r4198: - added server side code for lsa_AddAccountRights

author Andrew Tridgell <tridge@samba.org>

Tue, 14 Dec 2004 06:10:45 +0000 (06:10 +0000)

committer Gerald (Jerry) Carter <jerry@samba.org>

Wed, 10 Oct 2007 18:07:25 +0000 (13:07 -0500)
author Andrew Tridgell <tridge@samba.org>
Tue, 14 Dec 2004 06:10:45 +0000 (06:10 +0000)
committer Gerald (Jerry) Carter <jerry@samba.org>
Wed, 10 Oct 2007 18:07:25 +0000 (13:07 -0500)
diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c

index 9f708dac10e518325f355f5c7bdd18e7fe3d01ab..9f205d6ef029f0ba6be2f7dbae76fca276fb275b 100644 (file)
--- a/source4/rpc_server/lsa/dcesrv_lsa.c
+++ b/source4/rpc_server/lsa/dcesrv_lsa.c
@@ -1031,18 +1031,76 @@ static NTSTATUS lsa_EnumAccountRights(struct dcesrv_call_state *dce_call,
  /* 
    lsa_AddAccountRights
  */
-static NTSTATUS lsa_AddAccountRights(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
-                      struct lsa_AddAccountRights *r)
+static NTSTATUS lsa_AddAccountRights(struct dcesrv_call_state *dce_call, 
+                                    TALLOC_CTX *mem_ctx,
+                                    struct lsa_AddAccountRights *r)
  {
-       DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+       struct dcesrv_handle *h;
+       struct lsa_policy_state *state;
+       const char *sidstr;
+       struct ldb_message msg;
+       struct ldb_message_element el;
+       int i, ret;
+       const char *dn;
+
+       DCESRV_PULL_HANDLE(h, r->in.handle, LSA_HANDLE_POLICY);
+
+       state = h->data;
+
+       sidstr = dom_sid_string(mem_ctx, r->in.sid);
+       if (sidstr == NULL) {
+               return NT_STATUS_NO_MEMORY;
+       }
+
+       dn = samdb_search_string(state->sam_ctx, mem_ctx, NULL, "dn", 
+                                "objectSid=%s", sidstr);
+       if (dn == NULL) {
+               return NT_STATUS_NO_SUCH_USER;
+       }
+
+       msg.dn = talloc_strdup(mem_ctx, dn);
+       if (msg.dn == NULL) {
+               return NT_STATUS_NO_MEMORY;
+       }
+       msg.num_elements = 1;
+       msg.elements = &el;
+       el.flags = LDB_FLAG_MOD_ADD;
+       el.name = talloc_strdup(mem_ctx, "privilege");
+       if (el.name == NULL) {
+               return NT_STATUS_NO_MEMORY;
+       }
+       el.num_values = r->in.rights->count;
+       el.values = talloc_array_p(mem_ctx, struct ldb_val, el.num_values);
+       if (el.values == NULL) {
+               return NT_STATUS_NO_MEMORY;
+       }
+       for (i=0;i<el.num_values;i++) {
+               if (sec_privilege_id(r->in.rights->names[i].string) == -1) {
+                       return NT_STATUS_NO_SUCH_PRIVILEGE;
+               }
+               el.values[i].length = strlen(r->in.rights->names[i].string);
+               el.values[i].data = talloc_strdup(mem_ctx, 
+                                                 r->in.rights->names[i].string);
+               if (el.values[i].data == NULL) {
+                       return NT_STATUS_NO_MEMORY;
+               }
+       }
+
+       ret = samdb_modify(state->sam_ctx, mem_ctx, &msg);
+       if (ret != 0) {
+               return NT_STATUS_UNEXPECTED_IO_ERROR;
+       }
+
+       return NT_STATUS_OK;
  }
  
  
  /* 
    lsa_RemoveAccountRights
  */
-static NTSTATUS lsa_RemoveAccountRights(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
-                      struct lsa_RemoveAccountRights *r)
+static NTSTATUS lsa_RemoveAccountRights(struct dcesrv_call_state *dce_call, 
+                                       TALLOC_CTX *mem_ctx,
+                                       struct lsa_RemoveAccountRights *r)
  {
         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
  }
author	Andrew Tridgell <tridge@samba.org>
	Tue, 14 Dec 2004 06:10:45 +0000 (06:10 +0000)
committer	Gerald (Jerry) Carter <jerry@samba.org>
	Wed, 10 Oct 2007 18:07:25 +0000 (13:07 -0500)