├── index.cds
├── .github
├── CODEOWNERS
├── workflows
│ ├── lint.yml
│ ├── prevent-issue-labeling.yml
│ ├── issue.yml
│ ├── release.yml
│ └── test.yml
├── ISSUE_TEMPLATE
│ ├── bug_report.md
│ └── feature_request.md
└── actions
│ └── integration-tests
│ └── action.yml
├── tests
├── integration
│ └── content
│ │ ├── sample-2.txt
│ │ ├── test.pdf
│ │ ├── sample.pdf
│ │ └── sample-1.jpg
├── incidents-app
│ ├── .gitignore
│ ├── app
│ │ ├── services.cds
│ │ └── incidents
│ │ │ ├── ui5.yaml
│ │ │ ├── webapp
│ │ │ ├── i18n
│ │ │ │ └── i18n.properties
│ │ │ ├── Component.js
│ │ │ ├── xs-app.json
│ │ │ ├── index.html
│ │ │ └── manifest.json
│ │ │ ├── package.json
│ │ │ └── annotations.cds
│ ├── db
│ │ ├── data
│ │ │ ├── sap.capire.incidents-Urgency.csv
│ │ │ ├── sap.capire.incidents-Status.csv
│ │ │ ├── sap.capire.incidents-Test.csv
│ │ │ ├── sap.capire.incidents-NonDraftTest.csv
│ │ │ ├── sap.capire.incidents-Customers.csv
│ │ │ ├── sap.capire.incidents-Addresses.csv
│ │ │ ├── sap.capire.incidents-TestDetails.csv
│ │ │ ├── sap.capire.incidents-Incidents.csv
│ │ │ ├── sap.capire.incidents-SingleTestDetails.csv
│ │ │ └── sap.capire.incidents-Incidents.conversation.csv
│ │ ├── attachments.cds
│ │ └── schema.cds
│ ├── package.json
│ └── srv
│ │ ├── services.js
│ │ └── services.cds
├── utils
│ ├── api.js
│ └── testUtils.js
├── non-draft-request.http
└── unit
│ ├── validateAttachmentSize.test.js
│ └── unitTests.test.js
├── etc
├── delete.gif
├── facet.png
└── upload.gif
├── .vscode
└── settings.json
├── .gitignore
├── cds-plugin.js
├── srv
├── malwareScanner-mocked.cds
├── standard.js
├── malwareScanner.cds
├── object-store.js
├── malwareScanner-mocked.js
├── malwareScanner.js
├── gcp.js
├── aws-s3.js
├── azure-blob-storage.js
└── basic.js
├── jest.config.js
├── _i18n
├── i18n.properties
├── i18n_sv.properties
├── i18n_de.properties
├── i18n_en.properties
├── i18n_ms.properties
├── i18n_nl.properties
├── i18n_no.properties
├── i18n_fi.properties
├── i18n_tr.properties
├── i18n_es.properties
├── i18n_es_MX.properties
├── i18n_it.properties
├── i18n_ro.properties
├── i18n_sh.properties
├── i18n_hr.properties
├── i18n_da.properties
├── i18n_pt.properties
├── i18n_sl.properties
├── i18n_fr.properties
├── i18n_pl.properties
├── i18n_sk.properties
├── i18n_cs.properties
├── i18n_zh_CN.properties
├── i18n_hu.properties
├── i18n_zh_TW.properties
├── i18n_ko.properties
├── i18n_vi.properties
├── i18n_en_US_saptrc.properties
├── i18n_ja.properties
├── i18n_he.properties
├── i18n_ar.properties
├── i18n_kk.properties
├── i18n_uk.properties
├── messages_en_US_saptrc.properties
├── i18n_th.properties
├── i18n_ru.properties
├── i18n_bg.properties
├── i18n_el.properties
└── messages.properties
├── eslint.config.mjs
├── db
├── data
│ ├── sap.attachments-ScanStates_texts_ja.csv
│ ├── sap.attachments-ScanStates_texts_ko.csv
│ ├── sap.attachments-ScanStates_texts_he.csv
│ ├── sap.attachments-ScanStates.csv
│ ├── sap.attachments-ScanStates_texts_zh_CN.csv
│ ├── sap.attachments-ScanStates_texts_zh_TW.csv
│ ├── sap.attachments-ScanStates_texts_ar.csv
│ ├── sap.attachments-ScanStates_texts_en.csv
│ ├── sap.attachments-ScanStates_texts.csv
│ ├── sap.attachments-ScanStates_texts_el.csv
│ ├── sap.attachments-ScanStates_texts_ro.csv
│ ├── sap.attachments-ScanStates_texts_ru.csv
│ ├── sap.attachments-ScanStates_texts_sv.csv
│ ├── sap.attachments-ScanStates_texts_tr.csv
│ ├── sap.attachments-ScanStates_texts_bg.csv
│ ├── sap.attachments-ScanStates_texts_cs.csv
│ ├── sap.attachments-ScanStates_texts_es.csv
│ ├── sap.attachments-ScanStates_texts_hr.csv
│ ├── sap.attachments-ScanStates_texts_kk.csv
│ ├── sap.attachments-ScanStates_texts_ms.csv
│ ├── sap.attachments-ScanStates_texts_fr.csv
│ ├── sap.attachments-ScanStates_texts_no.csv
│ ├── sap.attachments-ScanStates_texts_pt.csv
│ ├── sap.attachments-ScanStates_texts_sh.csv
│ ├── sap.attachments-ScanStates_texts_sk.csv
│ ├── sap.attachments-ScanStates_texts_th.csv
│ ├── sap.attachments-ScanStates_texts_uk.csv
│ ├── sap.attachments-ScanStates_texts_da.csv
│ ├── sap.attachments-ScanStates_texts_hu.csv
│ ├── sap.attachments-ScanStates_texts_nl.csv
│ ├── sap.attachments-ScanStates_texts_pl.csv
│ ├── sap.attachments-ScanStates_texts_sl.csv
│ ├── sap.attachments-ScanStates_texts_es_MX.csv
│ ├── sap.attachments-ScanStates_texts_fi.csv
│ ├── sap.attachments-ScanStates_texts_it.csv
│ ├── sap.attachments-ScanStates_texts_vi.csv
│ ├── sap.attachments-ScanStates_texts_de.csv
│ └── sap.attachments-ScanStates_texts_en_US_saptrc.csv
└── index.cds
├── .hyperspace
└── pull_request_bot.json
├── translation_v2.json
├── lib
├── csn-runtime-extension.js
├── plugin.js
└── generic-handlers.js
├── REUSE.toml
├── CONTRIBUTING.md
├── package.json
├── CODE_OF_CONDUCT.md
├── CHANGELOG.md
├── LICENSES
└── Apache-2.0.txt
└── LICENSE
/index.cds:
--------------------------------------------------------------------------------
1 | using from './db/index.cds';
--------------------------------------------------------------------------------
/.github/CODEOWNERS:
--------------------------------------------------------------------------------
1 |
2 | ** @cap-js/cdsmunich
--------------------------------------------------------------------------------
/tests/integration/content/sample-2.txt:
--------------------------------------------------------------------------------
1 | hello world
--------------------------------------------------------------------------------
/tests/incidents-app/.gitignore:
--------------------------------------------------------------------------------
1 |
2 | # added by cds
3 | .cdsrc-private.json
4 |
--------------------------------------------------------------------------------
/tests/incidents-app/app/services.cds:
--------------------------------------------------------------------------------
1 |
2 | using from './incidents/annotations';
--------------------------------------------------------------------------------
/etc/delete.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cap-js/attachments/HEAD/etc/delete.gif
--------------------------------------------------------------------------------
/etc/facet.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cap-js/attachments/HEAD/etc/facet.png
--------------------------------------------------------------------------------
/etc/upload.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cap-js/attachments/HEAD/etc/upload.gif
--------------------------------------------------------------------------------
/.vscode/settings.json:
--------------------------------------------------------------------------------
1 | {
2 | "editor.tabSize": 2,
3 | "editor.indentSize": 2
4 | }
--------------------------------------------------------------------------------
/tests/incidents-app/db/data/sap.capire.incidents-Urgency.csv:
--------------------------------------------------------------------------------
1 | code;descr
2 | H;High
3 | M;Medium
4 | L;Low
--------------------------------------------------------------------------------
/tests/integration/content/test.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cap-js/attachments/HEAD/tests/integration/content/test.pdf
--------------------------------------------------------------------------------
/tests/incidents-app/app/incidents/ui5.yaml:
--------------------------------------------------------------------------------
1 | specVersion: "2.5"
2 | metadata:
3 | name: ns.incidents
4 | type: application
5 |
--------------------------------------------------------------------------------
/tests/integration/content/sample.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cap-js/attachments/HEAD/tests/integration/content/sample.pdf
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 |
2 | .DS_Store
3 | node_modules/
4 | gen/
5 | .vscode/
6 | package-lock.json
7 |
8 | .cdsrc-private.json
9 | coverage/
--------------------------------------------------------------------------------
/tests/integration/content/sample-1.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cap-js/attachments/HEAD/tests/integration/content/sample-1.jpg
--------------------------------------------------------------------------------
/cds-plugin.js:
--------------------------------------------------------------------------------
1 | require('./lib/plugin')
2 |
3 | // Entry point for separate object store instance case
4 | require('./lib/mtx/server')
5 |
--------------------------------------------------------------------------------
/srv/malwareScanner-mocked.cds:
--------------------------------------------------------------------------------
1 | using {malwareScanner} from './malwareScanner';
2 |
3 | annotate malwareScanner with @impl : './malwareScanner-mocked';
--------------------------------------------------------------------------------
/jest.config.js:
--------------------------------------------------------------------------------
1 | const config = {
2 | testTimeout: 150000,
3 | testMatch: ['**/*.test.js'],
4 | forceExit: true
5 | }
6 |
7 | module.exports = config
8 |
--------------------------------------------------------------------------------
/_i18n/i18n.properties:
--------------------------------------------------------------------------------
1 | Attachment=Attachment
2 | Attachments=Attachments
3 | Note=Note
4 | ScanStatus=Scan status
5 | FileName=File name
6 | MediaType=Media type
--------------------------------------------------------------------------------
/_i18n/i18n_sv.properties:
--------------------------------------------------------------------------------
1 | Attachment=Bilaga
2 | Attachments=Bilagor
3 | Note=Memo
4 | ScanStatus=Skanningsstatus
5 | FileName=Filnamn
6 | MediaType=Medietyp
7 |
--------------------------------------------------------------------------------
/_i18n/i18n_de.properties:
--------------------------------------------------------------------------------
1 | Attachment=Anhang
2 | Attachments=Anh\u00E4nge
3 | Note=Hinweis
4 | ScanStatus=Scan-Status
5 | FileName=Dateiname
6 | MediaType=Medientyp
7 |
--------------------------------------------------------------------------------
/_i18n/i18n_en.properties:
--------------------------------------------------------------------------------
1 | Attachment=Attachment
2 | Attachments=Attachments
3 | Note=Note
4 | ScanStatus=Scan status
5 | FileName=File name
6 | MediaType=Media type
7 |
--------------------------------------------------------------------------------
/_i18n/i18n_ms.properties:
--------------------------------------------------------------------------------
1 | Attachment=Lampiran
2 | Attachments=Lampiran
3 | Note=Nota
4 | ScanStatus=Status imbasan
5 | FileName=Nama fail
6 | MediaType=Jenis media
7 |
--------------------------------------------------------------------------------
/_i18n/i18n_nl.properties:
--------------------------------------------------------------------------------
1 | Attachment=Bijlage
2 | Attachments=Bijlagen
3 | Note=SAP Note
4 | ScanStatus=Scanstatus
5 | FileName=Bestandsnaam
6 | MediaType=Mediatype
7 |
--------------------------------------------------------------------------------
/_i18n/i18n_no.properties:
--------------------------------------------------------------------------------
1 | Attachment=Vedlegg
2 | Attachments=Vedlegg
3 | Note=Merknad
4 | ScanStatus=Status for skanning
5 | FileName=Filnavn
6 | MediaType=Medietype
7 |
--------------------------------------------------------------------------------
/_i18n/i18n_fi.properties:
--------------------------------------------------------------------------------
1 | Attachment=Liite
2 | Attachments=Liitteet
3 | Note=Huomautus
4 | ScanStatus=Skannauksen tila
5 | FileName=Tiedostonimi
6 | MediaType=Mediatyyppi
7 |
--------------------------------------------------------------------------------
/_i18n/i18n_tr.properties:
--------------------------------------------------------------------------------
1 | Attachment=Ek
2 | Attachments=Ekler
3 | Note=Not
4 | ScanStatus=Tarama durumu
5 | FileName=Dosya ad\u0131
6 | MediaType=Medya t\u00FCr\u00FC
7 |
--------------------------------------------------------------------------------
/_i18n/i18n_es.properties:
--------------------------------------------------------------------------------
1 | Attachment=Anexo
2 | Attachments=Anexos
3 | Note=Nota
4 | ScanStatus=Estado de escaneo
5 | FileName=Nombre de archivo
6 | MediaType=Tipo de medios
7 |
--------------------------------------------------------------------------------
/_i18n/i18n_es_MX.properties:
--------------------------------------------------------------------------------
1 | Attachment=Anexo
2 | Attachments=Anexos
3 | Note=Nota
4 | ScanStatus=Estado de escaneo
5 | FileName=Nombre de archivo
6 | MediaType=Tipo de medios
7 |
--------------------------------------------------------------------------------
/_i18n/i18n_it.properties:
--------------------------------------------------------------------------------
1 | Attachment=Allegato
2 | Attachments=Allegati
3 | Note=Nota
4 | ScanStatus=Stato di scansione
5 | FileName=Nome file
6 | MediaType=Tipo di supporto
7 |
--------------------------------------------------------------------------------
/_i18n/i18n_ro.properties:
--------------------------------------------------------------------------------
1 | Attachment=Anex\u0103
2 | Attachments=Anexe
3 | Note=Not\u0103
4 | ScanStatus=Stare scanare
5 | FileName=Nume fi\u0219ier
6 | MediaType=Tip de suport
7 |
--------------------------------------------------------------------------------
/_i18n/i18n_sh.properties:
--------------------------------------------------------------------------------
1 | Attachment=Dodatak
2 | Attachments=Dodaci
3 | Note=Bele\u0161ka
4 | ScanStatus=Status skeniranja
5 | FileName=Naziv fajla
6 | MediaType=Tip medija
7 |
--------------------------------------------------------------------------------
/tests/incidents-app/db/data/sap.capire.incidents-Status.csv:
--------------------------------------------------------------------------------
1 | code;descr;criticality
2 | N;New;3
3 | A;Assigned;2
4 | I;In Process;2
5 | H;On Hold;3
6 | R;Resolved;2
7 | C;Closed;4
--------------------------------------------------------------------------------
/tests/incidents-app/db/data/sap.capire.incidents-Test.csv:
--------------------------------------------------------------------------------
1 | ID,name
2 | 11111111-1111-1111-1111-111111111111,Test Parent 1
3 | 22222222-2222-2222-2222-222222222222,Test Parent 2
--------------------------------------------------------------------------------
/_i18n/i18n_hr.properties:
--------------------------------------------------------------------------------
1 | Attachment=Prilog
2 | Attachments=Prilozi
3 | Note=Bilje\u0161ka
4 | ScanStatus=Status skeniranja
5 | FileName=Naziv datoteke
6 | MediaType=Tip medija
7 |
--------------------------------------------------------------------------------
/_i18n/i18n_da.properties:
--------------------------------------------------------------------------------
1 | Attachment=Vedh\u00E6ftet fil
2 | Attachments=Vedh\u00E6ftede filer
3 | Note=Note
4 | ScanStatus=Scanningsstatus
5 | FileName=Filnavn
6 | MediaType=Medietype
7 |
--------------------------------------------------------------------------------
/_i18n/i18n_pt.properties:
--------------------------------------------------------------------------------
1 | Attachment=Anexo
2 | Attachments=Anexos
3 | Note=Nota
4 | ScanStatus=Status da verifica\u00E7\u00E3o
5 | FileName=Nome do arquivo
6 | MediaType=Tipo de m\u00EDdia
7 |
--------------------------------------------------------------------------------
/_i18n/i18n_sl.properties:
--------------------------------------------------------------------------------
1 | Attachment=Priloga
2 | Attachments=Priloge
3 | Note=Zabele\u017Eka
4 | ScanStatus=Status opti\u010Dnega branja
5 | FileName=Ime datoteke
6 | MediaType=Vrsta medija
7 |
--------------------------------------------------------------------------------
/_i18n/i18n_fr.properties:
--------------------------------------------------------------------------------
1 | Attachment=Pi\u00E8ce jointe
2 | Attachments=Pi\u00E8ces jointes
3 | Note=Note
4 | ScanStatus=Statut du scan
5 | FileName=Nom du fichier
6 | MediaType=Type de m\u00E9dia
7 |
--------------------------------------------------------------------------------
/_i18n/i18n_pl.properties:
--------------------------------------------------------------------------------
1 | Attachment=Za\u0142\u0105cznik
2 | Attachments=Za\u0142\u0105czniki
3 | Note=Uwaga
4 | ScanStatus=Status skanowania
5 | FileName=Nazwa pliku
6 | MediaType=Typ medi\u00F3w
7 |
--------------------------------------------------------------------------------
/_i18n/i18n_sk.properties:
--------------------------------------------------------------------------------
1 | Attachment=Pr\u00EDloha
2 | Attachments=Pr\u00EDlohy
3 | Note=Pozn\u00E1mka
4 | ScanStatus=Status skenovania
5 | FileName=N\u00E1zov s\u00FAboru
6 | MediaType=Typ m\u00E9dia
7 |
--------------------------------------------------------------------------------
/_i18n/i18n_cs.properties:
--------------------------------------------------------------------------------
1 | Attachment=P\u0159\u00EDloha
2 | Attachments=P\u0159\u00EDlohy
3 | Note=Pozn\u00E1mka
4 | ScanStatus=Status skenov\u00E1n\u00ED
5 | FileName=N\u00E1zev souboru
6 | MediaType=Typ m\u00E9dia
7 |
--------------------------------------------------------------------------------
/_i18n/i18n_zh_CN.properties:
--------------------------------------------------------------------------------
1 | Attachment=\u9644\u4EF6
2 | Attachments=\u9644\u4EF6
3 | Note=\u6CE8\u91CA
4 | ScanStatus=\u626B\u63CF\u72B6\u6001
5 | FileName=\u6587\u4EF6\u540D
6 | MediaType=\u5A92\u4F53\u7C7B\u578B
7 |
--------------------------------------------------------------------------------
/_i18n/i18n_hu.properties:
--------------------------------------------------------------------------------
1 | Attachment=Mell\u00E9klet
2 | Attachments=Mell\u00E9kletek
3 | Note=Megjegyz\u00E9s
4 | ScanStatus=Beolvas\u00E1si st\u00E1tus
5 | FileName=F\u00E1jln\u00E9v
6 | MediaType=M\u00E9dia t\u00EDpusa
7 |
--------------------------------------------------------------------------------
/_i18n/i18n_zh_TW.properties:
--------------------------------------------------------------------------------
1 | Attachment=\u9644\u4EF6
2 | Attachments=\u9644\u4EF6
3 | Note=\u8A3B\u8A18
4 | ScanStatus=\u6383\u63CF\u72C0\u614B
5 | FileName=\u6A94\u6848\u540D\u7A31
6 | MediaType=\u5A92\u9AD4\u985E\u578B
7 |
--------------------------------------------------------------------------------
/_i18n/i18n_ko.properties:
--------------------------------------------------------------------------------
1 | Attachment=\uCCA8\uBD80\uD30C\uC77C
2 | Attachments=\uCCA8\uBD80\uD30C\uC77C
3 | Note=\uB178\uD2B8
4 | ScanStatus=\uC2A4\uCE94 \uC0C1\uD0DC
5 | FileName=\uD30C\uC77C \uC774\uB984
6 | MediaType=\uBBF8\uB514\uC5B4 \uC720\uD615
7 |
--------------------------------------------------------------------------------
/eslint.config.mjs:
--------------------------------------------------------------------------------
1 | import cds from "@sap/cds/eslint.config.mjs"
2 | export default [
3 | ...cds,
4 | {
5 | name: 'test-files-config',
6 | files: ["tests/**/*"],
7 | rules: {
8 | 'no-console': 'off',
9 | }
10 | },
11 | ]
12 |
--------------------------------------------------------------------------------
/tests/incidents-app/db/data/sap.capire.incidents-NonDraftTest.csv:
--------------------------------------------------------------------------------
1 | ID,name,singledetails_ID
2 | 33333333-3333-3333-3333-333333333333,Test Parent 1,877fc800-337e-495e-a497-c1a95fbfe6a3
3 | 44444444-4444-4444-4444-444444444444,Test Parent 2,877fc800-337e-495e-a497-c1a95fbfe6a3
--------------------------------------------------------------------------------
/tests/incidents-app/db/data/sap.capire.incidents-Customers.csv:
--------------------------------------------------------------------------------
1 | ID,firstName,lastName,email,phone
2 | 1004155,Daniel,Watts,daniel.watts@demo.com,+44-555-123
3 | 1004161,Stormy,Weathers,stormy.weathers@demo.com,
4 | 1004100,Sunny,Sunshine,sunny.sunshine@demo.com,+01-555-789
5 |
--------------------------------------------------------------------------------
/tests/incidents-app/app/incidents/webapp/i18n/i18n.properties:
--------------------------------------------------------------------------------
1 | # This is the resource bundle for ns.incidents
2 |
3 | #Texts for manifest.json
4 |
5 | #XTIT: Application name
6 | appTitle=Incident-Management
7 |
8 | #YDES: Application description
9 | appDescription=A Fiori application.
--------------------------------------------------------------------------------
/_i18n/i18n_vi.properties:
--------------------------------------------------------------------------------
1 | Attachment=Ph\u00E2\u0300n \u0111i\u0301nh ke\u0300m
2 | Attachments=Ph\u00E2\u0300n \u0111i\u0301nh ke\u0300m
3 | Note=Ghi chu\u0301
4 | ScanStatus=Tr\u1EA1ng th\u00E1i qu\u00E9t
5 | FileName=T\u00EAn t\u00E2\u0323p tin
6 | MediaType=Lo\u1EA1i ph\u01B0\u01A1ng ti\u1EC7n
7 |
--------------------------------------------------------------------------------
/_i18n/i18n_en_US_saptrc.properties:
--------------------------------------------------------------------------------
1 | Attachment=7KrT1T6+FbiTPat/qaWlDg_Attachment
2 | Attachments=SMswzqYa8Fqq7CiGycDbNw_Attachments
3 | Note=Xvgd4P1G9SekaeYPyxsvug_Note
4 | ScanStatus=1Fe9rvbr7Skx04qKGXxN5w_Scan status
5 | FileName=OKMA2SoTpYyijzi9y9VRRA_File name
6 | MediaType=FyvT73IAyeEoihV1ph5W2w_Media type
7 |
--------------------------------------------------------------------------------
/tests/incidents-app/app/incidents/webapp/Component.js:
--------------------------------------------------------------------------------
1 | sap.ui.define(['sap/fe/core/AppComponent'], function(AppComponent) {
2 | 'use strict';
3 |
4 | return AppComponent.extend("ns.incidents.Component", {
5 | metadata: {
6 | manifest: "json"
7 | }
8 | });
9 | });
10 |
--------------------------------------------------------------------------------
/_i18n/i18n_ja.properties:
--------------------------------------------------------------------------------
1 | Attachment=\u6DFB\u4ED8\u30D5\u30A1\u30A4\u30EB
2 | Attachments=\u6DFB\u4ED8\u30D5\u30A1\u30A4\u30EB
3 | Note=\u30CE\u30FC\u30C8
4 | ScanStatus=\u30B9\u30AD\u30E3\u30F3\u30B9\u30C6\u30FC\u30BF\u30B9
5 | FileName=\u30D5\u30A1\u30A4\u30EB\u540D
6 | MediaType=\u30E1\u30C7\u30A3\u30A2\u30BF\u30A4\u30D7
7 |
--------------------------------------------------------------------------------
/tests/incidents-app/db/data/sap.capire.incidents-Addresses.csv:
--------------------------------------------------------------------------------
1 | ID,customer_ID,city,postCode,streetAddress
2 | 17e00347-dc7e-4ca9-9c5d-06ccef69f064,1004155,Rome,00164,Piazza Adriana
3 | d8e797d9-6507-4aaa-b43f-5d2301df5135,1004161,Munich,80809,Olympia Park
4 | ff13d2fa-e00f-4ee5-951c-3303f490777b,1004100,Walldorf,69190,Dietmar-Hopp-Allee
5 |
--------------------------------------------------------------------------------
/tests/incidents-app/app/incidents/webapp/xs-app.json:
--------------------------------------------------------------------------------
1 | {
2 | "authenticationMethod": "route",
3 | "logout": {
4 | "logoutEndpoint": "/do/logout"
5 | },
6 | "routes": [
7 | {
8 | "source": "^(.*)$",
9 | "target": "$1",
10 | "service": "html5-apps-repo-rt",
11 | "authenticationType": "xsuaa"
12 | }
13 | ]
14 | }
15 |
--------------------------------------------------------------------------------
/tests/incidents-app/db/data/sap.capire.incidents-TestDetails.csv:
--------------------------------------------------------------------------------
1 | ID;test_ID;description
2 | aaaaaaa1-aaaa-aaaa-aaaa-aaaaaaaaaaa1;11111111-1111-1111-1111-111111111111;Detail 1 for Test 1
3 | aaaaaaa2-aaaa-aaaa-aaaa-aaaaaaaaaaa2;11111111-1111-1111-1111-111111111111;Detail 2 for Test 1
4 | bbbbbbb1-bbbb-bbbb-bbbb-bbbbbbbbbbb1;22222222-2222-2222-2222-222222222222;Detail 1 for Test 2
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_ja.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | ja;Unscanned;未スキャン;The file is not yet scanned for malware.
3 | ja;Scanning;スキャン中;The file is currently being scanned for malware.
4 | ja;Infected;感染あり;The file contains malware! Do not download!
5 | ja;Clean;感染なし;The file does not contain any malware.
6 | ja;Failed;失敗;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_ko.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | ko;Unscanned;스캔되지 않음;The file is not yet scanned for malware.
3 | ko;Scanning;스캔 중;The file is currently being scanned for malware.
4 | ko;Infected;감염됨;The file contains malware! Do not download!
5 | ko;Clean;정상;The file does not contain any malware.
6 | ko;Failed;실패;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_he.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | he;Unscanned;לא סרוק;The file is not yet scanned for malware.
3 | he;Scanning;סריקה;The file is currently being scanned for malware.
4 | he;Infected;מזוהם;The file contains malware! Do not download!
5 | he;Clean;נקי;The file does not contain any malware.
6 | he;Failed;נכשל;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/srv/standard.js:
--------------------------------------------------------------------------------
1 | const cds = require("@sap/cds")
2 |
3 | module.exports = cds.env.requires?.objectStore?.credentials?.access_key_id
4 | ? require('./aws-s3')
5 | : cds.env.requires?.objectStore?.credentials?.container_name
6 | ? require('./azure-blob-storage')
7 | : cds.env.requires?.objectStore?.credentials?.projectId
8 | ? require('./gcp')
9 | : require('./aws-s3')
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates.csv:
--------------------------------------------------------------------------------
1 | code;name;descr;criticality
2 | Unscanned;Unscanned;The file is not yet scanned for malware.;2
3 | Scanning;Scanning;The file is currently being scanned for malware.;2
4 | Infected;Infected;The file contains malware! Do not download!;1
5 | Clean;Clean;The file does not contain any malware.;3
6 | Failed;Failed;The file could not be scanned for malware.;1
7 |
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_zh_CN.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | zh_CN;Unscanned;未扫描;The file is not yet scanned for malware.
3 | zh_CN;Scanning;扫描中;The file is currently being scanned for malware.
4 | zh_CN;Infected;被感染;The file contains malware! Do not download!
5 | zh_CN;Clean;无感染;The file does not contain any malware.
6 | zh_CN;Failed;失败;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_zh_TW.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | zh_TW;Unscanned;未掃描;The file is not yet scanned for malware.
3 | zh_TW;Scanning;正在掃描;The file is currently being scanned for malware.
4 | zh_TW;Infected;已感染;The file contains malware! Do not download!
5 | zh_TW;Clean;清除;The file does not contain any malware.
6 | zh_TW;Failed;失敗;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_ar.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | ar;Unscanned;غير ممسوح ضوئيًا;The file is not yet scanned for malware.
3 | ar;Scanning;مسح ضوئي;The file is currently being scanned for malware.
4 | ar;Infected;مصاب;The file contains malware! Do not download!
5 | ar;Clean;تنظيف;The file does not contain any malware.
6 | ar;Failed;فشل;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_en.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | en;Unscanned;Unscanned;The file is not yet scanned for malware.
3 | en;Scanning;Scanning;The file is currently being scanned for malware.
4 | en;Infected;Infected;The file contains malware! Do not download!
5 | en;Clean;Clean;The file does not contain any malware.
6 | en;Failed;Failed;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | en;Unscanned;Unscanned;The file is not yet scanned for malware.
3 | en;Scanning;Scanning;The file is currently being scanned for malware.
4 | en;Infected;Infected;The file contains malware! Do not download!
5 | en;Clean;Clean;The file does not contain any malware.
6 | en;Failed;Failed;The file could not be scanned for malware.
7 |
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_el.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | el;Unscanned;Μη σαρωμένο;The file is not yet scanned for malware.
3 | el;Scanning;Σάρωση;The file is currently being scanned for malware.
4 | el;Infected;Μολυσμένο;The file contains malware! Do not download!
5 | el;Clean;Καθαρό;The file does not contain any malware.
6 | el;Failed;Απέτυχε;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_ro.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | ro;Unscanned;Nescanat;The file is not yet scanned for malware.
3 | ro;Scanning;Se scanează;The file is currently being scanned for malware.
4 | ro;Infected;Infectat;The file contains malware! Do not download!
5 | ro;Clean;Curat;The file does not contain any malware.
6 | ro;Failed;Nereușit;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_ru.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | ru;Unscanned;Не проверено;The file is not yet scanned for malware.
3 | ru;Scanning;Проверка;The file is currently being scanned for malware.
4 | ru;Infected;Заражено;The file contains malware! Do not download!
5 | ru;Clean;Чисто;The file does not contain any malware.
6 | ru;Failed;Неудачно;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_sv.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | sv;Unscanned;Ej skannad;The file is not yet scanned for malware.
3 | sv;Scanning;Skannar;The file is currently being scanned for malware.
4 | sv;Infected;Infekterad;The file contains malware! Do not download!
5 | sv;Clean;Ren;The file does not contain any malware.
6 | sv;Failed;Misslyckades;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_tr.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | tr;Unscanned;Taranmamış;The file is not yet scanned for malware.
3 | tr;Scanning;Taranıyor;The file is currently being scanned for malware.
4 | tr;Infected;Enfekte;The file contains malware! Do not download!
5 | tr;Clean;Temiz;The file does not contain any malware.
6 | tr;Failed;Başarısız;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/_i18n/i18n_he.properties:
--------------------------------------------------------------------------------
1 | Attachment=\u05E7\u05D5\u05D1\u05E5 \u05DE\u05E6\u05D5\u05E8\u05E3
2 | Attachments=\u05E7\u05D1\u05E6\u05D9\u05DD \u05DE\u05E6\u05D5\u05E8\u05E4\u05D9\u05DD
3 | Note=\u05D4\u05E2\u05E8\u05D4
4 | ScanStatus=\u05E1\u05D8\u05D0\u05D8\u05D5\u05E1 \u05E1\u05E8\u05D9\u05E7\u05D4
5 | FileName=\u05E9\u05DD \u05E7\u05D5\u05D1\u05E5
6 | MediaType=\u05E1\u05D5\u05D2 \u05DE\u05D3\u05D9\u05D4
7 |
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_bg.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | bg;Unscanned;Несканирано;The file is not yet scanned for malware.
3 | bg;Scanning;Сканиране;The file is currently being scanned for malware.
4 | bg;Infected;Заразено;The file contains malware! Do not download!
5 | bg;Clean;Изчистване;The file does not contain any malware.
6 | bg;Failed;Неуспешно;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_cs.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | cs;Unscanned;Neskenováno;The file is not yet scanned for malware.
3 | cs;Scanning;Skenování;The file is currently being scanned for malware.
4 | cs;Infected;Infikováno;The file contains malware! Do not download!
5 | cs;Clean;Čisté;The file does not contain any malware.
6 | cs;Failed;Neúspěšné;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_es.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | es;Unscanned;No escaneado;The file is not yet scanned for malware.
3 | es;Scanning;Escaneando;The file is currently being scanned for malware.
4 | es;Infected;Infectado;The file contains malware! Do not download!
5 | es;Clean;Limpio;The file does not contain any malware.
6 | es;Failed;Erróneo;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_hr.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | hr;Unscanned;Neskenirano;The file is not yet scanned for malware.
3 | hr;Scanning;Skeniranje;The file is currently being scanned for malware.
4 | hr;Infected;Zaražena;The file contains malware! Do not download!
5 | hr;Clean;Čista;The file does not contain any malware.
6 | hr;Failed;Nije uspjelo;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_kk.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | kk;Unscanned;Сканерленбеген;The file is not yet scanned for malware.
3 | kk;Scanning;Сканерлеуде;The file is currently being scanned for malware.
4 | kk;Infected;Бұзылған;The file contains malware! Do not download!
5 | kk;Clean;Таза;The file does not contain any malware.
6 | kk;Failed;Сәтсіз;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_ms.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | ms;Unscanned;Tidak Diimbas;The file is not yet scanned for malware.
3 | ms;Scanning;Mengimbas;The file is currently being scanned for malware.
4 | ms;Infected;Dijangkiti;The file contains malware! Do not download!
5 | ms;Clean;Bersih;The file does not contain any malware.
6 | ms;Failed;Gagal;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_fr.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | fr;Unscanned;Non analysé;The file is not yet scanned for malware.
3 | fr;Scanning;Analyse en cours;The file is currently being scanned for malware.
4 | fr;Infected;Infecté;The file contains malware! Do not download!
5 | fr;Clean;Non infecté;The file does not contain any malware.
6 | fr;Failed;Échec;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_no.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | no;Unscanned;Ikke skannet;The file is not yet scanned for malware.
3 | no;Scanning;Skannes;The file is currently being scanned for malware.
4 | no;Infected;Infisert;The file contains malware! Do not download!
5 | no;Clean;Ikke infisert;The file does not contain any malware.
6 | no;Failed;Mislyktes;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_pt.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | pt;Unscanned;Não verificado;The file is not yet scanned for malware.
3 | pt;Scanning;Verificando;The file is currently being scanned for malware.
4 | pt;Infected;Infectado;The file contains malware! Do not download!
5 | pt;Clean;Limpo;The file does not contain any malware.
6 | pt;Failed;Com falha;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_sh.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | sh;Unscanned;Nije skenirano;The file is not yet scanned for malware.
3 | sh;Scanning;Skeniranje;The file is currently being scanned for malware.
4 | sh;Infected;Zaraženo;The file contains malware! Do not download!
5 | sh;Clean;Čisto;The file does not contain any malware.
6 | sh;Failed;Nije uspelo;The file cannot not be scanned for malware
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_sk.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | sk;Unscanned;Nenaskenované;The file is not yet scanned for malware.
3 | sk;Scanning;Skenovanie;The file is currently being scanned for malware.
4 | sk;Infected;Infikované;The file contains malware! Do not download!
5 | sk;Clean;Očistiť;The file does not contain any malware.
6 | sk;Failed;Neúspešné;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_th.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | th;Unscanned;ยังไม่ได้สแกน;The file is not yet scanned for malware.
3 | th;Scanning;กำลังสแกน;The file is currently being scanned for malware.
4 | th;Infected;ติดมัลแวร์;The file contains malware! Do not download!
5 | th;Clean;ไม่มีมัลแวร์;The file does not contain any malware.
6 | th;Failed;ล้มเหลว;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_uk.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | uk;Unscanned;Не проскановано;The file is not yet scanned for malware.
3 | uk;Scanning;Сканування;The file is currently being scanned for malware.
4 | uk;Infected;Інфіковано;The file contains malware! Do not download!
5 | uk;Clean;Очистити;The file does not contain any malware.
6 | uk;Failed;Помилка;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_da.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | da;Unscanned;Ikke scannet;The file is not yet scanned for malware.
3 | da;Scanning;Scanner;The file is currently being scanned for malware.
4 | da;Infected;Inficeret;The file contains malware! Do not download!
5 | da;Clean;Ikke inficeret;The file does not contain any malware.
6 | da;Failed;Mislykkedes;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_hu.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | hu;Unscanned;Nincs beolvasva;The file is not yet scanned for malware.
3 | hu;Scanning;Beolvasás;The file is currently being scanned for malware.
4 | hu;Infected;Fertőzött;The file contains malware! Do not download!
5 | hu;Clean;Tisztítás;The file does not contain any malware.
6 | hu;Failed;Nem sikerült;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_nl.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | nl;Unscanned;Niet gescand;The file is not yet scanned for malware.
3 | nl;Scanning;Bezig met scannen;The file is currently being scanned for malware.
4 | nl;Infected;Geïnfecteerd;The file contains malware! Do not download!
5 | nl;Clean;Schoon;The file does not contain any malware.
6 | nl;Failed;Mislukt;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_pl.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | pl;Unscanned;Nie zeskanowano;The file is not yet scanned for malware.
3 | pl;Scanning;Skanowanie;The file is currently being scanned for malware.
4 | pl;Infected;Zainfekowane;The file contains malware! Do not download!
5 | pl;Clean;Czyste;The file does not contain any malware.
6 | pl;Failed;Niepowodzenie;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_sl.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | sl;Unscanned;Ni optično prebrano;The file is not yet scanned for malware.
3 | sl;Scanning;Optično branje;The file is currently being scanned for malware.
4 | sl;Infected;Okuženo;The file contains malware! Do not download!
5 | sl;Clean;Čisto;The file does not contain any malware.
6 | sl;Failed;Neuspešno;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_es_MX.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | es_MX;Unscanned;No escaneado;The file is not yet scanned for malware.
3 | es_MX;Scanning;Escaneando;The file is currently being scanned for malware.
4 | es_MX;Infected;Infectado;The file contains malware! Do not download!
5 | es_MX;Clean;Limpio;The file does not contain any malware.
6 | es_MX;Failed;Erróneo;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_fi.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | fi;Unscanned;Skannaamaton;The file is not yet scanned for malware.
3 | fi;Scanning;Skannataan;The file is currently being scanned for malware.
4 | fi;Infected;Tartunnan saanut;The file contains malware! Do not download!
5 | fi;Clean;Puhdistettu;The file does not contain any malware.
6 | fi;Failed;Epäonnistui;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_it.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | it;Unscanned;Non digitalizzato;The file is not yet scanned for malware.
3 | it;Scanning;Scansione in corso;The file is currently being scanned for malware.
4 | it;Infected;Infettato;The file contains malware! Do not download!
5 | it;Clean;Pulito;The file does not contain any malware.
6 | it;Failed;Non riuscito;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_vi.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | vi;Unscanned;Chưa quét được;The file is not yet scanned for malware.
3 | vi;Scanning;Đang quét;The file is currently being scanned for malware.
4 | vi;Infected;Bị nhiễm virus;The file contains malware! Do not download!
5 | vi;Clean;Dọn dẹp;The file does not contain any malware.
6 | vi;Failed;Không thành công;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/tests/incidents-app/db/data/sap.capire.incidents-Incidents.csv:
--------------------------------------------------------------------------------
1 | ID,customer_ID,title,urgency_code,status_code
2 | 3b23bb4b-4ac7-4a24-ac02-aa10cabd842c,1004155,Inverter not functional,H,C
3 | 3a4ede72-244a-4f5f-8efa-b17e032d01ee,1004161,No current on a sunny day,H,N
4 | 3ccf474c-3881-44b7-99fb-59a2a4668418,1004161,Strange noise when switching off Inverter,M,N
5 | 3583f982-d7df-4aad-ab26-301d4a157cd7,1004100,Solar panel broken,H,I
--------------------------------------------------------------------------------
/_i18n/i18n_ar.properties:
--------------------------------------------------------------------------------
1 | Attachment=\u0627\u0644\u0645\u0631\u0641\u0642
2 | Attachments=\u0627\u0644\u0645\u0631\u0641\u0642\u0627\u062A
3 | Note=\u0645\u0644\u0627\u062D\u0638\u0629
4 | ScanStatus=\u062D\u0627\u0644\u0629 \u0627\u0644\u0645\u0633\u062D \u0627\u0644\u0636\u0648\u0626\u064A
5 | FileName=\u0627\u0633\u0645 \u0627\u0644\u0645\u0644\u0641
6 | MediaType=\u0646\u0648\u0639 \u0627\u0644\u0648\u0633\u0627\u0626\u0637
7 |
--------------------------------------------------------------------------------
/_i18n/i18n_kk.properties:
--------------------------------------------------------------------------------
1 | Attachment=\u0422\u0456\u0440\u043A\u0435\u043C\u0435
2 | Attachments=\u0422\u0456\u0440\u043A\u0435\u043C\u0435\u043B\u0435\u0440
3 | Note=\u0415\u0441\u043A\u0435\u0440\u0442\u043F\u0435
4 | ScanStatus=\u0421\u043A\u0430\u043D\u0435\u0440\u043B\u0435\u0443 \u043A\u04AF\u0439\u0456
5 | FileName=\u0424\u0430\u0439\u043B \u0430\u0442\u044B
6 | MediaType=\u041C\u0435\u0434\u0438\u0430 \u0442\u04AF\u0440\u0456
7 |
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_de.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | de;Unscanned;Nicht gescannt;The file is not yet scanned for malware.
3 | de;Scanning;Wird gescannt...;The file is currently being scanned for malware.
4 | de;Infected;Mit Malware infiziert;The file contains malware! Do not download!
5 | de;Clean;Nicht infiziert;The file does not contain any malware.
6 | de;Failed;Fehlgeschlagen;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/_i18n/i18n_uk.properties:
--------------------------------------------------------------------------------
1 | Attachment=\u0412\u043A\u043B\u0430\u0434\u0435\u043D\u043D\u044F
2 | Attachments=\u0412\u043A\u043B\u0430\u0434\u0435\u043D\u043D\u044F
3 | Note=\u041D\u043E\u0442\u0430\u0442\u043A\u0430
4 | ScanStatus=\u0421\u043A\u0430\u043D\u0443\u0432\u0430\u0442\u0438 \u0441\u0442\u0430\u0442\u0443\u0441
5 | FileName=\u0406\u043C'\u044F \u0444\u0430\u0439\u043B\u0443
6 | MediaType=\u0422\u0438\u043F \u043D\u043E\u0441\u0456\u044F
7 |
--------------------------------------------------------------------------------
/_i18n/messages_en_US_saptrc.properties:
--------------------------------------------------------------------------------
1 | UnableToDownloadAttachmentScanStatusNotClean=Fd5f6aF2OYEZKK/LWyIi5w_Unable to download the attachment as scan status is not clean.
2 | AttachmentSizeExceeded=3I3sMIfKTdwgNCNEmLf5dg_File size limit exceeded beyond {0}.
3 | MultiUpdateNotSupported=pimjVEqTACSn9O40QJoGkg_Multi update is not supported.
4 | AttachmentMimeTypeDisallowed=awXEU6E9le2vOcUFbix5cA_The attachment file type '{mimeType}' is not allowed.
5 |
--------------------------------------------------------------------------------
/_i18n/i18n_th.properties:
--------------------------------------------------------------------------------
1 | Attachment=\u0E2A\u0E34\u0E48\u0E07\u0E17\u0E35\u0E48\u0E41\u0E19\u0E1A
2 | Attachments=\u0E2A\u0E34\u0E48\u0E07\u0E17\u0E35\u0E48\u0E41\u0E19\u0E1A
3 | Note=\u0E2B\u0E21\u0E32\u0E22\u0E40\u0E2B\u0E15\u0E38
4 | ScanStatus=\u0E2A\u0E16\u0E32\u0E19\u0E30\u0E01\u0E32\u0E23\u0E2A\u0E41\u0E01\u0E19
5 | FileName=\u0E0A\u0E37\u0E48\u0E2D\u0E44\u0E1F\u0E25\u0E4C
6 | MediaType=\u0E1B\u0E23\u0E30\u0E40\u0E20\u0E17\u0E2A\u0E37\u0E48\u0E2D
7 |
--------------------------------------------------------------------------------
/tests/incidents-app/app/incidents/package.json:
--------------------------------------------------------------------------------
1 | {
2 | "name": "incidents",
3 | "version": "0.0.1",
4 | "description": "A Fiori application.",
5 | "keywords": [
6 | "ui5",
7 | "openui5",
8 | "sapui5"
9 | ],
10 | "main": "webapp/index.html",
11 | "scripts": {
12 | "deploy-config": "npx -p @sap/ux-ui5-tooling fiori add deploy-config cf"
13 | },
14 | "devDependencies": { }
15 | }
16 |
--------------------------------------------------------------------------------
/tests/incidents-app/db/data/sap.capire.incidents-SingleTestDetails.csv:
--------------------------------------------------------------------------------
1 | ID,abc
2 | 877fc800-337e-495e-a497-c1a95fbfe6a3,My fancy text
3 | e1ab7f04-40d3-434a-a638-c14d40f2b52c,My fancy text
4 | d899ed80-7418-4d58-9772-b23db76fee8f,My fancy text
5 | f774c1a0-f9a6-45d5-be48-99cf8df388a2,My fancy text
6 | c5f57897-0c64-41f4-a303-dfad518a1512,My fancy text
7 | 0fb9eda6-2989-4e14-be17-bf0da71b5f55,My fancy text
8 | 27b34131-ffaa-4086-8e95-f1ed92f37768,My fancy text
--------------------------------------------------------------------------------
/_i18n/i18n_ru.properties:
--------------------------------------------------------------------------------
1 | Attachment=\u0412\u043B\u043E\u0436\u0435\u043D\u0438\u0435
2 | Attachments=\u0412\u043B\u043E\u0436\u0435\u043D\u0438\u044F
3 | Note=\u041F\u0440\u0438\u043C\u0435\u0447\u0430\u043D\u0438\u0435
4 | ScanStatus=\u0421\u0442\u0430\u0442\u0443\u0441 \u0441\u043A\u0430\u043D\u0438\u0440\u043E\u0432\u0430\u043D\u0438\u044F
5 | FileName=\u0418\u043C\u044F \u0444\u0430\u0439\u043B\u0430
6 | MediaType=\u0422\u0438\u043F \u043C\u0435\u0434\u0438\u0430
7 |
--------------------------------------------------------------------------------
/_i18n/i18n_bg.properties:
--------------------------------------------------------------------------------
1 | Attachment=\u041F\u0440\u0438\u043B\u043E\u0436\u0435\u043D\u0438\u0435
2 | Attachments=\u041F\u0440\u0438\u043B\u043E\u0436\u0435\u043D\u0438\u044F
3 | Note=\u0417\u0430\u0431\u0435\u043B\u0435\u0436\u043A\u0430
4 | ScanStatus=\u0421\u0442\u0430\u0442\u0443\u0441 \u043D\u0430 \u0441\u043A\u0430\u043D\u0438\u0440\u0430\u043D\u0435
5 | FileName=\u0418\u043C\u0435 \u043D\u0430 \u0444\u0430\u0439\u043B
6 | MediaType=\u0412\u0438\u0434 \u043C\u0435\u0434\u0438\u044F
7 |
--------------------------------------------------------------------------------
/_i18n/i18n_el.properties:
--------------------------------------------------------------------------------
1 | Attachment=\u03A3\u03C5\u03BD\u03B7\u03BC\u03BC\u03AD\u03BD\u03BF
2 | Attachments=\u03A3\u03C5\u03BD\u03B7\u03BC\u03BC\u03AD\u03BD\u03B1
3 | Note=\u03A3\u03B7\u03BC\u03B5\u03AF\u03C9\u03C3\u03B7
4 | ScanStatus=\u039A\u03B1\u03C4\u03AC\u03C3\u03C4\u03B1\u03C3\u03B7 \u03C3\u03AC\u03C1\u03C9\u03C3\u03B7\u03C2
5 | FileName=\u038C\u03BD\u03BF\u03BC\u03B1 \u03B1\u03C1\u03C7\u03B5\u03AF\u03BF\u03C5
6 | MediaType=\u03A4\u03CD\u03C0\u03BF\u03C2 \u03BC\u03AD\u03C3\u03C9\u03BD
7 |
--------------------------------------------------------------------------------
/db/data/sap.attachments-ScanStates_texts_en_US_saptrc.csv:
--------------------------------------------------------------------------------
1 | locale;code;name;descr
2 | 1Q;Unscanned;eSTpYD69gqffD/nemmlqrw_Unscanned;The file is not yet scanned for malware.
3 | 1Q;Scanning;n/MLAUe5tSbPPRJ4OCv0kg_Scanning;The file is currently being scanned for malware.
4 | 1Q;Infected;/DyuGaU0P9o641+KWJvIqg_Infected;The file contains malware! Do not download!
5 | 1Q;Clean;+88XPA+K97P+sUF4u6Wlhg_Clean;The file does not contain any malware.
6 | 1Q;Failed;znAdnNJgtbRvnh17AQu1IA_Failed;The file could not be scanned for malware.
--------------------------------------------------------------------------------
/.github/workflows/lint.yml:
--------------------------------------------------------------------------------
1 | name: Lint
2 |
3 | on:
4 | push:
5 | branches: [main]
6 | pull_request:
7 | types: [opened, synchronize, reopened, auto_merge_enabled]
8 |
9 | concurrency:
10 | group: lint-${{ github.workflow }}-${{ github.head_ref || github.run_id }}
11 | cancel-in-progress: true
12 |
13 | jobs:
14 | lint:
15 | runs-on: ubuntu-latest
16 | steps:
17 | - uses: actions/setup-node@v4
18 | - uses: actions/checkout@v4
19 | - run: npm i
20 | - run: npm run lint
--------------------------------------------------------------------------------
/_i18n/messages.properties:
--------------------------------------------------------------------------------
1 | UnableToDownloadAttachmentScanStatusNotClean=Unable to download the attachment as scan status is not clean.
2 | AttachmentSizeExceeded=File size exceeds the limit of {0}.
3 | MultiUpdateNotSupported=Multi update is not supported.
4 | AttachmentMimeTypeDisallowed=The attachment file type '{mimeType}' is not allowed.
5 | ContentLengthHeaderMissing=The 'Content-Length' header is missing or invalid.
6 | InvalidContentLengthHeader=The 'Content-Length' header value '{contentLength}' is invalid.
7 | AttachmentAlreadyExistsCannotBeOverwritten=Attachment {0} already exists and cannot be overwritten.
8 |
--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/bug_report.md:
--------------------------------------------------------------------------------
1 | ---
2 | name: Bug report
3 | about: Create a report to help us improve
4 | title: "[Version: ] "
5 | labels: bug
6 | assignees: ''
7 |
8 | ---
9 |
10 | **Describe the bug**
11 | A clear and concise description of what the bug is.
12 |
13 | **To Reproduce**
14 | Steps to reproduce the behavior:
15 |
16 | **Expected behavior**
17 | A clear and concise description of what you expected to happen.
18 |
19 | [ ] is it a regression issue?
20 |
21 | **Screenshots**
22 | If applicable, add screenshots to help explain your problem.
23 |
24 | **Customer Info**
25 | Company: xyz.
26 |
--------------------------------------------------------------------------------
/srv/malwareScanner.cds:
--------------------------------------------------------------------------------
1 | @protocol : 'none'
2 | service malwareScanner {
3 |
4 | event ScanAttachmentsFile {
5 | target: String; //CSN name of Attachments entity to scan
6 | keys: Map; //Key value pairs of attachments entity to scan
7 | };
8 |
9 | action scan(file: LargeBinary) returns {
10 | isMalware: Boolean;
11 | encryptedContentDetected: Boolean;
12 | scanSize: Integer;
13 | finding: String;
14 | /**
15 | * Returns "empty" if no type could be detected
16 | */
17 | mimeType: String;
18 | /**
19 | * SHA256 hash of file
20 | */
21 | hash: String;
22 | }
23 | }
--------------------------------------------------------------------------------
/.hyperspace/pull_request_bot.json:
--------------------------------------------------------------------------------
1 | {
2 | "$schema": "https://devops-insights-pr-bot.cfapps.eu10-004.hana.ondemand.com/schema/pull_request_bot.json",
3 | "features": {
4 | "control_panel": false,
5 | "summarize": {
6 | "auto_generate_summary": true,
7 | "auto_insert_summary": true,
8 | "auto_run_on_draft_pr": true,
9 | "use_custom_summarize_prompt": false,
10 | "use_custom_summarize_output_template": false,
11 | "use_tabular_summarize_output_template": false
12 | },
13 | "review": {
14 | "auto_generate_review": true,
15 | "auto_run_on_draft_pr": true,
16 | "use_custom_review_focus": false
17 | }
18 | }
19 | }
20 |
--------------------------------------------------------------------------------
/tests/incidents-app/db/data/sap.capire.incidents-Incidents.conversation.csv:
--------------------------------------------------------------------------------
1 | ID,up__ID,timestamp,author,message
2 | 2b23bb4b-4ac7-4a24-ac02-aa10cabd842c,3b23bb4b-4ac7-4a24-ac02-aa10cabd842c,1995-12-17T03:24:00Z,Harry John,Can you please check if battery connections are fine?
3 | 2b23bb4b-4ac7-4a24-ac02-aa10cabd843c,3a4ede72-244a-4f5f-8efa-b17e032d01ee,1995-12-18T04:24:00Z,Emily Elizabeth,Can you please check if there are any loose connections?
4 | 9583f982-d7df-4aad-ab26-301d4a157cd7,3583f982-d7df-4aad-ab26-301d4a157cd7,2022-09-04T12:00:00Z,Sunny Sunshine,Please check why the solar panel is broken
5 | 9583f982-d7df-4aad-ab26-301d4a158cd7,3ccf474c-3881-44b7-99fb-59a2a4668418,2022-09-04T13:00:00Z,Bradley Flowers,What exactly is wrong?
6 |
--------------------------------------------------------------------------------
/.github/workflows/prevent-issue-labeling.yml:
--------------------------------------------------------------------------------
1 | name: Prevent "New" Label on Issues
2 |
3 | permissions:
4 | issues: write
5 |
6 | on:
7 | issues:
8 | types: [labeled]
9 |
10 | jobs:
11 | remove_new_label:
12 | runs-on: ubuntu-latest
13 | steps:
14 | - name: Remove "New" label if applied by non-bot user
15 | if: >
16 | contains(github.event.issue.labels.*.name, 'New') &&
17 | github.event.label.name == 'New' &&
18 | github.event.sender.login != 'github-actions[bot]'
19 | env:
20 | GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
21 | GH_REPO: ${{ github.repository }}
22 | ISSUE_NUMBER: ${{ github.event.issue.number }}
23 | run: |
24 | gh issue edit "$ISSUE_NUMBER" --remove-label "New"
25 |
--------------------------------------------------------------------------------
/translation_v2.json:
--------------------------------------------------------------------------------
1 | {
2 | "collections": [
3 | {
4 | "collectionName": "cds",
5 | "folders": [
6 | {
7 | "startingFolderPath": "_i18n/**",
8 | "sourceFilters": ["*.properties"]
9 | }
10 | ]
11 | },
12 | {
13 | "collectionName": "attachments_data",
14 | "folders": [
15 | {
16 | "startingFolderPath": "/db/data",
17 | "targetFolderPath": "/db/data",
18 | "oneQFolderPath": "/db/data",
19 | "sourceFilters": ["**/*_texts.csv"]
20 | }
21 | ]
22 | }
23 | ],
24 | "defaultConfiguration": {
25 | "targetFolderPath": ".",
26 | "xlfFolderPath": "/.dummy/xlf",
27 | "oneQFolderPath": "/_i18n",
28 | "pseudoLocFolderPath": "/_i18n",
29 | "targetFileNamingConvention": "[filename]_[langCode].[extension]"
30 | }
31 | }
--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/feature_request.md:
--------------------------------------------------------------------------------
1 | ---
2 | name: Feature request
3 | about: Suggest an idea for this project
4 | title: ''
5 | labels: enhancement
6 | assignees: ''
7 |
8 | ---
9 |
10 | **Is your feature request related to a problem? Please describe.**
11 | A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
12 |
13 | **Describe the solution you'd like**
14 | A clear and concise description of what you want to happen.
15 |
16 | **Describe alternatives you've considered**
17 | A clear and concise description of any alternative solutions or features you've considered.
18 |
19 | **Additional context**
20 | Add any other context or screenshots about the feature request here.
21 |
22 | **Have you already checked existing issues before creating a feature request?**
23 | If you find same feature requests reported, upvote the issue (+1)
24 |
25 | **Customer Info**
26 | Company: xyz
27 |
--------------------------------------------------------------------------------
/.github/workflows/issue.yml:
--------------------------------------------------------------------------------
1 | name: Label issues
2 |
3 | permissions:
4 | issues: write
5 |
6 | on:
7 | issues:
8 | types:
9 | - opened
10 |
11 | jobs:
12 | label_issues:
13 | runs-on: ubuntu-latest
14 | steps:
15 | - run: gh issue edit "$NUMBER" --add-label "$LABELS"
16 | env:
17 | GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
18 | GH_REPO: ${{ github.repository }}
19 | NUMBER: ${{ github.event.issue.number }}
20 | LABELS: New
21 |
22 | - uses: actions/github-script@v8
23 | with:
24 | script: |
25 | github.rest.issues.createComment({
26 | issue_number: context.issue.number,
27 | owner: context.repo.owner,
28 | repo: context.repo.repo,
29 | body: `👋 Hello @${context.payload.issue.user.login}, thank you for submitting this issue. Our team is reviewing your report and will follow up with you as soon as possible.`
30 | })
--------------------------------------------------------------------------------
/tests/utils/api.js:
--------------------------------------------------------------------------------
1 | class RequestSend {
2 | constructor(post) {
3 | this.post = post
4 | }
5 | async draftModeEdit(serviceName, entityName, id, path) {
6 | try {
7 | // Create draft from active entity
8 | return await this.post(
9 | `odata/v4/${serviceName}/${entityName}(ID=${id},IsActiveEntity=true)/${path}.draftEdit`,
10 | {
11 | PreserveChanges: true,
12 | }
13 | )
14 | } catch (err) {
15 | return err
16 | }
17 | }
18 |
19 | async draftModeSave(serviceName, entityName, id, path) {
20 | try {
21 | // Prepare the draft
22 | await this.post(
23 | `odata/v4/${serviceName}/${entityName}(ID=${id},IsActiveEntity=false)/${path}.draftPrepare`,
24 | {
25 | SideEffectsQualifier: "",
26 | }
27 | )
28 |
29 | // Activate the draft
30 | return await this.post(
31 | `odata/v4/${serviceName}/${entityName}(ID=${id},IsActiveEntity=false)/${path}.draftActivate`,
32 | {}
33 | )
34 | } catch (err) {
35 | return err
36 | }
37 | }
38 | }
39 |
40 | module.exports = {
41 | RequestSend,
42 | }
43 |
--------------------------------------------------------------------------------
/lib/csn-runtime-extension.js:
--------------------------------------------------------------------------------
1 | const cds = require('@sap/cds')
2 |
3 | function collectAttachments(ent, resultSet = [], path = []) {
4 | if (!ent.compositions) return resultSet
5 | for (const ele of Object.keys(ent.compositions)) {
6 | const target = ent.compositions[ele]._target
7 | const newPath = [...path, ele]
8 | if (target?.["@_is_media_data"]) {
9 | resultSet.push(newPath)
10 | }
11 | if (target && target !== ent) collectAttachments(target, resultSet, newPath)
12 | }
13 | return resultSet
14 | }
15 |
16 | Object.defineProperty(cds.builtin.classes.entity.prototype, '_attachments', {
17 | get() {
18 | const entity = this;
19 | return {
20 | get hasAttachmentsComposition() {
21 | return entity.compositions && Object.keys(entity.compositions).some(ele => entity.compositions[ele]._target?.["@_is_media_data"] || entity.compositions[ele]._target?._attachments?.hasAttachmentsComposition)
22 | },
23 | get attachmentCompositions() {
24 | return collectAttachments(entity)
25 | },
26 | get isAttachmentsEntity() {
27 | return !!entity?.["@_is_media_data"]
28 | }
29 | }
30 | },
31 | })
32 |
--------------------------------------------------------------------------------
/tests/incidents-app/package.json:
--------------------------------------------------------------------------------
1 | {
2 | "name": "@capire/incidents",
3 | "version": "1.0.0",
4 | "dependencies": {
5 | "@cap-js/attachments": "file:../../.",
6 | "@cap-js/hana": "2.3.4"
7 | },
8 | "cds": {
9 | "log": {
10 | "levels": {
11 | "cds": "info"
12 | }
13 | },
14 | "requires": {
15 | "auth": {
16 | "[development]": {
17 | "users": {
18 | "alice": {
19 | "roles": [
20 | "support",
21 | "admin"
22 | ]
23 | },
24 | "bob": {
25 | "roles": [
26 | "support"
27 | ]
28 | }
29 | }
30 | },
31 | "[hybrid]": {
32 | "kind": "mocked",
33 | "users": {
34 | "alice": {
35 | "roles": [
36 | "support",
37 | "admin"
38 | ]
39 | },
40 | "bob": {
41 | "roles": [
42 | "support"
43 | ]
44 | }
45 | }
46 | }
47 | }
48 | }
49 | },
50 | "private": true
51 | }
52 |
--------------------------------------------------------------------------------
/tests/incidents-app/app/incidents/webapp/index.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 | Incident-Management
8 |
13 |
25 |
26 |
27 |
34 |
35 |
36 |
--------------------------------------------------------------------------------
/tests/incidents-app/srv/services.js:
--------------------------------------------------------------------------------
1 | const cds = require('@sap/cds')
2 |
3 | class ProcessorService extends cds.ApplicationService {
4 | /** Registering custom event handlers */
5 | init() {
6 | const res = super.init()
7 | this.prepend(() =>
8 | this.on('PUT', this.entities['SampleRootWithComposedEntity.attachments'].drafts, async (req, next) => {
9 | cds.log('overwrite-put-handler').info('Overwritten PUT handler called')
10 | return next()
11 | })
12 | )
13 |
14 | this.before('UPDATE', 'Incidents', req => this.onUpdate(req))
15 | this.before(['CREATE', 'UPDATE'], 'Incidents', req => this.changeUrgencyDueToSubject(req.data))
16 | return res;
17 | }
18 |
19 | changeUrgencyDueToSubject(data) {
20 | if (data) {
21 | const incidents = Array.isArray(data) ? data : [data]
22 | incidents.forEach(incident => {
23 | if (incident.title?.toLowerCase().includes('urgent')) {
24 | incident.urgency = { code: 'H', descr: 'High' }
25 | }
26 | })
27 | }
28 | }
29 |
30 | /** Custom Validation */
31 | async onUpdate(req) {
32 | const { status_code } = await SELECT.one(req.subject, i => i.status_code).where({ ID: req.data.ID })
33 | if (status_code === 'C') {
34 | return req.reject(`Can't modify a closed incident`)
35 | }
36 | }
37 | }
38 |
39 | module.exports = { ProcessorService }
40 |
--------------------------------------------------------------------------------
/srv/object-store.js:
--------------------------------------------------------------------------------
1 | const cds = require("@sap/cds")
2 | const LOG = cds.log('attachments')
3 |
4 | module.exports = class RemoteAttachmentsService extends require("./basic") {
5 |
6 | clientsCache = new Map()
7 | isMultiTenancyEnabled = !!cds.env.requires.multitenancy
8 | objectStoreKind = cds.env.requires?.attachments?.objectStore?.kind
9 | separateObjectStore = this.isMultiTenancyEnabled && this.objectStoreKind === "separate"
10 |
11 | init() {
12 | LOG.debug(`${this.constructor.name} initialization`, {
13 | multiTenancy: this.isMultiTenancyEnabled,
14 | objectStoreKind: this.objectStoreKind,
15 | separateObjectStore: this.separateObjectStore,
16 | attachmentsConfig: {
17 | kind: cds.env.requires?.attachments?.kind,
18 | scan: cds.env.requires?.attachments?.scan
19 | }
20 | })
21 |
22 | return super.init()
23 | }
24 |
25 | /**
26 | * @inheritdoc
27 | */
28 | registerHandlers(srv) {
29 | srv.before(
30 | "DELETE",
31 | (req) => {
32 | if (!req.target.isDraft || !req.target._attachments.isAttachmentsEntity) return;
33 | return this.attachDraftDeletionData.bind(this)(req)
34 | }
35 | )
36 | srv.after(
37 | "DELETE",
38 | (res, req) => {
39 | if (!req.target.isDraft || !req.target._attachments.isAttachmentsEntity) return;
40 | return this.deleteAttachmentsWithKeys.bind(this)(res, req)
41 | }
42 | )
43 | }
44 | }
45 |
--------------------------------------------------------------------------------
/tests/incidents-app/db/attachments.cds:
--------------------------------------------------------------------------------
1 | using {sap.capire.incidents as my} from './schema';
2 | using {Attachments} from '@cap-js/attachments';
3 |
4 | extend my.Incidents with {
5 | attachments : Composition of many Attachments;
6 | @attachments.disable_facet
7 | hiddenAttachments : Composition of many Attachments;
8 |
9 | @UI.Hidden
10 | hiddenAttachments2 : Composition of many Attachments;
11 |
12 | @UI.Hidden
13 | mediaTypeAttachments : Composition of many Attachments;
14 | }
15 |
16 | annotate my.Incidents.hiddenAttachments with {
17 | content @Validation.Maximum: '2MB';
18 | }
19 |
20 | annotate my.Incidents.mediaTypeAttachments with {
21 | content @Core.AcceptableMediaTypes: ['image/jpeg'];
22 | }
23 |
24 | @UI.Facets: [{
25 | $Type : 'UI.ReferenceFacet',
26 | Target: 'attachments/@UI.LineItem',
27 | Label : 'My custom attachments',
28 | }]
29 | extend my.Customers with {
30 | attachments : Composition of many Attachments;
31 | }
32 |
33 | extend my.SampleRootWithComposedEntity with {
34 | attachments : Composition of many Attachments;
35 | }
36 |
37 | extend my.Test with {
38 | attachments: Composition of many Attachments;
39 | }
40 |
41 | extend my.TestDetails with {
42 | attachments: Composition of many Attachments;
43 | }
44 |
45 | extend my.NonDraftTest with {
46 | attachments: Composition of many Attachments;
47 | }
48 |
49 | extend my.SingleTestDetails with {
50 | attachments : Composition of many Attachments;
51 | }
--------------------------------------------------------------------------------
/.github/workflows/release.yml:
--------------------------------------------------------------------------------
1 | name: Release
2 |
3 | on:
4 | workflow_dispatch:
5 | inputs:
6 | previous-tag:
7 | description: "Previous tag (optional)"
8 | required: false
9 | type: choice
10 | default: "latest"
11 | options:
12 | - "latest"
13 | - "previous"
14 | - "beta"
15 |
16 | permissions:
17 | contents: write
18 | id-token: write
19 |
20 | jobs:
21 | publish-npm:
22 | runs-on: ubuntu-latest
23 | environment: npm
24 | steps:
25 | - uses: actions/checkout@v4
26 | - uses: actions/setup-node@v4
27 | with:
28 | node-version: 24
29 | registry-url: https://registry.npmjs.org/
30 |
31 | - name: Run Tests
32 | run: |
33 | npm install
34 | npm run lint
35 | cd tests/incidents-app && npm install
36 | cd ../..
37 | npm run test
38 |
39 | - name: get-version
40 | id: package-version
41 | uses: martinbeentjes/npm-get-version-action@v1.2.3
42 | - name: Parse changelog
43 | id: parse-changelog
44 | uses: schwma/parse-changelog-action@v1.0.0
45 | with:
46 | version: "${{ steps.package-version.outputs.current-version }}"
47 | - name: Create a GitHub release
48 | uses: ncipollo/release-action@v1
49 | with:
50 | tag: "v${{ steps.package-version.outputs.current-version }}"
51 | body: "${{ steps.parse-changelog.outputs.body }}"
52 | - run: npm publish --access public --provenance --tag ${{ github.event.inputs.previous-tag }}
53 |
--------------------------------------------------------------------------------
/tests/incidents-app/srv/services.cds:
--------------------------------------------------------------------------------
1 | using { sap.capire.incidents as my } from '../db/schema';
2 |
3 | /**
4 | * Service used by support personell, i.e. the incidents' 'processors'.
5 | */
6 | service ProcessorService {
7 | @cds.redirection.target
8 | entity Incidents as projection on my.Incidents;
9 |
10 | entity Customers @readonly as projection on my.Customers;
11 |
12 | @odata.draft.enabled
13 | entity SampleRootWithComposedEntity as projection on my.SampleRootWithComposedEntity;
14 |
15 | @odata.draft.enabled
16 | entity Test as projection on my.Test;
17 |
18 | entity TestDetails as projection on my.TestDetails;
19 |
20 | entity NonDraftTest as projection on my.NonDraftTest;
21 |
22 | entity SingleTestDetails as projection on my.SingleTestDetails;
23 | }
24 |
25 | /**
26 | * Service used by administrators to manage customers and incidents.
27 | */
28 | service AdminService {
29 | entity Customers as projection on my.Customers;
30 | entity Incidents as projection on my.Incidents;
31 | }
32 |
33 | service RestrictionService {
34 | @(restrict: [
35 | {
36 | grant: '*',
37 | to: 'admin',
38 | where: 'title = ''ABC'''
39 | }
40 | ])
41 | entity Incidents as projection on my.Incidents;
42 |
43 | @(restrict: [
44 | {
45 | grant: '*',
46 | to: 'admin',
47 | where: 'title = ''ABC'''
48 | }
49 | ])
50 | @odata.draft.enabled
51 | @cds.redirection.target
52 | entity DraftIcidents as projection on my.Incidents;
53 | }
54 |
55 | annotate ProcessorService.Incidents with @odata.draft.enabled;
56 | annotate ProcessorService with @(requires: 'support');
57 | annotate AdminService with @(requires: 'admin');
58 |
--------------------------------------------------------------------------------
/tests/utils/testUtils.js:
--------------------------------------------------------------------------------
1 | const cds = require('@sap/cds')
2 |
3 | /**
4 | * Waits for attachment scanning to complete
5 | * @param {number} timeout - Timeout in milliseconds (default: 5000)
6 | * @returns {Promise}
7 | */
8 | async function delay(timeout = 1000) {
9 | return new Promise(resolve => setTimeout(resolve, timeout))
10 | }
11 |
12 | async function waitForScanStatus(status, attachmentID) {
13 | const db = await cds.connect.to('db')
14 | return new Promise((resolve) => {
15 | let resolved = false
16 | const handler = (_res, req) => {
17 | // Skip if already resolved to prevent memory buildup
18 | if (resolved) return
19 |
20 | if (
21 | req.event === 'UPDATE' && req.query.UPDATE.data.status &&
22 | req.query.UPDATE.data.status === status && req.target.name.includes('.attachments') &&
23 | (
24 | !attachmentID ||
25 | (req.query.UPDATE.entity.ref.at(-1).where && req.query.UPDATE.entity.ref.at(-1).where.some(e => e.val && e.val === attachmentID)) ||
26 | (req.query.UPDATE.where && req.query.UPDATE.where.some(e => e.val && e.val === attachmentID)))
27 | ) {
28 | resolved = true
29 | resolve(req.query.UPDATE.where || req.query.UPDATE.entity.ref)
30 | }
31 | }
32 | db.after('*', handler)
33 | })
34 | }
35 |
36 | /**
37 | *
38 | * @returns Incident ID
39 | */
40 | async function newIncident(POST, serviceName, payload = {
41 | title : `Incident ${Math.floor(Math.random() * 1000)}`,
42 | customer_ID: '1004155'
43 | }) {
44 | try {
45 | // Create draft from active entity
46 | const res = await POST(
47 | `odata/v4/${serviceName}/Incidents`,
48 | payload
49 | );
50 | return res.data.ID;
51 | } catch (err) {
52 | return err
53 | }
54 | }
55 |
56 | module.exports = {
57 | delay, waitForScanStatus, newIncident
58 | }
59 |
--------------------------------------------------------------------------------
/REUSE.toml:
--------------------------------------------------------------------------------
1 | version = 1
2 | SPDX-PackageName = "attachments"
3 | SPDX-PackageSupplier = "The CAP team "
4 | SPDX-PackageDownloadLocation = "https://github.com/cap-js/attachments"
5 | SPDX-PackageComment = "The code in this project may include calls to APIs (\"API Calls\") of\n SAP or third-party products or services developed outside of this project\n (\"External Products\").\n \"APIs\" means application programming interfaces, as well as their respective\n specifications and implementing code that allows software to communicate with\n other software.\n API Calls to External Products are not licensed under the open source license\n that governs this project. The use of such API Calls and related External\n Products are subject to applicable additional agreements with the relevant\n provider of the External Products. In no event shall the open source license\n that governs this project grant any rights in or to any External Products,or\n alter, expand or supersede any terms of the applicable additional agreements.\n If you have a valid license agreement with SAP for the use of a particular SAP\n External Product, then you may make use of any API Calls included in this\n project's code for that SAP External Product, subject to the terms of such\n license agreement. If you do not have a valid license agreement for the use of\n a particular SAP External Product, then you may only make use of any API Calls\n in this project for that SAP External Product for your internal, non-productive\n and non-commercial test and evaluation of such API Calls. Nothing herein grants\n you any rights to use or access any SAP External Product, or provide any third\n parties the right to use of access any SAP External Product, through API Calls."
6 |
7 | [[annotations]]
8 | path = "**"
9 | precedence = "aggregate"
10 | SPDX-FileCopyrightText = "2024 SAP SE or an SAP affiliate company and attachments contributors."
11 | SPDX-License-Identifier = "Apache-2.0"
12 |
--------------------------------------------------------------------------------
/tests/non-draft-request.http:
--------------------------------------------------------------------------------
1 | @host = http://localhost:4004
2 | @auth = Basic YWxpY2U6d29uZGVybGFuZA==
3 |
4 | // Send the requests sequentially to avoid any conflicts
5 |
6 | ### Get list of all incidents
7 | # @name incidents
8 | GET {{host}}/odata/v4/admin/Incidents
9 | Authorization: {{auth}}
10 |
11 | ### Creating attachment (metadata request)
12 | @incidentsID = {{incidents.response.body.value[2].ID}}
13 | # @name createAttachment
14 | POST {{host}}/odata/v4/admin/Incidents({{incidentsID}})/attachments
15 | Authorization: {{auth}}
16 | Content-Type: application/json
17 |
18 | {
19 | "filename": "sample-1.jpg"
20 | }
21 |
22 | ### Put attachment content (content request)
23 | @attachmentsID = {{createAttachment.response.body.ID}}
24 | PUT {{host}}/odata/v4/admin/Incidents({{incidentsID}})/attachments(ID={{attachmentsID}})/content
25 | Authorization: {{auth}}
26 | Content-Type: image/jpeg
27 |
28 | < ./integration/content/sample-1.jpg
29 |
30 | ### Test if we can overwrite attachment content
31 | PUT {{host}}/odata/v4/admin/Incidents({{incidentsID}})/attachments(ID={{attachmentsID}})/content
32 | Authorization: {{auth}}
33 | Content-Type: application/pdf
34 |
35 | < ./integration/content/sample.pdf
36 |
37 | ### Get newly created attachment metadata
38 | GET {{host}}/odata/v4/admin/Incidents({{incidentsID}})/attachments(ID={{attachmentsID}})
39 | Authorization: {{auth}}
40 |
41 | ### Fetching newly created attachment content
42 | GET {{host}}/odata/v4/admin/Incidents({{incidentsID}})/attachments(ID={{attachmentsID}})/content
43 | Authorization: {{auth}}
44 |
45 | ### Get list of attachments for a particular incident
46 | # @name attachments
47 | GET {{host}}/odata/v4/admin/Incidents(ID={{incidentsID}})/attachments
48 | Authorization: {{auth}}
49 |
50 | ### Get attachments content
51 | GET {{host}}/odata/v4/admin/Incidents({{incidentsID}})/attachments(ID={{attachmentsID}})/content
52 | Authorization: {{auth}}
53 |
54 | ### Get attachments content with up__ID included
55 | GET {{host}}/odata/v4/admin/Incidents({{incidentsID}})/attachments(up__ID={{incidentsID}},ID={{attachmentsID}})/content
56 | Authorization: {{auth}}
57 |
58 | ### Put attachment content (content request) with up__ID included
59 | PUT {{host}}/odata/v4/admin/Incidents({{incidentsID}})/attachments(up__ID={{incidentsID}},ID={{attachmentsID}})/content
60 | Authorization: {{auth}}
61 | Content-Type: image/jpeg
62 |
63 | < ./integration/content/sample-1.jpg
64 |
65 | ### Delete attachment
66 | DELETE {{host}}/odata/v4/admin/Incidents({{incidentsID}})/attachments(ID={{attachmentsID}})
67 | Authorization: {{auth}}
--------------------------------------------------------------------------------
/.github/workflows/test.yml:
--------------------------------------------------------------------------------
1 | name: CI
2 |
3 | on:
4 | workflow_dispatch:
5 | push:
6 | branches: [main]
7 | pull_request_target:
8 | branches: [main]
9 | types: [reopened, synchronize, opened]
10 |
11 | jobs:
12 | requires-approval:
13 | runs-on: ubuntu-latest
14 | name: "Waiting for PR approval as this workflow runs on pull_request_target"
15 | if: github.event_name == 'pull_request_target' && github.event.pull_request.base.user.login != 'cap-js'
16 | environment: pr-approval
17 | steps:
18 | - name: Approval Step
19 | run: echo "This job has been approved!"
20 | test:
21 | runs-on: ubuntu-latest
22 | needs: requires-approval
23 | if: always() && (needs.requires-approval.result == 'success' || needs.requires-approval.result == 'skipped')
24 | strategy:
25 | fail-fast: false
26 | matrix:
27 | node-version: [20.x, 22.x]
28 | steps:
29 | - uses: actions/checkout@v5
30 | with:
31 | ref: ${{ github.event.pull_request.head.sha || github.sha }}
32 | - name: Use Node.js ${{ matrix.node-version }}
33 | uses: actions/setup-node@v2
34 | with:
35 | node-version: ${{ matrix.node-version }}
36 | - run: npm i -g @sap/cds-dk
37 | - run: npm i
38 | - run: cd tests/incidents-app && npm i
39 | - run: npm run test
40 |
41 | integration-tests:
42 | runs-on: ubuntu-latest
43 | needs: requires-approval
44 | if: always() && (needs.requires-approval.result == 'success' || needs.requires-approval.result == 'skipped')
45 | name: Integration Tests on Node.js ${{ matrix['node-version'] }} with ${{ matrix.hyperscaler }} and ${{ matrix['scanner-auth'] }} scanner auth
46 | strategy:
47 | fail-fast: false
48 | matrix:
49 | node-version: [20.x, 22.x]
50 | hyperscaler: [AWS, AZURE, GCP]
51 | scanner-auth: [basic, mtls]
52 | steps:
53 | - name: Checkout repository
54 | uses: actions/checkout@v5
55 | with:
56 | ref: ${{ github.event.pull_request.head.sha || github.sha }}
57 | - name: Integration tests
58 | uses: ./.github/actions/integration-tests
59 | with:
60 | CF_API: ${{ secrets[format('CF_API_{0}', matrix.hyperscaler)] }}
61 | CF_USERNAME: ${{ secrets['CF_USERNAME'] }}
62 | CF_PASSWORD: ${{ secrets['CF_PASSWORD'] }}
63 | CF_ORG: ${{ secrets[format('CF_ORG_{0}', matrix.hyperscaler)] }}
64 | CF_SPACE: ${{ secrets[format('CF_SPACE_{0}', matrix.hyperscaler)] }}
65 | OBJECT_STORE_KIND: ${{ vars[format('OBJECT_STORE_KIND_{0}', matrix.hyperscaler)] }}
66 | NODE_VERSION: ${{ matrix.node-version }}
67 | SCANNER_AUTH: ${{ matrix.scanner-auth }}
68 |
--------------------------------------------------------------------------------
/tests/incidents-app/db/schema.cds:
--------------------------------------------------------------------------------
1 | using {
2 | cuid,
3 | managed,
4 | sap.common.CodeList
5 | } from '@sap/cds/common';
6 |
7 | namespace sap.capire.incidents;
8 |
9 | /**
10 | * Customers using products sold by our company.
11 | * Customers can create support Incidents.
12 | */
13 | entity Customers : managed {
14 | key ID : String;
15 | firstName : String;
16 | lastName : String;
17 | name : String = firstName || ' ' || lastName;
18 | email : EMailAddress;
19 | phone : PhoneNumber;
20 | creditCardNo : String(16) @assert.format: '^[1-9]\d{15}$';
21 | addresses : Composition of many Addresses
22 | on addresses.customer = $self;
23 | incidents : Association to many Incidents
24 | on incidents.customer = $self;
25 | }
26 |
27 | entity Addresses : cuid, managed {
28 | customer : Association to Customers;
29 | city : String;
30 | postCode : String;
31 | streetAddress : String;
32 | }
33 |
34 |
35 | /**
36 | * Incidents created by Customers.
37 | */
38 | entity Incidents : cuid, managed {
39 | customer : Association to Customers;
40 | title : String @title: 'Title';
41 | urgency : Association to Urgency default 'M';
42 | status : Association to Status default 'N';
43 | conversation : Composition of many {
44 | key ID : UUID;
45 | timestamp : type of managed : createdAt;
46 | author : type of managed : createdBy;
47 | message : String;
48 | };
49 | }
50 |
51 | entity Status : CodeList {
52 | key code : String enum {
53 | new = 'N';
54 | assigned = 'A';
55 | in_process = 'I';
56 | on_hold = 'H';
57 | resolved = 'R';
58 | closed = 'C';
59 | };
60 | criticality : Integer;
61 | }
62 |
63 | entity Urgency : CodeList {
64 | key code : String enum {
65 | high = 'H';
66 | medium = 'M';
67 | low = 'L';
68 | };
69 | }
70 |
71 | type EMailAddress : String;
72 | type PhoneNumber : String;
73 |
74 |
75 | entity SampleRootWithComposedEntity {
76 | key sampleID : String;
77 | key gjahr : Integer;
78 | }
79 |
80 | entity Test : cuid, managed {
81 | key ID : String;
82 | name : String;
83 | details : Composition of many TestDetails on details.test = $self;
84 | }
85 |
86 | entity TestDetails : cuid, managed {
87 | test : Association to Test;
88 | description : String;
89 | }
90 |
91 | entity NonDraftTest : cuid, managed {
92 | key ID : String;
93 | name : String;
94 | singledetails : Composition of one SingleTestDetails;
95 | }
96 |
97 | entity SingleTestDetails : cuid {
98 | abc: String;
99 | }
100 |
--------------------------------------------------------------------------------
/tests/unit/validateAttachmentSize.test.js:
--------------------------------------------------------------------------------
1 | require('../../lib/csn-runtime-extension')
2 | const cds = require('@sap/cds');
3 | const path = require("path")
4 | const app = path.join(__dirname, "../incidents-app")
5 | const { axios, POST } = cds.test(app)
6 | const fs = require('fs/promises')
7 | const { validateAttachmentSize } = require('../../lib/generic-handlers');
8 | const { newIncident } = require('../utils/testUtils');
9 |
10 | describe('validateAttachmentSize', () => {
11 | axios.defaults.auth = { username: "alice" }
12 |
13 | it('should pass validation for a file size under 400 MB', async () => {
14 | const incidentID = await newIncident(POST, 'admin')
15 | const responseCreate = await POST(
16 | `/odata/v4/admin/Incidents(${incidentID})/attachments`,
17 | { filename: 'sample.pdf' },
18 | { headers: { "Content-Type": "application/json" } }
19 | )
20 |
21 | const fileContent = await fs.readFile(
22 | path.join(__dirname, "..", "integration", 'content/sample.pdf')
23 | )
24 |
25 | const response = await axios.put(
26 | `/odata/v4/admin/Incidents(${incidentID})/attachments(up__ID=${incidentID},ID=${responseCreate.data.ID})/content`,
27 | fileContent,
28 | {
29 | headers: {
30 | "Content-Type": "application/pdf",
31 | "Content-Length": fileContent.length,
32 | },
33 | }
34 | )
35 |
36 | expect(response.status).toEqual(204)
37 | })
38 |
39 | it('should reject for a file size over 400 MB', async () => {
40 | const req = {
41 | headers: { 'content-length': '20480000000' },
42 | data: { content: 'abc' },
43 | target: cds.model.definitions['AdminService.Incidents'].elements.attachments._target,
44 | reject: jest.fn(), // Mocking the reject function
45 | }
46 | validateAttachmentSize(req)
47 | expect(req.reject).toHaveBeenCalledWith({ "args": ["400MB"], "message": "AttachmentSizeExceeded", "status": 413 })
48 | })
49 |
50 | it('should reject for a file size over Validation.Maximum MB', async () => {
51 | const req = {
52 | headers: { 'content-length': '20480000000' },
53 | data: { content: 'abc' },
54 | target: cds.model.definitions['AdminService.Incidents'].elements.hiddenAttachments._target,
55 | reject: jest.fn(), // Mocking the reject function
56 | }
57 | validateAttachmentSize(req)
58 | expect(req.reject).toHaveBeenCalledWith({ "args": ["2MB"], "message": "AttachmentSizeExceeded", "status": 413 })
59 | })
60 |
61 | it('should reject when Content-Length header is missing', async () => {
62 | const req = {
63 | headers: {}, // No content-length header
64 | data: { content: 'abc' },
65 | target: cds.model.definitions['AdminService.Incidents'].elements.attachments._target,
66 | reject: jest.fn(), // Mocking the reject function
67 | }
68 | validateAttachmentSize(req)
69 | expect(req.reject).toHaveBeenCalledWith(411, 'ContentLengthHeaderMissing')
70 | })
71 | })
--------------------------------------------------------------------------------
/CONTRIBUTING.md:
--------------------------------------------------------------------------------
1 | # Contributing
2 |
3 | ## Code of Conduct
4 |
5 | All members of the project community must abide by the [Contributor Covenant, version 2.1](CODE_OF_CONDUCT.md).
6 | Only by respecting each other we can develop a productive, collaborative community.
7 | Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting [a project maintainer](.reuse/dep5).
8 |
9 | ## Engaging in Our Project
10 |
11 | We use GitHub to manage reviews of pull requests.
12 |
13 | * If you are a new contributor, see: [Steps to Contribute](#steps-to-contribute)
14 |
15 | * Before implementing your change, create an issue that describes the problem you would like to solve or the code that should be enhanced. Please note that you are willing to work on that issue.
16 |
17 | * The team will review the issue and decide whether it should be implemented as a pull request. In that case, they will assign the issue to you. If the team decides against picking up the issue, the team will post a comment with an explanation.
18 |
19 | ## Steps to Contribute
20 |
21 | Should you wish to work on an issue, please claim it first by commenting on the GitHub issue that you want to work on. This is to prevent duplicated efforts from other contributors on the same issue.
22 |
23 | If you have questions about one of the issues, please comment on them, and one of the maintainers will clarify.
24 |
25 | ## Local development setup
26 |
27 | `./tests/incidents-app/` contains a working sample with which the plugin can be locally tested and which is used by the integration tests.
28 |
29 | `cd ./tests/incidents-app/` into the app and run `cds watch` within the folder to have the Incidents app running but with the local version of the plugin.
30 |
31 | If you want to test your implementation against the BTP Object Store or the Malware Scanning Service, use [`cds bind`](https://cap.cloud.sap/docs/advanced/hybrid-testing) and run with `cds watch --profile hybrid` to test those changes.
32 |
33 | If you are prompted locally for authentication use CAPs local development mock values of "alice" and "1234".
34 |
35 | ## Contributing Code or Documentation
36 |
37 | You are welcome to contribute code in order to fix a bug or to implement a new feature that is logged as an issue.
38 |
39 | The following rule governs code contributions:
40 |
41 | * Contributions must be licensed under the [Apache 2.0 License](./LICENSE)
42 | * Due to legal reasons, contributors will be asked to accept a Developer Certificate of Origin (DCO) when they create the first pull request to this project. This happens in an automated fashion during the submission process. SAP uses [the standard DCO text of the Linux Foundation](https://developercertificate.org/).
43 |
44 | ## Issues and Planning
45 |
46 | * We use GitHub issues to track bugs and enhancement requests.
47 |
48 | * Please provide as much context as possible when you open an issue. The information you provide must be comprehensive enough to reproduce that issue for the assignee.
49 |
--------------------------------------------------------------------------------
/db/index.cds:
--------------------------------------------------------------------------------
1 | // The common root-level aspect used in applications like that:
2 | // using { Attachments } from '@cap-js/attachments'
3 | aspect Attachments : sap.attachments.Attachments {}
4 |
5 | using {
6 | managed,
7 | cuid,
8 | sap.common.CodeList
9 | } from '@sap/cds/common';
10 |
11 | context sap.attachments {
12 |
13 | aspect MediaData @(_is_media_data) {
14 | url : String @UI.Hidden;
15 | content : LargeBinary @title: '{i18n>Attachment}'; // only for db-based services
16 | mimeType : String default 'application/octet-stream' @title: '{i18n>MediaType}';
17 | filename : String @title: '{i18n>FileName}';
18 | hash : String @UI.Hidden @Core.Computed;
19 | status : String @title: '{i18n>ScanStatus}' default 'Unscanned' @Common.Text: statusNav.name @Common.TextArrangement: #TextOnly;
20 | statusNav : Association to one ScanStates
21 | on statusNav.code = status;
22 | }
23 |
24 | entity ScanStates : CodeList {
25 | key code : String(32) @Common.Text: name @Common.TextArrangement: #TextOnly enum {
26 | Unscanned;
27 | Scanning;
28 | Infected;
29 | Clean;
30 | Failed;
31 | };
32 | name : localized String(64) @title: '{i18n>ScanStatus}';
33 | criticality : Integer @UI.Hidden;
34 | }
35 |
36 | aspect Attachments : cuid, managed, MediaData {
37 | note : String @title: '{i18n>Note}';
38 | }
39 |
40 |
41 | // -- Fiori Annotations ----------------------------------------------------------
42 |
43 | annotate MediaData with @UI.MediaResource: {Stream: content} {
44 | content @Core.MediaType: mimeType @odata.draft.skip;
45 | mimeType @Core.IsMediaType;
46 | status @readonly;
47 | }
48 |
49 | annotate Attachments with @UI: {
50 | HeaderInfo: {
51 | TypeName : '{i18n>Attachment}',
52 | TypeNamePlural: '{i18n>Attachments}',
53 | },
54 | LineItem : [
55 | {
56 | Value : content,
57 | @HTML5.CssDefaults: {width: '30%'}
58 | },
59 | {
60 | Value : status,
61 | Criticality : statusNav.criticality,
62 | @HTML5.CssDefaults: {width: '10%'}
63 | },
64 | {
65 | Value : createdAt,
66 | @HTML5.CssDefaults: {width: '20%'}
67 | },
68 | {
69 | Value : createdBy,
70 | @HTML5.CssDefaults: {width: '15%'}
71 | },
72 | {
73 | Value : note,
74 | @HTML5.CssDefaults: {width: '25%'}
75 | }
76 | ],
77 | } @Capabilities: {SortRestrictions: {NonSortableProperties: [content]}} {
78 | content
79 | @Core.ContentDisposition: {
80 | Filename: filename,
81 | Type : 'inline'
82 | }
83 | }
84 |
85 | }
86 |
--------------------------------------------------------------------------------
/package.json:
--------------------------------------------------------------------------------
1 | {
2 | "name": "@cap-js/attachments",
3 | "description": "CAP cds-plugin providing image and attachment storing out-of-the-box.",
4 | "version": "3.5.0",
5 | "repository": "cap-js/attachments",
6 | "author": "SAP SE (https://www.sap.com)",
7 | "homepage": "https://cap.cloud.sap/",
8 | "license": "Apache-2.0",
9 | "main": "cds-plugin.js",
10 | "files": [
11 | "index.cds",
12 | "_i18n",
13 | "lib",
14 | "db",
15 | "srv"
16 | ],
17 | "scripts": {
18 | "lint": "npx eslint .",
19 | "test": "npx jest --silent=true"
20 | },
21 | "dependencies": {
22 | "@aws-sdk/client-s3": "^3.918.0",
23 | "@aws-sdk/lib-storage": "^3.918.0",
24 | "@azure/storage-blob": "^12.29.1",
25 | "@google-cloud/storage": "^7.17.3",
26 | "axios": "^1.4.0"
27 | },
28 | "devDependencies": {
29 | "@cap-js/cds-test": ">=0",
30 | "@cap-js/sqlite": "^2",
31 | "eslint": "^9.36.0",
32 | "express": "^4.18.2"
33 | },
34 | "peerDependencies": {
35 | "@sap/cds": ">=8"
36 | },
37 | "engines": {
38 | "node": ">=18.0.0"
39 | },
40 | "cds": {
41 | "requires": {
42 | "malwareScanner": {
43 | "vcap": {
44 | "label": "malware-scanner"
45 | }
46 | },
47 | "kinds": {
48 | "malwareScanner-mock": {
49 | "model": "@cap-js/attachments/srv/malwareScanner-mocked"
50 | },
51 | "malwareScanner-mocked": {
52 | "model": "@cap-js/attachments/srv/malwareScanner-mocked"
53 | },
54 | "malwareScanner-btp": {
55 | "model": "@cap-js/attachments/srv/malwareScanner"
56 | },
57 | "attachments-db": {
58 | "impl": "@cap-js/attachments/srv/basic"
59 | },
60 | "attachments-standard": {
61 | "impl": "@cap-js/attachments/srv/standard"
62 | },
63 | "attachments-s3": {
64 | "impl": "@cap-js/attachments/srv/aws-s3"
65 | },
66 | "attachments-azure": {
67 | "impl": "@cap-js/attachments/srv/azure-blob-storage"
68 | },
69 | "attachments-gcp": {
70 | "impl": "@cap-js/attachments/srv/gcp"
71 | }
72 | },
73 | "serviceManager": {
74 | "vcap": {
75 | "label": "service-manager"
76 | }
77 | },
78 | "objectStore": {
79 | "vcap": {
80 | "label": "objectstore"
81 | }
82 | },
83 | "attachments": {
84 | "outbox": true,
85 | "scan": true,
86 | "objectStore": {
87 | "kind": "separate"
88 | }
89 | },
90 | "[development]": {
91 | "malwareScanner": {
92 | "kind": "malwareScanner-mocked"
93 | },
94 | "attachments": {
95 | "kind": "db"
96 | }
97 | },
98 | "[production]": {
99 | "malwareScanner": {
100 | "kind": "malwareScanner-btp"
101 | },
102 | "attachments": {
103 | "kind": "standard",
104 | "objectStore": {
105 | "kind": "separate"
106 | }
107 | }
108 | },
109 | "[hybrid]": {
110 | "malwareScanner": {
111 | "kind": "malwareScanner-btp"
112 | },
113 | "attachments": {
114 | "kind": "standard",
115 | "scan": true,
116 | "objectStore": {
117 | "kind": "separate"
118 | }
119 | }
120 | }
121 | }
122 | },
123 | "workspaces": [
124 | "tests/incidents-app/"
125 | ]
126 | }
--------------------------------------------------------------------------------
/tests/unit/unitTests.test.js:
--------------------------------------------------------------------------------
1 | jest.mock('@sap/cds', () => ({
2 | ql: { UPDATE: jest.fn(() => ({ with: jest.fn() })) },
3 | debug: jest.fn(),
4 | log: jest.fn(() => ({
5 | info: jest.fn(),
6 | warn: jest.fn(),
7 | error: jest.fn(),
8 | debug: jest.fn(),
9 | _debug: true
10 | })),
11 | Service: class { },
12 | env: { requires: {} }
13 | }))
14 |
15 | global.fetch = jest.fn(() => Promise.resolve({
16 | json: () => Promise.resolve({ malwareDetected: false })
17 | }))
18 |
19 | jest.mock('axios')
20 |
21 | // Mock individual functions used in malwareScanner since it imports logger
22 | jest.doMock('../../srv/malwareScanner', () => {
23 | const original = jest.requireActual('../../srv/malwareScanner')
24 | return {
25 | ...original,
26 | // Override streamToString to return a simple string
27 | streamToString: jest.fn(() => Promise.resolve('test-file-content'))
28 | }
29 | })
30 |
31 | const { getObjectStoreCredentials, fetchToken, sizeInBytes } = require('../../lib/helper')
32 | const axios = require('axios')
33 | const cds = require('@sap/cds')
34 |
35 | beforeEach(() => {
36 | jest.clearAllMocks()
37 | cds.env = {
38 | requires: {
39 | attachments: { scan: true }
40 | },
41 | profiles: []
42 | }
43 | global.fetch = jest.fn(() => Promise.resolve({
44 | json: () => Promise.resolve({ malwareDetected: false }),
45 | status: 200
46 | }))
47 | })
48 |
49 | describe('getObjectStoreCredentials', () => {
50 | it('should return credentials from service manager', async () => {
51 | cds.env.requires.serviceManager = {
52 | credentials: {
53 | sm_url: 'https://sm.example.com',
54 | url: 'https://token.example.com',
55 | clientid: 'client-id',
56 | clientsecret: 'client-secret'
57 | }
58 | }
59 |
60 | axios.get.mockResolvedValue({ data: { items: [{ id: 'test-cred' }] } })
61 | axios.post.mockResolvedValue({ data: { access_token: 'test-token' } })
62 |
63 | const creds = await getObjectStoreCredentials('tenant')
64 | expect(creds.id).toBe('test-cred')
65 | })
66 |
67 | it('should return null when tenant ID is missing', async () => {
68 | cds.env.requires.serviceManager = {
69 | credentials: {
70 | sm_url: 'https://sm.example.com',
71 | url: 'https://token.example.com',
72 | clientid: 'client-id',
73 | clientsecret: 'client-secret'
74 | }
75 | }
76 |
77 | const creds = await getObjectStoreCredentials(null)
78 | expect(creds).toBeNull()
79 | })
80 |
81 | it('should throw error if credentials are missing', async () => {
82 | await getObjectStoreCredentials('tenant').catch(e => {
83 | expect(e.message).toBe('Service Manager Instance is not bound')
84 | })
85 | })
86 | })
87 |
88 | describe('fetchToken', () => {
89 | it('should return a token when axios resolves', async () => {
90 | axios.post.mockResolvedValue({ data: { access_token: 'test-token' } })
91 | const token = await fetchToken('url', 'clientId', 'clientSecret')
92 | expect(token).toBe('test-token')
93 | })
94 |
95 | it('should throw when client ID is missing', async () => {
96 | await expect(fetchToken('url', null, 'clientSecret')).rejects.toThrow('Client ID is required for token fetching')
97 | })
98 |
99 | it('should throw when neither client secret nor certificate is provided', async () => {
100 | await expect(fetchToken('url', 'clientId', null)).rejects.toThrow('Invalid credentials provided for token fetching')
101 | })
102 |
103 | it('should handle error and throw', async () => {
104 | axios.post.mockRejectedValue(new Error('fail'))
105 | await expect(fetchToken('url', 'clientId', 'clientSecret')).rejects.toThrow('fail')
106 | })
107 | })
108 |
109 | describe('size to byte converter', () => {
110 | test('conversion of size string converts correctly to file size', () => {
111 | expect(sizeInBytes('20MB')).toEqual(20 * 1024 * 1024)
112 | expect(sizeInBytes('20MiB')).toEqual(20 * 1024 * 1024)
113 | expect(sizeInBytes('20kiB')).toEqual(20 * 1024)
114 | expect(sizeInBytes('20kB')).toEqual(20 * 1024)
115 | expect(sizeInBytes('20GB')).toEqual(20 * 1024 * 1024 * 1024)
116 | })
117 |
118 | test('conversion of size string returns number if the input param is a number', () => {
119 | expect(sizeInBytes(1234)).toEqual(1234)
120 | })
121 |
122 | test('conversion of size string returns undefined if no size could be determined', () => {
123 | expect(sizeInBytes('ABCDEFG')).toEqual(undefined)
124 |
125 | expect(sizeInBytes(undefined)).toEqual(undefined)
126 |
127 | expect(sizeInBytes({$edmJson: 'Dummy Value'})).toEqual(undefined)
128 | })
129 | })
130 |
--------------------------------------------------------------------------------
/srv/malwareScanner-mocked.js:
--------------------------------------------------------------------------------
1 | const cds = require('@sap/cds')
2 | const LOG = cds.log('attachments')
3 | const crypto = require('crypto');
4 |
5 | class MockedMalwareScanner extends cds.ApplicationService {
6 | init() {
7 | this.on('ScanAttachmentsFile', this.scanAttachmentsFile)
8 | this.on('scan', this.scanFile)
9 |
10 | return super.init()
11 | }
12 |
13 | /**
14 | * Scans the "content" property of the given entity, specified by the CSN name (target) and
15 | * the keys object, for malware.
16 | * Updates the status property on the given entity to reflect if the file is clean.
17 | * Triggers an attachments service delete event to remove the malware.
18 | * @param {{data: {target: string, keys: object}}} msg The target is the CSN Entity name, which is used to lookup entity via cds.model.definitions[].
19 | */
20 | async scanAttachmentsFile(msg) {
21 | const { target, keys } = msg.data
22 | const scanEnabled = cds.env.requires?.attachments?.scan ?? true
23 | if (!scanEnabled) {
24 | LOG.warn(`Malware scanner is disabled! Please consider enabling it`)
25 | return
26 | }
27 |
28 | LOG.debug(`Initiating malware scan request for ${target}, ${JSON.stringify(keys)} `)
29 |
30 | const AttachmentsSrv = await cds.connect.to("attachments")
31 |
32 | const model = cds.context.model ?? cds.model
33 | //Make sure its the active target
34 | const _target = model.definitions[target].actives ?? model.definitions[target]
35 |
36 | if (!_target) {
37 | LOG.error(`Could not scan ${target}, ${JSON.stringify(keys)} for malware as no CSN entity definition was found for the name!`)
38 | return
39 | }
40 |
41 | await this.updateStatus(_target, keys, "Scanning")
42 |
43 | LOG.debug(`Fetching file content for scanning for ${target}, ${JSON.stringify(keys)}`)
44 | const contentStream = await AttachmentsSrv.get(model.definitions[target], keys)
45 |
46 | if (!contentStream) {
47 | LOG.warn(`Cannot fetch file content for malware scanning for ${target}, ${JSON.stringify(keys)}! Check if the file exists.`)
48 | await this.updateStatus(_target, keys, "Failed")
49 | return
50 | }
51 |
52 | let res;
53 | try {
54 | res = await this.scan(contentStream)
55 | } catch (err) {
56 | LOG.error(`Request to malware scanner failed for ${target}, ${JSON.stringify(keys)}`, err)
57 | await this.updateStatus(target, keys, "Failed")
58 | throw err;
59 | }
60 |
61 | let status = res.isMalware ? "Infected" : "Clean"
62 | const hash = res.hash
63 |
64 | if (status === "Infected") {
65 | LOG.warn(`Malware scan completed for ${target}, ${keys} - file is infected. Triggering delete of the file.`)
66 | await AttachmentsSrv.emit('DeleteInfectedAttachment', { target: target, keys, hash })
67 | if (_target.drafts?.name === target) {
68 | await AttachmentsSrv.emit('DeleteInfectedAttachment', { target: _target.drafts.name, keys, hash })
69 | }
70 | } else {
71 | LOG.debug(`Malware scan completed for ${target}, ${keys} - file is clean`)
72 | }
73 |
74 | // Assign hash as another condition to ensure the correct file is marked as fine
75 | await this.updateStatus(_target, Object.assign({ hash }, keys), status)
76 | }
77 |
78 | /**
79 | * Mocks scanning the file. Always returns true!
80 | * @param {import('@sap/cds').Request} the request object
81 | */
82 | async scanFile(req) {
83 | const { file } = req.data;
84 |
85 | LOG.info(`Setting scan status to Clean (development mode)!`)
86 |
87 | let fileSize = 0;
88 | const hash = crypto.createHash('sha256');
89 |
90 | if (file) {
91 | for await (const chunk of file) {
92 | fileSize += chunk.length;
93 | hash.update(chunk);
94 | }
95 | }
96 |
97 | const sha256Hash = hash.digest('hex');
98 | file?.destroy();
99 |
100 | return {
101 | isMalware: false,
102 | encryptedContentDetected: false,
103 | scanSize: fileSize,
104 | finding: undefined,
105 | mimeType: 'empty',
106 | hash: sha256Hash,
107 | };
108 | }
109 |
110 | async getFileInformation(_target, keys) {
111 | const dbResult = await SELECT.one.from(_target.drafts || _target).columns('mimeType').where(keys)
112 | return dbResult
113 | }
114 |
115 | async updateStatus(_target, keys, status) {
116 | if (_target.drafts) {
117 | await Promise.all([
118 | UPDATE.entity(_target).where(keys).set({ status }),
119 | UPDATE.entity(_target.drafts).where(keys).set({ status })
120 | ])
121 | } else {
122 | await UPDATE.entity(_target).where(keys).set({ status })
123 | }
124 | }
125 | }
126 |
127 | module.exports = MockedMalwareScanner
128 |
--------------------------------------------------------------------------------
/lib/plugin.js:
--------------------------------------------------------------------------------
1 | const cds = require("@sap/cds")
2 | const { validateAttachment, readAttachment, validateAttachmentSize, onPrepareAttachment, validateAttachmentMimeType } = require("./generic-handlers")
3 | require("./csn-runtime-extension")
4 | const LOG = cds.log('attachments')
5 |
6 | cds.on(cds.version >= "8.6.0" ? "compile.to.edmx" : "loaded", unfoldModel)
7 |
8 | function unfoldModel(csn) {
9 | const meta = csn.meta ??= {}
10 | if (!("sap.attachments.Attachments" in csn.definitions)) return
11 | if (meta._enhanced_for_attachments) return
12 | // const csnCopy = structuredClone(csn) // REVISIT: Why did we add this cloning?
13 | const hasFacetForComp = (comp, facets) => facets.some(f => f.Target === `${comp.name}/@UI.LineItem` || (f.Facets && hasFacetForComp(comp, f.Facets)))
14 | cds.linked(csn).forall("Composition", (comp) => {
15 | if (comp._target && comp._target["@_is_media_data"] && comp.parent && comp.is2many) {
16 | let facets = comp.parent["@UI.Facets"]
17 | if (!facets) return
18 | if (comp["@attachments.disable_facet"] !== undefined) {
19 | LOG.warn(`@attachments.disable_facet is deprecated! Please annotate ${comp.name} with @UI.Hidden`)
20 | }
21 | if (!comp["@attachments.disable_facet"] && !hasFacetForComp(comp, facets)) {
22 | LOG.debug(`Adding @UI.Facet to: ${comp.parent.name}`)
23 | const attachmentsFacet = {
24 | $Type: "UI.ReferenceFacet",
25 | Target: `${comp.name}/@UI.LineItem`,
26 | ID: `${comp.name}_attachments`,
27 | Label: "{i18n>Attachments}",
28 | }
29 | if (comp["@UI.Hidden"]) {
30 | attachmentsFacet["@UI.Hidden"] = comp["@UI.Hidden"]
31 | }
32 | facets.push(attachmentsFacet)
33 | //Hide parent key so it cannot be selected from Columns on the UI
34 | Object.keys(comp._target.elements).filter(e => e.startsWith('up__')).forEach(ele => {
35 | comp._target.elements[ele]['@UI.Hidden'] = true;
36 | })
37 | if (comp._target.elements['up_']) {
38 | comp._target.elements['up_']['@UI.Hidden'] = true;
39 | }
40 | }
41 |
42 | }
43 | })
44 | meta._enhanced_for_attachments = true
45 | }
46 |
47 | cds.ApplicationService.handle_attachments = cds.service.impl(async function () {
48 | if (!cds.env.requires.attachments) return;
49 | LOG.debug(`Registering handlers for attachments entities for service: ${this.name}`)
50 | this.before("READ", validateAttachment)
51 | this.after("READ", readAttachment)
52 | this.before("PUT", validateAttachmentSize)
53 | this.before("PUT", validateAttachmentMimeType)
54 | this.before("NEW", onPrepareAttachment)
55 | this.before("CREATE", (req) => {
56 | return onPrepareAttachment(req)
57 | })
58 |
59 | this.before(["DELETE", "UPDATE"], async function collectDeletedAttachmentsForDraftEnabled(req) {
60 | if (!req.target?._attachments.hasAttachmentsComposition) return;
61 | const AttachmentsSrv = await cds.connect.to("attachments")
62 | return AttachmentsSrv.attachDeletionData.bind(AttachmentsSrv)(req)
63 | })
64 | this.after(["DELETE", "UPDATE"], async function deleteCollectedDeletedAttachmentsForDraftEnabled(res, req) {
65 | if (!req.target?._attachments.hasAttachmentsComposition) return;
66 | const AttachmentsSrv = await cds.connect.to("attachments")
67 | return AttachmentsSrv.deleteAttachmentsWithKeys.bind(AttachmentsSrv)(res, req)
68 | })
69 |
70 |
71 | this.prepend(() =>
72 | this.on(
73 | ["PUT", "UPDATE"],
74 | async function putUpdateAttachments(req, next) {
75 | // Skip entities which are not Attachments and skip if content is not updated
76 | if (!req.target._attachments.isAttachmentsEntity || !req.data.content) return next()
77 |
78 | let metadata = await this.run(SELECT.from(req.subject).columns('url', ...Object.keys(req.target.keys), 'filename'))
79 | if (metadata.length > 1) {
80 | return req.error(501, 'MultiUpdateNotSupported')
81 | }
82 | metadata = metadata[0]
83 | if (!metadata) {
84 | return req.reject(404)
85 | }
86 | req.data.ID = metadata.ID
87 | req.data.url ??= metadata.url
88 | for (const key in metadata) {
89 | if (key.startsWith('up_')) {
90 | req.data[key] = metadata[key]
91 | }
92 | }
93 | const AttachmentsSrv = await cds.connect.to("attachments")
94 | try {
95 | return await AttachmentsSrv.put(req.target, req.data)
96 | } catch (err) {
97 | if (err.status == 409) {
98 | return req.error({ status: 409, message: "AttachmentAlreadyExistsCannotBeOverwritten", args: [metadata.filename] })
99 | }
100 | throw err
101 | }
102 | }
103 | )
104 | )
105 |
106 | this.prepend(() =>
107 | this.on(
108 | ["CREATE"],
109 | async function createAttachments(req, next) {
110 | if (!req.target._attachments.isAttachmentsEntity || req.req?.url?.endsWith('/content') || !req.data.url || !(req.data.content || (Array.isArray(req.data) && req.data[0]?.content))) return next()
111 | const AttachmentsSrv = await cds.connect.to("attachments")
112 | return AttachmentsSrv.put(req.target, req.data)
113 | }
114 | )
115 | )
116 |
117 | const AttachmentsSrv = await cds.connect.to("attachments")
118 | AttachmentsSrv.registerHandlers(this)
119 | })
120 |
--------------------------------------------------------------------------------
/CODE_OF_CONDUCT.md:
--------------------------------------------------------------------------------
1 | # Contributor Covenant Code of Conduct
2 |
3 | ## Our Pledge
4 |
5 | We as members, contributors, and leaders pledge to make participation in our
6 | community a harassment-free experience for everyone, regardless of age, body
7 | size, visible or invisible disability, ethnicity, sex characteristics, gender
8 | identity and expression, level of experience, education, socio-economic status,
9 | nationality, personal appearance, race, caste, color, religion, or sexual
10 | identity and orientation.
11 |
12 | We pledge to act and interact in ways that contribute to an open, welcoming,
13 | diverse, inclusive, and healthy community.
14 |
15 | ## Our Standards
16 |
17 | Examples of behavior that contributes to a positive environment for our
18 | community include:
19 |
20 | * Demonstrating empathy and kindness toward other people
21 | * Being respectful of differing opinions, viewpoints, and experiences
22 | * Giving and gracefully accepting constructive feedback
23 | * Accepting responsibility and apologizing to those affected by our mistakes,
24 | and learning from the experience
25 | * Focusing on what is best not just for us as individuals, but for the overall
26 | community
27 |
28 | Examples of unacceptable behavior include:
29 |
30 | * The use of sexualized language or imagery, and sexual attention or advances of
31 | any kind
32 | * Trolling, insulting or derogatory comments, and personal or political attacks
33 | * Public or private harassment
34 | * Publishing others' private information, such as a physical or email address,
35 | without their explicit permission
36 | * Other conduct which could reasonably be considered inappropriate in a
37 | professional setting
38 |
39 | ## Enforcement Responsibilities
40 |
41 | Community leaders are responsible for clarifying and enforcing our standards of
42 | acceptable behavior and will take appropriate and fair corrective action in
43 | response to any behavior that they deem inappropriate, threatening, offensive,
44 | or harmful.
45 |
46 | Community leaders have the right and responsibility to remove, edit, or reject
47 | comments, commits, code, wiki edits, issues, and other contributions that are
48 | not aligned to this Code of Conduct, and will communicate reasons for moderation
49 | decisions when appropriate.
50 |
51 | ## Scope
52 |
53 | This Code of Conduct applies within all community spaces, and also applies when
54 | an individual is officially representing the community in public spaces.
55 | Examples of representing our community include using an official e-mail address,
56 | posting via an official social media account, or acting as an appointed
57 | representative at an online or offline event.
58 |
59 | ## Enforcement
60 |
61 | Instances of abusive, harassing, or otherwise unacceptable behavior may be
62 | reported to the community leaders responsible for enforcement at
63 | [INSERT CONTACT METHOD].
64 | All complaints will be reviewed and investigated promptly and fairly.
65 |
66 | All community leaders are obligated to respect the privacy and security of the
67 | reporter of any incident.
68 |
69 | ## Enforcement Guidelines
70 |
71 | Community leaders will follow these Community Impact Guidelines in determining
72 | the consequences for any action they deem in violation of this Code of Conduct:
73 |
74 | ### 1. Correction
75 |
76 | **Community Impact**: Use of inappropriate language or other behavior deemed
77 | unprofessional or unwelcome in the community.
78 |
79 | **Consequence**: A private, written warning from community leaders, providing
80 | clarity around the nature of the violation and an explanation of why the
81 | behavior was inappropriate. A public apology may be requested.
82 |
83 | ### 2. Warning
84 |
85 | **Community Impact**: A violation through a single incident or series of
86 | actions.
87 |
88 | **Consequence**: A warning with consequences for continued behavior. No
89 | interaction with the people involved, including unsolicited interaction with
90 | those enforcing the Code of Conduct, for a specified period of time. This
91 | includes avoiding interactions in community spaces as well as external channels
92 | like social media. Violating these terms may lead to a temporary or permanent
93 | ban.
94 |
95 | ### 3. Temporary Ban
96 |
97 | **Community Impact**: A serious violation of community standards, including
98 | sustained inappropriate behavior.
99 |
100 | **Consequence**: A temporary ban from any sort of interaction or public
101 | communication with the community for a specified period of time. No public or
102 | private interaction with the people involved, including unsolicited interaction
103 | with those enforcing the Code of Conduct, is allowed during this period.
104 | Violating these terms may lead to a permanent ban.
105 |
106 | ### 4. Permanent Ban
107 |
108 | **Community Impact**: Demonstrating a pattern of violation of community
109 | standards, including sustained inappropriate behavior, harassment of an
110 | individual, or aggression toward or disparagement of classes of individuals.
111 |
112 | **Consequence**: A permanent ban from any sort of public interaction within the
113 | community.
114 |
115 | ## Attribution
116 |
117 | This Code of Conduct is adapted from the [Contributor Covenant][homepage],
118 | version 2.1, available at
119 | [https://www.contributor-covenant.org/version/2/1/code_of_conduct.html][v2.1].
120 |
121 | Community Impact Guidelines were inspired by
122 | [Mozilla's code of conduct enforcement ladder][Mozilla CoC].
123 |
124 | For answers to common questions about this code of conduct, see the FAQ at
125 | [https://www.contributor-covenant.org/faq][FAQ]. Translations are available at
126 | [https://www.contributor-covenant.org/translations][translations].
127 |
128 | [homepage]: https://www.contributor-covenant.org
129 | [v2.1]: https://www.contributor-covenant.org/version/2/1/code_of_conduct.html
130 | [Mozilla CoC]: https://github.com/mozilla/diversity
131 | [FAQ]: https://www.contributor-covenant.org/faq
132 | [translations]: https://www.contributor-covenant.org/translations
133 |
--------------------------------------------------------------------------------
/tests/incidents-app/app/incidents/webapp/manifest.json:
--------------------------------------------------------------------------------
1 | {
2 | "_version": "1.49.0",
3 | "sap.app": {
4 | "id": "ns.incidents",
5 | "type": "application",
6 | "i18n": "i18n/i18n.properties",
7 | "applicationVersion": {
8 | "version": "0.0.1"
9 | },
10 | "title": "{{appTitle}}",
11 | "description": "{{appDescription}}",
12 | "resources": "resources.json",
13 | "sourceTemplate": {
14 | "id": "@sap/generator-fiori:lrop",
15 | "version": "1.9.7",
16 | "toolsId": "b6e2272d-1167-41a4-baed-217444579193"
17 | },
18 | "crossNavigation": {
19 | "inbounds": {
20 | "intent1": {
21 | "signature": {
22 | "parameters": {},
23 | "additionalParameters": "allowed"
24 | },
25 | "semanticObject": "Incidents",
26 | "action": "display"
27 | }
28 | }
29 | },
30 | "dataSources": {
31 | "mainService": {
32 | "uri": "/odata/v4/processor/",
33 | "type": "OData",
34 | "settings": {
35 | "annotations": [],
36 | "localUri": "localService/metadata.xml",
37 | "odataVersion": "4.0"
38 | }
39 | }
40 | }
41 | },
42 | "sap.ui": {
43 | "technology": "UI5",
44 | "icons": {
45 | "icon": "",
46 | "favIcon": "",
47 | "phone": "",
48 | "phone@2": "",
49 | "tablet": "",
50 | "tablet@2": ""
51 | },
52 | "deviceTypes": {
53 | "desktop": true,
54 | "tablet": true,
55 | "phone": true
56 | }
57 | },
58 | "sap.ui5": {
59 | "flexEnabled": true,
60 | "dependencies": {
61 | "minUI5Version": "1.120.0",
62 | "libs": {
63 | "sap.m": {},
64 | "sap.ui.core": {},
65 | "sap.ushell": {},
66 | "sap.fe.templates": {}
67 | }
68 | },
69 | "contentDensities": {
70 | "compact": true,
71 | "cozy": true
72 | },
73 | "models": {
74 | "i18n": {
75 | "type": "sap.ui.model.resource.ResourceModel",
76 | "settings": {
77 | "bundleName": "ns.incidents.i18n.i18n"
78 | }
79 | },
80 | "": {
81 | "dataSource": "mainService",
82 | "preload": true,
83 | "settings": {
84 | "synchronizationMode": "None",
85 | "operationMode": "Server",
86 | "autoExpandSelect": true,
87 | "earlyRequests": true
88 | }
89 | },
90 | "@i18n": {
91 | "type": "sap.ui.model.resource.ResourceModel",
92 | "uri": "i18n/i18n.properties"
93 | }
94 | },
95 | "resources": {
96 | "css": []
97 | },
98 | "routing": {
99 | "routes": [
100 | {
101 | "pattern": ":?query:",
102 | "name": "IncidentsList",
103 | "target": "IncidentsList"
104 | },
105 | {
106 | "pattern": "Incidents({key}):?query:",
107 | "name": "IncidentsObjectPage",
108 | "target": "IncidentsObjectPage"
109 | }
110 | ],
111 | "targets": {
112 | "IncidentsList": {
113 | "type": "Component",
114 | "id": "IncidentsList",
115 | "name": "sap.fe.templates.ListReport",
116 | "options": {
117 | "settings": {
118 | "entitySet": "Incidents",
119 | "variantManagement": "Page",
120 | "navigation": {
121 | "Incidents": {
122 | "detail": {
123 | "route": "IncidentsObjectPage"
124 | }
125 | }
126 | },
127 | "liveMode": true,
128 | "controlConfiguration": {
129 | "@com.sap.vocabularies.UI.v1.LineItem": {
130 | "tableSettings": {
131 | "type": "ResponsiveTable"
132 | }
133 | }
134 | }
135 | }
136 | }
137 | },
138 | "IncidentsObjectPage": {
139 | "type": "Component",
140 | "id": "IncidentsObjectPage",
141 | "name": "sap.fe.templates.ObjectPage",
142 | "options": {
143 | "settings": {
144 | "editableHeaderContent": false,
145 | "entitySet": "Incidents",
146 | "navigation": {},
147 | "controlConfiguration": {
148 | "conversations/@com.sap.vocabularies.UI.v1.LineItem#i18nConversations": {
149 | "tableSettings": {
150 | "type": "ResponsiveTable",
151 | "creationMode": {
152 | "name": "Inline"
153 | }
154 | }
155 | }
156 | }
157 | }
158 | }
159 | }
160 | }
161 | },
162 | "extends": {
163 | "extensions": {
164 | "sap.ui.controllerExtensions": {}
165 | }
166 | }
167 | },
168 | "sap.fiori": {
169 | "registrationIds": [],
170 | "archeType": "transactional"
171 | }
172 | }
--------------------------------------------------------------------------------
/srv/malwareScanner.js:
--------------------------------------------------------------------------------
1 | const cds = require('@sap/cds')
2 | const crypto = require("crypto")
3 | const https = require('https')
4 | const { URL } = require('url')
5 | const LOG = cds.log('attachments')
6 |
7 | class MalwareScanner extends require('./malwareScanner-mocked') {
8 |
9 | get credentials() {
10 | return getCredentials()
11 | }
12 |
13 | init() {
14 | return super.init()
15 | }
16 |
17 | /**
18 | * Scans the passed over file
19 | * @param {*} req - The request object
20 | * @param {string} fileName - The name of the file being scanned
21 | */
22 | async scanFile(req) {
23 | const { file } = req.data;
24 | let response
25 | const scanStartTime = Date.now()
26 |
27 | try {
28 | // Prepare request options
29 | const url = new URL(`https://${this.credentials.uri}/scan`)
30 | const requestOptions = {
31 | method: 'POST',
32 | hostname: url.hostname,
33 | port: url.port || 443,
34 | path: url.pathname,
35 | headers: {}
36 | }
37 |
38 | if (this.credentials?.certificate && this.credentials?.key) {
39 | LOG.debug('Using mTLS authentication for malware scanning')
40 |
41 | const cert = new crypto.X509Certificate(this.credentials.certificate)
42 | const expiryDate = new Date(cert.validTo)
43 | const now = Date.now()
44 |
45 | // Show warning if certificate is expired or expiring within 30 days
46 | const msIn30Days = 30 * 24 * 60 * 60 * 1000
47 |
48 | if (expiryDate.getTime() < now) {
49 | LOG.error('Malware scanner certificate expired', { validTo: cert.validTo })
50 | throw new Error('Malware scanner certificate expired')
51 | } else if (expiryDate.getTime() - now < msIn30Days) {
52 | LOG.warn('Malware scanner certificate expiring soon', { validTo: cert.validTo })
53 | }
54 |
55 | requestOptions.cert = this.credentials.certificate
56 | requestOptions.key = this.credentials.key
57 | requestOptions.rejectUnauthorized = false
58 |
59 | LOG.debug('Using mTLS authorization')
60 | } else if (this.credentials?.username && this.credentials?.password) {
61 | // Basic Auth: set Authorization header
62 | LOG.warn(
63 | 'Deprecated: Basic Authentication for malware scanning is deprecated and will be removed in future releases.',
64 | )
65 | requestOptions.headers.Authorization =
66 | "Basic " + Buffer.from(`${this.credentials.username}:${this.credentials.password}`, "binary").toString("base64")
67 | LOG.debug('Using basic authorization')
68 | } else {
69 | throw new Error("Could not find any credentials to authenticate against malware scanning service, please make sure binding and service key exists.")
70 | }
71 |
72 | response = await new Promise((resolve, reject) => {
73 | const req = https.request(requestOptions, (res) => {
74 | let data = ''
75 | res.on('data', chunk => data += chunk)
76 | res.on('end', () => {
77 | resolve({
78 | status: res.statusCode,
79 | ok: res.statusCode >= 200 && res.statusCode < 300,
80 | data
81 | })
82 | })
83 | })
84 | req.on('error', reject)
85 |
86 | file.pipe(req)
87 | })
88 |
89 |
90 | if (!response.ok) {
91 | const json = JSON.parse(response.data || '{}')
92 | const errorMsg = JSON.stringify(json) || response.statusText || 'Unknown error from malware scanner'
93 | return req.reject(response.status, `Scanning failed: ${errorMsg}`)
94 | }
95 | } catch (error) {
96 | const scanDuration = Date.now() - scanStartTime
97 | LOG.error(`Request to malware scanner failed`, error,
98 | 'Check malware scanner service binding and network connectivity',
99 | { scanDuration, scannerUri: this.credentials?.uri }
100 | )
101 | file?.destroy()
102 | return req.reject(500, 'Scanning failed')
103 | } finally {
104 | file?.destroy()
105 | }
106 |
107 | /**
108 | * @typedef {Object} MalwareScanResponse
109 | * @property {boolean} malwareDetected - Indicates whether the scan engine detected a threat.
110 | * @property {boolean} encryptedContentDetected - Indicates whether the file has encrypted parts, which could not be scanned.
111 | * @property {number} scanSize - Size in bytes of the scanned file. Use the file size to validate the success of data transmission.
112 | * @property {string} finding - This field may contain information about detected malware.
113 | * @property {string} mimeType - Indicates the detected MIME type for the scanned file. This data may not be reliable and results may vary on different service providers.
114 | * @property {string} SHA256 - SHA-256 hash of the scanned file. Use the hash to validate the success of data transmission.
115 | */
116 | /** @type {MalwareScanResponse} */
117 | const responseJson = JSON.parse(response.data)
118 | const scanDuration = Date.now() - scanStartTime
119 | LOG.debug(`Malware scan response`, { scanDuration, response: responseJson })
120 |
121 | return {
122 | isMalware: responseJson.malwareDetected,
123 | encryptedContentDetected: responseJson.encryptedContentDetected,
124 | scanSize: responseJson.scanSize,
125 | finding: responseJson.finding,
126 | mimeType: responseJson.mimeType,
127 | hash: responseJson.SHA256,
128 | };
129 | }
130 | }
131 |
132 | module.exports = MalwareScanner
133 |
134 | function getCredentials() {
135 | const credentials = cds.env.requires?.malwareScanner?.credentials
136 | if (!credentials) {
137 | throw new Error(`cds.env.requires.malwareScanner.credentials is empty! Please bind the SAP Malware Scanning service against your app!`)
138 | }
139 | const requiredFields = {
140 | mTLS: ['uri', 'certificate', 'key'],
141 | basic: ['uri', 'username', 'password']
142 | }
143 | const missingMTLS = requiredFields.mTLS.filter(field => !credentials[field])
144 | const missingBasic = requiredFields.basic.filter(field => !credentials[field])
145 |
146 | if (missingMTLS.length > 0 && missingBasic.length > 0) {
147 | throw new Error(`Missing Malware Scanner credentials: mTLS [${missingMTLS.join(', ')}], Basic Auth [${missingBasic.join(', ')}]`)
148 | }
149 | LOG.debug(`Malware scanning credentials successfully retrieved.`)
150 | return credentials
151 | }
--------------------------------------------------------------------------------
/tests/incidents-app/app/incidents/annotations.cds:
--------------------------------------------------------------------------------
1 | using ProcessorService as service from '../../srv/services';
2 | using from '../../db/schema';
3 |
4 | annotate service.Customers with @title : '{i18n>Customer}';
5 | annotate service.Incidents with @title : '{i18n>Incident}';
6 | annotate service.Incidents with @odata.draft.enabled;
7 |
8 | annotate service.Incidents with @(
9 | UI.SemanticKey : [title],
10 | UI.LineItem : [
11 | {
12 | Value : title,
13 | Label : '{i18n>Title}',
14 | },
15 | {
16 | Value : customer.name,
17 | Label : '{i18n>Customer}',
18 | },
19 | {
20 | Value : status.descr,
21 | Criticality : status.criticality,
22 | Label : '{i18n>Status}',
23 | },
24 | {
25 | Value : urgency.descr,
26 | Label : '{i18n>Urgency}',
27 | },
28 | ]
29 | );
30 | annotate service.Incidents with @(
31 | UI.FieldGroup #GeneratedGroup1 : {
32 | $Type : 'UI.FieldGroupType',
33 | Data : [
34 | {
35 | $Type : 'UI.DataField',
36 | Value : title,
37 | Label : '{i18n>Title}',
38 | },
39 | {
40 | $Type : 'UI.DataField',
41 | Value : customer_ID,
42 | Label : '{i18n>Customer}',
43 | },
44 | ],
45 | },
46 | UI.Facets : [
47 | {
48 | $Type : 'UI.CollectionFacet',
49 | Label : '{i18n>Overview}',
50 | ID : 'i18nOverview',
51 | Facets : [
52 | {
53 | $Type : 'UI.ReferenceFacet',
54 | ID : 'GeneratedFacet1',
55 | Label : 'General Information',
56 | Target : '@UI.FieldGroup#GeneratedGroup1',
57 | },
58 | {
59 | $Type : 'UI.ReferenceFacet',
60 | Label : '{i18n>Details}',
61 | ID : 'i18nDetails',
62 | Target : '@UI.FieldGroup#i18nDetails',
63 | },],
64 | },
65 | {
66 | $Type : 'UI.ReferenceFacet',
67 | Label : '{i18n>Conversation}',
68 | ID : 'i18nConversation',
69 | Target : 'conversation/@UI.LineItem#i18nConversation1',
70 | },
71 | ]
72 | );
73 | annotate service.Incidents with @(
74 | UI.SelectionFields : [
75 | urgency_code,
76 | status_code,
77 | ]
78 | );
79 | annotate service.Incidents with {
80 | status @Common.Label : '{i18n>Status}'
81 | };
82 | annotate service.Incidents with {
83 | urgency @Common.Label : '{i18n>Urgency}'
84 | };
85 | annotate service.Incidents with {
86 | status @Common.ValueListWithFixedValues : true
87 | };
88 | annotate service.Incidents with {
89 | urgency @Common.ValueListWithFixedValues : true
90 | };
91 | annotate service.Incidents with @(
92 | UI.HeaderInfo : {
93 | Title : {
94 | Value : title,
95 | },
96 | TypeName : '',
97 | TypeNamePlural : '',
98 | Description : {
99 | Value : customer.name,
100 | },
101 | TypeImageUrl : 'sap-icon://alert',
102 | }
103 | );
104 | annotate service.Incidents with @(
105 | UI.FieldGroup #i18nDetails : {
106 | Data : [
107 | {
108 | Value : status_code,
109 | Criticality : status.criticality,
110 | },
111 | {
112 | Value : urgency_code,
113 | },],
114 | }
115 | );
116 | annotate service.Status with {
117 | code @Common.Text : descr
118 | };
119 | annotate service.Urgency with {
120 | code @Common.Text : descr
121 | };
122 | annotate service.Incidents with {
123 | customer @(Common.ValueList : {
124 | $Type : 'Common.ValueListType',
125 | CollectionPath : 'Customers',
126 | Parameters : [
127 | {
128 | $Type : 'Common.ValueListParameterInOut',
129 | LocalDataProperty : customer_ID,
130 | ValueListProperty : 'ID',
131 | },
132 | {
133 | $Type : 'Common.ValueListParameterDisplayOnly',
134 | ValueListProperty : 'name',
135 | },
136 | {
137 | $Type : 'Common.ValueListParameterDisplayOnly',
138 | ValueListProperty : 'email',
139 | },
140 | ],
141 | },
142 | Common.ValueListWithFixedValues : false
143 | )};
144 |
145 | annotate service.Incidents with {
146 | status @Common.Text : status.descr
147 | };
148 | annotate service.Incidents with {
149 | urgency @Common.Text : urgency.descr
150 | };
151 | annotate service.Incidents with {
152 | customer @Common.Text : {
153 | $value : customer.name,
154 | ![@UI.TextArrangement] : #TextOnly,
155 | }
156 | };
157 | annotate service.Incidents.conversation with @(
158 | title : '{i18n>Conversation}',
159 | UI.LineItem #i18nConversation1 : [
160 | {
161 | $Type : 'UI.DataField',
162 | Value : author,
163 | Label : '{i18n>Author}',
164 | },
165 | {
166 | $Type : 'UI.DataField',
167 | Value : timestamp,
168 | Label : '{i18n>ConversationDate}',
169 | },{
170 | $Type : 'UI.DataField',
171 | Value : message,
172 | Label : '{i18n>Message}',
173 | },]
174 | );
175 |
176 | annotate service.Test with @(
177 | UI.SemanticKey : [name],
178 | UI.LineItem : [
179 | {
180 | Value : name,
181 | Label : 'Name',
182 | },
183 | ]
184 | );
185 |
186 | annotate service.TestDetails with @(
187 | UI.SemanticKey : [description],
188 | UI.LineItem : [
189 | {
190 | Value : description,
191 | Label : 'Description',
192 | },
193 | ]
194 | );
195 |
196 | annotate service.Test with @(
197 | UI.Facets : [
198 | {
199 | $Type : 'UI.ReferenceFacet',
200 | Label : 'Details',
201 | Target : 'details/@UI.LineItem'
202 | },
203 | {
204 | $Type : 'UI.ReferenceFacet',
205 | Label : 'Attachments',
206 | Target : 'attachments/@UI.LineItem'
207 | }
208 | ]
209 | );
210 |
211 | annotate service.TestDetails with @(
212 | UI.Facets : [
213 | {
214 | $Type : 'UI.ReferenceFacet',
215 | Label : 'Attachments',
216 | Target : 'attachments/@UI.LineItem'
217 | }
218 | ]
219 | );
--------------------------------------------------------------------------------
/.github/actions/integration-tests/action.yml:
--------------------------------------------------------------------------------
1 | name: "Integration tests"
2 | description: "Run tests with BTP services being bound"
3 | inputs:
4 | CF_API:
5 | description: "Cloud Foundry API endpoint"
6 | required: true
7 | CF_USERNAME:
8 | description: "Cloud Foundry username"
9 | required: true
10 | CF_PASSWORD:
11 | description: "Cloud Foundry password"
12 | required: true
13 | CF_ORG:
14 | description: "Cloud Foundry organization"
15 | required: true
16 | CF_SPACE:
17 | description: "Cloud Foundry space"
18 | required: true
19 | NODE_VERSION:
20 | description: "Node.js version to use for tests"
21 | required: true
22 | OBJECT_STORE_KIND:
23 | description: "Hyperscaler to use for tests"
24 | required: true
25 | SCANNER_AUTH:
26 | description: "Malware scanner authentication type"
27 | required: true
28 | runs:
29 | using: "composite"
30 | steps:
31 | - name: Install dependencies and Cloud Foundry CLI (v8.9.0)
32 | shell: bash
33 | run: |
34 | sudo apt-get update
35 | sudo apt-get install -y libc6 wget tar
36 | wget "https://packages.cloudfoundry.org/stable?release=linux64-binary&version=8.9.0&source=github-rel" -O cf-cli.tar.gz
37 | tar -xvzf cf-cli.tar.gz
38 | sudo mv cf /usr/local/bin/
39 | sudo mv cf8 /usr/local/bin/
40 | cf --version
41 |
42 | - name: Authenticate with Cloud Foundry
43 | shell: bash
44 | run: |
45 | echo "::debug::CF_API=${{ inputs.CF_API }}"
46 | for i in {1..5}; do
47 | cf login -a ${{ inputs.CF_API }} -u ${{ inputs.CF_USERNAME }} -p ${{ inputs.CF_PASSWORD }} -o ${{ inputs.CF_ORG }} -s ${{ inputs.CF_SPACE }} && break
48 | echo "cf login failed, retrying ($i/5)..."
49 | sleep 10
50 | if [ "$i" -eq 5 ]; then
51 | echo "❌ cf login failed after 5 attempts."
52 | exit 1
53 | fi
54 | done
55 |
56 | - uses: actions/checkout@v5
57 | with:
58 | ref: ${{ github.event.pull_request.head.sha || github.sha }}
59 | - name: Use Node.js ${{ inputs.NODE_VERSION}}
60 | uses: actions/setup-node@v6
61 | with:
62 | node-version: ${{ inputs.NODE_VERSION }}
63 | - run: npm i -g @sap/cds-dk
64 | shell: bash
65 | - run: npm i
66 | shell: bash
67 | # Revisit once bug in 9.6 is fixed
68 | - run: npm i @sap/cds@9.5.1
69 | shell: bash
70 | - run: cd tests/incidents-app && npm i
71 | shell: bash
72 | - name: Set node env for HANA
73 | run: echo "NODE_VERSION_HANA=$(echo ${{ inputs.NODE_VERSION }} | tr . _)" >> $GITHUB_ENV
74 | shell: bash
75 | - name: CDS Versions being used
76 | run: cds v -i
77 | shell: bash
78 |
79 | # Deploy model to HANA
80 | - name: Create Object store
81 | shell: bash
82 | run: cf create-service objectstore standard cap-js-attachments-object-store-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }}-${{ inputs.SCANNER_AUTH }}-$NODE_VERSION_HANA
83 | - name: Create Basic Auth Malware scanner
84 | shell: bash
85 | run: cf create-service malware-scanner clamav cap-js-attachments-scanner-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }}-${{ inputs.SCANNER_AUTH }}-$NODE_VERSION_HANA
86 | - name: Create HDI Container
87 | shell: bash
88 | run: cf create-service hana hdi-shared cap-js-attachments-hana-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }}-${{ inputs.SCANNER_AUTH }}-$NODE_VERSION_HANA
89 | - run: cd tests/incidents-app/ && cds deploy --to hana:cap-js-attachments-hana-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }}-${{ inputs.SCANNER_AUTH }}-$NODE_VERSION_HANA
90 | shell: bash
91 |
92 | # Create service key
93 | - run: cf create-service-key cap-js-attachments-scanner-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }}-${{ inputs.SCANNER_AUTH }}-$NODE_VERSION_HANA cap-js-attachments-scanner-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }}-${{ inputs.SCANNER_AUTH }}-$NODE_VERSION_HANA-key
94 | if: ${{ inputs.SCANNER_AUTH == 'basic' }}
95 | shell: bash
96 | - run: cf create-service-key cap-js-attachments-scanner-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }}-${{ inputs.SCANNER_AUTH }}-$NODE_VERSION_HANA cap-js-attachments-scanner-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }}-${{ inputs.SCANNER_AUTH }}-$NODE_VERSION_HANA-key -c '{"auth":"mtls"}'
97 | if: ${{ inputs.SCANNER_AUTH == 'mtls' }}
98 | shell: bash
99 |
100 | # Bind against BTP services
101 | - run: cds bind db -2 cap-js-attachments-hana-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }}-${{ inputs.SCANNER_AUTH }}-$NODE_VERSION_HANA -o package.json
102 | shell: bash
103 | - name: Bind object store
104 | shell: bash
105 | run: |
106 | for i in {1..5}; do
107 | cds bind objectStore -2 cap-js-attachments-object-store-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }}-${{ inputs.SCANNER_AUTH }}-$NODE_VERSION_HANA -o package.json && break
108 | echo "cds bind objectStore failed, retrying ($i/5)..."
109 | sleep 100
110 | if [ "$i" -eq 5 ]; then
111 | echo "❌ cds bind objectStore failed after 5 attempts."
112 | exit 1
113 | fi
114 | done
115 | - run: cds bind malware-scanner -2 cap-js-attachments-scanner-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }}-${{ inputs.SCANNER_AUTH }}-$NODE_VERSION_HANA -o package.json
116 | shell: bash
117 |
118 | # Run tests in hybrid mode
119 | - run: cds bind --exec npm run test
120 | shell: bash
121 |
122 | # Cleanup BTP services
123 | - name: Delete Malware Scanner instance
124 | if: ${{ always() }}
125 | run: cf delete-service cap-js-attachments-scanner-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }}-${{ inputs.SCANNER_AUTH }}-$NODE_VERSION_HANA -f
126 | shell: bash
127 | - name: Delete Object store
128 | if: ${{ always() }}
129 | run: cf delete-service cap-js-attachments-object-store-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }}-${{ inputs.SCANNER_AUTH }}-$NODE_VERSION_HANA -f
130 | shell: bash
131 | - name: Delete HDI Container Key
132 | if: ${{ always() }}
133 | run: cf delete-service-key cap-js-attachments-hana-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }}-${{ inputs.SCANNER_AUTH }}-$NODE_VERSION_HANA cap-js-attachments-hana-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }}-${{ inputs.SCANNER_AUTH }}-$NODE_VERSION_HANA-key -f
134 | shell: bash
135 |
136 | # Note: The initial delete attempt often fails due to an "ongoing operation on service binding" error.
137 | - name: Delete HDI Container
138 | if: ${{ always() }}
139 | shell: bash
140 | run: |
141 | for i in {1..5}; do
142 | cf delete-service cap-js-attachments-hana-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }}-${{ inputs.SCANNER_AUTH }}-$NODE_VERSION_HANA -f && break
143 | echo "HDI container delete failed, retrying ($i/5)..."
144 | sleep 10
145 | if [ "$i" -eq 5 ]; then
146 | echo "❌ HDI container delete failed after 5 attempts."
147 | exit 1
148 | fi
149 | done
150 |
--------------------------------------------------------------------------------
/lib/generic-handlers.js:
--------------------------------------------------------------------------------
1 | const cds = require('@sap/cds')
2 | const LOG = cds.log('attachments')
3 | const { extname } = require("path")
4 | const { MAX_FILE_SIZE, sizeInBytes, checkMimeTypeMatch } = require('./helper')
5 |
6 | const isMultitenacyEnabled = !!cds.env.requires.multitenancy
7 | const objectStoreKind = cds.env.requires?.attachments?.objectStore?.kind
8 |
9 | /**
10 | * Prepares the attachment data before creation
11 | * @param {import('@sap/cds').Request} req - The request object
12 | */
13 | async function onPrepareAttachment(req) {
14 | if (!req.target?._attachments.isAttachmentsEntity) return;
15 |
16 | const hasUpKey = Object.keys(req.data).some(key => key.startsWith("up__"))
17 |
18 | if (!hasUpKey) {
19 | const mySubject = { ...req.subject, ref: req.subject.ref.slice(0, -1) }
20 | const parentKeys = Object.keys(cds.infer.target({ SELECT: { from: mySubject } }).keys)
21 | const parentRecord = await SELECT.one.from(mySubject).columns(parentKeys)
22 |
23 | for (const key of parentKeys) {
24 | req.data[`up__${key}`] = parentRecord[key]
25 | }
26 | }
27 |
28 | req.data.url = isMultitenacyEnabled && objectStoreKind === "shared"
29 | ? `${req.tenant}_${req.data.url}`
30 | : cds.utils.uuid()
31 | req.data.ID ??= cds.utils.uuid()
32 |
33 | let ext = req.data.filename ? extname(req.data.filename).toLowerCase().slice(1) : null
34 | req.data.mimeType = Ext2MimeTypes[ext]
35 |
36 | if (!req.data.mimeType) {
37 | LOG.warn(`An attachment ${req.data.ID} is uploaded whose extension "${ext}" is not known! Falling back to "application/octet-stream"`)
38 | req.data.mimeType = "application/octet-stream"
39 | }
40 | }
41 |
42 | /**
43 | * Validates if the attachment can be accessed based on its malware scan status
44 | * @param {import('@sap/cds').Request} req - The request object
45 | */
46 | async function validateAttachment(req) {
47 | if (!req.target?._attachments.isAttachmentsEntity) return;
48 |
49 | /* removing case condition for mediaType annotation as in our case binary value and metadata is stored in different database */
50 | req?.query?.SELECT?.columns?.forEach((element) => {
51 | if (element.as === 'content@odata.mediaContentType' && element.xpr) {
52 | delete element.xpr
53 | element.ref = ['mimeType']
54 | }
55 | })
56 |
57 | if (req?.req?.url?.endsWith("/content")) {
58 | const AttachmentsSrv = await cds.connect.to("attachments")
59 | const status = await AttachmentsSrv.getStatus(req.target, { ID: req.data.ID || req.params?.at(-1).ID })
60 | if (status === null || status === undefined) {
61 | return req.reject(404)
62 | }
63 | const scanEnabled = cds.env.requires?.attachments?.scan ?? true
64 | if (scanEnabled && status !== 'Clean') {
65 | req.reject(403, 'UnableToDownloadAttachmentScanStatusNotClean')
66 | }
67 | }
68 | }
69 |
70 | /**
71 | * Reads the attachment content if requested
72 | * @param {[cds.Entity]} param0
73 | * @param {import('@sap/cds').Request} req - The request object
74 | */
75 | async function readAttachment([attachment], req) {
76 | if (!req.target?._attachments.isAttachmentsEntity) return;
77 |
78 | const AttachmentsSrv = await cds.connect.to("attachments")
79 | if (req._.readAfterWrite || !req?.req?.url?.endsWith("/content") || !attachment || attachment?.content) return
80 | let keys = { ID: req.data.ID ?? req.params.at(-1).ID }
81 | let { target } = req
82 | attachment.content = await AttachmentsSrv.get(target, keys)
83 | }
84 |
85 | /**
86 | * Checks the attachments size against the maximum defined by the annotation `@Validation.Maximum`. Default 400mb.
87 | * If the limit is reached by the reported size of the content-length header or if the stream length exceeds
88 | * the limits the error is thrown.
89 | * @param {import('@sap/cds').Request} req - The request object
90 | * @throws AttachmentSizeExceeded
91 | */
92 | function validateAttachmentSize(req) {
93 | if (!req.target?._attachments.isAttachmentsEntity || !req.data.content) return;
94 |
95 | const maxFileSize = req.target.elements['content']['@Validation.Maximum'] ?
96 | sizeInBytes(req.target.elements['content']['@Validation.Maximum'], req.target.name) ?? MAX_FILE_SIZE :
97 | MAX_FILE_SIZE
98 |
99 | if (req.headers["content-length"] == null || req.headers["content-length"] === "") {
100 | return req.reject(411, 'ContentLengthHeaderMissing')
101 | }
102 |
103 | if (isNaN(Number(req.headers["content-length"]))) {
104 | return req.reject(400, 'InvalidContentLengthHeader', { contentLength: req.headers["content-length"] })
105 | }
106 |
107 | if (Number(req.headers["content-length"]) > maxFileSize) {
108 | if (req.data.content.pause) { req.data.content.pause() }
109 | return req.reject({ status: 413, message: "AttachmentSizeExceeded", args: [req.target.elements['content']['@Validation.Maximum'] ?? '400MB'] })
110 | }
111 | }
112 |
113 | /**
114 | * Validates the attachment mime type against acceptable media types
115 | * @param {import('@sap/cds').Request} req - The request object
116 | */
117 | function validateAttachmentMimeType(req) {
118 | if (!req.target?._attachments.isAttachmentsEntity || !req.data.content) return;
119 |
120 | const mimeType = req.data.mimeType
121 |
122 | const acceptableMediaTypes = req.target.elements.content['@Core.AcceptableMediaTypes'] || '*/*'
123 | if (!checkMimeTypeMatch(acceptableMediaTypes, mimeType)) {
124 | return req.reject(400, "AttachmentMimeTypeDisallowed", { mimeType: mimeType })
125 | }
126 | }
127 |
128 | module.exports = {
129 | validateAttachmentSize,
130 | onPrepareAttachment,
131 | readAttachment,
132 | validateAttachment,
133 | validateAttachmentMimeType
134 | }
135 |
136 | // Mapping table from file extensions to mime types
137 | const Ext2MimeTypes = {
138 | aac: "audio/aac",
139 | abw: "application/x-abiword",
140 | arc: "application/octet-stream",
141 | avi: "video/x-msvideo",
142 | azw: "application/vnd.amazon.ebook",
143 | bin: "application/octet-stream",
144 | png: "image/png",
145 | gif: "image/gif",
146 | bmp: "image/bmp",
147 | bz: "application/x-bzip",
148 | bz2: "application/x-bzip2",
149 | csh: "application/x-csh",
150 | css: "text/css",
151 | csv: "text/csv",
152 | doc: "application/msword",
153 | docx: "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
154 | odp: "application/vnd.oasis.opendocument.presentation",
155 | ods: "application/vnd.oasis.opendocument.spreadsheet",
156 | odt: "application/vnd.oasis.opendocument.text",
157 | epub: "application/epub+zip",
158 | gz: "application/gzip",
159 | htm: "text/html",
160 | html: "text/html",
161 | ico: "image/x-icon",
162 | ics: "text/calendar",
163 | jar: "application/java-archive",
164 | jpg: "image/jpeg",
165 | jpeg: "image/jpeg",
166 | js: "text/javascript",
167 | json: "application/json",
168 | mid: "audio/midi",
169 | midi: "audio/midi",
170 | mjs: "text/javascript",
171 | mov: "video/quicktime",
172 | mp3: "audio/mpeg",
173 | mp4: "video/mp4",
174 | mpeg: "video/mpeg",
175 | mpkg: "application/vnd.apple.installer+xml",
176 | otf: "font/otf",
177 | pdf: "application/pdf",
178 | ppt: "application/vnd.ms-powerpoint",
179 | pptx: "application/vnd.openxmlformats-officedocument.presentationml.presentation",
180 | rar: "application/x-rar-compressed",
181 | rtf: "application/rtf",
182 | svg: "image/svg+xml",
183 | tar: "application/x-tar",
184 | tif: "image/tiff",
185 | tiff: "image/tiff",
186 | ttf: "font/ttf",
187 | vsd: "application/vnd.visio",
188 | wav: "audio/wav",
189 | woff: "font/woff",
190 | woff2: "font/woff2",
191 | xhtml: "application/xhtml+xml",
192 | xls: "application/vnd.ms-excel",
193 | xlsx: "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet",
194 | xml: "application/xml",
195 | zip: "application/zip",
196 | txt: "application/txt",
197 | lst: "application/txt",
198 | webp: "image/webp",
199 | }
200 |
--------------------------------------------------------------------------------
/srv/gcp.js:
--------------------------------------------------------------------------------
1 | const { Storage } = require('@google-cloud/storage')
2 | const cds = require("@sap/cds")
3 | const LOG = cds.log('attachments')
4 | const utils = require('../lib/helper')
5 |
6 | module.exports = class GoogleAttachmentsService extends require("./object-store") {
7 |
8 | /**
9 | * Creates or retrieves a cached Google Cloud Platform client for the given tenant
10 | * @returns {Promise<{bucket: import('@google-cloud/storage').Bucket}>}
11 | */
12 | async retrieveClient() {
13 | const tenantID = this.separateObjectStore ? cds.context.tenant : 'shared'
14 | LOG.debug('Retrieving tenant-specific Google Cloud Platform client', { tenantID })
15 | const existingClient = this.clientsCache.get(tenantID)
16 | if (existingClient) {
17 | LOG.debug('Using cached GCP client', {
18 | tenantID,
19 | bucketName: existingClient.bucket.name
20 | })
21 | return existingClient
22 | }
23 |
24 | try {
25 | LOG.debug(`Fetching object store credentials for tenant ${tenantID}. Using ${this.separateObjectStore ? 'shared' : 'tenant-specific'} object store.`)
26 | const credentials = this.separateObjectStore
27 | ? (await utils.getObjectStoreCredentials(tenantID))?.credentials
28 | : cds.env.requires?.objectStore?.credentials
29 |
30 | if (!credentials) {
31 | throw new Error("SAP Object Store instance is not bound.")
32 | }
33 |
34 | // Validate required credentials
35 | const requiredFields = ['bucket', 'projectId', 'base64EncodedPrivateKeyData']
36 | const missingFields = requiredFields.filter(field => !credentials[field])
37 |
38 | if (missingFields.length > 0) {
39 | if (credentials.access_key_id) {
40 | throw new Error('AWS S3 credentials found where Google Cloud Platform credentials expected, please check your service bindings.')
41 | } else if (credentials.container_name) {
42 | throw new Error('Azure credentials found where Google Cloud Platform credentials expected, please check your service bindings.')
43 | }
44 | throw new Error(`Missing Google Cloud Platform credentials: ${missingFields.join(', ')}`)
45 | }
46 |
47 | LOG.debug('Creating Google Cloud Platform client for tenant', {
48 | tenantID,
49 | bucketName: credentials.bucket
50 | })
51 |
52 | const storageClient = new Storage({
53 | projectId: credentials.projectId,
54 | credentials: JSON.parse(Buffer.from(credentials.base64EncodedPrivateKeyData, 'base64').toString('utf8'))
55 | })
56 |
57 | const newGoogleClient = {
58 | bucket: storageClient.bucket(credentials.bucket),
59 | }
60 |
61 | this.clientsCache.set(tenantID, newGoogleClient)
62 |
63 | LOG.debug('Google Cloud Platform client has been created successful', {
64 | tenantID,
65 | bucketName: newGoogleClient.bucket.name
66 | })
67 |
68 | return newGoogleClient
69 |
70 | } catch (error) {
71 | LOG.error(
72 | 'Failed to create tenant-specific Google Cloud Platform client', error,
73 | 'Check Service Manager and Google Cloud Platform instance configuration',
74 | { tenantID })
75 | throw error
76 | }
77 | }
78 |
79 | /**
80 | * @inheritdoc
81 | */
82 | async put(attachments, data) {
83 | if (Array.isArray(data)) {
84 | LOG.debug('Processing bulk file upload', {
85 | fileCount: data.length,
86 | filenames: data.map(d => d.filename)
87 | })
88 | return Promise.all(
89 | data.map((d) => this.put(attachments, d))
90 | )
91 | }
92 |
93 | const startTime = Date.now()
94 |
95 | LOG.debug('Starting file upload to Google Cloud Platform', {
96 | attachmentEntity: attachments.name,
97 | tenant: cds.context.tenant
98 | })
99 |
100 | const { bucket } = await this.retrieveClient()
101 |
102 | try {
103 | const { content, ...metadata } = data
104 | const blobName = metadata.url
105 |
106 | if (!blobName) {
107 | LOG.error(
108 | 'File key/URL is required for Google Cloud Platform upload', null,
109 | 'Ensure attachment data includes a valid URL/key',
110 | { metadata: { ...metadata, content: !!content } })
111 | throw new Error('File key is required for upload')
112 | }
113 |
114 | if (!content) {
115 | LOG.error(
116 | 'File content is required for Google Cloud Platform upload', null,
117 | 'Ensure attachment data includes file content',
118 | { key: blobName, hasContent: !!content })
119 | throw new Error('File content is required for upload')
120 | }
121 |
122 | const file = bucket.file(blobName)
123 |
124 | const [exists] = await file.exists()
125 | if (exists) {
126 | const error = new Error('Attachment already exists')
127 | error.status = 409
128 | throw error
129 | }
130 |
131 | LOG.debug('Uploading file to Google Cloud Platform', {
132 | bucketName: bucket.name,
133 | blobName,
134 | filename: metadata.filename,
135 | contentSize: content.length || content.size || 'unknown'
136 | })
137 |
138 | // The file upload has to be done first, so super.put can compute the hash and trigger malware scan
139 | await file.save(content)
140 | await super.put(attachments, metadata)
141 |
142 | const duration = Date.now() - startTime
143 | LOG.debug('File upload to Google Cloud Platform completed successfully', {
144 | filename: metadata.filename,
145 | fileId: metadata.ID,
146 | bucketName: bucket.name,
147 | blobName,
148 | duration
149 | })
150 | } catch (err) {
151 | if (err.status === 409) {
152 | throw err
153 | }
154 | const duration = Date.now() - startTime
155 | LOG.error(
156 | 'File upload to Google Cloud Platform failed', err,
157 | 'Check Google Cloud Platform connectivity, credentials, and container permissions',
158 | { filename: data?.filename, fileId: data?.ID, bucketName: bucket.name, blobName: data?.url, duration })
159 | throw err
160 | }
161 | }
162 |
163 | /**
164 | * @inheritdoc
165 | */
166 | async get(attachments, keys) {
167 | const startTime = Date.now()
168 | LOG.debug('Starting stream from Google Cloud Platform', {
169 | attachmentEntity: attachments.name,
170 | keys,
171 | tenant: cds.context.tenant
172 | })
173 | const { bucket } = await this.retrieveClient()
174 |
175 | try {
176 | LOG.debug('Fetching attachment metadata', { keys })
177 | const response = await SELECT.from(attachments, keys).columns("url")
178 |
179 | if (!response?.url) {
180 | LOG.warn(
181 | 'File URL not found in database', null,
182 | 'Check if the attachment exists and has been properly uploaded',
183 | { keys, hasResponse: !!response })
184 | return null
185 | }
186 |
187 | const blobName = response.url
188 |
189 | LOG.debug('Streaming file from Google Cloud Platform', {
190 | bucketName: bucket.name,
191 | blobName
192 | })
193 |
194 | const file = bucket.file(blobName)
195 | const readStream = await file.createReadStream()
196 |
197 | const duration = Date.now() - startTime
198 | LOG.debug('File streamed from Google Cloud Platform successfully', {
199 | fileId: keys.ID,
200 | bucketName: bucket.name,
201 | blobName,
202 | duration
203 | })
204 |
205 | return readStream
206 | } catch (error) {
207 | const duration = Date.now() - startTime
208 | const suggestion = error.code === 'BlobNotFound' ?
209 | 'File may have been deleted from Google Cloud Platform or URL is incorrect' :
210 | error.code === 'AuthenticationFailed' ?
211 | 'Check Google Cloud Platform credentials and SAS token' :
212 | 'Check Google Cloud Platform connectivity and configuration'
213 |
214 | LOG.error(
215 | 'File download from Google Cloud Platform failed', error,
216 | suggestion,
217 | { fileId: keys?.ID, bucketName: bucket.name, attachmentName: attachments.name, duration })
218 |
219 | throw error
220 | }
221 | }
222 |
223 | /**
224 | * Deletes a file from Google Cloud Platform
225 | * @param {string} Key - The key of the file to delete
226 | * @returns {Promise} - Promise resolving when deletion is complete
227 | */
228 | async delete(blobName) {
229 | const { bucket } = await this.retrieveClient()
230 | LOG.debug(`[GCP] Executing delete for file ${blobName} in bucket ${bucket.name}`)
231 |
232 | const file = bucket.file(blobName)
233 | const response = await file.delete()
234 | return response[0]?.statusCode === 204
235 | }
236 | }
237 |
--------------------------------------------------------------------------------
/srv/aws-s3.js:
--------------------------------------------------------------------------------
1 | const { S3Client, GetObjectCommand, DeleteObjectCommand, HeadObjectCommand } = require('@aws-sdk/client-s3')
2 | const { Upload } = require("@aws-sdk/lib-storage")
3 | const cds = require("@sap/cds")
4 | const LOG = cds.log('attachments')
5 | const utils = require('../lib/helper')
6 |
7 | module.exports = class AWSAttachmentsService extends require("./object-store") {
8 |
9 | /**
10 | * Creates or retrieves a cached S3 client for the specified tenant
11 | * @returns {Promise<{client: import('@aws-sdk/client-s3').S3Client, bucket: string}>}
12 | */
13 | async retrieveClient() {
14 | const tenantID = this.separateObjectStore ? cds.context.tenant : 'shared'
15 | LOG.debug('Retrieving S3 client for', { tenantID })
16 | const existingClient = this.clientsCache.get(tenantID)
17 | if (existingClient) {
18 | LOG.debug('Using cached S3 client', {
19 | tenantID,
20 | bucket: existingClient.bucket
21 | })
22 | return existingClient
23 | }
24 |
25 | try {
26 | LOG.debug(`Fetching object store credentials for tenant ${tenantID}. Using ${this.separateObjectStore ? 'shared' : 'tenant-specific'} object store.`)
27 | const credentials = this.separateObjectStore
28 | ? (await utils.getObjectStoreCredentials(tenantID))?.credentials
29 | : cds.env.requires?.objectStore?.credentials
30 |
31 | if (!credentials) {
32 | throw new Error("SAP Object Store instance is not bound.")
33 | }
34 |
35 | const requiredFields = ['bucket', 'region', 'access_key_id', 'secret_access_key']
36 | const missingFields = requiredFields.filter(field => !credentials[field])
37 |
38 | if (missingFields.length > 0) {
39 | if (credentials.container_name) {
40 | throw new Error('Azure Blob Storage found where AWS S3 credentials expected, please check your service bindings.')
41 | } else if (credentials.projectId) {
42 | throw new Error('Google Cloud Platform credentials found where AWS S3 credentials expected, please check your service bindings.')
43 | }
44 | throw new Error(`Missing Object Store credentials: ${missingFields.join(', ')}`)
45 | }
46 |
47 | LOG.debug('Creating S3 client', {
48 | tenantID,
49 | region: credentials.region,
50 | bucket: credentials.bucket
51 | })
52 |
53 | const s3Client = new S3Client({
54 | region: credentials.region,
55 | credentials: {
56 | accessKeyId: credentials.access_key_id,
57 | secretAccessKey: credentials.secret_access_key,
58 | },
59 | })
60 |
61 | const newS3Client = {
62 | client: s3Client,
63 | bucket: credentials.bucket,
64 | }
65 |
66 | this.clientsCache.set(tenantID, newS3Client)
67 |
68 | LOG.debug('s3 client has been created successfully', {
69 | tenantID,
70 | bucket: newS3Client.bucket,
71 | region: credentials.region
72 | })
73 | return newS3Client;
74 | } catch (error) {
75 | LOG.error(
76 | 'Failed to create tenant-specific S3 client', error,
77 | 'Check Service Manager and Object Store instance configuration',
78 | { tenantID })
79 | throw error
80 | }
81 | }
82 |
83 | async exists(Key) {
84 | const { client, bucket } = await this.retrieveClient()
85 | try {
86 | await client.send(
87 | new HeadObjectCommand({
88 | Bucket: bucket,
89 | Key,
90 | })
91 | )
92 | // If no error, object exists
93 | return true
94 | } catch (err) {
95 | // Ignore expected error when object does not exist
96 | if (err.name === 'NotFound' && err.$metadata?.httpStatusCode === 404) {
97 | return false
98 | }
99 | throw err
100 | }
101 | }
102 |
103 | /**
104 | * @inheritdoc
105 | */
106 | async put(attachments, data) {
107 | if (Array.isArray(data)) {
108 | LOG.debug('Processing bulk file upload', {
109 | fileCount: data.length,
110 | filenames: data.map(d => d.filename)
111 | })
112 | return Promise.all(
113 | data.map((d) => this.put(attachments, d))
114 | )
115 | }
116 |
117 | const startTime = Date.now()
118 | LOG.debug('Starting file upload to S3', {
119 | attachmentEntity: attachments.name,
120 | tenant: cds.context.tenant
121 | })
122 |
123 | const { client, bucket } = await this.retrieveClient()
124 |
125 | try {
126 | const { content, ...metadata } = data
127 | const Key = metadata.url
128 |
129 | if (!Key) {
130 | LOG.error(
131 | 'File key/URL is required for S3 upload', null,
132 | 'Ensure attachment data includes a valid URL/key',
133 | { metadata: { ...metadata, content: !!content } })
134 | return
135 | }
136 |
137 | if (!content) {
138 | LOG.error(
139 | 'File content is required for S3 upload', null,
140 | 'Ensure attachment data includes file content',
141 | { key: Key, hasContent: !!content })
142 | return
143 | }
144 |
145 | if (await this.exists(Key)) {
146 | const error = new Error('Attachment already exists')
147 | error.status = 409
148 | throw error
149 | }
150 |
151 | const input = {
152 | Bucket: bucket,
153 | Key,
154 | Body: content,
155 | }
156 |
157 | LOG.info('Uploading file to S3', {
158 | bucket: bucket,
159 | key: Key,
160 | filename: metadata.filename,
161 | contentSize: content.length || content.size || 'unknown'
162 | })
163 |
164 | const multipartUpload = new Upload({
165 | client: client,
166 | params: input,
167 | })
168 |
169 | // The file upload has to be done first, so super.put can compute the hash and trigger malware scan
170 | await multipartUpload.done()
171 | await super.put(attachments, metadata)
172 |
173 | const duration = Date.now() - startTime
174 | LOG.debug('File upload to S3 completed successfully', {
175 | filename: metadata.filename,
176 | fileId: metadata.ID,
177 | bucket: bucket,
178 | key: Key,
179 | duration
180 | })
181 | } catch (err) {
182 | if (err.status === 409) {
183 | throw err
184 | }
185 | const duration = Date.now() - startTime
186 | LOG.error(
187 | 'File upload to S3 failed', err,
188 | 'Check S3 connectivity, credentials, and bucket permissions',
189 | { filename: data?.filename, fileId: data?.ID, bucket: bucket, key: data?.url, duration })
190 | throw err
191 | }
192 | }
193 |
194 | /**
195 | * @inheritdoc
196 | */
197 | async get(attachments, keys) {
198 | const startTime = Date.now()
199 |
200 | LOG.info('Starting file download from S3', {
201 | attachmentEntity: attachments.name,
202 | keys,
203 | tenant: cds.context.tenant
204 | })
205 |
206 | const { client, bucket } = await this.retrieveClient()
207 |
208 | try {
209 | LOG.debug('Fetching attachment metadata', { keys })
210 | const response = await SELECT.from(attachments, keys).columns("url")
211 |
212 | if (!response?.url) {
213 | LOG.warn(
214 | 'File URL not found in database', null,
215 | 'Check if the attachment exists and has been properly uploaded',
216 | { keys, hasResponse: !!response })
217 | return null
218 | }
219 |
220 | const Key = response.url
221 |
222 | LOG.debug('Streaming file from S3', {
223 | bucket: bucket,
224 | key: Key
225 | })
226 |
227 | const content = await client.send(
228 | new GetObjectCommand({
229 | Bucket: bucket,
230 | Key,
231 | })
232 | )
233 |
234 | const duration = Date.now() - startTime
235 | LOG.debug('File streamed from S3 successfully', {
236 | fileId: keys.ID,
237 | bucket: bucket,
238 | key: Key,
239 | duration
240 | })
241 |
242 | return content.Body
243 |
244 | } catch (error) {
245 | const duration = Date.now() - startTime
246 | const suggestion = error.name === 'NoSuchKey' ?
247 | 'File may have been deleted from S3 or URL is incorrect' :
248 | error.name === 'AccessDenied' ?
249 | 'Check S3 bucket permissions and credentials' :
250 | 'Check S3 connectivity and configuration'
251 |
252 | LOG.error(
253 | 'File download from S3 failed', error,
254 | suggestion,
255 | { fileId: keys?.ID, bucket: bucket, attachmentName: attachments.name, duration })
256 |
257 | throw error
258 | }
259 | }
260 |
261 | /**
262 | * Deletes a file from S3 based on the provided key
263 | * @param {string} Key - The key of the file to delete
264 | * @returns {Promise} - Promise resolving when deletion is complete
265 | */
266 | async delete(Key) {
267 | const { client, bucket } = await this.retrieveClient()
268 | LOG.debug(`[AWS S3] Executing delete for file ${Key} in bucket ${bucket}`)
269 |
270 | const response = await client.send(
271 | new DeleteObjectCommand({
272 | Bucket: bucket,
273 | Key,
274 | })
275 | )
276 | return response.DeleteMarker
277 | }
278 | }
279 |
--------------------------------------------------------------------------------
/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Change Log
2 |
3 | All notable changes to this project will be documented in this file.
4 | This project adheres to [Semantic Versioning](http://semver.org/).
5 | The format is based on [Keep a Changelog](http://keepachangelog.com/).
6 |
7 | ## Version 3.5.0
8 |
9 | ## Fixed
10 |
11 | - Enforced the use of the `Content-Length` header to prevent server errors.
12 | - Designated the `content` property in the Attachments table as a `NonSortableProperty` to prevent database errors when sorting LargeBinary fields.
13 |
14 | ## Version 3.4.0
15 |
16 | ### Added
17 |
18 | - Introduced support for the `@Core.AcceptableMediaTypes` annotation, allowing specification of permitted MIME types for attachment uploads:
19 | ```cds
20 | annotate my.Books.attachments with {
21 | content @Core.AcceptableMediaTypes: ['image/jpeg'];
22 | }
23 | ```
24 | - Added support for the `@Validation.Maximum` annotation to define the maximum allowed file size for attachments:
25 | ```cds
26 | annotate my.Books.attachments with {
27 | content @Validation.Maximum: '2MB';
28 | }
29 | ```
30 |
31 | ### Fixed
32 |
33 | - Removed the previous hard limit of `400 MB` for file uploads. Files exceeding this size may still fail during malware scanning and will be marked with a `Failed` status.
34 | - Resolved issues with generic handler registration, enabling services to intercept the attachments plugin using middleware.
35 |
36 | ## Version 3.3.0
37 |
38 | ### Added
39 |
40 | - Added [`standard`](./README.md#supported-storage-provider) kind and set it as the default so that the configuration needs no adjustment when switching hyper-scalers.
41 | - Added support for uploading and updating attachments via `srv.run(INSERT.into(Attachments).entries())` or `srv.run(UPDATE.entity(Attachments).set())`
42 |
43 | ### Fixed
44 |
45 | - Fixed an issue that in multi-tenancy scenarios with separate object stores duplicate object stores per tenant were created when updating the tenant binding via the SaaS dependency service.
46 | - Fixed a race-condition where tenant isolation in separate object store mode could be broken.
47 | - Fixed a case where attachments were not correctly deleted.
48 | - Fixed a server crash when using the `AttachmentsSrv.put` API to upload an attachment.
49 | - Fixed a server crash when no object store would be bound to the application on BTP.
50 | - Fixed a server crash when the filename would not be given when creating new attachment metadata.
51 | - Fixed an issue where attachment handlers would be missing when all Attachments entity were behind feature toggles.
52 | - Fixed an issue where with storage kind `db` attachments could not be uploaded as drafts.
53 | - Fixed an issue where the content could be uploaded for a not existing attachments entity.
54 |
55 | ## Version 3.2.0
56 |
57 | ### Added
58 |
59 | - Implemented integration with additional cloud providers for attachment storage:
60 | - Azure Blob Storage (`kind: azure`).
61 | - Google Cloud Platform Object Store (`kind: gcp`).
62 | - Added support for mTLS authentication for the malware scanning service.
63 | - Added criticality status to the attachment scan status.
64 | - Provided translations for all SAP-supported languages.
65 |
66 | ## Version 3.1.0
67 |
68 | ### Added
69 |
70 | - Introduced a sample application in the `/tests/` folder to facilitate local development and testing.
71 |
72 | ### Fixed
73 |
74 | - Resolved a memory leak that could occur during the malware scanning process.
75 | - Ensured reliable deletion of all related attachments when parent entities are removed, preventing orphaned data.
76 | - Improved handling of attachment deletion for non-draft entities to ensure consistent cleanup.
77 |
78 | ## Version 3.0.0
79 |
80 | **BREAKING CHANGE:** Replaced usage of the CAP `req` variable with `cds.context` throughout the codebase.
81 |
82 | ### Fixed
83 |
84 | - Resolved a crash in the malware scanning process when running the CDS server in a multitenancy setup.
85 | - Corrected missing translations for column labels.
86 | - Scan states are now translated.
87 |
88 | ### Added
89 |
90 | - Deprecated `@attachments.disable_facet`
91 | - Introduced support for @UI.Hidden, enabling dynamic hiding of the attachments section in the UI.
92 |
93 | ## Version 2.2.2
94 |
95 | ### Added
96 |
97 | - Enhanced logging capabilities by introducing a logging wrapper, providing more comprehensive and structured output to facilitate easier debugging and troubleshooting.
98 |
99 | ### Fixed
100 |
101 | - Resolved an issue in hybrid mode where an incorrect route path variable was used for attachment uploads in local environments.
102 |
103 | ## Version 2.2.1
104 |
105 | ### Fixed
106 |
107 | - Ensured content is correctly stored and retrievable in non-draft mode.
108 |
109 | ## Version 2.2.0
110 |
111 | ### Added
112 |
113 | - Support for the `standard` plan of the SAP Object Store in multitenant mode. The plugin now attempts to use the `standard` plan and falls back to the deprecated `s3-standard` plan if needed.
114 | - Added support for non-draft attachment handling.
115 |
116 | ### Fixed
117 |
118 | - Improved error handling and runtime crashes.
119 | - Fixed support for MTLS authentication via Service Manager.
120 |
121 | ## Version 2.1.2
122 |
123 | ### Fixed
124 |
125 | - Bug fixes.
126 |
127 | ## Version 2.1.1
128 |
129 | ### Added
130 |
131 | - MTX: Support for deleting tenant-specific objects from S3 upon tenant unsubscription in shared mode.
132 |
133 | ### Fixed
134 |
135 | - Deleted attachments are now removed from S3 when a draft is discarded or deleted.
136 |
137 | ## Version 2.1.0
138 |
139 | ### Added
140 |
141 | - Support for multitenancy with tenant specific object store instances as the default option.
142 |
143 | ### Fixed
144 |
145 | - Support for `.mov` file extension.
146 |
147 | ## Version 2.0.2
148 |
149 | ### Fixed
150 |
151 | - Restored Attachments aspect on root namespace.
152 |
153 | ## Version 2.0.1
154 |
155 | ### Fixed
156 |
157 | - Minor bug fixes.
158 |
159 | ## Version 2.0.0
160 |
161 | ### Changed
162 |
163 | - Removed `@sap/xsenv` dependency.
164 | - Attachments usage changed to `using { sap.attachments.Attachments } from '@cap-js/attachments'`.
165 |
166 | ### Added
167 |
168 | - **Visibility Control**: Added visibility control for attachments plugin using `@attachments.disable_facet`.
169 |
170 | ## Version 1.2.1
171 |
172 | ### Fixed
173 |
174 | - CDS version check added for rendering UI facets in older versions.
175 |
176 | ## Version 1.2.0
177 |
178 | ### Added
179 |
180 | - Support for multi-tenant applications utilizing a shared `object store` instance.
181 |
182 | ### Fixed
183 |
184 | - Fixed query syntax error for hana cloud bindings.
185 |
186 | ## Version 1.1.9
187 |
188 | ### Added
189 |
190 | - **File Size Validation**: Introduced a new file size validation feature to ensure uploaded attachments comply with defined size limits.
191 | - This feature is compatible with SAPUI5 version `>= 1.131.0`.
192 |
193 | ### Fixed
194 |
195 | - Fixed upload attachment bug after cds `8.7.0` update.
196 |
197 | ## Version 1.1.8
198 |
199 | ### Changed
200 |
201 | - Included test cases for malware scanning within development profile.
202 |
203 | ### Fixed
204 |
205 | - Fix for viewing stored attachment.
206 |
207 | ## Version 1.1.7
208 |
209 | ### Fixed
210 |
211 | - Fix for scenario where an aspect has a composition.
212 |
213 | ## Version 1.1.6
214 |
215 | ### Added
216 |
217 | - Support for cds 8.
218 |
219 | ### Fixed
220 |
221 | - Fix for adding note for attachments.
222 |
223 | ## Version 1.1.5
224 |
225 | ### Changed
226 |
227 | - Set width for columns for Attachments table UI.
228 | - Scan status is mocked to `Clean` only in the development profile and otherwise set to `Unscanned`, when malware scan is disabled.
229 | - When malware scan is disabled, removed restriction to access uploaded attachment.
230 |
231 | ## Version 1.1.4
232 |
233 | ### Changed
234 |
235 | - Updated Node version restriction.
236 |
237 | ## Version 1.1.3
238 |
239 | ### Changed
240 |
241 | - Improved error handling.
242 |
243 | ### Fixed
244 |
245 | - Minor bug fixes.
246 |
247 | ## Version 1.1.2
248 |
249 | ### Added
250 |
251 | - Content of files detected as `Infected` from malware scanning service are now deleted.
252 |
253 | ### Changed
254 |
255 | - Attachments aren't served if their scan status isn't `Clean`.
256 | - Reduced the delay of setting scan status to `Clean` to 5 sec, if malware scanning is disabled.
257 |
258 | ### Fixed
259 |
260 | - Bug fixes for event handlers in production.
261 | - Bug fix for attachment target condition.
262 |
263 | ## Version 1.1.1
264 |
265 | ### Changed
266 |
267 | - Enabled malware scanning in hybrid profile by default.
268 | - Added a 10 sec delay before setting scan status to `Clean` if malware scanning is disabled.
269 |
270 | ### Fixed
271 |
272 | - Bug fixes for upload functionality in production.
273 |
274 | ## Version 1.1.0
275 |
276 | ### Added
277 |
278 | - Attachments are scanned for malware using SAP Malware Scanning Service.
279 |
280 | ### Fixed
281 |
282 | - Fixes for deployment
283 |
284 | ## Version 1.0.2
285 |
286 | ### Fixed
287 |
288 | - Bug fixes
289 |
290 | ## Version 1.0.1
291 |
292 | ### Fixed
293 |
294 | - Updating the documentation.
295 |
296 | ## Version 1.0.0
297 |
298 | ### Added
299 |
300 | - Initial release that provides out-of-the box asset storage and handling by using an aspect Attachments. It also provides a CAP-level, easy to use integration of the SAP Object Store.
301 |
--------------------------------------------------------------------------------
/LICENSES/Apache-2.0.txt:
--------------------------------------------------------------------------------
1 | Apache License
2 | Version 2.0, January 2004
3 | http://www.apache.org/licenses/
4 |
5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
6 |
7 | 1. Definitions.
8 |
9 | "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document.
10 |
11 | "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License.
12 |
13 | "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity.
14 |
15 | "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License.
16 |
17 | "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files.
18 |
19 | "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types.
20 |
21 | "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below).
22 |
23 | "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof.
24 |
25 | "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution."
26 |
27 | "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work.
28 |
29 | 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form.
30 |
31 | 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed.
32 |
33 | 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions:
34 |
35 | (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and
36 |
37 | (b) You must cause any modified files to carry prominent notices stating that You changed the files; and
38 |
39 | (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and
40 |
41 | (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License.
42 |
43 | You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License.
44 |
45 | 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions.
46 |
47 | 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file.
48 |
49 | 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License.
50 |
51 | 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages.
52 |
53 | 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability.
54 |
55 | END OF TERMS AND CONDITIONS
56 |
57 | APPENDIX: How to apply the Apache License to your work.
58 |
59 | To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives.
60 |
61 | Copyright [yyyy] [name of copyright owner]
62 |
63 | Licensed under the Apache License, Version 2.0 (the "License");
64 | you may not use this file except in compliance with the License.
65 | You may obtain a copy of the License at
66 |
67 | http://www.apache.org/licenses/LICENSE-2.0
68 |
69 | Unless required by applicable law or agreed to in writing, software
70 | distributed under the License is distributed on an "AS IS" BASIS,
71 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
72 | See the License for the specific language governing permissions and
73 | limitations under the License.
74 |
--------------------------------------------------------------------------------
/srv/azure-blob-storage.js:
--------------------------------------------------------------------------------
1 | const { BlobServiceClient } = require('@azure/storage-blob')
2 | const cds = require("@sap/cds")
3 | const LOG = cds.log('attachments')
4 | const utils = require('../lib/helper')
5 |
6 | module.exports = class AzureAttachmentsService extends require("./object-store") {
7 |
8 | /**
9 | * Creates or retrieves a cached Azure Blob Storage client for the given tenant
10 | * @returns {Promise<{blobServiceClient: import('@azure/storage-blob').BlobServiceClient, containerClient: import('@azure/storage-blob').ContainerClient}>}
11 | */
12 | async retrieveClient() {
13 | const tenantID = this.separateObjectStore ? cds.context.tenant : 'shared'
14 | LOG.debug('Retrieving tenant-specific Azure Blob Storage client', { tenantID })
15 |
16 | const existingClient = this.clientsCache.get(tenantID)
17 | if (existingClient) {
18 | LOG.debug('Using cached Azure Blob Storage client', {
19 | tenantID,
20 | containerName: existingClient.containerClient.containerName
21 | })
22 | return existingClient
23 | }
24 |
25 | try {
26 | LOG.debug('Fetching object store credentials for tenant', { tenantID })
27 | const credentials = this.separateObjectStore
28 | ? (await utils.getObjectStoreCredentials(tenantID))?.credentials
29 | : cds.env.requires?.objectStore?.credentials
30 |
31 | if (!credentials) {
32 | throw new Error("SAP Object Store instance is not bound.")
33 | }
34 |
35 | const requiredFields = ['container_name', 'container_uri', 'sas_token']
36 | const missingFields = requiredFields.filter(field => !credentials[field])
37 |
38 | if (missingFields.length > 0) {
39 | if (credentials.access_key_id) {
40 | throw new Error('AWS S3 credentials found where Azure Blob Storage credentials expected, please check your service bindings.')
41 | } else if (credentials.projectId) {
42 | throw new Error('Google Cloud Platform credentials found where Azure Blob Storage credentials expected, please check your service bindings.')
43 | }
44 | throw new Error(`Missing Azure Blob Storage credentials: ${missingFields.join(', ')}`)
45 | }
46 |
47 | LOG.debug('Creating Azure Blob Storage client for tenant', {
48 | tenantID,
49 | containerName: credentials.container_name
50 | })
51 |
52 | const blobServiceClient = new BlobServiceClient(credentials.container_uri + "?" + credentials.sas_token)
53 | const containerClient = blobServiceClient.getContainerClient(credentials.container_name)
54 |
55 | const newAzureCredentials = {
56 | containerClient,
57 | }
58 |
59 | this.clientsCache.set(tenantID, newAzureCredentials)
60 |
61 | LOG.debug('Azure Blob Storage client has been created successful', {
62 | tenantID,
63 | containerName: containerClient.containerName
64 | })
65 | return newAzureCredentials;
66 | } catch (error) {
67 | LOG.error(
68 | 'Failed to create tenant-specific Azure Blob Storage client', error,
69 | 'Check Service Manager and Azure Blob Storage instance configuration',
70 | { tenantID })
71 | throw error
72 | }
73 | }
74 |
75 | async exists(blobName) {
76 | const { containerClient } = await this.retrieveClient()
77 | const blobClient = containerClient.getBlockBlobClient(blobName)
78 | try {
79 | await blobClient.getProperties()
80 | // If no error, blob exists
81 | return true
82 | } catch (err) {
83 | // Anything besides 404 BlobNotFound is an actual error
84 | if (err.statusCode !== 404 && err.code !== 'BlobNotFound') {
85 | throw err
86 | }
87 | return false
88 | }
89 | }
90 |
91 | /**
92 | * @inheritdoc
93 | */
94 | async put(attachments, data) {
95 | if (Array.isArray(data)) {
96 | LOG.debug('Processing bulk file upload', {
97 | fileCount: data.length,
98 | filenames: data.map(d => d.filename)
99 | })
100 | return Promise.all(
101 | data.map((d) => this.put(attachments, d))
102 | )
103 | }
104 |
105 | const startTime = Date.now()
106 |
107 | LOG.debug('Starting file upload to Azure Blob Storage', {
108 | attachmentEntity: attachments.name,
109 | tenant: cds.context.tenant
110 | })
111 | const { containerClient } = await this.retrieveClient()
112 | try {
113 | let { content: _content, ...metadata } = data
114 | const blobName = metadata.url
115 |
116 | if (!blobName) {
117 | LOG.error(
118 | 'File key/URL is required for Azure Blob Storage upload', null,
119 | 'Ensure attachment data includes a valid URL/key',
120 | { metadata: { ...metadata, content: !!_content } })
121 | throw new Error('File key is required for upload')
122 | }
123 |
124 | if (!_content) {
125 | LOG.error(
126 | 'File content is required for Azure Blob Storage upload', null,
127 | 'Ensure attachment data includes file content',
128 | { key: blobName, hasContent: !!_content })
129 | throw new Error('File content is required for upload')
130 | }
131 |
132 | const blobClient = containerClient.getBlockBlobClient(blobName)
133 |
134 | if (await this.exists(blobName)) {
135 | const error = new Error('Attachment already exists')
136 | error.status = 409
137 | throw error
138 | }
139 |
140 | LOG.debug('Uploading file to Azure Blob Storage', {
141 | containerName: containerClient.containerName,
142 | blobName,
143 | filename: metadata.filename,
144 | contentSize: _content.length || _content.size || 'unknown'
145 | })
146 |
147 | // Handle different content types for update
148 | let contentLength
149 | const content = _content
150 | if (Buffer.isBuffer(content)) {
151 | contentLength = content.length
152 | } else if (content && typeof content.length === 'number') {
153 | contentLength = content.length
154 | } else if (content && typeof content.size === 'number') {
155 | contentLength = content.size
156 | } else {
157 | // Convert to buffer if needed
158 | const chunks = []
159 | for await (const chunk of content) {
160 | chunks.push(chunk)
161 | }
162 | _content = Buffer.concat(chunks)
163 | contentLength = _content.length
164 | }
165 |
166 | // The file upload has to be done first, so super.put can compute the hash and trigger malware scan
167 | await blobClient.upload(_content, contentLength)
168 | await super.put(attachments, metadata)
169 |
170 | const duration = Date.now() - startTime
171 | LOG.debug('File upload to Azure Blob Storage completed successfully', {
172 | filename: metadata.filename,
173 | fileId: metadata.ID,
174 | containerName: containerClient.containerName,
175 | blobName,
176 | duration
177 | })
178 | } catch (err) {
179 | if (err.status === 409) {
180 | throw err
181 | }
182 | const duration = Date.now() - startTime
183 | LOG.error(
184 | 'File upload to Azure Blob Storage failed', err,
185 | 'Check Azure Blob Storage connectivity, credentials, and container permissions',
186 | { filename: data?.filename, fileId: data?.ID, containerName: containerClient.containerName, blobName: data?.url, duration })
187 | throw err
188 | }
189 | }
190 |
191 | /**
192 | * @inheritdoc
193 | */
194 | async get(attachments, keys) {
195 | const startTime = Date.now()
196 | LOG.debug('Starting stream from Azure Blob Storage', {
197 | attachmentEntity: attachments.name,
198 | keys,
199 | tenant: cds.context.tenant
200 | })
201 | const { containerClient } = await this.retrieveClient()
202 |
203 | try {
204 | LOG.debug('Fetching attachment metadata', { keys })
205 | const response = await SELECT.from(attachments, keys).columns("url")
206 |
207 | if (!response?.url) {
208 | LOG.warn(
209 | 'File URL not found in database', null,
210 | 'Check if the attachment exists and has been properly uploaded',
211 | { keys, hasResponse: !!response })
212 | return null
213 | }
214 |
215 | LOG.debug('Streaming file from Azure Blob Storage', {
216 | containerName: containerClient.containerName,
217 | fileId: keys.ID,
218 | blobName: response.url
219 | })
220 |
221 | const blobClient = containerClient.getBlockBlobClient(response.url)
222 | const downloadResponse = await blobClient.download()
223 |
224 | const duration = Date.now() - startTime
225 | LOG.debug('File streamed from Azure Blob Storage successfully', {
226 | fileId: keys.ID,
227 | duration
228 | })
229 |
230 | return downloadResponse.readableStreamBody
231 | } catch (error) {
232 | const duration = Date.now() - startTime
233 | const suggestion = error.code === 'BlobNotFound' ?
234 | 'File may have been deleted from Azure Blob Storage or URL is incorrect' :
235 | error.code === 'AuthenticationFailed' ?
236 | 'Check Azure Blob Storage credentials and SAS token' :
237 | 'Check Azure Blob Storage connectivity and configuration'
238 |
239 | LOG.error(
240 | 'File download from Azure Blob Storage failed', error,
241 | suggestion,
242 | { fileId: keys?.ID, containerName: containerClient.containerName, attachmentName: attachments.name, duration })
243 |
244 | throw error
245 | }
246 | }
247 |
248 | /**
249 | * Deletes a file from Azure Blob Storage
250 | * @param {string} Key - The key of the file to delete
251 | * @returns {Promise} - Promise resolving when deletion is complete
252 | */
253 | async delete(blobName) {
254 | const { containerClient } = await this.retrieveClient()
255 | LOG.debug(`[Azure] Executing delete for file ${blobName} in bucket ${containerClient.containerName}`)
256 |
257 | const blobClient = containerClient.getBlockBlobClient(blobName)
258 | const response = await blobClient.delete()
259 | return response._response.status === 202
260 | }
261 | }
262 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | Apache License
2 | Version 2.0, January 2004
3 | http://www.apache.org/licenses/
4 |
5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
6 |
7 | 1. Definitions.
8 |
9 | "License" shall mean the terms and conditions for use, reproduction,
10 | and distribution as defined by Sections 1 through 9 of this document.
11 |
12 | "Licensor" shall mean the copyright owner or entity authorized by
13 | the copyright owner that is granting the License.
14 |
15 | "Legal Entity" shall mean the union of the acting entity and all
16 | other entities that control, are controlled by, or are under common
17 | control with that entity. For the purposes of this definition,
18 | "control" means (i) the power, direct or indirect, to cause the
19 | direction or management of such entity, whether by contract or
20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the
21 | outstanding shares, or (iii) beneficial ownership of such entity.
22 |
23 | "You" (or "Your") shall mean an individual or Legal Entity
24 | exercising permissions granted by this License.
25 |
26 | "Source" form shall mean the preferred form for making modifications,
27 | including but not limited to software source code, documentation
28 | source, and configuration files.
29 |
30 | "Object" form shall mean any form resulting from mechanical
31 | transformation or translation of a Source form, including but
32 | not limited to compiled object code, generated documentation,
33 | and conversions to other media types.
34 |
35 | "Work" shall mean the work of authorship, whether in Source or
36 | Object form, made available under the License, as indicated by a
37 | copyright notice that is included in or attached to the work
38 | (an example is provided in the Appendix below).
39 |
40 | "Derivative Works" shall mean any work, whether in Source or Object
41 | form, that is based on (or derived from) the Work and for which the
42 | editorial revisions, annotations, elaborations, or other modifications
43 | represent, as a whole, an original work of authorship. For the purposes
44 | of this License, Derivative Works shall not include works that remain
45 | separable from, or merely link (or bind by name) to the interfaces of,
46 | the Work and Derivative Works thereof.
47 |
48 | "Contribution" shall mean any work of authorship, including
49 | the original version of the Work and any modifications or additions
50 | to that Work or Derivative Works thereof, that is intentionally
51 | submitted to Licensor for inclusion in the Work by the copyright owner
52 | or by an individual or Legal Entity authorized to submit on behalf of
53 | the copyright owner. For the purposes of this definition, "submitted"
54 | means any form of electronic, verbal, or written communication sent
55 | to the Licensor or its representatives, including but not limited to
56 | communication on electronic mailing lists, source code control systems,
57 | and issue tracking systems that are managed by, or on behalf of, the
58 | Licensor for the purpose of discussing and improving the Work, but
59 | excluding communication that is conspicuously marked or otherwise
60 | designated in writing by the copyright owner as "Not a Contribution."
61 |
62 | "Contributor" shall mean Licensor and any individual or Legal Entity
63 | on behalf of whom a Contribution has been received by Licensor and
64 | subsequently incorporated within the Work.
65 |
66 | 2. Grant of Copyright License. Subject to the terms and conditions of
67 | this License, each Contributor hereby grants to You a perpetual,
68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable
69 | copyright license to reproduce, prepare Derivative Works of,
70 | publicly display, publicly perform, sublicense, and distribute the
71 | Work and such Derivative Works in Source or Object form.
72 |
73 | 3. Grant of Patent License. Subject to the terms and conditions of
74 | this License, each Contributor hereby grants to You a perpetual,
75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable
76 | (except as stated in this section) patent license to make, have made,
77 | use, offer to sell, sell, import, and otherwise transfer the Work,
78 | where such license applies only to those patent claims licensable
79 | by such Contributor that are necessarily infringed by their
80 | Contribution(s) alone or by combination of their Contribution(s)
81 | with the Work to which such Contribution(s) was submitted. If You
82 | institute patent litigation against any entity (including a
83 | cross-claim or counterclaim in a lawsuit) alleging that the Work
84 | or a Contribution incorporated within the Work constitutes direct
85 | or contributory patent infringement, then any patent licenses
86 | granted to You under this License for that Work shall terminate
87 | as of the date such litigation is filed.
88 |
89 | 4. Redistribution. You may reproduce and distribute copies of the
90 | Work or Derivative Works thereof in any medium, with or without
91 | modifications, and in Source or Object form, provided that You
92 | meet the following conditions:
93 |
94 | (a) You must give any other recipients of the Work or
95 | Derivative Works a copy of this License; and
96 |
97 | (b) You must cause any modified files to carry prominent notices
98 | stating that You changed the files; and
99 |
100 | (c) You must retain, in the Source form of any Derivative Works
101 | that You distribute, all copyright, patent, trademark, and
102 | attribution notices from the Source form of the Work,
103 | excluding those notices that do not pertain to any part of
104 | the Derivative Works; and
105 |
106 | (d) If the Work includes a "NOTICE" text file as part of its
107 | distribution, then any Derivative Works that You distribute must
108 | include a readable copy of the attribution notices contained
109 | within such NOTICE file, excluding those notices that do not
110 | pertain to any part of the Derivative Works, in at least one
111 | of the following places: within a NOTICE text file distributed
112 | as part of the Derivative Works; within the Source form or
113 | documentation, if provided along with the Derivative Works; or,
114 | within a display generated by the Derivative Works, if and
115 | wherever such third-party notices normally appear. The contents
116 | of the NOTICE file are for informational purposes only and
117 | do not modify the License. You may add Your own attribution
118 | notices within Derivative Works that You distribute, alongside
119 | or as an addendum to the NOTICE text from the Work, provided
120 | that such additional attribution notices cannot be construed
121 | as modifying the License.
122 |
123 | You may add Your own copyright statement to Your modifications and
124 | may provide additional or different license terms and conditions
125 | for use, reproduction, or distribution of Your modifications, or
126 | for any such Derivative Works as a whole, provided Your use,
127 | reproduction, and distribution of the Work otherwise complies with
128 | the conditions stated in this License.
129 |
130 | 5. Submission of Contributions. Unless You explicitly state otherwise,
131 | any Contribution intentionally submitted for inclusion in the Work
132 | by You to the Licensor shall be under the terms and conditions of
133 | this License, without any additional terms or conditions.
134 | Notwithstanding the above, nothing herein shall supersede or modify
135 | the terms of any separate license agreement you may have executed
136 | with Licensor regarding such Contributions.
137 |
138 | 6. Trademarks. This License does not grant permission to use the trade
139 | names, trademarks, service marks, or product names of the Licensor,
140 | except as required for reasonable and customary use in describing the
141 | origin of the Work and reproducing the content of the NOTICE file.
142 |
143 | 7. Disclaimer of Warranty. Unless required by applicable law or
144 | agreed to in writing, Licensor provides the Work (and each
145 | Contributor provides its Contributions) on an "AS IS" BASIS,
146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
147 | implied, including, without limitation, any warranties or conditions
148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
149 | PARTICULAR PURPOSE. You are solely responsible for determining the
150 | appropriateness of using or redistributing the Work and assume any
151 | risks associated with Your exercise of permissions under this License.
152 |
153 | 8. Limitation of Liability. In no event and under no legal theory,
154 | whether in tort (including negligence), contract, or otherwise,
155 | unless required by applicable law (such as deliberate and grossly
156 | negligent acts) or agreed to in writing, shall any Contributor be
157 | liable to You for damages, including any direct, indirect, special,
158 | incidental, or consequential damages of any character arising as a
159 | result of this License or out of the use or inability to use the
160 | Work (including but not limited to damages for loss of goodwill,
161 | work stoppage, computer failure or malfunction, or any and all
162 | other commercial damages or losses), even if such Contributor
163 | has been advised of the possibility of such damages.
164 |
165 | 9. Accepting Warranty or Additional Liability. While redistributing
166 | the Work or Derivative Works thereof, You may choose to offer,
167 | and charge a fee for, acceptance of support, warranty, indemnity,
168 | or other liability obligations and/or rights consistent with this
169 | License. However, in accepting such obligations, You may act only
170 | on Your own behalf and on Your sole responsibility, not on behalf
171 | of any other Contributor, and only if You agree to indemnify,
172 | defend, and hold each Contributor harmless for any liability
173 | incurred by, or claims asserted against, such Contributor by reason
174 | of your accepting any such warranty or additional liability.
175 |
176 | END OF TERMS AND CONDITIONS
177 |
178 | APPENDIX: How to apply the Apache License to your work.
179 |
180 | To apply the Apache License to your work, attach the following
181 | boilerplate notice, with the fields enclosed by brackets "[]"
182 | replaced with your own identifying information. (Don't include
183 | the brackets!) The text should be enclosed in the appropriate
184 | comment syntax for the file format. We also recommend that a
185 | file or class name and description of purpose be included on the
186 | same "printed page" as the copyright notice for easier
187 | identification within third-party archives.
188 |
189 | Copyright [yyyy] [name of copyright owner]
190 |
191 | Licensed under the Apache License, Version 2.0 (the "License");
192 | you may not use this file except in compliance with the License.
193 | You may obtain a copy of the License at
194 |
195 | http://www.apache.org/licenses/LICENSE-2.0
196 |
197 | Unless required by applicable law or agreed to in writing, software
198 | distributed under the License is distributed on an "AS IS" BASIS,
199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
200 | See the License for the specific language governing permissions and
201 | limitations under the License.
202 |
--------------------------------------------------------------------------------
/srv/basic.js:
--------------------------------------------------------------------------------
1 | const cds = require('@sap/cds')
2 | const LOG = cds.log('attachments')
3 | const { computeHash, traverseEntity } = require('../lib/helper')
4 |
5 | class AttachmentsService extends cds.Service {
6 |
7 | init() {
8 | this.on('DeleteAttachment', async msg => {
9 | await this.delete(msg.data.url, msg.data.target)
10 | })
11 |
12 | this.on('DeleteInfectedAttachment', async msg => {
13 | const { target, hash, keys } = msg.data
14 | const attachment = await SELECT.one.from(target).where(Object.assign({ hash }, keys)).columns('url')
15 | if (attachment) { //Might happen that a draft object is the target
16 | await this.delete(attachment.url, target)
17 | } else {
18 | LOG.warn(`Cannot delete malware file with the hash ${hash} for attachment ${target}, keys: ${keys}`)
19 | }
20 | })
21 | return super.init()
22 | }
23 |
24 | /**
25 | * Uploads attachments to the database and initiates malware scans for database-stored files
26 | * @param {cds.Entity} attachments - Attachments entity definition
27 | * @param {Array|Object} data - The attachment data to be uploaded
28 | * @returns {Promise} - Result of the upsert operation
29 | */
30 | async put(attachments, data) {
31 | if (!Array.isArray(data)) {
32 | data = [data]
33 | }
34 |
35 | // Check if an attachment with this ID already has content
36 | const existing = await SELECT.one.from(attachments).where({ID: {in: data.map(d => d.ID)}, content: { '!=': null } })
37 | if (existing) {
38 | const error = new Error('Attachment already exists')
39 | error.status = 409
40 | throw error
41 | }
42 |
43 | LOG.debug('Starting database attachment upload', {
44 | attachmentEntity: attachments.name,
45 | fileCount: data.length,
46 | filenames: data.map((d) => d.filename || 'unknown'),
47 | })
48 |
49 | let res
50 |
51 | try {
52 | res = await Promise.all(
53 | data.map(async (d) => {
54 | const res = await UPSERT(d).into(attachments)
55 | const attachmentForHash = await this.get(attachments, { ID: d.ID })
56 | // If this is just the PUT for metadata, there is not yet any file to retrieve
57 | if (attachmentForHash) {
58 | const hash = await computeHash(attachmentForHash)
59 | await this.update(attachments, { ID: d.ID }, { hash })
60 | }
61 | return res
62 | })
63 | )
64 |
65 | LOG.debug('Attachment records upserted to database successfully', {
66 | attachmentEntity: attachments.name,
67 | recordCount: data.length
68 | })
69 |
70 | } catch (error) {
71 | LOG.error(
72 | 'Failed to upsert attachment records to database', error,
73 | 'Check database connectivity and attachment entity configuration',
74 | { attachmentEntity: attachments.name, recordCount: data.length, errorMessage: error.message })
75 | throw error
76 | }
77 |
78 | // Initiate malware scanning for database-stored files
79 | LOG.debug('Initiating malware scans for database-stored files', {
80 | fileCount: data.length,
81 | fileIds: data.map(d => d.ID)
82 | })
83 |
84 | const MalwareScanner = await cds.connect.to('malwareScanner')
85 | await Promise.all(
86 | data.map(async (d) => {
87 | await MalwareScanner.emit('ScanAttachmentsFile', { target: attachments.name, keys: { ID: d.ID } })
88 | })
89 | )
90 |
91 | return res
92 | }
93 |
94 | /**
95 | * Registers attachment handlers for the given service and entity
96 | * @param {cds.Entity} attachments - The attachment service instance
97 | * @param {string} keys - The keys to identify the attachment
98 | * @param {import('@sap/cds').Request} req - The request object
99 | * @returns {Buffer|Stream|null} - The content of the attachment or null if not found
100 | */
101 | async get(attachments, keys) {
102 | LOG.debug("Downloading attachment for", {
103 | attachmentName: attachments.name,
104 | attachmentKeys: keys
105 | })
106 | let result = await SELECT.from(attachments, keys).columns("content")
107 | if (!result && attachments.isDraft) {
108 | attachments = attachments.actives
109 | result = await SELECT.from(attachments, keys).columns("content")
110 | }
111 | return (result?.content) ? result.content : null
112 | }
113 | /**
114 | * Returns a handler to copy updated attachments content from draft to active / object store
115 | * @param {cds.Entity} attachments - Attachments entity definition
116 | * @returns {Function} - The draft save handler function
117 | */
118 | draftSaveHandler(attachments) {
119 | const queryFields = this.getFields(attachments)
120 |
121 | return async (_, req) => {
122 | // The below query loads the attachments into streams
123 | const cqn = SELECT(queryFields)
124 | .from(attachments.drafts)
125 | .where([
126 | ...req.subject.ref[0].where.map((x) =>
127 | x.ref ? { ref: ["up_", ...x.ref] } : x
128 | )
129 | // NOTE: needs skip LargeBinary fix to Lean Draft
130 | ])
131 | cqn.where({ content: { '!=': null } })
132 | const draftAttachments = await cqn
133 |
134 | if (draftAttachments.length)
135 | await this.put(attachments, draftAttachments)
136 | }
137 | }
138 | /**
139 | * Returns the fields to be selected from Attachments entity definition
140 | * including the association keys if Attachments entity definition is associated to another entity
141 | * @param {cds.Entity} attachments - Attachments entity definition
142 | * @returns {Array} - Array of fields to be selected
143 | */
144 | getFields(attachments) {
145 | const attachmentFields = ["filename", "mimeType", "content", "url", "ID"]
146 | const { up_ } = attachments.keys
147 | if (up_)
148 | return up_.keys
149 | .map((k) => "up__" + k.ref[0])
150 | .concat(...attachmentFields)
151 | .map((k) => ({ ref: [k] }))
152 | else return Object.keys(attachments.keys)
153 | }
154 |
155 | /**
156 | * Registers handlers for attachment entities in the service
157 | * @param {cds.Service} srv - The CDS service instance
158 | */
159 | registerHandlers(srv) {
160 | if (!cds.env.fiori.move_media_data_in_db) {
161 | srv.after("SAVE", async function saveDraftAttachments(res, req) {
162 | if (
163 | req.target.isDraft ||
164 | !req.target.drafts ||
165 | !req.target._attachments.hasAttachmentsComposition ||
166 | !req.target._attachments.attachmentCompositions
167 | ) {
168 | return
169 | }
170 | await Promise.all(
171 | req.target._attachments.attachmentCompositions.map(attachmentsEle =>{
172 | const target = traverseEntity(req.target, attachmentsEle)
173 | if (!target) {
174 | LOG.error(`Could not resolve target for attachment composition: ${attachmentsEle}`)
175 | return
176 | }
177 | return this.draftSaveHandler(target)(res, req)
178 | })
179 | )
180 | }.bind(this))
181 | }
182 | }
183 |
184 | /**
185 | * Updates attachment metadata in the database
186 | * @param {cds.Entity} Attachments - Attachments entity definition
187 | * @param {string} key - The key of the attachment to update
188 | * @param {*} data - The data to update the attachment with
189 | * @returns {Promise} - Result of the update operation
190 | */
191 | async update(Attachments, key, data) {
192 | LOG.debug("Updating attachment for", {
193 | attachmentName: Attachments.name,
194 | attachmentKey: key
195 | })
196 |
197 | return await UPDATE(Attachments, key).with(data)
198 | }
199 |
200 | /**
201 | * Retrieves the malware scan status of an attachment
202 | * @param {cds.Entity} Attachments - Attachments entity definition
203 | * @param {string} key - The key of the attachment to retrieve the status for
204 | * @returns {string} - The malware scan status of the attachment
205 | */
206 | async getStatus(Attachments, key) {
207 | const result = await SELECT.from(Attachments, key).columns('status')
208 | return result?.status
209 | }
210 |
211 | /**
212 | * Registers attachment handlers for the given service and entity
213 | * @param {*} records - The records to process
214 | * @param {import('@sap/cds').Request} req - The request object
215 | */
216 | async deleteAttachmentsWithKeys(records, req) {
217 | req.attachmentsToDelete?.forEach(async (attachment) => {
218 | if (attachment.url) {
219 | const attachmentsSrv = await cds.connect.to('attachments')
220 | await attachmentsSrv.emit('DeleteAttachment', { url: attachment.url, target: attachment.target })
221 | } else {
222 | LOG.warn(`Attachment cannot be deleted because URL is missing`, attachment)
223 | }
224 | })
225 | }
226 |
227 | /**
228 | * Traverses nested data by a given path array.
229 | * @param {Object} root - The root object or array to traverse.
230 | * @param {Array} path - The array of keys representing the path.
231 | * @returns {*} - The value found at the path, or [] if not found.
232 | */
233 | traverseDataByPath(root, path) {
234 | let current = root
235 | for (let i = 0; i < path.length; i++) {
236 | const part = path[i]
237 | if (Array.isArray(current)) {
238 | return current.flatMap(item => this.traverseDataByPath(item, path.slice(i)))
239 | }
240 | if (!current || !(part in current)) return []
241 | current = current[part]
242 | }
243 | return current
244 | }
245 |
246 | /**
247 | * Registers attachment handlers for the given service and entity
248 | * @param {import('@sap/cds').Request} req - The request object
249 | */
250 | async attachDeletionData(req) {
251 | const attachmentCompositions = req?.target?._attachments.attachmentCompositions
252 | if (attachmentCompositions.length > 0) {
253 | const diffData = await req.diff()
254 | if (!diffData || Object.keys(diffData).length === 0) {
255 | return
256 | }
257 | const queries = []
258 | const queryTargets = []
259 | for (const attachmentsComp of attachmentCompositions) {
260 | const leaf = this.traverseDataByPath(diffData, attachmentsComp)
261 | const deletedAttachments = Array.isArray(leaf) ? leaf.filter(obj => obj._op === "delete").map(obj => obj.ID) : []
262 |
263 | const entityTarget = traverseEntity(req.target, attachmentsComp)
264 | if (deletedAttachments.length) {
265 | queries.push(
266 | SELECT.from(entityTarget).columns("url").where({ ID: { in: [...deletedAttachments] } })
267 | )
268 | queryTargets.push(entityTarget.name)
269 | }
270 | }
271 | if (queries.length > 0) {
272 | const attachmentsToDelete = (await Promise.all(queries)).reduce((acc, attachments, idx) => {
273 | attachments.forEach(attachment => attachment.target = queryTargets[idx])
274 | acc = acc.concat(attachments)
275 | return acc;
276 | }, [])
277 | if (attachmentsToDelete.length > 0) {
278 | req.attachmentsToDelete = attachmentsToDelete
279 | }
280 | }
281 | }
282 | }
283 |
284 | /**
285 | * Registers attachment handlers for the given service and entity
286 | * @param {{draftEntity: string, activeEntity:cds.Entity, id:string}} param0 - The service and entities
287 | * @returns
288 | */
289 | async getAttachmentsToDelete({ draftEntity, activeEntity, whereXpr }) {
290 | const [draftAttachments, activeAttachments] = await Promise.all([
291 | SELECT.from(draftEntity).columns("url").where(whereXpr),
292 | SELECT.from(activeEntity).columns("url").where(whereXpr)
293 | ])
294 |
295 | const activeUrls = new Set(activeAttachments.map(a => a.url))
296 | return draftAttachments
297 | .filter(({ url }) => !activeUrls.has(url))
298 | .map(({ url }) => ({ url, target: draftEntity.name }))
299 | }
300 |
301 | /**
302 | * Add draft attachment deletion data to the request
303 | * @param {import('@sap/cds').Request} req - The request object
304 | */
305 | async attachDraftDeletionData(req) {
306 | const draftEntity = cds.model.definitions[req?.target?.name]
307 | const name = req?.target?.name
308 | const activeEntity = name ? cds.model.definitions?.[name.split(".").slice(0, -1).join(".")] : undefined
309 |
310 | if (!draftEntity || !activeEntity) return
311 |
312 | const diff = await req.diff()
313 | if (diff._op !== "delete" || !diff.ID) return
314 |
315 | const attachmentsToDelete = await this.getAttachmentsToDelete({
316 | draftEntity,
317 | activeEntity,
318 | whereXpr: { ID: diff.ID }
319 | })
320 |
321 | if (attachmentsToDelete.length) {
322 | req.attachmentsToDelete = attachmentsToDelete
323 | }
324 | }
325 |
326 | /**
327 | * Deletes a file from the database. Does not delete metadata
328 | * @param {string} url - The url of the file to delete
329 | * @returns {Promise} - Promise resolving when deletion is complete
330 | */
331 | async delete(url, target) {
332 | return await UPDATE(target).where({ url }).with({ content: null })
333 | }
334 | }
335 |
336 |
337 | AttachmentsService.prototype._is_queueable = true
338 |
339 | module.exports = AttachmentsService
340 |
--------------------------------------------------------------------------------