Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-04-21 21:47:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 91
fleet/server/datastore/mysql/linux_mdm.go

104 lines
2.6 KiB
Go
Raw Normal View History

Add Linux encryption states to APIs (#23806)
2024-11-19 20:11:59 +00:00
package mysql
import (
"context"
"fmt"
"github.com/fleetdm/fleet/v4/server/fleet"
"github.com/jmoiron/sqlx"
)
func (ds *Datastore) GetLinuxDiskEncryptionSummary(ctx context.Context, teamID *uint) (fleet.MDMLinuxDiskEncryptionSummary, error) {
var args []interface{}
var teamFilter string
if teamID != nil {
teamFilter = "AND h.team_id = ?"
args = append(args, *teamID)
} else {
teamFilter = "AND h.team_id IS NULL"
}
stmt := fmt.Sprintf(`SELECT
CASE WHEN hdek.base64_encrypted IS NOT NULL
AND hdek.base64_encrypted != ''
AND hdek.client_error = '' THEN
'verified'
WHEN hdek.client_error IS NOT NULL
AND hdek.client_error != '' THEN
'failed'
WHEN hdek.base64_encrypted IS NULL
OR (hdek.base64_encrypted = ''
AND hdek.client_error = '') THEN
'action_required'
END AS status,
COUNT(h.id) AS host_count
FROM
hosts h
LEFT JOIN host_disk_encryption_keys hdek ON h.id = hdek.host_id
WHERE
(h.os_version LIKE '%%fedora%%'
OR h.platform LIKE 'ubuntu')
%s
GROUP BY
status`, teamFilter)
type countRow struct {
Status string `db:"status"`
HostCount uint `db:"host_count"`
}
var counts []countRow
summary := fleet.MDMLinuxDiskEncryptionSummary{}
if err := sqlx.SelectContext(ctx, ds.reader(ctx), &counts, stmt, args...); err != nil {
return summary, err
}
for _, count := range counts {
switch count.Status {
case "verified":
summary.Verified = count.HostCount
case "action_required":
summary.ActionRequired = count.HostCount
case "failed":
summary.Failed = count.HostCount
}
}
return summary, nil
}
Linux OS settings + disk encryption host filter fixes (#24200) #24174 If some of the following don't apply, delete the relevant line. <!-- Note that API documentation changes are now addressed by the product design team. --> - [ ] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files) for more information. - [X] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [X] Added/updated tests - [X] Manual QA for all new/changed functionality --------- Co-authored-by: Ian Littman <iansltx@gmail.com>
2024-11-27 01:26:22 +00:00
func sqlCaseLinuxOSSettingsStatus() string {
return `
CASE WHEN
hdek.base64_encrypted IS NOT NULL
AND hdek.base64_encrypted != ''
AND hdek.client_error = '' THEN
'` + string(fleet.OSSettingsVerified) + `'
WHEN hdek.client_error IS NOT NULL
AND hdek.client_error != '' THEN
'` + string(fleet.OSSettingsFailed) + `'
WHEN hdek.base64_encrypted IS NULL
OR (hdek.base64_encrypted = ''
AND hdek.client_error = '') THEN
'` + string(fleet.OSSettingsPending) + `'
END`
}
func sqlCaseLinuxDiskEncryptionStatus() string {
return `
CASE WHEN
hdek.base64_encrypted IS NOT NULL
AND hdek.base64_encrypted != ''
AND hdek.client_error = '' THEN
'` + string(fleet.DiskEncryptionVerified) + `'
WHEN hdek.client_error IS NOT NULL
AND hdek.client_error != '' THEN
'` + string(fleet.DiskEncryptionFailed) + `'
WHEN hdek.base64_encrypted IS NULL
OR (hdek.base64_encrypted = ''
AND hdek.client_error = '') THEN
'` + string(fleet.DiskEncryptionActionRequired) + `'
END`
}
Reference in a new issue Copy permalink