From 247edf8226b38f1139072b95da8d1287904c2cd2 Mon Sep 17 00:00:00 2001 From: Esteban Beltran Date: Thu, 3 Jun 2021 17:42:28 +0200 Subject: [PATCH 01/20] Initial implementation of the memory protection configuration card for policies integration. --- .../common/endpoint/models/policy_config.ts | 7 +++ .../common/endpoint/types/index.ts | 7 ++- .../policy/store/policy_details/selectors.ts | 1 + .../public/management/pages/policy/types.ts | 8 ++- .../pages/policy/view/policy_details_form.tsx | 3 + .../view/policy_forms/protections/memory.tsx | 62 +++++++++++++++++++ 6 files changed, 86 insertions(+), 2 deletions(-) create mode 100644 x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/protections/memory.tsx diff --git a/x-pack/plugins/security_solution/common/endpoint/models/policy_config.ts b/x-pack/plugins/security_solution/common/endpoint/models/policy_config.ts index 63784b8b8b4403..159aa15a991c8c 100644 --- a/x-pack/plugins/security_solution/common/endpoint/models/policy_config.ts +++ b/x-pack/plugins/security_solution/common/endpoint/models/policy_config.ts @@ -29,6 +29,9 @@ export const policyFactory = (): PolicyConfig => { mode: ProtectionModes.prevent, supported: true, }, + memory: { + mode: ProtectionModes.prevent, + }, popup: { malware: { message: '', @@ -38,6 +41,10 @@ export const policyFactory = (): PolicyConfig => { message: '', enabled: true, }, + memory: { + message: '', + enabled: true, + }, }, logging: { file: 'info', diff --git a/x-pack/plugins/security_solution/common/endpoint/types/index.ts b/x-pack/plugins/security_solution/common/endpoint/types/index.ts index c084dd8ca76680..5dc5e047eb32a1 100644 --- a/x-pack/plugins/security_solution/common/endpoint/types/index.ts +++ b/x-pack/plugins/security_solution/common/endpoint/types/index.ts @@ -835,6 +835,7 @@ export interface PolicyConfig { security: boolean; }; malware: ProtectionFields; + memory: ProtectionFields; ransomware: ProtectionFields & SupportedFields; logging: { file: string; @@ -848,6 +849,10 @@ export interface PolicyConfig { message: string; enabled: boolean; }; + memory: { + message: string; + enabled: boolean; + }; }; antivirus_registration: { enabled: boolean; @@ -900,7 +905,7 @@ export interface UIPolicyConfig { */ windows: Pick< PolicyConfig['windows'], - 'events' | 'malware' | 'ransomware' | 'popup' | 'antivirus_registration' | 'advanced' + 'events' | 'malware' | 'ransomware' | 'popup' | 'antivirus_registration' | 'advanced' | 'memory' >; /** * Mac-specific policy configuration that is supported via the UI diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_details/selectors.ts b/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_details/selectors.ts index a65d5faea7f2cc..e9a88581c9929b 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_details/selectors.ts +++ b/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_details/selectors.ts @@ -185,6 +185,7 @@ export const policyConfig: (s: PolicyDetailsState) => UIPolicyConfig = createSel events: windows.events, malware: windows.malware, ransomware: windows.ransomware, + memory: windows.memory, popup: windows.popup, antivirus_registration: windows.antivirus_registration, }, diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/types.ts b/x-pack/plugins/security_solution/public/management/pages/policy/types.ts index 269e70b3c24745..deae38719111d2 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/types.ts +++ b/x-pack/plugins/security_solution/public/management/pages/policy/types.ts @@ -114,6 +114,12 @@ export type MalwareProtectionOSes = KeysByValueCriteria< { malware: ProtectionFields } >; +/** Returns an array of the policy OSes that have a memory protection field */ +export type MemoryProtectionOSes = KeysByValueCriteria< + UIPolicyConfig, + { memory: ProtectionFields } +>; + /** Returns an array of the policy OSes that have a ransomware protection field */ export type RansomwareProtectionOSes = KeysByValueCriteria< UIPolicyConfig, @@ -121,7 +127,7 @@ export type RansomwareProtectionOSes = KeysByValueCriteria< >; export type PolicyProtection = - | keyof Pick + | keyof Pick | keyof Pick | keyof Pick; diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_details_form.tsx b/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_details_form.tsx index 528f3afc1e64ae..54fc111a48dd07 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_details_form.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_details_form.tsx @@ -9,6 +9,7 @@ import { EuiButtonEmpty, EuiSpacer, EuiText } from '@elastic/eui'; import React, { memo, useCallback, useState } from 'react'; import { FormattedMessage } from '@kbn/i18n/react'; import { MalwareProtections } from './policy_forms/protections/malware'; +import { MemoryProtection } from './policy_forms/protections/memory'; import { LinuxEvents, MacEvents, WindowsEvents } from './policy_forms/events'; import { AdvancedPolicyForms } from './policy_advanced'; import { AntivirusRegistrationForm } from './components/antivirus_registration_form'; @@ -37,6 +38,8 @@ export const PolicyDetailsForm = memo(() => { + {isPlatinumPlus ? : } + {isPlatinumPlus ? : } diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/protections/memory.tsx b/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/protections/memory.tsx new file mode 100644 index 00000000000000..6a61fdaafe0099 --- /dev/null +++ b/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/protections/memory.tsx @@ -0,0 +1,62 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React from 'react'; +import { i18n } from '@kbn/i18n'; +import { FormattedMessage } from '@kbn/i18n/react'; +import { EuiCallOut, EuiSpacer } from '@elastic/eui'; +import { APP_ID } from '../../../../../../../common/constants'; +import { SecurityPageName } from '../../../../../../app/types'; +import { Immutable, OperatingSystem } from '../../../../../../../common/endpoint/types'; +import { MemoryProtectionOSes, OS } from '../../../types'; +import { ConfigForm } from '../../components/config_form'; +import { LinkToApp } from '../../../../../../common/components/endpoint/link_to_app'; +import { useLicense } from '../../../../../../common/hooks/use_license'; +import { RadioButtons } from '../components/radio_buttons'; +import { UserNotification } from '../components/user_notification'; +import { ProtectionSwitch } from '../components/protection_switch'; + +/** The Memory Protections form for policy details + * which will configure for all relevant OSes. + */ +export const MemoryProtection = React.memo(() => { + const OSes: Immutable = [OS.windows]; + const protection = 'memory'; + const isPlatinumPlus = useLicense().isPlatinumPlus(); + return ( + } + > + + {isPlatinumPlus && } + + + + + + ), + }} + /> + + + ); +}); + +MemoryProtection.displayName = 'MemoryProtection'; From 8d109bfc86649b8464f5519d3d4e96738e7e2995 Mon Sep 17 00:00:00 2001 From: Esteban Beltran Date: Fri, 4 Jun 2021 11:06:11 +0200 Subject: [PATCH 02/20] Fix and add tests for memory integration policy details card --- .../policy/store/policy_details/index.test.ts | 5 ++++ .../pages/policy/view/policy_details.test.tsx | 29 ++++++++++++++++++- 2 files changed, 33 insertions(+), 1 deletion(-) diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_details/index.test.ts b/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_details/index.test.ts index 94208390b660b5..3b69bb4e1b6958 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_details/index.test.ts +++ b/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_details/index.test.ts @@ -284,6 +284,7 @@ describe('policy details: ', () => { security: true, }, malware: { mode: 'prevent' }, + memory: { mode: 'prevent' }, ransomware: { mode: 'off', supported: false }, popup: { malware: { @@ -294,6 +295,10 @@ describe('policy details: ', () => { enabled: false, message: '', }, + memory: { + enabled: true, + message: '', + }, }, logging: { file: 'info' }, antivirus_registration: { diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_details.test.tsx b/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_details.test.tsx index 1407e5f64f156a..1ae26eed2ed5a2 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_details.test.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_details.test.tsx @@ -308,6 +308,20 @@ describe('Policy Details', () => { expect(tooltip).toHaveLength(1); }); + it('memory popup, message customization options and tooltip are shown', () => { + // use query for finding stuff, if it doesn't find it, just returns null + const userNotificationCheckbox = policyView.find( + 'EuiCheckbox[data-test-subj="memoryUserNotificationCheckbox"]' + ); + const userNotificationCustomMessageTextArea = policyView.find( + 'EuiTextArea[data-test-subj="memoryUserNotificationCustomMessage"]' + ); + const tooltip = policyView.find('EuiIconTip[data-test-subj="memoryTooltip"]'); + expect(userNotificationCheckbox).toHaveLength(1); + expect(userNotificationCustomMessageTextArea).toHaveLength(1); + expect(tooltip).toHaveLength(1); + }); + it('ransomware card is shown', () => { const ransomware = policyView.find('EuiPanel[data-test-subj="ransomwareProtectionsForm"]'); expect(ransomware).toHaveLength(1); @@ -332,6 +346,19 @@ describe('Policy Details', () => { expect(tooltip).toHaveLength(0); }); + it('memory popup, message customization options, and tooltip are hidden', () => { + const userNotificationCheckbox = policyView.find( + 'EuiCheckbox[data-test-subj="memoryUserNotificationCheckbox"]' + ); + const userNotificationCustomMessageTextArea = policyView.find( + 'EuiTextArea[data-test-subj="memoryUserNotificationCustomMessage"]' + ); + const tooltip = policyView.find('EuiIconTip[data-test-subj="memoryTooltip"]'); + expect(userNotificationCheckbox).toHaveLength(0); + expect(userNotificationCustomMessageTextArea).toHaveLength(0); + expect(tooltip).toHaveLength(0); + }); + it('ransomware card is hidden', () => { const ransomware = policyView.find('EuiPanel[data-test-subj="ransomwareProtectionsForm"]'); expect(ransomware).toHaveLength(0); @@ -339,7 +366,7 @@ describe('Policy Details', () => { it('shows the locked card in place of 1 paid feature', () => { const lockedCard = policyView.find('EuiCard[data-test-subj="lockedPolicyCard"]'); - expect(lockedCard).toHaveLength(1); + expect(lockedCard).toHaveLength(2); }); }); }); From 3f2e07758c9292443991ee0639c39fcad0640c78 Mon Sep 17 00:00:00 2001 From: Esteban Beltran Date: Fri, 4 Jun 2021 16:23:48 +0200 Subject: [PATCH 03/20] Change the default notification message for memory protection --- .../common/endpoint/models/policy_config.ts | 2 +- .../common/license/policy_config.test.ts | 10 +++++++--- .../common/license/policy_config.ts | 8 +++++--- .../pages/policy/store/policy_details/middleware.ts | 13 ++++++++----- 4 files changed, 21 insertions(+), 12 deletions(-) diff --git a/x-pack/plugins/security_solution/common/endpoint/models/policy_config.ts b/x-pack/plugins/security_solution/common/endpoint/models/policy_config.ts index 159aa15a991c8c..8568ae5e059fd9 100644 --- a/x-pack/plugins/security_solution/common/endpoint/models/policy_config.ts +++ b/x-pack/plugins/security_solution/common/endpoint/models/policy_config.ts @@ -164,4 +164,4 @@ export const policyFactoryWithSupportedFeatures = ( /** * Reflects what string the Endpoint will use when message field is default/empty */ -export const DefaultMalwareMessage = 'Elastic Security {action} {filename}'; +export const DefaultPolicyNotificationMessage = 'Elastic Security {action} {filename}'; diff --git a/x-pack/plugins/security_solution/common/license/policy_config.test.ts b/x-pack/plugins/security_solution/common/license/policy_config.test.ts index 219538184765a4..c521a384b2f6c3 100644 --- a/x-pack/plugins/security_solution/common/license/policy_config.test.ts +++ b/x-pack/plugins/security_solution/common/license/policy_config.test.ts @@ -10,7 +10,7 @@ import { unsetPolicyFeaturesAccordingToLicenseLevel, } from './policy_config'; import { - DefaultMalwareMessage, + DefaultPolicyNotificationMessage, policyFactory, policyFactoryWithSupportedFeatures, policyFactoryWithoutPaidFeatures, @@ -177,7 +177,9 @@ describe('policy_config and licenses', () => { expect(retPolicy.windows.popup.malware.message).not.toEqual(popupMessage); // need to invert the test, since it could be either value - expect(['', DefaultMalwareMessage]).toContain(retPolicy.windows.popup.malware.message); + expect(['', DefaultPolicyNotificationMessage]).toContain( + retPolicy.windows.popup.malware.message + ); }); it('resets Platinum-paid ransomware fields for lower license tiers', () => { @@ -195,7 +197,9 @@ describe('policy_config and licenses', () => { expect(retPolicy.windows.popup.ransomware.message).not.toEqual(popupMessage); // need to invert the test, since it could be either value - expect(['', DefaultMalwareMessage]).toContain(retPolicy.windows.popup.ransomware.message); + expect(['', DefaultPolicyNotificationMessage]).toContain( + retPolicy.windows.popup.ransomware.message + ); }); it('sets ransomware supported field to false when license is below Platinum', () => { diff --git a/x-pack/plugins/security_solution/common/license/policy_config.ts b/x-pack/plugins/security_solution/common/license/policy_config.ts index 171f2d9d0287df..35a6202f5e6fba 100644 --- a/x-pack/plugins/security_solution/common/license/policy_config.ts +++ b/x-pack/plugins/security_solution/common/license/policy_config.ts @@ -9,7 +9,7 @@ import { ILicense } from '../../../licensing/common/types'; import { isAtLeast } from './license'; import { PolicyConfig } from '../endpoint/types'; import { - DefaultMalwareMessage, + DefaultPolicyNotificationMessage, policyFactoryWithoutPaidFeatures, policyFactoryWithSupportedFeatures, } from '../endpoint/models/policy_config'; @@ -46,7 +46,9 @@ export const isEndpointPolicyValidForLicense = ( // Only Platinum or higher may change the malware message (which can be blank or what Endpoint defaults) if ( [policy.windows, policy.mac].some( - (p) => p.popup.malware.message !== '' && p.popup.malware.message !== DefaultMalwareMessage + (p) => + p.popup.malware.message !== '' && + p.popup.malware.message !== DefaultPolicyNotificationMessage ) ) { return false; @@ -65,7 +67,7 @@ export const isEndpointPolicyValidForLicense = ( // Only Platinum or higher may change the ransomware message (which can be blank or what Endpoint defaults) if ( policy.windows.popup.ransomware.message !== '' && - policy.windows.popup.ransomware.message !== DefaultMalwareMessage + policy.windows.popup.ransomware.message !== DefaultPolicyNotificationMessage ) { return false; } diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_details/middleware.ts b/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_details/middleware.ts index 793d083400aa2f..174b34fd6dd3a8 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_details/middleware.ts +++ b/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_details/middleware.ts @@ -6,7 +6,7 @@ */ import { IHttpFetchError } from 'kibana/public'; -import { DefaultMalwareMessage } from '../../../../../../common/endpoint/models/policy_config'; +import { DefaultPolicyNotificationMessage } from '../../../../../../common/endpoint/models/policy_config'; import { PolicyDetailsState, UpdatePolicyResponse } from '../../types'; import { policyIdFromParams, @@ -39,12 +39,15 @@ export const policyDetailsMiddlewareFactory: ImmutableMiddlewareFactory Date: Fri, 4 Jun 2021 17:53:42 +0200 Subject: [PATCH 04/20] Updated locked card messages for locked protections --- .../pages/policy/view/policy_details_form.tsx | 18 ++++++++++++++++-- .../policy/view/policy_forms/locked_card.tsx | 11 ++++------- .../translations/translations/ja-JP.json | 1 - .../translations/translations/zh-CN.json | 1 - 4 files changed, 20 insertions(+), 11 deletions(-) diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_details_form.tsx b/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_details_form.tsx index 54fc111a48dd07..9be5a6dd3716b2 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_details_form.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_details_form.tsx @@ -17,6 +17,16 @@ import { Ransomware } from './policy_forms/protections/ransomware'; import { LockedPolicyCard } from './policy_forms/locked_card'; import { useLicense } from '../../../../common/hooks/use_license'; +const LOCKED_CARD_RAMSOMWARE_TITLE = { + id: 'xpack.securitySolution.endpoint.policy.details.ransomware', + defaultMessage: 'Ransomware', +}; + +const LOCKED_CARD_MEMORY_TITLE = { + id: 'xpack.securitySolution.endpoint.policy.details.memory', + defaultMessage: 'Memory', +}; + export const PolicyDetailsForm = memo(() => { const [showAdvancedPolicy, setShowAdvancedPolicy] = useState(false); const handleAdvancedPolicyClick = useCallback(() => { @@ -38,9 +48,13 @@ export const PolicyDetailsForm = memo(() => { - {isPlatinumPlus ? : } + {isPlatinumPlus ? ( + + ) : ( + + )} - {isPlatinumPlus ? : } + {isPlatinumPlus ? : } diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/locked_card.tsx b/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/locked_card.tsx index e9e9195b819d34..2117ec70404ea8 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/locked_card.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/locked_card.tsx @@ -30,7 +30,7 @@ const LockedPolicyDiv = styled.div` } `; -export const LockedPolicyCard = memo(() => { +export const LockedPolicyCard = memo(({ title }: { title: FormattedMessage.MessageDescriptor }) => { return ( { title={

- +

} @@ -67,8 +64,8 @@ export const LockedPolicyCard = memo(() => {

Date: Mon, 7 Jun 2021 10:31:12 +0200 Subject: [PATCH 05/20] Cover gold and basic licence cases --- .../common/endpoint/models/policy_config.ts | 13 +++++++++++++ .../common/endpoint/types/index.ts | 2 +- .../policy/view/policy_forms/protections/memory.tsx | 4 +--- 3 files changed, 15 insertions(+), 4 deletions(-) diff --git a/x-pack/plugins/security_solution/common/endpoint/models/policy_config.ts b/x-pack/plugins/security_solution/common/endpoint/models/policy_config.ts index 8568ae5e059fd9..49dda5897589fe 100644 --- a/x-pack/plugins/security_solution/common/endpoint/models/policy_config.ts +++ b/x-pack/plugins/security_solution/common/endpoint/models/policy_config.ts @@ -31,6 +31,7 @@ export const policyFactory = (): PolicyConfig => { }, memory: { mode: ProtectionModes.prevent, + supported: true, }, popup: { malware: { @@ -108,6 +109,10 @@ export const policyFactoryWithoutPaidFeatures = ( mode: ProtectionModes.off, supported: false, }, + memory: { + mode: ProtectionModes.off, + supported: false, + }, popup: { ...policy.windows.popup, malware: { @@ -118,6 +123,10 @@ export const policyFactoryWithoutPaidFeatures = ( message: '', enabled: false, }, + memory: { + message: '', + enabled: false, + }, }, }, mac: { @@ -157,6 +166,10 @@ export const policyFactoryWithSupportedFeatures = ( ...policy.windows.ransomware, supported: true, }, + memory: { + ...policy.windows.memory, + supported: true, + }, }, }; }; diff --git a/x-pack/plugins/security_solution/common/endpoint/types/index.ts b/x-pack/plugins/security_solution/common/endpoint/types/index.ts index 5dc5e047eb32a1..5f2121d403e774 100644 --- a/x-pack/plugins/security_solution/common/endpoint/types/index.ts +++ b/x-pack/plugins/security_solution/common/endpoint/types/index.ts @@ -835,7 +835,7 @@ export interface PolicyConfig { security: boolean; }; malware: ProtectionFields; - memory: ProtectionFields; + memory: ProtectionFields & SupportedFields; ransomware: ProtectionFields & SupportedFields; logging: { file: string; diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/protections/memory.tsx b/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/protections/memory.tsx index 6a61fdaafe0099..6784ba21fc27be 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/protections/memory.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/protections/memory.tsx @@ -15,7 +15,6 @@ import { Immutable, OperatingSystem } from '../../../../../../../common/endpoint import { MemoryProtectionOSes, OS } from '../../../types'; import { ConfigForm } from '../../components/config_form'; import { LinkToApp } from '../../../../../../common/components/endpoint/link_to_app'; -import { useLicense } from '../../../../../../common/hooks/use_license'; import { RadioButtons } from '../components/radio_buttons'; import { UserNotification } from '../components/user_notification'; import { ProtectionSwitch } from '../components/protection_switch'; @@ -26,7 +25,6 @@ import { ProtectionSwitch } from '../components/protection_switch'; export const MemoryProtection = React.memo(() => { const OSes: Immutable = [OS.windows]; const protection = 'memory'; - const isPlatinumPlus = useLicense().isPlatinumPlus(); return ( { rightCorner={} > - {isPlatinumPlus && } + Date: Mon, 7 Jun 2021 10:31:37 +0200 Subject: [PATCH 06/20] Update tests to support the new types --- .../apps/endpoint/policy_details.ts | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/x-pack/test/security_solution_endpoint/apps/endpoint/policy_details.ts b/x-pack/test/security_solution_endpoint/apps/endpoint/policy_details.ts index 44348d1ad0d9c4..a521cf97e4298a 100644 --- a/x-pack/test/security_solution_endpoint/apps/endpoint/policy_details.ts +++ b/x-pack/test/security_solution_endpoint/apps/endpoint/policy_details.ts @@ -328,12 +328,17 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { }, logging: { file: 'info' }, malware: { mode: 'prevent' }, + memory: { mode: 'prevent', supported: true }, ransomware: { mode: 'prevent', supported: true }, popup: { malware: { enabled: true, message: 'Elastic Security {action} {filename}', }, + memory: { + enabled: true, + message: 'Elastic Security {action} {filename}', + }, ransomware: { enabled: true, message: 'Elastic Security {action} {filename}', @@ -532,12 +537,17 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { }, logging: { file: 'info' }, malware: { mode: 'prevent' }, + memory: { mode: 'prevent', supported: true }, ransomware: { mode: 'prevent', supported: true }, popup: { malware: { enabled: true, message: 'Elastic Security {action} {filename}', }, + memory: { + enabled: true, + message: 'Elastic Security {action} {filename}', + }, ransomware: { enabled: true, message: 'Elastic Security {action} {filename}', @@ -733,12 +743,17 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { }, logging: { file: 'info' }, malware: { mode: 'prevent' }, + memory: { mode: 'prevent', supported: true }, ransomware: { mode: 'prevent', supported: true }, popup: { malware: { enabled: true, message: 'Elastic Security {action} {filename}', }, + memory: { + enabled: true, + message: 'Elastic Security {action} {filename}', + }, ransomware: { enabled: true, message: 'Elastic Security {action} {filename}', From 61b1f05d12a90ddf1aba9aaf4f4b355aa57de580 Mon Sep 17 00:00:00 2001 From: Esteban Beltran Date: Mon, 7 Jun 2021 10:59:58 +0200 Subject: [PATCH 07/20] Fix translations validator problems --- .../pages/policy/view/policy_details_form.tsx | 20 +++++++++++-------- .../policy/view/policy_forms/locked_card.tsx | 6 ++---- 2 files changed, 14 insertions(+), 12 deletions(-) diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_details_form.tsx b/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_details_form.tsx index 9be5a6dd3716b2..b07f1f1a8b8012 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_details_form.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_details_form.tsx @@ -17,15 +17,19 @@ import { Ransomware } from './policy_forms/protections/ransomware'; import { LockedPolicyCard } from './policy_forms/locked_card'; import { useLicense } from '../../../../common/hooks/use_license'; -const LOCKED_CARD_RAMSOMWARE_TITLE = { - id: 'xpack.securitySolution.endpoint.policy.details.ransomware', - defaultMessage: 'Ransomware', -}; +const LOCKED_CARD_RAMSOMWARE_TITLE = ( + +); -const LOCKED_CARD_MEMORY_TITLE = { - id: 'xpack.securitySolution.endpoint.policy.details.memory', - defaultMessage: 'Memory', -}; +const LOCKED_CARD_MEMORY_TITLE = ( + +); export const PolicyDetailsForm = memo(() => { const [showAdvancedPolicy, setShowAdvancedPolicy] = useState(false); diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/locked_card.tsx b/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/locked_card.tsx index 2117ec70404ea8..169569c630b327 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/locked_card.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/locked_card.tsx @@ -30,7 +30,7 @@ const LockedPolicyDiv = styled.div` } `; -export const LockedPolicyCard = memo(({ title }: { title: FormattedMessage.MessageDescriptor }) => { +export const LockedPolicyCard = memo(({ title }: { title: FormattedMessage }) => { return ( } title={

- - - + {title}

} description={false} From 722113928290102873f10b5158fcc523407050c7 Mon Sep 17 00:00:00 2001 From: Esteban Beltran Date: Mon, 7 Jun 2021 13:38:44 +0200 Subject: [PATCH 08/20] Update unit tests to represent rendered data --- .../pages/policy/view/policy_details.test.tsx | 22 ++++++------------- 1 file changed, 7 insertions(+), 15 deletions(-) diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_details.test.tsx b/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_details.test.tsx index 1ae26eed2ed5a2..be1c321c38f473 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_details.test.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_details.test.tsx @@ -308,18 +308,14 @@ describe('Policy Details', () => { expect(tooltip).toHaveLength(1); }); - it('memory popup, message customization options and tooltip are shown', () => { - // use query for finding stuff, if it doesn't find it, just returns null + it('memory card and user notification checkbox are shown', () => { + const memory = policyView.find('EuiPanel[data-test-subj="memoryProtectionsForm"]'); const userNotificationCheckbox = policyView.find( 'EuiCheckbox[data-test-subj="memoryUserNotificationCheckbox"]' ); - const userNotificationCustomMessageTextArea = policyView.find( - 'EuiTextArea[data-test-subj="memoryUserNotificationCustomMessage"]' - ); - const tooltip = policyView.find('EuiIconTip[data-test-subj="memoryTooltip"]'); + + expect(memory).toHaveLength(1); expect(userNotificationCheckbox).toHaveLength(1); - expect(userNotificationCustomMessageTextArea).toHaveLength(1); - expect(tooltip).toHaveLength(1); }); it('ransomware card is shown', () => { @@ -346,17 +342,13 @@ describe('Policy Details', () => { expect(tooltip).toHaveLength(0); }); - it('memory popup, message customization options, and tooltip are hidden', () => { + it('memory card, and user notification checkbox are hidden', () => { + const memory = policyView.find('EuiPanel[data-test-subj="memoryProtectionsForm"]'); + expect(memory).toHaveLength(0); const userNotificationCheckbox = policyView.find( 'EuiCheckbox[data-test-subj="memoryUserNotificationCheckbox"]' ); - const userNotificationCustomMessageTextArea = policyView.find( - 'EuiTextArea[data-test-subj="memoryUserNotificationCustomMessage"]' - ); - const tooltip = policyView.find('EuiIconTip[data-test-subj="memoryTooltip"]'); expect(userNotificationCheckbox).toHaveLength(0); - expect(userNotificationCustomMessageTextArea).toHaveLength(0); - expect(tooltip).toHaveLength(0); }); it('ransomware card is hidden', () => { From 2e769a0f5f79c6996ada6db76ca5bf614794175c Mon Sep 17 00:00:00 2001 From: Esteban Beltran Date: Mon, 7 Jun 2021 14:03:08 +0200 Subject: [PATCH 09/20] Fix types --- .../management/pages/policy/view/policy_forms/locked_card.tsx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/locked_card.tsx b/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/locked_card.tsx index 169569c630b327..a207d8058378e6 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/locked_card.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/locked_card.tsx @@ -30,7 +30,7 @@ const LockedPolicyDiv = styled.div` } `; -export const LockedPolicyCard = memo(({ title }: { title: FormattedMessage }) => { +export const LockedPolicyCard = memo(({ title }: { title: React.ReactNode }) => { return ( Date: Mon, 7 Jun 2021 14:41:12 +0200 Subject: [PATCH 10/20] Add minimium agent requirement for memory protection --- .../management/pages/policy/view/policy_details_form.tsx | 4 ++-- .../policy_forms/protections/popup_options_to_versions.ts | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_details_form.tsx b/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_details_form.tsx index b07f1f1a8b8012..66480d424de10b 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_details_form.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_details_form.tsx @@ -52,13 +52,13 @@ export const PolicyDetailsForm = memo(() => { + {isPlatinumPlus ? : } + {isPlatinumPlus ? ( ) : ( )} - - {isPlatinumPlus ? : } diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/protections/popup_options_to_versions.ts b/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/protections/popup_options_to_versions.ts index e13601c5a2bf22..90732dd181e549 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/protections/popup_options_to_versions.ts +++ b/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/protections/popup_options_to_versions.ts @@ -8,6 +8,7 @@ const popupVersions: Array<[string, string]> = [ ['malware', '7.11+'], ['ransomware', '7.12+'], + ['memory', '7.15+'], ]; export const popupVersionsMap: ReadonlyMap = new Map(popupVersions); From 08c4d2ec9ca725b6add5e30cc899786c800604c4 Mon Sep 17 00:00:00 2001 From: Esteban Beltran Date: Wed, 9 Jun 2021 09:24:25 +0200 Subject: [PATCH 11/20] Fix broken unit test for non-platinum license --- .../pages/policy/store/policy_details/index.test.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_details/index.test.ts b/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_details/index.test.ts index 3b69bb4e1b6958..9bd5a649514e79 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_details/index.test.ts +++ b/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_details/index.test.ts @@ -284,7 +284,7 @@ describe('policy details: ', () => { security: true, }, malware: { mode: 'prevent' }, - memory: { mode: 'prevent' }, + memory: { mode: 'off', supported: false }, ransomware: { mode: 'off', supported: false }, popup: { malware: { @@ -296,7 +296,7 @@ describe('policy details: ', () => { message: '', }, memory: { - enabled: true, + enabled: false, message: '', }, }, From 9dfab66ec64c6097334e6127c61003b31b28c554 Mon Sep 17 00:00:00 2001 From: Esteban Beltran Date: Wed, 9 Jun 2021 16:02:05 +0200 Subject: [PATCH 12/20] Add data migration for memory protection in 7.15 --- .../security_solution/to_v7_15_0.test.ts | 174 ++++++++++++++++++ .../security_solution/to_v7_15_0.ts | 40 ++++ 2 files changed, 214 insertions(+) create mode 100644 x-pack/plugins/fleet/server/saved_objects/migrations/security_solution/to_v7_15_0.test.ts create mode 100644 x-pack/plugins/fleet/server/saved_objects/migrations/security_solution/to_v7_15_0.ts diff --git a/x-pack/plugins/fleet/server/saved_objects/migrations/security_solution/to_v7_15_0.test.ts b/x-pack/plugins/fleet/server/saved_objects/migrations/security_solution/to_v7_15_0.test.ts new file mode 100644 index 00000000000000..ba05f591f0dde0 --- /dev/null +++ b/x-pack/plugins/fleet/server/saved_objects/migrations/security_solution/to_v7_15_0.test.ts @@ -0,0 +1,174 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { SavedObjectMigrationContext, SavedObjectUnsanitizedDoc } from 'kibana/server'; + +import type { PackagePolicy } from '../../../../common'; + +import { migratePackagePolicyToV7150 as migration } from './to_v7_15_0'; + +describe('7.15.0 Endpoint Package Policy migration', () => { + const policyDoc = ({ + windowsMemory = {}, + windowsPopup = {}, + windowsMalware = {}, + windowsRansomware = {}, + }) => { + return { + id: 'mock-saved-object-id', + attributes: { + name: 'Some Policy Name', + package: { + name: 'endpoint', + title: '', + version: '', + }, + id: 'endpoint', + policy_id: '', + enabled: true, + namespace: '', + output_id: '', + revision: 0, + updated_at: '', + updated_by: '', + created_at: '', + created_by: '', + inputs: [ + { + type: 'endpoint', + enabled: true, + streams: [], + config: { + policy: { + value: { + windows: { + ...windowsMalware, + ...windowsRansomware, + ...windowsMemory, + ...windowsPopup, + }, + }, + }, + }, + }, + ], + }, + type: ' nested', + }; + }; + + it('adds windows memory protection alongside malware and ramsomware', () => { + const initialDoc = policyDoc({ + windowsMalware: { malware: { mode: 'off' } }, + windowsRansomware: { ransomware: { mode: 'off', supported: true } }, + windowsPopup: { + popup: { + malware: { + message: '', + enabled: true, + }, + ransomware: { + message: '', + enabled: true, + }, + }, + }, + }); + + const migratedDoc = policyDoc({ + windowsMalware: { malware: { mode: 'off' } }, + windowsRansomware: { ransomware: { mode: 'off', supported: true } }, + // new memory protection + windowsMemory: { memory: { mode: 'off', supported: true } }, + windowsPopup: { + popup: { + malware: { + message: '', + enabled: true, + }, + ransomware: { + message: '', + enabled: true, + }, + // new memory popup setup + memory: { + message: '', + enabled: false, + }, + }, + }, + }); + + expect(migration(initialDoc, {} as SavedObjectMigrationContext)).toEqual(migratedDoc); + }); + + it('does not modify non-endpoint package policies', () => { + const doc: SavedObjectUnsanitizedDoc = { + id: 'mock-saved-object-id', + attributes: { + name: 'Some Policy Name', + package: { + name: 'notEndpoint', + title: '', + version: '', + }, + id: 'notEndpoint', + policy_id: '', + enabled: true, + namespace: '', + output_id: '', + revision: 0, + updated_at: '', + updated_by: '', + created_at: '', + created_by: '', + inputs: [ + { + type: 'notEndpoint', + enabled: true, + streams: [], + config: {}, + }, + ], + }, + type: ' nested', + }; + + expect( + migration(doc, {} as SavedObjectMigrationContext) as SavedObjectUnsanitizedDoc + ).toEqual({ + attributes: { + name: 'Some Policy Name', + package: { + name: 'notEndpoint', + title: '', + version: '', + }, + id: 'notEndpoint', + policy_id: '', + enabled: true, + namespace: '', + output_id: '', + revision: 0, + updated_at: '', + updated_by: '', + created_at: '', + created_by: '', + inputs: [ + { + type: 'notEndpoint', + enabled: true, + streams: [], + config: {}, + }, + ], + }, + type: ' nested', + id: 'mock-saved-object-id', + }); + }); +}); diff --git a/x-pack/plugins/fleet/server/saved_objects/migrations/security_solution/to_v7_15_0.ts b/x-pack/plugins/fleet/server/saved_objects/migrations/security_solution/to_v7_15_0.ts new file mode 100644 index 00000000000000..46e728ffe5bf0a --- /dev/null +++ b/x-pack/plugins/fleet/server/saved_objects/migrations/security_solution/to_v7_15_0.ts @@ -0,0 +1,40 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { SavedObjectMigrationFn, SavedObjectUnsanitizedDoc } from 'kibana/server'; +import { cloneDeep } from 'lodash'; + +import type { PackagePolicy } from '../../../../common'; + +export const migratePackagePolicyToV7150: SavedObjectMigrationFn = ( + packagePolicyDoc +) => { + const updatedPackagePolicyDoc: SavedObjectUnsanitizedDoc = cloneDeep( + packagePolicyDoc + ); + if (packagePolicyDoc.attributes.package?.name === 'endpoint') { + const input = updatedPackagePolicyDoc.attributes.inputs[0]; + const memory = { + mode: 'off', + // This value is based on license. + // For the migration, we add 'true', our license watcher will correct it, if needed, when the app starts. + supported: true, + }; + const memoryPopup = { + message: '', + enabled: false, + }; + if (input && input.config) { + const policy = input.config.policy.value; + + policy.windows.memory = memory; + policy.windows.popup.memory = memoryPopup; + } + } + + return updatedPackagePolicyDoc; +}; From 31d5dd49a6dd2c07d0307fe2d253e9cdf7538d83 Mon Sep 17 00:00:00 2001 From: Esteban Beltran Date: Thu, 10 Jun 2021 09:43:43 +0200 Subject: [PATCH 13/20] Add data migration export to index.ts file --- .../server/saved_objects/migrations/security_solution/index.ts | 1 + 1 file changed, 1 insertion(+) diff --git a/x-pack/plugins/fleet/server/saved_objects/migrations/security_solution/index.ts b/x-pack/plugins/fleet/server/saved_objects/migrations/security_solution/index.ts index b4f09e541298a2..e7945077999831 100644 --- a/x-pack/plugins/fleet/server/saved_objects/migrations/security_solution/index.ts +++ b/x-pack/plugins/fleet/server/saved_objects/migrations/security_solution/index.ts @@ -9,3 +9,4 @@ export { migratePackagePolicyToV7110 } from './to_v7_11_0'; export { migratePackagePolicyToV7120 } from './to_v7_12_0'; export { migrateEndpointPackagePolicyToV7130 } from './to_v7_13_0'; export { migrateEndpointPackagePolicyToV7140 } from './to_v7_14_0'; +export { migratePackagePolicyToV7150 } from './to_v7_15_0'; From 7b1930cead59cd1214f21e4dc1be9e0e48cb546e Mon Sep 17 00:00:00 2001 From: Esteban Beltran Date: Thu, 10 Jun 2021 10:15:16 +0200 Subject: [PATCH 14/20] Add v7.15 migration to the saved_objects def file --- .../fleet/server/saved_objects/index.ts | 2 ++ .../saved_objects/migrations/to_v7_15_0.ts | 26 +++++++++++++++++++ 2 files changed, 28 insertions(+) create mode 100644 x-pack/plugins/fleet/server/saved_objects/migrations/to_v7_15_0.ts diff --git a/x-pack/plugins/fleet/server/saved_objects/index.ts b/x-pack/plugins/fleet/server/saved_objects/index.ts index 10e5a6ac57f576..202ab60c127c76 100644 --- a/x-pack/plugins/fleet/server/saved_objects/index.ts +++ b/x-pack/plugins/fleet/server/saved_objects/index.ts @@ -43,6 +43,7 @@ import { migrateOutputToV7130, } from './migrations/to_v7_13_0'; import { migratePackagePolicyToV7140 } from './migrations/to_v7_14_0'; +import { migratePackagePolicyToV7150 } from './migrations/to_v7_15_0'; /* * Saved object types and mappings @@ -270,6 +271,7 @@ const getSavedObjectTypes = ( '7.12.0': migratePackagePolicyToV7120, '7.13.0': migratePackagePolicyToV7130, '7.14.0': migratePackagePolicyToV7140, + '7.15.0': migratePackagePolicyToV7150, }, }, [PACKAGES_SAVED_OBJECT_TYPE]: { diff --git a/x-pack/plugins/fleet/server/saved_objects/migrations/to_v7_15_0.ts b/x-pack/plugins/fleet/server/saved_objects/migrations/to_v7_15_0.ts new file mode 100644 index 00000000000000..27758296d8d95e --- /dev/null +++ b/x-pack/plugins/fleet/server/saved_objects/migrations/to_v7_15_0.ts @@ -0,0 +1,26 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { SavedObjectMigrationFn } from 'kibana/server'; + +import type { PackagePolicy } from '../../../common'; + +import { migratePackagePolicyToV7150 as SecSolMigratePackagePolicyToV7150 } from './security_solution'; + +export const migratePackagePolicyToV7150: SavedObjectMigrationFn = ( + packagePolicyDoc, + migrationContext +) => { + let updatedPackagePolicyDoc = packagePolicyDoc; + + // Endpoint specific migrations + if (packagePolicyDoc.attributes.package?.name === 'endpoint') { + updatedPackagePolicyDoc = SecSolMigratePackagePolicyToV7150(packagePolicyDoc, migrationContext); + } + + return updatedPackagePolicyDoc; +}; From 75c3730b06364d00d4a90d3d9eb9c304eacf6d6c Mon Sep 17 00:00:00 2001 From: Esteban Beltran Date: Tue, 22 Jun 2021 10:00:45 +0200 Subject: [PATCH 15/20] Change memory by memory_protection in memory_protection card --- .../migrations/security_solution/to_v7_15_0.test.ts | 4 ++-- .../migrations/security_solution/to_v7_15_0.ts | 4 ++-- .../common/endpoint/models/policy_config.ts | 12 ++++++------ .../security_solution/common/endpoint/types/index.ts | 12 +++++++++--- .../pages/policy/store/policy_details/index.test.ts | 4 ++-- .../pages/policy/store/policy_details/middleware.ts | 6 ++++-- .../pages/policy/store/policy_details/selectors.ts | 2 +- .../public/management/pages/policy/types.ts | 4 ++-- .../pages/policy/view/policy_details.test.tsx | 6 +++--- .../policy/view/policy_forms/protections/memory.tsx | 6 +++--- .../protections/popup_options_to_versions.ts | 2 +- .../apps/endpoint/policy_details.ts | 12 ++++++------ 12 files changed, 41 insertions(+), 33 deletions(-) diff --git a/x-pack/plugins/fleet/server/saved_objects/migrations/security_solution/to_v7_15_0.test.ts b/x-pack/plugins/fleet/server/saved_objects/migrations/security_solution/to_v7_15_0.test.ts index ba05f591f0dde0..ac0ba62673d606 100644 --- a/x-pack/plugins/fleet/server/saved_objects/migrations/security_solution/to_v7_15_0.test.ts +++ b/x-pack/plugins/fleet/server/saved_objects/migrations/security_solution/to_v7_15_0.test.ts @@ -83,7 +83,7 @@ describe('7.15.0 Endpoint Package Policy migration', () => { windowsMalware: { malware: { mode: 'off' } }, windowsRansomware: { ransomware: { mode: 'off', supported: true } }, // new memory protection - windowsMemory: { memory: { mode: 'off', supported: true } }, + windowsMemory: { memory_protection: { mode: 'off', supported: true } }, windowsPopup: { popup: { malware: { @@ -95,7 +95,7 @@ describe('7.15.0 Endpoint Package Policy migration', () => { enabled: true, }, // new memory popup setup - memory: { + memory_protection: { message: '', enabled: false, }, diff --git a/x-pack/plugins/fleet/server/saved_objects/migrations/security_solution/to_v7_15_0.ts b/x-pack/plugins/fleet/server/saved_objects/migrations/security_solution/to_v7_15_0.ts index 46e728ffe5bf0a..804572a9969ff8 100644 --- a/x-pack/plugins/fleet/server/saved_objects/migrations/security_solution/to_v7_15_0.ts +++ b/x-pack/plugins/fleet/server/saved_objects/migrations/security_solution/to_v7_15_0.ts @@ -31,8 +31,8 @@ export const migratePackagePolicyToV7150: SavedObjectMigrationFn { mode: ProtectionModes.prevent, supported: true, }, - memory: { + memory_protection: { mode: ProtectionModes.prevent, supported: true, }, @@ -42,7 +42,7 @@ export const policyFactory = (): PolicyConfig => { message: '', enabled: true, }, - memory: { + memory_protection: { message: '', enabled: true, }, @@ -109,7 +109,7 @@ export const policyFactoryWithoutPaidFeatures = ( mode: ProtectionModes.off, supported: false, }, - memory: { + memory_protection: { mode: ProtectionModes.off, supported: false, }, @@ -123,7 +123,7 @@ export const policyFactoryWithoutPaidFeatures = ( message: '', enabled: false, }, - memory: { + memory_protection: { message: '', enabled: false, }, @@ -166,8 +166,8 @@ export const policyFactoryWithSupportedFeatures = ( ...policy.windows.ransomware, supported: true, }, - memory: { - ...policy.windows.memory, + memory_protection: { + ...policy.windows.memory_protection, supported: true, }, }, diff --git a/x-pack/plugins/security_solution/common/endpoint/types/index.ts b/x-pack/plugins/security_solution/common/endpoint/types/index.ts index 65285b7e6039fe..7424b7e206782f 100644 --- a/x-pack/plugins/security_solution/common/endpoint/types/index.ts +++ b/x-pack/plugins/security_solution/common/endpoint/types/index.ts @@ -844,7 +844,7 @@ export interface PolicyConfig { security: boolean; }; malware: ProtectionFields; - memory: ProtectionFields & SupportedFields; + memory_protection: ProtectionFields & SupportedFields; ransomware: ProtectionFields & SupportedFields; logging: { file: string; @@ -858,7 +858,7 @@ export interface PolicyConfig { message: string; enabled: boolean; }; - memory: { + memory_protection: { message: string; enabled: boolean; }; @@ -914,7 +914,13 @@ export interface UIPolicyConfig { */ windows: Pick< PolicyConfig['windows'], - 'events' | 'malware' | 'ransomware' | 'popup' | 'antivirus_registration' | 'advanced' | 'memory' + | 'events' + | 'malware' + | 'ransomware' + | 'popup' + | 'antivirus_registration' + | 'advanced' + | 'memory_protection' >; /** * Mac-specific policy configuration that is supported via the UI diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_details/index.test.ts b/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_details/index.test.ts index 9bd5a649514e79..4b3f02ec6f2d0c 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_details/index.test.ts +++ b/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_details/index.test.ts @@ -284,7 +284,7 @@ describe('policy details: ', () => { security: true, }, malware: { mode: 'prevent' }, - memory: { mode: 'off', supported: false }, + memory_protection: { mode: 'off', supported: false }, ransomware: { mode: 'off', supported: false }, popup: { malware: { @@ -295,7 +295,7 @@ describe('policy details: ', () => { enabled: false, message: '', }, - memory: { + memory_protection: { enabled: false, message: '', }, diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_details/middleware.ts b/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_details/middleware.ts index 174b34fd6dd3a8..628d0ee53655f1 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_details/middleware.ts +++ b/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_details/middleware.ts @@ -46,8 +46,10 @@ export const policyDetailsMiddlewareFactory: ImmutableMiddlewareFactory UIPolicyConfig = createSel events: windows.events, malware: windows.malware, ransomware: windows.ransomware, - memory: windows.memory, + memory_protection: windows.memory_protection, popup: windows.popup, antivirus_registration: windows.antivirus_registration, }, diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/types.ts b/x-pack/plugins/security_solution/public/management/pages/policy/types.ts index deae38719111d2..fe549b345ee885 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/types.ts +++ b/x-pack/plugins/security_solution/public/management/pages/policy/types.ts @@ -117,7 +117,7 @@ export type MalwareProtectionOSes = KeysByValueCriteria< /** Returns an array of the policy OSes that have a memory protection field */ export type MemoryProtectionOSes = KeysByValueCriteria< UIPolicyConfig, - { memory: ProtectionFields } + { memory_protection: ProtectionFields } >; /** Returns an array of the policy OSes that have a ransomware protection field */ @@ -127,7 +127,7 @@ export type RansomwareProtectionOSes = KeysByValueCriteria< >; export type PolicyProtection = - | keyof Pick + | keyof Pick | keyof Pick | keyof Pick; diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_details.test.tsx b/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_details.test.tsx index f344338f6363f0..425bb70473c2cb 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_details.test.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_details.test.tsx @@ -298,10 +298,10 @@ describe('Policy Details', () => { expect(tooltip).toHaveLength(1); }); - it('memory card and user notification checkbox are shown', () => { + it('memory protection card and user notification checkbox are shown', () => { const memory = policyView.find('EuiPanel[data-test-subj="memoryProtectionsForm"]'); const userNotificationCheckbox = policyView.find( - 'EuiCheckbox[data-test-subj="memoryUserNotificationCheckbox"]' + 'EuiCheckbox[data-test-subj="memory_protectionUserNotificationCheckbox"]' ); expect(memory).toHaveLength(1); @@ -332,7 +332,7 @@ describe('Policy Details', () => { expect(tooltip).toHaveLength(0); }); - it('memory card, and user notification checkbox are hidden', () => { + it('memory protection card, and user notification checkbox are hidden', () => { const memory = policyView.find('EuiPanel[data-test-subj="memoryProtectionsForm"]'); expect(memory).toHaveLength(0); const userNotificationCheckbox = policyView.find( diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/protections/memory.tsx b/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/protections/memory.tsx index 6784ba21fc27be..45d472a00f31e7 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/protections/memory.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/protections/memory.tsx @@ -24,11 +24,11 @@ import { ProtectionSwitch } from '../components/protection_switch'; */ export const MemoryProtection = React.memo(() => { const OSes: Immutable = [OS.windows]; - const protection = 'memory'; + const protection = 'memory_protection'; return ( = [ ['malware', '7.11+'], ['ransomware', '7.12+'], - ['memory', '7.15+'], + ['memory_protection', '7.15+'], ]; export const popupVersionsMap: ReadonlyMap = new Map(popupVersions); diff --git a/x-pack/test/security_solution_endpoint/apps/endpoint/policy_details.ts b/x-pack/test/security_solution_endpoint/apps/endpoint/policy_details.ts index 5b1df90e19856b..6d06b31eddecdd 100644 --- a/x-pack/test/security_solution_endpoint/apps/endpoint/policy_details.ts +++ b/x-pack/test/security_solution_endpoint/apps/endpoint/policy_details.ts @@ -329,14 +329,14 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { }, logging: { file: 'info' }, malware: { mode: 'prevent' }, - memory: { mode: 'prevent', supported: true }, + memory_protection: { mode: 'prevent', supported: true }, ransomware: { mode: 'prevent', supported: true }, popup: { malware: { enabled: true, message: 'Elastic Security {action} {filename}', }, - memory: { + memory_protection: { enabled: true, message: 'Elastic Security {action} {filename}', }, @@ -538,14 +538,14 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { }, logging: { file: 'info' }, malware: { mode: 'prevent' }, - memory: { mode: 'prevent', supported: true }, + memory_protection: { mode: 'prevent', supported: true }, ransomware: { mode: 'prevent', supported: true }, popup: { malware: { enabled: true, message: 'Elastic Security {action} {filename}', }, - memory: { + memory_protection: { enabled: true, message: 'Elastic Security {action} {filename}', }, @@ -744,14 +744,14 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { }, logging: { file: 'info' }, malware: { mode: 'prevent' }, - memory: { mode: 'prevent', supported: true }, + memory_protection: { mode: 'prevent', supported: true }, ransomware: { mode: 'prevent', supported: true }, popup: { malware: { enabled: true, message: 'Elastic Security {action} {filename}', }, - memory: { + memory_protection: { enabled: true, message: 'Elastic Security {action} {filename}', }, From 076f94acf94cbf080e7fa81e7ae440b00850d6b4 Mon Sep 17 00:00:00 2001 From: Esteban Beltran Date: Tue, 22 Jun 2021 11:37:06 +0200 Subject: [PATCH 16/20] Add missing license upgrade/downgrade testing and changes --- .../common/license/policy_config.test.ts | 170 ++++++++++++++---- .../common/license/policy_config.ts | 41 +++++ 2 files changed, 179 insertions(+), 32 deletions(-) diff --git a/x-pack/plugins/security_solution/common/license/policy_config.test.ts b/x-pack/plugins/security_solution/common/license/policy_config.test.ts index c521a384b2f6c3..71668d97e89442 100644 --- a/x-pack/plugins/security_solution/common/license/policy_config.test.ts +++ b/x-pack/plugins/security_solution/common/license/policy_config.test.ts @@ -75,55 +75,102 @@ describe('policy_config and licenses', () => { expect(valid).toBeFalsy(); }); - it('allows ransomware to be turned on for Platinum licenses', () => { + it('allows ransomware and memory to be turned on for Platinum licenses', () => { const policy = policyFactoryWithoutPaidFeatures(); policy.windows.ransomware.mode = ProtectionModes.prevent; policy.windows.ransomware.supported = true; + policy.windows.memory_protection.mode = ProtectionModes.prevent; + policy.windows.memory_protection.supported = true; const valid = isEndpointPolicyValidForLicense(policy, Platinum); expect(valid).toBeTruthy(); }); - it('blocks ransomware to be turned on for Gold and below licenses', () => { - const policy = policyFactoryWithoutPaidFeatures(); - policy.windows.ransomware.mode = ProtectionModes.prevent; - - let valid = isEndpointPolicyValidForLicense(policy, Gold); - expect(valid).toBeFalsy(); - valid = isEndpointPolicyValidForLicense(policy, Basic); - expect(valid).toBeFalsy(); - }); - it('allows ransomware notification to be turned on with a Platinum license', () => { + it('allows ransomware and memory_protection notification to be turned on with a Platinum license', () => { const policy = policyFactoryWithoutPaidFeatures(); policy.windows.popup.ransomware.enabled = true; policy.windows.ransomware.supported = true; + policy.windows.popup.memory_protection.enabled = true; + policy.windows.memory_protection.supported = true; const valid = isEndpointPolicyValidForLicense(policy, Platinum); expect(valid).toBeTruthy(); }); - it('blocks ransomware notification to be turned on for Gold and below licenses', () => { - const policy = policyFactoryWithoutPaidFeatures(); - policy.windows.popup.ransomware.enabled = true; - let valid = isEndpointPolicyValidForLicense(policy, Gold); - expect(valid).toBeFalsy(); - - valid = isEndpointPolicyValidForLicense(policy, Basic); - expect(valid).toBeFalsy(); - }); - it('allows ransomware notification message changes with a Platinum license', () => { - const policy = policyFactory(); - policy.windows.popup.ransomware.message = 'BOOM'; - const valid = isEndpointPolicyValidForLicense(policy, Platinum); - expect(valid).toBeTruthy(); + describe('ransomware protection checks', () => { + it('blocks ransomware to be turned on for Gold and below licenses', () => { + const policy = policyFactoryWithoutPaidFeatures(); + policy.windows.ransomware.mode = ProtectionModes.prevent; + + let valid = isEndpointPolicyValidForLicense(policy, Gold); + expect(valid).toBeFalsy(); + valid = isEndpointPolicyValidForLicense(policy, Basic); + expect(valid).toBeFalsy(); + }); + + it('blocks ransomware notification to be turned on for Gold and below licenses', () => { + const policy = policyFactoryWithoutPaidFeatures(); + policy.windows.popup.ransomware.enabled = true; + let valid = isEndpointPolicyValidForLicense(policy, Gold); + expect(valid).toBeFalsy(); + + valid = isEndpointPolicyValidForLicense(policy, Basic); + expect(valid).toBeFalsy(); + }); + + it('allows ransomware notification message changes with a Platinum license', () => { + const policy = policyFactory(); + policy.windows.popup.ransomware.message = 'BOOM'; + const valid = isEndpointPolicyValidForLicense(policy, Platinum); + expect(valid).toBeTruthy(); + }); + it('blocks ransomware notification message changes for Gold and below licenses', () => { + const policy = policyFactory(); + policy.windows.popup.ransomware.message = 'BOOM'; + let valid = isEndpointPolicyValidForLicense(policy, Gold); + expect(valid).toBeFalsy(); + + valid = isEndpointPolicyValidForLicense(policy, Basic); + expect(valid).toBeFalsy(); + }); }); - it('blocks ransomware notification message changes for Gold and below licenses', () => { - const policy = policyFactory(); - policy.windows.popup.ransomware.message = 'BOOM'; - let valid = isEndpointPolicyValidForLicense(policy, Gold); - expect(valid).toBeFalsy(); - valid = isEndpointPolicyValidForLicense(policy, Basic); - expect(valid).toBeFalsy(); + describe('memory protection checks', () => { + it('blocks memory_protection to be turned on for Gold and below licenses', () => { + const policy = policyFactoryWithoutPaidFeatures(); + policy.windows.memory_protection.mode = ProtectionModes.prevent; + + let valid = isEndpointPolicyValidForLicense(policy, Gold); + expect(valid).toBeFalsy(); + valid = isEndpointPolicyValidForLicense(policy, Basic); + expect(valid).toBeFalsy(); + }); + + it('blocks memory_protection notification to be turned on for Gold and below licenses', () => { + const policy = policyFactoryWithoutPaidFeatures(); + policy.windows.popup.memory_protection.enabled = true; + let valid = isEndpointPolicyValidForLicense(policy, Gold); + expect(valid).toBeFalsy(); + + valid = isEndpointPolicyValidForLicense(policy, Basic); + expect(valid).toBeFalsy(); + }); + + it('allows memory_protection notification message changes with a Platinum license', () => { + const policy = policyFactory(); + policy.windows.popup.memory_protection.message = 'BOOM'; + const valid = isEndpointPolicyValidForLicense(policy, Platinum); + expect(valid).toBeTruthy(); + }); + + it('blocks memory_protection notification message changes for Gold and below licenses', () => { + const policy = policyFactory(); + policy.windows.popup.memory_protection.message = 'BOOM'; + let valid = isEndpointPolicyValidForLicense(policy, Gold); + expect(valid).toBeFalsy(); + + valid = isEndpointPolicyValidForLicense(policy, Basic); + expect(valid).toBeFalsy(); + }); }); it('allows default policyConfig with Basic', () => { @@ -160,6 +207,19 @@ describe('policy_config and licenses', () => { expect(retPolicy.windows.popup.ransomware.message).toEqual(popupMessage); }); + it('does not change any memory fields with a Platinum license', () => { + const policy = policyFactory(); + const popupMessage = 'WOOP WOOP'; + policy.windows.memory_protection.mode = ProtectionModes.detect; + policy.windows.popup.memory_protection.enabled = false; + policy.windows.popup.memory_protection.message = popupMessage; + + const retPolicy = unsetPolicyFeaturesAccordingToLicenseLevel(policy, Platinum); + expect(retPolicy.windows.memory_protection.mode).toEqual(ProtectionModes.detect); + expect(retPolicy.windows.popup.memory_protection.enabled).toBeFalsy(); + expect(retPolicy.windows.popup.memory_protection.message).toEqual(popupMessage); + }); + it('resets Platinum-paid malware fields for lower license tiers', () => { const defaults = policyFactory(); // reference const policy = policyFactory(); // what we will modify, and should be reset @@ -202,6 +262,28 @@ describe('policy_config and licenses', () => { ); }); + it('resets Platinum-paid memory_protection fields for lower license tiers', () => { + const defaults = policyFactoryWithoutPaidFeatures(); // reference + const policy = policyFactory(); // what we will modify, and should be reset + const popupMessage = 'WOOP WOOP'; + policy.windows.popup.memory_protection.message = popupMessage; + + const retPolicy = unsetPolicyFeaturesAccordingToLicenseLevel(policy, Gold); + + expect(retPolicy.windows.memory_protection.mode).toEqual( + defaults.windows.memory_protection.mode + ); + expect(retPolicy.windows.popup.memory_protection.enabled).toEqual( + defaults.windows.popup.memory_protection.enabled + ); + expect(retPolicy.windows.popup.memory_protection.message).not.toEqual(popupMessage); + + // need to invert the test, since it could be either value + expect(['', DefaultPolicyNotificationMessage]).toContain( + retPolicy.windows.popup.memory_protection.message + ); + }); + it('sets ransomware supported field to false when license is below Platinum', () => { const defaults = policyFactoryWithoutPaidFeatures(); // reference const policy = policyFactory(); // what we will modify, and should be reset @@ -221,6 +303,30 @@ describe('policy_config and licenses', () => { expect(retPolicy.windows.ransomware.supported).toEqual(defaults.windows.ransomware.supported); }); + + it('sets memory_protection supported field to false when license is below Platinum', () => { + const defaults = policyFactoryWithoutPaidFeatures(); // reference + const policy = policyFactory(); // what we will modify, and should be reset + policy.windows.memory_protection.supported = true; + + const retPolicy = unsetPolicyFeaturesAccordingToLicenseLevel(policy, Gold); + + expect(retPolicy.windows.memory_protection.supported).toEqual( + defaults.windows.memory_protection.supported + ); + }); + + it('sets memory_protection supported field to true when license is at Platinum', () => { + const defaults = policyFactoryWithSupportedFeatures(); // reference + const policy = policyFactory(); // what we will modify, and should be reset + policy.windows.memory_protection.supported = false; + + const retPolicy = unsetPolicyFeaturesAccordingToLicenseLevel(policy, Platinum); + + expect(retPolicy.windows.memory_protection.supported).toEqual( + defaults.windows.memory_protection.supported + ); + }); }); describe('policyFactoryWithoutPaidFeatures for gold and below license', () => { diff --git a/x-pack/plugins/security_solution/common/license/policy_config.ts b/x-pack/plugins/security_solution/common/license/policy_config.ts index 35a6202f5e6fba..399952cf51ca26 100644 --- a/x-pack/plugins/security_solution/common/license/policy_config.ts +++ b/x-pack/plugins/security_solution/common/license/policy_config.ts @@ -30,6 +30,13 @@ export const isEndpointPolicyValidForLicense = ( return false; } + // only platinum or higher may enable ransomware + if ( + policy.windows.memory_protection.supported !== defaults.windows.memory_protection.supported + ) { + return false; + } + return true; // currently, platinum allows all features } @@ -54,6 +61,10 @@ export const isEndpointPolicyValidForLicense = ( return false; } + // only platinum or higher may enable ransomware + if (policy.windows.ransomware.mode !== defaults.windows.ransomware.mode) { + return false; + } // only platinum or higher may enable ransomware if (policy.windows.ransomware.mode !== defaults.windows.ransomware.mode) { return false; @@ -76,6 +87,36 @@ export const isEndpointPolicyValidForLicense = ( if (policy.windows.ransomware.supported !== defaults.windows.ransomware.supported) { return false; } + // + // only platinum or higher may enable memory_protection + if (policy.windows.memory_protection.mode !== defaults.windows.memory_protection.mode) { + return false; + } + // only platinum or higher may enable memory_protection + if (policy.windows.memory_protection.mode !== defaults.windows.memory_protection.mode) { + return false; + } + + // only platinum or higher may enable memory_protection notification + if ( + policy.windows.popup.memory_protection.enabled !== + defaults.windows.popup.memory_protection.enabled + ) { + return false; + } + + // Only Platinum or higher may change the memory_protection message (which can be blank or what Endpoint defaults) + if ( + policy.windows.popup.memory_protection.message !== '' && + policy.windows.popup.memory_protection.message !== DefaultPolicyNotificationMessage + ) { + return false; + } + + // only platinum or higher may enable memory_protection + if (policy.windows.memory_protection.supported !== defaults.windows.memory_protection.supported) { + return false; + } return true; }; From 72817cd7f630b0dbdebcc4288f379f1413ec0159 Mon Sep 17 00:00:00 2001 From: Esteban Beltran Date: Thu, 1 Jul 2021 12:56:32 +0200 Subject: [PATCH 17/20] Remove duplicated condition --- test.vim | 10 ++++++++++ .../security_solution/common/license/policy_config.ts | 5 ----- 2 files changed, 10 insertions(+), 5 deletions(-) create mode 100644 test.vim diff --git a/test.vim b/test.vim new file mode 100644 index 00000000000000..2668d61c474745 --- /dev/null +++ b/test.vim @@ -0,0 +1,10 @@ +aug QFClose + au! + au BufEnter * call CloseQf() +aug END + +function! CloseQf() + if &buftype != "quickfix" + :cclose + endif +endfunction diff --git a/x-pack/plugins/security_solution/common/license/policy_config.ts b/x-pack/plugins/security_solution/common/license/policy_config.ts index 399952cf51ca26..759820df924ef6 100644 --- a/x-pack/plugins/security_solution/common/license/policy_config.ts +++ b/x-pack/plugins/security_solution/common/license/policy_config.ts @@ -87,11 +87,6 @@ export const isEndpointPolicyValidForLicense = ( if (policy.windows.ransomware.supported !== defaults.windows.ransomware.supported) { return false; } - // - // only platinum or higher may enable memory_protection - if (policy.windows.memory_protection.mode !== defaults.windows.memory_protection.mode) { - return false; - } // only platinum or higher may enable memory_protection if (policy.windows.memory_protection.mode !== defaults.windows.memory_protection.mode) { return false; From 884ab6e089c7751c757bee90e04e43578691bbca Mon Sep 17 00:00:00 2001 From: Esteban Beltran Date: Thu, 1 Jul 2021 15:18:24 +0200 Subject: [PATCH 18/20] Remove unintented file --- test.vim | 10 ---------- 1 file changed, 10 deletions(-) delete mode 100644 test.vim diff --git a/test.vim b/test.vim deleted file mode 100644 index 2668d61c474745..00000000000000 --- a/test.vim +++ /dev/null @@ -1,10 +0,0 @@ -aug QFClose - au! - au BufEnter * call CloseQf() -aug END - -function! CloseQf() - if &buftype != "quickfix" - :cclose - endif -endfunction From 578489aa60225789eba74d5141dbe15e06b273df Mon Sep 17 00:00:00 2001 From: Esteban Beltran Date: Mon, 12 Jul 2021 09:38:47 +0200 Subject: [PATCH 19/20] Migration early exit if key not found --- .../security_solution/to_v7_15_0.ts | 37 ++++++++++--------- 1 file changed, 20 insertions(+), 17 deletions(-) diff --git a/x-pack/plugins/fleet/server/saved_objects/migrations/security_solution/to_v7_15_0.ts b/x-pack/plugins/fleet/server/saved_objects/migrations/security_solution/to_v7_15_0.ts index 804572a9969ff8..e820cb47132a69 100644 --- a/x-pack/plugins/fleet/server/saved_objects/migrations/security_solution/to_v7_15_0.ts +++ b/x-pack/plugins/fleet/server/saved_objects/migrations/security_solution/to_v7_15_0.ts @@ -13,27 +13,30 @@ import type { PackagePolicy } from '../../../../common'; export const migratePackagePolicyToV7150: SavedObjectMigrationFn = ( packagePolicyDoc ) => { + if (packagePolicyDoc.attributes.package?.name !== 'endpoint') { + return packagePolicyDoc; + } + const updatedPackagePolicyDoc: SavedObjectUnsanitizedDoc = cloneDeep( packagePolicyDoc ); - if (packagePolicyDoc.attributes.package?.name === 'endpoint') { - const input = updatedPackagePolicyDoc.attributes.inputs[0]; - const memory = { - mode: 'off', - // This value is based on license. - // For the migration, we add 'true', our license watcher will correct it, if needed, when the app starts. - supported: true, - }; - const memoryPopup = { - message: '', - enabled: false, - }; - if (input && input.config) { - const policy = input.config.policy.value; - policy.windows.memory_protection = memory; - policy.windows.popup.memory_protection = memoryPopup; - } + const input = updatedPackagePolicyDoc.attributes.inputs[0]; + const memory = { + mode: 'off', + // This value is based on license. + // For the migration, we add 'true', our license watcher will correct it, if needed, when the app starts. + supported: true, + }; + const memoryPopup = { + message: '', + enabled: false, + }; + if (input && input.config) { + const policy = input.config.policy.value; + + policy.windows.memory_protection = memory; + policy.windows.popup.memory_protection = memoryPopup; } return updatedPackagePolicyDoc; From de1e0c5a76c72057ed05d7146c991edf01f315e0 Mon Sep 17 00:00:00 2001 From: Esteban Beltran Date: Mon, 19 Jul 2021 16:30:05 +0200 Subject: [PATCH 20/20] Use i18 translations instead of JSX components --- .../pages/policy/view/policy_details_form.tsx | 21 ++++++++++--------- .../policy/view/policy_forms/locked_card.tsx | 2 +- 2 files changed, 12 insertions(+), 11 deletions(-) diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_details_form.tsx b/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_details_form.tsx index 66480d424de10b..dbbf8f2ab53241 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_details_form.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_details_form.tsx @@ -8,6 +8,7 @@ import { EuiButtonEmpty, EuiSpacer, EuiText } from '@elastic/eui'; import React, { memo, useCallback, useState } from 'react'; import { FormattedMessage } from '@kbn/i18n/react'; +import { i18n } from '@kbn/i18n'; import { MalwareProtections } from './policy_forms/protections/malware'; import { MemoryProtection } from './policy_forms/protections/memory'; import { LinuxEvents, MacEvents, WindowsEvents } from './policy_forms/events'; @@ -17,18 +18,18 @@ import { Ransomware } from './policy_forms/protections/ransomware'; import { LockedPolicyCard } from './policy_forms/locked_card'; import { useLicense } from '../../../../common/hooks/use_license'; -const LOCKED_CARD_RAMSOMWARE_TITLE = ( - +const LOCKED_CARD_RAMSOMWARE_TITLE = i18n.translate( + 'xpack.securitySolution.endpoint.policy.details.ransomware', + { + defaultMessage: 'Ransomware', + } ); -const LOCKED_CARD_MEMORY_TITLE = ( - +const LOCKED_CARD_MEMORY_TITLE = i18n.translate( + 'xpack.securitySolution.endpoint.policy.details.memory', + { + defaultMessage: 'Memory', + } ); export const PolicyDetailsForm = memo(() => { diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/locked_card.tsx b/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/locked_card.tsx index a207d8058378e6..150ae5e82ef558 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/locked_card.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/locked_card.tsx @@ -30,7 +30,7 @@ const LockedPolicyDiv = styled.div` } `; -export const LockedPolicyCard = memo(({ title }: { title: React.ReactNode }) => { +export const LockedPolicyCard = memo(({ title }: { title: string }) => { return (