I am looking for working (obviously) Delphi 7 code so I can check whether my program is started with administrator rights.
Thanks in advance
[--- IMPORTANT UPDATE ---]
Having reviewed the code in the answers so far, I realise that my question maybe is not so clear, or at least is not complete:
I want to know whether my Delphi 7 program is started with the 'Run as admin' check box set.
In other words: I want to know whether it is possible for my Delphi 7 program to create/update files in the c:\Program Files... folders.
Just checking if you have administrator rights is not enough for this.
The Windows API (used) to have a helper function (IsUserAnAdmin) to tell if you are running with administrative privileges.
OS Account Type UAC IsUserAdmin
============== ============= ============ ===========
Windows XP Standard n/a False
Windows XP Administrator n/a True
Windows Vista Standard Disabled False
Windows Vista Administrator Disabled True
Windows Vista Standard Not Elevated False
Windows Vista Administrator Not Elevated False
Windows Vista Standard Elevated True
Windows Vista Administrator Elevated True
The Shell32 wrapper function is deprecated; which is fine because it was just a wrapper around other code, which you can still call yourself:
function IsUserAdmin: Boolean;
var
b: BOOL;
AdministratorsGroup: PSID;
begin
{
This function returns true if you are currently running with admin privileges.
In Vista and later, if you are non-elevated, this function will return false
(you are not running with administrative privileges).
If you *are* running elevated, then IsUserAdmin will return true, as you are
running with admin privileges.
Windows provides this similar function in Shell32.IsUserAnAdmin.
But the function is deprecated, and this code is lifted
from the docs for CheckTokenMembership:
http://msdn.microsoft.com/en-us/library/aa376389.aspx
}
{
Routine Description: This routine returns TRUE if the callers
process is a member of the Administrators local group. Caller is NOT
expected to be impersonating anyone and is expected to be able to
open its own process and process token.
Arguments: None.
Return Value:
TRUE - Caller has Administrators local group.
FALSE - Caller does not have Administrators local group.
}
b := AllocateAndInitializeSid(
SECURITY_NT_AUTHORITY,
2, //2 sub-authorities
SECURITY_BUILTIN_DOMAIN_RID, //sub-authority 0
DOMAIN_ALIAS_RID_ADMINS, //sub-authority 1
0, 0, 0, 0, 0, 0, //sub-authorities 2-7 not passed
AdministratorsGroup);
if (b) then
begin
if not CheckTokenMembership(0, AdministratorsGroup, b) then
b := False;
FreeSid(AdministratorsGroup);
end;
Result := b;
end;
In other words: This function gives you the answer you want: Can the user update Program Files.
You need to be weary of code that check if you're a member of the Administrator's group. You can be part of the Administrator's group, but not have any administrative privileges. You can also have administrative privileges, but not be part of the Administrator's group.