Commit Graph

57 Commits

Author SHA1 Message Date
Tim Lee
0557f10ac5
14729 smtp settings validation for TLS (#15029) 2023-11-21 11:48:21 -07:00
Gabriel Hernandez
6555d8def4
Feat UI windows automatic enrollment (#12988)
relates to #12606

Implementation of the Windows automatic enrollment Fleet UI pages. This
includes implementation of card for windows automatic enrollment, the
setup page for windows automatic enrollment, and terms and conditions
page for windows (This is currently still being worked on as our current
solution is not working).

**windows mdm auto enrollment card**


![image](https://github.com/fleetdm/fleet/assets/1153709/d4dc1813-dc28-4a63-bacd-cb7e43e18170)

**windows auto enrollment setup page**


![image](https://github.com/fleetdm/fleet/assets/1153709/92da4b05-0d5d-4404-867f-6d315957bdc3)

- [x] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [x] Manual QA for all new/changed functionality

---------

Co-authored-by: Marcos Oviedo <marcos@fleetdm.com>
2023-08-08 15:57:55 +01:00
Lucas Manuel Rodriguez
2a532ede94
Do not return empty SSO and SMTP settings for non-global-admins (#12180)
#11266

PS: I first attempted a serialization trick by introducing a new
`appConfigResponse` and implementing `json.Marshal` to exclude these
fields but it was too hacky and hard to maintain moving forward, so I'm
bitting the bullet now. Happy to hear other ideas.

- [X] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- ~[ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)~
- ~[ ] Documented any permissions changes~
- ~[ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)~
- ~[ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.~
- [X] Added/updated tests
- [X] Manual QA for all new/changed functionality
  - ~For Orbit and Fleet Desktop changes:~
- ~[ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.~
- ~[ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).~
2023-06-07 16:06:36 -03:00
Benjamin Edwards
6f836d60cb
add support for AWS SES email backend (#10847) 2023-04-06 13:21:07 -05:00
Lucas Manuel Rodriguez
40265d0e6f
Fix SMTP e-mail send when SMTP server has credentials (#10758)
#9609

This PR also fixes #10777.

The issue is: We were using `svc.AppConfig` instead of
`svc.ds.AppConfig` to retrieve the SMTP credentials.
`svc.AppConfig` obfuscates credentials, whereas `svc.ds.AppConfig` does
not.
To help prevent this from happening again I've renamed `svc.AppConfig`
to `svc.AppConfigObfuscated`.
I've also added a new test SMTP server
(https://github.com/axllent/mailpit) that supports Basic Authentication
and tests that make use of it to catch these kind of bugs (the tests are
executed when running `go test` with `MAIL_TEST=1`).

- [X] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- ~[ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)~
- ~[ ] Documented any permissions changes~
- ~[ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)~
- ~[ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.~
- [X] Added/updated tests
- [X] Manual QA for all new/changed functionality
  - ~For Orbit and Fleet Desktop changes:~
- ~[ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.~
- ~[ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).~
2023-03-28 15:23:15 -03:00
Mike McNeil
f20762b431
update copyright year in core product transactional email templates (#3549)
* update copyright year in core product transactional email templates

* Update password_reset.html

* Update change_email_confirmation.html

* Update smtp_setup.html
2022-01-01 12:41:32 -06:00
Zach Wasserman
32571c0990
Add wrap for SMTP connection error (#3206) 2021-12-09 09:58:33 -08:00
Martin Angers
c997f853e5
Make creation of http.Client uniform across the codebase (#3097) 2021-11-24 15:56:54 -05:00
Martin Angers
69a4985cac
Use new error handling approach in other packages (#2954) 2021-11-22 09:13:26 -05:00
Tomas Touceda
cb687f6e2d
Increase timeout to check for smpt availability (#1942) 2021-09-06 14:29:52 -03:00
gillespi314
4a307f1274
Update email template image links (#1938)
* Update email image links; move pngs to fleetdm.com
2021-09-03 17:00:30 -05:00
Tomas Touceda
c6c63ab12a
Refactor app config (POC, for now) (#1685) 2021-08-20 12:27:41 -03:00
Zach Wasserman
c5280c0517
Add v4 suffix in go.mod (#1224) 2021-06-25 21:46:51 -07:00
gillespi314
da6394a6b7
Fix invite email template (#1202) 2021-06-25 14:10:03 -05:00
gillespi314
b02d8c8dd5
Remove unused image file (#1201) 2021-06-24 18:14:25 -05:00
RachelElysia
c5ff275783
Replace invitedbyusername with invitedby (#1200) 2021-06-24 14:52:09 -07:00
RachelElysia
aeb852e168
Remove username from UI (#1168)
* Remove username from UI code
* Remove username from tests
* Remove username from database
* Modify server endpoints for removing username
* Implement backend aspects of removing username
* Update API docs
* Add name to fleetctl
2021-06-24 13:42:29 -07:00
gillespi314
4909c0a4c5
Update email templates (#1175)
* Update email templates

* Update image file locations for email templates
2021-06-24 14:56:26 -05:00
Zach Wasserman
2ad557e3b3 Merge branch 'main' into teams 2021-06-18 09:42:20 -07:00
noahtalerman
3fe13be701
Update links to main branch in email templates (#1086)
- Update links to documentation
- Update link to assets by editing `getAssetURL()`
- Prettier did some reformatting of the email template code which is resulting in a larger amount of lines changed
2021-06-15 14:29:20 -04:00
RachelElysia
5e52ba7aea
User Management Page: Edit user's email flash message (#1084)
* Render flash message with sender/receiver information on user's email update
2021-06-15 10:35:28 -04:00
Zach Wasserman
db459d3363
Continue to update names in backend code and docs (#976) 2021-06-06 16:58:23 -07:00
Zach Wasserman
fb32f0cf40
Remove kolide types and packages from backend (#974)
Generally renamed `kolide` -> `fleet`
2021-06-06 15:07:29 -07:00
Zach Wasserman
6f6464f206
Migrate remaining URLs to fleetdm.com (#116) 2020-12-10 11:26:00 -08:00
noahtalerman
51cfb07f64
Implement global colors. Add italic font. (#64)
The goal of this PR was to insert new colors, remove legacy colors, and update only the styles accordingly. The Nunito Sans Italic font was also added.

Later PRs will include layout, copy, and style change to individual components. These later changes will more exactly resemble the current mockups.
2020-11-24 08:59:03 -08:00
noahtalerman
8df16949f5
Add fleet assets including logos, 404 image, and 500 image. (#61)
This is the second PR as part of the Fleet UI Refresh #38.

The goal of this PR was to insert all updated Fleet assets and remove all old assets. More style changes, including the exact sizing and placement of the new images, will occur in a future PR.
2020-11-23 11:22:42 -08:00
noahtalerman
23ce98ec51
Add Nunito Sans font and update global styles. (#59)
This is the first PR as a part of the Fleet UI Refresh #38.

Changes include:

- Add Nunito Sans font files and modify global styles to reflect the font change.
- Modify global font variables to reflect new sizing and weight naming conventions.
-- New sizing and naming conventions:
--- SIZE: xx-small: 12px, x-small: 14px, small: 16px, medium: 20px, large: 24px, x-large: 28px
--- WEIGHT: regular: 400, bold: 700
- Remove the old Oxygen font files.

Changes to other style sheets reflect the changes to the new font sizing and weight naming conventions for global variables. The changes don't necessarily use the correct size (as illustrated by mockups). Those "up to spec" sizing changes are to come.
2020-11-19 16:51:22 -08:00
Mike Arpaia
af96e52a00
Update the Go import paths to new repo name (#27) 2020-11-11 09:59:12 -08:00
noahtalerman
ecacbf212b
Changes to additional links for transition to fleetdm (#21) 2020-11-04 21:48:39 -08:00
Zachary Wasserman
7f757d3144 Extract functionName into helper
Cleans up some repetition in tests.
2020-07-21 14:05:46 -07:00
Zachary Wasserman
45f6a74740
Allow import of github.com/kolide/fleet (#2213)
Previously a Go package attempting to import Fleet packages would run
into an error like "server/kolide/emails.go:93:23: undefined: Asset".

This commit refactors bindata asset handling to allow importing Fleet as
a library without changing the typical developer experience.
2020-03-29 19:22:04 -07:00
Lars Lehtonen
ed9f890ba0 server/mail: Handle error when write fails (#2132) 2019-11-07 08:34:50 -08:00
Zachary Wasserman
adf87140a7
Add ability to prefix Fleet URLs (#2112)
- Add the server_url_prefix flag for configuring this functionality
- Add prefix handling to the server routes
- Refactor JS to use appropriate paths from modules
- Use JS template to get URL prefix into JS environment
- Update webpack config to support prefixing

Thanks to securityonion.net for sponsoring the development of this feature.

Closes #1661
2019-10-16 16:40:45 -07:00
Zachary Wasserman
fa10dbe0a8
Use Github hosted assets in emails sent by Fleet (#2090)
This change allows the images in Fleet emails to load properly from any
device with connectivity to github.com. Previously, emails might try to
load resources from a Kolide server not accessible from the email
client.

The asset URL will be based on the most recent git tag to accomodate
backwards-compatibility if the assets in the repo change.

Closes #1471
2019-08-02 14:08:42 -07:00
Zachary Wasserman
eb212116dc Merge pull request from GHSA-6g7f-8qm4-f7h8
When LOGIN authentication was used, Fleet would send SMTP credentials
even if the connection the SMTP server was not secured via TLS.

Copying the pattern used in the standard library PlainAuth
implementation, we now only send credentials when the connection is
secure or the server is localhost.
2019-05-30 15:02:17 -04:00
Zachary Wasserman
7153e0043c Update email contents and subjects (#2023)
- Refer to "Kolide" as "Fleet"
- Fix link to documentation
- Remove suggestion to email support@kolide.co
2019-04-04 18:56:15 -04:00
Zachary Wasserman
c8229cc0d6
Replace uses of the term "Kolide" with "Fleet" (#1999)
Almost two years ago, we began referring to the project as Fleet, but there are
many occurences of the term "Kolide" throughout the UI and documentation. This
PR attempts to clear up those uses where it is easily achievable.

The term "Kolide" is used throughout the code as well, but modifying this would
be more likely to introduce bugs.
2019-01-24 09:39:32 -08:00
James Thomas
5e5e4f3918 Add Support for SMTP LOGIN Authentication Method (#1988)
This PR adds support for the SMTP LOGIN authentication method. Office 365 Exchange removed support for PLAIN authentication some time ago, and only supports LOGIN and an OAuth2 authentication method. This patch has been tested with a licensed O365 account. This method should also be usable with any other email server that advertises LOGIN in its 250-AUTH response.

Note: If using this with O365, the account used must not have MFA enabled.

Closes #1663
2019-01-14 12:35:23 -08:00
Zachary Wasserman
66e720d34d Reduce port scanning possibilities via SMTP configuration
The SMTP configuration could be used by an admin user to port scan the network
the Fleet server was running on. This commit reduces the information possible
to determine via this technique. A malicious admin can no longer determine
whether any TCP server is listening on a given port/address. They can only
determine ports and addresses where SMTP servers are running.

Thanks to 'quikke' for reporting this vulnerability.
2018-09-18 14:56:25 -04:00
angrylogic
c873833a5f Include RFC822 From header. (#1743)
The DMARC and DKIM email authentication systems both require the RFC822
From header to function.  Kolide currently only includes the configured
sender address as the SMTP Envelop From address (e.g., the MAIL FROM
command).  This patch also includes the configured sender address in the
RFC822 email From header which should allow these emails to pass both
DKIM and DMARC authentication.
2018-04-25 09:02:09 -07:00
Mike Arpaia
018b91ab2c Rename project to Kolide Fleet (#1529) 2017-06-22 15:50:45 -04:00
John Murphy
12d2df1f9a Add SSO support to new user activation (#1504)
Closes #1502. This PR adds support for SSO to the new user creation process. An admin now has the option to select SSO when creating a new user.  When the confirmation form is submitted, the user is automatically authenticated with the IDP, and if successful, is redirected to the Kolide home page. Password authentication, password change and password reset are not allowed for an SSO user.
2017-05-10 11:26:05 -05:00
Zachary Wasserman
5781613249 Minor fixes in email footer (#1394) 2017-03-10 15:18:40 -08:00
Kyle Knight
9791e85881 Add styles to SMTP setup confirmation email (#1382) 2017-03-10 17:02:45 -05:00
Kyle Knight
91132e440b Update Password Reset Email (#1225) 2017-02-23 11:10:33 -05:00
Mike Arpaia
a000751bfe renaming kolide-ose to kolide (#1143) 2017-02-01 10:20:50 -07:00
John Murphy
9465434826 Allow user to change email with confirmation (#1102)
* Change email functionality

* Code review changes for @groob

* Name change per @groob

* Code review changes per @marpaia

Also added addition non-happy path tests to satisfy concerns by @groob
2017-01-27 21:35:58 +08:00
Victor Vrantchan
650bae2ffb remove dev mode from cli options (#1027) 2017-01-19 09:42:45 -05:00
Victor Vrantchan
fa39dcd555 fix various issues with SMTP configuration (#1001)
* fix various issues with SMTP configuration

* handle SplitHostPort error
2017-01-18 10:05:09 -05:00
Kyle Knight
a6b45322ea Style Invite User email template (#998) 2017-01-18 09:43:09 -05:00