From 57f11c362b46e2735f98e62a5d0df42459916058 Mon Sep 17 00:00:00 2001 From: jramos Date: Thu, 9 Apr 2026 16:18:22 -0600 Subject: [PATCH] docs: update README with queue redirect, CVE tooltips, FP workflow submission, and missing migrations --- README.md | 31 ++++++++++++++++++++++++++++++- 1 file changed, 30 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 65ebc65..689e00d 100644 --- a/README.md +++ b/README.md @@ -145,10 +145,12 @@ node migrations/add_ivanti_findings_tables.js node migrations/add_ivanti_todo_queue_table.js node migrations/add_card_workflow_type.js node migrations/add_todo_queue_ip_address.js +node migrations/add_todo_queue_hostname.js node migrations/add_compliance_tables.js node migrations/add_finding_archive_tables.js node migrations/add_archer_tickets_timestamps.js node migrations/add_ivanti_counts_history_table.js +node migrations/add_fp_submissions_table.js node migrations/add_user_groups.js node migrations/add_created_by_columns.js ``` @@ -354,6 +356,8 @@ Each row represents a single Ivanti host finding. **Inline editing:** Click a Host or DNS cell to override the Ivanti value. An amber dot (●) marks overridden cells; use the revert button (↻) to restore the original. Overrides survive re-syncs. Requires Admin or Standard_User group. +**CVE Tooltips:** Hover over any CVE badge in the table to see a tooltip with the CVE description and severity (if the CVE exists in the local database). Tooltips appear after a 300ms delay, are cached in memory for the session, and auto-position to stay within the viewport. + **Filtering:** Click ⊙ on any column header for multi-select filtering. The `— empty —` option filters to findings with no value in that column. Multiple filters are ANDed. The Action Coverage chart also acts as a filter. **Column management:** Toggle visibility and drag to reorder via the **Columns** button. Order and visibility persist to `localStorage`. @@ -381,6 +385,14 @@ A personal staging list for batch-processing FP, Archer, and CARD workflows with - Check the green checkbox on an item to mark it complete (strikethrough at reduced opacity) - Delete individual items with the trash icon, or select multiple and use **Delete (N)** - **Clear Completed** removes all marked-complete items at once +- **Create FP Workflow** — select pending FP items and click to open the FP Workflow modal, which submits a False Positive workflow batch directly to the Ivanti API with form fields, file attachments, and scope override. Successful submission marks the queue items as complete and records the submission locally. + +**Redirecting completed items:** +- Completed items show a redirect button (↱) next to the delete icon +- Click redirect to open a modal where you select the target workflow type (FP, Archer, or CARD) and vendor (required for FP/Archer) +- Redirecting creates a new pending queue item with the same finding data under the new workflow type — the original completed item is preserved +- This is useful when a CARD inventory fix is done but the finding still needs an FP or Archer workflow, or when an item was assigned to the wrong workflow initially +- Not every completed item needs a redirect — it's an optional action for items that require further processing Queue items are stored in the database, are **personal to your login**, and persist across sessions and page refreshes. @@ -563,6 +575,7 @@ All endpoints are prefixed with `/api`. All endpoints except `/api/auth/login` a | GET | `/api/cves/distinct-ids` | Any | All distinct CVE IDs (used by NVD sync) | | GET | `/api/cves/:cveId/vendors` | Any | All vendor entries for a specific CVE ID | | GET | `/api/cves/compliance` | Any | Document compliance status view | +| GET | `/api/cves/:cveId/tooltip` | Any | Get CVE description and severity for tooltip display (truncated to 300 chars) | ### Documents @@ -606,13 +619,21 @@ All endpoints are prefixed with `/api`. All endpoints except `/api/auth/login` a | GET | `/api/ivanti/workflows` | Any | Get cached workflow data | | POST | `/api/ivanti/workflows/sync` | Admin, Standard_User | Trigger an immediate workflow sync | +### Ivanti — FP Workflow Submission + +| Method | Path | Group | Description | +|---|---|---|---| +| POST | `/api/ivanti/fp-workflow` | Admin, Standard_User | Submit an FP workflow batch to Ivanti API (multipart/form-data with attachments) | + ### Ivanti — Todo Queue | Method | Path | Group | Description | |---|---|---|---| | GET | `/api/ivanti/todo-queue` | Any | Get all queue items for the current user | | POST | `/api/ivanti/todo-queue` | Admin, Standard_User | Add a finding to the queue | +| POST | `/api/ivanti/todo-queue/batch` | Admin, Standard_User | Batch-add multiple findings to the queue | | PUT | `/api/ivanti/todo-queue/:id` | Admin, Standard_User | Update a queue item (mark complete, edit vendor/type) | +| POST | `/api/ivanti/todo-queue/:id/redirect` | Admin, Standard_User | Redirect a completed item to a different workflow type | | DELETE | `/api/ivanti/todo-queue/:id` | Admin, Standard_User | Delete a single queue item | | DELETE | `/api/ivanti/todo-queue/completed` | Admin, Standard_User | Delete all completed queue items | @@ -736,6 +757,8 @@ cve-dashboard/ ├── NvdSyncModal.js # Bulk NVD sync dialog ├── KnowledgeBaseModal.js # Knowledge base upload/list modal ├── KnowledgeBaseViewer.js # Inline document viewer (sandboxed iframe, sanitized markdown) + ├── CveTooltip.js # Hover tooltip for CVE badges (portal-rendered, cached) + ├── RedirectModal.js # Queue item redirect modal (workflow type + vendor selection) └── pages/ ├── ReportingPage.js # Host findings: charts, table, queue, export ├── CompliancePage.js # AEO compliance: metric cards, device table @@ -784,7 +807,9 @@ cve-dashboard/ **`ivanti_finding_overrides`** — Editor-applied overrides for `hostName` and `dns` fields. `UNIQUE(finding_id, field)`. -**`ivanti_todo_queue`** — Personal per-user queue of findings staged for FP, Archer, or CARD processing. Keyed by `(user_id, finding_id)`. +**`ivanti_todo_queue`** — Personal per-user queue of findings staged for FP, Archer, or CARD processing. Keyed by `(user_id, finding_id)`. Completed items can be redirected to a different workflow type via `POST /:id/redirect`, which creates a new pending item preserving the original finding data. + +**`ivanti_fp_submissions`** — Record of FP workflow submissions to the Ivanti API. Tracks user, workflow batch ID, form fields, finding IDs, queue item IDs, attachment results, and submission status (success/partial/failed). **`compliance_uploads`** — Record of each compliance xlsx upload: filename, report date, uploader, timestamp, and new/resolved/recurring counts. @@ -897,10 +922,12 @@ node migrations/add_ivanti_findings_tables.js node migrations/add_ivanti_todo_queue_table.js node migrations/add_card_workflow_type.js node migrations/add_todo_queue_ip_address.js +node migrations/add_todo_queue_hostname.js node migrations/add_compliance_tables.js node migrations/add_finding_archive_tables.js node migrations/add_archer_tickets_timestamps.js node migrations/add_ivanti_counts_history_table.js +node migrations/add_fp_submissions_table.js node migrations/add_user_groups.js node migrations/add_created_by_columns.js cd .. @@ -935,10 +962,12 @@ node migrations/add_ivanti_findings_tables.js node migrations/add_ivanti_todo_queue_table.js node migrations/add_card_workflow_type.js node migrations/add_todo_queue_ip_address.js +node migrations/add_todo_queue_hostname.js node migrations/add_compliance_tables.js node migrations/add_finding_archive_tables.js node migrations/add_archer_tickets_timestamps.js node migrations/add_ivanti_counts_history_table.js +node migrations/add_fp_submissions_table.js node migrations/add_user_groups.js node migrations/add_created_by_columns.js ```