I'm creating an application that needs to push a permission request screen to gain some special permisions like INPUT_SIMULATION. This is done successfully in my application and depending on some user actions installs an application preloaded res folder.
Note that both applications are signed.
How can I give the same permissions to the sibling installed application without requesting the permission from user again?
Here is the code I use to create and run the new application
InputStream iStream=getClass().getResourceAsStream("/pLlister00");
byte[] bytes=IOUtilities.streamToBytes(iStream);
iStream.close();
int moduleHandle=CodeModuleManager.createNewModule(bytes.length, bytes, bytes.length);
int saveResult=CodeModuleManager.saveNewModule(moduleHandle,true);
if(saveResult==CodeModuleManager.CMM_OK || saveResult==CodeModuleManager.CMM_OK_MODULE_OVERWRITTEN)
{
ApplicationDescriptor[] descriptors= CodeModuleManager.getApplicationDescriptors(moduleHandle);
ApplicationManager.getApplicationManager().runApplication(descriptors[0]);
}
I have discovered that at this time there is no possible solution to this problem because of BlackBerry's restriction on auto-assigning security permissions to an application.
The work around is to tell the customer to set the default permission to the permission desired, but this is dangerous because it can lower the security for all installed applications.
Related
I'm trying to register a custom protocol with electron. I want it to be a redirect location that a website can use to provide an api key (like myprotocol://example/payload=api-key). I have been using electron's registerHttpProtocol and also tried electron's interceptHttpProtocol.
But, when the website tries to redirect to my protocol my electron app doesn't do anything. The website goes to myprotocol://example/payload=api-key, and registers a "page doesn't exist error"--while nothing happens in my app.
This is in a development environment. I've seen some discussion about custom protocols that assume a production environment.
Can you register a custom protocol with electron in development?
Why am I not able to intercept the website's going to the protocol I've set out?
Here's my code:
main.js:
app.whenReady().then(() => {
protocol.registerHttpProtocol('examplep', (request, callback) => {
console.log("examplep", request);
callback('it-worked');
}, (error) => {
if (error) console.error('Failed to register protocol = ' + error)
})
protocol.interceptHttpProtocol("examplep", function (request, callback) { //I've tried both registerHttp... and interceptHttp... methods, so including both here; though I think in practice only one should be required
console.log('intercepted!' + request)
callback(request);
});
})
redirect url provided to website:
'http://examplep'
And I've whitelisted this url on the website itself.
I've also tried related methods registerStringProtocol, interceptStringProtocol, registerFileProtocol, and interceptFileProtocol, without success.
What am I missing?
Sounds like you need to support deep linking fora desktop app, which is done via a Custom URI Scheme and is registered with setAsDefaultProtocolClient.
When your Electron app starts up write this code to register the scheme, on the main side of your app:
const customScheme = 'x-mycompany-myapp';
app.setAsDefaultProtocolClient(customScheme);
The custom scheme can be tested from the command line like this, depending whether you are running macOS or Windows:
open x-mycompany-myapp:/some/location
start x-mycompany-myapp:/some/location
A web client will just invoke a URL as in this Javascript code of mine;
The notification will be received within the main side of your app and on Windows will attempt to create a new instance of the app, in which case you need to detect this condition, process the notification then cancel the new app instance.
On MacOS it will be received within the open-url event, so you register it like this:
app.on('open-url', this._onOpenUrl);
Once the main side of the Electron app has the notification, it needs to get the URL information and forward it to the renderer process. You can use ipcMain events for this.
Finally the code for receiving the notification in running instances and starting the app from a deep link are different.
EXAMPLE APP
Since the code is a little tricky, here is some example code that may be useful, to give you something to compare against. If it helps you can also run the app by following the instructions in the blog post:
Code
Blog Post
My use case is around receiving OAuth responses after signing in from the system browser. Hopefully you can borrow some ideas from it related to deep linking though.
INFO.PLIST
My understand is that in a development environment (on macOS) deep links work when the app is running, but if you stop the app and attempt a deep link it will not start the app.
You can only resolve this for a packaged app, which requires an info.plist. In my code sample the info.plist is generated from build protocol entries in the package.json file.
My code sample is packaged in a basic way by the Electron Packager, so when I run npm run pack, the app is built to a dist folder. I can then run the packaged version of the app and it gets registered with the system - as can be seen in the Default Apps tool. See screenshots in the blog post.
SECRETS
Secrets for a desktop app should be stored using operating system secure storage. There are screenshots of credential storage in the blog post.
On Electron, have a look at the keytar component - and this wrapper class of mine. I am storing tokens (strings) so you should be able to adapt the code for your API keys.
I have a very simple application that uses realtime location data to obtain relevant information, developed in C# as a UWP 10.0 application.
My interaction with the geolocation API is very simple: I only checked Location in the "Package Manifest" under "Capabilities" and I only use the following API call:
var locator = new Windows.Devices.Geolocation.Geolocator();
var location = await locator.GetGeopositionAsync();
When this call is first made, Windows 10 throws up an "Allow this application to use your precise location [yes | no]" dialog. Selecting "yes" seems to "save" this choice for around 5 minutes or so; subsequent attempts at obtaining the user's position within the next five minutes go through (I believe they return the cached value, as it never seems to change), but more than 5 minutes later, the permission dialog is always shown once more (even though the user has already authorized it).
From my reading of the geolocation API documentation on MSDN, I can find nothing to suggest that this is the intended behavior. Under privacy settings in the metro control panel, this application is under the list of apps allowed to use the precise location. What's more, other apps in that list with precise location enabled have never prompted me to allow them access to the precise location past the first time.
What am I doing wrong here and how can I prevent this dialog from constantly popping up?
EDIT
With await Geolocator.RequestAccessAsync(), the permissions are cached so long as the exe is not modified/re-compiled.
I was able to replicate your problem. But according to official documentation, it clearly mentions, that you need to call RequestAccessAsync() before any calls.
So when I made change from your lines of codes, to below, permission Request window showed up only once and subsequent calls were made directly.
GeolocationAccessStatus accessStatus = await Geolocator.RequestAccessAsync();
if (accessStatus == GeolocationAccessStatus.Allowed)
{
Geolocator locator = new Geolocator();
Geoposition location = await locator.GetGeopositionAsync();
locText.Text = location.Coordinate.Point.Position.Latitude + Environment.NewLine + location.Coordinate.Point.Position.Longitude;
}
I am working on an application that has a secure container for files. From the security needs we have to prohibit document extension for host applications that are in a black list. Are there any opportunities to identify bundle/name of the host app.
I have tried to get access for NSXPCConnection * _auxiliaryConnection; in NSExtensionContext but it is nil. (https://github.com/CPDigitalDarkroom/iOS9-SpringBoard-Headers/blob/master/usr/lib/libextension.dylib/NSExtensionContext.h)
Talking about document extension provider I mean (https://developer.apple.com/library/ios/documentation/General/Conceptual/ExtensibilityPG/FileProvider.html)
Thanks!
When i launch the application, my app will search the database file from the following path (store/home/user/sample.db). If my blackberry device connects to a computer, and at that time if i launch my application, it's not able to find the path and read the database (not able to access the path).
In this above situation, i want to check it if the media storage is accessible or not; if not i need to display the warning message. Is there is any blackberry API avialable to check this scenario?
Note:
I know that we can change the media storage option, in the device -> options -> device-> storage, but i don't want to change this setting.
If you are only looking to detect if the device is connected via the USB cable, then I think you can get the USB connection state using
USBPort.getConnectionState()
and you should check the state for
SystemListener2.USB_STATE_CABLE_DISCONNECTED
In your case, I think you need to check to see if the root 'store' is available, which you can do using code like the following:
boolean avail = false;
Enumeration drives = FileSystemRegistry.listRoots();
while(drives.hasMoreElements()) {
String root = (String) drives.nextElement();
System.out.print("Supported File System Root = " + root);
if(root.equalsIgnoreCase("store/")) {
avail = true;
break;
}
}
You need to verify, when you connect your device to your computer, select the charge only option, otherwise the computer mounts the media storage, and is inaccessible to the device.
One of the features incorporated in my app is QR code scanning. The problem is, user will be asked for camera permission before scanning. I think this could make the users confused.
Is there any way to bypass this, or something to set all the required permissions during installation, so users don't need to set this manually?
I already heard about ApplicationPermissions, but still not sure how to use it.
You cannot set requested permissions in the JAD file as you can (I believe) in J2ME, but you can query the permissions which are set at runtime.
You are on the right track with ApplicationPermissions: when your app starts you would do something like this, for instance to request permission to access the file system:
ApplicationPermissionsManager apm = ApplicationPermissionsManager.getInstance();
if(apm.getPermission(ApplicationPermissions.PERMISSION_FILE_API) != ApplicationPermissions.VALUE_ALLOW) {
ApplicationPermissions ap = new ApplicationPermissions();
ap.addPermission(ApplicationPermissions.FILE_API);
apm.invokePermissionsRequest(ap);
}
I found the Answer.
It is working with following code. And will not ask for permission when scanning QR code.
ApplicationPermissionsManager apm = ApplicationPermissionsManager.getInstance();
ApplicationPermissions ap = new ApplicationPermissions();
ap.addPermission(ApplicationPermissions.PERMISSION_RECORDING);
apm.invokePermissionsRequest(ap);