[Security Solution] host isolation exceptions add and edit exceptions by policy

x-pack/plugins/security_solution/public/management/components/artifact_entry_card/hooks/use_endpoint_policies_to_artifact_policies.ts

@@ -0,0 +1,38 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { useMemo } from 'react';
+import { MenuItemPropsByPolicyId } from '..';
+import { PolicyData } from '../../../../../common/endpoint/types';
+import { useAppUrl } from '../../../../common/lib/kibana';
+import { getPolicyDetailPath } from '../../../common/routing';
+
+/**
+ * Takes a list of EndpointPolicies (PolicyData) and turn them
+ * into MenuItemPropsByPolicyId required by the artifact card.
+ *
+ * The resulting menu will open the policies in a new tab
+ *
+ */
+export const useEndpointPoliciesToArtifactPolicies = (
+  policies: PolicyData[] = []
+): MenuItemPropsByPolicyId => {
+  const { getAppUrl } = useAppUrl();
+  return useMemo(() => {
+    const data = policies.reduce<MenuItemPropsByPolicyId>((policiesMap, policy) => {
+      const policyId = policy.id;
+      const policyDetailsPath = getPolicyDetailPath(policyId);
+      policiesMap[policyId] = {
+        href: getAppUrl({ path: policyDetailsPath }),
+        children: policy.name ?? policyId,
+        target: '_blank',
+      };
+      return policiesMap;
+    }, {});
+    return data;
+  }, [getAppUrl, policies]);
+};

x-pack/plugins/security_solution/public/management/components/effected_policy_select/utils.ts

@@ -0,0 +1,75 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { PolicyData } from '../../../../common/endpoint/types';
+import { EffectedPolicySelection } from './effected_policy_select';
+
+export const GLOBAL_POLICY_TAG = 'policy:all';
+
+/**
+ * Given a list of artifact tags, returns the tags that are not policy tags
+ * policy tags follow the format: `policy:id`
+ */
+export function getArtifactTagsWithoutPolicies(tags?: string[]): string[] {
+  return tags?.filter((tag) => !tag.startsWith('policy:')) || [];
+}
+
+/**
+ * Return a list of artifact policy tags based on a current
+ * selection by the EffectedPolicySelection component.
+ */
+export function getArtifactTagsByEffectedPolicySelection(
+  selection: EffectedPolicySelection,
+  otherTags: string[] = []
+): string[] {
+  if (selection.isGlobal) {
+    return [GLOBAL_POLICY_TAG, ...otherTags];
+  }
+  const newTags = selection.selected.map((policy) => {
+    return `policy:${policy.id}`;
+  });
+
+  return newTags.concat(otherTags);
+}
+
+/**
+ * Given a list of an Exception item tags it will return
+ * the parsed policies from it.
+ *
+ * Policy tags follow the pattern `policy:id`
+ * non policy tags will be ignored.
+ */
+export function getEffectedPolicySelectionByTags(
+  tags: string[],
+  policies: PolicyData[]
+): EffectedPolicySelection {
+  if (tags.length === 0 || tags.find((tag) => tag === GLOBAL_POLICY_TAG)) {
+    return {
+      isGlobal: true,
+      selected: [],
+    };
+  }
+  const selected: PolicyData[] = tags.reduce((acc, tag) => {
+    // edge case: a left over tag with a non-existed policy
+    // will be removed by veryfing the policy exists
+    const id = tag.split(':')[1];
+    const foundPolicy = policies.find((policy) => policy.id === id);
+    if (foundPolicy !== undefined) {
+      acc.push(foundPolicy);
+    }
+    return acc;
+  }, [] as PolicyData[]);
+
+  return {
+    isGlobal: false,
+    selected,
+  };
+}
+
+export function isGlobalPolicyEffected(tags?: string[]): boolean {
+  return tags !== undefined && tags.find((tag) => tag === GLOBAL_POLICY_TAG) !== undefined;
+}

x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/store/middleware.ts

@@ -5,11 +5,20 @@
  * 2.0.
  */
 
+import type { DataViewBase, Query } from '@kbn/es-query';
+import { CoreStart, HttpStart } from 'kibana/public';
 import { Dispatch } from 'redux';
 import semverGte from 'semver/functions/gte';
-
-import { CoreStart, HttpStart } from 'kibana/public';
-import type { DataViewBase, Query } from '@kbn/es-query';
+import { AGENT_POLICY_SAVED_OBJECT_TYPE } from '../../../../../../fleet/common';
+import { METADATA_TRANSFORM_STATS_URL } from '../../../../../common/constants';
+import {
+  BASE_POLICY_RESPONSE_ROUTE,
+  ENDPOINT_ACTION_LOG_ROUTE,
+  HOST_METADATA_GET_ROUTE,
+  HOST_METADATA_LIST_ROUTE,
+  metadataCurrentIndexPattern,
+  METADATA_UNITED_INDEX,
+} from '../../../../../common/endpoint/constants';
 import {
   ActivityLog,
   GetHostPolicyResponse,
@@ -21,67 +30,57 @@ import {
   ImmutableObject,
   MetadataListResponse,
 } from '../../../../../common/endpoint/types';
-import { GetPolicyListResponse } from '../../policy/types';
+import { isolateHost, unIsolateHost } from '../../../../common/lib/endpoint_isolation';
+import { fetchPendingActionsByAgentId } from '../../../../common/lib/endpoint_pending_actions';
 import { ImmutableMiddlewareAPI, ImmutableMiddlewareFactory } from '../../../../common/store';
+import { AppAction } from '../../../../common/store/actions';
+import { resolvePathVariables } from '../../../../common/utils/resolve_path_variables';
+import { sendGetEndpointSpecificPackagePolicies } from '../../../services/policies/policies';
 import {
-  isOnEndpointPage,
-  hasSelectedEndpoint,
-  selectedAgent,
-  uiQueryParams,
-  listData,
+  asStaleResourceState,
+  createFailedResourceState,
+  createLoadedResourceState,
+  createLoadingResourceState,
+} from '../../../state';
+import {
+  sendGetAgentPolicyList,
+  sendGetEndpointSecurityPackage,
+  sendGetFleetAgentsWithEndpoint,
+} from '../../policy/store/services/ingest';
+import { GetPolicyListResponse } from '../../policy/types';
+import {
+  AgentIdsPendingActions,
+  EndpointState,
+  PolicyIds,
+  TransformStats,
+  TransformStatsResponse,
+} from '../types';
+import { getIsInvalidDateRange } from '../utils';
+import { EndpointPackageInfoStateChanged } from './action';
+import {
+  detailsData,
   endpointPackageInfo,
-  nonExistingPolicies,
-  patterns,
-  searchBarQuery,
-  getIsIsolationRequestPending,
-  getCurrentIsolationRequestState,
+  endpointPackageVersion,
   getActivityLogData,
   getActivityLogDataPaging,
-  getLastLoadedActivityLogData,
   getActivityLogError,
-  detailsData,
+  getActivityLogIsUninitializedOrHasSubsequentAPIError,
+  getCurrentIsolationRequestState,
   getIsEndpointPackageInfoUninitialized,
+  getIsIsolationRequestPending,
   getIsOnEndpointDetailsActivityLog,
+  getLastLoadedActivityLogData,
   getMetadataTransformStats,
+  hasSelectedEndpoint,
   isMetadataTransformStatsLoading,
-  getActivityLogIsUninitializedOrHasSubsequentAPIError,
-  endpointPackageVersion,
+  isOnEndpointPage,
+  listData,
+  nonExistingPolicies,
+  patterns,
+  searchBarQuery,
+  selectedAgent,
+  uiQueryParams,
 } from './selectors';
-import {
-  AgentIdsPendingActions,
-  EndpointState,
-  PolicyIds,
-  TransformStats,
-  TransformStatsResponse,
-} from '../types';
-import {
-  sendGetEndpointSecurityPackage,
-  sendGetAgentPolicyList,
-  sendGetFleetAgentsWithEndpoint,
-} from '../../policy/store/services/ingest';
-import { AGENT_POLICY_SAVED_OBJECT_TYPE } from '../../../../../../fleet/common';
-import {
-  ENDPOINT_ACTION_LOG_ROUTE,
-  HOST_METADATA_GET_ROUTE,
-  HOST_METADATA_LIST_ROUTE,
-  BASE_POLICY_RESPONSE_ROUTE,
-  metadataCurrentIndexPattern,
-  METADATA_UNITED_INDEX,
-} from '../../../../../common/endpoint/constants';
-import {
-  asStaleResourceState,
-  createFailedResourceState,
-  createLoadedResourceState,
-  createLoadingResourceState,
-} from '../../../state';
-import { isolateHost, unIsolateHost } from '../../../../common/lib/endpoint_isolation';
-import { AppAction } from '../../../../common/store/actions';
-import { resolvePathVariables } from '../../../../common/utils/resolve_path_variables';
-import { EndpointPackageInfoStateChanged } from './action';
-import { fetchPendingActionsByAgentId } from '../../../../common/lib/endpoint_pending_actions';
-import { getIsInvalidDateRange } from '../utils';
-import { METADATA_TRANSFORM_STATS_URL } from '../../../../../common/constants';
-import { sendGetEndpointSpecificPackagePolicies } from '../../../services/policies';
 
 type EndpointPageStore = ImmutableMiddlewareAPI<EndpointState, AppAction>;