#29609
Verified the changes with [Entra ID's
validator](https://scimvalidator.microsoft.com/) and adding the
department attribute to the tester:
<img width="1312" alt="Screenshot 2025-06-27 at 8 54 32 AM"
src="https://github.com/user-attachments/assets/45a5deb8-7c65-49df-b3e8-eb05bea11f6b"
/>
<img width="1312" alt="Screenshot 2025-06-27 at 8 54 21 AM"
src="https://github.com/user-attachments/assets/91b554b5-b0b9-4bb6-a0cf-4e3b40e6ce21"
/>
- Tested with Okta
- TODO: Test with Entra ID and Google Workspace.
- I decided to not fail profile deployment if a user has no department
because it's not a required attribute, instead the
`FLEET_VAR_HOST_END_USER_IDP_DEPARTMENT` will be replaced with the empty
string.
---
- [X] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
- [X] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [X] If database migrations are included, checked table schema to
confirm autoupdate
(https://github.com/fleetdm/fleet/blob/main/docs/Configuration/yaml-files.md#L485)
- For database migrations:
- [X] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [X] Confirmed that updating the timestamps is acceptable, and will not
cause unwanted side effects.
- [X] Ensured the correct collation is explicitly set for character
columns (`COLLATE utf8mb4_unicode_ci`).
- [X] Added/updated automated tests
- [X] Manual QA for all new/changed functionality
## #30198
[Video
demo](https://drive.google.com/file/d/1RBk5QNQdQvXTHJveCNkIeMXj5hWFA5Ft/view?usp=sharing)
- Implement the following logic for `teamId` in the UI when in Primo
mode:
<img width="870" alt="Screenshot 2025-06-24 at 12 47 48 PM"
src="https://github.com/user-attachments/assets/8ae81c3f-223f-4dda-954d-c42c7008de45"
/>
- Above logic is enforced - if trying to change/add/remove `team_id`,
automatically pushed to appropriate team
- Fixes originally reported issue - user in Primo mode can access
installable software (on the hidden "No team" which is now enforced):
- Software page on No team
- Update header help text
- Handle UI edge cases the above surfaces:
- Queries page on All teams (No team not supported):
<img width="1624" alt="Screenshot 2025-06-24 at 1 10 40 PM"
src="https://github.com/user-attachments/assets/84bb2ca0-b8e7-44e8-9bf5-9f8f243d5584"
/>
- Policies page on No team:
<img width="1624" alt="Screenshot 2025-06-24 at 1 10 53 PM"
src="https://github.com/user-attachments/assets/144d745f-e9b0-4933-be45-2db4fe428cfe"
/>
- update `useTeamIdParam` hook's strip query params on change team logic
to optionally also consider the current team
**Important notes**
- Software page: Software automations are only accessible via All teams,
while Add software is only accessible on a team, including No team. In
lieu of specs around this, I decided to favor Add software functionality
over Software automations functionality, aka, push to "No team" on this
page. Enabling _both_ functionalities would be a very large ticket and
need to go through a proper drafting process, since Fleet doesn't
currently support both in any state.
- Policies page:
- "Other workflows" (tickets and webhooks) is available on All Teams and
specific teams, but not on No Team, so "Other workflows" is currently
unavailable in Primo mode
- If any of the Primo customers have created policies on All Teams
already, they won't be able to manage automations on them anymore. All
Teams policies can only have ticket/webhook workflows
- [x] Changes file added for user-visible changes in `changes/`
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
Automated update of MIN_OSQUERY_VERSION_OPTIONS with any new osquery
release. (Note: This automatic update is the solution to issue #21431)
Co-authored-by: RachelElysia <RachelElysia@users.noreply.github.com>
Co-authored-by: Ian Littman <iansltx@gmail.com>
Fixes [#30059](https://github.com/fleetdm/fleet/issues/30059)
Fixes an issue where you couldn't delete a bootstrap package. The issue
was an unused json struct tag for DryRun on the
`deleteBootstrapPackageRequest` struct.
I also updated the UI to use the current endpoint to delete a bootstrap
package
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
- [x] Manual QA for all new/changed functionality
Fixes#30063
This fixes an issue added in the
[PR](https://github.com/fleetdm/fleet/pull/29968) where the user was not
able to reenable the end user migration form.
I've also added improved a11y attributes to the slider component,
ensured we are functionally disabling the form controls during gitops
mode and not just visually, and updated/added tests for the
EndUserMigrationSection component.
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
- [x] Added/updated automated tests
- [x] Manual QA for all new/changed functionality
For #30001
# Details
When Fleet is started with logging configured in a way such that the
logging plugin has no `config`, clicking "Manage Automations" on the
manage queries page results in a 500 page. An example config would be:
```
fdm up --server_address=localhost:8080 --dev --dev_license --logging_debug --osquery_result_log_plugin=stdout --osquery_status_log_plugin=stdout --activity_audit_log_plugin=stdout
```
This PR fixes the issue by adding null protection for cases where the
`config` object is empty for the logging plugin.
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [X] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
- [X] Manual QA for all new/changed functionality
# Details
This PR fixes an issue where the user is redirected to a 500 error page
after saving a new label if they were on the All Teams host page before
creating the label. The issue was due to the redirect having
`team_id=-1` in it, and the fix is to detect that All Teams is selected
and, if so, not set `team_id` in the URL at all.
# Checklist
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [X] Manual QA for all new/changed functionality
- [X] For unreleased bug fixes in a release candidate, confirmed that
the fix is not expected to adversely impact load test results or alerted
the release DRI if additional load testing is needed.
# Testing
Tested adding a new and dynamic label from All Teams, No team and a
custom team. Vids below for "All Team":
Before:
After:
Fixes#29505
Quick fix to show the premium feature message for idp integrations card
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
- [x] Manual QA for all new/changed functionality
Fixes#29696
fixes truncation of the mdm server url value on the about card.
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
- [x] Manual QA for all new/changed functionality
Automated update of MIN_OSQUERY_VERSION_OPTIONS with any new osquery
release. (Note: This automatic update is the solution to issue #21431)
Co-authored-by: RachelElysia <RachelElysia@users.noreply.github.com>
## For #28822
- Enable searching the teams dropdown
- Ensure right-scrolling per usual text input fields when search text is
long
- Ensure neighboring elements are not moved when search text is long
- [x] Changes file added for user-visible changes in `changes/`
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
For #27042.
Ready for review, just missing integration tests that I will be writing
today.
- [X] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
- [X] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [X] If database migrations are included, checked table schema to
confirm autoupdate
- For new Fleet configuration settings
- [X] Verified that the setting can be managed via GitOps, or confirmed
that the setting is explicitly being excluded from GitOps. If managing
via Gitops:
- [X] Verified that the setting is exported via `fleetctl
generate-gitops`
- [X] Added the setting to [the GitOps
documentation](https://github.com/fleetdm/fleet/blob/main/docs/Configuration/yaml-files.md#L485)
- [X] Verified that the setting is cleared on the server if it is not
supplied in a YAML file (or that it is documented as being optional)
- [x] Verified that any relevant UI is disabled when GitOps mode is
enabled
- For database migrations:
- [X] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [X] Confirmed that updating the timestamps is acceptable, and will not
cause unwanted side effects.
- [X] Ensured the correct collation is explicitly set for character
columns (`COLLATE utf8mb4_unicode_ci`).
- [x] Added/updated automated tests
- [X] Manual QA for all new/changed functionality
---------
Co-authored-by: jacobshandling <61553566+jacobshandling@users.noreply.github.com>
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
## For #29444
- Update script batch summary modal status rows to link to the hosts
page filtered by the appropriate batch script run and status
- Add above filtering capabilities to the hosts page
<img width="1912" alt="Screenshot 2025-05-30 at 12 39 54 PM"
src="https://github.com/user-attachments/assets/4299ecaa-10bd-49f4-b0f8-cd0e71108e04"
/>
<img width="1912" alt="Screenshot 2025-05-30 at 12 40 22 PM"
src="https://github.com/user-attachments/assets/8252560e-59a2-42a9-bd0c-e5ca05c53390"
/>
- [x] Changes file added for user-visible changes in `changes/`
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
This isn't supposed to be link. We use bold text to reference UI
elements, but it's not expected to have links in tooltip.
---------
Co-authored-by: Gabriel Hernandez <ghernandez345@gmail.com>
For #26375.
When listing software titles for 'All teams', do not join against
software installers nor vpps to avoid duplicates.
Since filters related to software installers/VPP apps are no longer used
when viewing titles for 'All teams', the filter dropdown is disabled if
'All teams' is selected.
## Closes#29613
- Previous changes intended to add `TooltipTruncatedText`-like
functionality accidentally broke existing functionality when pill
content was not truncated
- This restores the previous functionality when explicit tooltip content
is passed in, and adds fall back behavior to act like
`TooltipTruncatedText`, where when the element content is truncated, its
full content is rendered as a tooltip on hover.
### Tooltip content is explicitly passed in and rendered in the tooltip.
Notice the tooltip content differs from the underlying element content:
<img width="675" alt="Screenshot 2025-05-30 at 11 21 49 AM"
src="https://github.com/user-attachments/assets/b0f8e72e-9925-4844-80ca-672b6efeb443"
/>
### No tooltip content passed in, falls back to
`TooltipTruncatedText`-like behavior. Notice the truncated element
content is the prefix of the full content rendered in the tooltip:
<img width="675" alt="Screenshot 2025-05-30 at 11 21 25 AM"
src="https://github.com/user-attachments/assets/e5fe7d74-3674-478c-8e33-7e84006e7390"
/>
- [x] Manual QA for all new/changed functionality
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
## For #28821
- Update UI-rendered references to `/(F|f)requency/` to refer to
`/(I|i)nterval/` instead
- More info: Note that this PR only changes copy actually rendered in
the UI (and an associated test), and is low-risk, so can be merged and
QAed quickly. [This
branch](https://github.com/fleetdm/fleet/tree/28821-add-on-update-code)
contains updates to variables, constants, and class names, more
error-prone changes that, if review and QA capacity allow, can be PRed
for consistency between the code and the copy, but is not critical for
the desired UI updates.
- [x] Changes file added for user-visible changes in `changes/`
- [x] Added/updated automated tests
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
for #27701
# Checklist for submitter
- [X] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [X] Manual QA for all new/changed functionality
## Details
This PR fixes an issue where adding or removing a single host on a
manual label in the UI had unexpected results when that host's serial
number was not unique. When adding the host, all other hosts with the
same serial # would be added. When removing the host, _no_ hosts would
be removed unless _all_ the hosts with the matching serial # were
removed. The fix here is to introduce a new API param `host_ids` which
allows sending explicit Fleet host IDs to the add/update label APIs.
These are guaranteed to be unique.
## Testing
* Added new automated tests for the `NewLabel` and `ModifyLabel`
services
* Manually tested adding and modifying labels using hosts with duplicate
serials (I manually updated serials in my local db to get duplicates)
## Notes
* The existing `hosts` param is preserved (and tested) since API-only
users may rely on it.
* A separate API docs PR will be opened.
For [#28761](https://github.com/fleetdm/fleet/issues/28761)
This adds the ability to filter the hosts by `profile_uuid` and
`profile_status` query params. This was added for the following
endpoints:
```
GET /hosts
GET /hosts/count
GET /hosts/reports
```
This also adds the UI needed to send the query params to the API
correctly when exporting a CSV of the hosts
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
- [x] Added/updated automated tests
- [x] Manual QA for all new/changed functionality
## For #27667
- Have `TooltipTruncatedText` component use `useCheckTruncatedElement`
to track its current state of truncation.
- Update `useCheckTruncatedElement` to re-evaluate truncation state
based on changes to the width of
the element itself as opposed to changes to viewport width. This
facilitates truncation when the
width of the element is updated due to user interaction / change in UI
state other than window resize, e.g. checking a policy in the policy
software automations modal (see issue description for details
reproduction instructions there).
**Truncation with tooltip successful for UI state changes:**
Truncation with tooltip successful for viewport resizing:
- [x] Changes file added for user-visible changes in `changes/⁄
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
for #27233
# Checklist for submitter
- [X] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
## Details
This PR fixes an issue where the cursor in the SQL editor would become
misaligned under some circumstances. I was never able to reproduce this
personally, but big thanks to @mason-buettner for both the reproduction
and testing this fix.
The issue seems to stem from the Ace editor having a hard time dealing
with CSS scaling. I'm not sure what circumstances actually cause this to
occur, but a combination of Google and ChatGPT lead me to
https://github.com/securingsincity/react-ace/issues/750 and
https://github.com/ajaxorg/ace/issues/4794 which I combined for this fix
which seems to work.
> For #29197
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
- [x] Manual QA for all new/changed functionality
This PR adds NICE DCV Viewer as a new maintained app for macOS. The app
is available through homebrew and is used for connecting to NICE DCV
remote display protocol.
---------
Co-authored-by: Kenny Botelho <kbotelho@nvidia.com>
Co-authored-by: Eugene <eugkuo@gmail.com>
Co-authored-by: Ian Littman <iansltx@gmail.com>
Co-authored-by: Eric <eashaw@sailsjs.com>
Co-authored-by: Noah Talerman <noahtal@umich.edu>
Co-authored-by: Jahziel Villasana-Espinoza <jahzielv@gmail.com>
For [#23784](https://github.com/fleetdm/fleet/issues/23784)
This adds the "turn off mdm" option don't he host details page for
iPhone and iPad devices.
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
- [ ] Added/updated automated tests
- [ ] Manual QA for all new/changed functionality
For #28759
This is the UI work for being able to filter hosts by a configuration
profile status. There are also added tests in this PR.
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
- [x] Added/updated automated tests
- [x] Manual QA for all new/changed functionality
## For #27255
- Hide script contents when a saved script was run
- Clean up code
<img width="1276" alt="Screenshot 2025-05-12 at 3 39 32 PM"
src="https://github.com/user-attachments/assets/e057820e-3db0-4ac0-be7c-38abf20cfadc"
/>
- [x] Changes file added for user-visible changes in `changes/`
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
Added `neon` to list of Linux platforms associated with hosts so that
Linux-specific detail queries and policies will be sent to hosts running
the XDE Neon operating system.
This does not guarantee full compatibility with Neon, but will improve
telemetry.
Resolves#28560
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [x] Added/updated automated tests
- [ ] A detailed QA plan exists on the associated ticket (if it isn't
there, work with the product group's QA engineer to add it)
- [ ] Manual QA for all new/changed functionality
## For #28699 auxiliary feature
- [x] Changes file added for user-visible changes in `changes/`
- [x] A detailed QA plan exists on the associated ticket (if it isn't
there, work with the product group's QA engineer to add it)
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
For #28948 adds LearnMoreLink for NDES error messages as well. Also
refactored the code that creates the errors slightly to genericize in
case we need to add more links in the future
- [x] A detailed QA plan exists on the associated ticket (if it isn't
there, work with the product group's QA engineer to add it)
- [ ] Manual QA for all new/changed functionality
- [x] For unreleased bug fixes in a release candidate, confirmed that
the fix is not expected to adversely impact load test results or alerted
the release DRI if additional load testing is needed.
For #27700
When uploading bootstrap package for macOS setup experience, validate
that it is a Distribution package since that is required by Apple's
InstallEnterpriseApplication MDM command.
# Checklist for submitter
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
- [x] Added/updated automated tests
- [x] A detailed QA plan exists on the associated ticket (if it isn't
there, work with the product group's QA engineer to add it)
- [x] Manual QA for all new/changed functionality
## For #28166
- Support new webhook logging configuration
- Update and improve types
<img width="420" alt="Screenshot 2025-05-01 at 12 15 25 PM"
src="https://github.com/user-attachments/assets/0e624c6a-3d69-4c9d-a64b-2a27533e6d44"
/>
- [x] Changes file added for user-visible changes in `changes/`
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
For #27007
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [x] A detailed QA plan exists on the associated ticket (if it isn't
there, work with the product group's QA engineer to add it)
- [x] Manual QA for all new/changed functionality
## For #27052
- Use `round` instead of `ceil` and `floor`
<img width="144" alt="Screenshot 2025-04-30 at 10 20 09 PM"
src="https://github.com/user-attachments/assets/48a64558-6aca-4cd0-be9e-a526f9e6219d"
/>
- [x] Changes file added for user-visible changes in `changes/`
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
For [#28629](https://github.com/fleetdm/fleet/issues/28629)
this disabled the manual agent install checkbox if the user has already
uploaded install software or a run script for setup experience
- [x] Added/updated automated tests
- [x] Manual QA for all new/changed functionality
For #[26070](https://github.com/fleetdm/fleet/issues/26070)
This adds the UI for enabling a manual agent install for a bootstrap
package. This includes:
**The new form option for enabling manual agent install of a bootstrap
package**
**disabling adding install software and run script options when user has
enabled manual agent install**
**improvements to the setup experience content styling. I've created a
`SetupExperienceContentContainer` component to centralise the styles for
the content of these sub sections.**
**updates to the preview sections copy and replacing the gifs with
videos**
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
- [ ] Added/updated automated tests
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Sarah Gillespie <73313222+gillespi314@users.noreply.github.com>
## For #28159
- Implement UI capability to run scripts on batches of hosts at a time
- Add new hosts table `Run script` primary action, triggers
- new `RunScriptBatch` modal, allows running scripts on the selected
batch of hosts
- new `RunScriptBatchPaginatedList`, handles logic specific to this
modal, and utilizes the now more flexible `PaginatedList` component
- Widen capabilities of `PaginatedList` component to elegantly handle
more diverse applications, including this one
- Widen capabilities of `ScriptDetailsModal` component to elegantly
handle more diverse applications, including this one
- Streamline updating `state`s on manage hosts page
- Clearer, more concise naming
- [x] Changes file added for user-visible changes in `changes/`
- [x] A detailed QA plan exists on the associated ticket (if it isn't
there, work with the product group's QA engineer to add it)
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
For [#27198](https://github.com/fleetdm/fleet/issues/27198)
Adds truncation and conditional tooltip to the host name on the host
details page.
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
- [x] Manual QA for all new/changed functionality
Automated update of MIN_OSQUERY_VERSION_OPTIONS with any new osquery
release. (Note: This automatic update is the solution to issue #21431)
Co-authored-by: RachelElysia <RachelElysia@users.noreply.github.com>
For #26366
# Checklist for submitter
- [X] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
# Details
This PR fixes an issue where the SQL parser in the UI doesn't recognize
window functions like `OVER()` and marks the SQL as having syntax
errors. The fix here is to update to a more modern parsing library. This
involved updating some AST-parsing code we have for determining which
tables are used in a query, for the purposes of feeding autocomplete and
determining query compatibility.
# Testing
I tested this with the query mentioned in #26366 in Chrome, Firefox and
Safari on MacOS. I also added new unit tests for our SQL helper
functions.
# Notes
During testing I discovered that we were bundling two versions of the
ACE editor into our frontend package. By upgrading one version by a
couple of patches to make the two dependencies equal, we chop out ~300k
from our bundle.
# Checklist for submitter
- [X] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
# Details
This PR fixes an issue where any selection made in the table on the
Manage Queries page would be cleared a few seconds after the page
loaded. The issue was due to a re-render happening after the `staleTime`
period elapsed, coupled with an array that was being re-created on every
render.
For #27775
fixes an issue where the host upcoming activities were showing the
incorrect created at dates in the tooltip.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
- [x] Manual QA for all new/changed functionality
#27275 and #27274
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [x] Added/updated automated tests
- [x] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [x] Make sure fleetd is compatible with the latest released version of
Fleet (see [Must
rule](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/fleetd-development-and-release-strategy.md)).
- [x] Orbit runs on macOS, Linux and Windows. Check if the orbit
feature/bugfix should only apply to one platform (`runtime.GOOS`).
- [x] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
---------
Co-authored-by: Lucas Rodriguez <lucas@fleetdm.com>
# Checklist for submitter
https://github.com/fleetdm/fleet/issues/27003
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [x] Added/updated automated tests
- [ ] A detailed QA plan exists on the associated ticket (if it isn't
there, work with the product group's QA engineer to add it)
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Ian Littman <iansltx@gmail.com>
For #27281
This PR adds `/api/{version}/fleet/scim/details` endpoint, along with
some frontend fixes.
# Checklist for submitter
- [x] If database migrations are included, checked table schema to
confirm autoupdate
- For database migrations:
- [x] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [x] Confirmed that updating the timestamps is acceptable, and will not
cause unwanted side effects.
- [x] Ensured the correct collation is explicitly set for character
columns (`COLLATE utf8mb4_unicode_ci`).
- [x] Added/updated automated tests
- [x] A detailed QA plan exists on the associated ticket (if it isn't
there, work with the product group's QA engineer to add it)
- [x] Manual QA for all new/changed functionality
For #28018
some fixes for the UI of cancel activities including:
- showing proper error message
- correct permission checking for allowing users to cancel activity
- refresh all host details after lock or wipe command to get updated
host status.
For #27409 (unreleased bug)
# Checklist for submitter
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [x] Added/updated automated tests
- [x] Manual QA for all new/changed functionality
See
https://drive.google.com/file/d/1xg8DM97UJITA0vGUyoOd2esZRfehEgW7/view?usp=drive_link
I created and tested the fix before seeing the [comment in this
issue](https://github.com/fleetdm/fleet/issues/24417).
Feel free to merge the fix or close this out but I made this pull
request since we had another customer report this issue today.
For #27601
## Details
A couple of updates to the save/edit Query screens to bring them in line
with how save/edit Policy screens work, as described in [the
Figma](https://www.figma.com/design/LzGmucdJQgbQCuHMZhGKCM/-24097-Custom-targets--labels--for-policies?node-id=2-130&p=f&t=9iFB2FRnIkn98NSg-0):
* Moved platform selector out from under Advanced
* Use checkboxes for selecting platforms
* Disable Save button when no platforms are selected
* In the "Save new query" modal, pre-select the platforms that are
compatible with the query
## Testing
1. Add a new query with the SQL "SELECT * FROM privacy_preferences;".
Verify that only ChromeOS is checked in the modal when you click Save.
2. Verify that if you deselect ChromeOS (so that no platforms are
selected), the save button is disabled in the modal.
3. Select one or more platforms and save the query.
4. After saving the query, edit it and verify that the platforms you
selected are checked.
5. Verify that deselecting all platforms disables the edit button on the
Edit Query screen.
6. Select different platforms, save, and refresh to verify that the
platforms you selected were persisted.
For #27283
This includes the work to add the new users card on host details and
show the new idp information as well as google profiles and other
emails.
This includes:
**new user card on the host details and my device page**
**rework of the grid layout on the host page**
**removal of unneeded device mapping code on host details and my device
page**
I've changed how we are using the grid layout in CSS to better support
dynamic rendering content
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
- [ ] Added/updated automated tests
- [ ] Manual QA for all new/changed functionality
For #27276
# Details
This PR adds the ability to select labels when saving or editing a query
in the UI, so that the query will only target hosts with those labels.
It follows the API design from
https://github.com/fleetdm/fleet/pull/27196, utilizing the
labels_include_any and labels_exclude_any fields. The expectation is
that when creating or updating a query, labels_include_any and
labels_exclude_any are arrays of label names, and when fetching a single
query, they are arrays of objects with a name and an id key.
Other updates in this PR:
* Removed colons from various headings on the Save Policy Modal and Edit
Policy form
* Updated the "Delete label" text
* Removed "Policy runs on all hosts with these platforms." subheading
underneath the platform selector
* TargetLabelSelector component now has `suppressTitle` flag to turn off
the "Target" title.
For #27267.
Below is what's shown immediately after selecting an EXE:
<img width="1254" alt="image"
src="https://github.com/user-attachments/assets/a28d8565-de88-448a-bdbc-92aefc34ad55"
/>
TODO:
* Tests
* GitOps requirements changes
* Disabling add button/adding errors when required scripts aren't
specified
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [x] Added/updated automated tests
- [x] A detailed QA plan exists on the associated ticket (if it isn't
there, work with the product group's QA engineer to add it)
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Luke Heath <luke@fleetdm.com>
Co-authored-by: Noah Talerman <47070608+noahtalerman@users.noreply.github.com>
Co-authored-by: RachelElysia <rachel@fleetdm.com>
For #27581, #27584, #27612
contains a couple of fixes with editing CAs in UI:
- fix for only removing API token, password, or challenge inputs when
the user has not yet made a change to those fields.
- fix for sending empty array when UPN input is empty
- fix for error for private key
- fix when editing a digicert CA when UPN is set from gitops and is null
- [x] Manual QA for all new/changed functionality
For #27440
Updates showing the profile error message in os settings error cell to
show on a different error message from the API.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Added/updated automated tests
- [x] Manual QA for all new/changed functionality
For #26606
This makes a change to empty out the API token, Password, or Challange
inputs when other inputs on their form changes. This forces the user to
put in that value again so that their change can be authenticated.
For #24862
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
- [x] Added/updated automated tests
- [x] A detailed QA plan exists on the associated ticket (if it isn't
there, work with the product group's QA engineer to add it)
- [x] Manual QA for all new/changed functionality
## For #24950
- Track more granular host count data when running a live query/policy,
and return it in two new fields of each `"status"`-typed websocket
message
- On completion of live query/policy, display that granular data in a
tooltip in the UI
- Streamline and clarify frontend live query logic
- Update types and field names to better reflect the data they contain
and the sources from which that data is derived
- Add comments to clearly define what various fields of data represent
- Update heading copy rendered while live queries and policies are
running
###
[Demo](https://www.loom.com/share/ad1d64cf527f4fbc981df58ad581242f?sid=a0dc1269-a049-43c3-afdb-65c0bb946ece)
- [x] Changes file added for user-visible changes in `changes/`
- [x] A detailed QA plan exists on the associated ticket (if it isn't
there, work with the product group's QA engineer to add it)
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
For #27037
# Checklist for submitter
- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
## Details
This PR updates the UI to allow team admins and maintainers to create
labels, and to edit or delete labels that they created. They will not be
able to edit or delete labels created by other team admins or
maintainers, or by global admins. Global admins will still be able to
edit or delete any label.
## Testing
1. Log in a global user and create a new label
1. Create a team admin user
1. Verify that the team admin user can create a label
2. Verify that the team admin user can edit their own label
2. Verify that the team admin user can delete their own label
2. Verify that the team admin user cannot edit or delete the label
created by the global user
3. Create a team maintainer user
1. Verify that the team maintainer user can create a label
2. Verify that the team maintainer user can edit their own label
2. Verify that the team maintainer user can delete their own label
2. Verify that the team maintainer user cannot edit or delete the label
created by the global user
2. Verify that the team maintainer user cannot edit or delete the label
created by the team admin user
3. Verify that the team admin user cannot edit or delete the label
created by the team maintainer user
## For #26052
- Remove add policy modal from flow
- Update "Schema" links
- Add "Examples" link
- [x] Changes file added for user-visible changes in `changes/
- [x] A detailed QA plan exists on the associated ticket (if it isn't
there, work with the product group's QA engineer to add it)
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
For #26649
# Checklist for submitter
- [X] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
## Details
This PR adds the ability to select labels when saving or editing a query
in the UI, so that the query will only target hosts with those labels.
It follows the API design from
https://github.com/fleetdm/fleet/pull/26589, utilizing the
`labels_include_any` field. The expectation is that when creating or
updating a query, `labels_include_any` is an array of label names, and
when fetching a single query, `labels_include_any` is an array of
objects with a `name` and an `id` key.
As part of this work the `TargetLabelSelector` component is updated to
allow it to show a message in place of the dropdown when there are no
custom options (e.g. "include any", "include all", "exclude any") to
choose from.
For #26719
Set of updates based on feedback on the GitOps mode.
- [X] On settings/teams/users, keep "Add user" button and "Actions"
dropdown enabled
- [X] Enable buttons on /settings/integrations/mdm/apple
- [x] Disable form fields (no tooltip) + save button (w/ tooltip) on
/controls/setup-experience/end-user-auth
- [x] Disable "Edit" and "Delete" actions w/ tooltip on software detail
page
- [x] Update Org Settings -> Advanced options to only disable items
available in gitops
- Domain
- Verify SSL certs
- Enable STARTTLS
- [x] Disable adding fleet maintained apps
## Details
Quick fix to an issue where when a team admin attempted to via an
inherited policy, they would encounter an eternal spinner / flickering
page. The issue stemmed from a reload cycle being set off by the stored
policy being returned with a team ID of `null`, and existing code that
works around the fact that the `useTeamId` hook modifies the router
state.
## Testing
1. Create an All Teams policy on an instance with at least one team
2. Create an admin for the team
3. Log in as the team admin
4. Go to Policies page, select the team from the dropdown, click on the
inherited policy in the list to view its details.
On main, the details never load. On this branch, they do.
## For #23830
No labels state –> label present state in 4 places:
- [x] Changes file added for user-visible changes in `changes/`
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
For #26976.
<img width="384" alt="image"
src="https://github.com/user-attachments/assets/8d057ec2-c3b0-45d1-bb8c-9745b426e27d"
/>
An example of such a browser would be an email link scanner, so this
*should* fix cases where link-scanning was redeeming the MFA link before
the intended user could get to it. Real users can still click through if
they wind up on this page, e.g. if they logged in with a different
browser than the one used to open the MFA link.
Users redeeming MFA with the same browser that initiated the login skp
the button and redeem/land on the dashboard automatically.
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [x] A detailed QA plan exists on the associated ticket (if it isn't
there, work with the product group's QA engineer to add it)
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Rachael Shaw <r@rachael.wtf>
For #26856. Confirmed that this attribute only affects the warning
message so it's safe to remove here.
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] A detailed QA plan exists on the associated ticket (if it isn't
there, work with the product group's QA engineer to add it)
- [x] Manual QA for all new/changed functionality
Deploying Windows MDM with a customer and ran into some snags and
documentation diff. Updating here but also plan to write and article
about this in greater detail.
---------
Co-authored-by: Ian Littman <iansltx@gmail.com>
