empayre/fleet
14
0
Fork 0
mirror of https://github.com/empayre/fleet.git synced 2024-11-06 17:05:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
88eeb9c1a4
fleet/server/service/transport.go

586 lines
17 KiB
Go
Raw Normal View History

Organizing go code (#241)
2016-09-26 18:48:55 +00:00
package service
go-kit server layout
2016-08-28 03:59:17 +00:00
import (
Update go-kit to 0.4.0 (#1411) Notable refactoring: - Use stdlib "context" in place of "golang.org/x/net/context" - Go-kit no longer wraps errors, so we remove the unwrap in transport_error.go - Use MakeHandler when setting up endpoint tests (fixes test bug caught during this refactoring) Closes #1411.
2017-03-15 15:55:30 +00:00
"context"
go-kit server layout
2016-08-28 03:59:17 +00:00
"encoding/json"
Use new error handling approach in other packages (#2954)
2021-11-22 14:13:26 +00:00
"errors"
`/api/_version_/fleet/hosts` to return bad request instead of server error when passing invalid `mdm_enrollment_status` (#11242) #10880 I was not able to reproduce other 500s in `/api/_version_/fleet/hosts` other than the one fixed in the PR. - [X] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - ~[ ] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md)~ - ~[ ] Documented any permissions changes~ - ~[ ] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements)~ - ~[ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for new osquery data ingestion features.~ - [X] Added/updated tests - [X] Manual QA for all new/changed functionality - ~For Orbit and Fleet Desktop changes:~ - ~[ ] Manual QA must be performed in the three main OSs, macOS, Windows and Linux.~ - ~[ ] Auto-update manual QA, from released version of component to new version (see [tools/tuf/test](../tools/tuf/test/README.md)).~
2023-04-19 21:43:15 +00:00
"fmt"
Server Side SSO Support (#1498) This PR partially addresses #1456, providing SSO SAML support. The flow of the code is as follows. A Kolide user attempts to access a protected resource and is directed to log in. If SSO identity providers (IDP) have been configured by an admin, the user is presented with SSO log in. The user selects SSO, which invokes a call the InitiateSSO passing the URL of the protected resource that the user was originally trying access. Kolide server loads the IDP metadata and caches it along with the URL. We then build an auth request URL for the IDP which is returned to the front end. The IDP calls the server, invoking CallbackSSO with the auth response. We extract the original request id from the response and use it to fetch the cached metadata and the URL. We check the signature of the response, and validate the timestamps. If everything passes we get the user id from the IDP response and use it to create a login session. We then build a page which executes some javascript that will write the token to web local storage, and redirect to the original URL. I've created a test web page in tools/app/authtest.html that can be used to test and debug new IDP's which also illustrates how a front end would interact with the IDP and the server. This page can be loaded by starting Kolide with the environment variable KOLIDE_TEST_PAGE_PATH to the full path of the page and then accessed at https://localhost:8080/test
2017-05-09 00:43:48 +00:00
"io"
go-kit server layout
2016-08-28 03:59:17 +00:00
"net/http"
Fix errors when trying to retrieve specs with spaces in name (#1957) We need to properly escape and unescape the name parameter. Fixes #1948
2018-11-21 01:19:24 +00:00
"net/url"
queries and packs services via go-kit (#102) * osquery services via go-kit * Visual Studio Code configurations * create query and pack endpoints * organizing files more scalably * modify query and pack endpoints * delete query and pack endpoints * get query and pack endpoints * get all queries and packs endpoints * add and remove queries from packs * test stubs * removing some indirection * query service tests * service pack tests * transport tests * adding config file flag back * organizing package kolide * get queries in pack endpoint * run tests on 1.7? * no 1.7 image :( * typo in circle.yml
2016-09-04 05:13:42 +00:00
"strconv"
Add support for filtering hosts in label (#335) Support the same query syntax as the hosts endpoint, here also bounded by the membership of the label.
2021-02-18 20:52:43 +00:00
"strings"
go-kit server layout
2016-08-28 03:59:17 +00:00
Use new error handling approach in other packages (#2954)
2021-11-22 14:13:26 +00:00
"github.com/fleetdm/fleet/v4/server/contexts/ctxerr"
Add v4 suffix in go.mod (#1224)
2021-06-26 04:46:51 +00:00
"github.com/fleetdm/fleet/v4/server/fleet"
Add global policies (#1750) * Add global policies * Update documentation and add extra parameter to config * Fix failing tests * Store historic policy records * Address review comments And also remove other inmem references I saw by chance * Add documentation for get by id request * Add parameter doc * Move schema generation to a cmd instead of a test Otherwise it messes up running all tests sometimes depending on how parallel it does * Remove brain dump for another task * Make migration tests a separate beast * Make schema generation idempotent and move dbutils cmd to tools * Allow all filters and add counts to Policy * Add test for Policy
2021-08-24 20:24:52 +00:00
"github.com/fleetdm/fleet/v4/server/ptr"
Add server support for Fleet Sandbox demo login (#6387) * Add server support for Fleet Sandbox demo login This adds an endpoint `/api/latest/fleet/demologin` that provides a redirect for the fleetdm.com portion of Fleet Sandbox to automatically log in a user. The username and password must be provided as form values. The endpoint is only enabled if `FLEET_DEMO=1` is set in the server environment. This was tested locally with the following HTML served by `python3 -m http.server`, and the Fleet server running with `FLEET_DEMO=1 ./build/fleet serve --dev`: ``` <!DOCTYPE html> <body> <form method="post" action="https://localhost:8080/api/latest/fleet/demologin" id="demologin" > <input type="hidden" name="email" value="admin@example.com" /> <input type="hidden" name="password" value="admin123123#" /> <input type="submit"/> </form> <script type="text/javascript"> document.forms["demologin"].submit(); </script> </body> </html> ``` For Fleet sandbox purposes, the `action` should be set to the correct hostname for the sandbox instance, while the `email` and `password` should be set to the same credentials that were provided when creating the instance. * lucas comments * Add integration tests * Fix status codes and add comments Co-authored-by: Martin Angers <martin.n.angers@gmail.com>
2022-07-01 19:52:55 +00:00
kithttp "github.com/go-kit/kit/transport/http"
Add aliases for order keys in API (#329) Aliases `hostname` (`host_name`) and `memory` (`physical_memory`) when used as keys for ordering in the API this allows for better consistency on the frontend. To be cleaned up further in #317
2021-02-16 23:25:34 +00:00
"github.com/gorilla/mux"
go-kit server layout
2016-08-28 03:59:17 +00:00
)
Add support for downloading a list of hosts in CSV format (#4596)
2022-03-15 19:14:42 +00:00
// errBadRoute is used for mux errors
var errBadRoute = errors.New("bad route")
go-kit server layout
2016-08-28 03:59:17 +00:00
func encodeResponse(ctx context.Context, w http.ResponseWriter, response interface{}) error {
SSO Login and Configuration Support (#1506) Closes issue #1456 This PR adds a single sign on option to the login form, exposes single sign on to the end user, and allows an admin user to set single sign on configuration options.
2017-05-17 15:58:40 +00:00
// The has to happen first, if an error happens we'll redirect to an error
// page and the error will be logged
if page, ok := response.(htmlPage); ok {
w.Header().Set("Content-Type", "text/html; charset=UTF-8")
add browser-related security headers to HTML responses (#8180) related to #8031, this adds the following headers to HTML responses: - Strict-Transport-Security: informs browsers that the site should only be accessed using HTTPS, and that any future attempts to access it using HTTP should automatically be converted to HTTPS. - X-Frames-Options: disallows embedding the UI in other sites via <frame>, <iframe>, <embed> or <object>, which can prevent attacks like clickjacking. - X-Content-Type-Options: prevents browsers from trying to guess the MIME type which can cause browsers to transform non-executable content into executable content. - Referrer-Policy: prevents leaking the origin of the referrer in the Referer. additionally, this ensures we set `X-Content-Type-Options` for CSV and installer responses.
2022-10-12 13:19:21 +00:00
writeBrowserSecurityHeaders(w)
Add server support for Fleet Sandbox demo login (#6387) * Add server support for Fleet Sandbox demo login This adds an endpoint `/api/latest/fleet/demologin` that provides a redirect for the fleetdm.com portion of Fleet Sandbox to automatically log in a user. The username and password must be provided as form values. The endpoint is only enabled if `FLEET_DEMO=1` is set in the server environment. This was tested locally with the following HTML served by `python3 -m http.server`, and the Fleet server running with `FLEET_DEMO=1 ./build/fleet serve --dev`: ``` <!DOCTYPE html> <body> <form method="post" action="https://localhost:8080/api/latest/fleet/demologin" id="demologin" > <input type="hidden" name="email" value="admin@example.com" /> <input type="hidden" name="password" value="admin123123#" /> <input type="submit"/> </form> <script type="text/javascript"> document.forms["demologin"].submit(); </script> </body> </html> ``` For Fleet sandbox purposes, the `action` should be set to the correct hostname for the sandbox instance, while the `email` and `password` should be set to the same credentials that were provided when creating the instance. * lucas comments * Add integration tests * Fix status codes and add comments Co-authored-by: Martin Angers <martin.n.angers@gmail.com>
2022-07-01 19:52:55 +00:00
if coder, ok := page.error().(kithttp.StatusCoder); ok {
w.WriteHeader(coder.StatusCode())
}
SSO Login and Configuration Support (#1506) Closes issue #1456 This PR adds a single sign on option to the login form, exposes single sign on to the end user, and allows an admin user to set single sign on configuration options.
2017-05-17 15:58:40 +00:00
_, err := io.WriteString(w, page.html())
return err
}
go-kit server layout
2016-08-28 03:59:17 +00:00
if e, ok := response.(errorer); ok && e.error() != nil {
encodeError(ctx, e.error(), w)
return nil
}
Update users service (#156) Closes #144 #145 #160 Implements PATCH method on user and endpoint middleware for authnz Implements `reset_password` (with token) and `forgot_password` endpoints Added godoc comments for UserService interface Shift to using testify/assert in test code Multiple fixes/changes to the UserService API
2016-09-15 14:52:17 +00:00
Add support for downloading a list of hosts in CSV format (#4596)
2022-03-15 19:14:42 +00:00
if render, ok := response.(renderHijacker); ok {
render.hijackRender(ctx, w)
return nil
}
Update users service (#156) Closes #144 #145 #160 Implements PATCH method on user and endpoint middleware for authnz Implements `reset_password` (with token) and `forgot_password` endpoints Added godoc comments for UserService interface Shift to using testify/assert in test code Multiple fixes/changes to the UserService API
2016-09-15 14:52:17 +00:00
if e, ok := response.(statuser); ok {
Add support for downloading a list of hosts in CSV format (#4596)
2022-03-15 19:14:42 +00:00
w.WriteHeader(e.Status())
if e.Status() == http.StatusNoContent {
Update users service (#156) Closes #144 #145 #160 Implements PATCH method on user and endpoint middleware for authnz Implements `reset_password` (with token) and `forgot_password` endpoints Added godoc comments for UserService interface Shift to using testify/assert in test code Multiple fixes/changes to the UserService API
2016-09-15 14:52:17 +00:00
return nil
}
}
pretty-print JSON response. (#147) NOTE: SetIndent() was introduce in 1.7
2016-09-09 12:34:53 +00:00
enc := json.NewEncoder(w)
enc.SetIndent("", " ")
return enc.Encode(response)
go-kit server layout
2016-08-28 03:59:17 +00:00
}
Update users service (#156) Closes #144 #145 #160 Implements PATCH method on user and endpoint middleware for authnz Implements `reset_password` (with token) and `forgot_password` endpoints Added godoc comments for UserService interface Shift to using testify/assert in test code Multiple fixes/changes to the UserService API
2016-09-15 14:52:17 +00:00
// statuser allows response types to implement a custom
// http success status - default is 200 OK
type statuser interface {
Add support for downloading a list of hosts in CSV format (#4596)
2022-03-15 19:14:42 +00:00
Status() int
Update users service (#156) Closes #144 #145 #160 Implements PATCH method on user and endpoint middleware for authnz Implements `reset_password` (with token) and `forgot_password` endpoints Added godoc comments for UserService interface Shift to using testify/assert in test code Multiple fixes/changes to the UserService API
2016-09-15 14:52:17 +00:00
}
Server Side SSO Support (#1498) This PR partially addresses #1456, providing SSO SAML support. The flow of the code is as follows. A Kolide user attempts to access a protected resource and is directed to log in. If SSO identity providers (IDP) have been configured by an admin, the user is presented with SSO log in. The user selects SSO, which invokes a call the InitiateSSO passing the URL of the protected resource that the user was originally trying access. Kolide server loads the IDP metadata and caches it along with the URL. We then build an auth request URL for the IDP which is returned to the front end. The IDP calls the server, invoking CallbackSSO with the auth response. We extract the original request id from the response and use it to fetch the cached metadata and the URL. We check the signature of the response, and validate the timestamps. If everything passes we get the user id from the IDP response and use it to create a login session. We then build a page which executes some javascript that will write the token to web local storage, and redirect to the original URL. I've created a test web page in tools/app/authtest.html that can be used to test and debug new IDP's which also illustrates how a front end would interact with the IDP and the server. This page can be loaded by starting Kolide with the environment variable KOLIDE_TEST_PAGE_PATH to the full path of the page and then accessed at https://localhost:8080/test
2017-05-09 00:43:48 +00:00
// loads a html page
type htmlPage interface {
html() string
error() error
}
Add support for downloading a list of hosts in CSV format (#4596)
2022-03-15 19:14:42 +00:00
// renderHijacker can be implemented by response values to take control of
// their own rendering.
type renderHijacker interface {
hijackRender(ctx context.Context, w http.ResponseWriter)
}
Mna 1782 migrate endpoints (#3226)
2021-12-14 21:34:11 +00:00
func uintFromRequest(r *http.Request, name string) (uint64, error) {
queries and packs services via go-kit (#102) * osquery services via go-kit * Visual Studio Code configurations * create query and pack endpoints * organizing files more scalably * modify query and pack endpoints * delete query and pack endpoints * get query and pack endpoints * get all queries and packs endpoints * add and remove queries from packs * test stubs * removing some indirection * query service tests * service pack tests * transport tests * adding config file flag back * organizing package kolide * get queries in pack endpoint * run tests on 1.7? * no 1.7 image :( * typo in circle.yml
2016-09-04 05:13:42 +00:00
vars := mux.Vars(r)
Mna 1782 migrate endpoints (#3226)
2021-12-14 21:34:11 +00:00
s, ok := vars[name]
queries and packs services via go-kit (#102) * osquery services via go-kit * Visual Studio Code configurations * create query and pack endpoints * organizing files more scalably * modify query and pack endpoints * delete query and pack endpoints * get query and pack endpoints * get all queries and packs endpoints * add and remove queries from packs * test stubs * removing some indirection * query service tests * service pack tests * transport tests * adding config file flag back * organizing package kolide * get queries in pack endpoint * run tests on 1.7? * no 1.7 image :( * typo in circle.yml
2016-09-04 05:13:42 +00:00
if !ok {
return 0, errBadRoute
}
Mna 1782 migrate endpoints (#3226)
2021-12-14 21:34:11 +00:00
u, err := strconv.ParseUint(s, 10, 64)
queries and packs services via go-kit (#102) * osquery services via go-kit * Visual Studio Code configurations * create query and pack endpoints * organizing files more scalably * modify query and pack endpoints * delete query and pack endpoints * get query and pack endpoints * get all queries and packs endpoints * add and remove queries from packs * test stubs * removing some indirection * query service tests * service pack tests * transport tests * adding config file flag back * organizing package kolide * get queries in pack endpoint * run tests on 1.7? * no 1.7 image :( * typo in circle.yml
2016-09-04 05:13:42 +00:00
if err != nil {
Mna 1782 migrate endpoints (#3226)
2021-12-14 21:34:11 +00:00
return 0, ctxerr.Wrap(r.Context(), err, "uintFromRequest")
queries and packs services via go-kit (#102) * osquery services via go-kit * Visual Studio Code configurations * create query and pack endpoints * organizing files more scalably * modify query and pack endpoints * delete query and pack endpoints * get query and pack endpoints * get all queries and packs endpoints * add and remove queries from packs * test stubs * removing some indirection * query service tests * service pack tests * transport tests * adding config file flag back * organizing package kolide * get queries in pack endpoint * run tests on 1.7? * no 1.7 image :( * typo in circle.yml
2016-09-04 05:13:42 +00:00
}
Mna 1782 migrate endpoints (#3226)
2021-12-14 21:34:11 +00:00
return u, nil
queries and packs services via go-kit (#102) * osquery services via go-kit * Visual Studio Code configurations * create query and pack endpoints * organizing files more scalably * modify query and pack endpoints * delete query and pack endpoints * get query and pack endpoints * get all queries and packs endpoints * add and remove queries from packs * test stubs * removing some indirection * query service tests * service pack tests * transport tests * adding config file flag back * organizing package kolide * get queries in pack endpoint * run tests on 1.7? * no 1.7 image :( * typo in circle.yml
2016-09-04 05:13:42 +00:00
}
Mna 1782 migrate endpoints (#3226)
2021-12-14 21:34:11 +00:00
func intFromRequest(r *http.Request, name string) (int64, error) {
Delete spec entities by name instead of ID (#1755) With the UI, deleting by ID made sense. With fleetctl, we now want to delete by name. Transition only the methods used for spec related entities, as others will be removed soon.
2018-05-04 18:05:55 +00:00
vars := mux.Vars(r)
Mna 1782 migrate endpoints (#3226)
2021-12-14 21:34:11 +00:00
s, ok := vars[name]
if !ok {
return 0, errBadRoute
}
u, err := strconv.ParseInt(s, 10, 64)
if err != nil {
return 0, ctxerr.Wrap(r.Context(), err, "intFromRequest")
}
return u, nil
}
func stringFromRequest(r *http.Request, name string) (string, error) {
vars := mux.Vars(r)
s, ok := vars[name]
Delete spec entities by name instead of ID (#1755) With the UI, deleting by ID made sense. With fleetctl, we now want to delete by name. Transition only the methods used for spec related entities, as others will be removed soon.
2018-05-04 18:05:55 +00:00
if !ok {
return "", errBadRoute
}
Mna 1782 migrate endpoints (#3226)
2021-12-14 21:34:11 +00:00
unescaped, err := url.PathUnescape(s)
Fix errors when trying to retrieve specs with spaces in name (#1957) We need to properly escape and unescape the name parameter. Fixes #1948
2018-11-21 01:19:24 +00:00
if err != nil {
Mna 1782 migrate endpoints (#3226)
2021-12-14 21:34:11 +00:00
return "", ctxerr.Wrap(r.Context(), err, "unescape value in path")
Fix errors when trying to retrieve specs with spaces in name (#1957) We need to properly escape and unescape the name parameter. Fixes #1948
2018-11-21 01:19:24 +00:00
}
return unescaped, nil
Delete spec entities by name instead of ID (#1755) With the UI, deleting by ID made sense. With fleetctl, we now want to delete by name. Transition only the methods used for spec related entities, as others will be removed soon.
2018-05-04 18:05:55 +00:00
}
Add pagination to List* endpoints (#309) - Introduce kolide.ListOptions to store pagination params (in the future it can also store ordering/filtering params) - Refactor service/datastore methods to take kolide.ListOptions - Implement pagination
2016-10-13 18:21:47 +00:00
// default number of items to include per page
const defaultPerPage = 20
// listOptionsFromRequest parses the list options from the request parameters
Remove kolide types and packages from backend (#974) Generally renamed `kolide` -> `fleet`
2021-06-06 22:07:29 +00:00
func listOptionsFromRequest(r *http.Request) (fleet.ListOptions, error) {
Add pagination to List* endpoints (#309) - Introduce kolide.ListOptions to store pagination params (in the future it can also store ordering/filtering params) - Refactor service/datastore methods to take kolide.ListOptions - Implement pagination
2016-10-13 18:21:47 +00:00
var err error
pageString := r.URL.Query().Get("page")
perPageString := r.URL.Query().Get("per_page")
Add ordering options for List* methods (#318)
2016-10-17 14:01:14 +00:00
orderKey := r.URL.Query().Get("order_key")
orderDirectionString := r.URL.Query().Get("order_direction")
Add cursor pagination to list hosts (#3120) * Add cursor pagination to list hosts * Update docs * Update based on review comments
2021-11-29 18:06:00 +00:00
afterString := r.URL.Query().Get("after")
Add pagination to List* endpoints (#309) - Introduce kolide.ListOptions to store pagination params (in the future it can also store ordering/filtering params) - Refactor service/datastore methods to take kolide.ListOptions - Implement pagination
2016-10-13 18:21:47 +00:00
Configure golangci-lint for the whole repository Add a relatively minimal set of linters that raise safe and mostly un-opinionated issues with the code. It runs automatically on CI via a github action.
2021-08-24 17:35:03 +00:00
var page int
Add pagination to List* endpoints (#309) - Introduce kolide.ListOptions to store pagination params (in the future it can also store ordering/filtering params) - Refactor service/datastore methods to take kolide.ListOptions - Implement pagination
2016-10-13 18:21:47 +00:00
if pageString != "" {
page, err = strconv.Atoi(pageString)
if err != nil {
For requests with invalid list options, return 400 instead of 500 (#11632) ## Addresses #11272 - For requests with invalid list options (`page`, `per_page`, `order_key`, `order_direction`), return `400` instead of `500` <img width="957" alt="Screenshot 2023-05-10 at 2 28 56 PM" src="https://github.com/fleetdm/fleet/assets/61553566/d4400a92-b158-4a41-9d00-9ba5170d48f6"> # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
2023-05-17 20:41:30 +00:00
return fleet.ListOptions{}, ctxerr.Wrap(r.Context(), badRequest("non-int page value"))
Add pagination to List* endpoints (#309) - Introduce kolide.ListOptions to store pagination params (in the future it can also store ordering/filtering params) - Refactor service/datastore methods to take kolide.ListOptions - Implement pagination
2016-10-13 18:21:47 +00:00
}
if page < 0 {
For requests with invalid list options, return 400 instead of 500 (#11632) ## Addresses #11272 - For requests with invalid list options (`page`, `per_page`, `order_key`, `order_direction`), return `400` instead of `500` <img width="957" alt="Screenshot 2023-05-10 at 2 28 56 PM" src="https://github.com/fleetdm/fleet/assets/61553566/d4400a92-b158-4a41-9d00-9ba5170d48f6"> # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
2023-05-17 20:41:30 +00:00
return fleet.ListOptions{}, ctxerr.Wrap(r.Context(), badRequest("negative page value"))
Add pagination to List* endpoints (#309) - Introduce kolide.ListOptions to store pagination params (in the future it can also store ordering/filtering params) - Refactor service/datastore methods to take kolide.ListOptions - Implement pagination
2016-10-13 18:21:47 +00:00
}
}
// We default to 0 for per_page so that not specifying any paging
// information gets all results
Configure golangci-lint for the whole repository Add a relatively minimal set of linters that raise safe and mostly un-opinionated issues with the code. It runs automatically on CI via a github action.
2021-08-24 17:35:03 +00:00
var perPage int
Add pagination to List* endpoints (#309) - Introduce kolide.ListOptions to store pagination params (in the future it can also store ordering/filtering params) - Refactor service/datastore methods to take kolide.ListOptions - Implement pagination
2016-10-13 18:21:47 +00:00
if perPageString != "" {
perPage, err = strconv.Atoi(perPageString)
if err != nil {
For requests with invalid list options, return 400 instead of 500 (#11632) ## Addresses #11272 - For requests with invalid list options (`page`, `per_page`, `order_key`, `order_direction`), return `400` instead of `500` <img width="957" alt="Screenshot 2023-05-10 at 2 28 56 PM" src="https://github.com/fleetdm/fleet/assets/61553566/d4400a92-b158-4a41-9d00-9ba5170d48f6"> # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
2023-05-17 20:41:30 +00:00
return fleet.ListOptions{}, ctxerr.Wrap(r.Context(), badRequest("non-int per_page value"))
Add pagination to List* endpoints (#309) - Introduce kolide.ListOptions to store pagination params (in the future it can also store ordering/filtering params) - Refactor service/datastore methods to take kolide.ListOptions - Implement pagination
2016-10-13 18:21:47 +00:00
}
if perPage <= 0 {
For requests with invalid list options, return 400 instead of 500 (#11632) ## Addresses #11272 - For requests with invalid list options (`page`, `per_page`, `order_key`, `order_direction`), return `400` instead of `500` <img width="957" alt="Screenshot 2023-05-10 at 2 28 56 PM" src="https://github.com/fleetdm/fleet/assets/61553566/d4400a92-b158-4a41-9d00-9ba5170d48f6"> # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
2023-05-17 20:41:30 +00:00
return fleet.ListOptions{}, ctxerr.Wrap(r.Context(), badRequest("invalid per_page value"))
Add pagination to List* endpoints (#309) - Introduce kolide.ListOptions to store pagination params (in the future it can also store ordering/filtering params) - Refactor service/datastore methods to take kolide.ListOptions - Implement pagination
2016-10-13 18:21:47 +00:00
}
}
if perPage == 0 && pageString != "" {
// We explicitly set a non-zero default if a page is specified
// (because the client probably intended for paging, and
// leaving the 0 would turn that off)
perPage = defaultPerPage
}
Add ordering options for List* methods (#318)
2016-10-17 14:01:14 +00:00
if orderKey == "" && orderDirectionString != "" {
For requests with invalid list options, return 400 instead of 500 (#11632) ## Addresses #11272 - For requests with invalid list options (`page`, `per_page`, `order_key`, `order_direction`), return `400` instead of `500` <img width="957" alt="Screenshot 2023-05-10 at 2 28 56 PM" src="https://github.com/fleetdm/fleet/assets/61553566/d4400a92-b158-4a41-9d00-9ba5170d48f6"> # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
2023-05-17 20:41:30 +00:00
return fleet.ListOptions{}, ctxerr.Wrap(r.Context(), badRequest("order_key must be specified with order_direction"))
Add ordering options for List* methods (#318)
2016-10-17 14:01:14 +00:00
}
Enabled support and validation of 'after' parameter for several endpoints (#15047) Loom explaining changes: https://www.loom.com/share/f05f241a77304c19bc6ba1d0702c7bd8?sid=ea86b282-0bda-4ba4-a6cf-4520f0db610d #14571 Enabled support and validation of 'after' parameter for the following endpoints: - GET /api/v1/fleet/carves Setting 'after' parameter no longer returns SQL syntax error for the following endpoints: - GET /api/v1/fleet/carves - GET /api/v1/fleet/invites - GET /api/v1/fleet/labels - GET /api/v1/fleet/packs - GET /api/v1/fleet/global/policies - GET /api/v1/fleet/teams/{id}/policies - GET /api/v1/fleet/queries - GET /api/v1/fleet/packs/{id}/scheduled - GET /api/v1/fleet/teams - GET /api/v1/fleet/users API doc changes PR: https://github.com/fleetdm/fleet/pull/15061 - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Added/updated tests - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Rachael Shaw <r@rachael.wtf>
2023-11-09 19:18:29 +00:00
if orderKey == "" && afterString != "" {
return fleet.ListOptions{}, ctxerr.Wrap(r.Context(), badRequest("order_key must be specified with after"))
}
Remove kolide types and packages from backend (#974) Generally renamed `kolide` -> `fleet`
2021-06-06 22:07:29 +00:00
var orderDirection fleet.OrderDirection
Add ordering options for List* methods (#318)
2016-10-17 14:01:14 +00:00
switch orderDirectionString {
case "desc":
Remove kolide types and packages from backend (#974) Generally renamed `kolide` -> `fleet`
2021-06-06 22:07:29 +00:00
orderDirection = fleet.OrderDescending
Add ordering options for List* methods (#318)
2016-10-17 14:01:14 +00:00
case "asc":
Remove kolide types and packages from backend (#974) Generally renamed `kolide` -> `fleet`
2021-06-06 22:07:29 +00:00
orderDirection = fleet.OrderAscending
Add ordering options for List* methods (#318)
2016-10-17 14:01:14 +00:00
case "":
Remove kolide types and packages from backend (#974) Generally renamed `kolide` -> `fleet`
2021-06-06 22:07:29 +00:00
orderDirection = fleet.OrderAscending
Add ordering options for List* methods (#318)
2016-10-17 14:01:14 +00:00
default:
Remove kolide types and packages from backend (#974) Generally renamed `kolide` -> `fleet`
2021-06-06 22:07:29 +00:00
return fleet.ListOptions{},
For requests with invalid list options, return 400 instead of 500 (#11632) ## Addresses #11272 - For requests with invalid list options (`page`, `per_page`, `order_key`, `order_direction`), return `400` instead of `500` <img width="957" alt="Screenshot 2023-05-10 at 2 28 56 PM" src="https://github.com/fleetdm/fleet/assets/61553566/d4400a92-b158-4a41-9d00-9ba5170d48f6"> # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
2023-05-17 20:41:30 +00:00
ctxerr.Wrap(r.Context(), badRequest("unknown order_direction: "+orderDirectionString))
Add ordering options for List* methods (#318)
2016-10-17 14:01:14 +00:00
}
Add search for list users endpoint (#490) Search runs on name and email. Some refactoring to make the functionality more generic.
2021-03-18 00:24:34 +00:00
query := r.URL.Query().Get("query")
Remove kolide types and packages from backend (#974) Generally renamed `kolide` -> `fleet`
2021-06-06 22:07:29 +00:00
return fleet.ListOptions{
Add ordering options for List* methods (#318)
2016-10-17 14:01:14 +00:00
Page: uint(page),
PerPage: uint(perPage),
OrderKey: orderKey,
OrderDirection: orderDirection,
Add search for list users endpoint (#490) Search runs on name and email. Some refactoring to make the functionality more generic.
2021-03-18 00:24:34 +00:00
MatchQuery: query,
Add cursor pagination to list hosts (#3120) * Add cursor pagination to list hosts * Update docs * Update based on review comments
2021-11-29 18:06:00 +00:00
After: afterString,
Add ordering options for List* methods (#318)
2016-10-17 14:01:14 +00:00
}, nil
Add pagination to List* endpoints (#309) - Introduce kolide.ListOptions to store pagination params (in the future it can also store ordering/filtering params) - Refactor service/datastore methods to take kolide.ListOptions - Implement pagination
2016-10-13 18:21:47 +00:00
}
Remove kolide types and packages from backend (#974) Generally renamed `kolide` -> `fleet`
2021-06-06 22:07:29 +00:00
func hostListOptionsFromRequest(r *http.Request) (fleet.HostListOptions, error) {
Add support for filtering hosts in label (#335) Support the same query syntax as the hosts endpoint, here also bounded by the membership of the label.
2021-02-18 20:52:43 +00:00
opt, err := listOptionsFromRequest(r)
if err != nil {
Remove kolide types and packages from backend (#974) Generally renamed `kolide` -> `fleet`
2021-06-06 22:07:29 +00:00
return fleet.HostListOptions{}, err
Add support for filtering hosts in label (#335) Support the same query syntax as the hosts endpoint, here also bounded by the membership of the label.
2021-02-18 20:52:43 +00:00
}
Remove kolide types and packages from backend (#974) Generally renamed `kolide` -> `fleet`
2021-06-06 22:07:29 +00:00
hopt := fleet.HostListOptions{ListOptions: opt}
Add support for filtering hosts in label (#335) Support the same query syntax as the hosts endpoint, here also bounded by the membership of the label.
2021-02-18 20:52:43 +00:00
status := r.URL.Query().Get("status")
Remove kolide types and packages from backend (#974) Generally renamed `kolide` -> `fleet`
2021-06-06 22:07:29 +00:00
switch fleet.HostStatus(status) {
Add new missing value to existing status URL parameter at the GET /hosts endpoint (#7916)
2022-10-10 11:45:39 +00:00
case fleet.StatusNew, fleet.StatusOnline, fleet.StatusOffline, fleet.StatusMIA, fleet.StatusMissing:
Remove kolide types and packages from backend (#974) Generally renamed `kolide` -> `fleet`
2021-06-06 22:07:29 +00:00
hopt.StatusFilter = fleet.HostStatus(status)
Add support for filtering hosts in label (#335) Support the same query syntax as the hosts endpoint, here also bounded by the membership of the label.
2021-02-18 20:52:43 +00:00
case "":
// No error when unset
default:
13998 host options validation (#14539) #13998 Cleaned up REST API input validation for hosts, carves, users endpoints. rest-api.md changes explained: https://www.loom.com/share/9cd82653bacb4528bdaac117ec85a976 For the following endpoints: /api/v1/fleet/hosts /api/v1/fleet/hosts/count /api/v1/fleet/hosts/report - converted validation errors from 500 to 400 HTTP status code - added validation that policy_id must be present when policy_response is specified - added validation that policy_response must be `passing` or `failing` - added validation that `os_name` must be specified with `os_version` For the following endpoint: /api/v1/fleet/users - converted team_id validation error from 500 to 400 HTTP status code For the following endpoint: /api/v1/fleet/carves - added rest-api.md documentation for `page`, `per_page`, `order_key`, `order_direction`, and `expired` - converted `expired` validation error from 500 to 400 HTTP status code # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Rachael Shaw <r@rachael.wtf>
2023-10-27 20:13:20 +00:00
return hopt, ctxerr.Wrap(r.Context(), badRequest(fmt.Sprintf("Invalid status: %s", status)))
Add support for filtering hosts in label (#335) Support the same query syntax as the hosts endpoint, here also bounded by the membership of the label.
2021-02-18 20:52:43 +00:00
}
additionalInfoFiltersString := r.URL.Query().Get("additional_info_filters")
if additionalInfoFiltersString != "" {
hopt.AdditionalFilters = strings.Split(additionalInfoFiltersString, ",")
}
Issue 2050 add software filter list hosts (#2486) * Add software_id filter to list hosts * Add integration test for API endpoint * Add doc * Simplify sql query
2021-10-12 14:38:12 +00:00
teamID := r.URL.Query().Get("team_id")
if teamID != "" {
Allow filtering hosts by `software_version_id` and `software_title_id`. (#15433)
2023-12-06 19:59:00 +00:00
id, err := strconv.ParseUint(teamID, 10, 32)
add team_id filter to fleetctl & api (#1596) * add team_id filter to fleetctl via get hosts --team flag & api via api/v1/fleet/hosts and api/v1/fleet/labels/id/hosts * update tests & add changes file
2021-08-11 14:40:56 +00:00
if err != nil {
13998 host options validation (#14539) #13998 Cleaned up REST API input validation for hosts, carves, users endpoints. rest-api.md changes explained: https://www.loom.com/share/9cd82653bacb4528bdaac117ec85a976 For the following endpoints: /api/v1/fleet/hosts /api/v1/fleet/hosts/count /api/v1/fleet/hosts/report - converted validation errors from 500 to 400 HTTP status code - added validation that policy_id must be present when policy_response is specified - added validation that policy_response must be `passing` or `failing` - added validation that `os_name` must be specified with `os_version` For the following endpoint: /api/v1/fleet/users - converted team_id validation error from 500 to 400 HTTP status code For the following endpoint: /api/v1/fleet/carves - added rest-api.md documentation for `page`, `per_page`, `order_key`, `order_direction`, and `expired` - converted `expired` validation error from 500 to 400 HTTP status code # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Rachael Shaw <r@rachael.wtf>
2023-10-27 20:13:20 +00:00
return hopt, ctxerr.Wrap(r.Context(), badRequest(fmt.Sprintf("Invalid team_id: %s", teamID)))
add team_id filter to fleetctl & api (#1596) * add team_id filter to fleetctl via get hosts --team flag & api via api/v1/fleet/hosts and api/v1/fleet/labels/id/hosts * update tests & add changes file
2021-08-11 14:40:56 +00:00
}
tid := uint(id)
hopt.TeamFilter = &tid
}
Issue 2050 add software filter list hosts (#2486) * Add software_id filter to list hosts * Add integration test for API endpoint * Add doc * Simplify sql query
2021-10-12 14:38:12 +00:00
policyID := r.URL.Query().Get("policy_id")
if policyID != "" {
Allow filtering hosts by `software_version_id` and `software_title_id`. (#15433)
2023-12-06 19:59:00 +00:00
id, err := strconv.ParseUint(policyID, 10, 32)
Add global policies (#1750) * Add global policies * Update documentation and add extra parameter to config * Fix failing tests * Store historic policy records * Address review comments And also remove other inmem references I saw by chance * Add documentation for get by id request * Add parameter doc * Move schema generation to a cmd instead of a test Otherwise it messes up running all tests sometimes depending on how parallel it does * Remove brain dump for another task * Make migration tests a separate beast * Make schema generation idempotent and move dbutils cmd to tools * Allow all filters and add counts to Policy * Add test for Policy
2021-08-24 20:24:52 +00:00
if err != nil {
13998 host options validation (#14539) #13998 Cleaned up REST API input validation for hosts, carves, users endpoints. rest-api.md changes explained: https://www.loom.com/share/9cd82653bacb4528bdaac117ec85a976 For the following endpoints: /api/v1/fleet/hosts /api/v1/fleet/hosts/count /api/v1/fleet/hosts/report - converted validation errors from 500 to 400 HTTP status code - added validation that policy_id must be present when policy_response is specified - added validation that policy_response must be `passing` or `failing` - added validation that `os_name` must be specified with `os_version` For the following endpoint: /api/v1/fleet/users - converted team_id validation error from 500 to 400 HTTP status code For the following endpoint: /api/v1/fleet/carves - added rest-api.md documentation for `page`, `per_page`, `order_key`, `order_direction`, and `expired` - converted `expired` validation error from 500 to 400 HTTP status code # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Rachael Shaw <r@rachael.wtf>
2023-10-27 20:13:20 +00:00
return hopt, ctxerr.Wrap(r.Context(), badRequest(fmt.Sprintf("Invalid policy_id: %s", policyID)))
Add global policies (#1750) * Add global policies * Update documentation and add extra parameter to config * Fix failing tests * Store historic policy records * Address review comments And also remove other inmem references I saw by chance * Add documentation for get by id request * Add parameter doc * Move schema generation to a cmd instead of a test Otherwise it messes up running all tests sometimes depending on how parallel it does * Remove brain dump for another task * Make migration tests a separate beast * Make schema generation idempotent and move dbutils cmd to tools * Allow all filters and add counts to Policy * Add test for Policy
2021-08-24 20:24:52 +00:00
}
pid := uint(id)
hopt.PolicyIDFilter = &pid
}
Issue 2050 add software filter list hosts (#2486) * Add software_id filter to list hosts * Add integration test for API endpoint * Add doc * Simplify sql query
2021-10-12 14:38:12 +00:00
policyResponse := r.URL.Query().Get("policy_response")
if policyResponse != "" {
13998 host options validation (#14539) #13998 Cleaned up REST API input validation for hosts, carves, users endpoints. rest-api.md changes explained: https://www.loom.com/share/9cd82653bacb4528bdaac117ec85a976 For the following endpoints: /api/v1/fleet/hosts /api/v1/fleet/hosts/count /api/v1/fleet/hosts/report - converted validation errors from 500 to 400 HTTP status code - added validation that policy_id must be present when policy_response is specified - added validation that policy_response must be `passing` or `failing` - added validation that `os_name` must be specified with `os_version` For the following endpoint: /api/v1/fleet/users - converted team_id validation error from 500 to 400 HTTP status code For the following endpoint: /api/v1/fleet/carves - added rest-api.md documentation for `page`, `per_page`, `order_key`, `order_direction`, and `expired` - converted `expired` validation error from 500 to 400 HTTP status code # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Rachael Shaw <r@rachael.wtf>
2023-10-27 20:13:20 +00:00
if hopt.PolicyIDFilter == nil {
return hopt, ctxerr.Wrap(
r.Context(), badRequest(
"Missing policy_id (it must be present when policy_response is specified)",
),
)
}
Add global policies (#1750) * Add global policies * Update documentation and add extra parameter to config * Fix failing tests * Store historic policy records * Address review comments And also remove other inmem references I saw by chance * Add documentation for get by id request * Add parameter doc * Move schema generation to a cmd instead of a test Otherwise it messes up running all tests sometimes depending on how parallel it does * Remove brain dump for another task * Make migration tests a separate beast * Make schema generation idempotent and move dbutils cmd to tools * Allow all filters and add counts to Policy * Add test for Policy
2021-08-24 20:24:52 +00:00
var v *bool
Issue 2050 add software filter list hosts (#2486) * Add software_id filter to list hosts * Add integration test for API endpoint * Add doc * Simplify sql query
2021-10-12 14:38:12 +00:00
switch policyResponse {
Add global policies (#1750) * Add global policies * Update documentation and add extra parameter to config * Fix failing tests * Store historic policy records * Address review comments And also remove other inmem references I saw by chance * Add documentation for get by id request * Add parameter doc * Move schema generation to a cmd instead of a test Otherwise it messes up running all tests sometimes depending on how parallel it does * Remove brain dump for another task * Make migration tests a separate beast * Make schema generation idempotent and move dbutils cmd to tools * Allow all filters and add counts to Policy * Add test for Policy
2021-08-24 20:24:52 +00:00
case "passing":
v = ptr.Bool(true)
case "failing":
v = ptr.Bool(false)
13998 host options validation (#14539) #13998 Cleaned up REST API input validation for hosts, carves, users endpoints. rest-api.md changes explained: https://www.loom.com/share/9cd82653bacb4528bdaac117ec85a976 For the following endpoints: /api/v1/fleet/hosts /api/v1/fleet/hosts/count /api/v1/fleet/hosts/report - converted validation errors from 500 to 400 HTTP status code - added validation that policy_id must be present when policy_response is specified - added validation that policy_response must be `passing` or `failing` - added validation that `os_name` must be specified with `os_version` For the following endpoint: /api/v1/fleet/users - converted team_id validation error from 500 to 400 HTTP status code For the following endpoint: /api/v1/fleet/carves - added rest-api.md documentation for `page`, `per_page`, `order_key`, `order_direction`, and `expired` - converted `expired` validation error from 500 to 400 HTTP status code # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Rachael Shaw <r@rachael.wtf>
2023-10-27 20:13:20 +00:00
default:
return hopt, ctxerr.Wrap(
r.Context(),
badRequest(
fmt.Sprintf(
"Invalid policy_response: %v (Valid options are 'passing' or 'failing')",
policyResponse,
),
),
)
Add global policies (#1750) * Add global policies * Update documentation and add extra parameter to config * Fix failing tests * Store historic policy records * Address review comments And also remove other inmem references I saw by chance * Add documentation for get by id request * Add parameter doc * Move schema generation to a cmd instead of a test Otherwise it messes up running all tests sometimes depending on how parallel it does * Remove brain dump for another task * Make migration tests a separate beast * Make schema generation idempotent and move dbutils cmd to tools * Allow all filters and add counts to Policy * Add test for Policy
2021-08-24 20:24:52 +00:00
}
hopt.PolicyResponseFilter = v
}
Issue 2050 add software filter list hosts (#2486) * Add software_id filter to list hosts * Add integration test for API endpoint * Add doc * Simplify sql query
2021-10-12 14:38:12 +00:00
softwareID := r.URL.Query().Get("software_id")
if softwareID != "" {
Allow filtering hosts by `software_version_id` and `software_title_id`. (#15433)
2023-12-06 19:59:00 +00:00
id, err := strconv.ParseUint(softwareID, 10, 64)
Issue 2050 add software filter list hosts (#2486) * Add software_id filter to list hosts * Add integration test for API endpoint * Add doc * Simplify sql query
2021-10-12 14:38:12 +00:00
if err != nil {
13998 host options validation (#14539) #13998 Cleaned up REST API input validation for hosts, carves, users endpoints. rest-api.md changes explained: https://www.loom.com/share/9cd82653bacb4528bdaac117ec85a976 For the following endpoints: /api/v1/fleet/hosts /api/v1/fleet/hosts/count /api/v1/fleet/hosts/report - converted validation errors from 500 to 400 HTTP status code - added validation that policy_id must be present when policy_response is specified - added validation that policy_response must be `passing` or `failing` - added validation that `os_name` must be specified with `os_version` For the following endpoint: /api/v1/fleet/users - converted team_id validation error from 500 to 400 HTTP status code For the following endpoint: /api/v1/fleet/carves - added rest-api.md documentation for `page`, `per_page`, `order_key`, `order_direction`, and `expired` - converted `expired` validation error from 500 to 400 HTTP status code # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Rachael Shaw <r@rachael.wtf>
2023-10-27 20:13:20 +00:00
return hopt, ctxerr.Wrap(r.Context(), badRequest(fmt.Sprintf("Invalid software_id: %s", softwareID)))
Issue 2050 add software filter list hosts (#2486) * Add software_id filter to list hosts * Add integration test for API endpoint * Add doc * Simplify sql query
2021-10-12 14:38:12 +00:00
}
sid := uint(id)
hopt.SoftwareIDFilter = &sid
}
Allow filtering hosts by `software_version_id` and `software_title_id`. (#15433)
2023-12-06 19:59:00 +00:00
softwareVersionID := r.URL.Query().Get("software_version_id")
if softwareVersionID != "" {
id, err := strconv.ParseUint(softwareVersionID, 10, 64)
if err != nil {
return hopt, ctxerr.Wrap(r.Context(), badRequest(fmt.Sprintf("Invalid software_version_id: %s", softwareVersionID)))
}
sid := uint(id)
hopt.SoftwareVersionIDFilter = &sid
}
softwareTitleID := r.URL.Query().Get("software_title_id")
if softwareTitleID != "" {
id, err := strconv.ParseUint(softwareTitleID, 10, 32)
if err != nil {
return hopt, ctxerr.Wrap(r.Context(), badRequest(fmt.Sprintf("Invalid software_title_id: %s", softwareTitleID)))
}
sid := uint(id)
hopt.SoftwareTitleIDFilter = &sid
}
Handle errors for duplicate os records (#7294)
2022-08-22 19:34:00 +00:00
osID := r.URL.Query().Get("os_id")
if osID != "" {
Allow filtering hosts by `software_version_id` and `software_title_id`. (#15433)
2023-12-06 19:59:00 +00:00
id, err := strconv.ParseUint(osID, 10, 32)
Enhance API endpoints with host operating systems info (#7154)
2022-08-12 19:23:25 +00:00
if err != nil {
13998 host options validation (#14539) #13998 Cleaned up REST API input validation for hosts, carves, users endpoints. rest-api.md changes explained: https://www.loom.com/share/9cd82653bacb4528bdaac117ec85a976 For the following endpoints: /api/v1/fleet/hosts /api/v1/fleet/hosts/count /api/v1/fleet/hosts/report - converted validation errors from 500 to 400 HTTP status code - added validation that policy_id must be present when policy_response is specified - added validation that policy_response must be `passing` or `failing` - added validation that `os_name` must be specified with `os_version` For the following endpoint: /api/v1/fleet/users - converted team_id validation error from 500 to 400 HTTP status code For the following endpoint: /api/v1/fleet/carves - added rest-api.md documentation for `page`, `per_page`, `order_key`, `order_direction`, and `expired` - converted `expired` validation error from 500 to 400 HTTP status code # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Rachael Shaw <r@rachael.wtf>
2023-10-27 20:13:20 +00:00
return hopt, ctxerr.Wrap(r.Context(), badRequest(fmt.Sprintf("Invalid os_id: %s", osID)))
Enhance API endpoints with host operating systems info (#7154)
2022-08-12 19:23:25 +00:00
}
Handle errors for duplicate os records (#7294)
2022-08-22 19:34:00 +00:00
sid := uint(id)
hopt.OSIDFilter = &sid
}
Implement OS Version ID (#16463)
2024-01-31 17:14:24 +00:00
osVersionID := r.URL.Query().Get("os_version_id")
if osVersionID != "" {
id, err := strconv.ParseUint(osVersionID, 10, 32)
if err != nil {
return hopt, ctxerr.Wrap(r.Context(), badRequest(fmt.Sprintf("Invalid os_version_id: %s", osVersionID)))
}
sid := uint(id)
hopt.OSVersionIDFilter = &sid
}
Handle errors for duplicate os records (#7294)
2022-08-22 19:34:00 +00:00
osName := r.URL.Query().Get("os_name")
if osName != "" {
hopt.OSNameFilter = &osName
}
osVersion := r.URL.Query().Get("os_version")
if osVersion != "" {
hopt.OSVersionFilter = &osVersion
Enhance API endpoints with host operating systems info (#7154)
2022-08-12 19:23:25 +00:00
}
Host Vulnerability Filter (#16889)
2024-02-15 20:27:18 +00:00
cve := r.URL.Query().Get("vulnerability")
if cve != "" {
hopt.VulnerabilityFilter = &cve
}
13998 host options validation (#14539) #13998 Cleaned up REST API input validation for hosts, carves, users endpoints. rest-api.md changes explained: https://www.loom.com/share/9cd82653bacb4528bdaac117ec85a976 For the following endpoints: /api/v1/fleet/hosts /api/v1/fleet/hosts/count /api/v1/fleet/hosts/report - converted validation errors from 500 to 400 HTTP status code - added validation that policy_id must be present when policy_response is specified - added validation that policy_response must be `passing` or `failing` - added validation that `os_name` must be specified with `os_version` For the following endpoint: /api/v1/fleet/users - converted team_id validation error from 500 to 400 HTTP status code For the following endpoint: /api/v1/fleet/carves - added rest-api.md documentation for `page`, `per_page`, `order_key`, `order_direction`, and `expired` - converted `expired` validation error from 500 to 400 HTTP status code # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Rachael Shaw <r@rachael.wtf>
2023-10-27 20:13:20 +00:00
if hopt.OSNameFilter != nil && hopt.OSVersionFilter == nil {
return hopt, ctxerr.Wrap(
r.Context(), badRequest(
"Invalid os_version (os_version must be specified with os_name)",
),
)
}
if hopt.OSNameFilter == nil && hopt.OSVersionFilter != nil {
return hopt, ctxerr.Wrap(
r.Context(), badRequest(
"Invalid os_name (os_name must be specified with os_version)",
),
)
}
Add new disable_failing_policies query parameter to list hosts (#3123) * Update documentation * Update based on review comments * Explain why the switch exists
2021-11-29 21:04:33 +00:00
disableFailingPolicies := r.URL.Query().Get("disable_failing_policies")
if disableFailingPolicies != "" {
boolVal, err := strconv.ParseBool(disableFailingPolicies)
if err != nil {
13998 host options validation (#14539) #13998 Cleaned up REST API input validation for hosts, carves, users endpoints. rest-api.md changes explained: https://www.loom.com/share/9cd82653bacb4528bdaac117ec85a976 For the following endpoints: /api/v1/fleet/hosts /api/v1/fleet/hosts/count /api/v1/fleet/hosts/report - converted validation errors from 500 to 400 HTTP status code - added validation that policy_id must be present when policy_response is specified - added validation that policy_response must be `passing` or `failing` - added validation that `os_name` must be specified with `os_version` For the following endpoint: /api/v1/fleet/users - converted team_id validation error from 500 to 400 HTTP status code For the following endpoint: /api/v1/fleet/carves - added rest-api.md documentation for `page`, `per_page`, `order_key`, `order_direction`, and `expired` - converted `expired` validation error from 500 to 400 HTTP status code # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Rachael Shaw <r@rachael.wtf>
2023-10-27 20:13:20 +00:00
return hopt, ctxerr.Wrap(
r.Context(), badRequest(
fmt.Sprintf(
"Invalid disable_failing_policies: %s",
disableFailingPolicies,
),
),
)
Add new disable_failing_policies query parameter to list hosts (#3123) * Update documentation * Update based on review comments * Explain why the switch exists
2021-11-29 21:04:33 +00:00
}
hopt.DisableFailingPolicies = boolVal
}
Add `device_mapping` to `GET /hosts` response (#5383)
2022-05-02 21:34:14 +00:00
deviceMapping := r.URL.Query().Get("device_mapping")
if deviceMapping != "" {
boolVal, err := strconv.ParseBool(deviceMapping)
if err != nil {
13998 host options validation (#14539) #13998 Cleaned up REST API input validation for hosts, carves, users endpoints. rest-api.md changes explained: https://www.loom.com/share/9cd82653bacb4528bdaac117ec85a976 For the following endpoints: /api/v1/fleet/hosts /api/v1/fleet/hosts/count /api/v1/fleet/hosts/report - converted validation errors from 500 to 400 HTTP status code - added validation that policy_id must be present when policy_response is specified - added validation that policy_response must be `passing` or `failing` - added validation that `os_name` must be specified with `os_version` For the following endpoint: /api/v1/fleet/users - converted team_id validation error from 500 to 400 HTTP status code For the following endpoint: /api/v1/fleet/carves - added rest-api.md documentation for `page`, `per_page`, `order_key`, `order_direction`, and `expired` - converted `expired` validation error from 500 to 400 HTTP status code # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Rachael Shaw <r@rachael.wtf>
2023-10-27 20:13:20 +00:00
return hopt, ctxerr.Wrap(r.Context(), badRequest(fmt.Sprintf("Invalid device_mapping: %s", deviceMapping)))
Add `device_mapping` to `GET /hosts` response (#5383)
2022-05-02 21:34:14 +00:00
}
hopt.DeviceMapping = boolVal
}
Update /macadmins endpoints to include MDM name and aggregate count (#7137)
2022-08-10 19:15:01 +00:00
mdmID := r.URL.Query().Get("mdm_id")
if mdmID != "" {
Allow filtering hosts by `software_version_id` and `software_title_id`. (#15433)
2023-12-06 19:59:00 +00:00
id, err := strconv.ParseUint(mdmID, 10, 32)
Update /macadmins endpoints to include MDM name and aggregate count (#7137)
2022-08-10 19:15:01 +00:00
if err != nil {
13998 host options validation (#14539) #13998 Cleaned up REST API input validation for hosts, carves, users endpoints. rest-api.md changes explained: https://www.loom.com/share/9cd82653bacb4528bdaac117ec85a976 For the following endpoints: /api/v1/fleet/hosts /api/v1/fleet/hosts/count /api/v1/fleet/hosts/report - converted validation errors from 500 to 400 HTTP status code - added validation that policy_id must be present when policy_response is specified - added validation that policy_response must be `passing` or `failing` - added validation that `os_name` must be specified with `os_version` For the following endpoint: /api/v1/fleet/users - converted team_id validation error from 500 to 400 HTTP status code For the following endpoint: /api/v1/fleet/carves - added rest-api.md documentation for `page`, `per_page`, `order_key`, `order_direction`, and `expired` - converted `expired` validation error from 500 to 400 HTTP status code # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Rachael Shaw <r@rachael.wtf>
2023-10-27 20:13:20 +00:00
return hopt, ctxerr.Wrap(r.Context(), badRequest(fmt.Sprintf("Invalid mdm_id: %s", mdmID)))
Update /macadmins endpoints to include MDM name and aggregate count (#7137)
2022-08-10 19:15:01 +00:00
}
mid := uint(id)
hopt.MDMIDFilter = &mid
}
finalize mdm commands part 1: support `fleetctl get hosts --mdm` and `--mdm-pending` (#10796)
2023-03-29 12:30:49 +00:00
if mdmName := r.URL.Query().Get("mdm_name"); mdmName != "" {
hopt.MDMNameFilter = &mdmName
}
Update /macadmins endpoints to include MDM name and aggregate count (#7137)
2022-08-10 19:15:01 +00:00
enrollmentStatus := r.URL.Query().Get("mdm_enrollment_status")
switch fleet.MDMEnrollStatus(enrollmentStatus) {
finalize mdm commands part 1: support `fleetctl get hosts --mdm` and `--mdm-pending` (#10796)
2023-03-29 12:30:49 +00:00
case fleet.MDMEnrollStatusManual, fleet.MDMEnrollStatusAutomatic,
fleet.MDMEnrollStatusPending, fleet.MDMEnrollStatusUnenrolled, fleet.MDMEnrollStatusEnrolled:
Update /macadmins endpoints to include MDM name and aggregate count (#7137)
2022-08-10 19:15:01 +00:00
hopt.MDMEnrollmentStatusFilter = fleet.MDMEnrollStatus(enrollmentStatus)
case "":
// No error when unset
default:
13998 host options validation (#14539) #13998 Cleaned up REST API input validation for hosts, carves, users endpoints. rest-api.md changes explained: https://www.loom.com/share/9cd82653bacb4528bdaac117ec85a976 For the following endpoints: /api/v1/fleet/hosts /api/v1/fleet/hosts/count /api/v1/fleet/hosts/report - converted validation errors from 500 to 400 HTTP status code - added validation that policy_id must be present when policy_response is specified - added validation that policy_response must be `passing` or `failing` - added validation that `os_name` must be specified with `os_version` For the following endpoint: /api/v1/fleet/users - converted team_id validation error from 500 to 400 HTTP status code For the following endpoint: /api/v1/fleet/carves - added rest-api.md documentation for `page`, `per_page`, `order_key`, `order_direction`, and `expired` - converted `expired` validation error from 500 to 400 HTTP status code # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Rachael Shaw <r@rachael.wtf>
2023-10-27 20:13:20 +00:00
return hopt, ctxerr.Wrap(
r.Context(), badRequest(fmt.Sprintf("Invalid mdm_enrollment_status: %s", enrollmentStatus)),
)
Provide Munki issues for MacOS hosts (#7280)
2022-08-29 18:40:16 +00:00
}
Update /macadmins endpoints to include MDM name and aggregate count (#7137)
2022-08-10 19:15:01 +00:00
Add mdm profiles status filter to hosts endpoints (#10246)
2023-03-04 00:19:46 +00:00
macOSSettingsStatus := r.URL.Query().Get("macos_settings")
Merging Bitlocker feature branch (#14350) This relates to #12577 --------- Co-authored-by: gillespi314 <73313222+gillespi314@users.noreply.github.com> Co-authored-by: Roberto Dip <dip.jesusr@gmail.com>
2023-10-06 22:04:33 +00:00
switch fleet.OSSettingsStatus(macOSSettingsStatus) {
case fleet.OSSettingsFailed, fleet.OSSettingsPending, fleet.OSSettingsVerifying, fleet.OSSettingsVerified:
hopt.MacOSSettingsFilter = fleet.OSSettingsStatus(macOSSettingsStatus)
Add mdm profiles status filter to hosts endpoints (#10246)
2023-03-04 00:19:46 +00:00
case "":
// No error when unset
default:
13998 host options validation (#14539) #13998 Cleaned up REST API input validation for hosts, carves, users endpoints. rest-api.md changes explained: https://www.loom.com/share/9cd82653bacb4528bdaac117ec85a976 For the following endpoints: /api/v1/fleet/hosts /api/v1/fleet/hosts/count /api/v1/fleet/hosts/report - converted validation errors from 500 to 400 HTTP status code - added validation that policy_id must be present when policy_response is specified - added validation that policy_response must be `passing` or `failing` - added validation that `os_name` must be specified with `os_version` For the following endpoint: /api/v1/fleet/users - converted team_id validation error from 500 to 400 HTTP status code For the following endpoint: /api/v1/fleet/carves - added rest-api.md documentation for `page`, `per_page`, `order_key`, `order_direction`, and `expired` - converted `expired` validation error from 500 to 400 HTTP status code # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Rachael Shaw <r@rachael.wtf>
2023-10-27 20:13:20 +00:00
return hopt, ctxerr.Wrap(
r.Context(), badRequest(fmt.Sprintf("Invalid macos_settings: %s", macOSSettingsStatus)),
)
Add mdm profiles status filter to hosts endpoints (#10246)
2023-03-04 00:19:46 +00:00
}
Feat/api/implelment filter disk encryption (#10987) relates to #9436 Implementation of the API supporting filtering host by disk encryption status. This adds this through a `macos_settings_disk_encryption` query param that can be passed to these endpoints: `GET /hosts` `GET /hosts/count` `GET /lables/:id/hosts` - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [x] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality
2023-04-05 16:09:23 +00:00
macOSSettingsDiskEncryptionStatus := r.URL.Query().Get("macos_settings_disk_encryption")
Migrate MDM status values in datastore and API layers (#11278)
2023-04-24 21:27:15 +00:00
switch fleet.DiskEncryptionStatus(macOSSettingsDiskEncryptionStatus) {
Feat/api/implelment filter disk encryption (#10987) relates to #9436 Implementation of the API supporting filtering host by disk encryption status. This adds this through a `macos_settings_disk_encryption` query param that can be passed to these endpoints: `GET /hosts` `GET /hosts/count` `GET /lables/:id/hosts` - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [x] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality
2023-04-05 16:09:23 +00:00
case
Migrate MDM status values in datastore and API layers (#11278)
2023-04-24 21:27:15 +00:00
fleet.DiskEncryptionVerifying,
Add backend for verified MDM profiles (#12078)
2023-06-05 17:05:28 +00:00
fleet.DiskEncryptionVerified,
Migrate MDM status values in datastore and API layers (#11278)
2023-04-24 21:27:15 +00:00
fleet.DiskEncryptionActionRequired,
fleet.DiskEncryptionEnforcing,
fleet.DiskEncryptionFailed,
fleet.DiskEncryptionRemovingEnforcement:
hopt.MacOSSettingsDiskEncryptionFilter = fleet.DiskEncryptionStatus(macOSSettingsDiskEncryptionStatus)
Feat/api/implelment filter disk encryption (#10987) relates to #9436 Implementation of the API supporting filtering host by disk encryption status. This adds this through a `macos_settings_disk_encryption` query param that can be passed to these endpoints: `GET /hosts` `GET /hosts/count` `GET /lables/:id/hosts` - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [x] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality
2023-04-05 16:09:23 +00:00
case "":
// No error when unset
default:
13998 host options validation (#14539) #13998 Cleaned up REST API input validation for hosts, carves, users endpoints. rest-api.md changes explained: https://www.loom.com/share/9cd82653bacb4528bdaac117ec85a976 For the following endpoints: /api/v1/fleet/hosts /api/v1/fleet/hosts/count /api/v1/fleet/hosts/report - converted validation errors from 500 to 400 HTTP status code - added validation that policy_id must be present when policy_response is specified - added validation that policy_response must be `passing` or `failing` - added validation that `os_name` must be specified with `os_version` For the following endpoint: /api/v1/fleet/users - converted team_id validation error from 500 to 400 HTTP status code For the following endpoint: /api/v1/fleet/carves - added rest-api.md documentation for `page`, `per_page`, `order_key`, `order_direction`, and `expired` - converted `expired` validation error from 500 to 400 HTTP status code # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Rachael Shaw <r@rachael.wtf>
2023-10-27 20:13:20 +00:00
return hopt, ctxerr.Wrap(
r.Context(),
badRequest(fmt.Sprintf("Invalid macos_settings_disk_encryption: %s", macOSSettingsDiskEncryptionStatus)),
)
Feat/api/implelment filter disk encryption (#10987) relates to #9436 Implementation of the API supporting filtering host by disk encryption status. This adds this through a `macos_settings_disk_encryption` query param that can be passed to these endpoints: `GET /hosts` `GET /hosts/count` `GET /lables/:id/hosts` - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [x] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality
2023-04-05 16:09:23 +00:00
}
Merging Bitlocker feature branch (#14350) This relates to #12577 --------- Co-authored-by: gillespi314 <73313222+gillespi314@users.noreply.github.com> Co-authored-by: Roberto Dip <dip.jesusr@gmail.com>
2023-10-06 22:04:33 +00:00
osSettingsStatus := r.URL.Query().Get("os_settings")
switch fleet.OSSettingsStatus(osSettingsStatus) {
case fleet.OSSettingsFailed, fleet.OSSettingsPending, fleet.OSSettingsVerifying, fleet.OSSettingsVerified:
hopt.OSSettingsFilter = fleet.OSSettingsStatus(osSettingsStatus)
case "":
// No error when unset
default:
13998 host options validation (#14539) #13998 Cleaned up REST API input validation for hosts, carves, users endpoints. rest-api.md changes explained: https://www.loom.com/share/9cd82653bacb4528bdaac117ec85a976 For the following endpoints: /api/v1/fleet/hosts /api/v1/fleet/hosts/count /api/v1/fleet/hosts/report - converted validation errors from 500 to 400 HTTP status code - added validation that policy_id must be present when policy_response is specified - added validation that policy_response must be `passing` or `failing` - added validation that `os_name` must be specified with `os_version` For the following endpoint: /api/v1/fleet/users - converted team_id validation error from 500 to 400 HTTP status code For the following endpoint: /api/v1/fleet/carves - added rest-api.md documentation for `page`, `per_page`, `order_key`, `order_direction`, and `expired` - converted `expired` validation error from 500 to 400 HTTP status code # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Rachael Shaw <r@rachael.wtf>
2023-10-27 20:13:20 +00:00
return hopt, ctxerr.Wrap(
r.Context(), badRequest(fmt.Sprintf("Invalid os_settings: %s", osSettingsStatus)),
)
Merging Bitlocker feature branch (#14350) This relates to #12577 --------- Co-authored-by: gillespi314 <73313222+gillespi314@users.noreply.github.com> Co-authored-by: Roberto Dip <dip.jesusr@gmail.com>
2023-10-06 22:04:33 +00:00
}
osSettingsDiskEncryptionStatus := r.URL.Query().Get("os_settings_disk_encryption")
switch fleet.DiskEncryptionStatus(osSettingsDiskEncryptionStatus) {
case
fleet.DiskEncryptionVerifying,
fleet.DiskEncryptionVerified,
fleet.DiskEncryptionActionRequired,
fleet.DiskEncryptionEnforcing,
fleet.DiskEncryptionFailed,
fleet.DiskEncryptionRemovingEnforcement:
hopt.OSSettingsDiskEncryptionFilter = fleet.DiskEncryptionStatus(osSettingsDiskEncryptionStatus)
case "":
// No error when unset
default:
13998 host options validation (#14539) #13998 Cleaned up REST API input validation for hosts, carves, users endpoints. rest-api.md changes explained: https://www.loom.com/share/9cd82653bacb4528bdaac117ec85a976 For the following endpoints: /api/v1/fleet/hosts /api/v1/fleet/hosts/count /api/v1/fleet/hosts/report - converted validation errors from 500 to 400 HTTP status code - added validation that policy_id must be present when policy_response is specified - added validation that policy_response must be `passing` or `failing` - added validation that `os_name` must be specified with `os_version` For the following endpoint: /api/v1/fleet/users - converted team_id validation error from 500 to 400 HTTP status code For the following endpoint: /api/v1/fleet/carves - added rest-api.md documentation for `page`, `per_page`, `order_key`, `order_direction`, and `expired` - converted `expired` validation error from 500 to 400 HTTP status code # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Rachael Shaw <r@rachael.wtf>
2023-10-27 20:13:20 +00:00
return hopt, ctxerr.Wrap(
r.Context(),
badRequest(fmt.Sprintf("Invalid os_settings_disk_encryption: %s", macOSSettingsDiskEncryptionStatus)),
)
Merging Bitlocker feature branch (#14350) This relates to #12577 --------- Co-authored-by: gillespi314 <73313222+gillespi314@users.noreply.github.com> Co-authored-by: Roberto Dip <dip.jesusr@gmail.com>
2023-10-06 22:04:33 +00:00
}
add an endpoint to get an aggregate summary of bootstrap packages (#11156) Co-authored-by: gillespi314 <73313222+gillespi314@users.noreply.github.com> Co-authored-by: Martin Angers <martin.n.angers@gmail.com>
2023-04-22 15:23:38 +00:00
mdmBootstrapPackageStatus := r.URL.Query().Get("bootstrap_package")
switch fleet.MDMBootstrapPackageStatus(mdmBootstrapPackageStatus) {
case fleet.MDMBootstrapPackageFailed, fleet.MDMBootstrapPackagePending, fleet.MDMBootstrapPackageInstalled:
bpf := fleet.MDMBootstrapPackageStatus(mdmBootstrapPackageStatus)
hopt.MDMBootstrapPackageFilter = &bpf
case "":
// No error when unset
default:
13998 host options validation (#14539) #13998 Cleaned up REST API input validation for hosts, carves, users endpoints. rest-api.md changes explained: https://www.loom.com/share/9cd82653bacb4528bdaac117ec85a976 For the following endpoints: /api/v1/fleet/hosts /api/v1/fleet/hosts/count /api/v1/fleet/hosts/report - converted validation errors from 500 to 400 HTTP status code - added validation that policy_id must be present when policy_response is specified - added validation that policy_response must be `passing` or `failing` - added validation that `os_name` must be specified with `os_version` For the following endpoint: /api/v1/fleet/users - converted team_id validation error from 500 to 400 HTTP status code For the following endpoint: /api/v1/fleet/carves - added rest-api.md documentation for `page`, `per_page`, `order_key`, `order_direction`, and `expired` - converted `expired` validation error from 500 to 400 HTTP status code # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Rachael Shaw <r@rachael.wtf>
2023-10-27 20:13:20 +00:00
return hopt, ctxerr.Wrap(
r.Context(), badRequest(fmt.Sprintf("Invalid bootstrap_package: %s", mdmBootstrapPackageStatus)),
)
add an endpoint to get an aggregate summary of bootstrap packages (#11156) Co-authored-by: gillespi314 <73313222+gillespi314@users.noreply.github.com> Co-authored-by: Martin Angers <martin.n.angers@gmail.com>
2023-04-22 15:23:38 +00:00
}
Provide Munki issues for MacOS hosts (#7280)
2022-08-29 18:40:16 +00:00
munkiIssueID := r.URL.Query().Get("munki_issue_id")
if munkiIssueID != "" {
Allow filtering hosts by `software_version_id` and `software_title_id`. (#15433)
2023-12-06 19:59:00 +00:00
id, err := strconv.ParseUint(munkiIssueID, 10, 32)
Provide Munki issues for MacOS hosts (#7280)
2022-08-29 18:40:16 +00:00
if err != nil {
13998 host options validation (#14539) #13998 Cleaned up REST API input validation for hosts, carves, users endpoints. rest-api.md changes explained: https://www.loom.com/share/9cd82653bacb4528bdaac117ec85a976 For the following endpoints: /api/v1/fleet/hosts /api/v1/fleet/hosts/count /api/v1/fleet/hosts/report - converted validation errors from 500 to 400 HTTP status code - added validation that policy_id must be present when policy_response is specified - added validation that policy_response must be `passing` or `failing` - added validation that `os_name` must be specified with `os_version` For the following endpoint: /api/v1/fleet/users - converted team_id validation error from 500 to 400 HTTP status code For the following endpoint: /api/v1/fleet/carves - added rest-api.md documentation for `page`, `per_page`, `order_key`, `order_direction`, and `expired` - converted `expired` validation error from 500 to 400 HTTP status code # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Rachael Shaw <r@rachael.wtf>
2023-10-27 20:13:20 +00:00
return hopt, ctxerr.Wrap(r.Context(), badRequest(fmt.Sprintf("Invalid munki_issue_id: %s", munkiIssueID)))
Provide Munki issues for MacOS hosts (#7280)
2022-08-29 18:40:16 +00:00
}
mid := uint(id)
hopt.MunkiIssueIDFilter = &mid
Update /macadmins endpoints to include MDM name and aggregate count (#7137)
2022-08-10 19:15:01 +00:00
}
Add new low_disk_space URL parameter to the GET /hosts endpoint (and GET /hosts/count) (#7853)
2022-09-21 19:16:31 +00:00
lowDiskSpace := r.URL.Query().Get("low_disk_space")
if lowDiskSpace != "" {
v, err := strconv.Atoi(lowDiskSpace)
if err != nil {
13998 host options validation (#14539) #13998 Cleaned up REST API input validation for hosts, carves, users endpoints. rest-api.md changes explained: https://www.loom.com/share/9cd82653bacb4528bdaac117ec85a976 For the following endpoints: /api/v1/fleet/hosts /api/v1/fleet/hosts/count /api/v1/fleet/hosts/report - converted validation errors from 500 to 400 HTTP status code - added validation that policy_id must be present when policy_response is specified - added validation that policy_response must be `passing` or `failing` - added validation that `os_name` must be specified with `os_version` For the following endpoint: /api/v1/fleet/users - converted team_id validation error from 500 to 400 HTTP status code For the following endpoint: /api/v1/fleet/carves - added rest-api.md documentation for `page`, `per_page`, `order_key`, `order_direction`, and `expired` - converted `expired` validation error from 500 to 400 HTTP status code # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Rachael Shaw <r@rachael.wtf>
2023-10-27 20:13:20 +00:00
return hopt, ctxerr.Wrap(r.Context(), badRequest(fmt.Sprintf("Invalid low_disk_space: %s", lowDiskSpace)))
Add new low_disk_space URL parameter to the GET /hosts endpoint (and GET /hosts/count) (#7853)
2022-09-21 19:16:31 +00:00
}
if v < 1 || v > 100 {
13998 host options validation (#14539) #13998 Cleaned up REST API input validation for hosts, carves, users endpoints. rest-api.md changes explained: https://www.loom.com/share/9cd82653bacb4528bdaac117ec85a976 For the following endpoints: /api/v1/fleet/hosts /api/v1/fleet/hosts/count /api/v1/fleet/hosts/report - converted validation errors from 500 to 400 HTTP status code - added validation that policy_id must be present when policy_response is specified - added validation that policy_response must be `passing` or `failing` - added validation that `os_name` must be specified with `os_version` For the following endpoint: /api/v1/fleet/users - converted team_id validation error from 500 to 400 HTTP status code For the following endpoint: /api/v1/fleet/carves - added rest-api.md documentation for `page`, `per_page`, `order_key`, `order_direction`, and `expired` - converted `expired` validation error from 500 to 400 HTTP status code # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Rachael Shaw <r@rachael.wtf>
2023-10-27 20:13:20 +00:00
return hopt, ctxerr.Wrap(
r.Context(), badRequest(
fmt.Sprintf(
"Invalid low_disk_space, must be between 1 and 100: %s", lowDiskSpace,
),
),
)
Add new low_disk_space URL parameter to the GET /hosts endpoint (and GET /hosts/count) (#7853)
2022-09-21 19:16:31 +00:00
}
hopt.LowDiskSpaceFilter = &v
}
feat: add populate software query param (#15661) # Checklist for submitter If some of the following don't apply, delete the relevant line. <!-- Note that API documentation changes are now addressed by the product design team. --> - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Added/updated tests - [x] Manual QA for all new/changed functionality
2023-12-14 21:18:30 +00:00
populateSoftware := r.URL.Query().Get("populate_software")
if populateSoftware != "" {
ps, err := strconv.ParseBool(populateSoftware)
if err != nil {
return hopt, ctxerr.Wrap(r.Context(), badRequest(fmt.Sprintf("Invalid populate_software: %s", populateSoftware)))
}
hopt.PopulateSoftware = ps
}
GET /hosts API endpoint can now populate policies with populate_policies=true query parameter. (#17270) GET /hosts API endpoint can now populate policies with populate_policies=true query parameter. #16242 # Checklist for submitter If some of the following don't apply, delete the relevant line. <!-- Note that API documentation changes are now addressed by the product design team. --> - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. - [x] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality
2024-03-01 17:20:21 +00:00
populatePolicies := r.URL.Query().Get("populate_policies")
if populatePolicies != "" {
pp, err := strconv.ParseBool(populatePolicies)
if err != nil {
return hopt, ctxerr.Wrap(
r.Context(), badRequest(fmt.Sprintf("Invalid boolean parameter populate_policies: %s", populateSoftware)),
)
}
hopt.PopulatePolicies = pp
}
Add new low_disk_space URL parameter to the GET /hosts endpoint (and GET /hosts/count) (#7853)
2022-09-21 19:16:31 +00:00
Allow filtering hosts by `software_version_id` and `software_title_id`. (#15433)
2023-12-06 19:59:00 +00:00
// cannot combine software_id, software_version_id, and software_title_id
var softwareErrorLabel []string
if hopt.SoftwareIDFilter != nil {
softwareErrorLabel = append(softwareErrorLabel, "software_id")
}
if hopt.SoftwareVersionIDFilter != nil {
softwareErrorLabel = append(softwareErrorLabel, "software_version_id")
}
if hopt.SoftwareTitleIDFilter != nil {
softwareErrorLabel = append(softwareErrorLabel, "software_title_id")
}
if len(softwareErrorLabel) > 1 {
return hopt, ctxerr.Wrap(r.Context(), badRequest(fmt.Sprintf("Invalid parameters. The combination of %s is not allowed.", strings.Join(softwareErrorLabel, " and "))))
}
Add support for filtering hosts in label (#335) Support the same query syntax as the hosts endpoint, here also bounded by the membership of the label.
2021-02-18 20:52:43 +00:00
return hopt, nil
}
Move carves endpoints to new endpoint pattern (#3148)
2021-12-01 20:45:29 +00:00
func carveListOptionsFromRequest(r *http.Request) (fleet.CarveListOptions, error) {
opt, err := listOptionsFromRequest(r)
if err != nil {
return fleet.CarveListOptions{}, err
}
13998 host options validation (#14539) #13998 Cleaned up REST API input validation for hosts, carves, users endpoints. rest-api.md changes explained: https://www.loom.com/share/9cd82653bacb4528bdaac117ec85a976 For the following endpoints: /api/v1/fleet/hosts /api/v1/fleet/hosts/count /api/v1/fleet/hosts/report - converted validation errors from 500 to 400 HTTP status code - added validation that policy_id must be present when policy_response is specified - added validation that policy_response must be `passing` or `failing` - added validation that `os_name` must be specified with `os_version` For the following endpoint: /api/v1/fleet/users - converted team_id validation error from 500 to 400 HTTP status code For the following endpoint: /api/v1/fleet/carves - added rest-api.md documentation for `page`, `per_page`, `order_key`, `order_direction`, and `expired` - converted `expired` validation error from 500 to 400 HTTP status code # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Rachael Shaw <r@rachael.wtf>
2023-10-27 20:13:20 +00:00
carveOpts := fleet.CarveListOptions{ListOptions: opt}
Move carves endpoints to new endpoint pattern (#3148)
2021-12-01 20:45:29 +00:00
expired := r.URL.Query().Get("expired")
13998 host options validation (#14539) #13998 Cleaned up REST API input validation for hosts, carves, users endpoints. rest-api.md changes explained: https://www.loom.com/share/9cd82653bacb4528bdaac117ec85a976 For the following endpoints: /api/v1/fleet/hosts /api/v1/fleet/hosts/count /api/v1/fleet/hosts/report - converted validation errors from 500 to 400 HTTP status code - added validation that policy_id must be present when policy_response is specified - added validation that policy_response must be `passing` or `failing` - added validation that `os_name` must be specified with `os_version` For the following endpoint: /api/v1/fleet/users - converted team_id validation error from 500 to 400 HTTP status code For the following endpoint: /api/v1/fleet/carves - added rest-api.md documentation for `page`, `per_page`, `order_key`, `order_direction`, and `expired` - converted `expired` validation error from 500 to 400 HTTP status code # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Rachael Shaw <r@rachael.wtf>
2023-10-27 20:13:20 +00:00
if expired == "" {
carveOpts.Expired = false
} else {
boolVal, err := strconv.ParseBool(expired)
if err != nil {
return carveOpts, ctxerr.Wrap(
r.Context(), badRequest(
fmt.Sprintf("Invalid expired: %s", expired),
),
)
}
carveOpts.Expired = boolVal
Move carves endpoints to new endpoint pattern (#3148)
2021-12-01 20:45:29 +00:00
}
13998 host options validation (#14539) #13998 Cleaned up REST API input validation for hosts, carves, users endpoints. rest-api.md changes explained: https://www.loom.com/share/9cd82653bacb4528bdaac117ec85a976 For the following endpoints: /api/v1/fleet/hosts /api/v1/fleet/hosts/count /api/v1/fleet/hosts/report - converted validation errors from 500 to 400 HTTP status code - added validation that policy_id must be present when policy_response is specified - added validation that policy_response must be `passing` or `failing` - added validation that `os_name` must be specified with `os_version` For the following endpoint: /api/v1/fleet/users - converted team_id validation error from 500 to 400 HTTP status code For the following endpoint: /api/v1/fleet/carves - added rest-api.md documentation for `page`, `per_page`, `order_key`, `order_direction`, and `expired` - converted `expired` validation error from 500 to 400 HTTP status code # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Rachael Shaw <r@rachael.wtf>
2023-10-27 20:13:20 +00:00
return carveOpts, nil
Move carves endpoints to new endpoint pattern (#3148)
2021-12-01 20:45:29 +00:00
}
Remove kolide types and packages from backend (#974) Generally renamed `kolide` -> `fleet`
2021-06-06 22:07:29 +00:00
func userListOptionsFromRequest(r *http.Request) (fleet.UserListOptions, error) {
Add team user management (#672) - Add list team users endpoint. - Add add/delete team users endpoints. - Update list users to support filter by team.
2021-04-22 03:54:09 +00:00
opt, err := listOptionsFromRequest(r)
if err != nil {
Remove kolide types and packages from backend (#974) Generally renamed `kolide` -> `fleet`
2021-06-06 22:07:29 +00:00
return fleet.UserListOptions{}, err
Add team user management (#672) - Add list team users endpoint. - Add add/delete team users endpoints. - Update list users to support filter by team.
2021-04-22 03:54:09 +00:00
}
13998 host options validation (#14539) #13998 Cleaned up REST API input validation for hosts, carves, users endpoints. rest-api.md changes explained: https://www.loom.com/share/9cd82653bacb4528bdaac117ec85a976 For the following endpoints: /api/v1/fleet/hosts /api/v1/fleet/hosts/count /api/v1/fleet/hosts/report - converted validation errors from 500 to 400 HTTP status code - added validation that policy_id must be present when policy_response is specified - added validation that policy_response must be `passing` or `failing` - added validation that `os_name` must be specified with `os_version` For the following endpoint: /api/v1/fleet/users - converted team_id validation error from 500 to 400 HTTP status code For the following endpoint: /api/v1/fleet/carves - added rest-api.md documentation for `page`, `per_page`, `order_key`, `order_direction`, and `expired` - converted `expired` validation error from 500 to 400 HTTP status code # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Rachael Shaw <r@rachael.wtf>
2023-10-27 20:13:20 +00:00
userOpts := fleet.UserListOptions{ListOptions: opt}
Add team user management (#672) - Add list team users endpoint. - Add add/delete team users endpoints. - Update list users to support filter by team.
2021-04-22 03:54:09 +00:00
if tid := r.URL.Query().Get("team_id"); tid != "" {
teamID, err := strconv.ParseUint(tid, 10, 64)
if err != nil {
13998 host options validation (#14539) #13998 Cleaned up REST API input validation for hosts, carves, users endpoints. rest-api.md changes explained: https://www.loom.com/share/9cd82653bacb4528bdaac117ec85a976 For the following endpoints: /api/v1/fleet/hosts /api/v1/fleet/hosts/count /api/v1/fleet/hosts/report - converted validation errors from 500 to 400 HTTP status code - added validation that policy_id must be present when policy_response is specified - added validation that policy_response must be `passing` or `failing` - added validation that `os_name` must be specified with `os_version` For the following endpoint: /api/v1/fleet/users - converted team_id validation error from 500 to 400 HTTP status code For the following endpoint: /api/v1/fleet/carves - added rest-api.md documentation for `page`, `per_page`, `order_key`, `order_direction`, and `expired` - converted `expired` validation error from 500 to 400 HTTP status code # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Rachael Shaw <r@rachael.wtf>
2023-10-27 20:13:20 +00:00
return userOpts, ctxerr.Wrap(r.Context(), badRequest(fmt.Sprintf("Invalid team_id: %s", tid)))
Add team user management (#672) - Add list team users endpoint. - Add add/delete team users endpoints. - Update list users to support filter by team.
2021-04-22 03:54:09 +00:00
}
13998 host options validation (#14539) #13998 Cleaned up REST API input validation for hosts, carves, users endpoints. rest-api.md changes explained: https://www.loom.com/share/9cd82653bacb4528bdaac117ec85a976 For the following endpoints: /api/v1/fleet/hosts /api/v1/fleet/hosts/count /api/v1/fleet/hosts/report - converted validation errors from 500 to 400 HTTP status code - added validation that policy_id must be present when policy_response is specified - added validation that policy_response must be `passing` or `failing` - added validation that `os_name` must be specified with `os_version` For the following endpoint: /api/v1/fleet/users - converted team_id validation error from 500 to 400 HTTP status code For the following endpoint: /api/v1/fleet/carves - added rest-api.md documentation for `page`, `per_page`, `order_key`, `order_direction`, and `expired` - converted `expired` validation error from 500 to 400 HTTP status code # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Rachael Shaw <r@rachael.wtf>
2023-10-27 20:13:20 +00:00
// GitHub CodeQL flags this as: Incorrect conversion between integer types. Previously waived: https://github.com/fleetdm/fleet/security/code-scanning/516
userOpts.TeamID = uint(teamID)
Add team user management (#672) - Add list team users endpoint. - Add add/delete team users endpoints. - Update list users to support filter by team.
2021-04-22 03:54:09 +00:00
}
13998 host options validation (#14539) #13998 Cleaned up REST API input validation for hosts, carves, users endpoints. rest-api.md changes explained: https://www.loom.com/share/9cd82653bacb4528bdaac117ec85a976 For the following endpoints: /api/v1/fleet/hosts /api/v1/fleet/hosts/count /api/v1/fleet/hosts/report - converted validation errors from 500 to 400 HTTP status code - added validation that policy_id must be present when policy_response is specified - added validation that policy_response must be `passing` or `failing` - added validation that `os_name` must be specified with `os_version` For the following endpoint: /api/v1/fleet/users - converted team_id validation error from 500 to 400 HTTP status code For the following endpoint: /api/v1/fleet/carves - added rest-api.md documentation for `page`, `per_page`, `order_key`, `order_direction`, and `expired` - converted `expired` validation error from 500 to 400 HTTP status code # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Rachael Shaw <r@rachael.wtf>
2023-10-27 20:13:20 +00:00
return userOpts, nil
Add team user management (#672) - Add list team users endpoint. - Add add/delete team users endpoints. - Update list users to support filter by team.
2021-04-22 03:54:09 +00:00
}
Implement Get methods for single entities of label, pack and query specs (#1766) - Datastore methods (where necessary) - Service methods - Endpoints/Handlers
2018-05-08 01:54:29 +00:00
type getGenericSpecRequest struct {
Migrate packs endpoints to new pattern (#3244)
2021-12-15 14:35:40 +00:00
Name string `url:"name"`
Implement Get methods for single entities of label, pack and query specs (#1766) - Datastore methods (where necessary) - Service methods - Endpoints/Handlers
2018-05-08 01:54:29 +00:00
}
Reference in New Issue Copy Permalink