Add query to list users with secure token for FileVault access on macOS

[kitzy]

Introduce a query that lists local user accounts with a secure token, which is necessary for FileVault access on macOS. This enhancement provides visibility into user accounts that meet the criteria.

Summary by CodeRabbit

• New Features
  • Added a new inventory query for macOS users to identify those with secure token protection enabled.

[Copilot]

Copilot wasn't able to review any files in this pull request.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: b8cf65f9-2b01-4978-8ead-dacaf74da886

📥 Commits

Reviewing files that changed from the base of the PR and between 2678650 and 91aad3a.

📒 Files selected for processing (1)

• docs/queries.yml

---

Walkthrough

This pull request adds a new inventory query to docs/queries.yml named "Get users with secure token" for macOS systems. The query returns each local user (UID ≥ 501) along with a boolean flag indicating whether they have a secure token. The secure token status is determined by checking for the user's presence in the filevault_users table via a left join.

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The pull request description is incomplete and does not follow the repository template. It lacks required sections like Related issue, Checklist for submitter, Testing, Database migrations, and other applicable sections. The description only provides a brief overview without addressing mandatory compliance items.	Update the description to include all required template sections. At minimum, add the Related issue reference, relevant checklist items with confirmation boxes, and note which sections (if any) are not applicable to this query addition.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the main change: adding a query to list users with secure token for FileVault access on macOS. It is concise, specific, and clearly describes the primary purpose of the changeset.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch add-securetoken-report

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}