addigy 2.2.3 → 2.4.0

package/index.d.ts

@@ -1,4 +1,4 @@
-import { Extension, IAddigyConfig, IAddigyInternalAuthObject, PPPCInput } from './types';
+import { Extension, FilevaultRequest, IAddigyConfig, IAddigyInternalAuthObject, NotificationSettings, PPPCInput, SupportedOsVersions } from './types';
 export * from './types';
 declare enum AlertStatus {
     Acknowledged = "Acknowledged",
@@ -58,11 +58,16 @@ export declare class Addigy {
         allowedSystemExtensions?: Extension[];
         allowedSystemExtensionTypes?: Extension[];
         allowedTeamIdentifiers?: string[];
-    }): Promise<object>;
+    }): Promise<any>;
+    createNotificationSettingsPolicy(authObject: IAddigyInternalAuthObject, name: string, notificationSettings: NotificationSettings[]): Promise<any>;
+    createCustomProfile(authObject: IAddigyInternalAuthObject, name: string, customProfileText: string, supportedOsVersions: SupportedOsVersions, payloadScope?: 'System' | 'User', is_profile_signed?: boolean): Promise<any>;
+    createMdmProfile(authObject: IAddigyInternalAuthObject, mdmProfile: any): Promise<any>;
+    createFilevaultPolicy(authObject: IAddigyInternalAuthObject, name: string, filevault: FilevaultRequest, payloadPriority?: number): Promise<any>;
     createPPPCPolicy(authObject: IAddigyInternalAuthObject, name: string, pppcPolicy: PPPCInput[]): Promise<any>;
     getMdmConfigurations(authObject: IAddigyInternalAuthObject): Promise<any[]>;
     getMdmConfigurationByName(authObject: IAddigyInternalAuthObject, name: string): Promise<any>;
     getFileVaultKeys(authObject: IAddigyInternalAuthObject): Promise<object[]>;
+    toSnakeCase(text: string): string;
     getApnsCerts(authObject: IAddigyInternalAuthObject, next?: string, previous?: string): Promise<object[]>;
     getAuthObject(): Promise<IAddigyInternalAuthObject>;
     getImpersonationAuthObject(authObject: IAddigyInternalAuthObject, orgId: string): Promise<IAddigyInternalAuthObject>;

package/index.js

@@ -16,6 +16,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.Addigy = void 0;
 const got_1 = __importDefault(require("got"));
 const uuid_1 = require("uuid");
+const plist_1 = __importDefault(require("@expo/plist"));
 __exportStar(require("./types"), exports);
 var AlertStatus;
 (function (AlertStatus) {
@@ -533,7 +534,7 @@ class Addigy {
                 method: 'POST',
                 json: postBody,
             });
-            return res.body;
+            return JSON.parse(res.body);
         }
         catch (err) {
             throw err;
@@ -548,7 +549,7 @@ class Addigy {
                 },
                 method: 'DELETE',
             });
-            return res.body;
+            return JSON.parse(res.body);
         }
         catch (err) {
             throw err;
@@ -613,7 +614,7 @@ class Addigy {
                 method: 'POST',
                 json: { payloads: [payload] },
             });
-            return res.body;
+            return JSON.parse(res.body);
         }
         catch (err) {
             throw err;
@@ -660,7 +661,163 @@ class Addigy {
                 method: 'POST',
                 json: { payloads: [payload] },
             });
-            return res.body;
+            return JSON.parse(res.body);
+        }
+        catch (err) {
+            throw err;
+        }
+    }
+    async createNotificationSettingsPolicy(authObject, name, notificationSettings) {
+        const groupUUID = uuid_1.v4();
+        const payload = {
+            addigy_payload_type: 'com.addigy.notifications.com.apple.notificationsettings',
+            payload_type: 'com.apple.notificationsettings',
+            payload_version: 1,
+            payload_identifier: `com.addigy.notifications.com.apple.notificationsettings.${groupUUID}`,
+            payload_uuid: uuid_1.v4(),
+            payload_group_id: groupUUID,
+            payload_display_name: name,
+            notification_settings: notificationSettings,
+        };
+        let res = await this._addigyRequest('https://app-prod.addigy.com/api/mdm/user/profiles/configurations', {
+            headers: {
+                Cookie: `auth_token=${authObject.authToken};`,
+                origin: 'https://app-prod.addigy.com',
+            },
+            method: 'POST',
+            json: { payloads: [payload] },
+        });
+        return JSON.parse(res.body);
+    }
+    async createCustomProfile(authObject, name, customProfileText, supportedOsVersions, payloadScope = 'System', is_profile_signed = false) {
+        const groupUUID = uuid_1.v4();
+        const customProfileJson = plist_1.default.parse(customProfileText);
+        const updateCustomProfileJson = Object.entries(customProfileJson).reduce((acc, [key, value]) => {
+            acc[this.toSnakeCase(key)] = value;
+            return acc;
+        }, {});
+        const customProfileBase64 = Buffer.from(customProfileText).toString('base64');
+        const payload = {
+            addigy_payload_type: 'com.addigy.custom.mdm.payload',
+            payload_type: 'custom',
+            payload_version: 1,
+            payload_identifier: `com.addigy.custom.mdm.payload.${groupUUID}`,
+            payload_uuid: `custom-profile-${uuid_1.v4()}`,
+            payload_group_id: groupUUID,
+            payload_display_name: name,
+            is_profile_signed,
+            profile_json_data: updateCustomProfileJson,
+            decoded_profile_content: customProfileText,
+            custom_profile_content: customProfileBase64,
+            supported_os_versions: supportedOsVersions,
+            payload_scope: payloadScope,
+        };
+        try {
+            let res = await this._addigyRequest('https://app-prod.addigy.com/api/mdm/user/profiles/configurations', {
+                headers: {
+                    Cookie: `auth_token=${authObject.authToken};`,
+                    origin: 'https://app-prod.addigy.com',
+                },
+                method: 'POST',
+                json: { payloads: [payload] },
+            });
+            return JSON.parse(res.body);
+        }
+        catch (err) {
+            throw err;
+        }
+    }
+    async createMdmProfile(authObject, mdmProfile) {
+        try {
+            let res = await this._addigyRequest('https://app-prod.addigy.com/api/mdm/user/profiles/configurations', {
+                headers: {
+                    Cookie: `auth_token=${authObject.authToken};`,
+                    origin: 'https://app-prod.addigy.com',
+                },
+                method: 'POST',
+                json: { payloads: mdmProfile },
+            });
+            return JSON.parse(res.body);
+        }
+        catch (err) {
+            throw err;
+        }
+    }
+    async createFilevaultPolicy(authObject, name, filevault, payloadPriority = 1) {
+        const groupUUID = uuid_1.v4();
+        const encryptCertPayloadUUID = uuid_1.v4();
+        const basePayload = {
+            payload_display_name: name,
+            payload_version: 1,
+            payload_group_id: groupUUID,
+            addigy_payload_version: 0,
+            payload_priority: payloadPriority,
+        };
+        const payloads = [
+            {
+                ...basePayload,
+                payload_type: 'com.apple.MCX.FileVault2',
+                addigy_payload_type: 'com.addigy.securityAndPrivacy.com.apple.MCX.FileVault2',
+                payload_identifier: `com.addigy.securityAndPrivacy.com.apple.MCX.FileVault2.${groupUUID}`,
+                payload_uuid: uuid_1.v4(),
+                enable: filevault.enable ? 'On' : 'Off',
+                defer: filevault.defer,
+                use_recovery_key: true,
+                show_recovery_key: filevault.showRecoveryKey === undefined ? null : filevault.showRecoveryKey,
+                defer_dont_ask_at_user_logout: filevault.deferDontAskAtUserLogout === undefined
+                    ? null
+                    : filevault.deferDontAskAtUserLogout,
+                defer_force_at_user_login_max_bypass_attempts: filevault.deferForceAtUserLoginMaxBypassAttempts === undefined
+                    ? null
+                    : filevault.deferForceAtUserLoginMaxBypassAttempts,
+            },
+            {
+                ...basePayload,
+                payload_type: 'com.apple.MCX',
+                addigy_payload_type: 'com.addigy.securityAndPrivacy.com.apple.MCX',
+                payload_identifier: `com.addigy.securityAndPrivacy.com.apple.MCX.${groupUUID} `,
+                payload_uuid: uuid_1.v4(),
+                destroy_fv_key_on_standby: filevault.destroyFvKeyOnStandby === undefined
+                    ? null
+                    : filevault.destroyFvKeyOnStandby,
+                dont_allow_fde_disable: true,
+            },
+        ];
+        if (filevault.escrowRecoveryKey)
+            payloads.push({
+                ...basePayload,
+                addigy_payload_type: 'com.addigy.securityAndPrivacy.com.apple.security.pkcs1',
+                payload_type: 'com.apple.security.pkcs1',
+                payload_identifier: `com.addigy.securityAndPrivacy.com.apple.security.pkcs1.${groupUUID}`,
+                payload_uuid: uuid_1.v4(),
+                is_from_security_profile: true,
+            }, {
+                ...basePayload,
+                addigy_payload_type: 'com.addigy.securityAndPrivacy.com.apple.security.FDERecoveryKeyEscrow',
+                payload_type: 'com.apple.security.FDERecoveryKeyEscrow',
+                payload_identifier: `com.addigy.securityAndPrivacy.com.apple.security.FDERecoveryKeyEscrow.${groupUUID}`,
+                payload_uuid: uuid_1.v4(),
+                encrypt_cert_payload_uuid: encryptCertPayloadUUID,
+                location: 'Key will be escrowed to an Addigy secure database.',
+            }, {
+                ...basePayload,
+                addigy_payload_type: 'com.addigy.securityAndPrivacy.com.apple.security.FDERecoveryRedirect',
+                payload_type: 'com.apple.security.FDERecoveryRedirect',
+                payload_identifier: `com.addigy.securityAndPrivacy.com.apple.security.FDERecoveryRedirect.${groupUUID}`,
+                payload_uuid: uuid_1.v4(),
+                encrypt_cert_payload_uuid: encryptCertPayloadUUID,
+                redirect_url: '',
+            });
+        try {
+            let res = await this._addigyRequest('https://app-prod.addigy.com/api/mdm/user/profiles/configurations', {
+                headers: {
+                    Cookie: `auth_token=${authObject.authToken};`,
+                    origin: 'https://app-prod.addigy.com',
+                },
+                method: 'POST',
+                json: { payloads },
+            });
+            return JSON.parse(res.body);
         }
         catch (err) {
             throw err;
@@ -738,7 +895,7 @@ class Addigy {
             method: 'POST',
             json: { payloads: [payload] },
         });
-        return res.body;
+        return JSON.parse(res.body);
     }
     async getMdmConfigurations(authObject) {
         var _a;
@@ -780,6 +937,11 @@ class Addigy {
             throw err;
         }
     }
+    toSnakeCase(text) {
+        return text
+            .replace(/([^\p{L}\d]+|(?<=\p{L})(?=\d)|(?<=\d)(?=\p{L})|(?<=[\p{Ll}\d])(?=\p{Lu})|(?<=\p{Lu})(?=\p{Lu}\p{Ll})|(?<=[\p{L}\d])(?=\p{Lu}\p{Ll}))/gu, '_')
+            .toLowerCase();
+    }
     async getApnsCerts(authObject, next, previous) {
         let url = 'https://app-prod.addigy.com/api/apn/user/apn/list';
         if (next) {
@@ -798,7 +960,7 @@ class Addigy {
                 },
                 method: 'GET',
             });
-            return JSON.parse(res.body).mdm_app_list;
+            return JSON.parse(res.body).items;
         }
         catch (err) {
             throw err;

package/package.json

@@ -6,6 +6,7 @@
         }
     },
     "dependencies": {
+        "@expo/plist": "0.0.18",
         "form-data": "4.0.0",
         "got": "11.8.2",
         "uuid": "8.3.2"
@@ -13,20 +14,20 @@
     "description": "",
     "devDependencies": {
         "@pliancy/eslint-config-ts": "0.0.5",
-        "@pliancy/semantic-release-config-npm": "^2.1.0",
+        "@pliancy/semantic-release-config-npm": "2.1.0",
         "@types/got": "9.6.11",
         "@types/jest": "26.0.23",
         "@types/node": "15.12.5",
         "@types/uuid": "8.3.0",
-        "commitizen": "^4.2.4",
+        "commitizen": "4.2.4",
         "cpy-cli": "3.1.1",
         "cz-conventional-changelog": "3.3.0",
         "gh-pages": "3.2.3",
-        "husky": "^7.0.1",
+        "husky": "7.0.1",
         "jest": "27.0.6",
-        "npm-run-all": "^4.1.5",
+        "npm-run-all": "4.1.5",
         "open": "8.2.1",
-        "pinst": "^2.1.6",
+        "pinst": "2.1.6",
         "rimraf": "3.0.2",
         "ts-jest": "27.0.3",
         "typedoc": "0.21.2",
@@ -58,7 +59,7 @@
         "tsc": "tsc -p tsconfig.build.json"
     },
     "types": "index.d.ts",
-    "version": "2.2.3",
+    "version": "2.4.0",
     "volta": {
         "node": "14.17.1",
         "yarn": "1.22.10"

package/types.d.ts

@@ -10,8 +10,8 @@ export interface IAddigyInternalAuthObject {
     emailAddress: string;
 }
 export interface Payload {
-    addigy_payload_type: 'com.addigy.syspolicy.system-extension-policy.com.apple.system-extension-policy' | 'com.addigy.TCC.configuration-profile-policy.com.apple.TCC.configuration-profile-policy' | 'com.addigy.syspolicy.kernel-extension-policy.com.apple.syspolicy.kernel-extension-policy';
-    payload_type: 'com.apple.system-extension-policy' | 'com.apple.syspolicy.kernel-extension-policy' | 'com.apple.TCC.configuration-profile-policy';
+    addigy_payload_type: 'com.addigy.syspolicy.system-extension-policy.com.apple.system-extension-policy' | 'com.addigy.TCC.configuration-profile-policy.com.apple.TCC.configuration-profile-policy' | 'com.addigy.syspolicy.kernel-extension-policy.com.apple.syspolicy.kernel-extension-policy' | 'com.addigy.notifications.com.apple.notificationsettings' | 'com.addigy.custom.mdm.payload' | 'com.addigy.securityAndPrivacy.com.apple.MCX.FileVault2' | 'com.addigy.securityAndPrivacy.com.apple.MCX' | 'com.addigy.securityAndPrivacy.com.apple.security.pkcs1' | 'com.addigy.securityAndPrivacy.com.apple.security.FDERecoveryKeyEscrow' | 'com.addigy.securityAndPrivacy.com.apple.security.FDERecoveryRedirect';
+    payload_type: 'com.apple.system-extension-policy' | 'com.apple.syspolicy.kernel-extension-policy' | 'com.apple.TCC.configuration-profile-policy' | 'com.apple.notificationsettings' | 'custom' | 'com.apple.MCX.FileVault2' | 'com.apple.MCX' | 'com.apple.security.pkcs1' | 'com.apple.security.FDERecoveryKeyEscrow' | 'com.apple.security.FDERecoveryRedirect';
     payload_version: number;
     payload_identifier: string;
     payload_uuid: string;
@@ -109,3 +109,66 @@ export interface Extension {
     teamIdentifier: string;
     bundleIdentifiers: string[];
 }
+export interface NotificationSettings {
+    bundle_identifier: string;
+    notifications_enabled: boolean;
+    show_in_lock_screen: boolean;
+    show_in_notification_center: boolean;
+    sounds_enabled: boolean;
+    badges_enabled: boolean;
+    critical_alert_enabled: boolean;
+    preview_type?: any;
+    alert_type?: any;
+}
+export interface NotificationSettingsPayload extends Payload {
+    notification_settings: NotificationSettings[];
+}
+export interface CustomProfilePayload extends Payload {
+    is_profile_signed: boolean;
+    custom_profile_content: string;
+    decoded_profile_content: string;
+    supported_os_versions: SupportedOsVersions;
+    payload_scope: 'System' | 'User';
+    profile_json_data: CustomProfileJSONData[];
+}
+export interface CustomProfileJSONData {
+    payload_identifier: string;
+    payload_removal_disallowed: boolean;
+    payload_scope: string;
+    payload_type: string;
+    payload_uuid: string;
+    payload_organization: string;
+    payload_version: number;
+    payload_display_name: string;
+    payload_content: any[];
+}
+export interface SupportedOsVersions {
+    macOS?: string;
+    iOS?: string;
+    tvOS?: string;
+}
+export interface FilevaultPayload extends Payload {
+    enable?: 'On' | 'Off';
+    defer?: boolean;
+    use_recovery_key?: boolean;
+    show_recovery_key?: boolean | null;
+    defer_dont_ask_at_user_logout?: boolean | null;
+    defer_force_at_user_login_max_bypass_attempts?: number | null;
+    addigy_payload_version?: number;
+    destroy_fv_key_on_standby?: boolean | null;
+    dont_allow_fde_disable?: boolean;
+    is_from_security_profile?: boolean;
+    encrypt_cert_payload_uuid?: string;
+    location?: string;
+    payload_priority?: number;
+    redirect_url?: string;
+}
+export interface FilevaultRequest {
+    enable?: boolean;
+    defer?: boolean;
+    showRecoveryKey?: boolean;
+    destroyFvKeyOnStandby?: boolean;
+    escrowRecoveryKey?: boolean;
+    deferDontAskAtUserLogout?: boolean;
+    deferForceAtUserLoginMaxBypassAttempts?: -1 | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10;
+}