Need "Photos" entitlement to sync Pictures library on Big Sur

[gsfriedman]

SyncThing does not assert the Photos entitlement which ultimately means that a user cannot set up anything under {user}\Pictures as a syncable folder.

Resilio had a similar issue which was discussed here: https://forum.resilio.com/topic/72105-resilio-sync-for-mac-doesnt-have-entitlements/

When that entitlement is present, the user will see a security prompt allowing them to approve the app's access.

Possible to add to SyncThing?

[gsfriedman]

Clarifying that I'm referring to this:

https://developer.apple.com/documentation/bundleresources/entitlements/com_apple_security_personal-information_photos-library

[xor-gate]

This is probably related to issue #95. We indeed need to test if some folder are accessible and then have the security prompt of macOS so you can allow those folders.

I have reproduced this by adding Pictures as a shared folder. And it seems to be manually fixable by adding it to Full Disk Access in Privacy.

[poppybank]

Pretty easy to fix this.

1. Open the project in Xcode
2. Select the syncthing project in the lift on the left and choose Signing and Capabilities in the view on the right
3. Click the + next to Capability
4. Choose App Sandbox and double click it to add
5. In the App Sandbox area that appears, go to File Access and make the Pictures Folder Read/Write. You probably want to enable other types too so things like movies and music can be synced.

This will add a Syncthing.entitlements file to the project that needs to be checked in too.

[gsfriedman]

Confirmed that explicitly adding Syncthing to "Full Disk Access" addresses the issue. Thanks for pointing this out!

Including the Photos library entitlement as described above would both simplify the process for the user (they'd get an approval dialog) and would allow the user to grant lesser privileges.