diff options
| author | Magnus Hagander | 2018-01-15 18:34:18 +0000 |
|---|---|---|
| committer | Magnus Hagander | 2018-01-15 18:38:26 +0000 |
| commit | aa0cffe1fc55d448c0db6c41610e2300a7761b91 (patch) | |
| tree | 6dd87b9e9275619b9d38570d2aea0d253bcdeea3 /django/archives/settings.py | |
| parent | 6e93aa49d3119053b7f2740f3122fec1ba1d269a (diff) | |
Implement per-list permissions
This assumes we sync subscribers over from the list server (using
pglister), getting their community authentication usernames. Then, by
requesting a community auth login, it's possible to restrict the session
to view only those lists the user is subscribed to.
To view emails, the user must be subscribed to *all* the lists that the
thread the message belongs to has shown up. This means that messages can
dissappear from a listing if somebody CCs in a higher security level
list.
NOTE! After installing this code, the PUBLIC_ARCHIVES setting must be
set to True to retain previous behaviour!
Reviewed by Stephen Frost
Diffstat (limited to 'django/archives/settings.py')
| -rw-r--r-- | django/archives/settings.py | 26 |
1 files changed, 22 insertions, 4 deletions
diff --git a/django/archives/settings.py b/django/archives/settings.py index ed48da9..79925b1 100644 --- a/django/archives/settings.py +++ b/django/archives/settings.py @@ -92,13 +92,13 @@ TEMPLATE_LOADERS = ( # 'django.template.loaders.eggs.Loader', ) -MIDDLEWARE_CLASSES = ( +MIDDLEWARE_CLASSES = [ 'django.middleware.common.CommonMiddleware', # 'django.contrib.sessions.middleware.SessionMiddleware', # 'django.middleware.csrf.CsrfViewMiddleware', # 'django.contrib.auth.middleware.AuthenticationMiddleware', # 'django.contrib.messages.middleware.MessageMiddleware', -) +] ROOT_URLCONF = 'archives.urls' @@ -108,7 +108,7 @@ TEMPLATE_DIRS = ( # Don't forget to use absolute paths, not relative paths. ) -INSTALLED_APPS = ( +INSTALLED_APPS = [ # 'django.contrib.auth', # 'django.contrib.contenttypes', # 'django.contrib.sessions', @@ -120,7 +120,7 @@ INSTALLED_APPS = ( # Uncomment the next line to enable admin documentation: # 'django.contrib.admindocs', 'archives.mailarchives', -) +] # A sample logging configuration. The only tangible logging # performed by this configuration is to send an email to @@ -153,8 +153,26 @@ FORCE_SCRIPT_NAME="" # Always override! SEARCH_CLIENTS = ('127.0.0.1',) API_CLIENTS = ('127.0.0.1',) +PUBLIC_ARCHIVES = False try: from settings_local import * except ImportError: pass + +# If this is a non-public site, enable middleware for handling logins etc +if not PUBLIC_ARCHIVES: + MIDDLEWARE_CLASSES = [ + 'django.contrib.sessions.middleware.SessionMiddleware', + 'django.contrib.auth.middleware.AuthenticationMiddleware', + ] + MIDDLEWARE_CLASSES + MIDDLEWARE_CLASSES.append('archives.mailarchives.redirecthandler.RedirectMiddleware') + + INSTALLED_APPS = [ + 'django.contrib.auth', + 'django.contrib.contenttypes', + 'django.contrib.sessions', + ] + INSTALLED_APPS + + from archives.util import validate_new_user + PGAUTH_CREATEUSER_CALLBACK=validate_new_user |