@sap/async-xsjs 1.0.2

package/lib/jobs/XsjsJobRunner.js

@@ -0,0 +1,78 @@
+'use strict';
+
+var _ = require('lodash');
+var util = require('util');
+// var fiber = require('@sap/fibers');
+
+module.exports = XsjsJobRunner;
+
+function XsjsJobRunner(rt) {
+  if (!rt) {
+    throw new Error('Valid xsjs runtime expected');
+  }
+  this._rt = rt;
+  this._module = null;
+  this._jsFunction = null;
+}
+
+XsjsJobRunner.prototype.prepare = async function(job, req, runId) {
+  this._cleanup();
+  this._assertValidJob(job);
+
+  var rt = this._rt;
+  var jsPath = job.action.getScriptPath();
+
+  var context = rt.createBaseContext(req, null, { id: runId, location: job.urlPath });
+  try {
+    var module = await rt.runXsjs(jsPath, context);
+  } finally {
+    rt.cleanupContext(context);
+  }
+
+  var funcName = job.action.funcname;
+  var jsFunction = module.namespace.default[funcName];
+  if (!jsFunction) {
+    throw new Error(util.format('XSJS "%s" doesn\'t have a function "%s"', jsPath, funcName));
+  }
+  if (!_.isFunction(jsFunction)) {
+    throw new Error(util.format('"%s" is not a function in "%s"', funcName, jsPath));
+  }
+
+  this._module = module;
+  this._jsFunction = jsFunction;
+};
+
+/**
+ * Runs asynchronously
+ * @param inputParams to be provided to XSJS function
+ * @param done callback to notify when job finished
+ */
+XsjsJobRunner.prototype.run = async function(inputParams) {
+  if (!this._jsFunction) {
+    throw new Error('XsjsJobRunner: runner needs to be prepared before run is called');
+  }
+
+  var self = this;
+  try {
+    await self._jsFunction.call(this, inputParams || {});
+  }
+  finally {
+    self._cleanup();
+    self._rt.triggerGc();
+  }
+};
+
+XsjsJobRunner.prototype._assertValidJob = function(job) {
+  if (!job) {
+    throw new TypeError('Valid job object should be provided');
+  }
+
+  if (!job.action.isJavaScript()) {
+    throw new TypeError('Not a handler for SQL procedure based jobs, xsjob: ' + job.urlPath);
+  }
+};
+
+XsjsJobRunner.prototype._cleanup = function() {
+  this._module = null;
+  this._jsFunction = null;
+};

package/lib/jobs/index.js

@@ -0,0 +1,11 @@
+'use strict';
+
+var Job = require('./Job');
+var Action = require('./Action');
+var JobManager = require('./JobManager');
+var JobsRuntime = require('./JobsRuntime');
+
+module.exports.Action = Action;
+module.exports.Job = Job;
+module.exports.JobManager = JobManager;
+module.exports.JobsRuntime = JobsRuntime;

package/lib/logging.js

@@ -0,0 +1,16 @@
+'use strict';
+
+var logging = require('@sap/logging');
+
+var CATEGORY = '/CompatibilityLayer';
+var appContext = logging.createAppContext({ csnComponent: 'BC-XS-JS' });
+var logContext = appContext.createLogContext({ id: '' });
+var logger = logContext.getLogger(CATEGORY);
+logger.warn = logger.warning;
+
+module.exports = {
+  CATEGORY: CATEGORY,
+  appContext: appContext,
+  logger: logger,
+  tracer: logContext.getTracer(__filename)
+};

package/lib/middleware.js

@@ -0,0 +1,125 @@
+'use strict';
+
+var _ = require('lodash');
+var parseUrl = require('url').parse;
+var parseQuery = require('querystring').parse;
+var multiparty = require('multiparty');
+var bodyParser = require('body-parser');
+var mediaTyper = require('media-typer');
+// var fibrous = require('@sap/fibrous');
+var Locale = require('./xsjs/Locale');
+var HttpError = require('./utils/errors/HttpError');
+
+function getRewriteRule(rewriteRules, path) {
+  rewriteRules = rewriteRules || [];
+  path = path || '';
+  while (path.length) {
+    if (rewriteRules[path]) {
+      return rewriteRules[path];
+    }
+    if (path === '/') {
+      break;
+    }
+    var lastSlash = path.lastIndexOf('/');
+    path =  lastSlash > 0 ? path.substring(0, lastSlash) : '/';
+  }
+  return [];
+}
+
+exports.urlRewrite = function (rt) {
+  return function urlRewriteMiddleware(req, res, next) {
+    var url = parseUrl(req.url);
+    var rule = _.find(getRewriteRule(rt.rewriteRules, url.pathname), function (rule) {
+      return rule.regex.test(url.pathname);
+    });
+    if (rule) {
+      var newUrl = parseUrl(url.pathname.replace(rule.regex, rule.replacement));
+      url.pathname = newUrl.pathname;
+      if (newUrl.query) {
+        if (url.query) {
+          url.query = [newUrl.query, url.query].join('&');
+        } else {
+          url.query = newUrl.query;
+        }
+        req.query = parseQuery(url.query);
+        url.search = '?' + url.query;
+      }
+      req.url = url.format();
+      req.loggingContext.getTracer(__filename).info(
+        'Applying rewrite rule: "%s" to "%s" for URL "%s" - result "%s"',
+        rule.regex.source, rule.replacement, req.originalUrl, req.url
+      );
+
+    }
+    next();
+  };
+};
+
+exports.locale = function (req, res, next) {
+  res.locals.locale = new Locale(req);
+  next();
+};
+
+exports.multipartFormData = function (rt, req, res, next) {
+  var form = createFormObject(rt);
+  form.parse(req, function (err, fields, files) {
+    if (err) {
+      return next(err);
+    }
+    req['form-data'] = {
+      fields: fields,
+      files: files
+    };
+    next();
+  });
+};
+
+function createFormObject(rt) {
+  var formData = rt.get('formData');
+  return new multiparty.Form({maxFilesSize: formData.maxFilesSizeInBytes});
+}
+
+exports.textBody = function (options, req, res, next) {
+  var maxBodySize = (options && options.maxBodySize) || '1mb';
+  var contentType = req.headers['content-type'] || 'application/octet-stream';
+  var charset = mediaTyper.parse(contentType).parameters.charset;
+  function done(err) {
+    if (err) {
+      return next(err);
+    }
+    if (req.is(['urlencoded'])) {
+      req['form-urlencoded'] = parseQuery(req.body.toString());
+    }
+    next();
+  }
+  var bodyParserOptions = {
+    limit: maxBodySize,
+    type: function () { return true; }
+  };
+  bodyParser[charset ? 'text' : 'raw'](bodyParserOptions)(req, res, done);
+};
+
+exports.anyBody = function(rt, options) {
+  return function (req, res, next) {
+    if (req.is(['multipart/form-data'])) {
+      return exports.multipartFormData(rt, req, res, next);
+    }
+    exports.textBody(options, req, res, next);
+  };
+};
+
+exports.xsjs = function (rt) {
+  return function contextMiddleware(req, res, next) {
+    var endOfScriptName = req.path.indexOf('.xsjs') + '.xsjs'.length;
+    var pathToScript = req.path.substring(0, endOfScriptName);
+    res.locals.pathToScript = pathToScript;
+
+    rt.attachContext(req, res, { location: pathToScript });
+    // fibrous.middleware(req, res, next);
+    next();
+  };
+};
+
+exports.notFound = function (req, res, next) {
+  next(new HttpError(404, 'Not Found'));
+};

package/lib/odata/ODataService.js

@@ -0,0 +1,125 @@
+'use strict';
+
+var assert = require('assert');
+var odata = require('@sap/xsodata');
+var createTrace = require('../xsjs/trace/trace').createTrace;
+var db = require('../xsjs/db/common/connection');
+var Connection = require('../xsjs/db/dbapi/Connection');
+var utils = require('../utils');
+var logging = require('../logging');
+var format = require('util').format;
+var wrapAppError = require('../utils/errors/wrap-app-error');
+
+module.exports = ODataService;
+
+
+function ODataService(rt, rootUriPath, filePath) {
+  assert(rt, 'valid runtime is required');
+  assert(rootUriPath, 'valid odata root uri path is required');
+  assert(filePath, 'valid xsodata file is required');
+
+  this._rt = rt;
+  this._rootUriPath = rootUriPath;
+  this._filePath = filePath;
+  this._handlers = {};
+}
+
+ODataService.prototype.getRootUriPath = function () {
+  return this._rootUriPath;
+};
+
+ODataService.prototype.handle = function (req, res, callback) {
+  assert(req, 'valid request object expected');
+  assert(res, 'valid response object is expected');
+
+  var self = this;
+  var cb = callback || function () { };
+  var tenant = req.authInfo && req.authInfo.getZoneId();
+
+  this._retrieveDbOptions(req, res, function (err, hanaOptions) {
+    if (err) {
+      return cb(err);
+    }
+
+    var context = self._createRequestContext(req, res, hanaOptions);
+    var handler = self._getHandler(tenant, hanaOptions.schema);
+    handler.processRequest(req, res, context.requestOptions, function (err) {
+      var clientWrapper = context.clientWrapper;
+      clientWrapper.client && clientWrapper.client.close(function () { }); // ignoring an error here
+      cb(err);
+    });
+  });
+};
+
+ODataService.prototype._getHandler = function (tenant, schema) {
+  if (this._handlers[tenant]) {
+    return this._handlers[tenant];
+  }
+
+  var config = {
+    serviceConfiguration: this._filePath,
+    defaultSchema: schema
+  };
+  var handler = new odata.ODataHandler(config);
+  this._handlers[tenant] = handler;
+  return handler;
+};
+
+ODataService.prototype._createRequestContext = function (req, res, hanaOptions) {
+  var self = this;
+  var rt = this._rt;
+  var locale = res.locals.locale;
+  var clientWrapper = { client: null };
+
+  function retrieveClient(config, cb) {
+    db.connect(hanaOptions)
+      .then((client) => {
+        clientWrapper.client = client;
+        cb(null, client);
+      })
+      .catch((err) => { cb(err); });
+  }
+
+  function odataExitRunner(fnDescriptor, param, cb) {
+    assert(clientWrapper.client, 'valid database client expected');
+    param.connection = new Connection(clientWrapper.client);
+    try {
+      var jsContext = rt.createBaseContext(req, locale, { location: self._rootUriPath });
+      var libId = utils.toXSObjectId(fnDescriptor.package, fnDescriptor.file);
+      var thisArg = utils.createXsFunctionThisArg(jsContext);
+
+      var xsFunctionRunner = new utils.XsJsLibFunctionRunner(rt, libId, jsContext);
+      xsFunctionRunner.run(fnDescriptor.functionName, thisArg, [param])
+        .then(cb)
+        .catch((err) => {
+          var logger = req.loggingContext.getLogger(logging.CATEGORY);
+          logger.error(wrapAppError(err), format('Execution of OData exit for request "%s%s" failed', self._rootUriPath, req.path));
+          cb(err);
+        });
+    } catch (err) {
+      cb(err);
+    }
+  }
+
+  var requestOptions = new odata.RequestOptions({
+    functionExecutor: odataExitRunner,
+    dbOpenCB: retrieveClient,
+    locale: locale.dbLocale,
+    logger: createTrace({ req: req, location: this._rootUriPath })
+  });
+
+  return { requestOptions: requestOptions, clientWrapper: clientWrapper };
+};
+
+ODataService.prototype.clearCache = function(tenant) {
+  if (tenant) {
+    delete this._handlers[tenant];
+  } else {
+    this._handlers = {};
+  }
+};
+
+ODataService.prototype._retrieveDbOptions = function (req, res, cb) {
+  var dbReqOptions = this._rt.get('hanaDbOptions').forRequest(req, res.locals.locale);
+  dbReqOptions.getInstanceOptions(cb);
+};

package/lib/odata/index.js

@@ -0,0 +1,7 @@
+'use strict';
+
+var serviceFactory = require('./service-factory');
+var ODataService = require('./ODataService');
+
+module.exports.createServices = serviceFactory.createServices;
+module.exports.ODataService = ODataService;

package/lib/odata/service-factory.js

@@ -0,0 +1,26 @@
+'use strict';
+
+var assert = require('assert');
+var logger = require('../logging').logger;
+var tracer = require('../logging').tracer;
+var ODataService = require('./ODataService');
+
+exports.createServices = createServices;
+
+
+function createServices(rt) {
+  assert(rt, 'valid runtime is required');
+
+  var services = [];
+
+  for (var pathname in rt.xsodata) {
+    try {
+      services.push(new ODataService(rt, pathname, rt.xsodata[pathname]));
+      tracer.info('Registered OData handler for path: "%s"', pathname);
+    } catch (err) {
+      logger.error(err, 'Failed to register OData handler for "%s"', pathname);
+    }
+  }
+
+  return services;
+}

package/lib/passport-noauth.js

@@ -0,0 +1,17 @@
+'use strict';
+
+var passport = require('passport-strategy');
+var util = require('util');
+
+function Strategy() {
+  passport.Strategy.call(this);
+  this.name = 'anonymous';
+}
+
+util.inherits(Strategy, passport.Strategy);
+
+Strategy.prototype.authenticate = function() {
+  this.pass();
+};
+
+module.exports = Strategy;

package/lib/routes.js

@@ -0,0 +1,115 @@
+'use strict';
+
+var http = require('http');
+var format = require('util').format;
+var fs = require('fs');
+var path = require('path');
+var xssSecure = require('@sap/xss-secure');
+var logging = require('./logging');
+var wrapAppError = require('./utils/errors/wrap-app-error');
+
+var errorPageTemplate = fs.readFileSync(path.join(__dirname, 'views', 'error.html')).toString();
+
+exports.xsjs = function (rt) {
+  return async function xsjsHandler(req, res, next) {
+    var pathToScript = res.locals.pathToScript;
+    req.loggingContext.getTracer(__filename).info('Running script "%s"', pathToScript);
+    try {
+      await rt.runXsjs(pathToScript, req.$);
+      req.$.response._pipe(res);
+    } catch (err) {
+      next(err);
+    } finally {
+      cleanUp(rt, req);
+    }
+  };
+};
+
+exports.xsodata = function (rt, odataService) {
+  return function _odataRouteHandler(req, res, next) {
+    var odataPath = odataService.getRootUriPath();
+    var tracer = req.loggingContext.getTracer(__filename);
+    tracer.info('Starting OData handling for request "%s%s"', odataPath, req.path);
+    try {
+      odataService.handle(req, res, function (err) {
+        rt.triggerGc();
+        if (err) {
+          return next(err);
+        }
+        tracer.info('Finished OData handling for request "%s%s"', odataPath, req.path);
+      });
+    } catch (err) {
+      next(err);
+    }
+  };
+};
+
+exports.startJob = function (jobsRt, options) {
+  return async function (req, res, next) { // eslint-disable-line no-unused-vars
+    var logger = req.loggingContext.getLogger(logging.CATEGORY);
+    var tracer = req.loggingContext.getTracer(__filename);
+    if (!options.anonymous && options.uaa) {
+      var scope = options.uaa.xsappname + '.JOBSCHEDULER';
+      if (req.authInfo && !req.authInfo.checkScope(scope)) {
+        logger.error('Job "%s" - required scope "%s" is missing', req.path, scope);
+
+        var auditLog = req.app.get('auditLog');
+        if (!auditLog) {
+          return res.status(403).end();
+        }
+
+        var message = format('Job "%s", received token does not contain required scope: %s', req.path, scope);
+        return auditLog.logSecurityEvent(req, message, 'Technical user', function (err) {
+          if (err) {
+            return next(err);
+          }
+          res.status(403).end();
+        });
+      }
+    }
+
+    tracer.info('Starting job "%s"', req.path);
+    try {
+      await jobsRt.startJobAsync(req);
+      res.status(202).json({ success: true });
+      tracer.info('Job "%s" started', req.path);
+    } catch (err) {
+      logger.error(wrapAppError(err), format('Failed to start job "%s"', req.path));
+      res.status(500).json({ error: err.message ? err.message : err });
+    }
+  };
+};
+
+exports.error = function (err, req, res, next) { // eslint-disable-line no-unused-vars
+  var status = http.STATUS_CODES[err.status] ? err.status : 500;
+  var logger = req.loggingContext.getLogger(logging.CATEGORY);
+
+  if (status >= 400 && status < 500) {
+    logger.info('%s %s returning status %d (%s)', req.method, req.originalUrl, status, err.message);
+  } else {
+    logger.error(wrapAppError(err), format('%s %s returning status %d', req.method, req.originalUrl, status));
+  }
+
+  var title;
+  var stacktrace = '';
+  if (process.env.NODE_ENV === 'development') {
+    title = status + ' ' + err.message;
+    stacktrace = err.stack || '';
+  } else {
+    // do not reveal internal details to the client
+    title = status + ' ' + http.STATUS_CODES[status];
+  }
+  title = xssSecure.encodeHTML(title);
+  stacktrace = xssSecure.encodeHTML(stacktrace);
+
+  var errorPage = errorPageTemplate.replace(/<%= title %>/g, title);
+  errorPage = errorPage.replace('<%= stacktrace %>', stacktrace && ('<pre>' + stacktrace + '</pre>'));
+  res.set('Content-Type', 'text/html');
+  res.status(status).send(errorPage);
+};
+
+function cleanUp(rt, req) {
+  rt.cleanupContext(req.$);
+  req.$ = undefined;
+  rt.triggerGc();
+}