[7.x] task/mac-eventing-form (#62999)

x-pack/plugins/endpoint/public/applications/endpoint/models/policy.ts

@@ -42,6 +42,8 @@ export const generatePolicy = (): PolicyConfig => {
     mac: {
       events: {
         process: true,
+        file: true,
+        network: true,
       },
       malware: {
         mode: ProtectionModes.detect,
@@ -67,6 +69,8 @@ export const generatePolicy = (): PolicyConfig => {
     linux: {
       events: {
         process: true,
+        file: true,
+        network: true,
       },
       logging: {
         stdout: 'debug',

x-pack/plugins/endpoint/public/applications/endpoint/models/policy_details_config.ts

@@ -43,3 +43,33 @@ export function clone(policyDetailsConfig: UIPolicyConfig): UIPolicyConfig {
    */
   return clonedConfig as UIPolicyConfig;
 }
+
+/**
+ * Returns value from `configuration`
+ */
+export const getIn = (a: UIPolicyConfig) => <Key extends keyof UIPolicyConfig>(key: Key) => <
+  subKey extends keyof UIPolicyConfig[Key]
+>(
+  subKey: subKey
+) => <LeafKey extends keyof UIPolicyConfig[Key][subKey]>(
+  leafKey: LeafKey
+): UIPolicyConfig[Key][subKey][LeafKey] => {
+  return a[key][subKey][leafKey];
+};
+
+/**
+ * Returns cloned `configuration` with `value` set by the `keyPath`.
+ */
+export const setIn = (a: UIPolicyConfig) => <Key extends keyof UIPolicyConfig>(key: Key) => <
+  subKey extends keyof UIPolicyConfig[Key]
+>(
+  subKey: subKey
+) => <LeafKey extends keyof UIPolicyConfig[Key][subKey]>(leafKey: LeafKey) => <
+  V extends UIPolicyConfig[Key][subKey][LeafKey]
+>(
+  v: V
+): UIPolicyConfig => {
+  const c = clone(a);
+  c[key][subKey][leafKey] = v;
+  return c;
+};

x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/index.test.ts

@@ -7,7 +7,7 @@
 import { PolicyDetailsState } from '../../types';
 import { createStore, Dispatch, Store } from 'redux';
 import { policyDetailsReducer, PolicyDetailsAction } from './index';
-import { policyConfig, windowsEventing } from './selectors';
+import { policyConfig } from './selectors';
 import { clone } from '../../models/policy_details_config';
 import { generatePolicy } from '../../models/policy';
 
@@ -55,7 +55,7 @@ describe('policy details: ', () => {
     });
   });
 
-  describe('when the user has enabled windows process eventing', () => {
+  describe('when the user has enabled windows process events', () => {
     beforeEach(() => {
       const config = policyConfig(getState());
       if (!config) {
@@ -71,8 +71,31 @@ describe('policy details: ', () => {
       });
     });
 
-    it('windows process eventing is enabled', async () => {
-      expect(windowsEventing(getState())!.process).toEqual(true);
+    it('windows process events is enabled', () => {
+      const config = policyConfig(getState());
+      expect(config!.windows.events.process).toEqual(true);
+    });
+  });
+
+  describe('when the user has enabled mac file events', () => {
+    beforeEach(() => {
+      const config = policyConfig(getState());
+      if (!config) {
+        throw new Error();
+      }
+
+      const newPayload1 = clone(config);
+      newPayload1.mac.events.file = true;
+
+      dispatch({
+        type: 'userChangedPolicyConfig',
+        payload: { policyConfig: newPayload1 },
+      });
+    });
+
+    it('mac file events is enabled', () => {
+      const config = policyConfig(getState());
+      expect(config!.mac.events.file).toEqual(true);
     });
   });
 });

x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/reducer.ts

@@ -5,7 +5,7 @@
  */
 
 import { Reducer } from 'redux';
-import { PolicyData, PolicyDetailsState, UIPolicyConfig } from '../../types';
+import { PolicyDetailsState, UIPolicyConfig } from '../../types';
 import { AppAction } from '../action';
 import { fullPolicy, isOnPolicyDetailsPage } from './selectors';
 
@@ -89,10 +89,12 @@ export const policyDetailsReducer: Reducer<PolicyDetailsState, AppAction> = (
   }
 
   if (action.type === 'userChangedPolicyConfig') {
-    const newState = { ...state, policyItem: { ...(state.policyItem as PolicyData) } };
-    const newPolicy = (newState.policyItem.inputs[0].config.policy.value = {
-      ...fullPolicy(state),
-    });
+    if (!state.policyItem) {
+      return state;
+    }
+    const newState = { ...state, policyItem: { ...state.policyItem } };
+    const newPolicy: any = { ...fullPolicy(state) };
+    newState.policyItem.inputs[0].config.policy.value = newPolicy;
 
     Object.entries(action.payload.policyConfig).forEach(([section, newSettings]) => {
       newPolicy[section as keyof UIPolicyConfig] = {

x-pack/plugins/endpoint/public/applications/endpoint/store/policy_details/selectors.ts

@@ -79,14 +79,8 @@ export const policyConfig: (s: PolicyDetailsState) => UIPolicyConfig = createSel
   }
 );
 
-/** Returns an object of all the windows eventing configuration */
-export const windowsEventing = (state: PolicyDetailsState) => {
-  const config = policyConfig(state);
-  return config && config.windows.events;
-};
-
 /** Returns the total number of possible windows eventing configurations */
-export const totalWindowsEventing = (state: PolicyDetailsState): number => {
+export const totalWindowsEvents = (state: PolicyDetailsState): number => {
   const config = policyConfig(state);
   if (config) {
     return Object.keys(config.windows.events).length;
@@ -95,7 +89,7 @@ export const totalWindowsEventing = (state: PolicyDetailsState): number => {
 };
 
 /** Returns the number of selected windows eventing configurations */
-export const selectedWindowsEventing = (state: PolicyDetailsState): number => {
+export const selectedWindowsEvents = (state: PolicyDetailsState): number => {
   const config = policyConfig(state);
   if (config) {
     return Object.values(config.windows.events).reduce((count, event) => {
@@ -105,6 +99,26 @@ export const selectedWindowsEventing = (state: PolicyDetailsState): number => {
   return 0;
 };
 
+/** Returns the total number of possible mac eventing configurations */
+export const totalMacEvents = (state: PolicyDetailsState): number => {
+  const config = policyConfig(state);
+  if (config) {
+    return Object.keys(config.mac.events).length;
+  }
+  return 0;
+};
+
+/** Returns the number of selected mac eventing configurations */
+export const selectedMacEvents = (state: PolicyDetailsState): number => {
+  const config = policyConfig(state);
+  if (config) {
+    return Object.values(config.mac.events).reduce((count, event) => {
+      return event === true ? count + 1 : count;
+    }, 0);
+  }
+  return 0;
+};
+
 /** is there an api call in flight */
 export const isLoading = (state: PolicyDetailsState) => state.isLoading;
 

x-pack/plugins/endpoint/public/applications/endpoint/types.ts

@@ -121,34 +121,21 @@ export interface PolicyDetailsState {
  * Endpoint Policy configuration
  */
 export interface PolicyConfig {
-  windows: {
-    events: {
-      process: boolean;
-      network: boolean;
-    };
-    /** malware mode can be off, detect, prevent or prevent and notify user */
-    malware: MalwareFields;
+  windows: UIPolicyConfig['windows'] & {
     logging: {
       stdout: string;
       file: string;
     };
     advanced: PolicyConfigAdvancedOptions;
   };
-  mac: {
-    events: {
-      process: boolean;
-    };
-    malware: MalwareFields;
+  mac: UIPolicyConfig['mac'] & {
     logging: {
       stdout: string;
       file: string;
     };
     advanced: PolicyConfigAdvancedOptions;
   };
-  linux: {
-    events: {
-      process: boolean;
-    };
+  linux: UIPolicyConfig['linux'] & {
     logging: {
       stdout: string;
       file: string;
@@ -171,29 +158,39 @@ interface PolicyConfigAdvancedOptions {
   };
 }
 
-/**
- * Windows-specific policy configuration that is supported via the UI
- */
-type WindowsPolicyConfig = Pick<PolicyConfig['windows'], 'events' | 'malware'>;
-
-/**
- * Mac-specific policy configuration that is supported via the UI
- */
-type MacPolicyConfig = Pick<PolicyConfig['mac'], 'malware' | 'events'>;
-
-/**
- * Linux-specific policy configuration that is supported via the UI
- */
-type LinuxPolicyConfig = Pick<PolicyConfig['linux'], 'events'>;
-
 /**
  * The set of Policy configuration settings that are show/edited via the UI
  */
-export interface UIPolicyConfig {
-  windows: WindowsPolicyConfig;
-  mac: MacPolicyConfig;
-  linux: LinuxPolicyConfig;
-}
+/* eslint-disable @typescript-eslint/consistent-type-definitions */
+export type UIPolicyConfig = {
+  windows: {
+    events: {
+      process: boolean;
+      network: boolean;
+    };
+    /** malware mode can be off, detect, prevent or prevent and notify user */
+    malware: MalwareFields;
+  };
+  mac: {
+    events: {
+      file: boolean;
+      process: boolean;
+      network: boolean;
+    };
+    malware: MalwareFields;
+  };
+
+  /**
+   * Linux-specific policy configuration that is supported via the UI
+   */
+  linux: {
+    events: {
+      file: boolean;
+      process: boolean;
+      network: boolean;
+    };
+  };
+};
 
 /** OS used in Policy */
 export enum OS {
@@ -206,6 +203,7 @@ export enum OS {
 export enum EventingFields {
   process = 'process',
   network = 'network',
+  file = 'file',
 }
 
 /**

x-pack/plugins/endpoint/public/applications/endpoint/view/policy/policy_details.tsx

@@ -29,12 +29,12 @@ import {
   isLoading,
   apiError,
 } from '../../store/policy_details/selectors';
-import { WindowsEventing } from './policy_forms/eventing/windows';
-import { PageView, PageViewHeaderTitle } from '../components/page_view';
+import { PageView, PageViewHeaderTitle } from '../../view/components/page_view';
 import { AppAction } from '../../types';
 import { useKibana } from '../../../../../../../../src/plugins/kibana_react/public';
 import { AgentsSummary } from './agents_summary';
 import { VerticalDivider } from './vertical_divider';
+import { WindowsEvents, MacEvents } from './policy_forms/events';
 import { MalwareProtections } from './policy_forms/protections/malware';
 
 export const PolicyDetails = React.memo(() => {
@@ -205,7 +205,9 @@ export const PolicyDetails = React.memo(() => {
           </h4>
         </EuiText>
         <EuiSpacer size="xs" />
-        <WindowsEventing />
+        <WindowsEvents />
+        <EuiSpacer size="l" />
+        <MacEvents />
       </PageView>
     </>
   );