| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
| |
- Legend goes back on top of the member list
- A new "Additional Member Tasks" section which contains the search
button (rearranged), and a new set moderator flag button
- You can now toggle all members' moderate flag either on or off
(defaults to default_member_moderation), including those members not
visible on the screen.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pass subcat to change_options() and show_results() calls.
option_help(): Get both category and subcat from varhelp.
Include the standard footer when no valid variable name is found.
Be sure the form action url includes any subcat.
Pass subcat to add_options_table_item() call.
show_results(): category_suffix -> subcat. Be sure to include the
subcat in the form action url. Pass subcat to the show_variables()
call.
show_variables(): Accept subcat, and pass it along to the
add_options_table_item() call.
add_options_table_item(): Accept subcat and pass it along to the
get_item_gui_description() call.
get_item_gui_description(): Accept subcat, and make sure that the VARHELP
query url extension includes any subcat, otherwise the variable lookup
will fail.
member_options(): Include another column which contains the mod
user-specific moderation bit.
change_options(): Accept subcat, and be sure to pass that into the
GetConfigInfo() calls. Also, set the user's Moderate flag based on
the value of the user_mod key.
|
| |
|
|
| |
makes the "Authentication failed" tests work.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
more bulletproof against membership mining for private rosters.
If rosters are private, then we'll just put up a fairly generic
acknowledgement that's the same regardless of what kind of approval is
necessary, or whether the email address is already subscribed or not.
Thus no information about private rosters can leak.
Note also that if a subscription request comes in for an already
subscribed address (using private rosters of course), then we send an
alert to the address to let them know that somebody was trying to
re-subscribe their address or mine the membership.
I also rewrote a bunch of the results strings (sorry translators!)
remote_addr(): Remove this. We can do it more cleanly inlined.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
membership mining when private rosters are being used. Also, fix a
bug in the chopping up of the url parts.
We now print the "Authentication failed" message in the authentication
clause when the `password' key, not the `login' key is present (the
latter won't be when the email address is given on the url, but the
former will always be present).
When mlist.private_roster is <> 0, this means we do have private
rosters (either to the list membership or to the list admins). In
that case, set user to None and continue on. The display will use the
provided email address even if it's not a member, and we'll get a
normal "Authentication failed" message, which doesn't reveal whether
it was the email address or the password that mismatched.
loginpage(): Always set the form action to .../mailman/options
without the email address in the url. If the user was provided to the
login script, hide it (obscured) in a Hidden input field. This way,
we essentially clear any unauthorized emails from the url.
|
| |
|
|
|
| |
message (because of ADMINDB_PAGE_TEXT_LIMIT), join the strings with
the empty string, not newlines.
|
| |
|
|
|
|
| |
ApprovedDeleteMember(). When the user unsubscribes via her
options page, admin notification should follow the list's
setting.
|
| |
|
|
| |
such member' error.
|
| |
|
|
|
| |
two subcolumns. Also, split the password entry fields into their
own pseudo-subcategory (like members).
|
| |
|
|
| |
there actually were any members removed.
|
| |
|
|
|
|
|
|
| |
Also, use cStringIO directly instead of our own hack-around StringIO
module.
admindb.py: Use ListAdmin.readMessage() to actually read the contents
of the message from disk.
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
allow deletion of list by anybody with a valid cookie
authentication. We /want/ to force the admin to enter the
password explicitly, as an extra confirmation step, so use
Authenticate() instead.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
host_name attributes based on the calculated values.
web_page_url's host name comes from get_domain() interpolated into
DEFAULT_URL_PATTERN, while host_name comes from a lookup in the
VIRTUAL_HOSTS table, defaulting to get_domain() if not found.
Also, we're now responsible for saving the list, and once we've
done so, we can unlock it and do the rest of the task (which
doesn't require the lock, so can be done outside the
try/finally).
|
| |
|
|
|
|
|
|
|
| |
DEFAULT_HOST_NAME to get the hostname.
Also, do the same kind of virtual host filtering for the admin
overview as we do in the listinfo overview. This more clearly
separates the virtual domains (there perhaps should be a site
overview).
|
| |
|
|
|
|
|
| |
this is ugly, but it makes the job much easier for translators of
certain languages.
Also say "list moderator" instead of "list administrator".
|
| |
|
|
|
|
|
| |
invalid.
password_inputs(): Add a <a name...> tag here so we can create a
<a href="general#passwords"> link directly to this section.
|
| |
|
|
| |
integer since that's what MemberAdaptor eventually wants.
|
| |
|
|
|
|
|
|
|
|
| |
when creating the mailing list. A checkbox array is displayed that
contains all the server-supported languages, with the
DEFAULT_SERVER_LANGUAGE checked by default. List preferred language
still needs to be chosen after-the-fact through the admin pages (it
defaults to DEFAULT_SERVER_LANGUAGE).
process_request(): Make sure that the list name isn't the empty string!
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Make sure most tables have an explicit width of 100%, otherwise
vertical Checkboxes cause the table to be squashed.
show_results(): Split the "Configuration Categories" unordered list
into two columns. Still not perfect, but better than having 11
members in one column on the left.
"Edit the HTML for the public list pages" => "Edit the public HTML pages"
get_item_gui_value(): Handle the new Checkbox widget.
get_valid_value(): If widget type is Email, only attempt to validate
the value if it is not the empty string. This fixes SF bug
#219571, which prevented the reply_to_address field from being
cleared.
Also, teach this about the Checkbox widget type. Make sure that
the value is a list. It'll be a scalar if exactly one of the
checkboxes is selected, but we always treat it as a list.
change_options(): When calling get_valid_value(), catch any
EmailAddressErrors that can occur due to hostile or otherwise bad
email addresses in the reply_to_address field. Print an error
message in that case.
add_error_message(): Change the way the `tag' argument is defaulted,
so we can translate the default value.
|
| |
|
|
| |
Utils.get_site_email(). The former config variable is going away.
|
| |
|
|
| |
Utils.get_site_email(). The former config variable is going away.
|
| |
|
|
| |
Utils.get_site_email(). The former config variable is going away.
|
| |
|
|
|
| |
value is `true'. This allows us to delete the name and have it
removed from the member database.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
show_results(): Elaborate on the "Make your changes text...".
Reorganize the category specific elements so that the "find
member" section is added here instead of in membership_options().
This lets us put an hr in between these sections.
Also, hyperlink "Python regular expression" to point to the
library reference manual's description of regexp syntax.
show_variables(): No longer needs the `form' argument, since it
doesn't call membership_options() any more (that's called directly
from show_results() instead).
membership_options(): Just pass in the subcategory instead of
calculating it here. It's figured out by show_results(). Also,
don't add the "find member" section here; it's also added by
show_results().
Reorganize the big member table to change the sense of the
subscription check box. I've always hated the fact that you turn
/off/ the subscr checkbox to unsubscribe somebody! Instead, now
you turn on the unsub checkbox to unsubscribe them. To make this
standout even more visually, the unsub column is moved to the left
of the name/addr column. I still hate the abbreviations, but
don't have any better ideas. This does improve things though
because the members to be effected (i.e. unsubscribed) stand out
much better now.
mass_subscribe(), mass_remove(): More reorganization to put the
questions in their own table cells. This helps line things up
better, although it isn't perfect. Also, shrink the width of the
text area a bit.
|
| | |
|
| |
|
|
|
|
|
|
| |
options" button on the listinfo page, it doesn't need to deal with
the UserOptions form key, nor does it need to do the hackishly
disgusting call_script() trick to get options.py invoked.
call_script(): Removed.
|
| |
|
|
|
|
|
|
|
|
|
| |
url or in the form data. In that case, present the login page
with an extra field prompting for the email address. Also,
optionally get the email address out of the form data, if
present. listinfo.html has changed so that it calls this script
directly, with the `email' item holding the address. The login
page uses the same item name, so either will work.
loginpage(): Accept user=None meaning, prompt for the email address.
|
| |
|
|
| |
listinfo.html for parallel change.
|
| |
|
|
|
| |
include the `linktable' at the bottom of the page too. Not too
pretty but it should avoid most scrollbar ping-ponging.
|
| |
|
|
|
|
|
|
|
| |
explicitly cancel the message via the web confirmation mechanism.
heldmsg_cancel(), heldmsg_confirm(), heldmsg_prompt(): New functions,
slightly misnamed (but retained for consistency).
I.e. "canceling" means "continue awaiting approval" and
"confirming" means "cancel the posting".
|
| | |
|
| |
|
|
| |
GetPreferredLanguage() -> getMemberLanguage()
|
| |
|
|
|
| |
SetPreferredLanguage() -> setMemberLanguage(); setMemberTopics();
getMemberTopics().
|
| |
|
|
|
|
|
|
|
|
|
|
| |
confirmations. :) Clicking on the emailed confirm url now brings up a
screen which requires the user to /then/ click on an explicit Confirm
button. They can also cancel their requested action.
So far, implemented subscription, unsubscription, and change of
address requests. Eventually this will include posting holds, etc.
Subscription confirmation screen allows them to override some values
they entered in the original request (but not, of course, the email
address!).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
GetPreferredLanguage() -> getMemberLanguage(). Note this isn't
finished yet since there are still some direct access to
mlist.members. :(
Use the UserDesc helper class.
membership_options(): When calculating the length of the realname
field, include the email addresses. Since this fits in the same
table cell, the text box should be the max of the email addresses
or realnames.
Also, always include the realname TextBox, even if there is no
realname for the user.
|
| |
|
|
| |
as the internal name.
|
| | |
|
| |
|
|
|
|
|
|
| |
form, and defaulting to mlist.preferred_language.
process_form(): Suck the fullname value out of the form, defaulting to
the empty string. Call AddMember() with the new and improved
interface.
|
| |
|
|
|
|
| |
form, and defaulting to mlist.preferred_language.
list_listinfo(): Add a replacement for the (new) fullname box.
|
| |
|
|
|
|
|
| |
called, be sure to catch MMNeedApproval, which can be raised if
subscriptions are confirm+approve.
(Yeah, I know this is eventually going to get rewritten...)
|
| |
|
|
| |
requests database automatically updates its schema now.
|
| |
|
|
|
|
|
| |
don't unquote the lines. Rewrite this function to not use
ApprovedAddMembers() -- which has been removed -- but instead to
loop over ApprovedAddMember(), keeping track of the results of
each individual addition.
|
| |
|
|
|
|
| |
full names are shown along with the email address (if it is
known). Also, backwards compatibility with pre-2.1a3 pending
database records (before a3 they didn't include the fullname).
|
| |
|
|
| |
process_form(): IsMember()/FindUser() -> isMember();
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
member's real names. Specifically,
main(): IsMember() -> isMember();
FindUser()/GetUserSubscribedAddress() -> getMemberCPAddress()
GetPreferredLanguage() -> getMemberLanguage()
Support the printing of topic details when they click on the
"Details" link after the topic name (works like admin interface's
VARHELP).
In the change-of-address stanza, add a check for the fullname
field, which contains the member's real name. After extracting
the fullname, new-address, and confirm-address fields, be more
careful about including error messages, so that if the real name
field is set or cleared, we ignore the address fields if they are
both blank. Handle setting the member's name globally, just like
a global change of address.
DeleteMember() -> ApprovedDeleteMember()
Add recognition of the ReceiveNonmatchingTopics flag to determine
what the user wants for messages that match no topics (they can
either receive them or ignore them).
GetUserOption() -> getMemberOption()
Add processing of user topic selections.
SetUserOption() -> setMemberOption() and don't special case when
setting digest deliver; setMemberOption() handles that properly.
options_page(): Include the user's full name in presentable_user, as
in "john.doe@dom.ain, John Doe". If there's no user name then
just print the email address as before.
"Change My Address" button -> "Change My Address and Name"
Add replacements for the fullname box, and the topics option.
IsMember() -> isMember()
ChangeUserPassword() -> setMemberPassword()
SetUserOption() -> setMemberOption()
topic_details(): New method to include the topic details in the top
information area.
|
| |
|
|
|
|
|
|
|
|
|
| |
when the admin is trying to login with an empty password field.
When WebAuthenticate() fails, check the `adminpw' cgi key to
determine whether this was a login attempt, or the first visit of
this link.
show_requests(): SUBSCRIPTION pending records now include the supplied
user real name (i.e. fullname), so use this when unpacking the
tuple.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
and to be able to set/get member's real names. Specifically,
CATEGORIES: Don't hardwire these here. Instead they are extracted via
mlist.GetConfigCategories().
main(): GetMembers() -> getRegularMemberKeys()
get_config_options(): Removed. Use mlist.GetConfigInfo() instead.
show_results(): Don't hardwire sub-categories. Instead get them from
mlist.GetConfigSubCategories().
get_item_gui_value(): Added a new kind of gui widget, the `Topics'
widget which includes at least three boxes (for topic name,
regexp, and description), along with possibly a Delete button, an
Add button, and an "add where" pull down menu.
membership_options(): Instead of using GetMembers() and
GetDigestMembers(), use the new membership API methods
getMembers(), getMemberName(). Also use getMemberOption() instead
of GetUserOption(). In the membership list, add a text box for
the member's real name.
change_option(): We now allow gui components to optionally handle the
form data themselves. If the component has a HandleForm() method,
it is called, passing the MailList object, the cgi form data
structure, and the Document object.
DeleteMember() -> ApprovedDeleteMember()
SetUserDigest() -> setMemberOption(... mm_cfg.Digests, ...)
SetPreferredLanguage() -> setMemberLanguage()
SetUserOption() -> setMemberOption()
Added setMemberName() to set the member's full name.
get_config_options(): Removed.
|
| |
|
|
| |
Found by Juan Carlos Rey Anaya.
|
