I've written a short swift code to add a button to the finder which creates a new blank file at the current directory via a system touch call. The extension gets the current directory fine (via FIFinderSyncController.defaultController().targetedURL()), but the touch command failed due to sandboxing. How do I ask for permission for the write access? The user-selected file option is not triggered for my code.
As far as I know this should not be possible within Finder sync extension. However, as the workaround you may transfer this functionality to the main application - first ask user to drag drive, where functionality will be enabled, to the app main window, save security bookmark, and then send command from Finder extension to the main app.
You should be able to use a temporary exception entitlement as described here. More specifically, one of the two entitlements should be sufficient:
com.apple.security.temporary-exception.files.home-relative-path.read-write
com.apple.security.temporary-exception.files.absolute-path.read-write
As noted in the documentation, you should submit your reasons for needing a temporary exception entitlement if you plan on submitting your app to the App Store. (I've never gone through this procedure, so I'm not sure how what this process is like).
As far as I know, this isn't possible, and furthermore, this is not the purpose of Finder sync extensions. Apple says here that:
Make sure the Finder Sync extension point is appropriate for the functionality you plan to provide. The best Finder Sync extensions support apps that sync the contents of a local folder with a remote data source. Finder Sync is not intended as a general tool for modifying the Finder’s user interface.
If you want to modify Finder to do what you purpose, you'd have to:
Use a temporary exception entitlement, which will de facto cause your app to be rejected; or
re-think your approach
I'd suggest the latter. Apple is making it more and more difficult to modify the system with every release (for better or for worse). If you need this functionality, file a bug report requesting it.
Related
The new version of VSCode 1.75 contains the new function Profiles, which I was waiting for.
It looks like you can install, activate or deactivate extensions in each profile, without affecting the other profiles.
So far I only managed to install, activate or deactivate extensions via the extension manager, or via the view page of the respective extension.
There is this new view that can be displayed via [Settings-Wheel]-[profiles]-[show contents]
There you can find a checkbox for each extension.
Intuitively, one would assume that the extensions for a profile can be either completely switched on or off (install) or at least activated / deactivated.
For me this checkbox has none of the mentioned effects.
The profiles work nevertheless, as said, with an activated profile extensions can be installed and uninstalled, the profiles can then be switched, and a profiles extension states get properly restored when reselected.
However, the view with these checkboxes seems largely pointless to me at the moment.
So my question is: what is their purpose?
Should their purpose be what I suspected, and the feature just isn't "ready" yet?
The checkboxes are for exporting the profile without including undesired configuration options. For example, the "UI State" option will save the currently open menus and submenus as a part of the profile's configuration, which you likely don't really want in most cases.
Notably, when I created a new blank profile and accessed this menu the only field present was the UI State, which implies that if a field is the same as the default configuration it won't be saved to the file.
When you export, you can name the profile and either save it locally as a ".code-profile" file, or upload it directly to GitHub as a gist. The file uses a syntax that I believe is unique, though it's very possible I just don't know it. It would be nice to have a simple JSON schema, but I'm sure the community is going to automate the hell out of this process within a few weeks/days.
I'm pretty sure the purpose of those checkboxes is to select whether or not each extension gets exported as part of the profile. Presumably they are all activated upon importing the profile and installing those profile extensions.
When I wanted to export the model I was working on as a Java application, I encountered an error regarding the databases I loaded into the model. When I said OK to the error, I realized that all the files in the folder I wanted to create the Java application were deleted. That folder was desktop by the way.
Right now all the files (i mean all of them!) on my desktop are deleted and they don't even show up in the recycle bin. How are we going to solve this situation? How can AnyLogic have the authority to delete all files in that folder? How is this authority not shared with me and not warned beforehand?
When you work with software in general, you need to have a version control in place that will allow you to recover your information. These problems occur, and if AnyLogic has access to your computer it's because you grant the permission and it needs the permission. If you make your desktop your project folder, then i would say you are to blame.. why would you do that...
Using GIT as Ben commented, is always a good idea... but it requires you to be conscious about when you commit a version.
What I do, is I use dropbox and all my projects are done in a dropbox folder... the good thing is that dropbox always saves automatically all the files on the folder... this has saved my life multiple times and I suggest you to do something like that in the future. So on one hand you have the autosaving features, which is useful, but sometimes you erase everything by mistake, and the autosave is not useful, but dropbox saves no matter what.
When adding a folder from your local filesystem to the Chrome DevTools workspace, you'll receive a dialog banner which warns you to "not expose any sensitive information" before you grant access.
What are the specific risks associated with doing this? Is the workspace vulnerable to access by extensions? Script injection?
Official response -
"We use the same api as a regular website/chrome app, so it’s not something specific to devtools. I guess in theory if you map you workspace maps to a malicious site and then you live edit your site with devtools open the site might be able to detect your edits? That’s pretty convoluted though.
We assume that information in the workspace is data for your project. I wouldn’t add /etc/passwd to a devtools workspace."
From the review -
"How does one revoke access? If I make a mistake, I can remove the .allow-devtools-edit file. I don't see a way to do this with the new approach.
I'm not sure an infobar is strong enough. There's a class of users that will click this but would never be willing or savvy enough to put the .allow file onto their machines."
As well as -
"The message ought to be scarier, talking about ensuring that there isn't sensitive information in that directory."
Not much, but the original issue for the previous method (adding a file to the folder for allowing it to be mapped also says -
"DevTools needs file system access to allow developers edit/add sources (even those that are not loaded from server, e.g. deployment descriptors, server scripts).
We plan to use File System API (isolated file system).
To add a folder to DevTools users will need to
1. Add an empty .allow-devtools-edit file to the folder (for security purposes)"
I guess because Developer Tools extensions might then be able to read the files you mapped, it can expose highly sensitive information, like unencrypted user names and passwords that might be found in configuration files.
Sometimes when we issue an upgrade to our application we need to install some files to the application's Data folder. We want to make it possible for the users to move this folder to a place of their liking. But how to deal with this at install time?
I was thinking of deploying to the user's AppData folder and have the application somehow check there for new files at startup.
Any advice or references would be very welcome!
We use InnoSetup for a VB6 application if that matters for your answer.
Generally the best solution I've found is to allow the user to move the folder from within the application.
This allows the application to keep track of where its data is being kept (by adding a reference to it in a file or registry entry which it accesses at load time) and to access it seamlessly in the future.
Your update routines can then also access this information to determine where to place the update files.
Alternatively, make sure the folder name is as distinctive as possible and add a search routine to look for the directory in a number of sensible places at load time. Then write your manual specifying that the data folder can be moved to one of those locations ONLY.
Wouldn't the users just run an update or patch package? I'm not sure why they'd want or need to see such files. It's pretty rare for commercial software to offer users the options of where to store program settings and other internal-use files.
Give some thought to this before putting a lot of stuff into users' roaming profiles. You might want LocalAppData instead.
I have a number of apps which are similar in functionality and UI. I create the user interface by picking up variables from a .plist file. For instance, I save the source of the API from where I pick up the data.
Creating a new app involves just changing the values in the .plist file and rebuilding the app, and finally submitting it to the App Store. Also, I need to create Ad-Hoc provision files and build test releases too.
I wish to automate this process. For this I need to:
Build the app through the command line interface.
Upload the binary and other required files/information (app icon, description, etc.) to iTunes Connect.
Any pointers where I should look?
It's 2016, and now we have the iTunesConnect Transporter command line tool with a quick start guide here.
Also, have a look at this OSS project that wraps the Transporter tools (and others) in a friendly way:
https://fastlane.tools
Building your Xcode projects can be automated by using the command line tool xcodebuild that Apple provides.
As far as automating the app creation process goes, Apple has not exposed this functionality outside of the Xcode GUI. You can still automate this and there are two options.
Use Automator to create a script
that replays all the actions a human
would perform to create a new
project. Parts of this replay
script like the project name etc.
can be customized and
programmatically fed to the script.
A disadvantage of this method is
that this will actually run on the
GUI and will be slow.
If you want to do it all through the
command line, you will have to
reverse engineer the contents of the
Xcode project file that has the
extension .xcodeproj. It's a
compressed file and contains a few
XML configuration files for the
entire project. There is no public
documentation on the contents of
these XML files.
For automating the submission process, you will need a script that talks to itunesconnect.apple.com. This is where you would submit your app to the App Store. Checkout this page for more info on iTunes Connect.
A browser automation tool will be helpful here though you could roll your custom script that talks to iTunes Connect over HTTP.
To summarize, the only thing that can be used readily out of the box is the xcodebuild tool. Everything else has to be reverse engineered.