is_admin: functionalize, fallback, test

Author: scivision

+stdlib/+dotnet/is_admin.m

@@ -0,0 +1,12 @@
+function y = is_admin()
+
+% com.sun.security.auth.module.NTSystem().getGroupIDs();
+% Administrator group SID (S-1-5-32-544) is not an appropriate check .getGroupIDs because it
+% only tells if a user is *allowed* to run as admin, not if they are currently running as admin.
+
+% Use .NET System.Security.Principal to check for admin privileges
+identity = System.Security.Principal.WindowsIdentity.GetCurrent();
+principal = System.Security.Principal.WindowsPrincipal(identity);
+y = principal.IsInRole(System.Security.Principal.WindowsBuiltInRole.Administrator);
+
+end

+stdlib/+java/is_admin.m

@@ -0,0 +1,5 @@
+function y = is_admin()
+
+y = com.sun.security.auth.module.UnixSystem().getUid() == 0;
+
+end

+stdlib/+sys/get_username.m

@@ -10,7 +10,7 @@
 if s == 0
   n = string(strtrim(n));  % Remove any trailing newline or spaces
 else
-  warning("Failed to get username from system command: %s", n);
+  warning("Failed to get username from system %s: %s", cmd, n);
   n = string.empty;
 end
 

+stdlib/+sys/is_admin.m

@@ -0,0 +1,24 @@
+function y = is_admin()
+
+if ispc()
+  cmd = 'pwsh -c "([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)"';
+else
+  cmd = 'id -u';
+end
+
+[s, r] = system(cmd);
+if s ~= 0
+  warning("stdlib:is_admin:RuntimeError", "Failed to execute command '%s': %s", cmd, r);
+  y = false;
+  return;
+end
+
+r = string(strip(r));
+
+if ispc()
+  y = r == "True";
+else
+  y = r == "0";
+end
+
+end

+stdlib/is_admin.m

@@ -5,26 +5,14 @@
 
 if (isunix() || ~isMATLABReleaseOlderThan('R2024a')) && stdlib.has_python()
   y = stdlib.python.is_admin();
+elseif ispc() && stdlib.has_dotnet()
+  y = stdlib.dotnet.is_admin();
+elseif isunix() && stdlib.has_java()
+  y = stdlib.java.is_admin();
 elseif stdlib.isoctave()
   y = getuid() == 0;
-elseif ispc() && stdlib.has_dotnet()
-  % com.sun.security.auth.module.NTSystem().getGroupIDs();
-  % Administrator group SID (S-1-5-32-544) is not an appropriate check .getGroupIDs because it
-  % only tells if a user is *allowed* to run as admin, not if they are currently running as admin.
-
-  % Use .NET System.Security.Principal to check for admin privileges
-  identity = System.Security.Principal.WindowsIdentity.GetCurrent();
-  principal = System.Security.Principal.WindowsPrincipal(identity);
-  y = principal.IsInRole(System.Security.Principal.WindowsBuiltInRole.Administrator);
-elseif isunix()
-  if stdlib.has_java()
-    y = com.sun.security.auth.module.UnixSystem().getUid() == 0;
-  else
-    [s, r] = system('id -u');
-    y = s == 0 && strip(r) == "0";
-  end
 else
-  error("stdlib:is_admin:UnsupportedPlatform", "is_admin() is not supported on this platform")
+  y = stdlib.sys.is_admin();
 end
 
 end

test/TestFileImpure.m

@@ -54,11 +54,6 @@ function test_get_pid(tc)
 end
 
 
-function test_is_admin(tc)
-tc.verifyClass(stdlib.is_admin(), "logical")
-end
-
-
 function test_handle2filename(tc, ph)
 tc.verifyEqual(stdlib.handle2filename(ph{1}), ph{2})
 end

test/TestSys.m

@@ -10,6 +10,7 @@
 cpu_arch_fun = {@stdlib.cpu_arch, @stdlib.dotnet.cpu_arch, @stdlib.java.cpu_arch}
 host_fun = {@stdlib.hostname, @stdlib.dotnet.get_hostname, @stdlib.java.get_hostname, @stdlib.python.get_hostname}
 user_fun = {@stdlib.get_username, @stdlib.dotnet.get_username, @stdlib.java.get_username, @stdlib.python.get_username}
+is_admin_fun = {@stdlib.is_admin, @stdlib.sys.is_admin, @stdlib.dotnet.is_admin, @stdlib.java.is_admin, @stdlib.python.is_admin}
 ram_free_fun = {@stdlib.ram_free, @stdlib.sys.ram_free, @stdlib.java.ram_free, @stdlib.python.ram_free}
 ram_total_fun = {@stdlib.ram_total, @stdlib.sys.ram_total, @stdlib.dotnet.ram_total @stdlib.java.ram_total}
 end
@@ -25,6 +26,12 @@ function test_is_cygwin(tc)
 tc.verifyFalse(stdlib.is_cygwin())
 end
 
+function test_is_admin(tc, is_admin_fun)
+is_capable(tc, is_admin_fun)
+tc.verifyClass(is_admin_fun(), "logical")
+tc.verifyNotEmpty(is_admin_fun())
+end
+
 function test_get_shell(tc)
 tc.assumeFalse(tc.CI, "get_shell is not tested in CI due to platform differences")
 tc.verifyNotEmpty(stdlib.get_shell())

test/is_capable.m

@@ -12,8 +12,8 @@ function is_capable(tc, f)
 
   tc.assumeGreaterThan(dapi, 0)
 
-   if endsWith(n, ["owner"])
-     tc.assumeFalse(isunix(), "Windows only function")
+   if endsWith(n, ["is_admin", "owner"])
+     tc.assumeTrue(ispc(), "Windows only function")
    end
 
   if endsWith(n, ["create_symlink", "ram_total", "read_symlink"])
@@ -30,6 +30,10 @@ function is_capable(tc, f)
     tc.assumeGreaterThanOrEqual(japi, 11)
   end
 
+  if endsWith(n, "is_admin")
+    tc.assumeTrue(isunix())
+  end
+
 elseif contains(n, "python")
 
    tc.assumeTrue(stdlib.has_python())
@@ -40,10 +44,14 @@ function is_capable(tc, f)
      tc.assumeTrue(has_psutil, "need Python psutil package")
    end
 
-   if endsWith(n, ["owner"])
+   if endsWith(n, "owner")
      tc.assumeFalse(ispc(), "unix only function")
    end
 
+   if endsWith(n, "is_admin")
+     tc.assumeTrue(isunix() || ~isMATLABReleaseOlderThan('R2024a'))
+   end
+
 end
 
 end