[Security Solution] host isolation exceptions add and edit exceptions…

… by policy (#119828)
elastic · Dec 4, 2021 · e527c3f · e527c3f
1 parent 327411b
commit e527c3f
Show file tree

Hide file tree

Showing 16 changed files with 569 additions and 159 deletions.
diff --git a/...gement/components/artifact_entry_card/hooks/use_endpoint_policies_to_artifact_policies.ts b/...gement/components/artifact_entry_card/hooks/use_endpoint_policies_to_artifact_policies.ts
@@ -0,0 +1,38 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { useMemo } from 'react';
+import { MenuItemPropsByPolicyId } from '..';
+import { PolicyData } from '../../../../../common/endpoint/types';
+import { useAppUrl } from '../../../../common/lib/kibana';
+import { getPolicyDetailPath } from '../../../common/routing';
+
+/**
+ * Takes a list of EndpointPolicies (PolicyData) and turn them
+ * into MenuItemPropsByPolicyId required by the artifact card.
+ *
+ * The resulting menu will open the policies in a new tab
+ *
+ */
+export const useEndpointPoliciesToArtifactPolicies = (
+ policies: PolicyData[] = []
+): MenuItemPropsByPolicyId => {
+ const { getAppUrl } = useAppUrl();
+ return useMemo(() => {
+ const data = policies.reduce<MenuItemPropsByPolicyId>((policiesMap, policy) => {
+ const policyId = policy.id;
+ const policyDetailsPath = getPolicyDetailPath(policyId);
+ policiesMap[policyId] = {
+ href: getAppUrl({ path: policyDetailsPath }),
+ children: policy.name ?? policyId,
+ target: '_blank',
+ };
+ return policiesMap;
+ }, {});
+ return data;
+ }, [getAppUrl, policies]);
+};
diff --git a/...ck/plugins/security_solution/public/management/components/effected_policy_select/utils.ts b/...ck/plugins/security_solution/public/management/components/effected_policy_select/utils.ts
@@ -0,0 +1,75 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { PolicyData } from '../../../../common/endpoint/types';
+import { EffectedPolicySelection } from './effected_policy_select';
+
+export const GLOBAL_POLICY_TAG = 'policy:all';
+
+/**
+ * Given a list of artifact tags, returns the tags that are not policy tags
+ * policy tags follow the format: `policy:id`
+ */
+export function getArtifactTagsWithoutPolicies(tags?: string[]): string[] {
+ return tags?.filter((tag) => !tag.startsWith('policy:')) || [];
+}
+
+/**
+ * Return a list of artifact policy tags based on a current
+ * selection by the EffectedPolicySelection component.
+ */
+export function getArtifactTagsByEffectedPolicySelection(
+ selection: EffectedPolicySelection,
+ otherTags: string[] = []
+): string[] {
+ if (selection.isGlobal) {
+ return [GLOBAL_POLICY_TAG, ...otherTags];
+ }
+ const newTags = selection.selected.map((policy) => {
+ return `policy:${policy.id}`;
+ });
+
+ return newTags.concat(otherTags);
+}
+
+/**
+ * Given a list of an Exception item tags it will return
+ * the parsed policies from it.
+ *
+ * Policy tags follow the pattern `policy:id`
+ * non policy tags will be ignored.
+ */
+export function getEffectedPolicySelectionByTags(
+ tags: string[],
+ policies: PolicyData[]
+): EffectedPolicySelection {
+ if (tags.length === 0 || tags.find((tag) => tag === GLOBAL_POLICY_TAG)) {
+ return {
+ isGlobal: true,
+ selected: [],
+ };
+ }
+ const selected: PolicyData[] = tags.reduce((acc, tag) => {
+ // edge case: a left over tag with a non-existed policy
+ // will be removed by veryfing the policy exists
+ const id = tag.split(':')[1];
+ const foundPolicy = policies.find((policy) => policy.id === id);
+ if (foundPolicy !== undefined) {
+ acc.push(foundPolicy);
+ }
+ return acc;
+ }, [] as PolicyData[]);
+
+ return {
+ isGlobal: false,
+ selected,
+ };
+}
+
+export function isGlobalPolicyEffected(tags?: string[]): boolean {
+ return tags !== undefined && tags.find((tag) => tag === GLOBAL_POLICY_TAG) !== undefined;
+}
diff --git a/x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/store/middleware.ts b/x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/store/middleware.ts
@@ -5,11 +5,20 @@
  * 2.0.
  */
 
+import type { DataViewBase, Query } from '@kbn/es-query';
+import { CoreStart, HttpStart } from 'kibana/public';
 import { Dispatch } from 'redux';
 import semverGte from 'semver/functions/gte';
-
-import { CoreStart, HttpStart } from 'kibana/public';
-import type { DataViewBase, Query } from '@kbn/es-query';
+import { AGENT_POLICY_SAVED_OBJECT_TYPE } from '../../../../../../fleet/common';
+import { METADATA_TRANSFORM_STATS_URL } from '../../../../../common/constants';
+import {
+ BASE_POLICY_RESPONSE_ROUTE,
+ ENDPOINT_ACTION_LOG_ROUTE,
+ HOST_METADATA_GET_ROUTE,
+ HOST_METADATA_LIST_ROUTE,
+ metadataCurrentIndexPattern,
+ METADATA_UNITED_INDEX,
+} from '../../../../../common/endpoint/constants';
 import {
  ActivityLog,
  GetHostPolicyResponse,
@@ -21,67 +30,57 @@ import {
  ImmutableObject,
  MetadataListResponse,
 } from '../../../../../common/endpoint/types';
-import { GetPolicyListResponse } from '../../policy/types';
+import { isolateHost, unIsolateHost } from '../../../../common/lib/endpoint_isolation';
+import { fetchPendingActionsByAgentId } from '../../../../common/lib/endpoint_pending_actions';
 import { ImmutableMiddlewareAPI, ImmutableMiddlewareFactory } from '../../../../common/store';
+import { AppAction } from '../../../../common/store/actions';
+import { resolvePathVariables } from '../../../../common/utils/resolve_path_variables';
+import { sendGetEndpointSpecificPackagePolicies } from '../../../services/policies/policies';
 import {
- isOnEndpointPage,
- hasSelectedEndpoint,
- selectedAgent,
- uiQueryParams,
- listData,
+ asStaleResourceState,
+ createFailedResourceState,
+ createLoadedResourceState,
+ createLoadingResourceState,
+} from '../../../state';
+import {
+ sendGetAgentPolicyList,
+ sendGetEndpointSecurityPackage,
+ sendGetFleetAgentsWithEndpoint,
+} from '../../policy/store/services/ingest';
+import { GetPolicyListResponse } from '../../policy/types';
+import {
+ AgentIdsPendingActions,
+ EndpointState,
+ PolicyIds,
+ TransformStats,
+ TransformStatsResponse,
+} from '../types';
+import { getIsInvalidDateRange } from '../utils';
+import { EndpointPackageInfoStateChanged } from './action';
+import {
+ detailsData,
  endpointPackageInfo,
- nonExistingPolicies,
- patterns,
- searchBarQuery,
- getIsIsolationRequestPending,
- getCurrentIsolationRequestState,
+ endpointPackageVersion,
  getActivityLogData,
  getActivityLogDataPaging,
- getLastLoadedActivityLogData,
  getActivityLogError,
- detailsData,
+ getActivityLogIsUninitializedOrHasSubsequentAPIError,
+ getCurrentIsolationRequestState,
  getIsEndpointPackageInfoUninitialized,
+ getIsIsolationRequestPending,
  getIsOnEndpointDetailsActivityLog,
+ getLastLoadedActivityLogData,
  getMetadataTransformStats,
+ hasSelectedEndpoint,
  isMetadataTransformStatsLoading,
- getActivityLogIsUninitializedOrHasSubsequentAPIError,
- endpointPackageVersion,
+ isOnEndpointPage,
+ listData,
+ nonExistingPolicies,
+ patterns,
+ searchBarQuery,
+ selectedAgent,
+ uiQueryParams,
 } from './selectors';
-import {
- AgentIdsPendingActions,
- EndpointState,
- PolicyIds,
- TransformStats,
- TransformStatsResponse,
-} from '../types';
-import {
- sendGetEndpointSecurityPackage,
- sendGetAgentPolicyList,
- sendGetFleetAgentsWithEndpoint,
-} from '../../policy/store/services/ingest';
-import { AGENT_POLICY_SAVED_OBJECT_TYPE } from '../../../../../../fleet/common';
-import {
- ENDPOINT_ACTION_LOG_ROUTE,
- HOST_METADATA_GET_ROUTE,
- HOST_METADATA_LIST_ROUTE,
- BASE_POLICY_RESPONSE_ROUTE,
- metadataCurrentIndexPattern,
- METADATA_UNITED_INDEX,
-} from '../../../../../common/endpoint/constants';
-import {
- asStaleResourceState,
- createFailedResourceState,
- createLoadedResourceState,
- createLoadingResourceState,
-} from '../../../state';
-import { isolateHost, unIsolateHost } from '../../../../common/lib/endpoint_isolation';
-import { AppAction } from '../../../../common/store/actions';
-import { resolvePathVariables } from '../../../../common/utils/resolve_path_variables';
-import { EndpointPackageInfoStateChanged } from './action';
-import { fetchPendingActionsByAgentId } from '../../../../common/lib/endpoint_pending_actions';
-import { getIsInvalidDateRange } from '../utils';
-import { METADATA_TRANSFORM_STATS_URL } from '../../../../../common/constants';
-import { sendGetEndpointSpecificPackagePolicies } from '../../../services/policies';
 
 type EndpointPageStore = ImmutableMiddlewareAPI<EndpointState, AppAction>;