@sap/cds 7.9.4 → 8.0.4

package/apis/cds.d.ts

@@ -1,3 +0,0 @@
-import * as cds from '@cap-js/cds-types'
-
-export = cds

package/apis/core.d.ts

@@ -1,21 +0,0 @@
-/**
- * DO NO LONGER IMPORT THIS FILE
- *
- * Instead use:
- *
- * @example
- * ```
- *   import * as cds from '@sap/cds'
- *   cds.Request
- * or
- *   import { Request } from '@sap/cds'
- * or
- *   @type { import('@sap/cds').Request }
- * ```
- *
- * @deprecated
- */
-export * from '@cap-js/cds-types/apis/core'
-
-// this was moved to 'events' with 7.4
-export { User } from '@cap-js/cds-types'

package/apis/cqn.d.ts

@@ -1,18 +0,0 @@
-/**
- * DO NO LONGER IMPORT THIS FILE
- *
- * Instead use:
- *
- * @example
- * ```
- *   import * as cds from '@sap/cds'
- *   cds.Request
- * or
- *   import { Request } from '@sap/cds'
- * or
- *   @type { import('@sap/cds').Request }
- * ```
- *
- * @deprecated
- */
-export * from '@cap-js/cds-types/apis/cqn'

package/apis/csn.d.ts

@@ -1,21 +0,0 @@
-/**
- * DO NO LONGER IMPORT THIS FILE
- *
- * Instead use:
- *
- * @example
- * ```
- *   import * as cds from '@sap/cds'
- *   cds.Request
- * or
- *   import { Request } from '@sap/cds'
- * or
- *   @type { import('@sap/cds').Request }
- * ```
- *
- * @deprecated
- */
-export * from '@cap-js/cds-types/apis/csn'
-
-// this got moved to 'linked' with 7.4
-export { Definitions } from '@cap-js/cds-types/apis/linked'

package/apis/events.d.ts

@@ -1,18 +0,0 @@
-/**
- * DO NO LONGER IMPORT THIS FILE
- *
- * Instead use:
- *
- * @example
- * ```
- *   import * as cds from '@sap/cds'
- *   cds.Request
- * or
- *   import { Request } from '@sap/cds'
- * or
- *   @type { import('@sap/cds').Request }
- * ```
- *
- * @deprecated
- */
-export * from '@cap-js/cds-types/apis/events'

package/apis/internal/inference.d.ts

@@ -1,18 +0,0 @@
-/**
- * DO NO LONGER IMPORT THIS FILE
- *
- * Instead use:
- *
- * @example
- * ```
- *   import * as cds from '@sap/cds'
- *   cds.Request
- * or
- *   import { Request } from '@sap/cds'
- * or
- *   @type { import('@sap/cds').Request }
- * ```
- *
- * @deprecated
- */
-export * from '@cap-js/cds-types/apis/internal/inference'

package/apis/linked.d.ts

@@ -1,18 +0,0 @@
-/**
- * DO NO LONGER IMPORT THIS FILE
- *
- * Instead use:
- *
- * @example
- * ```
- *   import * as cds from '@sap/cds'
- *   cds.Request
- * or
- *   import { Request } from '@sap/cds'
- * or
- *   @type { import('@sap/cds').Request }
- * ```
- *
- * @deprecated
- */
-export * from '@cap-js/cds-types/apis/linked'

package/apis/log.d.ts

@@ -1,20 +0,0 @@
-/**
- * DO NO LONGER IMPORT THIS FILE
- *
- * Instead use:
- *
- * @example
- * ```
- *   import * as cds from '@sap/cds'
- *   cds.Request
- * or
- *   import { Request } from '@sap/cds'
- * or
- *   @type { import('@sap/cds').Request }
- * ```
- *
- * @deprecated
- */
-
-export { Logger } from '@cap-js/cds-types/apis/log'
-

package/apis/models.d.ts

@@ -1,18 +0,0 @@
-/**
- * DO NO LONGER IMPORT THIS FILE
- *
- * Instead use:
- *
- * @example
- * ```
- *   import * as cds from '@sap/cds'
- *   cds.Request
- * or
- *   import { Request } from '@sap/cds'
- * or
- *   @type { import('@sap/cds').Request }
- * ```
- *
- * @deprecated
- */
-export * from '@cap-js/cds-types/apis/models'

package/apis/ql.d.ts

@@ -1,18 +0,0 @@
-/**
- * DO NO LONGER IMPORT THIS FILE
- *
- * Instead use:
- *
- * @example
- * ```
- *   import * as cds from '@sap/cds'
- *   cds.Request
- * or
- *   import { Request } from '@sap/cds'
- * or
- *   @type { import('@sap/cds').Request }
- * ```
- *
- * @deprecated
- */
-export * from '@cap-js/cds-types/apis/ql'

package/apis/reflect.d.ts

@@ -1,32 +0,0 @@
-/**
- * DO NO LONGER IMPORT THIS FILE
- *
- * Instead use:
- *
- * @example
- * ```
- *   import * as cds from '@sap/cds'
- *   cds.Request
- * or
- *   import { Request } from '@sap/cds'
- * or
- *   @type { import('@sap/cds').Request }
- * ```
- *
- * @deprecated
- */
-export * from '@cap-js/cds-types/apis/linked'
-
-// 'reflect' got removed with 7.4
-// Also, these got removed/renamed in 7.4
-export {
-  CSN as ParsedModel,
-  Definition,
-  entity
-} from '@cap-js/cds-types/apis/csn'
-
-export {
-  Definitions as ReflectedDefinitions,
-  LinkedCSN as LinkedModel,
-  LinkedCSN as ReflectedModel,
-} from '@cap-js/cds-types/apis/linked'

package/apis/server.d.ts

@@ -1,18 +0,0 @@
-/**
- * DO NO LONGER IMPORT THIS FILE
- *
- * Instead use:
- *
- * @example
- * ```
- *   import * as cds from '@sap/cds'
- *   cds.Request
- * or
- *   import { Request } from '@sap/cds'
- * or
- *   @type { import('@sap/cds').Request }
- * ```
- *
- * @deprecated
- */
-export * from '@cap-js/cds-types/apis/server'

package/apis/services.d.ts

@@ -1,22 +0,0 @@
-/**
- * DO NO LONGER IMPORT THIS FILE
- *
- * Instead use:
- *
- * @example
- * ```
- *   import * as cds from '@sap/cds'
- *   cds.Request
- * or
- *   import { Request } from '@sap/cds'
- * or
- *   @type { import('@sap/cds').Request }
- * ```
- *
- * @deprecated
- */
-export * from '@cap-js/cds-types/apis/services'
-
-// this got moved to 'events' in 7.4
-export  { Request } from '@cap-js/cds-types/apis/events'
-

package/bin/cds-serve.js

@@ -1,56 +0,0 @@
-#!/usr/bin/env node
-const cds = require('../lib') //> ensure we are the first to load @sap/cds locally
-const cli = {
-
-  exec (...argv) {
-    if (!argv.length) argv = process.argv.slice(2)
-    const task = require ('./serve')
-
-    let args = []
-    try {
-      args = this.args(task, argv)
-    } catch (err) { process.exitCode = 1; return console.error(err) }
-
-    return task.apply (this, args)
-  },
-
-  // TODO replace w/ common arg parser from node
-  args (task, argv) {
-
-    const { options:o=[], flags:f=[], shortcuts:s=[] } = task
-    const _global = /^--(profile|production|sql|odata|build-.*|cdsc-.*|odata-.*|folders-.*)$/
-    const _flags = { '--production':true }
-    const options = {}, args = []
-    let k,a, env = null
-
-    if (argv.length) for (let i=0; i < argv.length; ++i) {
-      if ((a = argv[i])[0] !== '-') args.push(a)
-      else if ((k = s.indexOf(a)) >= 0) k < o.length ? add(o[k],argv[++i]) : add(f[k-o.length])
-      else if ((k = o.indexOf(a)) >= 0) add(o[k],argv[++i])
-      else if ((k = f.indexOf(a)) >= 0) add(f[k])
-      else if (_global.test(a)) add_global(a, _flags[a] || argv[++i])
-      else throw 'Invalid option: '+ a
-    }
-    // consistent production setting for NODE_ENV and CDS_ENV
-    if (process.env.NODE_ENV !== 'production') process.env.NODE_ENV = process.env.CDS_ENV?.split(',').find(p => p === 'production') || process.env.NODE_ENV
-    else process.env.CDS_ENV = Array.from(new Set([...process.env.CDS_ENV?.split(',') ?? [], 'production']))
-
-    function add (k,v) { options[k.slice(2)] = v || true }
-    function add_global (k,v='') {
-      if (k === '--production') return process.env.CDS_ENV = Array.from(new Set([...process.env.CDS_ENV?.split(',') ?? [], 'production']))
-      if (k === '--profile')    return process.env.CDS_ENV = Array.from(new Set([...process.env.CDS_ENV?.split(',') ?? [], ...v.split(',')]))
-      if (k === '--odata') v = { flavor:v }
-      let e=env || (env={}), path = k.slice(2).split('-')
-      while (path.length > 1) { let p = path.shift(); e = e[p]||(e[p]={}) }
-      add (k, e[path[0]] = v)
-    }
-
-    if (env) cds.env.add (env)
-    return [ args, options ]
-  },
-}
-
-module.exports = Object.assign ((..._) => cli.exec(..._), cli)
-if (!module.parent)  cli.exec()
-
-/* eslint no-console:off */

package/lib/compile/to/gql.js

@@ -1,15 +0,0 @@
-const cds = require ('../..')
-const LOG = cds.log()
-// eslint-disable-next-line cds/no-missing-dependencies -- needs to be added by app dev
-const { SchemaGenerator } = require('@cap-js/graphql/lib/schema')
-
-// REVISIT: remove module with cds^8
-function cds_compile_to_gql (csn) {
-  LOG._warn && LOG.warn('WARNING: cds.compile.to.gql and .to.graphql will require @cap-js/graphql >= 0.9.0 with an upcoming release. Please update your dependency.')
-
-  const m = cds.linked(csn)
-  const services = Object.fromEntries(m.services.map(s => [s.name, new cds.ApplicationService(s.name, m)]))
-  return new SchemaGenerator().generate(services).printSchema()
-}
-
-module.exports = cds_compile_to_gql

package/lib/srv/protocols/_legacy.js

@@ -1,44 +0,0 @@
-const cds = require('../../index')
-cds.env.features.serve_on_root = true
-
-const protocols = require('.'), { serve } = protocols
-protocols['odata-v4'] = { ...protocols['odata-v4'], get impl() { return libx.to.odata_v4 } }
-protocols['odata'] = { ...protocols['odata'], get impl() { return libx.to.odata_v4 } }
-protocols['rest'] = { ...protocols['rest'], get impl() { return libx.to.rest } }
-
-const cds_context_model = require('../srv-models')
-const cds_context = require('../middlewares/cds-context')()
-const ctx_auth = require('../../auth')._ctx_auth
-const libx = require('../../../libx/_runtime')
-
-Object.defineProperty (protocols, 'serve', {
-  value: function _serve_legacy_adapter4 (srv, app) {
-    const endpoints = this.endpoints4 (srv)
-    if (endpoints.length > 1)
-      throw cds.error `Cannot serve multiple endpoints if cds.requires.middlewares is set to false`
-    return serve (srv, app, {
-      before: [
-        cds_context,
-        libx.perf,
-        libx.auth(srv), ctx_auth,
-        cap_req_logger,
-        cds_context_model.middleware4(srv)
-      ],
-      after:[]
-    })
-  }.bind(protocols)
-})
-
-const LOG = cds.log(), DEBUG = cds.debug()
-function cap_req_logger (req,_,next) {
-  let url = req.originalUrl
-  try { url = decodeURI(req.originalUrl) } catch (e) { /* decodeURI throws error for invalid urls */ }
-  LOG && LOG (req.method, url, req.body||'')
-  if (/\$batch/.test(req.url))  req.on ('dispatch', (req) => {
-    let path = req._path
-    try { path = decodeURI(req._path) } catch (e) { /* decodeURI throws error for invalid urls */ }
-    LOG && LOG ('>', req.event, path, req._query||'')
-    if (DEBUG && req.query) DEBUG (req.query)
-  })
-  next()
-}

package/lib/utils/jest.js

@@ -1,43 +0,0 @@
-let vm = require('vm')
-if (!vm.__caching__) {
-  vm.__caching__ = true
-  const scriptCache = {}
-  vm._Script = vm._Script || vm.Script
-  class CachedScript extends vm._Script {
-    constructor(src, options) {
-      const cached = scriptCache[options.filename]
-      if (cached) {
-        return cached
-      }
-      super(src, options)
-      // Assume that .test.js files are only loaded once
-      if (!options.filename.endsWith('.test.js')) {
-        scriptCache[options.filename] = this
-      }
-    }
-  }
-
-  vm.Script = CachedScript
-}
-vm = undefined
-
-let asyncHooks = require('async_hooks')
-if (!asyncHooks._AsyncLocalStorage) {
-  asyncHooks._AsyncLocalStorage = asyncHooks.AsyncLocalStorage
-  class TmpAsyncLocalStorage extends asyncHooks._AsyncLocalStorage {
-    disable() {
-      if (this._timer) clearTimeout(this._timer)
-      return super.disable()
-    }
-
-    _enable() {
-      if (this._timer) clearTimeout(this._timer)
-      this._timer = setTimeout(() => this.disable(), 60 * 1000)
-      this._timer.unref()
-      return super._enable()
-    }
-  }
-
-  asyncHooks.AsyncLocalStorage = TmpAsyncLocalStorage
-}
-asyncHooks = null

package/libx/_runtime/auth/index.js

@@ -1,193 +0,0 @@
-const cds = require('../cds')
-const LOG = cds.log()
-
-const _require = require('../common/utils/require')
-const { containsAnyRestrictions } = require('../common/utils/restrictions')
-const { ODATA_UNAUTHORIZED } = require('../common/error/constants')
-
-let passport, logged
-
-// strategy initializers for lazy loading of dependencies
-const _initializers = {
-  // REVISIT: support basic authentication?
-  basic: ({ credentials, users }) => {
-    const BasicStrategy = require('./strategies/basic')
-    passport.use(new BasicStrategy(credentials || users))
-  },
-  dummy: () => {
-    const DummyStrategy = require('./strategies/dummy')
-    passport.use(new DummyStrategy())
-  },
-  jwt: ({ credentials, uaa }) => {
-    const JWTStrategy = require('./strategies/JWT')
-    if (credentials) {
-      passport.use(new JWTStrategy(credentials))
-    } else if (uaa) {
-      // REVISIT: compat, remove with cds^6
-      passport.use(new JWTStrategy(uaa.credentials))
-    } else {
-      throw Object.assign(new Error('No or malformed credentials for auth kind "jwt-auth"'), { credentials })
-    }
-  },
-  mock: ({ users }, srvName) => {
-    const MockStrategy = require('./strategies/mock')
-    passport.use(new MockStrategy(users, `mock_${srvName}`))
-  },
-  xsuaa: ({ credentials, uaa }) => {
-    const XSUAAStrategy = require('./strategies/xsuaa')
-    if (credentials) {
-      passport.use(new XSUAAStrategy(credentials))
-    } else if (uaa) {
-      // REVISIT: compat, remove with cds^6
-      passport.use(new XSUAAStrategy(uaa.credentials))
-    } else {
-      throw Object.assign(
-        new Error('No or malformed credentials for auth kind "xsuaa". Make sure to bind the app to an "xsuaa" service'),
-        { credentials }
-      )
-    }
-  }
-}
-
-// map for initialized authenticators
-const _authenticators = {}
-
-const _log = (req, challenges) => {
-  if (!LOG._debug) return
-  const challengesLog = challenges ? ['User challenges:', challenges] : []
-  LOG.debug(`User "${req.user.id}" request URL`, req.url, '\n', ...challengesLog)
-}
-
-const cap_auth_callback = (req, res, next, internalError, user, arg) => {
-  // An internal error occurs during the authentication process
-  if (internalError) {
-    return res.status(401).json({ error: ODATA_UNAUTHORIZED }) // no details to client
-  }
-
-  let challenges
-  if (arg) {
-    if (!user) {
-      // > challenges
-      if (Array.isArray(arg)) {
-        challenges = arg.filter(ele => ele)
-        challenges = challenges.length ? challenges : undefined
-      } else {
-        challenges = [arg]
-      }
-    } else {
-      // REVISIT: req._.req.authInfo compat
-      if (arg.verifyToken) req.authInfo = arg
-    }
-  }
-  req.user = user || Object.defineProperty(new cds.User(), '_challenges', { enumerable: false, value: challenges })
-  _log(req, challenges)
-
-  next()
-}
-
-const _mountCustomAuth = (srv, app, config) => {
-  const impl = cds.resolve(config.impl)
-  app.use(_require(impl))
-}
-
-const _mountMockAuth = (srv, app, strategy, config) => {
-  const impl =
-    strategy === 'dummy'
-      ? new (require('./strategies/dummy'))()
-      : new (require('./strategies/mock'))(config, `mock_${srv.name}`)
-
-  app.use(function cap_auth(req, res, next) {
-    let user, challenge
-    impl.success = arg => (user = arg)
-    impl.fail = arg => (challenge = arg)
-    impl.authenticate(req)
-    cap_auth_callback(req, res, next, undefined, user, [challenge])
-  })
-}
-
-const _mountPassportAuth = (srv, app, strategy, config) => {
-  if (strategy in { jwt: 1, xsuaa: 1 } && !config.credentials) {
-    let msg = `Authentication kind "${config.kind}" configured, but no XSUAA instance bound to application.`
-    msg += ' Either bind an XSUAA instance, or switch to an authentication kind that does not require a binding.'
-    throw new Error(msg)
-  }
-
-  if (!passport) passport = _require('passport')
-
-  // initialize strategy
-  if (!_authenticators[strategy] || process.env.NODE_ENV === 'test') {
-    _initializers[strategy](config, srv.name)
-    _authenticators[strategy] = true
-  }
-
-  // authenticate
-  app.use(passport.initialize())
-  app.use((req, res, next) => {
-    const options = { session: false, failWithError: true }
-    const callback = cap_auth_callback.bind(undefined, req, res, next)
-    passport.authenticate(strategy === 'jwt' ? 'JWT' : strategy, options, callback)(req, res, next)
-  })
-}
-
-/*
- * export authentication middleware
- */
-// eslint-disable-next-line complexity
-module.exports = (srv, options = srv.options) => {
-  const handlers = [],
-    app = { use: h => handlers.push(h) }
-
-  // NOTE: options.auth is not an official API
-  let config = 'auth' in options ? options.auth : cds.env.requires.auth
-  if (!config) {
-    // REVISIT: can config be falsy? req.user would be undefined!
-    if (cds.requires.db && cds.requires.multitenancy) {
-      process.exitCode = 1 // REVISIT: why exitCode needed?
-      throw new Error('Authentication required for multitenancy')
-    }
-    if (containsAnyRestrictions(srv)) {
-      process.exitCode = 1 // REVISIT: why exitCode needed?
-      throw new Error('Authentication required for authorization checks')
-    }
-    if (process.env.NODE_ENV !== 'production' && !logged) {
-      LOG._warn && LOG.warn(`No authentication configured. This is not recommended in production.`)
-    }
-    // no auth wanted > return
-    return handlers
-  }
-
-  // cds.env.requires.auth = { kind: 'xsuaa-auth' } was briefly documented on capire -> also support
-  if (config.kind === 'xsuaa-auth' && !config.credentials) config = cds.env.requires.xsuaa
-
-  // mount authentication middleware or strategy
-  if (!logged) LOG._debug && LOG.debug(`Using authentication`, { kind: config.kind })
-
-  if (config.impl) {
-    // mount custom authentication middleware
-    _mountCustomAuth(srv, app, config)
-  } else if (config.kind === 'ias' || config.kind === 'ias-auth') {
-    // ias-auth follows the new implementation pattern for auth middlewares
-    const iasAuth = require('./strategies/ias-auth')(config)
-    if (iasAuth) app.use(iasAuth)
-  } else {
-    // mount our authentication strategies (legacy style)
-    const strategy = _strategy4(config)
-    if (strategy in { dummy: 1, mock: 1 }) {
-      _mountMockAuth(srv, app, strategy, config)
-    } else {
-      _mountPassportAuth(srv, app, strategy, config)
-    }
-  }
-
-  // so we don't log the same stuff multiple times
-  logged = true
-
-  return handlers
-}
-
-const _strategy4 = config => {
-  const strategy = config.kind.replace('mocked', 'mock').replace(/-auth$/, '')
-  if (strategy in _initializers) return strategy
-  process.exitCode = 1 // REVISIT: why exitCode needed?
-  throw new Error(`Authentication kind "${config.kind}" is not supported`)
-}

package/libx/_runtime/auth/strategies/JWT.js

@@ -1,37 +0,0 @@
-const cds = require('../../cds')
-
-const _require = require('../../common/utils/require')
-const xssecUtils = require('./xssecUtils')
-
-// use _require for a better error message
-const { JWTStrategy: JS } = _require('@sap/xssec')
-
-class JWTStrategy extends JS {
-  constructor(credentials) {
-    super(credentials)
-    this.credentials = credentials
-  }
-
-  authenticate(req, options) {
-    const credentials = this.credentials
-
-    // monkey patch success
-    const _success = this.success
-    this.success = (user, info) => {
-      // create cds.User
-      user = new cds.User({
-        id: xssecUtils.getUserId(user, info),
-        roles: xssecUtils.getRoles(['any', 'identified-user'], info, credentials),
-        attr: xssecUtils.getAttrForJWT(info)
-      })
-      xssecUtils.addRolesFromGrantType(user, info, credentials)
-      const tenant = xssecUtils.getTenant(info)
-      if (tenant) user.tenant = tenant
-      // call "super.success"
-      _success(user, info)
-    }
-    super.authenticate(req, options)
-  }
-}
-
-module.exports = JWTStrategy

package/libx/_runtime/auth/strategies/basic.js

@@ -1,20 +0,0 @@
-const cds = require('../../cds')
-
-const _require = require('../../common/utils/require')
-
-// use _require for a better error message
-const { BasicStrategy: BS } = _require('passport-http')
-
-class BasicStrategy extends BS {
-  constructor(credentials) {
-    super(function (user, password, done) {
-      if ((credentials[user]?.password || credentials[user]) === password) {
-        done(null, new cds.User({ id: user, roles: credentials[user].roles || [] }))
-      } else {
-        this.fail()
-      }
-    })
-  }
-}
-
-module.exports = BasicStrategy