extern/nushell
1
0
Fork 1
mirror of https://github.com/nushell/nushell.git synced 2025-03-29 17:16:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
a9c2349ada
nushell/crates/nu-command/src/experimental/is_admin.rs
Ian Manske c747ec75c9
Add command_prelude module (#12291) 
# Description
When implementing a `Command`, one must also import all the types
present in the function signatures for `Command`. This makes it so that
we often import the same set of types in each command implementation
file. E.g., something like this:
```rust
use nu_protocol::ast::Call;
use nu_protocol::engine::{Command, EngineState, Stack};
use nu_protocol::{
    record, Category, Example, IntoInterruptiblePipelineData, IntoPipelineData, PipelineData,
    ShellError, Signature, Span, Type, Value,
};
```

This PR adds the `nu_engine::command_prelude` module which contains the
necessary and commonly used types to implement a `Command`:
```rust
// command_prelude.rs
pub use crate::CallExt;
pub use nu_protocol::{
    ast::{Call, CellPath},
    engine::{Command, EngineState, Stack},
    record, Category, Example, IntoInterruptiblePipelineData, IntoPipelineData, IntoSpanned,
    PipelineData, Record, ShellError, Signature, Span, Spanned, SyntaxShape, Type, Value,
};
```

This should reduce the boilerplate needed to implement a command and
also gives us a place to track the breadth of the `Command` API. I tried
to be conservative with what went into the prelude modules, since it
might be hard/annoying to remove items from the prelude in the future.
Let me know if something should be included or excluded.
2024-03-26 21:17:30 +00:00

106 lines
3.4 KiB
Rust
Raw Blame History

use nu_engine::command_prelude::*;
#[derive(Clone)]
pub struct IsAdmin;
impl Command for IsAdmin {
fn name(&self) -> &str {
"is-admin"
}
fn usage(&self) -> &str {
"Check if nushell is running with administrator or root privileges."
}
fn signature(&self) -> nu_protocol::Signature {
Signature::build("is-admin")
.category(Category::Core)
.input_output_types(vec![(Type::Nothing, Type::Bool)])
.allow_variants_without_examples(true)
}
fn search_terms(&self) -> Vec<&str> {
vec!["root", "administrator", "superuser", "supervisor"]
}
fn run(
&self,
_engine_state: &EngineState,
_stack: &mut Stack,
call: &Call,
_input: PipelineData,
) -> Result<PipelineData, ShellError> {
Ok(Value::bool(is_root(), call.head).into_pipeline_data())
}
fn examples(&self) -> Vec<Example> {
vec![
Example {
description: "Return 'iamroot' if nushell is running with admin/root privileges, and 'iamnotroot' if not.",
example: r#"if (is-admin) { "iamroot" } else { "iamnotroot" }"#,
result: Some(Value::test_string("iamnotroot")),
},
]
}
}
/// Returns `true` if user is root; `false` otherwise
fn is_root() -> bool {
is_root_impl()
}
#[cfg(unix)]
fn is_root_impl() -> bool {
nix::unistd::Uid::current().is_root()
}
#[cfg(windows)]
fn is_root_impl() -> bool {
use windows::Win32::{
Foundation::{CloseHandle, HANDLE},
Security::{GetTokenInformation, TokenElevation, TOKEN_ELEVATION, TOKEN_QUERY},
System::Threading::{GetCurrentProcess, OpenProcessToken},
};
let mut elevated = false;
// Checks whether the access token associated with the current process has elevated privileges.
// SAFETY: `elevated` only touched by safe code.
// `handle` lives long enough, initialized, mutated, used and closed with validity check.
// `elevation` only read on success and passed with correct `size`.
unsafe {
let mut handle = HANDLE::default();
// Opens the access token associated with the current process.
if OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &mut handle).is_ok() {
let mut elevation = TOKEN_ELEVATION::default();
let mut size = std::mem::size_of::<TOKEN_ELEVATION>() as u32;
// Retrieves elevation token information about the access token associated with the current process.
// Call available since XP
// https://learn.microsoft.com/en-us/windows/win32/api/securitybaseapi/nf-securitybaseapi-gettokeninformation
if GetTokenInformation(
handle,
TokenElevation,
Some(&mut elevation as *mut TOKEN_ELEVATION as *mut _),
size,
&mut size,
)
.is_ok()
{
// Whether the token has elevated privileges.
// Safe to read as `GetTokenInformation` will not write outside `elevation` and it succeeded
// See: https://learn.microsoft.com/en-us/windows/win32/api/securitybaseapi/nf-securitybaseapi-gettokeninformation#parameters
elevated = elevation.TokenIsElevated != 0;
}
}
if !handle.is_invalid() {
// Closes the object handle.
let _ = CloseHandle(handle);
}
}
elevated
}
Reference in New Issue View Git Blame Copy Permalink