gotommlist.php3 5.78 KB
Newer Older
1 2
<?php
#
3
# Copyright (c) 2000-2010 University of Utah and the Flux Group.
4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
# 
# {{{EMULAB-LICENSE
# 
# This file is part of the Emulab network testbed software.
# 
# This file is free software: you can redistribute it and/or modify it
# under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or (at
# your option) any later version.
# 
# This file is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Affero General Public
# License for more details.
# 
# You should have received a copy of the GNU Affero General Public License
# along with this file.  If not, see <http://www.gnu.org/licenses/>.
# 
# }}}
23 24 25 26 27 28 29 30 31
#
include("defs.php3");

if (!$MAILMANSUPPORT) {
    header("Location: index.php3");
    return;
}

# No Pageheader since we spit out a redirection below.
32 33 34 35
$this_user = CheckLoginOrDie(CHECKLOGIN_USERSTATUS|
			     CHECKLOGIN_WEBONLY|CHECKLOGIN_WIKIONLY);
$uid       = $this_user->uid();
$isadmin   = ISADMIN();
36 37

#
38
# Verify page arguments
39
#
40 41 42
$optargs = OptionalPageArguments("target_project", PAGEARG_PROJECT,
				 "target_group",   PAGEARG_GROUP,
				 "listname",       PAGEARG_STRING,
43
				 "asadmin",        PAGEARG_BOOLEAN,
44 45
				 "wantadmin",      PAGEARG_BOOLEAN,
				 "wantconfig",     PAGEARG_BOOLEAN);
46

47 48 49 50 51 52
#
# We will either show a specific list.
#
if (isset($target_project) || isset($target_group)) {
    if (! isset($target_group)) {
	$target_group = $target_project->DefaultGroup();
53
    }
54 55
    $pid = $target_group->pid();
    $gid = $target_group->gid();
56

57 58 59 60 61
    if ($target_group->IsProjectGroup())
	$listname = "$pid" . "-users";
    else
	$listname = "$pid-$gid" . "-users";
    
62 63 64 65 66
    #
    # Make sure the user is allowed! We must do a permission check since
    # we are asking mailman to generate a cookie without a password.
    #
    if (!$isadmin &&
67
	!$target_group->AccessCheck($this_user, $TB_PROJECT_READINFO)) {
68 69 70 71 72 73 74
	USERERROR("You are not a member of $pid/$gid.", 1);
    }

    #
    # By default, we want the user interface to the archives. However, an
    # admin can request access to the list admin interface, and we need
    # a different cookie for that.
75
    #
76 77
    $user_name  = $this_user->name();
    $user_email = $this_user->email();
78 79
    $user_email = rawurlencode($user_email);
    
80 81
    $cookietype = "user";
    $listiface  = "private";
82
    $optargs    = "?username=${user_email}";
83

84 85 86
    if (isset($wantadmin) && $isadmin) {
	$cookietype = "admin";
	$listiface  = "admin";
87
	$optargs    = "";
88 89
    }

90 91
    $retval = SUEXEC($uid, "nobody", "mmxlogin $uid $listname $cookietype",
		     SUEXEC_ACTION_IGNORE);
92

93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113
    #
    # If this was an admin trying to get to a list, then retry as admin.
    #
    if ($retval) {
	if ($isadmin && !isset($wantadmin)) {
	    $cookietype = "admin";
	    $listiface  = "admin";
	    $optargs    = "";

	    $retval = SUEXEC($uid, "nobody",
			     "mmxlogin $uid $listname $cookietype",
			     SUEXEC_ACTION_IGNORE);
	}
	if ($retval == 1) {
	    USERERROR("You are not a member of $pid/$gid.", 1);
	}
	elseif ($retval) {
	    SUEXECERROR(SUEXEC_ACTION_DIE);
	}
    }
    
114 115 116 117 118
    #
    # Parse the silly thing
    #
    # Set-Cookie: foo=2802; Path=/mailman/; Version=1;
    #
119
    if (!preg_match("/^Set-Cookie: ([-\w\+\.\%]+)=(\w*); ".
120
		    "Path=(\/[\w]+\/); Version=1;?$/",
121 122 123 124 125 126 127
		    $suexec_output, $matches)) {
	TBERROR($suexec_output, 1);
    }
    # TBERROR($matches[1] . ":" . $matches[2] . ":" . $matches[3], 0);

    setcookie($matches[1], $matches[2], 0, $matches[3], $TBAUTHDOMAIN, 0);

128
    $url = "${MAILMANURL}/$listiface/$listname/$optargs";
129 130 131 132 133 134 135 136 137 138
}
elseif (isset($listname) && $listname != "") {
    #
    # Zap to a specific list admin page. Must be an admin, or must be the
    # owner of the list. We do not track list membership, so members need to
    # find their lists on their own. 
    #
    if (! TBvalid_mailman_listname($listname)) {
	PAGEARGERROR("Invalid characters in $listname!");
    }
139 140
    $user_name  = $this_user->name();
    $user_email = $this_user->email();
141 142
    $user_email = rawurlencode($user_email);
	
143
    $optargs = "";
144 145 146 147
    #
    # Make sure the user is allowed! We must do a permission check since
    # we are asking mailman to generate a cookie without a password.
    #
148
    if (isset($wantadmin) || isset($asadmin)) {
149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164
	if (!$isadmin) {
	    $mm_result = DBQueryFatal("select * from mailman_listnames ".
				      "where listname='$listname'");

	    if (!mysql_num_rows($mm_result)) {
		USERERROR("No such list $listname!", 1);
	    }
	    $row = mysql_fetch_array($mm_result);
	    $owner_uid = $row['owner_uid'];

           #
           # Verify permission.
           #
	    if ($uid != $owner_uid) {
		USERERROR("You do not have permission to admin $listname!", 1);
	    }
165
	}
166
	$cookietype = "admin";
167 168 169 170 171
	if (isset($wantadmin)) {
	    $listiface  = "admin";
	} else {
	    $listiface  = "private";
        }
172 173 174 175
    }
    elseif (isset($wantconfig)) {
	$cookietype = "user";
	$listiface  = "options";
176
	$optargs    = "?email=${user_email}";
177 178 179 180
    }
    else {
	$cookietype = "user";
	$listiface  = "private";
181
	$optargs    = "?username=${user_email}";
182 183 184 185
    }

    SUEXEC($uid, "nobody", "mmxlogin $uid $listname $cookietype",
	   SUEXEC_ACTION_DIE);
186
    
187 188 189 190 191
    #
    # Parse the silly thing
    #
    # Set-Cookie: foo=2802; Path=/mailman/; Version=1;
    #
192
    if (!preg_match("/^Set-Cookie: ([-\w\+\.\%]+)=(\w*); ".
193
		    "Path=(\/[\w]+\/); Version=1;?$/",
194 195 196 197 198
		    $suexec_output, $matches)) {
	TBERROR($suexec_output, 1);
    }
    setcookie($matches[1], $matches[2], 0, $matches[3], $TBAUTHDOMAIN, 0);

199
    $url = "${MAILMANURL}/$listiface/$listname/$optargs";
200 201 202 203 204 205 206 207 208 209 210

    if (isset($link)) {
	$url .= $link;
    }
}
else {
    USERERROR("You are not a member of any mailing projects!", 1);
}

header("Location: ${url}");
?>