My question: What is the best way to build a macOS app that requires 100% access to the entire file system of a user, in a way that complies with App Store policies? See details below:
I am new to macOS development and am still getting my head around Swift and Xcode, though I've been a professional developer for 15 years. I am building a macOS app in Xcode 11 and Swift 5.2, designed for systems 10.13 and later (though 10.14+ would be acceptable if the Full Disk Access factor makes 10.13 support impossible or not feasible).
The app is a file utility that lets users find certain files, filter them, and copy them to another location. Here is how the general UX goes:
- We start by showing the user a list of volumes, similar to the left pane of Finder. The user can select any volumes/root locations they want to search.
- We search those locations and store information about every file found in a db (SQLite at this point).
- The user can filter out what they don't want
- We can copy those to another location the user indicates.
I'm leaving this vague because the hope is that this will end up in the App Store. I am having trouble getting file access outside my package and would like to know what the experts would do here.
- I've created a Release build of my .app package, moved to /Applications, and manually enabled the Full Disk Access permission for that app. It seems my App Sandbox is still prioritized, I'm getting an access error when trying a fileManager.contentsOfDirectory.
- I've read in this forum that Security Bookmarks + FDA (Full Disk Access) are required, but that involves asking the user to pick the root "/" folder as a bookmark. This isn't in the spirit of what we want to build, our app is designed to find files that the user may have forgotten about, so we need to start by showing them the available Volumes so they have a complete idea of what's possible to search from. There is no option to choose sub-folders, it's a recursive search if they select Macintosh HD from the UI (not from an NSPanel or file picker).
What high-level steps should I be doing here to build an app where I can get the access I need, to every file on the user's system, forever, even if the user has to go through a painful set of steps to allow that permission? Full Disk Access alone doesn't seem to fix the problem, my Sandbox seems to be still standing in my way (unless there's a special way to approach this on the Swift side). I don't really have any meaningful code to post, it's a very basic test of trying to list files in a restricted location. Other apps are able to do this somehow and still comply with the App Store, so it's possible. How are they doing it?
Thanks.