mirror of
https://github.com/samba-team/samba.git
synced 2024-12-23 17:34:34 +03:00
pyldb: Add dom_sid.split in favor of less powerful dom_sid_to_rid().
Signed-off-by: Andrew Tridgell <tridge@samba.org>
This commit is contained in:
parent
7effe2d2e3
commit
ea5af6e30c
@ -26,7 +26,7 @@ from ldb import ERR_NAMING_VIOLATION, ERR_CONSTRAINT_VIOLATION
|
||||
from ldb import ERR_UNDEFINED_ATTRIBUTE_TYPE
|
||||
from ldb import Message, MessageElement, Dn
|
||||
from ldb import FLAG_MOD_ADD, FLAG_MOD_REPLACE, FLAG_MOD_DELETE
|
||||
from samba import Ldb, param, dom_sid_to_rid
|
||||
from samba import Ldb, param
|
||||
from samba import UF_NORMAL_ACCOUNT, UF_TEMP_DUPLICATE_ACCOUNT
|
||||
from samba import UF_SERVER_TRUST_ACCOUNT, UF_WORKSTATION_TRUST_ACCOUNT
|
||||
from samba import UF_INTERDOMAIN_TRUST_ACCOUNT
|
||||
@ -456,7 +456,7 @@ class BasicTests(unittest.TestCase):
|
||||
self.fail()
|
||||
except LdbError, (num, _):
|
||||
self.assertEquals(num, ERR_NAMING_VIOLATION)
|
||||
|
||||
|
||||
self.delete_force(self.ldb, "description=xyz,cn=users," + self.base_dn)
|
||||
|
||||
self.ldb.add({
|
||||
@ -642,17 +642,17 @@ objectClass: container
|
||||
res1 = ldb.search("cn=ldaptestgroup,cn=users," + self.base_dn,
|
||||
scope=SCOPE_BASE, attrs=["objectSID"])
|
||||
self.assertTrue(len(res1) == 1)
|
||||
group_rid_1 = dom_sid_to_rid(ldb.schema_format_value("objectSID",
|
||||
res1[0]["objectSID"][0]))
|
||||
group_rid_1 = security.dom_sid(ldb.schema_format_value("objectSID",
|
||||
res1[0]["objectSID"][0])).split()[1]
|
||||
|
||||
res1 = ldb.search("cn=ldaptestgroup2,cn=users," + self.base_dn,
|
||||
scope=SCOPE_BASE, attrs=["objectSID"])
|
||||
self.assertTrue(len(res1) == 1)
|
||||
group_rid_2 = dom_sid_to_rid(ldb.schema_format_value("objectSID",
|
||||
res1[0]["objectSID"][0]))
|
||||
group_rid_2 = security.dom_sid(ldb.schema_format_value("objectSID",
|
||||
res1[0]["objectSID"][0])).split()[1]
|
||||
|
||||
# Try to create a user with an invalid primary group
|
||||
try:
|
||||
try:
|
||||
ldb.add({
|
||||
"dn": "cn=ldaptestuser,cn=users," + self.base_dn,
|
||||
"objectclass": ["user", "person"],
|
||||
@ -833,7 +833,7 @@ objectClass: container
|
||||
self.assertTrue(len(res1) == 1)
|
||||
self.assertFalse("primaryGroupToken" in res1[0])
|
||||
|
||||
res1 = ldb.search("cn=ldaptestgroup,cn=users," + self.base_dn,
|
||||
res1 = ldb.search("cn=ldaptestgroup,cn=users," + self.base_dn,
|
||||
scope=SCOPE_BASE)
|
||||
self.assertTrue(len(res1) == 1)
|
||||
self.assertFalse("primaryGroupToken" in res1[0])
|
||||
@ -843,7 +843,7 @@ objectClass: container
|
||||
self.assertTrue(len(res1) == 1)
|
||||
primary_group_token = int(res1[0]["primaryGroupToken"][0])
|
||||
|
||||
rid = dom_sid_to_rid(ldb.schema_format_value("objectSID", res1[0]["objectSID"][0]))
|
||||
rid = security.dom_sid(ldb.schema_format_value("objectSID", res1[0]["objectSID"][0])).split()[1]
|
||||
self.assertEquals(primary_group_token, rid)
|
||||
|
||||
m = Message()
|
||||
|
@ -26,7 +26,7 @@ from ldb import ERR_NAMING_VIOLATION, ERR_CONSTRAINT_VIOLATION
|
||||
from ldb import ERR_UNDEFINED_ATTRIBUTE_TYPE
|
||||
from ldb import Message, MessageElement, Dn
|
||||
from ldb import FLAG_MOD_ADD, FLAG_MOD_REPLACE, FLAG_MOD_DELETE
|
||||
from samba import Ldb, param, dom_sid_to_rid
|
||||
from samba import Ldb
|
||||
from samba import UF_NORMAL_ACCOUNT, UF_TEMP_DUPLICATE_ACCOUNT
|
||||
from samba import UF_SERVER_TRUST_ACCOUNT, UF_WORKSTATION_TRUST_ACCOUNT
|
||||
from samba import UF_INTERDOMAIN_TRUST_ACCOUNT
|
||||
|
@ -41,6 +41,33 @@ static void PyType_AddMethods(PyTypeObject *type, PyMethodDef *methods)
|
||||
}
|
||||
}
|
||||
|
||||
static PyObject *py_dom_sid_split(PyObject *py_self, PyObject *args)
|
||||
{
|
||||
struct dom_sid *self = py_talloc_get_ptr(py_self);
|
||||
struct dom_sid *domain_sid;
|
||||
TALLOC_CTX *mem_ctx;
|
||||
uint32_t rid;
|
||||
NTSTATUS status;
|
||||
PyObject *py_domain_sid;
|
||||
|
||||
mem_ctx = talloc_new(NULL);
|
||||
if (mem_ctx == NULL) {
|
||||
PyErr_NoMemory();
|
||||
return NULL;
|
||||
}
|
||||
|
||||
status = dom_sid_split_rid(mem_ctx, self, &domain_sid, &rid);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
PyErr_SetString(PyExc_RuntimeError, "dom_sid_split_rid failed");
|
||||
talloc_free(mem_ctx);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
py_domain_sid = py_talloc_steal(&dom_sid_Type, domain_sid);
|
||||
talloc_free(mem_ctx);
|
||||
return Py_BuildValue("(OI)", py_domain_sid, rid);
|
||||
}
|
||||
|
||||
static int py_dom_sid_cmp(PyObject *py_self, PyObject *py_other)
|
||||
{
|
||||
struct dom_sid *self = py_talloc_get_ptr(py_self), *other;
|
||||
@ -86,12 +113,21 @@ static int py_dom_sid_init(PyObject *self, PyObject *args, PyObject *kwargs)
|
||||
return 0;
|
||||
}
|
||||
|
||||
static PyMethodDef py_dom_sid_extra_methods[] = {
|
||||
{ "split", (PyCFunction)py_dom_sid_split, METH_NOARGS,
|
||||
"S.split() -> (domain_sid, rid)\n"
|
||||
"Split a domain sid" },
|
||||
{ NULL }
|
||||
};
|
||||
|
||||
|
||||
static void py_dom_sid_patch(PyTypeObject *type)
|
||||
{
|
||||
type->tp_init = py_dom_sid_init;
|
||||
type->tp_str = py_dom_sid_str;
|
||||
type->tp_repr = py_dom_sid_repr;
|
||||
type->tp_compare = py_dom_sid_cmp;
|
||||
PyType_AddMethods(type, py_dom_sid_extra_methods);
|
||||
}
|
||||
|
||||
#define PY_DOM_SID_PATCH py_dom_sid_patch
|
||||
|
@ -442,27 +442,6 @@ static PyObject *py_dsdb_make_schema_global(PyObject *self, PyObject *args)
|
||||
Py_RETURN_NONE;
|
||||
}
|
||||
|
||||
static PyObject *py_dom_sid_to_rid(PyLdbObject *self, PyObject *args)
|
||||
{
|
||||
PyObject *py_sid;
|
||||
struct dom_sid *sid;
|
||||
uint32_t rid;
|
||||
NTSTATUS status;
|
||||
|
||||
if(!PyArg_ParseTuple(args, "O", &py_sid))
|
||||
return NULL;
|
||||
|
||||
sid = dom_sid_parse_talloc(NULL, PyString_AsString(py_sid));
|
||||
|
||||
status = dom_sid_split_rid(NULL, sid, NULL, &rid);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
PyErr_SetString(PyExc_RuntimeError, "dom_sid_split_rid failed");
|
||||
return NULL;
|
||||
}
|
||||
|
||||
return PyInt_FromLong(rid);
|
||||
}
|
||||
|
||||
static PyMethodDef py_misc_methods[] = {
|
||||
{ "generate_random_str", (PyCFunction)py_generate_random_str, METH_VARARGS,
|
||||
"random_password(len) -> string\n"
|
||||
@ -506,8 +485,6 @@ static PyMethodDef py_misc_methods[] = {
|
||||
NULL },
|
||||
{ "dsdb_make_schema_global", (PyCFunction)py_dsdb_make_schema_global, METH_VARARGS,
|
||||
NULL },
|
||||
{ "dom_sid_to_rid", (PyCFunction)py_dom_sid_to_rid, METH_VARARGS,
|
||||
NULL },
|
||||
{ "set_debug_level", (PyCFunction)py_set_debug_level, METH_VARARGS,
|
||||
"set debug level" },
|
||||
{ NULL }
|
||||
|
@ -370,15 +370,6 @@ def valid_netbios_name(name):
|
||||
return True
|
||||
|
||||
|
||||
def dom_sid_to_rid(sid_str):
|
||||
"""Converts a domain SID to the relative RID.
|
||||
|
||||
:param sid_str: The domain SID formatted as string
|
||||
"""
|
||||
|
||||
return glue.dom_sid_to_rid(sid_str)
|
||||
|
||||
|
||||
version = glue.version
|
||||
|
||||
# "userAccountControl" flags
|
||||
|
Loading…
Reference in New Issue
Block a user