diff options
| author | bwarsaw | 2001-05-31 17:46:11 +0000 |
|---|---|---|
| committer | bwarsaw | 2001-05-31 17:46:11 +0000 |
| commit | ee00498227d6bf18016cc0b483a0516d29ea12fb (patch) | |
| tree | d2b37487dd9ea5f2d398e3fe242efa5b9eab4e92 /Mailman/Version.py | |
| parent | ec8c1bc1633d94d596c890e9dc8de4cad6917ee2 (diff) | |
| download | mailman-ee00498227d6bf18016cc0b483a0516d29ea12fb.tar.gz mailman-ee00498227d6bf18016cc0b483a0516d29ea12fb.tar.zst mailman-ee00498227d6bf18016cc0b483a0516d29ea12fb.zip | |
Changes to support the new world order of authentication, using
authorization contexts and the roles of User, List Owner, List
Moderator, (List) Creator/Destroyer, Site Administrator.
Specifically,
InitVars(): Add a mod_password attribute that can contain the sha
hashed list moderator's password.
ValidAdminPassword(), ConfirmAdminPassword(): Removed as obsolete.
AuthContextInfo(): Given an authorization context, and optionally a
user (if authcontext == AuthUser), return the context's secret and
cookie key. The tuple (None, None) is returned if the authcontext is
bogus. MMNotAMemberError is raised if the user isn't a member of the
list, and MMBadUserError is raised if the user's secret is None.
Authenticate(): The non-web way of doing authentication. Takes a list
of allowed authcontexts (and optionally a user name if AuthUser is one
of those contexts), and a response string (i.e. password). Returns
the authcontext from the argument sequence that matches the response,
or UnAuthorized if none of them did.
WebAuthenticate(): The web way of doing authentication. The arguments
are the same as Authenticate(), but first the cookie data is checked.
If that fails, then Authenticate() is used. Returns a flag indicating
whether authentication succeeded or not.
MakeCookie(): Now takes an authcontext and optionally a user (required
if authcontext is AuthUser). Generates a cookie item for this
context.
ZapCookie(): Now takes an authcontext and optionally a user (required
if authcontext is AuthUser). Generates an empty cookie item for this
context, effectively logging out that authcontext.
CheckCookie(): Now takes an authcontext and optionally a user (required
if authcontext is AuthUser). Returns a flag indicating whether the
authcontext's cookie matches the expected value, i.e. whether they are
cookie authenticated or not.
ChangeUserPassword(): Remove the test for IsListInitialized(), and
removed the Save() call, since all paths to this method should be
wrapped in the standard lock-modify-save-unlock fence.
Diffstat (limited to 'Mailman/Version.py')
0 files changed, 0 insertions, 0 deletions