1
# Copyright (C) 1998,1999,2000,2001,2002 by the Free Software Foundation, Inc.
3
# This program is free software; you can redistribute it and/or
4
# modify it under the terms of the GNU General Public License
5
# as published by the Free Software Foundation; either version 2
6
# of the License, or (at your option) any later version.
8
# This program is distributed in the hope that it will be useful,
9
# but WITHOUT ANY WARRANTY; without even the implied warranty of
10
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11
# GNU General Public License for more details.
13
# You should have received a copy of the GNU General Public License
14
# along with this program; if not, write to the Free Software
15
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
17
"""Produce subscriber roster, using listinfo form data, roster.html template.
19
Takes listname in PATH_INFO.
23
# We don't need to lock in this script, because we're never going to change
31
from Mailman import mm_cfg
32
from Mailman import Utils
33
from Mailman import MailList
34
from Mailman import Errors
35
from Mailman import i18n
36
from Mailman.htmlformat import *
37
from Mailman.Logging.Syslog import syslog
41
i18n.set_language(mm_cfg.DEFAULT_SERVER_LANGUAGE)
46
parts = Utils.GetPathPieces()
48
error_page(_('Invalid options to CGI script'))
51
listname = parts[0].lower()
53
mlist = MailList.MailList(listname, lock=0)
54
except Errors.MMListError, e:
55
# Avoid cross-site scripting attacks
56
safelistname = Utils.websafe(listname)
57
error_page(_('No such list <em>%(safelistname)s</em>'))
58
syslog('error', 'roster: no such list "%s": %s', listname, e)
61
cgidata = cgi.FieldStorage()
63
# messages in form should go in selected language (if any...)
64
if cgidata.has_key('language'):
65
lang = cgidata['language'].value
67
lang = mlist.preferred_language
69
i18n.set_language(lang)
71
# Perform authentication for protected rosters. If the roster isn't
72
# protected, then anybody can see the pages. If members-only or
73
# "admin"-only, then we try to cookie authenticate the user, and failing
74
# that, we check roster-email and roster-pw fields for a valid password.
75
# (also allowed: the list moderator, the list admin, and the site admin).
76
if mlist.private_roster == 0:
79
elif mlist.private_roster == 1:
81
addr = cgidata.getvalue('roster-email', '')
82
password = cgidata.getvalue('roster-pw', '')
83
ok = mlist.WebAuthenticate((mm_cfg.AuthUser,
84
mm_cfg.AuthListModerator,
86
mm_cfg.AuthSiteAdmin),
89
# Admin only, so we can ignore the address field
90
password = cgidata.getvalue('roster-pw', '')
91
ok = mlist.WebAuthenticate((mm_cfg.AuthListModerator,
93
mm_cfg.AuthSiteAdmin),
96
realname = mlist.real_name
98
doc.set_language(lang)
99
error_page_doc(doc, _('%(realname)s roster authentication failed.'))
100
doc.AddItem(mlist.GetMailmanFooter())
104
# The document and its language
105
doc = HeadlessDocument()
106
doc.set_language(lang)
108
replacements = mlist.GetAllReplacements(lang)
109
replacements['<mm-displang-box>'] = mlist.FormatButton(
111
text = _('View this page in'))
112
replacements['<mm-lang-form-start>'] = mlist.FormatFormStart('roster')
113
doc.AddItem(mlist.ParseTags('roster.html', replacements, lang))
118
def error_page(errmsg):
120
doc.set_language(mm_cfg.DEFAULT_SERVER_LANGUAGE)
121
error_page_doc(doc, errmsg)
125
def error_page_doc(doc, errmsg, *args):
126
# Produce a simple error-message page on stdout and exit.
127
doc.SetTitle(_("Error"))
128
doc.AddItem(Header(2, _("Error")))
129
doc.AddItem(Bold(errmsg % args))
added
removed
Mailman/Cgi/roster.py
