summaryrefslogtreecommitdiff
path: root/source4/librpc
diff options
context:
space:
mode:
Diffstat (limited to 'source4/librpc')
-rw-r--r--source4/librpc/ndr/py_security.c214
1 files changed, 214 insertions, 0 deletions
diff --git a/source4/librpc/ndr/py_security.c b/source4/librpc/ndr/py_security.c
index 6888f14375..11ad6ed2c4 100644
--- a/source4/librpc/ndr/py_security.c
+++ b/source4/librpc/ndr/py_security.c
@@ -53,6 +53,220 @@ static PyObject *py_dom_sid_repr(PyObject *self)
#define PY_DOM_SID_REPR py_dom_sid_repr
+static PyObject *py_dom_sid_init(PyObject *self, PyObject *args)
+{
+ struct dom_sid *this = py_talloc_get_ptr(self);
+ char *str;
+ struct dom_sid *new_this;
+
+ if (!PyArg_ParseTuple(args, "|s", &str))
+ return NULL;
+
+ new_this = dom_sid_parse_talloc(NULL, str);
+ memcpy(this, new_this, sizeof(*new_this));
+ talloc_free(new_this);
+ return Py_None;
+}
+
#define PY_DOM_SID_EXTRA_METHODS \
{ "__eq__", (PyCFunction)py_dom_sid_eq, METH_VARARGS, "S.__eq__(x) -> S == x" }, \
{ "__str__", (PyCFunction)py_dom_sid_str, METH_NOARGS, "S.__str__() -> str(S)" }, \
+ { "__init__", (PyCFunction)py_dom_sid_init, METH_VARARGS, "S.__init__(str=None)" },
+
+static PyObject *py_descriptor_sacl_add(PyObject *self, PyObject *args)
+{
+ struct security_descriptor *desc = py_talloc_get_ptr(self);
+ NTSTATUS status;
+ struct security_ace *ace;
+ PyObject *py_ace;
+
+ if (!PyArg_ParseTuple(args, "O", &py_ace))
+ return NULL;
+
+ ace = py_talloc_get_ptr(py_ace);
+ status = security_descriptor_sacl_add(desc, ace);
+ PyErr_NTSTATUS_IS_ERR_RAISE(status);
+ return Py_None;
+}
+
+static PyObject *py_descriptor_dacl_add(PyObject *self, PyObject *args)
+{
+ struct security_descriptor *desc = py_talloc_get_ptr(self);
+ NTSTATUS status;
+ struct security_ace *ace;
+ PyObject *py_ace;
+
+ if (!PyArg_ParseTuple(args, "O", &py_ace))
+ return NULL;
+
+ ace = py_talloc_get_ptr(py_ace);
+
+ status = security_descriptor_dacl_add(desc, ace);
+ PyErr_NTSTATUS_IS_ERR_RAISE(status);
+ return Py_None;
+}
+
+static PyObject *py_descriptor_dacl_del(PyObject *self, PyObject *args)
+{
+ struct security_descriptor *desc = py_talloc_get_ptr(self);
+ NTSTATUS status;
+ struct dom_sid *sid;
+ PyObject *py_sid;
+
+ if (!PyArg_ParseTuple(args, "O", &py_sid))
+ return NULL;
+
+ sid = py_talloc_get_ptr(py_sid);
+ status = security_descriptor_dacl_del(desc, sid);
+ PyErr_NTSTATUS_IS_ERR_RAISE(status);
+ return Py_None;
+}
+
+static PyObject *py_descriptor_sacl_del(PyObject *self, PyObject *args)
+{
+ struct security_descriptor *desc = py_talloc_get_ptr(self);
+ NTSTATUS status;
+ struct dom_sid *sid;
+ PyObject *py_sid;
+
+ if (!PyArg_ParseTuple(args, "O", &py_sid))
+ return NULL;
+
+ sid = py_talloc_get_ptr(py_sid);
+ status = security_descriptor_sacl_del(desc, sid);
+ PyErr_NTSTATUS_IS_ERR_RAISE(status);
+ return Py_None;
+}
+
+static PyObject *py_descriptor_eq(PyObject *self, PyObject *args)
+{
+ struct security_descriptor *desc1 = py_talloc_get_ptr(self), *desc2;
+ PyObject *py_other;
+
+ if (!PyArg_ParseTuple(args, "O", &py_other))
+ return NULL;
+
+ desc2 = py_talloc_get_ptr(py_other);
+
+ return PyBool_FromLong(security_descriptor_equal(desc1, desc2));
+}
+
+static PyObject *py_descriptor_new(PyTypeObject *self, PyObject *args, PyObject *kwargs)
+{
+ return py_talloc_import(self, security_descriptor_initialise(NULL));
+}
+
+#define PY_SECURITY_DESCRIPTOR_EXTRA_METHODS \
+ { "sacl_add", (PyCFunction)py_descriptor_sacl_add, METH_VARARGS, \
+ "S.sacl_add(ace) -> None\n" \
+ "Add a security ace to this security descriptor" },\
+ { "dacl_add", (PyCFunction)py_descriptor_dacl_add, METH_VARARGS, \
+ NULL }, \
+ { "dacl_del", (PyCFunction)py_descriptor_dacl_del, METH_VARARGS, \
+ NULL }, \
+ { "sacl_del", (PyCFunction)py_descriptor_sacl_del, METH_VARARGS, \
+ NULL }, \
+ { "__eq__", (PyCFunction)py_descriptor_eq, METH_VARARGS, \
+ NULL },
+
+static PyObject *py_token_is_sid(PyObject *self, PyObject *args)
+{
+ PyObject *py_sid;
+ struct dom_sid *sid;
+ struct security_token *token = py_talloc_get_ptr(self);
+ if (!PyArg_ParseTuple(args, "O", &py_sid))
+ return NULL;
+
+ sid = py_talloc_get_ptr(py_sid);
+
+ return PyBool_FromLong(security_token_is_sid(token, sid));
+}
+
+static PyObject *py_token_has_sid(PyObject *self, PyObject *args)
+{
+ PyObject *py_sid;
+ struct dom_sid *sid;
+ struct security_token *token = py_talloc_get_ptr(self);
+ if (!PyArg_ParseTuple(args, "O", &py_sid))
+ return NULL;
+
+ sid = py_talloc_get_ptr(py_sid);
+
+ return PyBool_FromLong(security_token_has_sid(token, sid));
+}
+
+static PyObject *py_token_is_anonymous(PyObject *self)
+{
+ struct security_token *token = py_talloc_get_ptr(self);
+
+ return PyBool_FromLong(security_token_is_anonymous(token));
+}
+
+static PyObject *py_token_is_system(PyObject *self)
+{
+ struct security_token *token = py_talloc_get_ptr(self);
+
+ return PyBool_FromLong(security_token_is_system(token));
+}
+
+static PyObject *py_token_has_builtin_administrators(PyObject *self)
+{
+ struct security_token *token = py_talloc_get_ptr(self);
+
+ return PyBool_FromLong(security_token_has_builtin_administrators(token));
+}
+
+static PyObject *py_token_has_nt_authenticated_users(PyObject *self)
+{
+ struct security_token *token = py_talloc_get_ptr(self);
+
+ return PyBool_FromLong(security_token_has_nt_authenticated_users(token));
+}
+
+static PyObject *py_token_has_privilege(PyObject *self, PyObject *args)
+{
+ int priv;
+ struct security_token *token = py_talloc_get_ptr(self);
+
+ if (!PyArg_ParseTuple(args, "i", &priv))
+ return NULL;
+
+ return PyBool_FromLong(security_token_has_privilege(token, priv));
+}
+
+static PyObject *py_token_set_privilege(PyObject *self, PyObject *args)
+{
+ int priv;
+ struct security_token *token = py_talloc_get_ptr(self);
+
+ if (!PyArg_ParseTuple(args, "i", &priv))
+ return NULL;
+
+ security_token_set_privilege(token, priv);
+ return Py_None;
+}
+
+static PyObject *py_token_new(PyTypeObject *self, PyObject *args, PyObject *kwargs)
+{
+ return py_talloc_import(self, security_token_initialise(NULL));
+}
+
+#define PY_SECURITY_TOKEN_EXTRA_METHODS \
+ { "is_sid", (PyCFunction)py_token_is_sid, METH_VARARGS, \
+ "S.is_sid(sid) -> bool\n" \
+ "Check whether this token is of the specified SID." }, \
+ { "has_sid", (PyCFunction)py_token_has_sid, METH_VARARGS, \
+ NULL }, \
+ { "is_anonymous", (PyCFunction)py_token_is_anonymous, METH_NOARGS, \
+ "S.is_anonymus() -> bool\n" \
+ "Check whether this is an anonymous token." }, \
+ { "is_system", (PyCFunction)py_token_is_system, METH_NOARGS, \
+ NULL }, \
+ { "has_builtin_administrators", (PyCFunction)py_token_has_builtin_administrators, METH_NOARGS, \
+ NULL }, \
+ { "has_nt_authenticated_users", (PyCFunction)py_token_has_nt_authenticated_users, METH_NOARGS, \
+ NULL }, \
+ { "has_privilege", (PyCFunction)py_token_has_privilege, METH_VARARGS, \
+ NULL }, \
+ { "set_privilege", (PyCFunction)py_token_set_privilege, METH_VARARGS, \
+ NULL },