From cdd7e3c00e45f1c3fee3b34acbb6c471c1f7c5d5 Mon Sep 17 00:00:00 2001
From: JohnMcPMS <johnmcp@microsoft.com>
Date: Wed, 29 Jan 2025 09:59:15 -0800
Subject: [PATCH] Make self elevation stable (#5163)

## Change
Make self elevation stable and move to using the token elevation state
to decide when to use it.
---
 src/AppInstallerCLICore/Workflows/ConfigurationFlow.cpp   | 4 ++--
 src/AppInstallerCommonCore/ExperimentalFeature.cpp        | 4 ----
 .../Public/winget/ExperimentalFeature.h                   | 5 ++---
 src/AppInstallerCommonCore/Public/winget/UserSettings.h   | 2 --
 src/AppInstallerCommonCore/UserSettings.cpp               | 1 -
 src/AppInstallerSharedLib/Public/winget/Runtime.h         | 8 ++++++++
 src/AppInstallerSharedLib/Runtime.cpp                     | 5 +++++
 7 files changed, 17 insertions(+), 12 deletions(-)

diff --git a/src/AppInstallerCLICore/Workflows/ConfigurationFlow.cpp b/src/AppInstallerCLICore/Workflows/ConfigurationFlow.cpp
index 4d7d18974c..5d8d641a98 100644
--- a/src/AppInstallerCLICore/Workflows/ConfigurationFlow.cpp
+++ b/src/AppInstallerCLICore/Workflows/ConfigurationFlow.cpp
@@ -106,8 +106,8 @@ namespace AppInstaller::CLI::Workflow
 
             IConfigurationSetProcessorFactory factory;
 
-            // Since downgrading is not currently supported, only use dynamic if not running as admin.
-            if (Settings::ExperimentalFeature::IsEnabled(Settings::ExperimentalFeature::Feature::ConfigureSelfElevation) && !Runtime::IsRunningAsAdmin())
+            // Since downgrading is not currently supported, only use dynamic if running limited.
+            if (Runtime::IsRunningWithLimitedToken())
             {
                 factory = ConfigurationRemoting::CreateDynamicRuntimeFactory();
             }
diff --git a/src/AppInstallerCommonCore/ExperimentalFeature.cpp b/src/AppInstallerCommonCore/ExperimentalFeature.cpp
index c3709c6802..8cc77d6ee7 100644
--- a/src/AppInstallerCommonCore/ExperimentalFeature.cpp
+++ b/src/AppInstallerCommonCore/ExperimentalFeature.cpp
@@ -44,8 +44,6 @@ namespace AppInstaller::Settings
                 return userSettings.Get<Setting::EFResume>();
             case ExperimentalFeature::Feature::Configuration03:
                 return userSettings.Get<Setting::EFConfiguration03>();
-            case ExperimentalFeature::Feature::ConfigureSelfElevation:
-                return userSettings.Get<Setting::EFConfigureSelfElevation>();
             case ExperimentalFeature::Feature::ConfigureExport:
                 return userSettings.Get<Setting::EFConfigureExport>();
             case ExperimentalFeature::Feature::Font:
@@ -83,8 +81,6 @@ namespace AppInstaller::Settings
             return ExperimentalFeature{ "Resume", "resume", "https://aka.ms/winget-settings", Feature::Resume };
         case Feature::Configuration03:
             return ExperimentalFeature{ "Configuration Schema 0.3", "configuration03", "https://aka.ms/winget-settings", Feature::Configuration03 };
-        case Feature::ConfigureSelfElevation:
-            return ExperimentalFeature{ "Configure Self Elevation", "configureSelfElevate", "https://aka.ms/winget-settings", Feature::ConfigureSelfElevation };
         case Feature::ConfigureExport:
             return ExperimentalFeature{ "Configure Export", "configureExport", "https://aka.ms/winget-settings", Feature::ConfigureExport };
         case Feature::Font:
diff --git a/src/AppInstallerCommonCore/Public/winget/ExperimentalFeature.h b/src/AppInstallerCommonCore/Public/winget/ExperimentalFeature.h
index 80469aa24c..257ffd2152 100644
--- a/src/AppInstallerCommonCore/Public/winget/ExperimentalFeature.h
+++ b/src/AppInstallerCommonCore/Public/winget/ExperimentalFeature.h
@@ -25,9 +25,8 @@ namespace AppInstaller::Settings
             DirectMSI = 0x1,
             Resume = 0x2,
             Configuration03 = 0x4,
-            ConfigureSelfElevation = 0x8,
-            ConfigureExport = 0x10,
-            Font = 0x20,
+            ConfigureExport = 0x8,
+            Font = 0x10,
             Max, // This MUST always be after all experimental features
 
             // Features listed after Max will not be shown with the features command
diff --git a/src/AppInstallerCommonCore/Public/winget/UserSettings.h b/src/AppInstallerCommonCore/Public/winget/UserSettings.h
index d13d3e8f46..f791c5f3d7 100644
--- a/src/AppInstallerCommonCore/Public/winget/UserSettings.h
+++ b/src/AppInstallerCommonCore/Public/winget/UserSettings.h
@@ -76,7 +76,6 @@ namespace AppInstaller::Settings
         EFDirectMSI,
         EFResume,
         EFConfiguration03,
-        EFConfigureSelfElevation,
         EFConfigureExport,
         EFFonts,
         // Telemetry
@@ -162,7 +161,6 @@ namespace AppInstaller::Settings
         SETTINGMAPPING_SPECIALIZATION(Setting::EFDirectMSI, bool, bool, false, ".experimentalFeatures.directMSI"sv);
         SETTINGMAPPING_SPECIALIZATION(Setting::EFResume, bool, bool, false, ".experimentalFeatures.resume"sv);
         SETTINGMAPPING_SPECIALIZATION(Setting::EFConfiguration03, bool, bool, false, ".experimentalFeatures.configuration03"sv);
-        SETTINGMAPPING_SPECIALIZATION(Setting::EFConfigureSelfElevation, bool, bool, false, ".experimentalFeatures.configureSelfElevate"sv);
         SETTINGMAPPING_SPECIALIZATION(Setting::EFConfigureExport, bool, bool, false, ".experimentalFeatures.configureExport"sv);
         SETTINGMAPPING_SPECIALIZATION(Setting::EFFonts, bool, bool, false, ".experimentalFeatures.fonts"sv);
         // Telemetry
diff --git a/src/AppInstallerCommonCore/UserSettings.cpp b/src/AppInstallerCommonCore/UserSettings.cpp
index d6879e9b9a..abf4b6fcff 100644
--- a/src/AppInstallerCommonCore/UserSettings.cpp
+++ b/src/AppInstallerCommonCore/UserSettings.cpp
@@ -267,7 +267,6 @@ namespace AppInstaller::Settings
         WINGET_VALIDATE_PASS_THROUGH(EFDirectMSI)
         WINGET_VALIDATE_PASS_THROUGH(EFResume)
         WINGET_VALIDATE_PASS_THROUGH(EFConfiguration03)
-        WINGET_VALIDATE_PASS_THROUGH(EFConfigureSelfElevation)
         WINGET_VALIDATE_PASS_THROUGH(EFConfigureExport)
         WINGET_VALIDATE_PASS_THROUGH(EFFonts)
         WINGET_VALIDATE_PASS_THROUGH(AnonymizePathForDisplay)
diff --git a/src/AppInstallerSharedLib/Public/winget/Runtime.h b/src/AppInstallerSharedLib/Public/winget/Runtime.h
index 6c09b98cf4..a8500a56e9 100644
--- a/src/AppInstallerSharedLib/Public/winget/Runtime.h
+++ b/src/AppInstallerSharedLib/Public/winget/Runtime.h
@@ -43,6 +43,14 @@ namespace AppInstaller::Runtime
     // Determines whether the process is running with administrator or system privileges.
     bool IsRunningAsAdminOrSystem();
 
+    // Determines whether the current token can be elevated.
+    // This only returns true for tokens that are TokenElevationTypeLimited.
+    // Thus, it will only be true if:
+    //  1. UAC is enabled
+    //  2. the user is in the Administrators group
+    //  3. the token is not already elevated
+    bool IsRunningWithLimitedToken();
+
     // Returns true if this is a release build; false if not.
     inline constexpr bool IsReleaseBuild()
     {
diff --git a/src/AppInstallerSharedLib/Runtime.cpp b/src/AppInstallerSharedLib/Runtime.cpp
index 2c35ea3135..b3c6e229a0 100644
--- a/src/AppInstallerSharedLib/Runtime.cpp
+++ b/src/AppInstallerSharedLib/Runtime.cpp
@@ -213,4 +213,9 @@ namespace AppInstaller::Runtime
     {
         return IsRunningAsAdmin() || IsRunningAsSystem();
     }
+
+    bool IsRunningWithLimitedToken()
+    {
+        return wil::get_token_information<TOKEN_ELEVATION_TYPE>() == TokenElevationTypeLimited;
+    }
 }