From f3aec8ae2f4fbbd48a91ce5cc41b06afac25dfc9 Mon Sep 17 00:00:00 2001 From: Giorgio Calderolla Date: Mon, 23 Jun 2014 07:59:31 +0200 Subject: [PATCH] Sandbox feed checker helper --- CTCScheduler.m | 17 +++++++++- Catch.xcodeproj/project.pbxproj | 13 ++++++++ CatchFeedHelper/CTCFeedChecker.h | 2 +- CatchFeedHelper/CTCFeedChecker.m | 31 ++++++++++++++++++- ...derolla.Catch.CatchFeedHelper.entitlements | 10 ++++++ 5 files changed, 70 insertions(+), 3 deletions(-) create mode 100644 CatchFeedHelper/com.giorgiocalderolla.Catch.CatchFeedHelper.entitlements diff --git a/CTCScheduler.m b/CTCScheduler.m index b25a945..ddf1e22 100644 --- a/CTCScheduler.m +++ b/CTCScheduler.m @@ -117,10 +117,25 @@ - (void)callFeedCheckerWithReplyHandler:(CTCFeedCheckCompletionHandler)replyHand // Extract URLs from history NSArray *previouslyDownloadedURLs = [history valueForKey:@"url"]; + // Create a bookmark so we can transfer access to the downloads path + // to the feed checker service + NSURL *downloadFolderURL = [NSURL fileURLWithPath:downloadPath]; + NSError *error = nil; + NSData *downloadFolderBookmark = [downloadFolderURL bookmarkDataWithOptions:NSURLBookmarkCreationMinimalBookmark + includingResourceValuesForKeys:@[] + relativeToURL:nil + error:&error]; + if (!downloadFolderBookmark || error) { + NSLog(@"Couldn't create bookmark for downloads folder: %@", error); + + // Not really handling this error + return; + } + // Call feed checker service CTCFeedChecker *feedChecker = [self.feedCheckerConnection remoteObjectProxy]; [feedChecker checkShowRSSFeed:feedURL - downloadingToPath:downloadPath + downloadingToBookmark:downloadFolderBookmark organizingByFolder:organizeByFolder skippingURLs:previouslyDownloadedURLs withReply:^(NSArray *downloadedFeedFiles, NSError *error) { diff --git a/Catch.xcodeproj/project.pbxproj b/Catch.xcodeproj/project.pbxproj index 2a9c0ab..18212ac 100644 --- a/Catch.xcodeproj/project.pbxproj +++ b/Catch.xcodeproj/project.pbxproj @@ -105,6 +105,7 @@ 4401571C1957A3150041D148 /* pl */ = {isa = PBXFileReference; lastKnownFileType = text.plist.strings; name = pl; path = pl.lproj/UI.strings; sourceTree = ""; }; 4401571D1957A3150041D148 /* pl */ = {isa = PBXFileReference; lastKnownFileType = text.plist.strings; name = pl; path = pl.lproj/Localizable.strings; sourceTree = ""; }; 4403ACF31914041C002F286C /* Assets.xcassets */ = {isa = PBXFileReference; lastKnownFileType = folder.assetcatalog; path = Assets.xcassets; sourceTree = ""; }; + 4412E8161957F09200701124 /* com.giorgiocalderolla.Catch.CatchFeedHelper.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.xml; path = com.giorgiocalderolla.Catch.CatchFeedHelper.entitlements; sourceTree = ""; }; 4419CF37180627A900C77432 /* nl */ = {isa = PBXFileReference; lastKnownFileType = text.plist.strings; name = nl; path = nl.lproj/Localizable.strings; sourceTree = ""; }; 4456EE5F1916D20000B3FF1A /* NSDate+TimeOfDayMath.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "NSDate+TimeOfDayMath.h"; sourceTree = ""; }; 4456EE601916D20000B3FF1A /* NSDate+TimeOfDayMath.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = "NSDate+TimeOfDayMath.m"; sourceTree = ""; }; @@ -319,6 +320,7 @@ 44717AC61913A08700580054 /* CatchFeedHelper */ = { isa = PBXGroup; children = ( + 4412E8161957F09200701124 /* com.giorgiocalderolla.Catch.CatchFeedHelper.entitlements */, 44717AD71913A1C900580054 /* CTCFeedChecker.h */, 44717AD81913A1C900580054 /* CTCFeedChecker.m */, 44717AAB19131BC700580054 /* CTCFeedParser.h */, @@ -418,6 +420,13 @@ 446D8B551918D146007AB22D = { TestTargetID = 8D1107260486CEB800E47090; }; + 44717AC31913A08700580054 = { + SystemCapabilities = { + com.apple.Sandbox = { + enabled = 1; + }; + }; + }; }; }; buildConfigurationList = 26FC0A880875C7B200E6366F /* Build configuration list for PBXProject "Catch" */; @@ -762,6 +771,8 @@ 44717ACF1913A08700580054 /* Debug */ = { isa = XCBuildConfiguration; buildSettings = { + CODE_SIGN_ENTITLEMENTS = CatchFeedHelper/com.giorgiocalderolla.Catch.CatchFeedHelper.entitlements; + CODE_SIGN_IDENTITY = "-"; GCC_PREFIX_HEADER = "CatchFeedHelper/CatchFeedHelper-Prefix.pch"; GCC_SYMBOLS_PRIVATE_EXTERN = NO; INFOPLIST_FILE = "CatchFeedHelper/CatchFeedHelper-Info.plist"; @@ -774,6 +785,8 @@ 44717AD01913A08700580054 /* Release */ = { isa = XCBuildConfiguration; buildSettings = { + CODE_SIGN_ENTITLEMENTS = CatchFeedHelper/com.giorgiocalderolla.Catch.CatchFeedHelper.entitlements; + CODE_SIGN_IDENTITY = "-"; GCC_PREFIX_HEADER = "CatchFeedHelper/CatchFeedHelper-Prefix.pch"; INFOPLIST_FILE = "CatchFeedHelper/CatchFeedHelper-Info.plist"; MACH_O_TYPE = mh_execute; diff --git a/CatchFeedHelper/CTCFeedChecker.h b/CatchFeedHelper/CTCFeedChecker.h index dfb6a26..c26fae4 100644 --- a/CatchFeedHelper/CTCFeedChecker.h +++ b/CatchFeedHelper/CTCFeedChecker.h @@ -9,7 +9,7 @@ typedef void (^CTCFeedCheckCompletionHandler)(NSArray *downloadedFeedFiles, @protocol CTCFeedCheck - (void)checkShowRSSFeed:(NSURL *)feedURL - downloadingToPath:(NSString *)downloadFolderPath + downloadingToBookmark:(NSData *)downloadFolderBookmark organizingByFolder:(BOOL)shouldOrganizeByFolder skippingURLs:(NSArray *)previouslyDownloadedURLs withReply:(CTCFeedCheckCompletionHandler)reply; diff --git a/CatchFeedHelper/CTCFeedChecker.m b/CatchFeedHelper/CTCFeedChecker.m index 699870a..5bee444 100644 --- a/CatchFeedHelper/CTCFeedChecker.m +++ b/CatchFeedHelper/CTCFeedChecker.m @@ -27,12 +27,24 @@ - (BOOL)listener:(NSXPCListener *)listener shouldAcceptNewConnection:(NSXPCConne } - (void)checkShowRSSFeed:(NSURL *)feedURL - downloadingToPath:(NSString *)downloadFolderPath + downloadingToBookmark:(NSData *)downloadFolderBookmark organizingByFolder:(BOOL)shouldOrganizeByFolder skippingURLs:(NSArray *)previouslyDownloadedURLs withReply:(CTCFeedCheckCompletionHandler)reply { NSLog(@"Checking feed"); + // Resolve the bookmark (that the main app gives us to transfer access to + // the download folder) to a URL + NSURL *downloadFolderURL = [self URLFromBookmark:downloadFolderBookmark]; + if (!downloadFolderURL) { + reply(@[], [NSError errorWithDomain:kCTCFeedCheckerErrorDomain + code:-4 + userInfo:nil]); + return; + } + + NSString *downloadFolderPath = downloadFolderURL.path; + // Flush the cache, we want fresh results [NSURLCache.sharedURLCache removeAllCachedResponses]; @@ -85,6 +97,23 @@ - (NSXMLDocument*)downloadFeed:(NSURL*)feedURL { return document; } +- (NSURL *)URLFromBookmark:(NSData *)bookmark { + NSError *error = nil; + BOOL isStale = NO; + NSURL *URL = [NSURL URLByResolvingBookmarkData:bookmark + options:kNilOptions + relativeToURL:nil + bookmarkDataIsStale:&isStale + error:&error]; + + if (!URL || error) { + NSLog(@"Could not get URL from bookmark: %@", error); + return nil; + } + + return URL; +} + - (NSArray *)downloadFiles:(NSArray *)feedFiles toPath:(NSString *)downloadPath organizingByFolder:(BOOL)shouldOrganizeByFolder diff --git a/CatchFeedHelper/com.giorgiocalderolla.Catch.CatchFeedHelper.entitlements b/CatchFeedHelper/com.giorgiocalderolla.Catch.CatchFeedHelper.entitlements new file mode 100644 index 0000000..ee95ab7 --- /dev/null +++ b/CatchFeedHelper/com.giorgiocalderolla.Catch.CatchFeedHelper.entitlements @@ -0,0 +1,10 @@ + + + + + com.apple.security.app-sandbox + + com.apple.security.network.client + + +