ios_config_profile 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (71) hide show
  1. checksums.yaml +7 -0
  2. data/.codeclimate.yml +9 -0
  3. data/.gitignore +35 -0
  4. data/.rspec +2 -0
  5. data/.rubocop.yml +602 -0
  6. data/.simplecov +4 -0
  7. data/CHANGELOG.md +67 -0
  8. data/CODE_OF_CONDUCT.md +13 -0
  9. data/Gemfile +5 -0
  10. data/LICENSE +661 -0
  11. data/README.md +15 -0
  12. data/Rakefile +5 -0
  13. data/ios_config_profile.gemspec +28 -0
  14. data/lib/ios_config_profile.rb +8 -0
  15. data/lib/ios_config_profile/basic_payload.rb +31 -0
  16. data/lib/ios_config_profile/command_payload.rb +24 -0
  17. data/lib/ios_config_profile/content/install_application_payload.rb +23 -0
  18. data/lib/ios_config_profile/content/install_book_payload.rb +23 -0
  19. data/lib/ios_config_profile/content/install_doc_payload.rb +27 -0
  20. data/lib/ios_config_profile/content/install_market_app_payload.rb +23 -0
  21. data/lib/ios_config_profile/content/installed_application_list_payload.rb +17 -0
  22. data/lib/ios_config_profile/content/remove_application_payload.rb +22 -0
  23. data/lib/ios_config_profile/content/remove_book_payload.rb +23 -0
  24. data/lib/ios_config_profile/content/remove_doc_payload.rb +23 -0
  25. data/lib/ios_config_profile/content/web_clip_payload.rb +38 -0
  26. data/lib/ios_config_profile/device/app_lock_payload.rb +33 -0
  27. data/lib/ios_config_profile/device/clear_passcode_payload.rb +24 -0
  28. data/lib/ios_config_profile/device/dep_payload.rb +40 -0
  29. data/lib/ios_config_profile/device/device_information_payload.rb +69 -0
  30. data/lib/ios_config_profile/device/enrollment_payload.rb +25 -0
  31. data/lib/ios_config_profile/device/erase_device_payload.rb +18 -0
  32. data/lib/ios_config_profile/device/install_profile_payload.rb +22 -0
  33. data/lib/ios_config_profile/device/lock_device_payload.rb +17 -0
  34. data/lib/ios_config_profile/device/mdm_payload.rb +40 -0
  35. data/lib/ios_config_profile/device/remove_profile_payload.rb +22 -0
  36. data/lib/ios_config_profile/device/restrictions_payload.rb +144 -0
  37. data/lib/ios_config_profile/device/scep_payload.rb +34 -0
  38. data/lib/ios_config_profile/device/security_payload.rb +32 -0
  39. data/lib/ios_config_profile/device/set_device_name_payload.rb +22 -0
  40. data/lib/ios_config_profile/device/vpn_payload.rb +86 -0
  41. data/lib/ios_config_profile/encrypted_payload.rb +14 -0
  42. data/lib/ios_config_profile/version.rb +4 -0
  43. data/spec/basic_payload_spec.rb +53 -0
  44. data/spec/command_payload_spec.rb +12 -0
  45. data/spec/content/install_application_payload_spec.rb +15 -0
  46. data/spec/content/install_book_payload_spec.rb +14 -0
  47. data/spec/content/install_doc_payload_spec.rb +16 -0
  48. data/spec/content/install_market_app_payload_spec.rb +15 -0
  49. data/spec/content/installed_application_list_payload_spec.rb +13 -0
  50. data/spec/content/remove_application_payoad_spec.rb +13 -0
  51. data/spec/content/remove_book_payload_spec.rb +14 -0
  52. data/spec/content/remove_doc_payload_spec.rb +18 -0
  53. data/spec/content/web_clip_payload_spec.rb +22 -0
  54. data/spec/device/app_lock_payload_spec.rb +23 -0
  55. data/spec/device/clear_passcode_payload_spec.rb +14 -0
  56. data/spec/device/dep_payload_spec.rb +18 -0
  57. data/spec/device/device_information_payload_spec.rb +28 -0
  58. data/spec/device/enrollment_payload_spec.rb +18 -0
  59. data/spec/device/erase_device_payload_spec.rb +11 -0
  60. data/spec/device/install_profile_payload_spec.rb +13 -0
  61. data/spec/device/lock_device_payload_spec.rb +11 -0
  62. data/spec/device/mdm_payload_spec.rb +41 -0
  63. data/spec/device/remove_profile_payload_spec.rb +14 -0
  64. data/spec/device/restrictions_payload_spec.rb +42 -0
  65. data/spec/device/scep_payload_spec.rb +14 -0
  66. data/spec/device/security_payload_spec.rb +29 -0
  67. data/spec/device/set_device_name_payload_spec.rb +14 -0
  68. data/spec/device/vpn_payload_spec.rb +75 -0
  69. data/spec/encrypted_payload_spec.rb +26 -0
  70. data/spec/spec_helper.rb +14 -0
  71. metadata +241 -0
@@ -0,0 +1,86 @@
1
+ module IOSConfigProfile
2
+ class VPNPayload < Hash
3
+ include IOSConfigProfile::BasicPayload
4
+
5
+ # Hash containing :override_primary, :vpn_type
6
+ attr_accessor :vpn_config
7
+
8
+ def initialize(config)
9
+ self.vpn_config = config
10
+ require_attributes :vpn_config
11
+ merge! vpn_payload
12
+ end
13
+
14
+ private
15
+
16
+ def vpn_payload
17
+ {
18
+ "PayloadContent" => [{
19
+ "PayloadType" => "com.apple.vpn.managed",
20
+ "PayloadIdentifier" => "com.cellabus.vpn",
21
+ "PayloadDescription" => "Set up VPN networking access",
22
+ "PayloadUUID" => uuid,
23
+ "PayloadVersion" => 1,
24
+ "UserDefinedName" => "VPN",
25
+ "OverridePrimary" => vpn_config[:override_primary],
26
+ "VPNType" => vpn_config[:vpn_type],
27
+ "OnDemandEnabled" => 0,
28
+ "OnDemandRules" => [],
29
+ "VendorConfig" => get_vendor_config,
30
+ }],
31
+ "PayloadType" => "Configuration",
32
+ "PayloadDisplayName" => "Cellabus VPN Configuration",
33
+ "PayloadIdentifier" => "com.cellabus.vpn",
34
+ "PayloadUUID" => uuid,
35
+ "PayloadVersion" => 1,
36
+ }
37
+ end
38
+
39
+ def get_vendor_config
40
+ if vpn_config[:vpn_type] == "L2TP"
41
+ get_l2tp_config
42
+ elsif vpn_config[:vpn_type] == "PPTP"
43
+ raise NotImplementedError
44
+ elsif vpn_config[:vpn_type] == "IPSec"
45
+ get_ipsec_config
46
+ elsif vpn_config[:vpn_type] == "IKEv2"
47
+ raise NotImplementedError
48
+ elsif vpn_config[:vpn_type] == "AlwaysOn"
49
+ raise NotImplementedError
50
+ else
51
+ raise NotImplementedError
52
+ end
53
+ end
54
+
55
+ def get_l2tp_config
56
+ {
57
+ "AuthName" => vpn_config[:auth_name],
58
+ "AuthPassword" => vpn_config[:auth_password],
59
+ "TokenCard" => false,
60
+ "CommRemoteAccess" => vpn_config[:comm_remote_access],
61
+ "AuthEAPPlugins" => [],
62
+ "AuthProtocol" => [],
63
+ "CCPMPPE40Enabled" => false,
64
+ "CCPMPPE128Enabled" => false,
65
+ "CCPEnabled" => false,
66
+ }
67
+ end
68
+
69
+ def get_ipsec_config
70
+ config = {
71
+ "RemoteAddress" => vpn_config[:remote_address],
72
+ "AuthenticationMethod" => vpn_config[:authentication_method],
73
+ "XAuthName" => vpn_config[:x_auth_name],
74
+ "XAuthEnabled" => vpn_config[:x_auth_enabled],
75
+ "SharedSecret" => vpn_config[:shared_secret],
76
+ "PayloadCertificateUUID" => vpn_config[:payload_certificate_uuid],
77
+ "PromptForVPNPIN" => vpn_config[:prompt_for_vpn_pin],
78
+ }
79
+ if vpn_config[:authentication_method] == "SharedSecret"
80
+ config["LocalIdentifier"] = vpn_config[:local_identifier]
81
+ config["LocalIdentifierType"] = vpn_config[:local_identifier_type]
82
+ end
83
+ config
84
+ end
85
+ end
86
+ end
@@ -0,0 +1,14 @@
1
+ module IOSConfigProfile
2
+ class EncryptedPayload < IOSCertEnrollment::Profile
3
+ def initialize(payload)
4
+ super()
5
+ self.payload = payload.to_plist
6
+ end
7
+
8
+ # Encrypts the profile, wraps it into configuration profile and signs it
9
+ def encrypted_configuration(p7sign_certificates)
10
+ encrypted_profile = encrypt p7sign_certificates
11
+ configuration encrypted_profile.certificate
12
+ end
13
+ end
14
+ end
@@ -0,0 +1,4 @@
1
+ # frozen_string_literal: true
2
+ module IOSConfigProfile
3
+ VERSION = "1.3.0".freeze
4
+ end
@@ -0,0 +1,53 @@
1
+ require "spec_helper"
2
+
3
+ describe IOSConfigProfile::BasicPayload do
4
+ class Payload
5
+ include IOSConfigProfile::BasicPayload
6
+
7
+ def to_plist
8
+ "payload in plist format"
9
+ end
10
+ end
11
+
12
+ let(:payload) { Payload.new }
13
+
14
+ describe "#uuid" do
15
+ it "returns a uuid" do
16
+ uuid1 = payload.uuid
17
+ uuid2 = Payload.new.uuid
18
+ expect(uuid1).to_not eq uuid2
19
+ end
20
+ end
21
+
22
+ describe '#to_encrypted_payload' do
23
+ let(:payload) { Payload.new }
24
+
25
+ subject { payload.to_encrypted_payload }
26
+
27
+ it { is_expected.to be_an IOSConfigProfile::EncryptedPayload }
28
+ its(:payload) { should == "payload in plist format" }
29
+ end
30
+
31
+ describe '#to_command_payload' do
32
+ let(:payload) { Payload.new }
33
+
34
+ subject { payload.to_command_payload }
35
+
36
+ it { is_expected.to be_a IOSConfigProfile::CommandPayload }
37
+ its(:command) { should == payload }
38
+ end
39
+
40
+ describe "#require_attributes" do
41
+ it "will check for multiple attributes" do
42
+ payload.send(:require_attributes, :to_plist, :uuid)
43
+ expect { payload.send(:require_attributes, :to_plist, :asdf) }.to raise_error NoMethodError
44
+ end
45
+ end
46
+
47
+ describe "#require_attribute" do
48
+ it "will raise an error if the name doesn't exist" do
49
+ payload.send(:require_attribute, :to_plist)
50
+ expect { payload.send(:require_attribute, :asdf) }.to raise_error NoMethodError
51
+ end
52
+ end
53
+ end
@@ -0,0 +1,12 @@
1
+ require "spec_helper"
2
+
3
+ describe IOSConfigProfile::CommandPayload do
4
+ subject { IOSConfigProfile::CommandPayload.new "command" }
5
+
6
+ its(:command) { should == "command" }
7
+
8
+ it "should have a payload" do
9
+ expect(subject["Command"]).to eq "command"
10
+ expect(subject["CommandUUID"]).to_not be_nil
11
+ end
12
+ end
@@ -0,0 +1,15 @@
1
+ require "spec_helper"
2
+
3
+ describe IOSConfigProfile::InstallApplicationPayload do
4
+ let(:install_application_payload_attributes) do
5
+ {
6
+ "RequestType" => "InstallApplication",
7
+ "iTunesStoreID" => 265,
8
+ "ManagementFlags" => 1,
9
+ }
10
+ end
11
+
12
+ subject { IOSConfigProfile::InstallApplicationPayload.new 265 }
13
+
14
+ it { is_expected.to eq(install_application_payload_attributes) }
15
+ end
@@ -0,0 +1,14 @@
1
+ require "spec_helper"
2
+
3
+ describe IOSConfigProfile::InstallBookPayload do
4
+ subject { IOSConfigProfile::InstallBookPayload }
5
+
6
+ describe "#initialize" do
7
+ it "has the correct payload" do
8
+ payload = subject.new("asdf")
9
+ expect(payload["RequestType"]).to eq "InstallMedia"
10
+ expect(payload["MediaType"]).to eq "Book"
11
+ expect(payload["iTunesStoreID"]).to eq "asdf"
12
+ end
13
+ end
14
+ end
@@ -0,0 +1,16 @@
1
+ require "spec_helper"
2
+
3
+ describe IOSConfigProfile::InstallDocPayload do
4
+ subject { IOSConfigProfile::InstallDocPayload }
5
+
6
+ describe "#initialize" do
7
+ it "has the correct payload" do
8
+ payload = subject.new("asdf", "qwer")
9
+ expect(payload["RequestType"]).to eq "InstallMedia"
10
+ expect(payload["MediaType"]).to eq "Book"
11
+ expect(payload["MediaURL"]).to eq "asdf"
12
+ expect(payload["Kind"]).to eq "pdf"
13
+ expect(payload["Title"]).to eq "qwer"
14
+ end
15
+ end
16
+ end
@@ -0,0 +1,15 @@
1
+ require "spec_helper"
2
+
3
+ describe IOSConfigProfile::InstallMarketAppPayload do
4
+ let(:install_market_app_payload_attributes) do
5
+ {
6
+ "RequestType" => "InstallApplication",
7
+ "ManifestURL" => "https://cellabus.com/cellabus.plist",
8
+ "ManagementFlags" => 1,
9
+ }
10
+ end
11
+
12
+ subject { IOSConfigProfile::InstallMarketAppPayload.new "https://cellabus.com/cellabus.plist" }
13
+
14
+ it { is_expected.to eq(install_market_app_payload_attributes) }
15
+ end
@@ -0,0 +1,13 @@
1
+ require "spec_helper"
2
+
3
+ describe IOSConfigProfile::InstalledApplicationListPayload do
4
+ let(:installed_application_list_payload_attributes) do
5
+ {
6
+ "RequestType" => "InstalledApplicationList",
7
+ }
8
+ end
9
+
10
+ subject { IOSConfigProfile::InstalledApplicationListPayload.new }
11
+
12
+ it { is_expected.to eq(installed_application_list_payload_attributes) }
13
+ end
@@ -0,0 +1,13 @@
1
+ require "spec_helper"
2
+
3
+ describe IOSConfigProfile::RemoveApplicationPayload do
4
+ subject { IOSConfigProfile::RemoveApplicationPayload }
5
+
6
+ describe "#initialize" do
7
+ it "has the correct payload" do
8
+ payload = subject.new("asdf")
9
+ expect(payload["RequestType"]).to eq "RemoveApplication"
10
+ expect(payload["Identifier"]).to eq "asdf"
11
+ end
12
+ end
13
+ end
@@ -0,0 +1,14 @@
1
+ require "spec_helper"
2
+
3
+ describe IOSConfigProfile::RemoveBookPayload do
4
+ subject { IOSConfigProfile::RemoveBookPayload }
5
+
6
+ describe "#initialize" do
7
+ it "has the correct payload" do
8
+ payload = subject.new("asdf")
9
+ expect(payload["RequestType"]).to eq "RemoveMedia"
10
+ expect(payload["MediaType"]).to eq "Book"
11
+ expect(payload["iTunesStoreID"]).to eq "asdf"
12
+ end
13
+ end
14
+ end
@@ -0,0 +1,18 @@
1
+ require "spec_helper"
2
+
3
+ describe IOSConfigProfile::RemoveDocPayload do
4
+ subject { IOSConfigProfile::RemoveDocPayload }
5
+
6
+ describe "#initialize" do
7
+ it "must be initialized with a doc's url" do
8
+ payload = subject.new "1234"
9
+ expect(payload["PersistentID"]).to eq "com.cellabus.files.1234"
10
+ expect { subject.new nil }.to raise_error RuntimeError
11
+ end
12
+ it "has required payload values" do
13
+ payload = subject.new "1234"
14
+ expect(payload["RequestType"]).to eq "RemoveMedia"
15
+ expect(payload["MediaType"]).to eq "Book"
16
+ end
17
+ end
18
+ end
@@ -0,0 +1,22 @@
1
+ require "spec_helper"
2
+
3
+ describe IOSConfigProfile::WebClipPayload do
4
+ subject { IOSConfigProfile::WebClipPayload.new "asdf.com", "ASDF", "PNGasdf" }
5
+
6
+ it "contains valid Configuration entries" do
7
+ expect(subject["PayloadType"]).to eq "Configuration"
8
+ expect(subject["PayloadDisplayName"]).to eq "Cellabus Web Clip"
9
+ end
10
+
11
+ it "contains valid PayloadContent" do
12
+ expect(subject["PayloadContent"][0]["URL"]).to eq "asdf.com"
13
+ expect(subject["PayloadContent"][0]["Label"]).to eq "ASDF"
14
+ expect(subject["PayloadContent"][0]["Icon"].string[0, 3]).to eq "PNG"
15
+ expect(subject["PayloadContent"][0]["IsRemovable"]).to be_falsey
16
+ expect(subject["PayloadContent"][0]["PayloadType"]).to eq "com.apple.webClip.managed"
17
+ end
18
+
19
+ it "can be turned into an encrypted payload" do
20
+ expect(subject.to_encrypted_payload).to be
21
+ end
22
+ end
@@ -0,0 +1,23 @@
1
+ require "spec_helper"
2
+
3
+ describe IOSConfigProfile::AppLockPayload do
4
+ subject { IOSConfigProfile::AppLockPayload }
5
+
6
+ describe "#initialize" do
7
+ it "must be initialized with an app's bundle id" do
8
+ payload = subject.new "1234"
9
+ expect(payload["PayloadContent"][0]["App"]["Identifier"]).to eq "1234"
10
+ expect { subject.new nil }.to raise_error RuntimeError
11
+ end
12
+ it "has required payload values" do
13
+ payload = subject.new "1234"
14
+ expect(payload["PayloadIdentifier"]).to eq "com.cellabusapplock.profile.mdm"
15
+ expect(payload["PayloadContent"][0]["PayloadType"]).to eq "com.apple.app.lock"
16
+ end
17
+ it "has a uuid" do
18
+ payload1 = subject.new "1234"
19
+ payload2 = subject.new "1234"
20
+ expect(payload1["PayloadUUID"]).to_not eq payload2["PayloadUUID"]
21
+ end
22
+ end
23
+ end
@@ -0,0 +1,14 @@
1
+ require "spec_helper"
2
+
3
+ describe IOSConfigProfile::ClearPasscodePayload do
4
+ subject { IOSConfigProfile::ClearPasscodePayload }
5
+
6
+ describe "#initialize" do
7
+ it "requires an unlock token" do
8
+ token = "asdf"
9
+ payload = subject.new(token)
10
+ expect(payload["RequestType"]).to eq "ClearPasscode"
11
+ expect(payload["UnlockToken"].gets).to eq "asdf"
12
+ end
13
+ end
14
+ end
@@ -0,0 +1,18 @@
1
+ require "spec_helper"
2
+
3
+ describe IOSConfigProfile::DEPPayload do
4
+ subject { IOSConfigProfile::DEPPayload.new "https://example.com", "topic", "identity", "password" }
5
+
6
+ let(:mdm_payload) { double IOSConfigProfile::MDMPayload }
7
+ let(:security_payload) { double IOSConfigProfile::SecurityPayload }
8
+
9
+ before do
10
+ allow(IOSConfigProfile::MDMPayload).to receive(:new).and_return mdm_payload
11
+ allow(IOSConfigProfile::SecurityPayload).to receive(:new).and_return security_payload
12
+ end
13
+
14
+ it "has two payloads" do
15
+ expect(subject["PayloadContent"]).to eq([mdm_payload, security_payload])
16
+ expect(subject["PayloadType"]).to eq "Configuration"
17
+ end
18
+ end
@@ -0,0 +1,28 @@
1
+ require "spec_helper"
2
+
3
+ describe IOSConfigProfile::DeviceInformationPayload do
4
+ let(:queries) do
5
+ %w[
6
+ UDID Languages Locales DeviceID OrganizationInfo iTunesStoreAccountIsActive iTunesStoreAccountHash
7
+ DeviceName OSVersion BuildVersion ModelName Model ProductName SerialNumber
8
+ DeviceCapacity AvailableDeviceCapacity BatteryLevel CellularTechnology IMEI
9
+ MEID ModemFirmwareVersion IsSupervised IsDeviceLocatorServiceEnabled
10
+ IsActivationLockEnabled IsDoNotDisturbInEffect DeviceID EASDeviceIdentifier
11
+ ICCID BluetoothMAC WiFiMAC EthernetMACs CurrentCarrierNetwork SIMCarrierNetwork
12
+ SubscriberCarrierNetwork CarrierSettingsVersion PhoneNumber VoiceRoamingEnabled
13
+ DataRoamingEnabled IsRoaming PersonalHotspotEnabled SubscriberMCC SubscriberMNC
14
+ CurrentMCC CurrentMNC
15
+ ]
16
+ end
17
+
18
+ let(:device_information_payload_attributes) do
19
+ {
20
+ "Queries" => queries,
21
+ "RequestType" => "DeviceInformation",
22
+ }
23
+ end
24
+
25
+ subject { IOSConfigProfile::DeviceInformationPayload.new }
26
+
27
+ it { is_expected.to eq(device_information_payload_attributes) }
28
+ end
@@ -0,0 +1,18 @@
1
+ require "spec_helper"
2
+
3
+ describe IOSConfigProfile::EnrollmentPayload do
4
+ subject { IOSConfigProfile::EnrollmentPayload.new "https://example.com", "topic", "identity", "password" }
5
+
6
+ let(:mdm_payload) { double IOSConfigProfile::MDMPayload }
7
+ let(:security_payload) { double IOSConfigProfile::SecurityPayload }
8
+
9
+ before do
10
+ allow(IOSConfigProfile::MDMPayload).to receive(:new).and_return mdm_payload
11
+ allow(IOSConfigProfile::SecurityPayload).to receive(:new).and_return security_payload
12
+ end
13
+
14
+ it { is_expected.to eq([security_payload, mdm_payload]) }
15
+ it "can be turned into encrypted payload" do
16
+ subject.to_encrypted_payload
17
+ end
18
+ end