3

私はこのコードを期待していました:

WindowsPrincipal principal = new WindowsPrincipal( WindowsIdentity.GetCurrent() );
public bool UserHasAdminRights( WindowsPrincipal principal, WindowsBuiltInRole role )
{
  bool isAdmin;

  // get the role information of the current user
  if ( principal.IsInRole( role ) )
  {
    isAdmin = true;
  }
  else
  {
    isAdmin = false;
  }
  return isAdmin;
}

ユーザーが組み込みの管理者グループに属している場合に trueを返します。

でも

IsInRole州のMSDN :

In Windows Vista, User Account Control (UAC) determines the privileges of a user. If you are a member of the Built-in Administrators group, you are assigned two run-time access tokens: a standard user access token and an administrator access token. By default, you are in the standard user role. When you attempt to perform a task that requires administrative privileges, you can dynamically elevate your role by using the Consent dialog box. The code that executes the IsInRole method does not display the Consent dialog box. The code returns false if you are in the standard user role, even if you are in the Built-in Administrators group. You can elevate your privileges before you execute the code by right-clicking the application icon and indicating that you want to run as an administrator.

質問は、ユーザーが組み込みの管理者グループに属している場合、実行中/実行前にユーザーに権限を昇格させることなく、 trueを返すようにこのコードを変更するにはどうすればよいですか?

4

1 に答える 1

3

Since I can't neatly post code in comments, like I can here, let me just suggest some pseudo code

var user = Windows.GetThisUser( me ); //current method (I said pseudo code)
function CheckIfImAdmin( user ) .... //current method

proposed method:

var administrativeUsers = Windows.GetUsersInRole( "admin" ); //use a SID here, much more reliable
foreach(user in administrativeUsers){
  if (user == me) return true;
  return false;
}

While this may look the same, it's not. Instead of querying the user to see if it's currently in a given role (non-escalated aren't) I'm focusing on who the administrators are and then asking if that group contains the user I want, namely the current user.

于 2012-08-02T22:25:24.627 に答える