1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00

s3-samr: remove duplicate copies of Group Object specific access rights.

Guenther
This commit is contained in:
Günther Deschner 2008-10-23 19:45:58 +02:00
parent 673ba71658
commit 5e5edbe761
3 changed files with 10 additions and 34 deletions

View File

@ -214,35 +214,6 @@ struct standard_mapping {
SA_RIGHT_FILE_WRITE_DATA | \
SA_RIGHT_FILE_READ_DATA)
/* Group Object specific access rights */
#define SA_RIGHT_GROUP_LOOKUP_INFO 0x00000001
#define SA_RIGHT_GROUP_SET_INFO 0x00000002
#define SA_RIGHT_GROUP_ADD_MEMBER 0x00000004
#define SA_RIGHT_GROUP_REMOVE_MEMBER 0x00000008
#define SA_RIGHT_GROUP_GET_MEMBERS 0x00000010
#define SA_RIGHT_GROUP_ALL_ACCESS 0x0000001F
#define GENERIC_RIGHTS_GROUP_ALL_ACCESS \
(STANDARD_RIGHTS_REQUIRED_ACCESS| \
SA_RIGHT_GROUP_ALL_ACCESS) /* 0x000f001f */
#define GENERIC_RIGHTS_GROUP_READ \
(STANDARD_RIGHTS_READ_ACCESS | \
SA_RIGHT_GROUP_GET_MEMBERS) /* 0x00020010 */
#define GENERIC_RIGHTS_GROUP_WRITE \
(STANDARD_RIGHTS_WRITE_ACCESS | \
SA_RIGHT_GROUP_REMOVE_MEMBER | \
SA_RIGHT_GROUP_ADD_MEMBER | \
SA_RIGHT_GROUP_SET_INFO ) /* 0x0002000e */
#define GENERIC_RIGHTS_GROUP_EXECUTE \
(STANDARD_RIGHTS_EXECUTE_ACCESS | \
SA_RIGHT_GROUP_LOOKUP_INFO) /* 0x00020001 */
/* Alias Object specific access rights */
#define SA_RIGHT_ALIAS_ADD_MEMBER 0x00000001

View File

@ -23,6 +23,11 @@
#define GENERIC_RIGHTS_DOMAIN_READ ( (STANDARD_RIGHTS_READ_ACCESS|SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS|SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2) )
#define GENERIC_RIGHTS_DOMAIN_WRITE ( (STANDARD_RIGHTS_WRITE_ACCESS|SAMR_DOMAIN_ACCESS_SET_INFO_3|SAMR_DOMAIN_ACCESS_CREATE_ALIAS|SAMR_DOMAIN_ACCESS_CREATE_GROUP|SAMR_DOMAIN_ACCESS_CREATE_USER|SAMR_DOMAIN_ACCESS_SET_INFO_2|SAMR_DOMAIN_ACCESS_SET_INFO_1) )
#define GENERIC_RIGHTS_DOMAIN_EXECUTE ( (STANDARD_RIGHTS_EXECUTE_ACCESS|SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT|SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS|SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1) )
#define SAMR_GROUP_ACCESS_ALL_ACCESS ( 0x0000001F )
#define GENERIC_RIGHTS_GROUP_ALL_ACCESS ( (STANDARD_RIGHTS_REQUIRED_ACCESS|SAMR_GROUP_ACCESS_ALL_ACCESS) )
#define GENERIC_RIGHTS_GROUP_READ ( (STANDARD_RIGHTS_READ_ACCESS|SAMR_GROUP_ACCESS_GET_MEMBERS) )
#define GENERIC_RIGHTS_GROUP_WRITE ( (STANDARD_RIGHTS_WRITE_ACCESS|SAMR_GROUP_ACCESS_REMOVE_MEMBER|SAMR_GROUP_ACCESS_ADD_MEMBER|SAMR_GROUP_ACCESS_SET_INFO) )
#define GENERIC_RIGHTS_GROUP_EXECUTE ( (STANDARD_RIGHTS_EXECUTE_ACCESS|SAMR_GROUP_ACCESS_LOOKUP_INFO) )
#define MAX_SAM_ENTRIES_W2K ( 0x400 )
#define MAX_SAM_ENTRIES_W95 ( 50 )
#define SAMR_ENUM_USERS_MULTIPLIER ( 54 )

View File

@ -4480,7 +4480,7 @@ NTSTATUS _samr_QueryGroupMember(pipes_struct *p,
return NT_STATUS_INVALID_HANDLE;
status = access_check_samr_function(acc_granted,
SA_RIGHT_GROUP_GET_MEMBERS,
SAMR_GROUP_ACCESS_GET_MEMBERS,
"_samr_QueryGroupMember");
if (!NT_STATUS_IS_OK(status)) {
return status;
@ -4644,7 +4644,7 @@ NTSTATUS _samr_AddGroupMember(pipes_struct *p,
return NT_STATUS_INVALID_HANDLE;
status = access_check_samr_function(acc_granted,
SA_RIGHT_GROUP_ADD_MEMBER,
SAMR_GROUP_ACCESS_ADD_MEMBER,
"_samr_AddGroupMember");
if (!NT_STATUS_IS_OK(status)) {
return status;
@ -4704,7 +4704,7 @@ NTSTATUS _samr_DeleteGroupMember(pipes_struct *p,
return NT_STATUS_INVALID_HANDLE;
status = access_check_samr_function(acc_granted,
SA_RIGHT_GROUP_REMOVE_MEMBER,
SAMR_GROUP_ACCESS_REMOVE_MEMBER,
"_samr_DeleteGroupMember");
if (!NT_STATUS_IS_OK(status)) {
return status;
@ -5159,7 +5159,7 @@ NTSTATUS _samr_QueryGroupInfo(pipes_struct *p,
return NT_STATUS_INVALID_HANDLE;
status = access_check_samr_function(acc_granted,
SA_RIGHT_GROUP_LOOKUP_INFO,
SAMR_GROUP_ACCESS_LOOKUP_INFO,
"_samr_QueryGroupInfo");
if (!NT_STATUS_IS_OK(status)) {
return status;
@ -5265,7 +5265,7 @@ NTSTATUS _samr_SetGroupInfo(pipes_struct *p,
return NT_STATUS_INVALID_HANDLE;
status = access_check_samr_function(acc_granted,
SA_RIGHT_GROUP_SET_INFO,
SAMR_GROUP_ACCESS_SET_INFO,
"_samr_SetGroupInfo");
if (!NT_STATUS_IS_OK(status)) {
return status;