| 1 | #!/usr/bin/env python |
| 2 | #*************************************************************************** |
| 3 | #* Copyright (C) 2004-2008 polytechnique.org * |
| 4 | #* http://opensource.polytechnique.org/ * |
| 5 | #* * |
| 6 | #* This program is free software; you can redistribute it and/or modify * |
| 7 | #* it under the terms of the GNU General Public License as published by * |
| 8 | #* the Free Software Foundation; either version 2 of the License, or * |
| 9 | #* (at your option) any later version. * |
| 10 | #* * |
| 11 | #* This program is distributed in the hope that it will be useful, * |
| 12 | #* but WITHOUT ANY WARRANTY; without even the implied warranty of * |
| 13 | #* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * |
| 14 | #* GNU General Public License for more details. * |
| 15 | #* * |
| 16 | #* You should have received a copy of the GNU General Public License * |
| 17 | #* along with this program; if not, write to the Free Software * |
| 18 | #* Foundation, Inc., * |
| 19 | #* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * |
| 20 | #*************************************************************************** |
| 21 | |
| 22 | import base64, MySQLdb, os, getopt, sys, sha, signal, re, shutil, ConfigParser |
| 23 | import MySQLdb.converters |
| 24 | import SocketServer |
| 25 | |
| 26 | sys.path.append('/usr/lib/mailman/bin') |
| 27 | |
| 28 | from pwd import getpwnam |
| 29 | from grp import getgrnam |
| 30 | |
| 31 | from SimpleXMLRPCServer import SimpleXMLRPCServer |
| 32 | from SimpleXMLRPCServer import SimpleXMLRPCRequestHandler |
| 33 | |
| 34 | import paths |
| 35 | from Mailman import MailList |
| 36 | from Mailman import Utils |
| 37 | from Mailman import Message |
| 38 | from Mailman import Errors |
| 39 | from Mailman import mm_cfg |
| 40 | from Mailman import i18n |
| 41 | from Mailman.UserDesc import UserDesc |
| 42 | from Mailman.ListAdmin import readMessage |
| 43 | from email.Iterators import typed_subpart_iterator |
| 44 | from threading import Lock |
| 45 | |
| 46 | class AuthFailed(Exception): pass |
| 47 | |
| 48 | ################################################################################ |
| 49 | # |
| 50 | # CONFIG |
| 51 | # |
| 52 | #------------------------------------------------ |
| 53 | |
| 54 | config = ConfigParser.ConfigParser() |
| 55 | config.read(os.path.dirname(__file__)+'/../configs/platal.ini') |
| 56 | config.read(os.path.dirname(__file__)+'/../configs/platal.conf') |
| 57 | |
| 58 | def get_config(sec, val, default=None): |
| 59 | try: |
| 60 | return config.get(sec, val)[1:-1] |
| 61 | except ConfigParser.NoOptionError, e: |
| 62 | if default is None: |
| 63 | sys.stderr.write('%s\n' % str(e)) |
| 64 | sys.exit(1) |
| 65 | else: |
| 66 | return default |
| 67 | |
| 68 | MYSQL_USER = get_config('Core', 'dbuser') |
| 69 | MYSQL_PASS = get_config('Core', 'dbpwd') |
| 70 | |
| 71 | PLATAL_DOMAIN = get_config('Mail', 'domain') |
| 72 | PLATAL_DOMAIN2 = get_config('Mail', 'domain2', '') |
| 73 | sys.stderr.write('PLATAL_DOMAIN = %s\n' % PLATAL_DOMAIN ) |
| 74 | |
| 75 | VHOST_SEP = get_config('Lists', 'vhost_sep', '_') |
| 76 | ON_CREATE_CMD = get_config('Lists', 'on_create', '') |
| 77 | |
| 78 | SRV_HOST = get_config('Lists', 'rpchost', 'localhost') |
| 79 | SRV_PORT = int(get_config('Lists', 'rpcport', '4949')) |
| 80 | |
| 81 | ################################################################################ |
| 82 | # |
| 83 | # CLASSES |
| 84 | # |
| 85 | #------------------------------------------------ |
| 86 | # Manage Basic authentication |
| 87 | # |
| 88 | |
| 89 | class BasicAuthXMLRPCRequestHandler(SimpleXMLRPCRequestHandler): |
| 90 | |
| 91 | """XMLRPC Request Handler |
| 92 | This request handler is used to provide BASIC HTTP user authentication. |
| 93 | It first overloads the do_POST() function, authenticates the user, then |
| 94 | calls the super.do_POST(). |
| 95 | |
| 96 | Moreover, we override _dispatch, so that we call functions with as first |
| 97 | argument a UserDesc taken from the database, containing name, email and perms |
| 98 | """ |
| 99 | |
| 100 | def _get_function(self, method): |
| 101 | try: |
| 102 | # check to see if a matching function has been registered |
| 103 | return self.server.funcs[method] |
| 104 | except: |
| 105 | raise Exception('method "%s" is not supported' % method) |
| 106 | |
| 107 | |
| 108 | def _dispatch(self, method, params): |
| 109 | new_params = list(params) |
| 110 | return list_call_dispatcher(self._get_function(method), self.data[0], self.data[1], self.data[2], *params) |
| 111 | |
| 112 | def do_POST(self): |
| 113 | try: |
| 114 | _, auth = self.headers["authorization"].split() |
| 115 | uid, md5 = base64.decodestring(auth).strip().split(':') |
| 116 | vhost = self.path.split('/')[1].lower() |
| 117 | self.data = self.getUser(uid, md5, vhost) |
| 118 | if self.data is None: |
| 119 | raise AuthFailed |
| 120 | # Call super.do_POST() to do the actual work |
| 121 | SimpleXMLRPCRequestHandler.do_POST(self) |
| 122 | except: |
| 123 | self.send_response(401) |
| 124 | self.end_headers() |
| 125 | |
| 126 | def getUser(self, uid, md5, vhost): |
| 127 | res = mysql_fetchone ("""SELECT CONCAT(u.prenom, ' ', u.nom), a.alias, u.perms |
| 128 | FROM auth_user_md5 AS u |
| 129 | INNER JOIN aliases AS a ON ( a.id=u.user_id AND a.type='a_vie' ) |
| 130 | WHERE u.user_id = '%s' AND u.password = '%s' AND u.perms IN ('admin', 'user') |
| 131 | LIMIT 1""" %( uid, md5 ) ) |
| 132 | if res: |
| 133 | name, forlife, perms = res |
| 134 | if vhost != PLATAL_DOMAIN: |
| 135 | res = mysql_fetchone ("""SELECT uid |
| 136 | FROM groupex.membres AS m |
| 137 | INNER JOIN groupex.asso AS a ON (m.asso_id = a.id) |
| 138 | WHERE perms='admin' AND uid='%s' AND mail_domain='%s'""" %( uid , vhost ) ) |
| 139 | if res: perms= 'admin' |
| 140 | userdesc = UserDesc(forlife+'@'+PLATAL_DOMAIN, name, None, 0) |
| 141 | return (userdesc, perms, vhost) |
| 142 | else: |
| 143 | return None |
| 144 | |
| 145 | ################################################################################ |
| 146 | # |
| 147 | # XML RPC STUFF |
| 148 | # |
| 149 | #------------------------------------------------------------------------------- |
| 150 | # helpers |
| 151 | # |
| 152 | |
| 153 | def connectDB(): |
| 154 | db = MySQLdb.connect( |
| 155 | db='x4dat', |
| 156 | user=MYSQL_USER, |
| 157 | passwd=MYSQL_PASS, |
| 158 | unix_socket='/var/run/mysqld/mysqld.sock') |
| 159 | db.ping() |
| 160 | return db.cursor() |
| 161 | |
| 162 | def mysql_fetchone(query): |
| 163 | ret = None |
| 164 | try: |
| 165 | lock.acquire() |
| 166 | mysql.execute(query) |
| 167 | if int(mysql.rowcount) > 0: |
| 168 | ret = mysql.fetchone() |
| 169 | finally: |
| 170 | lock.release() |
| 171 | return ret |
| 172 | |
| 173 | def is_admin_on(userdesc, perms, mlist): |
| 174 | return ( perms == 'admin' ) or ( userdesc.address in mlist.owner ) |
| 175 | |
| 176 | |
| 177 | def quote(s, is_header=False): |
| 178 | if is_header: |
| 179 | h = Utils.oneline(s, 'iso-8859-1') |
| 180 | else: |
| 181 | h = s |
| 182 | h = str('').join(re.split('[\x00-\x08\x0B-\x1f]+', h)) |
| 183 | return Utils.uquote(h.replace('&', '&').replace('>', '>').replace('<', '<')) |
| 184 | |
| 185 | def to_forlife(email): |
| 186 | try: |
| 187 | mbox, fqdn = email.split('@') |
| 188 | except: |
| 189 | mbox = email |
| 190 | fqdn = PLATAL_DOMAIN |
| 191 | if ( fqdn == PLATAL_DOMAIN ) or ( fqdn == PLATAL_DOMAIN2 ): |
| 192 | res = mysql_fetchone("""SELECT CONCAT(f.alias, '@%s'), CONCAT(u.prenom, ' ', u.nom) |
| 193 | FROM auth_user_md5 AS u |
| 194 | INNER JOIN aliases AS f ON (f.id=u.user_id AND f.type='a_vie') |
| 195 | INNER JOIN aliases AS a ON (a.id=u.user_id AND a.alias='%s' AND a.type!='homonyme') |
| 196 | WHERE u.perms IN ('admin', 'user') |
| 197 | LIMIT 1""" %( PLATAL_DOMAIN, mbox ) ) |
| 198 | if res: |
| 199 | return res |
| 200 | else: |
| 201 | return (None, None) |
| 202 | return (email.lower(), mbox) |
| 203 | |
| 204 | ## |
| 205 | # see /usr/lib/mailman/bin/rmlist |
| 206 | ## |
| 207 | def remove_it(listname, filename): |
| 208 | if os.path.islink(filename) or os.path.isfile(filename): |
| 209 | os.unlink(filename) |
| 210 | elif os.path.isdir(filename): |
| 211 | shutil.rmtree(filename) |
| 212 | |
| 213 | ## |
| 214 | # Call dispatcher |
| 215 | ## |
| 216 | |
| 217 | def has_annotation(method, name): |
| 218 | """ Check if the method contains the given annoation. |
| 219 | """ |
| 220 | return method.__doc__ and method.__doc__.find("@%s" % name) > -1 |
| 221 | |
| 222 | def list_call_dispatcher(method, userdesc, perms, vhost, *arg): |
| 223 | """Dispatch the call to the right handler. |
| 224 | This function checks the options of the called method the set the environment of the call. |
| 225 | The dispatcher uses method annotation (special tokens in the documentation of the method) to |
| 226 | guess the requested environment: |
| 227 | @mlist: the handler requires a mlist object instead of the vhost/listname couple |
| 228 | @lock: the handler requires the mlist to be locked (@mlist MUST be specified) |
| 229 | @edit: the handler edit the mlist (@mlist MUST be specified) |
| 230 | @admin: the handler requires admin rights on the list (@mlist MUST be specified) |
| 231 | @root: the handler requires site admin rights |
| 232 | """ |
| 233 | try: |
| 234 | if has_annotation(method, "root") and perms != "admin": |
| 235 | return 0 |
| 236 | if has_annotation(method, "mlist"): |
| 237 | listname = arg[0] |
| 238 | arg = arg[1:] |
| 239 | mlist = MailList.MailList(vhost + VHOST_SEP + listname.lower(), lock=0) |
| 240 | if has_annotation(method, "admin") and not is_admin_on(userdesc, perms, mlist): |
| 241 | return 0 |
| 242 | if has_annotation(method, "edit") or has_annotation(method, "lock"): |
| 243 | return list_call_locked(method, userdesc, perms, mlist, has_annotation(method, "edit"), *arg) |
| 244 | else: |
| 245 | return method(userdesc, perms, mlist, *arg) |
| 246 | else: |
| 247 | return method(userdesc, perms, vhost, *arg) |
| 248 | except Exception, e: |
| 249 | sys.stderr.write('Exception in dispatcher %s\n' % str(e)) |
| 250 | raise e |
| 251 | return 0 |
| 252 | |
| 253 | def list_call_locked(method, userdesc, perms, mlist, edit, *arg): |
| 254 | """Call the given method after locking the mlist. |
| 255 | """ |
| 256 | try: |
| 257 | mlist.Lock() |
| 258 | ret = method(userdesc, perms, mlist, *arg) |
| 259 | if edit: |
| 260 | mlist.Save() |
| 261 | mlist.Unlock() |
| 262 | return ret |
| 263 | except Exception, e: |
| 264 | sys.stderr.write('Exception in locked call %s: %s\n' % (method.__name__, str(e))) |
| 265 | mlist.Unlock() |
| 266 | return 0 |
| 267 | # TODO: use finally when switching to python 2.5 |
| 268 | |
| 269 | #------------------------------------------------------------------------------- |
| 270 | # helpers on lists |
| 271 | # |
| 272 | |
| 273 | def is_subscription_pending(userdesc, perms, mlist): |
| 274 | for id in mlist.GetSubscriptionIds(): |
| 275 | if userdesc.address == mlist.GetRecord(id)[1]: |
| 276 | return True |
| 277 | return False |
| 278 | |
| 279 | def get_list_info(userdesc, perms, mlist, front_page=0): |
| 280 | members = mlist.getRegularMemberKeys() |
| 281 | is_member = userdesc.address in members |
| 282 | is_owner = userdesc.address in mlist.owner |
| 283 | if mlist.advertised or is_member or is_owner or (not front_page and perms == 'admin'): |
| 284 | is_pending = False |
| 285 | if not is_member and (mlist.subscribe_policy > 1): |
| 286 | is_pending = list_call_locked(is_subscription_pending, userdesc, perms, mlist, False) |
| 287 | if is_pending is 0: |
| 288 | return 0 |
| 289 | |
| 290 | host = mlist.internal_name().split(VHOST_SEP)[0].lower() |
| 291 | details = { |
| 292 | 'list' : mlist.real_name, |
| 293 | 'addr' : mlist.real_name.lower() + '@' + host, |
| 294 | 'host' : host, |
| 295 | 'desc' : quote(mlist.description), |
| 296 | 'info' : quote(mlist.info), |
| 297 | 'diff' : (mlist.default_member_moderation>0) + (mlist.generic_nonmember_action>0), |
| 298 | 'ins' : mlist.subscribe_policy > 1, |
| 299 | 'priv' : 1-mlist.advertised, |
| 300 | 'sub' : 2*is_member + is_pending, |
| 301 | 'own' : is_owner, |
| 302 | 'nbsub': len(members) |
| 303 | } |
| 304 | return (details, members) |
| 305 | return 0 |
| 306 | |
| 307 | def get_options(userdesc, perms, mlist, opts): |
| 308 | """ Get the options of a list. |
| 309 | @mlist |
| 310 | @admin |
| 311 | """ |
| 312 | options = { } |
| 313 | for (k, v) in mlist.__dict__.iteritems(): |
| 314 | if k in opts: |
| 315 | if type(v) is str: |
| 316 | options[k] = quote(v) |
| 317 | else: options[k] = v |
| 318 | details = get_list_info(userdesc, perms, mlist)[0] |
| 319 | return (details, options) |
| 320 | |
| 321 | def set_options(userdesc, perms, mlist, vals): |
| 322 | """ Set the options of a list. |
| 323 | @mlist |
| 324 | @edit |
| 325 | @admin |
| 326 | """ |
| 327 | for (k, v) in vals.iteritems(): |
| 328 | if k not in opts: |
| 329 | continue |
| 330 | if k == 'default_member_moderation': |
| 331 | for member in mlist.getMembers(): |
| 332 | mlist.setMemberOption(member, mm_cfg.Moderate, int(v)) |
| 333 | t = type(mlist.__dict__[k]) |
| 334 | if t is bool: mlist.__dict__[k] = bool(v) |
| 335 | elif t is int: mlist.__dict__[k] = int(v) |
| 336 | elif t is str: mlist.__dict__[k] = Utils.uncanonstr(v, 'fr') |
| 337 | else: mlist.__dict__[k] = v |
| 338 | return 1 |
| 339 | |
| 340 | #------------------------------------------------------------------------------- |
| 341 | # users procedures for [ index.php ] |
| 342 | # |
| 343 | |
| 344 | def get_lists(userdesc, perms, vhost, email=None): |
| 345 | """ List available lists for the given vhost |
| 346 | """ |
| 347 | if email is None: |
| 348 | udesc = userdesc |
| 349 | else: |
| 350 | udesc = UserDesc(email.lower(), email.lower(), None, 0) |
| 351 | prefix = vhost.lower()+VHOST_SEP |
| 352 | names = Utils.list_names() |
| 353 | names.sort() |
| 354 | result = [] |
| 355 | for name in names: |
| 356 | if not name.startswith(prefix): |
| 357 | continue |
| 358 | try: |
| 359 | mlist = MailList.MailList(name, lock=0) |
| 360 | except: |
| 361 | continue |
| 362 | try: |
| 363 | details = get_list_info(udesc, perms, mlist, (email is None and vhost == PLATAL_DOMAIN))[0] |
| 364 | result.append(details) |
| 365 | except Exception, e: |
| 366 | sys.stderr.write('Can\'t get list %s: %s\n' % (name, str(e))) |
| 367 | continue |
| 368 | return result |
| 369 | |
| 370 | def subscribe(userdesc, perms, mlist): |
| 371 | """ Subscribe to a list. |
| 372 | @mlist |
| 373 | @edit |
| 374 | """ |
| 375 | if ( mlist.subscribe_policy in (0, 1) ) or userdesc.address in mlist.owner: |
| 376 | mlist.ApprovedAddMember(userdesc) |
| 377 | result = 2 |
| 378 | else: |
| 379 | result = 1 |
| 380 | try: |
| 381 | mlist.AddMember(userdesc) |
| 382 | except Errors.MMNeedApproval: |
| 383 | pass |
| 384 | return result |
| 385 | |
| 386 | def unsubscribe(userdesc, perms, mlist): |
| 387 | """ Unsubscribe from a list |
| 388 | @mlist |
| 389 | @edit |
| 390 | """ |
| 391 | mlist.ApprovedDeleteMember(userdesc.address) |
| 392 | return 1 |
| 393 | |
| 394 | #------------------------------------------------------------------------------- |
| 395 | # users procedures for [ index.php ] |
| 396 | # |
| 397 | |
| 398 | def get_name(member): |
| 399 | try: |
| 400 | return quote(mlist.getMemberName(member)) |
| 401 | except: |
| 402 | return '' |
| 403 | |
| 404 | def get_members(userdesc, perms, mlist): |
| 405 | """ List the members of a list. |
| 406 | @mlist |
| 407 | """ |
| 408 | details, members = get_list_info(userdesc, perms, mlist) |
| 409 | members.sort() |
| 410 | members = map(lambda member: (get_name(member), member), members) |
| 411 | return (details, members, mlist.owner) |
| 412 | |
| 413 | |
| 414 | #------------------------------------------------------------------------------- |
| 415 | # users procedures for [ trombi.php ] |
| 416 | # |
| 417 | |
| 418 | def get_members_limit(userdesc, perms, mlist, page, nb_per_page): |
| 419 | """ Get a range of members of the list. |
| 420 | @mlist |
| 421 | """ |
| 422 | members = get_members(userdesc, perms, mlist)[1] |
| 423 | i = int(page) * int(nb_per_page) |
| 424 | return (len(members), members[i:i+int(nb_per_page)]) |
| 425 | |
| 426 | def get_owners(userdesc, perms, mlist): |
| 427 | """ Get the owners of the list. |
| 428 | @mlist |
| 429 | """ |
| 430 | details, members, owners = get_members(userdesc, perms, mlist) |
| 431 | return (details, owners) |
| 432 | |
| 433 | |
| 434 | #------------------------------------------------------------------------------- |
| 435 | # owners procedures [ admin.php ] |
| 436 | # |
| 437 | |
| 438 | def replace_email(userdesc, perms, mlist, from_email, to_email): |
| 439 | """ Replace the address of a member by another one. |
| 440 | @mlist |
| 441 | @edit |
| 442 | @admin |
| 443 | """ |
| 444 | mlist.ApprovedChangeMemberAddress(from_email.lower(), to_email.lower(), 0) |
| 445 | return 1 |
| 446 | |
| 447 | def mass_subscribe(userdesc, perms, mlist, users): |
| 448 | """ Add a list of users to the list. |
| 449 | @mlist |
| 450 | @edit |
| 451 | @admin |
| 452 | """ |
| 453 | members = mlist.getRegularMemberKeys() |
| 454 | added = [] |
| 455 | for user in users: |
| 456 | email, name = to_forlife(user) |
| 457 | if ( email is None ) or ( email in members ): |
| 458 | continue |
| 459 | userd = UserDesc(email, name, None, 0) |
| 460 | mlist.ApprovedAddMember(userd) |
| 461 | added.append( (quote(userd.fullname), userd.address) ) |
| 462 | return added |
| 463 | |
| 464 | def mass_unsubscribe(userdesc, perms, mlist, users): |
| 465 | """ Remove a list of users from the list. |
| 466 | @mlist |
| 467 | @edit |
| 468 | @admin |
| 469 | """ |
| 470 | map(lambda user: mlist.ApprovedDeleteMember(user), users) |
| 471 | return users |
| 472 | |
| 473 | def add_owner(userdesc, perms, mlist, user): |
| 474 | """ Add a owner to the list. |
| 475 | @mlist |
| 476 | @edit |
| 477 | @admin |
| 478 | """ |
| 479 | email = to_forlife(user)[0] |
| 480 | if email is None: |
| 481 | return 0 |
| 482 | if email not in mlist.owner: |
| 483 | mlist.owner.append(email) |
| 484 | return True |
| 485 | |
| 486 | def del_owner(userdesc, perms, mlist, user): |
| 487 | """ Remove a owner of the list. |
| 488 | @mlist |
| 489 | @edit |
| 490 | @admin |
| 491 | """ |
| 492 | if len(mlist.owner) < 2: |
| 493 | return 0 |
| 494 | mlist.owner.remove(user) |
| 495 | return True |
| 496 | |
| 497 | #------------------------------------------------------------------------------- |
| 498 | # owners procedures [ admin.php ] |
| 499 | # |
| 500 | |
| 501 | def get_pending_ops(userdesc, perms, mlist): |
| 502 | """ Get the list of operation waiting for an action from the owners. |
| 503 | @mlist |
| 504 | @lock |
| 505 | @admin |
| 506 | """ |
| 507 | subs = [] |
| 508 | seen = [] |
| 509 | dosave = False |
| 510 | for id in mlist.GetSubscriptionIds(): |
| 511 | time, addr, fullname, passwd, digest, lang = mlist.GetRecord(id) |
| 512 | if addr in seen: |
| 513 | mlist.HandleRequest(id, mm_cfg.DISCARD) |
| 514 | dosave = True |
| 515 | continue |
| 516 | seen.append(addr) |
| 517 | try: |
| 518 | login = re.match("^[^.]*\.[^.]*\.\d\d\d\d$", addr.split('@')[0]).group() |
| 519 | subs.append({'id': id, 'name': quote(fullname), 'addr': addr, 'login': login }) |
| 520 | except: |
| 521 | subs.append({'id': id, 'name': quote(fullname), 'addr': addr }) |
| 522 | |
| 523 | helds = [] |
| 524 | for id in mlist.GetHeldMessageIds(): |
| 525 | ptime, sender, subject, reason, filename, msgdata = mlist.GetRecord(id) |
| 526 | fpath = os.path.join(mm_cfg.DATA_DIR, filename) |
| 527 | try: |
| 528 | size = os.path.getsize(fpath) |
| 529 | except OSError, e: |
| 530 | if e.errno <> errno.ENOENT: raise |
| 531 | continue |
| 532 | try: |
| 533 | msg = readMessage(fpath) |
| 534 | fromX = msg.has_key("X-Org-Mail") |
| 535 | except: |
| 536 | pass |
| 537 | helds.append({ |
| 538 | 'id' : id, |
| 539 | 'sender': quote(sender, True), |
| 540 | 'size' : size, |
| 541 | 'subj' : quote(subject, True), |
| 542 | 'stamp' : ptime, |
| 543 | 'fromx' : fromX |
| 544 | }) |
| 545 | if dosave: |
| 546 | mlist.Save() |
| 547 | return (subs, helds) |
| 548 | |
| 549 | def handle_request(userdesc, perms, mlist, id, value, comment): |
| 550 | """ Handle a moderation request. |
| 551 | @mlist |
| 552 | @edit |
| 553 | @admin |
| 554 | """ |
| 555 | mlist.HandleRequest(int(id), int(value), comment) |
| 556 | return 1 |
| 557 | |
| 558 | def get_pending_sub(userdesc, perms, mlist, id): |
| 559 | """ Get informations about a given subscription moderation. |
| 560 | @mlist |
| 561 | @lock |
| 562 | @admin |
| 563 | """ |
| 564 | sub = 0 |
| 565 | id = int(id) |
| 566 | if id in mlist.GetSubscriptionIds(): |
| 567 | time, addr, fullname, passwd, digest, lang = mlist.GetRecord(id) |
| 568 | try: |
| 569 | login = re.match("^[^.]*\.[^.]*\.\d\d\d\d$", addr.split('@')[0]).group() |
| 570 | sub = {'id': id, 'name': quote(fullname), 'addr': addr, 'login': login } |
| 571 | except: |
| 572 | sub = {'id': id, 'name': quote(fullname), 'addr': addr } |
| 573 | return sub |
| 574 | |
| 575 | def get_pending_mail(userdesc, perms, mlist, id, raw=0): |
| 576 | """ Get informations about a given mail moderation. |
| 577 | @mlist |
| 578 | @lock |
| 579 | @admin |
| 580 | """ |
| 581 | ptime, sender, subject, reason, filename, msgdata = mlist.GetRecord(int(id)) |
| 582 | fpath = os.path.join(mm_cfg.DATA_DIR, filename) |
| 583 | size = os.path.getsize(fpath) |
| 584 | msg = readMessage(fpath) |
| 585 | |
| 586 | if raw: |
| 587 | return quote(str(msg)) |
| 588 | results_plain = [] |
| 589 | results_html = [] |
| 590 | for part in typed_subpart_iterator(msg, 'text', 'plain'): |
| 591 | c = part.get_payload() |
| 592 | if c is not None: results_plain.append (c) |
| 593 | results_plain = map(lambda x: quote(x), results_plain) |
| 594 | for part in typed_subpart_iterator(msg, 'text', 'html'): |
| 595 | c = part.get_payload() |
| 596 | if c is not None: results_html.append (c) |
| 597 | results_html = map(lambda x: quote(x), results_html) |
| 598 | return {'id' : id, |
| 599 | 'sender': quote(sender, True), |
| 600 | 'size' : size, |
| 601 | 'subj' : quote(subject, True), |
| 602 | 'stamp' : ptime, |
| 603 | 'parts_plain' : results_plain, |
| 604 | 'parts_html': results_html } |
| 605 | |
| 606 | #------------------------------------------------------------------------------- |
| 607 | # owner options [ options.php ] |
| 608 | # |
| 609 | |
| 610 | owner_opts = ['accept_these_nonmembers', 'admin_notify_mchanges', 'description', \ |
| 611 | 'default_member_moderation', 'generic_nonmember_action', 'info', \ |
| 612 | 'subject_prefix', 'goodbye_msg', 'send_goodbye_msg', 'subscribe_policy', \ |
| 613 | 'welcome_msg'] |
| 614 | |
| 615 | def get_owner_options(userdesc, perms, mlist): |
| 616 | """ Get the owner options of a list. |
| 617 | @mlist |
| 618 | @admin |
| 619 | """ |
| 620 | return get_options(userdesc, perms, mlist, owner_opts) |
| 621 | |
| 622 | def set_owner_options(userdesc, perms, mlist, values): |
| 623 | """ Set the owner options of a list. |
| 624 | @mlist |
| 625 | @edit |
| 626 | @admin |
| 627 | """ |
| 628 | return set_options(userdesc, perms, mlist, owner_opts, values) |
| 629 | |
| 630 | def add_to_wl(userdesc, perms, mlist, addr): |
| 631 | """ Add addr to the whitelist |
| 632 | @mlist |
| 633 | @edit |
| 634 | @admin |
| 635 | """ |
| 636 | mlist.accept_these_nonmembers.append(addr) |
| 637 | return 1 |
| 638 | |
| 639 | def del_from_wl(userdesc, perms, mlist, addr): |
| 640 | """ Remove an address from the whitelist |
| 641 | @mlist |
| 642 | @edit |
| 643 | @admin |
| 644 | """ |
| 645 | mlist.accept_these_nonmembers.remove(addr) |
| 646 | return 1 |
| 647 | |
| 648 | def get_bogo_level(userdesc, perms, mlist): |
| 649 | """ Compute bogo level from the filtering rules set up on the list. |
| 650 | @mlist |
| 651 | @admin |
| 652 | """ |
| 653 | if len(mlist.header_filter_rules) == 0: |
| 654 | return 0 |
| 655 | |
| 656 | unsurelevel = 0 |
| 657 | filterlevel = 0 |
| 658 | filterbase = 0 |
| 659 | |
| 660 | # The first rule filters Unsure mails |
| 661 | if mlist.header_filter_rules[0][0] == 'X-Spam-Flag: Unsure, tests=bogofilter': |
| 662 | unsurelevel = 1 |
| 663 | filterbase = 1 |
| 664 | |
| 665 | # Check the other rules: |
| 666 | # - we have 2 rules: this is level 2 (drop > 0.999999, moderate Yes) |
| 667 | # - we have only one rule with HOLD directive : this is level 1 (moderate spams) |
| 668 | # - we have only one rule with DISCARD directive : this is level 3 (drop spams) |
| 669 | try: |
| 670 | action = mlist.header_filter_rules[filterbase + 1][1] |
| 671 | filterlevel = 2 |
| 672 | except: |
| 673 | action = mlist.header_filter_rules[filterbase][1] |
| 674 | if action == mm_cfg.HOLD: |
| 675 | filterlevel = 1 |
| 676 | elif action == mm_cfg.DISCARD: |
| 677 | filterlevel = 3 |
| 678 | return (filterlevel << 1) + unsurelevel |
| 679 | |
| 680 | def set_bogo_level(userdesc, perms, vhost, listname, level): |
| 681 | """ Set filter to the specified level. |
| 682 | @mlist |
| 683 | @edit |
| 684 | @admin |
| 685 | """ |
| 686 | hfr = [] |
| 687 | |
| 688 | # The level is a combination of a spam filtering level and unsure filtering level |
| 689 | # - the unsure filtering level is only 1 bit (1 = HOLD unsures, 0 = Accept unsures) |
| 690 | # - the spam filtering level is a number growing with filtering strength |
| 691 | # (0 = no filtering, 1 = moderate spam, 2 = drop 0.999999 and moderate others, 3 = drop spams) |
| 692 | bogolevel = int(level) |
| 693 | filterlevel = bogolevel >> 1 |
| 694 | unsurelevel = bogolevel & 1 |
| 695 | |
| 696 | # Set up unusre filtering |
| 697 | if unsurelevel == 1: |
| 698 | hfr.append(('X-Spam-Flag: Unsure, tests=bogofilter', mm_cfg.HOLD, False)) |
| 699 | |
| 700 | # Set up spam filtering |
| 701 | if filterlevel is 1: |
| 702 | hfr.append(('X-Spam-Flag: Yes, tests=bogofilter', mm_cfg.HOLD, False)) |
| 703 | elif filterlevel is 2: |
| 704 | hfr.append(('X-Spam-Flag: Yes, tests=bogofilter, spamicity=(0\.999999|1\.000000)', mm_cfg.DISCARD, False)) |
| 705 | hfr.append(('X-Spam-Flag: Yes, tests=bogofilter', mm_cfg.HOLD, False)) |
| 706 | elif filterlevel is 3: |
| 707 | hfr.append(('X-Spam-Flag: Yes, tests=bogofilter', mm_cfg.DISCARD, False)) |
| 708 | |
| 709 | # save configuration |
| 710 | if mlist.header_filter_rules != hfr: |
| 711 | mlist.header_filter_rules = hfr |
| 712 | return 1 |
| 713 | |
| 714 | #------------------------------------------------------------------------------- |
| 715 | # admin procedures [ soptions.php ] |
| 716 | # |
| 717 | |
| 718 | admin_opts = [ 'advertised', 'archive', \ |
| 719 | 'max_message_size', 'msg_footer', 'msg_header'] |
| 720 | |
| 721 | def get_admin_options(userdesc, perms, mlist): |
| 722 | """ Get administrator options. |
| 723 | @mlist |
| 724 | @root |
| 725 | """ |
| 726 | return get_options(userdesc, perms, mlist, admin_opts) |
| 727 | |
| 728 | def set_admin_options(userdesc, perms, mlist, values): |
| 729 | """ Set administrator options. |
| 730 | @mlist |
| 731 | @edit |
| 732 | @root |
| 733 | """ |
| 734 | return set_options(userdesc, perms, mlist, admin_opts, values) |
| 735 | |
| 736 | #------------------------------------------------------------------------------- |
| 737 | # admin procedures [ check.php ] |
| 738 | # |
| 739 | |
| 740 | check_opts = { |
| 741 | 'acceptable_aliases' : '', |
| 742 | 'admin_immed_notify' : True, |
| 743 | 'administrivia' : True, |
| 744 | 'anonymous_list' : False, |
| 745 | 'autorespond_admin' : False, |
| 746 | 'autorespond_postings' : False, |
| 747 | 'autorespond_requests' : False, |
| 748 | 'available_languages' : ['fr'], |
| 749 | 'ban_list' : [], |
| 750 | 'bounce_matching_headers' : '', |
| 751 | 'bounce_processing' : False, |
| 752 | 'convert_html_to_plaintext' : False, |
| 753 | 'digestable' : False, |
| 754 | 'digest_is_default' : False, |
| 755 | 'discard_these_nonmembers' : [], |
| 756 | 'emergency' : False, |
| 757 | 'encode_ascii_prefixes' : 2, |
| 758 | 'filter_content' : False, |
| 759 | 'first_strip_reply_to' : False, |
| 760 | 'forward_auto_discards' : True, |
| 761 | 'hold_these_nonmembers' : [], |
| 762 | 'host_name' : 'listes.polytechnique.org', |
| 763 | 'include_list_post_header' : False, |
| 764 | 'include_rfc2369_headers' : False, |
| 765 | 'max_num_recipients' : 0, |
| 766 | 'new_member_options' : 256, |
| 767 | 'nondigestable' : True, |
| 768 | 'obscure_addresses' : True, |
| 769 | 'preferred_language' : 'fr', |
| 770 | 'reject_these_nonmembers' : [], |
| 771 | 'reply_goes_to_list' : 0, |
| 772 | 'reply_to_address' : '', |
| 773 | 'require_explicit_destination' : False, |
| 774 | 'send_reminders' : 0, |
| 775 | 'send_welcome_msg' : True, |
| 776 | 'topics_enabled' : False, |
| 777 | 'umbrella_list' : False, |
| 778 | 'unsubscribe_policy' : 0, |
| 779 | } |
| 780 | |
| 781 | def check_options_runner(userdesc, perms, mlist, listname, correct): |
| 782 | options = { } |
| 783 | for (k, v) in check_opts.iteritems(): |
| 784 | if mlist.__dict__[k] != v: |
| 785 | options[k] = v, mlist.__dict__[k] |
| 786 | if correct: mlist.__dict__[k] = v |
| 787 | if mlist.real_name.lower() != listname: |
| 788 | options['real_name'] = listname, mlist.real_name |
| 789 | if correct: mlist.real_name = listname |
| 790 | return 1 |
| 791 | |
| 792 | |
| 793 | def check_options(userdesc, perms, vhost, listname, correct=False): |
| 794 | """ Check the list. |
| 795 | @root |
| 796 | """ |
| 797 | listname = listname.lower() |
| 798 | mlist = MailList.MailList(vhost + VHOST_SEP + listname, lock=0) |
| 799 | if correct: |
| 800 | return list_call_locked(check_options_runner, userdesc, perms, mlist, True, listname, True) |
| 801 | else: |
| 802 | return check_options_runner(userdesc, perms, mlist, listname, False) |
| 803 | |
| 804 | #------------------------------------------------------------------------------- |
| 805 | # super-admin procedures |
| 806 | # |
| 807 | |
| 808 | def get_all_lists(userdesc, perms, vhost): |
| 809 | """ Get all the list for the given vhost |
| 810 | """ |
| 811 | prefix = vhost.lower()+VHOST_SEP |
| 812 | names = Utils.list_names() |
| 813 | names.sort() |
| 814 | result = [] |
| 815 | for name in names: |
| 816 | if not name.startswith(prefix): |
| 817 | continue |
| 818 | result.append(name.replace(prefix, '')) |
| 819 | return result |
| 820 | |
| 821 | def create_list(userdesc, perms, vhost, listname, desc, advertise, modlevel, inslevel, owners, members): |
| 822 | """ Create a new list. |
| 823 | @root |
| 824 | """ |
| 825 | name = vhost.lower() + VHOST_SEP + listname.lower(); |
| 826 | if Utils.list_exists(name): |
| 827 | return 0 |
| 828 | |
| 829 | owner = [] |
| 830 | for o in owners: |
| 831 | email = to_forlife(o)[0] |
| 832 | if email is not None: |
| 833 | owner.append(email) |
| 834 | if len(owner) is 0: |
| 835 | return 0 |
| 836 | |
| 837 | mlist = MailList.MailList() |
| 838 | try: |
| 839 | oldmask = os.umask(002) |
| 840 | pw = sha.new('foobar').hexdigest() |
| 841 | |
| 842 | try: |
| 843 | mlist.Create(name, owner[0], pw) |
| 844 | finally: |
| 845 | os.umask(oldmask) |
| 846 | |
| 847 | mlist.real_name = listname |
| 848 | mlist.host_name = 'listes.polytechnique.org' |
| 849 | mlist.description = desc |
| 850 | |
| 851 | mlist.advertised = int(advertise) is 0 |
| 852 | mlist.default_member_moderation = int(modlevel) is 2 |
| 853 | mlist.generic_nonmember_action = int(modlevel) > 0 |
| 854 | mlist.subscribe_policy = 2 * (int(inslevel) is 1) |
| 855 | mlist.admin_notify_mchanges = (mlist.subscribe_policy or mlist.generic_nonmember_action or mlist.default_member_moderation or not mlist.advertised) |
| 856 | |
| 857 | mlist.owner = owner |
| 858 | |
| 859 | mlist.subject_prefix = '['+listname+'] ' |
| 860 | mlist.max_message_size = 0 |
| 861 | |
| 862 | inverted_listname = listname.lower() + '_' + vhost.lower() |
| 863 | mlist.msg_footer = "_______________________________________________\n" \ |
| 864 | + "Liste de diffusion %(real_name)s\n" \ |
| 865 | + "http://listes.polytechnique.org/members/" + inverted_listname |
| 866 | |
| 867 | mlist.header_filter_rules = [] |
| 868 | mlist.header_filter_rules.append(('X-Spam-Flag: Unsure, tests=bogofilter', mm_cfg.HOLD, False)) |
| 869 | mlist.header_filter_rules.append(('X-Spam-Flag: Yes, tests=bogofilter', mm_cfg.HOLD, False)) |
| 870 | |
| 871 | if ON_CREATE_CMD != '': |
| 872 | try: os.system(ON_CREATE_CMD + ' ' + name) |
| 873 | except: pass |
| 874 | |
| 875 | check_options_runner(userdesc, perms, mlist, listname.lower(), True) |
| 876 | mass_subscribe(userdesc, perms, mlist, members) |
| 877 | mlist.Save() |
| 878 | finally: |
| 879 | mlist.Unlock() |
| 880 | |
| 881 | # avoid the "-1 mail to moderate" bug |
| 882 | mlist = MailList.MailList(name) |
| 883 | mlist._UpdateRecords() |
| 884 | mlist.Save() |
| 885 | return 1 |
| 886 | |
| 887 | def delete_list(userdesc, perms, mlist, del_archives=0): |
| 888 | """ Delete the list. |
| 889 | @mlist |
| 890 | @admin |
| 891 | """ |
| 892 | lname = mlist.internal_name() |
| 893 | # remove the list |
| 894 | REMOVABLES = [ os.path.join('lists', lname), ] |
| 895 | # remove stalled locks |
| 896 | for filename in os.listdir(mm_cfg.LOCK_DIR): |
| 897 | fn_lname = filename.split('.')[0] |
| 898 | if fn_lname == lname: |
| 899 | REMOVABLES.append(os.path.join(mm_cfg.LOCK_DIR, filename)) |
| 900 | # remove archives ? |
| 901 | if del_archives: |
| 902 | REMOVABLES.extend([ |
| 903 | os.path.join('archives', 'private', lname), |
| 904 | os.path.join('archives', 'private', lname+'.mbox'), |
| 905 | os.path.join('archives', 'public', lname), |
| 906 | os.path.join('archives', 'public', lname+'.mbox') |
| 907 | ]) |
| 908 | map(lambda dir: remove_it(lname, os.path.join(mm_cfg.VAR_PREFIX, dir)), REMOVABLES) |
| 909 | return 1 |
| 910 | |
| 911 | def kill(userdesc, perms, vhost, alias, del_from_promo): |
| 912 | """ Remove a user from all the lists. |
| 913 | """ |
| 914 | exclude = [] |
| 915 | if not del_from_promo: |
| 916 | exclude.append(PLATAL_DOMAIN + VHOST_SEP + 'promo' + alias[-4:]) |
| 917 | for list in Utils.list_names(): |
| 918 | if list in exclude: |
| 919 | continue |
| 920 | try: |
| 921 | mlist = MailList.MailList(list, lock=0) |
| 922 | except: |
| 923 | continue |
| 924 | try: |
| 925 | mlist.Lock() |
| 926 | mlist.ApprovedDeleteMember(alias+'@'+PLATAL_DOMAIN, None, 0, 0) |
| 927 | mlist.Save() |
| 928 | mlist.Unlock() |
| 929 | except: |
| 930 | mlist.Unlock() |
| 931 | return 1 |
| 932 | |
| 933 | |
| 934 | #------------------------------------------------------------------------------- |
| 935 | # server |
| 936 | # |
| 937 | class FastXMLRPCServer(SocketServer.ThreadingMixIn, SimpleXMLRPCServer): |
| 938 | allow_reuse_address = True |
| 939 | |
| 940 | ################################################################################ |
| 941 | # |
| 942 | # INIT |
| 943 | # |
| 944 | #------------------------------------------------------------------------------- |
| 945 | # use Mailman user and group (not root) |
| 946 | # fork in background if asked to |
| 947 | # |
| 948 | |
| 949 | uid = getpwnam(mm_cfg.MAILMAN_USER)[2] |
| 950 | gid = getgrnam(mm_cfg.MAILMAN_GROUP)[2] |
| 951 | |
| 952 | if not os.getuid(): |
| 953 | os.setregid(gid, gid) |
| 954 | os.setreuid(uid, uid) |
| 955 | |
| 956 | signal.signal(signal.SIGHUP, signal.SIG_IGN) |
| 957 | |
| 958 | if ( os.getuid() is not uid ) or ( os.getgid() is not gid): |
| 959 | sys.exit(0) |
| 960 | |
| 961 | opts, args = getopt.getopt(sys.argv[1:], 'f') |
| 962 | for o, a in opts: |
| 963 | if o == '-f' and os.fork(): |
| 964 | sys.exit(0) |
| 965 | |
| 966 | i18n.set_language('fr') |
| 967 | mysql = connectDB() |
| 968 | lock = Lock() |
| 969 | |
| 970 | #------------------------------------------------------------------------------- |
| 971 | # server |
| 972 | # |
| 973 | server = FastXMLRPCServer((SRV_HOST, SRV_PORT), BasicAuthXMLRPCRequestHandler) |
| 974 | |
| 975 | # index.php |
| 976 | server.register_function(get_lists) |
| 977 | server.register_function(subscribe) |
| 978 | server.register_function(unsubscribe) |
| 979 | # members.php |
| 980 | server.register_function(get_members) |
| 981 | # trombi.php |
| 982 | server.register_function(get_members_limit) |
| 983 | server.register_function(get_owners) |
| 984 | # admin.php |
| 985 | server.register_function(replace_email) |
| 986 | server.register_function(mass_subscribe) |
| 987 | server.register_function(mass_unsubscribe) |
| 988 | server.register_function(add_owner) |
| 989 | server.register_function(del_owner) |
| 990 | # moderate.php |
| 991 | server.register_function(get_pending_ops) |
| 992 | server.register_function(handle_request) |
| 993 | server.register_function(get_pending_sub) |
| 994 | server.register_function(get_pending_mail) |
| 995 | # options.php |
| 996 | server.register_function(get_owner_options) |
| 997 | server.register_function(set_owner_options) |
| 998 | server.register_function(add_to_wl) |
| 999 | server.register_function(del_from_wl) |
| 1000 | server.register_function(get_bogo_level) |
| 1001 | server.register_function(set_bogo_level) |
| 1002 | # soptions.php |
| 1003 | server.register_function(get_admin_options) |
| 1004 | server.register_function(set_admin_options) |
| 1005 | # check.php |
| 1006 | server.register_function(check_options) |
| 1007 | # create + del |
| 1008 | server.register_function(get_all_lists) |
| 1009 | server.register_function(create_list) |
| 1010 | server.register_function(delete_list) |
| 1011 | # utilisateurs.php |
| 1012 | server.register_function(kill) |
| 1013 | |
| 1014 | server.serve_forever() |
| 1015 | |
| 1016 | # vim:set et sw=4 sts=4 sws=4: |