I have an app that offers an option to sync its data with Dropbox. If the app asks the user to select his or her Dropbox folder (and the app stores the location in its preference file) will the app be allowed to access this folder on subsequent launches?
Probably not, you will most likely need to use the dreaded Security-Scoped Bookmarks.
Sounds ominous. I’ll check it out. Thanks
I put together a module that makes Security Scoped Bookmarks fairly trivial t implement. Have a look if you like.
SSBookmarks.zip
I would thoroughly recommend reading the latest issue of Xojo Developer, as it includes a lot of information about Sandboxing. If you don’t subscribe, you can purchase a single issue. You should read it before you implement any Security-Scoped Bookmark code.
Thx Jim !! I learned a lot with your example! Really helpful ! Recommend to everyone wanted to learn about Security-Scoped Bookmarks.
But do I understand it correctly: When the file is changed with another app it will not work?
Situation:
- You have an app that manipulates images.
- The user drags a file into your app, let it do his job and saves the file.
- Next time the user opens my app, the file is accessible without the need to let the user drag’n’drop it again.
But lets assume that same user is manipulating that same file with for example Pixelmator.
If I understand it correctly, that same file will not pass the Sandboxing anymore?
Is there a solution for this? Or is this a side effect of Sandboxing?
[quote=85489:@Sam Rowlands]I would thoroughly recommend reading the latest issue of Xojo Developer, as it includes a lot of information about Sandboxing. If you don’t subscribe, you can purchase a single issue. You should read it before you implement any Security-Scoped Bookmark code.
http://xojodev.com[/quote]
I bought that issue just for your writing bit. 
But I was a bit disappointed about being too general. I mean, there where no useful examples to work with. I needed Jims example to understand several things instead.
Nevertheless it is good reading but certainly not the ‘all-you-need-to-know-about-sandboxing-and-how-to-handle-it’ article. A mist opportunity imo.
[quote=85579:@Christoph De Vocht]But lets assume that same user is manipulating that same file with for example Pixelmator.
If I understand it correctly, that same file will not pass the Sandboxing anymore?
Is there a solution for this? Or is this a side effect of Sandboxing?
[/quote]
It shouldn’t cause a problem, as long as the Filename doesn’t change. I’m checking now
Ok, try redownloading the demo.
I added kCFURLBookmarkCreationPreferFileIDResolutionMask so the bookmark still can be resolved if the file moves or is renamed!
Enjoy!
Now that I’m thinking about it, it might be a good idea to store 2 bookmarks. One being a path based bookmark, and one with the File ID resolution… that way, if the file is simply overwritten, it can be resolved by path and if it is moved/renamed it can be resolved via File ID…
[quote=85747:@jim mckay]I added kCFURLBookmarkCreationPreferFileIDResolutionMask so the bookmark still can be resolved if the file moves or is renamed!
Enjoy![/quote]
Again thanks ! Highly appreciated.
The code will be coming, I’m awaiting our app to ship first. It does address many of the issues that we’ve discovered in production apps, where many implementations including our previous code got it wrong.
Per your example, I would actually recommend considering the solution I suggested for maintaining a recent items menu. It’s not hard to introduce and will save you from almost certain failure, if your Security-Scoped Bookmark code isn’t up to snuff. I had to find out the hard way, many of the areas where SSBs can fail and it’s left us with many negative reviews on the Mac App Store.
The rule of the thumb, is avoid SSBs unless you really have no choice and then use my guide to protect yourself and your application against the failures of SSBs and incorrect interpretations of the Apple code.
I’m going to be releasing a Sandbox Kit (much like the Retina Kit), which will include all the code that we’re using in production apps to solve Sandbox issues (that can be solved with code).
It will be done like the Retina Kit (in a x-plat) manner, allowing for a one solution fits all (where possible).
I’m sorry to hear that you were disappointed with the article, I will try to include more code in future articles. There is a lot I’ve learned with Sandboxing and a lot of theory/gotchas that are not easily available. I wrote that article 3 times over several months, struggling to decide on what should be there, while trying not to overwhelm with too much information.
[quote=85893:@Sam Rowlands]The rule of the thumb, is avoid SSBs unless you really have no choice and then use my guide to protect yourself and your application against the failures of SSBs and incorrect interpretations of the Apple code.
[/quote]
I’m not sure why you have such strong feelings about SSB’s, but they’re nothing to fear. I had a heck of a time getting them right because I was using MBS and the implementation was incomplete. (sorry Christian but it gave me hours and hours and hours of headaches)
If properly implemented, they work consistently and reliably.
The thing to remember is don’t do a bunch of stuff between start and stop access calls
In other words, have the document data ready to write in a single call if possible and do it between calls, and read the file in a single call between start and stop calls. Also, do it in the main thread. And be sure to have the needed entitlements enabled for the sandbox or all else is futile.
For what its worth:
I have implemented the SSB code of Jim in one of my new apps and it works very nice atm. In fact, I do find it very easy to use too (luckely).
Indeed incorrect implementations do cause a lot of headaches, it also helps to work with SSBs in Objective-C as this will give a far greater understanding of how they should be used.
For a list of the issues we encountered, none on our original suite of test machines, it’s worth reading the article I wrote. I purchased a specific machine because of an error users were having and it helped to illustrate a fundamental issue with SSBs.
Like I mentioned earlier, the latest iteration of code is working in testing (but then so was the original code), once it’s proven in a shipping application, I will release it.