@sap/cds 5.4.6 → 5.5.0

package/lib/ql/rt/SELECT.js

@@ -1,174 +0,0 @@
-const { CQL, CXL, cds, is_array, is_projection, is_function, _projection4, libx } = require('./_helpers')
-const $ = Object.assign
-
-// We'll extend and replace these below...
-const SELECT = libx.SELECT.from('X').constructor
-const select_columns = SELECT.prototype.columns
-const select_where = SELECT.prototype.where
-const select_having = SELECT.prototype.having
-const select_groupBy = SELECT.prototype.groupBy
-const select_orderBy = SELECT.prototype.orderBy
-const select_limit = SELECT.prototype.limit
-
-
-module.exports = cds.extend (SELECT) .with (class {
-
-  static from(..._) { return (this.new).from(..._) }
-  static _api() {
-    return $((..._) => (this.new)._select_or_from(..._), {
-      columns: (..._) => (this.new).columns(..._),
-      from: (..._) => (this.new).from(..._),
-      one: $((...x) => (this.new).one._select_or_from(...x),{
-        columns: (..._) => (this.new).one.columns(..._),
-        from: (..._) => (this.new).one.from(..._),
-      }),
-      distinct: $((...x) => (this.new).distinct._select_or_from(...x),{
-        columns: (..._) => (this.new).distinct.columns(..._),
-        from: (..._) => (this.new).distinct.from(..._),
-      }),
-    })
-  }
-
-  _select_or_from (cols, ...more) {
-    if (!cols) return this
-    else if (cols.name) return this.from (...arguments)
-    else if (is_function(cols)) return select_columns.call (this, _projection4 (cols, this.entity))
-    else if (is_array(cols)) return !cols[0] ? this : select_columns.call (this, cols)
-    else if (!isNaN(cols)) return select_columns.apply (this,arguments) //> numbers can't be from
-    else if (cols === '*') return select_columns.apply (this,arguments)
-    else if (cols.raw) {
-      let tts = [ ...cols ]; tts.raw = true //> because tt strings are sealed
-      if (tts[0].startsWith('from ')) {   //> it's a from, with an arbitrary long CQL tail...
-        tts[0] = 'SELECT '+ tts[0]
-        let {SELECT} = CQL(tts, ...more)
-        Object.assign (this._, SELECT)
-        return this
-      } else if (tts[0].includes(':')) {  //> it's a from (and needs to be handled, as it would become a cast instead)
-        return this.from (String.raw(...arguments))
-      } else if (tts[0][0] === '{') {     //> it's a select
-        tts[0] = 'SELECT from X '+ tts[0]
-        let {SELECT} = CQL(tts, ...more)
-        return select_columns.call (this, SELECT.columns)
-      } else {                            //> still ambiguous...
-        tts[0] = 'SELECT from X { '+ tts[0]; tts[tts.length-1] += ' }'
-        let {SELECT:{columns:c}} = CQL(tts, ...more)
-        if (c.length > 1 || !c[0].ref) return select_columns.call (this, c)
-        else cols = c[0] //> goes on below...
-      }
-    }
-    else if (typeof cols === 'string' && cols.includes(':')) {
-      return select_columns.apply (this,arguments)
-    }
-
-
-    // it's still unclear whether it's a select or a from case
-    // -> return a proxy assuming it's a from and switching to
-    // columns on a subsequent call of .from, if any.
-    const {one} = this._
-    return Object.defineProperties (this.from(cols, ...more), {
-      from: {configurable:true,value:(..._) => {
-        delete this.from; delete this._.columns; delete this._.where
-        if (!one) delete this._.one
-        return this.from(..._).columns(cols, ...more)
-      }},
-    })
-  }
-
-  columns (cols, ...more) {
-    if (!cols) return this
-    if (is_function(cols)) return select_columns.call (this, _projection4 (cols, this.entity))
-    if (is_array(cols)) return !cols[0] ? this : select_columns.call (this, cols)
-    if (cols.raw) {
-      let tts = [ ...cols ]; tts.raw = true //> because tt strings are sealed
-      if (tts[0][0] === '{') {
-        tts[0] = 'SELECT from X '+ tts[0]
-      } else {
-        tts[0] = 'SELECT from X { '+ tts[0]
-        tts[tts.length-1] += ' }'
-      }
-      let {SELECT} = CQL(tts, ...more)
-      cols = SELECT.columns
-    }
-    return select_columns.call (this, cols, ...more)
-  }
-
-  from (target, second, third) {
-    this._.from = target === '*' || this._target_ref4 (...arguments)
-    if (!target.raw && second) {
-      if (is_projection(second)) this.columns(second)
-      else this.byKey(second)
-      if (third) this.columns(third)
-    }
-    // REVISIT: compatibility with overly eager impl in cds-runtime
-    if (!this._.columns) this._addSelectColumns (target)
-    return this
-  }
-
-  limit (rows,offset) {
-    if (rows === undefined) return this
-    if (typeof rows === 'object') this._.limit = rows
-    else select_limit.call(this,rows,offset)
-    return this
-  }
-
-  get distinct() {
-    this._.distinct = true
-    return this
-  }
-  get one() {
-    this._.one = true
-    return this
-  }
-
-  redirectTo (entity) {
-    return this.clone().from(entity)
-  }
-
-  expand (ref, cols, exp = 'expand') {
-    const { SELECT } = this,
-      columns = SELECT.columns || (SELECT.columns = [])
-    const col = { ref: ref.split('.'), [exp]: cols ? _projection4(cols) : ['*'] }
-    columns.push(col)
-    return this
-  }
-
-  inline (ref, cols) {
-    return this.expand(ref, cols, 'inline')
-  }
-
-  where(...args) {
-    if (!args[0]) return this
-    if (args[0].raw) args = [CXL(...args).xpr]
-    return select_where.apply(this,args)
-  }
-
-  having(...args) {
-    if (args[0].raw) { this._.having = CXL(...args).xpr; return this }
-    return select_having.apply(this,args)
-  }
-
-  groupBy (...args) {
-    if (args[0].raw) {
-      let tts = [ ...args ]; tts.raw = true //> because tt strings are sealed
-      tts[0] = 'SELECT from X group by '+ tts[0]
-      this._.groupBy = CQL(...tts).SELECT.groupBy
-      return this
-    }
-    return select_groupBy.apply(this,args)
-  }
-
-  orderBy (...args) {
-    if (args[0].raw) {
-      let tts = [ ...args ]; tts.raw = true //> because tt strings are sealed
-      tts[0] = 'SELECT from X order by '+ tts[0]
-      this._.orderBy = CQL(...tts).SELECT.orderBy
-      return this
-    }
-    return select_orderBy.apply(this,args)
-  }
-
-  foreach(callback) {
-    return this.then((rows) => rows.map(callback))
-  }
-
-})

package/lib/ql/rt/UPDATE.js

@@ -1,119 +0,0 @@
-const { CXL, cds, libx } = require('./_helpers')
-const $ = Object.assign
-
-// We'll extend and replace these below...
-const UPDATE =  libx.UPDATE('x').constructor
-const update_where = UPDATE.prototype.where
-const update_set = UPDATE.prototype.set
-
-
-module.exports = cds.extend (UPDATE) .with (class {
-
-  static _api() {
-    return $((..._) => (this.new).entity(..._), {
-      entity: (..._) => (this.new).entity(..._),
-    })
-  }
-
-  entity (target, key) {
-    this._.entity = this._target_name4 (...arguments)
-    if (key) this.byKey(key)
-    return this
-  }
-
-  with (...args) {
-    return this.set(...args)
-  }
-
-  set (...args) { // NOSONAR
-    const {_} = this
-
-    // A tagged template string
-    if (args[0].raw) {
-      _add (CXL(...args).xpr, args[0].raw)
-      // for (let each of _comma_separated_exprs(String.raw(...args))) {
-      //   _add (cds.parse.expr(each).xpr, each)
-      // }
-    }
-
-    // Alternating expr fragment / values args...
-    else if (args.length > 1) {
-      for (let i = 0; i < args.length; ++i) {
-        const [, col, op] = /\s*([\w.]+)\s*([%*+-]?=)/.exec(args[i])
-        _add ([ {ref:[col]}, op, { val: args[++i] } ])
-      }
-    }
-
-    // A single expression string
-    else if (typeof args[0] === 'string') {
-      for (let each of _comma_separated_exprs(args[0])) {
-        _add (cds.parse.expr(each).xpr, each)
-      }
-    }
-
-    // A column - value / expr object
-    else if (typeof args[0] === 'object') {
-      update_set.call(this, ...args)
-    }
-
-    return this
-
-    function _add (xpr, src) {
-      if (!xpr) throw new Error (`Invalid UPDATE.set expression: ${src}`)
-      const [lhs, op, ...rhs] = xpr
-      if (!lhs.ref) throw new Error (`Invalid left-hand-side for UPDATE.set expression: ${lhs}`)
-      const col = lhs.ref.join('.')
-      const v = (
-        op === '=' ? (rhs.length === 1 ? rhs[0] : { xpr: rhs }) :
-        op.length === 2 && op[1] === '=' ? { xpr: [ lhs, op[0], ...rhs] } :
-        cds.errror('Invalid operator in UPDATE.set expression: ' + op)
-      )
-      if (v.val) (_.data || (_.data={}))[col] = v.val
-      else (_.with || (_.with={}))[col] = v
-    }
-  }
-
-  where (...args) {
-    if (!args[0]) return this
-    if (args[0].raw) args = [CXL(...args).xpr]
-    return update_where.apply(this,args)
-  }
-})
-
-
-function _comma_separated_exprs(s) { // NOSONAR
-  let all = [],
-    start = 0,
-    scope = 0,
-    close = 0,
-    stack = [close]
-  for (let i = 0; i < s.length; ++i) {
-    const c = s[i]
-    if (c === ',' && !scope) {
-      all.push(s.slice(start, i))
-      start = i + 1
-    } else if (c === "'") {
-      while (i < s.length) {
-        if (s[++i] === "'") {
-          if (s[i + 1] === "'") ++i // NOSONAR
-          else break
-        }
-      }
-    } else if (c === '(') {
-      scope++
-      stack.unshift((close = ')'))
-    } else if (c === '[') {
-      scope++
-      stack.unshift((close = ']'))
-    } else if (c === '{') {
-      scope++
-      stack.unshift((close = '}'))
-    } else if (c === close) {
-      scope--
-      stack.shift()
-      close = stack[0]
-    }
-  }
-  all.push(s.slice(start))
-  return all
-}

package/lib/ql/rt/_helpers.js

@@ -1,91 +0,0 @@
-const is_projection = (x) => is_function(x) || is_array(x)
-const is_function = (x) => typeof x === 'function'
-const is_array = (x) => Array.isArray(x) && !x.raw
-
-const cds = require('../../index')
-const { CQL, CXL } = cds.parse
-
-module.exports = {
-  libx: require('../../../libx/_runtime').statements,
-  is_projection, is_array, is_function,
-  _projection4, _predicate4,
-  CQL, CXL, cds,
-}
-
-
-/* eslint no-unused-vars: off */
-function _projection4(x, entity) { // NOSONAR
-  if (!x || x === '*') return ['*']
-  if (is_projection(x[0])) x = x[0]
-  if (is_array(x)) return x.map((c) => (c.ref ? c : { ref: c.split('.') }))
-  if (typeof x === 'function') {
-    const columns = []
-    x(
-      new Proxy(x, {
-        // handle top-level projections or subselects such as
-        // (foo)=>{ foo('*'), foo(SELECT...).as('bar') }
-        apply: (_, __, args, ...more) => {
-          if (!args.length) args = ['*']
-          let [x] = is_array(args[0]) || args[0].raw ? args[0] : args
-          if (x === '.*') x = '*'
-          columns.push(x)
-          return { as: (alias) => (x.as = alias) }
-        },
-        // handle top-level paths like (foo)=>{ foo.bar }
-        get: (_, p) => {
-          const col = { ref: [p] }
-          columns.push(col)
-          const nested = new Proxy(x, {
-            // handle n-fold paths like (foo)=>{ foo.bar.car }
-            get: (_, p) => {
-              if (p === 'where') return (x) => ((col.where = _predicate4(x)), nested)
-              if (p === 'as') return (alias) => ((col.as = alias), nested)
-              else col.ref.push(p)
-              return nested
-            },
-            // handle nested projections e.g. (foo)=>{ foo.bar (b=>{ ... }) }
-            apply: (_, __, args) => {
-              const [a, b] = args
-              if (!a) col.expand = ['*']
-              else if (a.raw) {
-                if (a[0] === '*') col.expand = ['*']
-                else if (a[0] === '.*') col.inline = ['*']
-                else {
-                  let tts = [...a] //> tts are sealed
-                  tts[0] = 'SELECT '+ col.ref[col.ref.length-1] +' '+ tts[0]
-                  tts[tts.length-1] += ' from X'
-                  let {SELECT} = CQL(...tts)
-                  Object.assign (col, SELECT.columns[0])
-                }
-              }
-              else if (a === '*') col.expand = ['*']
-              else if (a === '.*') col.inline = ['*']
-              else {
-                let x = (col[/^\(?_\b/.test(a) ? 'inline' : 'expand'] = _projection4(args))
-                if (b && b.levels)
-                  while (--b.levels) x.push({ ...col, expand: (x = [...x]) })
-              }
-              return nested
-            },
-          })
-          return nested
-        },
-      })
-    )
-    return columns
-  }
-  else throw new Error('SELECT w/ invalid projection argument: ' + JSON.stringify(x))
-}
-
-
-/**
- * Helper to create a predicate from a feather object
- */
-function _predicate4 (o,...more) {
-  if (o.raw) return CXL(o,...more).xpr
-  const predicates = []
-  for (let each in o) {
-    predicates.push('and', { ref: each.split('.') }, '=', { val: o[each] })
-  }
-  return predicates.slice(1)
-}

package/lib/ql/rt/index.js

@@ -1,32 +0,0 @@
-// Monkey-patched cds.ql implementations from cds-runtime
-module.exports = Object.assign (_deprecated_srv_ql, require('../../../libx/_runtime').statements, {
-  Query:  require('./Query'),
-  SELECT: require('./SELECT')._api(),
-  INSERT: require('./INSERT')._api(),
-  UPDATE: require('./UPDATE')._api(),
-  DELETE: require('./DELETE')._api(),
-})
-
-
-function _deprecated_srv_ql() {
-  // eslint-disable-next-line no-console
-  console.trace(`
-    Method 'srv.ql(req)' is deprecated and superceded by 'cds.context'.
-    Please use global SELECT instead of 'const { SELECT } = srv.ql(req)'.
-  `)
-  return module.exports
-}
-
-
-const {cds} = global
-if (cds.env.features.cls && cds.env.features.debug_queries) {
-  const { AsyncResource } = require('async_hooks')
-  const { Query } = module.exports
-  const { then } = Query.prototype
-  Object.defineProperty (Query,'then',{
-    get(){
-      const q = new AsyncResource('cds.Query')
-      return (r,e) => q.runInAsyncScope (then,this,r,e)
-    }
-  })
-}

package/libx/_runtime/audit/generic/personal.js

@@ -1,260 +0,0 @@
-const cds = require('../../cds')
-
-const getTemplate = require('../../common/utils/template')
-const templateProcessor = require('../../common/utils/templateProcessor')
-
-const WRITE = { CREATE: 1, UPDATE: 1, DELETE: 1 }
-const ASPECTS = { CREATE: '_auditCreate', READ: '_auditRead', UPDATE: '_auditUpdate', DELETE: '_auditDelete' }
-
-/*
- * common
- */
-
-const _getRootEntity = element => {
-  let entity = element.parent
-  while (entity.kind !== 'entity') entity = entity.parent
-  return entity
-}
-
-// REVISIT: does this hash calc work for structured keys?
-const _getHash = (entity, row) => {
-  return `${entity.name}(${Object.keys(entity.keys)
-    .map(k => `${k}=${row[k]}`)
-    .join(',')})`
-}
-
-const _addObjectID = (log, row, key) => {
-  if (!log.dataObject.id.find(ele => ele.keyName === key)) log.dataObject.id.push({ keyName: key, value: row[key] })
-}
-
-// REVISIT: better solution for data subject calculation
-const _addDataSubject = (log, row, key, entity, element, model) => {
-  let target = entity
-  let prefix = ''
-  if (element['@odata.foreignKey4']) {
-    const assoc = entity.elements[element['@odata.foreignKey4']]
-    target = model.definitions[assoc.target]
-    prefix = assoc.name + '_'
-  }
-  if (!log.dataSubject.type) log.dataSubject.type = target.name
-  const keyName = key.replace(prefix, '')
-  if (!log.dataSubject.id.find(ele => ele.keyName === keyName)) {
-    const value = row[key] || (row._old && row._old[key])
-    log.dataSubject.id.push({ keyName, value })
-  }
-}
-
-const _getPick = event => {
-  return (element, target) => {
-    if (!target[ASPECTS[event]]) return
-
-    const categories = []
-    if (!element.isAssociation && element.key) categories.push('ObjectID')
-    if (!element.isAssociation && element['@PersonalData.FieldSemantics'] === 'DataSubjectID')
-      categories.push('DataSubjectID')
-    if (event in WRITE && element['@PersonalData.IsPotentiallyPersonal']) categories.push('IsPotentiallyPersonal')
-    if (element['@PersonalData.IsPotentiallySensitive']) categories.push('IsPotentiallySensitive')
-    if (categories.length) return { categories }
-  }
-}
-
-/*
- * modification
- */
-
-const _getOldAndNew = (action, row, key, sensitive) => {
-  let oldValue = action === 'Create' ? null : row._old && row._old[key]
-  if (oldValue === undefined) oldValue = null
-  let newValue = action === 'Delete' ? null : row[key]
-  if (newValue === undefined) newValue = null
-  return { oldValue, newValue }
-}
-
-const _processorFnModification = (modificationLogs, model) => {
-  return (row, key, element, plain) => {
-    if (!row._op) return
-
-    const entity = _getRootEntity(element)
-
-    const action = row._op[0].toUpperCase() + row._op.slice(1)
-
-    // create or augment log entry
-    const hash = _getHash(entity, row)
-    let modificationLog = modificationLogs[hash]
-    if (!modificationLog) {
-      modificationLogs[hash] = {
-        dataObject: { type: entity.name, id: [] },
-        dataSubject: { id: [], role: entity['@PersonalData.DataSubjectRole'] },
-        action,
-        attributes: []
-      }
-      modificationLog = modificationLogs[hash]
-    }
-
-    // process categories
-    for (const category of plain.categories) {
-      if (category === 'ObjectID') {
-        _addObjectID(modificationLog, row, key)
-      } else if (category === 'DataSubjectID') {
-        _addDataSubject(modificationLog, row, key, entity, element, model)
-      } else if (category === 'IsPotentiallyPersonal') {
-        if (!modificationLog.attributes.find(ele => ele.name === key)) {
-          const { oldValue, newValue } = _getOldAndNew(action, row, key)
-          if (oldValue !== newValue) modificationLog.attributes.push({ name: key, oldValue, newValue })
-        }
-      } else if (category === 'IsPotentiallySensitive') {
-        if (!modificationLog.attributes.find(ele => ele.name === key)) {
-          const { oldValue, newValue } = _getOldAndNew(action, row, key, true)
-          if (oldValue !== newValue) modificationLog.attributes.push({ name: key, oldValue, newValue })
-        }
-      }
-    }
-  }
-}
-
-const _getDataModificationLogs = async (data, req, tx) => {
-  const template = getTemplate(
-    `personal_${req.event}`.toLowerCase(),
-    Object.assign({ name: req.target._service.name, model: req._model }),
-    req.target,
-    { pick: _getPick(req.event) }
-  )
-
-  const modificationLogs = {}
-  const processFn = _processorFnModification(modificationLogs, tx.model)
-  templateProcessor({ processFn, row: req._diff, template })
-
-  return modificationLogs
-}
-
-/*
- * access
- */
-
-const _processorFnAccess = (accessLogs, model) => {
-  return (row, key, element, plain) => {
-    const entity = _getRootEntity(element)
-
-    // create or augment log entry
-    const hash = _getHash(entity, row)
-    let accessLog = accessLogs[hash]
-    if (!accessLog) {
-      accessLogs[hash] = {
-        dataObject: { type: entity.name, id: [] },
-        dataSubject: { id: [], role: entity['@PersonalData.DataSubjectRole'] },
-        attributes: [],
-        attachments: []
-      }
-      accessLog = accessLogs[hash]
-    }
-
-    // process categories
-    for (const category of plain.categories) {
-      if (category === 'ObjectID') {
-        _addObjectID(accessLog, row, key)
-      } else if (category === 'DataSubjectID') {
-        _addDataSubject(accessLog, row, key, entity, element, model)
-      } else if (category === 'IsPotentiallySensitive') {
-        // add attribute
-        if (!accessLog.attributes.find(ele => ele.name === key)) accessLog.attributes.push({ name: key })
-        // REVISIT: attribute vs. attachment?
-      }
-    }
-  }
-}
-
-const _getDataAccessLogs = (data, req, tx) => {
-  const template = getTemplate(
-    'personal_read',
-    Object.assign({ name: req.target._service.name, model: req._model }),
-    req.target,
-    { pick: _getPick('READ') }
-  )
-
-  const accessLogs = {}
-  const processFn = _processorFnAccess(accessLogs, tx.model)
-  const data_ = Array.isArray(data) ? data : [data]
-  data_.forEach(row => {
-    templateProcessor({ processFn, row, template })
-  })
-
-  return accessLogs
-}
-
-/*
- * handler registration
- */
-
-let als
-
-/*
- * Generic handlers for audit logging access to writing personal data
- */
-
-const _attachDiffToContextHandler = async function (req) {
-  // REVISIT: what does this do?
-  Object.defineProperty(req.query, '_selectAll', {
-    enumerable: false,
-    writable: false,
-    configurable: true,
-    value: true
-  })
-
-  // attach to root request
-  req.context._diff = await req.diff()
-}
-
-const _auditModificationHandler = async function (data, req) {
-  als = als || (await cds.connect.to('audit-log'))
-  if (!als.ready) return
-
-  const modificationLogs = await _getDataModificationLogs(data, req, this)
-  const modifications = Object.keys(modificationLogs)
-    .map(k => modificationLogs[k])
-    .filter(ele => ele.attributes.length)
-
-  if (modifications.length) await als.emit('dataModificationLog', { modifications })
-}
-
-/*
- * Generic handler for audit logging access to reading personal data
- */
-
-const _auditAccessHandler = async function (data, req) {
-  als = als || (await cds.connect.to('audit-log'))
-  if (!als.ready) return
-
-  const accessLogs = await _getDataAccessLogs(data, req, this)
-  const accesses = Object.keys(accessLogs).map(k => accessLogs[k])
-
-  if (accesses.length) await als.emit('dataAccessLog', { accesses })
-}
-
-module.exports = function () {
-  /*
-   * data modification
-   */
-  // REVISIT: diff() doesn't work in srv after phase but foreign key propagation has not yet taken place in srv before phase
-  //          -> calc diff in db layer and attach to root request
-  //          -> REVISIT for GA: clear req._.partialPersistentState?
-  _attachDiffToContextHandler._initial = true
-  for (const entity of Object.values(this.entities).filter(e => e._auditCreate)) {
-    cds.db.before('CREATE', entity, _attachDiffToContextHandler)
-    this.after('CREATE', entity, _auditModificationHandler)
-  }
-  for (const entity of Object.values(this.entities).filter(e => e._auditUpdate)) {
-    cds.db.before('UPDATE', entity, _attachDiffToContextHandler)
-    this.after('UPDATE', entity, _auditModificationHandler)
-  }
-  for (const entity of Object.values(this.entities).filter(e => e._auditDelete)) {
-    cds.db.before('DELETE', entity, _attachDiffToContextHandler)
-    this.after('DELETE', entity, _auditModificationHandler)
-  }
-
-  /*
-   * data access
-   */
-  for (const entity of Object.values(this.entities).filter(e => e._auditRead)) {
-    this.after('READ', entity, _auditAccessHandler)
-  }
-}