diff options
| author | Jelmer Vernooij <jelmer@samba.org> | 2010-10-11 01:03:42 +0200 |
|---|---|---|
| committer | Jelmer Vernooij <jelmer@samba.org> | 2010-10-10 23:47:54 +0000 |
| commit | 2bff55f5deede15d09d2f685f5391e579ad36831 (patch) | |
| tree | 20438a98482c0692367806ef10df622e3d4d5fbe /source4/dsdb/samdb/ldb_modules/acl_util.c | |
| parent | 4280527b6abb0070ad4f62338e9eea2c1ad991a7 (diff) | |
| download | samba-2bff55f5deede15d09d2f685f5391e579ad36831.tar.gz samba-2bff55f5deede15d09d2f685f5391e579ad36831.tar.bz2 samba-2bff55f5deede15d09d2f685f5391e579ad36831.zip | |
dsdb/modules: Split up helpers a bit to prevent recursive dependencies.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sun Oct 10 23:47:54 UTC 2010 on sn-devel-104
Diffstat (limited to 'source4/dsdb/samdb/ldb_modules/acl_util.c')
| -rw-r--r-- | source4/dsdb/samdb/ldb_modules/acl_util.c | 61 |
1 files changed, 0 insertions, 61 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/acl_util.c b/source4/dsdb/samdb/ldb_modules/acl_util.c index 6c41602a82..1a84704079 100644 --- a/source4/dsdb/samdb/ldb_modules/acl_util.c +++ b/source4/dsdb/samdb/ldb_modules/acl_util.c @@ -178,67 +178,6 @@ fail: return ldb_operr(ldb_module_get_ctx(module)); } -int acl_check_access_on_class(struct ldb_module *module, - const struct dsdb_schema *schema, - TALLOC_CTX *mem_ctx, - struct security_descriptor *sd, - struct dom_sid *rp_sid, - uint32_t access, - const char *class_name) -{ - int ret; - NTSTATUS status; - uint32_t access_granted; - struct object_tree *root = NULL; - struct object_tree *new_node = NULL; - const struct GUID *guid; - TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); - struct security_token *token = acl_user_token(module); - if (class_name) { - guid = class_schemaid_guid_by_lDAPDisplayName(schema, class_name); - if (!guid) { - DEBUG(10, ("acl_search: cannot find class %s\n", - class_name)); - goto fail; - } - if (!insert_in_object_tree(tmp_ctx, - guid, access, - &root, &new_node)) { - DEBUG(10, ("acl_search: cannot add to object tree guid\n")); - goto fail; - } - } - status = sec_access_check_ds(sd, token, - access, - &access_granted, - root, - rp_sid); - if (!NT_STATUS_IS_OK(status)) { - ret = LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS; - } - else { - ret = LDB_SUCCESS; - } - return ret; -fail: - return ldb_operr(ldb_module_get_ctx(module)); -} - -const struct GUID *get_oc_guid_from_message(struct ldb_module *module, - const struct dsdb_schema *schema, - struct ldb_message *msg) -{ - struct ldb_message_element *oc_el; - - oc_el = ldb_msg_find_element(msg, "objectClass"); - if (!oc_el) { - return NULL; - } - - return class_schemaid_guid_by_lDAPDisplayName(schema, - (char *)oc_el->values[oc_el->num_values-1].data); -} - /* checks for validated writes */ int acl_check_extended_right(TALLOC_CTX *mem_ctx, |