ewhitley
commented
3 years ago Not sure of the best path to test this. Should we just try writing a fake Apple Event to see if it runs? https://developer.apple.com/forums/thread/107546
Open ewhitley opened 3 years ago
ewhitley
commented
3 years ago Not sure of the best path to test this. Should we just try writing a fake Apple Event to see if it runs? https://developer.apple.com/forums/thread/107546
ewhitley
commented
3 years ago Still investigating, but after a lot of searching it looks like 10.14 does have an API to check for Apple Events being enabled for a target app
https://www.felix-schwarz.org/blog/2018/08/new-apple-event-apis-in-macos-mojave
https://developer.apple.com/documentation/coreservices/3025784-aedeterminepermissiontoautomatet
Sounds like it may be buggy https://developer.apple.com/forums/thread/666528
We'll have to check the OS target. This is a 10.14+ only API. https://halmueller.wordpress.com/2018/09/04/privacy-consent-in-mojave-part-2-applescript/
Nice extended discussion about the issues here (pre formal 10.14 release) https://www.felix-schwarz.org/blog/2018/06/apple-event-sandboxing-in-macos-mojave
ewhitley
commented
3 years ago Really good sample project from one of the articles listed above
https://github.com/Panopto/test-mac-privacy-consent
Also demos how to (potentially) direct the user to the privacy settings in the OS
[[NSWorkspace sharedWorkspace] openURL:[NSURL URLWithString:@"x-apple.systempreferences:com.apple.preference.security?Privacy_Automation"]];
Note that we cannot check script access status unless the target app is running. That's going to get ugly since we may want to call to the app to launch it. We'll have to check to see if the target bundle ID is running first?
ewhitley
commented
3 years ago Initial version committed. Modified from approach on https://github.com/Panopto/test-mac-privacy-consent
ewhitley
commented
3 years ago Interesting. Re: app store, Microsoft apparently got exemptions to be able to use the older style entitlements.
https://news.ycombinator.com/item?id=18992088
Specifically -> https://news.ycombinator.com/item?id=18995754
StatTag cannot work without AppleScript access. Given the user is prompted precisely once and never again, it's difficult to let the user know they can't really use StatTag once they've denied access.
We need to do something where we detect the privilege has been denied and then provide some sort of help dialogue to let them know what they need to do (similarly to how BBEdit does it). We cannot intervene at all on their behalf.
http://www.barebones.com/support/bbedit/ODBAutomationError.html