Merge pull request #90 from trilemma-dev/login-item

Improves documentation
trilemma-dev · Apr 28, 2022 · 1c68732 · 1c68732
2 parents 9803207 + 62201b8
commit 1c68732
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 7 deletions.
diff --git a/README.md b/README.md
@@ -54,6 +54,9 @@ There are multiple types of servers which can be retrieved:
        [`SMJobBless`](https://developer.apple.com/documentation/servicemanagement/1431078-smjobbless)
      - To see a sample app for this use case, check out
        [SwiftAuthorizationSample](https://github.com/trilemma-dev/SwiftAuthorizationSample)
+ - `XPCServer.forThisLoginItem()`
+     - For a login item installed with
+       [`SMLoginItemSetEnabled`](https://developer.apple.com/documentation/servicemanagement/1501557-smloginitemsetenabled)
  - `XPCServer.forThisMachService(named:clientRequirements:)`
      - For
        [Launch Daemons and Agents](https://developer.apple.com/library/archive/documentation/MacOSX/Conceptual/BPSystemStartup/Chapters/CreatingLaunchdJobs.html)
@@ -89,7 +92,8 @@ There are multiple types of clients which can be retrieved:
      - This corresponds to servers created with `XPCServer.forThisXPCService()`
  - `XPCClient.forMachService(named:)`
      - For communicating with an XPC Mach service
-     - This corresponds to servers created with `XPCServer.forThisBlessedHelperTool()` or
+     - This corresponds to servers created with `XPCServer.forThisBlessedHelperTool()`,
+       `XPCServer.forThisLoginItem()`, and
        `XPCServer.forThisMachService(named:clientRequirements:)`
  - `XPCClient.forEndpoint(_:)`
     - This is the only way to communicate with an anonymous server

diff --git a/Sources/SecureXPC/Server/XPCMachServer.swift b/Sources/SecureXPC/Server/XPCMachServer.swift
@@ -232,8 +232,8 @@ extension XPCMachServer {
         //     Enables a helper tool in the main app bundle’s Contents/Library/LoginItems directory.
         func validatePathComponent(_ path: URL, expectedLastComponent: String) throws -> URL {
             if path.lastPathComponent != expectedLastComponent {
-                let message = "A login item helper tool must be located within the main app bundle's " +
-                              "Contents/Library/LoginItems directory.\n" +
+                let message = "A login item must be located within the main app bundle's Contents/Library/LoginItems " +
+                              "directory.\n" +
                               "Expected path component: \(expectedLastComponent)\n" +
                               "Actual path component: \(path.lastPathComponent)"
                 throw XPCError.misconfiguredLoginItem(message)

diff --git a/Sources/SecureXPC/Server/XPCServer.swift b/Sources/SecureXPC/Server/XPCServer.swift
@@ -623,8 +623,8 @@ extension XPCServer {
     ///
     /// This function may successfully be called by both sandboxed and non-sandboxed login items. If this is a sandboxed login item, the
     /// [`com.apple.security.application-groups`](https://developer.apple.com/documentation/bundleresources/entitlements/com_apple_security_application-groups)
-    /// entitlement must be present and one of the application groups must have a team identifier matching this login item's helper tool. Both sandboxed and
-    /// non-sandboxed apps must have a team identifier.
+    /// entitlement must be present and one of the application groups must have the same team identifier as this login item. Both sandboxed and non-sandboxed
+    /// apps must have a team identifier.
     ///
     /// Incoming requests will only be accepted from the main app or helper tools contained within the main app bundle. Additionally they must have the same team
     /// identifier as this login item.
@@ -667,8 +667,7 @@ extension XPCServer {
     /// error handler has been set then it is called with ``XPCError/insecure``.
     ///
     /// - Parameters:
-    ///   - named: The name of the Mach service this server should bind to. This name must be present in the launchd property list's `MachServices` entry
-    ///   or be implicitly registered by LaunchServices.
+    ///   - named: The name of the Mach service this server should bind to.
     ///   - clientRequirements: If a request is received from a client, it will only be processed if it meets one (or more) of these requirements.
     /// - Throws: ``XPCError/conflictingClientRequirements`` if a server for this named service has previously been retrieved with different client
     ///           requirements.