This repository has been archived by the owner on May 3, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 33
/
app_client.rb
207 lines (177 loc) · 9.49 KB
/
app_client.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
require 'spaceship'
require_relative 'common'
module Portal
# AppClient ...
class AppClient
ON_OFF_SERVICES_BY_KEY = {
'com.apple.security.application-groups' => Spaceship::Portal.app_service.app_group,
'com.apple.developer.in-app-payments' => Spaceship::Portal.app_service.apple_pay,
'com.apple.developer.associated-domains' => Spaceship::Portal.app_service.associated_domains,
'com.apple.developer.healthkit' => Spaceship::Portal.app_service.health_kit,
'com.apple.developer.homekit' => Spaceship::Portal.app_service.home_kit,
'com.apple.developer.networking.HotspotConfiguration' => Spaceship::Portal.app_service.hotspot,
'com.apple.InAppPurchase' => Spaceship::Portal.app_service.in_app_purchase,
'inter-app-audio' => Spaceship::Portal.app_service.inter_app_audio,
'com.apple.developer.networking.multipath' => Spaceship::Portal.app_service.multipath,
'com.apple.developer.networking.networkextension' => Spaceship::Portal.app_service.network_extension,
'com.apple.developer.nfc.readersession.formats' => Spaceship::Portal.app_service.nfc_tag_reading,
'com.apple.developer.networking.vpn.api' => Spaceship::Portal.app_service.vpn_configuration,
'aps-environment' => Spaceship::Portal.app_service.push_notification,
'com.apple.developer.siri' => Spaceship::Portal.app_service.siri_kit,
'com.apple.developer.pass-type-identifiers' => Spaceship::Portal.app_service.passbook,
'com.apple.external-accessory.wireless-configuration' => Spaceship::Portal.app_service.wireless_accessory
}.freeze
ON_OFF_SERVICE_NAME_BY_KEY = {
'com.apple.security.application-groups' => 'App Groups',
'com.apple.developer.in-app-payments' => 'Apple Pay',
'com.apple.developer.associated-domains' => 'Associated Domains',
'com.apple.developer.healthkit' => 'HealthKit',
'com.apple.developer.homekit' => 'HomeKit',
'com.apple.developer.networking.HotspotConfiguration' => 'Hotspot',
'com.apple.InAppPurchase' => 'In-App Purchase',
'inter-app-audio' => 'Inter-App Audio',
'com.apple.developer.networking.multipath' => 'Multipath',
'com.apple.developer.networking.networkextension' => 'Network Extensions',
'com.apple.developer.nfc.readersession.formats' => 'NFC Tag Reading',
'com.apple.developer.networking.vpn.api' => 'Personal VPN',
'aps-environment' => 'Push Notifications',
'com.apple.developer.siri' => 'SiriKit',
'com.apple.developer.pass-type-identifiers' => 'Wallet',
'com.apple.external-accessory.wireless-configuration' => 'Wireless Accessory Configuration'
}.freeze
ON_OFF_FEATURE_NAME_BY_KEY = {
'com.apple.security.application-groups' => 'APG3427HIY',
'com.apple.developer.in-app-payments' => 'OM633U5T5G',
'com.apple.developer.associated-domains' => 'SKC3T5S89Y',
'com.apple.developer.healthkit' => 'HK421J6T7P',
'com.apple.developer.homekit' => 'homeKit',
'com.apple.developer.networking.HotspotConfiguration' => 'HSC639VEI8',
'com.apple.InAppPurchase' => 'inAppPurchase',
'inter-app-audio' => 'IAD53UNK2F',
'com.apple.developer.networking.multipath' => 'MP49FN762P',
'com.apple.developer.networking.networkextension' => 'NWEXT04537',
'com.apple.developer.nfc.readersession.formats' => 'NFCTRMAY17',
'com.apple.developer.networking.vpn.api' => 'V66P55NK2I',
'aps-environment' => 'push',
'com.apple.developer.siri' => 'SI015DKUHP',
'com.apple.developer.pass-type-identifiers' => 'passbook',
'com.apple.external-accessory.wireless-configuration' => 'WC421J6T7P'
}.freeze
def self.ensure_app(bundle_id)
app = Spaceship::Portal.app.find(bundle_id)
return app if app
name = "Bitrise - (#{bundle_id.tr('.', ' ')})"
Log.debug("registering app: #{name} with bundle id: (#{bundle_id})")
app = nil
run_and_handle_portal_function { app = Spaceship::Portal.app.create!(bundle_id: bundle_id, name: name) }
raise "failed to create app with bundle id: #{bundle_id}" unless app
app
end
def self.all_services_enabled?(app, entitlements)
entitlements ||= {}
app_features = app.details.features
# on-off services
entitlements.each_key do |key|
on_off_app_service = ON_OFF_SERVICES_BY_KEY[key]
next unless on_off_app_service
return false unless AppClient.feature_enabled?(key, app_features)
end
# Data Protection
feature_value = app_features['dataProtection']
data_protection_value = entitlements['com.apple.developer.default-data-protection']
if data_protection_value == 'NSFileProtectionComplete'
return false unless feature_value == 'complete'
elsif data_protection_value == 'NSFileProtectionCompleteUnlessOpen'
return false unless feature_value == 'unless_open'
elsif data_protection_value == 'NSFileProtectionCompleteUntilFirstUserAuthentication'
return false unless feature_value == 'until_first_auth'
end
# iCloud
uses_key_value_storage = !entitlements['com.apple.developer.ubiquity-kvstore-identifier'].nil?
uses_cloud_documents = false
uses_cloudkit = false
icloud_services = entitlements['com.apple.developer.icloud-services']
unless icloud_services.to_a.empty?
uses_cloud_documents = icloud_services.include?('CloudDocuments')
uses_cloudkit = icloud_services.include?('CloudKit')
end
if uses_key_value_storage || uses_cloud_documents || uses_cloudkit
return false unless app_features['cloudKitVersion'].to_i == 2
return false unless app_features['iCloud']
end
true
end
def self.sync_app_services(app, entitlements)
entitlements ||= {}
details = app.details
app_features = details.features
# on-off services
entitlements.each_key do |key|
on_off_app_service = ON_OFF_SERVICES_BY_KEY[key]
next unless on_off_app_service
service_name = ON_OFF_SERVICE_NAME_BY_KEY[key]
if AppClient.feature_enabled?(key, app_features)
Log.print("#{service_name} already enabled")
else
Log.success("set #{service_name}: on")
app = app.update_service(on_off_app_service.on)
end
end
# Data Protection
feature_value = app_features['dataProtection']
data_protection_value = entitlements['com.apple.developer.default-data-protection']
if data_protection_value == 'NSFileProtectionComplete'
if feature_value == 'complete'
Log.print('Data Protection: complete already set')
else
Log.success('set Data Protection: complete')
app = app.update_service(Spaceship::Portal.app_service.data_protection.complete)
end
elsif data_protection_value == 'NSFileProtectionCompleteUnlessOpen'
if feature_value == 'unless_open'
Log.print('Data Protection: unless_open already set')
else
Log.success('set Data Protection: unless_open')
app = app.update_service(Spaceship::Portal.app_service.data_protection.unless_open)
end
elsif data_protection_value == 'NSFileProtectionCompleteUntilFirstUserAuthentication'
if feature_value == 'until_first_auth'
Log.print('Data Protection: until_first_auth already set')
else
Log.success('set Data Protection: until_first_auth')
app = app.update_service(Spaceship::Portal.app_service.data_protection.until_first_auth)
end
end
# iCloud
uses_key_value_storage = !entitlements['com.apple.developer.ubiquity-kvstore-identifier'].nil?
uses_cloud_documents = false
uses_cloudkit = false
icloud_services = entitlements['com.apple.developer.icloud-services']
unless icloud_services.to_a.empty?
uses_cloud_documents = icloud_services.include?('CloudDocuments')
uses_cloudkit = icloud_services.include?('CloudKit')
end
if uses_key_value_storage || uses_cloud_documents || uses_cloudkit
if app_features['cloudKitVersion'].to_i == 2
Log.print('CloudKit: already set')
else
Log.success('set CloudKit: on')
app = app.update_service(Spaceship::Portal.app_service.cloud_kit.cloud_kit)
end
if app_features['iCloud']
Log.print('iCloud: already set')
else
Log.success('set iCloud: on')
app = app.update_service(Spaceship::Portal.app_service.icloud.on)
end
end
app
end
def self.feature_enabled?(entitlement_key, app_features)
feature_key = ON_OFF_FEATURE_NAME_BY_KEY[entitlement_key]
raise 'not on-off app service key provided' unless feature_key
feature_value = app_features[feature_key]
feature_value || false
end
end
end