diff options
Diffstat (limited to 'lib/chef/win32/security.rb')
-rw-r--r-- | lib/chef/win32/security.rb | 40 |
1 files changed, 17 insertions, 23 deletions
diff --git a/lib/chef/win32/security.rb b/lib/chef/win32/security.rb index 63b626b1d7..821d81ef81 100644 --- a/lib/chef/win32/security.rb +++ b/lib/chef/win32/security.rb @@ -643,32 +643,26 @@ class Chef # Checks if the caller has the admin privileges in their # security token def self.has_admin_privileges? - if Chef::Platform.windows_server_2003? - # Admin privileges do not exist on Windows Server 2003 - - true - else - # a regular user doesn't have privileges to call Chef::ReservedNames::Win32::Security.OpenProcessToken - # hence we return false if the open_current_process_token fails with `Access is denied.` error message. - begin - process_token = open_current_process_token(TOKEN_READ) - rescue Exception => run_error - return false if run_error.message =~ /Access is denied/ - Chef::ReservedNames::Win32::Error.raise! - end + # a regular user doesn't have privileges to call Chef::ReservedNames::Win32::Security.OpenProcessToken + # hence we return false if the open_current_process_token fails with `Access is denied.` error message. + begin + process_token = open_current_process_token(TOKEN_READ) + rescue Exception => run_error + return false if run_error.message =~ /Access is denied/ + Chef::ReservedNames::Win32::Error.raise! + end - # display token elevation details - token_elevation_type = get_token_information_elevation_type(process_token) - Chef::Log.debug("Token Elevation Type: #{token_elevation_type}") + # display token elevation details + token_elevation_type = get_token_information_elevation_type(process_token) + Chef::Log.debug("Token Elevation Type: #{token_elevation_type}") - elevation_result = FFI::Buffer.new(:ulong) - elevation_result_size = FFI::MemoryPointer.new(:uint32) - success = GetTokenInformation(process_token.handle.handle, :TokenElevation, elevation_result, 4, elevation_result_size) + elevation_result = FFI::Buffer.new(:ulong) + elevation_result_size = FFI::MemoryPointer.new(:uint32) + success = GetTokenInformation(process_token.handle.handle, :TokenElevation, elevation_result, 4, elevation_result_size) - # Assume process is not elevated if the call fails. - # Process is elevated if the result is different than 0. - success && (elevation_result.read_ulong != 0) - end + # Assume process is not elevated if the call fails. + # Process is elevated if the result is different than 0. + success && (elevation_result.read_ulong != 0) end def self.logon_user(username, domain, password, logon_type, logon_provider) |