#!/bin/zsh

# Run this script with a system wide LaunchAgent

###############################
# DO NOT EDIT BELOW THIS LINE #
###############################

user_plist_path=/usr/local/etc/block_macos_updates/

# Minimum version to block, e.g
# 16 - to block Big Sur and above
# 15 - to block Catalina and above
minimum_block_version=$(defaults read ${user_plist_path}com.filewave.blockmacosinstaller_user.plist MinimumBlockedVersion)

if [ -z $minimum_block_version ]
then
        minimum_block_version=15
fi
process_path=$(pgrep -lf osinstallersetupd | awk -F "." '{print $1}')
process_id="${process_path%% *}"
app_path="/${process_path#*/}.app"
user_id=$(ps -o uid= -p $process_id)

if [ -z $process_id ]
then
        echo "No process found to kill"
        exit 0
fi

running_version=$(defaults read "${app_path}/Contents/Info.plist" CFBundleShortVersionString 2>/dev/null | cut -d "." -f 1)

if [ -z $running_version ]
then
        kill_app=1
elif [ $running_version -ge $minimum_block_version ]
then
        kill_app=1
else
        kill_app=0
fi

function kill_process {

	while read line
	do
		launchctl asuser $user_id launchctl bootout gui/$user_id/$line
	done< <(proc_id=$(pgrep -x osinstallersetupd); user_id=$(ps -o uid= -p $proc_id); launchctl asuser $user_id launchctl list | awk '/(application.com.apple.InstallAssistant.macOS|com.apple.install.osinstallersetupd)/ {print $NF}')

	attempt_count=$(defaults read /Library/Preferences/com.filewave.blockmacosinstaller_count.plist UserAttemptCount)
	attempt_count=$(( attempt_count + 1 ))
	/usr/libexec/PlistBuddy -c "Set UserAttemptCount $attempt_count" /Library/Preferences/com.filewave.blockmacosinstaller_count.plist

	touch ${user_plist_path}.notifyuser
}

case $kill_app in

        1)
                echo "Killing macOS ${running_version}"
                kill_process
        ;;
        0)
                echo "Found version ${running_version}.  Allowing installation"
        ;;
        *)
                echo "Did not find a version number for ${app_path}.  Kill to be safe."
                kill_process
        ;;
esac

exit 0

