Hi all,

I'm just wondering if anyone had had any thoughts on this issue? I never 
actually got to the bottom of it.

Thanks
Mark

> On 15 Jun 2020, at 9:56 pm, Mark Allan <markjal...@gmail.com> wrote:
> 
> Oops, sorry! I'm using Objective-C, targeting macOS 10.10+
> 
> 
> 
>> On 15 Jun 2020, at 9:41 pm, Alex Zavatone <z...@mac.com> wrote:
>> 
>> Platform?
>> 
>>> On Jun 15, 2020, at 9:51 AM, Mark Allan via Cocoa-dev 
>>> <cocoa-dev@lists.apple.com> wrote:
>>> 
>>> Hi folks, 
>>> 
>>> I have an app which communicates with a privileged helper tool, and I used 
>>> the AuthorizationRightSet API to add the rights, requirements, and prompt 
>>> strings to the authorizationdb - as per Apple's documentation. As expected, 
>>> this initial call to "AuthorizationRightSet" does not prompt for 
>>> authentication to add the rights to the DB.
>>> 
>>> Some of my app's functions require presenting an authentication prompt to 
>>> the user, and these prompts have been localised.
>>> 
>>> Calling 'sudo security authorizationdb read' in the Terminal shows the 
>>> rule, the default prompt, and all the localised versions of the prompt 
>>> string.
>>> 
>>> All fine so far, but I've recently reworded some of the authentication 
>>> prompt strings, so it (and all the localisations) now need to be updated.
>>> 
>>> How do I do this? Naively I thought I could just update the respective 
>>> localizable.strings file, and it would just work, but as the translated 
>>> text is hard-coded into the authorizationdb, this doesn't seem possible.
>>> 
>>> Using AuthorizationRightSet again will cause an authentication prompt to 
>>> appear as soon as my app is launched. As does AuthorizationRightRemove.
>>> 
>>> Now, I know I could remove all my rights from the authorizationdb by 
>>> calling "sudo security authorizationdb remove XYZ" for each of my app's 
>>> rights, but I obviously can't expect users to do this. Neither do I want 
>>> them to be presented with an auth prompt purely to update some strings.
>>> 
>>> I could also just change the auth right name so that the app proceeds as if 
>>> that particular right had never been in the database in the first place, 
>>> but that seems like a nasty hacky way to do it.
>>> 
>>> ....so, where does this leave me? I can't be the only person who's come up 
>>> against this issue, but web searches and StackOverflow aren't giving me 
>>> much to go on.
>>> 
>>> Many thanks
>>> Mark
> 

_______________________________________________

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Reply via email to