s3-printing: Remove deprecated lp_printer_admin().

author Andreas Schneider <asn@samba.org>

Fri, 22 Jun 2012 13:38:25 +0000 (15:38 +0200)

committer Andreas Schneider <asn@samba.org>

Tue, 3 Jul 2012 19:56:49 +0000 (21:56 +0200)
author Andreas Schneider <asn@samba.org>
Fri, 22 Jun 2012 13:38:25 +0000 (15:38 +0200)
committer Andreas Schneider <asn@samba.org>
Tue, 3 Jul 2012 19:56:49 +0000 (21:56 +0200)
diff --git a/examples/scripts/shares/python/smbparm.py b/examples/scripts/shares/python/smbparm.py

index 37939921b65f9b0a0c7a7f999e68feffeb8c5eb6..8dca781ffcb0b474597aad53ffbe90f023471aa0 100644 (file)
--- a/examples/scripts/shares/python/smbparm.py
+++ b/examples/scripts/shares/python/smbparm.py
@@ -257,7 +257,6 @@ parm_table = {
         "PARANOIDSERVERSECURITY" : ("paranoid server security", SambaParmBool, P_GLOBAL, "Yes"),
         "WTMPDIRECTORY"          : ("wtmp directory", SambaParmString, P_GLOBAL, ""),
         "ADDPRINTERCOMMAND"      : ("addprinter command", SambaParmString, P_GLOBAL, ""),
         "PARANOIDSERVERSECURITY" : ("paranoid server security", SambaParmBool, P_GLOBAL, "Yes"),
         "WTMPDIRECTORY"          : ("wtmp directory", SambaParmString, P_GLOBAL, ""),
         "ADDPRINTERCOMMAND"      : ("addprinter command", SambaParmString, P_GLOBAL, ""),
-       "PRINTERADMIN"           : ("printer admin", SambaParmString, P_LOCAL, ""),
         "WINSSERVER"             : ("wins server", SambaParmString, P_GLOBAL, ""),
         "LDAPTIMEOUT"            : ("ldap timeout", SambaParmString, P_GLOBAL, "15"),
         "LOCKDIRECTORY"          : ("lock directory", SambaParmString, P_GLOBAL, "/var/lib/samba"),
         "WINSSERVER"             : ("wins server", SambaParmString, P_GLOBAL, ""),
         "LDAPTIMEOUT"            : ("ldap timeout", SambaParmString, P_GLOBAL, "15"),
         "LOCKDIRECTORY"          : ("lock directory", SambaParmString, P_GLOBAL, "/var/lib/samba"),
diff --git a/source3/include/proto.h b/source3/include/proto.h

index 1fced14d1d351237150fa5978fe9fc920c6194bc..979bcfe0ced39e80c805a6c298105ea545cae8ab 100644 (file)
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -1263,7 +1263,6 @@ char *lp_force_user(int );
  char *lp_force_group(int );
  const char **lp_readlist(int );
  const char **lp_writelist(int );
  char *lp_force_group(int );
  const char **lp_readlist(int );
  const char **lp_writelist(int );
-const char **lp_printer_admin(int );
  char *lp_fstype(int );
  const char **lp_vfs_objects(int );
  char *lp_msdfs_proxy(int );
  char *lp_fstype(int );
  const char **lp_vfs_objects(int );
  char *lp_msdfs_proxy(int );
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c

index ba57553802a25f9e5c0ebd562ffdd52d72e23562..e31c0472301a34a33e6149043aca585d4f778082 100644 (file)
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -179,7 +179,6 @@ static struct loadparm_service sDefault =
         .force_group = NULL,
         .readlist = NULL,
         .writelist = NULL,
         .force_group = NULL,
         .readlist = NULL,
         .writelist = NULL,
-       .printer_admin = NULL,
         .volume = NULL,
         .fstype = NULL,
         .szVfsObjects = NULL,
         .volume = NULL,
         .fstype = NULL,
         .szVfsObjects = NULL,
@@ -1020,15 +1019,6 @@ static struct parm_struct parm_table[] = {
                 .enum_list      = NULL,
                 .flags          = FLAG_ADVANCED | FLAG_GLOBAL | FLAG_SHARE,
         },
                 .enum_list      = NULL,
                 .flags          = FLAG_ADVANCED | FLAG_GLOBAL | FLAG_SHARE,
         },
-       {
-               .label          = "printer admin",
-               .type           = P_LIST,
-               .p_class        = P_LOCAL,
-               .offset         = LOCAL_VAR(printer_admin),
-               .special        = NULL,
-               .enum_list      = NULL,
-               .flags          = FLAG_ADVANCED | FLAG_GLOBAL | FLAG_PRINT | FLAG_DEPRECATED,
-       },
         {
                 .label          = "force user",
                 .type           = P_STRING,
         {
                 .label          = "force user",
                 .type           = P_STRING,
diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c

index 9e7ca4083428f9163080c91eedbc0e4676f1a213..b821d28326bacfd53ab4f5bdd6e0a03e2b27d5eb 100644 (file)
--- a/source3/printing/nt_printing.c
+++ b/source3/printing/nt_printing.c
@@ -1783,17 +1783,6 @@ bool print_access_check(const struct auth_session_info *session_info,
  
         DEBUG(4, ("access check was %s\n", NT_STATUS_IS_OK(status) ? "SUCCESS" : "FAILURE"));
  
  
         DEBUG(4, ("access check was %s\n", NT_STATUS_IS_OK(status) ? "SUCCESS" : "FAILURE"));
  
-        /* see if we need to try the printer admin list */
-
-        if (!NT_STATUS_IS_OK(status) &&
-           (token_contains_name_in_list(uidtoname(session_info->unix_token->uid),
-                                        session_info->info->domain_name,
-                                        NULL, session_info->security_token,
-                                        lp_printer_admin(snum)))) {
-               talloc_destroy(mem_ctx);
-               return True;
-        }
-
         talloc_destroy(mem_ctx);
  
         if (!NT_STATUS_IS_OK(status)) {
         talloc_destroy(mem_ctx);
  
         if (!NT_STATUS_IS_OK(status)) {
diff --git a/source3/rpc_server/spoolss/srv_spoolss_nt.c b/source3/rpc_server/spoolss/srv_spoolss_nt.c

index 8278ae8390e6b4cbb7f93cfc86aaa29216e4023f..b67d57180737a9b816b2ca08bb4f97be148640c6 100644 (file)
--- a/source3/rpc_server/spoolss/srv_spoolss_nt.c
+++ b/source3/rpc_server/spoolss/srv_spoolss_nt.c
@@ -1811,13 +1811,8 @@ WERROR _spoolss_OpenPrinterEx(struct pipes_struct *p,
  
                         if ((p->session_info->unix_token->uid != sec_initial_uid()) &&
                             !security_token_has_privilege(p->session_info->security_token, SEC_PRIV_PRINT_OPERATOR) &&
  
                         if ((p->session_info->unix_token->uid != sec_initial_uid()) &&
                             !security_token_has_privilege(p->session_info->security_token, SEC_PRIV_PRINT_OPERATOR) &&
-                           !nt_token_check_sid(&global_sid_Builtin_Print_Operators, p->session_info->security_token) &&
-                           !token_contains_name_in_list(
-                                   uidtoname(p->session_info->unix_token->uid),
-                                   p->session_info->info->domain_name,
-                                   NULL,
-                                   p->session_info->security_token,
-                                   lp_printer_admin(snum))) {
+                           !nt_token_check_sid(&global_sid_Builtin_Print_Operators,
+                                               p->session_info->security_token)) {
                                 close_printer_handle(p, r->out.handle);
                                 ZERO_STRUCTP(r->out.handle);
                                 DEBUG(3,("access DENIED as user is not root, "
                                 close_printer_handle(p, r->out.handle);
                                 ZERO_STRUCTP(r->out.handle);
                                 DEBUG(3,("access DENIED as user is not root, "
@@ -2081,15 +2076,9 @@ WERROR _spoolss_DeletePrinterDriver(struct pipes_struct *p,
         /* if the user is not root, doesn't have SE_PRINT_OPERATOR privilege,
            and not a printer admin, then fail */
  
         /* if the user is not root, doesn't have SE_PRINT_OPERATOR privilege,
            and not a printer admin, then fail */
  
-       if ( (p->session_info->unix_token->uid != sec_initial_uid())
-            && !security_token_has_privilege(p->session_info->security_token, SEC_PRIV_PRINT_OPERATOR)
-               && !token_contains_name_in_list(
-                       uidtoname(p->session_info->unix_token->uid),
-                       p->session_info->info->domain_name,
-                       NULL,
-                       p->session_info->security_token,
-                       lp_printer_admin(-1)) )
-       {
+       if ((p->session_info->unix_token->uid != sec_initial_uid()) &&
+           !security_token_has_privilege(p->session_info->security_token,
+                                         SEC_PRIV_PRINT_OPERATOR)) {
                 return WERR_ACCESS_DENIED;
         }
  
                 return WERR_ACCESS_DENIED;
         }
  
@@ -2226,14 +2215,9 @@ WERROR _spoolss_DeletePrinterDriverEx(struct pipes_struct *p,
         /* if the user is not root, doesn't have SE_PRINT_OPERATOR privilege,
            and not a printer admin, then fail */
  
         /* if the user is not root, doesn't have SE_PRINT_OPERATOR privilege,
            and not a printer admin, then fail */
  
-       if ( (p->session_info->unix_token->uid != sec_initial_uid())
-               && !security_token_has_privilege(p->session_info->security_token, SEC_PRIV_PRINT_OPERATOR)
-               && !token_contains_name_in_list(
-                       uidtoname(p->session_info->unix_token->uid),
-                       p->session_info->info->domain_name,
-                       NULL,
-                       p->session_info->security_token, lp_printer_admin(-1)) )
-       {
+       if ((p->session_info->unix_token->uid != sec_initial_uid()) &&
+           !security_token_has_privilege(p->session_info->security_token,
+                                         SEC_PRIV_PRINT_OPERATOR)) {
                 return WERR_ACCESS_DENIED;
         }
  
                 return WERR_ACCESS_DENIED;
         }
  
@@ -8664,12 +8648,8 @@ WERROR _spoolss_AddForm(struct pipes_struct *p,
            and not a printer admin, then fail */
  
         if ((p->session_info->unix_token->uid != sec_initial_uid()) &&
            and not a printer admin, then fail */
  
         if ((p->session_info->unix_token->uid != sec_initial_uid()) &&
-           !security_token_has_privilege(p->session_info->security_token, SEC_PRIV_PRINT_OPERATOR) &&
-           !token_contains_name_in_list(uidtoname(p->session_info->unix_token->uid),
-                                         p->session_info->info->domain_name,
-                                         NULL,
-                                         p->session_info->security_token,
-                                         lp_printer_admin(snum))) {
+           !security_token_has_privilege(p->session_info->security_token,
+                                         SEC_PRIV_PRINT_OPERATOR)) {
                 DEBUG(2,("_spoolss_Addform: denied by insufficient permissions.\n"));
                 return WERR_ACCESS_DENIED;
         }
                 DEBUG(2,("_spoolss_Addform: denied by insufficient permissions.\n"));
                 return WERR_ACCESS_DENIED;
         }
@@ -8742,12 +8722,8 @@ WERROR _spoolss_DeleteForm(struct pipes_struct *p,
         }
  
         if ((p->session_info->unix_token->uid != sec_initial_uid()) &&
         }
  
         if ((p->session_info->unix_token->uid != sec_initial_uid()) &&
-           !security_token_has_privilege(p->session_info->security_token, SEC_PRIV_PRINT_OPERATOR) &&
-           !token_contains_name_in_list(uidtoname(p->session_info->unix_token->uid),
-                                         p->session_info->info->domain_name,
-                                         NULL,
-                                         p->session_info->security_token,
-                                         lp_printer_admin(snum))) {
+           !security_token_has_privilege(p->session_info->security_token,
+                                         SEC_PRIV_PRINT_OPERATOR)) {
                 DEBUG(2,("_spoolss_DeleteForm: denied by insufficient permissions.\n"));
                 return WERR_ACCESS_DENIED;
         }
                 DEBUG(2,("_spoolss_DeleteForm: denied by insufficient permissions.\n"));
                 return WERR_ACCESS_DENIED;
         }
@@ -8816,12 +8792,8 @@ WERROR _spoolss_SetForm(struct pipes_struct *p,
            and not a printer admin, then fail */
  
         if ((p->session_info->unix_token->uid != sec_initial_uid()) &&
            and not a printer admin, then fail */
  
         if ((p->session_info->unix_token->uid != sec_initial_uid()) &&
-            !security_token_has_privilege(p->session_info->security_token, SEC_PRIV_PRINT_OPERATOR) &&
-            !token_contains_name_in_list(uidtoname(p->session_info->unix_token->uid),
-                                         p->session_info->info->domain_name,
-                                         NULL,
-                                         p->session_info->security_token,
-                                         lp_printer_admin(snum))) {
+            !security_token_has_privilege(p->session_info->security_token,
+                                          SEC_PRIV_PRINT_OPERATOR)) {
                 DEBUG(2,("_spoolss_Setform: denied by insufficient permissions.\n"));
                 return WERR_ACCESS_DENIED;
         }
                 DEBUG(2,("_spoolss_Setform: denied by insufficient permissions.\n"));
                 return WERR_ACCESS_DENIED;
         }
author	Andreas Schneider <asn@samba.org>
	Fri, 22 Jun 2012 13:38:25 +0000 (15:38 +0200)
committer	Andreas Schneider <asn@samba.org>
	Tue, 3 Jul 2012 19:56:49 +0000 (21:56 +0200)
examples/scripts/shares/python/smbparm.py		patch \| blob \| history
source3/include/proto.h		patch \| blob \| history
source3/param/loadparm.c		patch \| blob \| history
source3/printing/nt_printing.c		patch \| blob \| history
source3/rpc_server/spoolss/srv_spoolss_nt.c		patch \| blob \| history