Mercurial > moin > 1.9
view MoinMoin/action/userprofile.py @ 5522:879674c9320a
AttachFile: add ticketing for all operations that do modifications
Tickets for upload (POST), also for every (GET) URL except do=get and do=view.
Avoid KeyError if there is no ticket (was a minor issues, because there has to be one).
Use the same i18n string for all "Please use the interactive user interface" messages.
author | Thomas Waldmann <tw AT waldmann-edv DOT de> |
---|---|
date | Mon, 08 Feb 2010 18:56:07 +0100 |
parents | a283079b3f1e |
children | b0dfed9a569f 37306fba2189 |
line wrap: on
line source
# -*- coding: iso-8859-1 -*- """ MoinMoin - set values in user profile @copyright: 2008 MoinMoin:ThomasWaldmann @license: GNU GPL, see COPYING for details. """ from MoinMoin.Page import Page from MoinMoin import user, wikiutil def execute(pagename, request): """ set values in user profile """ _ = request.getText cfg = request.cfg form = request.form if not request.user.isSuperUser(): request.theme.add_msg(_("Only superuser is allowed to use this action."), "error") elif (request.request_method == 'POST' and wikiutil.checkTicket(request, form.get('ticket', [''])[0])): user_name = form.get('name', [''])[0] key = form.get('key', [''])[0] val = form.get('val', [''])[0] if key in cfg.user_checkbox_fields: val = int(val) uid = user.getUserId(request, user_name) theuser = user.User(request, uid) oldval = getattr(theuser, key) setattr(theuser, key, val) theuser.save() request.theme.add_msg('%s.%s: %s -> %s' % (user_name, key, oldval, val), "info") Page(request, pagename).send_page()