2 Unix SMB/CIFS implementation.
3 Samba utility functions
4 Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2008
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
19 #include "libcli/security/security.h"
21 static PyObject *py_dom_sid_eq(PyObject *self, PyObject *args)
23 struct dom_sid *this = py_talloc_get_ptr(self), *other;
26 if (!PyArg_ParseTuple(args, "O", &py_other))
29 other = py_talloc_get_type(py_other, struct dom_sid);
33 return dom_sid_equal(this, other)?Py_True:Py_False;
36 static PyObject *py_dom_sid_str(PyObject *self)
38 struct dom_sid *this = py_talloc_get_ptr(self);
39 char *str = dom_sid_string(NULL, this);
40 PyObject *ret = PyString_FromString(str);
45 static PyObject *py_dom_sid_repr(PyObject *self)
47 struct dom_sid *this = py_talloc_get_ptr(self);
48 char *str = dom_sid_string(NULL, this);
49 PyObject *ret = PyString_FromFormat("dom_sid('%s')", str);
54 #define PY_DOM_SID_REPR py_dom_sid_repr
56 static PyObject *py_dom_sid_init(PyObject *self, PyObject *args)
58 struct dom_sid *this = py_talloc_get_ptr(self);
60 struct dom_sid *new_this;
62 if (!PyArg_ParseTuple(args, "|s", &str))
65 new_this = dom_sid_parse_talloc(NULL, str);
66 memcpy(this, new_this, sizeof(*new_this));
67 talloc_free(new_this);
71 #define PY_DOM_SID_EXTRA_METHODS \
72 { "__eq__", (PyCFunction)py_dom_sid_eq, METH_VARARGS, "S.__eq__(x) -> S == x" }, \
73 { "__str__", (PyCFunction)py_dom_sid_str, METH_NOARGS, "S.__str__() -> str(S)" }, \
74 { "__init__", (PyCFunction)py_dom_sid_init, METH_VARARGS, "S.__init__(str=None)" },
76 static PyObject *py_descriptor_sacl_add(PyObject *self, PyObject *args)
78 struct security_descriptor *desc = py_talloc_get_ptr(self);
80 struct security_ace *ace;
83 if (!PyArg_ParseTuple(args, "O", &py_ace))
86 ace = py_talloc_get_ptr(py_ace);
87 status = security_descriptor_sacl_add(desc, ace);
88 PyErr_NTSTATUS_IS_ERR_RAISE(status);
92 static PyObject *py_descriptor_dacl_add(PyObject *self, PyObject *args)
94 struct security_descriptor *desc = py_talloc_get_ptr(self);
96 struct security_ace *ace;
99 if (!PyArg_ParseTuple(args, "O", &py_ace))
102 ace = py_talloc_get_ptr(py_ace);
104 status = security_descriptor_dacl_add(desc, ace);
105 PyErr_NTSTATUS_IS_ERR_RAISE(status);
109 static PyObject *py_descriptor_dacl_del(PyObject *self, PyObject *args)
111 struct security_descriptor *desc = py_talloc_get_ptr(self);
116 if (!PyArg_ParseTuple(args, "O", &py_sid))
119 sid = py_talloc_get_ptr(py_sid);
120 status = security_descriptor_dacl_del(desc, sid);
121 PyErr_NTSTATUS_IS_ERR_RAISE(status);
125 static PyObject *py_descriptor_sacl_del(PyObject *self, PyObject *args)
127 struct security_descriptor *desc = py_talloc_get_ptr(self);
132 if (!PyArg_ParseTuple(args, "O", &py_sid))
135 sid = py_talloc_get_ptr(py_sid);
136 status = security_descriptor_sacl_del(desc, sid);
137 PyErr_NTSTATUS_IS_ERR_RAISE(status);
141 static PyObject *py_descriptor_eq(PyObject *self, PyObject *args)
143 struct security_descriptor *desc1 = py_talloc_get_ptr(self), *desc2;
146 if (!PyArg_ParseTuple(args, "O", &py_other))
149 desc2 = py_talloc_get_ptr(py_other);
151 return PyBool_FromLong(security_descriptor_equal(desc1, desc2));
154 static PyObject *py_descriptor_new(PyTypeObject *self, PyObject *args, PyObject *kwargs)
156 return py_talloc_import(self, security_descriptor_initialise(NULL));
159 #define PY_SECURITY_DESCRIPTOR_EXTRA_METHODS \
160 { "sacl_add", (PyCFunction)py_descriptor_sacl_add, METH_VARARGS, \
161 "S.sacl_add(ace) -> None\n" \
162 "Add a security ace to this security descriptor" },\
163 { "dacl_add", (PyCFunction)py_descriptor_dacl_add, METH_VARARGS, \
165 { "dacl_del", (PyCFunction)py_descriptor_dacl_del, METH_VARARGS, \
167 { "sacl_del", (PyCFunction)py_descriptor_sacl_del, METH_VARARGS, \
169 { "__eq__", (PyCFunction)py_descriptor_eq, METH_VARARGS, \
172 static PyObject *py_token_is_sid(PyObject *self, PyObject *args)
176 struct security_token *token = py_talloc_get_ptr(self);
177 if (!PyArg_ParseTuple(args, "O", &py_sid))
180 sid = py_talloc_get_ptr(py_sid);
182 return PyBool_FromLong(security_token_is_sid(token, sid));
185 static PyObject *py_token_has_sid(PyObject *self, PyObject *args)
189 struct security_token *token = py_talloc_get_ptr(self);
190 if (!PyArg_ParseTuple(args, "O", &py_sid))
193 sid = py_talloc_get_ptr(py_sid);
195 return PyBool_FromLong(security_token_has_sid(token, sid));
198 static PyObject *py_token_is_anonymous(PyObject *self)
200 struct security_token *token = py_talloc_get_ptr(self);
202 return PyBool_FromLong(security_token_is_anonymous(token));
205 static PyObject *py_token_is_system(PyObject *self)
207 struct security_token *token = py_talloc_get_ptr(self);
209 return PyBool_FromLong(security_token_is_system(token));
212 static PyObject *py_token_has_builtin_administrators(PyObject *self)
214 struct security_token *token = py_talloc_get_ptr(self);
216 return PyBool_FromLong(security_token_has_builtin_administrators(token));
219 static PyObject *py_token_has_nt_authenticated_users(PyObject *self)
221 struct security_token *token = py_talloc_get_ptr(self);
223 return PyBool_FromLong(security_token_has_nt_authenticated_users(token));
226 static PyObject *py_token_has_privilege(PyObject *self, PyObject *args)
229 struct security_token *token = py_talloc_get_ptr(self);
231 if (!PyArg_ParseTuple(args, "i", &priv))
234 return PyBool_FromLong(security_token_has_privilege(token, priv));
237 static PyObject *py_token_set_privilege(PyObject *self, PyObject *args)
240 struct security_token *token = py_talloc_get_ptr(self);
242 if (!PyArg_ParseTuple(args, "i", &priv))
245 security_token_set_privilege(token, priv);
249 static PyObject *py_token_new(PyTypeObject *self, PyObject *args, PyObject *kwargs)
251 return py_talloc_import(self, security_token_initialise(NULL));
254 #define PY_SECURITY_TOKEN_EXTRA_METHODS \
255 { "is_sid", (PyCFunction)py_token_is_sid, METH_VARARGS, \
256 "S.is_sid(sid) -> bool\n" \
257 "Check whether this token is of the specified SID." }, \
258 { "has_sid", (PyCFunction)py_token_has_sid, METH_VARARGS, \
260 { "is_anonymous", (PyCFunction)py_token_is_anonymous, METH_NOARGS, \
261 "S.is_anonymus() -> bool\n" \
262 "Check whether this is an anonymous token." }, \
263 { "is_system", (PyCFunction)py_token_is_system, METH_NOARGS, \
265 { "has_builtin_administrators", (PyCFunction)py_token_has_builtin_administrators, METH_NOARGS, \
267 { "has_nt_authenticated_users", (PyCFunction)py_token_has_nt_authenticated_users, METH_NOARGS, \
269 { "has_privilege", (PyCFunction)py_token_has_privilege, METH_VARARGS, \
271 { "set_privilege", (PyCFunction)py_token_set_privilege, METH_VARARGS, \
274 static PyObject *py_privilege_name(PyObject *self, PyObject *args)
277 if (!PyArg_ParseTuple(args, "i", &priv))
280 return PyString_FromString(sec_privilege_name(priv));
283 static PyObject *py_privilege_id(PyObject *self, PyObject *args)
287 if (!PyArg_ParseTuple(args, "s", &name))
290 return PyInt_FromLong(sec_privilege_id(name));
293 static PyObject *py_random_sid(PyObject *self)
297 char *str = talloc_asprintf(NULL, "S-1-5-21-%u-%u-%u",
298 (unsigned)generate_random(),
299 (unsigned)generate_random(),
300 (unsigned)generate_random());
302 sid = dom_sid_parse_talloc(NULL, str);
304 ret = py_talloc_import(&PyDomSidType, sid);