-
Notifications
You must be signed in to change notification settings - Fork 8.3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[Security Solution][Trusted Apps] New
ArtifactEntryCard
and refacto…
…r of Trusted Apps list to use it (#111051) (#111811) * New `ArtifactEntryCard` component * Refactored ContextMenuItemNavByRouter and moved it to top-level components + new ActionsContextMenu component + add context menu to card * Refactor Trusted App grid to use new ArtifactEntryCard * new Trusted Apps generator + refactor existing of TA script to use it * policy details support for custom back link * bug fix: paginated content should not trigger a change to adjust paging settings unless loading is done Co-authored-by: Paul Tavares <[email protected]>
- Loading branch information
1 parent
9b6629a
commit 0ad55ec
Showing
48 changed files
with
11,634 additions
and
8,481 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
96 changes: 96 additions & 0 deletions
96
x-pack/plugins/security_solution/common/endpoint/data_generators/trusted_app_generator.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,96 @@ | ||
/* | ||
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
* or more contributor license agreements. Licensed under the Elastic License | ||
* 2.0; you may not use this file except in compliance with the Elastic License | ||
* 2.0. | ||
*/ | ||
|
||
import { DeepPartial } from 'utility-types'; | ||
import { merge } from 'lodash'; | ||
import { BaseDataGenerator } from './base_data_generator'; | ||
import { ConditionEntryField, EffectScope, NewTrustedApp, TrustedApp } from '../types'; | ||
|
||
const TRUSTED_APP_NAMES = [ | ||
'Symantec Endpoint Security', | ||
'Bitdefender GravityZone', | ||
'Malwarebytes', | ||
'Sophos Intercept X', | ||
'Webroot Business Endpoint Protection', | ||
'ESET Endpoint Security', | ||
'FortiClient', | ||
'Kaspersky Endpoint Security', | ||
'Trend Micro Apex One', | ||
'CylancePROTECT', | ||
'VIPRE', | ||
'Norton', | ||
'McAfee Endpoint Security', | ||
'AVG AntiVirus', | ||
'CrowdStrike Falcon', | ||
'Avast Business Antivirus', | ||
'Avira Antivirus', | ||
'Cisco AMP for Endpoints', | ||
'Eset Endpoint Antivirus', | ||
'VMware Carbon Black', | ||
'Palo Alto Networks Traps', | ||
'Trend Micro', | ||
'SentinelOne', | ||
'Panda Security for Desktops', | ||
'Microsoft Defender ATP', | ||
]; | ||
|
||
const EFFECT_SCOPE_TYPES = ['policy', 'global']; | ||
|
||
export class TrustedAppGenerator extends BaseDataGenerator<TrustedApp> { | ||
generate(overrides: DeepPartial<TrustedApp> = {}): TrustedApp { | ||
return merge( | ||
this.generateTrustedAppForCreate(), | ||
{ | ||
id: this.randomUUID(), | ||
version: this.randomString(5), | ||
created_at: this.randomPastDate(), | ||
updated_at: new Date().toISOString(), | ||
created_by: this.randomUser(), | ||
updated_by: this.randomUser(), | ||
}, | ||
overrides | ||
); | ||
} | ||
|
||
generateTrustedAppForCreate({ | ||
effectScope: effectiveScopeOverride, | ||
...overrides | ||
}: DeepPartial<NewTrustedApp> = {}): NewTrustedApp { | ||
const name = this.randomChoice(TRUSTED_APP_NAMES); | ||
const scopeType = this.randomChoice(EFFECT_SCOPE_TYPES); | ||
const effectScope = (effectiveScopeOverride ?? { | ||
type: scopeType, | ||
...(scopeType === 'policy' ? { policies: this.randomArray(5, () => this.randomUUID()) } : {}), | ||
}) as EffectScope; | ||
|
||
// TODO: remove ts-ignore. TS types are conditional when it comes to the combination of OS and ENTRIES | ||
// @ts-ignore | ||
return merge( | ||
{ | ||
description: `Generator says we trust ${name}`, | ||
name, | ||
os: this.randomOSFamily(), | ||
effectScope, | ||
entries: [ | ||
{ | ||
field: ConditionEntryField.HASH, | ||
operator: 'included', | ||
type: 'match', | ||
value: '1234234659af249ddf3e40864e9fb241', | ||
}, | ||
{ | ||
field: ConditionEntryField.PATH, | ||
operator: 'included', | ||
type: 'match', | ||
value: '/one/two/three', | ||
}, | ||
], | ||
}, | ||
overrides | ||
); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.