addigy 2.3.0 → 2.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/index.d.ts +3 -1
- package/index.js +96 -0
- package/package.json +1 -1
- package/types.d.ts +27 -2
package/index.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { Extension, IAddigyConfig, IAddigyInternalAuthObject, NotificationSettings, PPPCInput, SupportedOsVersions } from './types';
|
|
1
|
+
import { Extension, FilevaultRequest, IAddigyConfig, IAddigyInternalAuthObject, NotificationSettings, PPPCInput, SupportedOsVersions } from './types';
|
|
2
2
|
export * from './types';
|
|
3
3
|
declare enum AlertStatus {
|
|
4
4
|
Acknowledged = "Acknowledged",
|
|
@@ -61,6 +61,8 @@ export declare class Addigy {
|
|
|
61
61
|
}): Promise<any>;
|
|
62
62
|
createNotificationSettingsPolicy(authObject: IAddigyInternalAuthObject, name: string, notificationSettings: NotificationSettings[]): Promise<any>;
|
|
63
63
|
createCustomProfile(authObject: IAddigyInternalAuthObject, name: string, customProfileText: string, supportedOsVersions: SupportedOsVersions, payloadScope?: 'System' | 'User', is_profile_signed?: boolean): Promise<any>;
|
|
64
|
+
createMdmProfile(authObject: IAddigyInternalAuthObject, mdmProfile: any): Promise<any>;
|
|
65
|
+
createFilevaultPolicy(authObject: IAddigyInternalAuthObject, name: string, filevault: FilevaultRequest, payloadPriority?: number): Promise<any>;
|
|
64
66
|
createPPPCPolicy(authObject: IAddigyInternalAuthObject, name: string, pppcPolicy: PPPCInput[]): Promise<any>;
|
|
65
67
|
getMdmConfigurations(authObject: IAddigyInternalAuthObject): Promise<any[]>;
|
|
66
68
|
getMdmConfigurationByName(authObject: IAddigyInternalAuthObject, name: string): Promise<any>;
|
package/index.js
CHANGED
|
@@ -727,6 +727,102 @@ class Addigy {
|
|
|
727
727
|
throw err;
|
|
728
728
|
}
|
|
729
729
|
}
|
|
730
|
+
async createMdmProfile(authObject, mdmProfile) {
|
|
731
|
+
try {
|
|
732
|
+
let res = await this._addigyRequest('https://app-prod.addigy.com/api/mdm/user/profiles/configurations', {
|
|
733
|
+
headers: {
|
|
734
|
+
Cookie: `auth_token=${authObject.authToken};`,
|
|
735
|
+
origin: 'https://app-prod.addigy.com',
|
|
736
|
+
},
|
|
737
|
+
method: 'POST',
|
|
738
|
+
json: { payloads: mdmProfile },
|
|
739
|
+
});
|
|
740
|
+
return JSON.parse(res.body);
|
|
741
|
+
}
|
|
742
|
+
catch (err) {
|
|
743
|
+
throw err;
|
|
744
|
+
}
|
|
745
|
+
}
|
|
746
|
+
async createFilevaultPolicy(authObject, name, filevault, payloadPriority = 1) {
|
|
747
|
+
const groupUUID = uuid_1.v4();
|
|
748
|
+
const encryptCertPayloadUUID = uuid_1.v4();
|
|
749
|
+
const basePayload = {
|
|
750
|
+
payload_display_name: name,
|
|
751
|
+
payload_version: 1,
|
|
752
|
+
payload_group_id: groupUUID,
|
|
753
|
+
addigy_payload_version: 0,
|
|
754
|
+
payload_priority: payloadPriority,
|
|
755
|
+
};
|
|
756
|
+
const payloads = [
|
|
757
|
+
{
|
|
758
|
+
...basePayload,
|
|
759
|
+
payload_type: 'com.apple.MCX.FileVault2',
|
|
760
|
+
addigy_payload_type: 'com.addigy.securityAndPrivacy.com.apple.MCX.FileVault2',
|
|
761
|
+
payload_identifier: `com.addigy.securityAndPrivacy.com.apple.MCX.FileVault2.${groupUUID}`,
|
|
762
|
+
payload_uuid: uuid_1.v4(),
|
|
763
|
+
enable: filevault.enable ? 'On' : 'Off',
|
|
764
|
+
defer: filevault.defer,
|
|
765
|
+
use_recovery_key: true,
|
|
766
|
+
show_recovery_key: filevault.showRecoveryKey === undefined ? null : filevault.showRecoveryKey,
|
|
767
|
+
defer_dont_ask_at_user_logout: filevault.deferDontAskAtUserLogout === undefined
|
|
768
|
+
? null
|
|
769
|
+
: filevault.deferDontAskAtUserLogout,
|
|
770
|
+
defer_force_at_user_login_max_bypass_attempts: filevault.deferForceAtUserLoginMaxBypassAttempts === undefined
|
|
771
|
+
? null
|
|
772
|
+
: filevault.deferForceAtUserLoginMaxBypassAttempts,
|
|
773
|
+
},
|
|
774
|
+
{
|
|
775
|
+
...basePayload,
|
|
776
|
+
payload_type: 'com.apple.MCX',
|
|
777
|
+
addigy_payload_type: 'com.addigy.securityAndPrivacy.com.apple.MCX',
|
|
778
|
+
payload_identifier: `com.addigy.securityAndPrivacy.com.apple.MCX.${groupUUID} `,
|
|
779
|
+
payload_uuid: uuid_1.v4(),
|
|
780
|
+
destroy_fv_key_on_standby: filevault.destroyFvKeyOnStandby === undefined
|
|
781
|
+
? null
|
|
782
|
+
: filevault.destroyFvKeyOnStandby,
|
|
783
|
+
dont_allow_fde_disable: true,
|
|
784
|
+
},
|
|
785
|
+
];
|
|
786
|
+
if (filevault.escrowRecoveryKey)
|
|
787
|
+
payloads.push({
|
|
788
|
+
...basePayload,
|
|
789
|
+
addigy_payload_type: 'com.addigy.securityAndPrivacy.com.apple.security.pkcs1',
|
|
790
|
+
payload_type: 'com.apple.security.pkcs1',
|
|
791
|
+
payload_identifier: `com.addigy.securityAndPrivacy.com.apple.security.pkcs1.${groupUUID}`,
|
|
792
|
+
payload_uuid: uuid_1.v4(),
|
|
793
|
+
is_from_security_profile: true,
|
|
794
|
+
}, {
|
|
795
|
+
...basePayload,
|
|
796
|
+
addigy_payload_type: 'com.addigy.securityAndPrivacy.com.apple.security.FDERecoveryKeyEscrow',
|
|
797
|
+
payload_type: 'com.apple.security.FDERecoveryKeyEscrow',
|
|
798
|
+
payload_identifier: `com.addigy.securityAndPrivacy.com.apple.security.FDERecoveryKeyEscrow.${groupUUID}`,
|
|
799
|
+
payload_uuid: uuid_1.v4(),
|
|
800
|
+
encrypt_cert_payload_uuid: encryptCertPayloadUUID,
|
|
801
|
+
location: 'Key will be escrowed to an Addigy secure database.',
|
|
802
|
+
}, {
|
|
803
|
+
...basePayload,
|
|
804
|
+
addigy_payload_type: 'com.addigy.securityAndPrivacy.com.apple.security.FDERecoveryRedirect',
|
|
805
|
+
payload_type: 'com.apple.security.FDERecoveryRedirect',
|
|
806
|
+
payload_identifier: `com.addigy.securityAndPrivacy.com.apple.security.FDERecoveryRedirect.${groupUUID}`,
|
|
807
|
+
payload_uuid: uuid_1.v4(),
|
|
808
|
+
encrypt_cert_payload_uuid: encryptCertPayloadUUID,
|
|
809
|
+
redirect_url: '',
|
|
810
|
+
});
|
|
811
|
+
try {
|
|
812
|
+
let res = await this._addigyRequest('https://app-prod.addigy.com/api/mdm/user/profiles/configurations', {
|
|
813
|
+
headers: {
|
|
814
|
+
Cookie: `auth_token=${authObject.authToken};`,
|
|
815
|
+
origin: 'https://app-prod.addigy.com',
|
|
816
|
+
},
|
|
817
|
+
method: 'POST',
|
|
818
|
+
json: { payloads },
|
|
819
|
+
});
|
|
820
|
+
return JSON.parse(res.body);
|
|
821
|
+
}
|
|
822
|
+
catch (err) {
|
|
823
|
+
throw err;
|
|
824
|
+
}
|
|
825
|
+
}
|
|
730
826
|
async createPPPCPolicy(authObject, name, pppcPolicy) {
|
|
731
827
|
const groupUUID = uuid_1.v4();
|
|
732
828
|
const payload = {
|
package/package.json
CHANGED
package/types.d.ts
CHANGED
|
@@ -10,8 +10,8 @@ export interface IAddigyInternalAuthObject {
|
|
|
10
10
|
emailAddress: string;
|
|
11
11
|
}
|
|
12
12
|
export interface Payload {
|
|
13
|
-
addigy_payload_type: 'com.addigy.syspolicy.system-extension-policy.com.apple.system-extension-policy' | 'com.addigy.TCC.configuration-profile-policy.com.apple.TCC.configuration-profile-policy' | 'com.addigy.syspolicy.kernel-extension-policy.com.apple.syspolicy.kernel-extension-policy' | 'com.addigy.notifications.com.apple.notificationsettings' | 'com.addigy.custom.mdm.payload';
|
|
14
|
-
payload_type: 'com.apple.system-extension-policy' | 'com.apple.syspolicy.kernel-extension-policy' | 'com.apple.TCC.configuration-profile-policy' | 'com.apple.notificationsettings' | 'custom';
|
|
13
|
+
addigy_payload_type: 'com.addigy.syspolicy.system-extension-policy.com.apple.system-extension-policy' | 'com.addigy.TCC.configuration-profile-policy.com.apple.TCC.configuration-profile-policy' | 'com.addigy.syspolicy.kernel-extension-policy.com.apple.syspolicy.kernel-extension-policy' | 'com.addigy.notifications.com.apple.notificationsettings' | 'com.addigy.custom.mdm.payload' | 'com.addigy.securityAndPrivacy.com.apple.MCX.FileVault2' | 'com.addigy.securityAndPrivacy.com.apple.MCX' | 'com.addigy.securityAndPrivacy.com.apple.security.pkcs1' | 'com.addigy.securityAndPrivacy.com.apple.security.FDERecoveryKeyEscrow' | 'com.addigy.securityAndPrivacy.com.apple.security.FDERecoveryRedirect';
|
|
14
|
+
payload_type: 'com.apple.system-extension-policy' | 'com.apple.syspolicy.kernel-extension-policy' | 'com.apple.TCC.configuration-profile-policy' | 'com.apple.notificationsettings' | 'custom' | 'com.apple.MCX.FileVault2' | 'com.apple.MCX' | 'com.apple.security.pkcs1' | 'com.apple.security.FDERecoveryKeyEscrow' | 'com.apple.security.FDERecoveryRedirect';
|
|
15
15
|
payload_version: number;
|
|
16
16
|
payload_identifier: string;
|
|
17
17
|
payload_uuid: string;
|
|
@@ -147,3 +147,28 @@ export interface SupportedOsVersions {
|
|
|
147
147
|
iOS?: string;
|
|
148
148
|
tvOS?: string;
|
|
149
149
|
}
|
|
150
|
+
export interface FilevaultPayload extends Payload {
|
|
151
|
+
enable?: 'On' | 'Off';
|
|
152
|
+
defer?: boolean;
|
|
153
|
+
use_recovery_key?: boolean;
|
|
154
|
+
show_recovery_key?: boolean | null;
|
|
155
|
+
defer_dont_ask_at_user_logout?: boolean | null;
|
|
156
|
+
defer_force_at_user_login_max_bypass_attempts?: number | null;
|
|
157
|
+
addigy_payload_version?: number;
|
|
158
|
+
destroy_fv_key_on_standby?: boolean | null;
|
|
159
|
+
dont_allow_fde_disable?: boolean;
|
|
160
|
+
is_from_security_profile?: boolean;
|
|
161
|
+
encrypt_cert_payload_uuid?: string;
|
|
162
|
+
location?: string;
|
|
163
|
+
payload_priority?: number;
|
|
164
|
+
redirect_url?: string;
|
|
165
|
+
}
|
|
166
|
+
export interface FilevaultRequest {
|
|
167
|
+
enable?: boolean;
|
|
168
|
+
defer?: boolean;
|
|
169
|
+
showRecoveryKey?: boolean;
|
|
170
|
+
destroyFvKeyOnStandby?: boolean;
|
|
171
|
+
escrowRecoveryKey?: boolean;
|
|
172
|
+
deferDontAskAtUserLogout?: boolean;
|
|
173
|
+
deferForceAtUserLoginMaxBypassAttempts?: -1 | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10;
|
|
174
|
+
}
|