@sap/cds 5.9.8 → 6.0.1

package/libx/_runtime/messaging/outbox/utils.js

@@ -3,12 +3,14 @@ const waitingTime = require('../common-utils/waitingTime')
 const OutboxRunner = require('./OutboxRunner')
 const { isStandardError } = require('../../common/error/standardError')
 const LOG = cds.log('persistent-outbox')
+const util = require('util')
 const _safeJSONParse = string => {
   try {
     return string && JSON.parse(string)
-  } catch (e) {}
+  } catch (_e) {
+    // Don't throw
+  }
 }
-
 const outboxRunner = new OutboxRunner()
 const cdsUser = 'cds.internal.user'
 const messageProcessorRegistered = Symbol('message processor registered')
@@ -30,7 +32,7 @@ const hasPersistentOutbox = (srv, tenant) => {
   if (!cds.requires.outbox || cds.requires.outbox.kind !== 'persistent-outbox') return false
   if (srv.options && srv.options.outbox && srv.options.outbox.kind && srv.options.outbox.kind !== 'persistent-outbox')
     return false
-  if (cds._mtxEnabled && tenant && _isProviderTenant(tenant)) return false // no persistence for provider account
+  if (cds.mtx && tenant && _isProviderTenant(tenant)) return false // no persistence for provider account
   return true
 }
 
@@ -42,9 +44,9 @@ const isUnrecoverable = (service, error) => {
 
 const _processSingleMessage = async (service, message, succeededMessages) => {
   const msg = _safeJSONParse(message.msg)
+  if (!msg) return
   const userId = msg[cdsUser]
   delete msg[cdsUser]
-  if (!msg) return message.ID
   // Promise resolve is necessary because we want to set `cds.context` only
   // inside this call
   return Promise.resolve().then(async () => {
@@ -128,9 +130,13 @@ const processMessages = async (service, tenant, _opts = {}) => {
           const info = { service: name, event: error.failedMessage.event }
           if (error.failedMessage.attempts > 0) info.cause = error.failedMessage.error
           LOG.error('Emit failed', info, `Retrying in ${Math.round(_waitingTime / 1000)} s`)
-          await UPDATE(messagesEntity)
-            .where({ ID: error.failedMessage.ID })
-            .set({ attempts: { '+=': 1 } })
+          const data = {
+            attempts: { '+=': 1 }
+          }
+          if (opts.storeLastError) {
+            data.lastError = util.inspect(error.failedMessage.error)
+          }
+          await UPDATE(messagesEntity).where({ ID: error.failedMessage.ID }).set(data)
           outboxRunner.schedule(
             {
               name,

package/libx/_runtime/messaging/redis-messaging.js

@@ -1,4 +1,3 @@
-/* eslint-disable prettier/prettier */
 const redis = require('redis')
 const cds = require('../../../lib')
 const waitingTime = require('./common-utils/waitingTime')

package/libx/_runtime/messaging/service.js

@@ -2,6 +2,8 @@ const cds = require('../cds')
 const queued = require('./common-utils/queued')
 const OutboxService = require('./Outbox')
 
+const appId = require('./common-utils/appId')
+
 const _topic = declared => declared['@topic'] || declared.name
 
 let usedTopicOnce = false
@@ -93,6 +95,7 @@ class MessagingService extends OutboxService {
     let res = topic
     if (!_inbound && this.options.publishPrefix) res = this.options.publishPrefix + res
     if (_inbound && this.options.subscribePrefix) res = this.options.subscribePrefix + res
+    res = res.replace(/\$appId/g, appId())
     return res
   }
 
@@ -111,7 +114,7 @@ class MessagingService extends OutboxService {
     const _msg = { ...msg }
     if (msg.inbound && !cds.context) {
       // REVISIT: why are all inbound messages executed with privileged user?
-      cds.context = { tenant: msg.tenant, user: new cds.User.Privileged() }
+      cds.context = { tenant: msg.tenant, user: cds.User.privileged }
     }
     _msg.event = _warnAndStripTopicPrefix(_msg.event, this.LOG)
     if (!_msg.headers) _msg.headers = {}

package/libx/_runtime/remote/Service.js

@@ -17,6 +17,7 @@ const { resolveView, getTransition, restoreLink, findQueryTarget } = require('..
 const { postProcess } = require('../common/utils/postProcessing')
 const { getKind, run, getDestination, getAdditionalOptions, getReqOptions } = require('./utils/client')
 const { formatVal } = require('../../odata/utils')
+const { hasAliasedColumns } = require('./utils/data')
 
 const _isSimpleCqnQuery = q => typeof q === 'object' && q !== null && !Array.isArray(q) && Object.keys(q).length > 0
 
@@ -108,10 +109,16 @@ const _handleUnboundActionFunction = (srv, def, req, event) => {
   return srv.get(url)
 }
 
+const _sendV2RequestActionFunction = (srv, def, url) => {
+  return def.kind === 'function'
+    ? srv.send({ method: 'GET', path: url, _returnType: def.returns })
+    : srv.send({ method: 'POST', path: url, data: {}, _returnType: def.returns })
+}
+
 const _handleV2ActionFunction = (srv, def, req, event, kind) => {
   const url =
     Object.keys(req.data).length > 0 ? _buildPartialUrlFunctions(`/${event}`, req.data, def.params, kind) : `/${event}`
-  return def.kind === 'function' ? srv.get(url) : srv.post(url, {})
+  return _sendV2RequestActionFunction(srv, def, url)
 }
 
 const _handleV2BoundActionFunction = (srv, def, req, event, kind) => {
@@ -128,7 +135,7 @@ const _handleV2BoundActionFunction = (srv, def, req, event, kind) => {
     params.push(...keys)
   }
   const url = `${`/${event}`}?${params.join('&')}`
-  return def.kind === 'function' ? srv.get(url) : srv.post(url, {})
+  return _sendV2RequestActionFunction(srv, def, url)
 }
 
 const _addHandlerActionFunction = (srv, def, target) => {
@@ -150,7 +157,7 @@ const _addHandlerActionFunction = (srv, def, target) => {
 }
 
 const _selectOnlyWithAlias = q => {
-  return q && q.SELECT && !q.SELECT._transitions && q.SELECT.columns && q.SELECT.columns.some(c => c.as)
+  return q && q.SELECT && !q.SELECT._transitions && q.SELECT.columns && q.SELECT.columns.some(hasAliasedColumns)
 }
 
 const resolvedTargetOfQuery = q => {
@@ -190,20 +197,19 @@ class RemoteService extends cds.Service {
     }
 
     this.on('*', async (req, next) => {
-      let { query } = req
+      const { query } = req
       if (!query && !(typeof req.path === 'string')) return next()
-      if (cds.env.features.resolve_views === false && typeof query === 'object' && this.model) {
-        query = resolveView(query, this.model, this)
-      }
 
       const resolvedTarget = resolvedTargetOfQuery(query) || getTransition(req.target, this).target
       const reqOptions = getReqOptions(req, query, this)
       reqOptions.headers = _setHeaders(reqOptions.headers, req)
+      const returnType = req._returnType
       const additionalOptions = getAdditionalOptions(
         req,
         this.destination,
         this.kind,
         resolvedTarget,
+        returnType,
         this.destinationOptions
       )
 
@@ -217,7 +223,7 @@ class RemoteService extends cds.Service {
       result =
         typeof query === 'object' && query.SELECT && query.SELECT.one && Array.isArray(result) ? result[0] : result
 
-      return cds.env.features.resolve_views === false && typeof query === 'object' ? postProcess(query, result) : result
+      return result
     })
   }
 
@@ -226,15 +232,15 @@ class RemoteService extends cds.Service {
   // - because of that tests/_runtime/remote/__tests__/integration/odata.test.js fails, which relies on the former behavoir of RemoteServices
   // NOTE: that test would never have worked for RemoteServices bootstrapped from single cds.model, which is always cds.compiled.for.odata
   // REVISIT: should become obsolete with Universal CSN
-  set model(m) {
-    const fn = cds.compile.for.odata
-    try {
-      cds.compile.for.odata = m => m
-      super.model = m
-    } finally {
-      cds.compile.for.odata = fn
-    }
-  }
+  // set model(m) {
+  //   const fn = cds.compile.for.odata
+  //   try {
+  //     cds.compile.for.odata = m => m
+  //     super.model = m
+  //   } finally {
+  //     cds.compile.for.odata = fn
+  //   }
+  // }
 
   // Overload .handle in order to resolve projections up to a definition that is known by the remote service instance.
   // Result is post processed according to the inverse projection in order to reflect the correct result of the original query.
@@ -262,7 +268,7 @@ class RemoteService extends cds.Service {
       restoreLink(req)
 
       // REVISIT: We need to provide target explicitly because it's cached already within ensure_target
-      const newReq = new cds.Request({ query: q, target: t, headers: req.headers, _resolved: true })
+      const newReq = new cds.Request({ query: q, target: t, headers: req.headers, _resolved: true, method: req.method })
       const result = await super.dispatch(newReq)
 
       return postProcess(q, result, this, true)

package/libx/_runtime/remote/utils/client.js

@@ -5,7 +5,7 @@ const SANITIZE_VALUES = process.env.NODE_ENV === 'production' && cds.env.log.san
 
 const { convertV2ResponseData, deepSanitize, convertV2PayloadData } = require('./data')
 
-let _cloudSdkCore
+let _cloudSdk
 
 const PPPD = {
   POST: 1,
@@ -23,12 +23,11 @@ const _sanitizeHeaders = headers => {
 }
 
 const _executeHttpRequest = async ({ requestConfig, destination, destinationOptions, jwt }) => {
-  const { getDestination, executeHttpRequest } = cloudSdkCore()
+  const { executeHttpRequestWithOrigin } = cloudSdk()
 
   const destinationName = typeof destination === 'string' && destination
   if (destinationName) {
-    destination = await getDestination(destinationName, resolveDestinationOptions(destinationOptions, jwt))
-    if (!destination) throw new Error(`Cannot resolve destination "${destinationName}"`)
+    destination = { destinationName, ...(resolveDestinationOptions(destinationOptions, jwt) || {}) }
   } else if (destination.forwardAuthToken) {
     destination = {
       ...destination,
@@ -44,20 +43,31 @@ const _executeHttpRequest = async ({ requestConfig, destination, destinationOpti
   }
 
   let requestOptions
-  if (PPPD[requestConfig.method] && cds.env.features.fetch_csrf) {
-    requestOptions = { fetchCsrfToken: true }
+  if (PPPD[requestConfig.method]) {
+    // For GET requests, one doesn't need to fetch CSRF tokens.
+    // Once we support batch requests (other than autoBatched GET requests),
+    // we must check the respective subrequests.
+    const csrfRequired = requestConfig._autoBatch ? false : cds.env.features.fetch_csrf === true
+    requestOptions = { fetchCsrfToken: csrfRequired }
   }
 
   LOG._debug &&
-    LOG.debug(`${requestConfig.method} ${destination.url}${requestConfig.url}`, {
+    LOG.debug(`${requestConfig.method} ${destination.url || `<${destination.destinationName}>`}${requestConfig.url}`, {
       headers: _sanitizeHeaders({ ...requestConfig.headers }),
       data: requestConfig.data && SANITIZE_VALUES ? deepSanitize(requestConfig.data) : requestConfig.data
     })
-  return executeHttpRequest(destination, requestConfig, requestOptions)
+
+  // cloud sdk requires a new mechanism to differentiate the priority of headers
+  // "custom" keeps the highest priority as before
+  requestConfig = { ...requestConfig, headers: { custom: { ...requestConfig.headers } } }
+
+  return executeHttpRequestWithOrigin(destination, requestConfig, requestOptions)
 }
 
-const cloudSdkCore = function () {
-  return _cloudSdkCore || (_cloudSdkCore = require('@sap-cloud-sdk/core'))
+const cloudSdk = () => {
+  if (_cloudSdk) return _cloudSdk
+  _cloudSdk = require('@sap-cloud-sdk/http-client')
+  return _cloudSdk
 }
 
 const getDestination = (name, credentials) => {
@@ -74,20 +84,18 @@ const getDestination = (name, credentials) => {
 }
 
 /**
- * @param {import('./client-types').DestinationOptions} [options]
+ * @param {import('@sap-cloud-sdk/connectivity').DestinationFetchOptions} [options]
  * @param {string} [jwt]
- * @returns {import('@sap-cloud-sdk/core').DestinationOptions}
+ * @returns {import('@sap-cloud-sdk/connectivity').DestinationFetchOptions}
  */
 const resolveDestinationOptions = function (options, jwt) {
   if (!options && !jwt) return undefined
 
   const resolvedOptions = Object.assign({}, options || {})
-  resolvedOptions.userJwt = jwt
+  resolvedOptions.jwt = jwt
 
   if (options && options.selectionStrategy) {
-    resolvedOptions.selectionStrategy = cloudSdkCore().DestinationSelectionStrategies[options.selectionStrategy]
-    if (!resolvedOptions.selectionStrategy)
-      throw new Error(`Unsupported destination selection strategy "${options.selectionStrategy}".`)
+    resolvedOptions.selectionStrategy = options.selectionStrategy
   }
 
   return resolvedOptions
@@ -165,15 +173,31 @@ function _normalizeMetadata(prefix, data, results) {
   }
   return target
 }
+const _getPurgedRespActionFunc = (data, returnType) => {
+  // return type is primitive value or inline/complex type
+  if (returnType.kind === 'type' && !returnType.items && Object.values(data).length === 1) {
+    // eslint-disable-next-line no-unreachable-loop
+    for (const key in data) {
+      return data[key]
+    }
+  }
+  return data
+}
 
-const _purgeODataV2 = (data, target, reqHeaders) => {
+const _purgeODataV2 = (data, target, returnType, reqHeaders) => {
   if (typeof data !== 'object' || !data.d) return data
 
-  data = data.d
+  data = returnType ? _getPurgedRespActionFunc(data.d, returnType) : data.d
   const ieee754Compatible = reqHeaders.accept && reqHeaders.accept.includes('IEEE754Compatible=true')
   const exponentialDecimals = ieee754Compatible && reqHeaders.accept.includes('ExponentialDecimals=true')
-  const purgedResponse = 'results' in data ? data.results : data
-  const convertedResponse = convertV2ResponseData(purgedResponse, target, ieee754Compatible, exponentialDecimals)
+  const purgedResponse = typeof data === 'object' && 'results' in data ? data.results : data
+  const convertedResponse = convertV2ResponseData(
+    purgedResponse,
+    target,
+    returnType,
+    ieee754Compatible,
+    exponentialDecimals
+  )
   return _normalizeMetadata(/^__/, data, convertedResponse)
 }
 
@@ -187,12 +211,15 @@ const _purgeODataV4 = data => {
 const TYPES_TO_REMOVE = { function: 1, object: 1 }
 const PROPS_TO_IGNORE = { cause: 1, name: 1 }
 
-const _getSanitizedError = (e, reqOptions, suppressRemoteResponseBody) => {
+const _getSanitizedError = (e, reqOptions, options = { suppressRemoteResponseBody: false, batchRequest: false }) => {
   e.request = {
     method: reqOptions.method,
     url: e.config ? e.config.baseURL + e.config.url : reqOptions.url,
     headers: e.config ? e.config.headers : reqOptions.headers
   }
+  if (options.batchRequest) {
+    e.request.body = reqOptions.data
+  }
 
   if (e.response) {
     const response = {
@@ -200,7 +227,7 @@ const _getSanitizedError = (e, reqOptions, suppressRemoteResponseBody) => {
       statusText: e.response.statusText,
       headers: e.response.headers
     }
-    if (e.response.data && !suppressRemoteResponseBody) {
+    if (e.response.data && !options.suppressRemoteResponseBody) {
       response.body = e.response.data
     }
     e.response = response
@@ -236,19 +263,26 @@ const _getSanitizedError = (e, reqOptions, suppressRemoteResponseBody) => {
 // eslint-disable-next-line complexity
 const run = async (
   requestConfig,
-  { destination, jwt, kind, resolvedTarget, suppressRemoteResponseBody, destinationOptions }
+  { destination, jwt, kind, resolvedTarget, returnType, suppressRemoteResponseBody, destinationOptions }
 ) => {
   let response
   try {
     response = await _executeHttpRequest({ requestConfig, destination, destinationOptions, jwt })
   } catch (e) {
     // > axios received status >= 400 -> gateway error
-    e.message = e.message ? 'Error during request to remote service: ' + e.message : 'Request to remote service failed.'
-
-    const sanitizedError = _getSanitizedError(e, requestConfig, suppressRemoteResponseBody)
+    const msg =
+      (e.response &&
+        e.response.data &&
+        e.response.data.error &&
+        ((e.response.data.error.message && e.response.data.error.message.value) || e.response.data.error.message)) ||
+      e.message
+    e.message = msg ? 'Error during request to remote service: \n' + msg : 'Request to remote service failed.'
+
+    const sanitizedError = _getSanitizedError(e, requestConfig, {
+      suppressRemoteResponseBody: suppressRemoteResponseBody
+    })
 
-    // REVISIT: switch from innererror to reason in cds^6
-    const err = Object.assign(new Error(e.message), { statusCode: 502, innererror: sanitizedError })
+    const err = Object.assign(new Error(e.message), { statusCode: 502, reason: sanitizedError })
     LOG._warn && LOG.warn(err)
 
     throw err
@@ -268,12 +302,13 @@ const run = async (
     const e = new Error("Received content-type 'text/html' which is not part of accepted content types")
     e.response = response
 
-    const sanitizedError = _getSanitizedError(e, requestConfig, suppressRemoteResponseBody)
+    const sanitizedError = _getSanitizedError(e, requestConfig, {
+      suppressRemoteResponseBody: suppressRemoteResponseBody
+    })
 
-    // REVISIT: switch from innererror to reason in cds^6
     const err = Object.assign(new Error(`Error during request to remote service: ${e.message}`), {
       statusCode: 502,
-      innererror: sanitizedError
+      reason: sanitizedError
     })
 
     LOG._warn && LOG.warn(err)
@@ -297,27 +332,28 @@ const run = async (
       response.data = contentJSON
     }
     if (responseDataSplitted[1].startsWith('HTTP/1.1 4') || responseDataSplitted[1].startsWith('HTTP/1.1 5')) {
-      contentJSON.message = contentJSON.message
-        ? 'Error during request to remote service: ' + contentJSON.message
-        : 'Request to remote service failed.'
-      const sanitizedError = _getSanitizedError(contentJSON, requestConfig)
-
-      const err = Object.assign(new Error(contentJSON.message), { statusCode: 502, innererror: sanitizedError })
+      const innerError = contentJSON.error || contentJSON
+      innerError.status = Number(responseDataSplitted[1].match(/HTTP.*(\d{3})/m)[1])
+      innerError.response = response
+      const sanitizedError = _getSanitizedError(innerError, requestConfig, { batchRequest: true })
+      const err = Object.assign(new Error('Request to remote service failed.'), {
+        statusCode: 502,
+        reason: sanitizedError
+      })
 
       LOG._warn && LOG.warn(err)
 
-      // REVISIT: switch from innererror to reason in cds^6
       throw err
     }
   }
 
   if (kind === 'odata-v4') return _purgeODataV4(response.data)
-  if (kind === 'odata-v2') return _purgeODataV2(response.data, resolvedTarget, requestConfig.headers)
+  if (kind === 'odata-v2') return _purgeODataV2(response.data, resolvedTarget, returnType, requestConfig.headers)
   if (kind === 'odata') {
     if (typeof response.data !== 'object') return response.data
     // try to guess if we need to purge v2 or v4
     if (response.data.d) {
-      return _purgeODataV2(response.data, resolvedTarget, requestConfig.headers)
+      return _purgeODataV2(response.data, resolvedTarget, returnType, requestConfig.headers)
     }
     return _purgeODataV4(response.data)
   }
@@ -335,8 +371,10 @@ const getJwt = req => {
   return null
 }
 
-const _cqnToReqOptions = (query, kind, model, target) => {
-  const queryObject = cds.odata.urlify(query, { kind, model })
+const _cqnToReqOptions = (query, service, req) => {
+  const { kind, model } = service
+  const method = req.method
+  const queryObject = cds.odata.urlify(query, { kind, model, method })
   const reqOptions = {
     method: queryObject.method,
     url: queryObject.path
@@ -345,7 +383,7 @@ const _cqnToReqOptions = (query, kind, model, target) => {
       .replace(/ \)/g, ')')
   }
   if (queryObject.method !== 'GET' && queryObject.method !== 'HEAD') {
-    reqOptions.data = kind === 'odata-v2' ? convertV2PayloadData(queryObject.body, target) : queryObject.body
+    reqOptions.data = kind === 'odata-v2' ? convertV2PayloadData(queryObject.body, req.target) : queryObject.body
   }
   return reqOptions
 }
@@ -390,7 +428,7 @@ const _hasHeader = (headers, header) =>
 const getReqOptions = (req, query, service) => {
   const reqOptions =
     typeof query === 'object'
-      ? _cqnToReqOptions(query, service.kind, service.model, req.target)
+      ? _cqnToReqOptions(query, service, req)
       : typeof query === 'string'
       ? _stringToReqOptions(query, req.data, req.target)
       : _pathToReqOptions(req.method, req.path, req.data, req.target)
@@ -450,9 +488,9 @@ const getReqOptions = (req, query, service) => {
   return reqOptions
 }
 
-const getAdditionalOptions = (req, destination, kind, resolvedTarget, destinationOptions) => {
+const getAdditionalOptions = (req, destination, kind, resolvedTarget, returnType, destinationOptions) => {
   const jwt = getJwt(req)
-  const additionalOptions = { destination, kind, resolvedTarget, destinationOptions }
+  const additionalOptions = { destination, kind, resolvedTarget, returnType, destinationOptions }
   if (jwt) additionalOptions.jwt = jwt
   return additionalOptions
 }

package/libx/_runtime/remote/utils/data.js

@@ -22,8 +22,10 @@ const DataTypeOData = {
   Time: 'cds.TimeOfDay'
 }
 
-const _convertData = (data, target, convertValueFn) => {
-  const _convertRecordFn = _getConvertRecordFn(target, convertValueFn)
+const _convertData = (data, target, convertValueFn, returnType) => {
+  const _convertRecordFn = returnType
+    ? _convertActionFuncResponse(returnType, convertValueFn)
+    : _getConvertRecordFn(target, convertValueFn)
   if (Array.isArray(data)) {
     return data.map(_convertRecordFn)
   }
@@ -52,6 +54,16 @@ const _getConvertRecordFn = (target, convertValueFn) => record => {
   return record
 }
 
+const _convertActionFuncResponse = (returnType, convertValueFn) => data => {
+  // return type is entity/complex type or array of entities/complex types
+  if (returnType.elements || (returnType.items && returnType.items.elements)) {
+    const _convertRecordFn = _getConvertRecordFn(returnType.items || returnType, convertValueFn)
+    return _convertRecordFn(data)
+  }
+  // return type is primitive type/array of primitive types
+  return convertValueFn(data, returnType.items || returnType)
+}
+
 // eslint-disable-next-line complexity
 const _convertValue = (ieee754Compatible, exponentialDecimals) => (value, element) => {
   if (value == null) {
@@ -151,9 +163,9 @@ const _elementType = element => {
   return type
 }
 
-const convertV2ResponseData = (data, target, ieee754Compatible, exponentialDecimals) => {
-  if (!target || !target.elements) return data
-  return _convertData(data, target, _convertValue(ieee754Compatible, exponentialDecimals))
+const convertV2ResponseData = (data, target, returnType, ieee754Compatible, exponentialDecimals) => {
+  if (!((target && target.elements) || returnType)) return data
+  return _convertData(data, target, _convertValue(ieee754Compatible, exponentialDecimals), returnType)
 }
 
 const convertV2PayloadData = (data, target) => {
@@ -171,8 +183,13 @@ const deepSanitize = arg => {
   return '***'
 }
 
+const hasAliasedColumns = (column = {}) => {
+  return column.as || (column.expand && column.expand.some(hasAliasedColumns))
+}
+
 module.exports = {
   convertV2ResponseData,
   convertV2PayloadData,
-  deepSanitize
+  deepSanitize,
+  hasAliasedColumns
 }

package/libx/_runtime/sqlite/Service.js

@@ -99,33 +99,34 @@ module.exports = class SQLiteDatabase extends DatabaseService {
     }
   }
 
+  getDbUrl(tenant) {
+    const credentials = this.options.credentials || this.options || {}
+    let dbUrl = credentials.database || credentials.url || credentials.host || ':memory:'
+
+    if (tenant && dbUrl.endsWith('.db')) {
+      dbUrl = dbUrl.split('.db')[0] + '_' + tenant + '.db'
+    }
+    return dbUrl
+  }
+
   /*
    * connection
    */
   async acquire(arg) {
     // in non-multi-tenant scenarios, the default db should be returned regardless of arg
-    let tenant = 'anonymous'
     const isMultitenant = 'multiTenant' in this.options ? this.options.multiTenant : cds.env.requires.multitenancy
     // REVISIT: there should already be compat for the multitenancy flag, why is it not working here?
-    if (isMultitenant && arg) {
-      if (typeof arg === 'string') tenant = arg
-      else tenant = arg.tenant || (arg.user && arg.user.tenant) || tenant // > REVISIT: remove fallback arg.user.tenant with cds^6
-    }
-
+    // REVISIT: remove fallback arg.user.tenant with cds^6
+    const tenant = isMultitenant && arg && (typeof arg === 'string' ? arg : arg.tenant || (arg.user && arg.user.tenant))
     let dbc = this.dbcs.get(tenant)
     if (!dbc) {
-      const credentials = this.options.credentials || this.options || {}
-      let dbUrl = credentials.database || credentials.url || credentials.host || ':memory:'
-
-      if (isMultitenant && dbUrl.endsWith('.db')) {
-        dbUrl = dbUrl.split('.db')[0] + '_' + tenant + '.db'
-      }
+      const dbUrl = this.getDbUrl(tenant)
 
       dbc = await _new(dbUrl)
 
       dbc._queued = []
 
-      if (cds.env.features._db_foreign_key_constraints) {
+      if (cds.env.features.assert_integrity && cds.env.features.assert_integrity_type == 'DB') {
         await new Promise((resolve, reject) => {
           dbc.exec('PRAGMA foreign_keys = ON', err => {
             if (err) reject(err)

package/libx/_runtime/sqlite/convertAssocToOneManaged.js

@@ -28,8 +28,10 @@ const _convert = (refEntries, req) => {
       // only check refs in format {ref: ['assoc', 'id']}
       continue
     }
+
     const element = req.target.elements[refEntry.ref[0]]
     if (!element || !element.is2one) return
+
     _convertRefForAssocToOneManaged(element, refEntry)
   }
 }

package/libx/_runtime/sqlite/customBuilder/CustomSelectBuilder.js

@@ -34,6 +34,7 @@ class CustomSelectBuilder extends SelectBuilder {
   }
 
   _forUpdate() {}
+  _forShareLock() {}
 }
 
 module.exports = CustomSelectBuilder

package/libx/_runtime/sqlite/execute.js

@@ -8,6 +8,7 @@ const { Readable } = require('stream')
 const cds = require('../cds')
 const LOG = cds.log('sqlite|db|sql')
 // && {_debug:true, debug(sql){ cds._debug && console.log(sql+';\n') }} //> please keep that for debugging stakeholder tests
+const coloredTxCommands = require('../db/utils/coloredTxCommands')
 const { inspect } = require('util')
 
 const SANITIZE_VALUES = process.env.NODE_ENV === 'production' && cds.env.log.sanitize_values !== false
@@ -26,14 +27,6 @@ const _captureStack = DEBUG
     }
   : () => undefined
 
-/*
- * helpers
- */
-const _colored = {
-  BEGIN: '\x1b[1m\x1b[33mBEGIN\x1b[0m',
-  COMMIT: '\x1b[1m\x1b[32mCOMMIT\x1b[0m',
-  ROLLBACK: '\x1b[1m\x1b[91mROLLBACK\x1b[0m'
-}
 const _augmented = (err, sql, values, o) => {
   err.query = sql
   if (values) err.values = SANITIZE_VALUES ? ['***'] : values
@@ -43,7 +36,8 @@ const _augmented = (err, sql, values, o) => {
 }
 
 function _executeSimpleSQL(dbc, sql, values) {
-  LOG._debug && LOG.debug(_colored[sql] || sql, Array.isArray(values) ? (SANITIZE_VALUES ? ['***'] : values) : '')
+  LOG._debug &&
+    LOG.debug(coloredTxCommands[sql] || sql, Array.isArray(values) ? (SANITIZE_VALUES ? ['***'] : values) : '')
 
   return new Promise((resolve, reject) => {
     const o = _captureStack()