使用Lazarus/Free Pascal,我如何获得运行我的程序的用户的用户权限(无论他是管理员,普通用户还是访客)?
正如David在评论中所说,您可以使用CheckTokenMembership函数来确定用户帐户的成员资格。
检查在FPC和Delphi上运行的示例。
program Test;
{$IFDEF FPC}
{$mode objfpc}{$H+}
{$ELSE}
{$APPTYPE CONSOLE}
{$ENDIF}
uses
SysUtils,
Windows,
Classes;
Const
SECURITY_NT_AUTHORITY: TSIDIdentifierAuthority = (Value: (0, 0, 0, 0, 0, 5));
SECURITY_BUILTIN_DOMAIN_RID = $00000020;
DOMAIN_ALIAS_RID_ADMINS = $00000220;
DOMAIN_ALIAS_RID_USERS = $00000221;
DOMAIN_ALIAS_RID_GUESTS = $00000222;
DOMAIN_ALIAS_RID_POWER_USERS= $00000223;
function CheckTokenMembership(TokenHandle: THandle; SidToCheck: PSID; var IsMember: BOOL): BOOL; stdcall; external advapi32;
function UserInGroup(Group :DWORD) : Boolean;
var
pIdentifierAuthority :TSIDIdentifierAuthority;
pSid : Windows.PSID;
IsMember : BOOL;
begin
pIdentifierAuthority := SECURITY_NT_AUTHORITY;
Result := AllocateAndInitializeSid(pIdentifierAuthority,2, SECURITY_BUILTIN_DOMAIN_RID, Group, 0, 0, 0, 0, 0, 0, pSid);
try
if Result then
if not CheckTokenMembership(0, pSid, IsMember) then //passing 0 means which the function will be use the token of the calling thread.
Result:= False
else
Result:=IsMember;
finally
FreeSid(pSid);
end;
end;
begin
Writeln(Format('Current user is Admin %s',[BoolToStr(UserInGroup(DOMAIN_ALIAS_RID_ADMINS),True)]));
Writeln(Format('Current user is Guest %s',[BoolToStr(UserInGroup(DOMAIN_ALIAS_RID_GUESTS),True)]));
Writeln(Format('Current user is Power User %s',[BoolToStr(UserInGroup(DOMAIN_ALIAS_RID_POWER_USERS),True)]));
readln;
end.
也可以使用WMI,检查Win32_UserAccount, Win32_GroupUser和Win32_Group类