Reenable the sandbox handling for iOS

We still cannot read files, at least we spam the user with a bunch of prompts now!
fwcd · Jan 28, 2024 · 8e0a652 · 8e0a652
1 parent 2085340
commit 8e0a652
Showing 1 changed file with 11 additions and 4 deletions.
diff --git a/src/util/sandbox.cpp b/src/util/sandbox.cpp
@@ -27,7 +27,10 @@ QHash<QString, SecurityTokenWeakPointer> Sandbox::s_activeTokens;
 
 // static
 void Sandbox::checkSandboxed() {
-#ifdef Q_OS_MACOS
+#ifdef Q_OS_IOS
+    // iOS apps are always sandboxed
+    s_bInSandbox = true;
+#elif defined(Q_OS_MACOS)
     SecCodeRef secCodeSelf;
     if (SecCodeCopySelf(kSecCSDefaultFlags, &secCodeSelf) == errSecSuccess) {
         SecRequirementRef sandboxReq;
@@ -181,15 +184,20 @@ bool Sandbox::createSecurityToken(const QString& canonicalPath,
         return false;
     }
 
-#ifdef Q_OS_MACOS
     CFURLRef url = CFURLCreateWithFileSystemPath(
             kCFAllocatorDefault, QStringToCFString(canonicalPath),
             kCFURLPOSIXPathStyle, isDirectory);
     if (url) {
         CFErrorRef error = NULL;
+#ifdef Q_OS_IOS
+        // https://bugreports.qt.io/browse/QTBUG-67522
+        unsigned long options = kCFURLBookmarkCreationSuitableForBookmarkFile;
+#else
+        unsigned long options = kCFURLBookmarkCreationWithSecurityScope;
+#endif
         CFDataRef bookmark = CFURLCreateBookmarkData(
                 kCFAllocatorDefault, url,
-                kCFURLBookmarkCreationWithSecurityScope, nil, nil, &error);
+                options, nil, nil, &error);
         CFRelease(url);
         if (bookmark) {
             QByteArray bookmarkBA = QByteArray(
@@ -215,7 +223,6 @@ bool Sandbox::createSecurityToken(const QString& canonicalPath,
             qDebug() << "Failed to create security-scoped bookmark URL for" << canonicalPath;
         }
     }
-#endif
     return false;
 }