@sap/cds 7.9.4 → 8.0.4

package/libx/_runtime/auth/strategies/dummy.js

@@ -1,14 +0,0 @@
-const cds = require('../../cds')
-
-class DummyStrategy {
-  constructor() {
-    this.name = 'dummy'
-  }
-
-  authenticate() {
-    const user = new cds.User.Privileged()
-    this.success(user)
-  }
-}
-
-module.exports = DummyStrategy

package/libx/_runtime/auth/strategies/ias-auth.js

@@ -1 +0,0 @@
-module.exports = require('../../../../lib/auth/ias-auth')

package/libx/_runtime/auth/strategies/mock.js

@@ -1,77 +0,0 @@
-const cds = require('../../cds')
-const CHALLENGE = 'Basic realm="Users"'
-
-class MockStrategy {
-  constructor({ users, tenants }, name = 'mock') {
-    this.name = name
-    this.users = _init_users(users || cds.env.requires.auth.users || {}, tenants)
-  }
-
-  authenticate(req) {
-    const { authorization } = req.headers
-    if (!authorization) return this.fail(CHALLENGE)
-
-    const [scheme, base64] = authorization.split(' ')
-    if (!scheme || scheme.toLowerCase() !== 'basic') return this.fail(CHALLENGE)
-    if (!base64) return this.fail(CHALLENGE)
-
-    const [id, password] = Buffer.from(base64, 'base64').toString().split(':')
-    const user = this.users[id] || (this.users['*'] && { id })
-    if (!user) return this.fail(CHALLENGE)
-    if (user.password && user.password !== password) return this.fail(CHALLENGE)
-
-    const { features } = req.headers
-    this.success(new cds.User(features ? { ...user, features } : user))
-  }
-}
-
-// eslint-disable-next-line complexity
-const _init_users = (users, tenants = {}) => {
-  if (!users._initialized) {
-    Object.defineProperty(users, '_initialized', { value: true })
-    for (let [id, user] of Object.entries(users)) {
-      if (id !== '*') user.id = user.ID || user.id || id // fill in user ids
-      if (id !== user.id) users[user.id] = user
-      if (user.jwt) {
-        let scopes = user.jwt.scope || user.jwt.scopes
-        if (scopes) {
-          const aud = user.jwt.aud
-          if (aud)
-            scopes = scopes.map(s => {
-              for (const each of aud) s = s.replace(`${each}.`, '')
-              return s
-            })
-          Array.isArray(user.roles) ? user.roles.push(...scopes) : (user.roles = scopes)
-        }
-        if (user.jwt.grant_type === 'client_credentials' || user.jwt.grant_type === 'client_x509') {
-          Array.isArray(user.roles) ? user.roles.push('system-user') : (user.roles = ['system-user'])
-        }
-        if (!user.tenant && user.jwt.zid) user.tenant = user.jwt.zid
-      }
-
-      // optimization:
-      if (user.roles)
-        user.roles = user.roles.reduce((p, n) => {
-          p[n] = 1
-          return p
-        }, {})
-
-      // apply tenant info if any
-      if (!user.features) {
-        const features = tenants[user.tenant]?.features
-        if (features) user.features = features
-      }
-
-      const attr = Object.assign(
-        {},
-        user.userAttributes,
-        user.jwt && user.jwt.userInfo,
-        user.jwt && user.jwt.attributes
-      )
-      if (Object.keys(attr).length > 0) user.attr = attr
-    }
-  }
-  return users
-}
-
-module.exports = MockStrategy

package/libx/_runtime/auth/strategies/xssecUtils.js

@@ -1,93 +0,0 @@
-const CLIENT = { client_credentials: 1, client_x509: 1 }
-
-const getUserId = (user, info) => {
-  // fallback for grant_type=client_credentials (xssec v3)
-  return user.id || (info && info.getClientId && info.getClientId())
-}
-
-const addRolesFromGrantType = (user, info, credentials) => {
-  const grantType = info && (info.grantType || (info.getGrantType && info.getGrantType()))
-  if (grantType) {
-    // > not "weak"
-    user.roles['authenticated-user'] = true
-    if (grantType in CLIENT) {
-      user.roles['system-user'] = true
-      if (info.getClientId() === credentials.clientid) user.roles['internal-user'] = true
-    }
-  }
-}
-
-const getRoles = (roles, info) => {
-  // convert to object
-  roles = Object.assign(...roles.map(ele => ({ [ele]: true })))
-
-  if (info && info.checkLocalScope && typeof info.checkLocalScope === 'function') {
-    // > xssec v3
-    roles = new Proxy(roles, {
-      get: function (t, role) {
-        return role in t ? t[role] : info.checkLocalScope(role)
-      }
-    })
-  }
-
-  return roles
-}
-
-const getAttrForJWT = info => {
-  if (!info) {
-    return {}
-  }
-
-  if (info.getAttribute && typeof info.getAttribute === 'function') {
-    // > xssec v3
-    return new Proxy(
-      {},
-      {
-        get: function (_, attr) {
-          return info.getAttribute(attr)
-        }
-      }
-    )
-  }
-
-  return {}
-}
-
-// xssec v3 only
-const getAttrForXSSEC = info => {
-  if (!info) return {}
-
-  return new Proxy(
-    {},
-    {
-      get: function (_, attr) {
-        // try to get saml attribute via API (getEmail, getFamilyName, etc.)
-        try {
-          const getter = `get${attr[0].toUpperCase()}${attr.slice(1)}`
-          if (info[getter] && typeof info[getter] === 'function') {
-            return info[getter]()
-          }
-        } catch (e) {
-          // ignore
-        }
-
-        // default to getAttribute
-        return info.getAttribute(attr)
-      }
-    }
-  )
-}
-
-const getTenant = info => {
-  // xssec v3
-  return info && info.getZoneId && info.getZoneId()
-}
-
-module.exports = {
-  getUserId,
-  getRoles,
-  getAttrForJWT,
-  getAttrForXSSEC,
-  getTenant,
-  addRolesFromGrantType
-}

package/libx/_runtime/auth/strategies/xsuaa.js

@@ -1,38 +0,0 @@
-const cds = require('../../cds')
-
-const _require = require('../../common/utils/require')
-const xssecUtils = require('./xssecUtils')
-
-// use _require for a better error message
-const { JWTStrategy: JS } = _require('@sap/xssec')
-
-class XSUAAStrategy extends JS {
-  constructor(credentials) {
-    super(credentials)
-    this.credentials = credentials
-    this.name = 'xsuaa'
-  }
-
-  authenticate(req, options) {
-    const credentials = this.credentials
-
-    // monkey patch success
-    const _success = this.success
-    this.success = (user, info) => {
-      // create cds.User
-      user = new cds.User({
-        id: xssecUtils.getUserId(user, info),
-        roles: xssecUtils.getRoles(['any', 'identified-user'], info, credentials),
-        attr: xssecUtils.getAttrForXSSEC(info)
-      })
-      xssecUtils.addRolesFromGrantType(user, info, credentials)
-      const tenant = xssecUtils.getTenant(info)
-      if (tenant) user.tenant = tenant
-      // call "super.success"
-      _success(user, info)
-    }
-    super.authenticate(req, options)
-  }
-}
-
-module.exports = XSUAAStrategy

package/libx/_runtime/common/perf/index.js

@@ -1,19 +0,0 @@
-const { performance } = require('perf_hooks')
-
-const _statisticsRequested = req =>
-  (req.query && req.query['sap-statistics'] === 'true') ||
-  (req.headers && req.headers['sap-statistics'] === 'true' && (!req.query || !req.query['sap-statistics']))
-
-module.exports = function sap_statistics(req, res, next) {
-  if (!_statisticsRequested(req)) return next()
-
-  const t0 = performance.now()
-  const { writeHead } = res
-  res.writeHead = function (...args) {
-    const total = Number((performance.now() - t0) / 1000).toFixed(2)
-    if (res.statusCode < 400) res.setHeader('sap-statistics', `total=${total}`)
-    writeHead.call(this, ...args)
-  }
-
-  next()
-}

package/libx/_runtime/common/utils/ensureIEEE754.js

@@ -1,29 +0,0 @@
-const getTemplate = require('./template')
-const templateProcessor = require('./templateProcessor')
-
-const _pick = element => {
-  return element._type in { 'cds.Decimal': 1, 'cds.Integer64': 1 }
-}
-
-const _processorFn = () => elementInfo => {
-  const { row, key } = elementInfo
-  if (typeof row?.[key] !== 'number') return
-  row[key] = `${row[key]}`
-}
-
-const ensureIEEE754 = (target, service, result) => {
-  const { model } = service
-  if (!target || !result || !model || !model.definitions[target.name]) return
-
-  const template = getTemplate('ensureIEEE754', service, target, { pick: _pick })
-  if (template.elements.size === 0) return
-
-  if (typeof result === 'object' && result != null) {
-    const processFn = _processorFn()
-    for (const row of Array.isArray(result) ? result : [result]) {
-      templateProcessor({ processFn, row, template })
-    }
-  }
-}
-
-module.exports = ensureIEEE754

package/libx/_runtime/fiori/draft.js

@@ -1,2 +0,0 @@
-const cds = require('../cds')
-module.exports = cds.env.fiori.lean_draft ? require('./lean-draft') : require('./generic')

package/libx/_runtime/fiori/generic/activate.js

@@ -1,190 +0,0 @@
-const cds = require('../../cds')
-const { INSERT, SELECT, UPDATE, DELETE } = cds.ql
-
-const {
-  ensureNoDraftsSuffix,
-  ensureDraftsSuffix,
-  entity_keys,
-  getDeleteDraftAdminCqn,
-  getCompositionTargets
-} = require('../utils/handler')
-const { readAndDeleteKeywords, isActiveEntityRequested, getKeyData } = require('../utils/where')
-const { isDraftRootEntity } = require('../../fiori/utils/csn')
-const { getColumns } = require('../../common/utils/columns')
-const { DRAFT_COLUMNS_MAP } = require('../../common/constants/draft')
-
-const _getRootCQN = (context, requestActiveData) => {
-  const keys = entity_keys(context.target)
-  const keyData = getKeyData(keys, context.query.SELECT.from.ref[0].where)
-  const columns = getColumns(context.target, { onlyNames: true, filterVirtual: true })
-  return SELECT.from(
-    requestActiveData ? ensureNoDraftsSuffix(context.target.name) : ensureDraftsSuffix(context.target.name),
-    columns
-  ).where(keyData)
-}
-
-const _getExpandSubCqn = (model, parentEntityName, targets, isRoot = true) => {
-  const result = []
-  const parentEntity = model[parentEntityName]
-
-  for (const element of Object.values(parentEntity.elements)) {
-    const { name, target, cardinality } = element
-    if (name in DRAFT_COLUMNS_MAP) {
-      continue
-    }
-
-    const ref = { ref: [name] }
-    if (element.isComposition && cardinality && !targets.includes(target)) {
-      if (name === 'texts' && !parentEntity['@fiori.draft.enabled']) {
-        continue
-      }
-
-      ref.expand = _getExpandSubCqn(model, target, [...targets, parentEntityName], false)
-      result.push(ref)
-    } else if (!isRoot && !element.isAssociation) {
-      result.push(ref)
-    }
-  }
-
-  return result
-}
-
-const _getDraftAdminRef = () => {
-  return {
-    ref: ['DraftAdministrativeData'],
-    expand: [{ ref: ['DraftUUID'] }, { ref: ['InProcessByUser'] }]
-  }
-}
-
-const _removeIsActiveEntityRecursively = resultSet => {
-  resultSet.forEach(result => {
-    delete result.IsActiveEntity
-    Object.values(result).forEach(val => {
-      if (Array.isArray(val)) {
-        _removeIsActiveEntityRecursively(val)
-      }
-    })
-  })
-}
-
-const _draftCompositionTree = async (service, req) => {
-  let draftData, activeData, adminData
-
-  const expanded = _getExpandSubCqn(service.model.definitions, ensureNoDraftsSuffix(req.target.name), [])
-
-  const cqnDraft = _getRootCQN(req, false)
-  cqnDraft.SELECT.columns.push(_getDraftAdminRef())
-  cqnDraft.SELECT.columns.push(...expanded)
-
-  const cqnActive = _getRootCQN(req, true)
-  cqnActive.SELECT.columns.push(...expanded)
-
-  const dbtx = cds.tx(req)
-
-  const results = await Promise.all([dbtx.run(cqnDraft), dbtx.run(cqnActive)])
-
-  if (results[0].length === 1) {
-    _removeIsActiveEntityRecursively(results[0])
-
-    adminData = results[0][0].DraftAdministrativeData
-    delete results[0][0].DraftAdministrativeData
-    draftData = results[0][0]
-  }
-
-  if (results[1].length === 1) {
-    _removeIsActiveEntityRecursively(results[1])
-    activeData = results[1][0]
-  }
-
-  return { draftData, activeData, adminData }
-}
-
-/**
- * Generic Handler for draftActivate requests.
- * In case of success it triggers an 'UPDATE' or 'CREATE' event.
- *
- * @param req
- */
-const fioriGenericActivate = async function (req, next) {
-  if (!req.target._isDraftEnabled) return next()
-
-  if (
-    isActiveEntityRequested(req.query.SELECT.from.ref[0].where || []) ||
-    req.query.SELECT.from.ref.length > 2 ||
-    !isDraftRootEntity(this.model.definitions, ensureNoDraftsSuffix(req.target.name))
-  ) {
-    req.reject(400, 'Action "draftActivate" can only be called on the root draft entity')
-  }
-
-  if (!cds.db) req.reject('NO_DATABASE_CONNECTION')
-
-  const { draftData, activeData, adminData } = await _draftCompositionTree(this, req)
-  if (!draftData) req.reject(404)
-
-  if (adminData.InProcessByUser !== req.user.id) {
-    req.reject(403, 'DRAFT_LOCKED_BY_ANOTHER_USER', [adminData.InProcessByUser])
-  }
-
-  // create or update
-  let query, event
-  if (activeData) {
-    readAndDeleteKeywords(['IsActiveEntity'], req.query.SELECT.from.ref[0].where)
-    event = 'UPDATE'
-    // REVISIT: setting data should be part of ql
-    query = UPDATE(req.target).where(req.query.SELECT.from.ref[0].where)
-    query.UPDATE.data = draftData
-  } else {
-    event = 'CREATE'
-    query = INSERT.into(req.target).entries(draftData)
-  }
-
-  // REVISIT: _draftMetadata
-  const request = new cds.Request({ event, query, data: draftData, _draftMetadata: adminData })
-
-  // REVISIT: should not be necessary
-  request._ = Object.assign(request._, req._)
-  request._.params = req.params
-  request._.query = req.query
-
-  // use finally to preserve r.messages in success or error case
-  let result
-  try {
-    result = await this.dispatch(request)
-  } finally {
-    // REVISIT: should not be necessary
-    if (request.messages) for (const m of request.messages) req.info(m)
-  }
-
-  // delete draft data
-  const deleteDraftAdminCqn = getDeleteDraftAdminCqn(adminData.DraftUUID)
-  const draftTablesToDeleteFrom = [req.target.name + '_drafts']
-  for (const [entity] of getCompositionTargets(req.target, this).entries()) {
-    draftTablesToDeleteFrom.push(entity + '_drafts')
-  }
-
-  await cds.db.tx(req).run([
-    deleteDraftAdminCqn,
-    ...draftTablesToDeleteFrom.map(dt => {
-      const d = DELETE.from(dt).where({ DraftAdministrativeData_DraftUUID: adminData.DraftUUID })
-      d._suppressDeepDelete = true // hidden flag to tell db layer that no deep delete is required
-      return d
-    })
-  ])
-
-  if (event === 'CREATE') {
-    // REVISIT: we need to use okra API here because it must be set in the batched request
-    //          status code must be set in handler to allow overriding for FE V2
-    // REVISIT: needs reworking for new adapter, especially re $batch
-    if (req._?.odataRes) {
-      req._?.odataRes?.setStatusCode(201, { overwrite: true })
-    } else if (req.http?.res) {
-      req.http.res.status(201)
-    }
-  }
-
-  return result
-}
-
-module.exports = cds.service.impl(function (srv) {
-  srv.on('draftActivate', '*', fioriGenericActivate)
-})

package/libx/_runtime/fiori/generic/before.js

@@ -1,201 +0,0 @@
-const cds = require('../../cds')
-
-const { SELECT } = cds.ql
-
-const { isNavigationToMany } = require('../utils/req')
-const { getKeysCondition, removeIsActiveEntityRecursively } = require('../utils/where')
-const { ensureNoDraftsSuffix, ensureDraftsSuffix, draftIsLocked } = require('../utils/handler')
-
-const { DRAFT_COLUMNS_ADMIN_MAP } = require('../../common/constants/draft')
-const { deepCopyArray } = require('../../common/utils/copy')
-const DRAFT_COLUMNS_ADMIN = Object.keys(DRAFT_COLUMNS_ADMIN_MAP)
-const PREFIX_DRAFT_COLUMNS = DRAFT_COLUMNS_ADMIN.map(col => ({ ref: ['DRAFT_DraftAdministrativeData', col] }))
-
-/**
- * Provide information about the parent entity, i.e. the entity that has the to-many composition element.
- * Limitation: only works for one key (besides IsActiveEntity)
- *
- * @param service
- * @param req
- * @returns {object}
- * @private
- */
-
-const _validateDraft = (req, draftResult, isBoundAction) => {
-  if (!draftResult || draftResult.length === 0) req.reject(404)
-
-  const draftAdminData = draftResult[0]
-
-  // the same user that locked the entity can always delete/update it
-  if (draftAdminData.InProcessByUser === req.user.id) return
-
-  // proceed with the delete/update action only if it was initiated by a different
-  // user than the one who locked the entity and the configured drafts cancellation
-  // timeout timer has expired
-  if (draftIsLocked(draftAdminData.LastChangeDateTime)) {
-    req.reject(403, 'DRAFT_LOCKED_BY_ANOTHER_USER', [draftAdminData.CreatedByUser])
-  }
-
-  // At this point, the request user ID isn't the owner of the draft.
-  if (isBoundAction) req.reject(403)
-}
-
-const _addDraftDataToContext = (req, result) => {
-  if (!result || result.length === 0) return
-  if (req.rejected) return
-  if (!req._draftMetadata) req._draftMetadata = {}
-
-  DRAFT_COLUMNS_ADMIN.forEach(column => {
-    if (column in result[0]) req._draftMetadata[column] = result[0][column]
-  })
-
-  req.data.DraftAdministrativeData_DraftUUID = result[0].DraftUUID
-}
-
-const _getSelectDraftDataCqn = (entityName, where) => {
-  return SELECT.from(ensureDraftsSuffix(entityName), PREFIX_DRAFT_COLUMNS)
-    .join('DRAFT.DraftAdministrativeData')
-    .on('DraftAdministrativeData_DraftUUID =', { ref: ['DRAFT.DraftAdministrativeData', 'DraftUUID'] })
-    .where(where)
-}
-
-const _getRoot = req => {
-  if (!req.query) return
-
-  const refObj = req.query.SELECT?.from || req.query.UPDATE?.entity || req.query.INSERT?.into || req.query.DELETE?.from
-  const ref0 = refObj.ref[0]
-
-  const root = {
-    entityName: ensureDraftsSuffix(ref0.id),
-    where: removeIsActiveEntityRecursively(deepCopyArray(ref0.where))
-  }
-
-  for (const item of ref0.where) {
-    if (item.ref && item.ref[item.ref.length - 1] === 'IsActiveEntity') {
-      const index = ref0.where.indexOf(item)
-      root.IsActiveEntity = ref0.where[index + 2].val
-      break
-    }
-  }
-
-  return root
-}
-
-const _getDraftDataFromExistingDraft = async (req, root, isBoundAction) => {
-  if (!cds.db) req.reject('NO_DATABASE_CONNECTION')
-  if (!root) return []
-  if (root?.IsActiveEntity === false) {
-    const query = _getSelectDraftDataCqn(root.entityName, root.where)
-    const result = await cds.tx(req).run(query)
-    return result
-  }
-
-  // do not expect validate draft ownership for action call on active instances
-  if (isBoundAction) return []
-
-  const rootWhere = getKeysCondition(req)
-  const query = _getSelectDraftDataCqn(ensureNoDraftsSuffix(req.target.name), rootWhere)
-  const result = await cds.tx(req).run(query)
-  return result
-}
-
-const _addDraftDataFromExistingDraft = async req => {
-  const root = _getRoot(req)
-  const result = await _getDraftDataFromExistingDraft(req, root)
-
-  if (!root) return []
-  if (root.IsActiveEntity === false) {
-    _validateDraft(req, result)
-    _addDraftDataToContext(req, result)
-    return result
-  }
-
-  if (result && result.length > 0) _validateDraft(req, result)
-  _addDraftDataToContext(req, result)
-  return result
-}
-
-/**
- * Generic Handler for before NEW requests.
- */
-const _new = async function (req) {
-  if (!req.target._isDraftEnabled) return
-
-  if (isNavigationToMany(req, this.model)) {
-    const result = await _addDraftDataFromExistingDraft(req)
-
-    // in order to fix corner case where active subitems are created in draft case
-    if (result.length === 0) req.reject(404)
-
-    return
-  }
-
-  req._draftMetadata = req._draftMetadata || {}
-  req.data.DraftAdministrativeData_DraftUUID = cds.utils.uuid()
-  req._draftMetadata.DraftUUID = req.data.DraftAdministrativeData_DraftUUID
-}
-
-/**
- * Generic Handler for before PATCH and UPDATE requests.
- */
-const _patch = async function (req) {
-  if (!req.target._isDraftEnabled) return
-
-  const result = await _addDraftDataFromExistingDraft(req)
-
-  // no result means that the draft does not exist
-  if (result.length === 0) req.reject(404)
-}
-
-/**
- * Generic Handler for before DELETE and CANCEL requests.
- */
-const _cancel = async function (req) {
-  if (!req.target._isDraftEnabled) return
-
-  await _addDraftDataFromExistingDraft(req)
-}
-
-const _validateDraftBoundAction = async function (req) {
-  const isBoundAction = true
-  const result = await _getDraftDataFromExistingDraft(req, _getRoot(req), isBoundAction)
-  if (result && result.length > 0) _validateDraft(req, result, isBoundAction)
-}
-
-const _allowEntityCollectionOnAction = action => {
-  return (
-    action['@cds.odata.bindingparameter.collection'] ||
-    (action.params && Object.values(action.params).some(e => e?.items?.type === '$self'))
-  )
-}
-
-const _registerBoundActionHandlers = function (entities) {
-  for (let entity of entities) {
-    if (!entity.actions) return
-
-    const boundActions = Object.values(entity.actions).filter(
-      action =>
-        action.kind === 'action' &&
-        action.name !== 'draftPrepare' &&
-        action.name !== 'draftEdit' &&
-        action.name !== 'draftActivate' &&
-        !_allowEntityCollectionOnAction(action)
-    )
-
-    for (const action of boundActions) {
-      this.before(action.name, entity.name, req => _validateDraftBoundAction(req))
-    }
-  }
-}
-
-_new._initial = true
-_patch._initial = true
-_cancel._initial = true
-
-module.exports = cds.service.impl(function (srv) {
-  srv.before('NEW', '*', _new)
-  srv.before('PATCH', '*', _patch)
-  srv.before('CANCEL', '*', _cancel)
-  const entities = Object.values(srv.entities || {}).filter(entity => entity._isDraftEnabled)
-  _registerBoundActionHandlers.call(srv, entities)
-})

package/libx/_runtime/fiori/generic/cancel.js

@@ -1,19 +0,0 @@
-const cds = require('../../cds')
-const { deleteDraft } = require('../utils/delete')
-
-/**
- * Generic Handler for CANCEL requests.
- * In case of success it returns an empty object.
- * If the entry to be deleted does not exist, it rejects with error to return a 404.
- *
- * @param req
- */
-const fioriGenericCancel = function (req, next) {
-  if (!req.target._isDraftEnabled) return next()
-
-  return deleteDraft(req, this)
-}
-
-module.exports = cds.service.impl(function (srv) {
-  srv.on('CANCEL', '*', fioriGenericCancel)
-})