def mainloop(self): # we don't expect non-option arguments if len(self.args) != 0: self.parser.error("incorrect number of arguments") flags_given = self.options.uname and self.options.email if not flags_given: self.parser.print_help() import sys sys.exit(1) self.init_request() request = self.request from MoinMoin import user if user.User(request, name=self.options.uname).exists(): print 'This username "%s" exists already!' % self.options.uname return # Email should be unique - see also MoinMoin.action.newaccount if self.options.email and request.cfg.user_email_unique: if user.get_by_email_address(request, self.options.email): print 'This emailaddress "%s" belongs to someone else!' % self.options.email return u = user.User(request, None, self.options.uname, password=self.options.password) u.email = self.options.email u.aliasname = self.options.ualiasname or '' print " %-20s %-25s %-35s" % (u.id, u.name, u.email), u.save() print "- created."
def _do_recover(request): _ = request.getText form = request.form if not request.cfg.mail_enabled: return _("""This wiki is not enabled for mail processing. Contact the owner of the wiki, who can enable email.""") try: email = wikiutil.clean_input(form['email'].lower()) if not email: # continue if email not given raise KeyError u = user.get_by_email_address(request, email) return _do_email(request, u) except KeyError: pass try: username = wikiutil.clean_input(form['name']) if not username: # continue if name not given raise KeyError u = user.User(request, user.getUserId(request, username)) return _do_email(request, u) except KeyError: pass # neither succeeded, give error message return _("Please provide a valid email address or a username!")
def _invite(request, page_url, email, new_template, old_template, **custom_vars): mail_from = request.user.email if "@" not in mail_from: mail_from += "@" + request.cfg.invite_sender_default_domain variables = dict(custom_vars) variables.update( PAGEURL=page_url, ADMINEMAIL=request.cfg.mail_from, INVITERUSER=request.user.name, INVITEREMAIL=mail_from, SERVERURL=request.host_url, ) old_user = user.get_by_email_address(request, email) if old_user: variables.update(INVITEDUSER=old_user.name, INVITEDEMAIL=old_user.email) if not old_template: old_template = getattr(request.cfg, OLD_TEMPLATE_VARIABLE, OLD_TEMPLATE_DEFAULT) template = load_template(request, old_template) send_message(request, prepare_message(template, variables)) return old_user force_lower = getattr(request.cfg, "username_force_lowercase", False) if force_lower: email = email.lower() if not user.isValidName(request, email): exception_msg = "'{0}' is not a valid username.".format(email) if force_lower: exception_msg += " (email address was converted to lowercase)" raise InviteException(exception_msg) password = generate_password() new_user = user.User(request, None, email, password) new_user.email = email new_user.aliasname = "" new_user.password = password variables.update(INVITEDUSER=new_user.name, INVITEDEMAIL=new_user.email, INVITEDPASSWORD=password) if not new_template: new_template = getattr(request.cfg, NEW_TEMPLATE_VARIABLE, NEW_TEMPLATE_DEFAULT) template = load_template(request, new_template) send_message(request, prepare_message(template, variables), lambda x: x.lower() == email.lower()) variables.update(INVITEDPASSWORD="******") send_message(request, prepare_message(template, variables), lambda x: x.lower() != email.lower()) new_user.save() logging.info( "New user %s added to wiki %s (invited by %s)" % (new_user.name, request.cfg.interwikiname, request.user.name) ) return new_user
def email_to_markup(request, email): """ transform the (realname, mailaddr) tuple we get in email argument to some string usable as wiki markup, that represents that person (either HomePage link for a wiki user, or just the realname of the person). """ realname, mailaddr = email u = user.get_by_email_address(request, mailaddr) if u: markup = u.wikiHomeLink() else: markup = realname or mailaddr return markup
def import_mail_from_message(request, message): """ Reads a message generated by the email package and imports it to the wiki. """ _ = request.getText msg = process_message(message) wiki_addrs = request.cfg.mail_import_wiki_addrs request.user = user.get_by_email_address(request, msg['from_addr'][1]) if not request.user: raise ProcessingError("No suitable user found for mail address %r" % (msg['from_addr'][1], )) d = get_pagename_content(request, msg) pagename = d['pagename'] generate_summary = d['generate_summary'] comment = u"Mail: '%s'" % (msg['subject'], ) page = PageEditor(request, pagename, do_editor_backup=0) if not request.user.may.save(page, "", 0): raise ProcessingError("Access denied for page %r" % pagename) attachments = [] for att in msg['attachments']: i = 0 while i < 1000: # do not create a gazillion attachments if something # strange happens, give up after 1000. if i == 0: fname = att.filename else: components = att.filename.split(".") new_suffix = "-" + str(i) # add the counter before the file extension if len(components) > 1: fname = u"%s%s.%s" % (u".".join( components[:-1]), new_suffix, components[-1]) else: fname = att.filename + new_suffix try: # att.data can be None for forwarded message content - we can # just ignore it, the forwarded message's text will be present # nevertheless if att.data is not None: # get the fname again, it might have changed fname, fsize = add_attachment(request, pagename, fname, att.data) attachments.append(fname) break except AttachmentAlreadyExists: i += 1 # build an attachment link table for the page with the e-mail # use relative attachment link markup here, so the page can be easily # renamed and the links don't break attachment_links = [""] + [ u'''[[attachment:%s|%s]]''' % (att, att) for att in attachments ] # assemble old page content and new mail body together old_content = Page(request, pagename).get_raw_body() if old_content: new_content = u"%s\n-----\n" % old_content else: new_content = '' #if not (generate_summary and "/" in pagename): #generate header in any case: new_content += u"'''Mail: %s (%s, <<DateTime(%s)>>)'''\n\n" % ( msg['subject'], email_to_markup(request, msg['from_addr']), msg['date']) new_content += d['content'] new_content += "\n" + u"\n * ".join(attachment_links) try: page.saveText(new_content, 0, comment=comment) except page.AccessDenied: raise ProcessingError("Access denied for page %r" % pagename) if generate_summary and "/" in pagename: splitted = pagename.split("/") parent_page = u"/".join(splitted[:-1]) child_page = splitted[-1] # here, use relative links also, but we need to include the child_page # name in the relative link as the markup gets put onto the parent_page attachment_links = [ u'''[[attachment:%s|%s]]''' % ("/%s/%s" % (child_page, att), att) for att in attachments ] old_content = Page(request, parent_page).get_raw_body().splitlines() found_table = None table_ends = None for lineno, line in enumerate(old_content): if line.startswith("## mail_overview") and old_content[ lineno + 1].startswith("||"): found_table = lineno elif found_table is not None and line.startswith("||"): table_ends = lineno + 1 elif table_ends is not None and not line.startswith("||"): break # in order to let the gettext system recognise the <<GetText>> calls used below, # we must repeat them here: [_("Date"), _("From"), _("To"), _("Content"), _("Attachments")] table_header = ( u"\n\n## mail_overview (don't delete this line)\n" + u"|| '''<<GetText(Date)>> ''' || '''<<GetText(From)>> ''' || '''<<GetText(To)>> ''' || '''<<GetText(Content)>> ''' || '''<<GetText(Attachments)>> ''' ||\n" ) from_col = email_to_markup(request, msg['from_addr']) to_col = ' '.join([ email_to_markup(request, (realname, mailaddr)) for realname, mailaddr in msg['target_addrs'] if not mailaddr in wiki_addrs ]) subj_col = '[[%s|%s]]' % (pagename, msg['subject']) date_col = msg['date'] attach_col = " ".join(attachment_links) new_line = u'|| <<DateTime(%s)>> || %s || %s || %s || %s ||' % ( date_col, from_col, to_col, subj_col, attach_col) if found_table is not None: content = "\n".join(old_content[:table_ends] + [new_line] + old_content[table_ends:]) else: content = "\n".join(old_content) + table_header + new_line page = PageEditor(request, parent_page, do_editor_backup=0) page.saveText(content, 0, comment=comment)
def import_mail_from_message(request, message): """ Reads a message generated by the email package and imports it to the wiki. """ _ = request.getText msg = process_message(message) wiki_addrs = request.cfg.mail_import_wiki_addrs request.user = user.get_by_email_address(request, msg['from_addr'][1]) if not request.user: raise ProcessingError("No suitable user found for mail address %r" % (msg['from_addr'][1], )) d = get_pagename_content(request, msg) pagename = d['pagename'] generate_summary = d['generate_summary'] comment = u"Mail: '%s'" % (msg['subject'], ) page = PageEditor(request, pagename, do_editor_backup=0) if not request.user.may.save(page, "", 0): raise ProcessingError("Access denied for page %r" % pagename) attachments = [] for att in msg['attachments']: i = 0 while i < 1000: # do not create a gazillion attachments if something # strange happens, give up after 1000. if i == 0: fname = att.filename else: components = att.filename.split(".") new_suffix = "-" + str(i) # add the counter before the file extension if len(components) > 1: fname = u"%s%s.%s" % (u".".join(components[:-1]), new_suffix, components[-1]) else: fname = att.filename + new_suffix try: # att.data can be None for forwarded message content - we can # just ignore it, the forwarded message's text will be present # nevertheless if att.data is not None: # get the fname again, it might have changed fname, fsize = add_attachment(request, pagename, fname, att.data) attachments.append(fname) break except AttachmentAlreadyExists: i += 1 # build an attachment link table for the page with the e-mail attachment_links = [""] + [u'''[[attachment:%s|%s]]''' % ("%s/%s" % (pagename, att), att) for att in attachments] # assemble old page content and new mail body together old_content = Page(request, pagename).get_raw_body() if old_content: new_content = u"%s\n-----\n" % old_content else: new_content = '' #if not (generate_summary and "/" in pagename): #generate header in any case: new_content += u"'''Mail: %s (%s, <<DateTime(%s)>>)'''\n\n" % (msg['subject'], email_to_markup(request, msg['from_addr']), msg['date']) new_content += d['content'] new_content += "\n" + u"\n * ".join(attachment_links) try: page.saveText(new_content, 0, comment=comment) except page.AccessDenied: raise ProcessingError("Access denied for page %r" % pagename) if generate_summary and "/" in pagename: parent_page = u"/".join(pagename.split("/")[:-1]) old_content = Page(request, parent_page).get_raw_body().splitlines() found_table = None table_ends = None for lineno, line in enumerate(old_content): if line.startswith("## mail_overview") and old_content[lineno+1].startswith("||"): found_table = lineno elif found_table is not None and line.startswith("||"): table_ends = lineno + 1 elif table_ends is not None and not line.startswith("||"): break # in order to let the gettext system recognise the <<GetText>> calls used below, # we must repeat them here: [_("Date"), _("From"), _("To"), _("Content"), _("Attachments")] table_header = (u"\n\n## mail_overview (don't delete this line)\n" + u"|| '''<<GetText(Date)>> ''' || '''<<GetText(From)>> ''' || '''<<GetText(To)>> ''' || '''<<GetText(Content)>> ''' || '''<<GetText(Attachments)>> ''' ||\n" ) from_col = email_to_markup(request, msg['from_addr']) to_col = ' '.join([email_to_markup(request, (realname, mailaddr)) for realname, mailaddr in msg['target_addrs'] if not mailaddr in wiki_addrs]) subj_col = '[[%s|%s]]' % (pagename, msg['subject']) date_col = msg['date'] attach_col = " ".join(attachment_links) new_line = u'|| <<DateTime(%s)>> || %s || %s || %s || %s ||' % (date_col, from_col, to_col, subj_col, attach_col) if found_table is not None: content = "\n".join(old_content[:table_ends] + [new_line] + old_content[table_ends:]) else: content = "\n".join(old_content) + table_header + new_line page = PageEditor(request, parent_page, do_editor_backup=0) page.saveText(content, 0, comment=comment)
try: theuser.enc_password = user.encodePassword(request.cfg, password) except UnicodeError, err: # Should never happen return "Can't encode password: %s" % wikiutil.escape(str(err)) # try to get the email, for new users it is required email = wikiutil.clean_input(form.get('email', '')) theuser.email = email.strip() if not theuser.email and 'email' not in request.cfg.user_form_remove: return _("Please provide your email address. If you lose your" " login information, you can get it by email.") # Email should be unique - see also MoinMoin/script/accounts/moin_usercheck.py if theuser.email and request.cfg.user_email_unique: if user.get_by_email_address(request, theuser.email): return _("This email already belongs to somebody else.") # save data theuser.save() result = _("User account created! You can use this account to login now...") return result def _create_form(request): _ = request.getText url = request.page.url(request) ret = html.FORM(action=url) ret.append(html.INPUT(type='hidden', name='action', value='newaccount'))
def _invite(request, page_url, email, new_template, old_template, **custom_vars): mail_from = request.user.email if "@" not in mail_from: mail_from += "@" + request.cfg.invite_sender_default_domain variables = dict(custom_vars) variables.update(PAGEURL=page_url, ADMINEMAIL=request.cfg.mail_from, INVITERUSER=request.user.name, INVITEREMAIL=mail_from, SERVERURL=request.host_url) old_user = user.get_by_email_address(request, email) if old_user: variables.update(INVITEDUSER=old_user.name, INVITEDEMAIL=old_user.email) if not old_template: old_template = getattr(request.cfg, OLD_TEMPLATE_VARIABLE, OLD_TEMPLATE_DEFAULT) template = load_template(request, old_template) send_message(request, prepare_message(template, variables)) return old_user force_lower = getattr(request.cfg, "username_force_lowercase", False) if force_lower: email = email.lower() if not user.isValidName(request, email): exception_msg = "'{0}' is not a valid username.".format(email) if force_lower: exception_msg += ' (email address was converted to lowercase)' raise InviteException(exception_msg) password = generate_password() new_user = user.User(request, None, email, password) new_user.email = email new_user.aliasname = "" new_user.password = password variables.update(INVITEDUSER=new_user.name, INVITEDEMAIL=new_user.email, INVITEDPASSWORD=password) if not new_template: new_template = getattr(request.cfg, NEW_TEMPLATE_VARIABLE, NEW_TEMPLATE_DEFAULT) template = load_template(request, new_template) send_message(request, prepare_message(template, variables), lambda x: x.lower() == email.lower()) variables.update(INVITEDPASSWORD="******") send_message(request, prepare_message(template, variables), lambda x: x.lower() != email.lower()) new_user.save() logging.info("New user %s added to wiki %s (invited by %s)" % (new_user.name, request.cfg.interwikiname, request.user.name)) return new_user
def _save_user_prefs(self): _ = self._ form = self.request.form request = self.request if request.request_method != 'POST': return if not 'name' in request.user.auth_attribs: # Require non-empty name new_name = form.get('name', [request.user.name])[0] # Don't allow changing the name to an invalid one if not user.isValidName(request, new_name): return 'error', _("""Invalid user name {{{'%s'}}}. Name may contain any Unicode alpha numeric character, with optional one space between words. Group page name is not allowed.""", wiki=True) % wikiutil.escape(new_name) # Is this an existing user trying to change information or a new user? # Name required to be unique. Check if name belong to another user. existing_id = user.getUserId(request, new_name) if existing_id is not None and existing_id != request.user.id: return 'error', _("This user name already belongs to somebody else.") if not new_name: return 'error', _("Empty user name. Please enter a user name.") # done sanity checking the name, set it request.user.name = new_name if not 'email' in request.user.auth_attribs: # try to get the email new_email = wikiutil.clean_input(form.get('email', [request.user.email])[0]) new_email = new_email.strip() # Require email if not new_email and 'email' not in request.cfg.user_form_remove: return 'error', _("Please provide your email address. If you lose your" " login information, you can get it by email.") # Email should be unique - see also MoinMoin/script/accounts/moin_usercheck.py if new_email and request.cfg.user_email_unique: other = user.get_by_email_address(request, new_email) if other is not None and other.id != request.user.id: return 'error', _("This email already belongs to somebody else.") # done checking the email, set it request.user.email = new_email if not 'jid' in request.user.auth_attribs: # try to get the jid new_jid = wikiutil.clean_input(form.get('jid', [''])[0]).strip() jid_changed = request.user.jid != new_jid previous_jid = request.user.jid if new_jid and request.cfg.user_jid_unique: other = user.get_by_jabber_id(request, new_jid) if other is not None and other.id != request.user.id: return 'error', _("This jabber id already belongs to somebody else.") if jid_changed: set_event = events.JabberIDSetEvent(request, new_jid) unset_event = events.JabberIDUnsetEvent(request, previous_jid) events.send_event(unset_event) events.send_event(set_event) # done checking the JID, set it request.user.jid = new_jid if not 'aliasname' in request.user.auth_attribs: # aliasname request.user.aliasname = wikiutil.clean_input(form.get('aliasname', [''])[0]) # editor size request.user.edit_rows = util.web.getIntegerInput(request, 'edit_rows', request.user.edit_rows, 10, 60) # try to get the editor request.user.editor_default = form.get('editor_default', [self.cfg.editor_default])[0] request.user.editor_ui = form.get('editor_ui', [self.cfg.editor_ui])[0] # time zone request.user.tz_offset = util.web.getIntegerInput(request, 'tz_offset', request.user.tz_offset, -84600, 84600) # datetime format try: dt_d_combined = Settings._date_formats.get(form['datetime_fmt'][0], '') request.user.datetime_fmt, request.user.date_fmt = dt_d_combined.split(' & ') except (KeyError, ValueError): request.user.datetime_fmt = '' # default request.user.date_fmt = '' # default # try to get the (optional) theme theme_name = form.get('theme_name', [self.cfg.theme_default])[0] if theme_name != request.user.theme_name: # if the theme has changed, load the new theme # so the user has a direct feedback # WARNING: this should be refactored (i.e. theme load # after userform handling), cause currently the # already loaded theme is just replaced (works cause # nothing has been emitted yet) request.user.theme_name = theme_name if request.loadTheme(theme_name) > 0: theme_name = wikiutil.escape(theme_name) return 'error', _("The theme '%(theme_name)s' could not be loaded!") % locals() # try to get the (optional) preferred language request.user.language = form.get('language', [''])[0] if request.user.language == u'': # For language-statistics from MoinMoin import i18n request.user.real_language = i18n.get_browser_language(request) else: request.user.real_language = '' # I want to handle all inputs from user_form_fields, but # don't want to handle the cases that have already been coded # above. # This is a horribly fragile kludge that's begging to break. # Something that might work better would be to define a # handler for each form field, instead of stuffing them all in # one long and inextensible method. That would allow for # plugins to provide methods to validate their fields as well. already_handled = ['name', 'email', 'aliasname', 'edit_rows', 'editor_default', 'editor_ui', 'tz_offset', 'datetime_fmt', 'theme_name', 'language', 'real_language', 'jid'] for field in self.cfg.user_form_fields: key = field[0] if ((key in self.cfg.user_form_disable) or (key in already_handled)): continue default = self.cfg.user_form_defaults[key] value = form.get(key, [default])[0] setattr(request.user, key, value) # checkbox options for key, label in self.cfg.user_checkbox_fields: if key not in self.cfg.user_checkbox_disable and key not in self.cfg.user_checkbox_remove: value = form.get(key, ["0"])[0] try: value = int(value) except ValueError: pass else: setattr(request.user, key, value) # quicklinks for navibar request.user.quicklinks = self._decode_pagelist('quicklinks') # save data request.user.save() if request.user.disabled: # set valid to false so the current request won't # show the user as logged-in any more request.user.valid = False result = _("User preferences saved!") if _debug: result = result + util.dumpFormData(form) return result
try: theuser.enc_password = user.encodePassword(password) except UnicodeError, err: # Should never happen return "Can't encode password: %s" % str(err) # try to get the email, for new users it is required email = wikiutil.clean_input(form.get('email', '')) theuser.email = email.strip() if not theuser.email and 'email' not in request.cfg.user_form_remove: return _("Please provide your email address. If you lose your" " login information, you can get it by email.") # Email should be unique - see also MoinMoin/script/accounts/moin_usercheck.py if theuser.email and request.cfg.user_email_unique: if user.get_by_email_address(request, theuser.email): return _("This email already belongs to somebody else.") # save data theuser.save() result = _( "User account created! You can use this account to login now...") if _debug: result = result + util.dumpFormData(form) return result def _create_form(request): _ = request.getText url = request.page.url(request)
def _save_user_prefs(self): _ = self._ form = self.request.form request = self.request if not 'name' in request.user.auth_attribs: # Require non-empty name new_name = wikiutil.clean_input(form.get('name', request.user.name)).strip() # Don't allow changing the name to an invalid one if not user.isValidName(request, new_name): return 'error', _("""Invalid user name {{{'%s'}}}. Name may contain any Unicode alpha numeric character, with optional one space between words. Group page name is not allowed.""", wiki=True) % wikiutil.escape(new_name) # Is this an existing user trying to change information or a new user? # Name required to be unique. Check if name belong to another user. existing_id = user.getUserId(request, new_name) if existing_id is not None and existing_id != request.user.id: return 'error', _("This user name already belongs to somebody else.") if not new_name: return 'error', _("Empty user name. Please enter a user name.") # done sanity checking the name, set it request.user.name = new_name if not 'email' in request.user.auth_attribs: # try to get the email new_email = wikiutil.clean_input(form.get('email', request.user.email)).strip() # Require email if not new_email and 'email' not in request.cfg.user_form_remove: return 'error', _("Please provide your email address. If you lose your" " login information, you can get it by email.") # Email should be unique - see also MoinMoin/script/accounts/moin_usercheck.py if new_email and request.cfg.user_email_unique: other = user.get_by_email_address(request, new_email) if other is not None and other.id != request.user.id: return 'error', _("This email already belongs to somebody else.") # done checking the email, set it request.user.email = new_email if not 'jid' in request.user.auth_attribs: # try to get the jid new_jid = wikiutil.clean_input(form.get('jid', '')).strip() jid_changed = request.user.jid != new_jid previous_jid = request.user.jid if new_jid and request.cfg.user_jid_unique: other = user.get_by_jabber_id(request, new_jid) if other is not None and other.id != request.user.id: return 'error', _("This jabber id already belongs to somebody else.") if jid_changed: set_event = events.JabberIDSetEvent(request, new_jid) unset_event = events.JabberIDUnsetEvent(request, previous_jid) events.send_event(unset_event) events.send_event(set_event) # done checking the JID, set it request.user.jid = new_jid if not 'aliasname' in request.user.auth_attribs: # aliasname request.user.aliasname = wikiutil.clean_input(form.get('aliasname', '')).strip() # editor size request.user.edit_rows = util.web.getIntegerInput(request, 'edit_rows', request.user.edit_rows, 0, 999) # try to get the editor request.user.editor_default = wikiutil.clean_input(form.get('editor_default', self.cfg.editor_default)) request.user.editor_ui = wikiutil.clean_input(form.get('editor_ui', self.cfg.editor_ui)) # time zone request.user.tz_offset = util.web.getIntegerInput(request, 'tz_offset', request.user.tz_offset, -84600, 84600) # datetime format try: dt_d_combined = Settings._date_formats.get(form['datetime_fmt'], '') request.user.datetime_fmt, request.user.date_fmt = dt_d_combined.split(' & ') except (KeyError, ValueError): request.user.datetime_fmt = '' # default request.user.date_fmt = '' # default # try to get the (optional) theme theme_name = wikiutil.clean_input(form.get('theme_name', self.cfg.theme_default)) if theme_name != request.user.theme_name: # if the theme has changed, load the new theme # so the user has a direct feedback # WARNING: this should be refactored (i.e. theme load # after userform handling), cause currently the # already loaded theme is just replaced (works cause # nothing has been emitted yet) request.user.theme_name = theme_name if load_theme_fallback(request, theme_name) > 0: theme_name = wikiutil.escape(theme_name) return 'error', _("The theme '%(theme_name)s' could not be loaded!") % locals() # try to get the (optional) preferred language request.user.language = wikiutil.clean_input(form.get('language', '')) if request.user.language == u'': # For language-statistics from MoinMoin import i18n request.user.real_language = i18n.get_browser_language(request) else: request.user.real_language = '' # I want to handle all inputs from user_form_fields, but # don't want to handle the cases that have already been coded # above. # This is a horribly fragile kludge that's begging to break. # Something that might work better would be to define a # handler for each form field, instead of stuffing them all in # one long and inextensible method. That would allow for # plugins to provide methods to validate their fields as well. already_handled = ['name', 'email', 'aliasname', 'edit_rows', 'editor_default', 'editor_ui', 'tz_offset', 'datetime_fmt', 'theme_name', 'language', 'real_language', 'jid'] for field in self.cfg.user_form_fields: key = field[0] if ((key in self.cfg.user_form_disable) or (key in already_handled)): continue default = self.cfg.user_form_defaults[key] value = form.get(key, default) value = wikiutil.clean_input(value) setattr(request.user, key, value) # checkbox options for key, label in self.cfg.user_checkbox_fields: if key not in self.cfg.user_checkbox_disable and key not in self.cfg.user_checkbox_remove: value = form.get(key, "0") try: value = int(value) except ValueError: # value we got is crap, do not setattr this value, just pass pass else: setattr(request.user, key, value) # quicklinks for navibar request.user.quicklinks = self._decode_pagelist('quicklinks') # save data request.user.save() if request.user.disabled: # set valid to false so the current request won't # show the user as logged-in any more request.user.valid = False result = _("User preferences saved!") return result