mirror of
https://github.com/fleetdm/fleet
synced 2026-04-21 13:37:30 +00:00
7f1c0e4c41
#24174 If some of the following don't apply, delete the relevant line. <!-- Note that API documentation changes are now addressed by the product design team. --> - [ ] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files) for more information. - [X] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [X] Added/updated tests - [X] Manual QA for all new/changed functionality --------- Co-authored-by: Ian Littman <iansltx@gmail.com>
103 lines
2.6 KiB
Go
103 lines
2.6 KiB
Go
package mysql
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
|
|
"github.com/fleetdm/fleet/v4/server/fleet"
|
|
"github.com/jmoiron/sqlx"
|
|
)
|
|
|
|
func (ds *Datastore) GetLinuxDiskEncryptionSummary(ctx context.Context, teamID *uint) (fleet.MDMLinuxDiskEncryptionSummary, error) {
|
|
var args []interface{}
|
|
var teamFilter string
|
|
if teamID != nil {
|
|
teamFilter = "AND h.team_id = ?"
|
|
args = append(args, *teamID)
|
|
} else {
|
|
teamFilter = "AND h.team_id IS NULL"
|
|
}
|
|
|
|
stmt := fmt.Sprintf(`SELECT
|
|
CASE WHEN hdek.base64_encrypted IS NOT NULL
|
|
AND hdek.base64_encrypted != ''
|
|
AND hdek.client_error = '' THEN
|
|
'verified'
|
|
WHEN hdek.client_error IS NOT NULL
|
|
AND hdek.client_error != '' THEN
|
|
'failed'
|
|
WHEN hdek.base64_encrypted IS NULL
|
|
OR (hdek.base64_encrypted = ''
|
|
AND hdek.client_error = '') THEN
|
|
'action_required'
|
|
END AS status,
|
|
COUNT(h.id) AS host_count
|
|
FROM
|
|
hosts h
|
|
LEFT JOIN host_disk_encryption_keys hdek ON h.id = hdek.host_id
|
|
WHERE
|
|
(h.os_version LIKE '%%fedora%%'
|
|
OR h.platform LIKE 'ubuntu')
|
|
%s
|
|
GROUP BY
|
|
status`, teamFilter)
|
|
|
|
type countRow struct {
|
|
Status string `db:"status"`
|
|
HostCount uint `db:"host_count"`
|
|
}
|
|
|
|
var counts []countRow
|
|
summary := fleet.MDMLinuxDiskEncryptionSummary{}
|
|
|
|
if err := sqlx.SelectContext(ctx, ds.reader(ctx), &counts, stmt, args...); err != nil {
|
|
return summary, err
|
|
}
|
|
|
|
for _, count := range counts {
|
|
switch count.Status {
|
|
case "verified":
|
|
summary.Verified = count.HostCount
|
|
case "action_required":
|
|
summary.ActionRequired = count.HostCount
|
|
case "failed":
|
|
summary.Failed = count.HostCount
|
|
}
|
|
}
|
|
|
|
return summary, nil
|
|
}
|
|
|
|
func sqlCaseLinuxOSSettingsStatus() string {
|
|
return `
|
|
CASE WHEN
|
|
hdek.base64_encrypted IS NOT NULL
|
|
AND hdek.base64_encrypted != ''
|
|
AND hdek.client_error = '' THEN
|
|
'` + string(fleet.OSSettingsVerified) + `'
|
|
WHEN hdek.client_error IS NOT NULL
|
|
AND hdek.client_error != '' THEN
|
|
'` + string(fleet.OSSettingsFailed) + `'
|
|
WHEN hdek.base64_encrypted IS NULL
|
|
OR (hdek.base64_encrypted = ''
|
|
AND hdek.client_error = '') THEN
|
|
'` + string(fleet.OSSettingsPending) + `'
|
|
END`
|
|
}
|
|
|
|
func sqlCaseLinuxDiskEncryptionStatus() string {
|
|
return `
|
|
CASE WHEN
|
|
hdek.base64_encrypted IS NOT NULL
|
|
AND hdek.base64_encrypted != ''
|
|
AND hdek.client_error = '' THEN
|
|
'` + string(fleet.DiskEncryptionVerified) + `'
|
|
WHEN hdek.client_error IS NOT NULL
|
|
AND hdek.client_error != '' THEN
|
|
'` + string(fleet.DiskEncryptionFailed) + `'
|
|
WHEN hdek.base64_encrypted IS NULL
|
|
OR (hdek.base64_encrypted = ''
|
|
AND hdek.client_error = '') THEN
|
|
'` + string(fleet.DiskEncryptionActionRequired) + `'
|
|
END`
|
|
}
|