Ticket #51

ezmlm-web.cgi - new options NO_WEBUSERS_CREATE, NO_WEBUSERS_ACCESSALL - modified sub webauth and sub webauth_create_allowed to honor the new options ezmlmwebrc.dist - documented new options
2008-07-10 17:20:20 +00:00 · 2008-07-10 17:20:20 +00:00 · 1f699d3cba
parent 4bcce50d6c
commit 1f699d3cba
2 changed files with 20 additions and 3 deletions
--- a/examples/ezmlmwebrc.dist
+++ b/examples/ezmlmwebrc.dist
@ -38,6 +38,16 @@ $LIST_DIR = "$HOME_DIR/lists";
 # defaults to "$LIST_DIR/webusers"
 #$WEBUSERS_FILE = "$LIST_DIR/webusers";

+# if no webusers file, grant list creation by default
+# 0 - don't grant creation if webusers file doesn't exist
+# 1 - grant creation if webusers file doesn't exist
+#$NO_WEBUSERS_CREATE = 1;
+
+# if no webusers file, grant access by default
+# 0 - don't grant access to all lists if webusers file doesn't exist
+# 1 - grant access to all lists if webusers file doesn't exist
+#$NO_WEBUSERS_ACCESSALL = 1;
+
 # Where are the language files
 # usually something like /usr/local/share/ezmlm-web/lang
 $LANGUAGE_DIR = "/usr/local/share/ezmlm-web/lang";
--- a/ezmlm-web.cgi
+++ b/ezmlm-web.cgi
@ -89,10 +89,11 @@ use vars qw[$HOME_DIR]; $HOME_DIR=$tmp[7];
 # some configuration settings
 use vars qw[$DEFAULT_OPTIONS $UNSAFE_RM $ALIAS_USER $LIST_DIR];
 use vars qw[$QMAIL_BASE $PRETTY_NAMES $DOTQMAIL_DIR];
-use vars qw[$FILE_UPLOAD $WEBUSERS_FILE $MAIL_DOMAIN $HTML_TITLE];
+use vars qw[$FILE_UPLOAD $MAIL_DOMAIN $HTML_TITLE];
 use vars qw[$TEMPLATE_DIR $LANGUAGE_DIR $HTML_LANGUAGE];
 use vars qw[$HTML_CSS_COMMON $HTML_CSS_COLOR];
 use vars qw[$MAIL_ADDRESS_PREFIX @HTML_LINKS];
+use vars qw[$WEBUSERS_FILE $NO_WEBUSERS_CREATE $NO_WEBUSERS_ACCESSALL];
 # default interface template (basic/normal/expert)
 use vars qw[$DEFAULT_INTERFACE_TYPE];
 # some settings for encrypted mailing lists
@ -169,6 +170,12 @@ if (defined($opt_d)) {
 # then use former default value for compatibility
 $WEBUSERS_FILE = $LIST_DIR . '/webusers' unless (defined($WEBUSERS_FILE));

+# if no webusers file, grant list creation by defautlt
+$NO_WEBUSERS_CREATE = 1 unless defined($NO_WEBUSERS_CREATE);
+
+# if no webusers file, grant access to all lists by default
+$NO_WEBUSERS_ACCESSALL = 1 unless defined($NO_WEBUSERS_ACCESSALL);
+
 # check for non-default dotqmail directory
 $DOTQMAIL_DIR = $HOME_DIR unless defined($DOTQMAIL_DIR);

@ -2330,7 +2337,7 @@ sub webauth {
 	my $listname = shift;
   
 	# Check if webusers file exists - if not, then access is granted
-	return (0==0) if (! -e "$WEBUSERS_FILE");
+	return ($NO_WEBUSERS_ACCESSALL) if (! -e "$WEBUSERS_FILE");

 	# if there was no user authentication, then everything is allowed
 	return (0==0) if (!defined($ENV{REMOTE_USER}) or ($ENV{REMOTE_USER} eq ''));
@ -2376,7 +2383,7 @@ sub webauth_create_allowed {
 	return (0==0) if (!defined($ENV{REMOTE_USER}) || ($ENV{REMOTE_USER} eq ''));

 	# Check if webusers file exists - if not, then access is granted
-	return (0==0) if (! -e "$WEBUSERS_FILE");
+	return ($NO_WEBUSERS_CREATE) if (! -e "$WEBUSERS_FILE");

 	# Read create-permission from webusers file.
 	# the special listname "ALLOW_CREATE" controls, who is allowed to do it