def to_python(self, value, state): repo_type = value.get('repo_type') url = value.get('clone_uri') e_dict = {'clone_uri': _('invalid clone url')} if not url: pass elif url.startswith('https'): try: url_handler(repo_type, url, 'https', make_ui('db')) except Exception: log.error(traceback.format_exc()) raise formencode.Invalid('', value, state, error_dict=e_dict) elif url.startswith('http'): try: url_handler(repo_type, url, 'http', make_ui('db')) except Exception: log.error(traceback.format_exc()) raise formencode.Invalid('', value, state, error_dict=e_dict) else: e_dict = {'clone_uri': _('Invalid clone url, provide a ' 'valid clone http\s url')} raise formencode.Invalid('', value, state, error_dict=e_dict) return value
def url_handler(repo_type, url, proto, ui=None): if repo_type == 'hg': from mercurial.httprepo import httprepository, httpsrepository if proto == 'https': httpsrepository(make_ui('db'), url).capabilities elif proto == 'http': httprepository(make_ui('db'), url).capabilities elif repo_type == 'git': #TODO: write a git url validator pass
def __inject_extras(self, repo_path, baseui, extras={}): """ Injects some extra params into baseui instance also overwrites global settings with those takes from local hgrc file :param baseui: baseui instance :param extras: dict with extra params to put into baseui """ hgrc = os.path.join(repo_path, '.hg', 'hgrc') # make our hgweb quiet so it doesn't print output baseui.setconfig('ui', 'quiet', 'true') #inject some additional parameters that will be available in ui #for hooks for k, v in extras.items(): baseui.setconfig('rhodecode_extras', k, v) repoui = make_ui('file', hgrc, False) if repoui: #overwrite our ui instance with the section from hgrc file for section in ui_sections: for k, v in repoui.configitems(section): baseui.setconfig(section, k, v)
def load_environment(global_conf, app_conf, initial=False): """Configure the Pylons environment via the ``pylons.config`` object """ config = PylonsConfig() # Pylons paths root = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) paths = dict(root=root, controllers=os.path.join(root, 'controllers'), static_files=os.path.join(root, 'public'), templates=[os.path.join(root, 'templates')]) # Initialize config with the basic options config.init_app(global_conf, app_conf, package='rhodecode', paths=paths) config['routes.map'] = make_map(config) config['pylons.app_globals'] = app_globals.Globals(config) config['pylons.h'] = rhodecode.lib.helpers # Setup cache object as early as possible import pylons pylons.cache._push_object(config['pylons.app_globals'].cache) # Create the Mako TemplateLookup, with the default auto-escaping config['pylons.app_globals'].mako_lookup = TemplateLookup( directories=paths['templates'], error_handler=handle_mako_error, module_directory=os.path.join(app_conf['cache_dir'], 'templates'), input_encoding='utf-8', default_filters=['escape'], imports=['from webhelpers.html import escape']) #sets the c attribute access when don't existing attribute are accessed config['pylons.strict_tmpl_context'] = True test = os.path.split(config['__file__'])[-1] == 'test.ini' if test: from rhodecode.lib.utils import create_test_env, create_test_index from rhodecode.tests import TESTS_TMP_PATH create_test_env(TESTS_TMP_PATH, config) create_test_index(TESTS_TMP_PATH, config, True) #MULTIPLE DB configs # Setup the SQLAlchemy database engine sa_engine_db1 = engine_from_config(config, 'sqlalchemy.db1.') init_model(sa_engine_db1) repos_path = make_ui('db').configitems('paths')[0][1] repo2db_mapper(ScmModel().repo_scan(repos_path)) set_available_permissions(config) config['base_path'] = repos_path set_rhodecode_config(config) # CONFIGURATION OPTIONS HERE (note: all config options will override # any Pylons config options) return config
def to_python(self, value, state): if not value: pass elif value.startswith('https'): try: httpsrepository(make_ui('db'), value).capabilities except Exception, e: log.error(traceback.format_exc()) raise formencode.Invalid(_('invalid clone url'), value, state)
def validate_python(self, value, state): repo_type = value.get("repo_type") url = value.get("clone_uri") if not url: pass else: try: url_handler(repo_type, url, make_ui("db", clear_session=False)) except Exception: log.exception("Url validation failed") msg = M(self, "clone_uri") raise formencode.Invalid(msg, value, state, error_dict=dict(clone_uri=msg))
def validate_python(self, value, state): repo_type = value.get('repo_type') url = value.get('clone_uri') if not url: pass else: try: url_handler(repo_type, url, make_ui('db', clear_session=False)) except Exception: log.exception('Url validation failed') msg = M(self, 'clone_uri') raise formencode.Invalid(msg, value, state, error_dict=dict(clone_uri=msg) )
def repo_scan(self, repos_path=None): """ Listing of repositories in given path. This path should not be a repository itself. Return a dictionary of repository objects :param repos_path: path to directory containing repositories """ if repos_path is None: repos_path = self.repos_path log.info('scanning for repositories in %s' % repos_path) baseui = make_ui('db') repos = {} for name, path in get_filesystem_repos(repos_path, recursive=True): # skip removed repos if REMOVED_REPO_PAT.match(name): continue # name need to be decomposed and put back together using the / # since this is internal storage separator for rhodecode name = Repository.url_sep().join(name.split(os.sep)) try: if name in repos: raise RepositoryError('Duplicate repository name %s ' 'found in %s' % (name, path)) else: klass = get_backend(path[0]) if path[0] == 'hg' and path[0] in BACKENDS.keys(): repos[name] = klass(safe_str(path[1]), baseui=baseui) if path[0] == 'git' and path[0] in BACKENDS.keys(): repos[name] = klass(path[1]) except OSError: continue return repos
def __inject_extras(self, repo_path, baseui, extras={}): """ Injects some extra params into baseui instance also overwrites global settings with those takes from local hgrc file :param baseui: baseui instance :param extras: dict with extra params to put into baseui """ hgrc = os.path.join(repo_path, ".hg", "hgrc") # make our hgweb quiet so it doesn't print output baseui.setconfig("ui", "quiet", "true") repoui = make_ui("file", hgrc, False) if repoui: # overwrite our ui instance with the section from hgrc file for section in ui_sections: for k, v in repoui.configitems(section): baseui.setconfig(section, k, v) _set_extras(extras)
def repo_scan(self, repos_path=None): """Listing of repositories in given path. This path should not be a repository itself. Return a dictionary of repository objects :param repos_path: path to directory containing repositories """ log.info('scanning for repositories in %s', repos_path) if repos_path is None: repos_path = self.repos_path baseui = make_ui('db') repos_list = {} for name, path in get_filesystem_repos(repos_path, recursive=True): try: if name in repos_list: raise RepositoryError('Duplicate repository name %s ' 'found in %s' % (name, path)) else: klass = get_backend(path[0]) if path[0] == 'hg' and path[0] in BACKENDS.keys(): # for mercurial we need to have an str path repos_list[name] = klass(safe_str(path[1]), baseui=baseui) if path[0] == 'git' and path[0] in BACKENDS.keys(): repos_list[name] = klass(path[1]) except OSError: continue return repos_list
def handle_git_receive(repo_path, revs, env, hook_type='post'): """ A really hacky method that is runned by git post-receive hook and logs an push action together with pushed revisions. It's executed by subprocess thus needs all info to be able to create a on the fly pylons enviroment, connect to database and run the logging code. Hacky as sh*t but works. :param repo_path: :param revs: :param env: """ from paste.deploy import appconfig from sqlalchemy import engine_from_config from rhodecode.config.environment import load_environment from rhodecode.model import init_model from rhodecode.model.db import RhodeCodeUi from rhodecode.lib.utils import make_ui extras = _extract_extras(env) path, ini_name = os.path.split(extras['config']) conf = appconfig('config:%s' % ini_name, relative_to=path) load_environment(conf.global_conf, conf.local_conf) engine = engine_from_config(conf, 'sqlalchemy.db1.') init_model(engine) baseui = make_ui('db') # fix if it's not a bare repo if repo_path.endswith(os.sep + '.git'): repo_path = repo_path[:-5] repo = Repository.get_by_full_path(repo_path) if not repo: raise OSError('Repository %s not found in database' % (safe_str(repo_path))) _hooks = dict(baseui.configitems('hooks')) or {} if hook_type == 'pre': repo = repo.scm_instance else: #post push shouldn't use the cached instance never repo = repo.scm_instance_no_cache() if hook_type == 'pre': pre_push(baseui, repo) # if push hook is enabled via web interface elif hook_type == 'post' and _hooks.get(RhodeCodeUi.HOOK_PUSH): rev_data = [] for l in revs: old_rev, new_rev, ref = l.split(' ') _ref_data = ref.split('/') if _ref_data[1] in ['tags', 'heads']: rev_data.append({ 'old_rev': old_rev, 'new_rev': new_rev, 'ref': ref, 'type': _ref_data[1], 'name': _ref_data[2].strip() }) git_revs = [] for push_ref in rev_data: _type = push_ref['type'] if _type == 'heads': if push_ref['old_rev'] == EmptyChangeset().raw_id: cmd = "for-each-ref --format='%(refname)' 'refs/heads/*'" heads = repo.run_git_command(cmd)[0] heads = heads.replace(push_ref['ref'], '') heads = ' '.join( map(lambda c: c.strip('\n').strip(), heads.splitlines())) cmd = (('log %(new_rev)s' % push_ref) + ' --reverse --pretty=format:"%H" --not ' + heads) git_revs += repo.run_git_command(cmd)[0].splitlines() elif push_ref['new_rev'] == EmptyChangeset().raw_id: #delete branch case git_revs += ['delete_branch=>%s' % push_ref['name']] else: cmd = (('log %(old_rev)s..%(new_rev)s' % push_ref) + ' --reverse --pretty=format:"%H"') git_revs += repo.run_git_command(cmd)[0].splitlines() elif _type == 'tags': git_revs += ['tag=>%s' % push_ref['name']] log_push_action(baseui, repo, _git_revs=git_revs)
def _handle_request(self, environ, start_response): if not is_mercurial(environ): return self.application(environ, start_response) proxy_key = 'HTTP_X_REAL_IP' def_key = 'REMOTE_ADDR' ipaddr = environ.get(proxy_key, environ.get(def_key, '0.0.0.0')) # skip passing error to error controller environ['pylons.status_code_redirect'] = True #====================================================================== # EXTRACT REPOSITORY NAME FROM ENV #====================================================================== try: repo_name = environ['REPO_NAME'] = self.__get_repository(environ) log.debug('Extracted repo name is %s' % repo_name) except: return HTTPInternalServerError()(environ, start_response) #====================================================================== # GET ACTION PULL or PUSH #====================================================================== action = self.__get_action(environ) #====================================================================== # CHECK ANONYMOUS PERMISSION #====================================================================== if action in ['pull', 'push']: anonymous_user = self.__get_user('default') username = anonymous_user.username anonymous_perm = self.__check_permission(action, anonymous_user, repo_name) if anonymous_perm is not True or anonymous_user.active is False: if anonymous_perm is not True: log.debug('Not enough credentials to access this ' 'repository as anonymous user') if anonymous_user.active is False: log.debug('Anonymous access is disabled, running ' 'authentication') #============================================================== # DEFAULT PERM FAILED OR ANONYMOUS ACCESS IS DISABLED SO WE # NEED TO AUTHENTICATE AND ASK FOR AUTH USER PERMISSIONS #============================================================== if not REMOTE_USER(environ): self.authenticate.realm = \ safe_str(self.config['rhodecode_realm']) result = self.authenticate(environ) if isinstance(result, str): AUTH_TYPE.update(environ, 'basic') REMOTE_USER.update(environ, result) else: return result.wsgi_application(environ, start_response) #============================================================== # CHECK PERMISSIONS FOR THIS REQUEST USING GIVEN USERNAME FROM # BASIC AUTH #============================================================== if action in ['pull', 'push']: username = REMOTE_USER(environ) try: user = self.__get_user(username) if user is None: return HTTPForbidden()(environ, start_response) username = user.username except: log.error(traceback.format_exc()) return HTTPInternalServerError()(environ, start_response) #check permissions for this repository perm = self.__check_permission(action, user, repo_name) if perm is not True: return HTTPForbidden()(environ, start_response) extras = {'ip': ipaddr, 'username': username, 'action': action, 'repository': repo_name} #====================================================================== # MERCURIAL REQUEST HANDLING #====================================================================== repo_path = safe_str(os.path.join(self.basepath, repo_name)) log.debug('Repository path is %s' % repo_path) baseui = make_ui('db') self.__inject_extras(repo_path, baseui, extras) # quick check if that dir exists... if is_valid_repo(repo_name, self.basepath) is False: return HTTPNotFound()(environ, start_response) try: #invalidate cache on push if action == 'push': self.__invalidate_cache(repo_name) app = self.__make_app(repo_path, baseui, extras) return app(environ, start_response) except RepoError, e: if str(e).find('not found') != -1: return HTTPNotFound()(environ, start_response)
def _handle_request(self, environ, start_response): if not is_mercurial(environ): return self.application(environ, start_response) if not self._check_ssl(environ, start_response): return HTTPNotAcceptable('SSL REQUIRED !')(environ, start_response) ip_addr = self._get_ip_addr(environ) username = None # skip passing error to error controller environ['pylons.status_code_redirect'] = True #====================================================================== # EXTRACT REPOSITORY NAME FROM ENV #====================================================================== try: repo_name = environ['REPO_NAME'] = self.__get_repository(environ) log.debug('Extracted repo name is %s' % repo_name) except Exception: return HTTPInternalServerError()(environ, start_response) # quick check if that dir exists... if not is_valid_repo(repo_name, self.basepath, 'hg'): return HTTPNotFound()(environ, start_response) #====================================================================== # GET ACTION PULL or PUSH #====================================================================== action = self.__get_action(environ) #====================================================================== # CHECK ANONYMOUS PERMISSION #====================================================================== if action in ['pull', 'push']: anonymous_user = self.__get_user('default') username = anonymous_user.username anonymous_perm = self._check_permission(action, anonymous_user, repo_name, ip_addr) if not anonymous_perm or not anonymous_user.active: if not anonymous_perm: log.debug('Not enough credentials to access this ' 'repository as anonymous user') if not anonymous_user.active: log.debug('Anonymous access is disabled, running ' 'authentication') #============================================================== # DEFAULT PERM FAILED OR ANONYMOUS ACCESS IS DISABLED SO WE # NEED TO AUTHENTICATE AND ASK FOR AUTH USER PERMISSIONS #============================================================== # Attempting to retrieve username from the container username = get_container_username(environ, self.config) # If not authenticated by the container, running basic auth if not username: self.authenticate.realm = \ safe_str(self.config['rhodecode_realm']) result = self.authenticate(environ) if isinstance(result, str): AUTH_TYPE.update(environ, 'basic') REMOTE_USER.update(environ, result) username = result else: return result.wsgi_application(environ, start_response) #============================================================== # CHECK PERMISSIONS FOR THIS REQUEST USING GIVEN USERNAME #============================================================== try: user = self.__get_user(username) if user is None or not user.active: return HTTPForbidden()(environ, start_response) username = user.username except Exception: log.error(traceback.format_exc()) return HTTPInternalServerError()(environ, start_response) #check permissions for this repository perm = self._check_permission(action, user, repo_name, ip_addr) if not perm: return HTTPForbidden()(environ, start_response) # extras are injected into mercurial UI object and later available # in hg hooks executed by rhodecode from rhodecode import CONFIG server_url = get_server_url(environ) extras = { 'ip': ip_addr, 'username': username, 'action': action, 'repository': repo_name, 'scm': 'hg', 'config': CONFIG['__file__'], 'server_url': server_url, 'make_lock': None, 'locked_by': [None, None] } #====================================================================== # MERCURIAL REQUEST HANDLING #====================================================================== str_repo_name = safe_str(repo_name) repo_path = os.path.join(safe_str(self.basepath), str_repo_name) log.debug('Repository path is %s' % repo_path) # CHECK LOCKING only if it's not ANONYMOUS USER if username != User.DEFAULT_USER: log.debug('Checking locking on repository') (make_lock, locked, locked_by) = self._check_locking_state(environ=environ, action=action, repo=repo_name, user_id=user.user_id) # store the make_lock for later evaluation in hooks extras.update({'make_lock': make_lock, 'locked_by': locked_by}) fix_PATH() log.debug('HOOKS extras is %s' % extras) baseui = make_ui('db') self.__inject_extras(repo_path, baseui, extras) try: log.info('%s action on HG repo "%s" by "%s" from %s' % (action, str_repo_name, safe_str(username), ip_addr)) app = self.__make_app(repo_path, baseui, extras) return app(environ, start_response) except RepoError, e: if str(e).find('not found') != -1: return HTTPNotFound()(environ, start_response)
def load_environment(global_conf, app_conf, initial=False): """ Configure the Pylons environment via the ``pylons.config`` object """ config = PylonsConfig() # Pylons paths root = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) paths = dict(root=root, controllers=os.path.join(root, 'controllers'), static_files=os.path.join(root, 'public'), templates=[os.path.join(root, 'templates')]) # Initialize config with the basic options config.init_app(global_conf, app_conf, package='rhodecode', paths=paths) # store some globals into rhodecode rhodecode.CELERY_ON = str2bool(config['app_conf'].get('use_celery')) rhodecode.CELERY_EAGER = str2bool( config['app_conf'].get('celery.always.eager')) config['routes.map'] = make_map(config) config['pylons.app_globals'] = app_globals.Globals(config) config['pylons.h'] = helpers rhodecode.CONFIG = config load_rcextensions(root_path=config['here']) # Setup cache object as early as possible import pylons pylons.cache._push_object(config['pylons.app_globals'].cache) # Create the Mako TemplateLookup, with the default auto-escaping config['pylons.app_globals'].mako_lookup = TemplateLookup( directories=paths['templates'], error_handler=handle_mako_error, module_directory=os.path.join(app_conf['cache_dir'], 'templates'), input_encoding='utf-8', default_filters=['escape'], imports=['from webhelpers.html import escape']) # sets the c attribute access when don't existing attribute are accessed config['pylons.strict_tmpl_context'] = True test = os.path.split(config['__file__'])[-1] == 'test.ini' if test: from rhodecode.lib.utils import create_test_env, create_test_index from rhodecode.tests import TESTS_TMP_PATH create_test_env(TESTS_TMP_PATH, config) create_test_index(TESTS_TMP_PATH, config, True) # MULTIPLE DB configs # Setup the SQLAlchemy database engine sa_engine_db1 = engine_from_config(config, 'sqlalchemy.db1.') init_model(sa_engine_db1) repos_path = make_ui('db').configitems('paths')[0][1] repo2db_mapper(ScmModel().repo_scan(repos_path)) set_available_permissions(config) config['base_path'] = repos_path set_rhodecode_config(config) # CONFIGURATION OPTIONS HERE (note: all config options will override # any Pylons config options) # store config reference into our module to skip import magic of # pylons rhodecode.CONFIG.update(config) return config
def _handle_request(self, environ, start_response): if not is_mercurial(environ): return self.application(environ, start_response) if not self._check_ssl(environ, start_response): return HTTPNotAcceptable("SSL REQUIRED !")(environ, start_response) ip_addr = self._get_ip_addr(environ) username = None # skip passing error to error controller environ["pylons.status_code_redirect"] = True # ====================================================================== # EXTRACT REPOSITORY NAME FROM ENV # ====================================================================== try: repo_name = environ["REPO_NAME"] = self.__get_repository(environ) log.debug("Extracted repo name is %s" % repo_name) except Exception: return HTTPInternalServerError()(environ, start_response) # quick check if that dir exists... if not is_valid_repo(repo_name, self.basepath, "hg"): return HTTPNotFound()(environ, start_response) # ====================================================================== # GET ACTION PULL or PUSH # ====================================================================== action = self.__get_action(environ) # ====================================================================== # CHECK ANONYMOUS PERMISSION # ====================================================================== if action in ["pull", "push"]: anonymous_user = self.__get_user("default") username = anonymous_user.username anonymous_perm = self._check_permission(action, anonymous_user, repo_name, ip_addr) if not anonymous_perm or not anonymous_user.active: if not anonymous_perm: log.debug("Not enough credentials to access this " "repository as anonymous user") if not anonymous_user.active: log.debug("Anonymous access is disabled, running " "authentication") # ============================================================== # DEFAULT PERM FAILED OR ANONYMOUS ACCESS IS DISABLED SO WE # NEED TO AUTHENTICATE AND ASK FOR AUTH USER PERMISSIONS # ============================================================== # Attempting to retrieve username from the container username = get_container_username(environ, self.config) # If not authenticated by the container, running basic auth if not username: self.authenticate.realm = safe_str(self.config["rhodecode_realm"]) result = self.authenticate(environ) if isinstance(result, str): AUTH_TYPE.update(environ, "basic") REMOTE_USER.update(environ, result) username = result else: return result.wsgi_application(environ, start_response) # ============================================================== # CHECK PERMISSIONS FOR THIS REQUEST USING GIVEN USERNAME # ============================================================== try: user = self.__get_user(username) if user is None or not user.active: return HTTPForbidden()(environ, start_response) username = user.username except Exception: log.error(traceback.format_exc()) return HTTPInternalServerError()(environ, start_response) # check permissions for this repository perm = self._check_permission(action, user, repo_name, ip_addr) if not perm: return HTTPForbidden()(environ, start_response) # extras are injected into mercurial UI object and later available # in hg hooks executed by rhodecode from rhodecode import CONFIG server_url = get_server_url(environ) extras = { "ip": ip_addr, "username": username, "action": action, "repository": repo_name, "scm": "hg", "config": CONFIG["__file__"], "server_url": server_url, "make_lock": None, "locked_by": [None, None], } # ====================================================================== # MERCURIAL REQUEST HANDLING # ====================================================================== str_repo_name = safe_str(repo_name) repo_path = os.path.join(safe_str(self.basepath), str_repo_name) log.debug("Repository path is %s" % repo_path) # CHECK LOCKING only if it's not ANONYMOUS USER if username != User.DEFAULT_USER: log.debug("Checking locking on repository") (make_lock, locked, locked_by) = self._check_locking_state( environ=environ, action=action, repo=repo_name, user_id=user.user_id ) # store the make_lock for later evaluation in hooks extras.update({"make_lock": make_lock, "locked_by": locked_by}) # set the environ variables for this request os.environ["RC_SCM_DATA"] = json.dumps(extras) fix_PATH() log.debug("HOOKS extras is %s" % extras) baseui = make_ui("db") self.__inject_extras(repo_path, baseui, extras) try: log.info('%s action on HG repo "%s" by "%s" from %s' % (action, str_repo_name, safe_str(username), ip_addr)) app = self.__make_app(repo_path, baseui, extras) return app(environ, start_response) except RepoError, e: if str(e).find("not found") != -1: return HTTPNotFound()(environ, start_response)
def handle_git_receive(repo_path, revs, env, hook_type='post'): """ A really hacky method that is runned by git post-receive hook and logs an push action together with pushed revisions. It's executed by subprocess thus needs all info to be able to create a on the fly pylons enviroment, connect to database and run the logging code. Hacky as sh*t but works. :param repo_path: :param revs: :param env: """ from paste.deploy import appconfig from sqlalchemy import engine_from_config from rhodecode.config.environment import load_environment from rhodecode.model import init_model from rhodecode.model.db import RhodeCodeUi from rhodecode.lib.utils import make_ui extras = _extract_extras(env) path, ini_name = os.path.split(extras['config']) conf = appconfig('config:%s' % ini_name, relative_to=path) load_environment(conf.global_conf, conf.local_conf) engine = engine_from_config(conf, 'sqlalchemy.db1.') init_model(engine) baseui = make_ui('db') # fix if it's not a bare repo if repo_path.endswith(os.sep + '.git'): repo_path = repo_path[:-5] repo = Repository.get_by_full_path(repo_path) if not repo: raise OSError('Repository %s not found in database' % (safe_str(repo_path))) _hooks = dict(baseui.configitems('hooks')) or {} if hook_type == 'pre': repo = repo.scm_instance else: #post push shouldn't use the cached instance never repo = repo.scm_instance_no_cache() if hook_type == 'pre': pre_push(baseui, repo) # if push hook is enabled via web interface elif hook_type == 'post' and _hooks.get(RhodeCodeUi.HOOK_PUSH): rev_data = [] for l in revs: old_rev, new_rev, ref = l.split(' ') _ref_data = ref.split('/') if _ref_data[1] in ['tags', 'heads']: rev_data.append({'old_rev': old_rev, 'new_rev': new_rev, 'ref': ref, 'type': _ref_data[1], 'name': _ref_data[2].strip()}) git_revs = [] for push_ref in rev_data: _type = push_ref['type'] if _type == 'heads': if push_ref['old_rev'] == EmptyChangeset().raw_id: cmd = "for-each-ref --format='%(refname)' 'refs/heads/*'" heads = repo.run_git_command(cmd)[0] heads = heads.replace(push_ref['ref'], '') heads = ' '.join(map(lambda c: c.strip('\n').strip(), heads.splitlines())) cmd = (('log %(new_rev)s' % push_ref) + ' --reverse --pretty=format:"%H" --not ' + heads) git_revs += repo.run_git_command(cmd)[0].splitlines() elif push_ref['new_rev'] == EmptyChangeset().raw_id: #delete branch case git_revs += ['delete_branch=>%s' % push_ref['name']] else: cmd = (('log %(old_rev)s..%(new_rev)s' % push_ref) + ' --reverse --pretty=format:"%H"') git_revs += repo.run_git_command(cmd)[0].splitlines() elif _type == 'tags': git_revs += ['tag=>%s' % push_ref['name']] log_push_action(baseui, repo, _git_revs=git_revs)
def differ(org_repo, org_ref, other_repo, other_ref, discovery_data=None, remote_compare=False, context=3, ignore_whitespace=False): """ General differ between branches, bookmarks, revisions of two remote or local but related repositories :param org_repo: :param org_ref: :param other_repo: :type other_repo: :type other_ref: """ org_repo_scm = org_repo.scm_instance other_repo_scm = other_repo.scm_instance org_repo = org_repo_scm._repo other_repo = other_repo_scm._repo org_ref = org_ref[1] other_ref = other_ref[1] if org_repo_scm == other_repo_scm: log.debug('running diff between %s@%s and %s@%s' % (org_repo.path, org_ref, other_repo.path, other_ref)) _diff = org_repo_scm.get_diff(rev1=org_ref, rev2=other_ref, ignore_whitespace=ignore_whitespace, context=context) return _diff elif remote_compare: opts = diffopts(git=True, ignorews=ignore_whitespace, context=context) common, incoming, rheads = discovery_data org_repo_peer = localrepo.locallegacypeer(org_repo.local()) # create a bundle (uncompressed if other repo is not local) if org_repo_peer.capable('getbundle'): # disable repo hooks here since it's just bundle ! # patch and reset hooks section of UI config to not run any # hooks on fetching archives with subrepos for k, _ in org_repo.ui.configitems('hooks'): org_repo.ui.setconfig('hooks', k, None) unbundle = org_repo.getbundle('incoming', common=None, heads=None) buf = BytesIO() while True: chunk = unbundle._stream.read(1024 * 4) if not chunk: break buf.write(chunk) buf.seek(0) # replace chunked _stream with data that can do tell() and seek() unbundle._stream = buf ui = make_ui('db') bundlerepo = InMemoryBundleRepo(ui, path=org_repo.root, bundlestream=unbundle) return ''.join(patch.diff(bundlerepo, node1=other_repo[other_ref].node(), node2=org_repo[org_ref].node(), opts=opts)) return ''
def load_environment(global_conf, app_conf, initial=False): """ Configure the Pylons environment via the ``pylons.config`` object """ config = PylonsConfig() # Pylons paths root = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) paths = dict( root=root, controllers=os.path.join(root, "controllers"), static_files=os.path.join(root, "public"), templates=[os.path.join(root, "templates")], ) # Initialize config with the basic options config.init_app(global_conf, app_conf, package="rhodecode", paths=paths) # store some globals into rhodecode rhodecode.CELERY_ON = str2bool(config["app_conf"].get("use_celery")) rhodecode.CELERY_EAGER = str2bool(config["app_conf"].get("celery.always.eager")) config["routes.map"] = make_map(config) config["pylons.app_globals"] = app_globals.Globals(config) config["pylons.h"] = helpers rhodecode.CONFIG = config load_rcextensions(root_path=config["here"]) # Setup cache object as early as possible import pylons pylons.cache._push_object(config["pylons.app_globals"].cache) # Create the Mako TemplateLookup, with the default auto-escaping config["pylons.app_globals"].mako_lookup = TemplateLookup( directories=paths["templates"], error_handler=handle_mako_error, module_directory=os.path.join(app_conf["cache_dir"], "templates"), input_encoding="utf-8", default_filters=["escape"], imports=["from webhelpers.html import escape"], ) # sets the c attribute access when don't existing attribute are accessed config["pylons.strict_tmpl_context"] = True test = os.path.split(config["__file__"])[-1] == "test.ini" if test: from rhodecode.lib.utils import create_test_env, create_test_index from rhodecode.tests import TESTS_TMP_PATH create_test_env(TESTS_TMP_PATH, config) create_test_index(TESTS_TMP_PATH, config, True) # MULTIPLE DB configs # Setup the SQLAlchemy database engine sa_engine_db1 = engine_from_config(config, "sqlalchemy.db1.") init_model(sa_engine_db1) repos_path = make_ui("db").configitems("paths")[0][1] repo2db_mapper(ScmModel().repo_scan(repos_path)) set_available_permissions(config) config["base_path"] = repos_path set_rhodecode_config(config) # CONFIGURATION OPTIONS HERE (note: all config options will override # any Pylons config options) # store config reference into our module to skip import magic of # pylons rhodecode.CONFIG.update(config) return config
def _handle_request(self, environ, start_response): if not is_git(environ): return self.application(environ, start_response) if not self._check_ssl(environ, start_response): return HTTPNotAcceptable('SSL REQUIRED !')(environ, start_response) ipaddr = self._get_ip_addr(environ) username = None self._git_first_op = False # skip passing error to error controller environ['pylons.status_code_redirect'] = True #====================================================================== # EXTRACT REPOSITORY NAME FROM ENV #====================================================================== try: repo_name = self.__get_repository(environ) log.debug('Extracted repo name is %s' % repo_name) except: return HTTPInternalServerError()(environ, start_response) # quick check if that dir exists... if is_valid_repo(repo_name, self.basepath, 'git') is False: return HTTPNotFound()(environ, start_response) #====================================================================== # GET ACTION PULL or PUSH #====================================================================== action = self.__get_action(environ) #====================================================================== # CHECK ANONYMOUS PERMISSION #====================================================================== if action in ['pull', 'push']: anonymous_user = self.__get_user('default') username = anonymous_user.username anonymous_perm = self._check_permission(action, anonymous_user, repo_name) if anonymous_perm is not True or anonymous_user.active is False: if anonymous_perm is not True: log.debug('Not enough credentials to access this ' 'repository as anonymous user') if anonymous_user.active is False: log.debug('Anonymous access is disabled, running ' 'authentication') #============================================================== # DEFAULT PERM FAILED OR ANONYMOUS ACCESS IS DISABLED SO WE # NEED TO AUTHENTICATE AND ASK FOR AUTH USER PERMISSIONS #============================================================== # Attempting to retrieve username from the container username = get_container_username(environ, self.config) # If not authenticated by the container, running basic auth if not username: self.authenticate.realm = \ safe_str(self.config['rhodecode_realm']) result = self.authenticate(environ) if isinstance(result, str): AUTH_TYPE.update(environ, 'basic') REMOTE_USER.update(environ, result) username = result else: return result.wsgi_application(environ, start_response) #============================================================== # CHECK PERMISSIONS FOR THIS REQUEST USING GIVEN USERNAME #============================================================== try: user = self.__get_user(username) if user is None or not user.active: return HTTPForbidden()(environ, start_response) username = user.username except: log.error(traceback.format_exc()) return HTTPInternalServerError()(environ, start_response) #check permissions for this repository perm = self._check_permission(action, user, repo_name) if perm is not True: return HTTPForbidden()(environ, start_response) # extras are injected into UI object and later available # in hooks executed by rhodecode from rhodecode import CONFIG extras = { 'ip': ipaddr, 'username': username, 'action': action, 'repository': repo_name, 'scm': 'git', 'config': CONFIG['__file__'], 'make_lock': None, 'locked_by': [None, None] } #=================================================================== # GIT REQUEST HANDLING #=================================================================== repo_path = os.path.join(safe_str(self.basepath), safe_str(repo_name)) log.debug('Repository path is %s' % repo_path) # CHECK LOCKING only if it's not ANONYMOUS USER if username != User.DEFAULT_USER: log.debug('Checking locking on repository') (make_lock, locked, locked_by) = self._check_locking_state( environ=environ, action=action, repo=repo_name, user_id=user.user_id ) # store the make_lock for later evaluation in hooks extras.update({'make_lock': make_lock, 'locked_by': locked_by}) # set the environ variables for this request os.environ['RC_SCM_DATA'] = json.dumps(extras) fix_PATH() log.debug('HOOKS extras is %s' % extras) baseui = make_ui('db') self.__inject_extras(repo_path, baseui, extras) try: # invalidate cache on push if action == 'push': self._invalidate_cache(repo_name) self._handle_githooks(repo_name, action, baseui, environ) log.info('%s action on GIT repo "%s"' % (action, repo_name)) app = self.__make_app(repo_name, repo_path, extras) return app(environ, start_response) except HTTPLockedRC, e: log.debug('Repositry LOCKED ret code 423!') return e(environ, start_response)
def _handle_request(self, environ, start_response): if not is_mercurial(environ): return self.application(environ, start_response) ipaddr = self._get_ip_addr(environ) # skip passing error to error controller environ['pylons.status_code_redirect'] = True #====================================================================== # EXTRACT REPOSITORY NAME FROM ENV #====================================================================== try: repo_name = environ['REPO_NAME'] = self.__get_repository(environ) log.debug('Extracted repo name is %s' % repo_name) except: return HTTPInternalServerError()(environ, start_response) # quick check if that dir exists... if is_valid_repo(repo_name, self.basepath) is False: return HTTPNotFound()(environ, start_response) #====================================================================== # GET ACTION PULL or PUSH #====================================================================== action = self.__get_action(environ) #====================================================================== # CHECK ANONYMOUS PERMISSION #====================================================================== if action in ['pull', 'push']: anonymous_user = self.__get_user('default') username = anonymous_user.username anonymous_perm = self._check_permission(action, anonymous_user, repo_name) if anonymous_perm is not True or anonymous_user.active is False: if anonymous_perm is not True: log.debug('Not enough credentials to access this ' 'repository as anonymous user') if anonymous_user.active is False: log.debug('Anonymous access is disabled, running ' 'authentication') #============================================================== # DEFAULT PERM FAILED OR ANONYMOUS ACCESS IS DISABLED SO WE # NEED TO AUTHENTICATE AND ASK FOR AUTH USER PERMISSIONS #============================================================== # Attempting to retrieve username from the container username = get_container_username(environ, self.config) # If not authenticated by the container, running basic auth if not username: self.authenticate.realm = \ safe_str(self.config['rhodecode_realm']) result = self.authenticate(environ) if isinstance(result, str): AUTH_TYPE.update(environ, 'basic') REMOTE_USER.update(environ, result) username = result else: return result.wsgi_application(environ, start_response) #============================================================== # CHECK PERMISSIONS FOR THIS REQUEST USING GIVEN USERNAME #============================================================== if action in ['pull', 'push']: try: user = self.__get_user(username) if user is None or not user.active: return HTTPForbidden()(environ, start_response) username = user.username except: log.error(traceback.format_exc()) return HTTPInternalServerError()(environ, start_response) #check permissions for this repository perm = self._check_permission(action, user, repo_name) if perm is not True: return HTTPForbidden()(environ, start_response) # extras are injected into mercurial UI object and later available # in hg hooks executed by rhodecode extras = { 'ip': ipaddr, 'username': username, 'action': action, 'repository': repo_name, 'scm': 'hg', } #====================================================================== # MERCURIAL REQUEST HANDLING #====================================================================== repo_path = os.path.join(safe_str(self.basepath), safe_str(repo_name)) log.debug('Repository path is %s' % repo_path) baseui = make_ui('db') self.__inject_extras(repo_path, baseui, extras) try: # invalidate cache on push if action == 'push': self._invalidate_cache(repo_name) log.info('%s action on HG repo "%s"' % (action, repo_name)) app = self.__make_app(repo_path, baseui, extras) return app(environ, start_response) except RepoError, e: if str(e).find('not found') != -1: return HTTPNotFound()(environ, start_response)
def __call__(self, environ, start_response): if not is_mercurial(environ): return self.application(environ, start_response) proxy_key = "HTTP_X_REAL_IP" def_key = "REMOTE_ADDR" ipaddr = environ.get(proxy_key, environ.get(def_key, "0.0.0.0")) # skip passing error to error controller environ["pylons.status_code_redirect"] = True # ====================================================================== # EXTRACT REPOSITORY NAME FROM ENV # ====================================================================== try: repo_name = environ["REPO_NAME"] = self.__get_repository(environ) log.debug("Extracted repo name is %s" % repo_name) except: return HTTPInternalServerError()(environ, start_response) # ====================================================================== # GET ACTION PULL or PUSH # ====================================================================== action = self.__get_action(environ) # ====================================================================== # CHECK ANONYMOUS PERMISSION # ====================================================================== if action in ["pull", "push"]: anonymous_user = self.__get_user("default") username = anonymous_user.username anonymous_perm = self.__check_permission(action, anonymous_user, repo_name) if anonymous_perm is not True or anonymous_user.active is False: if anonymous_perm is not True: log.debug("Not enough credentials to access this " "repository as anonymous user") if anonymous_user.active is False: log.debug("Anonymous access is disabled, running " "authentication") # ============================================================== # DEFAULT PERM FAILED OR ANONYMOUS ACCESS IS DISABLED SO WE # NEED TO AUTHENTICATE AND ASK FOR AUTH USER PERMISSIONS # ============================================================== if not REMOTE_USER(environ): self.authenticate.realm = safe_str(self.config["rhodecode_realm"]) result = self.authenticate(environ) if isinstance(result, str): AUTH_TYPE.update(environ, "basic") REMOTE_USER.update(environ, result) else: return result.wsgi_application(environ, start_response) # ============================================================== # CHECK PERMISSIONS FOR THIS REQUEST USING GIVEN USERNAME FROM # BASIC AUTH # ============================================================== if action in ["pull", "push"]: username = REMOTE_USER(environ) try: user = self.__get_user(username) username = user.username except: log.error(traceback.format_exc()) return HTTPInternalServerError()(environ, start_response) # check permissions for this repository perm = self.__check_permission(action, user, repo_name) if perm is not True: return HTTPForbidden()(environ, start_response) extras = {"ip": ipaddr, "username": username, "action": action, "repository": repo_name} # ====================================================================== # MERCURIAL REQUEST HANDLING # ====================================================================== repo_path = safe_str(os.path.join(self.basepath, repo_name)) log.debug("Repository path is %s" % repo_path) baseui = make_ui("db") self.__inject_extras(repo_path, baseui, extras) # quick check if that dir exists... if is_valid_repo(repo_name, self.basepath) is False: return HTTPNotFound()(environ, start_response) try: # invalidate cache on push if action == "push": self.__invalidate_cache(repo_name) app = self.__make_app(repo_path, baseui, extras) return app(environ, start_response) except RepoError, e: if str(e).find("not found") != -1: return HTTPNotFound()(environ, start_response)
def load_environment(global_conf, app_conf, initial=False): """ Configure the Pylons environment via the ``pylons.config`` object """ config = PylonsConfig() # Pylons paths root = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) paths = dict(root=root, controllers=os.path.join(root, 'controllers'), static_files=os.path.join(root, 'public'), templates=[os.path.join(root, 'templates')]) # Initialize config with the basic options config.init_app(global_conf, app_conf, package='rhodecode', paths=paths) # store some globals into rhodecode rhodecode.CELERY_ON = str2bool(config['app_conf'].get('use_celery')) rhodecode.CELERY_EAGER = str2bool( config['app_conf'].get('celery.always.eager')) config['routes.map'] = make_map(config) config['pylons.app_globals'] = app_globals.Globals(config) config['pylons.h'] = helpers rhodecode.CONFIG = config load_rcextensions(root_path=config['here']) # Setup cache object as early as possible import pylons pylons.cache._push_object(config['pylons.app_globals'].cache) # Create the Mako TemplateLookup, with the default auto-escaping config['pylons.app_globals'].mako_lookup = TemplateLookup( directories=paths['templates'], error_handler=handle_mako_error, module_directory=os.path.join(app_conf['cache_dir'], 'templates'), input_encoding='utf-8', default_filters=['escape'], imports=['from webhelpers.html import escape']) # sets the c attribute access when don't existing attribute are accessed config['pylons.strict_tmpl_context'] = True test = os.path.split(config['__file__'])[-1] == 'test.ini' if test: if os.environ.get('TEST_DB'): # swap config if we pass enviroment variable config['sqlalchemy.db1.url'] = os.environ.get('TEST_DB') from rhodecode.lib.utils import create_test_env, create_test_index from rhodecode.tests import TESTS_TMP_PATH # set RC_NO_TMP_PATH=1 to disable re-creating the database and # test repos if not int(os.environ.get('RC_NO_TMP_PATH', 0)): create_test_env(TESTS_TMP_PATH, config) # set RC_WHOOSH_TEST_DISABLE=1 to disable whoosh index during tests if not int(os.environ.get('RC_WHOOSH_TEST_DISABLE', 0)): create_test_index(TESTS_TMP_PATH, config, True) DbManage.check_waitress() # MULTIPLE DB configs # Setup the SQLAlchemy database engine sa_engine_db1 = engine_from_config(config, 'sqlalchemy.db1.') init_model(sa_engine_db1) set_available_permissions(config) repos_path = make_ui('db').configitems('paths')[0][1] config['base_path'] = repos_path set_rhodecode_config(config) instance_id = rhodecode.CONFIG.get('instance_id') if instance_id == '*': instance_id = '%s-%s' % (os.uname()[1], os.getpid()) rhodecode.CONFIG['instance_id'] = instance_id # CONFIGURATION OPTIONS HERE (note: all config options will override # any Pylons config options) # store config reference into our module to skip import magic of # pylons rhodecode.CONFIG.update(config) set_vcs_config(rhodecode.CONFIG) #check git version check_git_version() if str2bool(config.get('initial_repo_scan', True)): repo2db_mapper(ScmModel().repo_scan(repos_path), remove_obsolete=False, install_git_hook=False) return config
def load_environment(global_conf, app_conf, initial=False): """ Configure the Pylons environment via the ``pylons.config`` object """ config = PylonsConfig() # Pylons paths root = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) paths = dict( root=root, controllers=os.path.join(root, 'controllers'), static_files=os.path.join(root, 'public'), templates=[os.path.join(root, 'templates')] ) # Initialize config with the basic options config.init_app(global_conf, app_conf, package='rhodecode', paths=paths) # store some globals into rhodecode rhodecode.CELERY_ON = str2bool(config['app_conf'].get('use_celery')) rhodecode.CELERY_EAGER = str2bool(config['app_conf'].get('celery.always.eager')) config['routes.map'] = make_map(config) config['pylons.app_globals'] = app_globals.Globals(config) config['pylons.h'] = helpers rhodecode.CONFIG = config load_rcextensions(root_path=config['here']) # Setup cache object as early as possible import pylons pylons.cache._push_object(config['pylons.app_globals'].cache) # Create the Mako TemplateLookup, with the default auto-escaping config['pylons.app_globals'].mako_lookup = TemplateLookup( directories=paths['templates'], error_handler=handle_mako_error, module_directory=os.path.join(app_conf['cache_dir'], 'templates'), input_encoding='utf-8', default_filters=['escape'], imports=['from webhelpers.html import escape']) # sets the c attribute access when don't existing attribute are accessed config['pylons.strict_tmpl_context'] = True test = os.path.split(config['__file__'])[-1] == 'test.ini' if test: if os.environ.get('TEST_DB'): # swap config if we pass enviroment variable config['sqlalchemy.db1.url'] = os.environ.get('TEST_DB') from rhodecode.lib.utils import create_test_env, create_test_index from rhodecode.tests import TESTS_TMP_PATH # set RC_NO_TMP_PATH=1 to disable re-creating the database and # test repos if not int(os.environ.get('RC_NO_TMP_PATH', 0)): create_test_env(TESTS_TMP_PATH, config) # set RC_WHOOSH_TEST_DISABLE=1 to disable whoosh index during tests if not int(os.environ.get('RC_WHOOSH_TEST_DISABLE', 0)): create_test_index(TESTS_TMP_PATH, config, True) #check git version check_git_version() DbManage.check_waitress() # MULTIPLE DB configs # Setup the SQLAlchemy database engine sa_engine_db1 = engine_from_config(config, 'sqlalchemy.db1.') init_model(sa_engine_db1) repos_path = make_ui('db').configitems('paths')[0][1] repo2db_mapper(ScmModel().repo_scan(repos_path), remove_obsolete=False, install_git_hook=False) set_available_permissions(config) config['base_path'] = repos_path set_rhodecode_config(config) instance_id = rhodecode.CONFIG.get('instance_id') if instance_id == '*': instance_id = '%s-%s' % (os.uname()[1], os.getpid()) rhodecode.CONFIG['instance_id'] = instance_id # CONFIGURATION OPTIONS HERE (note: all config options will override # any Pylons config options) # store config reference into our module to skip import magic of # pylons rhodecode.CONFIG.update(config) return config
def _handle_request(self, environ, start_response): if not is_git(environ): return self.application(environ, start_response) ipaddr = self._get_ip_addr(environ) username = None self._git_first_op = False # skip passing error to error controller environ['pylons.status_code_redirect'] = True #====================================================================== # EXTRACT REPOSITORY NAME FROM ENV #====================================================================== try: repo_name = self.__get_repository(environ) log.debug('Extracted repo name is %s' % repo_name) except: return HTTPInternalServerError()(environ, start_response) # quick check if that dir exists... if is_valid_repo(repo_name, self.basepath) is False: return HTTPNotFound()(environ, start_response) #====================================================================== # GET ACTION PULL or PUSH #====================================================================== action = self.__get_action(environ) #====================================================================== # CHECK ANONYMOUS PERMISSION #====================================================================== if action in ['pull', 'push']: anonymous_user = self.__get_user('default') username = anonymous_user.username anonymous_perm = self._check_permission(action, anonymous_user, repo_name) if anonymous_perm is not True or anonymous_user.active is False: if anonymous_perm is not True: log.debug('Not enough credentials to access this ' 'repository as anonymous user') if anonymous_user.active is False: log.debug('Anonymous access is disabled, running ' 'authentication') #============================================================== # DEFAULT PERM FAILED OR ANONYMOUS ACCESS IS DISABLED SO WE # NEED TO AUTHENTICATE AND ASK FOR AUTH USER PERMISSIONS #============================================================== # Attempting to retrieve username from the container username = get_container_username(environ, self.config) # If not authenticated by the container, running basic auth if not username: self.authenticate.realm = \ safe_str(self.config['rhodecode_realm']) result = self.authenticate(environ) if isinstance(result, str): AUTH_TYPE.update(environ, 'basic') REMOTE_USER.update(environ, result) username = result else: return result.wsgi_application(environ, start_response) #============================================================== # CHECK PERMISSIONS FOR THIS REQUEST USING GIVEN USERNAME #============================================================== if action in ['pull', 'push']: try: user = self.__get_user(username) if user is None or not user.active: return HTTPForbidden()(environ, start_response) username = user.username except: log.error(traceback.format_exc()) return HTTPInternalServerError()(environ, start_response) #check permissions for this repository perm = self._check_permission(action, user, repo_name) if perm is not True: return HTTPForbidden()(environ, start_response) extras = { 'ip': ipaddr, 'username': username, 'action': action, 'repository': repo_name, 'scm': 'git', } #=================================================================== # GIT REQUEST HANDLING #=================================================================== repo_path = os.path.join(safe_str(self.basepath), safe_str(repo_name)) log.debug('Repository path is %s' % repo_path) baseui = make_ui('db') self.__inject_extras(repo_path, baseui, extras) try: # invalidate cache on push if action == 'push': self._invalidate_cache(repo_name) self._handle_githooks(repo_name, action, baseui, environ) log.info('%s action on GIT repo "%s"' % (action, repo_name)) app = self.__make_app(repo_name, repo_path) return app(environ, start_response) except Exception: log.error(traceback.format_exc()) return HTTPInternalServerError()(environ, start_response)