Gramps saves backedup media files to home, so sandbox requires home access

[OzarkShepherd]

Preferably, the sandbox would not have home access to the filesystem for security reasons. That is why I tried to limit filesystem access to xdg-documents, xdg-download, xdg-pictures, and .gramps. However when restoring from a backup, Gramps saves the media file directory to home. Without home access, the media files will be lost without home access when restoring from a backup. Can anyone think of a workaround?

[OzarkShepherd]

fixed in Gramps version 5.2

[OzarkShepherd]

I reopened this issue because I want to discuss going back to full home directory access. I've noticed multiple people posting on the Gramps discourse that they think they lost their work because the flatpak no longer has access to ~/.gramps or other locations that might contain their databases. However, flathub rejected the Gramps flatpak update that allowed ~/.gramps access, along with another directory access. I had changed directory names like xdg-config to ~/.config:create because flathub automatically rejects a flatpak's filesystem access xdg-data, xdg-config, and xdg-cache. Their reasoning is that they don't want a sandboxed app to have access to those directories, and their solution for using data from those directories is to move the data to a flatpak specific directory with the persist command. For example --persist=xdg-data or --persist=~/.gramps. While this would make the Gramps flatpak copy data over to a flatpak directory in a transition to the flatpak version of Gramps, the user could lose all their work from the flatpak version of Gramps if they try to go back to a system installation of Gramps (ie source or distro repo). Of course if a user knows to make backups first or knows how to find the flatpak directories so they can either point a system installed Gramps to them in Preferences or move them back to the right place for a system installed Gramps to use, then it is just an annoyance rather than a catastrophic loss. Realistically though, what percentage of users would actually just lose their data? I don't want to be the cause of anyone's data loss.
flathub/org.gramps_project.Gramps#21

So options I see are:

1. The Gramps flatpak could continue just having directory access at the current xdg-pictures, xdg-documents, and xdg-downloads, and volunteers can continue to try to help the users to find their data. I don't like this because some users will just lose their data and not know where to seek help.
2. The Gramps flatpak can go back to full home directory access like in prior versions of the Gramps flatpak. Flatpak enthusiasts will complain about the security risk of an app having full home access, but at least most users will be able to go back and forth between the flatpak version of Gramps and a system installation of Gramps without as much risk of losing data.
3. The Gramps flatpak can use the persist command to move Gramps specific data from directories like ~/.gramps, xdg-data, xdg-config, and xdg-cache over to another flatpak specific directory, which is what Flathub said to do in the link above. The problem with this is, as mentioned, users could lose data if they go back to a system installation of Gramps from the flatpak.