summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2011-11-04 15:45:13 -0700
committerJeremy Allison <jra@samba.org>2011-11-04 15:45:13 -0700
commit60b741415d9357f11ae1db80f93035058fdbe4e8 (patch)
tree7d0cf3c86e1280627fc35cafe6f562ea364ed2e8
parent48512193338663df5dc4cd52179bc94337eb7113 (diff)
downloadsamba-60b741415d9357f11ae1db80f93035058fdbe4e8.tar.gz
samba-60b741415d9357f11ae1db80f93035058fdbe4e8.tar.bz2
samba-60b741415d9357f11ae1db80f93035058fdbe4e8.zip
Remove can_access_file_data() - make it use the standard smbd_check_access_rights() instead.
-rw-r--r--source3/modules/onefs_open.c4
-rw-r--r--source3/smbd/file_access.c59
-rw-r--r--source3/smbd/open.c4
3 files changed, 7 insertions, 60 deletions
diff --git a/source3/modules/onefs_open.c b/source3/modules/onefs_open.c
index dd4eb90b13..d7b2af3544 100644
--- a/source3/modules/onefs_open.c
+++ b/source3/modules/onefs_open.c
@@ -1042,8 +1042,8 @@ NTSTATUS onefs_open_file_ntcreate(connection_struct *conn,
if (((can_access_mask & FILE_WRITE_DATA) &&
!CAN_WRITE(conn)) ||
- !can_access_file_data(conn, smb_fname,
- can_access_mask)) {
+ !NT_STATUS_IS_OK(smbd_check_access_rights(conn,
+ smb_fname, can_access_mask))) {
can_access = False;
}
diff --git a/source3/smbd/file_access.c b/source3/smbd/file_access.c
index c2203673f3..81cb7bd43f 100644
--- a/source3/smbd/file_access.c
+++ b/source3/smbd/file_access.c
@@ -177,61 +177,6 @@ bool can_delete_file_in_directory(connection_struct *conn,
}
/****************************************************************************
- Actually emulate the in-kernel access checking for read/write access. We need
- this to successfully check for ability to write for dos filetimes.
- Note this doesn't take into account share write permissions.
-****************************************************************************/
-
-bool can_access_file_data(connection_struct *conn,
- const struct smb_filename *smb_fname,
- uint32 access_mask)
-{
- if (!(access_mask & (FILE_READ_DATA|FILE_WRITE_DATA))) {
- return False;
- }
- access_mask &= (FILE_READ_DATA|FILE_WRITE_DATA);
-
- /* some fast paths first */
-
- DEBUG(10,("can_access_file_data: requesting 0x%x on file %s\n",
- (unsigned int)access_mask, smb_fname_str_dbg(smb_fname)));
-
- if (get_current_uid(conn) == (uid_t)0) {
- /* I'm sorry sir, I didn't know you were root... */
- return True;
- }
-
- SMB_ASSERT(VALID_STAT(smb_fname->st));
-
- /* Check primary owner access. */
- if (get_current_uid(conn) == smb_fname->st.st_ex_uid) {
- switch (access_mask) {
- case FILE_READ_DATA:
- return (smb_fname->st.st_ex_mode & S_IRUSR) ?
- True : False;
-
- case FILE_WRITE_DATA:
- return (smb_fname->st.st_ex_mode & S_IWUSR) ?
- True : False;
-
- default: /* FILE_READ_DATA|FILE_WRITE_DATA */
-
- if ((smb_fname->st.st_ex_mode &
- (S_IWUSR|S_IRUSR)) ==
- (S_IWUSR|S_IRUSR)) {
- return True;
- } else {
- return False;
- }
- }
- }
-
- /* now for ACL checks */
-
- return can_access_file_acl(conn, smb_fname, access_mask);
-}
-
-/****************************************************************************
Userspace check for write access.
Note this doesn't take into account share write permissions.
****************************************************************************/
@@ -239,7 +184,9 @@ bool can_access_file_data(connection_struct *conn,
bool can_write_to_file(connection_struct *conn,
const struct smb_filename *smb_fname)
{
- return can_access_file_data(conn, smb_fname, FILE_WRITE_DATA);
+ return NT_STATUS_IS_OK(smbd_check_access_rights(conn,
+ smb_fname,
+ FILE_WRITE_DATA));
}
/****************************************************************************
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index 2f79908b62..a1a247fca2 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -2081,8 +2081,8 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn,
if (((can_access_mask & FILE_WRITE_DATA) &&
!CAN_WRITE(conn)) ||
- !can_access_file_data(conn, smb_fname,
- can_access_mask)) {
+ !NT_STATUS_IS_OK(smbd_check_access_rights(conn,
+ smb_fname, can_access_mask))) {
can_access = False;
}