repogroups: fix private repo recursion check The purpose of this check is to ensure that we don't recursively assign "default" user perms for a repo with the "private" flag set (because in that case, the "default" user perms should always be "no access"). (The check, and this fix, is of course only applicable to Kallithea instances that have anonymous access enabled to begin with.) However, the check was only functional if the user was specified as a username. This is apparently always the case when Kallithea is running, but was not e.g. the case in the test suite, which consistently passed a user ID instead of a username. This commit ensures that the user is always resolved before the check is made. There's no significant overhead to this, as the code immediately calls RepoModel().grant_user_permission, which resolved the user anyway. This change just moves the database lookup a bit earlier. Fixing this revealed the matching test case to be broken, so it has been fixed as well. Down the road, we should eliminate Kallithea's bizarre practice of passing around usernames and user IDs, in favor of passing actual User objects. That'll get rid of mistakes like these, as well as repeated needless database lookups.

# requirements.txt file for use as "pip install -r requirements.txt" as a
# readthedocs compatible alternative to "pip install -e ." which is a working
# alternative to "setup.py develop" which doesn't work with Mercurial 3.7
.