Revert "Reland c91b178b07b0d - Delete dead signin code (SigninGlobalError)"
[chromium-blink-merge.git] / rlz / win / lib / process_info.cc
blobcbab44a00e5ea62c56978712d680d8ff923de227
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 //
5 // Information about the current process.
7 #include "rlz/win/lib/process_info.h"
9 #include <windows.h>
11 #include "base/memory/scoped_ptr.h"
12 #include "base/process/process_info.h"
13 #include "base/strings/string16.h"
14 #include "base/win/scoped_handle.h"
15 #include "base/win/win_util.h"
16 #include "base/win/windows_version.h"
17 #include "rlz/lib/assert.h"
19 namespace {
21 HRESULT GetElevationType(PTOKEN_ELEVATION_TYPE elevation) {
22 if (!elevation)
23 return E_POINTER;
25 *elevation = TokenElevationTypeDefault;
27 if (base::win::GetVersion() < base::win::VERSION_VISTA)
28 return E_FAIL;
30 HANDLE process_token;
31 if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &process_token))
32 return HRESULT_FROM_WIN32(GetLastError());
34 base::win::ScopedHandle scoped_process_token(process_token);
36 DWORD size;
37 TOKEN_ELEVATION_TYPE elevation_type;
38 if (!GetTokenInformation(process_token, TokenElevationType, &elevation_type,
39 sizeof(elevation_type), &size)) {
40 return HRESULT_FROM_WIN32(GetLastError());
43 *elevation = elevation_type;
44 return S_OK;
47 // based on http://msdn2.microsoft.com/en-us/library/aa376389.aspx
48 bool GetUserGroup(long* group) {
49 if (!group)
50 return false;
52 *group = 0;
54 // groups are listed in DECREASING order of importance
55 // (eg. If a user is a member of both the admin group and
56 // the power user group, it is more useful to list the user
57 // as an admin)
58 DWORD user_groups[] = {DOMAIN_ALIAS_RID_ADMINS,
59 DOMAIN_ALIAS_RID_POWER_USERS};
60 SID_IDENTIFIER_AUTHORITY nt_authority = {SECURITY_NT_AUTHORITY};
62 for (int i = 0; i < arraysize(user_groups) && *group == 0; ++i) {
63 PSID current_group;
64 if (AllocateAndInitializeSid(&nt_authority, 2,
65 SECURITY_BUILTIN_DOMAIN_RID,
66 user_groups[i], 0, 0, 0, 0,
67 0, 0, &current_group)) {
68 BOOL current_level;
69 if (CheckTokenMembership(NULL, current_group, &current_level) &&
70 current_level) {
71 *group = user_groups[i];
74 FreeSid(current_group);
78 return group != 0;
80 } //anonymous
83 namespace rlz_lib {
85 bool ProcessInfo::IsRunningAsSystem() {
86 static base::string16 user_sid;
87 if (user_sid.empty()) {
88 if (!base::win::GetUserSidString(&user_sid))
89 return false;
91 return (user_sid == L"S-1-5-18");
94 bool ProcessInfo::HasAdminRights() {
95 static bool evaluated = false;
96 static bool has_rights = false;
98 if (!evaluated) {
99 if (IsRunningAsSystem()) {
100 has_rights = true;
101 } else if (base::win::GetVersion() >= base::win::VERSION_VISTA) {
102 TOKEN_ELEVATION_TYPE elevation;
103 if (SUCCEEDED(GetElevationType(&elevation))) {
104 base::IntegrityLevel level = base::GetCurrentProcessIntegrityLevel();
105 if (level != base::INTEGRITY_UNKNOWN) {
106 has_rights = (elevation == TokenElevationTypeFull) ||
107 (level == base::HIGH_INTEGRITY);
110 } else {
111 long group = 0;
112 if (GetUserGroup(&group))
113 has_rights = (group == DOMAIN_ALIAS_RID_ADMINS);
117 evaluated = true;
118 if (!has_rights)
119 ASSERT_STRING("ProcessInfo::HasAdminRights: Does not have admin rights.");
121 return has_rights;
124 }; // namespace