|
7 | 7 |
|
8 | 8 | import lombok.AllArgsConstructor; |
9 | 9 | import lombok.Getter; |
| 10 | +import lombok.NonNull; |
10 | 11 | import lombok.ToString; |
11 | 12 |
|
12 | 13 | import java.util.Optional; |
13 | 14 |
|
| 15 | +/** |
| 16 | + * Configures the DefectDojo client |
| 17 | + */ |
14 | 18 | @Getter |
15 | 19 | @ToString |
16 | 20 | @AllArgsConstructor |
17 | | -public class Config { |
| 21 | +public final class Config { |
| 22 | + /** |
| 23 | + * Default for {@link #maxPageCountForGets} |
| 24 | + */ |
| 25 | + private static final int DEFAULT_MAX_PAGE_COUNT_FOR_GETS = 100; |
| 26 | + /** |
| 27 | + * URL of the host which serves the DefectDojo API. |
| 28 | + * <p> |
| 29 | + * It is only allowed to configure the base URL (e.g. {@literal "https://defectdojo.securecodebox.io/"} without |
| 30 | + * any path. The path to the concrete API endpoints are maintained by this client library itself. |
| 31 | + * </p> |
| 32 | + */ |
18 | 33 | private final String url; |
19 | | - |
| 34 | + /** |
| 35 | + * API key to authorize against the DefectDojo API. |
| 36 | + */ |
20 | 37 | private final String apiKey; |
21 | | - |
| 38 | + /** |
| 39 | + * This name is used to set the creator of entities created in DefectDojo (findings etc.). |
| 40 | + * <p> |
| 41 | + * Since DefectDojo requires the id of the user this client lib must do a lookup to determine the according id. |
| 42 | + * This does not work, if the user does nit have appropriate privileges. In this case you can set the {@link #userId} |
| 43 | + * directly with the appropriate id of the user you want as creator. |
| 44 | + * </p> |
| 45 | + * |
| 46 | + * @deprecated Must not be used anymore because we determine the userid via user_profile API endpoint. |
| 47 | + */ |
| 48 | + @Deprecated |
22 | 49 | private final String username; |
23 | 50 |
|
24 | 51 | /** |
25 | | - * Determines how many apiPages of Objects are fetched before giving up and failing to avoid outOfMemory scenarios. |
| 52 | + * How many pages of objects are fetched from the DefectDojo API |
| 53 | + * <p> |
| 54 | + * This setting is to avoid out of memory scenarios. |
| 55 | + * </p> |
| 56 | + * <p> |
| 57 | + * Defaults to {@link #DEFAULT_MAX_PAGE_COUNT_FOR_GETS}. |
| 58 | + * </p> |
26 | 59 | */ |
27 | 60 | private final int maxPageCountForGets; |
28 | 61 |
|
29 | 62 | /** |
30 | | - * If not null, the id should be used instead of the username. |
| 63 | + * Overwrite the creator by userid |
| 64 | + * <p> |
| 65 | + * <strong>IMPORTANT</strong>: If this is set (not {@code null}) the {@link #username} is ignored! |
| 66 | + * </p> |
| 67 | + * <p> |
| 68 | + * This option is necessary, if the user belonging to the {@link #apiKey} has no privilege to determine it's userid. |
| 69 | + * </p> |
| 70 | + * |
| 71 | + * @deprecated Must not be used anymore because we determine the userid via user_profile API endpoint. |
31 | 72 | */ |
| 73 | + @Deprecated |
32 | 74 | private final Long userId; |
33 | 75 |
|
34 | | - public Config(String url, String apiKey, String username, int maxPageCountForGets) { |
| 76 | + /** |
| 77 | + * Default constructor which sets {@link #userId} to {@code null} |
| 78 | + * |
| 79 | + * @param url not {@code null} |
| 80 | + * @param apiKey not {@code null} |
| 81 | + * @param username not {@code null} |
| 82 | + * @param maxPageCountForGets not less than 1 |
| 83 | + */ |
| 84 | + public Config(final @NonNull String url, final @NonNull String apiKey, final @NonNull String username, final int maxPageCountForGets) { |
| 85 | + // FIXME: Implement check that maxPageCountForGets is not less than 1 |
35 | 86 | this(url, apiKey, username, maxPageCountForGets, null); |
36 | 87 | } |
37 | 88 |
|
| 89 | + /** |
| 90 | + * Creates config from environment variables |
| 91 | + * |
| 92 | + * @return never {@code null} |
| 93 | + */ |
38 | 94 | public static Config fromEnv() { |
39 | | - String url = System.getenv("DEFECTDOJO_URL"); |
40 | | - String username = System.getenv("DEFECTDOJO_USERNAME"); |
41 | | - String apiKey = System.getenv("DEFECTDOJO_APIKEY"); |
42 | | - Long userId = Optional.ofNullable(System.getenv("DEFECTDOJO_USER_ID")).map(Long::parseLong).orElse(null); |
| 95 | + final var url = System.getenv("DEFECTDOJO_URL"); |
| 96 | + final var username = System.getenv("DEFECTDOJO_USERNAME"); |
| 97 | + final var apiKey = System.getenv("DEFECTDOJO_APIKEY"); |
| 98 | + final var userId = Optional.ofNullable(System.getenv("DEFECTDOJO_USER_ID")).map(Long::parseLong).orElse(null); |
| 99 | + |
| 100 | + int maxPageCountForGets = DEFAULT_MAX_PAGE_COUNT_FOR_GETS; |
43 | 101 |
|
44 | | - int maxPageCountForGets = 100; |
45 | 102 | if (System.getenv("DEFECTDOJO_MAX_PAGE_COUNT_FOR_GETS") != null) { |
46 | 103 | maxPageCountForGets = Integer.parseInt(System.getenv("DEFECTDOJO_MAX_PAGE_COUNT_FOR_GETS")); |
47 | 104 | } |
| 105 | + |
48 | 106 | return new Config(url, apiKey, username, maxPageCountForGets, userId); |
49 | 107 | } |
50 | 108 | } |
0 commit comments