Merge ee0e687 into 2e3041f

LeonarddeR · web-flow · commit b7596ca0e10d · 2022-06-28T16:10:16.000+10:00
diff --git a/source/UIAHandler/__init__.py b/source/UIAHandler/__init__.py
@@ -814,21 +814,23 @@ def _isUIAWindowHelper(self,hwnd):
 				and not config.conf['UIA']['useInMSExcelWhenAvailable']
 			):
 				return False
-			# Unless explicitly allowed, all Chromium implementations (including Edge) should not be UIA,
-			# As their IA2 implementation is still better at the moment.
-			elif (
-				windowClass == "Chrome_RenderWidgetHostHWND"
-				and (
+			elif windowClass == "Chrome_RenderWidgetHostHWND":
+				# Unless explicitly allowed, all Chromium implementations (including Edge) should not be UIA,
+				# As their IA2 implementation is still better at the moment.
+				# However, in cases where Chromium is running under another logon session,
+				# the IAccessible2 implementation is unavailable.
+				hasAccessToIA2 = not appModule.isRunningUnderDifferentLogonSession
+				if (
 					AllowUiaInChromium.getConfig() == AllowUiaInChromium.NO
 					# Disabling is only useful if we can inject in-process (and use our older code)
 					or (
 						canUseOlderInProcessApproach
+						and hasAccessToIA2
 						and AllowUiaInChromium.getConfig() != AllowUiaInChromium.YES  # Users can prefer to use UIA
 					)
-				)
-			):
-				return False
-			if windowClass == "ConsoleWindowClass":
+				):
+					return False
+			elif windowClass == "ConsoleWindowClass":
 				return utils._shouldUseUIAConsole(hwnd)
 		return bool(res)
 
diff --git a/source/appModuleHandler.py b/source/appModuleHandler.py
@@ -44,6 +44,7 @@
 import extensionPoints
 from fileUtils import getFileVersionInfo
 import globalVars
+from systemUtils import getCurrentProcessLogonSessionId, getProcessLogonSessionId
 
 
 _KNOWN_IMPORTERS_T = Union[importlib.machinery.FileFinder, zipimport.zipimporter]
@@ -670,6 +671,20 @@ def _get_isWindowsStoreApp(self):
 		self.isWindowsStoreApp = False
 		return self.isWindowsStoreApp
 
+	def _get_isRunningUnderDifferentLogonSession(self) -> bool:
+		"""Returns whether the application for this appModule was started under a different logon session.
+		This applies to applications started with the Windows runas command
+		or when choosing "run as a different user" from an application's (shortcut) context menu.
+		"""
+		try:
+			self.isRunningUnderDifferentLogonSession = (
+				getCurrentProcessLogonSessionId() != getProcessLogonSessionId(self.processHandle)
+			)
+		except WindowsError:
+			log.error(f"Couldn't compare logon session ID for {self}", exc_info=True)
+			self.isRunningUnderDifferentLogonSession = False
+		return self.isRunningUnderDifferentLogonSession
+
 	def _get_appArchitecture(self):
 		"""Returns the target architecture for the specified app.
 		This is useful for detecting X86/X64 apps running on ARM64 releases of Windows 10.
diff --git a/source/systemUtils.py b/source/systemUtils.py
@@ -62,6 +62,62 @@ def hasUiAccess():
 	finally:
 		ctypes.windll.kernel32.CloseHandle(token)
 
+#: Value from the TOKEN_INFORMATION_CLASS enumeration:
+#: https://docs.microsoft.com/en-us/windows/win32/api/winnt/ne-winnt-token_information_class
+#: When calling The Win32 GetTokenInformation function, the buffer receives a TOKEN_ORIGIN value.
+#: If the token resulted from a logon that used explicit credentials, such as passing a name, domain,
+#: and password to the LogonUser function, then the TOKEN_ORIGIN structure will contain the ID of
+#: the logon session that created it.
+#: If the token resulted from network authentication, then this value will be zero.
+TOKEN_ORIGIN = 17  # TokenOrigin in winnt.h
+
+
+class TokenOrigin(ctypes.Structure):
+	"""TOKEN_ORIGIN structure: https://docs.microsoft.com/en-us/windows/win32/api/winnt/ns-winnt-token_origin
+	This structure is used in calls to the Win32 GetTokenInformation function.
+	"""
+	_fields_ = [
+		("originatingLogonSession", ctypes.c_ulonglong)  # OriginatingLogonSession in C structure
+	]
+
+
+def getProcessLogonSessionId(processHandle: int) -> int:
+	"""
+	Retrieves the ID of the logon session that created the process that the given processHandle belongs to.
+	The function calls several Win32 functions:
+	* OpenProcessToken: opens the access token associated with a process.
+	* GetTokenInformation: retrieves a specified type of information about an access token.
+	  The calling process must have appropriate access rights to obtain the information.
+	  GetTokenInformation is called with the TokenOrigin Value from the TOKEN_INFORMATION_CLASS enumeration.
+	  The resulting structure contains the session ID of the logon session that will be returned.
+	* CloseHandle: To close the token handle.
+	"""
+	token = ctypes.wintypes.HANDLE()
+	if not ctypes.windll.advapi32.OpenProcessToken(
+		processHandle,
+		winKernel.MAXIMUM_ALLOWED,
+		ctypes.byref(token)
+	):
+		raise ctypes.WinError()
+	try:
+		val = TokenOrigin()
+		if not ctypes.windll.advapi32.GetTokenInformation(
+			token,
+			TOKEN_ORIGIN,
+			ctypes.byref(val),
+			ctypes.sizeof(val),
+			ctypes.byref(ctypes.wintypes.DWORD())
+		):
+			raise ctypes.WinError()
+		return val.originatingLogonSession
+	finally:
+		ctypes.windll.kernel32.CloseHandle(token)
+
+
+@functools.lru_cache(maxsize=1)
+def getCurrentProcessLogonSessionId() -> int:
+	return getProcessLogonSessionId(winKernel.GetCurrentProcess())
+
 
 def execElevated(path, params=None, wait=False, handleAlreadyElevated=False):
 	import subprocess
