Solution for how to allow LC 9.6.6 and up standalones to control other apps in macOS - was:Excel_Lib on Mac
matthias_livecode_150811 at m-r-d.de
matthias_livecode_150811 at m-r-d.de
Fri Mar 18 15:37:10 EDT 2022
Ups, forgot to add the link to the bug report
https://quality.livecode.com/show_bug.cgi?id=23576
> Am 18.03.2022 um 20:17 schrieb matthias rebbe via use-livecode <use-livecode at lists.runrev.com>:
>
> First of all there is a bug report already. Unfortunately LC stuff is not able to reproduce the problem.
> But there a some users who reported that it is not possible in LC 9.6.6 and up to control an other app from within a LC script using Apple script if the app was not already listed under Livecode in System preferences/Security&Privacy/Automation. For whatever reason there was not the typical security pop up asking for confirmation.
>
> As a workaround it is possible to run the stack first with LC 9.6.3. With that version the dialog pops up and the user can confirm. After that the stack works also with 9.6.6 and up and is able to control that other app.
>
> But what about standalones created with LC 9.6.6 and up? They will not show up the dialog.
>
> To get this working, the standalones need some additional information in the info.plist and they need to be code signed with entitlements. At least with the entitlement
> <key>com.apple.security.automation.apple-events</key>
>
> So after you've created the macOS standalone you have to modify the info.plist of that standalone and then you have to codesign it with entitlements. After that your app created with 9.6.6 will show that security dialog.
>
> Is that easy? No.
>
> I've solved it this way as a workaround, so i do not have to do this manually after each standalone building process.
>
>
> 1. I created a folder 'entitlements' in the folder 'My Livecode/resources/'
>
> 2. I copied an entitlements file into that folder and named it 'entitlements.plist'.
> My entitlements.plist file contains all entitlements as suggested by the following lesson.
> https://lessons.livecode.com/m/4071/l/1293515-entitlements-for-signed-and-notarized-apps
>
> 3. I edited the sample info.plist file in the Livecode App bundle Livecode...app/Contents/Tools/Runtime/Mac OS X/x86-64/Standalone.app/Contents/info.plist
> I added the following two lines to it
> <key>NSAppleEventsUsageDescription</key>
> <string>This app needs permission to use Apple Script</string>
>
> I placed it directly under the line
> <string>This app requires permission to access your Media Library</string>
>
> 4. I edited the stack script of the stack revSaveAsStandalone, better said i modified the handler performAdHocCodesign pAppBundle
>
> I commented out the line
> put "codesign --deep -f -s -" && quote & pAppBundle & quote into tShell
> and put the following lines after that line
>
> if there is a file revEnvironmentUserResourcesPath()&"/entitlements/entitlement.plist"
>
> then
>
> put "codesign --deep --entitlements" && quote &revEnvironmentUserResourcesPath()&"/entitlements/entitlement.plist" & Quote && "-f -s -" && quote & pAppBundle & quote into tShell
>
> else
>
> put "codesign --deep -f -s -" && quote & pAppBundle & quote into tShell
>
> end if
>
>
> Now when i create a macOS standalone the standalone contains the needed information in the info.plist and LC does an adhoc codesigning, as it did before, but now with entitlements.
> With this created app the security dialog pops up right away.
> If i want, for whatever reason, to create an macOS without that modification, then i just have to rename my entitlements.plist file and LC does the normal adhoc code signing as it did before.
>
> The above steps 3 and 4 have to be done for each LC edition that does have this 'problem'. But if you are like me then you need to do this only for the most current version.
>
>
> Hope this helps the one or other.
>
> Matthias
>
> _______________________________________________
> use-livecode mailing list
> use-livecode at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
More information about the use-livecode
mailing list