andermoran/asm.sh

## asm.sh
#!/bin/bash

usage="usage: ./$(basename "$0") -s service [-d] [-m] [-c] app_name
where:
	app_name:	the name of the app
	-s service:	the service to change
	-d  		disables the service (only put this option if you want to disable access)
	-m			sets the microphone as the service
	-c			sets the camera as the service
extra help:
	* to see examples of service names run: ./$(basename "$0") --list-example-services
	* to give an application access to your microphone run: ./$(basename "$0")  -m SomeMacApp
	* to disable an application's access to your camera run: ./$(basename "$0")  -c -d SomeMacApp
example:
	* disable Google Chrome's access to your camera run: ./$(basename "$0")  -c -d \"Google Chrome\"
	"
example_services="List of example services that can be changed:
kTCCServiceAddressBook
kTCCServiceAppleEvents
kTCCServiceCalendar
kTCCServiceCamera
kTCCServiceLiverpool
kTCCServiceMicrophone
kTCCServiceUbiquity"

SHOULD_ENABLE_SERVICE=1
POSITIONAL=()
while [[ $# -gt 0 ]]
do
key="$1"

case $key in
	-h|--help)
	echo "$usage" >&2
	exit
	;;
	-l|--list-example-services)
	echo "$example_services" >&2
	exit
	;;
	-s|--service)
	SERVICE="$2"
	shift # past argument
	shift # past value
	;;
	-d|--disable)
	SHOULD_ENABLE_SERVICE=0 # 0 = no, 1 = yes
	shift # past argument
	;;
	-m|--microphone)
	SERVICE="kTCCServiceMicrophone"
	shift # past argument
	;;
	-c|--camera)
	SERVICE="kTCCServiceCamera"
	shift # past argument
	;;
	*)    # unknown option
	POSITIONAL+=("$1") # save it in an array for later
	shift # past argument
	;;
esac
done
set -- "${POSITIONAL[@]}" # restore positional parameters

TARGET_APP_NAME=$POSITIONAL
db_path=~/Library/Application\ Support/com.apple.TCC/TCC.db
db_path_backup=~/Library/Application\ Support/com.apple.TCC/TCC_backup.db
bundle_identifier=$(osascript -e "id of app \"$TARGET_APP_NAME\"")

if [[ ! -e $db_path_backup ]]; then
	cp -p "$db_path" "$db_path_backup"
	echo "backup db file created at $db_path_backup"
fi
select_record=$(sqlite3 "$db_path" 'SELECT client FROM "main"."access" WHERE (client = '\""$bundle_identifier"\"' AND service = '\""$SERVICE"\"');')
if [[ ${#select_record} -eq 0 ]]; then
	# record does not exist, so we insert it
	sqlite3 "$db_path" 'INSERT INTO "main"."access" ("service", "client", "client_type", "allowed", "prompt_count", "csreq", "policy_id", "indirect_object_identifier_type", "indirect_object_identifier", "indirect_object_code_identity", "flags", "last_modified") VALUES ('\""$SERVICE"\"', '\""$bundle_identifier"\"', "0", '"$SHOULD_ENABLE_SERVICE"', "1", NULL, NULL, NULL, "UNUSED", NULL, "0", "1581530359");'
else
	# record does exist, so we updated it
	sqlite3 "$db_path" 'UPDATE "main"."access" SET allowed='"$SHOULD_ENABLE_SERVICE"' WHERE (client = '\""$bundle_identifier"\"' AND service = '\""$SERVICE"\"');'
fi
	#!/bin/bash

	usage="usage: ./$(basename "$0") -s service [-d] [-m] [-c] app_name
	where:
	app_name: the name of the app
	-s service: the service to change
	-d disables the service (only put this option if you want to disable access)
	-m sets the microphone as the service
	-c sets the camera as the service
	extra help:
	* to see examples of service names run: ./$(basename "$0") --list-example-services
	* to give an application access to your microphone run: ./$(basename "$0") -m SomeMacApp
	* to disable an application's access to your camera run: ./$(basename "$0") -c -d SomeMacApp
	example:
	* disable Google Chrome's access to your camera run: ./$(basename "$0") -c -d \"Google Chrome\"
	"
	example_services="List of example services that can be changed:
	kTCCServiceAddressBook
	kTCCServiceAppleEvents
	kTCCServiceCalendar
	kTCCServiceCamera
	kTCCServiceLiverpool
	kTCCServiceMicrophone
	kTCCServiceUbiquity"

	SHOULD_ENABLE_SERVICE=1
	POSITIONAL=()
	while [[ $# -gt 0 ]]
	do
	key="$1"

	case $key in
	-h\|--help)
	echo "$usage" >&2
	exit
	;;
	-l\|--list-example-services)
	echo "$example_services" >&2
	exit
	;;
	-s\|--service)
	SERVICE="$2"
	shift # past argument
	shift # past value
	;;
	-d\|--disable)
	SHOULD_ENABLE_SERVICE=0 # 0 = no, 1 = yes
	shift # past argument
	;;
	-m\|--microphone)
	SERVICE="kTCCServiceMicrophone"
	shift # past argument
	;;
	-c\|--camera)
	SERVICE="kTCCServiceCamera"
	shift # past argument
	;;
	*) # unknown option
	POSITIONAL+=("$1") # save it in an array for later
	shift # past argument
	;;
	esac
	done
	set -- "${POSITIONAL[@]}" # restore positional parameters

	TARGET_APP_NAME=$POSITIONAL
	db_path=~/Library/Application\ Support/com.apple.TCC/TCC.db
	db_path_backup=~/Library/Application\ Support/com.apple.TCC/TCC_backup.db
	bundle_identifier=$(osascript -e "id of app \"$TARGET_APP_NAME\"")

	if [[ ! -e $db_path_backup ]]; then
	cp -p "$db_path" "$db_path_backup"
	echo "backup db file created at $db_path_backup"
	fi
	select_record=$(sqlite3 "$db_path" 'SELECT client FROM "main"."access" WHERE (client = '\""$bundle_identifier"\"' AND service = '\""$SERVICE"\"');')
	if [[ ${#select_record} -eq 0 ]]; then
	# record does not exist, so we insert it
	sqlite3 "$db_path" 'INSERT INTO "main"."access" ("service", "client", "client_type", "allowed", "prompt_count", "csreq", "policy_id", "indirect_object_identifier_type", "indirect_object_identifier", "indirect_object_code_identity", "flags", "last_modified") VALUES ('\""$SERVICE"\"', '\""$bundle_identifier"\"', "0", '"$SHOULD_ENABLE_SERVICE"', "1", NULL, NULL, NULL, "UNUSED", NULL, "0", "1581530359");'
	else
	# record does exist, so we updated it
	sqlite3 "$db_path" 'UPDATE "main"."access" SET allowed='"$SHOULD_ENABLE_SERVICE"' WHERE (client = '\""$bundle_identifier"\"' AND service = '\""$SERVICE"\"');'
	fi