From fa919b28cf3bb595fb0b963ef0ae93fbef6ff136 Mon Sep 17 00:00:00 2001 From: kevinlog Date: Mon, 17 May 2021 18:11:38 -0400 Subject: [PATCH] add migration test --- .../plugins/fleet/common/services/license.ts | 7 - .../security_solution/to_v7_14_0.test.ts | 200 ++++++++++++++++++ .../security_solution/to_v7_14_0.ts | 7 +- 3 files changed, 204 insertions(+), 10 deletions(-) create mode 100644 x-pack/plugins/fleet/server/saved_objects/migrations/security_solution/to_v7_14_0.test.ts diff --git a/x-pack/plugins/fleet/common/services/license.ts b/x-pack/plugins/fleet/common/services/license.ts index 219015b0158ae..07214b64edc3e 100644 --- a/x-pack/plugins/fleet/common/services/license.ts +++ b/x-pack/plugins/fleet/common/services/license.ts @@ -53,11 +53,4 @@ export class LicenseService { this.licenseInformation?.hasAtLeast('enterprise') ); } - public isPlatinum() { - return ( - this.licenseInformation?.isAvailable && - this.licenseInformation?.isActive && - this.licenseInformation?.hasAtLeast('platinum') - ); - } } diff --git a/x-pack/plugins/fleet/server/saved_objects/migrations/security_solution/to_v7_14_0.test.ts b/x-pack/plugins/fleet/server/saved_objects/migrations/security_solution/to_v7_14_0.test.ts new file mode 100644 index 0000000000000..8ccb50735d4fb --- /dev/null +++ b/x-pack/plugins/fleet/server/saved_objects/migrations/security_solution/to_v7_14_0.test.ts @@ -0,0 +1,200 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { SavedObjectMigrationContext, SavedObjectUnsanitizedDoc } from 'kibana/server'; + +import type { PackagePolicy } from '../../../../common'; + +import { migrateEndpointPackagePolicyToV7140 } from './to_v7_14_0'; + +describe('7.14.0 Endpoint Package Policy migration', () => { + const migration = migrateEndpointPackagePolicyToV7140; + it('adds supported option for ransomware on migrations', () => { + const doc = { + id: 'mock-saved-object-id', + attributes: { + name: 'Some Policy Name', + package: { + name: 'endpoint', + title: '', + version: '', + }, + id: 'endpoint', + policy_id: '', + enabled: true, + namespace: '', + output_id: '', + revision: 0, + updated_at: '', + updated_by: '', + created_at: '', + created_by: '', + inputs: [ + { + type: 'endpoint', + enabled: true, + streams: [], + config: { + policy: { + value: { + windows: { + ransomware: { + mode: 'off', + }, + malware: { + mode: 'off', + }, + popup: { + malware: { + message: '', + enabled: false, + }, + ransomware: { + message: '', + enabled: false, + }, + }, + }, + linux: { + events: { process: true, file: true, network: true }, + logging: { file: 'info' }, + }, + }, + }, + }, + }, + ], + }, + type: ' nested', + }; + + expect(migration(doc, {} as SavedObjectMigrationContext)).toEqual({ + attributes: { + name: 'Some Policy Name', + package: { + name: 'endpoint', + title: '', + version: '', + }, + id: 'endpoint', + policy_id: '', + enabled: true, + namespace: '', + output_id: '', + revision: 0, + updated_at: '', + updated_by: '', + created_at: '', + created_by: '', + inputs: [ + { + type: 'endpoint', + enabled: true, + streams: [], + config: { + policy: { + value: { + windows: { + ransomware: { + mode: 'off', + supported: true, + }, + malware: { + mode: 'off', + }, + popup: { + malware: { + message: '', + enabled: false, + }, + ransomware: { + message: '', + enabled: false, + }, + }, + }, + linux: { + events: { process: true, file: true, network: true }, + logging: { file: 'info' }, + }, + }, + }, + }, + }, + ], + }, + type: ' nested', + id: 'mock-saved-object-id', + }); + }); + + it('does not modify non-endpoint package policies', () => { + const doc: SavedObjectUnsanitizedDoc = { + id: 'mock-saved-object-id', + attributes: { + name: 'Some Policy Name', + package: { + name: 'notEndpoint', + title: '', + version: '', + }, + id: 'notEndpoint', + policy_id: '', + enabled: true, + namespace: '', + output_id: '', + revision: 0, + updated_at: '', + updated_by: '', + created_at: '', + created_by: '', + inputs: [ + { + type: 'notEndpoint', + enabled: true, + streams: [], + config: {}, + }, + ], + }, + type: ' nested', + }; + + expect( + migration(doc, {} as SavedObjectMigrationContext) as SavedObjectUnsanitizedDoc + ).toEqual({ + attributes: { + name: 'Some Policy Name', + package: { + name: 'notEndpoint', + title: '', + version: '', + }, + id: 'notEndpoint', + policy_id: '', + enabled: true, + namespace: '', + output_id: '', + revision: 0, + updated_at: '', + updated_by: '', + created_at: '', + created_by: '', + inputs: [ + { + type: 'notEndpoint', + enabled: true, + streams: [], + config: {}, + }, + ], + }, + type: ' nested', + id: 'mock-saved-object-id', + }); + }); +}); diff --git a/x-pack/plugins/fleet/server/saved_objects/migrations/security_solution/to_v7_14_0.ts b/x-pack/plugins/fleet/server/saved_objects/migrations/security_solution/to_v7_14_0.ts index c50c636c6f632..a9acf7865f812 100644 --- a/x-pack/plugins/fleet/server/saved_objects/migrations/security_solution/to_v7_14_0.ts +++ b/x-pack/plugins/fleet/server/saved_objects/migrations/security_solution/to_v7_14_0.ts @@ -10,8 +10,6 @@ import { cloneDeep } from 'lodash'; import type { PackagePolicy } from '../../../../common'; -import { licenseService } from '../../../../common/services'; - export const migrateEndpointPackagePolicyToV7140: SavedObjectMigrationFn< PackagePolicy, PackagePolicy @@ -19,12 +17,15 @@ export const migrateEndpointPackagePolicyToV7140: SavedObjectMigrationFn< const updatedPackagePolicyDoc: SavedObjectUnsanitizedDoc = cloneDeep( packagePolicyDoc ); + if (packagePolicyDoc.attributes.package?.name === 'endpoint') { const input = updatedPackagePolicyDoc.attributes.inputs[0]; if (input && input.config) { const policy = input.config.policy.value; - policy.windows.ransomware.supported = licenseService.isPlatinum(); + // This value is based on license. + // For the migration, we add 'true', our license watcher will correct it, if needed, when the app starts. + policy.windows.ransomware.supported = true; } }