bunny-lab/Borealis-Github-Replica
1
0
Fork 0
mirror of https://github.com/bunny-lab-io/Borealis.git synced 2025-09-11 04:58:41 -06:00
Code Issues Packages Projects Releases Wiki Activity

Consolidated UAC Prompts in Agent Deployment

Browse Source
This commit is contained in:
Nicole Rappe
2025-09-05 15:01:54 -06:00
parent 3670b23d2f
commit 7d240325e5
3 changed files with 57 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
Borealis.ps1
View File

@@ -330,8 +330,12 @@ function Ensure-AgentTasks {
) )
$supName = 'Borealis Agent - Supervisor' $supName = 'Borealis Agent - Supervisor'
$py = Join-Path $ScriptRoot 'Agent\Scripts\python.exe' $py = Join-Path $ScriptRoot 'Agent\Scripts\python.exe'
$supScript= Join-Path $ScriptRoot 'Data\Agent\agent_supervisor.py' $supScript = Join-Path $ScriptRoot 'Data\Agent\agent_supervisor.py'
$wdName = 'Borealis Agent - Watchdog' $wdName = 'Borealis Agent - Watchdog'
# Per-user tray helper task (ensure within same elevation to avoid second UAC)
$userTaskName = 'Borealis Agent'
$userExe = Join-Path $ScriptRoot 'Agent\Scripts\pythonw.exe'
$userScript = Join-Path $ScriptRoot 'Agent\Borealis\tray_launcher.py'
# Elevate and run the external registrar script with parameters # Elevate and run the external registrar script with parameters
$regScript = Join-Path $ScriptRoot 'Data\Agent\Scripts\register_agent_tasks.ps1' $regScript = Join-Path $ScriptRoot 'Data\Agent\Scripts\register_agent_tasks.ps1'
@@ -342,10 +346,15 @@ function Ensure-AgentTasks {
# Launch registrar elevated using -EncodedCommand to avoid quoting/binding issues # Launch registrar elevated using -EncodedCommand to avoid quoting/binding issues
$qSupName = $supName -replace "'","''" $qSupName = $supName -replace "'","''"
$qPy = $py -replace "'","''" $qPy = $py -replace "'","''"
$qSupScript= $supScript-replace "'","''" $qSupScript = $supScript -replace "'","''"
$qWdName = $wdName -replace "'","''" $qWdName = $wdName -replace "'","''"
$qWdSource = $wdSource -replace "'","''" $qWdSource = $wdSource -replace "'","''"
$qRegScript= $regScript-replace "'","''" $qRegScript = $regScript -replace "'","''"
$qUserTaskName = $userTaskName -replace "'","''"
$qUserExe = $userExe -replace "'","''"
$qUserScript = $userScript -replace "'","''"
$currentUser = [System.Security.Principal.WindowsIdentity]::GetCurrent().Name
$qUserPrincipal= $currentUser -replace "'","''"
$inline = @" $inline = @"
`$p = @{ `$p = @{
SupName = '$qSupName' SupName = '$qSupName'
@@ -353,6 +362,10 @@ function Ensure-AgentTasks {
SupScript = '$qSupScript' SupScript = '$qSupScript'
WdName = '$qWdName' WdName = '$qWdName'
WdSource = '$qWdSource' WdSource = '$qWdSource'
UserTaskName = '$qUserTaskName'
UserExe = '$qUserExe'
UserScript = '$qUserScript'
UserPrincipal = '$qUserPrincipal'
} }
& '$qRegScript' @p & '$qRegScript' @p
"@ "@
@@ -421,10 +434,6 @@ function InstallOrUpdate-BorealisAgent {
Write-Host "`nConfiguring Borealis Agent (tasks)..." -ForegroundColor Blue Write-Host "`nConfiguring Borealis Agent (tasks)..." -ForegroundColor Blue
Write-Host "====================================================================================" Write-Host "===================================================================================="
Ensure-AgentTasks -ScriptRoot $scriptDir Ensure-AgentTasks -ScriptRoot $scriptDir
# Ensure per-user logon task for helper
$deployScript = Join-Path (Join-Path $scriptDir 'Agent\Borealis') 'agent_deployment.py'
try { & (Join-Path $scriptDir 'Agent\Scripts\python.exe') -W ignore::SyntaxWarning $deployScript task-ensure | Out-Null } catch {}
} }
# ---------------------- Main ---------------------- # ---------------------- Main ----------------------

31
Data/Agent/Scripts/register_agent_tasks.ps1
View File

@@ -3,7 +3,12 @@ param(
[Parameter(Mandatory=$true)] [string]$PythonExe, [Parameter(Mandatory=$true)] [string]$PythonExe,
[Parameter(Mandatory=$true)] [string]$SupScript, [Parameter(Mandatory=$true)] [string]$SupScript,
[Parameter(Mandatory=$true)] [string]$WdName, [Parameter(Mandatory=$true)] [string]$WdName,
[Parameter(Mandatory=$true)] [string]$WdSource [Parameter(Mandatory=$true)] [string]$WdSource,
# Optional per-user logon task (to avoid a second UAC prompt elsewhere)
[string]$UserTaskName = 'Borealis Agent',
[string]$UserExe = $null,
[string]$UserScript = $null,
[string]$UserPrincipal = $null
) )
$ErrorActionPreference = 'Continue' $ErrorActionPreference = 'Continue'
@@ -17,7 +22,7 @@ try {
$supArg = ('-W ignore::SyntaxWarning "{0}"' -f $SupScript) $supArg = ('-W ignore::SyntaxWarning "{0}"' -f $SupScript)
$supAction = New-ScheduledTaskAction -Execute $PythonExe -Argument $supArg $supAction = New-ScheduledTaskAction -Execute $PythonExe -Argument $supArg
$supTrigger = New-ScheduledTaskTrigger -AtStartup $supTrigger = New-ScheduledTaskTrigger -AtStartup
$supSettings = New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries -Hidden -RestartCount 3 -RestartInterval (New-TimeSpan -Minutes 1) $supSettings = New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries -Hidden -RestartCount 3 -RestartInterval (New-TimeSpan -Minutes 1) -ExecutionTimeLimit ([TimeSpan]::Zero)
Register-ScheduledTask -TaskName $SupName -Action $supAction -Trigger $supTrigger -Settings $supSettings -Principal $principal -Force | Out-Null Register-ScheduledTask -TaskName $SupName -Action $supAction -Trigger $supTrigger -Settings $supSettings -Principal $principal -Force | Out-Null
# Watchdog script deployment # Watchdog script deployment
@@ -30,12 +35,32 @@ try {
$wdArg = ('-NoProfile -ExecutionPolicy Bypass -File "{0}" -SupervisorTaskName "{1}"' -f $wdDest, $SupName) $wdArg = ('-NoProfile -ExecutionPolicy Bypass -File "{0}" -SupervisorTaskName "{1}"' -f $wdDest, $SupName)
$wdAction = New-ScheduledTaskAction -Execute 'powershell.exe' -Argument $wdArg $wdAction = New-ScheduledTaskAction -Execute 'powershell.exe' -Argument $wdArg
$wdTrigger = New-ScheduledTaskTrigger -Once -At ([datetime]::Now.AddMinutes(1)) -RepetitionInterval (New-TimeSpan -Minutes 5) -RepetitionDuration (New-TimeSpan -Days 365) $wdTrigger = New-ScheduledTaskTrigger -Once -At ([datetime]::Now.AddMinutes(1)) -RepetitionInterval (New-TimeSpan -Minutes 5) -RepetitionDuration (New-TimeSpan -Days 365)
$wdSettings = New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries -Hidden $wdSettings = New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries -Hidden -ExecutionTimeLimit ([TimeSpan]::Zero)
Register-ScheduledTask -TaskName $WdName -Action $wdAction -Trigger $wdTrigger -Settings $wdSettings -Principal $principal -Force | Out-Null Register-ScheduledTask -TaskName $WdName -Action $wdAction -Trigger $wdTrigger -Settings $wdSettings -Principal $principal -Force | Out-Null
# Ensure supervisor is running # Ensure supervisor is running
Start-ScheduledTask -TaskName $SupName | Out-Null Start-ScheduledTask -TaskName $SupName | Out-Null
# Optionally ensure a per-user logon task for the tray helper without a separate elevation
if ($UserExe -and $UserScript) {
try {
$targetUser = $UserPrincipal
if (-not $targetUser -or $targetUser -eq '') {
$targetUser = [System.Security.Principal.WindowsIdentity]::GetCurrent().Name
}
try { Unregister-ScheduledTask -TaskName $UserTaskName -Confirm:$false -ErrorAction SilentlyContinue } catch {}
$usrArg = ('-W ignore::SyntaxWarning "{0}"' -f $UserScript)
$usrAction = New-ScheduledTaskAction -Execute $UserExe -Argument $usrArg
$usrTrig = New-ScheduledTaskTrigger -AtLogOn
$usrSet = New-ScheduledTaskSettingsSet -Hidden -ExecutionTimeLimit ([TimeSpan]::Zero)
$usrPrin = New-ScheduledTaskPrincipal -UserId $targetUser -LogonType Interactive -RunLevel Limited
Register-ScheduledTask -TaskName $UserTaskName -Action $usrAction -Trigger $usrTrig -Settings $usrSet -Principal $usrPrin -Force | Out-Null
Start-ScheduledTask -TaskName $UserTaskName | Out-Null
} catch {
Write-Warning "Failed to register per-user logon task '$UserTaskName': $_"
}
}
} catch { } catch {
Write-Error $_ Write-Error $_
exit 1 exit 1

2
Data/Agent/agent_deployment.py
View File

@@ -126,7 +126,7 @@ $arg = "-W ignore::SyntaxWarning {paths['agent_script']}"
try {{ Unregister-ScheduledTask -TaskName $task -Confirm:$false -ErrorAction SilentlyContinue }} catch {{}} try {{ Unregister-ScheduledTask -TaskName $task -Confirm:$false -ErrorAction SilentlyContinue }} catch {{}}
$action = New-ScheduledTaskAction -Execute $py -Argument $arg $action = New-ScheduledTaskAction -Execute $py -Argument $arg
$trigger= New-ScheduledTaskTrigger -AtLogOn $trigger= New-ScheduledTaskTrigger -AtLogOn
$settings = New-ScheduledTaskSettingsSet -Hidden $settings = New-ScheduledTaskSettingsSet -Hidden -ExecutionTimeLimit ([TimeSpan]::Zero)
Register-ScheduledTask -TaskName $task -Action $action -Trigger $trigger -Settings $settings -Force | Out-Null Register-ScheduledTask -TaskName $task -Action $action -Trigger $trigger -Settings $settings -Force | Out-Null
Start-ScheduledTask -TaskName $task | Out-Null Start-ScheduledTask -TaskName $task | Out-Null
""" """