Haven't fully QA'd as I am not sure how to repro locally(when I test the
pubsub arrives before we ever run the reconciler) however this should
cause 4xx to be returned from the website instead of 5xx for android
unenrolled. We use the exact same code on a different endpoint
<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** Resolves#34988 partially. This just helps reduce
alerts to help-p1 and implements the interface that the server is
expecting
<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** Resolves#34299
Unreleased bug in Android Config profiles 4.75.0 feature. No changes
file as such. I'm not entirely sure how to cause this as I was unable to
repro it locally, there may be a timing issue or something, so I haven't
fully QA'd manually. QA was limited to verifying basic reconciler
functionality
Also updated Website endpoint to not throw a 5XX since we expect this to
occasionally happen
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [x] If paths of existing endpoints are modified without backwards
compatibility, checked the frontend/CLI for any necessary changes
## Testing
- [x] Added/updated automated tests
- [x] Where appropriate, [automated tests simulate multiple hosts and
test for host
isolation](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/reference/patterns-backend.md#unit-testing)
(updates to one hosts's records do not affect another)
- [ ] QA'd all new/changed functionality manually
For unreleased bug fixes in a release candidate, one of:
- [x] Confirmed that the fix is not expected to adversely impact load
test results
Related to: https://github.com/fleetdm/fleet/issues/33266
Changes:
- Added a new helper
`sails.helpers.androidProxy.getIsEnterpriseManagedByFleet`. This helper
returns `true` if a provided Android Enterprise ID is present in the
list of all Android Enterprises managed by Fleet, or `false` if it is
not in the list.
- Updated `create-android-enrollment-token`,
`create-android-signup-url`, and `modify-android-policies` to return a
404 response to the requesting Fleet instance if their Android
Enterprise is not managed by Fleet.
Closes: https://github.com/fleetdm/fleet/issues/31506
Changes:
- Updated the `create-android-enterprise` action to return a 409
response if a database record already exists for the Android enterprise.
Closes#30935
Changes:
- Updated created-android-signup-url to return a bad request response if
a provided callback URL cannot be used to create an Android Enterprise
signup URL.
Related to: https://github.com/fleetdm/fleet/issues/26270
Changes:
- Added a new database model: `AndroidEnterprise`
- Added one new website dependency: `googleapis@148.0.0`
- Added `android-proxy/create-android-signup-url`: an endpoint that
returns a signup url used to grant access to Fleet's Android MDM
integration.
- Added `android-proxy/create-android-enterprise`: An endpoint that
creates an Android enterprise for a Fleet server
- Added `android-proxy/create-android-enrollment-token`: An endpoint
that returns an enrollment token for an Android enterprise
- Added `android-proxy/modify-android-policies`: An endpoint used to
update policies of an Android enterprise
- Added `android-proxy/delete-one-android-enterprise`: an endpoint that
deletes an Android enterprise
---------
Co-authored-by: Victor Lyuboslavsky <victor@fleetdm.com>
