Merge pull request #9 from pnyani/main

feat: add Windows administrator privilege check

Author: mincomk

.github/workflows/ci.yml

@@ -21,3 +21,11 @@ jobs:
       - uses: actions/checkout@v4
       - name: Build
         run: cargo build
+
+  test-windows:
+    runs-on: windows-latest
+
+    steps:
+      - uses: actions/checkout@v4
+      - name: Build
+        run: cargo build

Cargo.lock

@@ -12,12 +12,21 @@ derive_more = { version = "2.1.1", features = ["from", "into", "from_str", "add"
 dirs = "6.0.0"
 efivar = "2.0.0"
 inquire = "0.9.2"
-libc = "0.2.180"
 miette = { version = "7.6.0", features = ["fancy"] }
 serde = { version = "1.0.228", features = ["derive"] }
 serde_yaml = "0.9"
 system_shutdown = "4.1.0"
 which = "8.0.0"
 
+[target.'cfg(unix)'.dependencies]
+libc = "0.2.180"
+
 [target.'cfg(target_os = "linux")'.dependencies]
 nix = { version = "0.31.1", features = ["fs", "user"] }
+
+[target.'cfg(target_os = "windows")'.dependencies]
+windows-sys = { version = "0.59", features = [
+    "Win32_Security",
+    "Win32_System_Threading",
+    "Win32_Foundation",
+] }

Cargo.toml

@@ -9,6 +9,12 @@ fn main() {
         Err(e) => {
             eprintln!("Error: Failed to execute 'bootit' command: {}", e);
             eprintln!("Make sure 'bootit' is installed and in your PATH.");
+
+            #[cfg(windows)]
+            eprintln!(
+                "\nIf you are not running as Administrator, try opening an elevated terminal."
+            );
+
             std::process::exit(127);
         }
     };

src/bin/it.rs

@@ -35,9 +35,15 @@ pub fn allow_non_admin(it_path: Option<PathBuf>) -> miette::Result<()> {
         println!("Non-admin users can now use it command to boot.");
     }
 
-    #[cfg(not(target_os = "linux"))]
+    #[cfg(target_os = "windows")]
     {
-        println!("Setting setuid bit is not supported on this operating system.");
+        println!("The setuid mechanism is not available on Windows.");
+        println!("Run bootit from an elevated terminal (right-click -> Run as administrator).");
+    }
+
+    #[cfg(not(any(target_os = "linux", target_os = "windows")))]
+    {
+        println!("allow-non-admin is not supported on this operating system.");
     }
 
     Ok(())

src/command/allow_non_admin.rs

@@ -13,9 +13,52 @@ pub fn check_privileges() -> miette::Result<()> {
             ));
         }
     }
+
+    #[cfg(windows)]
+    {
+        if !is_elevated() {
+            return Err(miette!(
+                "This program must be run as Administrator (try: run terminal as administrator)"
+            ));
+        }
+    }
+
     Ok(())
 }
 
+#[cfg(windows)]
+fn is_elevated() -> bool {
+    use std::ptr::null_mut;
+    use windows_sys::Win32::Foundation::{CloseHandle, HANDLE};
+    use windows_sys::Win32::Security::{
+        GetTokenInformation, TokenElevation, TOKEN_ELEVATION, TOKEN_QUERY,
+    };
+    use windows_sys::Win32::System::Threading::{GetCurrentProcess, OpenProcessToken};
+
+    unsafe {
+        let mut token_handle: HANDLE = null_mut();
+        if OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &mut token_handle) == 0 {
+            return false;
+        }
+
+        let mut elevation = TOKEN_ELEVATION { TokenIsElevated: 0 };
+        let mut return_length: u32 = 0;
+        let size = std::mem::size_of::<TOKEN_ELEVATION>() as u32;
+
+        let result = GetTokenInformation(
+            token_handle,
+            TokenElevation,
+            &mut elevation as *mut _ as *mut _,
+            size,
+            &mut return_length,
+        );
+
+        CloseHandle(token_handle);
+
+        result != 0 && elevation.TokenIsElevated != 0
+    }
+}
+
 #[allow(unused)]
 pub fn find_it() -> miette::Result<PathBuf> {
     if let Ok(path) = which("it") {