def get_profile_dir(username):
"""Return the user's profile directory."""
import _winreg, win32api
sid = win32security.ConvertSidToStringSid(
win32security.LookupAccountName(None, username)[0])
try:
key = _winreg.OpenKey(_winreg.HKEY_LOCAL_MACHINE,
r"SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList"+"\\"+sid)
except WindowsError:
raise ftpserver.AuthorizerError("No profile directory defined for %s "
"user" %username)
value = _winreg.QueryValueEx(key, "ProfileImagePath")[0]
return win32api.ExpandEnvironmentStrings(value)
def add_anonymous(self, homedir=None, realuser="******", **kwargs):
"""Add an anonymous user to the virtual users table.
If no homedir argument is specified the realuser's home
directory will possibly be determined and used.
realuser argument specifies the system user to use for managing
anonymous sessions. On many UNIX systems "nobody" is tipically
used but it may change (e.g. "ftp").
"""
users = [entry.pw_name for entry in pwd.getpwall()]
if not realuser in users:
raise ftpserver.AuthorizerError('No such user "%s".' % realuser)
if not homedir:
homedir = pwd.getpwnam(realuser).pw_dir
ftpserver.DummyAuthorizer.add_anonymous(self, homedir, **kwargs)
self.anon_user = realuser
def add_user(self, username, homedir=None, **kwargs):
"""Add a "real" system user to the virtual users table.
If no homedir argument is specified the user's profile
directory will possibly be determined and used.
The keyword arguments in kwargs are the same expected by the
original add_user method: "perm", "msg_login" and "msg_quit".
"""
# get the list of all available users on the system and check
# if provided username exists
users = [entry['name'] for entry in win32net.NetUserEnum(None, 0)[0]]
if not username in users:
raise ftpserver.AuthorizerError('No such user "%s".' %username)
if not homedir:
homedir = get_profile_dir(username)
ftpserver.DummyAuthorizer.add_user(self, username, '', homedir,
**kwargs)
def add_user(self, username, homedir=None, **kwargs):
"""Add a "real" system user to the virtual users table.
If no home argument is specified the user's home directory will
be used.
The keyword arguments in kwargs are the same expected by the
original add_user method: "perm", "msg_login" and "msg_quit".
"""
# get the list of all available users on the system and check
# if provided username exists
users = [entry.pw_name for entry in pwd.getpwall()]
if not username in users:
raise ftpserver.AuthorizerError('No such user "%s".' % username)
if not homedir:
homedir = pwd.getpwnam(username).pw_dir
ftpserver.DummyAuthorizer.add_user(self, username, '', homedir,
**kwargs)
def add_anonymous(self, homedir=None, realuser="******",
password="", **kwargs):
"""Add an anonymous user to the virtual users table.
If no homedir argument is specified the realuser's profile
directory will possibly be determined and used.
realuser and password arguments are the credentials to use for
managing anonymous sessions.
The same behaviour is followed in IIS where the Guest account
is used to do so (note: it must be enabled first).
"""
users = [entry['name'] for entry in win32net.NetUserEnum(None, 0)[0]]
if not realuser in users:
raise ftpserver.AuthorizerError('No such user "%s".' %realuser)
if not homedir:
homedir = get_profile_dir(realuser)
# make sure provided credentials are valid, otherwise an exception
# will be thrown; to do so we actually impersonate the user
self.impersonate_user(realuser, password)
self.terminate_impersonation()
ftpserver.DummyAuthorizer.add_anonymous(self, homedir, **kwargs)
self.anon_user = realuser
self.anon_pwd = password
def _check_permissions(self, username, perm):
# Like base implementation but don't warn about write permissions
# assigned to anonymous, since that's exactly our purpose.
for p in perm:
if p not in self.read_perms + self.write_perms:
raise ftpserver.AuthorizerError('No such permission "%s"' % p)