Skip to content

Commit

Permalink
[Security solution][Endpoint] Fix blocklist entries are allowed to be…
Browse files Browse the repository at this point in the history
… assigned per policy on basic license (#128472)

* Hide assignment section on blocklsit form when no licensing and isGlobal. Also check for valid form when changing policy

* Fix commented code

* Don't reset filter when closing flyout

* Fix policy selectio was cleaned when switching from by policy to global and went back to by policy
  • Loading branch information
dasansol92 authored Mar 24, 2022
1 parent d102213 commit 8ada3b3
Show file tree
Hide file tree
Showing 2 changed files with 58 additions and 25 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -257,10 +257,10 @@ export const ArtifactFlyout = memo<ArtifactFlyoutProps>(
}

// `undefined` will cause params to be dropped from url
setUrlParams({ itemId: undefined, show: undefined }, true);
setUrlParams({ ...urlParams, itemId: undefined, show: undefined }, true);

onClose();
}, [isSubmittingData, onClose, setUrlParams]);
}, [isSubmittingData, onClose, setUrlParams, urlParams]);

const handleFormComponentOnChange: ArtifactFormComponentProps['onChange'] = useCallback(
({ item: updatedItem, isValid }) => {
Expand All @@ -285,12 +285,12 @@ export const ArtifactFlyout = memo<ArtifactFlyoutProps>(
if (isMounted) {
// Close the flyout
// `undefined` will cause params to be dropped from url
setUrlParams({ itemId: undefined, show: undefined }, true);
setUrlParams({ ...urlParams, itemId: undefined, show: undefined }, true);

onSuccess();
}
},
[isEditFlow, isMounted, labels, onSuccess, setUrlParams, toasts]
[isEditFlow, isMounted, labels, onSuccess, setUrlParams, toasts, urlParams]
);

const handleSubmitClick = useCallback(() => {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,7 @@ import { useLicense } from '../../../../../common/hooks/use_license';
import { isValidHash } from '../../../../../../common/endpoint/service/trusted_apps/validations';
import { isArtifactGlobal } from '../../../../../../common/endpoint/service/artifacts';
import type { PolicyData } from '../../../../../../common/endpoint/types';
import { isGlobalPolicyEffected } from '../../../../components/effected_policy_select/utils';

interface BlocklistEntry {
field: BlocklistConditionEntryField;
Expand Down Expand Up @@ -106,14 +107,34 @@ export const BlockListForm = memo(
const warningsRef = useRef<ItemValidation>({});
const errorsRef = useRef<ItemValidation>({});
const [selectedPolicies, setSelectedPolicies] = useState<PolicyData[]>([]);
const isPlatinumPlus = useLicense().isPlatinumPlus();
const isGlobal = useMemo(() => isArtifactGlobal(item as ExceptionListItemSchema), [item]);
const [wasByPolicy, setWasByPolicy] = useState(!isGlobalPolicyEffected(item.tags));
const [hasFormChanged, setHasFormChanged] = useState(false);

const showAssignmentSection = useMemo(() => {
return (
isPlatinumPlus ||
(mode === 'edit' && (!isGlobal || (wasByPolicy && isGlobal && hasFormChanged)))
);
}, [mode, isGlobal, hasFormChanged, isPlatinumPlus, wasByPolicy]);

// set initial state of `wasByPolicy` that checks if the initial state of the exception was by policy or not
useEffect(() => {
if (!hasFormChanged && item.tags) {
setWasByPolicy(!isGlobalPolicyEffected(item.tags));
}
}, [item.tags, hasFormChanged]);

// select policies if editing
useEffect(() => {
if (hasFormChanged) return;
const policyIds = item.tags?.map((tag) => tag.split(':')[1]) ?? [];
if (!policyIds.length) return;
const policiesData = policies.filter((policy) => policyIds.includes(policy.id));

setSelectedPolicies(policiesData);
}, [item.tags, policies]);
}, [hasFormChanged, item.tags, policies]);

const blocklistEntry = useMemo((): BlocklistEntry => {
if (!item.entries.length) {
Expand Down Expand Up @@ -248,6 +269,7 @@ export const BlockListForm = memo(
isValid: isValid(errorsRef.current),
item: nextItem,
});
setHasFormChanged(true);
},
[validateValues, onChange, item]
);
Expand All @@ -261,6 +283,7 @@ export const BlockListForm = memo(
description: event.target.value,
},
});
setHasFormChanged(true);
},
[onChange, item]
);
Expand All @@ -286,6 +309,7 @@ export const BlockListForm = memo(
isValid: isValid(errorsRef.current),
item: nextItem,
});
setHasFormChanged(true);
},
[validateValues, blocklistEntry, onChange, item]
);
Expand All @@ -302,6 +326,7 @@ export const BlockListForm = memo(
isValid: isValid(errorsRef.current),
item: nextItem,
});
setHasFormChanged(true);
},
[validateValues, onChange, item, blocklistEntry]
);
Expand All @@ -320,6 +345,7 @@ export const BlockListForm = memo(
isValid: isValid(errorsRef.current),
item: nextItem,
});
setHasFormChanged(true);
},
[validateValues, onChange, item, blocklistEntry]
);
Expand All @@ -341,6 +367,7 @@ export const BlockListForm = memo(
isValid: isValid(errorsRef.current),
item: nextItem,
});
setHasFormChanged(true);
},
[validateValues, onChange, item, blocklistEntry]
);
Expand All @@ -351,16 +378,20 @@ export const BlockListForm = memo(
? [GLOBAL_ARTIFACT_TAG]
: change.selected.map((policy) => `${BY_POLICY_ARTIFACT_TAG_PREFIX}${policy.id}`);

setSelectedPolicies(change.selected);
const nextItem = { ...item, tags };

// Preserve old selected policies when switching to global
if (!change.isGlobal) {
setSelectedPolicies(change.selected);
}
validateValues(nextItem);
onChange({
isValid: isValid(errorsRef.current),
item: {
...item,
tags,
},
item: nextItem,
});
setHasFormChanged(true);
},
[onChange, item]
[validateValues, onChange, item]
);

return (
Expand Down Expand Up @@ -461,20 +492,22 @@ export const BlockListForm = memo(
/>
</EuiFormRow>

<>
<EuiHorizontalRule />
<EuiFormRow fullWidth>
<EffectedPolicySelect
isGlobal={isArtifactGlobal(item as ExceptionListItemSchema)}
isPlatinumPlus={useLicense().isPlatinumPlus()}
selected={selectedPolicies}
options={policies}
onChange={handleOnPolicyChange}
isLoading={policiesIsLoading}
description={POLICY_SELECT_DESCRIPTION}
/>
</EuiFormRow>
</>
{showAssignmentSection && (
<>
<EuiHorizontalRule />
<EuiFormRow fullWidth>
<EffectedPolicySelect
isGlobal={isGlobal}
isPlatinumPlus={isPlatinumPlus}
selected={selectedPolicies}
options={policies}
onChange={handleOnPolicyChange}
isLoading={policiesIsLoading}
description={POLICY_SELECT_DESCRIPTION}
/>
</EuiFormRow>
</>
)}
</EuiForm>
);
}
Expand Down

0 comments on commit 8ada3b3

Please sign in to comment.