NLog: NLog does not honor the BroadFileSystemAccess capability in UWP applications

I’ve been doing some research on this and if my UWP Application has declared BroadFileSystemAccess Windows should let me be able to create files outside the sandbox. BUT my application has to use the Windows.STorage APIs to create those files. In my UWP app I turned on BroadfileSystemAccess and tried to set the location in My NLOG config to point to C:\Temp. I get an Unauthorized access exception. And doing some debugging I see that the first place this happens is when NLog calls to File.IO.FileInfo in teh BaseFileAppender. So it seems this class is not using the Windows STorage APIs when used in a UWP application. The File.IO apis are only allowed IN the sandbox of UWP (applicationLocation). The reason for this is that the StorageAPI allows the owner of the computer to override an app’s broadfilesystem access policy (which makes sense). The File.IO APIs don’t use the Windows policies around this.

In my talks with Microsoft UWP is not going away. Evolving yes… but I expect some of these core security things they’ve done will hang around. I think it would be good to figure out how to get this to work. If you have any pointers of a good approach I don’t mind trying to make it work as I have time. Having done some googling other UWP application developers have bumped into this limitation as well (but they didn’t diagnose it down to the API limitation.

I think the solution is to allow the basicFileAppender (or a derived variant?) to use the Windows.Storage Apis when you are a UWP application. If you have any pointers on a “best way to implement a solution” I’d be happy to see if we can take a whack at a fix.

I’m not actually sure this is really a bug vs a new feature for NLog so I will beg forgiveness If I opened the wrong kind of ticket 😃

NLog version: 4.7

Platform: UWP (I’m not sure this is considered a platform but I’m not sure if Silverlight 5 covers this)

Current NLog config (xml or C#, if relevant)

<nlog>
  <variable name="logDirectory" value="c:/Temp"/>
  
  <targets>
    <target name="GeneralLog" xsi:type="File" fileName="${var:logDirectory}/GeneralLog.txt"
            archiveFileName="${var:logDirectory}/Generalog.{#}.txt"
            archiveEvery="Day"
            archiveNumbering="Rolling"
            maxArchiveFiles="30"
            KeepFileOpen="true"
            concurrentWrites="false"
            layout="${longdate}|${level:uppercase=true}|${threadid}|${message}${exception:format=ToString}"/>
<targets>
</nlog>

• What is the current result? UnauthorizedAccessException
• What is the expected result? That the logfile gets created in the C:/Temp directory
• Are there any workarounds? no
• Is there a version in which it did work? no
• Can you help us by writing an unit test? maybe