cve-dashboard/backend/helpers/teams.js

// Shared BU team constants, validation, and name mapping.
// Used by user management routes, auth middleware, and frontend-facing endpoints.

const KNOWN_TEAMS = ['STEAM', 'ACCESS-ENG', 'ACCESS-OPS', 'INTELDEV'];

// Mapping between short team names (stored on users) and full Ivanti BU identifiers
// (used in ivanti_findings.bu_ownership column).
const TEAM_TO_IVANTI = {
    'STEAM': 'NTS-AEO-STEAM',
    'ACCESS-ENG': 'NTS-AEO-ACCESS-ENG',
    'ACCESS-OPS': 'NTS-AEO-ACCESS-OPS',
    'INTELDEV': 'NTS-AEO-INTELDEV'
};

const IVANTI_TO_TEAM = Object.fromEntries(
    Object.entries(TEAM_TO_IVANTI).map(([k, v]) => [v, k])
);

/**
 * Convert a short team name to the full Ivanti BU identifier.
 * Returns the input unchanged if no mapping exists.
 * @param {string} shortName - e.g. 'STEAM'
 * @returns {string} e.g. 'NTS-AEO-STEAM'
 */
function teamToIvanti(shortName) {
    return TEAM_TO_IVANTI[shortName] || shortName;
}

/**
 * Convert a full Ivanti BU identifier to the short team name.
 * Returns the input unchanged if no mapping exists.
 * @param {string} ivantiName - e.g. 'NTS-AEO-STEAM'
 * @returns {string} e.g. 'STEAM'
 */
function ivantiToTeam(ivantiName) {
    return IVANTI_TO_TEAM[ivantiName] || ivantiName;
}

/**
 * Parse and validate a comma-separated teams string.
 * @param {string} teamsString - Comma-separated team identifiers (e.g. 'STEAM,ACCESS-ENG')
 * @returns {{ valid: boolean, teams: string[], invalid: string[] }}
 */
function validateTeams(teamsString) {
    if (!teamsString || typeof teamsString !== 'string' || teamsString.trim() === '') {
        return { valid: true, teams: [], invalid: [] };
    }

    const teams = teamsString.split(',').map(t => t.trim()).filter(Boolean);
    const invalid = teams.filter(t => !KNOWN_TEAMS.includes(t));

    return {
        valid: invalid.length === 0,
        teams,
        invalid
    };
}

module.exports = { KNOWN_TEAMS, TEAM_TO_IVANTI, IVANTI_TO_TEAM, teamToIvanti, ivantiToTeam, validateTeams };