Solution for how to allow LC 9.6.6 and up standalones to control other apps in macOS - was:Excel_Lib on Mac

Richard Gaskin ambassador at fourthworld.com
Fri Mar 18 16:48:03 EDT 2022


Thank you for submitting that report, Matthias.

Those of us who do consulting understand that there's been a huge 
transition over the last several years away from custom development of 
complete systems to integrating between existing systems.

On macOS, AppleScript plays a key role in integration.

Given the state of the market for tools like LC, anything that makes it 
easier to use LC in an integration role bodes well for us, the company, 
and end-users alike.

-- 
  Richard Gaskin
  Fourth World Systems



Matthias wrote:
> Ups, forgot to add the link to the bug report
> 
> https://quality.livecode.com/show_bug.cgi?id=23576
> 
>> Am 18.03.2022 um 20:17 schrieb matthias rebbe via use-livecode <use-livecode at lists.runrev.com>:
>> 
>> First of all there is a bug report already. Unfortunately LC stuff is not able to reproduce the problem. 
>> But there a some users who reported that it is not possible in LC 9.6.6 and up to control an other app from within a LC script using Apple script if the app was not already listed under Livecode  in System preferences/Security&Privacy/Automation. For whatever reason there was not the typical security pop up asking for confirmation. 
>> 
>> As a workaround it is possible to run the stack first with LC 9.6.3. With that version the dialog pops up and the user can confirm. After that the stack works also with 9.6.6 and up and is able to control that other app.
>> 
>> But what about standalones created with LC 9.6.6 and up? They will not show up the dialog.
>> 
>> To get this working, the standalones need some additional information in the info.plist and they need to be code signed with entitlements. At least with the entitlement 
>> 	<key>com.apple.security.automation.apple-events</key>
>> 
>> So after you've created the macOS standalone you have to modify the info.plist of that standalone and then you have to codesign it with entitlements. After that your app created with 9.6.6 will show that security dialog.
>> 
>> Is that easy? No.
>> 
>> I've solved it this way as a workaround, so i do not have to do this manually after each standalone building process.
>> 
>> 
>> 1. I created a folder 'entitlements' in the folder   'My Livecode/resources/'
>> 
>> 2. I copied an entitlements file into that folder and named it 'entitlements.plist'.
>> 	My entitlements.plist file contains all entitlements as suggested by the following lesson. 
>> 	https://lessons.livecode.com/m/4071/l/1293515-entitlements-for-signed-and-notarized-apps
>> 
>> 3. I edited the sample info.plist file in the Livecode App bundle  Livecode...app/Contents/Tools/Runtime/Mac OS X/x86-64/Standalone.app/Contents/info.plist
>>    I added the following two lines to it
>> 	<key>NSAppleEventsUsageDescription</key>
>> 	<string>This app needs permission to use Apple Script</string>
>> 
>> I placed it directly under the line
>>       <string>This app requires permission to access your Media Library</string>
>> 
>> 4. I edited the stack script of the stack revSaveAsStandalone, better said i modified the handler performAdHocCodesign pAppBundle
>> 
>> I commented out the line 
>> put "codesign --deep -f -s -" && quote & pAppBundle & quote into tShell
>> and put the following lines after that line
>> 
>> if there is a file revEnvironmentUserResourcesPath()&"/entitlements/entitlement.plist"
>> 
>> then
>> 
>> put "codesign --deep --entitlements" && quote &revEnvironmentUserResourcesPath()&"/entitlements/entitlement.plist" & Quote && "-f -s -" && quote & pAppBundle & quote into tShell
>> 
>> else
>> 
>> put "codesign --deep -f -s -" && quote & pAppBundle & quote into tShell
>> 
>> end if
>> 
>> 
>> Now when i create a macOS standalone the standalone contains the needed information in the info.plist and LC does an adhoc codesigning, as it did before, but now with entitlements.
>> With this created app the security dialog pops up right away.
>> If i want, for whatever reason, to create an macOS without that modification, then i just have to rename my entitlements.plist file and LC does the normal adhoc code signing as it did before.
>> 
>> The above steps 3 and 4 have to be done for each LC edition that does have this 'problem'. But if you are like me then you need to do this only for the most current version.
>> 
>> 
>> Hope this helps the one or other.
>> 
>> Matthias
>> 



More information about the use-livecode mailing list