Rebrand STEAM → AEGIS, fix BU drift checker previous_bu bug

- Replace all STEAM branding with AEGIS (Advanced Engineering Group Intelligence System) across login, header, nav drawer, manifest, and browser title - Add shield logo to login page, main header, and nav drawer - Fix BU drift checker recording incorrect previous_bu values by building a previousBuMap snapshot BEFORE the upsert/delete cycle instead of querying the DB after rows are already gone - Clean 526 bogus BU history entries generated by the broken logic - Add docs and scripts from prior session
2026-06-17 14:40:38 -06:00
parent 479c61b88f
commit a95fd03f5e
13 changed files with 994 additions and 27 deletions
--- a/backend/routes/ivantiFindings.js
+++ b/backend/routes/ivantiFindings.js
@@ -681,7 +681,7 @@ async function syncFPWorkflowCounts(openFindings, apiKey, clientId, skipTls) {
 const MANAGED_BUS_VALUE = process.env.IVANTI_MANAGED_BUS || 'NTS-AEO-ACCESS-ENG,NTS-AEO-STEAM';
 const EXPECTED_BUS = new Set(MANAGED_BUS_VALUE.split(',').map(b => b.trim()).filter(Boolean));

-async function runBUDriftChecker(newlyArchivedIds, apiKey, clientId, skipTls) {
+async function runBUDriftChecker(newlyArchivedIds, apiKey, clientId, skipTls, previousBuMap) {
    const summary = { bu_reassignment: 0, severity_drift: 0, closed_on_platform: 0, decommissioned: 0 };

    if (!newlyArchivedIds || newlyArchivedIds.length === 0) return summary;
@@ -797,12 +797,8 @@ async function runBUDriftChecker(newlyArchivedIds, apiKey, clientId, skipTls) {
        // Record BU reassignment in ivanti_finding_bu_history for detail view
        if (classification === 'bu_reassignment' && found) {
            try {
-                // Determine previous BU — look up from the cached finding record
-                const { rows: prevRows } = await pool.query(
-                    `SELECT bu_ownership FROM ivanti_findings WHERE id = $1`,
-                    [id]
-                );
-                const previousBu = prevRows[0]?.bu_ownership || 'UNKNOWN';
+                // Determine previous BU from the pre-sync snapshot (passed in from syncFindings)
+                const previousBu = (previousBuMap && previousBuMap.get(id)) || 'UNKNOWN';
                await pool.query(
                    `INSERT INTO ivanti_finding_bu_history (finding_id, finding_title, host_name, previous_bu, new_bu, detected_at)
                     VALUES ($1, $2, $3, $4, $5, NOW())`,
@@ -897,12 +893,14 @@ async function syncFindings() {

        // Read previous open findings from DB for archive detection
        let previousFindings = [];
+        let previousBuMap = new Map(); // id → bu_ownership snapshot BEFORE upsert
        try {
            const { rows } = await pool.query(
                `SELECT id, title, host_name AS "hostName", ip_address AS "ipAddress", severity, bu_ownership AS "buOwnership"
                 FROM ivanti_findings WHERE state = 'open'`
            );
            previousFindings = rows;
+            previousBuMap = new Map(rows.map(f => [String(f.id), f.buOwnership || '']));
        } catch (err) {
            console.error('[Ivanti Findings] Failed to read previous findings for archive detection:', err.message);
        }
@@ -1004,7 +1002,7 @@ async function syncFindings() {
                console.log(`[BU Drift Checker] ${idsToCheck.length} disappeared total, ${newlyArchivedOnly.length} genuinely new (${alreadyArchivedSet.size} already archived, skipped)`);
                idsToCheck = newlyArchivedOnly;
            }
-            classificationBreakdown = await runBUDriftChecker(idsToCheck, apiKey, clientId, skipTls);
+            classificationBreakdown = await runBUDriftChecker(idsToCheck, apiKey, clientId, skipTls, previousBuMap);
        } catch (err) {
            console.error('[Ivanti Findings] BU drift checker failed (non-fatal):', err.message);
        }
--- a/backend/scripts/check-host-fields.js
+++ b/backend/scripts/check-host-fields.js
@@ -0,0 +1,34 @@
+#!/usr/bin/env node
+// Temporary diagnostic script — fetch a specific finding and dump host fields
+require('dotenv').config();
+const { ivantiPost } = require('../helpers/ivantiApi');
+
+const apiKey = process.env.IVANTI_API_KEY;
+const clientId = process.env.IVANTI_CLIENT_ID || '1550';
+const skipTls = process.env.IVANTI_SKIP_TLS === 'true';
+
+const findingId = process.argv[2] || '2814870699';
+
+const urlPath = `/client/${encodeURIComponent(clientId)}/hostFinding/search`;
+const body = {
+  filters: [
+    { field: 'id', exclusive: false, operator: 'EXACT', orWithPrevious: false, implicitFilters: [], value: findingId, caseSensitive: false }
+  ],
+  projection: 'internal',
+  sort: [{ field: 'severity', direction: 'ASC' }],
+  page: 0,
+  size: 1
+};
+
+ivantiPost(urlPath, body, apiKey, skipTls).then(r => {
+  const data = JSON.parse(r.body);
+  const finding = (data._embedded && data._embedded.hostFindings || [])[0];
+  if (!finding) { console.log('Finding not found'); process.exit(0); }
+
+  console.log('=== host object ===');
+  console.log(JSON.stringify(finding.host, null, 2));
+  console.log('');
+  console.log('=== hostAdditionalDetails ===');
+  console.log(JSON.stringify(finding.hostAdditionalDetails, null, 2));
+  process.exit(0);
+}).catch(e => { console.error(e.message); process.exit(1); });