How to add a password dialog box when i check a program

[fullmetal_ARM]

Hi i want to a make a modification in WPI so when one of our tecnichian checks a program for instalation it prompts for a password.

The reason i want to do this is because i dont want a tecnichian to install software for example( Microsoft Office) without permition.

Can you guys tell me how to implement this.

[fullmetal_ARM]

To the developers, anyone?

[Kelsenellenelvian]

You would need to use an external script like a vbs or auto-it script to make the dialog box.

Their are a couple of super dudes around here that can help you with that so don't give up hope yet.

[geezery]

It would be easy to develop with HTA. Actually I'm going to write one soon on my ImageX HTA script. I'm going to use it on Map Network Drive function, but I think it should be very easy to import to WPI.

[Kelsenellenelvian]

[geezery]

Here is a simple HTA password dialog box. There is no encryption in password, so you have to implement it yourself, or just hide it in the code, like in the example.

<html>
<head>
<title>Authentication</title>
<HTA:APPLICATION 
	 ID="Authentication" 
	 APPLICATIONNAME="Authentication"
	 SCROLL="No"
	 SCROLLFLAT="No"
	 SINGLEINSTANCE="yes"
	 BORDER = No
	 APPLICATION = Yes
	 INNERBORDER = No
	 SHOWINTASKBAR = no
	 SCROLL = No
	 NAVIGABLE = No
	 CAPTION = No
>
<STYLE>
BODY {background:silver;}
</STYLE>
</head>

<script LANGUAGE="VBScript">
'Edit these lines put your own username & password
MyUsername = "Administrator"
MyPassword = "password"

Sub Window_Onload
   strComputer = "."
		Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
		Set colItems = objWMIService.ExecQuery("Select * From Win32_DesktopMonitor")
		For Each objItem in colItems
			intHorizontal = objItem.ScreenWidth
			intVertical = objItem.ScreenHeight
		Next
		intLeft = (intHorizontal - 350) / 2
		intTop = (intVertical - 170) / 2
		Window.ResizeTo 350,170
		window.moveTo intLeft, intTop
End Sub

Sub Authenticate
If PasswordArea.Value = MyPassword And UsernameArea.Value = MyUsername Then
MsgBox("Authentication Successfull")
'If ok Install Office here
Set objShell = CreateObject("WScript.Shell")
'This hides the password window
window.moveTo -2000,-2000

'This is the line you have to edit
objShell.Run("Setup.exe /qb TRANSFORMS=\\server\share\Office\office.mst")
Window.Close
Else
MsgBox("Invalid Username or Password") 
'If Wrong Goto Quit
Window.Close
End If
End Sub
</SCRIPT>

<body>
<table align="center">
<tr><td>Username:</td><td><input type="text" name="UsernameArea" size="30"</tr></td></tr>
<tr><td>Password:</td><td><input type="password" name="PasswordArea" size="30"></td></td>
<tr><td><input type="button" value="Proceed" TABINDEX="1" onClick="Authenticate()"</td><td></td></tr>
</table>

</body>
</html>

Edited September 3, 2007 by geezery

[lawrenca]

Best bet would be to limit access via NTFS permissions. Applying permissions on the front-end (WPI) doesn't necessarily keep the user from "exploring" and running the application from your CD/DVD/Network Share. You could also create a self-extracting .exe out of the application and password protect it which would take care of launching from file instead of WPI. But if you are sure this is what you would like to pursue, I would highly recommend formally adding it to the wishlist...

For WPI 6.2, in \WPIScripts folder, open check.js and browse to: function setChecked(i) down to line 115 and write an intercept for checking the checkboxes.

Change:

chkbox.checked=true;

to:

chkbox.checked = checkPassword(i);

This will require us to create a new function checkPassword. I'd place it at the top of the file for convenience.

var pword="";  //move inside of checkPassword(i) if you want don't want the password stored globally (i.e. The user has to input the same password for every application they select even if it's the same password).
function checkPassword(i)
{
	position="check.js";
	whatfunc="checkPassword()";

	try	
	{
		if (gcond[i].toString().match("password") == null || gcond[i].toString() == "")   //gcond does not contain a password
			return true;

		var mySplitResult = gcond[i].toString().split("password");
		var pass = mySplitResult[1].split('"');  //this parses out the password
		var pass1;

		pass1 = pass[1];

		if (pass1 != pword)
			pword=prompt('Please enter your password to install this App!',' ');

		if (pword==pass1)
		{
			return true;  //password meets the password criteria
		}
		else
		{
			alert('Password is incorrect! You do not have permissions to install this application.');
			return false;  //password is incorrect, uncheck the application
		}	
	}
	catch (ex)
	{
		return true;
	}


}

Now for the useage, I've taken advantage of gcond for proof of concept, at least until WPI has a variable that reflects the password (I'm thinking maybe a textbox with a minimum of a password, possibly a username). Add this (or your own password) to your gcond statement of each application you would like to password protect:

(password="tony")

The function above will parse out "tony" (no quotes) for the password.

Another example that shows combined gcond statements:

FileExists("c:\test.txt") && (password="ross")

I've attached the files from above for testing and observation. There are some serious limitations to the above code as the password would be stored in plain text within the config.js file. We could easily provide encryption for the passwords, but even the encryption algorithms would be in plain text and available for advanced users to decipher but wouldn't be bad for a first start. The code will need some cleaning up with some error checking before implementation...just a concept.

config.js

check.js

Edited September 4, 2007 by lawrenca

[lawrenca]

Forgot to mention that it would be very easy to implement geezery's Dialog Box into the script above. You could also call/compare your encryption from this dialog with a few modifications. I just wanted to show a quick and easy way with just a password input prompt.