Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merge rc to beta #14452

Merged
merged 4 commits into from
Dec 18, 2022
Merged

Merge rc to beta #14452

merged 4 commits into from
Dec 18, 2022

Conversation

seanbudd
Copy link
Member

@seanbudd seanbudd commented Dec 16, 2022

Handles merge conflicts from #14416

Must be merge commit not squash merge.

Link to issue number:
Supercedes #14358
Fixes: #14379
Fixes: #14368

Summary of the issue:
Issue 1: Session tracking notification failures (#14358)
If NVDA freezes, session tracking notifications may be dropped.
If this happens when locking, NVDA will be insecure while on the Windows lock screen.
If this happens when unlocking, NVDA will not behave correctly and be inaccessible while Windows is unlocked.

This is fixed by querying the session directly, and caching this every core cycle.
If a query fails, NVDA should fall back accessible behaviour, rather than secure.

Issue 2: Forgot my PIN workflow is inaccessible (#14368)
NVDA cannot read content on the forgot my PIN workflow screen.
This is a similar situation to the lock screen, except an Edge Spartan window is used for the workflow.
This runs on a temporary user profile.

This is fixed by detecting the z-order of windows, and making an window above the lock screen window accessible.

Issue 2a: Object navigation does not work on the PIN workflow screen (#14416)
This is because TextInfo.obj can be a TreeInterceptor, where it was previously documented as just NVDAObject.
This assumption caused the _isSecureObjectWhileLockScreenActivated function to fail, making object navigation fail.
In those cases, the TreeInterceptor.rootNVDAObject should be checked instead.

Issue 3: NVDA fails to install in some environments (#14379)
Sometimes an NVDA session query returns an unexpected value.
In this case, default to the "session unknown" behaviour.
If a session query fails, NVDA should roll back to accessible behaviour rather than failing to run.

Description of user facing changes
PIN workflow screen should become accessible.
NVDA has better session tracking management (i.e. is aware of the lock state more accuractely).
NVDA should handle session query failures without preventing installation, blocking usage, etc.

Description of development approach
There are 4 security modes of NVDA:

normal, authenticated user
secure mode: secure desktop mode (when serviceDebug param not set), or --secure param provided.
Refer to existing docs on this.
secure desktop mode: enabled secure mode (when serviceDebug param not set).
Also prevents access to some controls, that should not be accessible from the sign-in/UAC dialog.
lock screen mode: prevents access to user data. Used on the lock screen, which runs on a user desktop.
Also include the reset PIN workflow and out of box experience. (Only Win 10+)
Lock state session tracking is handled by NVDA now, by querying the session state every core pump cycle.

When on lock screen mode, we need to check the z-order of windows to confirm if an NVDA object should be accessible.
The window associated with the NVDAObject should be above the lowest lock screen window.
Lock screen windows can be identified by known class names.
This is risky as class names may change, but the lockapp appModule isn't detectable on the forgot PIN workflow.

We can confirm the windows order by starting at the lowest lock screen, then navigating our way up.
If we can confirm that the NVDA Object is not below the lock screen window, we can make the object accessible.
This method is risky, as z-ordering is dynamic.
There are unit tests to cover this, code aims to make NVDAObjects accessible where the order is unknown.
@seanbudd seanbudd requested a review from a team as a code owner December 16, 2022 05:58
@seanbudd seanbudd requested review from michaelDCurran and removed request for a team December 16, 2022 05:58
@seanbudd seanbudd merged commit 09b8b6d into beta Dec 18, 2022
@seanbudd seanbudd deleted the mergeRcToBeta branch December 18, 2022 22:37
@nvaccessAuto nvaccessAuto added this to the 2023.1 milestone Dec 18, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants