1386 commits

Author	SHA1	Message	Date
RachelElysia	e13644d664	Fleet UI: New manage query automations modal (#12747)	2023-07-18 17:10:45 -04:00
RachelElysia	a45edfdffa	Fleet UI: New edit query page (#12777)	2023-07-18 16:58:52 -04:00
Jacob Shandling	1d6870f0a7	UI: Update the save query modal with scheduling-related fields (#12741) ... ## Addresses #12646 ### See issue for list of completed work  ### Also see PR #12713 **notes for review** on that PR for help manually testing this work in lieu of the completed API. - [x] Changes file added for user-visible changes in `changes/` - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Jacob Shandling <jacob@fleetdm.com>	2023-07-17 14:09:59 -07:00
Jacob Shandling	7ff4b77fb9	UI: Merge scheduling functionality into queries page (#12713) ... ## Addresses #12636 ### See issue for list work done   ### Notes for review: - Because other work is based on this branch, TODOs / fixes are noted here until the team comes to a strategy for merging all of the work: - Add missing space in the Performance impact column "Undetermined" tooltip text - I'm having trouble confirming that the inherited queries table is working right with the mock hard-coded data, though I did see it working correctly previously. There's an issue with the page reverting to "All teams" when trying to show the inherited table, though it does show the table before re-rendering. - This work is organized clearly by commit, so that might be a manageable way to go through this code. - Since the updated API for this work is not yet complete, this work can be manually tested by either: - Using mock API infrastructure, or - in `ManageQueriesPage.tsx`, comment out the two `useQuery` calls and add appropriate mock data. You can then modify any fields of interest to test their related UI functionality. For example, lines 119 -242 might read: ``` // const { // data: curTeamEnhancedQueries, // error: curTeamQueriesError, // isFetching: isFetchingCurTeamQueries, // refetch: refetchCurTeamQueries, // } = useQuery<IListQueriesResponse, Error, IEnhancedQuery[]>( // [{ scope: "queries", teamId: teamIdForApi }], // () => queriesAPI.loadAll(teamIdForApi), // { // refetchOnWindowFocus: false, // enabled: isRouteOk, // select: (data) => data.queries.map(enhanceQuery), // } // ); // // If a team is selected, fetch inherited global queries as well // const { // data: globalEnhancedQueries, // error: globalQueriesError, // isFetching: isFetchingGlobalQueries, // refetch: refetchGlobalQueries, // } = useQuery<IListQueriesResponse, Error, IEnhancedQuery[]>( // [{ scope: "queries", teamId: -1 }], // () => queriesAPI.loadAll(), // { // refetchOnWindowFocus: false, // enabled: isRouteOk && isAnyTeamSelected, // select: (data) => data.queries.map(enhanceQuery), // } // ); const [ curTeamEnhancedQueries, curTeamQueriesError, isFetchingCurTeamQueries, refetchCurTeamQueries, ] = useMemo(() => { return [ [ { created_at: "2023-06-08T15:31:35Z", updated_at: "2023-06-08T15:31:35Z", id: 2, name: "test", description: "", query: "SELECT * FROM osquery_info;", team_id: 43, platform: "darwin", min_osquery_version: "", automations_enabled: true, logging: "snapshot", saved: true, // interval: 300, interval: 0, observer_can_run: false, author_id: 1, author_name: "Jacob", author_email: "jacob@fleetdm.com", packs: [], stats: { // system_time_p50: 1, // system_time_p95: null, // user_time_p50: 1, // user_time_p95: null, // total_executions: 1, }, performance: "Undetermined", platforms: ["darwin"], }, ] as IEnhancedQuery[], undefined, false, () => { console.log("got the new queries"); }, ]; }, []); const [ globalEnhancedQueries, globalQueriesError, isFetchingGlobalQueries, refetchGlobalQueries, ] = useMemo(() => { return [ [ { created_at: "2023-06-08T15:31:35Z", updated_at: "2023-06-08T15:31:35Z", id: 200, name: "test", description: "", query: "SELECT * FROM osquery_info;", team_id: null, platform: "darwin", min_osquery_version: "", automations_enabled: true, logging: "snapshot", saved: true, // interval: 300, interval: 0, observer_can_run: false, author_id: 1, author_name: "Jacob", author_email: "jacob@fleetdm.com", packs: [], stats: { // system_time_p50: 1, // system_time_p95: null, // user_time_p50: 1, // user_time_p95: null, // total_executions: 1, }, performance: "Undetermined", platforms: ["darwin"], }, ] as IEnhancedQuery[], undefined, false, () => { console.log("got the new inherited queries"); }, ]; }, []); ``` - [x] Changes file added for user-visible changes in `changes/` - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Jacob Shandling <jacob@fleetdm.com>	2023-07-13 12:11:11 -07:00
Gabriel Hernandez	9aa7c0c714	add dark and light background logo colors and show them on mdm migrat… (#12681)	2023-07-13 19:35:25 +01:00
Juan Fernandez	bfe6a5c3ad	Invalid policies should be ignored in the desktop endpoint (#12523) ... Updated the `/desktop` endpoint to ignore invalid policies	2023-07-13 14:13:36 -04:00
RachelElysia	93a03ad216	Fleet UI: Observer plus can run any custom query (#12749)	2023-07-13 14:02:15 -04:00
Roberto Dip	eb75e303ec	change how team assignment works for the Puppet module (#12566) ... For #12532, all details of how this works/why is done are in the issue description.	2023-07-13 15:00:45 -03:00
Roberto Dip	53f0e281bf	set DeferForceAtUserLoginMaxBypassAttempts in FV profile (#12729) ... Related to #12608, this automatically sets the `DeferForceAtUserLoginMaxBypassAttempts` property to `1` on the FileVault profile that's generated by Fleet. This changeset also includes a migration to modify old FileVault profiles that already exist in the database, and by virtue of that a `InstallProfile` command will be issued to hosts that already have FV enabled. During testing we found: 1. This doesn't affect users with FV already installed, they silently get the profile updated without any changes. 2. Since the profile needs to be re-delivered, it'll go through the full "pending" -> "verifying" -> "verified" cycle.	2023-07-13 11:54:05 -03:00
Luke Heath	a001fbf3ec	Prepare v4.34.0 (#12706)	2023-07-11 14:38:57 -07:00
Marcos Oviedo	a49e980394	Windows MDM identity certs missing check (#12702) ... This is related #12701 # Checklist for submitter If some of the following don't apply, delete the relevant line. - [X] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. - [X] Manual QA for all new/changed functionality	2023-07-10 17:36:17 -03:00
Marcos Oviedo	96449dd47b	Adding support for RequestSecurityToken messages - Windows MDM enroll endpoint (#12555) ... This relates to #12263 # Checklist for submitter If some of the following don't apply, delete the relevant line. - [X] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [X] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [X] Added/updated tests --------- Co-authored-by: Roberto Dip <me@roperzh.com>	2023-07-05 10:06:37 -03:00
Juan Fernandez	91f048e98a	Fixed iCloud false positives (#12551) ... Added new type `CPEMatchingRule` used for fixing false positives caused by 'bad' entries in the NVD dataset.	2023-06-30 13:05:34 -04:00
Luke Heath	cc8a2d0605	Prepare v4.33.1 (#12417)	2023-06-30 09:49:50 -07:00
Roberto Dip	5ddd940cb8	ensure profiles and commands are delivered when MDM is turned on (#12580) ... Related to #12482 and #12453, this cleans up Fleet tables that track profile and bootstrap package status on re-enrollment.	2023-06-30 12:30:49 -03:00
Roberto Dip	4b139245cb	only show Nudge to hosts with MDM features turned on (#12588) ... For #12582	2023-06-30 12:29:27 -03:00
gillespi314	83746aa130	Fix UI bug in host software table search (#12590)	2023-06-30 10:17:37 -05:00
Gabriel Hernandez	0ce66b952d	add org support url input to org info form (#12591) ... relates to #12568 adds the missing org support URL input on the settings page org info form.  - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Manual QA for all new/changed functionality	2023-06-30 16:08:26 +01:00
Lucas Manuel Rodriguez	810eb58b95	macOS CIS: Use find command (exposed as fleetd table) instead of relying on the osquery core file table (#12560) ... #10292, #12554 When scanning tens of thousands of files for permissions, using the `find` command exposed as a fleetd table is more performant than trying to use the `file` table. This change caused the watchdog to *stop* killing osquery because of exceeding memory or CPU limit. - [X] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - ~[ ] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md)~ - ~[ ] Documented any permissions changes~ - ~[ ] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements)~ - ~[ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for new osquery data ingestion features.~ - [X] Added/updated tests - [X] Manual QA for all new/changed functionality - For Orbit and Fleet Desktop changes: - [X] Manual QA must be performed in the three main OSs, macOS, Windows and Linux. - ~[ ] Auto-update manual QA, from released version of component to new version (see [tools/tuf/test](../tools/tuf/test/README.md)).~	2023-06-29 16:22:41 -03:00
Gabriel Hernandez	9f3331ef94	Fix word wrapping on TruncatedTextCell tooltip (#12567) ... relates to #12473 Fixes ui bug where the wrapping text on a tooltip in TruncatedTextCell did not display properly. I fixed this by adding a prop to the component `tooltipBreakOnWord` which allows devs to configure if the tooltip breaks on a word, or by default on any character. **Breaking on a word:**  **Breaking on any character (default behaviour):**  - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Manual QA for all new/changed functionality	2023-06-29 17:04:25 +01:00
RachelElysia	e04e349baf	Fleet UI: Clean up query/policy targets dropdown styling (#12557)	2023-06-28 18:18:43 -07:00
Martin Angers	f641c3ec57	Add activities when Windows MDM is turned on/off (#12533)	2023-06-28 12:53:46 -04:00
Gabriel Hernandez	36ca97ff2a	Feat UI activities for windows mdm (#12552) ... relates to #12289 Implements enable and disable Windows mdm activity UI - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. - [x] Manual QA for all new/changed functionality	2023-06-28 17:28:17 +01:00
Jacob Shandling	569bf15fa5	UI - remove extra loading Spinner from Software page (#12519) ... ## Addresses #11355, pt.1 (pt. 2 already fixed) # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/` - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Jacob Shandling <jacob@fleetdm.com>	2023-06-28 08:57:02 -07:00
Roberto Dip	78cc59e690	lowercase DisplayName attributes when reading SSO response (#12545) ... this is to accommodate providers like [Okta][1] that send the user's full name as an attribute named `displayName` [1]: https://developer.okta.com/docs/reference/api/users/#default-profile-properties	2023-06-28 12:19:13 -03:00
Martin Angers	1db2f7646a	Implement Windows MDM programmatic unenrollment (notification + orbit trigger) (#12505)	2023-06-28 09:13:37 -04:00
Martin Angers	e323a3d881	Consider an empty EULA pdf file the same as an invalid one, returning 400 Bad Request (#12542)	2023-06-28 08:19:42 -04:00
Marcos Oviedo	821f6b064f	Adding support for GetPolicies message (#12477) ... This relates to #12262 - [X] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [X] Added/updated tests - [X] Manual QA for all new/changed functionality	2023-06-27 12:59:33 -03:00
Lucas Manuel Rodriguez	feb4e65be6	Optimize macOS CIS query 5.1.5 (#12506) ... #10292 The query was processing *every* file under `/Applications/`, which makes it super expensive both in CPU usage and Memory footprint. This query was the main culprit of triggering worker process kills by the watchdog. On some runs it triggered CPU usage alerts: ``` 7716:W0623 15:38:05.402959 221732864 watcher.cpp:415] osqueryd worker (72976) stopping: Maximum sustainable CPU utilization limit 1200ms exceeded for 12 seconds ``` And on other runs it triggered memory usage alerts: ``` 4431 W0626 07:28:50.868021 147312640 watcher.cpp:424] osqueryd worker (21453) stopping: Memory limits exceeded: 214020096 bytes (limit is 200MB) ``` For the above logs I used a custom osqueryd branch to be able to print more information: https://github.com/osquery/osquery/pull/8070 The metrics for the old query were CPU usage: ~4521 ms ``` 435:level=warn ts=2023-06-26T09:58:29.665712Z query=fleet_policy_query_1233 queryTime=4521 memory=12226560 msg="distributed query performance is excessive" hostID=308 platform=darwin ``` With the new query, CPU usage: ~210 ms. ``` 23893:level=debug ts=2023-06-26T18:06:08.242456Z query=fleet_policy_query_1233 queryTime=210 msg=stats memory=0 hostID=308 platform=darwin ``` Basically a ~20x improvement. - [X] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - ~[ ] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md)~ - ~[ ] Documented any permissions changes~ - ~[ ] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements)~ - ~[ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for new osquery data ingestion features.~ - ~[ ] Added/updated tests~ - [X] Manual QA for all new/changed functionality - For Orbit and Fleet Desktop changes: - ~[ ] Manual QA must be performed in the three main OSs, macOS, Windows and Linux.~ - ~[ ] Auto-update manual QA, from released version of component to new version (see [tools/tuf/test](../tools/tuf/test/README.md)).~	2023-06-27 11:06:26 -03:00
Gabriel Hernandez	792e9c7cd1	turn on/off windows mdm from the fleet UI (#12497) ... relates to #12258 Implements turning on and off windows MDM from the Fleet UI. **On UI:**   **Off UI:**   - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Manual QA for all new/changed functionality	2023-06-26 17:54:34 +01:00
Martin Angers	ca02abb660	Trigger Windows MDM host enrollment on device when notified that it is enabled (#12426)	2023-06-26 12:13:17 -04:00
Martin Angers	8b95155ae2	Add mdm_enabled field to response of PATCH /config (#12498)	2023-06-26 09:16:42 -04:00
Jacob Shandling	2855bc8f7f	ChromeOS privacy_preferences table (#12441) ... ## Addresses #11037 ### Implement the `privacy_preferences` table for the Fleetd Chrome extension. Columns correspond to the available properties of [`chrome.privacy`](https://developer.chrome.com/docs/extensions/reference/privacy/). Chrome on mac: <img width="816" alt="Screenshot 2023-06-23 at 11 55 21 AM" src="https://github.com/fleetdm/fleet/assets/61553566/a4700749-6325-442e-acf2-c14b1c9adf8f"> Chromebook with enterprise access (actual use case):  * Chromebook w/o enterprise access: as you can see, sometimes certain APIs are not available - this error occurs because the expected API object that would have a `get` method is actually `undefined` TODO – How to handle this case given that we want to let errors bubble up to the level at which Fleet can catch them? Maybe it would be nice to catch such errors and send them up to the Fleet layer, and still allow the loop to continue to populate the columns whose APIs _are_ available. _Decision: catch API errors here to preserve functionality of the remaining columns_  - [x] Changes file - [x] Manual QA --------- Co-authored-by: Jacob Shandling <jacob@fleetdm.com>	2023-06-23 14:52:16 -07:00
Marcos Oviedo	22bb16bf2e	Pushing initial support for MS-MDE2 Discovery message (#12387) ... This PR requires the Windows MDM configuration changes - This will be updated next week - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [x] Documented any permissions changes - [X] Added/updated tests - [X] Manual QA for all new/changed functionality - For Orbit and Fleet Desktop changes:	2023-06-22 17:31:17 -03:00
gillespi314	dfd16a1ef6	Add transferred hosts to activity feed UI (#12442)	2023-06-22 11:01:42 -05:00
RachelElysia	acf44e5737	Fleet UI: [tiny bug] Fix weird scroll behavior (#12435)	2023-06-22 08:24:57 -07:00
Gabriel Hernandez	69fdbc1949	add better messaging for ABM 400 error (#12425) ... relates to #11932 This improves the UI error messaging for AMB 400 errors  - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Manual QA for all new/changed functionality - For Orbit and Fleet Desktop changes: - [ ] Manual QA must be performed in the three main OSs, macOS, Windows and Linux. - [ ] Auto-update manual QA, from released version of component to new version (see [tools/tuf/test](../tools/tuf/test/README.md)).	2023-06-22 15:08:21 +01:00
Juan Fernandez	0c172c85c3	SSO Metadata URL can only be https/http (#12388) ... When setting up SSO, validate that the Metadata URL has the proper scheme.	2023-06-22 08:17:37 -04:00
Juan Fernandez	d70ae633c0	Return proper status code if SMTP conf is invalid (#12389) ... When setting up SMTP return the proper status code if config is invalid.	2023-06-21 14:40:26 -04:00
Juan Fernandez	d08cc18111	Don't analyze non-windows OS using the MSRC scanner (#12421) ... Don't analyze non-windows OS using the MSRC scanner	2023-06-21 14:19:55 -04:00
gillespi314	8cc7d38300	Mark "verifying" or "verified" MDM profiles as "failed" if osquery cannot confirm they are installed (#12414)	2023-06-21 13:00:49 -05:00
RachelElysia	54e811f44f	Fleet UI: [tiny bug] See software search and vuln dropdown when no vuln software (#12412)	2023-06-21 09:15:25 -04:00
RachelElysia	65bca34825	Fleet UI: [tiny bug] Copy message (#12411)	2023-06-21 09:14:47 -04:00
Martin Angers	1c249b60da	Add support to configure and enable Windows MDM, notify elegible hosts (#12340)	2023-06-20 14:06:45 -04:00
RachelElysia	2c45d25ad3	Fleet UI: Empty software SVG update (effort to fix broken image in Sandbox) (#12378)	2023-06-19 15:41:04 -04:00
Martin Angers	96aec85a0a	Add mechanism to force read from primary DB, use it for puppet matching (#12396)	2023-06-19 13:55:15 -04:00
RachelElysia	2efb48ee0c	Fleet UI: Clean up dashboard loading state (#12395)	2023-06-19 12:08:33 -04:00
RachelElysia	39a60e037e	Fleet UI: Variable Fleet URL for ChromeOS extension (#12393)	2023-06-19 11:28:11 -04:00
RachelElysia	eefd81233f	Fleet UI: Hiding tables and columns from the UI if they are set to hidden (#12298)	2023-06-16 11:38:52 -04:00
Lucas Manuel Rodriguez	bac309c978	Provide feedback to user in fleetctl login when using env vars (#12371) ... Issue reported by @jarodreyes. The user was not informed that `fleetctl login` was using the PASSWORD environment variable: `main`: ```sh export PASSWORD=wrong fleetctl login Log in using the standard Fleet credentials. Email: a@b.c Error: Login failed: login received status 401 Authentication failed: Authentication failed ``` And with the changes on this PR: ``` export PASSWORD=wrong fleetctl login Log in using the standard Fleet credentials. Email: a@b.c Using value of environment variable $PASSWORD as password. Error: Login failed: login received status 401 Authentication failed: Authentication failed ```	2023-06-16 11:42:04 -03:00