1
require 'puppet/util/windows'
3
require 'win32/security'
5
module Puppet::Util::Windows::User
6
include Windows::Security
7
extend Windows::Security
12
majversion = Facter.value(:kernelmajversion)
13
return false unless majversion
15
# if Vista or later, check for unrestricted process token
16
return Win32::Security.elevated_security? unless majversion.to_f < 6.0
18
# otherwise 2003 or less
19
check_token_membership
21
module_function :admin?
23
def check_token_membership
28
unless CreateWellKnownSid(WinBuiltinAdministratorsSid, nil, sid, size)
29
raise Puppet::Util::Windows::Error.new("Failed to create administrators SID")
32
unless IsValidSid(sid)
33
raise Puppet::Util::Windows::Error.new("Invalid SID")
36
unless CheckTokenMembership(nil, sid, member)
37
raise Puppet::Util::Windows::Error.new("Failed to check membership")
40
# Is administrators SID enabled in calling thread's access token?
41
member.unpack('L')[0] == 1
43
module_function :check_token_membership