mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
netcmd: models: add SDDL model field
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
parent
83d321e764
commit
1325e01303
@ -28,6 +28,7 @@ from datetime import datetime
|
||||
from xml.etree import ElementTree
|
||||
|
||||
from ldb import Dn, MessageElement, string_to_time, timestring
|
||||
from samba.dcerpc import security
|
||||
from samba.dcerpc.misc import GUID
|
||||
from samba.ndr import ndr_pack, ndr_unpack
|
||||
|
||||
@ -311,6 +312,36 @@ class GUIDField(Field):
|
||||
return MessageElement(ndr_pack(GUID(value)), flags, self.name)
|
||||
|
||||
|
||||
class SDDLField(Field):
|
||||
"""A SDDL field encodes and decodes SDDL data."""
|
||||
|
||||
def from_db_value(self, ldb, value):
|
||||
if value is None:
|
||||
return
|
||||
elif len(value) > 1 or self.many:
|
||||
return [ndr_unpack(security.descriptor, item).as_sddl()
|
||||
for item in value]
|
||||
else:
|
||||
return ndr_unpack(security.descriptor, value[0]).as_sddl()
|
||||
|
||||
def to_db_value(self, ldb, value, flags):
|
||||
domain_sid = security.dom_sid(ldb.get_domain_sid())
|
||||
if value is None:
|
||||
return
|
||||
elif isinstance(value, list):
|
||||
return MessageElement([ndr_pack(security.descriptor.from_sddl(
|
||||
item, domain_sid)) for item in value],
|
||||
flags,
|
||||
self.name)
|
||||
else:
|
||||
return MessageElement(
|
||||
ndr_pack(security.descriptor.from_sddl(value,
|
||||
domain_sid)),
|
||||
flags,
|
||||
self.name
|
||||
)
|
||||
|
||||
|
||||
class BooleanField(Field):
|
||||
"""A simple boolean field, can be a bool or list of bool."""
|
||||
|
||||
|
@ -25,10 +25,11 @@ from datetime import datetime
|
||||
from xml.etree import ElementTree
|
||||
|
||||
from ldb import FLAG_MOD_ADD, MessageElement, SCOPE_ONELEVEL
|
||||
from samba.dcerpc import security
|
||||
from samba.dcerpc.misc import GUID
|
||||
from samba.netcmd.domain.models import User, fields
|
||||
from samba.netcmd.domain.models.auth_policy import StrongNTLMPolicy
|
||||
from samba.ndr import ndr_unpack
|
||||
from samba.ndr import ndr_pack, ndr_unpack
|
||||
|
||||
from .base import SambaToolCmdTest
|
||||
|
||||
@ -276,6 +277,45 @@ class GUIDFieldTest(FieldTestMixin, SambaToolCmdTest):
|
||||
]
|
||||
|
||||
|
||||
class SDDLFieldTest(FieldTestMixin, SambaToolCmdTest):
|
||||
field = fields.SDDLField("FieldName")
|
||||
|
||||
def setUp(self):
|
||||
super().setUp()
|
||||
self.domain_sid = security.dom_sid(self.samdb.get_domain_sid())
|
||||
|
||||
def encode(self, value):
|
||||
return ndr_pack(security.descriptor.from_sddl(value, self.domain_sid))
|
||||
|
||||
@property
|
||||
def to_db_value(self):
|
||||
values = [
|
||||
"O:SYG:SYD:(XA;OICI;CR;;;WD;(Member_of {SID(AU)}))",
|
||||
"O:SYG:SYD:(XA;OICI;CR;;;WD;(Member_of {SID(AO)}))",
|
||||
"O:SYG:SYD:(XA;OICI;CR;;;WD;((Member_of {SID(AO)}) || (Member_of {SID(BO)})))",
|
||||
"O:SYG:SYD:(XA;OICI;CR;;;WD;(Member_of {SID(%s)}))" % self.domain_sid,
|
||||
]
|
||||
expected = [
|
||||
(value, MessageElement(self.encode(value))) for value in values
|
||||
]
|
||||
expected.append((None, None))
|
||||
return expected
|
||||
|
||||
@property
|
||||
def from_db_value(self):
|
||||
values = [
|
||||
"O:SYG:SYD:(XA;OICI;CR;;;WD;(Member_of {SID(AU)}))",
|
||||
"O:SYG:SYD:(XA;OICI;CR;;;WD;(Member_of {SID(AO)}))",
|
||||
"O:SYG:SYD:(XA;OICI;CR;;;WD;((Member_of {SID(AO)}) || (Member_of {SID(BO)})))",
|
||||
"O:SYG:SYD:(XA;OICI;CR;;;WD;(Member_of {SID(%s)}))" % self.domain_sid,
|
||||
]
|
||||
expected = [
|
||||
(MessageElement(self.encode(value)), value) for value in values
|
||||
]
|
||||
expected.append((None, None))
|
||||
return expected
|
||||
|
||||
|
||||
class PossibleClaimValuesFieldTest(FieldTestMixin, SambaToolCmdTest):
|
||||
field = fields.PossibleClaimValuesField("FieldName")
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user