python/samdb: validation of group member types for group member filter

author Björn Baumbach <bb@sernet.de>

Mon, 30 Dec 2019 12:57:26 +0000 (13:57 +0100)

committer Stefan Metzmacher <metze@samba.org>

Tue, 21 Jan 2020 14:38:46 +0000 (14:38 +0000)
author Björn Baumbach <bb@sernet.de>
Mon, 30 Dec 2019 12:57:26 +0000 (13:57 +0100)
committer Stefan Metzmacher <metze@samba.org>
Tue, 21 Jan 2020 14:38:46 +0000 (14:38 +0000)
diff --git a/python/samba/samdb.py b/python/samba/samdb.py

index 4606b607323a3457e4cf12a1f42cbd8cdca1b166..af3a7ddf96af43ca9d389c2bf0ea29a22bb98289 100644 (file)
--- a/python/samba/samdb.py
+++ b/python/samba/samdb.py
@@ -264,6 +264,12 @@ pwdLastSet: 0
          if 'all' in member_types:
              member_types = all_member_types
  
+        for member_type in member_types:
+            if member_type not in all_member_types:
+                raise Exception('Invalid group member type "%s". '
+                                'Valid types are %s and all.' %
+                                (member_type, ", ".join(all_member_types)))
+
          if 'user' in member_types:
              filter += ('(&(sAMAccountName=%s)(samAccountType=%d))' %
                         (ldb.binary_encode(member), dsdb.ATYPE_NORMAL_ACCOUNT))
author	Björn Baumbach <bb@sernet.de>
	Mon, 30 Dec 2019 12:57:26 +0000 (13:57 +0100)
committer	Stefan Metzmacher <metze@samba.org>
	Tue, 21 Jan 2020 14:38:46 +0000 (14:38 +0000)