#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

kallithea.controllers.files

~~~~~~~~~~~~~~~~~~~~~~~~~~~

Files controller for Kallithea

This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: Apr 21, 2010

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

import logging

import os

import posixpath

import shutil

import tempfile

import traceback

from collections import OrderedDict

from tg import request, response

from tg import tmpl_context as c

from tg.i18n import ugettext as _

from webob.exc import HTTPFound, HTTPNotFound

import kallithea

from kallithea.lib import diffs

from kallithea.lib import helpers as h

from kallithea.lib.auth import HasRepoPermissionLevelDecorator, LoginRequired

from kallithea.lib.base import BaseRepoController, jsonify, render

from kallithea.lib.exceptions import NonRelativePathError

from kallithea.lib.utils import action_logger

from kallithea.lib.utils2 import asbool, convert_line_endings, detect_mode, safe_str

from kallithea.lib.vcs.backends.base import EmptyChangeset

from kallithea.lib.vcs.conf import settings

from kallithea.lib.vcs.exceptions import (ChangesetDoesNotExistError, ChangesetError, EmptyRepositoryError, ImproperArchiveTypeError, NodeAlreadyExistsError,

                                          NodeDoesNotExistError, NodeError, RepositoryError, VCSError)

from kallithea.lib.vcs.nodes import FileNode

from kallithea.lib.webutils import url

from kallithea.model.repo import RepoModel

from kallithea.model.scm import ScmModel

log = logging.getLogger(__name__)

class FilesController(BaseRepoController):

    def _before(self, *args, **kwargs):

        super(FilesController, self)._before(*args, **kwargs)

    def __get_cs(self, rev, silent_empty=False):

        """

        Safe way to get changeset if error occur it redirects to tip with

        proper message

        :param rev: revision to fetch

        :silent_empty: return None if repository is empty

        """

        try:

            return c.db_repo_scm_instance.get_changeset(rev)

        except EmptyRepositoryError as e:

            if silent_empty:

                return None

            url_ = url('files_add_home',

                       repo_name=c.repo_name,

                       revision=0, f_path='', anchor='edit')

            add_new = h.link_to(_('Click here to add new file'), url_, class_="alert-link")

            h.flash(_('There are no files yet.') + ' ' + add_new, category='warning')

            raise HTTPNotFound()

        except (ChangesetDoesNotExistError, LookupError):

            msg = _('Such revision does not exist for this repository')

            h.flash(msg, category='error')

            raise HTTPNotFound()

        except RepositoryError as e:

            h.flash(e, category='error')

            raise HTTPNotFound()

    def __get_filenode(self, cs, path):

        """

        Returns file_node or raise HTTP error.

        :param cs: given changeset

        :param path: path to lookup

        """

        c.revision = revision

        c.changeset = self.__get_cs(revision)

        c.branch = request.GET.get('branch', None)

        c.f_path = f_path

        c.annotate = annotate

        cur_rev = c.changeset.revision

        # used in files_source.html:

        c.cut_off_limit = self.cut_off_limit

        c.fulldiff = request.GET.get('fulldiff')

        # prev link

        try:

            prev_rev = c.db_repo_scm_instance.get_changeset(cur_rev).prev(c.branch)

            c.url_prev = url('files_home', repo_name=c.repo_name,

                         revision=prev_rev.raw_id, f_path=f_path)

            if c.branch:

                c.url_prev += '?branch=%s' % c.branch

        except (ChangesetDoesNotExistError, VCSError):

            c.url_prev = '#'

        # next link

        try:

            next_rev = c.db_repo_scm_instance.get_changeset(cur_rev).next(c.branch)

            c.url_next = url('files_home', repo_name=c.repo_name,

                     revision=next_rev.raw_id, f_path=f_path)

            if c.branch:

                c.url_next += '?branch=%s' % c.branch

        except (ChangesetDoesNotExistError, VCSError):

            c.url_next = '#'

        # files or dirs

        try:

            c.file = c.changeset.get_node(f_path)

            if c.file.is_submodule():

                raise HTTPFound(location=c.file.url)

            elif c.file.is_file():

                c.load_full_history = False

                # determine if we're on branch head

                _branches = c.db_repo_scm_instance.branches

                c.on_branch_head = revision in _branches or revision in _branches.values()

                _hist = []

                c.file_history = []

                if c.load_full_history:

                    c.file_history, _hist = self._get_node_history(c.changeset, f_path)

                c.authors = []

                for a in set([x.author for x in _hist]):

            else:

                c.authors = c.file_history = []

        except RepositoryError as e:

            h.flash(e, category='error')

            raise HTTPNotFound()

        if request.environ.get('HTTP_X_PARTIAL_XHR'):

            return render('files/files_ypjax.html')

        # TODO: tags and bookmarks?

        c.revision_options = [(c.changeset.raw_id,

                              _('%s at %s') % (b, h.short_id(c.changeset.raw_id))) for b in c.changeset.branches] + \

            [(n, b) for b, n in c.db_repo_scm_instance.branches.items()]

        if c.db_repo_scm_instance.closed_branches:

            prefix = _('(closed)') + ' '

            c.revision_options += [('-', '-')] + \

                [(n, prefix + b) for b, n in c.db_repo_scm_instance.closed_branches.items()]

        return render('files/files.html')

    @LoginRequired(allow_default_user=True)

    @HasRepoPermissionLevelDecorator('read')

    @jsonify

    def history(self, repo_name, revision, f_path):

        changeset = self.__get_cs(revision)

        _file = changeset.get_node(f_path)

        if _file.is_file():

            file_history, _hist = self._get_node_history(changeset, f_path)

            res = []

            for obj in file_history:

                res.append({

                    'text': obj[1],

                    'children': [{'id': o[0], 'text': o[1]} for o in obj[0]]

                })

            data = {

                'more': False,

                'results': res

            }

            return data

    @LoginRequired(allow_default_user=True)

    @HasRepoPermissionLevelDecorator('read')

    def authors(self, repo_name, revision, f_path):

        changeset = self.__get_cs(revision)

        _file = changeset.get_node(f_path)

        if _file.is_file():

            file_history, _hist = self._get_node_history(changeset, f_path)

            c.authors = []

            for a in set([x.author for x in _hist]):

            return render('files/files_history_box.html')

    @LoginRequired(allow_default_user=True)

    @HasRepoPermissionLevelDecorator('read')

    def rawfile(self, repo_name, revision, f_path):

        cs = self.__get_cs(revision)

        file_node = self.__get_filenode(cs, f_path)

        response.content_disposition = \

            'attachment; filename=%s' % f_path.split(kallithea.URL_SEP)[-1]

        response.content_type = file_node.mimetype

        return file_node.content

    @LoginRequired(allow_default_user=True)

    @HasRepoPermissionLevelDecorator('read')

    def raw(self, repo_name, revision, f_path):

        cs = self.__get_cs(revision)

        file_node = self.__get_filenode(cs, f_path)

        raw_mimetype_mapping = {

            # map original mimetype to a mimetype used for "show as raw"

            # you can also provide a content-disposition to override the

            # default "attachment" disposition.

            # orig_type: (new_type, new_dispo)

            # show images inline:

            'image/x-icon': ('image/x-icon', 'inline'),

            'image/png': ('image/png', 'inline'),

            'image/gif': ('image/gif', 'inline'),

            'image/jpeg': ('image/jpeg', 'inline'),

            'image/svg+xml': ('image/svg+xml', 'inline'),

        }

        mimetype = file_node.mimetype

        try:

            mimetype, dispo = raw_mimetype_mapping[mimetype]

        except KeyError:

            # we don't know anything special about this, handle it safely

            if file_node.is_binary:

                # do same as download raw for binary files

                mimetype, dispo = 'application/octet-stream', 'attachment'

            else:

                # do not just use the original mimetype, but force text/plain,

                # otherwise it would serve text/html and that might be unsafe.

                # Note: underlying vcs library fakes text/plain mimetype if the

                # mimetype can not be determined and it thinks it is not

                # binary.This might lead to erroneous text display in some

        session[key] = flash_messages

    if append is not None and append not in flash_messages:

        flash_messages.append(append)

    if clear:

        session.pop(key, None)

    session.save()

    return flash_messages

def flash(message, category, logf=None):

    """

    Show a message to the user _and_ log it through the specified function

    category: notice (default), warning, error, success

    logf: a custom log function - such as log.debug

    logf defaults to log.info, unless category equals 'success', in which

    case logf defaults to log.debug.

    """

    assert category in ('error', 'success', 'warning'), category

    if hasattr(message, '__html__'):

        # render to HTML for storing in cookie

        safe_message = str(message)

    else:

        # Apply str - the message might be an exception with __str__

        # Escape, so we can trust the result without further escaping, without any risk of injection

        safe_message = html_escape(str(message))

    if logf is None:

        logf = log.info

        if category == 'success':

            logf = log.debug

    logf('Flash %s: %s', category, safe_message)

    _session_flash_messages(append=(category, safe_message))

def pop_flash_messages():

    """Return all accumulated messages and delete them from the session.

    The return value is a list of ``Message`` objects.

    """

    return [_Message(category, message) for category, message in _session_flash_messages(clear=True)]

def capitalize(x):

    return x.capitalize()

def short_id(x):

    return x[:12]

def hide_credentials(x):

    return ''.join(credentials_filter(x))

def show_id(cs):

    """

    Configurable function that shows ID

    by default it's r123:fffeeefffeee

    :param cs: changeset instance

    """

    def_len = safe_int(kallithea.CONFIG.get('show_sha_length', 12))

    show_rev = asbool(kallithea.CONFIG.get('show_revision_number', False))

    raw_id = cs.raw_id[:def_len]

    if show_rev:

        return 'r%s:%s' % (cs.revision, raw_id)

    else:

        return raw_id

def fmt_date(date):

    if date:

        return date.strftime("%Y-%m-%d %H:%M:%S")

    return ""

def is_git(repository):

    if hasattr(repository, 'alias'):

        _type = repository.alias

    elif hasattr(repository, 'repo_type'):

        _type = repository.repo_type

    else:

        _type = repository

    return _type == 'git'

def is_hg(repository):

    if hasattr(repository, 'alias'):

        _type = repository.alias

    elif hasattr(repository, 'repo_type'):

        _type = repository.repo_type

    else:

        _type = repository

    return _type == 'hg'

@cache_region('long_term', 'user_attr_or_none')

def user_attr_or_none(author, show_attr):

    """Try to match email part of VCS committer string with a local user and return show_attr

    - or return None if user not found"""

    email = author_email(author)

    if email:

        user = db.User.get_by_email(email)

        if user is not None:

            return getattr(user, show_attr)

    return None

def email_or_none(author):

    """Try to match email part of VCS committer string with a local user.

    Return primary email of user, email part of the specified author name, or None."""

    if not author:

        return None

    email = user_attr_or_none(author, 'email')

    if email is not None:

        return email # always use user's main email address - not necessarily the one used to find user

    # extract email from the commit string

    email = author_email(author)

    if email:

        return email

    # No valid email, not a valid user in the system, none!

    return None

def person(author, show_attr="username"):

    """Find the user identified by 'author', return one of the users attributes,

    default to the username attribute, None if there is no user"""

    # if author is already an instance use it for extraction

    if isinstance(author, db.User):

        return getattr(author, show_attr)

    value = user_attr_or_none(author, show_attr)

    if value is not None:

        return value

    # Still nothing?  Just pass back the author name if any, else the email

def person_by_id(id_, show_attr="username"):

    # maybe it's an ID ?

    if str(id_).isdigit() or isinstance(id_, int):

        id_ = int(id_)

        user = db.User.get(id_)

        if user is not None:

            return getattr(user, show_attr)

    return id_

def boolicon(value):

    """Returns boolean value of a value, represented as small html image of true/false

    icons

    :param value: value

    """

    if value:

        return HTML.tag('i', class_="icon-ok")

    else:

        return HTML.tag('i', class_="icon-minus-circled")

def action_parser(user_log, feed=False, parse_cs=False):

    """

    This helper will action_map the specified string action into translated

    fancy names with icons and links

    :param user_log: user log instance

    :param feed: use output for feeds (no html and fancy icons)

    :param parse_cs: parse Changesets into VCS instances

    """

    action = user_log.action

    action_params = ' '

    x = action.split(':')

    if len(x) > 1:

        action, action_params = x

    def get_cs_links():

        revs_limit = 3  # display this amount always

        revs_top_limit = 50  # show upto this amount of changesets hidden

        revs_ids = action_params.split(',')

        deleted = user_log.repository is None

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""

kallithea.model.db

~~~~~~~~~~~~~~~~~~

Database Models for Kallithea

This file was forked by the Kallithea project in July 2014.

Original author and date, and relevant copyright and licensing information is below:

:created_on: Apr 08, 2010

:author: marcink

:copyright: (c) 2013 RhodeCode GmbH, and others.

:license: GPLv3, see LICENSE.md for more details.

"""

import base64

import collections

import datetime

import functools

import hashlib

import logging

import os

import time

import traceback

import ipaddr

import sqlalchemy

from sqlalchemy import Boolean, Column, DateTime, Float, ForeignKey, Index, Integer, LargeBinary, String, Unicode, UnicodeText, UniqueConstraint

from sqlalchemy.ext.hybrid import hybrid_property

from sqlalchemy.orm import class_mapper, joinedload, relationship, validates

from tg.i18n import lazy_ugettext as _

from webob.exc import HTTPNotFound

import kallithea

from kallithea.lib import ext_json, ssh

from kallithea.lib.exceptions import DefaultUserException

from kallithea.lib.utils2 import asbool, ascii_bytes, aslist, get_changeset_safe, get_clone_url, remove_prefix, safe_bytes, safe_int, safe_str, urlreadable

from kallithea.lib.vcs import get_backend

from kallithea.lib.vcs.backends.base import EmptyChangeset

from kallithea.lib.vcs.utils.helpers import get_scm

from kallithea.model import meta

log = logging.getLogger(__name__)

#==============================================================================

# BASE CLASSES

#==============================================================================

class BaseDbModel(object):

    """

    Base Model for all classes

    """

    @classmethod

    def _get_keys(cls):

        """return column names for this model """

        # Note: not a normal dict - iterator gives "users.firstname", but keys gives "firstname"

        return class_mapper(cls).c.keys()

    def get_dict(self):

        """

        return dict with keys and values corresponding

        to this model data """

        d = {}

        for k in self._get_keys():

            d[k] = getattr(self, k)

        # also use __json__() if present to get additional fields

        _json_attr = getattr(self, '__json__', None)

        if _json_attr:

            # update with attributes from __json__

            if callable(_json_attr):

                _json_attr = _json_attr()

            for k, val in _json_attr.items():

                d[k] = val

        return d

    def get_appstruct(self):

        """return list with keys and values tuples corresponding

        to this model data """

        return [

            (k, getattr(self, k))

            for k in self._get_keys()

        ]

        """

        if '@' in username_or_email:

            return User.get_by_email(username_or_email)

        else:

            return User.get_by_username(username_or_email, case_insensitive=case_insensitive)

    @classmethod

    def get_by_username(cls, username, case_insensitive=False):

        if case_insensitive:

            q = cls.query().filter(sqlalchemy.func.lower(cls.username) == sqlalchemy.func.lower(username))

        else:

            q = cls.query().filter(cls.username == username)

        return q.scalar()

    @classmethod

    def get_by_api_key(cls, api_key, fallback=True):

        if len(api_key) != 40 or not api_key.isalnum():

            return None

        q = cls.query().filter(cls.api_key == api_key)

        res = q.scalar()

        if fallback and not res:

            # fallback to additional keys

            _res = UserApiKeys.query().filter_by(api_key=api_key, is_expired=False).first()

            if _res:

                res = _res.user

        if res is None or not res.active or res.is_default_user:

            return None

        return res

    @classmethod

    def get_by_email(cls, email, cache=False):

        q = cls.query().filter(sqlalchemy.func.lower(cls.email) == sqlalchemy.func.lower(email))

        ret = q.scalar()

        if ret is None:

            q = UserEmailMap.query()

            # try fetching in alternate email map

            q = q.filter(sqlalchemy.func.lower(UserEmailMap.email) == sqlalchemy.func.lower(email))

            q = q.options(joinedload(UserEmailMap.user))

            ret = getattr(q.scalar(), 'user', None)

        return ret

    @classmethod

    def get_from_cs_author(cls, author):

        """

        Tries to get User objects out of commit author string

        """

        # Valid email in the attribute passed, see if they're in the system

        if _email:

            user = cls.get_by_email(_email)

            if user is not None:

                return user

        # Maybe we can match by username?

        _author = author_name(author)

        user = cls.get_by_username(_author, case_insensitive=True)

        if user is not None:

            return user

    def update_lastlogin(self):

        """Update user lastlogin"""

        self.last_login = datetime.datetime.now()

        log.debug('updated user %s lastlogin', self.username)

    @classmethod

    def get_first_admin(cls):

        user = User.query().filter(User.admin == True).first()

        if user is None:

            raise Exception('Missing administrative account!')

        return user

    @classmethod

    def get_default_user(cls):

        user = User.get_by_username(User.DEFAULT_USER_NAME)

        if user is None:

            raise Exception('Missing default account!')

        return user

    def get_api_data(self, details=False):

        """

        Common function for generating user related data for API

        """

        user = self

        data = dict(

            user_id=user.user_id,

            username=user.username,

            firstname=user.name,

            lastname=user.lastname,

            email=user.email,

            emails=user.emails,

            active=user.active,

            admin=user.admin,

        )

        if details:

            data.update(dict(

                extern_type=user.extern_type,

                extern_name=user.extern_name,