value does not exist if desired users are not configured. Plus fix typos
This commit is contained in:
Jared Weyer
Родитель
579fdff411
Коммит
8316b58e3d
|
|
@ -6,7 +6,7 @@ default_action :enable
|
||||||
property :users,
|
property :users,
|
||||||
[String, Array],
|
[String, Array],
|
||||||
default: 'all',
|
default: 'all',
|
||||||
description: 'The user(s) whoose ARD privileges will be configured.',
|
description: 'The user(s) whose ARD privileges will be configured.',
|
||||||
coerce: ->(p) { [p].flatten }
|
coerce: ->(p) { [p].flatten }
|
||||||
|
|
||||||
property :privileges,
|
property :privileges,
|
||||||
|
|
@ -19,12 +19,12 @@ property :privileges,
|
||||||
property :computer_info,
|
property :computer_info,
|
||||||
[String, Array],
|
[String, Array],
|
||||||
default: [],
|
default: [],
|
||||||
description: 'Info fields; helpful for stratifing computers in ARD client app.',
|
description: 'Info fields; helpful for stratifying computers in ARD client app.',
|
||||||
coerce: ->(p) { p.compact.map(&:to_s) },
|
coerce: ->(p) { p.compact.map(&:to_s) },
|
||||||
callbacks: { 'has too many elements; computer info excepts up to four info fields' => ->(p) { (p.is_a?(Array) && p.size < 4) } }
|
callbacks: { 'has too many elements; computer info excepts up to four info fields' => ->(p) { (p.is_a?(Array) && p.size < 4) } }
|
||||||
|
|
||||||
load_current_value do |desired|
|
load_current_value do |desired|
|
||||||
current_value_does_not_exist! unless RemoteManagement.activated?
|
current_value_does_not_exist! unless RemoteManagement.activated? && RemoteManagement.users_configured?(desired.users)
|
||||||
privileges RemoteManagement.current_mask(desired.users)
|
privileges RemoteManagement.current_mask(desired.users)
|
||||||
computer_info RemoteManagement.current_computer_info
|
computer_info RemoteManagement.current_computer_info
|
||||||
end
|
end
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,83 @@
|
||||||
|
unified_mode true
|
||||||
|
|
||||||
|
provides :remote_management
|
||||||
|
default_action :enable
|
||||||
|
|
||||||
|
property :users,
|
||||||
|
[String, Array],
|
||||||
|
default: 'all',
|
||||||
|
description: 'The user(s) whoose ARD privileges will be configured.',
|
||||||
|
coerce: ->(p) { [p].flatten }
|
||||||
|
|
||||||
|
property :privileges,
|
||||||
|
[String, Array, Integer],
|
||||||
|
default: 'all',
|
||||||
|
description: 'The desired privileges to bestow upon the given users.',
|
||||||
|
coerce: ->(p) { p.is_a?(Integer) ? p : RemoteManagement::BitMask.mask_from_privileges(p) },
|
||||||
|
callbacks: { 'is invalid. See https://ss64.com/osx/kickstart.html for valid privileges' => ->(p) { RemoteManagement::BitMask.valid_mask?(p) } }
|
||||||
|
|
||||||
|
property :computer_info,
|
||||||
|
[String, Array],
|
||||||
|
default: [],
|
||||||
|
description: 'Info fields; helpful for stratifing computers in ARD client app.',
|
||||||
|
coerce: ->(p) { p.compact.map(&:to_s) },
|
||||||
|
callbacks: { 'has too many elements; computer info excepts up to four info fields' => ->(p) { (p.is_a?(Array) && p.size < 4) } }
|
||||||
|
|
||||||
|
load_current_value do |desired|
|
||||||
|
current_value_does_not_exist! unless RemoteManagement.activated?
|
||||||
|
privileges RemoteManagement.current_mask(desired.users)
|
||||||
|
computer_info RemoteManagement.current_computer_info
|
||||||
|
end
|
||||||
|
|
||||||
|
# TODO; the enable action should be decoupled from configuration; configure action should be added; default action should be [:configure, :enable]
|
||||||
|
|
||||||
|
action :enable do
|
||||||
|
converge_if_changed(:privileges, :computer_info) do
|
||||||
|
raise(RemoteManagement::Exceptions::TCCError) unless RemoteManagement::TCC::DB.correct_privileges?
|
||||||
|
|
||||||
|
execute 'restart the TCC daemon' do
|
||||||
|
command 'sudo pkill -9 tccd'
|
||||||
|
only_if { platform_version >= Chef::Version.new('12.0.0') }
|
||||||
|
not_if { RemoteManagement::TCC::State.enabled? }
|
||||||
|
end
|
||||||
|
|
||||||
|
converge_if_changed(:privileges) do
|
||||||
|
if new_resource.users.include?('all')
|
||||||
|
converge_by('setting privileges for all users') do
|
||||||
|
execute 'set privileges for all users' do
|
||||||
|
command [RemoteManagement.kickstart, '-configure', '-allowAccessFor', '-allUsers', '-access', '-on', '-privs', '-mask', new_resource.privileges]
|
||||||
|
end
|
||||||
|
end
|
||||||
|
else
|
||||||
|
converge_by('setting privileges for specified users') do
|
||||||
|
execute 'set up Remote Management to only grant access to users with privileges' do
|
||||||
|
command [RemoteManagement.kickstart, '-configure', '-allowAccessFor', '-specifiedUsers']
|
||||||
|
end
|
||||||
|
|
||||||
|
execute "set privileges for #{new_resource.users.join(', ')}" do
|
||||||
|
command [RemoteManagement.kickstart, '-configure', '-access', '-on', '-privs', '-mask', new_resource.privileges, '-users', new_resource.users.join(',')]
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
converge_if_changed(:computer_info) do
|
||||||
|
new_resource.computer_info.each_with_index do |info, i|
|
||||||
|
execute "set computer info field #{i + 1}" do
|
||||||
|
command [RemoteManagement.kickstart, '-configure', '-computerinfo', "-set#{i + 1}", "-#{i + 1}", info]
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
execute 'activate the Remote Management service and restart the agent' do
|
||||||
|
command [RemoteManagement.kickstart, '-activate', '-restart', '-agent']
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
action :disable do
|
||||||
|
execute 'stop the Remote Management service and deactivate it so it will not start after the next restart' do
|
||||||
|
command [RemoteManagement.kickstart, '-deactivate', '-stop']
|
||||||
|
only_if { RemoteManagement.activated? }
|
||||||
|
end
|
||||||
|
end
|
||||||
Загрузка…
Ссылка в новой задаче