2010-08-27 08:56:15 +10:00
/*
2003-05-06 13:10:10 +00:00
Unix SMB / CIFS implementation .
SMB parameters and setup
Copyright ( C ) Andrew Tridgell 1992 - 1997
Copyright ( C ) Luke Kenneth Casson Leighton 1996 - 1997
Copyright ( C ) Paul Ashton 1997
2005-01-13 18:20:37 +00:00
Copyright ( C ) Simo Sorce 2003
2005-03-10 18:50:47 +00:00
Copyright ( C ) Gerald ( Jerry ) Carter 2005
2010-08-26 18:38:16 +10:00
Copyright ( C ) Andrew Bartlett 2010
2010-08-27 08:56:15 +10:00
2003-05-06 13:10:10 +00:00
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
2007-07-09 19:25:36 +00:00
the Free Software Foundation ; either version 3 of the License , or
2003-05-06 13:10:10 +00:00
( at your option ) any later version .
2010-08-27 08:56:15 +10:00
2003-05-06 13:10:10 +00:00
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
2010-08-27 08:56:15 +10:00
2003-05-06 13:10:10 +00:00
You should have received a copy of the GNU General Public License
2007-07-10 00:52:41 +00:00
along with this program . If not , see < http : //www.gnu.org/licenses/>.
2003-05-06 13:10:10 +00:00
*/
# ifndef PRIVILEGES_H
# define PRIVILEGES_H
2021-10-06 09:16:32 +02:00
# include "lib/util/data_blob.h"
# include "lib/util/time.h"
2010-06-05 02:39:11 +02:00
# include "../librpc/gen_ndr/lsa.h"
2010-08-27 12:44:35 +10:00
# include "../librpc/gen_ndr/security.h"
2010-06-05 02:39:11 +02:00
2010-08-31 09:20:39 +10:00
/* common privilege bitmask defines */
2005-01-19 16:52:19 +00:00
2010-08-26 14:37:00 +10:00
# define SE_ALL_PRIVS (uint64_t)-1
2003-06-18 15:24:10 +00:00
2005-01-13 18:20:37 +00:00
/*
* These are used in Lsa replies ( srv_lsa_nt . c )
*/
2005-06-29 16:35:32 +00:00
typedef struct {
2003-10-06 01:38:46 +00:00
TALLOC_CTX * mem_ctx ;
2007-10-18 17:40:25 -07:00
bool ext_ctx ;
2010-08-27 09:35:55 +10:00
uint32_t count ;
uint32_t control ;
2010-06-05 02:39:11 +02:00
struct lsa_LUIDAttribute * set ;
2003-05-06 13:10:10 +00:00
} PRIVILEGE_SET ;
2010-08-27 09:22:31 +10:00
const char * get_privilege_dispname ( const char * name ) ;
/*******************************************************************
2023-04-27 15:56:42 +02:00
return the number of elements in the ' short ' privilege array ( traditional source3 behaviour )
2010-08-27 09:22:31 +10:00
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2010-08-27 12:19:09 +10:00
int num_privileges_in_short_list ( void ) ;
2010-08-27 09:22:31 +10:00
2010-08-27 09:35:55 +10:00
/*
map a privilege id to the wire string constant
*/
const char * sec_privilege_name ( enum sec_privilege privilege ) ;
/*
map a privilege id to a privilege display name . Return NULL if not found
TODO : this should use language mappings
*/
const char * sec_privilege_display_name ( enum sec_privilege privilege , uint16_t * language ) ;
/*
map a privilege name to a privilege id . Return - 1 if not found
*/
enum sec_privilege sec_privilege_id ( const char * name ) ;
2010-09-11 16:58:45 +10:00
/*
map a ' right ' name to it ' s bitmap value . Return 0 if not found
*/
uint32_t sec_right_bit ( const char * name ) ;
2010-08-27 09:35:55 +10:00
/*
2010-08-27 12:19:09 +10:00
assist in walking the table of privileges - return the LUID ( low 32 bits ) by index
2010-08-27 09:35:55 +10:00
*/
enum sec_privilege sec_privilege_from_index ( int idx ) ;
2010-08-27 12:19:09 +10:00
/*
assist in walking the table of privileges - return the string constant by index
*/
const char * sec_privilege_name_from_index ( int idx ) ;
2010-08-27 09:35:55 +10:00
/*
return true if a security_token has a particular privilege bit set
*/
bool security_token_has_privilege ( const struct security_token * token , enum sec_privilege privilege ) ;
2013-08-06 13:26:53 +02:00
/**
* @ brief Check if the security token has system privileges .
*
* @ param [ in ] token The token to check .
*
* @ return True if the token has system privileges , false if not .
*/
bool security_token_system_privilege ( const struct security_token * token ) ;
2010-08-27 09:35:55 +10:00
/*
set a bit in the privilege mask
*/
void security_token_set_privilege ( struct security_token * token , enum sec_privilege privilege ) ;
2010-09-11 16:58:45 +10:00
/*
set a bit in the rights mask
*/
void security_token_set_right_bit ( struct security_token * token , uint32_t right_bit ) ;
2010-08-27 09:35:55 +10:00
2023-08-30 12:39:00 +02:00
char * security_token_debug_privileges ( TALLOC_CTX * mem_ctx ,
const struct security_token * token ) ;
2010-08-27 09:35:55 +10:00
2003-06-18 15:24:10 +00:00
# endif /* PRIVILEGES_H */