atl/tests: Update registrar's is_process_limited() to deal with non-administrator, non-power user accounts.
Francois Gouget
fgouget at codeweavers.com
Wed Mar 5 04:31:55 CST 2014
---
This should fix the test failures on the fg-win2000-rusr, fg-winxp-lusr
and fg-win7u64-1spie9usr VMs.
dlls/atl/tests/registrar.c | 39 +++++++++++++++++++++++++++++++++++++--
1 file changed, 37 insertions(+), 2 deletions(-)
diff --git a/dlls/atl/tests/registrar.c b/dlls/atl/tests/registrar.c
index c05b672..279e254 100644
--- a/dlls/atl/tests/registrar.c
+++ b/dlls/atl/tests/registrar.c
@@ -37,18 +37,53 @@
#include <initguid.h>
#include <atliface.h>
-
+/* Returns TRUE if the current process has enough privileges to do anything */
static BOOL is_process_limited(void)
{
+ static BOOL (WINAPI *pCheckTokenMembership)(HANDLE,PSID,PBOOL) = NULL;
static BOOL (WINAPI *pOpenProcessToken)(HANDLE, DWORD, PHANDLE) = NULL;
+ SID_IDENTIFIER_AUTHORITY NtAuthority = {SECURITY_NT_AUTHORITY};
+ PSID Group;
+ BOOL IsInGroup;
HANDLE token;
if (!pOpenProcessToken)
{
HMODULE hadvapi32 = GetModuleHandleA("advapi32.dll");
pOpenProcessToken = (void*)GetProcAddress(hadvapi32, "OpenProcessToken");
- if (!pOpenProcessToken)
+ pCheckTokenMembership = (void*)GetProcAddress(hadvapi32, "CheckTokenMembership");
+ if (!pCheckTokenMembership || !pOpenProcessToken)
+ {
+ /* Win9x (power to the masses) or NT4 (no way to know) */
+ trace("missing pOpenProcessToken or CheckTokenMembership\n");
return FALSE;
+ }
+ }
+
+ if (!AllocateAndInitializeSid(&NtAuthority, 2, SECURITY_BUILTIN_DOMAIN_RID,
+ DOMAIN_ALIAS_RID_ADMINS,
+ 0, 0, 0, 0, 0, 0, &Group) ||
+ !pCheckTokenMembership(NULL, Group, &IsInGroup))
+ {
+ trace("Could not check if the current user is an administrator\n");
+ return FALSE;
+ }
+ if (!IsInGroup)
+ {
+ if (!AllocateAndInitializeSid(&NtAuthority, 2,
+ SECURITY_BUILTIN_DOMAIN_RID,
+ DOMAIN_ALIAS_RID_POWER_USERS,
+ 0, 0, 0, 0, 0, 0, &Group) ||
+ !pCheckTokenMembership(NULL, Group, &IsInGroup))
+ {
+ trace("Could not check if the current user is a power user\n");
+ return FALSE;
+ }
+ if (!IsInGroup)
+ {
+ /* Only administrators and power users can be powerful */
+ return TRUE;
+ }
}
if (pOpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &token))
--
1.8.5.3
More information about the wine-patches
mailing list