From: Björn Baumbach Date: Fri, 15 Mar 2019 13:20:05 +0000 (+0100) Subject: samba-tool user edit: avoid base64 encoded strings in editable ldif if possible X-Git-Tag: ldb-2.0.5~19 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=08742d1df8de52ec32c962f8875f7c13cbefd49a;p=thirdparty%2Fsamba.git samba-tool user edit: avoid base64 encoded strings in editable ldif if possible Use clear text arguments strings if possible. Makes it more comfortable for users to edit the user objects attributes. Remove test from knownfail: samba.tests.samba_tool.user_edit.change_attribute_force_no_base64 Signed-off-by: Björn Baumbach Reviewed-by: Andrew Bartlett --- diff --git a/python/samba/netcmd/common.py b/python/samba/netcmd/common.py index 86f3e5161b1..f53ff4555a9 100644 --- a/python/samba/netcmd/common.py +++ b/python/samba/netcmd/common.py @@ -20,7 +20,7 @@ import re from samba.dcerpc import nbt from samba.net import Net - +import ldb def _get_user_realm_domain(user): r""" get the realm or the domain and the base user @@ -69,3 +69,46 @@ def netcmd_get_domain_infos_via_cldap(lp, creds, address=None): cldap_ret = net.finddc(address=address, flags=nbt.NBT_SERVER_LDAP | nbt.NBT_SERVER_DS) return cldap_ret + +def is_printable_attr_val(val): + import unicodedata + + # The value must be convertable to a string value. + try: + str_val = str(val) + except: + return False + + # Characters of the Unicode Character Category "C" ("Other") are + # supposed to be not printable. The category "C" includes control + # characters, format specifier and others. + for c in str_val: + if unicodedata.category(c)[0] == 'C': + return False + + return True + +def get_ldif_for_editor(samdb, msg): + + # Copy the given message, because we do not + # want to modify the original message. + m = ldb.Message() + m.dn = msg.dn + + for k in msg.keys(): + if k == "dn": + continue + vals = msg[k] + m[k] = vals + need_base64 = False + for v in vals: + if is_printable_attr_val(v): + continue + need_base64 = True + break + if not need_base64: + m[k].set_flags(ldb.FLAG_FORCE_NO_BASE64_LDIF) + + result_ldif = samdb.write_ldif(m, ldb.CHANGETYPE_NONE) + + return result_ldif diff --git a/python/samba/netcmd/user.py b/python/samba/netcmd/user.py index 112756ea4f5..121050a26e6 100644 --- a/python/samba/netcmd/user.py +++ b/python/samba/netcmd/user.py @@ -2428,6 +2428,7 @@ LDAP server using the 'nano' editor. def run(self, username, credopts=None, sambaopts=None, versionopts=None, H=None, editor=None): + from . import common lp = sambaopts.get_loadparm() creds = credopts.get_credentials(lp, fallback_machine=True) @@ -2448,7 +2449,7 @@ LDAP server using the 'nano' editor. raise CommandError('Unable to find user "%s"' % (username)) for msg in res: - result_ldif = samdb.write_ldif(msg, ldb.CHANGETYPE_NONE) + result_ldif = common.get_ldif_for_editor(samdb, msg) if editor is None: editor = os.environ.get('EDITOR') diff --git a/selftest/knownfail.d/samba_tool.user_edit b/selftest/knownfail.d/samba_tool.user_edit deleted file mode 100644 index 5c5c9a6d781..00000000000 --- a/selftest/knownfail.d/samba_tool.user_edit +++ /dev/null @@ -1 +0,0 @@ -samba.tests.samba_tool.user_edit.change_attribute_force_no_base64