=========

RhodeCode

=========

About

-----

``RhodeCode`` is a fast and powerful management tool for Mercurial_ and GIT_ 

with a built in push/pull server and full text search and code-review.

It works on http/https and has a built in permission/authentication system with 

the ability to authenticate via LDAP or ActiveDirectory. RhodeCode also provides

simple API so it's easy integrable with existing external systems.

RhodeCode is similar in some respects to github_ or bitbucket_, 

however RhodeCode can be run as standalone hosted application on your own server.

It is open source and donation ware and focuses more on providing a customized, 

self administered interface for Mercurial_ and GIT_  repositories. 

RhodeCode works on *nix systems and Windows it is powered by a vcs_ library 

that Lukasz Balcerzak and Marcin Kuzminski created to handle multiple 

different version control systems.

RhodeCode uses `PEP386 versioning http://www.python.org/dev/peps/pep-0386/`_

Installation

------------

Stable releases of RhodeCode are best installed via::

    easy_install rhodecode

Or::

    pip install rhodecode 

Detailed instructions and links may be found on the Installation page.

Please visit http://packages.python.org/RhodeCode/installation.html for

more details

RhodeCode demo

--------------

http://demo.rhodecode.org

The default access is anonymous but you can login to an administrative account

using the following credentials:

- username: demo

- password: demo12

Source code

-----------

The latest sources can be obtained from official RhodeCode instance

https://secure.rhodecode.org 

MIRRORS:

Issue tracker and sources at bitbucket_

http://bitbucket.org/marcinkuzminski/rhodecode

Sources at github_

https://github.com/marcinkuzminski/rhodecode

RhodeCode Features

------------------

- Has its own middleware to handle mercurial_ protocol requests. 

  Each request can be logged and authenticated.

- Runs on threads unlike hgweb. You can make multiple pulls/pushes simultaneous.

  Supports http/https and LDAP

- Full permissions (private/read/write/admin) and authentication per project. 

  One account for web interface and mercurial_ push/pull/clone operations.

- Have built in users groups for easier permission management

- Repository groups let you group repos and manage them easier.

- Users can fork other users repo. RhodeCode have also compare view to see

  combined changeset for all changeset made within single push.

- Build in commit-api let's you add, edit and commit files right from RhodeCode

  interface using simple editor or upload form for binaries.

- Mako templates let's you customize the look and feel of the application.

- Beautiful diffs, annotations and source code browsing all colored by pygments. 

  Raw diffs are made in git-diff format, including git_ binary-patches

- Mercurial_ branch graph and yui-flot powered graphs with zooming and statistics

- Admin interface with user/permission management. Admin activity journal, logs

  pulls, pushes, forks, registrations and other actions made by all users.

- Server side forks. It is possible to fork a project and modify it freely 

  without breaking the main repository. You can even write Your own hooks 

  and install them

- code review with notification system, inline commenting, all parsed using

  rst syntax

- rst and markdown README support for repositories  

- Full text search powered by Whoosh on the source files, and file names.

  Build in indexing daemons, with optional incremental index build

  (no external search servers required all in one application)

- Setup project descriptions and info inside built in db for easy, non 

  file-system operations

- Intelligent cache with invalidation after push or project change, provides 

  high performance and always up to date data.

- Rss / atom feeds, gravatar support, download sources as zip/tar/gz

- Backup scripts can do backup of whole app and send it over scp to desired 

  location 

- Based on pylons / sqlalchemy / sqlite / whoosh / vcs

Incoming / Plans

----------------

- Finer granular permissions per branch, repo group or subrepo

- pull requests and web based merges

- per line file history

- SSH based authentication with server side key management

- Commit based built in wiki system

- More statistics and graph (global annotation + some more statistics)

- Other advancements as development continues (or you can of course make 

  additions and or requests)

License

-------

``RhodeCode`` is released under the GPLv3 license.

Getting help

------------

Listed bellow are various support resources that should help.

.. note::

   Please try to read the documentation before posting any issues

- Join the `Google group <http://groups.google.com/group/rhodecode>`_ and ask

  any questions.

- Open an issue at `issue tracker <http://bitbucket.org/marcinkuzminski/rhodecode/issues>`_

- Join #rhodecode on FreeNode (irc.freenode.net)

  or use http://webchat.freenode.net/?channels=rhodecode for web access to irc.

- You can also follow me on twitter **@marcinkuzminski** where i often post some

  news about RhodeCode

Online documentation

--------------------

Online documentation for the current version of RhodeCode is available at

 - http://packages.python.org/RhodeCode/

 - http://rhodecode.readthedocs.org/en/latest/index.html

You may also build the documentation for yourself - go into ``docs/`` and run::

   make html

(You need to have sphinx_ installed to build the documentation. If you don't

have sphinx_ installed you can install it via the command: 

``easy_install sphinx``)

.. _virtualenv: http://pypi.python.org/pypi/virtualenv

.. _python: http://www.python.org/

.. _sphinx: http://sphinx.pocoo.org/

.. _mercurial: http://mercurial.selenic.com/

.. _bitbucket: http://bitbucket.org/

.. _github: http://github.com/

.. _subversion: http://subversion.tigris.org/

.. _git: http://git-scm.com/

.. _celery: http://celeryproject.org/

.. _Sphinx: http://sphinx.pocoo.org/

.. _vcs: http://pypi.python.org/pypi/vcs

.. _api:

===

API

===

Starting from RhodeCode version 1.2 a simple API was implemented.

There's a single schema for calling all api methods. API is implemented

with JSON protocol both ways. An url to send API request in RhodeCode is

<your_server>/_admin/api

API ACCESS FOR WEB VIEWS

++++++++++++++++++++++++

API access can also be turned on for each web view in RhodeCode that is 

decorated with `@LoginRequired` decorator. To enable API access simple change 

the standard login decorator to `@LoginRequired(api_access=True)`. 

After this change, a rhodecode view can be accessed without login by adding a 

GET parameter `?api_key=<api_key>` to url. By default this is only

enabled on RSS/ATOM feed views.

API ACCESS

++++++++++

All clients are required to send JSON-RPC spec JSON data::

    {   

        "id:"<id>",

        "api_key":"<api_key>",

        "method":"<method_name>",

        "args":{"<arg_key>":"<arg_val>"}

    }

Example call for autopulling remotes repos using curl::

    curl https://server.com/_admin/api -X POST -H 'content-type:text/plain' --data-binary '{"id":1,"api_key":"xe7cdb2v278e4evbdf5vs04v832v0efvcbcve4a3","method":"pull","args":{"repo":"CPython"}}'

Simply provide

 - *id* A value of any type, which is used to match the response with the request that it is replying to.

 - *api_key* for access and permission validation.

 - *method* is name of method to call

 - *args* is an key:value list of arguments to pass to method

.. note::

    api_key can be found in your user account page

RhodeCode API will return always a JSON-RPC response::

    {   

        "id":<id>, # matching id sent by request

        "result": "<result>"|null, # JSON formatted result, null if any errors

        "error": "null"|<error_message> # JSON formatted error (if any)

    }

All responses from API will be `HTTP/1.0 200 OK`, if there's an error while

calling api *error* key from response will contain failure description

and result will be null.

API METHODS

+++++++++++

pull

----

Pulls given repo from remote location. Can be used to automatically keep

remote repos up to date. This command can be executed only using api_key

belonging to user with admin rights

INPUT::

    id : <id_for_response>

    api_key : "<api_key>"

    method :  "pull"

    args :    {

                "repo_name" : "<reponame>"

              }

OUTPUT::

    result : "Pulled from <reponame>"

    error :  null

get_user

--------

Get's an user by username or user_id, Returns empty result if user is not found.

This command can be executed only using api_key belonging to user with admin 

rights.

INPUT::

    id : <id_for_response>

    api_key : "<api_key>"

    method :  "get_user"

    args :    { 

                "userid" : "<username or user_id>"

              }

OUTPUT::

    result: None if user does not exist or 

            {

                "id" :       "<id>",

                "username" : "<username>",

                "firstname": "<firstname>",

                "lastname" : "<lastname>",

                "email" :    "<email>",

                "active" :   "<bool>",

                "admin" :    "<bool>",

                "ldap_dn" :  "<ldap_dn>"

            }

    error:  null

get_users

---------

Lists all existing users. This command can be executed only using api_key

belonging to user with admin rights.

INPUT::

    id : <id_for_response>

    api_key : "<api_key>"

    method :  "get_users"

    args :    { }

OUTPUT::

    result: [

              {

                "id" :       "<id>",

                "username" : "<username>",

                "firstname": "<firstname>",

                "lastname" : "<lastname>",

                "email" :    "<email>",

                "active" :   "<bool>",

                "admin" :    "<bool>",

                "ldap_dn" :  "<ldap_dn>"

              },

    	      …

            ]

    error:  null

create_user

-----------

Creates new user. This command can 

be executed only using api_key belonging to user with admin rights.

INPUT::

    id : <id_for_response>

    api_key : "<api_key>"

    method :  "create_user"

    args :    {

                "username" :  "<username>",

                "password" :  "<password>",

                "email" :     "<useremail>",

                "firstname" : "<firstname> = None",

                "lastname" :  "<lastname> = None",

                "active" :    "<bool> = True",

                "admin" :     "<bool> = False",

                "ldap_dn" :   "<ldap_dn> = None"

              }

OUTPUT::

    result: {

              "id" : "<new_user_id>",

              "msg" : "created new user <username>"

            }

    error:  null

update_user

-----------

updates current one if such user exists. This command can 

be executed only using api_key belonging to user with admin rights.

INPUT::

    id : <id_for_response>

    api_key : "<api_key>"

    method :  "update_user"

    args :    {

                "userid" : "<user_id or username>",

                "username" :  "<username>",

                "password" :  "<password>",

                "email" :     "<useremail>",

                "firstname" : "<firstname>",

                "lastname" :  "<lastname>",

                "active" :    "<bool>",

                "admin" :     "<bool>",

                "ldap_dn" :   "<ldap_dn>"

              }

OUTPUT::

    result: {

              "id" : "<edited_user_id>",

              "msg" : "updated user <username>"

            }

    error:  null

get_users_group

---------------

Gets an existing users group. This command can be executed only using api_key

belonging to user with admin rights.

INPUT::

    id : <id_for_response>

    api_key : "<api_key>"

    method :  "get_users_group"

    args :    {

                "group_name" : "<name>"

              }

OUTPUT::

    result : None if group not exist

             {

               "id" :         "<id>",

               "group_name" : "<groupname>",

               "active":      "<bool>",

               "members" :  [

                              { "id" :       "<userid>",

                                "username" : "<username>",

                                "firstname": "<firstname>",

                                "lastname" : "<lastname>",

                                "email" :    "<email>",

                                "active" :   "<bool>",

                                "admin" :    "<bool>",

                                "ldap" :     "<ldap_dn>"

                              },

                              …

                            ]

             }

    error : null

get_users_groups

----------------

Lists all existing users groups. This command can be executed only using 

api_key belonging to user with admin rights.

INPUT::

    id : <id_for_response>

    api_key : "<api_key>"

    method :  "get_users_groups"

    args :    { }

OUTPUT::

    result : [

               {

                 "id" :         "<id>",

                 "group_name" : "<groupname>",

                 "active":      "<bool>",

                 "members" :  [

	    	                    {

	    	                      "id" :       "<userid>",

	                              "username" : "<username>",

	                              "firstname": "<firstname>",

	                              "lastname" : "<lastname>",

	                              "email" :    "<email>",

	                              "active" :   "<bool>",

	                              "admin" :    "<bool>",

	                              "ldap" :     "<ldap_dn>"

	                            },

	    	                    …

	                          ]

	            }

              ]

    error : null

create_users_group

------------------

Creates new users group. This command can be executed only using api_key

belonging to user with admin rights

INPUT::

    id : <id_for_response>

    api_key : "<api_key>"

    method :  "create_users_group"

    args:     {

                "group_name":  "<groupname>",

                "active":"<bool> = True"

              }

OUTPUT::

    result: {

              "id":  "<newusersgroupid>",

              "msg": "created new users group <groupname>"

            }

    error:  null

add_user_to_users_group

-----------------------

Adds a user to a users group. If user exists in that group success will be 

`false`. This command can be executed only using api_key

belonging to user with admin rights

INPUT::

    id : <id_for_response>

    api_key : "<api_key>"

    method :  "add_user_users_group"

    args:     {

                "group_name" :  "<groupname>",

                "username" :   "<username>"

              }

OUTPUT::

    result: {

              "id":  "<newusersgroupmemberid>",

              "success": True|False # depends on if member is in group

              "msg": "added member <username> to users group <groupname> | 

                      User is already in that group"

            }

    error:  null

remove_user_from_users_group

----------------------------

Removes a user from a users group. If user is not in given group success will

be `false`. This command can be executed only 

using api_key belonging to user with admin rights

INPUT::

    id : <id_for_response>

    api_key : "<api_key>"

    method :  "remove_user_from_users_group"

    args:     {

                "group_name" :  "<groupname>",

                "username" :   "<username>"

              }

OUTPUT::

    result: {

              "success":  True|False,  # depends on if member is in group

              "msg": "removed member <username> from users group <groupname> | 

                      User wasn't in group"

            }

    error:  null

get_repo

--------

be executed only using api_key belonging to user with admin rights.

INPUT::

    id : <id_for_response>

    api_key : "<api_key>"

    method :  "get_repo"

    args:     {

                "repoid" : "<reponame or repo_id>"

              }

OUTPUT::

    result: None if repository does not exist or

            {

                "id" :          "<id>",

                "repo_name" :   "<reponame>"

                "type" :        "<type>",

                "description" : "<description>",

                "members" :     [

                                    "username" :   "<username>",

                                    "firstname":   "<firstname>",

                                    "lastname" :   "<lastname>",

                                    "email" :      "<email>",

                                    "active" :     "<bool>",

                                    "admin" :      "<bool>",

                                    "ldap" :       "<ldap_dn>",

                                    "permission" : "repository.(read|write|admin)"

                                  },

                                  …

                                    "id" :       "<usersgroupid>",

                                    "name" :     "<usersgroupname>",

                                    "active":    "<bool>",

                                    "permission" : "repository.(read|write|admin)"

                                  },

                                  …

                                ]

            }

    error:  null

get_repos

---------

Lists all existing repositories. This command can be executed only using api_key

belonging to user with admin rights

INPUT::

    id : <id_for_response>

    api_key : "<api_key>"

    method :  "get_repos"

    args:     { }

OUTPUT::

    result: [

              {

                "id" :          "<id>",

                "repo_name" :   "<reponame>"

                "type" :        "<type>",

                "description" : "<description>"

              },

              …

            ]

    error:  null

get_repo_nodes

--------------

returns a list of nodes and it's children in a flat list for a given path 

at given revision. It's possible to specify ret_type to show only `files` or 

`dirs`. This command can be executed only using api_key belonging to user 

with admin rights

INPUT::

    id : <id_for_response>

    api_key : "<api_key>"

    method :  "get_repo_nodes"

    args:     {

                "repo_name" : "<reponame>",

                "revision"  : "<revision>",

                "root_path" : "<root_path>",

                "ret_type"  : "<ret_type>" = 'all'

              }

OUTPUT::

    result: [

              {

                "name" :        "<name>"

                "type" :        "<type>",

              },

              …

            ]

    error:  null

create_repo

-----------

Creates a repository. This command can be executed only using api_key

belonging to user with admin rights.

If repository name contains "/", all needed repository groups will be created.

For example "foo/bar/baz" will create groups "foo", "bar" (with "foo" as parent),

and create "baz" repository with "bar" as group.

INPUT::

    id : <id_for_response>

    api_key : "<api_key>"

    method :  "create_repo"

    args:     {

                "repo_name" :   "<reponame>",

                "owner_name" :  "<ownername>",

                "description" : "<description> = ''",

                "repo_type" :   "<type> = 'hg'",

                "private" :     "<bool> = False",

                "clone_uri" :   "<clone_uri> = None",

              }

OUTPUT::

    result: {

              "id": "<newrepoid>",

              "msg": "Created new repository <reponame>",

            }

    error:  null

delete_repo

-----------

Deletes a repository. This command can be executed only using api_key

belonging to user with admin rights.

INPUT::

    id : <id_for_response>

    api_key : "<api_key>"

    method :  "delete_repo"

    args:     {

                "repo_name" :   "<reponame>",

              }

OUTPUT::

    result: {

              "msg": "Deleted repository <reponame>",

            }

    error:  null

grant_user_permission

---------------------

Grant permission for user on given repository, or update existing one

if found. This command can be executed only using api_key belonging to user 

with admin rights.

INPUT::

    id : <id_for_response>

    api_key : "<api_key>"

    method :  "grant_user_permission"

    args:     {

                "repo_name" :  "<reponame>",

                "username" :   "<username>",

                "perm" :       "(repository.(none|read|write|admin))",

              }

OUTPUT::

    result: {

              "msg" : "Granted perm: <perm> for user: <username> in repo: <reponame>"

            }

    error:  null

revoke_user_permission

----------------------

Revoke permission for user on given repository. This command can be executed 

only using api_key belonging to user with admin rights.

INPUT::

    id : <id_for_response>

    api_key : "<api_key>"

    method  : "revoke_user_permission"

    args:     {

                "repo_name" :  "<reponame>",

                "username" :   "<username>",

              }

OUTPUT::

    result: {

              "msg" : "Revoked perm for user: <suername> in repo: <reponame>"

            }

    error:  null

grant_users_group_permission

----------------------------

Grant permission for users group on given repository, or update

existing one if found. This command can be executed only using 

api_key belonging to user with admin rights.

INPUT::

    id : <id_for_response>

    api_key : "<api_key>"

    method :  "grant_users_group_permission"

    args:     {

                "repo_name" : "<reponame>",

                "group_name" : "<usersgroupname>",

                "perm" : "(repository.(none|read|write|admin))",

              }

OUTPUT::

    result: {

              "msg" : "Granted perm: <perm> for group: <usersgroupname> in repo: <reponame>"

            }

    error:  null

revoke_users_group_permission

-----------------------------

Revoke permission for users group on given repository.This command can be 

executed only using api_key belonging to user with admin rights.

INPUT::

    id : <id_for_response>

    api_key : "<api_key>"

    method  : "revoke_users_group_permission"

    args:     {

                "repo_name" :  "<reponame>",

                "users_group" :   "<usersgroupname>",

              }

OUTPUT::

    result: {

              "msg" : "Revoked perm for group: <usersgroupname> in repo: <reponame>"

            }

    error:  null

# -*- coding: utf-8 -*-

"""

    rhodecode.controllers.api

    ~~~~~~~~~~~~~~~~~~~~~~~~~

    API controller for RhodeCode

    :created_on: Aug 20, 2011

    :author: marcink

    :copyright: (C) 2011-2012 Marcin Kuzminski <marcin@python-works.com>

    :license: GPLv3, see COPYING for more details.

"""

# This program is free software; you can redistribute it and/or

# modify it under the terms of the GNU General Public License

# as published by the Free Software Foundation; version 2

# of the License or (at your opinion) any later version of the license.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program; if not, write to the Free Software

# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,

# MA  02110-1301, USA.

import traceback

import logging

from rhodecode.controllers.api import JSONRPCController, JSONRPCError

from rhodecode.lib.auth import HasPermissionAllDecorator, \