Data Privacy & Audit Logging

bookshop/app/index.cds

@@ -0,0 +1,2 @@
+// Incorporate pre-build extensions from...
+using from '../../common';

bookshop/srv/cat-service.cds

@@ -10,7 +10,12 @@ service CatalogService @(path:'/browse') {
     author.name as author
   } excluding { createdBy, modifiedBy };
 
+<<<<<<< HEAD
+  @requires_: 'authenticated-user'
+  action submitOrder (book : Integer, amount: Integer);
+=======
   @requires: 'authenticated-user'
   action submitOrder ( book: Books:ID, quantity: Integer ) returns { stock: Integer };
   event OrderedBook : { book: Books:ID; quantity: Integer; buyer: String };
+>>>>>>> 534af7ffee60e086c563dbaa450e86e5fca5cf2b
 }

gdpr/.pdm/pdm-config.json

@@ -0,0 +1,18 @@
+{
+  "fullyQualifiedApplicationName": "gdpr-bookshop",
+  "fullyQualifiedModuleName": "gdpr-srv",
+  "applicationTitle": "PDM Bookshop",
+  "applicationTitleKey": "PDM Bookshop",
+  "applicationURL": "https://gdpr-srv.cfapps.sap.hana.ondemand.com/",
+  "endPoints": [
+    {
+      "type": "odatav4",
+      "serviceName": "pdm-service",
+      "serviceTitle": "GDPR",
+      "serviceTitleKey": "GDPR",
+      "serviceURI": "pdm",
+      "hasGdprV4Annotations": true,
+      "cacheControl": "no-cache"
+    }
+  ]
+}

gdpr/.pdm/pdm-instance-config.json

@@ -0,0 +1,8 @@
+{
+  "xs-security": {
+    "xsappname": "gdpr-bookshop",
+    "authorities": ["$ACCEPT_GRANTED_AUTHORITIES"]
+  },
+  "fullyQualifiedApplicationName": "gdpr-bookshop",
+  "appConsentServiceEnabled": true
+}

gdpr/db/AuditLogStore.cds

@@ -0,0 +1,23 @@
+using { managed, cuid, sap.common.CodeList } from '@sap/cds/common';
+
+namespace sap.capire.auditLog;
+
+entity AuditLogStore : cuid {
+
+  Action              : String enum{DataAccess; DataModification};  
+
+  User                : String;    
+  Timestamp           : Timestamp;
+  Tenant              : String;
+  Channel             : String;
+
+  DataSubjectType     : String;         // Bussiness Partner
+  DataSubjectRole     : String;         // Customer // Employee // ...
+  DataSubjectID       : LargeString;    // key value pair as JSON
+  ObjectType          : String;         // like SalesOrder
+  ObjectKey           : LargeString;    // key value pair as JSON   
+
+  Blob                : LargeString;    // Payload: DataModification or Data Access as BLOB
+
+}
+

gdpr/db/data-privacy.cds

@@ -0,0 +1,66 @@
+// Proxy for importing schema from bookshop sample
+using {sap.capire.bookshop} from './schema';
+
+// annotations for Data Privacy
+annotate bookshop.Customers with @PersonalData : {
+  DataSubjectRole : 'Customer',
+  EntitySemantics : 'DataSubject'
+} 
+{
+  ID           @PersonalData.FieldSemantics : 'DataSubjectID';
+  email        @PersonalData.IsPotentiallyPersonal;
+  firstName    @PersonalData.IsPotentiallyPersonal;
+  lastName     @PersonalData.IsPotentiallyPersonal;
+ // creditCardNo @PersonalData.IsPotentiallySensitive;
+  dateOfBirth  @PersonalData.IsPotentiallyPersonal;
+}
+
+annotate bookshop.CustomerBillingData with @PersonalData : {
+  DataSubjectRole : 'Customer',
+  EntitySemantics : 'DataSubjectDetails'
+} 
+{
+  creditCardNo @PersonalData.IsPotentiallySensitive;
+}
+
+annotate bookshop.CustomerPostalAddress with @PersonalData : {
+  DataSubjectRole : 'Customer',
+  EntitySemantics : 'DataSubjectDetails'
+} 
+{
+  Customer @PersonalData.FieldSemantics : 'DataSubjectID';
+  street   @PersonalData.IsPotentiallyPersonal;
+  town     @PersonalData.IsPotentiallyPersonal;
+  country  @PersonalData.IsPotentiallyPersonal;
+}
+
+annotate bookshop.Orders with @PersonalData.EntitySemantics : 'Other'
+{
+  ID              @PersonalData.FieldSemantics : 'ContractRelatedID';
+  Customer        @PersonalData.FieldSemantics : 'DataSubjectID';
+  personalComment @PersonalData.IsPotentiallyPersonal;
+}
+
+// annotations for Audit Log
+annotate bookshop.Customers with @AuditLog.Operation : {
+  Read   : true,
+  Insert : true,
+  Update : true,
+  Delete : true
+};
+
+// annotations for Audit Log
+annotate bookshop.CustomerPostalAddress with @AuditLog.Operation : {
+  Read   : true,
+  Insert : true,
+  Update : true,
+  Delete : true
+};
+
+// annotations for Audit Log
+annotate bookshop.Orders with @AuditLog.Operation : {
+  Read   : true,
+  Insert : true,
+  Update : true,
+  Delete : true
+};

gdpr/db/data/sap.capire.bookshop-Authors.csv

@@ -0,0 +1,5 @@
+ID;name;dateOfBirth;placeOfBirth;dateOfDeath;placeOfDeath
+101;Emily Brontë;1818-07-30;Thornton, Yorkshire;1848-12-19;Haworth, Yorkshire
+107;Charlotte Brontë;1818-04-21;Thornton, Yorkshire;1855-03-31;Haworth, Yorkshire
+150;Edgar Allen Poe;1809-01-19;Boston, Massachusetts;1849-10-07;Baltimore, Maryland
+170;Richard Carpenter;1929-08-14;King’s Lynn, Norfolk;2012-02-26;Hertfordshire, England

gdpr/db/data/sap.capire.bookshop-Books.csv

@@ -0,0 +1,6 @@
+ID;title;descr;author_ID;stock;price;currency_code;genre_ID
+201;Wuthering Heights;"Wuthering Heights, Emily Brontë's only novel, was published in 1847 under the pseudonym ""Ellis Bell"". It was written between October 1845 and June 1846. Wuthering Heights and Anne Brontë's Agnes Grey were accepted by publisher Thomas Newby before the success of their sister Charlotte's novel Jane Eyre. After Emily's death, Charlotte edited the manuscript of Wuthering Heights and arranged for the edited version to be published as a posthumous second edition in 1850.";101;12;11.11;GBP;11
+207;Jane Eyre;"Jane Eyre /ɛər/ (originally published as Jane Eyre: An Autobiography) is a novel by English writer Charlotte Brontë, published under the pen name ""Currer Bell"", on 16 October 1847, by Smith, Elder & Co. of London. The first American edition was published the following year by Harper & Brothers of New York. Primarily a bildungsroman, Jane Eyre follows the experiences of its eponymous heroine, including her growth to adulthood and her love for Mr. Rochester, the brooding master of Thornfield Hall. The novel revolutionised prose fiction in that the focus on Jane's moral and spiritual development is told through an intimate, first-person narrative, where actions and events are coloured by a psychological intensity. The book contains elements of social criticism, with a strong sense of Christian morality at its core and is considered by many to be ahead of its time because of Jane's individualistic character and how the novel approaches the topics of class, sexuality, religion and feminism.";107;11;12.34;GBP;11
+251;The Raven;"""The Raven"" is a narrative poem by American writer Edgar Allan Poe. First published in January 1845, the poem is often noted for its musicality, stylized language, and supernatural atmosphere. It tells of a talking raven's mysterious visit to a distraught lover, tracing the man's slow fall into madness. The lover, often identified as being a student, is lamenting the loss of his love, Lenore. Sitting on a bust of Pallas, the raven seems to further distress the protagonist with its constant repetition of the word ""Nevermore"". The poem makes use of folk, mythological, religious, and classical references.";150;333;13.13;USD;16
+252;Eleonora;"""Eleonora"" is a short story by Edgar Allan Poe, first published in 1842 in Philadelphia in the literary annual The Gift. It is often regarded as somewhat autobiographical and has a relatively ""happy"" ending.";150;555;14;USD;16
+271;Catweazle;Catweazle is a British fantasy television series, starring Geoffrey Bayldon in the title role, and created by Richard Carpenter for London Weekend Television. The first series, produced and directed by Quentin Lawrence, was screened in the UK on ITV in 1970. The second series, directed by David Reid and David Lane, was shown in 1971. Each series had thirteen episodes, most but not all written by Carpenter, who also published two books based on the scripts.;170;22;15;EUR;13

gdpr/db/data/sap.capire.bookshop-Books_texts.csv

@@ -0,0 +1,5 @@
+ID;locale;title;descr
+201;de;Sturmhöhe;Sturmhöhe (Originaltitel: Wuthering Heights) ist der einzige Roman der englischen Schriftstellerin Emily Brontë (1818–1848). Der 1847 unter dem Pseudonym Ellis Bell veröffentlichte Roman wurde vom viktorianischen Publikum weitgehend abgelehnt, heute gilt er als ein Klassiker der britischen Romanliteratur des 19. Jahrhunderts.
+201;fr;Les Hauts de Hurlevent;Les Hauts de Hurlevent (titre original : Wuthering Heights), parfois orthographié Les Hauts de Hurle-Vent, est l'unique roman d'Emily Brontë, publié pour la première fois en 1847 sous le pseudonyme d’Ellis Bell. Loin d'être un récit moralisateur, Emily Brontë achève néanmoins le roman dans une atmosphère sereine, suggérant le triomphe de la paix et du Bien sur la vengeance et le Mal.
+207;de;Jane Eyre;Jane Eyre. Eine Autobiographie (Originaltitel: Jane Eyre. An Autobiography), erstmals erschienen im Jahr 1847 unter dem Pseudonym Currer Bell, ist der erste veröffentlichte Roman der britischen Autorin Charlotte Brontë und ein Klassiker der viktorianischen Romanliteratur des 19. Jahrhunderts. Der Roman erzählt in Form einer Ich-Erzählung die Lebensgeschichte von Jane Eyre (ausgesprochen /ˌdʒeɪn ˈɛə/), die nach einer schweren Kindheit eine Stelle als Gouvernante annimmt und sich in ihren Arbeitgeber verliebt, jedoch immer wieder um ihre Freiheit und Selbstbestimmung kämpfen muss. Als klein, dünn, blass, stets schlicht dunkel gekleidet und mit strengem Mittelscheitel beschrieben, gilt die Heldin des Romans Jane Eyre nicht zuletzt aufgrund der Kino- und Fernsehversionen der melodramatischen Romanvorlage als die bekannteste englische Gouvernante der Literaturgeschichte
+252;de;Eleonora;“Eleonora” ist eine Erzählung von Edgar Allan Poe. Sie wurde 1841 erstveröffentlicht. In ihr geht es um das Paradox der Treue in der Treulosigkeit.

gdpr/db/data/sap.capire.bookshop-CustomerBillingData.csv

@@ -0,0 +1,3 @@
+ID;modifiedAt;createdAt;createdBy;modifiedBy;Customer_ID;creditCardNo
+1e2f2640-6866-4dcf-8f4d-3027aa831cad;2019-04-04;2019-01-31;[email protected];[email protected];8e2f2640-6866-4dcf-8f4d-3027aa831cad;2222-1111-6666-7777
+24e718c9-ff99-47f1-8ca3-950c850777d4;2019-04-04;2019-01-30;[email protected];[email protected];74e718c9-ff99-47f1-8ca3-950c850777d4;3333-2222-5555-8888

gdpr/db/data/sap.capire.bookshop-CustomerPostalAddress.csv

@@ -0,0 +1,3 @@
+ID;modifiedAt;createdAt;createdBy;modifiedBy;Customer_ID;street;town;country_code;someOtherField
+1e2f2640-6866-4dcf-8f4d-3027aa831cad;2019-04-04;2019-01-31;[email protected];[email protected];8e2f2640-6866-4dcf-8f4d-3027aa831cad;Hauptstrasse 11;Berlin;DE;Eine Bemerkung
+24e718c9-ff99-47f1-8ca3-950c850777d4;2019-04-04;2019-01-30;[email protected];[email protected];74e718c9-ff99-47f1-8ca3-950c850777d4;Main Street 22;London;GB;Some Remark

gdpr/db/data/sap.capire.bookshop-Customers.csv

@@ -0,0 +1,3 @@
+ID;modifiedAt;createdAt;createdBy;modifiedBy;email;firstName;lastName;dateOfBirth
+8e2f2640-6866-4dcf-8f4d-3027aa831cad;2019-04-04;2019-01-31;[email protected];[email protected];[email protected];John;Doe;1970-01-01
+74e718c9-ff99-47f1-8ca3-950c850777d4;2019-04-04;2019-01-30;[email protected];[email protected];[email protected];Jane;Doe;1980-11-11

gdpr/db/data/sap.capire.bookshop-Genres.csv

@@ -0,0 +1,16 @@
+ID;parent_ID;name
+10;;Fiction
+11;10;Drama
+12;10;Poetry
+13;10;Fantasy
+14;10;Science Fiction
+15;10;Romance
+16;10;Mystery
+17;10;Thriller
+18;10;Dystopia
+19;10;Fairy Tale
+20;;Non-Fiction
+21;20;Biography
+22;21;Autobiography
+23;20;Essay
+24;20;Speech

gdpr/db/data/sap.capire.bookshop-OrderItems.csv

@@ -0,0 +1,4 @@
+ID;amount;parent_ID;book_ID;netAmount
+78040e66-1dcd-4ffb-ab10-fdce32028b79;1;5e2f2640-6866-4dcf-8f4d-3027aa831cad;201;11.11
+84e718c9-ff99-47f1-8ca3-950c850777d4;1;5e2f2640-6866-4dcf-8f4d-3027aa831cad;271;15
+f9641166-e050-4261-bfee-d1e797e6cb7f;2;44e718c9-ff99-47f1-8ca3-950c850777d4;252;28

gdpr/db/data/sap.capire.bookshop-Orders.csv

@@ -0,0 +1,3 @@
+ID;modifiedAt;createdAt;createdBy;modifiedBy;OrderNo;currency_code;Customer_ID
+5e2f2640-6866-4dcf-8f4d-3027aa831cad;2019-04-04;2019-01-31;[email protected];[email protected];1;USD;8e2f2640-6866-4dcf-8f4d-3027aa831cad
+44e718c9-ff99-47f1-8ca3-950c850777d4;2019-04-04;2019-01-30;[email protected];[email protected];2;USD;74e718c9-ff99-47f1-8ca3-950c850777d4

gdpr/db/schema.cds

@@ -0,0 +1,37 @@
+// Proxy for importing schema from bookshop sample
+using { sap.capire.bookshop.Books }        from '../../bookshop/db/schema';
+using { sap.capire.orders.Orders }         from '../../orders/db/schema';
+using { sap.capire.orders.OrderItems }     from '../../orders/db/schema';
+using { Country, managed, cuid }           from '@sap/cds/common';
+
+namespace sap.capire.bookshop;
+
+extend Orders with { 
+  Customer        : Association to Customers; 
+  personalComment : String;
+}  
+
+entity Customers : cuid, managed {
+  email         : String;
+  firstName     : String;
+  lastName      : String;
+ // creditCardNo  : String;
+  dateOfBirth   : Date;
+  billingData   : Composition of one CustomerBillingData   on billingData.Customer   = $self;
+  postalAddress : Composition of one CustomerPostalAddress on postalAddress.Customer = $self;
+}
+
+entity CustomerPostalAddress : cuid, managed {
+  Customer       : Association to one Customers;
+  street         : String(128);
+  town           : String(128);
+  country        : Country;           
+  someOtherField : String(128);
+};
+
+
+entity CustomerBillingData : cuid, managed {
+  Customer      : Association to one Customers;
+  creditCardNo  : String;
+};
+

gdpr/db/src/.hdiconfig

@@ -0,0 +1,136 @@
+{
+    "file_suffixes": {
+        "csv": {
+            "plugin_name": "com.sap.hana.di.tabledata.source"
+        },
+        "hdbafllangprocedure": {
+            "plugin_name": "com.sap.hana.di.afllangprocedure"
+        },
+        "hdbanalyticprivilege": {
+            "plugin_name": "com.sap.hana.di.analyticprivilege"
+        },
+        "hdbcalculationview": {
+            "plugin_name": "com.sap.hana.di.calculationview"
+        },
+        "hdbcollection": {
+            "plugin_name": "com.sap.hana.di.collection"
+        },
+        "hdbconstraint": {
+            "plugin_name": "com.sap.hana.di.constraint"
+        },
+        "hdbdropcreatetable": {
+            "plugin_name": "com.sap.hana.di.dropcreatetable"
+        },
+        "hdbflowgraph": {
+            "plugin_name": "com.sap.hana.di.flowgraph"
+        },
+        "hdbfunction": {
+            "plugin_name": "com.sap.hana.di.function"
+        },
+        "hdbgraphworkspace": {
+            "plugin_name": "com.sap.hana.di.graphworkspace"
+        },
+        "hdbhadoopmrjob": {
+            "plugin_name": "com.sap.hana.di.virtualfunctionpackage.hadoop"
+        },
+        "hdbindex": {
+            "plugin_name": "com.sap.hana.di.index"
+        },
+        "hdblibrary": {
+            "plugin_name": "com.sap.hana.di.library"
+        },
+        "hdbmigrationtable": {
+            "plugin_name": "com.sap.hana.di.table.migration"
+        },
+        "hdbprocedure": {
+            "plugin_name": "com.sap.hana.di.procedure"
+        },
+        "hdbprojectionview": {
+            "plugin_name": "com.sap.hana.di.projectionview"
+        },
+        "hdbprojectionviewconfig": {
+            "plugin_name": "com.sap.hana.di.projectionview.config"
+        },
+        "hdbreptask": {
+            "plugin_name": "com.sap.hana.di.reptask"
+        },
+        "hdbresultcache": {
+            "plugin_name": "com.sap.hana.di.resultcache"
+        },
+        "hdbrole": {
+            "plugin_name": "com.sap.hana.di.role"
+        },
+        "hdbroleconfig": {
+            "plugin_name": "com.sap.hana.di.role.config"
+        },
+        "hdbsearchruleset": {
+            "plugin_name": "com.sap.hana.di.searchruleset"
+        },
+        "hdbsequence": {
+            "plugin_name": "com.sap.hana.di.sequence"
+        },
+        "hdbstatistics": {
+            "plugin_name": "com.sap.hana.di.statistics"
+        },
+        "hdbstructuredprivilege": {
+            "plugin_name": "com.sap.hana.di.structuredprivilege"
+        },
+        "hdbsynonym": {
+            "plugin_name": "com.sap.hana.di.synonym"
+        },
+        "hdbsynonymconfig": {
+            "plugin_name": "com.sap.hana.di.synonym.config"
+        },
+        "hdbsystemversioning": {
+            "plugin_name": "com.sap.hana.di.systemversioning"
+        },
+        "hdbtable": {
+            "plugin_name": "com.sap.hana.di.table"
+        },
+        "hdbtabledata": {
+            "plugin_name": "com.sap.hana.di.tabledata"
+        },
+        "hdbtabletype": {
+            "plugin_name": "com.sap.hana.di.tabletype"
+        },
+        "hdbtrigger": {
+            "plugin_name": "com.sap.hana.di.trigger"
+        },
+        "hdbview": {
+            "plugin_name": "com.sap.hana.di.view"
+        },
+        "hdbvirtualfunction": {
+            "plugin_name": "com.sap.hana.di.virtualfunction"
+        },
+        "hdbvirtualfunctionconfig": {
+            "plugin_name": "com.sap.hana.di.virtualfunction.config"
+        },
+        "hdbvirtualpackagehadoop": {
+            "plugin_name": "com.sap.hana.di.virtualpackage.hadoop"
+        },
+        "hdbvirtualpackagesparksql": {
+            "plugin_name": "com.sap.hana.di.virtualpackage.sparksql"
+        },
+        "hdbvirtualprocedure": {
+            "plugin_name": "com.sap.hana.di.virtualprocedure"
+        },
+        "hdbvirtualprocedureconfig": {
+            "plugin_name": "com.sap.hana.di.virtualprocedure.config"
+        },
+        "hdbvirtualtable": {
+            "plugin_name": "com.sap.hana.di.virtualtable"
+        },
+        "hdbvirtualtableconfig": {
+            "plugin_name": "com.sap.hana.di.virtualtable.config"
+        },
+        "properties": {
+            "plugin_name": "com.sap.hana.di.tabledata.properties"
+        },
+        "tags": {
+            "plugin_name": "com.sap.hana.di.tabledata.properties"
+        },
+        "txt": {
+            "plugin_name": "com.sap.hana.di.copyonly"
+        }
+    }
+}

gdpr/index.cds

@@ -0,0 +1,4 @@
+namespace sap.capire.gdpr; //> important for reflection
+using from './db/schema';
+using from './srv/pdm-service';
+using from './srv/log-service';