Fixed issue with autostarting as admin even if it should as user, fixed issue with autostart permissions bug (#1538)
* Fixed issue with autostarting as admin even if it should as user, fixed permissions issue for autostart configuration * Indentation fix * Added support for all cases of autostart task modifying * Fix for compilation
This commit is contained in:
PrzemyslawTusinski
GitHub
Родитель
d8c1cb2629
Коммит
72eb76191f
|
|
@ -221,22 +221,25 @@ UINT __stdcall CreateScheduledTaskCA(MSIHANDLE hInstall) {
|
|||
}
|
||||
|
||||
// Run the task with the highest available privileges.
|
||||
hr = pPrincipal->put_RunLevel(TASK_RUNLEVEL_HIGHEST);
|
||||
hr = pPrincipal->put_RunLevel(TASK_RUNLEVEL_LUA);
|
||||
pPrincipal->Release();
|
||||
ExitOnFailure(hr, "Cannot put principal run level: %x", hr);
|
||||
|
||||
// ------------------------------------------------------
|
||||
// Save the task in the PowerToys folder.
|
||||
hr = pTaskFolder->RegisterTaskDefinition(
|
||||
_bstr_t(wstrTaskName.c_str()),
|
||||
pTask,
|
||||
TASK_CREATE_OR_UPDATE,
|
||||
_variant_t(username_domain),
|
||||
_variant_t(),
|
||||
TASK_LOGON_INTERACTIVE_TOKEN,
|
||||
_variant_t(L""),
|
||||
&pRegisteredTask);
|
||||
ExitOnFailure(hr, "Error saving the Task : %x", hr);
|
||||
{
|
||||
_variant_t SDDL_FULL_ACCESS_FOR_EVERYONE = L"D:(A;;FA;;;WD)";
|
||||
hr = pTaskFolder->RegisterTaskDefinition(
|
||||
_bstr_t(wstrTaskName.c_str()),
|
||||
pTask,
|
||||
TASK_CREATE_OR_UPDATE,
|
||||
_variant_t(username_domain),
|
||||
_variant_t(),
|
||||
TASK_LOGON_INTERACTIVE_TOKEN,
|
||||
SDDL_FULL_ACCESS_FOR_EVERYONE,
|
||||
&pRegisteredTask);
|
||||
ExitOnFailure(hr, "Error saving the Task : %x", hr);
|
||||
}
|
||||
|
||||
WcaLog(LOGMSG_STANDARD, "Scheduled task created for the current user.");
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,8 @@
|
|||
#include "pch.h"
|
||||
#include "auto_start_helper.h"
|
||||
|
||||
#include "general_settings.h"
|
||||
|
||||
#include <Lmcons.h>
|
||||
|
||||
#include <comdef.h>
|
||||
|
|
@ -35,7 +37,7 @@
|
|||
const DWORD USERNAME_DOMAIN_LEN = DNLEN + UNLEN + 2; // Domain Name + '\' + User Name + '\0'
|
||||
const DWORD USERNAME_LEN = UNLEN + 1; // User Name + '\0'
|
||||
|
||||
bool enable_auto_start_task_for_this_user()
|
||||
bool create_auto_start_task_for_this_user(bool runEvelvated)
|
||||
{
|
||||
HRESULT hr = S_OK;
|
||||
|
||||
|
|
@ -217,8 +219,7 @@ bool enable_auto_start_task_for_this_user()
|
|||
|
||||
hr = pPrincipal->put_LogonType(TASK_LOGON_INTERACTIVE_TOKEN);
|
||||
|
||||
// Run the task with the highest available privileges.
|
||||
if (IsUserAnAdmin())
|
||||
if (runEvelvated)
|
||||
{
|
||||
hr = pPrincipal->put_RunLevel(_TASK_RUNLEVEL::TASK_RUNLEVEL_HIGHEST);
|
||||
}
|
||||
|
|
@ -231,16 +232,19 @@ bool enable_auto_start_task_for_this_user()
|
|||
}
|
||||
// ------------------------------------------------------
|
||||
// Save the task in the PowerToys folder.
|
||||
hr = pTaskFolder->RegisterTaskDefinition(
|
||||
_bstr_t(wstrTaskName.c_str()),
|
||||
pTask,
|
||||
TASK_CREATE_OR_UPDATE,
|
||||
_variant_t(username_domain),
|
||||
_variant_t(),
|
||||
TASK_LOGON_INTERACTIVE_TOKEN,
|
||||
_variant_t(L""),
|
||||
&pRegisteredTask);
|
||||
ExitOnFailure(hr, "Error saving the Task : %x", hr);
|
||||
{
|
||||
_variant_t SDDL_FULL_ACCESS_FOR_EVERYONE = L"D:(A;;FA;;;WD)";
|
||||
hr = pTaskFolder->RegisterTaskDefinition(
|
||||
_bstr_t(wstrTaskName.c_str()),
|
||||
pTask,
|
||||
TASK_CREATE_OR_UPDATE,
|
||||
_variant_t(username_domain),
|
||||
_variant_t(),
|
||||
TASK_LOGON_INTERACTIVE_TOKEN,
|
||||
SDDL_FULL_ACCESS_FOR_EVERYONE,
|
||||
&pRegisteredTask);
|
||||
ExitOnFailure(hr, "Error saving the Task : %x", hr);
|
||||
}
|
||||
|
||||
LExit:
|
||||
if (pService)
|
||||
|
|
@ -261,7 +265,7 @@ LExit:
|
|||
return (SUCCEEDED(hr));
|
||||
}
|
||||
|
||||
bool disable_auto_start_task_for_this_user()
|
||||
bool delete_auto_start_task_for_this_user()
|
||||
{
|
||||
HRESULT hr = S_OK;
|
||||
|
||||
|
|
@ -313,13 +317,7 @@ bool disable_auto_start_task_for_this_user()
|
|||
if (SUCCEEDED(hr))
|
||||
{
|
||||
// Task exists, try disabling it.
|
||||
hr = pExistingRegisteredTask->put_Enabled(VARIANT_FALSE);
|
||||
pExistingRegisteredTask->Release();
|
||||
if (SUCCEEDED(hr))
|
||||
{
|
||||
// Function disable. Sounds like a success.
|
||||
ExitFunction();
|
||||
}
|
||||
hr = pTaskFolder->DeleteTask(_bstr_t(wstrTaskName.c_str()), 0);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,5 @@
|
|||
#pragma once
|
||||
|
||||
bool is_auto_start_task_active_for_this_user();
|
||||
bool enable_auto_start_task_for_this_user();
|
||||
bool disable_auto_start_task_for_this_user();
|
||||
bool create_auto_start_task_for_this_user(bool runEvelvated);
|
||||
bool delete_auto_start_task_for_this_user();
|
||||
|
|
|
|||
|
|
@ -115,6 +115,8 @@ json::JsonObject get_general_settings()
|
|||
|
||||
void apply_general_settings(const json::JsonObject& general_configs)
|
||||
{
|
||||
run_as_elevated = general_configs.GetNamedBoolean(L"run_elevated", false);
|
||||
|
||||
if (json::has(general_configs, L"startup", json::JsonValueType::Boolean))
|
||||
{
|
||||
const bool startup = general_configs.GetNamedBoolean(L"startup");
|
||||
|
|
@ -124,18 +126,33 @@ void apply_general_settings(const json::JsonObject& general_configs)
|
|||
}
|
||||
else
|
||||
{
|
||||
const bool current_startup = is_auto_start_task_active_for_this_user();
|
||||
if (current_startup != startup)
|
||||
if (startup)
|
||||
{
|
||||
if (startup)
|
||||
if (is_process_elevated())
|
||||
{
|
||||
enable_auto_start_task_for_this_user();
|
||||
delete_auto_start_task_for_this_user();
|
||||
create_auto_start_task_for_this_user(general_configs.GetNamedBoolean(L"run_elevated", false));
|
||||
}
|
||||
else
|
||||
{
|
||||
disable_auto_start_task_for_this_user();
|
||||
if (!is_auto_start_task_active_for_this_user())
|
||||
{
|
||||
delete_auto_start_task_for_this_user();
|
||||
create_auto_start_task_for_this_user(false);
|
||||
|
||||
run_as_elevated = false;
|
||||
}
|
||||
else if (!general_configs.GetNamedBoolean(L"run_elevated", false))
|
||||
{
|
||||
delete_auto_start_task_for_this_user();
|
||||
create_auto_start_task_for_this_user(false);
|
||||
}
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
delete_auto_start_task_for_this_user();
|
||||
}
|
||||
}
|
||||
}
|
||||
if (json::has(general_configs, L"enabled"))
|
||||
|
|
@ -169,7 +186,7 @@ void apply_general_settings(const json::JsonObject& general_configs)
|
|||
}
|
||||
}
|
||||
}
|
||||
run_as_elevated = general_configs.GetNamedBoolean(L"run_elevated", false);
|
||||
|
||||
if (json::has(general_configs, L"theme", json::JsonValueType::String))
|
||||
{
|
||||
settings_theme = general_configs.GetNamedString(L"theme");
|
||||
|
|
|
|||
|
|
@ -138,7 +138,8 @@ export class GeneralSettings extends React.Component <any, any> {
|
|||
|
||||
{this.state.settings.general.is_admin &&
|
||||
(<BoolToggleSettingsControl
|
||||
setting={{display_name: 'Always run as administrator', value: this.state.settings.general.run_elevated}}
|
||||
setting={{display_name: this.state.settings.general.is_elevated ? 'Always run as administrator' : 'Always run as administrator (Restart as administrator to change this)', value: this.state.settings.general.run_elevated}}
|
||||
disabled={!this.state.settings.general.is_elevated}
|
||||
on_change={this.parent_on_change}
|
||||
ref={(input) => {this.elevated_reference=input;}}
|
||||
/>)
|
||||
|
|
|
|||
Различия файлов скрыты, потому что одна или несколько строк слишком длинны
Различия файлов скрыты, потому что одна или несколько строк слишком длинны
Различия файлов скрыты, потому что одна или несколько строк слишком длинны
Загрузка…
Ссылка в новой задаче