ruby-jss 0.11.0 → 0.12.0

data/lib/jss/api_object/configuration_profile/mobile_device_configuration_profile.rb

@@ -0,0 +1,75 @@
+# This is just a stub for now.
+
+#
+module JSS
+
+  #
+  class MobileDeviceConfigurationProfile < JSS::ConfigurationProfile
+
+
+    ### The base for REST resources of this class
+    RSRC_BASE = 'mobiledeviceconfigurationprofiles'.freeze
+
+    ### the hash key used for the JSON list output of all objects in the JSS
+    RSRC_LIST_KEY = :configuration_profiles
+
+    ### The hash key used for the JSON object output.
+    ### It's also used in various error messages
+    RSRC_OBJECT_KEY = :configuration_profile
+
+    # the object type for this object in
+    # the object history table.
+    # See {APIObject#add_object_history_entry}
+    OBJECT_HISTORY_OBJECT_TYPE = 22
+
+    # Our scopes deal with mobile_devices
+    SCOPE_TARGET_KEY = :mobile_devices
+
+    # icons cant be uploaded yet
+    # UPLOAD_TYPES = { icon: :mobiledeviceconfigurationprofileicon }.freeze
+
+    # Attributes
+    ###################################
+
+    # @return [Integer] how many days before a cert payload expires
+    # should this profile be automatically re-installed?
+    attr_reader :redeploy_days_before_certificate_expires
+
+    # Constructor
+    ###################################
+
+    # See JSS::APIObject#initialize
+    #
+    def initialize(args = {})
+      super
+      @redeploy_days_before_certificate_expires = @main_subset[:redeploy_days_before_certificate_expires]
+    end
+
+    # @param new_val[String] the new level for this profile (user/computer)
+    #
+    # @return [void]
+    #
+    def redeploy_days_before_certificate_expires=(new_val)
+      return nil if redeploy_days_before_certificate_expires == new_val
+      raise JSS::InvalidDataError, 'New value must be an integer >= 0' unless new_val.is_a?(Integer) && new_val >= 0
+      @redeploy_days_before_certificate_expires = new_val
+      @need_to_update = true
+    end #
+
+    # Private Instance Methods
+    ###################################
+    private
+
+    def rest_xml
+      doc = super
+      gen = doc.root.elements['general']
+      gen.add_element('redeploy_days_before_certificate_expires').text = redeploy_days_before_certificate_expires.to_s
+      doc.to_s
+    end
+
+  end # class MobileDeviceConfigurationProfile
+
+end # module JSS
+
+require 'jss/api_object/configuration_profile/mobile_device_configuration_profile'
+require 'jss/api_object/configuration_profile/osx_configuration_profile'

data/lib/jss/api_object/configuration_profile/osx_configuration_profile.rb

@@ -0,0 +1,117 @@
+# Copyright 2018 Pixar
+
+#
+#    Licensed under the Apache License, Version 2.0 (the "Apache License")
+#    with the following modification; you may not use this file except in
+#    compliance with the Apache License and the following modification to it:
+#    Section 6. Trademarks. is deleted and replaced with:
+#
+#    6. Trademarks. This License does not grant permission to use the trade
+#       names, trademarks, service marks, or product names of the Licensor
+#       and its affiliates, except as required to comply with Section 4(c) of
+#       the License and to reproduce the content of the NOTICE file.
+#
+#    You may obtain a copy of the Apache License at
+#
+#        http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the Apache License with the above modification is
+#    distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+#    KIND, either express or implied. See the Apache License for the specific
+#    language governing permissions and limitations under the Apache License.
+#
+#
+
+#
+module JSS
+
+  # Classes
+  ###################################
+
+  # An OS X Configuration Profile in the JSS.
+  #
+  # Note that the profile payloads and the profile UUID cannot be edited or updated with this via this class.
+  # Use the web UI.
+  #
+  # @see JSS::APIObject
+  #
+  class OSXConfigurationProfile < JSS::ConfigurationProfile
+
+    # Class Constants
+    ###################################
+
+    # The base for REST resources of this class
+    RSRC_BASE = 'osxconfigurationprofiles'.freeze
+
+    # the hash key used for the JSON list output of all objects in the JSS
+    RSRC_LIST_KEY = :os_x_configuration_profiles
+
+    # The hash key used for the JSON object output.
+    # It's also used in various error messages
+    RSRC_OBJECT_KEY = :os_x_configuration_profile
+
+    # these keys, as well as :id and :name,  are present in valid API JSON data for this class
+    VALID_DATA_KEYS = %i[distribution_method scope redeploy_on_update].freeze
+
+    # Our scopes deal with computers
+    SCOPE_TARGET_KEY = :computers
+
+    # Our SelfService happens on OSX
+    SELF_SERVICE_TARGET = :osx
+
+    # The possible values for :level
+    LEVELS = %w[user computer].freeze
+
+    # can not yet upload icons
+    # UPLOAD_TYPES = { icon: :osxconfigurationprofileicon }.freeze
+
+    # the object type for this object in
+    # the object history table.
+    # See {APIObject#add_object_history_entry}
+    OBJECT_HISTORY_OBJECT_TYPE = 4
+
+    # Attributes
+    ###################################
+
+    # @return [String] the level (user/computer) of this profile
+    attr_reader :level
+
+    # Constructor
+    ###################################
+
+    # See JSS::APIObject#initialize
+    #
+    def initialize(args = {})
+      super
+      @level = @main_subset[:level]
+    end
+
+    # Public Instance Methods
+    ###################################
+
+    # @param new_val[String] the new level for this profile (user/computer)
+    #
+    # @return [void]
+    #
+    def level=(new_val)
+      return nil if @level == new_val
+      raise JSS::InvalidDataError, "New value must be one of '#{LEVELS.join("' '")}'" unless LEVELS.include? new_val
+      @level = new_val
+      @need_to_update = true
+    end #
+
+    # Private Instance Methods
+    ###################################
+    private
+
+    def rest_xml
+      doc = super
+      gen = doc.root.elements['general']
+      gen.add_element('level').text = level
+      doc.to_s
+    end
+
+  end # class OSXConfigurationProfile
+
+end # module

data/lib/jss/api_object/mdm.rb

@@ -760,6 +760,7 @@ module JSS
         send_mdm_command targets, :device_name, opts: { device_name: name }, api: api
       end
       alias set_name device_name
+      alias set_device_name device_name
 
       # Send a wallpaper command to one or more targets
       #
@@ -1153,6 +1154,7 @@ module JSS
       self.class.device_name @id, name, api: @api
     end
     alias set_name device_name
+    alias set_device_name device_name
 
     # Send a wallpaper command to this object
     #

data/lib/jss/api_object/mobile_device.rb

@@ -524,7 +524,7 @@ module JSS
     def update
       super
       return unless @needs_mdm_name_change
-      set_device_mame @name if managed? && supervised?
+      set_device_name @name if managed? && supervised?
       @needs_mdm_name_change = false
     end
 

data/lib/jss/api_object/self_servable.rb

@@ -63,7 +63,7 @@ module JSS
   # Classes including this module *MUST*:
   # - call {#add_self_service_xml(xmldoc)} in their #rest_xml method
   #
-  # IMPORTANT: Since SelfServable also includes #{JSS::Updatable}, for uploading icons,
+  # IMPORTANT: Since SelfServable also includes #{JSS::Uploadable}, for uploading icons,
   # see that module for its requirements.
   #
   #
@@ -90,6 +90,35 @@ module JSS
 
     DEFAULT_INSTALL_BUTTON_TEXT = 'Install'.freeze
 
+    # This hash contains the details about the inconsistencies of how
+    # Self Service data is dealt with in the API data of the different
+    # self-servable classes.
+    #
+    #  - in_self_service_data_path: Array, In the API data hash (the @init_data)
+    #      where to find the value indicicating that a thing is in self service.
+    #      e.g. [:self_service, :use_for_self_service] means
+    #      @init_data[:self_service][:use_for_self_service]
+    #
+    #  - in_self_service: Object, In the path defined above, what value means
+    #      the thing IS in self service
+    #
+    #  - not_in_self_service: Object, In the path defined above, what value means
+    #      the thing IS NOT in self service
+    #
+    #  - targets: Array<Symbol>, the array contains either :macos, :ios, or both.
+    #
+    #  - payload: Symbol, The thing that is deployed by self service, one of:
+    #     :policy, :app, :profile, :patchpolicy (ebooks are considered apps)
+    #
+    #  - can_display_in_categories: Boolean, when adding 'self service categories'
+    #    can the thing be 'displayed in' those categories?
+    #
+    #  - can_feature_in_categories: Boolean, when adding 'self service categories'
+    #    can the thing be 'featured in' those categories?
+    #
+    # It's unfortunate that this is needed in order to keep all the
+    # self service ruby code in this one module.
+    #
     SELF_SERVICE_CLASSES = {
       JSS::Policy => {
         in_self_service_data_path: [:self_service, :use_for_self_service],
@@ -330,7 +359,11 @@ module JSS
     # @return [void]
     #
     def self_service_user_removable=(new_val, pw = @self_service_removal_password)
-      return nil if new_val == @self_service_user_removable && pw == @self_service_removal_password
+      new_val, pw = *new_val if new_val.is_a? Array
+      pw = nil unless new_val == :with_auth
+
+      return nil if new_val == self_service_user_removable && pw == self_service_removal_password
+
       validate_user_removable new_val
 
       @self_service_user_removable = new_val
@@ -354,12 +387,12 @@ module JSS
     #
     def icon=(new_icon)
       if new_icon.is_a? Integer
-        return if new_icon == @icon.id
+        return if @icon && new_icon == @icon.id
         validate_icon new_icon
         @new_icon_id = new_icon
         @need_to_update = true
       else
-        unless uploadable? && self.class::UPLOAD_TYPES.keys.include?(:icon)
+        unless uploadable? && defined?(self.class::UPLOAD_TYPES) && self.class::UPLOAD_TYPES.keys.include?(:icon)
           raise JSS::UnsupportedError, "Class #{self.class} does not support icon uploads."
         end
         new_icon = Pathname.new new_icon
@@ -473,7 +506,7 @@ module JSS
       @init_data[subsection][key] == @self_service_data_config[:in_self_service]
     end
 
-    def validate_user_removable=(new_val)
+    def validate_user_removable(new_val)
       raise JSS::UnsupportedError, 'User removal settings not applicable to this class' unless self_service_payload == :profile
 
       raise JSS::UnsupportedError, 'Removal :with_auth not applicable to this class' if new_val == :with_auth && !self_service_targets.include?(:ios)
@@ -483,7 +516,7 @@ module JSS
 
     def validate_icon(id)
       return nil unless JSS::DB_CNX.connected?
-      raise JSS::NoSuchItemError, "No icon with id #{new_icon}" unless JSS::Icon.all_ids.include? id
+      raise JSS::NoSuchItemError, "No icon with id #{id}" unless JSS::Icon.all_ids.include? id
     end
 
     # Re-read the icon data for this object from the API
@@ -533,9 +566,14 @@ module JSS
       end
 
       if self_service_payload == :profile
-        sec = ssvc.add_element('security')
-        sec.add_element('removal_disallowed').text = PROFILE_REMOVAL_BY_USER[@self_service_user_removable]
-        sec.add_element('password').text = @self_service_removal_password if @self_service_removal_password
+        if self_service_targets.include? :ios
+          sec = ssvc.add_element('security')
+          sec.add_element('removal_disallowed').text = PROFILE_REMOVAL_BY_USER[@self_service_user_removable]
+          sec.add_element('password').text = @self_service_removal_password.to_s
+        else
+          gen = doc_root.elements['general']
+          gen.add_element('user_removable').text = (@self_service_user_removable == :always).to_s
+        end
       end
 
       return unless @self_service_data_config[:in_self_service_data_path]

data/lib/jss/client.rb

@@ -26,16 +26,7 @@
 ###
 module JSS
 
-  # Module Variables
-  #####################################
-
-  # Module Methods
-  #####################################
-
-  # Classes
-  #####################################
-
-  # This class represents a Casper/JSS Client computer, on which
+  # This class represents a Jamf/JSS Client computer, on which
   # this code is running.
   #
   # Since the class represents the current machine, there's no need
@@ -43,39 +34,13 @@ module JSS
   #
   # At the moment, only Macintosh computers are supported.
   #
+  # TODO: convert this to a module, since that's how it's used.
   #
   class Client
 
-    # Class Constants
+    # Constants
     #####################################
 
-    # The Pathname to the jamf binary executable
-    # As of El Capitan (OS X 10.11) the location has moved.
-    ORIG_JAMF_BINARY = Pathname.new '/usr/sbin/jamf'
-    ELCAP_JAMF_BINARY = Pathname.new '/usr/local/jamf/bin/jamf'
-    JAMF_BINARY = ELCAP_JAMF_BINARY.executable? ? ELCAP_JAMF_BINARY : ORIG_JAMF_BINARY
-
-    # The Pathname to the jamfHelper executable
-    JAMF_HELPER = Pathname.new '/Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper'
-
-    # The window_type options for jamfHelper
-    JAMF_HELPER_WINDOW_TYPES = {
-      hud: 'hud',
-      utility: 'utility',
-      util: 'utility',
-      full_screen: 'fs',
-      fs: 'fs'
-    }.freeze
-
-    # The possible window positions for jamfHelper
-    JAMF_HELPER_WINDOW_POSITIONS = [nil, :ul, :ll, :ur, :lr].freeze
-
-    # The available buttons in jamfHelper
-    JAMF_HELPER_BUTTONS =  [1, 2].freeze
-
-    # The possible alignment positions in jamfHelper
-    JAMF_HELPER_ALIGNMENTS =  [:right, :left, :center, :justified, :natural].freeze
-
     # The Pathname to the preferences plist used by the jamf binary
     JAMF_PLIST = Pathname.new '/Library/Preferences/com.jamfsoftware.jamf.plist'
 
@@ -88,25 +53,33 @@ module JSS
     # The JAMF downloads folder
     DOWNLOADS_FOLDER = JAMF_SUPPORT_FOLDER + 'Downloads'
 
-    # These jamf commands don't need root privs (most do)
-    ROOTLESS_JAMF_COMMANDS = [
-      :about,
-      :checkJSSConnection,
-      :getARDFields,
-      :getComputerName,
-      :help,
-      :listUsers,
-      :version
-    ].freeze
+    # The bin folder inside the Jamf support folder
+    SUPPORT_BIN_FOLDER = JAMF_SUPPORT_FOLDER + 'bin'
 
-    #####################################
-    # Class Variables
-    #####################################
+    # The bin folder with the jamf binary and a few other things
+    USR_LOCAL_BIN_FOLDER = Pathname.new '/usr/local/jamf/bin'
+
+    # This command gives raw info about console users
+    CONSOLE_USERS_SCUTIL_CMD = 'echo "show State:/Users/ConsoleUser" | /usr/sbin/scutil'.freeze
+
+    # ignore console user = root (loginwindow)
+    ROOT_USER = 'root'.freeze
+
+    # ignore primary console user loginwindow
+    LOGINWINDOW_USER = 'loginwindow'.freeze
+
+    # The end of the path to the Self Service Executable.
+    # Used to figure out who's running Self Service.app
+    SELF_SERVICE_EXECUTABLE_END = '/Self Service.app/Contents/MacOS/Self Service'.freeze
+
+    # the ps command used to figure out who's running Self Service
+    PS_USER_COMM = 'ps -A -o user,comm'.freeze
 
-    #####################################
     # Class Methods
     #####################################
 
+
+
     # Get the current IP address as a String.
     #
     # This handy code doesn't acutally make a UDP connection,
@@ -132,22 +105,6 @@ module JSS
       Socket.do_not_reverse_lookup = orig
     end
 
-    # Who's logged in to the console right now?
-    #
-    # @return [String, nil] the username of the current console user, or nil if none.
-    #
-    def self.console_user
-      cmd = '/usr/sbin/scutil'
-      qry = 'show State:/Users/ConsoleUser'
-      Open3.popen2e(cmd) do |cmdin, cmdouterr, _wait_thr|
-        cmdin.puts qry
-        cmdin.close
-        out = cmdouterr.read
-        user = out.lines.select { |l| l =~ /^\s+Name\s*:/ }.first.to_s.split(/\s*:\s*/).last
-        return user.nil? ? user : user.chomp
-      end # do
-    end
-
     # Is the jamf binary installed?
     #
     # @return [Boolean] is the jamf binary installed?
@@ -207,11 +164,12 @@ module JSS
 
     # The contents of the JAMF plist
     #
-    # @return [Hash] the parsed contents of the JAMF_PLIST if it exists, an empty hash if not
+    # @return [Hash] the parsed contents of the JAMF_PLIST if it exists,
+    # an empty hash if not
     #
     def self.jamf_plist
       return {} unless JAMF_PLIST.file?
-      Plist.parse_xml `/usr/libexec/PlistBuddy -x -c print #{Shellwords.escape JSS::Client::JAMF_PLIST.to_s}`
+      JSS.parse_plist JAMF_PLIST
     end
 
     # All the JAMF receipts on this client
@@ -264,303 +222,51 @@ module JSS
     #
     def self.hardware_data
       raw = `/usr/sbin/system_profiler SPHardwareDataType -xml 2>/dev/null`
-      Plist.parse_xml(raw)[0]['_items'][0]
+      JSS.parse_plist(raw)[0]['_items'][0]
     end
 
-    # Run an arbitrary jamf binary command.
-    #
-    # @note Most jamf commands require superuser/root privileges.
-    #
-    # @param command[String,Symbol] the jamf binary command to run
-    #   The command is the single jamf command that comes after the/usr/bin/jamf.
-    #
-    # @param args[String,Array] the arguments passed to the jamf command.
-    #   This is to be passed to Kernel.` (backtick), after being combined with the
-    #   jamf binary and the jamf command
-    #
-    # @param verbose[Boolean] Should the stdout & stderr of the jamf binary be sent to
-    #  the current stdout in realtime, as well as returned as a string?
-    #
-    # @return [String] the stdout & stderr of the jamf binary.
+    # Who's currently got an active GUI session? - might be
+    # more than one if Fast User Switching is in use.
     #
-    # @example
-    #   These two are equivalent:
-    #
-    #     JSS::Client.run_jamf "recon", "-assetTag 12345 -department 'IT Support'"
-    #
-    #     JSS::Client.run_jamf :recon, ['-assetTag', '12345', '-department', 'IT Support'"]
+    # @return [Array<String>] The current users with GUI sessions
     #
+    def self.console_users
+      output = `#{CONSOLE_USERS_SCUTIL_CMD}`
+      userlines = output.lines.select { |l| l =~ /SessionUserNameKey\s*:/ }
+      userlines.map! { |ul| ul.split(':').last.strip }
+      userlines.reject { |un| un == ROOT_USER }
+    end
+
+    # Which console user is using the primary GUI console?
+    # Returns nil if the primary GUI console is at the login window.
     #
-    # The details of the Process::Status for the jamf binary process can be captured from $?
-    # immediately after calling. (See Process::Status)
+    # @return [String,nil] The login name of the user is using the primary
+    #   GUI console, or nil if at the login window.
     #
-    def self.run_jamf(command, args = nil, verbose = false)
-      raise JSS::UnmanagedError, 'The jamf binary is not installed on this computer.' unless installed?
-      raise JSS::UnsupportedError, 'You must have root privileges to run that jamf binary command' unless \
-        ROOTLESS_JAMF_COMMANDS.include?(command.to_sym) || JSS.superuser?
-
-      cmd = case args
-            when nil
-              "#{JAMF_BINARY} #{command}"
-            when String
-              "#{JAMF_BINARY} #{command} #{args}"
-            when Array
-              ([JAMF_BINARY.to_s, command] + args).join(' ').to_s
-            else
-              raise JSS::InvalidDataError, 'args must be a String or Array of Strings'
-            end # case
-
-      cmd += ' -verbose' if verbose && (!cmd.include? ' -verbose')
-      puts "Running: #{cmd}" if verbose
+    def self.primary_console_user
+      `#{CONSOLE_USERS_SCUTIL_CMD}` =~ /^\s*Name : (\S+)$/
+      Regexp.last_match(1) == LOGINWINDOW_USER ? nil : user
+    end
 
-      output = []
-      IO.popen("#{cmd} 2>&1") do |proc|
-        while line = proc.gets
-          output << line
-          puts line if verbose
-        end
-      end
-      install_out = output.join('')
-      install_out.force_encoding('UTF-8') if install_out.respond_to? :force_encoding
-      install_out
-    end # run_jamf
+    # alias for primary_console_user
+    def self.console_user
+      primary_console_user
+    end
 
-    # A wrapper for the jamfHelper command, which can display a window on the client machine.
-    #
-    # The first parameter must be a symbol defining what kind of window to display. The options are
-    # - :hud - creates an Apple "Heads Up Display" style window
-    # - :utility or :util -  creates an Apple "Utility" style window
-    # - :fs or :full_screen or :fullscreen - creates a full screen window that restricts all user input
-    #   WARNING: Remote access must be used to unlock machines in this mode
-    #
-    # The remaining options Hash can contain any of the options listed. See below for descriptions.
-    #
-    # The value returned is the Integer exitstatus/stdout (both are the same) of the jamfHelper command.
-    # The meanings of those integers are:
-    #
-    # - 0 - Button 1 was clicked
-    # - 1 - The Jamf Helper was unable to launch
-    # - 2 - Button 2 was clicked
-    # - 3 - Process was started as a launchd task
-    # - XX1 - Button 1 was clicked with a value of XX seconds selected in the drop-down
-    # - XX2 - Button 2 was clicked with a value of XX seconds selected in the drop-down
-    # - 239 - The exit button was clicked
-    # - 240 - The "ProductVersion" in sw_vers did not return 10.5.X, 10.6.X or 10.7.X
-    # - 243 - The window timed-out with no buttons on the screen
-    # - 250 - Bad "-windowType"
-    # - 254 - Cancel button was select with delay option present
-    # - 255 - No "-windowType"
-    #
-    # If the :abandon_process option is given, the integer returned is the Process ID
-    # of the abondoned process running jamfHelper.
-    #
-    # See also /Library/Application\ Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper -help
-    #
-    # @note the -startlaunchd and -kill options are not available in this implementation, since
-    #   they don't work at the moment (casper 9.4).
-    #   -startlaunchd seems to be required to NOT use launchd, and when it's ommited, an error is generated
-    #   about the launchd plist permissions being incorrect.
-    #
-    # @param window_type[Symbol]  The type of window to display
-    #
-    # @param opts[Hash] the options for the window
-    #
-    # @option opts :window_position [Symbol,nil] one of [ nil, :ul, :ll. :ur, :lr ]
-    #   Positions window in the upper right, upper left, lower right or lower left of the user's screen
-    #   If no input is given, the window defaults to the center of the screen
-    #
-    # @option opts :title [String]
-    #   Sets the window's title to the specified string
-    #
-    # @option opts :heading  [String]
-    #   Sets the heading of the window to the specified string
-    #
-    # @option opts :align_heading [Symbol] one of  [:right, :left, :center, :justified, :natural]
-    #   Aligns the heading to the specified alignment
-    #
-    # @option opts :description [String]
-    #   Sets the main contents of the window to the specified string
-    #
-    # @option opts :align_description [Symbol] one of  [:right, :left, :center, :justified, :natural]
-    #   Aligns the description to the specified alignment
-    #
-    # @option opts :icon [String,Pathname]
-    #   Sets the windows image field to the image located at the specified path
-    #
-    # @option opts :icon_size [Integer]
-    #   Changes the image frame to the specified pixel size
-    #
-    # @option opts :full_screen_icon [any value]
-    #   Scales the "icon" to the full size of the window.
-    #   Note: Only available in full screen mode
+    # Who's currently running Self Service.app? - might be
+    # more than one if Fast User Switching is in use.
     #
-    # @option opts :button1 [String]
-    #   Creates a button with the specified label
+    # @return [Array<String>] The current users running Self Service.app
     #
-    # @option opts :button2 [String]
-    #   Creates a second button with the specified label
-    #
-    # @option opts :default_button [Integer]  either 1 or 2
-    #   Sets the default button of the window to the specified button. The Default Button will respond to "return"
-    #
-    # @option opts :cancel_button [Integer]  either 1 or 2
-    #   Sets the cancel button of the window to the specified button. The Cancel Button will respond to "escape"
-    #
-    # @option opts :timeout [Integer]
-    #   Causes the window to timeout after the specified amount of seconds
-    #   Note: The timeout will cause the default button, button 1 or button 2 to be selected (in that order)
-    #
-    # @option opts :show_delay_options [String,Array<Integer>] A String of comma-separated Integers, or an Array of Integers.
-    #   Enables the "Delay Options Mode". The window will display a dropdown with the values passed through the string
-    #
-    # @option opts :countdown [any value]
-    #   Displays a string notifying the user when the window will time out
-    #
-    # @option opts :align_countdown [Symbol] one of  [:right, :left, :center, :justified, :natural]
-    #   Aligns the countdown to the specified alignment
-    #
-    # @option opts :lock_hud [Boolean]
-    #   Removes the ability to exit the HUD by selecting the close button
-    #
-    # @option opts :abandon_process [Boolean] Abandon the jamfHelper process so that your code can exit.
-    #   This is mostly used so that a policy can finish while a dialog is waiting
-    #   (possibly forever) for user response. When true, the returned value is the
-    #   process id of the abandoned jamfHelper process.
-    #
-    # @option opts :output_file [String, Pathname] Save the output of jamfHelper
-    #   (the exit code) into this file. This is useful when using abandon_process.
-    #   The output file can be examined later to see what happened. If this option
-    #   is not provided, no output is saved.
-    #
-    # @option opts :arg_string [String] The jamfHelper commandline args as a single
-    #   String, the way you'd specify them in a shell. This is appended to any
-    #   Ruby options provided when calling the method. So calling:
-    #      JSS::Client.jamf_helper :hud, title: 'This is a title', arg_string: '-heading "this is a heading"'
-    #   will run
-    #      jamfHelper -windowType hud -title 'this is a title' -heading "this is a heading"
-    #   When using this, be careful not to specify the windowType, since it's generated
-    #   by the first, required, parameter of this method.
-    #
-    # @return [Integer] the exit status of the jamfHelper command. See above.
-    #
-    def self.jamf_helper(window_type = :hud, opts = {})
-      raise JSS::UnmanagedError, 'The jamfHelper app is not installed properly on this computer.' unless JAMF_HELPER.executable?
-
-      unless JAMF_HELPER_WINDOW_TYPES.include? window_type
-        raise JSS::InvalidDataError, "The first parameter must be a window type, one of :#{JAMF_HELPER_WINDOW_TYPES.keys.join(', :')}."
-      end
-
-      # start building the arg array
-
-      args = ['-startlaunchd', '-windowType', JAMF_HELPER_WINDOW_TYPES[window_type]]
-
-      opts.keys.each do |opt|
-        case opt
-        when :window_position
-          raise JSS::InvalidDataError, ":window_position must be one of :#{JAMF_HELPER_WINDOW_POSITIONS.join(', :')}." unless \
-            JAMF_HELPER_WINDOW_POSITIONS.include? opts[opt].to_sym
-          args << '-windowPosition'
-          args << opts[opt].to_s
-
-        when :title
-          args << '-title'
-          args << opts[opt].to_s
-
-        when :heading
-          args << '-heading'
-          args << opts[opt].to_s
-
-        when :align_heading
-          raise JSS::InvalidDataError, ":align_heading must be one of :#{JAMF_HELPER_ALIGNMENTS.join(', :')}." unless \
-            JAMF_HELPER_ALIGNMENTS.include? opts[opt].to_sym
-          args << '-alignHeading'
-          args << opts[opt].to_s
-
-        when :description
-          args << '-description'
-          args << opts[opt].to_s
-
-        when :align_description
-          raise JSS::InvalidDataError, ":align_description must be one of :#{JAMF_HELPER_ALIGNMENTS.join(', :')}." unless \
-            JAMF_HELPER_ALIGNMENTS.include? opts[opt].to_sym
-          args << '-alignDescription'
-          args << opts[opt].to_s
-
-        when :icon
-          args << '-icon'
-          args << opts[opt].to_s
-
-        when :icon_size
-          args << '-iconSize'
-          args << opts[opt].to_s
-
-        when :full_screen_icon
-          args << '-fullScreenIcon'
-
-        when :button1
-          args << '-button1'
-          args << opts[opt].to_s
-
-        when :button2
-          args << '-button2'
-          args << opts[opt].to_s
-
-        when :default_button
-          raise JSS::InvalidDataError, ":default_button must be one of #{JAMF_HELPER_BUTTONS.join(', ')}." unless \
-            JAMF_HELPER_BUTTONS.include? opts[opt]
-          args << '-defaultButton'
-          args << opts[opt].to_s
-
-        when :cancel_button
-          raise JSS::InvalidDataError, ":cancel_button must be one of #{JAMF_HELPER_BUTTONS.join(', ')}." unless \
-            JAMF_HELPER_BUTTONS.include? opts[opt]
-          args << '-cancelButton'
-          args << opts[opt].to_s
-
-        when :timeout
-          args << '-timeout'
-          args << opts[opt].to_s
-
-        when :show_delay_options
-          args << '-showDelayOptions'
-          args << JSS.to_s_and_a(opts[opt])[:arrayform].join(', ')
-
-        when :countdown
-          args << '-countdown' if opts[opt]
-
-        when :align_countdown
-          raise JSS::InvalidDataError, ":align_countdown must be one of :#{JAMF_HELPER_ALIGNMENTS.join(', :')}." unless \
-            JAMF_HELPER_ALIGNMENTS.include? opts[opt].to_sym
-          args << '-alignCountdown'
-          args << opts[opt].to_s
-
-        when :lock_hud
-          args << '-lockHUD' if opts[opt]
-
-        end # case opt
-      end # each do opt
-
-      cmd = Shellwords.escape JAMF_HELPER.to_s
-      args.each { |arg| cmd << " #{Shellwords.escape arg}" }
-      cmd << " #{opts[:arg_string]}" if opts[:arg_string]
-      cmd << " > #{Shellwords.escape opts[:output_file]}" if opts[:output_file]
-
-      if opts[:abandon_process]
-        pid = Process.fork
-        if pid.nil?
-          # In child
-          exec cmd
-        else
-          # In parent
-          Process.detach(pid)
-          pid
-        end
-      else
-        system cmd
-        $CHILD_STATUS.exitstatus
-      end
-    end # def self.jamf_helper
+    def self.self_service_users
+      ss_userlines = `#{PS_USER_COMM}`.lines.select { |l| l.include? SELF_SERVICE_EXECUTABLE_END }
+      ss_userlines.map { |ssl| ssl.split(' ').first }
+    end
 
   end # class Client
 
 end # module
+
+require 'jss/client/jamf_binary'
+require 'jss/client/jamf_helper'
+require 'jss/client/management_action'