-
Notifications
You must be signed in to change notification settings - Fork 0
/
protect
executable file
·191 lines (178 loc) · 4.99 KB
/
protect
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
#!/bin/zsh
# shellcheck shell=bash
# protect
# v0.9.8
# macOS
#
# Toggle Protection - part of Trash Tools
# Copyright (c) 2021 Joss Brown (pseud.)
# License: MIT / place of jurisdiction: Berlin, Germany / German laws apply
#
# keyboard shortcut: CMD-OPTION-CTRL-K
#
# toggle uulnk-style anti-removal file protection (incl. user tag "Protected")
export LANG=en_US.UTF-8
export PATH=/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin:/opt/local/bin:/opt/homebrew/bin:/opt/sw/bin:"$HOME"/.local/bin:"$HOME"/bin:"$HOME"/local/bin
! [[ $* ]] && exit
uiprocess="Toggle Protection"
account=$(id -u)
xaprocess="protect-cli"
xastr="local.lcars.fpsr#PS"
_beep () {
osascript -e 'beep' -e 'delay 0.5' &>/dev/null
}
_notify () {
osascript &>/dev/null << EOT
tell application "System Events"
display notification "$2" with title "$uiprocess [" & "$account" & "]" subtitle "$1"
end tell
EOT
}
errors=false
errorcount=0
rootlist=""
for filepath in "$@"
do
filename=$(basename "$filepath")
if [[ $filepath == *"/.Trash/"* ]] || [[ $filepath == *"/.Trashes/"* ]] || [[ $filename == ".DS_Store" ]] || [[ $filename == "._"* ]] ; then
_notify "⚠️ Protection error" "Certain files or paths cannot be protected"
continue
fi
if ! xattr -p "$xastr" "$filepath" &>/dev/null ; then
posixdate=$(date +%s)
xakey="protected;$posixdate;$xaprocess"
if xattr -ws "$xastr" "$xakey" "$filepath" 2>/dev/null ; then
if tag --add Protected "$filepath" &>/dev/null ; then
_notify "🔒 🏷 File protected & tagged" "$filename"
else
_notify "🔒 File protected without tag" "$filename"
fi
else
errors=true
((errorcount++))
_notify "⚠️ Protection failed" "$filename"
rootlist="$rootlist\nuunlnk:$filepath"
fi
else
if xattr -ds "$xastr" "$filepath" 2>/dev/null ; then
if tag --remove Protected "$filepath" &>/dev/null ; then
_notify "🆓 File liberated" "$filename"
else
_notify "🆓 🏷 File liberated (still tagged)" "$filename"
fi
else
errors=true
((errorcount++))
_notify "⚠️ File still protected" "$filename"
rootlist="$rootlist\nnouunlnk:$filepath"
fi
fi
done
! $errors && exit
_beep &
if [[ $errorcount -gt 1 ]] ; then
fstr1="$errorcount files"
fstr2="files"
else
fstr1="One file"
fstr2="file"
fi
icon_loc="/System/Library/PreferencePanes/Security.prefPane/Contents/Resources/SystemPreferences_Security.tiff"
password=$(osascript 2>/dev/null << EOR
tell application "System Events"
activate
set theIconPath to POSIX file "$icon_loc"
repeat
display dialog "$fstr1 could not be processed, probably due to missing write permissions." & return & return & "Please enter your administrator password to try and process the remaining $fstr2." ¬
with icon file theIconPath ¬
default answer "" ¬
with title "Toggle Protection" ¬
with hidden answer ¬
buttons {"Cancel", "Enter"} ¬
default button 2
if button returned of the result is "Cancel" then
return 1
exit repeat
else if the button returned of the result is "Enter" then
set pswd to text returned of the result
set usr to short user name of (system info)
try
do shell script "echo test" user name usr password pswd with administrator privileges
return pswd
exit repeat
end try
end if
end repeat
end tell
EOR
)
if [[ $password == 1 ]] ; then
exit
fi
fcount=0
scount=0
errors=false
while read -r rootline
do
method=$(echo "$rootline" | awk -F":" '{print $1}')
rootpath=$(echo "$rootline" | awk -F":" '{print substr($0, index($0,$2))}')
rootname=$(basename "$rootpath")
if [[ $method == "uunlnk" ]] ; then
posixdate=$(date +%s)
xakey="protected;$posixdate;$xaprocess"
echo -n "$password" | sudo -S xattr -ws "$xastr" "$xakey" "$rootpath" 2>/dev/null
if [[ $? == 1 ]] ; then
_notify "⚠️ Protection failed!" "$rootname"
((fcount++))
errors=true
else
((scount++))
if echo -n "$password" | sudo -S tag --add Protected "$rootpath" &>/dev/null ; then
_notify "🔒 🏷 File protected & tagged" "$filename"
else
_notify "🔒 File protected without tag" "$filename"
fi
fi
elif [[ $method == "nouunlnk" ]] ; then
echo -n "$password" | sudo -S xattr -ds "$xastr" "$rootpath" 2>/dev/null
if [[ $? == 1 ]] ; then
_notify "⚠️ File still protected!" "$rootname"
((fcount++))
errors=true
else
((scount++))
if echo -n "$password" | sudo -S tag --remove Protected "$rootpath" &>/dev/null ; then
_notify "🆓 File liberated" "$filename"
else
_notify "🆓 🏷 File liberated (still tagged)" "$filename"
fi
fi
fi
done < <(echo -e "$rootlist" | grep -v "^$")
sudo -k
if $errors ; then
_beep &
if [[ $scount -eq 0 ]] ; then
if [[ $fcount -eq 1 ]] ; then
fstr="file"
else
fstr="files"
fi
_beep &
_notify "⚠️ Protection error!" "$fcount $fstr remain protected"
else
if [[ $fcount -eq 1 ]] ; then
fstr="file"
else
fstr="files"
fi
if [[ $scount -eq 1 ]] ; then
sstr="file"
else
sstr="files"
fi
_beep &
_notify "☑️ $scount $sstr protected" "$fcount $fstr remain unprotected"
fi
fi
exit 0