mirror of
https://github.com/samba-team/samba.git
synced 2024-12-23 17:34:34 +03:00
s3-samr: remove duplicate copies of Group Object specific access rights.
Guenther
This commit is contained in:
parent
673ba71658
commit
5e5edbe761
@ -214,35 +214,6 @@ struct standard_mapping {
|
||||
SA_RIGHT_FILE_WRITE_DATA | \
|
||||
SA_RIGHT_FILE_READ_DATA)
|
||||
|
||||
/* Group Object specific access rights */
|
||||
|
||||
#define SA_RIGHT_GROUP_LOOKUP_INFO 0x00000001
|
||||
#define SA_RIGHT_GROUP_SET_INFO 0x00000002
|
||||
#define SA_RIGHT_GROUP_ADD_MEMBER 0x00000004
|
||||
#define SA_RIGHT_GROUP_REMOVE_MEMBER 0x00000008
|
||||
#define SA_RIGHT_GROUP_GET_MEMBERS 0x00000010
|
||||
|
||||
#define SA_RIGHT_GROUP_ALL_ACCESS 0x0000001F
|
||||
|
||||
#define GENERIC_RIGHTS_GROUP_ALL_ACCESS \
|
||||
(STANDARD_RIGHTS_REQUIRED_ACCESS| \
|
||||
SA_RIGHT_GROUP_ALL_ACCESS) /* 0x000f001f */
|
||||
|
||||
#define GENERIC_RIGHTS_GROUP_READ \
|
||||
(STANDARD_RIGHTS_READ_ACCESS | \
|
||||
SA_RIGHT_GROUP_GET_MEMBERS) /* 0x00020010 */
|
||||
|
||||
#define GENERIC_RIGHTS_GROUP_WRITE \
|
||||
(STANDARD_RIGHTS_WRITE_ACCESS | \
|
||||
SA_RIGHT_GROUP_REMOVE_MEMBER | \
|
||||
SA_RIGHT_GROUP_ADD_MEMBER | \
|
||||
SA_RIGHT_GROUP_SET_INFO ) /* 0x0002000e */
|
||||
|
||||
#define GENERIC_RIGHTS_GROUP_EXECUTE \
|
||||
(STANDARD_RIGHTS_EXECUTE_ACCESS | \
|
||||
SA_RIGHT_GROUP_LOOKUP_INFO) /* 0x00020001 */
|
||||
|
||||
|
||||
/* Alias Object specific access rights */
|
||||
|
||||
#define SA_RIGHT_ALIAS_ADD_MEMBER 0x00000001
|
||||
|
@ -23,6 +23,11 @@
|
||||
#define GENERIC_RIGHTS_DOMAIN_READ ( (STANDARD_RIGHTS_READ_ACCESS|SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS|SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2) )
|
||||
#define GENERIC_RIGHTS_DOMAIN_WRITE ( (STANDARD_RIGHTS_WRITE_ACCESS|SAMR_DOMAIN_ACCESS_SET_INFO_3|SAMR_DOMAIN_ACCESS_CREATE_ALIAS|SAMR_DOMAIN_ACCESS_CREATE_GROUP|SAMR_DOMAIN_ACCESS_CREATE_USER|SAMR_DOMAIN_ACCESS_SET_INFO_2|SAMR_DOMAIN_ACCESS_SET_INFO_1) )
|
||||
#define GENERIC_RIGHTS_DOMAIN_EXECUTE ( (STANDARD_RIGHTS_EXECUTE_ACCESS|SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT|SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS|SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1) )
|
||||
#define SAMR_GROUP_ACCESS_ALL_ACCESS ( 0x0000001F )
|
||||
#define GENERIC_RIGHTS_GROUP_ALL_ACCESS ( (STANDARD_RIGHTS_REQUIRED_ACCESS|SAMR_GROUP_ACCESS_ALL_ACCESS) )
|
||||
#define GENERIC_RIGHTS_GROUP_READ ( (STANDARD_RIGHTS_READ_ACCESS|SAMR_GROUP_ACCESS_GET_MEMBERS) )
|
||||
#define GENERIC_RIGHTS_GROUP_WRITE ( (STANDARD_RIGHTS_WRITE_ACCESS|SAMR_GROUP_ACCESS_REMOVE_MEMBER|SAMR_GROUP_ACCESS_ADD_MEMBER|SAMR_GROUP_ACCESS_SET_INFO) )
|
||||
#define GENERIC_RIGHTS_GROUP_EXECUTE ( (STANDARD_RIGHTS_EXECUTE_ACCESS|SAMR_GROUP_ACCESS_LOOKUP_INFO) )
|
||||
#define MAX_SAM_ENTRIES_W2K ( 0x400 )
|
||||
#define MAX_SAM_ENTRIES_W95 ( 50 )
|
||||
#define SAMR_ENUM_USERS_MULTIPLIER ( 54 )
|
||||
|
@ -4480,7 +4480,7 @@ NTSTATUS _samr_QueryGroupMember(pipes_struct *p,
|
||||
return NT_STATUS_INVALID_HANDLE;
|
||||
|
||||
status = access_check_samr_function(acc_granted,
|
||||
SA_RIGHT_GROUP_GET_MEMBERS,
|
||||
SAMR_GROUP_ACCESS_GET_MEMBERS,
|
||||
"_samr_QueryGroupMember");
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
return status;
|
||||
@ -4644,7 +4644,7 @@ NTSTATUS _samr_AddGroupMember(pipes_struct *p,
|
||||
return NT_STATUS_INVALID_HANDLE;
|
||||
|
||||
status = access_check_samr_function(acc_granted,
|
||||
SA_RIGHT_GROUP_ADD_MEMBER,
|
||||
SAMR_GROUP_ACCESS_ADD_MEMBER,
|
||||
"_samr_AddGroupMember");
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
return status;
|
||||
@ -4704,7 +4704,7 @@ NTSTATUS _samr_DeleteGroupMember(pipes_struct *p,
|
||||
return NT_STATUS_INVALID_HANDLE;
|
||||
|
||||
status = access_check_samr_function(acc_granted,
|
||||
SA_RIGHT_GROUP_REMOVE_MEMBER,
|
||||
SAMR_GROUP_ACCESS_REMOVE_MEMBER,
|
||||
"_samr_DeleteGroupMember");
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
return status;
|
||||
@ -5159,7 +5159,7 @@ NTSTATUS _samr_QueryGroupInfo(pipes_struct *p,
|
||||
return NT_STATUS_INVALID_HANDLE;
|
||||
|
||||
status = access_check_samr_function(acc_granted,
|
||||
SA_RIGHT_GROUP_LOOKUP_INFO,
|
||||
SAMR_GROUP_ACCESS_LOOKUP_INFO,
|
||||
"_samr_QueryGroupInfo");
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
return status;
|
||||
@ -5265,7 +5265,7 @@ NTSTATUS _samr_SetGroupInfo(pipes_struct *p,
|
||||
return NT_STATUS_INVALID_HANDLE;
|
||||
|
||||
status = access_check_samr_function(acc_granted,
|
||||
SA_RIGHT_GROUP_SET_INFO,
|
||||
SAMR_GROUP_ACCESS_SET_INFO,
|
||||
"_samr_SetGroupInfo");
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
return status;
|
||||
|
Loading…
Reference in New Issue
Block a user