From dc1ad86bb4a65d46b373f2772a0e7f5740543b48 Mon Sep 17 00:00:00 2001 From: x2000habouzit Date: Thu, 9 Sep 2004 09:25:51 +0000 Subject: [PATCH] put the mysql user/pass into MM config now we instanciate the mysql connection only one time, and we keep using it list_names is now perms-safe so do members, and (un)subscribe subscription should have drawbacks atm for lists with a non free subscription policy one thought : there is no way to distinguish admin mailing lists in mailman. I guess the simplest way is that the owner of those lists has to be root@poly.org or some config thing added todolist --- scripts/mailman/mailman-rpc.py | 103 ++++++++++++++++++++++++++++------------- scripts/mailman/mman | 23 +++++++++ 2 files changed, 93 insertions(+), 33 deletions(-) create mode 100644 scripts/mailman/mman diff --git a/scripts/mailman/mailman-rpc.py b/scripts/mailman/mailman-rpc.py index 6615f4c..7bbc898 100755 --- a/scripts/mailman/mailman-rpc.py +++ b/scripts/mailman/mailman-rpc.py @@ -18,7 +18,7 @@ #* Foundation, Inc., * #* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * #*************************************************************************** -# $Id: mailman-rpc.py,v 1.6 2004-09-08 19:00:49 x2000palatin Exp $ +# $Id: mailman-rpc.py,v 1.7 2004-09-09 09:25:51 x2000habouzit Exp $ #*************************************************************************** import base64, MySQLdb @@ -48,6 +48,9 @@ class BasicAuthXMLRPCRequestHandler(SimpleXMLRPCRequestHandler): This request handler is used to provide BASIC HTTP user authentication. It first overloads the do_POST() function, authenticates the user, then calls the super.do_POST(). + + Moreover, we override _dispatch, so that we call functions with as first + argument a UserDesc taken from the database, containing name, email and perms """ def _dispatch(self,method,params): @@ -73,33 +76,14 @@ class BasicAuthXMLRPCRequestHandler(SimpleXMLRPCRequestHandler): self.send_response(401) self.end_headers() - def connectDB(self): - try: - connection=MySQLdb.connect( - passwd='***************', - db='x4dat', - user='***', - host='localhost') - connection.ping() - self.mysql = connection.cursor() - except: - selc.mysql = None - def getUserDesc(self, uid, md5): - try: - if self.mysql is None: - pass - except: - self.connectDB() - if self.mysql is None: - return None - self.mysql.execute ("""SELECT u.prenom,u.nom,a.alias,u.perms - FROM auth_user_md5 AS u - INNER JOIN aliases AS a ON a.id=u.user_id - WHERE u.user_id = '%s' AND u.password = '%s' - LIMIT 1""" %( uid, md5 )) - if int(self.mysql.rowcount) is 1: - user = self.mysql.fetchone() + mysql.execute ("""SELECT u.prenom,u.nom,a.alias,u.perms + FROM auth_user_md5 AS u + INNER JOIN aliases AS a ON a.id=u.user_id + WHERE u.user_id = '%s' AND u.password = '%s' + LIMIT 1""" %( uid, md5 ) ) + if int(mysql.rowcount) is 1: + user = mysql.fetchone() userdesc = UserDesc() userdesc.fullname = user[0]+' '+user[1] userdesc.address = user[2]+'@polytechnique.org' @@ -113,17 +97,55 @@ class BasicAuthXMLRPCRequestHandler(SimpleXMLRPCRequestHandler): # Procedures # -def lists_names(user): +def connectDB(): + try: + db = MySQLdb.connect( + db='x4dat', + user=mm_cfg.MYSQL_USER, + passwd=mm_cfg.MYSQL_PASS, + unix_socket='/var/run/mysqld/mysqld.sock') + db.ping() + return db.cursor() + except: + return None + +def lists_names(userdesc): names = Utils.list_names() names.sort() - return names + result = [] + for name in names: + try: + mlist = MailList.MailList(name, lock=0) + except Errors.MMListError: + continue + is_member = False + is_owner = False + for member in mlist.getRegularMemberKeys(): + if userdesc.address == member: + is_member = True + break + for owner in mlist.owner: + if userdesc.address == owner: + is_owner = True + break + if ( mlist.advertised ) or ( userdesc.perms == 'admin' ) or is_member or is_owner: + result.append( (name,mlist.advertised,is_member,is_owner) ) + return result def members(userdesc,listname): try: mlist = MailList.MailList(listname, lock=False) except Errors.MMListError, e: return None - return mlist.getRegularMemberKeys() + members = mlist.getRegularMemberKeys() + if ( userdesc.perms == 'admin' ) or ( mlist.advertised ): + return (members,mlist.owners) + for member in members: + if member == userdesc.address: + return (members,mlist.owners) + for member in mlist.owner: + if member == userdesc.address: + return (members,mlist.owners) def subscribe(userdesc,listname): try: @@ -131,15 +153,28 @@ def subscribe(userdesc,listname): except Errors.MMListError, e: return 0 try: - mlist.ApprovedAddMember(userdesc) - mlist.Save() + approved = ( mlist.subscribe_policy in (0,1) ) or ( userdesc.perms == 'admin' ) + if approved is False : + for owner in mlist.owner: + if owner == userdesc.address: + approved = True + break + if approved: + result = 2 + mlist.ApprovedAddMember(userdesc) + mlist.Save() + else: + result = 1 + mlist.AddMember(userdesc,'xml-rpc iface') except Exception, e: mlist.Unlock() return 0 mlist.Unlock() - return 1 + return result def unsubscribe(userdesc,listname): + # here : no rights to verify, because if we can delete us ... + # it's that we are in there, else we delete nobody, so no harm try: mlist = MailList.MailList(listname, lock=True) except Errors.MMListError, e: @@ -157,6 +192,7 @@ def unsubscribe(userdesc,listname): # server # +mysql = connectDB() server = SimpleXMLRPCServer(("localhost", 4949), BasicAuthXMLRPCRequestHandler) server.register_function(lists_names) server.register_function(members) @@ -165,3 +201,4 @@ server.register_function(unsubscribe) #server.register_introspection_functions() server.serve_forever() +# vim:set et: diff --git a/scripts/mailman/mman b/scripts/mailman/mman new file mode 100644 index 0000000..3774360 --- /dev/null +++ b/scripts/mailman/mman @@ -0,0 +1,23 @@ + - possibilité de les lister les listes, avec : +[X] o listes publiques listes publiques (tout le monde peut les lister) +[X] o listes privées (on ne peut les lister que si on y appartient) +[ ] o listes admin (on ne peut les lister que si on est admin) + + - pour le gestionnaire, possibilité de : +[ ] o ajouter un utilisateur +[ ] o supprimer un utilisateur +[ ] o ajouter/supprimer un autre gestionnaire +[ ] o ajouter supprimer un moderateur +[ ] o possibilité de changer le message de bienvenue sur la liste +[ ] o possiblité de modérer des messages via _notre_ interface + + - pour les modérateurs +[ ] o possiblité de modérer des messages via _notre_ interface + + - les inscrits lamdas : +[X] o possibilité de s'inscrire tout seul si la ML est en inscription libre +[X] o possibilité de se desinscrire tt seul pour toutes les ML +[-] o possibilité de faire une demande d'inscription pour les listes publiques mais non libres d'inscription +[X] o possiblité de lister les membres d'une ML publique (inscrit ou pas inscrit) ou dont on fait partie +[X] o possiblité d'afficher le nom du proprio de la liste (mmes choses que ligne précédente) +[ ] o possibilité d'activer l'option digest -- 2.1.4