OData CRUD from XSJS-Outbound API

OData CRUD from XSJS-Outbound API

SAP HANA Extended Application Services (SAP HANA XS) includes a server-side JavaScript API that enables outbound access to a defined HTTP destination. The HTTP destination provides services which an application can use. In the following steps , we will configure the connectivity with netweaver gateway system which provides us a Employee Odata service where we can C,R,U & D Employee details.

Step 1 : Create a XS Project in the project perspective.

Create a XS project in the project explorer, maintaine .xsaccess file and .xsapp files and create four individual xsjs files for CRUD operations. After this step , our project hierarchy will look like below.

Step 2 : Create a XS HTTP Connection parameters.

Maintain a folder under the main project level named service, inside which we can maintain our connectivity parameters to the net weaver gateway.

Create a file named gateway.httpdest with the connection parameters as below.

host = “Target IP Address”;

port = Target Host;

description = “ABAP Gateway test”;

pathPrefix = “/sap/opu/odata/sap/ZEMPLOYEE_SRV”;

authType = none;

useProxy = false;

proxyHost = “”;

proxyPort = 0;

timeout = 0;

Step 3 : Implement GetEntity.xsjs.

Here in this file, we will implement the Read operation on the Odata URL.


var destination;
var client;
var request;
var employeeID;
//Read the input employee number which is to be read
employeeID = $.request.parameters.get("EMPID");
try{
    //Reading the destination properties
    destination = $.net.http.readDestination("CRUD.service","gateway");
    //Creating HTTP Client
    client = new $.net.http.Client();
    //Creating Request
    request = new $.web.WebRequest($.net.http.GET,"Employee('"+employeeID+"')?$format=json");
    client.request(request,destination);
    //Getting the response body and setting as output data
    $.response.setBody(client.getResponse().body.asString());
}
catch(errorObj){
  $.response.setBody(JSON.stringify({
  ERROR : errorObj.message
  }));
}

Output :

Step 3 : Implement CreateEntity.xsjs.

When an OData POST (Create) call is made, it is very much important to manage the Cross site request forgery by handling CSRF tokens(en.wikipedia.org/wiki/Cross-site_request_forgery ).

In order to make a POST call, we can trigger a GET(Read) request to the gateway system with the header “X-CSRF-Token” , and can use the returned CSRF Token.

getCSRF() function would return the CSRF Token to make the POST call. We can implement this method in the file CreateEntity.xsjs


var destination;
var client;
destination = $.net.http.readDestination("CRUD.service","gateway");
client = new $.net.http.Client();
function getCSRF()
{
  var request;
  var response;
  try{
    //GET Operation on the base odata URL
    request = new $.web.WebRequest($.net.http.GET,"/");
    //X-CSRF-Token header will be set with value Fetch
    request.headers.set("X-CSRF-Token", "Fetch");
    client.request(request,destination);
    response = client.getResponse();
    //reading the token from response header
    return response.headers.get("X-CSRF-Token").toString();
  }
  catch(errorObj){
  $.response.setBody(JSON.stringify({
  ERROR : errorObj.message
  }));
  return "CSRF TOKEN FETCH FAILED : " + errorObj.message;
  }
}

Implementing the POST Method call :


function makePOSTCall(CSRF){
  //Specifying the entity name for the POST operation
  var request = new $.web.WebRequest($.net.http.POST,"/Employee");
  try{
  //Setting the token header
  request.headers.set("x-csrf-token",CSRF);
  //Application content type
  request.headers.set("Content-Type","application/json");
  request.headers.set("X-Requested-With","XMLHttpRequest");
  //setting the data to be created
  request.setBody(JSON.stringify(
  {
  d: {
  Empid:"0000006000",
  Ename:"RAHUL GANDHI",
  Phone:"00000999999999"
  }
  }));
  client.request(request, destination);
  //Checking the status ( 201 for success )
return client.getResponse().status;// === '201' ? "Successfully Created" : "Not created:";
  }
  catch(eee){
  return "Error:"+eee.message;
  }
}
$.response.setBody(makePOSTCall(getCSRF()));

Output :

Step 4 : Implement DeleteEntity.xsjs.

To DELETE an entity , we need to specify the Entity Key which is to be deleted and the OData operation DEL. For deletion, we do not need to pass any body as the body is irrelevant for the operation.


function deleteEmployee(CSRF){
  try{
  destination = $.net.http.readDestination("CRUD.service","gateway");
  client = new $.net.http.Client();
  //Specifying the entity name for the DELETE operation
  var request = new $.web.WebRequest($.net.http.DEL,"/Employee('"+employeeID+"')");
  //Setting the token header
  request.headers.set("x-csrf-token",CSRF);
  //Application content type
  request.headers.set("Content-Type","application/json");
  request.headers.set("X-Requested-With","XMLHttpRequest");
  client.request(request, destination);
  //Checking the status ( 204 for successful deletion )

  return client.getResponse().status;
  }
  catch(eee){
  return "Error:"+eee.message;
  }
}
$.response.setBody(deleteEmployee(getCSRF()));

We can use the same getCSRF() function used in CreateEntity.xsjs, her also.

Output :

Step 5 : Implement UpdateEntity.xsjs.

While updating an entity , specify the key value of the entity to be updated and the new entity data in the http body.


function makePOSTCall(CSRF){
  //Specifying the entity name for the PUT operation
  var request = new $.web.WebRequest($.net.http.PUT,"/Employee('0000001000')");
  try{
  //Setting the token header
  request.headers.set("x-csrf-token",CSRF);
  //Application content type
  request.headers.set("Content-Type","application/json");
  request.headers.set("X-Requested-With","XMLHttpRequest");
  //setting the data to be created
  request.setBody(JSON.stringify(
  {
  d: {
  Empid:"0000001000",
  Ename:"Name Changed",
  Phone:"00000999999000"
  }
  }));
  client.request(request, destination);
  //Checking the status ( 204 for success )
  return client.getResponse().status;// === '204' ? "Successfully Created" : "Not created:";
  }
  catch(eee){
  return "Error:"+eee.message;
  }
}
$.response.setBody(makePOSTCall(getCSRF()));

Output :

References :

odata.org,SAP HANA Developer guide

Regards

Sreehari V Pillai

“Save Nature For the Future”

5 Comments

You must be Logged on to comment or reply to a post.

Krishna Kishor Kammaje July 28, 2014 at 7:32 pm

Sreehari,

While connecting to Gateway, I do not see you authenticating with Gateway.

How is authentication happening here to Gateway?

like (0)
1. Sreehari V Pillai Post authorJuly 29, 2014 at 4:55 pm
  
  Krishna,
  
  For this case, I hard coded the credentials in the SICF node itself.
  
  Sreehari
  
  like (0)
Sangamesh Hanumantha Sangamad January 8, 2015 at 9:57 am

Hello,

Sreehari V Pillai

Thanks for the nice blog. Could you please throw some light on this one? Call ABAP function modules from HANA. Just to make sure I am on the right path.

Thanks

Sangamesh

like (0)
Yeison Noreña February 25, 2016 at 4:45 pm

Hi,

Thank you very much for sharing your knowledge; Secondly you colaborarme the following drawback could?

http://scn.sap.com/thread/3868344

Regards.

like (0)
1. Sreehari V Pillai Post authorMay 29, 2016 at 8:38 am
  
  no donuts 🙁
  
  like (1)