4 Copyright (C) Andrew Bartlett 2005
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 * Component: ldb kludge ACL module
26 * Description: Simple module to enforce a simple form of access
27 * control, sufficient for securing a default Samba4
30 * Author: Andrew Bartlett
34 #include "ldb/include/ldb.h"
35 #include "ldb/include/ldb_errors.h"
36 #include "ldb/include/ldb_private.h"
37 #include "auth/auth.h"
41 * - System can read passwords
42 * - Administrators can write anything
43 * - Users can read anything that is not a password
47 const char *password_attribs[] = {
65 char *some_private_data;
68 static enum user_is what_is_user(struct ldb_module *module)
70 struct auth_session_info *session_info
71 = ldb_get_opaque(module->ldb, "sessionInfo");
76 if (is_system_token(session_info->security_token)) {
80 if (is_administrator_token(session_info->security_token)) {
83 if (is_authenticated_token(session_info->security_token)) {
86 if (is_anonymous_token(session_info->security_token)) {
93 static int kludge_acl_search(struct ldb_module *module, struct ldb_request *req)
95 enum user_is user_type;
96 int ret = ldb_next_request(module, req);
97 struct ldb_message *msg;
100 if (ret != LDB_SUCCESS) {
104 user_type = what_is_user(module);
110 /* For every message, remove password attributes */
111 for (i=0; i < req->op.search.res->count; i++) {
112 msg = req->op.search.res->msgs[i];
113 for (j=0; j < ARRAY_SIZE(password_attribs); j++) {
114 ldb_msg_remove_attr(msg, password_attribs[j]);
121 /* ANY change type */
122 static int kludge_acl_change(struct ldb_module *module, struct ldb_request *req){
123 enum user_is user_type = what_is_user(module);
127 return ldb_next_request(module, req);
129 ldb_set_errstring(module,
130 talloc_asprintf(req, "kludge_acl_change: "
131 "attempted database modify not permitted. User is not SYSTEM or an administrator"));
132 return LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS;
136 /* start a transaction */
137 static int kludge_acl_start_trans(struct ldb_module *module)
139 return ldb_next_start_trans(module);
142 /* end a transaction */
143 static int kludge_acl_end_trans(struct ldb_module *module)
145 return ldb_next_end_trans(module);
148 /* delete a transaction */
149 static int kludge_acl_del_trans(struct ldb_module *module)
151 return ldb_next_del_trans(module);
154 static int kludge_acl_destructor(void *module_ctx)
156 struct ldb_module *ctx = talloc_get_type(module_ctx, struct ldb_module);
157 struct private_data *data = talloc_get_type(ctx->private_data, struct private_data);
158 /* put your clean-up functions here */
159 if (data->some_private_data) talloc_free(data->some_private_data);
163 static int kludge_acl_request(struct ldb_module *module, struct ldb_request *req)
165 switch (req->operation) {
168 return kludge_acl_search(module, req);
169 case LDB_REQ_REGISTER:
170 return ldb_next_request(module, req);
172 /* anything else must be a change of some kind */
173 return kludge_acl_change(module, req);
177 static const struct ldb_module_ops kludge_acl_ops = {
178 .name = "kludge_acl",
179 .request = kludge_acl_request,
180 .start_transaction = kludge_acl_start_trans,
181 .end_transaction = kludge_acl_end_trans,
182 .del_transaction = kludge_acl_del_trans,
185 struct ldb_module *kludge_acl_module_init(struct ldb_context *ldb, const char *options[])
187 struct ldb_module *ctx;
188 struct private_data *data;
190 ctx = talloc(ldb, struct ldb_module);
194 data = talloc(ctx, struct private_data);
200 data->some_private_data = NULL;
201 ctx->private_data = data;
204 ctx->prev = ctx->next = NULL;
205 ctx->ops = &kludge_acl_ops;
207 talloc_set_destructor (ctx, kludge_acl_destructor);