From 961d93002b5eb98626364134e82324b907dc3145 Mon Sep 17 00:00:00 2001 From: kevinlog Date: Tue, 22 Jun 2021 20:00:59 -0400 Subject: [PATCH 1/6] add initial log and tests --- .../service/host_isolation/utils.test.ts | 140 ++++++++++++++++++ .../endpoint/service/host_isolation/utils.ts | 51 +++++++ .../host_isolation/take_action_dropdown.tsx | 1 + .../view/hooks/use_endpoint_action_items.tsx | 9 +- .../side_panel/event_details/index.tsx | 42 ++++-- .../endpoint/routes/actions/isolation.ts | 1 + 6 files changed, 231 insertions(+), 13 deletions(-) create mode 100644 x-pack/plugins/security_solution/common/endpoint/service/host_isolation/utils.test.ts create mode 100644 x-pack/plugins/security_solution/common/endpoint/service/host_isolation/utils.ts diff --git a/x-pack/plugins/security_solution/common/endpoint/service/host_isolation/utils.test.ts b/x-pack/plugins/security_solution/common/endpoint/service/host_isolation/utils.test.ts new file mode 100644 index 00000000000000..a14b96c1ec68c6 --- /dev/null +++ b/x-pack/plugins/security_solution/common/endpoint/service/host_isolation/utils.test.ts @@ -0,0 +1,140 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { isVersionSupported, isOsSupported, isIsolationSupported } from './utils'; + +describe('Host Isolation utils isVersionSupported', () => { + it('should validate that a higher major version is compatible with a lower major version', () => { + expect( + isVersionSupported({ + currentVersion: '8.14.0', + minVersionRequired: '7.13.0', + }) + ).toEqual(true); + }); + + it('should validate that a higher minor version is compatible with a lower minor version', () => { + expect( + isVersionSupported({ + currentVersion: '7.14.0', + minVersionRequired: '7.13.0', + }) + ).toEqual(true); + }); + + it('should validate that a higher patch version is compatible with a lower patch version', () => { + expect( + isVersionSupported({ + currentVersion: '7.14.1', + minVersionRequired: '7.14.0', + }) + ).toEqual(true); + }); + + it('should validate that a lower major version is not compatible with a higher major version', () => { + expect( + isVersionSupported({ + currentVersion: '8.14.0', + minVersionRequired: '9.14.0', + }) + ).toEqual(false); + }); + + it('should validate that a lower minor version is not compatible with a higher minor version', () => { + expect( + isVersionSupported({ + currentVersion: '7.13.0', + minVersionRequired: '7.14.0', + }) + ).toEqual(false); + }); + + it('should validate that a lower patch version is not compatible with a higher patch version', () => { + expect( + isVersionSupported({ + currentVersion: '7.14.0', + minVersionRequired: '7.14.1', + }) + ).toEqual(false); + }); + + it('should validate that the same versions are compatible', () => { + expect( + isVersionSupported({ + currentVersion: '7.14.0', + minVersionRequired: '7.14.0', + }) + ).toEqual(true); + }); + + it('should validate correctly with a SNAPSHOT version', () => { + expect( + isVersionSupported({ + currentVersion: '7.14.0-SNAPSHOT', + minVersionRequired: '7.14.0', + }) + ).toEqual(true); + }); +}); + +describe('Host Isolation utils isOsSupported', () => { + it('should validate that the OS is compatible if the support array contains the currentOs', () => { + expect( + isOsSupported({ + currentOs: 'linux', + supportedOss: ['macos', 'linux'], + }) + ).toEqual(true); + }); + + it('should validate that the OS is not compatible if the support array does not contain the currentOs', () => { + expect( + isOsSupported({ + currentOs: 'linux', + supportedOss: ['macos', 'windows'], + }) + ).toEqual(false); + }); +}); + +describe('Host Isolation utils isIsolationSupported', () => { + it('should be supported with a compatible os and version', () => { + expect( + isIsolationSupported({ + osFamily: 'windows', + version: '7.14.0', + }) + ).toEqual(true); + }); + + it('should not be supported with a incompatible os and version', () => { + expect( + isIsolationSupported({ + osFamily: 'linux', + version: '7.13.0', + }) + ).toEqual(false); + }); + + it('should not be supported with a incompatible os and compatible version', () => { + expect( + isIsolationSupported({ + osFamily: 'linux', + version: '7.14.0', + }) + ).toEqual(false); + }); + + it('should not be supported with a compatible os and incompatible version', () => { + expect( + isIsolationSupported({ + osFamily: 'macos', + version: '7.13.0', + }) + ).toEqual(false); + }); +}); diff --git a/x-pack/plugins/security_solution/common/endpoint/service/host_isolation/utils.ts b/x-pack/plugins/security_solution/common/endpoint/service/host_isolation/utils.ts new file mode 100644 index 00000000000000..54144b7f137610 --- /dev/null +++ b/x-pack/plugins/security_solution/common/endpoint/service/host_isolation/utils.ts @@ -0,0 +1,51 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export const isVersionSupported = ({ + currentVersion, + minVersionRequired, +}: { + currentVersion: string; + minVersionRequired: string; +}) => { + const parsedCurrentVersion = currentVersion.includes('-SNAPSHOT') + ? currentVersion.substring(0, currentVersion.length - 9) + : currentVersion; + const tokenizedCurrent = parsedCurrentVersion + .split('.') + .map((token: string) => parseInt(token, 10)); + const tokenizedMin = minVersionRequired.split('.').map((token: string) => parseInt(token, 10)); + + const versionNotSupported = tokenizedCurrent.some((token: number, index: number) => { + return token < tokenizedMin[index]; + }); + + return !versionNotSupported; +}; + +export const isOsSupported = ({ + currentOs, + supportedOss, +}: { + currentOs: string; + supportedOss: string[]; +}) => { + return supportedOss.some((os) => currentOs === os); +}; + +export const isIsolationSupported = ({ + osFamily, + version, +}: { + osFamily: string; + version: string; +}) => { + return ( + isOsSupported({ currentOs: osFamily, supportedOss: ['macos', 'windows'] }) && + isVersionSupported({ currentVersion: version, minVersionRequired: '7.14.0' }) + ); +}; diff --git a/x-pack/plugins/security_solution/public/detections/components/host_isolation/take_action_dropdown.tsx b/x-pack/plugins/security_solution/public/detections/components/host_isolation/take_action_dropdown.tsx index a10ad901441ea5..eca7405ccb4638 100644 --- a/x-pack/plugins/security_solution/public/detections/components/host_isolation/take_action_dropdown.tsx +++ b/x-pack/plugins/security_solution/public/detections/components/host_isolation/take_action_dropdown.tsx @@ -11,6 +11,7 @@ import { ISOLATE_HOST, UNISOLATE_HOST } from './translations'; import { TAKE_ACTION } from '../alerts_table/alerts_utility_bar/translations'; import { useHostIsolationStatus } from '../../containers/detection_engine/alerts/use_host_isolation_status'; +// TODO: Use logic here export const TakeActionDropdown = React.memo( ({ onChange, diff --git a/x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/view/hooks/use_endpoint_action_items.tsx b/x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/view/hooks/use_endpoint_action_items.tsx index 408e1794ef680a..0c999f1f8a9614 100644 --- a/x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/view/hooks/use_endpoint_action_items.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/view/hooks/use_endpoint_action_items.tsx @@ -19,6 +19,7 @@ import { useKibana } from '../../../../../common/lib/kibana'; import { ContextMenuItemNavByRouterProps } from '../components/context_menu_item_nav_by_rotuer'; import { isEndpointHostIsolated } from '../../../../../common/utils/validators'; import { useLicense } from '../../../../../common/hooks/use_license'; +import { isIsolationSupported } from '../../../../../../common/endpoint/service/host_isolation/utils'; /** * Returns a list (array) of actions for an individual endpoint @@ -44,6 +45,10 @@ export const useEndpointActionItems = ( const endpointPolicyId = endpointMetadata.Endpoint.policy.applied.id; const endpointHostName = endpointMetadata.host.hostname; const fleetAgentId = endpointMetadata.elastic.agent.id; + const isolationSupported = isIsolationSupported({ + osFamily: endpointMetadata.host.os.family, + version: endpointMetadata.agent.version, + }); const { show, selected_endpoint: _selectedEndpoint, @@ -62,7 +67,7 @@ export const useEndpointActionItems = ( const isolationActions = []; - if (isIsolated) { + if (isIsolated && isolationSupported) { // Un-isolate is always available to users regardless of license level isolationActions.push({ 'data-test-subj': 'unIsolateLink', @@ -80,7 +85,7 @@ export const useEndpointActionItems = ( /> ), }); - } else if (isPlatinumPlus) { + } else if (isPlatinumPlus && isolationSupported) { // For Platinum++ licenses, users also have ability to isolate isolationActions.push({ 'data-test-subj': 'isolateLink', diff --git a/x-pack/plugins/security_solution/public/timelines/components/side_panel/event_details/index.tsx b/x-pack/plugins/security_solution/public/timelines/components/side_panel/event_details/index.tsx index 76341055f28eff..60ba505fdd09cf 100644 --- a/x-pack/plugins/security_solution/public/timelines/components/side_panel/event_details/index.tsx +++ b/x-pack/plugins/security_solution/public/timelines/components/side_panel/event_details/index.tsx @@ -32,6 +32,7 @@ import { } from '../../../../detections/components/host_isolation/translations'; import { ALERT_DETAILS } from './translations'; import { useIsolationPrivileges } from '../../../../common/hooks/endpoint/use_isolate_privileges'; +import { isIsolationSupported } from '../../../../../common/endpoint/service/host_isolation/utils'; const StyledEuiFlyoutBody = styled(EuiFlyoutBody)` .euiFlyoutBody__overflow { @@ -101,6 +102,22 @@ const EventDetailsPanelComponent: React.FC = ({ return findAgentId ? findAgentId[0] : ''; }, [detailsData]); + const hostOsFamily = useMemo(() => { + const findOsFamily = find({ category: 'host', field: 'host.os.family' }, detailsData)?.values; + return findOsFamily ? findOsFamily[0] : ''; + }, [detailsData]); + + const agentVersion = useMemo(() => { + const findAgentVersion = find({ category: 'agent', field: 'agent.version' }, detailsData) + ?.values; + return findAgentVersion ? findAgentVersion[0] : ''; + }, [detailsData]); + + const isolationSupported = isIsolationSupported({ + osFamily: hostOsFamily, + version: agentVersion, + }); + const backToAlertDetailsLink = useMemo(() => { return ( <> @@ -153,17 +170,20 @@ const EventDetailsPanelComponent: React.FC = ({ /> )} - {isIsolationAllowed && isEndpointAlert && isHostIsolationPanelOpen === false && ( - - - - - - - - - - )} + {isIsolationAllowed && + isEndpointAlert && + isolationSupported && + isHostIsolationPanelOpen === false && ( + + + + + + + + + + )} ) : ( <> diff --git a/x-pack/plugins/security_solution/server/endpoint/routes/actions/isolation.ts b/x-pack/plugins/security_solution/server/endpoint/routes/actions/isolation.ts index 50fe2ffe2cea99..80ec0f8a6d28c5 100644 --- a/x-pack/plugins/security_solution/server/endpoint/routes/actions/isolation.ts +++ b/x-pack/plugins/security_solution/server/endpoint/routes/actions/isolation.ts @@ -100,6 +100,7 @@ export const isolationRequestHandler = function ( } agentIDs = [...new Set(agentIDs)]; // dedupe + // TODO: Add logic to API // convert any alert IDs into cases let caseIDs: string[] = req.body.case_ids?.slice() || []; if (req.body.alert_ids && req.body.alert_ids.length > 0) { From 7c425feb2fe297200c10987a633533df8df70ab9 Mon Sep 17 00:00:00 2001 From: kevinlog Date: Tue, 22 Jun 2021 22:35:46 -0400 Subject: [PATCH 2/6] fix tests, adjust lookup --- .../endpoint/service/host_isolation/utils.test.ts | 8 ++++---- .../common/endpoint/service/host_isolation/utils.ts | 11 +++-------- .../view/details/components/actions_menu.test.tsx | 4 ++++ .../view/hooks/use_endpoint_action_items.tsx | 2 +- .../pages/endpoint_hosts/view/index.test.tsx | 11 +++++++++++ .../components/side_panel/event_details/index.tsx | 6 +++--- 6 files changed, 26 insertions(+), 16 deletions(-) diff --git a/x-pack/plugins/security_solution/common/endpoint/service/host_isolation/utils.test.ts b/x-pack/plugins/security_solution/common/endpoint/service/host_isolation/utils.test.ts index a14b96c1ec68c6..0bd34cc3c8dbb8 100644 --- a/x-pack/plugins/security_solution/common/endpoint/service/host_isolation/utils.test.ts +++ b/x-pack/plugins/security_solution/common/endpoint/service/host_isolation/utils.test.ts @@ -105,7 +105,7 @@ describe('Host Isolation utils isIsolationSupported', () => { it('should be supported with a compatible os and version', () => { expect( isIsolationSupported({ - osFamily: 'windows', + osName: 'windows', version: '7.14.0', }) ).toEqual(true); @@ -114,7 +114,7 @@ describe('Host Isolation utils isIsolationSupported', () => { it('should not be supported with a incompatible os and version', () => { expect( isIsolationSupported({ - osFamily: 'linux', + osName: 'linux', version: '7.13.0', }) ).toEqual(false); @@ -123,7 +123,7 @@ describe('Host Isolation utils isIsolationSupported', () => { it('should not be supported with a incompatible os and compatible version', () => { expect( isIsolationSupported({ - osFamily: 'linux', + osName: 'linux', version: '7.14.0', }) ).toEqual(false); @@ -132,7 +132,7 @@ describe('Host Isolation utils isIsolationSupported', () => { it('should not be supported with a compatible os and incompatible version', () => { expect( isIsolationSupported({ - osFamily: 'macos', + osName: 'macos', version: '7.13.0', }) ).toEqual(false); diff --git a/x-pack/plugins/security_solution/common/endpoint/service/host_isolation/utils.ts b/x-pack/plugins/security_solution/common/endpoint/service/host_isolation/utils.ts index 54144b7f137610..f8edd14743cdd6 100644 --- a/x-pack/plugins/security_solution/common/endpoint/service/host_isolation/utils.ts +++ b/x-pack/plugins/security_solution/common/endpoint/service/host_isolation/utils.ts @@ -37,15 +37,10 @@ export const isOsSupported = ({ return supportedOss.some((os) => currentOs === os); }; -export const isIsolationSupported = ({ - osFamily, - version, -}: { - osFamily: string; - version: string; -}) => { +export const isIsolationSupported = ({ osName, version }: { osName: string; version: string }) => { + const normalizedOs = osName.toLowerCase(); return ( - isOsSupported({ currentOs: osFamily, supportedOss: ['macos', 'windows'] }) && + isOsSupported({ currentOs: normalizedOs, supportedOss: ['macos', 'windows'] }) && isVersionSupported({ currentVersion: version, minVersionRequired: '7.14.0' }) ); }; diff --git a/x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/view/details/components/actions_menu.test.tsx b/x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/view/details/components/actions_menu.test.tsx index 04708ea90cd349..17598b2c900ba8 100644 --- a/x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/view/details/components/actions_menu.test.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/view/details/components/actions_menu.test.tsx @@ -32,6 +32,10 @@ describe('When using the Endpoint Details Actions Menu', () => { // Safe to mutate this mocked data // @ts-ignore endpointHost.metadata.Endpoint.state.isolation = isolation; + // @ts-ignore + endpointHost.metadata.host.os.name = 'Windows'; + // @ts-ignore + endpointHost.metadata.agent.version = '7.14.0'; httpMocks.responseProvider.metadataDetails.mockReturnValue(endpointHost); }; diff --git a/x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/view/hooks/use_endpoint_action_items.tsx b/x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/view/hooks/use_endpoint_action_items.tsx index 0c999f1f8a9614..3303dda0d8fb69 100644 --- a/x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/view/hooks/use_endpoint_action_items.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/view/hooks/use_endpoint_action_items.tsx @@ -46,7 +46,7 @@ export const useEndpointActionItems = ( const endpointHostName = endpointMetadata.host.hostname; const fleetAgentId = endpointMetadata.elastic.agent.id; const isolationSupported = isIsolationSupported({ - osFamily: endpointMetadata.host.os.family, + osName: endpointMetadata.host.os.name, version: endpointMetadata.agent.version, }); const { diff --git a/x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/view/index.test.tsx b/x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/view/index.test.tsx index 6aab9336c21a43..8e9ae887ff86bc 100644 --- a/x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/view/index.test.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/view/index.test.tsx @@ -1044,6 +1044,17 @@ describe('when on the endpoint list page', () => { isolation: false, }, }, + host: { + ...hosts[0].metadata.host, + os: { + ...hosts[0].metadata.host.os, + name: 'Windows', + }, + }, + agent: { + ...hosts[0].metadata.agent, + version: '7.14.0', + }, }, query_strategy_version: queryStrategyVersion, }; diff --git a/x-pack/plugins/security_solution/public/timelines/components/side_panel/event_details/index.tsx b/x-pack/plugins/security_solution/public/timelines/components/side_panel/event_details/index.tsx index 60ba505fdd09cf..c2337945379228 100644 --- a/x-pack/plugins/security_solution/public/timelines/components/side_panel/event_details/index.tsx +++ b/x-pack/plugins/security_solution/public/timelines/components/side_panel/event_details/index.tsx @@ -103,8 +103,8 @@ const EventDetailsPanelComponent: React.FC = ({ }, [detailsData]); const hostOsFamily = useMemo(() => { - const findOsFamily = find({ category: 'host', field: 'host.os.family' }, detailsData)?.values; - return findOsFamily ? findOsFamily[0] : ''; + const findOsName = find({ category: 'host', field: 'host.os.name' }, detailsData)?.values; + return findOsName ? findOsName[0] : ''; }, [detailsData]); const agentVersion = useMemo(() => { @@ -114,7 +114,7 @@ const EventDetailsPanelComponent: React.FC = ({ }, [detailsData]); const isolationSupported = isIsolationSupported({ - osFamily: hostOsFamily, + osName: hostOsFamily, version: agentVersion, }); From fc8d3ac0e97695989014b3632a230583d77dc29e Mon Sep 17 00:00:00 2001 From: kevinlog Date: Wed, 23 Jun 2021 10:03:25 -0400 Subject: [PATCH 3/6] remove todos --- .../components/host_isolation/take_action_dropdown.tsx | 1 - .../server/endpoint/routes/actions/isolation.ts | 1 - 2 files changed, 2 deletions(-) diff --git a/x-pack/plugins/security_solution/public/detections/components/host_isolation/take_action_dropdown.tsx b/x-pack/plugins/security_solution/public/detections/components/host_isolation/take_action_dropdown.tsx index eca7405ccb4638..a10ad901441ea5 100644 --- a/x-pack/plugins/security_solution/public/detections/components/host_isolation/take_action_dropdown.tsx +++ b/x-pack/plugins/security_solution/public/detections/components/host_isolation/take_action_dropdown.tsx @@ -11,7 +11,6 @@ import { ISOLATE_HOST, UNISOLATE_HOST } from './translations'; import { TAKE_ACTION } from '../alerts_table/alerts_utility_bar/translations'; import { useHostIsolationStatus } from '../../containers/detection_engine/alerts/use_host_isolation_status'; -// TODO: Use logic here export const TakeActionDropdown = React.memo( ({ onChange, diff --git a/x-pack/plugins/security_solution/server/endpoint/routes/actions/isolation.ts b/x-pack/plugins/security_solution/server/endpoint/routes/actions/isolation.ts index 80ec0f8a6d28c5..50fe2ffe2cea99 100644 --- a/x-pack/plugins/security_solution/server/endpoint/routes/actions/isolation.ts +++ b/x-pack/plugins/security_solution/server/endpoint/routes/actions/isolation.ts @@ -100,7 +100,6 @@ export const isolationRequestHandler = function ( } agentIDs = [...new Set(agentIDs)]; // dedupe - // TODO: Add logic to API // convert any alert IDs into cases let caseIDs: string[] = req.body.case_ids?.slice() || []; if (req.body.alert_ids && req.body.alert_ids.length > 0) { From af57cc121663db720958617e496df8abfb6c9ad0 Mon Sep 17 00:00:00 2001 From: kevinlog Date: Fri, 25 Jun 2021 12:23:05 -0400 Subject: [PATCH 4/6] update the generator so that fake docs will have Isoaltion enabled --- .../endpoint/data_generators/base_data_generator.ts | 2 +- .../security_solution/common/endpoint/generate_data.ts | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/x-pack/plugins/security_solution/common/endpoint/data_generators/base_data_generator.ts b/x-pack/plugins/security_solution/common/endpoint/data_generators/base_data_generator.ts index 1f3d4307197f8a..1c9adc8f2f9c39 100644 --- a/x-pack/plugins/security_solution/common/endpoint/data_generators/base_data_generator.ts +++ b/x-pack/plugins/security_solution/common/endpoint/data_generators/base_data_generator.ts @@ -102,7 +102,7 @@ export class BaseDataGenerator { } protected randomVersion(): string { - return [6, ...this.randomNGenerator(10, 2)].map((x) => x.toString()).join('.'); + return [7, ...this.randomNGenerator(20, 2)].map((x) => x.toString()).join('.'); } protected randomChoice(choices: T[]): T { diff --git a/x-pack/plugins/security_solution/common/endpoint/generate_data.ts b/x-pack/plugins/security_solution/common/endpoint/generate_data.ts index b08d5649540db7..876cb3866c6147 100644 --- a/x-pack/plugins/security_solution/common/endpoint/generate_data.ts +++ b/x-pack/plugins/security_solution/common/endpoint/generate_data.ts @@ -51,7 +51,7 @@ export const ANCESTRY_LIMIT: number = 2; const Windows: OSFields[] = [ { - name: 'windows 10.0', + name: 'Windows', full: 'Windows 10', version: '10.0', platform: 'Windows', @@ -61,7 +61,7 @@ const Windows: OSFields[] = [ }, }, { - name: 'windows 10.0', + name: 'Windows', full: 'Windows Server 2016', version: '10.0', platform: 'Windows', @@ -71,7 +71,7 @@ const Windows: OSFields[] = [ }, }, { - name: 'windows 6.2', + name: 'Windows', full: 'Windows Server 2012', version: '6.2', platform: 'Windows', @@ -81,7 +81,7 @@ const Windows: OSFields[] = [ }, }, { - name: 'windows 6.3', + name: 'Windows', full: 'Windows Server 2012R2', version: '6.3', platform: 'Windows', From 4b2f3c6a7429ac279179901b2fcd1a7309e07434 Mon Sep 17 00:00:00 2001 From: kevinlog Date: Tue, 29 Jun 2021 09:34:50 -0400 Subject: [PATCH 5/6] refactor tests --- .../service/host_isolation/utils.test.ts | 154 +++++------------- 1 file changed, 39 insertions(+), 115 deletions(-) diff --git a/x-pack/plugins/security_solution/common/endpoint/service/host_isolation/utils.test.ts b/x-pack/plugins/security_solution/common/endpoint/service/host_isolation/utils.test.ts index 0bd34cc3c8dbb8..467f612aa3c7e4 100644 --- a/x-pack/plugins/security_solution/common/endpoint/service/host_isolation/utils.test.ts +++ b/x-pack/plugins/security_solution/common/endpoint/service/host_isolation/utils.test.ts @@ -8,133 +8,57 @@ import { isVersionSupported, isOsSupported, isIsolationSupported } from './utils'; describe('Host Isolation utils isVersionSupported', () => { - it('should validate that a higher major version is compatible with a lower major version', () => { + test.each` + a | b | expected + ${'8.14.0'} | ${'7.13.0'} | ${true} + ${'7.14.0'} | ${'7.13.0'} | ${true} + ${'7.14.1'} | ${'7.14.0'} | ${true} + ${'8.14.0'} | ${'9.14.0'} | ${false} + ${'7.13.0'} | ${'7.14.0'} | ${false} + ${'7.14.0'} | ${'7.14.1'} | ${false} + ${'7.14.0'} | ${'7.14.0'} | ${true} + ${'7.14.0-SNAPSHOT'} | ${'7.14.0'} | ${true} + `('should validate that version $a is compatible($expected) to $b', ({ a, b, expected }) => { expect( isVersionSupported({ - currentVersion: '8.14.0', - minVersionRequired: '7.13.0', + currentVersion: a, + minVersionRequired: b, }) - ).toEqual(true); - }); - - it('should validate that a higher minor version is compatible with a lower minor version', () => { - expect( - isVersionSupported({ - currentVersion: '7.14.0', - minVersionRequired: '7.13.0', - }) - ).toEqual(true); - }); - - it('should validate that a higher patch version is compatible with a lower patch version', () => { - expect( - isVersionSupported({ - currentVersion: '7.14.1', - minVersionRequired: '7.14.0', - }) - ).toEqual(true); - }); - - it('should validate that a lower major version is not compatible with a higher major version', () => { - expect( - isVersionSupported({ - currentVersion: '8.14.0', - minVersionRequired: '9.14.0', - }) - ).toEqual(false); - }); - - it('should validate that a lower minor version is not compatible with a higher minor version', () => { - expect( - isVersionSupported({ - currentVersion: '7.13.0', - minVersionRequired: '7.14.0', - }) - ).toEqual(false); - }); - - it('should validate that a lower patch version is not compatible with a higher patch version', () => { - expect( - isVersionSupported({ - currentVersion: '7.14.0', - minVersionRequired: '7.14.1', - }) - ).toEqual(false); - }); - - it('should validate that the same versions are compatible', () => { - expect( - isVersionSupported({ - currentVersion: '7.14.0', - minVersionRequired: '7.14.0', - }) - ).toEqual(true); - }); - - it('should validate correctly with a SNAPSHOT version', () => { - expect( - isVersionSupported({ - currentVersion: '7.14.0-SNAPSHOT', - minVersionRequired: '7.14.0', - }) - ).toEqual(true); + ).toEqual(expected); }); }); describe('Host Isolation utils isOsSupported', () => { - it('should validate that the OS is compatible if the support array contains the currentOs', () => { + test.each` + a | b | expected + ${'linux'} | ${['macos', 'linux']} | ${true} + ${'linux'} | ${['macos', 'windows']} | ${false} + `('should validate that os $a is compatible($expected) to $b', ({ a, b, expected }) => { expect( isOsSupported({ - currentOs: 'linux', - supportedOss: ['macos', 'linux'], + currentOs: a, + supportedOss: b, }) - ).toEqual(true); - }); - - it('should validate that the OS is not compatible if the support array does not contain the currentOs', () => { - expect( - isOsSupported({ - currentOs: 'linux', - supportedOss: ['macos', 'windows'], - }) - ).toEqual(false); + ).toEqual(expected); }); }); describe('Host Isolation utils isIsolationSupported', () => { - it('should be supported with a compatible os and version', () => { - expect( - isIsolationSupported({ - osName: 'windows', - version: '7.14.0', - }) - ).toEqual(true); - }); - - it('should not be supported with a incompatible os and version', () => { - expect( - isIsolationSupported({ - osName: 'linux', - version: '7.13.0', - }) - ).toEqual(false); - }); - - it('should not be supported with a incompatible os and compatible version', () => { - expect( - isIsolationSupported({ - osName: 'linux', - version: '7.14.0', - }) - ).toEqual(false); - }); - - it('should not be supported with a compatible os and incompatible version', () => { - expect( - isIsolationSupported({ - osName: 'macos', - version: '7.13.0', - }) - ).toEqual(false); - }); + test.each` + a | b | expected + ${'windows'} | ${'7.14.0'} | ${true} + ${'linux'} | ${'7.13.0'} | ${false} + ${'linux'} | ${'7.14.0'} | ${false} + ${'macos'} | ${'7.13.0'} | ${false} + `( + 'should validate that os $a and version $b supports hostIsolation($expected)', + ({ a, b, expected }) => { + expect( + isIsolationSupported({ + osName: a, + version: b, + }) + ).toEqual(expected); + } + ); }); From a240ddbb54a021ee9520c911f03931ab74dcca31 Mon Sep 17 00:00:00 2001 From: kevinlog Date: Tue, 29 Jun 2021 09:45:24 -0400 Subject: [PATCH 6/6] pr comments --- .../service/host_isolation/utils.test.ts | 20 ++++++++++--------- .../endpoint/service/host_isolation/utils.ts | 2 +- .../view/hooks/use_endpoint_action_items.tsx | 2 +- 3 files changed, 13 insertions(+), 11 deletions(-) diff --git a/x-pack/plugins/security_solution/common/endpoint/service/host_isolation/utils.test.ts b/x-pack/plugins/security_solution/common/endpoint/service/host_isolation/utils.test.ts index 467f612aa3c7e4..7d3810bed8f44f 100644 --- a/x-pack/plugins/security_solution/common/endpoint/service/host_isolation/utils.test.ts +++ b/x-pack/plugins/security_solution/common/endpoint/service/host_isolation/utils.test.ts @@ -9,15 +9,17 @@ import { isVersionSupported, isOsSupported, isIsolationSupported } from './utils describe('Host Isolation utils isVersionSupported', () => { test.each` - a | b | expected - ${'8.14.0'} | ${'7.13.0'} | ${true} - ${'7.14.0'} | ${'7.13.0'} | ${true} - ${'7.14.1'} | ${'7.14.0'} | ${true} - ${'8.14.0'} | ${'9.14.0'} | ${false} - ${'7.13.0'} | ${'7.14.0'} | ${false} - ${'7.14.0'} | ${'7.14.1'} | ${false} - ${'7.14.0'} | ${'7.14.0'} | ${true} - ${'7.14.0-SNAPSHOT'} | ${'7.14.0'} | ${true} + a | b | expected + ${'8.14.0'} | ${'7.13.0'} | ${true} + ${'7.14.0'} | ${'7.13.0'} | ${true} + ${'7.14.1'} | ${'7.14.0'} | ${true} + ${'8.14.0'} | ${'9.14.0'} | ${false} + ${'7.13.0'} | ${'7.14.0'} | ${false} + ${'7.14.0'} | ${'7.14.1'} | ${false} + ${'7.14.0'} | ${'7.14.0'} | ${true} + ${'7.14.0-SNAPSHOT'} | ${'7.14.0'} | ${true} + ${'7.14.0-SNAPSHOT-beta'} | ${'7.14.0'} | ${true} + ${'7.14.0-alpha'} | ${'7.14.0'} | ${true} `('should validate that version $a is compatible($expected) to $b', ({ a, b, expected }) => { expect( isVersionSupported({ diff --git a/x-pack/plugins/security_solution/common/endpoint/service/host_isolation/utils.ts b/x-pack/plugins/security_solution/common/endpoint/service/host_isolation/utils.ts index f8edd14743cdd6..c5e57179bcb8d3 100644 --- a/x-pack/plugins/security_solution/common/endpoint/service/host_isolation/utils.ts +++ b/x-pack/plugins/security_solution/common/endpoint/service/host_isolation/utils.ts @@ -13,7 +13,7 @@ export const isVersionSupported = ({ minVersionRequired: string; }) => { const parsedCurrentVersion = currentVersion.includes('-SNAPSHOT') - ? currentVersion.substring(0, currentVersion.length - 9) + ? currentVersion.substring(0, currentVersion.indexOf('-')) : currentVersion; const tokenizedCurrent = parsedCurrentVersion .split('.') diff --git a/x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/view/hooks/use_endpoint_action_items.tsx b/x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/view/hooks/use_endpoint_action_items.tsx index 3303dda0d8fb69..ec2adfaf0f6c0c 100644 --- a/x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/view/hooks/use_endpoint_action_items.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/view/hooks/use_endpoint_action_items.tsx @@ -67,7 +67,7 @@ export const useEndpointActionItems = ( const isolationActions = []; - if (isIsolated && isolationSupported) { + if (isIsolated) { // Un-isolate is always available to users regardless of license level isolationActions.push({ 'data-test-subj': 'unIsolateLink',