From d869a0044c63196265f864552040e8887ecf9cfa Mon Sep 17 00:00:00 2001 From: Travis Lange Date: Sat, 12 Oct 2024 20:00:26 -0400 Subject: [PATCH] added ability to add extra codesign entitlements for macos from godot editor --- .../doc_classes/EditorExportPlatformMacOS.xml | 7 +++++++ platform/macos/export/export_plugin.cpp | 14 ++++++++++++++ 2 files changed, 21 insertions(+) diff --git a/platform/macos/doc_classes/EditorExportPlatformMacOS.xml b/platform/macos/doc_classes/EditorExportPlatformMacOS.xml index c261c252ba85..e49c6ce7fc7b 100644 --- a/platform/macos/doc_classes/EditorExportPlatformMacOS.xml +++ b/platform/macos/doc_classes/EditorExportPlatformMacOS.xml @@ -75,6 +75,13 @@ Array of the additional command line arguments passed to the code signing tool. + + Additional data added to the root [code]<dict>[/code] section of the [url=https://developer.apple.com/documentation/bundleresources/entitlements].entitlements[/url] file. The value should be an XML section with pairs of key-value elements, e.g.: + [codeblock lang=text] + <key>key_name</key> + <string>value</string> + [/codeblock] ++ Enable to allow access to contacts in the user's address book, if it's enabled you should also provide usage message in the [member privacy/address_book_usage_description] option. See [url=https://developer.apple.com/documentation/bundleresources/entitlements/com_apple_security_personal-information_addressbook]com.apple.security.personal-information.addressbook[/url]. diff --git a/platform/macos/export/export_plugin.cpp b/platform/macos/export/export_plugin.cpp index c99e9cdd0c9b..dfc8cd0b3363 100644 --- a/platform/macos/export/export_plugin.cpp +++ b/platform/macos/export/export_plugin.cpp @@ -501,6 +501,7 @@ void EditorExportPlatformMacOS::get_export_options(List *r_options r_options->push_back(ExportOption(PropertyInfo(Variant::INT, "codesign/entitlements/app_sandbox/files_movies", PROPERTY_HINT_ENUM, "No,Read-only,Read-write"), 0)); r_options->push_back(ExportOption(PropertyInfo(Variant::INT, "codesign/entitlements/app_sandbox/files_user_selected", PROPERTY_HINT_ENUM, "No,Read-only,Read-write"), 0)); r_options->push_back(ExportOption(PropertyInfo(Variant::ARRAY, "codesign/entitlements/app_sandbox/helper_executables", PROPERTY_HINT_ARRAY_TYPE, itos(Variant::STRING) + "/" + itos(PROPERTY_HINT_GLOBAL_FILE) + ":"), Array())); + r_options->push_back(ExportOption(PropertyInfo(Variant::STRING, "codesign/entitlements/additional", PROPERTY_HINT_MULTILINE_TEXT), "")); r_options->push_back(ExportOption(PropertyInfo(Variant::PACKED_STRING_ARRAY, "codesign/custom_options"), PackedStringArray())); #ifdef MACOS_ENABLED @@ -2126,6 +2127,11 @@ Error EditorExportPlatformMacOS::export_project(const Ref &p } } + const String &additional_entitlements = p_preset->get("codesign/entitlements/additional"); + if (!additional_entitlements.is_empty()) { + ent_f->store_line(additional_entitlements); + } + ent_f->store_line(""); ent_f->store_line(""); } else { @@ -2288,6 +2294,14 @@ Error EditorExportPlatformMacOS::export_project(const Ref &p } } + if (FileAccess::exists(ent_path)) { + print_verbose("entitlements:\n" + FileAccess::get_file_as_string(ent_path)); + } + + if (FileAccess::exists(hlp_ent_path)) { + print_verbose("helper entitlements:\n" + FileAccess::get_file_as_string(hlp_ent_path)); + } + // Clean up temporary entitlements files. if (FileAccess::exists(hlp_ent_path)) { DirAccess::remove_file_or_error(hlp_ent_path);