ruby-jss 1.2.6 → 1.4.1

data/lib/jss/api_object/patch_policy.rb

@@ -1,4 +1,4 @@
-### Copyright 2019 Pixar
+### Copyright 2020 Pixar
 
 ###
 ###    Licensed under the Apache License, Version 2.0 (the "Apache License")

data/lib/jss/api_object/patch_source.rb

@@ -1,4 +1,4 @@
-### Copyright 2019 Pixar
+### Copyright 2020 Pixar
 
 ###
 ###    Licensed under the Apache License, Version 2.0 (the "Apache License")

data/lib/jss/api_object/patch_source/patch_external_source.rb

@@ -1,4 +1,4 @@
-### Copyright 2019 Pixar
+### Copyright 2020 Pixar
 
 ###
 ###    Licensed under the Apache License, Version 2.0 (the "Apache License")

data/lib/jss/api_object/patch_source/patch_internal_source.rb

@@ -1,4 +1,4 @@
-### Copyright 2019 Pixar
+### Copyright 2020 Pixar
 
 ###
 ###    Licensed under the Apache License, Version 2.0 (the "Apache License")

data/lib/jss/api_object/patch_title.rb

@@ -1,4 +1,4 @@
-### Copyright 2019 Pixar
+### Copyright 2020 Pixar
 
 ###
 ###    Licensed under the Apache License, Version 2.0 (the "Apache License")

data/lib/jss/api_object/patch_title/version.rb

@@ -1,4 +1,4 @@
-### Copyright 2019 Pixar
+### Copyright 2020 Pixar
 
 ###
 ###    Licensed under the Apache License, Version 2.0 (the "Apache License")

data/lib/jss/api_object/peripheral.rb

@@ -1,4 +1,4 @@
-### Copyright 2019 Pixar
+### Copyright 2020 Pixar
 
 ###
 ###    Licensed under the Apache License, Version 2.0 (the "Apache License")

data/lib/jss/api_object/peripheral_type.rb

@@ -1,4 +1,4 @@
-### Copyright 2019 Pixar
+### Copyright 2020 Pixar
 
 ###
 ###    Licensed under the Apache License, Version 2.0 (the "Apache License")

data/lib/jss/api_object/policy.rb

@@ -1,4 +1,4 @@
-# Copyright 2019 Pixar
+# Copyright 2020 Pixar
 
 #
 #    Licensed under the Apache License, Version 2.0 (the "Apache License")
@@ -148,6 +148,12 @@ module JSS
       monthly: 'Once every month'
     }.freeze
 
+    RETRY_EVENTS = {
+      none: 'none',
+      checkin: 'check-in',
+      trigger: 'trigger'
+    }.freeze
+
     RESTART_WHEN = {
       if_pkg_requires: 'Restart if a package or update requires it',
       now: 'Restart immediately',
@@ -174,7 +180,9 @@ module JSS
       change_pw: 'specified',
       generate_pw: 'random',
       enable_fv2: 'fileVaultEnable',
-      disable_fv2: 'fileVaultDisable'
+      disable_fv2: 'fileVaultDisable',
+      reset_random: 'resetRandom',
+      reset_pw: 'reset'
     }.freeze
 
     PACKAGE_ACTIONS = {
@@ -191,6 +199,12 @@ module JSS
       after: 'After'
     }.freeze
 
+    DISK_ENCRYPTION_ACTIONS = {
+      apply: "apply",
+      remediate: "remediate",
+      none: "none"
+    }
+
     PRINTER_ACTIONS = {
       map: 'install',
       unmap: 'uninstall'
@@ -541,6 +555,7 @@ module JSS
 
     # @return [String] the message shown the user at policy end
     attr_reader :user_message_finish
+    alias user_message_end user_message_finish
 
     # @return [Hash]
     #
@@ -604,7 +619,6 @@ module JSS
 
       if @in_jss
         gen = @init_data[:general]
-        @frequency = gen[:frequency]
         @target_drive = gen[:target_drive]
         @offline = gen[:offline]
         @enabled = gen[:enabled]
@@ -620,6 +634,10 @@ module JSS
           trigger_enrollment_complete: gen[:trigger_enrollment_complete],
           trigger_other: gen[:trigger_other]
         }
+        @frequency = gen[:frequency]
+        @retry_event = gen[:retry_event]
+        @retry_attempts = gen[:retry_attempts]
+        @notify_failed_retries = gen[:notify_on_each_failed_retry]
 
         dtl = gen[:date_time_limitations]
 
@@ -670,6 +688,7 @@ module JSS
         @disk_encryption = @init_data[:disk_encryption]
 
         @printers = @init_data[:printers]
+        @printers.shift
 
         # Not in jss yet
       end
@@ -735,8 +754,93 @@ module JSS
     # @return [void]
     #
     def frequency=(freq)
-      raise JSS::InvalidDataError, "New frequency must be one of :#{FREQUENCIES.keys.join ', :'}" unless FREQUENCIES.key?(freq)
-      @frequency = FREQUENCIES[freq]
+      raise JSS::InvalidDataError, "New frequency must be one of :#{FREQUENCIES.keys.join ', :'}" unless FREQUENCIES.key?(freq) || FREQUENCIES.value?(freq)
+
+      freq = freq.is_a?(Symbol) ? FREQUENCIES[freq] : freq
+      return if freq == @frequency
+
+      @frequency = freq
+      @need_to_update = true
+    end
+
+    # @return [String] The event that causes a policy retry
+    def retry_event
+      return RETRY_EVENTS[:none] unless FREQUENCIES[:once_per_computer] == @frequency
+
+      @retry_event
+    end
+
+    # Set the event that causes a retry if the policy fails.
+    # One of the ways to turn off policy retry is to set this to :none
+    # The other is to set the retry_attempts to 0
+    #
+    # @param [Symbol, String] A key or value from RETRY_EVENTS
+    # @return [void]
+    #
+    def retry_event=(evt)
+      validate_retry_opt
+      raise JSS::InvalidDataError, "Retry event must be one of :#{RETRY_EVENTS.keys.join ', :'}" unless RETRY_EVENTS.key?(evt) || RETRY_EVENTS.value?(evt)
+
+      evt = evt.is_a?(Symbol) ? RETRY_EVENTS[evt] : evt
+      return if evt == @retry_event
+
+      # if the event is not 'none' and attempts is <= 0,
+      # set events to 1, or the API won't accept it
+      unless evt == RETRY_EVENTS[:none]
+        @retry_attempts = 1 unless @retry_attempts.positive?
+      end
+
+      @retry_event = evt
+      @need_to_update = true
+    end
+
+    # @return [Integer] How many times wil the policy be retried if it fails.
+    #   -1 means no retries,  otherwise, an integer from 1 to 10
+    def retry_attempts
+      return 0 unless FREQUENCIES[:once_per_computer] == @frequency
+
+      @retry_attempts
+    end
+
+    # Set the number of times to retry if the policy fails.
+    # One of the ways to turn off policy retry is to set this to 0 or -1
+    # The other is to set retry_event to :none
+    #
+    # @param [Integer] From -1 to 10
+    # @return [void]
+    #
+    def retry_attempts=(int)
+      validate_retry_opt
+      raise JSS::InvalidDataError, 'Retry attempts must be an integer from 0-10' unless int.is_a?(Integer) && (-1..10).include?(int)
+
+      # if zero or -1, turn off retries
+      if int <= 0
+        @retry_event = RETRY_EVENTS[:none]
+        int = -1
+      end
+      return if @retry_attempts == int
+
+      @retry_attempts = int
+      @need_to_update = true
+    end
+
+    # @return [Boolean] Should admins be notified of failed retry attempts
+    def notify_failed_retries?
+      return false unless FREQUENCIES[:once_per_computer] == @frequency
+
+      @notify_failed_retries
+    end
+    alias notify_failed_retries notify_failed_retries?
+    alias notify_on_each_failed_retry notify_failed_retries?
+
+    # @param bool[Boolean] Should admins be notified of failed retry attempts
+    # @return [void]
+    def notify_failed_retries=(bool)
+      validate_retry_opt
+      bool = JSS::Validate.boolean bool
+      return if @notify_failed_retries == bool
+
+      @notify_failed_retries = bool
       @need_to_update = true
     end
 
@@ -914,6 +1018,30 @@ module JSS
     end
     alias message= reboot_message=
 
+    # Set User Start Message
+    #
+    # @param user_message[String] Text of User Message
+    #
+    # @return [void] description of returned object
+    def user_message_start=(message)
+      raise JSS::InvalidDataError, 'User message must be a String' unless message.is_a? String
+      @user_message_start = message
+      @need_to_update = true
+    end
+
+    # Set User Finish Message
+    #
+    # @param user_message[String] Text of User Message
+    #
+    # @return [void] description of returned object
+    def user_message_end=(message)
+      raise JSS::InvalidDataError, 'User message must be a String' unless message.is_a? String
+      @user_message_finish = message
+      @need_to_update = true
+    end
+
+    alias user_message_finish= user_message_end=
+
     # Set Startup Disk
     # Only Supports 'Specify Local Startup Disk' at the moment
     #
@@ -1180,7 +1308,7 @@ module JSS
 
     # Remove a package from this policy by name or id
     #
-    # @param identfier [String,Integer] the name or id of the package to remove
+    # @param identifier [String,Integer] the name or id of the package to remove
     #
     # @return [Array, nil] the new packages array or nil if no change
     #
@@ -1270,7 +1398,7 @@ module JSS
 
     # Remove a script from this policy by name or id
     #
-    # @param identfier [String,Integer] the name or id of the script to remove
+    # @param identifier [String,Integer] the name or id of the script to remove
     #
     # @return [Array, nil] the new scripts array or nil if no change
     #
@@ -1292,6 +1420,49 @@ module JSS
       @directory_bindings.map { |p| p[:name] }
     end
 
+    # Add a Directory Bidning to the list of directory_bindings handled by this policy.
+    # If the directory binding already exists in the policy, nil is returned and
+    # no changes are made.
+    #
+    # @param [String,Integer] identifier the name or id of the directory binding to add to this policy
+    #
+    # @param position [Symbol, Integer] where to add this directory binding among the list of
+    #   directory_bindings. Zero-based, :start and 0 are the same, as are :end and -1.
+    #   Defaults to :end
+    #
+    # @return [Array, nil]  the new @directory_bindings array, nil if directory_binding was already in the policy
+    #
+    def add_directory_binding(identifier, **opts)
+      id = validate_directory_binding_opts identifier, opts
+
+      return nil if @directory_bindings.map { |s| s[:id] }.include? id
+
+      name = JSS::DirectoryBinding.map_all_ids_to(:name, api: @api)[id]
+
+      directory_binding_data = {
+        id: id,
+        name: name
+      }
+
+      @directory_bindings.insert opts[:position], directory_binding_data
+
+      @need_to_update = true
+      @directory_bindings
+    end
+
+
+    # Remove a directory binding from this policy by name or id
+    #
+    # @param identifier [String,Integer] the name or id of the directory binding to remove
+    #
+    # @return [Array, nil] the new directory bindings array or nil if no change
+    #
+    def remove_directory_binding(identifier)
+      removed = @directory_bindings.delete_if { |s| s[:id] == identifier || s[:name] == identifier }
+      @need_to_update = true if removed
+      removed
+    end
+
     ###### Dock items
 
     # @return [Array] the id's of the dock_items handled by the policy
@@ -1304,6 +1475,86 @@ module JSS
       @dock_items.map { |p| p[:name] }
     end
 
+
+    ###### Printers
+
+    # Add a specific printer object to the policy.
+    #
+    # @author Tyler Morgan
+    #
+    # @param newvalue [String,Integer] The name or the id of the printer to be added to this policy.
+    #
+    # @param position [Symbol, Integer] where to add this printer object among the list of printer
+    #   objects. Zero-based, :start and 0 are the same, as are :end and -1.
+    #   Defaults to :end
+    #
+    # @param action [Symbol] One of the PRINTER_ACTIONS symbols. What you want done with the printer object upon policy execution.
+    #
+    # @param make_default [TrueClass,FalseClass] Should this printer object be set to default.
+    #   Defaults to false
+    #
+    # @return [String] The new printers array or nil if the printer was already in the policy
+    def add_printer(identifier, **opts)
+      id = validate_printer_opts identifier, opts
+
+      return nil if @printers.map { |p| p[:id] }.include? id
+
+      name = JSS::Printer.map_all_ids_to(:name, api: @api)[id]
+
+      printer_data = {
+        id: id,
+        name: name,
+        action: PRINTER_ACTIONS[opts[:action]],
+        make_default: opts[:make_default]
+      }
+
+      @printers.insert opts[:position], printer_data
+
+      @need_to_update = true
+      @printers
+    end
+
+
+    # Remove a specific printer object from the policy.
+    #
+    # @author Tyler Morgan
+    #
+    # @param identifier [String,Integer] The name or id of the printer to be removed.
+    #
+    # @return [Array, nil] The new printers array or nil if no change.
+    def remove_printer(identifier)
+      removed = @printers.delete_if { |p| p[:id] == identifier || p[:name] == identifier }
+
+      @need_to_update = true
+      removed
+    end
+
+    # Add a dock item to the policy
+    def add_dock_item(identifier, action)
+      id = JSS::DockItem.valid_id identifier, api: @api
+
+      raise JSS::NoSuchItemError, "No Dock Item matches '#{identifier}'" unless id
+
+      raise JSS::InvalidDataError, "Action must be one of: :#{DOCK_ITEM_ACTIONS.keys.join ', :'}" unless DOCK_ITEM_ACTIONS.include? action
+
+      return nil if @dock_items.map { |d| d[:id] }.include? id
+
+      name = JSS::DockItem.map_all_ids_to(:name, api: @api)[id]
+
+      @dock_items << {id: id, name: name, action: DOCK_ITEM_ACTIONS[action]}
+
+      @need_to_update = true
+      @dock_items
+    end
+
+    # Remove a dock item from the policy
+    def remove_dock_item(identifier)
+      # TODO: Add validation against JSS::DockItem
+      removed = @dock_items.delete_if { |d| d[:id] == identifier || d[:name] == identifier }
+      @need_to_update = true if removed
+      removed
+    end
+
     # @return [Array] the id's of the printers handled by the policy
     def printer_ids
         begin
@@ -1312,7 +1563,7 @@ module JSS
             return []
         end
     end
-    
+
     # @return [Array] the names of the printers handled by the policy
     def printer_names
         begin
@@ -1322,6 +1573,130 @@ module JSS
         end
     end
 
+
+
+    ###### Disk Encryption
+
+    # Sets the Disk Encryption application to "Remediate" and sets the remediation key type to individual.
+    #
+    # @author Tyler Morgan
+    #
+    # @return [Void]
+    #
+    def reissue_key()
+      if @disk_encryption[:action] != DISK_ENCRYPTION_ACTIONS[:remediate]
+        # Setting New Action
+        hash = {
+          action: DISK_ENCRYPTION_ACTIONS[:remediate],
+          remediate_key_type: "Individual"
+        }
+
+        @disk_encryption = hash
+        @need_to_update = true
+
+      else
+        # Update
+        return
+      end
+
+    end
+
+
+    # Sets the Disk Encryption application to "Apply" and sets the correct disk encryption configuration ID using either the name or id.
+    #
+    # @author Tyler Morgan
+    #
+    # @return [Void]
+    #
+    def apply_encryption_configuration(identifier)
+
+      id = JSS::DiskEncryptionConfiguration.valid_id identifier
+
+      return if id.nil?
+
+      hash = {
+        action: DISK_ENCRYPTION_ACTIONS[:apply],
+        disk_encryption_configuration_id: id,
+        auth_restart: false
+      }
+
+      @disk_encryption = hash
+      @need_to_update = true
+    end
+
+
+    # Removes the Disk Encryption settings associated with this specific policy.
+    #
+    # @author Tyler Morgan
+    #
+    # @return [Void]
+    #
+    def remove_encryption_configuration()
+      hash = {
+        action: DISK_ENCRYPTION_ACTIONS[:none]
+      }
+
+      @disk_encryption = hash
+      @need_to_update = true
+    end
+
+    # Interact with management account settings
+    #
+    # @param action [Key] one of the MGMT_ACCOUNT_ACTIONS keys
+    #
+    # @return The current specified management settings.
+    #
+    # Reference: https://developer.jamf.com/documentation#resources-with-passwords
+    #
+    def set_management_account(action, **opts)
+      # TODO: Add proper error handling
+      raise JSS::InvalidDataError, "Action must be one of: :#{MGMT_ACCOUNT_ACTIONS.keys.join ', :'}" unless MGMT_ACCOUNT_ACTIONS.include? action
+
+      management_data = {}
+
+      if action == :change_pw || action == :reset_pw
+        raise JSS::MissingDataError, ":password must be provided when changing management account password" if opts[:password].nil?
+
+        management_data = {
+          action: MGMT_ACCOUNT_ACTIONS[action],
+          managed_password: opts[:password]
+        }
+      elsif action == :reset_random || action == :generate_pw
+        raise JSS::MissingDataError, ":password_length must be provided when setting a random password" if opts[:password_length].nil?
+        raise JSS::InvalidDataError, ":password_length must be an Integer" unless opts[:password_length].is_a? Integer
+
+        management_data = {
+          action: MGMT_ACCOUNT_ACTIONS[action],
+          managed_password_length: opts[:password_length]
+        }
+      else
+        management_data = {
+          action: MGMT_ACCOUNT_ACTIONS[action]
+        }
+      end
+
+      @management_account = management_data
+
+      @need_to_update = true
+
+      @management_account
+
+    end
+
+    # Check if management password matches provided password
+    #
+    # @param password[String] the password that is SHA256'ed to compare to the one from the API.
+    #
+    # @return [Boolean] The result of the comparison of the management password and provided text.
+    #
+    def verify_management_password(password)
+      raise JSS::InvalidDataError, "Management password must be a string." unless password.is_a? String
+
+      raise JSS::UnsupportedError, "'#{@management_account[:action].to_s}' does not support management passwords." unless @management_account[:action] == MGMT_ACCOUNT_ACTIONS[:change_pw] || @management_account[:action] == MGMT_ACCOUNT_ACTIONS[:reset_pw]
+
+      return Digest::SHA256.hexdigest(password).to_s == @management_account[:managed_password_sha256].to_s
+    end
+
     ###### Actions
 
     # Try to execute this policy on this machine.
@@ -1375,6 +1750,17 @@ module JSS
 
     private
 
+    # raise an error if a trying to set retry options when
+    # frequency is not 'once per comptuer'
+    #
+    # @return [void]
+    #
+    def validate_retry_opt
+      return if FREQUENCIES[:once_per_computer] == @frequency
+
+      raise JSS::UnsupportedError, 'Policy retry is only available when frequency is set to :once_per_computer'
+    end
+
     # raise an error if a package being added isn't valid
     #
     # @see #add_package
@@ -1439,6 +1825,64 @@ module JSS
       id
     end
 
+    # raise an error if the directory binding being added isn't valid
+    #
+    # @see #add_directory_binding
+    #
+    # @return [Integer, nil] the valid id for the package
+    #
+    def validate_directory_binding_opts(identifier, opts)
+      opts[:position] ||= -1
+
+      opts[:position] =
+        case opts[:position]
+        when :start then 0
+        when :end then -1
+        else JSS::Validate.integer(opts[:position])
+        end
+
+        # if the given position is past the end, set it to -1 (the end)
+        opts[:position] = -1 if opts[:position] > @directory_bindings.size
+
+        id = JSS::DirectoryBinding.valid_id identifier, api: @api
+        raise JSS::NoSuchItemError, "No directory binding matches '#{identifier}'" unless id
+        id
+    end
+
+    # Raises an error if the printer being added isn't valid, additionally checks the options and sets defaults where possible.
+    #
+    # @see #add_printer
+    #
+    # @return [Integer, nil] the valid id for the package
+    #
+    def validate_printer_opts(identifier, opts)
+      opts[:position] ||= -1
+
+      opts[:position] =
+        case opts[:position]
+        when :start then 0
+        when :end then -1
+        else JSS::Validate.integer(opts[:position])
+        end
+
+      # If the given position is past the end, set it to -1 (the end)
+      opts[:position] = -1 if opts[:position] > @printers.size
+
+      # Checks if action to be done with the printer object is provided and valid.
+      raise JSS::MissingDataError, "action must be provided, must be one of :#{PRINTER_ACTIONS.keys.join(':,')}." if opts[:action].nil?
+      raise JSS::InvalidDataError, "action must be one of :#{PRINTER_ACTIONS.keys.join(',:')}." unless PRINTER_ACTIONS.keys.include? opts[:action]
+
+
+      # Checks if the make_default option is valid, and sets the default if needed.
+      raise JSS::InvalidDataError, "make_default must be either true or false." unless opts[:make_default].is_a?(TrueClass) || opts[:make_default].is_a?(FalseClass) || opts[:make_default].nil?
+
+      opts[:make_default] = false if opts[:make_default].nil?
+
+      id = JSS::Printer.valid_id identifier, api: @api
+      raise JSS::NoSuchItemError, "No printer matches '#{identifier}'" unless id
+      id
+    end
+
     def rest_xml
       doc = REXML::Document.new APIConnection::XML_HEADER
       obj = doc.add_element RSRC_OBJECT_KEY.to_s
@@ -1447,6 +1891,10 @@ module JSS
       general.add_element('name').text = @name
       general.add_element('enabled').text = @enabled
       general.add_element('frequency').text = @frequency
+      general.add_element('retry_event').text = @retry_event
+      general.add_element('retry_attempts').text = @retry_attempts.to_s
+      general.add_element('notify_on_each_failed_retry').text = @notify_failed_retries.to_s
+
       general.add_element('target_drive').text = @target_drive
       general.add_element('offline').text = @offline
 
@@ -1475,6 +1923,22 @@ module JSS
       maint.add_element('user_cache').text = @user_cache.to_s
       maint.add_element('verify').text = @verify_startup_disk.to_s
 
+      acct_maint = obj.add_element 'account_maintenance'
+
+      mgmt_acct = acct_maint.add_element 'management_account'
+      JSS.hash_to_rexml_array(@management_account).each { |x| mgmt_acct << x }
+
+      directory_bindings = acct_maint.add_element 'directory_bindings'
+      @directory_bindings.each do |b|
+        directory_binding = directory_bindings.add_element 'binding'
+        dbdeets = JSS.hash_to_rexml_array b
+        dbdeets.each { |d| directory_binding << d }
+      end
+
+      user_interaction = obj.add_element 'user_interaction'
+      user_interaction.add_element('message_start').text = @user_message_start.to_s
+      user_interaction.add_element('message_finish').text = @user_message_finish.to_s
+
       files_processes = obj.add_element 'files_processes'
       JSS.hash_to_rexml_array(@files_processes).each { |f| files_processes << f }
 
@@ -1493,6 +1957,26 @@ module JSS
         sdeets.each { |d| script << d }
       end
 
+      disk_encryption = obj.add_element 'disk_encryption'
+
+      @disk_encryption.each do |k,v|
+        disk_encryption.add_element(k.to_s).text = v.to_s
+      end
+
+      printers = obj.add_element 'printers'
+      @printers.each do |pr|
+        printer = printers.add_element 'printer'
+        pdeets = JSS.hash_to_rexml_array pr
+        pdeets.each { |d| printer << d }
+      end
+
+      dock_items = obj.add_element 'dock_items'
+      @dock_items.each do |d|
+        dock_item = dock_items.add_element 'dock_item'
+        ddeets = JSS.hash_to_rexml_array d
+        ddeets.each { |de| dock_item << de }
+      end
+
       add_self_service_xml doc
       add_site_to_xml doc