From e41e7cd1ad72d0685a65dfab036ef46ee2666825 Mon Sep 17 00:00:00 2001 From: Alberto Maria Fiaschi Date: Tue, 23 Feb 2016 18:22:10 +0100 Subject: [PATCH] acess based share enum: handle permission set in configuration files change function is_enumeration_allowed to check permissions set by fields: valid users, invalid users, only user. Signed-off-by: Alberto Maria Fiaschi --- source3/rpc_server/srvsvc/srv_srvsvc_nt.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/source3/rpc_server/srvsvc/srv_srvsvc_nt.c b/source3/rpc_server/srvsvc/srv_srvsvc_nt.c index b1e9d13..01282aa 100644 --- a/source3/rpc_server/srvsvc/srv_srvsvc_nt.c +++ b/source3/rpc_server/srvsvc/srv_srvsvc_nt.c @@ -480,6 +480,15 @@ static bool is_enumeration_allowed(struct pipes_struct *p, if (!lp_access_based_share_enum(snum)) return true; + if (lp_invalid_users(snum) != NULL || lp_valid_users(snum) != NULL || + lp_only_user(snum)) + return user_ok_token( p->session_info->info->account_name, + p->session_info->info->domain_name, + p->session_info->security_token, snum) && + share_access_check(p->session_info->security_token, + lp_servicename(talloc_tos(), snum), + FILE_READ_DATA, NULL); + return share_access_check(p->session_info->security_token, lp_servicename(talloc_tos(), snum), FILE_READ_DATA, NULL);