Add [yet untested] code skeleton for secure settings

marticliment · marticliment · commit d94b167e8590 · 2025-06-08T22:36:27.000+02:00
diff --git a/cli-arguments.md b/cli-arguments.md
@@ -12,10 +12,11 @@
 | `--help` | Opens this page | 3.2.0+ |
 | `--import-settings file` | Imports UniGetUI settings from json file _file_. The file must exist. The old settings will be lost* | 3.2.0+ |
 | `--export-settings file` |  Exports UniGetUI settings to json file _file_. The file will be created or overwritten* | 3.2.0+ |
-| `--enable-setting key` | Enables the boolean setting _key_* | 3.2.0+ |
-| `--disable-setting key` |  Disables the boolean setting _key_* | 3.2.0+ |
+| `--[enable\|disable]-setting key` | Enables/disables the boolean setting _key_* | 3.2.0+ |
 | `--set-setting-value key value` | Sets the value _value_ to the non-boolean setting _key_. To clear a non-boolean setting, `--disable-setting` can be used* | 3.2.0+ |
 | `--no-corrupt-dialog` | Will show a verbose error message (the error report) instead of a simplified message dialog | 3.2.1+ |
+| `--[enable\|disable]-secure-setting-for-user username key` | Enables/disables the given secure setting for the given username. Requires administrator rights.  | 3.2.1+ | 
+| `--[enable\|disable]-secure-setting key` | Enables/disables the given secure setting for current user. This will generate a UAC prompt  | 3.2.1+ | 
 
 
 \*After modifying the settings, you must ensure that any running instance of UniGetUI is restarted for the changes to take effect
diff --git a/src/UniGetUI.Core.SecureSettings/SecureSettings.cs b/src/UniGetUI.Core.SecureSettings/SecureSettings.cs
@@ -0,0 +1,90 @@
+using System.Diagnostics;
+using UniGetUI.Core.Data;
+using UniGetUI.Core.Tools;
+
+namespace UniGetUI.Core.SettingsEngine.SecureSettings;
+
+public static class SecureSettings
+{
+    public static class Args
+    {
+        public const string ENABLE_FOR_USER = "--enable-secure-setting-for-user";
+        public const string DISABLE_FOR_USER = "--disable-secure-setting-for-user";
+    }
+
+    public static bool Get(string setting)
+    {
+        string purifiedUser = CoreTools.MakeValidFileName(Environment.UserName);
+        string purifiedSetting = CoreTools.MakeValidFileName(setting);
+
+        var appData = Environment.GetFolderPath(Environment.SpecialFolder.ProgramFiles);
+        var settingsLocation = Path.Join(appData, "UniGetUI\\SecureSettings", purifiedUser);
+        var settingFile = Path.Join(settingsLocation, purifiedSetting);
+
+        if (!Directory.Exists(settingsLocation))
+            return false;
+
+        return File.Exists(settingFile);
+    }
+
+    public static async Task<bool> TrySet(string setting, bool enabled)
+    {
+        string purifiedUser = CoreTools.MakeValidFileName(Environment.UserName);
+        string purifiedSetting = CoreTools.MakeValidFileName(setting);
+
+        using Process p = new Process();
+        p.StartInfo = new()
+        {
+            UseShellExecute = false,
+            CreateNoWindow = true,
+            FileName = CoreData.UniGetUIExecutableFile,
+            ArgumentList =
+            {
+                enabled? Args.ENABLE_FOR_USER: Args.DISABLE_FOR_USER,
+                purifiedUser,
+                purifiedSetting
+            }
+        };
+
+        p.Start();
+        await p.WaitForExitAsync();
+        return p.ExitCode is 0;
+    }
+
+    public static int ApplyForUser(string username, string setting, bool enable)
+    {
+        try
+        {
+            string purifiedUser = CoreTools.MakeValidFileName(username);
+            string purifiedSetting = CoreTools.MakeValidFileName(setting);
+
+            var appData = Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData);
+            var settingsLocation = Path.Join(appData, "UniGetUI\\SecureSettings", purifiedUser);
+            var settingFile = Path.Join(settingsLocation, purifiedSetting);
+
+            if (!Directory.Exists(settingsLocation))
+            {
+                Directory.CreateDirectory(settingsLocation);
+            }
+
+            if (enable)
+            {
+                File.WriteAllText(settingFile, "");
+            }
+            else
+            {
+                if (File.Exists(settingFile))
+                {
+                    File.Delete(settingFile);
+                }
+            }
+
+            return 0;
+        }
+        catch (Exception ex)
+        {
+            Console.WriteLine(ex);
+            return -1;
+        }
+    }
+}
diff --git a/src/UniGetUI.Core.SecureSettings/UniGetUI.Core.SecureSettings.csproj b/src/UniGetUI.Core.SecureSettings/UniGetUI.Core.SecureSettings.csproj
@@ -0,0 +1,10 @@
+<Project Sdk="Microsoft.NET.Sdk">
+    <ItemGroup>
+        <ProjectReference Include="..\UniGetUI.Core.Data\UniGetUI.Core.Tools.csproj" />
+        <ProjectReference Include="..\UniGetUI.Core.Tools\UniGetUI.Core.Tools.csproj" />
+    </ItemGroup>
+
+    <ItemGroup>
+        <Compile Include="..\SharedAssemblyInfo.cs" Link="SharedAssemblyInfo.cs" />
+    </ItemGroup>
+</Project>
diff --git a/src/UniGetUI.sln b/src/UniGetUI.sln
@@ -105,6 +105,8 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Tests", "Tests", "{015B44EE
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "UniGetUI.PackageEngine.Serializable.Tests", "UniGetUI.PackageEngine.Serializable.Tests\UniGetUI.PackageEngine.Serializable.Tests.csproj", "{F1610A61-5444-4C11-9447-13CCA327887E}"
 EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "UniGetUI.Core.SecureSettings", "UniGetUI.Core.SecureSettings\UniGetUI.Core.SecureSettings.csproj", "{B0E59327-933E-4DB0-BD2D-FB16EB9B4194}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|x64 = Debug|x64
@@ -271,6 +273,10 @@ Global
 		{F1610A61-5444-4C11-9447-13CCA327887E}.Debug|x64.Build.0 = Debug|x64
 		{F1610A61-5444-4C11-9447-13CCA327887E}.Release|x64.ActiveCfg = Release|x64
 		{F1610A61-5444-4C11-9447-13CCA327887E}.Release|x64.Build.0 = Release|x64
+		{B0E59327-933E-4DB0-BD2D-FB16EB9B4194}.Debug|x64.ActiveCfg = Debug|x64
+		{B0E59327-933E-4DB0-BD2D-FB16EB9B4194}.Debug|x64.Build.0 = Debug|x64
+		{B0E59327-933E-4DB0-BD2D-FB16EB9B4194}.Release|x64.ActiveCfg = Release|x64
+		{B0E59327-933E-4DB0-BD2D-FB16EB9B4194}.Release|x64.Build.0 = Release|x64
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
@@ -319,6 +325,7 @@ Global
 		{3C8BF564-B4B5-44A7-9D8C-102C2F820EAF} = {8CF74C87-534F-4017-A4ED-F2918025E31A}
 		{015B44EE-32AE-4105-9016-49140743CAF9} = {7940E867-EEBA-4AFD-9904-1536F003239C}
 		{F1610A61-5444-4C11-9447-13CCA327887E} = {015B44EE-32AE-4105-9016-49140743CAF9}
+		{B0E59327-933E-4DB0-BD2D-FB16EB9B4194} = {E05D1183-D360-4AFE-8968-314A34FAD3B2}
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {D044BB14-0B37-47E5-A579-8B30FCBA1F9F}
diff --git a/src/UniGetUI/CLIHandler.cs b/src/UniGetUI/CLIHandler.cs
@@ -1,5 +1,6 @@
 using UniGetUI.Core.Logging;
 using UniGetUI.Core.SettingsEngine;
+using UniGetUI.Core.SettingsEngine.SecureSettings;
 
 namespace UniGetUI;
 
@@ -19,10 +20,16 @@ public static class CLIHandler
     public const string DISABLE_SETTING = "--disable-setting";
     public const string SET_SETTING_VAL = "--set-setting-value";
 
+    public const string ENABLE_SECURE_SETTING = "--enable-secure-setting";
+    public const string DISABLE_SECURE_SETTING = "--disable-secure-setting";
+    public const string ENABLE_SECURE_SETTING_FOR_USER = SecureSettings.Args.ENABLE_FOR_USER;
+    public const string DISABLE_SECURE_SETTING_FOR_USER = SecureSettings.Args.DISABLE_FOR_USER;
+
 
     private enum HRESULT
     {
-        SUCCESS = 0x00000000,
+        SUCCESS = 0,
+        STATUS_FAILED = -1,
         STATUS_INVALID_PARAMETER = -1073741811,
         STATUS_NO_SUCH_FILE = -1073741809,
     }
@@ -48,7 +55,7 @@ public static int ImportSettings()
         if (filePos +1 >= args.Count)
             return (int)HRESULT.STATUS_INVALID_PARAMETER; // The file parameter does not exist (import settings requires "--import-settings file")
 
-        var file = args[filePos + 1].Replace("\"", "").Replace("\'", "");
+        var file = args[filePos + 1].Trim('"').Trim('\'');
         if (!File.Exists(file))
             return (int)HRESULT.STATUS_NO_SUCH_FILE; // The given file does not exist
 
@@ -75,7 +82,7 @@ public static int ExportSettings()
         if (filePos +1 >= args.Count)
             return (int)HRESULT.STATUS_INVALID_PARAMETER; // The file parameter does not exist (export settings requires "--export-settings file")
 
-        var file = args[filePos + 1].Replace("\"", "").Replace("\'", "");
+        var file = args[filePos + 1].Trim('"').Trim('\'');
 
         try
         {
@@ -100,7 +107,7 @@ public static int EnableSetting()
         if (basePos +1 >= args.Count)
             return (int)HRESULT.STATUS_INVALID_PARAMETER; // The file parameter does not exist (export settings requires "--export-settings file")
 
-        var setting = args[basePos + 1].Replace("\"", "").Replace("\'", "");
+        var setting = args[basePos + 1].Trim('"').Trim('\'');
 
         try
         {
@@ -125,7 +132,7 @@ public static int DisableSetting()
         if (basePos +1 >= args.Count)
             return (int)HRESULT.STATUS_INVALID_PARAMETER; // The file parameter does not exist (export settings requires "--export-settings file")
 
-        var setting = args[basePos + 1].Replace("\"", "").Replace("\'", "");
+        var setting = args[basePos + 1].Trim('"').Trim('\'');
 
         try
         {
@@ -150,7 +157,7 @@ public static int SetSettingsValue()
         if (basePos +2 >= args.Count)
             return (int)HRESULT.STATUS_INVALID_PARAMETER; // The file parameter does not exist (export settings requires "--export-settings file")
 
-        var setting = args[basePos + 1].Replace("\"", "").Replace("\'", "");
+        var setting = args[basePos + 1].Trim('"').Trim('\'');
         var value = args[basePos + 2];
 
         try
@@ -230,4 +237,102 @@ public static int UninstallUniGetUI()
         // There is currently no uninstall logic. However, this needs to be maintained, or otherwhise UniGetUI will launch on uninstall
         return 0;
     }
+
+    public static int EnableSecureSetting()
+    {
+        var args = Environment.GetCommandLineArgs().ToList();
+
+        var basePos = args.IndexOf(ENABLE_SECURE_SETTING);
+        if (basePos < 0)
+            return (int)HRESULT.STATUS_INVALID_PARAMETER; // The base paramater was not found
+
+        if (basePos +1 >= args.Count)
+            return (int)HRESULT.STATUS_INVALID_PARAMETER; // The file parameter does not exist (export settings requires "--export-settings file")
+
+        var setting = args[basePos + 1].Trim('"').Trim('\'');
+
+        try
+        {
+            bool success = SecureSettings.TrySet(setting, true).GetAwaiter().GetResult();
+            if (!success) return (int)HRESULT.STATUS_FAILED;
+            else return (int)HRESULT.SUCCESS;
+        }
+        catch (Exception ex)
+        {
+            return ex.HResult;
+        }
+    }
+
+    public static int DisableSecureSetting()
+    {
+        var args = Environment.GetCommandLineArgs().ToList();
+
+        var basePos = args.IndexOf(DISABLE_SECURE_SETTING);
+        if (basePos < 0)
+            return (int)HRESULT.STATUS_INVALID_PARAMETER; // The base paramater was not found
+
+        if (basePos +1 >= args.Count)
+            return (int)HRESULT.STATUS_INVALID_PARAMETER; // The first positional argument does not exist
+
+        var setting = args[basePos + 1].Trim('"').Trim('\'');
+
+        try
+        {
+            bool success = SecureSettings.TrySet(setting, false).GetAwaiter().GetResult();
+            if (!success) return (int)HRESULT.STATUS_FAILED;
+            else return (int)HRESULT.SUCCESS;
+        }
+        catch (Exception ex)
+        {
+            return ex.HResult;
+        }
+    }
+
+    public static int EnableSecureSettingForUser()
+    {
+        var args = Environment.GetCommandLineArgs().ToList();
+
+        var basePos = args.IndexOf(ENABLE_SECURE_SETTING);
+        if (basePos < 0)
+            return (int)HRESULT.STATUS_INVALID_PARAMETER; // The base paramater was not found
+
+        if (basePos +2 >= args.Count)
+            return (int)HRESULT.STATUS_INVALID_PARAMETER; // The required parameters do not exist
+
+        var user = args[basePos + 1].Trim('"').Trim('\'');
+        var setting = args[basePos + 2].Trim('"').Trim('\'');
+
+        try
+        {
+            return SecureSettings.ApplyForUser(user, setting, true);
+        }
+        catch (Exception ex)
+        {
+            return ex.HResult;
+        }
+    }
+
+    public static int DisableSecureSettingForUser()
+    {
+        var args = Environment.GetCommandLineArgs().ToList();
+
+        var basePos = args.IndexOf(ENABLE_SECURE_SETTING);
+        if (basePos < 0)
+            return (int)HRESULT.STATUS_INVALID_PARAMETER; // The base paramater was not found
+
+        if (basePos +2 >= args.Count)
+            return (int)HRESULT.STATUS_INVALID_PARAMETER; // The required parameters do not exist
+
+        var user = args[basePos + 1].Trim('"').Trim('\'');
+        var setting = args[basePos + 2].Trim('"').Trim('\'');
+
+        try
+        {
+            return SecureSettings.ApplyForUser(user, setting, false);
+        }
+        catch (Exception ex)
+        {
+            return ex.HResult;
+        }
+    }
 }
diff --git a/src/UniGetUI/EntryPoint.cs b/src/UniGetUI/EntryPoint.cs
@@ -55,6 +55,26 @@ private static void Main(string[] args)
                     int ret = CLIHandler.SetSettingsValue();
                     Environment.Exit(ret);
                 }
+                else if (args.Contains(CLIHandler.ENABLE_SECURE_SETTING))
+                {
+                    int ret = CLIHandler.EnableSecureSetting();
+                    Environment.Exit(ret);
+                }
+                else if (args.Contains(CLIHandler.DISABLE_SECURE_SETTING))
+                {
+                    int ret = CLIHandler.DisableSecureSetting();
+                    Environment.Exit(ret);
+                }
+                else if (args.Contains(CLIHandler.ENABLE_SECURE_SETTING_FOR_USER))
+                {
+                    int ret = CLIHandler.EnableSecureSettingForUser();
+                    Environment.Exit(ret);
+                }
+                else if (args.Contains(CLIHandler.DISABLE_SECURE_SETTING_FOR_USER))
+                {
+                    int ret = CLIHandler.DisableSecureSettingForUser();
+                    Environment.Exit(ret);
+                }
                 else
                 {
                     CoreData.WasDaemon = CoreData.IsDaemon = args.Contains(CLIHandler.DAEMON);
diff --git a/src/UniGetUI/UniGetUI.csproj b/src/UniGetUI/UniGetUI.csproj
@@ -270,6 +270,7 @@
     <ProjectReference Include="..\UniGetUI.Core.IconStore\UniGetUI.Core.IconEngine.csproj" />
     <ProjectReference Include="..\UniGetUI.Core.LanguageEngine\UniGetUI.Core.LanguageEngine.csproj" />
     <ProjectReference Include="..\UniGetUI.Core.Logger\UniGetUI.Core.Logging.csproj" />
+    <ProjectReference Include="..\UniGetUI.Core.SecureSettings\UniGetUI.Core.SecureSettings.csproj" />
     <ProjectReference Include="..\UniGetUI.Core.Settings\UniGetUI.Core.Settings.csproj" />
     <ProjectReference Include="..\UniGetUI.Core.Tools\UniGetUI.Core.Tools.csproj" />
     <ProjectReference Include="..\UniGetUI.Interface.BackgroundApi\UniGetUI.Interface.BackgroundApi.csproj" />
