2024-07-30 17:14:25 +00:00
export const APPLE_PLATFORM_DISPLAY_NAMES = {
darwin : "macOS" ,
ios : "iOS" ,
ipados : "iPadOS" ,
} as const ;
export type ApplePlatform = keyof typeof APPLE_PLATFORM_DISPLAY_NAMES ;
export type AppleDisplayPlatform = typeof APPLE_PLATFORM_DISPLAY_NAMES [ keyof typeof APPLE_PLATFORM_DISPLAY_NAMES ] ;
export const PLATFORM_DISPLAY_NAMES = {
windows : "Windows" ,
linux : "Linux" ,
chrome : "ChromeOS" ,
. . . APPLE_PLATFORM_DISPLAY_NAMES ,
} as const ;
export type Platform = keyof typeof PLATFORM_DISPLAY_NAMES ;
export type DisplayPlatform = typeof PLATFORM_DISPLAY_NAMES [ keyof typeof PLATFORM_DISPLAY_NAMES ] ;
2024-07-09 13:18:00 +00:00
export type QueryableDisplayPlatform = Exclude <
DisplayPlatform ,
"iOS" | "iPadOS"
> ;
export type QueryablePlatform = Exclude < Platform , " ios " | " ipados " > ;
export const SUPPORTED_PLATFORMS : QueryablePlatform [ ] = [
2023-07-17 21:09:12 +00:00
"darwin" ,
"windows" ,
"linux" ,
"chrome" ,
] ;
2024-07-09 13:18:00 +00:00
2024-07-30 17:14:25 +00:00
// TODO - add "iOS" and "iPadOS" once we support them
export const VULN_SUPPORTED_PLATFORMS : Platform [ ] = [ "darwin" , "windows" ] ;
2024-07-09 13:18:00 +00:00
export type SelectedPlatform = QueryablePlatform | "all" ;
2023-07-17 21:09:12 +00:00
export type SelectedPlatformString =
2022-03-21 16:51:00 +00:00
| ""
2024-07-09 13:18:00 +00:00
| QueryablePlatform
| ` ${ QueryablePlatform } , ${ QueryablePlatform } `
| ` ${ QueryablePlatform } , ${ QueryablePlatform } , ${ QueryablePlatform } `
| ` ${ QueryablePlatform } , ${ QueryablePlatform } , ${ QueryablePlatform } , ${ QueryablePlatform } ` ;
2022-03-21 16:51:00 +00:00
2022-03-21 23:06:25 +00:00
// TODO: revisit this approach pending resolution of https://github.com/fleetdm/fleet/issues/3555.
2024-07-09 13:18:00 +00:00
export const MACADMINS_EXTENSION_TABLES : Record < string , QueryablePlatform [ ] > = {
2022-03-21 23:06:25 +00:00
file_lines : [ "darwin" , "linux" , "windows" ] ,
filevault_users : [ "darwin" ] ,
google_chrome_profiles : [ "darwin" , "linux" , "windows" ] ,
macos_profiles : [ "darwin" ] ,
2022-03-21 16:51:00 +00:00
mdm : [ "darwin" ] ,
2022-03-21 23:06:25 +00:00
munki_info : [ "darwin" ] ,
munki_install : [ "darwin" ] ,
// network_quality: ["darwin"], // TODO: add this table if/when it is incorporated into orbit
puppet_info : [ "darwin" , "linux" , "windows" ] ,
puppet_logs : [ "darwin" , "linux" , "windows" ] ,
puppet_state : [ "darwin" , "linux" , "windows" ] ,
2022-08-19 01:59:14 +00:00
macadmins_unified_log : [ "darwin" ] ,
2022-03-21 16:51:00 +00:00
} ;
2024-02-07 21:32:51 +00:00
/ * *
* Host Linux OSs as defined by the Fleet server .
*
* @see https : //github.com/fleetdm/fleet/blob/5a21e2cfb029053ddad0508869eb9f1f23997bf2/server/fleet/hosts.go#L780
* /
export const HOST_LINUX_PLATFORMS = [
"linux" ,
Linux disk encryption: frontend changes, backend missing private key errors, remove disk encryption endpoints dependence on MDM being enabled (#23714)
## Addresses #22702, #23713, #23756, #23746, #23747, and #23876
_-Note that much of this code as is will render as expected only once
integrated with the backend or if manipulated manually for testing
purposes_
**Frontend**:
- Update banners on my device page, tests
- Build new logic for calling endpoint to trigger linux key escrow on
clicking `Create key`
- Add `CreateLinuxKeyModal` to inform user of next steps after clicking
`Create key`
- Update banners on host details page, tests
- Update the Controls > OS settings section with new logic related to
linux disk encryption
- Expect and include counts of Linux hosts in aggregate disk encryption
stats UI
- Add "Linux" column to the disk encryption table
- Show disk encryption related UI for supported Linux platforms
- TODO: confirm platform string matching functionality in manual e2e
testing
- Expand capabilities of `SectionHeader` component, apply to new UI
- Flash "missing private key" error, with clickable link, when trying to
update disk encryption enabled while no server private key is present.
- TODO: QA this once other endpoints on Controls > Disk encryption are
enabled even when MDM not turned on
- Update Disk encryption key modal copy
-Other TODO:
- Confirm when integrated with API:
- Aggregate disk encryption counts
- Disk encryption table Linux column
- Show disk encryption key action on host details page when expected
- Opens Disk encryption key modal, displays key as expected
**Backend**:
- For "No team" and teams, error when trying to update disk encryption
enabled while no server private key is present.
- Remove requirement of mdm being enabled for use of various endpoints
related to Linux disk encryption
- Update tests
_________
**Host details and my device page banners**
**Create key modal**
<img width="1799" alt="create-key-modal"
src="https://github.com/user-attachments/assets/81a55ccb-b6b9-4eb6-b2ff-a463c60724c0">
**Enabling disk encryption**
**Disk encryption: Fleet free**
<img width="1912" alt="free"
src="https://github.com/user-attachments/assets/9f9cace3-8955-47c2-87d9-24ff9387ac1a">
**Custom settings: turn on MDM**
<img width="1912" alt="turn on mdm"
src="https://github.com/user-attachments/assets/4d3ad47b-4035-4d93-86f0-dc2691b38bb4">
**Device status indicators**
**Encryption key action and modal**
- [x] Changes file added for user-visible changes in `changes/`
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
- [ ] Full e2e testing to do when integrated with backend
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
Co-authored-by: Ian Littman <iansltx@gmail.com>
2024-11-20 19:58:47 +00:00
"ubuntu" , // covers Kubuntu
2024-02-07 21:32:51 +00:00
"debian" ,
Linux disk encryption: frontend changes, backend missing private key errors, remove disk encryption endpoints dependence on MDM being enabled (#23714)
## Addresses #22702, #23713, #23756, #23746, #23747, and #23876
_-Note that much of this code as is will render as expected only once
integrated with the backend or if manipulated manually for testing
purposes_
**Frontend**:
- Update banners on my device page, tests
- Build new logic for calling endpoint to trigger linux key escrow on
clicking `Create key`
- Add `CreateLinuxKeyModal` to inform user of next steps after clicking
`Create key`
- Update banners on host details page, tests
- Update the Controls > OS settings section with new logic related to
linux disk encryption
- Expect and include counts of Linux hosts in aggregate disk encryption
stats UI
- Add "Linux" column to the disk encryption table
- Show disk encryption related UI for supported Linux platforms
- TODO: confirm platform string matching functionality in manual e2e
testing
- Expand capabilities of `SectionHeader` component, apply to new UI
- Flash "missing private key" error, with clickable link, when trying to
update disk encryption enabled while no server private key is present.
- TODO: QA this once other endpoints on Controls > Disk encryption are
enabled even when MDM not turned on
- Update Disk encryption key modal copy
-Other TODO:
- Confirm when integrated with API:
- Aggregate disk encryption counts
- Disk encryption table Linux column
- Show disk encryption key action on host details page when expected
- Opens Disk encryption key modal, displays key as expected
**Backend**:
- For "No team" and teams, error when trying to update disk encryption
enabled while no server private key is present.
- Remove requirement of mdm being enabled for use of various endpoints
related to Linux disk encryption
- Update tests
_________
**Host details and my device page banners**
**Create key modal**
<img width="1799" alt="create-key-modal"
src="https://github.com/user-attachments/assets/81a55ccb-b6b9-4eb6-b2ff-a463c60724c0">
**Enabling disk encryption**
**Disk encryption: Fleet free**
<img width="1912" alt="free"
src="https://github.com/user-attachments/assets/9f9cace3-8955-47c2-87d9-24ff9387ac1a">
**Custom settings: turn on MDM**
<img width="1912" alt="turn on mdm"
src="https://github.com/user-attachments/assets/4d3ad47b-4035-4d93-86f0-dc2691b38bb4">
**Device status indicators**
**Encryption key action and modal**
- [x] Changes file added for user-visible changes in `changes/`
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
- [ ] Full e2e testing to do when integrated with backend
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
Co-authored-by: Ian Littman <iansltx@gmail.com>
2024-11-20 19:58:47 +00:00
"rhel" , // covers Fedora
2024-02-07 21:32:51 +00:00
"centos" ,
"sles" ,
"kali" ,
"gentoo" ,
"amzn" ,
"pop" ,
"arch" ,
"linuxmint" ,
"void" ,
"nixos" ,
"endeavouros" ,
"manjaro" ,
"opensuse-leap" ,
"opensuse-tumbleweed" ,
2024-05-29 16:54:07 +00:00
"tuxedo" ,
2024-02-07 21:32:51 +00:00
] as const ;
2024-02-13 18:03:53 +00:00
2024-06-12 16:16:23 +00:00
export const HOST_APPLE_PLATFORMS = [ "darwin" , "ios" , "ipados" ] as const ;
2024-07-25 20:33:36 +00:00
export type HostPlatform =
| typeof HOST_LINUX_PLATFORMS [ number ]
| typeof HOST_APPLE_PLATFORMS [ number ]
| "windows"
| "chrome" ;
2024-02-13 18:03:53 +00:00
/ * *
* Checks if the provided platform is a Linux - like OS . We can recieve many
* different types of host platforms so we need a check that will cover all
* the possible Linux - like platform values .
* /
export const isLinuxLike = ( platform : string ) = > {
2024-04-08 19:34:55 +00:00
return HOST_LINUX_PLATFORMS . includes (
platform as typeof HOST_LINUX_PLATFORMS [ number ]
) ;
2024-02-13 18:03:53 +00:00
} ;
2024-06-12 16:16:23 +00:00
export const isAppleDevice = ( platform : string ) = > {
return HOST_APPLE_PLATFORMS . includes (
platform as typeof HOST_APPLE_PLATFORMS [ number ]
) ;
} ;
2024-08-07 17:00:56 +00:00
2024-08-07 20:48:24 +00:00
export const isIPadOrIPhone = ( platform : string | HostPlatform ) = >
2024-08-07 17:00:56 +00:00
[ "ios" , "ipados" ] . includes ( platform ) ;
Linux disk encryption: frontend changes, backend missing private key errors, remove disk encryption endpoints dependence on MDM being enabled (#23714)
## Addresses #22702, #23713, #23756, #23746, #23747, and #23876
_-Note that much of this code as is will render as expected only once
integrated with the backend or if manipulated manually for testing
purposes_
**Frontend**:
- Update banners on my device page, tests
- Build new logic for calling endpoint to trigger linux key escrow on
clicking `Create key`
- Add `CreateLinuxKeyModal` to inform user of next steps after clicking
`Create key`
- Update banners on host details page, tests
- Update the Controls > OS settings section with new logic related to
linux disk encryption
- Expect and include counts of Linux hosts in aggregate disk encryption
stats UI
- Add "Linux" column to the disk encryption table
- Show disk encryption related UI for supported Linux platforms
- TODO: confirm platform string matching functionality in manual e2e
testing
- Expand capabilities of `SectionHeader` component, apply to new UI
- Flash "missing private key" error, with clickable link, when trying to
update disk encryption enabled while no server private key is present.
- TODO: QA this once other endpoints on Controls > Disk encryption are
enabled even when MDM not turned on
- Update Disk encryption key modal copy
-Other TODO:
- Confirm when integrated with API:
- Aggregate disk encryption counts
- Disk encryption table Linux column
- Show disk encryption key action on host details page when expected
- Opens Disk encryption key modal, displays key as expected
**Backend**:
- For "No team" and teams, error when trying to update disk encryption
enabled while no server private key is present.
- Remove requirement of mdm being enabled for use of various endpoints
related to Linux disk encryption
- Update tests
_________
**Host details and my device page banners**
**Create key modal**
<img width="1799" alt="create-key-modal"
src="https://github.com/user-attachments/assets/81a55ccb-b6b9-4eb6-b2ff-a463c60724c0">
**Enabling disk encryption**
**Disk encryption: Fleet free**
<img width="1912" alt="free"
src="https://github.com/user-attachments/assets/9f9cace3-8955-47c2-87d9-24ff9387ac1a">
**Custom settings: turn on MDM**
<img width="1912" alt="turn on mdm"
src="https://github.com/user-attachments/assets/4d3ad47b-4035-4d93-86f0-dc2691b38bb4">
**Device status indicators**
**Encryption key action and modal**
- [x] Changes file added for user-visible changes in `changes/`
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
- [ ] Full e2e testing to do when integrated with backend
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
Co-authored-by: Ian Littman <iansltx@gmail.com>
2024-11-20 19:58:47 +00:00
export const DISK_ENCRYPTION_SUPPORTED_LINUX_PLATFORMS = [
"ubuntu" , // covers Kubuntu
"rhel" , // *included here to support Fedora systems. Necessary to cross-check with `os_versions` as well to confrim host is Fedora and not another, non-support rhel-like platform.
] as const ;
export const isDiskEncryptionSupportedLinuxPlatform = (
platform : HostPlatform ,
os_version : string
) = > {
const isFedora =
platform === "rhel" && os_version . toLowerCase ( ) . includes ( "fedora" ) ;
return isFedora || platform === "ubuntu" ;
} ;
const DISK_ENCRYPTION_SUPPORTED_PLATFORMS = [
"darwin" ,
"windows" ,
"chrome" ,
. . . DISK_ENCRYPTION_SUPPORTED_LINUX_PLATFORMS ,
] as const ;
export type DiskEncryptionSupportedPlatform = typeof DISK_ENCRYPTION_SUPPORTED_PLATFORMS [ number ] ;
export const platformSupportsDiskEncryption = (
platform : HostPlatform ,
/** os_version necessary to differentiate Fedora from other rhel-like platforms */
os_version? : string
) = > {
if ( platform === "rhel" ) {
return ! ! os_version && os_version . toLowerCase ( ) . includes ( "fedora" ) ;
}
return DISK_ENCRYPTION_SUPPORTED_PLATFORMS . includes (
platform as DiskEncryptionSupportedPlatform
) ;
} ;
const OS_SETTINGS_DISPLAY_PLATFORMS = [
. . . DISK_ENCRYPTION_SUPPORTED_PLATFORMS ,
"ios" ,
"ipados" ,
] ;
export const isOsSettingsDisplayPlatform = (
platform : HostPlatform ,
os_version : string
) = > {
if ( platform === "rhel" ) {
return ! ! os_version && os_version . toLowerCase ( ) . includes ( "fedora" ) ;
}
return OS_SETTINGS_DISPLAY_PLATFORMS . includes ( platform ) ;
} ;
