From dbb767be2ccfe8a7e66f855a9ce3fb086af2c0a2 Mon Sep 17 00:00:00 2001
From: Marc Becker <marc.becker@sap.com>
Date: Fri, 13 Feb 2026 16:06:52 +0100
Subject: [PATCH 1/4] Prepare connection with XTravels

Expose an IAS API for App2App flow
---
 mta.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/mta.yaml b/mta.yaml
index afa3f53..b7ffff9 100644
--- a/mta.yaml
+++ b/mta.yaml
@@ -56,6 +56,8 @@ resources:
       service-plan: application
       config:
         display-name: xflights-java
+        provided-apis:
+        - name: xflights-data
   - name: xflights-db
     type: com.sap.xs.hdi-container
     parameters:

From cc7f6e5e4f005c71ea4673209649e7917f685cb3 Mon Sep 17 00:00:00 2001
From: Marc Becker <marc.becker@sap.com>
Date: Fri, 13 Feb 2026 16:47:31 +0100
Subject: [PATCH 2/4] Align with Security Guide

---
 mta.yaml                                | 3 ++-
 srv/authorizations.cds                  | 3 +++
 srv/src/main/resources/application.yaml | 4 ++++
 3 files changed, 9 insertions(+), 1 deletion(-)
 create mode 100644 srv/authorizations.cds

diff --git a/mta.yaml b/mta.yaml
index b7ffff9..38bbca5 100644
--- a/mta.yaml
+++ b/mta.yaml
@@ -57,7 +57,8 @@ resources:
       config:
         display-name: xflights-java
         provided-apis:
-        - name: xflights-data
+        - name: DataConsumer
+          description: Grants technical access to data service API
   - name: xflights-db
     type: com.sap.xs.hdi-container
     parameters:
diff --git a/srv/authorizations.cds b/srv/authorizations.cds
new file mode 100644
index 0000000..ce414f9
--- /dev/null
+++ b/srv/authorizations.cds
@@ -0,0 +1,3 @@
+using { sap.capire.flights.data as data } from './data-service';
+
+annotate data with @(requires: 'DataConsumer');
diff --git a/srv/src/main/resources/application.yaml b/srv/src/main/resources/application.yaml
index d222354..56c7e82 100644
--- a/srv/src/main/resources/application.yaml
+++ b/srv/src/main/resources/application.yaml
@@ -18,3 +18,7 @@ spring:
   sql.init.platform: h2
 cds:
   data-source.auto-config.enabled: false
+  security.mock.users:
+    consumer:
+      roles:
+      - DataConsumer

From b7d12d37606bd79114e5bd10e5cd0079460e3f40 Mon Sep 17 00:00:00 2001
From: Marc Becker <marc.becker@sap.com>
Date: Mon, 16 Feb 2026 11:16:38 +0100
Subject: [PATCH 3/4] Use data-consumer

---
 mta.yaml                                | 2 +-
 srv/authorizations.cds                  | 2 +-
 srv/src/main/resources/application.yaml | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/mta.yaml b/mta.yaml
index 38bbca5..87f5c7d 100644
--- a/mta.yaml
+++ b/mta.yaml
@@ -57,7 +57,7 @@ resources:
       config:
         display-name: xflights-java
         provided-apis:
-        - name: DataConsumer
+        - name: data-consumer
           description: Grants technical access to data service API
   - name: xflights-db
     type: com.sap.xs.hdi-container
diff --git a/srv/authorizations.cds b/srv/authorizations.cds
index ce414f9..15eaece 100644
--- a/srv/authorizations.cds
+++ b/srv/authorizations.cds
@@ -1,3 +1,3 @@
 using { sap.capire.flights.data as data } from './data-service';
 
-annotate data with @(requires: 'DataConsumer');
+annotate data with @(requires: 'data-consumer');
diff --git a/srv/src/main/resources/application.yaml b/srv/src/main/resources/application.yaml
index 56c7e82..b9dba91 100644
--- a/srv/src/main/resources/application.yaml
+++ b/srv/src/main/resources/application.yaml
@@ -21,4 +21,4 @@ cds:
   security.mock.users:
     consumer:
       roles:
-      - DataConsumer
+      - data-consumer

From e5857031ea959c6d1d5a1be9a1686e6b278d3741 Mon Sep 17 00:00:00 2001
From: Marc Becker <marc.becker@sap.com>
Date: Mon, 16 Feb 2026 13:31:38 +0100
Subject: [PATCH 4/4] Allow internal-user access

---
 srv/authorizations.cds                  | 2 +-
 srv/src/main/resources/application.yaml | 4 ----
 2 files changed, 1 insertion(+), 5 deletions(-)

diff --git a/srv/authorizations.cds b/srv/authorizations.cds
index 15eaece..35f79ce 100644
--- a/srv/authorizations.cds
+++ b/srv/authorizations.cds
@@ -1,3 +1,3 @@
 using { sap.capire.flights.data as data } from './data-service';
 
-annotate data with @(requires: 'data-consumer');
+annotate data with @(requires: ['internal-user', 'data-consumer']);
diff --git a/srv/src/main/resources/application.yaml b/srv/src/main/resources/application.yaml
index b9dba91..d222354 100644
--- a/srv/src/main/resources/application.yaml
+++ b/srv/src/main/resources/application.yaml
@@ -18,7 +18,3 @@ spring:
   sql.init.platform: h2
 cds:
   data-source.auto-config.enabled: false
-  security.mock.users:
-    consumer:
-      roles:
-      - data-consumer