寻找Delphi 7代码来检测程序是否以管理员权限启动？

Question

我正在寻找工作(显然)Delphi 7代码,所以我可以检查我的程序是否以管理员权限启动.

提前致谢

[---重要更新---]

到目前为止已经回答了答案中的代码,我意识到我的问题可能不是那么清楚,或者至少是不完整的:

• 我想知道我的Delphi 7程序是否以"运行管理员"复选框设置启动.

• 换句话说:我想知道我的Delphi 7程序是否可以在c:\ Program Files ...文件夹中创建/更新文件.

只是检查你是否拥有管理员权限是不够的.

Answer 1

Windows API(已使用)具有帮助程序功能(IsUserAnAdmin),以告知您是否以管理权限运行.

OS              Account Type   UAC           IsUserAdmin
==============  =============  ============  ===========
Windows XP      Standard       n/a           False
Windows XP      Administrator  n/a           True
Windows Vista   Standard       Disabled      False
Windows Vista   Administrator  Disabled      True
Windows Vista   Standard       Not Elevated  False
Windows Vista   Administrator  Not Elevated  False
Windows Vista   Standard       Elevated      True
Windows Vista   Administrator  Elevated      True

不推荐使用Shell32包装函数; 这很好,因为它只是其他代码的包装,你仍然可以自称:

function IsUserAdmin: Boolean;
var
  b: BOOL;
  AdministratorsGroup: PSID;
begin
  {
    This function returns true if you are currently running with admin privileges.
    In Vista and later, if you are non-elevated, this function will return false 
    (you are not running with administrative privileges).
    If you *are* running elevated, then IsUserAdmin will return true, as you are 
    running with admin privileges.

    Windows provides this similar function in Shell32.IsUserAnAdmin. 
    But the function is deprecated, and this code is lifted
    from the docs for CheckTokenMembership:
      http://msdn.microsoft.com/en-us/library/aa376389.aspx
  }

  {
    Routine Description: This routine returns TRUE if the callers
    process is a member of the Administrators local group. Caller is NOT
    expected to be impersonating anyone and is expected to be able to
    open its own process and process token.
      Arguments: None.
      Return Value:
        TRUE - Caller has Administrators local group.
        FALSE - Caller does not have Administrators local group.
  }
  b := AllocateAndInitializeSid(
      SECURITY_NT_AUTHORITY,
      2, //2 sub-authorities
      SECURITY_BUILTIN_DOMAIN_RID,  //sub-authority 0
      DOMAIN_ALIAS_RID_ADMINS,      //sub-authority 1
      0, 0, 0, 0, 0, 0,             //sub-authorities 2-7 not passed
      AdministratorsGroup);
  if (b) then
  begin
    if not CheckTokenMembership(0, AdministratorsGroup, b) then
      b := False;
    FreeSid(AdministratorsGroup);
  end;

  Result := b;
end;

换句话说:此功能为您提供所需的答案:用户是否可以更新程序文件.

您需要厌倦检查您是否是管理员组成员的代码.您可以成为管理员组的一部分,但不具有任何管理权限.您还可以拥有管理权限,但不能成为管理员组的一部分.

Answer 2

项目JEDI的JEDI代码库在JclSecurity单元中有一个IsAdministrator函数,它会告诉你.它仍然适用于Delphi 7.

Answer 3

program Project1;

{$APPTYPE CONSOLE}

uses
  Windows,
  ShellAPI;

// high-level wrapper, see Ian Boyd's answer for details on this function
function IsUserAnAdmin(): BOOL; external shell32;

begin
  if IsUserAnAdmin() then
    Writeln('TEH R00T OMG')
  else
    Writeln('rtfmnoobkthx');

  Readln;
end.