pgsql: Fix and simplify check for whether we're running as Windows serv

Fix and simplify check for whether we're running as Windows service.

If the process token contains SECURITY_SERVICE_RID, but it has been
disabled by the SE_GROUP_USE_FOR_DENY_ONLY attribute, win32_is_service()
would incorrectly report that we're running as a service. That situation
arises, e.g. if postmaster is launched with a restricted security token,
with the "Log in as Service" privilege explicitly removed.

Replace the broken code with CheckProcessTokenMembership(), which does
this correctly. Also replace similar code in win32_is_admin(), even
though it got this right, for simplicity and consistency.

Per bug #13755, reported by Breen Hagan. Back-patch to all supported
versions. Patch by Takayuki Tsunakawa, reviewed by Michael Paquier.

Discussion: https://www.postgresql.org/message-id/20151104062315.2745.67143%40wrigleys.postgresql.org

Branch
------
master

Details
-------
http://git.postgresql.org/pg/commitdiff/ff30aec759bdc4de78912d91f650ec8fd95ff6bc

Modified Files
--------------
src/port/win32security.c | 180 ++++++++++-------------------------------------
1 file changed, 38 insertions(+), 142 deletions(-)