From e41e7cd1ad72d0685a65dfab036ef46ee2666825 Mon Sep 17 00:00:00 2001
From: Alberto Maria Fiaschi <alberto.fiaschi@estar.toscana.it>
Date: Tue, 23 Feb 2016 18:22:10 +0100
Subject: [PATCH] acess based share enum: handle permission set in
 configuration files

change function is_enumeration_allowed to check  permissions set by
fields: valid users, invalid users, only user.

Signed-off-by: Alberto Maria Fiaschi <alberto.fiaschi@estar.toscana.it>
---
 source3/rpc_server/srvsvc/srv_srvsvc_nt.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/source3/rpc_server/srvsvc/srv_srvsvc_nt.c b/source3/rpc_server/srvsvc/srv_srvsvc_nt.c
index b1e9d13..01282aa 100644
--- a/source3/rpc_server/srvsvc/srv_srvsvc_nt.c
+++ b/source3/rpc_server/srvsvc/srv_srvsvc_nt.c
@@ -480,6 +480,15 @@ static bool is_enumeration_allowed(struct pipes_struct *p,
     if (!lp_access_based_share_enum(snum))
         return true;
 
+    if (lp_invalid_users(snum) != NULL || lp_valid_users(snum) != NULL ||
+		    lp_only_user(snum))
+    	return  user_ok_token( p->session_info->info->account_name,
+			       p->session_info->info->domain_name,
+			       p->session_info->security_token, snum) &&
+		share_access_check(p->session_info->security_token,
+				   lp_servicename(talloc_tos(), snum),
+				   FILE_READ_DATA, NULL);
+
     return share_access_check(p->session_info->security_token,
 			      lp_servicename(talloc_tos(), snum),
 			      FILE_READ_DATA, NULL);