VS2008 Setup Project: Shared (By All Users) Application Data Files?

Question

fellow anthropoids and lily pads and paddlewheels!

I\'m developing a Windows desktop app in C#/.NET/WPF, using VS 2008. The app is required to install and run on Vis

Answer 1

Instead of checking "Enable ClickOnce Security Settings" and selecting "This is a full trust application", it is possible to change the permissions of your app's CommonAppDataDirectory with a Custom Action under the "install" section of a setup project. Here's what I did:

1. Added a custom action to call the app being installed (alternately you could create a separate program/dll and call that instead)
2. Set the Arguments property to "Install"
3. Modified Main in Program.cs to check for that arg:

   
   
   static void Main(string[] args)
   {
      if (args != null && args.Length > 0 && args[0] == "Install")
      {
         ApplicationData.SetPermissions();
      }
      else
      {
         // Execute app "normally"
       }
   }
   

4. Wrote the SetPermissions function to programmatically change permissions

   
   
   public static void SetPermissions()
   {
       String path = GetPath();
       try
       {
           // Create security idenifier for all users (WorldSid)
           SecurityIdentifier sid = new SecurityIdentifier(WellKnownSidType.WorldSid, null);
           DirectoryInfo di = new DirectoryInfo(path);
           DirectorySecurity ds = di.GetAccessControl();
           // add a new file access rule w/ write/modify for all users to the directory security object
   
           ds.AddAccessRule(new FileSystemAccessRule(sid, 
                                                 FileSystemRights.Write | FileSystemRights.Modify,
                                                 InheritanceFlags.ObjectInherit | InheritanceFlags.ContainerInherit,   // all sub-dirs to inherit
                                                 PropagationFlags.None,
                                                 AccessControlType.Allow));                                            // Turn write and modify on
           // Apply the directory security to the directory
           di.SetAccessControl(ds);
       }
       catch (Exception ex)
       {
           MessageBox.Show(ex.Message);
       }
   }
   

Since the installer runs with admin rights, the program will be able to change the permissions. I read somewhere that the "Enable ClickOnce Security" can cause the user to see an undesired prompt at app startup. Doing it as described above will prevent this from happening. I hope this helps someone. I know I could have benefited from seeing something like this a few days ago!