Act on elevation requirements in majority cases

[JohnMcPMS]

Fixes #1537, #1538

Change

When ElevationRequirement is set to elevationProhibited is set and winget is run elevated, block the installation with an error.

When elevatesSelf or elevationRequired is set and winget is not run elevated, inform the user that an elevation prompt is expected. Also in the case of elevationRequired, use the runas verb on ShellExecute to run the installer elevated. This can be used on installers that will fail if they are not run elevated.

The message is a warning (yellow text) and is the last line below:

Successfully verified installer hash
Starting package install...
The installer will request to run as administrator, expect a prompt.

Validation

Manually validated each of the 3 elevation requirement options, as automated testing of elevation is not possible on the build server.

Microsoft Reviewers: Open in CodeFlow

[github-actions]

@check-spelling-bot Report

Unrecognized words, please review:

• runas

Previously acknowledged words that are now absent

activatable amd Archs dsc enr FWW Globals hackathon lww mytool Packagedx parametermap Uninitialize WDAG whatif wsb

To accept these unrecognized words as correct (and remove the previously acknowledged and now absent words), run the following commands

... in a clone of the [email protected]:JohnMcPMS/winget-cli.git repository
on the elevationReqs branch:

update_files() {
perl -e '
my @expect_files=qw('".github/actions/spelling/expect.txt"');
@ARGV=@expect_files;
my @stale=qw('"$patch_remove"');
my $re=join "|", @stale;
my $suffix=".".time();
my $previous="";
sub maybe_unlink { unlink($_[0]) if $_[0]; }
while (<>) {
if ($ARGV ne $old_argv) { maybe_unlink($previous); $previous="$ARGV$suffix"; rename($ARGV, $previous); open(ARGV_OUT, ">$ARGV"); select(ARGV_OUT); $old_argv = $ARGV; }
next if /^(?:$re)(?:(?:\r|\n)*$| .*)/; print;
}; maybe_unlink($previous);'
perl -e '
my $new_expect_file=".github/actions/spelling/expect.txt";
use File::Path qw(make_path);
use File::Basename qw(dirname);
make_path (dirname($new_expect_file));
open FILE, q{<}, $new_expect_file; chomp(my @words = <FILE>); close FILE;
my @add=qw('"$patch_add"');
my %items; @items{@words} = @words x (1); @items{@add} = @add x (1);
@words = sort {lc($a)."-".$a cmp lc($b)."-".$b} keys %items;
open FILE, q{>}, $new_expect_file; for my $word (@words) { print FILE "$word\n" if $word =~ /\w/; };
close FILE;
system("git", "add", $new_expect_file);
'
}

comment_json=$(mktemp)
curl -L -s -S \
  --header "Content-Type: application/json" \
  "https://api.github.com/repos/microsoft/winget-cli/issues/comments/1110352997" > "$comment_json"
comment_body=$(mktemp)
jq -r .body < "$comment_json" > $comment_body
rm $comment_json

patch_remove=$(perl -ne 'next unless s{^</summary>(.*)</details>$}{$1}; print' < "$comment_body")
  

patch_add=$(perl -e '$/=undef;
$_=<>;
s{<details>.*}{}s;
s{^#.*}{};
s{\n##.*}{};
s{(?:^|\n)\s*\*}{}g;
s{\s+}{ }g;
print' < "$comment_body")
  
update_files
rm $comment_body
git add -u

[yao-msft]

elevated

nit: "as administrator" since this is user facing string?

[yao-msft]

if (installer->ElevationRequirement == ElevationRequirementEnum::ElevationProhibited && Runtime::IsRunningAsAdmin())

I'm sort of mixed. Did you think of moving to installer selection in case there're other applicable installers? Or it's preferred to tell the user to run non-elevated again since this is what we think is the best installer?

[Trenly]

I think it may be best to have it in the installer, especially given that there is a feature request to filter by elevation requirement. However, if there are no applicable installers based solely on the fact that the user is running in an elevated terminal, then it still should say elevation prohibited rather than no applicable installer found

[JohnMcPMS]

I don't think that installer selection is appropriate, we don't even have user intent without #1898. I don't consider "is winget running as admin or not" user intent here, because I want to be able to run my Terminal as user and elevate installers as needed. #1898 should be implemented in installer selection (as well as search) though, because we would have user intent.

[JohnMcPMS]

Side note: I broke VS Code on my machine due to forcing it to install elevated. Be safe out there...

[yao-msft]

nit: alignment

[yao-msft]

[Trenly]

Does this also resolve #152 and #271 ?

[JohnMcPMS]

Does this also resolve #152 and #271 ?

@denelon to say if it resolves #152. #271 is more of a general Windows issue; we can't magically bypass the UAC prompt. I don't know how one could even secure a sudo command in Windows if it doesn't trigger the UAC prompt...

[Trenly]

Does this also resolve #152 and #271 ?

@denelon to say if it resolves #152. #271 is more of a general Windows issue; we can't magically bypass the UAC prompt. I don't know how one could even secure a sudo command in Windows if it doesn't trigger the UAC prompt...

I thought that using runas would suppress the prompt, as suggested in the issue; But, perhaps I read it incorrectly or was mistaken

[Masamune3210]

Nope, not having a way to bypass UAC is very much an intentional part of the design