ruby-jss 1.2.10 → 1.5.2

data/lib/jss/api_object/package.rb

@@ -121,9 +121,31 @@ module JSS
     # @return [Array<String>] The current file names
     #
     def self.all_filenames(api: JSS.api)
-      pkgs_in_use = []
-      all_ids.each { |pkg_id| pkgs_in_use << fetch(id: pkg_id, api: api).filename }
-      pkgs_in_use.compact
+      all_filenames_by(:id, api: api).values
+    end
+
+    # A Hash of all dist-point filenames used by all JSS packages, keyed by
+    # package name or id
+    #
+    # Slow cuz we have to instantiate every pkg
+    #
+    # @param key[Symbol] either :id, or :name
+    #
+    # @param api[JSS::APIConnection] an API connection to use
+    #   Defaults to the corrently active API. See {JSS::APIConnection}
+    #
+    # @return [Hash{Ingeter,String => String}] The current file names by key
+    #
+    def self.all_filenames_by(key, api: JSS.api)
+      raise ArgumentError, 'key must be :id or :name' unless %i[id name].include? key
+
+      files_in_use = {}
+      all_ids(:refresh).each do |pkg_id|
+        pkg = fetch id: pkg_id, api: api
+        files_in_use[pkg.send(key)] = pkg.filename
+      end
+
+      files_in_use
     end
 
     # An array of String filenames for all files DIST_POINT_PKGS_FOLDER
@@ -140,14 +162,17 @@ module JSS
     # @param api[JSS::APIConnection] an API connection to use
     #   Defaults to the corrently active API. See {JSS::APIConnection}
     #
+    # @param dist_point [String,Integer] the name or id of the distribution
+    #   point to use. Defaults to the Master Dist. Point
+    #
     # @return [Array<String>] The orphaned files
     #
-    def self.orphaned_files(ro_pw, unmount = true, api: JSS.api)
-      mdp = JSS::DistributionPoint.master_distribution_point api: api
-      pkgs_dir = mdp.mount(ro_pw, :ro) + DIST_POINT_PKGS_FOLDER
-      files_on_mdp = pkgs_dir.children.map { |f| f.basename.to_s }
-      mdp.unmount if unmount
-      files_on_mdp - all_filenames(api: api)
+    def self.orphaned_files(ro_pw, unmount = true, api: JSS.api, dist_point: nil)
+      dp = fetch_dist_point(dist_point, api: api)
+      pkgs_dir = dp.mount(ro_pw, :ro) + DIST_POINT_PKGS_FOLDER
+      files_on_dp = pkgs_dir.children.map { |f| f.basename.to_s }
+      dp.unmount if unmount
+      files_on_dp - all_filenames(api: api)
     end
 
     # An array of String filenames for all filenames in any
@@ -164,14 +189,18 @@ module JSS
     # @param api[JSS::APIConnection] an API connection to use
     #   Defaults to the corrently active API. See {JSS::APIConnection}
     #
+    # @param dist_point [String,Integer] the name or id of the distribution
+    #   point to use. Defaults to the Master Dist. Point
+    #
+    #
     # @return [Array<String>] The orphaned files
     #
-    def self.missing_files(ro_pw, unmount = true, api: JSS.api)
-      mdp = JSS::DistributionPoint.master_distribution_point api: api
-      pkgs_dir = mdp.mount(ro_pw, :ro) + DIST_POINT_PKGS_FOLDER
-      files_on_mdp = pkgs_dir.children.map { |f| f.basename.to_s }
-      mdp.unmount if unmount
-      all_filenames(api: api) - files_on_mdp
+    def self.missing_files(ro_pw, unmount = true, api: JSS.api, dist_point: nil)
+      dp = fetch_dist_point(dist_point, api: api)
+      pkgs_dir = dp.mount(ro_pw, :ro) + DIST_POINT_PKGS_FOLDER
+      files_on_dp = pkgs_dir.children.map { |f| f.basename.to_s }
+      dp.unmount if unmount
+      all_filenames(api: api) - files_on_dp
     end
 
     # Given a file path, and hash type, generate the checksum for an arbitrary
@@ -189,6 +218,18 @@ module JSS
       CHECKSUM_HASH_TYPES[type].file(filepath).hexdigest
     end
 
+    # @param dist_point [String,Integer] the name or id of the distribution
+    #   point to use. Defaults to the Master Dist. Point
+    #
+    # @return [JSS::DistributionPoint]
+    def self.fetch_dist_point(dist_point, api: JSS.api)
+      if dist_point
+        JSS::DistributionPoint.fetch dist_point, api: api
+      else
+        JSS::DistributionPoint.master_distribution_point api: api
+      end
+    end
+
     # Attributes
     #####################################
 
@@ -324,7 +365,7 @@ module JSS
       new_val = nil if new_val == ''
       new_val ||= @name
       return nil if new_val == @filename
-      warn 'WARNING: you must change the filename on the master Distribution Point. See JSS::Package.update_master_filename.' if @in_jss
+
       @filename = new_val
       @need_to_update = true
     end
@@ -590,13 +631,17 @@ module JSS
     # @param chksum [String] the constants CHECKSUM_HASH_TYPE_SHA512 or
     #   CHECKSUM_HASH_TYPE_MD5. Anything else means don't calc.
     #
+    # @param dist_point [String,Integer] the name or id of the distribution
+    #   point to use. Defaults to the Master Dist. Point
+    #
     # @return [void]
     #
-    def upload_master_file(local_file_path, rw_pw, unmount = true, chksum: DEFAULT_CHECKSUM_HASH_TYPE )
+    def upload_master_file(local_file_path, rw_pw, unmount = true, chksum: DEFAULT_CHECKSUM_HASH_TYPE, dist_point: nil)
       raise JSS::NoSuchItemError, 'Please create this package in the JSS before uploading it.' unless @in_jss
 
-      mdp = JSS::DistributionPoint.master_distribution_point api: @api
-      destination = mdp.mount(rw_pw, :rw) + "#{DIST_POINT_PKGS_FOLDER}/#{@filename}"
+      dp = self.class.fetch_dist_point(dist_point, api: @api)
+
+      destination = dp.mount(rw_pw, :rw) + "#{DIST_POINT_PKGS_FOLDER}/#{@filename}"
 
       local_path = Pathname.new local_file_path
       raise JSS::NoSuchItemError, "Local file '#{@local_file}' doesn't exist" unless local_path.exist?
@@ -637,11 +682,11 @@ module JSS
 
       if CHECKSUM_HASH_TYPES.keys.include? chksum
         @checksum_type = chksum
-        @checksum = calculate_checksum local_file: local_path, type: chksum, unmount: false
+        @checksum = calculate_checksum local_file: local_path, type: chksum, unmount: false, dist_point: dist_point
         @need_to_update = true
       end
       update if @need_to_update
-      mdp.unmount if unmount
+      dp.unmount if unmount
     end # upload master file
 
     # Using either a local file, or the file on the master dist. point,
@@ -658,7 +703,7 @@ module JSS
     #
     # @return [void]
     #
-    def reset_checksum(type: nil, local_file: nil, rw_pw: nil, ro_pw: nil, unmount: true)
+    def reset_checksum(type: nil, local_file: nil, rw_pw: nil, ro_pw: nil, unmount: true, dist_point: nil )
       type ||= DEFAULT_CHECKSUM_HASH_TYPE
 
       new_checksum = calculate_checksum(
@@ -666,7 +711,8 @@ module JSS
         local_file: local_file,
         rw_pw: rw_pw,
         ro_pw: ro_pw,
-        unmount: unmount
+        unmount: unmount,
+        dist_point: dist_point
       )
       return if @checksum == new_checksum
 
@@ -694,11 +740,14 @@ module JSS
     # @param unmount [Boolean] Unmount the master dist point after using it.
     #   Only used if the dist point is mounted. default: true
     #
+    # @param dist_point [String,Integer] the name or id of the distribution
+    #   point to use. Defaults to the Master Dist. Point
+    #
     # @return [String] The calculated checksum
     #
-    def calculate_checksum(type: nil, local_file: nil, rw_pw: nil, ro_pw: nil, unmount: true )
+    def calculate_checksum(type: nil, local_file: nil, rw_pw: nil, ro_pw: nil, unmount: true, dist_point: nil )
       type ||= DEFAULT_CHECKSUM_HASH_TYPE
-      mdp = JSS::DistributionPoint.master_distribution_point api: @api
+      dp = self.class.fetch_dist_point(dist_point, api: @api)
 
       if local_file
         file_to_calc = local_file
@@ -712,10 +761,10 @@ module JSS
         else
           raise ArgumentError, 'Either rw_pw: or ro_pw: must be provided'
         end
-        file_to_calc = mdp.mount(dppw, mnt) + "#{DIST_POINT_PKGS_FOLDER}/#{@filename}"
+        file_to_calc = dp.mount(dppw, mnt) + "#{DIST_POINT_PKGS_FOLDER}/#{@filename}"
       end
       new_checksum = self.class.calculate_checksum(file_to_calc, type)
-      mdp.unmount if unmount && mdp.mounted?
+      dp.unmount if unmount && dp.mounted?
       new_checksum
     end
 
@@ -734,17 +783,21 @@ module JSS
     # @param unmount [Boolean] Unmount the master dist point after using it.
     #   Only used if the dist point is mounted. default: true
     #
+    # @param dist_point [String,Integer] the name or id of the distribution
+    #   point to use. Defaults to the Master Dist. Point
+    #
     # @return [Boolean] false if there is no checksum for this pkg, otherwise,
     #   does the calculated checksum match the one stored for the pkg?
     #
-    def checksum_valid?(local_file: nil, rw_pw: nil, ro_pw: nil, unmount: true)
+    def checksum_valid?(local_file: nil, rw_pw: nil, ro_pw: nil, unmount: true, dist_point: nil )
       return false unless @checksum
       new_checksum = calculate_checksum(
         type: @checksum_type,
         local_file: local_file,
         rw_pw: rw_pw,
         ro_pw: ro_pw,
-        unmount: unmount
+        unmount: unmount,
+        dist_point: dist_point
       )
       new_checksum == @checksum
     end
@@ -760,12 +813,16 @@ module JSS
     # @param rw_pw[String,Symbol] the password for the read/write account on the master Distribution Point,
     #   or :prompt, or :stdin# where # is the line of stdin containing the password See {JSS::DistributionPoint#mount}
     #
+    # @param dist_point [String,Integer] the name or id of the distribution
+    #   point to use. Defaults to the Master Dist. Point
+    #
     # @return [nil]
     #
-    def update_master_filename(old_file_name, new_file_name, rw_pw, unmount = true)
+    def update_master_filename(old_file_name, new_file_name, rw_pw, unmount = true, dist_point: nil)
       raise JSS::NoSuchItemError, "#{old_file_name} does not exist in the jss." unless @in_jss
-      mdp = JSS::DistributionPoint.master_distribution_point api: @api
-      pkgs_dir = mdp.mount(rw_pw, :rw) + DIST_POINT_PKGS_FOLDER.to_s
+      dp = self.class.fetch_dist_point(dist_point, api: @api)
+
+      pkgs_dir = dp.mount(rw_pw, :rw) + DIST_POINT_PKGS_FOLDER.to_s
       old_file = pkgs_dir + old_file_name
       raise JSS::NoSuchItemError, "File not found on the master distribution point at #{DIST_POINT_PKGS_FOLDER}/#{old_file_name}." unless \
         old_file.exist?
@@ -775,7 +832,7 @@ module JSS
       new_file = pkgs_dir + (new_file_name + old_file.extname) if new_file.extname.empty?
 
       old_file.rename new_file
-      mdp.unmount if unmount
+      dp.unmount if unmount
       nil
     end # update_master_filename
 
@@ -791,18 +848,21 @@ module JSS
     #
     # @param unmount[Boolean] whether or not ot unount the distribution point when finished.
     #
+    # @param dist_point [String,Integer] the name or id of the distribution
+    #   point to use. Defaults to the Master Dist. Point
+    #
     # @return [Boolean] was the file deleted?
     #
-    def delete_master_file(rw_pw, unmount = true)
-      mdp = JSS::DistributionPoint.master_distribution_point api: @api
-      file = mdp.mount(rw_pw, :rw) + "#{DIST_POINT_PKGS_FOLDER}/#{@filename}"
+    def delete_master_file(rw_pw, unmount = true, dist_point: nil)
+      dp = self.class.fetch_dist_point(dist_point, api: @api)
+      file = dp.mount(rw_pw, :rw) + "#{DIST_POINT_PKGS_FOLDER}/#{@filename}"
       if file.exist?
         file.delete
         did_it = true
       else
         did_it = false
       end # if exists
-      mdp.unmount if unmount
+      dp.unmount if unmount
       did_it
     end # delete master file
 
@@ -816,9 +876,13 @@ module JSS
     #
     # @param unmount[Boolean] whether or not ot unount the distribution point when finished.
     #
-    def delete(delete_file: false, rw_pw: nil, unmount: true)
+    # @param dist_point [String,Integer] the name or id of the distribution
+    #   point to use. Defaults to the Master Dist. Point
+    #
+    # @return [void]
+    def delete(delete_file: false, rw_pw: nil, unmount: true, dist_point: nil)
       super()
-      delete_master_file(rw_pw, unmount) if delete_file
+      delete_master_file(rw_pw, unmount, dist_point: dist_point) if delete_file
     end
 
     # Install this package via the jamf binary 'install' command from the
@@ -885,7 +949,7 @@ module JSS
 
         # we'll re-add the filename below if needed.
         src_path = args[:alt_download_url].chomp "/#{@filename}"
-
+        using_http = true
       # use our appropriate dist. point for download
       else
         mdp = JSS::DistributionPoint.my_distribution_point api: @api
@@ -1021,6 +1085,7 @@ module JSS
 
     private
 
+
     # Return the REST XML for this pkg, with the current values,
     # for saving or updating
     #

data/lib/jss/api_object/patch_source.rb

@@ -120,30 +120,31 @@ module JSS
 
     # Fetch either an internal or external patch source
     #
-    # BUG: there's an API bug: fetching a non-existent ids
+    # BUG: there's an API bug: fetching a non-existent
     # which is why we rescue internal server errors.
     #
     # @see APIObject.fetch
     #
-    def self.fetch(arg, api: JSS.api)
+    def self.fetch(searchterm = nil, **args)
       if self == JSS::PatchSource
         begin
-          fetched = JSS::PatchInternalSource.fetch arg, api: api
-        rescue RestClient::ResourceNotFound, RestClient::InternalServerError, JSS::NoSuchItemError
+          fetched = JSS::PatchInternalSource.fetch searchterm, **args
+        rescue
           fetched = nil
         end
         unless fetched
           begin
-            fetched = JSS::PatchExternalSource.fetch arg, api: api
-          rescue RestClient::ResourceNotFound, RestClient::InternalServerError, JSS::NoSuchItemError
+            fetched = JSS::PatchExternalSource.fetch searchterm, **args
+          rescue
             raise JSS::NoSuchItemError, 'No matching PatchSource found'
           end
         end
         return fetched
       end # if self == JSS::PatchSource
+
       begin
-        super
-      rescue RestClient::ResourceNotFound, RestClient::InternalServerError, JSS::NoSuchItemError
+        super searchterm, **args
+      rescue JSS::NoSuchItemError
         raise JSS::NoSuchItemError, "No matching #{self::RSRC_OBJECT_KEY} found"
       end
     end
@@ -211,7 +212,7 @@ module JSS
       begin
         # TODO: remove this and adjust parsing when jamf fixes the JSON
         raw = JSS::XMLWorkaround.data_via_xml(rsrc, AVAILABLE_TITLES_DATA_MAP, api)
-      rescue RestClient::ResourceNotFound
+      rescue JSS::NoSuchItemError
         return []
       end
 

data/lib/jss/api_object/policy.rb

@@ -148,6 +148,12 @@ module JSS
       monthly: 'Once every month'
     }.freeze
 
+    RETRY_EVENTS = {
+      none: 'none',
+      checkin: 'check-in',
+      trigger: 'trigger'
+    }.freeze
+
     RESTART_WHEN = {
       if_pkg_requires: 'Restart if a package or update requires it',
       now: 'Restart immediately',
@@ -174,7 +180,9 @@ module JSS
       change_pw: 'specified',
       generate_pw: 'random',
       enable_fv2: 'fileVaultEnable',
-      disable_fv2: 'fileVaultDisable'
+      disable_fv2: 'fileVaultDisable',
+      reset_random: 'resetRandom',
+      reset_pw: 'reset'
     }.freeze
 
     PACKAGE_ACTIONS = {
@@ -191,6 +199,12 @@ module JSS
       after: 'After'
     }.freeze
 
+    DISK_ENCRYPTION_ACTIONS = {
+      apply: "apply",
+      remediate: "remediate",
+      none: "none"
+    }
+
     PRINTER_ACTIONS = {
       map: 'install',
       unmap: 'uninstall'
@@ -249,14 +263,14 @@ module JSS
     }.freeze
 
     LOG_FLUSH_INTERVAL_PERIODS = {
-      day: 'Day',
-      days: 'Day',
-      week: 'Week',
-      weeks: 'Week',
-      month: 'Month',
-      months: 'Month',
-      year: 'Year',
-      years: 'Year'
+      day: 'Days',
+      days: 'Days',
+      week: 'Weeks',
+      weeks: 'Weeks',
+      month: 'Months',
+      months: 'Months',
+      year: 'Years',
+      years: 'Years'
     }.freeze
 
     # the object type for this object in
@@ -273,6 +287,83 @@ module JSS
     # How is the category stored in the API data?
     CATEGORY_DATA_TYPE = Hash
 
+    # Class Methods
+    ######################
+
+    # Flush logs for a given policy older than some number of days, weeks,
+    # months or years, possibly limited to one or more computers.
+    #
+    # With no parameters, flushes all logs for the policy for all computers.
+    #
+    # NOTE: Currently the API doesn't have a way to flush only failed policies.
+    #
+    # WARNING: Log flushing can take a long time, and the API call doesnt return
+    # until its finished. The connection timeout will be temporarily raised to
+    # 30 minutes, unless it's already higher.
+    #
+    # @param policy[Integer,String] The id or name of the policy to flush
+    #
+    # @param older_than[Integer] 0, 1, 2, 3, or 6
+    #
+    # @param period[Symbol] :days, :weeks, :months, or :years
+    #
+    # @param computers[Array<Integer,String>] Identifiers of the target computers
+    #   either ids, names, SNs, macaddrs, or UDIDs. If omitted, flushes logs for
+    #   all computers
+    #
+    # @param api [JSS::APIConnection] the API  connection to use.
+    #
+    # @return [void]
+    #
+    def self.flush_logs(policy, older_than: 0, period: :days, computers: [], api: JSS.api)
+      orig_timeout = api.cnx.options.timeout
+      pol_id = valid_id policy
+      raise JSS::NoSuchItemError, "No Policy identified by '#{policy}'." unless pol_id
+
+      older_than = LOG_FLUSH_INTERVAL_INTEGERS[older_than]
+      raise JSS::InvalidDataError, "older_than must be one of these integers: #{LOG_FLUSH_INTERVAL_INTEGERS.keys.join ', '}" unless older_than
+
+      period = LOG_FLUSH_INTERVAL_PERIODS[period]
+      raise JSS::InvalidDataError, "period must be one of these symbols: :#{LOG_FLUSH_INTERVAL_PERIODS.keys.join ', :'}" unless period
+
+      computers = [computers] unless computers.is_a? Array
+
+      # log flushes can be really slow
+      api.timeout = 1800 unless orig_timeout > 1800
+
+      return api.delete_rsrc "#{LOG_FLUSH_RSRC}/policy/id/#{pol_id}/interval/#{older_than}+#{period}" if computers.empty?
+
+      flush_logs_for_specific_computers pol_id, older_than, period, computers, api
+    ensure
+      api.timeout = orig_timeout
+    end
+
+    # use an XML body in a DELETE request to flush logs for
+    # a list of computers - used by the flush_logs class method
+    def self.flush_logs_for_specific_computers(pol_id, older_than, period, computers, api)
+      # build the xml body for a DELETE request
+      xml_doc = REXML::Document.new JSS::APIConnection::XML_HEADER
+      lf = xml_doc.add_element 'logflush'
+      lf.add_element('log').text = 'policy'
+      lf.add_element('log_id').text = pol_id.to_s
+      lf.add_element('interval').text = "#{older_than} #{period}"
+      comps_elem = lf.add_element 'computers'
+      computers.each do |c|
+        id = JSS::Computer.valid_id c
+        next unless id
+
+        ce = comps_elem.add_element 'computer'
+        ce.add_element('id').text = id.to_s
+      end
+
+      # Do a DELETE request with a body.
+      api.cnx.delete(LOG_FLUSH_RSRC) do |req|
+        req.headers[JSS::APIConnection::HTTP_CONTENT_TYPE_HEADER] = JSS::APIConnection::MIME_XML
+        req.body = xml_doc.to_s
+      end
+    end
+    private_class_method :flush_logs_for_specific_computers
+
     # Attributes
     ######################
 
@@ -541,6 +632,7 @@ module JSS
 
     # @return [String] the message shown the user at policy end
     attr_reader :user_message_finish
+    alias user_message_end user_message_finish
 
     # @return [Hash]
     #
@@ -604,7 +696,6 @@ module JSS
 
       if @in_jss
         gen = @init_data[:general]
-        @frequency = gen[:frequency]
         @target_drive = gen[:target_drive]
         @offline = gen[:offline]
         @enabled = gen[:enabled]
@@ -620,6 +711,10 @@ module JSS
           trigger_enrollment_complete: gen[:trigger_enrollment_complete],
           trigger_other: gen[:trigger_other]
         }
+        @frequency = gen[:frequency]
+        @retry_event = gen[:retry_event]
+        @retry_attempts = gen[:retry_attempts]
+        @notify_failed_retries = gen[:notify_on_each_failed_retry]
 
         dtl = gen[:date_time_limitations]
 
@@ -670,6 +765,7 @@ module JSS
         @disk_encryption = @init_data[:disk_encryption]
 
         @printers = @init_data[:printers]
+        @printers.shift
 
         # Not in jss yet
       end
@@ -735,8 +831,93 @@ module JSS
     # @return [void]
     #
     def frequency=(freq)
-      raise JSS::InvalidDataError, "New frequency must be one of :#{FREQUENCIES.keys.join ', :'}" unless FREQUENCIES.key?(freq)
-      @frequency = FREQUENCIES[freq]
+      raise JSS::InvalidDataError, "New frequency must be one of :#{FREQUENCIES.keys.join ', :'}" unless FREQUENCIES.key?(freq) || FREQUENCIES.value?(freq)
+
+      freq = freq.is_a?(Symbol) ? FREQUENCIES[freq] : freq
+      return if freq == @frequency
+
+      @frequency = freq
+      @need_to_update = true
+    end
+
+    # @return [String] The event that causes a policy retry
+    def retry_event
+      return RETRY_EVENTS[:none] unless FREQUENCIES[:once_per_computer] == @frequency
+
+      @retry_event
+    end
+
+    # Set the event that causes a retry if the policy fails.
+    # One of the ways to turn off policy retry is to set this to :none
+    # The other is to set the retry_attempts to 0
+    #
+    # @param [Symbol, String] A key or value from RETRY_EVENTS
+    # @return [void]
+    #
+    def retry_event=(evt)
+      validate_retry_opt
+      raise JSS::InvalidDataError, "Retry event must be one of :#{RETRY_EVENTS.keys.join ', :'}" unless RETRY_EVENTS.key?(evt) || RETRY_EVENTS.value?(evt)
+
+      evt = evt.is_a?(Symbol) ? RETRY_EVENTS[evt] : evt
+      return if evt == @retry_event
+
+      # if the event is not 'none' and attempts is <= 0,
+      # set events to 1, or the API won't accept it
+      unless evt == RETRY_EVENTS[:none]
+        @retry_attempts = 1 unless @retry_attempts.positive?
+      end
+
+      @retry_event = evt
+      @need_to_update = true
+    end
+
+    # @return [Integer] How many times wil the policy be retried if it fails.
+    #   -1 means no retries,  otherwise, an integer from 1 to 10
+    def retry_attempts
+      return 0 unless FREQUENCIES[:once_per_computer] == @frequency
+
+      @retry_attempts
+    end
+
+    # Set the number of times to retry if the policy fails.
+    # One of the ways to turn off policy retry is to set this to 0 or -1
+    # The other is to set retry_event to :none
+    #
+    # @param [Integer] From -1 to 10
+    # @return [void]
+    #
+    def retry_attempts=(int)
+      validate_retry_opt
+      raise JSS::InvalidDataError, 'Retry attempts must be an integer from 0-10' unless int.is_a?(Integer) && (-1..10).include?(int)
+
+      # if zero or -1, turn off retries
+      if int <= 0
+        @retry_event = RETRY_EVENTS[:none]
+        int = -1
+      end
+      return if @retry_attempts == int
+
+      @retry_attempts = int
+      @need_to_update = true
+    end
+
+    # @return [Boolean] Should admins be notified of failed retry attempts
+    def notify_failed_retries?
+      return false unless FREQUENCIES[:once_per_computer] == @frequency
+
+      @notify_failed_retries
+    end
+    alias notify_failed_retries notify_failed_retries?
+    alias notify_on_each_failed_retry notify_failed_retries?
+
+    # @param bool[Boolean] Should admins be notified of failed retry attempts
+    # @return [void]
+    def notify_failed_retries=(bool)
+      validate_retry_opt
+      bool = JSS::Validate.boolean bool
+      return if @notify_failed_retries == bool
+
+      @notify_failed_retries = bool
       @need_to_update = true
     end
 
@@ -914,6 +1095,30 @@ module JSS
     end
     alias message= reboot_message=
 
+    # Set User Start Message
+    #
+    # @param user_message[String] Text of User Message
+    #
+    # @return [void] description of returned object
+    def user_message_start=(message)
+      raise JSS::InvalidDataError, 'User message must be a String' unless message.is_a? String
+      @user_message_start = message
+      @need_to_update = true
+    end
+
+    # Set User Finish Message
+    #
+    # @param user_message[String] Text of User Message
+    #
+    # @return [void] description of returned object
+    def user_message_end=(message)
+      raise JSS::InvalidDataError, 'User message must be a String' unless message.is_a? String
+      @user_message_finish = message
+      @need_to_update = true
+    end
+
+    alias user_message_finish= user_message_end=
+
     # Set Startup Disk
     # Only Supports 'Specify Local Startup Disk' at the moment
     #
@@ -1180,7 +1385,7 @@ module JSS
 
     # Remove a package from this policy by name or id
     #
-    # @param identfier [String,Integer] the name or id of the package to remove
+    # @param identifier [String,Integer] the name or id of the package to remove
     #
     # @return [Array, nil] the new packages array or nil if no change
     #
@@ -1270,7 +1475,7 @@ module JSS
 
     # Remove a script from this policy by name or id
     #
-    # @param identfier [String,Integer] the name or id of the script to remove
+    # @param identifier [String,Integer] the name or id of the script to remove
     #
     # @return [Array, nil] the new scripts array or nil if no change
     #
@@ -1292,6 +1497,49 @@ module JSS
       @directory_bindings.map { |p| p[:name] }
     end
 
+    # Add a Directory Bidning to the list of directory_bindings handled by this policy.
+    # If the directory binding already exists in the policy, nil is returned and
+    # no changes are made.
+    #
+    # @param [String,Integer] identifier the name or id of the directory binding to add to this policy
+    #
+    # @param position [Symbol, Integer] where to add this directory binding among the list of
+    #   directory_bindings. Zero-based, :start and 0 are the same, as are :end and -1.
+    #   Defaults to :end
+    #
+    # @return [Array, nil]  the new @directory_bindings array, nil if directory_binding was already in the policy
+    #
+    def add_directory_binding(identifier, **opts)
+      id = validate_directory_binding_opts identifier, opts
+
+      return nil if @directory_bindings.map { |s| s[:id] }.include? id
+
+      name = JSS::DirectoryBinding.map_all_ids_to(:name, api: @api)[id]
+
+      directory_binding_data = {
+        id: id,
+        name: name
+      }
+
+      @directory_bindings.insert opts[:position], directory_binding_data
+
+      @need_to_update = true
+      @directory_bindings
+    end
+
+
+    # Remove a directory binding from this policy by name or id
+    #
+    # @param identifier [String,Integer] the name or id of the directory binding to remove
+    #
+    # @return [Array, nil] the new directory bindings array or nil if no change
+    #
+    def remove_directory_binding(identifier)
+      removed = @directory_bindings.delete_if { |s| s[:id] == identifier || s[:name] == identifier }
+      @need_to_update = true if removed
+      removed
+    end
+
     ###### Dock items
 
     # @return [Array] the id's of the dock_items handled by the policy
@@ -1304,6 +1552,86 @@ module JSS
       @dock_items.map { |p| p[:name] }
     end
 
+
+    ###### Printers
+
+    # Add a specific printer object to the policy.
+    #
+    # @author Tyler Morgan
+    #
+    # @param newvalue [String,Integer] The name or the id of the printer to be added to this policy.
+    #
+    # @param position [Symbol, Integer] where to add this printer object among the list of printer
+    #   objects. Zero-based, :start and 0 are the same, as are :end and -1.
+    #   Defaults to :end
+    #
+    # @param action [Symbol] One of the PRINTER_ACTIONS symbols. What you want done with the printer object upon policy execution.
+    #
+    # @param make_default [TrueClass,FalseClass] Should this printer object be set to default.
+    #   Defaults to false
+    #
+    # @return [String] The new printers array or nil if the printer was already in the policy
+    def add_printer(identifier, **opts)
+      id = validate_printer_opts identifier, opts
+
+      return nil if @printers.map { |p| p[:id] }.include? id
+
+      name = JSS::Printer.map_all_ids_to(:name, api: @api)[id]
+
+      printer_data = {
+        id: id,
+        name: name,
+        action: PRINTER_ACTIONS[opts[:action]],
+        make_default: opts[:make_default]
+      }
+
+      @printers.insert opts[:position], printer_data
+
+      @need_to_update = true
+      @printers
+    end
+
+
+    # Remove a specific printer object from the policy.
+    #
+    # @author Tyler Morgan
+    #
+    # @param identifier [String,Integer] The name or id of the printer to be removed.
+    #
+    # @return [Array, nil] The new printers array or nil if no change.
+    def remove_printer(identifier)
+      removed = @printers.delete_if { |p| p[:id] == identifier || p[:name] == identifier }
+
+      @need_to_update = true
+      removed
+    end
+
+    # Add a dock item to the policy
+    def add_dock_item(identifier, action)
+      id = JSS::DockItem.valid_id identifier, api: @api
+
+      raise JSS::NoSuchItemError, "No Dock Item matches '#{identifier}'" unless id
+
+      raise JSS::InvalidDataError, "Action must be one of: :#{DOCK_ITEM_ACTIONS.keys.join ', :'}" unless DOCK_ITEM_ACTIONS.include? action
+
+      return nil if @dock_items.map { |d| d[:id] }.include? id
+
+      name = JSS::DockItem.map_all_ids_to(:name, api: @api)[id]
+
+      @dock_items << {id: id, name: name, action: DOCK_ITEM_ACTIONS[action]}
+
+      @need_to_update = true
+      @dock_items
+    end
+
+    # Remove a dock item from the policy
+    def remove_dock_item(identifier)
+      # TODO: Add validation against JSS::DockItem
+      removed = @dock_items.delete_if { |d| d[:id] == identifier || d[:name] == identifier }
+      @need_to_update = true if removed
+      removed
+    end
+
     # @return [Array] the id's of the printers handled by the policy
     def printer_ids
         begin
@@ -1312,7 +1640,7 @@ module JSS
             return []
         end
     end
-    
+
     # @return [Array] the names of the printers handled by the policy
     def printer_names
         begin
@@ -1322,6 +1650,130 @@ module JSS
         end
     end
 
+
+
+    ###### Disk Encryption
+
+    # Sets the Disk Encryption application to "Remediate" and sets the remediation key type to individual.
+    #
+    # @author Tyler Morgan
+    #
+    # @return [Void]
+    #
+    def reissue_key()
+      if @disk_encryption[:action] != DISK_ENCRYPTION_ACTIONS[:remediate]
+        # Setting New Action
+        hash = {
+          action: DISK_ENCRYPTION_ACTIONS[:remediate],
+          remediate_key_type: "Individual"
+        }
+
+        @disk_encryption = hash
+        @need_to_update = true
+
+      else
+        # Update
+        return
+      end
+
+    end
+
+
+    # Sets the Disk Encryption application to "Apply" and sets the correct disk encryption configuration ID using either the name or id.
+    #
+    # @author Tyler Morgan
+    #
+    # @return [Void]
+    #
+    def apply_encryption_configuration(identifier)
+
+      id = JSS::DiskEncryptionConfiguration.valid_id identifier
+
+      return if id.nil?
+
+      hash = {
+        action: DISK_ENCRYPTION_ACTIONS[:apply],
+        disk_encryption_configuration_id: id,
+        auth_restart: false
+      }
+
+      @disk_encryption = hash
+      @need_to_update = true
+    end
+
+
+    # Removes the Disk Encryption settings associated with this specific policy.
+    #
+    # @author Tyler Morgan
+    #
+    # @return [Void]
+    #
+    def remove_encryption_configuration()
+      hash = {
+        action: DISK_ENCRYPTION_ACTIONS[:none]
+      }
+
+      @disk_encryption = hash
+      @need_to_update = true
+    end
+
+    # Interact with management account settings
+    #
+    # @param action [Key] one of the MGMT_ACCOUNT_ACTIONS keys
+    #
+    # @return The current specified management settings.
+    #
+    # Reference: https://developer.jamf.com/documentation#resources-with-passwords
+    #
+    def set_management_account(action, **opts)
+      # TODO: Add proper error handling
+      raise JSS::InvalidDataError, "Action must be one of: :#{MGMT_ACCOUNT_ACTIONS.keys.join ', :'}" unless MGMT_ACCOUNT_ACTIONS.include? action
+
+      management_data = {}
+
+      if action == :change_pw || action == :reset_pw
+        raise JSS::MissingDataError, ":password must be provided when changing management account password" if opts[:password].nil?
+
+        management_data = {
+          action: MGMT_ACCOUNT_ACTIONS[action],
+          managed_password: opts[:password]
+        }
+      elsif action == :reset_random || action == :generate_pw
+        raise JSS::MissingDataError, ":password_length must be provided when setting a random password" if opts[:password_length].nil?
+        raise JSS::InvalidDataError, ":password_length must be an Integer" unless opts[:password_length].is_a? Integer
+
+        management_data = {
+          action: MGMT_ACCOUNT_ACTIONS[action],
+          managed_password_length: opts[:password_length]
+        }
+      else
+        management_data = {
+          action: MGMT_ACCOUNT_ACTIONS[action]
+        }
+      end
+
+      @management_account = management_data
+
+      @need_to_update = true
+
+      @management_account
+
+    end
+
+    # Check if management password matches provided password
+    #
+    # @param password[String] the password that is SHA256'ed to compare to the one from the API.
+    #
+    # @return [Boolean] The result of the comparison of the management password and provided text.
+    #
+    def verify_management_password(password)
+      raise JSS::InvalidDataError, "Management password must be a string." unless password.is_a? String
+
+      raise JSS::UnsupportedError, "'#{@management_account[:action].to_s}' does not support management passwords." unless @management_account[:action] == MGMT_ACCOUNT_ACTIONS[:change_pw] || @management_account[:action] == MGMT_ACCOUNT_ACTIONS[:reset_pw]
+
+      return Digest::SHA256.hexdigest(password).to_s == @management_account[:managed_password_sha256].to_s
+    end
+
     ###### Actions
 
     # Try to execute this policy on this machine.
@@ -1340,34 +1792,37 @@ module JSS
     end
     alias execute run
 
-    # Flush all policy logs for this policy older than
-    # some number of days, weeks, months or years.
+    # Flush logs for this policy older than
+    # some number of days, weeks, months or years, possibly limited to
+    # one or more computers
     #
-    # With no parameters, flushes all logs
+    # With no parameters, flushes all logs for all computers
     #
-    # NOTE: Currently the API doesn't have a way to
-    # flush only failed policies.
+    # NOTE: Currently the API doesn't have a way to flush only failed policies.
+    #
+    # WARNING: Log flushing can take a long time, and the API call doesnt return
+    # until its finished. The connection timeout will be temporarily raised to
+    # 30 minutes, unless it's already higher.
     #
     # @param older_than[Integer] 0, 1, 2, 3, or 6
     #
     # @param period[Symbol] :days, :weeks, :months, or :years
     #
+    # @param computers[Array<Integer,String>] Identifiers of the target computers
+    #   either ids, names, SNs, macaddrs, or UDIDs
+    #
     # @return [void]
     #
-    def flush_logs(older_than: 0, period: :days)
+    def flush_logs(older_than: 0, period: :days, computers: [])
       raise JSS::NoSuchItemError, "Policy doesn't exist in the JSS. Use #create first." unless @in_jss
 
-      unless LOG_FLUSH_INTERVAL_INTEGERS.key?(older_than)
-        raise JSS::InvalidDataError, "older_than must be one of these integers: #{LOG_FLUSH_INTERVAL_INTEGERS.keys.join ', '}"
-      end
-
-      unless LOG_FLUSH_INTERVAL_PERIODS.key?(period)
-        raise JSS::InvalidDataError, "period must be one of these symbols: :#{LOG_FLUSH_INTERVAL_PERIODS.keys.join ', :'}"
-      end
-
-      interval = "#{LOG_FLUSH_INTERVAL_INTEGERS[older_than]}+#{LOG_FLUSH_INTERVAL_PERIODS[period]}"
-
-      @api.delete_rsrc "#{LOG_FLUSH_RSRC}/policy/id/#{@id}/interval/#{interval}"
+      JSS::Policy.flush_logs(
+        @id,
+        older_than: older_than,
+        period: period,
+        computers: computers,
+        api: @api
+      )
     end
 
     # Private Instance Methods
@@ -1375,6 +1830,17 @@ module JSS
 
     private
 
+    # raise an error if a trying to set retry options when
+    # frequency is not 'once per comptuer'
+    #
+    # @return [void]
+    #
+    def validate_retry_opt
+      return if FREQUENCIES[:once_per_computer] == @frequency
+
+      raise JSS::UnsupportedError, 'Policy retry is only available when frequency is set to :once_per_computer'
+    end
+
     # raise an error if a package being added isn't valid
     #
     # @see #add_package
@@ -1439,6 +1905,64 @@ module JSS
       id
     end
 
+    # raise an error if the directory binding being added isn't valid
+    #
+    # @see #add_directory_binding
+    #
+    # @return [Integer, nil] the valid id for the package
+    #
+    def validate_directory_binding_opts(identifier, opts)
+      opts[:position] ||= -1
+
+      opts[:position] =
+        case opts[:position]
+        when :start then 0
+        when :end then -1
+        else JSS::Validate.integer(opts[:position])
+        end
+
+        # if the given position is past the end, set it to -1 (the end)
+        opts[:position] = -1 if opts[:position] > @directory_bindings.size
+
+        id = JSS::DirectoryBinding.valid_id identifier, api: @api
+        raise JSS::NoSuchItemError, "No directory binding matches '#{identifier}'" unless id
+        id
+    end
+
+    # Raises an error if the printer being added isn't valid, additionally checks the options and sets defaults where possible.
+    #
+    # @see #add_printer
+    #
+    # @return [Integer, nil] the valid id for the package
+    #
+    def validate_printer_opts(identifier, opts)
+      opts[:position] ||= -1
+
+      opts[:position] =
+        case opts[:position]
+        when :start then 0
+        when :end then -1
+        else JSS::Validate.integer(opts[:position])
+        end
+
+      # If the given position is past the end, set it to -1 (the end)
+      opts[:position] = -1 if opts[:position] > @printers.size
+
+      # Checks if action to be done with the printer object is provided and valid.
+      raise JSS::MissingDataError, "action must be provided, must be one of :#{PRINTER_ACTIONS.keys.join(':,')}." if opts[:action].nil?
+      raise JSS::InvalidDataError, "action must be one of :#{PRINTER_ACTIONS.keys.join(',:')}." unless PRINTER_ACTIONS.keys.include? opts[:action]
+
+
+      # Checks if the make_default option is valid, and sets the default if needed.
+      raise JSS::InvalidDataError, "make_default must be either true or false." unless opts[:make_default].is_a?(TrueClass) || opts[:make_default].is_a?(FalseClass) || opts[:make_default].nil?
+
+      opts[:make_default] = false if opts[:make_default].nil?
+
+      id = JSS::Printer.valid_id identifier, api: @api
+      raise JSS::NoSuchItemError, "No printer matches '#{identifier}'" unless id
+      id
+    end
+
     def rest_xml
       doc = REXML::Document.new APIConnection::XML_HEADER
       obj = doc.add_element RSRC_OBJECT_KEY.to_s
@@ -1447,6 +1971,10 @@ module JSS
       general.add_element('name').text = @name
       general.add_element('enabled').text = @enabled
       general.add_element('frequency').text = @frequency
+      general.add_element('retry_event').text = @retry_event
+      general.add_element('retry_attempts').text = @retry_attempts.to_s
+      general.add_element('notify_on_each_failed_retry').text = @notify_failed_retries.to_s
+
       general.add_element('target_drive').text = @target_drive
       general.add_element('offline').text = @offline
 
@@ -1475,6 +2003,22 @@ module JSS
       maint.add_element('user_cache').text = @user_cache.to_s
       maint.add_element('verify').text = @verify_startup_disk.to_s
 
+      acct_maint = obj.add_element 'account_maintenance'
+
+      mgmt_acct = acct_maint.add_element 'management_account'
+      JSS.hash_to_rexml_array(@management_account).each { |x| mgmt_acct << x }
+
+      directory_bindings = acct_maint.add_element 'directory_bindings'
+      @directory_bindings.each do |b|
+        directory_binding = directory_bindings.add_element 'binding'
+        dbdeets = JSS.hash_to_rexml_array b
+        dbdeets.each { |d| directory_binding << d }
+      end
+
+      user_interaction = obj.add_element 'user_interaction'
+      user_interaction.add_element('message_start').text = @user_message_start.to_s
+      user_interaction.add_element('message_finish').text = @user_message_finish.to_s
+
       files_processes = obj.add_element 'files_processes'
       JSS.hash_to_rexml_array(@files_processes).each { |f| files_processes << f }
 
@@ -1493,6 +2037,26 @@ module JSS
         sdeets.each { |d| script << d }
       end
 
+      disk_encryption = obj.add_element 'disk_encryption'
+
+      @disk_encryption.each do |k,v|
+        disk_encryption.add_element(k.to_s).text = v.to_s
+      end
+
+      printers = obj.add_element 'printers'
+      @printers.each do |pr|
+        printer = printers.add_element 'printer'
+        pdeets = JSS.hash_to_rexml_array pr
+        pdeets.each { |d| printer << d }
+      end
+
+      dock_items = obj.add_element 'dock_items'
+      @dock_items.each do |d|
+        dock_item = dock_items.add_element 'dock_item'
+        ddeets = JSS.hash_to_rexml_array d
+        ddeets.each { |de| dock_item << de }
+      end
+
       add_self_service_xml doc
       add_site_to_xml doc