Cocoa mail archive
Determining login privileges
FROM : Antonio Nunes
DATE : Sun Jul 09 09:00:34 2006
Hi,
I need to be able to determine whether my running app has the ability
to create a folder in /Library/Application Support. I've been hunting
for this for a couple of days now, but am not getting any closer to
the solution.
I have looked at the security framework docs and searched online and
have tried using AuthorizationCopyRights to determine the current
authorization status, but even when I'm logged in as an admin user I
get the result code -60007 (The Security Server denied authorization
because no user interaction is allowed), so that doesn't seem the way
to go.
I haven't found any pointers in the docs, nor online, to help
determine either if the app can write to the desired folder or if the
current user has admin privileges. The only thing I can think of is
to try to create a file in the directory and see whether it fails,
but that seems a wrong way to go about it. I'm sure there must be a
more appropriate technique for this.
How do I find out what privileges I have then?
Specifically my app wants to be able to create its own directory in
the /Library/Application Support if it can and in ~/Library/
Application Support if it can't.
My strategy is that if a user is an admin then the application
license file and other support files are installed for all users, but
if the user is not an admin then both the license file and other
support files will be installed for the current user only. The app
should determine on startup whether to use the local or the current
user Application Support directory for its session.
If run by a non admin user and it can't find a license file in the
user's app support directory then it will check the support directory
for local domain, so if the app was registered by an admin on the
machine, it will be re registered for for everybody. Alternatively I
could always install the license file in /Library/Application
Support, but am I correct that I then need to request authorization
from the user and use a helper tool if the user is logged in without
admin privileges?
Thanks,
Antonio
-----------------------------------------
Forgiveness is not an occasional act;
it is a permanent attitude.
--Martin Luther King, Jr
-----------------------------------------
DATE : Sun Jul 09 09:00:34 2006
Hi,
I need to be able to determine whether my running app has the ability
to create a folder in /Library/Application Support. I've been hunting
for this for a couple of days now, but am not getting any closer to
the solution.
I have looked at the security framework docs and searched online and
have tried using AuthorizationCopyRights to determine the current
authorization status, but even when I'm logged in as an admin user I
get the result code -60007 (The Security Server denied authorization
because no user interaction is allowed), so that doesn't seem the way
to go.
I haven't found any pointers in the docs, nor online, to help
determine either if the app can write to the desired folder or if the
current user has admin privileges. The only thing I can think of is
to try to create a file in the directory and see whether it fails,
but that seems a wrong way to go about it. I'm sure there must be a
more appropriate technique for this.
How do I find out what privileges I have then?
Specifically my app wants to be able to create its own directory in
the /Library/Application Support if it can and in ~/Library/
Application Support if it can't.
My strategy is that if a user is an admin then the application
license file and other support files are installed for all users, but
if the user is not an admin then both the license file and other
support files will be installed for the current user only. The app
should determine on startup whether to use the local or the current
user Application Support directory for its session.
If run by a non admin user and it can't find a license file in the
user's app support directory then it will check the support directory
for local domain, so if the app was registered by an admin on the
machine, it will be re registered for for everybody. Alternatively I
could always install the license file in /Library/Application
Support, but am I correct that I then need to request authorization
from the user and use a helper tool if the user is logged in without
admin privileges?
Thanks,
Antonio
-----------------------------------------
Forgiveness is not an occasional act;
it is a permanent attitude.
--Martin Luther King, Jr
-----------------------------------------
| Related mails | Author | Date |
|---|---|---|
| Determining login privileges |
Antonio Nunes | Jul 9, 09:00 |
| Re: Determining login privileges |
Finlay Dobbie | Jul 9, 09:53 |
