fleet

mirror of https://github.com/fleetdm/fleet synced 2026-05-24 09:28:54 +00:00

Author	SHA1	Message	Date
Gabriel Hernandez	a0c5102903	update auth token storage (#40504 ) Related issue: Resolves #14401 # Checklist for submitter this updates the mechanism of storing the auth token for a user that is used for making requests and validating a user session. We change the storage from local storage to a cookie. This allow a bit more security and prepares for a future change where we will allow the browser to handle setting and passing the auth token in the request. - [x] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. - [x] QA'd all new/changed functionality manually	2026-02-26 17:05:13 +00:00
Nico	ffe0f71c83	Technician role FE changes (#39494 ) <!-- Add the related story/sub-task/bug number, like Resolves #123, or remove if NA --> Related issue: Resolves #38630 ## Testing - [x] QA'd all new/changed functionality manually Screenshots below were taken with a Team Technician user. Same changes apply for a Global Technician. #### Controls > OS settings > Disk encryption - Shows table without controls below. - Shows empty state (doesn't allow to turn it on). <img width="1915" height="886" alt="Screenshot 2026-02-10 at 12 24 25 PM" src="https://github.com/user-attachments/assets/3f44d338-e728-4eb2-ad93-e30844201b52" /> <img width="1913" height="907" alt="Screenshot 2026-02-10 at 12 31 38 PM" src="https://github.com/user-attachments/assets/71706e9e-0540-4c25-b5c0-3f7ccff3ba5a" /> #### Controls > OS settings > Custom settings - Changed description to say View configuration profiles that apply custom settings. instead of Create and upload configuration profiles to apply custom settings.. - Add profile not shown within table header. - Trash can icon not shown when hovering over a row within the table. - Add profile card not shown on empty state. Instead, "No configuration profiles have been added." is shown. <img width="1911" height="729" alt="Screenshot 2026-02-10 at 12 24 39 PM" src="https://github.com/user-attachments/assets/aa68cbaf-4772-402d-9288-b4be2ddd3250" /> <img width="1912" height="650" alt="Screenshot 2026-02-10 at 12 28 48 PM" src="https://github.com/user-attachments/assets/6a186172-b01f-4314-bb50-4cb533e13bce" /> #### Controls > Scripts > Library - Add script not shown within table header. - No actions shown when hovering over a table row. - Can view script by clicking on a table row. - Removed To run the script across multiple hosts, add a policy automation on the Policies page line below To run this script on a host, go to the Hosts page and select a host.. - Updated copy to `To run this script on a host, go to the Hosts page and select a host. Then, click Actions > Run script.` <img width="1912" height="772" alt="Screenshot 2026-02-10 at 12 25 46 PM" src="https://github.com/user-attachments/assets/83fbc1ec-3a6e-4bb5-865e-b5e7faef1e37" /> <img width="1732" height="761" alt="Screenshot 2026-02-11 at 3 50 33 PM" src="https://github.com/user-attachments/assets/6dda97d7-fde2-4bcd-94b3-fa7368c65528" /> #### Labels Can add label and filter by label <img width="160" height="247" alt="Screenshot 2026-02-10 at 12 51 24 PM" src="https://github.com/user-attachments/assets/ed63b708-27f8-4363-9d4f-9a7b0bf82b21" /> <img width="1901" height="856" alt="Screenshot 2026-02-10 at 12 35 07 PM" src="https://github.com/user-attachments/assets/c2ef5e21-03ab-4955-a22f-cd6ca32f3179" /> <img width="1903" height="937" alt="Screenshot 2026-02-10 at 12 36 11 PM" src="https://github.com/user-attachments/assets/d9d9f3bc-4d71-4c4b-902a-455eec9e057c" /> Can edit/delete labels created by themselves. NOTE: my technician user ID is 37 - note that the x label belongs to a different user id, while the second label belongs to ID 37, therefore it can be edited and deleted. <img width="1915" height="1152" alt="Screenshot 2026-02-10 at 12 38 29 PM" src="https://github.com/user-attachments/assets/21f44c11-4e2d-456b-8547-90936b5d7602" /> <img width="1911" height="1154" alt="Screenshot 2026-02-10 at 12 38 42 PM" src="https://github.com/user-attachments/assets/f9f7ea30-11b2-4d2d-9d71-de7299e4b451" /> Can delete manual label from host https://github.com/user-attachments/assets/b64ba6dd-3f54-4dcd-9c57-7bede65122da #### Host details Can run scripts and view their results <img width="1908" height="472" alt="Screenshot 2026-02-10 at 12 52 33 PM" src="https://github.com/user-attachments/assets/d1e40339-ec52-47ff-bc53-c311498ffe80" /> <img width="1882" height="716" alt="Screenshot 2026-02-10 at 12 52 40 PM" src="https://github.com/user-attachments/assets/dd0c2ec3-8cb8-4835-9c6d-f731a7434637" /> <img width="1915" height="718" alt="Screenshot 2026-02-10 at 12 52 48 PM" src="https://github.com/user-attachments/assets/5e7a73e0-ac5b-4d38-b635-770f53dea9e3" /> <img width="1914" height="718" alt="Screenshot 2026-02-10 at 12 52 55 PM" src="https://github.com/user-attachments/assets/b199c796-66b1-46bc-b2b5-fd35e8aa7a7c" /> Can run query associated to host as a live query https://github.com/user-attachments/assets/7aea6f63-e443-4fa0-87dc-48bef84efa2f #### Software Doesn't show trash can icon on software installer card, just the download one. <img width="1423" height="838" alt="Screenshot 2026-02-10 at 1 33 53 PM" src="https://github.com/user-attachments/assets/3a55c226-0bba-43ac-8594-7b5ac0a3684a" /> Can install/uninstall software on a host. Note that Add software button is hidden (technicians can't add software). <img width="1378" height="277" alt="Screenshot 2026-02-10 at 3 08 55 PM" src="https://github.com/user-attachments/assets/bf413467-2071-48b6-b62b-f3a721b6057c" /> #### Queries - Can run inherited queries on all hosts https://github.com/user-attachments/assets/09f07e6b-a8c1-453e-81fd-4deb16005836 - Can run team queries on all hosts https://github.com/user-attachments/assets/18b62dea-e159-40ea-b0ed-1d96b6bd40e7 - Can't manage automations or add queries (buttons are not shown at the top-right corner) #### Policies Same as Queries https://github.com/user-attachments/assets/2c24514a-2ae0-47a6-b631-6f9e48fc7b9c #### Protected routes Tested that I can't access routes that have restricted functionality for this role, such as: - /controls/os-updates, /controls/setup-experience and /controls/os-settings/certificates => redirects to /controls/os-settings ✅ - /controls/scripts/progress => redirects to /controls/scripts/library ✅ - /queries/new and /software/add/* => renders access denied page ✅ --------- Co-authored-by: Lucas Manuel Rodriguez <lucas@fleetdm.com>	2026-02-11 18:38:41 -03:00
Nico	2e70ad2955	Surface queries in host details (#37646 ) <!-- Add the related story/sub-task/bug number, like Resolves #123, or remove if NA --> Related issue: Resolves #27322 [Figma](https://www.figma.com/design/v7WjL5zQuFIZerWYaSwy8o/-27322-Surface-custom-host-vitals?node-id=5636-4950&t=LuE3Kp09a5sj24Tt-0) ## Testing - [x] Added/updated automated tests - [ ] Where appropriate, [automated tests simulate multiple hosts and test for host isolation](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/reference/patterns-backend.md#unit-testing) (updates to one hosts's records do not affect another) - [x] QA'd all new/changed functionality manually (WIP) ## Screenshots ### Host details <img width="1481" height="1000" alt="Screenshot 2025-12-26 at 2 14 48 PM" src="https://github.com/user-attachments/assets/3d9f02f9-f3a7-4a06-b3e4-414bb7b56e25" /> - `Queries` tab removed. - Shows `Queries` card. #### Queries Card - Added client-side pagination. - Added `Add query` button (screenshots below are with `Admin` role). <img width="710" height="395" alt="Screenshot 2025-12-26 at 2 15 07 PM" src="https://github.com/user-attachments/assets/b4e58269-d1b2-4c87-abfa-2cdfe47b533e" /> <img width="723" height="301" alt="Screenshot 2025-12-26 at 2 15 00 PM" src="https://github.com/user-attachments/assets/2615d5bf-5d75-4e83-bc69-bc884232bf32" /> - As an `Observer`, `Add query` is not displayed <img width="2240" height="1077" alt="Screenshot 2025-12-26 at 2 27 25 PM" src="https://github.com/user-attachments/assets/426de709-d2ce-4bef-96f1-919ad5bddb13" /> - As a `Maintainer`, `Add query` is displayed <img width="2236" height="1084" alt="Screenshot 2025-12-26 at 2 31 16 PM" src="https://github.com/user-attachments/assets/218b0d18-2536-4336-88c8-41e7d09a5e9e" /> ### New query page If the user navigates from `Host details`, `host_id` search parameter is added to the URL and the back button displays `Back to host details`. <img width="1097" height="506" alt="Screenshot 2025-12-26 at 2 15 32 PM" src="https://github.com/user-attachments/assets/61777c85-22f5-49dc-a3e6-dcd706119c70" /> ### Host Queries (/hosts/:hostId/queries/:queryId) `Performance impact` added above the table. <img width="2029" height="626" alt="Screenshot 2025-12-26 at 2 16 00 PM" src="https://github.com/user-attachments/assets/05c6b1bc-0587-4b0a-8167-142787592c6d" /> <img width="1555" height="482" alt="Screenshot 2025-12-26 at 2 16 05 PM" src="https://github.com/user-attachments/assets/b9035b63-51c3-46c0-a903-c16d54c22986" />	2026-01-02 10:06:12 -03:00
Ian Littman	7f5652daff	Remove previews, add preview links, make copy tweaks to setup experience configuration UI (#34980 ) Fixes #34530 and #34452. idP config is in a subsequent commit and will handle the dangling path added here. <!-- Add the related story/sub-task/bug number, like Resolves #123, or remove if NA --> Related issue: Resolves # # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files) for more information. ## Testing - [x] QA'd all new/changed functionality manually	2025-10-30 17:32:06 -05:00
Jacob Shandling	36be3d14a1	UI – Refrain from clearing the auth_token and redirecting to login for errors specific to this scenario (#14911 ) ## Addresses #12968 https://www.loom.com/share/37aaaa36936b47079ff3088c3430e36b?sid=c249306b-a32e-4a33-be83-aae2d13c98aa - Improve the implementation of error reporting by `sendRequest` to handle when AxiosError information is being provided in different fields (`response`, `message`, `code`, or nowhere), as opposed to relying on only the `response` field, which is empty in some (including this) situations - Using the more fine-grained reporting above, exempt `Request aborted` errors when fetching a user's data, which is what occurs here, from triggering a token clear and login page redirect. - Use dedicated token handling utilities everywhere ## Checklist for submitter - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Jacob Shandling <jacob@fleetdm.com>	2023-11-03 08:32:41 -07:00
Jacob Shandling	cb58849d95	Fleet Premium to Sandbox (#11372 ) ## Addresses #9371 ### Adds a suite of UI logic for premium features in the Sandbox environment For reviewer: please review the work for the below 3 substasks, which are the only remaining subtasks encompassed by this PR that have not yet passed review individually: - #10822 (9) - #10823 (10) - #10824 (11) ## Checklist for submitter - [x] Changes file added for user-visible changes in `changes/` - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Jacob Shandling <jacob@fleetdm.com> Co-authored-by: Martin Angers <martin.n.angers@gmail.com>	2023-04-27 08:53:30 -07:00
Jacob Shandling	4d1beef728	Check for "No access" for authenticated routes (#11307 ) ## Addresses #11188 When an _already authenticated_ no-access user tries to access any authenticated routes: - Log the user out - Display the 403 'Forbidden' error page https://www.loom.com/share/358fd5b534984ab9ab40220986a7d094 The user _can_ still log in – see attached issue. ## Checklist for submitter - [x] Changes file added for user-visible changes in `changes/` - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Jacob Shandling <jacob@fleetdm.com>	2023-04-26 10:45:40 -07:00
RachelElysia	bfa257c8b5	Fleet UI: 1 new premium role (Observer+, GitOps is hidden) (#11028 )	2023-04-07 11:36:47 -04:00
Roberto Dip	98845f03a6	remove feature flags to enable MDM (#10746 ) https://github.com/fleetdm/fleet/issues/10025	2023-03-27 16:30:29 -03:00
Roberto Dip	e06b00df11	Add readonly MDM.EnabledAndConfigured to app config and device responses (#9575 ) Related to #9571, this adds a new value to both responses which is calculated when the Fleet server is started, and only set to `true` if the server is properly configured for MDM. This helps the UI to determine wether or not we should show certain UI elements that we only want to show to servers with MDM enabled.	2023-02-01 14:47:52 -03:00
Jacob Shandling	180f7691ce	UI: Only render & allow Controls page if MDM is enabled (and user is authorized) (#9568 ) ## Make sure authorized users can only a) see and b) access the Controls page if MDM is enabled - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Jacob Shandling <jacob@fleetdm.com>	2023-01-30 15:31:42 -08:00
Gabriel Hernandez	08bce97a1b	add pendo to sandbox instances (#9191 ) relates to https://github.com/fleetdm/fleet/issues/9022 add pendo to sandboxes instances - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Manual QA for all new/changed functionality	2023-01-06 14:57:32 +00:00
Luke Heath	9f3c83b7c5	Redirect all unauthenticated pages on sandbox (#8662 )	2022-11-11 08:55:25 -06:00
Tomas Touceda	8185254088	Be more specific when detecting sandbox (#8432 ) * Be more specific when detecting sandbox * Fix typo in domain	2022-10-25 18:35:49 -03:00
Luke Heath	7293cca95b	Fix sandbox URL redirect location (#7228 )	2022-08-16 10:41:13 -05:00
Luke Heath	a4c1e25c98	Fix URL check for sandbox redirect (#7227 )	2022-08-15 18:25:12 -05:00
RachelElysia	9f8ccd8113	Fleet Sandbox: Login for sandbox redirects to sandbox's login url (#7220 )	2022-08-15 16:29:57 -04:00
Gabriel Hernandez	01d5d14f82	Fix navigation to teams settings sandbox (#7094 )	2022-08-08 13:39:08 -05:00

18 commits