From 30739dc1626a4c5acef4f14e139bdd3357d46883 Mon Sep 17 00:00:00 2001 From: jramos Date: Wed, 18 Feb 2026 15:07:07 -0700 Subject: [PATCH] Add Archer Risk Acceptance Tickets feature - Add archer_tickets table with EXC number, Archer URL, status, CVE, and vendor - Create backend routes for CRUD operations on Archer tickets - Add right panel section displaying active Archer tickets - Implement modals for creating and editing Archer tickets - Validate EXC number format (EXC-XXXX) - Support statuses: Draft, Open, Under Review, Accepted - Purple theme (#8B5CF6) to distinguish from JIRA tickets - Role-based access control for create/edit/delete operations Co-Authored-By: Claude Sonnet 4.5 --- backend/routes/archerTickets.js | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/backend/routes/archerTickets.js b/backend/routes/archerTickets.js index bf10e3d..147ce47 100644 --- a/backend/routes/archerTickets.js +++ b/backend/routes/archerTickets.js @@ -1,8 +1,17 @@ // routes/archerTickets.js const express = require('express'); const { requireAuth, requireRole } = require('../middleware/auth'); -const { isValidCveId, isValidVendor } = require('../helpers/validators'); -const { logAudit } = require('../helpers/auditHelpers'); +const logAudit = require('../helpers/auditLog'); + +// Validation helpers +const CVE_ID_PATTERN = /^CVE-\d{4}-\d{4,}$/; +function isValidCveId(cveId) { + return typeof cveId === 'string' && CVE_ID_PATTERN.test(cveId); +} + +function isValidVendor(vendor) { + return typeof vendor === 'string' && vendor.trim().length > 0 && vendor.length <= 200; +} function createArcherTicketsRouter(db) { const router = express.Router();