SAP-archive · ag3silaus · Oct 29, 2021
diff --git a/cap/.gitignore b/cap/.gitignore
@@ -6,6 +6,7 @@ default-*.json
 gen/
 node_modules/
 target/
+package-lock.json
 
 # Web IDE, App Studio
 .che/

diff --git a/cap/db/data-model.cds b/cap/db/data-model.cds
@@ -4,4 +4,5 @@ entity Books {
   key ID : Integer;
   title  : String;
   stock  : Integer;
-}
+  createdBy  : String      @cds.on.insert : $user;  
+}
diff --git a/cap/package-lock.json b/cap/package-lock.json
diff --git a/cap/package.json b/cap/package.json
@@ -7,8 +7,11 @@
     "private": true,
     "dependencies": {
         "@sap/cds": "^5.5.4",
+        "cors": "^2.8.5",
         "express": "^4",
-        "hdb": "^0.19"
+        "hdb": "^0.19",
+        "helmet": "^4.6.0",
+        "passport": "^0.5.0"
     },
     "devDependencies": {
         "sqlite3": "^5.0.2"
@@ -49,6 +52,23 @@
         },
         "hana": {
             "deploy-format": "hdbtable"
+        },
+        "auth": {
+            "kind": "basic-auth",
+            "users": {
+                "user_basic": {
+                    "password": "28725",
+                    "roles": [
+                        "reader"
+                    ]
+                },
+                "user_admin": {
+                    "password": "73546",
+                    "roles": [
+                        "admin"
+                    ]
+                }
+            }
         }
     }
 }
diff --git a/cap/srv/cat-service.cds b/cap/srv/cat-service.cds
@@ -1,5 +1,23 @@
 using my.bookshop as my from '../db/data-model';
 
 service CatalogService {
-    @readonly entity Books as projection on my.Books;
-}
+    @Capabilities: { 
+        InsertRestrictions.Insertable: true,
+        UpdateRestrictions.Updatable: true,
+        DeleteRestrictions.Deletable: false  
+    }
+    entity Books @(restrict : [
+        {
+            grant : ['READ'],
+            to    : ['reader']
+        },
+        {
+            grant : ['READ', 'UPDATE', 'WRITE'],
+            to    : ['admin']
+        }
+    ]) as projection on my.Books;
+}
+
+annotate Books with @(restrict: [ 
+  { grant: ['UPDATE', 'DELETE'], where: 'CreatedBy = $user' } ]); 
+
diff --git a/cap/srv/server.js b/cap/srv/server.js
@@ -1,6 +1,19 @@
-const cds = require ('@sap/cds')
+const cds = require("@sap/cds");
+const cors = require("cors");
+const helmet = require("helmet");
 cds.on('bootstrap', (app) => {
-
+
+    app.use(cors())
+    app.use(
+        helmet({
+          contentSecurityPolicy: {
+            directives: {
+              ...helmet.contentSecurityPolicy.getDefaultDirectives(),
+            },
+          },
+        })
+      );
+
 })
 
-module.exports = cds.server
+module.exports = cds.server
-Original file line number
+Diff line change
@@ Expand Up / @@ -6,6 +6,7 @@ default-*.json @@
     gen/
     node_modules/
     target/
+    package-lock.json
     # Web IDE, App Studio
     .che/
@@ Expand Down @@