@sap/cds 5.6.2 → 5.7.2

package/lib/serve/Transaction.js

@@ -1,39 +1,38 @@
-const cds = require('../index'), { Context } = cds.Request, { cds_tx_protection } = cds.env.features
-const _context = Symbol()
+const cds = require('../index'), { EventContext } = cds, { cds_tx_protection } = cds.env.features
 
 /**
  * This is the implementation of the `srv.tx(req)` method. It constructs
  * a new Transaction as a derivate of the `srv` (i.e. {__proto__:srv})
  * @returns { Transaction & import('./Service-api') }
+ * @param { EventContext } ctx
  */
-module.exports = function tx (req,fn) { const srv = this
-  if (srv.context) return srv
-  if (!req) {
-    // called as srv.tx() -> new root transaction
-    return RootTransaction.for (srv, Context.new())
-  }
-  if (typeof req === 'function') [ req, fn ] = [ Context.new(), req ]
+module.exports = function tx (ctx,fn) { const srv = this
+
+  if (srv.context) return srv // srv.tx().tx() -> idempotent
+
+  // Last arg may be a function -> srv.tx (tx => { ... })
+  if (typeof ctx === 'function') [ ctx, fn ] = [ undefined, ctx ]
   if (typeof fn === 'function') {
-    // auto-committed transaction, i.e. cds.tx (tx => {...})
-    const tx = srv.tx(req)
+    const tx = srv.tx(ctx)
     return Promise.resolve(tx).then(fn) .then (tx.commit,tx.rollback)
   }
-  if (req instanceof Context) {
-    // called for a nested req -> nested tx
-    if (req.context !== req) return NestedTransaction.for (srv, req.context)
-    // called for a req with a root tx -> nested tx
-    if (req._tx) return NestedTransaction.for (srv, req)
-    // called for a top-level req -> root tx
-    else return RootTransaction.for (srv, req)
+
+  // This is for compatibility with cds.tx(req)
+  if (ctx instanceof EventContext) {
+    if (ctx.context !== ctx) return NestedTransaction.for (srv, ctx.context)
+    if (ctx._tx) return NestedTransaction.for (srv, ctx)
+    else return RootTransaction.for (srv, ctx)
   }
-  if (req[_context]) {
-    // called again for an arbitrary context object -> see below
-    return NestedTransaction.for (srv, req[_context])
-  } else {
-    // called first time for an arbitrary context object
-    const root = Context.new(req); Object.defineProperty (req, _context, {value:root})
-    return RootTransaction.for (srv, root)
+
+  // `ctx` is a plain context object or undefined
+  if (ctx) { // REVISIT: This is for compatibility with AFC only
+    if (ctx._txed_before) return NestedTransaction.for (srv, ctx._txed_before)
+    else {
+      Object.defineProperty(ctx, '_txed_before', { value: EventContext.for(ctx) }) // > must be non-enumerable
+      return RootTransaction.for (srv, ctx._txed_before)
+    }
   }
+  return RootTransaction.for (srv, EventContext.for(ctx))
 }
 
 
@@ -59,8 +58,8 @@ class Transaction {
   }
 
   /**
-   * In addition to srv.commit, resets the transaction to initial state,
-   * in order to re-start on subsequently dispatched events.
+   * In addition to srv.commit, sets the transaction to committed state,
+   * in order to prevent continuous use without explicit reopen (i.e., begin).
    */
   async commit (res) {
     if (this.ready) { //> nothing to do if no transaction started at all
@@ -71,10 +70,13 @@ class Transaction {
   }
 
   /**
-   * In addition to srv.rollback, resets the transaction to initial state,
-   * in order to re-start on subsequently dispatched events.
+   * In addition to srv.rollback, sets the transaction to rolled back state,
+   * in order to prevent continuous use without explicit reopen (i.e., begin).
    */
   async rollback (err) {
+    // nothing to do if transaction already rolled back or committed (committed occurs if error thrown in on succeeded handler)
+    if (this.ready === 'rolled back' || this.ready === 'committed') return
+
     /*
      * srv.on('error', function (err, req) { ... })
      * synchroneous modification of passed error only
@@ -103,7 +105,7 @@ class RootTransaction extends Transaction {
 
   /**
    * In addition to srv.commit, ensures all nested transactions
-   * are informed by emitting 'succeesed' event to them all.
+   * are informed by emitting 'succeeded' event to them all.
    */
   async commit (res) {
     if (cds_tx_protection) this.context._done = 'committed'
@@ -122,6 +124,9 @@ class RootTransaction extends Transaction {
    * are informed by emitting 'failed' event to them all.
    */
   async rollback (err) {
+    // nothing to do if transaction already rolled back (we need to check here as well to not emit failed twice)
+    if (this.ready === 'rolled back') return
+
     if (cds_tx_protection) this.context._done = 'rolled back'
     try {
       await this.context.emit ('failed',err)

package/lib/serve/adapters.js

@@ -32,10 +32,7 @@ class ProtocolAdapter {
   */
   in (app) {
     const srv = this.service
-    if (!app._perf_measured) {
-      lib.performanceMeasurement (app)
-      app._perf_measured = true
-    }
+    lib.perf (app)
     lib.auth (srv, app, srv.options)
     app.use (srv.path+'/webapp/', (_,res)=> res.sendStatus(404))
     app.use (srv.path, this)

package/lib/utils/axios.js

@@ -45,7 +45,7 @@ const _error = (e) => {
   }
   if (!e.response)  throw e
   if (!e.response.data)  throw e
-  if (!e.response.data.error)  throw new Error(e.message + '\n\n' + e.response.data)
+  if (!e.response.data.error)  throw new Error(e.message + '\n\n' + JSON.stringify(e.response.data, null, 2))
   const { code, message } = e.response.data.error
   throw new Error (code && code !== 'null' ? `${code} - ${message}` : message)
 }

package/libx/_runtime/audit/Service.js

@@ -1,5 +1,5 @@
 const cds = require('../cds')
-const LOG = cds.log('audit-log')
+const OutboxService = require('../messaging/Outbox')
 
 const v2utils = require('./utils/v2')
 
@@ -10,10 +10,17 @@ const _getTenantAndUser = () => ({
   tenant: (cds.context && cds.context.tenant) || ANONYMOUS
 })
 
-module.exports = class AuditLogService extends cds.MessagingService {
+module.exports = class AuditLogService extends OutboxService {
   async init() {
-    // call MessagingService's init, which handles outboxing
+    // call OutboxService's init, which handles outboxing
     await super.init()
+
+    // register handlers
+    this.on('dataAccessLog', this.dataAccessLog)
+    this.on('dataModificationLog', this.dataModificationLog)
+    this.on('securityLog', this.securityLog)
+    this.on('configChangeLog', this.configChangeLog)
+
     // connect to audit log service
     // REVISIT for GA: throw error on connect issue instead of warn and this.ready?
     this.alc = await v2utils.connect(this.options.credentials)
@@ -25,20 +32,25 @@ module.exports = class AuditLogService extends cds.MessagingService {
     if (!this.options.outbox) return this.send(event, data)
 
     if (this.ready && this[event]) {
-      // best effort until persistent outbox -> only log the failures
       try {
-        await this[event](data)
+        // this will open a new tx -> preserve user
+        await super.send(new cds.Request({ method: event, data, user: cds.context.user }))
       } catch (e) {
-        LOG._warn && LOG.warn(e)
+        if (e.code === 'ERR_ASSERTION') {
+          e.unrecoverable = true
+        }
+        throw e
       }
     }
   }
 
   async send(event, data) {
-    if (this.ready && this[event]) return this[event](data)
+    if (this.ready && this[event]) return super.send(event, data)
   }
 
-  async dataAccessLog({ accesses }) {
+  async dataAccessLog(arg) {
+    const accesses = arg.accesses || arg.data.accesses
+
     if (!this.ready) throw new Error('AuditLogService not connected')
 
     const { tenant, user } = _getTenantAndUser()
@@ -61,7 +73,9 @@ module.exports = class AuditLogService extends cds.MessagingService {
   }
 
   // REVISIT: modification.action not used in auditlog v2
-  async dataModificationLog({ modifications }) {
+  async dataModificationLog(arg) {
+    const modifications = arg.modifications || arg.data.modifications
+
     if (!this.ready) throw new Error('AuditLogService not connected')
 
     const { tenant, user } = _getTenantAndUser()
@@ -83,16 +97,19 @@ module.exports = class AuditLogService extends cds.MessagingService {
     }
   }
 
-  async securityLog({ action, data }) {
+  async securityLog(arg) {
+    let { action, data } = arg
+    if (arg.data && arg.data.action) {
+      action = arg.data.action
+      data = arg.data.data
+    }
+
     if (!this.ready) throw new Error('AuditLogService not connected')
 
-    // cds.context not always set on auth-related errors -> try to extract from data
-    let user, tenant
-    if (cds.context) {
-      const tenantAndUser = _getTenantAndUser()
-      tenant = tenantAndUser.tenant
-      user = tenantAndUser.user
-    } else {
+    let { tenant, user } = _getTenantAndUser()
+
+    // cds.context may not be proper on auth-related errors -> try to extract from data
+    if (tenant === ANONYMOUS && user === ANONYMOUS) {
       try {
         const parsed = JSON.parse(data)
         if (parsed.tenant) {
@@ -106,8 +123,6 @@ module.exports = class AuditLogService extends cds.MessagingService {
         data = JSON.stringify(parsed)
       } catch (e) {}
     }
-    if (!tenant) tenant = ANONYMOUS
-    if (!user) user = ANONYMOUS
 
     // build the log
     const entry = v2utils.buildSecurityLog(this.alc, action, data, tenant, user)
@@ -117,7 +132,16 @@ module.exports = class AuditLogService extends cds.MessagingService {
   }
 
   // REVISIT: action and success not used in auditlog v2
-  async configChangeLog({ action, success, configurations }) {
+  async configChangeLog(arg) {
+    let { action, success, configurations } = arg
+    if (arg.data) {
+      // eslint-disable-next-line no-unused-vars
+      action = arg.data.action
+      // eslint-disable-next-line no-unused-vars
+      success = arg.data.success
+      configurations = arg.data.configurations
+    }
+
     if (!this.ready) throw new Error('AuditLogService not connected')
 
     const { tenant, user } = _getTenantAndUser()

package/libx/_runtime/audit/generic/personal/access.js

@@ -17,6 +17,8 @@ let als
 
 const _processorFnAccess = (accessLogs, model, req) => {
   return ({ row, key, element, plain }) => {
+    if (row.IsActiveEntity === false) return
+
     const entity = getRootEntity(element)
 
     // create or augment log entry
@@ -28,7 +30,7 @@ const _processorFnAccess = (accessLogs, model, req) => {
         addObjectID(accessLog, row, key)
       } else if (category === 'DataSubjectID') {
         addDataSubject(accessLog, row, key, entity)
-      } else if (category === 'IsPotentiallySensitive') {
+      } else if (category === 'IsPotentiallySensitive' && key in row) {
         // add attribute
         if (!accessLog.attributes.find(ele => ele.name === key)) accessLog.attributes.push({ name: key })
         // REVISIT: attribute vs. attachment?
@@ -37,10 +39,11 @@ const _processorFnAccess = (accessLogs, model, req) => {
 
     // add promise to determine data subject if a DataSubjectDetails entity
     if (
-      element.parent['@PersonalData.EntitySemantics'] === 'DataSubjectDetails' &&
+      (entity['@PersonalData.EntitySemantics'] === 'DataSubjectDetails' ||
+        entity['@PersonalData.EntitySemantics'] === 'Other') &&
       accessLog.dataSubject.id.length === 0 // > id still an array -> promise not yet set
     ) {
-      addDataSubjectForDetailsEntity(row, accessLog, req, entity, model, element)
+      addDataSubjectForDetailsEntity(row, accessLog, req, entity, model)
     }
   }
 }
@@ -55,11 +58,13 @@ const _getDataAccessLogs = (data, req, tx) => {
 
   const accessLogs = {}
 
-  const processFn = _processorFnAccess(accessLogs, tx.model, req)
-  const data_ = Array.isArray(data) ? data : [data]
-  data_.forEach(row => {
-    templateProcessor({ processFn, row, template })
-  })
+  if (typeof data === 'object' && data !== null) {
+    const processFn = _processorFnAccess(accessLogs, tx.model, req)
+    const data_ = Array.isArray(data) ? data : [data]
+    data_.forEach(row => {
+      templateProcessor({ processFn, row, template })
+    })
+  }
 
   return accessLogs
 }
@@ -69,9 +74,9 @@ const auditAccessHandler = async function (data, req) {
   if (!als.ready) return
 
   const accessLogs = _getDataAccessLogs(data, req, this)
-  const accesses = Object.keys(accessLogs).map(k => accessLogs[k])
-
-  await resolveDataSubjectPromises(accesses)
+  // REVISIT: a function called resolveDataSubjectPromises should not also convert an object to an array
+  let accesses = await resolveDataSubjectPromises(accessLogs)
+  accesses = accesses.filter(ele => ele.attributes.length)
 
   if (accesses.length) await als.emit('dataAccessLog', { accesses })
 }

package/libx/_runtime/audit/generic/personal/modification.js

@@ -73,10 +73,11 @@ const _processorFnModification = (modificationLogs, model, req, beforeWrite) =>
 
   // add promise to determine data subject if a DataSubjectDetails entity
   if (
-    element.parent['@PersonalData.EntitySemantics'] === 'DataSubjectDetails' &&
+    (entity['@PersonalData.EntitySemantics'] === 'DataSubjectDetails' ||
+      entity['@PersonalData.EntitySemantics'] === 'Other') &&
     modificationLog.dataSubject.id.length === 0 // > id still an array -> promise not yet set
   ) {
-    addDataSubjectForDetailsEntity(row, modificationLog, req, entity, model, element)
+    addDataSubjectForDetailsEntity(row, modificationLog, req, entity, model)
   }
 }
 
@@ -107,7 +108,7 @@ const _calcModificationLogsHandler = async function (req, beforeWrite, that) {
 
   // execute the data subject promises before going along to on phase
   // guarantees that the reads are executed before the data is modified
-  await Promise.all(Object.keys(modificationLogs).map(k => modificationLogs[k].dataSubject.id))
+  await resolveDataSubjectPromises(modificationLogs)
 }
 
 const calcModificationLogsHandler4Before = function (req) {
@@ -125,9 +126,8 @@ const emitModificationHandler = async function (_, req) {
   const modificationLogs = req.context._audit.modificationLogs.get(req.query)
   const modifications = Object.keys(modificationLogs)
     .map(k => modificationLogs[k])
-    .filter(ele => ele.attributes.length)
+    .filter(log => log.attributes.length)
 
-  await resolveDataSubjectPromises(modifications)
   await als.emit('dataModificationLog', { modifications })
 }
 

package/libx/_runtime/audit/generic/personal/utils.js

@@ -7,7 +7,7 @@ const ASPECTS = { CREATE: '_auditCreate', READ: '_auditRead', UPDATE: '_auditUpd
 
 const getMapKeyForCurrentRequest = req => {
   // running in srv or db layer? -> srv's req.query used as key of diff and logs maps at req.context
-  return req._tx.constructor.name.match(/Database$/i) ? req._.query : req.query
+  return req._tx instanceof cds.DatabaseService ? req._.query : req.query
 }
 
 const getRootEntity = element => {
@@ -22,11 +22,9 @@ const getPick = event => {
     const categories = []
     if (!element.isAssociation && element.key) categories.push('ObjectID')
     if (
+      !element.isAssociation &&
       element['@PersonalData.FieldSemantics'] === 'DataSubjectID' &&
-      // item element of arrayed element has no parent, but
-      // at the moment annotation on item level is not supported
-      element.parent &&
-      element.parent['@PersonalData.EntitySemantics'] === 'DataSubject'
+      target['@PersonalData.EntitySemantics'] === 'DataSubject'
     )
       categories.push('DataSubjectID')
     if (event in WRITE && element['@PersonalData.IsPotentiallyPersonal']) categories.push('IsPotentiallyPersonal')
@@ -57,7 +55,7 @@ const createLogEntry = (logs, entity, row) => {
 }
 
 const addObjectID = (log, row, key) => {
-  if (!log.dataObject.id.find(ele => ele.keyName === key))
+  if (!log.dataObject.id.find(ele => ele.keyName === key) && key !== 'IsActiveEntity')
     log.dataObject.id.push({ keyName: key, value: String(row[key]) })
 }
 
@@ -69,36 +67,42 @@ const addDataSubject = (log, row, key, entity) => {
   }
 }
 
-const _addKeysToWhere = (child, row) => {
-  const keysWithValue = []
-  Object.keys(child.keys).forEach(el => {
-    if (keysWithValue.length > 0) keysWithValue.push('and')
-    keysWithValue.push({ ref: [child.name, el] }, '=', {
-      val: row[el]
-    })
-  })
-  return keysWithValue
-}
-
-const _buildSubSelect = (model, child, { element, up }, row, previousCqn) => {
-  const entity = element.parent
-  const childCqn = SELECT.from(child.name)
-    .columns(Object.keys(child.keys))
-    .where(entity._relations[element.name].join(child.name, entity.name))
+const _addKeysToWhere = (entity, row) =>
+  Object.values(entity.keys)
+    .filter(key => !key.isAssociation && key.name !== 'IsActiveEntity')
+    .reduce((keys, key) => {
+      if (keys.length) keys.push('and')
+      keys.push({ ref: [entity.name, key.name] }, '=', { val: row[key.name] })
+      return keys
+    }, [])
+
+const _keyColumns = entity =>
+  Object.values(entity.keys)
+    .filter(key => !key.isAssociation && key.name !== 'IsActiveEntity')
+    .map(key => key.name)
+
+const _buildSubSelect = (model, { entity, relative, element, next }, row, previousCqn) => {
+  // relative is a parent or an entity itself
+  const childCqn = SELECT.from(entity.name)
+    .columns(_keyColumns(entity))
+    .where(relative._relations[element.name].join(element._target.name, relative.name))
   if (previousCqn) {
     childCqn.where('exists', previousCqn)
   } else {
-    childCqn.where(_addKeysToWhere(child, row))
+    childCqn.where(_addKeysToWhere(entity, row))
   }
-  if (up) return _buildSubSelect(model, entity, up, {}, childCqn)
+  if (next) return _buildSubSelect(model, next, {}, childCqn)
   return childCqn
 }
 
-const _getDataSubjectIdPromise = (child, dataSubjectInfo, row, req, model) => {
-  const root = dataSubjectInfo.entity
-  const cqn = SELECT.from(root.name)
-    .columns(Object.keys(root.keys))
-    .where(['exists', _buildSubSelect(model, child, dataSubjectInfo.up, row)])
+const _getDataSubjectIdPromise = ({ dataSubjectEntity, subs }, row, req, model) => {
+  const cqn = SELECT.from(dataSubjectEntity.name)
+    .columns(_keyColumns(dataSubjectEntity))
+    .where(['exists', _buildSubSelect(model, subs[0], row)])
+  // entity reused in different branches => must check all
+  for (let i = 1; i < subs.length; i++) {
+    cqn.or(['exists', _buildSubSelect(model, subs[i], row)])
+  }
   return cds
     .tx(req)
     .run(cqn)
@@ -109,12 +113,12 @@ const _getDataSubjectIdPromise = (child, dataSubjectInfo, row, req, model) => {
     })
 }
 
-const addDataSubjectForDetailsEntity = (row, log, req, entity, model, element) => {
+const addDataSubjectForDetailsEntity = (row, log, req, entity, model) => {
   const role = entity['@PersonalData.DataSubjectRole']
 
-  const dataSubjectInfo = getDataSubject(entity, model, role, element)
+  const dataSubjectInfo = getDataSubject(entity, model, role)
 
-  log.dataSubject.type = dataSubjectInfo.entity.name
+  log.dataSubject.type = dataSubjectInfo.dataSubjectEntity.name
 
   /*
    * for each req (cf. $batch with atomicity) and data subject role (e.g., customer vs supplier),
@@ -125,13 +129,18 @@ const addDataSubjectForDetailsEntity = (row, log, req, entity, model, element) =
   if (!req.context._audit.dataSubjects.has(mapKey)) req.context._audit.dataSubjects.set(mapKey, new Map())
   const map = req.context._audit.dataSubjects.get(mapKey)
   if (map.has(role)) log.dataSubject.id = map.get(role)
-  else map.set(role, _getDataSubjectIdPromise(entity, dataSubjectInfo, row, req, model))
+  // REVISIT by downward lookups row might already contain ID - some potential to optimize
+  else map.set(role, _getDataSubjectIdPromise(dataSubjectInfo, row, req, model))
 }
 
-const resolveDataSubjectPromises = async logs => {
-  const dataSubjPromise = logs.filter(el => el.dataSubject.id instanceof Promise)
-  const res = await Promise.all(dataSubjPromise.map(el => el.dataSubject.id))
-  dataSubjPromise.forEach((el, i) => (el.dataSubject.id = res[i]))
+const resolveDataSubjectPromises = log => {
+  const logs = Object.values(log)
+  return Promise.all(logs.map(log => log.dataSubject.id)).then(IDs =>
+    logs.map((log, i) => {
+      log.dataSubject.id = IDs[i]
+      return log
+    })
+  )
 }
 
 module.exports = {

package/libx/_runtime/{common/auth → auth}/index.js

@@ -1,8 +1,8 @@
-const cds = require('../../cds')
+const cds = require('../cds')
 const LOG = cds.log('app')
 
-const _require = require('../utils/require')
-const { UNAUTHORIZED } = require('../utils/auth')
+const _require = require('../common/utils/require')
+const { UNAUTHORIZED } = require('../common/utils/auth')
 
 let passport
 
@@ -105,7 +105,24 @@ module.exports = (srv, app, options) => {
   if (config.impl) {
     // > custom middleware
     app.use(srv.path, _require(cds.resolve(config.impl)))
+    return
+  }
+
+  config.strategy = Array.isArray(config.strategy) ? config.strategy : [config.strategy]
 
+  if (config.strategy.length === 1 && config.strategy[0] in { dummy: 1, mock: 1 }) {
+    // > without passport
+    const impl =
+      config.strategy[0] === 'dummy'
+        ? new (require('./strategies/dummy'))()
+        : new (require('./strategies/mock'))(config.users, `mock_${srv.name}`)
+    app.use(srv.path, (req, res, next) => {
+      let user, challenge
+      impl.success = arg => (user = arg)
+      impl.fail = arg => (challenge = arg)
+      impl.authenticate(req)
+      _callback(req, res, next, undefined, user, [challenge])
+    })
     return
   }
 
@@ -113,10 +130,7 @@ module.exports = (srv, app, options) => {
   passport = passport || _require('passport')
 
   // initialize strategies
-  config.strategy = Array.isArray(config.strategy) ? config.strategy : [config.strategy]
-  for (const strategy of config.strategy) {
-    _initializeStrategy(strategy, config, srv)
-  }
+  for (const strategy of config.strategy) _initializeStrategy(strategy, config, srv)
 
   // authenticate
   app.use(srv.path, passport.initialize())

package/libx/_runtime/{common/auth → auth}/strategies/JWT.js

@@ -1,6 +1,6 @@
-const cds = require('../../../cds')
+const cds = require('../../cds')
 
-const _require = require('../../utils/require')
+const _require = require('../../common/utils/require')
 const uaaUtils = require('./utils/uaa')
 const xssecUtils = require('./utils/xssec')
 

package/libx/_runtime/{common/auth → auth}/strategies/basic.js

@@ -1,6 +1,6 @@
-const cds = require('../../../cds')
+const cds = require('../../cds')
 
-const _require = require('../../utils/require')
+const _require = require('../../common/utils/require')
 
 // use _require for a better error message
 const { BasicStrategy: BS } = _require('passport-http')

package/libx/_runtime/{common/auth → auth}/strategies/dummy.js

@@ -1,4 +1,4 @@
-const cds = require('../../../cds')
+const cds = require('../../cds')
 
 class DummyStrategy {
   constructor() {

package/libx/_runtime/{common/auth → auth}/strategies/mock.js

@@ -1,4 +1,4 @@
-const cds = require('../../../cds')
+const cds = require('../../cds')
 
 const CHALLENGE = 'Basic realm="Users"'
 
@@ -56,7 +56,7 @@ class MockStrategy {
 
     const [scheme, base64] = authorization.split(' ')
     if (!scheme || scheme.toLowerCase() !== 'basic') return this.fail(CHALLENGE)
-    if (!base64) return this.fail(400)
+    if (!base64) return this.fail(CHALLENGE)
 
     const [id, password] = Buffer.from(base64, 'base64').toString().split(':')
 

package/libx/_runtime/{common/auth → auth}/strategies/utils/uaa.js

@@ -1,4 +1,4 @@
-const cds = require('../../../../cds')
+const cds = require('../../../cds')
 
 const getCredentials = uaa => {
   uaa =

package/libx/_runtime/{common/auth → auth}/strategies/xsuaa.js

@@ -1,6 +1,6 @@
-const cds = require('../../../cds')
+const cds = require('../../cds')
 
-const _require = require('../../utils/require')
+const _require = require('../../common/utils/require')
 const uaaUtils = require('./utils/uaa')
 const xssecUtils = require('./utils/xssec')
 

package/libx/_runtime/cds-services/adapter/odata-v4/Dispatcher.js

@@ -5,6 +5,8 @@ const OData = require('./OData')
 
 const { alias2ref } = require('../../../common/utils/csn')
 
+const { normalizeError } = require('../../../common/error/frontend')
+
 function _createNewService(name, csn, defaultOptions) {
   const reflectedModel = cds.linked(cds.compile.for.odata(csn))
   const options = Object.assign({}, defaultOptions, { reflectedModel })
@@ -117,8 +119,11 @@ class Dispatcher {
           e.message = 'Unable to get service from service map due to error: ' + e.message
           LOG.error(e)
         }
-        // REVISIT: use i18n
-        return res.status(500).send({ error: { code: 'null', message: 'Internal Server Error' } })
+        // clear map entry
+        this._extMap.delete(hash)
+        // return 503 to client
+        const { error } = normalizeError(Object.assign(e, { statusCode: 503 }), req)
+        return res.status(503).send({ error })
       }
 
       // invoke extended service, if exists

package/libx/_runtime/cds-services/adapter/odata-v4/OData.js

@@ -229,13 +229,6 @@ class OData {
     this._odataService.use(ACTION_EXECUTE_HANDLER, _action(cdsService))
   }
 
-  // _startPerfMeasurementOData (req) {
-  //   if (req.performanceMeasurement) {
-  //     const uuid = req.performanceMeasurement.uuid
-  //     req.performanceMeasurement.performance.mark(`${uuid} ODataIn Start`)
-  //   }
-  // }
-
   /**
    * Process request.
    *