermsFunction):
     def check_permissions(self):
         if self.required_perms.intersection(self.user_perms.get('global')):
             return True
         return False
 class HasRepoPermissionAll(PermsFunction):
     def __call__(self, repo_name=None, check_Location=''):
         self.repo_name = repo_name
         return super(HasRepoPermissionAll, self).__call__(check_Location)
     def check_permissions(self):
         if not self.repo_name:
             self.repo_name = get_repo_slug(request)
         try:
             self.user_perms = set([self.user_perms['reposit'
                                                    'ories'][self.repo_name]])
             self.user_perms = set(
                 [self.user_perms['repositories'][self.repo_name]]
+            )
         except KeyError:
             return False
         self.granted_for = self.repo_name
         if self.required_perms.issubset(self.user_perms):
             return True
         return False
 class HasRepoPermissionAny(PermsFunction):
     def __call__(self, repo_name=None, check_Location=''):
         self.repo_name = repo_name
         return super(HasRepoPermissionAny, self).__call__(check_Location)
     def check_permissions(self):
         if not self.repo_name:
             self.repo_name = get_repo_slug(request)
         try:
             self.user_perms = set([self.user_perms['reposi'
                                                    'tories'][self.repo_name]])
             self.user_perms = set(
                 [self.user_perms['repositories'][self.repo_name]]
+            )
         except KeyError:
             return False
         self.granted_for = self.repo_name
         if self.required_perms.intersection(self.user_perms):
             return True
         return False
 class HasReposGroupPermissionAny(PermsFunction):
     def __call__(self, group_name=None, check_Location=''):
         self.group_name = group_name
         return super(HasReposGroupPermissionAny, self).__call__(check_Location)
     def check_permissions(self):
         try:
             self.user_perms = set(
                 [self.user_perms['repositories_groups'][self.group_name]]
+            )
         except KeyError:
             return False
         self.granted_for = self.repo_name
         if self.required_perms.intersection(self.user_perms):
             return True
         return False
 class HasReposGroupPermissionAll(PermsFunction):
     def __call__(self, group_name=None, check_Location=''):
         self.group_name = group_name
         return super(HasReposGroupPermissionAny, self).__call__(check_Location)
     def check_permissions(self):
         try:
             self.user_perms = set(
                 [self.user_perms['repositories_groups'][self.group_name]]
+            )
         except KeyError:
             return False
         self.granted_for = self.repo_name
         if self.required_perms.issubset(self.user_perms):
             return True
         return False
 #==============================================================================
 # SPECIAL VERSION TO HANDLE MIDDLEWARE AUTH
 #==============================================================================
 class HasPermissionAnyMiddleware(object):
     def __init__(self, *perms):
         self.required_perms = set(perms)
     def __call__(self, user, repo_name):
         usr = AuthUser(user.user_id)
         try:
             self.user_perms = set([usr.permissions['repositories'][repo_name]])
         except:
             self.user_perms = set()
         self.granted_for = ''
         self.username = user.username
         self.repo_name = repo_name
         return self.check_permissions()
     def check_permissions(self):
         log.debug('checking mercurial protocol '
                   'permissions %s for user:%s repository:%s', self.user_perms,
                                                 self.username, self.repo_name)
         if self.required_perms.intersection(self.user_perms):
             log.debug('permission granted')
             return True
         log.debug('permission denied')
         return False

rhodecode/lib/db_manage.py

➞

Show inline comments

@@ @@ -397,99 +397,104 @@ class DbManage(object): @@
         web3 = RhodeCodeUi()
         web3.ui_section = 'web'
         web3.ui_key = 'allow_push'
         web3.ui_value = '*'
         web4 = RhodeCodeUi()
         web4.ui_section = 'web'
         web4.ui_key = 'baseurl'
         web4.ui_value = '/'
         paths = RhodeCodeUi()
         paths.ui_section = 'paths'
         paths.ui_key = '/'
         paths.ui_value = path
         hgsettings1 = RhodeCodeSetting('realm', 'RhodeCode authentication')
         hgsettings2 = RhodeCodeSetting('title', 'RhodeCode')
         hgsettings3 = RhodeCodeSetting('ga_code', '')
         self.sa.add(web1)
         self.sa.add(web2)
         self.sa.add(web3)
         self.sa.add(web4)
         self.sa.add(paths)
         self.sa.add(hgsettings1)
         self.sa.add(hgsettings2)
         self.sa.add(hgsettings3)
         self.create_ldap_options()
         log.info('created ui config')
     def create_user(self, username, password, email='', admin=False):
         log.info('creating user %s' % username)
         UserModel().create_or_update(username, password, email,
                                      name='RhodeCode', lastname='Admin',
                                      active=True, admin=admin)
     def create_default_user(self):
         log.info('creating default user')
         # create default user for handling default permissions.
         UserModel().create_or_update(username='default',
                               password=str(uuid.uuid1())[:8],
                               email='anonymous@rhodecode.org',
                               name='Anonymous', lastname='User')
     def create_permissions(self):
         # module.(access|create|change|delete)_[name]
         # module.(read|write|owner)
         perms = [('repository.none', 'Repository no access'),
                  ('repository.read', 'Repository read access'),
                  ('repository.write', 'Repository write access'),
                  ('repository.admin', 'Repository admin access'),
                  ('hg.admin', 'Hg Administrator'),
                  ('hg.create.repository', 'Repository create'),
                  ('hg.create.none', 'Repository creation disabled'),
                  ('hg.register.none', 'Register disabled'),
                  ('hg.register.manual_activate', 'Register new user with '
                                                  'RhodeCode without manual'
                                                  'activation'),
         # module.(none|read|write|admin)
         perms = [
          ('repository.none', 'Repository no access'),
          ('repository.read', 'Repository read access'),
          ('repository.write', 'Repository write access'),
          ('repository.admin', 'Repository admin access'),
                  ('hg.register.auto_activate', 'Register new user with '
                                                'RhodeCode without auto '
                                                'activation'),
+                ]
          ('group.none', 'Repositories Group no access'),
          ('group.read', 'Repositories Group read access'),
          ('group.write', 'Repositories Group write access'),
          ('group.admin', 'Repositories Group admin access'),
          ('hg.admin', 'Hg Administrator'),
          ('hg.create.repository', 'Repository create'),
          ('hg.create.none', 'Repository creation disabled'),
          ('hg.register.none', 'Register disabled'),
          ('hg.register.manual_activate', 'Register new user with RhodeCode '
                                          'without manual activation'),
          ('hg.register.auto_activate', 'Register new user with RhodeCode '
                                         'without auto activation'),
+        ]
         for p in perms:
             new_perm = Permission()
             new_perm.permission_name = p[0]
             new_perm.permission_longname = p[1]
             self.sa.add(new_perm)
     def populate_default_permissions(self):
         log.info('creating default user permissions')
         default_user = self.sa.query(User)\
         .filter(User.username == 'default').scalar()
         reg_perm = UserToPerm()
         reg_perm.user = default_user
         reg_perm.permission = self.sa.query(Permission)\
         .filter(Permission.permission_name == 'hg.register.manual_activate')\
         .scalar()
         create_repo_perm = UserToPerm()
         create_repo_perm.user = default_user
         create_repo_perm.permission = self.sa.query(Permission)\
         .filter(Permission.permission_name == 'hg.create.repository')\
         .scalar()
         default_repo_perm = UserToPerm()
         default_repo_perm.user = default_user
         default_repo_perm.permission = self.sa.query(Permission)\
         .filter(Permission.permission_name == 'repository.read')\
         .scalar()
         self.sa.add(reg_perm)
         self.sa.add(create_repo_perm)
         self.sa.add(default_repo_perm)

rhodecode/lib/hooks.py

➞

Show inline comments

@@ @@ -85,71 +85,71 @@ def log_pull_action(ui, repo, **kwargs): @@
     action_logger(username, action, repository, extra_params['ip'],
                   commit=True)
     return 0
 def log_push_action(ui, repo, **kwargs):
     """
     Maps user last push action to new changeset id, from mercurial
     :param ui:
     :param repo:
     """
     extra_params = dict(repo.ui.configitems('rhodecode_extras'))
     username = extra_params['username']
     repository = extra_params['repository']
     action = extra_params['action'] + ':%s'
     node = kwargs['node']
     def get_revs(repo, rev_opt):
         if rev_opt:
             revs = revrange(repo, rev_opt)
             if len(revs) == 0:
                 return (nullrev, nullrev)
             return (max(revs), min(revs))
         else:
             return (len(repo) - 1, 0)
     stop, start = get_revs(repo, [node + ':'])
     revs = (str(repo[r]) for r in xrange(start, stop + 1))
     action = action % ','.join(revs)
     action_logger(username, action, repository, extra_params['ip'],
                   commit=True)
     return 0
 def log_create_repository(repository_dict, created_by, **kwargs):
     """
     Post create repository Hook. This is a dummy function for admins to re-use
     if needed
-    :param repository: dict dump of repository object
     :param repository: dict dump of repository object
     :param created_by: username who created repository
     :param created_date: date of creation
     available keys of repository_dict:
      'repo_type',
      'description',
      'private',
      'created_on',
      'enable_downloads',
      'repo_id',
      'user_id',
      'enable_statistics',
      'clone_uri',
      'fork_id',
      'group_id',
      'repo_name'
     """
     return 0
@@ \ No newline at end of file @@
     return 0

rhodecode/lib/utils.py

➞

Show inline comments

@@ @@ -7,138 +7,143 @@ @@
     :created_on: Apr 18, 2010
     :author: marcink
     :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
     :license: GPLv3, see COPYING for more details.
 """
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
+#
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
+#
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 import os
 import logging
 import datetime
 import traceback
 import paste
 import beaker
 import tarfile
 import shutil
 from os.path import abspath
 from os.path import dirname as dn, join as jn
 from paste.script.command import Command, BadCommand
 from mercurial import ui, config
 from webhelpers.text import collapse, remove_formatting, strip_tags
 from vcs import get_backend
 from vcs.backends.base import BaseChangeset
 from vcs.utils.lazy import LazyProperty
 from vcs.utils.helpers import get_scm
 from vcs.exceptions import VCSError
 from rhodecode.lib.caching_query import FromCache
 from rhodecode.model import meta
 from rhodecode.model.db import Repository, User, RhodeCodeUi, \
     UserLog, RepoGroup, RhodeCodeSetting
 from rhodecode.model.meta import Session
 from rhodecode.model.repos_group import ReposGroupModel
 log = logging.getLogger(__name__)
 def recursive_replace(str_, replace=' '):
     """Recursive replace of given sign to just one instance
     :param str_: given string
     :param replace: char to find and replace multiple instances
     Examples::
     >>> recursive_replace("Mighty---Mighty-Bo--sstones",'-')
     'Mighty-Mighty-Bo-sstones'
     """
     if str_.find(replace * 2) == -1:
         return str_
     else:
         str_ = str_.replace(replace * 2, replace)
         return recursive_replace(str_, replace)
 def repo_name_slug(value):
     """Return slug of name of repository
     This function is called on each creation/modification
     of repository to prevent bad names in repo
     """
     slug = remove_formatting(value)
     slug = strip_tags(slug)
     for c in """=[]\;'"<>,/~!@#$%^&*()+{}|: """:
         slug = slug.replace(c, '-')
     slug = recursive_replace(slug, '-')
     slug = collapse(slug, '-')
     return slug
 def get_repo_slug(request):
     return request.environ['pylons.routes_dict'].get('repo_name')
 def get_repos_group_slug(request):
     return request.environ['pylons.routes_dict'].get('group_name')
 def action_logger(user, action, repo, ipaddr='', sa=None, commit=False):
     """
     Action logger for various actions made by users
     :param user: user that made this action, can be a unique username string or
         object containing user_id attribute
     :param action: action to log, should be on of predefined unique actions for
         easy translations
     :param repo: string name of repository or object containing repo_id,
         that action was made on
     :param ipaddr: optional ip address from what the action was made
     :param sa: optional sqlalchemy session
     """
     if not sa:
         sa = meta.Session
     try:
         if hasattr(user, 'user_id'):
             user_obj = user
         elif isinstance(user, basestring):
             user_obj = User.get_by_username(user)
         else:
             raise Exception('You have to provide user object or username')
         if hasattr(repo, 'repo_id'):
             repo_obj = Repository.get(repo.repo_id)
             repo_name = repo_obj.repo_name
         elif  isinstance(repo, basestring):
             repo_name = repo.lstrip('/')
             repo_obj = Repository.get_by_repo_name(repo_name)
         else:
             raise Exception('You have to provide repository to action logger')
         user_log = UserLog()
         user_log.user_id = user_obj.user_id
         user_log.action = action
         user_log.repository_id = repo_obj.repo_id
         user_log.repository_name = repo_name
         user_log.action_date = datetime.datetime.now()
         user_log.user_ip = ipaddr
         sa.add(user_log)
         log.info('Adding user %s, action %s on %s' % (user_obj, action, repo))
         if commit:
@@ @@ -152,115 +157,117 @@ def get_repos(path, recursive=False): @@
     """
     Scans given path for repos and return (name,(type,path)) tuple
     :param path: path to scan for repositories
     :param recursive: recursive search and return names with subdirs in front
     """
     # remove ending slash for better results
     path = path.rstrip(os.sep)
     def _get_repos(p):
         if not os.access(p, os.W_OK):
             return
         for dirpath in os.listdir(p):
             if os.path.isfile(os.path.join(p, dirpath)):
                 continue
             cur_path = os.path.join(p, dirpath)
             try:
                 scm_info = get_scm(cur_path)
                 yield scm_info[1].split(path, 1)[-1].lstrip(os.sep), scm_info
             except VCSError:
                 if not recursive:
                     continue
                 #check if this dir containts other repos for recursive scan
                 rec_path = os.path.join(p, dirpath)
                 if os.path.isdir(rec_path):
                     for inner_scm in _get_repos(rec_path):
                         yield inner_scm
     return _get_repos(path)
 def is_valid_repo(repo_name, base_path):
     """
     Returns True if given path is a valid repository False otherwise
     :param repo_name:
     :param base_path:
     :return True: if given path is a valid repository
     """
     full_path = os.path.join(base_path, repo_name)
     try:
         get_scm(full_path)
         return True
     except VCSError:
         return False
 def is_valid_repos_group(repos_group_name, base_path):
     """
     Returns True if given path is a repos group False otherwise
     :param repo_name:
     :param base_path:
     """
     full_path = os.path.join(base_path, repos_group_name)
     # check if it's not a repo
     if is_valid_repo(repos_group_name, base_path):
         return False
     # check if it's a valid path
     if os.path.isdir(full_path):
         return True
     return False
 def ask_ok(prompt, retries=4, complaint='Yes or no, please!'):
     while True:
         ok = raw_input(prompt)
         if ok in ('y', 'ye', 'yes'):
             return True
         if ok in ('n', 'no', 'nop', 'nope'):
             return False
         retries = retries - 1
         if retries < 0:
             raise IOError
         print complaint
 #propagated from mercurial documentation
 ui_sections = ['alias', 'auth',
                 'decode/encode', 'defaults',
                 'diff', 'email',
                 'extensions', 'format',
                 'merge-patterns', 'merge-tools',
                 'hooks', 'http_proxy',
                 'smtp', 'patch',
                 'paths', 'profiling',
                 'server', 'trusted',
                 'ui', 'web', ]
 def make_ui(read_from='file', path=None, checkpaths=True):
     """A function that will read python rc files or database
     and make an mercurial ui object from read options
     :param path: path to mercurial config file
     :param checkpaths: check the path
     :param read_from: read from 'file' or 'db'
     """
     baseui = ui.ui()
     #clean the baseui object
     baseui._ocfg = config.config()
     baseui._ucfg = config.config()
     baseui._tcfg = config.config()
     if read_from == 'file':
         if not os.path.isfile(path):
             log.warning('Unable to read config file %s' % path)
             return False
         log.debug('reading hgrc from %s' % path)
         cfg = config.config()
         cfg.read(path)
@@ @@ -272,205 +279,215 @@ def make_ui(read_from='file', path=None, @@
     elif read_from == 'db':
         sa = meta.Session
         ret = sa.query(RhodeCodeUi)\
             .options(FromCache("sql_cache_short",
                                "get_hg_ui_settings")).all()
         hg_ui = ret
         for ui_ in hg_ui:
             if ui_.ui_active:
                 log.debug('settings ui from db[%s]%s:%s', ui_.ui_section,
                           ui_.ui_key, ui_.ui_value)
                 baseui.setconfig(ui_.ui_section, ui_.ui_key, ui_.ui_value)
         meta.Session.remove()
     return baseui
 def set_rhodecode_config(config):
     """
     Updates pylons config with new settings from database
     :param config:
     """
     hgsettings = RhodeCodeSetting.get_app_settings()
     for k, v in hgsettings.items():
         config[k] = v
 def invalidate_cache(cache_key, *args):
     """
     Puts cache invalidation task into db for
     further global cache invalidation
     """
     from rhodecode.model.scm import ScmModel
     if cache_key.startswith('get_repo_cached_'):
         name = cache_key.split('get_repo_cached_')[-1]
         ScmModel().mark_for_invalidation(name)
 class EmptyChangeset(BaseChangeset):
     """
     An dummy empty changeset. It's possible to pass hash when creating
     an EmptyChangeset
     """
     def __init__(self, cs='0' * 40, repo=None, requested_revision=None, alias=None):
     def __init__(self, cs='0' * 40, repo=None, requested_revision=None,
                  alias=None):
         self._empty_cs = cs
         self.revision = -1
         self.message = ''
         self.author = ''
         self.date = ''
         self.repository = repo
         self.requested_revision = requested_revision
         self.alias = alias
     @LazyProperty
     def raw_id(self):
         """
         Returns raw string identifying this changeset, useful for web
         representation.
         """
         return self._empty_cs
     @LazyProperty
     def branch(self):
         return get_backend(self.alias).DEFAULT_BRANCH_NAME
     @LazyProperty
     def short_id(self):
         return self.raw_id[:12]
     def get_file_changeset(self, path):
         return self
     def get_file_content(self, path):
         return u''
     def get_file_size(self, path):
         return 0
 def map_groups(groups):
     """
     Checks for groups existence, and creates groups structures.
     It returns last group in structure
     :param groups: list of groups structure
     """
     sa = meta.Session
     parent = None
     group = None
     # last element is repo in nested groups structure
     groups = groups[:-1]
+    rgm = ReposGroupModel(sa)
     for lvl, group_name in enumerate(groups):
         log.debug('creating group level: %s group_name: %s' % (lvl, group_name))
         group_name = '/'.join(groups[:lvl] + [group_name])
         group = sa.query(RepoGroup).filter(RepoGroup.group_name == group_name).scalar()
         group = RepoGroup.get_by_group_name(group_name)
         desc = '%s group' % group_name
 #        # WTF that doesn't work !?
 #        if group is None:
 #            group = rgm.create(group_name, desc, parent, just_db=True)
 #            sa.commit()
         if group is None:
             group = RepoGroup(group_name, parent)
             group.group_description = desc
             sa.add(group)
             rgm._create_default_perms(group)
             sa.commit()
         parent = group
     return group
 def repo2db_mapper(initial_repo_list, remove_obsolete=False):
     """
     maps all repos given in initial_repo_list, non existing repositories
     are created, if remove_obsolete is True it also check for db entries
     that are not in initial_repo_list and removes them.
     :param initial_repo_list: list of repositories found by scanning methods
     :param remove_obsolete: check for obsolete entries in database
     """
     from rhodecode.model.repo import RepoModel
     sa = meta.Session
     rm = RepoModel()
     user = sa.query(User).filter(User.admin == True).first()
     if user is None:
         raise Exception('Missing administrative account !')
     added = []
     for name, repo in initial_repo_list.items():
         group = map_groups(name.split(Repository.url_sep()))
         if not rm.get_by_repo_name(name, cache=False):
             log.info('repository %s not found creating default' % name)
             added.append(name)
             form_data = {
                          'repo_name': name,
                          'repo_name_full': name,
                          'repo_type': repo.alias,
                          'description': repo.description \
                             if repo.description != 'unknown' else \
                                         '%s repository' % name,
                          'private': False,
                          'group_id': getattr(group, 'group_id', None)
+                         }
              'repo_name': name,
              'repo_name_full': name,
              'repo_type': repo.alias,
              'description': repo.description \
                 if repo.description != 'unknown' else '%s repository' % name,
              'private': False,
              'group_id': getattr(group, 'group_id', None)
+            }
             rm.create(form_data, user, just_db=True)
     sa.commit()
     removed = []
     if remove_obsolete:
         #remove from database those repositories that are not in the filesystem
         for repo in sa.query(Repository).all():
             if repo.repo_name not in initial_repo_list.keys():
                 removed.append(repo.repo_name)
                 sa.delete(repo)
                 sa.commit()
     return added, removed
 # set cache regions for beaker so celery can utilise it
 def add_cache(settings):
     cache_settings = {'regions': None}
     for key in settings.keys():
         for prefix in ['beaker.cache.', 'cache.']:
             if key.startswith(prefix):
                 name = key.split(prefix)[1].strip()
                 cache_settings[name] = settings[key].strip()
     if cache_settings['regions']:
         for region in cache_settings['regions'].split(','):
             region = region.strip()
             region_settings = {}
             for key, value in cache_settings.items():
                 if key.startswith(region):
                     region_settings[key.split('.')[1]] = value
             region_settings['expire'] = int(region_settings.get('expire',
 ))
             region_settings.setdefault('lock_dir',
                                        cache_settings.get('lock_dir'))
             region_settings.setdefault('data_dir',
                                        cache_settings.get('data_dir'))
             if 'type' not in region_settings:
                 region_settings['type'] = cache_settings.get('type',
                                                              'memory')
             beaker.cache.cache_regions[region] = region_settings
 #==============================================================================
 # TEST FUNCTIONS AND CREATORS
 #==============================================================================
 def create_test_index(repo_location, config, full_index):
     """
     Makes default test index
     :param config: test config
     :param full_index:
     """
     from rhodecode.lib.indexers.daemon import WhooshIndexingDaemon
     from rhodecode.lib.pidlock import DaemonLock, LockHeld
     repo_location = repo_location
     index_location = os.path.join(config['app_conf']['index_dir'])
     if not os.path.exists(index_location):
         os.makedirs(index_location)

rhodecode/model/__init__.py

➞

Show inline comments

@@ @@ -29,64 +29,70 @@ @@
 """
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
+#
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
+#
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 import logging
 from rhodecode.model import meta
 log = logging.getLogger(__name__)
 def init_model(engine):
     """
     Initializes db session, bind the engine with the metadata,
     Call this before using any of the tables or classes in the model,
     preferably once in application start
     :param engine: engine to bind to
     """
     log.info("initializing db for %s" % engine)
     meta.Base.metadata.bind = engine
 class BaseModel(object):
     """
     Base Model for all RhodeCode models, it adds sql alchemy session
     into instance of model
     :param sa: If passed it reuses this session instead of creating a new one
     """
     def __init__(self, sa=None):
         if sa is not None:
             self.sa = sa
         else:
             self.sa = meta.Session
     def _get_instance(self, cls, instance):
+    def _get_instance(self, cls, instance, callback=None):
         """
         Get's instance of given cls using some simple lookup mechanism
+        Get's instance of given cls using some simple lookup mechanism.
         :param cls: class to fetch
         :param instance: int or Instance
         :param callback: callback to call if all lookups failed
         """
         if isinstance(instance, cls):
             return instance
         elif isinstance(instance, int) or str(instance).isdigit():
             return cls.get(instance)
         else:
             if instance:
                 raise Exception('given object must be int or Instance'
                                 ' of %s got %s' % (type(cls), type(instance)))
                 if callback is None:
                     raise Exception(
                         'given object must be int or Instance of %s got %s, '
                         'no callback provided' % (cls, type(instance))
+                    )
                 else:
                     return callback(instance)

rhodecode/model/db.py

➞

Show inline comments

@@ @@ -672,96 +672,99 @@ class Repository(Base, BaseModel): @@
         rn = self.repo_name
         log.debug('Getting cached instance of repo')
         inv = self.invalidate
         if inv is not None:
             region_invalidate(_c, None, rn)
             # update our cache
             CacheInvalidation.set_valid(inv.cache_key)
         return _c(rn)
     def __get_instance(self):
         repo_full_path = self.repo_full_path
         try:
             alias = get_scm(repo_full_path)[0]
             log.debug('Creating instance of %s repository' % alias)
             backend = get_backend(alias)
         except VCSError:
             log.error(traceback.format_exc())
             log.error('Perhaps this repository is in db and not in '
                       'filesystem run rescan repositories with '
                       '"destroy old data " option from admin panel')
             return
         if alias == 'hg':
             repo = backend(safe_str(repo_full_path), create=False,
                            baseui=self._ui)
             # skip hidden web repository
             if repo._get_hidden():
                 return
         else:
             repo = backend(repo_full_path, create=False)
         return repo
 class RepoGroup(Base, BaseModel):
     __tablename__ = 'groups'
     __table_args__ = (
         UniqueConstraint('group_name', 'group_parent_id'),
         CheckConstraint('group_id != group_parent_id'),
         {'extend_existing': True},
+    )
     __mapper_args__ = {'order_by': 'group_name'}
     group_id = Column("group_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
     group_name = Column("group_name", String(length=255, convert_unicode=False, assert_unicode=None), nullable=False, unique=True, default=None)
     group_parent_id = Column("group_parent_id", Integer(), ForeignKey('groups.group_id'), nullable=True, unique=None, default=None)
     group_description = Column("group_description", String(length=10000, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     repo_group_to_perm = relationship('UserRepoGroupToPerm', cascade='all', order_by='UserRepoGroupToPerm.group_to_perm_id')
     users_group_to_perm = relationship('UsersGroupRepoGroupToPerm', cascade='all')
     parent_group = relationship('RepoGroup', remote_side=group_id)
     def __init__(self, group_name='', parent_group=None):
         self.group_name = group_name
         self.parent_group = parent_group
     def __repr__(self):
         return "<%s('%s:%s')>" % (self.__class__.__name__, self.group_id,
                                   self.group_name)
     @classmethod
     def groups_choices(cls):
         from webhelpers.html import literal as _literal
         repo_groups = [('', '')]
         sep = ' &raquo; '
         _name = lambda k: _literal(sep.join(k))
         repo_groups.extend([(x.group_id, _name(x.full_path_splitted))
                               for x in cls.query().all()])
         repo_groups = sorted(repo_groups, key=lambda t: t[1].split(sep)[0])
         return repo_groups
     @classmethod
     def url_sep(cls):
         return '/'
     @classmethod
     def get_by_group_name(cls, group_name, cache=False, case_insensitive=False):
         if case_insensitive:
             gr = cls.query()\
                 .filter(cls.group_name.ilike(group_name))
         else:
             gr = cls.query()\
                 .filter(cls.group_name == group_name)
         if cache:
             gr = gr.options(FromCache("sql_cache_short",
                                           "get_group_%s" % group_name))
         return gr.scalar()
     @property
     def parents(self):
         parents_recursion_limit = 5
         groups = []
         if self.parent_group is None:
             return groups
         cur_gr = self.parent_group
         groups.insert(0, cur_gr)
@@ @@ -788,109 +791,119 @@ class RepoGroup(Base, BaseModel): @@
     @property
     def name(self):
         return self.group_name.split(RepoGroup.url_sep())[-1]
     @property
     def full_path(self):
         return self.group_name
     @property
     def full_path_splitted(self):
         return self.group_name.split(RepoGroup.url_sep())
     @property
     def repositories(self):
         return Repository.query().filter(Repository.group == self)
     @property
     def repositories_recursive_count(self):
         cnt = self.repositories.count()
         def children_count(group):
             cnt = 0
             for child in group.children:
                 cnt += child.repositories.count()
                 cnt += children_count(child)
             return cnt
         return cnt + children_count(self)
     def get_new_name(self, group_name):
         """
         returns new full group name based on parent and new name
         :param group_name:
         """
         path_prefix = (self.parent_group.full_path_splitted if
                        self.parent_group else [])
         return RepoGroup.url_sep().join(path_prefix + [group_name])
 class Permission(Base, BaseModel):
     __tablename__ = 'permissions'
     __table_args__ = {'extend_existing': True}
     permission_id = Column("permission_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
     permission_name = Column("permission_name", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     permission_longname = Column("permission_longname", String(length=255, convert_unicode=False, assert_unicode=None), nullable=True, unique=None, default=None)
     def __repr__(self):
         return "<%s('%s:%s')>" % (self.__class__.__name__,
                                   self.permission_id, self.permission_name)
         return "<%s('%s:%s')>" % (
             self.__class__.__name__, self.permission_id, self.permission_name
+        )
     @classmethod
     def get_by_key(cls, key):
         return cls.query().filter(cls.permission_name == key).scalar()
     @classmethod
     def get_default_perms(cls, default_user_id):
         q = Session.query(UserRepoToPerm, Repository, cls)\
             .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\
             .join((cls, UserRepoToPerm.permission_id == cls.permission_id))\
             .filter(UserRepoToPerm.user_id == default_user_id)
          .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\
          .join((cls, UserRepoToPerm.permission_id == cls.permission_id))\
          .filter(UserRepoToPerm.user_id == default_user_id)
         return q.all()
     @classmethod
     def get_default_group_perms(cls, default_user_id):
         q = Session.query(UserRepoGroupToPerm, RepoGroup, cls)\
          .join((RepoGroup, UserRepoGroupToPerm.group_id == RepoGroup.group_id))\
          .join((cls, UserRepoGroupToPerm.permission_id == cls.permission_id))\
          .filter(UserRepoGroupToPerm.user_id == default_user_id)
         return q.all()
 class UserRepoToPerm(Base, BaseModel):
     __tablename__ = 'repo_to_perm'
     __table_args__ = (
         UniqueConstraint('user_id', 'repository_id'), {'extend_existing': True}
+    )
     repo_to_perm_id = Column("repo_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
     user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
     permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
     repository_id = Column("repository_id", Integer(), ForeignKey('repositories.repo_id'), nullable=False, unique=None, default=None)
     user = relationship('User')
     permission = relationship('Permission')
     repository = relationship('Repository')
     @classmethod
     def create(cls, user, repository, permission):
         n = cls()
         n.user = user
         n.repository = repository
         n.permission = permission
         Session.add(n)
         return n
     def __repr__(self):
         return '<user:%s => %s >' % (self.user, self.repository)
 class UserToPerm(Base, BaseModel):
     __tablename__ = 'user_to_perm'
     __table_args__ = (UniqueConstraint('user_id', 'permission_id'), {'extend_existing': True})
     user_to_perm_id = Column("user_to_perm_id", Integer(), nullable=False, unique=True, default=None, primary_key=True)
     user_id = Column("user_id", Integer(), ForeignKey('users.user_id'), nullable=False, unique=None, default=None)
     permission_id = Column("permission_id", Integer(), ForeignKey('permissions.permission_id'), nullable=False, unique=None, default=None)
     user = relationship('User')
     permission = relationship('Permission', lazy='joined')
 class UsersGroupRepoToPerm(Base, BaseModel):
     __tablename__ = 'users_group_repo_to_perm'
     __table_args__ = (
         UniqueConstraint('repository_id', 'users_group_id', 'permission_id'),
         {'extend_existing': True}
+    )

rhodecode/model/forms.py

➞

Show inline comments

@@ @@ -343,147 +343,156 @@ def SlugifyName(): @@
     return _SlugifyName
 def ValidCloneUri():
     from mercurial.httprepo import httprepository, httpsrepository
     from rhodecode.lib.utils import make_ui
     class _ValidCloneUri(formencode.validators.FancyValidator):
         def to_python(self, value, state):
             if not value:
                 pass
             elif value.startswith('https'):
                 try:
                     httpsrepository(make_ui('db'), value).capabilities
                 except Exception:
                     log.error(traceback.format_exc())
                     raise formencode.Invalid(_('invalid clone url'), value,
                                              state)
             elif value.startswith('http'):
                 try:
                     httprepository(make_ui('db'), value).capabilities
                 except Exception:
                     log.error(traceback.format_exc())
                     raise formencode.Invalid(_('invalid clone url'), value,
                                              state)
             else:
                 raise formencode.Invalid(_('Invalid clone url, provide a '
                                            'valid clone http\s url'), value,
                                          state)
             return value
     return _ValidCloneUri
 def ValidForkType(old_data):
     class _ValidForkType(formencode.validators.FancyValidator):
         def to_python(self, value, state):
             if old_data['repo_type'] != value:
                 raise formencode.Invalid(_('Fork have to be the same '
                                            'type as original'), value, state)
             return value
     return _ValidForkType
 class ValidPerms(formencode.validators.FancyValidator):
     messages = {'perm_new_member_name': _('This username or users group name'
                                          ' is not valid')}
 def ValidPerms(type_='repo'):
     if type_ == 'group':
         EMPTY_PERM = 'group.none'
     elif type_ == 'repo':
         EMPTY_PERM = 'repository.none'
     def to_python(self, value, state):
         perms_update = []
         perms_new = []
         #build a list of permission to update and new permission to create
         for k, v in value.items():
             #means new added member to permissions
             if k.startswith('perm_new_member'):
                 new_perm = value.get('perm_new_member', False)
                 new_member = value.get('perm_new_member_name', False)
                 new_type = value.get('perm_new_member_type')
     class _ValidPerms(formencode.validators.FancyValidator):
         messages = {
             'perm_new_member_name':
                 _('This username or users group name is not valid')
+        }
         def to_python(self, value, state):
             perms_update = []
             perms_new = []
             # build a list of permission to update and new permission to create
             for k, v in value.items():
                 # means new added member to permissions
                 if k.startswith('perm_new_member'):
                     new_perm = value.get('perm_new_member', False)
                     new_member = value.get('perm_new_member_name', False)
                     new_type = value.get('perm_new_member_type')
                 if new_member and new_perm:
                     if (new_member, new_perm, new_type) not in perms_new:
                         perms_new.append((new_member, new_perm, new_type))
             elif k.startswith('u_perm_') or k.startswith('g_perm_'):
                 member = k[7:]
                 t = {'u': 'user',
                      'g': 'users_group'
                 }[k[0]]
                 if member == 'default':
                     if value['private']:
                         #set none for default when updating to private repo
                         v = 'repository.none'
                 perms_update.append((member, v, t))
                     if new_member and new_perm:
                         if (new_member, new_perm, new_type) not in perms_new:
                             perms_new.append((new_member, new_perm, new_type))
                 elif k.startswith('u_perm_') or k.startswith('g_perm_'):
                     member = k[7:]
                     t = {'u': 'user',
                          'g': 'users_group'
                     }[k[0]]
                     if member == 'default':
                         if value.get('private'):
                             # set none for default when updating to private repo
                             v = EMPTY_PERM
                     perms_update.append((member, v, t))
         value['perms_updates'] = perms_update
         value['perms_new'] = perms_new
             value['perms_updates'] = perms_update
             value['perms_new'] = perms_new
         #update permissions
         for k, v, t in perms_new:
             try:
                 if t is 'user':
                     self.user_db = User.query()\
                         .filter(User.active == True)\
                         .filter(User.username == k).one()
                 if t is 'users_group':
                     self.user_db = UsersGroup.query()\
                         .filter(UsersGroup.users_group_active == True)\
                         .filter(UsersGroup.users_group_name == k).one()
             # update permissions
             for k, v, t in perms_new:
                 try:
                     if t is 'user':
                         self.user_db = User.query()\
                             .filter(User.active == True)\
                             .filter(User.username == k).one()
                     if t is 'users_group':
                         self.user_db = UsersGroup.query()\
                             .filter(UsersGroup.users_group_active == True)\
                             .filter(UsersGroup.users_group_name == k).one()
             except Exception:
                 msg = self.message('perm_new_member_name',
                                      state=State_obj)
                 raise formencode.Invalid(
                     msg, value, state, error_dict={'perm_new_member_name': msg}
+                )
         return value
                 except Exception:
                     msg = self.message('perm_new_member_name',
                                          state=State_obj)
                     raise formencode.Invalid(
                         msg, value, state, error_dict={'perm_new_member_name': msg}
+                    )
             return value
     return _ValidPerms
 class ValidSettings(formencode.validators.FancyValidator):
     def to_python(self, value, state):
         # settings  form can't edit user
         if 'user' in value:
             del['value']['user']
         return value
 class ValidPath(formencode.validators.FancyValidator):
     def to_python(self, value, state):
         if not os.path.isdir(value):
             msg = _('This is not a valid path')
             raise formencode.Invalid(msg, value, state,
                                      error_dict={'paths_root_path': msg})
         return value
 def UniqSystemEmail(old_data):
     class _UniqSystemEmail(formencode.validators.FancyValidator):
         def to_python(self, value, state):
             value = value.lower()
             if old_data.get('email', '').lower() != value:
                 user = User.get_by_email(value, case_insensitive=True)
                 if user:
                     raise formencode.Invalid(
                         _("This e-mail address is already taken"), value, state
+                    )
             return value
     return _UniqSystemEmail
 class ValidSystemEmail(formencode.validators.FancyValidator):
     def to_python(self, value, state):
         value = value.lower()
         user = User.get_by_email(value, case_insensitive=True)
         if  user is None:
             raise formencode.Invalid(
                 _("This e-mail address doesn't exist."), value, state
+            )
         return value
@@ @@ -543,192 +552,192 @@ class LoginForm(formencode.Schema): @@
 def UserForm(edit=False, old_data={}):
     class _UserForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = True
         username = All(UnicodeString(strip=True, min=1, not_empty=True),
                        ValidUsername(edit, old_data))
         if edit:
             new_password = All(UnicodeString(strip=True, min=6, not_empty=False))
             password_confirmation = All(UnicodeString(strip=True, min=6,
                                                       not_empty=False))
             admin = StringBoolean(if_missing=False)
         else:
             password = All(UnicodeString(strip=True, min=6, not_empty=True))
             password_confirmation = All(UnicodeString(strip=True, min=6,
                                                       not_empty=False))
         active = StringBoolean(if_missing=False)
         name = UnicodeString(strip=True, min=1, not_empty=False)
         lastname = UnicodeString(strip=True, min=1, not_empty=False)
         email = All(Email(not_empty=True), UniqSystemEmail(old_data))
         chained_validators = [ValidPasswordsMatch, ValidPassword]
     return _UserForm
 def UsersGroupForm(edit=False, old_data={}, available_members=[]):
     class _UsersGroupForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = True
         users_group_name = All(UnicodeString(strip=True, min=1, not_empty=True),
                        ValidUsersGroup(edit, old_data))
         users_group_active = StringBoolean(if_missing=False)
         if edit:
             users_group_members = OneOf(available_members, hideList=False,
                                         testValueList=True,
                                         if_missing=None, not_empty=False)
     return _UsersGroupForm
 def ReposGroupForm(edit=False, old_data={}, available_groups=[]):
     class _ReposGroupForm(formencode.Schema):
         allow_extra_fields = True
-        filter_extra_fields = True
+        filter_extra_fields = False
         group_name = All(UnicodeString(strip=True, min=1, not_empty=True),
                                SlugifyName())
         group_description = UnicodeString(strip=True, min=1,
                                                 not_empty=True)
         group_parent_id = OneOf(available_groups, hideList=False,
                                         testValueList=True,
                                         if_missing=None, not_empty=False)
         chained_validators = [ValidReposGroup(edit, old_data)]
+        chained_validators = [ValidReposGroup(edit, old_data), ValidPerms('group')]
     return _ReposGroupForm
 def RegisterForm(edit=False, old_data={}):
     class _RegisterForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = True
         username = All(ValidUsername(edit, old_data),
                        UnicodeString(strip=True, min=1, not_empty=True))
         password = All(UnicodeString(strip=True, min=6, not_empty=True))
         password_confirmation = All(UnicodeString(strip=True, min=6, not_empty=True))
         active = StringBoolean(if_missing=False)
         name = UnicodeString(strip=True, min=1, not_empty=False)
         lastname = UnicodeString(strip=True, min=1, not_empty=False)
         email = All(Email(not_empty=True), UniqSystemEmail(old_data))
         chained_validators = [ValidPasswordsMatch, ValidPassword]
     return _RegisterForm
 def PasswordResetForm():
     class _PasswordResetForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = True
         email = All(ValidSystemEmail(), Email(not_empty=True))
     return _PasswordResetForm
 def RepoForm(edit=False, old_data={}, supported_backends=BACKENDS.keys(),
              repo_groups=[]):
     class _RepoForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = False
         repo_name = All(UnicodeString(strip=True, min=1, not_empty=True),
                         SlugifyName())
         clone_uri = All(UnicodeString(strip=True, min=1, not_empty=False),
                         ValidCloneUri()())
         repo_group = OneOf(repo_groups, hideList=True)
         repo_type = OneOf(supported_backends)
         description = UnicodeString(strip=True, min=1, not_empty=True)
         private = StringBoolean(if_missing=False)
         enable_statistics = StringBoolean(if_missing=False)
         enable_downloads = StringBoolean(if_missing=False)
         if edit:
             #this is repo owner
             user = All(UnicodeString(not_empty=True), ValidRepoUser)
         chained_validators = [ValidRepoName(edit, old_data), ValidPerms]
+        chained_validators = [ValidRepoName(edit, old_data), ValidPerms()]
     return _RepoForm
 def RepoForkForm(edit=False, old_data={}, supported_backends=BACKENDS.keys(),
                  repo_groups=[]):
     class _RepoForkForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = False
         repo_name = All(UnicodeString(strip=True, min=1, not_empty=True),
                         SlugifyName())
         repo_group = OneOf(repo_groups, hideList=True)
         repo_type = All(ValidForkType(old_data), OneOf(supported_backends))
         description = UnicodeString(strip=True, min=1, not_empty=True)
         private = StringBoolean(if_missing=False)
         copy_permissions = StringBoolean(if_missing=False)
         update_after_clone = StringBoolean(if_missing=False)
         fork_parent_id = UnicodeString()
         chained_validators = [ValidForkName(edit, old_data)]
     return _RepoForkForm
 def RepoSettingsForm(edit=False, old_data={}, supported_backends=BACKENDS.keys(),
                      repo_groups=[]):
     class _RepoForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = False
         repo_name = All(UnicodeString(strip=True, min=1, not_empty=True),
                         SlugifyName())
         description = UnicodeString(strip=True, min=1, not_empty=True)
         repo_group = OneOf(repo_groups, hideList=True)
         private = StringBoolean(if_missing=False)
         chained_validators = [ValidRepoName(edit, old_data), ValidPerms,
+        chained_validators = [ValidRepoName(edit, old_data), ValidPerms(),
                               ValidSettings]
     return _RepoForm
 def ApplicationSettingsForm():
     class _ApplicationSettingsForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = False
         rhodecode_title = UnicodeString(strip=True, min=1, not_empty=True)
         rhodecode_realm = UnicodeString(strip=True, min=1, not_empty=True)
         rhodecode_ga_code = UnicodeString(strip=True, min=1, not_empty=False)
     return _ApplicationSettingsForm
 def ApplicationUiSettingsForm():
     class _ApplicationUiSettingsForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = False
         web_push_ssl = OneOf(['true', 'false'], if_missing='false')
         paths_root_path = All(ValidPath(), UnicodeString(strip=True, min=1, not_empty=True))
         hooks_changegroup_update = OneOf(['True', 'False'], if_missing=False)
         hooks_changegroup_repo_size = OneOf(['True', 'False'], if_missing=False)
         hooks_pretxnchangegroup_push_logger = OneOf(['True', 'False'], if_missing=False)
         hooks_preoutgoing_pull_logger = OneOf(['True', 'False'], if_missing=False)
     return _ApplicationUiSettingsForm
 def DefaultPermissionsForm(perms_choices, register_choices, create_choices):
     class _DefaultPermissionsForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = True
         overwrite_default = StringBoolean(if_missing=False)
         anonymous = OneOf(['True', 'False'], if_missing=False)
         default_perm = OneOf(perms_choices)
         default_register = OneOf(register_choices)
         default_create = OneOf(create_choices)
     return _DefaultPermissionsForm
 def LdapSettingsForm(tls_reqcert_choices, search_scope_choices, tls_kind_choices):
     class _LdapSettingsForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = True
         pre_validators = [LdapLibValidator]
         ldap_active = StringBoolean(if_missing=False)

rhodecode/model/notification.py

➞

Show inline comments

 # -*- coding: utf-8 -*-
 """
     rhodecode.model.notification
     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     Model for notifications
     :created_on: Nov 20, 2011
     :author: marcink
     :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
     :license: GPLv3, see COPYING for more details.
 """
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
+#
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
+#
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 import os
 import logging
 import traceback
 import datetime
 from pylons.i18n.translation import _
 import rhodecode
 from rhodecode.lib import helpers as h
 from rhodecode.model import BaseModel
 from rhodecode.model.db import Notification, User, UserNotification
 log = logging.getLogger(__name__)
 class NotificationModel(BaseModel):
     def __get_user(self, user):
         if isinstance(user, basestring):
             return User.get_by_username(username=user)
         else:
             return self._get_instance(User, user)
         return self._get_instance(User, user, callback=User.get_by_username)
     def __get_notification(self, notification):
         if isinstance(notification, Notification):
             return notification
         elif isinstance(notification, int):
             return Notification.get(notification)
         else:
             if notification:
                 raise Exception('notification must be int or Instance'
                                 ' of Notification got %s' % type(notification))
     def create(self, created_by, subject, body, recipients=None,
                type_=Notification.TYPE_MESSAGE, with_email=True,
                email_kwargs={}):
         """
         Creates notification of given type
         :param created_by: int, str or User instance. User who created this
             notification
         :param subject:
         :param body:
         :param recipients: list of int, str or User objects, when None
             is given send to all admins
         :param type_: type of notification
         :param with_email: send email with this notification
         :param email_kwargs: additional dict to pass as args to email template
         """
         from rhodecode.lib.celerylib import tasks, run_task
         if recipients and not getattr(recipients, '__iter__', False):
             raise Exception('recipients must be a list of iterable')
         created_by_obj = self.__get_user(created_by)
         if recipients:
             recipients_objs = []
             for u in recipients:
                 obj = self.__get_user(u)
                 if obj:
                     recipients_objs.append(obj)
             recipients_objs = set(recipients_objs)
         else:
             # empty recipients means to all admins
             recipients_objs = User.query().filter(User.admin == True).all()
         notif = Notification.create(created_by=created_by_obj, subject=subject,
                                     body=body, recipients=recipients_objs,

rhodecode/model/repo.py

➞

Show inline comments

 # -*- coding: utf-8 -*-
 """
     rhodecode.model.repo
     ~~~~~~~~~~~~~~~~~~~~
     Repository model for rhodecode
     :created_on: Jun 5, 2010
     :author: marcink
     :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
     :license: GPLv3, see COPYING for more details.
 """
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
+#
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
+#
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 import os
 import shutil
 import logging
 import traceback
 from datetime import datetime
 from vcs.utils.lazy import LazyProperty
 from vcs.backends import get_backend
 from rhodecode.lib import LazyProperty
 from rhodecode.lib import safe_str, safe_unicode
 from rhodecode.lib.caching_query import FromCache
 from rhodecode.lib.hooks import log_create_repository
 from rhodecode.model import BaseModel
 from rhodecode.model.db import Repository, UserRepoToPerm, User, Permission, \
     Statistics, UsersGroup, UsersGroupRepoToPerm, RhodeCodeUi, RepoGroup
 log = logging.getLogger(__name__)
 class RepoModel(BaseModel):
     def __get_user(self, user):
         return self._get_instance(User, user, callback=User.get_by_username)
     def __get_users_group(self, users_group):
         return self._get_instance(UsersGroup, users_group,
                                   callback=UsersGroup.get_by_group_name)
     def __get_repos_group(self, repos_group):
         return self._get_instance(RepoGroup, repos_group,
                                   callback=RepoGroup.get_by_group_name)
     def __get_repo(self, repository):
         return self._get_instance(Repository, repository,
                                   callback=Repository.get_by_repo_name)
     def __get_perm(self, permission):
         return self._get_instance(Permission, permission,
                                   callback=Permission.get_by_key)
     @LazyProperty
     def repos_path(self):
         """
         Get's the repositories root path from database
         """
         q = self.sa.query(RhodeCodeUi).filter(RhodeCodeUi.ui_key == '/').one()
         return q.ui_value
     def get(self, repo_id, cache=False):
         repo = self.sa.query(Repository)\
             .filter(Repository.repo_id == repo_id)
         if cache:
             repo = repo.options(FromCache("sql_cache_short",
                                           "get_repo_%s" % repo_id))
         return repo.scalar()
     def get_by_repo_name(self, repo_name, cache=False):
         repo = self.sa.query(Repository)\
             .filter(Repository.repo_name == repo_name)
         if cache:
             repo = repo.options(FromCache("sql_cache_short",
                                           "get_repo_%s" % repo_name))
         return repo.scalar()
     def get_users_js(self):
         users = self.sa.query(User).filter(User.active == True).all()
         u_tmpl = '''{id:%s, fname:"%s", lname:"%s", nname:"%s"},'''
         users_array = '[%s]' % '\n'.join([u_tmpl % (u.user_id, u.name,
                                                     u.lastname, u.username)
                                         for u in users])
         return users_array
     def get_users_groups_js(self):
         users_groups = self.sa.query(UsersGroup)\
             .filter(UsersGroup.users_group_active == True).all()
         g_tmpl = '''{id:%s, grname:"%s",grmembers:"%s"},'''
         users_groups_array = '[%s]' % '\n'.join([g_tmpl % \
                                     (gr.users_group_id, gr.users_group_name,
                                      len(gr.members))
                                         for gr in users_groups])
         return users_groups_array
     def _get_defaults(self, repo_name):
         """
         Get's information about repository, and returns a dict for
         usage in forms
         :param repo_name:
         """
         repo_info = Repository.get_by_repo_name(repo_name)
         if repo_info is None:
             return None
         defaults = repo_info.get_dict()
         group, repo_name = repo_info.groups_and_repo
         defaults['repo_name'] = repo_name
         defaults['repo_group'] = getattr(group[-1] if group else None,
                                          'group_id', None)
         # fill owner
         if repo_info.user:
             defaults.update({'user': repo_info.user.username})
         else:
             replacement_user = User.query().filter(User.admin ==
                                                    True).first().username
             defaults.update({'user': replacement_user})
         # fill repository users
         for p in repo_info.repo_to_perm:
             defaults.update({'u_perm_%s' % p.user.username:
                              p.permission.permission_name})
         # fill repository groups
         for p in repo_info.users_group_to_perm:
             defaults.update({'g_perm_%s' % p.users_group.users_group_name:
                              p.permission.permission_name})
         return defaults
     def update(self, repo_name, form_data):
         try:
             cur_repo = self.get_by_repo_name(repo_name, cache=False)
             # update permissions
             for member, perm, member_type in form_data['perms_updates']:
                 if member_type == 'user':
                     _member = User.get_by_username(member)
                     r2p = self.sa.query(UserRepoToPerm)\
                         .filter(UserRepoToPerm.user == _member)\
                         .filter(UserRepoToPerm.repository == cur_repo)\
                         .one()
                     r2p.permission = self.sa.query(Permission)\
                                         .filter(Permission.permission_name ==
                                                 perm).scalar()
                     self.sa.add(r2p)
                     # this updates existing one
                     RepoModel().grant_user_permission(
                         repo=cur_repo, user=member, perm=perm
+                    )
                 else:
                     g2p = self.sa.query(UsersGroupRepoToPerm)\
                             .filter(UsersGroupRepoToPerm.users_group ==
                                     UsersGroup.get_by_group_name(member))\
                             .filter(UsersGroupRepoToPerm.repository ==
                                     cur_repo).one()
                     g2p.permission = self.sa.query(Permission)\
                                         .filter(Permission.permission_name ==
                                                 perm).scalar()
                     self.sa.add(g2p)
                     RepoModel().grant_users_group_permission(
                         repo=cur_repo, group_name=member, perm=perm
+                    )
             # set new permissions
             for member, perm, member_type in form_data['perms_new']:
                 if member_type == 'user':
                     r2p = UserRepoToPerm()
                     r2p.repository = cur_repo
                     r2p.user = User.get_by_username(member)
                     r2p.permission = self.sa.query(Permission)\
                                         .filter(Permission.
                                                 permission_name == perm)\
                                                 .scalar()
                     self.sa.add(r2p)
                     RepoModel().grant_user_permission(
                         repo=cur_repo, user=member, perm=perm
+                    )
                 else:
                     g2p = UsersGroupRepoToPerm()
                     g2p.repository = cur_repo
                     g2p.users_group = UsersGroup.get_by_group_name(member)
                     g2p.permission = self.sa.query(Permission)\
                                         .filter(Permission.
                                                 permission_name == perm)\
                                                 .scalar()
                     self.sa.add(g2p)
                     RepoModel().grant_users_group_permission(
                         repo=cur_repo, group_name=member, perm=perm
+                    )
             # update current repo
             for k, v in form_data.items():
                 if k == 'user':
                     cur_repo.user = User.get_by_username(v)
                 elif k == 'repo_name':
                     pass
                 elif k == 'repo_group':
                     cur_repo.group = RepoGroup.get(v)
                 else:
                     setattr(cur_repo, k, v)
             new_name = cur_repo.get_new_name(form_data['repo_name'])
             cur_repo.repo_name = new_name
             self.sa.add(cur_repo)
             if repo_name != new_name:
                 # rename repository
                 self.__rename_repo(old=repo_name, new=new_name)
             return cur_repo
         except:
             log.error(traceback.format_exc())
             raise
     def create(self, form_data, cur_user, just_db=False, fork=False):
         from rhodecode.model.scm import ScmModel
         try:
             if fork:
                 fork_parent_id = form_data['fork_parent_id']
             # repo name is just a name of repository
             # while repo_name_full is a full qualified name that is combined
             # with name and path of group
             repo_name = form_data['repo_name']
             repo_name_full = form_data['repo_name_full']
             new_repo = Repository()
             new_repo.enable_statistics = False
             for k, v in form_data.items():
                 if k == 'repo_name':
                     v = repo_name_full
                 if k == 'repo_group':
                     k = 'group_id'
@@ @@ -269,164 +264,228 @@ class RepoModel(BaseModel): @@
                     group_perms = UsersGroupRepoToPerm.query()\
                         .filter(UsersGroupRepoToPerm.repository == repo).all()
                     for perm in user_perms:
                         UserRepoToPerm.create(perm.user, new_repo,
                                               perm.permission)
                     for perm in group_perms:
                         UsersGroupRepoToPerm.create(perm.users_group, new_repo,
                                                     perm.permission)
                 else:
                     _create_default_perms()
             else:
                 _create_default_perms()
             if not just_db:
                 self.__create_repo(repo_name, form_data['repo_type'],
                                    form_data['repo_group'],
                                    form_data['clone_uri'])
             # now automatically start following this repository as owner
             ScmModel(self.sa).toggle_following_repo(new_repo.repo_id,
                                                     cur_user.user_id)
             log_create_repository(new_repo.get_dict(),
                                   created_by=cur_user.username)
             return new_repo
         except:
             log.error(traceback.format_exc())
             raise
     def create_fork(self, form_data, cur_user):
         """
         Simple wrapper into executing celery task for fork creation
         :param form_data:
         :param cur_user:
         """
         from rhodecode.lib.celerylib import tasks, run_task
         run_task(tasks.create_repo_fork, form_data, cur_user)
     def delete(self, repo):
         try:
             self.sa.delete(repo)
             self.__delete_repo(repo)
         except:
             log.error(traceback.format_exc())
             raise
     def delete_perm_user(self, form_data, repo_name):
         try:
             obj = self.sa.query(UserRepoToPerm)\
                 .filter(UserRepoToPerm.repository \
                         == self.get_by_repo_name(repo_name))\
                 .filter(UserRepoToPerm.user_id == form_data['user_id']).one()
             self.sa.delete(obj)
         except:
             log.error(traceback.format_exc())
             raise
     def grant_user_permission(self, repo, user, perm):
         """
         Grant permission for user on given repository, or update existing one
         if found
         :param repo: Instance of Repository, repository_id, or repository name
         :param user: Instance of User, user_id or username
         :param perm: Instance of Permission, or permission_name
         """
         user = self.__get_user(user)
         repo = self.__get_repo(repo)
         permission = self.__get_perm(perm)
         # check if we have that permission already
         obj = self.sa.query(UserRepoToPerm)\
             .filter(UserRepoToPerm.user == user)\
             .filter(UserRepoToPerm.repository == repo)\
             .scalar()
         if obj is None:
             # create new !
             obj = UserRepoToPerm()
         obj.repository = repo
         obj.user = user
         obj.permission = permission
         self.sa.add(obj)
     def revoke_user_permission(self, repo, user):
         """
         Revoke permission for user on given repository
         :param repo: Instance of Repository, repository_id, or repository name
         :param user: Instance of User, user_id or username
         """
         user = self.__get_user(user)
         repo = self.__get_repo(repo)
         obj = self.sa.query(UserRepoToPerm)\
             .filter(UserRepoToPerm.repository == repo)\
             .filter(UserRepoToPerm.user == user)\
             .one()
         self.sa.delete(obj)
     def delete_perm_users_group(self, form_data, repo_name):
         try:
             obj = self.sa.query(UsersGroupRepoToPerm)\
                 .filter(UsersGroupRepoToPerm.repository \
                         == self.get_by_repo_name(repo_name))\
                 .filter(UsersGroupRepoToPerm.users_group_id
                         == form_data['users_group_id']).one()
             self.sa.delete(obj)
         except:
             log.error(traceback.format_exc())
             raise
     def grant_users_group_permission(self, repo, group_name, perm):
         """
         Grant permission for users group on given repository, or update
         existing one if found
         :param repo: Instance of Repository, repository_id, or repository name
         :param group_name: Instance of UserGroup, users_group_id,
             or users group name
         :param perm: Instance of Permission, or permission_name
         """
         repo = self.__get_repo(repo)
         group_name = self.__get_users_group(group_name)
         permission = self.__get_perm(perm)
         # check if we have that permission already
         obj = self.sa.query(UsersGroupRepoToPerm)\
             .filter(UsersGroupRepoToPerm.users_group == group_name)\
             .filter(UsersGroupRepoToPerm.repository == repo)\
             .scalar()
         if obj is None:
             # create new
             obj = UsersGroupRepoToPerm()
         obj.repository = repo
         obj.users_group = group_name
         obj.permission = permission
         self.sa.add(obj)
     def revoke_users_group_permission(self, repo, group_name):
         """
         Revoke permission for users group on given repository
         :param repo: Instance of Repository, repository_id, or repository name
         :param group_name: Instance of UserGroup, users_group_id,
             or users group name
         """
         repo = self.__get_repo(repo)
         group_name = self.__get_users_group(group_name)
         obj = self.sa.query(UsersGroupRepoToPerm)\
             .filter(UsersGroupRepoToPerm.repository == repo)\
             .filter(UsersGroupRepoToPerm.users_group == group_name)\
             .one()
         self.sa.delete(obj)
     def delete_stats(self, repo_name):
         """
         removes stats for given repo
         :param repo_name:
         """
         try:
             obj = self.sa.query(Statistics)\
                     .filter(Statistics.repository == \
                         self.get_by_repo_name(repo_name)).one()
                     .filter(Statistics.repository ==
                             self.get_by_repo_name(repo_name))\
                     .one()
             self.sa.delete(obj)
         except:
             log.error(traceback.format_exc())
             raise
     def __create_repo(self, repo_name, alias, new_parent_id, clone_uri=False):
         """
         makes repository on filesystem. It's group aware means it'll create
         a repository within a group, and alter the paths accordingly of
         group location
         :param repo_name:
         :param alias:
         :param parent_id:
         :param clone_uri:
         """
         from rhodecode.lib.utils import is_valid_repo, is_valid_repos_group
         if new_parent_id:
             paths = RepoGroup.get(new_parent_id)\
                 .full_path.split(RepoGroup.url_sep())
             new_parent_path = os.sep.join(paths)
         else:
             new_parent_path = ''
         # we need to make it str for mercurial
         repo_path = os.path.join(*map(lambda x:safe_str(x),
+        repo_path = os.path.join(*map(lambda x: safe_str(x),
                                 [self.repos_path, new_parent_path, repo_name]))
         # check if this path is not a repository
         if is_valid_repo(repo_path, self.repos_path):
             raise Exception('This path %s is a valid repository' % repo_path)
         # check if this path is a group
         if is_valid_repos_group(repo_path, self.repos_path):
             raise Exception('This path %s is a valid group' % repo_path)
         log.info('creating repo %s in %s @ %s' % (
                      repo_name, safe_unicode(repo_path), clone_uri
+                )
+        )
         backend = get_backend(alias)
         backend(repo_path, create=True, src_url=clone_uri)
     def __rename_repo(self, old, new):
         """
         renames repository on filesystem
         :param old: old name
         :param new: new name
         """
         log.info('renaming repo from %s to %s' % (old, new))
         old_path = os.path.join(self.repos_path, old)
         new_path = os.path.join(self.repos_path, new)
         if os.path.isdir(new_path):
             raise Exception('Was trying to rename to already existing dir %s' \
             		     % new_path)
             raise Exception(
                 'Was trying to rename to already existing dir %s' % new_path
+            )
         shutil.move(old_path, new_path)
     def __delete_repo(self, repo):
         """
         removes repo from filesystem, the removal is acctually made by
         added rm__ prefix into dir, and rename internat .hg/.git dirs so this
         repository is no longer valid for rhodecode, can be undeleted later on
         by reverting the renames on this repository
         :param repo: repo object
         """
         rm_path = os.path.join(self.repos_path, repo.repo_name)
         log.info("Removing %s" % (rm_path))
         # disable hg/git
         alias = repo.repo_type
         shutil.move(os.path.join(rm_path, '.%s' % alias),
                     os.path.join(rm_path, 'rm__.%s' % alias))
         # disable repo
         shutil.move(rm_path, os.path.join(self.repos_path, 'rm__%s__%s' \
                                           % (datetime.today()\
                                              .strftime('%Y%m%d_%H%M%S_%f'),
                                             repo.repo_name)))
         _d = 'rm__%s__%s' % (datetime.now().strftime('%Y%m%d_%H%M%S_%f'),
                              repo.repo_name)
         shutil.move(rm_path, os.path.join(self.repos_path, _d))

rhodecode/model/repo_permission.py

➞

Show inline comments

 # -*- coding: utf-8 -*-
 """
     rhodecode.model.users_group
     ~~~~~~~~~~~~~~~~~~~~~~~~~~~
     repository permission model for RhodeCode
     :created_on: Oct 1, 2011
     :author: nvinot, marcink
     :copyright: (C) 2011-2011 Nicolas Vinot <aeris@imirhil.fr>
     :copyright: (C) 2011-2012 Marcin Kuzminski <marcin@python-works.com>
     :license: GPLv3, see COPYING for more details.
 """
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
+#
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
+#
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 import logging
 from rhodecode.model import BaseModel
 from rhodecode.model.db import UserRepoToPerm, UsersGroupRepoToPerm, Permission
 from rhodecode.model.db import UserRepoToPerm, UsersGroupRepoToPerm, Permission,\
     User, Repository
 log = logging.getLogger(__name__)
 class RepositoryPermissionModel(BaseModel):
     def __get_user(self, user):
         return self._get_instance(User, user, callback=User.get_by_username)
     def __get_repo(self, repository):
         return self._get_instance(Repository, repository,
                                   callback=Repository.get_by_repo_name)
     def __get_perm(self, permission):
         return self._get_instance(Permission, permission,
                                   callback=Permission.get_by_key)
     def get_user_permission(self, repository, user):
         repository = self.__get_repo(repository)
         user = self.__get_user(user)
         return UserRepoToPerm.query() \
                 .filter(UserRepoToPerm.user == user) \
                 .filter(UserRepoToPerm.repository == repository) \
                 .scalar()
     def update_user_permission(self, repository, user, permission):
         permission = Permission.get_by_key(permission)
         current = self.get_user_permission(repository, user)
         if current:
             if not current.permission is permission:
                 current.permission = permission
         else:
             p = UserRepoToPerm()
             p.user = user
             p.repository = repository
             p.permission = permission
             self.sa.add(p)
     def delete_user_permission(self, repository, user):
         current = self.get_user_permission(repository, user)
         if current:
             self.sa.delete(current)
     def get_users_group_permission(self, repository, users_group):
         return UsersGroupRepoToPerm.query() \
                 .filter(UsersGroupRepoToPerm.users_group == users_group) \
                 .filter(UsersGroupRepoToPerm.repository == repository) \
                 .scalar()
     def update_users_group_permission(self, repository, users_group,
                                       permission):
         permission = Permission.get_by_key(permission)
         current = self.get_users_group_permission(repository, users_group)
         if current:
             if not current.permission is permission:
                 current.permission = permission
         else:
             p = UsersGroupRepoToPerm()
             p.users_group = users_group
             p.repository = repository
             p.permission = permission
             self.sa.add(p)
     def delete_users_group_permission(self, repository, users_group):
         current = self.get_users_group_permission(repository, users_group)
         if current:
             self.sa.delete(current)

rhodecode/model/repos_group.py

➞

Show inline comments

 # -*- coding: utf-8 -*-
 """
     rhodecode.model.user_group
     ~~~~~~~~~~~~~~~~~~~~~~~~~~
     users groups model for RhodeCode
     :created_on: Jan 25, 2011
     :author: marcink
     :copyright: (C) 2011-2012 Marcin Kuzminski <marcin@python-works.com>
     :license: GPLv3, see COPYING for more details.
 """
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
+#
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
+#
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 import os
 import logging
 import traceback
 import shutil
 from pylons.i18n.translation import _
 from vcs.utils.lazy import LazyProperty
 from rhodecode.lib import LazyProperty
 from rhodecode.model import BaseModel
 from rhodecode.model.db import RepoGroup, RhodeCodeUi
 from rhodecode.model.db import RepoGroup, RhodeCodeUi, UserRepoGroupToPerm, \
     User, Permission, UsersGroupRepoGroupToPerm, UsersGroup
 log = logging.getLogger(__name__)
 class ReposGroupModel(BaseModel):
     def __get_user(self, user):
         return self._get_instance(User, user, callback=User.get_by_username)
     def __get_users_group(self, users_group):
         return self._get_instance(UsersGroup, users_group,
                                   callback=UsersGroup.get_by_group_name)
     def __get_repos_group(self, repos_group):
         return self._get_instance(RepoGroup, repos_group,
                                   callback=RepoGroup.get_by_group_name)
     def __get_perm(self, permission):
         return self._get_instance(Permission, permission,
                                   callback=Permission.get_by_key)
     @LazyProperty
     def repos_path(self):
         """
         Get's the repositories root path from database
         """
         q = RhodeCodeUi.get_by_key('/').one()
         return q.ui_value
     def _create_default_perms(self, new_group):
         # create default permission
         repo_group_to_perm = UserRepoGroupToPerm()
         default_perm = 'group.read'
         for p in User.get_by_username('default').user_perms:
             if p.permission.permission_name.startswith('group.'):
                 default_perm = p.permission.permission_name
                 break
         repo_group_to_perm.permission_id = self.sa.query(Permission)\
                 .filter(Permission.permission_name == default_perm)\
                 .one().permission_id
         repo_group_to_perm.group = new_group
         repo_group_to_perm.user_id = User.get_by_username('default').user_id
         self.sa.add(repo_group_to_perm)
     def __create_group(self, group_name):
         """
         makes repositories group on filesystem
         :param repo_name:
         :param parent_id:
         """
         create_path = os.path.join(self.repos_path, group_name)
         log.debug('creating new group in %s' % create_path)
         if os.path.isdir(create_path):
             raise Exception('That directory already exists !')
         os.makedirs(create_path)
     def __rename_group(self, old, new):
         """
         Renames a group on filesystem
         :param group_name:
         """
         if old == new:
             log.debug('skipping group rename')
             return
         log.debug('renaming repos group from %s to %s' % (old, new))
         old_path = os.path.join(self.repos_path, old)
         new_path = os.path.join(self.repos_path, new)
         log.debug('renaming repos paths from %s to %s' % (old_path, new_path))
         if os.path.isdir(new_path):
             raise Exception('Was trying to rename to already '
                             'existing dir %s' % new_path)
         shutil.move(old_path, new_path)
     def __delete_group(self, group):
         """
         Deletes a group from a filesystem
         :param group: instance of group from database
         """
         paths = group.full_path.split(RepoGroup.url_sep())
         paths = os.sep.join(paths)
         rm_path = os.path.join(self.repos_path, paths)
         if os.path.isdir(rm_path):
             # delete only if that path really exists
             os.rmdir(rm_path)
-    def create(self, form_data):
+    def create(self, group_name, group_description, parent, just_db=False):
         try:
             new_repos_group = RepoGroup()
             new_repos_group.group_description = form_data['group_description']
             new_repos_group.parent_group = RepoGroup.get(form_data['group_parent_id'])
             new_repos_group.group_name = new_repos_group.get_new_name(form_data['group_name'])
             new_repos_group.group_description = group_description
             new_repos_group.parent_group = self.__get_repos_group(parent)
             new_repos_group.group_name = new_repos_group.get_new_name(group_name)
             self.sa.add(new_repos_group)
             self.sa.flush()
             self.__create_group(new_repos_group.group_name)
             self._create_default_perms(new_repos_group)
             if not just_db:
                 # we need to flush here, in order to check if database won't
                 # throw any exceptions, create filesystem dirs at the very end
                 self.sa.flush()
                 self.__create_group(new_repos_group.group_name)
             return new_repos_group
         except:
             log.error(traceback.format_exc())
             raise
     def update(self, repos_group_id, form_data):
         try:
             repos_group = RepoGroup.get(repos_group_id)
             # update permissions
             for member, perm, member_type in form_data['perms_updates']:
                 if member_type == 'user':
                     # this updates also current one if found
                     ReposGroupModel().grant_user_permission(
                         repos_group=repos_group, user=member, perm=perm
+                    )
                 else:
                     ReposGroupModel().grant_users_group_permission(
                         repos_group=repos_group, group_name=member, perm=perm
+                    )
             # set new permissions
             for member, perm, member_type in form_data['perms_new']:
                 if member_type == 'user':
                     ReposGroupModel().grant_user_permission(
                         repos_group=repos_group, user=member, perm=perm
+                    )
                 else:
                     ReposGroupModel().grant_users_group_permission(
                         repos_group=repos_group, group_name=member, perm=perm
+                    )
             old_path = repos_group.full_path
             # change properties
             repos_group.group_description = form_data['group_description']
             repos_group.parent_group = RepoGroup.get(form_data['group_parent_id'])
             repos_group.group_name = repos_group.get_new_name(form_data['group_name'])
             new_path = repos_group.full_path
             self.sa.add(repos_group)
             self.__rename_group(old_path, new_path)
             # we need to get all repositories from this new group and
             # rename them accordingly to new group path
             for r in repos_group.repositories:
                 r.repo_name = r.get_new_name(r.just_name)
                 self.sa.add(r)
             return repos_group
         except:
             log.error(traceback.format_exc())
             raise
     def delete(self, users_group_id):
         try:
             users_group = RepoGroup.get(users_group_id)
             self.sa.delete(users_group)
             self.__delete_group(users_group)
         except:
             log.error(traceback.format_exc())
             raise
     def grant_user_permission(self, repos_group, user, perm):
         """
         Grant permission for user on given repositories group, or update
         existing one if found
         :param repos_group: Instance of ReposGroup, repositories_group_id,
             or repositories_group name
         :param user: Instance of User, user_id or username
         :param perm: Instance of Permission, or permission_name
         """
         repos_group = self.__get_repos_group(repos_group)
         user = self.__get_user(user)
         permission = self.__get_perm(perm)
         # check if we have that permission already
         obj = self.sa.query(UserRepoGroupToPerm)\
             .filter(UserRepoGroupToPerm.user == user)\
             .filter(UserRepoGroupToPerm.group == repos_group)\
             .scalar()
         if obj is None:
             # create new !
             obj = UserRepoGroupToPerm()
         obj.group = repos_group
         obj.user = user
         obj.permission = permission
         self.sa.add(obj)
     def revoke_user_permission(self, repos_group, user):
         """
         Revoke permission for user on given repositories group
         :param repos_group: Instance of ReposGroup, repositories_group_id,
             or repositories_group name
         :param user: Instance of User, user_id or username
         """
         repos_group = self.__get_repos_group(repos_group)
         user = self.__get_user(user)
         obj = self.sa.query(UserRepoGroupToPerm)\
             .filter(UserRepoGroupToPerm.user == user)\
             .filter(UserRepoGroupToPerm.group == repos_group)\
             .one()
         self.sa.delete(obj)
     def grant_users_group_permission(self, repos_group, group_name, perm):
         """
         Grant permission for users group on given repositories group, or update
         existing one if found
         :param repos_group: Instance of ReposGroup, repositories_group_id,
             or repositories_group name
         :param group_name: Instance of UserGroup, users_group_id,
             or users group name
         :param perm: Instance of Permission, or permission_name
         """
         repos_group = self.__get_repos_group(repos_group)
         group_name = self.__get_users_group(group_name)
         permission = self.__get_perm(perm)
         # check if we have that permission already
         obj = self.sa.query(UsersGroupRepoGroupToPerm)\
             .filter(UsersGroupRepoGroupToPerm.group == repos_group)\
             .filter(UsersGroupRepoGroupToPerm.users_group == group_name)\
             .scalar()
         if obj is None:
             # create new
             obj = UsersGroupRepoGroupToPerm()
         obj.group = repos_group
         obj.users_group = group_name
         obj.permission = permission
         self.sa.add(obj)
     def revoke_users_group_permission(self, repos_group, group_name):
         """
         Revoke permission for users group on given repositories group
         :param repos_group: Instance of ReposGroup, repositories_group_id,
             or repositories_group name
         :param group_name: Instance of UserGroup, users_group_id,
             or users group name
         """
         repos_group = self.__get_repos_group(repos_group)
         group_name = self.__get_users_group(group_name)
         obj = self.sa.query(UsersGroupRepoGroupToPerm)\
             .filter(UsersGroupRepoGroupToPerm.group == repos_group)\
             .filter(UsersGroupRepoGroupToPerm.users_group == group_name)\
             .one()
         self.sa.delete(obj)

rhodecode/model/scm.py

➞

Show inline comments

 # -*- coding: utf-8 -*-
 """
     rhodecode.model.scm
     ~~~~~~~~~~~~~~~~~~~
     Scm model for RhodeCode
     :created_on: Apr 9, 2010
     :author: marcink
     :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
     :license: GPLv3, see COPYING for more details.
 """
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
+#
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
+#
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 import os
 import time
 import traceback
 import logging
 import cStringIO
 from vcs import get_backend
 from vcs.exceptions import RepositoryError
 from vcs.utils.lazy import LazyProperty
 from vcs.nodes import FileNode
 from rhodecode import BACKENDS
 from rhodecode.lib import helpers as h
 from rhodecode.lib import safe_str
 from rhodecode.lib.auth import HasRepoPermissionAny
+from rhodecode.lib.auth import HasRepoPermissionAny, HasReposGroupPermissionAny
 from rhodecode.lib.utils import get_repos as get_filesystem_repos, make_ui, \
     action_logger, EmptyChangeset
 from rhodecode.model import BaseModel
 from rhodecode.model.db import Repository, RhodeCodeUi, CacheInvalidation, \
     UserFollowing, UserLog, User
+    UserFollowing, UserLog, User, RepoGroup
 log = logging.getLogger(__name__)
 class UserTemp(object):
     def __init__(self, user_id):
         self.user_id = user_id
     def __repr__(self):
         return "<%s('id:%s')>" % (self.__class__.__name__, self.user_id)
 class RepoTemp(object):
     def __init__(self, repo_id):
         self.repo_id = repo_id
     def __repr__(self):
         return "<%s('id:%s')>" % (self.__class__.__name__, self.repo_id)
 class CachedRepoList(object):
     def __init__(self, db_repo_list, repos_path, order_by=None):
         self.db_repo_list = db_repo_list
         self.repos_path = repos_path
         self.order_by = order_by
         self.reversed = (order_by or '').startswith('-')
     def __len__(self):
         return len(self.db_repo_list)
     def __repr__(self):
         return '<%s (%s)>' % (self.__class__.__name__, self.__len__())
     def __iter__(self):
         for dbr in self.db_repo_list:
             scmr = dbr.scm_instance_cached
             # check permission at this level
             if not HasRepoPermissionAny('repository.read', 'repository.write',
                                         'repository.admin')(dbr.repo_name,
                                                             'get repo check'):
             if not HasRepoPermissionAny(
                 'repository.read', 'repository.write', 'repository.admin'
             )(dbr.repo_name, 'get repo check'):
                 continue
             if scmr is None:
                 log.error('%s this repository is present in database but it '
                           'cannot be created as an scm instance',
                           dbr.repo_name)
                 log.error(
                     '%s this repository is present in database but it '
                     'cannot be created as an scm instance' % dbr.repo_name
+                )
                 continue
             last_change = scmr.last_change
             tip = h.get_changeset_safe(scmr, 'tip')
             tmp_d = {}
             tmp_d['name'] = dbr.repo_name
             tmp_d['name_sort'] = tmp_d['name'].lower()
             tmp_d['description'] = dbr.description
             tmp_d['description_sort'] = tmp_d['description']
             tmp_d['last_change'] = last_change
             tmp_d['last_change_sort'] = time.mktime(last_change.timetuple())
             tmp_d['tip'] = tip.raw_id
             tmp_d['tip_sort'] = tip.revision
             tmp_d['rev'] = tip.revision
             tmp_d['contact'] = dbr.user.full_contact
             tmp_d['contact_sort'] = tmp_d['contact']
             tmp_d['owner_sort'] = tmp_d['contact']
             tmp_d['repo_archives'] = list(scmr._get_archives())
             tmp_d['last_msg'] = tip.message
             tmp_d['author'] = tip.author
             tmp_d['dbrepo'] = dbr.get_dict()
             tmp_d['dbrepo_fork'] = dbr.fork.get_dict() if dbr.fork else {}
             yield tmp_d
 class GroupList(object):
     def __init__(self, db_repo_group_list):
         self.db_repo_group_list = db_repo_group_list
     def __len__(self):
         return len(self.db_repo_group_list)
     def __repr__(self):
         return '<%s (%s)>' % (self.__class__.__name__, self.__len__())
     def __iter__(self):
         for dbgr in self.db_repo_group_list:
             # check permission at this level
             if not HasReposGroupPermissionAny(
                 'group.read', 'group.write', 'group.admin'
             )(dbgr.group_name, 'get group repo check'):
                 continue
             yield dbgr
 class ScmModel(BaseModel):
     """
     Generic Scm Model
     """
     def __get_repo(self, instance):
         cls = Repository
         if isinstance(instance, cls):
             return instance
         elif isinstance(instance, int) or str(instance).isdigit():
             return cls.get(instance)
         elif isinstance(instance, basestring):
             return cls.get_by_repo_name(instance)
         elif instance:
             raise Exception('given object must be int, basestr or Instance'
                             ' of %s got %s' % (type(cls), type(instance)))
     @LazyProperty
     def repos_path(self):
         """
         Get's the repositories root path from database
         """
         q = self.sa.query(RhodeCodeUi).filter(RhodeCodeUi.ui_key == '/').one()
         return q.ui_value
     def repo_scan(self, repos_path=None):
         """
         Listing of repositories in given path. This path should not be a
         repository itself. Return a dictionary of repository objects
         :param repos_path: path to directory containing repositories
         """
         if repos_path is None:
             repos_path = self.repos_path
         log.info('scanning for repositories in %s' % repos_path)
         baseui = make_ui('db')
         repos = {}
         for name, path in get_filesystem_repos(repos_path, recursive=True):
             # name need to be decomposed and put back together using the /
             # since this is internal storage separator for rhodecode
             name = Repository.url_sep().join(name.split(os.sep))
             try:
                 if name in repos:
                     raise RepositoryError('Duplicate repository name %s '
                                           'found in %s' % (name, path))
                 else:
                     klass = get_backend(path[0])
                     if path[0] == 'hg' and path[0] in BACKENDS.keys():
                         repos[name] = klass(safe_str(path[1]), baseui=baseui)
                     if path[0] == 'git' and path[0] in BACKENDS.keys():
                         repos[name] = klass(path[1])
             except OSError:
                 continue
         return repos
     def get_repos(self, all_repos=None, sort_key=None):
         """
         Get all repos from db and for each repo create it's
         backend instance and fill that backed with information from database
         :param all_repos: list of repository names as strings
             give specific repositories list, good for filtering
         """
         if all_repos is None:
             all_repos = self.sa.query(Repository)\
                         .filter(Repository.group_id == None)\
                         .order_by(Repository.repo_name).all()
         repo_iter = CachedRepoList(all_repos, repos_path=self.repos_path,
                                    order_by=sort_key)
         return repo_iter
     def get_repos_groups(self, all_groups=None):
         if all_groups is None:
             all_groups = RepoGroup.query()\
                 .filter(RepoGroup.group_parent_id == None).all()
         group_iter = GroupList(all_groups)
         return group_iter
     def mark_for_invalidation(self, repo_name):
         """Puts cache invalidation task into db for
         further global cache invalidation
         :param repo_name: this repo that should invalidation take place
         """
         CacheInvalidation.set_invalidate(repo_name)
         CacheInvalidation.set_invalidate(repo_name + "_README")
     def toggle_following_repo(self, follow_repo_id, user_id):
         f = self.sa.query(UserFollowing)\
             .filter(UserFollowing.follows_repo_id == follow_repo_id)\
             .filter(UserFollowing.user_id == user_id).scalar()
         if f is not None:
             try:
                 self.sa.delete(f)
                 action_logger(UserTemp(user_id),
                               'stopped_following_repo',
                               RepoTemp(follow_repo_id))
                 return
             except:
                 log.error(traceback.format_exc())
                 raise
         try:
             f = UserFollowing()
             f.user_id = user_id
             f.follows_repo_id = follow_repo_id
             self.sa.add(f)
             action_logger(UserTemp(user_id),
                           'started_following_repo',
                           RepoTemp(follow_repo_id))
         except:
             log.error(traceback.format_exc())
             raise
     def toggle_following_user(self, follow_user_id, user_id):
         f = self.sa.query(UserFollowing)\
             .filter(UserFollowing.follows_user_id == follow_user_id)\
             .filter(UserFollowing.user_id == user_id).scalar()
         if f is not None:
             try:
                 self.sa.delete(f)
                 return

rhodecode/model/user.py

➞

Show inline comments

 # -*- coding: utf-8 -*-
 """
     rhodecode.model.user
     ~~~~~~~~~~~~~~~~~~~~
     users model for RhodeCode
     :created_on: Apr 9, 2010
     :author: marcink
     :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
     :license: GPLv3, see COPYING for more details.
 """
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
+#
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
+#
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 import logging
 import traceback
 from pylons import url
 from pylons.i18n.translation import _
 from rhodecode.lib import safe_unicode
 from rhodecode.lib.caching_query import FromCache
 from rhodecode.model import BaseModel
 from rhodecode.model.db import User, UserRepoToPerm, Repository, Permission, \
     UserToPerm, UsersGroupRepoToPerm, UsersGroupToPerm, UsersGroupMember, \
     Notification
+    Notification, RepoGroup, UserRepoGroupToPerm, UsersGroup
 from rhodecode.lib.exceptions import DefaultUserException, \
     UserOwnsReposException
 from sqlalchemy.exc import DatabaseError
 from rhodecode.lib import generate_api_key
 from sqlalchemy.orm import joinedload
 log = logging.getLogger(__name__)
 PERM_WEIGHTS = {'repository.none': 0,
                 'repository.read': 1,
                 'repository.write': 3,
                 'repository.admin': 3}
 PERM_WEIGHTS = {
     'repository.none': 0,
     'repository.read': 1,
     'repository.write': 3,
     'repository.admin': 4,
     'group.none': 0,
     'group.read': 1,
     'group.write': 3,
     'group.admin': 4,
+}
 class UserModel(BaseModel):
     def __get_user(self, user):
         return self._get_instance(User, user)
         return self._get_instance(User, user, callback=User.get_by_username)
     def __get_perm(self, permission):
         return self._get_instance(Permission, permission,
                                   callback=Permission.get_by_key)
     def get(self, user_id, cache=False):
         user = self.sa.query(User)
         if cache:
             user = user.options(FromCache("sql_cache_short",
                                           "get_user_%s" % user_id))
         return user.get(user_id)
     def get_by_username(self, username, cache=False, case_insensitive=False):
         if case_insensitive:
             user = self.sa.query(User).filter(User.username.ilike(username))
         else:
             user = self.sa.query(User)\
                 .filter(User.username == username)
         if cache:
             user = user.options(FromCache("sql_cache_short",
                                           "get_user_%s" % username))
         return user.scalar()
     def get_by_api_key(self, api_key, cache=False):
         return User.get_by_api_key(api_key, cache)
     def create(self, form_data):
         try:
             new_user = User()
             for k, v in form_data.items():
                 setattr(new_user, k, v)
             new_user.api_key = generate_api_key(form_data['username'])
             self.sa.add(new_user)
             return new_user
         except:
             log.error(traceback.format_exc())
             raise
     def create_or_update(self, username, password, email, name, lastname,
                          active=True, admin=False, ldap_dn=None):
         """
         Creates a new instance if not found, or updates current one
         :param username:
         :param password:
         :param email:
         :param active:
         :param name:
         :param lastname:
         :param active:
@@ @@ -303,202 +313,237 @@ class UserModel(BaseModel): @@
         run_task(tasks.send_password_link, data['email'])
     def reset_password(self, data):
         from rhodecode.lib.celerylib import tasks, run_task
         run_task(tasks.reset_user_password, data['email'])
     def fill_data(self, auth_user, user_id=None, api_key=None):
         """
         Fetches auth_user by user_id,or api_key if present.
         Fills auth_user attributes with those taken from database.
         Additionally set's is_authenitated if lookup fails
         present in database
         :param auth_user: instance of user to set attributes
         :param user_id: user id to fetch by
         :param api_key: api key to fetch by
         """
         if user_id is None and api_key is None:
             raise Exception('You need to pass user_id or api_key')
         try:
             if api_key:
                 dbuser = self.get_by_api_key(api_key)
             else:
                 dbuser = self.get(user_id)
             if dbuser is not None and dbuser.active:
                 log.debug('filling %s data' % dbuser)
                 for k, v in dbuser.get_dict().items():
                     setattr(auth_user, k, v)
             else:
                 return False
         except:
             log.error(traceback.format_exc())
             auth_user.is_authenticated = False
             return False
         return True
     def fill_perms(self, user):
         """
         Fills user permission attribute with permissions taken from database
         works for permissions given for repositories, and for permissions that
         are granted to groups
         :param user: user instance to fill his perms
         """
         user.permissions['repositories'] = {}
         user.permissions['global'] = set()
         RK = 'repositories'
         GK = 'repositories_groups'
         GLOBAL = 'global'
         user.permissions[RK] = {}
         user.permissions[GK] = {}
         user.permissions[GLOBAL] = set()
         #======================================================================
         # fetch default permissions
         #======================================================================
         default_user = User.get_by_username('default', cache=True)
         default_user_id = default_user.user_id
         default_perms = Permission.get_default_perms(default_user_id)
         default_repo_perms = Permission.get_default_perms(default_user_id)
         default_repo_groups_perms = Permission.get_default_group_perms(default_user_id)
         if user.is_admin:
             #==================================================================
             # #admin have all default rights set to admin
             # admin user have all default rights for repositories
             # and groups set to admin
             #==================================================================
-            user.permissions['global'].add('hg.admin')
+            user.permissions[GLOBAL].add('hg.admin')
             for perm in default_perms:
             # repositories
             for perm in default_repo_perms:
                 r_k = perm.UserRepoToPerm.repository.repo_name
                 p = 'repository.admin'
                 user.permissions['repositories'][perm.UserRepoToPerm.
                                                  repository.repo_name] = p
                 user.permissions[RK][r_k] = p
             # repositories groups
             for perm in default_repo_groups_perms:
                 rg_k = perm.UserRepoGroupToPerm.group.group_name
                 p = 'group.admin'
                 user.permissions[GK][rg_k] = p
         else:
             #==================================================================
             # set default permissions
+            # set default permissions first for repositories and groups
             #==================================================================
             uid = user.user_id
             # default global
+            # default global permissions
             default_global_perms = self.sa.query(UserToPerm)\
                 .filter(UserToPerm.user_id == default_user_id)
             for perm in default_global_perms:
-                user.permissions['global'].add(perm.permission.permission_name)
+                user.permissions[GLOBAL].add(perm.permission.permission_name)
             # default for repositories
             for perm in default_perms:
                 if perm.Repository.private and not (perm.Repository.user_id ==
                                                     uid):
             for perm in default_repo_perms:
                 r_k = perm.UserRepoToPerm.repository.repo_name
                 if perm.Repository.private and not (perm.Repository.user_id == uid):
                     # disable defaults for private repos,
                     p = 'repository.none'
                 elif perm.Repository.user_id == uid:
                     # set admin if owner
                     p = 'repository.admin'
                 else:
                     p = perm.Permission.permission_name
                 user.permissions['repositories'][perm.UserRepoToPerm.
                                                  repository.repo_name] = p
                 user.permissions[RK][r_k] = p
             # default for repositories groups
             for perm in default_repo_groups_perms:
                 rg_k = perm.UserRepoGroupToPerm.group.group_name
                 p = perm.Permission.permission_name
                 user.permissions[GK][rg_k] = p
             #==================================================================
             # overwrite default with user permissions if any
             #==================================================================
             # user global
             user_perms = self.sa.query(UserToPerm)\
                     .options(joinedload(UserToPerm.permission))\
                     .filter(UserToPerm.user_id == uid).all()
             for perm in user_perms:
-                user.permissions['global'].add(perm.permission.permission_name)
+                user.permissions[GLOBAL].add(perm.permission.permission_name)
             # user repositories
             user_repo_perms = self.sa.query(UserRepoToPerm, Permission,
                                             Repository)\
                 .join((Repository, UserRepoToPerm.repository_id ==
                        Repository.repo_id))\
                 .join((Permission, UserRepoToPerm.permission_id ==
                        Permission.permission_id))\
                 .filter(UserRepoToPerm.user_id == uid).all()
             user_repo_perms = \
              self.sa.query(UserRepoToPerm, Permission, Repository)\
              .join((Repository, UserRepoToPerm.repository_id == Repository.repo_id))\
              .join((Permission, UserRepoToPerm.permission_id == Permission.permission_id))\
              .filter(UserRepoToPerm.user_id == uid)\
              .all()
             for perm in user_repo_perms:
                 # set admin if owner
                 r_k = perm.UserRepoToPerm.repository.repo_name
                 if perm.Repository.user_id == uid:
                     p = 'repository.admin'
                 else:
                     p = perm.Permission.permission_name
                 user.permissions['repositories'][perm.UserRepoToPerm.
                                                  repository.repo_name] = p
                 user.permissions[RK][r_k] = p
             #==================================================================
             # check if user is part of groups for this repository and fill in
             # (or replace with higher) permissions
             #==================================================================
             # users group global
             user_perms_from_users_groups = self.sa.query(UsersGroupToPerm)\
                 .options(joinedload(UsersGroupToPerm.permission))\
                 .join((UsersGroupMember, UsersGroupToPerm.users_group_id ==
                        UsersGroupMember.users_group_id))\
                 .filter(UsersGroupMember.user_id == uid).all()
             for perm in user_perms_from_users_groups:
-                user.permissions['global'].add(perm.permission.permission_name)
+                user.permissions[GLOBAL].add(perm.permission.permission_name)
             # users group repositories
             user_repo_perms_from_users_groups = self.sa.query(
                                                 UsersGroupRepoToPerm,
                                                 Permission, Repository,)\
                 .join((Repository, UsersGroupRepoToPerm.repository_id ==
                        Repository.repo_id))\
                 .join((Permission, UsersGroupRepoToPerm.permission_id ==
                        Permission.permission_id))\
                 .join((UsersGroupMember, UsersGroupRepoToPerm.users_group_id ==
                        UsersGroupMember.users_group_id))\
                 .filter(UsersGroupMember.user_id == uid).all()
             user_repo_perms_from_users_groups = \
              self.sa.query(UsersGroupRepoToPerm, Permission, Repository,)\
              .join((Repository, UsersGroupRepoToPerm.repository_id == Repository.repo_id))\
              .join((Permission, UsersGroupRepoToPerm.permission_id == Permission.permission_id))\
              .join((UsersGroupMember, UsersGroupRepoToPerm.users_group_id == UsersGroupMember.users_group_id))\
              .filter(UsersGroupMember.user_id == uid)\
              .all()
             for perm in user_repo_perms_from_users_groups:
                 r_k = perm.UsersGroupRepoToPerm.repository.repo_name
                 p = perm.Permission.permission_name
                 cur_perm = user.permissions['repositories'][perm.
                                                     UsersGroupRepoToPerm.
                                                     repository.repo_name]
                 cur_perm = user.permissions[RK][r_k]
                 # overwrite permission only if it's greater than permission
                 # given from other sources
                 if PERM_WEIGHTS[p] > PERM_WEIGHTS[cur_perm]:
                     user.permissions['repositories'][perm.UsersGroupRepoToPerm.
                                                      repository.repo_name] = p
                     user.permissions[RK][r_k] = p
             #==================================================================
             # get access for this user for repos group and override defaults
             #==================================================================
             # user repositories groups
             user_repo_groups_perms = \
              self.sa.query(UserRepoGroupToPerm, Permission, RepoGroup)\
              .join((RepoGroup, UserRepoGroupToPerm.group_id == RepoGroup.group_id))\
              .join((Permission, UserRepoGroupToPerm.permission_id == Permission.permission_id))\
              .filter(UserRepoToPerm.user_id == uid)\
              .all()
             for perm in user_repo_groups_perms:
                 rg_k = perm.UserRepoGroupToPerm.group.group_name
                 p = perm.Permission.permission_name
                 cur_perm = user.permissions[GK][rg_k]
                 if PERM_WEIGHTS[p] > PERM_WEIGHTS[cur_perm]:
                     user.permissions[GK][rg_k] = p
         return user
     def has_perm(self, user, perm):
         if not isinstance(perm, Permission):
             raise Exception('perm needs to be an instance of Permission class '
                             'got %s instead' % type(perm))
         user = self.__get_user(user)
         return UserToPerm.query().filter(UserToPerm.user == user)\
             .filter(UserToPerm.permission == perm).scalar() is not None
     def grant_perm(self, user, perm):
         if not isinstance(perm, Permission):
             raise Exception('perm needs to be an instance of Permission class '
                             'got %s instead' % type(perm))
         """
         Grant user global permissions
         :param user:
         :param perm:
         """
         user = self.__get_user(user)
+        perm = self.__get_perm(perm)
         new = UserToPerm()
         new.user = user
         new.permission = perm
         self.sa.add(new)
     def revoke_perm(self, user, perm):
         if not isinstance(perm, Permission):
             raise Exception('perm needs to be an instance of Permission class '
                             'got %s instead' % type(perm))
         """
         Revoke users global permissions
         :param user:
         :param perm:
         """
         user = self.__get_user(user)
         perm = self.__get_perm(perm)
         obj = UserToPerm.query().filter(UserToPerm.user == user)\
                 .filter(UserToPerm.permission == perm).scalar()
         if obj:
             self.sa.delete(obj)

rhodecode/model/users_group.py

➞

Show inline comments

 # -*- coding: utf-8 -*-
 """
     rhodecode.model.users_group
     ~~~~~~~~~~~~~~~~~~~~~~~~~~~
     users group model for RhodeCode
     :created_on: Oct 1, 2011
     :author: nvinot
     :copyright: (C) 2011-2011 Nicolas Vinot <aeris@imirhil.fr>
     :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
     :license: GPLv3, see COPYING for more details.
 """
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
+#
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
+#
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 import logging
 import traceback
 from rhodecode.model import BaseModel
 from rhodecode.model.db import UsersGroupMember, UsersGroup,\
     UsersGroupRepoToPerm, Permission, UsersGroupToPerm
 from rhodecode.lib.exceptions import UsersGroupsAssignedException
 log = logging.getLogger(__name__)
 class UsersGroupModel(BaseModel):
     def __get_users_group(self, users_group):
         return self._get_instance(UsersGroup, users_group)
         return self._get_instance(UsersGroup, users_group,
                                   callback=UsersGroup.get_by_group_name)
     def __get_perm(self, permission):
         return self._get_instance(Permission, permission,
                                   callback=Permission.get_by_key)
     def get(self, users_group_id, cache=False):
         return UsersGroup.get(users_group_id)
     def get_by_name(self, name, cache=False, case_insensitive=False):
         return UsersGroup.get_by_group_name(name, cache, case_insensitive)
     def create(self, name, active=True):
         try:
             new = UsersGroup()
             new.users_group_name = name
             new.users_group_active = active
             self.sa.add(new)
             return new
         except:
             log.error(traceback.format_exc())
             raise
     def update(self, users_group, form_data):
         try:
             users_group = self.__get_users_group(users_group)
             for k, v in form_data.items():
                 if k == 'users_group_members':
                     users_group.members = []
                     self.sa.flush()
                     members_list = []
                     if v:
                         v = [v] if isinstance(v, basestring) else v
                         for u_id in set(v):
                             member = UsersGroupMember(users_group.users_group_id, u_id)
                             members_list.append(member)
                     setattr(users_group, 'members', members_list)
                 setattr(users_group, k, v)
             self.sa.add(users_group)
         except:
             log.error(traceback.format_exc())
             raise
     def delete(self, users_group):
     def delete(self, users_group, force=False):
         """
         Deletes repos group, unless force flag is used
         raises exception if there are members in that group, else deletes
         group and users
         :param users_group:
         :param force:
         """
         try:
             users_group = self.__get_users_group(users_group)
             # check if this group is not assigned to repo
             assigned_groups = UsersGroupRepoToPerm.query()\
                 .filter(UsersGroupRepoToPerm.users_group == users_group).all()
             if assigned_groups:
+            if assigned_groups and force is False:
                 raise UsersGroupsAssignedException('RepoGroup assigned to %s' %
                                                    assigned_groups)
             self.sa.delete(users_group)
         except:
             log.error(traceback.format_exc())
             raise
     def add_user_to_group(self, users_group, user):
         for m in users_group.members:
             u = m.user
             if u.user_id == user.user_id:
                 return m
         try:
             users_group_member = UsersGroupMember()
             users_group_member.user = user
             users_group_member.users_group = users_group
             users_group.members.append(users_group_member)
             user.group_member.append(users_group_member)
             self.sa.add(users_group_member)
             return users_group_member
         except:
             log.error(traceback.format_exc())
             raise
     def has_perm(self, users_group, perm):
         if not isinstance(perm, Permission):
             raise Exception('perm needs to be an instance of Permission class')
         users_group = self.__get_users_group(users_group)
         perm = self.__get_perm(perm)
         return UsersGroupToPerm.query()\
             .filter(UsersGroupToPerm.users_group == users_group)\
             .filter(UsersGroupToPerm.permission == perm).scalar() is not None
     def grant_perm(self, users_group, perm):
         if not isinstance(perm, Permission):
             raise Exception('perm needs to be an instance of Permission class')
         users_group = self.__get_users_group(users_group)
         new = UsersGroupToPerm()
         new.users_group = users_group
         new.permission = perm
         self.sa.add(new)
     def revoke_perm(self, users_group, perm):
         if not isinstance(perm, Permission):
             raise Exception('perm needs to be an instance of Permission class')
         users_group = self.__get_users_group(users_group)
         perm = self.__get_perm(perm)
         obj = UsersGroupToPerm.query()\
             .filter(UsersGroupToPerm.users_group == users_group)\
             .filter(UsersGroupToPerm.permission == perm).scalar()
         if obj:
             self.sa.delete(obj)

rhodecode/templates/admin/repos_groups/repos_group_edit_perms.html

➞

Show inline comments

@@ new file 100644 @@
 <table id="permissions_manage" class="noborder">
     <tr>
         <td>${_('none')}</td>
         <td>${_('read')}</td>
         <td>${_('write')}</td>
         <td>${_('admin')}</td>
         <td>${_('member')}</td>
         <td></td>
     </tr>
     ## USERS
     %for r2p in c.repos_group.repo_group_to_perm:
         <tr id="id${id(r2p.user.username)}">
             <td>${h.radio('u_perm_%s' % r2p.user.username,'group.none')}</td>
             <td>${h.radio('u_perm_%s' % r2p.user.username,'group.read')}</td>
             <td>${h.radio('u_perm_%s' % r2p.user.username,'group.write')}</td>
             <td>${h.radio('u_perm_%s' % r2p.user.username,'group.admin')}</td>
             <td style="white-space: nowrap;">
                 <img style="vertical-align:bottom" src="${h.url('/images/icons/user.png')}"/>${r2p.user.username}
             </td>
             <td>
               %if r2p.user.username !='default':
                 <span class="delete_icon action_button" onclick="ajaxActionUser(${r2p.user.user_id},'${'id%s'%id(r2p.user.username)}')">
                 ${_('revoke')}
                 </span>
               %endif
             </td>
         </tr>
     %endfor
     ## USERS GROUPS
     %for g2p in c.repos_group.users_group_to_perm:
         <tr id="id${id(g2p.users_group.users_group_name)}">
             <td>${h.radio('g_perm_%s' % g2p.users_group.users_group_name,'group.none')}</td>
             <td>${h.radio('g_perm_%s' % g2p.users_group.users_group_name,'group.read')}</td>
             <td>${h.radio('g_perm_%s' % g2p.users_group.users_group_name,'group.write')}</td>
             <td>${h.radio('g_perm_%s' % g2p.users_group.users_group_name,'group.admin')}</td>
             <td style="white-space: nowrap;">
                 <img  style="vertical-align:bottom" src="${h.url('/images/icons/group.png')}"/>${g2p.users_group.users_group_name}
             </td>
             <td>
                 <span class="delete_icon action_button" onclick="ajaxActionUsersGroup(${g2p.users_group.users_group_id},'${'id%s'%id(g2p.users_group.users_group_name)}')">
                 ${_('revoke')}
                 </span>
             </td>
         </tr>
     %endfor
     <tr id="add_perm_input">
         <td>${h.radio('perm_new_member','group.none')}</td>
         <td>${h.radio('perm_new_member','group.read')}</td>
         <td>${h.radio('perm_new_member','group.write')}</td>
         <td>${h.radio('perm_new_member','group.admin')}</td>
         <td class='ac'>
             <div class="perm_ac" id="perm_ac">
                 ${h.text('perm_new_member_name',class_='yui-ac-input')}
                 ${h.hidden('perm_new_member_type')}
                 <div id="perm_container"></div>
             </div>
         </td>
         <td></td>
     </tr>
     <tr>
         <td colspan="6">
             <span id="add_perm" class="add_icon" style="cursor: pointer;">
             ${_('Add another member')}
             </span>
         </td>
     </tr>
 </table>
 <script type="text/javascript">
 function ajaxActionUser(user_id, field_id) {
     var sUrl = "${h.url('delete_repos_group_user_perm',group_name=c.repos_group.name)}";
     var callback = {
         success: function (o) {
             var tr = YUD.get(String(field_id));
             tr.parentNode.removeChild(tr);
         },
         failure: function (o) {
             alert("${_('Failed to remove user')}");
         },
     };
     var postData = '_method=delete&user_id=' + user_id;
     var request = YAHOO.util.Connect.asyncRequest('POST', sUrl, callback, postData);
 };
 function ajaxActionUsersGroup(users_group_id,field_id){
     var sUrl = "${h.url('delete_repos_group_users_group_perm',group_name=c.repos_group.name)}";
     var callback = {
         success:function(o){
             var tr = YUD.get(String(field_id));
             tr.parentNode.removeChild(tr);
         },
         failure:function(o){
             alert("${_('Failed to remove users group')}");
         },
     };
     var postData = '_method=delete&users_group_id='+users_group_id;
     var request = YAHOO.util.Connect.asyncRequest('POST', sUrl, callback, postData);
 };
 YUE.onDOMReady(function () {
     if (!YUD.hasClass('perm_new_member_name', 'error')) {
         YUD.setStyle('add_perm_input', 'display', 'none');
+    }
     YAHOO.util.Event.addListener('add_perm', 'click', function () {
         YUD.setStyle('add_perm_input', 'display', '');
         YUD.setStyle('add_perm', 'opacity', '0.6');
         YUD.setStyle('add_perm', 'cursor', 'default');
     });
 });
 YAHOO.example.FnMultipleFields = function () {
     var myUsers = ${c.users_array|n};
     var myGroups = ${c.users_groups_array|n};
     // Define a custom search function for the DataSource of users
     var matchUsers = function (sQuery) {
             // Case insensitive matching
             var query = sQuery.toLowerCase();
             var i = 0;
             var l = myUsers.length;
             var matches = [];
             // Match against each name of each contact
             for (; i < l; i++) {
                 contact = myUsers[i];
                 if ((contact.fname.toLowerCase().indexOf(query) > -1) || (contact.lname.toLowerCase().indexOf(query) > -1) || (contact.nname && (contact.nname.toLowerCase().indexOf(query) > -1))) {
                     matches[matches.length] = contact;
+                }
+            }
             return matches;
         };
     // Define a custom search function for the DataSource of usersGroups
     var matchGroups = function (sQuery) {
             // Case insensitive matching
             var query = sQuery.toLowerCase();
             var i = 0;
             var l = myGroups.length;
             var matches = [];
             // Match against each name of each contact
             for (; i < l; i++) {
                 matched_group = myGroups[i];
                 if (matched_group.grname.toLowerCase().indexOf(query) > -1) {
                     matches[matches.length] = matched_group;
+                }
+            }
             return matches;
         };
     //match all
     var matchAll = function (sQuery) {
             u = matchUsers(sQuery);
             g = matchGroups(sQuery);
             return u.concat(g);
         };
     // DataScheme for members
     var memberDS = new YAHOO.util.FunctionDataSource(matchAll);
     memberDS.responseSchema = {
         fields: ["id", "fname", "lname", "nname", "grname", "grmembers"]
     };
     // DataScheme for owner
     var ownerDS = new YAHOO.util.FunctionDataSource(matchUsers);
     ownerDS.responseSchema = {
         fields: ["id", "fname", "lname", "nname"]
     };
     // Instantiate AutoComplete for perms
     var membersAC = new YAHOO.widget.AutoComplete("perm_new_member_name", "perm_container", memberDS);
     membersAC.useShadow = false;
     membersAC.resultTypeList = false;
     // Instantiate AutoComplete for owner
     var ownerAC = new YAHOO.widget.AutoComplete("user", "owner_container", ownerDS);
     ownerAC.useShadow = false;
     ownerAC.resultTypeList = false;
     // Helper highlight function for the formatter
     var highlightMatch = function (full, snippet, matchindex) {
             return full.substring(0, matchindex) + "<span class='match'>" + full.substr(matchindex, snippet.length) + "</span>" + full.substring(matchindex + snippet.length);
         };
     // Custom formatter to highlight the matching letters
     var custom_formatter = function (oResultData, sQuery, sResultMatch) {
             var query = sQuery.toLowerCase();
             if (oResultData.grname != undefined) {
                 var grname = oResultData.grname;
                 var grmembers = oResultData.grmembers;
                 var grnameMatchIndex = grname.toLowerCase().indexOf(query);
                 var grprefix = "${_('Group')}: ";
                 var grsuffix = " (" + grmembers + "  ${_('members')})";
                 if (grnameMatchIndex > -1) {
                     return grprefix + highlightMatch(grname, query, grnameMatchIndex) + grsuffix;
+                }
                 return grprefix + oResultData.grname + grsuffix;
             } else if (oResultData.fname != undefined) {
                 var fname = oResultData.fname,
                     lname = oResultData.lname,
                     nname = oResultData.nname || "",
                     // Guard against null value
                     fnameMatchIndex = fname.toLowerCase().indexOf(query),
                     lnameMatchIndex = lname.toLowerCase().indexOf(query),
                     nnameMatchIndex = nname.toLowerCase().indexOf(query),
                     displayfname, displaylname, displaynname;
                 if (fnameMatchIndex > -1) {
                     displayfname = highlightMatch(fname, query, fnameMatchIndex);
                 } else {
                     displayfname = fname;
+                }
                 if (lnameMatchIndex > -1) {
                     displaylname = highlightMatch(lname, query, lnameMatchIndex);
                 } else {
                     displaylname = lname;
+                }
                 if (nnameMatchIndex > -1) {
                     displaynname = "(" + highlightMatch(nname, query, nnameMatchIndex) + ")";
                 } else {
                     displaynname = nname ? "(" + nname + ")" : "";
+                }
                 return displayfname + " " + displaylname + " " + displaynname;
             } else {
                 return '';
+            }
         };
     membersAC.formatResult = custom_formatter;
     ownerAC.formatResult = custom_formatter;
     var myHandler = function (sType, aArgs) {
             var myAC = aArgs[0]; // reference back to the AC instance
             var elLI = aArgs[1]; // reference to the selected LI element
             var oData = aArgs[2]; // object literal of selected item's result data
             //fill the autocomplete with value
             if (oData.nname != undefined) {
                 //users
                 myAC.getInputEl().value = oData.nname;
                 YUD.get('perm_new_member_type').value = 'user';
             } else {
                 //groups
                 myAC.getInputEl().value = oData.grname;
                 YUD.get('perm_new_member_type').value = 'users_group';
+            }
         };
     membersAC.itemSelectEvent.subscribe(myHandler);
     if(ownerAC.itemSelectEvent){
         ownerAC.itemSelectEvent.subscribe(myHandler);
+    }
     return {
         memberDS: memberDS,
         ownerDS: ownerDS,
         membersAC: membersAC,
         ownerAC: ownerAC,
     };
 }();
 </script>

rhodecode/templates/admin/repos_groups/repos_groups_edit.html

➞

Show inline comments

@@ @@ -8,57 +8,66 @@ @@
     ${h.link_to(_('Admin'),h.url('admin_home'))}
     &raquo;
     ${h.link_to(_('Repos groups'),h.url('repos_groups'))}
     &raquo;
     ${_('edit repos group')} "${c.repos_group.name}"
 </%def>
 <%def name="page_nav()">
     ${self.menu('admin')}
 </%def>
 <%def name="main()">
 <div class="box">
     <!-- box / title -->
     <div class="title">
         ${self.breadcrumbs()}
     </div>
     <!-- end box / title -->
     ${h.form(url('repos_group',id=c.repos_group.group_id),method='put')}
     <div class="form">
         <!-- fields -->
         <div class="fields">
              <div class="field">
                 <div class="label">
                     <label for="group_name">${_('Group name')}:</label>
                 </div>
                 <div class="input">
                     ${h.text('group_name',class_='medium')}
                 </div>
              </div>
 	        <div class="field">
 	            <div class="label label-textarea">
 	                <label for="group_description">${_('Description')}:</label>
 	            </div>
 	            <div class="textarea text-area editor">
 	                ${h.textarea('group_description',cols=23,rows=5,class_="medium")}
 	            </div>
 	         </div>
 	         <div class="field">
 	             <div class="label">
 	                 <label for="group_parent_id">${_('Group parent')}:</label>
 	             </div>
 	             <div class="input">
 	                 ${h.select('group_parent_id','',c.repo_groups,class_="medium")}
 	             </div>
 	         </div>
             <div class="field">
                 <div class="label">
                     <label for="input">${_('Permissions')}:</label>
                 </div>
                 <div class="input">
                     <%include file="repos_group_edit_perms.html"/>
                 </div>
             </div>
             <div class="buttons">
               ${h.submit('save',_('save'),class_="ui-button")}
               ${h.submit('save',_('Save'),class_="ui-button")}
               ${h.reset('reset',_('Reset'),class_="ui-button")}
             </div>
         </div>
     </div>
     ${h.end_form()}
 </div>
 </%def>

rhodecode/templates/index_base.html

➞

Show inline comments

 <%page args="parent" />
     <div class="box">
         <!-- box / title -->
         <div class="title">
             <h5>
             <input class="q_filter_box" id="q_filter" size="15" type="text" name="filter" value="${_('quick filter...')}"/> ${parent.breadcrumbs()} <span id="repo_count">0</span> ${_('repositories')}
             </h5>
             %if c.rhodecode_user.username != 'default':
                 %if h.HasPermissionAny('hg.admin','hg.create.repository')():
                 <ul class="links">
                   <li>
                     <span>${h.link_to(_('ADD REPOSITORY'),h.url('admin_settings_create_repository'))}</span>
                   </li>
                 </ul>
                 %endif
             %endif
         </div>
         <!-- end box / title -->
         <div class="table">
            % if c.groups:
             <div id='groups_list_wrap' class="yui-skin-sam">
               <table id="groups_list">
                   <thead>
                       <tr>
                           <th class="left"><a href="#">${_('Group name')}</a></th>
                           <th class="left"><a href="#">${_('Description')}</a></th>
                           ##<th class="left"><a href="#">${_('Number of repositories')}</a></th>
                       </tr>
                   </thead>
                   ## REPO GROUPS
                   % for gr in c.groups:
                     <tr>
                         <td>
                             <div style="white-space: nowrap">
                             <img class="icon" alt="${_('Repositories group')}" src="${h.url('/images/icons/database_link.png')}"/>
                             ${h.link_to(gr.name,url('repos_group_home',group_name=gr.group_name))}
                             </div>
                         </td>
                         <td>${gr.group_description}</td>
                         ##<td><b>${gr.repositories.count()}</b></td>
                         ## this is commented out since for multi nested repos can be HEAVY!
                         ## in number of executed queries during traversing uncomment at will
                         ##<td><b>${gr.repositories_recursive_count}</b></td>
                     </tr>
                   % endfor
               </table>
             </div>
             <div style="height: 20px"></div>
             % endif
             <div id="welcome" style="display:none;text-align:center">
                 <h1><a href="${h.url('home')}">${c.rhodecode_name} ${c.rhodecode_version}</a></h1>
             </div>
             <div id='repos_list_wrap' class="yui-skin-sam">
             <%cnt=0%>
             <%namespace name="dt" file="/_data_table/_dt_elements.html"/>
             <table id="repos_list">
             <thead>
                 <tr>
                     <th class="left"></th>
                     <th class="left">${_('Name')}</th>
                     <th class="left">${_('Description')}</th>
                     <th class="left">${_('Last change')}</th>
                     <th class="left">${_('Tip')}</th>
                     <th class="left">${_('Owner')}</th>
                     <th class="left">${_('RSS')}</th>
                     <th class="left">${_('Atom')}</th>
                 </tr>
             </thead>
             <tbody>
             %for cnt,repo in enumerate(c.repos_list,1):
                 <tr class="parity${cnt%2}">
                     ##QUICK MENU
                     <td class="quick_repo_menu">
                       ${dt.quick_menu(repo['name'])}
                     </td>
                     ##REPO NAME AND ICONS
                     <td class="reponame">
                       ${dt.repo_name(repo['name'],repo['dbrepo']['repo_type'],repo['dbrepo']['private'],repo['dbrepo_fork'].get('repo_name'))}
                     </td>
                     ##DESCRIPTION
                     <td><span class="tooltip" title="${h.tooltip(repo['description'])}">
                        ${h.truncate(repo['description'],60)}</span>
                     </td>
                     ##LAST CHANGE DATE
                     <td>
                       <span class="tooltip" title="${repo['last_change']}">${h.age(repo['last_change'])}</span>
                     </td>
                     ##LAST REVISION
                     <td>

rhodecode/tests/test_models.py

➞

Show inline comments

 import os
 import unittest
 from rhodecode.tests import *
 from rhodecode.model.repos_group import ReposGroupModel
 from rhodecode.model.repo import RepoModel
 from rhodecode.model.db import RepoGroup, User, Notification, UserNotification, \
     UsersGroup, UsersGroupMember, Permission
 from sqlalchemy.exc import IntegrityError
 from rhodecode.model.user import UserModel
 from rhodecode.model.meta import Session
 from rhodecode.model.notification import NotificationModel
 from rhodecode.model.users_group import UsersGroupModel
 from rhodecode.lib.auth import AuthUser
 def _make_group(path, desc='desc', parent_id=None,
                  skip_if_exists=False):
     gr = RepoGroup.get_by_group_name(path)
     if gr and skip_if_exists:
         return gr
     gr = ReposGroupModel().create(path, desc, parent_id)
     Session.commit()
     return gr
 class TestReposGroups(unittest.TestCase):
     def setUp(self):
         self.g1 = self.__make_group('test1', skip_if_exists=True)
         self.g2 = self.__make_group('test2', skip_if_exists=True)
         self.g3 = self.__make_group('test3', skip_if_exists=True)
         self.g1 = _make_group('test1', skip_if_exists=True)
         self.g2 = _make_group('test2', skip_if_exists=True)
         self.g3 = _make_group('test3', skip_if_exists=True)
     def tearDown(self):
         print 'out'
     def __check_path(self, *path):
         path = [TESTS_TMP_PATH] + list(path)
         path = os.path.join(*path)
         return os.path.isdir(path)
     def _check_folders(self):
         print os.listdir(TESTS_TMP_PATH)
     def __make_group(self, path, desc='desc', parent_id=None,
                      skip_if_exists=False):
         gr = RepoGroup.get_by_group_name(path)
         if gr and skip_if_exists:
             return gr
         form_data = dict(group_name=path,
                          group_description=desc,
                          group_parent_id=parent_id)
         gr = ReposGroupModel().create(form_data)
         Session.commit()
         return gr
     def __delete_group(self, id_):
         ReposGroupModel().delete(id_)
     def __update_group(self, id_, path, desc='desc', parent_id=None):
         form_data = dict(group_name=path,
                          group_description=desc,
                          group_parent_id=parent_id)
                          group_parent_id=parent_id,
                          perms_updates=[],
                          perms_new=[])
         gr = ReposGroupModel().update(id_, form_data)
         return gr
     def test_create_group(self):
-        g = self.__make_group('newGroup')
+        g = _make_group('newGroup')
         self.assertEqual(g.full_path, 'newGroup')
         self.assertTrue(self.__check_path('newGroup'))
     def test_create_same_name_group(self):
-        self.assertRaises(IntegrityError, lambda:self.__make_group('newGroup'))
+        self.assertRaises(IntegrityError, lambda:_make_group('newGroup'))
         Session.rollback()
     def test_same_subgroup(self):
-        sg1 = self.__make_group('sub1', parent_id=self.g1.group_id)
+        sg1 = _make_group('sub1', parent_id=self.g1.group_id)
         self.assertEqual(sg1.parent_group, self.g1)
         self.assertEqual(sg1.full_path, 'test1/sub1')
         self.assertTrue(self.__check_path('test1', 'sub1'))
-        ssg1 = self.__make_group('subsub1', parent_id=sg1.group_id)
+        ssg1 = _make_group('subsub1', parent_id=sg1.group_id)
         self.assertEqual(ssg1.parent_group, sg1)
         self.assertEqual(ssg1.full_path, 'test1/sub1/subsub1')
         self.assertTrue(self.__check_path('test1', 'sub1', 'subsub1'))
     def test_remove_group(self):
-        sg1 = self.__make_group('deleteme')
+        sg1 = _make_group('deleteme')
         self.__delete_group(sg1.group_id)
         self.assertEqual(RepoGroup.get(sg1.group_id), None)
         self.assertFalse(self.__check_path('deteteme'))
-        sg1 = self.__make_group('deleteme', parent_id=self.g1.group_id)
+        sg1 = _make_group('deleteme', parent_id=self.g1.group_id)
         self.__delete_group(sg1.group_id)
         self.assertEqual(RepoGroup.get(sg1.group_id), None)
         self.assertFalse(self.__check_path('test1', 'deteteme'))
     def test_rename_single_group(self):
-        sg1 = self.__make_group('initial')
+        sg1 = _make_group('initial')
         new_sg1 = self.__update_group(sg1.group_id, 'after')
         self.assertTrue(self.__check_path('after'))
         self.assertEqual(RepoGroup.get_by_group_name('initial'), None)
     def test_update_group_parent(self):
-        sg1 = self.__make_group('initial', parent_id=self.g1.group_id)
+        sg1 = _make_group('initial', parent_id=self.g1.group_id)
         new_sg1 = self.__update_group(sg1.group_id, 'after', parent_id=self.g1.group_id)
         self.assertTrue(self.__check_path('test1', 'after'))
         self.assertEqual(RepoGroup.get_by_group_name('test1/initial'), None)
         new_sg1 = self.__update_group(sg1.group_id, 'after', parent_id=self.g3.group_id)
         self.assertTrue(self.__check_path('test3', 'after'))
         self.assertEqual(RepoGroup.get_by_group_name('test3/initial'), None)
         new_sg1 = self.__update_group(sg1.group_id, 'hello')
         self.assertTrue(self.__check_path('hello'))
         self.assertEqual(RepoGroup.get_by_group_name('hello'), new_sg1)
     def test_subgrouping_with_repo(self):
         g1 = self.__make_group('g1')
         g2 = self.__make_group('g2')
         g1 = _make_group('g1')
         g2 = _make_group('g2')
         # create new repo
         form_data = dict(repo_name='john',
                          repo_name_full='john',
                          fork_name=None,
                          description=None,
                          repo_group=None,
                          private=False,
                          repo_type='hg',
                          clone_uri=None)
         cur_user = User.get_by_username(TEST_USER_ADMIN_LOGIN)
         r = RepoModel().create(form_data, cur_user)
         self.assertEqual(r.repo_name, 'john')
         # put repo into group
         form_data = form_data
         form_data['repo_group'] = g1.group_id
         form_data['perms_new'] = []
         form_data['perms_updates'] = []
         RepoModel().update(r.repo_name, form_data)
         self.assertEqual(r.repo_name, 'g1/john')
         self.__update_group(g1.group_id, 'g1', parent_id=g2.group_id)
         self.assertTrue(self.__check_path('g2', 'g1'))
         # test repo
         self.assertEqual(r.repo_name, os.path.join('g2', 'g1', r.just_name))
 class TestUser(unittest.TestCase):
     def __init__(self, methodName='runTest'):
         Session.remove()
         super(TestUser, self).__init__(methodName=methodName)
     def test_create_and_remove(self):
         usr = UserModel().create_or_update(username=u'test_user', password=u'qweqwe',
                                      email=u'u232@rhodecode.org',
                                      name=u'u1', lastname=u'u1')
         Session.commit()
         self.assertEqual(User.get_by_username(u'test_user'), usr)
         # make users group
         users_group = UsersGroupModel().create('some_example_group')
         Session.commit()
         UsersGroupModel().add_user_to_group(users_group, usr)
         Session.commit()
         self.assertEqual(UsersGroup.get(users_group.users_group_id), users_group)
         self.assertEqual(UsersGroupMember.query().count(), 1)
         UserModel().delete(usr.user_id)
         Session.commit()
         self.assertEqual(UsersGroupMember.query().all(), [])
 class TestNotifications(unittest.TestCase):
     def __init__(self, methodName='runTest'):
         Session.remove()
         self.u1 = UserModel().create_or_update(username=u'u1',
                                         password=u'qweqwe',
                                         email=u'u1@rhodecode.org',
                                         name=u'u1', lastname=u'u1')
         Session.commit()
         self.u1 = self.u1.user_id
         self.u2 = UserModel().create_or_update(username=u'u2',
                                         password=u'qweqwe',
                                         email=u'u2@rhodecode.org',
                                         name=u'u2', lastname=u'u3')
         Session.commit()
         self.u2 = self.u2.user_id
         self.u3 = UserModel().create_or_update(username=u'u3',
                                         password=u'qweqwe',
                                         email=u'u3@rhodecode.org',
                                         name=u'u3', lastname=u'u3')
         Session.commit()
         self.u3 = self.u3.user_id
         super(TestNotifications, self).__init__(methodName=methodName)
     def _clean_notifications(self):
         for n in Notification.query().all():
             Session.delete(n)
         Session.commit()
         self.assertEqual(Notification.query().all(), [])
     def tearDown(self):
         self._clean_notifications()
     def test_create_notification(self):
         self.assertEqual([], Notification.query().all())
         self.assertEqual([], UserNotification.query().all())
         usrs = [self.u1, self.u2]
         notification = NotificationModel().create(created_by=self.u1,
                                            subject=u'subj', body=u'hi there',
                                            recipients=usrs)
         Session.commit()
         u1 = User.get(self.u1)
         u2 = User.get(self.u2)
         u3 = User.get(self.u3)
         notifications = Notification.query().all()
         self.assertEqual(len(notifications), 1)
         unotification = UserNotification.query()\
             .filter(UserNotification.notification == notification).all()
         self.assertEqual(notifications[0].recipients, [u1, u2])
         self.assertEqual(notification.notification_id,
                          notifications[0].notification_id)
         self.assertEqual(len(unotification), len(usrs))
         self.assertEqual([x.user.user_id for x in unotification], usrs)
     def test_user_notifications(self):
         self.assertEqual([], Notification.query().all())
         self.assertEqual([], UserNotification.query().all())
         notification1 = NotificationModel().create(created_by=self.u1,
                                             subject=u'subj', body=u'hi there1',
                                             recipients=[self.u3])
         Session.commit()
         notification2 = NotificationModel().create(created_by=self.u1,
                                             subject=u'subj', body=u'hi there2',
                                             recipients=[self.u3])
         Session.commit()
         u3 = Session.query(User).get(self.u3)
         self.assertEqual(sorted([x.notification for x in u3.notifications]),
                          sorted([notification2, notification1]))
     def test_delete_notifications(self):
         self.assertEqual([], Notification.query().all())
         self.assertEqual([], UserNotification.query().all())
         notification = NotificationModel().create(created_by=self.u1,
                                            subject=u'title', body=u'hi there3',
                                     recipients=[self.u3, self.u1, self.u2])
         Session.commit()
         notifications = Notification.query().all()
         self.assertTrue(notification in notifications)
         Notification.delete(notification.notification_id)
         Session.commit()
         notifications = Notification.query().all()
         self.assertFalse(notification in notifications)
         un = UserNotification.query().filter(UserNotification.notification
                                              == notification).all()
         self.assertEqual(un, [])
     def test_delete_association(self):
         self.assertEqual([], Notification.query().all())
         self.assertEqual([], UserNotification.query().all())
         notification = NotificationModel().create(created_by=self.u1,
                                            subject=u'title', body=u'hi there3',
                                     recipients=[self.u3, self.u1, self.u2])
         Session.commit()
         unotification = UserNotification.query()\
                             .filter(UserNotification.notification ==
                                     notification)\
                             .filter(UserNotification.user_id == self.u3)\
                             .scalar()
         self.assertEqual(unotification.user_id, self.u3)
         NotificationModel().delete(self.u3,
                                    notification.notification_id)
         Session.commit()
         u3notification = UserNotification.query()\
                             .filter(UserNotification.notification ==
                                     notification)\
                             .filter(UserNotification.user_id == self.u3)\
                             .scalar()
         self.assertEqual(u3notification, None)
         # notification object is still there
         self.assertEqual(Notification.query().all(), [notification])
         #u1 and u2 still have assignments
         u1notification = UserNotification.query()\
                             .filter(UserNotification.notification ==
                                     notification)\
                             .filter(UserNotification.user_id == self.u1)\
                             .scalar()
         self.assertNotEqual(u1notification, None)
         u2notification = UserNotification.query()\
                             .filter(UserNotification.notification ==
                                     notification)\
                             .filter(UserNotification.user_id == self.u2)\
                             .scalar()
         self.assertNotEqual(u2notification, None)
     def test_notification_counter(self):
         self._clean_notifications()
         self.assertEqual([], Notification.query().all())
         self.assertEqual([], UserNotification.query().all())
         NotificationModel().create(created_by=self.u1,
                             subject=u'title', body=u'hi there_delete',
                             recipients=[self.u3, self.u1])
         Session.commit()
         self.assertEqual(NotificationModel()
                          .get_unread_cnt_for_user(self.u1), 1)
         self.assertEqual(NotificationModel()
                          .get_unread_cnt_for_user(self.u2), 0)
         self.assertEqual(NotificationModel()
                          .get_unread_cnt_for_user(self.u3), 1)
         notification = NotificationModel().create(created_by=self.u1,
                                            subject=u'title', body=u'hi there3',
                                     recipients=[self.u3, self.u1, self.u2])
         Session.commit()
         self.assertEqual(NotificationModel()
                          .get_unread_cnt_for_user(self.u1), 2)
         self.assertEqual(NotificationModel()
                          .get_unread_cnt_for_user(self.u2), 1)
         self.assertEqual(NotificationModel()
                          .get_unread_cnt_for_user(self.u3), 2)
 class TestUsers(unittest.TestCase):
     def __init__(self, methodName='runTest'):
         super(TestUsers, self).__init__(methodName=methodName)
     def setUp(self):
         self.u1 = UserModel().create_or_update(username=u'u1',
                                         password=u'qweqwe',
                                         email=u'u1@rhodecode.org',
                                         name=u'u1', lastname=u'u1')
     def tearDown(self):
         perm = Permission.query().all()
         for p in perm:
             UserModel().revoke_perm(self.u1, p)
         UserModel().delete(self.u1)
         Session.commit()
     def test_add_perm(self):
         perm = Permission.query().all()[0]
         UserModel().grant_perm(self.u1, perm)
         Session.commit()
         self.assertEqual(UserModel().has_perm(self.u1, perm), True)
     def test_has_perm(self):
         perm = Permission.query().all()
         for p in perm:
             has_p = UserModel().has_perm(self.u1, p)
             self.assertEqual(False, has_p)
     def test_revoke_perm(self):
         perm = Permission.query().all()[0]
         UserModel().grant_perm(self.u1, perm)
         Session.commit()
         self.assertEqual(UserModel().has_perm(self.u1, perm), True)
         #revoke
         UserModel().revoke_perm(self.u1, perm)
         Session.commit()
         self.assertEqual(UserModel().has_perm(self.u1, perm),False)
         self.assertEqual(UserModel().has_perm(self.u1, perm), False)
 class TestPermissions(unittest.TestCase):
     def __init__(self, methodName='runTest'):
         super(TestPermissions, self).__init__(methodName=methodName)
     def setUp(self):
         self.u1 = UserModel().create_or_update(
             username=u'u1', password=u'qweqwe',
             email=u'u1@rhodecode.org', name=u'u1', lastname=u'u1'
+        )
         self.a1 = UserModel().create_or_update(
             username=u'a1', password=u'qweqwe',
             email=u'a1@rhodecode.org', name=u'a1', lastname=u'a1', admin=True
+        )
         Session.commit()
     def tearDown(self):
         UserModel().delete(self.u1)
         UserModel().delete(self.a1)
         if hasattr(self, 'g1'):
             ReposGroupModel().delete(self.g1.group_id)
         if hasattr(self, 'g2'):
             ReposGroupModel().delete(self.g2.group_id)
         if hasattr(self, 'ug1'):
             UsersGroupModel().delete(self.ug1, force=True)
         Session.commit()
     def test_default_perms_set(self):
         u1_auth = AuthUser(user_id=self.u1.user_id)
         perms = {
             'repositories_groups': {},
             'global': set([u'hg.create.repository', u'repository.read',
                            u'hg.register.manual_activate']),
             'repositories': {u'vcs_test_hg': u'repository.read'}
+        }
         self.assertEqual(u1_auth.permissions['repositories'][HG_REPO],
                          perms['repositories'][HG_REPO])
         new_perm = 'repository.write'
         RepoModel().grant_user_permission(repo=HG_REPO, user=self.u1, perm=new_perm)
         Session.commit()
         u1_auth = AuthUser(user_id=self.u1.user_id)
         self.assertEqual(u1_auth.permissions['repositories'][HG_REPO], new_perm)
     def test_default_admin_perms_set(self):
         a1_auth = AuthUser(user_id=self.a1.user_id)
         perms = {
             'repositories_groups': {},
             'global': set([u'hg.admin']),
             'repositories': {u'vcs_test_hg': u'repository.admin'}
+        }
         self.assertEqual(a1_auth.permissions['repositories'][HG_REPO],
                          perms['repositories'][HG_REPO])
         new_perm = 'repository.write'
         RepoModel().grant_user_permission(repo=HG_REPO, user=self.a1, perm=new_perm)
         Session.commit()
         # cannot really downgrade admins permissions !? they still get's set as
         # admin !
         u1_auth = AuthUser(user_id=self.a1.user_id)
         self.assertEqual(u1_auth.permissions['repositories'][HG_REPO],
                          perms['repositories'][HG_REPO])
     def test_default_group_perms(self):
         self.g1 = _make_group('test1', skip_if_exists=True)
         self.g2 = _make_group('test2', skip_if_exists=True)
         u1_auth = AuthUser(user_id=self.u1.user_id)
         perms = {
             'repositories_groups': {u'test1': 'group.read', u'test2': 'group.read'},
             'global': set([u'hg.create.repository', u'repository.read', u'hg.register.manual_activate']),
             'repositories': {u'vcs_test_hg': u'repository.read'}
+        }
         self.assertEqual(u1_auth.permissions['repositories'][HG_REPO],
                          perms['repositories'][HG_REPO])
         self.assertEqual(u1_auth.permissions['repositories_groups'],
                          perms['repositories_groups'])
     def test_default_admin_group_perms(self):
         self.g1 = _make_group('test1', skip_if_exists=True)
         self.g2 = _make_group('test2', skip_if_exists=True)
         a1_auth = AuthUser(user_id=self.a1.user_id)
         perms = {
             'repositories_groups': {u'test1': 'group.admin', u'test2': 'group.admin'},
             'global': set(['hg.admin']),
             'repositories': {u'vcs_test_hg': 'repository.admin'}
+        }
         self.assertEqual(a1_auth.permissions['repositories'][HG_REPO],
                          perms['repositories'][HG_REPO])
         self.assertEqual(a1_auth.permissions['repositories_groups'],
                          perms['repositories_groups'])
     def test_propagated_permission_from_users_group(self):
         # make group
         self.ug1 = UsersGroupModel().create('G1')
         # add user to group
         UsersGroupModel().add_user_to_group(self.ug1, self.u1)
         # set permission to lower
         new_perm = 'repository.none'
         RepoModel().grant_user_permission(repo=HG_REPO, user=self.u1, perm=new_perm)
         Session.commit()
         u1_auth = AuthUser(user_id=self.u1.user_id)
         self.assertEqual(u1_auth.permissions['repositories'][HG_REPO],
                          new_perm)
         # grant perm for group this should override permission from user
         new_perm = 'repository.write'
         RepoModel().grant_users_group_permission(repo=HG_REPO,
                                                  group_name=self.ug1,
                                                  perm=new_perm)
         # check perms
         u1_auth = AuthUser(user_id=self.u1.user_id)
         perms = {
             'repositories_groups': {},
             'global': set([u'hg.create.repository', u'repository.read',
                            u'hg.register.manual_activate']),
             'repositories': {u'vcs_test_hg': u'repository.read'}
+        }
         self.assertEqual(u1_auth.permissions['repositories'][HG_REPO],
                          new_perm)
         self.assertEqual(u1_auth.permissions['repositories_groups'],
                          perms['repositories_groups'])
     def test_propagated_permission_from_users_group_lower_weight(self):
         # make group
         self.ug1 = UsersGroupModel().create('G1')
         # add user to group
         UsersGroupModel().add_user_to_group(self.ug1, self.u1)
         # set permission to lower
         new_perm_h = 'repository.write'
         RepoModel().grant_user_permission(repo=HG_REPO, user=self.u1,
                                           perm=new_perm_h)
         Session.commit()
         u1_auth = AuthUser(user_id=self.u1.user_id)
         self.assertEqual(u1_auth.permissions['repositories'][HG_REPO],
                          new_perm_h)
         # grant perm for group this should NOT override permission from user
         # since it's lower than granted
         new_perm_l = 'repository.read'
         RepoModel().grant_users_group_permission(repo=HG_REPO,
                                                  group_name=self.ug1,
                                                  perm=new_perm_l)
         # check perms
         u1_auth = AuthUser(user_id=self.u1.user_id)
         perms = {
             'repositories_groups': {},
             'global': set([u'hg.create.repository', u'repository.read',
                            u'hg.register.manual_activate']),
             'repositories': {u'vcs_test_hg': u'repository.write'}
+        }
         self.assertEqual(u1_auth.permissions['repositories'][HG_REPO],
                          new_perm_h)
         self.assertEqual(u1_auth.permissions['repositories_groups'],
                          perms['repositories_groups'])

test.ini

➞

Show inline comments

@@ @@ -44,109 +44,109 @@ use = egg:rhodecode @@
 full_stack = true
 static_files = true
 lang=en
 cache_dir = /tmp/data
 index_dir = /tmp/index
 app_instance_uuid = develop-test
 cut_off_limit = 256000
 force_https = false
 commit_parse_limit = 25
 use_gravatar = true
 container_auth_enabled = false
 proxypass_auth_enabled = false
 ####################################
 ###        CELERY CONFIG        ####
 ####################################
 use_celery = false
 broker.host = localhost
 broker.vhost = rabbitmqhost
 broker.port = 5672
 broker.user = rabbitmq
 broker.password = qweqwe
 celery.imports = rhodecode.lib.celerylib.tasks
 celery.result.backend = amqp
 celery.result.dburi = amqp://
 celery.result.serialier = json
 #celery.send.task.error.emails = true
 #celery.amqp.task.result.expires = 18000
 celeryd.concurrency = 2
 #celeryd.log.file = celeryd.log
 celeryd.log.level = debug
 celeryd.max.tasks.per.child = 1
 #tasks will never be sent to the queue, but executed locally instead.
 celery.always.eager = false
 ####################################
 ###         BEAKER CACHE        ####
 ####################################
 beaker.cache.data_dir=/tmp/data/cache/data
 beaker.cache.lock_dir=/tmp/data/cache/lock
 beaker.cache.regions=super_short_term,short_term,long_term,sql_cache_short,sql_cache_med,sql_cache_long
 beaker.cache.super_short_term.type=memory
-beaker.cache.super_short_term.expire=10
+beaker.cache.super_short_term.expire=1
 beaker.cache.super_short_term.key_length = 256
 beaker.cache.short_term.type=memory
 beaker.cache.short_term.expire=60
 beaker.cache.short_term.key_length = 256
 beaker.cache.long_term.type=memory
 beaker.cache.long_term.expire=36000
 beaker.cache.long_term.key_length = 256
 beaker.cache.sql_cache_short.type=memory
-beaker.cache.sql_cache_short.expire=10
+beaker.cache.sql_cache_short.expire=1
 beaker.cache.sql_cache_short.key_length = 256
 beaker.cache.sql_cache_med.type=memory
 beaker.cache.sql_cache_med.expire=360
 beaker.cache.sql_cache_med.key_length = 256
 beaker.cache.sql_cache_long.type=file
 beaker.cache.sql_cache_long.expire=3600
 beaker.cache.sql_cache_long.key_length = 256
 ####################################
 ###       BEAKER SESSION        ####
 ####################################
 ## Type of storage used for the session, current types are
 ## dbm, file, memcached, database, and memory.
 ## The storage uses the Container API
 ##that is also used by the cache system.
 beaker.session.type = file
 beaker.session.key = rhodecode
 beaker.session.secret = g654dcno0-9873jhgfreyu
 beaker.session.timeout = 36000
 ##auto save the session to not to use .save()
 beaker.session.auto = False
 ##true exire at browser close
 #beaker.session.cookie_expires = 3600
 ################################################################################
 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT*  ##
 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to  ##
 ## execute malicious code after an exception is raised.                       ##
 ################################################################################
 #set debug = false
 ##################################
 ###       LOGVIEW CONFIG       ###
 ##################################
 logview.sqlalchemy = #faa
 logview.pylons.templating = #bfb
 logview.pylons.util = #eee
 #########################################################
 ### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG    ###
 #########################################################
 sqlalchemy.db1.url = sqlite:///%(here)s/test.db

0 comments (0 inline, 0 general)