1
# Copyright (C) 1998,1999,2000,2001,2002 by the Free Software Foundation, Inc.
1
# Copyright (C) 1998-2005 by the Free Software Foundation, Inc.
3
3
# This program is free software; you can redistribute it and/or
4
4
# modify it under the terms of the GNU General Public License
5
5
# as published by the Free Software Foundation; either version 2
6
6
# of the License, or (at your option) any later version.
8
8
# This program is distributed in the hope that it will be useful,
9
9
# but WITHOUT ANY WARRANTY; without even the implied warranty of
10
10
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11
11
# GNU General Public License for more details.
13
13
# You should have received a copy of the GNU General Public License
14
# along with this program; if not, write to the Free Software
15
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
14
# along with this program; if not, write to the Free Software
15
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
17
18
"""Determine whether the message is approved for delivery.
20
21
determines whether the message is definitively approved or definitively
21
22
denied. Situations that could hold a message for approval or confirmation are
22
23
not tested by this module.
26
28
from email.Iterators import typed_subpart_iterator
28
30
from Mailman import mm_cfg
29
31
from Mailman import Errors
50
59
if passwd is missing:
51
60
# Find the first text/plain part in the message
53
63
for part in typed_subpart_iterator(msg, 'text', 'plain'):
65
# XXX I'm not entirely sure why, but it is possible for the payload of
66
# the part to be None, and you can't splitlines() on None.
67
if part is not None and part.get_payload() is not None:
56
68
lines = part.get_payload().splitlines()
58
70
for lineno, line in zip(range(len(lines)), lines):
67
79
# Now strip the first line from the payload so the
68
80
# password doesn't leak.
70
part.set_payload(NL.join(lines[1:]))
82
part.set_payload(NL.join(lines))
85
# MAS: Bug 1181161 - Now try all the text parts in case it's
86
# multipart/alternative with the approved line in HTML or other
87
# text part. We make a pattern from the Approved line and delete
88
# it from all text/* parts in which we find it. It would be
89
# better to just iterate forward, but email compatability for pre
90
# Python 2.2 returns a list, not a true iterator.
92
# This will process all the multipart/alternative parts in the
93
# message as well as all other text parts. We shouldn't find the
94
# pattern outside the mp/a parts, but if we do, it is probably
95
# best to delete it anyway as it does contain the password.
97
# Make a pattern to delete. We can't just delete a line because
98
# line of HTML or other fancy text may include additional message
99
# text. This pattern works with HTML. It may not work with rtf
100
# or whatever else is possible.
101
pattern = name + ':(\s| )*' + re.escape(passwd)
102
for part in typed_subpart_iterator(msg, 'text'):
103
if part is not None and part.get_payload() is not None:
104
# Should we decode the payload?
105
lines = part.get_payload()
106
if re.search(pattern, lines):
107
part.set_payload(re.sub(pattern, '', lines))
71
108
if passwd is not missing and mlist.Authenticate((mm_cfg.AuthListModerator,
72
109
mm_cfg.AuthListAdmin),