diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2006-01-06 21:04:32 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:49:48 -0500 |
| commit | a8eec313549905724a8186a1a4c14480658e2967 (patch) | |
| tree | d5508e749de4d304a86a3abfc733b0b529d1c5e6 /source4/scripting | |
| parent | b51fe793c7cefb693d6d3633272b82238e712abe (diff) | |
| download | samba-a8eec313549905724a8186a1a4c14480658e2967.tar.gz samba-a8eec313549905724a8186a1a4c14480658e2967.tar.bz2 samba-a8eec313549905724a8186a1a4c14480658e2967.zip | |
r12746: An initial version of the kludge_acls module.
This should be replaced with real ACLs, which tridge is working on.
In the meantime, the rules are very simple:
- SYSTEM and Administrators can read all.
- Users and anonymous cannot read passwords, can read everything else
- list of 'password' attributes is hard-coded
Most of the difficult work in this was fighting with the C/js
interface to add a system_session() all, as it still doesn't get on
with me :-)
Andrew Bartlett
(This used to be commit be9d0cae8989429ef47a713d8f0a82f12966fc78)
Diffstat (limited to 'source4/scripting')
| -rw-r--r-- | source4/scripting/ejs/smbcalls_auth.c | 17 | ||||
| -rw-r--r-- | source4/scripting/ejs/smbcalls_ldb.c | 11 |
2 files changed, 24 insertions, 4 deletions
diff --git a/source4/scripting/ejs/smbcalls_auth.c b/source4/scripting/ejs/smbcalls_auth.c index 8ef04bec97..3ec376f4fe 100644 --- a/source4/scripting/ejs/smbcalls_auth.c +++ b/source4/scripting/ejs/smbcalls_auth.c @@ -158,9 +158,26 @@ static int ejs_userAuth(MprVarHandle eid, int argc, struct MprVar **argv) } /* + initialise credentials ejs object +*/ +static int ejs_system_session(MprVarHandle eid, int argc, struct MprVar **argv) +{ + struct MprVar *obj = mprInitObject(eid, "session_info", argc, argv); + struct auth_session_info *session_info = system_session(mprMemCtx()); + + if (session_info == NULL) { + return -1; + } + + mprSetPtrChild(obj, "session_info", session_info); + return 0; +} + +/* setup C functions that be called from ejs */ void smb_setup_ejs_auth(void) { ejsDefineCFunction(-1, "userAuth", ejs_userAuth, NULL, MPR_VAR_SCRIPT_HANDLE); + ejsDefineCFunction(-1, "system_session", ejs_system_session, NULL, MPR_VAR_SCRIPT_HANDLE); } diff --git a/source4/scripting/ejs/smbcalls_ldb.c b/source4/scripting/ejs/smbcalls_ldb.c index 798747b36c..39698947d7 100644 --- a/source4/scripting/ejs/smbcalls_ldb.c +++ b/source4/scripting/ejs/smbcalls_ldb.c @@ -385,9 +385,9 @@ static int ejs_ldbModify(MprVarHandle eid, int argc, struct MprVar **argv) static int ejs_ldbConnect(MprVarHandle eid, int argc, char **argv) { struct ldb_context *ldb; - struct auth_session_info *session_info; + struct auth_session_info *session_info = NULL; struct cli_credentials *creds = NULL; - struct MprVar *credentials; + struct MprVar *credentials, *session; struct MprVar *this = mprGetProperty(ejsGetLocalObject(eid), "this", 0); const char *dbfile; @@ -397,13 +397,16 @@ static int ejs_ldbConnect(MprVarHandle eid, int argc, char **argv) return -1; } - session_info = mprGetThisPtr(eid, "session_info"); - credentials = mprGetProperty(this, "credentials", NULL); if (credentials) { creds = mprGetPtr(credentials, "creds"); } + session = mprGetProperty(this, "session_info", NULL); + if (session) { + session_info = mprGetPtr(session, "session_info"); + } + dbfile = argv[0]; ldb = ldb_wrap_connect(mprMemCtx(), dbfile, |