# along with this program. If not, see <http://www.gnu.org/licenses/>.
from samba.samba3.libsmb_samba_cwrapper import *
+from samba.dcerpc import security
class Conn(LibsmbCConn):
def deltree(self, path):
self.rmdir(path)
else:
self.unlink(path)
+
+ SECINFO_DEFAULT_FLAGS = \
+ security.SECINFO_OWNER | \
+ security.SECINFO_GROUP | \
+ security.SECINFO_DACL | \
+ security.SECINFO_PROTECTED_DACL | \
+ security.SECINFO_UNPROTECTED_DACL | \
+ security.SECINFO_SACL | \
+ security.SECINFO_PROTECTED_SACL | \
+ security.SECINFO_UNPROTECTED_SACL
+
+ def get_acl(self,
+ filename,
+ sinfo = SECINFO_DEFAULT_FLAGS,
+ access_mask = security.SEC_FLAG_MAXIMUM_ALLOWED):
+ """Get security descriptor for file."""
+ fnum = self.create(
+ Name=filename,
+ DesiredAccess=access_mask,
+ ShareAccess=(FILE_SHARE_READ|FILE_SHARE_WRITE))
+ try:
+ sd = self.get_sd(fnum, sinfo)
+ finally:
+ self.close(fnum)
+ return sd
return PyBool_FromLong(dir_exists);
}
-/*
- * Read ACL on a given file/directory as a security descriptor object
- */
-static PyObject *py_smb_getacl(struct py_cli_state *self, PyObject *args)
-{
- NTSTATUS status;
- const char *filename = NULL;
- unsigned int sinfo = SECINFO_DEFAULT_FLAGS;
- unsigned int access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
- uint16_t fnum;
- struct security_descriptor *sd = NULL;
-
- /* there's no async version of cli_query_security_descriptor() */
- if (self->thread_state != NULL) {
- PyErr_SetString(PyExc_RuntimeError,
- "get_acl() is not supported on "
- "a multi_threaded connection");
- return NULL;
- }
-
- if (!PyArg_ParseTuple(args, "s|II:get_acl", &filename, &sinfo,
- &access_mask)) {
- return NULL;
- }
-
- /* get a file handle with the desired access */
- status = cli_ntcreate(self->cli, filename, 0, access_mask, 0,
- FILE_SHARE_READ|FILE_SHARE_WRITE,
- FILE_OPEN, 0x0, 0x0, &fnum, NULL);
- PyErr_NTSTATUS_IS_ERR_RAISE(status);
-
- /* query the security descriptor for this file */
- status = cli_query_security_descriptor(self->cli, fnum, sinfo,
- NULL, &sd);
- PyErr_NTSTATUS_IS_ERR_RAISE(status);
-
- /* close the file handle and convert the SD to a python struct */
- status = cli_close(self->cli, fnum);
- PyErr_NTSTATUS_IS_ERR_RAISE(status);
-
- return py_return_ndr_struct("samba.dcerpc.security", "descriptor",
- sd, sd);
-}
-
static PyObject *py_smb_get_sd(struct py_cli_state *self, PyObject *args)
{
int fnum;
{ "loadfile", (PyCFunction)py_smb_loadfile, METH_VARARGS,
"loadfile(path) -> file contents as a " PY_DESC_PY3_BYTES
"\n\n\t\tRead contents of a file." },
- { "get_acl", (PyCFunction)py_smb_getacl, METH_VARARGS,
- "get_acl(path[, security_info=0]) -> security_descriptor object\n\n"
- "\t\tGet security descriptor for file." },
{ "get_sd", (PyCFunction)py_smb_get_sd, METH_VARARGS,
"get_sd(fnum[, security_info=0]) -> security_descriptor object\n\n"
"\t\tGet security descriptor for opened file." },
projects / thirdparty / samba.git / commitdiff
