ó
E®Uc           @   s  d  d l  j Z d  d l Z d  d l m Z d  d l m Z d  d l m Z d  d l	 m
 Z
 d  d l m Z d  d l m Z m Z m Z m Z d e f d	 „  ƒ  YZ d
 e f d „  ƒ  YZ d e f d „  ƒ  YZ d e f d „  ƒ  YZ d e f d „  ƒ  YZ d e f d „  ƒ  YZ d S(   iÿÿÿÿN(   t	   provision(   t   dsdb(   t   SamDB(   t   system_session(   t   _get_user_realm_domain(   t   Commandt   CommandErrort   SuperCommandt   Optiont   cmd_delegation_showc           B   s€   e  Z d  Z d Z i e j d 6e j d 6e j d 6Z e	 d d d d d	 e
 d
 d d d ƒg Z d g Z d d d d d „ Z RS(   s*   Show the delegation setting of an account.s   %prog <accountname> [options]t	   sambaoptst   credoptst   versionoptss   -Hs   --URLt   helps%   LDB URL for database or target servert   typet   metavart   URLt   destt   Ht   accountnamec         C   sÆ  | j  ƒ  } | j | ƒ } t j | | j d ƒ ƒ } | d  k rN | j }	 n | }	 t |	 d t ƒ  d | d | ƒ}
 t	 | ƒ \ } } } |
 j
 d d t j | ƒ d t j d d	 d
 g ƒ } t | ƒ d k rã t d | ƒ ‚ n  t | ƒ d k sû t ‚ t | d j d	 ƒ d ƒ } | d j d
 ƒ } |  j j d t | d j ƒ ƒ |  j j d t | t j @ƒ ƒ |  j j d t | t j @ƒ ƒ | d  k	 rÂx% | D] } |  j j d | ƒ q¡Wn  d  S(   Nt   realmt   session_infot   credentialst   lpt
   expressions   sAMAccountName=%st   scopet   attrst   userAccountControls   msDS-AllowedToDelegateToi    s    Unable to find account name '%s'i   s   Account-DN: %s
s   UF_TRUSTED_FOR_DELEGATION: %s
s.   UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION: %s
s   msDS-AllowedToDelegateTo: %s
(   t   get_loadparmt   get_credentialsR    t   provision_paths_from_lpt   gett   Nonet   samdbR   R   R   t   searcht   ldbt   binary_encodet   SCOPE_SUBTREEt   lenR   t   AssertionErrort   intt   outft   writet   strt   dnt   boolR   t   UF_TRUSTED_FOR_DELEGATIONt)   UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION(   t   selfR   R   R   R
   R   R   t   credst   pathst   patht   samt   cleanedaccountR   t   domaint   rest   uact   allowedt   a(    (    s;   /usr/lib/python2.7/dist-packages/samba/netcmd/delegation.pyt   run6   s4    	!N(   t   __name__t
   __module__t   __doc__t   synopsist   optionst   SambaOptionst   CredentialsOptionst   VersionOptionst   takes_optiongroupsR   R+   t   takes_optionst
   takes_argsR    R;   (    (    (    s;   /usr/lib/python2.7/dist-packages/samba/netcmd/delegation.pyR	   $   s   

	t   cmd_delegation_for_any_servicec           B   sƒ   e  Z d  Z d Z i e j d 6e j d 6e j d 6Z e	 d d d d d	 e
 d
 d d d ƒg Z d d g Z d d d d d „ Z RS(   s3   Set/unset UF_TRUSTED_FOR_DELEGATION for an account.s(   %prog <accountname> [(on|off)] [options]R
   R   R   s   -Hs   --URLR   s%   LDB URL for database or target serverR   R   R   R   R   R   t   onoffc      	   C   s2  t  } | d k r t } n% | d k r0 t  } n t d | ƒ ‚ | j ƒ  } | j | ƒ }	 t j | | j d ƒ ƒ }
 | d  k rŽ |
 j	 } n | } t
 | d t ƒ  d |	 d | ƒ} t | ƒ \ } } } d t j | ƒ } t j } y& | j | | d	 d
 d | d t ƒWn t k
 r-} t | ƒ ‚ n Xd  S(   Nt   ont   offs0   invalid argument: '%s' (choose from 'on', 'off')R   R   R   R   s   sAMAccountName=%st	   flags_strs   Trusted-for-Delegationt   strict(   t   Falset   TrueR   R   R   R    R   R   R    R!   R   R   R   R#   R$   R   R.   t   toggle_userAccountFlagst	   Exception(   R0   R   RH   R   R   R
   R   RI   R   R1   R2   R3   R4   R5   R   R6   t   search_filtert   flagt   err(    (    s;   /usr/lib/python2.7/dist-packages/samba/netcmd/delegation.pyR;   n   s.    			N(   R<   R=   R>   R?   R@   RA   RB   RC   RD   R   R+   RE   RF   R    R;   (    (    (    s;   /usr/lib/python2.7/dist-packages/samba/netcmd/delegation.pyRG   \   s   

	t   cmd_delegation_for_any_protocolc           B   sƒ   e  Z d  Z d Z i e j d 6e j d 6e j d 6Z e	 d d d d d	 e
 d
 d d d ƒg Z d d g Z d d d d d „ Z RS(   sO   Set/unset UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION (S4U2Proxy) for an account.s(   %prog <accountname> [(on|off)] [options]R
   R   R   s   -Hs   --URLR   s%   LDB URL for database or target serverR   R   R   R   R   R   RH   c      	   C   s8  t  } | d k r t } n% | d k r0 t  } n t d | ƒ ‚ | j ƒ  } | j | d t ƒ}	 t j | | j d ƒ ƒ }
 | d  k r” |
 j	 } n | } t
 | d t ƒ  d |	 d | ƒ} t | ƒ \ } } } d	 t j | ƒ } t j } y& | j | | d
 d d | d t ƒWn t k
 r3} t | ƒ ‚ n Xd  S(   NRI   RJ   s0   invalid argument: '%s' (choose from 'on', 'off')t   fallback_machineR   R   R   R   s   sAMAccountName=%sRK   s&   Trusted-to-Authenticate-for-DelegationRL   (   RM   RN   R   R   R   R    R   R   R    R!   R   R   R   R#   R$   R   R/   RO   RP   (   R0   R   RH   R   R   R
   R   RI   R   R1   R2   R3   R4   R5   R   R6   RQ   RR   RS   (    (    s;   /usr/lib/python2.7/dist-packages/samba/netcmd/delegation.pyR;   ¤   s.    			N(   R<   R=   R>   R?   R@   RA   RB   RC   RD   R   R+   RE   RF   R    R;   (    (    (    s;   /usr/lib/python2.7/dist-packages/samba/netcmd/delegation.pyRT   ‘   s   

	t   cmd_delegation_add_servicec           B   sƒ   e  Z d  Z d Z i e j d 6e j d 6e j d 6Z e	 d d d d d	 e
 d
 d d d ƒg Z d d g Z d d d d d „ Z RS(   s4   Add a service principal as msDS-AllowedToDelegateTo.s)   %prog <accountname> <principal> [options]R
   R   R   s   -Hs   --URLR   s%   LDB URL for database or target serverR   R   R   R   R   R   t	   principalc         C   sj  | j  ƒ  } | j | ƒ } t j | | j d ƒ ƒ }	 | d  k rN |	 j }
 n | }
 t |
 d t ƒ  d | d | ƒ} t	 | ƒ \ } } } | j
 d d t j | ƒ d t j d d	 g ƒ } t | ƒ d
 k rà t d | ƒ ‚ n  t | ƒ d k sø t ‚ t j ƒ  } | d
 j | _ t j | g t j d	 ƒ | d	 <y | j | ƒ Wn t k
 re} t | ƒ ‚ n Xd  S(   NR   R   R   R   R   s   sAMAccountName=%sR   R   s   msDS-AllowedToDelegateToi    s    Unable to find account name '%s'i   (   R   R   R    R   R   R    R!   R   R   R   R"   R#   R$   R%   R&   R   R'   t   MessageR,   t   MessageElementt   FLAG_MOD_ADDt   modifyRP   (   R0   R   RW   R   R   R
   R   R   R1   R2   R3   R4   R5   R   R6   R7   t   msgRS   (    (    s;   /usr/lib/python2.7/dist-packages/samba/netcmd/delegation.pyR;   Ù   s2    	N(   R<   R=   R>   R?   R@   RA   RB   RC   RD   R   R+   RE   RF   R    R;   (    (    (    s;   /usr/lib/python2.7/dist-packages/samba/netcmd/delegation.pyRV   Ç   s   

	t   cmd_delegation_del_servicec           B   sƒ   e  Z d  Z d Z i e j d 6e j d 6e j d 6Z e	 d d d d d	 e
 d
 d d d ƒg Z d d g Z d d d d d „ Z RS(   s7   Delete a service principal as msDS-AllowedToDelegateTo.s)   %prog <accountname> <principal> [options]R
   R   R   s   -Hs   --URLR   s%   LDB URL for database or target serverR   R   R   R   R   R   RW   c         C   sj  | j  ƒ  } | j | ƒ } t j | | j d ƒ ƒ }	 | d  k rN |	 j }
 n | }
 t |
 d t ƒ  d | d | ƒ} t	 | ƒ \ } } } | j
 d d t j | ƒ d t j d d	 g ƒ } t | ƒ d
 k rà t d | ƒ ‚ n  t | ƒ d k sø t ‚ t j ƒ  } | d
 j | _ t j | g t j d	 ƒ | d	 <y | j | ƒ Wn t k
 re} t | ƒ ‚ n Xd  S(   NR   R   R   R   R   s   sAMAccountName=%sR   R   s   msDS-AllowedToDelegateToi    s    Unable to find account name '%s'i   (   R   R   R    R   R   R    R!   R   R   R   R"   R#   R$   R%   R&   R   R'   RX   R,   RY   t   FLAG_MOD_DELETER[   RP   (   R0   R   RW   R   R   R
   R   R   R1   R2   R3   R4   R5   R   R6   R7   R\   RS   (    (    s;   /usr/lib/python2.7/dist-packages/samba/netcmd/delegation.pyR;     s2    	N(   R<   R=   R>   R?   R@   RA   RB   RC   RD   R   R+   RE   RF   R    R;   (    (    (    s;   /usr/lib/python2.7/dist-packages/samba/netcmd/delegation.pyR]   ý   s   

	t   cmd_delegationc           B   sU   e  Z d  Z i  Z e ƒ  e d <e ƒ  e d <e ƒ  e d <e ƒ  e d <e ƒ  e d <RS(   s   Delegation management.t   shows   for-any-services   for-any-protocols   add-services   del-service(	   R<   R=   R>   t   subcommandsR	   RG   RT   RV   R]   (    (    (    s;   /usr/lib/python2.7/dist-packages/samba/netcmd/delegation.pyR_   3  s   (   t   samba.getoptt   getoptR@   R#   t   sambaR    R   t   samba.samdbR   t
   samba.authR   t   samba.netcmd.commonR   t   samba.netcmdR   R   R   R   R	   RG   RT   RV   R]   R_   (    (    (    s;   /usr/lib/python2.7/dist-packages/samba/netcmd/delegation.pyt   <module>   s   "85666