python:ntacls: pull allow list out of loop

author Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

Fri, 7 Mar 2025 02:51:18 +0000 (15:51 +1300)

committer Ralph Boehme <slow@samba.org>

Wed, 19 Mar 2025 15:56:38 +0000 (15:56 +0000)
author Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Fri, 7 Mar 2025 02:51:18 +0000 (15:51 +1300)
committer Ralph Boehme <slow@samba.org>
Wed, 19 Mar 2025 15:56:38 +0000 (15:56 +0000)
diff --git a/python/samba/ntacls.py b/python/samba/ntacls.py

index 7d315ed5127d779dd9bb421f1bd78349adffc0cc..5c4c4dc2c830249756694b2d4da07c9a2e1ec7c0 100644 (file)
--- a/python/samba/ntacls.py
+++ b/python/samba/ntacls.py
@@ -299,19 +299,17 @@ def dsacl2fsacl(dssddl, sid, as_sddl=True):
      fdescr.group_sid = ref.group_sid
      fdescr.type = ref.type
      fdescr.revision = ref.revision
-    aces = ref.dacl.aces
-
-    for i in range(0, len(aces)):
-        ace = aces[i]
-
-        # Only apply allowed and deny ACEs, as they are the only ones
-        # we can map to filesystem aces.
-        #
-        # In future we may need to include resource based aces...
-        allowed_ace_types = [
-            security.SEC_ACE_TYPE_ACCESS_ALLOWED,
-            security.SEC_ACE_TYPE_ACCESS_DENIED,
-        ]
+
+    # Only apply allowed and deny ACEs, as they are the only ones
+    # we can map to filesystem aces.
+    #
+    # In future we may need to include resource based aces...
+    allowed_ace_types = [
+        security.SEC_ACE_TYPE_ACCESS_ALLOWED,
+        security.SEC_ACE_TYPE_ACCESS_DENIED,
+    ]
+
+    for ace in ref.dacl.aces:
          if not ace.type in allowed_ace_types:
              continue
author	Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
	Fri, 7 Mar 2025 02:51:18 +0000 (15:51 +1300)
committer	Ralph Boehme <slow@samba.org>
	Wed, 19 Mar 2025 15:56:38 +0000 (15:56 +0000)