Windows 8 Metro App Tip of The Day - reading/writing files without CAP declarations

Michael Crump, a fellow MVP, initiated an interesting discussion on Twitter today. He was wondering whether it was possible to write files to the Windows filesystem without additional capability declarations. After all, the only available storage-based options in the appxmanifest file are: Document Library Access, Picture Library Access and Removable Storage.

Let's say we have this piece of code:

async private void fileOpener_Click(object sender, RoutedEventArgs e)
{
    var Picker = new FileOpenPicker();
    Picker.SuggestedStartLocation = PickerLocationId.ComputerFolder;
    Picker.ViewMode = PickerViewMode.List;
    Picker.FileTypeFilter.Add(".jpg");

    var file = await Picker.PickSingleFileAsync();
    if (file != null)
    {
        var stream = await file.OpenAsync(Windows.Storage.FileAccessMode.Read);

        BitmapImage image = new BitmapImage();
        image.SetSource(stream);
        image1.Source = image;
    }
}

Here I am using the regular file picker to read a JPEG image. Notice that my starting location is ComputerFolder, that is - the root representation of the entire machine. In theory, this means that I can access any physical drive. Or can I?

I can see that both C: (system drive) and D: (work drive) are accessible. More than that, I can access media servers that are available on my network. Data on D: is visible in its entirety. On the other hand, C: is being a bit more secretive - I cannot see Program Files and Windows.

This brings us to fact #1:

Protected system locations are not accesible through the public API in a Metro application.

Want to experiment more with it? Let's create a folder called TEST on the C: drive (or whatever your system drive letter might be).

To make the TEST folder hidden from the list of listed folders, simply add the System flag to it. This can be done by using the attrib +s command.

This brings us to fact #2:

A System flag will automaticlaly hide the folder from the default file picker.

You know now that you can read non-protected files without a CAP declaration, but can you write them?

Take a look at this snippet:

async private void fileWriter_Click(object sender, RoutedEventArgs e)
{
    IRandomAccessStream raStream;
    IOutputStream outputStream;
    DataWriter writer;
    StorageFolder folder = await StorageFolder.GetFolderFromPathAsync(@"C:\Test");
    StorageFile file = await folder.CreateFileAsync("test.txt");

    raStream = await file.OpenAsync(FileAccessMode.ReadWrite);
    outputStream = raStream.GetOutputStreamAt(0);

    writer = new DataWriter(outputStream);

    writer.WriteString("TEST");

    await writer.StoreAsync();
}

The result will ultimately be an error - even though Test is a public folder, the application cannot write there because:

• No capability allowing it to do so was declared
• The file type TXT was not associated with the application 

To fix this, you have to use KnownFolders to designate a specific location, be that the Documents or Pictures library. Both are associated with their own capabilities:

A file association is also necessary to avoid a runtime error:

That brings us to the final fact:

You cannot write files without properly declared capabilities and file associations.