sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-12-17 04:23:50 +03:00
Code Activity
Files
1f47c0f609355aa469c04dafe6c4505f5823a6e3
samba-mirror/python/samba/domain/models/user.py
Rob van der Linde 1f47c0f609 python: models: rename argument ldb to samdb 
This argument is actually an instance of SamDB (which inherits from Ldb).

This should have been called samdb.

Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-05-10 00:26:35 +00:00

109 lines
3.7 KiB
Python
Raw Blame History

# Unix SMB/CIFS implementation.
#
# User model.
#
# Copyright (C) Catalyst.Net Ltd. 2023
#
# Written by Rob van der Linde <rob@catalyst.net.nz>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
from ldb import Dn
from samba.dcerpc.security import dom_sid
from samba.dsdb import DS_GUID_USERS_CONTAINER
from .exceptions import NotFound
from .fields import DnField, EnumField, IntegerField, NtTimeField, StringField
from .org import OrganizationalPerson
from .types import AccountType, UserAccountControl
class User(OrganizationalPerson):
account_name = StringField("sAMAccountName")
account_type = EnumField("sAMAccountType", AccountType)
assigned_policy = DnField("msDS-AssignedAuthNPolicy")
assigned_silo = DnField("msDS-AssignedAuthNPolicySilo")
bad_password_time = NtTimeField("badPasswordTime", readonly=True)
bad_pwd_count = IntegerField("badPwdCount", readonly=True)
code_page = IntegerField("codePage")
display_name = StringField("displayName")
last_logoff = NtTimeField("lastLogoff", readonly=True)
last_logon = NtTimeField("lastLogon", readonly=True)
logon_count = IntegerField("logonCount", readonly=True)
primary_group_id = IntegerField("primaryGroupID")
pwd_last_set = NtTimeField("pwdLastSet", readonly=True)
user_account_control = EnumField("userAccountControl", UserAccountControl)
user_principal_name = StringField("userPrincipalName")
def __str__(self):
"""Return sAMAccountName rather than cn for User model."""
return self.account_name
@staticmethod
def get_base_dn(samdb):
"""Return the base DN for the User model.
:param samdb: SamDB connection
:return: Dn to use for new objects
"""
return samdb.get_wellknown_dn(samdb.get_default_basedn(),
DS_GUID_USERS_CONTAINER)
@classmethod
def get_search_dn(cls, samdb):
"""Return Dn used for searching so Computers will also be found.
:param samdb: SamDB connection
:return: Dn to use for searching
"""
return samdb.get_root_basedn()
@staticmethod
def get_object_class():
return "user"
@classmethod
def find(cls, samdb, name):
"""Helper function to find a user by Dn, objectSid, or sAMAccountName.
If the Dn or Sid can't be parsed, use sAMAccountName instead.
"""
try:
query = {"dn": Dn(samdb, name)}
except ValueError:
try:
query = {"object_sid": dom_sid(name)}
except ValueError:
query = {"account_name": name}
return cls.get(samdb, **query)
@classmethod
def get_sid_for_principal(cls, samdb, principal) -> str:
"""Return object_sid for the provided principal.
If principal is already an object sid then return without fetching,
this is different to `User.find` which must fetch the User.
"""
try:
return str(dom_sid(principal))
except ValueError:
user = cls.find(samdb, principal)
if user:
return user.object_sid
else:
raise NotFound(f"Principal {principal} not found.")
View Git Blame Copy Permalink