Merge pull request #1 from kenchan0130/dev

Release 0.2.0

Author: kenchan0130

CHANGELOG.md

@@ -1,5 +1,11 @@
 # Changelog
 
-## v0.1.0 (2020-12-03)
+## 0.3.0 - devlopment
+
+## 0.2.0 - 2020-12-03
+
+- Supported to receive multiple TCC service names
+
+## 0.1.0 - 2020-12-03
 
 - Initial Commit

README.md

@@ -63,6 +63,12 @@ sqlite3 -header "$HOME/Library/Application Support/com.apple.TCC/TCC.db" "SELECT
 You can specify one of the following list
 It is case-insensitive.
 
+If you want to specify more than one, you can use comma-separated values like:
+
+```sh
+./TCC-Permitter.sh "us.zoom.xos" "Camera,Microphone,ScreenCapture"
+```
+
 * Accessibility
 * AddressBook
 * All

TCC-Permitter.sh

@@ -4,6 +4,7 @@
 # Arguments:
 #   $1: Bundle ID or Binary path
 #   $2: TCC service name, case sensitive
+#       Multiple can be specified separated by commas
 #     - Accessibility
 #     - AddressBook
 #     - All
@@ -46,7 +47,7 @@
 #     - Willow
 #######################################
 
-VERSION='0.1.0'
+VERSION='0.2.0'
 export PATH=/usr/bin:/bin:/usr/sbin:/sbin
 
 # MARK: Functions
@@ -59,7 +60,8 @@ export PATH=/usr/bin:/bin:/usr/sbin:/sbin
 #   $@: Script to run
 #######################################
 run_as_user() {
-  local uid=$(id -u "${CURRENT_USER}")
+  local uid
+  uid=$(id -u "${CURRENT_USER}")
   launchctl asuser "${uid}" sudo -u "${CURRENT_USER}" "$@"
 }
 
@@ -71,7 +73,8 @@ run_as_user() {
 #   Writes a argument with timestamp to stdout
 #######################################
 print_info_log(){
-  local timestamp=$(date +%F\ %T)
+  local timestamp
+  timestamp=$(date +%F\ %T)
 
   echo "$timestamp [INFO] $1"
 }
@@ -84,11 +87,16 @@ print_info_log(){
 #   Writes a argument with timestamp to stdout
 #######################################
 print_error_log(){
-  local timestamp=$(date +%F\ %T)
+  local timestamp
+  timestamp=$(date +%F\ %T)
 
   echo "$timestamp [ERROR] $1"
 }
 
+get_ttc_services(){
+  strings /System/Library/PrivateFrameworks/TCC.framework/TCC | grep kTCCService | grep -v '%'
+}
+
 # MARK: Main script
 
 autoload is-at-least
@@ -99,35 +107,36 @@ if ! is-at-least 10.14 "$(sw_vers -productVersion)";then
   exit 98
 fi
 
-if [[ "${1}" == "/" ]];then
+if [[ "${1}" = "/" ]];then
 	# Jamf uses sends '/' as the first argument
   print_info_log "Shifting arguments for Jamf."
   shift 3
 fi
 
-if [[ "${1:l}" == "version" ]];then
+if [[ "${1:l}" = "version" ]];then
   echo "${VERSION}"
   exit 0
 fi
 
-BUNDLE_ID_OR_BINARY_PATH="${1}"
-
-if [[ ! "${BUNDLE_ID_OR_BINARY_PATH}" ]];then
+if [[ ! "${1}" ]];then
   print_error_log "You need to set Bundle ID or Binary path as first argument."
   exit 1
 fi
+BUNDLE_ID_OR_BINARY_PATH="${1}"
 
-TCC_SERVICE_NAME="${2}"
-
-if [[ ! "${TCC_SERVICE_NAME}" ]];then
+if [[ ! "${2}" ]];then
   print_error_log "You need to set service name as second argument."
   exit 1
 fi
+TCC_SERVICE_NAME_LIST=($(echo "${2}" | tr ',' ' '))
 
-if [[ ! "$(strings /System/Library/PrivateFrameworks/TCC.framework/TCC | grep kTCCService | grep -v '%' | sed -e 's/kTCCService//' | sort | grep -E "^${TCC_SERVICE_NAME}$")" ]];then
-  print_error_log "${TCC_SERVICE_NAME} is invalid name as TCC Service."
-  exit 1
-fi
+for TCC_SERVICE_NAME in "${TCC_SERVICE_NAME_LIST[@]}";do
+echo $TCC_SERVICE_NAME
+  if ! get_ttc_services | sed -e 's/kTCCService//' | sort | grep -qE "^${TCC_SERVICE_NAME}$";then
+    print_error_log "${TCC_SERVICE_NAME} is invalid name as TCC Service."
+    exit 1
+  fi
+done
 
 print_info_log "Start TCC-Permitter..."
 
@@ -139,21 +148,24 @@ if [[ ! -e "${TCC_DB_PATH}" ]];then
   exit 1
 fi
 
-TCC_NOT_ALLOWED_ACCESS_PRESENT=$(run_as_user sqlite3 "${TCC_DB_PATH}" "SELECT service FROM access WHERE allowed = '0' AND client = '${BUNDLE_ID_OR_BINARY_PATH}' AND service = 'kTCCService${TCC_SERVICE_NAME}'")
+for TCC_SERVICE_NAME in "${TCC_SERVICE_NAME_LIST[@]}";do
+  print_info_log "Granting ${TCC_SERVICE_NAME}..."
 
-if [[ ! "${TCC_NOT_ALLOWED_ACCESS_PRESENT}" ]];then
-  TCC_ALLOWED_ACCESS_PRESENT=$(run_as_user sqlite3 "${TCC_DB_PATH}" "SELECT service FROM access WHERE allowed = '1' AND client = '${BUNDLE_ID_OR_BINARY_PATH}' AND service = 'kTCCService${TCC_SERVICE_NAME}'")
+  TCC_NOT_ALLOWED_ACCESS_PRESENT=$(run_as_user sqlite3 "${TCC_DB_PATH}" "SELECT service FROM access WHERE allowed = '0' AND client = '${BUNDLE_ID_OR_BINARY_PATH}' AND service = 'kTCCService${TCC_SERVICE_NAME}'")
 
-  if [[ "${TCC_ALLOWED_ACCESS_PRESENT}" ]];then
-    print_info_log "${TCC_SERVICE_NAME} of ${BUNDLE_ID_OR_BINARY_PATH} is already allowed."
-  else
-    print_info_log "There does not seem to be a single prompt for TCC access rights yet."
-  fi
-  exit 0
-fi
+  if [[ ! "${TCC_NOT_ALLOWED_ACCESS_PRESENT}" ]];then
+    TCC_ALLOWED_ACCESS_PRESENT=$(run_as_user sqlite3 "${TCC_DB_PATH}" "SELECT service FROM access WHERE allowed = '1' AND client = '${BUNDLE_ID_OR_BINARY_PATH}' AND service = 'kTCCService${TCC_SERVICE_NAME}'")
 
-run_as_user sqlite3 "${TCC_DB_PATH}" "UPDATE access SET allowed = '1', last_modified = '$(date +%s)' WHERE allowed = '0' AND client = '${BUNDLE_ID_OR_BINARY_PATH}' AND service = 'kTCCService${TCC_SERVICE_NAME}'"
+    if [[ "${TCC_ALLOWED_ACCESS_PRESENT}" ]];then
+      print_info_log "${TCC_SERVICE_NAME} of ${BUNDLE_ID_OR_BINARY_PATH} is already allowed."
+    else
+      print_info_log "There does not seem to be a single prompt for TCC access rights yet."
+    fi
+  else
+    run_as_user sqlite3 "${TCC_DB_PATH}" "UPDATE access SET allowed = '1', last_modified = '$(date +%s)' WHERE allowed = '0' AND client = '${BUNDLE_ID_OR_BINARY_PATH}' AND service = 'kTCCService${TCC_SERVICE_NAME}'"
 
-print_info_log "Successfully allowed for ${TCC_SERVICE_NAME} TCC service of ${BUNDLE_ID_OR_BINARY_PATH}."
+    print_info_log "Successfully allowed for ${TCC_SERVICE_NAME} TCC service of ${BUNDLE_ID_OR_BINARY_PATH}."
+  fi
+done
 
 exit 0