mirror of
https://github.com/fleetdm/fleet
synced 2026-04-21 21:47:20 +00:00
096d67dd5a
## Addresses #22702, #23713, #23756, #23746, #23747, and #23876 _-Note that much of this code as is will render as expected only once integrated with the backend or if manipulated manually for testing purposes_ **Frontend**: - Update banners on my device page, tests - Build new logic for calling endpoint to trigger linux key escrow on clicking `Create key` - Add `CreateLinuxKeyModal` to inform user of next steps after clicking `Create key` - Update banners on host details page, tests - Update the Controls > OS settings section with new logic related to linux disk encryption - Expect and include counts of Linux hosts in aggregate disk encryption stats UI - Add "Linux" column to the disk encryption table - Show disk encryption related UI for supported Linux platforms - TODO: confirm platform string matching functionality in manual e2e testing - Expand capabilities of `SectionHeader` component, apply to new UI - Flash "missing private key" error, with clickable link, when trying to update disk encryption enabled while no server private key is present. - TODO: QA this once other endpoints on Controls > Disk encryption are enabled even when MDM not turned on - Update Disk encryption key modal copy -Other TODO: - Confirm when integrated with API: - Aggregate disk encryption counts - Disk encryption table Linux column - Show disk encryption key action on host details page when expected - Opens Disk encryption key modal, displays key as expected **Backend**: - For "No team" and teams, error when trying to update disk encryption enabled while no server private key is present. - Remove requirement of mdm being enabled for use of various endpoints related to Linux disk encryption - Update tests _________ **Host details and my device page banners**  **Create key modal** <img width="1799" alt="create-key-modal" src="https://github.com/user-attachments/assets/81a55ccb-b6b9-4eb6-b2ff-a463c60724c0"> **Enabling disk encryption**  **Disk encryption: Fleet free** <img width="1912" alt="free" src="https://github.com/user-attachments/assets/9f9cace3-8955-47c2-87d9-24ff9387ac1a"> **Custom settings: turn on MDM** <img width="1912" alt="turn on mdm" src="https://github.com/user-attachments/assets/4d3ad47b-4035-4d93-86f0-dc2691b38bb4"> **Device status indicators**  **Encryption key action and modal**  - [x] Changes file added for user-visible changes in `changes/` - [x] Added/updated tests - [x] Manual QA for all new/changed functionality - [ ] Full e2e testing to do when integrated with backend --------- Co-authored-by: Jacob Shandling <jacob@fleetdm.com> Co-authored-by: Ian Littman <iansltx@gmail.com>
161 lines
5.2 KiB
TypeScript
161 lines
5.2 KiB
TypeScript
import {
|
|
FLEET_FILEVAULT_PROFILE_DISPLAY_NAME,
|
|
ProfileOperationType,
|
|
} from "interfaces/mdm";
|
|
|
|
import { IconNames } from "components/icons";
|
|
import {
|
|
TooltipInnerContentFunc,
|
|
TooltipInnerContentOption,
|
|
} from "./components/Tooltip/TooltipContent";
|
|
|
|
import { OsSettingsTableStatusValue } from "../OSSettingsTableConfig";
|
|
import TooltipInnerContentActionRequired from "./components/Tooltip/ActionRequired";
|
|
|
|
export const isDiskEncryptionProfile = (profileName: string) => {
|
|
return profileName === FLEET_FILEVAULT_PROFILE_DISPLAY_NAME;
|
|
};
|
|
|
|
export type ProfileDisplayOption = {
|
|
statusText: string;
|
|
iconName: IconNames;
|
|
tooltip: TooltipInnerContentOption | null;
|
|
} | null;
|
|
|
|
type OperationTypeOption = Record<
|
|
OsSettingsTableStatusValue,
|
|
ProfileDisplayOption
|
|
>;
|
|
|
|
type ProfileDisplayConfig = Record<ProfileOperationType, OperationTypeOption>;
|
|
|
|
// Profiles for iOS and iPadOS skip the verifying step
|
|
const APPLE_PROFILE_VERIFIED_DISPLAY_CONFIG: ProfileDisplayOption = {
|
|
statusText: "Verified",
|
|
iconName: "success",
|
|
tooltip: (innerProps) =>
|
|
innerProps.isDiskEncryptionProfile
|
|
? "The host turned disk encryption on and sent the key to Fleet. " +
|
|
"Fleet verified."
|
|
: "The host applied the setting. Fleet verified.",
|
|
} as const;
|
|
|
|
const MAC_PROFILE_VERIFYING_DISPLAY_CONFIG: ProfileDisplayOption = {
|
|
statusText: "Verifying",
|
|
iconName: "success-outline",
|
|
tooltip: (innerProps) =>
|
|
innerProps.isDiskEncryptionProfile
|
|
? "The host acknowledged the MDM command to turn on disk encryption. " +
|
|
"Fleet is verifying with osquery and retrieving the disk encryption key. " +
|
|
"This may take up to one hour."
|
|
: "The host acknowledged the MDM command to apply the setting. Fleet is " +
|
|
"verifying with osquery.",
|
|
} as const;
|
|
|
|
export const PROFILE_DISPLAY_CONFIG: ProfileDisplayConfig = {
|
|
install: {
|
|
verified: APPLE_PROFILE_VERIFIED_DISPLAY_CONFIG,
|
|
success: APPLE_PROFILE_VERIFIED_DISPLAY_CONFIG,
|
|
verifying: MAC_PROFILE_VERIFYING_DISPLAY_CONFIG,
|
|
acknowledged: MAC_PROFILE_VERIFYING_DISPLAY_CONFIG,
|
|
pending: {
|
|
statusText: "Enforcing (pending)",
|
|
iconName: "pending-outline",
|
|
tooltip: (innerProps) =>
|
|
innerProps.isDiskEncryptionProfile
|
|
? "The hosts will receive the MDM command to turn on disk encryption " +
|
|
"when the hosts come online."
|
|
: "The host will receive the MDM command to apply the setting when the " +
|
|
"host comes online.",
|
|
},
|
|
action_required: {
|
|
statusText: "Action required (pending)",
|
|
iconName: "pending-outline",
|
|
tooltip: TooltipInnerContentActionRequired as TooltipInnerContentFunc,
|
|
},
|
|
failed: {
|
|
statusText: "Failed",
|
|
iconName: "error",
|
|
tooltip: null,
|
|
},
|
|
},
|
|
remove: {
|
|
pending: {
|
|
statusText: "Removing enforcement (pending)",
|
|
iconName: "pending-outline",
|
|
tooltip: (innerProps) =>
|
|
innerProps.isDiskEncryptionProfile
|
|
? "The host will receive the MDM command to remove the disk encryption profile when the " +
|
|
"host comes online."
|
|
: "The host will receive the MDM command to remove the setting when the host " +
|
|
"comes online.",
|
|
},
|
|
action_required: null, // should not be reached
|
|
verified: null, // should not be reached
|
|
verifying: null, // should not be reached
|
|
success: null, // should not be reached
|
|
acknowledged: null, // should not be reached
|
|
failed: {
|
|
statusText: "Failed",
|
|
iconName: "error",
|
|
tooltip: null,
|
|
},
|
|
},
|
|
};
|
|
|
|
type WindowsDiskEncryptionDisplayConfig = Omit<
|
|
OperationTypeOption,
|
|
// windows disk encryption does not have these states
|
|
"action_required" | "success" | "acknowledged"
|
|
>;
|
|
|
|
export const WINDOWS_DISK_ENCRYPTION_DISPLAY_CONFIG: WindowsDiskEncryptionDisplayConfig = {
|
|
verified: {
|
|
statusText: "Verified",
|
|
iconName: "success",
|
|
tooltip: () =>
|
|
"The host turned disk encryption on and sent the key to Fleet. Fleet verified.",
|
|
},
|
|
verifying: {
|
|
statusText: "Verifying",
|
|
iconName: "success-outline",
|
|
tooltip: () =>
|
|
"The host acknowledged the MDM command to turn on disk encryption. Fleet is verifying with " +
|
|
"osquery and retrieving the disk encryption key. This may take up to one hour.",
|
|
},
|
|
pending: {
|
|
statusText: "Enforcing (pending)",
|
|
iconName: "pending-outline",
|
|
tooltip: () =>
|
|
"The host will receive the MDM command to turn on disk encryption when the host comes online.",
|
|
},
|
|
failed: {
|
|
statusText: "Failed",
|
|
iconName: "error",
|
|
tooltip: null,
|
|
},
|
|
};
|
|
|
|
type LinuxDiskEncryptionDisplayConfig = Omit<
|
|
OperationTypeOption,
|
|
"success" | "pending" | "acknowledged" | "verifying"
|
|
>;
|
|
|
|
export const LINUX_DISK_ENCRYPTION_DISPLAY_CONFIG: LinuxDiskEncryptionDisplayConfig = {
|
|
verified: {
|
|
statusText: "Verified",
|
|
iconName: "success",
|
|
tooltip: () =>
|
|
"The host turned disk encryption on and sent the key to Fleet. Fleet verified.",
|
|
},
|
|
failed: {
|
|
statusText: "Failed",
|
|
iconName: "error",
|
|
tooltip: null,
|
|
},
|
|
action_required: {
|
|
statusText: "Action required (pending)",
|
|
iconName: "pending-outline",
|
|
tooltip: TooltipInnerContentActionRequired as TooltipInnerContentFunc,
|
|
},
|
|
};
|