improve Windows elevated permission detection

cmd/arcdps-log-uploader/main.go

@@ -3,13 +3,12 @@
 package main
 
 import (
-	"os"
-
 	"github.com/lxn/walk"
 	log "github.com/sirupsen/logrus"
 	"github.com/xyaren/arcdps-log-uploader/cmd/arcdps-log-uploader/model"
 	"github.com/xyaren/arcdps-log-uploader/cmd/arcdps-log-uploader/ui"
 	"github.com/xyaren/arcdps-log-uploader/cmd/arcdps-log-uploader/utils"
+	"golang.org/x/sys/windows"
 )
 
 func main() {
@@ -39,6 +38,25 @@ func start() {
 }
 
 func runningWithAdminPrivileges() bool {
-	_, err := os.Open("\\\\.\\PHYSICALDRIVE0")
-	return err == nil
+	var sid *windows.SID
+
+	// Although this looks scary, it is directly copied from the
+	// official windows documentation. The Go API for this is a
+	// direct wrap around the official C++ API.
+	// See https://docs.microsoft.com/en-us/windows/desktop/api/securitybaseapi/nf-securitybaseapi-checktokenmembership
+	err := windows.AllocateAndInitializeSid(
+		&windows.SECURITY_NT_AUTHORITY,
+		2,
+		windows.SECURITY_BUILTIN_DOMAIN_RID,
+		windows.DOMAIN_ALIAS_RID_ADMINS,
+		0, 0, 0, 0, 0, 0,
+		&sid)
+	if err != nil {
+		log.Fatalf("SID Error: %s", err)
+		return false
+	}
+
+	token := windows.Token(0)
+	isAdmin, _ := token.IsMember(sid)
+	return token.IsElevated() || isAdmin
 }

go.mod

@@ -9,6 +9,7 @@ require (
 	github.com/lxn/win v0.0.0-20210218163916-a377121e959e
 	github.com/rhysd/go-github-selfupdate v1.2.3
 	github.com/sirupsen/logrus v1.8.1
+	golang.org/x/sys v0.0.0-20211124211545-fe61309f8881
 	golang.org/x/time v0.0.0-20211116232009-f0f3c7e86c11
 )
 
@@ -23,7 +24,6 @@ require (
 	golang.org/x/crypto v0.0.0-20211117183948-ae814b36b871 // indirect
 	golang.org/x/net v0.0.0-20211123203042-d83791d6bcd9 // indirect
 	golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8 // indirect
-	golang.org/x/sys v0.0.0-20211124211545-fe61309f8881 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
 	google.golang.org/protobuf v1.27.1 // indirect
 	gopkg.in/Knetic/govaluate.v3 v3.0.0 // indirect