I am about to embark on the development of a line of business application using the Universal Windows Platform (Windows 10). One of the requirements of the application is the synchronisation of data from a server to a local SQLite database; this is required because the application needs to be usable where there is no network connectivity.
It is likely that multiple (windows domain) users will be accessing the application on the same device, sometimes simply by "swapping users", other times by logging off the first user and logging on as a new user.
I realise that UWP applications are installed at a user level, however I would like to be able to share the SQLite database between these users instead of forcing each user to download their own copy of the data.
Is this possible? I am struggling to find any reference to this kind of sharing within the Microsoft documentation - but of course that documentation is new and far from complete!
I guess at the end of the day I am looking for access to a folder that is accessible by any user running that application on the same device, such as the "x:\Users\Public" folders that are available from the desktop, but without having to ask the user to provide access to that folder via any picker control - instead simply being able to "open" it.
Thanks.
In case anyone runs across this, this functionality is now available as described in this blog post:
We introduced a new storage location Windows 10, ApplicationData.SharedLocalFolder, that allows multiple users of one app to share local data. Obviously this feature is only interesting with devices that will be used by more than one person. For such scenarios, for example in educational uses, it may make sense to place any large downloads in Shared Local. The benefits will be two-fold: any user can access these files without the need to re-download them, also there will be storage space savings
Keep in mind that Shared Local is only available if the machine has the right group policy, otherwise when you call ApplicationData.Current.SharedLocalFolder you will get back a null result.
In order to enable Shared Local the machine administrator should enable the corresponding policy.
Alternatively, the administrator could create a REG_DWORD value called AllowSharedLocalAppData with a value of 1 under HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\AppModel\StateManager
Note that data store in ShareLocal will only be persisted as long as the app is installed on the device and won’t be backed up by the system.
In Solution Explorer , Right click on Package.appxmanifest then click on ViewCode , end of this file in both projects add below code :
<Extensions>
<Extension Category="windows.publisherCacheFolders">
<PublisherCacheFolders>
<Folder Name="FolderName" />
</PublisherCacheFolders>
</Extension>
</Extensions>
After that in code you can access this folder with below line of code :
StorageFolder sharedDownloadsFolder = ApplicationData.Current.GetPublisherCacheFolder("FolderName");
It`s so important that the folder you will share between two these Apps depend on same publisher info at Certificate File [ProjectName]_TemporaryKey.pfx , if this Certificate File and publisher Info of app is same in both Projects , then you can access the same SharedFolder in both application and use it for create or use dataBase file(like SQLite Database file) or other files that need to be share in both applications.
Related
I have problem with node-red.
I have a server and i have node-red running on it, i know how to create user authentification by editing setting.js file but what i want to do is that i want to be able to create other users from a webpage that is running on the same server.
I can run a python script that edit the setting.js file and i can edit it mannualy,
but i want to be able to create and remove users from the webpage that is running on the same server.
i am using ubuntu and ngninx on my server.
The Node-RED security documentation includes a section on adding custom user authentication here. It explains how you can replace the hard coded user information with a module that will authenticate a given user. Editing the settings.js is probably not the right approach, especially as it will require you to restart Node-RED after each change.
With this approach you can build your own back end to store and manage users. There are a couple of examples of such code available, including this one that I have written that uses MongoDB to hold the user information. The management app that creates users can be found here, but you can write your own in Python if you want.
Just as a reminder, Node-RED is not a true multi-user environment, even if you declare a number of users, they will all only have shared access to one instance and set of flows. If you want a truly multi-tenant (each user has their own instance and flows) deployment you should probably look at the entire series of posts in that collection that explains how to build such a system. You can start here.
We have an application written in Mono that needs to communicate with an Finder Sync App extension.
All is working fine until we tried our app on El Capitan instead of on Yosemite.
We use a shared SQLite database to tell what paths are in which state and use NSDistributedNotificationCenter for communication between the two.
The shared SQLite database is outside of the sandboxed env so we have putted an excepention in our entitlements com.apple.security.temporary-exception.files.home-relative-path.read-write
If we remove this exception from the app extension, the extension works (but obviously we can't read our db)
Then we tought of putting the SQLite DB into memory, but shared memory databases isn't possible over multiple processes.
I can't find how I can create a NSFileHandle for a Sqlite Connection.
We could send over all the info to the application extension, but then that has to keep it in memory (preferably in a SQLite, cause we need to do some querying.)
Does anyone has some pointers of what we could do?
Try to look in The Application Group Container Directory it might do in your case. Basically it allows you to have shared folder between apps/extension.
App group container directories. A sandboxed app can specify an entitlement that gives it access to one or more app group container directories, each of which is shared among all apps with that entitlement.
After some research on similar problem I found it's much easier to have simple TCP server in main app that responds to extension with file status. This way you can easily broadcast file status change to all extension instances etc.
I am building a Web Application that will be installed many times. The application needs to be able to save certain setting itself upon request.
I have an installer (InnoSetup) but I want to very careful about what permissions I give the Web Application.
I can't use a database.
A default install always leaves the web.config as read-only. (Most secure)
The registry can be problematic. Unless there is a set of keys a DotNet webapp can always write to by default (IIS_IUSR)...
I was considering App_Data, but the default permissions are no longer useful and Inno-Setup can't easily fix it correctly:
https://support.microsoft.com/en-us/kb/2005172
Security and Ease of Setup are both big issues..
I also don't want to make a mess of the machines I install to.
A FAILED solution was to write to the user portion of the registry:
Microsoft.Win32.Registry.CurrentUser.CreateSubKey("Software\\MyCo\\MyApp\\");
var reg = Microsoft.Win32.Registry.CurrentUser.OpenSubKey("Software\\MyCo\\MyApp", true);
reg.SetValue("MyValue", (string)dataString, Microsoft.Win32.RegistryValueKind.String);
But I found out that writing to HKEY_CURRENT_USER is also not allowed by default on Server 2012 and likely others. The server error page is helpful and gives options such as explicitly giving the IUSR_{MachineName} explicit permission but this is a no go for me.
So my final solution is to have the installer create a user configurable folder and then assigning all users Read/Write access to that folder. The administrator can always lock it down more if they want.
If anyone has a better option then let me know.
With InnoSetup I created a new Wizard page to suggest and collect a Data folder from the user. The installer then:
Created that folder and gave All Users Read/Write access,
Added a HKLM registry key telling the Web App where to look for the folder,
Notified the user that they should lock the folder down further to prevent abuse.
All,
I have an asp.net (asp.net 2.0) application that allows users to attach (upload) files to records (not much different from typical e-mail client) and then view those attached files later.
Typically, we will store these files on the webserver (i.e. on the same machine in app's directory or in another drive on the same computer). But, ... some of our client's would like to store these files on another computer (their designated file server that doesn't run our asp.net app) and here where the problem is: Since our application runs typically another Network Service account it will not have permissions to a directory on another machine.
The million dollar question is: For this type of setup, what are best options to make this setup work? I have listed some below that could elaborated:
1) Keep the files on the same machine as the app and tell client to use backup software to copy it to the file server at the end of the day (not really real-time)
2) Setup a share on the file server but ... how do I deal w/ security,- in other words, network service account is not privileged enough to copy files to shared folder. Do I?
2a) Run my app-pool w/ more powerful account?
2b) Is this possible? If yes, how to:- Use .net code to change current thread's SID to a more powerful account, copy file, and the switch back to network service.
Another issue with #2 is domain networks where policies are on the domain controller and require additional setup.
3) Other solutions????
I decided to use impersonation for directories that require user logon permissions. Here's a good reference material:
http://support2.microsoft.com/?id=306158
This solution works very well.
I am developing a set of apps for Windows 8 which require local data storage and I'm experiencing a trouble in accessing the data from these apps. As far as I know, each app has its own location to store its data. Is it principally possible to access one file in Windows.Storage from different apps? I am using SQLite as a database server and it is necessary to have one common database to share data between the apps.
No, the applications are sandboxed so they cannot access each other's local data storage. If you're willing to have your application initialization process ask the user where to put/find the SQLite database, then the applications could share that same file at a location on the file system that the user has selected via the File Picker.
That means, of course, that the user has to remember where the file is whenever he first launches the "second" app, since he'll need to browse to the same location where he "first" app deposited it.
If you leverage AccessCache.StorageItemAccessList, though, you can save that file location in your app's local storage, so the next time the user runs either app he doesn't have to go through the File Picker to grant permission again.