projects / platal.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 404ab6e)
do not use tuples where not needed
authorx2000habouzit <x2000habouzit>
Wed, 10 Nov 2004 11:06:25 +0000 (11:06 +0000)
committerx2000habouzit <x2000habouzit>
Wed, 10 Nov 2004 11:06:25 +0000 (11:06 +0000)
+ don't be smart with the vhost detection ... if the users POSTS on the bad place, then 401-him. that's all

scripts/mailman/mailman-rpc.py patch | blob | blame | history

diff --git a/scripts/mailman/mailman-rpc.py b/scripts/mailman/mailman-rpc.py
index abffc75..c24ca66 100755 (executable)
--- a/scripts/mailman/mailman-rpc.py
+++ b/scripts/mailman/mailman-rpc.py
@@ -18,7 +18,7 @@
 #*  Foundation, Inc.,                                                      *
 #*  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA                *
 #***************************************************************************
-#   $Id: mailman-rpc.py,v 1.74 2004-11-10 10:59:10 x2000habouzit Exp $
+#   $Id: mailman-rpc.py,v 1.75 2004-11-10 11:06:25 x2000habouzit Exp $
 #***************************************************************************
 
 import base64, MySQLdb, os, getopt, sys, MySQLdb.converters, sha, signal
@@ -67,17 +67,15 @@ class BasicAuthXMLRPCRequestHandler(SimpleXMLRPCRequestHandler):
         # TODO: subclass in SimpleXMLRPCDispatcher and not here.
         new_params = list(params)
         new_params.insert(0,self.data[2])
-        new_params.insert(0,self.data[0:2])
+        new_params.insert(0,self.data[1])
+        new_params.insert(0,self.data[0])
         return self.server._dispatch(method,new_params)
 
     def do_POST(self):
         try:
             _, auth   = self.headers["authorization"].split()
             uid, md5  = base64.decodestring(auth).strip().split(':')
-            try:
-                vhost = self.path.split('/')[1].lower()
-            except:
-                vhost = 'polytechnique.org'
+            vhost     = self.path.split('/')[1].lower()
             self.data = self.getUser(uid,md5,vhost)
             if self.data is None:
                 raise AuthFailed
@@ -159,7 +157,7 @@ def to_forlife(email):
 # helpers on lists
 #
 
-def get_list_info((userdesc,perms),mlist,front_page=0):
+def get_list_info(userdesc,perms,mlist,front_page=0):
     members    = mlist.getRegularMemberKeys()
     is_member  = userdesc.address in members
     is_admin   = mm_cfg.ADMIN_ML_OWNER in mlist.owner
@@ -194,7 +192,7 @@ def get_list_info((userdesc,perms),mlist,front_page=0):
         return (details,members)
     return 0
 
-def get_options((userdesc,perms),vhost,listname,opts):
+def get_options(userdesc,perms,vhost,listname,opts):
     try:
         mlist = MailList.MailList(vhost+'-'+listname,lock=0)
     except:
@@ -208,12 +206,12 @@ def get_options((userdesc,perms),vhost,listname,opts):
                 if type(v) is str:
                     options[k] = quote(v)
                 else: options[k] = v
-        details = get_list_info((userdesc,perms),mlist)[0]
+        details = get_list_info(userdesc,perms,mlist)[0]
         return (details,options)
     except:
         return 0
 
-def set_options((userdesc,perms),vhost,listname,opts,vals):
+def set_options(userdesc,perms,vhost,listname,opts,vals):
     try:
         mlist = MailList.MailList(vhost+'-'+listname,lock=0)
     except:
@@ -244,7 +242,7 @@ def set_options((userdesc,perms),vhost,listname,opts,vals):
 # users procedures for [ index.php ]
 #
 
-def get_lists((userdesc,perms),vhost):
+def get_lists(userdesc,perms,vhost):
     prefix = vhost.lower()+'-'
     names = Utils.list_names()
     names.sort()
@@ -257,13 +255,13 @@ def get_lists((userdesc,perms),vhost):
         except:
             continue
         try:
-            details = get_list_info((userdesc,perms),mlist,1)[0]
+            details = get_list_info(userdesc,perms,mlist,1)[0]
             result.append(details)
         except:
             continue
     return result
 
-def subscribe((userdesc,perms),vhost,listname):
+def subscribe(userdesc,perms,vhost,listname):
     try:
         mlist = MailList.MailList(vhost+'-'+listname,lock=0)
     except:
@@ -285,7 +283,7 @@ def subscribe((userdesc,perms),vhost,listname):
     mlist.Unlock()
     return result
 
-def unsubscribe((userdesc,perms),vhost,listname):
+def unsubscribe(userdesc,perms,vhost,listname):
     try:
         mlist = MailList.MailList(vhost+'-'+listname,lock=0)
     except:
@@ -304,13 +302,13 @@ def unsubscribe((userdesc,perms),vhost,listname):
 # users procedures for [ index.php ]
 #
 
-def get_members((userdesc,perms),vhost,listname):
+def get_members(userdesc,perms,vhost,listname):
     try:
         mlist = MailList.MailList(vhost+'-'+listname,lock=0)
     except:
         return 0
     try:
-        details,members = get_list_info((userdesc,perms),mlist)
+        details,members = get_list_info(userdesc,perms,mlist)
         members.sort()
         members = map(lambda member: (quote(mlist.getMemberName(member)) or '', member), members)
         return (details,members,mlist.owner)
@@ -321,17 +319,17 @@ def get_members((userdesc,perms),vhost,listname):
 # users procedures for [ trombi.php ]
 #
 
-def get_members_limit((userdesc,perms),vhost,listname,page,nb_per_page):
+def get_members_limit(userdesc,perms,vhost,listname,page,nb_per_page):
     try:
-        members = get_members((userdesc,perms),vhost,listname)[1]
+        members = get_members(userdesc,perms,vhost,listname)[1]
     except:
         return 0
     i = int(page) * int(nb_per_page)
     return (len(members), members[i:i+int(nb_per_page)])
 
-def get_owners((userdesc,perms),vhost,listname):
+def get_owners(userdesc,perms,vhost,listname):
     try:
-        details,members,owners = get_members((userdesc,perms),vhost,listname)
+        details,members,owners = get_members(userdesc,perms,vhost,listname)
     except:
         return 0
     return (details,owners)
@@ -340,7 +338,7 @@ def get_owners((userdesc,perms),vhost,listname):
 # owners procedures [ admin.php ]
 #
 
-def mass_subscribe((userdesc,perms),vhost,listname,users):
+def mass_subscribe(userdesc,perms,vhost,listname,users):
     try:
         mlist = MailList.MailList(vhost+'-'+listname,lock=0)
     except:
@@ -365,7 +363,7 @@ def mass_subscribe((userdesc,perms),vhost,listname,users):
     mlist.Unlock()
     return added
 
-def mass_unsubscribe((userdesc,perms),vhost,listname,users):
+def mass_unsubscribe(userdesc,perms,vhost,listname,users):
     try:
         mlist = MailList.MailList(vhost+'-'+listname,lock=0)
     except:
@@ -382,7 +380,7 @@ def mass_unsubscribe((userdesc,perms),vhost,listname,users):
     mlist.Unlock()
     return users
 
-def add_owner((userdesc,perms),vhost,listname,user):
+def add_owner(userdesc,perms,vhost,listname,user):
     try:
         mlist = MailList.MailList(vhost+'-'+listname,lock=0)
     except:
@@ -402,7 +400,7 @@ def add_owner((userdesc,perms),vhost,listname,user):
     mlist.Unlock()
     return True
 
-def del_owner((userdesc,perms),vhost,listname,user):
+def del_owner(userdesc,perms,vhost,listname,user):
     try:
         mlist = MailList.MailList(vhost+'-'+listname,lock=0)
     except:
@@ -424,7 +422,7 @@ def del_owner((userdesc,perms),vhost,listname,user):
 # owners procedures [ admin.php ]
 #
 
-def get_pending_ops((userdesc,perms),vhost,listname):
+def get_pending_ops(userdesc,perms,vhost,listname):
     try:
         mlist = MailList.MailList(vhost+'-'+listname,lock=0)
     except:
@@ -470,7 +468,7 @@ def get_pending_ops((userdesc,perms),vhost,listname):
     return (subs,helds)
 
 
-def handle_request((userdesc,perms),vhost,listname,id,value,comment):
+def handle_request(userdesc,perms,vhost,listname,id,value,comment):
     try:
         mlist = MailList.MailList(vhost+'-'+listname,lock=0)
     except:
@@ -488,7 +486,7 @@ def handle_request((userdesc,perms),vhost,listname,id,value,comment):
         return 0
 
 
-def get_pending_mail((userdesc,perms),vhost,listname,id,raw=0):
+def get_pending_mail(userdesc,perms,vhost,listname,id,raw=0):
     try:
         mlist = MailList.MailList(vhost+'-'+listname,lock=0)
     except:
@@ -528,13 +526,13 @@ owner_opts = ['accept_these_nonmembers', 'admin_notify_mchanges', 'description',
         'info', 'subject_prefix', 'goodbye_msg', 'send_goodbye_msg', \
         'subscribe_policy', 'welcome_msg']
 
-def get_owner_options((userdesc,perms),vhost,listname):
-    return get_options((userdesc,perms),vhost,listname,owner_opts)
+def get_owner_options(userdesc,perms,vhost,listname):
+    return get_options(userdesc,perms,vhost,listname,owner_opts)
 
-def set_owner_options((userdesc,perms),vhost,listname,values):
-    return set_options((userdesc,perms),vhost,listname,owner_opts,values)
+def set_owner_options(userdesc,perms,vhost,listname,values):
+    return set_options(userdesc,perms,vhost,listname,owner_opts,values)
 
-def add_to_wl((userdesc,perms),vhost,listname,addr):
+def add_to_wl(userdesc,perms,vhost,listname,addr):
     try:
         mlist = MailList.MailList(vhost+'-'+listname,lock=0)
     except:
@@ -551,7 +549,7 @@ def add_to_wl((userdesc,perms),vhost,listname,addr):
         mlist.Unlock()
         return 0
 
-def del_from_wl((userdesc,perms),vhost,listname,addr):
+def del_from_wl(userdesc,perms,vhost,listname,addr):
     try:
         mlist = MailList.MailList(vhost+'-'+listname,lock=0)
     except:
@@ -568,7 +566,7 @@ def del_from_wl((userdesc,perms),vhost,listname,addr):
         mlist.Unlock()
         return 0
 
-def get_bogo_level((userdesc,perms),vhost,listname):
+def get_bogo_level(userdesc,perms,vhost,listname):
     try:
         mlist = MailList.MailList(vhost+'-'+listname,lock=0)
     except:
@@ -586,7 +584,7 @@ def get_bogo_level((userdesc,perms),vhost,listname):
     except:
         return 0
 
-def set_bogo_level((userdesc,perms),vhost,listname,level):
+def set_bogo_level(userdesc,perms,vhost,listname,level):
     try:
         mlist = MailList.MailList(vhost+'-'+listname,lock=0)
     except:
@@ -616,15 +614,15 @@ def set_bogo_level((userdesc,perms),vhost,listname,level):
 admin_opts = [ 'advertised', 'archive', 'default_member_moderation', \
         'generic_nonmember_action', 'max_message_size', 'msg_footer', 'msg_header']
 
-def get_admin_options((userdesc,perms),vhost,listname):
+def get_admin_options(userdesc,perms,vhost,listname):
     if perms != 'admin':
         return 0
-    return get_options((userdesc,perms),vhost,listname,admin_opts)
+    return get_options(userdesc,perms,vhost,listname,admin_opts)
 
-def set_admin_options((userdesc,perms),vhost,listname,values):
+def set_admin_options(userdesc,perms,vhost,listname,values):
     if perms != 'admin':
         return 0
-    return set_options((userdesc,perms),vhost,listname,admin_opts,values)
+    return set_options(userdesc,perms,vhost,listname,admin_opts,values)
 
 #-------------------------------------------------------------------------------
 # admin procedures [ check.php ]
@@ -671,7 +669,7 @@ check_opts = {
     'unsubscribe_policy'            : 0,
 }
 
-def check_options((userdesc,perms),vhost,listname,correct=False):
+def check_options(userdesc,perms,vhost,listname,correct=False):
     try:
         mlist = MailList.MailList(vhost+'-'+listname,lock=0)
     except:
@@ -694,7 +692,7 @@ def check_options((userdesc,perms),vhost,listname,correct=False):
         if correct:
             mlist.Save()
             mlist.Unlock()
-        details = get_list_info((userdesc,perms),mlist)[0]
+        details = get_list_info(userdesc,perms,mlist)[0]
         return (details,options)
     except:
         if correct: mlist.Unlock()
@@ -704,7 +702,7 @@ def check_options((userdesc,perms),vhost,listname,correct=False):
 # admin procedures [ soptions.php ]
 #
 
-def get_all_lists((userdesc,perms),vhost):
+def get_all_lists(userdesc,perms,vhost):
     prefix = vhost.lower()+'-'
     names = Utils.list_names()
     names.sort()
@@ -715,7 +713,7 @@ def get_all_lists((userdesc,perms),vhost):
         result.append(name.replace(prefix,''))
     return result
 
-def create_list((userdesc,perms),vhost,listname,desc,advertise,modlevel,inslevel,owners,members):
+def create_list(userdesc,perms,vhost,listname,desc,advertise,modlevel,inslevel,owners,members):
     if perms != 'admin':
         return 0
     name = vhost.lower()+'-'+listname.lower();
@@ -764,8 +762,8 @@ def create_list((userdesc,perms),vhost,listname,desc,advertise,modlevel,inslevel
 
         mlist.Unlock()
 
-        check_options((userdesc,perms),vhost,listname.lower(),True)
-        mass_subscribe((userdesc,perms),vhost,listname.lower(),members)
+        check_options(userdesc,perms,vhost,listname.lower(),True)
+        mass_subscribe(userdesc,perms,vhost,listname.lower(),members)
 
         # avoid the "-1 mail to moderate" bug
         mlist = MailList.MailList(name)
plat/al