Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-04-21 13:37:30 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 91

Move policy request and response types to server/fleet/ package (#43068)

Browse source 
For #36087

## Testing

- [x] QA'd all new/changed functionality manually
This commit is contained in:
Lucas Manuel Rodriguez 2026-04-07 11:04:08 -03:00 committed by GitHub
parent 013c09721a
commit 305886fe86
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
9 changed files with 756 additions and 696 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

266
server/fleet/api_policies.go Normal file
View file

@ -0,0 +1,266 @@
package fleet
/////////////////////////////////////////////////////////////////////////////////
// Global Policy - Add
/////////////////////////////////////////////////////////////////////////////////
type GlobalPolicyRequest struct {
QueryID *uint `json:"query_id" renameto:"report_id"`
Query string `json:"query"`
Name string `json:"name"`
Description string `json:"description"`
Resolution string `json:"resolution"`
Platform string `json:"platform"`
Critical bool `json:"critical" premium:"true"`
LabelsIncludeAny []string `json:"labels_include_any"`
LabelsExcludeAny []string `json:"labels_exclude_any"`
}
type GlobalPolicyResponse struct {
Policy *Policy `json:"policy,omitempty"`
Err error `json:"error,omitempty"`
}
func (r GlobalPolicyResponse) Error() error { return r.Err }
/////////////////////////////////////////////////////////////////////////////////
// Global Policy - List
/////////////////////////////////////////////////////////////////////////////////
type ListGlobalPoliciesRequest struct {
Opts ListOptions `url:"list_options"`
}
type ListGlobalPoliciesResponse struct {
Policies []*Policy `json:"policies,omitempty"`
Err error `json:"error,omitempty"`
}
func (r ListGlobalPoliciesResponse) Error() error { return r.Err }
/////////////////////////////////////////////////////////////////////////////////
// Global Policy - Get by id
/////////////////////////////////////////////////////////////////////////////////
type GetPolicyByIDRequest struct {
PolicyID uint `url:"policy_id"`
}
type GetPolicyByIDResponse struct {
Policy *Policy `json:"policy"`
Err error `json:"error,omitempty"`
}
func (r GetPolicyByIDResponse) Error() error { return r.Err }
/////////////////////////////////////////////////////////////////////////////////
// Global Policy - Count
/////////////////////////////////////////////////////////////////////////////////
type CountGlobalPoliciesRequest struct {
ListOptions ListOptions `url:"list_options"`
}
type CountGlobalPoliciesResponse struct {
Count int `json:"count"`
Err error `json:"error,omitempty"`
}
func (r CountGlobalPoliciesResponse) Error() error { return r.Err }
/////////////////////////////////////////////////////////////////////////////////
// Global Policy - Delete
/////////////////////////////////////////////////////////////////////////////////
type DeleteGlobalPoliciesRequest struct {
IDs []uint `json:"ids"`
}
type DeleteGlobalPoliciesResponse struct {
Deleted []uint `json:"deleted,omitempty"`
Err error `json:"error,omitempty"`
}
func (r DeleteGlobalPoliciesResponse) Error() error { return r.Err }
/////////////////////////////////////////////////////////////////////////////////
// Global Policy - Modify
/////////////////////////////////////////////////////////////////////////////////
type ModifyGlobalPolicyRequest struct {
PolicyID uint `url:"policy_id"`
ModifyPolicyPayload
}
type ModifyGlobalPolicyResponse struct {
Policy *Policy `json:"policy,omitempty"`
Err error `json:"error,omitempty"`
}
func (r ModifyGlobalPolicyResponse) Error() error { return r.Err }
/////////////////////////////////////////////////////////////////////////////////
// Reset automation
/////////////////////////////////////////////////////////////////////////////////
type ResetAutomationRequest struct {
TeamIDs []uint `json:"team_ids" premium:"true" renameto:"fleet_ids"`
PolicyIDs []uint `json:"policy_ids"`
}
type ResetAutomationResponse struct {
Err error `json:"error,omitempty"`
}
func (r ResetAutomationResponse) Error() error { return r.Err }
/////////////////////////////////////////////////////////////////////////////////
// Apply Policy Spec
/////////////////////////////////////////////////////////////////////////////////
type ApplyPolicySpecsRequest struct {
Specs []*PolicySpec `json:"specs"`
}
type ApplyPolicySpecsResponse struct {
Err error `json:"error,omitempty"`
}
func (r ApplyPolicySpecsResponse) Error() error { return r.Err }
/////////////////////////////////////////////////////////////////////////////////
// Autofill Policies
/////////////////////////////////////////////////////////////////////////////////
type AutofillPoliciesRequest struct {
SQL string `json:"sql"`
}
type AutofillPoliciesResponse struct {
Description string `json:"description"`
Resolution string `json:"resolution"`
Err error `json:"error,omitempty"`
}
func (r AutofillPoliciesResponse) Error() error { return r.Err }
/////////////////////////////////////////////////////////////////////////////////
// Team Policy - Add
/////////////////////////////////////////////////////////////////////////////////
type TeamPolicyRequest struct {
TeamID uint `url:"fleet_id"`
QueryID *uint `json:"query_id" renameto:"report_id"`
Query string `json:"query"`
Name string `json:"name"`
Description string `json:"description"`
Resolution string `json:"resolution"`
Platform string `json:"platform"`
Critical bool `json:"critical" premium:"true"`
CalendarEventsEnabled bool `json:"calendar_events_enabled"`
SoftwareTitleID *uint `json:"software_title_id"`
ScriptID *uint `json:"script_id"`
LabelsIncludeAny []string `json:"labels_include_any"`
LabelsExcludeAny []string `json:"labels_exclude_any"`
ConditionalAccessEnabled bool `json:"conditional_access_enabled"`
Type *string `json:"type"`
PatchSoftwareTitleID *uint `json:"patch_software_title_id"`
}
type TeamPolicyResponse struct {
Policy *Policy `json:"policy,omitempty"`
Err error `json:"error,omitempty"`
}
func (r TeamPolicyResponse) Error() error { return r.Err }
/////////////////////////////////////////////////////////////////////////////////
// Team Policy - List
/////////////////////////////////////////////////////////////////////////////////
type ListTeamPoliciesRequest struct {
TeamID uint `url:"fleet_id"`
Opts ListOptions `url:"list_options"`
InheritedPage uint `query:"inherited_page,optional"`
InheritedPerPage uint `query:"inherited_per_page,optional"`
InheritedOrderDirection OrderDirection `query:"inherited_order_direction,optional"`
InheritedOrderKey string `query:"inherited_order_key,optional"`
MergeInherited bool `query:"merge_inherited,optional"`
AutomationType string `query:"automation_type,optional"`
}
type ListTeamPoliciesResponse struct {
Policies []*Policy `json:"policies,omitempty"`
InheritedPolicies []*Policy `json:"inherited_policies,omitempty"`
Err error `json:"error,omitempty"`
}
func (r ListTeamPoliciesResponse) Error() error { return r.Err }
/////////////////////////////////////////////////////////////////////////////////
// Team Policy - Count
/////////////////////////////////////////////////////////////////////////////////
type CountTeamPoliciesRequest struct {
ListOptions ListOptions `url:"list_options"`
TeamID uint `url:"fleet_id"`
MergeInherited bool `query:"merge_inherited,optional"`
AutomationType string `query:"automation_type,optional"`
}
type CountTeamPoliciesResponse struct {
Count int `json:"count"`
InheritedPolicyCount int `json:"inherited_policy_count"`
Err error `json:"error,omitempty"`
}
func (r CountTeamPoliciesResponse) Error() error { return r.Err }
/////////////////////////////////////////////////////////////////////////////////
// Team Policy - Get by id
/////////////////////////////////////////////////////////////////////////////////
type GetTeamPolicyByIDRequest struct {
TeamID uint `url:"fleet_id"`
PolicyID uint `url:"policy_id"`
}
type GetTeamPolicyByIDResponse struct {
Policy *Policy `json:"policy"`
Err error `json:"error,omitempty"`
}
func (r GetTeamPolicyByIDResponse) Error() error { return r.Err }
/////////////////////////////////////////////////////////////////////////////////
// Team Policy - Delete
/////////////////////////////////////////////////////////////////////////////////
type DeleteTeamPoliciesRequest struct {
TeamID uint `url:"fleet_id"`
IDs []uint `json:"ids"`
}
type DeleteTeamPoliciesResponse struct {
Deleted []uint `json:"deleted,omitempty"`
Err error `json:"error,omitempty"`
}
func (r DeleteTeamPoliciesResponse) Error() error { return r.Err }
/////////////////////////////////////////////////////////////////////////////////
// Team Policy - Modify
/////////////////////////////////////////////////////////////////////////////////
type ModifyTeamPolicyRequest struct {
TeamID uint `url:"fleet_id"`
PolicyID uint `url:"policy_id"`
ModifyPolicyPayload
}
type ModifyTeamPolicyResponse struct {
Policy *Policy `json:"policy,omitempty"`
Err error `json:"error,omitempty"`
}
func (r ModifyTeamPolicyResponse) Error() error { return r.Err }

14
server/service/client_policies.go
View file

@ -7,7 +7,7 @@ import (
)
func (c *Client) CreateGlobalPolicy(name, query, description, resolution, platform string) error {
req := globalPolicyRequest{
req := fleet.GlobalPolicyRequest{
Name: name,
Query: query,
Description: description,
@ -15,16 +15,16 @@ func (c *Client) CreateGlobalPolicy(name, query, description, resolution, platfo
Platform: platform,
}
verb, path := "POST", "/api/latest/fleet/global/policies"
var responseBody globalPolicyResponse
var responseBody fleet.GlobalPolicyResponse
return c.authenticatedRequest(req, verb, path, &responseBody)
}
// ApplyPolicies sends the list of Policies to be applied to the
// Fleet instance.
func (c *Client) ApplyPolicies(specs []*fleet.PolicySpec) error {
req := applyPolicySpecsRequest{Specs: specs}
req := fleet.ApplyPolicySpecsRequest{Specs: specs}
verb, path := "POST", "/api/latest/fleet/spec/policies"
var responseBody applyPolicySpecsResponse
var responseBody fleet.ApplyPolicySpecsResponse
return c.authenticatedRequest(req, verb, path, &responseBody)
}
@ -37,7 +37,7 @@ func (c *Client) GetPolicies(teamID *uint) ([]*fleet.Policy, error) {
path = "/api/latest/fleet/policies"
}
// The response body also works for listTeamPoliciesResponse because they contain some of the same members.
var responseBody listGlobalPoliciesResponse
var responseBody fleet.ListGlobalPoliciesResponse
err := c.authenticatedRequest(nil, verb, path, &responseBody)
if err != nil {
return nil, err
@ -48,7 +48,7 @@ func (c *Client) GetPolicies(teamID *uint) ([]*fleet.Policy, error) {
// DeletePolicies deletes several policies.
func (c *Client) DeletePolicies(teamID *uint, ids []uint) error {
verb, path := "POST", ""
req := deleteTeamPoliciesRequest{IDs: ids}
req := fleet.DeleteTeamPoliciesRequest{IDs: ids}
if teamID != nil {
path = fmt.Sprintf("/api/latest/fleet/fleets/%d/policies/delete", *teamID)
req.TeamID = *teamID
@ -56,6 +56,6 @@ func (c *Client) DeletePolicies(teamID *uint, ids []uint) error {
path = "/api/latest/fleet/policies/delete"
}
// The response body also works for deleteTeamPoliciesResponse because they contain some of the same members.
var responseBody deleteGlobalPoliciesResponse
var responseBody fleet.DeleteGlobalPoliciesResponse
return c.authenticatedRequest(req, verb, path, &responseBody)
}

159
server/service/global_policies.go
View file

@ -24,27 +24,8 @@ import (
// Add
/////////////////////////////////////////////////////////////////////////////////
type globalPolicyRequest struct {
QueryID *uint `json:"query_id" renameto:"report_id"`
Query string `json:"query"`
Name string `json:"name"`
Description string `json:"description"`
Resolution string `json:"resolution"`
Platform string `json:"platform"`
Critical bool `json:"critical" premium:"true"`
LabelsIncludeAny []string `json:"labels_include_any"`
LabelsExcludeAny []string `json:"labels_exclude_any"`
}
type globalPolicyResponse struct {
Policy *fleet.Policy `json:"policy,omitempty"`
Err error `json:"error,omitempty"`
}
func (r globalPolicyResponse) Error() error { return r.Err }
func globalPolicyEndpoint(ctx context.Context, request interface{}, svc fleet.Service) (fleet.Errorer, error) {
req := request.(*globalPolicyRequest)
req := request.(*fleet.GlobalPolicyRequest)
resp, err := svc.NewGlobalPolicy(ctx, fleet.PolicyPayload{
QueryID: req.QueryID,
Query: req.Query,
@ -58,9 +39,9 @@ func globalPolicyEndpoint(ctx context.Context, request interface{}, svc fleet.Se
Type: fleet.PolicyTypeDynamic,
})
if err != nil {
return globalPolicyResponse{Err: err}, nil
return fleet.GlobalPolicyResponse{Err: err}, nil
}
return globalPolicyResponse{Policy: resp}, nil
return fleet.GlobalPolicyResponse{Policy: resp}, nil
}
func (svc Service) NewGlobalPolicy(ctx context.Context, p fleet.PolicyPayload) (*fleet.Policy, error) {
@ -108,24 +89,13 @@ func (svc Service) NewGlobalPolicy(ctx context.Context, p fleet.PolicyPayload) (
// List
/////////////////////////////////////////////////////////////////////////////////
type listGlobalPoliciesRequest struct {
Opts fleet.ListOptions `url:"list_options"`
}
type listGlobalPoliciesResponse struct {
Policies []*fleet.Policy `json:"policies,omitempty"`
Err error `json:"error,omitempty"`
}
func (r listGlobalPoliciesResponse) Error() error { return r.Err }
func listGlobalPoliciesEndpoint(ctx context.Context, request interface{}, svc fleet.Service) (fleet.Errorer, error) {
req := request.(*listGlobalPoliciesRequest)
req := request.(*fleet.ListGlobalPoliciesRequest)
resp, err := svc.ListGlobalPolicies(ctx, req.Opts)
if err != nil {
return listGlobalPoliciesResponse{Err: err}, nil
return fleet.ListGlobalPoliciesResponse{Err: err}, nil
}
return listGlobalPoliciesResponse{Policies: resp}, nil
return fleet.ListGlobalPoliciesResponse{Policies: resp}, nil
}
func (svc Service) ListGlobalPolicies(ctx context.Context, opts fleet.ListOptions) ([]*fleet.Policy, error) {
@ -140,24 +110,13 @@ func (svc Service) ListGlobalPolicies(ctx context.Context, opts fleet.ListOption
// Get by id
/////////////////////////////////////////////////////////////////////////////////
type getPolicyByIDRequest struct {
PolicyID uint `url:"policy_id"`
}
type getPolicyByIDResponse struct {
Policy *fleet.Policy `json:"policy"`
Err error `json:"error,omitempty"`
}
func (r getPolicyByIDResponse) Error() error { return r.Err }
func getPolicyByIDEndpoint(ctx context.Context, request interface{}, svc fleet.Service) (fleet.Errorer, error) {
req := request.(*getPolicyByIDRequest)
req := request.(*fleet.GetPolicyByIDRequest)
policy, err := svc.GetPolicyByIDQueries(ctx, req.PolicyID)
if err != nil {
return getPolicyByIDResponse{Err: err}, nil
return fleet.GetPolicyByIDResponse{Err: err}, nil
}
return getPolicyByIDResponse{Policy: policy}, nil
return fleet.GetPolicyByIDResponse{Policy: policy}, nil
}
func (svc Service) GetPolicyByIDQueries(ctx context.Context, policyID uint) (*fleet.Policy, error) {
@ -183,23 +142,13 @@ func (svc Service) GetPolicyByIDQueries(ctx context.Context, policyID uint) (*fl
// Count
// ///////////////////////////////////////////////////////////////////////////////
type countGlobalPoliciesRequest struct {
ListOptions fleet.ListOptions `url:"list_options"`
}
type countGlobalPoliciesResponse struct {
Count int `json:"count"`
Err error `json:"error,omitempty"`
}
func (r countGlobalPoliciesResponse) Error() error { return r.Err }
func countGlobalPoliciesEndpoint(ctx context.Context, request interface{}, svc fleet.Service) (fleet.Errorer, error) {
req := request.(*countGlobalPoliciesRequest)
req := request.(*fleet.CountGlobalPoliciesRequest)
resp, err := svc.CountGlobalPolicies(ctx, req.ListOptions.MatchQuery)
if err != nil {
return countGlobalPoliciesResponse{Err: err}, nil
return fleet.CountGlobalPoliciesResponse{Err: err}, nil
}
return countGlobalPoliciesResponse{Count: resp}, nil
return fleet.CountGlobalPoliciesResponse{Count: resp}, nil
}
func (svc Service) CountGlobalPolicies(ctx context.Context, matchQuery string) (int, error) {
@ -219,24 +168,13 @@ func (svc Service) CountGlobalPolicies(ctx context.Context, matchQuery string) (
// Delete
/////////////////////////////////////////////////////////////////////////////////
type deleteGlobalPoliciesRequest struct {
IDs []uint `json:"ids"`
}
type deleteGlobalPoliciesResponse struct {
Deleted []uint `json:"deleted,omitempty"`
Err error `json:"error,omitempty"`
}
func (r deleteGlobalPoliciesResponse) Error() error { return r.Err }
func deleteGlobalPoliciesEndpoint(ctx context.Context, request interface{}, svc fleet.Service) (fleet.Errorer, error) {
req := request.(*deleteGlobalPoliciesRequest)
req := request.(*fleet.DeleteGlobalPoliciesRequest)
resp, err := svc.DeleteGlobalPolicies(ctx, req.IDs)
if err != nil {
return deleteGlobalPoliciesResponse{Err: err}, nil
return fleet.DeleteGlobalPoliciesResponse{Err: err}, nil
}
return deleteGlobalPoliciesResponse{Deleted: resp}, nil
return fleet.DeleteGlobalPoliciesResponse{Deleted: resp}, nil
}
// DeleteGlobalPolicies deletes the given policies from the database.
@ -322,27 +260,15 @@ func (svc Service) removeGlobalPoliciesFromWebhookConfig(ctx context.Context, id
// Modify
/////////////////////////////////////////////////////////////////////////////////
type modifyGlobalPolicyRequest struct {
PolicyID uint `url:"policy_id"`
fleet.ModifyPolicyPayload
}
type modifyGlobalPolicyResponse struct {
Policy *fleet.Policy `json:"policy,omitempty"`
Err error `json:"error,omitempty"`
}
func (r modifyGlobalPolicyResponse) Error() error { return r.Err }
const errPolicyAllFleetsForConditionalAccess = "\"All fleets\" policy cannot have conditional_access_enabled set"
func modifyGlobalPolicyEndpoint(ctx context.Context, request interface{}, svc fleet.Service) (fleet.Errorer, error) {
req := request.(*modifyGlobalPolicyRequest)
req := request.(*fleet.ModifyGlobalPolicyRequest)
resp, err := svc.ModifyGlobalPolicy(ctx, req.PolicyID, req.ModifyPolicyPayload)
if err != nil {
return modifyGlobalPolicyResponse{Err: err}, nil
return fleet.ModifyGlobalPolicyResponse{Err: err}, nil
}
return modifyGlobalPolicyResponse{Policy: resp}, nil
return fleet.ModifyGlobalPolicyResponse{Policy: resp}, nil
}
func (svc *Service) ModifyGlobalPolicy(ctx context.Context, id uint, p fleet.ModifyPolicyPayload) (*fleet.Policy, error) {
@ -353,21 +279,10 @@ func (svc *Service) ModifyGlobalPolicy(ctx context.Context, id uint, p fleet.Mod
// Reset automation
/////////////////////////////////////////////////////////////////////////////////
type resetAutomationRequest struct {
TeamIDs []uint `json:"team_ids" premium:"true" renameto:"fleet_ids"`
PolicyIDs []uint `json:"policy_ids"`
}
type resetAutomationResponse struct {
Err error `json:"error,omitempty"`
}
func (r resetAutomationResponse) Error() error { return r.Err }
func resetAutomationEndpoint(ctx context.Context, request interface{}, svc fleet.Service) (fleet.Errorer, error) {
req := request.(*resetAutomationRequest)
req := request.(*fleet.ResetAutomationRequest)
err := svc.ResetAutomation(ctx, req.TeamIDs, req.PolicyIDs)
return resetAutomationResponse{Err: err}, nil
return fleet.ResetAutomationResponse{Err: err}, nil
}
func (svc *Service) ResetAutomation(ctx context.Context, teamIDs, policyIDs []uint) error {
@ -500,23 +415,13 @@ func teamAutomationPolicies(wh fleet.FailingPoliciesWebhookSettings, ji []*fleet
// Apply Spec
/////////////////////////////////////////////////////////////////////////////////
type applyPolicySpecsRequest struct {
Specs []*fleet.PolicySpec `json:"specs"`
}
type applyPolicySpecsResponse struct {
Err error `json:"error,omitempty"`
}
func (r applyPolicySpecsResponse) Error() error { return r.Err }
func applyPolicySpecsEndpoint(ctx context.Context, request interface{}, svc fleet.Service) (fleet.Errorer, error) {
req := request.(*applyPolicySpecsRequest)
req := request.(*fleet.ApplyPolicySpecsRequest)
err := svc.ApplyPolicySpecs(ctx, req.Specs)
if err != nil {
return applyPolicySpecsResponse{Err: err}, nil
return fleet.ApplyPolicySpecsResponse{Err: err}, nil
}
return applyPolicySpecsResponse{}, nil
return fleet.ApplyPolicySpecsResponse{}, nil
}
// checkPolicySpecAuthorization verifies that the user is authorized to modify the
@ -637,24 +542,10 @@ func (svc *Service) ApplyPolicySpecs(ctx context.Context, policies []*fleet.Poli
// Autofill
/////////////////////////////////////////////////////////////////////////////////
type autofillPoliciesRequest struct {
SQL string `json:"sql"`
}
type autofillPoliciesResponse struct {
Description string `json:"description"`
Resolution string `json:"resolution"`
Err error `json:"error,omitempty"`
}
func (a autofillPoliciesResponse) Error() error {
return a.Err
}
func autofillPoliciesEndpoint(ctx context.Context, request interface{}, svc fleet.Service) (fleet.Errorer, error) {
req := request.(*autofillPoliciesRequest)
req := request.(*fleet.AutofillPoliciesRequest)
description, resolution, err := svc.AutofillPolicySql(ctx, req.SQL)
return autofillPoliciesResponse{Description: description, Resolution: resolution, Err: err}, nil
return fleet.AutofillPoliciesResponse{Description: description, Resolution: resolution, Err: err}, nil
}
// Exposing external URL and timeout for testing purposes

40
server/service/handler.go
View file

@ -336,26 +336,26 @@ func attachFleetAPIRoutes(r *mux.Router, svc fleet.Service, config config.FleetC
ue.DELETE("/api/_version_/fleet/invites/{id:[0-9]+}", deleteInviteEndpoint, deleteInviteRequest{})
ue.PATCH("/api/_version_/fleet/invites/{id:[0-9]+}", updateInviteEndpoint, updateInviteRequest{})
ue.EndingAtVersion("v1").POST("/api/_version_/fleet/global/policies", globalPolicyEndpoint, globalPolicyRequest{})
ue.StartingAtVersion("2022-04").POST("/api/_version_/fleet/policies", globalPolicyEndpoint, globalPolicyRequest{})
ue.EndingAtVersion("v1").GET("/api/_version_/fleet/global/policies", listGlobalPoliciesEndpoint, listGlobalPoliciesRequest{})
ue.StartingAtVersion("2022-04").GET("/api/_version_/fleet/policies", listGlobalPoliciesEndpoint, listGlobalPoliciesRequest{})
ue.GET("/api/_version_/fleet/policies/count", countGlobalPoliciesEndpoint, countGlobalPoliciesRequest{})
ue.EndingAtVersion("v1").GET("/api/_version_/fleet/global/policies/{policy_id}", getPolicyByIDEndpoint, getPolicyByIDRequest{})
ue.StartingAtVersion("2022-04").GET("/api/_version_/fleet/policies/{policy_id}", getPolicyByIDEndpoint, getPolicyByIDRequest{})
ue.EndingAtVersion("v1").POST("/api/_version_/fleet/global/policies/delete", deleteGlobalPoliciesEndpoint, deleteGlobalPoliciesRequest{})
ue.StartingAtVersion("2022-04").POST("/api/_version_/fleet/policies/delete", deleteGlobalPoliciesEndpoint, deleteGlobalPoliciesRequest{})
ue.EndingAtVersion("v1").PATCH("/api/_version_/fleet/global/policies/{policy_id}", modifyGlobalPolicyEndpoint, modifyGlobalPolicyRequest{})
ue.StartingAtVersion("2022-04").PATCH("/api/_version_/fleet/policies/{policy_id}", modifyGlobalPolicyEndpoint, modifyGlobalPolicyRequest{})
ue.POST("/api/_version_/fleet/automations/reset", resetAutomationEndpoint, resetAutomationRequest{})
ue.EndingAtVersion("v1").POST("/api/_version_/fleet/global/policies", globalPolicyEndpoint, fleet.GlobalPolicyRequest{})
ue.StartingAtVersion("2022-04").POST("/api/_version_/fleet/policies", globalPolicyEndpoint, fleet.GlobalPolicyRequest{})
ue.EndingAtVersion("v1").GET("/api/_version_/fleet/global/policies", listGlobalPoliciesEndpoint, fleet.ListGlobalPoliciesRequest{})
ue.StartingAtVersion("2022-04").GET("/api/_version_/fleet/policies", listGlobalPoliciesEndpoint, fleet.ListGlobalPoliciesRequest{})
ue.GET("/api/_version_/fleet/policies/count", countGlobalPoliciesEndpoint, fleet.CountGlobalPoliciesRequest{})
ue.EndingAtVersion("v1").GET("/api/_version_/fleet/global/policies/{policy_id}", getPolicyByIDEndpoint, fleet.GetPolicyByIDRequest{})
ue.StartingAtVersion("2022-04").GET("/api/_version_/fleet/policies/{policy_id}", getPolicyByIDEndpoint, fleet.GetPolicyByIDRequest{})
ue.EndingAtVersion("v1").POST("/api/_version_/fleet/global/policies/delete", deleteGlobalPoliciesEndpoint, fleet.DeleteGlobalPoliciesRequest{})
ue.StartingAtVersion("2022-04").POST("/api/_version_/fleet/policies/delete", deleteGlobalPoliciesEndpoint, fleet.DeleteGlobalPoliciesRequest{})
ue.EndingAtVersion("v1").PATCH("/api/_version_/fleet/global/policies/{policy_id}", modifyGlobalPolicyEndpoint, fleet.ModifyGlobalPolicyRequest{})
ue.StartingAtVersion("2022-04").PATCH("/api/_version_/fleet/policies/{policy_id}", modifyGlobalPolicyEndpoint, fleet.ModifyGlobalPolicyRequest{})
ue.POST("/api/_version_/fleet/automations/reset", resetAutomationEndpoint, fleet.ResetAutomationRequest{})
ue.POST("/api/_version_/fleet/fleets/{fleet_id}/policies", teamPolicyEndpoint, teamPolicyRequest{})
ue.GET("/api/_version_/fleet/fleets/{fleet_id}/policies", listTeamPoliciesEndpoint, listTeamPoliciesRequest{})
ue.GET("/api/_version_/fleet/fleets/{fleet_id}/policies/count", countTeamPoliciesEndpoint, countTeamPoliciesRequest{})
ue.GET("/api/_version_/fleet/fleets/{fleet_id}/policies/{policy_id}", getTeamPolicyByIDEndpoint, getTeamPolicyByIDRequest{})
ue.POST("/api/_version_/fleet/fleets/{fleet_id}/policies/delete", deleteTeamPoliciesEndpoint, deleteTeamPoliciesRequest{})
ue.PATCH("/api/_version_/fleet/fleets/{fleet_id}/policies/{policy_id}", modifyTeamPolicyEndpoint, modifyTeamPolicyRequest{})
ue.WithRequestBodySizeLimit(fleet.MaxSpecSize).POST("/api/_version_/fleet/spec/policies", applyPolicySpecsEndpoint, applyPolicySpecsRequest{})
ue.POST("/api/_version_/fleet/fleets/{fleet_id}/policies", teamPolicyEndpoint, fleet.TeamPolicyRequest{})
ue.GET("/api/_version_/fleet/fleets/{fleet_id}/policies", listTeamPoliciesEndpoint, fleet.ListTeamPoliciesRequest{})
ue.GET("/api/_version_/fleet/fleets/{fleet_id}/policies/count", countTeamPoliciesEndpoint, fleet.CountTeamPoliciesRequest{})
ue.GET("/api/_version_/fleet/fleets/{fleet_id}/policies/{policy_id}", getTeamPolicyByIDEndpoint, fleet.GetTeamPolicyByIDRequest{})
ue.POST("/api/_version_/fleet/fleets/{fleet_id}/policies/delete", deleteTeamPoliciesEndpoint, fleet.DeleteTeamPoliciesRequest{})
ue.PATCH("/api/_version_/fleet/fleets/{fleet_id}/policies/{policy_id}", modifyTeamPolicyEndpoint, fleet.ModifyTeamPolicyRequest{})
ue.WithRequestBodySizeLimit(fleet.MaxSpecSize).POST("/api/_version_/fleet/spec/policies", applyPolicySpecsEndpoint, fleet.ApplyPolicySpecsRequest{})
ue.POST("/api/_version_/fleet/certificates", createCertificateTemplateEndpoint, createCertificateTemplateRequest{})
ue.GET("/api/_version_/fleet/certificates", listCertificateTemplatesEndpoint, listCertificateTemplatesRequest{})
@ -570,7 +570,7 @@ func attachFleetAPIRoutes(r *mux.Router, svc fleet.Service, config config.FleetC
ue.POST("/api/_version_/fleet/hosts/{id:[0-9]+}/recovery_lock_password/rotate", rotateRecoveryLockPasswordEndpoint, rotateRecoveryLockPasswordRequest{})
// Generative AI
ue.POST("/api/_version_/fleet/autofill/policy", autofillPoliciesEndpoint, autofillPoliciesRequest{})
ue.POST("/api/_version_/fleet/autofill/policy", autofillPoliciesEndpoint, fleet.AutofillPoliciesRequest{})
// Secret variables
ue.PUT("/api/_version_/fleet/spec/secret_variables", createSecretVariablesEndpoint, createSecretVariablesRequest{})

142
server/service/integration_core_test.go
View file

@ -559,7 +559,7 @@ func (s *integrationTestSuite) TestPolicyDeletionLogsActivity() {
var policyIDs []uint
for _, policy := range testPolicies {
var resp globalPolicyResponse
var resp fleet.GlobalPolicyResponse
s.DoJSON("POST", "/api/latest/fleet/policies", policy, http.StatusOK, &resp)
policyIDs = append(policyIDs, resp.Policy.PolicyData.ID)
}
@ -575,8 +575,8 @@ func (s *integrationTestSuite) TestPolicyDeletionLogsActivity() {
s.DoJSON("GET", "/api/latest/fleet/activities", nil, http.StatusOK, &prevActivities)
require.GreaterOrEqual(t, len(prevActivities.Activities), 2)
var deletePoliciesResp deleteGlobalPoliciesResponse
s.DoJSON("POST", "/api/latest/fleet/policies/delete", deleteGlobalPoliciesRequest{policyIDs}, http.StatusOK, &deletePoliciesResp)
var deletePoliciesResp fleet.DeleteGlobalPoliciesResponse
s.DoJSON("POST", "/api/latest/fleet/policies/delete", fleet.DeleteGlobalPoliciesRequest{IDs: policyIDs}, http.StatusOK, &deletePoliciesResp)
require.Equal(t, len(policyIDs), len(deletePoliciesResp.Deleted))
newActivities := listActivitiesResponse{}
@ -1176,11 +1176,11 @@ func (s *integrationTestSuite) TestGlobalPolicies() {
require.NoError(t, err)
// create a global policy
gpParams := globalPolicyRequest{
gpParams := fleet.GlobalPolicyRequest{
QueryID: &qr.ID,
Resolution: "some global resolution",
}
gpResp := globalPolicyResponse{}
gpResp := fleet.GlobalPolicyResponse{}
s.DoJSON("POST", "/api/latest/fleet/policies", gpParams, http.StatusOK, &gpResp)
require.NotNil(t, gpResp.Policy)
assert.Equal(t, qr.Name, gpResp.Policy.Name)
@ -1190,7 +1190,7 @@ func (s *integrationTestSuite) TestGlobalPolicies() {
assert.Equal(t, "some global resolution", *gpResp.Policy.Resolution)
// list global policies
policiesResponse := listGlobalPoliciesResponse{}
policiesResponse := fleet.ListGlobalPoliciesResponse{}
s.DoJSON("GET", "/api/latest/fleet/policies", nil, http.StatusOK, &policiesResponse)
require.Len(t, policiesResponse.Policies, 1)
assert.Equal(t, qr.Name, policiesResponse.Policies[0].Name)
@ -1198,12 +1198,12 @@ func (s *integrationTestSuite) TestGlobalPolicies() {
assert.Equal(t, qr.Description, policiesResponse.Policies[0].Description)
// invalid order_key returns 422
s.DoJSON("GET", "/api/latest/fleet/policies", nil, http.StatusUnprocessableEntity, &listGlobalPoliciesResponse{}, "order_key", "invalid")
s.DoJSON("GET", "/api/latest/fleet/policies", nil, http.StatusUnprocessableEntity, &fleet.ListGlobalPoliciesResponse{}, "order_key", "invalid")
// Get an unexistent policy
s.Do("GET", fmt.Sprintf("/api/latest/fleet/policies/%d", 9999), nil, http.StatusNotFound)
singlePolicyResponse := getPolicyByIDResponse{}
singlePolicyResponse := fleet.GetPolicyByIDResponse{}
singlePolicyURL := fmt.Sprintf("/api/latest/fleet/policies/%d", policiesResponse.Policies[0].ID)
s.DoJSON("GET", singlePolicyURL, nil, http.StatusOK, &singlePolicyResponse)
assert.Equal(t, qr.Name, singlePolicyResponse.Policy.Name)
@ -1232,31 +1232,31 @@ func (s *integrationTestSuite) TestGlobalPolicies() {
require.Len(t, listHostsResp.Hosts, 1)
// count global policies
cGPRes := countGlobalPoliciesResponse{}
cGPRes := fleet.CountGlobalPoliciesResponse{}
s.DoJSON("GET", "/api/latest/fleet/policies/count", nil, http.StatusOK, &cGPRes)
assert.Equal(t, 1, cGPRes.Count)
// count global policies with matching search query
cGPRes = countGlobalPoliciesResponse{}
cGPRes = fleet.CountGlobalPoliciesResponse{}
s.DoJSON("GET", "/api/latest/fleet/policies/count", nil, http.StatusOK, &cGPRes, "query", "estQue")
assert.Equal(t, 1, cGPRes.Count)
// count global policies with matching search query containing leading/trailing whitespace
cGPRes = countGlobalPoliciesResponse{}
cGPRes = fleet.CountGlobalPoliciesResponse{}
s.DoJSON("GET", "/api/latest/fleet/policies/count", nil, http.StatusOK, &cGPRes, "query", " estQue ")
assert.Equal(t, 1, cGPRes.Count)
// count global policies with non-matching search query
cGPRes = countGlobalPoliciesResponse{}
cGPRes = fleet.CountGlobalPoliciesResponse{}
s.DoJSON("GET", "/api/latest/fleet/policies/count", nil, http.StatusOK, &cGPRes, "query", "Query4")
assert.Equal(t, 0, cGPRes.Count)
// delete the policy
deletePolicyParams := deleteGlobalPoliciesRequest{IDs: []uint{policiesResponse.Policies[0].ID}}
deletePolicyResp := deleteGlobalPoliciesResponse{}
deletePolicyParams := fleet.DeleteGlobalPoliciesRequest{IDs: []uint{policiesResponse.Policies[0].ID}}
deletePolicyResp := fleet.DeleteGlobalPoliciesResponse{}
s.DoJSON("POST", "/api/latest/fleet/policies/delete", deletePolicyParams, http.StatusOK, &deletePolicyResp)
policiesResponse = listGlobalPoliciesResponse{}
policiesResponse = fleet.ListGlobalPoliciesResponse{}
s.DoJSON("GET", "/api/latest/fleet/policies", nil, http.StatusOK, &policiesResponse)
require.Len(t, policiesResponse.Policies, 0)
}
@ -2835,22 +2835,22 @@ func (s *integrationTestSuite) TestGlobalPoliciesProprietary() {
})
require.NoError(t, err)
// Cannot set both QueryID and Query.
gpParams0 := globalPolicyRequest{
gpParams0 := fleet.GlobalPolicyRequest{
QueryID: &qr.ID,
Query: "select * from osquery;",
}
gpResp0 := globalPolicyResponse{}
gpResp0 := fleet.GlobalPolicyResponse{}
s.DoJSON("POST", "/api/latest/fleet/policies", gpParams0, http.StatusBadRequest, &gpResp0)
require.Nil(t, gpResp0.Policy)
gpParams := globalPolicyRequest{
gpParams := fleet.GlobalPolicyRequest{
Name: "TestQuery3",
Query: "select * from osquery;",
Description: "Some description",
Resolution: "some global resolution",
Platform: "darwin",
}
gpResp := globalPolicyResponse{}
gpResp := fleet.GlobalPolicyResponse{}
s.DoJSON("POST", "/api/latest/fleet/policies", gpParams, http.StatusOK, &gpResp)
require.NotNil(t, gpResp.Policy)
require.NotEmpty(t, gpResp.Policy.ID)
@ -2870,7 +2870,7 @@ func (s *integrationTestSuite) TestGlobalPoliciesProprietary() {
"description": "Some description updated",
"resolution": "some global resolution updated"
}`), http.StatusOK)
var mgpResp modifyGlobalPolicyResponse
var mgpResp fleet.ModifyGlobalPolicyResponse
responseBody, err := io.ReadAll(response.Body)
require.NoError(t, err)
err = json.Unmarshal(responseBody, &mgpResp)
@ -2886,8 +2886,8 @@ func (s *integrationTestSuite) TestGlobalPoliciesProprietary() {
assert.Equal(t, uint(0), mgpResp.Policy.FailingHostCount)
assert.Equal(t, uint(0), mgpResp.Policy.PassingHostCount)
ggpResp := getPolicyByIDResponse{}
s.DoJSON("GET", fmt.Sprintf("/api/latest/fleet/policies/%d", gpResp.Policy.ID), getPolicyByIDRequest{}, http.StatusOK, &ggpResp)
ggpResp := fleet.GetPolicyByIDResponse{}
s.DoJSON("GET", fmt.Sprintf("/api/latest/fleet/policies/%d", gpResp.Policy.ID), fleet.GetPolicyByIDRequest{}, http.StatusOK, &ggpResp)
require.NotNil(t, ggpResp.Policy)
assert.Equal(t, "TestQuery4", ggpResp.Policy.Name)
assert.Equal(t, "select * from osquery_info;", ggpResp.Policy.Query)
@ -2898,7 +2898,7 @@ func (s *integrationTestSuite) TestGlobalPoliciesProprietary() {
assert.Equal(t, uint(0), mgpResp.Policy.FailingHostCount)
assert.Equal(t, uint(0), mgpResp.Policy.PassingHostCount)
policiesResponse := listGlobalPoliciesResponse{}
policiesResponse := fleet.ListGlobalPoliciesResponse{}
s.DoJSON("GET", "/api/latest/fleet/policies", nil, http.StatusOK, &policiesResponse)
require.Len(t, policiesResponse.Policies, 1)
assert.Equal(t, "TestQuery4", policiesResponse.Policies[0].Name)
@ -2963,7 +2963,7 @@ func (s *integrationTestSuite) TestGlobalPoliciesProprietary() {
s.DoJSON("GET", listHostsURL, nil, http.StatusOK, &listHostsResp)
require.Len(t, listHostsResp.Hosts, 0)
policiesResponse = listGlobalPoliciesResponse{}
policiesResponse = fleet.ListGlobalPoliciesResponse{}
s.DoJSON("GET", "/api/latest/fleet/policies", nil, http.StatusOK, &policiesResponse)
require.Len(t, policiesResponse.Policies, 1)
assert.Equal(t, "TestQuery4", policiesResponse.Policies[0].Name)
@ -3035,11 +3035,11 @@ func (s *integrationTestSuite) TestGlobalPoliciesProprietary() {
s.DoJSON("GET", listHostsURL, nil, http.StatusOK, &listHostsResp)
require.Len(t, listHostsResp.Hosts, 0)
deletePolicyParams := deleteGlobalPoliciesRequest{IDs: []uint{policiesResponse.Policies[0].ID}}
deletePolicyResp := deleteGlobalPoliciesResponse{}
deletePolicyParams := fleet.DeleteGlobalPoliciesRequest{IDs: []uint{policiesResponse.Policies[0].ID}}
deletePolicyResp := fleet.DeleteGlobalPoliciesResponse{}
s.DoJSON("POST", "/api/latest/fleet/policies/delete", deletePolicyParams, http.StatusOK, &deletePolicyResp)
policiesResponse = listGlobalPoliciesResponse{}
policiesResponse = fleet.ListGlobalPoliciesResponse{}
s.DoJSON("GET", "/api/latest/fleet/policies", nil, http.StatusOK, &policiesResponse)
require.Len(t, policiesResponse.Policies, 0)
}
@ -3073,14 +3073,14 @@ func (s *integrationTestSuite) TestTeamPoliciesProprietary() {
require.NoError(t, err)
tpName := "TestPolicy3"
tpParams := teamPolicyRequest{
tpParams := fleet.TeamPolicyRequest{
Name: tpName,
Query: "select * from osquery;",
Description: "Some description",
Resolution: "some team resolution",
Platform: "darwin",
}
tpResp := teamPolicyResponse{}
tpResp := fleet.TeamPolicyResponse{}
s.DoJSON("POST", fmt.Sprintf("/api/latest/fleet/teams/%d/policies", team1.ID), tpParams, http.StatusOK, &tpResp)
require.NotNil(t, tpResp.Policy)
require.NotEmpty(t, tpResp.Policy.ID)
@ -3101,7 +3101,7 @@ func (s *integrationTestSuite) TestTeamPoliciesProprietary() {
"description": "Some description updated",
"resolution": "some team resolution updated"
}`, tpNameNew)), http.StatusOK)
var mtpResp modifyGlobalPolicyResponse
var mtpResp fleet.ModifyGlobalPolicyResponse
responseBody, err := io.ReadAll(response.Body)
require.NoError(t, err)
err = json.Unmarshal(responseBody, &mtpResp)
@ -3115,8 +3115,8 @@ func (s *integrationTestSuite) TestTeamPoliciesProprietary() {
assert.Equal(t, "some team resolution updated", *mtpResp.Policy.Resolution)
assert.Equal(t, "darwin", mtpResp.Policy.Platform)
gtpResp := getPolicyByIDResponse{}
s.DoJSON("GET", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/%d", team1.ID, tpResp.Policy.ID), getPolicyByIDRequest{}, http.StatusOK, &gtpResp)
gtpResp := fleet.GetPolicyByIDResponse{}
s.DoJSON("GET", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/%d", team1.ID, tpResp.Policy.ID), fleet.GetPolicyByIDRequest{}, http.StatusOK, &gtpResp)
require.NotNil(t, gtpResp.Policy)
assert.Equal(t, tpNameNew, gtpResp.Policy.Name)
assert.Equal(t, "select * from osquery_info;", gtpResp.Policy.Query)
@ -3125,7 +3125,7 @@ func (s *integrationTestSuite) TestTeamPoliciesProprietary() {
assert.Equal(t, "some team resolution updated", *gtpResp.Policy.Resolution)
assert.Equal(t, "darwin", gtpResp.Policy.Platform)
policiesResponse := listTeamPoliciesResponse{}
policiesResponse := fleet.ListTeamPoliciesResponse{}
s.DoJSON("GET", fmt.Sprintf("/api/latest/fleet/teams/%d/policies", team1.ID), nil, http.StatusOK, &policiesResponse)
require.Len(t, policiesResponse.Policies, 1)
assert.Equal(t, tpNameNew, policiesResponse.Policies[0].Name)
@ -3137,22 +3137,22 @@ func (s *integrationTestSuite) TestTeamPoliciesProprietary() {
require.Len(t, policiesResponse.InheritedPolicies, 0)
// test team policy count endpoint
tpCountResp := countTeamPoliciesResponse{}
tpCountResp := fleet.CountTeamPoliciesResponse{}
s.DoJSON("GET", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/count", team1.ID), nil, http.StatusOK, &tpCountResp)
assert.Equal(t, 1, tpCountResp.Count)
assert.Equal(t, 0, tpCountResp.InheritedPolicyCount)
tpCountResp = countTeamPoliciesResponse{}
tpCountResp = fleet.CountTeamPoliciesResponse{}
s.DoJSON("GET", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/count", team1.ID), nil, http.StatusOK, &tpCountResp, "query", tpNameNew)
assert.Equal(t, 1, tpCountResp.Count)
assert.Equal(t, 0, tpCountResp.InheritedPolicyCount)
tpCountResp = countTeamPoliciesResponse{}
tpCountResp = fleet.CountTeamPoliciesResponse{}
s.DoJSON("GET", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/count", team1.ID), nil, http.StatusOK, &tpCountResp, "query", " "+tpNameNew+" ")
assert.Equal(t, 1, tpCountResp.Count)
assert.Equal(t, 0, tpCountResp.InheritedPolicyCount)
tpCountResp = countTeamPoliciesResponse{}
tpCountResp = fleet.CountTeamPoliciesResponse{}
s.DoJSON("GET", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/count", team1.ID), nil, http.StatusOK, &tpCountResp, "query", " nomatch")
assert.Equal(t, 0, tpCountResp.Count)
assert.Equal(t, 0, tpCountResp.InheritedPolicyCount)
@ -3177,11 +3177,11 @@ func (s *integrationTestSuite) TestTeamPoliciesProprietary() {
s.DoJSON("GET", listHostsURL, nil, http.StatusOK, &listHostsResp)
require.Len(t, listHostsResp.Hosts, 1)
deletePolicyParams := deleteTeamPoliciesRequest{IDs: []uint{policiesResponse.Policies[0].ID}}
deletePolicyResp := deleteTeamPoliciesResponse{}
deletePolicyParams := fleet.DeleteTeamPoliciesRequest{IDs: []uint{policiesResponse.Policies[0].ID}}
deletePolicyResp := fleet.DeleteTeamPoliciesResponse{}
s.DoJSON("POST", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/delete", team1.ID), deletePolicyParams, http.StatusOK, &deletePolicyResp)
policiesResponse = listTeamPoliciesResponse{}
policiesResponse = fleet.ListTeamPoliciesResponse{}
s.DoJSON("GET", fmt.Sprintf("/api/latest/fleet/teams/%d/policies", team1.ID), nil, http.StatusOK, &policiesResponse)
require.Len(t, policiesResponse.Policies, 0)
}
@ -3196,24 +3196,24 @@ func (s *integrationTestSuite) TestTeamPoliciesProprietaryInvalid() {
})
require.NoError(t, err)
tpParams := teamPolicyRequest{
tpParams := fleet.TeamPolicyRequest{
Name: "TestQuery3-Team",
Query: "select * from osquery;",
Description: "Some description",
Resolution: "some team resolution",
}
tpResp := teamPolicyResponse{}
tpResp := fleet.TeamPolicyResponse{}
s.DoJSON("POST", fmt.Sprintf("/api/latest/fleet/teams/%d/policies", team1.ID), tpParams, http.StatusOK, &tpResp)
require.NotNil(t, tpResp.Policy)
teamPolicyID := tpResp.Policy.ID
gpParams := globalPolicyRequest{
gpParams := fleet.GlobalPolicyRequest{
Name: "TestQuery3-Global",
Query: "select * from osquery;",
Description: "Some description",
Resolution: "some global resolution",
}
gpResp := globalPolicyResponse{}
gpResp := fleet.GlobalPolicyResponse{}
s.DoJSON("POST", "/api/latest/fleet/policies", gpParams, http.StatusOK, &gpResp)
require.NotNil(t, gpResp.Policy)
require.NotEmpty(t, gpResp.Policy.ID)
@ -3260,48 +3260,48 @@ func (s *integrationTestSuite) TestTeamPoliciesProprietaryInvalid() {
},
} {
t.Run(tc.tname, func(t *testing.T) {
tpReq := teamPolicyRequest{
tpReq := fleet.TeamPolicyRequest{
QueryID: tc.queryID,
Name: tc.name,
Query: tc.query,
Platform: tc.platforms,
}
tpResp := teamPolicyResponse{}
tpResp := fleet.TeamPolicyResponse{}
s.DoJSON("POST", fmt.Sprintf("/api/latest/fleet/teams/%d/policies", team1.ID), tpReq, http.StatusBadRequest, &tpResp)
require.Nil(t, tpResp.Policy)
testUpdate := tc.queryID == nil
if testUpdate {
tpReq := modifyTeamPolicyRequest{
tpReq := fleet.ModifyTeamPolicyRequest{
ModifyPolicyPayload: fleet.ModifyPolicyPayload{
Name: ptr.String(tc.name),
Query: ptr.String(tc.query),
},
}
tpResp := modifyTeamPolicyResponse{}
tpResp := fleet.ModifyTeamPolicyResponse{}
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/%d", team1.ID, teamPolicyID), tpReq, http.StatusBadRequest, &tpResp)
require.Nil(t, tpResp.Policy)
}
gpReq := globalPolicyRequest{
gpReq := fleet.GlobalPolicyRequest{
QueryID: tc.queryID,
Name: tc.name,
Query: tc.query,
Platform: tc.platforms,
}
gpResp := globalPolicyResponse{}
gpResp := fleet.GlobalPolicyResponse{}
s.DoJSON("POST", "/api/latest/fleet/policies", gpReq, http.StatusBadRequest, &gpResp)
require.Nil(t, tpResp.Policy)
if testUpdate {
gpReq := modifyGlobalPolicyRequest{
gpReq := fleet.ModifyGlobalPolicyRequest{
ModifyPolicyPayload: fleet.ModifyPolicyPayload{
Name: ptr.String(tc.name),
Query: ptr.String(tc.query),
},
}
gpResp := modifyGlobalPolicyResponse{}
gpResp := fleet.ModifyGlobalPolicyResponse{}
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/policies/%d", globalPolicyID), gpReq, http.StatusBadRequest, &gpResp)
require.Nil(t, tpResp.Policy)
}
@ -3356,24 +3356,24 @@ func (s *integrationTestSuite) TestHostDetailsPolicies() {
err = s.ds.AddHostsToTeam(context.Background(), fleet.NewAddHostsToTeamParams(&team1.ID, []uint{host1.ID}))
require.NoError(t, err)
gpParams := globalPolicyRequest{
gpParams := fleet.GlobalPolicyRequest{
Name: "HostDetailsPolicies",
Query: "select * from osquery;",
Description: "Some description",
Resolution: "some global resolution",
}
gpResp := globalPolicyResponse{}
gpResp := fleet.GlobalPolicyResponse{}
s.DoJSON("POST", "/api/latest/fleet/policies", gpParams, http.StatusOK, &gpResp)
require.NotNil(t, gpResp.Policy)
require.NotEmpty(t, gpResp.Policy.ID)
tpParams := teamPolicyRequest{
tpParams := fleet.TeamPolicyRequest{
Name: "HostDetailsPolicies-Team",
Query: "select * from osquery;",
Description: "Some description",
Resolution: "some team resolution",
}
tpResp := teamPolicyResponse{}
tpResp := fleet.TeamPolicyResponse{}
s.DoJSON("POST", fmt.Sprintf("/api/latest/fleet/teams/%d/policies", team1.ID), tpParams, http.StatusOK, &tpResp)
require.NotNil(t, tpResp.Policy)
require.NotEmpty(t, tpResp.Policy.ID)
@ -5409,11 +5409,11 @@ func (s *integrationTestSuite) TestListHostsByLabel() {
)
require.NoError(t, err)
gpParams := globalPolicyRequest{
gpParams := fleet.GlobalPolicyRequest{
QueryID: &qr.ID,
Resolution: "some global resolution",
}
gpResp := globalPolicyResponse{}
gpResp := fleet.GlobalPolicyResponse{}
s.DoJSON("POST", "/api/latest/fleet/policies", gpParams, http.StatusOK, &gpResp)
require.NotNil(t, gpResp.Policy)
require.NoError(
@ -5905,11 +5905,11 @@ func (s *integrationTestSuite) TestUsers() {
func (s *integrationTestSuite) TestGlobalPoliciesAutomationConfig() {
t := s.T()
gpParams := globalPolicyRequest{
gpParams := fleet.GlobalPolicyRequest{
Name: "policy1",
Query: "select 41;",
}
gpResp := globalPolicyResponse{}
gpResp := fleet.GlobalPolicyResponse{}
s.DoJSON("POST", "/api/latest/fleet/policies", gpParams, http.StatusOK, &gpResp)
require.NotNil(t, gpResp.Policy)
@ -5932,8 +5932,8 @@ func (s *integrationTestSuite) TestGlobalPoliciesAutomationConfig() {
require.Equal(t, 1*time.Hour, config.WebhookSettings.Interval.Duration)
require.Equal(t, 1000, config.WebhookSettings.FailingPoliciesWebhook.HostBatchSize)
deletePolicyParams := deleteGlobalPoliciesRequest{IDs: []uint{gpResp.Policy.ID}}
deletePolicyResp := deleteGlobalPoliciesResponse{}
deletePolicyParams := fleet.DeleteGlobalPoliciesRequest{IDs: []uint{gpResp.Policy.ID}}
deletePolicyResp := fleet.DeleteGlobalPoliciesResponse{}
s.DoJSON("POST", "/api/latest/fleet/policies/delete", deletePolicyParams, http.StatusOK, &deletePolicyResp)
config = s.getConfig()
@ -7652,11 +7652,11 @@ func (s *integrationTestSuite) TestGlobalPoliciesBrowsing() {
})
require.NoError(t, err)
gpParams0 := globalPolicyRequest{
gpParams0 := fleet.GlobalPolicyRequest{
Name: "global policy",
Query: "select * from osquery;",
}
gpResp0 := globalPolicyResponse{}
gpResp0 := fleet.GlobalPolicyResponse{}
s.DoJSON("POST", "/api/latest/fleet/policies", gpParams0, http.StatusOK, &gpResp0)
require.NotNil(t, gpResp0.Policy)
@ -7683,7 +7683,7 @@ func (s *integrationTestSuite) TestGlobalPoliciesBrowsing() {
s.token = oldToken
})
policiesResponse := listGlobalPoliciesResponse{}
policiesResponse := fleet.ListGlobalPoliciesResponse{}
s.DoJSON("GET", "/api/latest/fleet/policies", nil, http.StatusOK, &policiesResponse)
require.Len(t, policiesResponse.Policies, 1)
assert.Equal(t, "global policy", policiesResponse.Policies[0].Name)
@ -7693,12 +7693,12 @@ func (s *integrationTestSuite) TestGlobalPoliciesBrowsing() {
func (s *integrationTestSuite) TestTeamPoliciesTeamNotExists() {
t := s.T()
teamPoliciesResponse := listTeamPoliciesResponse{}
teamPoliciesResponse := fleet.ListTeamPoliciesResponse{}
s.DoJSON("GET", fmt.Sprintf("/api/latest/fleet/teams/%d/policies", 9999999), nil, http.StatusNotFound, &teamPoliciesResponse)
require.Len(t, teamPoliciesResponse.Policies, 0)
deleteTeamPoliciesResponse := deleteTeamPoliciesResponse{}
s.DoJSON("POST", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/delete", 9999999), deleteTeamPoliciesRequest{IDs: []uint{1, 1000}}, http.StatusNotFound, &deleteTeamPoliciesResponse)
deleteTeamPoliciesResp := fleet.DeleteTeamPoliciesResponse{}
s.DoJSON("POST", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/delete", 9999999), fleet.DeleteTeamPoliciesRequest{IDs: []uint{1, 1000}}, http.StatusNotFound, &deleteTeamPoliciesResp)
}
func (s *integrationTestSuite) TestSessionInfo() {
@ -14344,7 +14344,7 @@ func (s *integrationTestSuite) TestAutofillPolicies() {
},
)
req := autofillPoliciesRequest{
req := fleet.AutofillPoliciesRequest{
SQL: " ", // empty
}
getHumanInterpretationFromOsquerySqlUrl = mockUrl + "/ok"
@ -14354,14 +14354,14 @@ func (s *integrationTestSuite) TestAutofillPolicies() {
// good request
req.SQL = "select 1"
var res autofillPoliciesResponse
var res fleet.AutofillPoliciesResponse
s.DoJSON("POST", "/api/latest/fleet/autofill/policy", req, http.StatusOK, &res)
assert.Equal(t, "description", res.Description)
assert.Equal(t, "resolution", res.Resolution)
// good request with weird characters
req.SQL = `select * from " with ' and "" \"`
res = autofillPoliciesResponse{}
res = fleet.AutofillPoliciesResponse{}
s.DoJSON("POST", "/api/latest/fleet/autofill/policy", req, http.StatusOK, &res)
assert.Equal(t, "description", res.Description)
assert.Equal(t, "resolution", res.Resolution)

526
server/service/integration_enterprise_test.go
View file

File diff suppressed because it is too large Load diff

166
server/service/integration_mdm_test.go
View file

@ -13983,8 +13983,8 @@ func (s *integrationMDMTestSuite) TestVPPApps() {
require.Equal(t, macOSTitleID, listSw.SoftwareTitles[0].ID)
// delete the automatic install policy (so we can delete the app next)
var deletePolicyResp deleteTeamPoliciesResponse
s.DoJSON("POST", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/delete", team.ID), &deleteGlobalPoliciesRequest{IDs: []uint{listSw.SoftwareTitles[0].AppStoreApp.AutomaticInstallPolicies[0].ID}}, http.StatusOK, &deletePolicyResp)
var deletePolicyResp fleet.DeleteTeamPoliciesResponse
s.DoJSON("POST", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/delete", team.ID), &fleet.DeleteGlobalPoliciesRequest{IDs: []uint{listSw.SoftwareTitles[0].AppStoreApp.AutomaticInstallPolicies[0].ID}}, http.StatusOK, &deletePolicyResp)
// delete the app store app for team 1
s.Do("DELETE", fmt.Sprintf("/api/latest/fleet/software/titles/%d/available_for_install", macOSTitleID), nil, http.StatusNoContent,
@ -15048,19 +15048,19 @@ func (s *integrationMDMTestSuite) TestVPPAppPolicyAutomation() {
})
require.NoError(t, err)
mtplr := modifyTeamPolicyResponse{}
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/%d", team.ID, policy1Team1.ID), modifyTeamPolicyRequest{
mtplr := fleet.ModifyTeamPolicyResponse{}
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/%d", team.ID, policy1Team1.ID), fleet.ModifyTeamPolicyRequest{
ModifyPolicyPayload: fleet.ModifyPolicyPayload{
SoftwareTitleID: optjson.Any[uint]{Set: true, Valid: true, Value: iOSTitleID},
},
}, http.StatusBadRequest, &mtplr)
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/%d", team.ID, policy1Team1.ID), modifyTeamPolicyRequest{
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/%d", team.ID, policy1Team1.ID), fleet.ModifyTeamPolicyRequest{
ModifyPolicyPayload: fleet.ModifyPolicyPayload{
SoftwareTitleID: optjson.Any[uint]{Set: true, Valid: true, Value: macOSTitleID},
},
}, http.StatusOK, &mtplr)
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/%d", team.ID, policy3Team1.ID), modifyTeamPolicyRequest{
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/%d", team.ID, policy3Team1.ID), fleet.ModifyTeamPolicyRequest{
ModifyPolicyPayload: fleet.ModifyPolicyPayload{
SoftwareTitleID: optjson.Any[uint]{Set: true, Valid: true, Value: macOSTitleID},
ScriptID: optjson.Any[uint]{Set: true, Valid: true, Value: savedTmScript.ID},
@ -15074,7 +15074,7 @@ func (s *integrationMDMTestSuite) TestVPPAppPolicyAutomation() {
require.Len(t, titleResponse.SoftwareTitle.AppStoreApp.AutomaticInstallPolicies, 2)
require.Equal(t, titleResponse.SoftwareTitle.AppStoreApp.AutomaticInstallPolicies[0].ID, policy1Team1.ID)
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/%d", team.ID, policy2Team1.ID), modifyTeamPolicyRequest{
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/%d", team.ID, policy2Team1.ID), fleet.ModifyTeamPolicyRequest{
ModifyPolicyPayload: fleet.ModifyPolicyPayload{
SoftwareTitleID: optjson.Any[uint]{Set: true, Valid: true, Value: macOSTitleID},
},
@ -18557,8 +18557,8 @@ func (s *integrationMDMTestSuite) TestVPPPolicyAutomationLabelScopingRetrigger()
})
require.NoError(t, err)
mtplr := modifyTeamPolicyResponse{}
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/%d", team.ID, policy1.ID), modifyTeamPolicyRequest{
mtplr := fleet.ModifyTeamPolicyResponse{}
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/%d", team.ID, policy1.ID), fleet.ModifyTeamPolicyRequest{
ModifyPolicyPayload: fleet.ModifyPolicyPayload{
SoftwareTitleID: optjson.Any[uint]{Set: true, Valid: true, Value: vppAppTitleID},
},
@ -20753,107 +20753,107 @@ func (s *integrationMDMTestSuite) TestTeamLabelsAssociationsCheck() {
t.Run("1. policy labels assignment checks", func(t *testing.T) {
// 1.A.1 Attempt to create global policy that references l1t1 (should fail).
var gpResp globalPolicyResponse
s.DoJSON("POST", "/api/latest/fleet/policies", globalPolicyRequest{
var gpResp fleet.GlobalPolicyResponse
s.DoJSON("POST", "/api/latest/fleet/policies", fleet.GlobalPolicyRequest{
Name: "All teams policy",
Query: "SELECT 1;",
LabelsIncludeAny: []string{l1t1.Name, globalLabel.Name},
}, http.StatusBadRequest, &gpResp)
gpResp = globalPolicyResponse{}
s.DoJSON("POST", "/api/latest/fleet/policies", globalPolicyRequest{
gpResp = fleet.GlobalPolicyResponse{}
s.DoJSON("POST", "/api/latest/fleet/policies", fleet.GlobalPolicyRequest{
Name: "All teams policy",
Query: "SELECT 1;",
LabelsExcludeAny: []string{globalLabel.Name, l1t1.Name},
}, http.StatusBadRequest, &gpResp)
// 1.A.2 Attempt to create a global policy with global labels (should succeed).
gpResp = globalPolicyResponse{}
s.DoJSON("POST", "/api/latest/fleet/policies", globalPolicyRequest{
gpResp = fleet.GlobalPolicyResponse{}
s.DoJSON("POST", "/api/latest/fleet/policies", fleet.GlobalPolicyRequest{
Name: "All teams policy",
Query: "SELECT 1;",
LabelsIncludeAny: []string{globalLabel.Name},
}, http.StatusOK, &gpResp)
globalPolicyID := gpResp.Policy.ID
gpResp = globalPolicyResponse{}
s.DoJSON("POST", "/api/latest/fleet/policies", globalPolicyRequest{
gpResp = fleet.GlobalPolicyResponse{}
s.DoJSON("POST", "/api/latest/fleet/policies", fleet.GlobalPolicyRequest{
Name: "All teams policy 2",
Query: "SELECT 1;",
LabelsExcludeAny: []string{globalLabel.Name},
}, http.StatusOK, &gpResp)
// 1.A.3 Attempt to modify a global policy with team labels (should fail).
mgpr := &modifyGlobalPolicyRequest{
mgpr := &fleet.ModifyGlobalPolicyRequest{
ModifyPolicyPayload: fleet.ModifyPolicyPayload{
Name: ptr.String("newName1"),
LabelsIncludeAny: []string{l1t1.Name},
},
}
patchPol1 := &modifyGlobalPolicyResponse{}
patchPol1 := &fleet.ModifyGlobalPolicyResponse{}
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/policies/%d", globalPolicyID), mgpr, http.StatusBadRequest, patchPol1)
mgpr = &modifyGlobalPolicyRequest{
mgpr = &fleet.ModifyGlobalPolicyRequest{
ModifyPolicyPayload: fleet.ModifyPolicyPayload{
Name: ptr.String("newName1"),
LabelsExcludeAny: []string{l1t1.Name},
},
}
patchPol1 = &modifyGlobalPolicyResponse{}
patchPol1 = &fleet.ModifyGlobalPolicyResponse{}
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/policies/%d", globalPolicyID), mgpr, http.StatusBadRequest, patchPol1)
// 1.A.4 Attempt to modify a global policy with global labels (should succeed).
mgpr = &modifyGlobalPolicyRequest{
mgpr = &fleet.ModifyGlobalPolicyRequest{
ModifyPolicyPayload: fleet.ModifyPolicyPayload{
Name: ptr.String("newName1"),
LabelsIncludeAny: []string{globalLabel.Name},
},
}
patchPol1 = &modifyGlobalPolicyResponse{}
patchPol1 = &fleet.ModifyGlobalPolicyResponse{}
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/policies/%d", globalPolicyID), mgpr, http.StatusOK, patchPol1)
mgpr = &modifyGlobalPolicyRequest{
mgpr = &fleet.ModifyGlobalPolicyRequest{
ModifyPolicyPayload: fleet.ModifyPolicyPayload{
Name: ptr.String("newName2"),
LabelsIncludeAny: []string{},
LabelsExcludeAny: []string{globalLabel.Name},
},
}
patchPol1 = &modifyGlobalPolicyResponse{}
patchPol1 = &fleet.ModifyGlobalPolicyResponse{}
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/policies/%d", globalPolicyID), mgpr, http.StatusOK, patchPol1)
// 1.B.1 Attempt to create a team policy that references l2t2 (should fail).
tpResp := teamPolicyResponse{}
s.DoJSON("POST", fmt.Sprintf("/api/latest/fleet/teams/%d/policies", t1.ID), teamPolicyRequest{
tpResp := fleet.TeamPolicyResponse{}
s.DoJSON("POST", fmt.Sprintf("/api/latest/fleet/teams/%d/policies", t1.ID), fleet.TeamPolicyRequest{
Name: "t1 policy",
Query: "SELECT 1;",
LabelsIncludeAny: []string{globalLabel.Name, l2t2.Name},
}, http.StatusBadRequest, &tpResp)
s.DoJSON("POST", fmt.Sprintf("/api/latest/fleet/teams/%d/policies", t1.ID), teamPolicyRequest{
s.DoJSON("POST", fmt.Sprintf("/api/latest/fleet/teams/%d/policies", t1.ID), fleet.TeamPolicyRequest{
Name: "t1 policy exclude",
Query: "SELECT 1;",
LabelsExcludeAny: []string{globalLabel.Name, l2t2.Name},
}, http.StatusBadRequest, &tpResp)
// 1.B.2 Attempt to create a team policy with a global label and same team label (should succeed).
tpResp = teamPolicyResponse{}
s.DoJSON("POST", fmt.Sprintf("/api/latest/fleet/teams/%d/policies", t1.ID), teamPolicyRequest{
tpResp = fleet.TeamPolicyResponse{}
s.DoJSON("POST", fmt.Sprintf("/api/latest/fleet/teams/%d/policies", t1.ID), fleet.TeamPolicyRequest{
Name: "t1 policy",
Query: "SELECT 1;",
LabelsIncludeAny: []string{globalLabel.Name, l1t1.Name},
}, http.StatusOK, &tpResp)
teamPolicyID := tpResp.Policy.ID
s.DoJSON("POST", fmt.Sprintf("/api/latest/fleet/teams/%d/policies", t1.ID), teamPolicyRequest{
s.DoJSON("POST", fmt.Sprintf("/api/latest/fleet/teams/%d/policies", t1.ID), fleet.TeamPolicyRequest{
Name: "t1 policy 2",
Query: "SELECT 1;",
LabelsExcludeAny: []string{globalLabel.Name, l1t1.Name},
}, http.StatusOK, &tpResp)
// 1.B.3 Attempt to edit a team policy to reference l2t2 (should fail; label is outside team).
mtplr := modifyTeamPolicyResponse{}
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/%d", t1.ID, teamPolicyID), modifyTeamPolicyRequest{
mtplr := fleet.ModifyTeamPolicyResponse{}
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/%d", t1.ID, teamPolicyID), fleet.ModifyTeamPolicyRequest{
ModifyPolicyPayload: fleet.ModifyPolicyPayload{
LabelsIncludeAny: []string{l2t2.Name},
},
}, http.StatusBadRequest, &mtplr)
mtplr = modifyTeamPolicyResponse{}
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/%d", t1.ID, teamPolicyID), modifyTeamPolicyRequest{
mtplr = fleet.ModifyTeamPolicyResponse{}
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/%d", t1.ID, teamPolicyID), fleet.ModifyTeamPolicyRequest{
ModifyPolicyPayload: fleet.ModifyPolicyPayload{
LabelsIncludeAny: []string{},
LabelsExcludeAny: []string{l2t2.Name},
@ -20861,14 +20861,14 @@ func (s *integrationMDMTestSuite) TestTeamLabelsAssociationsCheck() {
}, http.StatusBadRequest, &mtplr)
// 1.B.3 Attempt to edit a team policy to reference a team label on the same team (should succeed).
mtplr = modifyTeamPolicyResponse{}
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/%d", t1.ID, teamPolicyID), modifyTeamPolicyRequest{
mtplr = fleet.ModifyTeamPolicyResponse{}
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/%d", t1.ID, teamPolicyID), fleet.ModifyTeamPolicyRequest{
ModifyPolicyPayload: fleet.ModifyPolicyPayload{
LabelsIncludeAny: []string{l1t1.Name},
},
}, http.StatusOK, &mtplr)
mtplr = modifyTeamPolicyResponse{}
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/%d", t1.ID, teamPolicyID), modifyTeamPolicyRequest{
mtplr = fleet.ModifyTeamPolicyResponse{}
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/%d", t1.ID, teamPolicyID), fleet.ModifyTeamPolicyRequest{
ModifyPolicyPayload: fleet.ModifyPolicyPayload{
LabelsIncludeAny: []string{},
LabelsExcludeAny: []string{l1t1.Name, globalLabel.Name},
@ -20876,41 +20876,41 @@ func (s *integrationMDMTestSuite) TestTeamLabelsAssociationsCheck() {
}, http.StatusOK, &mtplr)
// 1.C.1 Attempt to create a "No team" policy that references l1t1 (should fail).
tpResp = teamPolicyResponse{}
s.DoJSON("POST", "/api/latest/fleet/teams/0/policies", teamPolicyRequest{
tpResp = fleet.TeamPolicyResponse{}
s.DoJSON("POST", "/api/latest/fleet/teams/0/policies", fleet.TeamPolicyRequest{
Name: "no team policy",
Query: "SELECT 1;",
LabelsIncludeAny: []string{globalLabel.Name, l2t2.Name},
}, http.StatusBadRequest, &tpResp)
s.DoJSON("POST", "/api/latest/fleet/teams/0/policies", teamPolicyRequest{
s.DoJSON("POST", "/api/latest/fleet/teams/0/policies", fleet.TeamPolicyRequest{
Name: "no team policy exclude",
Query: "SELECT 1;",
LabelsExcludeAny: []string{globalLabel.Name, l2t2.Name},
}, http.StatusBadRequest, &tpResp)
// 1.B.2 Attempt to create a "No team" policy with a global label (should succeed).
tpResp = teamPolicyResponse{}
s.DoJSON("POST", "/api/latest/fleet/teams/0/policies", teamPolicyRequest{
tpResp = fleet.TeamPolicyResponse{}
s.DoJSON("POST", "/api/latest/fleet/teams/0/policies", fleet.TeamPolicyRequest{
Name: "no team policy",
Query: "SELECT 1;",
LabelsIncludeAny: []string{globalLabel.Name},
}, http.StatusOK, &tpResp)
noTeamPolicyID := tpResp.Policy.ID
s.DoJSON("POST", "/api/latest/fleet/teams/0/policies", teamPolicyRequest{
s.DoJSON("POST", "/api/latest/fleet/teams/0/policies", fleet.TeamPolicyRequest{
Name: "no team policy 2",
Query: "SELECT 1;",
LabelsExcludeAny: []string{globalLabel.Name},
}, http.StatusOK, &tpResp)
// 1.B.3 Attempt to edit a "No team" policy with a team policy that references l2t2 (should fail).
mtplr = modifyTeamPolicyResponse{}
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/0/policies/%d", noTeamPolicyID), modifyTeamPolicyRequest{
mtplr = fleet.ModifyTeamPolicyResponse{}
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/0/policies/%d", noTeamPolicyID), fleet.ModifyTeamPolicyRequest{
ModifyPolicyPayload: fleet.ModifyPolicyPayload{
LabelsIncludeAny: []string{l2t2.Name},
},
}, http.StatusBadRequest, &mtplr)
mtplr = modifyTeamPolicyResponse{}
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/0/policies/%d", noTeamPolicyID), modifyTeamPolicyRequest{
mtplr = fleet.ModifyTeamPolicyResponse{}
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/0/policies/%d", noTeamPolicyID), fleet.ModifyTeamPolicyRequest{
ModifyPolicyPayload: fleet.ModifyPolicyPayload{
LabelsIncludeAny: []string{},
LabelsExcludeAny: []string{l2t2.Name},
@ -20918,14 +20918,14 @@ func (s *integrationMDMTestSuite) TestTeamLabelsAssociationsCheck() {
}, http.StatusBadRequest, &mtplr)
// 1.B.3 Attempt to edit a team policy to reference a global label (should succeed).
mtplr = modifyTeamPolicyResponse{}
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/0/policies/%d", noTeamPolicyID), modifyTeamPolicyRequest{
mtplr = fleet.ModifyTeamPolicyResponse{}
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/0/policies/%d", noTeamPolicyID), fleet.ModifyTeamPolicyRequest{
ModifyPolicyPayload: fleet.ModifyPolicyPayload{
LabelsIncludeAny: []string{globalLabel.Name},
},
}, http.StatusOK, &mtplr)
mtplr = modifyTeamPolicyResponse{}
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/0/policies/%d", noTeamPolicyID), modifyTeamPolicyRequest{
mtplr = fleet.ModifyTeamPolicyResponse{}
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/0/policies/%d", noTeamPolicyID), fleet.ModifyTeamPolicyRequest{
ModifyPolicyPayload: fleet.ModifyPolicyPayload{
LabelsIncludeAny: []string{},
LabelsExcludeAny: []string{globalLabel.Name},
@ -21889,15 +21889,15 @@ func (s *integrationMDMTestSuite) TestTechnicianPermissions() {
s.DoJSON("DELETE", fmt.Sprintf("/api/latest/fleet/packs/id/%d", userPackID), deletePackRequest{}, http.StatusForbidden, &deletePackResponse{})
// Attempt to create a global policy, should fail.
gplr := globalPolicyResponse{}
s.DoJSON("POST", "/api/latest/fleet/policies", globalPolicyRequest{
gplr := fleet.GlobalPolicyResponse{}
s.DoJSON("POST", "/api/latest/fleet/policies", fleet.GlobalPolicyRequest{
Name: "foo9",
Query: "SELECT * from plist;",
}, http.StatusForbidden, &gplr)
// Attempt to edit a global policy, should fail.
mgplr := modifyGlobalPolicyResponse{}
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/policies/%d", gp2.ID), modifyGlobalPolicyRequest{
mgplr := fleet.ModifyGlobalPolicyResponse{}
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/policies/%d", gp2.ID), fleet.ModifyGlobalPolicyRequest{
ModifyPolicyPayload: fleet.ModifyPolicyPayload{
Query: ptr.String("SELECT * from plist WHERE path = 'foo';"),
},
@ -21905,25 +21905,25 @@ func (s *integrationMDMTestSuite) TestTechnicianPermissions() {
// Attempt to read a global policy, should allow.
s.DoJSON(
"GET", fmt.Sprintf("/api/latest/fleet/policies/%d", gp2.ID), getPolicyByIDRequest{}, http.StatusOK,
&getPolicyByIDResponse{},
"GET", fmt.Sprintf("/api/latest/fleet/policies/%d", gp2.ID), fleet.GetPolicyByIDRequest{}, http.StatusOK,
&fleet.GetPolicyByIDResponse{},
)
// Attempt to delete a global policy, should fail.
s.DoJSON("POST", "/api/latest/fleet/policies/delete", deleteGlobalPoliciesRequest{
s.DoJSON("POST", "/api/latest/fleet/policies/delete", fleet.DeleteGlobalPoliciesRequest{
IDs: []uint{gp2.ID},
}, http.StatusForbidden, &deleteGlobalPoliciesResponse{})
}, http.StatusForbidden, &fleet.DeleteGlobalPoliciesResponse{})
// Attempt to create a team policy, should fail.
tplr := teamPolicyResponse{}
s.DoJSON("POST", fmt.Sprintf("/api/latest/fleet/team/%d/policies", t1.ID), teamPolicyRequest{
tplr := fleet.TeamPolicyResponse{}
s.DoJSON("POST", fmt.Sprintf("/api/latest/fleet/team/%d/policies", t1.ID), fleet.TeamPolicyRequest{
Name: "foo10",
Query: "SELECT * from file;",
}, http.StatusForbidden, &tplr)
// Attempt to edit a team policy, should fail.
mtplr := modifyTeamPolicyResponse{}
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/%d", t2.ID, t2p.ID), modifyTeamPolicyRequest{
mtplr := fleet.ModifyTeamPolicyResponse{}
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/%d", t2.ID, t2p.ID), fleet.ModifyTeamPolicyRequest{
ModifyPolicyPayload: fleet.ModifyPolicyPayload{
Query: ptr.String("SELECT * from file WHERE path = 'foo';"),
},
@ -21931,14 +21931,14 @@ func (s *integrationMDMTestSuite) TestTechnicianPermissions() {
// Attempt to view a team policy, should allow.
s.DoJSON(
"GET", fmt.Sprintf("/api/latest/fleet/team/%d/policies/%d", t2.ID, t2p.ID), getTeamPolicyByIDRequest{}, http.StatusOK,
&getTeamPolicyByIDResponse{},
"GET", fmt.Sprintf("/api/latest/fleet/team/%d/policies/%d", t2.ID, t2p.ID), fleet.GetTeamPolicyByIDRequest{}, http.StatusOK,
&fleet.GetTeamPolicyByIDResponse{},
)
// Attempt to delete a team policy, should fail.
s.DoJSON("POST", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/delete", t2.ID), deleteTeamPoliciesRequest{
s.DoJSON("POST", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/delete", t2.ID), fleet.DeleteTeamPoliciesRequest{
IDs: []uint{t2p.ID},
}, http.StatusForbidden, &deleteTeamPoliciesResponse{})
}, http.StatusForbidden, &fleet.DeleteTeamPoliciesResponse{})
// Attempt to create a user, should fail.
s.DoJSON("POST", "/api/latest/fleet/users/admin", createUserRequest{
@ -22280,47 +22280,47 @@ func (s *integrationMDMTestSuite) TestTechnicianPermissions() {
}, http.StatusForbidden, &modifyLabelResponse{})
// Attempt to read a global policy, should allow.
s.DoJSON("GET", fmt.Sprintf("/api/latest/fleet/policies/%d", gp2.ID), getPolicyByIDRequest{}, http.StatusOK, &getPolicyByIDResponse{})
s.DoJSON("GET", fmt.Sprintf("/api/latest/fleet/policies/%d", gp2.ID), fleet.GetPolicyByIDRequest{}, http.StatusOK, &fleet.GetPolicyByIDResponse{})
// Attempt to delete a global policy, should fail.
s.DoJSON("POST", "/api/latest/fleet/policies/delete", deleteGlobalPoliciesRequest{
s.DoJSON("POST", "/api/latest/fleet/policies/delete", fleet.DeleteGlobalPoliciesRequest{
IDs: []uint{gp2.ID},
}, http.StatusForbidden, &deleteGlobalPoliciesResponse{})
}, http.StatusForbidden, &fleet.DeleteGlobalPoliciesResponse{})
// Attempt to create a team policy, should fail.
ttplr := teamPolicyResponse{}
s.DoJSON("POST", fmt.Sprintf("/api/latest/fleet/team/%d/policies", t1.ID), teamPolicyRequest{
ttplr := fleet.TeamPolicyResponse{}
s.DoJSON("POST", fmt.Sprintf("/api/latest/fleet/team/%d/policies", t1.ID), fleet.TeamPolicyRequest{
Name: "foo1000",
Query: "SELECT * from file;",
}, http.StatusForbidden, &ttplr)
// Attempt to edit a team policy, should fail.
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/%d", t1.ID, t1p.ID), modifyTeamPolicyRequest{
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/%d", t1.ID, t1p.ID), fleet.ModifyTeamPolicyRequest{
ModifyPolicyPayload: fleet.ModifyPolicyPayload{
Query: ptr.String("SELECT * from file WHERE path = 'foobar';"),
},
}, http.StatusForbidden, &modifyTeamPolicyResponse{})
}, http.StatusForbidden, &fleet.ModifyTeamPolicyResponse{})
// Attempt to edit another team's policy, should fail.
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/%d", t2.ID, t2p.ID), modifyTeamPolicyRequest{
s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/%d", t2.ID, t2p.ID), fleet.ModifyTeamPolicyRequest{
ModifyPolicyPayload: fleet.ModifyPolicyPayload{
Query: ptr.String("SELECT * from file WHERE path = 'foobar';"),
},
}, http.StatusForbidden, &modifyTeamPolicyResponse{})
}, http.StatusForbidden, &fleet.ModifyTeamPolicyResponse{})
// Attempt to view a team policy, should allow.
s.DoJSON(
"GET", fmt.Sprintf("/api/latest/fleet/team/%d/policies/%d", t1.ID, t1p.ID), getTeamPolicyByIDRequest{}, http.StatusOK,
&getTeamPolicyByIDResponse{},
"GET", fmt.Sprintf("/api/latest/fleet/team/%d/policies/%d", t1.ID, t1p.ID), fleet.GetTeamPolicyByIDRequest{}, http.StatusOK,
&fleet.GetTeamPolicyByIDResponse{},
)
// Attempt to view another team's policy, should fail.
s.DoJSON("GET", fmt.Sprintf("/api/latest/fleet/team/%d/policies/%d", t2.ID, t2p.ID), getTeamPolicyByIDRequest{}, http.StatusForbidden, &getTeamPolicyByIDResponse{})
s.DoJSON("GET", fmt.Sprintf("/api/latest/fleet/team/%d/policies/%d", t2.ID, t2p.ID), fleet.GetTeamPolicyByIDRequest{}, http.StatusForbidden, &fleet.GetTeamPolicyByIDResponse{})
// Attempt to delete a team policy, should fail.
s.DoJSON("POST", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/delete", t1.ID), deleteTeamPoliciesRequest{
s.DoJSON("POST", fmt.Sprintf("/api/latest/fleet/teams/%d/policies/delete", t1.ID), fleet.DeleteTeamPoliciesRequest{
IDs: []uint{t1p.ID},
}, http.StatusForbidden, &deleteTeamPoliciesResponse{})
}, http.StatusForbidden, &fleet.DeleteTeamPoliciesResponse{})
// Attempt to view own team, should allow, but enroll secrets should be masked.
teamRes = teamResponse{}

6
server/service/integration_software_titles_test.go
View file

@ -124,8 +124,8 @@ func (s *integrationMDMTestSuite) TestSoftwareTitleDisplayNames() {
s.Assert().Len(stResp.SoftwareTitle.SoftwarePackage.AutomaticInstallPolicies, 1)
// Auto install policy should have the display name
var getPolicyResp getPolicyByIDResponse
s.DoJSON("GET", fmt.Sprintf("/api/latest/fleet/policies/%d", stResp.SoftwareTitle.SoftwarePackage.AutomaticInstallPolicies[0].ID), getPolicyByIDRequest{}, http.StatusOK, &getPolicyResp)
var getPolicyResp fleet.GetPolicyByIDResponse
s.DoJSON("GET", fmt.Sprintf("/api/latest/fleet/policies/%d", stResp.SoftwareTitle.SoftwarePackage.AutomaticInstallPolicies[0].ID), fleet.GetPolicyByIDRequest{}, http.StatusOK, &getPolicyResp)
s.Assert().NotNil(getPolicyResp.Policy)
s.Assert().Equal("RubyUpdate1", getPolicyResp.Policy.InstallSoftware.DisplayName)
@ -299,7 +299,7 @@ func (s *integrationMDMTestSuite) TestSoftwareTitleDisplayNames() {
s.Assert().Equal(*updateAppReq.DisplayName, stResp.SoftwareTitle.DisplayName)
// Auto install policy has display name
s.DoJSON("GET", fmt.Sprintf("/api/latest/fleet/policies/%d", stResp.SoftwareTitle.AppStoreApp.AutomaticInstallPolicies[0].ID), getPolicyByIDRequest{}, http.StatusOK, &getPolicyResp)
s.DoJSON("GET", fmt.Sprintf("/api/latest/fleet/policies/%d", stResp.SoftwareTitle.AppStoreApp.AutomaticInstallPolicies[0].ID), fleet.GetPolicyByIDRequest{}, http.StatusOK, &getPolicyResp)
s.Assert().NotNil(getPolicyResp.Policy)
s.Assert().Equal(*updateAppReq.DisplayName, getPolicyResp.Policy.InstallSoftware.DisplayName)

133
server/service/team_policies.go
View file

@ -19,34 +19,8 @@ import (
// Add
/////////////////////////////////////////////////////////////////////////////////
type teamPolicyRequest struct {
TeamID uint `url:"fleet_id"`
QueryID *uint `json:"query_id" renameto:"report_id"`
Query string `json:"query"`
Name string `json:"name"`
Description string `json:"description"`
Resolution string `json:"resolution"`
Platform string `json:"platform"`
Critical bool `json:"critical" premium:"true"`
CalendarEventsEnabled bool `json:"calendar_events_enabled"`
SoftwareTitleID *uint `json:"software_title_id"`
ScriptID *uint `json:"script_id"`
LabelsIncludeAny []string `json:"labels_include_any"`
LabelsExcludeAny []string `json:"labels_exclude_any"`
ConditionalAccessEnabled bool `json:"conditional_access_enabled"`
Type *string `json:"type"`
PatchSoftwareTitleID *uint `json:"patch_software_title_id"`
}
type teamPolicyResponse struct {
Policy *fleet.Policy `json:"policy,omitempty"`
Err error `json:"error,omitempty"`
}
func (r teamPolicyResponse) Error() error { return r.Err }
func teamPolicyEndpoint(ctx context.Context, request interface{}, svc fleet.Service) (fleet.Errorer, error) {
req := request.(*teamPolicyRequest)
req := request.(*fleet.TeamPolicyRequest)
resp, err := svc.NewTeamPolicy(ctx, req.TeamID, fleet.NewTeamPolicyPayload{
QueryID: req.QueryID,
Name: req.Name,
@ -65,9 +39,9 @@ func teamPolicyEndpoint(ctx context.Context, request interface{}, svc fleet.Serv
PatchSoftwareTitleID: req.PatchSoftwareTitleID,
})
if err != nil {
return teamPolicyResponse{Err: err}, nil
return fleet.TeamPolicyResponse{Err: err}, nil
}
return teamPolicyResponse{Policy: resp}, nil
return fleet.TeamPolicyResponse{Policy: resp}, nil
}
func (svc Service) NewTeamPolicy(ctx context.Context, teamID uint, tp fleet.NewTeamPolicyPayload) (*fleet.Policy, error) {
@ -247,27 +221,8 @@ func (svc *Service) newTeamPolicyPayloadToPolicyPayload(ctx context.Context, tea
// List
/////////////////////////////////////////////////////////////////////////////////
type listTeamPoliciesRequest struct {
TeamID uint `url:"fleet_id"`
Opts fleet.ListOptions `url:"list_options"`
InheritedPage uint `query:"inherited_page,optional"`
InheritedPerPage uint `query:"inherited_per_page,optional"`
InheritedOrderDirection fleet.OrderDirection `query:"inherited_order_direction,optional"`
InheritedOrderKey string `query:"inherited_order_key,optional"`
MergeInherited bool `query:"merge_inherited,optional"`
AutomationType string `query:"automation_type,optional"`
}
type listTeamPoliciesResponse struct {
Policies []*fleet.Policy `json:"policies,omitempty"`
InheritedPolicies []*fleet.Policy `json:"inherited_policies,omitempty"`
Err error `json:"error,omitempty"`
}
func (r listTeamPoliciesResponse) Error() error { return r.Err }
func listTeamPoliciesEndpoint(ctx context.Context, request interface{}, svc fleet.Service) (fleet.Errorer, error) {
req := request.(*listTeamPoliciesRequest)
req := request.(*fleet.ListTeamPoliciesRequest)
inheritedListOptions := fleet.ListOptions{
Page: req.InheritedPage,
@ -278,9 +233,9 @@ func listTeamPoliciesEndpoint(ctx context.Context, request interface{}, svc flee
tmPols, inheritedPols, err := svc.ListTeamPolicies(ctx, req.TeamID, req.Opts, inheritedListOptions, req.MergeInherited, req.AutomationType)
if err != nil {
return listTeamPoliciesResponse{Err: err}, nil
return fleet.ListTeamPoliciesResponse{Err: err}, nil
}
return listTeamPoliciesResponse{Policies: tmPols, InheritedPolicies: inheritedPols}, nil
return fleet.ListTeamPoliciesResponse{Policies: tmPols, InheritedPolicies: inheritedPols}, nil
}
func (svc *Service) ListTeamPolicies(ctx context.Context, teamID uint, opts fleet.ListOptions, iopts fleet.ListOptions, mergeInherited bool, automationFilter string) (teamPolicies, inheritedPolicies []*fleet.Policy, err error) {
@ -335,28 +290,13 @@ func (svc *Service) ListTeamPolicies(ctx context.Context, teamID uint, opts flee
// Count
/////////////////////////////////////////////////////////////////////////////////
type countTeamPoliciesRequest struct {
ListOptions fleet.ListOptions `url:"list_options"`
TeamID uint `url:"fleet_id"`
MergeInherited bool `query:"merge_inherited,optional"`
AutomationType string `query:"automation_type,optional"`
}
type countTeamPoliciesResponse struct {
Count int `json:"count"`
InheritedPolicyCount int `json:"inherited_policy_count"`
Err error `json:"error,omitempty"`
}
func (r countTeamPoliciesResponse) Error() error { return r.Err }
func countTeamPoliciesEndpoint(ctx context.Context, request interface{}, svc fleet.Service) (fleet.Errorer, error) {
req := request.(*countTeamPoliciesRequest)
req := request.(*fleet.CountTeamPoliciesRequest)
count, inheritedCount, err := svc.CountTeamPolicies(ctx, req.TeamID, req.ListOptions.MatchQuery, req.MergeInherited, req.AutomationType)
if err != nil {
return countTeamPoliciesResponse{Err: err}, nil
return fleet.CountTeamPoliciesResponse{Err: err}, nil
}
return countTeamPoliciesResponse{Count: count, InheritedPolicyCount: inheritedCount}, nil
return fleet.CountTeamPoliciesResponse{Count: count, InheritedPolicyCount: inheritedCount}, nil
}
func (svc *Service) CountTeamPolicies(ctx context.Context, teamID uint, matchQuery string, mergeInherited bool, automationType string) (int, int, error) {
@ -397,25 +337,13 @@ func (svc *Service) CountTeamPolicies(ctx context.Context, teamID uint, matchQue
// Get by id
/////////////////////////////////////////////////////////////////////////////////
type getTeamPolicyByIDRequest struct {
TeamID uint `url:"fleet_id"`
PolicyID uint `url:"policy_id"`
}
type getTeamPolicyByIDResponse struct {
Policy *fleet.Policy `json:"policy"`
Err error `json:"error,omitempty"`
}
func (r getTeamPolicyByIDResponse) Error() error { return r.Err }
func getTeamPolicyByIDEndpoint(ctx context.Context, request interface{}, svc fleet.Service) (fleet.Errorer, error) {
req := request.(*getTeamPolicyByIDRequest)
req := request.(*fleet.GetTeamPolicyByIDRequest)
teamPolicy, err := svc.GetTeamPolicyByIDQueries(ctx, req.TeamID, req.PolicyID)
if err != nil {
return getTeamPolicyByIDResponse{Err: err}, nil
return fleet.GetTeamPolicyByIDResponse{Err: err}, nil
}
return getTeamPolicyByIDResponse{Policy: teamPolicy}, nil
return fleet.GetTeamPolicyByIDResponse{Policy: teamPolicy}, nil
}
func (svc Service) GetTeamPolicyByIDQueries(ctx context.Context, teamID uint, policyID uint) (*fleet.Policy, error) {
@ -449,25 +377,13 @@ func (svc Service) GetTeamPolicyByIDQueries(ctx context.Context, teamID uint, po
// Delete
/////////////////////////////////////////////////////////////////////////////////
type deleteTeamPoliciesRequest struct {
TeamID uint `url:"fleet_id"`
IDs []uint `json:"ids"`
}
type deleteTeamPoliciesResponse struct {
Deleted []uint `json:"deleted,omitempty"`
Err error `json:"error,omitempty"`
}
func (r deleteTeamPoliciesResponse) Error() error { return r.Err }
func deleteTeamPoliciesEndpoint(ctx context.Context, request interface{}, svc fleet.Service) (fleet.Errorer, error) {
req := request.(*deleteTeamPoliciesRequest)
req := request.(*fleet.DeleteTeamPoliciesRequest)
resp, err := svc.DeleteTeamPolicies(ctx, req.TeamID, req.IDs)
if err != nil {
return deleteTeamPoliciesResponse{Err: err}, nil
return fleet.DeleteTeamPoliciesResponse{Err: err}, nil
}
return deleteTeamPoliciesResponse{Deleted: resp}, nil
return fleet.DeleteTeamPoliciesResponse{Deleted: resp}, nil
}
func (svc Service) DeleteTeamPolicies(ctx context.Context, teamID uint, ids []uint) ([]uint, error) {
@ -565,26 +481,13 @@ func (svc Service) DeleteTeamPolicies(ctx context.Context, teamID uint, ids []ui
// Modify
/////////////////////////////////////////////////////////////////////////////////
type modifyTeamPolicyRequest struct {
TeamID uint `url:"fleet_id"`
PolicyID uint `url:"policy_id"`
fleet.ModifyPolicyPayload
}
type modifyTeamPolicyResponse struct {
Policy *fleet.Policy `json:"policy,omitempty"`
Err error `json:"error,omitempty"`
}
func (r modifyTeamPolicyResponse) Error() error { return r.Err }
func modifyTeamPolicyEndpoint(ctx context.Context, request interface{}, svc fleet.Service) (fleet.Errorer, error) {
req := request.(*modifyTeamPolicyRequest)
req := request.(*fleet.ModifyTeamPolicyRequest)
resp, err := svc.ModifyTeamPolicy(ctx, req.TeamID, req.PolicyID, req.ModifyPolicyPayload)
if err != nil {
return modifyTeamPolicyResponse{Err: err}, nil
return fleet.ModifyTeamPolicyResponse{Err: err}, nil
}
return modifyTeamPolicyResponse{Policy: resp}, nil
return fleet.ModifyTeamPolicyResponse{Policy: resp}, nil
}
func (svc *Service) ModifyTeamPolicy(ctx context.Context, teamID uint, id uint, p fleet.ModifyPolicyPayload) (*fleet.Policy, error) {