-
Notifications
You must be signed in to change notification settings - Fork 8.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Security Solution][Endpoint] Remove use of Redux from the Endpoint Policy Settings form #161511
[Security Solution][Endpoint] Remove use of Redux from the Endpoint Policy Settings form #161511
Conversation
…ux-from-policy-details
…ux-from-policy-details # Conflicts: # x-pack/plugins/security_solution/public/management/cypress/screens/policy_details.ts # x-pack/plugins/security_solution/public/management/pages/policy/view/policy_settings_layout/policy_settings_layout.tsx
Pinging @elastic/security-defend-workflows (Team:Defend Workflows) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the changes. I left some questions and nits. None of them should block 🚢 ing this.
.../plugins/security_solution/public/management/pages/policy/view/policy_settings_form/mocks.ts
Show resolved
Hide resolved
...y_solution/public/management/pages/policy/view/policy_settings_form/policy_settings_form.tsx
Outdated
Show resolved
Hide resolved
if (os === 'windows') { | ||
newPayload[os][protection].mode = ProtectionModes.off; | ||
} else if (os === 'mac') { | ||
newPayload[os][protection as MacPolicyProtection].mode = ProtectionModes.off; | ||
} else if (os === 'linux') { | ||
newPayload[os][protection as LinuxPolicyProtection].mode = ProtectionModes.off; | ||
} | ||
if (isPlatinumPlus) { | ||
if (os === 'windows') { | ||
newPayload[os].popup[protection].enabled = event.target.checked; | ||
} else if (os === 'mac') { | ||
newPayload[os].popup[protection as MacPolicyProtection].enabled = | ||
event.target.checked; | ||
} else if (os === 'linux') { | ||
newPayload[os].popup[protection as LinuxPolicyProtection].enabled = | ||
event.target.checked; | ||
} | ||
} | ||
} | ||
} else { | ||
for (const os of osList) { | ||
if (os === 'windows') { | ||
newPayload[os][protection].mode = ProtectionModes.prevent; | ||
} else if (os === 'mac') { | ||
newPayload[os][protection as MacPolicyProtection].mode = ProtectionModes.prevent; | ||
} else if (os === 'linux') { | ||
newPayload[os][protection as LinuxPolicyProtection].mode = ProtectionModes.prevent; | ||
} | ||
if (isPlatinumPlus) { | ||
if (os === 'windows') { | ||
newPayload[os].popup[protection].enabled = event.target.checked; | ||
} else if (os === 'mac') { | ||
newPayload[os].popup[protection as MacPolicyProtection].enabled = | ||
event.target.checked; | ||
} else if (os === 'linux') { | ||
newPayload[os].popup[protection as LinuxPolicyProtection].enabled = | ||
event.target.checked; | ||
} | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You can extract this repeated logic as functions outside of the component. Something like
const setProtectionsPopup = (
os: 'windows' | 'mac' | 'linux',
protection: PolicyProtection,
payload: PolicyConfig,
value: boolean
) => {
if (os === 'windows') {
payload[os].popup[protection].enabled = value;
} else if (os === 'mac') {
payload[os].popup[protection as MacPolicyProtection].enabled = value;
} else if (os === 'linux') {
payload[os].popup[protection as LinuxPolicyProtection].enabled = value;
}
};
const setProtectionModes = (
os: 'windows' | 'mac' | 'linux',
protection: PolicyProtection,
payload: PolicyConfig,
value: ProtectionModes
) => {
if (os === 'windows') {
payload[os][protection].mode = value;
} else if (os === 'mac') {
payload[os][protection as MacPolicyProtection].mode = value;
} else if (os === 'linux') {
payload[os][protection as LinuxPolicyProtection].mode = value;
}
};
and then use it here
if (event.target.checked === false) {
for (const os of osList) {
setProtectionModes(os, protection, newPayload, ProtectionModes.off);
if (isPlatinumPlus) {
setProtectionsPopup(os, protection, newPayload, false);
}
}
} else {
for (const os of osList) {
setProtectionModes(os, protection, newPayload, ProtectionModes.prevent);
if (isPlatinumPlus) {
setProtectionsPopup(os, protection, newPayload, true);
}
}
}
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
same comment here. I wanted to leave this logic as is until I have tests in place. Then I would like to circle back and simplify the code and make it more efficient.
...gement/pages/policy/view/policy_settings_form/components/detect_prevent_protection_lavel.tsx
Outdated
Show resolved
Hide resolved
if (protectionMode === ProtectionModes.prevent) { | ||
newPayload[os].popup[protection].enabled = true; | ||
} else { | ||
newPayload[os].popup[protection].enabled = false; | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: This can also be written as
newPayload[os].popup[protection].enabled = protectionMode === ProtectionModes.prevent;
Same goes for the other ones below if you change it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I wanted to keep this logic unchanged, so I just copied it as is. I do want to come back around (after tests are introduced - in next PR) to possibly simplify allot of this logic and maybe use lodash's set()
to update values.
...gement/pages/policy/view/policy_settings_form/components/detect_prevent_protection_lavel.tsx
Outdated
Show resolved
Hide resolved
.../plugins/security_solution/public/management/pages/policy/view/policy_settings_form/types.ts
Outdated
Show resolved
Hide resolved
💚 Build Succeeded
Metrics [docs]Module Count
Async chunks
Page load bundle
Unknown metric groupsESLint disabled line counts
Total ESLint disabled count
History
To update your PR or re-run it, just comment with: |
… a refresh (#164403) Closes elastic/security-team#7386 Dispatch an action that will update the stored policy upon successful saving of Policy Settings. This should occur only when no 'routeState' is being set, as in such a scenario, a page change triggers a refetch on its own. Even though redux was removed from Policy Settings in #161511 , the policy object that feeds the view is being fetched as a result of onUrlChange action and stored in the redux store. This should be addressed in the future. https://github.com/elastic/kibana/assets/29123534/cf008d0e-804a-49f9-a2f7-9bb7d1162b28
… a refresh (elastic#164403) Closes elastic/security-team#7386 Dispatch an action that will update the stored policy upon successful saving of Policy Settings. This should occur only when no 'routeState' is being set, as in such a scenario, a page change triggers a refetch on its own. Even though redux was removed from Policy Settings in elastic#161511 , the policy object that feeds the view is being fetched as a result of onUrlChange action and stored in the redux store. This should be addressed in the future. https://github.com/elastic/kibana/assets/29123534/cf008d0e-804a-49f9-a2f7-9bb7d1162b28 (cherry picked from commit 5eca861)
…t until a refresh (#164403) (#164557) # Backport This will backport the following commits from `main` to `8.10`: - [[Defend Workflows]Changes to policy settings are not persistent until a refresh (#164403)](#164403) <!--- Backport version: 8.9.7 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Konrad Szwarc","email":"konrad.szwarc@elastic.co"},"sourceCommit":{"committedDate":"2023-08-23T10:46:04Z","message":"[Defend Workflows]Changes to policy settings are not persistent until a refresh (#164403)\n\nCloses https://github.com/elastic/security-team/issues/7386\r\n\r\nDispatch an action that will update the stored policy upon successful\r\nsaving of Policy Settings. This should occur only when no 'routeState'\r\nis being set, as in such a scenario, a page change triggers a refetch on\r\nits own.\r\n\r\nEven though redux was removed from Policy Settings in\r\nhttps://github.com//pull/161511 , the policy object that\r\nfeeds the view is being fetched as a result of onUrlChange action and\r\nstored in the redux store. This should be addressed in the future.\r\n\r\n\r\nhttps://github.com/elastic/kibana/assets/29123534/cf008d0e-804a-49f9-a2f7-9bb7d1162b28","sha":"5eca8618eab9e6f35b1d13d9c6ae8b1df598ad5c","branchLabelMapping":{"^v8.11.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:skip","Team:Defend Workflows","v8.10.0","v8.11.0"],"number":164403,"url":"https://github.com/elastic/kibana/pull/164403","mergeCommit":{"message":"[Defend Workflows]Changes to policy settings are not persistent until a refresh (#164403)\n\nCloses https://github.com/elastic/security-team/issues/7386\r\n\r\nDispatch an action that will update the stored policy upon successful\r\nsaving of Policy Settings. This should occur only when no 'routeState'\r\nis being set, as in such a scenario, a page change triggers a refetch on\r\nits own.\r\n\r\nEven though redux was removed from Policy Settings in\r\nhttps://github.com//pull/161511 , the policy object that\r\nfeeds the view is being fetched as a result of onUrlChange action and\r\nstored in the redux store. This should be addressed in the future.\r\n\r\n\r\nhttps://github.com/elastic/kibana/assets/29123534/cf008d0e-804a-49f9-a2f7-9bb7d1162b28","sha":"5eca8618eab9e6f35b1d13d9c6ae8b1df598ad5c"}},"sourceBranch":"main","suggestedTargetBranches":["8.10"],"targetPullRequestStates":[{"branch":"8.10","label":"v8.10.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.11.0","labelRegex":"^v8.11.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/164403","number":164403,"mergeCommit":{"message":"[Defend Workflows]Changes to policy settings are not persistent until a refresh (#164403)\n\nCloses https://github.com/elastic/security-team/issues/7386\r\n\r\nDispatch an action that will update the stored policy upon successful\r\nsaving of Policy Settings. This should occur only when no 'routeState'\r\nis being set, as in such a scenario, a page change triggers a refetch on\r\nits own.\r\n\r\nEven though redux was removed from Policy Settings in\r\nhttps://github.com//pull/161511 , the policy object that\r\nfeeds the view is being fetched as a result of onUrlChange action and\r\nstored in the redux store. This should be addressed in the future.\r\n\r\n\r\nhttps://github.com/elastic/kibana/assets/29123534/cf008d0e-804a-49f9-a2f7-9bb7d1162b28","sha":"5eca8618eab9e6f35b1d13d9c6ae8b1df598ad5c"}}]}] BACKPORT--> Co-authored-by: Konrad Szwarc <konrad.szwarc@elastic.co>
Summary
mode = view
to the policy form. When in this mode (user has no authz to edit), form will be displayed in view only mode (no moredisabled
form elements)Screen captures
Locked cards when license is lower than Platinum
User has Read only access to Endpoint Policies
(test role: hunter)
DEV TODO
Checklist
view
mode in security solution