...

reviews/srv/reviews-service.cds

@@ -0,0 +1,41 @@
+using { sap.capire.reviews as my } from '../db/schema';
+namespace sap.capire.reviews;
+
+service ReviewsService {
+  // Sync API
+  entity Reviews as projection on my.Reviews excluding { likes }
+  action like (review:Reviews.ID);     // TODO: can be a bound action in OData
+  action unlike (review:Reviews.ID);   // TODO: can be a bound action in OData
+
+  // Async API
+  event reviewed : { subject: Reviews.subject; rating: Decimal(2,1) };
+
+  // Input validation
+  annotate Reviews with {
+    subject  @mandatory;
+    title    @mandatory;
+    rating   @mandatory @assert.enum;
+  }
+
+  // Auto-fill reviewers and review dates
+  annotate Reviews with {
+    reviewer @cds.on.insert:$user;
+    date     @cds.on.insert:$now;
+    date     @cds.on.update:$now;
+  }
+
+}
+
+
+// Access control restrictions
+annotate ReviewsService.Reviews with @restrict_:[
+  { grant:'READ',   to:'any' },                 // everybody can read reviews
+  { grant:'CREATE', to:'authenticated-user' },  // users must login to add reviews
+  { grant:'UPDATE', to:'authenticated-user', where:'reviewer=$user' },
+  { grant:'DELETE', to:'admin' },
+];
+
+annotate ReviewsService with @restrict_:[
+  { grant:'like', to:'identified-user' },
+  { grant:'unlike', to:'identified-user', where:'user=$user' },
+];

reviews/srv/reviews-service.js

@@ -0,0 +1,41 @@
+const cds = require ('@sap/cds')
+module.exports = cds.service.impl (function(){
+
+  // Get the CSN definition for Reviews from the db schema for sub-sequent queries
+  // ( Note: we explicitly specify the namespace to support embedded reuse )
+  const { Reviews, Likes } = this.entities ('sap.capire.reviews')
+
+  // Emit an event to inform subscribers about new avg ratings for reviewed subjects
+  // ( Note: req.on.succeeded ensures we only do that if there's no error )
+  this.after (['CREATE','UPDATE','DELETE'], 'Reviews', async(_,req) => {
+    const {subject} = req.data
+    const {rating} = await cds.transaction(req) .run (
+      SELECT.one (['round(avg(rating),2) as rating']) .from (Reviews) .where ({subject})
+    )
+    req.on ('succeeded', ()=>{
+      console.log ('< emitting:', 'reviewed', { subject, rating })
+      this.emit ('reviewed', { subject, rating })
+    })
+  })
+
+  // Increment counter for reviews considered helpful
+  this.on ('like', (req) => {
+    if (!req.user)  return req.reject(400, 'You must be identified to like a review')
+    const {review} = req.data, {user} = req
+    const tx = cds.transaction(req)
+    return tx.run ([
+      INSERT.into (Likes) .entries ({review_ID: review, user: user.id}),
+      UPDATE (Reviews) .set({liked: {'+=': 1}}) .where({ID:review})
+    ]).catch(() => req.reject(400, 'You already liked that review'))
+  })
+
+  // Delete a former like by the same user
+  this.on ('unlike', async (req) => {
+    if (!req.user)  return req.reject(400, 'You must be identified to remove a former like of yours')
+    const {review} = req.data, {user} = req
+    const tx = cds.transaction(req)
+    const affectedRows = await tx.run (DELETE.from (Likes) .where ({review_ID: review,user: user.id}))
+    if (affectedRows === 1)  return tx.run (UPDATE (Reviews) .set ({liked: {'-=': 1}}) .where ({ID:review}))
+  })
+
+})