From b4f6d5714cd2b38e74f7edfdcd9371eadeb2f038 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 5 Sep 2022 22:33:33 +0200 Subject: [PATCH 01/13] Bump @sap/cds from 6.1.1 to 6.1.2 (#396) Bumps [@sap/cds](https://cap.cloud.sap/) from 6.1.1 to 6.1.2. --- updated-dependencies: - dependency-name: "@sap/cds" dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package-lock.json | 21 +++++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/package-lock.json b/package-lock.json index 1f5acebf..13be89f5 100644 --- a/package-lock.json +++ b/package-lock.json @@ -24,6 +24,7 @@ } }, "bookshop": { + "name": "@capire/bookshop", "version": "1.0.0", "dependencies": { "@sap/cds": ">=5.9", @@ -32,6 +33,7 @@ } }, "bookstore": { + "name": "@capire/bookstore", "version": "1.0.0", "dependencies": { "@capire/bookshop": "*", @@ -44,18 +46,21 @@ } }, "common": { + "name": "@capire/common", "version": "1.0.0", "dependencies": { "@sap/cds": "*" } }, "data-viewer": { + "name": "@capire/data-viewer", "version": "0.1.0", "dependencies": { "@sap/cds": ">=5.0.4" } }, "fiori": { + "name": "@capire/fiori", "version": "1.0.0", "dependencies": { "@capire/bookstore": "*", @@ -66,6 +71,7 @@ } }, "hello": { + "name": "@capire/hello-world", "version": "1.0.0", "dependencies": { "@sap/cds": ">=5.0.4" @@ -77,6 +83,7 @@ } }, "media": { + "name": "@capire/media", "version": "1.0.0", "dependencies": { "lokijs": "^1.5.6" @@ -318,9 +325,9 @@ } }, "node_modules/@sap/cds": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/@sap/cds/-/cds-6.1.1.tgz", - "integrity": "sha512-oOdwHpzPnpt10bJ94E8Umq8Y9uuA+1mpEH9zjQNB/jynNqSMuvM1/68ZAsndhL1pSgw49o8W6b83cKJNUVyzfw==", + "version": "6.1.2", + "resolved": "https://registry.npmjs.org/@sap/cds/-/cds-6.1.2.tgz", + "integrity": "sha512-xMqZgx/m85BUxlC9U/GW2zVM5+m+jpfehvL2FljIlTT9cs5A8YV7SlNfEhFNxznBPt2xgxmw7hAOv7v9ulmbgQ==", "dependencies": { "@sap/cds-compiler": "^3.0.0", "@sap/cds-foss": "^4" @@ -2888,6 +2895,7 @@ } }, "orders": { + "name": "@capire/orders", "version": "1.0.0", "dependencies": { "@capire/common": "*", @@ -2895,6 +2903,7 @@ } }, "reviews": { + "name": "@capire/reviews", "version": "1.0.0", "dependencies": { "@sap/cds": ">=5", @@ -3137,9 +3146,9 @@ } }, "@sap/cds": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/@sap/cds/-/cds-6.1.1.tgz", - "integrity": "sha512-oOdwHpzPnpt10bJ94E8Umq8Y9uuA+1mpEH9zjQNB/jynNqSMuvM1/68ZAsndhL1pSgw49o8W6b83cKJNUVyzfw==", + "version": "6.1.2", + "resolved": "https://registry.npmjs.org/@sap/cds/-/cds-6.1.2.tgz", + "integrity": "sha512-xMqZgx/m85BUxlC9U/GW2zVM5+m+jpfehvL2FljIlTT9cs5A8YV7SlNfEhFNxznBPt2xgxmw7hAOv7v9ulmbgQ==", "requires": { "@sap/cds-compiler": "^3.0.0", "@sap/cds-foss": "^4" From b0d74b0ea46c357a6010b7646948ce1479182674 Mon Sep 17 00:00:00 2001 From: D065023 Date: Fri, 9 Sep 2022 15:38:23 +0200 Subject: [PATCH 02/13] fixed localized tests --- test/localized-data/services.test.js | 13 +------------ 1 file changed, 1 insertion(+), 12 deletions(-) diff --git a/test/localized-data/services.test.js b/test/localized-data/services.test.js index 4781148e..a440e60e 100644 --- a/test/localized-data/services.test.js +++ b/test/localized-data/services.test.js @@ -5,21 +5,10 @@ describe('cap/samples - Localized Data', () => { else cds.User = cds.User.Privileged // hard core monkey patch for older cds releases it('serves localized $metadata documents', async () => { - const { data } = await GET`/browse/$metadata?sap-language=de` + const { data } = await GET(`/browse/$metadata?sap-language=de`, { headers: { 'accept-language': 'de' }}) expect(data).to.contain('') }) - it('supports sap-language param', async () => { - const { data } = await GET(`/browse/Books?$select=title,author` + '&sap-language=de') - expect(data.value).to.containSubset([ - { title: 'Sturmhöhe', author: 'Emily Brontë' }, - { title: 'Jane Eyre', author: 'Charlotte Brontë' }, - { title: 'The Raven', author: 'Edgar Allen Poe' }, - { title: 'Eleonora', author: 'Edgar Allen Poe' }, - { title: 'Catweazle', author: 'Richard Carpenter' }, - ]) - }) - it('supports accept-language header', async () => { const { data } = await GET(`/browse/Books?$select=title,author`, { headers: { 'Accept-Language': 'de' }, From 09c2a40c7d09121cd77f32a9e4839e3853c73bd9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 14 Sep 2022 14:47:17 +0200 Subject: [PATCH 03/13] Bump @sap/cds from 6.1.2 to 6.1.3 (#398) Bumps [@sap/cds](https://cap.cloud.sap/) from 6.1.2 to 6.1.3. --- updated-dependencies: - dependency-name: "@sap/cds" dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package-lock.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/package-lock.json b/package-lock.json index 13be89f5..0c63203f 100644 --- a/package-lock.json +++ b/package-lock.json @@ -325,9 +325,9 @@ } }, "node_modules/@sap/cds": { - "version": "6.1.2", - "resolved": "https://registry.npmjs.org/@sap/cds/-/cds-6.1.2.tgz", - "integrity": "sha512-xMqZgx/m85BUxlC9U/GW2zVM5+m+jpfehvL2FljIlTT9cs5A8YV7SlNfEhFNxznBPt2xgxmw7hAOv7v9ulmbgQ==", + "version": "6.1.3", + "resolved": "https://registry.npmjs.org/@sap/cds/-/cds-6.1.3.tgz", + "integrity": "sha512-yvL9lPonVwUx9Md1eylAtpY0JrlSMyoxZXnCA2q9lNoVNudmjPMynO5CJBfAYEaThZSqd2yMJg/+xyKy/mn3wg==", "dependencies": { "@sap/cds-compiler": "^3.0.0", "@sap/cds-foss": "^4" @@ -3146,9 +3146,9 @@ } }, "@sap/cds": { - "version": "6.1.2", - "resolved": "https://registry.npmjs.org/@sap/cds/-/cds-6.1.2.tgz", - "integrity": "sha512-xMqZgx/m85BUxlC9U/GW2zVM5+m+jpfehvL2FljIlTT9cs5A8YV7SlNfEhFNxznBPt2xgxmw7hAOv7v9ulmbgQ==", + "version": "6.1.3", + "resolved": "https://registry.npmjs.org/@sap/cds/-/cds-6.1.3.tgz", + "integrity": "sha512-yvL9lPonVwUx9Md1eylAtpY0JrlSMyoxZXnCA2q9lNoVNudmjPMynO5CJBfAYEaThZSqd2yMJg/+xyKy/mn3wg==", "requires": { "@sap/cds-compiler": "^3.0.0", "@sap/cds-foss": "^4" From 630838a7b4a17498dcfad4afe1b1bbf1dca01369 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 14 Sep 2022 14:49:22 +0200 Subject: [PATCH 04/13] Bump sqlite3 from 5.0.11 to 5.1.0 (#399) Bumps [sqlite3](https://github.com/TryGhost/node-sqlite3) from 5.0.11 to 5.1.0. - [Release notes](https://github.com/TryGhost/node-sqlite3/releases) - [Commits](https://github.com/TryGhost/node-sqlite3/compare/v5.0.11...v5.1.0) --- updated-dependencies: - dependency-name: sqlite3 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package-lock.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/package-lock.json b/package-lock.json index 0c63203f..5782201b 100644 --- a/package-lock.json +++ b/package-lock.json @@ -2584,9 +2584,9 @@ } }, "node_modules/sqlite3": { - "version": "5.0.11", - "resolved": "https://registry.npmjs.org/sqlite3/-/sqlite3-5.0.11.tgz", - "integrity": "sha512-4akFOr7u9lJEeAWLJxmwiV43DJcGV7w3ab7SjQFAFaTVyknY3rZjvXTKIVtWqUoY4xwhjwoHKYs2HDW2SoHVsA==", + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/sqlite3/-/sqlite3-5.1.0.tgz", + "integrity": "sha512-/cZl9DfeSQMWR5g9SdluHGt+YL3URetjtvgv1XPQx7rzXOFdZx30EnZj709wCEIznjjzZdo5Lmt5GUeNyGgUbQ==", "dev": true, "hasInstallScript": true, "dependencies": { @@ -4883,9 +4883,9 @@ } }, "sqlite3": { - "version": "5.0.11", - "resolved": "https://registry.npmjs.org/sqlite3/-/sqlite3-5.0.11.tgz", - "integrity": "sha512-4akFOr7u9lJEeAWLJxmwiV43DJcGV7w3ab7SjQFAFaTVyknY3rZjvXTKIVtWqUoY4xwhjwoHKYs2HDW2SoHVsA==", + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/sqlite3/-/sqlite3-5.1.0.tgz", + "integrity": "sha512-/cZl9DfeSQMWR5g9SdluHGt+YL3URetjtvgv1XPQx7rzXOFdZx30EnZj709wCEIznjjzZdo5Lmt5GUeNyGgUbQ==", "dev": true, "requires": { "@mapbox/node-pre-gyp": "^1.0.0", From b8e04027d5fd309814ecb7d4ec5bc2362d4875d0 Mon Sep 17 00:00:00 2001 From: Daniel Hutzel Date: Fri, 16 Sep 2022 14:55:38 +0200 Subject: [PATCH 05/13] Added few cds.ql tests (#402) --- test/cds.ql.test.js | 75 +++++++++++++++++++++++++++++++++++++-------- 1 file changed, 63 insertions(+), 12 deletions(-) diff --git a/test/cds.ql.test.js b/test/cds.ql.test.js index c9f3f6dc..9165cfbd 100644 --- a/test/cds.ql.test.js +++ b/test/cds.ql.test.js @@ -411,18 +411,69 @@ describe('cds.ql → cqn', () => { ] }}) - expect ( - SELECT.from(Foo).where({x:1,or:{y:2}}) - ).to.eql ( - CQL`SELECT from Foo where x=1 or y=2` - ).to.eql ({ SELECT: { - from: {ref:['Foo']}, - where: [ - {ref:['x']}, '=', {val:1}, - 'or', - {ref:['y']}, '=', {val:2} - ] - }}) + const ql_with_groups_fix = !!cds.ql.Query.prototype.flat + if (ql_with_groups_fix) { + + expect ( + SELECT.from(Foo).where({x:1}).or({y:2}).and({z:3}) + ).to.eql ({ SELECT: { + from: {ref:['Foo']}, + where: [ + {ref:['x']}, '=', {val:1}, + 'or', + {ref:['y']}, '=', {val:2}, + 'and', + {ref:['z']}, '=', {val:3}, + ] + }}) + + expect ( + SELECT.from(Foo).where({x:1,or:{y:2}}).and({z:3}) + ).to.eql ({ SELECT: { + from: {ref:['Foo']}, + where: [ + {xpr:[ + {ref:['x']}, '=', {val:1}, + 'or', + {ref:['y']}, '=', {val:2}, + ]}, + 'and', + {ref:['z']}, '=', {val:3}, + ] + }}) + + expect ( + SELECT.from(Foo).where({a:1}).or({x:1,or:{y:2}}).and({z:3}) + ).to.eql ({ SELECT: { + from: {ref:['Foo']}, + where: [ + {ref:['a']}, '=', {val:1}, + 'or', + {xpr:[ + {ref:['x']}, '=', {val:1}, + 'or', + {ref:['y']}, '=', {val:2}, + ]}, + 'and', + {ref:['z']}, '=', {val:3}, + ] + }}) + + expect ( + SELECT.from(Foo).where({x:1,or:{y:2}}) + ).to.eql ({ SELECT: { + from: {ref:['Foo']}, + where: [ + {xpr:[ + {ref:['x']}, '=', {val:1}, + 'or', + {ref:['y']}, '=', {val:2}, + ]} + ] + }}) + + } + expect ( SELECT.from(Foo).where({x:1,and:{y:2}}).or({z:3}) From 65379110e2d2c1e074ef68887537ee28619eba1c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 16 Sep 2022 13:39:32 +0000 Subject: [PATCH 06/13] Bump sqlite3 from 5.1.0 to 5.1.1 (#401) Bumps [sqlite3](https://github.com/TryGhost/node-sqlite3) from 5.1.0 to 5.1.1. - [Release notes](https://github.com/TryGhost/node-sqlite3/releases) - [Commits](https://github.com/TryGhost/node-sqlite3/compare/v5.1.0...v5.1.1) --- updated-dependencies: - dependency-name: sqlite3 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package-lock.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/package-lock.json b/package-lock.json index 5782201b..e0e084f9 100644 --- a/package-lock.json +++ b/package-lock.json @@ -2584,9 +2584,9 @@ } }, "node_modules/sqlite3": { - "version": "5.1.0", - "resolved": "https://registry.npmjs.org/sqlite3/-/sqlite3-5.1.0.tgz", - "integrity": "sha512-/cZl9DfeSQMWR5g9SdluHGt+YL3URetjtvgv1XPQx7rzXOFdZx30EnZj709wCEIznjjzZdo5Lmt5GUeNyGgUbQ==", + "version": "5.1.1", + "resolved": "https://registry.npmjs.org/sqlite3/-/sqlite3-5.1.1.tgz", + "integrity": "sha512-mMinkrQr/LKJqFiFF+AF7imPSzRCCpTCreusZO3D/ssJHVjZOrbu2Caz+zPH5KTmGGXBxXMGSRDssL+44CLxvg==", "dev": true, "hasInstallScript": true, "dependencies": { @@ -4883,9 +4883,9 @@ } }, "sqlite3": { - "version": "5.1.0", - "resolved": "https://registry.npmjs.org/sqlite3/-/sqlite3-5.1.0.tgz", - "integrity": "sha512-/cZl9DfeSQMWR5g9SdluHGt+YL3URetjtvgv1XPQx7rzXOFdZx30EnZj709wCEIznjjzZdo5Lmt5GUeNyGgUbQ==", + "version": "5.1.1", + "resolved": "https://registry.npmjs.org/sqlite3/-/sqlite3-5.1.1.tgz", + "integrity": "sha512-mMinkrQr/LKJqFiFF+AF7imPSzRCCpTCreusZO3D/ssJHVjZOrbu2Caz+zPH5KTmGGXBxXMGSRDssL+44CLxvg==", "dev": true, "requires": { "@mapbox/node-pre-gyp": "^1.0.0", From aa5fda976abadbcb77ed1537a6219993a891948d Mon Sep 17 00:00:00 2001 From: Christian Georgi Date: Fri, 16 Sep 2022 15:46:20 +0200 Subject: [PATCH 08/13] Support csrf tokens in Vue app (#394) --- bookshop/app/vue/app.js | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/bookshop/app/vue/app.js b/bookshop/app/vue/app.js index 18e4ef23..b637d115 100644 --- a/bookshop/app/vue/app.js +++ b/bookshop/app/vue/app.js @@ -56,7 +56,7 @@ const books = Vue.createApp ({ } catch (err) { books.user = { id: err.message } } }, } -}).mount("#app") +}).mount('#app') books.getUserInfo() books.fetch() // initially fill list of books @@ -65,3 +65,25 @@ document.addEventListener('keydown', (event) => { // hide user info on request if (event.key === 'u') books.user = undefined }) + +axios.interceptors.request.use(csrfToken) +function csrfToken (request) { + if (request.method === 'head' || request.method === 'get') return request + if ('csrfToken' in document) { + request.headers['x-csrf-token'] = document.csrfToken + return request + } + return fetchToken().then(token => { + document.csrfToken = token + request.headers['x-csrf-token'] = document.csrfToken + return request + }).catch(_ => { + document.csrfToken = null // set mark to not try again + return request + }) + + function fetchToken() { + return axios.get('/', { headers: { 'x-csrf-token': 'fetch' } }) + .then(res => res.headers['x-csrf-token']) + } +} \ No newline at end of file From 47655c5f48680298eb1da8d1c871f8fb03376da0 Mon Sep 17 00:00:00 2001 From: Daniel Date: Fri, 16 Sep 2022 18:43:11 +0200 Subject: [PATCH 09/13] unlock --- test/cds.ql.test.js | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/test/cds.ql.test.js b/test/cds.ql.test.js index 9165cfbd..9e27599e 100644 --- a/test/cds.ql.test.js +++ b/test/cds.ql.test.js @@ -411,7 +411,7 @@ describe('cds.ql → cqn', () => { ] }}) - const ql_with_groups_fix = !!cds.ql.Query.prototype.flat + const ql_with_groups_fix = false if (ql_with_groups_fix) { expect ( @@ -464,11 +464,9 @@ describe('cds.ql → cqn', () => { ).to.eql ({ SELECT: { from: {ref:['Foo']}, where: [ - {xpr:[ - {ref:['x']}, '=', {val:1}, - 'or', - {ref:['y']}, '=', {val:2}, - ]} + {ref:['x']}, '=', {val:1}, + 'or', + {ref:['y']}, '=', {val:2}, ] }}) From 36b339a36243fc424ddb10da38f25ad1cf504d60 Mon Sep 17 00:00:00 2001 From: Daniel Hutzel Date: Tue, 20 Sep 2022 16:52:40 +0200 Subject: [PATCH 10/13] Re-enabling tests for cds.ql where clauses fix (#403) --- test/cds.ql.test.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/cds.ql.test.js b/test/cds.ql.test.js index 9e27599e..e3c76e42 100644 --- a/test/cds.ql.test.js +++ b/test/cds.ql.test.js @@ -411,7 +411,7 @@ describe('cds.ql → cqn', () => { ] }}) - const ql_with_groups_fix = false + const ql_with_groups_fix = !!cds.ql.Query.prototype.flat if (ql_with_groups_fix) { expect ( @@ -460,7 +460,7 @@ describe('cds.ql → cqn', () => { }}) expect ( - SELECT.from(Foo).where({x:1,or:{y:2}}) + { SELECT: SELECT.from(Foo).where({x:1,or:{y:2}}).SELECT } ).to.eql ({ SELECT: { from: {ref:['Foo']}, where: [ From 6bb51a8807008f434e37ec22c49ee6895a83b55c Mon Sep 17 00:00:00 2001 From: Daniel Date: Tue, 20 Sep 2022 21:41:59 +0200 Subject: [PATCH 11/13] minor --- bookstore/server.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bookstore/server.js b/bookstore/server.js index 15a41c60..26f5d843 100644 --- a/bookstore/server.js +++ b/bookstore/server.js @@ -19,4 +19,4 @@ module.exports = cds.server // For didactic reasons in capire const { ReviewsService, OrdersService } = cds.requires -if (!ReviewsService.credentials && !OrdersService.credentials) cds.requires.messaging = false +if (!ReviewsService?.credentials && !OrdersService?.credentials) cds.requires.messaging = false From e419fda74ea927381161501f3a531d41da41a791 Mon Sep 17 00:00:00 2001 From: Daniel Date: Wed, 21 Sep 2022 16:33:29 +0200 Subject: [PATCH 12/13] UserService entities are persistence.skipped --- bookshop/srv/user-service.cds | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bookshop/srv/user-service.cds b/bookshop/srv/user-service.cds index 47f58971..09b7676f 100644 --- a/bookshop/srv/user-service.cds +++ b/bookshop/srv/user-service.cds @@ -5,7 +5,7 @@ service UserService { /** * The current user */ - @odata.singleton entity me { + @odata.singleton entity me @cds.persistence.skip { id : String; // user id locale : String; tenant : String; From 254362daa1b572f10b862084a61d1fc90d69f755 Mon Sep 17 00:00:00 2001 From: Daniel Date: Thu, 22 Sep 2022 17:09:20 +0200 Subject: [PATCH 13/13] Fine-tuned data-service definition --- data-viewer/srv/data-service.cds | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/data-viewer/srv/data-service.cds b/data-viewer/srv/data-service.cds index 0420d309..d03cfce4 100644 --- a/data-viewer/srv/data-service.cds +++ b/data-viewer/srv/data-service.cds @@ -2,12 +2,12 @@ * Exposes data + entity metadata */ @requires:'authenticated-user' -service DataService @( path:'-data' ) { +@odata service DataService @( path:'-data' ) { /** * Metadata like name and columns/elements */ - entity Entities { + entity Entities @cds.persistence.skip { key name : String; columns: Composition of many { name : String; @@ -19,7 +19,7 @@ service DataService @( path:'-data' ) { /** * The actual data, organized by column name */ - entity Data { + entity Data @cds.persistence.skip { record : array of { column : String; data : String;