adminauthorization_win.cpp

 
#include "adminauthorization_p.h"
 
#include <QtCore/QSettings>
#include <QtCore/QVariant>
#include <QtCore/QDir>
#include <QtCore/qt_windows.h>
 
using namespace RabbitCommon;
 
static QString qt_create_commandline(const QStringList &arguments);
 
struct DeCoInitializer
{
    DeCoInitializer()
        : neededCoInit(CoInitialize(NULL) == S_OK)
    {}
 
    ~DeCoInitializer()
    {
        if (neededCoInit)
            CoUninitialize();
    }
    bool neededCoInit;
};
 
bool CAdminAuthorization::hasAdminRights()
{
    SID_IDENTIFIER_AUTHORITY authority = { SECURITY_NT_AUTHORITY };
    PSID adminGroup;
    // Initialize SID.
    if (!AllocateAndInitializeSid(&authority,
                                  2,
                                  SECURITY_BUILTIN_DOMAIN_RID,
                                  DOMAIN_ALIAS_RID_ADMINS,
                                  0, 0, 0, 0, 0, 0,
                                  &adminGroup))
        return false;
 
    BOOL isInAdminGroup = FALSE;
    if (!CheckTokenMembership(0, adminGroup, &isInAdminGroup))
        isInAdminGroup = FALSE;
 
    FreeSid(adminGroup);
    return (bool)isInAdminGroup;
}
 
bool CAdminAuthorization::executeAsAdmin(const QString &program, const QStringList &arguments)
{
    DeCoInitializer _;
 
    // AdminAuthorization::execute uses UAC to ask for admin privileges. If the user is no
    // administrator yet and the computer's policies are set to not use UAC (which is the case
    // in some corporate networks), the call to execute() will simply succeed and not at all
    // launch the child process. To avoid this, we detect this situation here and return early.
    if (!hasAdminRights()) {
        QLatin1String key("HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System");
        QSettings registry(key, QSettings::NativeFormat);
        const QVariant enableLUA = registry.value(QLatin1String("EnableLUA"));
        if (
#if QT_VERSION >= QT_VERSION_CHECK(6,0,0)
            (enableLUA.typeId() == QMetaType::Int)
#else
            (enableLUA.type() == QVariant::Int)
#endif
            && (enableLUA.toInt() == 0))
            return false;
    }
 
    const QString file = QDir::toNativeSeparators(program);
    const QString args = qt_create_commandline(arguments);
 
    SHELLEXECUTEINFOW shellExecuteInfo;
    ZeroMemory(&shellExecuteInfo, sizeof(SHELLEXECUTEINFOW));
    shellExecuteInfo.cbSize = sizeof(SHELLEXECUTEINFOW);
    shellExecuteInfo.lpVerb = L"runas";
    shellExecuteInfo.lpFile = (wchar_t *)file.utf16();
    shellExecuteInfo.lpParameters = (wchar_t *)args.utf16();
    shellExecuteInfo.nShow = SW_SHOW;
 
    if (ShellExecuteExW(&shellExecuteInfo))
        return true;
    else
        return false;
}
 
QString qt_create_commandline(const QStringList &arguments)
{
    QString args;
    for (int i = 0; i < arguments.size(); ++i) {
        QString tmp = arguments.at(i);
        // in the case of \" already being in the string the \ must also be escaped
        tmp.replace(QLatin1String("\\\""), QLatin1String("\\\\\""));
        // escape a single " because the arguments will be parsed
        tmp.replace(QLatin1Char('\"'), QLatin1String("\\\""));
        if (tmp.isEmpty() || tmp.contains(QLatin1Char(' ')) || tmp.contains(QLatin1Char('\t'))) {
            // The argument must not end with a \ since this would be interpreted
            // as escaping the quote -- rather put the \ behind the quote: e.g.
            // rather use "foo"\ than "foo\"
            QString endQuote(QLatin1Char('\"'));
            int i = tmp.length();
            while (i > 0 && tmp.at(i - 1) == QLatin1Char('\\')) {
                --i;
                endQuote += QLatin1Char('\\');
            }
            args += QLatin1String(" \"") + tmp.left(i) + endQuote;
        } else {
            args += QLatin1Char(' ') + tmp;
        }
    }
    return args;
}