Francois Gouget : msi/tests: Update is_process_limited() to deal with non-administrator accounts.
Alexandre Julliard
julliard at winehq.org
Wed Mar 5 14:12:31 CST 2014
Module: wine
Branch: master
Commit: f6ccfaa6f37e1e4bf8e269a88f0fc4661d8683f6
URL: http://source.winehq.org/git/wine.git/?a=commit;h=f6ccfaa6f37e1e4bf8e269a88f0fc4661d8683f6
Author: Francois Gouget <fgouget at codeweavers.com>
Date: Wed Mar 5 11:15:46 2014 +0100
msi/tests: Update is_process_limited() to deal with non-administrator accounts.
---
dlls/msi/tests/action.c | 21 ++++++++++++++++++++-
dlls/msi/tests/install.c | 21 ++++++++++++++++++++-
2 files changed, 40 insertions(+), 2 deletions(-)
diff --git a/dlls/msi/tests/action.c b/dlls/msi/tests/action.c
index c6b45ec..047854b 100644
--- a/dlls/msi/tests/action.c
+++ b/dlls/msi/tests/action.c
@@ -46,6 +46,7 @@ static INSTALLSTATE (WINAPI *pMsiGetComponentPathExA)
static UINT (WINAPI *pMsiQueryFeatureStateExA)
(LPCSTR, LPCSTR, MSIINSTALLCONTEXT, LPCSTR, INSTALLSTATE *);
+static BOOL (WINAPI *pCheckTokenMembership)(HANDLE,PSID,PBOOL);
static BOOL (WINAPI *pConvertSidToStringSidA)(PSID, LPSTR *);
static BOOL (WINAPI *pOpenProcessToken)(HANDLE, DWORD, PHANDLE);
static LONG (WINAPI *pRegDeleteKeyExA)(HKEY, LPCSTR, REGSAM, DWORD);
@@ -2238,6 +2239,7 @@ static void init_functionpointers(void)
GET_PROC(hmsi, MsiGetComponentPathExA);
GET_PROC(hmsi, MsiQueryFeatureStateExA);
+ GET_PROC(hadvapi32, CheckTokenMembership);
GET_PROC(hadvapi32, ConvertSidToStringSidA);
GET_PROC(hadvapi32, OpenProcessToken);
GET_PROC(hadvapi32, RegDeleteKeyExA)
@@ -2252,9 +2254,26 @@ static void init_functionpointers(void)
static BOOL is_process_limited(void)
{
+ SID_IDENTIFIER_AUTHORITY NtAuthority = {SECURITY_NT_AUTHORITY};
+ PSID Group;
+ BOOL IsInGroup;
HANDLE token;
- if (!pOpenProcessToken) return FALSE;
+ if (!pCheckTokenMembership || !pOpenProcessToken) return FALSE;
+
+ if (!AllocateAndInitializeSid(&NtAuthority, 2, SECURITY_BUILTIN_DOMAIN_RID,
+ DOMAIN_ALIAS_RID_ADMINS,
+ 0, 0, 0, 0, 0, 0, &Group) ||
+ !pCheckTokenMembership(NULL, Group, &IsInGroup))
+ {
+ trace("Could not check if the current user is an administrator\n");
+ return FALSE;
+ }
+ if (!IsInGroup)
+ {
+ /* Only administrators have enough privileges for these tests */
+ return TRUE;
+ }
if (pOpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &token))
{
diff --git a/dlls/msi/tests/install.c b/dlls/msi/tests/install.c
index 3068c12..603042a 100644
--- a/dlls/msi/tests/install.c
+++ b/dlls/msi/tests/install.c
@@ -43,6 +43,7 @@ static UINT (WINAPI *pMsiSourceListEnumSourcesA)
static INSTALLSTATE (WINAPI *pMsiGetComponentPathExA)
(LPCSTR, LPCSTR, LPCSTR, MSIINSTALLCONTEXT, LPSTR, LPDWORD);
+static BOOL (WINAPI *pCheckTokenMembership)(HANDLE,PSID,PBOOL);
static BOOL (WINAPI *pConvertSidToStringSidA)(PSID, LPSTR*);
static BOOL (WINAPI *pOpenProcessToken)( HANDLE, DWORD, PHANDLE );
static LONG (WINAPI *pRegDeleteKeyExA)(HKEY, LPCSTR, REGSAM, DWORD);
@@ -2026,6 +2027,7 @@ static void init_functionpointers(void)
GET_PROC(hmsi, MsiSourceListEnumSourcesA);
GET_PROC(hmsi, MsiGetComponentPathExA);
+ GET_PROC(hadvapi32, CheckTokenMembership);
GET_PROC(hadvapi32, ConvertSidToStringSidA);
GET_PROC(hadvapi32, OpenProcessToken);
GET_PROC(hadvapi32, RegDeleteKeyExA)
@@ -2040,9 +2042,26 @@ static void init_functionpointers(void)
static BOOL is_process_limited(void)
{
+ SID_IDENTIFIER_AUTHORITY NtAuthority = {SECURITY_NT_AUTHORITY};
+ PSID Group;
+ BOOL IsInGroup;
HANDLE token;
- if (!pOpenProcessToken) return FALSE;
+ if (!pCheckTokenMembership || !pOpenProcessToken) return FALSE;
+
+ if (!AllocateAndInitializeSid(&NtAuthority, 2, SECURITY_BUILTIN_DOMAIN_RID,
+ DOMAIN_ALIAS_RID_ADMINS,
+ 0, 0, 0, 0, 0, 0, &Group) ||
+ !pCheckTokenMembership(NULL, Group, &IsInGroup))
+ {
+ trace("Could not check if the current user is an administrator\n");
+ return FALSE;
+ }
+ if (!IsInGroup)
+ {
+ /* Only administrators have enough privileges for these tests */
+ return TRUE;
+ }
if (pOpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &token))
{
More information about the wine-cvs
mailing list