@sap/cds 6.1.3 → 6.2.2

package/libx/_runtime/extensibility/linter/namespace_checker.js

@@ -1,180 +0,0 @@
-const Checker = require('./checker_base')
-
-class NamespaceChecker extends Checker {
-  static async check(extensionCsn, fullCsn, compileDir, mtxConfig) {
-    let elementPrefixes = mtxConfig['element-prefix']
-    let namespaceBlocklist = mtxConfig['namespace-blocklist'] || mtxConfig['namespace-blacklist']
-    const warnings = []
-
-    if (elementPrefixes) {
-      if (!Array.isArray(elementPrefixes)) {
-        elementPrefixes = [elementPrefixes]
-      }
-
-      if (extensionCsn.extensions) {
-        // forall switches back to definitions if extensions are undefined
-        extensionCsn.forall(
-          () => true,
-          (element, name, parent) => {
-            element.name = name // TODO check if bug
-            this._checkElement(element, parent, elementPrefixes, compileDir, warnings)
-          },
-          extensionCsn.extensions
-        )
-      }
-
-      extensionCsn.forall(
-        element => {
-          return ['entity', 'function', 'action'].includes(element.kind)
-        },
-        entity => {
-          this._checkEntity(entity, extensionCsn, fullCsn, elementPrefixes, compileDir, warnings)
-        }
-      )
-    }
-
-    if (namespaceBlocklist) {
-      if (!Array.isArray(namespaceBlocklist)) {
-        namespaceBlocklist = [namespaceBlocklist]
-      }
-
-      extensionCsn.forall('service', service => {
-        this._checkNamespace(service, namespaceBlocklist, compileDir, warnings)
-      })
-
-      extensionCsn.forall(
-        element => {
-          return ['aspect', 'entity', 'type'].includes(element.kind)
-        },
-        entity => {
-          if (entity._unresolved) return // skip unresolved entities
-          this._checkNamespace(entity, namespaceBlocklist, compileDir, warnings)
-        }
-      )
-    }
-
-    return warnings
-  }
-
-  static _checkElement(element, parent, elementPrefixes, compileDir, warnings) {
-    if (elementPrefixes.length < 1) {
-      return
-    }
-
-    if (!parent) {
-      return
-    }
-
-    for (const elementPrefix of elementPrefixes) {
-      if (!parent.extend || element.name.startsWith(elementPrefix)) {
-        return
-      }
-    }
-
-    warnings.push(this._createPrefixWarning(element, compileDir, elementPrefixes))
-  }
-
-  static _checkEntity(element, reflectedCsn, reflectedFullCsn, elementPrefixes, compileDir, warnings) {
-    if (elementPrefixes.length < 1) {
-      return
-    }
-
-    if (!this._hasEnclosingEntity(reflectedCsn, element)) {
-      return
-    }
-
-    const parent = this._getEnclosingEntity(reflectedCsn, element)
-
-    // parent exists in extension
-    if (parent) {
-      return
-    }
-
-    // check full csn for parent - if it exists, continue
-    const parentFromFullCsn = this._getEnclosingEntity(reflectedFullCsn, element)
-    if (!parentFromFullCsn) {
-      return
-    }
-
-    // checks nested element - TODO determine real parent and split off parent name
-    const nestedElementName = this._getNestedEntityName(element) // ,parent
-
-    for (const elementPrefix of elementPrefixes) {
-      if (nestedElementName.startsWith(elementPrefix)) {
-        return
-      }
-    }
-
-    warnings.push(this._createPrefixWarning(element, compileDir, elementPrefixes))
-  }
-
-  static _hasEnclosingEntity(reflectedCsn, element) {
-    const plainEntityName = element.name.replace(reflectedCsn.namespace + '.', '')
-    const splitEntityName = plainEntityName.split('.')
-    if (splitEntityName.length > 1) {
-      return true
-    }
-    return false
-  }
-
-  static _getEnclosingEntity(reflectedCsn, element) {
-    const splitEntityName = element.name.split('.')
-    if (splitEntityName.length > 1) {
-      splitEntityName.pop()
-      return reflectedCsn.definitions[splitEntityName.join('.')]
-    }
-    return null
-  }
-
-  static _getNestedEntityName(element) {
-    const splitEntityName = element.name.split('.')
-    splitEntityName.shift()
-    return splitEntityName.join('.')
-  }
-
-  static _checkNamespace(element, namespaceBlacklist, compileDir, warnings) {
-    for (const namespace of namespaceBlacklist) {
-      if (element.name.startsWith(namespace)) {
-        warnings.push(this._createNamespaceWarning(element, compileDir, namespace))
-      }
-    }
-  }
-
-  static _createPrefixWarning(element, compileDir, prefixRule) {
-    const originFile = this._localizeFile(element.$location.file, compileDir)
-
-    return (
-      'Element ' +
-      element.name +
-      ' from ' +
-      originFile +
-      ' (line:' +
-      element.$location.line +
-      ', col:' +
-      element.$location.col +
-      ')' +
-      ' does not adhere to prefix rule: ' +
-      prefixRule
-    )
-  }
-
-  static _createNamespaceWarning(element, compileDir, namespace) {
-    const originFile = this._localizeFile(element.$location.file, compileDir)
-
-    return (
-      'Element ' +
-      element.name +
-      ' from ' +
-      originFile +
-      ' (line:' +
-      element.$location.line +
-      ', col:' +
-      element.$location.col +
-      ')' +
-      ' uses a forbidden namespace: ' +
-      namespace
-    )
-  }
-}
-
-module.exports = NamespaceChecker

package/libx/_runtime/extensibility/linter.js

@@ -1,32 +0,0 @@
-const cds = require('../cds')
-
-const NamespaceChecker = require('./linter/namespace_checker')
-const AnnotationsChecker = require('./linter/annotations_checker')
-const AllowlistChecker = require('./linter/allowlist_checker')
-
-const LINTER_OPTIONS = ['element-prefix', 'extension-allowlist', 'namespace-blocklist']
-const LEGACY_OPTIONS = ['entity-whitelist', 'service-whitelist', 'namespace-blacklist']
-
-const linter = async (extCsn, fullCsn, extensionFilenames, req) => {
-  const conf = cds.env.requires['cds.xt.ExtensibilityService'] || cds.env.mtx
-  const compat = cds.env.mtx
-  const linter_options = {}
-  let x
-  for (let p of LINTER_OPTIONS) if ((x = conf[p] || compat[p])) linter_options[p] = x // eslint-disable-line no-cond-assign
-  for (let p of LEGACY_OPTIONS) if ((x = compat[p])) linter_options[p] = x // eslint-disable-line no-cond-assign
-  if (!Object.keys(linter_options).length) return
-
-  const reflectedCsn = cds.reflect(extCsn)
-  const compileBaseDir = global.cds.root
-  const warnings = await Promise.all([
-    NamespaceChecker.check(reflectedCsn, fullCsn, compileBaseDir, linter_options),
-    AnnotationsChecker.check(reflectedCsn, extensionFilenames, compileBaseDir, linter_options),
-    AllowlistChecker.check(reflectedCsn, fullCsn, extensionFilenames, compileBaseDir, linter_options)
-  ])
-  const linterWarnings = [].concat.apply([], warnings) // REVISIT: What are we doing here?
-  if (linterWarnings.length > 0) {
-    req.reject(422, linterWarnings[0]) // REVISIT: Why are we returning the first warning only?
-  }
-}
-
-module.exports = linter

package/libx/_runtime/extensibility/push.js

@@ -1,118 +0,0 @@
-const fs = require('fs')
-const path = require('path')
-const cds = require('../cds')
-
-const activate = require('./activate')
-const { collectFiles, getCompilerError } = require('./utils')
-const { packTarArchive, unpackTarArchive } = require('../../../lib/utils/resources')
-const linter = require('./linter')
-
-const TEMP_DIR = fs.realpathSync(require('os').tmpdir())
-const LOG = cds.log('mtx')
-
-const _compileProject = async function (extension, req) {
-  let csn, root, files
-  try {
-    root = await fs.promises.mkdtemp(`${TEMP_DIR}${path.sep}extension-`)
-    await unpackTarArchive(extension, root)
-    files = collectFiles(root, ['.cds', '.csn']) // REVISIT: don't we have exactly one ext.csn file for all extensions?
-    csn = await cds.compile(files, { flavor: 'parsed' })
-    if (csn.requires) delete csn.requires
-  } catch (err) {
-    if (err.messages) req.reject(400, getCompilerError(err.messages))
-    else throw err
-  } finally {
-    fs.promises.rm(root, { recursive: true, force: true }).catch(() => {})
-  }
-
-  return { csn, files }
-}
-
-const base = async function (req) {
-  const cdsFiles = cds.resolve('*').filter(f => f.startsWith(cds.root) && !f.includes('node_modules'))
-  const csvObj = await cds.deploy.resources()
-  const csvFiles = Object.keys(csvObj).filter(f => f.startsWith(cds.root) && !f.includes('node_modules'))
-  const i18nFiles = collectFiles(cds.root, ['.properties'])
-  if (req._.res) req._.res.set('content-type', 'application/octet-stream; charset=binary')
-
-  return packTarArchive([...cdsFiles, ...csvFiles, ...i18nFiles], cds.root)
-}
-
-// const _copyFile = async function (file, dir) {
-//   const destination = path.join(dir, path.relative(cds.root, file))
-//   const dirname = path.dirname(destination)
-//   if (!(await exists(dirname))) await fs.promises.mkdir(dirname, { recursive: true })
-//   await fs.promises.copyFile(file, destination)
-// }
-
-const pull = async function (req) {
-  LOG.info(`pulling latest model for tenant '${req.tenant}'`)
-  const { 'cds.xt.ModelProviderService': mps } = cds.services
-  const csn = await mps.getCsn({
-    tenant: req.tenant,
-    toggles: Object.keys(cds.context.features || {}), // with all enabled feature extensions
-    base: true, // without any custom extensions
-    flavor: 'xtended'
-  })
-  // const csvObj = await cds.deploy.resources()
-  // const csvFiles = Object.keys(csvObj).filter(f => f.startsWith(cds.root) && !f.includes('node_modules'))
-  // const i18nFiles = collectFiles(cds.root, ['.properties'])
-
-  req._.res?.set('content-type', 'application/octet-stream; charset=binary')
-
-  let temp, tgz
-  try {
-    temp = await fs.promises.mkdtemp(`${TEMP_DIR}${path.sep}extension-`)
-    await fs.promises.writeFile(path.join(temp, 'index.csn'), cds.compile.to.json(csn))
-    // for (const file of csvFiles) await _copyFile(file, temp)
-    // for (const file of i18nFiles) await _copyFile(file, temp)
-    tgz = await packTarArchive(temp)
-  } finally {
-    fs.promises.rm(temp, { recursive: true, force: true }).catch(() => {})
-  }
-
-  return tgz
-}
-
-const push = async function (req) {
-  let { extension, tag } = req.data
-  if (!extension) req.reject(400, 'Missing extension')
-  const sources = typeof extension === 'string' ? Buffer.from(extension, 'base64') : extension
-  const { csn: extCsn, files } = await _compileProject(sources, req)
-  if (!extCsn) req.reject(400, 'Missing or bad extension')
-  if (!tag) tag = null
-  const tenant = req.tenant
-  if (tenant) cds.context = { tenant }
-
-  // remove current extension with tag
-  if (tag) {
-    await DELETE.from('cds.xt.Extensions').where({ tag })
-  }
-
-  LOG.info(`validating extension '${tag}' ...`)
-  // validation
-  const { 'cds.xt.ModelProviderService': mps } = cds.services
-  // REVISIT: Isn't that also done during activate?
-  const csn = await mps.getCsn(tenant, Object.keys(cds.context.features || {}))
-  try {
-    cds.extend(csn).with(extCsn)
-  } catch (err) {
-    return req.reject(400, getCompilerError(err.messages))
-  }
-  await linter(extCsn, csn, files, req)
-
-  // insert and activate extension
-  const ID = cds.utils.uuid()
-  await INSERT.into('cds.xt.Extensions').entries({
-    ID,
-    csn: JSON.stringify(extCsn),
-    sources,
-    activated: 'database',
-    tag
-  })
-
-  LOG.info(`activating extension '${tag}' ...`)
-  await activate(ID, null, tenant)
-}
-
-module.exports = { base, push, pull }

package/libx/_runtime/extensibility/service.js

@@ -1,38 +0,0 @@
-const cds = require('../cds')
-
-const addExtension = require('./addExtension')
-const { add, promote } = require('./add')
-const { base, push, pull } = require('./push')
-const { token } = require('./token')
-const { transformExtendedFieldsCREATE, transformExtendedFieldsUPDATE } = require('./handler/transformWRITE')
-const { transformExtendedFieldsREAD } = require('./handler/transformREAD')
-const { transformExtendedFieldsRESULT } = require('./handler/transformRESULT')
-
-module.exports = class ExtensibilityService extends cds.ApplicationService {
-  init() {
-    this.on('addExtension', addExtension)
-    this.on('add', add)
-    this.on('promote', promote)
-    this.on('base', base)
-    this.on('push', push)
-    this.on('pull', pull)
-
-    cds.on('served', () => cds.app.get('/-/cds/login/token', token))
-
-    const { 'cds.xt.ModelProviderService': mps } = cds.services
-    // REVISIT: mps._in_sidecar -> revisit options
-    if (!mps?._in_sidecar)
-      cds.db
-        .before('CREATE', transformExtendedFieldsCREATE)
-        .before('UPDATE', transformExtendedFieldsUPDATE)
-        .before('READ', transformExtendedFieldsREAD)
-        .after('READ', transformExtendedFieldsRESULT)
-
-    return super.init()
-  }
-
-  // REVISIT: Do we want to keep this?
-  get isExtensible() {
-    return false
-  }
-}

package/libx/_runtime/extensibility/token.js

@@ -1,57 +0,0 @@
-const { URL } = require('url')
-const cds = require('../../../lib')
-const LOG = cds.log()
-
-module.exports = {
-  async token(request, response) {
-    if (request.method === 'HEAD') {
-      response.status(204).send()
-      return
-    }
-
-    const { passcode, refresh_token, subdomain, clientid, clientsecret } = request.query
-    const { credentials } = cds.env.requires.auth
-    if (!credentials) {
-      cds.error(
-        'No auth credentials defined. The application is likely not bound to an authentication service instance.'
-      )
-    }
-
-    const parsedUrl = new URL(credentials.url)
-    parsedUrl.hostname = subdomain + '.' + parsedUrl.hostname.split('.').slice(1).join('.')
-
-    LOG.info(`Get auth token using URL ${parsedUrl}`)
-
-    if (clientid) {
-      LOG.info(`Using clientid/clientsecret from API call with clientid ${clientid}`)
-    }
-
-    const username = clientid ? clientid : credentials.clientid
-    const password = clientid ? clientsecret : credentials.clientsecret
-    const { xsappname } = cds.env.requires.auth?.credentials ?? cds.env.requires.uaa?.credentials ?? {}
-    const path =
-      (refresh_token
-        ? `oauth/token?grant_type=refresh_token&refresh_token=${refresh_token}`
-        : `oauth/token?grant_type=password&passcode=${encodeURIComponent(passcode)}`) +
-      `&scope=${encodeURIComponent(xsappname + '.cds.ExtensionDeveloper')}`
-
-    try {
-      const { data } = await require('axios').post(
-        parsedUrl + path,
-        { 'Content-Type': 'application/json' },
-        { auth: { username, password } }
-      )
-      response.send(data)
-    } catch (error) {
-      const rootCause = error.response?.data ? JSON.stringify(error.response?.data) : error.message
-      error.message = `Authentication failed with root cause '${rootCause}'. Passcode URL: https://${parsedUrl.hostname}/passcode`
-      const {
-        constructor: { name },
-        message
-      } = error
-      const status = name in { JwtRequestError: 1, IncompleteJwtResponseError: 1 } ? 401 : error.response.status ?? 500
-      LOG.error(message)
-      response.status(status).send({ message, status })
-    }
-  }
-}

package/libx/_runtime/extensibility/utils.js

@@ -1,131 +0,0 @@
-const fs = require('fs')
-const path = require('path')
-
-const { ensureNoDraftsSuffix } = require('../common/utils/draft')
-const { ensureUnlocalized } = require('../fiori/utils/handler')
-
-const EXT_BACK_PACK = 'extensions__'
-
-const getTargetRead = req => {
-  let name = ''
-  if (req.query.SELECT.from.join && req.query.SELECT.from.args) {
-    // join
-    name = req.query.SELECT.from.args.find(arg => arg.ref && arg.ref[0] !== 'DRAFT.DraftAdministativeData').ref[0]
-  } else if (req.target.name.SET) {
-    // union
-    name = req.target.name.SET.args[0]._target.name
-  } else {
-    // simple select
-    name = req.target.name
-  }
-
-  return { name: ensureUnlocalized(ensureNoDraftsSuffix(name)) }
-}
-
-const getTargetWrite = (target, model) => {
-  return model.definitions[ensureUnlocalized(ensureNoDraftsSuffix(target.name))]
-}
-
-const isExtendedEntity = (entityName, model) => {
-  const entity = model.definitions[ensureUnlocalized(ensureNoDraftsSuffix(entityName))]
-  if (!entity) return false
-
-  return entity.elements[EXT_BACK_PACK] || Object.values(entity.elements).some(el => el['@cds.extension'])
-}
-
-const _hasExtendedEntityArgs = (args, model) => {
-  return args.find(arg => {
-    if (arg.ref) {
-      return arg.ref[0] !== 'DRAFT.DraftAdministativeData' && isExtendedEntity(arg.ref[0], model)
-    }
-
-    if (arg.join) {
-      return _hasExtendedEntityArgs(arg.args, model)
-    }
-  })
-}
-
-const _hasExtendedExpand = (columns, targetName, model) => {
-  for (const col of columns) {
-    if (col.ref && col.expand) {
-      const targetNameModel = ensureUnlocalized(ensureNoDraftsSuffix(targetName))
-      const expTargetName = model.definitions[targetNameModel].elements[col.ref[0]].target
-      if (isExtendedEntity(expTargetName, model)) return true
-      _hasExtendedExpand(col.expand, expTargetName, model)
-    }
-  }
-}
-
-const hasExtendedEntity = (req, model) => {
-  if (!req.query.SELECT) return false
-
-  if (req.query.SELECT.columns && req.target && _hasExtendedExpand(req.query.SELECT.columns, req.target.name, model)) {
-    return true
-  }
-
-  if (req.query.SELECT.from.join && req.query.SELECT.from.args) {
-    return _hasExtendedEntityArgs(req.query.SELECT.from.args, model)
-  }
-
-  if (req.target) {
-    if (req.target.name.SET) {
-      return isExtendedEntity(req.target.name.SET.args[0]._target.name, model)
-    }
-
-    return isExtendedEntity(req.target.name, model)
-  }
-}
-
-const getExtendedFields = (entityName, model) => {
-  const elements = model.definitions[ensureUnlocalized(ensureNoDraftsSuffix(entityName))].elements
-
-  return Object.values(elements)
-    .filter(element => {
-      return element['@cds.extension']
-    })
-    .map(element => {
-      return element.name
-    })
-}
-
-const getCompilerError = messages => {
-  const defaultMsg = 'Error while compiling extension'
-  if (!messages) return defaultMsg
-
-  for (const msg of messages) {
-    if (msg.severity === 'Error') return msg.message
-  }
-
-  return defaultMsg
-}
-
-const collectFiles = (dir, extensions) => {
-  const files = []
-  fs.readdirSync(dir).forEach(file => {
-    const abs = path.join(dir, file)
-    if (fs.statSync(abs).isDirectory() && !abs.includes('node_modules')) files.push(...collectFiles(abs, extensions))
-    else if (!extensions || extensions.includes(path.extname(abs))) files.push(abs)
-  })
-
-  return files
-}
-
-const exists = async fileOrDir => {
-  try {
-    return await fs.promises.stat(fileOrDir)
-  } catch (_) {
-    return false
-  }
-}
-
-module.exports = {
-  EXT_BACK_PACK,
-  getTargetRead,
-  getTargetWrite,
-  isExtendedEntity,
-  hasExtendedEntity,
-  getExtendedFields,
-  getCompilerError,
-  collectFiles,
-  exists
-}

package/libx/_runtime/extensibility/validation.js

@@ -1,50 +0,0 @@
-const cds = require('../cds')
-
-const { getCompilerError } = require('./utils')
-
-const validateCsn = (csn, appCsn, req) => {
-  if (!csn) req.reject(400, 'Missing extension')
-  if (!csn.extensions) return
-
-  csn.extensions.forEach(extension => {
-    if (!extension.extend || !appCsn.definitions[extension.extend]) {
-      req.reject(400, 'Invalid extension. Parameter "extend" missing or malformed')
-    }
-
-    if (!extension.elements) {
-      req.reject(400, 'Invalid extension. Missing parameter "elements"')
-    }
-  })
-}
-
-const validateExtensionFields = (csn, appCsn, req) => {
-  if (!csn.extensions) return
-
-  csn.extensions.forEach(extension => {
-    if (extension.elements) {
-      Object.keys(extension.elements).forEach(name => {
-        if (!/^[A-Za-z]\w*$/.test(name)) {
-          req.reject(400, `Invalid extension. Bad element name "${name}"`)
-        }
-
-        if (Object.keys(appCsn.definitions[extension.extend].elements).includes(name)) {
-          req.reject(400, `Invalid extension. Element "${name}" already exists`)
-        }
-      })
-    }
-  })
-}
-
-const validateExtension = (ext, csn, req) => {
-  try {
-    cds.extend(csn).with(ext)
-  } catch (err) {
-    req.reject(400, getCompilerError(err.messages))
-  }
-}
-
-module.exports = {
-  validateCsn,
-  validateExtensionFields,
-  validateExtension
-}

package/libx/_runtime/extensibility/views.js

@@ -1,12 +0,0 @@
-const _isProjection = target => target && target.query && target.query._target
-
-const resolveViews = (target, views_ = []) => {
-  if (_isProjection(target)) {
-    views_.push(target)
-    return resolveViews(target.query._target, views_)
-  }
-
-  return target
-}
-
-module.exports = resolveViews

package/srv/extensibility-service.cds

@@ -1,60 +0,0 @@
-// using { cds.xt.TAR } from './model-provider'; //> IMPORTANT: don't add this as it will cause services loaded twice
-using { cds.xt.Extensions } from './extensions';
-
-@protocol: 'rest'
-@(requires : 'authenticated-user')
-service cds.xt.ExtensibilityService @(path:'/-/cds/extensibility', impl:'@sap/cds/srv/extensibility-service.js') {
-  // TODO: allow-lists - custom before('add') handler
-  // TODO: async jobs
-
-  type ActivationLevel : Extensions:activated;
-  type TAR : LargeBinary;
-  type CSN : String; // REVISIT: should reuse cds.xt.CSN
-  type CSN_OR_CDL: String;
-
-  // UIFLEX API
-   @(requires : ['cds.UIFlexDeveloper', 'cds.ExtensionDeveloper'])
-  action addExtension(extensions : array of CSN);  // REVISIT: change to array of CSN extensions
-
-  // Experimantal API
-  @(requires : ['cds.ExtensionDeveloper', 'internal-user'])
-  action add(
-    extension  : CSN_OR_CDL,
-    tag        : Extensions:tag, // optional
-    activate   : ActivationLevel, // optional, default = 'database'
-    tenant     : String // optional, for internal-user only
-  );
-
-  // Experimantal API
-  @(requires : ['cds.ExtensionDeveloper', 'internal-user'])
-  action promote(
-    tag       : Extensions:tag, // optional
-    activate  : ActivationLevel, // optional, default = 'database'
-    tenant    : String // optional, for internal-user only
-  );
-
-  // REVISIT: consider implementing delete
-  // action delete(tenant: String, tag: Extensions:tag);
-
-  // EXTENSION PROJECT
-  // deprecated - mimics current cds extend returning TAR (w/o features)
-  // only features configured for tenant
-  @(requires : ['cds.ExtensionDeveloper'])
-  function base() returns TAR;
-
-  @(requires : ['cds.ExtensionDeveloper'])
-  action pull() returns TAR;
-
-  @(requires : ['cds.ExtensionDeveloper'])
-  action push (
-    extension : LargeBinary, // REVISIT: Using TAR here leads to a strange type check failure
-    tag       : Extensions:tag
-    // activate  : ActivationLevel
-  );
-
-  // REVISIT: separate action for transport -> later
-
-  event tenantUpdated {
-    tenant: String;
-  }
-}

package/srv/extensibility-service.js

@@ -1 +0,0 @@
-module.exports = require('../libx/_runtime/extensibility/service')

package/srv/extensions.cds

@@ -1,8 +0,0 @@
-entity cds.xt.Extensions {
-  key ID    : UUID;
-  tag       : String;       //> e.g.: uiflex, custom, ...
-  csn       : String;
-  sources   : LargeBinary; // TAR
-  activated : String enum { propertyBag; database };
-  timestamp : Timestamp @cds.on.insert:$now @cds.on.update:$now; // to support invalidation of models
-}