@sap/cds 5.7.5 → 5.8.0

package/libx/_runtime/cds-services/adapter/odata-v4/handlers/create.js

@@ -5,13 +5,15 @@ const {
   Components: { DATA_CREATE_HANDLER }
 } = require('../okra/odata-server')
 
-const { getSapMessages } = require('../../../../common/error/frontend')
 const { validateResourcePath } = require('../utils/request')
 const { isReturnMinimal } = require('../utils/handlerUtils')
 const readAfterWrite = require('../utils/readAfterWrite')
 const { toODataResult, postProcess, postProcessMinimal } = require('../utils/result')
+
 const { mergeJson } = require('../../../services/utils/compareJson')
 
+const { getSapMessages } = require('../../../../common/error/frontend')
+
 /**
  * The handler that will be registered with odata-v4.
  *
@@ -21,6 +23,7 @@ const { mergeJson } = require('../../../services/utils/compareJson')
 const create = service => {
   return async (odataReq, odataRes, next) => {
     let req
+
     try {
       validateResourcePath(odataReq, service)
       req = new ODataRequest(DATA_CREATE_HANDLER, service, odataReq, odataRes)
@@ -33,9 +36,12 @@ const create = service => {
     cds.context = tx
 
     let result, err
+
     try {
       result = await tx.dispatch(req)
 
+      // REVISIT readAfterWrite -> commit -> postProcessing
+
       if (isReturnMinimal(req)) {
         postProcessMinimal(req, result)
       } else {
@@ -60,12 +66,13 @@ const create = service => {
       }
     } catch (e) {
       err = e
-      if (!changeset) {
-        // REVISIT: rollback needed if error occured before commit attempted -> how to distinguish?
-        await tx.rollback(e).catch(() => {})
-      } else if (changeset) {
+
+      if (changeset) {
         // for passing into rollback
         odataReq.getBatchApplicationData().errors[changeset].push({ error: e, req })
+      } else {
+        // REVISIT: rollback needed if an error occurred before commit attempted -> how to distinguish?
+        await tx.rollback(e).catch(() => {})
       }
     } finally {
       req.messages && odataRes.setHeader('sap-messages', getSapMessages(req.messages, req._.req))

package/libx/_runtime/cds-services/adapter/odata-v4/handlers/delete.js

@@ -17,6 +17,7 @@ const { validateResourcePath } = require('../utils/request')
 const del = service => {
   return async (odataReq, odataRes, next) => {
     let req
+
     try {
       validateResourcePath(odataReq, service)
       req = new ODataRequest(DATA_DELETE_HANDLER, service, odataReq, odataRes)
@@ -29,6 +30,7 @@ const del = service => {
     cds.context = tx
 
     let err
+
     try {
       await tx.dispatch(req)
       const result = null
@@ -41,12 +43,13 @@ const del = service => {
       }
     } catch (e) {
       err = e
-      if (!changeset) {
-        // REVISIT: rollback needed if error occured before commit attempted -> how to distinguish?
-        await tx.rollback(e).catch(() => {})
-      } else if (changeset) {
+
+      if (changeset) {
         // for passing into rollback
         odataReq.getBatchApplicationData().errors[changeset].push({ error: e, req })
+      } else {
+        // REVISIT: rollback needed if an error occurred before commit attempted -> how to distinguish?
+        await tx.rollback(e).catch(() => {})
       }
     } finally {
       req.messages && odataRes.setHeader('sap-messages', getSapMessages(req.messages, req._.req))

package/libx/_runtime/cds-services/adapter/odata-v4/handlers/error.js

@@ -49,6 +49,19 @@ const _betterOkraError = err => {
   if (err.name === 'DeserializationError') {
     err.message = err.message.replace('Error while deserializing payload.', 'Deserialization Error:')
     err.message = err.message.replace(' An error occurred during deserialization of the entity.', '')
+
+    // add parsed data to error for req.data
+    let e = err
+    let depth = 0
+    while (e._rootCause && depth < 10) {
+      const rootCause = e._rootCause
+      if (rootCause._data) {
+        err._data = rootCause._data
+        break
+      }
+      e = rootCause
+      depth++
+    }
   } else if (err.name === 'SerializationError') {
     err.message = err.message.replace('An error occurred during serialization of the entity.', 'Serialization Error:')
     err.message = err.message.replace(
@@ -68,10 +81,16 @@ const _betterOkraError = err => {
  * @returns {Function}
  */
 const getErrorHandler = (crashOnError = true, srv) => {
-  return (odataReq, odataRes, next, err) => {
+  return async (odataReq, odataRes, next, err) => {
     // REVISIT: crashOnError
     if (isStandardError(err) && crashOnError) {
-      err.__crashOnError = true
+      // first rollback in case of atomicity groups
+      const changeset = odataReq.getAtomicityGroupId()
+      if (changeset) {
+        const tx = odataReq.getBatchApplicationData().txs[changeset]
+        await tx.rollback().catch(() => {})
+      }
+
       throw err
     }
 
@@ -84,9 +103,11 @@ const getErrorHandler = (crashOnError = true, srv) => {
       req = odataReq.getIncomingRequest()
     }
 
-    if (err.getRootCause && typeof err.getRootCause === 'function') {
+    if (typeof err.getRootCause === 'function') {
       // > an OKRA error
       err = _betterOkraError(err)
+      // add req.data for use in custom error handler in case of okra deserialization error
+      if ('_data' in err && !('data' in req)) req.data = err._data
     }
 
     // invoke srv.on('error', function (err, req) { ... }) here in special situations

package/libx/_runtime/cds-services/adapter/odata-v4/handlers/read.js

@@ -14,12 +14,13 @@ const {
   }
 } = require('../okra/odata-server')
 
-const { isCustomOperation, skipToken } = require('../utils/request')
+const { isCustomOperation } = require('../utils/request')
 const { actionAndFunctionQueries, getActionOrFunctionReturnType } = require('../utils/handlerUtils')
 const { validateResourcePath } = require('../utils/request')
 const { toODataResult, postProcess } = require('../utils/result')
 const { isStreaming, getStreamProperties } = require('../utils/stream')
 const { resolveStructuredName } = require('../utils/handlerUtils')
+
 const getError = require('../../../../common/error')
 const { getSapMessages } = require('../../../../common/error/frontend')
 
@@ -46,7 +47,7 @@ const _selectOrExpandInQueryOptions = queryOptions => {
  * @private
  */
 const _invokeFunction = async (tx, req, odataReq) => {
-  const result = await tx.dispatch(req)
+  let result = await tx.dispatch(req)
 
   const functionReturnType = getActionOrFunctionReturnType(
     odataReq.getUriInfo().getPathSegments(),
@@ -59,7 +60,7 @@ const _invokeFunction = async (tx, req, odataReq) => {
     functionReturnType.kind === 'entity' &&
     _selectOrExpandInQueryOptions(odataReq.getQueryOptions())
   ) {
-    await actionAndFunctionQueries(req, odataReq, result, tx, functionReturnType)
+    result = await actionAndFunctionQueries(req, odataReq, result, tx, functionReturnType)
   }
 
   return toODataResult(result, req)
@@ -142,9 +143,9 @@ const _isCollection = segments => {
  * @returns {boolean}
  * @private
  */
-const _isNavigationToOne = segments => {
-  return segments[segments.length - 1].getKind() === NAVIGATION_TO_ONE
-}
+const _isNavigationToOne = segments =>
+  segments[segments.length - 1].getKind() === NAVIGATION_TO_ONE &&
+  segments[segments.length - 1].getKeyPredicates().length === 0
 
 const _hasRedirectProperty = elements => {
   return Object.values(elements).some(val => {
@@ -229,22 +230,23 @@ const _readEntityOrProperty = async (tx, req, segments) => {
 
   if (propertyElement === null) {
     _transformRedirectProperties(req, result)
+
     return toODataResult(result[0])
   }
 
-  const name = resolveStructuredName(segments, segments.length - 2)
-  const res = _getResult(name, result[0])
+  result = _getResult(resolveStructuredName(segments, segments.length - 2), result[0])
 
-  const odataResult = toODataResult(typeof res === 'object' ? res[propertyElement.getName()] : res)
-  if (req.target._etag) odataResult['*@odata.etag'] = res[req.target._etag]
+  if (req.target._etag) result.$etag = result[req.target._etag]
+
+  const odataResult = toODataResult(result, req)
 
   // property is read via a to one association and last segment is not $value
   if (index !== 2 && segments.length > 2 && segments[segments.length - 2].getKind() === NAVIGATION_TO_ONE) {
     // find keys in result
-    const keys = Object.keys(result[0])
+    const keys = Object.keys(result)
       .filter(k => segments[segments.length - index - 1].getEdmType().getOwnKeyPropertyRefs().has(k))
       .reduce((res, curr) => {
-        res[curr] = result[0][curr]
+        res[curr] = result[curr]
         return res
       }, {})
 
@@ -266,20 +268,18 @@ const _readEntityOrProperty = async (tx, req, segments) => {
  */
 const _readCollection = async (tx, req, odataReq) => {
   const result = (await tx.dispatch(req)) || []
-  const odataResult = toODataResult(result, req)
 
-  // REVISIT: better
-  if (!odataResult['*@odata.count'] && req.query.SELECT.count) {
-    odataResult['*@odata.count'] = 0
-  }
+  if (req.query.SELECT.count && !('$count' in result)) result.$count = 0
 
-  if (!odataResult['*@odata.nextLink']) {
-    const limit = req.query && req.query.SELECT.limit && req.query.SELECT.limit.rows && req.query.SELECT.limit.rows.val
-    if (limit && limit === result.length && limit !== odataReq.getUriInfo().getQueryOption(QueryOptions.TOP)) {
-      odataResult['*@odata.nextLink'] = skipToken(odataReq.getUriInfo()) + limit
-    }
+  const limit = req.query.SELECT.limit && req.query.SELECT.limit.rows && req.query.SELECT.limit.rows.val
+  const top = odataReq.getUriInfo().getQueryOption(QueryOptions.TOP)
+  if (limit && limit === result.length && limit !== top && !('$nextLink' in result)) {
+    const token = odataReq.getUriInfo().getQueryOption(QueryOptions.SKIPTOKEN)
+    result.$nextLink = (token ? parseInt(token) : 0) + limit
   }
 
+  const odataResult = toODataResult(result, req)
+
   _transformRedirectProperties(req, result)
 
   return odataResult
@@ -298,7 +298,7 @@ const _readCollection = async (tx, req, odataReq) => {
 const _readStream = async (tx, req) => {
   req.query._streaming = true
 
-  const { contentType, contentDisposition } = await getStreamProperties(req, tx.model)
+  const { contentType, contentDispositionFilename, contentDispositionType } = await getStreamProperties(req, tx.model)
 
   let result = await tx.dispatch(req)
 
@@ -312,14 +312,14 @@ const _readStream = async (tx, req) => {
 
   if (result[0] === null) return null
 
-  const streamObj = result[0]
-  const stream = streamObj.value
+  result = result[0]
+  const { value: readable } = result
 
-  if (stream) {
-    stream.on('error', () => {
-      stream.removeAllListeners('error')
-      // stream.destroy() does not end stream in node 10 and 12
-      stream.push(null)
+  if (readable) {
+    readable.on('error', () => {
+      readable.removeAllListeners('error')
+      // readable.destroy() does not end stream in node 10 and 12
+      readable.push(null)
     })
   }
 
@@ -336,11 +336,13 @@ const _readStream = async (tx, req) => {
     req.reject(406, `Content type "${contentType}" not listed in accept header "${headers.accept}".`)
   }
 
-  if (contentType) streamObj['*@odata.mediaContentType'] = contentType
-  if (contentDisposition)
-    req._.odataRes.setHeader('Content-Disposition', `attachment; filename="${encodeURIComponent(contentDisposition)}"`)
+  if (contentType) result.$mediaContentType = contentType
+  if (contentDispositionFilename) {
+    result.$mediaContentDispositionFilename = contentDispositionFilename
+    if (contentDispositionType) result.$mediaContentDispositionType = contentDispositionType
+  }
 
-  return streamObj
+  return toODataResult(result, req)
 }
 
 const _readSingleton = async (tx, req, lastSegment) => {
@@ -439,6 +441,7 @@ const _removeKeysForParams = result => {
 const read = service => {
   return async (odataReq, odataRes, next) => {
     let req
+
     try {
       validateResourcePath(odataReq, service)
       req = new ODataRequest(DATA_READ_HANDLER, service, odataReq, odataRes)
@@ -452,6 +455,7 @@ const read = service => {
 
     let result, err
     let additional = {}
+
     try {
       // REVISIT: refactor _readAndTransform
       result = await _readAndTransform(tx, req, odataReq)
@@ -471,12 +475,13 @@ const read = service => {
       }
     } catch (e) {
       err = e
-      if (!changeset) {
-        // REVISIT: rollback needed if error occured before commit attempted -> how to distinguish?
-        await tx.rollback(e).catch(() => {})
-      } else if (changeset) {
+
+      if (changeset) {
         // for passing into rollback
         odataReq.getBatchApplicationData().errors[changeset].push({ error: e, req })
+      } else {
+        // REVISIT: rollback needed if an error occurred before commit attempted -> how to distinguish?
+        await tx.rollback(e).catch(() => {})
       }
     } finally {
       req.messages && odataRes.setHeader('sap-messages', getSapMessages(req.messages, req._.req))

package/libx/_runtime/cds-services/adapter/odata-v4/handlers/request.js

@@ -1,6 +1,6 @@
 const cds = require('../../../../cds')
 
-const { UNAUTHORIZED, FORBIDDEN, getRequiresAsArray } = require('../../../../common/utils/auth')
+const { UNAUTHORIZED, FORBIDDEN, getRequiresAsArray } = require('../../../../auth/utils')
 
 module.exports = srv => {
   const requires = getRequiresAsArray(srv.definition)

package/libx/_runtime/cds-services/adapter/odata-v4/handlers/update.js

@@ -6,14 +6,16 @@ const {
   Components: { DATA_UPDATE_HANDLER, DATA_CREATE_HANDLER }
 } = require('../okra/odata-server')
 
-const { getSapMessages } = require('../../../../common/error/frontend')
 const { validateResourcePath } = require('../utils/request')
 const { isReturnMinimal } = require('../utils/handlerUtils')
 const readAfterWrite = require('../utils/readAfterWrite')
 const { toODataResult, postProcess, postProcessMinimal } = require('../utils/result')
 const { hasOmitValuesPreference } = require('../utils/omitValues')
+
 const { mergeJson } = require('../../../services/utils/compareJson')
 
+const { getSapMessages } = require('../../../../common/error/frontend')
+
 const _isUpsertAllowed = target => {
   return !(cds.env.runtime && cds.env.runtime.allow_upsert === false) && !(target && target._isDraftEnabled)
 }
@@ -126,6 +128,7 @@ const _shouldReadPreviousResult = req =>
 const update = service => {
   return async (odataReq, odataRes, next) => {
     let req
+
     try {
       validateResourcePath(odataReq, service)
       req = new ODataRequest(DATA_UPDATE_HANDLER, service, odataReq, odataRes)
@@ -141,8 +144,10 @@ const update = service => {
     const primitive = odataReq.getUriInfo().getLastSegment().getKind() === 'PRIMITIVE.PROPERTY'
 
     let result, err
+
     try {
       let previousResult
+
       if (_shouldReadPreviousResult(req)) {
         previousResult = await _readAfterWriteAndVirtuals(req, service, result)
       }
@@ -173,12 +178,13 @@ const update = service => {
       }
     } catch (e) {
       err = e
-      if (!changeset) {
-        // REVISIT: rollback needed if error occured before commit attempted -> how to distinguish?
-        await tx.rollback(e).catch(() => {})
-      } else if (changeset) {
+
+      if (changeset) {
         // for passing into rollback
         odataReq.getBatchApplicationData().errors[changeset].push({ error: e, req })
+      } else {
+        // REVISIT: rollback needed if an error occurred before commit attempted -> how to distinguish?
+        await tx.rollback(e).catch(() => {})
       }
     } finally {
       req.messages && odataRes.setHeader('sap-messages', getSapMessages(req.messages, req._.req))

package/libx/_runtime/cds-services/adapter/odata-v4/odata-to-cqn/boundToCQN.js

@@ -1,8 +1,7 @@
 const cds = require('../../../../cds')
 const { SELECT } = cds.ql
 
-const { isPathSupported } = require('./selectHelper')
-const { convertUrlPathToCqn } = require('./utils')
+const { convertUrlPathToCqn, isPathSupported } = require('./utils')
 
 const {
   BOUND_ACTION,

package/libx/_runtime/cds-services/adapter/odata-v4/odata-to-cqn/deleteToCQN.js

@@ -26,7 +26,6 @@ const deleteToCQN = (service, odataReq) => {
   if (SUPPORTED_KINDS[segment.getKind()]) {
     return DELETE.from(convertUrlPathToCqn(segments, service))
   }
-
   if (segment.getKind() === 'PRIMITIVE.PROPERTY') {
     return UPDATE(convertUrlPathToCqn(segments, service)).data({ [segment.getProperty().getName()]: null })
   }

package/libx/_runtime/cds-services/adapter/odata-v4/odata-to-cqn/expandToCQN.js

@@ -13,7 +13,6 @@ const { getColumns } = require('../../../services/utils/columns')
 const { addLimit, isSameArray } = require('./utils')
 const { findCsnTargetFor } = require('../../../../common/utils/csn')
 const getError = require('../../../../common/error')
-
 /**
  * Check which element(s) of the entity has been expanded.
  *
@@ -234,7 +233,7 @@ const expandToCQN = (model, expandItems, type, options) => {
   const allElements = []
   const isAll = expandItems.some(item => item.isAll())
 
-  for (const [name, navigationProperty] of type.getNavigationProperties()) {
+  for (const [name, navigationProperty] of type.getNavigationProperties(isAll)) {
     const expandItem = _getExpandItem(isAll, expandItems, name)
 
     if (isAll || expandItem) {

package/libx/_runtime/cds-services/adapter/odata-v4/odata-to-cqn/orderByToCQN.js

@@ -1,10 +1,12 @@
 const ExpressionToCQN = require('./ExpressionToCQN')
 const { getFeatureNotSupportedError } = require('../../../util/errors')
 const odata = require('../okra/odata-server')
+const { ResourceKind } = require('../okra/odata-commons/uri/UriResource')
 const {
   QueryOptions: { ORDERBY }
 } = odata
 const ExpressionKind = odata.uri.Expression.ExpressionKind
+const getError = require('../../../../common/error')
 
 const _buildNavRef = pathSegment => {
   return pathSegment.getProperty() ? pathSegment.getProperty().getName() : pathSegment.getNavigationProperty().getName()
@@ -13,6 +15,13 @@ const _buildNavRef = pathSegment => {
 const _orderExpression = order => {
   if (order.getExpression().getKind() === ExpressionKind.MEMBER) {
     const ref = []
+    const lastSegment = order.getExpression().getPathSegments()[order.getExpression().getPathSegments().length - 1]
+    if (
+      lastSegment.getKind() === ResourceKind.ANY_EXPRESSION ||
+      lastSegment.getKind() === ResourceKind.ALL_EXPRESSION
+    ) {
+      throw getError(501, 'ORDERBY_LAMBDA_UNSUPPORTED')
+    }
     for (let i = 0; i < order.getExpression().getPathSegments().length; i++) {
       ref.push(_buildNavRef(order.getExpression().getPathSegments()[i]))
     }

package/libx/_runtime/cds-services/adapter/odata-v4/odata-to-cqn/readToCQN.js

@@ -1,22 +1,14 @@
 const cds = require('../../../../cds')
 const { SELECT } = cds.ql
 
-const QueryOptions = require('../okra/odata-server').QueryOptions
-const { isNavigation, isPathSupported } = require('./selectHelper')
-const { isViewWithParams, getValidationQuery } = require('./selectHelper')
-const { ensureUnlocalized } = require('../../../../fiori/utils/handler')
 const ExpressionToCQN = require('./ExpressionToCQN')
 const orderByToCQN = require('./orderByToCQN')
 const selectToCQN = require('./selectToCQN')
 const searchToCQN = require('./searchToCQN')
 const applyToCQN = require('./applyToCQN')
-const { _expand } = require('../utils/handlerUtils')
-const { resolveStructuredName } = require('../utils/handlerUtils')
-const { isStreaming } = require('../utils/stream')
-const { convertUrlPathToCqn, getAllKeys } = require('./utils')
-const { getMaxPageSize, getDefaultPageSize } = require('../../../../common/utils/page')
-const { isAsteriskColumn } = require('../../../../common/utils/rewriteAsterisks')
+const { convertUrlPathToCqn, getAllKeys, isPathSupported } = require('./utils')
 
+const QueryOptions = require('../okra/odata-server').QueryOptions
 const {
   COUNT,
   ENTITY,
@@ -28,7 +20,6 @@ const {
   VALUE,
   SINGLETON
 } = require('../okra/odata-server').uri.UriResource.ResourceKind
-
 const SUPPORTED_SEGMENT_KINDS = {
   [ENTITY]: 1,
   [ENTITY_COLLECTION]: 1,
@@ -41,9 +32,16 @@ const SUPPORTED_SEGMENT_KINDS = {
   [SINGLETON]: 1
 }
 
-const _applyOnlyContainsFilter = apply => {
-  return Object.keys(apply).length === 1 && apply.filter
-}
+const { _expand } = require('../utils/handlerUtils')
+const { resolveStructuredName } = require('../utils/handlerUtils')
+const { isStreaming } = require('../utils/stream')
+
+const { getMaxPageSize, getDefaultPageSize } = require('../../../../common/utils/page')
+const { isAsteriskColumn } = require('../../../../common/utils/rewriteAsterisks')
+
+const { ensureUnlocalized } = require('../../../../fiori/utils/handler')
+
+const _applyOnlyContainsFilter = apply => Object.keys(apply).length === 1 && apply.filter
 
 /**
  *
@@ -232,14 +230,6 @@ const _checkViewWithParamCall = (isView, segments, kind, name) => {
   }
 }
 
-const addValidationQueryIfRequired = (segments, isView, cqn, service, kind) => {
-  if (isNavigation(segments) && !isView && (kind === NAVIGATION_TO_MANY || kind === NAVIGATION_TO_ONE)) {
-    cqn._validationQuery = getValidationQuery(cqn.SELECT.from.ref, service.model)
-    cqn._validationQuery.__navToManyWithKeys =
-      kind === NAVIGATION_TO_ONE && segments[segments.length - 1].getKeyPredicates().length !== 0
-  }
-}
-
 const _addKeysToSelectIfNoStreaming = (entity, select, streaming) => {
   // might also be singleton w/o keys
   if (!streaming && entity.keys) {
@@ -381,7 +371,7 @@ const readToCQN = (service, target, odataReq) => {
     select.push(...expand)
   }
 
-  const isView = isViewWithParams(target)
+  const isView = target.params && Object.keys(target.params).length > 0
   const kind = segments[segments.length - 1].getKind()
   const isCollectionOrToMany = _isCollectionOrToMany(kind)
 
@@ -390,13 +380,10 @@ const readToCQN = (service, target, odataReq) => {
 
   // keep target as input because of localized view
   const cqn = SELECT.from(isView ? _convertUrlPathToViewCqn(segments) : convertUrlPathToCqn(segments, service), select)
-  addValidationQueryIfRequired(segments, isView, cqn, service, kind)
 
   if (isCollectionOrToMany && queryOptions && queryOptions[QueryOptions.COUNT]) cqn.SELECT.count = true
 
-  if (Object.keys(apply).length) {
-    _extendCqnWithApply(cqn, apply, entity)
-  }
+  if (Object.keys(apply).length) _extendCqnWithApply(cqn, apply, entity)
 
   if (isCollectionOrToMany || _isCount(kind)) {
     _filter(service.model, entity, uriInfo, apply, cqn)
@@ -408,13 +395,13 @@ const readToCQN = (service, target, odataReq) => {
     _orderby(uriInfo, cqn)
   }
 
-  if (!isCollectionOrToMany || entity._isSingleton) {
-    cqn.SELECT.one = true
-  }
+  if (!isCollectionOrToMany || entity._isSingleton) cqn.SELECT.one = true
 
   _cleanupForApply(apply, cqn)
+
   // just like in new parser
   if (cqn.SELECT.columns.length === 1 && cqn.SELECT.columns[0] === '*') delete cqn.SELECT.columns
+
   return cqn
 }
 

package/libx/_runtime/cds-services/adapter/odata-v4/odata-to-cqn/utils.js

@@ -1,3 +1,5 @@
+const { getFeatureNotSupportedError } = require('../../../util/errors')
+
 const { findCsnTargetFor } = require('../../../../common/utils/csn')
 
 const CDL_KEYWORDS = new Set(require('@sap/cds-compiler/lib/base/keywords').cdl)
@@ -108,9 +110,18 @@ const getAllKeys = (entity, joinStructured = true) => {
   return allKeys
 }
 
+const isPathSupported = (supported, pathSegments) => {
+  for (const segment of pathSegments) {
+    if (!supported[segment.getKind()]) {
+      throw getFeatureNotSupportedError(`Request parameter "${segment.getKind()}"`)
+    }
+  }
+}
+
 module.exports = {
   addLimit,
   convertUrlPathToCqn,
   isSameArray,
-  getAllKeys
+  getAllKeys,
+  isPathSupported
 }

package/libx/_runtime/cds-services/adapter/odata-v4/okra/odata-commons/edm/AbstractEdmStructuredType.js

@@ -190,10 +190,11 @@ class AbstractEdmStructuredType extends EdmType {
    * Returns a map of navigation properties including those from base type.
    * @returns {Map.<string, EdmNavigationProperty>} A Map of navigation properties
    */
-  getNavigationProperties () {
+  getNavigationProperties (ignoreSibling) {
     if (!this._navigationProperties) {
       this._navigationProperties = new Map(this.getBaseType() ? this.getBaseType().getNavigationProperties() : [])
       for (const [name, property] of this.getOwnNavigationProperties()) {
+        if (ignoreSibling && name === 'SiblingEntity') continue;
         this._navigationProperties.set(name, property)
       }
     }

package/libx/_runtime/cds-services/adapter/odata-v4/okra/odata-commons/uri/UriHelper.js

@@ -22,12 +22,13 @@ class UriHelper {
       return uriLiteral.substring(1, uriLiteral.length - 1).replace(REGEXP_TWO_SINGLE_QUOTES, "'")
     }
 
-    if (
-      edmType === EdmPrimitiveTypeKind.Duration ||
-      edmType === EdmPrimitiveTypeKind.Binary ||
-      edmType.getKind() === EdmTypeKind.ENUM ||
-      edmType.getName().startsWith('Geo')
-    ) {
+    if (edmType === EdmPrimitiveTypeKind.Binary) {
+      // convert the URL-safe base64 encoding to the standard variant (with padding, if necessary)
+      let val = uriLiteral.substring(uriLiteral.indexOf("'") + 1, uriLiteral.length - 1).replace(/_/g, '/').replace(/-/g, '+')
+      return val.padEnd(val.length + val.length % 4, '=')
+    }
+
+    if (edmType === EdmPrimitiveTypeKind.Duration || edmType.getKind() === EdmTypeKind.ENUM || edmType.getName().startsWith('Geo')) {
       return uriLiteral.substring(uriLiteral.indexOf("'") + 1, uriLiteral.length - 1)
     }
 

package/libx/_runtime/cds-services/adapter/odata-v4/okra/odata-commons/uri/UriTokenizer.js

@@ -19,11 +19,8 @@ const GUID_VALUE_REGEXP = new RegExp(
   '^(?:' + HEX_DIGIT + '{8}-' + HEX_DIGIT + '{4}-' + HEX_DIGIT + '{4}-' + HEX_DIGIT + '{4}-' + HEX_DIGIT + '{12})'
 )
 
-const BASE64 = '[-_A-Za-z0-9]'
-const BASE64B16 = BASE64 + '{2}[AEIMQUYcgkosw048]=?'
-const BASE64B8 = BASE64 + '[AQgw](?:==)?'
-const BINARY = '(?:' + BASE64 + '{4})*(?:' + BASE64B16 + '|' + BASE64B8 + ')?'
-const BINARY_VALUE_REGEXP = new RegExp("^[Bb][Ii][Nn][Aa][Rr][Yy]'" + BINARY + "'")
+// regex for url-safe base64
+const BINARY_VALUE_REGEXP = /^[Bb][Ii][Nn][Aa][Rr][Yy]'(?:[A-Za-z0-9-_]{4})*(?:[A-Za-z0-9-_]{4}|[A-Za-z0-9-_]{3}=|[A-Za-z0-9-_]{2}={2}|[A-Za-z0-9-_]{2,3})'/
 
 const UNSIGNED_INTEGER_VALUE_REGEXP = new RegExp('^\\d+')
 const INTEGER_VALUE_REGEXP = new RegExp('^[-+]?\\d+')