← Back to branch summary

~futatuki/mailman/2.1-listinfo-overview-client-lang

« back to all changes in this revision

Viewing changes to Mailman/Cgi/admindb.py

  • Committer: Yasuhito FUTATSUKI at POEM
  • Date: 2017-06-06 10:34:51 UTC
  • mfrom: (1654.3.35 2.1)
  • Revision ID: futatuki@poem.co.jp-20170606103451-nmhlvj5u86s9maxw
Merge lp:mailman/2.1 up to rev 1713

Show diffs side-by-side

added added

removed removed

Lines of Context:
Mailman/Cgi/admindb.py
1
 
# Copyright (C) 1998-2016 by the Free Software Foundation, Inc.
 
1
# Copyright (C) 1998-2017 by the Free Software Foundation, Inc.
2
2
#
3
3
# This program is free software; you can redistribute it and/or
4
4
# modify it under the terms of the GNU General Public License
127
127
    # Make sure the user is authorized to see this page.
128
128
    cgidata = cgi.FieldStorage(keep_blank_values=1)
129
129
    try:
130
 
        cgidata.getvalue('adminpw', '')
 
130
        cgidata.getfirst('adminpw', '')
131
131
    except TypeError:
132
132
        # Someone crafted a POST with a bad Content-Type:.
133
133
        doc = Document()
143
143
    safe_params = ['adminpw', 'admlogin', 'msgid', 'sender', 'details']
144
144
    params = cgidata.keys()
145
145
    if set(params) - set(safe_params):
146
 
        csrf_checked = csrf_check(mlist, cgidata.getvalue('csrf_token'))
 
146
        csrf_checked = csrf_check(mlist, cgidata.getfirst('csrf_token'))
147
147
    else:
148
148
        csrf_checked = True
149
149
    # if password is present, void cookie to force password authentication.
150
 
    if cgidata.getvalue('adminpw'):
 
150
    if cgidata.getfirst('adminpw'):
151
151
        os.environ['HTTP_COOKIE'] = ''
152
152
        csrf_checked = True
153
153
 
154
154
    if not mlist.WebAuthenticate((mm_cfg.AuthListAdmin,
155
155
                                  mm_cfg.AuthListModerator,
156
156
                                  mm_cfg.AuthSiteAdmin),
157
 
                                 cgidata.getvalue('adminpw', '')):
 
157
                                 cgidata.getfirst('adminpw', '')):
158
158
        if cgidata.has_key('adminpw'):
159
159
            # This is a re-authorization attempt
160
160
            msg = Bold(FontSize('+1', _('Authorization failed.'))).Format()
805
805
                action = k[:len(prefix)-1]
806
806
                qsender = k[len(prefix):]
807
807
                sender = unquote_plus(qsender)
808
 
                value = cgidata.getvalue(k)
 
808
                value = cgidata.getfirst(k)
809
809
                senderactions.setdefault(sender, {})[action] = value
810
810
                for id in cgidata.getlist(qsender):
811
811
                    senderactions[sender].setdefault('message_ids',
812
812
                                                     []).append(int(id))
813
813
    # discard-all-defers
814
814
    try:
815
 
        discardalldefersp = cgidata.getvalue('discardalldefersp', 0)
 
815
        discardalldefersp = cgidata.getfirst('discardalldefersp', 0)
816
816
    except ValueError:
817
817
        discardalldefersp = 0
818
818
    # Get the summary sequence
819
 
    ssort = int(cgidata.getvalue('summary_sort', SSENDER))
 
819
    ssort = int(cgidata.getfirst('summary_sort', SSENDER))
820
820
    for sender in senderactions.keys():
821
821
        actions = senderactions[sender]
822
822
        # Handle what to do about all this sender's held messages
935
935
            forwardaddr = cgidata[forwardaddrkey].value
936
936
        # Should we ban this address?  Do this check before handling the
937
937
        # request id because that will evict the record.
938
 
        if cgidata.getvalue(bankey):
 
938
        if cgidata.getfirst(bankey):
939
939
            sender = mlist.GetRecord(request_id)[1]
940
940
            if sender not in mlist.ban_list:
941
941
                # We don't need to validate the sender.  An invalid address