ruby-jss 2.1.0b5 → 2.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3e4edfd42bf486020f780c565948d0b6de6db11413eaaf2f5a486243d8137a76
-  data.tar.gz: 0c3b1e370c9f1ffdcf97f7174b0dbc508f3c414efc5a86a0b5b09e0c42ba4e3f
+  metadata.gz: efe85ea732df2a1ce119273c532084459fdb9ebe6316d62ab7afa533d9c4adc8
+  data.tar.gz: e42de1baecb51f2886d704e63818d24063d4332a0b17170c2977aa3e336656a5
 SHA512:
-  metadata.gz: 7fd967954cc7642ec10054fff0c2d75f3dd30bce1836baf158a1fb4abe4f5d8a95ca493e9c1ef2b03fe1490874fdbf3f42b81af46389c7a86a6a73bdaeb867c2
-  data.tar.gz: f806304ae8b9fad9fae2ffc35b77681a26cf2bfd63dc202b5a52f25b43e2e278fda62321f05e0c3f47a6e063238b5eda86ec870814a971fb13e7631ecfa04f5a
+  metadata.gz: 6a0874d08b6c7fc3aa93c207c81ab3a09c0b822e5f035ddb5192144d04fbe3a846db6c6528a8150cd81a2ee9f994155d4b7ba396d11ef7ecf565c9330b99aae6
+  data.tar.gz: fb3bdf758de69f290974def92a42ff279f1c98611373116304fbe618b0536f59361d892c3444db88c952c2208bb7cfbf0763cba8a959bd84cffb3ca5f8bee8e7

data/CHANGES.md

@@ -14,7 +14,19 @@ __Please update all installations of ruby-jss to at least v1.6.0.__
 
 Many many thanks to actae0n of Blacksun Hackers Club for reporting this issue and providing examples of how it could be exploited.
 
-## \[2.1.0] - unreleased
+--------
+
+## \[2.1.1] - 2022-11-07
+
+### Fixed & Deprecated
+
+  - The classic API no longer includes SHA256 hashes of various passwords - the data value is there, but only contains a string of asterisks. As such, ruby-jss can no longer use those to validate some passwords before trying to use them. The methods doing so are still present, but only return `true`. If an incorrect password is given, the underlying process that uses it will fail on its own.
+  These methods will be removed in a future version of ruby-jss:
+    - `Jamf::DistributionPoint#check_pw`  Used mostly by the `Jamf::DistributionPoint#mount` method
+    - `Jamf::Policy.verify_management_password`
+
+
+## \[2.1.0] - 2022-10-10
 
 ### Added
 
@@ -34,6 +46,8 @@ Many many thanks to actae0n of Blacksun Hackers Club for reporting this issue an
   - A few internal rescues of a deprecated exception class
   - Removed auto-loading of deprecation files; now explicitly loaded.
   - A few Ruby 2 => Ruby 3 bugs - method params needing double-splats (Thanks to @Timelost for reporting this one)
+  - Ensure resource paths don't start with a slash
+  - Setting the timeouts on an existing API connection object now works.
 
 ## \[2.0.0] - 2022-09-12
 

data/bin/cgrouper

@@ -55,7 +55,7 @@ class App
   ###
   ### set up
   ###
-  def initialize(**_args)
+  def initialize
     @debug = false
 
     # define the options
@@ -207,7 +207,7 @@ class App
 
     # smart groups can't have some things done to them
     if ACTIONS_FOR_STATIC_GROUPS_ONLY.include? @options.action and @group.smart?
-      raise InvalidTypeError, 
+      raise InvalidTypeError,
             "You can't do that to a smart group. Use the JSS WebApp if needed."
     end
 
@@ -384,7 +384,6 @@ Notes:
     return unless @options.action == :create_group or confirm "add computers to group '#{@group.name}'"
 
     @options.computers.each do |c|
-      
       @group.add_member c
     rescue JSS::NoSuchItemError
       puts "#{$!} - skipping"
@@ -404,11 +403,9 @@ Notes:
     return unless confirm "remove computers from group '#{@group.name}'"
 
     @options.computers.each do |c|
-      
       @group.remove_member c
     rescue JSS::NoSuchItemError
       puts "#{$!} - skipping"
-      
     end
     @group.update
   end
@@ -459,7 +456,7 @@ end # class App
 
 #######################################
 begin
-  app = App.new(ARGV)
+  app = App.new
   app.run
 rescue
   # handle exceptions not handled elsewhere

data/bin/netseg-update

@@ -55,13 +55,13 @@ class App
 
   USAGE = "Usage: #{PROG_NAME} [options] [--help] /path/to/file".freeze
 
-  POTENTIAL_COLUMNS = %i(name starting ending cidr mask).freeze
+  POTENTIAL_COLUMNS = %i[name starting ending cidr mask].freeze
 
   DEFAULT_CACHE_FILE = Pathname.new('~/.last_subnet_update').expand_path
 
   DEFAULT_DELIMITER = "\t".freeze
 
-  DEFAULT_COLUMNS = [:name, :starting, :ending].freeze
+  DEFAULT_COLUMNS = %i[name starting ending].freeze
 
   DEFAULT_MANUAL_PREFIX = 'Manual-'.freeze
 
@@ -84,7 +84,7 @@ class App
 
   attr_reader :debug
 
-  def initialize(_args)
+  def initialize
     @getpass = $stdin.tty? ? :prompt : :stdin
     set_defaults
     parse_cli
@@ -183,7 +183,7 @@ Options:
  -V, --no-verify-cert   - Allow self-signed, unverified SSL certificate
  -T, --timeout secs     - specify the JSS API timeout
  -N, --no-op            - Don't make any changes in the JSS, just report what would
-                          have be changed.
+                          have been changed.
  -H, --help             - show this help
  --debug                - show the ruby backtrace when errors occur
 
@@ -254,6 +254,7 @@ Notes:
     lines.each do |line|
       parsed_line = parse_a_data_line line
       next unless parsed_line
+
       name = parsed_line.delete :name
       parsed_data[name] = parsed_line
     end
@@ -273,6 +274,7 @@ Notes:
       @columns.include?(:ending) || \
       @columns.include?(:cidr) || \
       @columns.include?(:mask)
+
     @use_cidr = (@columns.include?(:cidr) || @columns.include?(:mask))
   end
 
@@ -296,11 +298,13 @@ Notes:
     # read in the file
     @raw_data = @file.read
     return true unless @cache_file.exist?
+
     @raw_data != @cache_file.read
   end
 
   def cache_latest_data
     return if @noop
+
     @cache_file.jss_save @raw_data
   end
 
@@ -375,7 +379,7 @@ end # app
 # create the app and go
 begin
   debug = ARGV.include? '--debug'
-  app = App.new(ARGV)
+  app = App.new
   app.run
 rescue
   # handle exceptions not handled elsewhere

data/lib/jamf/api/classic/api_objects/computer.rb

@@ -440,7 +440,7 @@ module Jamf
       cnx = api if api
 
       id = valid_id ident, cnx: cnx
-      raise "No computer matches identifier: #{ident}" unless id
+      raise Jamf::NoSuchItemError, "No computer matches identifier: #{ident}" unless id
 
       end_date ||= start_date
       start_date = Jamf.parse_time start_date

data/lib/jamf/api/classic/api_objects/distribution_point.rb

@@ -259,8 +259,8 @@ module Jamf
     attr_reader :ssh_password_sha256
 
     def initialize(**args)
-      super 
-      
+      super
+
       @ip_address = @init_data[:ip_address]
       @local_path = @init_data[:local_path]
       @enable_load_balancing = @init_data[:enable_load_balancing]
@@ -294,44 +294,28 @@ module Jamf
 
       @port = @init_data[:ssh_password]
 
-      # Note, as of Casper 9.3:
-      # :management_password_md5=>"xxxxx"
-      # and
-      # :management_password_sha256=> "xxxxxxxxxx"
-      # Are the read/write password
-      #
-      # An empty passwd is
-      # MD5 = d41d8cd98f00b204e9800998ecf8427e
-      # SHA256 = e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
-      #
-      # Seemms the read-only pw isn't available in the API
-
       # if we mount for fileservice, where's the mountpoint?
       @mountpoint = DEFAULT_MOUNTPOINT_DIR + "#{DEFAULT_MOUNTPOINT_PREFIX}#{@id}"
     end # init
 
-    # Check the validity of a password.
+    # @deprecated The API no longer sends SHA256 hashed password data, and instead
+    #   only has a string of asterisks, meaning we can no longer use it to validate
+    #   passwords before attempting to use them. Instead, the processes that use
+    #   them, e.g. mounting a Dist. Point, will fail on their own if the pw is not
+    #   valid.
     #
-    # @param user[Symbol] one of :ro, :rw, :ssh, :http
+    #   This method remains defined for backward-compatibility with any existing
+    #   code that calls it. but it will always return true. It will be removed in
+    #   a future version
     #
-    # @param pw[String] the password to check for the given user
+    # @param user[Symbol] ignored
     #
-    # @return [Boolean,Nil] was the password correct?
-    #   nil is returned if there is no password set in the JSS.
+    # @param pw[String] ignored
     #
-    def check_pw(user, pw)
-      raise Jamf::InvalidDataError, 'The first parameter must be one of :ro, :rw, :ssh, :http' unless %i[ro rw ssh http].include? user
-
-      sha256 = case user
-               when :rw then @read_write_password_sha256
-               when :ro then @read_only_password_sha256
-               when :http then @http_password_sha256
-               when :ssh then @ssh_password_sha256
-               end # case
-
-      return nil if sha256 == EMPTY_PW_256
-
-      sha256 == Digest::SHA2.new(256).update(pw).to_s
+    # @return [TrueClass] Allow the process calling this to continue.
+    #
+    def check_pw(_user = nil, _pw = nil)
+      true
     end
 
     # Check to see if this dist point is reachable for downloads (read-only)
@@ -350,7 +334,6 @@ module Jamf
     def reachable_for_download?(pw = '', check_http = true)
       return :http if check_http && http_reachable?(pw)
       return :mountable if mounted?
-      return false unless check_pw :ro, pw
 
       begin
         mount pw, :ro
@@ -371,7 +354,6 @@ module Jamf
     #
     def reachable_for_upload?(pw)
       return :mountable if mounted?
-      return false unless check_pw :rw, pw
 
       begin
         mount pw, :rw
@@ -413,12 +395,6 @@ module Jamf
                    pw
                  end
 
-      pwok = check_pw(access, password)
-      unless pwok
-        msg = pwok.nil? ? "No #{access} password set in the JSS" : "Incorrect password for #{access} account"
-        raise Jamf::InvalidDataError, msg
-      end
-
       username = access == :ro ? @read_only_username : @read_write_username
 
       safe_pw = CGI.escape password.to_s
@@ -481,7 +457,7 @@ module Jamf
     private
 
     # can the dp be reached for http downloads?
-    def http_reachable?(pw)
+    def http_reachable?(pw = nil)
       return false unless http_downloads_enabled
 
       url =

data/lib/jamf/api/classic/api_objects/patch_title.rb

@@ -154,7 +154,7 @@ module Jamf
     # when fetching a specific version, this is a valid version
     UNKNOWN_VERSION_ID = 'Unknown'.freeze
 
-    REPORTS_RSRC_BASE = '/patchreports/patchsoftwaretitleid'.freeze
+    REPORTS_RSRC_BASE = 'patchreports/patchsoftwaretitleid'.freeze
 
     # Class Methods
     #######################################
@@ -233,7 +233,7 @@ module Jamf
       all(refresh, cnx: cnx).map { |i| i[:source_name_id] }
     end
 
-    # Get a patch report for a softwaretitle, withouth fetching an instance.
+    # Get a patch report for a softwaretitle, without fetching an instance.
     # Defaults to reporting all versions. Specifiying a version will be faster.
     #
     # The Hash returned has 3 keys:
@@ -269,6 +269,7 @@ module Jamf
 
       # TODO: remove this and adjust parsing when jamf fixes the JSON
       raw_report = XMLWorkaround.data_via_xml(rsrc, PATCH_REPORT_DATA_MAP, cnx)[:patch_report]
+
       report = {}
       report[:total_computers] = raw_report[:total_computers]
       report[:total_versions] = raw_report[:total_versions]
@@ -312,7 +313,7 @@ module Jamf
     # so all other lookup values have to be converted to ID before
     # the call to super
     #
-    def self.fetch(identifier = nil, **params)      
+    def self.fetch(identifier = nil, **params)
       # default connection if unspecified
       cnx = params.delete :cnx
       cnx ||= params.delete :api # backward compatibility, deprecated
@@ -472,7 +473,6 @@ module Jamf
     # wrapper to fetch versions after creating
     def create
       super
-      
     end
 
     # wrapper to clear @changed_pkgs after updating

data/lib/jamf/api/classic/api_objects/policy.rb

@@ -166,7 +166,7 @@ module Jamf
       selected: 'Currently Selected Startup Disk (No Bless)',
       netboot: 'NetBoot',
       os_installer: 'inPlaceOSUpgradeDirectory'
-    }.freeze # Note: any other value in :specify_startup is a path to some other drive to boot from, e.g. /Volumes/Foo
+    }.freeze # NOTE: any other value in :specify_startup is a path to some other drive to boot from, e.g. /Volumes/Foo
 
     ACCOUNT_ACTIONS = {
       create: 'Create',
@@ -200,9 +200,9 @@ module Jamf
     }.freeze
 
     DISK_ENCRYPTION_ACTIONS = {
-      apply: "apply",
-      remediate: "remediate",
-      none: "none"
+      apply: 'apply',
+      remediate: 'remediate',
+      none: 'none'
     }
 
     PRINTER_ACTIONS = {
@@ -751,7 +751,7 @@ module Jamf
         @management_account = amaint[:management_account]
         @accounts = amaint[:accounts]
 
-        @packages = @init_data[:package_configuration][:packages] ? @init_data[:package_configuration][:packages] : []
+        @packages = @init_data[:package_configuration][:packages] || []
 
         @scripts = @init_data[:scripts]
 
@@ -815,6 +815,7 @@ module Jamf
     #
     def enabled=(new_val)
       return if @enabled == new_val
+
       @enabled = Jamf::Validate.boolean new_val
       @need_to_update = true
     end
@@ -868,9 +869,7 @@ module Jamf
 
       # if the event is not 'none' and attempts is <= 0,
       # set events to 1, or the API won't accept it
-      unless evt == RETRY_EVENTS[:none]
-        @retry_attempts = 1 unless @retry_attempts.positive?
-      end
+      @retry_attempts = 1 if !(evt == RETRY_EVENTS[:none]) && !@retry_attempts.positive?
 
       @retry_event = evt
       @need_to_update = true
@@ -934,6 +933,7 @@ module Jamf
     #
     def target_drive=(path_to_drive)
       raise Jamf::InvalidDataError, 'Path to target drive must be absolute' unless path_to_drive.to_s.start_with? '/'
+
       @target_drive = path_to_drive.to_s
       @need_to_update = true
     end
@@ -946,6 +946,7 @@ module Jamf
     #
     def offline=(new_val)
       raise Jamf::InvalidDataError, 'New value must be boolean true or false' unless Jamf::TRUE_FALSE.include? new_val
+
       @offline = new_val
       @need_to_update = true
     end
@@ -960,6 +961,7 @@ module Jamf
     #
     def set_trigger_event(type, new_val)
       raise Jamf::InvalidDataError, "Trigger type must be one of #{TRIGGER_EVENTS.keys.join(', ')}" unless TRIGGER_EVENTS.key?(type)
+
       if type == :custom
         raise Jamf::InvalidDataError, 'Custom triggers must be Strings' unless new_val.is_a? String
       else
@@ -977,6 +979,7 @@ module Jamf
     #
     def server_side_activation=(activation)
       raise Jamf::InvalidDataError, 'Activation must be a Time' unless activation.is_a? Time
+
       @server_side_limitations[:activation] = activation
       @need_to_update = true
     end
@@ -989,6 +992,7 @@ module Jamf
     #
     def server_side_expiration=(expiration)
       raise Jamf::InvalidDataError, 'Expiration must be a Time' unless expiration.is_a? Time
+
       @server_side_limitations[:expiration] = expiration
       @need_to_update = true
     end
@@ -999,6 +1003,7 @@ module Jamf
     #
     def verify_startup_disk=(bool)
       return if @verify_startup_disk == bool
+
       @verify_startup_disk = Jamf::Validate.boolean bool
       @need_to_update = true
     end
@@ -1007,6 +1012,7 @@ module Jamf
     #
     def permissions_repair=(bool)
       return if @permissions_repair == bool
+
       @permissions_repair = Jamf::Validate.boolean bool
       @need_to_update = true
     end
@@ -1015,6 +1021,7 @@ module Jamf
     #
     def recon=(bool)
       return if @recon == bool
+
       @recon = Jamf::Validate.boolean bool
       @need_to_update = true
     end
@@ -1024,6 +1031,7 @@ module Jamf
     #
     def fix_byhost=(bool)
       return if @fix_byhost == bool
+
       @fix_byhost = Jamf::Validate.boolean bool
       @need_to_update = true
     end
@@ -1032,6 +1040,7 @@ module Jamf
     #
     def reset_name=(bool)
       return if @reset_name == bool
+
       @reset_name = Jamf::Validate.boolean bool
       @need_to_update = true
     end
@@ -1040,6 +1049,7 @@ module Jamf
     #
     def flush_system_cache=(bool)
       return if @flush_system_cache == bool
+
       @flush_system_cache = Jamf::Validate.boolean bool
       @need_to_update = true
     end # see attr_reader :recon
@@ -1048,6 +1058,7 @@ module Jamf
     #
     def install_cached_pkgs=(bool)
       return if @install_cached_pkgs == bool
+
       @install_cached_pkgs = Jamf::Validate.boolean bool
       @need_to_update = true
     end
@@ -1056,6 +1067,7 @@ module Jamf
     #
     def flush_user_cache=(bool)
       return if @flush_user_cache == bool
+
       @flush_user_cache = Jamf::Validate.boolean bool
       @need_to_update = true
     end
@@ -1071,6 +1083,7 @@ module Jamf
     #
     def no_user_logged_in=(no_user_option)
       raise Jamf::InvalidDataError, "no_user_logged_in options: #{NO_USER_LOGGED_IN.join(', ')}" unless NO_USER_LOGGED_IN.include? no_user_option
+
       @reboot_options[:no_user_logged_in] = no_user_option
       @need_to_update = true
     end
@@ -1083,6 +1096,7 @@ module Jamf
     #
     def user_logged_in=(logged_in_option)
       raise Jamf::InvalidDataError, "user_logged_in options: #{USER_LOGGED_IN.join(', ')}" unless USER_LOGGED_IN.include? logged_in_option
+
       @reboot_options[:user_logged_in] = logged_in_option
       @need_to_update = true
     end
@@ -1095,6 +1109,7 @@ module Jamf
     #
     def reboot_message=(message)
       raise Jamf::InvalidDataError, 'Reboot message must be a String' unless message.is_a? String
+
       @reboot_options[:message] = message
       @need_to_update = true
     end
@@ -1107,6 +1122,7 @@ module Jamf
     # @return [void] description of returned object
     def user_message_start=(message)
       raise Jamf::InvalidDataError, 'User message must be a String' unless message.is_a? String
+
       @user_message_start = message
       @need_to_update = true
     end
@@ -1118,6 +1134,7 @@ module Jamf
     # @return [void] description of returned object
     def user_message_end=(message)
       raise Jamf::InvalidDataError, 'User message must be a String' unless message.is_a? String
+
       @user_message_finish = message
       @need_to_update = true
     end
@@ -1133,6 +1150,7 @@ module Jamf
     #
     def startup_disk=(startup_disk_option)
       raise Jamf::InvalidDataError, "#{startup_disk_option} is not a valid Startup Disk" unless startup_disk_option.is_a? String
+
       @reboot_options[:startup_disk] = 'Specify Local Startup Disk'
       self.specify_startup = startup_disk_option
       @need_to_update = true
@@ -1147,6 +1165,7 @@ module Jamf
     #
     def specify_startup=(startup_volume)
       raise Jamf::InvalidDataError, "#{startup_volume} is not a valid Startup Disk" unless startup_volume.is_a? String
+
       @reboot_options[:specify_startup] = startup_volume
       @need_to_update = true
     end
@@ -1172,6 +1191,7 @@ module Jamf
     #
     def minutes_until_reboot=(minutes)
       raise Jamf::InvalidDataError, 'Minutes until reboot must be an Integer' unless minutes.is_a? Integer
+
       @reboot_options[:minutes_until_reboot] = minutes
       @need_to_update = true
     end
@@ -1185,6 +1205,7 @@ module Jamf
     #
     def file_vault_2_reboot=(fv_bool)
       raise Jamf::InvalidDataError, 'FileVault 2 Reboot must be a Boolean' unless fv_bool.jss_boolean?
+
       @reboot_options[:file_vault_2_reboot] = fv_bool
       @need_to_update = true
     end
@@ -1206,6 +1227,7 @@ module Jamf
     #
     def run_command=(command)
       raise Jamf::InvalidDataError, 'Command to run must be a String' unless command.is_a? String
+
       @files_processes[:run_command] = command
       @need_to_update = true
     end
@@ -1262,7 +1284,7 @@ module Jamf
     #
     def search_by_path
       if @files_processes[:search_by_path].nil?
-        return nil
+        nil
       else
         Pathname.new @files_processes[:search_by_path]
       end
@@ -1289,6 +1311,7 @@ module Jamf
     #
     def set_search_by_path(path, delete = false)
       raise Jamf::InvalidDataError, 'Path to search for must be a String or a Pathname' unless path.is_a?(String) || path.is_a?(Pathname)
+
       @files_processes[:search_by_path] = path.to_s
       @files_processes[:delete_file] = delete ? true : false
       @need_to_update = true
@@ -1308,6 +1331,7 @@ module Jamf
     #
     def spotlight_search=(term)
       raise Jamf::InvalidDataError, 'Spotlight search term must be a String' unless term.is_a? String
+
       @files_processes[:spotlight_search] = term
       @need_to_update = true
     end
@@ -1326,6 +1350,7 @@ module Jamf
     #
     def locate_file=(term)
       raise Jamf::InvalidDataError, 'Term to locate must be a String' unless term.is_a? String
+
       @files_processes[:locate_file] = term
       @need_to_update = true
     end
@@ -1571,7 +1596,6 @@ module Jamf
       @directory_bindings
     end
 
-
     # Remove a directory binding from this policy by name or id
     #
     # @param identifier [String,Integer] the name or id of the directory binding to remove
@@ -1596,7 +1620,6 @@ module Jamf
       @dock_items.map { |p| p[:name] }
     end
 
-
     ###### Printers
 
     # Add a specific printer object to the policy.
@@ -1661,7 +1684,7 @@ module Jamf
 
       name = Jamf::DockItem.map_all_ids_to(:name, cnx: @cnx)[id]
 
-      @dock_items << {id: id, name: name, action: DOCK_ITEM_ACTIONS[action]}
+      @dock_items << { id: id, name: name, action: DOCK_ITEM_ACTIONS[action] }
 
       @need_to_update = true
       @dock_items
@@ -1677,24 +1700,18 @@ module Jamf
 
     # @return [Array] the id's of the printers handled by the policy
     def printer_ids
-        begin
-            @printers.map { |p| p[:id] }
-            rescue TypeError
-            return []
-        end
+      @printers.map { |p| p[:id] }
+    rescue TypeError
+      []
     end
 
     # @return [Array] the names of the printers handled by the policy
     def printer_names
-        begin
-            @printers.map { |p| p[:name] }
-            rescue TypeError
-            return []
-        end
+      @printers.map { |p| p[:name] }
+    rescue TypeError
+      []
     end
 
-
-
     ###### Disk Encryption
 
     # Sets the Disk Encryption application to "Remediate" and sets the remediation key type to individual.
@@ -1703,12 +1720,12 @@ module Jamf
     #
     # @return [Void]
     #
-    def reissue_key()
+    def reissue_key
       if @disk_encryption[:action] != DISK_ENCRYPTION_ACTIONS[:remediate]
         # Setting New Action
         hash = {
           action: DISK_ENCRYPTION_ACTIONS[:remediate],
-          remediate_key_type: "Individual"
+          remediate_key_type: 'Individual'
         }
 
         @disk_encryption = hash
@@ -1716,12 +1733,10 @@ module Jamf
 
       else
         # Update
-        return
+        nil
       end
-
     end
 
-
     # Sets the Disk Encryption application to "Apply" and sets the correct disk encryption configuration ID using either the name or id.
     #
     # @author Tyler Morgan
@@ -1729,7 +1744,6 @@ module Jamf
     # @return [Void]
     #
     def apply_encryption_configuration(identifier)
-
       id = Jamf::DiskEncryptionConfiguration.valid_id identifier
 
       return if id.nil?
@@ -1744,14 +1758,13 @@ module Jamf
       @need_to_update = true
     end
 
-
     # Removes the Disk Encryption settings associated with this specific policy.
     #
     # @author Tyler Morgan
     #
     # @return [Void]
     #
-    def remove_encryption_configuration()
+    def remove_encryption_configuration
       hash = {
         action: DISK_ENCRYPTION_ACTIONS[:none]
       }
@@ -1774,16 +1787,16 @@ module Jamf
 
       management_data = {}
 
-      if action == :change_pw || action == :reset_pw
-        raise Jamf::MissingDataError, ":password must be provided when changing management account password" if opts[:password].nil?
+      if %i[change_pw reset_pw].include?(action)
+        raise Jamf::MissingDataError, ':password must be provided when changing management account password' if opts[:password].nil?
 
         management_data = {
           action: MGMT_ACCOUNT_ACTIONS[action],
           managed_password: opts[:password]
         }
-      elsif action == :reset_random || action == :generate_pw
-        raise Jamf::MissingDataError, ":password_length must be provided when setting a random password" if opts[:password_length].nil?
-        raise Jamf::InvalidDataError, ":password_length must be an Integer" unless opts[:password_length].is_a? Integer
+      elsif %i[reset_random generate_pw].include?(action)
+        raise Jamf::MissingDataError, ':password_length must be provided when setting a random password' if opts[:password_length].nil?
+        raise Jamf::InvalidDataError, ':password_length must be an Integer' unless opts[:password_length].is_a? Integer
 
         management_data = {
           action: MGMT_ACCOUNT_ACTIONS[action],
@@ -1800,21 +1813,23 @@ module Jamf
       @need_to_update = true
 
       @management_account
-
     end
 
-    # Check if management password matches provided password
+    # @deprecated The API no longer sends SHA256 hashed password data, and instead
+    #   only has a string of asterisks, meaning we can no longer use it to validate
+    #   passwords before attempting to use them. Instead, the processes that use
+    #   the password will fail on their own if the pw is not valid.
     #
-    # @param password[String] the password that is SHA256'ed to compare to the one from the API.
+    #   This method remains defined for backward-compatibility with any existing
+    #   code that calls it. but it will always return true. Itwill be removed in
+    #   a future version
     #
-    # @return [Boolean] The result of the comparison of the management password and provided text.
+    # @param password[String] ignored
     #
-    def verify_management_password(password)
-      raise Jamf::InvalidDataError, "Management password must be a string." unless password.is_a? String
-
-      raise Jamf::UnsupportedError, "'#{@management_account[:action].to_s}' does not support management passwords." unless @management_account[:action] == MGMT_ACCOUNT_ACTIONS[:change_pw] || @management_account[:action] == MGMT_ACCOUNT_ACTIONS[:reset_pw]
-
-      return Digest::SHA256.hexdigest(password).to_s == @management_account[:managed_password_sha256].to_s
+    # @return [TrueClass] Allow the process calling this to continue.
+    #
+    def verify_management_password(_password = nil)
+      true
     end
 
     ###### Actions
@@ -1829,8 +1844,10 @@ module Jamf
     #
     def run(show_output = false)
       return nil unless enabled?
+
       output = Jamf::Client.run_jamf('policy', "-id #{id}", show_output)
       return nil if output.include? 'No policies were found for the ID'
+
       $CHILD_STATUS.exitstatus.zero? ? true : false
     end
     alias execute run
@@ -1944,6 +1961,7 @@ module Jamf
 
       id = Jamf::Script.valid_id identifier, cnx: @cnx
       raise Jamf::NoSuchItemError, "No script matches '#{identifier}'" unless id
+
       id
     end
 
@@ -1963,12 +1981,13 @@ module Jamf
         else Jamf::Validate.integer(opts[:position])
         end
 
-        # if the given position is past the end, set it to -1 (the end)
-        opts[:position] = -1 if opts[:position] > @directory_bindings.size
+      # if the given position is past the end, set it to -1 (the end)
+      opts[:position] = -1 if opts[:position] > @directory_bindings.size
+
+      id = Jamf::DirectoryBinding.valid_id identifier, cnx: @cnx
+      raise Jamf::NoSuchItemError, "No directory binding matches '#{identifier}'" unless id
 
-        id = Jamf::DirectoryBinding.valid_id identifier, cnx: @cnx
-        raise Jamf::NoSuchItemError, "No directory binding matches '#{identifier}'" unless id
-        id
+      id
     end
 
     # Raises an error if the printer being added isn't valid, additionally checks the options and sets defaults where possible.
@@ -1994,14 +2013,17 @@ module Jamf
       raise Jamf::MissingDataError, "action must be provided, must be one of :#{PRINTER_ACTIONS.keys.join(':,')}." if opts[:action].nil?
       raise Jamf::InvalidDataError, "action must be one of :#{PRINTER_ACTIONS.keys.join(',:')}." unless PRINTER_ACTIONS.keys.include? opts[:action]
 
-
       # Checks if the make_default option is valid, and sets the default if needed.
-      raise Jamf::InvalidDataError, "make_default must be either true or false." unless opts[:make_default].is_a?(TrueClass) || opts[:make_default].is_a?(FalseClass) || opts[:make_default].nil?
+      unless opts[:make_default].is_a?(TrueClass) || opts[:make_default].is_a?(FalseClass) || opts[:make_default].nil?
+        raise Jamf::InvalidDataError,
+              'make_default must be either true or false.'
+      end
 
       opts[:make_default] = false if opts[:make_default].nil?
 
       id = Jamf::Printer.valid_id identifier, cnx: @cnx
       raise Jamf::NoSuchItemError, "No printer matches '#{identifier}'" unless id
+
       id
     end
 
@@ -2081,7 +2103,7 @@ module Jamf
 
       disk_encryption = obj.add_element 'disk_encryption'
 
-      @disk_encryption.each do |k,v|
+      @disk_encryption.each do |k, v|
         disk_encryption.add_element(k.to_s).text = v.to_s
       end
 

data/lib/jamf/api/classic/xml_workaround.rb

@@ -150,7 +150,8 @@ module Jamf
         element ? element.text.to_f : model
       when nil
         return nil unless element
-        element.text.downcase == TRUE_STRING ? true : false
+
+        element.text.downcase == TRUE_STRING
       when Array
         element ? elem_as_array(model.first, element) : []
       when Hash
@@ -176,6 +177,7 @@ module Jamf
       return unless size_elems.count == 1
       return if size_elem.has_elements?
       return unless size_elem.text.jss_integer?
+
       elem.delete_element size_elem
     end
 

data/lib/jamf/api/connection/attributes.rb

@@ -74,15 +74,15 @@ module Jamf
       attr_reader :sticky_session
       alias sticky_session? sticky_session
       alias sticky? sticky_session
-      
+
       # @return [String, nil] The current sticky_session cookie. nil unless
       #   sticky_session is set to true, either as a param to 'connect' or via
       #   #sticky_session=
       #
-      #   When set via .connect, the cookie is gleaned from the token creation 
+      #   When set via .connect, the cookie is gleaned from the token creation
       #   reponse. When set via #sticky_session=, a HEAD request is made, and the
       #   cookie will be in the response.
-      #   
+      #
       #    Only valid when the connection is to a Jamf Cloud server.
       attr_reader :sticky_session_cookie
 
@@ -100,7 +100,7 @@ module Jamf
 
         # convert boolean-y to boolean
         value = value ? true : false
-        
+
         return if @sticky_session == value
 
         if value
@@ -125,8 +125,8 @@ module Jamf
       #
       def timeout=(new_timeout)
         @timeout = new_timeout.to_i
-        @c_cnx&.options[:timeout] = @timeout 
-        @jp_cnx&.options[:timeout] = @timeout 
+        @c_cnx.options.timeout = @timeout if @c_cnx
+        @jp_cnx.options.timeout = @timeout if @jp_cnx
       end
 
       # Reset the open-connection timeout for the rest connection
@@ -137,8 +137,8 @@ module Jamf
       #
       def open_timeout=(new_timeout)
         @open_timeout = new_timeout.to_i
-        @c_cnx&.options[:open_timeout] = @open_timeout
-        @jp_cnx&.options[:open_timeout] = @open_timeout 
+        @c_cnx.options.open_timeout = @open_timeout if @c_cnx
+        @jp_cnx.options.open_timeout = @open_timeout if @jp_cnx
       end
 
       # @return [URI::HTTPS] the base URL to the server

data/lib/jamf/api/connection/classic_api.rb

@@ -59,6 +59,8 @@ module Jamf
       # @return [Hash,String] the result of the get
       #
       def c_get(rsrc, format = :json, raw_json: false)
+        rsrc = rsrc.delete_prefix Jamf::Connection::SLASH
+
         validate_connected @c_cnx
         raise Jamf::InvalidDataError, 'format must be :json or :xml' unless Jamf::Connection::GET_FORMATS.include?(format)
 
@@ -92,6 +94,8 @@ module Jamf
       def c_post(rsrc, xml)
         validate_connected @c_cnx
 
+        rsrc = rsrc.delete_prefix Jamf::Connection::SLASH
+
         # convert CRs & to 
         xml&.gsub!(/\r/, '
')
 
@@ -125,6 +129,8 @@ module Jamf
       def c_put(rsrc, xml)
         validate_connected @c_cnx
 
+        rsrc = rsrc.delete_prefix Jamf::Connection::SLASH
+
         # convert CRs & to 
         xml.gsub!(/\r/, '
')
 
@@ -157,6 +163,8 @@ module Jamf
         validate_connected @c_cnx
         raise MissingDataError, 'Missing :rsrc' if rsrc.nil?
 
+        rsrc = rsrc.delete_prefix Jamf::Connection::SLASH
+
         # delete the resource
         resp =
           @c_cnx.delete(rsrc) do |req|
@@ -188,6 +196,7 @@ module Jamf
       #
       def upload(rsrc, local_file)
         validate_connected @c_cnx
+        rsrc = rsrc.delete_prefix Jamf::Connection::SLASH
 
         # the upload file object for faraday
         local_file = Pathname.new local_file
@@ -223,7 +232,7 @@ module Jamf
 
           cnx.options[:timeout] = @timeout
           cnx.options[:open_timeout] = @open_timeout
-          
+
           cnx.request :multipart
           cnx.request :url_encoded
 

data/lib/jamf/api/connection/constants.rb

@@ -87,6 +87,8 @@ module Jamf
       MIME_JSON = 'application/json'.freeze
       MIME_XML = 'application/xml'.freeze
 
+      SLASH = '/'
+
       # Only these variables are displayed with PrettyPrint
       # This avoids, especially, the caches, which are available
       # as attr_readers

data/lib/jamf/api/connection/jamf_pro_api.rb

@@ -53,11 +53,12 @@ module Jamf
 
       # @param rsrc[String] the resource to get
       #   (the part of the API url after the '/api/' )
-  
+
       # @return [Hash] the result of the get
       #######################################################
       def jp_get(rsrc)
         validate_connected @jp_cnx
+        rsrc = rsrc.delete_prefix Jamf::Connection::SLASH
         resp = @jp_cnx.get(rsrc) do |req|
           # Modify the request here if needed.
           # puts "JPAPI Cookie is: #{req.headers['Cookie']}"
@@ -82,6 +83,7 @@ module Jamf
       #######################################################
       def jp_post(rsrc, data)
         validate_connected @jp_cnx
+        rsrc = rsrc.delete_prefix Jamf::Connection::SLASH
         resp = @jp_cnx.post(rsrc) do |req|
           req.body = data
         end
@@ -104,6 +106,7 @@ module Jamf
       #######################################################
       def jp_put(rsrc, data)
         validate_connected @jp_cnx
+        rsrc = rsrc.delete_prefix Jamf::Connection::SLASH
         resp = @jp_cnx.put(rsrc) do |req|
           req.body = data
         end
@@ -126,6 +129,7 @@ module Jamf
       #######################################################
       def jp_patch(rsrc, data)
         validate_connected @jp_cnx
+        rsrc = rsrc.delete_prefix Jamf::Connection::SLASH
         resp = @jp_cnx.patch(rsrc) do |req|
           req.body = data
         end
@@ -146,6 +150,7 @@ module Jamf
       #######################################################
       def jp_delete(rsrc)
         validate_connected @jp_cnx
+        rsrc = rsrc.delete_prefix Jamf::Connection::SLASH
         resp = @jp_cnx.delete rsrc
         @last_http_response = resp
         return resp.body if resp.success?
@@ -159,6 +164,7 @@ module Jamf
       # a temporary Faraday connection object
       #######################################################
       def jp_download(rsrc)
+        rsrc = rsrc.delete_prefix Jamf::Connection::SLASH
         temp_cnx = create_jp_connection(parse_json: false)
         resp = temp_cnx.get rsrc
         @last_http_response = resp

data/lib/jamf/version.rb

@@ -27,6 +27,6 @@
 module Jamf
 
   ### The version of ruby-jss
-  VERSION = '2.1.0b5'.freeze
+  VERSION = '2.1.1'.freeze
 
 end # module

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: ruby-jss
 version: !ruby/object:Gem::Version
-  version: 2.1.0b5
+  version: 2.1.1
 platform: ruby
 authors:
 - Chris Lasell
@@ -10,7 +10,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-09-23 00:00:00.000000000 Z
+date: 2022-11-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: CFPropertyList
@@ -824,9 +824,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: 2.6.3
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements: []
 rubygems_version: 3.0.3.1
 signing_key: