-
Notifications
You must be signed in to change notification settings - Fork 18
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow harbour apps to have settings #79
Conversation
LGTM but @jlehtoranta should approve. (Is the blank line necessary?) |
This allows third party code run as privileged, not a good thing. Also .json format should be cleaned up a bit by removing unused obsolete things. |
I fail to see how this would make the platform less secure than it is now. Lack of support for app settings is pushing developers from Jolla store to openrepos which is not a good thing, IMO. |
Currently we don't run third party code as privileged anywhere so it's definitely worse from security point of view. Also don't want to commit on supporting this api as stable. App settings are possible anyway, just not accessed via settings app. |
Sailfish is based around integration with all messages available from the Messages application, all calls available from Phone, all settings available from Settings. With only official Jolla (and Android) application settings available from Settings, the Apps section is empty, useless and amateuristic, and has been this way for almost three years now. |
Any updates on this one? Namely:
|
QML run less privileged is not an easy thing. Properly done it would require a separate process to be embedded running third party settings UI. So unfortunately no updates as of now. |
@pvuorela I would propose to create a list of the action items for solving this issue.
|
This has been discussed long time already and it's not a simple thing to fix. Problem is that to run qml securely there needs to be a separate non-privileged process executing it. It there's a separate process running, the resulting window needs to be embedded into settings. Either as settings being a wayland composer or then Lipstick handling the two windows as one. |
I was wondering if a quick solution would be like this:
The developer can launch it's app then directly with it's settings page as nemo. |
Have you thought about restricting the qml imports to settings pages to the absolute minium and check the dconf path they write and limit it to a name like the appname? |
Yes. Those are easy to bypass and more or less impossible to prevent without modifying qml engine. |
Then I have no idea except something like json file with a description and a
dconf var for each settings.
Its really a shame to let such a thing stay unfixed.
|
This patch allows harbour apps to install its settings
.json
file to/usr/share/jolla-settings/entries
and install translations to/usr/share/translations
. Everything else (including settings qml files) can remain in the app specific area as long as.json
file points there.