diff --git a/changes/12582-nudge-mdm b/changes/12582-nudge-mdm new file mode 100644 index 0000000000..4656110d23 --- /dev/null +++ b/changes/12582-nudge-mdm @@ -0,0 +1 @@ +* Fixed an issue that displayed Nudge to macOS hosts if MDM was configured but MDM features weren't turned on for the host diff --git a/server/fleet/app.go b/server/fleet/app.go index cc63f1251c..4b3f21bcca 100644 --- a/server/fleet/app.go +++ b/server/fleet/app.go @@ -176,6 +176,14 @@ type MacOSUpdates struct { Deadline optjson.String `json:"deadline"` } +// EnabledForHost returns a boolean indicating if updates are enabled for the host +func (m MacOSUpdates) EnabledForHost(h *Host) bool { + return m.Deadline.Value != "" && + m.MinimumVersion.Value != "" && + h.IsOsqueryEnrolled() && + h.MDMInfo.IsFleetEnrolled() +} + func (m MacOSUpdates) Validate() error { // if no settings are provided it's okay to skip further validation if m.MinimumVersion.Value == "" && m.Deadline.Value == "" { diff --git a/server/fleet/app_test.go b/server/fleet/app_test.go index 99b3b18964..268eb2277a 100644 --- a/server/fleet/app_test.go +++ b/server/fleet/app_test.go @@ -4,6 +4,7 @@ import ( "testing" "github.com/fleetdm/fleet/v4/pkg/optjson" + "github.com/fleetdm/fleet/v4/server/ptr" "github.com/stretchr/testify/require" ) @@ -115,6 +116,38 @@ func TestMacOSUpdatesValidate(t *testing.T) { }) } +func TestMacOSUpdatesEnabledForHost(t *testing.T) { + hostWithRequirements := &Host{ + OsqueryHostID: ptr.String("notempty"), + MDMInfo: &HostMDM{ + IsServer: false, + Enrolled: true, + Name: WellKnownMDMFleet, + }, + } + cases := []struct { + version string + deadline string + host *Host + out bool + }{ + {"", "", &Host{}, false}, + {"", "", hostWithRequirements, false}, + {"12.3", "", hostWithRequirements, false}, + {"", "12-03-2022", hostWithRequirements, false}, + {"12.3", "12-03-2022", &Host{}, false}, + {"12.3", "12-03-2022", hostWithRequirements, true}, + } + + for _, tc := range cases { + m := MacOSUpdates{ + MinimumVersion: optjson.SetString(tc.version), + Deadline: optjson.SetString(tc.deadline), + } + require.Equal(t, tc.out, m.EnabledForHost(tc.host)) + } +} + func TestSSOSettingsIsEmpty(t *testing.T) { require.True(t, (SSOProviderSettings{}).IsEmpty()) require.False(t, (SSOProviderSettings{EntityID: "fleet"}).IsEmpty()) diff --git a/server/service/integration_core_test.go b/server/service/integration_core_test.go index f29d850f3c..9924fc62b7 100644 --- a/server/service/integration_core_test.go +++ b/server/service/integration_core_test.go @@ -6611,6 +6611,7 @@ func createOrbitEnrolledHost(t *testing.T, os, suffix string, ds fleet.Datastore NodeKey: ptr.String(name), UUID: uuid.New().String(), Hostname: fmt.Sprintf("%s.local", name), + HardwareSerial: uuid.New().String(), Platform: os, }) require.NoError(t, err) diff --git a/server/service/integration_enterprise_test.go b/server/service/integration_enterprise_test.go index e61b1bf003..55dee6a7f9 100644 --- a/server/service/integration_enterprise_test.go +++ b/server/service/integration_enterprise_test.go @@ -2779,91 +2779,6 @@ func (s *integrationEnterpriseTestSuite) TestResetAutomation() { require.Len(s.T(), pfs, 1) } -func (s *integrationEnterpriseTestSuite) TestOrbitConfigNudgeSettings() { - t := s.T() - - // ensure the config is empty before starting - s.applyConfig([]byte(` - mdm: - macos_updates: - deadline: "" - minimum_version: "" - `)) - - var resp orbitGetConfigResponse - // missing orbit key - s.DoJSON("POST", "/api/fleet/orbit/config", nil, http.StatusUnauthorized, &resp) - - // nudge config is empty if macos_updates is not set, and Windows MDM notifications are unset - h := createOrbitEnrolledHost(t, "darwin", "h", s.ds) - resp = orbitGetConfigResponse{} - s.DoJSON("POST", "/api/fleet/orbit/config", json.RawMessage(fmt.Sprintf(`{"orbit_node_key": %q}`, *h.OrbitNodeKey)), http.StatusOK, &resp) - require.Empty(t, resp.NudgeConfig) - require.False(t, resp.Notifications.NeedsProgrammaticWindowsMDMEnrollment) - require.Empty(t, resp.Notifications.WindowsMDMDiscoveryEndpoint) - require.False(t, resp.Notifications.NeedsProgrammaticWindowsMDMUnenrollment) - - // set macos_updates - s.applyConfig([]byte(` - mdm: - macos_updates: - deadline: 2022-01-04 - minimum_version: 12.1.3 - `)) - - resp = orbitGetConfigResponse{} - s.DoJSON("POST", "/api/fleet/orbit/config", json.RawMessage(fmt.Sprintf(`{"orbit_node_key": %q}`, *h.OrbitNodeKey)), http.StatusOK, &resp) - wantCfg, err := fleet.NewNudgeConfig(fleet.MacOSUpdates{Deadline: optjson.SetString("2022-01-04"), MinimumVersion: optjson.SetString("12.1.3")}) - require.NoError(t, err) - require.Equal(t, wantCfg, resp.NudgeConfig) - require.Equal(t, wantCfg.OSVersionRequirements[0].RequiredInstallationDate.String(), "2022-01-04 04:00:00 +0000 UTC") - - // create a team with an empty macos_updates config - team, err := s.ds.NewTeam(context.Background(), &fleet.Team{ - ID: 4827, - Name: "team1_" + t.Name(), - Description: "desc team1_" + t.Name(), - }) - require.NoError(t, err) - - // add the host to the team - err = s.ds.AddHostsToTeam(context.Background(), &team.ID, []uint{h.ID}) - require.NoError(t, err) - - // NudgeConfig should be empty - resp = orbitGetConfigResponse{} - s.DoJSON("POST", "/api/fleet/orbit/config", json.RawMessage(fmt.Sprintf(`{"orbit_node_key": %q}`, *h.OrbitNodeKey)), http.StatusOK, &resp) - require.Empty(t, resp.NudgeConfig) - require.Equal(t, wantCfg.OSVersionRequirements[0].RequiredInstallationDate.String(), "2022-01-04 04:00:00 +0000 UTC") - - // modify the team config, add macos_updates config - var tmResp teamResponse - s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/%d", team.ID), fleet.TeamPayload{ - MDM: &fleet.TeamPayloadMDM{ - MacOSUpdates: &fleet.MacOSUpdates{ - Deadline: optjson.SetString("1992-01-01"), - MinimumVersion: optjson.SetString("13.1.1"), - }, - }, - }, http.StatusOK, &tmResp) - - resp = orbitGetConfigResponse{} - s.DoJSON("POST", "/api/fleet/orbit/config", json.RawMessage(fmt.Sprintf(`{"orbit_node_key": %q}`, *h.OrbitNodeKey)), http.StatusOK, &resp) - wantCfg, err = fleet.NewNudgeConfig(fleet.MacOSUpdates{Deadline: optjson.SetString("1992-01-01"), MinimumVersion: optjson.SetString("13.1.1")}) - require.NoError(t, err) - require.Equal(t, wantCfg, resp.NudgeConfig) - require.Equal(t, wantCfg.OSVersionRequirements[0].RequiredInstallationDate.String(), "1992-01-01 04:00:00 +0000 UTC") - - // create a new host, still receives the global config - h2 := createOrbitEnrolledHost(t, "darwin", "h2", s.ds) - resp = orbitGetConfigResponse{} - s.DoJSON("POST", "/api/fleet/orbit/config", json.RawMessage(fmt.Sprintf(`{"orbit_node_key": %q}`, *h2.OrbitNodeKey)), http.StatusOK, &resp) - wantCfg, err = fleet.NewNudgeConfig(fleet.MacOSUpdates{Deadline: optjson.SetString("2022-01-04"), MinimumVersion: optjson.SetString("12.1.3")}) - require.NoError(t, err) - require.Equal(t, wantCfg, resp.NudgeConfig) - require.Equal(t, wantCfg.OSVersionRequirements[0].RequiredInstallationDate.String(), "2022-01-04 04:00:00 +0000 UTC") -} - // allEqual compares all fields of a struct. // If a field is a pointer on one side but not on the other, then it follows that pointer. This is useful for optional // arguments. diff --git a/server/service/integration_mdm_test.go b/server/service/integration_mdm_test.go index 2924f7f992..29c0286765 100644 --- a/server/service/integration_mdm_test.go +++ b/server/service/integration_mdm_test.go @@ -26,6 +26,7 @@ import ( "github.com/fleetdm/fleet/v4/pkg/file" "github.com/fleetdm/fleet/v4/pkg/mdm/mdmtest" + "github.com/fleetdm/fleet/v4/pkg/optjson" "github.com/fleetdm/fleet/v4/server/config" "github.com/fleetdm/fleet/v4/server/datastore/mysql" "github.com/fleetdm/fleet/v4/server/datastore/redis/redistest" @@ -5348,6 +5349,116 @@ func (s *integrationMDMTestSuite) TestGetPoliciesRequestWithNotElegibleHost() { require.True(t, s.isXMLTagContentPresent("s:text", resSoapMsg)) } +func (s *integrationMDMTestSuite) TestOrbitConfigNudgeSettings() { + t := s.T() + + // ensure the config is empty before starting + s.applyConfig([]byte(` + mdm: + macos_updates: + deadline: "" + minimum_version: "" + `)) + + var resp orbitGetConfigResponse + // missing orbit key + s.DoJSON("POST", "/api/fleet/orbit/config", nil, http.StatusUnauthorized, &resp) + + // nudge config is empty if macos_updates is not set, and Windows MDM notifications are unset + h := createOrbitEnrolledHost(t, "darwin", "h", s.ds) + resp = orbitGetConfigResponse{} + s.DoJSON("POST", "/api/fleet/orbit/config", json.RawMessage(fmt.Sprintf(`{"orbit_node_key": %q}`, *h.OrbitNodeKey)), http.StatusOK, &resp) + require.Empty(t, resp.NudgeConfig) + require.False(t, resp.Notifications.NeedsProgrammaticWindowsMDMEnrollment) + require.Empty(t, resp.Notifications.WindowsMDMDiscoveryEndpoint) + require.False(t, resp.Notifications.NeedsProgrammaticWindowsMDMUnenrollment) + + // set macos_updates + s.applyConfig([]byte(` + mdm: + macos_updates: + deadline: 2022-01-04 + minimum_version: 12.1.3 + `)) + + // still empty if MDM is turned off for the host + resp = orbitGetConfigResponse{} + s.DoJSON("POST", "/api/fleet/orbit/config", json.RawMessage(fmt.Sprintf(`{"orbit_node_key": %q}`, *h.OrbitNodeKey)), http.StatusOK, &resp) + require.Empty(t, resp.NudgeConfig) + + // turn on MDM features + mdmDevice := mdmtest.NewTestMDMClientDirect(mdmtest.EnrollInfo{ + SCEPChallenge: s.fleetCfg.MDM.AppleSCEPChallenge, + SCEPURL: s.server.URL + apple_mdm.SCEPPath, + MDMURL: s.server.URL + apple_mdm.MDMPath, + }) + mdmDevice.SerialNumber = h.HardwareSerial + mdmDevice.UUID = h.UUID + err := mdmDevice.Enroll() + require.NoError(t, err) + + resp = orbitGetConfigResponse{} + s.DoJSON("POST", "/api/fleet/orbit/config", json.RawMessage(fmt.Sprintf(`{"orbit_node_key": %q}`, *h.OrbitNodeKey)), http.StatusOK, &resp) + wantCfg, err := fleet.NewNudgeConfig(fleet.MacOSUpdates{Deadline: optjson.SetString("2022-01-04"), MinimumVersion: optjson.SetString("12.1.3")}) + require.NoError(t, err) + require.Equal(t, wantCfg, resp.NudgeConfig) + require.Equal(t, wantCfg.OSVersionRequirements[0].RequiredInstallationDate.String(), "2022-01-04 04:00:00 +0000 UTC") + + // create a team with an empty macos_updates config + team, err := s.ds.NewTeam(context.Background(), &fleet.Team{ + ID: 4827, + Name: "team1_" + t.Name(), + Description: "desc team1_" + t.Name(), + }) + require.NoError(t, err) + + // add the host to the team + err = s.ds.AddHostsToTeam(context.Background(), &team.ID, []uint{h.ID}) + require.NoError(t, err) + + // NudgeConfig should be empty + resp = orbitGetConfigResponse{} + s.DoJSON("POST", "/api/fleet/orbit/config", json.RawMessage(fmt.Sprintf(`{"orbit_node_key": %q}`, *h.OrbitNodeKey)), http.StatusOK, &resp) + require.Empty(t, resp.NudgeConfig) + require.Equal(t, wantCfg.OSVersionRequirements[0].RequiredInstallationDate.String(), "2022-01-04 04:00:00 +0000 UTC") + + // modify the team config, add macos_updates config + var tmResp teamResponse + s.DoJSON("PATCH", fmt.Sprintf("/api/latest/fleet/teams/%d", team.ID), fleet.TeamPayload{ + MDM: &fleet.TeamPayloadMDM{ + MacOSUpdates: &fleet.MacOSUpdates{ + Deadline: optjson.SetString("1992-01-01"), + MinimumVersion: optjson.SetString("13.1.1"), + }, + }, + }, http.StatusOK, &tmResp) + + resp = orbitGetConfigResponse{} + s.DoJSON("POST", "/api/fleet/orbit/config", json.RawMessage(fmt.Sprintf(`{"orbit_node_key": %q}`, *h.OrbitNodeKey)), http.StatusOK, &resp) + wantCfg, err = fleet.NewNudgeConfig(fleet.MacOSUpdates{Deadline: optjson.SetString("1992-01-01"), MinimumVersion: optjson.SetString("13.1.1")}) + require.NoError(t, err) + require.Equal(t, wantCfg, resp.NudgeConfig) + require.Equal(t, wantCfg.OSVersionRequirements[0].RequiredInstallationDate.String(), "1992-01-01 04:00:00 +0000 UTC") + + // create a new host, still receives the global config + h2 := createOrbitEnrolledHost(t, "darwin", "h2", s.ds) + mdmDevice = mdmtest.NewTestMDMClientDirect(mdmtest.EnrollInfo{ + SCEPChallenge: s.fleetCfg.MDM.AppleSCEPChallenge, + SCEPURL: s.server.URL + apple_mdm.SCEPPath, + MDMURL: s.server.URL + apple_mdm.MDMPath, + }) + mdmDevice.SerialNumber = h2.HardwareSerial + mdmDevice.UUID = h2.UUID + err = mdmDevice.Enroll() + require.NoError(t, err) + resp = orbitGetConfigResponse{} + s.DoJSON("POST", "/api/fleet/orbit/config", json.RawMessage(fmt.Sprintf(`{"orbit_node_key": %q}`, *h2.OrbitNodeKey)), http.StatusOK, &resp) + wantCfg, err = fleet.NewNudgeConfig(fleet.MacOSUpdates{Deadline: optjson.SetString("2022-01-04"), MinimumVersion: optjson.SetString("12.1.3")}) + require.NoError(t, err) + require.Equal(t, wantCfg, resp.NudgeConfig) + require.Equal(t, wantCfg.OSVersionRequirements[0].RequiredInstallationDate.String(), "2022-01-04 04:00:00 +0000 UTC") +} + // /////////////////////////////////////////////////////////////////////////// // Common helpers diff --git a/server/service/orbit.go b/server/service/orbit.go index 0265a796d8..ba3ab00093 100644 --- a/server/service/orbit.go +++ b/server/service/orbit.go @@ -248,9 +248,9 @@ func (svc *Service) GetOrbitConfig(ctx context.Context) (fleet.OrbitConfig, erro } var nudgeConfig *fleet.NudgeConfig - if mdmConfig != nil && - mdmConfig.MacOSUpdates.Deadline.Value != "" && - mdmConfig.MacOSUpdates.MinimumVersion.Value != "" { + if appConfig.MDM.EnabledAndConfigured && + mdmConfig != nil && + mdmConfig.MacOSUpdates.EnabledForHost(host) { nudgeConfig, err = fleet.NewNudgeConfig(mdmConfig.MacOSUpdates) if err != nil { return fleet.OrbitConfig{Notifications: notifs}, err @@ -274,8 +274,8 @@ func (svc *Service) GetOrbitConfig(ctx context.Context) (fleet.OrbitConfig, erro } var nudgeConfig *fleet.NudgeConfig - if appConfig.MDM.MacOSUpdates.Deadline.Value != "" && - appConfig.MDM.MacOSUpdates.MinimumVersion.Value != "" { + if appConfig.MDM.EnabledAndConfigured && + appConfig.MDM.MacOSUpdates.EnabledForHost(host) { nudgeConfig, err = fleet.NewNudgeConfig(appConfig.MDM.MacOSUpdates) if err != nil { return fleet.OrbitConfig{Notifications: notifs}, err diff --git a/server/service/orbit_test.go b/server/service/orbit_test.go new file mode 100644 index 0000000000..84ff2ba4b5 --- /dev/null +++ b/server/service/orbit_test.go @@ -0,0 +1,187 @@ +package service + +import ( + "context" + "encoding/json" + "testing" + + "github.com/fleetdm/fleet/v4/pkg/optjson" + "github.com/fleetdm/fleet/v4/server/fleet" + "github.com/fleetdm/fleet/v4/server/mock" + "github.com/fleetdm/fleet/v4/server/ptr" + "github.com/fleetdm/fleet/v4/server/test" + "github.com/stretchr/testify/require" +) + +func TestGetOrbitConfigNudge(t *testing.T) { + t.Run("missing values in AppConfig", func(t *testing.T) { + ds := new(mock.Store) + license := &fleet.LicenseInfo{Tier: fleet.TierPremium} + svc, ctx := newTestService(t, ds, nil, nil, &TestServerOpts{License: license, SkipCreateTestUsers: true}) + appCfg := &fleet.AppConfig{MDM: fleet.MDM{EnabledAndConfigured: true}} + ds.AppConfigFunc = func(ctx context.Context) (*fleet.AppConfig, error) { + return appCfg, nil + } + ctx = test.HostContext(ctx, &fleet.Host{ + OsqueryHostID: ptr.String("test"), + MDMInfo: &fleet.HostMDM{ + IsServer: false, + InstalledFromDep: true, + Enrolled: true, + Name: fleet.WellKnownMDMFleet, + }}) + + cfg, err := svc.GetOrbitConfig(ctx) + require.NoError(t, err) + require.Empty(t, cfg.NudgeConfig) + require.True(t, ds.AppConfigFuncInvoked) + ds.AppConfigFuncInvoked = false + + appCfg.MDM.MacOSUpdates.Deadline = optjson.SetString("2022-04-01") + cfg, err = svc.GetOrbitConfig(ctx) + require.NoError(t, err) + require.Empty(t, cfg.NudgeConfig) + require.True(t, ds.AppConfigFuncInvoked) + ds.AppConfigFuncInvoked = false + + appCfg.MDM.MacOSUpdates.MinimumVersion = optjson.SetString("2022-04-01") + cfg, err = svc.GetOrbitConfig(ctx) + require.NoError(t, err) + require.NotEmpty(t, cfg.NudgeConfig) + require.True(t, ds.AppConfigFuncInvoked) + ds.AppConfigFuncInvoked = false + }) + + t.Run("missing values in TeamConfig", func(t *testing.T) { + ds := new(mock.Store) + license := &fleet.LicenseInfo{Tier: fleet.TierPremium} + svc, ctx := newTestService(t, ds, nil, nil, &TestServerOpts{License: license, SkipCreateTestUsers: true}) + appCfg := &fleet.AppConfig{MDM: fleet.MDM{EnabledAndConfigured: true}} + appCfg.MDM.MacOSUpdates.MinimumVersion = optjson.SetString("2022-04-01") + appCfg.MDM.MacOSUpdates.Deadline = optjson.SetString("2022-04-01") + ds.AppConfigFunc = func(ctx context.Context) (*fleet.AppConfig, error) { + return appCfg, nil + } + + team := fleet.Team{ID: 1} + teamMDM := fleet.TeamMDM{} + ds.TeamMDMConfigFunc = func(ctx context.Context, teamID uint) (*fleet.TeamMDM, error) { + require.Equal(t, team.ID, teamID) + return &teamMDM, nil + } + ds.TeamAgentOptionsFunc = func(ctx context.Context, id uint) (*json.RawMessage, error) { + return ptr.RawMessage(json.RawMessage(`{}`)), nil + } + + ctx = test.HostContext(ctx, &fleet.Host{ + OsqueryHostID: ptr.String("test"), + TeamID: ptr.Uint(team.ID), + MDMInfo: &fleet.HostMDM{ + IsServer: false, + InstalledFromDep: true, + Enrolled: true, + Name: fleet.WellKnownMDMFleet, + }}) + + cfg, err := svc.GetOrbitConfig(ctx) + require.NoError(t, err) + require.Empty(t, cfg.NudgeConfig) + require.True(t, ds.AppConfigFuncInvoked) + require.True(t, ds.TeamMDMConfigFuncInvoked) + ds.AppConfigFuncInvoked = false + ds.TeamMDMConfigFuncInvoked = false + + teamMDM.MacOSUpdates.Deadline = optjson.SetString("2022-04-01") + cfg, err = svc.GetOrbitConfig(ctx) + require.NoError(t, err) + require.Empty(t, cfg.NudgeConfig) + require.True(t, ds.AppConfigFuncInvoked) + require.True(t, ds.TeamMDMConfigFuncInvoked) + ds.AppConfigFuncInvoked = false + ds.TeamMDMConfigFuncInvoked = false + + teamMDM.MacOSUpdates.MinimumVersion = optjson.SetString("2022-04-01") + cfg, err = svc.GetOrbitConfig(ctx) + require.NoError(t, err) + require.NotEmpty(t, cfg.NudgeConfig) + require.True(t, ds.AppConfigFuncInvoked) + require.True(t, ds.TeamMDMConfigFuncInvoked) + ds.AppConfigFuncInvoked = false + ds.TeamMDMConfigFuncInvoked = false + }) + + t.Run("non-elegible MDM status", func(t *testing.T) { + ds := new(mock.Store) + license := &fleet.LicenseInfo{Tier: fleet.TierPremium} + svc, ctx := newTestService(t, ds, nil, nil, &TestServerOpts{License: license, SkipCreateTestUsers: true}) + appCfg := &fleet.AppConfig{MDM: fleet.MDM{EnabledAndConfigured: true}} + appCfg.MDM.MacOSUpdates.Deadline = optjson.SetString("2022-04-01") + appCfg.MDM.MacOSUpdates.MinimumVersion = optjson.SetString("2022-04-01") + ds.AppConfigFunc = func(ctx context.Context) (*fleet.AppConfig, error) { + return appCfg, nil + } + + team := fleet.Team{ID: 1} + teamMDM := fleet.TeamMDM{} + teamMDM.MacOSUpdates.Deadline = optjson.SetString("2022-04-01") + teamMDM.MacOSUpdates.MinimumVersion = optjson.SetString("12.1") + ds.TeamMDMConfigFunc = func(ctx context.Context, teamID uint) (*fleet.TeamMDM, error) { + require.Equal(t, team.ID, teamID) + return &teamMDM, nil + } + ds.TeamAgentOptionsFunc = func(ctx context.Context, id uint) (*json.RawMessage, error) { + return ptr.RawMessage(json.RawMessage(`{}`)), nil + } + + checkEmptyNudgeConfig := func(h *fleet.Host) { + ctx := test.HostContext(ctx, h) + cfg, err := svc.GetOrbitConfig(ctx) + require.NoError(t, err) + require.Empty(t, cfg.NudgeConfig) + require.True(t, ds.AppConfigFuncInvoked) + ds.AppConfigFuncInvoked = false + } + + checkHostVariations := func(h *fleet.Host) { + // host uses another MDM + h.MDMInfo.Name = fleet.WellKnownMDMIntune + checkEmptyNudgeConfig(h) + + // host has MDM turned off + h.MDMInfo.Name = fleet.WellKnownMDMFleet + h.MDMInfo.Enrolled = false + checkEmptyNudgeConfig(h) + + // host has MDM turned on but is not enrolled + h.MDMInfo.Enrolled = true + h.OsqueryHostID = nil + checkEmptyNudgeConfig(h) + + // mdminfo is nil + h.MDMInfo = nil + checkEmptyNudgeConfig(h) + } + + // global host + checkHostVariations(&fleet.Host{ + OsqueryHostID: ptr.String("test"), + MDMInfo: &fleet.HostMDM{ + IsServer: false, + InstalledFromDep: true, + Enrolled: true, + Name: fleet.WellKnownMDMFleet, + }}) + + // team host + checkHostVariations(&fleet.Host{ + OsqueryHostID: ptr.String("test"), + TeamID: ptr.Uint(team.ID), + MDMInfo: &fleet.HostMDM{ + IsServer: false, + InstalledFromDep: true, + Enrolled: true, + Name: fleet.WellKnownMDMFleet, + }}) + + }) +}