Skip to Content.
Sympa Menu

en - RE: [sympa-users] privileged owners and scenari sources access

Subject: The mailing list for listmasters using Sympa

List archive

Chronological Thread  
  • From: "Widerski, Betty" <address@concealed>
  • To: "address@concealed" <address@concealed>
  • Subject: RE: [sympa-users] privileged owners and scenari sources access
  • Date: Fri, 15 Oct 2021 19:02:38 +0000

I appear to have solved this – to allow Privileged Owners to edit their list’s Send scenario source and save it to the list’s scenari directory you need to make these changes:

 

  1. Copy /usr/share/sympa/default/web_tt2/config_common.tt2 to /etc/sympa/web_tt2/ config_common.tt2 if it doesn’t already exist in the /etc/sympa path.
  2. Edit line 19 – change   [% IF pitem.scenario && is_listmaster ~%]   to  [% IF pitem.scenario && is_privileged_owner ~%]
  3. Edit line 664 of /usr/libexec/sympa/wwsympa.fcgi – change    'dump_scenario'            => ['listmaster'],   to   'dump_scenario'            => ['privileged_owner', 'listmaster'],
  4. Restart sympa and wwsympa

 

Privileged Owners of a list will now see the “scenario source” button and can edit and save a new version of the active scenario to the  /var/lib/sympa/list_data/lists.[your.domain]/[listname]/scenari directory. After saving they can return to the Sending/receiving setup page to select the new scenario and Apply modifications.

 

One further question: is the file /usr/libexec/sympa/wwsympa.fcgi overwritten when a Sympa upgrade is applied? If so, then I need to make a note that this change needs to be made again in a new version.

 

Thanks

Betty

 

 

From: Widerski, Betty
Sent: Friday, October 15, 2021 12:00 PM
To: address@concealed
Subject: RE: [sympa-users] privileged owners and scenari sources access

 

So far I have tried these tweaks without success:

 

1.            changed /usr/libexec/sympa/wwsympa.fcgi and restarted wwsympa

diff wwsympa.fcgi wwsympa.fcgi.orig

664c664

<     'dump_scenario'            => ['privileged_owner', 'listmaster'],

---

>     'dump_scenario'            => ['listmaster'],

 

2.            Copied  /usr/share/sympa/default/web_tt2/dump_scenario.tt2 to /etc/sympa/web_tt2 , changed [% IF is_listmaster %] to [% IF is_owner %], restarted sympa and wwsympa.

 

Will continue looking for “scenario source” button visibility coding.

 

[Note: after today I will be on vacation until 26-Oct so may not respond to this thread again until then. Thanks]

Betty

 

From: address@concealed <address@concealed> On Behalf Of Widerski, Betty
Sent: Friday, October 15, 2021 9:39 AM
To: Michael Young <address@concealed>; address@concealed
Subject: RE: [sympa-users] privileged owners and scenari sources access

 

Thanks, but I don’t think that would do it. I require several hundred separate distinct groups of non-subscriber authorized poster addresses for several hundred lists, and more created as required. These techs need simple “change this word here” instructions with limited allowed parameter manipulation. I am setting up distinct create list scenari for their use, and for the send/receive setup for “subscribers plus other addresses allowed to post” I am assigning a send scenario like:

 

title.gettext restricted to subscribers and auth posters, messages from others are bounced

 

is_subscriber([listname],[sender])             smtp,dkim,smime,md5    -> do_it

is_subscriber([listname_auth],[sender])             smtp,dkim,smime,md5    -> do_it

is_editor([listname],[sender])                 smtp,dkim,smime,md5    -> do_it

is_owner([listname],[sender])                  smtp,dkim,smime,md5    -> do_it

true()                                                                        smtp,dkim,md5,smime    -> reject,bounce

 

And I want the PO to create a list named (if this list was named “test”) “test_auth” then edit the 2nd line to be

is_subscriber([‘test_auth’,[sender])             smtp,dkim,smime,md5    -> do_it

 

There are also some lists that will require multiple non-sub auth posters, so we would add as many other specific is_subscriber lines as necessary.

 

I’m doing this auth posting setup currently in Majordomo with a hack I did to it in ~1999 J (and the techs have specific sudoers commands to set it up) but we finally have a migration to Sympa project so I need to make things behave similarly within settings that don’t require much/regular Listmaster intervention.

 

Betty

 

From: Michael Young <address@concealed>
Sent: Thursday, October 14, 2021 5:22 PM
To: Widerski, Betty <address@concealed>; address@concealed
Subject: Re: [sympa-users] privileged owners and scenari sources access

 

Not an exact answer to the question you’re asking – but do the IT folks have the ability to update groups that contain the members that you want to be able to send and also exist on that other list?

 

If so, you could set up a send scenario that did a search query against the directory for the group membership on the one list, and an ldap_include on the other ilst.

 

Michael Young

RIT

 

From: <address@concealed> on behalf of "Widerski, Betty" <address@concealed>
Reply-To: "Widerski, Betty" <
address@concealed>
Date: Thursday, October 14, 2021 at 5:17 PM
To: "
address@concealed" <address@concealed>
Subject: [sympa-users] privileged owners and scenari sources access

 

Hi –

 

I want to grant privileged owners the ability to edit send scenari in lists they create. These are IT Support techs who will need to edit a list’s send scenario to add the name of another list whose subscribers will be allowed to post to the new list but will not themselves be subscribers.

 

Looking for an answer I found this archived thread from 2011, which stated that the behavior is hard-coded but could be modified by changing code in web_tt2/edit_list_request.tt2 and in wwsympa.fcgi.

 

However, in the more current version we have installed (6.2.62) there is no mention of dump_scenario html access in edit_list_request.tt2. I do see that dump_scenario is still referenced in wwsympa.fcgi in several places. I’m guessing from the old thread’s info that I’d need to change

 

'dump_scenario'            => ['listmaster'],

To

'dump_scenario'            => ['privileged_owner', 'listmaster'],

 

But what about the action_type definition?

'dump_scenario'     => 'admin',

 

Is wwsympa.fcgi now what totally controls scenari source access, or is there someplace else I’d also need to tweak where the former edit_list_request.tt2 code went?

 

Thanks

Betty

 

Betty Widerski

Enterprise Systems & Services – HBS Information Technology

HARVARD  BUSINESS  SCHOOL     

Shad 108 N | address@concealed | T: 617.495.6642

 




Archive powered by MHonArc 2.6.19+.

Top of Page