abapgit-agent 1.7.1 → 1.8.0

package/src/utils/abap-http.js

@@ -0,0 +1,347 @@
+/**
+ * ABAP HTTP request wrapper with CSRF token and session management
+ */
+const https = require('https');
+const http = require('http');
+const fs = require('fs');
+const path = require('path');
+const os = require('os');
+const crypto = require('crypto');
+
+/**
+ * ABAP HTTP client with CSRF token, cookie, and session caching
+ */
+class AbapHttp {
+  constructor(config) {
+    this.config = config;
+    this.csrfToken = null;
+    this.cookies = null;
+
+    // Session cache file path
+    const configHash = crypto.createHash('md5')
+      .update(`${config.host}:${config.user}:${config.client}`)
+      .digest('hex')
+      .substring(0, 8);
+
+    this.sessionFile = path.join(os.tmpdir(), `abapgit-session-${configHash}.json`);
+
+    // Try to load cached session
+    this.loadSession();
+  }
+
+  /**
+   * Load session from cache file if valid
+   */
+  loadSession() {
+    if (!fs.existsSync(this.sessionFile)) {
+      return;
+    }
+
+    try {
+      const session = JSON.parse(fs.readFileSync(this.sessionFile, 'utf8'));
+
+      // Check if expired (with 2-minute safety margin)
+      const now = Date.now();
+      const safetyMargin = 2 * 60 * 1000;  // 2 minutes
+
+      if (session.expiresAt > now + safetyMargin) {
+        this.csrfToken = session.csrfToken;
+        this.cookies = session.cookies;
+        // Silent - no console output for cached session
+      } else {
+        // Session expired
+        this.clearSession();
+      }
+    } catch (e) {
+      // Corrupted cache file - clear it
+      this.clearSession();
+    }
+  }
+
+  /**
+   * Save session to cache file
+   */
+  saveSession() {
+    // Conservative expiration: 15 minutes
+    // (ABAP default session timeout is typically 20 minutes)
+    const expiresAt = Date.now() + (15 * 60 * 1000);
+
+    try {
+      fs.writeFileSync(this.sessionFile, JSON.stringify({
+        csrfToken: this.csrfToken,
+        cookies: this.cookies,
+        expiresAt,
+        savedAt: Date.now()
+      }));
+    } catch (e) {
+      // Ignore write errors - session caching is optional
+    }
+  }
+
+  /**
+   * Clear cached session
+   */
+  clearSession() {
+    this.csrfToken = null;
+    this.cookies = null;
+
+    try {
+      if (fs.existsSync(this.sessionFile)) {
+        fs.unlinkSync(this.sessionFile);
+      }
+    } catch (e) {
+      // Ignore file deletion errors
+    }
+  }
+
+  /**
+   * Detect if error is due to expired/invalid session
+   * @param {Error|object} error - Error object or response
+   * @returns {boolean} True if auth error
+   */
+  isAuthError(error) {
+    // HTTP status codes
+    if (error.statusCode === 401) return true;  // Unauthorized
+    if (error.statusCode === 403) return true;  // Forbidden
+
+    // Error message patterns
+    const message = (error.message || error.error || '').toLowerCase();
+    if (message.includes('csrf')) return true;
+    if (message.includes('token')) return true;
+    if (message.includes('session')) return true;
+    if (message.includes('expired')) return true;
+    if (message.includes('unauthorized')) return true;
+    if (message.includes('forbidden')) return true;
+
+    // Response body patterns
+    if (error.body) {
+      const bodyStr = JSON.stringify(error.body).toLowerCase();
+      if (bodyStr.includes('csrf')) return true;
+      if (bodyStr.includes('session')) return true;
+      if (bodyStr.includes('expired')) return true;
+    }
+
+    return false;
+  }
+
+  /**
+   * Fetch CSRF token using GET /health with X-CSRF-Token: fetch
+   * @returns {Promise<string>} CSRF token
+   */
+  async fetchCsrfToken() {
+    const url = new URL(`/sap/bc/z_abapgit_agent/health`, `https://${this.config.host}:${this.config.sapport}`);
+
+    return new Promise((resolve, reject) => {
+      const options = {
+        hostname: url.hostname,
+        port: url.port,
+        path: url.pathname,
+        method: 'GET',
+        headers: {
+          'Authorization': `Basic ${Buffer.from(`${this.config.user}:${this.config.password}`).toString('base64')}`,
+          'sap-client': this.config.client,
+          'sap-language': this.config.language || 'EN',
+          'X-CSRF-Token': 'fetch',
+          'Content-Type': 'application/json'
+        },
+        agent: new https.Agent({ rejectUnauthorized: false })
+      };
+
+      const req = https.request(options, (res) => {
+        const csrfToken = res.headers['x-csrf-token'];
+
+        // Save cookies from response
+        const setCookie = res.headers['set-cookie'];
+        if (setCookie) {
+          this.cookies = Array.isArray(setCookie)
+            ? setCookie.map(c => c.split(';')[0]).join('; ')
+            : setCookie.split(';')[0];
+        }
+
+        let body = '';
+        res.on('data', chunk => body += chunk);
+        res.on('end', () => {
+          this.csrfToken = csrfToken;
+
+          // Save session to cache
+          this.saveSession();
+
+          resolve(csrfToken);
+        });
+      });
+
+      req.on('error', reject);
+      req.end();
+    });
+  }
+
+  /**
+   * Make HTTP request to ABAP REST endpoint with automatic retry on auth failure
+   * @param {string} method - HTTP method (GET, POST, DELETE)
+   * @param {string} urlPath - URL path
+   * @param {object} data - Request body (for POST)
+   * @param {object} options - Additional options (headers, csrfToken, isRetry)
+   * @returns {Promise<object>} Response JSON
+   */
+  async request(method, urlPath, data = null, options = {}) {
+    try {
+      // Try with current session (cached or fresh)
+      return await this._makeRequest(method, urlPath, data, options);
+
+    } catch (error) {
+      // Check if it's an authentication/authorization failure
+      if (this.isAuthError(error) && !options.isRetry) {
+        // Session expired - refresh and retry once
+        console.error('⚠️  Session expired, refreshing...');
+
+        // Clear stale session
+        this.clearSession();
+
+        // Fetch fresh token/cookies
+        await this.fetchCsrfToken();
+
+        // Retry ONCE with fresh session
+        return await this._makeRequest(method, urlPath, data, {
+          ...options,
+          isRetry: true  // Prevent infinite loop
+        });
+      }
+
+      // Not an auth error or already retried - propagate
+      throw error;
+    }
+  }
+
+  /**
+   * Internal request implementation (no retry logic)
+   * @param {string} method - HTTP method
+   * @param {string} urlPath - URL path
+   * @param {object} data - Request body
+   * @param {object} options - Additional options
+   * @returns {Promise<object>} Response JSON
+   */
+  async _makeRequest(method, urlPath, data = null, options = {}) {
+    return new Promise((resolve, reject) => {
+      const url = new URL(urlPath, `https://${this.config.host}:${this.config.sapport}`);
+
+      const headers = {
+        'Content-Type': 'application/json',
+        'sap-client': this.config.client,
+        'sap-language': this.config.language || 'EN',
+        ...options.headers
+      };
+
+      // Add authorization
+      headers['Authorization'] = `Basic ${Buffer.from(`${this.config.user}:${this.config.password}`).toString('base64')}`;
+
+      // Add CSRF token for POST
+      if (method === 'POST' && options.csrfToken) {
+        headers['X-CSRF-Token'] = options.csrfToken;
+      }
+
+      // Add cookies if available
+      if (this.cookies) {
+        headers['Cookie'] = this.cookies;
+      }
+
+      const reqOptions = {
+        hostname: url.hostname,
+        port: url.port,
+        path: url.pathname + url.search,
+        method,
+        headers,
+        agent: new https.Agent({ rejectUnauthorized: false })
+      };
+
+      const req = (url.protocol === 'https:' ? https : http).request(reqOptions, (res) => {
+        // Check for auth errors
+        if (res.statusCode === 401 || res.statusCode === 403) {
+          reject({
+            statusCode: res.statusCode,
+            message: `Authentication failed: ${res.statusCode}`,
+            isAuthError: true
+          });
+          return;
+        }
+
+        let body = '';
+        res.on('data', chunk => body += chunk);
+        res.on('end', () => {
+          try {
+            // Handle unescaped newlines from ABAP - replace actual newlines with \n
+            const cleanedBody = body.replace(/\n/g, '\\n');
+            const parsed = JSON.parse(cleanedBody);
+
+            // Check for CSRF/session errors in response body
+            if (this.isAuthError(parsed)) {
+              reject({
+                statusCode: res.statusCode,
+                message: 'CSRF token or session error',
+                body: parsed,
+                isAuthError: true
+              });
+              return;
+            }
+
+            resolve(parsed);
+          } catch (e) {
+            // Fallback: try to extract JSON from response
+            const jsonMatch = body.match(/\{[\s\S]*\}/);
+            if (jsonMatch) {
+              try {
+                const parsed = JSON.parse(jsonMatch[0].replace(/\n/g, '\\n'));
+                resolve(parsed);
+              } catch (e2) {
+                resolve({ raw: body, error: e2.message });
+              }
+            } else {
+              resolve({ raw: body, error: e.message });
+            }
+          }
+        });
+      });
+
+      req.on('error', reject);
+
+      if (data) {
+        req.write(JSON.stringify(data));
+      }
+      req.end();
+    });
+  }
+
+  /**
+   * Convenience method for GET requests
+   * @param {string} urlPath - URL path
+   * @param {object} options - Additional options
+   * @returns {Promise<object>} Response JSON
+   */
+  async get(urlPath, options = {}) {
+    return this.request('GET', urlPath, null, options);
+  }
+
+  /**
+   * Convenience method for POST requests
+   * @param {string} urlPath - URL path
+   * @param {object} data - Request body
+   * @param {object} options - Additional options (must include csrfToken)
+   * @returns {Promise<object>} Response JSON
+   */
+  async post(urlPath, data, options = {}) {
+    return this.request('POST', urlPath, data, options);
+  }
+
+  /**
+   * Convenience method for DELETE requests
+   * @param {string} urlPath - URL path
+   * @param {object} options - Additional options
+   * @returns {Promise<object>} Response JSON
+   */
+  async delete(urlPath, options = {}) {
+    return this.request('DELETE', urlPath, null, options);
+  }
+}
+
+module.exports = {
+  AbapHttp
+};

package/src/{ref-search.js → utils/abap-reference.js}

@@ -8,6 +8,7 @@
 const fs = require('fs');
 const path = require('path');
 const { promisify } = require('util');
+const { execSync } = require('child_process');
 const readdir = promisify(fs.readdir);
 const readFile = promisify(fs.readFile);
 const stat = promisify(fs.stat);
@@ -63,6 +64,120 @@ const TOPIC_MAP = {
   'tables': '01_Internal_Tables.md'
 };
 
+/**
+ * Ensure reference folder exists, create if necessary
+ * @returns {string|null} Path to reference folder or null if cannot create
+ */
+function ensureReferenceFolder() {
+  let refFolder = detectReferenceFolder();
+
+  if (refFolder && fs.existsSync(refFolder)) {
+    return refFolder;
+  }
+
+  // Try to create the reference folder at default location
+  const homeDir = require('os').homedir();
+  const defaultPath = path.join(homeDir, 'abap-reference');
+
+  try {
+    if (!fs.existsSync(defaultPath)) {
+      fs.mkdirSync(defaultPath, { recursive: true });
+    }
+    return defaultPath;
+  } catch (error) {
+    return null;
+  }
+}
+
+/**
+ * Clone a repository to the reference folder
+ * @param {string} repoUrl - Git repository URL or short name (e.g., "SAP-samples/abap-cheat-sheets")
+ * @param {string|null} name - Optional folder name for the cloned repo
+ * @returns {Object} Clone result
+ */
+function cloneRepository(repoUrl, name = null) {
+  const refFolder = ensureReferenceFolder();
+
+  if (!refFolder) {
+    return {
+      success: false,
+      error: 'Could not create reference folder',
+      hint: 'Set referenceFolder in .abapGitAgent or ensure ~/abap-reference is writable'
+    };
+  }
+
+  // Parse the repo URL
+  let targetName = name;
+  let cloneUrl = repoUrl;
+
+  // Handle short names (e.g., "SAP-samples/abap-cheat-sheets")
+  if (!repoUrl.startsWith('http://') && !repoUrl.startsWith('https://') && !repoUrl.startsWith('git@')) {
+    cloneUrl = `https://github.com/${repoUrl}.git`;
+  }
+
+  // If no name provided, extract from URL
+  if (!targetName) {
+    // Extract repo name from URL
+    const urlParts = cloneUrl.split('/');
+    const repoWithGit = urlParts[urlParts.length - 1];
+    targetName = repoWithGit.replace(/\.git$/, '');
+  }
+
+  const targetPath = path.join(refFolder, targetName);
+
+  // Check if already exists
+  if (fs.existsSync(targetPath)) {
+    return {
+      success: false,
+      error: `Repository already exists: ${targetName}`,
+      hint: `Delete '${targetPath}' to re-clone, or use --name to specify a different folder name`,
+      existingPath: targetPath
+    };
+  }
+
+  try {
+    // Run git clone
+    execSync(`git clone "${cloneUrl}" "${targetPath}"`, {
+      stdio: 'pipe',
+      encoding: 'utf8'
+    });
+
+    return {
+      success: true,
+      message: `Successfully cloned ${repoUrl}`,
+      repository: targetName,
+      folder: targetPath,
+      referenceFolder: refFolder
+    };
+  } catch (error) {
+    return {
+      success: false,
+      error: `Failed to clone: ${error.message}`,
+      hint: 'Check the repository URL and your network connection'
+    };
+  }
+}
+
+/**
+ * Display clone result in console format
+ * @param {Object} result - Clone result
+ */
+function displayCloneResult(result) {
+  if (result.success) {
+    console.log(`\n  ✅ ${result.message}`);
+    console.log(`\n  📁 Repository: ${result.repository}`);
+    console.log(`  📁 Location: ${result.folder}`);
+    console.log(`  📁 Reference folder: ${result.referenceFolder}`);
+    console.log(`\n  💡 You can now search this repository with:`);
+    console.log(`     abapgit-agent ref --list-repos`);
+  } else {
+    console.error(`\n  ❌ ${result.error}`);
+    if (result.hint) {
+      console.error(`\n  💡 ${result.hint}`);
+    }
+  }
+}
+
 /**
  * Detect reference folder from config or common locations
  * @returns {string|null} Path to reference folder or null if not found
@@ -1005,7 +1120,7 @@ function displayInitResult(result) {
     console.log(`\n  💡 Next steps:`);
     console.log(`    1. Review the guidelines in abap/guidelines/`);
     console.log(`    2. Customize as needed for your project`);
-    console.log(`    3. Run 'abapgit-agent ref --export' to make them searchable`);
+    console.log(`    3. Guidelines are automatically searchable with 'ref' command`);
   } else {
     console.error(`\n  ❌ ${result.error}`);
     if (result.hint) {
@@ -1016,6 +1131,7 @@ function displayInitResult(result) {
 
 module.exports = {
   detectReferenceFolder,
+  ensureReferenceFolder,
   detectGuidelinesFolder,
   getBuiltInGuidelinesPath,
   initGuidelines,
@@ -1027,11 +1143,13 @@ module.exports = {
   listTopics,
   listRepositories,
   exportGuidelines,
+  cloneRepository,
   displaySearchResults,
   displayTopic,
   displayTopics,
   displayRepositories,
   displayExportResult,
   displayInitResult,
+  displayCloneResult,
   TOPIC_MAP
 };

package/src/utils/git-utils.js

@@ -0,0 +1,58 @@
+/**
+ * Git-related utilities
+ */
+const pathModule = require('path');
+const fs = require('fs');
+
+/**
+ * Get git remote URL from .git/config
+ * @returns {string|null} Git remote URL or null if not found
+ */
+function getRemoteUrl() {
+  const gitConfigPath = pathModule.join(process.cwd(), '.git', 'config');
+
+  if (!fs.existsSync(gitConfigPath)) {
+    return null;
+  }
+
+  const content = fs.readFileSync(gitConfigPath, 'utf8');
+  const remoteMatch = content.match(/\[remote "origin"\]/);
+
+  if (!remoteMatch) {
+    return null;
+  }
+
+  const urlMatch = content.match(/	url = (.+)/);
+  return urlMatch ? urlMatch[1].trim() : null;
+}
+
+/**
+ * Get current git branch from .git/HEAD
+ * @returns {string} Current branch name or 'main' as default
+ */
+function getBranch() {
+  const headPath = pathModule.join(process.cwd(), '.git', 'HEAD');
+
+  if (!fs.existsSync(headPath)) {
+    return 'main';
+  }
+
+  const content = fs.readFileSync(headPath, 'utf8').trim();
+  const match = content.match(/ref: refs\/heads\/(.+)/);
+  return match ? match[1] : 'main';
+}
+
+/**
+ * Check if current directory is a git repository
+ * @returns {boolean} True if .git directory exists
+ */
+function isGitRepo() {
+  const gitPath = pathModule.join(process.cwd(), '.git');
+  return fs.existsSync(gitPath);
+}
+
+module.exports = {
+  getRemoteUrl,
+  getBranch,
+  isGitRepo
+};

package/src/utils/validators.js

@@ -0,0 +1,72 @@
+/**
+ * Input validation utilities
+ */
+
+/**
+ * Convert ISO date formats (YYYY-MM-DD) to ABAP DATS format (YYYYMMDD) in WHERE clause
+ * This allows users to use familiar ISO date formats while ensuring compatibility with ABAP SQL
+ * @param {string} whereClause - SQL WHERE clause
+ * @returns {string} - WHERE clause with dates converted to YYYYMMDD format
+ */
+function convertDatesInWhereClause(whereClause) {
+  if (!whereClause) return whereClause;
+
+  // Pattern to match ISO date format: 'YYYY-MM-DD'
+  const isoDatePattern = /'\d{4}-\d{2}-\d{2}'/g;
+
+  return whereClause.replace(isoDatePattern, (match) => {
+    // Extract YYYY, MM, DD from 'YYYY-MM-DD'
+    const dateContent = match.slice(1, -1); // Remove quotes: YYYY-MM-DD
+    const [year, month, day] = dateContent.split('-');
+    // Return in ABAP format: 'YYYYMMDD'
+    return `'${year}${month}${day}'`;
+  });
+}
+
+/**
+ * Validate package name format
+ * @param {string} packageName - ABAP package name
+ * @returns {boolean} True if valid
+ */
+function isValidPackageName(packageName) {
+  if (!packageName) return false;
+  // Package names: $PACKAGE or ZPACKAGE (can contain _ and alphanumeric)
+  return /^(\$|Z|Y)[A-Z0-9_]{0,29}$/i.test(packageName);
+}
+
+/**
+ * Validate object name format
+ * @param {string} objectName - ABAP object name
+ * @returns {boolean} True if valid
+ */
+function isValidObjectName(objectName) {
+  if (!objectName) return false;
+  // Object names: up to 30 characters, alphanumeric + underscore
+  return /^[A-Z0-9_/]{1,30}$/i.test(objectName);
+}
+
+/**
+ * Parse file path to extract object type and name
+ * @param {string} filePath - File path (e.g., "src/zcl_my_class.clas.abap")
+ * @returns {object|null} {type, name} or null if invalid
+ */
+function parseObjectFromFile(filePath) {
+  const fileName = filePath.split('/').pop();
+
+  // Match patterns: zcl_class.clas.abap, zif_intf.intf.abap, etc.
+  const match = fileName.match(/^([a-z0-9_]+)\.(clas|intf|prog|fugr|ddls|tabl|dtel|ttyp|stru)\..*$/i);
+
+  if (!match) return null;
+
+  return {
+    name: match[1].toUpperCase(),
+    type: match[2].toUpperCase()
+  };
+}
+
+module.exports = {
+  convertDatesInWhereClause,
+  isValidPackageName,
+  isValidObjectName,
+  parseObjectFromFile
+};