mirror of
https://github.com/empayre/fleet.git
synced 2024-11-06 08:55:24 +00:00
250 lines
6.4 KiB
Go
250 lines
6.4 KiB
Go
package service
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"html/template"
|
|
"strings"
|
|
|
|
"github.com/fleetdm/fleet/server/contexts/viewer"
|
|
"github.com/fleetdm/fleet/server/kolide"
|
|
"github.com/fleetdm/fleet/server/mail"
|
|
"github.com/pkg/errors"
|
|
)
|
|
|
|
// mailError is set when an error performing mail operations
|
|
type mailError struct {
|
|
message string
|
|
}
|
|
|
|
func (e mailError) Error() string {
|
|
return fmt.Sprintf("a mail error occurred: %s", e.message)
|
|
}
|
|
|
|
func (e mailError) MailError() []map[string]string {
|
|
return []map[string]string{
|
|
map[string]string{
|
|
"name": "base",
|
|
"reason": e.message,
|
|
},
|
|
}
|
|
}
|
|
|
|
func (svc service) NewAppConfig(ctx context.Context, p kolide.AppConfigPayload) (*kolide.AppConfig, error) {
|
|
config, err := svc.ds.AppConfig()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
fromPayload := appConfigFromAppConfigPayload(p, *config)
|
|
|
|
newConfig, err := svc.ds.NewAppConfig(fromPayload)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
// Set up a default enroll secret
|
|
secret, err := kolide.RandomText(24)
|
|
if err != nil {
|
|
return nil, errors.Wrap(err, "generate enroll secret string")
|
|
}
|
|
spec := &kolide.EnrollSecretSpec{
|
|
Secrets: []kolide.EnrollSecret{
|
|
kolide.EnrollSecret{
|
|
Name: "default",
|
|
Secret: secret,
|
|
Active: true,
|
|
},
|
|
},
|
|
}
|
|
err = svc.ds.ApplyEnrollSecretSpec(spec)
|
|
if err != nil {
|
|
return nil, errors.Wrap(err, "save enroll secret")
|
|
}
|
|
|
|
return newConfig, nil
|
|
}
|
|
|
|
func (svc service) AppConfig(ctx context.Context) (*kolide.AppConfig, error) {
|
|
return svc.ds.AppConfig()
|
|
}
|
|
|
|
func (svc service) SendTestEmail(ctx context.Context, config *kolide.AppConfig) error {
|
|
vc, ok := viewer.FromContext(ctx)
|
|
if !ok {
|
|
return errNoContext
|
|
}
|
|
|
|
testMail := kolide.Email{
|
|
Subject: "Hello from Fleet",
|
|
To: []string{vc.User.Email},
|
|
Mailer: &mail.SMTPTestMailer{
|
|
BaseURL: template.URL(config.KolideServerURL + svc.config.Server.URLPrefix),
|
|
AssetURL: getAssetURL(),
|
|
},
|
|
Config: config,
|
|
}
|
|
|
|
if err := mail.Test(svc.mailService, testMail); err != nil {
|
|
return mailError{message: err.Error()}
|
|
}
|
|
return nil
|
|
|
|
}
|
|
|
|
func (svc service) ModifyAppConfig(ctx context.Context, p kolide.AppConfigPayload) (*kolide.AppConfig, error) {
|
|
oldAppConfig, err := svc.AppConfig(ctx)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
config := appConfigFromAppConfigPayload(p, *oldAppConfig)
|
|
|
|
if p.SMTPSettings != nil {
|
|
enabled := p.SMTPSettings.SMTPEnabled
|
|
if (enabled == nil && oldAppConfig.SMTPConfigured) || (enabled != nil && *enabled) {
|
|
if err = svc.SendTestEmail(ctx, config); err != nil {
|
|
return nil, err
|
|
}
|
|
config.SMTPConfigured = true
|
|
} else if enabled != nil && !*enabled {
|
|
config.SMTPConfigured = false
|
|
}
|
|
}
|
|
|
|
if err := svc.ds.SaveAppConfig(config); err != nil {
|
|
return nil, err
|
|
}
|
|
return config, nil
|
|
}
|
|
|
|
func cleanupURL(url string) string {
|
|
return strings.TrimRight(strings.Trim(url, " \t\n"), "/")
|
|
}
|
|
|
|
func appConfigFromAppConfigPayload(p kolide.AppConfigPayload, config kolide.AppConfig) *kolide.AppConfig {
|
|
if p.OrgInfo != nil && p.OrgInfo.OrgLogoURL != nil {
|
|
config.OrgLogoURL = *p.OrgInfo.OrgLogoURL
|
|
}
|
|
if p.OrgInfo != nil && p.OrgInfo.OrgName != nil {
|
|
config.OrgName = *p.OrgInfo.OrgName
|
|
}
|
|
if p.ServerSettings != nil && p.ServerSettings.KolideServerURL != nil {
|
|
config.KolideServerURL = cleanupURL(*p.ServerSettings.KolideServerURL)
|
|
}
|
|
if p.ServerSettings != nil && p.ServerSettings.LiveQueryDisabled != nil {
|
|
config.LiveQueryDisabled = *p.ServerSettings.LiveQueryDisabled
|
|
}
|
|
|
|
if p.SSOSettings != nil {
|
|
if p.SSOSettings.EnableSSO != nil {
|
|
config.EnableSSO = *p.SSOSettings.EnableSSO
|
|
}
|
|
if p.SSOSettings.EntityID != nil {
|
|
config.EntityID = *p.SSOSettings.EntityID
|
|
}
|
|
if p.SSOSettings.IDPImageURL != nil {
|
|
config.IDPImageURL = *p.SSOSettings.IDPImageURL
|
|
}
|
|
if p.SSOSettings.IDPName != nil {
|
|
config.IDPName = *p.SSOSettings.IDPName
|
|
}
|
|
if p.SSOSettings.IssuerURI != nil {
|
|
config.IssuerURI = *p.SSOSettings.IssuerURI
|
|
}
|
|
if p.SSOSettings.Metadata != nil {
|
|
config.Metadata = *p.SSOSettings.Metadata
|
|
}
|
|
if p.SSOSettings.MetadataURL != nil {
|
|
config.MetadataURL = *p.SSOSettings.MetadataURL
|
|
}
|
|
}
|
|
|
|
if p.HostExpirySettings != nil {
|
|
if p.HostExpirySettings.HostExpiryEnabled != nil {
|
|
config.HostExpiryEnabled = *p.HostExpirySettings.HostExpiryEnabled
|
|
}
|
|
if p.HostExpirySettings.HostExpiryWindow != nil {
|
|
config.HostExpiryWindow = *p.HostExpirySettings.HostExpiryWindow
|
|
}
|
|
}
|
|
|
|
if settings := p.HostSettings; settings != nil {
|
|
if settings.AdditionalQueries != nil {
|
|
config.AdditionalQueries = settings.AdditionalQueries
|
|
}
|
|
}
|
|
|
|
populateSMTP := func(p *kolide.SMTPSettingsPayload) {
|
|
if p.SMTPAuthenticationMethod != nil {
|
|
switch *p.SMTPAuthenticationMethod {
|
|
case kolide.AuthMethodNameCramMD5:
|
|
config.SMTPAuthenticationMethod = kolide.AuthMethodCramMD5
|
|
case kolide.AuthMethodNamePlain:
|
|
config.SMTPAuthenticationMethod = kolide.AuthMethodPlain
|
|
case kolide.AuthMethodNameLogin:
|
|
config.SMTPAuthenticationMethod = kolide.AuthMethodLogin
|
|
default:
|
|
panic("unknown SMTP AuthMethod: " + *p.SMTPAuthenticationMethod)
|
|
}
|
|
}
|
|
if p.SMTPAuthenticationType != nil {
|
|
switch *p.SMTPAuthenticationType {
|
|
case kolide.AuthTypeNameUserNamePassword:
|
|
config.SMTPAuthenticationType = kolide.AuthTypeUserNamePassword
|
|
case kolide.AuthTypeNameNone:
|
|
config.SMTPAuthenticationType = kolide.AuthTypeNone
|
|
default:
|
|
panic("unknown SMTP AuthType: " + *p.SMTPAuthenticationType)
|
|
}
|
|
}
|
|
|
|
if p.SMTPDomain != nil {
|
|
config.SMTPDomain = *p.SMTPDomain
|
|
}
|
|
|
|
if p.SMTPEnableStartTLS != nil {
|
|
config.SMTPEnableStartTLS = *p.SMTPEnableStartTLS
|
|
}
|
|
|
|
if p.SMTPEnableTLS != nil {
|
|
config.SMTPEnableTLS = *p.SMTPEnableTLS
|
|
}
|
|
|
|
if p.SMTPPassword != nil && *p.SMTPPassword != "********" {
|
|
config.SMTPPassword = *p.SMTPPassword
|
|
}
|
|
|
|
if p.SMTPPort != nil {
|
|
config.SMTPPort = *p.SMTPPort
|
|
}
|
|
|
|
if p.SMTPSenderAddress != nil {
|
|
config.SMTPSenderAddress = *p.SMTPSenderAddress
|
|
}
|
|
|
|
if p.SMTPServer != nil {
|
|
config.SMTPServer = *p.SMTPServer
|
|
}
|
|
|
|
if p.SMTPUserName != nil {
|
|
config.SMTPUserName = *p.SMTPUserName
|
|
}
|
|
|
|
if p.SMTPVerifySSLCerts != nil {
|
|
config.SMTPVerifySSLCerts = *p.SMTPVerifySSLCerts
|
|
}
|
|
}
|
|
|
|
if p.SMTPSettings != nil {
|
|
populateSMTP(p.SMTPSettings)
|
|
}
|
|
return &config
|
|
}
|
|
|
|
func (svc service) ApplyEnrollSecretSpec(ctx context.Context, spec *kolide.EnrollSecretSpec) error {
|
|
return svc.ds.ApplyEnrollSecretSpec(spec)
|
|
}
|
|
|
|
func (svc service) GetEnrollSecretSpec(ctx context.Context) (*kolide.EnrollSecretSpec, error) {
|
|
return svc.ds.GetEnrollSecretSpec()
|
|
}
|