r12747: Add a couple more token tests, used by the kludge ACL module.

Andrew Bartlett

diff --git a/source/libcli/security/security_token.c b/source/libcli/security/security_token.c
index 04d10bf83bd11ada483be2bd4be2d32be7b23692..6774894a86c892e13fddc75375b8f2a59971b8c7 100644 (file)
--- a/source/libcli/security/security_token.c
+++ b/source/libcli/security/security_token.c
@@ -190,3 +190,33 @@ BOOL is_anonymous_token(struct security_token *token)
        return False;
 }
 
+BOOL is_authenticated_token(struct security_token *token) 
+{
+       TALLOC_CTX *mem_ctx = talloc_new(token);
+       int i;
+       struct dom_sid *authenticated = dom_sid_parse_talloc(mem_ctx, SID_NT_ANONYMOUS);
+       for (i = 0; i < token->num_sids; i++) {
+               if (dom_sid_equal(token->sids[i], authenticated)) {
+                       talloc_free(mem_ctx);
+                       return True;
+               }
+       }
+       talloc_free(mem_ctx);
+       return False;
+}
+
+BOOL is_administrator_token(struct security_token *token) 
+{
+       TALLOC_CTX *mem_ctx = talloc_new(token);
+       int i;
+       struct dom_sid *administrators = dom_sid_parse_talloc(mem_ctx, SID_BUILTIN_ADMINISTRATORS);
+       for (i = 0; i < token->num_sids; i++) {
+               if (dom_sid_equal(token->sids[i], administrators)) {
+                       talloc_free(mem_ctx);
+                       return True;
+               }
+       }
+       talloc_free(mem_ctx);
+       return False;
+}
+