secureCodeBox
diff --git a/‎src/main/java/io/securecodebox/persistence/defectdojo/ScanType.java‎
Lines changed: 10 additions & 3 deletions b/‎src/main/java/io/securecodebox/persistence/defectdojo/ScanType.java‎
Lines changed: 10 additions & 3 deletions
diff --git a/‎src/main/java/io/securecodebox/persistence/defectdojo/TestType.java‎
Lines changed: 0 additions & 24 deletions b/‎src/main/java/io/securecodebox/persistence/defectdojo/TestType.java‎
Lines changed: 0 additions & 24 deletions
diff --git a/‎src/main/java/io/securecodebox/persistence/defectdojo/models/TestType.java‎
Lines changed: 41 additions & 0 deletions b/‎src/main/java/io/securecodebox/persistence/defectdojo/models/TestType.java‎
Lines changed: 41 additions & 0 deletions
diff --git a/‎src/main/java/io/securecodebox/persistence/defectdojo/service/GenericDefectDojoService.java‎
Lines changed: 104 additions & 105 deletions b/‎src/main/java/io/securecodebox/persistence/defectdojo/service/GenericDefectDojoService.java‎
Lines changed: 104 additions & 105 deletions
@@ -6,6 +6,7 @@ public enum ScanType {
   ACUNETIX_SCAN("Acunetix Scan"),
   ANCHORE_ENGINE_SCAN("Anchore Engine Scan"),
   ANCHORE_ENTERPRISE_POLICY_CHECK("Anchore Enterprise Policy Check"),
+  API_TEST("API Test"),
   APP_SPIDER_SCAN("AppSpider Scan"),
   AQUA_SCAN("Aqua Scan"),
   ARACHNI_SCAN("Arachni Scan"),
@@ -36,8 +37,8 @@ public enum ScanType {
   ES_LINT_SCAN("ESLint Scan"),
   FORTIFY("Fortify"),
   GENERIC_FINDINGS_IMPORT("Generic Findings Import"),
-  GIT_LAB_SAST_REPORT("GitLab SAST Report"),
   GITLEAKS_SCAN("Gitleaks Scan"),
+  GIT_LAB_SAST_REPORT("GitLab SAST Report"),
   GOSEC_SCANNER("Gosec Scanner"),
   HACKER_ONE_CASES("HackerOne Cases"),
   HADOLINT_DOCKERFILE_CHECK("Hadolint Dockerfile check"),
@@ -47,6 +48,7 @@ public enum ScanType {
   IMMUNIWEB_SCAN("Immuniweb Scan"),
   J_FROG_XRAY_SCAN("JFrog Xray Scan"),
   KIUWAN_SCAN("Kiuwan Scan"),
+  MANUAL_CODE_REVIEW("Manual Code Review"),
   MICROFOCUS_WEBINSPECT_SCAN("Microfocus Webinspect Scan"),
   MOB_SF_SCANNER("MobSF Scanner"),
   MOZILLA_OBSERVATORY_SCAN("Mozilla Observatory Scan"),
@@ -60,6 +62,7 @@ public enum ScanType {
   OPENSCAP_VULNERABILITY_SCAN("Openscap Vulnerability Scan"),
   OPEN_VAS_CSV("OpenVAS CSV"),
   OUTPOST24_SCAN("Outpost24 Scan"),
+  PEN_TEST("Pen Test"),
   PHP_SECURITY_AUDIT_V2("PHP Security Audit v2"),
   PHP_SYMFONY_SECURITY_CHECKER("PHP Symfony Security Checker"),
   QUALYS_INFRASTRUCTURE_SCAN_WEB_GUI_XML("Qualys Infrastructure Scan (WebGUI XML)"),
@@ -68,23 +71,27 @@ public enum ScanType {
   RETIRE_JS_SCAN("Retire.js Scan"),
   RISK_RECON_API_IMPORTER("Risk Recon API Importer"),
   SAFETY_SCAN("Safety Scan"),
+  SECURITY_RESEARCH("Security Research"),
   SKF_SCAN("SKF Scan"),
   SNYK_SCAN("Snyk Scan"),
   SONAR_QUBE("SonarQube"),
   SONATYPE_APPLICATION_SCAN("Sonatype Application Scan"),
   SPOT_BUGS("SpotBugs"),
-  SSL_LABS_SCAN("SSL Labs Scan"),
   SSLSCAN("Sslscan"),
-  SS_LYZE_3_SCAN_JSON("SSLyze 3 Scan (JSON)"),
   SSLYZE_SCAN("Sslyze Scan"),
+  SSL_LABS_SCAN("SSL Labs Scan"),
+  SS_LYZE_3_SCAN_JSON("SSLyze 3 Scan (JSON)"),
+  STATIC_CHECK("Static Check"),
   TESTSSL_SCAN("Testssl Scan"),
+  THREAT_MODELING("Threat Modeling"),
   TRIVY_SCAN("Trivy Scan"),
   TRUFFLEHOG("Trufflehog"),
   TRUSTWAVE("Trustwave"),
   TWISTLOCK_IMAGE_SCAN("Twistlock Image Scan"),
   VCG_SCAN("VCG Scan"),
   VERACODE_SCAN("Veracode Scan"),
   WAPITI_SCAN("Wapiti Scan"),
+  WEB_APPLICATION_TEST("Web Application Test"),
   WHITESOURCE_SCAN("Whitesource Scan"),
   WPSCAN("Wpscan"),
   XANITIZER_SCAN("Xanitizer Scan"),
 
@@ -0,0 +1,41 @@
+package io.securecodebox.persistence.defectdojo.models;
+
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import lombok.*;
+
+import java.util.Map;
+
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+@EqualsAndHashCode(callSuper = true)
+@JsonInclude(JsonInclude.Include.NON_NULL)
+public class TestType extends DefectDojoModel {
+  @JsonProperty
+  Long id;
+
+  @JsonProperty
+  @NonNull
+  String name;
+
+  @JsonProperty("static_tool")
+  Boolean staticTool;
+
+  @JsonProperty("dynamic_tool")
+  Boolean dynamicTool;
+
+
+  @Override
+  public boolean equalsQueryString(Map<String, Object> queryParams) {
+    if (queryParams.containsKey("id") && queryParams.get("id").equals(this.id)) {
+      return true;
+    }
+    if (queryParams.containsKey("name") && queryParams.get("name").equals(this.name)) {
+      return true;
+    }
+
+    return false;
+  }
+}
@@ -21,145 +21,144 @@
 import java.util.*;
 
 abstract public class GenericDefectDojoService<T extends DefectDojoModel> {
-  protected String defectDojoUrl;
-  protected String defectDojoApiKey;
+    protected String defectDojoUrl;
+    protected String defectDojoApiKey;
 
-  protected ObjectMapper objectMapper;
-  protected ObjectMapper searchStringMapper;
+    protected ObjectMapper objectMapper;
+    protected ObjectMapper searchStringMapper;
 
-  public GenericDefectDojoService(DefectDojoConfig config){
-    this.defectDojoUrl = config.getUrl();
-    this.defectDojoApiKey = config.getApiKey();
+    public GenericDefectDojoService(DefectDojoConfig config) {
+        this.defectDojoUrl = config.getUrl();
+        this.defectDojoApiKey = config.getApiKey();
 
-    this.objectMapper = new ObjectMapper();
-    this.objectMapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
+        this.objectMapper = new ObjectMapper();
+        this.objectMapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
 
-    this.searchStringMapper = new ObjectMapper();
-    this.searchStringMapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
-    this.searchStringMapper.setSerializationInclusion(JsonInclude.Include.NON_DEFAULT);
-  }
+        this.searchStringMapper = new ObjectMapper();
+        this.searchStringMapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
+        this.searchStringMapper.setSerializationInclusion(JsonInclude.Include.NON_DEFAULT);
+    }
 
 
+    protected long DEFECT_DOJO_OBJET_LIMIT = 100L;
 
-  protected long DEFECT_DOJO_OBJET_LIMIT = 100L;
+    /**
+     * @return The DefectDojo Authentication Header
+     */
+    private HttpHeaders getDefectDojoAuthorizationHeaders() {
+        HttpHeaders headers = new HttpHeaders();
+        headers.set("Authorization", "Token " + defectDojoApiKey);
+        return headers;
+    }
 
-  /**
-   * @return The DefectDojo Authentication Header
-   */
-  private HttpHeaders getDefectDojoAuthorizationHeaders() {
-    HttpHeaders headers = new HttpHeaders();
-    headers.set("Authorization", "Token " + defectDojoApiKey);
-    return headers;
-  }
+    protected abstract String getUrlPath();
 
-  protected abstract String getUrlPath();
+    protected abstract Class<T> getModelClass();
 
-  protected abstract Class<T> getModelClass();
+    protected abstract DefectDojoResponse<T> deserializeList(String response) throws JsonProcessingException;
 
-  protected abstract DefectDojoResponse<T> deserializeList(String response) throws JsonProcessingException;
+    public T get(long id) {
+        RestTemplate restTemplate = new RestTemplate();
+        HttpEntity<String> payload = new HttpEntity<>(getDefectDojoAuthorizationHeaders());
 
-  public T get(long id) {
-    RestTemplate restTemplate = new RestTemplate();
-    HttpEntity<String> payload = new HttpEntity<>(getDefectDojoAuthorizationHeaders());
+        ResponseEntity<T> response = restTemplate.exchange(
+                defectDojoUrl + "/api/v2/" + this.getUrlPath() + "/" + id,
+                HttpMethod.GET,
+                payload,
+                getModelClass()
+        );
 
-    ResponseEntity<T> response = restTemplate.exchange(
-      defectDojoUrl + "/api/v2/" + this.getUrlPath() + "/" + id,
-      HttpMethod.GET,
-      payload,
-      getModelClass()
-    );
+        return response.getBody();
+    }
 
-    return response.getBody();
-  }
+    protected DefectDojoResponse<T> internalSearch(Map<String, Object> queryParams, long limit, long offset) throws JsonProcessingException, URISyntaxException {
+        RestTemplate restTemplate = new RestTemplate();
+        HttpEntity<String> payload = new HttpEntity<>(getDefectDojoAuthorizationHeaders());
 
-  protected DefectDojoResponse<T> internalSearch(Map<String, Object> queryParams, long limit, long offset) throws JsonProcessingException, URISyntaxException {
-    RestTemplate restTemplate = new RestTemplate();
-    HttpEntity<String> payload = new HttpEntity<>(getDefectDojoAuthorizationHeaders());
+        var mutableQueryParams = new HashMap<String, Object>(queryParams);
 
-    var mutableQueryParams = new HashMap<String, Object>(queryParams);
+        mutableQueryParams.put("limit", String.valueOf(limit));
+        mutableQueryParams.put("offset", String.valueOf(offset));
 
-    mutableQueryParams.put("limit", String.valueOf(limit));
-    mutableQueryParams.put("offset", String.valueOf(offset));
+        var multiValueMap = new LinkedMultiValueMap<String, String>();
+        for (var entry : mutableQueryParams.entrySet()) {
+            multiValueMap.set(entry.getKey(), String.valueOf(entry.getValue()));
+        }
 
-    var multiValueMap = new LinkedMultiValueMap<String, String>();
-    for (var entry : mutableQueryParams.entrySet()) {
-      multiValueMap.set(entry.getKey(), String.valueOf(entry.getValue()));
-    }
+        var url = new URI(defectDojoUrl + "/api/v2/" + this.getUrlPath() + "/");
+        var uriBuilder = UriComponentsBuilder.fromUri(url).queryParams(multiValueMap);
 
-    var url = new URI(defectDojoUrl + "/api/v2/" + this.getUrlPath() + "/");
-    var uriBuilder = UriComponentsBuilder.fromUri(url).queryParams(multiValueMap);
+        ResponseEntity<String> responseString = restTemplate.exchange(
+                uriBuilder.build(mutableQueryParams),
+                HttpMethod.GET,
+                payload,
+                String.class
+        );
 
-    ResponseEntity<String> responseString = restTemplate.exchange(
-      uriBuilder.build(mutableQueryParams),
-      HttpMethod.GET,
-      payload,
-      String.class
-    );
-
-    return deserializeList(responseString.getBody());
-  }
+        return deserializeList(responseString.getBody());
+    }
 
-  public List<T> search(Map<String, Object> queryParams) throws URISyntaxException, JsonProcessingException {
-    List<T> objects = new LinkedList<>();
+    public List<T> search(Map<String, Object> queryParams) throws URISyntaxException, JsonProcessingException {
+        List<T> objects = new LinkedList<>();
 
-    boolean hasNext = false;
-    long page = 0;
-    do {
-      var response = internalSearch(queryParams, DEFECT_DOJO_OBJET_LIMIT, DEFECT_DOJO_OBJET_LIMIT * page++);
-      objects.addAll(response.getResults());
+        boolean hasNext = false;
+        long page = 0;
+        do {
+            var response = internalSearch(queryParams, DEFECT_DOJO_OBJET_LIMIT, DEFECT_DOJO_OBJET_LIMIT * page++);
+            objects.addAll(response.getResults());
 
-      hasNext = response.getNext() != null;
-      if (page > 100) {
-        throw new DefectDojoLoopException("Found too many response object. Quitting after " + page + " paginated API pages of " + DEFECT_DOJO_OBJET_LIMIT + " each.");
-      }
-    } while (hasNext);
+            hasNext = response.getNext() != null;
+            if (page > 100) {
+                throw new DefectDojoLoopException("Found too many response object. Quitting after " + page + " paginated API pages of " + DEFECT_DOJO_OBJET_LIMIT + " each.");
+            }
+        } while (hasNext);
 
-    return objects;
-  }
+        return objects;
+    }
 
-  public List<T> search() throws URISyntaxException, JsonProcessingException {
-    return search(new LinkedHashMap<>());
-  }
+    public List<T> search() throws URISyntaxException, JsonProcessingException {
+        return search(new LinkedHashMap<>());
+    }
 
-  @SuppressWarnings("unchecked")
-  public Optional<T> searchUnique(T searchObject) throws URISyntaxException, JsonProcessingException {
-    Map<String, Object> queryParams = searchStringMapper.convertValue(searchObject, Map.class);
+    @SuppressWarnings("unchecked")
+    public Optional<T> searchUnique(T searchObject) throws URISyntaxException, JsonProcessingException {
+        Map<String, Object> queryParams = searchStringMapper.convertValue(searchObject, Map.class);
 
-    var objects = search(queryParams);
+        var objects = search(queryParams);
 
-    return objects.stream()
-      .filter((object) -> object != null && object.equalsQueryString(queryParams))
-      .findFirst();
-  }
+        return objects.stream()
+                .filter((object) -> object != null && object.equalsQueryString(queryParams))
+                .findFirst();
+    }
 
-  public Optional<T> searchUnique(Map<String, Object> queryParams) throws URISyntaxException, JsonProcessingException {
-    var objects = search(queryParams);
+    public Optional<T> searchUnique(Map<String, Object> queryParams) throws URISyntaxException, JsonProcessingException {
+        var objects = search(queryParams);
 
-    return objects.stream()
-      .filter((object) -> object.equalsQueryString(queryParams))
-      .findFirst();
-  }
+        return objects.stream()
+                .filter((object) -> object.equalsQueryString(queryParams))
+                .findFirst();
+    }
 
-  public T create(T object) {
-    RestTemplate restTemplate = new RestTemplate();
-    HttpEntity<T> payload = new HttpEntity<T>(object, getDefectDojoAuthorizationHeaders());
+    public T create(T object) {
+        RestTemplate restTemplate = new RestTemplate();
+        HttpEntity<T> payload = new HttpEntity<T>(object, getDefectDojoAuthorizationHeaders());
 
-    ResponseEntity<T> response = restTemplate.exchange(defectDojoUrl + "/api/v2/" + getUrlPath() + "/", HttpMethod.POST, payload, getModelClass());
-    return response.getBody();
-  }
+        ResponseEntity<T> response = restTemplate.exchange(defectDojoUrl + "/api/v2/" + getUrlPath() + "/", HttpMethod.POST, payload, getModelClass());
+        return response.getBody();
+    }
 
-  public void delete(long id) {
-    RestTemplate restTemplate = new RestTemplate();
-    HttpEntity<String> payload = new HttpEntity<>(getDefectDojoAuthorizationHeaders());
+    public void delete(long id) {
+        RestTemplate restTemplate = new RestTemplate();
+        HttpEntity<String> payload = new HttpEntity<>(getDefectDojoAuthorizationHeaders());
 
-    restTemplate.exchange(defectDojoUrl + "/api/v2/" + getUrlPath() + "/" + id + "/", HttpMethod.DELETE, payload, String.class);
-  }
+        restTemplate.exchange(defectDojoUrl + "/api/v2/" + getUrlPath() + "/" + id + "/", HttpMethod.DELETE, payload, String.class);
+    }
 
-  public T update(T object, long objectId) {
-    RestTemplate restTemplate = new RestTemplate();
-    HttpEntity<T> payload = new HttpEntity<T>(object, getDefectDojoAuthorizationHeaders());
+    public T update(T object, long objectId) {
+        RestTemplate restTemplate = new RestTemplate();
+        HttpEntity<T> payload = new HttpEntity<T>(object, getDefectDojoAuthorizationHeaders());
 
-    ResponseEntity<T> response = restTemplate.exchange(defectDojoUrl + "/api/v2/" + getUrlPath() + "/" + objectId + "/", HttpMethod.PUT, payload, getModelClass());
-    return response.getBody();
-  }
+        ResponseEntity<T> response = restTemplate.exchange(defectDojoUrl + "/api/v2/" + getUrlPath() + "/" + objectId + "/", HttpMethod.PUT, payload, getModelClass());
+        return response.getBody();
+    }
 }