samba-tool: gpo load/remove bytes

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Tested-by: Kees van Vloten <keesvanvloten@gmail.com>

diff --git a/python/samba/netcmd/gpo.py b/python/samba/netcmd/gpo.py
index e790f2e8f4b723884ca18f151189e4db83c7ca02..93747a55d601ab189f0c92664e22070f62cfeea5 100644 (file)
--- a/python/samba/netcmd/gpo.py
+++ b/python/samba/netcmd/gpo.py
@@ -668,6 +668,9 @@ class cmd_show(GPOCommand):
                 defs['class'] = policy_class
                 defs['type'] = str_regtype(entry.type)
                 defs['data'] = entry.data
+                # Bytes aren't JSON serializable
+                if type(defs['data']) == bytes:
+                    defs['data'] = list(defs['data'])
                 policy_defs.append(defs)
         self.outf.write("Policies     :\n")
         json.dump(policy_defs, self.outf, indent=4)
@@ -696,7 +699,24 @@ class cmd_load(GPOCommand):
             "type": "REG_SZ",
             "data": "google.com"
         },
+        {
+            "keyname": "Software\\Microsoft\\Internet Explorer\\Toolbar",
+            "valuename": "IEToolbar",
+            "class": "USER",
+            "type": "REG_BINARY",
+            "data": [0]
+        },
+        {
+            "keyname": "Software\\Policies\\Microsoft\\InputPersonalization",
+            "valuename": "RestrictImplicitTextCollection",
+            "class": "USER",
+            "type": "REG_DWORD",
+            "data": 1
+        }
     ]
+
+    Valid class attributes: MACHINE|USER|BOTH
+    Data arrays are interpreted as bytes.
     """
 
     synopsis = "%prog <gpo> [options]"
@@ -755,7 +775,19 @@ class cmd_remove(GPOCommand):
             "valuename": "URL",
             "class": "USER",
         },
+        {
+            "keyname": "Software\\Microsoft\\Internet Explorer\\Toolbar",
+            "valuename": "IEToolbar",
+            "class": "USER"
+        },
+        {
+            "keyname": "Software\\Policies\\Microsoft\\InputPersonalization",
+            "valuename": "RestrictImplicitTextCollection",
+            "class": "USER"
+        }
     ]
+
+    Valid class attributes: MACHINE|USER|BOTH
     """
 
     synopsis = "%prog <gpo> [options]"

diff --git a/python/samba/policies.py b/python/samba/policies.py
index 5751c7aea0f7d90e949fd0eebda6cb4afab136ec..f5b177cdc7345cf5a2ce92f09f07fa4a1cdef324 100644 (file)
--- a/python/samba/policies.py
+++ b/python/samba/policies.py
@@ -84,20 +84,26 @@ class RegistryGroupPolicies(object):
             for i in range(12):
                 if str_regtype(i) == entry['type'].upper():
                     return i
-        return 0 # REG_NONE
+        raise TypeError('Unknown type %s' % entry['type'])
+
+    def __set_data(self, rtype, data):
+        # JSON can't store bytes, and have to be set via an int array
+        if rtype == 3 and type(data) == list: # REG_BINARY
+            return bytes(data)
+        return data
 
     def __pol_replace(self, pol_data, entry):
         for e in pol_data.entries:
             if e.keyname == entry['keyname'] and \
                e.valuename == entry['valuename']:
-                e.data = entry['data']
+                e.data = self.__set_data(e.type, entry['data'])
                 break
         else:
             e = preg.entry()
             e.keyname = entry['keyname']
             e.valuename = entry['valuename']
             e.type = self.__determine_data_type(entry)
-            e.data = entry['data']
+            e.data = self.__set_data(e.type, entry['data'])
             entries = list(pol_data.entries)
             entries.append(e)
             pol_data.entries = entries

diff --git a/python/samba/tests/samba_tool/gpo.py b/python/samba/tests/samba_tool/gpo.py
index 6076bda56c8c48a8283e9e2a0cd1d5a4ceefeef7..fcb2682eb246e5540f317eda7315ca7274b94b36 100644 (file)
--- a/python/samba/tests/samba_tool/gpo.py
+++ b/python/samba/tests/samba_tool/gpo.py
@@ -51,6 +51,20 @@ b"""
         "class": "USER",
         "type": 1,
         "data": "samba.org"
+    },
+    {
+        "keyname": "Software\\\\Microsoft\\\\Internet Explorer\\\\Toolbar",
+        "valuename": "IEToolbar",
+        "class": "USER",
+        "type": "REG_BINARY",
+        "data": [0]
+    },
+    {
+        "keyname": "Software\\\\Policies\\\\Microsoft\\\\InputPersonalization",
+        "valuename": "RestrictImplicitTextCollection",
+        "class": "USER",
+        "type": "REG_DWORD",
+        "data": 1
     }
 ]
 """
@@ -67,6 +81,16 @@ b"""
         "keyname": "Software\\\\Policies\\\\Mozilla\\\\Firefox\\\\Homepage",
         "valuename": "URL",
         "class": "USER"
+    },
+    {
+        "keyname": "Software\\\\Microsoft\\\\Internet Explorer\\\\Toolbar",
+        "valuename": "IEToolbar",
+        "class": "USER"
+    },
+    {
+        "keyname": "Software\\\\Policies\\\\Microsoft\\\\InputPersonalization",
+        "valuename": "RestrictImplicitTextCollection",
+        "class": "USER"
     }
 ]
 """
@@ -1554,7 +1578,16 @@ class GpoCmdTestCase(SambaToolCmdTest):
         (result, out, err) = self.runsubcmd("gpo", "show", self.gpo_guid, "-H",
                                             "ldap://%s" % os.environ["SERVER"])
         self.assertCmdSuccess(result, out, err, 'Failed to fetch gpos')
+        self.assertIn('homepage', out, 'Homepage policy not loaded')
         self.assertIn('samba.org', out, 'Homepage policy not loaded')
+        toolbar_data = '"valuename": "IEToolbar",\n        "class": "USER",' + \
+                       '\n        "type": "REG_BINARY",' + \
+                       '\n        "data": [\n            0\n        ]'
+        self.assertIn(toolbar_data, out, 'Toolbar policy not loaded')
+        restrict_data = '"valuename": "RestrictImplicitTextCollection",' + \
+                        '\n        "class": "USER",' + \
+                        '\n        "type": "REG_DWORD",\n        "data": 1\n'
+        self.assertIn(restrict_data, out, 'Restrict policy not loaded')
 
         with NamedTemporaryFile() as f:
             f.write(gpo_remove_json)