@sap/cds 6.0.4 → 6.1.0

package/libx/_runtime/extensibility/linter/namespace_checker.js

@@ -0,0 +1,180 @@
+const Checker = require('./checker_base')
+
+class NamespaceChecker extends Checker {
+  static async check(extensionCsn, fullCsn, compileDir, mtxConfig) {
+    let elementPrefixes = mtxConfig['element-prefix']
+    let namespaceBlocklist = mtxConfig['namespace-blocklist'] || mtxConfig['namespace-blacklist']
+    const warnings = []
+
+    if (elementPrefixes) {
+      if (!Array.isArray(elementPrefixes)) {
+        elementPrefixes = [elementPrefixes]
+      }
+
+      if (extensionCsn.extensions) {
+        // forall switches back to definitions if extensions are undefined
+        extensionCsn.forall(
+          () => true,
+          (element, name, parent) => {
+            element.name = name // TODO check if bug
+            this._checkElement(element, parent, elementPrefixes, compileDir, warnings)
+          },
+          extensionCsn.extensions
+        )
+      }
+
+      extensionCsn.forall(
+        element => {
+          return ['entity', 'function', 'action'].includes(element.kind)
+        },
+        entity => {
+          this._checkEntity(entity, extensionCsn, fullCsn, elementPrefixes, compileDir, warnings)
+        }
+      )
+    }
+
+    if (namespaceBlocklist) {
+      if (!Array.isArray(namespaceBlocklist)) {
+        namespaceBlocklist = [namespaceBlocklist]
+      }
+
+      extensionCsn.forall('service', service => {
+        this._checkNamespace(service, namespaceBlocklist, compileDir, warnings)
+      })
+
+      extensionCsn.forall(
+        element => {
+          return ['aspect', 'entity', 'type'].includes(element.kind)
+        },
+        entity => {
+          if (entity._unresolved) return // skip unresolved entities
+          this._checkNamespace(entity, namespaceBlocklist, compileDir, warnings)
+        }
+      )
+    }
+
+    return warnings
+  }
+
+  static _checkElement(element, parent, elementPrefixes, compileDir, warnings) {
+    if (elementPrefixes.length < 1) {
+      return
+    }
+
+    if (!parent) {
+      return
+    }
+
+    for (const elementPrefix of elementPrefixes) {
+      if (!parent.extend || element.name.startsWith(elementPrefix)) {
+        return
+      }
+    }
+
+    warnings.push(this._createPrefixWarning(element, compileDir, elementPrefixes))
+  }
+
+  static _checkEntity(element, reflectedCsn, reflectedFullCsn, elementPrefixes, compileDir, warnings) {
+    if (elementPrefixes.length < 1) {
+      return
+    }
+
+    if (!this._hasEnclosingEntity(reflectedCsn, element)) {
+      return
+    }
+
+    const parent = this._getEnclosingEntity(reflectedCsn, element)
+
+    // parent exists in extension
+    if (parent) {
+      return
+    }
+
+    // check full csn for parent - if it exists, continue
+    const parentFromFullCsn = this._getEnclosingEntity(reflectedFullCsn, element)
+    if (!parentFromFullCsn) {
+      return
+    }
+
+    // checks nested element - TODO determine real parent and split off parent name
+    const nestedElementName = this._getNestedEntityName(element) // ,parent
+
+    for (const elementPrefix of elementPrefixes) {
+      if (nestedElementName.startsWith(elementPrefix)) {
+        return
+      }
+    }
+
+    warnings.push(this._createPrefixWarning(element, compileDir, elementPrefixes))
+  }
+
+  static _hasEnclosingEntity(reflectedCsn, element) {
+    const plainEntityName = element.name.replace(reflectedCsn.namespace + '.', '')
+    const splitEntityName = plainEntityName.split('.')
+    if (splitEntityName.length > 1) {
+      return true
+    }
+    return false
+  }
+
+  static _getEnclosingEntity(reflectedCsn, element) {
+    const splitEntityName = element.name.split('.')
+    if (splitEntityName.length > 1) {
+      splitEntityName.pop()
+      return reflectedCsn.definitions[splitEntityName.join('.')]
+    }
+    return null
+  }
+
+  static _getNestedEntityName(element) {
+    const splitEntityName = element.name.split('.')
+    splitEntityName.shift()
+    return splitEntityName.join('.')
+  }
+
+  static _checkNamespace(element, namespaceBlacklist, compileDir, warnings) {
+    for (const namespace of namespaceBlacklist) {
+      if (element.name.startsWith(namespace)) {
+        warnings.push(this._createNamespaceWarning(element, compileDir, namespace))
+      }
+    }
+  }
+
+  static _createPrefixWarning(element, compileDir, prefixRule) {
+    const originFile = this._localizeFile(element.$location.file, compileDir)
+
+    return (
+      'Element ' +
+      element.name +
+      ' from ' +
+      originFile +
+      ' (line:' +
+      element.$location.line +
+      ', col:' +
+      element.$location.col +
+      ')' +
+      ' does not adhere to prefix rule: ' +
+      prefixRule
+    )
+  }
+
+  static _createNamespaceWarning(element, compileDir, namespace) {
+    const originFile = this._localizeFile(element.$location.file, compileDir)
+
+    return (
+      'Element ' +
+      element.name +
+      ' from ' +
+      originFile +
+      ' (line:' +
+      element.$location.line +
+      ', col:' +
+      element.$location.col +
+      ')' +
+      ' uses a forbidden namespace: ' +
+      namespace
+    )
+  }
+}
+
+module.exports = NamespaceChecker

package/libx/_runtime/extensibility/linter.js

@@ -0,0 +1,32 @@
+const cds = require('../cds')
+
+const NamespaceChecker = require('./linter/namespace_checker')
+const AnnotationsChecker = require('./linter/annotations_checker')
+const AllowlistChecker = require('./linter/allowlist_checker')
+
+const LINTER_OPTIONS = ['element-prefix', 'extension-allowlist', 'namespace-blocklist']
+const LEGACY_OPTIONS = ['entity-whitelist', 'service-whitelist', 'namespace-blacklist']
+
+const linter = async (extCsn, fullCsn, extensionFilenames, req) => {
+  const conf = cds.env.requires['cds.xt.ExtensibilityService'] || cds.env.mtx
+  const compat = cds.env.mtx
+  const linter_options = {}
+  let x
+  for (let p of LINTER_OPTIONS) if ((x = conf[p] || compat[p])) linter_options[p] = x // eslint-disable-line no-cond-assign
+  for (let p of LEGACY_OPTIONS) if ((x = compat[p])) linter_options[p] = x // eslint-disable-line no-cond-assign
+  if (!Object.keys(linter_options).length) return
+
+  const reflectedCsn = cds.reflect(extCsn)
+  const compileBaseDir = global.cds.root
+  const warnings = await Promise.all([
+    NamespaceChecker.check(reflectedCsn, fullCsn, compileBaseDir, linter_options),
+    AnnotationsChecker.check(reflectedCsn, extensionFilenames, compileBaseDir, linter_options),
+    AllowlistChecker.check(reflectedCsn, fullCsn, extensionFilenames, compileBaseDir, linter_options)
+  ])
+  const linterWarnings = [].concat.apply([], warnings) // REVISIT: What are we doing here?
+  if (linterWarnings.length > 0) {
+    req.reject(422, linterWarnings[0]) // REVISIT: Why are we returning the first warning only?
+  }
+}
+
+module.exports = linter

package/libx/_runtime/extensibility/push.js

@@ -3,29 +3,29 @@ const path = require('path')
 const cds = require('../cds')
 
 const activate = require('./activate')
-const { validateExtension } = require('./validation')
-const { collectFiles, getCompilerError, exists } = require('./utils')
+const { collectFiles, getCompilerError } = require('./utils')
 const { packTarArchive, unpackTarArchive } = require('../../../lib/utils/resources')
+const linter = require('./linter')
 
 const TEMP_DIR = fs.realpathSync(require('os').tmpdir())
+const LOG = cds.log('mtx')
 
 const _compileProject = async function (extension, req) {
-  let csn, root
+  let csn, root, files
   try {
     root = await fs.promises.mkdtemp(`${TEMP_DIR}${path.sep}extension-`)
     await unpackTarArchive(extension, root)
-    csn = await cds.compile(collectFiles(root, ['.cds', '.json']), { flavor: 'parsed' })
+    files = collectFiles(root, ['.cds', '.csn']) // REVISIT: don't we have exactly one ext.csn file for all extensions?
+    csn = await cds.compile(files, { flavor: 'parsed' })
     if (csn.requires) delete csn.requires
   } catch (err) {
     if (err.messages) req.reject(400, getCompilerError(err.messages))
     else throw err
   } finally {
-    if (await exists(root)) {
-      await (fs.promises.rm || fs.promises.rmdir)(root, { recursive: true, force: true })
-    }
+    ;(fs.promises.rm || fs.promises.rmdir)(root, { recursive: true, force: true }).catch(() => {})
   }
 
-  return csn
+  return { csn, files }
 }
 
 const base = async function (req) {
@@ -38,24 +38,81 @@ const base = async function (req) {
   return packTarArchive([...cdsFiles, ...csvFiles, ...i18nFiles], cds.root)
 }
 
+// const _copyFile = async function (file, dir) {
+//   const destination = path.join(dir, path.relative(cds.root, file))
+//   const dirname = path.dirname(destination)
+//   if (!(await exists(dirname))) await fs.promises.mkdir(dirname, { recursive: true })
+//   await fs.promises.copyFile(file, destination)
+// }
+
+const pull = async function (req) {
+  LOG.info(`pulling latest model for tenant '${req.tenant}'`)
+  const { 'cds.xt.ModelProviderService': mps } = cds.services
+  const csn = await mps.getCsn({
+    tenant: req.tenant,
+    toggles: Object.keys(cds.context.features || {}), // with all enabled feature extensions
+    base: true, // without any custom extensions
+    flavor: 'xtended'
+  })
+  // const csvObj = await cds.deploy.resources()
+  // const csvFiles = Object.keys(csvObj).filter(f => f.startsWith(cds.root) && !f.includes('node_modules'))
+  // const i18nFiles = collectFiles(cds.root, ['.properties'])
+
+  req._.res?.set('content-type', 'application/octet-stream; charset=binary')
+
+  let temp, tgz
+  try {
+    temp = await fs.promises.mkdtemp(`${TEMP_DIR}${path.sep}extension-`)
+    await fs.promises.writeFile(path.join(temp, 'index.csn'), cds.compile.to.json(csn))
+    // for (const file of csvFiles) await _copyFile(file, temp)
+    // for (const file of i18nFiles) await _copyFile(file, temp)
+    tgz = await packTarArchive(temp)
+  } finally {
+    ;(fs.promises.rm || fs.promises.rmdir)(temp, { recursive: true, force: true }).catch(() => {})
+  }
+
+  return tgz
+}
+
 const push = async function (req) {
-  let { extension } = req.data
-  if (!extension || !extension.data) req.reject(400, 'Missing extension')
-  const csn = await _compileProject(extension.data, req)
-  if (!csn) req.reject(400, 'Missing or bad extension')
+  let { extension, tag } = req.data
+  if (!extension) req.reject(400, 'Missing extension')
+  const sources = typeof extension === 'string' ? Buffer.from(extension, 'base64') : extension
+  const { csn: extCsn, files } = await _compileProject(sources, req)
+  if (!extCsn) req.reject(400, 'Missing or bad extension')
+  if (!tag) tag = null
   const tenant = req.tenant
-  await validateExtension(csn, tenant, req)
+  if (tenant) cds.context = { tenant }
+
+  // remove current extension with tag
+  let currentExt
+  if (tag) {
+    currentExt = await cds.db.run(SELECT.from('cds.xt.Extensions').where({ tag }))
+    if (currentExt.length) await cds.db.run(DELETE.from('cds.xt.Extensions').where({ tag }))
+  }
 
+  LOG.info(`validating extension '${tag}' ...`)
+  // validation
+  const { 'cds.xt.ModelProviderService': mps } = cds.services
+  const csn = await mps.getCsn(tenant, Object.keys(cds.context.features || {}))
+  try {
+    cds.extend(csn).with(extCsn)
+  } catch (err) {
+    if (currentExt && currentExt.length) {
+      await cds.db.run(INSERT.into('cds.xt.Extensions').entries(currentExt)) // REVISIT: why did we eagerly delete that at all above?
+    }
+    return req.reject(400, getCompilerError(err.messages))
+  }
+  await linter(extCsn, csn, files, req)
+
+  // insert and activate extension
   const ID = cds.utils.uuid()
-  await cds.tx({ tenant }, async tx => {
-    await tx.run(
-      INSERT.into('cds.xt.Extensions').entries([
-        { ID, csn: JSON.stringify(csn), sources: extension.data, activated: 'database' }
-      ])
-    )
-  })
+  await cds.db.run(
+    INSERT.into('cds.xt.Extensions').entries([{ ID, csn: JSON.stringify(extCsn), sources, activated: 'database', tag }])
+  )
 
+  LOG.info(`activating extension '${tag}' ...`)
   await activate(ID, null, tenant)
 }
 
-module.exports = { base, push }
+module.exports = { base, push, pull }

package/libx/_runtime/extensibility/service.js

@@ -2,20 +2,37 @@ const cds = require('../cds')
 
 const addExtension = require('./addExtension')
 const { add, promote } = require('./add')
-const { base, push } = require('./push')
+const { base, push, pull } = require('./push')
+const { token } = require('./token')
 const { transformExtendedFieldsCREATE, transformExtendedFieldsUPDATE } = require('./handler/transformWRITE')
 const { transformExtendedFieldsREAD } = require('./handler/transformREAD')
 const { transformExtendedFieldsRESULT } = require('./handler/transformRESULT')
 
-module.exports = async function () {
-  this.on('addExtension', addExtension)
-  this.on('add', add)
-  this.on('promote', promote)
-  this.on('base', base)
-  this.on('push', push)
-  cds.db
-    .before('CREATE', transformExtendedFieldsCREATE)
-    .before('UPDATE', transformExtendedFieldsUPDATE)
-    .before('READ', transformExtendedFieldsREAD)
-    .after('READ', transformExtendedFieldsRESULT)
+module.exports = class ExtensibilityService extends cds.ApplicationService {
+  init() {
+    this.on('addExtension', addExtension)
+    this.on('add', add)
+    this.on('promote', promote)
+    this.on('base', base)
+    this.on('push', push)
+    this.on('pull', pull)
+
+    cds.on('served', () => cds.app.get('/-/cds/login/token', token))
+
+    const { 'cds.xt.ModelProviderService': mps } = cds.services
+    // REVISIT: mps._in_sidecar -> revisit options
+    if (!mps?._in_sidecar)
+      cds.db
+        .before('CREATE', transformExtendedFieldsCREATE)
+        .before('UPDATE', transformExtendedFieldsUPDATE)
+        .before('READ', transformExtendedFieldsREAD)
+        .after('READ', transformExtendedFieldsRESULT)
+
+    return super.init()
+  }
+
+  // REVISIT: Do we want to keep this?
+  get isExtensible() {
+    return false
+  }
 }

package/libx/_runtime/extensibility/token.js

@@ -0,0 +1,56 @@
+const { URL } = require('url')
+const cds = require('../../../lib')
+const LOG = cds.log()
+
+module.exports = {
+  async token(request, response) {
+    if (request.method === 'HEAD') {
+      response.status(204).send()
+      return
+    }
+
+    const { passcode, refresh_token, subdomain, clientid, clientsecret } = request.query
+    const { credentials } = cds.env.requires.auth
+    if (!credentials) {
+      cds.error(
+        'No auth credentials defined. The application is likely not bound to an authentication service instance.'
+      )
+    }
+
+    const parsedUrl = new URL(credentials.url)
+    parsedUrl.hostname = subdomain + '.' + parsedUrl.hostname.split('.').slice(1).join('.')
+
+    LOG.info(`Get auth token using URL ${parsedUrl}`)
+
+    if (clientid) {
+      LOG.info(`Using clientid/clientsecret from API call with clientid ${clientid}`)
+    }
+
+    const username = clientid ? clientid : credentials.clientid
+    const password = clientid ? clientsecret : credentials.clientsecret
+    const { xsappname } = cds.env.requires.auth?.credentials ?? cds.env.requires.uaa?.credentials ?? {}
+    const path =
+      (refresh_token
+        ? `oauth/token?grant_type=refresh_token&refresh_token=${refresh_token}`
+        : `oauth/token?grant_type=password&passcode=${encodeURIComponent(passcode)}`) +
+      `&scope=${encodeURIComponent(xsappname + '.cds.ExtensionDeveloper')}`
+
+    try {
+      const { data } = await require('axios').post(
+        parsedUrl + path,
+        { 'Content-Type': 'application/json' },
+        { auth: { username, password } }
+      )
+      response.send(data)
+    } catch (error) {
+      error.message = `Authentication failed with root cause '${error.message}'. Passcode URL: https://${parsedUrl.hostname}/passcode`
+      const {
+        constructor: { name },
+        message
+      } = error
+      const status = name in { JwtRequestError: 1, IncompleteJwtResponseError: 1 } ? 401 : error.response.status ?? 500
+      LOG.error(message)
+      response.status(status).send({ message, status })
+    }
+  }
+}

package/libx/_runtime/extensibility/validation.js

@@ -2,12 +2,12 @@ const cds = require('../cds')
 
 const { getCompilerError } = require('./utils')
 
-const validateCsn = (csn, req) => {
+const validateCsn = (csn, appCsn, req) => {
   if (!csn) req.reject(400, 'Missing extension')
   if (!csn.extensions) return
 
   csn.extensions.forEach(extension => {
-    if (!extension.extend || !cds.model.definitions[extension.extend]) {
+    if (!extension.extend || !appCsn.definitions[extension.extend]) {
       req.reject(400, 'Invalid extension. Parameter "extend" missing or malformed')
     }
 
@@ -17,7 +17,7 @@ const validateCsn = (csn, req) => {
   })
 }
 
-const validateExtensionFields = (csn, req) => {
+const validateExtensionFields = (csn, appCsn, req) => {
   if (!csn.extensions) return
 
   csn.extensions.forEach(extension => {
@@ -27,7 +27,7 @@ const validateExtensionFields = (csn, req) => {
           req.reject(400, `Invalid extension. Bad element name "${name}"`)
         }
 
-        if (Object.keys(cds.model.definitions[extension.extend].elements).includes(name)) {
+        if (Object.keys(appCsn.definitions[extension.extend].elements).includes(name)) {
           req.reject(400, `Invalid extension. Element "${name}" already exists`)
         }
       })
@@ -35,12 +35,9 @@ const validateExtensionFields = (csn, req) => {
   })
 }
 
-const validateExtension = async (ext, tenant, req) => {
+const validateExtension = (ext, csn, req) => {
   try {
-    const { 'cds.xt.ModelProviderService': mps } = cds.services
-    const csn = await mps.getCsn(tenant, ['*'])
-    const extCsn = cds.compile.to.json(ext)
-    await cds.compile.to.csn({ 'base.csn': JSON.stringify(csn), 'ext.csn': extCsn })
+    cds.extend(csn).with(ext)
   } catch (err) {
     req.reject(400, getCompilerError(err.messages))
   }

package/libx/_runtime/fiori/generic/new.js

@@ -56,17 +56,6 @@ const _handler = async function (req, next) {
     return onDraftActivate(req, next)
   }
 
-  // fill default values
-  const elements = req.target.elements
-  for (const column in elements) {
-    const col = elements[column]
-    if (col.default !== undefined && !(column in DRAFT_COLUMNS_MAP)) {
-      if ('val' in col.default) req.data[col.name] = col.default.val
-      else if ('ref' in col.default) req.data[col.name] = col.default.ref[0]
-      else req.data[col.name] = col.default
-    }
-  }
-
   const navigationToMany = isNavigationToMany(req)
 
   const adminDataCQN = navigationToMany

package/libx/_runtime/hana/Service.js

@@ -91,7 +91,6 @@ class HanaDatabase extends DatabaseService {
   }
 
   _registerBeforeHandlers() {
-    this._ensureModel && this.before('*', this._ensureModel)
     this.before(['CREATE', 'UPDATE'], '*', this._input) // > has to run before rewrite
     this.before('READ', '*', search) // > has to run before rewrite
     this.before(['CREATE', 'READ', 'UPDATE', 'DELETE'], '*', this._rewrite)

package/libx/_runtime/hana/conversion.js

@@ -1,5 +1,8 @@
 const cds = require('../cds')
 
+const driver = require('./driver')
+const isHdb = driver?.name === 'hdb'
+
 const convertToBoolean = boolean => {
   if (boolean === null) {
     return null
@@ -35,7 +38,15 @@ const convertToISONoMillis = element => {
 
 const convertToString = element => {
   if (element) {
-    return element instanceof Buffer ? Buffer.from(element, 'base64').toString() : element
+    if (element instanceof Buffer) {
+      if (isHdb && driver.iconv) {
+        return driver.iconv.decode(element, 'cesu8')
+      }
+
+      return Buffer.from(element, 'base64').toString()
+    }
+
+    return element
   }
 
   return null

package/libx/_runtime/hana/customBuilder/CustomFunctionBuilder.js

@@ -21,12 +21,13 @@ class CustomFunctionBuilder extends FunctionBuilder {
 
   _handleContains(args) {
     // fuzzy search has three arguments, must not be converted to like expressions
-    if (args.length > 2 || args._$search) {
+    if (args.length > 2 || this._options.$searchUsingContains) {
       this._outputObj.sql.push('CONTAINS')
       this._addFunctionArgs(args, true)
-    } else {
-      super._handleContains(args)
+      return
     }
+
+    super._handleContains(args)
   }
 }
 

package/libx/_runtime/hana/customBuilder/CustomSelectBuilder.js

@@ -28,6 +28,11 @@ class CustomSelectBuilder extends SelectBuilder {
     return SelectBuilder
   }
 
+  getDefaultOptions() {
+    const options = { $searchUsingContains: !!this._obj.SELECT._$searchUsingContains }
+    return { ...super.getDefaultOptions(), ...options }
+  }
+
   _val(obj) {
     if (typeof obj.val === 'boolean') return { sql: obj.val ? 'true' : 'false', values: [] }
     return super._val(obj)

package/libx/_runtime/hana/pool.js

@@ -10,13 +10,9 @@ const getError = require('../common/error')
 function multiTenantInstanceManager(config = cds.env.requires.db) {
   const { credentials } = config
 
-  if (
-    !credentials ||
-    typeof credentials !== 'object' ||
-    !(credentials.get_managed_instance_url || credentials.sm_url)
-  ) {
-    throw Object.assign(new Error('No or malformed db credentials'), { credentials: credentials })
-  }
+  if (!credentials) throw Object.assign(new Error('No database credentials provided'))
+  else if (typeof credentials !== 'object' || !(credentials.get_managed_instance_url || credentials.sm_url))
+    throw Object.assign(new Error('Malformed database credentials provided'))
 
   // new instance manager
   return new Promise((resolve, reject) => {
@@ -53,9 +49,9 @@ function multiTenantInstanceManager(config = cds.env.requires.db) {
 function singleTenantInstanceManager(config = cds.env.requires.db) {
   const { credentials } = config
 
-  if (!credentials || typeof credentials !== 'object' || !credentials.host) {
-    throw Object.assign(new Error('No or malformed db credentials'), { credentials })
-  }
+  if (!credentials) throw Object.assign(new Error('No database credentials provided'))
+  else if (typeof credentials !== 'object' || !credentials.host)
+    throw Object.assign(new Error('Malformed database credentials provided'))
 
   // mock instance manager
   return {

package/libx/_runtime/hana/search2Contains.js

@@ -51,11 +51,6 @@ const search2Contains = (cqnSearchPhrase, columns) => {
 
   const expressionArgs = [{ list: columns }, { val: searchString }]
 
-  // REVISIT: Mark the expression args with a `_$search` flag, as the `CONTAINS`
-  // predicate is not fully supported in the CustomFunctionBuilder class.
-  // The `_$search` property is enumerable: false (default), writable: false (default)
-  Object.defineProperty(expressionArgs, '_$search', { value: true })
-
   const expression = {
     func: 'contains',
     args: expressionArgs

package/libx/_runtime/hana/search2cqn4sql.js

@@ -58,6 +58,7 @@ const search2cqn4sql = (query, entity, options) => {
 
   if (useContains) {
     expression = search2Contains(cqnSearchPhrase, columns2Search)
+    Object.defineProperty(query.SELECT, '_$searchUsingContains', { value: true, enumerable: true })
   } else {
     // No CONTAINS optimization possible. The search implementation for localized
     // texts falls back to the LIKE predicate.

package/libx/_runtime/messaging/outbox/utils.js

@@ -191,7 +191,7 @@ const _createMessage = (name, msg, context) => {
 const writeInOutbox = async (name, msg, context) => {
   const outboxMsg = _createMessage(name, msg, context)
   const messagesEntity = _getMessagesEntity()
-  return INSERT.into(messagesEntity).entries(outboxMsg)
+  return cds.tx(context).run(INSERT.into(messagesEntity).entries(outboxMsg))
 }
 
 module.exports = { processMessages, registerMessageProcessor, writeInOutbox, hasPersistentOutbox, isUnrecoverable }