From aca93ba9d485d8f92b5e167a6770d3760dff706c Mon Sep 17 00:00:00 2001
From: David Sanchez Soler <davidsansol92@gmail.com>
Date: Fri, 13 Aug 2021 13:59:09 +0200
Subject: [PATCH] Unlink policy from TA when removing the entire policy. Also
 fixes an issue with Without method from lodash

---
 .../server/routes/agent_policy/handlers.ts    |  4 +++-
 .../fleet/server/services/agent_policy.ts     | 20 +++++++++++++++++--
 .../fleet_integration.test.ts                 |  9 ++++++---
 .../fleet_integration/fleet_integration.ts    |  6 +++---
 .../remove_policy_from_trusted_apps.ts        | 10 ++++++----
 5 files changed, 36 insertions(+), 13 deletions(-)

diff --git a/x-pack/plugins/fleet/server/routes/agent_policy/handlers.ts b/x-pack/plugins/fleet/server/routes/agent_policy/handlers.ts
index 57401a525b5d7..74e43bc60098e 100644
--- a/x-pack/plugins/fleet/server/routes/agent_policy/handlers.ts
+++ b/x-pack/plugins/fleet/server/routes/agent_policy/handlers.ts
@@ -215,7 +215,9 @@ export const deleteAgentPoliciesHandler: RequestHandler<
     const body: DeleteAgentPolicyResponse = await agentPolicyService.delete(
       soClient,
       esClient,
-      request.body.agentPolicyId
+      request.body.agentPolicyId,
+      context,
+      request
     );
     return response.ok({
       body,
diff --git a/x-pack/plugins/fleet/server/services/agent_policy.ts b/x-pack/plugins/fleet/server/services/agent_policy.ts
index d3cccd4c07f3c..8e0d2ca0f42d3 100644
--- a/x-pack/plugins/fleet/server/services/agent_policy.ts
+++ b/x-pack/plugins/fleet/server/services/agent_policy.ts
@@ -12,6 +12,8 @@ import type {
   ElasticsearchClient,
   SavedObjectsClientContract,
   SavedObjectsBulkUpdateResponse,
+  KibanaRequest,
+  RequestHandlerContext,
 } from 'src/core/server';
 
 import { SavedObjectsErrorHelpers } from '../../../../../src/core/server';
@@ -39,6 +41,7 @@ import {
   packageToPackagePolicy,
   AGENT_POLICY_INDEX,
 } from '../../common';
+import type { DeletePackagePoliciesResponse } from '../../common';
 import type {
   DeleteAgentPolicyResponse,
   Settings,
@@ -585,7 +588,9 @@ class AgentPolicyService {
   public async delete(
     soClient: SavedObjectsClientContract,
     esClient: ElasticsearchClient,
-    id: string
+    id: string,
+    context: RequestHandlerContext,
+    request: KibanaRequest<unknown, unknown, unknown, any>
   ): Promise<DeleteAgentPolicyResponse> {
     const agentPolicy = await this.get(soClient, id, false);
     if (!agentPolicy) {
@@ -616,7 +621,7 @@ class AgentPolicyService {
     }
 
     if (agentPolicy.package_policies && agentPolicy.package_policies.length) {
-      await packagePolicyService.delete(
+      const body: DeletePackagePoliciesResponse = await packagePolicyService.delete(
         soClient,
         esClient,
         agentPolicy.package_policies as string[],
@@ -624,6 +629,17 @@ class AgentPolicyService {
           skipUnassignFromAgentPolicies: true,
         }
       );
+      try {
+        await packagePolicyService.runExternalCallbacks(
+          'postPackagePolicyDelete',
+          body,
+          context,
+          request
+        );
+      } catch (error) {
+        const logger = appContextService.getLogger();
+        logger.error(`An error occurred executing external callback: ${error}`);
+      }
     }
 
     if (agentPolicy.is_preconfigured) {
diff --git a/x-pack/plugins/security_solution/server/fleet_integration/fleet_integration.test.ts b/x-pack/plugins/security_solution/server/fleet_integration/fleet_integration.test.ts
index 4edda73ebfc65..f97b49c264519 100644
--- a/x-pack/plugins/security_solution/server/fleet_integration/fleet_integration.test.ts
+++ b/x-pack/plugins/security_solution/server/fleet_integration/fleet_integration.test.ts
@@ -300,10 +300,10 @@ describe('ingest_integration tests ', () => {
       listId: 'fake',
       comments: [],
       entries: [],
-      itemId: '1',
-      namespaceType: 'agnostic',
+      item_id: '1',
+      namespace_type: 'agnostic',
       name: 'TA with policy assigned',
-      osTypes: [],
+      os_types: [],
       description: 'TA with policy assigned ',
       meta: undefined,
       tags: [`policy:${policyId}`],
@@ -341,6 +341,9 @@ describe('ingest_integration tests ', () => {
 
       expect(exceptionListClient.updateExceptionListItem).toHaveBeenCalledWith({
         ...fakeTA,
+        itemId: fakeTA.item_id,
+        namespaceType: fakeTA.namespace_type,
+        osTypes: fakeTA.os_types,
         tags: [],
       });
     });
diff --git a/x-pack/plugins/security_solution/server/fleet_integration/fleet_integration.ts b/x-pack/plugins/security_solution/server/fleet_integration/fleet_integration.ts
index ccbecde380016..6858c1b1a4b13 100644
--- a/x-pack/plugins/security_solution/server/fleet_integration/fleet_integration.ts
+++ b/x-pack/plugins/security_solution/server/fleet_integration/fleet_integration.ts
@@ -144,14 +144,14 @@ export const getPackagePolicyDeleteCallback = (
     if (!exceptionsClient) {
       return;
     }
-    const promises: Array<Promise<void>> = [];
+    const policiesToRemove: Array<Promise<void>> = [];
     for (const policy of deletePackagePolicy) {
       if (isEndpointPackagePolicy(policy)) {
         if (experimentalFeatures?.trustedAppsByPolicyEnabled) {
-          promises.push(removePolicyFromTrustedApps(exceptionsClient, policy));
+          policiesToRemove.push(removePolicyFromTrustedApps(exceptionsClient, policy));
         }
       }
     }
-    await Promise.all(promises);
+    await Promise.all(policiesToRemove);
   };
 };
diff --git a/x-pack/plugins/security_solution/server/fleet_integration/handlers/remove_policy_from_trusted_apps.ts b/x-pack/plugins/security_solution/server/fleet_integration/handlers/remove_policy_from_trusted_apps.ts
index dbe1b4b8e36f4..46c9660947364 100644
--- a/x-pack/plugins/security_solution/server/fleet_integration/handlers/remove_policy_from_trusted_apps.ts
+++ b/x-pack/plugins/security_solution/server/fleet_integration/handlers/remove_policy_from_trusted_apps.ts
@@ -6,8 +6,7 @@
  */
 
 import { ENDPOINT_TRUSTED_APPS_LIST_ID } from '@kbn/securitysolution-list-constants';
-import { without } from 'lodash/fp';
-import { ExceptionListClient, UpdateExceptionListItemOptions } from '../../../../lists/server';
+import { ExceptionListClient } from '../../../../lists/server';
 
 interface DeletePolicy {
   id: string;
@@ -53,8 +52,11 @@ export const removePolicyFromTrustedApps = async (
   for (const trustedApp of trustedApps) {
     updates.push(
       exceptionsClient.updateExceptionListItem({
-        ...((trustedApp as unknown) as UpdateExceptionListItemOptions),
-        tags: without(trustedApp.tags, `policy:${policy.id}`),
+        ...trustedApp,
+        itemId: trustedApp.item_id,
+        namespaceType: trustedApp.namespace_type,
+        osTypes: trustedApp.os_types,
+        tags: trustedApp.tags.filter((currentPolicy) => currentPolicy !== `policy:${policy.id}`),
       })
     );
   }