Consent is granted for Isolated Win32 Apps in three ways.
-
Implicit-Consent: Apps are implicitly granted access to files and folders through the flows listed below.
-
File Dialog: Files and folders that are selected or created through Window's file dialog created from an isolated app.
-
File Type Assocition: Apps that register FTA in the manifest will show up under the open-with context menu and can be set as the default app.
- Apps that do this through a COM extension will need the
isolatedWin32-shellExtensionContextMenu
capability.
- Apps that do this through a COM extension will need the
-
Drag and Drop: Apps that register drag and drop handlers will have access to any files and folders dragged onto them.
- There is currently no support for dragging between different Isolated Win32 Apps.
-
-
Publisher Directory: If the application has the
isolatedWin32-accessToPublisherDirectory
capability, then the app will have full access to:-
Network shares whose share name ends with the publisher ID of the app.
-
Directories with names ending with the publisher ID of the app located in
\Device\BootDevice\ProgramData
.
-
-
Prompting: If the application has the
isolatedWin32-promptForAccess
capability, the first time the app attempts to access a file or directory, a prompt will be generated for the user to accept or decline. The choice will be saved until the consent is revoked
Consent can currently be revoked in two ways.
-
Settings: Through the settings, navigate to "Reset file permissions on isolated Win32 applications". On this page you can fully reset the consent granted to specific isolated apps. This will reset both prompted and implicit consent, but won't affect the publisher directory.
-
Uninstall: During uninstall, all consent will be revoked.