fleet/server/service/global_policies.go

package service

import (
	"context"

	"github.com/fleetdm/fleet/v4/server/fleet"
)

/////////////////////////////////////////////////////////////////////////////////
// Add
/////////////////////////////////////////////////////////////////////////////////

type globalPolicyRequest struct {
	QueryID uint `json:"query_id"`
}

type globalPolicyResponse struct {
	Policy *fleet.Policy `json:"policy,omitempty"`
	Err    error         `json:"error,omitempty"`
}

func (r globalPolicyResponse) error() error { return r.Err }

func globalPolicyEndpoint(ctx context.Context, request interface{}, svc fleet.Service) (interface{}, error) {
	req := request.(*globalPolicyRequest)
	resp, err := svc.NewGlobalPolicy(ctx, req.QueryID)
	if err != nil {
		return globalPolicyResponse{Err: err}, nil
	}
	return globalPolicyResponse{Policy: resp}, nil
}

func (svc Service) NewGlobalPolicy(ctx context.Context, queryID uint) (*fleet.Policy, error) {
	if err := svc.authz.Authorize(ctx, &fleet.Policy{}, fleet.ActionWrite); err != nil {
		return nil, err
	}

	return svc.ds.NewGlobalPolicy(ctx, queryID)
}

/////////////////////////////////////////////////////////////////////////////////
// List
/////////////////////////////////////////////////////////////////////////////////

type listGlobalPoliciesResponse struct {
	Policies []*fleet.Policy `json:"policies,omitempty"`
	Err      error           `json:"error,omitempty"`
}

func (r listGlobalPoliciesResponse) error() error { return r.Err }

func listGlobalPoliciesEndpoint(ctx context.Context, _ interface{}, svc fleet.Service) (interface{}, error) {
	resp, err := svc.ListGlobalPolicies(ctx)
	if err != nil {
		return listGlobalPoliciesResponse{Err: err}, nil
	}
	return listGlobalPoliciesResponse{Policies: resp}, nil
}

func (svc Service) ListGlobalPolicies(ctx context.Context) ([]*fleet.Policy, error) {
	if err := svc.authz.Authorize(ctx, &fleet.Policy{}, fleet.ActionRead); err != nil {
		return nil, err
	}

	return svc.ds.ListGlobalPolicies(ctx)
}

/////////////////////////////////////////////////////////////////////////////////
// Get by id
/////////////////////////////////////////////////////////////////////////////////

type getPolicyByIDRequest struct {
	PolicyID uint `url:"policy_id"`
}

type getPolicyByIDResponse struct {
	Policy *fleet.Policy `json:"policy"`
	Err    error         `json:"error,omitempty"`
}

func (r getPolicyByIDResponse) error() error { return r.Err }

func getPolicyByIDEndpoint(ctx context.Context, request interface{}, svc fleet.Service) (interface{}, error) {
	req := request.(*getPolicyByIDRequest)
	policy, err := svc.GetPolicyByIDQueries(ctx, req.PolicyID)
	if err != nil {
		return getPolicyByIDResponse{Err: err}, nil
	}
	return getPolicyByIDResponse{Policy: policy}, nil
}

func (svc Service) GetPolicyByIDQueries(ctx context.Context, policyID uint) (*fleet.Policy, error) {
	if err := svc.authz.Authorize(ctx, &fleet.Policy{}, fleet.ActionRead); err != nil {
		return nil, err
	}

	policy, err := svc.ds.Policy(ctx, policyID)
	if err != nil {
		return nil, err
	}

	return policy, nil
}

/////////////////////////////////////////////////////////////////////////////////
// Delete
/////////////////////////////////////////////////////////////////////////////////

type deleteGlobalPoliciesRequest struct {
	IDs []uint `json:"ids"`
}

type deleteGlobalPoliciesResponse struct {
	Deleted []uint `json:"deleted,omitempty"`
	Err     error  `json:"error,omitempty"`
}

func (r deleteGlobalPoliciesResponse) error() error { return r.Err }

func deleteGlobalPoliciesEndpoint(ctx context.Context, request interface{}, svc fleet.Service) (interface{}, error) {
	req := request.(*deleteGlobalPoliciesRequest)
	resp, err := svc.DeleteGlobalPolicies(ctx, req.IDs)
	if err != nil {
		return deleteGlobalPoliciesResponse{Err: err}, nil
	}
	return deleteGlobalPoliciesResponse{Deleted: resp}, nil
}

func (svc Service) DeleteGlobalPolicies(ctx context.Context, ids []uint) ([]uint, error) {
	if err := svc.authz.Authorize(ctx, &fleet.Policy{}, fleet.ActionWrite); err != nil {
		return nil, err
	}

	return svc.ds.DeleteGlobalPolicies(ctx, ids)
}
Add global policies (#1750) * Add global policies * Update documentation and add extra parameter to config * Fix failing tests * Store historic policy records * Address review comments And also remove other inmem references I saw by chance * Add documentation for get by id request * Add parameter doc * Move schema generation to a cmd instead of a test Otherwise it messes up running all tests sometimes depending on how parallel it does * Remove brain dump for another task * Make migration tests a separate beast * Make schema generation idempotent and move dbutils cmd to tools * Allow all filters and add counts to Policy * Add test for Policy 2021-08-24 20:24:52 +00:00			`package service`

			`import (`
			`"context"`

			`"github.com/fleetdm/fleet/v4/server/fleet"`
			`)`

			`/////////////////////////////////////////////////////////////////////////////////`
			`// Add`
			`/////////////////////////////////////////////////////////////////////////////////`

			`type globalPolicyRequest struct {`
			QueryID uint `json:"query_id"`
			`}`

			`type globalPolicyResponse struct {`
			Policy *fleet.Policy `json:"policy,omitempty"`
			Err error `json:"error,omitempty"`
			`}`

			`func (r globalPolicyResponse) error() error { return r.Err }`

			`func globalPolicyEndpoint(ctx context.Context, request interface{}, svc fleet.Service) (interface{}, error) {`
			`req := request.(*globalPolicyRequest)`
			`resp, err := svc.NewGlobalPolicy(ctx, req.QueryID)`
			`if err != nil {`
			`return globalPolicyResponse{Err: err}, nil`
			`}`
			`return globalPolicyResponse{Policy: resp}, nil`
			`}`

			`func (svc Service) NewGlobalPolicy(ctx context.Context, queryID uint) (*fleet.Policy, error) {`
			`if err := svc.authz.Authorize(ctx, &fleet.Policy{}, fleet.ActionWrite); err != nil {`
			`return nil, err`
			`}`

Add support for context in datastore/mysql layer (#1962) This is just to pass down the context to the datastore layer, it doesn't use it just yet - this will be in a follow-up PR. 2021-09-14 12:11:07 +00:00			`return svc.ds.NewGlobalPolicy(ctx, queryID)`
Add global policies (#1750) * Add global policies * Update documentation and add extra parameter to config * Fix failing tests * Store historic policy records * Address review comments And also remove other inmem references I saw by chance * Add documentation for get by id request * Add parameter doc * Move schema generation to a cmd instead of a test Otherwise it messes up running all tests sometimes depending on how parallel it does * Remove brain dump for another task * Make migration tests a separate beast * Make schema generation idempotent and move dbutils cmd to tools * Allow all filters and add counts to Policy * Add test for Policy 2021-08-24 20:24:52 +00:00			`}`

			`/////////////////////////////////////////////////////////////////////////////////`
			`// List`
			`/////////////////////////////////////////////////////////////////////////////////`

			`type listGlobalPoliciesResponse struct {`
			Policies []*fleet.Policy `json:"policies,omitempty"`
			Err error `json:"error,omitempty"`
			`}`

			`func (r listGlobalPoliciesResponse) error() error { return r.Err }`

			`func listGlobalPoliciesEndpoint(ctx context.Context, _ interface{}, svc fleet.Service) (interface{}, error) {`
			`resp, err := svc.ListGlobalPolicies(ctx)`
			`if err != nil {`
			`return listGlobalPoliciesResponse{Err: err}, nil`
			`}`
			`return listGlobalPoliciesResponse{Policies: resp}, nil`
			`}`

			`func (svc Service) ListGlobalPolicies(ctx context.Context) ([]*fleet.Policy, error) {`
			`if err := svc.authz.Authorize(ctx, &fleet.Policy{}, fleet.ActionRead); err != nil {`
			`return nil, err`
			`}`

Add support for context in datastore/mysql layer (#1962) This is just to pass down the context to the datastore layer, it doesn't use it just yet - this will be in a follow-up PR. 2021-09-14 12:11:07 +00:00			`return svc.ds.ListGlobalPolicies(ctx)`
Add global policies (#1750) * Add global policies * Update documentation and add extra parameter to config * Fix failing tests * Store historic policy records * Address review comments And also remove other inmem references I saw by chance * Add documentation for get by id request * Add parameter doc * Move schema generation to a cmd instead of a test Otherwise it messes up running all tests sometimes depending on how parallel it does * Remove brain dump for another task * Make migration tests a separate beast * Make schema generation idempotent and move dbutils cmd to tools * Allow all filters and add counts to Policy * Add test for Policy 2021-08-24 20:24:52 +00:00			`}`

			`/////////////////////////////////////////////////////////////////////////////////`
			`// Get by id`
			`/////////////////////////////////////////////////////////////////////////////////`

			`type getPolicyByIDRequest struct {`
			PolicyID uint `url:"policy_id"`
			`}`

			`type getPolicyByIDResponse struct {`
			Policy *fleet.Policy `json:"policy"`
			Err error `json:"error,omitempty"`
			`}`

			`func (r getPolicyByIDResponse) error() error { return r.Err }`

			`func getPolicyByIDEndpoint(ctx context.Context, request interface{}, svc fleet.Service) (interface{}, error) {`
			`req := request.(*getPolicyByIDRequest)`
			`policy, err := svc.GetPolicyByIDQueries(ctx, req.PolicyID)`
			`if err != nil {`
			`return getPolicyByIDResponse{Err: err}, nil`
			`}`
			`return getPolicyByIDResponse{Policy: policy}, nil`
			`}`

			`func (svc Service) GetPolicyByIDQueries(ctx context.Context, policyID uint) (*fleet.Policy, error) {`
			`if err := svc.authz.Authorize(ctx, &fleet.Policy{}, fleet.ActionRead); err != nil {`
			`return nil, err`
			`}`

Add support for context in datastore/mysql layer (#1962) This is just to pass down the context to the datastore layer, it doesn't use it just yet - this will be in a follow-up PR. 2021-09-14 12:11:07 +00:00			`policy, err := svc.ds.Policy(ctx, policyID)`
Add global policies (#1750) * Add global policies * Update documentation and add extra parameter to config * Fix failing tests * Store historic policy records * Address review comments And also remove other inmem references I saw by chance * Add documentation for get by id request * Add parameter doc * Move schema generation to a cmd instead of a test Otherwise it messes up running all tests sometimes depending on how parallel it does * Remove brain dump for another task * Make migration tests a separate beast * Make schema generation idempotent and move dbutils cmd to tools * Allow all filters and add counts to Policy * Add test for Policy 2021-08-24 20:24:52 +00:00			`if err != nil {`
			`return nil, err`
			`}`

			`return policy, nil`
			`}`

			`/////////////////////////////////////////////////////////////////////////////////`
			`// Delete`
			`/////////////////////////////////////////////////////////////////////////////////`

			`type deleteGlobalPoliciesRequest struct {`
			IDs []uint `json:"ids"`
			`}`

			`type deleteGlobalPoliciesResponse struct {`
			Deleted []uint `json:"deleted,omitempty"`
			Err error `json:"error,omitempty"`
			`}`

			`func (r deleteGlobalPoliciesResponse) error() error { return r.Err }`

			`func deleteGlobalPoliciesEndpoint(ctx context.Context, request interface{}, svc fleet.Service) (interface{}, error) {`
			`req := request.(*deleteGlobalPoliciesRequest)`
			`resp, err := svc.DeleteGlobalPolicies(ctx, req.IDs)`
			`if err != nil {`
			`return deleteGlobalPoliciesResponse{Err: err}, nil`
			`}`
			`return deleteGlobalPoliciesResponse{Deleted: resp}, nil`
			`}`

			`func (svc Service) DeleteGlobalPolicies(ctx context.Context, ids []uint) ([]uint, error) {`
			`if err := svc.authz.Authorize(ctx, &fleet.Policy{}, fleet.ActionWrite); err != nil {`
			`return nil, err`
			`}`

Add support for context in datastore/mysql layer (#1962) This is just to pass down the context to the datastore layer, it doesn't use it just yet - this will be in a follow-up PR. 2021-09-14 12:11:07 +00:00			`return svc.ds.DeleteGlobalPolicies(ctx, ids)`
Add global policies (#1750) * Add global policies * Update documentation and add extra parameter to config * Fix failing tests * Store historic policy records * Address review comments And also remove other inmem references I saw by chance * Add documentation for get by id request * Add parameter doc * Move schema generation to a cmd instead of a test Otherwise it messes up running all tests sometimes depending on how parallel it does * Remove brain dump for another task * Make migration tests a separate beast * Make schema generation idempotent and move dbutils cmd to tools * Allow all filters and add counts to Policy * Add test for Policy 2021-08-24 20:24:52 +00:00			`}`