xolo-server 1.0.1 → 2.0.2

data/lib/xolo/server/mixins/title_ted_access.rb

@@ -65,6 +65,11 @@ module Xolo
         # @return [Windoo::SoftwareTitle]
         ##########################
         def create_title_in_ted
+          if subscribed?
+            log_debug "Title Editor: SoftwareTitle '#{title}' is subscribed, skipping Title Editor creation"
+            return
+          end
+
           # delete an old one if its there
           ted_title&.delete if Windoo::SoftwareTitle.all_ids(cnx: ted_cnx).include? title
 
@@ -173,6 +178,10 @@ module Xolo
         # @return [void]
         ##########################
         def update_title_in_ted
+          if subscribed?
+            log_debug "Title Editor: SoftwareTitle '#{title}' is subscribed, skipping Title Editor update"
+            return
+          end
           return unless changes_for_update
 
           unless any_ted_changes?
@@ -217,10 +226,12 @@ module Xolo
           req_change = requirement_change
           return unless req_change
 
-          new_app_name = changes_for_update.dig :app_name, :new
-          new_app_bundle_id = changes_for_update.dig :app_bundle_id, :new
           new_ea_script = changes_for_update.dig :version_script, :new
 
+          # if either of these are nil in changes, then use the existing value
+          new_app_name = changes_for_update.dig(:app_name, :new) || app_name
+          new_app_bundle_id = changes_for_update.dig(:app_bundle_id, :new) || app_bundle_id
+
           case req_change
           when :app_to_ea
             # create the ea
@@ -241,6 +252,7 @@ module Xolo
           when :update_app
             # set the requirement to use the new app data
             set_ted_title_requirement app_name: new_app_name, app_bundle_id: new_app_bundle_id
+
             # for all versions, update the patch compotent criteria to use the new app data
             set_ted_patch_component_criteria_after_update app_name: new_app_name, app_bundle_id: new_app_bundle_id
 
@@ -292,11 +304,19 @@ module Xolo
           end
         end
 
+        # In the TitleEditor, the version script is
+        # stored as an Extension Attribute - each title can
+        # only have one.
+        # and it needs a 'key', which is the name used to indicate the
+        # EA in various criteria, and is the EA name in Jamf Patch.
+        # The key is jamf_obj_name_pfx on the title
+        # so for title 'foobar', it is 'xolo-foobar' or 'xolotest-foobar' for test servers
+        # That value is also used as the display name
         # @return [String] The key and display name of a version script stored
         #   in the title editor as the ExtAttr for this title
         #####################
         def ted_ea_key
-          @ted_ea_key ||= self.class.ted_ea_key title
+          @ted_ea_key ||= "#{jamf_obj_name_pfx_base}#{title}"
         end
 
         # Create the EA in the Title Editor
@@ -470,6 +490,8 @@ module Xolo
         # @return [String] the URL for the title in the Title Editor
         #####################
         def ted_title_url
+          return unless managed?
+
           "https://#{Xolo::Server.config.ted_hostname}/softwaretitles/#{ted_id_number}"
         end
 
@@ -482,6 +504,10 @@ module Xolo
         # @return [void]
         ############################
         def repair_ted_title
+          if subscribed?
+            log_debug "Title Editor: SoftwareTitle '#{title}' is subscribed, skipping Title Editor repair"
+            return
+          end
           progress "Title Editor: Repairing SoftwareTitle '#{title}'", log: :info
 
           # TODO: version order??

data/lib/xolo/server/mixins/version_jamf_access.rb

@@ -26,29 +26,24 @@ module Xolo
 
         # The group of macs with this version installed
         # is named the full prefix plus this suffix.
-        JAMF_SMART_GROUP_NAME_INSTALLED_SFX = '-installed'
+        JAMF_SMART_GROUP_NAME_INSTALLED_SFX = 'installed'
 
         # The policy that does initial installs on-demand
         # (via 'xolo install <title> <version') is named the full
         # prefix plus this suffix.
-        JAMF_POLICY_NAME_MANUAL_INSTALL_SFX = '-manual-install'
+        JAMF_POLICY_NAME_MANUAL_INSTALL_SFX = 'manual-install'
 
         # The policy that does auto-installs is named the full
         # prefix plus this suffix.
         # The scope is changed as needed when a version's status
         # changes
-        JAMF_POLICY_NAME_AUTO_INSTALL_SFX = '-auto-install'
+        JAMF_POLICY_NAME_AUTO_INSTALL_SFX = 'auto-install'
 
         # The policy that does auto-re-installs is named the full
         # prefix plus this suffix.
         # The scope is changed as needed when a version's status
         # changes
-        JAMF_POLICY_NAME_AUTO_REINSTALL_SFX = '-auto-reinstall'
-
-        # How long to wait after a pkg re-upload before creating/enabling/flushing
-        # the auto-reinstall policy
-        # See TODO in #wait_to_enable_reinstall_policy
-        JAMF_AUTO_REINSTALL_WAIT_SECS = 15 * 60
+        JAMF_POLICY_NAME_AUTO_REINSTALL_SFX = 'auto-reinstall'
 
         # POLICIES, PATCH POLICIES, SCOPING
         #############################
@@ -197,7 +192,11 @@ module Xolo
           jamf_auto_install_policy
           jamf_manual_install_policy
 
-          activate_patch_version_in_jamf
+          if subscribed?
+            activate_subscribed_patch_version_in_jamf
+          else
+            activate_managed_patch_version_in_jamf
+          end
         end
 
         # Apply edits to the Xolo version to Jamf as needed
@@ -276,8 +275,6 @@ module Xolo
           # Delete package object
           # This is slow and it blocks, so do it in a thread and update progress every
           # 15 secs
-          return unless Jamf::JPackage.valid_id packageName: jamf_pkg_name, cnx: jamf_cnx
-
           delete_jamf_package
 
           # The code below is used when we want real-time progress updates to xadm
@@ -321,6 +318,8 @@ module Xolo
           @jamf_package =
             if id
               log_debug "Jamf: Fetching Jamf::JPackage '#{id}'"
+              self.jamf_pkg_id = id # in case we only had the name before, now we have the id, so save it
+              save_local_data
               Jamf::JPackage.fetch id: id, cnx: jamf_cnx
             else
               return if deleting?
@@ -329,10 +328,16 @@ module Xolo
             end
         end
 
+        # @return [Boolean] does the jamf_package exist?
+        #########################
+        def jamf_package_exist?
+          !Jamf::JPackage.valid_id(packageName: jamf_pkg_name, cnx: jamf_cnx).nil?
+        end
+
         # @return [Jamf::JPackage] Create the Jamf::JPackage object for this version and return it
         #########################
         def create_jamf_package
-          progress "Jamf: Creating Package object '#{jamf_pkg_name}'", log: :info
+          progress "Jamf: Creating Jamf::JPackage '#{jamf_pkg_name}'", log: :info
 
           # The filename is temporary, and will be replaced when the file is uploaded
           pkg = Jamf::JPackage.create(
@@ -442,13 +447,13 @@ module Xolo
         # @return [void]
         #########################
         def delete_jamf_package
-          pkg_id = Jamf::JPackage.valid_id packageName: jamf_pkg_name, cnx: jamf_cnx
+          pkg_id = jamf_pkg_id || Jamf::JPackage.valid_id(packageName: jamf_pkg_name, cnx: jamf_cnx)
           return unless pkg_id
 
           msg = "Jamf: Starting deletion of Package '#{jamf_pkg_name}' id #{jamf_pkg_id} at #{Time.now.strftime '%F %T'}"
           progress msg, log: :info
 
-          warning = +"IMPORTANT: Package deletion is slow. If you plan to re-add this version, '#{version}', please\n  "
+          warning = +"IMPORTANT: Package deletion can be slow. If you plan to re-add this version, '#{version}', please\n  "
           warning <<
             if Xolo::Server.config.alert_tool
               'check your Xolo alerts for completion, which can take up to 5 minutes,'
@@ -685,8 +690,6 @@ module Xolo
             )
           else
             return if deleting?
-            # don't create unless there's been a re-upload of the pkg
-            return unless reupload_date
 
             create_jamf_installed_group
           end
@@ -736,51 +739,20 @@ module Xolo
         # The criteria for the smart group in Jamf that contains all Macs
         # with this version of this title installed
         #
-        # If we have, or are about to update to, a version_script (EA) then use it,
-        # otherwise use the app_name and app_bundle_id.
+        # We use the "Patch Reporting: #{title_object.display_name}" criterion so that we don't
+        # care whether the title uses a version-script or app data.
         #
         # @return [Array<Jamf::Criteriable::Criterion>]
         ###################################
         def jamf_installed_group_criteria
-          # does this title use an app bundle?
-          if title_object.app_name
-            [
-              Jamf::Criteriable::Criterion.new(
-                and_or: :and,
-                name: 'Application Title',
-                search_type: 'is',
-                value: title_object.app_name
-              ),
-
-              Jamf::Criteriable::Criterion.new(
-                and_or: :and,
-                name: 'Application Bundle ID',
-                search_type: 'is',
-                value: title_object.app_bundle_id
-              ),
-
-              Jamf::Criteriable::Criterion.new(
-                and_or: :and,
-                name: 'Application Version',
-                search_type: 'is',
-                value: version
-              )
-            ]
-
-          # if not, it must have a version script
-          elsif title_object.version_script
-            [
-              Jamf::Criteriable::Criterion.new(
-                and_or: :and,
-                name: title_object.jamf_normal_ea_name,
-                search_type: 'is',
-                value: version
-              )
-            ]
-
-          else
-            raise Xolo::Core::Exceptions::InvalidDataError, "Title #{title} has neither a version_script nor a defined app bundle."
-          end
+          [
+            Jamf::Criteriable::Criterion.new(
+              and_or: :or,
+              name: "Patch Reporting: #{title_object.display_name}",
+              search_type: 'is',
+              value: version
+            )
+          ]
         end
 
         #########################
@@ -800,7 +772,7 @@ module Xolo
         # @return [Boolean] does the jamf_auto_reinstall_policy exist?
         ##########################
         def jamf_auto_reinstall_policy_exist?
-          Jamf::Policy.all_names(cnx: jamf_cnx).include? jamf_auto_reinstall_policy_name
+          Jamf::Policy.all_names(:refresh, cnx: jamf_cnx).include? jamf_auto_reinstall_policy_name
         end
 
         # Create or fetch the auto re-install policy for this version
@@ -814,8 +786,6 @@ module Xolo
               Jamf::Policy.fetch(name: jamf_auto_reinstall_policy_name, cnx: jamf_cnx)
             else
               return if deleting?
-              # don't create unless there's been a re-upload of the pkg
-              return unless reupload_date
 
               create_jamf_auto_reinstall_policy
             end
@@ -845,6 +815,9 @@ module Xolo
         # @param pol [Jamf::Policy] the policy to configure
         ######################
         def configure_jamf_auto_reinstall_policy(pol)
+          # this creates the installed group if it doesn't already exist
+          jamf_installed_group
+
           pol.category = Xolo::Server::JAMF_XOLO_CATEGORY
           pol.set_trigger_event :checkin, true
           pol.set_trigger_event :custom, Xolo::BLANK
@@ -852,7 +825,7 @@ module Xolo
           pol.recon = false
           pol.retry_event = :checkin
           pol.retry_attempts = 5
-          pol.scope.set_targets :computer_groups, [jamf_installed_group_name]
+          pol.scope.set_targets :computer_groups, [jamf_installed_group.name]
 
           # exclusions are for always
           set_policy_exclusions pol
@@ -876,41 +849,6 @@ module Xolo
           @jamf_auto_reinstall_policy_url = "#{jamf_gui_url}/policies.html?id=#{pol_id}&o=r"
         end
 
-        # This will start a thread
-        # that will wait some period of time (to allow for pkg uploads
-        # to complete) before enabling and flushing the logs for the reinstall policy.
-        # This will make all macs with this version installed get it re-installed.
-        # @return [void]
-        def wait_to_enable_reinstall_policy
-          return if @enable_reinstall_policy_thread&.alive?
-          return unless reupload_date
-
-          # TODO: some setting to determine how long to wait?
-          # - If uploading via the Jamf API, we need to give it time
-          #   to then upload the file to the cloud distribution point
-          # - If uploading via a custom tool, we need to give that
-          #   tool time to re-upload to wherever it uploads to
-          # - May need to wait for other non-jamf/non-xolo processes
-          #   to sync the package to other distribution points. This
-          #   might be very site-specific.
-
-          # For now, we wait 15 minutes.
-          wait_time = JAMF_AUTO_REINSTALL_WAIT_SECS
-
-          @enable_reinstall_policy_thread = Thread.new do
-            log_debug "Jamf: Starting enable_reinstall_policy_thread: waiting #{wait_time} seconds before enabling reinstall policy for version #{version} of title #{title}"
-            sleep wait_time
-
-            log_debug "Jamf: enable_reinstall_policy_thread: enabling and flushing logs for reinstall policy for version #{version} of title #{title}"
-
-            pol = jamf_auto_reinstall_policy
-            pol.enable
-            pol.flush_logs
-            pol.save
-          end
-          @enable_reinstall_policy_thread.name = "enable_reinstall_policy_thread-#{title}-#{version}"
-        end
-
         #######  The Jamf Patch Policy
         ###########################################
         ###########################################
@@ -983,10 +921,10 @@ module Xolo
           # a rollback is being done
           ppol.allow_downgrade = false
 
-          # This should always be false, so that
+          # This should default to false, so that
           # we don't accidentally downgrade non-xolo test installs,
           # or server-pushed updates (like with commvault or cisco VPN)
-          ppol.patch_unknown = false
+          ppol.patch_unknown = patch_unknown ? true : false
 
           ppol.enable
 
@@ -1006,10 +944,10 @@ module Xolo
           ppol.name = jamf_patch_policy_name
           ppol.target_version = version
 
-          # This should always be false, so that
+          # This should default tofalse, so that
           # we don't accidentally downgrade non-xolo test installs,
           # or server-pushed updates (like with commvault or cisco VPN)
-          ppol.patch_unknown = false
+          ppol.patch_unknown = patch_unknown ? true : false
 
           if pilot?
             set_policy_pilot_groups ppol
@@ -1296,7 +1234,14 @@ module Xolo
           @jamf_patch_version = title_object.jamf_patch_title.versions[version]
           return @jamf_patch_version if @jamf_patch_version
 
-          # TODO: wait for it to appear when adding?
+          if repairing?
+            # if we're repairing, and the version isn't visible in Jamf, then
+            # jamf polled the title editor in the few moments it was disabled.
+            # and jamf will see it again within 5 minutes.
+            return nil
+          end
+
+          # TODO: wait for it to appear when adding, or re-appear when repairing?
           msg = "Jamf: Version '#{version}' of Title '#{title}' is not visible in Jamf. Is the Patch enabled in the Title Editor?"
           log_error msg
           raise Xolo::NoSuchItemError, msg
@@ -1310,7 +1255,7 @@ module Xolo
         #
         # @return [void]
         #########################
-        def activate_patch_version_in_jamf
+        def activate_managed_patch_version_in_jamf
           # don't do this if there's already one running for this instance
           if @activate_patch_version_thread&.alive?
             log_debug "Jamf: activate_patch_version_thread already running. Caller: #{caller_locations.first}"
@@ -1342,13 +1287,7 @@ module Xolo
             end
 
             if did_it
-              assign_pkg_to_patch_in_jamf
-              # give jamf a moment to catch up and refresh the patch title
-              # so we see the pkg has been assigned
-              sleep 2
-              title_object.jamf_patch_title(refresh: true)
-
-              create_jamf_patch_policy
+              activate_patch_version_in_jamf
               msg = "Jamf: Version '#{version}' of title '#{title}' is now visible in Jamf Pro. Package assigned and Patch policy created."
               log_info msg, alert: true
             else
@@ -1359,6 +1298,37 @@ module Xolo
           @activate_patch_version_thread.name = "activate_patch_version_thread-#{title}-#{version}"
         end
 
+        # Patches for subscribed titles are already visible in Jamf Patch Management
+        # So we just need to assign the pkg to the patch version, and create the patch policy.
+        ##########################
+        def activate_subscribed_patch_version_in_jamf
+          msg = "Jamf: Assigning package and creating patch policy for version '#{version}' of subscribed title '#{title}'"
+          log_info msg
+          activate_patch_version_in_jamf
+        end
+
+        # Assign the package for this version to the Jamf::PatchTitle::Version in Jamf
+        # and create the patch policy for this version.
+        #
+        # @return [void]
+        ##########################
+        def activate_patch_version_in_jamf
+          log_debug "Jamf: Activating patch version in Jamf for version '#{version}' of title '#{title}'"
+
+          # create the Jamf::JPackage object if needed
+          jamf_package
+          title_object.jamf_patch_title(refresh: true)
+          sleep 3
+
+          assign_pkg_to_patch_in_jamf
+          # give jamf a moment to catch up and refresh the patch title
+          # so we see the pkg has been assigned
+          sleep 2
+          title_object.jamf_patch_title(refresh: true)
+
+          create_jamf_patch_policy
+        end
+
         # Assign the Package to the Jamf::PatchTitle::Version for this Xolo version.
         # This 'activates' the version in Jamf Patch, and must happen before
         # patch policies can be created
@@ -1374,10 +1344,23 @@ module Xolo
         # @return [void]
         ########################################
         def assign_pkg_to_patch_in_jamf
-          log_info "Jamf: Assigning package '#{jamf_pkg_name}' to patch version '#{version}' of title '#{title}'"
+          patch_vers_obj = jamf_patch_version
+
+          if patch_vers_obj.nil? && repairing?
+            msg = "Jamf: Cant re-assign package '#{jamf_pkg_name}' to patch version '#{version}' of title '#{title}' at this time. If there are problems with it, try 'repair' again later."
+            progress msg, log: :info
+            return
+          end
+
+          progress "Jamf: Assigning package '#{jamf_pkg_name}' to patch version '#{version}' of title '#{title}'", log: :info
+
+          log_debug "Jamf: jamf_patch_version is: #{patch_vers_obj}"
+
+          patch_vers_obj.package = jamf_pkg_name
+          log_debug "Jamf: jamf_patch_version after assignment is: #{patch_vers_obj}"
 
-          jamf_patch_version.package = jamf_pkg_name
           title_object.jamf_patch_title.save
+          log_debug 'Jamf: Saved jamf_patch_title after assigning package to version.'
         end
 
         # Get the patch report for this version

data/lib/xolo/server/mixins/version_ted_access.rb

@@ -48,6 +48,19 @@ module Xolo
         # @return [void]
         ##########################
         def create_patch_in_ted
+          if subscribed?
+            log_debug "Title Editor: SoftwareTitle '#{title}' is subscribed, skipping Title Editor patch creation"
+            return
+          end
+
+          # if the patch exists, remove and recreate it
+          if ted_patch
+            progress "Title Editor: Patch '#{version}' of SoftwareTitle '#{title}' already exists, removing & readding it..."
+            ted_title.patches.delete_patch ted_patch.patchId
+            sleep 2
+            ted_patch(refresh: true)
+          end
+
           progress "Title Editor: Creating Patch '#{version}' of SoftwareTitle '#{title}'", log: :info
           ted_title.patches.add_patch(
             version: version,
@@ -75,6 +88,11 @@ module Xolo
         # @return [void]
         ##########################
         def update_patch_in_ted
+          if subscribed?
+            log_debug "Title Editor: SoftwareTitle '#{title}' is subscribed, skipping Title Editor patch update"
+            return
+          end
+
           progress "Title Editor: Updating Patch '#{version}' SoftwareTitle '#{title}'", log: :info
 
           Xolo::Server::Version::ATTRIBUTES.each do |attr, deets|
@@ -340,12 +358,19 @@ module Xolo
         # @return [String] the URL for the Title Editor Web App page for this patch
         ###################################
         def ted_patch_url
+          return unless managed?
+
           "https://#{Xolo::Server.config.ted_hostname}/patches/#{ted_id_number}"
         end
 
         # Ensure all the TEd items for this version are correct based on the server data.
         #########################
         def repair_ted_patch
+          if subscribed?
+            log_debug "Title Editor: SoftwareTitle '#{title}' is subscribed, skipping Title Editor patch repair"
+            return
+          end
+
           progress "Title Editor: Repairing Patch '#{version}' of SoftwareTitle '#{title}'", log: :info
 
           Xolo::Server::Version::ATTRIBUTES.each do |attr, deets|

data/lib/xolo/server/object_locks.rb

@@ -27,7 +27,8 @@ module Xolo
       end
 
       # How many seconds are update locks valid for?
-      OBJECT_LOCK_LIMIT = 60 * 60
+      # 15 min
+      OBJECT_LOCK_LIMIT = 60 * 15
 
       # The locks for titles and versions - when they are being created or updated
       # they appear in this data structure with an expiration timestamp.

data/lib/xolo/server/routes/auth.rb

@@ -16,7 +16,7 @@ module Xolo
 
       module Auth
 
-        # This is how we 'mix in' modules to Sinatra servers:
+        # This is how we 'extend' modules to Sinatra servers:
         # We make them extentions here with
         #    extend Sinatra::Extension (from sinatra-contrib)
         # and then 'register' them in the server with
@@ -33,7 +33,7 @@ module Xolo
         # Auth a Xolo Admin via Jamf API login
         # Must be a member of the Jamf Admin group
         # named in Xolo::Server.config.admin_jamf_group
-        # before
+        # NOTE: This cannot be an API Client - must be a real user account
         ###################
         post '/auth/login' do
           request.body.rewind

data/lib/xolo/server/routes/jamf_pro.rb

@@ -16,7 +16,7 @@ module Xolo
 
       module JamfPro
 
-        # This is how we 'mix in' modules to Sinatra servers
+        # This is how we 'extend' modules to Sinatra servers
         # for route definitions and similar things
         #
         # (things to be 'included' for use in route and view processing
@@ -80,6 +80,16 @@ module Xolo
           jcnx&.disconnect
         end
 
+        # A list of all currently available titles that can be subscribed to
+        ###############
+        get '/jamf/available-titles-for-subscription' do
+          log_debug "Jamf: Fetching titles available for subscription for #{session[:admin]}"
+          jcnx = jamf_cnx
+          body available_titles_for_subscription
+        ensure
+          jcnx&.disconnect
+        end
+
       end # Module
 
     end #  Routes

data/lib/xolo/server/routes/maint.rb

@@ -16,7 +16,7 @@ module Xolo
 
       module Maint
 
-        # This is how we 'mix in' modules to Sinatra servers:
+        # This is how we 'extend' modules to Sinatra servers:
         # We make them extentions here with
         #    extend Sinatra::Extension (from sinatra-contrib)
         # and then 'register' them in the server with
@@ -52,6 +52,7 @@ module Xolo
             uptime: uptime_secs.pix_humanize_secs,
             uptime_secs: uptime_secs,
             app_env: Xolo::Server.app_env,
+            test_server: Xolo::Server.test_server?,
             data_dir: Xolo::Server::DATA_DIR,
             log_file: Xolo::Server::Log::LOG_FILE,
             log_level: Xolo::Server::Log::LEVELS[Xolo::Server.logger.level],