diff --git a/kernel/api/router.go b/kernel/api/router.go index c53b672b0..60e943104 100644 --- a/kernel/api/router.go +++ b/kernel/api/router.go @@ -66,6 +66,7 @@ func ServeAPI(ginServer *gin.Engine) { ginServer.Handle("POST", "/api/system/importConf", model.CheckAuth, model.CheckAdminRole, model.CheckReadonly, importConf) ginServer.Handle("POST", "/api/system/getWorkspaceInfo", model.CheckAuth, model.CheckAdminRole, model.CheckReadonly, getWorkspaceInfo) ginServer.Handle("POST", "/api/system/reloadUI", model.CheckAuth, model.CheckAdminRole, model.CheckReadonly, reloadUI) + ginServer.Handle("POST", "/api/system/addMicrosoftDefenderExclusion", model.CheckAuth, model.CheckAdminRole, model.CheckReadonly, addMicrosoftDefenderExclusion) ginServer.Handle("POST", "/api/storage/setLocalStorage", model.CheckAuth, model.CheckAdminRole, model.CheckReadonly, setLocalStorage) ginServer.Handle("POST", "/api/storage/getLocalStorage", model.CheckAuth, getLocalStorage) diff --git a/kernel/api/system.go b/kernel/api/system.go index 7e91170e6..b0b5c4376 100644 --- a/kernel/api/system.go +++ b/kernel/api/system.go @@ -35,6 +35,21 @@ import ( "github.com/siyuan-note/siyuan/kernel/util" ) +func addMicrosoftDefenderExclusion(c *gin.Context) { + ret := gulu.Ret.NewResult() + defer c.JSON(http.StatusOK, ret) + + if !gulu.OS.IsWindows() { + return + } + + err := model.AddMicrosoftDefenderExclusion() + if nil != err { + ret.Code = -1 + ret.Msg = err.Error() + } +} + func reloadUI(c *gin.Context) { ret := gulu.Ret.NewResult() defer c.JSON(http.StatusOK, ret) diff --git a/kernel/job/cron.go b/kernel/job/cron.go index 511933f4f..03c979934 100644 --- a/kernel/job/cron.go +++ b/kernel/job/cron.go @@ -43,6 +43,7 @@ func StartCron() { go every(30*time.Second, model.FlushAssetsTextsJob) go every(30*time.Second, model.HookDesktopUIProcJob) go every(24*time.Hour, model.AutoPurgeRepoJob) + go every(30*time.Minute, model.AutoProcessMicrosoftDefender) } func every(interval time.Duration, f func()) { diff --git a/kernel/model/elevator.go b/kernel/model/elevator.go index b507268b8..054cf8d5e 100644 --- a/kernel/model/elevator.go +++ b/kernel/model/elevator.go @@ -18,6 +18,5 @@ package model -func processMicrosoftDefender() { - return +func AutoProcessMicrosoftDefender() { } diff --git a/kernel/model/elevator_windows.go b/kernel/model/elevator_windows.go index 6209a9482..125bd1de5 100644 --- a/kernel/model/elevator_windows.go +++ b/kernel/model/elevator_windows.go @@ -19,6 +19,8 @@ package model import ( + "errors" + "fmt" "os" "os/exec" "path/filepath" @@ -32,6 +34,59 @@ import ( "golang.org/x/sys/windows" ) +func AddMicrosoftDefenderExclusion() (err error) { + if !gulu.OS.IsWindows() { + return + } + + if !isUsingMicrosoftDefender() { + return + } + + installPath := filepath.Dir(util.WorkingDir) + psArgs := []string{"-Command", "Add-MpPreference", "-ExclusionPath", installPath, ",", util.WorkspaceDir} + if isAdmin() { + cmd := exec.Command("powershell", psArgs...) + gulu.CmdAttr(cmd) + output, cmdErr := cmd.CombinedOutput() + if nil != cmdErr { + logging.LogErrorf("add Windows Defender exclusion path [%s] failed: %s, %s", installPath, cmdErr, string(output)) + err = cmdErr + return + } + } else { + elevator := filepath.Join(util.WorkingDir, "elevator.exe") + if "dev" == util.Mode || !gulu.File.IsExist(elevator) { + elevator = filepath.Join(util.WorkingDir, "elevator", "elevator-"+runtime.GOARCH+".exe") + } + + if !gulu.File.IsExist(elevator) { + msg := fmt.Sprintf("not found elevator [%s]", elevator) + logging.LogWarnf(msg) + err = errors.New(msg) + return + } + + ps := []string{"powershell"} + ps = append(ps, psArgs...) + verbPtr, _ := syscall.UTF16PtrFromString("runas") + exePtr, _ := syscall.UTF16PtrFromString(elevator) + cwdPtr, _ := syscall.UTF16PtrFromString(util.WorkingDir) + argPtr, _ := syscall.UTF16PtrFromString(strings.Join(ps, " ")) + execErr := windows.ShellExecute(0, verbPtr, exePtr, argPtr, cwdPtr, 1) + if execErr != nil { + logging.LogErrorf("add Windows Defender exclusion path [%s] failed: %s", installPath, execErr) + err = execErr + return + } + } + return +} + +func AutoProcessMicrosoftDefender() { + processMicrosoftDefender() +} + func processMicrosoftDefender() { if !gulu.OS.IsWindows() || Conf.System.MicrosoftDefenderExcluded { return @@ -76,7 +131,7 @@ func processMicrosoftDefender() { } // TODO Conf.System.MicrosoftDefenderExcluded = true - Conf.Save() + //Conf.Save() } func isUsingMicrosoftDefender() bool {