Commit graph

51 commits

Author SHA1 Message Date
Ian Littman
8e4e89f4e9
API + auth + UI changes for team labels (#37208)
Covers #36760, #36758.

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)

## Testing

- [x] Added/updated automated tests
- [x] Where appropriate, [automated tests simulate multiple hosts and
test for host
isolation](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/reference/patterns-backend.md#unit-testing)
(updates to one hosts's records do not affect another)

- [ ] QA'd all new/changed functionality manually
2025-12-29 21:28:45 -06:00
Victor Lyuboslavsky
5ee9c0c809
Refactoring common mysql (#26367)
For #26218 

Refactoring android/mysql/testing_utils.go to remove duplication with
main mysql package.
No functional changes.

# Checklist for submitter

- [x] Manual QA for all new/changed functionality
2025-02-18 15:28:54 -06:00
Victor Lyuboslavsky
722608318e
Minor fixes from analyzing test results (#23260)
Newlines improve test result parsing.

Extra `t.Parallel()` calls removed in subtest since parent test and
package are already parallelized.
2024-10-25 15:57:51 -05:00
Roberto Dip
a794bd29a5
Fixed a bug when a cached prepared statement gets deleted in the MySQL server (#21219)
for #20781, I found this hard to reproduce, but apparently can happen in
AWS Aurora when the server is upgraded under the hood.

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

<!-- Note that API documentation changes are now addressed by the
product design team. -->

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
2024-08-09 11:59:24 -03:00
Tim Lee
0e9705fdf7
Add No Team to Software Backend (#20822) 2024-07-30 11:19:05 -06:00
Roberto Dip
1cc13a09fb
🧹 friday cleanup party: substitute deprecated import of go-kit (#19774)
`go-kit/kit/log` was deprecated and generating warnings

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

<!-- Note that API documentation changes are now addressed by the
product design team. -->

- [x] Manual QA for all new/changed functionality
2024-06-17 10:27:31 -03:00
Victor Lyuboslavsky
f761827850
Move CalculateAggregatedPerfStatsPercentiles reads to the replica (#19206)
Move CalculateAggregatedPerfStatsPercentiles reads to the replica
#18838

I manually tested the aggregated query stats change by using a read
replica.
https://github.com/fleetdm/fleet/blob/main/tools/mysql-replica-testing/README.md
- But set `master_delay=0` due to issue
https://github.com/fleetdm/fleet/issues/19272
- Run a saved query as a live query, and see that its stats in
`aggregated_stats` table are updated.


# Checklist for submitter
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
2024-05-31 07:08:31 -05:00
Roberto Dip
987b64a0c7
update to go1.22.3 + dependencies (#19142)
For #16795, this:

- Updates Go to go1.22.3
- Per
https://github.com/fleetdm/fleet/issues/16795#issuecomment-2100450618, I
also ran the following to update the versions requested by @getvictor

```
go get github.com/kataras/golog@v0.1.12
go get github.com/kataras/iris/v12@v12.2.11
go get github.com/sethvargo/go-password@v0.3.0
```

**Notes**

After this is merged people will need to update their Go version. I use
gvm and I did it like:

```
$ gvm install go1.22.3
$ gvm use go1.22.3 --default
```

**Relevant changes**

The release notes mention:

> Previously, the variables declared by a “for” loop were created once
> and updated by each iteration. In Go 1.22, each iteration of the loop
> creates new variables, to avoid accidental sharing bugs.

However, we already have a lint rule (see
https://github.com/fleetdm/fleet/pull/13877) for this scenario, so it
shouldn't affect us.
2024-05-23 16:23:38 -03:00
Roberto Dip
0be9f085b0
batch set declarations as pending when they're uploaded (#17876)
#17685
2024-03-27 10:44:22 -03:00
Gabriel Hernandez
119d1df76f
add permission check to software titles/versions endpoints (#16561)
relates to #16052

This adds a team permission check the `GET software/titles/:id`
endpoint. If the user should not be able to get the software title if it
is not on a host that is on the same team as the user (e.g. software
title 1 is on host 1, which is on team 1. A user who is only on team 2
should get a 403 response)

The UI is also updated to show the access denied error page when the we
receive a 403 response for the software title

<!-- Note that API documentation changes are now addressed by the
product design team. -->

- [x] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality

---------

Co-authored-by: Roberto Dip <dip.jesusr@gmail.com>
Co-authored-by: Roberto Dip <me@roperzh.com>
2024-02-15 17:22:27 -03:00
Martin Angers
9082438580
Feature: Remote Lock for macOS, Windows and Linux (#16783)
Feature branch for the #9949  story.

---------

Co-authored-by: Jahziel Villasana-Espinoza <jahziel@fleetdm.com>
Co-authored-by: Roberto Dip <me@roperzh.com>
Co-authored-by: Gabriel Hernandez <ghernandez345@gmail.com>
Co-authored-by: Sarah Gillespie <sarah@fleetdm.com>
2024-02-13 13:03:53 -05:00
Roberto Dip
5629b271d0
fix profile verification for windows and macos (#16705)
for #16675
2024-02-09 15:06:36 -03:00
Martin Angers
2e8da551d0
Custom email device-mapping: implement the CLI (fleetd + fleetctl) changes (#15763)
Co-authored-by: Sarah Gillespie <73313222+gillespi314@users.noreply.github.com>
2023-12-21 11:22:59 -06:00
Victor Lyuboslavsky
ea47ebfb32
Enabled support and validation of 'after' parameter for several endpoints (#15047)
Loom explaining changes:
https://www.loom.com/share/f05f241a77304c19bc6ba1d0702c7bd8?sid=ea86b282-0bda-4ba4-a6cf-4520f0db610d

#14571 

Enabled support and validation of 'after' parameter for the following
endpoints:
- GET /api/v1/fleet/carves

Setting 'after' parameter no longer returns SQL syntax error for the
following endpoints:
- GET /api/v1/fleet/carves
- GET /api/v1/fleet/invites
- GET /api/v1/fleet/labels
- GET /api/v1/fleet/packs
- GET /api/v1/fleet/global/policies
- GET /api/v1/fleet/teams/{id}/policies
- GET /api/v1/fleet/queries
- GET /api/v1/fleet/packs/{id}/scheduled
- GET /api/v1/fleet/teams
- GET /api/v1/fleet/users

API doc changes PR: https://github.com/fleetdm/fleet/pull/15061

- [x] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality

---------

Co-authored-by: Rachael Shaw <r@rachael.wtf>
2023-11-09 13:18:29 -06:00
Martin Angers
96aec85a0a
Add mechanism to force read from primary DB, use it for puppet matching (#12396) 2023-06-19 13:55:15 -04:00
Benjamin Edwards
f2ffb88cc3
wildcard host search support (#11303)
relates to #9996 

Added support for wildcard search on host search.

say for example you have the following hosts:

```
+------------------+
|hostname          |
+------------------+
|Molly‘s MacbookPro|
|Molly's MacbookPro|
|Molly‘s MacbookPro|
|Molly❛s MacbookPro|
|Molly❜s MacbookPro|
|Alex's MacbookPro |
+------------------+
```

searching for `Molly's` yields just the single host, but searching for
`Molly❜s` will perform a broader wildcard search using the literal `_`
character to match any character _in that position_.

- [X] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [X] Added/updated tests
2023-05-18 10:01:57 -04:00
Martin Angers
fa695cef34
Fix server URL for hosts enrolled in Fleet MDM (#9952) 2023-02-20 12:16:56 -05:00
Gabriel Hernandez
7d4653baaa
add attribute to GET /activities endpoint with pagination metadata (#9279)
relates to https://github.com/fleetdm/fleet/issues/8928

This adds a new `meta` attribute to the "GET /activities" endpoint that
includes pagination metadata. This can allow clients to know if there
are additional items to request.


- [x] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [x] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
2023-01-18 12:57:11 +00:00
gillespi314
94dd1c3745
Ingest pending MDM hosts (#9065)
Co-authored-by @roperzh
2022-12-26 15:32:39 -06:00
gillespi314
6fb3a87ae9
Enable errcheck linter for golangci-lint (#8899) 2022-12-05 16:50:49 -06:00
Frank Sievertsen
e9f7066d87
7135 host display name (#7873) 2022-10-08 08:57:46 -04:00
Michal Nicpon
e3e17f3389
Fix double quote usage in sql query (#6707) 2022-07-20 10:10:03 -06:00
gillespi314
b4ffec10db
Remove skipLoadingExtras and includeCVEScores from GetHost and HostByIdentifier methods (#5874) 2022-05-25 11:30:03 -05:00
Roberto Dip
2c23cb5f24
fix mysql tests by with a regexp assertion of possible error messages (#5444)
this fixes #5377 by asserting that the error message starts with "tsl" or "x509" as either of the strings represent the same error depending on the mysql version.

we should refactor the code to avoid checking on the error messages and probably use different error types instead.
2022-04-29 09:31:58 -03:00
Tomas Touceda
cf529e70cf
Issue 3173 debug status processlist (#4009)
* Add innodb status and process list

* Make json output a bit prettier

* Add changes file

* fix lint issues
2022-02-03 14:56:22 -03:00
Zach Wasserman
bda2ef0ca0
Fix regex matching email in host search (#3539)
Fixes #3528
2021-12-31 09:16:25 -08:00
Martin Angers
1e2059585a
Add support for google chrome profiles (#3423) 2021-12-21 15:36:19 -05:00
Lucas Manuel Rodriguez
d0765cb9ee
Do not exit on serve/prepare if there are unknown migrations (#3262)
* Do not exit on serve/prepare if there are unknown migrations

* PR review changes
2021-12-08 19:50:00 -03:00
Lucas Manuel Rodriguez
0642bfdb1d
Add fleetctl debug migrations command to get missing migrations (#2967)
* Add fleetctl command to get missing migrations

* Fix copy paste and lint

* Detect migrations applied out of order

* Add extra bullet to changes

* Trigger creation of migration status tables

* Fix unit tests

* PR fixes

* PR comment fixes
2021-11-22 14:06:12 -03:00
Tomas Touceda
887e42650b
Further optimize host select with policies (#3013)
* Further optimize host select with policies

* Add missing row close

* Improve migration

* Skip migration if column already exists

* Add test for host with/without extras
2021-11-18 14:36:35 -03:00
Martin Angers
45168bed1d
Remove deprecated app_configs table (#2884) 2021-11-15 09:34:51 -05:00
Martin Angers
3ae57a0242
Create errors with ctxerr, add the call to store them in redis (#2786) 2021-11-15 09:11:38 -05:00
Martin Angers
b57b64ccb2
Add total and per platform counts to host summary endpoint (#2845) 2021-11-09 09:35:36 -05:00
Tomas Touceda
2033d8208c
Add policy updated at (#2246)
* wip

* Add policy updated at interval and update the UI to use that

* Update rest api

* Fix tests
2021-09-27 16:27:38 -03:00
Martin Angers
d956ca1bec
Use the context in the Datastore layer. (#2030) 2021-09-14 10:44:02 -04:00
Martin Angers
4f4185372d
Add support for context in datastore/mysql layer (#1962)
This is just to pass down the context to the datastore layer, it doesn't
use it just yet - this will be in a follow-up PR.
2021-09-14 08:11:07 -04:00
Tomas Touceda
7c34956d31
Add coverage to uncovered mysql code (#1855)
* Add coverage to uncovered mysql code

* Add deleted method and update mock

* Fix test
2021-09-07 13:48:04 -03:00
Martin Angers
3755a58070
Add support for MySQL read replicas (#1786)
Adds configuration options to use a read-only MySQL replica,
and uses it instead of the primary for reads.
2021-09-01 15:50:52 -04:00
Tomas Touceda
a8642493ad
Add global policies (#1750)
* Add global policies

* Update documentation and add extra parameter to config

* Fix failing tests

* Store historic policy records

* Address review comments

And also remove other inmem references I saw by chance

* Add documentation for get by id request

* Add parameter doc

* Move schema generation to a cmd instead of a test

Otherwise it messes up running all tests sometimes depending on how parallel it does

* Remove brain dump for another task

* Make migration tests a separate beast

* Make schema generation idempotent and move dbutils cmd to tools

* Allow all filters and add counts to Policy

* Add test for Policy
2021-08-24 17:24:52 -03:00
Tomas Touceda
b7a65e920a
Remove orphan host_software and software before adding fk constriants (#1760) 2021-08-23 13:42:43 -03:00
Tomas Touceda
c6c63ab12a
Refactor app config (POC, for now) (#1685) 2021-08-20 12:27:41 -03:00
Tomas Touceda
a6cff7ea89
Migrate all mysql tests to the new form (#1408)
* Migrate all mysql tests to the new form

* Only dump sql if MYSQL_TEST is on

* Removing parallel until we get rid of this code

* Move TestMain to an actual _test file

* A little experiment with tmpfs to speed up the db

* Let's make sure the dump.sql file is also in ram
2021-07-19 18:20:31 -03:00
Zach Wasserman
c5280c0517
Add v4 suffix in go.mod (#1224) 2021-06-25 21:46:51 -07:00
Zach Wasserman
fb32f0cf40
Remove kolide types and packages from backend (#974)
Generally renamed `kolide` -> `fleet`
2021-06-06 15:07:29 -07:00
Zach Wasserman
8ee47f8b23
Add support for Teams in targets and live queries (#880)
- Accept Teams as a searchable target type for the target selection API.
- Accept Teams for targets in running live queries.
- Refactoring to support these changes.
- Update API documentation.
2021-05-27 13:18:00 -07:00
Zach Wasserman
76f8d59290
Refactor usage of null values in Teams models (#863)
- Use pointers rather than null package types.
- Use new internal ptr package.
- Improved handling of changing user teams/roles.
2021-05-25 15:46:46 -07:00
Zach Wasserman
15b81824f5
Filter query page API responses based on team membership (#850)
- Include only hosts that the user has access to in search targets API.
- Add parameter to specify whether `observer` hosts should be included.
- Generate counts based on which hosts user can access.
- Update API doc.
2021-05-24 21:34:08 -07:00
Zach Wasserman
505d53b02b
Refactor MySQL tests into package mysql (#586)
Moving the tests into the package allows the coverage tool to function properly.
2021-04-05 11:04:53 -07:00
Zach Wasserman
db3c73d619
Test and correct semantics for MySQL withRetryTxx (#488)
- Differentiate retryable vs. non-retryable errors.
- Test functionality against mocked DB.
2021-03-17 11:23:52 -07:00
Zach Wasserman
cca4802642
Add support for query parameter in list hosts endpoint (#327)
Uses a LIKE clause to search for hosts matching the query against
columns `host_name`, `uuid`, `hardware_serial`, and `primary_ip`.

Introduces the `searchLike` helper to add the appropriate filters to the
SQL query.
2021-02-16 16:53:42 -08:00