diff options
| author | bwarsaw <> | 2004-02-17 19:18:06 +0000 |
|---|---|---|
| committer | bwarsaw <> | 2004-02-17 19:18:06 +0000 |
| commit | 648fc8b948eeca744e76b33b519687cc638cd96a (patch) | |
| tree | c55a485702956c9e17e6e7faa9d80d01ab6fbe0f /Mailman | |
| parent | 6e2c96f1163657bc886499035b57e694995605ed (diff) | |
| download | mailman2-648fc8b948eeca744e76b33b519687cc638cd96a.tar.gz mailman2-648fc8b948eeca744e76b33b519687cc638cd96a.tar.xz mailman2-648fc8b948eeca744e76b33b519687cc638cd96a.zip | |
main(): It's possible that if you're logged in as the list admin, you can get
to the end of the function trying to present the options page for a
non-existant user, causing a traceback. At the last second, do one more
isMember() check and return the loginpage if the address isn't a member of the
list.
Diffstat (limited to 'Mailman')
| -rw-r--r-- | Mailman/Cgi/options.py | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/Mailman/Cgi/options.py b/Mailman/Cgi/options.py index b8a589d6..447dc38c 100644 --- a/Mailman/Cgi/options.py +++ b/Mailman/Cgi/options.py @@ -1,4 +1,4 @@ -# Copyright (C) 1998-2003 by the Free Software Foundation, Inc. +# Copyright (C) 1998-2004 by the Free Software Foundation, Inc. # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -219,7 +219,6 @@ def main(): # Authenticate, possibly using the password supplied in the login page password = cgidata.getvalue('password', '').strip() - if not mlist.WebAuthenticate((mm_cfg.AuthUser, mm_cfg.AuthListAdmin, mm_cfg.AuthSiteAdmin), @@ -629,7 +628,10 @@ address. Upon confirmation, any other mailing list containing the address print doc.Format() return - options_page(mlist, doc, user, cpuser, userlang) + if mlist.isMember(user): + options_page(mlist, doc, user, cpuser, userlang) + else: + loginpage(mlist, doc, user, userlang) print doc.Format() |