X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=modules%2Fxnetlists.php;h=036452ed3ba32de0878ef6816eb4fb042c866928;hb=b032b01b8919b36ec66f8a0395132953d8c01cf2;hp=4241e5a1ff0855098e2c36b659c591bb42a5d115;hpb=a3a049fc80d3707bcc76903ab89f73974c470c0c;p=platal.git diff --git a/modules/xnetlists.php b/modules/xnetlists.php index 4241e5a..036452e 100644 --- a/modules/xnetlists.php +++ b/modules/xnetlists.php @@ -1,6 +1,6 @@ $this->make_hook('lists', AUTH_MDP), - 'grp/lists/create' => $this->make_hook('create', AUTH_MDP), + '%grp/lists' => $this->make_hook('lists', AUTH_MDP, 'groupmember'), + '%grp/lists/create' => $this->make_hook('create', AUTH_MDP, 'groupmember'), - 'grp/lists/members' => $this->make_hook('members', AUTH_COOKIE), - 'grp/lists/archives' => $this->make_hook('archives', AUTH_COOKIE), + '%grp/lists/members' => $this->make_hook('members', AUTH_COOKIE), + '%grp/lists/csv' => $this->make_hook('csv', AUTH_COOKIE), + '%grp/lists/annu' => $this->make_hook('annu', AUTH_COOKIE), + '%grp/lists/archives' => $this->make_hook('archives', AUTH_COOKIE), + '%grp/lists/archives/rss' => $this->make_hook('rss', AUTH_PUBLIC), - 'grp/lists/moderate' => $this->make_hook('moderate', AUTH_MDP), - 'grp/lists/admin' => $this->make_hook('admin', AUTH_MDP), - 'grp/lists/options' => $this->make_hook('options', AUTH_MDP), - 'grp/lists/delete' => $this->make_hook('delete', AUTH_MDP), + '%grp/lists/moderate' => $this->make_hook('moderate', AUTH_MDP), + '%grp/lists/admin' => $this->make_hook('admin', AUTH_MDP), + '%grp/lists/options' => $this->make_hook('options', AUTH_MDP), + '%grp/lists/delete' => $this->make_hook('delete', AUTH_MDP), - 'grp/lists/soptions' => $this->make_hook('soptions', AUTH_MDP), - 'grp/lists/check' => $this->make_hook('check', AUTH_MDP), - 'grp/lists/sync' => $this->make_hook('sync', AUTH_MDP), + '%grp/lists/soptions' => $this->make_hook('soptions', AUTH_MDP), + '%grp/lists/check' => $this->make_hook('check', AUTH_MDP), + '%grp/lists/sync' => $this->make_hook('sync', AUTH_MDP), - 'grp/alias/admin' => $this->make_hook('aadmin', AUTH_MDP), - 'grp/alias/create' => $this->make_hook('acreate', AUTH_MDP), + '%grp/alias/admin' => $this->make_hook('aadmin', AUTH_MDP, 'groupadmin'), + '%grp/alias/create' => $this->make_hook('acreate', AUTH_MDP, 'groupadmin'), /* hack: lists uses that */ - 'profile' => $this->make_hook('profile', AUTH_PUBLIC), + 'profile' => $this->make_hook('profile', AUTH_PUBLIC), ); } function prepare_client(&$page) { global $globals; + Platal::load('lists', 'lists.inc.php'); - require_once 'lists.inc.php'; + $this->client = new MMList(S::v('uid'), S::v('password'), + $globals->asso('mail_domain')); - $this->client =& lists_xmlrpc(Session::getInt('uid'), - Session::get('password'), - $globals->asso('mail_domain')); - - $page->useMenu(); $page->assign('asso', $globals->asso()); $page->setType($globals->asso('cat')); + + return $globals->asso('mail_domain'); } function handler_lists(&$page) { global $globals; + if (!$globals->asso('mail_domain')) { + return PL_NOT_FOUND; + } $this->prepare_client($page); - $page->changeTpl('xnetlists/index.tpl'); if (Get::has('del')) { - $this->client->unsubscribe(Get::get('del')); - redirect('lists'); + S::assert_xsrf_token(); + $this->client->unsubscribe(Get::v('del')); + pl_redirect('lists'); } if (Get::has('add')) { - $this->client->subscribe(Get::get('add')); - redirect('lists'); + S::assert_xsrf_token(); + $this->client->subscribe(Get::v('add')); + pl_redirect('lists'); } if (Post::has('del_alias') && may_update()) { - $alias = Post::get('del_alias'); + S::assert_xsrf_token(); + + $alias = Post::v('del_alias'); // prevent group admin from erasing aliases from other groups $alias = substr($alias, 0, strpos($alias, '@')).'@'.$globals->asso('mail_domain'); XDB::query( - 'DELETE FROM x4dat.virtual_redirect, x4dat.virtual + 'DELETE FROM r, v USING x4dat.virtual AS v - LEFT JOIN x4dat.virtual_redirect USING(vid) + LEFT JOIN x4dat.virtual_redirect AS r USING(vid) WHERE v.alias={?}', $alias); - $page->trig(Post::get('del_alias')." supprimé !"); + $page->trigSuccess(Post::v('del_alias')." supprimé !"); } $listes = $this->client->get_lists(); - $page->assign('listes',$listes); + $page->assign('listes', $listes); $alias = XDB::iterator( 'SELECT alias,type @@ -107,118 +115,128 @@ class XnetListsModule extends ListsModule $page->assign('alias', $alias); $page->assign('may_update', may_update()); + + if (count($listes) > 0 && !$globals->asso('has_ml')) { + XDB::execute("UPDATE groupex.asso + SET flags = CONCAT_WS(',', IF(flags = '', NULL, flags), 'has_ml') + WHERE id = {?}", + $globals->asso('id')); + } } function handler_create(&$page) { global $globals; + if (!$globals->asso('mail_domain')) { + return PL_NOT_FOUND; + } $this->prepare_client($page); - $page->changeTpl('xnetlists/create.tpl'); - $page->assign('force_list_super', may_update()); if (!Post::has('submit')) { return; + } else { + S::assert_xsrf_token(); } if (!Post::has('liste')) { - $page->trig_run('champs «addresse souhaitée» vide'); + $page->trigError('champs «adresse souhaitée» vide'); + return; } - $liste = Post::get('liste'); + $liste = strtolower(Post::v('liste')); if (!preg_match("/^[a-zA-Z0-9\-]*$/", $liste)) { - $page->trig_run('le nom de la liste ne doit contenir que des lettres, chiffres et tirets'); + $page->trigError('le nom de la liste ne doit contenir que des lettres non accentuées, chiffres et tirets'); + return; } $new = $liste.'@'.$globals->asso('mail_domain'); - $res = XDB::query('SELECT COUNT(*) FROM x4dat.virtual WHERE alias={?}', $new); - $n = $res->fetchOneCell(); + $res = XDB::query('SELECT alias FROM x4dat.virtual WHERE alias={?}', $new); - if($n) { - $page->trig_run('cet alias est déjà pris'); + if ($res->numRows()) { + $page->trigError('cet alias est déjà pris'); + return; } - if(!Post::get('desc')) { - $page->trig_run('le sujet est vide'); + if (!Post::v('desc')) { + $page->trigError('le sujet est vide'); + return; } - require_once('platal/xmlrpc-client.inc.php'); - require_once('lists.inc.php'); $ret = $this->client->create_list( - $liste, Post::get('desc'), Post::get('advertise'), - Post::get('modlevel'), Post::get('inslevel'), - array(Session::get('forlife')), array()); + $liste, utf8_decode(Post::v('desc')), Post::v('advertise'), + Post::v('modlevel'), Post::v('inslevel'), + array(S::user()->forlifeEmail()), array(S::user()->forlifeEmail())); $dom = strtolower($globals->asso("mail_domain")); $red = $dom.'_'.$liste; if (!$ret) { - $page->kill("Un problème est survenu, contacter " + $page->kill("Un problème est survenu, contacter " ."support@m4x.org"); return; } - XDB::execute('INSERT INTO x4dat.virtual (alias,type) - VALUES({?},{?})', $liste.'@'.$dom, 'list'); - XDB::execute('INSERT INTO x4dat.virtual_redirect (vid,redirect) - VALUES ({?}, {?})', mysql_insert_id(), - "$red+post@listes.polytechnique.org"); - XDB::execute('INSERT INTO x4dat.virtual (alias,type) - VALUES({?},{?})', $liste.'-owner@'.$dom, 'list'); - XDB::execute('INSERT INTO x4dat.virtual_redirect (vid,redirect) - VALUES ({?}, {?})', mysql_insert_id(), - "$red+owner@listes.polytechnique.org"); - XDB::execute('INSERT INTO x4dat.virtual (alias,type) - VALUES({?},{?})', $liste.'-admin@'.$dom, 'list'); - XDB::execute('INSERT INTO x4dat.virtual_redirect (vid,redirect) - VALUES ({?}, {?})', mysql_insert_id(), - "$red+admin@listes.polytechnique.org"); - XDB::execute('INSERT INTO x4dat.virtual (alias,type) - VALUES({?},{?})', $liste.'-bounces@'.$dom, 'list'); - XDB::execute('INSERT INTO x4dat.virtual_redirect (vid,redirect) - VALUES ({?}, {?})', mysql_insert_id(), - "$red+bounces@listes.polytechnique.org"); - - global $platal; - redirect(smarty_function_rel().'/'.$platal->ns.'lists/admin/'.$liste); + foreach (array('', 'owner', 'admin', 'bounces', 'unsubscribe') as $app) { + $mdir = $app == '' ? '+post' : '+' . $app; + if (!empty($app)) { + $app = '-' . $app; + } + XDB::execute('INSERT INTO x4dat.virtual (alias,type) + VALUES({?},{?})', $liste. $app . '@'.$dom, 'list'); + XDB::execute('INSERT INTO x4dat.virtual_redirect (vid,redirect) + VALUES ({?}, {?})', XDB::insertId(), + $red . $mdir . '@listes.polytechnique.org'); + } + + XDB::execute("UPDATE groupex.asso + SET flags = CONCAT_WS(',', IF(flags = '', NULL, flags), 'has_ml') + WHERE id = {?}", + $globals->asso('id')); + + pl_redirect('lists/admin/'.$liste); } function handler_sync(&$page, $liste = null) { global $globals; + if (!$globals->asso('mail_domain')) { + return PL_NOT_FOUND; + } $this->prepare_client($page); - $page->changeTpl('xnetlists/sync.tpl'); if (Env::has('add')) { - $this->client->mass_subscribe($liste, array_keys(Env::getMixed('add'))); + S::assert_xsrf_token(); + $this->client->mass_subscribe($liste, array_keys(Env::v('add'))); } list(,$members) = $this->client->get_members($liste); $mails = array_map(create_function('$arr', 'return $arr[1];'), $members); - $subscribers = array_unique(array_merge($subscribers, $mails)); + $subscribers = array_unique($mails); $not_in_group_x = array(); $not_in_group_ext = array(); $ann = XDB::iterator( - "SELECT IF(m.origine='X',IF(u.nom_usage<>'', u.nom_usage, u.nom) ,m.nom) AS nom, - IF(m.origine='X',u.prenom,m.prenom) AS prenom, - IF(m.origine='X',u.promo,'extérieur') AS promo, - IF(m.origine='X',CONCAT(a.alias, '@polytechnique.org'),m.email) AS email, - IF(m.origine='X',FIND_IN_SET('femme', u.flags),0) AS femme, + "SELECT if (m.origine='X',if (u.nom_usage<>'', u.nom_usage, u.nom) ,m.nom) AS nom, + if (m.origine='X',u.prenom,m.prenom) AS prenom, + if (m.origine='X',u.promo,'extérieur') AS promo, + if (m.origine='X',CONCAT(a.alias, '@{$globals->mail->domain}'),m.email) AS email, + if (m.origine='X',FIND_IN_SET('femme', u.flags),0) AS femme, m.perms='admin' AS admin, m.origine='X' AS x FROM groupex.membres AS m LEFT JOIN auth_user_md5 AS u ON ( u.user_id = m.uid ) LEFT JOIN aliases AS a ON ( a.id = m.uid AND a.type='a_vie' ) - WHERE m.asso_id = {?}", $globals->asso('id')); + WHERE m.asso_id = {?} + ORDER BY promo, nom, prenom", $globals->asso('id')); $not_in_list = array(); while ($tmp = $ann->next()) { - if (!in_array($tmp['email'], $subscribers)) { + if (!in_array(strtolower($tmp['email']), $subscribers)) { $not_in_list[] = $tmp; } } @@ -228,21 +246,24 @@ class XnetListsModule extends ListsModule function handler_aadmin(&$page, $lfull = null) { - if (is_null($lfull)) { + global $globals; + + if (!$globals->asso('mail_domain') || is_null($lfull)) { return PL_NOT_FOUND; } - - new_groupadmin_page('xnet/groupe/alias-admin.tpl'); + $page->changeTpl('xnetlists/alias-admin.tpl'); if (Env::has('add_member')) { - $add = Env::get('add_member'); + S::assert_xsrf_token(); + + $add = Env::v('add_member'); if (strstr($add, '@')) { list($mbox,$dom) = explode('@', strtolower($add)); } else { $mbox = $add; $dom = 'm4x.org'; } - if($dom == 'polytechnique.org' || $dom == 'm4x.org') { + if ($dom == 'polytechnique.org' || $dom == 'm4x.org') { $res = XDB::query( "SELECT a.alias, b.alias FROM x4dat.aliases AS a @@ -255,9 +276,9 @@ class XnetListsModule extends ListsModule SELECT vid, {?} FROM x4dat.virtual WHERE alias={?}", "$alias@m4x.org", $lfull); - $page->trig("$alias@m4x.org ajouté"); + $page->trigSuccess("$alias@m4x.org ajouté"); } else { - $page->trig("$mbox@polytechnique.org n'existe pas."); + $page->trigError("$mbox@{$globals->mail->domain} n'existe pas."); } } else { XDB::query( @@ -265,25 +286,37 @@ class XnetListsModule extends ListsModule SELECT vid,{?} FROM x4dat.virtual WHERE alias={?}", "$mbox@$dom", $lfull); - $page->trig("$mbox@$dom ajouté"); + $page->trigSuccess("$mbox@$dom ajouté"); } } if (Env::has('del_member')) { + S::assert_xsrf_token(); XDB::query( "DELETE FROM x4dat.virtual_redirect USING x4dat.virtual_redirect INNER JOIN x4dat.virtual USING(vid) - WHERE redirect={?} AND alias={?}", Env::get('del_member'), $lfull); - redirect("?liste=$lfull"); + WHERE redirect={?} AND alias={?}", Env::v('del_member'), $lfull); + pl_redirect('alias/admin/'.$lfull); } - $res = XDB::iterator( - "SELECT redirect - FROM x4dat.virtual_redirect AS vr - INNER JOIN x4dat.virtual AS v USING(vid) - WHERE v.alias={?} - ORDER BY redirect", $lfull); + global $globals; + $res = XDB::iterator("SELECT IF(r.login IS NULL, m.nom, IF(u.nom_usage != '', u.nom_usage, u.nom)) AS nom, + IF(r.login IS NULL, m.prenom, u.prenom) AS prenom, + IF(r.login IS NULL, 'extérieur', u.promo) AS promo, + m.perms = 'admin' AS admin, r.redirect, r.login AS alias + FROM (SELECT redirect AS redirect, + IF(SUBSTRING_INDEX(redirect, '@', -1) IN ({?}, {?}), + SUBSTRING_INDEX(redirect, '@', 1), NULL) AS login + FROM x4dat.virtual_redirect AS vr + INNER JOIN x4dat.virtual AS v USING(vid) + WHERE v.alias = {?} + ORDER BY redirect) AS r + LEFT JOIN aliases AS a ON (r.login IS NOT NULL AND r.login = a.alias) + LEFT JOIN auth_user_md5 AS u ON (u.user_id = a.id) + LEFT JOIN groupex.membres AS m ON (m.asso_id = {?} AND IF(r.login IS NULL, m.email = r.redirect, m.uid = u.user_id))", + $globals->mail->domain, $globals->mail->domain2, + $lfull, $globals->asso('id')); $page->assign('mem', $res); } @@ -291,41 +324,46 @@ class XnetListsModule extends ListsModule { global $globals; - new_groupadmin_page('xnet/groupe/alias-create.tpl'); + if (!$globals->asso('mail_domain')) { + return PL_NOT_FOUND; + } + $page->changeTpl('xnetlists/alias-create.tpl'); if (!Post::has('submit')) { return; + } else { + S::assert_xsrf_token(); } if (!Post::has('liste')) { - $page->trig('champs «addresse souhaitée» vide'); + $page->trigError('champs «adresse souhaitée» vide'); return; } - $liste = Post::get('liste'); + $liste = Post::v('liste'); if (!preg_match("/^[a-zA-Z0-9\-\.]*$/", $liste)) { - $page->trig('le nom de l\'alias ne doit contenir que des lettres,' - .' chiffres, tirets et points'); + $page->trigError('le nom de l\'alias ne doit contenir que des lettres,' + .' chiffres, tirets et points'); return; } $new = $liste.'@'.$globals->asso('mail_domain'); $res = XDB::query('SELECT COUNT(*) FROM x4dat.virtual WHERE alias={?}', $new); $n = $res->fetchOneCell(); - if($n) { - $page->trig('cet alias est déjà pris'); + if ($n) { + $page->trigError('cet alias est déjà pris'); return; } XDB::query('INSERT INTO x4dat.virtual (alias,type) VALUES({?}, "user")', $new); - global $platal; - redirect(smarty_function_rel()."/{$platal->ns}alias/admin/$new"); + pl_redirect("alias/admin/$new"); } function handler_profile(&$page, $user = null) { - redirect('https://www.polytechnique.org/profile/'.$user); + http_redirect('https://www.polytechnique.org/profile/'.$user); } } +// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: ?>