mirror of
https://github.com/fleetdm/fleet
synced 2026-05-19 23:18:51 +00:00
096d67dd5a
## Addresses #22702, #23713, #23756, #23746, #23747, and #23876 _-Note that much of this code as is will render as expected only once integrated with the backend or if manipulated manually for testing purposes_ **Frontend**: - Update banners on my device page, tests - Build new logic for calling endpoint to trigger linux key escrow on clicking `Create key` - Add `CreateLinuxKeyModal` to inform user of next steps after clicking `Create key` - Update banners on host details page, tests - Update the Controls > OS settings section with new logic related to linux disk encryption - Expect and include counts of Linux hosts in aggregate disk encryption stats UI - Add "Linux" column to the disk encryption table - Show disk encryption related UI for supported Linux platforms - TODO: confirm platform string matching functionality in manual e2e testing - Expand capabilities of `SectionHeader` component, apply to new UI - Flash "missing private key" error, with clickable link, when trying to update disk encryption enabled while no server private key is present. - TODO: QA this once other endpoints on Controls > Disk encryption are enabled even when MDM not turned on - Update Disk encryption key modal copy -Other TODO: - Confirm when integrated with API: - Aggregate disk encryption counts - Disk encryption table Linux column - Show disk encryption key action on host details page when expected - Opens Disk encryption key modal, displays key as expected **Backend**: - For "No team" and teams, error when trying to update disk encryption enabled while no server private key is present. - Remove requirement of mdm being enabled for use of various endpoints related to Linux disk encryption - Update tests _________ **Host details and my device page banners**  **Create key modal** <img width="1799" alt="create-key-modal" src="https://github.com/user-attachments/assets/81a55ccb-b6b9-4eb6-b2ff-a463c60724c0"> **Enabling disk encryption**  **Disk encryption: Fleet free** <img width="1912" alt="free" src="https://github.com/user-attachments/assets/9f9cace3-8955-47c2-87d9-24ff9387ac1a"> **Custom settings: turn on MDM** <img width="1912" alt="turn on mdm" src="https://github.com/user-attachments/assets/4d3ad47b-4035-4d93-86f0-dc2691b38bb4"> **Device status indicators**  **Encryption key action and modal**  - [x] Changes file added for user-visible changes in `changes/` - [x] Added/updated tests - [x] Manual QA for all new/changed functionality - [ ] Full e2e testing to do when integrated with backend --------- Co-authored-by: Jacob Shandling <jacob@fleetdm.com> Co-authored-by: Ian Littman <iansltx@gmail.com>
165 lines
4.8 KiB
TypeScript
165 lines
4.8 KiB
TypeScript
export const APPLE_PLATFORM_DISPLAY_NAMES = {
|
|
darwin: "macOS",
|
|
ios: "iOS",
|
|
ipados: "iPadOS",
|
|
} as const;
|
|
|
|
export type ApplePlatform = keyof typeof APPLE_PLATFORM_DISPLAY_NAMES;
|
|
export type AppleDisplayPlatform = typeof APPLE_PLATFORM_DISPLAY_NAMES[keyof typeof APPLE_PLATFORM_DISPLAY_NAMES];
|
|
|
|
export const PLATFORM_DISPLAY_NAMES = {
|
|
windows: "Windows",
|
|
linux: "Linux",
|
|
chrome: "ChromeOS",
|
|
...APPLE_PLATFORM_DISPLAY_NAMES,
|
|
} as const;
|
|
|
|
export type Platform = keyof typeof PLATFORM_DISPLAY_NAMES;
|
|
export type DisplayPlatform = typeof PLATFORM_DISPLAY_NAMES[keyof typeof PLATFORM_DISPLAY_NAMES];
|
|
export type QueryableDisplayPlatform = Exclude<
|
|
DisplayPlatform,
|
|
"iOS" | "iPadOS"
|
|
>;
|
|
export type QueryablePlatform = Exclude<Platform, "ios" | "ipados">;
|
|
|
|
export const SUPPORTED_PLATFORMS: QueryablePlatform[] = [
|
|
"darwin",
|
|
"windows",
|
|
"linux",
|
|
"chrome",
|
|
];
|
|
|
|
// TODO - add "iOS" and "iPadOS" once we support them
|
|
export const VULN_SUPPORTED_PLATFORMS: Platform[] = ["darwin", "windows"];
|
|
|
|
export type SelectedPlatform = QueryablePlatform | "all";
|
|
|
|
export type SelectedPlatformString =
|
|
| ""
|
|
| QueryablePlatform
|
|
| `${QueryablePlatform},${QueryablePlatform}`
|
|
| `${QueryablePlatform},${QueryablePlatform},${QueryablePlatform}`
|
|
| `${QueryablePlatform},${QueryablePlatform},${QueryablePlatform},${QueryablePlatform}`;
|
|
|
|
// TODO: revisit this approach pending resolution of https://github.com/fleetdm/fleet/issues/3555.
|
|
export const MACADMINS_EXTENSION_TABLES: Record<string, QueryablePlatform[]> = {
|
|
file_lines: ["darwin", "linux", "windows"],
|
|
filevault_users: ["darwin"],
|
|
google_chrome_profiles: ["darwin", "linux", "windows"],
|
|
macos_profiles: ["darwin"],
|
|
mdm: ["darwin"],
|
|
munki_info: ["darwin"],
|
|
munki_install: ["darwin"],
|
|
// network_quality: ["darwin"], // TODO: add this table if/when it is incorporated into orbit
|
|
puppet_info: ["darwin", "linux", "windows"],
|
|
puppet_logs: ["darwin", "linux", "windows"],
|
|
puppet_state: ["darwin", "linux", "windows"],
|
|
macadmins_unified_log: ["darwin"],
|
|
};
|
|
|
|
/**
|
|
* Host Linux OSs as defined by the Fleet server.
|
|
*
|
|
* @see https://github.com/fleetdm/fleet/blob/5a21e2cfb029053ddad0508869eb9f1f23997bf2/server/fleet/hosts.go#L780
|
|
*/
|
|
export const HOST_LINUX_PLATFORMS = [
|
|
"linux",
|
|
"ubuntu", // covers Kubuntu
|
|
"debian",
|
|
"rhel", // covers Fedora
|
|
"centos",
|
|
"sles",
|
|
"kali",
|
|
"gentoo",
|
|
"amzn",
|
|
"pop",
|
|
"arch",
|
|
"linuxmint",
|
|
"void",
|
|
"nixos",
|
|
"endeavouros",
|
|
"manjaro",
|
|
"opensuse-leap",
|
|
"opensuse-tumbleweed",
|
|
"tuxedo",
|
|
] as const;
|
|
|
|
export const HOST_APPLE_PLATFORMS = ["darwin", "ios", "ipados"] as const;
|
|
|
|
export type HostPlatform =
|
|
| typeof HOST_LINUX_PLATFORMS[number]
|
|
| typeof HOST_APPLE_PLATFORMS[number]
|
|
| "windows"
|
|
| "chrome";
|
|
|
|
/**
|
|
* Checks if the provided platform is a Linux-like OS. We can recieve many
|
|
* different types of host platforms so we need a check that will cover all
|
|
* the possible Linux-like platform values.
|
|
*/
|
|
export const isLinuxLike = (platform: string) => {
|
|
return HOST_LINUX_PLATFORMS.includes(
|
|
platform as typeof HOST_LINUX_PLATFORMS[number]
|
|
);
|
|
};
|
|
|
|
export const isAppleDevice = (platform: string) => {
|
|
return HOST_APPLE_PLATFORMS.includes(
|
|
platform as typeof HOST_APPLE_PLATFORMS[number]
|
|
);
|
|
};
|
|
|
|
export const isIPadOrIPhone = (platform: string | HostPlatform) =>
|
|
["ios", "ipados"].includes(platform);
|
|
|
|
export const DISK_ENCRYPTION_SUPPORTED_LINUX_PLATFORMS = [
|
|
"ubuntu", // covers Kubuntu
|
|
"rhel", // *included here to support Fedora systems. Necessary to cross-check with `os_versions` as well to confrim host is Fedora and not another, non-support rhel-like platform.
|
|
] as const;
|
|
|
|
export const isDiskEncryptionSupportedLinuxPlatform = (
|
|
platform: HostPlatform,
|
|
os_version: string
|
|
) => {
|
|
const isFedora =
|
|
platform === "rhel" && os_version.toLowerCase().includes("fedora");
|
|
return isFedora || platform === "ubuntu";
|
|
};
|
|
|
|
const DISK_ENCRYPTION_SUPPORTED_PLATFORMS = [
|
|
"darwin",
|
|
"windows",
|
|
"chrome",
|
|
...DISK_ENCRYPTION_SUPPORTED_LINUX_PLATFORMS,
|
|
] as const;
|
|
|
|
export type DiskEncryptionSupportedPlatform = typeof DISK_ENCRYPTION_SUPPORTED_PLATFORMS[number];
|
|
|
|
export const platformSupportsDiskEncryption = (
|
|
platform: HostPlatform,
|
|
/** os_version necessary to differentiate Fedora from other rhel-like platforms */
|
|
os_version?: string
|
|
) => {
|
|
if (platform === "rhel") {
|
|
return !!os_version && os_version.toLowerCase().includes("fedora");
|
|
}
|
|
return DISK_ENCRYPTION_SUPPORTED_PLATFORMS.includes(
|
|
platform as DiskEncryptionSupportedPlatform
|
|
);
|
|
};
|
|
|
|
const OS_SETTINGS_DISPLAY_PLATFORMS = [
|
|
...DISK_ENCRYPTION_SUPPORTED_PLATFORMS,
|
|
"ios",
|
|
"ipados",
|
|
];
|
|
|
|
export const isOsSettingsDisplayPlatform = (
|
|
platform: HostPlatform,
|
|
os_version: string
|
|
) => {
|
|
if (platform === "rhel") {
|
|
return !!os_version && os_version.toLowerCase().includes("fedora");
|
|
}
|
|
return OS_SETTINGS_DISPLAY_PLATFORMS.includes(platform);
|
|
};
|