diff options
author | Mark Sapiro <msapiro@value.net> | 2011-04-23 17:49:15 -0700 |
---|---|---|
committer | Mark Sapiro <msapiro@value.net> | 2011-04-23 17:49:15 -0700 |
commit | d994cc918097ea2ce791657ff8d6b8aef8b583f4 (patch) | |
tree | c7cb650bc918da70b09271208714b51a4df07f07 /Mailman/Cgi | |
parent | e532415815f54361928b8f364e9211d9fcf5ade0 (diff) | |
download | mailman2-d994cc918097ea2ce791657ff8d6b8aef8b583f4.tar.gz mailman2-d994cc918097ea2ce791657ff8d6b8aef8b583f4.tar.xz mailman2-d994cc918097ea2ce791657ff8d6b8aef8b583f4.zip |
Added a logout link to the admindb interface and made both admin and
admindb logout effective for a site admin cookie if allowed.
Bug #769318.
Diffstat (limited to 'Mailman/Cgi')
-rw-r--r-- | Mailman/Cgi/admin.py | 3 | ||||
-rw-r--r-- | Mailman/Cgi/admindb.py | 27 |
2 files changed, 27 insertions, 3 deletions
diff --git a/Mailman/Cgi/admin.py b/Mailman/Cgi/admin.py index b4455cbc..22ebe16a 100644 --- a/Mailman/Cgi/admin.py +++ b/Mailman/Cgi/admin.py @@ -107,6 +107,9 @@ def main(): # Is this a log-out request? if category == 'logout': + # site-wide admin should also be able to logout. + if mlist.AuthContextInfo(mm_cfg.AuthSiteAdmin)[0] == 'site': + print mlist.ZapCookie(mm_cfg.AuthSiteAdmin) print mlist.ZapCookie(mm_cfg.AuthListAdmin) Auth.loginpage(mlist, 'admin', frontpage=1) return diff --git a/Mailman/Cgi/admindb.py b/Mailman/Cgi/admindb.py index 6e3d343f..4513e8e3 100644 --- a/Mailman/Cgi/admindb.py +++ b/Mailman/Cgi/admindb.py @@ -1,4 +1,4 @@ -# Copyright (C) 1998-2010 by the Free Software Foundation, Inc. +# Copyright (C) 1998-2011 by the Free Software Foundation, Inc. # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -112,6 +112,19 @@ def main(): Auth.loginpage(mlist, 'admindb', msg=msg) return + # Add logout function. Note that admindb may be accessed with + # site-wide admin, moderator and list admin privileges. + # site admin may have site or admin cookie. (or both?) + # See if this is a logout request + if len(parts) >= 2 and parts[1] == 'logout': + if mlist.AuthContextInfo(mm_cfg.AuthSiteAdmin)[0] == 'site': + print mlist.ZapCookie(mm_cfg.AuthSiteAdmin) + if mlist.AuthContextInfo(mm_cfg.AuthListModerator)[0]: + print mlist.ZapCookie(mm_cfg.AuthListModerator) + print mlist.ZapCookie(mm_cfg.AuthListAdmin) + Auth.loginpage(mlist, 'admindb', frontpage=1) + return + # Set up the results document doc = Document() doc.set_language(mlist.preferred_language) @@ -167,20 +180,24 @@ def main(): process_form(mlist, doc, cgidata) # Now print the results and we're done. Short circuit for when there # are no pending requests, but be sure to save the results! + admindburl = mlist.GetScriptURL('admindb', absolute=1) if not mlist.NumRequestsPending(): title = _('%(realname)s Administrative Database') doc.SetTitle(title) doc.AddItem(Header(2, title)) doc.AddItem(_('There are no pending requests.')) doc.AddItem(' ') - doc.AddItem(Link(mlist.GetScriptURL('admindb', absolute=1), + doc.AddItem(Link(admindburl, _('Click here to reload this page.'))) + # Put 'Logout' link before the footer + doc.AddItem(Link('%s/logout' % admindburl, + '<div align="right"><font size="+2"><b>%s</b></font></div>' % + _('Logout'))) doc.AddItem(mlist.GetMailmanFooter()) print doc.Format() mlist.Save() return - admindburl = mlist.GetScriptURL('admindb', absolute=1) form = Form(admindburl) # Add the instructions template if details == 'instructions': @@ -249,6 +266,10 @@ def main(): _('Discard all messages marked <em>Defer</em>') )) form.AddItem(Center(SubmitButton('submit', _('Submit All Data')))) + # Put 'Logout' link before the footer + doc.AddItem(Link('%s/logout' % admindburl, + '<div align="right"><font size="+2"><b>%s</b></font></div>' % + _('Logout'))) doc.AddItem(mlist.GetMailmanFooter()) print doc.Format() # Commit all changes |