mirror of
https://github.com/fleetdm/fleet
synced 2026-05-23 17:08:53 +00:00
MABM: fix non-integrations skipped tests part 2 (#21805)
This commit is contained in:
Martin Angers
GitHub
parent
a1d05ade04
commit
73222541da
10 changed files with 108 additions and 69 deletions
|
|
@ -1843,13 +1843,13 @@ software:
|
|||
tokens: []*fleet.ABMToken{{OrganizationName: "Fleet Device Management Inc."}},
|
||||
dryRunAssertion: func(t *testing.T, appCfg *fleet.AppConfig, ds fleet.Datastore, out string, err error) {
|
||||
assert.NoError(t, err)
|
||||
assert.Empty(t, appCfg.MDM.AppleBussinessManager.Value)
|
||||
assert.Empty(t, appCfg.MDM.AppleBusinessManager.Value)
|
||||
assert.Empty(t, appCfg.MDM.DeprecatedAppleBMDefaultTeam)
|
||||
assert.Contains(t, out, "[!] gitops dry run succeeded")
|
||||
},
|
||||
realRunAssertion: func(t *testing.T, appCfg *fleet.AppConfig, ds fleet.Datastore, out string, err error) {
|
||||
assert.NoError(t, err)
|
||||
assert.Empty(t, appCfg.MDM.AppleBussinessManager.Value)
|
||||
assert.Empty(t, appCfg.MDM.AppleBusinessManager.Value)
|
||||
assert.Equal(t, appCfg.MDM.DeprecatedAppleBMDefaultTeam, "💻 Workstations")
|
||||
assert.Contains(t, out, "[!] gitops succeeded")
|
||||
},
|
||||
|
|
@ -1889,7 +1889,7 @@ software:
|
|||
},
|
||||
dryRunAssertion: func(t *testing.T, appCfg *fleet.AppConfig, ds fleet.Datastore, out string, err error) {
|
||||
assert.NoError(t, err)
|
||||
assert.Empty(t, appCfg.MDM.AppleBussinessManager.Value)
|
||||
assert.Empty(t, appCfg.MDM.AppleBusinessManager.Value)
|
||||
assert.Empty(t, appCfg.MDM.DeprecatedAppleBMDefaultTeam)
|
||||
assert.Contains(t, out, "[!] gitops dry run succeeded")
|
||||
},
|
||||
|
|
@ -1898,7 +1898,7 @@ software:
|
|||
assert.Empty(t, appCfg.MDM.DeprecatedAppleBMDefaultTeam)
|
||||
assert.ElementsMatch(
|
||||
t,
|
||||
appCfg.MDM.AppleBussinessManager.Value,
|
||||
appCfg.MDM.AppleBusinessManager.Value,
|
||||
[]fleet.MDMAppleABMAssignmentInfo{
|
||||
{
|
||||
OrganizationName: "Fleet Device Management Inc.",
|
||||
|
|
@ -1930,7 +1930,7 @@ software:
|
|||
},
|
||||
dryRunAssertion: func(t *testing.T, appCfg *fleet.AppConfig, ds fleet.Datastore, out string, err error) {
|
||||
assert.NoError(t, err)
|
||||
assert.Empty(t, appCfg.MDM.AppleBussinessManager.Value)
|
||||
assert.Empty(t, appCfg.MDM.AppleBusinessManager.Value)
|
||||
assert.Empty(t, appCfg.MDM.DeprecatedAppleBMDefaultTeam)
|
||||
assert.Contains(t, out, "[!] gitops dry run succeeded")
|
||||
},
|
||||
|
|
@ -1939,7 +1939,7 @@ software:
|
|||
assert.Empty(t, appCfg.MDM.DeprecatedAppleBMDefaultTeam)
|
||||
assert.ElementsMatch(
|
||||
t,
|
||||
appCfg.MDM.AppleBussinessManager.Value,
|
||||
appCfg.MDM.AppleBusinessManager.Value,
|
||||
[]fleet.MDMAppleABMAssignmentInfo{
|
||||
{
|
||||
OrganizationName: "Fleet Device Management Inc.",
|
||||
|
|
@ -2012,7 +2012,7 @@ software:
|
|||
},
|
||||
dryRunAssertion: func(t *testing.T, appCfg *fleet.AppConfig, ds fleet.Datastore, out string, err error) {
|
||||
assert.NoError(t, err)
|
||||
assert.Empty(t, appCfg.MDM.AppleBussinessManager.Value)
|
||||
assert.Empty(t, appCfg.MDM.AppleBusinessManager.Value)
|
||||
assert.Empty(t, appCfg.MDM.DeprecatedAppleBMDefaultTeam)
|
||||
assert.Contains(t, out, "[!] gitops dry run succeeded")
|
||||
},
|
||||
|
|
@ -2021,7 +2021,7 @@ software:
|
|||
assert.Empty(t, appCfg.MDM.DeprecatedAppleBMDefaultTeam)
|
||||
assert.ElementsMatch(
|
||||
t,
|
||||
appCfg.MDM.AppleBussinessManager.Value,
|
||||
appCfg.MDM.AppleBusinessManager.Value,
|
||||
[]fleet.MDMAppleABMAssignmentInfo{
|
||||
{
|
||||
OrganizationName: "Fleet Device Management Inc.",
|
||||
|
|
@ -2045,7 +2045,7 @@ software:
|
|||
},
|
||||
dryRunAssertion: func(t *testing.T, appCfg *fleet.AppConfig, ds fleet.Datastore, out string, err error) {
|
||||
assert.NoError(t, err)
|
||||
assert.Empty(t, appCfg.MDM.AppleBussinessManager.Value)
|
||||
assert.Empty(t, appCfg.MDM.AppleBusinessManager.Value)
|
||||
assert.Empty(t, appCfg.MDM.DeprecatedAppleBMDefaultTeam)
|
||||
assert.Contains(t, out, "[!] gitops dry run succeeded")
|
||||
},
|
||||
|
|
@ -2054,7 +2054,7 @@ software:
|
|||
assert.Empty(t, appCfg.MDM.DeprecatedAppleBMDefaultTeam)
|
||||
assert.ElementsMatch(
|
||||
t,
|
||||
appCfg.MDM.AppleBussinessManager.Value,
|
||||
appCfg.MDM.AppleBusinessManager.Value,
|
||||
[]fleet.MDMAppleABMAssignmentInfo{
|
||||
{
|
||||
OrganizationName: "Fleet Device Management Inc.",
|
||||
|
|
@ -2078,13 +2078,13 @@ software:
|
|||
tokens: []*fleet.ABMToken{{OrganizationName: "Fleet Device Management Inc."}},
|
||||
dryRunAssertion: func(t *testing.T, appCfg *fleet.AppConfig, ds fleet.Datastore, out string, err error) {
|
||||
assert.ErrorContains(t, err, "token with organization name Does not exist doesn't exist")
|
||||
assert.Empty(t, appCfg.MDM.AppleBussinessManager.Value)
|
||||
assert.Empty(t, appCfg.MDM.AppleBusinessManager.Value)
|
||||
assert.Empty(t, appCfg.MDM.DeprecatedAppleBMDefaultTeam)
|
||||
assert.NotContains(t, out, "[!] gitops dry run succeeded")
|
||||
},
|
||||
realRunAssertion: func(t *testing.T, appCfg *fleet.AppConfig, ds fleet.Datastore, out string, err error) {
|
||||
assert.ErrorContains(t, err, "token with organization name Does not exist doesn't exist")
|
||||
assert.Empty(t, appCfg.MDM.AppleBussinessManager.Value)
|
||||
assert.Empty(t, appCfg.MDM.AppleBusinessManager.Value)
|
||||
assert.Empty(t, appCfg.MDM.DeprecatedAppleBMDefaultTeam)
|
||||
assert.NotContains(t, out, "[!] gitops dry run succeeded")
|
||||
},
|
||||
|
|
|
|||
|
|
@ -142,9 +142,9 @@ type MDM struct {
|
|||
// Deprecated: use AppleBussinessManager instead
|
||||
DeprecatedAppleBMDefaultTeam string `json:"apple_bm_default_team,omitempty"`
|
||||
|
||||
// AppleBussinessManager defines the associations between ABM tokens
|
||||
// AppleBusinessManager defines the associations between ABM tokens
|
||||
// and the teams used to assign hosts when they're ingested from ABM.
|
||||
AppleBussinessManager optjson.Slice[MDMAppleABMAssignmentInfo] `json:"apple_business_manager"`
|
||||
AppleBusinessManager optjson.Slice[MDMAppleABMAssignmentInfo] `json:"apple_business_manager"`
|
||||
|
||||
// AppleBMEnabledAndConfigured is set to true if Fleet has been
|
||||
// configured with the required Apple BM key pair or token. It can't be set
|
||||
|
|
@ -635,12 +635,12 @@ func (c *AppConfig) Copy() *AppConfig {
|
|||
clone.MDM.WindowsSettings.CustomSettings = optjson.SetSlice(windowsSettings)
|
||||
}
|
||||
|
||||
if c.MDM.AppleBussinessManager.Set {
|
||||
abm := make([]MDMAppleABMAssignmentInfo, len(c.MDM.AppleBussinessManager.Value))
|
||||
for i, s := range c.MDM.AppleBussinessManager.Value {
|
||||
if c.MDM.AppleBusinessManager.Set {
|
||||
abm := make([]MDMAppleABMAssignmentInfo, len(c.MDM.AppleBusinessManager.Value))
|
||||
for i, s := range c.MDM.AppleBusinessManager.Value {
|
||||
abm[i] = s
|
||||
}
|
||||
clone.MDM.AppleBussinessManager = optjson.SetSlice(abm)
|
||||
clone.MDM.AppleBusinessManager = optjson.SetSlice(abm)
|
||||
|
||||
}
|
||||
|
||||
|
|
@ -878,7 +878,7 @@ func (c AppConfig) MarshalJSON() ([]byte, error) {
|
|||
if !c.MDM.MacOSSetup.EnableReleaseDeviceManually.Valid {
|
||||
c.MDM.MacOSSetup.EnableReleaseDeviceManually = optjson.SetBool(false)
|
||||
}
|
||||
if c.MDM.AppleBussinessManager.Set {
|
||||
if c.MDM.AppleBusinessManager.Set {
|
||||
c.MDM.DeprecatedAppleBMDefaultTeam = ""
|
||||
}
|
||||
type aliasConfig AppConfig
|
||||
|
|
|
|||
|
|
@ -32,8 +32,11 @@ type VPPApp struct {
|
|||
Name string `db:"name" json:"name"`
|
||||
// LatestVersion is the latest version of this app.
|
||||
LatestVersion string `db:"latest_version" json:"latest_version"`
|
||||
TeamID *uint `db:"-" json:"-"`
|
||||
TitleID uint `db:"title_id" json:"-"`
|
||||
// TeamID is used for authorization, it must be json serialized to be available
|
||||
// to the rego script. We don't set it outside authorization anyway, so it
|
||||
// won't render otherwise.
|
||||
TeamID *uint `db:"-" json:"team_id,omitempty"`
|
||||
TitleID uint `db:"title_id" json:"-"`
|
||||
|
||||
CreatedAt time.Time `db:"created_at" json:"-"`
|
||||
UpdatedAt time.Time `db:"updated_at" json:"-"`
|
||||
|
|
|
|||
|
|
@ -545,7 +545,7 @@ func (svc *Service) ModifyAppConfig(ctx context.Context, p []byte, applyOpts fle
|
|||
}
|
||||
}
|
||||
|
||||
if appConfig.MDM.AppleBussinessManager.Set || appConfig.MDM.DeprecatedAppleBMDefaultTeam != "" {
|
||||
if appConfig.MDM.AppleBusinessManager.Set || appConfig.MDM.DeprecatedAppleBMDefaultTeam != "" {
|
||||
for _, tok := range abmAssignments {
|
||||
if err := svc.ds.SaveABMToken(ctx, tok); err != nil {
|
||||
return nil, ctxerr.Wrap(ctx, err, "saving ABM token assignments")
|
||||
|
|
@ -970,7 +970,7 @@ func (svc *Service) validateABMAssignments(
|
|||
invalid *fleet.InvalidArgumentError,
|
||||
license *fleet.LicenseInfo,
|
||||
) ([]*fleet.ABMToken, error) {
|
||||
if mdm.DeprecatedAppleBMDefaultTeam != "" && mdm.AppleBussinessManager.Set && mdm.AppleBussinessManager.Valid {
|
||||
if mdm.DeprecatedAppleBMDefaultTeam != "" && mdm.AppleBusinessManager.Set && mdm.AppleBusinessManager.Valid {
|
||||
invalid.Append("mdm.apple_bm_default_team", fleet.AppleABMDefaultTeamDeprecatedMessage)
|
||||
return nil, nil
|
||||
}
|
||||
|
|
@ -1008,7 +1008,7 @@ func (svc *Service) validateABMAssignments(
|
|||
return []*fleet.ABMToken{tok}, nil
|
||||
}
|
||||
|
||||
if mdm.AppleBussinessManager.Set && mdm.AppleBussinessManager.Valid {
|
||||
if mdm.AppleBusinessManager.Set && mdm.AppleBusinessManager.Valid {
|
||||
if !license.IsPremium() {
|
||||
invalid.Append("mdm.apple_business_manager", ErrMissingLicense.Error())
|
||||
return nil, nil
|
||||
|
|
@ -1040,7 +1040,7 @@ func (svc *Service) validateABMAssignments(
|
|||
}
|
||||
|
||||
var tokensToSave []*fleet.ABMToken
|
||||
for _, bm := range mdm.AppleBussinessManager.Value {
|
||||
for _, bm := range mdm.AppleBusinessManager.Value {
|
||||
for _, tmName := range []string{bm.MacOSTeam, bm.IOSTeam, bm.IpadOSTeam} {
|
||||
if _, ok := teamsByName[norm.NFC.String(tmName)]; !ok {
|
||||
invalid.Appendf("mdm.apple_business_manager", "team %s doesn't exist", tmName)
|
||||
|
|
|
|||
|
|
@ -827,8 +827,6 @@ func TestTransparencyURLDowngradeLicense(t *testing.T) {
|
|||
}
|
||||
|
||||
func TestMDMAppleConfig(t *testing.T) {
|
||||
// FIXME
|
||||
t.Skip()
|
||||
ds := new(mock.Store)
|
||||
depStorage := new(nanodep_mock.Storage)
|
||||
|
||||
|
|
@ -860,11 +858,13 @@ func TestMDMAppleConfig(t *testing.T) {
|
|||
name: "nochange",
|
||||
licenseTier: "free",
|
||||
expectedMDM: fleet.MDM{
|
||||
MacOSSetup: fleet.MacOSSetup{BootstrapPackage: optjson.String{Set: true}, MacOSSetupAssistant: optjson.String{Set: true}, EnableReleaseDeviceManually: optjson.SetBool(false)},
|
||||
MacOSUpdates: fleet.AppleOSUpdateSettings{MinimumVersion: optjson.String{Set: true}, Deadline: optjson.String{Set: true}},
|
||||
IOSUpdates: fleet.AppleOSUpdateSettings{MinimumVersion: optjson.String{Set: true}, Deadline: optjson.String{Set: true}},
|
||||
IPadOSUpdates: fleet.AppleOSUpdateSettings{MinimumVersion: optjson.String{Set: true}, Deadline: optjson.String{Set: true}},
|
||||
WindowsUpdates: fleet.WindowsUpdates{DeadlineDays: optjson.Int{Set: true}, GracePeriodDays: optjson.Int{Set: true}},
|
||||
AppleBusinessManager: optjson.Slice[fleet.MDMAppleABMAssignmentInfo]{Set: true, Value: []fleet.MDMAppleABMAssignmentInfo{}},
|
||||
MacOSSetup: fleet.MacOSSetup{BootstrapPackage: optjson.String{Set: true}, MacOSSetupAssistant: optjson.String{Set: true}, EnableReleaseDeviceManually: optjson.SetBool(false)},
|
||||
MacOSUpdates: fleet.AppleOSUpdateSettings{MinimumVersion: optjson.String{Set: true}, Deadline: optjson.String{Set: true}},
|
||||
IOSUpdates: fleet.AppleOSUpdateSettings{MinimumVersion: optjson.String{Set: true}, Deadline: optjson.String{Set: true}},
|
||||
IPadOSUpdates: fleet.AppleOSUpdateSettings{MinimumVersion: optjson.String{Set: true}, Deadline: optjson.String{Set: true}},
|
||||
VolumePurchasingProgram: optjson.Slice[fleet.MDMAppleVolumePurchasingProgramInfo]{Set: true, Value: []fleet.MDMAppleVolumePurchasingProgramInfo{}},
|
||||
WindowsUpdates: fleet.WindowsUpdates{DeadlineDays: optjson.Int{Set: true}, GracePeriodDays: optjson.Int{Set: true}},
|
||||
WindowsSettings: fleet.WindowsSettings{
|
||||
CustomSettings: optjson.Slice[fleet.MDMProfileSpec]{Set: true, Value: []fleet.MDMProfileSpec{}},
|
||||
},
|
||||
|
|
@ -891,11 +891,13 @@ func TestMDMAppleConfig(t *testing.T) {
|
|||
findTeam: true,
|
||||
newMDM: fleet.MDM{DeprecatedAppleBMDefaultTeam: "foobar"},
|
||||
expectedMDM: fleet.MDM{
|
||||
AppleBusinessManager: optjson.Slice[fleet.MDMAppleABMAssignmentInfo]{Set: true, Value: []fleet.MDMAppleABMAssignmentInfo{}},
|
||||
DeprecatedAppleBMDefaultTeam: "foobar",
|
||||
MacOSSetup: fleet.MacOSSetup{BootstrapPackage: optjson.String{Set: true}, MacOSSetupAssistant: optjson.String{Set: true}, EnableReleaseDeviceManually: optjson.SetBool(false)},
|
||||
MacOSUpdates: fleet.AppleOSUpdateSettings{MinimumVersion: optjson.String{Set: true}, Deadline: optjson.String{Set: true}},
|
||||
IOSUpdates: fleet.AppleOSUpdateSettings{MinimumVersion: optjson.String{Set: true}, Deadline: optjson.String{Set: true}},
|
||||
IPadOSUpdates: fleet.AppleOSUpdateSettings{MinimumVersion: optjson.String{Set: true}, Deadline: optjson.String{Set: true}},
|
||||
VolumePurchasingProgram: optjson.Slice[fleet.MDMAppleVolumePurchasingProgramInfo]{Set: true, Value: []fleet.MDMAppleVolumePurchasingProgramInfo{}},
|
||||
WindowsUpdates: fleet.WindowsUpdates{DeadlineDays: optjson.Int{Set: true}, GracePeriodDays: optjson.Int{Set: true}},
|
||||
WindowsSettings: fleet.WindowsSettings{
|
||||
CustomSettings: optjson.Slice[fleet.MDMProfileSpec]{Set: true, Value: []fleet.MDMProfileSpec{}},
|
||||
|
|
@ -908,11 +910,13 @@ func TestMDMAppleConfig(t *testing.T) {
|
|||
oldMDM: fleet.MDM{DeprecatedAppleBMDefaultTeam: "bar"},
|
||||
newMDM: fleet.MDM{DeprecatedAppleBMDefaultTeam: "foobar"},
|
||||
expectedMDM: fleet.MDM{
|
||||
AppleBusinessManager: optjson.Slice[fleet.MDMAppleABMAssignmentInfo]{Set: true, Value: []fleet.MDMAppleABMAssignmentInfo{}},
|
||||
DeprecatedAppleBMDefaultTeam: "foobar",
|
||||
MacOSSetup: fleet.MacOSSetup{BootstrapPackage: optjson.String{Set: true}, MacOSSetupAssistant: optjson.String{Set: true}, EnableReleaseDeviceManually: optjson.SetBool(false)},
|
||||
MacOSUpdates: fleet.AppleOSUpdateSettings{MinimumVersion: optjson.String{Set: true}, Deadline: optjson.String{Set: true}},
|
||||
IOSUpdates: fleet.AppleOSUpdateSettings{MinimumVersion: optjson.String{Set: true}, Deadline: optjson.String{Set: true}},
|
||||
IPadOSUpdates: fleet.AppleOSUpdateSettings{MinimumVersion: optjson.String{Set: true}, Deadline: optjson.String{Set: true}},
|
||||
VolumePurchasingProgram: optjson.Slice[fleet.MDMAppleVolumePurchasingProgramInfo]{Set: true, Value: []fleet.MDMAppleVolumePurchasingProgramInfo{}},
|
||||
WindowsUpdates: fleet.WindowsUpdates{DeadlineDays: optjson.Int{Set: true}, GracePeriodDays: optjson.Int{Set: true}},
|
||||
WindowsSettings: fleet.WindowsSettings{
|
||||
CustomSettings: optjson.Slice[fleet.MDMProfileSpec]{Set: true, Value: []fleet.MDMProfileSpec{}},
|
||||
|
|
@ -931,12 +935,14 @@ func TestMDMAppleConfig(t *testing.T) {
|
|||
newMDM: fleet.MDM{EndUserAuthentication: fleet.MDMEndUserAuthentication{SSOProviderSettings: fleet.SSOProviderSettings{EntityID: "foo"}}},
|
||||
oldMDM: fleet.MDM{EndUserAuthentication: fleet.MDMEndUserAuthentication{SSOProviderSettings: fleet.SSOProviderSettings{EntityID: "foo"}}},
|
||||
expectedMDM: fleet.MDM{
|
||||
EndUserAuthentication: fleet.MDMEndUserAuthentication{SSOProviderSettings: fleet.SSOProviderSettings{EntityID: "foo"}},
|
||||
MacOSSetup: fleet.MacOSSetup{BootstrapPackage: optjson.String{Set: true}, MacOSSetupAssistant: optjson.String{Set: true}, EnableReleaseDeviceManually: optjson.SetBool(false)},
|
||||
MacOSUpdates: fleet.AppleOSUpdateSettings{MinimumVersion: optjson.String{Set: true}, Deadline: optjson.String{Set: true}},
|
||||
IOSUpdates: fleet.AppleOSUpdateSettings{MinimumVersion: optjson.String{Set: true}, Deadline: optjson.String{Set: true}},
|
||||
IPadOSUpdates: fleet.AppleOSUpdateSettings{MinimumVersion: optjson.String{Set: true}, Deadline: optjson.String{Set: true}},
|
||||
WindowsUpdates: fleet.WindowsUpdates{DeadlineDays: optjson.Int{Set: true}, GracePeriodDays: optjson.Int{Set: true}},
|
||||
AppleBusinessManager: optjson.Slice[fleet.MDMAppleABMAssignmentInfo]{Set: true, Value: []fleet.MDMAppleABMAssignmentInfo{}},
|
||||
EndUserAuthentication: fleet.MDMEndUserAuthentication{SSOProviderSettings: fleet.SSOProviderSettings{EntityID: "foo"}},
|
||||
MacOSSetup: fleet.MacOSSetup{BootstrapPackage: optjson.String{Set: true}, MacOSSetupAssistant: optjson.String{Set: true}, EnableReleaseDeviceManually: optjson.SetBool(false)},
|
||||
MacOSUpdates: fleet.AppleOSUpdateSettings{MinimumVersion: optjson.String{Set: true}, Deadline: optjson.String{Set: true}},
|
||||
IOSUpdates: fleet.AppleOSUpdateSettings{MinimumVersion: optjson.String{Set: true}, Deadline: optjson.String{Set: true}},
|
||||
IPadOSUpdates: fleet.AppleOSUpdateSettings{MinimumVersion: optjson.String{Set: true}, Deadline: optjson.String{Set: true}},
|
||||
VolumePurchasingProgram: optjson.Slice[fleet.MDMAppleVolumePurchasingProgramInfo]{Set: true, Value: []fleet.MDMAppleVolumePurchasingProgramInfo{}},
|
||||
WindowsUpdates: fleet.WindowsUpdates{DeadlineDays: optjson.Int{Set: true}, GracePeriodDays: optjson.Int{Set: true}},
|
||||
WindowsSettings: fleet.WindowsSettings{
|
||||
CustomSettings: optjson.Slice[fleet.MDMProfileSpec]{Set: true, Value: []fleet.MDMProfileSpec{}},
|
||||
},
|
||||
|
|
@ -952,17 +958,19 @@ func TestMDMAppleConfig(t *testing.T) {
|
|||
IDPName: "onelogin",
|
||||
}}},
|
||||
expectedMDM: fleet.MDM{
|
||||
AppleBusinessManager: optjson.Slice[fleet.MDMAppleABMAssignmentInfo]{Set: true, Value: []fleet.MDMAppleABMAssignmentInfo{}},
|
||||
EndUserAuthentication: fleet.MDMEndUserAuthentication{SSOProviderSettings: fleet.SSOProviderSettings{
|
||||
EntityID: "fleet",
|
||||
IssuerURI: "http://issuer.idp.com",
|
||||
MetadataURL: "http://isser.metadata.com",
|
||||
IDPName: "onelogin",
|
||||
}},
|
||||
MacOSSetup: fleet.MacOSSetup{BootstrapPackage: optjson.String{Set: true}, MacOSSetupAssistant: optjson.String{Set: true}, EnableReleaseDeviceManually: optjson.SetBool(false)},
|
||||
MacOSUpdates: fleet.AppleOSUpdateSettings{MinimumVersion: optjson.String{Set: true}, Deadline: optjson.String{Set: true}},
|
||||
IOSUpdates: fleet.AppleOSUpdateSettings{MinimumVersion: optjson.String{Set: true}, Deadline: optjson.String{Set: true}},
|
||||
IPadOSUpdates: fleet.AppleOSUpdateSettings{MinimumVersion: optjson.String{Set: true}, Deadline: optjson.String{Set: true}},
|
||||
WindowsUpdates: fleet.WindowsUpdates{DeadlineDays: optjson.Int{Set: true}, GracePeriodDays: optjson.Int{Set: true}},
|
||||
MacOSSetup: fleet.MacOSSetup{BootstrapPackage: optjson.String{Set: true}, MacOSSetupAssistant: optjson.String{Set: true}, EnableReleaseDeviceManually: optjson.SetBool(false)},
|
||||
MacOSUpdates: fleet.AppleOSUpdateSettings{MinimumVersion: optjson.String{Set: true}, Deadline: optjson.String{Set: true}},
|
||||
IOSUpdates: fleet.AppleOSUpdateSettings{MinimumVersion: optjson.String{Set: true}, Deadline: optjson.String{Set: true}},
|
||||
IPadOSUpdates: fleet.AppleOSUpdateSettings{MinimumVersion: optjson.String{Set: true}, Deadline: optjson.String{Set: true}},
|
||||
VolumePurchasingProgram: optjson.Slice[fleet.MDMAppleVolumePurchasingProgramInfo]{Set: true, Value: []fleet.MDMAppleVolumePurchasingProgramInfo{}},
|
||||
WindowsUpdates: fleet.WindowsUpdates{DeadlineDays: optjson.Int{Set: true}, GracePeriodDays: optjson.Int{Set: true}},
|
||||
WindowsSettings: fleet.WindowsSettings{
|
||||
CustomSettings: optjson.Slice[fleet.MDMProfileSpec]{Set: true, Value: []fleet.MDMProfileSpec{}},
|
||||
},
|
||||
|
|
@ -1017,12 +1025,14 @@ func TestMDMAppleConfig(t *testing.T) {
|
|||
EnableDiskEncryption: optjson.SetBool(false),
|
||||
},
|
||||
expectedMDM: fleet.MDM{
|
||||
EnableDiskEncryption: optjson.Bool{Set: true, Valid: true, Value: false},
|
||||
MacOSSetup: fleet.MacOSSetup{BootstrapPackage: optjson.String{Set: true}, MacOSSetupAssistant: optjson.String{Set: true}, EnableReleaseDeviceManually: optjson.SetBool(false)},
|
||||
MacOSUpdates: fleet.AppleOSUpdateSettings{MinimumVersion: optjson.String{Set: true}, Deadline: optjson.String{Set: true}},
|
||||
IOSUpdates: fleet.AppleOSUpdateSettings{MinimumVersion: optjson.String{Set: true}, Deadline: optjson.String{Set: true}},
|
||||
IPadOSUpdates: fleet.AppleOSUpdateSettings{MinimumVersion: optjson.String{Set: true}, Deadline: optjson.String{Set: true}},
|
||||
WindowsUpdates: fleet.WindowsUpdates{DeadlineDays: optjson.Int{Set: true}, GracePeriodDays: optjson.Int{Set: true}},
|
||||
AppleBusinessManager: optjson.Slice[fleet.MDMAppleABMAssignmentInfo]{Set: true, Value: []fleet.MDMAppleABMAssignmentInfo{}},
|
||||
EnableDiskEncryption: optjson.Bool{Set: true, Valid: true, Value: false},
|
||||
MacOSSetup: fleet.MacOSSetup{BootstrapPackage: optjson.String{Set: true}, MacOSSetupAssistant: optjson.String{Set: true}, EnableReleaseDeviceManually: optjson.SetBool(false)},
|
||||
MacOSUpdates: fleet.AppleOSUpdateSettings{MinimumVersion: optjson.String{Set: true}, Deadline: optjson.String{Set: true}},
|
||||
IOSUpdates: fleet.AppleOSUpdateSettings{MinimumVersion: optjson.String{Set: true}, Deadline: optjson.String{Set: true}},
|
||||
IPadOSUpdates: fleet.AppleOSUpdateSettings{MinimumVersion: optjson.String{Set: true}, Deadline: optjson.String{Set: true}},
|
||||
VolumePurchasingProgram: optjson.Slice[fleet.MDMAppleVolumePurchasingProgramInfo]{Set: true, Value: []fleet.MDMAppleVolumePurchasingProgramInfo{}},
|
||||
WindowsUpdates: fleet.WindowsUpdates{DeadlineDays: optjson.Int{Set: true}, GracePeriodDays: optjson.Int{Set: true}},
|
||||
WindowsSettings: fleet.WindowsSettings{
|
||||
CustomSettings: optjson.Slice[fleet.MDMProfileSpec]{Set: true, Value: []fleet.MDMProfileSpec{}},
|
||||
},
|
||||
|
|
@ -1065,6 +1075,12 @@ func TestMDMAppleConfig(t *testing.T) {
|
|||
ds.NewJobFunc = func(ctx context.Context, job *fleet.Job) (*fleet.Job, error) {
|
||||
return job, nil
|
||||
}
|
||||
ds.ListABMTokensFunc = func(ctx context.Context) ([]*fleet.ABMToken, error) {
|
||||
return []*fleet.ABMToken{{ID: 1}}, nil
|
||||
}
|
||||
ds.SaveABMTokenFunc = func(ctx context.Context, token *fleet.ABMToken) error {
|
||||
return nil
|
||||
}
|
||||
depStorage.RetrieveConfigFunc = func(p0 context.Context, p1 string) (*nanodep_client.Config, error) {
|
||||
return &nanodep_client.Config{BaseURL: depSrv.URL}, nil
|
||||
}
|
||||
|
|
|
|||
|
|
@ -448,9 +448,12 @@ var pathReplacer = strings.NewReplacer(
|
|||
"}", "_",
|
||||
)
|
||||
|
||||
func getNameFromPathAndVerb(verb, path string) string {
|
||||
return strings.ToLower(verb) + "_" +
|
||||
pathReplacer.Replace(strings.TrimPrefix(strings.TrimRight(path, "/"), "/api/_version_/fleet/"))
|
||||
func getNameFromPathAndVerb(verb, path, startAt string) string {
|
||||
prefix := strings.ToLower(verb) + "_"
|
||||
if startAt != "" {
|
||||
prefix += pathReplacer.Replace(startAt) + "_"
|
||||
}
|
||||
return prefix + pathReplacer.Replace(strings.TrimPrefix(strings.TrimRight(path, "/"), "/api/_version_/fleet/"))
|
||||
}
|
||||
|
||||
func capabilitiesResponseFunc(capabilities fleet.CapabilityMap) kithttp.ServerOption {
|
||||
|
|
@ -560,14 +563,14 @@ func (e *authEndpointer) handlePathHandler(path string, pathHandler func(path st
|
|||
}
|
||||
|
||||
versionedPath := strings.Replace(path, "/_version_/", fmt.Sprintf("/{fleetversion:(?:%s)}/", strings.Join(versions, "|")), 1)
|
||||
nameAndVerb := getNameFromPathAndVerb(verb, path)
|
||||
nameAndVerb := getNameFromPathAndVerb(verb, path, e.startingAtVersion)
|
||||
if e.usePathPrefix {
|
||||
e.r.PathPrefix(versionedPath).Handler(pathHandler(versionedPath)).Name(nameAndVerb).Methods(verb)
|
||||
} else {
|
||||
e.r.Handle(versionedPath, pathHandler(versionedPath)).Name(nameAndVerb).Methods(verb)
|
||||
}
|
||||
for _, alias := range e.alternativePaths {
|
||||
nameAndVerb := getNameFromPathAndVerb(verb, alias)
|
||||
nameAndVerb := getNameFromPathAndVerb(verb, alias, e.startingAtVersion)
|
||||
versionedPath := strings.Replace(alias, "/_version_/", fmt.Sprintf("/{fleetversion:(?:%s)}/", strings.Join(versions, "|")), 1)
|
||||
if e.usePathPrefix {
|
||||
e.r.PathPrefix(versionedPath).Handler(pathHandler(versionedPath)).Name(nameAndVerb).Methods(verb)
|
||||
|
|
|
|||
|
|
@ -76,7 +76,6 @@ func TestAPIRoutesConflicts(t *testing.T) {
|
|||
}
|
||||
|
||||
func TestAPIRoutesMetrics(t *testing.T) {
|
||||
t.Skip()
|
||||
ds := new(mock.Store)
|
||||
|
||||
svc, _ := newTestService(t, ds, nil, nil)
|
||||
|
|
@ -108,7 +107,8 @@ func TestAPIRoutesMetrics(t *testing.T) {
|
|||
routeNames := make(map[string]bool)
|
||||
err = router.Walk(func(route *mux.Route, _ *mux.Router, _ []*mux.Route) error {
|
||||
if _, ok := routeNames[route.GetName()]; ok {
|
||||
t.Errorf("duplicate route name: %s", route.GetName())
|
||||
path, _ := route.GetPathTemplate()
|
||||
t.Errorf("duplicate route name: %s (%s)", route.GetName(), path)
|
||||
}
|
||||
routeNames[route.GetName()] = true
|
||||
return nil
|
||||
|
|
@ -194,7 +194,7 @@ func TestAPIRoutesMetrics(t *testing.T) {
|
|||
"go_memstats_alloc_bytes_total": 1,
|
||||
"go_memstats_buck_hash_sys_bytes": 1,
|
||||
"go_memstats_frees_total": 1,
|
||||
"go_memstats_gc_cpu_fraction": 1,
|
||||
"go_memstats_gc_cpu_fraction": 0, // does not appear to be reported anymore
|
||||
"go_memstats_gc_sys_bytes": 1,
|
||||
"go_memstats_heap_alloc_bytes": 1,
|
||||
"go_memstats_heap_idle_bytes": 1,
|
||||
|
|
|
|||
|
|
@ -70,8 +70,6 @@ func TestGetMDMApple(t *testing.T) {
|
|||
}
|
||||
|
||||
func TestMDMAppleAuthorization(t *testing.T) {
|
||||
// FIXME
|
||||
t.Skip()
|
||||
ds := new(mock.Store)
|
||||
license := &fleet.LicenseInfo{Tier: fleet.TierPremium}
|
||||
|
||||
|
|
@ -125,6 +123,16 @@ func TestMDMAppleAuthorization(t *testing.T) {
|
|||
return nil
|
||||
}
|
||||
|
||||
ds.ListABMTokensFunc = func(ctx context.Context) ([]*fleet.ABMToken, error) {
|
||||
return nil, nil
|
||||
}
|
||||
ds.ListVPPTokensFunc = func(ctx context.Context) ([]*fleet.VPPTokenDB, error) {
|
||||
return nil, nil
|
||||
}
|
||||
ds.GetVPPTokenFunc = func(ctx context.Context, id uint) (*fleet.VPPTokenDB, error) {
|
||||
return nil, ¬FoundErr{}
|
||||
}
|
||||
|
||||
ds.DeleteMDMConfigAssetsByNameFunc = func(ctx context.Context, assetNames []fleet.MDMAssetName) error { return nil }
|
||||
|
||||
// use a custom implementation of checkAuthErr as the service call will fail
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ import (
|
|||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/fleetdm/fleet/v4/server/authz"
|
||||
"github.com/fleetdm/fleet/v4/server/contexts/viewer"
|
||||
"github.com/fleetdm/fleet/v4/server/fleet"
|
||||
"github.com/fleetdm/fleet/v4/server/mock"
|
||||
|
|
@ -14,13 +15,24 @@ import (
|
|||
)
|
||||
|
||||
func TestVPPAuth(t *testing.T) {
|
||||
t.Skip()
|
||||
ds := new(mock.Store)
|
||||
|
||||
license := &fleet.LicenseInfo{Tier: fleet.TierPremium, Expiration: time.Now().Add(24 * time.Hour)}
|
||||
|
||||
svc, ctx := newTestService(t, ds, nil, nil, &TestServerOpts{License: license})
|
||||
|
||||
// use a custom implementation of checkAuthErr as the service call will fail
|
||||
// with a different error for in case of authorization success and the
|
||||
// package-wide checkAuthErr requires no error.
|
||||
checkAuthErr := func(t *testing.T, shouldFail bool, err error) {
|
||||
if shouldFail {
|
||||
require.Error(t, err)
|
||||
require.Equal(t, (&authz.Forbidden{}).Error(), err.Error())
|
||||
} else if err != nil {
|
||||
require.NotEqual(t, (&authz.Forbidden{}).Error(), err.Error())
|
||||
}
|
||||
}
|
||||
|
||||
testCases := []struct {
|
||||
name string
|
||||
user *fleet.User
|
||||
|
|
@ -64,14 +76,15 @@ func TestVPPAuth(t *testing.T) {
|
|||
ds.TeamExistsFunc = func(ctx context.Context, teamID uint) (bool, error) {
|
||||
return false, nil
|
||||
}
|
||||
|
||||
ds.GetAllMDMConfigAssetsByNameFunc = func(ctx context.Context, assetNames []fleet.MDMAssetName) (map[fleet.MDMAssetName]fleet.MDMConfigAsset, error) {
|
||||
return map[fleet.MDMAssetName]fleet.MDMConfigAsset{}, nil
|
||||
}
|
||||
|
||||
ds.TeamFunc = func(ctx context.Context, tid uint) (*fleet.Team, error) {
|
||||
return &fleet.Team{ID: 1}, nil
|
||||
}
|
||||
ds.GetVPPTokenByTeamIDFunc = func(ctx context.Context, teamID *uint) (*fleet.VPPTokenDB, error) {
|
||||
return &fleet.VPPTokenDB{ID: 1, OrgName: "org", Teams: []fleet.TeamTuple{{ID: 1}}}, nil
|
||||
}
|
||||
|
||||
// Note: these calls always return an error because they're attempting to unmarshal a
|
||||
// non-existent VPP token.
|
||||
|
|
@ -79,18 +92,14 @@ func TestVPPAuth(t *testing.T) {
|
|||
if tt.teamID == nil {
|
||||
require.Error(t, err)
|
||||
} else {
|
||||
if tt.shouldFailRead {
|
||||
checkAuthErr(t, true, err)
|
||||
}
|
||||
checkAuthErr(t, tt.shouldFailRead, err)
|
||||
}
|
||||
|
||||
err = svc.AddAppStoreApp(ctx, tt.teamID, fleet.VPPAppTeam{VPPAppID: fleet.VPPAppID{AdamID: "123", Platform: fleet.IOSPlatform}})
|
||||
if tt.teamID == nil {
|
||||
require.Error(t, err)
|
||||
} else {
|
||||
if tt.shouldFailWrite {
|
||||
checkAuthErr(t, true, err)
|
||||
}
|
||||
checkAuthErr(t, tt.shouldFailWrite, err)
|
||||
}
|
||||
})
|
||||
}
|
||||
|
|
|
|||
|
|
@ -97,7 +97,7 @@ github.com/fleetdm/fleet/v4/server/fleet/GoogleCalendarIntegration Domain string
|
|||
github.com/fleetdm/fleet/v4/server/fleet/GoogleCalendarIntegration ApiKey map[string]string
|
||||
github.com/fleetdm/fleet/v4/server/fleet/AppConfig MDM fleet.MDM
|
||||
github.com/fleetdm/fleet/v4/server/fleet/MDM DeprecatedAppleBMDefaultTeam string
|
||||
github.com/fleetdm/fleet/v4/server/fleet/MDM AppleBussinessManager optjson.Slice[github.com/fleetdm/fleet/v4/server/fleet.MDMAppleABMAssignmentInfo]
|
||||
github.com/fleetdm/fleet/v4/server/fleet/MDM AppleBusinessManager optjson.Slice[github.com/fleetdm/fleet/v4/server/fleet.MDMAppleABMAssignmentInfo]
|
||||
github.com/fleetdm/fleet/v4/pkg/optjson/Slice[github.com/fleetdm/fleet/v4/server/fleet.MDMAppleABMAssignmentInfo] Set bool
|
||||
github.com/fleetdm/fleet/v4/pkg/optjson/Slice[github.com/fleetdm/fleet/v4/server/fleet.MDMAppleABMAssignmentInfo] Valid bool
|
||||
github.com/fleetdm/fleet/v4/pkg/optjson/Slice[github.com/fleetdm/fleet/v4/server/fleet.MDMAppleABMAssignmentInfo] Value []fleet.MDMAppleABMAssignmentInfo
|
||||
|
|
|
|||
Loading…
Reference in a new issue