049345a39c
@assert.enum has been deprecated since April 2020: https://cap.cloud.sap/docs/releases/apr20#value-range-annotations-for-odata @assert.range is the correct annotation to use: https://cap.cloud.sap/docs/guides/generic#assertrange-check-constraints
45 lines
1.3 KiB
Plaintext
45 lines
1.3 KiB
Plaintext
using { sap.capire.reviews as my } from '../db/schema';
|
|
|
|
service ReviewsService {
|
|
|
|
// Sync API
|
|
entity Reviews as projection on my.Reviews excluding { likes }
|
|
action like (review: type of Reviews:ID);
|
|
action unlike (review: type of Reviews:ID);
|
|
|
|
// Async API
|
|
event reviewed : {
|
|
subject: type of Reviews:subject;
|
|
rating: Decimal(2,1)
|
|
}
|
|
|
|
// Input validation
|
|
annotate Reviews with {
|
|
subject @mandatory;
|
|
title @mandatory;
|
|
rating @assert.range;
|
|
}
|
|
|
|
}
|
|
|
|
|
|
// Access control restrictions
|
|
annotate ReviewsService.Reviews with @restrict:[
|
|
{ grant:'READ', to:'any' }, // everybody can read reviews
|
|
{ grant:'CREATE', to:'authenticated-user' }, // users must login to add reviews
|
|
/////////////////////////////////////////////////
|
|
//
|
|
// Temporarily disabling this due to glitch in CAP Node.js runtime:
|
|
// { grant:'UPDATE', to:'authenticated-user', where:'reviewer=$user' },
|
|
// -> reenable it when the issue is fixed
|
|
{ grant:'UPDATE', to:'authenticated-user' },
|
|
//
|
|
////////////////////////////////////////////////////
|
|
{ grant:'DELETE', to:'admin' },
|
|
];
|
|
|
|
annotate ReviewsService with @restrict:[
|
|
{ grant:'like', to:'identified-user' },
|
|
{ grant:'unlike', to:'identified-user', where:'user=$user' },
|
|
];
|