sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-07-31 20:22:15 +03:00
Code Activity

samdb: Accept a list of member variables rather than a comma-separated string.

Browse Source
This commit is contained in:
Jelmer Vernooij
2012-06-19 12:43:08 +02:00
parent 3c74117e2e
commit cbd660d013
5 changed files with 25 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
source4/dsdb/tests/python/acl.py
View File

@ -128,9 +128,9 @@ class AclAddTests(AclTests):
self.ldb_admin.newuser(self.regular_user, self.user_pass) self.ldb_admin.newuser(self.regular_user, self.user_pass)
# add admins to the Domain Admins group # add admins to the Domain Admins group
self.ldb_admin.add_remove_group_members("Domain Admins", self.usr_admin_owner, self.ldb_admin.add_remove_group_members("Domain Admins", [self.usr_admin_owner],
add_members_operation=True) add_members_operation=True)
self.ldb_admin.add_remove_group_members("Domain Admins", self.usr_admin_not_owner, self.ldb_admin.add_remove_group_members("Domain Admins", [self.usr_admin_not_owner],
add_members_operation=True) add_members_operation=True)
self.ldb_owner = self.get_ldb_connection(self.usr_admin_owner, self.user_pass) self.ldb_owner = self.get_ldb_connection(self.usr_admin_owner, self.user_pass)
@ -613,7 +613,7 @@ class AclSearchTests(AclTests):
self.ldb_admin.newuser(self.u2, self.user_pass) self.ldb_admin.newuser(self.u2, self.user_pass)
self.ldb_admin.newuser(self.u3, self.user_pass) self.ldb_admin.newuser(self.u3, self.user_pass)
self.ldb_admin.newgroup(self.group1, grouptype=samba.dsdb.GTYPE_SECURITY_GLOBAL_GROUP) self.ldb_admin.newgroup(self.group1, grouptype=samba.dsdb.GTYPE_SECURITY_GLOBAL_GROUP)
self.ldb_admin.add_remove_group_members(self.group1, self.u2, self.ldb_admin.add_remove_group_members(self.group1, [self.u2],
add_members_operation=True) add_members_operation=True)
self.ldb_user = self.get_ldb_connection(self.u1, self.user_pass) self.ldb_user = self.get_ldb_connection(self.u1, self.user_pass)
self.ldb_user2 = self.get_ldb_connection(self.u2, self.user_pass) self.ldb_user2 = self.get_ldb_connection(self.u2, self.user_pass)
@ -1521,7 +1521,7 @@ class AclExtendedTests(AclTests):
self.ldb_admin.newuser(self.u1, self.user_pass) self.ldb_admin.newuser(self.u1, self.user_pass)
self.ldb_admin.newuser(self.u2, self.user_pass) self.ldb_admin.newuser(self.u2, self.user_pass)
self.ldb_admin.newuser(self.u3, self.user_pass) self.ldb_admin.newuser(self.u3, self.user_pass)
self.ldb_admin.add_remove_group_members("Domain Admins", self.u3, self.ldb_admin.add_remove_group_members("Domain Admins", [self.u3],
add_members_operation=True) add_members_operation=True)
self.ldb_user1 = self.get_ldb_connection(self.u1, self.user_pass) self.ldb_user1 = self.get_ldb_connection(self.u1, self.user_pass)
self.ldb_user2 = self.get_ldb_connection(self.u2, self.user_pass) self.ldb_user2 = self.get_ldb_connection(self.u2, self.user_pass)

18
source4/dsdb/tests/python/dirsync.py
View File

@ -124,7 +124,7 @@ class SimpleDirsyncTests(DirsyncBaseTests):
self.sd_utils.dacl_add_ace(self.base_dn, mod) self.sd_utils.dacl_add_ace(self.base_dn, mod)
# add admins to the Domain Admins group # add admins to the Domain Admins group
self.ldb_admin.add_remove_group_members("Domain Admins", self.admin_user, self.ldb_admin.add_remove_group_members("Domain Admins", [self.admin_user],
add_members_operation=True) add_members_operation=True)
def tearDown(self): def tearDown(self):
@ -477,7 +477,7 @@ class SimpleDirsyncTests(DirsyncBaseTests):
ctl[2] = "1" ctl[2] = "1"
ctl[3] = "10000" ctl[3] = "10000"
control1 = str(":".join(ctl)) control1 = str(":".join(ctl))
self.ldb_admin.add_remove_group_members("Administrators", self.simple_user, self.ldb_admin.add_remove_group_members("Administrators", [self.simple_user],
add_members_operation=True) add_members_operation=True)
res = self.ldb_simple.search(self.base_dn, res = self.ldb_simple.search(self.base_dn,
@ -492,7 +492,7 @@ class SimpleDirsyncTests(DirsyncBaseTests):
control1 = str(":".join(ctl)) control1 = str(":".join(ctl))
# remove the user from the group # remove the user from the group
self.ldb_admin.add_remove_group_members("Administrators", self.simple_user, self.ldb_admin.add_remove_group_members("Administrators", [self.simple_user],
add_members_operation=False) add_members_operation=False)
res = self.ldb_simple.search(self.base_dn, res = self.ldb_simple.search(self.base_dn,
@ -502,7 +502,7 @@ class SimpleDirsyncTests(DirsyncBaseTests):
self.assertEqual(len(res[0].get("member")), size ) self.assertEqual(len(res[0].get("member")), size )
self.ldb_admin.newgroup("testgroup") self.ldb_admin.newgroup("testgroup")
self.ldb_admin.add_remove_group_members("testgroup", self.simple_user, self.ldb_admin.add_remove_group_members("testgroup", [self.simple_user],
add_members_operation=True) add_members_operation=True)
res = self.ldb_admin.search(self.base_dn, res = self.ldb_admin.search(self.base_dn,
@ -532,7 +532,7 @@ class SimpleDirsyncTests(DirsyncBaseTests):
ctl[3] = "10000" ctl[3] = "10000"
control1 = str(":".join(ctl)) control1 = str(":".join(ctl))
self.ldb_admin.add_remove_group_members("testgroup", self.simple_user, self.ldb_admin.add_remove_group_members("testgroup", [self.simple_user],
add_members_operation=False) add_members_operation=False)
res = self.ldb_admin.search(self.base_dn, res = self.ldb_admin.search(self.base_dn,
@ -608,9 +608,9 @@ class ExtendedDirsyncTests(SimpleDirsyncTests):
ctl[2] = "%d" % flag_incr_linked ctl[2] = "%d" % flag_incr_linked
ctl[3] = "10000" ctl[3] = "10000"
control1 = str(":".join(ctl)) control1 = str(":".join(ctl))
self.ldb_admin.add_remove_group_members("Administrators", self.simple_user, self.ldb_admin.add_remove_group_members("Administrators", [self.simple_user],
add_members_operation=True) add_members_operation=True)
self.ldb_admin.add_remove_group_members("Administrators", self.dirsync_user, self.ldb_admin.add_remove_group_members("Administrators", [self.dirsync_user],
add_members_operation=True) add_members_operation=True)
@ -626,7 +626,7 @@ class ExtendedDirsyncTests(SimpleDirsyncTests):
control1 = str(":".join(ctl)) control1 = str(":".join(ctl))
# remove the user from the group # remove the user from the group
self.ldb_admin.add_remove_group_members("Administrators", self.simple_user, self.ldb_admin.add_remove_group_members("Administrators", [self.simple_user],
add_members_operation=False) add_members_operation=False)
res = self.ldb_admin.search(self.base_dn, res = self.ldb_admin.search(self.base_dn,
@ -642,7 +642,7 @@ class ExtendedDirsyncTests(SimpleDirsyncTests):
ctl[3] = "10000" ctl[3] = "10000"
control2 = str(":".join(ctl)) control2 = str(":".join(ctl))
self.ldb_admin.add_remove_group_members("Administrators", self.dirsync_user, self.ldb_admin.add_remove_group_members("Administrators", [self.dirsync_user],
add_members_operation=False) add_members_operation=False)
res = self.ldb_admin.search(self.base_dn, res = self.ldb_admin.search(self.base_dn,

8
source4/dsdb/tests/python/sec_descriptor.py
View File

@ -200,13 +200,13 @@ class OwnerGroupDescriptorTests(DescriptorTests):
self.ldb_admin.newuser("testuser8", "samba123@") self.ldb_admin.newuser("testuser8", "samba123@")
self.ldb_admin.add_remove_group_members("Enterprise Admins", self.ldb_admin.add_remove_group_members("Enterprise Admins",
"testuser1,testuser5,testuser6,testuser8", ["testuser1", "testuser5", "testuser6", "testuser8"],
add_members_operation=True) add_members_operation=True)
self.ldb_admin.add_remove_group_members("Domain Admins", self.ldb_admin.add_remove_group_members("Domain Admins",
"testuser2,testuser5,testuser6,testuser7", ["testuser2","testuser5","testuser6","testuser7"],
add_members_operation=True) add_members_operation=True)
self.ldb_admin.add_remove_group_members("Schema Admins", self.ldb_admin.add_remove_group_members("Schema Admins",
"testuser3,testuser6,testuser7,testuser8", ["testuser3","testuser6","testuser7","testuser8"],
add_members_operation=True) add_members_operation=True)
self.results = { self.results = {
@ -1865,7 +1865,7 @@ class RightsAttributesTests(DescriptorTests):
# User 2, Domain Admins # User 2, Domain Admins
self.ldb_admin.newuser("testuser_attr2", "samba123@") self.ldb_admin.newuser("testuser_attr2", "samba123@")
self.ldb_admin.add_remove_group_members("Domain Admins", self.ldb_admin.add_remove_group_members("Domain Admins",
"testuser_attr2", ["testuser_attr2"],
add_members_operation=True) add_members_operation=True)
def test_sDRightsEffective(self): def test_sDRightsEffective(self):

7
source4/scripting/python/samba/netcmd/group.py
View File

@ -206,7 +206,9 @@ Example2 shows how to add a single user account, User2, to the supergroup AD gro
try: try:
samdb = SamDB(url=H, session_info=system_session(), samdb = SamDB(url=H, session_info=system_session(),
credentials=creds, lp=lp) credentials=creds, lp=lp)
samdb.add_remove_group_members(groupname, listofmembers, add_members_operation=True) groupmembers = listofmembers.split(',')
samdb.add_remove_group_members(groupname, groupmembers,
add_members_operation=True)
except Exception, e: except Exception, e:
# FIXME: catch more specific exception # FIXME: catch more specific exception
raise CommandError('Failed to add members "%s" to group "%s"' % ( raise CommandError('Failed to add members "%s" to group "%s"' % (
@ -256,7 +258,8 @@ Example2 shows how to remove a single user account, User2, from the supergroup A
try: try:
samdb = SamDB(url=H, session_info=system_session(), samdb = SamDB(url=H, session_info=system_session(),
credentials=creds, lp=lp) credentials=creds, lp=lp)
samdb.add_remove_group_members(groupname, listofmembers, add_members_operation=False) samdb.add_remove_group_members(groupname, listofmembers.split(","),
add_members_operation=False)
except Exception, e: except Exception, e:
# FIXME: Catch more specific exception # FIXME: Catch more specific exception
raise CommandError('Failed to remove members "%s" from group "%s"' % (listofmembers, groupname), e) raise CommandError('Failed to remove members "%s" from group "%s"' % (listofmembers, groupname), e)

7
source4/scripting/python/samba/samdb.py
View File

@ -226,19 +226,18 @@ pwdLastSet: 0
else: else:
self.transaction_commit() self.transaction_commit()
def add_remove_group_members(self, groupname, listofmembers, def add_remove_group_members(self, groupname, members,
add_members_operation=True): add_members_operation=True):
"""Adds or removes group members """Adds or removes group members
:param groupname: Name of the target group :param groupname: Name of the target group
:param listofmembers: Comma-separated list of group members :param members: list of group members
:param add_members_operation: Defines if its an add or remove :param add_members_operation: Defines if its an add or remove
operation operation
""" """
groupfilter = "(&(sAMAccountName=%s)(objectCategory=%s,%s))" % ( groupfilter = "(&(sAMAccountName=%s)(objectCategory=%s,%s))" % (
ldb.binary_encode(groupname), "CN=Group,CN=Schema,CN=Configuration", self.domain_dn()) ldb.binary_encode(groupname), "CN=Group,CN=Schema,CN=Configuration", self.domain_dn())
groupmembers = listofmembers.split(',')
self.transaction_start() self.transaction_start()
try: try:
@ -255,7 +254,7 @@ dn: %s
changetype: modify changetype: modify
""" % (str(targetgroup[0].dn)) """ % (str(targetgroup[0].dn))
for member in groupmembers: for member in members:
targetmember = self.search(base=self.domain_dn(), scope=ldb.SCOPE_SUBTREE, targetmember = self.search(base=self.domain_dn(), scope=ldb.SCOPE_SUBTREE,
expression="(|(sAMAccountName=%s)(CN=%s))" % ( expression="(|(sAMAccountName=%s)(CN=%s))" % (
ldb.binary_encode(member), ldb.binary_encode(member)), attrs=[]) ldb.binary_encode(member), ldb.binary_encode(member)), attrs=[])