@@ -17,25 +17,24 @@
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
import logging
import traceback
import formencode
from operator import itemgetter
from formencode import htmlfill
from paste.httpexceptions import HTTPInternalServerError
from pylons import request, response, session, tmpl_context as c, url
from pylons.controllers.util import abort, redirect
from pylons.i18n.translation import _
from rhodecode.lib import helpers as h
from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator, \
HasPermissionAnyDecorator
from rhodecode.lib.base import BaseController, render
from rhodecode.lib.utils import invalidate_cache, action_logger, repo_name_slug
@@ -83,66 +82,43 @@ class ReposController(BaseController):
repo = db_repo.scm_instance
if c.repo_info is None:
h.flash(_('%s repository is not mapped to db perhaps'
' it was created or renamed from the filesystem'
' please run the application again'
' in order to rescan repositories') % repo_name,
category='error')
return redirect(url('repos'))
c.default_user_id = User.get_by_username('default').user_id
c.in_public_journal = self.sa.query(UserFollowing)\
c.in_public_journal = UserFollowing.query()\
.filter(UserFollowing.user_id == c.default_user_id)\
.filter(UserFollowing.follows_repository == c.repo_info).scalar()
if c.repo_info.stats:
last_rev = c.repo_info.stats.stat_on_revision
else:
last_rev = 0
c.stats_revision = last_rev
c.repo_last_rev = repo.count() - 1 if repo.revisions else 0
if last_rev == 0 or c.repo_last_rev == 0:
c.stats_percentage = 0
c.stats_percentage = '%.2f' % ((float((last_rev)) /
c.repo_last_rev) * 100)
defaults = c.repo_info.get_dict()
group, repo_name = c.repo_info.groups_and_repo
defaults['repo_name'] = repo_name
defaults['repo_group'] = getattr(group[-1] if group else None,
'group_id', None)
#fill owner
if c.repo_info.user:
defaults.update({'user': c.repo_info.user.username})
replacement_user = self.sa.query(User)\
.filter(User.admin == True).first().username
defaults.update({'user': replacement_user})
#fill repository users
for p in c.repo_info.repo_to_perm:
defaults.update({'u_perm_%s' % p.user.username:
p.permission.permission_name})
#fill repository groups
for p in c.repo_info.users_group_to_perm:
defaults.update({'g_perm_%s' % p.users_group.users_group_name:
defaults = RepoModel()._get_defaults(repo_name)
return defaults
@HasPermissionAllDecorator('hg.admin')
def index(self, format='html'):
"""GET /repos: All items in the collection"""
# url('repos')
c.repos_list = ScmModel().get_repos(Repository.query()
.order_by(Repository.repo_name)
.all(), sort_key='name_sort')
return render('admin/repos/repos.html')
from rhodecode.controllers.api import JSONRPCController, JSONRPCError
from rhodecode.lib.auth import HasPermissionAllDecorator, HasPermissionAnyDecorator
from rhodecode.lib.auth import HasPermissionAllDecorator, \
from rhodecode.model.scm import ScmModel
from rhodecode.model.db import User, UsersGroup, Group, Repository
from rhodecode.model.repo import RepoModel
from rhodecode.model.user import UserModel
from rhodecode.model.repo_permission import RepositoryPermissionModel
from rhodecode.model.users_group import UsersGroupModel
from rhodecode.model import users_group
from rhodecode.model.repos_group import ReposGroupModel
from sqlalchemy.orm.exc import NoResultFound
log = logging.getLogger(__name__)
@@ -288,26 +289,26 @@ class ApiController(JSONRPCController):
:param apiuser
"""
result = []
for repository in Repository.getAll():
result.append(dict(id = repository.repo_id,
name = repository.repo_name,
type = repository.repo_type,
description = repository.description))
return result
@HasPermissionAnyDecorator('hg.admin', 'hg.create.repository')
def create_repo(self, apiuser, name, owner_name, description = '', repo_type = 'hg', \
private = False):
def create_repo(self, apiuser, name, owner_name, description='',
repo_type='hg', private=False):
Create a repository
:param name
:param description
:param type
:param private
:param owner_name
try:
@@ -355,18 +356,19 @@ class ApiController(JSONRPCController):
repo = Repository.get_by_repo_name(repo_name)
except NoResultFound:
raise JSONRPCError('unknown repository %s' % repo)
user = User.get_by_username(user_name)
raise JSONRPCError('unknown user %s' % user)
RepositoryPermissionModel().update_or_delete_user_permission(repo, user, perm)
RepositoryPermissionModel()\
.update_or_delete_user_permission(repo, user, perm)
except Exception:
log.error(traceback.format_exc())
raise JSONRPCError('failed to edit permission %(repo)s for %(user)s'
% dict(user = user_name, repo = repo_name))
@@ -33,91 +33,85 @@ from pylons import tmpl_context as c, re
from pylons.controllers.util import redirect
import rhodecode.lib.helpers as h
from rhodecode.lib.auth import LoginRequired, HasRepoPermissionAllDecorator, \
HasRepoPermissionAnyDecorator, NotAnonymous
from rhodecode.lib.base import BaseRepoController, render
from rhodecode.lib.utils import invalidate_cache, action_logger
from rhodecode.model.forms import RepoSettingsForm, RepoForkForm
from rhodecode.model.db import User
from rhodecode.model.db import Group
class SettingsController(BaseRepoController):
@LoginRequired()
def __before__(self):
super(SettingsController, self).__before__()
def __load_defaults(self):
c.repo_groups = Group.groups_choices()
c.repo_groups_choices = map(lambda k: unicode(k[0]), c.repo_groups)
repo_model = RepoModel()
c.users_array = repo_model.get_users_js()
c.users_groups_array = repo_model.get_users_groups_js()
@HasRepoPermissionAllDecorator('repository.admin')
def index(self, repo_name):
c.repo_info = repo = repo_model.get_by_repo_name(repo_name)
if not repo:
' it was created or renamed from the file system'
return redirect(url('home'))
self.__load_defaults()
return htmlfill.render(
render('settings/repo_settings.html'),
defaults=defaults,
encoding="UTF-8",
force_defaults=False
)
def update(self, repo_name):
changed_name = repo_name
_form = RepoSettingsForm(edit=True,
old_data={'repo_name': repo_name})()
old_data={'repo_name': repo_name},
repo_groups=c.repo_groups_choices)()
form_result = _form.to_python(dict(request.POST))
repo_model.update(repo_name, form_result)
invalidate_cache('get_repo_cached_%s' % repo_name)
h.flash(_('Repository %s updated successfully' % repo_name),
category='success')
changed_name = form_result['repo_name']
changed_name = form_result['repo_name_full']
action_logger(self.rhodecode_user, 'user_updated_repo',
changed_name, '', self.sa)
except formencode.Invalid, errors:
c.repo_info = repo_model.get_by_repo_name(repo_name)
errors.value.update({'user': c.repo_info.user.username})
defaults=errors.value,
errors=errors.error_dict or {},
prefix_error=False,
encoding="UTF-8")
@@ -21,29 +21,26 @@
import os
import datetime
from datetime import date
from sqlalchemy import *
from sqlalchemy.exc import DatabaseError
from sqlalchemy.ext.hybrid import hybrid_property
from sqlalchemy.orm import relationship, backref, joinedload, class_mapper, \
validates
from sqlalchemy.orm.interfaces import MapperExtension
from sqlalchemy.orm import relationship, joinedload, class_mapper, validates
from beaker.cache import cache_region, region_invalidate
from vcs import get_backend
from vcs.utils.helpers import get_scm
from vcs.exceptions import VCSError
from vcs.utils.lazy import LazyProperty
from rhodecode.lib import str2bool, safe_str, get_changeset_safe, \
generate_api_key, safe_unicode
from rhodecode.lib.exceptions import UsersGroupsAssignedException
from rhodecode.lib.compat import json
@@ -119,24 +116,25 @@ class BaseModel(object):
"""populate model with data from given populate_dict"""
for k in self._get_keys():
if k in populate_dict:
setattr(self, k, populate_dict[k])
@classmethod
def query(cls):
return Session.query(cls)
def get(cls, id_):
if id_:
return cls.query().get(id_)
def getAll(cls):
return cls.query().all()
def delete(cls, id_):
obj = cls.query().get(id_)
Session.delete(obj)
Session.commit()
@@ -818,26 +816,25 @@ class Group(Base, BaseModel):
return groups
@property
def children(self):
return Group.query().filter(Group.parent_group == self)
def name(self):
return self.group_name.split(Group.url_sep())[-1]
def full_path(self):
return Group.url_sep().join([g.group_name for g in self.parents] +
[self.group_name])
return self.group_name
def full_path_splitted(self):
return self.group_name.split(Group.url_sep())
def repositories(self):
return Repository.query().filter(Repository.group == self)
def repositories_recursive_count(self):
cnt = self.repositories.count()
@@ -849,25 +846,26 @@ class Group(Base, BaseModel):
cnt += children_count(child)
return cnt
return cnt + children_count(self)
def get_new_name(self, group_name):
returns new full group name based on parent and new name
:param group_name:
path_prefix = self.parent_group.full_path_splitted if self.parent_group else []
path_prefix = (self.parent_group.full_path_splitted if
self.parent_group else [])
return Group.url_sep().join(path_prefix + [group_name])
class Permission(Base, BaseModel):
__tablename__ = 'permissions'
__table_args__ = {'extend_existing':True}
permission_id = Column("permission_id", Integer(), nullable = False, unique = True, default = None, primary_key = True)
permission_name = Column("permission_name", String(length = 255, convert_unicode = False, assert_unicode = None), nullable = True, unique = None, default = None)
permission_longname = Column("permission_longname", String(length = 255, convert_unicode = False, assert_unicode = None), nullable = True, unique = None, default = None)
def __repr__(self):
return "<%s('%s:%s')>" % (self.__class__.__name__,
@@ -1059,12 +1057,13 @@ class CacheInvalidation(Base, BaseModel)
self.cache_active = False
self.cache_id, self.cache_key)
class DbMigrateVersion(Base, BaseModel):
__tablename__ = 'db_migrate_version'
repository_id = Column('repository_id', String(250), primary_key = True)
repository_path = Column('repository_path', Text)
version = Column('version', Integer)
@@ -187,26 +187,26 @@ class ValidPasswordsMatch(formencode.val
def validate_python(self, value, state):
if value['password'] != value['password_confirmation']:
e_dict = {'password_confirmation':
_('Passwords do not match')}
raise formencode.Invalid('', value, state, error_dict=e_dict)
class ValidAuth(formencode.validators.FancyValidator):
messages = {
'invalid_password':_('invalid password'),
'invalid_login':_('invalid user name'),
'disabled_account':_('Your account is disabled')
}
#error mapping
e_dict = {'username':messages['invalid_login'],
'password':messages['invalid_password']}
e_dict_disable = {'username':messages['disabled_account']}
password = value['password']
username = value['username']
user = User.get_by_username(username)
if authenticate(username, password):
return value
@@ -244,24 +244,25 @@ def ValidRepoName(edit, old_data):
if slug in [ADMIN_PREFIX, '']:
e_dict = {'repo_name': _('This repository name is disallowed')}
if value.get('repo_group'):
gr = Group.get(value.get('repo_group'))
group_path = gr.full_path
# value needs to be aware of group name in order to check
# db key This is an actual just the name to store in the
# database
repo_name_full = group_path + Group.url_sep() + repo_name
group_path = ''
repo_name_full = repo_name
value['repo_name_full'] = repo_name_full
rename = old_data.get('repo_name') != repo_name_full
create = not edit
if rename or create:
if group_path != '':
if RepoModel().get_by_repo_name(repo_name_full,):
@@ -607,34 +608,37 @@ def RepoForkForm(edit=False, old_data={}
allow_extra_fields = True
filter_extra_fields = False
fork_name = All(UnicodeString(strip=True, min=1, not_empty=True),
SlugifyName())
description = UnicodeString(strip=True, min=1, not_empty=True)
private = StringBoolean(if_missing=False)
repo_type = All(ValidForkType(old_data), OneOf(supported_backends))
chained_validators = [ValidForkName()]
return _RepoForkForm
def RepoSettingsForm(edit=False, old_data={}):
def RepoSettingsForm(edit=False, old_data={}, supported_backends=BACKENDS.keys(),
repo_groups=[]):
class _RepoForm(formencode.Schema):
repo_name = All(UnicodeString(strip=True, min=1, not_empty=True),
repo_group = OneOf(repo_groups, hideList=True)
chained_validators = [ValidRepoName(edit, old_data), ValidPerms, ValidSettings]
chained_validators = [ValidRepoName(edit, old_data), ValidPerms,
ValidSettings]
return _RepoForm
def ApplicationSettingsForm():
class _ApplicationSettingsForm(formencode.Schema):
rhodecode_title = UnicodeString(strip=True, min=1, not_empty=True)
rhodecode_realm = UnicodeString(strip=True, min=1, not_empty=True)
rhodecode_ga_code = UnicodeString(strip=True, min=1, not_empty=False)
return _ApplicationSettingsForm
@@ -85,24 +85,64 @@ class RepoModel(BaseModel):
def get_users_groups_js(self):
users_groups = self.sa.query(UsersGroup)\
.filter(UsersGroup.users_group_active == True).all()
g_tmpl = '''{id:%s, grname:"%s",grmembers:"%s"},'''
users_groups_array = '[%s]' % '\n'.join([g_tmpl % \
(gr.users_group_id, gr.users_group_name,
len(gr.members))
for gr in users_groups])
return users_groups_array
def _get_defaults(self, repo_name):
Get's information about repository, and returns a dict for
usage in forms
:param repo_name:
repo_info = Repository.get_by_repo_name(repo_name)
if repo_info is None:
return None
defaults = repo_info.get_dict()
group, repo_name = repo_info.groups_and_repo
# fill owner
if repo_info.user:
defaults.update({'user': repo_info.user.username})
replacement_user = User.query().filter(User.admin ==
True).first().username
# fill repository users
for p in repo_info.repo_to_perm:
# fill repository groups
for p in repo_info.users_group_to_perm:
def update(self, repo_name, form_data):
cur_repo = self.get_by_repo_name(repo_name, cache=False)
# update permissions
for member, perm, member_type in form_data['perms_updates']:
if member_type == 'user':
r2p = self.sa.query(RepoToPerm)\
.filter(RepoToPerm.user == User.get_by_username(member))\
.filter(RepoToPerm.repository == cur_repo)\
.one()
@@ -142,25 +182,25 @@ class RepoModel(BaseModel):
.filter(Permission.
permission_name == perm)\
.scalar()
self.sa.add(g2p)
# update current repo
for k, v in form_data.items():
if k == 'user':
cur_repo.user = User.get_by_username(v)
elif k == 'repo_name':
pass
elif k == 'repo_group':
cur_repo.group_id = v
cur_repo.group = Group.get(v)
setattr(cur_repo, k, v)
new_name = cur_repo.get_new_name(form_data['repo_name'])
cur_repo.repo_name = new_name
self.sa.add(cur_repo)
if repo_name != new_name:
# rename repository
self.__rename_repo(old=repo_name, new=new_name)
@@ -359,12 +399,13 @@ class RepoModel(BaseModel):
rm_path = os.path.join(self.repos_path, repo.repo_name)
log.info("Removing %s", rm_path)
#disable hg/git
alias = repo.repo_type
shutil.move(os.path.join(rm_path, '.%s' % alias),
os.path.join(rm_path, 'rm__.%s' % alias))
#disable repo
shutil.move(rm_path, os.path.join(self.repos_path, 'rm__%s__%s' \
% (datetime.today()\
.strftime('%Y%m%d_%H%M%S_%f'),
repo.repo_name)))
@@ -41,131 +41,121 @@ log = logging.getLogger(__name__)
class ReposGroupModel(BaseModel):
@LazyProperty
def repos_path(self):
Get's the repositories root path from database
q = RhodeCodeUi.get_by_key('/').one()
return q.ui_value
def __create_group(self, group_name, parent_id):
def __create_group(self, group_name):
makes repositories group on filesystem
:param parent_id:
if parent_id:
paths = Group.get(parent_id).full_path.split(Group.url_sep())
parent_path = os.sep.join(paths)
parent_path = ''
create_path = os.path.join(self.repos_path, parent_path, group_name)
create_path = os.path.join(self.repos_path, group_name)
log.debug('creating new group in %s', create_path)
if os.path.isdir(create_path):
raise Exception('That directory already exists !')
os.makedirs(create_path)
def __rename_group(self, old, old_parent_id, new, new_parent_id):
def __rename_group(self, old, new):
Renames a group on filesystem
if old == new:
log.debug('skipping group rename')
return
log.debug('renaming repos group from %s to %s', old, new)
if new_parent_id:
paths = Group.get(new_parent_id).full_path.split(Group.url_sep())
new_parent_path = os.sep.join(paths)
new_parent_path = ''
if old_parent_id:
paths = Group.get(old_parent_id).full_path.split(Group.url_sep())
old_parent_path = os.sep.join(paths)
old_parent_path = ''
old_path = os.path.join(self.repos_path, old_parent_path, old)
new_path = os.path.join(self.repos_path, new_parent_path, new)
old_path = os.path.join(self.repos_path, old)
new_path = os.path.join(self.repos_path, new)
log.debug('renaming repos paths from %s to %s', old_path, new_path)
if os.path.isdir(new_path):
raise Exception('Was trying to rename to already '
'existing dir %s' % new_path)
shutil.move(old_path, new_path)
def __delete_group(self, group):
Deletes a group from a filesystem
:param group: instance of group from database
paths = group.full_path.split(Group.url_sep())
paths = os.sep.join(paths)
rm_path = os.path.join(self.repos_path, paths)
if os.path.isdir(rm_path):
# delete only if that path really exists
os.rmdir(rm_path)
def create(self, form_data):
new_repos_group = Group()
new_repos_group.group_name = form_data['group_name']
new_repos_group.group_description = \
form_data['group_description']
new_repos_group.group_parent_id = form_data['group_parent_id']
new_repos_group.group_description = form_data['group_description']
new_repos_group.parent_group = Group.get(form_data['group_parent_id'])
new_repos_group.group_name = new_repos_group.get_new_name(form_data['group_name'])
self.sa.add(new_repos_group)
self.__create_group(form_data['group_name'],
form_data['group_parent_id'])
self.__create_group(new_repos_group.group_name)
self.sa.commit()
return new_repos_group
except:
self.sa.rollback()
raise
def update(self, repos_group_id, form_data):
repos_group = Group.get(repos_group_id)
old_name = repos_group.group_name
old_parent_id = repos_group.group_parent_id
old_path = repos_group.full_path
repos_group.group_name = form_data['group_name']
repos_group.group_description = \
repos_group.group_parent_id = form_data['group_parent_id']
# change properties
repos_group.group_description = form_data['group_description']
repos_group.parent_group = Group.get(form_data['group_parent_id'])
repos_group.group_name = repos_group.get_new_name(form_data['group_name'])
new_path = repos_group.full_path
self.sa.add(repos_group)
if old_name != form_data['group_name'] or (old_parent_id !=
form_data['group_parent_id']):
self.__rename_group(old = old_name, old_parent_id = old_parent_id,
new = form_data['group_name'],
new_parent_id = form_data['group_parent_id'])
self.__rename_group(old_path, new_path)
# we need to get all repositories from this new group and
# rename them accordingly to new group path
for r in repos_group.repositories:
r.repo_name = r.get_new_name(r.just_name)
self.sa.add(r)
return repos_group
def delete(self, users_group_id):
users_group = Group.get(users_group_id)
self.sa.delete(users_group)
self.__delete_group(users_group)
@@ -87,24 +87,25 @@ class UserModel(BaseModel):
self.sa.add(new_user)
return new_user
def create_ldap(self, username, password, user_dn, attrs):
Checks if user is in database, if not creates this user marked
as ldap user
:param username:
:param password:
:param user_dn:
:param attrs:
from rhodecode.lib.auth import get_crypt_password
log.debug('Checking for such ldap account in RhodeCode database')
if self.get_by_username(username, case_insensitive = True) is None:
new_user = User()
# add ldap account always lowercase
new_user.username = username.lower()
@@ -377,12 +378,13 @@ class UserModel(BaseModel):
for perm in user_repo_perms_from_users_groups:
p = perm.Permission.permission_name
cur_perm = user.permissions['repositories'][perm.
UsersGroupRepoToPerm.
repository.repo_name]
#overwrite permission only if it's greater than permission
# given from other sources
if PERM_WEIGHTS[p] > PERM_WEIGHTS[cur_perm]:
user.permissions['repositories'][perm.UsersGroupRepoToPerm.
repository.repo_name] = p
return user
@@ -25,25 +25,32 @@
${h.form(url('repo_settings_update', repo_name=c.repo_info.repo_name),method='put')}
<div class="form">
<!-- fields -->
<div class="fields">
<div class="field">
<div class="label">
<label for="repo_name">${_('Name')}:</label>
</div>
<div class="input input-medium">
${h.text('repo_name',class_="small")}
<label for="repo_group">${_('Repository group')}:</label>
<div class="input">
${h.select('repo_group','',c.repo_groups,class_="medium")}
<div class="label label-textarea">
<label for="description">${_('Description')}:</label>
<div class="textarea text-area editor">
${h.textarea('description',cols=23,rows=5)}
<div class="label label-checkbox">
<label for="private">${_('Private')}:</label>
@@ -68,18 +68,16 @@ class TestController(TestCase):
password=TEST_USER_ADMIN_PASS):
response = self.app.post(url(controller='login', action='index'),
{'username':username,
'password':password})
if 'invalid user name' in response.body:
self.fail('could not login using %s %s' % (username, password))
self.assertEqual(response.status, '302 Found')
self.assertEqual(response.session['rhodecode_user'].username, username)
return response.follow()
def checkSessionFlash(self, response, msg):
self.assertTrue('flash' in response.session)
self.assertTrue(msg in response.session['flash'][0][1])
Status change: