1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00

netcmd: models: SDDLField parses to object instead of string

Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
This commit is contained in:
Rob van der Linde 2024-02-12 21:56:43 +13:00 committed by Andrew Bartlett
parent 9ca05ec28c
commit 63064d4c9f
2 changed files with 30 additions and 20 deletions

View File

@ -397,32 +397,29 @@ class SDDLField(Field):
if value is None:
return
elif len(value) > 1 or self.many:
return [ndr_unpack(security.descriptor, item).as_sddl()
for item in value]
return [ndr_unpack(security.descriptor, item) for item in value]
else:
return ndr_unpack(security.descriptor, value[0]).as_sddl()
return ndr_unpack(security.descriptor, value[0])
def to_db_value(self, ldb, value, flags):
domain_sid = security.dom_sid(ldb.get_domain_sid())
if value is None:
return
elif isinstance(value, list):
return MessageElement([ndr_pack(security.descriptor.from_sddl(
item,
domain_sid,
allow_device_in_sddl=self.allow_device_in_sddl))
for item in value],
return MessageElement(
[self.to_db_value(ldb, item, flags)[0] for item in value],
flags,
self.name)
else:
return MessageElement(
ndr_pack(security.descriptor.from_sddl(
value,
domain_sid,
allow_device_in_sddl=self.allow_device_in_sddl)),
flags,
self.name
)
# If this is a SDDL string convert it to a descriptor.
if isinstance(value, str):
desc = security.descriptor.from_sddl(
value, domain_sid,
allow_device_in_sddl=self.allow_device_in_sddl)
else:
desc = value
return MessageElement(ndr_pack(desc), flags, self.name)
class BooleanField(Field):

View File

@ -387,8 +387,8 @@ class SDDLFieldTest(FieldTestMixin, SambaToolCmdTest):
super().setUp()
self.domain_sid = security.dom_sid(self.samdb.get_domain_sid())
def encode(self, value):
return ndr_pack(security.descriptor.from_sddl(value, self.domain_sid))
def security_descriptor(self, sddl):
return security.descriptor.from_sddl(sddl, self.domain_sid)
@property
def to_db_value(self):
@ -398,9 +398,20 @@ class SDDLFieldTest(FieldTestMixin, SambaToolCmdTest):
"O:SYG:SYD:(XA;OICI;CR;;;WD;((Member_of {SID(AO)}) || (Member_of {SID(BO)})))",
"O:SYG:SYD:(XA;OICI;CR;;;WD;(Member_of {SID(%s)}))" % self.domain_sid,
]
# Values coming in are SDDL strings
expected = [
(value, MessageElement(self.encode(value))) for value in values
(value, MessageElement(ndr_pack(self.security_descriptor(value))))
for value in values
]
# Values coming in are already security descriptors
expected.extend([
(self.security_descriptor(value),
MessageElement(ndr_pack(self.security_descriptor(value))))
for value in values
])
expected.append((None, None))
return expected
@ -413,7 +424,9 @@ class SDDLFieldTest(FieldTestMixin, SambaToolCmdTest):
"O:SYG:SYD:(XA;OICI;CR;;;WD;(Member_of {SID(%s)}))" % self.domain_sid,
]
expected = [
(MessageElement(self.encode(value)), value) for value in values
(MessageElement(ndr_pack(self.security_descriptor(value))),
self.security_descriptor(value))
for value in values
]
expected.append((None, None))
return expected