69 support for azure blob storage

.vscode/settings.json

@@ -0,0 +1,4 @@
+{
+  "editor.tabSize": 2,
+  "editor.indentSize": 2
+}

README.md

@@ -329,15 +329,12 @@ resources:
 The unit tests in this module do not need a binding to the respective object stores, run them with `npm install`. To achieve a clean install, the command `rm -rf node_modules` should be used before installation.
 
 The integration tests need a binding to a real object store. Run them with `npm run test`.
-To set the binding, provide the following environment variables:
-- AWS_S3_BUCKET
-- AWS_S3_REGION
-- AWS_S3_ACCESS_KEY_ID
-- AWS_S3_SECRET_ACCESS_KEY
+To set the binding, please see the section [Storage Targets](#storage-targets).
 
-##### Supported Storage Backends
+##### Supported Storage Provider
 
 - **AWS S3**
+- **Azure Blob Storage**
 
 ### Model Texts
 

lib/aws-s3.js

@@ -36,8 +36,9 @@ module.exports = class AWSAttachmentsService extends require("./basic") {
       const creds = cds.env.requires?.objectStore?.credentials
 
       if (!creds) {
-        logConfig.configValidation('objectStore.credentials', creds, false,
-          'Bind an SAP Object Store instance to your application or configure separateObjectStore for multitenancy')
+        if (Object.keys(creds).includes('container_name')) {
+          throw new Error('Azure Blob Storage credentials found where AWS S3 credentials expected, please check your service bindings.')
+        }
         throw new Error("SAP Object Store instance is not bound.")
       }
 
@@ -46,8 +47,9 @@ module.exports = class AWSAttachmentsService extends require("./basic") {
       const missingFields = requiredFields.filter(field => !creds[field])
 
       if (missingFields.length > 0) {
-        logConfig.configValidation('objectStore.credentials', creds, false,
-          `Object Store credentials missing: ${missingFields.join(', ')}`)
+        if (Object.keys(creds).includes('container_name')) {
+          throw new Error('Azure Blob Storage credentials found where AWS S3 credentials expected, please check your service bindings.')
+        }
         throw new Error(`Missing Object Store credentials: ${missingFields.join(', ')}`)
       }
 
@@ -101,31 +103,8 @@ module.exports = class AWSAttachmentsService extends require("./basic") {
         return
       }
 
-      // Validate Service Manager configuration
-      const serviceManagerCreds = cds.env.requires?.serviceManager?.credentials
-      if (!serviceManagerCreds) {
-        logConfig.configValidation('serviceManager.credentials', serviceManagerCreds, false,
-          'Bind a Service Manager instance for separate object store mode')
-        throw new Error("Service Manager Instance is not bound")
-      }
-
-      const { sm_url, url, clientid, clientsecret, certificate, key, certurl } = serviceManagerCreds
-
-      // Validate required Service Manager fields
-      const requiredSmFields = ['sm_url', 'url', 'clientid']
-      const missingSmFields = requiredSmFields.filter(field => !serviceManagerCreds[field])
-
-      if (missingSmFields.length > 0) {
-        logConfig.configValidation('serviceManager.credentials', serviceManagerCreds, false,
-          `Service Manager credentials missing: ${missingSmFields.join(', ')}`)
-        throw new Error(`Missing Service Manager credentials: ${missingSmFields.join(', ')}`)
-      }
-
-      logConfig.debug('Fetching access token for tenant', { tenantID, sm_url })
-      const token = await utils.fetchToken(url, clientid, clientsecret, certificate, key, certurl)
-
       logConfig.debug('Fetching object store credentials for tenant', { tenantID })
-      const objectStoreCreds = await utils.getObjectStoreCredentials(tenantID, sm_url, token)
+      const objectStoreCreds = await utils.getObjectStoreCredentials(tenantID)
 
       if (!objectStoreCreds) {
         logConfig.withSuggestion('error',
@@ -272,24 +251,21 @@ module.exports = class AWSAttachmentsService extends require("./basic") {
       })
 
       // Initiate malware scan if configured
-      if (this.kind === 's3') {
-        logConfig.debug('Initiating malware scan for uploaded file', {
-          fileId: metadata.ID,
-          filename: metadata.filename
-        })
-
-        const scanRequestJob = cds.spawn(async () => {
-          await scanRequest(attachments, { ID: metadata.ID })
-        })
+      logConfig.debug('Initiating malware scan for uploaded file', {
+        fileId: metadata.ID,
+        filename: metadata.filename
+      })
 
-        scanRequestJob.on('error', (err) => {
-          logConfig.withSuggestion('error',
-            'Failed to initiate malware scan for attachment', err,
-            'Check malware scanner configuration and connectivity',
-            { fileId: metadata.ID, filename: metadata.filename, errorMessage: err.message })
-        })
-      }
+      const scanRequestJob = cds.spawn(async () => {
+        await scanRequest(attachments, { ID: metadata.ID })
+      })
 
+      scanRequestJob.on('error', (err) => {
+        logConfig.withSuggestion('error',
+          'Failed to initiate malware scan for attachment', err,
+          'Check malware scanner configuration and connectivity',
+          { fileId: metadata.ID, filename: metadata.filename, errorMessage: err.message })
+      })
     } catch (err) {
       const duration = Date.now() - startTime
       logConfig.withSuggestion('error',
@@ -385,21 +361,21 @@ module.exports = class AWSAttachmentsService extends require("./basic") {
    * @param {import('express').NextFunction} next - The next middleware function
    */
   async updateContentHandler(req, next) {
-    logConfig.debug(`[S3 Upload] Uploading file using updateContentHandler for ${req.target.name}`)
+    logConfig.debug(`[AWS S3] Uploading file using updateContentHandler for ${req.target.name}`)
 
     // Check separate object store instances
     if (separateObjectStore) {
       const tenantID = cds.context.tenant
       await this.createClientS3(tenantID)
     }
 
-    const targetID = req.data.ID || req.params[1]?.ID || req.params[1];
+    const targetID = req.data.ID || req.params[1]?.ID || req.params[1]
     if (!targetID) {
-      req.reject(400, "Missing ID in request");
+      req.reject(400, "Missing ID in request")
     }
 
     if (req?.data?.content) {
-      const response = await SELECT.from(req.target, { ID: targetID }).columns("url");
+      const response = await SELECT.from(req.target, { ID: targetID }).columns("url")
       if (response?.url) {
         const Key = response.url
         const input = {
@@ -416,7 +392,7 @@ module.exports = class AWSAttachmentsService extends require("./basic") {
         const keys = { ID: targetID }
 
         const scanRequestJob = cds.spawn(async () => {
-          await scanRequest(req.target, keys, req)
+          await scanRequest(req.target, keys)
         })
 
         scanRequestJob.on('error', async (err) => {
@@ -426,12 +402,12 @@ module.exports = class AWSAttachmentsService extends require("./basic") {
             { keys, errorMessage: err.message })
         })
 
-        logConfig.debug(`[S3 Upload] Uploaded file using updateContentHandler for ${req.target.name}`)
+        logConfig.debug(`[AWS S3] Uploaded file using updateContentHandler for ${req.target.name}`)
       }
     } else if (req?.data?.note) {
       const key = { ID: targetID }
       await super.update(req.target, key, { note: req.data.note })
-      logConfig.debug(`[S3 Upload] Updated file upload with note for ${req.target.name}`)
+      logConfig.debug(`[AWS S3] Updated file upload with note for ${req.target.name}`)
     } else {
       next()
     }
@@ -488,7 +464,7 @@ module.exports = class AWSAttachmentsService extends require("./basic") {
    */
   async delete(Key) {
     const tenantID = cds.context.tenant
-    logConfig.debug(`[S3 Upload] Executing delete for file ${Key} in bucket ${this.bucket}`)
+    logConfig.debug(`[AWS S3] Executing delete for file ${Key} in bucket ${this.bucket}`)
 
     // Check separate object store instances
     if (separateObjectStore) {
@@ -505,6 +481,7 @@ module.exports = class AWSAttachmentsService extends require("./basic") {
   }
 
   /**
+   * Requires implementation as delete of infected attachment is specific to storage service
    * @inheritdoc
    */
   async deleteInfectedAttachment(Attachments, key) {