fleet

Elgato_dark/fleet

Fork 0

mirror of https://github.com/fleetdm/fleet synced 2026-05-24 09:28:54 +00:00

Commit graph

Author	SHA1	Message	Date
Sharon Katz	0810d7a999	Allow saving policies with invalid SQL (#38348 ) (#43952 ) <!--- Add the related story/sub-task/bug number, like Resolves #123, or remove if NA --> Related issue: Resolves #38348 ## What this PR does On the Policies create and edit pages, the "Save" button was getting disabled whenever Fleet's SQL parser flagged the query as having a syntax error. That was a problem because Fleet's parser has gaps -- plenty of valid osquery SQL gets flagged as "invalid", which blocked admins from saving perfectly good custom queries. This PR changes the Save button behavior on the Policies form to match what Reports (formerly "Queries") already does: we still show the "Syntax error. Please review before saving." message under the editor, but the user can still click Save. An empty query still disables Save. The actual code change is small -- one line in `PolicyForm.tsx`: ```diff - !!size(errors); + (!!errors.query && errors.query === EMPTY_QUERY_ERR); ``` Previously the button was disabled for any error (including syntax errors). Now it's only disabled when the error is specifically the empty-query error. This exactly mirrors the existing logic in `EditQueryForm.tsx` for Reports. I also imported `EMPTY_QUERY_ERR` from the shared validator and dropped an obsolete `// @ts-ignore` on that import (the validator is now TypeScript). ## Testing All testing was done manually on macOS against a local Fleet dev server. Jest suites run clean. ### Before the change (reproducing the bug) 1. Checked out `main`, ran the dev server. 2. Went to Policies, clicked "Add policy". 3. Pasted a query with a syntax error: `SELCT * FROM users;`. 4. Observed: error message "Syntax error. Please review before saving." appears under the editor, and the Save button is disabled (greyed out, not clickable). Same behavior when editing an existing policy. ### After the change (fix verified) 1. Checked out `bug_38348`, refreshed the browser (webpack watch picked up the change). 2. Went to Policies, clicked "Add policy". 3. Pasted the same syntax-error query `SELCT * FROM users;`. 4. Observed: error message still shows, but the Save button is now enabled. Clicking Save opened the "Save policy" modal; completing the save wrote the policy with the user's exact SQL. 5. Edited the saved policy -- the same syntax-error SQL loaded, Save remained enabled, edits saved successfully. 6. Cleared the SQL to empty -- error changed to "Query text must be present" and Save went back to disabled. Good. 7. Ran the same flow on Reports (new and edit) to confirm no regression -- behavior unchanged from before. ### Tests - `frontend/pages/policies/edit/components/PolicyForm/PolicyForm.tests.tsx` -- 17/17 passing. - `frontend/pages/queries/edit/components/EditQueryForm/EditQueryForm.tests.tsx` -- 15/15 passing (regression check). - No new unit test was added for the syntax-error path; an existing TODO in the test file documents why direct testing through react-ace is awkward. # Checklist for submitter - [x] Changes file added for user-visible changes in `changes/` (`changes/38348-allow-saving-invalid-sql`). - [x] Input data is properly validated (N/A -- frontend-only, no new SQL). - [x] QA'd all new/changed functionality manually (see Testing section above). <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * New Features * Policy forms now allow saving when the SQL has a syntax error; the syntax-error message remains visible for correction. * Saving is still blocked when the SQL/query is empty or only whitespace. * Tests * Added regression tests verifying save behavior for empty and syntactically invalid queries. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: Juan Fernandez <juan@fleetdm.com>	2026-04-22 14:22:33 -04:00

Author

SHA1

Message

Date

Sharon Katz

0810d7a999

Allow saving policies with invalid SQL (#38348 ) (#43952 )

<!--- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #38348

## What this PR does

On the Policies create and edit pages, the "Save" button was getting
disabled whenever Fleet's SQL parser flagged the query as having a
syntax error. That was a problem because Fleet's parser has gaps --
plenty of valid osquery SQL gets flagged as "invalid", which blocked
admins from saving perfectly good custom queries.

This PR changes the Save button behavior on the Policies form to match
what Reports (formerly "Queries") already does: we still show the
"Syntax error. Please review before saving." message under the editor,
but the user can still click Save. An empty query still disables Save.

The actual code change is small -- one line in `PolicyForm.tsx`:

```diff
-      !!size(errors);
+      (!!errors.query && errors.query === EMPTY_QUERY_ERR);
```

Previously the button was disabled for any error (including syntax
errors). Now it's only disabled when the error is specifically the
empty-query error. This exactly mirrors the existing logic in
`EditQueryForm.tsx` for Reports.

I also imported `EMPTY_QUERY_ERR` from the shared validator and dropped
an obsolete `// @ts-ignore` on that import (the validator is now
TypeScript).

## Testing

All testing was done manually on macOS against a local Fleet dev server.
Jest suites run clean.

### Before the change (reproducing the bug)

1. Checked out `main`, ran the dev server.
2. Went to Policies, clicked "Add policy".
3. Pasted a query with a syntax error: `SELCT * FROM users;`.
4. Observed: error message "Syntax error. Please review before saving."
appears under the editor, and the Save button is **disabled** (greyed
out, not clickable). Same behavior when editing an existing policy.

### After the change (fix verified)

1. Checked out `bug_38348`, refreshed the browser (webpack watch picked
up the change).
2. Went to Policies, clicked "Add policy".
3. Pasted the same syntax-error query `SELCT * FROM users;`.
4. Observed: error message still shows, but the Save button is now
**enabled**. Clicking Save opened the "Save policy" modal; completing
the save wrote the policy with the user's exact SQL.
5. Edited the saved policy -- the same syntax-error SQL loaded, Save
remained enabled, edits saved successfully.
6. Cleared the SQL to empty -- error changed to "Query text must be
present" and Save went back to disabled. Good.
7. Ran the same flow on Reports (new and edit) to confirm no regression
-- behavior unchanged from before.

### Tests

-
`frontend/pages/policies/edit/components/PolicyForm/PolicyForm.tests.tsx`
-- 17/17 passing.
-
`frontend/pages/queries/edit/components/EditQueryForm/EditQueryForm.tests.tsx`
-- 15/15 passing (regression check).
- No new unit test was added for the syntax-error path; an existing TODO
in the test file documents why direct testing through react-ace is
awkward.

# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`
(`changes/38348-allow-saving-invalid-sql`).
- [x] Input data is properly validated (N/A -- frontend-only, no new
SQL).
- [x] QA'd all new/changed functionality manually (see Testing section
above).


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Policy forms now allow saving when the SQL has a syntax error; the
syntax-error message remains visible for correction.
* Saving is still blocked when the SQL/query is empty or only
whitespace.

* **Tests**
* Added regression tests verifying save behavior for empty and
syntactically invalid queries.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: Juan Fernandez <juan@fleetdm.com>

2026-04-22 14:22:33 -04:00

1 commit