Add config option for max number of pages fetched

Signed-off-by: Jannik Hollenbach <jannik.hollenbach@iteratec.com>

Author: J12934

src/main/java/io/securecodebox/persistence/defectdojo/config/DefectDojoConfig.java

@@ -31,10 +31,21 @@ public class DefectDojoConfig {
     @Getter
     private final String username;
 
+    /**
+     * Determines how many apiPages of Objects are fetched before giving up and failing to avoid outOfMemory scenarios.
+     */
+    @Getter
+    private final int maxPageCountForGets;
+
     public static DefectDojoConfig fromEnv(){
         String url = System.getenv("DEFECTDOJO_URL");
         String username = System.getenv("DEFECTDOJO_USERNAME");
         String apiKey = System.getenv("DEFECTDOJO_APIKEY");
-        return new DefectDojoConfig(url, apiKey, username);
+
+        int maxPageCountForGets = 100;
+        if (System.getenv("DEFECTDOJO_MAX_PAGE_COUNT_FOR_GETS") != null) {
+            maxPageCountForGets = Integer.parseInt(System.getenv("DEFECTDOJO_MAX_PAGE_COUNT_FOR_GETS"));
+        }
+        return new DefectDojoConfig(url, apiKey, username, maxPageCountForGets);
     }
 }

src/main/java/io/securecodebox/persistence/defectdojo/service/GenericDefectDojoService.java

@@ -38,15 +38,13 @@
 import java.util.*;
 
 abstract public class GenericDefectDojoService<T extends DefectDojoModel> {
-    protected String defectDojoUrl;
-    protected String defectDojoApiKey;
+    protected DefectDojoConfig defectDojoConfig;
 
     protected ObjectMapper objectMapper;
     protected ObjectMapper searchStringMapper;
 
     public GenericDefectDojoService(DefectDojoConfig config) {
-        this.defectDojoUrl = config.getUrl();
-        this.defectDojoApiKey = config.getApiKey();
+        this.defectDojoConfig = config;
 
         this.objectMapper = new ObjectMapper();
         this.objectMapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
@@ -65,7 +63,7 @@ public GenericDefectDojoService(DefectDojoConfig config) {
      */
     private HttpHeaders getDefectDojoAuthorizationHeaders() {
         HttpHeaders headers = new HttpHeaders();
-        headers.set("Authorization", "Token " + defectDojoApiKey);
+        headers.set("Authorization", "Token " + this.defectDojoConfig.getApiKey());
         return headers;
     }
 
@@ -80,7 +78,7 @@ public T get(long id) {
         HttpEntity<String> payload = new HttpEntity<>(getDefectDojoAuthorizationHeaders());
 
         ResponseEntity<T> response = restTemplate.exchange(
-                defectDojoUrl + "/api/v2/" + this.getUrlPath() + "/" + id,
+                this.defectDojoConfig.getUrl() + "/api/v2/" + this.getUrlPath() + "/" + id,
                 HttpMethod.GET,
                 payload,
                 getModelClass()
@@ -103,7 +101,7 @@ protected DefectDojoResponse<T> internalSearch(Map<String, Object> queryParams,
             multiValueMap.set(entry.getKey(), String.valueOf(entry.getValue()));
         }
 
-        var url = new URI(defectDojoUrl + "/api/v2/" + this.getUrlPath() + "/");
+        var url = new URI(this.defectDojoConfig.getUrl() + "/api/v2/" + this.getUrlPath() + "/");
         var uriBuilder = UriComponentsBuilder.fromUri(url).queryParams(multiValueMap);
 
         ResponseEntity<String> responseString = restTemplate.exchange(
@@ -126,8 +124,8 @@ public List<T> search(Map<String, Object> queryParams) throws URISyntaxException
             objects.addAll(response.getResults());
 
             hasNext = response.getNext() != null;
-            if (page > 100) {
-                throw new DefectDojoLoopException("Found too many response object. Quitting after " + page + " paginated API pages of " + DEFECT_DOJO_OBJET_LIMIT + " each.");
+            if (page > this.defectDojoConfig.getMaxPageCountForGets()) {
+                throw new DefectDojoLoopException("Found too many response object. Quitting after " + (page - 1)  + " paginated API pages of " + DEFECT_DOJO_OBJET_LIMIT + " each.");
             }
         } while (hasNext);
 
@@ -161,22 +159,22 @@ public T create(T object) {
         RestTemplate restTemplate = new RestTemplate();
         HttpEntity<T> payload = new HttpEntity<T>(object, getDefectDojoAuthorizationHeaders());
 
-        ResponseEntity<T> response = restTemplate.exchange(defectDojoUrl + "/api/v2/" + getUrlPath() + "/", HttpMethod.POST, payload, getModelClass());
+        ResponseEntity<T> response = restTemplate.exchange(this.defectDojoConfig.getUrl() + "/api/v2/" + getUrlPath() + "/", HttpMethod.POST, payload, getModelClass());
         return response.getBody();
     }
 
     public void delete(long id) {
         RestTemplate restTemplate = new RestTemplate();
         HttpEntity<String> payload = new HttpEntity<>(getDefectDojoAuthorizationHeaders());
 
-        restTemplate.exchange(defectDojoUrl + "/api/v2/" + getUrlPath() + "/" + id + "/", HttpMethod.DELETE, payload, String.class);
+        restTemplate.exchange(this.defectDojoConfig.getUrl() + "/api/v2/" + getUrlPath() + "/" + id + "/", HttpMethod.DELETE, payload, String.class);
     }
 
     public T update(T object, long objectId) {
         RestTemplate restTemplate = new RestTemplate();
         HttpEntity<T> payload = new HttpEntity<T>(object, getDefectDojoAuthorizationHeaders());
 
-        ResponseEntity<T> response = restTemplate.exchange(defectDojoUrl + "/api/v2/" + getUrlPath() + "/" + objectId + "/", HttpMethod.PUT, payload, getModelClass());
+        ResponseEntity<T> response = restTemplate.exchange(this.defectDojoConfig.getUrl() + "/api/v2/" + getUrlPath() + "/" + objectId + "/", HttpMethod.PUT, payload, getModelClass());
         return response.getBody();
     }
 }