diff options
| author | Aurélien Bompard <aurelien@bompard.org> | 2013-10-18 16:15:40 +0200 |
|---|---|---|
| committer | Aurélien Bompard <aurelien@bompard.org> | 2013-10-18 16:15:40 +0200 |
| commit | f1a0a71d971ffa4c01a88b92aa4869dd3a12a3fa (patch) | |
| tree | 8289deaa33daafde6572e5e6abc6a8df11475ab1 /hyperkitty/lib/mailman.py | |
| parent | 5b0796d955930ff953f503c9f1966dfbbe876fec (diff) | |
| download | hyperkitty-f1a0a71d971ffa4c01a88b92aa4869dd3a12a3fa.tar.gz hyperkitty-f1a0a71d971ffa4c01a88b92aa4869dd3a12a3fa.tar.xz hyperkitty-f1a0a71d971ffa4c01a88b92aa4869dd3a12a3fa.zip | |
Handle permissions on private mailing-lists
Diffstat (limited to 'hyperkitty/lib/mailman.py')
| -rw-r--r-- | hyperkitty/lib/mailman.py | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/hyperkitty/lib/mailman.py b/hyperkitty/lib/mailman.py index f0c970f..090902b 100644 --- a/hyperkitty/lib/mailman.py +++ b/hyperkitty/lib/mailman.py @@ -19,12 +19,21 @@ # Author: Aurelien Bompard <abompard@fedoraproject.org> # +from __future__ import absolute_import + +from functools import wraps + from django.conf import settings from django.core.urlresolvers import reverse from django.utils.http import urlquote +from django.utils.decorators import available_attrs +from django.shortcuts import redirect, render +from django.http import Http404 +from mailman.interfaces.archiver import ArchivePolicy from mailmanclient import Client from hyperkitty.models import Rating +from hyperkitty.lib import get_store def subscribe(list_address, user): @@ -80,3 +89,35 @@ def get_subscriptions(store, client, mm_user): "posts_count": len(email_hashes), }) return subscriptions + + +# View decorator: check that the list is authorized +def check_mlist_private(func): + @wraps(func, assigned=available_attrs(func)) + def inner(request, *args, **kwargs): + if "mlist_fqdn" in kwargs: + mlist_fqdn = kwargs["mlist_fqdn"] + else: + mlist_fqdn = args[0] + try: + store = get_store(request) + except KeyError: + return func(request, *args, **kwargs) # Unittesting? + mlist = store.get_list(mlist_fqdn) + if mlist is None: + raise Http404("No archived mailing-list by that name.") + #return HttpResponse(request.session.get("subscribed", "NO KEY"), content_type="text/plain") + if not is_mlist_authorized(request, mlist): + return render(request, "error-private.html", { + "mlist": mlist, + }, status=403) + return func(request, *args, **kwargs) + return inner + +def is_mlist_authorized(request, mlist): + if mlist.archive_policy == ArchivePolicy.private and \ + not (request.user.is_authenticated() and + hasattr(request, "session") and + mlist.name in request.session.get("subscribed", [])): + return False + return True |