Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Using Security Scoped Bookmark in Finder Sync Extension with App Group UserDefaults

I am getting following error while resolving Security Scoped Bookmark in my finder sync extension.

Error Domain=NSCocoaErrorDomain Code=259 "The File couldn't be opened because it isn't in the correct format."

and also possibly the related logging:

Failed to read values in CFPrefsPlistSource<0x6080000ee380> (Domain: MyAppGroupName, User: kCFPreferencesAnyUser, ByHost: Yes, Container: (null)): Using kCFPreferencesAnyUser with a container is only allowed for System Containers, detaching from cfprefsd

I am using following code to create Security Scoped bookmark in Container App:

NSUserDefaults *sharedDefaults = [[NSUserDefaults alloc] initWithSuiteName:@"com.mycomp.xyz"];
NSURL * theSelectedFolder = ....selected folder from NSOpenPanel....
NSData *bookmarkData = [theSelectedFolder bookmarkDataWithOptions:NSURLBookmarkCreationWithSecurityScope includingResourceValuesForKeys:nil relativeToURL:nil error:NULL];

[sharedDefaults setObject:bookmarkData forKey:@"BookmarkData"];
[sharedDefaults synchronize];

In Finder Sync Extension, I am using following code:

NSUserDefaults *sharedDefaults = [[NSUserDefaults alloc] initWithSuiteName:@"com.mycomp.xyz"];
NSData *bookmarkData = [sharedDefaults objectForKey:@"BookmarkData"];
BOOL bookmarkDataIsStale;
NSError *err;
NSURL *userSelectedUrl = [NSURL URLByResolvingBookmarkData:bookmarkData options:NSURLBookmarkResolutionWithSecurityScope relativeToURL:nil bookmarkDataIsStale:&bookmarkDataIsStale error:&err];

and i have also added this entitlement key: com.apple.security.files.bookmarks.app-scope in both Finder Sync Extension as well as Container app.

I am new to cocoa programming and not being able to find any luck finder the problem.

What am I doing wrong? Can anyone help me out here?

like image 303
Anil Malik Avatar asked Jun 18 '16 12:06

Anil Malik


People also ask

What is the finder sync extension point?

In OS X, the Finder Sync extension point lets you cleanly and safely modify the Finder’s user interface to express file synchronization status and control. Unlike most extension points, Finder Sync does not add features to a host app.

How do I change the scope of synchronization?

Select Synchronizationfrom the menu on the left-hand side. For the Synchronization type, select Scoped. Choose Select groups, then search for and choose the groups to add. When all changes are made, select Save synchronization scope. Changing the scope of synchronization causes the managed domain to resynchronize all data.

What is group-based scoped synchronization and how does it work?

If only a few users need to access the managed domain, you can synchronize only those user accounts. This scoped synchronization is group-based. When you configure group-based scoped synchronization, only the user accounts that belong to the groups you specify are synchronized to the managed domain.

How do I add or remove a group from the sync scope?

Select Synchronizationfrom the menu on the left-hand side. To add a group, choose + Select groupsat the top, then choose the groups to add. To remove a group from the synchronization scope, select it from the list of currently synchronized groups and choose Remove groups. When all changes are made, select Save synchronization scope.


1 Answers

To save read-only bookmark data, use the bitmask [.withSecurityScope, .securityScopeAllowOnlyReadAccess]; not solely .securityScopeAllowOnlyReadAccess.

.securityScopeAllowOnlyReadAccess

When combined with the .withSecurityScope option, specifies that you want to create a security-scoped bookmark that, when resolved, provides a security-scoped URL allowing read-only access to a file-system resource; for use in an app that adopts App Sandbox.

https://developer.apple.com/documentation/corefoundation/cfurlbookmarkcreationoptions/1543362-securityscopeallowonlyreadaccess

url.bookmarkData(options: [.withSecurityScope, .securityScopeAllowOnlyReadAccess], includingResourceValuesForKeys: nil, relativeTo: nil)

Using only .securityScopeAllowOnlyReadAccess was giving me the error mentioned in the question when resolving from either the Main App or the Extension:

Error Domain=NSCocoaErrorDomain Code=259 "The file couldn’t be opened because it isn’t in the correct format."

like image 84
pkamb Avatar answered Oct 11 '22 17:10

pkamb