Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add privacy manifest file #1246

Merged
merged 1 commit into from
Mar 26, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 22 additions & 1 deletion src/main/java/com/gluonhq/substrate/util/ios/CodeSigning.java
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2019, 2021, Gluon
* Copyright (c) 2019, 2024, Gluon
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
Expand Down Expand Up @@ -66,6 +66,7 @@ public class CodeSigning {

private static final String CODESIGN_ALLOCATE_ENV = "CODESIGN_ALLOCATE";
private static final String EMBEDDED_PROVISIONING_PROFILE = "embedded.mobileprovision";
private static final String PRIVACY_MANIFEST_FILE = "PrivacyInfo.xcprivacy";
private static final String ERRLINK = "Please check https://docs.gluonhq.com/ for more information.";

private static final String KEYCHAIN_ERROR_MESSAGE = "errSecInternalComponent";
Expand Down Expand Up @@ -110,8 +111,16 @@ public boolean signApp() throws IOException, InterruptedException {
Path provisioningProfilePath = mobileProvision.getProvisioningPath();
Path embeddedPath = appPath.resolve(EMBEDDED_PROVISIONING_PROFILE);
Files.copy(provisioningProfilePath, embeddedPath, REPLACE_EXISTING);

// entitlements
Path entitlementsPath = getEntitlementsPath(bundleId, getProvisioningProfile().isTaskAllow());
Logger.logDebug("Signing with entitlements path: " + entitlementsPath);

// privacy
Path privacyManifestPath = getPrivacyManifestPath();
Logger.logDebug("Privacy manifest path: " + privacyManifestPath);
Files.copy(privacyManifestPath, appPath.resolve(PRIVACY_MANIFEST_FILE), REPLACE_EXISTING);

return sign(entitlementsPath, appPath);
}

Expand Down Expand Up @@ -343,6 +352,18 @@ private Path getEntitlementsPath(String bundleId, boolean taskAllow) throws IOEx
return tmpEntitlements;
}

private Path getPrivacyManifestPath() throws IOException {
Path privacyManifest = rootPath.resolve(PRIVACY_MANIFEST_FILE);

if (!Files.exists(privacyManifest)) {
Path tmpPrivacyManifest = tmpPath.resolve(PRIVACY_MANIFEST_FILE);
privacyManifest = FileOps.copyResource("/native/ios/PrivacyInfo.xcprivacy", tmpPrivacyManifest);
Logger.logInfo("Default iOS privacy manifest generated in " + tmpPrivacyManifest + ".\n" +
"Consider copying it to " + rootPath + " before performing any modification");
}
return privacyManifest;
}

private List<Identity> getIdentity() {
if (providedIdentityName != null) {
return findIdentityByName(providedIdentityName);
Expand Down
34 changes: 34 additions & 0 deletions src/main/resources/native/ios/PrivacyInfo.xcprivacy
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>NSPrivacyAccessedAPITypes</key>
<array>
<dict>
<key>NSPrivacyAccessedAPIType</key>
<string>NSPrivacyAccessedAPICategoryFileTimestamp</string>
<key>NSPrivacyAccessedAPITypeReasons</key>
<array>
<string>DDA9.1</string>
</array>
</dict>
<dict>
<key>NSPrivacyAccessedAPIType</key>
<string>NSPrivacyAccessedAPICategoryDiskSpace</string>
<key>NSPrivacyAccessedAPITypeReasons</key>
<array>
<string>E174.1</string>
</array>
</dict>
<dict>
<key>NSPrivacyAccessedAPIType</key>
<string>NSPrivacyAccessedAPICategorySystemBootTime</string>
<key>NSPrivacyAccessedAPITypeReasons</key>
<array>
<string>35F9.1</string>
<string>8FFB.1</string>
</array>
</dict>
</array>
</dict>
</plist>
Loading