def _setValue(self, mlist, property, val, doc):
if property == 'real_name' and \
val.lower() != mlist.internal_name().lower():
# These values can't differ by other than case
doc.addError(_("""<b>real_name</b> attribute not
changed! It must differ from the list's name by case
only."""))
elif property == 'new_member_options':
# Get current value because there are valid bits not in OPTIONS.
# If we're the admin CGI, we then process the bits in OPTIONS,
# turning them on or off as appropriate. Otherwise we process all
# the bits in mm_cfg.OPTINFO so that config_list can set and reset
# them.
newopts = mlist.new_member_options
if isinstance(doc, Document):
opts = OPTIONS
else:
opts = mm_cfg.OPTINFO
for opt in opts:
bitfield = mm_cfg.OPTINFO[opt]
if opt in val:
newopts |= bitfield
else:
newopts &= ~bitfield
mlist.new_member_options = newopts
elif property == 'subject_prefix':
# Convert any html entities to Unicode
mlist.subject_prefix = Utils.canonstr(
val, mlist.preferred_language)
elif property == 'info':
if val != mlist.info:
if Utils.suspiciousHTML(val):
doc.addError(_("""The <b>info</b> attribute you saved
contains suspicious HTML that could potentially expose your users to cross-site
scripting attacks. This change has therefore been rejected. If you still want
to make these changes, you must have shell access to your Mailman server.
This change can be made with bin/withlist or with bin/config_list by setting
mlist.info.
"""))
else:
mlist.info = val
elif property == 'admin_member_chunksize' and (val < 1
or not isinstance(val, int)):
doc.addError(_("""<b>admin_member_chunksize</b> attribute not
changed! It must be an integer > 0."""))
elif property == 'host_name':
try:
Utils.ValidateEmail('user@' + val)
except Errors.EmailAddressError:
doc.addError(_("""<b>host_name</b> attribute not changed!
It must be a valid domain name."""))
else:
GUIBase._setValue(self, mlist, property, val, doc)
else:
GUIBase._setValue(self, mlist, property, val, doc)
def _setValue(self, mlist, property, val, doc):
if property == 'real_name' and \
val.lower() <> str(mlist.real_name.lower()):
# These values can't differ by other than case
doc.addError(_("""<b>real_name</b> attribute not
changed! It must differ from the list's name by case
only."""))
elif property == 'new_member_options':
# Get current value because there are valid bits not in OPTIONS.
# If we're the admin CGI, we then process the bits in OPTIONS,
# turning them on or off as appropriate. Otherwise we process all
# the bits in mm_cfg.OPTINFO so that config_list can set and reset
# them.
newopts = mlist.new_member_options
if isinstance(doc, Document):
opts = OPTIONS
else:
opts = mm_cfg.OPTINFO
for opt in opts:
bitfield = mm_cfg.OPTINFO[opt]
if opt in val:
newopts |= bitfield
else:
newopts &= ~bitfield
mlist.new_member_options = newopts
elif property == 'subject_prefix':
# Convert any html entities to Unicode
mlist.subject_prefix = Utils.canonstr(
val, mlist.preferred_language)
elif property == 'info':
if val <> mlist.info:
if 0 and Utils.suspiciousHTML(val):
doc.addError(_("""The <b>info</b> attribute you saved
contains suspicious HTML that could potentially expose your users to cross-site
scripting attacks. This change has therefore been rejected. If you still want
to make these changes, you must have shell access to your Mailman server.
This change can be made with bin/withlist or with bin/config_list by setting
mlist.info.
"""))
else:
mlist.info = val
elif property == 'admin_member_chunksize' and (val < 1
or not isinstance(val, IntType)):
doc.addError(_("""<b>admin_member_chunksize</b> attribute not
changed! It must be an integer > 0."""))
else:
GUIBase._setValue(self, mlist, property, val, doc)
def ChangeHTML(mlist, cgi_info, template_name, doc):
if 'html_code' not in cgi_info:
doc.AddItem(Header(3, _("Can't have empty html page.")))
doc.AddItem(Header(3, _("HTML Unchanged.")))
doc.AddItem('<hr>')
return
code = cgi_info['html_code'].value
if Utils.suspiciousHTML(code):
doc.AddItem(
Header(
3,
_("""The page you saved contains suspicious HTML that could
potentially expose your users to cross-site scripting attacks. This change
has therefore been rejected. If you still want to make these changes, you
must have shell access to your Mailman server.
""")))
doc.AddItem(_('See '))
doc.AddItem(Link('http://wiki.list.org/x/jYA9', _('FAQ 4.48.')))
doc.AddItem(Header(3, _("Page Unchanged.")))
doc.AddItem('<hr>')
return
langdir = os.path.join(mlist.fullpath(), mlist.preferred_language)
# Make sure the directory exists
omask = os.umask(0)
try:
try:
os.mkdir(langdir, 0o2775)
except OSError as e:
if e.errno != errno.EEXIST: raise
finally:
os.umask(omask)
fp = open(os.path.join(langdir, template_name), 'wb')
try:
fp.write(code)
finally:
fp.close()
doc.AddItem(Header(3, _('HTML successfully updated.')))
doc.AddItem('<hr>')
def ChangeHTML(mlist, cgi_info, template_name, doc):
if not cgi_info.has_key('html_code'):
doc.AddItem(Header(3,_("Can't have empty html page.")))
doc.AddItem(Header(3,_("HTML Unchanged.")))
doc.AddItem('<hr>')
return
code = cgi_info['html_code'].value
if Utils.suspiciousHTML(code):
doc.AddItem(Header(3,
_("""The page you saved contains suspicious HTML that could
potentially expose your users to cross-site scripting attacks. This change
has therefore been rejected. If you still want to make these changes, you
must have shell access to your Mailman server.
""")))
doc.AddItem(_('See '))
doc.AddItem(Link(
'http://wiki.list.org/x/jYA9',
_('FAQ 4.48.')))
doc.AddItem(Header(3,_("Page Unchanged.")))
doc.AddItem('<hr>')
return
langdir = os.path.join(mlist.fullpath(), mlist.preferred_language)
# Make sure the directory exists
omask = os.umask(0)
try:
try:
os.mkdir(langdir, 02775)
except OSError, e:
if e.errno <> errno.EEXIST: raise
finally:
os.umask(omask)
fp = open(os.path.join(langdir, template_name), 'w')
try:
fp.write(code)
finally:
fp.close()
doc.AddItem(Header(3, _('HTML successfully updated.')))
doc.AddItem('<hr>')
