Add missing TCC permissions

[tylervick]

Motivation

There have been several new user permissions introduced over the last couple of major iOS versions. This change adds the missing permissions that may be modified via existing TCC.db queries.

Notably, the "Health" permission is missing since it requires modification to a standalone healthdb.sqlite database. This will be implemented in a future PR.

The following permissions have been added:

• calendar
• biometrics (aka FaceID)
• media
• reminders
• motion
• siri
• speech
• userTracking

Test Plan

• Run idb approve -h
• Verify the output contains added permissions:

usage: idb approve [-h] [--scheme SCHEME] [--udid UDID]
                       [--log {DEBUG,INFO,WARNING,ERROR,CRITICAL}] [--json]
                       bundle_id
                       {photos,camera,contacts,url,location,notification,microphone,calendar,faceid,media,reminders,motion,siri,speech,user_tracking}
                       [{photos,camera,contacts,url,location,notification,microphone,calendar,faceid,media,reminders,motion,siri,speech,user_tracking} ...]

• Grant any/all of the introduced permissions for a valid bundle ID:

  • idb approve com.example.app calendar

• Verify the supplied permissions have been successfully granted for the bundle ID

• Revoke any/all of the introduced permissions for a valid bundle ID:

  • idb revoke com.example.app calendar

• Verify the supplied permissions have been successfully revoked for the bundle ID

Related PRs

[facebook-github-bot]

@grzmiel has imported this pull request. If you are a Meta employee, you can view this diff on Phabricator.

[fleytman]

Do you have any new about this PR?

[fleytman]

These are very useful changes, what's stopping you from making a merge of changes at this point?

[tylervick]

@fleytman unfortunately I don't have permission to merge this - I just re-requested a review from @grzmiel, perhaps they can help