@cap-js/ord 1.5.0 → 1.7.0

package/lib/ord.js

@@ -1,218 +1,22 @@
+const _ = require("lodash");
+const cds = require("@sap/cds");
+
+const Logger = require("./logger");
+const defaults = require("./defaults");
+const { createAuthConfig } = require("./auth/authentication");
+const Configuration = require("./configuration");
+const { getIntegrationDependencies } = require("./integration-dependency");
 const {
-    BLOCKED_SERVICE_NAME,
-    CDS_ELEMENT_KIND,
-    CONTENT_MERGE_KEY,
-    ENTITY_RELATIONSHIP_ANNOTATION,
-    ORD_ODM_ENTITY_NAME_ANNOTATION,
-} = require("./constants");
+    getCustomORDContent,
+    compareAndHandleCustomORDContentWithExistingContent,
+} = require("./extend-ord-with-custom");
 const {
     createAPIResourceTemplate,
     createEntityTypeTemplate,
-    createEntityTypeMappingsItemTemplate,
     createEventResourceTemplate,
     createGroupsTemplateForService,
     _propagateORDVisibility,
 } = require("./templates");
-const { getIntegrationDependencies } = require("./integrationDependency");
-const { extendCustomORDContentIfExists } = require("./extendOrdWithCustom");
-const { getRFC3339Date } = require("./date");
-const { createAuthConfig } = require("./auth/authentication");
-
-const Logger = require("./logger");
-const _ = require("lodash");
-const cds = require("@sap/cds");
-const defaults = require("./defaults");
-const path = require("path");
-
-const initializeAppConfig = (csn) => {
-    const packageJson = _loadPackageJson();
-    const packageName = packageJson.name;
-    const appName = _formatAppName(packageName);
-    const lastUpdate = getRFC3339Date();
-
-    const ordNamespace = _getORDNamespace(packageName);
-    const eventApplicationNamespace = cds.env?.export?.asyncapi?.applicationNamespace;
-
-    _validateNamespaces(ordNamespace, eventApplicationNamespace);
-
-    const { serviceNames, apiResourceNames, apiEndpoints, eventServiceNames, entityTypeTargets } =
-        _triageCsnDefinitions(csn);
-
-    return {
-        env: cds.env["ord"],
-        lastUpdate,
-        appName,
-        apiEndpoints: Array.from(apiEndpoints),
-        eventServiceNames,
-        serviceNames,
-        apiResourceNames,
-        entityTypeTargets: _.uniqBy(entityTypeTargets, CONTENT_MERGE_KEY),
-        ordNamespace,
-        eventApplicationNamespace,
-        packageName,
-    };
-};
-
-function _loadPackageJson() {
-    const packageJsonPath = path.join(cds.root, "package.json");
-    if (!cds.utils.exists(packageJsonPath)) {
-        throw new Error(`package.json not found in the project root directory`);
-    }
-    return require(packageJsonPath);
-}
-
-function _formatAppName(packageName) {
-    return packageName.replace(/^[@]/, "").replace(/[@/]/g, "-");
-}
-
-function _getORDNamespace(packageName) {
-    const vendorNamespace = "customer";
-    return cds.env["ord"]?.namespace || `${vendorNamespace}.${packageName.replace(/[^a-zA-Z0-9]/g, "")}`;
-}
-
-function _validateNamespaces(ordNamespace, eventApplicationNamespace) {
-    if (eventApplicationNamespace && ordNamespace !== eventApplicationNamespace) {
-        Logger.warn("ORD and AsyncAPI namespaces should be the same.");
-    }
-}
-
-function _triageCsnDefinitions(csn) {
-    const pendingApiResourceNames = [];
-    const apiEndpoints = new Set();
-    const pendingEventServiceNames = new Set();
-    const entityTypeTargets = [];
-    const serviceNames = Object.keys(csn.definitions).filter((key) => _isValidService(key, csn.definitions[key]));
-
-    for (const definitionKey of Object.keys(csn.definitions)) {
-        const definitionObj = csn.definitions[definitionKey];
-        if (
-            definitionKey.includes(BLOCKED_SERVICE_NAME.MTXServices) ||
-            definitionKey.includes(BLOCKED_SERVICE_NAME.OpenResourceDiscoveryService)
-        ) {
-            Logger.warn("ORD service name", definitionKey, "is blocked.");
-            continue;
-        }
-        switch (definitionObj.kind) {
-            case CDS_ELEMENT_KIND.service: {
-                const apiResourceName = _handleApiResource(definitionKey, definitionObj);
-                if (apiResourceName) pendingApiResourceNames.push(apiResourceName);
-                break;
-            }
-            case CDS_ELEMENT_KIND.entity: {
-                const result = _handleEntity(definitionKey, definitionObj);
-                if (result) {
-                    if (result.apiEndpoint) apiEndpoints.add(result.apiEndpoint);
-                    if (result.entityTypeTarget) entityTypeTargets.push(...result.entityTypeTarget);
-                }
-                break;
-            }
-            case CDS_ELEMENT_KIND.event: {
-                const event = _handleEvent(serviceNames, definitionKey, definitionObj);
-                if (event) pendingEventServiceNames.add(event);
-                break;
-            }
-            case CDS_ELEMENT_KIND.action:
-            case CDS_ELEMENT_KIND.function: {
-                const apiEndpoint = _handleActionOrFunction(definitionKey, definitionObj);
-                if (apiEndpoint) apiEndpoints.add(apiEndpoint);
-                break;
-            }
-        }
-    }
-
-    return {
-        serviceNames,
-        apiResourceNames: pendingApiResourceNames,
-        apiEndpoints: Array.from(apiEndpoints),
-        eventServiceNames: [...pendingEventServiceNames],
-        entityTypeTargets,
-    };
-}
-
-function _handleApiResource(apiResourceName, serviceDefinition) {
-    if (
-        _shouldSkipIfServiceOnlyContainsEvents(serviceDefinition) ||
-        !_isValidService(apiResourceName, serviceDefinition)
-    ) {
-        return null;
-    }
-    return apiResourceName;
-}
-
-function _shouldSkipIfServiceOnlyContainsEvents(serviceDefinition) {
-    const isActionsNotContained = !serviceDefinition.actions || Object.keys(serviceDefinition.actions).length === 0;
-    const isFunctionsNotContained =
-        !serviceDefinition.functions || Object.keys(serviceDefinition.functions).length === 0;
-    const isEntitiesNotContained = !serviceDefinition.entities || Object.keys(serviceDefinition.entities).length === 0;
-    const isEventsContained = serviceDefinition.events && Object.keys(serviceDefinition.events).length > 0;
-    if (isActionsNotContained && isFunctionsNotContained && isEntitiesNotContained && isEventsContained) {
-        return true;
-    }
-    return false;
-}
-
-function _shouldNotSkipIfServiceProtocolIsNone(keyDefinition) {
-    if (keyDefinition["_service"] && keyDefinition["_service"]["@protocol"] === "none") {
-        return false;
-    }
-    return true;
-}
-
-function _isBlockedServiceName(key) {
-    const blockedServices = [BLOCKED_SERVICE_NAME.MTXServices, BLOCKED_SERVICE_NAME.OpenResourceDiscoveryService];
-    return blockedServices.some((blocked) => key.includes(blocked));
-}
-
-function _isValidService(key, definition) {
-    const isExternalService = Object.keys(cds).includes("requires") ? Object.keys(cds.requires).includes(key) : false;
-
-    return (
-        definition.kind === CDS_ELEMENT_KIND.service &&
-        !definition["@cds.external"] &&
-        definition["@protocol"] !== "none" &&
-        !isExternalService &&
-        !_isBlockedServiceName(key)
-    );
-}
-
-function _handleEntity(key, keyDefinition) {
-    if (!key.includes(".texts") && _shouldNotSkipIfServiceProtocolIsNone(keyDefinition)) {
-        const apiEndpoint = key;
-        let entityTypeTarget = null;
-        if (keyDefinition[ORD_ODM_ENTITY_NAME_ANNOTATION] || keyDefinition[ENTITY_RELATIONSHIP_ANNOTATION]) {
-            const mapping = createEntityTypeMappingsItemTemplate(keyDefinition);
-            if (Array.isArray(mapping)) entityTypeTarget = mapping;
-            else if (mapping) entityTypeTarget = [mapping];
-        }
-        return { apiEndpoint, entityTypeTarget };
-    }
-    return null;
-}
-
-function _handleEvent(serviceNames, key, keyDefinition) {
-    if (_shouldNotSkipIfServiceProtocolIsNone(keyDefinition)) {
-        for (const serviceName of serviceNames) {
-            if (key.startsWith(serviceName + ".")) {
-                return serviceName;
-            }
-        }
-    }
-    return null;
-}
-
-function _handleActionOrFunction(key, keyDefinition) {
-    if (_shouldNotSkipIfServiceProtocolIsNone(keyDefinition)) {
-        return key;
-    }
-    return null;
-}
-
-const _getPolicyLevels = (appConfig) =>
-    appConfig.env?.policyLevels ||
-    (appConfig.env?.policyLevel && [appConfig.env?.policyLevel]) ||
-    defaults.policyLevels;
-
-const _getDescription = (appConfig) => appConfig.env?.description || defaults.description;
 
 const _getGroups = (csn, appConfig) => {
     return appConfig.serviceNames
@@ -220,18 +24,8 @@ const _getGroups = (csn, appConfig) => {
         .filter((resource) => !!resource);
 };
 
-const _getPackages = (appConfig) => {
-    return defaults.packages(appConfig);
-};
-
-const _getEntityTypes = (appConfig, packageIds) => {
-    if (!appConfig.entityTypeTargets?.length) return [];
-
-    return appConfig.entityTypeTargets.flatMap((entity) => createEntityTypeTemplate(appConfig, packageIds, entity));
-};
-
 const _getAPIResources = (csn, appConfig, packageIds, accessStrategies) => {
-    const apiResources = appConfig.apiResourceNames.flatMap((apiResourceName) =>
+    return appConfig.apiResourceNames.flatMap((apiResourceName) =>
         createAPIResourceTemplate(
             apiResourceName,
             csn.definitions[apiResourceName],
@@ -240,8 +34,6 @@ const _getAPIResources = (csn, appConfig, packageIds, accessStrategies) => {
             accessStrategies,
         ),
     );
-
-    return apiResources;
 };
 
 const _getEventResources = (csn, appConfig, packageIds, accessStrategies) => {
@@ -250,16 +42,9 @@ const _getEventResources = (csn, appConfig, packageIds, accessStrategies) => {
     );
 };
 
-function _getOpenResourceDiscovery(appConfig) {
-    return appConfig.env?.openResourceDiscovery || defaults.openResourceDiscovery;
-}
-
-function _getConsumptionBundles(appConfig) {
-    return appConfig.env?.consumptionBundles || defaults.consumptionBundles(appConfig);
-}
-
 const _getProducts = (appConfig) => {
     const productsObj = defaults.products(appConfig.packageName);
+
     if (appConfig.env?.products) {
         const customProducts = appConfig.env.products[0];
         if (customProducts?.ordId?.toLowerCase().startsWith("sap")) {
@@ -270,40 +55,39 @@ const _getProducts = (appConfig) => {
             _.assign(productsObj[0], customProducts);
         }
     }
-    appConfig.products = productsObj;
+
     return productsObj;
 };
 
-function createDefaultORDDocument(linkedCsn, appConfig) {
-    appConfig.policyLevels = _getPolicyLevels(appConfig);
-    let ordDocument = {
+const _createDefaultORDDocument = (linkedCsn, appConfig, authConfig) => {
+    const products = _getProducts(appConfig);
+    const packages = defaults.packages(appConfig, products);
+    const packageIds = packages?.map((pkg) => pkg.ordId) || [];
+    const entityTypes = _getEntityTypes(appConfig, packageIds);
+    const integrationDependencies = getIntegrationDependencies(linkedCsn, appConfig, packageIds);
+    const apiResources = _getAPIResources(linkedCsn, appConfig, packageIds, authConfig.accessStrategies);
+    const eventResources = _getEventResources(linkedCsn, appConfig, packageIds, authConfig.accessStrategies);
+
+    return {
+        // Unconditionally added top-level properties
         $schema: "https://open-resource-discovery.github.io/specification/spec-v1/interfaces/Document.schema.json",
-        openResourceDiscovery: _getOpenResourceDiscovery(appConfig),
         policyLevels: appConfig.policyLevels,
-        description: _getDescription(appConfig),
-        consumptionBundles: _getConsumptionBundles(appConfig),
+        packages: packages,
+        description: appConfig.env?.description || defaults.description,
+        openResourceDiscovery: appConfig.env?.openResourceDiscovery || defaults.openResourceDiscovery,
+        consumptionBundles: appConfig.env?.consumptionBundles || defaults.consumptionBundles(appConfig),
+
+        // Conditionally added top-level properties
+        ...(!entityTypes.length ? {} : { entityTypes: entityTypes }),
+        ...(!apiResources.length ? {} : { apiResources: apiResources }),
+        ...(!eventResources.length ? {} : { eventResources: eventResources }),
+        ...(appConfig.existingProductORDId ? {} : { products: [products[0]] }),
+        ...(!appConfig.serviceNames.length ? {} : { groups: _getGroups(linkedCsn, appConfig) }),
+        ...(!integrationDependencies.length ? {} : { integrationDependencies: integrationDependencies }),
     };
+};
 
-    if (appConfig.serviceNames.length) {
-        ordDocument.groups = _getGroups(linkedCsn, appConfig);
-    }
-
-    if (appConfig.env?.existingProductORDId) {
-        appConfig.existingProductORDId = appConfig.env.existingProductORDId;
-    } else {
-        ordDocument.products = [_getProducts(appConfig)[0]];
-    }
-
-    ordDocument.packages = _getPackages(appConfig);
-
-    return ordDocument;
-}
-
-function extractPackageIds(ordDocument) {
-    return ordDocument.packages?.map((pkg) => pkg.ordId) || [];
-}
-
-function _filterUnusedPackages(ordDocument) {
+const _filterUnusedPackages = (ordDocument) => {
     if (!ordDocument.packages?.length) return [];
 
     const usedPackageIds = new Set();
@@ -319,47 +103,33 @@ function _filterUnusedPackages(ordDocument) {
     });
 
     return ordDocument.packages.filter((pkg) => usedPackageIds.has(pkg.ordId));
-}
+};
 
-module.exports = (csn) => {
-    const linkedCsn = _propagateORDVisibility(cds.linked(csn));
-    const appConfig = initializeAppConfig(linkedCsn);
+const _getEntityTypes = (appConfig, packageIds) => {
+    return appConfig.entityTypeTargets.flatMap((entity) => createEntityTypeTemplate(appConfig, packageIds, entity));
+};
 
-    // Create auth config and fail-closed on configuration errors
+const _createAuthConfig = () => {
     const authConfig = createAuthConfig();
+
+    // Create auth config and fail-closed on configuration errors
     if (authConfig.error) {
         throw new Error(`Authentication configuration error: ${authConfig.error}`);
     }
-    const accessStrategies = authConfig.accessStrategies;
-
-    let ordDocument = createDefaultORDDocument(linkedCsn, appConfig);
-    const packageIds = extractPackageIds(ordDocument);
-    const entityTypes = _getEntityTypes(appConfig, packageIds);
 
-    if (entityTypes.length) {
-        ordDocument.entityTypes = entityTypes;
-    }
-
-    if (appConfig.apiResourceNames.length) {
-        const apiResources = _getAPIResources(linkedCsn, appConfig, packageIds, accessStrategies);
-        if (apiResources.length) {
-            ordDocument.apiResources = apiResources;
-        }
-    }
-    if (appConfig.eventServiceNames.length) {
-        const eventResources = _getEventResources(linkedCsn, appConfig, packageIds, accessStrategies);
-        if (eventResources.length) {
-            ordDocument.eventResources = eventResources;
-        }
-    }
-
-    const integrationDependencies = getIntegrationDependencies(linkedCsn, appConfig, packageIds);
-    if (integrationDependencies.length) {
-        ordDocument.integrationDependencies = integrationDependencies;
-    }
-
-    ordDocument = extendCustomORDContentIfExists(appConfig, ordDocument);
-    ordDocument.packages = _filterUnusedPackages(ordDocument);
+    return authConfig;
+};
 
-    return ordDocument;
+module.exports = (csn, extensions = []) => {
+    const authConfig = _createAuthConfig();
+    const linkedCsn = _propagateORDVisibility(cds.linked(csn));
+    const appConfig = new Configuration(linkedCsn);
+    const ordDocument = [...(extensions || []), getCustomORDContent(appConfig)]
+        .filter((extension) => !!extension)
+        .reduce(
+            (document, extension) => compareAndHandleCustomORDContentWithExistingContent(document, extension),
+            _createDefaultORDDocument(linkedCsn, appConfig, authConfig),
+        );
+
+    return Object.assign(ordDocument, { packages: _filterUnusedPackages(ordDocument) });
 };

package/lib/services/mtx-ord-provider-service.cds

@@ -0,0 +1,21 @@
+@protocol: 'rest'
+@requires: [ 'internal-user' ]
+@path: '/-/cds/ord-provider-service'
+@impl:'@cap-js/ord/lib/services/mtx-ord-provider-service.js'
+service cds.xt.ord.MtxOrdProviderService {
+
+  action getOrdDocument(
+    tenant    : String,
+    @cds.validate: false
+    toggles   : array of String,
+    for       : String enum { nodejs; java; },
+  ) returns {};
+
+  action getOrdResourceDefinition(
+    tenant    : String,
+    @cds.validate: false
+    toggles   : array of String,
+    for       : String enum { nodejs; java; },
+    resource  : String,
+  ) returns LargeString;
+}

package/lib/services/mtx-ord-provider-service.js

@@ -0,0 +1,43 @@
+const cds = require("@sap/cds/lib");
+const { ord, getMetadata } = require("@cap-js/ord/lib");
+
+const defaults = require("../defaults");
+const { DOCUMENT_PERSPECTIVES } = require("../constants");
+
+module.exports = class MtxOrdProviderService extends cds.ApplicationService {
+    init() {
+        this.on("getOrdDocument", async (req) => {
+            req._?.res?.set("Content-Type", "application/json");
+
+            return defaults.adjustForPerspective(
+                ord(
+                    await (
+                        await cds.connect.to("cds.xt.ModelProviderService")
+                    ).getCsn({
+                        tenant: req.data.tenant,
+                        toggles: req.data.toggles,
+                    }),
+                ),
+                DOCUMENT_PERSPECTIVES.SystemInstance,
+            );
+        });
+
+        this.on("getOrdResourceDefinition", async (req) => {
+            const { response, contentType } = await getMetadata(
+                req.data.resource,
+                await (
+                    await cds.connect.to("cds.xt.ModelProviderService")
+                ).getCsn({
+                    tenant: req.data.tenant,
+                    toggles: req.data.toggles,
+                }),
+            );
+
+            req._?.res?.set("Content-Type", contentType);
+
+            return response;
+        });
+
+        return super.init();
+    }
+};

package/lib/services/ord-service.js

@@ -0,0 +1,115 @@
+const cds = require("@sap/cds");
+
+const ord = require("../ord.js");
+const Logger = require("../logger.js");
+const defaults = require("../defaults.js");
+const { LOCAL_TENANT_ID_HEADER_KEY, DOCUMENT_PERSPECTIVES } = require("../constants");
+const compileMetadata = require("../meta-data.js");
+const { createAuthConfig, createAuthMiddleware } = require("../auth/authentication.js");
+
+const validationMiddleware = (req, res, next) => {
+    const toggles = cds.env.requires.toggles;
+    const perspective = req.query.perspective;
+    const extensibility = cds.env.requires.extensibility;
+    const tenant = req.headers[LOCAL_TENANT_ID_HEADER_KEY];
+
+    if (perspective && ![DOCUMENT_PERSPECTIVES.SystemVersion, DOCUMENT_PERSPECTIVES.SystemInstance].includes(perspective)) {
+        return res.status(400).send(`Required query parameter 'perspective' is invalid`);
+    }
+
+    if (perspective === DOCUMENT_PERSPECTIVES.SystemInstance && !(toggles || extensibility)) {
+        return res.status(400).send(`Unsupported query parameter 'perspective=${perspective}'`);
+    }
+
+    if (!tenant && perspective === DOCUMENT_PERSPECTIVES.SystemInstance) {
+        return res.status(400).send(`Missing required tenant context`);
+    }
+
+    return next();
+};
+
+const metadataResponseHandler = async (req, res) => {
+    try {
+        const perspective = req.query.perspective;
+        const tenant = req.headers[LOCAL_TENANT_ID_HEADER_KEY];
+        const model = await resolveCdsModel(perspective, tenant);
+        const { contentType, response } = await compileMetadata(req.path, model);
+
+        return res.status(200).contentType(contentType).send(response);
+    } catch (error) {
+        Logger.error(error, "Error while processing the resource definition document");
+        return res.status(500).send(error.message);
+    }
+};
+
+const resolveCdsModel = async (perspective, tenant) => {
+    if (!tenant || perspective !== DOCUMENT_PERSPECTIVES.SystemInstance) {
+        Logger.info("Retrieving static CDS model...");
+        return cds.model;
+    }
+
+    Logger.info(`Retrieving dynamic CDS model for tenant ${tenant}...`);
+
+    return await (
+        await cds.connect.to("cds.xt.ModelProviderService")
+    ).getCsn({
+        tenant: tenant,
+        toggles: OpenResourceDiscoveryService.resolveFeatureToggles(tenant),
+    });
+};
+
+class OpenResourceDiscoveryService extends cds.ApplicationService {
+    async init() {
+        this.extensions = {};
+
+        cds.on("ord.extension.publish", ({ id, data }) => {
+            Logger.info(`Registering extension with id ${id}...`);
+
+            this.extensions[id] = data;
+        });
+
+        // Initialize authentication configuration from .cdsrc.json or environment variables
+        // CF mTLS validator is lazily initialized on first mTLS request
+        const authConfig = createAuthConfig();
+        if (authConfig.error) {
+            throw new Error(`Authentication initialization failed: ${authConfig.error}`);
+        }
+
+        // Create authentication middleware
+        const authMiddleware = createAuthMiddleware(authConfig);
+
+        // Default: /.well-known/open-resource-discovery
+        cds.app.get(`${this.path}`, (req, res) => {
+            const tenant = req.headers[LOCAL_TENANT_ID_HEADER_KEY];
+
+            return res.status(200).send(defaults.baseTemplate(authConfig, tenant));
+        });
+
+        cds.app.get(`/ord/v1/documents/ord-document`, [authMiddleware, validationMiddleware], async (req, res) => {
+            const perspective = req.query.perspective || DOCUMENT_PERSPECTIVES.SystemVersion;
+            const tenant = req.headers[LOCAL_TENANT_ID_HEADER_KEY];
+            const model = await resolveCdsModel(perspective, tenant);
+            const extensions = Array.from(Object.values(this.extensions));
+
+            return res.status(200).send(defaults.adjustForPerspective(ord(model, extensions), perspective));
+        });
+
+        cds.app.get(`/ord/v1/documents/:id`, [authMiddleware, validationMiddleware], async (_, res) => {
+            return res.status(404).send("404 Not Found");
+        });
+
+        // Use separate routes instead of optional parameters for path-to-regexp v8 compatibility
+        cds.app.get(`/ord/v1/:ordId/:service`, [authMiddleware, validationMiddleware], metadataResponseHandler);
+        cds.app.get(`/ord/v1/:ordId`, [authMiddleware, validationMiddleware], metadataResponseHandler);
+        cds.app.get(`/ord/v1`, [authMiddleware, validationMiddleware], metadataResponseHandler);
+
+        return super.init();
+    }
+
+    // eslint-disable-next-line no-unused-vars
+    static resolveFeatureToggles(tenant) {
+        return ["*"];
+    }
+}
+
+module.exports = { OpenResourceDiscoveryService };