more

entity semantics

bookshop/app/index.cds

@@ -0,0 +1,2 @@
+// Incorporate pre-build extensions from...
+using from '../../common';

bookshop/srv/cat-service.cds

@@ -10,7 +10,12 @@ service CatalogService @(path:'/browse') {
     author.name as author
   } excluding { createdBy, modifiedBy };
 
+<<<<<<< HEAD
+  @requires_: 'authenticated-user'
+  action submitOrder (book : Integer, amount: Integer);
+=======
   @requires: 'authenticated-user'
   action submitOrder ( book: Books:ID, quantity: Integer ) returns { stock: Integer };
   event OrderedBook : { book: Books:ID; quantity: Integer; buyer: String };
+>>>>>>> 534af7ffee60e086c563dbaa450e86e5fca5cf2b
 }

gdpr/.pdm/pdm-config.json

@@ -0,0 +1,18 @@
+{
+  "fullyQualifiedApplicationName": "gdpr-bookshop",
+  "fullyQualifiedModuleName": "gdpr-srv",
+  "applicationTitle": "PDM Bookshop",
+  "applicationTitleKey": "PDM Bookshop",
+  "applicationURL": "https://gdpr-srv.cfapps.sap.hana.ondemand.com/",
+  "endPoints": [
+    {
+      "type": "odatav4",
+      "serviceName": "pdm-service",
+      "serviceTitle": "GDPR",
+      "serviceTitleKey": "GDPR",
+      "serviceURI": "pdm",
+      "hasGdprV4Annotations": true,
+      "cacheControl": "no-cache"
+    }
+  ]
+}

gdpr/.pdm/pdm-instance-config.json

@@ -0,0 +1,8 @@
+{
+  "xs-security": {
+    "xsappname": "gdpr-bookshop",
+    "authorities": ["$ACCEPT_GRANTED_AUTHORITIES"]
+  },
+  "fullyQualifiedApplicationName": "gdpr-bookshop",
+  "appConsentServiceEnabled": true
+}

gdpr/db/AuditLogStore.cds

@@ -0,0 +1,28 @@
+using {
+  managed,
+  cuid,
+  sap.common.CodeList
+} from '@sap/cds/common';
+
+namespace sap.capire.auditLog;
+
+entity AuditLogStore : cuid {
+
+  Action          : String enum {
+    DataAccess;
+    DataModification
+  };
+
+  User            : String;
+  Timestamp       : Timestamp;
+  Tenant          : String;
+  Channel         : String;
+  DataSubjectType : String; // Bussiness Partner
+  DataSubjectRole : String; // Customer // Employee // ...
+  DataSubjectID   : LargeString; // key value pair as JSON
+  ObjectType      : String; // like SalesOrder
+  ObjectKey       : LargeString; // key value pair as JSON
+
+  Blob            : LargeString; // Payload: DataModification or Data Access as BLOB
+
+}

gdpr/db/data-privacy.cds

@@ -0,0 +1,38 @@
+// Proxy for importing schema from bookshop sample
+using {sap.capire.bookshop} from './schema';
+
+// annotations for Data Privacy
+annotate bookshop.Customers with @PersonalData: {
+  DataSubjectRole: 'Customer',
+  EntitySemantics: 'DataSubject'
+} {
+  ID          @PersonalData.FieldSemantics    : 'DataSubjectID';
+  email       @PersonalData.IsPotentiallyPersonal;
+  firstName   @PersonalData.IsPotentiallyPersonal;
+  lastName    @PersonalData.IsPotentiallyPersonal;
+  dateOfBirth @PersonalData.IsPotentiallyPersonal;
+}
+
+annotate bookshop.BillingData with @PersonalData: {
+  DataSubjectRole: 'Customer',
+  EntitySemantics: 'DataSubjectDetails'
+} {
+  customer     @PersonalData.FieldSemantics     : 'DataSubjectID';
+  creditCardNo @PersonalData.IsPotentiallySensitive;
+}
+
+annotate bookshop.Addresses with @PersonalData: {
+  DataSubjectRole: 'Customer',
+  EntitySemantics: 'DataSubjectDetails'
+} {
+  customer @PersonalData.FieldSemantics       : 'DataSubjectID';
+  street   @PersonalData.IsPotentiallyPersonal;
+  town     @PersonalData.IsPotentiallyPersonal;
+  country  @PersonalData.IsPotentiallyPersonal;
+}
+
+annotate bookshop.Orders with @PersonalData.EntitySemantics: 'Other' {
+  ID              @PersonalData.FieldSemantics             : 'ContractRelatedID';
+  customer        @PersonalData.FieldSemantics             : 'DataSubjectID';
+  personalComment @PersonalData.IsPotentiallyPersonal;
+}

gdpr/db/data/sap.capire.bookshop-Authors.csv

@@ -0,0 +1,5 @@
+ID;name;dateOfBirth;placeOfBirth;dateOfDeath;placeOfDeath
+101;Emily Brontë;1818-07-30;Thornton, Yorkshire;1848-12-19;Haworth, Yorkshire
+107;Charlotte Brontë;1818-04-21;Thornton, Yorkshire;1855-03-31;Haworth, Yorkshire
+150;Edgar Allen Poe;1809-01-19;Boston, Massachusetts;1849-10-07;Baltimore, Maryland
+170;Richard Carpenter;1929-08-14;King’s Lynn, Norfolk;2012-02-26;Hertfordshire, England

gdpr/db/data/sap.capire.bookshop-Books.csv

@@ -0,0 +1,6 @@
+ID;title;descr;author_ID;stock;price;currency_code;genre_ID
+201;Wuthering Heights;"Wuthering Heights, Emily Brontë's only novel, was published in 1847 under the pseudonym ""Ellis Bell"". It was written between October 1845 and June 1846. Wuthering Heights and Anne Brontë's Agnes Grey were accepted by publisher Thomas Newby before the success of their sister Charlotte's novel Jane Eyre. After Emily's death, Charlotte edited the manuscript of Wuthering Heights and arranged for the edited version to be published as a posthumous second edition in 1850.";101;12;11.11;GBP;11
+207;Jane Eyre;"Jane Eyre /ɛər/ (originally published as Jane Eyre: An Autobiography) is a novel by English writer Charlotte Brontë, published under the pen name ""Currer Bell"", on 16 October 1847, by Smith, Elder & Co. of London. The first American edition was published the following year by Harper & Brothers of New York. Primarily a bildungsroman, Jane Eyre follows the experiences of its eponymous heroine, including her growth to adulthood and her love for Mr. Rochester, the brooding master of Thornfield Hall. The novel revolutionised prose fiction in that the focus on Jane's moral and spiritual development is told through an intimate, first-person narrative, where actions and events are coloured by a psychological intensity. The book contains elements of social criticism, with a strong sense of Christian morality at its core and is considered by many to be ahead of its time because of Jane's individualistic character and how the novel approaches the topics of class, sexuality, religion and feminism.";107;11;12.34;GBP;11
+251;The Raven;"""The Raven"" is a narrative poem by American writer Edgar Allan Poe. First published in January 1845, the poem is often noted for its musicality, stylized language, and supernatural atmosphere. It tells of a talking raven's mysterious visit to a distraught lover, tracing the man's slow fall into madness. The lover, often identified as being a student, is lamenting the loss of his love, Lenore. Sitting on a bust of Pallas, the raven seems to further distress the protagonist with its constant repetition of the word ""Nevermore"". The poem makes use of folk, mythological, religious, and classical references.";150;333;13.13;USD;16
+252;Eleonora;"""Eleonora"" is a short story by Edgar Allan Poe, first published in 1842 in Philadelphia in the literary annual The Gift. It is often regarded as somewhat autobiographical and has a relatively ""happy"" ending.";150;555;14;USD;16
+271;Catweazle;Catweazle is a British fantasy television series, starring Geoffrey Bayldon in the title role, and created by Richard Carpenter for London Weekend Television. The first series, produced and directed by Quentin Lawrence, was screened in the UK on ITV in 1970. The second series, directed by David Reid and David Lane, was shown in 1971. Each series had thirteen episodes, most but not all written by Carpenter, who also published two books based on the scripts.;170;22;15;EUR;13

gdpr/db/data/sap.capire.bookshop-Books_texts.csv

@@ -0,0 +1,5 @@
+ID;locale;title;descr
+201;de;Sturmhöhe;Sturmhöhe (Originaltitel: Wuthering Heights) ist der einzige Roman der englischen Schriftstellerin Emily Brontë (1818–1848). Der 1847 unter dem Pseudonym Ellis Bell veröffentlichte Roman wurde vom viktorianischen Publikum weitgehend abgelehnt, heute gilt er als ein Klassiker der britischen Romanliteratur des 19. Jahrhunderts.
+201;fr;Les Hauts de Hurlevent;Les Hauts de Hurlevent (titre original : Wuthering Heights), parfois orthographié Les Hauts de Hurle-Vent, est l'unique roman d'Emily Brontë, publié pour la première fois en 1847 sous le pseudonyme d’Ellis Bell. Loin d'être un récit moralisateur, Emily Brontë achève néanmoins le roman dans une atmosphère sereine, suggérant le triomphe de la paix et du Bien sur la vengeance et le Mal.
+207;de;Jane Eyre;Jane Eyre. Eine Autobiographie (Originaltitel: Jane Eyre. An Autobiography), erstmals erschienen im Jahr 1847 unter dem Pseudonym Currer Bell, ist der erste veröffentlichte Roman der britischen Autorin Charlotte Brontë und ein Klassiker der viktorianischen Romanliteratur des 19. Jahrhunderts. Der Roman erzählt in Form einer Ich-Erzählung die Lebensgeschichte von Jane Eyre (ausgesprochen /ˌdʒeɪn ˈɛə/), die nach einer schweren Kindheit eine Stelle als Gouvernante annimmt und sich in ihren Arbeitgeber verliebt, jedoch immer wieder um ihre Freiheit und Selbstbestimmung kämpfen muss. Als klein, dünn, blass, stets schlicht dunkel gekleidet und mit strengem Mittelscheitel beschrieben, gilt die Heldin des Romans Jane Eyre nicht zuletzt aufgrund der Kino- und Fernsehversionen der melodramatischen Romanvorlage als die bekannteste englische Gouvernante der Literaturgeschichte
+252;de;Eleonora;“Eleonora” ist eine Erzählung von Edgar Allan Poe. Sie wurde 1841 erstveröffentlicht. In ihr geht es um das Paradox der Treue in der Treulosigkeit.

gdpr/db/data/sap.capire.bookshop-CustomerBillingData.csv

@@ -0,0 +1,3 @@
+ID;modifiedAt;createdAt;createdBy;modifiedBy;Customer_ID;creditCardNo
+1e2f2640-6866-4dcf-8f4d-3027aa831cad;2019-04-04;2019-01-31;admin@business.com;admin@business.com;8e2f2640-6866-4dcf-8f4d-3027aa831cad;2222-1111-6666-7777
+24e718c9-ff99-47f1-8ca3-950c850777d4;2019-04-04;2019-01-30;admin@business.com;admin@business.com;74e718c9-ff99-47f1-8ca3-950c850777d4;3333-2222-5555-8888

gdpr/db/data/sap.capire.bookshop-CustomerPostalAddress.csv

@@ -0,0 +1,3 @@
+ID;modifiedAt;createdAt;createdBy;modifiedBy;Customer_ID;street;town;country_code;someOtherField
+1e2f2640-6866-4dcf-8f4d-3027aa831cad;2019-04-04;2019-01-31;admin@business.com;admin@business.com;8e2f2640-6866-4dcf-8f4d-3027aa831cad;Hauptstrasse 11;Berlin;DE;Eine Bemerkung
+24e718c9-ff99-47f1-8ca3-950c850777d4;2019-04-04;2019-01-30;admin@business.com;admin@business.com;74e718c9-ff99-47f1-8ca3-950c850777d4;Main Street 22;London;GB;Some Remark

gdpr/db/data/sap.capire.bookshop-Customers.csv

@@ -0,0 +1,3 @@
+ID;modifiedAt;createdAt;createdBy;modifiedBy;email;firstName;lastName;dateOfBirth
+8e2f2640-6866-4dcf-8f4d-3027aa831cad;2019-04-04;2019-01-31;admin@business.com;admin@business.com;john.doe@test.com;John;Doe;1970-01-01
+74e718c9-ff99-47f1-8ca3-950c850777d4;2019-04-04;2019-01-30;admin@business.com;admin@business.com;jane.doe@sap.com;Jane;Doe;1980-11-11

gdpr/db/data/sap.capire.bookshop-Genres.csv

@@ -0,0 +1,16 @@
+ID;parent_ID;name
+10;;Fiction
+11;10;Drama
+12;10;Poetry
+13;10;Fantasy
+14;10;Science Fiction
+15;10;Romance
+16;10;Mystery
+17;10;Thriller
+18;10;Dystopia
+19;10;Fairy Tale
+20;;Non-Fiction
+21;20;Biography
+22;21;Autobiography
+23;20;Essay
+24;20;Speech

gdpr/db/data/sap.capire.bookshop-OrderItems.csv

@@ -0,0 +1,4 @@
+ID;amount;parent_ID;book_ID;netAmount
+78040e66-1dcd-4ffb-ab10-fdce32028b79;1;5e2f2640-6866-4dcf-8f4d-3027aa831cad;201;11.11
+84e718c9-ff99-47f1-8ca3-950c850777d4;1;5e2f2640-6866-4dcf-8f4d-3027aa831cad;271;15
+f9641166-e050-4261-bfee-d1e797e6cb7f;2;44e718c9-ff99-47f1-8ca3-950c850777d4;252;28

gdpr/db/data/sap.capire.bookshop-Orders.csv

@@ -0,0 +1,3 @@
+ID;modifiedAt;createdAt;createdBy;modifiedBy;OrderNo;currency_code;Customer_ID
+5e2f2640-6866-4dcf-8f4d-3027aa831cad;2019-04-04;2019-01-31;john.doe@test.com;john.doe@test.com;1;USD;8e2f2640-6866-4dcf-8f4d-3027aa831cad
+44e718c9-ff99-47f1-8ca3-950c850777d4;2019-04-04;2019-01-30;jane.doe@test.com;jane.doe@test.com;2;USD;74e718c9-ff99-47f1-8ca3-950c850777d4

gdpr/db/schema.cds

@@ -0,0 +1,41 @@
+// Proxy for importing schema from bookshop sample
+using {sap.capire.bookshop.Books} from '../../bookshop/db/schema';
+using {sap.capire.orders.Orders} from '../../orders/db/schema';
+using {sap.capire.orders.OrderItems} from '../../orders/db/schema';
+using {
+  Country,
+  managed,
+  cuid
+} from '@sap/cds/common';
+
+namespace sap.capire.bookshop;
+
+extend Orders with {
+  customer        : Association to Customers;
+  personalComment : String;
+}
+
+entity Customers : cuid, managed {
+  email       : String;
+  firstName   : String;
+  lastName    : String;
+  dateOfBirth : Date;
+  billingData : Composition of BillingData
+                  on billingData.customer = $self;
+  addresses   : Composition of Addresses
+                  on addresses.customer = $self;
+}
+
+entity Addresses : cuid, managed {
+  customer       : Association to one Customers;
+  street         : String(128);
+  town           : String(128);
+  country        : Country;
+  someOtherField : String(128);
+};
+
+
+entity BillingData : cuid, managed {
+  customer     : Association to one Customers;
+  creditCardNo : String;
+};

gdpr/db/src/.hdiconfig

@@ -0,0 +1,136 @@
+{
+    "file_suffixes": {
+        "csv": {
+            "plugin_name": "com.sap.hana.di.tabledata.source"
+        },
+        "hdbafllangprocedure": {
+            "plugin_name": "com.sap.hana.di.afllangprocedure"
+        },
+        "hdbanalyticprivilege": {
+            "plugin_name": "com.sap.hana.di.analyticprivilege"
+        },
+        "hdbcalculationview": {
+            "plugin_name": "com.sap.hana.di.calculationview"
+        },
+        "hdbcollection": {
+            "plugin_name": "com.sap.hana.di.collection"
+        },
+        "hdbconstraint": {
+            "plugin_name": "com.sap.hana.di.constraint"
+        },
+        "hdbdropcreatetable": {
+            "plugin_name": "com.sap.hana.di.dropcreatetable"
+        },
+        "hdbflowgraph": {
+            "plugin_name": "com.sap.hana.di.flowgraph"
+        },
+        "hdbfunction": {
+            "plugin_name": "com.sap.hana.di.function"
+        },
+        "hdbgraphworkspace": {
+            "plugin_name": "com.sap.hana.di.graphworkspace"
+        },
+        "hdbhadoopmrjob": {
+            "plugin_name": "com.sap.hana.di.virtualfunctionpackage.hadoop"
+        },
+        "hdbindex": {
+            "plugin_name": "com.sap.hana.di.index"
+        },
+        "hdblibrary": {
+            "plugin_name": "com.sap.hana.di.library"
+        },
+        "hdbmigrationtable": {
+            "plugin_name": "com.sap.hana.di.table.migration"
+        },
+        "hdbprocedure": {
+            "plugin_name": "com.sap.hana.di.procedure"
+        },
+        "hdbprojectionview": {
+            "plugin_name": "com.sap.hana.di.projectionview"
+        },
+        "hdbprojectionviewconfig": {
+            "plugin_name": "com.sap.hana.di.projectionview.config"
+        },
+        "hdbreptask": {
+            "plugin_name": "com.sap.hana.di.reptask"
+        },
+        "hdbresultcache": {
+            "plugin_name": "com.sap.hana.di.resultcache"
+        },
+        "hdbrole": {
+            "plugin_name": "com.sap.hana.di.role"
+        },
+        "hdbroleconfig": {
+            "plugin_name": "com.sap.hana.di.role.config"
+        },
+        "hdbsearchruleset": {
+            "plugin_name": "com.sap.hana.di.searchruleset"
+        },
+        "hdbsequence": {
+            "plugin_name": "com.sap.hana.di.sequence"
+        },
+        "hdbstatistics": {
+            "plugin_name": "com.sap.hana.di.statistics"
+        },
+        "hdbstructuredprivilege": {
+            "plugin_name": "com.sap.hana.di.structuredprivilege"
+        },
+        "hdbsynonym": {
+            "plugin_name": "com.sap.hana.di.synonym"
+        },
+        "hdbsynonymconfig": {
+            "plugin_name": "com.sap.hana.di.synonym.config"
+        },
+        "hdbsystemversioning": {
+            "plugin_name": "com.sap.hana.di.systemversioning"
+        },
+        "hdbtable": {
+            "plugin_name": "com.sap.hana.di.table"
+        },
+        "hdbtabledata": {
+            "plugin_name": "com.sap.hana.di.tabledata"
+        },
+        "hdbtabletype": {
+            "plugin_name": "com.sap.hana.di.tabletype"
+        },
+        "hdbtrigger": {
+            "plugin_name": "com.sap.hana.di.trigger"
+        },
+        "hdbview": {
+            "plugin_name": "com.sap.hana.di.view"
+        },
+        "hdbvirtualfunction": {
+            "plugin_name": "com.sap.hana.di.virtualfunction"
+        },
+        "hdbvirtualfunctionconfig": {
+            "plugin_name": "com.sap.hana.di.virtualfunction.config"
+        },
+        "hdbvirtualpackagehadoop": {
+            "plugin_name": "com.sap.hana.di.virtualpackage.hadoop"
+        },
+        "hdbvirtualpackagesparksql": {
+            "plugin_name": "com.sap.hana.di.virtualpackage.sparksql"
+        },
+        "hdbvirtualprocedure": {
+            "plugin_name": "com.sap.hana.di.virtualprocedure"
+        },
+        "hdbvirtualprocedureconfig": {
+            "plugin_name": "com.sap.hana.di.virtualprocedure.config"
+        },
+        "hdbvirtualtable": {
+            "plugin_name": "com.sap.hana.di.virtualtable"
+        },
+        "hdbvirtualtableconfig": {
+            "plugin_name": "com.sap.hana.di.virtualtable.config"
+        },
+        "properties": {
+            "plugin_name": "com.sap.hana.di.tabledata.properties"
+        },
+        "tags": {
+            "plugin_name": "com.sap.hana.di.tabledata.properties"
+        },
+        "txt": {
+            "plugin_name": "com.sap.hana.di.copyonly"
+        }
+    }
+}

gdpr/index.cds

@@ -0,0 +1,4 @@
+namespace sap.capire.gdpr; //> important for reflection
+using from './db/schema';
+using from './srv/pdm-service';
+using from './srv/log-service';

gdpr/manifest.yml

@@ -0,0 +1,31 @@
+# Generated manifest.yml based on template version 0.1.0
+# appName = gdpr
+# language=nodejs
+# multiTenant=false
+---
+applications:
+# -----------------------------------------------------------------------------------
+# Backend Service
+# -----------------------------------------------------------------------------------
+- name: gdpr-srv
+  path: gen/srv
+  memory: 256M
+  buildpack: nodejs_buildpack
+  services:
+  - gdpr-db
+  - uaa
+#  - name: pdm
+#    parameters: ./pdm-config.json 
+
+# -----------------------------------------------------------------------------------
+# HANA Database Content Deployer App
+# -----------------------------------------------------------------------------------
+- name: gdpr-db-deployer
+  path: gen/db
+  no-route: true
+  health-check-type: process
+  memory: 256M
+  instances: 1
+  buildpack: nodejs_buildpack
+  services:
+  - gdpr-db

gdpr/mta.yaml

@@ -0,0 +1,72 @@
+## Generated mta.yaml based on template version 0.4.0
+## appName = gdpr
+## language=nodejs; multitenant=false
+## approuter=
+_schema-version: '3.1'
+ID: capire.gdpr
+version: 1.0.0
+description: "gdpr"
+parameters:
+  enable-parallel-deployments: true
+   
+build-parameters:
+  before-all:
+   - builder: custom
+     commands:
+      - npm install --production
+      - npx -p @sap/cds-dk cds build --production
+
+modules:
+ # --------------------- SERVER MODULE ------------------------
+ - name: gdpr-srv
+ # ------------------------------------------------------------
+   type: nodejs
+   path: gen/srv
+   parameters:
+     buildpack: nodejs_buildpack
+   requires:
+    # Resources extracted from CAP configuration
+    - name: gdpr-db
+    - name: gdpr-uaa
+   provides:
+    - name: srv-api      # required by consumers of CAP services (e.g. approuter)
+      properties:
+        srv-url: ${default-url}
+
+ # -------------------- SIDECAR MODULE ------------------------
+ - name: gdpr-db-deployer
+ # ------------------------------------------------------------
+   type: hdb
+   path: gen/db  
+   parameters:
+     buildpack: nodejs_buildpack
+   requires:
+    # 'hana' and 'xsuaa' resources extracted from CAP configuration
+    - name: gdpr-db
+    - name: gdpr-uaa
+
+
+resources:
+ # services extracted from CAP configuration
+ # 'service-plan' can be configured via 'cds.requires.<name>.vcap.plan'
+# ------------------------------------------------------------
+ - name: gdpr-db
+# ------------------------------------------------------------
+   type: com.sap.xs.hdi-container
+   parameters:
+     service: hana  # or 'hanatrial' on trial landscapes
+     service-plan: hdi-shared
+   properties:
+     hdi-service-name: ${service-name}
+# ------------------------------------------------------------
+ - name: gdpr-uaa
+# ------------------------------------------------------------
+   type: org.cloudfoundry.managed-service
+   parameters:
+     service: xsuaa
+     service-plan: application  
+     config:
+       xsappname: gdpr-${space}    #  name + space dependency
+       tenant-mode: dedicated
+
+

gdpr/package.json

@@ -0,0 +1,33 @@
+{
+    "name": "@capire/gdpr",
+    "version": "1.0.0",
+    "dependencies": {
+        "@capire/bookshop": "../bookshop",
+        "@capire/common": "../common",
+        "@capire/orders": "../orders",
+        "@sap/cds": "^5",
+        "@sap/hana-client": "^2.4.177",
+        "@sap/xsenv": "^3.1.0",
+        "@sap/xssec": "^3.1.1",
+        "express": "^4.17.1",
+        "passport": "^0.4.1"
+    },
+    "scripts": {
+        "start": "cds run --in-memory?",
+        "watch": "cds watch"
+    },
+    "cds": {
+        "requires": {
+            "db": {
+                "kind": "sql"
+            },
+            "uaa": {
+                "kind": "xsuaa"
+            },
+            "audit-log": {
+                "impl": "srv/customAuditLog.js"
+            }
+        },
+        "features": {"audit_personal_data": true}
+    }
+}

gdpr/services-manifest.yml

@@ -0,0 +1,18 @@
+# Generated services-manifest.yml based on template version 0.1.0
+# appName = gdpr
+---
+create-services:
+# ------------------------------------------------------------
+  - name:   gdpr-db
+    broker: hana  # 'hanatrial' on trial landscapes
+    plan: "hdi-shared"
+  - name:   pdm
+    broker: personal-data-manager-service  
+    plan: standard
+    parameters: ./.pdm/pdm-instance-config.json
+  - name:   uaa
+    broker: xsuaa
+    plan: application
+    parameters: xs-security.json
+     
+

gdpr/srv/customAuditLog.js

@@ -0,0 +1,70 @@
+const cds = require('@sap/cds')
+
+// FIXME: no longer works like this with new audit logging plugin
+module.exports = class MyAuditLogService extends cds.AuditLogService {
+  async init() {
+    // console.log('My Audit Log');
+    // call AuditLogService's init
+    await super.init()
+
+    const db = await cds.connect.to('db')
+    const { AuditLogStore } = db.entities('sap.capire.auditLog')
+
+    // register custom handlers
+    this.on('dataAccessLog', async req => {
+      const logs = []
+
+      const action = 'DataAccess'
+      const user = req.user.id
+      const timestamp = req.timestamp
+      const tenant = req.tenant
+      const channel = req.channel
+
+      req.data.accesses.forEach(dataAccess => {
+        logs.push({
+          Action: action,
+          User: user,
+          Timestamp: timestamp,
+          Tenant: tenant,
+          Channel: channel,
+          DataSubjectType: dataAccess.data_subject.type,
+          DataSubjectRole: dataAccess.data_subject.role,
+          DataSubjectID: JSON.stringify(dataAccess.data_subject.id),
+          ObjectType: dataAccess.object.type,
+          ObjectKey: JSON.stringify(dataAccess.object.id),
+          Blob: JSON.stringify(dataAccess)
+        })
+      })
+
+      await INSERT.into(AuditLogStore).entries(logs)
+    })
+
+    this.on('dataModificationLog', async req => {
+      const mods = []
+
+      const action = 'DataModification'
+      const user = req.user.id
+      const timestamp = req.timestamp
+      const tenant = req.tenant
+      const channel = req.channel
+
+      req.data.modifications.forEach(dataModification => {
+        mods.push({
+          Action: action,
+          User: user,
+          Timestamp: timestamp,
+          Tenant: tenant,
+          Channel: channel,
+          DataSubjectType: dataModification.data_subject.type,
+          DataSubjectRole: dataModification.data_subject.role,
+          DataSubjectID: JSON.stringify(dataModification.data_subject.id),
+          ObjectType: dataModification.object.type,
+          ObjectKey: JSON.stringify(dataModification.object.id),
+          Blob: JSON.stringify(dataModification)
+        })
+      })
+
+      await INSERT.into(AuditLogStore).entries(mods)
+    })
+  }
+}

gdpr/srv/log-service.cds

@@ -0,0 +1,13 @@
+using {sap.capire.bookshop as db} from '../db/data-privacy';
+using {sap.capire.orders as dbo} from '../db/data-privacy';
+using {sap.capire.auditLog as log} from '../db/AuditLogStore.cds';
+
+//@requires: 'PersonalDataManagerUser' // security check
+service LogService {
+
+  entity Customers     as projection on db.Customers;
+  entity Addresses     as projection on db.Addresses;
+  entity Orders        as projection on dbo.Orders;
+  entity AuditLogStore as projection on log.AuditLogStore;
+
+};

gdpr/srv/pdm-service.cds

@@ -0,0 +1,43 @@
+using {sap.capire.bookshop as db} from '../db/data-privacy';
+using {sap.capire.bookshop.Books} from '../db/data-privacy';
+using {sap.capire.orders.Orders} from '../db/data-privacy';
+using {sap.capire.orders.OrderItems} from '../db/data-privacy';
+
+//@requires: 'PersonalDataManagerUser' // security check
+service PDMService {
+
+  // Data Privacy annotations on 'Customers', 'Addresses', and 'BillingData' are derived from original entity definitions
+  entity Customers     as projection on db.Customers;
+  entity Addresses     as projection on db.Addresses;
+  entity BillingData   as projection on db.BillingData;
+
+  //   create view on Orders and Items as flat projection
+  entity OrderItemView as
+    select from Orders {
+          ID,
+      key Items.ID        as item_ID,
+          OrderNo,
+          customer.ID     as customer_ID,
+          customer.email  as customer_email,
+          Items.book.ID   as item_Book_ID,
+          Items.amount    as item_Amount,
+          Items.netAmount as item_NetAmount
+    };
+
+  //  annotate new view
+  annotate PDMService.OrderItemView with @(PersonalData.EntitySemantics: 'Other') {
+    item_ID        @PersonalData.FieldSemantics: 'ContractRelatedID';
+    customer_ID    @PersonalData.FieldSemantics: 'DataSubjectID';
+    customer_email @PersonalData.IsPotentiallyPersonal;
+  };
+
+  // annotations for Personal Data Manager - Search Fields
+  annotate Customers with @(Communication.Contact: {
+    n   : {
+      surname: lastName,
+      given  : firstName
+    },
+    bday: dateOfBirth
+  });
+
+};

gdpr/test.http

@@ -0,0 +1,25 @@
+###
+
+get http://localhost:4004/log/AuditLogStore
+
+###
+
+get http://localhost:4004/log/Customers
+
+###
+
+post http://localhost:4004/log/Customers
+Content-Type: application/json
+
+{
+            "ID": "22e718c9-ff99-47f1-8ca3-950c850777d4",
+            "createdAt": "2019-01-30T00:00:00.000Z",
+            "createdBy": "admin@business.com",
+            "modifiedAt": "2019-04-04T00:00:00.000Z",
+            "modifiedBy": "admin@business.com",
+            "email": "johanna.doe@company.org",
+            "firstName": "Queen Johanna",
+            "lastName": "Doe",
+            "creditCardNo": "1313-7171-5656-7878",
+            "dateOfBirth": "2001-11-11"
+}

gdpr/xs-security.json

@@ -0,0 +1,13 @@
+{
+    "xsappname": "gdpr-bookshop",
+    "tenant-mode": "shared",
+    "scopes": [
+        {
+            "name": "$XSAPPNAME.PersonalDataManagerUser",
+            "description": "Authority for Personal Data Manager",
+            "grant-as-authority-to-apps": [
+                "$XSSERVICENAME(pdm)"
+            ]
+        }
+    ]
+}

orders/db/schema.cds

@@ -1,19 +1,22 @@
-using { Currency, User, managed, cuid } from '@sap/cds/common';
+using { sap.capire.bookshop.Books }       from '../../bookshop/db/schema';
+using { User, Currency, managed, cuid }   from '../../common';
 namespace sap.capire.orders;
 
 entity Orders : cuid, managed {
   OrderNo  : String(22) @title:'Order Number'; //> readable key
-  Items    : Composition of many {
-    key ID    : UUID;
-    product   : Association to Products;
-    quantity  : Integer;
-    title     : String; //> intentionally replicated as snapshot from product.title
-    price     : Double; //> materialized calculated field
-  };
+  Items    : Composition of many OrderItems;
   buyer    : User;
   currency : Currency;
 }
 
+entity OrderItems : cuid, managed {
+    book      : Association to Products;
+    quantity  : Integer;
+    title     : String; //> intentionally replicated as snapshot from product.title
+    amount    : Double; //> materialized calculated field
+    netAmount : Double; 
+}
+
 /** This is a stand-in for arbitrary ordered Products */
 entity Products @(cds.persistence.skip:'always') {
   key ID : String;
@@ -21,4 +24,4 @@ entity Products @(cds.persistence.skip:'always') {
 
 
 // this is to ensure we have filled-in currencies
-using from '@capire/common';
+// using from '@capire/common';

package-lock.json

@@ -21,6 +21,12 @@
         "./reviews"
       ],
       "dependencies": {
+        "@capire/bookshop": "./bookshop",
+        "@capire/common": "./common",
+        "@capire/fiori": "./fiori",
+        "@capire/media": "./media",
+        "@capire/orders": "./orders",
+        "@capire/reviews": "./reviews",
         "@sap/cds": ">=5.5.3"
       },
       "devDependencies": {

package.json

@@ -5,6 +5,12 @@
   "repository": "https://github.com/sap-samples/cloud-cap-samples.git",
   "author": "daniel.hutzel@sap.com",
   "dependencies": {
+    "@capire/bookshop": "./bookshop",
+    "@capire/common": "./common",
+    "@capire/fiori": "./fiori",
+    "@capire/media": "./media",
+    "@capire/orders": "./orders",
+    "@capire/reviews": "./reviews",
     "@sap/cds": ">=5.5.3"
   },
   "workspaces": [