Skip to content

Commit

Permalink
only include Linux DE counts in aggregate for premium users
Browse files Browse the repository at this point in the history
  • Loading branch information
Jacob Shandling authored and iansltx committed Nov 23, 2024
1 parent c037277 commit 5f7f1ac
Show file tree
Hide file tree
Showing 3 changed files with 17 additions and 9 deletions.
2 changes: 1 addition & 1 deletion server/fleet/service.go
Original file line number Diff line number Diff line change
Expand Up @@ -1063,7 +1063,7 @@ type Service interface {
// supported Linux hosts in the specified team (or, if no team is specified, each host that is not assigned to any team).

// TODO - custom return type, or just use relevant fields?
GetLinuxDiskEncryptionSummary(ctx context.Context, teamId *uint) (*MDMLinuxDiskEncryptionSummary, error)
GetLinuxDiskEncryptionSummary(ctx context.Context, teamId *uint) (MDMLinuxDiskEncryptionSummary, error)

///////////////////////////////////////////////////////////////////////////////
// Common MDM
Expand Down
10 changes: 5 additions & 5 deletions server/service/linux_mdm.go
Original file line number Diff line number Diff line change
Expand Up @@ -44,19 +44,19 @@ func (svc *Service) LinuxHostDiskEncryptionStatus(ctx context.Context, host flee
}, nil
}

func (svc *Service) GetLinuxDiskEncryptionSummary(ctx context.Context, teamId *uint) (*fleet.MDMLinuxDiskEncryptionSummary, error) {
func (svc *Service) GetLinuxDiskEncryptionSummary(ctx context.Context, teamId *uint) (fleet.MDMLinuxDiskEncryptionSummary, error) {
if err := svc.authz.Authorize(ctx, fleet.MDMConfigProfileAuthz{TeamID: teamId}, fleet.ActionRead); err != nil {
return nil, ctxerr.Wrap(ctx, err)
return fleet.MDMLinuxDiskEncryptionSummary{}, ctxerr.Wrap(ctx, err)
}

if svc.config.Server.PrivateKey == "" {
return nil, ctxerr.New(ctx, "Missing required private key. Learn how to configure the private key here: https://fleetdm.com/learn-more-about/fleet-server-private-key")
return fleet.MDMLinuxDiskEncryptionSummary{}, ctxerr.New(ctx, "Missing required private key. Learn how to configure the private key here: https://fleetdm.com/learn-more-about/fleet-server-private-key")
}

ps, err := svc.ds.GetLinuxDiskEncryptionSummary(ctx, teamId)
if err != nil {
return nil, ctxerr.Wrap(ctx, err)
return fleet.MDMLinuxDiskEncryptionSummary{}, ctxerr.Wrap(ctx, err)
}

return &ps, nil
return ps, nil
}
14 changes: 11 additions & 3 deletions server/service/mdm.go
Original file line number Diff line number Diff line change
Expand Up @@ -936,9 +936,17 @@ func getMDMProfilesSummaryEndpoint(ctx context.Context, request interface{}, svc
return &getMDMProfilesSummaryResponse{Err: err}, nil
}

lx, err := svc.GetLinuxDiskEncryptionSummary(ctx, req.TeamID)
if err != nil {
return &getMDMProfilesSummaryResponse{Err: err}, nil
var lx fleet.MDMLinuxDiskEncryptionSummary
// since this endpoint is available for Free users as well, check license here to include Linux
// disk encryption counts which is a premium feature. Similar to
// `ds.GetMDMWindowsProfilesSummary`'s `includeBitLocker` check, except that Linux hosts don't
// have any non-premium data to contribute here, so we can check higher up.
license, _ := license.FromContext(ctx)
if license.IsPremium() {
lx, err = svc.GetLinuxDiskEncryptionSummary(ctx, req.TeamID)
if err != nil {
return &getMDMProfilesSummaryResponse{Err: err}, nil
}
}

res.Verified = as.Verified + ws.Verified + lx.Verified
Expand Down

0 comments on commit 5f7f1ac

Please sign in to comment.