From 320fadd8fc600262d26ea417a92d395aeb16ef57 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 11 May 2008 01:03:45 +0200 Subject: Remove the reference to current_user_info from share_access.c This required to pass around the domain a bit (This used to be commit 17b0db20d28d1b737c5e86b78106657e8ca5ce9c) --- source3/smbd/share_access.c | 26 +++++++++++++++----------- 1 file changed, 15 insertions(+), 11 deletions(-) (limited to 'source3/smbd/share_access.c') diff --git a/source3/smbd/share_access.c b/source3/smbd/share_access.c index 512126254a..f5f79c86e5 100644 --- a/source3/smbd/share_access.c +++ b/source3/smbd/share_access.c @@ -27,8 +27,6 @@ * + and & may be combined */ -extern userdom_struct current_user_info; - static bool do_group_checks(const char **name, const char **pattern) { if ((*name)[0] == '@') { @@ -66,6 +64,7 @@ static bool do_group_checks(const char **name, const char **pattern) static bool token_contains_name(TALLOC_CTX *mem_ctx, const char *username, + const char *domain, const char *sharename, const struct nt_user_token *token, const char *name) @@ -75,8 +74,7 @@ static bool token_contains_name(TALLOC_CTX *mem_ctx, enum lsa_SidType type; if (username != NULL) { - name = talloc_sub_basic(mem_ctx, username, - current_user_info.domain, name); + name = talloc_sub_basic(mem_ctx, username, domain, name); } if (sharename != NULL) { name = talloc_string_sub(mem_ctx, name, "%S", sharename); @@ -152,6 +150,7 @@ static bool token_contains_name(TALLOC_CTX *mem_ctx, */ bool token_contains_name_in_list(const char *username, + const char *domain, const char *sharename, const struct nt_user_token *token, const char **list) @@ -167,7 +166,8 @@ bool token_contains_name_in_list(const char *username, } while (*list != NULL) { - if (token_contains_name(mem_ctx, username, sharename,token, *list)) { + if (token_contains_name(mem_ctx, username, domain, sharename, + token, *list)) { TALLOC_FREE(mem_ctx); return True; } @@ -191,10 +191,12 @@ bool token_contains_name_in_list(const char *username, * The other use is the netgroup check when using @group or &group. */ -bool user_ok_token(const char *username, struct nt_user_token *token, int snum) +bool user_ok_token(const char *username, const char *domain, + struct nt_user_token *token, int snum) { if (lp_invalid_users(snum) != NULL) { - if (token_contains_name_in_list(username, lp_servicename(snum), + if (token_contains_name_in_list(username, domain, + lp_servicename(snum), token, lp_invalid_users(snum))) { DEBUG(10, ("User %s in 'invalid users'\n", username)); @@ -203,7 +205,7 @@ bool user_ok_token(const char *username, struct nt_user_token *token, int snum) } if (lp_valid_users(snum) != NULL) { - if (!token_contains_name_in_list(username, + if (!token_contains_name_in_list(username, domain, lp_servicename(snum), token, lp_valid_users(snum))) { DEBUG(10, ("User %s not in 'valid users'\n", @@ -220,7 +222,8 @@ bool user_ok_token(const char *username, struct nt_user_token *token, int snum) DEBUG(0, ("'only user = yes' and no 'username ='\n")); return False; } - if (!token_contains_name_in_list(NULL, lp_servicename(snum), + if (!token_contains_name_in_list(NULL, domain, + lp_servicename(snum), token, list)) { DEBUG(10, ("%s != 'username'\n", username)); return False; @@ -248,12 +251,13 @@ bool user_ok_token(const char *username, struct nt_user_token *token, int snum) */ bool is_share_read_only_for_token(const char *username, + const char *domain, struct nt_user_token *token, int snum) { bool result = lp_readonly(snum); if (lp_readlist(snum) != NULL) { - if (token_contains_name_in_list(username, + if (token_contains_name_in_list(username, domain, lp_servicename(snum), token, lp_readlist(snum))) { result = True; @@ -261,7 +265,7 @@ bool is_share_read_only_for_token(const char *username, } if (lp_writelist(snum) != NULL) { - if (token_contains_name_in_list(username, + if (token_contains_name_in_list(username, domain, lp_servicename(snum), token, lp_writelist(snum))) { result = False; -- cgit