@sap/cds 7.6.4 → 7.7.1

package/server.js

@@ -1,119 +1,91 @@
-const cds = require('./lib'), { features } = cds.env
-// eslint-disable-next-line cds/no-missing-dependencies -- needs to be added by app dev
-const express = require('express'), fs = require('fs'), path = require('path')
-
+const express = require('express')// eslint-disable-line cds/no-missing-dependencies
+const cds = require('./lib')
 
 /**
  * Standard express.js bootstrapping, constructing an express `application`
  * and launching a corresponding http server using `app.listen()`.
- * Project-specific `./server.js` can overload this and react to these
- * events:
- *
- * - cds.on('bootstrap',(app)) - emitted before any middleware is added
- * - cds.on('loaded',(model)) - emitted when a model was loaded
- * - cds.on('connect',(srv)) - emitted when a service was connected
- * - cds.on('serving',(srv)) - emitted when a service was served
- * - cds.on('listening',({server,url})) - emitted when the server is listening
- *
  * @param {object} options - canonicalized options from `cds serve` cli
- * @param {boolean} options.in_memory - true if we need to bootstrap an in-memory database
  * @param {string} options.service - name of service to be served; default: 'all'
  * @param {string} options.from - filenames of models to load; default: '*'
- * @param {express.Application} options.app - filenames of models to load; default: '*'
- * @param {express.Handler} options.index - custom handler for /
- * @param {express.Handler} options.favicon - custom handler for /favicon.ico
- * @returns Promise resolving to a Node.js http server as returned by express' `app.listen()`.
+ * @param {boolean} options.in_memory - true if we need to bootstrap an in-memory database
+ * @param {express.Handler} options.favicon - handler for /favicon.ico requests
+ * @param {express.Handler} options.index - handler for generated /index.html
+ * @param {express.Application} options.app - optional pre-constructed express app
+ * @returns {Promise<import('http').Server>} A Promise resolving to Node.js http server as returned by express' `app.listen()`.
  */
 module.exports = async function cds_server (options) {
 
-  const _in_prod = process.env.NODE_ENV === 'production'
+  // prepare express app
   const o = { ...options, __proto__:defaults }
-
   const app = cds.app = o.app || express()
-  app.serve = _app_serve                          //> app.serve allows delegating to sub modules
-  cds.emit ('bootstrap',app)                      //> hook for project-local server.js
+  cds.emit ('bootstrap', app)
 
-  // mount static resources and logger middleware
-  if (o.cors)      !_in_prod && app.use (o.cors)        //> CORS
-  if (o.static)    app.use (express_static (o.static))  //> defaults to ./app
+  // mount static resources and cors middleware
+  if (o.cors)      app.use (o.cors)                     //> if not in prod
+  if (o.static)    app.use (express.static (o.static))  //> defaults to ./app
   if (o.favicon)   app.use ('/favicon.ico', o.favicon)  //> if none in ./app
   if (o.index)     app.get ('/',o.index)                //> if none in ./app
 
-  // load specified models or all in project
-  const csn = await cds.load(o.from||'*',o) .then (cds.minify) //> separate csn for _init_db
-  cds.model = cds.compile.for.nodejs(csn)
+  // load and prepare models
+  const csn = await cds.load(o.from||'*',o) .then (cds.minify)
+  cds.model = cds.compile.for.nodejs (csn)
 
-  // connect to essential framework services if required
+  // connect to essential framework services
   if (cds.requires.db) cds.db = await cds.connect.to ('db') .then (_init)
   if (cds.requires.messaging)   await cds.connect.to ('messaging')
 
   // serve all services declared in models
   await cds.serve (o.service,o) .in (app)
-  await cds.emit ('served', cds.services) //> hook for listeners
+  await cds.emit ('served', cds.services)
 
   // start http server
-  const port = (o.port !== undefined) ? o.port : (process.env.PORT || cds.env.server?.port || 4004)
+  const port = o.port !== undefined ? o.port : ( process.env.PORT || cds.env.server?.port || 4004 )
   return app.server = app.listen (port)
 
-  // bootstrap in-memory db
+  // cds.deploy in-memory db, if enabled
   async function _init (db) {
     if (!o.in_memory || cds.requires.multitenancy) return db
-    const fts = cds.requires.toggles && cds.resolve (features.folders)
+    const fts = cds.requires.toggles && cds.resolve (cds.env.features.folders)
     const m = !fts ? csn : await cds.load([o.from||'*',...fts],o) .then (cds.minify)
     return cds.deploy(m).to(db,o)
   }
-
 }
 
 
-// -------------------------------------------------------------------------
-// Default handlers, which can be overidden by options passed to the server
-//
+/**
+ * Default options, which can be overidden by options passed to cds.server().
+ */
 const defaults = {
-
-  cors,
-
   get static() {
-    const dir = cds.env.folders.app //> defaults to ./app
-    if (dir && !fs.existsSync(path.resolve(cds.root, dir))) return undefined
-    return dir
+    return cds.utils.isdir (cds.env.folders.app)
   },
-
-  // default generic index.html page
   get index() {
     const index = require ('./app/index.js')
     return (_,res) => res.send (index.html)
   },
-
-  // default favicon
   get favicon() {
     const favicon = require.resolve ('./app/favicon.ico')
     return express.static (favicon, {maxAge:'14d'})
+  },
+  get cors() {
+    return process.env.NODE_ENV === 'production' ? null : (req, res, next) => {
+      const { origin } = req.headers
+      if (origin) {
+        res.set('access-control-allow-origin', origin)
+        if (req.method === 'OPTIONS') return res.set('access-control-allow-methods', 'GET,HEAD,PUT,PATCH,POST,DELETE').end()
+      }
+      next()
+    }
   }
 }
 
 
-// Helpers to delegate to imported UIs
-const _app_serve = function (endpoint) { return {
-  from: (pkg,folder) => {
-    folder = !folder ? pkg : path.resolve(require.resolve(pkg+'/package.json',{paths:[cds.root]}),'../'+folder)
-    this.use (endpoint, express.static(folder))
-    if (!endpoint.endsWith('/webapp')) (this._app_links || (this._app_links = [])) .push (endpoint)
-  }
-}}
-
-function cors (req, res, next) { // REVISIT: should that move into middlewares?
-  const { origin } = req.headers
-  if (origin) res.set('access-control-allow-origin', origin)
-  if (origin && req.method === 'OPTIONS')
-    return res.set('access-control-allow-methods', 'GET,HEAD,PUT,PATCH,POST,DELETE').end()
-  next()
-}
-
-function express_static (dir) {
-  return express.static (path.resolve (cds.root,dir))
-}
-
-
-// -------------------------------------------------------------------------
-if (!module.parent)  module.exports ({from:process.argv[2]})
+/**
+ * Helper to delegate to imported UIs. Usage:
+ * @example app.serve('/bookshop').from('@capire/bookshop','app/vue')
+ */
+express.application.serve = function (endpoint) { return { from: (pkg,folder) => {
+  folder = !folder ? pkg : cds.utils.path.resolve (require.resolve(pkg+'/package.json',{paths:[cds.root]}),'..',folder)
+  this.use (endpoint, express.static(folder))
+  if (!endpoint.endsWith('/webapp')) (this._app_links ??= []) .push (endpoint)
+}}}

package/libx/odata/create.js

@@ -1,44 +0,0 @@
-const cds = require('../../')
-const { odataError } = require('./utils')
-const { INSERT } = require('../../lib/ql/cds-ql')
-const { readAfterWrite } = require('../_runtime/cds-services/adapter/odata-v4/utils/readAfterWrite')
-const metaInfo = require('../_runtime/cds-services/adapter/odata-v4/utils/metaInfo')
-const { toODataResult } = require('./result')
-
-module.exports = srv =>
-  function create(req, res, next) {
-    const query = cds.odata.parse(req.url, { service: srv, baseUrl: req.baseUrl })
-
-    const {
-      SELECT: { one }
-    } = query
-
-    if (one) {
-      const singleton = query.target._isSingleton
-      const error = odataError('405', `Method ${req.method} not allowed for ${singleton ? 'SINGLETON' : 'ENTITY'}`)
-      return res.status(405).json(error)
-    }
-
-    const queryPathXpr = query.SELECT?.from
-
-    const insertQuery = INSERT.into(queryPathXpr).entries(req.body)
-
-    const cdsReq = new cds.Request({ query: insertQuery })
-    return srv
-      .dispatch(cdsReq)
-      .then(async result => {
-        if (cdsReq._.readAfterWrite) {
-          // TODO see if in old odata impl for other checks that should happen
-          result = await readAfterWrite(cdsReq, srv, { operation: { result } })
-        }
-
-        if (result == null) {
-          res.status(204)
-        }
-
-        const info = metaInfo(insertQuery, 'CREATE', srv, req.body, req, false)
-
-        return res.status(201).send(toODataResult(result, info))
-      })
-      .catch(next)
-  }

package/libx/odata/delete.js

@@ -1,25 +0,0 @@
-const cds = require('../../')
-const { odataError } = require('./utils')
-
-module.exports = srv =>
-  function deleete(req, res, next) {
-    const query = cds.odata.parse(req.url, { service: srv, baseUrl: req.baseUrl })
-
-    let {
-      SELECT: { one }
-    } = query
-
-    if (!one) {
-      return res.status(405).json(odataError('405', `Method DELETE not allowed for ENTITY.COLLECTION`))
-    }
-
-    const _target = query.SELECT && query.SELECT.from
-    const deleteQuery = DELETE.from(_target)
-
-    return srv
-      .run(deleteQuery)
-      .then(() => {
-        return res.send(204)
-      })
-      .catch(next)
-  }

package/libx/odata/error.js

@@ -1,12 +0,0 @@
-const { normalizeError } = require('../_runtime/common/error/frontend')
-const { odataError } = require('./utils')
-
-module.exports = _srv => (err, req, res, _next) => {
-  const { error, statusCode } = normalizeError(err, req)
-
-  if (statusCode >= 400 && statusCode < 500) {
-    return res.status(statusCode).json(odataError(`${err.code}`, error.message))
-  }
-
-  return res.status(500).send('Internal Server Error')
-}

package/libx/odata/update.js

@@ -1,110 +0,0 @@
-const cds = require('../../')
-const metaInfo = require('../_runtime/cds-services/adapter/odata-v4/utils/metaInfo')
-const { readAfterWrite } = require('../_runtime/cds-services/adapter/odata-v4/utils/readAfterWrite')
-const { where2obj } = require('../_runtime/common/utils/cqn')
-const { toODataResult } = require('./result')
-const { odataError } = require('./utils')
-
-const _isUpsertAllowed = ({ target, data, event }) => {
-  return (
-    !(cds.env.runtime && cds.env.runtime.allow_upsert === false) &&
-    !(target && target._isDraftEnabled && (!cds.env.fiori.lean_draft || (!data.IsActiveEntity && event === 'PATCH')))
-  )
-}
-
-const _isNavigationWithKeyInParent = (keys, data, pathExpression, model) => {
-  // keys not in data
-  if (keys && Object.keys(keys).some(key => key in data)) {
-    return false
-  }
-
-  const nav = pathExpression.ref && pathExpression.ref.length !== 0 && pathExpression.ref[1]
-  const parent = pathExpression.ref && pathExpression.ref[0].id
-
-  // not a navigation
-  if (!parent || !nav) {
-    return false
-  }
-
-  const navID = typeof nav === 'string' ? nav : nav.id
-  const navElement = model.definitions[parent].elements[navID]
-
-  // not a containment
-  if (!navElement._isContained) {
-    return false
-  }
-
-  const where = pathExpression.ref[0].where
-  return parent && navElement && where
-}
-
-module.exports = srv =>
-  function update(req, res, next) {
-    const query = cds.odata.parse(req.url, { service: srv, baseUrl: req.baseUrl })
-
-    const {
-      SELECT: { one }
-    } = query
-
-    if (!one) {
-      return res.status(405).json(odataError('405', `Method ${req.method} not allowed for ENTITY.COLLECTION`))
-    }
-
-    const queryPathXpr = query.SELECT && query.SELECT.from
-
-    const isPrimitive = query._propertyAccess
-    const data = isPrimitive ? { [query._propertyAccess]: req.body.value } : req.body
-
-    const updateQuery = UPDATE.entity(queryPathXpr).with(data)
-
-    // we need the cds request, so we can access req._.readAfterWrite
-    const cdsReq = new cds.Request({ query: updateQuery })
-
-    const info = metaInfo(query, 'UPDATE', srv, data, req, false)
-
-    if (!isPrimitive && queryPathXpr.ref?.[queryPathXpr.ref.length - 1].where) {
-      Object.assign(data, where2obj(queryPathXpr.ref?.[queryPathXpr.ref.length - 1].where))
-    }
-
-    return srv
-      .dispatch(cdsReq)
-      .then(async result => {
-        if (!isPrimitive && cdsReq._.readAfterWrite) {
-          // TODO see if in old odata impl for other checks that should happen
-          result = await readAfterWrite(cdsReq, srv, { operation: { result } })
-        }
-
-        if (result == null) {
-          res.status(204)
-        }
-
-        return res.send(toODataResult(result, info))
-      })
-      .catch(async e => {
-        // UPSERT
-        const is404 = e.code === 404 || e.status === 404 || e.statusCode === 404
-        if (is404 && !isPrimitive && _isUpsertAllowed({ target: query.target, data: req.body, event: req.method })) {
-          // PUT / PATCH with if-match header means "only if already exists", i.e., no insert if not
-          if (req.headers['if-match']) throw Object.assign(new Error('412'), { statusCode: 412 })
-
-          if (_isNavigationWithKeyInParent(query.target.keys, data, queryPathXpr, srv.model)) {
-            // REVISIT better error message
-            return res.status(422).json(odataError('422', `Unprocessable Entity`))
-          }
-
-          // REVISIT: up_XX needs to be looked up -> composition of aspect
-          const insertQuery = INSERT.into(queryPathXpr).entries(data)
-          const cdsReq = new cds.Request({ query: insertQuery })
-          let result = await srv.dispatch(cdsReq)
-
-          if (cdsReq._.readAfterWrite) {
-            // TODO see if in old odata impl for other checks that should happen
-            result = await readAfterWrite(cdsReq, srv, { operation: { result } })
-          }
-
-          return res.status(201).send(toODataResult(result, info))
-        }
-        throw e
-      })
-      .catch(next)
-  }