cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

HTTP Status Code Responses on @readonly

tobias_steckenborn
Active Participant

on ‎11-14-2022 2:36 PM

0 Kudos

Hey there,

Is it possible that currently, the HTTP Status Code Responses for the annotation of @readonly and the capability "IndexableByKey" are handled differently depending on the HTTP method?

For DELETE, as expected, I get 401 (Unauthorized) for unauthenticated users and 405 (Method not allowed) for authenticated users.

For PATCH / PUT / POST and a GET on an entity, I unexpectedly get 401 back in all cases.

I would have expected it to be 405 for authenticated and 401 for unauthenticated users, as with Delete. Alternatively, I would have expected at least the combination 401 and 403 (Forbidden).

Is the current behavior as desired, or is it a bug?

Best regards,

Tobias

Show replies
Show replies
OlenaT
Advisor
Advisor
‎11-29-2022 9:29 AM
0 Kudos

Hi Tobias,

Are you using node.js or java stack? How exactly are you using "IndexableByKey" capability annotation? Please also provide the output of the cds -v command.

Best regards,

Olena

tobias_steckenborn
Active Participant
‎11-29-2022 4:28 PM
0 Kudos

Hi Olena,

Using the node.js stack. "IndexableByKey" used in the following way:

  @readonly
  @Capabilities : {
    IndexableByKey : false,
    TopSupported   : false,
    SkipSupported  : false,
  }
  entity SomeEntity

With regards to the version:

❯ cds -v

@sap/cds: 6.3.1<br>@sap/cds-compiler: 3.3.2

@sap/cds-dk: 6.3.1<br>@sap/cds-dk (global): 6.3.1

>@sap/cds-foss: 4.0.0

@sap/cds-mtx: -- missing --

@sap/cds-odata-v2-adapter-proxy: 1.9.14

@sap/eslint-plugin-cds: 2.6.0

@sap/xssec: 3.2.14

Node.js: v18.11.0

Best regards,

Tobias

OlenaT
Advisor
Advisor
‎12-05-2022 4:07 PM
0 Kudos

Hi Tobias,

From the runtime side I can't comment on the capability IndexableByKey annotation, we have no special logic for it.

With @readonly and protected entity, I can't reproduce your problem, I get 405 for a POST request. Please provide me a simple entity definition and a POST request that can trigger the described behaviour.

Thank you!

Best regards,

Olena

Answer

Accepted Solutions (0)

Answers (0)

Ask a Question