Skip to content

feat: rejection events#404

Merged
KoblerS merged 13 commits intocap-js:mainfrom
ansgarlichter:feat/emit-events-for-security-relevant-rejections
Mar 24, 2026
Merged

feat: rejection events#404
KoblerS merged 13 commits intocap-js:mainfrom
ansgarlichter:feat/emit-events-for-security-relevant-rejections

Conversation

@ansgarlichter
Copy link
Copy Markdown
Contributor

@ansgarlichter ansgarlichter commented Mar 13, 2026

Closes #400.

If you do not see the feature request as a valid enhancement, just close the PR.

@ansgarlichter ansgarlichter requested a review from a team as a code owner March 13, 2026 09:00
schiwekM
schiwekM reviewed Mar 13, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@schiwekM schiwekM left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks again for the changes. We will add docs to the readme to document the events and then the PR is good to go.

Comment thread lib/generic-handlers.js Outdated
Comment thread lib/generic-handlers.js Outdated
Comment thread lib/generic-handlers.js Outdated
@ansgarlichter @schiwekM
refactor: await event
823a3e5 
Co-authored-by: Marten Schiwek <marten.schiwek@sap.com>
@ansgarlichter @schiwekM
refactor: await event
fae766f 
Co-authored-by: Marten Schiwek <marten.schiwek@sap.com>
@ansgarlichter @schiwekM
refactor: await event
94e633b 
Co-authored-by: Marten Schiwek <marten.schiwek@sap.com>
@ansgarlichter ansgarlichter requested a review from schiwekM March 13, 2026 09:50
@ansgarlichter
Copy link
Copy Markdown
Contributor Author

ansgarlichter commented Mar 13, 2026

Thanks again for the changes. We will add docs to the readme to document the events and then the PR is good to go.

I just had another point, when I saw your review: would it be beneficial to emit those events inside cds.spawn so that errors inside those event handlers do not crash the attachment's request? As an example: if logging to audit log fails in the event handler, the user should still get the response properly in the plugins POV.

@schiwekM
Copy link
Copy Markdown
Contributor

schiwekM commented Mar 13, 2026

That should be the case ootb. Emit should write the events to the outbox, the transaction continues. And the outbox picks up the event, starts a new transaction and calls the handler

@ansgarlichter
Copy link
Copy Markdown
Contributor Author

ansgarlichter commented Mar 13, 2026

That should be the case ootb. Emit should write the events to the outbox, the transaction continues. And the outbox picks up the event, starts a new transaction and calls the handler

Just for clarification - in the docs for the outbox (see https://pages.github.tools.sap/cap/docs/node.js/queue#persistent-queue):

Using the persistent queue, the to-be-emitted message is stored in a database table within the current transaction, therefore transactional consistency is guaranteed.
Once the transaction succeeds, the messages are read from the database table and dispatched. If processing was successful, the respective message is deleted from the database table. If processing failed, the system retries the message after exponentially increasing delays.

If I understand this correctly, the event won't be written to the outbox but the request's transaction is rolled back via req.reject the transaction is not committed. Therefore, the event is never transmitted. So we would need cds.spawn or immediate events if the emit method offers a param for this?

@schiwekM
Copy link
Copy Markdown
Contributor

schiwekM commented Mar 13, 2026

Ahh, so you want to even emit the event in cases where the transaction is rolled back? Yes in that case we need to wrap it inside cds.spawn

@ansgarlichter
Copy link
Copy Markdown
Contributor Author

ansgarlichter commented Mar 13, 2026

Ahh, so you want to even emit the event in cases where the transaction is rolled back? Yes in that case we need to wrap it inside cds.spawn

Yes, if you look in the code, the request gets rejected if for example the attachment is too large. I will adapt it accordingly.

@ansgarlichter
fix: emit events inside cds.spawn to get consumers possibility to rea…
8f6dbe6 
…ct even if transaction is rolled back
@ansgarlichter
Merge branch 'feat/emit-events-for-security-relevant-rejections' of g…
698a554 
…ithub.com:ansgarlichter/attachments into feat/emit-events-for-security-relevant-rejections
KoblerS
KoblerS reviewed Mar 24, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@KoblerS KoblerS left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

HI @ansgarlichter, thanks for raising the PR and also for your patience! Can you check if the asynchronous await is still required hence you don't have any awaits as far as I can see in the validateAttachmentMimeType function

Comment thread lib/generic-handlers.js Outdated
Comment thread lib/generic-handlers.js Outdated
Comment thread lib/plugin.js Outdated
Comment thread tests/unit/rejectionEvents.test.js Outdated
Comment thread tests/unit/validateAttachmentMimeType.test.js Outdated
Comment thread tests/unit/validateAttachmentMimeType.test.js Outdated
Comment thread tests/unit/validateAttachmentMimeType.test.js Outdated
Comment thread tests/unit/validateAttachmentMimeType.test.js Outdated
Comment thread tests/unit/validateAttachmentMimeType.test.js Outdated
Comment thread tests/unit/validateAttachmentMimeType.test.js Outdated
@schiwekM schiwekM mentioned this pull request Mar 24, 2026
Merged
schiwekM
schiwekM reviewed Mar 24, 2026
View reviewed changes
Comment thread tests/unit/validateAttachmentMimeType.test.js Outdated
schiwekM
schiwekM reviewed Mar 24, 2026
View reviewed changes
Comment thread tests/unit/validateAttachmentMimeType.test.js Outdated
@schiwekM @KoblerS
Apply suggestions from code review
f17227a 
Co-authored-by: Simon Kobler <32038731+KoblerS@users.noreply.github.com>
Co-authored-by: Marten Schiwek <marten.schiwek@sap.com>
schiwekM
schiwekM reviewed Mar 24, 2026
View reviewed changes
Comment thread tests/unit/validateAttachmentMimeType.test.js Outdated
@schiwekM
Apply suggestions from code review
cb069a2 
Co-authored-by: Marten Schiwek <marten.schiwek@sap.com>
@KoblerS KoblerS enabled auto-merge (squash) March 24, 2026 11:58
@KoblerS KoblerS merged commit a6c59c2 into cap-js:main Mar 24, 2026
30 of 34 checks passed
schiwekM added a commit that referenced this pull request Mar 25, 2026
@schiwekM @ansgarlichter @KoblerS
Add audit logging for sec events (#410)
c1973ca 
Adding audit logging for sec events in case @cap-js/audit-logging is a
dependency.

Depends on #404

---------

Co-authored-by: Ansgar Lichter <lichteransgar@gmail.com>
Co-authored-by: Simon Kobler <32038731+KoblerS@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@schiwekM schiwekM schiwekM approved these changes

@KoblerS KoblerS KoblerS approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

AttachmentsService: Emit observable events for security-relevant upload/download rejections

3 participants

@ansgarlichter @schiwekM @KoblerS