注册 登录
编程论坛 VC++/MFC

判断是否以管理员身份权限运行的C++代码源码

wsgsoft 发布于 2023-09-26 13:40, 398 次点击
本篇文章属于《518抽奖软件开发日志》系列文章的一部分。



我在开发《518抽奖软件》(www.)的时候,有时候需要判断,进程是否以管理员身份权限运行。网上找了一些代码,很多不能用或不全面,现整理代码如下。

程序代码:

BOOL Tfuns::is_userAdmin()

{

    return is_admin(FALSE);

}

BOOL Tfuns::is_runasAdmin()

{

    return is_admin(TRUE);

}



static BOOL is_admin(BOOL CheckTokenForGroupDeny)

{

    WCHAR  *pGroup = NULL;

    HANDLE  hToken = NULL;

    struct group

    {

        DWORD auth_id;

        WCHAR *name;

    };

    struct group groups[] =

    {

        { DOMAIN_ALIAS_RID_USERS, L"User" },

        { DOMAIN_ALIAS_RID_GUESTS, L"Guest" },

        { DOMAIN_ALIAS_RID_POWER_USERS, L"Power" },

        { DOMAIN_ALIAS_RID_ADMINS, L"Admin" }

    };

    if (GetVersion() & 0x80000000) return TRUE;  //Not NT



    if (OpenThreadToken(GetCurrentThread(), TOKEN_QUERY, FALSE, &hToken) ||

        OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken))

    {

        SID_IDENTIFIER_AUTHORITY SystemSidAuthority = { SECURITY_NT_AUTHORITY };

        TOKEN_GROUPS* ptg = NULL;

        BOOL       ValidTokenGroups = FALSE;

        DWORD      cbTokenGroups;

        DWORD      i, j;



        if (CheckTokenForGroupDeny)

            pCheckTokenMembership = (CHECKTOKENMEMBERSHIP)GetProcAddress(GetModuleHandle(L"ADVAPI32"), "CheckTokenMembership");



        if (!CheckTokenForGroupDeny || pCheckTokenMembership == NULL)

        {

            if (!GetTokenInformation(hToken, TokenGroups, NULL, 0, &cbTokenGroups) &&

                GetLastError() == ERROR_INSUFFICIENT_BUFFER)

            {

                if ((ptg = (TOKEN_GROUPS*)GlobalAlloc(GPTR, cbTokenGroups)) &&

                    GetTokenInformation(hToken, TokenGroups, ptg, cbTokenGroups, &cbTokenGroups))

                {

                    ValidTokenGroups = TRUE;

                }

            }

        }



        if (ValidTokenGroups || (CheckTokenForGroupDeny && pCheckTokenMembership))

        {

            PSID psid;

            for (i = 0; i < sizeof(groups) / sizeof(struct group); i++)

            {

                if (AllocateAndInitializeSid(&SystemSidAuthority, 2, SECURITY_BUILTIN_DOMAIN_RID,

                    groups[i].auth_id, 0, 0, 0, 0, 0, 0, &psid))

                {

                    BOOL IsMember = FALSE;

                    if (CheckTokenForGroupDeny && pCheckTokenMembership)

                        pCheckTokenMembership(0, psid, &IsMember);

                    else if (ValidTokenGroups)

                    {

                        for (j = 0; j < ptg->GroupCount; j++)

                        {

                            if (EqualSid(ptg->Groups[j].Sid, psid)) IsMember = TRUE;

                        }

                    }

                    if (IsMember) pGroup = groups[i].name;

                    FreeSid(psid);

                }

            }//for groups

        }

        if (ptg) GlobalFree(ptg);

        CloseHandle(hToken);



        if (pGroup && _wcsicmp(pGroup, L"Admin") == 0) return TRUE;

        else return FALSE;

    }

    return FALSE;

}

0 回复
1
©2024, BCCN.NET
电脑版