[PATCH] Port of samba.security Python module
Stefan Metzmacher
metze at samba.org
Tue Aug 8 08:47:27 UTC 2017
Hi Lumir,
> +
> +class CheckAccessTests(samba.tests.TestCase):
> +
> + def test_check_access(self):
> + desc = security.descriptor.from_sddl("O:AOG:DAD:(A;;RPWPCCDCLCSWRCWDWOGA;;;S-1-0-0)", security.dom_sid("S-2-0-0"))
> + token = security.token()
> +
> + self.assertEqual(access_check(desc, token, 0), 0)
> +
> + params = (
> + (-1, -1073741727, 'A required privilege is not held by the client.'),
> + (1, -1073741790, '{Access Denied} A process has requested access to an object but has not been granted those access rights.')
> + )
Can you use string constants for the integer values?
I guess you can use
security.SEC_FLAG_SYSTEM_SECURITY/ntstatus.NT_STATUS_PRIVILEGE_NOT_HELD
and
security.SEC_STD_READ_CONTROL/ntstatus.NT_STATUS_ACCESS_DENIED
And I guess checking the status code is enough, we don't
need to assert on the error message.
metze
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20170808/42085714/signature.sig>
More information about the samba-technical
mailing list