* Modify targets endpoint to use queryId
* Conditionally render query page including queryId
* Includes conditionally renders target dropdown
Co-authored by: Sarah Gillespie @gillespi314
Test mods co-authored by: Gabriel Hernandez @ghernandez345
* add new permission routes and messaging
* add messaing for no permissions
* query-library-os-icons (#913)
Added query library os icons to website assets.
* fix broken check for config before api responds
Co-authored-by: Mike Thomas <78363703+mike-j-thomas@users.noreply.github.com>
- Add TeamFilter to relevant host and label methods.
- Pass appropriate filter in service methods.
The dashboard should now show the appropriate hosts for a user's team membership.
- Add policy.rego file defining authorization policies.
- Add Go integrations to evaluate Rego policies (via OPA).
- Add middleware to ensure requests without authorization check are rejected (guard against programmer error).
- Add authorization checks to most service endpoints.
- Move team-related service methods to `ee/server/service`.
- Instantiate different service on startup based on license key.
- Refactor service errors into separate package.
- Add support for running E2E tests in both Core and Basic tiers.
- Add `team_id` field to secrets.
- Remove secret `name` and `active` fields (migration deletes inactive secrets).
- Assign hosts to Team based on secret provided.
- Add API for retrieving secrets by Team.
* /sandbox/queries becomes /queries, etc
* Publish fleetdm.com/queries
Expose query library routes the rest of the way, move remediation data sanitization to the point of entry, and update query library to match (pairing w/ @gillespi314)
* Fix accidental commit of sailsrc (again)
* Implement detail page for standard query lib
* Add alt text for image
* Replace id with css class
* Implement query-libary page for fleetdm.com
* Remove console.log
* Implement client-side search for query library
* Add responsive breakppoints
* Fix input tag
* Implement detail page for standard query lib
* Add alt text for image
* Replace id with css class
* Implement query-libary page for fleetdm.com
* Remove console.log
* Style query manage page including side panel and table
* Conditional side panel rendering
Additional riders:
* Less brittle team e2e test
* Update all search icons across app
- In tests and documentation, replace `@fleetdm.com` with `@example.com`
- In documentation, replace `hello@fleetdm.com` with `fleetdm.com/contact`
- In documentation, replace `security@fleetdm.com` with `fleetdm.com/contact`
- In Dockerfiles, replace `engineering@fleetdm.com` with `hello@fleetdm.com`. These two files are the only remaining files with a `@fleetdm.com` email.
- Add link to "Fleet 3.11.0 released with software inventory" to location in docs where software inventory is described.
- Change "host details" to "host vitals"
- Accept Teams as a searchable target type for the target selection API.
- Accept Teams for targets in running live queries.
- Refactoring to support these changes.
- Update API documentation.
* Query Edit/Run page renders based on user role
* Original UI for global admin/ global maintainer
* New UI for global observer / team maintainer / team observer
* New create new query UI for team maintainer
* Styling matches Figma
* Tests modified accordingly
Styling Closes#859
Co-authored by: Sarah Gillespie @gillespi314
Tests co-authored by: @ghernandez345
* Add document
* Spell fix in README
* minor word trimming and added a comma or two. This looks great!
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
- Move host `additional` into a separate table.
- Join when that data is needed.
- API change: `/api/v1/fleet/hosts` now returns only the requested
`additional` columns, unless `*` is provided as the sole argument.
Background:
A customer reported that MySQL binlogs grew huge and replication lag
went way up when data was stored in the `additional` column. In this
deployment MySQL was running with ROW replication. This would cause the
entire `additional` data to be copied on each update of the host checkin
time. While switching to STATEMENT or MIXED replication would likely
mitigate the issue, this was not an option in their environment.
* update genreating of available host table headers based on tier
* stoping point for host permissions
* fixed up available headers for teams depending on permissions
* show select column on host table properly
