cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

CAP feature flag "restrict_all_services" is broken in latest release 6.7.1

jhodel18
Active Contributor

on ‎04-18-2023 11:49 AM

Hi CAP team,

The feature flag `cds.env.requires.auth.restrict_all_services: false` is broken on the latest release @sap/cds@6.7.1. However, it still worked on 6.1.0.

Related cap documentation: https://cap.cloud.sap/docs/releases/jun22#auth-by-default

See below code that was completely bypassed in latest release:

@sap/cds/libx/_runtime/auth/index.js > line 163

// Security by default: set restrict_all_services if not disabled 
// this is done dynamically to also cover custom auth impl 
if (process.env.NODE_ENV === 'production' && config.restrict_all_services !== false) {
 config.restrict_all_services = true
}
Show replies
Show replies
vansyckel
Advisor
Advisor
‎04-19-2023 12:20 PM
0 Kudos

Hi jhodel18,

Cannot confirm. Please provide steps to reproduce.

Best,
Sebastian

jhodel18
Active Contributor
‎04-19-2023 1:44 PM
0 Kudos

Hi vansyckel

You can use my sample project: https://github.com/jcailan/cap-fe-samples

- Do `npm i` then `npm run deploy` to deploy to CF -- this is using latest @sap/cds version

- Test the generated URL of CAP service and test any CAP endpoints.

Here's my own sample deployment: https://capfes-srv-riz-inno-dev.cfapps.us10.hana.ondemand.com/product-api/Products

It get's `Unauthorized` response.

Another deployment using @sap/cds@6.1.0 will yield the expected result -- the endpoint is not authenticated:

https://capfes-srv-riz-inno-demo.cfapps.us10.hana.ondemand.com/product-api/Products

Note that the feature flag is configured in `package.json` file.

Thanks and regards,

Jhodel

Answer
View Entire Topic
vansyckel
Advisor
Advisor
‎04-20-2023 8:45 AM

Hi jhodel18,

Thanks, can confirm now. It's caused by serving to graphql. We will look into it asap.

Best,
Sebastian

Show replies
Show replies
jhodel18
Active Contributor
‎04-22-2023 5:38 AM
0 Kudos

Hi Sebastian, thanks for the acknowledgment!

Ask a Question