summaryrefslogtreecommitdiff
path: root/source4/libcli
diff options
context:
space:
mode:
Diffstat (limited to 'source4/libcli')
-rw-r--r--source4/libcli/security/security.h8
-rw-r--r--source4/libcli/security/security_token.c27
2 files changed, 35 insertions, 0 deletions
diff --git a/source4/libcli/security/security.h b/source4/libcli/security/security.h
index d9485c825f..c7f2a09311 100644
--- a/source4/libcli/security/security.h
+++ b/source4/libcli/security/security.h
@@ -18,4 +18,12 @@
*/
#include "librpc/gen_ndr/security.h"
+
+enum security_user_level {
+ SECURITY_ANONYMOUS,
+ SECURITY_USER,
+ SECURITY_ADMINISTRATOR,
+ SECURITY_SYSTEM
+};
+
#include "libcli/security/proto.h"
diff --git a/source4/libcli/security/security_token.c b/source4/libcli/security/security_token.c
index e126340c46..0680c54258 100644
--- a/source4/libcli/security/security_token.c
+++ b/source4/libcli/security/security_token.c
@@ -23,6 +23,7 @@
#include "includes.h"
#include "dsdb/samdb/samdb.h"
#include "libcli/security/security.h"
+#include "auth/session.h"
/*
return a blank security token
@@ -141,3 +142,29 @@ bool security_token_has_nt_authenticated_users(const struct security_token *toke
{
return security_token_has_sid_string(token, SID_NT_AUTHENTICATED_USERS);
}
+
+enum security_user_level security_session_user_level(struct auth_session_info *session_info)
+{
+ if (!session_info) {
+ return SECURITY_ANONYMOUS;
+ }
+
+ if (security_token_is_system(session_info->security_token)) {
+ return SECURITY_SYSTEM;
+ }
+
+ if (security_token_is_anonymous(session_info->security_token)) {
+ return SECURITY_ANONYMOUS;
+ }
+
+ if (security_token_has_builtin_administrators(session_info->security_token)) {
+ return SECURITY_ADMINISTRATOR;
+ }
+
+ if (security_token_has_nt_authenticated_users(session_info->security_token)) {
+ return SECURITY_USER;
+ }
+
+ return SECURITY_ANONYMOUS;
+}
+