[Mailman-Developers] [ mailman-Bugs-573071 ] nonmembers can post after upgrading

noreply@sourceforge.net noreply@sourceforge.net
Wed, 31 Jul 2002 15:06:39 -0700 

Bugs item #573071, was opened at 2002-06-24 07:23
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=100103&aid=573071&group_id=103

Category: security/privacy
Group: 2.1 beta
Status: Open
Resolution: None
Priority: 5
Submitted By: Daniel Buchmann (avalon)
Assigned to: Nobody/Anonymous (nobody)
Summary: nonmembers can post after upgrading

Initial Comment:
After upgrading to current CVS (2.1b2+), nonmembers are
now allowed to post to a list that used to be
members-only (in MM 2.0.11).
The member_posting_only config variable is not
propagated to the generic_nonmember_action variable
when upgrading. This caused me a lot of trouble... :)
The fix is probably trivial, but my lack of python
experience prevents me from submitting a patch... ;)


----------------------------------------------------------------------

>Comment By: Barry A. Warsaw (bwarsaw)
Date: 2002-07-31 18:06

Message:
Logged In: YES 
user_id=12800

Actually, I'm sure the fix is anything /but/ trivial since
the semantics and interaction of the MM2.0.x
member_posting_only, posters, and moderated attributes is
simply too confusing.  I'm not sure I got it right the first
time, and I'm not even sure that my current thinking on the
subject is correct.

Here is my current thinking about the steps needed to do an
upgrade.  I'd love to have someone else sanity check this,
but I'll understand if no one does or can.  We're not going
to "fix" 2.1b2 lists, but this might fix things for lists
that are upgraded from 2.0.x to 2.1b3.  None of this is
tested yet -- or even implemented -- since I need to think
on it some more and see if this is correct.  Have any comments?

Oh yeah.  I need to put a nice big warning in the UPGRADING
file.

    # Now convert what we can...  Note that the interaction
between the
    # MM2.0.x attributes `moderated', `member_posting_only',
and `posters' is
    # so confusing, it makes my brain really ache.  Which is
why they go away
    # in MM2.1.  I think the best we can do semantically is
the following:
    #
    # - If moderated == yes, then any sender who's address
is not on the
    #   posters attribute would get held for approval.  if
the sender was on
    #   the posters list, then we'd defer judgement to a
later step
    # - If member_posting_only == yes, then members could
post without holds,
    #   and if there were any addresses added to posters,
they could also post
    #   without holds.
    # - If member_posting_only == no, then what happens
depends on the value
    #   of the posters attribute:
    #       o If posters was empty, then anybody can post
without their
    #         message being held for approval
    #       o If posters was non-empty, then /only/ those
addresses could post
    #         without approval, i.e. members not on posters
would have their
    #         messages held for approval.
    #
    # How to translate this mess to MM2.1 values?  I'm sure
I got this wrong
    # before, but here's how we're going to do it, as of
MM2.1b3.
    #
    # - We'll control member moderation through their
Moderate flag, and
    #   non-member moderation through the
generic_nonmember_action,
    #   hold_these_nonmembers, and accept_these_nonmembers.
    # - If moderated == yes then we need to troll through
the addresses on
    #   posters, and any non-members would get added to
    #   accept_these_nonmembers.  /Then/ we need to troll
through the
    #   membership and any member not on posters would get
their Moderate flag
    #   set.  Then generic_nonmember_action gets set to 1
(hold) so nonmembers
    #   get moderated, and default_member_moderation will be
set to 1 (hold)
    #   so new members will also get held for moderation. 
We'll stop here.
    # - We only get to here if moderated == no.
    # - If member_posting_only == yes, then we'll also set
    #   generic_nonmember_action to 1 and we'll turn off the
Moderate flag for
    #   members.  Then we troll through the posters
attribute and add all
    #   those addresses to accept_these_nonmembers.  We'll
stop here.
    # - We only get to here if member_posting_only == no
    # - If posters is empty, then anybody could post without
being held for
    #   approval, so we'll set generic_nonmember_action to 0
(accept), and
    #   we'll turn off the Moderate flag for all members. 
We'll also turn off
    #   default_member_moderation so new members can post
without approval.
    #   We'll stop here.
    # - We only get here if posters is non-empty.
    # - This means that /only/ the addresses on posters got
to post without
    #   being held for approval.  So first, we troll through
posters and add
    #   all non-members to accept_these_nonmembers.  Then we
troll through the
    #   membership and if their address is on posters, we'll
clear their
    #   Moderate flag, otherwise we'll set it.  We'll turn on
    #   default_member_moderation so new members get
moderated.  We'll set
    #   generic_nonmember_action to 1 (hold) so all other
non-members will get
    #   moderated.  And I think we're finally done.
    #
    # SIGH.


----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=100103&aid=573071&group_id=103