[BUG] Child processes won't elevate (#488)

(cherry picked from commit 68258eb104)
2024-06-10 22:44:37 +12:00 · 2023-08-12 14:00:26 +02:00 · 2023-08-12 14:00:26 +02:00 · 94fdd47cda
parent dfb1b46b65
commit 94fdd47cda
3 changed files with 37 additions and 1 deletions
--- a/Business/Program.cs
+++ b/Business/Program.cs
@ -23,6 +23,7 @@ namespace SystemTrayMenu
                Config.SetFolderByWindowsContextMenu(args);
                Config.LoadOrSetByUser();
                Config.Initialize();
+                PrivilegeChecker.Initialize();

                // Without a valid path we cannot do anything, just close application
                if (string.IsNullOrEmpty(Config.Path))
--- a/Utilities/Log.cs
+++ b/Utilities/Log.cs
@ -160,6 +160,12 @@ namespace SystemTrayMenu.Utilities

            try
            {
+                string verb = string.Empty;
+                if (!PrivilegeChecker.IsCurrentUserInAdminGroup)
+                {
+                    verb = "runas";
+                }
+
                using Process p = new()
                {
                    StartInfo = new ProcessStartInfo(fileName)
@ -169,7 +175,7 @@ namespace SystemTrayMenu.Utilities
                        WorkingDirectory = workingDirectory ?? string.Empty,
                        CreateNoWindow = createNoWindow,
                        UseShellExecute = true,
-                        Verb = "runas",
+                        Verb = verb,
                    },
                };
                p.Start();
--- a/Utilities/PrivilegeChecker.cs
+++ b/Utilities/PrivilegeChecker.cs
@ -0,0 +1,29 @@
+// <copyright file="PrivilegeChecker.cs" company="PlaceholderCompany">
+// Copyright (c) PlaceholderCompany. All rights reserved.
+// </copyright>
+
+namespace SystemTrayMenu.Utilities
+{
+    using System.Linq;
+    using System.Security.Principal;
+
+    internal static class PrivilegeChecker
+    {
+        public static bool IsCurrentUserInAdminGroup { get; set; }
+
+        public static void Initialize()
+        {
+            // https://stackoverflow.com/questions/3600322/check-if-the-current-user-is-administrator
+            // https://learn.microsoft.com/en-us/troubleshoot/windows-server/identity/security-identifiers-in-windows
+            // S-1-5-32-544
+            // A built-in group. After the initial installation of the operating system,
+            // the only member of the group is the Administrator account.
+            // When a computer joins a domain, the Domain Admins group is added to
+            // the Administrators group. When a server becomes a domain controller,
+            // the Enterprise Admins group also is added to the Administrators group.
+            var principal = new WindowsPrincipal(WindowsIdentity.GetCurrent());
+            var claims = principal.Claims;
+            IsCurrentUserInAdminGroup = claims.FirstOrDefault(c => c.Value == "S-1-5-32-544") != null;
+        }
+    }
+}