diff options
author | Jeremy Allison <jra@samba.org> | 2013-01-04 14:42:23 -0800 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2013-01-09 15:29:35 +1100 |
commit | b668c9077ba9005988146e8b1ee853ce8a6f33a4 (patch) | |
tree | 7e3b2b526fda281321d65407423294702e09342d /source3/smbd/uid.c | |
parent | 86d1e1db8e2747e30c89627cda123fde1e84f579 (diff) | |
download | samba-b668c9077ba9005988146e8b1ee853ce8a6f33a4.tar.gz samba-b668c9077ba9005988146e8b1ee853ce8a6f33a4.tar.bz2 samba-b668c9077ba9005988146e8b1ee853ce8a6f33a4.zip |
Move create_share_access_mask() from smbd/service.c to smbd/uid.c.
Make it static. Only called from uid.c now.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'source3/smbd/uid.c')
-rw-r--r-- | source3/smbd/uid.c | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c index efdd824342..b9cebce71a 100644 --- a/source3/smbd/uid.c +++ b/source3/smbd/uid.c @@ -78,6 +78,44 @@ static void free_conn_session_info_if_unused(connection_struct *conn) TALLOC_FREE(conn->session_info); } +/**************************************************************************** + Setup the share access mask for a connection. +****************************************************************************/ + +static uint32_t create_share_access_mask(int snum, + bool readonly_share, + const struct security_token *token) +{ + uint32_t share_access = 0; + + share_access_check(token, + lp_servicename(talloc_tos(), snum), + MAXIMUM_ALLOWED_ACCESS, + &share_access); + + if (readonly_share) { + share_access &= + ~(SEC_FILE_WRITE_DATA | SEC_FILE_APPEND_DATA | + SEC_FILE_WRITE_EA | SEC_FILE_WRITE_ATTRIBUTE | + SEC_DIR_DELETE_CHILD ); + } + + if (security_token_has_privilege(token, SEC_PRIV_SECURITY)) { + share_access |= SEC_FLAG_SYSTEM_SECURITY; + } + if (security_token_has_privilege(token, SEC_PRIV_RESTORE)) { + share_access |= (SEC_RIGHTS_PRIV_RESTORE); + } + if (security_token_has_privilege(token, SEC_PRIV_BACKUP)) { + share_access |= (SEC_RIGHTS_PRIV_BACKUP); + } + if (security_token_has_privilege(token, SEC_PRIV_TAKE_OWNERSHIP)) { + share_access |= (SEC_STD_WRITE_OWNER); + } + + return share_access; +} + /******************************************************************* Calculate access mask and if this user can access this share. ********************************************************************/ |