jramos/cve-dashboard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Improve FP workflow error messages — include Ivanti API response body

Browse Source 
When the Ivanti API returns a non-success status, the error message
now includes the actual response body from Ivanti instead of just
the HTTP status code. This makes troubleshooting much easier since
you can see what Ivanti rejected (e.g. invalid field, too many
attachments, malformed request).
This commit is contained in:
Jordan Ramos
2026-05-22 11:51:10 -06:00
parent de4ff3f084
commit 19b5009010
1 changed files with 13 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
backend/routes/ivantiFpWorkflow.js
View File

@@ -281,8 +281,19 @@ function createIvantiFpWorkflowRouter() {
if (createResult.status !== 200 && createResult.status !== 201 && createResult.status !== 202) {
const errorMap = { 401: 'Ivanti API key is invalid or missing.', 419: 'API key lacks workflow creation permissions.', 429: 'Ivanti API rate limit reached.' };
const errorMsg = errorMap[createResult.status] || `Workflow creation failed: ${createResult.status}`;
logAudit({ userId: req.user.id, username: req.user.username, action: 'ivanti_fp_workflow_failed', entityType: 'ivanti_workflow', details: { error: errorMsg, status: createResult.status, findingIds }, ipAddress: req.ip });
let errorMsg = errorMap[createResult.status];
if (!errorMsg) {
// Try to extract detail from the Ivanti response body
let bodyDetail = '';
try {
const parsed = JSON.parse(createResult.body);
bodyDetail = parsed.message || parsed.error || parsed.detail || JSON.stringify(parsed);
} catch (_) {
bodyDetail = (createResult.body || '').slice(0, 500);
}
errorMsg = `Workflow creation failed (${createResult.status}): ${bodyDetail || 'No details returned by Ivanti API.'}`;
}
logAudit({ userId: req.user.id, username: req.user.username, action: 'ivanti_fp_workflow_failed', entityType: 'ivanti_workflow', details: { error: errorMsg, status: createResult.status, responseBody: (createResult.body || '').slice(0, 1000), findingIds }, ipAddress: req.ip });
return res.status(createResult.status === 429 ? 429 : 502).json({ success: false, error: errorMsg, step: 'create_workflow' });
}