diff --git a/.gitignore b/.gitignore index 1902cebe8b3..bc40458008b 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,6 @@ # Binaries for programs and plugins *.exe +!app/elevator/elevator-*.exe *.dll *.so *.dylib diff --git a/app/electron-builder-arm64.yml b/app/electron-builder-arm64.yml index 9136b2e13d2..daa8270055c 100644 --- a/app/electron-builder-arm64.yml +++ b/app/electron-builder-arm64.yml @@ -69,4 +69,6 @@ extraResources: filter: "!**/{.DS_Store,custom.css}" - from: "src/assets/fonts" to: "appearance/fonts" - filter: "!**/{.DS_Store}" \ No newline at end of file + filter: "!**/{.DS_Store}" + - from: "elevator/elevator-arm64.exe" + to: "elevator.exe" \ No newline at end of file diff --git a/app/electron-builder.yml b/app/electron-builder.yml index 7ba8628c29b..76e1e3779c3 100644 --- a/app/electron-builder.yml +++ b/app/electron-builder.yml @@ -71,3 +71,5 @@ extraResources: filter: "!**/{.DS_Store}" - from: "pandoc/pandoc-windows-amd64.zip" to: "pandoc.zip" + - from: "elevator/elevator-amd64.exe" + to: "elevator.exe" diff --git a/app/elevator/README b/app/elevator/README new file mode 100644 index 00000000000..8cd81b99d78 --- /dev/null +++ b/app/elevator/README @@ -0,0 +1 @@ +https://github.com/siyuan-note/elevator diff --git a/app/elevator/elevator-amd64.exe b/app/elevator/elevator-amd64.exe new file mode 100644 index 00000000000..53668dd3a19 Binary files /dev/null and b/app/elevator/elevator-amd64.exe differ diff --git a/app/elevator/elevator-arm64.exe b/app/elevator/elevator-arm64.exe new file mode 100644 index 00000000000..0e68afacb38 Binary files /dev/null and b/app/elevator/elevator-arm64.exe differ diff --git a/kernel/conf/system.go b/kernel/conf/system.go index 5293eba249b..52c910688d1 100644 --- a/kernel/conf/system.go +++ b/kernel/conf/system.go @@ -45,6 +45,8 @@ type System struct { LockScreenMode int `json:"lockScreenMode"` // 0:手动,1:手动+跟随系统 https://github.com/siyuan-note/siyuan/issues/9087 DisabledFeatures []string `json:"disabledFeatures"` + + MicrosoftDefenderExcluded bool `json:"microsoftDefenderExcluded"` // 是否已加入 Microsoft Defender 排除项 https://github.com/siyuan-note/siyuan/issues/13650 } func NewSystem() *System { diff --git a/kernel/model/elevator.go b/kernel/model/elevator.go new file mode 100644 index 00000000000..147a0e785be --- /dev/null +++ b/kernel/model/elevator.go @@ -0,0 +1,94 @@ +// SiYuan - Refactor your thinking +// Copyright (c) 2020-present, b3log.org +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . + +package model + +import ( + "github.com/siyuan-note/logging" + "github.com/siyuan-note/siyuan/kernel/util" + "golang.org/x/sys/windows" + "os" + "os/exec" + "path/filepath" + "runtime" + "strings" + "syscall" + + "github.com/88250/gulu" +) + +func processMicrosoftDefender() { + if !gulu.OS.IsWindows() || Conf.System.MicrosoftDefenderExcluded { + return + } + + elevator := filepath.Join(util.WorkingDir, "elevator.exe") + if "dev" == util.Mode || !gulu.File.IsExist(elevator) { + elevator = filepath.Join(util.WorkingDir, "elevator", "elevator-"+runtime.GOARCH+".exe") + } + + if !gulu.File.IsExist(elevator) { + logging.LogWarnf("not found elevator [%s]", elevator) + return + } + + if !isUsingMicrosoftDefender() { + return + } + + installPath := filepath.Dir(util.WorkingDir) + + if isAdmin() { + cmd := exec.Command("powershell", "-Command", "Add-MpPreference", "-ExclusionPath", installPath, ",", util.WorkspaceDir) + gulu.CmdAttr(cmd) + output, err := cmd.CombinedOutput() + if nil != err { + logging.LogErrorf("add Windows Defender exclusion path [%s] failed: %s, %s", installPath, err, string(output)) + return + } + return + } + + cwd, _ := os.Getwd() + args := strings.Join([]string{"powershell", "-Command", "Add-MpPreference", "-ExclusionPath", installPath, ",", util.WorkspaceDir}, " ") + verbPtr, _ := syscall.UTF16PtrFromString("runas") + exePtr, _ := syscall.UTF16PtrFromString(elevator) + cwdPtr, _ := syscall.UTF16PtrFromString(cwd) + argPtr, _ := syscall.UTF16PtrFromString(args) + err := windows.ShellExecute(0, verbPtr, exePtr, argPtr, cwdPtr, 1) + if err != nil { + logging.LogErrorf("add Windows Defender exclusion path [%s] failed: %s", installPath, err) + return + } + + // TODO Conf.System.MicrosoftDefenderExcluded = true + Conf.Save() +} + +func isUsingMicrosoftDefender() bool { + if !gulu.OS.IsWindows() { + return false + } + + cmd := exec.Command("powershell", "-Command", "Get-MpPreference") + gulu.CmdAttr(cmd) + return cmd.Run() == nil +} + +func isAdmin() bool { + _, err := os.Open("\\\\.\\PHYSICALDRIVE0") + return err == nil +}