From 8758e5f2949fbbb13c66f653f0310e0bced2c8bf Mon Sep 17 00:00:00 2001 From: Damiano Galassi Date: Fri, 10 Jan 2020 14:19:50 +0100 Subject: MacGui: improve security scoped resources management. Fixes #2566. (cherry picked from commit 073c2fb84b3ead86d2f2b28cbd737bb936cc0696) --- macosx/HBController.m | 1 + macosx/HBJob+Private.h | 6 +----- macosx/HBJob.h | 4 +++- macosx/HBJob.m | 23 +++++++++++++++++++++- macosx/HBQueue.m | 2 ++ macosx/HBSecurityAccessToken.h | 14 ++++---------- macosx/HBSubtitles.h | 3 ++- macosx/HBSubtitles.m | 33 ++++++++++++------------------- macosx/HBTitle.h | 3 ++- macosx/HBTitle.m | 44 ++++++++++++++++++++++++++++++++++++++++++ macosx/HBUtilities.h | 4 ++++ 11 files changed, 97 insertions(+), 40 deletions(-) diff --git a/macosx/HBController.m b/macosx/HBController.m index 9f2194f20..0a23528a9 100644 --- a/macosx/HBController.m +++ b/macosx/HBController.m @@ -761,6 +761,7 @@ static void *HBControllerLogLevelContext = &HBControllerLogLevelContext; { if (self.core.state != HBStateScanning) { + [job refreshSecurityScopedResources]; [self scanURL:job.fileURL titleIndex:job.titleIdx completionHandler:^(NSArray *titles) { if (titles.count) diff --git a/macosx/HBJob+Private.h b/macosx/HBJob+Private.h index 1f8c26ffd..08a9ec459 100644 --- a/macosx/HBJob+Private.h +++ b/macosx/HBJob+Private.h @@ -5,13 +5,9 @@ It may be used under the terms of the GNU General Public License. */ #import -#import "HBSecurityAccessToken.h" NS_ASSUME_NONNULL_BEGIN -@interface HBJob (Private) -@end - @interface HBVideo (Private) - (instancetype)initWithJob:(HBJob *)job; @@ -48,7 +44,7 @@ NS_ASSUME_NONNULL_BEGIN @end -@interface HBSubtitles (Private) +@interface HBSubtitles (Private) - (instancetype)initWithJob:(HBJob *)job; diff --git a/macosx/HBJob.h b/macosx/HBJob.h index c5325f1b3..a00c8cd36 100644 --- a/macosx/HBJob.h +++ b/macosx/HBJob.h @@ -19,6 +19,8 @@ #import "HBSubtitles.h" #import "HBChapter.h" +#import "HBSecurityAccessToken.h" + NS_ASSUME_NONNULL_BEGIN extern NSString *HBContainerChangedNotification; @@ -27,7 +29,7 @@ extern NSString *HBChaptersChangedNotification; /** * HBJob */ -@interface HBJob : NSObject +@interface HBJob : NSObject - (instancetype)initWithTitle:(HBTitle *)title andPreset:(HBPreset *)preset; diff --git a/macosx/HBJob.m b/macosx/HBJob.m index 8fe439212..669d059b5 100644 --- a/macosx/HBJob.m +++ b/macosx/HBJob.m @@ -39,7 +39,7 @@ NSString *HBChaptersChangedNotification = @"HBChaptersChangedNotification"; @property (nonatomic, readwrite) HBSecurityAccessToken *fileURLToken; @property (nonatomic, readwrite) HBSecurityAccessToken *outputURLToken; @property (nonatomic, readwrite) HBSecurityAccessToken *subtitlesToken; -@property (nonatomic, readwrite) NSInteger *accessCount; +@property (nonatomic, readwrite) NSInteger accessCount; @end @@ -288,6 +288,27 @@ NSString *HBChaptersChangedNotification = @"HBChaptersChangedNotification"; return self.name; } +- (void)refreshSecurityScopedResources +{ + if (_fileURLBookmark) + { + NSURL *resolvedURL = [HBUtilities URLFromBookmark:_fileURLBookmark]; + if (resolvedURL) + { + _fileURL = resolvedURL; + } + } + if (_outputURLFolderBookmark) + { + NSURL *resolvedURL = [HBUtilities URLFromBookmark:_outputURLFolderBookmark]; + if (resolvedURL) + { + _outputURL = resolvedURL; + } + } + [self.subtitles refreshSecurityScopedResources]; +} + - (BOOL)startAccessingSecurityScopedResource { #ifdef __SANDBOX_ENABLED__ diff --git a/macosx/HBQueue.m b/macosx/HBQueue.m index 64cce2905..1f7ccbdd4 100644 --- a/macosx/HBQueue.m +++ b/macosx/HBQueue.m @@ -723,6 +723,8 @@ NSString * const HBQueueItemNotificationItemKey = @"HBQueueItemNotificationItemK } }; + [item.job refreshSecurityScopedResources]; + // Only scan 10 previews before an encode - additional previews are // only useful for autocrop and static previews, which are already taken care of at this point [self.core scanURL:item.fileURL diff --git a/macosx/HBSecurityAccessToken.h b/macosx/HBSecurityAccessToken.h index f19f40143..25570de16 100644 --- a/macosx/HBSecurityAccessToken.h +++ b/macosx/HBSecurityAccessToken.h @@ -5,26 +5,20 @@ It may be used under the terms of the GNU General Public License. */ #import -#import "HBJob.h" NS_ASSUME_NONNULL_BEGIN @protocol HBSecurityScope -/* Given an instance, make the resource referenced by the job accessible to the process. - */ +/// Given an instance, make the resource referenced by the instance accessible to the process. - (BOOL)startAccessingSecurityScopedResource; -/* Revokes the access granted to the url by a prior successful call to startAccessingSecurityScopedResource. - */ +/// Revokes the access granted to the instance by a prior successful call to startAccessingSecurityScopedResource. - (void)stopAccessingSecurityScopedResource; -@end - -@interface NSURL (HBSecurityScope) -@end +/// Refresh the resources (for example if the instance stores a security scoped bookmark, it will recreate the urls from the bookmark. +- (void)refreshSecurityScopedResources; -@interface HBJob (HBSecurityScope) @end @interface HBSecurityAccessToken : NSObject diff --git a/macosx/HBSubtitles.h b/macosx/HBSubtitles.h index 6be256b36..9689161ef 100644 --- a/macosx/HBSubtitles.h +++ b/macosx/HBSubtitles.h @@ -6,6 +6,7 @@ #import #import "HBPresetCoding.h" +#import "HBSecurityAccessToken.h" NS_ASSUME_NONNULL_BEGIN @@ -13,7 +14,7 @@ NS_ASSUME_NONNULL_BEGIN @class HBTitleSubtitlesTrack; @class HBSubtitlesDefaults; -@interface HBSubtitles : NSObject +@interface HBSubtitles : NSObject - (void)addAllTracks; - (void)removeAll; diff --git a/macosx/HBSubtitles.m b/macosx/HBSubtitles.m index 9d2833df4..405201b15 100644 --- a/macosx/HBSubtitles.m +++ b/macosx/HBSubtitles.m @@ -16,7 +16,6 @@ #import "HBLocalizationUtilities.h" #import "HBUtilities.h" #import "HBJob+Private.h" -#import "HBSecurityAccessToken.h" #include "handbrake/common.h" @@ -27,9 +26,6 @@ @property (nonatomic, readwrite) NSArray *sourceTracks; -@property (nonatomic, readonly) NSMutableArray *tokens; -@property (nonatomic, readwrite) NSInteger *accessCount; - @property (nonatomic, readwrite, weak) HBJob *job; @property (nonatomic, readwrite) int container; @@ -50,7 +46,6 @@ _tracks = [[NSMutableArray alloc] init]; _defaults = [[HBSubtitlesDefaults alloc] init]; - _tokens = [NSMutableArray array]; NSMutableArray *sourceTracks = [job.title.subtitlesTracks mutableCopy]; @@ -376,20 +371,21 @@ }]; } +- (void)refreshSecurityScopedResources +{ + for (HBTitleSubtitlesTrack *sourceTrack in self.sourceTracks) + { + [sourceTrack refreshSecurityScopedResources]; + } +} + - (BOOL)startAccessingSecurityScopedResource { #ifdef __SANDBOX_ENABLED__ - if (self.accessCount == 0) + for (HBTitleSubtitlesTrack *sourceTrack in self.sourceTracks) { - for (HBTitleSubtitlesTrack *sourceTrack in self.sourceTracks) - { - if (sourceTrack.fileURL) - { - [self.tokens addObject:[HBSecurityAccessToken tokenWithObject:sourceTrack.fileURL]]; - } - } + [sourceTrack startAccessingSecurityScopedResource]; } - self.accessCount += 1; return YES; #else return NO; @@ -399,11 +395,9 @@ - (void)stopAccessingSecurityScopedResource { #ifdef __SANDBOX_ENABLED__ - self.accessCount -= 1; - NSAssert(self.accessCount >= 0, @"[HBSubtitles stopAccessingSecurityScopedResource:] unbalanced call"); - if (self.accessCount == 0) + for (HBTitleSubtitlesTrack *sourceTrack in self.sourceTracks) { - [self.tokens removeAllObjects]; + [sourceTrack stopAccessingSecurityScopedResource]; } #endif } @@ -431,7 +425,6 @@ } copy->_defaults = [_defaults copy]; - copy->_tokens = [NSMutableArray array]; } return copy; @@ -458,8 +451,6 @@ { self = [super init]; - _tokens = [NSMutableArray array]; - decodeInt(_container); if (_container != HB_MUX_MP4 && _container != HB_MUX_MKV && _container != HB_MUX_WEBM) { goto fail; } decodeCollectionOfObjectsOrFail(_sourceTracks, NSArray, HBTitleSubtitlesTrack); if (_sourceTracks.count < 1) { goto fail; } diff --git a/macosx/HBTitle.h b/macosx/HBTitle.h index cf6a25d9e..e8429e2c7 100644 --- a/macosx/HBTitle.h +++ b/macosx/HBTitle.h @@ -5,6 +5,7 @@ It may be used under the terms of the GNU General Public License. */ #import +#import "HBSecurityAccessToken.h" NS_ASSUME_NONNULL_BEGIN @@ -42,7 +43,7 @@ NS_ASSUME_NONNULL_BEGIN @end -@interface HBTitleSubtitlesTrack : NSObject +@interface HBTitleSubtitlesTrack : NSObject - (instancetype)initWithDisplayName:(NSString *)displayName type:(int)type fileURL:(nullable NSURL *)fileURL; diff --git a/macosx/HBTitle.m b/macosx/HBTitle.m index 885f1c787..3a728a4ef 100644 --- a/macosx/HBTitle.m +++ b/macosx/HBTitle.m @@ -118,6 +118,9 @@ fail: @property (nonatomic, readonly, nullable) NSData *bookmark; +@property (nonatomic, readwrite) NSInteger accessCount; +@property (nonatomic, readwrite) HBSecurityAccessToken *fileURLToken; + @end @implementation HBTitleSubtitlesTrack @@ -148,6 +151,47 @@ fail: return self; } +- (void)refreshSecurityScopedResources +{ + if (_bookmark) + { + NSURL *resolvedURL = [HBUtilities URLFromBookmark:_bookmark]; + if (resolvedURL) + { + _fileURL = resolvedURL; + } + } +} + +- (BOOL)startAccessingSecurityScopedResource +{ +#ifdef __SANDBOX_ENABLED__ + if (self.accessCount == 0) + { + if (_fileURL) + { + self.fileURLToken = [HBSecurityAccessToken tokenWithObject:_fileURL]; + } + } + self.accessCount += 1; + return YES; +#else + return NO; +#endif +} + +- (void)stopAccessingSecurityScopedResource +{ +#ifdef __SANDBOX_ENABLED__ + self.accessCount -= 1; + NSAssert(self.accessCount >= 0, @"[HBSubtitles stopAccessingSecurityScopedResource:] unbalanced call"); + if (self.accessCount == 0) + { + self.fileURLToken = nil; + } +#endif +} + + (BOOL)supportsSecureCoding { return YES ;} - (void)encodeWithCoder:(nonnull NSCoder *)coder diff --git a/macosx/HBUtilities.h b/macosx/HBUtilities.h index 4e1851c10..02abc5be1 100644 --- a/macosx/HBUtilities.h +++ b/macosx/HBUtilities.h @@ -5,9 +5,13 @@ It may be used under the terms of the GNU General Public License. */ #import +#import "HBSecurityAccessToken.h" NS_ASSUME_NONNULL_BEGIN +@interface NSURL (HBSecurityScope) +@end + @interface HBUtilities : NSObject /** -- cgit v1.2.3