gp_csv: Add CSV generalization metadata

There are user identifiers and ACLs which may be stored in the audit CSV.

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/python/samba/gp_parse/gp_csv.py b/python/samba/gp_parse/gp_csv.py
index 4c7e7cfa5d5177599c604dd12039880eb456fbcd..b19f84c56f7d076d50e254844df20ec5879c7a87 100644 (file)
--- a/python/samba/gp_parse/gp_csv.py
+++ b/python/samba/gp_parse/gp_csv.py
@@ -56,10 +56,18 @@ class GPAuditCsvParser(GPParser):
 
             for line in self.lines:
                 child = SubElement(root, 'Row')
-                for e in [line[x] for x in self.header]:
+                for e, title in [(line[x], x) for x in self.header]:
                     value = SubElement(child, 'Value')
                     value.text = e
 
+                    # Metadata for generalization
+                    if title == 'Policy Target' and e != '':
+                        value.attrib['user_id'] = 'TRUE'
+                    if (title == 'Setting Value' and e != '' and
+                        (line['Subcategory'] == 'RegistryGlobalSacl' or
+                         line['Subcategory'] == 'FileGlobalSacl')):
+                        value.attrib['acl'] = 'TRUE'
+
             self.write_pretty_xml(root, f)