fix: revert map to multipart-only, add attachment upload logging
This commit is contained in:
jramos
@@ -859,31 +859,12 @@ function createIvantiFpWorkflowRouter(db, requireAuth) {
|
||||
|
||||
const mapUrl = `/client/${encodeURIComponent(clientId)}/workflowBatch/falsePositive/${encodeURIComponent(mapUuid)}/map`;
|
||||
|
||||
// Map endpoint likely expects multipart/form-data like the create endpoint.
|
||||
// Try both: first as JSON POST, fall back to multipart if that fails.
|
||||
// Use multipart form (same format as the create endpoint)
|
||||
const formFields = [{ name: 'subjectFilterRequest', value: buildSubjectFilterRequest(findingIds) }];
|
||||
|
||||
let mapResult;
|
||||
const mapBody = {
|
||||
subject: 'hostFinding',
|
||||
filterRequest: {
|
||||
filters: [{
|
||||
field: 'id',
|
||||
exclusive: false,
|
||||
operator: 'IN',
|
||||
value: findingIds.map(id => String(id)).join(',')
|
||||
}]
|
||||
}
|
||||
};
|
||||
|
||||
try {
|
||||
// Try JSON first
|
||||
mapResult = await ivantiPost(mapUrl, mapBody, apiKey, skipTls);
|
||||
|
||||
// If JSON returns 500/415, retry as multipart form
|
||||
if (mapResult.status === 500 || mapResult.status === 415) {
|
||||
console.log('[mapFindings] JSON POST returned', mapResult.status, '— retrying as multipart form');
|
||||
const formFields = [{ name: 'subjectFilterRequest', value: buildSubjectFilterRequest(findingIds) }];
|
||||
mapResult = await ivantiFormPost(mapUrl, formFields, [], apiKey, skipTls);
|
||||
}
|
||||
mapResult = await ivantiFormPost(mapUrl, formFields, [], apiKey, skipTls);
|
||||
} catch (networkErr) {
|
||||
logAudit(db, {
|
||||
userId: req.user.id, username: req.user.username,
|
||||
@@ -897,7 +878,7 @@ function createIvantiFpWorkflowRouter(db, requireAuth) {
|
||||
if (mapResult.status !== 200 && mapResult.status !== 201 && mapResult.status !== 202) {
|
||||
console.error('[mapFindings] Ivanti map failed — status:', mapResult.status, 'body:', (mapResult.body || '').substring(0, 500));
|
||||
console.error('[mapFindings] Request URL:', mapUrl);
|
||||
console.error('[mapFindings] Last attempt body/fields — JSON:', JSON.stringify(mapBody).substring(0, 300));
|
||||
console.error('[mapFindings] Request fields:', JSON.stringify(formFields));
|
||||
const errorMap = {
|
||||
401: 'Ivanti API key is invalid or missing. Contact your administrator.',
|
||||
419: 'API key lacks permissions for this operation.',
|
||||
@@ -1064,10 +1045,13 @@ function createIvantiFpWorkflowRouter(db, requireAuth) {
|
||||
|
||||
const attachUrl = `/client/${encodeURIComponent(clientId)}/workflowBatch/falsePositive/${encodeURIComponent(attachUuid)}/attach`;
|
||||
const attachmentResults = [];
|
||||
console.log('[attachFiles] Uploading', files.length, 'files to', attachUrl);
|
||||
|
||||
for (const f of files) {
|
||||
console.log('[attachFiles] Uploading:', f.originalname, 'size:', f.size);
|
||||
try {
|
||||
const result = await ivantiMultipartPost(attachUrl, f.buffer, f.originalname, apiKey, skipTls);
|
||||
console.log('[attachFiles] Result for', f.originalname, '— status:', result.status);
|
||||
const success = result.status === 200 || result.status === 201 || result.status === 202;
|
||||
attachmentResults.push({ filename: f.originalname, success, ...(success ? {} : { error: `Upload failed: ${result.status}` }) });
|
||||
} catch (uploadErr) {
|
||||
|
||||
Reference in New Issue
Block a user