2 Unix SMB/CIFS implementation.
3 test suite for spoolss rpc operations
5 Copyright (C) Guenther Deschner 2010
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 #include "torture/torture.h"
23 #include "librpc/gen_ndr/ndr_misc.h"
24 #include "librpc/gen_ndr/ndr_spoolss.h"
25 #include "librpc/gen_ndr/ndr_spoolss_c.h"
26 #include "librpc/gen_ndr/ndr_samr_c.h"
27 #include "librpc/gen_ndr/ndr_lsa_c.h"
28 #include "librpc/gen_ndr/ndr_security.h"
29 #include "libcli/security/security.h"
30 #include "torture/rpc/torture_rpc.h"
31 #include "param/param.h"
32 #include "lib/cmdline/popt_common.h"
34 #define TORTURE_USER "torture_user"
35 #define TORTURE_USER_ADMINGROUP "torture_user_544"
36 #define TORTURE_USER_PRINTOPGROUP "torture_user_550"
37 #define TORTURE_USER_PRINTOPPRIV "torture_user_priv"
38 #define TORTURE_USER_SD "torture_user_sd"
39 #define TORTURE_WORKSTATION "torture_workstation"
44 uint32_t *builtin_memberships
;
45 uint32_t num_builtin_memberships
;
52 struct torture_access_context
{
53 struct dcerpc_pipe
*spoolss_pipe
;
54 const char *printername
;
55 struct security_descriptor
*sd_orig
;
56 struct torture_user user
;
59 static bool test_openprinter_handle(struct torture_context
*tctx
,
60 struct dcerpc_pipe
*p
,
61 const char *printername
,
64 struct policy_handle
*handle
)
66 struct spoolss_OpenPrinterEx r
;
67 struct spoolss_UserLevel1 level1
;
68 struct dcerpc_binding_handle
*b
= p
->binding_handle
;
71 level1
.client
= talloc_asprintf(tctx
, "\\\\%s", "smbtorture");
72 level1
.user
= username
;
78 r
.in
.printername
= printername
;
80 r
.in
.devmode_ctr
.devmode
= NULL
;
81 r
.in
.access_mask
= access_mask
;
83 r
.in
.userlevel
.level1
= &level1
;
84 r
.out
.handle
= handle
;
86 torture_comment(tctx
, "Testing OpenPrinterEx(%s) with access_mask 0x%08x\n",
87 r
.in
.printername
, r
.in
.access_mask
);
89 torture_assert_ntstatus_ok(tctx
,
90 dcerpc_spoolss_OpenPrinterEx_r(b
, tctx
, &r
),
91 "OpenPrinterEx failed");
92 torture_assert_werr_ok(tctx
, r
.out
.result
,
93 talloc_asprintf(tctx
, "OpenPrinterEx(%s) as '%s' with access_mask: 0x%08x failed",
94 r
.in
.printername
, username
, r
.in
.access_mask
));
99 static bool test_openprinter_access(struct torture_context
*tctx
,
100 struct dcerpc_pipe
*p
,
101 const char *printername
,
102 const char *username
,
103 uint32_t access_mask
)
105 struct policy_handle handle
;
106 struct dcerpc_binding_handle
*b
= p
->binding_handle
;
108 if (test_openprinter_handle(tctx
, p
, printername
, username
, access_mask
, &handle
)) {
109 test_ClosePrinter(tctx
, b
, &handle
);
116 static bool spoolss_access_setup_membership(struct torture_context
*tctx
,
117 struct dcerpc_pipe
*p
,
118 uint32_t num_members
,
120 struct dom_sid
*user_sid
)
122 struct dcerpc_binding_handle
*b
= p
->binding_handle
;
123 struct policy_handle connect_handle
, domain_handle
;
127 struct samr_Connect2 r
;
128 r
.in
.system_name
= "";
129 r
.in
.access_mask
= SEC_FLAG_MAXIMUM_ALLOWED
;
130 r
.out
.connect_handle
= &connect_handle
;
132 torture_assert_ntstatus_ok(tctx
,
133 dcerpc_samr_Connect2_r(b
, tctx
, &r
),
134 "samr_Connect2 failed");
135 torture_assert_ntstatus_ok(tctx
, r
.out
.result
,
136 "samr_Connect2 failed");
140 struct samr_OpenDomain r
;
141 r
.in
.connect_handle
= &connect_handle
;
142 r
.in
.access_mask
= SEC_FLAG_MAXIMUM_ALLOWED
;
143 r
.in
.sid
= dom_sid_parse_talloc(tctx
, "S-1-5-32");
144 r
.out
.domain_handle
= &domain_handle
;
146 torture_assert_ntstatus_ok(tctx
,
147 dcerpc_samr_OpenDomain_r(b
, tctx
, &r
),
148 "samr_OpenDomain failed");
149 torture_assert_ntstatus_ok(tctx
, r
.out
.result
,
150 "samr_OpenDomain failed");
153 for (i
=0; i
< num_members
; i
++) {
155 struct policy_handle alias_handle
;
158 struct samr_OpenAlias r
;
159 r
.in
.domain_handle
= &domain_handle
;
160 r
.in
.access_mask
= SEC_FLAG_MAXIMUM_ALLOWED
;
161 r
.in
.rid
= members
[i
];
162 r
.out
.alias_handle
= &alias_handle
;
164 torture_assert_ntstatus_ok(tctx
,
165 dcerpc_samr_OpenAlias_r(b
, tctx
, &r
),
166 "samr_OpenAlias failed");
167 torture_assert_ntstatus_ok(tctx
, r
.out
.result
,
168 "samr_OpenAlias failed");
172 struct samr_AddAliasMember r
;
173 r
.in
.alias_handle
= &alias_handle
;
176 torture_assert_ntstatus_ok(tctx
,
177 dcerpc_samr_AddAliasMember_r(b
, tctx
, &r
),
178 "samr_AddAliasMember failed");
179 torture_assert_ntstatus_ok(tctx
, r
.out
.result
,
180 "samr_AddAliasMember failed");
183 test_samr_handle_Close(b
, tctx
, &alias_handle
);
186 test_samr_handle_Close(b
, tctx
, &domain_handle
);
187 test_samr_handle_Close(b
, tctx
, &connect_handle
);
192 static void init_lsa_StringLarge(struct lsa_StringLarge
*name
, const char *s
)
196 static void init_lsa_String(struct lsa_String
*name
, const char *s
)
201 static bool spoolss_access_setup_privs(struct torture_context
*tctx
,
202 struct dcerpc_pipe
*p
,
205 struct dom_sid
*user_sid
,
208 struct dcerpc_binding_handle
*b
= p
->binding_handle
;
209 struct policy_handle
*handle
;
213 test_lsa_OpenPolicy2(b
, tctx
, &handle
),
214 "failed to open policy");
216 for (i
=0; i
< num_privs
; i
++) {
217 struct lsa_LookupPrivValue r
;
218 struct lsa_LUID luid
;
219 struct lsa_String name
;
221 init_lsa_String(&name
, privs
[i
]);
223 r
.in
.handle
= handle
;
227 torture_assert_ntstatus_ok(tctx
,
228 dcerpc_lsa_LookupPrivValue_r(b
, tctx
, &r
),
229 "lsa_LookupPrivValue failed");
230 if (!NT_STATUS_IS_OK(r
.out
.result
)) {
231 torture_comment(tctx
, "lsa_LookupPrivValue failed for '%s' with %s\n",
232 privs
[i
], nt_errstr(r
.out
.result
));
233 *privs_present
= false;
238 *privs_present
= true;
241 struct lsa_AddAccountRights r
;
242 struct lsa_RightSet rights
;
244 rights
.count
= num_privs
;
245 rights
.names
= talloc_zero_array(tctx
, struct lsa_StringLarge
, rights
.count
);
247 for (i
=0; i
< rights
.count
; i
++) {
248 init_lsa_StringLarge(&rights
.names
[i
], privs
[i
]);
251 r
.in
.handle
= handle
;
253 r
.in
.rights
= &rights
;
255 torture_assert_ntstatus_ok(tctx
,
256 dcerpc_lsa_AddAccountRights_r(b
, tctx
, &r
),
257 "lsa_AddAccountRights failed");
258 torture_assert_ntstatus_ok(tctx
, r
.out
.result
,
259 "lsa_AddAccountRights failed");
262 test_lsa_Close(b
, tctx
, handle
);
267 static bool test_SetPrinter(struct torture_context
*tctx
,
268 struct dcerpc_binding_handle
*b
,
269 struct policy_handle
*handle
,
270 struct spoolss_SetPrinterInfoCtr
*info_ctr
,
271 struct spoolss_DevmodeContainer
*devmode_ctr
,
272 struct sec_desc_buf
*secdesc_ctr
,
273 enum spoolss_PrinterControl command
)
275 struct spoolss_SetPrinter r
;
277 r
.in
.handle
= handle
;
278 r
.in
.info_ctr
= info_ctr
;
279 r
.in
.devmode_ctr
= devmode_ctr
;
280 r
.in
.secdesc_ctr
= secdesc_ctr
;
281 r
.in
.command
= command
;
283 torture_comment(tctx
, "Testing SetPrinter level %d\n", r
.in
.info_ctr
->level
);
285 torture_assert_ntstatus_ok(tctx
, dcerpc_spoolss_SetPrinter_r(b
, tctx
, &r
),
286 "failed to call SetPrinter");
287 torture_assert_werr_ok(tctx
, r
.out
.result
,
288 "failed to call SetPrinter");
293 static bool spoolss_access_setup_sd(struct torture_context
*tctx
,
294 struct dcerpc_pipe
*p
,
295 const char *printername
,
296 struct dom_sid
*user_sid
,
297 struct security_descriptor
**sd_orig
)
299 struct dcerpc_binding_handle
*b
= p
->binding_handle
;
300 struct policy_handle handle
;
301 union spoolss_PrinterInfo info
;
302 struct spoolss_SetPrinterInfoCtr info_ctr
;
303 struct spoolss_SetPrinterInfo3 info3
;
304 struct spoolss_DevmodeContainer devmode_ctr
;
305 struct sec_desc_buf secdesc_ctr
;
306 struct security_ace
*ace
;
307 struct security_descriptor
*sd
;
310 test_openprinter_handle(tctx
, p
, printername
, "", SEC_FLAG_MAXIMUM_ALLOWED
, &handle
),
311 "failed to open printer");
314 test_GetPrinter_level(tctx
, b
, &handle
, 3, &info
),
317 sd
= security_descriptor_copy(tctx
, info
.info3
.secdesc
);
318 *sd_orig
= security_descriptor_copy(tctx
, info
.info3
.secdesc
);
320 ace
= talloc_zero(tctx
, struct security_ace
);
322 ace
->type
= SEC_ACE_TYPE_ACCESS_ALLOWED
;
324 ace
->access_mask
= PRINTER_ALL_ACCESS
;
325 ace
->trustee
= *user_sid
;
327 torture_assert_ntstatus_ok(tctx
,
328 security_descriptor_dacl_add(sd
, ace
),
329 "failed to add new ace");
331 ace
= talloc_zero(tctx
, struct security_ace
);
333 ace
->type
= SEC_ACE_TYPE_ACCESS_ALLOWED
;
334 ace
->flags
= SEC_ACE_FLAG_OBJECT_INHERIT
|
335 SEC_ACE_FLAG_CONTAINER_INHERIT
|
336 SEC_ACE_FLAG_INHERIT_ONLY
;
337 ace
->access_mask
= SEC_GENERIC_ALL
;
338 ace
->trustee
= *user_sid
;
340 torture_assert_ntstatus_ok(tctx
,
341 security_descriptor_dacl_add(sd
, ace
),
342 "failed to add new ace");
345 ZERO_STRUCT(info_ctr
);
346 ZERO_STRUCT(devmode_ctr
);
347 ZERO_STRUCT(secdesc_ctr
);
350 info_ctr
.info
.info3
= &info3
;
354 test_SetPrinter(tctx
, b
, &handle
, &info_ctr
, &devmode_ctr
, &secdesc_ctr
, 0),
360 static bool test_EnumPrinters_findone(struct torture_context
*tctx
,
361 struct dcerpc_pipe
*p
,
362 const char **printername
)
364 struct spoolss_EnumPrinters r
;
366 union spoolss_PrinterInfo
*info
;
369 struct dcerpc_binding_handle
*b
= p
->binding_handle
;
373 r
.in
.flags
= PRINTER_ENUM_LOCAL
;
374 r
.in
.server
= talloc_asprintf(tctx
, "\\\\%s", dcerpc_server_name(p
));
378 r
.out
.count
= &count
;
380 r
.out
.needed
= &needed
;
382 torture_assert_ntstatus_ok(tctx
,
383 dcerpc_spoolss_EnumPrinters_r(b
, tctx
, &r
),
384 "failed to enum printers");
386 if (W_ERROR_EQUAL(r
.out
.result
, WERR_INSUFFICIENT_BUFFER
)) {
387 DATA_BLOB blob
= data_blob_talloc_zero(tctx
, needed
);
389 r
.in
.offered
= needed
;
391 torture_assert_ntstatus_ok(tctx
,
392 dcerpc_spoolss_EnumPrinters_r(b
, tctx
, &r
),
393 "failed to enum printers");
396 torture_assert_werr_ok(tctx
, r
.out
.result
,
397 "failed to enum printers");
399 for (i
=0; i
< count
; i
++) {
401 *printername
= talloc_strdup(tctx
, info
[i
].info1
.name
);
409 static bool torture_rpc_spoolss_access_setup_common(struct torture_context
*tctx
, struct torture_access_context
*t
)
412 const char *testuser_passwd
;
413 struct cli_credentials
*test_credentials
;
414 struct dom_sid
*test_sid
;
415 struct dcerpc_pipe
*p
;
416 const char *printername
;
417 const char *binding
= torture_setting_string(tctx
, "binding", NULL
);
418 struct dcerpc_pipe
*spoolss_pipe
;
420 testuser
= torture_create_testuser_max_pwlen(tctx
, t
->user
.username
,
421 torture_setting_string(tctx
, "workgroup", NULL
),
426 torture_fail(tctx
, "Failed to create test user");
429 test_credentials
= cli_credentials_init(tctx
);
430 cli_credentials_set_workstation(test_credentials
, "localhost", CRED_SPECIFIED
);
431 cli_credentials_set_domain(test_credentials
, lp_workgroup(tctx
->lp_ctx
),
433 cli_credentials_set_username(test_credentials
, t
->user
.username
, CRED_SPECIFIED
);
434 cli_credentials_set_password(test_credentials
, testuser_passwd
, CRED_SPECIFIED
);
435 test_sid
= torture_join_user_sid(testuser
);
437 if (t
->user
.num_builtin_memberships
) {
438 struct dcerpc_pipe
*samr_pipe
= torture_join_samr_pipe(testuser
);
441 spoolss_access_setup_membership(tctx
, samr_pipe
,
442 t
->user
.num_builtin_memberships
,
443 t
->user
.builtin_memberships
,
445 "failed to setup membership");
448 if (t
->user
.num_privs
) {
449 struct dcerpc_pipe
*lsa_pipe
;
451 torture_assert_ntstatus_ok(tctx
,
452 torture_rpc_connection(tctx
, &lsa_pipe
, &ndr_table_lsarpc
),
453 "Error connecting to server");
456 spoolss_access_setup_privs(tctx
, lsa_pipe
,
460 &t
->user
.privs_present
),
461 "failed to setup privs");
462 talloc_free(lsa_pipe
);
465 torture_assert_ntstatus_ok(tctx
,
466 torture_rpc_connection(tctx
, &spoolss_pipe
, &ndr_table_spoolss
),
467 "Error connecting to server");
470 test_EnumPrinters_findone(tctx
, spoolss_pipe
, &printername
),
471 "failed to enumerate printers");
473 if (t
->user
.sd
&& printername
) {
475 spoolss_access_setup_sd(tctx
, spoolss_pipe
,
479 "failed to setup sd");
482 talloc_free(spoolss_pipe
);
484 torture_assert_ntstatus_ok(tctx
,
485 dcerpc_pipe_connect(tctx
, &p
, binding
, &ndr_table_spoolss
,
486 test_credentials
, tctx
->ev
, tctx
->lp_ctx
),
487 "Error connecting to server");
490 t
->printername
= printername
;
491 t
->user
.testuser
= testuser
;
496 static bool torture_rpc_spoolss_access_setup(struct torture_context
*tctx
, void **data
)
498 struct torture_access_context
*t
;
500 *data
= t
= talloc_zero(tctx
, struct torture_access_context
);
502 t
->user
.username
= talloc_strdup(t
, TORTURE_USER
);
504 return torture_rpc_spoolss_access_setup_common(tctx
, t
);
507 static bool torture_rpc_spoolss_access_admin_setup(struct torture_context
*tctx
, void **data
)
509 struct torture_access_context
*t
;
511 *data
= t
= talloc_zero(tctx
, struct torture_access_context
);
513 t
->user
.num_builtin_memberships
= 1;
514 t
->user
.builtin_memberships
= talloc_zero_array(t
, uint32_t, t
->user
.num_builtin_memberships
);
515 t
->user
.builtin_memberships
[0] = BUILTIN_RID_ADMINISTRATORS
;
516 t
->user
.username
= talloc_strdup(t
, TORTURE_USER_ADMINGROUP
);
518 return torture_rpc_spoolss_access_setup_common(tctx
, t
);
521 static bool torture_rpc_spoolss_access_printop_setup(struct torture_context
*tctx
, void **data
)
523 struct torture_access_context
*t
;
525 *data
= t
= talloc_zero(tctx
, struct torture_access_context
);
527 t
->user
.num_builtin_memberships
= 1;
528 t
->user
.builtin_memberships
= talloc_zero_array(t
, uint32_t, t
->user
.num_builtin_memberships
);
529 t
->user
.builtin_memberships
[0] = BUILTIN_RID_PRINT_OPERATORS
;
530 t
->user
.username
= talloc_strdup(t
, TORTURE_USER_PRINTOPGROUP
);
532 return torture_rpc_spoolss_access_setup_common(tctx
, t
);
535 static bool torture_rpc_spoolss_access_priv_setup(struct torture_context
*tctx
, void **data
)
537 struct torture_access_context
*t
;
539 *data
= t
= talloc_zero(tctx
, struct torture_access_context
);
541 t
->user
.username
= talloc_strdup(t
, TORTURE_USER_PRINTOPPRIV
);
542 t
->user
.num_privs
= 1;
543 t
->user
.privs
= talloc_zero_array(t
, const char *, t
->user
.num_privs
);
544 t
->user
.privs
[0] = talloc_strdup(t
, "SePrintOperatorPrivilege");
546 return torture_rpc_spoolss_access_setup_common(tctx
, t
);
549 static bool torture_rpc_spoolss_access_sd_setup(struct torture_context
*tctx
, void **data
)
551 struct torture_access_context
*t
;
553 *data
= t
= talloc_zero(tctx
, struct torture_access_context
);
555 t
->user
.username
= talloc_strdup(t
, TORTURE_USER_SD
);
558 return torture_rpc_spoolss_access_setup_common(tctx
, t
);
561 static bool torture_rpc_spoolss_access_teardown_common(struct torture_context
*tctx
, struct torture_access_context
*t
)
563 if (t
->user
.testuser
) {
564 torture_leave_domain(tctx
, t
->user
.testuser
);
567 /* remove membership ? */
568 if (t
->user
.num_builtin_memberships
) {
572 if (t
->user
.num_privs
) {
576 if (t
->user
.sd
&& t
->printername
) {
577 struct policy_handle handle
;
578 struct spoolss_SetPrinterInfoCtr info_ctr
;
579 struct spoolss_SetPrinterInfo3 info3
;
580 struct spoolss_DevmodeContainer devmode_ctr
;
581 struct sec_desc_buf secdesc_ctr
;
582 struct dcerpc_pipe
*spoolss_pipe
;
583 struct dcerpc_binding_handle
*b
;
585 torture_assert_ntstatus_ok(tctx
,
586 torture_rpc_connection(tctx
, &spoolss_pipe
, &ndr_table_spoolss
),
587 "Error connecting to server");
589 b
= spoolss_pipe
->binding_handle
;
591 ZERO_STRUCT(info_ctr
);
593 ZERO_STRUCT(devmode_ctr
);
594 ZERO_STRUCT(secdesc_ctr
);
597 info_ctr
.info
.info3
= &info3
;
598 secdesc_ctr
.sd
= t
->sd_orig
;
601 test_openprinter_handle(tctx
, spoolss_pipe
, t
->printername
, "", SEC_FLAG_MAXIMUM_ALLOWED
, &handle
),
602 "failed to open printer");
605 test_SetPrinter(tctx
, b
, &handle
, &info_ctr
, &devmode_ctr
, &secdesc_ctr
, 0),
608 talloc_free(spoolss_pipe
);
614 static bool torture_rpc_spoolss_access_teardown(struct torture_context
*tctx
, void *data
)
616 struct torture_access_context
*t
= talloc_get_type(data
, struct torture_access_context
);
619 ret
= torture_rpc_spoolss_access_teardown_common(tctx
, t
);
625 static bool test_openprinter(struct torture_context
*tctx
,
628 struct torture_access_context
*t
=
629 (struct torture_access_context
*)talloc_get_type_abort(private_data
, struct torture_access_context
);
630 struct dcerpc_pipe
*p
= t
->spoolss_pipe
;
632 const char *printername
;
633 const char *username
= t
->user
.username
;
635 printername
= talloc_asprintf(tctx
, "\\\\%s", dcerpc_server_name(p
));
637 ret
&= test_openprinter_access(tctx
, p
, printername
, username
, 0);
638 ret
&= test_openprinter_access(tctx
, p
, printername
, username
, SEC_FLAG_MAXIMUM_ALLOWED
);
639 ret
&= test_openprinter_access(tctx
, p
, printername
, username
, SERVER_ACCESS_ENUMERATE
);
640 ret
&= test_openprinter_access(tctx
, p
, printername
, username
, SERVER_READ
);
642 if (t
->printername
== NULL
) {
646 printername
= t
->printername
;
648 ret
&= test_openprinter_access(tctx
, p
, printername
, username
, 0);
649 ret
&= test_openprinter_access(tctx
, p
, printername
, username
, SEC_FLAG_MAXIMUM_ALLOWED
);
650 ret
&= test_openprinter_access(tctx
, p
, printername
, username
, PRINTER_ACCESS_USE
);
651 ret
&= test_openprinter_access(tctx
, p
, printername
, username
, PRINTER_READ
);
656 static bool test_openprinter_admin(struct torture_context
*tctx
,
659 struct torture_access_context
*t
=
660 (struct torture_access_context
*)talloc_get_type_abort(private_data
, struct torture_access_context
);
661 struct dcerpc_pipe
*p
= t
->spoolss_pipe
;
663 const char *printername
;
664 const char *username
= t
->user
.username
;
666 if (t
->user
.num_privs
&& !t
->user
.privs_present
) {
667 torture_skip(tctx
, "skipping test as not all required privileges are present on the server\n");
674 printername
= talloc_asprintf(tctx
, "\\\\%s", dcerpc_server_name(p
));
676 ret
&= test_openprinter_access(tctx
, p
, printername
, username
, 0);
677 ret
&= test_openprinter_access(tctx
, p
, printername
, username
, SEC_FLAG_MAXIMUM_ALLOWED
);
678 ret
&= test_openprinter_access(tctx
, p
, printername
, username
, SERVER_ACCESS_ENUMERATE
);
679 ret
&= test_openprinter_access(tctx
, p
, printername
, username
, SERVER_ACCESS_ADMINISTER
);
680 ret
&= test_openprinter_access(tctx
, p
, printername
, username
, SERVER_READ
);
681 ret
&= test_openprinter_access(tctx
, p
, printername
, username
, SERVER_WRITE
);
682 ret
&= test_openprinter_access(tctx
, p
, printername
, username
, SERVER_EXECUTE
);
683 ret
&= test_openprinter_access(tctx
, p
, printername
, username
, SERVER_ALL_ACCESS
);
686 if (t
->printername
== NULL
) {
690 printername
= t
->printername
;
692 ret
&= test_openprinter_access(tctx
, p
, printername
, username
, 0);
693 ret
&= test_openprinter_access(tctx
, p
, printername
, username
, SEC_FLAG_MAXIMUM_ALLOWED
);
694 ret
&= test_openprinter_access(tctx
, p
, printername
, username
, PRINTER_ACCESS_USE
);
695 ret
&= test_openprinter_access(tctx
, p
, printername
, username
, PRINTER_ACCESS_ADMINISTER
);
696 ret
&= test_openprinter_access(tctx
, p
, printername
, username
, PRINTER_READ
);
697 ret
&= test_openprinter_access(tctx
, p
, printername
, username
, PRINTER_WRITE
);
698 ret
&= test_openprinter_access(tctx
, p
, printername
, username
, PRINTER_EXECUTE
);
699 ret
&= test_openprinter_access(tctx
, p
, printername
, username
, PRINTER_ALL_ACCESS
);
704 static bool test_openprinter_wrap(struct torture_context
*tctx
,
705 struct dcerpc_pipe
*p
)
707 struct torture_access_context
*t
;
708 const char *printername
;
711 t
= talloc_zero(tctx
, struct torture_access_context
);
713 t
->user
.username
= talloc_strdup(tctx
, "dummy");
717 test_EnumPrinters_findone(tctx
, p
, &printername
),
718 "failed to enumerate printers");
720 t
->printername
= printername
;
722 ret
= test_openprinter(tctx
, (void *)t
);
729 struct torture_suite
*torture_rpc_spoolss_access(TALLOC_CTX
*mem_ctx
)
731 struct torture_suite
*suite
= torture_suite_create(mem_ctx
, "SPOOLSS-ACCESS");
732 struct torture_tcase
*tcase
;
733 struct torture_rpc_tcase
*rpc_tcase
;
735 tcase
= torture_suite_add_tcase(suite
, "normaluser");
737 torture_tcase_set_fixture(tcase
,
738 torture_rpc_spoolss_access_setup
,
739 torture_rpc_spoolss_access_teardown
);
741 torture_tcase_add_simple_test(tcase
, "openprinter", test_openprinter
);
743 tcase
= torture_suite_add_tcase(suite
, "adminuser");
745 torture_tcase_set_fixture(tcase
,
746 torture_rpc_spoolss_access_admin_setup
,
747 torture_rpc_spoolss_access_teardown
);
749 torture_tcase_add_simple_test(tcase
, "openprinter", test_openprinter
);
750 torture_tcase_add_simple_test(tcase
, "openprinter_admin", test_openprinter_admin
);
752 tcase
= torture_suite_add_tcase(suite
, "printopuser");
754 torture_tcase_set_fixture(tcase
,
755 torture_rpc_spoolss_access_printop_setup
,
756 torture_rpc_spoolss_access_teardown
);
758 torture_tcase_add_simple_test(tcase
, "openprinter", test_openprinter
);
759 torture_tcase_add_simple_test(tcase
, "openprinter_admin", test_openprinter_admin
);
761 tcase
= torture_suite_add_tcase(suite
, "printopuserpriv");
763 torture_tcase_set_fixture(tcase
,
764 torture_rpc_spoolss_access_priv_setup
,
765 torture_rpc_spoolss_access_teardown
);
767 torture_tcase_add_simple_test(tcase
, "openprinter", test_openprinter
);
768 torture_tcase_add_simple_test(tcase
, "openprinter_admin", test_openprinter_admin
);
770 tcase
= torture_suite_add_tcase(suite
, "normaluser_sd");
772 torture_tcase_set_fixture(tcase
,
773 torture_rpc_spoolss_access_sd_setup
,
774 torture_rpc_spoolss_access_teardown
);
776 torture_tcase_add_simple_test(tcase
, "openprinter", test_openprinter
);
777 torture_tcase_add_simple_test(tcase
, "openprinter_admin", test_openprinter_admin
);
779 rpc_tcase
= torture_suite_add_machine_workstation_rpc_iface_tcase(suite
, "workstation",
781 TORTURE_WORKSTATION
);
783 torture_rpc_tcase_add_test(rpc_tcase
, "openprinter", test_openprinter_wrap
);