token-privilege 0.1.1

Safe Rust wrapper around Windows process token privilege and elevation detection APIs
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157

/// Errors that can occur when querying token privileges.
///
/// This enum is `#[non_exhaustive]` to allow adding new error variants in
/// future minor releases without breaking downstream code. Always include
/// a wildcard arm when matching.
///
/// # Examples
///
/// ```rust
/// use token_privilege::TokenPrivilegeError;
///
/// fn handle_error(err: TokenPrivilegeError) {
///     match err {
///         TokenPrivilegeError::UnsupportedPlatform => {
///             eprintln!("This feature requires Windows");
///         }
///         other => eprintln!("Token error: {other}"),
///     }
/// }
/// ```
#[derive(Debug, thiserror::Error)]
#[non_exhaustive]
pub enum TokenPrivilegeError {
    /// Failed to open the process token.
    ///
    /// This typically occurs if the process lacks sufficient permissions
    /// to query its own token (very rare in practice).
    #[error("failed to open process token: {0}")]
    OpenTokenFailed(std::io::Error),

    /// Failed to query token information.
    ///
    /// Returned when `GetTokenInformation` fails after the token
    /// has been successfully opened.
    #[error("failed to query token information: {0}")]
    QueryFailed(std::io::Error),

    /// The specified privilege name is invalid or not recognized.
    ///
    /// The Windows privilege name (e.g., `"SeDebugPrivilege"`) was not
    /// found in the system's privilege database.
    #[error("invalid privilege name: {name}")]
    InvalidPrivilegeName {
        /// The privilege name that was not recognized.
        name: String,
    },

    /// Failed to look up the privilege value for the given name.
    ///
    /// Unlike [`InvalidPrivilegeName`](Self::InvalidPrivilegeName), this
    /// indicates an OS-level failure during the lookup rather than an
    /// unknown privilege name.
    #[error("privilege lookup failed for '{name}'")]
    LookupFailed {
        /// The privilege name that was being looked up.
        name: String,
        /// The underlying OS error.
        source: std::io::Error,
    },

    /// Failed to check privilege status.
    ///
    /// Returned when `PrivilegeCheck` fails after the privilege LUID
    /// has been successfully resolved.
    #[error("privilege check failed: {0}")]
    CheckFailed(std::io::Error),

    /// This functionality is only available on Windows.
    ///
    /// All public functions in this crate return this error on non-Windows
    /// platforms. This allows downstream crates to depend on `token-privilege`
    /// unconditionally and handle the non-Windows case gracefully.
    #[error("token privilege operations are only supported on Windows")]
    UnsupportedPlatform,
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn unsupported_platform_display() {
        let err = TokenPrivilegeError::UnsupportedPlatform;
        let msg = err.to_string();
        assert!(
            msg.contains("only supported on Windows"),
            "unexpected message: {msg}"
        );
    }

    #[test]
    fn open_token_failed_display() {
        let io_err = std::io::Error::new(std::io::ErrorKind::PermissionDenied, "access denied");
        let err = TokenPrivilegeError::OpenTokenFailed(io_err);
        let msg = err.to_string();
        assert!(
            msg.contains("open process token"),
            "unexpected message: {msg}"
        );
    }

    #[test]
    fn invalid_privilege_name_display() {
        let err = TokenPrivilegeError::InvalidPrivilegeName {
            name: "FakePrivilege".to_owned(),
        };
        let msg = err.to_string();
        assert!(msg.contains("FakePrivilege"), "unexpected message: {msg}");
    }

    #[test]
    fn query_failed_display() {
        let io_err = std::io::Error::other("query error");
        let err = TokenPrivilegeError::QueryFailed(io_err);
        let msg = err.to_string();
        assert!(
            msg.contains("query token information"),
            "unexpected message: {msg}"
        );
    }

    #[test]
    fn lookup_failed_display() {
        let io_err = std::io::Error::other("not found");
        let err = TokenPrivilegeError::LookupFailed {
            name: "SeDebugPrivilege".to_owned(),
            source: io_err,
        };
        let msg = err.to_string();
        assert!(
            msg.contains("SeDebugPrivilege"),
            "unexpected message: {msg}"
        );
        // Verify the source error is accessible via Error::source(), not duplicated in display
        assert!(
            !msg.contains("not found"),
            "display should not contain source text to avoid duplication: {msg}"
        );
    }

    #[test]
    fn check_failed_display() {
        let io_err = std::io::Error::other("check error");
        let err = TokenPrivilegeError::CheckFailed(io_err);
        let msg = err.to_string();
        assert!(
            msg.contains("privilege check failed"),
            "unexpected message: {msg}"
        );
    }

    #[test]
    fn error_is_send_and_sync() {
        fn assert_send_sync<T: Send + Sync>() {}
        assert_send_sync::<TokenPrivilegeError>();
    }
}