macOS How to get current user's status,guest or administrator?

[MayPeng]

I have a app,and I want to display a warning window if the current user hasn't the admin privilege at the beginning of the app start.So I want to get the current user's identity.
How can I get the user's identity in a simple way?

 

[HiRez]

You can use the NSUserName() function which returns an NSString. That would allow you to check if they're "guest", but wouldn't necessarily tell you if they have admin privileges. You could also maybe do something like call the UNIX 'id' function from an NSTask, which would show if the user is a member of group 80 (admin). There might be an easier or better way, I'm not sure, but those are a couple options.

EDIT: On further investigation, it appears there is an Objective-C SFAuthorization class that might do what you want. Check out the obtainWithRight:flags:error: method, which mentions "pre-authorizting", which sounds like it checks if the user has certain privileges.

 

[chown33]

You can use the NSUserName() function which returns an NSString. That would allow you to check if they're "guest", but wouldn't necessarily tell you if they have admin privileges. You could also maybe do something like call the UNIX 'id' function from an NSTask, which would show if the user is a member of group 80 (admin). There might be an easier or better way, I'm not sure, but those are a couple options.

'id' is a command, not a function. A function would be a C function, like getgroups(), which can be called directly rather than being executed through NSTask.


In any case, the OP's basic premise is flawed. Just because the current user ID doesn't have admin privileges doesn't mean the person using the computer doesn't know the admin password. I usually run as a non-admin user, and only authenticate as needed. The program as described would incorrectly warn me that I'm not an admin user. The OP needs to read "Authorization Services Programming Guide":
http://developer.apple.com/library/...roduction.html#//apple_ref/doc/uid/TP30000995

 

[MayPeng]

You can use the NSUserName() function which returns an NSString. That would allow you to check if they're "guest", but wouldn't necessarily tell you if they have admin privileges. You could also maybe do something like call the UNIX 'id' function from an NSTask, which would show if the user is a member of group 80 (admin). There might be an easier or better way, I'm not sure, but those are a couple options.

EDIT: On further investigation, it appears there is an Objective-C SFAuthorization class that might do what you want. Check out the obtainWithRight:flags:error: method, which mentions "pre-authorizting", which sounds like it checks if the user has certain privileges.

Thank you for your message.It is very valuable for me.I still have a problem , if I use NSUserName() to have obtained the user name how can I do next step to check whether they are "guest" or "administrator"?

I am unfamiliar to unix command such as "id",could you please tell me how to show if the user is a member of group 80 (admin) using NSTask.

'id' is a command, not a function. A function would be a C function, like getgroups(), which can be called directly rather than being executed through NSTask.


In any case, the OP's basic premise is flawed. Just because the current user ID doesn't have admin privileges doesn't mean the person using the computer doesn't know the admin password. I usually run as a non-admin user, and only authenticate as needed. The program as described would incorrectly warn me that I'm not an admin user. The OP needs to read "Authorization Services Programming Guide":
http://developer.apple.com/library/...roduction.html#//apple_ref/doc/uid/TP30000995

Yes, using getgroups() function I can obtain group IDs,but how could it resolve my question? Thank you !