value does not exist if desired users are not configured. Plus fix typos

This commit is contained in:
Jared Weyer 2023-03-09 16:25:19 -08:00
Родитель 579fdff411
Коммит 8316b58e3d
2 изменённых файлов: 86 добавлений и 3 удалений

Просмотреть файл

@ -6,7 +6,7 @@ default_action :enable
property :users,
[String, Array],
default: 'all',
description: 'The user(s) whoose ARD privileges will be configured.',
description: 'The user(s) whose ARD privileges will be configured.',
coerce: ->(p) { [p].flatten }
property :privileges,
@ -19,12 +19,12 @@ property :privileges,
property :computer_info,
[String, Array],
default: [],
description: 'Info fields; helpful for stratifing computers in ARD client app.',
description: 'Info fields; helpful for stratifying computers in ARD client app.',
coerce: ->(p) { p.compact.map(&:to_s) },
callbacks: { 'has too many elements; computer info excepts up to four info fields' => ->(p) { (p.is_a?(Array) && p.size < 4) } }
load_current_value do |desired|
current_value_does_not_exist! unless RemoteManagement.activated?
current_value_does_not_exist! unless RemoteManagement.activated? && RemoteManagement.users_configured?(desired.users)
privileges RemoteManagement.current_mask(desired.users)
computer_info RemoteManagement.current_computer_info
end

Просмотреть файл

@ -0,0 +1,83 @@
unified_mode true
provides :remote_management
default_action :enable
property :users,
[String, Array],
default: 'all',
description: 'The user(s) whoose ARD privileges will be configured.',
coerce: ->(p) { [p].flatten }
property :privileges,
[String, Array, Integer],
default: 'all',
description: 'The desired privileges to bestow upon the given users.',
coerce: ->(p) { p.is_a?(Integer) ? p : RemoteManagement::BitMask.mask_from_privileges(p) },
callbacks: { 'is invalid. See https://ss64.com/osx/kickstart.html for valid privileges' => ->(p) { RemoteManagement::BitMask.valid_mask?(p) } }
property :computer_info,
[String, Array],
default: [],
description: 'Info fields; helpful for stratifing computers in ARD client app.',
coerce: ->(p) { p.compact.map(&:to_s) },
callbacks: { 'has too many elements; computer info excepts up to four info fields' => ->(p) { (p.is_a?(Array) && p.size < 4) } }
load_current_value do |desired|
current_value_does_not_exist! unless RemoteManagement.activated?
privileges RemoteManagement.current_mask(desired.users)
computer_info RemoteManagement.current_computer_info
end
# TODO; the enable action should be decoupled from configuration; configure action should be added; default action should be [:configure, :enable]
action :enable do
converge_if_changed(:privileges, :computer_info) do
raise(RemoteManagement::Exceptions::TCCError) unless RemoteManagement::TCC::DB.correct_privileges?
execute 'restart the TCC daemon' do
command 'sudo pkill -9 tccd'
only_if { platform_version >= Chef::Version.new('12.0.0') }
not_if { RemoteManagement::TCC::State.enabled? }
end
converge_if_changed(:privileges) do
if new_resource.users.include?('all')
converge_by('setting privileges for all users') do
execute 'set privileges for all users' do
command [RemoteManagement.kickstart, '-configure', '-allowAccessFor', '-allUsers', '-access', '-on', '-privs', '-mask', new_resource.privileges]
end
end
else
converge_by('setting privileges for specified users') do
execute 'set up Remote Management to only grant access to users with privileges' do
command [RemoteManagement.kickstart, '-configure', '-allowAccessFor', '-specifiedUsers']
end
execute "set privileges for #{new_resource.users.join(', ')}" do
command [RemoteManagement.kickstart, '-configure', '-access', '-on', '-privs', '-mask', new_resource.privileges, '-users', new_resource.users.join(',')]
end
end
end
end
converge_if_changed(:computer_info) do
new_resource.computer_info.each_with_index do |info, i|
execute "set computer info field #{i + 1}" do
command [RemoteManagement.kickstart, '-configure', '-computerinfo', "-set#{i + 1}", "-#{i + 1}", info]
end
end
end
execute 'activate the Remote Management service and restart the agent' do
command [RemoteManagement.kickstart, '-activate', '-restart', '-agent']
end
end
end
action :disable do
execute 'stop the Remote Management service and deactivate it so it will not start after the next restart' do
command [RemoteManagement.kickstart, '-deactivate', '-stop']
only_if { RemoteManagement.activated? }
end
end