vmware-samples · adammatthews · Aug 25, 2021 · Aug 25, 2021
diff --git a/macOS-Samples/Tools/app_and_process_details/README.md b/macOS-Samples/Tools/app_and_process_details/README.md
@@ -4,33 +4,80 @@ This is a helper for the Workspace ONE Intelligent Hub for macOS feature for blo
 
 [VMware Docs for Apps and Process Restrictions for macOS](https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/macOS_Platform/GUID-1457AF26-9546-49E5-8D63-6D9162604456.html?hWord=N4IghgNiBcIEoFMDOAXATgSwMYoAQFswsB5AZVwEEAHKibMFDAewDslcAyXABTSa2RJkIAL5A) 
 
+## Author
+Created by Adam Matthews ([email protected];[email protected]) GitHub: [adammatthews](https://github.com/adammatthews) Twitter: [@AdamPMatthews](https://twitter.com/AdamPMatthews)
+
+
 ## Installation
 
-Download the appblocker.py script. 
+A Mac is required to run this tool. Download the appblocker.py script. Ensure you have Python 3 installed, no additional packages required. 
 
 ## Usage
 
+On a Mac where you have the apps you intend to block installed, follow the below steps. 
+
 ```shell
 python3 appblock.py --list
 ```
 ```shell
-python3 appblock.py --app /System/Applications/Podcasts.app
+python3 appblock.py --app /System/Applications/Utilities/Terminal.app
 ```
 --List will show you an output of all installed applications on your Mac, under /Applications, /System/Applications and /System/Applications/Utilities. 
 
 --apps "application path" will show the details required to populate the Custom XML payload to set up the App and Process blocking feature. 
 
 ## Output 
 
+If you are setting up a new profile, use the entire output, and remove the comment lines. 
+
+If you are adding an additional app to an existing profile, jusy copy the lines between the comments to the initial array. 
+
 ```shell
-% python3 appblock.py --app /System/Applications/Podcasts.app
-Name: Podcasts
-File Path: /System/Applications/Podcasts.app/Contents/MacOS
-CD Hash: e16e4dd06ea262216f169400e69ab163b26c7849
-Team ID: not set
-SHA-265:  9bc8af16ae3d7dfdc6b8f795e36385b8fed206205725c4506020a64156ccf0d0
-Bundle ID: com.apple.podcasts
+% python3 appblock.py --app /System/Applications/Utilities/Terminal.app
+<dict>
+	<key>Restrictions</key>
+	<array>
+======= Beginning of app config (delete this line) ========
+<dict>
+	<key>Attributes</key>
+	<dict>
+		<key>cdhash</key>
+			<string>de7001f2c2558fd399dbbde024dd767814ea03d0</string>
+		<key>name</key>
+		<array>
+			<string>Terminal</string>
+		</array>
+		<key>path</key>
+			<string>/System/Applications/Utilities/Terminal.app/Contents/MacOS</string>
+		<key>bundleId</key>
+		<array>
+			<string>com.apple.Terminal</string>
+		</array>
+	</dict>
+	<key>Actions</key>
+	<array>
+		<integer>1</integer>
+	</array>
+	<key>Message</key>
+	<string>You are not permitted to use the Terminal App</string>
+</dict>
+======= Bottom of Payload (use if required, delete this line) ========
+	</array>
+	<key>PayloadDisplayName</key>
+	<string>Restricted Software Policy</string>
+	<key>PayloadIdentifier</key>
+	<string>HubSettings.93f1655a-59fb-42dc-bc31-9571275cb12b</string>
+	<key>PayloadOrganization</key>
+	<string>VMware</string>
+	<key>PayloadType</key>
+	<string>com.vmware.hub.mac.restrictions</string>
+	<key>PayloadUUID</key>
+	<string>2b3eb9a9-fd31-4b94-8460-c9702e42dccc</string>
+	<key>PayloadVersion</key>
+	<integer>1</integer>
+</dict>
 ```
+
 ## Contributing
 Changes and improvements welcome. Please follow the VMware Contribution guide for this repository. 
 

diff --git a/macOS-Samples/Tools/app_and_process_details/appblock.py b/macOS-Samples/Tools/app_and_process_details/appblock.py
@@ -6,7 +6,7 @@
 # Date: 6th July 2021
 #
 
-import subprocess, sys, getopt, re, argparse, os
+import subprocess, sys, getopt, re, argparse, os, uuid
 
 parser = argparse.ArgumentParser()
 parser.add_argument('--apps', help='Application Path')
@@ -57,12 +57,58 @@
 	bundle_plist = subprocess.run(["osascript", "-e", f"id of app \"{sha_contents}\""], capture_output=True)
 	bundleid = str(bundle_plist.stdout, 'utf-8').strip()
 
-	print(f"Name: {name}")
-	print(f"File Path: {app}/Contents/MacOS")
-	print(f"CD Hash: {cdhash}")
-	print(f"Team ID: {teamid}")
-	print(f"SHA-265: {sha256}")
-	print(f"Bundle ID: {bundleid}")
+	# print(f"Name: {name}")
+	# print(f"File Path: {app}/Contents/MacOS")
+	# print(f"CD Hash: {cdhash}")
+	# print(f"Team ID: {teamid}")
+	# print(f"SHA-256: {sha256}")
+	# print(f"Bundle ID: {bundleid}")
+
+	print("<dict>")
+	print("\t<key>Restrictions</key>")
+	print("\t<array>")
+
+	print("======== Beginning of app config (delete this line) ========")
+
+	print("<dict>")
+	print("\t<key>Attributes</key>")
+	print("\t<dict>")
+	print("\t\t<key>cdhash</key>")
+	print(f"\t\t\t<string>{cdhash}</string>")
+	print("\t\t<key>name</key>")
+	print("\t\t<array>")
+	print(f"\t\t\t<string>{name}</string>")
+	print("\t\t</array>")
+	print("\t\t<key>path</key>")
+	print(f"\t\t\t<string>{app}/Contents/MacOS</string>")
+	print("\t\t<key>bundleId</key>")
+	print("\t\t<array>")
+	print(f"\t\t\t<string>{bundleid}</string>")
+	print("\t\t</array>")
+	print("\t</dict>")
+	print("\t<key>Actions</key>")
+	print("\t<array>")
+	print("\t\t<integer>1</integer>")
+	print("\t</array>")
+	print("\t<key>Message</key>")
+	print(f"\t<string>You are not permitted to use the {name} App</string>")
+	print("</dict>")
+
+	print("======== End of App Config - Rest of payload, use if required (delete this line) ========")
+	print("\t</array>")
+	print("\t<key>PayloadDisplayName</key>")
+	print("\t<string>Restricted Software Policy</string>")
+	print("\t<key>PayloadIdentifier</key>")
+	print("\t<string>HubSettings.93f1655a-59fb-42dc-bc31-9571275cb12b</string>")
+	print("\t<key>PayloadOrganization</key>")
+	print("\t<string>VMware</string>")
+	print("\t<key>PayloadType</key>")
+	print("\t<string>com.vmware.hub.mac.restrictions</string>")
+	print("\t<key>PayloadUUID</key>")
+	print(f"\t<string>{uuid.uuid4()}</string>")
+	print("\t<key>PayloadVersion</key>")
+	print("\t<integer>1</integer>")
+	print("</dict>")
 
 if args.list:
 	list_apps = subprocess.run(["ls"], capture_output=True, cwd="/Applications/")
@@ -75,8 +121,8 @@
 	utility_apps_list = list_utility_apps.stdout
 
 	for line in apps_list.splitlines():	
-		print(f"/Applications/{str(line,'utf-8')}")
+		print(f'"/Applications/{str(line,"utf-8")}"')
 	for line in system_apps_list.splitlines():		
-		print(f"/System/Applications/{str(line,'utf-8')}")
+		print(f'"/System/Applications/{str(line,"utf-8")}"')
 	for line in utility_apps_list.splitlines():		
-		print(f"/System/Applications/Utilities/{str(line,'utf-8')}")
+		print(f'"/System/Applications/Utilities/{str(line,"utf-8")}"')