@sap/async-xsjs 1.0.2

package/lib/index.js

@@ -0,0 +1,235 @@
+'use strict';
+
+var bodyParser = require('body-parser');
+var compress = require('compression');
+var cookieParser = require('cookie-parser');
+var express = require('express');
+var http = require('http');
+var _ = require('lodash');
+var passport = require('passport');
+var connOptions = require('@sap/hdbext').connectionOptions;
+var xssec = require('@sap/xssec');
+var createDsrMiddleware = require('@sap/e2e-trace').createDsrMiddleware;
+var AuditLogger = require('./AuditLogger');
+var AnonymousStrategy = require('./passport-noauth');
+var middleware = require('./middleware');
+var routes = require('./routes');
+var runtime = require('./runtime');
+var logging = require('@sap/logging');
+var logger = require('./logging').logger;
+var odata = require('./odata');
+var jobs = require('./jobs');
+var cacert = require('./cacert');
+
+exports = module.exports = async function (options) {
+  logger.info('@sap/xsjs version: %s, Node.js version: %s', require('../package.json').version, process.version);
+  options = _.cloneDeep(options);
+  checkOptions(options);
+
+  cacert.loadCertificates(options);
+
+  if (options.hana) {
+    _.defaultsDeep(options, {
+      hana: connOptions.getGlobalOptions()
+    });
+  }
+
+  // bootstrap runtime
+  var rt = await runtime.createRuntime(options);
+
+  // configure passport
+  var passportStrategies = [];
+
+  var JWT = 'JWT';
+  if (options.uaa) {
+    passport.use(JWT, new xssec.JWTStrategy(options.uaa));
+    passportStrategies.push(JWT);
+  }
+
+  if (options.anonymous) {
+    passport.use(new AnonymousStrategy());
+    passportStrategies.push('anonymous');
+  }
+
+  // configure express
+  var app = createApp();
+  options.auditLog && app.set('auditLog', new AuditLogger(options.auditLog));
+  app.use(logging.middleware({ appContext: require('./logging').appContext }));
+  app.use(createDsrMiddleware());
+  app.set('query parser', 'simple');
+  app.set('runtime', rt);
+
+  app.use(function (req, res, next) {
+    if (req.method === 'TRACE') {
+      return res.status(403).send('HTTP TRACE Method is not allowed');
+    }
+    next();
+  });
+
+  if (rt.get('compression')) {
+    app.use(compress());
+  }
+  app.use(cookieParser());
+  app.use(middleware.locale);
+
+  app.use(passport.initialize());
+  app.use(function (req, res, next) {
+    passport.authenticate(passportStrategies, handleAuthenticate(req, res, next))(req, res, next);
+  });
+  app.use(middleware.urlRewrite(rt));
+
+  // redirect
+  rt.redirectRules.forEach(function (rule) {
+    app.get(rule.pathname, function (req, res) {
+      res.redirect(rule.status || 302, rule.location);
+    });
+  });
+
+  addXsjsHandlers(app, options, rt);
+
+  addOdataHandlers(app, options, rt);
+
+  addJobHandlers(app, options, rt);
+
+  // static content
+  rt.staticDirectories.forEach(function (staticDirectory) {
+    app.use(staticDirectory.pathname, express.static(staticDirectory.dirname));
+  });
+
+  // catch 404 and forward to error handler
+  app.use(middleware.notFound);
+
+  // error handlers
+  app.use(routes.error);
+
+  return app;
+};
+
+function handleAuthenticate(req, res, next) {
+  return function (err, user, info, statusCodes) {
+    if (err) { return next(err); }
+
+    if (user) {
+      return req.logIn(user, { session: false }, function (err) {
+        if (err) { return next(err); }
+        req.authInfo = info;
+        next();
+      });
+    }
+
+    var jwtStrategyStatusCode = statusCodes[0];
+
+    auditLogAuthFailed(req, function (err) {
+      if (err) { return next(err); }
+      sendAuthFailed(res, jwtStrategyStatusCode);
+    });
+  };
+}
+
+function addXsjsHandlers(app, options, rt) {
+  var xsjsPaths = _.map(Object.keys(rt.xsjs), function addWildCard(path) {
+    // wildcard needs to be mapped to support $.request.queryPath
+    return path + '*';
+  });
+  if (xsjsPaths.length > 0) {
+    app.all(xsjsPaths, middleware.anyBody(rt, options), middleware.xsjs(rt), routes.xsjs(rt));
+  }
+}
+
+function addOdataHandlers(app, options, rt) {
+  var odataServices = odata.createServices(rt);
+  odataServices.forEach(function (odataService) {
+    if (!isValidHanaSettings(options)) {
+      app.use(odataService.getRootUriPath(), function (req, res, next) {
+        next(new Error('Invalid HANA settings provided. OData services are disabled.'));
+      });
+    } else {
+      var odataApp = createApp();
+      odataApp.all('*', middleware.anyBody(rt, options), routes.xsodata(rt, odataService));
+      app.use(odataService.getRootUriPath(), odataApp);
+    }
+  });
+
+  app.clearODataCache = function (tenant) {
+    odataServices.forEach(function (svc) {
+      svc.clearCache(tenant);
+    });
+  };
+}
+
+function addJobHandlers(app, options, rt) {
+  var jobsRt = new jobs.JobsRuntime(rt);
+  var validJobs = jobsRt.getValidJobs();
+  if (validJobs.length) {
+    if (isValidHanaSettings(options)) {
+      jobsRt.registerAllJobs();
+
+      validJobs.forEach(function (job) {
+        app.post(job.urlPath, bodyParser.json(), routes.startJob(jobsRt, options));
+      });
+    } else {
+      logger.error('Jobs execution requires valid HANA configuration.');
+    }
+  }
+}
+
+function checkOptions(options) {
+  if (!isValidHanaSettings(options)) {
+    logger.warn('No HANA credentials provided. DB access and OData services will be disabled.');
+  }
+  validateOptionalBoolean(options, 'xsApplicationUser');
+  validateOptionalBoolean(options, 'anonymous');
+  if (!options.anonymous && !options.uaa) {
+    throw new Error('No UAA configuration is provided in non-anonymous mode.');
+  }
+  if (!options.auditLog) {
+    logger.warn('No Audit log configuration provided. Audit logging will be disabled.');
+  }
+  if (options.auditLog && options.auditLog.logToConsole) {
+    logger.warn('Audit log messages will be written to console.');
+  }
+  if (!options.uaa) {
+    logger.warn('No UAA configuration provided. JWT token authentication disabled.');
+  }
+  if (!options.mail) {
+    logger.warn('No Mail options provided. $.net.Mail and $.net.SMTPConnection will be disabled.');
+  }
+  if (!options.jobs) {
+    logger.warn('No Jobs options provided. $.jobs will be disabled.');
+  }
+  if (!options.secureStore) {
+    logger.warn('Secure store not configured. $.security.Store will be disabled.');
+  }
+}
+
+function isValidHanaSettings(options) {
+  return options.hana &&
+  ((options.hana.user && options.hana.password) ||
+  (options.hana.clientid && options.hana.clientsecret));
+}
+
+function validateOptionalBoolean(options, prop) {
+  var value = options[prop];
+  if (value !== undefined && typeof value !== 'boolean') {
+    throw new Error(prop + ' option should be a boolean');
+  }
+}
+
+function auditLogAuthFailed(req, cb) {
+  var auditLog = req.app.get('auditLog');
+  if (!auditLog) {
+    return cb(null);
+  }
+  auditLog.logSecurityEvent(req, 'Failed login attempt', 'UNKNOWN', cb);
+}
+
+function sendAuthFailed(res, statusCode) {
+  statusCode === 401 && res.setHeader('WWW-Authenticate', 'Bearer realm="XSJS Compatibility Layer"');
+  return res.status(statusCode).end(http.STATUS_CODES[statusCode]);
+}
+
+function createApp() {
+  var app = express();
+  app.disable('x-powered-by');
+  return app;
+}

package/lib/jobs/Action.js

@@ -0,0 +1,40 @@
+'use strict';
+
+var _ = require('lodash');
+var utils = require('../utils');
+var fs = require('fs');
+var fsPath = require('path');
+
+module.exports = Action;
+
+function Action(actionStr, rootDirs) {
+  var parts = actionStr.match(/^([^:]+)(:[^:]+\.xsjs)?:{2}(.+)$/);
+  if (!parts) {
+    throw new Error('Invalid action. Expected "<package>:<XSJS_Service>.xsjs::function", found: "' + actionStr + '"');
+  }
+
+  if (!parts[2]) {
+    fileExists(rootDirs, parts[1]) ? this.filename = parts[1] : this.packagename = parts[1];
+  } else {
+    this.packagename = parts[1];
+    this.filename = parts[2].slice(1);
+  }
+  this.funcname = parts[3];
+}
+
+Action.prototype.isJavaScript = function () {
+  return !!this.filename;
+};
+
+Action.prototype.getScriptPath = function () {
+  return utils.toPath(this.packagename, this.filename);
+};
+
+function fileExists(dirs, pathname) {
+  var dir = _.find(dirs, function (dir) {
+    var path = fsPath.join(dir, pathname);
+    return fs.existsSync(path) && fs.lstatSync(path).isFile();
+  });
+
+  return !!dir;
+}

package/lib/jobs/Job.js

@@ -0,0 +1,100 @@
+'use strict';
+
+var assert = require('assert');
+var _ = require('lodash');
+var Action = require('./Action');
+
+module.exports = Job;
+
+function Job (xsjob, urlPath, rootDirs) {
+  this._validateXsjob(xsjob);
+
+  if (!urlPath) {
+    throw new TypeError('urlPath is required, provide valid value');
+  }
+
+  this.action = new Action(xsjob.action, rootDirs);
+  this.urlPath = urlPath;
+  this.active = true;
+
+  this._xsjob = xsjob;
+}
+
+Job.prototype.toSchedulerJob = function(host, jobsCallbackUrl) {
+  if (!host) {
+    throw new TypeError('Valid host is expected');
+  }
+  if (!jobsCallbackUrl) {
+    throw new TypeError('Jobs callback URL expected');
+  }
+
+  var schedules = this._xsjob.schedules.map(function(schedule) {
+    return {
+      description: schedule.description,
+      cron: schedule.xscron,
+      data: schedule.parameter,
+      active: true
+    };
+  });
+
+  var jobUrl = _.trimEnd(jobsCallbackUrl, '/') + '/' + _.trimStart(this.urlPath, '/');
+  return {
+    name: Job.buildName(host, this.urlPath),
+    description: this._xsjob.description,
+    action: jobUrl,
+    schedules: schedules,
+    httpMethod: 'POST',
+    active: true
+  };
+};
+
+Job.prototype._validateXsjob = function(xsjob) {
+  if (!xsjob) {
+    throw new TypeError('xsjob is required, provide valid value');
+  }
+
+  if (!xsjob.action) {
+    throw new TypeError('Missing action property');
+  }
+
+  var schedules = xsjob.schedules;
+  if (!Array.isArray(schedules) || schedules.length === 0) {
+    throw new TypeError('Missing job schedules');
+  }
+
+  for (var i = 0; i < schedules.length; i++) {
+    if (!schedules[i].xscron) {
+      throw new TypeError('Missing xscron for schedule [' + i + ']');
+    }
+  }
+};
+
+Job.buildName = function(hostName, jobPath) {
+  assert(hostName, 'valid hostname expected');
+  assert(jobPath, 'Job path expected');
+
+  var host = (hostName.charAt(hostName.length - 1) === '/') ? hostName : (hostName + '/') ;
+  var jobName = host + jobPathToName(jobPath);
+
+  return jobName.replace(/[^a-zA-Z0-9._]/g, '_');
+};
+
+function jobPathToName(jobPath) {
+  assert(jobPath, 'valid path expected');
+
+  var path = (jobPath.charAt(0) === '/') ? jobPath.substr(1) : jobPath;
+  var segments = path.split('/');
+
+  var fileName = segments.pop();
+  if (segments.length === 0) {
+    return fileName;
+  }
+  var packName = segments.join('.');
+
+  if (fileName.indexOf('.') > -1) {
+    return packName + '_' + fileName;
+  }
+
+  return packName + '.' + fileName;
+}
+

package/lib/jobs/JobManager.js

@@ -0,0 +1,150 @@
+'use strict';
+
+var _ = require('lodash');
+var assert = require('assert');
+var util = require('util');
+var jobsclient = require('@sap/jobs-client');
+var EventEmitter = require('events').EventEmitter;
+
+var XsjsJobRunner = require('./XsjsJobRunner');
+var SqlScriptJobRunner = require('./SqlScriptJobRunner');
+
+module.exports = JobManager;
+
+
+util.inherits(JobManager, EventEmitter);
+
+/**
+ * @param {Object} jobServiceConfig - required, job scheduler config
+ */
+function JobManager(jobServiceConfig) {
+  assert(_.isObject(jobServiceConfig), 'valid job scheduler config object required');
+  assert(_.isString(jobServiceConfig.url), 'job sceduler config should contain valid "url" property');
+
+  this._jc = jobServiceConfig;
+
+  EventEmitter.call(this);
+}
+
+/**
+ * Registers all jobs in Job Scheduler service asynchronously. Does not throw errors, 'registered' event is triggered with
+ * error parameter having value <code>null</code> in case registration was successful or valid error otherwise
+ */
+JobManager.prototype.registerAllJobs = function (jobs, appConfig) {
+  assert(_.isArray(jobs), 'Valid jobs array expected');
+  assert(appConfig, 'Valid application config expected');
+
+  var scheduler = new jobsclient.Scheduler(this._schedulerOptions());
+
+  var self = this;
+  jobs.forEach(function (job) {
+    var jobsCallbackUrl = self._jc.jobsCallbackUrl || appConfig.url;
+    var scJob = job.toSchedulerJob(appConfig.host, jobsCallbackUrl);
+    var options = {
+      name: scJob.name,
+      job: scJob
+    };
+
+    scheduler.upsertJob(options, function (error, body) {
+      if (!error) { job.id = body._id; }
+      self.emit('register', error, job);
+    });
+  });
+};
+
+/**
+ * Starts new job asynchronously, when job finished an event will be triggered
+ * @param rt xsjs runtime
+ * @param job the job to run
+ * @param request http request object
+ * @throws in case some of parameters is invalid
+ */
+JobManager.prototype.startJobAsync = async function (rt, job, request) {
+  assert(rt, 'Valid xsjs runtime object expected');
+  assert(job, 'Valid job object expected');
+  assert(request, 'Valid request object expected');
+
+  var inputParams = this._parseInput(request);
+  var jobRunDetails = this._getJobRunDetails(request, job);
+
+  var runnable = null;
+  if (job.action.isJavaScript()) {
+    runnable = await this._createXsjsRunnable(rt, job, request, jobRunDetails.runId);
+  } else {
+    runnable = this._createSqlProcRunnable(rt.get('hanaDbOptions').forRequest(request));
+  }
+
+  this._startJob(runnable, job, inputParams, jobRunDetails);
+};
+
+JobManager.prototype._startJob = function (runnable, job, inputParams, jobRunDetails) {
+  var self = this;
+
+  process.nextTick(async function() {
+    try {
+      await runnable(job, inputParams);
+      self.emit('job-finished', null, job, jobRunDetails);
+      self._sendJobFinished(null, job, jobRunDetails);
+    } catch (ex) {
+      self.emit('job-finished', ex, job, jobRunDetails);
+      self._sendJobFinished(ex, job, jobRunDetails);
+    }
+  });
+};
+
+
+JobManager.prototype._sendJobFinished = function (err, job, jobRunDetails) {
+  var message = (!err) ? 'OK' : ('Job run failed, error: ' + err.message);
+  var options = _.extend({}, jobRunDetails, {
+    data: {
+      success: !err,
+      message: message
+    }
+  });
+
+  var self = this;
+  var scheduler = new jobsclient.Scheduler(this._schedulerOptions());
+  scheduler.updateJobRunLog(options, function(err) {
+    self.emit('status-update', err, job, jobRunDetails);
+  });
+};
+
+JobManager.prototype._getJobRunDetails = function(request, job) {
+  var jobRunDetails = {
+    jobId: request.headers['x-sap-job-id'],
+    scheduleId: request.headers['x-sap-job-schedule-id'],
+    runId: request.headers['x-sap-job-run-id']
+  };
+
+  assert(jobRunDetails.jobId, 'Expecting job ID to be provided when starting JOB:' + job.name);
+  assert(jobRunDetails.scheduleId, 'Expecting job schedule ID to be provided when starting JOB:' + job.name);
+  assert(jobRunDetails.runId, 'Expecting job run ID to be provided when starting JOB:' + job.name);
+
+  return jobRunDetails;
+};
+
+JobManager.prototype._schedulerOptions = function () {
+  return _.extend(this._jc, {
+    baseURL: this._jc.url
+  });
+};
+
+JobManager.prototype._createXsjsRunnable = async function (rt, job, req, runId) {
+  var runner = new XsjsJobRunner(rt);
+  await runner.prepare(job, req, runId);
+
+  return async function xsjsRunnable(job, inputParams) {
+    await runner.run(inputParams);
+  };
+};
+
+JobManager.prototype._createSqlProcRunnable = function (dbReqOptions) {
+  return async function SqlScriptRunnable(job, inputParams) {
+    var runner = new SqlScriptJobRunner(dbReqOptions);
+    await runner.run(job, inputParams);
+  };
+};
+
+JobManager.prototype._parseInput = function (request) {
+  return request.body;
+};

package/lib/jobs/JobsRuntime.js

@@ -0,0 +1,133 @@
+'use strict';
+
+var _ = require('lodash');
+var assert = require('assert');
+var format = require('util').format;
+var logging = require('../logging');
+var logger = logging.logger;
+var tracer = logging.tracer;
+var JobManager = require('./JobManager');
+var HttpError = require('../utils/errors/HttpError');
+var wrapAppError = require('../utils/errors/wrap-app-error');
+
+
+module.exports = JobsRuntime;
+
+function JobsRuntime(rt) {
+  assert(rt, 'runtime is required for jobs support');
+
+  var jobsOptions = rt.get('jobs');
+  if (!jobsOptions) {
+    return;
+  }
+
+  this._rt = rt;
+
+  var jobManager = this._createJobManager(jobsOptions);
+  Object.defineProperty(this, '_jobManager', {
+    enumerable: false,
+    configurable: false,
+    writable: false,
+    value: jobManager
+  });
+}
+
+JobsRuntime.prototype.getValidJobs = function () {
+  var jobs = [];
+  var rt = this._rt;
+
+  if (!rt) { return jobs; }
+
+  Object.keys(rt.xsjobs).forEach(function(key) {
+    var job = rt.xsjobs[key];
+    if (job.active) {
+      jobs.push(job);
+    }
+  });
+
+  return jobs;
+};
+
+JobsRuntime.prototype.registerAllJobs = function() {
+  if (this._jobManager) {
+    this._jobManager.registerAllJobs(this.getValidJobs(), this._rt.get('appConfig'));
+  }
+};
+
+JobsRuntime.prototype.startJobAsync = async function(req) {
+  if (!this._jobManager) {
+    throw new Error('Cannot start job, job manager not initialized, ' +
+      ' check if scheduler service is bound to this application');
+  }
+  var job = this._rt.getJob(req.path);
+  if (!job) {
+    throw new HttpError(404, 'Job not found');
+  }
+
+  return await this._jobManager.startJobAsync(this._rt, job, req);
+};
+
+JobsRuntime.prototype._createJobManager = function(jobsOptions)
+{
+  var jobManager = new JobManager(jobsOptions, this._appConfig);
+
+  jobManager.on('register', function(error, job) {
+    if (error) {
+      return logger.error(error, 'Failed to register job "%s"', job.urlPath);
+    }
+    tracer.info('Job "%s" registered successfully', job.urlPath);
+  });
+
+  jobManager.on('job-finished', function(error, job, jobRunDetails) {
+    var runId = jobRunDetails.runId;
+    var jobRunName = createJobRunName(job, jobRunDetails);
+    if (error) {
+      return createJobRunLogger(runId).error(wrapAppError(error), format('Job "%s" execution failed', jobRunName));
+    }
+    createJobRunTracer(runId).info('Job "%s" finished successfully', job.urlPath);
+  });
+
+  jobManager.on('status-update', function(error, job, jobRunDetails) {
+    var runId = jobRunDetails.runId;
+    var jobRunName = createJobRunName(job, jobRunDetails);
+    if (error) {
+      return createJobRunLogger(runId).error(error, 'Failed to update job "%s" status', jobRunName);
+    }
+    createJobRunTracer(runId).info('Job "%s" status updated successfully', job.urlPath);
+  });
+
+  if (jobsOptions.listener) {
+    this._registerJobListener(jobManager, jobsOptions.listener);
+  }
+
+  return jobManager;
+};
+
+JobsRuntime.prototype._registerJobListener = function(jobManager, jobListener) {
+  if (_.isFunction(jobListener.onRegister)) {
+    jobManager.on('register', jobListener.onRegister);
+  }
+
+  if (_.isFunction(jobListener.onJobFinished)) {
+    jobManager.on('job-finished', jobListener.onJobFinished);
+  }
+
+  if (_.isFunction(jobListener.onStatusUpdate)) {
+    jobManager.on('status-update', jobListener.onStatusUpdate);
+  }
+};
+
+function createJobRunName(job, jobRunDetails) {
+  return format('%s/%s/%s/%s', job.urlPath,
+    jobRunDetails.jobId,
+    jobRunDetails.scheduleId,
+    jobRunDetails.runId);
+}
+
+function createJobRunLogger(runId) {
+  return logging.appContext.createLogContext({ id: runId }).getLogger(logging.CATEGORY);
+}
+
+function createJobRunTracer(runId) {
+  return logging.appContext.createLogContext({ id: runId }).getTracer(__filename);
+}

package/lib/jobs/SqlScriptJobRunner.js

@@ -0,0 +1,36 @@
+'use strict';
+
+var assert = require('assert');
+var hdbext = require('@sap/hdbext');
+var connection = require('../xsjs/db/common/connection');
+
+module.exports = SqlScriptJobRunner;
+
+
+function SqlScriptJobRunner(dbReqOptions) {
+  assert(dbReqOptions, 'Valid dbReqOptions expected');
+  this._dbReqOptions = dbReqOptions;
+}
+
+SqlScriptJobRunner.prototype.run = async function(job, inputParams) {
+  var self = this;
+  var hanaOptions;
+  var hdbClient;
+
+  var hanaOpts = await this._dbReqOptions.getInstanceOptionsPromise();
+  hanaOptions = hanaOpts;
+  var client = await connection.connect(hanaOptions);
+  hdbClient = client;
+  client.setAutoCommit(true);
+  var procedure = await hdbext.loadProcedurePromise(client, hanaOptions.schema, self._defineSqlProcName(job.action));
+  await procedure(inputParams);
+  hdbClient && await hdbClient.close();
+};
+
+SqlScriptJobRunner.prototype._defineSqlProcName = function(action) {
+  if (!action.packagename) {
+    return action.funcname;
+  }
+
+  return action.packagename + '::' + action.funcname;
+};