prompt foreground window elevation

Signed-off-by: 21pages <pages21@163.com>
2025-01-18 15:53:00 +08:00 · 2022-09-28 20:48:14 +08:00 · 2022-09-28 20:48:14 +08:00 · 02aedd234c
commit 02aedd234c
parent ae8d97eb72
30 changed files with 131 additions and 30 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -2601,15 +2601,6 @@ version = "2.5.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "879d54834c8c76457ef4293a689b2a8c59b076067ad77b15efafbb05f92a592b"

-[[package]]
-name = "is_elevated"
-version = "0.1.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5299060ff5db63e788015dcb9525ad9b84f4fd9717ed2cbdeba5018cbf42f9b5"
-dependencies = [
- "winapi 0.3.9",
-]
-
 [[package]]
 name = "itertools"
 version = "0.9.0"
@ -4348,7 +4339,6 @@ dependencies = [
 "hound",
 "impersonate_system",
 "include_dir",
- "is_elevated",
 "jni",
 "lazy_static",
 "libc",
--- a/Cargo.toml
+++ b/Cargo.toml
@ -91,7 +91,6 @@ winapi = { version = "0.3", features = ["winuser"] }
 winreg = "0.10"
 windows-service = "0.4"
 virtual_display = { path = "libs/virtual_display" }
-is_elevated = "0.1.2"
 impersonate_system = { git = "https://github.com/21pages/impersonate-system" }

 [target.'cfg(target_os = "macos")'.dependencies]
--- a/libs/hbb_common/protos/message.proto
+++ b/libs/hbb_common/protos/message.proto
@ -557,6 +557,7 @@ message Misc {
    BackNotification back_notification = 13;
    bool restart_remote_device = 14;
    bool uac = 15;
+    bool foreground_window_elevated = 16;
  }
 }

--- a/src/client/io_loop.rs
+++ b/src/client/io_loop.rs
@ -985,6 +985,15 @@ impl<T: InvokeUiSession> Remote<T> {
                                .msgbox("custom-uac-nocancel", "Warning", "uac_warning");
                        }
                    }
+                    Some(misc::Union::ForegroundWindowElevated(elevated)) => {
+                        if elevated {
+                            self.handler.msgbox(
+                                "custom-elevated-foreground-nocancel",
+                                "Warning",
+                                "elevated_foreground_window_warning",
+                            );
+                        }
+                    }
                    _ => {}
                },
                Some(message::Union::TestDelay(t)) => {
--- a/src/lang/cn.rs
+++ b/src/lang/cn.rs
@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> =
        ("Prompt", "提示"),
        ("elevation_prompt", "以当前用户权限运行软件，可能导致远端在访问本机时，没有足够的权限来操作部分窗口。"),
        ("uac_warning", "暂时无法访问远端设备，因为远端设备正在请求用户账户权限，请等待对方关闭UAC窗口。为避免这个问题，建议在远端设备上安装或者以管理员权限运行本软件。"),
+        ("elevated_foreground_window_warning", "暂时无法使用鼠标键盘，因为远端桌面的当前窗口需要更高的权限才能操作, 可以请求对方最小化当前窗口。为避免这个问题，建议在远端设备上安装或者以管理员权限运行本软件。"),
    ].iter().cloned().collect();
 }
--- a/src/lang/cs.rs
+++ b/src/lang/cs.rs
@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> =
        ("Prompt", ""),
        ("elevation_prompt", ""),
        ("uac_warning", ""),
+        ("elevated_foreground_window_warning", ""),
    ].iter().cloned().collect();
 }
--- a/src/lang/da.rs
+++ b/src/lang/da.rs
@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> =
        ("Prompt", ""),
        ("elevation_prompt", ""),
        ("uac_warning", ""),
+        ("elevated_foreground_window_warning", ""),
    ].iter().cloned().collect();
 }
--- a/src/lang/de.rs
+++ b/src/lang/de.rs
@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> =
        ("Prompt", ""),
        ("elevation_prompt", ""),
        ("uac_warning", ""),
+        ("elevated_foreground_window_warning", ""),
    ].iter().cloned().collect();
 }
--- a/src/lang/en.rs
+++ b/src/lang/en.rs
@ -32,5 +32,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> =
        ("Are you sure to close the connection?", "Are you sure you want to close the connection?"),
        ("elevation_prompt", "Running software without privilege elevation may cause problems when remote users operate certain windows."),
        ("uac_warning", "Temporarily denied access due to elevation request, please wait for the remote user to accept the UAC dialog. To avoid this problem, it is recommended to install the software on the remote device or run it with administrator privileges."),
-    ].iter().cloned().collect();
+        ("elevated_foreground_window_warning", "Temporarily unable to use the mouse and keyboard, because the current window of the remote desktop requires higher privilege to operate, you can request the remote user to minimize the current window. To avoid this problem, it is recommended to install the software on the remote device or run it with administrator privileges."),
+        ].iter().cloned().collect();
 }
--- a/src/lang/eo.rs
+++ b/src/lang/eo.rs
@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> =
        ("Prompt", ""),
        ("elevation_prompt", ""),
        ("uac_warning", ""),
+        ("elevated_foreground_window_warning", ""),
    ].iter().cloned().collect();
 }
--- a/src/lang/es.rs
+++ b/src/lang/es.rs
@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> =
        ("Prompt", ""),
        ("elevation_prompt", ""),
        ("uac_warning", ""),
+        ("elevated_foreground_window_warning", ""),
    ].iter().cloned().collect();
 }
--- a/src/lang/fr.rs
+++ b/src/lang/fr.rs
@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> =
        ("Prompt", ""),
        ("elevation_prompt", ""),
        ("uac_warning", ""),
+        ("elevated_foreground_window_warning", ""),
    ].iter().cloned().collect();
 }
--- a/src/lang/hu.rs
+++ b/src/lang/hu.rs
@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> =
        ("Prompt", ""),
        ("elevation_prompt", ""),
        ("uac_warning", ""),
+        ("elevated_foreground_window_warning", ""),
    ].iter().cloned().collect();
 }
--- a/src/lang/id.rs
+++ b/src/lang/id.rs
@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> =
        ("Prompt", ""),
        ("elevation_prompt", ""),
        ("uac_warning", ""),
+        ("elevated_foreground_window_warning", ""),
    ].iter().cloned().collect();
 }
--- a/src/lang/it.rs
+++ b/src/lang/it.rs
@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> =
        ("Prompt", ""),
        ("elevation_prompt", ""),
        ("uac_warning", ""),
+        ("elevated_foreground_window_warning", ""),
    ].iter().cloned().collect();
 }
--- a/src/lang/ja.rs
+++ b/src/lang/ja.rs
@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> =
        ("Prompt", ""),
        ("elevation_prompt", ""),
        ("uac_warning", ""),
+        ("elevated_foreground_window_warning", ""),
    ].iter().cloned().collect();
 }
--- a/src/lang/ko.rs
+++ b/src/lang/ko.rs
@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> =
        ("Prompt", ""),
        ("elevation_prompt", ""),
        ("uac_warning", ""),
+        ("elevated_foreground_window_warning", ""),
    ].iter().cloned().collect();
 }
--- a/src/lang/kz.rs
+++ b/src/lang/kz.rs
@ -362,5 +362,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> =
        ("Prompt", ""),
        ("elevation_prompt", ""),
        ("uac_warning", ""),
+        ("elevated_foreground_window_warning", ""),
    ].iter().cloned().collect();
 }
--- a/src/lang/pl.rs
+++ b/src/lang/pl.rs
@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> =
        ("Prompt", ""),
        ("elevation_prompt", ""),
        ("uac_warning", ""),
+        ("elevated_foreground_window_warning", ""),
    ].iter().cloned().collect();
 }
--- a/src/lang/pt_PT.rs
+++ b/src/lang/pt_PT.rs
@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> =
        ("Prompt", ""),
        ("elevation_prompt", ""),
        ("uac_warning", ""),
+        ("elevated_foreground_window_warning", ""),
    ].iter().cloned().collect();
 }
--- a/src/lang/ptbr.rs
+++ b/src/lang/ptbr.rs
@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> =
        ("Prompt", ""),
        ("elevation_prompt", ""),
        ("uac_warning", ""),
+        ("elevated_foreground_window_warning", ""),
    ].iter().cloned().collect();
 }
--- a/src/lang/ru.rs
+++ b/src/lang/ru.rs
@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> =
        ("Prompt", ""),
        ("elevation_prompt", ""),
        ("uac_warning", ""),
+        ("elevated_foreground_window_warning", ""),
    ].iter().cloned().collect();
 }
--- a/src/lang/sk.rs
+++ b/src/lang/sk.rs
@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> =
        ("Prompt", ""),
        ("elevation_prompt", ""),
        ("uac_warning", ""),
+        ("elevated_foreground_window_warning", ""),
    ].iter().cloned().collect();
 }
--- a/src/lang/template.rs
+++ b/src/lang/template.rs
@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> =
        ("Prompt", ""),
        ("elevation_prompt", ""),
        ("uac_warning", ""),
+        ("elevated_foreground_window_warning", ""),
    ].iter().cloned().collect();
 }
--- a/src/lang/tr.rs
+++ b/src/lang/tr.rs
@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> =
        ("Prompt", ""),
        ("elevation_prompt", ""),
        ("uac_warning", ""),
+        ("elevated_foreground_window_warning", ""),
    ].iter().cloned().collect();
 }
--- a/src/lang/tw.rs
+++ b/src/lang/tw.rs
@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> =
        ("Prompt", "提示"),
        ("elevation_prompt", "以當前用戶權限運行軟件，可能導致遠端在訪問本機時，沒有足夠的權限來操作部分窗口。"),
        ("uac_warning", "暂时无法访问远端设备，因为远端设备正在请求用户账户权限，请等待对方关闭UAC窗口。为避免这个问题，建议在远端设备上安装或者以管理员权限运行本软件。"),
+        ("elevated_foreground_window_warning", "暫時無法使用鼠標鍵盤，因為遠端桌面的當前窗口需要更高的權限才能操作, 可以請求對方最小化當前窗口。為避免這個問題，建議在遠端設備上安裝或者以管理員權限運行本軟件。"),
    ].iter().cloned().collect();
 }
--- a/src/lang/vn.rs
+++ b/src/lang/vn.rs
@ -363,5 +363,6 @@ pub static ref T: std::collections::HashMap<&'static str, &'static str> =
        ("Prompt", ""),
        ("elevation_prompt", ""),
        ("uac_warning", ""),
+        ("elevated_foreground_window_warning", ""),
    ].iter().cloned().collect();
 }
--- a/src/platform/windows.rs
+++ b/src/platform/windows.rs
@ -14,11 +14,21 @@ use std::{
    time::{Duration, Instant},
 };
 use winapi::{
+    ctypes::c_void,
    shared::{minwindef::*, ntdef::NULL, windef::*},
    um::{
-        errhandlingapi::GetLastError, handleapi::CloseHandle, minwinbase::STILL_ACTIVE,
-        processthreadsapi::GetExitCodeProcess, shellapi::ShellExecuteA, winbase::*, wingdi::*,
-        winnt::HANDLE, winuser::*,
+        errhandlingapi::GetLastError,
+        handleapi::CloseHandle,
+        minwinbase::STILL_ACTIVE,
+        processthreadsapi::{GetCurrentProcess, GetExitCodeProcess, OpenProcess, OpenProcessToken},
+        securitybaseapi::GetTokenInformation,
+        shellapi::ShellExecuteA,
+        winbase::*,
+        wingdi::*,
+        winnt::{
+            TokenElevation, HANDLE, PROCESS_QUERY_LIMITED_INFORMATION, TOKEN_ELEVATION, TOKEN_QUERY,
+        },
+        winuser::*,
    },
 };
 use windows_service::{
@ -1463,7 +1473,7 @@ pub fn run_as_system(arg: &str) -> ResultType<()> {
 }

 pub fn run_check_elevation(arg: &str) {
-    if !is_elevated::is_elevated() {
+    if let Ok(false) = is_elevated(None) {
        if let Ok(true) = elevate(arg) {
            std::process::exit(0);
        } else {
@ -1480,3 +1490,57 @@ pub fn run_check_elevation(arg: &str) {
        }
    }
 }
+
+// https://github.com/mgostIH/process_list/blob/master/src/windows/mod.rs
+#[repr(transparent)]
+pub(self) struct RAIIHandle(pub HANDLE);
+
+impl Drop for RAIIHandle {
+    fn drop(&mut self) {
+        // This never gives problem except when running under a debugger.
+        unsafe { CloseHandle(self.0) };
+    }
+}
+
+pub fn is_elevated(process_id: Option<DWORD>) -> ResultType<bool> {
+    unsafe {
+        let handle: HANDLE = match process_id {
+            Some(process_id) => OpenProcess(PROCESS_QUERY_LIMITED_INFORMATION, FALSE, process_id),
+            None => GetCurrentProcess(),
+        };
+        if handle == NULL {
+            bail!("Failed to open process, errno {}", GetLastError())
+        }
+        let _handle = RAIIHandle(handle);
+        let mut token: HANDLE = mem::zeroed();
+        if OpenProcessToken(handle, TOKEN_QUERY, &mut token) == FALSE {
+            bail!("Failed to open process token, errno {}", GetLastError())
+        }
+        let _token = RAIIHandle(token);
+        let mut token_elevation: TOKEN_ELEVATION = mem::zeroed();
+        let mut size: DWORD = 0;
+        if GetTokenInformation(
+            token,
+            TokenElevation,
+            (&mut token_elevation) as *mut _ as *mut c_void,
+            mem::size_of::<TOKEN_ELEVATION>() as _,
+            &mut size,
+        ) == FALSE
+        {
+            bail!("Failed to get token information, errno {}", GetLastError())
+        }
+
+        Ok(token_elevation.TokenIsElevated != 0)
+    }
+}
+
+pub fn is_foreground_window_elevated() -> ResultType<bool> {
+    unsafe {
+        let mut process_id: DWORD = 0;
+        GetWindowThreadProcessId(GetForegroundWindow(), &mut process_id);
+        if process_id == 0 {
+            bail!("Failed to get processId, errno {}", GetLastError())
+        }
+        is_elevated(Some(process_id))
+    }
+}
--- a/src/server/connection.rs
+++ b/src/server/connection.rs
@ -230,7 +230,8 @@ impl Connection {
        #[cfg(not(any(target_os = "android", target_os = "ios")))]
        std::thread::spawn(move || Self::handle_input(rx_input, tx_cloned));
        let mut second_timer = time::interval(Duration::from_secs(1));
-        let mut uac = false;
+        let mut last_uac = false;
+        let mut last_foreground_window_elevated = false;

        loop {
            tokio::select! {
@ -403,16 +404,23 @@ impl Connection {
                    }
                },
                _ = second_timer.tick() => {
-                    let is_uac = crate::video_service::IS_UAC_RUNNING.lock().unwrap().clone();
-                    if uac != is_uac {
-                        if !crate::platform::is_installed() && !crate::platform::is_root() {
-                            uac = is_uac;
-                            let mut misc = Misc::new();
-                            misc.set_uac(uac);
-                            let mut msg = Message::new();
-                            msg.set_misc(misc);
-                            conn.inner.send(msg.into());
-                        }
+                    let uac = crate::video_service::IS_UAC_RUNNING.lock().unwrap().clone();
+                    if last_uac != uac {
+                        last_uac = uac;
+                        let mut misc = Misc::new();
+                        misc.set_uac(uac);
+                        let mut msg = Message::new();
+                        msg.set_misc(misc);
+                        conn.inner.send(msg.into());
+                    }
+                    let foreground_window_elevated = crate::video_service::IS_FOREGROUND_WINDOW_ELEVATED.lock().unwrap().clone();
+                    if last_foreground_window_elevated != foreground_window_elevated {
+                        last_foreground_window_elevated = foreground_window_elevated;
+                        let mut misc = Misc::new();
+                        misc.set_foreground_window_elevated(foreground_window_elevated);
+                        let mut msg = Message::new();
+                        msg.set_misc(misc);
+                        conn.inner.send(msg.into());
                    }
                }
                _ = test_delay_timer.tick() => {
--- a/src/server/video_service.rs
+++ b/src/server/video_service.rs
@ -53,6 +53,7 @@ lazy_static::lazy_static! {
    static ref IS_CAPTURER_MAGNIFIER_SUPPORTED: bool = is_capturer_mag_supported();
    pub static ref VIDEO_QOS: Arc<Mutex<VideoQoS>> = Default::default();
    pub static ref IS_UAC_RUNNING: Arc<Mutex<bool>> = Default::default();
+    pub static ref IS_FOREGROUND_WINDOW_ELEVATED: Arc<Mutex<bool>> = Default::default();
 }

 fn is_capturer_mag_supported() -> bool {
@ -454,7 +455,7 @@ fn run(sp: GenericService) -> ResultType<()> {
    #[cfg(any(target_os = "android", target_os = "ios"))]
    let recorder: Arc<Mutex<Option<Recorder>>> = Default::default();
    #[cfg(windows)]
-    start_uac_check();
+    start_uac_elevation_check();

    while sp.ok() {
        #[cfg(windows)]
@ -838,15 +839,21 @@ fn get_current_display() -> ResultType<(usize, usize, Display)> {
 }

 #[cfg(windows)]
-fn start_uac_check() {
+fn start_uac_elevation_check() {
    static START: Once = Once::new();
    START.call_once(|| {
-        if !crate::platform::is_installed() && !crate::platform::is_root() {
+        if !crate::platform::is_installed()
+            && !crate::platform::is_root()
+            && !crate::platform::is_elevated(None).map_or(false, |b| b)
+        {
            std::thread::spawn(|| loop {
                std::thread::sleep(std::time::Duration::from_secs(1));
                if let Ok(uac) = crate::ui::win_privacy::is_process_consent_running() {
                    *IS_UAC_RUNNING.lock().unwrap() = uac;
                }
+                if let Ok(elevated) = crate::platform::is_foreground_window_elevated() {
+                    *IS_FOREGROUND_WINDOW_ELEVATED.lock().unwrap() = elevated;
+                }
            });
        }
    });