4c04c9870a
Integrate Atlas InfoSec API to manage compliance action plans directly from the ReportingPage. Users can view, create, and update action plans for host findings without switching to the Atlas web tool. Backend: - Add atlasApi.js helper with Basic Auth, TLS skip, GET/PUT/PATCH/POST - Add atlas_action_plans_cache migration for SQLite cache table - Add atlas.js router with sync, status, and proxy CRUD endpoints - Mount Atlas router at /api/atlas in server.js - Extract hostId from Ivanti host findings during sync Frontend: - Add AtlasBadge component (amber=needs plan, green=has plan) - Add AtlasSlideOutPanel with plan list, create form, edit capability - Separate active plans from inactive history in collapsible section - Custom dark-themed plan type dropdown - Optimistic local state shows pending plans immediately after creation - Atlas sync button on ReportingPage toolbar - Prepopulate finding ID in create form from clicked row Environment: - Add ATLAS_API_URL, ATLAS_API_USER, ATLAS_API_PASS, ATLAS_SKIP_TLS to .env.example
105 lines
3.6 KiB
JavaScript
105 lines
3.6 KiB
JavaScript
// Shared Atlas InfoSec API helpers
|
|
// Centralizes HTTP calls so the atlas router uses a single implementation.
|
|
// Follows the same promise-based pattern as ivantiApi.js.
|
|
|
|
const https = require('https');
|
|
const http = require('http');
|
|
|
|
// ---------------------------------------------------------------------------
|
|
// Configuration — read from process.env at module load
|
|
// ---------------------------------------------------------------------------
|
|
const ATLAS_API_URL = process.env.ATLAS_API_URL || '';
|
|
const ATLAS_API_USER = process.env.ATLAS_API_USER || '';
|
|
const ATLAS_API_PASS = process.env.ATLAS_API_PASS || '';
|
|
const ATLAS_SKIP_TLS = process.env.ATLAS_SKIP_TLS === 'true';
|
|
|
|
const requiredVars = ['ATLAS_API_URL', 'ATLAS_API_USER', 'ATLAS_API_PASS'];
|
|
const missingVars = requiredVars.filter((v) => !process.env[v]);
|
|
if (missingVars.length > 0) {
|
|
console.warn(`[atlas-api] WARNING: Missing required environment variables: ${missingVars.join(', ')}. Atlas API calls will fail.`);
|
|
}
|
|
|
|
const isConfigured = missingVars.length === 0;
|
|
|
|
// ---------------------------------------------------------------------------
|
|
// Generic request — supports GET, PUT, PATCH, POST
|
|
// ---------------------------------------------------------------------------
|
|
function atlasRequest(method, urlPath, body, options) {
|
|
const timeout = (options && options.timeout) || 15000;
|
|
const authString = Buffer.from(ATLAS_API_USER + ':' + ATLAS_API_PASS).toString('base64');
|
|
const fullUrl = new URL(ATLAS_API_URL + urlPath);
|
|
const isHttps = fullUrl.protocol === 'https:';
|
|
const transport = isHttps ? https : http;
|
|
|
|
const headers = {
|
|
'accept': 'application/json',
|
|
'authorization': 'Basic ' + authString
|
|
};
|
|
|
|
let bodyStr = null;
|
|
if (body !== null && body !== undefined) {
|
|
bodyStr = JSON.stringify(body);
|
|
headers['content-type'] = 'application/json';
|
|
headers['content-length'] = Buffer.byteLength(bodyStr);
|
|
}
|
|
|
|
return new Promise((resolve, reject) => {
|
|
const reqOptions = {
|
|
hostname: fullUrl.hostname,
|
|
port: fullUrl.port || (isHttps ? 443 : 80),
|
|
path: fullUrl.pathname + fullUrl.search,
|
|
method: method,
|
|
headers: headers,
|
|
timeout: timeout
|
|
};
|
|
|
|
if (isHttps) {
|
|
reqOptions.rejectUnauthorized = !ATLAS_SKIP_TLS;
|
|
}
|
|
|
|
const req = transport.request(reqOptions, (res) => {
|
|
let data = '';
|
|
res.on('data', (chunk) => { data += chunk; });
|
|
res.on('end', () => resolve({ status: res.statusCode, body: data }));
|
|
});
|
|
|
|
req.on('timeout', () => req.destroy(new Error(method + ' ' + urlPath + ' timed out')));
|
|
req.on('error', (err) => {
|
|
reject(new Error(method + ' ' + urlPath + ' failed: ' + err.message));
|
|
});
|
|
|
|
if (bodyStr) {
|
|
req.write(bodyStr);
|
|
}
|
|
req.end();
|
|
});
|
|
}
|
|
|
|
// ---------------------------------------------------------------------------
|
|
// Convenience wrappers
|
|
// ---------------------------------------------------------------------------
|
|
function atlasGet(urlPath, options) {
|
|
return atlasRequest('GET', urlPath, null, options);
|
|
}
|
|
|
|
function atlasPut(urlPath, body, options) {
|
|
return atlasRequest('PUT', urlPath, body, options);
|
|
}
|
|
|
|
function atlasPatch(urlPath, body, options) {
|
|
return atlasRequest('PATCH', urlPath, body, options);
|
|
}
|
|
|
|
function atlasPost(urlPath, body, options) {
|
|
return atlasRequest('POST', urlPath, body, options);
|
|
}
|
|
|
|
module.exports = {
|
|
isConfigured,
|
|
atlasRequest,
|
|
atlasGet,
|
|
atlasPut,
|
|
atlasPatch,
|
|
atlasPost
|
|
};
|