Phase 3 Step 7: Scan Comparison Features & UX Improvements

Implemented comprehensive scan comparison functionality with historical analysis and improved user experience for scan triggering. Features Added: - Scan comparison engine with ports, services, and certificates analysis - Drift score calculation (0.0-1.0 scale) for infrastructure changes - Side-by-side comparison UI with color-coded changes (added/removed/changed) - Historical trend charts showing port counts over time - "Compare with Previous" button on scan detail pages - Scan history API endpoint for trending data API Endpoints: - GET /api/scans/<id1>/compare/<id2> - Compare two scans - GET /api/stats/scan-history/<id> - Historical scan data for charts UI Improvements: - Replaced config file text inputs with dropdown selectors - Added config file selection to dashboard and scans pages - Improved delete scan confirmation with proper async handling - Enhanced error messages with detailed validation feedback - Added 2-second delay before redirect to ensure deletion completes Comparison Features: - Port changes: tracks added, removed, and unchanged ports - Service changes: detects version updates and service modifications - Certificate changes: monitors SSL/TLS certificate updates - Interactive historical charts with clickable data points - Automatic detection of previous scan for comparison Bug Fixes: - Fixed scan deletion UI alert appearing on successful deletion - Prevented config file path duplication (configs/configs/...) - Improved error handling for failed API responses - Added proper JSON response parsing with fallback handling Testing: - Created comprehensive test suite for comparison functionality - Tests cover comparison API, service methods, and drift scoring - Added edge case tests for identical scans and missing data
2025-11-14 16:15:13 -06:00
parent 9b88f42297
commit 6792d69eb1
10 changed files with 1581 additions and 36 deletions
--- a/web/api/scans.py
+++ b/web/api/scans.py
@@ -165,10 +165,12 @@ def trigger_scan():

    except ValueError as e:
        # Config file validation error
-        logger.warning(f"Invalid config file: {str(e)}")
+        error_message = str(e)
+        logger.warning(f"Invalid config file: {error_message}")
+        logger.warning(f"Request data: config_file='{config_file}'")
        return jsonify({
            'error': 'Invalid request',
-            'message': str(e)
+            'message': error_message
        }), 400
    except SQLAlchemyError as e:
        logger.error(f"Database error triggering scan: {str(e)}")
@@ -276,20 +278,48 @@ def compare_scans(scan_id1, scan_id2):
    """
    Compare two scans and show differences.

+    Compares ports, services, and certificates between two scans,
+    highlighting added, removed, and changed items.
+
    Args:
-        scan_id1: First scan ID
-        scan_id2: Second scan ID
+        scan_id1: First (older) scan ID
+        scan_id2: Second (newer) scan ID

    Returns:
-        JSON response with comparison results
+        JSON response with comparison results including:
+        - scan1, scan2: Metadata for both scans
+        - ports: Added, removed, and unchanged ports
+        - services: Added, removed, and changed services
+        - certificates: Added, removed, and changed certificates
+        - drift_score: Overall drift metric (0.0-1.0)
    """
-    # TODO: Implement in Phase 4
-    return jsonify({
-        'scan_id1': scan_id1,
-        'scan_id2': scan_id2,
-        'diff': {},
-        'message': 'Scan comparison endpoint - to be implemented in Phase 4'
-    })
+    try:
+        # Compare scans using service
+        scan_service = ScanService(current_app.db_session)
+        comparison = scan_service.compare_scans(scan_id1, scan_id2)
+
+        if not comparison:
+            logger.warning(f"Scan comparison failed: one or both scans not found ({scan_id1}, {scan_id2})")
+            return jsonify({
+                'error': 'Not found',
+                'message': 'One or both scans not found'
+            }), 404
+
+        logger.info(f"Compared scans {scan_id1} and {scan_id2}: drift_score={comparison['drift_score']}")
+        return jsonify(comparison), 200
+
+    except SQLAlchemyError as e:
+        logger.error(f"Database error comparing scans {scan_id1} and {scan_id2}: {str(e)}")
+        return jsonify({
+            'error': 'Database error',
+            'message': 'Failed to compare scans'
+        }), 500
+    except Exception as e:
+        logger.error(f"Unexpected error comparing scans {scan_id1} and {scan_id2}: {str(e)}", exc_info=True)
+        return jsonify({
+            'error': 'Internal server error',
+            'message': 'An unexpected error occurred'
+        }), 500


 # Health check endpoint