哪些权利是特殊权利?它们是如何工作的?

Which entitlements are special entitlements? How do they work?

我查看了 this page,但无法分辨哪些权利是特殊的。

我找不到任何关于如何确定哪些需要向 Apple 提出专门请求的文档。有它的文档吗?

HKVerifiableClinicalRecordQuery

请求URL:https://developer.apple.com/contact/request/verifiable-health-records/

权利密钥:com.apple.developer.healthkit。必须包含其数组中的 health-records

WWDC:https://developer.apple.com/videos/play/wwdc2021/10089/


networking-multicast

请求URL:https://developer.apple.com/contact/request/networking-multicast

权利密钥:com.apple.developer.networking.multicast


usernotifications.filtering

请求URL:https://developer.apple.com/contact/request/notification-service

权利密钥:com.apple.developer.usernotifications.filtering


critical-alerts

请求URL:https://developer.apple.com/contact/request/notifications-critical-alerts-entitlement

权利密钥:com.apple.developer.usernotifications.critical-alerts


Local Push Connectivity

请求URL:https://developer.apple.com/contact/request/local-push-connectivity

权利密钥:不确定!

我认为 com.apple.developer.networking.networkextension 密钥必须存在。键的值必须在其数组

中包含 app-push-provider

hotspot-helper

请求URL:https://developer.apple.com/contact/request/hotspot-helper/

权利密钥:com.apple.developer.networking.HotspotHelper

不要将此误认为 NEHotspotConfigurationManagerNEHotspotHelperNEHotspotConfigurationManager 不同,需要不同的权利。

NetworkExtension 过去需要它,但现在不再需要它了。参见 Dev Forums - Quinn

To use these facilities you previously had to be granted special entitlements by Apple. This policy has now changed for NetworkExtension providers. Any developer can now enable the NetworkExtension provider entitlement like they would any other entitlement.


com.apple.managed.vpn.shared 钥匙串访问组

请求URL:https://developer.apple.com/support/technical/

权利密钥:com.apple.managed.vpn.shared

但是网络扩展有一个问题。来自同一个开发论坛,Quinn 说:

#9 — After moving to the new entitlement process, my app no longer has access to the com.apple.managed.vpn.shared keychain access group. How can I regain that access? Access to this keychain access group requires a special entitlement. If you need that entitlement, please open a DTS tech support incident and we will take things from there.

IMPORTANT This entitlement is only necessary if your VPN supports configuration via a configuration profile and needs to access credentials from that profile (as discussed in the Profile Configuration section of the NETunnelProviderManager Reference). Many VPN apps don’t need this facility.

如果我理解正确,基本上如果您需要使用 com.apple.managed.vpn.shared 钥匙串访问组权限进行 VPN 凭据存储,那么您需要 两个 权限:

  • 可通过 Apple Developer Portal 完成的网络扩展授权
  • 如上所述的另一种特殊权利。

同样值得注意的是,每个开发团队每年都可以免费创建两张 DTS 票证。除此之外你还得付钱。

Included with each enrollment are two Technical Support Incidents, which will expire at the end of your membership year. You will receive two new TSIs when you renew your membership. View your available TSIs, their expiration dates, and your request history in the Code-level Support section in your account. Your TSIs are grouped by expiration date, and the ones that expire soonest will be used first.

Additional TSIs are available for purchase in either a 2-pack for USD or 5-Pack for 9 USD in the Code-level Support section in your account. TSIs purchased separately expire one year from the date of activation.

我不确定是否有任何其他权利需要特殊请求,但这些是我找到的


如何将特殊权利添加到我的应用程序中?

Special entitlements are not associated with your App ID, they're added at the very last step of creating your provisioning profile.

When you create an «iOS, macOS, tvOS» «Development / Distribution / In-House (Enterprise)» provisioning profile for the Team ID «Team ID», after selecting the devices to be included in the profile, you should see a new page entitled “Do you need additional entitlements?”. Select “«hotspot helper template name»” from the Entitlements popup to include this special entitlement in your new profile.

Once you’ve finished generating the profile, you can use it in Xcode like any other manually-generated profile.

source: Apple Forums


我有特殊权利,但 Xcode 没有为我正确构建它

Xcode 不能单独给你一个特殊的权利。因此,我 认为 自动代码签名不适用于特殊权利。它是 Apple 嵌入到你的配置文件中的东西——only 在 Apple Developer portal。因此,您必须从 Apple Developer 门户生成配置文件,然后从 Xcode

下载

批准后从 Apple 收到的示例电子邮件:

Hello, This Developer Team has already been assigned the HotspotHelper capability as part of the NetworkExtension entitlement. To use this special entitlement you must create a new provisioning profile in the Certificates, Identifiers & Profiles section of your Developer account and select the entitlement after the "Do you need additional entitlements?" page. Please note, it may take 1-3 business days for this entitlement to be visible. Once you've finished generating the profile, you can use it in Xcode like any other manually-generated profile. IMPORTANT: If you have problems getting this to work, read Technote 2415 "Entitlements Troubleshooting" for troubleshooting steps. If you have questions about adding or using this entitlement that are not answered by this Technote, please visit the Apple Developer Forums or contact Apple Developer Support. Thank you, Apple


如何添加多项特殊权利?

This is not possible out of the box. The long-term solution for this would be for Apple to change the developer web site to allow you to select multiple templates. Please file a bug report requesting that, then post your bug number, just for the record.

I’m not sure whether there’s a good short-term option. My advice is that you talk to Apple Developer Programs Support to see whether they can help you (start [here][ref] and then go Membership and Account > Other Membership or Account Questions). Make sure to:

Reference this thread

Include your bug number

Tell them to reach out to me if they need clarifications

source: Dev Forums


我是否只需要针对我的主要应用程序目标的特殊权利?

检查每个页面的文档。

但我认为这取决于情况。例如本地推送连接的文档说:

After you receive the entitlement, apply it to both your app target and your provider extension target.

Source: Docs


什么是扩展权利?

它们与特殊权利完全相同。只是换了个名字。


获得批准实际需要多长时间?

Apple 将在一周内回复。但通常这不是直接的批准。他们会要求一系列更改或理由,然后 approve/deny。有时总共需要1个月。

根据你的回答,我觉得最好分享一下你分享的link需要登录开发者账号的内容。如果我找到新的,我会在这里添加。

多播网络授权请求

此授权允许高级网络应用程序通过发送多播和广播 IP 数据包以及浏览任意 Bonjour 服务类型来与其本地网络交互。您的应用可能需要访问此级别的网络,以便与自定义或非标准设备通信或充当网络实用程序。

热点助手请求

NEHotspotHelper 界面允许 Wi-Fi 网络实施者促进连接到他们管理的大型无线网络。有关 iOS 上可用的所有 Wi-Fi 管理 API 的完整说明,请参阅技术问答 QA1942:iOS Wi-Fi 管理 API。

请求关键警报通知授权

当用户启用严重警报通知时,您的应用可以发送推送通知,当设备被锁定、静音或启用“请勿打扰”时,这些通知会以应用指定的音量播放声音。