def _save_user_prefs(self):
_ = self._
form = self.request.form
request = self.request
if request.request_method != 'POST':
return
if not 'name' in request.user.auth_attribs:
# Require non-empty name
new_name = form.get('name', [request.user.name])[0]
# Don't allow changing the name to an invalid one
if not user.isValidName(request, new_name):
return 'error', _("""Invalid user name {{{'%s'}}}.
Name may contain any Unicode alpha numeric character, with optional one
space between words. Group page name is not allowed.""", wiki=True) % wikiutil.escape(new_name)
# Is this an existing user trying to change information or a new user?
# Name required to be unique. Check if name belong to another user.
existing_id = user.getUserId(request, new_name)
if existing_id is not None and existing_id != request.user.id:
return 'error', _("This user name already belongs to somebody else.")
if not new_name:
return 'error', _("Empty user name. Please enter a user name.")
# done sanity checking the name, set it
request.user.name = new_name
if not 'email' in request.user.auth_attribs:
# try to get the email
new_email = wikiutil.clean_input(form.get('email', [request.user.email])[0])
new_email = new_email.strip()
# Require email
if not new_email and 'email' not in request.cfg.user_form_remove:
return 'error', _("Please provide your email address. If you lose your"
" login information, you can get it by email.")
# Email should be unique - see also MoinMoin/script/accounts/moin_usercheck.py
if new_email and request.cfg.user_email_unique:
other = user.get_by_email_address(request, new_email)
if other is not None and other.id != request.user.id:
return 'error', _("This email already belongs to somebody else.")
# done checking the email, set it
request.user.email = new_email
if not 'jid' in request.user.auth_attribs:
# try to get the jid
new_jid = wikiutil.clean_input(form.get('jid', [''])[0]).strip()
jid_changed = request.user.jid != new_jid
previous_jid = request.user.jid
if new_jid and request.cfg.user_jid_unique:
other = user.get_by_jabber_id(request, new_jid)
if other is not None and other.id != request.user.id:
return 'error', _("This jabber id already belongs to somebody else.")
if jid_changed:
set_event = events.JabberIDSetEvent(request, new_jid)
unset_event = events.JabberIDUnsetEvent(request, previous_jid)
events.send_event(unset_event)
events.send_event(set_event)
# done checking the JID, set it
request.user.jid = new_jid
if not 'aliasname' in request.user.auth_attribs:
# aliasname
request.user.aliasname = wikiutil.clean_input(form.get('aliasname', [''])[0])
# editor size
request.user.edit_rows = util.web.getIntegerInput(request, 'edit_rows',
request.user.edit_rows, 10, 60)
# try to get the editor
request.user.editor_default = form.get('editor_default', [self.cfg.editor_default])[0]
request.user.editor_ui = form.get('editor_ui', [self.cfg.editor_ui])[0]
# time zone
request.user.tz_offset = util.web.getIntegerInput(request, 'tz_offset',
request.user.tz_offset, -84600, 84600)
# datetime format
try:
dt_d_combined = Settings._date_formats.get(form['datetime_fmt'][0], '')
request.user.datetime_fmt, request.user.date_fmt = dt_d_combined.split(' & ')
except (KeyError, ValueError):
request.user.datetime_fmt = '' # default
request.user.date_fmt = '' # default
# try to get the (optional) theme
theme_name = form.get('theme_name', [self.cfg.theme_default])[0]
if theme_name != request.user.theme_name:
# if the theme has changed, load the new theme
# so the user has a direct feedback
# WARNING: this should be refactored (i.e. theme load
# after userform handling), cause currently the
# already loaded theme is just replaced (works cause
# nothing has been emitted yet)
request.user.theme_name = theme_name
if request.loadTheme(theme_name) > 0:
theme_name = wikiutil.escape(theme_name)
return 'error', _("The theme '%(theme_name)s' could not be loaded!") % locals()
# try to get the (optional) preferred language
request.user.language = form.get('language', [''])[0]
if request.user.language == u'': # For language-statistics
from MoinMoin import i18n
request.user.real_language = i18n.get_browser_language(request)
else:
request.user.real_language = ''
# I want to handle all inputs from user_form_fields, but
# don't want to handle the cases that have already been coded
# above.
# This is a horribly fragile kludge that's begging to break.
# Something that might work better would be to define a
# handler for each form field, instead of stuffing them all in
# one long and inextensible method. That would allow for
# plugins to provide methods to validate their fields as well.
already_handled = ['name', 'email',
'aliasname', 'edit_rows', 'editor_default',
'editor_ui', 'tz_offset', 'datetime_fmt',
'theme_name', 'language', 'real_language', 'jid']
for field in self.cfg.user_form_fields:
key = field[0]
if ((key in self.cfg.user_form_disable)
or (key in already_handled)):
continue
default = self.cfg.user_form_defaults[key]
value = form.get(key, [default])[0]
setattr(request.user, key, value)
# checkbox options
for key, label in self.cfg.user_checkbox_fields:
if key not in self.cfg.user_checkbox_disable and key not in self.cfg.user_checkbox_remove:
value = form.get(key, ["0"])[0]
try:
value = int(value)
except ValueError:
pass
else:
setattr(request.user, key, value)
# quicklinks for navibar
request.user.quicklinks = self._decode_pagelist('quicklinks')
# save data
request.user.save()
if request.user.disabled:
# set valid to false so the current request won't
# show the user as logged-in any more
request.user.valid = False
result = _("User preferences saved!")
if _debug:
result = result + util.dumpFormData(form)
return result
if not theuser.email and 'email' not in request.cfg.user_form_remove:
return _("Please provide your email address. If you lose your"
" login information, you can get it by email.")
# Email should be unique - see also MoinMoin/script/accounts/moin_usercheck.py
if theuser.email and request.cfg.user_email_unique:
if user.get_by_email_address(request, theuser.email):
return _("This email already belongs to somebody else.")
# save data
theuser.save()
result = _(
"User account created! You can use this account to login now...")
if _debug:
result = result + util.dumpFormData(form)
return result
def _create_form(request):
_ = request.getText
url = request.page.url(request)
ret = html.FORM(action=url)
ret.append(
html.INPUT(type='hidden', name='action', value='CreateNewAccount'))
lang_attr = request.theme.ui_lang_attr()
ret.append(html.Raw('<div class="userpref"%s>' % lang_attr))
tbl = html.TABLE(border="0")
ret.append(tbl)
ret.append(html.Raw('</div>'))
def execute(pagename, request):
""" dump the form data we received in this request for debugging """
data = util.dumpFormData(request.form)
request.emit_http_headers()
request.write("<html><body>%s</body></html>" % data)
def do_dumpform(pagename, request):
data = util.dumpFormData(request.form)
request.http_headers()
request.write("<html><body>%s</body></html>" % data)
raise MoinMoinNoFooter
def handleData(self):
_ = self._
form = self.request.form
if form.has_key('logout'):
# clear the cookie in the browser and locally. Does not
# check if we have a valid user logged, just make sure we
# don't have one after this call.
self.request.deleteCookie()
return _("Cookie deleted. You are now logged out.")
if form.has_key('login_sendmail'):
if not self.cfg.mail_smarthost:
return _("""This wiki is not enabled for mail processing.
Contact the owner of the wiki, who can enable email.""")
try:
email = form['email'][0].lower()
except KeyError:
return _("Please provide a valid email address!")
text = ''
users = user.getUserList(self.request)
for uid in users:
theuser = user.User(self.request, uid)
if theuser.valid and theuser.email.lower() == email:
text = "%s\n\nID: %s\nName: %s\nPassword: %s\nLogin URL: %s/?action=userform&uid=%s" % (
text, theuser.id, theuser.name, theuser.enc_password, self.request.getBaseURL(), theuser.id)
if not text:
return _("Found no account matching the given email address '%(email)s'!") % {'email': wikiutil.escape(email)}
mailok, msg = util.mail.sendmail(self.request, [email],
'Your wiki account data', text, mail_from=self.cfg.mail_from)
return wikiutil.escape(msg)
if form.has_key('login'):
# Trying to login with a user name and a password
# Require valid user name
name = form.get('username', [''])[0]
if not user.isValidName(self.request, name):
return _("""Invalid user name {{{'%s'}}}.
Name may contain any Unicode alpha numeric character, with optional one
space between words. Group page name is not allowed.""") % wikiutil.escape(name)
# Check that user exists
if not user.getUserId(self.request, name):
return _('Unknown user name: {{{"%s"}}}. Please enter'
' user name and password.') % name
# Require password
password = form.get('password',[None])[0]
if not password:
return _("Missing password. Please enter user name and"
" password.")
# Load the user data and check for validness
theuser = user.User(self.request, name=name, password=password)
if not theuser.valid:
return _("Sorry, wrong password.")
# Save the user and send a cookie
self.request.user = theuser
self.request.setCookie()
elif form.has_key('uid'):
# Trying to login with the login URL, soon to be removed!
try:
uid = form['uid'][0]
except KeyError:
return _("Bad relogin URL.")
# Load the user data and check for validness
theuser = user.User(self.request, uid)
if not theuser.valid:
return _("Unknown user.")
# Save the user and send a cookie
self.request.user = theuser
self.request.setCookie()
else:
# Save user profile
theuser = user.User(self.request)
# Require non-empty name
try:
theuser.name = form['username'][0]
except KeyError:
return _("Empty user name. Please enter a user name.")
# Don't allow users with invalid names
if not user.isValidName(self.request, theuser.name):
return _("""Invalid user name {{{'%s'}}}.
Name may contain any Unicode alpha numeric character, with optional one
space between words. Group page name is not allowed.""") % wikiutil.escape(theuser.name)
# Is this an existing user trying to change information or a new user?
# Name required to be unique. Check if name belong to another user.
newuser = 1
if user.getUserId(self.request, theuser.name):
if theuser.name != self.request.user.name:
return _("This user name already belongs to somebody else.")
else:
newuser = 0
# try to get the password and pw repeat
password = form.get('password', [''])[0]
password2 = form.get('password2',[''])[0]
# Check if password is given and matches with password repeat
if password != password2:
return _("Passwords don't match!")
if not password and newuser:
return _("Please specify a password!")
# Encode password
if password and not password.startswith('{SHA}'):
try:
theuser.enc_password = user.encodePassword(password)
except UnicodeError, err:
# Should never happen
return "Can't encode password: %s" % str(err)
# try to get the (optional) email
email = form.get('email', [''])[0]
theuser.email = email.strip()
# Require email if acl is enabled
if not theuser.email and self.cfg.acl_enabled:
return _("Please provide your email address. If you loose your"
" login information, you can get it by email.")
# Email required to be unique
# See also MoinMoin/scripts/moin_usercheck.py
if theuser.email:
users = user.getUserList(self.request)
for uid in users:
if uid == theuser.id:
continue
thisuser = user.User(self.request, uid)
if thisuser.email == theuser.email:
return _("This email already belongs to somebody else.")
# editor size
theuser.edit_rows = util.web.getIntegerInput(self.request, 'edit_rows', theuser.edit_rows, 10, 60)
# time zone
theuser.tz_offset = util.web.getIntegerInput(self.request, 'tz_offset', theuser.tz_offset, -84600, 84600)
# datetime format
try:
dt_d_combined = UserSettings._date_formats.get(form['datetime_fmt'][0], '')
theuser.datetime_fmt, theuser.date_fmt = dt_d_combined.split(' & ')
except (KeyError, ValueError):
pass
# try to get the (optional) theme
theme_name = form.get('theme_name', [self.cfg.theme_default])[0]
if theme_name != theuser.theme_name:
# if the theme has changed, load the new theme
# so the user has a direct feedback
# WARNING: this should be refactored (i.e. theme load
# after userform handling), cause currently the
# already loaded theme is just replaced (works cause
# nothing has been emitted yet)
theuser.theme_name = theme_name
if self.request.loadTheme(theuser.theme_name) > 0:
theme_name = wikiutil.escape(theme_name)
return _("The theme '%(theme_name)s' could not be loaded!") % locals()
# User CSS URL
theuser.css_url = form.get('css_url', [''])[0]
# try to get the (optional) preferred language
theuser.language = form.get('language', [''])[0]
# checkbox options
if not newuser:
for key, label in user.User._checkbox_fields:
value = form.get(key, ["0"])[0]
try:
value = int(value)
except ValueError:
pass
else:
setattr(theuser, key, value)
# quicklinks for navibar
theuser.quicklinks = self.decodePageList('quicklinks')
# subscription for page change notification
theuser.subscribed_pages = self.decodePageList('subscribed_pages')
# save data and send cookie
theuser.save()
self.request.user = theuser
self.request.setCookie()
result = _("User preferences saved!")
if _debug:
result = result + util.dumpFormData(form)
return result
theuser.email = email.strip()
if not theuser.email and 'email' not in request.cfg.user_form_remove:
return _("Please provide your email address. If you lose your"
" login information, you can get it by email.")
# Email should be unique - see also MoinMoin/script/accounts/moin_usercheck.py
if theuser.email and request.cfg.user_email_unique:
if user.get_by_email_address(request, theuser.email):
return _("This email already belongs to somebody else.")
# save data
theuser.save()
result = _("User account created! You can use this account to login now...")
if _debug:
result = result + util.dumpFormData(form)
return result
def _create_form(request):
_ = request.getText
url = request.page.url(request)
ret = html.FORM(action=url)
ret.append(html.INPUT(type='hidden', name='action', value='newaccount'))
lang_attr = request.theme.ui_lang_attr()
ret.append(html.Raw('<div class="userpref"%s>' % lang_attr))
tbl = html.TABLE(border="0")
ret.append(tbl)
ret.append(html.Raw('</div>'))
row = html.TR()