xolo-server 1.0.1 → 2.0.2

data/lib/xolo/server/routes/subscriptions.rb

@@ -0,0 +1,126 @@
+# Copyright 2025 Pixar
+#
+#    Licensed under the terms set forth in the LICENSE.txt file available at
+#    at the root of this project.
+#
+
+# frozen_string_literal: true
+
+# main module
+module Xolo
+
+  # Server Module
+  module Server
+
+    module Routes
+
+      # See comments for Xolo::Server::Helpers::TitleEditor
+      #
+      module Subscriptions
+
+        # This is how we 'extend' modules to Sinatra servers
+        # for route definitions and similar things
+        #
+        # (things to be 'included' for use in route and view processing
+        # are mixed in by delcaring them to be helpers)
+        #
+        # We make them extentions here with
+        #    extend Sinatra::Extension (from sinatra-contrib)
+        # and then 'register' them in the server with
+        #    register Xolo::Server::<Module>
+        # Doing it this way allows us to split the code into a logical
+        # file structure, without re-opening the Sinatra::Base server app,
+        # and let xeitwork do the requiring of those files
+        extend Sinatra::Extension
+
+        # Module methods
+        #
+        ##############################
+        ##############################
+
+        # when this module is included
+        def self.included(includer)
+          Xolo.verbose_include includer, self
+        end
+
+        # when this module is extended
+        def self.extended(extender)
+          Xolo.verbose_extend extender, self
+        end
+
+        # Routes
+        #
+        ##############################
+        ##############################
+
+        # This endpoint receives Jamf Webhook PatchSoftwareTitleUpdated events
+        # from the Jamf Pro server, indicating that a subscribed title has a new version available.
+        #
+        # If the title is subscribed in Xolo, this creates a new xolo version for the title,
+        # and either notifies the contact email for the title, or uses autopkg to get an installer.
+        #
+        # The body will be JSON like this:
+        # {
+        #   "event": {
+        #     "jssID": integer,
+        #     "lastUpdate": epoch,
+        #     "latestVersion": "string",
+        #     "name": "string",
+        #     "reportUrls": [
+        #       "string",
+        #       "string"
+        #     ]
+        #   },
+        #   "webhook": {
+        #     "eventTimestamp": epoch,
+        #     "id": integer,
+        #     "name": "string",
+        #     "webhookEvent": "PatchSoftwareTitleUpdated"
+        #   }
+        # }
+        #
+        # Some real data:
+        #  {
+        #    "event": {
+        #      "jssID": 145,
+        #      "lastUpdate":1765926131000,
+        #      "latestVersion": "1.0.3",
+        #      "name": "Xolo Testing",
+        #      "reportUrls": [
+        #        "https://myjamf.mycompany.com:8443//patch.html?id=145&o=r"
+        #      ]
+        #    },
+        #    "webhook": {
+        #      "eventTimestamp":1765926428322,
+        #      "id": 4,
+        #      "name": "PatchSoftwareTitleUpdated",
+        #      "webhookEvent": "PatchSoftwareTitleUpdated"
+        #    }
+        #  }
+        #
+        # NOTE: The above reportUrls is incorrect on modern Jamf Pro servers.
+        # the correct one would be https://myjamf.mycompany.com:8443/view/computers/patch/145?tab=report
+        #
+        ###############
+        post '/subscribed-title-updates' do
+          session[:admin] = Xolo::Server::WEBHOOK_HANDLER_ADMIN_USERNAME
+          request.body.rewind
+
+          # this happens in a thread so that we can return a 200 response to the
+          # webhook immediately, and do the processing asynchronously (which may
+          # involve time-consuming tasks like autopkg runs)
+          process_patch_title_updated_webhook(request.body.read)
+
+          # always return 200 to the webhook sender
+          status 200
+          resp = { status: 200, message: 'Webhook event received' }
+          body resp
+        end
+
+      end # Module
+
+    end #  Routes
+
+  end #  Server
+
+end # module Xolo

data/lib/xolo/server/routes/title_editor.rb

@@ -18,7 +18,7 @@ module Xolo
       #
       module TitleEditor
 
-        # This is how we 'mix in' modules to Sinatra servers
+        # This is how we 'extend' modules to Sinatra servers
         # for route definitions and similar things
         #
         # (things to be 'included' for use in route and view processing

data/lib/xolo/server/routes/titles.rb

@@ -16,7 +16,7 @@ module Xolo
 
       module Titles
 
-        # This is how we 'mix in' modules to Sinatra servers
+        # This is how we 'extend' modules to Sinatra servers
         # for route definitions and similar things
         #
         # (things to be 'included' for use in route and view processing
@@ -48,11 +48,17 @@ module Xolo
           halt_on_existing_title title.title
 
           log_info "Admin #{session[:admin]} is creating title '#{title.title}'"
+          info = { status: 'created', title: title.title }
+          body info
+
           with_streaming do
             title.create
-            # we don't need to update client data when titles are created
+            # we don't need to update client data when managed titles are created
             # because they don't have any versions yet, so there's nothing a
             # client can do with them.
+            #
+            # However subscribed titles will have their latest version activated
+            # will need client data updated
           end
         end
 
@@ -240,13 +246,14 @@ module Xolo
         #################################
         get '/titles/:title/urls' do
           log_debug "Admin #{session[:admin]} is fetching GUI URLS for title '#{params[:title]}'"
+
           halt_on_missing_title params[:title]
           title = instantiate_title params[:title]
-          data = {
-            ted_title_url: title.ted_title_url,
-            jamf_installed_group_url: title.jamf_installed_group_url,
-            jamf_frozen_group_url: title.jamf_frozen_group_url
-          }
+
+          data = {}
+          data[:ted_title_url] = title.ted_title_url if title.managed?
+          data[:jamf_installed_group_url] = title.jamf_installed_group_url if title.jamf_installed_group_exist?
+          data[:jamf_frozen_group_url] = title.jamf_frozen_group_url if title.jamf_frozen_group_exist?
           data[:jamf_manual_install_released_policy_url] = title.jamf_manual_install_released_policy_url if title.jamf_manual_install_released_policy_exist?
 
           if title.uninstallable?
@@ -255,13 +262,11 @@ module Xolo
             data[:jamf_expire_policy_url] = title.jamf_expire_policy_url if title.expiration
           end
 
-          if title.jamf_ted_title_active?
-            data[:jamf_patch_title_url] = title.jamf_patch_title_url unless title.versions.empty?
+          if title.jamf_title_active?
+            data[:jamf_patch_title_url] = title.jamf_patch_title_url unless title.jamf_patch_title_id.pix_empty?
             data[:jamf_patch_ea_url] = title.jamf_patch_ea_url if title.version_script
           end
 
-          data[:jamf_normal_ea_url] = title.jamf_normal_ea_url if title.version_script
-
           body data
         end
 
@@ -276,6 +281,16 @@ module Xolo
           body title.changelog
         end
 
+        # Does this xolo server support autopkg integration?
+        #
+        # @return [Array<Hash>] The changelog for a title
+        #################################
+        get '/titles/autopkg_enabled' do
+          log_debug "Admin #{session[:admin]} is checking if autopkg is enabled on this server"
+          data = { autopkg_enabled: autopkg_enabled? }
+          body data
+        end
+
       end # Titles
 
     end #  Routes

data/lib/xolo/server/routes/uploads.rb

@@ -62,20 +62,6 @@ module Xolo
         ##############################
         ##############################
 
-        # # param with the uploaded file must be :file
-        # ######################
-        # post '/upload/ssvc-icon/:title' do
-        #   process_incoming_ssvc_icon
-        #   body({ result: :uploaded })
-        # end
-
-        # # param with the uploaded file must be :file
-        # ######################
-        # post '/upload/pkg/:title/:version' do
-        #   process_incoming_pkg
-        #   body({ result: :uploaded })
-        # end
-
         # param with the uploaded file must be :file
         ######################
         post '/upload/test' do

data/lib/xolo/server/routes/versions.rb

@@ -16,7 +16,7 @@ module Xolo
 
       module Versions
 
-        # This is how we 'mix in' modules to Sinatra servers
+        # This is how we 'extend' modules to Sinatra servers
         # for route definitions and similar things
         #
         # (things to be 'included' for use in route and view processing
@@ -58,9 +58,10 @@ module Xolo
           data[:min_os] = default_min_os if data[:min_os].pix_empty?
 
           log_debug "Incoming new version data: #{data}"
-          log_debug "Incoming new version data: #{data.class}"
 
-          vers = instantiate_version(data)
+          vers = instantiate_version(**data)
+          log_debug "Instantiated version object: #{vers.class} - #{vers.title} #{vers.version}"
+
           halt_on_existing_version vers.title, vers.version
 
           if vers.title_object.jamf_patch_ea_awaiting_acceptance? && !Xolo::Server.config.jamf_auto_accept_xolo_eas
@@ -89,9 +90,9 @@ module Xolo
 
           log_debug "Admin #{session[:admin]} is listing all versions for title '#{params[:title]}'"
           # body all_versions(params[:title])
-          vers_ins = all_version_instances(params[:title])
+          vers_objs = all_version_objects(params[:title])
           # log_debug "vers_ins: #{vers_ins}"
-          body vers_ins.map(&:to_h)
+          body vers_objs.map(&:to_h)
         end
 
         # get all the data for a single version
@@ -156,7 +157,7 @@ module Xolo
         # param with the uploaded file must be :file
         ######################
         post '/titles/:title/versions/:version/pkg' do
-          process_incoming_pkg
+          process_and_upload_uploaded_pkg
           body({ result: :uploaded })
         end
 
@@ -239,13 +240,13 @@ module Xolo
 
           halt_on_missing_version params[:title], params[:version]
           vers = instantiate_version title: params[:title], version: params[:version]
-          data = {
-            ted_patch_url: vers.ted_patch_url,
-            jamf_auto_install_policy_url: vers.jamf_auto_install_policy_url,
-            jamf_manual_install_policy_url: vers.jamf_manual_install_policy_url,
-            jamf_patch_policy_url: vers.jamf_patch_policy_url,
-            jamf_package_url: vers.jamf_package_url
-          }
+
+          data = {}
+          data[:ted_patch_url] = vers.ted_patch_url if vers.managed?
+          data[:jamf_auto_install_policy_url] = vers.jamf_auto_install_policy_url if vers.jamf_auto_install_policy_exist?
+          data[:jamf_manual_install_policy_url] = vers.jamf_manual_install_policy_url if vers.jamf_manual_install_policy_exist?
+          data[:jamf_patch_policy_url] = vers.jamf_patch_policy_url if vers.jamf_patch_policy_exist?
+          data[:jamf_package_url] = vers.jamf_package_url if vers.jamf_package_exist?
           data[:jamf_version_installed_group] = vers.jamf_installed_group_url if vers.jamf_installed_group_exist?
           data[:jamf_auto_reinstall_policy_url] = vers.jamf_auto_reinstall_policy_url if vers.jamf_auto_reinstall_policy_exist?
 

data/lib/xolo/server/routes.rb

@@ -49,6 +49,14 @@ module Xolo
         log_debug "Checking if request path '#{request.path}' is in INTERNAL_ROUTES"
         break if Xolo::Server::Helpers::Auth::INTERNAL_ROUTES.include?(request.path) && valid_internal_auth_token?
 
+        # This route is used by Jamf Pro Webhooks to notify Xolo of subscribed title updates
+        log_debug "Checking if request path '#{request.path}' is PATCH_TITLE_UPDATED_WEBHOOK_ROUTE"
+        if request.path == Xolo::Server::Helpers::Auth::PATCH_TITLE_UPDATED_WEBHOOK_ROUTE
+          break if jamf_webhook_auth_token_ok?
+
+          halt 401, { status: 401, error: 'Valid Bearer Token Required' }
+        end
+
         # these routes are for server admins only, and require an authenticated session
         log_debug "Checking if request path '#{request.path}' is in SERVER_ADMIN_ROUTES"
         break if Xolo::Server::Helpers::Auth::SERVER_ADMIN_ROUTES.include?(request.path) && valid_server_admin?
@@ -149,3 +157,4 @@ require 'xolo/server/routes/title_editor'
 require 'xolo/server/routes/titles'
 require 'xolo/server/routes/uploads'
 require 'xolo/server/routes/versions'
+require 'xolo/server/routes/subscriptions'

data/lib/xolo/server/title.rb

@@ -72,38 +72,11 @@ module Xolo
       # on the xolo server.
       UNINSTALL_SCRIPT_FILENAME = 'uninstall-script'
 
-      # In the TitleEditor, the version script is
-      # stored as an Extension Attribute - each title can
-      # only have one.
-      # and it needs a 'key', which is the name used to indicate the
-      # EA in various criteria, and is the EA name in Jamf Patch.
-      # The key is this value as a prefix on the title
-      # so for title 'foobar', it is 'xolo-foobar'
-      # That value is also used as the display name
-      TITLE_EDITOR_EA_KEY_PREFIX = Xolo::Server::JAMF_OBJECT_NAME_PFX
-
-      # The EA from the title editor, which is used in Jamf Patch
-      # cannot, unfortunately, be used as a criterion in normal
-      # smart groups or advanced searches.
-      # Since we need a smart group containing all macs with any
-      # version of the title installed, we need a second copy of the
-      # EA as a 'normal' EA.
-      #
-      # (That group is used as an exclusion to any auto-install initial-
-      # install policies, so that those policies don't stomp on the matching
-      # Patch Policies)
-      #
-      # The 'duplicate' EA is named the same as the Titled Editor key
-      # (see TITLE_EDITOR_EA_KEY_PREFIX) with this suffix added.
-      # So for the Title Editor key 'xolo-<title>', we'll also have
-      # a matching normal EA called 'xolo-<title>-installed-version'
-      JAMF_NORMAL_EA_NAME_SUFFIX = '-installed-version'
-
-      JAMF_INSTALLED_GROUP_NAME_SUFFIX = '-installed'
-      JAMF_FROZEN_GROUP_NAME_SUFFIX = '-frozen'
-
-      JAMF_UNINSTALL_SUFFIX = '-uninstall'
-      JAMF_EXPIRE_SUFFIX = '-expire'
+      JAMF_INSTALLED_GROUP_NAME_SUFFIX = 'installed'
+      JAMF_FROZEN_GROUP_NAME_SUFFIX = 'frozen'
+      JAMF_MANUAL_INSTALL_RELEASED_POL_SUFFIX = 'install'
+      JAMF_UNINSTALL_SUFFIX = 'uninstall'
+      JAMF_EXPIRE_SUFFIX = 'expire'
 
       # the expire policy will run this client command,
       # appending the title
@@ -164,20 +137,6 @@ module Xolo
         title_dirs.map(&:basename).map(&:to_s)
       end
 
-      # @return [String] The key and display name of a version script stored
-      #   in the title editor as the ExtAttr for a given title
-      #####################
-      def self.ted_ea_key(title)
-        "#{TITLE_EDITOR_EA_KEY_PREFIX}#{title}"
-      end
-
-      # @return [String] The display name of a version script as a normal
-      #   EA in Jamf, which can be used in Smart Groups and Adv Searches.
-      #####################
-      def self.jamf_normal_ea_name(title)
-        "#{ted_ea_key(title)}#{JAMF_NORMAL_EA_NAME_SUFFIX}"
-      end
-
       # The title dir for a given title on the server,
       # which may or may not exist.
       #
@@ -228,7 +187,8 @@ module Xolo
       # for the given title
       #
       # NOTE: All instantiation should happen using the #instantiate_title method
-      # in the server app instance. Please don't call this method directly
+      # in the server app instance, or related methods like all_title_objects.
+      # Please don't call this method directly
       #
       # @pararm title [String] the title we care about
       # @return [Xolo::Server::Title] load an existing title
@@ -239,6 +199,10 @@ module Xolo
         new parse_json(title_data_file(title).read)
       end
 
+      # Does this title exist in the title editor.
+      # WARNING: Being in the title editor doesn't necessarily mean that this title
+      # is managed
+      #
       # @param title [String] the title we are looking for
       # @pararm cnx [Windoo::Connection] The Title Editor connection to use
       # @return [Boolean] Does the given title exist in the Title Editor?
@@ -325,9 +289,6 @@ module Xolo
       # @return [Xolo::Server::App] our Sinatra server app
       attr_accessor :server_app_instance
 
-      # @return [Integer] The Windoo::SoftwareTitle#softwareTitleId
-      attr_accessor :ted_id_number
-
       # when applying updates, the new data from xadm is stored
       # here so it can be accessed by update-methods
       # and compared to the current instance values
@@ -363,6 +324,13 @@ module Xolo
       #   version being released
       attr_accessor :releasing_version
 
+      # @return [String] The jamf ID of the patch source for this title
+      #   if the title is subscribed. Managed titles are all in the Title Editor source.
+      attr_accessor :jamf_patch_source_id
+
+      # @return [String] The prefix for all jamf objects for this title, which is 'xolo-<title>' or 'xolotest-<title>' for test server
+      attr_reader :jamf_obj_name_pfx
+
       # version_order is defined in ATTRIBUTES
       alias versions version_order
 
@@ -376,19 +344,24 @@ module Xolo
       def initialize(data_hash)
         super
 
-        @ted_id_number ||= data_hash[:ted_id_number]
-        @jamf_patch_title_id ||= data_hash[:jamf_patch_title_id]
+        # ted_id_number and jamf_patch_title_id are now defined in parent classes ATTRIBUTES so are set by super
+
         @version_order ||= []
+
         @new_data_for_update = {}
         @changes_for_update = {}
-        @jamf_installed_group_name = "#{Xolo::Server::JAMF_OBJECT_NAME_PFX}#{data_hash[:title]}#{JAMF_INSTALLED_GROUP_NAME_SUFFIX}"
-        @jamf_frozen_group_name = "#{Xolo::Server::JAMF_OBJECT_NAME_PFX}#{data_hash[:title]}#{JAMF_FROZEN_GROUP_NAME_SUFFIX}"
 
-        @jamf_manual_install_released_policy_name = "#{Xolo::Server::JAMF_OBJECT_NAME_PFX}#{data_hash[:title]}-install"
+        @jamf_obj_name_pfx = "#{jamf_obj_name_pfx_base}#{data_hash[:title]}"
+        @jamf_installed_group_name = "#{jamf_obj_name_pfx}-#{JAMF_INSTALLED_GROUP_NAME_SUFFIX}"
+        @jamf_frozen_group_name = "#{jamf_obj_name_pfx}-#{JAMF_FROZEN_GROUP_NAME_SUFFIX}"
+
+        @jamf_manual_install_released_policy_name = "#{jamf_obj_name_pfx}-#{JAMF_MANUAL_INSTALL_RELEASED_POL_SUFFIX}"
+
+        @jamf_uninstall_script_name = "#{jamf_obj_name_pfx}-#{JAMF_UNINSTALL_SUFFIX}"
+        @jamf_uninstall_policy_name = "#{jamf_obj_name_pfx}-#{JAMF_UNINSTALL_SUFFIX}"
+        @jamf_expire_policy_name = "#{jamf_obj_name_pfx}-#{JAMF_EXPIRE_SUFFIX}"
 
-        @jamf_uninstall_script_name = "#{Xolo::Server::JAMF_OBJECT_NAME_PFX}#{data_hash[:title]}#{JAMF_UNINSTALL_SUFFIX}"
-        @jamf_uninstall_policy_name = "#{Xolo::Server::JAMF_OBJECT_NAME_PFX}#{data_hash[:title]}#{JAMF_UNINSTALL_SUFFIX}"
-        @jamf_expire_policy_name = "#{Xolo::Server::JAMF_OBJECT_NAME_PFX}#{data_hash[:title]}#{JAMF_EXPIRE_SUFFIX}"
+        # DO NOT USE jamf_cnx here, it comes from the server app instance, which is not set until after initialization.
       end
 
       # Instance Methods
@@ -402,10 +375,12 @@ module Xolo
         # @session ||= {}
       end
 
+      # This can be manually set earlier in the request handling to use a non-standard
+      # admin username
       # @return [String]
       ###################
       def admin
-        session[:admin]
+        @admin ||= session[:admin]
       end
 
       # @return [Boolean] Are we creating this title?
@@ -438,6 +413,22 @@ module Xolo
         current_action == :releasing
       end
 
+      # TODO: Remove this when everything has been repaired for v2
+      # and all json files know this value
+      #######################
+      def jamf_patch_title_id
+        return @jamf_patch_title_id if @jamf_patch_title_id
+
+        log_debug "Getting jamf_patch_title_id for title '#{title}'"
+
+        self.jamf_patch_title_id =
+          if managed?
+            jamf_active_managed_titles[title]
+          else
+            jamf_active_subscribed_titles[title]
+          end
+      end
+
       # Append a message to the progress stream file,
       # optionally sending it also to the log
       #
@@ -448,8 +439,8 @@ module Xolo
       #
       # @return [void]
       ###################
-      def progress(msg, log: :debug)
-        server_app_instance.progress msg, log: log
+      def progress(msg, log: :debug, alert: false)
+        server_app_instance.progress msg, log: log, alert: alert
       end
 
       # @return [Windoo::Connection] a single Title Editor connection to use for
@@ -589,13 +580,6 @@ module Xolo
         template_file.read
       end
 
-      # @return [String] The display name of a version script as a normal
-      #   EA in Jamf, which can be used in Smart Groups and Adv Searches.
-      #####################
-      def jamf_normal_ea_name
-        @jamf_normal_ea_name ||= self.class.jamf_normal_ea_name title
-      end
-
       # prepend a new version to the version_order
       #
       # @param version [String] the version to prepend
@@ -603,11 +587,8 @@ module Xolo
       # @return [void]
       ########################
       def prepend_version(version)
-        lock
         version_order.unshift version
         save_local_data
-      ensure
-        unlock
       end
 
       # remove a version from the version_order
@@ -670,8 +651,13 @@ module Xolo
         self.created_by = admin
         log_debug "creation_date: #{creation_date}, created_by: #{created_by}"
 
+        log_debug "TitleData at #create: #{to_h}"
+
         # this will create the title as needed in the Title Editor
+        log_debug "Display Name before creating in ted: #{display_name}"
         create_title_in_ted
+
+        log_debug "Display Name before creating in jamf: #{display_name}"
         create_title_in_jamf
 
         # save to file last, because saving to TitleEd and Jamf will
@@ -679,6 +665,16 @@ module Xolo
         progress 'Saving title data to Xolo server'
         save_local_data
 
+        if subscribed?
+          # create version for latest available
+          # - either autopkg or notification to upload.
+          # See also Helpers::Subscriptions.process_patch_title_updated_webhook
+          Xolo::Server::Version.add_version_via_subscription(
+            title_object: self,
+            new_version: patch_versions(version: :latest)[0][:version]
+          )
+        end # if subscribed
+
         log_change msg: 'Title Created'
 
         # ssvc icon is uploaded in a separate process, and the
@@ -776,6 +772,9 @@ module Xolo
       # @return [void]
       ##########################
       def save_local_data
+        # If we don't have a patch source id yet, get it now
+        self.jamf_patch_source_id ||= Jamf::PatchSource.valid_id(patch_source, cnx: jamf_cnx) if patch_source
+
         # create the dirs for the title
         title_dir.mkpath
         vdir = title_dir + Xolo::Server::Version::VERSIONS_DIRNAME
@@ -838,6 +837,17 @@ module Xolo
         self.uninstall_script &&= Xolo::ITEM_UPLOADED
       end
 
+      # Is AutoPkg integration enabled for the server and title?
+      # This overrides the method in core title, which just checks for the presence of the recipe and dir.
+      ###############################
+      def autopkg_enabled?
+        return @autopkg_enabled if defined?(@autopkg_enabled)
+
+        @autopkg_enabled = server_app_instance.autopkg_enabled? && \
+                           autopkg_recipe && \
+                           autopkg_dir
+      end
+
       # are we uninstallable?
       #
       # @return [Boolean]
@@ -908,10 +918,10 @@ module Xolo
         version_objects.reverse.each do |vers|
           # vers might be nil if it was already deleted
           # e.g. a prev. attempt to delete the title failed partway through
-          vers&.delete update_title: false
+          vers&.delete update_title: false, deleting_title: true
         end
 
-        delete_title_from_ted
+        delete_title_from_ted unless subscribed?
 
         delete_title_from_jamf
 
@@ -940,6 +950,9 @@ module Xolo
 
         update_versions_for_release version_to_release
 
+        # the jamf 'manual install released' policy for the new release
+        # is updated in the release_version method below
+
         # update the title
         self.released_version = version_to_release
         save_local_data
@@ -1008,8 +1021,14 @@ module Xolo
         progress msg, log: :info
 
         pol = jamf_manual_install_released_policy
-        pol.package_ids.each { |pid| pol.remove_package pid }
-        pol.add_package vobj.jamf_pkg_id
+        toggle_jamf_manual_install_released_policy pol, vobj
+
+        if self_service?
+          add_title_to_self_service(pol)
+        else
+          remove_title_from_self_service(pol)
+        end
+
         pol.save
       end
 
@@ -1058,7 +1077,6 @@ module Xolo
       #
       # Then look at the various Jamf objects pertaining to this title, and ensure they are correct
       #   - Accept Patch EA
-      #   - Normal EA 'xolo-<title>-installed-version'
       #   - title-installed smart group 'xolo-<title>-installed'
       #   - frozen static group 'xolo-<title>-frozen'
       #   - manual/SSvc install-current-release policy 'xolo-<title>-install'
@@ -1085,6 +1103,7 @@ module Xolo
         progress "Starting repair of title '#{title}'"
         repair_ted_title
         repair_jamf_title_objects
+        save_local_data
         return unless repair_versions
 
         version_objects.each do |vobj|
@@ -1114,7 +1133,7 @@ module Xolo
 
         exp = Time.now + Xolo::Server::ObjectLocks::OBJECT_LOCK_LIMIT
         Xolo::Server.object_locks[title][:expires] = exp
-        log_debug "Locked title '#{title}' for updates until #{exp}"
+        log_debug "Locked title '#{title}' for updates until #{exp}, by method #{caller_locations.first.label}"
       end
 
       # Unlock this v for updates
@@ -1131,7 +1150,11 @@ module Xolo
       ###########################
       def to_h
         hash = super
+
+        # TODO: remove these after 'repairing' everything for v2
         hash[:ted_id_number] = ted_id_number
+        hash[:jamf_patch_title_id] = jamf_patch_title_id
+
         hash[:ssvc_icon_id] = ssvc_icon_id
         hash
       end