mirror of
https://github.com/fleetdm/fleet
synced 2026-05-11 03:00:58 +00:00
fcdd01d78d
for #31064 # Details This PR adds a "Require BitLocker PIN" checkbox under a new "Advanced" section on the Disk Encryption page. This UI will only be visible if: * "Turn on disk encryption" is checked * The front-end was compiled using the `SHOW_BITLOCKER_PIN_OPTION=true` env var, e.g.: ``` SHOW_BITLOCKER_PIN_OPTION=true NODE_ENV=development yarn run webpack --progress --watch ``` See Figma for reference: https://www.figma.com/design/XbhlPuEJxQtOgTZW9EOJZp/-28133-Enforce-BitLocker-PIN?node-id=5334-1026&t=NuPo1M5fJepyCCRy-0 With encryption off: <img width="569" height="233" alt="image" src="https://github.com/user-attachments/assets/558e74cc-ce3d-47e3-aa14-1391e1cb4146" /> With encryption on: <img width="551" height="285" alt="image" src="https://github.com/user-attachments/assets/adfe2ead-4c5c-43a0-a5aa-9566635aba5f" /> Expanded: <img width="534" height="297" alt="image" src="https://github.com/user-attachments/assets/ac0620a2-528f-4118-ae46-992a646c97d8" /> Tooltip: <img width="579" height="317" alt="image" src="https://github.com/user-attachments/assets/23d13820-9bcb-49fb-b32b-2b5c60e7e55c" /> # Checklist for submitter If some of the following don't apply, delete the relevant line. <!-- Note that API documentation changes are now addressed by the product design team. --> - [ ] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. - will add changelog when feature is complete - [x] Manual QA for all new/changed functionality
66 lines
2.1 KiB
TypeScript
66 lines
2.1 KiB
TypeScript
import sendRequest from "services";
|
|
|
|
import endpoints from "utilities/endpoints";
|
|
import { buildQueryStringFromParams } from "utilities/url";
|
|
|
|
// TODO - move disk encryption types like this to dedicated file
|
|
import { DiskEncryptionStatus } from "interfaces/mdm";
|
|
import { APP_CONTEXT_NO_TEAM_ID } from "interfaces/team";
|
|
|
|
export interface IDiskEncryptionStatusAggregate {
|
|
macos: number;
|
|
windows: number;
|
|
linux: number;
|
|
}
|
|
|
|
export type IDiskEncryptionSummaryResponse = Record<
|
|
DiskEncryptionStatus,
|
|
IDiskEncryptionStatusAggregate
|
|
>;
|
|
|
|
const diskEncryptionService = {
|
|
getDiskEncryptionSummary: (teamId?: number) => {
|
|
let { DISK_ENCRYPTION: path } = endpoints;
|
|
|
|
if (teamId) {
|
|
path = `${path}?${buildQueryStringFromParams({ team_id: teamId })}`;
|
|
}
|
|
return sendRequest("GET", path);
|
|
},
|
|
updateDiskEncryption: (
|
|
enableDiskEncryption: boolean,
|
|
requireBitLockerPIN: boolean,
|
|
teamId?: number
|
|
) => {
|
|
// TODO - use same endpoint for both once issue with new endpoint for no team is resolved
|
|
const {
|
|
UPDATE_DISK_ENCRYPTION: teamsEndpoint,
|
|
CONFIG: noTeamsEndpoint,
|
|
} = endpoints;
|
|
if (teamId === 0) {
|
|
return sendRequest("PATCH", noTeamsEndpoint, {
|
|
mdm: {
|
|
enable_disk_encryption: enableDiskEncryption,
|
|
windows_require_bitlocker_pin: requireBitLockerPIN,
|
|
},
|
|
});
|
|
}
|
|
return sendRequest("POST", teamsEndpoint, {
|
|
enable_disk_encryption: enableDiskEncryption,
|
|
windows_require_bitlocker_pin: requireBitLockerPIN,
|
|
// TODO - it would be good to be able to use an API_CONTEXT_NO_TEAM_ID here, but that is
|
|
// currently set to 0, which should actually be undefined since the server expects teamId ==
|
|
// nil for no teams, not 0.
|
|
team_id: teamId === APP_CONTEXT_NO_TEAM_ID ? undefined : teamId,
|
|
});
|
|
},
|
|
triggerLinuxDiskEncryptionKeyEscrow: (token: string) => {
|
|
const { DEVICE_TRIGGER_LINUX_DISK_ENCRYPTION_KEY_ESCROW } = endpoints;
|
|
return sendRequest(
|
|
"POST",
|
|
DEVICE_TRIGGER_LINUX_DISK_ENCRYPTION_KEY_ESCROW(token)
|
|
);
|
|
},
|
|
};
|
|
|
|
export default diskEncryptionService;
|