@sap/cds 5.7.3 → 5.8.1

package/libx/_runtime/cds-services/adapter/odata-v4/okra/odata-commons/uri/UriHelper.js

@@ -22,12 +22,13 @@ class UriHelper {
       return uriLiteral.substring(1, uriLiteral.length - 1).replace(REGEXP_TWO_SINGLE_QUOTES, "'")
     }
 
-    if (
-      edmType === EdmPrimitiveTypeKind.Duration ||
-      edmType === EdmPrimitiveTypeKind.Binary ||
-      edmType.getKind() === EdmTypeKind.ENUM ||
-      edmType.getName().startsWith('Geo')
-    ) {
+    if (edmType === EdmPrimitiveTypeKind.Binary) {
+      // convert the URL-safe base64 encoding to the standard variant (with padding, if necessary)
+      let val = uriLiteral.substring(uriLiteral.indexOf("'") + 1, uriLiteral.length - 1).replace(/_/g, '/').replace(/-/g, '+')
+      return val.padEnd(val.length + val.length % 4, '=')
+    }
+
+    if (edmType === EdmPrimitiveTypeKind.Duration || edmType.getKind() === EdmTypeKind.ENUM || edmType.getName().startsWith('Geo')) {
       return uriLiteral.substring(uriLiteral.indexOf("'") + 1, uriLiteral.length - 1)
     }
 

package/libx/_runtime/cds-services/adapter/odata-v4/okra/odata-commons/uri/UriTokenizer.js

@@ -19,11 +19,8 @@ const GUID_VALUE_REGEXP = new RegExp(
   '^(?:' + HEX_DIGIT + '{8}-' + HEX_DIGIT + '{4}-' + HEX_DIGIT + '{4}-' + HEX_DIGIT + '{4}-' + HEX_DIGIT + '{12})'
 )
 
-const BASE64 = '[-_A-Za-z0-9]'
-const BASE64B16 = BASE64 + '{2}[AEIMQUYcgkosw048]=?'
-const BASE64B8 = BASE64 + '[AQgw](?:==)?'
-const BINARY = '(?:' + BASE64 + '{4})*(?:' + BASE64B16 + '|' + BASE64B8 + ')?'
-const BINARY_VALUE_REGEXP = new RegExp("^[Bb][Ii][Nn][Aa][Rr][Yy]'" + BINARY + "'")
+// regex for url-safe base64
+const BINARY_VALUE_REGEXP = /^[Bb][Ii][Nn][Aa][Rr][Yy]'(?:[A-Za-z0-9-_]{4})*(?:[A-Za-z0-9-_]{4}|[A-Za-z0-9-_]{3}=|[A-Za-z0-9-_]{2}={2}|[A-Za-z0-9-_]{2,3})'/
 
 const UNSIGNED_INTEGER_VALUE_REGEXP = new RegExp('^\\d+')
 const INTEGER_VALUE_REGEXP = new RegExp('^[-+]?\\d+')
@@ -684,8 +681,8 @@ class UriTokenizer {
    * @returns {boolean} whether the constant has been found at the current index
    * @private
    */
-  _nextConstant (constant) {
-    if (this._parseString.startsWith(constant, this._index)) {
+  _nextConstant (constant, caseInsensitive) {
+    if ((caseInsensitive ? this._parseString.toLowerCase() : this._parseString).startsWith(constant, this._index)) {
       this._index += constant.length
       return true
     }
@@ -784,7 +781,7 @@ class UriTokenizer {
    * @private
    */
   _nextMethod (methodName) {
-    return this._nextConstant(methodName) && this._nextCharacter('(')
+    return this._nextConstant(methodName, true) && this._nextCharacter('(')
   }
 
   /**

package/libx/_runtime/cds-services/adapter/odata-v4/okra/odata-commons/utils/PrimitiveValueDecoder.js

@@ -67,6 +67,16 @@ const MULTI_LINE_STRING_VALIDATION = new RegExp('^' + SRID + 'MultiLineString\\(
 const MULTI_POLYGON_VALIDATION = new RegExp('^' + SRID + 'MultiPolygon\\((' + MULTI_POLYGON + ')\\)$', 'i')
 const COLLECTION_VALIDATION = new RegExp('^' + SRID + 'Collection\\((' + MULTI_GEO_LITERAL + ')\\)$', 'i')
 
+const BASE64 = /^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{4}|[A-Za-z0-9+/]{3}=|[A-Za-z0-9+/]{2}={2})$/
+
+function _getBase64(val) {
+  // convert url-safe to standard base64 (with padding, if necessary)
+  val = val.replace(/_/g, '/').replace(/-/g, '+')
+  val = val.padEnd(val.length + val.length % 4, '=')
+  if (!val.match(BASE64)) return
+  return val
+}
+
 /**
  * The primitive-value decoder decodes primitive values, using OData V4 primitive types.
  * The following mapping of V2 and V4 primitive types is assumed:
@@ -148,7 +158,9 @@ class PrimitiveValueDecoder {
     const type = propertyOrReturnType.getType()
 
     if (type === EdmPrimitiveTypeKind.Binary) {
-      return this._decodeBinary(jsonValue, propertyOrReturnType.getMaxLength())
+      const val = _getBase64(jsonValue)
+      if (!val) throw new IllegalArgumentError('The value for Edm.Binary is not valid base64 content.')
+      return val
     }
 
     let value = jsonValue
@@ -284,12 +296,9 @@ class PrimitiveValueDecoder {
     }
 
     if (type === EdmPrimitiveTypeKind.Binary) {
-      const maxLength =
-        propertyOrReturnType.getMaxLength() ||
-        (propertyOrReturnType.getType().getKind() === EdmTypeKind.DEFINITION &&
-          propertyOrReturnType.getType().getMaxLength()) ||
-        null
-      return this._decodeBinary(value, maxLength)
+      const val = _getBase64(value)
+      if (!val) throw new IllegalArgumentError('The value for Edm.Binary is not valid base64 content.')
+      return val
     }
 
     if (type === EdmPrimitiveTypeKind.Int64 || type === EdmPrimitiveTypeKind.Decimal) {
@@ -362,14 +371,9 @@ class PrimitiveValueDecoder {
     if (type.getKind() === EdmTypeKind.DEFINITION) type = type.getUnderlyingType()
 
     if (type === EdmPrimitiveTypeKind.Binary) {
-      const valueBuffer = Buffer.from(valueString)
-      const maxLength =
-        propertyOrReturnType.getMaxLength() ||
-        (propertyOrReturnType.getType().getKind() === EdmTypeKind.DEFINITION &&
-          propertyOrReturnType.getType().getMaxLength()) ||
-        null
-      this._validator.validateBinary(valueBuffer, maxLength)
-      return valueBuffer
+      const val = _getBase64(valueString)
+      if (!val) throw new IllegalArgumentError('The value for Edm.Binary is not valid base64 content.')
+      return val
     }
 
     let decoded
@@ -661,38 +665,6 @@ class PrimitiveValueDecoder {
         )
     }
   }
-
-  /**
-   * Decode an OData JSON representation of a binary value into its JavaScript value.
-   * @param {string} value the JSON value
-   * @param {?(number|string)} maxLength the value of the Maxlength facet
-   * @returns {Buffer} the JavaScript value
-   * @private
-   */
-  _decodeBinary (value, maxLength) {
-    const valueBuffer = Buffer.from(value, 'base64')
-    // The method Buffer.from(...) does not throw an error on invalid input;
-    // it simply returns the result of the conversion of the content up to the first error.
-    // So we check if the length is correct, taking padding characters into account (see RFC 4648).
-    // Newline or other whitespace characters are not allowed according to the OData JSON format specification.
-    let length = (value.length * 3) / 4 // Four base64 characters result in three octets.
-    if (value.length % 4) {
-      // The length is not a multiple of four as it should be.
-      length =
-        3 * Math.floor(value.length / 4) +
-        // The remainder (due to missing padding characters) will result in one or two octets.
-        Math.ceil((value.length % 4) / 2)
-    } else {
-      // Padding characters reduce the amount of expected octets.
-      if (value.endsWith('==')) length--
-      if (value.endsWith('=')) length--
-    }
-    if (valueBuffer.length < length) {
-      throw new IllegalArgumentError('The value for Edm.Binary is not valid base64 content.')
-    }
-    this._validator.validateBinary(valueBuffer, maxLength)
-    return valueBuffer
-  }
 }
 
 module.exports = PrimitiveValueDecoder

package/libx/_runtime/cds-services/adapter/odata-v4/okra/odata-commons/utils/ValueConverter.js

@@ -186,19 +186,12 @@ class ValueConverter {
 
   /**
    * Converts value to the value of Edm.Binary type.
-   * @param {Buffer} value - value, which should be converted
-   * @param {number} [maxLength] - value of MaxLength facet
+   * @param {Buffer|string} value - value, which should be converted
    * @returns {string} Base64 string
    */
-  convertBinary (value, maxLength) {
-    this._valueValidator.validateBinary(value, maxLength)
-    return (
-      value
-        .toString('base64')
-        // Convert the standard base64 encoding to the URL-safe variant.
-        .replace(PLUS_REGEXP, '-')
-        .replace(SLASH_REGEXP, '_')
-    )
+  convertBinary (value) {
+    // convert the standard base64 encoding to the URL-safe variant
+    return (Buffer.isBuffer(value) ? value.toString('base64') : value).replace(/\+/g, '-').replace(/\//g, '_')
   }
 
   /**

package/libx/_runtime/cds-services/adapter/odata-v4/okra/odata-server/deserializer/ResourceJsonDeserializer.js

@@ -43,11 +43,13 @@ class ResourceJsonDeserializer {
    * @throws {DeserializationError} if provided data can not be deserialized
    */
   deserializeEntity (edmType, value, expand, additionalInformation) {
+    let data
     try {
-      let data = JSON.parse(value)
+      data = JSON.parse(value)
       this._deserializeStructuralType(edmType, data, null, false, expand, additionalInformation)
       return data
     } catch (e) {
+      e._data = data
       if (e instanceof DeserializationError) throw e
       throw new DeserializationError('An error occurred during deserialization of the entity.', e)
     }
@@ -82,6 +84,7 @@ class ResourceJsonDeserializer {
       }
       return tempData
     } catch (e) {
+      e._data = tempData
       if (e instanceof DeserializationError) throw e
       throw new DeserializationError('An error occurred during deserialization of the collection.', e)
     }
@@ -129,6 +132,7 @@ class ResourceJsonDeserializer {
     try {
       return this._deserializePrimitive(edmProperty, tempData)
     } catch (e) {
+      e._data = tempData
       if (e instanceof DeserializationError) throw e
       throw new DeserializationError('An error occurred during deserialization of the property.', e)
     }
@@ -155,6 +159,7 @@ class ResourceJsonDeserializer {
     try {
       return this._deserializePrimitive(edmProperty, tempData)
     } catch (e) {
+      e._data = tempData
       if (e instanceof DeserializationError) throw e
       throw new DeserializationError('An error occurred during deserialization of the property.', e)
     }
@@ -174,6 +179,7 @@ class ResourceJsonDeserializer {
     try {
       return this._deserializeReference(edmType, tempData)
     } catch (e) {
+      e._data = tempData
       if (e instanceof DeserializationError) throw e
       throw new DeserializationError('An error occurred during deserialization of the reference.', e)
     }

package/libx/_runtime/cds-services/adapter/odata-v4/okra/odata-server/invocation/CommandExecutor.js

@@ -82,9 +82,6 @@ class CommandExecutor {
           }
         }, this._error)
       } catch (innerError) {
-        if (innerError.__crashOnError) {
-          throw innerError
-        }
         if (this._runTimeMeasurement && description) this._runTimeMeasurement.getChild(description).stop()
         callback(innerError)
       }

package/libx/_runtime/cds-services/adapter/odata-v4/okra/odata-server/invocation/ConditionalRequestControlCommand.js

@@ -4,7 +4,6 @@ const commons = require('../../odata-commons')
 const StatusCodes = commons.http.HttpStatusCode.StatusCodes
 const RepresentationKinds = commons.format.RepresentationKind.Kinds
 const Command = require('./Command')
-const InternalServerError = require('../errors/InternalServerError')
 
 /**
  * The `next` callback to be called upon finish execution.

package/libx/_runtime/cds-services/adapter/odata-v4/okra/odata-server/serializer/ContextURLFactory.js

@@ -281,7 +281,7 @@ class ContextURLFactory {
       // If there is one '*' selected, the context URL contains only '*'.
       if (isAll) {
         value = ['*']
-      } else if (type && type.getKind() === EdmTypeKind.ENTITY && isKeyRequired) {
+      } else if (type && type.getKind() === EdmTypeKind.ENTITY && isKeyRequired && !cds.env.features.odata_new_parser) {
         for (const keyName of type.getKeyPropertyRefs().keys()) {
           if (!value.includes(keyName)) value.push(keyName)
         }
@@ -352,7 +352,7 @@ class ContextURLFactory {
         // Define a local function because navigation properties must be searched recursively.
         const getExpandPaths = structuredType => {
           let structureResult = []
-          for (const name of structuredType.getNavigationProperties().keys()) structureResult.push(name)
+          for (const name of structuredType.getNavigationProperties(true).keys()) structureResult.push(name)
           for (const [name, property] of structuredType.getProperties()) {
             if (property.getType().getKind() === EdmTypeKind.COMPLEX) {
               for (const innerPath of getExpandPaths(property.getType())) {

package/libx/_runtime/cds-services/adapter/odata-v4/okra/odata-server/serializer/ErrorJsonSerializer.js

@@ -34,6 +34,8 @@ class ErrorJsonSerializer extends ErrorSerializer {
       })
     }
 
+    if (this._error.innererror) result.innererror = this._error.innererror
+
     addAnnotations(this._error, result)
 
     return JSON.stringify({ error: result })

package/libx/_runtime/cds-services/adapter/odata-v4/okra/odata-server/serializer/TrustedResourceJsonSerializer.js

@@ -472,11 +472,8 @@ class TrustedResourceJsonSerializer {
         if (type === EdmPrimitiveTypeKind.Decimal || type === EdmPrimitiveTypeKind.Int64) {
           result = this._formatParams.getIEEE754Setting() ? String(propertyValue) : Number(propertyValue)
         } else if (type === EdmPrimitiveTypeKind.Binary) {
-          result = propertyValue
-            .toString('base64')
-            // Convert the standard base64 encoding to the URL-safe variant.
-            .replace(new RegExp('\\+', 'g'), '-')
-            .replace(new RegExp('/', 'g'), '_')
+          // convert the standard base64 encoding to the URL-safe variant
+          result = (Buffer.isBuffer(propertyValue) ? propertyValue.toString('base64') : propertyValue).replace(/\+/g, '-').replace(/\//g, '_')
         }
         break
       case EdmTypeKind.COMPLEX:

package/libx/_runtime/cds-services/adapter/odata-v4/okra/odata-server/validator/ConditionalRequestValidator.js

@@ -5,7 +5,6 @@ const HttpMethods = commons.http.HttpMethod.Methods
 const ResourceKinds = commons.uri.UriResource.ResourceKind
 const PreconditionFailedError = require('../errors/PreconditionFailedError')
 const PreconditionRequiredError = require('../errors/PreconditionRequiredError')
-const ConflictError = require('../errors/ConflictError')
 
 /**
  * Class to validate conditional requests.
@@ -23,11 +22,12 @@ class ConditionalRequestValidator {
   preValidate (ifMatch, ifNoneMatch, method, isConcurrentResource) {
     if (isConcurrentResource) {
       if (method !== HttpMethods.GET && !ifMatch && !ifNoneMatch) throw new PreconditionRequiredError()
-    } else if (ifMatch || ifNoneMatch) {
-      // PATCH and PUT can carry If-Match or If-None-Match headers to force update or insert (upsert feature).
-      // The only allowed value in these cases is '*'. Careless clients send this also for DELETE and POST,
-      // other careless clients send the star in doublequotes.
-      if ([HttpMethods.PATCH, HttpMethods.PUT, HttpMethods.DELETE, HttpMethods.POST].includes(method)) {
+      return
+    }
+
+    if (ifMatch || ifNoneMatch) {
+      // Careless clients send this also for DELETE and POST, other careless clients send the star in double-quotes.
+      if ([HttpMethods.POST].includes(method)) {
         if (
           (ifMatch && ifMatch.trim() !== '*' && ifMatch.trim() !== '"*"') ||
           (ifNoneMatch && ifNoneMatch.trim() !== '*' && ifNoneMatch.trim() !== '"*"')

package/libx/_runtime/cds-services/adapter/odata-v4/to.js

@@ -6,7 +6,7 @@ const Dispatcher = require('./Dispatcher')
 const { alias2ref } = require('../../../common/utils/csn')
 
 const to = service => {
-  const edm = cds.compile.to.edm(service.model, { service: service.definition.name })
+  const edm = service._edm || cds.compile.to.edm(service.model, { service: service.definition.name })
   alias2ref(service, edm)
 
   const odata = new OData(edm, service.model, service.options)

package/libx/_runtime/cds-services/adapter/odata-v4/utils/data.js

@@ -65,11 +65,25 @@ const _getParamData = parameters => {
 
   return paramData
 }
-
+const _flattenStructureKeys = structureData => {
+  const result = {}
+  for (const prop in structureData) {
+    if (typeof structureData[prop] === 'object') {
+      const nested = _flattenStructureKeys(structureData[prop])
+      for (const key in nested) {
+        result[prop + '_' + key] = nested[key]
+      }
+    } else {
+      result[prop] = structureData[prop]
+    }
+  }
+  return result
+}
 // works only for custom on condition working on keys with '=' operator
 // and combination of multiple conditions connected with 'and'
 const _addKeysToData = (navSourceKeyValues, onCondition, data) => {
-  for (const key in navSourceKeyValues) {
+  const flattenKeys = _flattenStructureKeys(navSourceKeyValues)
+  for (const key in flattenKeys) {
     // find index of source column
     const sourceIndex = onCondition.findIndex(e => e.ref && e.ref[0] === 'source' && e.ref[1] === key)
     if (sourceIndex === -1) {
@@ -82,7 +96,7 @@ const _addKeysToData = (navSourceKeyValues, onCondition, data) => {
       const {
         ref: [, target]
       } = onCondition[sourceIndex + 1] === '=' ? onCondition[sourceIndex + 2] : onCondition[sourceIndex - 2]
-      data[target] = navSourceKeyValues[key]
+      data[target] = flattenKeys[key]
     }
   }
 }
@@ -151,8 +165,7 @@ const _getCopiedData = (odataReq, streaming, lastSegment) => {
     return data
   }
 
-  data = Array.isArray(data) ? deepCopyArray(data) : deepCopyObject(data)
-  return data
+  return Array.isArray(data) ? deepCopyArray(data) : deepCopyObject(data)
 }
 
 /**

package/libx/_runtime/cds-services/adapter/odata-v4/utils/handlerUtils.js

@@ -4,6 +4,8 @@ const { isCustomOperation } = require('./request')
 const expandToCQN = require('../odata-to-cqn/expandToCQN')
 const QueryOptions = require('../okra/odata-server').QueryOptions
 const { COMPLEX_PROPERTY, PRIMITIVE_PROPERTY } = require('../okra/odata-server').uri.UriResource.ResourceKind
+const { mergeJson } = require('../../../services/utils/compareJson')
+const { getColumns } = require('../../../services/utils/columns')
 
 const _selectForFunction = (selectColumns, result, opReturnType) => {
   if (!Array.isArray(result)) result = [result]
@@ -33,31 +35,51 @@ const _expand = (model, uriInfo, options) => {
   return expandToCQN(model, expand, uriInfo.getFinalEdmType(), options)
 }
 
+const _compareKeys = (first, second) => key => {
+  const val1 = first[key]
+  const val2 = second[key]
+  if (Array.isArray(val1) || Buffer.isBuffer(val1)) return val1.every((_, i) => _compareKeys(val1, val2)(i))
+  if (val1 && typeof val1 === 'object') return Object.keys(val1).every(_compareKeys(val1, val2))
+  return val1 === val2
+}
+
 const _expandForFunction = async (uriInfo, result, req, srv, opReturnType) => {
   const results = Array.isArray(result) ? result : [result]
-
-  const opReturnTypeName = typeof opReturnType === 'string' ? opReturnType : opReturnType.name
-  const isDraft = srv.model.definitions[opReturnTypeName] && srv.model.definitions[opReturnTypeName]._isDraftEnabled
-
+  const isDraft = opReturnType._isDraftEnabled
   const isDraftActivate = isDraftActivateAction(req)
 
   // REVISIT: what happens here exactly?
+  const selectQuery = SELECT.from(
+    isDraft && !isDraftActivate ? ensureDraftsSuffix(opReturnType.name) : opReturnType.name
+  )
+  const keys = getColumns(opReturnType, {
+    onlyNames: true,
+    removeIgnore: true,
+    filterDraft: !isDraft || isDraftActivate,
+    filterVirtual: true,
+    keysOnly: true
+  })
+  const expandCqn = _expand(srv.model, uriInfo, { rewriteAsterisks: true })
+  selectQuery.columns(expandCqn)
+  selectQuery.columns(keys)
   for (const row of results) {
-    const selectQuery = SELECT.from(isDraft && !isDraftActivate ? ensureDraftsSuffix(opReturnType.name) : opReturnType)
-
-    for (const key in opReturnType.keys) {
-      if ((!isDraft || isDraftActivate) && key === 'IsActiveEntity') {
-        continue
-      }
-      selectQuery.where(key, '=', row[key])
+    const where = ['(']
+    for (const key of keys) {
+      where.push({ ref: [key] }, '=', { val: row[key] }, 'and')
     }
+    where.pop() // last 'and'
+    where.push(')')
+    if (!selectQuery.SELECT.where) selectQuery.where(where)
+    else selectQuery.or(where)
+  }
+  const expandedResults = await cds.tx(req).run(selectQuery)
 
-    const expandCqn = _expand(srv.model, uriInfo, { rewriteAsterisks: true })
-    selectQuery.columns(expandCqn)
-
-    const res = await cds.tx(req).run(selectQuery)
-    if (res) Object.assign(row, res[0])
+  for (let i = 0; i < results.length; i++) {
+    const result = results[i]
+    const res = expandedResults.find(r => keys.every(_compareKeys(result, r)))
+    if (res) results[i] = mergeJson(res, result, opReturnType)
   }
+  return Array.isArray(result) ? results : results[0]
 }
 
 const _cleanupResult = (result, opReturnType) => {
@@ -89,14 +111,16 @@ const getActionOrFunctionReturnType = (pathSegments, definitions) => {
 const actionAndFunctionQueries = async (req, odataReq, result, srv, opReturnType) => {
   _cleanupResult(result, opReturnType)
 
+  // REVISIT consider $expand columns as inline content for $select
   if (odataReq.getQueryOptions().$select) {
     _selectForFunction(odataReq.getQueryOptions().$select.split(','), result, opReturnType)
   }
 
   // REVISIT: we need to read directly from db for this, which might not be there!
   if (odataReq.getQueryOptions().$expand && cds.db) {
-    await _expandForFunction(odataReq.getUriInfo(), result, req, srv, opReturnType)
+    result = await _expandForFunction(odataReq.getUriInfo(), result, req, srv, opReturnType)
   }
+  return result
 }
 
 const resolveStructuredName = (pathSegments, index, nameArr = []) => {

package/libx/_runtime/cds-services/adapter/odata-v4/utils/request.js

@@ -1,5 +1,4 @@
 const {
-  QueryOptions,
   uri: {
     UriResource: {
       ResourceKind: { ENTITY, ENTITY_COLLECTION }
@@ -60,22 +59,7 @@ const validateResourcePath = (odataReq, service) => {
   }
 }
 
-/**
- * Used for pagination, where the start of the collection is defined via skip token.
- *
- * @param {object} uriInfo
- * @returns {number}
- * @private
- */
-const skipToken = uriInfo => {
-  const token = uriInfo.getQueryOption(QueryOptions.SKIPTOKEN)
-
-  // If given, the token is a string but needed as numeric value.
-  return token ? parseInt(token) : 0
-}
-
 module.exports = {
   isCustomOperation,
-  validateResourcePath,
-  skipToken
+  validateResourcePath
 }