Skip to main content

I'm trying to utilize a script that will upload a file as an attachment to a computer. I'm trying to figure out the minimum necessary permissions to accomplish this. I used an admin account and was able to upload fine, but when I try to use a lower-privileged account, I get an HTTP 502 response code from the CURL command.



Some of the permissions I think might be related already are:
- Allowed File Extensions (Read)
- API Integrations (Read)
- Computers (Read, Update)
- File Attachments (Create, Read, Update, Delete)



I can't find anything in the admin guide or on the API page

Strangely, you need the ONLY the CREATE permission for Computers for this particular API call to work. Nothing else.

curl -su "api_user1:pass" https://jss.url/JSSResource/fileuploads/computers/id/# -F "name=@/localcomputer/path/to/file" -X POST

Now I'd like to know how to delete all those attachments with the API to reduce DB bloat. 

Strangely, you need the ONLY the CREATE permission for Computers for this particular API call to work. Nothing else.

curl -su "api_user1:pass" https://jss.url/JSSResource/fileuploads/computers/id/# -F "name=@/localcomputer/path/to/file" -X POST

Now I'd like to know how to delete all those attachments with the API to reduce DB bloat. 


check out this script 

#!/usr/bin/env bash



# Script to delete all the attachment on a single device.

# Created by macstuff.dev - Melwin Moeskops 

#

# Will delete from 1 till 450 with a sleep to keep the server from being overloaded.



# --------------    edit the variables below this line    ----------------



# API username

username=""



# API password

password=""



# JSS URL without trailing slash

jamfProURL="https://url.jamfcloud.com"



# Device ID (Example where to find: https://URL.jamfcloud.com/computers.html?id=2523&o=r) ID 2523 in example.

deviceID="2227"



# ------------------  do not edit below this line  -------------------



# Create base64-encoded credentials

encodedCredentials=$( printf "${username}:${password}" | /usr/bin/iconv -t ISO-8859-1 | /usr/bin/base64 -i - )



# Generate an authorization bearer token

authToken=$( /usr/bin/curl "${jamfProURL}/uapi/auth/tokens" --silent --request POST --header "Authorization: Basic ${encodedCredentials}" )



# Clean up token to omit expiration details

token=$( /usr/bin/awk -F \\" '{ print $4 }' <<< "${authToken}" | /usr/bin/xargs )



# Start deletion loop (adjust 450 to desired amount)

for attachmentId in {1..450}

  do

    # Wait 1 second to prevent the server from overloading

  sleep 1

  # Delete attachement

  curl -X DELETE "${jamfProURL}/api/v1/computers-inventory/${deviceID}/attachments/${attachmentId}" -H "accept: */*" -H "Authorization: Bearer ${token}"

done



# Expire our authorization token

curl "${jamfProURL}/uapi/auth/invalidateToken" \\

--silent \\

--request POST \\

--header "Authorization: Bearer ${token}"



exit 1

I cleaned up this part of the script ,but otherwise it looks to be good:


# Create base64-encoded credentials
encodedCredentials=$( printf "${username}:${password}" | /usr/bin/iconv -t ISO-8859-1 | /usr/bin/base64 -i - )


# Generate an authorization bearer token
authToken=$( /usr/bin/curl "${jamfProURL}/uapi/auth/tokens" --silent --request POST --header "Authorization: Basic ${encodedCredentials}" )


# Clean up token to extract just the token value from JSON response
token=$( echo "${authToken}" | /usr/bin/grep -o '"token":"[^"]*"' | /usr/bin/awk -F'"' '{print $4}' )

Reply


Terms & ConditionsCookie settings