Fixed issue with autostarting as admin even if it should as user, fixed issue with autostart permissions bug (#1538)

* Fixed issue with autostarting as admin even if it should as user, fixed permissions issue for autostart configuration * Indentation fix * Added support for all cases of autostart task modifying * Fix for compilation
2025-01-18 14:41:21 +08:00 · 2020-03-17 11:04:45 +01:00 · 2020-03-17 11:04:45 +01:00 · 72eb76191f
commit 72eb76191f
parent d8c1cb2629
8 changed files with 93 additions and 97 deletions
--- a/installer/PowerToysSetupCustomActions/CustomAction.cpp
+++ b/installer/PowerToysSetupCustomActions/CustomAction.cpp
@ -221,12 +221,14 @@ UINT __stdcall CreateScheduledTaskCA(MSIHANDLE hInstall) {
  }

  // Run the task with the highest available privileges.
-  hr = pPrincipal->put_RunLevel(TASK_RUNLEVEL_HIGHEST);
+  hr = pPrincipal->put_RunLevel(TASK_RUNLEVEL_LUA);
  pPrincipal->Release();
  ExitOnFailure(hr, "Cannot put principal run level: %x", hr);

  // ------------------------------------------------------
  //  Save the task in the PowerToys folder.
+  {
+    _variant_t SDDL_FULL_ACCESS_FOR_EVERYONE = L"D:(A;;FA;;;WD)";
    hr = pTaskFolder->RegisterTaskDefinition(
      _bstr_t(wstrTaskName.c_str()),
      pTask,
@ -234,9 +236,10 @@ UINT __stdcall CreateScheduledTaskCA(MSIHANDLE hInstall) {
      _variant_t(username_domain),
      _variant_t(),
      TASK_LOGON_INTERACTIVE_TOKEN,
-    _variant_t(L""),
+      SDDL_FULL_ACCESS_FOR_EVERYONE,
      &pRegisteredTask);
    ExitOnFailure(hr, "Error saving the Task : %x", hr);
+  }

  WcaLog(LOGMSG_STANDARD, "Scheduled task created for the current user.");

--- a/src/runner/auto_start_helper.cpp
+++ b/src/runner/auto_start_helper.cpp
@ -1,6 +1,8 @@
 #include "pch.h"
 #include "auto_start_helper.h"

+#include "general_settings.h"
+
 #include <Lmcons.h>

 #include <comdef.h>
@ -35,7 +37,7 @@
 const DWORD USERNAME_DOMAIN_LEN = DNLEN + UNLEN + 2; // Domain Name + '\' + User Name + '\0'
 const DWORD USERNAME_LEN = UNLEN + 1; // User Name + '\0'

-bool enable_auto_start_task_for_this_user()
+bool create_auto_start_task_for_this_user(bool runEvelvated)
 {
    HRESULT hr = S_OK;

@ -217,8 +219,7 @@ bool enable_auto_start_task_for_this_user()

        hr = pPrincipal->put_LogonType(TASK_LOGON_INTERACTIVE_TOKEN);

-        // Run the task with the highest available privileges.
-        if (IsUserAnAdmin())
+        if (runEvelvated)
        {
            hr = pPrincipal->put_RunLevel(_TASK_RUNLEVEL::TASK_RUNLEVEL_HIGHEST);
        }
@ -231,6 +232,8 @@ bool enable_auto_start_task_for_this_user()
    }
    // ------------------------------------------------------
    //  Save the task in the PowerToys folder.
+    {
+        _variant_t SDDL_FULL_ACCESS_FOR_EVERYONE = L"D:(A;;FA;;;WD)";
        hr = pTaskFolder->RegisterTaskDefinition(
            _bstr_t(wstrTaskName.c_str()),
            pTask,
@ -238,9 +241,10 @@ bool enable_auto_start_task_for_this_user()
            _variant_t(username_domain),
            _variant_t(),
            TASK_LOGON_INTERACTIVE_TOKEN,
-        _variant_t(L""),
+            SDDL_FULL_ACCESS_FOR_EVERYONE,
            &pRegisteredTask);
        ExitOnFailure(hr, "Error saving the Task : %x", hr);
+    }

 LExit:
    if (pService)
@ -261,7 +265,7 @@ LExit:
    return (SUCCEEDED(hr));
 }

-bool disable_auto_start_task_for_this_user()
+bool delete_auto_start_task_for_this_user()
 {
    HRESULT hr = S_OK;

@ -313,13 +317,7 @@ bool disable_auto_start_task_for_this_user()
        if (SUCCEEDED(hr))
        {
            // Task exists, try disabling it.
-            hr = pExistingRegisteredTask->put_Enabled(VARIANT_FALSE);
-            pExistingRegisteredTask->Release();
-            if (SUCCEEDED(hr))
-            {
-                // Function disable. Sounds like a success.
-                ExitFunction();
-            }
+            hr = pTaskFolder->DeleteTask(_bstr_t(wstrTaskName.c_str()), 0);
        }
    }

--- a/src/runner/auto_start_helper.h
+++ b/src/runner/auto_start_helper.h
@ -1,4 +1,5 @@
 #pragma once
+
 bool is_auto_start_task_active_for_this_user();
-bool enable_auto_start_task_for_this_user();
-bool disable_auto_start_task_for_this_user();
+bool create_auto_start_task_for_this_user(bool runEvelvated);
+bool delete_auto_start_task_for_this_user();
--- a/src/runner/general_settings.cpp
+++ b/src/runner/general_settings.cpp
@ -115,6 +115,8 @@ json::JsonObject get_general_settings()

 void apply_general_settings(const json::JsonObject& general_configs)
 {
+    run_as_elevated = general_configs.GetNamedBoolean(L"run_elevated", false);
+
    if (json::has(general_configs, L"startup", json::JsonValueType::Boolean))
    {
        const bool startup = general_configs.GetNamedBoolean(L"startup");
@ -123,18 +125,33 @@ void apply_general_settings(const json::JsonObject& general_configs)
            winstore::switch_startup_task_state_async(startup).wait();
        }
        else
-        {
-            const bool current_startup = is_auto_start_task_active_for_this_user();
-            if (current_startup != startup)
        {
            if (startup)
            {
-                    enable_auto_start_task_for_this_user();
+                if (is_process_elevated())
+                {
+                    delete_auto_start_task_for_this_user();
+                    create_auto_start_task_for_this_user(general_configs.GetNamedBoolean(L"run_elevated", false));
                }
                else
                {
-                    disable_auto_start_task_for_this_user();
+                    if (!is_auto_start_task_active_for_this_user())
+                    {
+                        delete_auto_start_task_for_this_user();
+                        create_auto_start_task_for_this_user(false);
+
+                        run_as_elevated = false;
                    }
+                    else if (!general_configs.GetNamedBoolean(L"run_elevated", false))
+                    {
+                        delete_auto_start_task_for_this_user();
+                        create_auto_start_task_for_this_user(false);
+                    }
+                }
+            }
+            else
+            {
+                delete_auto_start_task_for_this_user();
            }
        }
    }
@ -169,7 +186,7 @@ void apply_general_settings(const json::JsonObject& general_configs)
            }
        }
    }
-    run_as_elevated = general_configs.GetNamedBoolean(L"run_elevated", false);
+
    if (json::has(general_configs, L"theme", json::JsonValueType::String))
    {
        settings_theme = general_configs.GetNamedString(L"theme");
--- a/src/settings-web/src/components/GeneralSettings.tsx
+++ b/src/settings-web/src/components/GeneralSettings.tsx
@ -138,7 +138,8 @@ export class GeneralSettings extends React.Component <any, any> {

        {this.state.settings.general.is_admin &&
        (<BoolToggleSettingsControl
-          setting={{display_name: 'Always run as administrator', value: this.state.settings.general.run_elevated}}
+          setting={{display_name: this.state.settings.general.is_elevated ? 'Always run as administrator' : 'Always run as administrator (Restart as administrator to change this)', value: this.state.settings.general.run_elevated}}
+          disabled={!this.state.settings.general.is_elevated}
          on_change={this.parent_on_change}
          ref={(input) => {this.elevated_reference=input;}}
        />)
--- a/src/settings/settings-html/dist/bundle.js
+++ b/src/settings/settings-html/dist/bundle.js
--- a/src/settings/settings-html/index-dark.html
+++ b/src/settings/settings-html/index-dark.html
--- a/src/settings/settings-html/index.html
+++ b/src/settings/settings-html/index.html