Hello,
I have an app which saves data in a SQLite DB located in a folder inside the “Documents” folder.
Every time I run the app it asks me if it is ok to reach the files inside such folder.
I granted all permissions with “Get info…” and with System settings/Safety and Security/… but nothing seems to work.
Is there a line of code that can bypass permissions or get to the DB without asking?
It has to be macOS and the version doesn’t matter. This is part of Apple’s security and there’s nothing you can do because each built app will always be different.
As this is the behaviour Apples security mechanism desire, the only way to “bypass” is putting the app in the sandbox. There is has access to its own documents folder without asking the user for permission.
But sandboxing may rise other issues in the app and has to be carefully tested…
Anyway, I use a MacBook Air M1 with OSX Ventura and Xojo 22.4.0.58767.
On my iMac (running Catalina) I don’t get a request for permission to access the Document folder
Right, Catalina was before many of these restrictions were put into place.
@Thomas_Roemert
Sandboxing is not the answer. What makes these only show up the first time is signing and not changing it. You can try this out yourself, just build a simple app that saves into the docs folder, run it, dismiss the dialog, quit it and launch again. Case in point, the Xojo IDE is not sandboxed. We ran into this same issue when running the IDE from sources, but not with built ones.
Yes, replace SpecialFolder.Documents with SpecialFolder.ApplicationData.Child("my.bundle.identifier")
You have permission to write in ApplicationData. Documents is for user documents, and you shouldn’t be accessing that without a proper open / save dialog.
This will happen when you are running in debug mode. MacOS thinks the app is a new one every time.
Normally signed , notarised, and installed, your settings will be fine.
Granted. These files/folders filling personal folders are a nuisance. Same applies for the home folder containing these specific folders.
For example, Mail Archiver X uses my home folder to store its db files; it’s curious, as I know Beatrix knows about good programming practices. An occasion for me to ask her.
The home folder is just the default location. I should change that to documents anyways. But security wise it doesn’t make a difference.
The local certificate is enough even in the debugger to remember the access to the folders. Only for files in the Mail folder where Full Disk Access is needed a full codesign is required.
You say that the debugger should remember the Documents location. As a matter of fact it does in my Mac (Catalina) but does not in my MacBook (Ventura).
Do you have a built app on both computers? For Full Disk Access I know that I need a built app or macOS forgets the security when the debugger is exited.
works perfectly on my iMac running Catalina but gives me a “NilObject Exception” (item not found) in my MacBook Air running Ventura. Folder names and location are identical for both machines.
Maybe the “Application Support” folder in Ventura must be addressed in a different way?