From 799a309f9de2a15eadb935b2f0cbbaac1bdef6c4 Mon Sep 17 00:00:00 2001 From: Christian Georgi Date: Mon, 12 Aug 2024 13:23:10 +0200 Subject: [PATCH 01/41] `postinstall` script finds existing `cds-types` installation This happens in monorepo setups where `cds-types` is alreday installed. --- CHANGELOG.md | 4 +++- package-lock.json | 4 ++-- package.json | 2 +- scripts/postinstall.js | 13 +++++++++++-- 4 files changed, 17 insertions(+), 6 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index bcb1fd23..3fe8b05d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,7 +4,9 @@ All notable changes to this project will be documented in this file. This project adheres to [Semantic Versioning](http://semver.org/). The format is based on [Keep a Changelog](http://keepachangelog.com/). -## Version 0.7.0 - TBD +## Version 0.6.5 - TBD +### Fixed +- The `@types/sap__cds` link created by the `postinstall` script now also works in monorepo setups where the target `@cap-js/cds-types` might already preinstalled (often hoisted some levels up). ## Version 0.6.4 - 2024-08-05 ### Added diff --git a/package-lock.json b/package-lock.json index 69f38230..77c748f5 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "@cap-js/cds-types", - "version": "0.6.4", + "version": "0.6.5", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "@cap-js/cds-types", - "version": "0.6.4", + "version": "0.6.5", "hasInstallScript": true, "license": "SEE LICENSE IN LICENSE", "dependencies": { diff --git a/package.json b/package.json index 23b914bb..026400ef 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@cap-js/cds-types", - "version": "0.6.4", + "version": "0.6.5", "description": "Type definitions for main packages of CAP, like `@sap/cds`", "repository": "github:cap-js/cds-types", "homepage": "https://cap.cloud.sap/", diff --git a/scripts/postinstall.js b/scripts/postinstall.js index fdca08a3..01af5b7b 100755 --- a/scripts/postinstall.js +++ b/scripts/postinstall.js @@ -3,7 +3,7 @@ /* eslint-disable no-undef */ /* eslint-disable @typescript-eslint/no-require-imports */ const fs = require('node:fs') -const { join, relative, dirname } = require('node:path') +const { join, relative, dirname, resolve } = require('node:path') if (!process.env.INIT_CWD) return // TODO: check if were in a local install @@ -14,7 +14,7 @@ if (!fs.existsSync(typesDir)) fs.mkdirSync(typesDir) // use a relative target, in case the user moves the project const target = join(typesDir, 'sap__cds') -const src = join(nodeModules, '@cap-js/cds-types') +const src = resolvePkg('@cap-js/cds-types') || join(nodeModules, '@cap-js/cds-types') const rel = relative(dirname(target), src) // need dirname or we'd land one level above node_modules (one too many "../") // remove the existing symlink @@ -31,3 +31,12 @@ try { if (e.code !== 'EEXIST') throw e // else: symlink exists (the previous unlink hasn't worked), ignore } + +function resolvePkg(pkg) { + try { + const pjson = require.resolve(join(pkg, 'package.json'), { paths: [process.env.INIT_CWD] }) + return resolve(pjson, '..') + } catch { + return null + } +} From 7e571130368aedcbe2c681019e602aa993d02e3e Mon Sep 17 00:00:00 2001 From: Christian Georgi Date: Mon, 12 Aug 2024 15:34:13 +0200 Subject: [PATCH 02/41] Add test --- scripts/postinstall.js | 6 ++--- test/postinstall.integrationtest.js | 39 +++++++++++++++++++++++++++++ 2 files changed, 42 insertions(+), 3 deletions(-) diff --git a/scripts/postinstall.js b/scripts/postinstall.js index 01af5b7b..3862947b 100755 --- a/scripts/postinstall.js +++ b/scripts/postinstall.js @@ -6,16 +6,16 @@ const fs = require('node:fs') const { join, relative, dirname, resolve } = require('node:path') if (!process.env.INIT_CWD) return -// TODO: check if were in a local install + const nodeModules = join(process.env.INIT_CWD, 'node_modules') -if (!fs.existsSync(nodeModules)) return const typesDir = join(nodeModules, '@types') -if (!fs.existsSync(typesDir)) fs.mkdirSync(typesDir) +if (!fs.existsSync(typesDir)) fs.mkdirSync(typesDir, {recursive: true}) // use a relative target, in case the user moves the project const target = join(typesDir, 'sap__cds') const src = resolvePkg('@cap-js/cds-types') || join(nodeModules, '@cap-js/cds-types') const rel = relative(dirname(target), src) // need dirname or we'd land one level above node_modules (one too many "../") +// console.error(`Creating symlink from ${rel} to ${target}`) // remove the existing symlink try { diff --git a/test/postinstall.integrationtest.js b/test/postinstall.integrationtest.js index e8a4d75c..168c90bb 100644 --- a/test/postinstall.integrationtest.js +++ b/test/postinstall.integrationtest.js @@ -16,6 +16,7 @@ describe('postinstall', () => { beforeEach(async () => { tempFolder = await fs.mkdtemp(path.join(os.tmpdir(), 'postinstall-')) + // console.log(`tempFolder: ${tempFolder}`) }) afterEach(async () => { @@ -47,4 +48,42 @@ describe('postinstall', () => { packageJson = JSON.parse(typesPackageJsonFileContent) expect(packageJson.name).toBe('@cap-js/cds-types') }) + + test('create symlink in monorepo', async () => { + const rootFolder = path.join(tempFolder, 'monorepo') + await fs.mkdir(rootFolder, { recursive: true, force: true }) + await fs.writeFile(path.join(rootFolder, 'package.json'), JSON.stringify({ + name: 'monorepo', workspaces: [ 'packages/**' ] + }, null, 2)) + + // create a first project, add the dependency to cds-types + const project1 = path.join(rootFolder, 'packages/project1') + await fs.mkdir(project1, { recursive: true, force: true }) + await fs.writeFile(path.join(project1, 'package.json'), JSON.stringify({ + name: 'project1' + }, null, 2)) + { + const {stdout, stderr} = await execAsync(`npm i -D ${cdsTypesRoot}`, { cwd: project1 }) + // console.log(stdout, stderr) + } + let packageJson = require(path.join(project1, 'node_modules/@types/sap__cds/package.json')) + expect(packageJson.name).toBe('@cap-js/cds-types') + + // now create a second project with the dependency + const project2 = path.join(rootFolder, 'packages/project2') + await fs.mkdir(project2, { recursive: true, force: true }) + await fs.writeFile(path.join(project2, 'package.json'), JSON.stringify({ + name: 'project2', + devDependencies: { + '@cap-js/cds-types': '*' + } + }, null, 2)) + { + const {stdout, stderr} = await execAsync(`npm i`, { cwd: project2 }) + // console.log(stdout, stderr) + } + packageJson = require(path.join(project2, 'node_modules/@types/sap__cds/package.json')) + expect(packageJson.name).toBe('@cap-js/cds-types') + + }) }) From 44750e58b53deb56bda820c431e858a035713637 Mon Sep 17 00:00:00 2001 From: Christian Georgi Date: Mon, 12 Aug 2024 15:38:02 +0200 Subject: [PATCH 03/41] Troubleshoot --- .github/workflows/integration-test.yml | 1 + package.json | 2 +- scripts/postinstall.js | 2 +- test/postinstall.integrationtest.js | 12 ++++++------ 4 files changed, 9 insertions(+), 8 deletions(-) diff --git a/.github/workflows/integration-test.yml b/.github/workflows/integration-test.yml index 537c2760..69bd8a90 100644 --- a/.github/workflows/integration-test.yml +++ b/.github/workflows/integration-test.yml @@ -37,6 +37,7 @@ jobs: node-version: ${{ matrix.version }} - run: | + npm i -g npm npm ci npm install file:. --no-save --force npm run prerelease:ci-fix diff --git a/package.json b/package.json index 026400ef..d77dd708 100644 --- a/package.json +++ b/package.json @@ -20,7 +20,7 @@ ], "scripts": { "test": "jest --silent", - "test:integration": "jest --silent --testMatch \"**/test/**/*.integrationtest.js\"", + "test:integration": "jest --testMatch \"**/test/**/*.integrationtest.js\"", "test:rollup": "npm run rollup; npm run rollup:on; npm run test; npm run rollup:off", "rollup": "rm -rf dist/ && mkdir -p etc/ && npx -y @microsoft/api-extractor run --local --verbose && .github/rollup-patch.js", "rollup:on": "npm pkg set typings=dist/cds-types.d.ts && [ -d 'apis' ] && mv -- apis -apis || true", diff --git a/scripts/postinstall.js b/scripts/postinstall.js index 3862947b..9f236870 100755 --- a/scripts/postinstall.js +++ b/scripts/postinstall.js @@ -15,7 +15,7 @@ if (!fs.existsSync(typesDir)) fs.mkdirSync(typesDir, {recursive: true}) const target = join(typesDir, 'sap__cds') const src = resolvePkg('@cap-js/cds-types') || join(nodeModules, '@cap-js/cds-types') const rel = relative(dirname(target), src) // need dirname or we'd land one level above node_modules (one too many "../") -// console.error(`Creating symlink from ${rel} to ${target}`) +console.error(`Creating symlink ${target} -> ${rel}`) // remove the existing symlink try { diff --git a/test/postinstall.integrationtest.js b/test/postinstall.integrationtest.js index 168c90bb..4a7b9d8f 100644 --- a/test/postinstall.integrationtest.js +++ b/test/postinstall.integrationtest.js @@ -40,7 +40,7 @@ describe('postinstall', () => { // after renaming the project folder, the symlink must be recreated on windows if (IS_WIN) { - await execAsync('npm i', { cwd: newProjectFolder }) + await execAsync('npm i --foreground-scripts', { cwd: newProjectFolder }) } typesPackageJsonFile = path.join(newProjectFolder, 'node_modules/@types/sap__cds/package.json') @@ -63,8 +63,8 @@ describe('postinstall', () => { name: 'project1' }, null, 2)) { - const {stdout, stderr} = await execAsync(`npm i -D ${cdsTypesRoot}`, { cwd: project1 }) - // console.log(stdout, stderr) + const {stdout, stderr} = await execAsync(`npm i --foreground-scripts -dd -D ${cdsTypesRoot}`, { cwd: project1 }) + console.log(stdout, stderr) } let packageJson = require(path.join(project1, 'node_modules/@types/sap__cds/package.json')) expect(packageJson.name).toBe('@cap-js/cds-types') @@ -75,12 +75,12 @@ describe('postinstall', () => { await fs.writeFile(path.join(project2, 'package.json'), JSON.stringify({ name: 'project2', devDependencies: { - '@cap-js/cds-types': '*' + '@cap-js/cds-types': `file:${cdsTypesRoot}` } }, null, 2)) { - const {stdout, stderr} = await execAsync(`npm i`, { cwd: project2 }) - // console.log(stdout, stderr) + const {stdout, stderr} = await execAsync(`npm i --foreground-scripts -dd`, { cwd: project2 }) + console.log(stdout, stderr) } packageJson = require(path.join(project2, 'node_modules/@types/sap__cds/package.json')) expect(packageJson.name).toBe('@cap-js/cds-types') From 577421ad68136ef49e4df71c82b440c3379d7974 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 07:41:04 +0200 Subject: [PATCH 04/41] add echo homedir --- .github/workflows/integration-test.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/integration-test.yml b/.github/workflows/integration-test.yml index 69bd8a90..9f9aff79 100644 --- a/.github/workflows/integration-test.yml +++ b/.github/workflows/integration-test.yml @@ -49,6 +49,7 @@ jobs: with: run: | echo "whoami:$(whoami)" + echo "homedir: $HOME" npm run test:integration - name: Run integration tests From a56e1bf8fb994f5c861a0c348e6336abc0da802b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 07:50:27 +0200 Subject: [PATCH 05/41] add homedir --- .github/actions/run-as-non-admin/action.yml | 11 ++++++++++- .github/workflows/integration-test.yml | 2 +- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index d67a7e15..a8fe57ed 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -32,7 +32,7 @@ runs: if ($env:OS -ne "Windows") { exit 1 } # make temp folder writable for all users - icacls $env:TEMP /grant "Everyone:(OI)(CI)F" + icacls $env:TEMP /grant "Everyone:(OI)(CI)F /T" $username = "nonadminuser" # random password fulfilling win requirements @@ -42,6 +42,15 @@ runs: Add-LocalGroupMember -Group "Users" -Member $username $credential = New-Object System.Management.Automation.PSCredential ($username, $password) + # Set the home directory for the new user + $newHomeDir = "C:\Users\$username" + $userSID = (Get-LocalUser $username).SID.Value + Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\$userSID" -Name "ProfileImagePath" -Value $newHomeDir + + # Optionally, create the new home directory and set permissions + New-Item -ItemType Directory -Path $newHomeDir + icacls $newHomeDir /grant $username:(OI)(CI)F /T + # remove dev mode so symlink fails if called without junction reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" /f diff --git a/.github/workflows/integration-test.yml b/.github/workflows/integration-test.yml index 9f9aff79..0e5fbd3a 100644 --- a/.github/workflows/integration-test.yml +++ b/.github/workflows/integration-test.yml @@ -49,7 +49,7 @@ jobs: with: run: | echo "whoami:$(whoami)" - echo "homedir: $HOME" + echo "homedir:$HOME" npm run test:integration - name: Run integration tests From 15865169f001ea2430eada5038d41ec550ce2fb1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 07:53:55 +0200 Subject: [PATCH 06/41] fix var call --- .github/actions/run-as-non-admin/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index a8fe57ed..8b27572d 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -49,7 +49,7 @@ runs: # Optionally, create the new home directory and set permissions New-Item -ItemType Directory -Path $newHomeDir - icacls $newHomeDir /grant $username:(OI)(CI)F /T + icacls $newHomeDir /grant ${username}:(OI)(CI)F /T # remove dev mode so symlink fails if called without junction reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" /f From 274d4efb0bed9ae18ec74a2df38f75d955df203d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 07:57:20 +0200 Subject: [PATCH 07/41] fix reg path --- .github/actions/run-as-non-admin/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index 8b27572d..ac16a977 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -45,7 +45,7 @@ runs: # Set the home directory for the new user $newHomeDir = "C:\Users\$username" $userSID = (Get-LocalUser $username).SID.Value - Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\$userSID" -Name "ProfileImagePath" -Value $newHomeDir + Set-ItemProperty -Path "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProfileList\$userSID" -Name "ProfileImagePath" -Value $newHomeDir # Optionally, create the new home directory and set permissions New-Item -ItemType Directory -Path $newHomeDir From 0c135ae3a2d882e69685e1bed2f0aa349eb8c36f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 08:00:37 +0200 Subject: [PATCH 08/41] add user login --- .github/actions/run-as-non-admin/action.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index ac16a977..c6f707ed 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -42,6 +42,9 @@ runs: Add-LocalGroupMember -Group "Users" -Member $username $credential = New-Object System.Management.Automation.PSCredential ($username, $password) + # Log in as the new user to create the profile + Start-Process -FilePath "cmd.exe" -ArgumentList "/c exit" -Credential $credential -Wait + # Set the home directory for the new user $newHomeDir = "C:\Users\$username" $userSID = (Get-LocalUser $username).SID.Value From 2fb05587053e18df8e3c0c060474fb0f0105bf51 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 08:03:12 +0200 Subject: [PATCH 09/41] simpler approach --- .github/actions/run-as-non-admin/action.yml | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index c6f707ed..132d9ae3 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -38,18 +38,12 @@ runs: # random password fulfilling win requirements $password = ConvertTo-SecureString "abcdEFGH123$%" -AsPlainText -Force - New-LocalUser $username -Password $password + $newHomeDir = "C:\Users\$username" + + New-LocalUser $username -Password $password -HomeDirectory $newHomeDir -PasswordNeverExpires:$true Add-LocalGroupMember -Group "Users" -Member $username $credential = New-Object System.Management.Automation.PSCredential ($username, $password) - # Log in as the new user to create the profile - Start-Process -FilePath "cmd.exe" -ArgumentList "/c exit" -Credential $credential -Wait - - # Set the home directory for the new user - $newHomeDir = "C:\Users\$username" - $userSID = (Get-LocalUser $username).SID.Value - Set-ItemProperty -Path "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProfileList\$userSID" -Name "ProfileImagePath" -Value $newHomeDir - # Optionally, create the new home directory and set permissions New-Item -ItemType Directory -Path $newHomeDir icacls $newHomeDir /grant ${username}:(OI)(CI)F /T From aa6c03c41e1d789dbcfc490eabacba46e970906f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 08:06:37 +0200 Subject: [PATCH 10/41] use net user --- .github/actions/run-as-non-admin/action.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index 132d9ae3..959dfade 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -40,7 +40,8 @@ runs: $newHomeDir = "C:\Users\$username" - New-LocalUser $username -Password $password -HomeDirectory $newHomeDir -PasswordNeverExpires:$true + # create non-admin user + New-LocalUser $username -Password $password -PasswordNeverExpires:$true Add-LocalGroupMember -Group "Users" -Member $username $credential = New-Object System.Management.Automation.PSCredential ($username, $password) @@ -48,6 +49,9 @@ runs: New-Item -ItemType Directory -Path $newHomeDir icacls $newHomeDir /grant ${username}:(OI)(CI)F /T + # Set the home directory using net user + net user $username /homedir:$newHomeDir + # remove dev mode so symlink fails if called without junction reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" /f From d5c6ddd2f034f1c5a5c665f7a23c7e5b00a2d1d0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 08:09:09 +0200 Subject: [PATCH 11/41] quote cmd --- .github/actions/run-as-non-admin/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index 959dfade..92b4d880 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -47,7 +47,7 @@ runs: # Optionally, create the new home directory and set permissions New-Item -ItemType Directory -Path $newHomeDir - icacls $newHomeDir /grant ${username}:(OI)(CI)F /T + icacls $newHomeDir /grant "${username}:(OI)(CI)F /T" # Set the home directory using net user net user $username /homedir:$newHomeDir From 76ca8e22c7f93140f09d8d0464163a74ebb78c89 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 08:12:12 +0200 Subject: [PATCH 12/41] correct quoting --- .github/actions/run-as-non-admin/action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index 92b4d880..4c4bc430 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -32,7 +32,7 @@ runs: if ($env:OS -ne "Windows") { exit 1 } # make temp folder writable for all users - icacls $env:TEMP /grant "Everyone:(OI)(CI)F /T" + icacls $env:TEMP /grant "Everyone:(OI)(CI)F" /T $username = "nonadminuser" # random password fulfilling win requirements @@ -47,7 +47,7 @@ runs: # Optionally, create the new home directory and set permissions New-Item -ItemType Directory -Path $newHomeDir - icacls $newHomeDir /grant "${username}:(OI)(CI)F /T" + icacls $newHomeDir /grant "${username}:(OI)(CI)F" /T # Set the home directory using net user net user $username /homedir:$newHomeDir From bdfafa2f9fb40f4ecee7dba27732e519890623f4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 08:21:00 +0200 Subject: [PATCH 13/41] set $HOME --- .github/actions/run-as-non-admin/action.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index 4c4bc430..7b4c6617 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -39,6 +39,7 @@ runs: $password = ConvertTo-SecureString "abcdEFGH123$%" -AsPlainText -Force $newHomeDir = "C:\Users\$username" + $env:HOME = $newHomeDir # create non-admin user New-LocalUser $username -Password $password -PasswordNeverExpires:$true From 656c0d47274859b4b4974118a538d881b6b04e23 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 08:24:11 +0200 Subject: [PATCH 14/41] try global permissions --- .github/actions/run-as-non-admin/action.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index 7b4c6617..7f7d3748 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -32,7 +32,8 @@ runs: if ($env:OS -ne "Windows") { exit 1 } # make temp folder writable for all users - icacls $env:TEMP /grant "Everyone:(OI)(CI)F" /T + # icacls $env:TEMP /grant "Everyone:(OI)(CI)F" /T + icacls "C:\Users" /grant "Everyone:(OI)(CI)F" /T $username = "nonadminuser" # random password fulfilling win requirements From 553d3b18716c142ee4c6ea17506df48c1a5004d7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 08:30:35 +0200 Subject: [PATCH 15/41] use vars --- .github/actions/run-as-non-admin/action.yml | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index 7f7d3748..f9ba395f 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -32,8 +32,8 @@ runs: if ($env:OS -ne "Windows") { exit 1 } # make temp folder writable for all users - # icacls $env:TEMP /grant "Everyone:(OI)(CI)F" /T - icacls "C:\Users" /grant "Everyone:(OI)(CI)F" /T + icacls $env:TEMP /grant "Everyone:(OI)(CI)F" /T + # icacls "C:\Users" /grant "Everyone:(OI)(CI)F" /T $username = "nonadminuser" # random password fulfilling win requirements @@ -57,6 +57,11 @@ runs: # remove dev mode so symlink fails if called without junction reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" /f + # Define environment variables + $envVars = @{ + "HOME" = $newHomeDir + } + # call command using non admin user $process = Start-Process -FilePath "pwsh" ` -ArgumentList "-NoLogo", "-NonInteractive", "-NoProfile", "-Command", $env:RUN ` @@ -66,6 +71,7 @@ runs: -NoNewWindow ` -RedirectStandardOutput "output.txt" ` -RedirectStandardError "error.txt" ` + -EnvironmentVariables $envVars ` Get-Content output.txt Get-Content error.txt From 6f45a54dea4ef8dbb20df394c350b9b05ffeae40 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 08:34:49 +0200 Subject: [PATCH 16/41] next --- .github/actions/run-as-non-admin/action.yml | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index f9ba395f..6817ea8e 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -57,14 +57,15 @@ runs: # remove dev mode so symlink fails if called without junction reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" /f - # Define environment variables - $envVars = @{ - "HOME" = $newHomeDir - } - + # Define the script to run as the non-admin user + $script = @" + \$env:HOME = '$newHomeDir' + \$env:RUN = '$env:RUN' + Invoke-Expression \$env:RUN + "@ # call command using non admin user $process = Start-Process -FilePath "pwsh" ` - -ArgumentList "-NoLogo", "-NonInteractive", "-NoProfile", "-Command", $env:RUN ` + -ArgumentList "-NoLogo", "-NonInteractive", "-NoProfile", "-Command", $script ` -Credential $credential ` -PassThru ` -Wait ` From eb92743f8106f87dd1f0c77bd0a02e8857f38b65 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 08:36:11 +0200 Subject: [PATCH 17/41] remove envvar --- .github/actions/run-as-non-admin/action.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index 6817ea8e..b88b3736 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -72,7 +72,6 @@ runs: -NoNewWindow ` -RedirectStandardOutput "output.txt" ` -RedirectStandardError "error.txt" ` - -EnvironmentVariables $envVars ` Get-Content output.txt Get-Content error.txt From bcc19808a15398e58ae8bc9e32f2f210bb13cbc7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 08:47:59 +0200 Subject: [PATCH 18/41] netx --- .github/actions/run-as-non-admin/action.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index b88b3736..68292aa1 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -51,21 +51,21 @@ runs: New-Item -ItemType Directory -Path $newHomeDir icacls $newHomeDir /grant "${username}:(OI)(CI)F" /T + # Get the SID of the target user + $sid = (Get-WmiObject -Class Win32_UserAccount -Filter "Name='$username'").SID + + # Set the USERPROFILE environment variable for the target user + Set-ItemProperty -Path "HKU:\$sid\Environment" -Name "USERPROFILE" -Value $newHomeDir + # Set the home directory using net user - net user $username /homedir:$newHomeDir + # net user $username /homedir:$newHomeDir # remove dev mode so symlink fails if called without junction reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" /f - # Define the script to run as the non-admin user - $script = @" - \$env:HOME = '$newHomeDir' - \$env:RUN = '$env:RUN' - Invoke-Expression \$env:RUN - "@ # call command using non admin user $process = Start-Process -FilePath "pwsh" ` - -ArgumentList "-NoLogo", "-NonInteractive", "-NoProfile", "-Command", $script ` + -ArgumentList "-NoLogo", "-NonInteractive", "-NoProfile", "-Command", $env:RUN ` -Credential $credential ` -PassThru ` -Wait ` From b1e89d75c6d9139592a8228f3ac7c417d7e50468 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 08:51:05 +0200 Subject: [PATCH 19/41] external script --- .github/actions/run-as-non-admin/action.yml | 52 +-------------------- .github/actions/run-as-non-admin/script.ps1 | 51 ++++++++++++++++++++ .github/workflows/integration-test.yml | 3 +- 3 files changed, 54 insertions(+), 52 deletions(-) create mode 100644 .github/actions/run-as-non-admin/script.ps1 diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index 68292aa1..4cf5f9de 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -26,54 +26,4 @@ runs: OS: ${{ runner.os }} RUN: ${{ inputs.run }} run: | - # create non-admin user and run tests - - # fail if not on windows - if ($env:OS -ne "Windows") { exit 1 } - - # make temp folder writable for all users - icacls $env:TEMP /grant "Everyone:(OI)(CI)F" /T - # icacls "C:\Users" /grant "Everyone:(OI)(CI)F" /T - - $username = "nonadminuser" - # random password fulfilling win requirements - $password = ConvertTo-SecureString "abcdEFGH123$%" -AsPlainText -Force - - $newHomeDir = "C:\Users\$username" - $env:HOME = $newHomeDir - - # create non-admin user - New-LocalUser $username -Password $password -PasswordNeverExpires:$true - Add-LocalGroupMember -Group "Users" -Member $username - $credential = New-Object System.Management.Automation.PSCredential ($username, $password) - - # Optionally, create the new home directory and set permissions - New-Item -ItemType Directory -Path $newHomeDir - icacls $newHomeDir /grant "${username}:(OI)(CI)F" /T - - # Get the SID of the target user - $sid = (Get-WmiObject -Class Win32_UserAccount -Filter "Name='$username'").SID - - # Set the USERPROFILE environment variable for the target user - Set-ItemProperty -Path "HKU:\$sid\Environment" -Name "USERPROFILE" -Value $newHomeDir - - # Set the home directory using net user - # net user $username /homedir:$newHomeDir - - # remove dev mode so symlink fails if called without junction - reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" /f - - # call command using non admin user - $process = Start-Process -FilePath "pwsh" ` - -ArgumentList "-NoLogo", "-NonInteractive", "-NoProfile", "-Command", $env:RUN ` - -Credential $credential ` - -PassThru ` - -Wait ` - -NoNewWindow ` - -RedirectStandardOutput "output.txt" ` - -RedirectStandardError "error.txt" ` - - Get-Content output.txt - Get-Content error.txt - - if ($process.ExitCode -ne 0) { exit $process.ExitCode } + ./script.ps1 diff --git a/.github/actions/run-as-non-admin/script.ps1 b/.github/actions/run-as-non-admin/script.ps1 new file mode 100644 index 00000000..bb146c02 --- /dev/null +++ b/.github/actions/run-as-non-admin/script.ps1 @@ -0,0 +1,51 @@ +# create non-admin user and run tests + +# fail if not on windows +if ($env:OS -ne "Windows") { exit 1 } + +# make temp folder writable for all users +icacls $env:TEMP /grant "Everyone:(OI)(CI)F" /T +# icacls "C:\Users" /grant "Everyone:(OI)(CI)F" /T + +$username = "nonadminuser" +# random password fulfilling win requirements +$password = ConvertTo-SecureString "abcdEFGH123$%" -AsPlainText -Force + +$newHomeDir = "C:\Users\$username" +$env:HOME = $newHomeDir + +# create non-admin user +New-LocalUser $username -Password $password -PasswordNeverExpires:$true +Add-LocalGroupMember -Group "Users" -Member $username +$credential = New-Object System.Management.Automation.PSCredential ($username, $password) + +# Optionally, create the new home directory and set permissions +New-Item -ItemType Directory -Path $newHomeDir +icacls $newHomeDir /grant "${username}:(OI)(CI)F" /T + +# Get the SID of the target user +$sid = (Get-WmiObject -Class Win32_UserAccount -Filter "Name='$username'").SID + +# Set the USERPROFILE environment variable for the target user +Set-ItemProperty -Path "HKU:\$sid\Environment" -Name "USERPROFILE" -Value $newHomeDir + +# Set the home directory using net user +# net user $username /homedir:$newHomeDir + +# remove dev mode so symlink fails if called without junction +reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" /f + +# call command using non admin user +$process = Start-Process -FilePath "pwsh" ` + -ArgumentList "-NoLogo", "-NonInteractive", "-NoProfile", "-Command", $env:RUN ` + -Credential $credential ` + -PassThru ` + -Wait ` + -NoNewWindow ` + -RedirectStandardOutput "output.txt" ` + -RedirectStandardError "error.txt" ` + +Get-Content output.txt +Get-Content error.txt + +if ($process.ExitCode -ne 0) { exit $process.ExitCode } diff --git a/.github/workflows/integration-test.yml b/.github/workflows/integration-test.yml index 0e5fbd3a..f5903764 100644 --- a/.github/workflows/integration-test.yml +++ b/.github/workflows/integration-test.yml @@ -49,7 +49,8 @@ jobs: with: run: | echo "whoami:$(whoami)" - echo "homedir:$HOME" + echo "home:$HOME" + echo "userprofile:$USERPROFILE" npm run test:integration - name: Run integration tests From 1a45ac3b980783b6b457d30b9e6e68afd734b51e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 08:55:32 +0200 Subject: [PATCH 20/41] go --- .github/actions/run-as-non-admin/action.yml | 52 ++++++++++++++++++++- .github/actions/run-as-non-admin/script.ps1 | 51 -------------------- 2 files changed, 51 insertions(+), 52 deletions(-) delete mode 100644 .github/actions/run-as-non-admin/script.ps1 diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index 4cf5f9de..f15f439b 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -26,4 +26,54 @@ runs: OS: ${{ runner.os }} RUN: ${{ inputs.run }} run: | - ./script.ps1 + # create non-admin user and run tests + + # fail if not on windows + if ($env:OS -ne "Windows") { exit 1 } + + # make temp folder writable for all users + icacls $env:TEMP /grant "Everyone:(OI)(CI)F" /T + # icacls "C:\Users" /grant "Everyone:(OI)(CI)F" /T + + $username = "nonadminuser" + # random password fulfilling win requirements + $password = ConvertTo-SecureString "abcdEFGH123$%" -AsPlainText -Force + + $newHomeDir = "C:\Users\$username" + $env:HOME = $newHomeDir + + # create non-admin user + New-LocalUser $username -Password $password -PasswordNeverExpires:$true + Add-LocalGroupMember -Group "Users" -Member $username + $credential = New-Object System.Management.Automation.PSCredential ($username, $password) + + # Optionally, create the new home directory and set permissions + New-Item -ItemType Directory -Path $newHomeDir + icacls $newHomeDir /grant "${username}:(OI)(CI)F" /T + + # Get the SID of the target user + $sid = (Get-WmiObject -Class Win32_UserAccount -Filter "Name='$username'").SID + + # Set the USERPROFILE environment variable for the target user + Set-ItemProperty -Path "HKEY_USERS\$sid\Environment" -Name "USERPROFILE" -Value $newHomeDir + + # Set the home directory using net user + # net user $username /homedir:$newHomeDir + + # remove dev mode so symlink fails if called without junction + reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" /f + + # call command using non admin user + $process = Start-Process -FilePath "pwsh" ` + -ArgumentList "-NoLogo", "-NonInteractive", "-NoProfile", "-Command", $env:RUN ` + -Credential $credential ` + -PassThru ` + -Wait ` + -NoNewWindow ` + -RedirectStandardOutput "output.txt" ` + -RedirectStandardError "error.txt" ` + + Get-Content output.txt + Get-Content error.txt + + if ($process.ExitCode -ne 0) { exit $process.ExitCode } diff --git a/.github/actions/run-as-non-admin/script.ps1 b/.github/actions/run-as-non-admin/script.ps1 deleted file mode 100644 index bb146c02..00000000 --- a/.github/actions/run-as-non-admin/script.ps1 +++ /dev/null @@ -1,51 +0,0 @@ -# create non-admin user and run tests - -# fail if not on windows -if ($env:OS -ne "Windows") { exit 1 } - -# make temp folder writable for all users -icacls $env:TEMP /grant "Everyone:(OI)(CI)F" /T -# icacls "C:\Users" /grant "Everyone:(OI)(CI)F" /T - -$username = "nonadminuser" -# random password fulfilling win requirements -$password = ConvertTo-SecureString "abcdEFGH123$%" -AsPlainText -Force - -$newHomeDir = "C:\Users\$username" -$env:HOME = $newHomeDir - -# create non-admin user -New-LocalUser $username -Password $password -PasswordNeverExpires:$true -Add-LocalGroupMember -Group "Users" -Member $username -$credential = New-Object System.Management.Automation.PSCredential ($username, $password) - -# Optionally, create the new home directory and set permissions -New-Item -ItemType Directory -Path $newHomeDir -icacls $newHomeDir /grant "${username}:(OI)(CI)F" /T - -# Get the SID of the target user -$sid = (Get-WmiObject -Class Win32_UserAccount -Filter "Name='$username'").SID - -# Set the USERPROFILE environment variable for the target user -Set-ItemProperty -Path "HKU:\$sid\Environment" -Name "USERPROFILE" -Value $newHomeDir - -# Set the home directory using net user -# net user $username /homedir:$newHomeDir - -# remove dev mode so symlink fails if called without junction -reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" /f - -# call command using non admin user -$process = Start-Process -FilePath "pwsh" ` - -ArgumentList "-NoLogo", "-NonInteractive", "-NoProfile", "-Command", $env:RUN ` - -Credential $credential ` - -PassThru ` - -Wait ` - -NoNewWindow ` - -RedirectStandardOutput "output.txt" ` - -RedirectStandardError "error.txt" ` - -Get-Content output.txt -Get-Content error.txt - -if ($process.ExitCode -ne 0) { exit $process.ExitCode } From 15ed9a222468aff9be8c66e886ba2a8e0dd59eeb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 08:59:22 +0200 Subject: [PATCH 21/41] use reg --- .github/actions/run-as-non-admin/action.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index f15f439b..55e0a27e 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -55,7 +55,8 @@ runs: $sid = (Get-WmiObject -Class Win32_UserAccount -Filter "Name='$username'").SID # Set the USERPROFILE environment variable for the target user - Set-ItemProperty -Path "HKEY_USERS\$sid\Environment" -Name "USERPROFILE" -Value $newHomeDir + reg add "HKEY_USERS\%sid%\Environment" /v USERPROFILE /t REG_SZ /d %newHomeDir% /f + # Set-ItemProperty -Path "HKEY_USERS\$sid\Environment" -Name "USERPROFILE" -Value $newHomeDir # Set the home directory using net user # net user $username /homedir:$newHomeDir From d9cf97a9413af9769dfe3fea6962da988ea2abf6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 09:05:42 +0200 Subject: [PATCH 22/41] echo sid --- .github/actions/run-as-non-admin/action.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index 55e0a27e..e3f3f658 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -53,6 +53,7 @@ runs: # Get the SID of the target user $sid = (Get-WmiObject -Class Win32_UserAccount -Filter "Name='$username'").SID + echo "SID:$sid" # Set the USERPROFILE environment variable for the target user reg add "HKEY_USERS\%sid%\Environment" /v USERPROFILE /t REG_SZ /d %newHomeDir% /f From b371fda3a70ed5b0ab2b50342cc3fdfc75c4b955 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 09:08:12 +0200 Subject: [PATCH 23/41] next try --- .github/actions/run-as-non-admin/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index e3f3f658..0ef39639 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -56,7 +56,7 @@ runs: echo "SID:$sid" # Set the USERPROFILE environment variable for the target user - reg add "HKEY_USERS\%sid%\Environment" /v USERPROFILE /t REG_SZ /d %newHomeDir% /f + reg add "HKEY_USERS\$sid\Environment" /v USERPROFILE /t REG_SZ /d $newHomeDir /f # Set-ItemProperty -Path "HKEY_USERS\$sid\Environment" -Name "USERPROFILE" -Value $newHomeDir # Set the home directory using net user From 7e767f79acba51c68d5cf203cd04f99c5f8ca92a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 09:10:30 +0200 Subject: [PATCH 24/41] next try --- .github/actions/run-as-non-admin/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index 0ef39639..ddf08b5f 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -56,7 +56,7 @@ runs: echo "SID:$sid" # Set the USERPROFILE environment variable for the target user - reg add "HKEY_USERS\$sid\Environment" /v USERPROFILE /t REG_SZ /d $newHomeDir /f + reg add "HKEY_USERS\$sid\Environment" /v USERPROFILE /t REG_SZ /d "$newHomeDir" /f # Set-ItemProperty -Path "HKEY_USERS\$sid\Environment" -Name "USERPROFILE" -Value $newHomeDir # Set the home directory using net user From 3af7f4869a0b5a4c3022539051f8113836e0f6dc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 09:52:29 +0200 Subject: [PATCH 25/41] try env:run --- .github/actions/run-as-non-admin/action.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index ddf08b5f..b8afa157 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -56,7 +56,7 @@ runs: echo "SID:$sid" # Set the USERPROFILE environment variable for the target user - reg add "HKEY_USERS\$sid\Environment" /v USERPROFILE /t REG_SZ /d "$newHomeDir" /f + # reg add "HKEY_USERS\$sid\Environment" /v USERPROFILE /t REG_SZ /d "$newHomeDir" /f # Set-ItemProperty -Path "HKEY_USERS\$sid\Environment" -Name "USERPROFILE" -Value $newHomeDir # Set the home directory using net user @@ -65,6 +65,8 @@ runs: # remove dev mode so symlink fails if called without junction reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" /f + $env:RUN = "$env:USERPROFILE=$newHomeDir;\n" + $env:RUN + # call command using non admin user $process = Start-Process -FilePath "pwsh" ` -ArgumentList "-NoLogo", "-NonInteractive", "-NoProfile", "-Command", $env:RUN ` From 5806d301383c25a7832049f6bdc6c268072a9cd6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 09:58:11 +0200 Subject: [PATCH 26/41] go --- .github/actions/run-as-non-admin/action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index b8afa157..3954cd14 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -65,11 +65,11 @@ runs: # remove dev mode so symlink fails if called without junction reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" /f - $env:RUN = "$env:USERPROFILE=$newHomeDir;\n" + $env:RUN + $command = "$env:USERPROFILE=$newHomeDir; $env:RUN" # call command using non admin user $process = Start-Process -FilePath "pwsh" ` - -ArgumentList "-NoLogo", "-NonInteractive", "-NoProfile", "-Command", $env:RUN ` + -ArgumentList "-NoLogo", "-NonInteractive", "-NoProfile", "-Command", $command ` -Credential $credential ` -PassThru ` -Wait ` From e4949ec11d396a7d86575f4557a0ab4fdc44530f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 10:00:35 +0200 Subject: [PATCH 27/41] escape dollar --- .github/actions/run-as-non-admin/action.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index 3954cd14..508e096f 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -65,7 +65,8 @@ runs: # remove dev mode so symlink fails if called without junction reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" /f - $command = "$env:USERPROFILE=$newHomeDir; $env:RUN" + $command = "`$env:USERPROFILE=$newHomeDir; $env:RUN" + echo "Command:$command" # call command using non admin user $process = Start-Process -FilePath "pwsh" ` From f6d5f887af4aa34625b6eac57c657cfc001e7fbd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 10:03:38 +0200 Subject: [PATCH 28/41] use \n --- .github/actions/run-as-non-admin/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index 508e096f..690f3773 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -65,7 +65,7 @@ runs: # remove dev mode so symlink fails if called without junction reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" /f - $command = "`$env:USERPROFILE=$newHomeDir; $env:RUN" + $command = "\n`$env:USERPROFILE=$newHomeDir\n$env:RUN" echo "Command:$command" # call command using non admin user From 1afc505fa92cd0bf0f2a5a26e00401cf697ed190 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 10:05:54 +0200 Subject: [PATCH 29/41] use ticks --- .github/actions/run-as-non-admin/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index 690f3773..15d53a6c 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -65,7 +65,7 @@ runs: # remove dev mode so symlink fails if called without junction reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" /f - $command = "\n`$env:USERPROFILE=$newHomeDir\n$env:RUN" + $command = "`n`$env:USERPROFILE=$newHomeDir`n$env:RUN" echo "Command:$command" # call command using non admin user From 47d7c92a67f4118b4114373bac881ae5de5a9b94 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 10:08:32 +0200 Subject: [PATCH 30/41] more quoting --- .github/actions/run-as-non-admin/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index 15d53a6c..079a8e3d 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -65,7 +65,7 @@ runs: # remove dev mode so symlink fails if called without junction reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" /f - $command = "`n`$env:USERPROFILE=$newHomeDir`n$env:RUN" + $command = "`n`$env:USERPROFILE=`"$newHomeDir`"`n$env:RUN" echo "Command:$command" # call command using non admin user From dba0fe9fdaf38ff62a11499cd02d250ec59a92cf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 10:13:11 +0200 Subject: [PATCH 31/41] more quoting --- .github/actions/run-as-non-admin/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index 079a8e3d..28408fa6 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -65,7 +65,7 @@ runs: # remove dev mode so symlink fails if called without junction reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" /f - $command = "`n`$env:USERPROFILE=`"$newHomeDir`"`n$env:RUN" + $command = "`n`$USERPROFILE=`"$newHomeDir`";`n$env:RUN" echo "Command:$command" # call command using non admin user From 465acbfbb91c84abb4135f49dd4900ee2c897e56 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 10:17:32 +0200 Subject: [PATCH 32/41] revert --- .github/actions/run-as-non-admin/action.yml | 31 +++------------------ 1 file changed, 4 insertions(+), 27 deletions(-) diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index 28408fa6..3b70853d 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -31,46 +31,23 @@ runs: # fail if not on windows if ($env:OS -ne "Windows") { exit 1 } - # make temp folder writable for all users - icacls $env:TEMP /grant "Everyone:(OI)(CI)F" /T - # icacls "C:\Users" /grant "Everyone:(OI)(CI)F" /T - $username = "nonadminuser" # random password fulfilling win requirements $password = ConvertTo-SecureString "abcdEFGH123$%" -AsPlainText -Force - $newHomeDir = "C:\Users\$username" - $env:HOME = $newHomeDir + # make temp folder writable for all users + icacls "C:\Users" /grant "${username}:(OI)(CI)F" /T - # create non-admin user - New-LocalUser $username -Password $password -PasswordNeverExpires:$true + New-LocalUser $username -Password $password Add-LocalGroupMember -Group "Users" -Member $username $credential = New-Object System.Management.Automation.PSCredential ($username, $password) - # Optionally, create the new home directory and set permissions - New-Item -ItemType Directory -Path $newHomeDir - icacls $newHomeDir /grant "${username}:(OI)(CI)F" /T - - # Get the SID of the target user - $sid = (Get-WmiObject -Class Win32_UserAccount -Filter "Name='$username'").SID - echo "SID:$sid" - - # Set the USERPROFILE environment variable for the target user - # reg add "HKEY_USERS\$sid\Environment" /v USERPROFILE /t REG_SZ /d "$newHomeDir" /f - # Set-ItemProperty -Path "HKEY_USERS\$sid\Environment" -Name "USERPROFILE" -Value $newHomeDir - - # Set the home directory using net user - # net user $username /homedir:$newHomeDir - # remove dev mode so symlink fails if called without junction reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" /f - $command = "`n`$USERPROFILE=`"$newHomeDir`";`n$env:RUN" - echo "Command:$command" - # call command using non admin user $process = Start-Process -FilePath "pwsh" ` - -ArgumentList "-NoLogo", "-NonInteractive", "-NoProfile", "-Command", $command ` + -ArgumentList "-NoLogo", "-NonInteractive", "-NoProfile", "-Command", $env:RUN ` -Credential $credential ` -PassThru ` -Wait ` From bf3f2d6d971396772b9150895a5583e5d457cfdf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 10:19:31 +0200 Subject: [PATCH 33/41] fix --- .github/actions/run-as-non-admin/action.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index 3b70853d..8346abf7 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -35,13 +35,13 @@ runs: # random password fulfilling win requirements $password = ConvertTo-SecureString "abcdEFGH123$%" -AsPlainText -Force - # make temp folder writable for all users - icacls "C:\Users" /grant "${username}:(OI)(CI)F" /T - New-LocalUser $username -Password $password Add-LocalGroupMember -Group "Users" -Member $username $credential = New-Object System.Management.Automation.PSCredential ($username, $password) + # make temp folder writable for all users + icacls "C:\Users" /grant "${username}:(OI)(CI)F" /T + # remove dev mode so symlink fails if called without junction reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" /f From 11dd2a5d15866cfff2bac4cb6972f2b6abeeee9a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 10:25:07 +0200 Subject: [PATCH 34/41] next --- .github/actions/run-as-non-admin/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index 8346abf7..951b4de0 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -40,7 +40,7 @@ runs: $credential = New-Object System.Management.Automation.PSCredential ($username, $password) # make temp folder writable for all users - icacls "C:\Users" /grant "${username}:(OI)(CI)F" /T + icacls "C:\Users" /grant "Everyone:(OI)(CI)F" # remove dev mode so symlink fails if called without junction reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" /f From 1f7b4495a339224c85557b82e6acd507a92b5434 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 10:27:34 +0200 Subject: [PATCH 35/41] add /T --- .github/actions/run-as-non-admin/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index 951b4de0..97d86a61 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -40,7 +40,7 @@ runs: $credential = New-Object System.Management.Automation.PSCredential ($username, $password) # make temp folder writable for all users - icacls "C:\Users" /grant "Everyone:(OI)(CI)F" + icacls "C:\Users" /grant "Everyone:(OI)(CI)F" /T # remove dev mode so symlink fails if called without junction reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" /f From 1d4fcb772ee40cd0b8dca003044027db7e93a42e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 10:29:50 +0200 Subject: [PATCH 36/41] use home --- .github/actions/run-as-non-admin/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index 97d86a61..f0f6fc29 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -40,7 +40,7 @@ runs: $credential = New-Object System.Management.Automation.PSCredential ($username, $password) # make temp folder writable for all users - icacls "C:\Users" /grant "Everyone:(OI)(CI)F" /T + icacls $env:HOME /grant "Everyone:(OI)(CI)F" /T # remove dev mode so symlink fails if called without junction reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" /f From 146b169d1a39d59fd73ad4879535bc722e8c2c11 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 11:11:33 +0200 Subject: [PATCH 37/41] next --- .github/actions/run-as-non-admin/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index f0f6fc29..97d86a61 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -40,7 +40,7 @@ runs: $credential = New-Object System.Management.Automation.PSCredential ($username, $password) # make temp folder writable for all users - icacls $env:HOME /grant "Everyone:(OI)(CI)F" /T + icacls "C:\Users" /grant "Everyone:(OI)(CI)F" /T # remove dev mode so symlink fails if called without junction reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" /f From c24894155e57868fed56434d1f5b72f2608432e7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 11:14:54 +0200 Subject: [PATCH 38/41] use runneradmin --- .github/actions/run-as-non-admin/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index 97d86a61..c3369230 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -40,7 +40,7 @@ runs: $credential = New-Object System.Management.Automation.PSCredential ($username, $password) # make temp folder writable for all users - icacls "C:\Users" /grant "Everyone:(OI)(CI)F" /T + icacls "C:\Users\runneradmin" /grant "Everyone:(OI)(CI)F" /T # remove dev mode so symlink fails if called without junction reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" /f From 943efe0d8d438b3e26f35ad7407a500b493743fd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Mann?= Date: Tue, 13 Aug 2024 13:34:42 +0200 Subject: [PATCH 39/41] fix windows runner script --- .github/actions/run-as-non-admin/action.yml | 34 +++++++++++++++------ 1 file changed, 24 insertions(+), 10 deletions(-) diff --git a/.github/actions/run-as-non-admin/action.yml b/.github/actions/run-as-non-admin/action.yml index c3369230..20b0d338 100644 --- a/.github/actions/run-as-non-admin/action.yml +++ b/.github/actions/run-as-non-admin/action.yml @@ -32,28 +32,42 @@ runs: if ($env:OS -ne "Windows") { exit 1 } $username = "nonadminuser" - # random password fulfilling win requirements $password = ConvertTo-SecureString "abcdEFGH123$%" -AsPlainText -Force + $newHomeDir = "C:\Users\$username" - New-LocalUser $username -Password $password - Add-LocalGroupMember -Group "Users" -Member $username + New-LocalUser $username -Password $password | Out-Null + Add-LocalGroupMember -Group "Users" -Member $username | Out-Null $credential = New-Object System.Management.Automation.PSCredential ($username, $password) - # make temp folder writable for all users - icacls "C:\Users\runneradmin" /grant "Everyone:(OI)(CI)F" /T - # remove dev mode so symlink fails if called without junction reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" /f - # call command using non admin user + # create temp folder + New-Item -ItemType Directory -Path "$newHomeDir\AppData\Local\Temp" -Force + + # make temp folder writable for nonadmin user + icacls "$newHomeDir" /grant "${username}:(OI)(CI)F" /T + + # using start-process to run command as non admin user requires setting env vars + $envVars = @{ + HOME = $newHomeDir + HOMEPATH = "\Users\$username" + TEMP = "$newHomeDir\AppData\Local\Temp" + TMP = "$newHomeDir\AppData\Local\Temp" + USERNAME = $username + USERPROFILE = $newHomeDir + } + + # call command using non admin user credentials $process = Start-Process -FilePath "pwsh" ` -ArgumentList "-NoLogo", "-NonInteractive", "-NoProfile", "-Command", $env:RUN ` -Credential $credential ` - -PassThru ` - -Wait ` + -Environment $envVars ` -NoNewWindow ` - -RedirectStandardOutput "output.txt" ` + -PassThru ` -RedirectStandardError "error.txt" ` + -RedirectStandardOutput "output.txt" ` + -Wait ` Get-Content output.txt Get-Content error.txt From 4587622747868109e44b9c56c1651ccbb489e5e8 Mon Sep 17 00:00:00 2001 From: Christian Georgi Date: Tue, 13 Aug 2024 14:39:38 +0200 Subject: [PATCH 40/41] Remove logs --- scripts/postinstall.js | 2 +- test/postinstall.integrationtest.js | 10 ++++++---- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/scripts/postinstall.js b/scripts/postinstall.js index 9f236870..89550a11 100755 --- a/scripts/postinstall.js +++ b/scripts/postinstall.js @@ -15,7 +15,7 @@ if (!fs.existsSync(typesDir)) fs.mkdirSync(typesDir, {recursive: true}) const target = join(typesDir, 'sap__cds') const src = resolvePkg('@cap-js/cds-types') || join(nodeModules, '@cap-js/cds-types') const rel = relative(dirname(target), src) // need dirname or we'd land one level above node_modules (one too many "../") -console.error(`Creating symlink ${target} -> ${rel}`) +console.log(`Creating symlink ${target} -> ${rel}`) // remove the existing symlink try { diff --git a/test/postinstall.integrationtest.js b/test/postinstall.integrationtest.js index 4a7b9d8f..c31d38a6 100644 --- a/test/postinstall.integrationtest.js +++ b/test/postinstall.integrationtest.js @@ -63,8 +63,9 @@ describe('postinstall', () => { name: 'project1' }, null, 2)) { - const {stdout, stderr} = await execAsync(`npm i --foreground-scripts -dd -D ${cdsTypesRoot}`, { cwd: project1 }) - console.log(stdout, stderr) + // const {stdout, stderr} = + await execAsync(`npm i --foreground-scripts -dd -D ${cdsTypesRoot}`, { cwd: project1 }) + // console.log(stdout, stderr) } let packageJson = require(path.join(project1, 'node_modules/@types/sap__cds/package.json')) expect(packageJson.name).toBe('@cap-js/cds-types') @@ -79,8 +80,9 @@ describe('postinstall', () => { } }, null, 2)) { - const {stdout, stderr} = await execAsync(`npm i --foreground-scripts -dd`, { cwd: project2 }) - console.log(stdout, stderr) + // const {stdout, stderr} = + await execAsync(`npm i --foreground-scripts -dd`, { cwd: project2 }) + // console.log(stdout, stderr) } packageJson = require(path.join(project2, 'node_modules/@types/sap__cds/package.json')) expect(packageJson.name).toBe('@cap-js/cds-types') From 9be508addec4826b8592f0fbbb63b50e6e4a77fa Mon Sep 17 00:00:00 2001 From: Christian Georgi Date: Tue, 13 Aug 2024 15:18:26 +0200 Subject: [PATCH 41/41] Apply suggestions from code review Co-authored-by: Daniel O'Grady <103028279+daogrady@users.noreply.github.com> --- scripts/postinstall.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/scripts/postinstall.js b/scripts/postinstall.js index 89550a11..2f1a8235 100755 --- a/scripts/postinstall.js +++ b/scripts/postinstall.js @@ -9,11 +9,12 @@ if (!process.env.INIT_CWD) return const nodeModules = join(process.env.INIT_CWD, 'node_modules') const typesDir = join(nodeModules, '@types') +// we may have to create node_modules altogether in case of a mono repo if (!fs.existsSync(typesDir)) fs.mkdirSync(typesDir, {recursive: true}) // use a relative target, in case the user moves the project const target = join(typesDir, 'sap__cds') -const src = resolvePkg('@cap-js/cds-types') || join(nodeModules, '@cap-js/cds-types') +const src = resolvePkg('@cap-js/cds-types') ?? join(nodeModules, '@cap-js/cds-types') const rel = relative(dirname(target), src) // need dirname or we'd land one level above node_modules (one too many "../") console.log(`Creating symlink ${target} -> ${rel}`)