Skip to content

Commit

Permalink
[Security Solution][Endpoint][Admin] Malware user notification checkb…
Browse files Browse the repository at this point in the history
…ox (#78084)

includes migration for endpoint package policy 7.11
  • Loading branch information
parkiino authored Oct 21, 2020
1 parent 858fa47 commit b4864ab
Show file tree
Hide file tree
Showing 10 changed files with 300 additions and 3 deletions.
2 changes: 2 additions & 0 deletions x-pack/plugins/ingest_manager/server/saved_objects/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@

import { SavedObjectsServiceSetup, SavedObjectsType } from 'kibana/server';
import { EncryptedSavedObjectsPluginSetup } from '../../../encrypted_saved_objects/server';
import { migratePackagePolicyToV7110 } from '../../../security_solution/common';
import {
OUTPUT_SAVED_OBJECT_TYPE,
AGENT_POLICY_SAVED_OBJECT_TYPE,
Expand Down Expand Up @@ -268,6 +269,7 @@ const getSavedObjectTypes = (
},
migrations: {
'7.10.0': migratePackagePolicyToV7100,
'7.11.0': migratePackagePolicyToV7110,
},
},
[PACKAGES_SAVED_OBJECT_TYPE]: {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,12 @@ export const factory = (): PolicyConfig => {
malware: {
mode: ProtectionModes.prevent,
},
popup: {
malware: {
message: '',
enabled: true,
},
},
logging: {
file: 'info',
},
Expand All @@ -37,6 +43,12 @@ export const factory = (): PolicyConfig => {
malware: {
mode: ProtectionModes.prevent,
},
popup: {
malware: {
message: '',
enabled: true,
},
},
logging: {
file: 'info',
},
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,168 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License;
* you may not use this file except in compliance with the Elastic License.
*/

import { SavedObjectMigrationContext, SavedObjectUnsanitizedDoc } from 'kibana/server';
import { PackagePolicy } from '../../../../../ingest_manager/common';
import { migratePackagePolicyToV7110 } from './to_v7_11.0';

describe('7.11.0 Endpoint Package Policy migration', () => {
const migration = migratePackagePolicyToV7110;
it('adds malware notification checkbox and optional message', () => {
const doc: SavedObjectUnsanitizedDoc<PackagePolicy> = {
attributes: {
name: 'Some Policy Name',
package: {
name: 'endpoint',
title: '',
version: '',
},
id: 'endpoint',
policy_id: '',
enabled: true,
namespace: '',
output_id: '',
revision: 0,
updated_at: '',
updated_by: '',
created_at: '',
created_by: '',
inputs: [
{
type: 'endpoint',
enabled: true,
streams: [],
config: {
policy: {
value: {
windows: {},
mac: {},
},
},
},
},
],
},
type: ' nested',
};

expect(
migration(doc, {} as SavedObjectMigrationContext) as SavedObjectUnsanitizedDoc<PackagePolicy>
).toEqual({
attributes: {
name: 'Some Policy Name',
package: {
name: 'endpoint',
title: '',
version: '',
},
id: 'endpoint',
policy_id: '',
enabled: true,
namespace: '',
output_id: '',
revision: 0,
updated_at: '',
updated_by: '',
created_at: '',
created_by: '',
inputs: [
{
type: 'endpoint',
enabled: true,
streams: [],
config: {
policy: {
value: {
windows: {
popup: {
malware: {
message: '',
enabled: false,
},
},
},
mac: {
popup: {
malware: {
message: '',
enabled: false,
},
},
},
},
},
},
},
],
},
type: ' nested',
});
});

it('does not modify non-endpoint package policies', () => {
const doc: SavedObjectUnsanitizedDoc<PackagePolicy> = {
attributes: {
name: 'Some Policy Name',
package: {
name: 'notEndpoint',
title: '',
version: '',
},
id: 'notEndpoint',
policy_id: '',
enabled: true,
namespace: '',
output_id: '',
revision: 0,
updated_at: '',
updated_by: '',
created_at: '',
created_by: '',
inputs: [
{
type: 'notEndpoint',
enabled: true,
streams: [],
config: {},
},
],
},
type: ' nested',
};

expect(
migration(doc, {} as SavedObjectMigrationContext) as SavedObjectUnsanitizedDoc<PackagePolicy>
).toEqual({
attributes: {
name: 'Some Policy Name',
package: {
name: 'notEndpoint',
title: '',
version: '',
},
id: 'notEndpoint',
policy_id: '',
enabled: true,
namespace: '',
output_id: '',
revision: 0,
updated_at: '',
updated_by: '',
created_at: '',
created_by: '',
inputs: [
{
type: 'notEndpoint',
enabled: true,
streams: [],
config: {},
},
],
},
type: ' nested',
});
});
});
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License;
* you may not use this file except in compliance with the Elastic License.
*/

import { SavedObjectMigrationFn, SavedObjectUnsanitizedDoc } from 'kibana/server';
import { cloneDeep } from 'lodash';
import { PackagePolicy } from '../../../../../ingest_manager/common';

export const migratePackagePolicyToV7110: SavedObjectMigrationFn<PackagePolicy, PackagePolicy> = (
packagePolicyDoc
) => {
const updatedPackagePolicyDoc: SavedObjectUnsanitizedDoc<PackagePolicy> = cloneDeep(
packagePolicyDoc
);
if (packagePolicyDoc.attributes.package?.name === 'endpoint') {
const input = updatedPackagePolicyDoc.attributes.inputs[0];
const popup = {
malware: {
message: '',
enabled: false,
},
};
if (input && input.config) {
input.config.policy.value.windows.popup = popup;
input.config.policy.value.mac.popup = popup;
}
}

return updatedPackagePolicyDoc;
};
16 changes: 14 additions & 2 deletions x-pack/plugins/security_solution/common/endpoint/types/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -873,6 +873,12 @@ export interface PolicyConfig {
logging: {
file: string;
};
popup: {
malware: {
message: string;
enabled: boolean;
};
};
};
mac: {
events: {
Expand All @@ -881,6 +887,12 @@ export interface PolicyConfig {
network: boolean;
};
malware: MalwareFields;
popup: {
malware: {
message: string;
enabled: boolean;
};
};
logging: {
file: string;
};
Expand All @@ -904,11 +916,11 @@ export interface UIPolicyConfig {
/**
* Windows-specific policy configuration that is supported via the UI
*/
windows: Pick<PolicyConfig['windows'], 'events' | 'malware'>;
windows: Pick<PolicyConfig['windows'], 'events' | 'malware' | 'popup'>;
/**
* Mac-specific policy configuration that is supported via the UI
*/
mac: Pick<PolicyConfig['mac'], 'malware' | 'events'>;
mac: Pick<PolicyConfig['mac'], 'malware' | 'events' | 'popup'>;
/**
* Linux-specific policy configuration that is supported via the UI
*/
Expand Down
1 change: 1 addition & 0 deletions x-pack/plugins/security_solution/common/shared_exports.ts
Original file line number Diff line number Diff line change
Expand Up @@ -16,3 +16,4 @@ export { exactCheck } from './exact_check';
export { getPaths, foldLeftRight } from './test_utils';
export { validate, validateEither } from './validate';
export { formatErrors } from './format_errors';
export { migratePackagePolicyToV7110 } from './endpoint/policy/migrations/to_v7_11.0';
Original file line number Diff line number Diff line change
Expand Up @@ -238,11 +238,23 @@ describe('policy details: ', () => {
security: true,
},
malware: { mode: 'prevent' },
popup: {
malware: {
enabled: true,
message: '',
},
},
logging: { file: 'info' },
},
mac: {
events: { process: true, file: true, network: true },
malware: { mode: 'prevent' },
popup: {
malware: {
enabled: true,
message: '',
},
},
logging: { file: 'info' },
},
linux: {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -105,10 +105,12 @@ export const policyConfig: (s: PolicyDetailsState) => UIPolicyConfig = createSel
windows: {
events: windows.events,
malware: windows.malware,
popup: windows.popup,
},
mac: {
events: mac.events,
malware: mac.malware,
popup: mac.popup,
},
linux: {
events: linux.events,
Expand Down
Loading

0 comments on commit b4864ab

Please sign in to comment.