From: David Mulder Date: Mon, 24 Jan 2022 16:21:47 +0000 (-0700) Subject: samba-tool: gpo load/remove bytes X-Git-Tag: tevent-0.14.1~38 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ea619d704e4d9f498104b20bb1c8a98a1a6df9d6;p=thirdparty%2Fsamba.git samba-tool: gpo load/remove bytes Signed-off-by: David Mulder Reviewed-by: Andrew Bartlett Tested-by: Kees van Vloten --- diff --git a/python/samba/netcmd/gpo.py b/python/samba/netcmd/gpo.py index e790f2e8f4b..93747a55d60 100644 --- a/python/samba/netcmd/gpo.py +++ b/python/samba/netcmd/gpo.py @@ -668,6 +668,9 @@ class cmd_show(GPOCommand): defs['class'] = policy_class defs['type'] = str_regtype(entry.type) defs['data'] = entry.data + # Bytes aren't JSON serializable + if type(defs['data']) == bytes: + defs['data'] = list(defs['data']) policy_defs.append(defs) self.outf.write("Policies :\n") json.dump(policy_defs, self.outf, indent=4) @@ -696,7 +699,24 @@ class cmd_load(GPOCommand): "type": "REG_SZ", "data": "google.com" }, + { + "keyname": "Software\\Microsoft\\Internet Explorer\\Toolbar", + "valuename": "IEToolbar", + "class": "USER", + "type": "REG_BINARY", + "data": [0] + }, + { + "keyname": "Software\\Policies\\Microsoft\\InputPersonalization", + "valuename": "RestrictImplicitTextCollection", + "class": "USER", + "type": "REG_DWORD", + "data": 1 + } ] + + Valid class attributes: MACHINE|USER|BOTH + Data arrays are interpreted as bytes. """ synopsis = "%prog [options]" @@ -755,7 +775,19 @@ class cmd_remove(GPOCommand): "valuename": "URL", "class": "USER", }, + { + "keyname": "Software\\Microsoft\\Internet Explorer\\Toolbar", + "valuename": "IEToolbar", + "class": "USER" + }, + { + "keyname": "Software\\Policies\\Microsoft\\InputPersonalization", + "valuename": "RestrictImplicitTextCollection", + "class": "USER" + } ] + + Valid class attributes: MACHINE|USER|BOTH """ synopsis = "%prog [options]" diff --git a/python/samba/policies.py b/python/samba/policies.py index 5751c7aea0f..f5b177cdc73 100644 --- a/python/samba/policies.py +++ b/python/samba/policies.py @@ -84,20 +84,26 @@ class RegistryGroupPolicies(object): for i in range(12): if str_regtype(i) == entry['type'].upper(): return i - return 0 # REG_NONE + raise TypeError('Unknown type %s' % entry['type']) + + def __set_data(self, rtype, data): + # JSON can't store bytes, and have to be set via an int array + if rtype == 3 and type(data) == list: # REG_BINARY + return bytes(data) + return data def __pol_replace(self, pol_data, entry): for e in pol_data.entries: if e.keyname == entry['keyname'] and \ e.valuename == entry['valuename']: - e.data = entry['data'] + e.data = self.__set_data(e.type, entry['data']) break else: e = preg.entry() e.keyname = entry['keyname'] e.valuename = entry['valuename'] e.type = self.__determine_data_type(entry) - e.data = entry['data'] + e.data = self.__set_data(e.type, entry['data']) entries = list(pol_data.entries) entries.append(e) pol_data.entries = entries diff --git a/python/samba/tests/samba_tool/gpo.py b/python/samba/tests/samba_tool/gpo.py index 6076bda56c8..fcb2682eb24 100644 --- a/python/samba/tests/samba_tool/gpo.py +++ b/python/samba/tests/samba_tool/gpo.py @@ -51,6 +51,20 @@ b""" "class": "USER", "type": 1, "data": "samba.org" + }, + { + "keyname": "Software\\\\Microsoft\\\\Internet Explorer\\\\Toolbar", + "valuename": "IEToolbar", + "class": "USER", + "type": "REG_BINARY", + "data": [0] + }, + { + "keyname": "Software\\\\Policies\\\\Microsoft\\\\InputPersonalization", + "valuename": "RestrictImplicitTextCollection", + "class": "USER", + "type": "REG_DWORD", + "data": 1 } ] """ @@ -67,6 +81,16 @@ b""" "keyname": "Software\\\\Policies\\\\Mozilla\\\\Firefox\\\\Homepage", "valuename": "URL", "class": "USER" + }, + { + "keyname": "Software\\\\Microsoft\\\\Internet Explorer\\\\Toolbar", + "valuename": "IEToolbar", + "class": "USER" + }, + { + "keyname": "Software\\\\Policies\\\\Microsoft\\\\InputPersonalization", + "valuename": "RestrictImplicitTextCollection", + "class": "USER" } ] """ @@ -1554,7 +1578,16 @@ class GpoCmdTestCase(SambaToolCmdTest): (result, out, err) = self.runsubcmd("gpo", "show", self.gpo_guid, "-H", "ldap://%s" % os.environ["SERVER"]) self.assertCmdSuccess(result, out, err, 'Failed to fetch gpos') + self.assertIn('homepage', out, 'Homepage policy not loaded') self.assertIn('samba.org', out, 'Homepage policy not loaded') + toolbar_data = '"valuename": "IEToolbar",\n "class": "USER",' + \ + '\n "type": "REG_BINARY",' + \ + '\n "data": [\n 0\n ]' + self.assertIn(toolbar_data, out, 'Toolbar policy not loaded') + restrict_data = '"valuename": "RestrictImplicitTextCollection",' + \ + '\n "class": "USER",' + \ + '\n "type": "REG_DWORD",\n "data": 1\n' + self.assertIn(restrict_data, out, 'Restrict policy not loaded') with NamedTemporaryFile() as f: f.write(gpo_remove_json)