I have an app which saves data in a SQLite DB located in a folder inside the “Documents” folder.
Every time I run the app it asks me if it is ok to reach the files inside such folder.
I granted all permissions with “Get info…” and with System settings/Safety and Security/… but nothing seems to work.
Is there a line of code that can bypass permissions or get to the DB without asking?
without showing any code it will be hard for others to help but 2 things you will want to add is:
- What OS are you using and targeting
- what version of Xojo
Each time you run, the OS sees your app as a brand new app needing these verifications.
It has to be macOS and the version doesn’t matter. This is part of Apple’s security and there’s nothing you can do because each built app will always be different.
As this is the behaviour Apples security mechanism desire, the only way to “bypass” is putting the app in the sandbox. There is has access to its own documents folder without asking the user for permission.
But sandboxing may rise other issues in the app and has to be carefully tested…
Anyway, I use a MacBook Air M1 with OSX Ventura and Xojo 126.96.36.199767.
On my iMac (running Catalina) I don’t get a request for permission to access the Document folder
Right, Catalina was before many of these restrictions were put into place.
Sandboxing is not the answer. What makes these only show up the first time is signing and not changing it. You can try this out yourself, just build a simple app that saves into the docs folder, run it, dismiss the dialog, quit it and launch again. Case in point, the Xojo IDE is not sandboxed. We ran into this same issue when running the IDE from sources, but not with built ones.
You have permission to write in ApplicationData. Documents is for user documents, and you shouldn’t be accessing that without a proper open / save dialog.
This will happen when you are running in debug mode. MacOS thinks the app is a new one every time.
Normally signed , notarised, and installed, your settings will be fine.
I have to disagree with you @Greg_O it should be adequate to at least post the questions I asked
Yes even if you or others know what the OP is asking future readers might not
Thanks everybody for your helps and suggestion.
Extremely useful as usual.
Have a good day
Granted. These files/folders filling personal folders are a nuisance. Same applies for the home folder containing these specific folders.
For example, Mail Archiver X uses my home folder to store its db files; it’s curious, as I know Beatrix knows about good programming practices. An occasion for me to ask her.
The home folder is just the default location. I should change that to documents anyways. But security wise it doesn’t make a difference.
The local certificate is enough even in the debugger to remember the access to the folders. Only for files in the Mail folder where Full Disk Access is needed a full codesign is required.
You say that the debugger should remember the Documents location. As a matter of fact it does in my Mac (Catalina) but does not in my MacBook (Ventura).
Do you have a built app on both computers? For Full Disk Access I know that I need a built app or macOS forgets the security when the debugger is exited.
Yes, I misunderstood you, I thought you meant that the debugger could access the Document folder scotfree
Just to follow the topic, I have another issue: the following line of code
dbFile = SpecialFolder.ApplicationData.Child("Xojo").Child("SQLITES").Child(DBName)
works perfectly on my iMac running Catalina but gives me a “NilObject Exception” (item not found) in my MacBook Air running Ventura. Folder names and location are identical for both machines.
Maybe the “Application Support” folder in Ventura must be addressed in a different way?
I suggest putting it into your own folder and not Xojo.