diff options
author | Mark Sapiro <mark@msapiro.net> | 2008-04-14 10:45:27 -0700 |
---|---|---|
committer | Mark Sapiro <mark@msapiro.net> | 2008-04-14 10:45:27 -0700 |
commit | bb4873af815ee6fa4b544162ad8e52c6395b79d0 (patch) | |
tree | 2414f362a6d97ad93fc53a8a16e2ba26a7733bf1 | |
parent | bd24691c148b28080a56a9e6556b214d4adbe77d (diff) | |
download | mailman2-bb4873af815ee6fa4b544162ad8e52c6395b79d0.tar.gz mailman2-bb4873af815ee6fa4b544162ad8e52c6395b79d0.tar.xz mailman2-bb4873af815ee6fa4b544162ad8e52c6395b79d0.zip |
options.py - Made the ability for a list admin to change a members password
conditional on mm_cfg.OWNERS_CAN_CHANGE_MEMBER_PASSWORDS.
Defaults.py.in - Added OWNERS_CAN_CHANGE_MEMBER_PASSWORDS = No.
Diffstat (limited to '')
-rw-r--r-- | Mailman/Cgi/options.py | 8 | ||||
-rw-r--r-- | Mailman/Defaults.py.in | 8 |
2 files changed, 15 insertions, 1 deletions
diff --git a/Mailman/Cgi/options.py b/Mailman/Cgi/options.py index 67700028..3c736483 100644 --- a/Mailman/Cgi/options.py +++ b/Mailman/Cgi/options.py @@ -421,6 +421,14 @@ address. Upon confirmation, any other mailing list containing the address return if cgidata.has_key('changepw'): + # Is this list admin and is list admin allowed to change passwords. + if not (is_user_or_siteadmin + or mm_cfg.OWNERS_CAN_CHANGE_MEMBER_PASSWORDS): + doc.addError(_("""The list administrator may not change the + password for a user.""")) + options_page(mlist, doc, user, cpuser, userlang) + print doc.Format() + return newpw = cgidata.getvalue('newpw') confirmpw = cgidata.getvalue('confpw') if not newpw or not confirmpw: diff --git a/Mailman/Defaults.py.in b/Mailman/Defaults.py.in index 0bedbc6e..8f8c64f0 100644 --- a/Mailman/Defaults.py.in +++ b/Mailman/Defaults.py.in @@ -1,6 +1,6 @@ # -*- python -*- -# Copyright (C) 1998-2007 by the Free Software Foundation, Inc. +# Copyright (C) 1998-2008 by the Free Software Foundation, Inc. # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -785,6 +785,12 @@ OWNERS_CAN_DELETE_THEIR_OWN_LISTS = No # but can have a heavy impact on the performance of your system. OWNERS_CAN_ENABLE_PERSONALIZATION = No +# Set this variable to Yes to allow list owners to change a member's password +# from the member's options page. Do not do this if list owners aren't all +# trustworthy as it allows a list owner to change a member's password and then +# log in as the member and make global changes. +OWNERS_CAN_CHANGE_MEMBER_PASSWORDS = No + # Should held messages be saved on disk as Python pickles or as plain text? # The former is more efficient since we don't need to go through the # parse/generate roundtrip each time, but the latter might be preferred if you |