@balena/pinejs 15.0.0-true-boolean-911aca4062d3132ad3c34712014739b6849fa13a → 15.0.0

package/src/sbvr-api/sbvr-utils.ts

@@ -12,7 +12,6 @@ declare global {
 	}
 }
 
-import * as Bluebird from 'bluebird';
 import * as _ from 'lodash';
 
 import { TypedError } from 'typed-error';
@@ -24,17 +23,19 @@ import { version as AbstractSQLCompilerVersion } from '@balena/abstract-sql-comp
 import * as LF2AbstractSQL from '@balena/lf-to-abstract-sql';
 
 import {
+	ODataBinds,
 	odataNameToSqlName,
 	sqlNameToODataName,
 	SupportedMethod,
 } from '@balena/odata-to-abstract-sql';
-import * as sbvrTypes from '@balena/sbvr-types';
+import sbvrTypes from '@balena/sbvr-types';
 import deepFreeze = require('deep-freeze');
 import { PinejsClientCore, PromiseResultTypes } from 'pinejs-client-core';
 
 import { ExtendedSBVRParser } from '../extended-sbvr-parser/extended-sbvr-parser';
 
-import * as migrator from '../migrator/migrator';
+import * as asyncMigrator from '../migrator/async';
+import * as syncMigrator from '../migrator/sync';
 import { generateODataMetadata } from '../odata-metadata/odata-metadata-generator';
 
 // tslint:disable-next-line:no-var-requires
@@ -57,12 +58,14 @@ import {
 	UnauthorizedError,
 } from './errors';
 import * as uriParser from './uri-parser';
+export { ODataRequest } from './uri-parser';
 import {
 	HookReq,
 	HookArgs,
 	rollbackRequestHooks,
 	getHooks,
 	runHooks,
+	InstantiatedHooks,
 } from './hooks';
 export {
 	HookReq,
@@ -72,13 +75,11 @@ export {
 	addPureHook,
 	addSideEffectHook,
 } from './hooks';
-// TODO-MAJOR: Remove
-export type HookRequest = uriParser.ODataRequest;
 
 import memoizeWeak = require('memoizee/weak');
 import * as controlFlow from './control-flow';
 
-export let db = (undefined as any) as Db.Database;
+export let db = undefined as any as Db.Database;
 
 export { sbvrTypes };
 
@@ -92,6 +93,7 @@ import {
 export { resolveOdataBind } from './abstract-sql';
 import * as odataResponse from './odata-response';
 import { env } from '../server-glue/module';
+import { translateAbstractSqlModel } from './translations';
 
 const LF2AbstractSQLTranslator = LF2AbstractSQL.createTranslator(sbvrTypes);
 const LF2AbstractSQLTranslatorVersion = `${LF2AbstractSQLVersion}+${sbvrTypesVersion}`;
@@ -102,14 +104,18 @@ export type ExecutableModel =
 
 interface CompiledModel {
 	vocab: string;
-	se?: string;
-	lf?: LFModel;
+	translateTo?: string;
+	resourceRenames?: ReturnType<typeof translateAbstractSqlModel>;
+	se?: string | undefined;
+	lf?: LFModel | undefined;
 	abstractSql: AbstractSQLCompiler.AbstractSqlModel;
-	sql: AbstractSQLCompiler.SqlModel;
+	sql?: AbstractSQLCompiler.SqlModel;
 	odataMetadata: ReturnType<typeof generateODataMetadata>;
 }
 const models: {
-	[vocabulary: string]: CompiledModel;
+	[vocabulary: string]: CompiledModel & {
+		versions: string[];
+	};
 } = {};
 
 export interface Actor {
@@ -123,14 +129,16 @@ export interface User extends Actor {
 
 export interface ApiKey extends Actor {
 	key: string;
-	actor?: number;
+	actor: number;
 }
 
-interface Response {
-	status?: number;
-	headers?: {
-		[headerName: string]: any;
-	};
+export interface Response {
+	statusCode: number;
+	headers?:
+		| {
+				[headerName: string]: any;
+		  }
+		| undefined;
 	body?: AnyObject | string;
 }
 
@@ -170,13 +178,12 @@ const memoizedResolveNavigationResource = memoizeWeak(
 		resourceName: string,
 		navigationName: string,
 	): string => {
-		const navigation = _(odataNameToSqlName(navigationName))
+		const navigation = odataNameToSqlName(navigationName)
 			.split('-')
 			.flatMap((namePart) =>
 				memoizedResolvedSynonym(abstractSqlModel, namePart).split('-'),
-			)
-			.concat('$')
-			.value();
+			);
+		navigation.push('$');
 		const resolvedResourceName = memoizedResolvedSynonym(
 			abstractSqlModel,
 			resourceName,
@@ -226,13 +233,14 @@ const prettifyConstraintError = (
 		if (err instanceof db.UniqueConstraintError) {
 			switch (db.engine) {
 				case 'mysql':
-					matches = /ER_DUP_ENTRY: Duplicate entry '.*?[^\\]' for key '(.*?[^\\])'/.exec(
-						err.message,
-					);
+					matches =
+						/ER_DUP_ENTRY: Duplicate entry '.*?[^\\]' for key '(.*?[^\\])'/.exec(
+							err.message,
+						);
 					break;
 				case 'postgres':
 					const resourceName = resolveSynonym(request);
-					const abstractSqlModel = getAbstractSqlModel(request);
+					const abstractSqlModel = getFinalAbstractSqlModel(request);
 					matches = new RegExp(
 						'"' + abstractSqlModel.tables[resourceName].name + '_(.*?)_key"',
 					).exec(err.message);
@@ -258,13 +266,14 @@ const prettifyConstraintError = (
 		if (err instanceof db.ForeignKeyConstraintError) {
 			switch (db.engine) {
 				case 'mysql':
-					matches = /ER_ROW_IS_REFERENCED_: Cannot delete or update a parent row: a foreign key constraint fails \(".*?"\.(".*?").*/.exec(
-						err.message,
-					);
+					matches =
+						/ER_ROW_IS_REFERENCED_: Cannot delete or update a parent row: a foreign key constraint fails \(".*?"\.(".*?").*/.exec(
+							err.message,
+						);
 					break;
 				case 'postgres':
 					const resourceName = resolveSynonym(request);
-					const abstractSqlModel = getAbstractSqlModel(request);
+					const abstractSqlModel = getFinalAbstractSqlModel(request);
 					const tableName = abstractSqlModel.tables[resourceName].name;
 					matches = new RegExp(
 						'"' +
@@ -296,7 +305,7 @@ const prettifyConstraintError = (
 
 		if (err instanceof db.CheckConstraintError) {
 			const resourceName = resolveSynonym(request);
-			const abstractSqlModel = getAbstractSqlModel(request);
+			const abstractSqlModel = getFinalAbstractSqlModel(request);
 			const table = abstractSqlModel.tables[resourceName];
 			if (table.checks) {
 				switch (db.engine) {
@@ -327,13 +336,104 @@ const prettifyConstraintError = (
 	}
 };
 
+let cachedIsModelNew: Set<string> | undefined;
+
+/**
+ *
+ * @param tx database transaction - Needs to be executed in one contained config-loader transaction
+ * @param modelName name of the model to check the database for existence
+ * @returns true when the model was existing in database before pine config-loader is executed,
+ * 			false when the model was not existing before config-loader was executed.
+ *
+ * ATTENTION: This function needs to be executed in the same transaction as all model manipulating
+ * operations are executed in (as migration table operations). Otherwise it's possible that an INSERT INTO "model"
+ * statement executes and succeeds. Then afterwards execution fails and the isModelNew request would return `false`.
+ * In the case of migrations the table wouldn't have an entry and therefore it would try to run all the historical
+ * migrations on a new model.
+ */
+
+export const isModelNew = async (
+	tx: Db.Tx,
+	modelName: string,
+): Promise<boolean> => {
+	const result = await tx.tableList("name = 'model'");
+	if (result.rows.length === 0) {
+		return true;
+	}
+	if (cachedIsModelNew == null) {
+		const { rows } = await tx.executeSql(
+			`SELECT "is of-vocabulary" FROM "model";`,
+		);
+		cachedIsModelNew = new Set<string>(
+			rows.map((row) => row['is of-vocabulary']),
+		);
+	}
+
+	return !cachedIsModelNew.has(modelName);
+};
+
+const bindsForAffectedIds = (
+	bindings: AbstractSQLCompiler.Binding[],
+	request?: Pick<
+		uriParser.ODataRequest,
+		| 'vocabulary'
+		| 'abstractSqlModel'
+		| 'method'
+		| 'resourceName'
+		| 'affectedIds'
+	>,
+) => {
+	if (request?.affectedIds == null) {
+		return {};
+	}
+
+	const tableName =
+		getAbstractSqlModel(request).tables[resolveSynonym(request)].name;
+
+	// If we're deleting the affected IDs then we can't narrow our rule to
+	// those IDs that are now missing
+	const isDelete = request.method === 'DELETE';
+
+	const odataBinds: { [key: string]: any } = {};
+	for (const bind of bindings) {
+		if (
+			bind.length !== 2 ||
+			bind[0] !== 'Bind' ||
+			typeof bind[1] !== 'string'
+		) {
+			continue;
+		}
+
+		const bindName = bind[1];
+		if (!isDelete && bindName === tableName) {
+			odataBinds[bindName] = ['Text', `{${request.affectedIds}}`];
+		} else {
+			odataBinds[bindName] = ['Text', '{}'];
+		}
+	}
+
+	return odataBinds;
+};
+
 export const validateModel = async (
 	tx: Db.Tx,
 	modelName: string,
-	request?: uriParser.ODataRequest,
+	request?: Pick<
+		uriParser.ODataRequest,
+		| 'abstractSqlQuery'
+		| 'modifiedFields'
+		| 'method'
+		| 'vocabulary'
+		| 'resourceName'
+		| 'affectedIds'
+	>,
 ): Promise<void> => {
+	const { sql } = models[modelName];
+	if (!sql) {
+		throw new Error(`Tried to validate a virtual model: '${modelName}'`);
+	}
 	await Promise.all(
-		models[modelName].sql.rules.map(async (rule) => {
+		sql.rules.map(async (rule) => {
 			if (!isRuleAffected(rule, request)) {
 				// If none of the fields intersect we don't need to run the rule! :D
 				return;
@@ -342,7 +442,16 @@ export const validateModel = async (
 			const values = await getAndCheckBindValues(
 				{
 					vocabulary: modelName,
-					odataBinds: [],
+					// TODO: `odataBinds` is of type `ODataBinds`, which is an
+					// array with extra arbitrary fields. `getAndCheckBindValues`
+					// accepts that and also a pure object form for this
+					// argument. Given how arrays have predefined symbols,
+					// `bindsForAffectedIds` cannot return an `ODataBinds`.
+					// Both `ODataBinds` and `getAndCheckBindValues` should be
+					// fixed to accept a pure object with both string and
+					// numerical keys, for named and positional binds
+					// respectively
+					odataBinds: bindsForAffectedIds(rule.bindings, request) as any,
 					values: {},
 					engine: db.engine,
 				},
@@ -384,11 +493,19 @@ export const generateSqlModel = (
 		() => AbstractSQLCompiler[targetDatabaseEngine].compileSchema(abstractSql),
 	);
 
-export const generateModels = (
+export function generateModels(
+	model: ExecutableModel & { translateTo?: undefined },
+	targetDatabaseEngine: AbstractSQLCompiler.Engines,
+): RequiredField<CompiledModel, 'sql'>;
+export function generateModels(
+	model: ExecutableModel,
+	targetDatabaseEngine: AbstractSQLCompiler.Engines,
+): CompiledModel;
+export function generateModels(
 	model: ExecutableModel,
 	targetDatabaseEngine: AbstractSQLCompiler.Engines,
-): CompiledModel => {
-	const { apiRoot: vocab, modelText: se } = model;
+): CompiledModel {
+	const { apiRoot: vocab, modelText: se, translateTo, translations } = model;
 	let { abstractSql: maybeAbstractSql } = model;
 
 	let lf: ReturnType<typeof generateLfModel> | undefined;
@@ -416,16 +533,41 @@ export const generateModels = (
 		() => generateODataMetadata(vocab, abstractSql),
 	);
 
-	let sql: ReturnType<AbstractSQLCompiler.EngineInstance['compileSchema']>;
-	try {
-		sql = generateSqlModel(abstractSql, targetDatabaseEngine);
-	} catch (e) {
-		console.error(`Error compiling model '${vocab}':`, e);
-		throw new Error(`Error compiling model '${vocab}': ` + e);
+	let sql: AbstractSQLCompiler.SqlModel | undefined;
+	let resourceRenames: ReturnType<typeof translateAbstractSqlModel> | undefined;
+
+	if (translateTo != null) {
+		resourceRenames = translateAbstractSqlModel(
+			abstractSql,
+			models[translateTo].abstractSql,
+			model.apiRoot,
+			translateTo,
+			translations,
+		);
+	} else {
+		for (const [key, table] of Object.entries(abstractSql.tables)) {
+			// Alias the current version so it can be explicitly referenced
+			abstractSql.tables[`${key}$${model.apiRoot}`] = { ...table };
+		}
+		try {
+			sql = generateSqlModel(abstractSql, targetDatabaseEngine);
+		} catch (e) {
+			console.error(`Error compiling model '${vocab}':`, e);
+			throw new Error(`Error compiling model '${vocab}': ` + e);
+		}
 	}
 
-	return { vocab, se, lf, abstractSql, sql, odataMetadata };
-};
+	return {
+		vocab,
+		translateTo,
+		resourceRenames,
+		se,
+		lf,
+		abstractSql,
+		sql,
+		odataMetadata,
+	};
+}
 
 export const executeModel = (
 	tx: Db.Tx,
@@ -441,46 +583,60 @@ export const executeModels = async (
 			execModels.map(async (model) => {
 				const { apiRoot } = model;
 
-				await migrator.run(tx, model);
+				await syncMigrator.run(tx, model);
 				const compiledModel = generateModels(model, db.engine);
 
-				// Create tables related to terms and fact types
-				// Run statements sequentially, as the order of the CREATE TABLE statements matters (eg. for foreign keys).
-				for (const createStatement of compiledModel.sql.createSchema) {
-					const promise = tx.executeSql(createStatement);
-					if (db.engine === 'websql') {
-						promise.catch((err) => {
-							console.warn(
-								"Ignoring errors in the create table statements for websql as it doesn't support CREATE IF NOT EXISTS",
-								err,
-							);
-						});
+				if (compiledModel.sql) {
+					// Create tables related to terms and fact types
+					// Run statements sequentially, as the order of the CREATE TABLE statements matters (eg. for foreign keys).
+					for (const createStatement of compiledModel.sql.createSchema) {
+						const promise = tx.executeSql(createStatement);
+						if (db.engine === 'websql') {
+							promise.catch((err) => {
+								console.warn(
+									"Ignoring errors in the create table statements for websql as it doesn't support CREATE IF NOT EXISTS",
+									err,
+								);
+							});
+						}
+						await promise;
 					}
-					await promise;
 				}
-				await migrator.postRun(tx, model);
+				await syncMigrator.postRun(tx, model);
 
 				odataResponse.prepareModel(compiledModel.abstractSql);
 				deepFreeze(compiledModel.abstractSql);
-				models[apiRoot] = compiledModel;
+
+				const versions = [apiRoot];
+				if (compiledModel.translateTo != null) {
+					versions.push(...models[compiledModel.translateTo].versions);
+				}
+				models[apiRoot] = {
+					...compiledModel,
+					versions,
+				};
 
 				// Validate the [empty] model according to the rules.
 				// This may eventually lead to entering obligatory data.
 				// For the moment it blocks such models from execution.
-				await validateModel(tx, apiRoot);
+				if (compiledModel.sql) {
+					await validateModel(tx, apiRoot);
+				}
 
 				// TODO: Can we do this without the cast?
 				api[apiRoot] = new PinejsClient('/' + apiRoot + '/') as LoggingClient;
 				api[apiRoot].logger = { ...console };
 				if (model.logging != null) {
 					const defaultSetting = model.logging?.default ?? true;
+					const { logger } = api[apiRoot];
 					for (const k of Object.keys(model.logging)) {
 						const key = k as keyof Console;
 						if (
-							typeof api[apiRoot].logger[key] === 'function' &&
+							key !== 'Console' &&
+							typeof logger[key] === 'function' &&
 							!(model.logging?.[key] ?? defaultSetting)
 						) {
-							api[apiRoot].logger[key] = _.noop;
+							logger[key] = _.noop;
 						}
 					}
 				}
@@ -525,7 +681,10 @@ export const executeModels = async (
 					let uri = '/dev/model';
 					const body: AnyObject = {
 						is_of__vocabulary: model.vocab,
-						model_value: model[modelType],
+						model_value:
+							typeof model[modelType] === 'string'
+								? { value: model[modelType] }
+								: model[modelType],
 						model_type: modelType,
 					};
 					const id = result?.[0]?.id;
@@ -545,7 +704,13 @@ export const executeModels = async (
 				);
 			}),
 		);
-	} catch (err) {
+
+		await Promise.all(
+			execModels.map(async (model) => {
+				await asyncMigrator.run(tx, model);
+			}),
+		);
+	} catch (err: any) {
 		await Promise.all(
 			execModels.map(async ({ apiRoot }) => {
 				await cleanupModel(apiRoot);
@@ -561,27 +726,30 @@ const cleanupModel = (vocab: string) => {
 };
 
 export const deleteModel = async (vocabulary: string) => {
-	await db.transaction(async (tx) => {
-		const dropStatements: Array<Promise<any>> = models[
-			vocabulary
-		].sql.dropSchema.map((dropStatement) => tx.executeSql(dropStatement));
-		await Promise.all(
-			dropStatements.concat([
-				api.dev.delete({
-					resource: 'model',
-					passthrough: {
-						tx,
-						req: permissions.root,
-					},
-					options: {
-						$filter: {
-							is_of__vocabulary: vocabulary,
+	const { sql } = models[vocabulary];
+	if (sql) {
+		await db.transaction(async (tx) => {
+			const dropStatements: Array<Promise<any>> = sql.dropSchema.map(
+				(dropStatement) => tx.executeSql(dropStatement),
+			);
+			await Promise.all(
+				dropStatements.concat([
+					api.dev.delete({
+						resource: 'model',
+						passthrough: {
+							tx,
+							req: permissions.root,
 						},
-					},
-				}),
-			]),
-		);
-	});
+						options: {
+							$filter: {
+								is_of__vocabulary: vocabulary,
+							},
+						},
+					}),
+				]),
+			);
+		});
+	}
 	await cleanupModel(vocabulary);
 };
 
@@ -667,7 +835,7 @@ export const runRule = (() => {
 		}
 		const ruleBody = ruleAbs.find((node) => node[0] === 'Body') as [
 			'Body',
-			...any[]
+			...any[],
 		];
 		if (
 			ruleBody[1][0] === 'Not' &&
@@ -721,7 +889,7 @@ export const runRule = (() => {
 		const values = await getAndCheckBindValues(
 			{
 				vocabulary: vocab,
-				odataBinds: [],
+				odataBinds: [] as any as ODataBinds,
 				values: {},
 				engine: db.engine,
 			},
@@ -767,6 +935,7 @@ export type Passthrough = AnyObject & {
 };
 
 export class PinejsClient extends PinejsClientCore<PinejsClient> {
+	// @ts-expect-error This is actually assigned by `super` so it is always declared but that isn't detected here
 	public passthrough: Passthrough;
 	public async _request({
 		method,
@@ -811,7 +980,7 @@ export const runURI = async (
 	let user: User | undefined;
 	let apiKey: ApiKey | undefined;
 
-	if (req != null && _.isObject(req)) {
+	if (req != null && typeof req === 'object') {
 		user = req.user;
 		apiKey = req.apiKey;
 	} else {
@@ -853,15 +1022,15 @@ export const runURI = async (
 		throw response;
 	}
 
-	const { body: responseBody, status } = response as Response;
+	const { body: responseBody, statusCode, headers } = response as Response;
 
-	if (status != null && status >= 400) {
+	if (statusCode != null && statusCode >= 400) {
 		const ErrorClass =
-			statusCodeToError[status as keyof typeof statusCodeToError];
+			statusCodeToError[statusCode as keyof typeof statusCodeToError];
 		if (ErrorClass != null) {
-			throw new ErrorClass(undefined, responseBody);
+			throw new ErrorClass(undefined, responseBody, headers);
 		}
-		throw new HttpError(status, undefined, responseBody);
+		throw new HttpError(statusCode, undefined, responseBody, headers);
 	}
 
 	return responseBody as AnyObject | undefined;
@@ -873,12 +1042,28 @@ export const getAbstractSqlModel = (
 	return (request.abstractSqlModel ??= models[request.vocabulary].abstractSql);
 };
 
+const getFinalAbstractSqlModel = (
+	request: Pick<
+		uriParser.ODataRequest,
+		'translateVersions' | 'finalAbstractSqlModel'
+	>,
+): AbstractSQLCompiler.AbstractSqlModel => {
+	const finalModel = _.last(request.translateVersions)!;
+	return (request.finalAbstractSqlModel ??= models[finalModel].abstractSql);
+};
+
 const getIdField = (
 	request: Pick<
 		uriParser.ODataRequest,
-		'vocabulary' | 'abstractSqlModel' | 'resourceName'
+		| 'translateVersions'
+		| 'finalAbstractSqlModel'
+		| 'abstractSqlModel'
+		| 'resourceName'
+		| 'vocabulary'
 	>,
-) => getAbstractSqlModel(request).tables[resolveSynonym(request)].idField;
+) =>
+	// TODO: Should resolveSynonym also be using the finalAbstractSqlModel?
+	getFinalAbstractSqlModel(request).tables[resolveSynonym(request)].idField;
 
 export const getAffectedIds = async (
 	args: HookArgs & {
@@ -920,40 +1105,50 @@ const $getAffectedIds = async ({
 	}
 	// We reparse to make sure we get a clean odataQuery, without permissions already added
 	// And we use the request's url rather than the req for things like batch where the req url is ../$batch
-	request = await uriParser.parseOData({
-		method: request.method,
-		url: `/${request.vocabulary}${request.url}`,
-	});
+	const parsedRequest: uriParser.ParsedODataRequest &
+		Partial<Pick<uriParser.ODataRequest, 'engine' | 'translateVersions'>> =
+		await uriParser.parseOData({
+			method: request.method,
+			url: `/${request.vocabulary}${request.url}`,
+		});
 
-	request.engine = db.engine;
-	const abstractSqlModel = getAbstractSqlModel(request);
-	const resourceName = resolveSynonym(request);
+	parsedRequest.engine = request.engine;
+	parsedRequest.translateVersions = request.translateVersions;
+	// Mark that the engine is required now that we've set it
+	let affectedRequest: uriParser.ODataRequest = parsedRequest as RequiredField<
+		typeof parsedRequest,
+		'engine' | 'translateVersions'
+	>;
+	const abstractSqlModel = getAbstractSqlModel(affectedRequest);
+	const resourceName = resolveSynonym(affectedRequest);
 	const resourceTable = abstractSqlModel.tables[resourceName];
 	if (resourceTable == null) {
-		throw new Error('Unknown resource: ' + request.resourceName);
+		throw new Error('Unknown resource: ' + affectedRequest.resourceName);
 	}
 	const { idField } = resourceTable;
 
-	request.odataQuery.options ??= {};
-	request.odataQuery.options.$select = {
+	affectedRequest.odataQuery.options ??= {};
+	affectedRequest.odataQuery.options.$select = {
 		properties: [{ name: idField }],
 	};
 
 	// Delete any $expand that might exist as they're ignored on non-GETs but we're converting this request to a GET
-	delete request.odataQuery.options.$expand;
+	delete affectedRequest.odataQuery.options.$expand;
 
-	await permissions.addPermissions(req, request);
+	await permissions.addPermissions(req, affectedRequest);
 
-	request.method = 'GET';
+	affectedRequest.method = 'GET';
 
-	request = uriParser.translateUri(request);
-	request = compileRequest(request);
+	affectedRequest = uriParser.translateUri(affectedRequest);
+	affectedRequest = compileRequest(affectedRequest);
 
 	let result;
 	if (tx != null) {
-		result = await runQuery(tx, request);
+		result = await runQuery(tx, affectedRequest);
 	} else {
-		result = await runTransaction(req, (newTx) => runQuery(newTx, request));
+		result = await runTransaction(req, affectedRequest, (newTx) =>
+			runQuery(newTx, affectedRequest),
+		);
 	}
 	return result.rows.map((row) => row[idField]);
 };
@@ -965,10 +1160,18 @@ const runODataRequest = (req: Express.Request, vocabulary: string) => {
 
 	// Get the hooks for the current method/vocabulary as we know it,
 	// in order to run PREPARSE hooks, before parsing gets us more info
-	const reqHooks = getHooks({
-		method: req.method as SupportedMethod,
-		vocabulary,
-	});
+	const { versions } = models[vocabulary];
+	const reqHooks = versions.map((version): [string, InstantiatedHooks] => [
+		version,
+		getHooks(
+			{
+				method: req.method as SupportedMethod,
+				vocabulary: version,
+			},
+			// Only include the `all` vocab for the first model version
+			version === versions[0],
+		),
+	]);
 
 	const transactions: Db.Tx[] = [];
 	const tryCancelRequest = () => {
@@ -994,11 +1197,11 @@ const runODataRequest = (req: Express.Request, vocabulary: string) => {
 		req.tx.on('rollback', tryCancelRequest);
 	}
 
-	const mapSeries = controlFlow.getMappingFn(req.headers);
+	const mappingFn = controlFlow.getMappingFn(req.headers);
 
 	return {
 		tryCancelRequest,
-		promise: (async () => {
+		promise: (async (): Promise<Array<Response | Response[] | HttpError>> => {
 			await runHooks('PREPARSE', reqHooks, { req, tx: req.tx });
 			let requests: uriParser.UnparsedRequest[];
 			// Check if it is a single request or a batch
@@ -1009,20 +1212,54 @@ const runODataRequest = (req: Express.Request, vocabulary: string) => {
 				requests = [{ method, url, data: body }];
 			}
 
-			const prepareRequest = async ($request: uriParser.ODataRequest) => {
-				$request.engine = db.engine;
-				// Get the full hooks list now that we can.
-				$request.hooks = getHooks($request);
+			const prepareRequest = async (
+				parsedRequest: uriParser.ParsedODataRequest &
+					Partial<Pick<uriParser.ODataRequest, 'engine' | 'translateVersions'>>,
+			): Promise<uriParser.ODataRequest> => {
+				parsedRequest.engine = db.engine;
+				parsedRequest.translateVersions = [...versions];
+				// Mark that the engine/translateVersions is required now that we've set it
+				const $request: uriParser.ODataRequest = parsedRequest as RequiredField<
+					typeof parsedRequest,
+					'engine' | 'translateVersions'
+				>;
 				// Add/check the relevant permissions
 				try {
-					await runHooks('POSTPARSE', $request.hooks, {
-						req,
-						request: $request,
-						tx: req.tx,
-					});
+					$request.hooks = [];
+					for (const version of versions) {
+						// We get the hooks list between each `runHooks` so that any resource renames will be used
+						// when getting hooks for later versions
+						const hooks: [string, InstantiatedHooks] = [
+							version,
+							getHooks(
+								{
+									resourceName: $request.resourceName,
+									vocabulary: version,
+									method: $request.method,
+								},
+								// Only include the `all` vocab for the first model version
+								version === versions[0],
+							),
+						];
+						$request.hooks.push(hooks);
+						await runHooks('POSTPARSE', [hooks], {
+							req,
+							request: $request,
+							tx: req.tx,
+						});
+						const { resourceRenames } = models[version];
+						if (resourceRenames) {
+							const resourceName = resolveSynonym($request);
+							if (resourceRenames[resourceName]) {
+								$request.resourceName = sqlNameToODataName(
+									resourceRenames[resourceName],
+								);
+							}
+						}
+					}
 					const translatedRequest = await uriParser.translateUri($request);
 					return await compileRequest(translatedRequest);
-				} catch (err) {
+				} catch (err: any) {
 					rollbackRequestHooks(reqHooks);
 					rollbackRequestHooks($request.hooks);
 					throw err;
@@ -1030,55 +1267,62 @@ const runODataRequest = (req: Express.Request, vocabulary: string) => {
 			};
 
 			// Parse the OData requests
-			const results = await mapSeries(requests, async (requestPart) => {
-				let request = await uriParser.parseOData(requestPart);
+			const results = await mappingFn(requests, async (requestPart) => {
+				const parsedRequest = await uriParser.parseOData(requestPart);
 
-				if (Array.isArray(request)) {
-					request = await Bluebird.mapSeries(request, prepareRequest);
+				let request: uriParser.ODataRequest | uriParser.ODataRequest[];
+				if (Array.isArray(parsedRequest)) {
+					request = await controlFlow.mapSeries(parsedRequest, prepareRequest);
 				} else {
-					request = await prepareRequest(request);
+					request = await prepareRequest(parsedRequest);
 				}
 				// Run the request in its own transaction
-				return await runTransaction<Response | Response[]>(req, async (tx) => {
-					transactions.push(tx);
-					tx.on('rollback', () => {
-						rollbackRequestHooks(reqHooks);
+				return await runTransaction<Response | Response[]>(
+					req,
+					request,
+					async (tx) => {
+						transactions.push(tx);
+						tx.on('rollback', () => {
+							rollbackRequestHooks(reqHooks);
+							if (Array.isArray(request)) {
+								for (const { hooks } of request) {
+									rollbackRequestHooks(hooks);
+								}
+							} else {
+								rollbackRequestHooks(request.hooks);
+							}
+						});
 						if (Array.isArray(request)) {
-							request.forEach(({ hooks }) => {
-								rollbackRequestHooks(hooks);
-							});
+							const changeSetResults = new Map<number, Response>();
+							const changeSetRunner = runChangeSet(req, tx);
+							for (const r of request) {
+								await changeSetRunner(changeSetResults, r);
+							}
+							return Array.from(changeSetResults.values());
 						} else {
-							rollbackRequestHooks(request.hooks);
-						}
-					});
-					if (Array.isArray(request)) {
-						const changeSetResults = new Map<number, Response>();
-						const changeSetRunner = runChangeSet(req, tx);
-						for (const r of request) {
-							await changeSetRunner(changeSetResults, r);
+							return await runRequest(req, tx, request);
 						}
-						return Array.from(changeSetResults.values());
-					} else {
-						return await runRequest(req, tx, request);
-					}
-				});
+					},
+				);
 			});
 
-			const responses = results.map((result) => {
-				if (_.isError(result)) {
-					return convertToHttpError(result);
-				} else {
-					if (
-						!Array.isArray(result) &&
-						result.body == null &&
-						result.status == null
-					) {
-						console.error('No status or body set', req.url, responses);
-						return new InternalRequestError();
+			const responses = results.map(
+				(result): Response | Response[] | HttpError => {
+					if (_.isError(result)) {
+						return convertToHttpError(result);
+					} else {
+						if (
+							!Array.isArray(result) &&
+							result.body == null &&
+							result.statusCode == null
+						) {
+							console.error('No status or body set', req.url, responses);
+							return new InternalRequestError();
+						}
+						return result;
 					}
-					return result;
-				}
-			});
+				},
+			);
 			return responses;
 		})(),
 	};
@@ -1101,61 +1345,75 @@ export const handleODataRequest: Express.Handler = async (req, res, next) => {
 		// If we are dealing with a single request unpack the response and respond normally
 		if (req.batch == null || req.batch.length === 0) {
 			let [response] = responses;
-			if (_.isError(response)) {
-				response = {
-					status: response.status,
-					body: response.getResponseBody(),
-				};
-			}
-			const { body, headers, status } = response as Response;
-			if (status) {
-				res.status(status);
-			}
-			_.forEach(headers, (headerValue, headerName) => {
-				res.set(headerName, headerValue);
-			});
-
-			if (!body) {
-				res.sendStatus(status!);
-			} else {
-				if (status != null) {
-					res.status(status);
-				}
-				res.json(body);
+			if (response instanceof HttpError) {
+				response = httpErrorToResponse(response);
 			}
+			handleResponse(res, response as Response);
 
 			// Otherwise its a multipart request and we reply with the appropriate multipart response
 		} else {
 			(res.status(200) as any).sendMulti(
 				responses.map((response) => {
-					if (_.isError(response)) {
-						return {
-							status: response.status,
-							body: response.getResponseBody(),
-						};
+					if (response instanceof HttpError) {
+						response = httpErrorToResponse(response);
 					} else {
 						return response;
 					}
 				}),
 			);
 		}
-	} catch (e) {
-		if (e instanceof HttpError) {
-			const body = e.getResponseBody();
-			if (body) {
-				res.status(e.status).send(body);
-			} else {
-				res.sendStatus(e.status);
-			}
+	} catch (e: any) {
+		if (handleHttpErrors(req, res, e)) {
 			return;
 		}
 		// If an error bubbles here it must have happened in the last then block
 		// We just respond with 500 as there is probably not much we can do to recover
 		console.error('An error occurred while constructing the response', e);
-		res.sendStatus(500);
+		res.status(500).end();
 	}
 };
 
+const handleErrorFns: Array<(req: Express.Request, err: HttpError) => void> =
+	[];
+export const onHandleHttpError = (fn: (typeof handleErrorFns)[number]) => {
+	handleErrorFns.push(fn);
+};
+export const handleHttpErrors = (
+	req: Express.Request,
+	res: Express.Response,
+	err: Error,
+): boolean => {
+	if (err instanceof HttpError) {
+		for (const handleErrorFn of handleErrorFns) {
+			handleErrorFn(req, err);
+		}
+		const response = httpErrorToResponse(err);
+		handleResponse(res, response);
+		return true;
+	}
+	return false;
+};
+const handleResponse = (res: Express.Response, response: Response): void => {
+	const { body, headers, statusCode } = response as Response;
+	res.set(headers);
+	res.status(statusCode);
+	if (!body) {
+		res.end();
+	} else {
+		res.json(body);
+	}
+};
+
+const httpErrorToResponse = (
+	err: HttpError,
+): RequiredField<Response, 'statusCode'> => {
+	return {
+		statusCode: err.status,
+		body: err.getResponseBody(),
+		headers: err.headers,
+	};
+};
+
 // Reject the error to use the nice catch syntax
 const convertToHttpError = (err: any): HttpError => {
 	if (err instanceof HttpError) {
@@ -1217,7 +1475,7 @@ const runRequest = async (
 					result = await runDelete(req, request, tx);
 					break;
 			}
-		} catch (err) {
+		} catch (err: any) {
 			if (err instanceof db.DatabaseError) {
 				prettifyConstraintError(err, request);
 				logger.error(err);
@@ -1241,7 +1499,7 @@ const runRequest = async (
 		}
 
 		await runHooks('POSTRUN', request.hooks, { req, request, result, tx });
-	} catch (err) {
+	} catch (err: any) {
 		await runHooks('POSTRUN-ERROR', request.hooks, {
 			req,
 			request,
@@ -1253,19 +1511,21 @@ const runRequest = async (
 	return await prepareResponse(req, request, result, tx);
 };
 
-const runChangeSet = (req: Express.Request, tx: Db.Tx) => async (
-	changeSetResults: Map<number, Response>,
-	request: uriParser.ODataRequest,
-): Promise<void> => {
-	request = updateBinds(changeSetResults, request);
-	const result = await runRequest(req, tx, request);
-	if (request.id == null) {
-		throw new Error('No request id');
-	}
-	result.headers ??= {};
-	result.headers['Content-Id'] = request.id;
-	changeSetResults.set(request.id, result);
-};
+const runChangeSet =
+	(req: Express.Request, tx: Db.Tx) =>
+	async (
+		changeSetResults: Map<number, Response>,
+		request: uriParser.ODataRequest,
+	): Promise<void> => {
+		request = updateBinds(changeSetResults, request);
+		const result = await runRequest(req, tx, request);
+		if (request.id == null) {
+			throw new Error('No request id');
+		}
+		result.headers ??= {};
+		result.headers['content-id'] = request.id;
+		changeSetResults.set(request.id, result);
+	};
 
 // Requests inside a changeset may refer to resources created inside the
 // changeset, the generation of the sql query for those requests must be
@@ -1276,7 +1536,8 @@ const updateBinds = (
 	request: uriParser.ODataRequest,
 ) => {
 	if (request._defer) {
-		request.odataBinds = request.odataBinds.map(([tag, id]) => {
+		for (let i = 0; i < request.odataBinds.length; i++) {
+			const [tag, id] = request.odataBinds[i];
 			if (tag === 'ContentReference') {
 				const ref = changeSetResults.get(id);
 				if (
@@ -1288,10 +1549,9 @@ const updateBinds = (
 						'Reference to a non existing resource in Changeset',
 					);
 				}
-				return uriParser.parseId(ref.body.id);
+				request.odataBinds[i] = uriParser.parseId(ref.body.id);
 			}
-			return [tag, id];
-		});
+		}
 	}
 	return request;
 };
@@ -1320,18 +1580,45 @@ const prepareResponse = async (
 	}
 };
 
+const checkReadOnlyRequests = (request: uriParser.ODataRequest) => {
+	if (request.method !== 'GET') {
+		// Only GET requests can be read-only
+		return false;
+	}
+	const { hooks } = request;
+	if (hooks == null) {
+		// If there are no hooks then it's definitely read-only
+		return true;
+	}
+	// If there are hooks then check that they're all read-only
+	return hooks.every(([, versionedHooks]) =>
+		Object.values(versionedHooks).every((hookTypeHooks) => {
+			return (
+				hookTypeHooks == null || hookTypeHooks.every((hook) => hook.readOnlyTx)
+			);
+		}),
+	);
+};
+
 // This is a helper method to handle using a passed in req.tx when available, or otherwise creating a new tx and cleaning up after we're done.
 const runTransaction = async <T>(
 	req: HookReq,
+	request: uriParser.ODataRequest | uriParser.ODataRequest[],
 	callback: (tx: Db.Tx) => Promise<T>,
 ): Promise<T> => {
 	if (req.tx != null) {
 		// If an existing tx was passed in then use it.
 		return await callback(req.tx);
-	} else {
-		// Otherwise create a new transaction and handle tidying it up.
-		return await db.transaction(callback);
 	}
+	if (Array.isArray(request)) {
+		if (request.every(checkReadOnlyRequests)) {
+			return await db.readTransaction(callback);
+		}
+	} else if (checkReadOnlyRequests(request)) {
+		return await db.readTransaction(callback);
+	}
+	// Otherwise create a new write transaction and handle tidying it up.
+	return await db.transaction(callback);
 };
 
 // This is a helper function that will check and add the bind values to the SQL query and then run it.
@@ -1339,7 +1626,7 @@ const runQuery = async (
 	tx: Db.Tx,
 	request: uriParser.ODataRequest,
 	queryIndex?: number,
-	returningIdField?: string,
+	addReturning: boolean = false,
 ): Promise<Db.Result> => {
 	const { vocabulary } = request;
 	let { sqlQuery } = request;
@@ -1368,10 +1655,14 @@ const runQuery = async (
 		api[vocabulary].logger.log(query, values);
 	}
 
+	// We only add the returning clause if it's been requested and `affectedIds` hasn't been populated yet
+	const returningIdField =
+		addReturning && request.affectedIds == null ? getIdField(request) : false;
+
 	const sqlResult = await tx.executeSql(query, values, returningIdField);
 
 	if (returningIdField) {
-		request.affectedIds = sqlResult.rows.map((row) => row[returningIdField]);
+		request.affectedIds ??= sqlResult.rows.map((row) => row[returningIdField]);
 	}
 
 	return sqlResult;
@@ -1403,29 +1694,35 @@ const respondGet = async (
 		const d = await odataResponse.process(
 			vocab,
 			getAbstractSqlModel(request),
-			request.resourceName,
+			request.originalResourceName,
 			result.rows,
 			{ includeMetadata: metadata === 'full' },
 		);
 
+		const response = {
+			statusCode: 200,
+			body: { d },
+			headers: { 'content-type': 'application/json' },
+		};
 		await runHooks('PRERESPOND', request.hooks, {
 			req,
 			request,
 			result,
-			data: d,
+			response,
 			tx,
 		});
-		return { body: { d }, headers: { contentType: 'application/json' } };
+		return response;
 	} else {
 		if (request.resourceName === '$metadata') {
 			return {
+				statusCode: 200,
 				body: models[vocab].odataMetadata,
-				headers: { contentType: 'xml' },
+				headers: { 'content-type': 'xml' },
 			};
 		} else {
 			// TODO: request.resourceName can be '$serviceroot' or a resource and we should return an odata xml document based on that
 			return {
-				status: 404,
+				statusCode: 404,
 			};
 		}
 	}
@@ -1440,12 +1737,12 @@ const runPost = async (
 		tx,
 		request,
 		undefined,
-		getIdField(request),
+		true,
 	);
 	if (rowsAffected === 0) {
 		throw new PermissionError();
 	}
-	await validateModel(tx, request.vocabulary, request);
+	await validateModel(tx, _.last(request.translateVersions)!, request);
 
 	return insertId;
 };
@@ -1457,7 +1754,11 @@ const respondPost = async (
 	tx: Db.Tx,
 ): Promise<Response> => {
 	const vocab = request.vocabulary;
-	const location = odataResponse.resourceURI(vocab, request.resourceName, id);
+	const location = odataResponse.resourceURI(
+		vocab,
+		request.originalResourceName,
+		id,
+	);
 	if (env.DEBUG) {
 		api[vocab].logger.log('Insert ID: ', request.resourceName, id);
 	}
@@ -1476,21 +1777,23 @@ const respondPost = async (
 		}
 	}
 
+	const response = {
+		statusCode: 201,
+		body: result.d[0],
+		headers: {
+			'content-type': 'application/json',
+			location,
+		},
+	};
 	await runHooks('PRERESPOND', request.hooks, {
 		req,
 		request,
 		result,
+		response,
 		tx,
 	});
 
-	return {
-		status: 201,
-		body: result.d[0],
-		headers: {
-			contentType: 'application/json',
-			Location: location,
-		},
-	};
+	return response;
 };
 
 const runPut = async (
@@ -1498,22 +1801,20 @@ const runPut = async (
 	request: uriParser.ODataRequest,
 	tx: Db.Tx,
 ): Promise<undefined> => {
-	const idField = getIdField(request);
-
 	let rowsAffected: number;
 	// If request.sqlQuery is an array it means it's an UPSERT, ie two queries: [InsertQuery, UpdateQuery]
 	if (Array.isArray(request.sqlQuery)) {
 		// Run the update query first
-		({ rowsAffected } = await runQuery(tx, request, 1, idField));
+		({ rowsAffected } = await runQuery(tx, request, 1, true));
 		if (rowsAffected === 0) {
 			// Then run the insert query if nothing was updated
-			({ rowsAffected } = await runQuery(tx, request, 0, idField));
+			({ rowsAffected } = await runQuery(tx, request, 0, true));
 		}
 	} else {
-		({ rowsAffected } = await runQuery(tx, request, undefined, idField));
+		({ rowsAffected } = await runQuery(tx, request, undefined, true));
 	}
 	if (rowsAffected > 0) {
-		await validateModel(tx, request.vocabulary, request);
+		await validateModel(tx, _.last(request.translateVersions)!, request);
 	}
 	return undefined;
 };
@@ -1524,16 +1825,17 @@ const respondPut = async (
 	result: any,
 	tx: Db.Tx,
 ): Promise<Response> => {
+	const response = {
+		statusCode: 200,
+	};
 	await runHooks('PRERESPOND', request.hooks, {
 		req,
 		request,
 		result,
+		response,
 		tx,
 	});
-	return {
-		status: 200,
-		headers: {},
-	};
+	return response;
 };
 const respondDelete = respondPut;
 const respondOptions = respondPut;
@@ -1543,14 +1845,9 @@ const runDelete = async (
 	request: uriParser.ODataRequest,
 	tx: Db.Tx,
 ): Promise<undefined> => {
-	const { rowsAffected } = await runQuery(
-		tx,
-		request,
-		undefined,
-		getIdField(request),
-	);
+	const { rowsAffected } = await runQuery(tx, request, undefined, true);
 	if (rowsAffected > 0) {
-		await validateModel(tx, request.vocabulary, request);
+		await validateModel(tx, _.last(request.translateVersions)!, request);
 	}
 
 	return undefined;
@@ -1570,11 +1867,36 @@ export const executeStandardModels = async (tx: Db.Tx): Promise<void> => {
 					ALTER TABLE "model"
 					ADD COLUMN IF NOT EXISTS "modified at" TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL;
 				`,
+				'15.0.0-data-types': async ($tx, sbvrUtils) => {
+					switch (sbvrUtils.db.engine) {
+						case 'mysql':
+							await $tx.executeSql(`\
+								ALTER TABLE "model"
+								MODIFY "model value" JSON NOT NULL;
+
+								UPDATE "model"
+								SET "model value" = CAST('{"value":' || CAST("model value" AS CHAR) || '}' AS JSON)
+								WHERE "model type" IN ('se', 'odataMetadata')
+								AND CAST("model value" AS CHAR) LIKE '"%';`);
+							break;
+						case 'postgres':
+							await $tx.executeSql(`\
+								ALTER TABLE "model"
+								ALTER COLUMN "model value" SET DATA TYPE JSONB USING "model value"::JSONB;
+
+								UPDATE "model"
+								SET "model value" = CAST('{"value":' || CAST("model value" AS TEXT) || '}' AS JSON)
+								WHERE "model type" IN ('se', 'odataMetadata')
+								AND CAST("model value" AS TEXT) LIKE '"%';`);
+							break;
+						// No need to migrate for websql
+					}
+				},
 			},
 		});
 		await executeModels(tx, permissions.config.models);
 		console.info('Successfully executed standard models.');
-	} catch (err) {
+	} catch (err: any) {
 		console.error('Failed to execute standard models.', err);
 		throw err;
 	}
@@ -1590,7 +1912,7 @@ export const setup = async (
 			await executeStandardModels(tx);
 			await permissions.setup();
 		});
-	} catch (err) {
+	} catch (err: any) {
 		console.error('Could not execute standard models', err);
 		process.exit(1);
 	}