cap-js · renejeglinsky · Jun 13, 2024 · Feb 9, 2024 · Feb 21, 2024 · Mar 13, 2024
@@ -33,8 +33,8 @@ Following the [best practice of separation of concerns](../domain-modeling#separ
 
 ::: code-group
 
-```cds [srv/data-privacy.cds]
-using { sap.capire.incidents as my } from '../db/extensions';
+```cds [db/data-privacy.cds]
+using { sap.capire.incidents as my } from '../db/schema';
 
 annotate my.Customers with @PersonalData : {
   DataSubjectRole : 'Customer',
@@ -45,6 +45,7 @@ annotate my.Customers with @PersonalData : {
   lastName     @PersonalData.IsPotentiallyPersonal;
   email        @PersonalData.IsPotentiallyPersonal;
   phone        @PersonalData.IsPotentiallyPersonal;
+  dateOfBirth  @PersonalData.IsPotentiallyPersonal;
   creditCardNo @PersonalData.IsPotentiallySensitive;
 };
 

@@ -26,7 +26,7 @@ _The following is mainly written from a Node.js perspective. For Java's perspect
 
 First identify entities and elements (potentially) holding personal data using `@PersonalData` annotations, as explained in detail in the [*Annotating Personal Data* chapter](annotations) of these guides.
 
-
+> We keep using the [Incidents Management reference sample app](https://github.com/cap-js/incidents-app).
 
 ## Add the Plugin { #setup }
 
@@ -94,7 +94,7 @@ cds env requires.audit-log --profile production
 
 ## Test-drive Locally
 
-The steps above is all we need to automatically log personal data-related events. Let's see that in action…
+The previous step is all we need to do to automatically log personal data-related events. Let's see that in action…
 
 1. **Start the server** as usual:
 
@@ -103,39 +103,42 @@ The steps above is all we need to automatically log personal data-related events
     ```
 
 2. **Send an update** request that changes personal data:
-
-    ```http
-    PATCH http://localhost:4004/admin/Customers(8e2f2640-6866-4dcf-8f4d-3027aa831cad) HTTP/1.1
+    ::: code-group
+    ```http [test/audit-logging.http]
+    PATCH http://localhost:4004/admin/Customers(2b87f6ca-28a2-41d6-8c69-ccf16aa6389d) HTTP/1.1
     Authorization: Basic alice:in-wonderland
     Content-Type: application/json
 
     {
-      "firstName": "Johnny",
-      "lastName": "Doey"
+      "firstName": "Jane",
+      "lastName": "Doe"
     }
     ```
+    :::
+
+    [Find more sample requests in the Incident Management sample.](https://github.com/cap-js/incidents-app/blob/attachments/test/audit-logging.http){.learn-more}
 
 3. **See the audit logs** in the server's console output:
 
     ```js
     {
       data_subject: {
-        type: 'AdminService.Customers',
-        id: { ID: '8e2f2640-6866-4dcf-8f4d-3027aa831cad' },
+        id: { ID: '2b87f6ca-28a2-41d6-8c69-ccf16aa6389d' },
         role: 'Customer',
+        type: 'AdminService.Customers'
       },
       object: {
-       type: 'AdminService.Customers',
-       id: { ID: '8e2f2640-6866-4dcf-8f4d-3027aa831cad' }
+        type: 'AdminService.Customers',
+        id: { ID: '2b87f6ca-28a2-41d6-8c69-ccf16aa6389d' }
       },
       attributes: [
-        { name: 'firstName', old: 'John', new: 'Johnny' },
-        { name: 'lastName', old: 'Doe', new: 'Doey' }
+        { name: 'firstName', old: 'Sunny', new: 'Jane' },
+        { name: 'lastName', old: 'Sunshine', new: 'Doe' }
       ],
-      user: 'alice',
+      uuid: '5cddbc91-8edf-4ba2-989b-87869d94070d',
       tenant: 't1',
-      uuid: '1391A703E2CBE52E817269EC7527368C',
-      time: '2023-02-26T08:13:48.287Z'
+      user: 'alice',
+      time: 2024-02-08T09:21:45.021Z
     }
     ```
 

@@ -16,7 +16,7 @@ status: released
 
 {{ $frontmatter.synopsis }}
 
-::: warning _❗ To follow this cookbook hands-on you need an enterprise account._ <!--  -->
+:::warning To follow this cookbook hands-on you need an enterprise account.
 The SAP Personal Data Manager service is currently only available for [enterprise accounts](https://discovery-center.cloud.sap/missiondetail/3019/3297/). An entitlement in trial accounts is not possible.
 :::
 
@@ -37,45 +37,52 @@ Following the CAP principles, we recommend adding a new dedicated CAP service th
 Following the [best practice of separation of concerns](../domain-modeling#separation-of-concerns), we create a dedicated service for the integration with SAP Personal Data Manager:
 
 ::: code-group
-```cds [pdm-service.cds]
-using { sap.capire.incidents as db } from '@capire/incidents';
+```cds [srv/pdm-service.cds]
+using {sap.capire.incidents as db} from '../db/schema';
 
 @requires: 'PersonalDataManagerUser' // security check
-service PDMService {
+service PDMService @(path: '/pdm') {
 
   // Data Privacy annotations on 'Customers' and 'Addresses' are derived from original entity definitions
-  entity Customers as projection on db.Customers;
-  entity Addresses as projection on db.Addresses;
+  entity Customers                as projection on db.Customers;
+  entity Addresses                as projection on db.Addresses;
+  entity Incidents                as projection on db.Incidents
 
   // create view on Incidents and Conversations as flat projection
   entity IncidentConversationView as
-    select from Incidents {
-          ID, title, urgency, status,
-      key conversations.ID        as conversation_ID,
-          conversations.timestamp as conversation_timestamp,
-          conversations.author    as conversation_author,
-          conversations.message   as conversation_message,
-          customer.ID             as customer_ID,
-          customer.email          as customer_email
-    };
+      select from Incidents {
+              ID,
+              title,
+              urgency,
+              status,
+          key conversation.ID        as conversation_ID,
+              conversation.timestamp as conversation_timestamp,
+              conversation.author    as conversation_author,
+              conversation.message   as conversation_message,
+              customer.ID            as customer_ID,
+              customer.email         as customer_email
+      };
 
   // annotate new view
   annotate PDMService.IncidentConversationView with @(PersonalData.EntitySemantics: 'Other') {
-    customer_ID @PersonalData.FieldSemantics: 'DataSubjectID';
+      customer_ID @PersonalData.FieldSemantics: 'DataSubjectID';
   };
 
   // annotations for Personal Data Manager - Search Fields
   annotate Customers with @(Communication.Contact: {
-    n : {
-      surname : lastName,
-      given   : firstName
-    },
-    email : {
-      address : email
-    }
-  });
+        n    : {
+            surname: lastName,
+            given  : firstName
+        },
+        bday : dateOfBirth,
+        email: [{
+          type   : #preferred,
+          address: email}]
+    });
+
+  };
+
 
-};
 ```
 :::
 
@@ -115,6 +122,18 @@ To restrict access to this sensitive data, the `PDMservice` is protected by the
 
 
 
+
+At this point, you are done with your application. Let's set up the SAP Personal Data Manager and try it out.
+
+
+<span id="before-pdm" />
+
+## Connecting SAP Personal Data Manager
+
+Next, we will briefly detail the integration to SAP Personal Data Manager.
+A more comprehensive guide, incl. tutorials, is currently under development.
+For further details, see the [SAP Personal Data Manager Developer Guide](https://help.sap.com/docs/personal-data-manager/4adcd96ce00c4f1ba29ed11f646a5944/what-is-personal-data-manager).
+
 ### Activate Access Checks in _xs-security.json_
 
 Because we protected the `PDMservice`, we need to establish the security check properly. In particular, you need the _xs-security.json_ file to make the security check active. The following _xs-security.json_ is from our sample.
@@ -149,19 +168,6 @@ npm install @sap/xssec
 
 [Learn more about authorization in CAP using Node.js.](../../node.js/authentication#jwt){.learn-more}
 
-
-At this point, you are done with your application. Let's set up the SAP Personal Data Manager and try it out.
-
-
-
-## Connecting SAP Personal Data Manager
-
-Next, we will briefly detail the integration to SAP Personal Data Manager.
-A more comprehensive guide, incl. tutorials, is currently under development.
-For further details, see the [SAP Personal Data Manager Developer Guide](https://help.sap.com/docs/personal-data-manager/4adcd96ce00c4f1ba29ed11f646a5944/what-is-personal-data-manager).
-
-
-
 ### Build and Deploy Your Application
 
 The Personal Data Manager can't connect to your application running locally. Therefore, you first need to deploy your application. In our sample, we added two manifest files using `cds add cf-manifest` and SAP HANA configuration using `cds add hana`.
@@ -281,4 +287,4 @@ Open the SAP Personal Data Manager application from the _Instances and Subscript
 
 In the personal data manager application you can search for data subjects with _First Name_, _Last Name_, and _Date of Birth_, or alternatively with their _ID_.
 
-![A screenshot of the SAP Personal Data Manager application.](assets/pdmApplication.png){width="500"}
+![A screenshot of the SAP Personal Data Manager application.](assets/pdmApplication.png){width="500"}