Class: IOSConfig::Profile

Inherits:

Object

• Object
• IOSConfig::Profile

Defined in:

lib/ios_config/profile.rb

Instance Attribute Summary

• #allow_removal ⇒ Object

  if profile can be deleted by device user.

• #client_certs ⇒ Object

  if profile can be deleted by device user.

• #description ⇒ Object

  if profile can be deleted by device user.

• #display_name ⇒ Object

  if profile can be deleted by device user.

• #identifier ⇒ Object

  if profile can be deleted by device user.

• #organization ⇒ Object

  if profile can be deleted by device user.

• #payloads ⇒ Object

  if profile can be deleted by device user.

• #type ⇒ Object

  if profile can be deleted by device user.

• #uuid ⇒ Object

  if profile can be deleted by device user.

• #version ⇒ Object

  if profile can be deleted by device user.

Instance Method Summary

• #initialize(options = {}) ⇒ Profile constructor

  A new instance of Profile.

• #signed(mdm_cert, mdm_intermediate_cert, mdm_private_key) ⇒ Object
• #unsigned ⇒ Object

Constructor Details

#initialize(options = {}) ⇒ Profile

Returns a new instance of Profile.

# File 'lib/ios_config/profile.rb', line 18

def initialize(options = {})
  options.each { |k,v| self.send("#{k}=", v) }
  puts self.allow_removal
  puts self.allow_removal.nil?
  self.allow_removal  = true if self.allow_removal.nil?
  self.type           ||= 'Configuration'
  self.version        ||= 1
  self.payloads       ||= []
end

Instance Attribute Details

#allow_removal ⇒ Object

if profile can be deleted by device user. defaults to true

# File 'lib/ios_config/profile.rb', line 7

def allow_removal
  @allow_removal
end

#client_certs ⇒ Object

if profile can be deleted by device user. defaults to true

# File 'lib/ios_config/profile.rb', line 7

def client_certs
  @client_certs
end

#description ⇒ Object

if profile can be deleted by device user. defaults to true

# File 'lib/ios_config/profile.rb', line 7

def description
  @description
end

#display_name ⇒ Object

if profile can be deleted by device user. defaults to true

# File 'lib/ios_config/profile.rb', line 7

def display_name
  @display_name
end

#identifier ⇒ Object

if profile can be deleted by device user. defaults to true

# File 'lib/ios_config/profile.rb', line 7

def identifier
  @identifier
end

#organization ⇒ Object

if profile can be deleted by device user. defaults to true

# File 'lib/ios_config/profile.rb', line 7

def organization
  @organization
end

#payloads ⇒ Object

if profile can be deleted by device user. defaults to true

# File 'lib/ios_config/profile.rb', line 7

def payloads
  @payloads
end

#type ⇒ Object

if profile can be deleted by device user. defaults to true

# File 'lib/ios_config/profile.rb', line 7

def type
  @type
end

#uuid ⇒ Object

if profile can be deleted by device user. defaults to true

# File 'lib/ios_config/profile.rb', line 7

def uuid
  @uuid
end

#version ⇒ Object

if profile can be deleted by device user. defaults to true

# File 'lib/ios_config/profile.rb', line 7

def version
  @version
end

Instance Method Details

#signed(mdm_cert, mdm_intermediate_cert, mdm_private_key) ⇒ Object

# File 'lib/ios_config/profile.rb', line 28

def signed(mdm_cert, mdm_intermediate_cert, mdm_private_key)
  certificate   = OpenSSL::X509::Certificate.new(File.read(mdm_cert))
  intermediate  = OpenSSL::X509::Certificate.new(File.read(mdm_intermediate_cert))
  private_key   = OpenSSL::PKey::RSA.new(File.read(mdm_private_key))

  signed_profile = OpenSSL::PKCS7.sign(certificate, private_key, unsigned, [intermediate], OpenSSL::PKCS7::BINARY)
  signed_profile.to_der
end

#unsigned ⇒ Object

# File 'lib/ios_config/profile.rb', line 37

def unsigned
  raise_if_blank [:version, :uuid, :type, :identifier, :display_name]

  profile = {
    'PayloadDisplayName'        => self.display_name,
    'PayloadVersion'            => self.version,
    'PayloadUUID'               => self.uuid,
    'PayloadIdentifier'         => self.identifier,
    'PayloadType'               => self.type,
    'PayloadRemovalDisallowed'  => !self.allow_removal
  }
  profile['PayloadOrganization']  = self.organization if self.organization
  profile['PayloadDescription']   = self.description  if self.description
      
  if self.client_certs.nil?
    profile['PayloadContent'] = payloads
  else
    encrypted_payload_content = OpenSSL::PKCS7.encrypt( self.client_certs, 
                                                        payloads.to_plist, 
                                                        OpenSSL::Cipher::Cipher::new("des-ede3-cbc"), 
                                                        OpenSSL::PKCS7::BINARY)
  
    profile['EncryptedPayloadContent'] = StringIO.new encrypted_payload_content.to_der
  end

  profile.to_plist
end