def save(self):
usr = Users.load(self.request.POST.get('user_id'))
if not usr:
usr = Users()
if 'enterprise_id' not in self.request.POST:
usr.enterprise_id = self.enterprise_id
if not usr.priv:
usr.priv = UserPriv()
usr.priv.bind(self.request.POST, True, 'pv')
usr.priv.save()
usr.priv.flush()
orig_pass = usr.password
bogus_pass = ''.join(['-' for _ in range(usr.password_len)]) if usr.password_len else '-'
usr.bind(self.request.POST)
if usr.password != bogus_pass:
usr.password_len = len(usr.password)
usr.password = Users.encode_password(usr.password)
else:
usr.password = orig_pass
usr.save()
usr.flush()
usr.invalidate_self()
self.request.session.flash('Saved user %s' % usr.user_id)
return HTTPFound('/crm/users/edit/%s' % usr.user_id)
