From d994cc918097ea2ce791657ff8d6b8aef8b583f4 Mon Sep 17 00:00:00 2001 From: Mark Sapiro Date: Sat, 23 Apr 2011 17:49:15 -0700 Subject: Added a logout link to the admindb interface and made both admin and admindb logout effective for a site admin cookie if allowed. Bug #769318. --- Mailman/Cgi/admin.py | 3 +++ Mailman/Cgi/admindb.py | 27 ++++++++++++++++++++++++--- NEWS | 4 ++++ 3 files changed, 31 insertions(+), 3 deletions(-) diff --git a/Mailman/Cgi/admin.py b/Mailman/Cgi/admin.py index b4455cbc..22ebe16a 100644 --- a/Mailman/Cgi/admin.py +++ b/Mailman/Cgi/admin.py @@ -107,6 +107,9 @@ def main(): # Is this a log-out request? if category == 'logout': + # site-wide admin should also be able to logout. + if mlist.AuthContextInfo(mm_cfg.AuthSiteAdmin)[0] == 'site': + print mlist.ZapCookie(mm_cfg.AuthSiteAdmin) print mlist.ZapCookie(mm_cfg.AuthListAdmin) Auth.loginpage(mlist, 'admin', frontpage=1) return diff --git a/Mailman/Cgi/admindb.py b/Mailman/Cgi/admindb.py index 6e3d343f..4513e8e3 100644 --- a/Mailman/Cgi/admindb.py +++ b/Mailman/Cgi/admindb.py @@ -1,4 +1,4 @@ -# Copyright (C) 1998-2010 by the Free Software Foundation, Inc. +# Copyright (C) 1998-2011 by the Free Software Foundation, Inc. # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -112,6 +112,19 @@ def main(): Auth.loginpage(mlist, 'admindb', msg=msg) return + # Add logout function. Note that admindb may be accessed with + # site-wide admin, moderator and list admin privileges. + # site admin may have site or admin cookie. (or both?) + # See if this is a logout request + if len(parts) >= 2 and parts[1] == 'logout': + if mlist.AuthContextInfo(mm_cfg.AuthSiteAdmin)[0] == 'site': + print mlist.ZapCookie(mm_cfg.AuthSiteAdmin) + if mlist.AuthContextInfo(mm_cfg.AuthListModerator)[0]: + print mlist.ZapCookie(mm_cfg.AuthListModerator) + print mlist.ZapCookie(mm_cfg.AuthListAdmin) + Auth.loginpage(mlist, 'admindb', frontpage=1) + return + # Set up the results document doc = Document() doc.set_language(mlist.preferred_language) @@ -167,20 +180,24 @@ def main(): process_form(mlist, doc, cgidata) # Now print the results and we're done. Short circuit for when there # are no pending requests, but be sure to save the results! + admindburl = mlist.GetScriptURL('admindb', absolute=1) if not mlist.NumRequestsPending(): title = _('%(realname)s Administrative Database') doc.SetTitle(title) doc.AddItem(Header(2, title)) doc.AddItem(_('There are no pending requests.')) doc.AddItem(' ') - doc.AddItem(Link(mlist.GetScriptURL('admindb', absolute=1), + doc.AddItem(Link(admindburl, _('Click here to reload this page.'))) + # Put 'Logout' link before the footer + doc.AddItem(Link('%s/logout' % admindburl, + '
%s
' % + _('Logout'))) doc.AddItem(mlist.GetMailmanFooter()) print doc.Format() mlist.Save() return - admindburl = mlist.GetScriptURL('admindb', absolute=1) form = Form(admindburl) # Add the instructions template if details == 'instructions': @@ -249,6 +266,10 @@ def main(): _('Discard all messages marked Defer') )) form.AddItem(Center(SubmitButton('submit', _('Submit All Data')))) + # Put 'Logout' link before the footer + doc.AddItem(Link('%s/logout' % admindburl, + '
%s
' % + _('Logout'))) doc.AddItem(mlist.GetMailmanFooter()) print doc.Format() # Commit all changes diff --git a/NEWS b/NEWS index f36bd51b..e0072b92 100644 --- a/NEWS +++ b/NEWS @@ -38,6 +38,10 @@ Here is a history of user visible changes to Mailman. Bug Fixes and other patches + - Added a logout link to the admindb interface and made both admin and + admindb logout effective for a site admin cookie if allowed. + Bug #769318. + - Replaced the old Mailman logos and icon that install to Mailman's icons directory with the new ones. If you copy these elsewhere on your server, please copy these new ones. -- cgit v1.2.3