Python accounts.principal函数代码示例

def log_event(source, type="error", message=None, data=None, id=0, category=0, principal=core.UNSET):
    """Convenience function to log an event against an existing source.

    :param source: anything accepted by :func:`event_source`
    :param type: an :data:`EVENTLOG_TYPE`
    :param message: a string or list of strings
    :param data: a bytestring
    :param id: a number corresponding to the event message
    :param category: a number relevant to the event source
    :param principal: anything which :func:`accounts.principal` accepts [logged-on user]
    """
    type = EVENTLOG_TYPE.constant(type)
    principal = accounts.me() if principal is core.UNSET else accounts.principal(principal)
    if isinstance(message, basestring):
        message = [message]
    message = message or []

    with event_source(source) as hLog:
        wrapped(
            win32evtlog.ReportEvent,
            hLog,
            type,
            category,
            id,
            principal.pyobject(),
            message,
            data
        )

def _from_sid_and_attribute (data):
  sid, attributes = data
  #
  # SDK says that no attributes are defined at present,
  # so ignore them!
  #
  return accounts.principal (sid)

 def test_dace_tuple1 (self):
   dace1 = _aces.dace ((accounts.principal (everyone), ntsecuritycon.GENERIC_ALL, win32security.ACCESS_ALLOWED_ACE_TYPE))
   assert dace1.type == win32security.ACCESS_ALLOWED_ACE_TYPE
   assert dace1.is_allowed == True
   assert dace1._trustee.pyobject () == everyone
   assert dace1._access_mask == ntsecuritycon.GENERIC_ALL
   assert dace1.flags == _aces.ACE.FLAGS
   assert dace1.object_type is core.UNSET
   assert dace1.inherited_object_type is core.UNSET

def test_dace_tuple2 ():
  dace2 = _aces.dace ((accounts.principal ("Everyone"), "F", "ALLOW"))
  assert dace2.type == win32security.ACCESS_ALLOWED_ACE_TYPE
  assert dace2.is_allowed == True
  assert dace2._trustee.pyobject () == everyone
  assert dace2._access_mask == ntsecuritycon.GENERIC_ALL
  assert dace2.flags == _aces.ACE.FLAGS
  assert dace2.object_type is core.UNSET
  assert dace2.inherited_object_type is core.UNSET

def test_sace_tuple2 ():
  sace1 = _aces.sace ((accounts.principal ("Everyone"), "F", "FAILURE"))
  assert sace1.type == win32security.SYSTEM_AUDIT_ACE_TYPE
  assert not sace1.audit_success
  assert sace1.audit_failure
  assert sace1._trustee.pyobject () == everyone
  assert sace1._access_mask == ntsecuritycon.GENERIC_ALL
  assert sace1.flags == _aces.ACE.FLAGS
  assert sace1.object_type is core.UNSET
  assert sace1.inherited_object_type is core.UNSET

 def from_tuple (cls, ace_info):
   (trustee, access, audit_what) = ace_info
   audit_success, audit_failure = cls._audit_what (audit_what)
   return cls (
     trustee=accounts.principal (trustee), 
     access=cls._access (access), 
     type=ACE_TYPE.SYSTEM_AUDIT, 
     audit_success=audit_success, 
     audit_failure=audit_failure
   )

 def __init__ (self, event_log_name, event_log_entry):
   self._event_log_name = event_log_name
   self._event_log_entry = event_log_entry
   self.record_number = event_log_entry.RecordNumber
   self.time_generated = utils.from_pytime (event_log_entry.TimeGenerated)
   self.time_written = utils.from_pytime (event_log_entry.TimeWritten)
   self.event_id = event_log_entry.EventID
   self.event_type = event_log_entry.EventType
   self.event_category = event_log_entry.EventCategory
   self.sid = accounts.principal (event_log_entry.Sid)
   self.computer_name = event_log_entry.ComputerName
   self.source_name = event_log_entry.SourceName
   self.data = event_log_entry.Data
   self._message = None

  def from_ace (cls, ace):
    (type, flags) = ace[0]
    name = ACE_TYPE.name_from_value (type)
    if u"object" in name.lower ().split (u"_"):
      mask, object_type, inherited_object_type, sid = ace[1:]
    else:
      mask, sid = ace[1:]
      object_type = inherited_object_type = None

    if issubclass (cls, DACE):
      _class = DACE
    elif issubclass (cls, SACE):
      _class = SACE
    else:
      if name in ACE_TYPE.names (u"ACCESS_*"):
        _class = DACE
      else:
        _class = SACE

    return _class (accounts.principal (sid), mask, type, flags, object_type, inherited_object_type)

 def test_principal_None (self):
   assert accounts.principal (None) is None

def test_sace_ne_type ():
   assert \
    _aces.sace ((accounts.principal (everyone), ntsecuritycon.GENERIC_ALL, (1, 0))) != \
    _aces.sace ((accounts.principal ("Everyone"), "R", "FAILURE"))

def test_sace_ne_trustee ():
   assert \
    _aces.sace ((accounts.principal (everyone), ntsecuritycon.GENERIC_ALL, (1, 1))) != \
    _aces.sace ((accounts.principal ("Administrators"), "F", "ALL"))

def test_sace_eq ():
  assert \
    _aces.sace ((accounts.principal (everyone), ntsecuritycon.GENERIC_ALL, (1, 1))) == \
    _aces.sace ((accounts.principal ("Everyone"), "F", "ALL"))

 def test_principal_sid (self):
   everyone, domain, type = win32security.LookupAccountName (None, "Everyone")
   assert accounts.principal (everyone).pyobject () == everyone

import os, sys
import operator

from nose.tools import *
import utils

from winsys import core, accounts
from winsys._security import _aces
import win32security
import ntsecuritycon
import tempfile

everyone, _, _ = win32security.LookupAccountName (None, "Everyone")
me = accounts.me ()
administrators = accounts.principal ("Administrators")

filehandle = filename = None
def setup ():
  utils.change_priv (win32security.SE_SECURITY_NAME, True)
  global filehandle, filename
  filehandle, filename = tempfile.mkstemp ()
  print filename
  dacl = win32security.ACL ()
  dacl.AddAccessAllowedAceEx (win32security.ACL_REVISION_DS, 0, ntsecuritycon.FILE_READ_DATA, everyone)
  sacl = win32security.ACL ()
  sacl.AddAuditAccessAce (win32security.ACL_REVISION_DS, ntsecuritycon.FILE_READ_DATA, everyone, 1, 1)
  win32security.SetNamedSecurityInfo (
    filename, win32security.SE_FILE_OBJECT, 
    win32security.DACL_SECURITY_INFORMATION | win32security.SACL_SECURITY_INFORMATION, 
    None, None, dacl, sacl
  )

 def _set_trustee (self, trustee):
   if self.inherited:
     raise exc.x_access_denied (errctx=u"ACE._get_trustee", errmsg=u"Cannot change an inherited ACE")
   self._trustee = accounts.principal (trustee)