-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 10/29/2013 10:35 PM, Terri Oda wrote:
Stephen, Florian and I had a nice discussion at the GSoC Mentor Summit about what's left before we can release a beta of the entire Mailman Suite (i.e. Mailman core, Postorius and Hyperkitty packaged together). We're getting close! In fact, close enough that I'm going to suggest that we set a beta release target date of Dec 1st.
I know we had a list of 5 things... but for some reason I can't remember all of them. Florian, Stephen, can you chime in?
- Need a Postorius interface for associating multiple email
addresses with a single account. This is probably going to require either an email verification, so we might want to have that as part Mailman Core rather than doing it directly in Postorius. Short term, I don't care how it's done as long as it verifies that the user actually has access to the addresses they link together.
Short term we could use django-registration to verify additional email addresses. It should be very easy to integrate with Postorius. Plus it's maintained by one of the Django people so I guess it's stable enough to work even long term.
- Postorius & Hyperkitty need a bit more work on the
authentication management. Florian indicated that he's looking for some code review for the persona integration and that we'd really like a single sign on solution for postorius/hyperkitty to work together seamlessly.
I got a branch almost ready (90%-ish) for merging that contains A) a change from our current Persona integration (django-social-auth) to Mozilla's own django app and B) some code to take domains created in Mailman-core into account when verifying Persona tokens. Since this is a security issue, I'd really like to have a second set of eyes having a look at it before merging. (Yes, I'm especially looking at you Dr. Terri! I'll poke you when I've added the remaining 10%... ;-) That's next on my list as soon as I have reduced my current post-travel-pile-of-errands a bit.
Re: Hyperkitty: Last time I checked it didn't seem to implement any access control for non-public lists. This isn't really a bug, but it restricts HK to be used with public lists only. @Aurelien: Is that correct? If so: Would you mind me suggesting some ideas to add member checking for private lists?
- We need some nice install scripts or packaging work so that
installing Mailman Suite is easy. Probably for beta purposes this can just be a shell script, but we also talked about doing a meta "Mailman Suite" PyPI package and maybe doing a .deb or .rpm as proof of concept.
I'm not sure, but I *think* I mentioned I wanted to add some changes to Postorius' test suite before releasing the beta. Which isn't really a *feature*, more like an itch that needed scratching. Anyway, I merged that one last week.
Owner/Moderator removal. It's essential, but implementation-wise that's a minor thing.
Hopefully Florian and Stephen have better memories
Well, I'm not sure myself if items 4 and 5 were really the ones we talked about... ;-)