[Mailman-checkins] [Branch ~mailman-coders/mailman/2.1] Rev 1064: options.py - Made the ability for a list admin to change a members password

Mon, 14 Apr 2008 11:48:09 -0700 

------------------------------------------------------------
revno: 1064
committer: Mark Sapiro <[EMAIL PROTECTED]>
branch nick: 2.1
timestamp: Mon 2008-04-14 10:45:27 -0700
message:
  options.py  - Made the ability for a list admin to change a members password
                conditional on mm_cfg.OWNERS_CAN_CHANGE_MEMBER_PASSWORDS.
  
  Defaults.py.in - Added OWNERS_CAN_CHANGE_MEMBER_PASSWORDS = No.
modified:
  Mailman/Cgi/options.py
  Mailman/Defaults.py.in

=== modified file 'Mailman/Cgi/options.py'
--- a/Mailman/Cgi/options.py    2008-03-06 20:34:12 +0000
+++ b/Mailman/Cgi/options.py    2008-04-14 17:45:27 +0000
@@ -421,6 +421,14 @@
         return
 
     if cgidata.has_key('changepw'):
+        # Is this list admin and is list admin allowed to change passwords.
+        if not (is_user_or_siteadmin
+                or mm_cfg.OWNERS_CAN_CHANGE_MEMBER_PASSWORDS):
+            doc.addError(_("""The list administrator may not change the
+                    password for a user."""))
+            options_page(mlist, doc, user, cpuser, userlang)
+            print doc.Format()
+            return
         newpw = cgidata.getvalue('newpw')
         confirmpw = cgidata.getvalue('confpw')
         if not newpw or not confirmpw:

=== modified file 'Mailman/Defaults.py.in'
--- a/Mailman/Defaults.py.in    2008-02-14 17:08:11 +0000
+++ b/Mailman/Defaults.py.in    2008-04-14 17:45:27 +0000
@@ -1,6 +1,6 @@
 # -*- python -*-
 
-# Copyright (C) 1998-2007 by the Free Software Foundation, Inc.
+# Copyright (C) 1998-2008 by the Free Software Foundation, Inc.
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License
@@ -785,6 +785,12 @@
 # but can have a heavy impact on the performance of your system.
 OWNERS_CAN_ENABLE_PERSONALIZATION = No
 
+# Set this variable to Yes to allow list owners to change a member's password
+# from the member's options page.  Do not do this if list owners aren't all
+# trustworthy as it allows a list owner to change a member's password and then
+# log in as the member and make global changes.
+OWNERS_CAN_CHANGE_MEMBER_PASSWORDS = No
+
 # Should held messages be saved on disk as Python pickles or as plain text?
 # The former is more efficient since we don't need to go through the
 # parse/generate roundtrip each time, but the latter might be preferred if you



--
Stable, maintained release series
https://code.launchpad.net/~mailman-coders/mailman/2.1

You are receiving this branch notification because you are subscribed to it.
_______________________________________________
Mailman-checkins mailing list
[email protected]
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-checkins/archive%40jab.org

Reply via email to