xolo-server 1.0.1 → 2.0.2

data/lib/xolo/server/helpers/notification.rb

@@ -27,7 +27,7 @@ module Xolo
 
         DFT_EMAIL_FROM = 'xolo-server-do-not-reply'
 
-        ALERT_TOOL_EMAIL_PREFIX = 'email:'
+        ALERT_TOOL_EMAIL_PREFIX = 'mailto:'
 
         # Module Methods
         #######################
@@ -45,7 +45,8 @@ module Xolo
         # Send a message thru the alert_tool, if one is defined in the config.
         #
         # Messages are prepended with "#{level} ALERT: "
-        # This should be called by passing alert: true to one of the
+        #
+        # This should be called by passing 'alert: true' to one of the
         # logging wrapper methods
         #
         # @param msg [String] the message to send
@@ -136,7 +137,7 @@ module Xolo
           @server_fqdn ||= Addrinfo.getaddrinfo(Socket.gethostname, nil).first.getnameinfo.first
         end
 
-      end # Log
+      end # Notification
 
     end # Helpers
 

data/lib/xolo/server/helpers/pkg_signing.rb

@@ -44,21 +44,25 @@ module Xolo
         ##############################
 
         # do we need to sign a pkg?
-        # TODO: sign zipped bundle installers? prob not, they shouldn't be used anymore
-        # (I'm looking at YOU Adobe)
         # @param pkg [Pathname] Path to a .pkg to see if it's signed.
+        # @param version [Xolo::Server::Version] the version that is being uploaded/re-uploaded
         # @return [Boolean] should we sign it?
-        def need_to_sign?(pkg)
-          log_debug "Checking need to sign uploaded pkg '#{pkg}'"
-          unless Xolo::Server.config.sign_pkgs
-            log_debug "No need to sign '#{pkg.basename}': xolo server is not configured to sign pkgs."
+        #############################
+        def need_to_sign?(pkg, version)
+          log_debug "Checking need to sign uploaded pkg '#{pkg}' for version '#{version.version}' of title '#{version.title}'"
+
+          # if an autopkg pkg and we are not configured to sign autopkg pkgs, then no need to sign
+          if version.pkg_is_from_autopkg && !Xolo::Server.config.sign_autopkg_pkgs
+            log_debug "No need to sign '#{pkg.basename}': version '#{version.version}' of title '#{version.title}' is from autopkg and server is not configured to sign autopkg pkgs."
             return false
-          end
-          if pkg.extname == Xolo::DOT_ZIP
-            log_debug "No need to sign '#{pkg.basename}': It is a compressed .pkg bundle. TODO: maybe support signing these?"
+
+          # if not an autopkg pkg and we are not configured to sign non-autopkg pkgs, then no need to sign
+          elsif !version.pkg_is_from_autopkg && !Xolo::Server.config.sign_pkgs
+            log_debug "No need to sign '#{pkg.basename}': server is not configured to sign pkgs."
             return false
           end
 
+          # is the pkg already signed?
           !pkg_signed?(pkg)
         end
 
@@ -83,7 +87,7 @@ module Xolo
         #
         # @return [void]
         #######################################################
-        def sign_uploaded_pkg(unsigned_pkg, signed_pkg)
+        def sign_pkg(unsigned_pkg, signed_pkg)
           unlock_signing_keychain
 
           sh_unsigned = Shellwords.escape unsigned_pkg.to_s
@@ -99,7 +103,7 @@ module Xolo
 
           msg = "Failed to sign uploaded pkg: #{stdouterr}"
           log_error msg
-          halt 400, { status: 400, error: msg }
+          raise Xolo::Core::Exceptions::ServerError msg
         end
 
         # unlock the pkg signing keychain
@@ -129,7 +133,7 @@ module Xolo
 
           msg = "Error unlocking signing keychain: #{outerrs}"
           log_error msg
-          halt 400, { status: 400, error: msg }
+          raise Xolo::Core::Exceptions::ServerError, msg
         end
 
       end # JamfPro

data/lib/xolo/server/helpers/progress_streaming.rb

@@ -72,7 +72,7 @@ module Xolo
             log_debug 'Thread with_streaming is starting and yielding to block'
             yield
             log_debug 'Thread with_streaming is finished'
-          rescue StandardError => e
+          rescue => e
             progress "ERROR: #{e.class}: #{e}", log: :error
             e.backtrace.each { |l| log_debug "..#{l}" }
           ensure
@@ -141,29 +141,26 @@ module Xolo
         #
         # @return [void]
         ###################
-        def progress(msg, log: :nil)
+        def progress(msg, log: :nil, alert: false)
           # log_debug "Progress method called from #{caller_locations.first}"
 
           progress_stream_file.pix_append "#{msg.chomp}\n"
 
-          unless log
-            # log_debug 'Processed unlogged progress message'
-            return
-          end
+          return unless log
 
           case log
           when :debug
-            log_debug msg
+            log_debug msg, alert: alert
           when :info
-            log_info msg
+            log_info msg, alert: alert
           when :warn
-            log_warn msg
+            log_warn msg, alert: alert
           when :error
-            log_error msg
+            log_error msg, alert: alert
           when :fatal
-            log_fatal msg
+            log_fatal msg, alert: alert
           when :unknown
-            log_unknown msg
+            log_unknown msg, alert: alert
           end
         end
 

data/lib/xolo/server/helpers/subscriptions.rb

@@ -0,0 +1,119 @@
+# Copyright 2025 Pixar
+#
+#    Licensed under the terms set forth in the LICENSE.txt file available at
+#    at the root of this project.
+#
+#
+
+# frozen_string_literal: true
+
+# main module
+module Xolo
+
+  module Server
+
+    module Helpers
+
+      # This is mixed in to Xolo::Server::App (as a helper, available in route processing)
+      #
+      # This holds methods and constants for working with subscribed titles - those
+      # that are managed by other Non-Xolo Patch Sources.
+      #
+      module Subscriptions
+
+        # Constants
+        #####################
+        #####################
+
+        # Module Methods
+        #######################
+        #######################
+
+        # when this module is included
+        def self.included(includer)
+          Xolo.verbose_include includer, self
+        end
+
+        # Instance Methods
+        #######################
+        ######################
+
+        # All available (i.e. not yet subscribed) titles on all patch sources defined in Jamf.
+        # @return [Array<Hash>] the available titles and their sources
+        #####################################
+        def available_titles_for_subscription
+          available = []
+
+          Jamf::PatchSource.all(cnx: jamf_cnx).each do |ps|
+            log_debug "Checking Patch Source #{ps} for available titles"
+            ps = Jamf::PatchSource.fetch id: ps[:id], cnx: jamf_cnx
+            ps.available_titles.each do |t|
+              data = t.merge({ source_id: ps.id, source_name: ps.name })
+              available << data
+            end
+          end
+
+          available
+        end
+
+        # Process an incoming webhook event, possibly for a subscribed title
+        # Do this in a thread so that we can return a 200 response to the webhook immediately,
+        # and do the processing asynchronously (which may involve time-consuming tasks like autopkg runs)
+        #################################
+        def process_patch_title_updated_webhook(req_body)
+          @process_webhook_thread = Thread.new do
+            log_debug "Using a thread for processing PatchSoftwareTitleUpdated webhook event with body: #{req_body}"
+
+            event_data = parse_json(req_body)[:event]
+
+            title_name = event_data[:name]
+            title_id = event_data[:jssID]
+            new_version = event_data[:latestVersion]
+
+            log_debug "Received PatchSoftwareTitleUpdate webhook event for patch title '#{title_name}' (jamf id #{title_id}), new version '#{new_version}'"
+
+            subscribed_title = subscribed_title_objects.select { |tobj| tobj.jamf_patch_title_id.to_i == title_id.to_i }.first
+
+            if subscribed_title
+              msg = +"New version '#{new_version}' is available for subscribed title '#{subscribed_title.title}' (#{subscribed_title.display_name})."
+
+              msg << " Running autopkg recipe '#{subscribed_title.autopkg_recipe}'." if subscribed_title.autopkg_enabled?
+
+              log_info msg
+
+              Xolo::Server::Version.add_version_via_subscription(
+                title_object: subscribed_title,
+                new_version: new_version
+              )
+            else
+              log_debug "Title '#{title_name}' ID #{title_id} is not a subscribed title in Xolo. Ignoring webhook."
+            end
+          rescue => e
+            msg = "Error processing PatchSoftwareTitleUpdated webhook event: #{e.class}: #{e}"
+            log_error msg
+            raise e, msg
+          end # thread
+        end
+
+        # TODO: Delete this method after confirming we don't want it
+        # It wasn't in use when it was commented out.
+        #
+        # Subscribe to a title on a given patch source.
+        # @param source_id [Integer] the id or name of the patch source in Jamf
+        # @param name_id [Integer] the name_id of the title on that patch source
+        # @param display_name [String] an display name for the title
+        # @return [Integer] the id of the new subscribed title, or false on failure
+        #####################################
+        # def subscribe_to_title(source_id:, name_id:, display_name:)
+        #   new_sub = Jamf::PatchTitle.create name: display_name, source_id: source_id, name_id: name_id, cnx: jamf_cnx
+
+        #   new_sub.save
+        # end
+
+      end # Subscriptions
+
+    end # Helpers
+
+  end # Server
+
+end # module Xolo

data/lib/xolo/server/helpers/titles.rb

@@ -40,8 +40,32 @@ module Xolo
         # A an array of all server titles as Title objects
         # @return [Array<Xolo::Server::Title>]
         ############
-        def all_title_objects
-          all_titles.map { |t| instantiate_title t }
+        def all_title_objects(refresh: false)
+          @all_title_objects = nil if refresh
+          return @all_title_objects if @all_title_objects
+
+          log_debug 'Instantiating all titles...'
+          @all_title_objects = all_titles.map { |t| instantiate_title t }
+          log_debug "Instantiated #{@all_title_objects.length} titles."
+          @all_title_objects
+        end
+
+        # A an array of server titles as Title objects, only for subscribed titles
+        # @return [Array<Xolo::Server::Title>]
+        def subscribed_title_objects(refresh: false)
+          @subscribed_title_objects = nil if refresh
+          return @subscribed_title_objects if @subscribed_title_objects
+
+          @subscribed_title_objects = all_title_objects(refresh: refresh).select { |t| t.subscribed? }
+        end
+
+        # A an array of server titles as Title objects, only for managed titles
+        # @return [Array<Xolo::Server::Title>]
+        def managed_title_objects(refresh: false)
+          @managed_title_objects = nil if refresh
+          return @managed_title_objects if @managed_title_objects
+
+          @managed_title_objects = all_title_objects(refresh: refresh).select { |t| t.managed? }
         end
 
         # Instantiate a Server::Title with access to the Sinatra app instance,
@@ -68,7 +92,7 @@ module Xolo
               Xolo::Server::Title.load data
 
             else
-              msg = 'Invalid data to instantiate a Xolo::Server::Title'
+              msg = "Invalid data to instantiate a Xolo::Server::Title: #{data.class}:#{data} "
               log_error msg
 
               halt 400, { status: 400, error: msg }

data/lib/xolo/server/helpers/versions.rb

@@ -53,7 +53,7 @@ module Xolo
         # A list of all known versions of a title
         # @return [Array<Xolo::Server::Version>]
         ############
-        def all_version_instances(title)
+        def all_version_objects(title)
           all_versions(title).map { |v| instantiate_version title: title, version: v }
         end
 
@@ -69,24 +69,33 @@ module Xolo
         # to use for access from the version object to the Sinatra App instance
         # for the session and api connection objects
         #
-        # @param data [Hash] hash to use with .new
         # @param title [String, Xolo::Server::Title] title to use with .load
         # @param version [String] version to use with .load
+        # @param data [Hash] hash to use with .new
         #
         # @return [Xolo::Server::Version]
         #################
-        def instantiate_version(data = nil, title: nil, version: nil)
-          title_obj = nil
+        def instantiate_version(title: nil, version: nil, **data)
+          log_debug "Instantiating version with title: '#{title}' (#{title.class}), version: '#{version},' data: #{data}"
 
-          if data
-            title = data[:title]
-          elsif title.is_a?(Xolo::Server::Title)
+          if title.is_a?(Xolo::Server::Title)
             title_obj = title
             title = title_obj.title
+          elsif data[:title]
+            title = data[:title]
+            title_obj = instantiate_title(title)
+          elsif title
+            title_obj = instantiate_title(title)
+          else
+            halt 400, { status: 400, error: 'Missing title to instantiate a Xolo::Server::Version' }
+            log_error 'Missing title to instantiate a Xolo::Server::Version'
           end
 
           vers =
-            if data.is_a? Hash
+            if !data.empty?
+              # ensure the title and version are in the data
+              data[:title] ||= title
+              data[:version] ||= version
               Xolo::Server::Version.new data
 
             elsif title && version
@@ -95,12 +104,12 @@ module Xolo
 
               Xolo::Server::Version.load title, version
             else
-              msg = 'Invalid data to instantiate a Xolo::Server::Version'
+              msg = "Invalid title, version, or data to instantiate a Xolo::Server::Version: #{data.class}:#{data} "
               log_error msg
               halt 400, { status: 400, error: msg }
             end
 
-          vers.title_object = title_obj || instantiate_title(title)
+          vers.title_object = title_obj
           vers.server_app_instance = self
           vers
         end
@@ -110,6 +119,7 @@ module Xolo
         # @return [void]
         ##################
         def halt_on_missing_version(title, version)
+          log_debug "Checking for missing version '#{version}' of title '#{title}'"
           return if all_versions(title).include? version
 
           msg = "No version '#{version}' for title '#{title}'."
@@ -127,6 +137,8 @@ module Xolo
         # @return [void]
         ##################
         def halt_on_existing_version(title, version)
+          log_debug "Checking for existing version '#{version}' of title '#{title}'"
+
           return unless all_versions(title).include? version
 
           msg = "Version '#{version}' of title '#{title}' already exists."
@@ -151,7 +163,7 @@ module Xolo
           halt 409, { status: 409, error: msg }
         end
 
-      end # TitleEditor
+      end # Versions
 
     end # Helpers
 

data/lib/xolo/server/mixins/changelog.rb

@@ -67,7 +67,11 @@ module Xolo
         # This is so that the changelog can be accessed after the title is deleted.
         ################
         def self.backup_file_dir
-          @backup_file_dir ||= Xolo::Server::BACKUPS_DIR + 'changelogs'
+          return @backup_file_dir if @backup_file_dir&.exist?
+
+          @backup_file_dir = Xolo::Server::BACKUPS_DIR + 'changelogs'
+          @backup_file_dir.mkpath unless @backup_file_dir.exist?
+          @backup_file_dir
         end
 
         # A hash of the read-write locks for each title's changelog file
@@ -184,8 +188,10 @@ module Xolo
         # @return [void]
         #######################
         def log_change(attrib: nil, old_val: nil, new_val: nil, msg: nil)
+          log_debug "Preparing to log change for #{title}: attrib=#{attrib.inspect}, old_val=#{old_val.inspect}, new_val=#{new_val.inspect}, msg=#{msg.inspect}"
+
           raise ArgumentError, 'Must provide attrib: or action:' if !msg && !attrib
-          raise ArgumentError, 'Must provide old: or new: or both with attrib:' if attrib && !old_val && !new_val
+          raise ArgumentError, 'Must provide old: or new: or both with attrib:' if attrib && old_val.nil? && new_val.nil?
 
           # if action, attrib, old, and new are ignored
           attrib, old_val, new_val = nil if msg
@@ -262,19 +268,6 @@ module Xolo
         def log_update_changes
           return unless changes_for_update
 
-          # self.class::ATTRIBUTES.each do |attr, deets|
-          #   next unless deets[:changelog]
-
-          #   new_val = deets[:type] == :time ? Time.parse(new_data_for_update[attr]) : new_data_for_update[attr]
-          #   old_val = send attr
-
-          #   new_val = "'#{new_val.sort.join("', '")}'" if new_val.is_a? Array
-          #   old_val = "'#{old_val.sort.join("', '")}'" if old_val.is_a? Array
-          #   next if new_val == old_val
-
-          #   log_change attrib: attr, old_val: old_val, new_val: new_val
-          # end
-
           changes_for_update.each do |attr, vals|
             log_change attrib: attr, old_val: vals[:old], new_val: vals[:new]
           end
@@ -302,7 +295,7 @@ module Xolo
 
             # final backup
             changelog_backup_file.delete if changelog_backup_file.exist?
-            changelog_file.rename changelog_backup_file
+            changelog_file.rename(changelog_backup_file)
           end
         end