npm - @sap/cds - Versions diffs - 5.4.3 → 5.5.0 - Mend

@sap/cds 5.4.3 → 5.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (228) hide show

package/CHANGELOG.md +239 -2
package/apis/ql.d.ts +17 -15
package/app/index.js +1 -1
package/bin/build/buildTaskEngine.js +26 -42
package/bin/build/buildTaskFactory.js +6 -10
package/bin/build/buildTaskHandler.js +2 -4
package/bin/build/buildTaskProvider.js +3 -1
package/bin/build/buildTaskProviderFactory.js +9 -15
package/bin/build/constants.js +15 -3
package/bin/build/index.js +5 -4
package/bin/build/mtaUtil.js +8 -11
package/bin/build/provider/buildTaskHandlerEdmx.js +63 -6
package/bin/build/provider/buildTaskHandlerInternal.js +2 -34
package/bin/build/provider/buildTaskProviderInternal.js +16 -42
package/bin/build/provider/fiori/index.js +13 -24
package/bin/build/provider/hana/2migration.js +17 -15
package/bin/build/provider/hana/2tabledata.js +52 -48
package/bin/build/provider/hana/index.js +27 -25
package/bin/build/provider/hana/migrationtable.js +91 -67
package/bin/build/provider/java-cf/index.js +14 -24
package/bin/build/provider/mtx/index.js +12 -14
package/bin/build/provider/node-cf/index.js +18 -32
package/bin/cds.js +5 -5
package/bin/serve.js +29 -23
package/bin/version.js +0 -1
package/lib/compile/etc/_localized.js +4 -9
package/lib/compile/for/sql.js +5 -2
package/lib/compile/parse.js +25 -17
package/lib/compile/to/srvinfo.js +2 -1
package/lib/connect/bindings.js +2 -1
package/lib/connect/index.js +48 -49
package/lib/core/classes.js +1 -1
package/lib/core/reflect.js +10 -2
package/lib/deploy.js +26 -23
package/lib/env/defaults.js +13 -6
package/lib/env/index.js +73 -78
package/lib/env/requires.js +38 -19
package/lib/index.js +9 -10
package/lib/lazy.js +2 -2
package/lib/log/index.js +33 -45
package/lib/log/service/index.js +2 -2
package/lib/ql/CREATE.js +14 -9
package/lib/ql/DELETE.js +6 -5
package/lib/ql/DROP.js +12 -9
package/lib/ql/INSERT.js +40 -16
package/lib/ql/Query.js +67 -40
package/lib/ql/SELECT.js +162 -127
package/lib/ql/UPDATE.js +74 -42
package/lib/ql/Whereable.js +77 -87
package/lib/ql/index.js +36 -24
package/lib/ql/parse.js +35 -0
package/lib/req/context.js +44 -8
package/lib/req/locale.js +7 -7
package/lib/serve/Service-api.js +21 -14
package/lib/serve/Service-dispatch.js +28 -12
package/lib/serve/Transaction.js +22 -10
package/lib/serve/index.js +16 -11
package/lib/utils/axios.js +23 -16
package/lib/utils/data.js +35 -0
package/lib/utils/tests.js +27 -18
package/libx/_runtime/audit/generic/personal/access.js +81 -0
package/libx/_runtime/audit/generic/personal/constants.js +4 -0
package/libx/_runtime/audit/generic/personal/index.js +50 -0
package/libx/_runtime/audit/generic/personal/modification.js +138 -0
package/libx/_runtime/audit/generic/personal/utils.js +186 -0
package/libx/_runtime/audit/utils/v2.js +10 -4
package/libx/_runtime/cds-services/adapter/odata-v4/Dispatcher.js +5 -5
package/libx/_runtime/cds-services/adapter/odata-v4/OData.js +6 -7
package/libx/_runtime/cds-services/adapter/odata-v4/handlers/action.js +5 -7
package/libx/_runtime/cds-services/adapter/odata-v4/handlers/create.js +5 -7
package/libx/_runtime/cds-services/adapter/odata-v4/handlers/delete.js +2 -3
package/libx/_runtime/cds-services/adapter/odata-v4/handlers/error.js +4 -0
package/libx/_runtime/cds-services/adapter/odata-v4/handlers/metadata.js +7 -4
package/libx/_runtime/cds-services/adapter/odata-v4/handlers/read.js +59 -8
package/libx/_runtime/cds-services/adapter/odata-v4/handlers/request.js +11 -1
package/libx/_runtime/cds-services/adapter/odata-v4/handlers/update.js +6 -10
package/libx/_runtime/cds-services/adapter/odata-v4/odata-to-cqn/ExpressionToCQN.js +3 -46
package/libx/_runtime/cds-services/adapter/odata-v4/odata-to-cqn/applyToCQN.js +2 -5
package/libx/_runtime/cds-services/adapter/odata-v4/odata-to-cqn/createToCQN.js +2 -2
package/libx/_runtime/cds-services/adapter/odata-v4/odata-to-cqn/deleteToCQN.js +4 -3
package/libx/_runtime/cds-services/adapter/odata-v4/odata-to-cqn/expandToCQN.js +1 -2
package/libx/_runtime/cds-services/adapter/odata-v4/odata-to-cqn/index.js +0 -1
package/libx/_runtime/cds-services/adapter/odata-v4/odata-to-cqn/selectHelper.js +1 -1
package/libx/_runtime/cds-services/adapter/odata-v4/odata-to-cqn/updateToCQN.js +2 -2
package/libx/_runtime/cds-services/adapter/odata-v4/odata-to-cqn/utils.js +16 -18
package/libx/_runtime/cds-services/adapter/odata-v4/okra/odata-commons/edm/EdmEntityType.js +6 -3
package/libx/_runtime/cds-services/adapter/odata-v4/okra/odata-commons/format/RepresentationKind.js +4 -1
package/libx/_runtime/cds-services/adapter/odata-v4/okra/odata-server/core/OdataRequest.js +1 -0
package/libx/_runtime/cds-services/adapter/odata-v4/okra/odata-server/serializer/SerializerFactory.js +15 -2
package/libx/_runtime/cds-services/adapter/odata-v4/okra/odata-server/validator/OperationValidator.js +1 -0
package/libx/_runtime/cds-services/adapter/odata-v4/to.js +1 -1
package/libx/_runtime/cds-services/adapter/odata-v4/utils/data.js +8 -1
package/libx/_runtime/cds-services/adapter/odata-v4/utils/handlerUtils.js +6 -1
package/libx/_runtime/cds-services/adapter/odata-v4/utils/omitValues.js +12 -5
package/libx/_runtime/cds-services/adapter/odata-v4/utils/readAfterWrite.js +1 -7
package/libx/_runtime/cds-services/adapter/odata-v4/utils/request.js +7 -7
package/libx/_runtime/cds-services/adapter/odata-v4/utils/result.js +14 -18
package/libx/_runtime/cds-services/adapter/odata-v4/utils/stream.js +13 -13
package/libx/_runtime/cds-services/adapter/rest/handlers/create.js +0 -1
package/libx/_runtime/cds-services/adapter/rest/handlers/operation.js +2 -1
package/libx/_runtime/cds-services/adapter/rest/handlers/read.js +2 -2
package/libx/_runtime/cds-services/adapter/rest/rest-to-cqn/index.js +2 -4
package/libx/_runtime/cds-services/adapter/rest/utils/result.js +4 -2
package/libx/_runtime/cds-services/services/Service.js +40 -5
package/libx/_runtime/cds-services/services/utils/columns.js +13 -7
package/libx/_runtime/cds-services/services/utils/compareJson.js +88 -4
package/libx/_runtime/cds-services/services/utils/differ.js +24 -6
package/libx/_runtime/cds-services/services/utils/handlerUtils.js +2 -2
package/libx/_runtime/common/composition/data.js +66 -63
package/libx/_runtime/common/composition/delete.js +97 -71
package/libx/_runtime/common/composition/index.js +2 -1
package/libx/_runtime/common/composition/insert.js +34 -11
package/libx/_runtime/common/composition/tree.js +119 -92
package/libx/_runtime/common/composition/update.js +12 -1
package/libx/_runtime/common/composition/utils.js +1 -3
package/libx/_runtime/common/constants/draft.js +12 -1
package/libx/_runtime/common/generic/auth.js +53 -31
package/libx/_runtime/common/generic/crud.js +14 -13
package/libx/_runtime/common/generic/input.js +23 -26
package/libx/_runtime/common/generic/put.js +1 -1
package/libx/_runtime/common/generic/sorting.js +16 -16
package/libx/_runtime/common/i18n/index.js +1 -1
package/libx/_runtime/common/i18n/messages.properties +4 -0
package/libx/_runtime/common/utils/backlinks.js +12 -5
package/libx/_runtime/common/utils/cqn.js +6 -1
package/libx/_runtime/common/utils/cqn2cqn4sql.js +123 -108
package/libx/_runtime/common/utils/csn.js +56 -4
package/libx/_runtime/common/utils/data.js +0 -37
package/libx/_runtime/common/utils/enrichWithKeysFromWhere.js +1 -1
package/libx/_runtime/common/utils/entityFromCqn.js +7 -24
package/libx/_runtime/common/utils/foreignKeyPropagations.js +39 -7
package/libx/_runtime/common/utils/generateOnCond.js +11 -12
package/libx/_runtime/common/utils/onlyKeysRemain.js +10 -0
package/libx/_runtime/common/utils/path.js +35 -0
package/libx/_runtime/common/utils/postProcessing.js +86 -0
package/libx/_runtime/common/utils/quotingStyles.js +37 -26
package/libx/_runtime/common/utils/resolveView.js +227 -173
package/libx/_runtime/common/utils/rewriteAsterisk.js +46 -26
package/libx/_runtime/common/utils/structured.js +13 -13
package/libx/_runtime/common/utils/template.js +10 -5
package/libx/_runtime/common/utils/templateDelimiter.js +1 -0
package/libx/_runtime/common/utils/templateProcessor.js +28 -72
package/libx/_runtime/common/utils/union.js +31 -0
package/libx/_runtime/common/utils/unionCqnTemplate.js +184 -0
package/libx/_runtime/db/Service.js +1 -1
package/libx/_runtime/db/data-conversion/timestamp.js +2 -9
package/libx/_runtime/db/expand/expandCQNToJoin.js +204 -297
package/libx/_runtime/db/expand/index.js +3 -3
package/libx/_runtime/db/expand/rawToExpanded.js +36 -7
package/libx/_runtime/db/generic/index.js +1 -1
package/libx/_runtime/db/generic/input.js +5 -7
package/libx/_runtime/db/generic/integrity.js +1 -1
package/libx/_runtime/db/generic/rewrite.js +2 -10
package/libx/_runtime/db/generic/update.js +13 -5
package/libx/_runtime/db/generic/virtual.js +22 -58
package/libx/_runtime/db/query/delete.js +7 -4
package/libx/_runtime/db/query/insert.js +6 -4
package/libx/_runtime/db/query/read.js +21 -8
package/libx/_runtime/db/query/run.js +4 -1
package/libx/_runtime/db/query/update.js +5 -4
package/libx/_runtime/db/sql-builder/ExpressionBuilder.js +35 -2
package/libx/_runtime/db/sql-builder/FunctionBuilder.js +17 -2
package/libx/_runtime/db/sql-builder/InsertBuilder.js +6 -5
package/libx/_runtime/db/sql-builder/ReferenceBuilder.js +10 -0
package/libx/_runtime/db/sql-builder/SelectBuilder.js +35 -24
package/libx/_runtime/db/sql-builder/UpdateBuilder.js +14 -4
package/libx/_runtime/db/sql-builder/arrayed.js +4 -0
package/libx/_runtime/db/utils/deep.js +8 -0
package/libx/_runtime/db/utils/generateAliases.js +2 -1
package/libx/_runtime/fiori/generic/activate.js +19 -15
package/libx/_runtime/fiori/generic/before.js +3 -11
package/libx/_runtime/fiori/generic/cancel.js +1 -1
package/libx/_runtime/fiori/generic/delete.js +3 -1
package/libx/_runtime/fiori/generic/edit.js +12 -2
package/libx/_runtime/fiori/generic/new.js +5 -5
package/libx/_runtime/fiori/generic/patch.js +0 -18
package/libx/_runtime/fiori/generic/read.js +261 -205
package/libx/_runtime/fiori/utils/delete.js +36 -7
package/libx/_runtime/fiori/utils/handler.js +43 -44
package/libx/_runtime/fiori/utils/where.js +30 -15
package/libx/_runtime/hana/customBuilder/CustomSelectBuilder.js +4 -6
package/libx/_runtime/hana/execute.js +3 -3
package/libx/_runtime/hana/localized.js +4 -4
package/libx/_runtime/hana/pool.js +29 -14
package/libx/_runtime/hana/search2cqn4sql.js +2 -1
package/libx/_runtime/hana/searchToContains.js +18 -14
package/libx/_runtime/index.js +0 -5
package/libx/_runtime/messaging/AMQPWebhookMessaging.js +13 -5
package/libx/_runtime/messaging/common-utils/naming-conventions.js +4 -1
package/libx/_runtime/messaging/enterprise-messaging-utils/EMManagement.js +31 -19
package/libx/_runtime/messaging/enterprise-messaging-utils/registerEndpoints.js +1 -2
package/libx/_runtime/messaging/enterprise-messaging.js +6 -4
package/libx/_runtime/messaging/service.js +7 -6
package/libx/_runtime/odata/cqn2odata.js +110 -43
package/libx/_runtime/odata/index.js +26 -48
package/libx/_runtime/odata/odata2cqn.js +1 -6154
package/libx/_runtime/odata/odata2cqn.pegjs +559 -0
package/libx/_runtime/odata/readToCqn.js +94 -64
package/libx/_runtime/remote/Service.js +74 -21
package/libx/_runtime/remote/cqn2odata/index.js +1 -5
package/libx/_runtime/remote/utils/client.js +24 -101
package/libx/_runtime/remote/utils/dataConversion.js +27 -12
package/libx/_runtime/sqlite/Service.js +3 -5
package/libx/_runtime/sqlite/execute.js +33 -27
package/libx/_runtime/sqlite/localized.js +12 -7
package/libx/_runtime/types/api.js +10 -0
package/package.json +2 -2
package/server.js +16 -2
package/lib/ql/grammar.pegjs +0 -208
package/lib/ql/parser.js +0 -1
package/lib/ql/rt/DELETE.js +0 -29
package/lib/ql/rt/INSERT.js +0 -23
package/lib/ql/rt/Query.js +0 -84
package/lib/ql/rt/SELECT.js +0 -174
package/lib/ql/rt/UPDATE.js +0 -119
package/lib/ql/rt/_helpers.js +0 -91
package/lib/ql/rt/index.js +0 -32
package/libx/_runtime/audit/generic/personal.js +0 -260
package/libx/_runtime/cds-services/statements/BaseStatement.js +0 -72
package/libx/_runtime/cds-services/statements/Create.js +0 -57
package/libx/_runtime/cds-services/statements/Delete.js +0 -33
package/libx/_runtime/cds-services/statements/Drop.js +0 -42
package/libx/_runtime/cds-services/statements/Insert.js +0 -201
package/libx/_runtime/cds-services/statements/Select.js +0 -826
package/libx/_runtime/cds-services/statements/Update.js +0 -181
package/libx/_runtime/cds-services/statements/Where.js +0 -726
package/libx/_runtime/cds-services/statements/index.js +0 -25
package/libx/_runtime/common/generic/resolve-mock.js +0 -9

package/libx/_runtime/audit/generic/personal/utils.js ADDED Viewed

@@ -0,0 +1,186 @@
+const cds = require('../../../cds')
+const { getDataSubject } = require('../../../common/utils/csn')
+const { getBackLinks, isSelfManaged } = require('../../../common/utils/backlinks')
+const WRITE = { CREATE: 1, UPDATE: 1, DELETE: 1 }
+const ASPECTS = { CREATE: '_auditCreate', READ: '_auditRead', UPDATE: '_auditUpdate', DELETE: '_auditDelete' }
+const getMapKeyForCurrentRequest = req => {
+  // running in srv or db layer? -> srv's req.query used as key of diff and logs maps at req.context
+  return req._tx.constructor.name.match(/Database$/i) ? req._.query : req.query
+}
+const getRootEntity = element => {
+  let entity = element.parent
+  while (entity.kind !== 'entity') entity = entity.parent
+  return entity
+}
+const getPick = event => {
+  return (element, target) => {
+    if (!target[ASPECTS[event]]) return
+    const categories = []
+    if (!element.isAssociation && element.key) categories.push('ObjectID')
+    if (
+      element.parent['@PersonalData.EntitySemantics'] === 'DataSubject' &&
+      element['@PersonalData.FieldSemantics'] === 'DataSubjectID'
+    )
+      categories.push('DataSubjectID')
+    if (event in WRITE && element['@PersonalData.IsPotentiallyPersonal']) categories.push('IsPotentiallyPersonal')
+    if (element['@PersonalData.IsPotentiallySensitive']) categories.push('IsPotentiallySensitive')
+    if (categories.length) return { categories }
+  }
+}
+const _getHash = (entity, row) => {
+  return `${entity.name}(${Object.keys(entity.keys)
+    .map(k => `${k}=${row[k]}`)
+    .join(',')})`
+}
+const createLogEntry = (logs, entity, row) => {
+  const hash = _getHash(entity, row)
+  let log = logs[hash]
+  if (!log) {
+    logs[hash] = {
+      dataObject: { type: entity.name, id: [] },
+      dataSubject: { id: [], role: entity['@PersonalData.DataSubjectRole'] },
+      attributes: [],
+      attachments: []
+    }
+    log = logs[hash]
+  }
+  return log
+}
+const addObjectID = (log, row, key) => {
+  if (!log.dataObject.id.find(ele => ele.keyName === key)) log.dataObject.id.push({ keyName: key, value: row[key] })
+}
+const addDataSubject = (log, row, key, entity) => {
+  if (!log.dataSubject.type) log.dataSubject.type = entity.name
+  if (!log.dataSubject.id.find(ele => ele.key === key)) {
+    const value = row[key] || (row._old && row._old[key])
+    log.dataSubject.id.push({ keyName: key, value })
+  }
+}
+const _addKeysToWhere = (child, row) => {
+  const keysWithValue = []
+  Object.keys(child.keys).forEach(el => {
+    if (keysWithValue.length > 0) keysWithValue.push('and')
+    keysWithValue.push({ ref: [child.name, el] }, '=', {
+      val: row[el]
+    })
+  })
+  return keysWithValue
+}
+const _addForeignKeysToWhere = (parent, child, assoc) => {
+  const foreignKeys = []
+  const backlinks = getBackLinks(assoc)
+  let parentName, childName
+  if (assoc.isComposition && assoc.is2one && !assoc.on) {
+    // look for foreign keys in parent
+    parentName = parent.name
+    childName = child.name
+  } else if (assoc.is2many && isSelfManaged(assoc)) {
+    // look for foreign keys in child
+    parentName = child.name
+    childName = parent.name
+  }
+  backlinks.forEach(el => {
+    if (foreignKeys.length > 0) foreignKeys.push('and')
+    foreignKeys.push({ ref: [parentName, el.entityKey] }, '=', {
+      ref: [childName, el.targetKey]
+    })
+  })
+  return foreignKeys
+}
+const _buildWhere = (child, dataSubjectInfo, row) => {
+  const where = []
+  where.push(
+    ..._addForeignKeysToWhere(dataSubjectInfo.entity, child, dataSubjectInfo.assoc),
+    'and',
+    ..._addKeysToWhere(child, row)
+  )
+  return where
+}
+const _buildSubSelect = (child, dataSubjectInfo, row) => {
+  let previousCqn
+  const childCqn = SELECT.from(child.name)
+    .columns(Object.keys(child.keys))
+    .where(_buildWhere(child, dataSubjectInfo.previous[0] ? dataSubjectInfo.previous[0] : dataSubjectInfo, row))
+  if (dataSubjectInfo.previous.length > 0) {
+    let currentCQN
+    dataSubjectInfo.previous.forEach((el, i) => {
+      const nextEl = dataSubjectInfo.previous[i + 1]
+      const args = nextEl
+        ? [nextEl.entity, el.entity, nextEl.assoc]
+        : [dataSubjectInfo.entity, el.entity, dataSubjectInfo.assoc]
+      currentCQN = SELECT.from(el.entity.name)
+        .columns(Object.keys(el.entity.keys))
+        .where([..._addForeignKeysToWhere(...args), 'and', 'exists', previousCqn || childCqn])
+      previousCqn = currentCQN
+    })
+  }
+  return previousCqn || childCqn
+}
+const _getDataSubjectIdPromise = (child, dataSubjectInfo, row, req) => {
+  const root = dataSubjectInfo.entity
+  const cqn = SELECT.from(root.name)
+    .columns(Object.keys(root.keys))
+    .where(['exists', _buildSubSelect(child, dataSubjectInfo, row)])
+  return cds
+    .tx(req)
+    .run(cqn)
+    .then(res => {
+      const id = []
+      for (const k in res[0]) id.push({ keyName: k, value: res[0][k] })
+      return id
+    })
+}
+const addDataSubjectForDetailsEntity = (row, log, req, entity, model) => {
+  const role = entity['@PersonalData.DataSubjectRole']
+  const dataSubjectInfo = getDataSubject(entity, model, role)
+  log.dataSubject.type = dataSubjectInfo.entity.name
+  /*
+   * for each req (cf. $batch with atomicity) and data subject role (e.g., customer vs supplier),
+   * store (in audit data structure at context) and reuse a single promise to look up the respective data subject
+   */
+  const mapKey = getMapKeyForCurrentRequest(req)
+  if (!req.context._audit.dataSubjects) req.context._audit.dataSubjects = new Map()
+  if (!req.context._audit.dataSubjects.has(mapKey)) req.context._audit.dataSubjects.set(mapKey, new Map())
+  const map = req.context._audit.dataSubjects.get(mapKey)
+  if (map.has(role)) log.dataSubject.id = map.get(role)
+  else map.set(role, _getDataSubjectIdPromise(entity, dataSubjectInfo, row, req))
+}
+const resolveDataSubjectPromises = async logs => {
+  const dataSubjPromise = logs.filter(el => el.dataSubject.id instanceof Promise)
+  const res = await Promise.all(dataSubjPromise.map(el => el.dataSubject.id))
+  dataSubjPromise.forEach((el, i) => (el.dataSubject.id = res[i]))
+}
+module.exports = {
+  getMapKeyForCurrentRequest,
+  getRootEntity,
+  getPick,
+  createLogEntry,
+  addObjectID,
+  addDataSubject,
+  addDataSubjectForDetailsEntity,
+  resolveDataSubjectPromises
+}

package/libx/_runtime/audit/utils/v2.js CHANGED Viewed

@@ -5,16 +5,22 @@ const { getObjectAndDataSubject, getAttributeToLog } = require('./log')
 function connect(credentials) {
   return new Promise((resolve, reject) => {
+    let auditLogging
+    try {
+      auditLogging = require('@sap/audit-logging')
+    } catch (e) {
+      LOG._warn &&
+        LOG.warn('Unable to require module @sap/audit-logging. Make sure it is installed if audit logging is required.')
+      return resolve()
+    }
     try {
-      const auditLogging = require('@sap/audit-logging')
       auditLogging.v2(credentials, function (err, auditLog) {
         if (err) return reject(err)
         resolve(auditLog)
       })
     } catch (e) {
-      LOG._warn &&
-        LOG.warn('Unable to require module @sap/audit-logging. Make sure it is installed if audit logging is required.')
-      resolve()
+      LOG._warn && LOG.warn('Unable to initialize audit-logging client with error:', e)
+      return resolve()
     }
   })
 }

package/libx/_runtime/cds-services/adapter/odata-v4/Dispatcher.js CHANGED Viewed

@@ -3,16 +3,16 @@ const LOG = cds.log('odata')
 const OData = require('./OData')
-function _createNewService(csn, defaultOptions) {
+function _createNewService(name, csn, defaultOptions) {
   const reflectedModel = cds.linked(cds.compile.for.odata(csn))
   const options = Object.assign({}, defaultOptions, { reflectedModel })
-  const service = new cds.ApplicationService(csn, options)
+  const service = new cds.ApplicationService(name, csn, options)
   service.init()
   if (options.impl) service.impl(options.impl)
   service._isExtended = true
-  const edm = cds.compile.to.edm(csn, { service: service.options.service })
+  const edm = cds.compile.to.edm(csn, { service: name })
   const odataService = new OData(edm, csn, options)
   odataService.addCDSServiceToChannel(service)
@@ -43,7 +43,7 @@ class Dispatcher {
         const csn = await cds.mtx.getCsn(tenant)
-        resolve(_createNewService(csn, this._odata._options))
+        resolve(_createNewService(this._odata._cdsService.definition.name, csn, this._odata._options))
       } catch (e) {
         reject(e)
       }
@@ -68,7 +68,7 @@ class Dispatcher {
         const toggles = (req.features && Object.keys(req.features)) || []
         const csn = await this._mps.csn(tenant, 'dummy', toggles)
-        resolve(_createNewService(csn, this._odata._options))
+        resolve(_createNewService(this._odata._cdsService.definition.name, csn, this._odata._options))
       } catch (e) {
         reject(e)
       }

package/libx/_runtime/cds-services/adapter/odata-v4/OData.js CHANGED Viewed

@@ -102,7 +102,6 @@ class OData {
    * @param {object} [options] - optional object with options.
    * @param {object} [options.logger] - optional logger object to be used in the odata library.
    * @param {string} [options.logLevel] - optional log level to be used according to winston/npm specification.
-   * @param {string} [options.service] - Service name as specified in CSN.
    * @param {boolean} [options.crashOnError] - Application should crash on error. Defaults to true.
    *
    * @throws Error in case no or an invalid csn model is provided.
@@ -214,14 +213,14 @@ class OData {
     })
     this._odataService.use(LOCALE_NEGOTIATOR, _language)
-    this._odataService.use(METADATA_HANDLER, _metadata(cdsService, this._options))
+    this._odataService.use(METADATA_HANDLER, _metadata(cdsService))
-    this._odataService.use(DATA_CREATE_HANDLER, _create(cdsService, this._options))
-    this._odataService.use(DATA_READ_HANDLER, _read(cdsService, this._options))
-    this._odataService.use(DATA_UPDATE_HANDLER, _update(cdsService, this._options))
-    this._odataService.use(DATA_DELETE_HANDLER, _delete(cdsService, this._options))
+    this._odataService.use(DATA_CREATE_HANDLER, _create(cdsService))
+    this._odataService.use(DATA_READ_HANDLER, _read(cdsService))
+    this._odataService.use(DATA_UPDATE_HANDLER, _update(cdsService))
+    this._odataService.use(DATA_DELETE_HANDLER, _delete(cdsService))
-    this._odataService.use(ACTION_EXECUTE_HANDLER, _action(cdsService, this._options))
+    this._odataService.use(ACTION_EXECUTE_HANDLER, _action(cdsService))
   }
   // _startPerfMeasurementOData (req) {

package/libx/_runtime/cds-services/adapter/odata-v4/handlers/action.js CHANGED Viewed

@@ -11,7 +11,8 @@ const { actionAndFunctionQueries, getActionOrFunctionReturnType } = require('../
 const { validateResourcePath } = require('../utils/request')
 const readAfterWrite = require('../utils/readAfterWrite')
 const { setStatusCodeAndHeader, getKeyProperty } = require('../../../../fiori/utils/handler')
-const { toODataResult, getVirtualsFromResult, postProcess } = require('../utils/result')
+const { toODataResult, postProcess } = require('../utils/result')
+const { mergeJson } = require('../../../services/utils/compareJson')
 /*
  * Get the returns object for the (un)bound action from CSN.
@@ -42,9 +43,7 @@ const _postProcessDraftActivate = async (req, result, service) => {
   // update req.data (keys needed in readAfterWrite)
   req.data = result
   const dataInDb = await readAfterWrite(req, service)
-  // augment data in db so values of virtual properties are kept
-  const virtuals = getVirtualsFromResult(req.target, result)
-  result = Object.assign(dataInDb[0] || result, virtuals)
+  if (dataInDb.length) result = mergeJson(dataInDb[0], result, req.target)
   // add static draft columns
   result.IsActiveEntity = true
@@ -74,14 +73,13 @@ const _postProcess = async (req, odataReq, odataRes, tx, result) => {
  * The handler that will be registered with odata-v4.
  *
  * @param {import('../../../services/Service')} service
- * @param {object} options
  * @returns {function}
  */
-const action = (service, options) => {
+const action = service => {
   return async (odataReq, odataRes, next) => {
     let req
     try {
-      validateResourcePath(odataReq, options, service.model)
+      validateResourcePath(odataReq, service)
       req = new ODataRequest(ACTION_EXECUTE_HANDLER, service, odataReq, odataRes)
     } catch (e) {
       return next(e)

package/libx/_runtime/cds-services/adapter/odata-v4/handlers/create.js CHANGED Viewed

@@ -9,20 +9,20 @@ const { getSapMessages } = require('../../../../common/error/frontend')
 const { validateResourcePath } = require('../utils/request')
 const { isReturnMinimal } = require('../utils/handlerUtils')
 const readAfterWrite = require('../utils/readAfterWrite')
-const { toODataResult, getVirtualsFromResult, postProcess } = require('../utils/result')
+const { toODataResult, postProcess } = require('../utils/result')
+const { mergeJson } = require('../../../services/utils/compareJson')
 /**
  * The handler that will be registered with odata-v4.
  *
  * @param {import('../../../services/Service')} service
- * @param {object} options
  * @returns {function}
  */
-const create = (service, options) => {
+const create = service => {
   return async (odataReq, odataRes, next) => {
     let req
     try {
-      validateResourcePath(odataReq, options, service.model)
+      validateResourcePath(odataReq, service)
       req = new ODataRequest(DATA_CREATE_HANDLER, service, odataReq, odataRes)
     } catch (e) {
       return next(e)
@@ -40,9 +40,7 @@ const create = (service, options) => {
         // REVISIT: find better solution
         if (req._.readAfterWrite) {
           const dataInDb = await readAfterWrite(req, service)
-          // augment data in db so values of virtual properties are kept
-          const virtuals = getVirtualsFromResult(req.target, result)
-          result = Object.assign(dataInDb[0] || result, virtuals)
+          if (dataInDb.length) result = mergeJson(dataInDb[0], result, req.target)
         }
         postProcess(req, odataRes, service, result)

package/libx/_runtime/cds-services/adapter/odata-v4/handlers/delete.js CHANGED Viewed

@@ -12,14 +12,13 @@ const { validateResourcePath } = require('../utils/request')
  * The handler that will be registered with odata-v4.
  *
  * @param {import('../../../services/Service')} service
- * @param {object} options
  * @returns {function}
  */
-const del = (service, options) => {
+const del = service => {
   return async (odataReq, odataRes, next) => {
     let req
     try {
-      validateResourcePath(odataReq, options, service.model)
+      validateResourcePath(odataReq, service)
       req = new ODataRequest(DATA_DELETE_HANDLER, service, odataReq, odataRes)
     } catch (e) {
       return next(e)

package/libx/_runtime/cds-services/adapter/odata-v4/handlers/error.js CHANGED Viewed

@@ -112,6 +112,10 @@ const getErrorHandler = (crashOnError = true, srv) => {
       err = _betterOkraError(err)
     }
+    // add content id if not generated by okra ("~...")
+    const contentId = odataReq.getOdataRequestId()
+    if (contentId && !contentId.match(/^~/)) err['@Core.ContentID'] = contentId
     const { error, statusCode } = normalizeError(err, req)
     next(null, Object.assign(error, { statusCode }))

package/libx/_runtime/cds-services/adapter/odata-v4/handlers/metadata.js CHANGED Viewed

@@ -29,10 +29,9 @@ const _get4Toggles = async (tenant, locale, service, req) => {
  * Provide localized metadata handler.
  *
  * @param {object} service
- * @param {object} options
  * @returns {Function}
  */
-const metadata = (service, options) => {
+const metadata = service => {
   return async (odataReq, odataRes, next) => {
     try {
       const req = odataReq.getIncomingRequest()
@@ -51,8 +50,12 @@ const metadata = (service, options) => {
       }
       if (!edmx) {
-        // REVISIT: why options.service instead of service.name?
-        edmx = cds.localize(service.model, locale, cds.compile.to.edmx(service.model, { service: options.service }))
+        edmx = cds.localize(
+          service.model,
+          locale,
+          // REVISIT: we could cache this in a weak map
+          cds.compile.to.edmx(service.model, { service: service.definition.name })
+        )
       }
       return next(null, toODataResult(edmx))

package/libx/_runtime/cds-services/adapter/odata-v4/handlers/read.js CHANGED Viewed

@@ -20,7 +20,7 @@ const { validateResourcePath } = require('../utils/request')
 const { toODataResult, postProcess } = require('../utils/result')
 const { isStreaming, getStreamProperties } = require('../utils/stream')
 const { resolveStructuredName } = require('../utils/handlerUtils')
-const { getVirtuals, postProcessVirtuals } = require('../../../../db/generic/virtual')
+const { ensureNoDraftsSuffix } = require('../../../../common/utils/draft')
 /**
  * Checks whether a bound function or function import is invoked.
@@ -225,7 +225,7 @@ const _readEntityOrProperty = async (tx, req, segments) => {
   const name = resolveStructuredName(segments, segments.length - 2)
   const res = _getResult(name, result[0])
-  const odataResult = toODataResult(res[propertyElement.getName()])
+  const odataResult = toODataResult(typeof res === 'object' ? res[propertyElement.getName()] : res)
   if (req.target._etag) odataResult['*@odata.etag'] = res[req.target._etag]
   // property is read via a to one association and last segment is not $value
@@ -373,6 +373,17 @@ const _readAndTransform = (tx, req, odataReq) => {
     return _readCollection(tx, req, odataReq)
   }
+  // REVISIT: move to afterburner
+  if (segments[segments.length - 1]._isStreamByDollarValue) {
+    for (const k in req.target.elements) {
+      if (req.target.elements[k]['@Core.MediaType']) {
+        req.query.SELECT.columns = [{ ref: [k] }]
+        break
+      }
+    }
+    return _readStream(tx, req, segments)
+  }
   if (isStreaming(segments)) {
     return _readStream(tx, req, segments)
   }
@@ -404,6 +415,41 @@ const _removeKeysForParams = result => {
   return options
 }
+const _getTarget = (ref, target, definitions) => {
+  if (cds.env.effective.odata.proxies) {
+    const target_ = target.elements[ref[0]]
+    if (ref.length === 1) {
+      return definitions[ensureNoDraftsSuffix(target_.target)]
+    }
+    return _getTarget(ref.slice(1), target_, definitions)
+  }
+  const target_ = target.elements[ref.join('_')]
+  return definitions[ensureNoDraftsSuffix(target_.target)]
+}
+const _getRestrictedExpand = (columns, target, definitions) => {
+  if (!columns || !target) return
+  const annotation = target['@Capabilities.ExpandRestrictions.NonExpandableProperties']
+  const restrictions = annotation && annotation.map(element => element['='])
+  for (const col of columns) {
+    if (col.expand) {
+      if (restrictions && restrictions.length !== 0) {
+        const ref = col.ref.join('_')
+        const ref_ = restrictions.find(element => element.replace(/\./g, '_') === ref)
+        if (ref_) return ref_
+      }
+      const restricted = _getRestrictedExpand(col.expand, _getTarget(col.ref, target, definitions), definitions)
+      if (restricted) return restricted
+    }
+  }
+}
 /**
  * The handler that will be registered with odata-v4.
  *
@@ -415,25 +461,31 @@ const _removeKeysForParams = result => {
  * In all other failure cases it calls next with error to return a 500.
  *
  * @param {import('../../../services/Service')} service
- * @param {object} options
  * @returns {function}
  */
-const read = (service, options) => {
+const read = service => {
   return async (odataReq, odataRes, next) => {
     let req
     try {
-      validateResourcePath(odataReq, options, service.model)
+      validateResourcePath(odataReq, service)
       req = new ODataRequest(DATA_READ_HANDLER, service, odataReq, odataRes)
     } catch (e) {
       return next(e)
     }
+    const restricted = _getRestrictedExpand(
+      req.query.SELECT && req.query.SELECT.columns,
+      req.target,
+      service.model.definitions
+    )
+    if (restricted) {
+      return next(getError(400, 'EXPAND_IS_RESTRICTED', [restricted]))
+    }
     const changeset = odataReq.getAtomicityGroupId()
     const tx = changeset ? odataReq.getBatchApplicationData().txs[changeset] : service.tx(req)
     cds.context = tx
-    const virtuals = getVirtuals(req, service.model)
     let result, err, commit
     let additional = {}
     try {
@@ -444,7 +496,6 @@ const read = (service, options) => {
         result = { value: null }
       } else {
         _postProcess(odataReq, req, odataRes, service, result)
-        postProcessVirtuals(virtuals, result)
         additional = _removeKeysForParams(result)
       }

package/libx/_runtime/cds-services/adapter/odata-v4/handlers/request.js CHANGED Viewed

@@ -11,7 +11,7 @@ module.exports = srv => {
     const req = odataReq.getBatchApplicationData()
       ? odataReq.getBatchApplicationData().req
       : odataReq.getIncomingRequest()
-    const { res, user, path } = req
+    const { res, user, path, headers } = req
     const { protectMetadata } = cds.env.odata
     if (protectMetadata === false && (path === '/' || path.endsWith('/$metadata'))) {
@@ -42,6 +42,16 @@ module.exports = srv => {
      * that can be used in ATOMICITY_GROUP_START and ATOMICITY_GROUP_END
      */
     if (path.endsWith('/$batch')) {
+      // ensure content type
+      const ct = headers['content-type'] || ''
+      if (!ct.match(/multipart\/mixed/) && !ct.match(/application\/json/)) {
+        return next({
+          statusCode: 400,
+          code: '400',
+          message: 'Batch requests must have content type multipart/mixed or application/json'
+        })
+      }
       odataReq.setApplicationData({ req })
     }

package/libx/_runtime/cds-services/adapter/odata-v4/handlers/update.js CHANGED Viewed

@@ -11,8 +11,9 @@ const { validateResourcePath } = require('../utils/request')
 const { isReturnMinimal } = require('../utils/handlerUtils')
 const { foreignKeyPropagations } = require('../../../../common/utils/foreignKeyPropagations')
 const readAfterWrite = require('../utils/readAfterWrite')
-const { toODataResult, getVirtualsFromResult, postProcess } = require('../utils/result')
+const { toODataResult, postProcess } = require('../utils/result')
 const { hasOmitValuesPreference } = require('../utils/omitValues')
+const { mergeJson } = require('../../../services/utils/compareJson')
 const _isUpsertAllowed = target => {
   return !(cds.env.runtime && cds.env.runtime.allow_upsert === false) && !(target && target._isDraftEnabled)
@@ -21,7 +22,7 @@ const _isUpsertAllowed = target => {
 const _infoForeignKeyInParent = (req, odataReq, odataRes, tx) => {
   const info = {}
   // keys not in data
-  if (Object.keys(req.target.keys).some(key => Object.keys(req.data).includes(key))) {
+  if (req.target.keys && Object.keys(req.target.keys).some(key => Object.keys(req.data).includes(key))) {
     return info
   }
@@ -119,11 +120,7 @@ const _updateThenCreate = async (req, odataReq, odataRes, tx) => {
 const _readAfterWriteAndVirtuals = async (req, service, result) => {
   const dataInDb = await readAfterWrite(req, service)
-  // REVISIT: may be a problem on direct update of a property (which we don't support yet)
-  // augment data in db so values of virtual properties are kept
-  const virtuals = getVirtualsFromResult(req.target, result)
-  if (dataInDb.length) result = Object.assign(dataInDb[0] || result, virtuals)
+  if (dataInDb.length) result = mergeJson(dataInDb[0], result, req.target)
   return result
 }
@@ -137,14 +134,13 @@ const _shouldReadPreviousResult = req =>
  * In case of error it calls next with error.
  *
  * @param {import('../../../services/Service')} service
- * @param {object} options
  * @returns {function}
  */
-const update = (service, options) => {
+const update = service => {
   return async (odataReq, odataRes, next) => {
     let req
     try {
-      validateResourcePath(odataReq, options, service.model)
+      validateResourcePath(odataReq, service)
       req = new ODataRequest(DATA_UPDATE_HANDLER, service, odataReq, odataRes)
     } catch (e) {
       return next(e)

package/libx/_runtime/cds-services/adapter/odata-v4/odata-to-cqn/ExpressionToCQN.js CHANGED Viewed

@@ -16,8 +16,6 @@ const _binaryOperatorToCQN = new Map([
   [BinaryOperatorKind.LT, '<']
 ])
-const toStrMethods = ['year', 'month', 'day', 'second', 'hour', 'minute']
 class ExpressionToCQN {
   constructor(entity, model, columns = []) {
     this._model = model
@@ -196,55 +194,14 @@ class ExpressionToCQN {
   }
   /* eslint-enable complexity */
-  _fillAfterDot(val) {
-    let [beforeDot, afterDot = ''] = val.split('.')
-    while (afterDot.length < 3) {
-      afterDot = afterDot.concat(0)
-    }
-    return `${beforeDot}.${afterDot}`
-  }
-  _convertValToString(valueObj) {
-    return `${valueObj.val < 10 ? 0 : ''}${valueObj.val}`
-  }
-  _convertForIndexOf(left, right) {
-    if (left.func === 'indexof') right.val++
-    else if (right.func === 'indexof') left.val++
-  }
-  _convertDateFunctions(arg1, arg2) {
-    if (arg1.func && toStrMethods.includes(arg1.func) && arg1.args) {
-      arg2.val = this._convertValToString(arg2)
-      if (arg1.func === 'second') {
-        arg2.val = this._fillAfterDot(arg2.val)
-      }
-    }
-  }
-  _convertNumbersToStringForDateFunctions(left, right) {
-    this._convertDateFunctions(left, right)
-    this._convertDateFunctions(right, left)
-  }
   _ensureArr(something) {
     return Array.isArray(something) ? something : [something]
   }
   _compare(operator, left, right, unary) {
-    // special case:
-    // odata indexof function returns the zero-based character position of the first occurrence
-    // hana locate function counts position beginning with 1, not 0
-    this._convertForIndexOf(left, right)
-    // sqlite requires leading 0 for numbers, this works on hana as well so we generally add it
-    this._convertNumbersToStringForDateFunctions(left, right)
-    if (unary === 'not') {
-      return [unary, left, _binaryOperatorToCQN.get(operator), right]
-    }
-    return [left, _binaryOperatorToCQN.get(operator), right]
+    return unary === 'not'
+      ? [unary, '(', left, _binaryOperatorToCQN.get(operator), right, ')']
+      : [left, _binaryOperatorToCQN.get(operator), right]
   }
   _binary(expression, unary) {