npm - catalyst-relay - Versions diffs - 0.2.1 → 0.2.2 - Mend

catalyst-relay 0.2.1 → 0.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/dist/index.mjs CHANGED Viewed

@@ -94,93 +94,6 @@ function dictToAbapXml(data, root = "DATA") {
 </asx:abap>`;
 }
-// src/core/utils/sql.ts
-var SqlValidationError = class extends Error {
-  constructor(message) {
-    super(message);
-    this.name = "SqlValidationError";
-  }
-};
-function validateSqlInput(input, maxLength = 1e4) {
-  if (typeof input !== "string") {
-    return err(new SqlValidationError("Input must be a string"));
-  }
-  if (input.length > maxLength) {
-    return err(new SqlValidationError(`Input exceeds maximum length of ${maxLength}`));
-  }
-  const dangerousPatterns = [
-    {
-      pattern: /\b(DROP|DELETE|INSERT|UPDATE|ALTER|CREATE|TRUNCATE)\s+/i,
-      description: "DDL/DML keywords (DROP, DELETE, INSERT, etc.)"
-    },
-    {
-      pattern: /;[\s]*\w/,
-      description: "Statement termination followed by another statement"
-    },
-    {
-      pattern: /--[\s]*\w/,
-      description: "SQL comments with content"
-    },
-    {
-      pattern: /\/\*.*?\*\//,
-      description: "Block comments"
-    },
-    {
-      pattern: /\bEXEC(UTE)?\s*\(/i,
-      description: "Procedure execution"
-    },
-    {
-      pattern: /\bSP_\w+/i,
-      description: "Stored procedures"
-    },
-    {
-      pattern: /\bXP_\w+/i,
-      description: "Extended stored procedures"
-    },
-    {
-      pattern: /\bUNION\s+(ALL\s+)?SELECT/i,
-      description: "Union-based injection"
-    },
-    {
-      pattern: /@@\w+/,
-      description: "System variables"
-    },
-    {
-      pattern: /\bDECLARE\s+@/i,
-      description: "Variable declarations"
-    },
-    {
-      pattern: /\bCAST\s*\(/i,
-      description: "Type casting"
-    },
-    {
-      pattern: /\bCONVERT\s*\(/i,
-      description: "Type conversion"
-    }
-  ];
-  for (const { pattern, description } of dangerousPatterns) {
-    if (pattern.test(input)) {
-      return err(new SqlValidationError(
-        `Input contains potentially dangerous SQL pattern: ${description}`
-      ));
-    }
-  }
-  const specialCharMatches = input.match(/[;'"\\]/g);
-  const specialCharCount = specialCharMatches ? specialCharMatches.length : 0;
-  if (specialCharCount > 5) {
-    return err(new SqlValidationError("Input contains excessive special characters"));
-  }
-  const singleQuoteCount = (input.match(/'/g) || []).length;
-  if (singleQuoteCount % 2 !== 0) {
-    return err(new SqlValidationError("Unbalanced single quotes detected"));
-  }
-  const doubleQuoteCount = (input.match(/"/g) || []).length;
-  if (doubleQuoteCount % 2 !== 0) {
-    return err(new SqlValidationError("Unbalanced double quotes detected"));
-  }
-  return ok(true);
-}
 // src/core/utils/csrf.ts
 var FETCH_CSRF_TOKEN = "fetch";
 var CSRF_TOKEN_HEADER = "x-csrf-token";
@@ -927,63 +840,6 @@ function extractTransports(xml) {
   return ok(transports);
 }
-// src/core/adt/queryBuilder.ts
-function buildWhereClauses(filters) {
-  if (!filters || filters.length === 0) {
-    return "";
-  }
-  const clauses = filters.map((filter) => {
-    const { column, operator, value } = filter;
-    switch (operator) {
-      case "eq":
-        return `${column} = ${formatValue(value)}`;
-      case "ne":
-        return `${column} != ${formatValue(value)}`;
-      case "gt":
-        return `${column} > ${formatValue(value)}`;
-      case "ge":
-        return `${column} >= ${formatValue(value)}`;
-      case "lt":
-        return `${column} < ${formatValue(value)}`;
-      case "le":
-        return `${column} <= ${formatValue(value)}`;
-      case "like":
-        return `${column} LIKE ${formatValue(value)}`;
-      case "in":
-        if (Array.isArray(value)) {
-          const values = value.map((v) => formatValue(v)).join(", ");
-          return `${column} IN (${values})`;
-        }
-        return `${column} IN (${formatValue(value)})`;
-      default:
-        return "";
-    }
-  }).filter((c) => c);
-  if (clauses.length === 0) {
-    return "";
-  }
-  return ` WHERE ${clauses.join(" AND ")}`;
-}
-function buildOrderByClauses(orderBy) {
-  if (!orderBy || orderBy.length === 0) {
-    return "";
-  }
-  const clauses = orderBy.map((o) => `${o.column} ${o.direction.toUpperCase()}`);
-  return ` ORDER BY ${clauses.join(", ")}`;
-}
-function formatValue(value) {
-  if (value === null) {
-    return "NULL";
-  }
-  if (typeof value === "string") {
-    return `'${value.replace(/'/g, "''")}'`;
-  }
-  if (typeof value === "boolean") {
-    return value ? "1" : "0";
-  }
-  return String(value);
-}
 // src/core/adt/previewParser.ts
 function parseDataPreview(xml, maxRows, isTable) {
   const [doc, parseErr] = safeParseXml(xml);
@@ -1002,10 +858,18 @@ function parseDataPreview(xml, maxRows, isTable) {
     if (!name || !dataType) continue;
     columns.push({ name, dataType });
   }
+  const dataSetElements = doc.getElementsByTagNameNS(namespace, "dataSet");
+  if (columns.length === 0 && dataSetElements.length > 0) {
+    for (let i = 0; i < dataSetElements.length; i++) {
+      const dataSet = dataSetElements[i];
+      if (!dataSet) continue;
+      const name = dataSet.getAttributeNS(namespace, "columnName") || dataSet.getAttribute("columnName") || `column${i}`;
+      columns.push({ name, dataType: "unknown" });
+    }
+  }
   if (columns.length === 0) {
-    return err(new Error("No columns found in preview response"));
+    return ok({ columns: [], rows: [], totalRows: 0 });
   }
-  const dataSetElements = doc.getElementsByTagNameNS(namespace, "dataSet");
   const columnData = Array.from({ length: columns.length }, () => []);
   for (let i = 0; i < dataSetElements.length; i++) {
     const dataSet = dataSetElements[i];
@@ -1035,23 +899,16 @@ function parseDataPreview(xml, maxRows, isTable) {
   return ok(dataFrame);
 }
-// src/core/adt/data.ts
+// src/core/adt/dataPreview.ts
 async function previewData(client, query) {
   const extension = query.objectType === "table" ? "astabldt" : "asddls";
   const config = getConfigByExtension(extension);
-  if (!config || !config.dpEndpoint || !config.dpParam) {
+  if (!config?.dpEndpoint || !config?.dpParam) {
     return err(new Error(`Data preview not supported for object type: ${query.objectType}`));
   }
   const limit = query.limit ?? 100;
-  const whereClauses = buildWhereClauses(query.filters);
-  const orderByClauses = buildOrderByClauses(query.orderBy);
-  const sqlQuery = `select * from ${query.objectName}${whereClauses}${orderByClauses}`;
-  const [, validationErr] = validateSqlInput(sqlQuery);
-  if (validationErr) {
-    return err(new Error(`SQL validation failed: ${validationErr.message}`));
-  }
   debug(`Data preview: endpoint=${config.dpEndpoint}, param=${config.dpParam}=${query.objectName}`);
-  debug(`SQL: ${sqlQuery}`);
+  debug(`SQL: ${query.sqlQuery}`);
   const [response, requestErr] = await client.request({
     method: "POST",
     path: `/sap/bc/adt/datapreview/${config.dpEndpoint}`,
@@ -1063,7 +920,7 @@ async function previewData(client, query) {
       "Accept": "application/vnd.sap.adt.datapreview.table.v1+xml",
       "Content-Type": "text/plain"
     },
-    body: sqlQuery
+    body: query.sqlQuery
   });
   if (requestErr) {
     return err(requestErr);
@@ -1085,109 +942,41 @@ async function previewData(client, query) {
 // src/core/adt/distinct.ts
 var MAX_ROW_COUNT = 5e4;
 async function getDistinctValues(client, objectName, column, objectType = "view") {
-  const extension = objectType === "table" ? "astabldt" : "asddls";
-  const config = getConfigByExtension(extension);
-  if (!config || !config.dpEndpoint || !config.dpParam) {
-    return err(new Error(`Data preview not supported for object type: ${objectType}`));
-  }
   const columnName = column.toUpperCase();
   const sqlQuery = `SELECT ${columnName} AS value, COUNT(*) AS count FROM ${objectName} GROUP BY ${columnName}`;
-  const [, validationErr] = validateSqlInput(sqlQuery);
-  if (validationErr) {
-    return err(new Error(`SQL validation failed: ${validationErr.message}`));
-  }
-  const [response, requestErr] = await client.request({
-    method: "POST",
-    path: `/sap/bc/adt/datapreview/${config.dpEndpoint}`,
-    params: {
-      "rowNumber": MAX_ROW_COUNT,
-      [config.dpParam]: objectName
-    },
-    headers: {
-      "Accept": "application/vnd.sap.adt.datapreview.table.v1+xml"
-    },
-    body: sqlQuery
+  const [dataFrame, error] = await previewData(client, {
+    objectName,
+    objectType,
+    sqlQuery,
+    limit: MAX_ROW_COUNT
   });
-  if (requestErr) {
-    return err(requestErr);
+  if (error) {
+    return err(new Error(`Distinct values query failed: ${error.message}`));
   }
-  if (!response.ok) {
-    const text2 = await response.text();
-    const errorMsg = extractError(text2);
-    return err(new Error(`Distinct values query failed: ${errorMsg}`));
-  }
-  const text = await response.text();
-  const [doc, parseErr] = safeParseXml(text);
-  if (parseErr) {
-    return err(parseErr);
-  }
-  const dataSets = doc.getElementsByTagNameNS("http://www.sap.com/adt/dataPreview", "dataSet");
-  const values = [];
-  for (let i = 0; i < dataSets.length; i++) {
-    const dataSet = dataSets[i];
-    if (!dataSet) continue;
-    const dataElements = dataSet.getElementsByTagNameNS("http://www.sap.com/adt/dataPreview", "data");
-    if (dataElements.length < 2) continue;
-    const value = dataElements[0]?.textContent ?? "";
-    const countText = dataElements[1]?.textContent?.trim() ?? "0";
-    values.push({
-      value,
-      count: parseInt(countText, 10)
-    });
-  }
-  const result = {
-    column,
-    values
-  };
-  return ok(result);
+  const values = dataFrame.rows.map((row) => ({
+    value: row[0],
+    count: parseInt(String(row[1]), 10)
+  }));
+  return ok({ column, values });
 }
 // src/core/adt/count.ts
 async function countRows(client, objectName, objectType) {
-  const extension = objectType === "table" ? "astabldt" : "asddls";
-  const config = getConfigByExtension(extension);
-  if (!config || !config.dpEndpoint || !config.dpParam) {
-    return err(new Error(`Data preview not supported for object type: ${objectType}`));
-  }
   const sqlQuery = `SELECT COUNT(*) AS count FROM ${objectName}`;
-  const [, validationErr] = validateSqlInput(sqlQuery);
-  if (validationErr) {
-    return err(new Error(`SQL validation failed: ${validationErr.message}`));
-  }
-  const [response, requestErr] = await client.request({
-    method: "POST",
-    path: `/sap/bc/adt/datapreview/${config.dpEndpoint}`,
-    params: {
-      "rowNumber": 1,
-      [config.dpParam]: objectName
-    },
-    headers: {
-      "Accept": "application/vnd.sap.adt.datapreview.table.v1+xml"
-    },
-    body: sqlQuery
+  const [dataFrame, error] = await previewData(client, {
+    objectName,
+    objectType,
+    sqlQuery,
+    limit: 1
   });
-  if (requestErr) {
-    return err(requestErr);
-  }
-  if (!response.ok) {
-    const text2 = await response.text();
-    const errorMsg = extractError(text2);
-    return err(new Error(`Row count query failed: ${errorMsg}`));
+  if (error) {
+    return err(new Error(`Row count query failed: ${error.message}`));
   }
-  const text = await response.text();
-  const [doc, parseErr] = safeParseXml(text);
-  if (parseErr) {
-    return err(parseErr);
-  }
-  const dataElements = doc.getElementsByTagNameNS("http://www.sap.com/adt/dataPreview", "data");
-  if (dataElements.length === 0) {
+  const countValue = dataFrame.rows[0]?.[0];
+  if (countValue === void 0) {
     return err(new Error("No count value returned"));
   }
-  const countText = dataElements[0]?.textContent?.trim();
-  if (!countText) {
-    return err(new Error("Empty count value returned"));
-  }
-  const count = parseInt(countText, 10);
+  const count = parseInt(String(countValue), 10);
   if (isNaN(count)) {
     return err(new Error("Invalid count value returned"));
   }