From: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Date: Fri, 7 Mar 2025 02:51:18 +0000 (+1300)
Subject: python:ntacls: pull allow list out of loop
X-Git-Tag: tevent-0.17.0~519
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=20129d16dc30a2ab9ad0ae04fec5cf007ebb035d;p=thirdparty%2Fsamba.git

python:ntacls: pull allow list out of loop

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14927

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Mar 19 15:56:38 UTC 2025 on atb-devel-224
---

diff --git a/python/samba/ntacls.py b/python/samba/ntacls.py
index 7d315ed5127..5c4c4dc2c83 100644
--- a/python/samba/ntacls.py
+++ b/python/samba/ntacls.py
@@ -299,19 +299,17 @@ def dsacl2fsacl(dssddl, sid, as_sddl=True):
     fdescr.group_sid = ref.group_sid
     fdescr.type = ref.type
     fdescr.revision = ref.revision
-    aces = ref.dacl.aces
-
-    for i in range(0, len(aces)):
-        ace = aces[i]
-
-        # Only apply allowed and deny ACEs, as they are the only ones
-        # we can map to filesystem aces.
-        #
-        # In future we may need to include resource based aces...
-        allowed_ace_types = [
-            security.SEC_ACE_TYPE_ACCESS_ALLOWED,
-            security.SEC_ACE_TYPE_ACCESS_DENIED,
-        ]
+
+    # Only apply allowed and deny ACEs, as they are the only ones
+    # we can map to filesystem aces.
+    #
+    # In future we may need to include resource based aces...
+    allowed_ace_types = [
+        security.SEC_ACE_TYPE_ACCESS_ALLOWED,
+        security.SEC_ACE_TYPE_ACCESS_DENIED,
+    ]
+
+    for ace in ref.dacl.aces:
         if not ace.type in allowed_ace_types:
             continue