RubyGems - mdm - Versions diffs - 0.0.1 - Mend

mdm 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (91) hide show

checksums.yaml +7 -0
data/MIT-LICENSE +20 -0
data/README.rdoc +3 -0
data/Rakefile +37 -0
data/app/controllers/mdm/application_controller.rb +4 -0
data/app/controllers/mdm/commands_controller.rb +60 -0
data/app/controllers/mdm/enrollment/enrollment_controller.rb +47 -0
data/app/controllers/mdm/management/accounts_controller.rb +15 -0
data/app/controllers/mdm/management/devices_controller.rb +35 -0
data/app/controllers/mdm/management/profiles_controller.rb +35 -0
data/app/controllers/mdm/management/services_controller.rb +13 -0
data/app/controllers/mdm/server_controller.rb +44 -0
data/app/helpers/mdm/application_helper.rb +4 -0
data/app/models/mdm/command.rb +23 -0
data/app/models/mdm/cursor.rb +11 -0
data/app/models/mdm/device.rb +39 -0
data/app/models/mdm/payload.rb +158 -0
data/app/models/mdm/profile.rb +14 -0
data/app/views/layouts/mdm/application.html.erb +14 -0
data/config/routes.rb +18 -0
data/db/migrate/20150816150227_create_mdm_commands.rb +12 -0
data/db/migrate/20150816150732_create_mdm_devices.rb +34 -0
data/db/migrate/20150823153933_create_mdm_cursors.rb +10 -0
data/db/migrate/20150827082737_create_mdm_profiles.rb +24 -0
data/lib/mdm.rb +21 -0
data/lib/mdm/configuration.rb +14 -0
data/lib/mdm/engine.rb +5 -0
data/lib/mdm/enrollment/client.rb +47 -0
data/lib/mdm/enrollment/service/account.rb +32 -0
data/lib/mdm/enrollment/service/assign_profile.rb +35 -0
data/lib/mdm/enrollment/service/auth.rb +100 -0
data/lib/mdm/enrollment/service/base.rb +67 -0
data/lib/mdm/enrollment/service/create_profile.rb +69 -0
data/lib/mdm/enrollment/service/devices.rb +92 -0
data/lib/mdm/enrollment/service/profile.rb +62 -0
data/lib/mdm/enrollment/service/sync.rb +43 -0
data/lib/mdm/railtie.rb +22 -0
data/lib/mdm/version.rb +3 -0
data/lib/tasks/mdm_tasks.rake +4 -0
data/test/controllers/mdm/commands_controller_test.rb +13 -0
data/test/controllers/mdm/enrollment/accounts_controller_test.rb +13 -0
data/test/controllers/mdm/enrollment/devices_controller_test.rb +13 -0
data/test/controllers/mdm/enrollment/enrollment_controller_test.rb +13 -0
data/test/controllers/mdm/enrollment/profiles_controller_test.rb +13 -0
data/test/controllers/mdm/services_controller_test.rb +13 -0
data/test/dummy/README.rdoc +28 -0
data/test/dummy/Rakefile +6 -0
data/test/dummy/app/assets/javascripts/application.js +13 -0
data/test/dummy/app/assets/stylesheets/application.css +15 -0
data/test/dummy/app/controllers/application_controller.rb +5 -0
data/test/dummy/app/helpers/application_helper.rb +2 -0
data/test/dummy/app/views/layouts/application.html.erb +14 -0
data/test/dummy/bin/bundle +3 -0
data/test/dummy/bin/rails +4 -0
data/test/dummy/bin/rake +4 -0
data/test/dummy/bin/setup +29 -0
data/test/dummy/config.ru +4 -0
data/test/dummy/config/application.rb +26 -0
data/test/dummy/config/boot.rb +5 -0
data/test/dummy/config/database.yml +25 -0
data/test/dummy/config/environment.rb +5 -0
data/test/dummy/config/environments/development.rb +41 -0
data/test/dummy/config/environments/production.rb +79 -0
data/test/dummy/config/environments/test.rb +42 -0
data/test/dummy/config/initializers/assets.rb +11 -0
data/test/dummy/config/initializers/backtrace_silencers.rb +7 -0
data/test/dummy/config/initializers/cookies_serializer.rb +3 -0
data/test/dummy/config/initializers/filter_parameter_logging.rb +4 -0
data/test/dummy/config/initializers/inflections.rb +16 -0
data/test/dummy/config/initializers/mime_types.rb +4 -0
data/test/dummy/config/initializers/session_store.rb +3 -0
data/test/dummy/config/initializers/wrap_parameters.rb +14 -0
data/test/dummy/config/locales/en.yml +23 -0
data/test/dummy/config/routes.rb +4 -0
data/test/dummy/config/secrets.yml +22 -0
data/test/dummy/public/404.html +67 -0
data/test/dummy/public/422.html +67 -0
data/test/dummy/public/500.html +66 -0
data/test/dummy/public/favicon.ico +0 -0
data/test/fixtures/mdm/commands.yml +11 -0
data/test/fixtures/mdm/cursors.yml +9 -0
data/test/fixtures/mdm/devices.yml +25 -0
data/test/fixtures/mdm/profiles.yml +35 -0
data/test/integration/navigation_test.rb +9 -0
data/test/mdm_test.rb +7 -0
data/test/models/mdm/command_test.rb +9 -0
data/test/models/mdm/cursor_test.rb +9 -0
data/test/models/mdm/device_test.rb +9 -0
data/test/models/mdm/profile_test.rb +9 -0
data/test/test_helper.rb +20 -0
metadata +254 -0

data/app/models/mdm/profile.rb ADDED

@@ -0,0 +1,14 @@
+module Mdm
+  class Profile < ActiveRecord::Base
+    serialize :anchor_certs, Array
+    serialize :supervising_host_certs, Array
+    serialize :skip_setup_items, Array
+    serialize :devices, Array # Array of serial numbers
+    def devices
+      @devices ||= Mdm::Device.where(
+        serial_number: super)
+    end
+  end
+end

data/app/views/layouts/mdm/application.html.erb ADDED

@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>Mdm</title>
+  <%= stylesheet_link_tag    "mdm/application", media: "all" %>
+  <%= javascript_include_tag "mdm/application" %>
+  <%= csrf_meta_tags %>
+</head>
+<body>
+<%= yield %>
+</body>
+</html>

data/config/routes.rb ADDED

@@ -0,0 +1,18 @@
+Mdm::Engine.routes.draw do
+  namespace :management do
+    resource  :account, only: [:show]
+    resources :services, only: [:index]
+    resources :devices, only: [:index, :show]
+    resources :profiles, except: [:delete]
+    resources :commands, only: [:index, :create]
+  end
+  namespace :enrollment do
+    get 'enroll',  to: 'enrollment#enroll'
+    put 'checkin', to: 'enrollment#checkin'
+  end
+  put '/', to: 'server#server'
+end

data/db/migrate/20150816150227_create_mdm_commands.rb ADDED

@@ -0,0 +1,12 @@
+class CreateMdmCommands < ActiveRecord::Migration
+  def change
+    create_table :mdm_commands do |t|
+      t.string :uuid
+      t.string :status
+      t.references :mdm_device
+      t.text :payload
+      t.timestamps null: false
+    end
+  end
+end

data/db/migrate/20150816150732_create_mdm_devices.rb ADDED

@@ -0,0 +1,34 @@
+class CreateMdmDevices < ActiveRecord::Migration
+  def change
+    create_table :mdm_devices do |t|
+      t.string :name
+      t.binary :unlock_token
+      t.string :push_token
+      t.string :push_magic
+      t.string :udid
+      t.string :serial_number
+      t.string :device_model
+      t.string :device_model_name
+      t.string :description
+      t.string :color
+      t.string :asset_tag
+      t.string :profile_status
+      t.string :profile_uuid
+      t.integer :profile_assign_time
+      t.integer :profile_push_time
+      t.string :op_type
+      t.integer :op_date
+      t.string :device_assigned_by
+      t.integer :device_assigned_date
+      t.boolean :is_supervised
+      t.integer :available_capacity
+      t.integer :device_capacity
+      t.string :os_version
+      t.string :build_version
+      t.string :imei
+      t.boolean :is_roaming
+      t.timestamps null: false
+    end
+  end
+end

data/db/migrate/20150823153933_create_mdm_cursors.rb ADDED

@@ -0,0 +1,10 @@
+class CreateMdmCursors < ActiveRecord::Migration
+  def change
+    create_table :mdm_cursors do |t|
+      t.string :service
+      t.string :content
+      t.timestamps null: false
+    end
+  end
+end

data/db/migrate/20150827082737_create_mdm_profiles.rb ADDED

@@ -0,0 +1,24 @@
+class CreateMdmProfiles < ActiveRecord::Migration
+  def change
+    create_table :mdm_profiles do |t|
+      t.string :profile_uuid
+      t.string :profile_name
+      t.string :url
+      t.integer :is_supervised
+      t.integer :allow_pairing
+      t.integer :is_mandatory
+      t.integer :await_device_configured
+      t.integer :is_mdm_removable
+      t.string :department
+      t.string :org_magic
+      t.string :support_phone_number
+      t.string :support_email_address
+      t.text :anchor_certs
+      t.text :supervising_host_certs
+      t.text :skip_setup_items
+      t.text :devices
+      t.timestamps null: false
+    end
+  end
+end

data/lib/mdm.rb ADDED

@@ -0,0 +1,21 @@
+require "mdm/engine"
+require 'mdm/configuration'
+require 'mdm/enrollment/client'
+require 'mdm/enrollment/service/base'
+require 'mdm/enrollment/service/auth'
+require 'mdm/enrollment/service/account'
+require 'mdm/enrollment/service/devices'
+require 'mdm/enrollment/service/sync'
+require 'mdm/enrollment/service/profile'
+require 'mdm/enrollment/service/create_profile'
+require 'mdm/enrollment/service/assign_profile'
+require 'mdm/railtie' if defined?(Rails)
+require 'houston'
+module Mdm
+end

data/lib/mdm/configuration.rb ADDED

@@ -0,0 +1,14 @@
+require 'confiture'
+module Mdm
+  class Configuration
+    include ::Confiture::Configuration
+    confiture_allowed_keys(
+      :configuration_profile,
+      :apn_certificate
+    )
+  end
+end

data/lib/mdm/engine.rb ADDED

@@ -0,0 +1,5 @@
+module Mdm
+  class Engine < ::Rails::Engine
+    isolate_namespace Mdm
+  end
+end

data/lib/mdm/enrollment/client.rb ADDED

@@ -0,0 +1,47 @@
+module Mdm
+  module Enrollment
+    class Client
+      include HTTParty
+      attr_reader :authenticated, :response
+      base_uri 'https://mdmenrollment.apple.com'
+      format :json
+      headers 'X-Server-Protocol-Version' => '2',
+              'Content-Type' => 'application/json;charset=UTF8'
+      %w(get post put delete).each { |method|
+        define_method(method) { |path, options = {}|
+          inject_auth_token_if_authenticated(options)
+          @response = self.class.send(method, path, options)
+          Auth.update_token_from_response(@response)
+          @response
+        }
+      }
+      def authenticate!
+        @authenticated = true
+      end
+      def extract_from_response(*attributes)
+        return [] if response.nil?
+        attributes.map { |attribute|
+          response[attribute] }
+      end
+      private
+      def inject_auth_token_if_authenticated(options = {})
+        if authenticated
+          (options[:headers] ||= {})
+            .merge!('X-ADM-Auth-Session' => Auth.token)
+        end
+      end
+    end
+  end
+end

data/lib/mdm/enrollment/service/account.rb ADDED

@@ -0,0 +1,32 @@
+module Mdm
+  module Enrollment
+    class Account < Service::Base
+      def path
+        '/account'
+      end
+      def method
+        :get
+      end
+      def result
+        {
+          server_name: client.response['server_name'],
+          server_uuid: client.response['server_uuid'],
+          facilitator_id: client.response['facilitator_id'],
+          admin_id: client.response['admin_id'],
+          org_name: client.response['org_name'],
+          org_email: client.response['org_email'],
+          org_phone: client.response['org_phone'],
+          org_address: client.response['org_address'],
+        }
+      end
+    end
+  end
+end

data/lib/mdm/enrollment/service/assign_profile.rb ADDED

@@ -0,0 +1,35 @@
+module Mdm
+  module Enrollment
+    class AssignProfile < Service::Base
+      attr_accessor :devices
+      attr_accessor :profile
+      def start
+        params[:profile_uuid] = profile.profile_uuid
+        params[:devices] = devices.map(&:serial_number)
+        super
+      end
+      def path
+        '/profile/devices'
+      end
+      def method
+        :put
+      end
+      def result
+        {
+          profile_uuid: client.response['profile_uuid'],
+          devices: client.response['devices']
+        }
+      end
+    end
+  end
+end

data/lib/mdm/enrollment/service/auth.rb ADDED

@@ -0,0 +1,100 @@
+module Mdm
+  module Enrollment
+    class Auth < Service::Base
+      cattr_accessor :consumer_key,
+                     :consumer_secret,
+                     :access_token,
+                     :access_secret
+      # Debug purpose only
+      self.consumer_key    = "CK_974972d3a9acf95666e6c0cf4ae026f3d3ca6109b8582d95f3b7171f1f033749f66d8fa299202cf2cf616f7cbbc5fbb8"
+      self.consumer_secret = "CS_f7a9a4bbcee4bfbf1e449a218bb74377c139f25e"
+      self.access_token    = "AT_O8413116053O51d9691b9ff836ea72c731723efa2105710e1862O1438344338000"
+      self.access_secret   = "AS_6eb94db58653f61ec3808f4051937f12e478948f"
+      class << self
+        def token
+          @@token ||= new.obtain_token
+        end
+        def update_token_from_response(response)
+          if response && token = response.headers['x-adm-auth-session']
+            @@token = token
+          end
+        end
+      end
+      def obtain_token
+        client.get '/session',
+               headers: {
+                 'Authorization' => authorization_header
+               }
+        client.response['auth_session_token']
+      end
+      def params
+        @params ||= {
+          oauth_consumer_key: consumer_key,
+          oauth_token: access_token,
+          oauth_nonce: nonce,
+          oauth_timestamp: Time.now.getutc.to_i.to_s,
+          oauth_version: '1.0',
+          oauth_signature_method: 'HMAC-SHA1'
+        }
+      end
+      private
+      def authorization_header
+        params_with_signature = params.merge(
+          realm: 'MDM',
+          oauth_signature: sign(base_str)
+        )
+        'OAuth ' + params_with_signature.map { |key, value|
+          "#{key}=\"#{value}\""
+        }.join(', ')
+      end
+      def base_str
+        # Encode, sort and join params
+        params_encoded = params.inject({}) { |hash, (key, value)|
+          hash[CGI::escape(key.to_s)] = CGI::escape(value)
+          hash
+        }.sort.map { |key, value|
+          "#{key}=#{value}"
+        }.join('&')
+        # Request method + url with path + params, escaped and joined by &
+        [
+          'GET',
+          "https://mdmenrollment.apple.com/session",
+          params_encoded
+        ].map { |str|
+          CGI::escape(str)
+        }.join('&')
+      end
+      def sign(base_str)
+        key = "#{CGI::escape(consumer_secret)}&#{CGI::escape(access_secret)}"
+        digest = OpenSSL::Digest.new('sha1')
+        hmac = OpenSSL::HMAC.digest(digest, key, base_str)
+        CGI::escape(Base64.encode64(hmac).chomp.gsub(/\n/, ''))
+      end
+      def nonce
+        @nonce ||= Base64.encode64(
+          OpenSSL::Random.random_bytes(7)
+        ).gsub(/\W/, '')
+      end
+    end
+  end
+end

data/lib/mdm/enrollment/service/base.rb ADDED

@@ -0,0 +1,67 @@
+module Mdm
+  module Enrollment
+    module Service
+      class Base
+        def self.available_services
+          [:account]
+        end
+        def self.accepted_params
+          []
+        end
+        def start
+          if authenticate?
+            client.authenticate!
+          end
+          options = if [:post, :put].include? method
+                      { body: params.to_json }
+                    else
+                      { query: params }
+                    end
+          client.send(method, path, options)
+        end
+        def result
+          raise 'Subclasses must implement this method'
+        end
+        def method
+          raise 'Subclasses must implement this method'
+        end
+        def path
+          raise 'Subclasses must implement this method'
+        end
+        def authenticate?
+          true
+        end
+        def params
+          @params ||= {}
+        end
+        def params=(params)
+          @params = params.permit(self.class.accepted_params)
+        end
+        protected
+        def client
+          @client ||= Enrollment::Client.new
+        end
+      end
+    end
+  end
+end