@sap/xsodata/lib/uri/checks/checkModificationForbidden.js

Expose data from a HANA database as OData V2 service with help of .xsodata files.

'use strict';
const Http403_Forbidden = require('../../utils/errors/http/forbidden');

module.exports = function checkModificationForbidden(context, callback) {
    const methodModificationMap = {
        put: 'update',
        post: 'create',
        delete: 'delete',
    };

    const modification =
        methodModificationMap[context.request.method.toLowerCase()];

    if (
        context.oData.dbSegmentLast.entityType.modifications[modification] ===
        'forbidden'
    ) {
        return callback(
            new Http403_Forbidden('Modification forbidden.'),
            context
        );
    }

    return callback(null, context);
};