@sap/cds 7.1.1 → 7.2.0

package/libx/_runtime/db/sql-builder/ExpressionBuilder.js

@@ -157,23 +157,6 @@ class ExpressionBuilder extends BaseBuilder {
       objects[i + 1].func = `not ${objects[i + 1].func}`
       return 1
     }
-    if (objects[i].func || (objects[i + 2] && objects[i + 2].func)) {
-      // sqlite requires leading 0 for numbers in datetime functions
-      const f = objects[i].func ? i : OPERATORS.has(objects[i + 1]) ? i + 2 : i - 2
-      const v = objects[i].val ? i : OPERATORS.has(objects[i + 1]) ? i + 2 : i - 2
-      if (
-        objects[f] &&
-        cds.db &&
-        ((SQLITE_DATETIME_FUNCTIONS.has(objects[f].func) && cds.db.kind === 'sqlite') ||
-          (HANA_DATETIME_FUNCTIONS.has(objects[f].func) && cds.db.kind === 'hana'))
-      ) {
-        if (objects[v] && objects[v].val !== undefined && typeof objects[v].val === 'number') {
-          objects[v] = { val: `${objects[v].val < 10 ? 0 : ''}${objects[v].val}` }
-          if (objects[f].func === 'second') objects[v].val = _fillAfterDot(objects[v].val)
-        }
-      }
-      return 0
-    }
 
     if ((objects[i + 1] === '=' || objects[i + 1] in NOT_EQUAL) && objects[i + 2] && objects[i + 2].val === null) {
       this._addNullOrNotNull(objects[i], objects[i + 1])

package/libx/_runtime/db/utils/coloredTxCommands.js

@@ -1,5 +1,7 @@
+const COLORS = !!process.stdout.isTTY && !!process.stderr.isTTY && !process.env.NO_COLOR
+
 module.exports = {
-  BEGIN: '\x1b[1m\x1b[33mBEGIN\x1b[0m',
-  COMMIT: '\x1b[1m\x1b[32mCOMMIT\x1b[0m',
-  ROLLBACK: '\x1b[1m\x1b[91mROLLBACK\x1b[0m'
+  BEGIN: COLORS ? '\x1b[1m\x1b[33mBEGIN\x1b[0m' : 'BEGIN',
+  COMMIT: COLORS ? '\x1b[1m\x1b[32mCOMMIT\x1b[0m' : 'COMMIT',
+  ROLLBACK: COLORS ? '\x1b[1m\x1b[91mROLLBACK\x1b[0m' : 'ROLLBACK'
 }

package/libx/_runtime/fiori/lean-draft.js

@@ -87,6 +87,7 @@ const _redirectRefToActives = (ref, model) => {
 }
 
 const h = cds.ApplicationService.prototype.handle
+
 /* eslint-disable complexity */
 cds.ApplicationService.prototype.handle = async function (req) {
   const handle = h.bind(this)
@@ -286,9 +287,13 @@ cds.ApplicationService.prototype.handle = async function (req) {
   if (req.target.actions?.[req.event] && draftParams.IsActiveEntity === false) {
     if (query.SELECT?.from?.ref) query.SELECT.from.ref = _redirectRefToDrafts(query.SELECT.from.ref, this.model)
     const rootQuery = query.clone()
-    rootQuery.SELECT.columns = [{ ref: ['DraftAdministrativeData'], expand: [{ ref: ['InProcessByUser'] }] }]
+    const columns = Object_keys(query._target.keys)
+      .filter(k => k !== 'IsActiveEntity')
+      .map(k => ({ ref: [k] }))
+    columns.push({ ref: ['DraftAdministrativeData'], expand: [{ ref: ['InProcessByUser'] }] })
+    rootQuery.SELECT.columns = columns
     rootQuery.SELECT.one = true
-    const root = await rootQuery
+    const root = await cds.run(rootQuery)
     if (!root) req.reject(404)
     if (root.DraftAdministrativeData?.InProcessByUser !== cds.context.user.id) req.reject(403)
     const _req = _newReq(req, query, draftParams, { event: req.event })
@@ -334,8 +339,8 @@ cds.ApplicationService.prototype.handle = async function (req) {
   }
 
   req.query = query
-  const result = await handle(req)
-  return result
+
+  return handle(req)
 }
 
 // REVISIT: It's not optimal to first calculate the whole result array and only later
@@ -410,7 +415,7 @@ const Read = {
     draftsQuery.SELECT.orderBy = undefined
     draftsQuery.SELECT.columns = keys.map(k => ({ ref: [k] }))
 
-    const drafts = await draftsQuery
+    const drafts = await draftsQuery.where({ HasActiveEntity: true })
     const res = await Read.onlyActives(run, query.where(Read.whereNotIn(query._target, drafts)), {
       ignoreDrafts: true
     })
@@ -450,6 +455,7 @@ const Read = {
   },
   all: async function (run, query) {
     LOG.debug('List Editing Status: All')
+    if (!query._drafts) return []
     query._drafts.SELECT.count = false
     query._drafts.SELECT.limit = undefined // We need all entries for the keys to properly select actives (count)
     const isCount = _isCount(query._drafts)
@@ -567,21 +573,17 @@ const Read = {
     if (!actives.length) return []
     const drafts = cds.ql.clone(query._drafts)
     drafts.SELECT.where = Read.whereIn(query._target, actives)
-    if (drafts.SELECT.columns?.some(c => c === '*')) {
-      drafts.SELECT.columns = drafts.SELECT.columns.filter(c => c !== '*')
-      if (!drafts.SELECT.columns.some(c => c.ref?.[0] === 'DraftAdministrativeData_DraftUUID')) {
-        drafts.SELECT.columns.push({ ref: ['DraftAdministrativeData_DraftUUID'] })
-      }
-    }
-    const relevantColumns = ['DraftAdministrativeData', 'DraftAdministrativeData_DraftUUID']
-    drafts.SELECT.columns = (
-      drafts.SELECT.columns?.filter(c => c.ref && relevantColumns.includes(c.ref[0])) ||
-      relevantColumns.map(k => ({ ref: [k] }))
-    ).concat(
-      Object_keys(query._target.keys)
-        .filter(k => k !== 'IsActiveEntity')
-        .map(k => ({ ref: [k] }))
+    const newColumns = Object_keys(query._target.keys)
+      .filter(k => k !== 'IsActiveEntity')
+      .map(k => ({ ref: [k] }))
+    if (
+      !drafts.SELECT.columns ||
+      drafts.SELECT.columns.some(c => c === '*' || c.ref?.[0] === 'DraftAdministrativeData_DraftUUID')
     )
+      newColumns.push({ ref: ['DraftAdministrativeData_DraftUUID'] })
+    const draftAdmin = drafts.SELECT.columns?.find(c => c.ref?.[0] === 'DraftAdministrativeData')
+    if (draftAdmin) newColumns.push(draftAdmin)
+    drafts.SELECT.columns = newColumns
     drafts.SELECT.count = undefined
     drafts.SELECT.search = undefined
     drafts.SELECT.one = undefined
@@ -662,6 +664,7 @@ function _cleansed(query, model) {
       draftsQuery._target = undefined
       const [root, ...tail] = draftsQuery.SELECT.from.ref
       const draft = model.definitions[root.id || root].drafts
+      if (!draft) return
       draftsQuery.SELECT.from = {
         ref: [root.id ? { ...root, id: draft.name } : draft.name, ...tail]
       }
@@ -1090,6 +1093,7 @@ async function onPrepare(req) {
 module.exports = {
   impl() {
     if (!this._datasource) this._datasource = cds.db
+
     function _wrapped(handler, isActiveEntity) {
       const fn = function (req, next) {
         if (!req.target?.drafts || (isActiveEntity && req.target.isDraft) || (!isActiveEntity && !req.target.isDraft))
@@ -1098,6 +1102,7 @@ module.exports = {
       }
       return fn
     }
+
     // Also runs those handlers if they're annotated with @odata.draft.enabled through extensibility
     this.on('NEW', '*', _wrapped(onNew, false))
     this.on('EDIT', '*', _wrapped(onEdit, true))

package/libx/_runtime/hana/driver.js

@@ -195,11 +195,9 @@ const _getHanaDriver = name => {
       LOG._debug && LOG.debug(`Failed to require "hdb" with error "${e.message}". Trying "@sap/hana-client" next.`)
       return _getHanaDriver('@sap/hana-client')
     } else if (isConfigured) {
-      throw new Error(`"${name}" could not be required. Please make sure it is installed.`)
+      throw new Error(`"${name}" could not be found. Please make sure it is installed.`)
     } else {
-      throw new Error(
-        'Neither "hdb" nor "@sap/hana-client" could be required. Please make sure one of them is installed.'
-      )
+      throw new Error('Neither "hdb" nor "@sap/hana-client" could be found. Please make sure one of them is installed.')
     }
   }
 }

package/libx/_runtime/hana/pool.js

@@ -1,7 +1,7 @@
 const cds = require('../cds')
 const LOG = cds.log('pool|db')
 
-const { pool } = require('@sap/cds-foss')
+const { pool } = cds.utils
 const hana = require('./driver')
 const getError = require('../common/error')
 
@@ -15,18 +15,20 @@ const _getMassagedCreds = function (creds) {
   return creds
 }
 
-// NOTE: disableCache: true means "force fetch credentials from service manager"
-async function credentials4(tenant, { disableCache = false }) {
-  const { credentials } = cds.env.requires.db
+// `disableCache: true` means to force fetch credentials from service manager
+async function credentials4(tenant, db) {
+  const { disableCache = false, options } = db
+  const credentials = options?.credentials ?? cds.env.requires.db?.credentials
   if (!credentials) throw new Error('No database credentials provided')
+
   if (cds.requires.multitenancy) {
     // eslint-disable-next-line cds/no-missing-dependencies
     const res = await require('@sap/cds-mtxs/lib').xt.serviceManager.get(tenant, { disableCache })
     return _getMassagedCreds(res.credentials)
-  } else {
-    if (typeof credentials !== 'object' || !credentials.host) throw new Error('Malformed database credentials provided')
-    return _getMassagedCreds(credentials)
   }
+
+  if (typeof credentials !== 'object' || !credentials.host) throw new Error('Malformed database credentials provided')
+  return _getMassagedCreds(credentials)
 }
 
 function factory4(creds, tenant) {
@@ -89,55 +91,48 @@ const pools = new Map()
 
 async function pool4(tenant, db) {
   if (!pools.get(tenant)) {
-    pools.set(
-      tenant,
-      new Promise((resolve, reject) => {
-        credentials4(tenant, db)
-          .then(creds => {
-            const config = _getPoolConfig()
-            LOG._info && LOG.info('effective pool configuration:', config)
-            const p = pool.createPool(factory4(creds, tenant), config)
-
-            const INVALID_CREDENTIALS_WARNING = `Could not establish connection for tenant "${tenant}". Existing pool will be drained.`
-            const INVALID_CREDENTIALS_ERROR = new Error(
-              `Create is blocked for tenant "${tenant}" due to invalid credentials.`
-            )
-
-            /*
-             * The error listener for "factoryCreateError" is registered to find out failed connection attempts.
-             * If it fails due to invalid credentials, we delete the current pool from the pools map and overwrite the
-             * pool factory create function.
-             * Background is that generic-pool will continue to try to open a connection by calling the factory create
-             * function until the "acquireTimeoutMillis" is reached.
-             * This ends up in many connection attempts for one request even though the credentials are invalid.
-             * Because of the deletion in the map, subsequent requests will fetch the credentials again.
-             */
-            p.on('factoryCreateError', async function (err) {
-              if (err._connectError) {
-                LOG._warn && LOG.warn(INVALID_CREDENTIALS_WARNING)
-                pools.delete(tenant)
-                if (p._factory && p._factory.create) {
-                  // reject after 100 ms to not block CPU completely
-                  p._factory.create = () =>
-                    new Promise((resolve, reject) => setTimeout(() => reject(INVALID_CREDENTIALS_ERROR), 100))
-                }
-                await p.drain()
-                await p.clear()
-              }
-            })
+    const poolPromise = new Promise((resolve, reject) => {
+      credentials4(tenant, db)
+        .then(creds => {
+          const config = _getPoolConfig()
+          LOG._info && LOG.info('effective pool configuration:', config)
+          const p = pool.createPool(factory4(creds, tenant), config)
+          const INVALID_CREDENTIALS_WARNING = `Could not establish connection for tenant "${tenant}". Existing pool will be drained.`
+          const INVALID_CREDENTIALS_ERROR = new Error(
+            `Create is blocked for tenant "${tenant}" due to invalid credentials.`
+          )
 
-            resolve(p)
-          })
-          .catch(e => {
-            // delete pools entry if fetching credentials failed
-            pools.delete(tenant)
-            reject(e)
+          // The error listener for `factoryCreateError` is registered to detect failed connection attempts.
+          // If it fails due to invalid credentials, we delete the current pool from the pools map and overwrite the
+          // pool factory create function.
+          // The background is that the generic pool will keep trying to establish a connection by invoking the factory
+          // create function until the `acquireTimeoutMillis` is reached.
+          // This leads to numerous connection attempts for a single request, even when the credentials are invalid.
+          // Due to the deletion in the map, subsequent requests will retrieve the credentials again.
+          p.on('factoryCreateError', async function (err) {
+            if (err._connectError) {
+              LOG._warn && LOG.warn(INVALID_CREDENTIALS_WARNING)
+              pools.delete(tenant)
+              if (p._factory && p._factory.create) {
+                // reject after 100 ms to not block CPU completely
+                p._factory.create = () =>
+                  new Promise((resolve, reject) => setTimeout(() => reject(INVALID_CREDENTIALS_ERROR), 100))
+              }
+              await p.drain()
+              await p.clear()
+            }
           })
-      }).then(p => {
-        pools.set(tenant, p)
-        return p
-      })
-    )
+
+          resolve(p)
+        })
+        .catch(e => {
+          // delete pools entry if fetching credentials failed
+          pools.delete(tenant)
+          reject(e)
+        })
+    })
+
+    pools.set(tenant, poolPromise)
   }
 
   if ('then' in pools.get(tenant)) {
@@ -150,9 +145,10 @@ async function pool4(tenant, db) {
 async function resilientAcquire(pool, attempts = 1) {
   // max 3 attempts
   attempts = Math.min(attempts, 3)
-  let client
-  let err
-  let attempt = 0
+  let client,
+    err,
+    attempt = 0
+
   while (!client && attempt < attempts) {
     try {
       client = await pool.acquire()

package/libx/_runtime/messaging/enterprise-messaging-utils/registerEndpoints.js

@@ -4,7 +4,7 @@ const express = require('express')
 const getTenantInfo = require('./getTenantInfo.js')
 const isSecured = () => cds.requires.auth && (cds.requires.auth.impl || cds.requires.auth.credentials)
 const _require = require('../../common/utils/require')
-const { UNAUTHORIZED } = require('../../auth/utils')
+const { ODATA_UNAUTHORIZED } = require('../../common/error/constants')
 
 const _isAll = a => a && a.includes('all')
 
@@ -34,7 +34,7 @@ class EndpointRegistry {
       paths.forEach(path => {
         cds.app.use(path, (req, res, next) => {
           // REVISIT: we should probably pass an error into next so that a (custom) error middleware can handle it
-          if (!req.user) res.status(401).json({ error: UNAUTHORIZED })
+          if (!req.user) res.status(401).json({ error: ODATA_UNAUTHORIZED })
           next()
         })
       })

package/libx/_runtime/messaging/outbox/utils.js

@@ -135,8 +135,7 @@ const processMessages = async (service, tenant, _opts = {}) => {
           if (!msg) continue
           const res = {
             process: () =>
-              Promise.resolve().then(async () => {
-                if (userId) cds.context = { user }
+              cds._context.run({ user, tenant }, async () => {
                 try {
                   return service._emitImmediate && (await service._emitImmediate(msg))
                 } catch (e) {

package/libx/_runtime/remote/utils/client.js

@@ -416,7 +416,7 @@ const _stringToReqOptions = (query, data, target) => {
   const cleanQuery = query.trim()
   const blankIndex = cleanQuery.substring(0, 8).indexOf(' ')
   const reqOptions = {
-    method: cleanQuery.substring(0, blankIndex).toUpperCase(),
+    method: cleanQuery.substring(0, blankIndex).toUpperCase() || 'GET',
     url: encodeURI(formatPath(cleanQuery.substring(blankIndex, cleanQuery.length).trim()))
   }
 

package/libx/_runtime/sqlite/Service.js

@@ -98,10 +98,6 @@ module.exports = class SQLiteDatabase extends DatabaseService {
     }
   }
 
-  getDbUrl(tenant) {
-    return this.url4(tenant)
-  }
-
   url4(tenant) {
     const credentials = this.options.credentials || this.options || {}
     let dbUrl = credentials.database || credentials.url || credentials.host || ':memory:'

package/libx/_runtime/sqlite/customBuilder/CustomFunctionBuilder.js

@@ -87,7 +87,7 @@ class CustomFunctionBuilder extends FunctionBuilder {
   }
 
   _timeFunction(functionName, args) {
-    this._outputObj.sql.push('strftime(')
+    this._outputObj.sql.push('CAST(strftime(')
     this._outputObj.sql.push(dateTimeFunctions.get(functionName), ',')
     if (typeof args === 'string') {
       this._outputObj.sql.push(args, ')')
@@ -95,6 +95,7 @@ class CustomFunctionBuilder extends FunctionBuilder {
       this._addFunctionArgs(args)
       this._outputObj.sql.push(')')
     }
+    this._outputObj.sql.push(' as decimal)')
   }
 }
 

package/libx/odata/afterburner.js

@@ -28,8 +28,9 @@ const _addKeysDeep = (keys, keysCollector, ignoreManagedBacklinks) => {
 }
 
 function _keysOf(entity, ignoreManagedBacklinks) {
-  if (!entity || !entity.keys) return
   const keysCollector = []
+  if (!entity || !entity.keys) return keysCollector
+
   _addKeysDeep(entity.keys, keysCollector, ignoreManagedBacklinks)
   return keysCollector
 }
@@ -174,15 +175,16 @@ function _convertVal(element, value) {
       throw new Error('Not a valid integer') // TODO
 
     case 'cds.String':
-    case 'cds.LargeString':
+    case 'cds.LargeString':      
+      return String(value)
+    case 'cds.Double':      
+      return parseFloat(value)
     case 'cds.Decimal':
     case 'cds.DecimalFloat':
-    case 'cds.Double':
     case 'cds.Int64':
     case 'cds.Integer64':
       if (typeof value === 'string') return value
       return String(value)
-
     case 'cds.Boolean':
       return typeof value === 'string' ? value === 'true' : value
 

package/libx/odata/cqn2odata.js

@@ -73,7 +73,7 @@ function hasValidProps(obj, ...names) {
   return true
 }
 
-function _args(args) {
+function _args(args, func) {
   const res = []
 
   for (const cur of args) {
@@ -83,11 +83,11 @@ function _args(args) {
     }
 
     if (hasValidProps(cur, 'func', 'args')) {
-      res.push(`${cur.func}(${_args(cur.args)})`)
+      res.push(`${cur.func}(${_args(cur.args, cur.func)})`)
     } else if (hasValidProps(cur, 'ref')) {
       res.push(_format(cur))
     } else if (hasValidProps(cur, 'val')) {
-      res.push(_format(cur))
+      res.push(_format(cur, null, null, null, null, func))
     }
   }
 
@@ -111,20 +111,20 @@ const _odataV2Func = (func, args) => {
       // this doesn't support the contains signature with two collections as args, introduced in odata v4.01
       return `substringof(${_args([args[1], args[0]])})`
     default:
-      return `${func}(${_args(args)})`
+      return `${func}(${_args(args, func)})`
   }
 }
 
-const _format = (cur, elementName, target, kind, isLambda) => {
+const _format = (cur, elementName, target, kind, isLambda, func) => {
   if (typeof cur !== 'object') return encodeURIComponent(formatVal(cur, elementName, target, kind))
   if (hasValidProps(cur, 'ref'))
     return encodeURIComponent(isLambda ? [LAMBDA_VARIABLE, ...cur.ref].join('/') : cur.ref[0].id || cur.ref.join('/'))
-  if (hasValidProps(cur, 'val')) return encodeURIComponent(formatVal(cur.val, elementName, target, kind))
+  if (hasValidProps(cur, 'val')) return encodeURIComponent(formatVal(cur.val, elementName, target, kind, func))
   if (hasValidProps(cur, 'xpr')) return `(${_xpr(cur.xpr, target, kind, isLambda)})`
   // REVISIT: How to detect the types for all functions?
   if (hasValidProps(cur, 'func')) {
     if (cur.args?.length) {
-      return kind === 'odata-v2' ? _odataV2Func(cur.func, cur.args) : `${cur.func}(${_args(cur.args)})`
+      return kind === 'odata-v2' ? _odataV2Func(cur.func, cur.args) : `${cur.func}(${_args(cur.args, cur.func)})`
     }
     return `${cur.func}()`
   }

package/libx/odata/utils.js

@@ -1,6 +1,8 @@
 const { toBase64url } = require('../_runtime/common/utils/binary')
 const cds = require('../_runtime/cds')
 
+const MATH_FUNC = {'round': 1, 'floor': 1, 'ceiling': 1}
+
 const getSafeNumber = str => {
   const n = Number(str)
   return Number.isSafeInteger(n) || String(n) === str ? n : str
@@ -48,11 +50,12 @@ const _getElement = (csnTarget, key) => {
   }
 }
 
-const formatVal = (val, elementName, csnTarget, kind) => {
+const formatVal = (val, elementName, csnTarget, kind, func) => {
   if (val === null || val === 'null') return 'null'
   if (typeof val === 'boolean') return val
   if (typeof val === 'number') return getSafeNumber(val)
   if (!csnTarget && typeof val === 'string' && UUID.test(val)) return kind === 'odata-v2' ? `guid'${val}'` : val
+  if (typeof val === 'string' && func in MATH_FUNC) return val
   const element = _getElement(csnTarget, elementName)
   if (kind === 'odata-v2') {
     switch (element.type) {

package/libx/rest/RestAdapter.js

@@ -17,9 +17,13 @@ const error = require('./middleware/error')
 const { alias2ref } = require('../_runtime/common/utils/csn')
 const { bufferToBase64 } = require('../_runtime/common/utils/binary')
 
+const { getAccessRestrictions } = require('../_runtime/common/utils/restrictions')
+
 const RestAdapter = function (srv) {
   alias2ref(srv) // REVISIT: that's an anti pattern in new prototocol adapter setups
 
+  const accessRestrictions = getAccessRestrictions(srv)
+
   const router = express.Router()
 
   // pass srv-related stuff to middlewares via req
@@ -64,24 +68,19 @@ const RestAdapter = function (srv) {
     // REVISIT: ensure there always is a user (should be the case with new middlewares -> remove with old middlewares)
     if (!req.user) req.user = new cds.User.default
 
-    // REVISIT: This is authorization enforcement which is protocol-independent -> should move to service layer
-    const requires = srv.definition?.['@requires']
-    if (requires) {
-      const ok = typeof requires === 'string' ? req.user.is(requires) : requires.some(r => req.user.is(r))
-      if (ok) return next()
-    } else {
-      return next() // neither of the above
-    }
-
-    // > unauthorized or forbidden?
-    if (req.user._is_anonymous) {
-      // NOTE: "return req._login()" would not invoke custom error handlers
-      if (req._login) res.set('WWW-Authenticate', `Basic realm="Users"`)
-      else if (req.user._challenges) res.set('WWW-Authenticate', req.user._challenges.join(';'))
-      throw cds.error('Unauthorized', { statusCode: 401, code: '401' })
-    } else {
+    // check @restrict and @requires as soon as possible (DoS)
+    if (!accessRestrictions.some(r => req.user.is(r))) {
+      // > unauthorized or forbidden?
+      if (req.user._is_anonymous) {
+        // NOTE: "return req._login()" would not invoke custom error handlers
+        if (req._login) res.set('WWW-Authenticate', `Basic realm="Users"`)
+        else if (req.user._challenges) res.set('WWW-Authenticate', req.user._challenges.join(';'))
+        throw cds.error('Unauthorized', { statusCode: 401, code: '401' })
+      }
       throw cds.error('Forbidden', { statusCode: 403, code: '403' })
     }
+
+    next()
   })
 
   // -----------------------------------------------------------------------------------------

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sap/cds",
-  "version": "7.1.1",
+  "version": "7.2.0",
   "description": "SAP Cloud Application Programming Model - CDS for Node.js",
   "homepage": "https://cap.cloud.sap/",
   "keywords": [

package/lib/auth/xsuaa-auth.js

@@ -1,2 +0,0 @@
-// REVISIT: "kind": "xsuaa-auth" does not work because cds.requires logic does not resolve it. Intentional?
-module.exports = require('./jwt-auth')

package/libx/_runtime/auth/utils.js

@@ -1,32 +0,0 @@
-const UNAUTHORIZED = { statusCode: 401, code: '401', message: 'Unauthorized' }
-const FORBIDDEN = { statusCode: 403, code: '403', message: 'Forbidden' }
-
-const getRequiresAsArray = definition => {
-  const requires = definition['@requires']
-  if (requires) return Array.isArray(requires) ? requires : [requires]
-}
-
-const isRestricted = srv => {
-  if (srv.definition['@requires']) return true
-
-  const entities = srv.entities
-  const entitiesKeys = Object.keys(entities)
-
-  return !!(
-    entitiesKeys.some(entity => entities[entity]['@requires'] || entities[entity]['@restrict']) ||
-    entitiesKeys.some(entity => {
-      const actions = entities[entity].actions
-      actions && Object.keys(actions).some(action => actions[action]['@requires'] || actions[action]['@restrict'])
-    }) ||
-    Object.keys(srv.operations).some(
-      operation => srv.operations[operation]['@requires'] || srv.operations[operation]['@restrict']
-    )
-  )
-}
-
-module.exports = {
-  UNAUTHORIZED,
-  FORBIDDEN,
-  getRequiresAsArray,
-  isRestricted
-}