Skip to main content

endpoint_sec/event/
event_od_group_remove.rs

1//! [`EventOdGroupRemove`]
2
3use std::ffi::OsStr;
4
5use endpoint_sec_sys::es_event_od_group_remove_t;
6
7use crate::{AuditToken, OdMemberId, Process};
8
9/// Notification that a member was removed to a group.
10///
11/// This event does not indicate that a member was actually removed. For example when removing a
12/// user from a group they are not a member of.
13#[doc(alias = "es_event_od_group_remove_t")]
14pub struct EventOdGroupRemove<'a> {
15    /// The raw reference.
16    pub(crate) raw: &'a es_event_od_group_remove_t,
17    /// The version of the message.
18    pub(crate) version: u32,
19}
20
21impl<'a> EventOdGroupRemove<'a> {
22    /// Process that instigated operation (XPC caller).
23    #[inline(always)]
24    pub fn instigator(&self) -> Option<Process<'a>> {
25        // Safety: 'a tied to self, object obtained through ES
26        let process = unsafe { self.raw.instigator()? };
27        Some(Process::new(process, self.version))
28    }
29
30    /// Audit token of the process that instigated this event.
31    pub fn instigator_token(&self) -> AuditToken {
32        #[cfg(feature = "macos_15_0_0")]
33        if self.version >= 8 {
34            return AuditToken(self.raw.instigator_token);
35        }
36
37        // On old versions, the process was always non-null, and we can get
38        // its token easily.
39        self.instigator().unwrap().audit_token()
40    }
41
42    /// Result code for the operation.
43    #[inline(always)]
44    pub fn error_code(&self) -> i32 {
45        self.raw.error_code
46    }
47
48    /// The group to which the member was removed.
49    #[inline(always)]
50    pub fn group_name(&self) -> &'a OsStr {
51        // Safety: 'a tied to self, object obtained through ES
52        unsafe { self.raw.group_name.as_os_str() }
53    }
54
55    /// The identity of the member removed.
56    #[inline(always)]
57    pub fn member(&self) -> OdMemberId<'a> {
58        OdMemberId {
59            // Safety: 'a tied to self, object obtained through ES
60            raw: unsafe { self.raw.member.as_ref() },
61        }
62    }
63
64    /// OD node being mutated.
65    ///
66    /// Typically one of "/Local/Default", "/LDAPv3/<server>" or "/Active Directory/<domain>".
67    #[inline(always)]
68    pub fn node_name(&self) -> &'a OsStr {
69        // Safety: 'a tied to self, object obtained through ES
70        unsafe { self.raw.node_name.as_os_str() }
71    }
72
73    /// Optional. If node_name is "/Local/Default", this is, the path of the database against which
74    /// OD is authenticating.
75    #[inline(always)]
76    pub fn db_path(&self) -> Option<&'a OsStr> {
77        if self.node_name() == OsStr::new("/Local/Default") {
78            // Safety: 'a tied to self, object obtained through ES
79            Some(unsafe { self.raw.db_path.as_os_str() })
80        } else {
81            None
82        }
83    }
84}
85
86// Safety: safe to send across threads: does not contain any interior mutability nor depend on current thread state
87unsafe impl Send for EventOdGroupRemove<'_> {}
88// Safety: safe to share across threads: does not contain any interior mutability nor depend on current thread state
89unsafe impl Sync for EventOdGroupRemove<'_> {}
90
91impl_debug_eq_hash_with_functions!(EventOdGroupRemove<'a> with version; instigator, instigator_token, error_code, group_name, member, node_name, db_path);