jramos/cve-dashboard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(postgres): migrate all route files from SQLite to pg pool

Browse Source 
- All 16 route files now import pool from ../db directly
- Removed db parameter from all factory functions
- All callbacks replaced with async/await pool.query()
- All ? placeholders converted to $1, $2... numbered params
- datetime('now') → NOW(), INSERT OR IGNORE → ON CONFLICT DO NOTHING
- LIKE → ILIKE for case-insensitive searches
- Error detection: err.code === '23505' for unique violations
- server.js no longer passes pool/db/requireAuth to route factories
- Only ivantiFindings.js still receives pool (pending task 8 rewrite)
This commit is contained in:
Jordan Ramos
2026-05-06 11:44:17 -06:00
parent 845d843e71
commit 33927b150b
18 changed files with 2164 additions and 4432 deletions
Download Patch File Download Diff File Expand all files Collapse all files

65
backend/routes/auditLog.js
View File

@@ -1,11 +1,13 @@
// Audit Log Routes (Admin only)
const express = require('express');
const pool = require('../db');
const { requireAuth, requireGroup } = require('../middleware/auth');
function createAuditLogRouter(db, requireAuth, requireGroup) {
function createAuditLogRouter() {
const router = express.Router();
// All routes require Admin group
router.use(requireAuth(db), requireGroup('Admin'));
router.use(requireAuth(), requireGroup('Admin'));
// Get paginated audit logs with filters
router.get('/', async (req, res) => {
@@ -24,25 +26,26 @@ function createAuditLogRouter(db, requireAuth, requireGroup) {
let where = [];
let params = [];
let paramIndex = 1;
if (user) {
where.push('username LIKE ?');
where.push(`username ILIKE $${paramIndex++}`);
params.push(`%${user}%`);
}
if (action) {
where.push('action = ?');
where.push(`action = $${paramIndex++}`);
params.push(action);
}
if (entityType) {
where.push('entity_type = ?');
where.push(`entity_type = $${paramIndex++}`);
params.push(entityType);
}
if (startDate) {
where.push('created_at >= ?');
where.push(`created_at >= $${paramIndex++}`);
params.push(startDate);
}
if (endDate) {
where.push('created_at <= ?');
where.push(`created_at <= $${paramIndex++}`);
params.push(endDate + ' 23:59:59');
}
@@ -50,36 +53,25 @@ function createAuditLogRouter(db, requireAuth, requireGroup) {
try {
// Get total count
const countRow = await new Promise((resolve, reject) => {
db.get(
`SELECT COUNT(*) as total FROM audit_logs ${whereClause}`,
params,
(err, row) => {
if (err) reject(err);
else resolve(row);
}
);
});
const countResult = await pool.query(
`SELECT COUNT(*) as total FROM audit_logs ${whereClause}`,
params
);
const total = parseInt(countResult.rows[0].total);
// Get paginated results
const rows = await new Promise((resolve, reject) => {
db.all(
`SELECT * FROM audit_logs ${whereClause} ORDER BY created_at DESC LIMIT ? OFFSET ?`,
[...params, pageSize, offset],
(err, rows) => {
if (err) reject(err);
else resolve(rows);
}
);
});
const dataResult = await pool.query(
`SELECT * FROM audit_logs ${whereClause} ORDER BY created_at DESC LIMIT $${paramIndex++} OFFSET $${paramIndex++}`,
[...params, pageSize, offset]
);
res.json({
logs: rows,
logs: dataResult.rows,
pagination: {
page: parseInt(page),
limit: pageSize,
total: countRow.total,
totalPages: Math.ceil(countRow.total / pageSize)
total: total,
totalPages: Math.ceil(total / pageSize)
}
});
} catch (err) {
@@ -91,16 +83,9 @@ function createAuditLogRouter(db, requireAuth, requireGroup) {
// Get distinct action types for filter dropdown
router.get('/actions', async (req, res) => {
try {
const rows = await new Promise((resolve, reject) => {
db.all(
'SELECT DISTINCT action FROM audit_logs ORDER BY action',
(err, rows) => {
if (err) reject(err);
else resolve(rows);
}
);
});
const { rows } = await pool.query(
'SELECT DISTINCT action FROM audit_logs ORDER BY action'
);
res.json(rows.map(r => r.action));
} catch (err) {
console.error('Audit log actions error:', err);