@sap/cds 5.7.5 → 5.8.2

package/libx/_runtime/messaging/enterprise-messaging-utils/registerEndpoints.js

@@ -65,7 +65,6 @@ class EndpointRegistry {
         const other = authInfo
           ? {
               _: { req: { authInfo, headers: {}, query: {} } }, // for messaging to retrieve subdomain
-              user: new cds.User.Privileged(),
               tenant: tenantId
             }
           : {}

package/libx/_runtime/messaging/enterprise-messaging.js

@@ -20,6 +20,7 @@ const _checkAppURL = appURL => {
     throw new Error(
       'Enterprise Messaging: You need to provide an HTTPS endpoint to your application.\n\nHint: You can set the application URI in environment variable `VCAP_APPLICATION.application_uris[0]`. This is needed because incoming messages are delivered through HTTP via webhooks.\nExample: `{ ..., "VCAP_APPLICATION": { "application_uris": ["my-app.com"] } }`\nIn case you want to use Enterprise Messaging in shared (that means single-tenant) mode, you can use kind `enterprise-messaging-amqp`.'
     )
+
   if (appURL.startsWith('https://localhost'))
     throw new Error(
       'The endpoint of your application is local and cannot be reached from Enterprise Messaging.\n\nHint: For local development you can set up a tunnel to your local endpoint and enter its public https endpoint in `VCAP_APPLICATION.application_uris[0]`.\nIn case you want to use Enterprise Messaging in shared (that means single-tenant) mode, you can use kind `enterprise-messaging-amqp`.'

package/libx/_runtime/messaging/file-based.js

@@ -53,7 +53,9 @@ class FileBasedMessaging extends MessagingService {
               if (this.subscribedTopics.has(topic)) {
                 const event = this.subscribedTopics.get(topic)
                 if (!event) return
-                super.emit({ event, ...json, inbound: true }).catch(e => LOG._debug && LOG.debug(e))
+                super
+                  .emit({ event, ...json, inbound: true })
+                  .catch(e => LOG.error('ERROR occured in asynchronous event processing:', e))
               } else other.push(each + '\n')
             }
           } catch (e) {

package/libx/_runtime/messaging/service.js

@@ -75,7 +75,8 @@ class MessagingService extends OutboxService {
   }
 
   emit(event, data, headers) {
-    const msg = event instanceof cds.Event ? event : new cds.Event(this.message4(event, data, headers))
+    const _msg = typeof event === 'object' ? event : { event, data, headers }
+    const msg = _msg instanceof cds.Event ? _msg : new cds.Event(this.message4(_msg))
     return super.emit(msg)
   }
 
@@ -108,6 +109,8 @@ class MessagingService extends OutboxService {
 
   message4(msg) {
     const _msg = { ...msg }
+    if (msg.inbound && !cds.context)
+      _msg.user = msg.tenant ? new cds.User.Privileged({ tenant: msg.tenant }) : new cds.User.Privileged()
     _msg.event = _warnAndStripTopicPrefix(_msg.event)
     if (!_msg.headers) _msg.headers = {}
     if (!_msg.inbound) {

package/libx/_runtime/remote/utils/client.js

@@ -5,7 +5,7 @@ const SANITIZE_VALUES = process.env.NODE_ENV === 'production' && cds.env.log.san
 
 const cdsLocale = require('../../../../lib/req/locale')
 
-const { convertV2ResponseData, deepSanitize } = require('./data')
+const { convertV2ResponseData, deepSanitize, convertV2PayloadData } = require('./data')
 
 let _cloudSdkCore
 
@@ -30,6 +30,7 @@ const _executeHttpRequest = async ({ requestConfig, destination, destinationOpti
   const destinationName = typeof destination === 'string' && destination
   if (destinationName) {
     destination = await getDestination(destinationName, resolveDestinationOptions(destinationOptions, jwt))
+    if (!destination) throw new Error(`Cannot resolve destination "${destinationName}"`)
   } else if (destination.forwardAuthToken) {
     destination = {
       ...destination,
@@ -141,8 +142,8 @@ function _defineProperty(obj, property, value) {
 }
 
 function _normalizeMetadata(prefix, data, results) {
-  const target = results || data
-  if (typeof target !== 'object') return target
+  const target = results !== undefined ? results : data
+  if (typeof target !== 'object' || target === null) return target
   const metadataKeys = Object.keys(data).filter(k => prefix.test(k))
   for (const k of metadataKeys) {
     const $ = k.replace(prefix, '$')
@@ -166,17 +167,17 @@ const _purgeODataV2 = (data, target, reqHeaders) => {
   if (typeof data !== 'object' || !data.d) return data
 
   data = data.d
-  const contentType = reqHeaders['content-type']
-  const ieee754Compatible = contentType && contentType.includes('IEEE754Compatible=true')
-  const purgedResponse = data.results || data
-  const convertedResponse = convertV2ResponseData(purgedResponse, target, ieee754Compatible)
+  const ieee754Compatible = reqHeaders.accept && reqHeaders.accept.includes('IEEE754Compatible=true')
+  const exponentialDecimals = ieee754Compatible && reqHeaders.accept.includes('ExponentialDecimals=true')
+  const purgedResponse = 'results' in data ? data.results : data
+  const convertedResponse = convertV2ResponseData(purgedResponse, target, ieee754Compatible, exponentialDecimals)
   return _normalizeMetadata(/^__/, data, convertedResponse)
 }
 
 const _purgeODataV4 = data => {
   if (typeof data !== 'object') return data
 
-  const purgedResponse = data.value || data
+  const purgedResponse = 'value' in data ? data.value : data
   return _normalizeMetadata(/^@odata\./, data, purgedResponse)
 }
 
@@ -245,6 +246,7 @@ const run = async (
 
     LOG._warn && LOG.warn(sanitizedError)
 
+    // REVISIT: switch from innererror to reason in cds^6
     throw Object.assign(new Error(e.message), { statusCode: 502, innererror: sanitizedError })
   }
 
@@ -266,6 +268,7 @@ const run = async (
 
     LOG._warn && LOG.warn(sanitizedError)
 
+    // REVISIT: switch from innererror to reason in cds^6
     throw Object.assign(new Error(`Error during request to remote service: ${e.message}`), {
       statusCode: 502,
       innererror: sanitizedError
@@ -293,6 +296,8 @@ const run = async (
         : 'Request to remote service failed.'
       const sanitizedError = _getSanitizedError(contentJSON, requestConfig)
       LOG._warn && LOG.warn(sanitizedError)
+
+      // REVISIT: switch from innererror to reason in cds^6
       throw Object.assign(new Error(contentJSON.message), { statusCode: 502, innererror: sanitizedError })
     }
   }
@@ -321,32 +326,37 @@ const getJwt = req => {
   return null
 }
 
-const _cqnToReqOptions = (query, kind, model) => {
+const _cqnToReqOptions = (query, kind, model, target) => {
   const queryObject = cds.odata.urlify(query, { kind, model })
-  return {
+  const reqOptions = {
     method: queryObject.method,
     url: encodeURI(
       queryObject.path
         // ugly workaround for Okra not allowing spaces in ( x eq 1 )
         .replace(/\( /g, '(')
         .replace(/ \)/g, ')')
-    ),
-    data: queryObject.body
+    )
   }
+  if (queryObject.method !== 'GET' && queryObject.method !== 'HEAD') {
+    reqOptions.data = kind === 'odata-v2' ? convertV2PayloadData(queryObject.body, target) : queryObject.body
+  }
+  return reqOptions
 }
 
-const _stringToReqOptions = (query, data) => {
+const _stringToReqOptions = (query, data, target) => {
   const cleanQuery = query.trim()
   const blankIndex = cleanQuery.substring(0, 8).indexOf(' ')
   const reqOptions = {
     method: cleanQuery.substring(0, blankIndex).toUpperCase(),
     url: encodeURI(formatPath(cleanQuery.substring(blankIndex, cleanQuery.length).trim()))
   }
-  if (data && reqOptions.method !== 'GET' && reqOptions.method !== 'HEAD') reqOptions.data = data
+  if (data && reqOptions.method !== 'GET' && reqOptions.method !== 'HEAD') {
+    reqOptions.data = this.kind === 'odata-v2' ? Object.assign({}, convertV2PayloadData(data, target)) : data
+  }
   return reqOptions
 }
 
-const _pathToReqOptions = (method, path, data) => {
+const _pathToReqOptions = (method, path, data, target) => {
   let url = path
   if (!url.startsWith('/')) {
     // extract entity name and instance identifier (either in "()" or after "/") from fully qualified path
@@ -358,7 +368,9 @@ const _pathToReqOptions = (method, path, data) => {
     url = url.replace(/^\/\//, '/')
   }
   const reqOptions = { method, url }
-  if (data && reqOptions.method !== 'GET' && reqOptions.method !== 'HEAD') reqOptions.data = data
+  if (data && reqOptions.method !== 'GET' && reqOptions.method !== 'HEAD') {
+    reqOptions.data = this.kind === 'odata-v2' ? Object.assign({}, convertV2PayloadData(data, target)) : data
+  }
   return reqOptions
 }
 
@@ -367,13 +379,14 @@ const _hasHeader = (headers, header) =>
     .map(k => k.toLowerCase())
     .includes(header)
 
+// eslint-disable-next-line complexity
 const getReqOptions = (req, query, service) => {
   const reqOptions =
     typeof query === 'object'
-      ? _cqnToReqOptions(query, service.kind, service.model)
+      ? _cqnToReqOptions(query, service.kind, service.model, req.target)
       : typeof query === 'string'
-      ? _stringToReqOptions(query, req.data)
-      : _pathToReqOptions(req.method, req.path, req.data)
+      ? _stringToReqOptions(query, req.data, req.target)
+      : _pathToReqOptions(req.method, req.path, req.data, req.target)
 
   reqOptions.headers = { accept: 'application/json,text/plain' }
   reqOptions.timeout = service.requestTimeout
@@ -387,6 +400,12 @@ const getReqOptions = (req, query, service) => {
     if (locale) reqOptions.headers['accept-language'] = locale
   }
 
+  // forward all dwc-* headers
+  if (service.options.forward_dwc_headers) {
+    const originalHeaders = (req.context && req.context._ && req.context._.req && req.context._.req.headers) || {}
+    for (const k in originalHeaders) if (k.match(/^dwc-/)) reqOptions.headers[k] = originalHeaders[k]
+  }
+
   if (reqOptions.data && reqOptions.method !== 'GET' && reqOptions.method !== 'HEAD') {
     reqOptions.headers['content-type'] = 'application/json'
     reqOptions.headers['content-length'] = Buffer.byteLength(JSON.stringify(reqOptions.data))
@@ -394,11 +413,9 @@ const getReqOptions = (req, query, service) => {
   reqOptions.url = formatPath(reqOptions.url)
 
   // batch envelope if needed
-  if (
-    KINDS_SUPPORTING_BATCH[service.kind] &&
-    reqOptions.method === 'GET' &&
-    reqOptions.url.length > ((cds.env.remote && cds.env.remote.max_get_url_length) || 1028)
-  ) {
+  const maxGetUrlLength =
+    service.options.max_get_url_length || (cds.env.remote && cds.env.remote.max_get_url_length) || 1028
+  if (KINDS_SUPPORTING_BATCH[service.kind] && reqOptions.method === 'GET' && reqOptions.url.length > maxGetUrlLength) {
     reqOptions._autoBatch = true
     reqOptions.data = [
       '--batch1',

package/libx/_runtime/remote/utils/data.js

@@ -1,3 +1,5 @@
+const { big } = require('@sap/cds-foss')
+
 // Code adopted from @sap/cds-odata-v2-adapter-proxy
 // https://www.w3.org/TR/xmlschema11-2/#nt-duDTFrag
 const DurationRegex = /^P(?:(\d)Y)?(?:(\d{1,2})M)?(?:(\d{1,2})D)?T(?:(\d{1,2})H)?(?:(\d{2})M)?(?:(\d{2}(?:\.\d+)?)S)?$/i
@@ -20,15 +22,16 @@ const DataTypeOData = {
   Time: 'cds.TimeOfDay'
 }
 
-const _convertData = (data, target, ieee754Compatible) => {
+const _convertData = (data, target, convertValueFn) => {
+  const _convertRecordFn = _getConvertRecordFn(target, convertValueFn)
   if (Array.isArray(data)) {
-    return data.map(record => _getConvertRecordFn(target, ieee754Compatible)(record))
+    return data.map(_convertRecordFn)
   }
 
-  return _getConvertRecordFn(target, ieee754Compatible)(data)
+  return _convertRecordFn(data)
 }
 
-const _getConvertRecordFn = (target, ieee754Compatible) => record => {
+const _getConvertRecordFn = (target, convertValueFn) => record => {
   for (const key in record) {
     if (key === '__metadata') continue
 
@@ -36,24 +39,27 @@ const _getConvertRecordFn = (target, ieee754Compatible) => record => {
     if (!element) continue
 
     const recordValue = record[key]
-    const type = _elementType(element)
-    const value = (recordValue && recordValue.results) || recordValue
+    const value =
+      (recordValue && typeof recordValue === 'object' && 'results' in recordValue && recordValue.results) || recordValue
 
     if (value && (element.isAssociation || Array.isArray(value))) {
-      record[key] = _convertData(value, element._target, ieee754Compatible)
+      record[key] = _convertData(value, element._target, convertValueFn)
     } else {
-      record[key] = _convertValue(value, type, ieee754Compatible)
+      record[key] = convertValueFn(value, element)
     }
   }
 
   return record
 }
 
-const _convertValue = (value, type, ieee754Compatible) => {
+// eslint-disable-next-line complexity
+const _convertValue = (ieee754Compatible, exponentialDecimals) => (value, element) => {
   if (value == null) {
     return value
   }
 
+  const type = _elementType(element)
+
   if (['cds.Boolean'].includes(type)) {
     if (value === 'true') {
       value = true
@@ -63,7 +69,14 @@ const _convertValue = (value, type, ieee754Compatible) => {
   } else if (['cds.Integer'].includes(type)) {
     value = parseInt(value, 10)
   } else if (['cds.Decimal', 'cds.Integer64', 'cds.DecimalFloat'].includes(type)) {
-    value = ieee754Compatible ? `${value}` : parseFloat(value)
+    const bigValue = big(value)
+    if (ieee754Compatible) {
+      // TODO test with arrayed => element.items.scale?
+      value = exponentialDecimals ? bigValue.toExponential(element.scale) : bigValue.toFixed(element.scale)
+    } else {
+      // OData V2 does not even mention ieee754Compatible, but V4 requires JSON number if ieee754Compatible=false
+      value = bigValue.toNumber()
+    }
   } else if (['cds.Double'].includes(type)) {
     value = parseFloat(value)
   } else if (['cds.Time'].includes(type)) {
@@ -90,6 +103,29 @@ const _convertValue = (value, type, ieee754Compatible) => {
   return value
 }
 
+const _convertPayloadValue = (value, element) => {
+  const type = _elementType(element)
+
+  // see https://www.odata.org/documentation/odata-version-2-0/json-format/
+  if (value == null) return value
+  switch (type) {
+    case 'cds.Date':
+    case 'cds.DateTime':
+      return `/Date(${new Date(value).getTime()})/`
+    case 'cds.Binary':
+    case 'cds.LargeBinary':
+      return Buffer.isBuffer(value) ? value.toString('base64') : value
+    case 'cds.Timestamp':
+      // According to OData V2 spec, and as cds.DateTime => (V2) Edm.DateTimeOffset => cds.Timestamp,
+      // cds.Timestamp should be converted into Edm.DateTimeOffset literal form `datetimeoffset'${new Date(value).toISOString()}'`
+      // However, odata-v2-proxy forwards it literaly as `datetimeoffset'...'` which is rejected by okra.
+      // Note that OData V2 spec example also does not contain 'datetimeoffset' predicate.
+      return new Date(value).toISOString()
+    default:
+      return value
+  }
+}
+
 const _calculateTicksOffsetSum = text => {
   return (text.replace(/\s/g, '').match(/[+-]?([0-9]+)/g) || []).reduce((sum, value, index) => {
     return sum + parseFloat(value) * (index === 0 ? 1 : 60 * 1000) // ticks are milliseconds (0), offset are minutes (1)
@@ -115,9 +151,14 @@ const _elementType = element => {
   return type
 }
 
-const convertV2ResponseData = (data, target, ieee754Compatible) => {
+const convertV2ResponseData = (data, target, ieee754Compatible, exponentialDecimals) => {
+  if (!target || !target.elements) return data
+  return _convertData(data, target, _convertValue(ieee754Compatible, exponentialDecimals))
+}
+
+const convertV2PayloadData = (data, target) => {
   if (!target || !target.elements) return data
-  return _convertData(data, target, ieee754Compatible)
+  return _convertData(data, target, _convertPayloadValue)
 }
 
 const deepSanitize = arg => {
@@ -132,5 +173,6 @@ const deepSanitize = arg => {
 
 module.exports = {
   convertV2ResponseData,
+  convertV2PayloadData,
   deepSanitize
 }

package/libx/_runtime/sqlite/Service.js

@@ -39,7 +39,7 @@ module.exports = class SQLiteDatabase extends DatabaseService {
     this._insert = this._queries.insert(execute.insert)
     this._read = this._queries.read(execute.select, execute.stream)
     this._update = this._queries.update(execute.update, execute.select)
-    this._delete = this._queries.delete(execute.delete)
+    this._delete = this._queries.delete(execute.delete, execute.update)
     this._run = this._queries.run(this._insert, this._read, this._update, this._delete, execute.cqn, execute.sql)
 
     this.dbcs = new Map()

package/libx/_runtime/sqlite/conversion.js

@@ -1,3 +1,5 @@
+const cds = require('../cds')
+
 const convertToBoolean = boolean => {
   if (boolean === null) return null
 
@@ -41,4 +43,12 @@ const SQLITE_TYPE_CONVERSION_MAP = new Map([
   ['cds.Timestamp', convertToISOTime]
 ])
 
+if (cds.env.features.bigjs) {
+  const Big = require('big.js')
+  const convertToBig = value => new Big(value)
+
+  SQLITE_TYPE_CONVERSION_MAP.set('cds.Integer64', convertToBig)
+  SQLITE_TYPE_CONVERSION_MAP.set('cds.Decimal', convertToBig)
+}
+
 module.exports = { SQLITE_TYPE_CONVERSION_MAP }

package/libx/_runtime/types/api.js

@@ -94,14 +94,14 @@
 
 /**
  * @typedef {object} search2cqnOptions
- * @property {ColumnRefs} [columns] The columns to
- * be searched
+ * @property {ColumnRefs} [columns] The columns to be searched
  * @property {string} locale The user locale
  */
 
 /**
  * @typedef {object} cqn2cqn4sqlOptions
  * @property {boolean} [suppressSearch=false] Indicates whether the search handler is called.
+ * @property {boolean} [_4fiori]
  * @property {import('../db/Service')} [service]
  */
 

package/libx/gql/resolvers/crud/update.js

@@ -5,16 +5,14 @@ const { entriesStructureToEntityStructure } = require('./utils')
 module.exports = async (service, entityFQN, selection) => {
   const filter = getArgumentByName(selection.arguments, ARGUMENT.FILTER)
 
-  let queryBeforeUpdate = service.read(entityFQN)
+  const queryBeforeUpdate = service.read(entityFQN)
   queryBeforeUpdate.columns(astToColumns(selection.selectionSet.selections))
 
   if (filter) {
     queryBeforeUpdate.where(astToWhere(filter))
   }
 
-  const resultBeforeUpdate = await service.tx(tx => tx.run(queryBeforeUpdate))
-
-  let query = service.update(entityFQN)
+  const query = service.update(entityFQN)
 
   if (filter) {
     query.where(astToWhere(filter))
@@ -24,7 +22,12 @@ module.exports = async (service, entityFQN, selection) => {
   const entries = entriesStructureToEntityStructure(service, entityFQN, astToEntries(input))
   query.with(entries)
 
-  const result = await service.tx(tx => tx.run(query))
+  let resultBeforeUpdate
+  const result = await service.tx(async tx => {
+    // read needs to be done before the update, otherwise the where clause might become invalid (case that properties in where clause are updated by the mutation)
+    resultBeforeUpdate = await service.tx(tx => tx.run(queryBeforeUpdate))
+    return tx.run(query)
+  })
 
   // Merge selected fields with updated data
   return resultBeforeUpdate.map(original => ({ ...original, ...result }))

package/libx/gql/resolvers/parse/ast/enrich.js

@@ -45,6 +45,7 @@ const traverseField = (info, field) => {
 const traverseFieldNodes = (info, fieldNodes) => fieldNodes.map(fieldNode => traverseField(info, fieldNode))
 
 module.exports = info => {
+  // REVISIT: JSON.parse(JSON.stringify(obj)) breaks buffers
   const deepClonedFieldNodes = JSON.parse(JSON.stringify(info.fieldNodes))
   traverseFieldNodes(info, deepClonedFieldNodes)
   return deepClonedFieldNodes

package/libx/odata/afterburner.js

@@ -3,12 +3,23 @@ const cds = require('../_runtime/cds')
 const { where2obj } = require('../_runtime/common/utils/cqn')
 const { findCsnTargetFor } = require('../_runtime/common/utils/csn')
 
+const _addKeysDeep = (keys, keysCollector) => {
+  for (const keyName in keys) {
+    const key = keys[keyName]
+    if (key.type === 'cds.Association' || key['@odata.foreignKey4'] === 'up_') continue
+    if ('elements' in key) {
+      _addKeysDeep(key.elements, keysCollector)
+      continue
+    }
+    keysCollector.push(keyName)
+  }
+}
+
 function _keysOf(entity) {
-  return entity && entity.keys
-    ? Object.keys(entity.keys).filter(
-        k => entity.elements[k].type !== 'cds.Association' && entity.elements[k]['@odata.foreignKey4'] !== 'up_'
-      )
-    : []
+  if (!entity || !entity.keys) return
+  const keysCollector = []
+  _addKeysDeep(entity.keys, keysCollector)
+  return keysCollector
 }
 
 function _getDefinition(definition, name, namespace) {
@@ -49,7 +60,7 @@ function _processSegments(cqn, model, namespace) {
   let one
   for (let i = 0; i < ref.length; i++) {
     const seg = ref[i].id || ref[i]
-    const params = ref[i].where && where2obj(ref[i].where)
+    let params = ref[i].where && where2obj(ref[i].where)
 
     if (incompleteKeys) {
       // > key
@@ -91,6 +102,9 @@ function _processSegments(cqn, model, namespace) {
         if (ref[i].where) {
           keyCount += addRefToWhereIfNecessary(ref[i].where, current)
           _resolveAliasInWhere(ref[i].where, current)
+          // in case of Foo(1), params will be {} (before addRefToWhereIfNecessary was called)
+          if (!Object.keys(params).length) params = where2obj(ref[i].where)
+          _checkAllKeysProvided(params, current)
         }
       } else if ({ action: 1, function: 1 }[current.kind]) {
         // > action or function
@@ -146,6 +160,15 @@ function _processSegments(cqn, model, namespace) {
 
 const _resolveFrom = from => (from.SELECT ? _resolveFrom(from.SELECT.from) : from)
 
+const _checkAllKeysProvided = (params, entity) => {
+  const keysOfEntity = _keysOf(entity)
+  if (!keysOfEntity) return
+  for (const keyOfEntity of keysOfEntity) {
+    if (!(keyOfEntity in params))
+      throw Object.assign(new Error(`Key "${keyOfEntity}" is missing for entity "${entity.name}"`), { status: 400 })
+  }
+}
+
 function _4service(service) {
   const { namespace, model } = service
 

package/libx/odata/cqn2odata.js

@@ -357,6 +357,15 @@ function $orderBy(orderBy) {
     if (hasValidProps(cur, 'ref')) {
       res.push(cur.ref.join('/'))
     }
+
+    if (hasValidProps(cur, 'func', 'sort')) {
+      res.push(`${cur.func}(${_args(cur.args)})` + ' ' + cur.sort)
+      continue
+    }
+
+    if (hasValidProps(cur, 'func')) {
+      res.push(`${cur.func}(${_args(cur.args)})`)
+    }
   }
 
   return '$orderby=' + res.join(',')