secureCodeBox · Weltraumschaf · Jan 26, 2024 · Jan 19, 2024 · Jan 19, 2024 · Jan 19, 2024
diff --git a/src/main/java/io/securecodebox/persistence/defectdojo/config/Config.java b/src/main/java/io/securecodebox/persistence/defectdojo/config/Config.java
@@ -7,8 +7,6 @@
 import io.securecodebox.persistence.defectdojo.exception.ConfigException;
 import lombok.*;
 
-import java.util.Optional;
-
 /**
  * Configures the DefectDojo client
  */

diff --git a/src/main/java/io/securecodebox/persistence/defectdojo/http/Foo.java b/src/main/java/io/securecodebox/persistence/defectdojo/http/Foo.java
@@ -12,7 +12,6 @@
 import org.apache.http.auth.UsernamePasswordCredentials;
 import org.apache.http.client.CredentialsProvider;
 import org.apache.http.impl.client.BasicCredentialsProvider;
-import org.apache.http.impl.client.CloseableHttpClient;
 import org.apache.http.impl.client.HttpClientBuilder;
 import org.apache.http.impl.client.ProxyAuthenticationStrategy;
 import org.springframework.http.HttpHeaders;

diff --git a/src/main/java/io/securecodebox/persistence/defectdojo/model/BaseModel.java b/src/main/java/io/securecodebox/persistence/defectdojo/model/BaseModel.java
@@ -4,11 +4,9 @@
 
 package io.securecodebox.persistence.defectdojo.model;
 
-import java.util.Map;
 import lombok.EqualsAndHashCode;
 
 @EqualsAndHashCode // FIXME: Implement hashCode/equals in inheritance is problematic https://www.artima.com/articles/how-to-write-an-equality-method-in-java (see https://github.com/secureCodeBox/defectdojo-client-java/issues/23)
-// FIXME: Class should be package private because implementation detail
-abstract public class BaseModel {
-  public abstract boolean equalsQueryString(Map<String, Object> queryParams);
+abstract class BaseModel implements Model {
+  // Class can be removed we remove @EqualsAndHashCode.
 }
diff --git a/src/main/java/io/securecodebox/persistence/defectdojo/model/Endpoint.java b/src/main/java/io/securecodebox/persistence/defectdojo/model/Endpoint.java
@@ -49,9 +49,6 @@ public class Endpoint extends BaseModel {
 
   @Override
   public boolean equalsQueryString(Map<String, Object> queryParams) {
-    if (queryParams.containsKey("id") && queryParams.get("id").equals(this.id)) {
-      return true;
-    }
-    return false;
+      return queryParams.containsKey("id") && queryParams.get("id").equals(this.id);
   }
 }
diff --git a/src/main/java/io/securecodebox/persistence/defectdojo/model/Finding.java b/src/main/java/io/securecodebox/persistence/defectdojo/model/Finding.java
@@ -111,15 +111,15 @@ public class Finding extends BaseModel {
     @JsonProperty("numerical_severity")
     public String getNumericalSeverity() {
         switch (this.severity) {
-            case Critical:
+            case CRITICAL:
                 return "S0";
-            case High:
+            case HIGH:
                 return "S1";
-            case Medium:
+            case MEDIUM:
                 return "S2";
-            case Low:
+            case LOW:
                 return "S3";
-            case Informational:
+            case INFORMATIONAL:
                 return "S4";
             default:
                 throw new PersistenceException("Unknown severity: '" + this.severity + "'");
@@ -133,21 +133,20 @@ public boolean equalsQueryString(Map<String, Object> queryParams) {
 
     public enum Severity {
         @JsonProperty("Critical")
-        Critical(5),
+        CRITICAL(5),
         @JsonProperty("High")
-        High(4),
+        HIGH(4),
         @JsonProperty("Medium")
-        Medium(3),
+        MEDIUM(3),
         @JsonProperty("Low")
-        Low(2),
+        LOW(2),
         // Depending on the Scanner DefectDojo uses either Info or Informational
         // E.g. Nmap uses Info, Zap uses Informational
         @JsonProperty("Info")
         @JsonAlias("Informational")
-        Informational(1),
-        ;
+        INFORMATIONAL(1);
 
-        long severity;
+        final long severity;
 
         Severity(long severity) {
             this.severity = severity;

diff --git a/src/main/java/io/securecodebox/persistence/defectdojo/model/Model.java b/src/main/java/io/securecodebox/persistence/defectdojo/model/Model.java
@@ -0,0 +1,10 @@
+package io.securecodebox.persistence.defectdojo.model;
+
+import java.util.Map;
+
+/**
+ * Interface for all models
+ */
+public interface Model {
+  boolean equalsQueryString(Map<String, Object> queryParams);
+}
diff --git a/src/main/java/io/securecodebox/persistence/defectdojo/model/RiskAcceptance.java b/src/main/java/io/securecodebox/persistence/defectdojo/model/RiskAcceptance.java
@@ -58,9 +58,6 @@ public class RiskAcceptance extends BaseModel {
 
   @Override
   public boolean equalsQueryString(Map<String, Object> queryParams) {
-    if (queryParams.containsKey("id") && queryParams.get("id").equals(this.id)) {
-      return true;
-    }
-    return false;
+      return queryParams.containsKey("id") && queryParams.get("id").equals(this.id);
   }
 }
diff --git a/src/main/java/io/securecodebox/persistence/defectdojo/service/FindingService.java b/src/main/java/io/securecodebox/persistence/defectdojo/service/FindingService.java
@@ -13,7 +13,6 @@
 import java.net.URISyntaxException;
 import java.util.List;
 import java.util.Map;
-import java.util.stream.Collectors;
 
 public class FindingService extends GenericDefectDojoService<Finding> {
   public FindingService(Config config) {
@@ -37,14 +36,24 @@ protected Response<Finding> deserializeList(String response) throws JsonProcessi
   }
 
   public List<Finding> getUnhandledFindingsForProduct(long productId, Finding.Severity minimumSeverity) throws URISyntaxException, JsonProcessingException {
-    return this.search(Map.of("test__engagement__product", Long.toString(productId), "active", Boolean.toString(true))).stream().filter((finding -> {
-      return finding.getSeverity().getNumericRepresentation() >= minimumSeverity.getNumericRepresentation();
-    })).collect(Collectors.toList());
+    final Map<String, Object> queryParams = Map.of(
+      "test__engagement__product", Long.toString(productId),
+      "active", Boolean.toString(true));
+
+    return this.search(queryParams)
+      .stream()
+      .filter((finding -> finding.getSeverity().getNumericRepresentation() >= minimumSeverity.getNumericRepresentation()))
+      .toList();
   }
 
   public List<Finding> getUnhandledFindingsForEngagement(long engagementId, Finding.Severity minimumSeverity) throws URISyntaxException, JsonProcessingException {
-    return this.search(Map.of("test__engagement", Long.toString(engagementId), "active", Boolean.toString(true))).stream().filter((finding -> {
-      return finding.getSeverity().getNumericRepresentation() >= minimumSeverity.getNumericRepresentation();
-    })).collect(Collectors.toList());
+    final Map<String, Object> queryParams = Map.of(
+      "test__engagement", Long.toString(engagementId),
+      "active", Boolean.toString(true));
+
+    return this.search(queryParams)
+      .stream()
+      .filter((finding -> finding.getSeverity().getNumericRepresentation() >= minimumSeverity.getNumericRepresentation()))
+      .toList();
   }
 }