Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-04-21 21:47:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 117
fleet/server/service/windows_mdm_profiles_test.go
Ian Littman c148b42f9b
Add support for $FLEET_VAR_HOST_HARDWARE_SERIAL in Windows profiles, $FLEET_VAR_HOST_PLATFORM in Windows/Apple profiles (#35812) 
Fixes #34364, #34716.

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)

## Testing

- [x] Added/updated automated tests

- [ ] QA'd all new/changed functionality manually

---------

Co-authored-by: Magnus Jensen <magnus@fleetdm.com>
2025-11-24 10:18:47 -06:00

157 lines
4.1 KiB
Go
Raw Blame History

package service
import (
"testing"
"github.com/fleetdm/fleet/v4/server/fleet"
"github.com/stretchr/testify/require"
)
func TestValidateWindowsProfileFleetVariablesLicense(t *testing.T) {
t.Parallel()
profileWithVars := `<Replace>
<Item>
<Target>
<LocURI>./Device/Vendor/MSFT/Accounts/DomainName</LocURI>
</Target>
<Data>Host UUID: $FLEET_VAR_HOST_UUID</Data>
</Item>
</Replace>`
// Test with free license
freeLic := &fleet.LicenseInfo{Tier: fleet.TierFree}
_, err := validateWindowsProfileFleetVariables(profileWithVars, freeLic, nil)
require.ErrorIs(t, err, fleet.ErrMissingLicense)
// Test with premium license
premiumLic := &fleet.LicenseInfo{Tier: fleet.TierPremium}
vars, err := validateWindowsProfileFleetVariables(profileWithVars, premiumLic, nil)
require.NoError(t, err)
require.Contains(t, vars, "HOST_UUID")
// Test profile without variables (should work with free license)
profileNoVars := `<Replace>
<Item>
<Target>
<LocURI>./Device/Vendor/MSFT/Accounts/DomainName</LocURI>
</Target>
<Data>Static Value</Data>
</Item>
</Replace>`
vars, err = validateWindowsProfileFleetVariables(profileNoVars, freeLic, nil)
require.NoError(t, err)
require.Nil(t, vars)
}
func TestValidateWindowsProfileFleetVariables(t *testing.T) {
tests := []struct {
name string
profileXML string
wantErr bool
errContains string
}{
{
name: "no variables",
profileXML: `<Replace>
<Item>
<Target>
<LocURI>./Device/Vendor/MSFT/Policy/Config/System/AllowLocation</LocURI>
</Target>
<Data>1</Data>
</Item>
</Replace>`,
wantErr: false,
},
{
name: "HOST_UUID variable",
profileXML: `<Replace>
<Item>
<Target>
<LocURI>./Device/Vendor/MSFT/Policy/Config/System/AllowLocation</LocURI>
</Target>
<Data>$FLEET_VAR_HOST_UUID</Data>
</Item>
</Replace>`,
wantErr: false,
},
{
name: "HOST_UUID variable with braces",
profileXML: `<Replace>
<Item>
<Target>
<LocURI>./Device/Vendor/MSFT/Policy/Config/System/AllowLocation</LocURI>
</Target>
<Data>${FLEET_VAR_HOST_UUID}</Data>
</Item>
</Replace>`,
wantErr: false,
},
{
name: "multiple HOST_UUID variables",
profileXML: `<Replace>
<Item>
<Target>
<LocURI>./Device/Vendor/MSFT/Policy/Config/System/AllowLocation</LocURI>
</Target>
<Data>$FLEET_VAR_HOST_UUID-${FLEET_VAR_HOST_UUID}</Data>
</Item>
</Replace>`,
wantErr: false,
},
{
name: "unsupported variable",
profileXML: `<Replace>
<Item>
<Target>
<LocURI>./Device/Vendor/MSFT/Policy/Config/System/AllowLocation</LocURI>
</Target>
<Data>$FLEET_VAR_HOST_FAKE</Data>
</Item>
</Replace>`,
wantErr: true,
errContains: "Fleet variable $FLEET_VAR_HOST_FAKE is not supported in Windows profiles",
},
{
name: "HOST_UUID with another unsupported variable",
profileXML: `<Replace>
<Item>
<Target>
<LocURI>./Device/Vendor/MSFT/Policy/Config/System/AllowLocation</LocURI>
</Target>
<Data>$FLEET_VAR_HOST_UUID-$FLEET_VAR_BOGUS_VAR</Data>
</Item>
</Replace>`,
wantErr: true,
errContains: "Fleet variable $FLEET_VAR_BOGUS_VAR is not supported in Windows profiles",
},
{
name: "unknown Fleet variable",
profileXML: `<Replace>
<Item>
<Target>
<LocURI>./Device/Vendor/MSFT/Policy/Config/System/AllowLocation</LocURI>
</Target>
<Data>${FLEET_VAR_UNKNOWN_VAR}</Data>
</Item>
</Replace>`,
wantErr: true,
errContains: "Fleet variable $FLEET_VAR_UNKNOWN_VAR is not supported in Windows profiles",
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
// Pass a premium license for testing (we're not testing license validation here)
premiumLic := &fleet.LicenseInfo{Tier: fleet.TierPremium}
_, err := validateWindowsProfileFleetVariables(tt.profileXML, premiumLic, nil)
if tt.wantErr {
require.Error(t, err)
if tt.errContains != "" {
require.Contains(t, err.Error(), tt.errContains)
}
} else {
require.NoError(t, err)
}
})
}
}
Reference in a new issue View git blame Copy permalink