summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatthieu Patou <mat@matws.net>2012-10-14 01:01:08 -0700
committerAndrew Bartlett <abartlet@samba.org>2013-01-22 21:14:05 +1100
commitb1e231384a9245a191ef5e004544d7cafe17e036 (patch)
treeafaf2101d81228ec29defed5f6eada34a59b7f46
parent65396adaad18821568f727a223c38c36a2b16291 (diff)
downloadsamba-b1e231384a9245a191ef5e004544d7cafe17e036.tar.gz
samba-b1e231384a9245a191ef5e004544d7cafe17e036.tar.bz2
samba-b1e231384a9245a191ef5e004544d7cafe17e036.zip
libcli-acl: add documentation
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
-rw-r--r--libcli/security/access_check.c20
1 files changed, 19 insertions, 1 deletions
diff --git a/libcli/security/access_check.c b/libcli/security/access_check.c
index f0a7b665c7..936ffca242 100644
--- a/libcli/security/access_check.c
+++ b/libcli/security/access_check.c
@@ -374,7 +374,25 @@ static const struct GUID *get_ace_object_type(struct security_ace *ace)
return NULL;
}
-/* modified access check for the purposes of DS security
+/**
+ * @brief Perform directoryservice (DS) related access checks for a given user
+ *
+ * Perform DS access checks for the user represented by its security_token, on
+ * the provided security descriptor. If an tree associating GUID and access
+ * required is provided then object access (OA) are checked as well. *
+ * @param[in] sd The security descritor against which the required
+ * access are requested
+ *
+ * @param[in] token The security_token associated with the user to
+ * test
+ *
+ * @param[in] access_desired A bitfield of rights that must be granted for the
+ * given user in the specified SD.
+ *
+ * If one
+ * of the entry in the tree grants all the requested rights for the given GUID
+ * FIXME
+ * tree can be null if not null it's the
* Lots of code duplication, it will ve united in just one
* function eventually */