diff options
| author | klm | 1998-03-30 18:18:20 +0000 |
|---|---|---|
| committer | klm | 1998-03-30 18:18:20 +0000 |
| commit | febbee9795a120529b67edff063ce55792114cc2 (patch) | |
| tree | 06aa69de5b293d8ac260e6b9440d9cf3ff361a7f | |
| parent | 392f1d4ea2027cbd6d1be29a692196200ded0695 (diff) | |
| download | mailman-febbee9795a120529b67edff063ce55792114cc2.tar.gz mailman-febbee9795a120529b67edff063ce55792114cc2.tar.zst mailman-febbee9795a120529b67edff063ce55792114cc2.zip | |
*** empty log message ***
Diffstat (limited to '')
| -rwxr-xr-x | cgi/roster | 105 |
1 files changed, 105 insertions, 0 deletions
diff --git a/cgi/roster b/cgi/roster new file mode 100755 index 000000000..46ce1fc09 --- /dev/null +++ b/cgi/roster @@ -0,0 +1,105 @@ +#!/usr/local/bin/python + +"""Produce subscriber roster, using listinfo form data, roster.html template. + +Takes listname in PATH_INFO.""" + +# We don't need to lock in this script, because we're never going to change +# data. + +import sys +sys.path.append('/home/mailman/mailman/modules') + +import os, string +import cgi +import mm_utils, maillist, htmlformat, mm_cfg, mm_err + +try: + sys.stderr = mm_utils.StampedLogger("error", label = 'mmroster', + manual_reprime=1, nofail=0) +except IOError: + pass # Oh well - SOL on redirect, errors show thru. + + +def main(): + doc = htmlformat.Document() + form = cgi.FieldStorage() + list = get_list() + + bad = "" + # These nested conditionals constituted a cascading authentication + # check, yielding a + if not list.private_roster: + # No privacy. + bad = "" + else: + auth_req = ("%s subscriber list requires authentication." + % list.real_name) + if not form.has_key("roster-pw"): + bad = auth_req + else: + pw = form['roster-pw'].value + # Just the admin password is sufficient - check it early. + if not list.ValidAdminPassword(pw): + if not form.has_key('roster-email'): + # No admin password and no user id, nogo. + bad = auth_req + else: + id = form['roster-email'].value + if list.private_roster == 1: + # Private list - members visible. + try: + list.ConfirmUserPassword(id, pw) + except (mm_err.MMBadUserError, + mm_err.MMBadPasswordError): + bad = ("%s subscriber authentication failed." + % list.real_name) + else: + # Anonymous list - admin-only visible + # - and we already tried admin password, above. + bad = ("%s admin authentication failed." + % list.real_name) + if bad: + doc = error_page_doc(bad) + doc.AddItem(list.GetMailmanFooter()) + print doc.Format() + sys.exit(0) + + replacements = list.GetStandardReplacements() + + doc.AddItem(list.ParseTags('roster.html', replacements)) + print doc.Format() + +def get_list(): + "Return list or bail out with error page." + + list_info = mm_utils.GetPathPieces(os.environ['PATH_INFO']) + if len(list_info) != 1: + error_page("Invalid options to CGI script.") + sys.exit(0) + list_name = string.lower(list_info[0]) + try: + list = maillist.MailList(list_name) + except mm_err.MMUnknownListError: + error_page("%s: No such list.", list_name) + sys.exit(0) + if not list._ready: + error_page("%s: No such list.", list_name) + sys.exit(0) + list.Unlock() + return list + +def error_page(errmsg, *args): + print apply(error_page_doc, (errmsg,) + args).Format() + +def error_page_doc(errmsg, *args): + """Produce a simple error-message page on stdout and exit. + + Optional arg justreturn means just return the doc, don't print it.""" + doc = htmlformat.Document() + doc.AddItem(htmlformat.Header(2, "Error")) + doc.AddItem(htmlformat.Bold(errmsg % args)) + return doc + +if __name__ == "__main__": + main() |