gotommlist.php3 5.09 KB
Newer Older
1 2 3
<?php
#
# EMULAB-COPYRIGHT
4
# Copyright (c) 2000-2007 University of Utah and the Flux Group.
5 6 7 8 9 10 11 12 13 14
# All rights reserved.
#
include("defs.php3");

if (!$MAILMANSUPPORT) {
    header("Location: index.php3");
    return;
}

# No Pageheader since we spit out a redirection below.
15 16 17 18
$this_user = CheckLoginOrDie(CHECKLOGIN_USERSTATUS|
			     CHECKLOGIN_WEBONLY|CHECKLOGIN_WIKIONLY);
$uid       = $this_user->uid();
$isadmin   = ISADMIN();
19 20

#
21
# Verify page arguments
22
#
23 24 25
$optargs = OptionalPageArguments("target_project", PAGEARG_PROJECT,
				 "target_group",   PAGEARG_GROUP,
				 "listname",       PAGEARG_STRING,
26
				 "asadmin",        PAGEARG_BOOLEAN,
27 28
				 "wantadmin",      PAGEARG_BOOLEAN,
				 "wantconfig",     PAGEARG_BOOLEAN);
29

30 31 32 33 34 35
#
# We will either show a specific list.
#
if (isset($target_project) || isset($target_group)) {
    if (! isset($target_group)) {
	$target_group = $target_project->DefaultGroup();
36
    }
37 38
    $pid = $target_group->pid();
    $gid = $target_group->gid();
39

40 41 42 43 44
    if ($target_group->IsProjectGroup())
	$listname = "$pid" . "-users";
    else
	$listname = "$pid-$gid" . "-users";
    
45 46 47 48 49
    #
    # Make sure the user is allowed! We must do a permission check since
    # we are asking mailman to generate a cookie without a password.
    #
    if (!$isadmin &&
50
	!$target_group->AccessCheck($this_user, $TB_PROJECT_READINFO)) {
51 52 53 54 55 56 57
	USERERROR("You are not a member of $pid/$gid.", 1);
    }

    #
    # By default, we want the user interface to the archives. However, an
    # admin can request access to the list admin interface, and we need
    # a different cookie for that.
58
    #
59 60
    $user_name  = $this_user->name();
    $user_email = $this_user->email();
61 62
    $user_email = rawurlencode($user_email);
    
63 64
    $cookietype = "user";
    $listiface  = "private";
65
    $optargs    = "?username=${user_email}";
66

67 68 69
    if (isset($wantadmin) && $isadmin) {
	$cookietype = "admin";
	$listiface  = "admin";
70
	$optargs    = "";
71 72
    }

73 74
    $retval = SUEXEC($uid, "nobody", "mmxlogin $uid $listname $cookietype",
		     SUEXEC_ACTION_IGNORE);
75

76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96
    #
    # If this was an admin trying to get to a list, then retry as admin.
    #
    if ($retval) {
	if ($isadmin && !isset($wantadmin)) {
	    $cookietype = "admin";
	    $listiface  = "admin";
	    $optargs    = "";

	    $retval = SUEXEC($uid, "nobody",
			     "mmxlogin $uid $listname $cookietype",
			     SUEXEC_ACTION_IGNORE);
	}
	if ($retval == 1) {
	    USERERROR("You are not a member of $pid/$gid.", 1);
	}
	elseif ($retval) {
	    SUEXECERROR(SUEXEC_ACTION_DIE);
	}
    }
    
97 98 99 100 101
    #
    # Parse the silly thing
    #
    # Set-Cookie: foo=2802; Path=/mailman/; Version=1;
    #
102
    if (!preg_match("/^Set-Cookie: ([-\w\+\.\%]+)=(\w*); ".
103 104 105 106 107 108 109 110
		    "Path=(\/[\w]+\/); Version=1;$/",
		    $suexec_output, $matches)) {
	TBERROR($suexec_output, 1);
    }
    # TBERROR($matches[1] . ":" . $matches[2] . ":" . $matches[3], 0);

    setcookie($matches[1], $matches[2], 0, $matches[3], $TBAUTHDOMAIN, 0);

111
    $url = "${MAILMANURL}/$listiface/$listname/$optargs";
112 113 114 115 116 117 118 119 120 121
}
elseif (isset($listname) && $listname != "") {
    #
    # Zap to a specific list admin page. Must be an admin, or must be the
    # owner of the list. We do not track list membership, so members need to
    # find their lists on their own. 
    #
    if (! TBvalid_mailman_listname($listname)) {
	PAGEARGERROR("Invalid characters in $listname!");
    }
122 123
    $user_name  = $this_user->name();
    $user_email = $this_user->email();
124 125
    $user_email = rawurlencode($user_email);
	
126
    $optargs = "";
127 128 129 130
    #
    # Make sure the user is allowed! We must do a permission check since
    # we are asking mailman to generate a cookie without a password.
    #
131
    if (isset($wantadmin) || isset($asadmin)) {
132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147
	if (!$isadmin) {
	    $mm_result = DBQueryFatal("select * from mailman_listnames ".
				      "where listname='$listname'");

	    if (!mysql_num_rows($mm_result)) {
		USERERROR("No such list $listname!", 1);
	    }
	    $row = mysql_fetch_array($mm_result);
	    $owner_uid = $row['owner_uid'];

           #
           # Verify permission.
           #
	    if ($uid != $owner_uid) {
		USERERROR("You do not have permission to admin $listname!", 1);
	    }
148
	}
149
	$cookietype = "admin";
150 151 152 153 154
	if (isset($wantadmin)) {
	    $listiface  = "admin";
	} else {
	    $listiface  = "private";
        }
155 156 157 158
    }
    elseif (isset($wantconfig)) {
	$cookietype = "user";
	$listiface  = "options";
159
	$optargs    = "?email=${user_email}";
160 161 162 163
    }
    else {
	$cookietype = "user";
	$listiface  = "private";
164
	$optargs    = "?username=${user_email}";
165 166 167 168
    }

    SUEXEC($uid, "nobody", "mmxlogin $uid $listname $cookietype",
	   SUEXEC_ACTION_DIE);
169
    
170 171 172 173 174
    #
    # Parse the silly thing
    #
    # Set-Cookie: foo=2802; Path=/mailman/; Version=1;
    #
175
    if (!preg_match("/^Set-Cookie: ([-\w\+\.\%]+)=(\w*); ".
176 177 178 179 180 181
		    "Path=(\/[\w]+\/); Version=1;$/",
		    $suexec_output, $matches)) {
	TBERROR($suexec_output, 1);
    }
    setcookie($matches[1], $matches[2], 0, $matches[3], $TBAUTHDOMAIN, 0);

182
    $url = "${MAILMANURL}/$listiface/$listname/$optargs";
183 184 185 186 187 188 189 190 191 192 193

    if (isset($link)) {
	$url .= $link;
    }
}
else {
    USERERROR("You are not a member of any mailing projects!", 1);
}

header("Location: ${url}");
?>