UNPKG

app-builder-lib/electron-osx-sign/util-entitlements.js

Version:

4.58 kBJavaScriptView Raw

1/**
* @module util-entitlements
*/
4
5'use strict'
6
7const { executeAppBuilderAsJson, executeAppBuilderAndWriteJson } = require("../out/util/appBuilder")
8
9const os = require('os')
10const path = require('path')
11
12const util = require('./util')
13const debuglog = util.debuglog
14const getAppContentsPath = util.getAppContentsPath
15
16let tmpFileCounter = 0
17
18/**
* This function returns a promise completing the entitlements automation: The process includes checking in `Info.plist` for `ElectronTeamID` or setting parsed value from identity, and checking in entitlements file for `com.apple.security.application-groups` or inserting new into array. A temporary entitlements file may be created to replace the input for any changes introduced.
* @function
* @param {Object} opts - Options.
* @returns {Promise} Promise.
*/
24async function preAutoEntitlements(opts) {
// If entitlements file not provided, default will be used. Fixes #41
const appInfoPath = path.join(getAppContentsPath(opts), 'Info.plist')
27
debuglog('Automating entitlement app group...', '\n',
  '> Info.plist:', appInfoPath, '\n',
  '> Entitlements:', opts.entitlements)
31
const plistContent = await executeAppBuilderAsJson(["decode-plist", "-f", opts.entitlements, "-f", appInfoPath])
let entitlements = plistContent[0]
if (!entitlements['com.apple.security.app-sandbox']) {
  // Only automate when app sandbox enabled by user
  return
}
38
const appInfo = plistContent[1]
40
// Use ElectronTeamID in Info.plist if already specified
if (appInfo.ElectronTeamID) {
  debuglog('`ElectronTeamID` found in `Info.plist`: ' + appInfo.ElectronTeamID)
} else {
  // The team identifier in signing identity should not be trusted
  if (opts['provisioning-profile']) {
    appInfo.ElectronTeamID = opts['provisioning-profile'].message.Entitlements['com.apple.developer.team-identifier']
    debuglog('`ElectronTeamID` not found in `Info.plist`, use parsed from provisioning profile: ' + appInfo.ElectronTeamID)
  } else {
    appInfo.ElectronTeamID = opts.identity.name.substring(opts.identity.name.indexOf('(') + 1, opts.identity.name.lastIndexOf(')'))
    debuglog('`ElectronTeamID` not found in `Info.plist`, use parsed from signing identity: ' + appInfo.ElectronTeamID)
  }
  await executeAppBuilderAndWriteJson(["encode-plist"], {[appInfoPath]: appInfo})
  debuglog('`Info.plist` updated:', '\n', '> Info.plist:', appInfoPath)
}
56
const appIdentifier = appInfo.ElectronTeamID + '.' + appInfo.CFBundleIdentifier
// Insert application identifier if not exists
if (entitlements['com.apple.application-identifier']) {
  debuglog('`com.apple.application-identifier` found in entitlements file: ' + entitlements['com.apple.application-identifier'])
} else {
  debuglog('`com.apple.application-identifier` not found in entitlements file, new inserted: ' + appIdentifier)
  entitlements['com.apple.application-identifier'] = appIdentifier
}
// Insert developer team identifier if not exists
if (entitlements['com.apple.developer.team-identifier']) {
  debuglog('`com.apple.developer.team-identifier` found in entitlements file: ' + entitlements['com.apple.developer.team-identifier'])
} else {
  debuglog('`com.apple.developer.team-identifier` not found in entitlements file, new inserted: ' + appInfo.ElectronTeamID)
  entitlements['com.apple.developer.team-identifier'] = appInfo.ElectronTeamID
}
// Init entitlements app group key to array if not exists
if (!entitlements['com.apple.security.application-groups']) {
  entitlements['com.apple.security.application-groups'] = []
}
// Insert app group if not exists
if (Array.isArray(entitlements['com.apple.security.application-groups']) && entitlements['com.apple.security.application-groups'].indexOf(appIdentifier) === -1) {
  debuglog('`com.apple.security.application-groups` not found in entitlements file, new inserted: ' + appIdentifier)
  entitlements['com.apple.security.application-groups'].push(appIdentifier)
} else {
  debuglog('`com.apple.security.application-groups` found in entitlements file: ' + appIdentifier)
}
83
// Create temporary entitlements file
const entitlementsPath = path.join(os.tmpdir(), `tmp-entitlements-${process.pid.toString(16)}-${(tmpFileCounter++).toString(16)}.plist`)
opts.entitlements = entitlementsPath
await executeAppBuilderAndWriteJson(["encode-plist"], {[entitlementsPath]: entitlements})
debuglog('Entitlements file updated:', '\n', '> Entitlements:', entitlementsPath)
89}
90
91module.exports.preAutoEntitlements = preAutoEntitlements
\No newline at end of file

1	`/**`
2	`* @module util-entitlements`
3	`*/`
4
5	`'use strict'`
6
7	`const { executeAppBuilderAsJson, executeAppBuilderAndWriteJson } = require("../out/util/appBuilder")`
8
9	`const os = require('os')`
10	`const path = require('path')`
11
12	`const util = require('./util')`
13	`const debuglog = util.debuglog`
14	`const getAppContentsPath = util.getAppContentsPath`
15
16	`let tmpFileCounter = 0`
17
18	`/**`
19	* This function returns a promise completing the entitlements automation: The process includes checking in `Info.plist` for `ElectronTeamID` or setting parsed value from identity, and checking in entitlements file for `com.apple.security.application-groups` or inserting new into array. A temporary entitlements file may be created to replace the input for any changes introduced.
20	`* @function`
21	`* @param {Object} opts - Options.`
22	`* @returns {Promise} Promise.`
23	`*/`
24	`async function preAutoEntitlements(opts) {`
25	`// If entitlements file not provided, default will be used. Fixes #41`
26	`const appInfoPath = path.join(getAppContentsPath(opts), 'Info.plist')`
27
28	`debuglog('Automating entitlement app group...', '\n',`
29	`'> Info.plist:', appInfoPath, '\n',`
30	`'> Entitlements:', opts.entitlements)`
31
32	`const plistContent = await executeAppBuilderAsJson(["decode-plist", "-f", opts.entitlements, "-f", appInfoPath])`
33	`let entitlements = plistContent[0]`
34	`if (!entitlements['com.apple.security.app-sandbox']) {`
35	`// Only automate when app sandbox enabled by user`
36	`return`
37	`}`
38
39	`const appInfo = plistContent[1]`
40
41	`// Use ElectronTeamID in Info.plist if already specified`
42	`if (appInfo.ElectronTeamID) {`
43	debuglog('`ElectronTeamID` found in `Info.plist`: ' + appInfo.ElectronTeamID)
44	`} else {`
45	`// The team identifier in signing identity should not be trusted`
46	`if (opts['provisioning-profile']) {`
47	`appInfo.ElectronTeamID = opts['provisioning-profile'].message.Entitlements['com.apple.developer.team-identifier']`
48	debuglog('`ElectronTeamID` not found in `Info.plist`, use parsed from provisioning profile: ' + appInfo.ElectronTeamID)
49	`} else {`
50	`appInfo.ElectronTeamID = opts.identity.name.substring(opts.identity.name.indexOf('(') + 1, opts.identity.name.lastIndexOf(')'))`
51	debuglog('`ElectronTeamID` not found in `Info.plist`, use parsed from signing identity: ' + appInfo.ElectronTeamID)
52	`}`
53	`await executeAppBuilderAndWriteJson(["encode-plist"], {[appInfoPath]: appInfo})`
54	debuglog('`Info.plist` updated:', '\n', '> Info.plist:', appInfoPath)
55	`}`
56
57	`const appIdentifier = appInfo.ElectronTeamID + '.' + appInfo.CFBundleIdentifier`
58	`// Insert application identifier if not exists`
59	`if (entitlements['com.apple.application-identifier']) {`
60	debuglog('`com.apple.application-identifier` found in entitlements file: ' + entitlements['com.apple.application-identifier'])
61	`} else {`
62	debuglog('`com.apple.application-identifier` not found in entitlements file, new inserted: ' + appIdentifier)
63	`entitlements['com.apple.application-identifier'] = appIdentifier`
64	`}`
65	`// Insert developer team identifier if not exists`
66	`if (entitlements['com.apple.developer.team-identifier']) {`
67	debuglog('`com.apple.developer.team-identifier` found in entitlements file: ' + entitlements['com.apple.developer.team-identifier'])
68	`} else {`
69	debuglog('`com.apple.developer.team-identifier` not found in entitlements file, new inserted: ' + appInfo.ElectronTeamID)
70	`entitlements['com.apple.developer.team-identifier'] = appInfo.ElectronTeamID`
71	`}`
72	`// Init entitlements app group key to array if not exists`
73	`if (!entitlements['com.apple.security.application-groups']) {`
74	`entitlements['com.apple.security.application-groups'] = []`
75	`}`
76	`// Insert app group if not exists`
77	`if (Array.isArray(entitlements['com.apple.security.application-groups']) && entitlements['com.apple.security.application-groups'].indexOf(appIdentifier) === -1) {`
78	debuglog('`com.apple.security.application-groups` not found in entitlements file, new inserted: ' + appIdentifier)
79	`entitlements['com.apple.security.application-groups'].push(appIdentifier)`
80	`} else {`
81	debuglog('`com.apple.security.application-groups` found in entitlements file: ' + appIdentifier)
82	`}`
83
84	`// Create temporary entitlements file`
85	const entitlementsPath = path.join(os.tmpdir(), `tmp-entitlements-${process.pid.toString(16)}-${(tmpFileCounter++).toString(16)}.plist`)
86	`opts.entitlements = entitlementsPath`
87	`await executeAppBuilderAndWriteJson(["encode-plist"], {[entitlementsPath]: entitlements})`
88	`debuglog('Entitlements file updated:', '\n', '> Entitlements:', entitlementsPath)`
89	`}`
90
91	`module.exports.preAutoEntitlements = preAutoEntitlements`
\	No newline at end of file