xolo-admin 1.0.0 → 2.0.2

data/lib/xolo/admin/validate.rb

@@ -126,6 +126,13 @@ module Xolo
           # skip things not given on the command line
           next unless cli_cmd_opts["#{key}_given"]
 
+          if deets[:add_only] && edit_command?
+            raise ArgumentError, "Option '--#{key.to_s.gsub '_', '-'}' is only valid for 'add-' commands."
+
+          elsif deets[:edit_only] && add_command?
+            raise ArgumentError, "Option '--#{key.to_s.gsub '_', '-'}' is only valid for 'edit-' commands."
+          end
+
           # skip things that shouldn't be validated
           next unless deets[:validate]
 
@@ -196,7 +203,7 @@ module Xolo
         if cli_cmd.command == Xolo::Admin::Options::ADD_TITLE_CMD
           err =
             if title_exists
-              'already exists in Xolo'
+              "title '#{val}' already exists in Xolo"
             elsif val !~ /\A[a-z0-9-][a-z0-9-]+\z/
               TITLE_ATTRS[:title][:invalid_msg]
             else
@@ -207,7 +214,7 @@ module Xolo
         elsif Xolo::Admin::Options::MUST_EXIST_COMMANDS.include?(cli_cmd.command)
           return val if title_exists
 
-          err = "doesn't exist in Xolo"
+          err = "title '#{val}' doesn't exist in Xolo"
 
         # any other command
         else
@@ -217,10 +224,22 @@ module Xolo
         raise_invalid_data_error val, err
       end
 
-      # validate a title display-name. Must be 3+ chars long
+      # validate the title type
       #
       # @param val [Object] The value to validate
       #
+      # @return [String] The valid value
+      ########################
+      def validate_type(val)
+        val = val.to_s.strip.downcase.to_sym
+        return val if Xolo::TITLE_TYPES.include? val
+
+        raise_invalid_data_error val, TITLE_ATTRS[:type][:invalid_msg]
+      end
+
+      # validate a title display-name. Must be 3+ chars long
+      #
+      # @param val [Object] The value to validate
       #
       # @return [String] The valid value
       ##########################
@@ -267,7 +286,7 @@ module Xolo
         val = val.to_s.strip
         return val if val.end_with? Xolo::DOTAPP
 
-        raise_invalid_data_error val, TITLE_ATTRS[:app_bundle_id][:invalid_msg]
+        raise_invalid_data_error val, TITLE_ATTRS[:app_name][:invalid_msg]
       end
 
       # validate a title app_bundle_id. Must include at least one dot
@@ -296,6 +315,32 @@ module Xolo
         raise_invalid_data_error val, TITLE_ATTRS[:version_script][:invalid_msg]
       end
 
+      # validate a patch source name. Must exist in Jamf Pro and have available titles
+      #
+      # @param val [Object] The value to validate
+      #
+      # @return [Pathname] The valid value
+      ##########################
+      def validate_patch_source(val)
+        val = val.to_s
+        return val if jamf_patch_sources_with_available_titles.include? val
+
+        raise_invalid_data_error val, TITLE_ATTRS[:patch_source][:invalid_msg]
+      end
+
+      # validate a patch title id.
+      #
+      # @param val [Object] The value to validate
+      #
+      # @return [Pathname] The valid value
+      ##########################
+      def validate_title_id(val)
+        val = val.to_s
+        return val if jamf_available_titles.any? { |t| t[:name_id] == val }
+
+        raise_invalid_data_error val, TITLE_ATTRS[:title_id][:invalid_msg]
+      end
+
       # validate a title uninstall script:
       # - a path to a script which must start with '#!'
       # OR
@@ -525,9 +570,10 @@ module Xolo
       ##########################
       def validate_pkg_to_upload(val)
         val = Pathname.new val.to_s.strip
+        show_debug "Validating pkg_to_upload: '#{val}'. Checking if file? #{val.file?}, readable? #{val.readable?}, extname '#{val.extname}'"
         return val if val.file? && val.readable? && (Xolo::OK_PKG_EXTS.include? val.extname)
 
-        raise_invalid_data_error val, VERSION_ATTRS[:jamf_pkg_file][:invalid_msg]
+        raise_invalid_data_error val, VERSION_ATTRS[:pkg_to_upload][:invalid_msg]
       end
 
       # Version Attributes
@@ -620,7 +666,7 @@ module Xolo
         val = val.to_s.strip
         return val if val =~ /\A\S+@\S+\.\S+\z/
 
-        raise_invalid_data_error val, VERSION_ATTRS[:contact_email][:invalid_msg]
+        raise_invalid_data_error val, TITLE_ATTRS[:contact_email][:invalid_msg]
       end
 
       # expand Xolo::Admin::Version::USE_TITLE_FOR_KILLAPP into the proper killall string
@@ -790,6 +836,8 @@ module Xolo
       def validate_internal_consistency(opts)
         return unless add_command? || edit_command?
 
+        show_debug "Validating internal consistency for opts: #{opts.to_h}"
+
         if version_command?
           validate_version_consistency opts
         elsif title_command?
@@ -806,6 +854,12 @@ module Xolo
         validate_min_os_and_max_os(opts)
       end
 
+      # given our current options, are we working with a subscribed or managed title?
+      #
+      def current_title_type(opts)
+        opts[:subscribed] ? Xolo::SUBSCRIBED : Xolo::MANAGED
+      end
+
       # @param opts [OpenStruct] the current options
       #
       # @return [void]
@@ -814,86 +868,175 @@ module Xolo
         # if we are just listing the versions, nothing to do
         return if cli_cmd.command == Xolo::Admin::Options::LIST_VERSIONS_CMD
 
-        # order of these matters
-        validate_scope_targets_and_exclusions(opts)
-        validate_title_consistency_app_and_script(opts)
+        # order of these matters in some places
+
+        #### Sub vs Managed
+
+        # complain about using options not meant for the chosen type
+        # e.g. can't use display name for subscribed titles
+        validate_subbed_v_managed(opts)
+
+        #### Subscribed Title Validations ####
+
+        # if subscribed, both patch_source and title_id must be given
+        validate_title_consistency_patch_source_and_title_id(opts)
+
+        # if subscribed, the title_id must exist in the patch_source
+        validate_title_consistency_title_id_exists(opts)
+
+        #### Managed Title Validations ####
+
+        # if managed, must provide display name and publisher, but not allowed if subscribing
+        validate_title_consistency_display_name_and_publisher(opts)
+
+        # if managed must use version_script, or app
         validate_title_consistency_app_or_script(opts)
+
+        # if managed, can't have both app and version_script
+        validate_title_consistency_app_and_script(opts)
+
+        # if managed and using app_name & bundle id, must have both
         validate_title_consistency_app_name_and_id(opts)
+
+        ### General Validations ###
+
+        # scope targets and exclusions can't overlap
+        validate_scope_targets_and_exclusions(opts)
+
+        # if uninstall script, can't have uninstall ids, and vice versa
         validate_title_consistency_uninstall(opts)
+
+        # if expiration > 0, must have at least one expiration path
         validate_title_consistency_expire_paths(opts)
+
+        # if targeting 'all'  can't be in self-service
         validate_title_consistency_no_all_in_ssvc(opts)
+
+        # if self-service category given, must be in self-service
         validate_title_consistency_ssvc_needs_category(opts)
       end # title_consistency(opts)
 
-      # groups that will be scope targets (pilot or release) cannot
-      # also be in the exclusions.
+      # Complain about using options not meant for the chosen title type
+      def validate_subbed_v_managed(opts)
+        bad_opts = []
+        ttl_type = current_title_type(opts)
+
+        Xolo::Admin::Title.cli_opts.each do |key, deets|
+          next unless opts[key]
+          next unless deets[:title_type]
+          next if deets[:title_type] == ttl_type
+
+          # ignore values not used for this command type
+          next if add_command? && deets[:edit_only]
+          next if edit_command? && deets[:add_only]
+
+          # ignore values not given on the commandline
+          next if !walkthru? && !opts["#{key}_given"]
+
+          # display_name is stored for subscribed titles, but only editable for managed
+          next if key == :display_name && ttl_type == Xolo::SUBSCRIBED
+
+          bad_opts << (walkthru? ? deets[:label] : "--#{key.to_s.gsub('_', '-')}")
+        end
+        return if bad_opts.empty?
+
+        raise_consistency_error "Cannot be used with a #{ttl_type} title: #{bad_opts.join(', ')}"
+      end
+
+      # If subscribing to a title both patch_source and title_id must be given
       #
       # @param opts [OpenStruct] the current options
       #
       # @return [void]
       #######
-      def validate_scope_targets_and_exclusions(opts)
-        # require 'pp'
-        # puts 'Opts Are:'
-        # pp opts.to_h
-        # pp caller
+      def validate_title_consistency_patch_source_and_title_id(opts)
+        return if current_title_type(opts) == Xolo::MANAGED
+        return if opts[:title_id] && opts[:patch_source]
 
-        if title_command?
-          excls = opts.excluded_groups
-          tgts = opts.release_groups
-          tgt_type = :release
-        elsif version_command?
-          @title_for_version_validation ||= Xolo::Admin::Title.fetch cli_cmd.title, server_cnx
-          excls = @title_for_version_validation.excluded_groups
-          tgts = opts.pilot_groups
-          tgt_type = :pilot
-        else
-          excls = nil
-          tgts = nil
+        msg =
+          if walkthru?
+            'To subscribe to a title, both Patch Source and Title ID must be given.'
+          else
+            'To subscribe to a title, both --patch-source and --title-id must be given.'
+          end
+        raise_consistency_error msg
+      end
+
+      # If subscribing to a title, the title_id must exist in the given patch_source
+      #
+      # @param opts [OpenStruct] the current options
+      #
+      # @return [void]
+      #######
+      def validate_title_consistency_title_id_exists(opts)
+        return unless cli_cmd.command == Xolo::Admin::Options::ADD_TITLE_CMD
+        return if current_title_type(opts) == Xolo::MANAGED
+        return unless opts[:title_id] && opts[:patch_source]
+        return if jamf_available_titles.any? do |t|
+          t[:name_id] == opts[:title_id] && t[:source_name] == opts[:patch_source]
         end
-        return unless excls && tgts
 
-        in_both = excls & tgts
-        return if in_both.empty?
+        msg =
+          if walkthru?
+            'The given Title ID does not exist in the given Patch Source.'
+          else
+            'The given --title-id does not exist in the given --patch-source.'
+          end
+        raise_consistency_error msg
+      end
 
-        raise_consistency_error "These groups are in both #{tgt_type}_groups and the title's excluded_groups: '#{in_both.join "', '"}'"
+      # If managing this title, display_name and publisher must be given
+      #################
+      def validate_title_consistency_display_name_and_publisher(opts)
+        return if current_title_type(opts) == Xolo::SUBSCRIBED
+        return if opts[:display_name] && opts[:publisher]
+
+        msg =
+          if walkthru?
+            'Display Name and Publisher must both be given for a managed title.'
+          else
+            '--display-name and --publisher must both be given for a managed title.'
+          end
+        raise_consistency_error msg
       end
 
-      # if app_name or app_bundle_id is given, can't use --version-script
+      # if managed must use version_script, or app
       #
       # @param opts [OpenStruct] the current options
       #
       # @return [void]
       #######
-      def validate_title_consistency_app_and_script(opts)
-        return unless opts[:version_script] && (opts[:app_bundle_id] || opts[:app_name])
+      def validate_title_consistency_app_or_script(opts)
+        return if current_title_type(opts) == Xolo::SUBSCRIBED
+        return if opts[:version_script] || (opts[:app_bundle_id] && opts[:app_name])
 
         msg =
           if walkthru?
-            'Version Script cannot be used with App Name & App Bundle ID'
+            'Managed titles must provide Version Script OR App Name & App Bundle ID'
           else
-            '--version-script cannot be used with --app-name & --app-bundle-id'
+            'Managed titles must provide --version-script OR --app-name & --app-bundle-id'
           end
 
         raise_consistency_error msg
       end
 
-      # but either version_script or appname and bundle id must be given
+      # if app_name or app_bundle_id is given, can't use --version-script, and vice versa
       #
       # @param opts [OpenStruct] the current options
       #
       # @return [void]
       #######
-      def validate_title_consistency_app_or_script(opts)
-        return if opts[:version_script]
-        return if opts[:app_name] || opts[:app_bundle_id]
+      def validate_title_consistency_app_and_script(opts)
+        return if current_title_type(opts) == Xolo::SUBSCRIBED
+        return unless opts[:version_script] && (opts[:app_bundle_id] || opts[:app_name])
 
         msg =
           if walkthru?
-            'Either App Name & App Bundle ID. or Version Script must be given.'
+            'Version Script cannot be used with App Name & App Bundle ID'
           else
-            'Must provide either --app-name & --app-bundle-id OR --version-script'
+            '--version-script cannot be used with --app-name & --app-bundle-id'
           end
+
         raise_consistency_error msg
       end
 
@@ -904,6 +1047,7 @@ module Xolo
       # @return [void]
       #######
       def validate_title_consistency_app_name_and_id(opts)
+        return if current_title_type(opts) == Xolo::SUBSCRIBED
         return if opts[:version_script]
         return if opts[:app_name] && opts[:app_bundle_id]
 
@@ -916,6 +1060,40 @@ module Xolo
         raise_consistency_error msg
       end
 
+      # groups that will be scope targets (pilot or release) cannot
+      # also be in the exclusions.
+      #
+      # @param opts [OpenStruct] the current options
+      #
+      # @return [void]
+      #######
+      def validate_scope_targets_and_exclusions(opts)
+        # require 'pp'
+        # puts 'Opts Are:'
+        # pp opts.to_h
+        # pp caller
+
+        if title_command?
+          excls = opts.excluded_groups
+          tgts = opts.release_groups
+          tgt_type = :release
+        elsif version_command?
+          @title_for_version_validation ||= Xolo::Admin::Title.fetch cli_cmd.title, server_cnx
+          excls = @title_for_version_validation.excluded_groups
+          tgts = opts.pilot_groups
+          tgt_type = :pilot
+        else
+          excls = nil
+          tgts = nil
+        end
+        return unless excls && tgts
+
+        in_both = excls & tgts
+        return if in_both.empty?
+
+        raise_consistency_error "These groups are in both #{tgt_type}_groups and the title's excluded_groups: '#{in_both.join "', '"}'"
+      end
+
       # if expiration is > 0, there must be at least one expiration path
       #
       # @param opts [OpenStruct] the current options
@@ -975,7 +1153,7 @@ module Xolo
           if walkthru?
             "Cannot be in Self Service when Target Group is '#{Xolo::TARGET_ALL}'"
           else
-            "--self-service cannot be used when --target-groups contains '#{Xolo::TARGET_ALL}'"
+            "--self-service cannot be used when --release-groups contains '#{Xolo::TARGET_ALL}'"
           end
         raise_consistency_error msg
       end

data/lib/xolo/admin/version.rb

@@ -86,7 +86,11 @@ module Xolo
       ####################
       def self.fetch(title, version, cnx)
         resp = cnx.get server_route(title, version)
-        new resp.body
+        vers_obj = new resp.body
+        vers_obj.cnx = cnx
+        vers_obj
+      rescue Faraday::ResourceNotFound
+        raise Xolo::NoSuchItemError, "No such version '#{version}'"
       end
 
       # Deploy a version to desired computers and groups via MDM
@@ -121,6 +125,9 @@ module Xolo
       ######################
       ######################
 
+      # the server connection used to fetch this version
+      attr_accessor :cnx
+
       # Constructor
       ######################
       ######################
@@ -129,13 +136,31 @@ module Xolo
       #############################
       #############################
 
-      # The server route for this version, after it exists on the server
+      # TODO:
+      # when instantiating a title or version object,
+      # embed the connection used to fetch it in a @cnx attribute/instance variable
+      # and use that for all future interactions with the server for that object.
+      #
+      # Then also use that to implement the method below, fetching the title object
+      # for this version when desired.
+      #
+      # Then we can use THAT to know if this title is subscribed or not
+      # which affects how we deal with adding (we can't) or editing
+      #
+      # Also TODO: implement a way to trigger a subcribed 'add-title'
+      # in case the xolo server misses a webhook event
+
+      ################
+      # def title_object(refresh: false, cnx:
+      #   @title_object = nil if refresh
+      #   @title_object ||= Xolo::Admin::Title.fetch(title, cnx)
+      # end
 
       # Add this version to the server
       # @param cnx [Faraday::Connection] The connection to use, must be logged in already
       # @return [Hash] the response from the server
       ####################
-      def add(cnx)
+      def add(cnx = self.cnx)
         resp = cnx.post self.class.server_route(title), to_h
         resp.body
       end
@@ -144,7 +169,7 @@ module Xolo
       # @param cnx [Faraday::Connection] The connection to use, must be logged in already
       # @return [Hash] the response from the server
       ####################
-      def update(cnx)
+      def update(cnx = self.cnx)
         resp = cnx.put self.class.server_route(title, version), to_h
         resp.body
       end
@@ -153,7 +178,7 @@ module Xolo
       # @param cnx [Faraday::Connection] The connection to use, must be logged in already
       # @return [Hash] the response body from the server
       ####################
-      def repair(cnx)
+      def repair(cnx = self.cnx)
         resp = cnx.post "#{self.class.server_route(title, version)}/repair"
         resp.body
       end
@@ -162,7 +187,7 @@ module Xolo
       # @param cnx [Faraday::Connection] The connection to use, must be logged in already
       # @return [Hash] the response from the server
       ####################
-      def delete(cnx)
+      def delete(cnx = self.cnx)
         self.class.delete title, version, cnx
         # already returns resp.body
       end
@@ -171,14 +196,14 @@ module Xolo
       # @param cnx [Faraday::Connection] The connection to use, must be logged in already
       # @return [Hash{String => String}] page_name => url
       ####################
-      def gui_urls(cnx)
+      def gui_urls(cnx = self.cnx)
         resp = cnx.get "#{self.class.server_route(title, version)}/urls"
         resp.body
       end
 
-      # Upload a .pkg (or zipped bundle pkg) for this version
-      # At this point, the jamf_pkg_file attribute
-      # will containt the local file path.
+      # Upload a .pkg for this version
+      # At this point, the pkg_to_upload attribute
+      # will contain the local file path.
       #
       # @param upload_cnx [Xolo::Admin::Connection] The server connection
       #
@@ -190,13 +215,6 @@ module Xolo
         # route = "#{UPLOAD_PKG_ROUTE}/#{title}/#{version}"
         route = "#{self.class.server_route(title, version)}/#{UPLOAD_PKG_ROUTE}"
 
-        # TODO: Update this to the more modern correct class
-        # upfile = Faraday::UploadIO.new(
-        #   pkg_to_upload.to_s,
-        #   'application/octet-stream',
-        #   pkg_to_upload.basename.to_s
-        # )
-
         upfile = Faraday::Multipart::FilePart.new(pkg_to_upload.expand_path.to_s, 'application/octet-stream')
 
         content = { file: upfile }
@@ -209,11 +227,30 @@ module Xolo
       # @param cnx [Faraday::Connection] The connection to use, must be logged in already
       # @return [Array<Hash>] Data for each computer with this version of this title installed
       ##################################
-      def patch_report_data(cnx)
+      def patch_report_data(cnx = self.cnx)
         resp = cnx.get "#{self.class.server_route(title, version)}/patch_report"
         resp.body
       end
 
+      # @return [Xolo::Admin::Title] the title for this version
+      ################
+      def title_object(cnx = self.cnx, refresh: false)
+        @title_object = nil if refresh
+        @title_object ||= Xolo::Admin::Title.fetch(title, cnx)
+      end
+
+      # @return [Boolean] whether this version is from a subscribed title or not
+      #############
+      def subscribed?
+        title_object.subscribed?
+      end
+
+      # @return [Boolean] whether this version is from a managed title or not
+      #############
+      def managed?
+        title_object.managed?
+      end
+
     end # class Title
 
   end # module Admin