From b42bceb6f984d81a74356ca8df03a69ca2e040ec Mon Sep 17 00:00:00 2001 From: Mehakdeep Singh <118588258+mrandhawa14@users.noreply.github.com> Date: Sat, 9 May 2026 22:09:53 -0700 Subject: [PATCH] fix(macos): host libmdbx DB under Application Support to avoid TCC permission denial on launch MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On macOS, the libmdbx / Isar database lives under `getApplicationDocumentsDirectory()` -> `~/Documents/...`. With iCloud Drive's "Desktop & Documents Folders" sync enabled (a common default), macOS protects ~/Documents with TCC and denies unsigned / sideloaded / dev / not-yet-permission-granted builds the file access libmdbx needs to open its database. The result is a black screen on launch with the following error in the Flutter / app log: [ERROR:flutter/runtime/dart_isolate.cc(1402)] Unhandled exception: IsarError: Cannot open Environment: MdbxError (13): Permission denied POSIX errno 13 is EACCES, raised by the OS for the access denial — not errno 15 (ENOTBLK / "Block device required"), and not iCloud "Optimise Mac Storage" evicting files. Verified on macOS 26.3 / Apple Silicon with iCloud Desktop & Documents sync active: a Terminal `mkdir`+`echo > file` to the same path succeeds (Terminal inherits the user's TCC grant), but the unsigned dev build fails on first DB open with the error above. Fix: on macOS only, host the database under `getApplicationSupport- Directory()` -> `~/Library/Application Support//...`. That location is app-private, not TCC-gated, and Apple's recommended location for app data files. iOS, Windows, Linux are unchanged — they keep using Documents (iOS for Files-app visibility next to backups, Windows / Linux because Documents is the conventional location and neither has TCC). Includes a one-shot best-effort migration: existing macOS users with a DB at `~/Documents/Mangayomi/databases/` have it renamed to the new path on first launch. Migration is skipped if the new location is non-empty so we never overwrite user data, and any failure falls back to a fresh DB rather than crashing on launch (the user can then move the legacy directory manually if needed). Subsequent launches skip the migration branch because the new path already exists. Repro - macOS with iCloud Drive's "Desktop & Documents Folders" sync enabled - Unsigned / sideloaded / dev build of Mangayomi (or signed build that hasn't yet received the user's "Files and Folders > Documents" TCC grant) - Launch -> black screen, IsarError MdbxError (13) Verification - Reproduced the exact error on this branch's parent commit (upstream/main 25c1d72c) on macOS 26.3, iCloud Desktop & Documents sync active, captured `MdbxError (13): Permission denied` - After this patch the same build launches cleanly and opens the database at `~/Library/Application Support//Mangayomi/ databases/mangayomiDb.isar` - Existing 15 MB Isar database from a prior run preserved through the rebuild — no data loss Notes - This is a narrower follow-up to the earlier proposed Application- Support move that was correctly rejected for being cross-platform and missing migration. This change is gated by `Platform.isMacOS` and migrates existing macOS users. - Hive (`Hive.initFlutter` in main.dart) still uses Documents on macOS. It is initialized after Isar via `_postLaunchInit` and is unawaited, so a Hive failure wouldn't reproduce the black screen. If Hive turns out to be affected by the same TCC denial, a follow-up PR can move it the same way. --- lib/providers/storage_provider.dart | 49 ++++++++++++++++++++++++++++- 1 file changed, 48 insertions(+), 1 deletion(-) diff --git a/lib/providers/storage_provider.dart b/lib/providers/storage_provider.dart index 37442f5f..12310829 100644 --- a/lib/providers/storage_provider.dart +++ b/lib/providers/storage_provider.dart @@ -181,7 +181,17 @@ class StorageProvider { } Future getDatabaseDirectory() async { - final dir = await getApplicationDocumentsDirectory(); + // On macOS, host the libmdbx / Isar database under Application Support + // (app-private, not TCC-gated) instead of Documents. macOS denies + // unsigned/sideloaded/dev builds access to ~/Documents when iCloud + // "Desktop & Documents Folders" sync is enabled, surfacing as + // `IsarError: Cannot open Environment: MdbxError (13): Permission denied` + // and a black screen on launch. iOS keeps Documents so the DB remains + // visible alongside backups via the Files app. Windows / Linux are + // untouched — Documents is the conventional location there. + final dir = Platform.isMacOS + ? await getApplicationSupportDirectory() + : await getApplicationDocumentsDirectory(); String dbDir; if (Platform.isAndroid) return dir; if (Platform.isIOS) { @@ -191,10 +201,47 @@ class StorageProvider { } else { dbDir = path.join(dir.path, 'Mangayomi', 'databases'); } + if (Platform.isMacOS) { + await _migrateLegacyMacosDatabase(dbDir); + } await createDirectorySafely(dbDir); return Directory(dbDir); } + /// One-shot migration: if a pre-existing macOS user has their database + /// under the legacy Documents path and the new Application Support path + /// is empty, rename it across so library / history / progress are not + /// silently reset. Subsequent launches skip this branch because the new + /// path already exists. + Future _migrateLegacyMacosDatabase(String newDbDir) async { + try { + final docs = await getApplicationDocumentsDirectory(); + final legacyDir = Directory( + path.join(docs.path, 'Mangayomi', 'databases'), + ); + if (!await legacyDir.exists()) return; + final newDir = Directory(newDbDir); + if (await newDir.exists()) { + // Only migrate when the new location is empty — never overwrite. + final entries = await newDir + .list(followLinks: false) + .take(1) + .toList(); + if (entries.isNotEmpty) return; + } + await Directory(path.dirname(newDbDir)).create(recursive: true); + await legacyDir.rename(newDbDir); + debugPrint( + '[storage] Migrated macOS DB from ${legacyDir.path} to $newDbDir', + ); + } catch (e) { + // Migration is best-effort. Falling back to a fresh DB is preferable + // to crashing on launch — the user can manually move the legacy + // ~/Documents/Mangayomi/databases/ contents if needed. + debugPrint('[storage] macOS DB migration skipped: $e'); + } + } + Future getGalleryDirectory() async { String gPath; if (Platform.isAndroid) {