catalyst-relay 0.2.1 → 0.2.4

package/dist/index.mjs

@@ -94,93 +94,6 @@ function dictToAbapXml(data, root = "DATA") {
 </asx:abap>`;
 }
 
-// src/core/utils/sql.ts
-var SqlValidationError = class extends Error {
-  constructor(message) {
-    super(message);
-    this.name = "SqlValidationError";
-  }
-};
-function validateSqlInput(input, maxLength = 1e4) {
-  if (typeof input !== "string") {
-    return err(new SqlValidationError("Input must be a string"));
-  }
-  if (input.length > maxLength) {
-    return err(new SqlValidationError(`Input exceeds maximum length of ${maxLength}`));
-  }
-  const dangerousPatterns = [
-    {
-      pattern: /\b(DROP|DELETE|INSERT|UPDATE|ALTER|CREATE|TRUNCATE)\s+/i,
-      description: "DDL/DML keywords (DROP, DELETE, INSERT, etc.)"
-    },
-    {
-      pattern: /;[\s]*\w/,
-      description: "Statement termination followed by another statement"
-    },
-    {
-      pattern: /--[\s]*\w/,
-      description: "SQL comments with content"
-    },
-    {
-      pattern: /\/\*.*?\*\//,
-      description: "Block comments"
-    },
-    {
-      pattern: /\bEXEC(UTE)?\s*\(/i,
-      description: "Procedure execution"
-    },
-    {
-      pattern: /\bSP_\w+/i,
-      description: "Stored procedures"
-    },
-    {
-      pattern: /\bXP_\w+/i,
-      description: "Extended stored procedures"
-    },
-    {
-      pattern: /\bUNION\s+(ALL\s+)?SELECT/i,
-      description: "Union-based injection"
-    },
-    {
-      pattern: /@@\w+/,
-      description: "System variables"
-    },
-    {
-      pattern: /\bDECLARE\s+@/i,
-      description: "Variable declarations"
-    },
-    {
-      pattern: /\bCAST\s*\(/i,
-      description: "Type casting"
-    },
-    {
-      pattern: /\bCONVERT\s*\(/i,
-      description: "Type conversion"
-    }
-  ];
-  for (const { pattern, description } of dangerousPatterns) {
-    if (pattern.test(input)) {
-      return err(new SqlValidationError(
-        `Input contains potentially dangerous SQL pattern: ${description}`
-      ));
-    }
-  }
-  const specialCharMatches = input.match(/[;'"\\]/g);
-  const specialCharCount = specialCharMatches ? specialCharMatches.length : 0;
-  if (specialCharCount > 5) {
-    return err(new SqlValidationError("Input contains excessive special characters"));
-  }
-  const singleQuoteCount = (input.match(/'/g) || []).length;
-  if (singleQuoteCount % 2 !== 0) {
-    return err(new SqlValidationError("Unbalanced single quotes detected"));
-  }
-  const doubleQuoteCount = (input.match(/"/g) || []).length;
-  if (doubleQuoteCount % 2 !== 0) {
-    return err(new SqlValidationError("Unbalanced double quotes detected"));
-  }
-  return ok(true);
-}
-
 // src/core/utils/csrf.ts
 var FETCH_CSRF_TOKEN = "fetch";
 var CSRF_TOKEN_HEADER = "x-csrf-token";
@@ -460,7 +373,7 @@ function requireConfig(extension) {
   return [config, null];
 }
 
-// src/core/adt/read.ts
+// src/core/adt/craud/read.ts
 async function readObject(client, object) {
   const [config, configErr] = requireConfig(object.extension);
   if (configErr) return err(configErr);
@@ -484,7 +397,7 @@ async function readObject(client, object) {
   return ok(result);
 }
 
-// src/core/adt/lock.ts
+// src/core/adt/craud/lock.ts
 async function lockObject(client, object) {
   const [config, configErr] = requireConfig(object.extension);
   if (configErr) return err(configErr);
@@ -532,7 +445,7 @@ async function unlockObject(client, object, lockHandle) {
   return ok(void 0);
 }
 
-// src/core/adt/create.ts
+// src/core/adt/craud/create.ts
 async function createObject(client, object, packageName, transport, username) {
   const [config, configErr] = requireConfig(object.extension);
   if (configErr) return err(configErr);
@@ -569,7 +482,7 @@ async function createObject(client, object, packageName, transport, username) {
   return ok(void 0);
 }
 
-// src/core/adt/update.ts
+// src/core/adt/craud/update.ts
 async function updateObject(client, object, lockHandle, transport) {
   const [config, configErr] = requireConfig(object.extension);
   if (configErr) return err(configErr);
@@ -597,7 +510,7 @@ async function updateObject(client, object, lockHandle, transport) {
   return ok(void 0);
 }
 
-// src/core/adt/delete.ts
+// src/core/adt/craud/delete.ts
 async function deleteObject(client, object, lockHandle, transport) {
   const [config, configErr] = requireConfig(object.extension);
   if (configErr) return err(configErr);
@@ -622,7 +535,7 @@ async function deleteObject(client, object, lockHandle, transport) {
   return ok(void 0);
 }
 
-// src/core/adt/activation.ts
+// src/core/adt/craud/activation.ts
 async function activateObjects(client, objects) {
   if (objects.length === 0) {
     return ok([]);
@@ -732,7 +645,7 @@ function extractActivationErrors(objects, xml, _extension) {
   return ok(results);
 }
 
-// src/core/adt/tree.ts
+// src/core/adt/discovery/tree.ts
 async function getTree(client, query) {
   const internalQuery = {};
   if (query.package) {
@@ -849,7 +762,7 @@ function parseTreeResponse(xml) {
   return ok({ nodes, packages });
 }
 
-// src/core/adt/packages.ts
+// src/core/adt/discovery/packages.ts
 async function getPackages(client) {
   const [treeResult, treeErr] = await getTreeInternal(client, {}, "*");
   if (treeErr) {
@@ -858,7 +771,7 @@ async function getPackages(client) {
   return ok(treeResult.packages);
 }
 
-// src/core/adt/transports.ts
+// src/core/adt/transports/transports.ts
 async function getTransports(client, packageName) {
   const contentType = "application/vnd.sap.as+xml; charset=UTF-8; dataname=com.sap.adt.transport.service.checkData";
   const body = `<?xml version="1.0" encoding="UTF-8"?>
@@ -927,64 +840,7 @@ function extractTransports(xml) {
   return ok(transports);
 }
 
-// src/core/adt/queryBuilder.ts
-function buildWhereClauses(filters) {
-  if (!filters || filters.length === 0) {
-    return "";
-  }
-  const clauses = filters.map((filter) => {
-    const { column, operator, value } = filter;
-    switch (operator) {
-      case "eq":
-        return `${column} = ${formatValue(value)}`;
-      case "ne":
-        return `${column} != ${formatValue(value)}`;
-      case "gt":
-        return `${column} > ${formatValue(value)}`;
-      case "ge":
-        return `${column} >= ${formatValue(value)}`;
-      case "lt":
-        return `${column} < ${formatValue(value)}`;
-      case "le":
-        return `${column} <= ${formatValue(value)}`;
-      case "like":
-        return `${column} LIKE ${formatValue(value)}`;
-      case "in":
-        if (Array.isArray(value)) {
-          const values = value.map((v) => formatValue(v)).join(", ");
-          return `${column} IN (${values})`;
-        }
-        return `${column} IN (${formatValue(value)})`;
-      default:
-        return "";
-    }
-  }).filter((c) => c);
-  if (clauses.length === 0) {
-    return "";
-  }
-  return ` WHERE ${clauses.join(" AND ")}`;
-}
-function buildOrderByClauses(orderBy) {
-  if (!orderBy || orderBy.length === 0) {
-    return "";
-  }
-  const clauses = orderBy.map((o) => `${o.column} ${o.direction.toUpperCase()}`);
-  return ` ORDER BY ${clauses.join(", ")}`;
-}
-function formatValue(value) {
-  if (value === null) {
-    return "NULL";
-  }
-  if (typeof value === "string") {
-    return `'${value.replace(/'/g, "''")}'`;
-  }
-  if (typeof value === "boolean") {
-    return value ? "1" : "0";
-  }
-  return String(value);
-}
-
-// src/core/adt/previewParser.ts
+// src/core/adt/data_extraction/previewParser.ts
 function parseDataPreview(xml, maxRows, isTable) {
   const [doc, parseErr] = safeParseXml(xml);
   if (parseErr) {
@@ -1002,10 +858,18 @@ function parseDataPreview(xml, maxRows, isTable) {
     if (!name || !dataType) continue;
     columns.push({ name, dataType });
   }
+  const dataSetElements = doc.getElementsByTagNameNS(namespace, "dataSet");
+  if (columns.length === 0 && dataSetElements.length > 0) {
+    for (let i = 0; i < dataSetElements.length; i++) {
+      const dataSet = dataSetElements[i];
+      if (!dataSet) continue;
+      const name = dataSet.getAttributeNS(namespace, "columnName") || dataSet.getAttribute("columnName") || `column${i}`;
+      columns.push({ name, dataType: "unknown" });
+    }
+  }
   if (columns.length === 0) {
-    return err(new Error("No columns found in preview response"));
+    return ok({ columns: [], rows: [], totalRows: 0 });
   }
-  const dataSetElements = doc.getElementsByTagNameNS(namespace, "dataSet");
   const columnData = Array.from({ length: columns.length }, () => []);
   for (let i = 0; i < dataSetElements.length; i++) {
     const dataSet = dataSetElements[i];
@@ -1035,23 +899,16 @@ function parseDataPreview(xml, maxRows, isTable) {
   return ok(dataFrame);
 }
 
-// src/core/adt/data.ts
+// src/core/adt/data_extraction/dataPreview.ts
 async function previewData(client, query) {
   const extension = query.objectType === "table" ? "astabldt" : "asddls";
   const config = getConfigByExtension(extension);
-  if (!config || !config.dpEndpoint || !config.dpParam) {
+  if (!config?.dpEndpoint || !config?.dpParam) {
     return err(new Error(`Data preview not supported for object type: ${query.objectType}`));
   }
   const limit = query.limit ?? 100;
-  const whereClauses = buildWhereClauses(query.filters);
-  const orderByClauses = buildOrderByClauses(query.orderBy);
-  const sqlQuery = `select * from ${query.objectName}${whereClauses}${orderByClauses}`;
-  const [, validationErr] = validateSqlInput(sqlQuery);
-  if (validationErr) {
-    return err(new Error(`SQL validation failed: ${validationErr.message}`));
-  }
   debug(`Data preview: endpoint=${config.dpEndpoint}, param=${config.dpParam}=${query.objectName}`);
-  debug(`SQL: ${sqlQuery}`);
+  debug(`SQL: ${query.sqlQuery}`);
   const [response, requestErr] = await client.request({
     method: "POST",
     path: `/sap/bc/adt/datapreview/${config.dpEndpoint}`,
@@ -1063,7 +920,7 @@ async function previewData(client, query) {
       "Accept": "application/vnd.sap.adt.datapreview.table.v1+xml",
       "Content-Type": "text/plain"
     },
-    body: sqlQuery
+    body: query.sqlQuery
   });
   if (requestErr) {
     return err(requestErr);
@@ -1082,119 +939,123 @@ async function previewData(client, query) {
   return ok(dataFrame);
 }
 
-// src/core/adt/distinct.ts
-var MAX_ROW_COUNT = 5e4;
-async function getDistinctValues(client, objectName, column, objectType = "view") {
-  const extension = objectType === "table" ? "astabldt" : "asddls";
-  const config = getConfigByExtension(extension);
-  if (!config || !config.dpEndpoint || !config.dpParam) {
-    return err(new Error(`Data preview not supported for object type: ${objectType}`));
-  }
-  const columnName = column.toUpperCase();
-  const sqlQuery = `SELECT ${columnName} AS value, COUNT(*) AS count FROM ${objectName} GROUP BY ${columnName}`;
-  const [, validationErr] = validateSqlInput(sqlQuery);
-  if (validationErr) {
-    return err(new Error(`SQL validation failed: ${validationErr.message}`));
-  }
-  const [response, requestErr] = await client.request({
-    method: "POST",
-    path: `/sap/bc/adt/datapreview/${config.dpEndpoint}`,
-    params: {
-      "rowNumber": MAX_ROW_COUNT,
-      [config.dpParam]: objectName
-    },
-    headers: {
-      "Accept": "application/vnd.sap.adt.datapreview.table.v1+xml"
-    },
-    body: sqlQuery
-  });
-  if (requestErr) {
-    return err(requestErr);
-  }
-  if (!response.ok) {
-    const text2 = await response.text();
-    const errorMsg = extractError(text2);
-    return err(new Error(`Distinct values query failed: ${errorMsg}`));
-  }
-  const text = await response.text();
-  const [doc, parseErr] = safeParseXml(text);
-  if (parseErr) {
-    return err(parseErr);
-  }
-  const dataSets = doc.getElementsByTagNameNS("http://www.sap.com/adt/dataPreview", "dataSet");
-  const values = [];
-  for (let i = 0; i < dataSets.length; i++) {
-    const dataSet = dataSets[i];
-    if (!dataSet) continue;
-    const dataElements = dataSet.getElementsByTagNameNS("http://www.sap.com/adt/dataPreview", "data");
-    if (dataElements.length < 2) continue;
-    const value = dataElements[0]?.textContent ?? "";
-    const countText = dataElements[1]?.textContent?.trim() ?? "0";
-    values.push({
-      value,
-      count: parseInt(countText, 10)
-    });
+// src/core/adt/data_extraction/queryBuilder.ts
+function quoteString(value) {
+  return typeof value == "string" ? "'" + value + "'" : "" + value;
+}
+function basicFilterToWhere(filter) {
+  return `${filter.field} ${filter.operator} ${quoteString(filter.value)}`;
+}
+function betweenFilterToWhere(filter) {
+  return `${filter.field} between ${quoteString(filter.minimum)} and ${quoteString(filter.maximum)}`;
+}
+function listFilterToWhere(filter) {
+  return `${filter.field} ${filter.include ? "" : "not "}in ( ${filter.values.map(quoteString).join(", ")} )`;
+}
+function queryFilterToWhere(filter) {
+  if (filter.type === "list") return listFilterToWhere(filter);
+  if (filter.type === "between") return betweenFilterToWhere(filter);
+  return basicFilterToWhere(filter);
+}
+function queryFiltersToWhere(filters) {
+  if (filters.length === 0) return "";
+  return `
+where ${filters.map(queryFilterToWhere).join(" and ")}`;
+}
+function sortingsToOrderBy(sortings) {
+  if (sortings.length === 0) return "";
+  return `
+order by ${sortings.map((s) => `${s.field} ${s.direction}`).join(", ")}`;
+}
+function fieldsToGroupbyClause(fields) {
+  if (fields.length === 0) return "";
+  return `
+group by ${fields.join(", ")}`;
+}
+function aggregationToFieldDefinition(aggregation) {
+  if (aggregation.function === "count") {
+    return `count( distinct main~${aggregation.field} ) as ${aggregation.field}`;
+  }
+  return `${aggregation.function}( main~${aggregation.field} ) as ${aggregation.field}`;
+}
+function parametersToSQLParams(params) {
+  if (params.length === 0) return "";
+  return `( ${params.map((p) => `${p.name} = ${quoteString(p.value)}`).join(", ")})`;
+}
+function buildSQLQuery(query) {
+  const [parameters, filters, sortings, aggregations] = [query.parameters ?? [], query.filters ?? [], query.sortings ?? [], query.aggregations ?? []];
+  const groupingFields = query.fields.filter((f) => !aggregations.find((a) => a.field === f));
+  if (sortings.filter((s) => !query.fields.includes(s.field)).length > 0) {
+    return err(new Error("Sorting fields must be included in the selected fields."));
+  }
+  let selectClause = "select\n";
+  const fieldSelections = [];
+  for (const field of query.fields) {
+    const aggregation = aggregations.find((a) => a.field === field);
+    if (aggregation) {
+      fieldSelections.push(`	${aggregationToFieldDefinition(aggregation)}`);
+      continue;
+    }
+    fieldSelections.push(`	main~${field}`);
   }
+  selectClause += fieldSelections.join(",\n") + `
+from ${query.objectName}${parametersToSQLParams(parameters)} as main
+`;
+  const [whereClause, groupbyClause, orderbyClause] = [queryFiltersToWhere(filters), aggregations.length ? fieldsToGroupbyClause(groupingFields) : "", sortingsToOrderBy(sortings)];
   const result = {
-    column,
-    values
+    objectName: query.objectName,
+    objectType: query.objectType,
+    sqlQuery: `${selectClause}${whereClause}${groupbyClause}${orderbyClause}`
   };
+  if (query.limit !== void 0) result.limit = query.limit;
   return ok(result);
 }
 
-// src/core/adt/count.ts
-async function countRows(client, objectName, objectType) {
-  const extension = objectType === "table" ? "astabldt" : "asddls";
-  const config = getConfigByExtension(extension);
-  if (!config || !config.dpEndpoint || !config.dpParam) {
-    return err(new Error(`Data preview not supported for object type: ${objectType}`));
+// src/core/adt/data_extraction/distinct.ts
+var MAX_ROW_COUNT = 5e4;
+async function getDistinctValues(client, objectName, parameters, column, objectType = "view") {
+  const columnName = column.toUpperCase();
+  const sqlQuery = `SELECT ${columnName} AS value, COUNT(*) AS ValueCount FROM ${objectName}${parametersToSQLParams(parameters)} GROUP BY ${columnName} ORDER BY ValueCount DESCENDING`;
+  const [dataFrame, error] = await previewData(client, {
+    objectName,
+    objectType,
+    sqlQuery,
+    limit: MAX_ROW_COUNT
+  });
+  if (error) {
+    return err(new Error(`Distinct values query failed: ${error.message}`));
   }
+  const values = dataFrame.rows.map((row) => ({
+    value: row[0],
+    count: parseInt(String(row[1]), 10)
+  }));
+  return ok({ column, values });
+}
+
+// src/core/adt/data_extraction/count.ts
+async function countRows(client, objectName, objectType) {
   const sqlQuery = `SELECT COUNT(*) AS count FROM ${objectName}`;
-  const [, validationErr] = validateSqlInput(sqlQuery);
-  if (validationErr) {
-    return err(new Error(`SQL validation failed: ${validationErr.message}`));
-  }
-  const [response, requestErr] = await client.request({
-    method: "POST",
-    path: `/sap/bc/adt/datapreview/${config.dpEndpoint}`,
-    params: {
-      "rowNumber": 1,
-      [config.dpParam]: objectName
-    },
-    headers: {
-      "Accept": "application/vnd.sap.adt.datapreview.table.v1+xml"
-    },
-    body: sqlQuery
+  const [dataFrame, error] = await previewData(client, {
+    objectName,
+    objectType,
+    sqlQuery,
+    limit: 1
   });
-  if (requestErr) {
-    return err(requestErr);
-  }
-  if (!response.ok) {
-    const text2 = await response.text();
-    const errorMsg = extractError(text2);
-    return err(new Error(`Row count query failed: ${errorMsg}`));
+  if (error) {
+    return err(new Error(`Row count query failed: ${error.message}`));
   }
-  const text = await response.text();
-  const [doc, parseErr] = safeParseXml(text);
-  if (parseErr) {
-    return err(parseErr);
-  }
-  const dataElements = doc.getElementsByTagNameNS("http://www.sap.com/adt/dataPreview", "data");
-  if (dataElements.length === 0) {
+  const countValue = dataFrame.rows[0]?.[0];
+  if (countValue === void 0) {
     return err(new Error("No count value returned"));
   }
-  const countText = dataElements[0]?.textContent?.trim();
-  if (!countText) {
-    return err(new Error("Empty count value returned"));
-  }
-  const count = parseInt(countText, 10);
+  const count = parseInt(String(countValue), 10);
   if (isNaN(count)) {
     return err(new Error("Invalid count value returned"));
   }
   return ok(count);
 }
 
-// src/core/adt/searchObjects.ts
+// src/core/adt/discovery/searchObjects.ts
 async function searchObjects(client, query, types) {
   const searchPattern = query || "*";
   const objectTypes = types && types.length > 0 ? types : getAllTypes();
@@ -1261,7 +1122,7 @@ function parseSearchResults(xml) {
   return ok(results);
 }
 
-// src/core/adt/whereUsed.ts
+// src/core/adt/discovery/whereUsed.ts
 async function findWhereUsed(client, object) {
   const config = getConfigByExtension(object.extension);
   if (!config) {
@@ -1335,7 +1196,7 @@ function parseWhereUsed(xml) {
   return ok(dependencies);
 }
 
-// src/core/adt/createTransport.ts
+// src/core/adt/transports/createTransport.ts
 async function createTransport(client, config) {
   const body = dictToAbapXml({
     DEVCLASS: config.package,
@@ -1366,7 +1227,7 @@ async function createTransport(client, config) {
   return ok(transportId);
 }
 
-// src/core/adt/gitDiff.ts
+// src/core/adt/craud/gitDiff.ts
 import { diffArrays } from "diff";
 function computeDiff(serverLines, localLines) {
   const changes = diffArrays(serverLines, localLines);
@@ -2314,9 +2175,9 @@ var ADTClientImpl = class {
     if (!this.state.session) return err(new Error("Not logged in"));
     return previewData(this.requestor, query);
   }
-  async getDistinctValues(objectName, column, objectType = "view") {
+  async getDistinctValues(objectName, parameters, column, objectType = "view") {
     if (!this.state.session) return err(new Error("Not logged in"));
-    return getDistinctValues(this.requestor, objectName, column, objectType);
+    return getDistinctValues(this.requestor, objectName, parameters, column, objectType);
   }
   async countRows(objectName, objectType) {
     if (!this.state.session) return err(new Error("Not logged in"));
@@ -2361,19 +2222,8 @@ function createClient(config) {
   }
   return ok(new ADTClientImpl(config));
 }
-
-// src/core/config.ts
-import { readFileSync } from "fs";
-import { z as z2 } from "zod";
-var systemConfigSchema = z2.record(
-  z2.string(),
-  z2.object({
-    adt: z2.string().url().optional(),
-    odata: z2.string().url().optional(),
-    instance_num: z2.string().optional()
-  })
-);
 export {
+  buildSQLQuery,
   createClient,
   err,
   ok