[MSGINA] Improve Security and Shutdown dialog features (reactos#8372)

- Respect system policies for showing or hiding:

  * Security dialog "Lock Workstation", "Log Off", "Shut Down",
    "Change Password", "Task Manager" buttons;

  * "Log Off" entry in the Shutdown dialog;

- Disable the "Shut Down" Security dialog button, and the "Stand by",
  "Shut down" entries in the Shutdown dialog, if the logged user
  doesn't have the SeShutdownPrivilege.

- Add other missing `WLX_SHUTDOWN_STATE_*` shutdown flags that are
  supported by Windows.

- Improve the retrieval of shutdown options to be displayed in the
  "Shut Down" dialog. In particular, don't hardcode any sort of
  defaults, but let them come from what the user can do (Is logoff
  allowed? Does (s)he have the rights to shutdown/reboot? etc.).
  If no shutdown options are available, then simply don't display
  the dialog!

- Don't hardcode the default selected shutdown option. Either it comes
  from the user's registry and is valid (i.e. corresponds to an existing
  shutdown option in the dialog), otherwise, fall back to the first
  option in the dialog.

  In particular this means:
  * when opening the "Shut Down" dialog from the C-A-D Security
    dialog, by default we will select the "Log Off" option, or
    whatever the user last selected;
  * when opening the dialog from the "Turn Off" Start Menu item, default
    to the "Shut down" option, or whatever the user last selected.
  * when opening the dialog from the C-A-D "Log On" dialog (no user
    is logged in), the "Shut down" option will also be selected, or
    whatever the system operator last selected.

- For the shell-invokable `ShellShutdownDialog()` function, implement
  support for using a custom display user name, or the one in the
  `"Logon User Name"` registry value saved by `WlxActivateUserShell()`.
  Plus, the 3rd parameter specifies the list of shutdown options to
  *exclude* from the options list.

Author: HBelusca

dll/win32/msgina/gui.c

@@ -10,9 +10,7 @@
 
 #include <wingdi.h>
 #include <winnls.h>
-#include <winreg.h>
 #include <ndk/exfuncs.h>
-#include <ndk/setypes.h>
 
 typedef struct _DISPLAYSTATUSMSG
 {
@@ -133,8 +131,6 @@ SetWelcomeText(HWND hWnd)
     DWORD BufSize, dwType, dwWelcomeSize, dwTitleLength;
     LONG rc;
 
-    TRACE("SetWelcomeText(%p)\n", hWnd);
-
     /* Open the Winlogon key */
     rc = RegOpenKeyExW(HKEY_LOCAL_MACHINE,
                        L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon",
@@ -529,8 +525,6 @@ static VOID
 GUIDisplaySASNotice(
     IN OUT PGINA_CONTEXT pgContext)
 {
-    TRACE("GUIDisplaySASNotice()\n");
-
     /* Display the notice window */
     pgContext->pWlxFuncs->WlxDialogBoxParam(pgContext->hWlx,
                                             pgContext->hDllInstance,
@@ -816,9 +810,14 @@ ChangePasswordDialogProc(
 
 
 static VOID
-OnInitSecurityDlg(HWND hwnd,
-                  PGINA_CONTEXT pgContext)
+OnInitSecurityDlg(
+    _In_ HWND hwnd,
+    _In_ PGINA_CONTEXT pgContext)
 {
+    HKEY hKeyCurrentUser, hKey;
+    DWORD dwValue;
+    LONG lRet;
+
     WCHAR Buffer1[256];
     WCHAR Buffer2[256];
     WCHAR Buffer3[256];
@@ -842,6 +841,74 @@ OnInitSecurityDlg(HWND hwnd,
     wsprintfW(Buffer4, Buffer1, Buffer2, Buffer3);
 
     SetDlgItemTextW(hwnd, IDC_SECURITY_LOGONDATE, Buffer4);
+
+    lRet = RegOpenKeyExW(HKEY_LOCAL_MACHINE,
+                         L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon",
+                         0,
+                         KEY_QUERY_VALUE, &hKey);
+    if (lRet == ERROR_SUCCESS)
+    {
+        lRet = ReadRegDwordValue(hKey, L"DisableLockWorkstation", &dwValue);
+        if ((lRet == ERROR_SUCCESS) && !!dwValue)
+            EnableWindow(GetDlgItem(hwnd, IDC_SECURITY_LOCK), FALSE);
+
+        RegCloseKey(hKey);
+    }
+
+    /* Open the per-user registry key */
+    lRet = RegOpenLoggedOnHKCU(pgContext->UserToken,
+                               KEY_QUERY_VALUE,
+                               &hKeyCurrentUser);
+    if (lRet != ERROR_SUCCESS)
+    {
+        /* We couldn't, bail out */
+        return;
+    }
+
+    lRet = RegOpenKeyExW(hKeyCurrentUser,
+                         L"Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System",
+                         0,
+                         KEY_QUERY_VALUE, &hKey);
+    if (lRet == ERROR_SUCCESS)
+    {
+        lRet = ReadRegDwordValue(hKey, L"DisableLockWorkstation", &dwValue);
+        if ((lRet == ERROR_SUCCESS) && !!dwValue)
+            EnableWindow(GetDlgItem(hwnd, IDC_SECURITY_LOCK), FALSE);
+
+        lRet = ReadRegDwordValue(hKey, L"DisableChangePassword", &dwValue);
+        if ((lRet == ERROR_SUCCESS) && !!dwValue)
+            EnableWindow(GetDlgItem(hwnd, IDC_SECURITY_CHANGEPWD), FALSE);
+
+        lRet = ReadRegDwordValue(hKey, L"DisableTaskMgr", &dwValue);
+        if ((lRet == ERROR_SUCCESS) && !!dwValue)
+            EnableWindow(GetDlgItem(hwnd, IDC_SECURITY_TASKMGR), FALSE);
+
+        RegCloseKey(hKey);
+    }
+
+    lRet = RegOpenKeyExW(hKeyCurrentUser,
+                         L"Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer",
+                         0,
+                         KEY_QUERY_VALUE, &hKey);
+    if (lRet == ERROR_SUCCESS)
+    {
+        lRet = ReadRegDwordValue(hKey, L"NoLogoff", &dwValue);
+        if ((lRet == ERROR_SUCCESS) && !!dwValue)
+            EnableWindow(GetDlgItem(hwnd, IDC_SECURITY_LOGOFF), FALSE);
+
+        // TODO: Disable also if "NoDisconnect" on Terminal Services
+        /* Disable the "Shutdown" button if the user doesn't have shutdown privilege */
+        lRet = ReadRegDwordValue(hKey, L"NoClose", &dwValue);
+        if (((lRet == ERROR_SUCCESS) && !!dwValue) ||
+            !TestTokenPrivilege(pgContext->UserToken, SE_SHUTDOWN_PRIVILEGE))
+        {
+            EnableWindow(GetDlgItem(hwnd, IDC_SECURITY_SHUTDOWN), FALSE);
+        }
+
+        RegCloseKey(hKey);
+    }
+
+    RegCloseKey(hKeyCurrentUser);
 }
 
 
@@ -918,48 +985,36 @@ OnLogOff(
 static
 INT
 OnShutDown(
-    IN HWND hwndDlg,
-    IN PGINA_CONTEXT pgContext)
+    _In_ HWND hwndDlg,
+    _In_ PGINA_CONTEXT pgContext,
+    _In_ DWORD dwExcludeOptions)
 {
+    HKEY hKeyCurrentUser = NULL;
+    DWORD ShutdownOptions = 0;
     INT ret;
-    DWORD ShutdownOptions;
-
-    TRACE("OnShutDown(%p %p)\n", hwndDlg, pgContext);
 
-    pgContext->nShutdownAction = GetDefaultShutdownSelState();
-    ShutdownOptions = GetDefaultShutdownOptions();
-
-    if (pgContext->UserToken != NULL)
+    /* Open the per-user registry key */
+    if (RegOpenLoggedOnHKCU(pgContext->UserToken,
+                            KEY_QUERY_VALUE | KEY_CREATE_SUB_KEY | KEY_SET_VALUE,
+                            &hKeyCurrentUser) != ERROR_SUCCESS)
     {
-        if (ImpersonateLoggedOnUser(pgContext->UserToken))
-        {
-            pgContext->nShutdownAction = LoadShutdownSelState();
-            ShutdownOptions = GetAllowedShutdownOptions();
-            RevertToSelf();
-        }
-        else
-        {
-            ERR("WL: ImpersonateLoggedOnUser() failed with error %lu\n", GetLastError());
-        }
+        ERR("RegOpenLoggedOnHKCU() failed with error %ld\n", GetLastError());
     }
+    pgContext->nShutdownAction = 0;
+    if (hKeyCurrentUser)
+    {
+        ShutdownOptions = GetAllowedShutdownOptions(hKeyCurrentUser, pgContext->UserToken);
+        pgContext->nShutdownAction = LoadShutdownSelState(hKeyCurrentUser);
+    }
+    ShutdownOptions &= ~dwExcludeOptions;
 
     ret = ShutdownDialog(hwndDlg, ShutdownOptions, pgContext);
 
-    if (ret == IDOK)
-    {
-        if (pgContext->UserToken != NULL)
-        {
-            if (ImpersonateLoggedOnUser(pgContext->UserToken))
-            {
-                SaveShutdownSelState(pgContext->nShutdownAction);
-                RevertToSelf();
-            }
-            else
-            {
-                ERR("WL: ImpersonateLoggedOnUser() failed with error %lu\n", GetLastError());
-            }
-        }
-    }
+    if ((ret == IDOK) && hKeyCurrentUser)
+        SaveShutdownSelState(hKeyCurrentUser, pgContext->nShutdownAction);
+
+    if (hKeyCurrentUser)
+        RegCloseKey(hKeyCurrentUser);
 
     return ret;
 }
@@ -1031,7 +1086,7 @@ SecurityDialogProc(
                             RtlAdjustPrivilege(SE_SHUTDOWN_PRIVILEGE, Old, FALSE, &Old);
                         }
                     }
-                    else if (OnShutDown(hwndDlg, pgContext) == IDOK)
+                    else if (OnShutDown(hwndDlg, pgContext, 0) == IDOK)
                     {
                         EndDialog(hwndDlg, pgContext->nShutdownAction);
                     }
@@ -1066,8 +1121,6 @@ GUILoggedOnSAS(
 {
     INT result;
 
-    TRACE("GUILoggedOnSAS()\n");
-
     if (dwSasType != WLX_SAS_TYPE_CTRL_ALT_DEL)
     {
         /* Nothing to do for WLX_SAS_TYPE_TIMEOUT; the dialog will
@@ -1377,8 +1430,11 @@ LogonDialogProc(
                     return TRUE;
 
                 case IDC_LOGON_SHUTDOWN:
-                    if (OnShutDown(hwndDlg, pDlgData->pgContext) == IDOK)
+                    if (OnShutDown(hwndDlg, pDlgData->pgContext,
+                                   WLX_SHUTDOWN_STATE_DISCONNECT | WLX_SHUTDOWN_STATE_LOGOFF) == IDOK)
+                    {
                         EndDialog(hwndDlg, pDlgData->pgContext->nShutdownAction);
+                    }
                     return TRUE;
             }
             break;
@@ -1730,8 +1786,6 @@ static VOID
 GUIDisplayLockedNotice(
     IN OUT PGINA_CONTEXT pgContext)
 {
-    TRACE("GUIdisplayLockedNotice()\n");
-
     pgContext->pWlxFuncs->WlxDialogBoxParam(
         pgContext->hWlx,
         pgContext->hDllInstance,

dll/win32/msgina/msgina.h

@@ -19,6 +19,7 @@ extern "C" {
 #include <winuser.h>
 #include <winwlx.h>
 #include <ndk/rtlfuncs.h>
+#include <ndk/setypes.h> // For SE_*_PRIVILEGE
 #include <ntsecapi.h>
 
 #include <strsafe.h>
@@ -123,20 +124,35 @@ CreateProfile(
 
 /* shutdown.c */
 
-DWORD
-GetDefaultShutdownSelState(VOID);
+/**
+ * @brief   Shutdown state flags
+ * @see
+ * https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-2000-server/cc962586(v=technet.10)
+ * https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2003/cc783367(v=ws.10)
+ **/
+#define WLX_SHUTDOWN_STATE_LOGOFF       0x01    ///< "Log off <username>"
+#define WLX_SHUTDOWN_STATE_POWER_OFF    0x02    ///< "Shut down"
+#define WLX_SHUTDOWN_STATE_REBOOT       0x04    ///< "Restart"
+// 0x08 ///< "Restart in MS-DOS mode" - Yes, WinNT/2k/XP/2k3 msgina.dll/shell32.dll has it!
+#define WLX_SHUTDOWN_STATE_SLEEP        0x10    ///< "Stand by"
+#define WLX_SHUTDOWN_STATE_SLEEP2       0x20    ///< "Stand by (with wakeup events disabled)"
+#define WLX_SHUTDOWN_STATE_HIBERNATE    0x40    ///< "Hibernate"
+#define WLX_SHUTDOWN_STATE_DISCONNECT   0x80    ///< "Disconnect" (only available in Terminal Services sessions)
+#define WLX_SHUTDOWN_AUTOUPDATE         0x100   ///< Set when updates are queued
 
 DWORD
-LoadShutdownSelState(VOID);
+LoadShutdownSelState(
+    _In_ HKEY hKeyCurrentUser);
 
 VOID
-SaveShutdownSelState(DWORD ShutdownCode);
-
-DWORD
-GetDefaultShutdownOptions(VOID);
+SaveShutdownSelState(
+    _In_ HKEY hKeyCurrentUser,
+    _In_ DWORD ShutdownCode);
 
 DWORD
-GetAllowedShutdownOptions(VOID);
+GetAllowedShutdownOptions(
+    _In_opt_ HKEY hKeyCurrentUser,
+    _In_opt_ HANDLE hUserToken);
 
 INT_PTR
 ShutdownDialog(
@@ -164,6 +180,11 @@ ReadRegDwordValue(
     _In_ PCWSTR pszValue,
     _Out_ PDWORD pValue);
 
+BOOL
+TestTokenPrivilege(
+    _In_opt_ HANDLE hToken,
+    _In_ ULONG Privilege);
+
 PWSTR
 DuplicateString(
     _In_opt_ PCWSTR Str);