diff --git a/src/Console/Program.cs b/src/Console/Program.cs
index 8996bba1..ab173fb7 100644
--- a/src/Console/Program.cs
+++ b/src/Console/Program.cs
@@ -783,6 +783,15 @@ namespace Bit.Console
}
Con.WriteLine();
+
+ if((start || stop) && !Helpers.IsAdministrator())
+ {
+ Con.ForegroundColor = ConsoleColor.Red;
+ Con.WriteLine("You must be an administrator to control the service.");
+ Con.ResetColor();
+ return Task.FromResult(0);
+ }
+
if(start)
{
Con.WriteLine("Starting service...");
diff --git a/src/Core/Core.csproj b/src/Core/Core.csproj
index 4428a52b..8a8efefb 100644
--- a/src/Core/Core.csproj
+++ b/src/Core/Core.csproj
@@ -90,11 +90,13 @@
+
+
diff --git a/src/Core/Services/SettingsService.cs b/src/Core/Services/SettingsService.cs
index d6f99e53..e7be16eb 100644
--- a/src/Core/Services/SettingsService.cs
+++ b/src/Core/Services/SettingsService.cs
@@ -1,4 +1,5 @@
using Bit.Core.Models;
+using Bit.Core.Utilities;
using Newtonsoft.Json;
using System;
using System.Collections.Generic;
@@ -14,9 +15,6 @@ namespace Bit.Core.Services
{
private static SettingsService _instance;
private static object _locker = new object();
- private static string _baseStoragePath = string.Concat(
- Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData),
- "\\bitwarden\\Directory Connector");
private SettingsModel _settings;
@@ -39,7 +37,7 @@ namespace Bit.Core.Services
{
get
{
- var filePath = $"{_baseStoragePath}\\settings.json";
+ var filePath = $"{Constants.BaseStoragePath}\\settings.json";
if(_settings == null && File.Exists(filePath))
{
var serializer = new JsonSerializer();
@@ -59,13 +57,13 @@ namespace Bit.Core.Services
{
lock(_locker)
{
- if(!Directory.Exists(_baseStoragePath))
+ if(!Directory.Exists(Constants.BaseStoragePath))
{
- Directory.CreateDirectory(_baseStoragePath);
+ Directory.CreateDirectory(Constants.BaseStoragePath);
}
_settings = Settings;
- var filePath = $"{_baseStoragePath}\\settings.json";
+ var filePath = $"{Constants.BaseStoragePath}\\settings.json";
using(var s = new FileStream(filePath, FileMode.Create, FileAccess.Write, FileShare.Read))
using(var sw = new StreamWriter(s, Encoding.UTF8))
{
diff --git a/src/Core/Utilities/Constants.cs b/src/Core/Utilities/Constants.cs
new file mode 100644
index 00000000..24a17134
--- /dev/null
+++ b/src/Core/Utilities/Constants.cs
@@ -0,0 +1,15 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace Bit.Core.Utilities
+{
+ public static class Constants
+ {
+ public static string BaseStoragePath = string.Concat(
+ Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData),
+ "\\bitwarden\\Directory Connector");
+ }
+}
diff --git a/src/Core/Utilities/Helpers.cs b/src/Core/Utilities/Helpers.cs
new file mode 100644
index 00000000..fd63631b
--- /dev/null
+++ b/src/Core/Utilities/Helpers.cs
@@ -0,0 +1,19 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Security.Principal;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace Bit.Core.Utilities
+{
+ public static class Helpers
+ {
+ public static bool IsAdministrator()
+ {
+ var identity = WindowsIdentity.GetCurrent();
+ var principal = new WindowsPrincipal(identity);
+ return principal.IsInRole(WindowsBuiltInRole.Administrator);
+ }
+ }
+}
diff --git a/src/Service/Installer.cs b/src/Service/Installer.cs
index f12c8655..fa3c6360 100644
--- a/src/Service/Installer.cs
+++ b/src/Service/Installer.cs
@@ -7,6 +7,10 @@ using System.Text;
using System.Threading.Tasks;
using System.Configuration.Install;
using System.Diagnostics;
+using System.IO;
+using System.Security.AccessControl;
+using System.Security.Principal;
+using Bit.Core.Utilities;
namespace Service
{
@@ -41,7 +45,32 @@ namespace Service
private void AfterInstalled(object sender, InstallEventArgs e)
{
+ if(!Directory.Exists(Constants.BaseStoragePath))
+ {
+ Directory.CreateDirectory(Constants.BaseStoragePath);
+ }
+ var info = new DirectoryInfo(Constants.BaseStoragePath);
+ var sec = info.GetAccessControl();
+
+ var adminRule = new FileSystemAccessRule(
+ new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null),
+ FileSystemRights.FullControl | FileSystemRights.Write | FileSystemRights.Read,
+ InheritanceFlags.None,
+ PropagationFlags.NoPropagateInherit,
+ AccessControlType.Allow);
+ sec.AddAccessRule(adminRule);
+
+ var userRule = new FileSystemAccessRule(
+ WindowsIdentity.GetCurrent().Name,
+ FileSystemRights.Write | FileSystemRights.Read,
+ InheritanceFlags.None,
+ PropagationFlags.NoPropagateInherit,
+ AccessControlType.Allow);
+ sec.AddAccessRule(userRule);
+
+ sec.SetAccessRuleProtection(isProtected: true, preserveInheritance: false);
+ info.SetAccessControl(sec);
}
private void BeforeInstalled(object sender, InstallEventArgs e)