From cdd90332f7ea2286638a5edd184baea19c782ab9 Mon Sep 17 00:00:00 2001
From: tek <tek@randhome.io>
Date: Thu, 16 Dec 2021 13:57:44 +0100
Subject: [PATCH] Adds timeline support to TCC iOS module

---
 mvt/ios/modules/mixed/tcc.py | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/mvt/ios/modules/mixed/tcc.py b/mvt/ios/modules/mixed/tcc.py
index 4829ba1..747ffcf 100644
--- a/mvt/ios/modules/mixed/tcc.py
+++ b/mvt/ios/modules/mixed/tcc.py
@@ -53,6 +53,19 @@ class TCC(IOSExtraction):
                          output_folder=output_folder, fast_mode=fast_mode,
                          log=log, results=results)
 
+    def serialize(self, record):
+        if "last_modified" in record:
+            if "allowed_value" in record:
+                msg = f"Access to {record['service']} by {record['client']} {record['allowed_value']}"
+            else:
+                msg = f"Access to {record['service']} by {record['client']} {record['auth_value']}"
+            return {
+                "timestamp": record["last_modified"],
+                "module": self.__class__.__name__,
+                "event": "AccessRequest",
+                "data": msg
+            }
+
     def process_db(self, file_path):
         conn = sqlite3.connect(file_path)
         cur = conn.cursor()