* Fix access control issues with users
* Fix access control issues with packs
* Fix access control issues with software
* Changes suggested by Martin
* All users can access the global schedule
* Restrict access to activities
* Add explicit test for team admin escalation vuln
* All global users should be able to read all software
* Handbook editor pass - Security - GitHub Security (#5108)
* Update security.md
All edits are recorded by line:
395 replaced “open-source” with “open source”
411 replaced “open-source” with “open source”
439 added “the” before “comment”; replaced “repositories,” with “repositories”
445 deleted “being” before “located”
458 added “and” after “PR”
489 replaced “on” with “in”
493 replaced “open-source” with “open source”; Replaced “privileges,” with “privileges”
* Update security.md
line 479
* Update security.md
added (static analysis tools used to identify problems in code) to line 479
* Fix UI
* Fix UI
* revert api v1 to latest in documentation (#5149)
* revert api v1 to latest in documentation
* Update fleetctl doc page
Co-authored-by: Noah Talerman <noahtal@umich.edu>
* Add team admin team policy automation; fix e2e
* Update to company page of the handbook (#5164)
Updated "Why do we use a wireframe-first approach?" section of company.md
* removed extra data on smaller screens (#5154)
* Update for team automations; e2e
* Jira Integration: Cypress e2e tests only (#5055)
* Update company.md (#5170)
This is to update the formatting under "empathy" and to fix the spelling of "help text."
This was done as per @mikermcneil .
This is related to #https://github.com/fleetdm/fleet/pull/4941 and https://github.com/fleetdm/fleet/issues/4902
* fix update updated_at for aggregated_stats (#5112)
Update the updated_at column when using ON DUPLICATE UPDATE so that
the counts_updated_at is up to date
* basic sql formatting in code ie whitespace around operators
* Fix e2e test
* Fix tests in server/authz
Co-authored-by: gillespi314 <73313222+gillespi314@users.noreply.github.com>
Co-authored-by: Desmi-Dizney <99777687+Desmi-Dizney@users.noreply.github.com>
Co-authored-by: Michal Nicpon <39177923+michalnicp@users.noreply.github.com>
Co-authored-by: Noah Talerman <noahtal@umich.edu>
Co-authored-by: Mike Thomas <78363703+mike-j-thomas@users.noreply.github.com>
Co-authored-by: Martavis Parker <47053705+martavis@users.noreply.github.com>
Co-authored-by: RachelElysia <71795832+RachelElysia@users.noreply.github.com>
* added teams webhook calls
* split global admin and team admin tests; added policy automation
* changes file
* fixed type errors
* fixed e2e test
* fixed typo
* fixed admin test syntax
* fixed test logic for team maintainer
* lint fixes
* more admin e2e test fixes
* fixed team policy test
* removed duplicate test
* all login methods no longer use redux
* removed redux from registration
* redirect user from registration
* removed redux from sso invite
* removed redundant component
* refactored user settings page
* removed redux from logout
* cleaned up unused redux calls
* lint fixes
* removed test
* removed old config interface
* fixed registration bug
* team permission fix
* removed remaining redux references from pages - #4436
* better way to set config
* base logic to handle rendering a notification without redux
* removed dispatches for new flash mesage triggers
* query page wrapper is no longer needed
* refactored confirm invite page to remove redux
* refactored email token redirect to functional and typescript
* refactored pack composer page to functional and typescript
* clean up
* lint fixes
* tests no longer needed
* fixed confirm sso invite test
* test fix
* fixed test
* fixed tests
* removed redux from flash on rebased pages
Add new usePlatformSelector custom hook
Add new usePlatformCompatibility custom hook
Add new PlatformSelector global component
Refactor PlatformCompatibility as global component
Refactor sql_tools to TypeScript
Improve type definitions for context/policy
Align PolicyPage and QueryPage with platform compatibility changes
* Allow sort by more than one key
* created custom tooltip component
* remove unused code
* fixed style for more layouts
* added tooltip to query side panel
* tooltips added to setting form
* finished settings form
* added tooltip for perf impact table headers
* tooltip for pack table and user form
* tooltip on manage policies page
* tooltip for manage schedules
* tooltip for automations; spacing for form input
* tooltip for automations modal
* user form; fixed input with icon component
* more user form tooltips
* tooltip for homepage; style fixes
* replaced many more tooltips with new version
* added story for tooltip
* added position prop
* fixed tests
* re-work how we click react-select dropdowns
* forcing the update button click
* trying a blur
* fixed typo
* trying blur on another element
* temp check-in
* replaced tooltip from host details software
* more consolidation of tooltip use for software
* fixed settings flow test
Co-authored-by: Tomas Touceda <chiiph@gmail.com>
* Allow sort by more than one key
* forcing 404 page where entity ids do not exist
* refactored error boundary; handling 404s now
* added 403 overlay; refactored auth wrappers
* fixed test for maintainer
* more efficient fetches; test fixes
* clarify comment
* clean up
Co-authored-by: Tomas Touceda <chiiph@gmail.com>
* Better jitter (#3716) (#3744)
* Better jitter (#3716)
* Better jitter
* Fix lint
* Use milliseconds
* Make duration milliseconds
* Update based on Lucas' suggestion
* Add changes file
* Panic on error
* Fix compilation error
* Use time.after instead of time.tick to not leak
* Include browser extensions in software inventory (#3733) (#3757)
Use appropriate JOINs against users table to include all results.
For #3557
* Build Docker images on push to any branch (#3756) (#3758)
Allows for testing release branches and any others.
* Optimize users detail query (#3754) (#3770)
@Smjert reported instances of Windows Domain Controllers having massive
resource utilization and being killed by the watchdog when running this
query. In his test environment, this new query performs much better.
* Refactor async host processing to avoid redis SCAN keys (for policies) (#3657) (#3755)
* Issue 3707 clean targets on delete (#3739) (#3776)
* wip
* Delete targets when deleting teams, hosts, and labels
* Add changes file
* Fix error message
* Remove unused teamsTable
* Cleanup new pack
* Clean new packs at end of test
* Update operating system policy (#3779)
- Update policy's query to check for operating system versions greater than or equal to
* Improve loading of manage policies page (#3695) (#3781)
Co-authored-by: gillespi314 <73313222+gillespi314@users.noreply.github.com>
* Fix logo (#3765)
* fixed duplicate query modal not closing (#3787)
* fixed style for connection line on activity feed (#3789)
* Improve loading state for query platform compatibility (#3752) (#3783)
Co-authored-by: gillespi314 <73313222+gillespi314@users.noreply.github.com>
* Disable pagination for teams page (#3794)
* Shorten "simple" query API period to 25s (#3775) (#3804)
This helps the period stay under the default request timeouts for most
load balancers.
Some default timeouts:
* AWS ALB - 60s
* Nginx - 60s
* GCP LB - 30s
* Clear user checkbox selections after successfully removing selected row from table UI #3798 (#3801)
* Alias fleetctl sandbox to fleetctl preview (#3803) (#3806)
Preparing for some work the product team is planning to rebrand preview
to sandbox.
* Remove flash of spinner to no spinner (#3799)
* Revert "Better jitter (#3716) (#3744)" (#3807)
This reverts commit c857b52d2b373ed9e302d643e6d2212af7353408.
* Fix teams dropdown sizing (#3759) (#3810)
Co-authored-by: gillespi314 <73313222+gillespi314@users.noreply.github.com>
* fixed link for expiration message (#3788)
* Fixed empty string for compatible platforms (#3812)
* fixed empty string for compatible platforms
* default checked for platforms on policy query
* Block autocomplete for username and password in SMTP settings (#3732) (#3816)
* No hosts for software/policy renders better message (#3701) (#3821)
Co-authored-by: Martavis Parker <47053705+martavis@users.noreply.github.com>
* Get failing policies webhook data on page load (#3824)
* Fix reset password flow (#3826)
* Prepare for 4.9.0 (#3820)
- Add CHANGELOG
- Bump versioning
- Remove changes files
- Spelling fix for operating system policy's description
* Remove merge artifact
Co-authored-by: Zach Wasserman <zach@fleetdm.com>
Co-authored-by: Martin Angers <martin.n.angers@gmail.com>
Co-authored-by: Noah Talerman <47070608+noahtalerman@users.noreply.github.com>
Co-authored-by: Luke Heath <luke@fleetdm.com>
Co-authored-by: gillespi314 <73313222+gillespi314@users.noreply.github.com>
Co-authored-by: RachelElysia <71795832+RachelElysia@users.noreply.github.com>
Co-authored-by: Martavis Parker <47053705+martavis@users.noreply.github.com>
* Add new feature: team policies
* Continue work on team policies
* Continue work on team policies
* Continue team policies
* Revert accidental deletion
* Rename variables
* code refactored; working on runtime errors
* updated front end docs
* Update URLs from team to teams, add tests for policy auth
* Fix test
* Continue work on team policies
* Add permission checks
* mange hosts functional and cleaned up; typing
* improved label logic
* added try catch to awaits
* lint fixes
* frontend unit tests don't work for functional components
* test fix
* revert
* Address errors related to refetch on window focus
* Add loading error check
* Fix typos in loading error checks
* Guard against invariant condition in useEffect
* Update links and routes for team policies
* lint fixes
* Update frontend/pages/hosts/ManageHostsPage/helpers.ts
Co-authored-by: gillespi314 <73313222+gillespi314@users.noreply.github.com>
* Change inherited policies button, tooltip
* lint fixes
Co-authored-by: gillespi314 <73313222+gillespi314@users.noreply.github.com>
Co-authored-by: Tomas Touceda <chiiph@gmail.com>
Add tooltip to surface bundle_identifier in software inventory table
Add new column to software inventory table to surface "last used" information
Add link from software inventory table to manage hosts page filtered by software id
Replace software vulnerabilities table with info banner directing users to manage hosts page filtered by software id where software-specific vulnerabilities will be displayed
Refactor SoftwareVulnerabilities.jsx using TypeScript
Add utility function for sorting string representations of dates and refactor semantics of existing sort functions
