TEMP COMMIT. REBASE ME

elastic · May 22, 2022 · 9c7a7a8 · 9c7a7a8
1 parent 383239e
commit 9c7a7a8
Show file tree

Hide file tree

Showing 6 changed files with 119 additions and 2 deletions.
diff --git a/x-pack/plugins/security_solution/common/constants.ts b/x-pack/plugins/security_solution/common/constants.ts
@@ -258,6 +258,8 @@ export const DETECTION_ENGINE_RULE_EXECUTION_EVENTS_URL =
   `${INTERNAL_DETECTION_ENGINE_URL}/rules/{ruleId}/execution/events` as const;
 export const detectionEngineRuleExecutionEventsUrl = (ruleId: string) =>
   `${INTERNAL_DETECTION_ENGINE_URL}/rules/${ruleId}/execution/events` as const;
+export const DETECTION_ENGINE_INSTALLED_INTEGRATIONS_URL =
+  `${INTERNAL_DETECTION_ENGINE_URL}/fleet/integrations/installed` as const;
 
 /**
  * Telemetry detection endpoint for any previews requested of what data we are

diff --git a/...ity_solution/server/lib/detection_engine/routes/rules/get_installed_integrations_route.ts b/...ity_solution/server/lib/detection_engine/routes/rules/get_installed_integrations_route.ts
@@ -0,0 +1,90 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { flatten, uniq } from 'lodash';
+import { transformError } from '@kbn/securitysolution-es-utils';
+
+import { DETECTION_ENGINE_INSTALLED_INTEGRATIONS_URL } from '../../../../../common/constants';
+import { RelatedIntegrationArray } from '../../../../../common/detection_engine/schemas/common';
+import { buildSiemResponse } from '../utils';
+import type { SecuritySolutionPluginRouter } from '../../../../types';
+
+/**
+ * TODO: add description
+ */
+export const getInstalledIntegrationsRoute = (router: SecuritySolutionPluginRouter) => {
+  router.get(
+    {
+      path: DETECTION_ENGINE_INSTALLED_INTEGRATIONS_URL,
+      validate: {},
+      options: {
+        tags: ['access:securitySolution'],
+      },
+    },
+    async (context, request, response) => {
+      const siemResponse = buildSiemResponse(response);
+
+      try {
+        const ctx = await context.resolve(['core', 'securitySolution']);
+        const fleet = ctx.securitySolution.getInternalFleetServices();
+        const soClient = ctx.core.savedObjects.client;
+
+        const packagePolicies = await fleet.packagePolicy.list(soClient, {});
+
+        const hierarchicalResults = packagePolicies.items.map((packagePolicy) => {
+          const packageName = packagePolicy.package?.name ?? '';
+          const packageVersion = packagePolicy.package?.version ?? '';
+
+          const enabledInputs = packagePolicy.inputs.filter((input) => input.enabled);
+          const enabledIntegrations = uniq(
+            enabledInputs.map((input) => input.policy_template ?? '').filter(Boolean)
+          );
+
+          return {
+            package: packageName,
+            version: packageVersion,
+            integrations: enabledIntegrations,
+          };
+        });
+
+        const flattenedResults = flatten(
+          hierarchicalResults.map((item) => {
+            return item.integrations.map((integration) => {
+              return {
+                package: item.package,
+                version: item.version,
+                integration,
+              };
+            });
+          })
+        );
+
+        const normalizedResults: RelatedIntegrationArray = flattenedResults.map((item) => {
+          return item.package === item.integration
+            ? {
+                package: item.package,
+                version: item.version,
+              }
+            : item;
+        });
+
+        return response.ok({
+          body: {
+            installedIntegrations: normalizedResults,
+            packagePolicies,
+          },
+        });
+      } catch (err) {
+        const error = transformError(err);
+        return siemResponse.error({
+          body: error.message,
+          statusCode: error.statusCode,
+        });
+      }
+    }
+  );
+};
diff --git a/x-pack/plugins/security_solution/server/plugin.ts b/x-pack/plugins/security_solution/server/plugin.ts
@@ -147,7 +147,14 @@ export class Plugin implements ISecuritySolutionPlugin {
     const eventLogService = plugins.eventLog;
     registerEventLogProvider(eventLogService);
 
-    const requestContextFactory = new RequestContextFactory({ config, logger, core, plugins });
+    const requestContextFactory = new RequestContextFactory({
+      config,
+      logger,
+      core,
+      plugins,
+      endpointAppContextService: this.endpointAppContextService,
+    });
+
     const router = core.http.createRouter<SecuritySolutionRequestHandlerContext>();
     core.http.registerRouteHandlerContext<SecuritySolutionRequestHandlerContext, typeof APP_ID>(
       APP_ID,

diff --git a/x-pack/plugins/security_solution/server/request_context_factory.ts b/x-pack/plugins/security_solution/server/request_context_factory.ts
@@ -30,6 +30,7 @@ import {
   getEndpointAuthzInitialState,
 } from '../common/endpoint/service/authz';
 import { licenseService } from './lib/license';
+import { EndpointAppContextService } from './endpoint/endpoint_app_context_services';
 
 export interface IRequestContextFactory {
   create(
@@ -43,6 +44,7 @@ interface ConstructorOptions {
   logger: Logger;
   core: SecuritySolutionPluginCoreSetupDependencies;
   plugins: SecuritySolutionPluginSetupDependencies;
+  endpointAppContextService: EndpointAppContextService;
 }
 
 export class RequestContextFactory implements IRequestContextFactory {
@@ -57,7 +59,7 @@ export class RequestContextFactory implements IRequestContextFactory {
     request: KibanaRequest
   ): Promise<SecuritySolutionApiRequestHandlerContext> {
     const { options, appClientFactory } = this;
-    const { config, logger, core, plugins } = options;
+    const { config, logger, core, plugins, endpointAppContextService } = options;
     const { lists, ruleRegistry, security } = plugins;
 
     const [, startPlugins] = await core.getStartServices();
@@ -122,6 +124,12 @@ export class RequestContextFactory implements IRequestContextFactory {
         const username = security?.authc.getCurrentUser(request)?.username || 'elastic';
         return lists.getExceptionListClient(coreContext.savedObjects.client, username);
       },
+
+      getInternalFleetServices: memoize(() => endpointAppContextService.getInternalFleetServices()),
+
+      getScopedFleetServices: memoize((req: KibanaRequest) =>
+        endpointAppContextService.getScopedFleetServices(req)
+      ),
     };
   }
 }
diff --git a/x-pack/plugins/security_solution/server/routes/index.ts b/x-pack/plugins/security_solution/server/routes/index.ts
@@ -69,6 +69,7 @@ import { legacyCreateLegacyNotificationRoute } from '../lib/detection_engine/rou
 import { createSourcererDataViewRoute, getSourcererDataViewRoute } from '../lib/sourcerer/routes';
 import { ITelemetryReceiver } from '../lib/telemetry/receiver';
 import { telemetryDetectionRulesPreviewRoute } from '../lib/detection_engine/routes/telemetry/telemetry_detection_rules_preview_route';
+import { getInstalledIntegrationsRoute } from '../lib/detection_engine/routes/rules/get_installed_integrations_route';
 
 export const initRoutes = (
   router: SecuritySolutionPluginRouter,
@@ -118,6 +119,8 @@ export const initRoutes = (
 
   getRuleExecutionEventsRoute(router);
 
+  getInstalledIntegrationsRoute(router);
+
   createTimelinesRoute(router, config, security);
   patchTimelinesRoute(router, config, security);
   importRulesRoute(router, config, ml);

diff --git a/x-pack/plugins/security_solution/server/types.ts b/x-pack/plugins/security_solution/server/types.ts
@@ -9,6 +9,7 @@ import type {
   IRouter,
   CustomRequestHandlerContext,
   CoreRequestHandlerContext,
+  KibanaRequest,
 } from '@kbn/core/server';
 import type { ActionsApiRequestHandlerContext } from '@kbn/actions-plugin/server';
 import type { AlertingApiRequestHandlerContext } from '@kbn/alerting-plugin/server';
@@ -22,6 +23,10 @@ import { ConfigType } from './config';
 import { IRuleExecutionLogForRoutes } from './lib/detection_engine/rule_execution_log';
 import { FrameworkRequest } from './lib/framework';
 import { EndpointAuthz } from '../common/endpoint/types/authz';
+import {
+  EndpointInternalFleetServicesInterface,
+  EndpointScopedFleetServicesInterface,
+} from './endpoint/services/fleet';
 
 export { AppClient };
 
@@ -35,6 +40,8 @@ export interface SecuritySolutionApiRequestHandlerContext {
   getRuleDataService: () => IRuleDataService;
   getRuleExecutionLog: () => IRuleExecutionLogForRoutes;
   getExceptionListClient: () => ExceptionListClient | null;
+  getInternalFleetServices: () => EndpointInternalFleetServicesInterface;
+  getScopedFleetServices: (req: KibanaRequest) => EndpointScopedFleetServicesInterface;
 }
 
 export type SecuritySolutionRequestHandlerContext = CustomRequestHandlerContext<{