catalyst-relay 0.2.1 → 0.2.2

package/README.md

@@ -270,9 +270,9 @@ if (!error) {
 ```typescript
 const [data, error] = await client.previewData({
     objectName: 'T000',
-    columns: ['MANDT', 'MTEXT'],
-    limit: 10,
-    where: "MANDT = '100'"
+    objectType: 'table',
+    sqlQuery: "SELECT MANDT, MTEXT FROM T000 WHERE MANDT = '100'",
+    limit: 10
 });
 ```
 
@@ -327,7 +327,8 @@ curl -X POST http://localhost:3000/preview/data \
   -H "x-session-id: abc123" \
   -d '{
     "objectName": "T000",
-    "columns": ["MANDT", "MTEXT"],
+    "objectType": "table",
+    "sqlQuery": "SELECT MANDT, MTEXT FROM T000 WHERE MANDT = '\''100'\''",
     "limit": 10
   }'
 ```

package/dist/index.d.mts

@@ -113,30 +113,10 @@ interface PreviewQuery {
     objectName: string;
     /** Object type ('table' or 'view') */
     objectType: 'table' | 'view';
-    /** WHERE clause filters */
-    filters?: Filter[];
-    /** ORDER BY columns */
-    orderBy?: OrderBy[];
+    /** SQL query to execute */
+    sqlQuery: string;
     /** Maximum rows to return (default: 100) */
     limit?: number;
-    /** Row offset for pagination */
-    offset?: number;
-}
-/**
- * Filter condition for data preview
- */
-interface Filter {
-    column: string;
-    operator: FilterOperator;
-    value: string | number | boolean | null;
-}
-type FilterOperator = 'eq' | 'ne' | 'gt' | 'ge' | 'lt' | 'le' | 'like' | 'in';
-/**
- * Sort specification for data preview
- */
-interface OrderBy {
-    column: string;
-    direction: 'asc' | 'desc';
 }
 
 /**
@@ -464,4 +444,4 @@ interface ADTClient {
 }
 declare function createClient(config: ClientConfig): Result<ADTClient, Error>;
 
-export { type ADTClient, type ActivationMessage, type ActivationResult, type ApiResponse, type AsyncResult, type AuthConfig, type AuthType, type BasicAuthConfig, type ClientConfig, type ColumnInfo, type DataFrame, type Dependency, type DiffResult, type DistinctResult, type ErrorCode, type ErrorResponse, type Filter, type FilterOperator, type ObjectConfig, type ObjectContent, type ObjectMetadata, type ObjectRef, type ObjectWithContent, type OrderBy, type Package, type PreviewQuery, type Result, type SamlAuthConfig, type SearchResult, type Session, type SsoAuthConfig, type SuccessResponse, type Transport, type TransportConfig, type TreeNode, type TreeQuery, type UpsertResult, createClient, err, ok };
+export { type ADTClient, type ActivationMessage, type ActivationResult, type ApiResponse, type AsyncResult, type AuthConfig, type AuthType, type BasicAuthConfig, type ClientConfig, type ColumnInfo, type DataFrame, type Dependency, type DiffResult, type DistinctResult, type ErrorCode, type ErrorResponse, type ObjectConfig, type ObjectContent, type ObjectMetadata, type ObjectRef, type ObjectWithContent, type Package, type PreviewQuery, type Result, type SamlAuthConfig, type SearchResult, type Session, type SsoAuthConfig, type SuccessResponse, type Transport, type TransportConfig, type TreeNode, type TreeQuery, type UpsertResult, createClient, err, ok };

package/dist/index.d.ts

@@ -113,30 +113,10 @@ interface PreviewQuery {
     objectName: string;
     /** Object type ('table' or 'view') */
     objectType: 'table' | 'view';
-    /** WHERE clause filters */
-    filters?: Filter[];
-    /** ORDER BY columns */
-    orderBy?: OrderBy[];
+    /** SQL query to execute */
+    sqlQuery: string;
     /** Maximum rows to return (default: 100) */
     limit?: number;
-    /** Row offset for pagination */
-    offset?: number;
-}
-/**
- * Filter condition for data preview
- */
-interface Filter {
-    column: string;
-    operator: FilterOperator;
-    value: string | number | boolean | null;
-}
-type FilterOperator = 'eq' | 'ne' | 'gt' | 'ge' | 'lt' | 'le' | 'like' | 'in';
-/**
- * Sort specification for data preview
- */
-interface OrderBy {
-    column: string;
-    direction: 'asc' | 'desc';
 }
 
 /**
@@ -464,4 +444,4 @@ interface ADTClient {
 }
 declare function createClient(config: ClientConfig): Result<ADTClient, Error>;
 
-export { type ADTClient, type ActivationMessage, type ActivationResult, type ApiResponse, type AsyncResult, type AuthConfig, type AuthType, type BasicAuthConfig, type ClientConfig, type ColumnInfo, type DataFrame, type Dependency, type DiffResult, type DistinctResult, type ErrorCode, type ErrorResponse, type Filter, type FilterOperator, type ObjectConfig, type ObjectContent, type ObjectMetadata, type ObjectRef, type ObjectWithContent, type OrderBy, type Package, type PreviewQuery, type Result, type SamlAuthConfig, type SearchResult, type Session, type SsoAuthConfig, type SuccessResponse, type Transport, type TransportConfig, type TreeNode, type TreeQuery, type UpsertResult, createClient, err, ok };
+export { type ADTClient, type ActivationMessage, type ActivationResult, type ApiResponse, type AsyncResult, type AuthConfig, type AuthType, type BasicAuthConfig, type ClientConfig, type ColumnInfo, type DataFrame, type Dependency, type DiffResult, type DistinctResult, type ErrorCode, type ErrorResponse, type ObjectConfig, type ObjectContent, type ObjectMetadata, type ObjectRef, type ObjectWithContent, type Package, type PreviewQuery, type Result, type SamlAuthConfig, type SearchResult, type Session, type SsoAuthConfig, type SuccessResponse, type Transport, type TransportConfig, type TreeNode, type TreeQuery, type UpsertResult, createClient, err, ok };

package/dist/index.js

@@ -125,93 +125,6 @@ function dictToAbapXml(data, root = "DATA") {
 </asx:abap>`;
 }
 
-// src/core/utils/sql.ts
-var SqlValidationError = class extends Error {
-  constructor(message) {
-    super(message);
-    this.name = "SqlValidationError";
-  }
-};
-function validateSqlInput(input, maxLength = 1e4) {
-  if (typeof input !== "string") {
-    return err(new SqlValidationError("Input must be a string"));
-  }
-  if (input.length > maxLength) {
-    return err(new SqlValidationError(`Input exceeds maximum length of ${maxLength}`));
-  }
-  const dangerousPatterns = [
-    {
-      pattern: /\b(DROP|DELETE|INSERT|UPDATE|ALTER|CREATE|TRUNCATE)\s+/i,
-      description: "DDL/DML keywords (DROP, DELETE, INSERT, etc.)"
-    },
-    {
-      pattern: /;[\s]*\w/,
-      description: "Statement termination followed by another statement"
-    },
-    {
-      pattern: /--[\s]*\w/,
-      description: "SQL comments with content"
-    },
-    {
-      pattern: /\/\*.*?\*\//,
-      description: "Block comments"
-    },
-    {
-      pattern: /\bEXEC(UTE)?\s*\(/i,
-      description: "Procedure execution"
-    },
-    {
-      pattern: /\bSP_\w+/i,
-      description: "Stored procedures"
-    },
-    {
-      pattern: /\bXP_\w+/i,
-      description: "Extended stored procedures"
-    },
-    {
-      pattern: /\bUNION\s+(ALL\s+)?SELECT/i,
-      description: "Union-based injection"
-    },
-    {
-      pattern: /@@\w+/,
-      description: "System variables"
-    },
-    {
-      pattern: /\bDECLARE\s+@/i,
-      description: "Variable declarations"
-    },
-    {
-      pattern: /\bCAST\s*\(/i,
-      description: "Type casting"
-    },
-    {
-      pattern: /\bCONVERT\s*\(/i,
-      description: "Type conversion"
-    }
-  ];
-  for (const { pattern, description } of dangerousPatterns) {
-    if (pattern.test(input)) {
-      return err(new SqlValidationError(
-        `Input contains potentially dangerous SQL pattern: ${description}`
-      ));
-    }
-  }
-  const specialCharMatches = input.match(/[;'"\\]/g);
-  const specialCharCount = specialCharMatches ? specialCharMatches.length : 0;
-  if (specialCharCount > 5) {
-    return err(new SqlValidationError("Input contains excessive special characters"));
-  }
-  const singleQuoteCount = (input.match(/'/g) || []).length;
-  if (singleQuoteCount % 2 !== 0) {
-    return err(new SqlValidationError("Unbalanced single quotes detected"));
-  }
-  const doubleQuoteCount = (input.match(/"/g) || []).length;
-  if (doubleQuoteCount % 2 !== 0) {
-    return err(new SqlValidationError("Unbalanced double quotes detected"));
-  }
-  return ok(true);
-}
-
 // src/core/utils/csrf.ts
 var FETCH_CSRF_TOKEN = "fetch";
 var CSRF_TOKEN_HEADER = "x-csrf-token";
@@ -958,63 +871,6 @@ function extractTransports(xml) {
   return ok(transports);
 }
 
-// src/core/adt/queryBuilder.ts
-function buildWhereClauses(filters) {
-  if (!filters || filters.length === 0) {
-    return "";
-  }
-  const clauses = filters.map((filter) => {
-    const { column, operator, value } = filter;
-    switch (operator) {
-      case "eq":
-        return `${column} = ${formatValue(value)}`;
-      case "ne":
-        return `${column} != ${formatValue(value)}`;
-      case "gt":
-        return `${column} > ${formatValue(value)}`;
-      case "ge":
-        return `${column} >= ${formatValue(value)}`;
-      case "lt":
-        return `${column} < ${formatValue(value)}`;
-      case "le":
-        return `${column} <= ${formatValue(value)}`;
-      case "like":
-        return `${column} LIKE ${formatValue(value)}`;
-      case "in":
-        if (Array.isArray(value)) {
-          const values = value.map((v) => formatValue(v)).join(", ");
-          return `${column} IN (${values})`;
-        }
-        return `${column} IN (${formatValue(value)})`;
-      default:
-        return "";
-    }
-  }).filter((c) => c);
-  if (clauses.length === 0) {
-    return "";
-  }
-  return ` WHERE ${clauses.join(" AND ")}`;
-}
-function buildOrderByClauses(orderBy) {
-  if (!orderBy || orderBy.length === 0) {
-    return "";
-  }
-  const clauses = orderBy.map((o) => `${o.column} ${o.direction.toUpperCase()}`);
-  return ` ORDER BY ${clauses.join(", ")}`;
-}
-function formatValue(value) {
-  if (value === null) {
-    return "NULL";
-  }
-  if (typeof value === "string") {
-    return `'${value.replace(/'/g, "''")}'`;
-  }
-  if (typeof value === "boolean") {
-    return value ? "1" : "0";
-  }
-  return String(value);
-}
-
 // src/core/adt/previewParser.ts
 function parseDataPreview(xml, maxRows, isTable) {
   const [doc, parseErr] = safeParseXml(xml);
@@ -1033,10 +889,18 @@ function parseDataPreview(xml, maxRows, isTable) {
     if (!name || !dataType) continue;
     columns.push({ name, dataType });
   }
+  const dataSetElements = doc.getElementsByTagNameNS(namespace, "dataSet");
+  if (columns.length === 0 && dataSetElements.length > 0) {
+    for (let i = 0; i < dataSetElements.length; i++) {
+      const dataSet = dataSetElements[i];
+      if (!dataSet) continue;
+      const name = dataSet.getAttributeNS(namespace, "columnName") || dataSet.getAttribute("columnName") || `column${i}`;
+      columns.push({ name, dataType: "unknown" });
+    }
+  }
   if (columns.length === 0) {
-    return err(new Error("No columns found in preview response"));
+    return ok({ columns: [], rows: [], totalRows: 0 });
   }
-  const dataSetElements = doc.getElementsByTagNameNS(namespace, "dataSet");
   const columnData = Array.from({ length: columns.length }, () => []);
   for (let i = 0; i < dataSetElements.length; i++) {
     const dataSet = dataSetElements[i];
@@ -1066,23 +930,16 @@ function parseDataPreview(xml, maxRows, isTable) {
   return ok(dataFrame);
 }
 
-// src/core/adt/data.ts
+// src/core/adt/dataPreview.ts
 async function previewData(client, query) {
   const extension = query.objectType === "table" ? "astabldt" : "asddls";
   const config = getConfigByExtension(extension);
-  if (!config || !config.dpEndpoint || !config.dpParam) {
+  if (!config?.dpEndpoint || !config?.dpParam) {
     return err(new Error(`Data preview not supported for object type: ${query.objectType}`));
   }
   const limit = query.limit ?? 100;
-  const whereClauses = buildWhereClauses(query.filters);
-  const orderByClauses = buildOrderByClauses(query.orderBy);
-  const sqlQuery = `select * from ${query.objectName}${whereClauses}${orderByClauses}`;
-  const [, validationErr] = validateSqlInput(sqlQuery);
-  if (validationErr) {
-    return err(new Error(`SQL validation failed: ${validationErr.message}`));
-  }
   debug(`Data preview: endpoint=${config.dpEndpoint}, param=${config.dpParam}=${query.objectName}`);
-  debug(`SQL: ${sqlQuery}`);
+  debug(`SQL: ${query.sqlQuery}`);
   const [response, requestErr] = await client.request({
     method: "POST",
     path: `/sap/bc/adt/datapreview/${config.dpEndpoint}`,
@@ -1094,7 +951,7 @@ async function previewData(client, query) {
       "Accept": "application/vnd.sap.adt.datapreview.table.v1+xml",
       "Content-Type": "text/plain"
     },
-    body: sqlQuery
+    body: query.sqlQuery
   });
   if (requestErr) {
     return err(requestErr);
@@ -1116,109 +973,41 @@ async function previewData(client, query) {
 // src/core/adt/distinct.ts
 var MAX_ROW_COUNT = 5e4;
 async function getDistinctValues(client, objectName, column, objectType = "view") {
-  const extension = objectType === "table" ? "astabldt" : "asddls";
-  const config = getConfigByExtension(extension);
-  if (!config || !config.dpEndpoint || !config.dpParam) {
-    return err(new Error(`Data preview not supported for object type: ${objectType}`));
-  }
   const columnName = column.toUpperCase();
   const sqlQuery = `SELECT ${columnName} AS value, COUNT(*) AS count FROM ${objectName} GROUP BY ${columnName}`;
-  const [, validationErr] = validateSqlInput(sqlQuery);
-  if (validationErr) {
-    return err(new Error(`SQL validation failed: ${validationErr.message}`));
-  }
-  const [response, requestErr] = await client.request({
-    method: "POST",
-    path: `/sap/bc/adt/datapreview/${config.dpEndpoint}`,
-    params: {
-      "rowNumber": MAX_ROW_COUNT,
-      [config.dpParam]: objectName
-    },
-    headers: {
-      "Accept": "application/vnd.sap.adt.datapreview.table.v1+xml"
-    },
-    body: sqlQuery
+  const [dataFrame, error] = await previewData(client, {
+    objectName,
+    objectType,
+    sqlQuery,
+    limit: MAX_ROW_COUNT
   });
-  if (requestErr) {
-    return err(requestErr);
+  if (error) {
+    return err(new Error(`Distinct values query failed: ${error.message}`));
   }
-  if (!response.ok) {
-    const text2 = await response.text();
-    const errorMsg = extractError(text2);
-    return err(new Error(`Distinct values query failed: ${errorMsg}`));
-  }
-  const text = await response.text();
-  const [doc, parseErr] = safeParseXml(text);
-  if (parseErr) {
-    return err(parseErr);
-  }
-  const dataSets = doc.getElementsByTagNameNS("http://www.sap.com/adt/dataPreview", "dataSet");
-  const values = [];
-  for (let i = 0; i < dataSets.length; i++) {
-    const dataSet = dataSets[i];
-    if (!dataSet) continue;
-    const dataElements = dataSet.getElementsByTagNameNS("http://www.sap.com/adt/dataPreview", "data");
-    if (dataElements.length < 2) continue;
-    const value = dataElements[0]?.textContent ?? "";
-    const countText = dataElements[1]?.textContent?.trim() ?? "0";
-    values.push({
-      value,
-      count: parseInt(countText, 10)
-    });
-  }
-  const result = {
-    column,
-    values
-  };
-  return ok(result);
+  const values = dataFrame.rows.map((row) => ({
+    value: row[0],
+    count: parseInt(String(row[1]), 10)
+  }));
+  return ok({ column, values });
 }
 
 // src/core/adt/count.ts
 async function countRows(client, objectName, objectType) {
-  const extension = objectType === "table" ? "astabldt" : "asddls";
-  const config = getConfigByExtension(extension);
-  if (!config || !config.dpEndpoint || !config.dpParam) {
-    return err(new Error(`Data preview not supported for object type: ${objectType}`));
-  }
   const sqlQuery = `SELECT COUNT(*) AS count FROM ${objectName}`;
-  const [, validationErr] = validateSqlInput(sqlQuery);
-  if (validationErr) {
-    return err(new Error(`SQL validation failed: ${validationErr.message}`));
-  }
-  const [response, requestErr] = await client.request({
-    method: "POST",
-    path: `/sap/bc/adt/datapreview/${config.dpEndpoint}`,
-    params: {
-      "rowNumber": 1,
-      [config.dpParam]: objectName
-    },
-    headers: {
-      "Accept": "application/vnd.sap.adt.datapreview.table.v1+xml"
-    },
-    body: sqlQuery
+  const [dataFrame, error] = await previewData(client, {
+    objectName,
+    objectType,
+    sqlQuery,
+    limit: 1
   });
-  if (requestErr) {
-    return err(requestErr);
-  }
-  if (!response.ok) {
-    const text2 = await response.text();
-    const errorMsg = extractError(text2);
-    return err(new Error(`Row count query failed: ${errorMsg}`));
+  if (error) {
+    return err(new Error(`Row count query failed: ${error.message}`));
   }
-  const text = await response.text();
-  const [doc, parseErr] = safeParseXml(text);
-  if (parseErr) {
-    return err(parseErr);
-  }
-  const dataElements = doc.getElementsByTagNameNS("http://www.sap.com/adt/dataPreview", "data");
-  if (dataElements.length === 0) {
+  const countValue = dataFrame.rows[0]?.[0];
+  if (countValue === void 0) {
     return err(new Error("No count value returned"));
   }
-  const countText = dataElements[0]?.textContent?.trim();
-  if (!countText) {
-    return err(new Error("Empty count value returned"));
-  }
-  const count = parseInt(countText, 10);
+  const count = parseInt(String(countValue), 10);
   if (isNaN(count)) {
     return err(new Error("Invalid count value returned"));
   }