From ea853c8edd549450048d671ab2ea001f1709f9e1 Mon Sep 17 00:00:00 2001
From: =?utf8?q?G=C3=BCnther=20Deschner?= <gd@samba.org>
Date: Fri, 31 Oct 2008 22:03:32 +0100
Subject: [PATCH] s3-samr: remove duplicate copies of Alias Object specific
 access rights.

Guenther
(cherry picked from commit 14efefad6fab7287f7b4880175003cbd413f280b)
---
 source/include/rpc_secdes.h     | 28 ----------------------------
 source/librpc/gen_ndr/samr.h    |  5 +++++
 source/rpc_server/srv_samr_nt.c | 10 +++++-----
 3 files changed, 10 insertions(+), 33 deletions(-)

diff --git a/source/include/rpc_secdes.h b/source/include/rpc_secdes.h
index 9671b571384..d2b2c2a2b20 100644
--- a/source/include/rpc_secdes.h
+++ b/source/include/rpc_secdes.h
@@ -214,34 +214,6 @@ struct standard_mapping {
 		SA_RIGHT_FILE_WRITE_DATA	| \
 		SA_RIGHT_FILE_READ_DATA)
 
-/* Alias Object specific access rights */
-
-#define SA_RIGHT_ALIAS_ADD_MEMBER	0x00000001
-#define SA_RIGHT_ALIAS_REMOVE_MEMBER	0x00000002
-#define SA_RIGHT_ALIAS_GET_MEMBERS	0x00000004
-#define SA_RIGHT_ALIAS_LOOKUP_INFO	0x00000008
-#define SA_RIGHT_ALIAS_SET_INFO		0x00000010
-
-#define SA_RIGHT_ALIAS_ALL_ACCESS 	0x0000001F
-
-#define GENERIC_RIGHTS_ALIAS_ALL_ACCESS \
-		(STANDARD_RIGHTS_REQUIRED_ACCESS| \
-		SA_RIGHT_ALIAS_ALL_ACCESS)	/* 0x000f001f */
-
-#define GENERIC_RIGHTS_ALIAS_READ \
-		(STANDARD_RIGHTS_READ_ACCESS	| \
-		SA_RIGHT_ALIAS_GET_MEMBERS )	/* 0x00020004 */
-
-#define GENERIC_RIGHTS_ALIAS_WRITE \
-		(STANDARD_RIGHTS_WRITE_ACCESS	| \
-		SA_RIGHT_ALIAS_REMOVE_MEMBER	| \
-		SA_RIGHT_ALIAS_ADD_MEMBER	| \
-		SA_RIGHT_ALIAS_SET_INFO )	/* 0x00020013 */
-
-#define GENERIC_RIGHTS_ALIAS_EXECUTE \
-		(STANDARD_RIGHTS_EXECUTE_ACCESS	| \
-		SA_RIGHT_ALIAS_LOOKUP_INFO )	/* 0x00020008 */
-
 /*
  * Acces bits for the svcctl objects
  */
diff --git a/source/librpc/gen_ndr/samr.h b/source/librpc/gen_ndr/samr.h
index 2f04aa5d27f..a60cfae12f4 100644
--- a/source/librpc/gen_ndr/samr.h
+++ b/source/librpc/gen_ndr/samr.h
@@ -28,6 +28,11 @@
 #define GENERIC_RIGHTS_GROUP_READ	( (STANDARD_RIGHTS_READ_ACCESS|SAMR_GROUP_ACCESS_GET_MEMBERS) )
 #define GENERIC_RIGHTS_GROUP_WRITE	( (STANDARD_RIGHTS_WRITE_ACCESS|SAMR_GROUP_ACCESS_REMOVE_MEMBER|SAMR_GROUP_ACCESS_ADD_MEMBER|SAMR_GROUP_ACCESS_SET_INFO) )
 #define GENERIC_RIGHTS_GROUP_EXECUTE	( (STANDARD_RIGHTS_EXECUTE_ACCESS|SAMR_GROUP_ACCESS_LOOKUP_INFO) )
+#define SAMR_ALIAS_ACCESS_ALL_ACCESS	( 0x0000001F )
+#define GENERIC_RIGHTS_ALIAS_ALL_ACCESS	( (STANDARD_RIGHTS_REQUIRED_ACCESS|SAMR_ALIAS_ACCESS_ALL_ACCESS) )
+#define GENERIC_RIGHTS_ALIAS_READ	( (STANDARD_RIGHTS_READ_ACCESS|SAMR_ALIAS_ACCESS_GET_MEMBERS) )
+#define GENERIC_RIGHTS_ALIAS_WRITE	( (STANDARD_RIGHTS_WRITE_ACCESS|SAMR_ALIAS_ACCESS_REMOVE_MEMBER|SAMR_ALIAS_ACCESS_ADD_MEMBER|SAMR_ALIAS_ACCESS_SET_INFO) )
+#define GENERIC_RIGHTS_ALIAS_EXECUTE	( (STANDARD_RIGHTS_EXECUTE_ACCESS|SAMR_ALIAS_ACCESS_LOOKUP_INFO) )
 #define MAX_SAM_ENTRIES_W2K	( 0x400 )
 #define MAX_SAM_ENTRIES_W95	( 50 )
 #define SAMR_ENUM_USERS_MULTIPLIER	( 54 )
diff --git a/source/rpc_server/srv_samr_nt.c b/source/rpc_server/srv_samr_nt.c
index af2fd09f721..8edccb6939e 100644
--- a/source/rpc_server/srv_samr_nt.c
+++ b/source/rpc_server/srv_samr_nt.c
@@ -1737,7 +1737,7 @@ NTSTATUS _samr_QueryAliasInfo(pipes_struct *p,
 		return NT_STATUS_INVALID_HANDLE;
 
 	status = access_check_samr_function(acc_granted,
-					    SA_RIGHT_ALIAS_LOOKUP_INFO,
+					    SAMR_ALIAS_ACCESS_LOOKUP_INFO,
 					    "_samr_QueryAliasInfo");
 	if (!NT_STATUS_IS_OK(status)) {
 		return status;
@@ -4472,7 +4472,7 @@ NTSTATUS _samr_GetMembersInAlias(pipes_struct *p,
 		return NT_STATUS_INVALID_HANDLE;
 
 	status = access_check_samr_function(acc_granted,
-					    SA_RIGHT_ALIAS_GET_MEMBERS,
+					    SAMR_ALIAS_ACCESS_GET_MEMBERS,
 					    "_samr_GetMembersInAlias");
 	if (!NT_STATUS_IS_OK(status)) {
 		return status;
@@ -4604,7 +4604,7 @@ NTSTATUS _samr_AddAliasMember(pipes_struct *p,
 		return NT_STATUS_INVALID_HANDLE;
 
 	status = access_check_samr_function(acc_granted,
-					    SA_RIGHT_ALIAS_ADD_MEMBER,
+					    SAMR_ALIAS_ACCESS_ADD_MEMBER,
 					    "_samr_AddAliasMember");
 	if (!NT_STATUS_IS_OK(status)) {
 		return status;
@@ -4653,7 +4653,7 @@ NTSTATUS _samr_DeleteAliasMember(pipes_struct *p,
 		return NT_STATUS_INVALID_HANDLE;
 
 	status = access_check_samr_function(acc_granted,
-					    SA_RIGHT_ALIAS_REMOVE_MEMBER,
+					    SAMR_ALIAS_ACCESS_REMOVE_MEMBER,
 					    "_samr_DeleteAliasMember");
 	if (!NT_STATUS_IS_OK(status)) {
 		return status;
@@ -5387,7 +5387,7 @@ NTSTATUS _samr_SetAliasInfo(pipes_struct *p,
 		return NT_STATUS_INVALID_HANDLE;
 
 	status = access_check_samr_function(acc_granted,
-					    SA_RIGHT_ALIAS_SET_INFO,
+					    SAMR_ALIAS_ACCESS_SET_INFO,
 					    "_samr_SetAliasInfo");
 	if (!NT_STATUS_IS_OK(status)) {
 		return status;
-- 
2.11.4.GIT