Thursday, October 24, 2019

Modern AppKit File Permissions

Ben Scheirman:

There is no API for saying “Please prompt the user to access this folder”. Instead, this is done in one of three ways:

  • Full Disk Access
  • Prompting the user to open a file/directory
  • Dragging & Dropping a folder onto the application


By default the [latter two] approaches above grant you access while the app remains open. When you quit the app, any folder access you had is lost.

To gain persistent access to a folder even on subsequent launches, we’ll have to take advantage of a system called Security-Scoped Bookmarks.


Watch out for symlinks. My working directory is full of them, and I wanted to list contents of a nested folder that was actually a symlink, and this doesn’t work. You have to grant permissions to the real folder, which may involve additional prompts to grant all the permissions you need.

Obviously, you wouldn’t want an app to be able to give itself access to a protected folder by creating a symlink to it. But if the user is already demonstrating intent by choosing a folder or dragging and dropping it, it’s too bad that the system doesn’t grant access to everything referenced from that folder.

In practice, this means lots of extra complexity because a sandboxed app can never assume it has access to anything. Items in the folder could actually be stored somewhere else. After detecting this, and prompting for access, you may need to store multiple security-scoped bookmarks to maintain access to the single folder. And the folder’s contents may change and require additional prompts the next time.

Daniel Tull:

In this post I will be talking about the pair of methods startAccessingSecurityScopedResource and stopAccessingSecurityScopedResource on the URL type and how we can use Swift to make their use a little nicer in our apps. I will walk through the modifications I have made to the Particles sample app that Apple provided for the session. If you’d like to see the final result or any of the steps, you can find them on GitHub.


Comments RSS · Twitter

Leave a Comment