mirror of
https://github.com/samba-team/samba.git
synced 2024-12-24 21:34:56 +03:00
pyldb: Add dom_sid.split in favor of less powerful dom_sid_to_rid().
Signed-off-by: Andrew Tridgell <tridge@samba.org>
This commit is contained in:
parent
7effe2d2e3
commit
ea5af6e30c
@ -26,7 +26,7 @@ from ldb import ERR_NAMING_VIOLATION, ERR_CONSTRAINT_VIOLATION
|
|||||||
from ldb import ERR_UNDEFINED_ATTRIBUTE_TYPE
|
from ldb import ERR_UNDEFINED_ATTRIBUTE_TYPE
|
||||||
from ldb import Message, MessageElement, Dn
|
from ldb import Message, MessageElement, Dn
|
||||||
from ldb import FLAG_MOD_ADD, FLAG_MOD_REPLACE, FLAG_MOD_DELETE
|
from ldb import FLAG_MOD_ADD, FLAG_MOD_REPLACE, FLAG_MOD_DELETE
|
||||||
from samba import Ldb, param, dom_sid_to_rid
|
from samba import Ldb, param
|
||||||
from samba import UF_NORMAL_ACCOUNT, UF_TEMP_DUPLICATE_ACCOUNT
|
from samba import UF_NORMAL_ACCOUNT, UF_TEMP_DUPLICATE_ACCOUNT
|
||||||
from samba import UF_SERVER_TRUST_ACCOUNT, UF_WORKSTATION_TRUST_ACCOUNT
|
from samba import UF_SERVER_TRUST_ACCOUNT, UF_WORKSTATION_TRUST_ACCOUNT
|
||||||
from samba import UF_INTERDOMAIN_TRUST_ACCOUNT
|
from samba import UF_INTERDOMAIN_TRUST_ACCOUNT
|
||||||
@ -642,14 +642,14 @@ objectClass: container
|
|||||||
res1 = ldb.search("cn=ldaptestgroup,cn=users," + self.base_dn,
|
res1 = ldb.search("cn=ldaptestgroup,cn=users," + self.base_dn,
|
||||||
scope=SCOPE_BASE, attrs=["objectSID"])
|
scope=SCOPE_BASE, attrs=["objectSID"])
|
||||||
self.assertTrue(len(res1) == 1)
|
self.assertTrue(len(res1) == 1)
|
||||||
group_rid_1 = dom_sid_to_rid(ldb.schema_format_value("objectSID",
|
group_rid_1 = security.dom_sid(ldb.schema_format_value("objectSID",
|
||||||
res1[0]["objectSID"][0]))
|
res1[0]["objectSID"][0])).split()[1]
|
||||||
|
|
||||||
res1 = ldb.search("cn=ldaptestgroup2,cn=users," + self.base_dn,
|
res1 = ldb.search("cn=ldaptestgroup2,cn=users," + self.base_dn,
|
||||||
scope=SCOPE_BASE, attrs=["objectSID"])
|
scope=SCOPE_BASE, attrs=["objectSID"])
|
||||||
self.assertTrue(len(res1) == 1)
|
self.assertTrue(len(res1) == 1)
|
||||||
group_rid_2 = dom_sid_to_rid(ldb.schema_format_value("objectSID",
|
group_rid_2 = security.dom_sid(ldb.schema_format_value("objectSID",
|
||||||
res1[0]["objectSID"][0]))
|
res1[0]["objectSID"][0])).split()[1]
|
||||||
|
|
||||||
# Try to create a user with an invalid primary group
|
# Try to create a user with an invalid primary group
|
||||||
try:
|
try:
|
||||||
@ -843,7 +843,7 @@ objectClass: container
|
|||||||
self.assertTrue(len(res1) == 1)
|
self.assertTrue(len(res1) == 1)
|
||||||
primary_group_token = int(res1[0]["primaryGroupToken"][0])
|
primary_group_token = int(res1[0]["primaryGroupToken"][0])
|
||||||
|
|
||||||
rid = dom_sid_to_rid(ldb.schema_format_value("objectSID", res1[0]["objectSID"][0]))
|
rid = security.dom_sid(ldb.schema_format_value("objectSID", res1[0]["objectSID"][0])).split()[1]
|
||||||
self.assertEquals(primary_group_token, rid)
|
self.assertEquals(primary_group_token, rid)
|
||||||
|
|
||||||
m = Message()
|
m = Message()
|
||||||
|
@ -26,7 +26,7 @@ from ldb import ERR_NAMING_VIOLATION, ERR_CONSTRAINT_VIOLATION
|
|||||||
from ldb import ERR_UNDEFINED_ATTRIBUTE_TYPE
|
from ldb import ERR_UNDEFINED_ATTRIBUTE_TYPE
|
||||||
from ldb import Message, MessageElement, Dn
|
from ldb import Message, MessageElement, Dn
|
||||||
from ldb import FLAG_MOD_ADD, FLAG_MOD_REPLACE, FLAG_MOD_DELETE
|
from ldb import FLAG_MOD_ADD, FLAG_MOD_REPLACE, FLAG_MOD_DELETE
|
||||||
from samba import Ldb, param, dom_sid_to_rid
|
from samba import Ldb
|
||||||
from samba import UF_NORMAL_ACCOUNT, UF_TEMP_DUPLICATE_ACCOUNT
|
from samba import UF_NORMAL_ACCOUNT, UF_TEMP_DUPLICATE_ACCOUNT
|
||||||
from samba import UF_SERVER_TRUST_ACCOUNT, UF_WORKSTATION_TRUST_ACCOUNT
|
from samba import UF_SERVER_TRUST_ACCOUNT, UF_WORKSTATION_TRUST_ACCOUNT
|
||||||
from samba import UF_INTERDOMAIN_TRUST_ACCOUNT
|
from samba import UF_INTERDOMAIN_TRUST_ACCOUNT
|
||||||
|
@ -41,6 +41,33 @@ static void PyType_AddMethods(PyTypeObject *type, PyMethodDef *methods)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static PyObject *py_dom_sid_split(PyObject *py_self, PyObject *args)
|
||||||
|
{
|
||||||
|
struct dom_sid *self = py_talloc_get_ptr(py_self);
|
||||||
|
struct dom_sid *domain_sid;
|
||||||
|
TALLOC_CTX *mem_ctx;
|
||||||
|
uint32_t rid;
|
||||||
|
NTSTATUS status;
|
||||||
|
PyObject *py_domain_sid;
|
||||||
|
|
||||||
|
mem_ctx = talloc_new(NULL);
|
||||||
|
if (mem_ctx == NULL) {
|
||||||
|
PyErr_NoMemory();
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
|
status = dom_sid_split_rid(mem_ctx, self, &domain_sid, &rid);
|
||||||
|
if (!NT_STATUS_IS_OK(status)) {
|
||||||
|
PyErr_SetString(PyExc_RuntimeError, "dom_sid_split_rid failed");
|
||||||
|
talloc_free(mem_ctx);
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
|
py_domain_sid = py_talloc_steal(&dom_sid_Type, domain_sid);
|
||||||
|
talloc_free(mem_ctx);
|
||||||
|
return Py_BuildValue("(OI)", py_domain_sid, rid);
|
||||||
|
}
|
||||||
|
|
||||||
static int py_dom_sid_cmp(PyObject *py_self, PyObject *py_other)
|
static int py_dom_sid_cmp(PyObject *py_self, PyObject *py_other)
|
||||||
{
|
{
|
||||||
struct dom_sid *self = py_talloc_get_ptr(py_self), *other;
|
struct dom_sid *self = py_talloc_get_ptr(py_self), *other;
|
||||||
@ -86,12 +113,21 @@ static int py_dom_sid_init(PyObject *self, PyObject *args, PyObject *kwargs)
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static PyMethodDef py_dom_sid_extra_methods[] = {
|
||||||
|
{ "split", (PyCFunction)py_dom_sid_split, METH_NOARGS,
|
||||||
|
"S.split() -> (domain_sid, rid)\n"
|
||||||
|
"Split a domain sid" },
|
||||||
|
{ NULL }
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
static void py_dom_sid_patch(PyTypeObject *type)
|
static void py_dom_sid_patch(PyTypeObject *type)
|
||||||
{
|
{
|
||||||
type->tp_init = py_dom_sid_init;
|
type->tp_init = py_dom_sid_init;
|
||||||
type->tp_str = py_dom_sid_str;
|
type->tp_str = py_dom_sid_str;
|
||||||
type->tp_repr = py_dom_sid_repr;
|
type->tp_repr = py_dom_sid_repr;
|
||||||
type->tp_compare = py_dom_sid_cmp;
|
type->tp_compare = py_dom_sid_cmp;
|
||||||
|
PyType_AddMethods(type, py_dom_sid_extra_methods);
|
||||||
}
|
}
|
||||||
|
|
||||||
#define PY_DOM_SID_PATCH py_dom_sid_patch
|
#define PY_DOM_SID_PATCH py_dom_sid_patch
|
||||||
|
@ -442,27 +442,6 @@ static PyObject *py_dsdb_make_schema_global(PyObject *self, PyObject *args)
|
|||||||
Py_RETURN_NONE;
|
Py_RETURN_NONE;
|
||||||
}
|
}
|
||||||
|
|
||||||
static PyObject *py_dom_sid_to_rid(PyLdbObject *self, PyObject *args)
|
|
||||||
{
|
|
||||||
PyObject *py_sid;
|
|
||||||
struct dom_sid *sid;
|
|
||||||
uint32_t rid;
|
|
||||||
NTSTATUS status;
|
|
||||||
|
|
||||||
if(!PyArg_ParseTuple(args, "O", &py_sid))
|
|
||||||
return NULL;
|
|
||||||
|
|
||||||
sid = dom_sid_parse_talloc(NULL, PyString_AsString(py_sid));
|
|
||||||
|
|
||||||
status = dom_sid_split_rid(NULL, sid, NULL, &rid);
|
|
||||||
if (!NT_STATUS_IS_OK(status)) {
|
|
||||||
PyErr_SetString(PyExc_RuntimeError, "dom_sid_split_rid failed");
|
|
||||||
return NULL;
|
|
||||||
}
|
|
||||||
|
|
||||||
return PyInt_FromLong(rid);
|
|
||||||
}
|
|
||||||
|
|
||||||
static PyMethodDef py_misc_methods[] = {
|
static PyMethodDef py_misc_methods[] = {
|
||||||
{ "generate_random_str", (PyCFunction)py_generate_random_str, METH_VARARGS,
|
{ "generate_random_str", (PyCFunction)py_generate_random_str, METH_VARARGS,
|
||||||
"random_password(len) -> string\n"
|
"random_password(len) -> string\n"
|
||||||
@ -506,8 +485,6 @@ static PyMethodDef py_misc_methods[] = {
|
|||||||
NULL },
|
NULL },
|
||||||
{ "dsdb_make_schema_global", (PyCFunction)py_dsdb_make_schema_global, METH_VARARGS,
|
{ "dsdb_make_schema_global", (PyCFunction)py_dsdb_make_schema_global, METH_VARARGS,
|
||||||
NULL },
|
NULL },
|
||||||
{ "dom_sid_to_rid", (PyCFunction)py_dom_sid_to_rid, METH_VARARGS,
|
|
||||||
NULL },
|
|
||||||
{ "set_debug_level", (PyCFunction)py_set_debug_level, METH_VARARGS,
|
{ "set_debug_level", (PyCFunction)py_set_debug_level, METH_VARARGS,
|
||||||
"set debug level" },
|
"set debug level" },
|
||||||
{ NULL }
|
{ NULL }
|
||||||
|
@ -370,15 +370,6 @@ def valid_netbios_name(name):
|
|||||||
return True
|
return True
|
||||||
|
|
||||||
|
|
||||||
def dom_sid_to_rid(sid_str):
|
|
||||||
"""Converts a domain SID to the relative RID.
|
|
||||||
|
|
||||||
:param sid_str: The domain SID formatted as string
|
|
||||||
"""
|
|
||||||
|
|
||||||
return glue.dom_sid_to_rid(sid_str)
|
|
||||||
|
|
||||||
|
|
||||||
version = glue.version
|
version = glue.version
|
||||||
|
|
||||||
# "userAccountControl" flags
|
# "userAccountControl" flags
|
||||||
|
Loading…
Reference in New Issue
Block a user