summaryrefslogtreecommitdiff
path: root/shared/privilege.cpp
blob: 00eb285556aceac4fa41221f5ed7bc49d071826e (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
#include "privilege.h"
#include <wx/intl.h>
#include "system_func.h"
//#include <boost/shared_ptr.hpp>
#include "loki/ScopeGuard.h"

using namespace ffs3;


Privileges& Privileges::getInstance()
{
    static Privileges instance;
    return instance;
}


bool Privileges::privilegeIsActive(LPCTSTR privilege) //throw FileError()
{
    HANDLE hToken = NULL;
    if (!::OpenProcessToken(::GetCurrentProcess(), //__in   HANDLE ProcessHandle,
                            TOKEN_QUERY,           //__in   DWORD DesiredAccess,
                            &hToken))              //__out  PHANDLE TokenHandle
    {
        const wxString errorMessage = wxString(_("Error setting privilege:")) + wxT(" \"") + privilege +  wxT("\"") + wxT("\n\n");
        throw FileError(errorMessage + ffs3::getLastErrorFormatted());
    }
    Loki::ScopeGuard dummy = Loki::MakeGuard(::CloseHandle, hToken);
    (void)dummy; //silence warning "unused variable"


    LUID luid = {};
    if (!::LookupPrivilegeValue(
            NULL,      //__in_opt  LPCTSTR lpSystemName,
            privilege, //__in      LPCTSTR lpName,
            &luid ))   //__out     PLUID lpLuid
    {
        const wxString errorMessage = wxString(_("Error setting privilege:")) + wxT(" \"") + privilege +  wxT("\"") + wxT("\n\n");
        throw FileError(errorMessage + ffs3::getLastErrorFormatted());
    }

    PRIVILEGE_SET priv  = {};
    priv.PrivilegeCount = 1;
    priv.Control        = PRIVILEGE_SET_ALL_NECESSARY;
    priv.Privilege[0].Luid = luid;
    priv.Privilege[0].Attributes = SE_PRIVILEGE_ENABLED;

    BOOL alreadyGranted = FALSE;
    if (!::PrivilegeCheck(
            hToken,           //__in     HANDLE ClientToken,
            &priv,            //__inout  PPRIVILEGE_SET RequiredPrivileges,
            &alreadyGranted)) //__out    LPBOOL pfResult
    {
        const wxString errorMessage = wxString(_("Error setting privilege:")) + wxT(" \"") + privilege +  wxT("\"") + wxT("\n\n");
        throw FileError(errorMessage + ffs3::getLastErrorFormatted());
    }

    return alreadyGranted == TRUE;
}


void Privileges::setPrivilege(LPCTSTR privilege, bool enable) //throw FileError()
{
    HANDLE hToken = NULL;
    if (!::OpenProcessToken(::GetCurrentProcess(),   //__in   HANDLE ProcessHandle,
                            TOKEN_ADJUST_PRIVILEGES, //__in   DWORD DesiredAccess,
                            &hToken))                //__out  PHANDLE TokenHandle
    {
        const wxString errorMessage = wxString(_("Error setting privilege:")) + wxT(" \"") + privilege +  wxT("\"") + wxT("\n\n");
        throw FileError(errorMessage + ffs3::getLastErrorFormatted());
    }
    Loki::ScopeGuard dummy = Loki::MakeGuard(::CloseHandle, hToken);
    (void)dummy; //silence warning "unused variable"

    LUID luid = {};
    if (!::LookupPrivilegeValue(
            NULL,      //__in_opt  LPCTSTR lpSystemName,
            privilege, //__in      LPCTSTR lpName,
            &luid ))   //__out     PLUID lpLuid
    {
        const wxString errorMessage = wxString(_("Error setting privilege:")) + wxT(" \"") + privilege +  wxT("\"") + wxT("\n\n");
        throw FileError(errorMessage + ffs3::getLastErrorFormatted());
    }

    TOKEN_PRIVILEGES tp = {};
    tp.PrivilegeCount   = 1;
    tp.Privileges[0].Luid = luid;
    tp.Privileges[0].Attributes = enable ? SE_PRIVILEGE_ENABLED : 0;

    if (!::AdjustTokenPrivileges(
            hToken, //__in       HANDLE TokenHandle,
            false,  //__in       BOOL DisableAllPrivileges,
            &tp,    //__in_opt   PTOKEN_PRIVILEGES NewState,
            0,      //__in       DWORD BufferLength,
            NULL,   //__out_opt  PTOKEN_PRIVILEGES PreviousState,
            NULL))  //__out_opt  PDWORD ReturnLength
    {
        const wxString errorMessage = wxString(_("Error setting privilege:")) + wxT(" \"") + privilege +  wxT("\"") + wxT("\n\n");
        throw FileError(errorMessage + ffs3::getLastErrorFormatted());
    }

    if (::GetLastError() == ERROR_NOT_ALL_ASSIGNED) //check although previous function returned with success!
    {
        const wxString errorMessage = wxString(_("Error setting privilege:")) + wxT(" \"") + privilege +  wxT("\"") + wxT("\n\n");
        throw FileError(errorMessage + ffs3::getLastErrorFormatted());
    }
}
bgstack15