@cap-js/ord 1.6.0 → 1.8.0

package/lib/ord.js

@@ -1,268 +1,45 @@
+const _ = require("lodash");
+const cds = require("@sap/cds");
+
+const Logger = require("./logger");
+const defaults = require("./defaults");
+const { createAuthConfig } = require("./auth/authentication");
+const Configuration = require("./configuration");
+const { getIntegrationDependencies } = require("./integration-dependency");
 const {
-    BLOCKED_SERVICE_NAME,
-    CDS_ELEMENT_KIND,
-    CONTENT_MERGE_KEY,
-    ENTITY_RELATIONSHIP_ANNOTATION,
-    ORD_ODM_ENTITY_NAME_ANNOTATION,
-} = require("./constants");
+    getCustomORDContent,
+    compareAndHandleCustomORDContentWithExistingContent,
+} = require("./extend-ord-with-custom");
 const {
     createAPIResourceTemplate,
     createEntityTypeTemplate,
-    createEntityTypeMappingsItemTemplate,
     createEventResourceTemplate,
     createGroupsTemplateForService,
     _propagateORDVisibility,
 } = require("./templates");
-const { getIntegrationDependencies } = require("./integration-dependency");
-const {
-    getCustomORDContent,
-    compareAndHandleCustomORDContentWithExistingContent,
-} = require("./extend-ord-with-custom");
-const { getRFC3339Date } = require("./date");
-const { createAuthConfig } = require("./auth/authentication");
-
-const Logger = require("./logger");
-const _ = require("lodash");
-const cds = require("@sap/cds");
-const defaults = require("./defaults");
-const path = require("path");
-
-const initializeAppConfig = (csn) => {
-    const packageJson = _loadPackageJson();
-    const packageName = packageJson.name;
-    const appName = _formatAppName(packageName);
-    const lastUpdate = getRFC3339Date();
-
-    const ordNamespace = _getORDNamespace(packageName);
-    const eventApplicationNamespace = cds.env?.export?.asyncapi?.applicationNamespace;
-
-    _validateNamespaces(ordNamespace, eventApplicationNamespace);
-
-    const { serviceNames, apiResourceNames, apiEndpoints, eventServiceNames, entityTypeTargets } =
-        _triageCsnDefinitions(csn);
-
-    return {
-        env: cds.env["ord"],
-        lastUpdate,
-        appName,
-        apiEndpoints: Array.from(apiEndpoints),
-        eventServiceNames,
-        serviceNames,
-        apiResourceNames,
-        entityTypeTargets: _.uniqBy(entityTypeTargets, CONTENT_MERGE_KEY),
-        ordNamespace,
-        eventApplicationNamespace,
-        packageName,
-    };
-};
-
-function _loadPackageJson() {
-    const packageJsonPath = path.join(cds.root, "package.json");
-    if (!cds.utils.exists(packageJsonPath)) {
-        throw new Error(`package.json not found in the project root directory`);
-    }
-    return require(packageJsonPath);
-}
-
-function _formatAppName(packageName) {
-    return packageName.replace(/^[@]/, "").replace(/[@/]/g, "-");
-}
-
-function _getORDNamespace(packageName) {
-    const vendorNamespace = "customer";
-    return cds.env["ord"]?.namespace || `${vendorNamespace}.${packageName.replace(/[^a-zA-Z0-9]/g, "")}`;
-}
-
-function _validateNamespaces(ordNamespace, eventApplicationNamespace) {
-    if (eventApplicationNamespace && ordNamespace !== eventApplicationNamespace) {
-        Logger.warn("ORD and AsyncAPI namespaces should be the same.");
-    }
-}
-
-function _triageCsnDefinitions(csn) {
-    const pendingApiResourceNames = [];
-    const apiEndpoints = new Set();
-    const pendingEventServiceNames = new Set();
-    const entityTypeTargets = [];
-    const serviceNames = Object.keys(csn.definitions).filter((key) => _isValidService(key, csn.definitions[key]));
-
-    for (const definitionKey of Object.keys(csn.definitions)) {
-        const definitionObj = csn.definitions[definitionKey];
-        if (
-            definitionKey.includes(BLOCKED_SERVICE_NAME.MTXServices) ||
-            definitionKey.includes(BLOCKED_SERVICE_NAME.OpenResourceDiscoveryService)
-        ) {
-            Logger.warn("ORD service name", definitionKey, "is blocked.");
-            continue;
-        }
-        switch (definitionObj.kind) {
-            case CDS_ELEMENT_KIND.service: {
-                const apiResourceName = _handleApiResource(definitionKey, definitionObj);
-                if (apiResourceName) pendingApiResourceNames.push(apiResourceName);
-                break;
-            }
-            case CDS_ELEMENT_KIND.entity: {
-                const result = _handleEntity(definitionKey, definitionObj);
-                if (result) {
-                    if (result.apiEndpoint) apiEndpoints.add(result.apiEndpoint);
-                    if (result.entityTypeTarget) entityTypeTargets.push(...result.entityTypeTarget);
-                }
-                break;
-            }
-            case CDS_ELEMENT_KIND.event: {
-                const event = _handleEvent(serviceNames, definitionKey, definitionObj);
-                if (event) pendingEventServiceNames.add(event);
-                break;
-            }
-            case CDS_ELEMENT_KIND.action:
-            case CDS_ELEMENT_KIND.function: {
-                const apiEndpoint = _handleActionOrFunction(definitionKey, definitionObj);
-                if (apiEndpoint) apiEndpoints.add(apiEndpoint);
-                break;
-            }
-        }
-    }
-
-    return {
-        serviceNames,
-        apiResourceNames: pendingApiResourceNames,
-        apiEndpoints: Array.from(apiEndpoints),
-        eventServiceNames: [...pendingEventServiceNames],
-        entityTypeTargets,
-    };
-}
-
-function _handleApiResource(apiResourceName, serviceDefinition) {
-    if (
-        _shouldSkipIfServiceOnlyContainsEvents(serviceDefinition) ||
-        !_isValidService(apiResourceName, serviceDefinition)
-    ) {
-        return null;
-    }
-    return apiResourceName;
-}
-
-function _shouldSkipIfServiceOnlyContainsEvents(serviceDefinition) {
-    const isActionsNotContained = !serviceDefinition.actions || Object.keys(serviceDefinition.actions).length === 0;
-    const isFunctionsNotContained =
-        !serviceDefinition.functions || Object.keys(serviceDefinition.functions).length === 0;
-    const isEntitiesNotContained = !serviceDefinition.entities || Object.keys(serviceDefinition.entities).length === 0;
-    const isEventsContained = serviceDefinition.events && Object.keys(serviceDefinition.events).length > 0;
-    if (isActionsNotContained && isFunctionsNotContained && isEntitiesNotContained && isEventsContained) {
-        return true;
-    }
-    return false;
-}
-
-function _shouldNotSkipIfServiceProtocolIsNone(keyDefinition) {
-    if (keyDefinition["_service"] && keyDefinition["_service"]["@protocol"] === "none") {
-        return false;
-    }
-    return true;
-}
-
-function _isBlockedServiceName(key) {
-    const blockedServices = [BLOCKED_SERVICE_NAME.MTXServices, BLOCKED_SERVICE_NAME.OpenResourceDiscoveryService];
-    return blockedServices.some((blocked) => key.includes(blocked));
-}
-
-function _isValidService(key, definition) {
-    const isExternalService = Object.keys(cds).includes("requires") ? Object.keys(cds.requires).includes(key) : false;
-
-    return (
-        definition.kind === CDS_ELEMENT_KIND.service &&
-        !definition["@cds.external"] &&
-        definition["@protocol"] !== "none" &&
-        !isExternalService &&
-        !_isBlockedServiceName(key)
-    );
-}
-
-function _handleEntity(key, keyDefinition) {
-    if (!key.includes(".texts") && _shouldNotSkipIfServiceProtocolIsNone(keyDefinition)) {
-        const apiEndpoint = key;
-        let entityTypeTarget = null;
-        if (keyDefinition[ORD_ODM_ENTITY_NAME_ANNOTATION] || keyDefinition[ENTITY_RELATIONSHIP_ANNOTATION]) {
-            const mapping = createEntityTypeMappingsItemTemplate(keyDefinition);
-            if (Array.isArray(mapping)) entityTypeTarget = mapping;
-            else if (mapping) entityTypeTarget = [mapping];
-        }
-        return { apiEndpoint, entityTypeTarget };
-    }
-    return null;
-}
-
-function _handleEvent(serviceNames, key, keyDefinition) {
-    if (_shouldNotSkipIfServiceProtocolIsNone(keyDefinition)) {
-        for (const serviceName of serviceNames) {
-            if (key.startsWith(serviceName + ".")) {
-                return serviceName;
-            }
-        }
-    }
-    return null;
-}
-
-function _handleActionOrFunction(key, keyDefinition) {
-    if (_shouldNotSkipIfServiceProtocolIsNone(keyDefinition)) {
-        return key;
-    }
-    return null;
-}
-
-const _getPolicyLevels = (appConfig) =>
-    appConfig.env?.policyLevels ||
-    (appConfig.env?.policyLevel && [appConfig.env?.policyLevel]) ||
-    defaults.policyLevels;
-
-const _getDescription = (appConfig) => appConfig.env?.description || defaults.description;
 
 const _getGroups = (csn, appConfig) => {
     return appConfig.serviceNames
-        .flatMap((serviceName) => createGroupsTemplateForService(serviceName, csn.definitions[serviceName], appConfig))
+        .map((name) => csn.definitions[name])
+        .flatMap((srvDefinition) => createGroupsTemplateForService(srvDefinition, appConfig))
         .filter((resource) => !!resource);
 };
 
-const _getPackages = (appConfig) => {
-    return defaults.packages(appConfig);
-};
-
-const _getEntityTypes = (appConfig, packageIds) => {
-    if (!appConfig.entityTypeTargets?.length) return [];
-
-    return appConfig.entityTypeTargets.flatMap((entity) => createEntityTypeTemplate(appConfig, packageIds, entity));
-};
-
 const _getAPIResources = (csn, appConfig, packageIds, accessStrategies) => {
-    const apiResources = appConfig.apiResourceNames.flatMap((apiResourceName) =>
-        createAPIResourceTemplate(
-            apiResourceName,
-            csn.definitions[apiResourceName],
-            appConfig,
-            packageIds,
-            accessStrategies,
-        ),
-    );
-
-    return apiResources;
+    return appConfig.apiResourceNames
+        .map((name) => csn.definitions[name])
+        .flatMap((srvDefinition) => createAPIResourceTemplate(srvDefinition, appConfig, packageIds, accessStrategies));
 };
 
 const _getEventResources = (csn, appConfig, packageIds, accessStrategies) => {
-    return appConfig.eventServiceNames.flatMap((serviceName) =>
-        createEventResourceTemplate(serviceName, csn.definitions[serviceName], appConfig, packageIds, accessStrategies),
-    );
+    return appConfig.eventServiceNames
+        .map((name) => csn.definitions[name])
+        .flatMap((srvDefinition) => createEventResourceTemplate(srvDefinition, appConfig, packageIds, accessStrategies));
 };
 
-function _getOpenResourceDiscovery(appConfig) {
-    return appConfig.env?.openResourceDiscovery || defaults.openResourceDiscovery;
-}
-
-function _getConsumptionBundles(appConfig) {
-    return appConfig.env?.consumptionBundles || defaults.consumptionBundles(appConfig);
-}
-
 const _getProducts = (appConfig) => {
     const productsObj = defaults.products(appConfig.packageName);
+
     if (appConfig.env?.products) {
         const customProducts = appConfig.env.products[0];
         if (customProducts?.ordId?.toLowerCase().startsWith("sap")) {
@@ -273,40 +50,39 @@ const _getProducts = (appConfig) => {
             _.assign(productsObj[0], customProducts);
         }
     }
-    appConfig.products = productsObj;
+
     return productsObj;
 };
 
-function createDefaultORDDocument(linkedCsn, appConfig) {
-    appConfig.policyLevels = _getPolicyLevels(appConfig);
-    let ordDocument = {
+const _createDefaultORDDocument = (linkedCsn, appConfig, authConfig) => {
+    const products = _getProducts(appConfig);
+    const packages = defaults.packages(appConfig, products);
+    const packageIds = packages?.map((pkg) => pkg.ordId) || [];
+    const entityTypes = _getEntityTypes(appConfig, packageIds);
+    const integrationDependencies = getIntegrationDependencies(linkedCsn, appConfig, packageIds);
+    const apiResources = _getAPIResources(linkedCsn, appConfig, packageIds, authConfig.accessStrategies);
+    const eventResources = _getEventResources(linkedCsn, appConfig, packageIds, authConfig.accessStrategies);
+
+    return {
+        // Unconditionally added top-level properties
         $schema: "https://open-resource-discovery.github.io/specification/spec-v1/interfaces/Document.schema.json",
-        openResourceDiscovery: _getOpenResourceDiscovery(appConfig),
         policyLevels: appConfig.policyLevels,
-        description: _getDescription(appConfig),
-        consumptionBundles: _getConsumptionBundles(appConfig),
+        packages: packages,
+        description: appConfig.env?.description || defaults.description,
+        openResourceDiscovery: appConfig.env?.openResourceDiscovery || defaults.openResourceDiscovery,
+
+        // Conditionally added top-level properties
+        ...(!entityTypes.length ? {} : { entityTypes: entityTypes }),
+        ...(!apiResources.length ? {} : { apiResources: apiResources }),
+        ...(!eventResources.length ? {} : { eventResources: eventResources }),
+        ...(appConfig.existingProductORDId ? {} : { products: [products[0]] }),
+        ...(!appConfig.serviceNames.length ? {} : { groups: _getGroups(linkedCsn, appConfig) }),
+        ...(!integrationDependencies.length ? {} : { integrationDependencies: integrationDependencies }),
+        ...(!appConfig.env?.consumptionBundles?.length ? {} : { consumptionBundles: appConfig.env.consumptionBundles }),
     };
+};
 
-    if (appConfig.serviceNames.length) {
-        ordDocument.groups = _getGroups(linkedCsn, appConfig);
-    }
-
-    if (appConfig.env?.existingProductORDId) {
-        appConfig.existingProductORDId = appConfig.env.existingProductORDId;
-    } else {
-        ordDocument.products = [_getProducts(appConfig)[0]];
-    }
-
-    ordDocument.packages = _getPackages(appConfig);
-
-    return ordDocument;
-}
-
-function extractPackageIds(ordDocument) {
-    return ordDocument.packages?.map((pkg) => pkg.ordId) || [];
-}
-
-function _filterUnusedPackages(ordDocument) {
+const _filterUnusedPackages = (ordDocument) => {
     if (!ordDocument.packages?.length) return [];
 
     const usedPackageIds = new Set();
@@ -322,52 +98,33 @@ function _filterUnusedPackages(ordDocument) {
     });
 
     return ordDocument.packages.filter((pkg) => usedPackageIds.has(pkg.ordId));
-}
+};
 
-module.exports = (csn, extensions = []) => {
-    const linkedCsn = _propagateORDVisibility(cds.linked(csn));
-    const appConfig = initializeAppConfig(linkedCsn);
+const _getEntityTypes = (appConfig, packageIds) => {
+    return appConfig.entityTypeTargets.flatMap((entity) => createEntityTypeTemplate(appConfig, packageIds, entity));
+};
 
-    // Create auth config and fail-closed on configuration errors
+const _createAuthConfig = () => {
     const authConfig = createAuthConfig();
+
+    // Create auth config and fail-closed on configuration errors
     if (authConfig.error) {
         throw new Error(`Authentication configuration error: ${authConfig.error}`);
     }
-    const accessStrategies = authConfig.accessStrategies;
-
-    let ordDocument = createDefaultORDDocument(linkedCsn, appConfig);
-    const packageIds = extractPackageIds(ordDocument);
-    const entityTypes = _getEntityTypes(appConfig, packageIds);
 
-    if (entityTypes.length) {
-        ordDocument.entityTypes = entityTypes;
-    }
-
-    if (appConfig.apiResourceNames.length) {
-        const apiResources = _getAPIResources(linkedCsn, appConfig, packageIds, accessStrategies);
-        if (apiResources.length) {
-            ordDocument.apiResources = apiResources;
-        }
-    }
-    if (appConfig.eventServiceNames.length) {
-        const eventResources = _getEventResources(linkedCsn, appConfig, packageIds, accessStrategies);
-        if (eventResources.length) {
-            ordDocument.eventResources = eventResources;
-        }
-    }
-
-    const integrationDependencies = getIntegrationDependencies(linkedCsn, appConfig, packageIds);
-    if (integrationDependencies.length) {
-        ordDocument.integrationDependencies = integrationDependencies;
-    }
+    return authConfig;
+};
 
-    [...(extensions || []), getCustomORDContent(appConfig)]
+module.exports = (csn, extensions = []) => {
+    const authConfig = _createAuthConfig();
+    const linkedCsn = _propagateORDVisibility(cds.linked(csn));
+    const appConfig = new Configuration(linkedCsn);
+    const ordDocument = [...(extensions || []), getCustomORDContent(appConfig)]
         .filter((extension) => !!extension)
-        .forEach((extension) => {
-            ordDocument = compareAndHandleCustomORDContentWithExistingContent(ordDocument, extension);
-        });
-
-    ordDocument.packages = _filterUnusedPackages(ordDocument);
+        .reduce(
+            (document, extension) => compareAndHandleCustomORDContentWithExistingContent(document, extension),
+            _createDefaultORDDocument(linkedCsn, appConfig, authConfig),
+        );
 
-    return ordDocument;
+    return Object.assign(ordDocument, { packages: _filterUnusedPackages(ordDocument) });
 };

package/lib/protocol-resolver.js

@@ -7,18 +7,6 @@ const {
 } = require("./constants");
 const Logger = require("./logger");
 
-/**
- * Gets CAP endpoints for a service using CDS endpoints4().
- *
- * @param {string} serviceName The service name.
- * @param {Object} srvDefinition The service definition object.
- * @returns {Array} Raw endpoints from CDS.
- */
-function _getCapEndpoints(serviceName, srvDefinition) {
-    const srvObj = { name: serviceName, definition: srvDefinition };
-    return cds.service.protocols.endpoints4(srvObj);
-}
-
 /**
  * Reads the explicit @protocol annotation from service definition.
  *
@@ -42,13 +30,12 @@ function _getExplicitProtocol(srvDefinition) {
  * - Rule B: Only fallback to OData when no explicit protocol
  * - Rule C: Never produce [null] in entryPoints
  *
- * @param {string} serviceName The service name.
  * @param {Object} srvDefinition The service definition object.
  * @param {Object} options Configuration options.
  * @param {Function} options.isPrimaryDataProduct Strategy function to check if service is primary data product.
  * @returns {Array} Array with single {apiProtocol, entryPoints, hasResourceDefinitions} object, or empty array.
  */
-function resolveApiResourceProtocol(serviceName, srvDefinition, options = {}) {
+function resolveApiResourceProtocol(srvDefinition, options = {}) {
     const { isPrimaryDataProduct = () => false } = options;
 
     // 1. Primary Data Product - early return
@@ -62,7 +49,7 @@ function resolveApiResourceProtocol(serviceName, srvDefinition, options = {}) {
         ];
     }
 
-    const capEndpoints = _getCapEndpoints(serviceName, srvDefinition);
+    const capEndpoints = cds.service.protocols.endpoints4({ name: srvDefinition.name, definition: srvDefinition });
     const ordProtocols = [];
     for (const endpoint of capEndpoints) {
         if (PLUGIN_UNSUPPORTED_PROTOCOLS.includes(endpoint.kind)) {
@@ -107,7 +94,7 @@ function resolveApiResourceProtocol(serviceName, srvDefinition, options = {}) {
 
         // 4. Handle explicit protocol with no CAP endpoint (Rule A)
         if (!ordProtocols.some((p) => p.apiProtocol === protocol) && !CAP_TO_ORD_PROTOCOL_MAP[protocol]) {
-            Logger.warn(`Unknown protocol '${protocol}' is not supported, and skipped for service '${serviceName}'.`);
+            Logger.warn(`Unknown protocol '${protocol}' is not supported, and skipped for service '${srvDefinition.name}'.`);
         }
     }
 

package/lib/services/mtx-ord-provider-service.js

@@ -1,19 +1,24 @@
 const cds = require("@sap/cds/lib");
 const { ord, getMetadata } = require("@cap-js/ord/lib");
 
+const defaults = require("../defaults");
+const { DOCUMENT_PERSPECTIVES } = require("../constants");
+
 module.exports = class MtxOrdProviderService extends cds.ApplicationService {
     init() {
         this.on("getOrdDocument", async (req) => {
             req._?.res?.set("Content-Type", "application/json");
 
-            return ord(
-                await (
-                    await cds.connect.to("cds.xt.ModelProviderService")
-                ).getCsn({
-                    for: req.data.for,
-                    tenant: req.data.tenant,
-                    toggles: req.data.toggles,
-                }),
+            return defaults.adjustForPerspective(
+                ord(
+                    await (
+                        await cds.connect.to("cds.xt.ModelProviderService")
+                    ).getCsn({
+                        tenant: req.data.tenant,
+                        toggles: req.data.toggles,
+                    }),
+                ),
+                DOCUMENT_PERSPECTIVES.SystemInstance,
             );
         });
 
@@ -23,7 +28,6 @@ module.exports = class MtxOrdProviderService extends cds.ApplicationService {
                 await (
                     await cds.connect.to("cds.xt.ModelProviderService")
                 ).getCsn({
-                    for: req.data.for,
                     tenant: req.data.tenant,
                     toggles: req.data.toggles,
                 }),

package/lib/services/ord-service.js

@@ -3,9 +3,61 @@ const cds = require("@sap/cds");
 const ord = require("../ord.js");
 const Logger = require("../logger.js");
 const defaults = require("../defaults.js");
+const { LOCAL_TENANT_ID_HEADER_KEY, DOCUMENT_PERSPECTIVES } = require("../constants");
 const compileMetadata = require("../meta-data.js");
 const { createAuthConfig, createAuthMiddleware } = require("../auth/authentication.js");
 
+const validationMiddleware = (req, res, next) => {
+    const toggles = cds.env.requires.toggles;
+    const perspective = req.query.perspective;
+    const extensibility = cds.env.requires.extensibility;
+    const tenant = req.headers[LOCAL_TENANT_ID_HEADER_KEY];
+
+    if (perspective && ![DOCUMENT_PERSPECTIVES.SystemVersion, DOCUMENT_PERSPECTIVES.SystemInstance].includes(perspective)) {
+        return res.status(400).send(`Required query parameter 'perspective' is invalid`);
+    }
+
+    if (perspective === DOCUMENT_PERSPECTIVES.SystemInstance && !(toggles || extensibility)) {
+        return res.status(400).send(`Unsupported query parameter 'perspective=${perspective}'`);
+    }
+
+    if (!tenant && perspective === DOCUMENT_PERSPECTIVES.SystemInstance) {
+        return res.status(400).send(`Missing required tenant context`);
+    }
+
+    return next();
+};
+
+const metadataResponseHandler = async (req, res) => {
+    try {
+        const perspective = req.query.perspective;
+        const tenant = req.headers[LOCAL_TENANT_ID_HEADER_KEY];
+        const model = await resolveCdsModel(perspective, tenant);
+        const { contentType, response } = await compileMetadata(req.path, model);
+
+        return res.status(200).contentType(contentType).send(response);
+    } catch (error) {
+        Logger.error(error, "Error while processing the resource definition document");
+        return res.status(500).send(error.message);
+    }
+};
+
+const resolveCdsModel = async (perspective, tenant) => {
+    if (!tenant || perspective !== DOCUMENT_PERSPECTIVES.SystemInstance) {
+        Logger.info("Retrieving static CDS model...");
+        return cds.model;
+    }
+
+    Logger.info(`Retrieving dynamic CDS model for tenant ${tenant}...`);
+
+    return await (
+        await cds.connect.to("cds.xt.ModelProviderService")
+    ).getCsn({
+        tenant: tenant,
+        toggles: OpenResourceDiscoveryService.resolveFeatureToggles(tenant),
+    });
+};
+
 class OpenResourceDiscoveryService extends cds.ApplicationService {
     async init() {
         this.extensions = {};
@@ -26,38 +78,38 @@ class OpenResourceDiscoveryService extends cds.ApplicationService {
         // Create authentication middleware
         const authMiddleware = createAuthMiddleware(authConfig);
 
-        cds.app.get(`${this.path}`, (_, res) => {
-            return res.status(200).send(defaults.baseTemplate(authConfig));
+        // Default: /.well-known/open-resource-discovery
+        cds.app.get(`${this.path}`, (req, res) => {
+            const tenant = req.headers[LOCAL_TENANT_ID_HEADER_KEY];
+
+            return res.status(200).send(defaults.baseTemplate(authConfig, tenant));
         });
 
-        cds.app.get(`/ord/v1/documents/ord-document`, authMiddleware, async (_, res) => {
-            const csn = cds.context?.model || cds.model;
-            const data = ord(csn, Array.from(Object.values(this.extensions)));
-            return res.status(200).send(data);
+        cds.app.get(`/ord/v1/documents/ord-document`, [authMiddleware, validationMiddleware], async (req, res) => {
+            const perspective = req.query.perspective || DOCUMENT_PERSPECTIVES.SystemVersion;
+            const tenant = req.headers[LOCAL_TENANT_ID_HEADER_KEY];
+            const model = await resolveCdsModel(perspective, tenant);
+            const extensions = Array.from(Object.values(this.extensions));
+
+            return res.status(200).send(defaults.adjustForPerspective(ord(model, extensions), perspective));
         });
 
-        cds.app.get(`/ord/v1/documents/:id`, authMiddleware, async (_, res) => {
+        cds.app.get(`/ord/v1/documents/:id`, [authMiddleware, validationMiddleware], async (_, res) => {
             return res.status(404).send("404 Not Found");
         });
 
-        // Handler for metadata requests (oas3, edmx, csn, etc.)
-        const metadataHandler = async (req, res) => {
-            try {
-                const { contentType, response } = await compileMetadata(req.url);
-                return res.status(200).contentType(contentType).send(response);
-            } catch (error) {
-                Logger.error(error, "Error while processing the resource definition document");
-                return res.status(500).send(error.message);
-            }
-        };
-
         // Use separate routes instead of optional parameters for path-to-regexp v8 compatibility
-        cds.app.get(`/ord/v1/:ordId/:service`, authMiddleware, metadataHandler);
-        cds.app.get(`/ord/v1/:ordId`, authMiddleware, metadataHandler);
-        cds.app.get(`/ord/v1`, authMiddleware, metadataHandler);
+        cds.app.get(`/ord/v1/:ordId/:service`, [authMiddleware, validationMiddleware], metadataResponseHandler);
+        cds.app.get(`/ord/v1/:ordId`, [authMiddleware, validationMiddleware], metadataResponseHandler);
+        cds.app.get(`/ord/v1`, [authMiddleware, validationMiddleware], metadataResponseHandler);
 
         return super.init();
     }
+
+    // eslint-disable-next-line no-unused-vars
+    static resolveFeatureToggles(tenant) {
+        return ["*"];
+    }
 }
 
 module.exports = { OpenResourceDiscoveryService };