preface

Electron is a framework for creating native applications using Web technologies such as JavaScript, HTML, and CSS. It integrates Chromium and Node.js internally.

With the Electron correlation technology, front-end engineers can develop client applications based on Windows, Linux, and Mac operating systems. This capability expands the boundaries of what the front-end can touch and frees up more imagination.

If the client application is limited to the presentation and manipulation of page content, this can be achieved through Web-related technologies. However, since Electron integrates with Node.js, it allows applications to be developed with the ability to invoke operating system-level services.

When the Electron invokes some operating system services, the system permission is limited. For example, programs developed in Linux system need to add sudo before executing shell script commands, and then input the administrator password after running. The script can be executed as scheduled only after the password is verified.

Win10 operating system and MAC system has the same strict control of permissions. In the next part of this article, we will look at how Electron applies for rights lifting while the program is running and the implementation principle behind it.

practice

Applying for higher execution permissions during Electron can be done easily by referring to a JS library on Githup called Sudo-Prompt.

Sudo-prompt has no external dependencies or native module bindings and is a script written entirely in NodeJS.

Sudo-prompt processes and encapsulates permission request methods on different Windows, Linux, and Mac platforms, enabling Electron to support multi-platform rights lifting operations. Next, we will demonstrate how to use sudo-Prompt. For details, visit the warehouse address.

NPM install sudo-prompt –save install dependencies in the project root directory.
The call method is as follows (current latest version 9.2.1, if the version is different, please visit the warehouse address to check).

Create an object, Options, with a custom property name, name(application name). The name can contain only letters, digits, and Spaces and cannot exceed 70 characters.

Exec (‘ command ‘,…) When the.sudo.exec command is executed, a permission application window will pop up. The user enters the callback function after entering the password, and stdout is the output of the command.

const sudo = require('sudo-prompt'); const options = { name: 'Electron' }; sudo.exec('echo hello', options, function(error, stdout, stderr) { if (error) throw error; console.log('stdout: ' + stdout); });Copy the code

The Linux graphical user interface is shown as follows:

The principle of analysis

Sudo-prompt handles permissions differently on different platforms, but explore the implementation principles behind it using Linux and Windows as examples.

Linux

Currently, the Linux operating system has four graphical desktop environments: KDE, Gnome, Xfce, and LXDE. KDE and Gnome both contain a series of standard desktop tools and many powerful application software, and the user experience is gradually similar to Windows.Xfce and LXDE are lightweight desktop environments.

After these desktop environments are installed, there are some built-in commands to enhance application permissions by default. For example, /usr/bin/kdesudo is built-in by default in the KDE graphical interface. The kdesudo command runs in this path, prompting for the administrator password, allowing authorized users to execute programs under other identities.

As in other desktop environments, these built-in commands can be used to smoothly apply for administrator permission to run.

Const paths = [‘/usr/bin/kdesudo’, ‘/usr/bin/pkexec’].

If PKexec is found, the concatenation string looks like this:

 '"/usr/bin/pkexec" --disable-internal-agent "/bin/bash" -c "echo SUDOPROMPT; echo hello"'
Copy the code

If it is kdesudo,, the concatenation string format is as follows:

 '"/usr/bin/pkexec" --comment "Electron wants to make changes.Enter your password to allow this." -d -- /bin/bash -c "echo SUDOPROMPT; echo hello"'
Copy the code

Once the string is concatenated, we can use the node.js child Process process.child.exec to execute the string command above.

If an error message is displayed after the execution, the error message is No Polkit Authentication Agent FOUn. This is probably because polkit-related services are not installed or started in Linux. For example, an installed lightweight desktop XFCE4 (Ubuntu) may lack this module. You can use the following two steps to solve the problem.

The installationpolkit sudo apt-get install policykit-1-gnome
Start the service/usr/lib/policykit-1-gnome/polkit-gnome-authentication-agent-1 &

If everything goes well, the interface will pop up a password input box after the command is executed, and only when the password is verified correctly will the command echo Hello be executed at the end of the above concatenated string, which is the command to be executed after we customize the system permission.

Windows

In Windows, using the traditional CMD window to apply for administrator privileges is tedious, but thanks to PowerShell, everything is very simple.

Windows PowerShell is a command-line shell similar to CMD that can be used by command-line users and script writers. NET Framework’s powerful capabilities do what you want. PowerShell has been built in since Windows 7.

With The help of PowerShell, we can start by encapsulating the commands we want the system to execute into a command-.bat file (code below).

@echo off
chcp 65001>nul
cd /d '/Users/kay/Desktop/demo/project'
echo hello
Copy the code

@echo offWhen the command output is closed, the batch commands being executed and the execution result are not displayed.
chcp 65001Sets the command line window active code page toutf-8format
cdSwitch to the project directory
echo helloIs the command that you ultimately want the system to execute

The above characters can be combined by concatenating strings, and then written to a command. Bat file using node.js fs.writefile.

Once the script file is ready, the following concatenate command strings are available:

powershell.exe Start-Process -FilePath '/Users/kay/Desktop/demo/project/command.bat' -WindowStyle hidden -Verb runAs
Copy the code

Powershell can add the -verb runAs parameter to the application to execute the script in command-.bat.

After the string is concatenated, the node.js child process.child-exec executes the string command to achieve the final result.

conclusion

To sum up, both Windows and Linux systems have built-in programs for raising rights. Once you find out how these programs are called and the meaning of relevant parameters, you can successfully apply for administrator rights for Electron to complete the target operation.

mo4tech.com (Moment For Technology) is a global community with thousands techies from across the global hang out!Passionate technologists, be it gadget freaks, tech enthusiasts, coders, technopreneurs, or CIOs, you would find them all here.

The Electron application applies for administrator rights

preface

practice

The principle of analysis

Linux

Windows

conclusion

The Electron application applies for administrator rights

preface

practice

The principle of analysis

Linux

Windows

conclusion

Related Posts

Talk about some interesting CSS topics (7) — disappearing boundaries

The browser cache is guaranteed to be easy to read

Full moon Mid-Autumn Festival, meteor night sky, do you want to make a wish?