diff options
author | Mark Sapiro <mark@msapiro.net> | 2021-11-12 15:23:52 -0800 |
---|---|---|
committer | Mark Sapiro <mark@msapiro.net> | 2021-11-12 15:23:52 -0800 |
commit | 9741161c4d404a1364c701813b77f81779d7f6a5 (patch) | |
tree | ca043396260744cafcb218d92b858e1d7f0dc9c2 /Mailman | |
parent | d9e523199b4203dfeddfe2d8b03524ccf9fdf4a3 (diff) | |
download | mailman2-9741161c4d404a1364c701813b77f81779d7f6a5.tar.gz mailman2-9741161c4d404a1364c701813b77f81779d7f6a5.tar.xz mailman2-9741161c4d404a1364c701813b77f81779d7f6a5.zip |
Fix admindb for list with no mod password.
Diffstat (limited to 'Mailman')
-rw-r--r-- | Mailman/CSRFcheck.py | 2 | ||||
-rw-r--r-- | Mailman/Cgi/admindb.py | 3 |
2 files changed, 3 insertions, 2 deletions
diff --git a/Mailman/CSRFcheck.py b/Mailman/CSRFcheck.py index 24e3e11b..4505f9d4 100644 --- a/Mailman/CSRFcheck.py +++ b/Mailman/CSRFcheck.py @@ -45,7 +45,7 @@ def csrf_token(mlist, contexts, user=None): for context in contexts: key, secret = mlist.AuthContextInfo(context, user) - if key: + if key and secret: break else: return None # not authenticated diff --git a/Mailman/Cgi/admindb.py b/Mailman/Cgi/admindb.py index 32b0be76..45ba6492 100644 --- a/Mailman/Cgi/admindb.py +++ b/Mailman/Cgi/admindb.py @@ -59,7 +59,8 @@ if mm_cfg.DISPLAY_HELD_SUMMARY_SORT_BUTTONS in (SSENDERTIME, STIME): else: ssort = SSENDER -AUTH_CONTEXTS = ((mm_cfg.AuthListModerator,)) +AUTH_CONTEXTS = (mm_cfg.AuthListModerator, mm_cfg.AuthListAdmin, + mm_cfg.AuthSiteAdmin) |