jramos/cve-dashboard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Improve Jira lookup error messages and make local POST cve_id/vendor optional

Browse Source 
- Pass through actual Jira error details instead of generic 'Jira API error'
- Parse errorMessages and errors from Jira response for human-readable display
- Make cve_id and vendor optional on local POST /api/jira-tickets (for Save to Dashboard)
- Update getIssue comment for clarity (logic unchanged — JQL search per compliance spec)
This commit is contained in:
Jordan Ramos
2026-05-22 09:55:14 -06:00
parent 6148f06a95
commit e86dd8be15
2 changed files with 20 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
backend/helpers/jiraApi.js
View File

@@ -276,8 +276,9 @@ function jiraDelete(urlPath, options) {
* @param {string[]} [fields] - Jira field names to return * @param {string[]} [fields] - Jira field names to return
*/ */
async function getIssue(issueKey, fields) { async function getIssue(issueKey, fields) {
// Don't filter by project — issue keys are globally unique in Jira and // Use JQL search to look up a single issue by key.
// tickets may belong to projects other than JIRA_PROJECT_KEY (e.g. AA_ADTRAN). // Issue keys are globally unique in Jira — no project filter needed.
// Charter compliance: uses GET /rest/api/2/search with explicit field list.
const jql = `key = "${issueKey}"`; const jql = `key = "${issueKey}"`;
const result = await searchIssues(jql, { fields: fields || DEFAULT_FIELDS, maxResults: 1, startAt: 0 }); const result = await searchIssues(jql, { fields: fields || DEFAULT_FIELDS, maxResults: 1, startAt: 0 });
if (result.ok && result.data.issues && result.data.issues.length > 0) { if (result.ok && result.data.issues && result.data.issues.length > 0) {

18
backend/routes/jiraTickets.js
View File

@@ -126,8 +126,24 @@ function createJiraTicketsRouter() {
if (result.rateLimited) { if (result.rateLimited) {
return res.status(429).json({ error: 'Jira rate limit exceeded. Try again later.' }); return res.status(429).json({ error: 'Jira rate limit exceeded. Try again later.' });
} }
// Build a meaningful error message from Jira's response
let errorMsg = result.status === 404 ? 'Issue not found in Jira.' : 'Jira API error.';
if (result.body) {
try {
const parsed = typeof result.body === 'string' ? JSON.parse(result.body) : result.body;
if (parsed.errorMessages && parsed.errorMessages.length > 0) {
errorMsg = parsed.errorMessages.join('; ');
} else if (parsed.errors && Object.keys(parsed.errors).length > 0) {
errorMsg = Object.values(parsed.errors).join('; ');
}
} catch (_) {
if (typeof result.body === 'string' && result.body.length < 300) {
errorMsg = result.body;
}
}
}
return res.status(result.status === 404 ? 404 : 502).json({ return res.status(result.status === 404 ? 404 : 502).json({
error: result.status === 404 ? 'Issue not found in Jira.' : 'Jira API error.', error: errorMsg,
details: result.body details: result.body
}); });
} catch (err) { } catch (err) {