@sap/cds 6.1.1 → 6.1.2

package/CHANGELOG.md

@@ -4,11 +4,32 @@
 - The format is based on [Keep a Changelog](http://keepachangelog.com/).
 - This project adheres to [Semantic Versioning](http://semver.org/).
 
+## Version 6.1.2 - 2022-09-05
+
+### Fixed
+
+- Missing key insertion from where clauses in references for deep update statements
+- Prevent duplicate entries for some `INSERT` statements
+- Log details were not properly displayed in Kibana
+- getCsn in model-provider if `cds.requires.toggles` is false
+- HTTP calls in messaging have the correct content length
+- Performance issue for OData <entity>/$count requests
+- Typescript definition for SQL-native variant of `srv.run`, like `srv.run('SELECT * from Authors where name like ?',['%Poe%'])`
+- Typescript definitions for `srv.run( [query] )` and `srv.send( {query, headers} )`
+- Typescript definitions for `cds.log` are improved, level indicators like `cds.log()._debug` added
+- Typescript definitions for `tx` now carry additional service methods
+- `cds login` now returns errors with a better root cause messages
+- `$expand` requests for to-one associations that do not select the foreign key
+- `UPDATE` statement accepts empty objects: `UPDATE('Foo').with({ bar: {} })`
+- URI encoding of parameters in remote service calls
+
+### Removed
+
 ## Version 6.1.1 - 2022-08-24
 
 ### Added
-- The configuration schema now includes `cds.extends` and `new-fields` (in `cds.xt.ExtensibilityService`)
 
+- The configuration schema now includes `cds.extends` and `new-fields` (in `cds.xt.ExtensibilityService`)
 - `srv.run(fn)` now accepts a function as first argument, which will be run in an active outer transaction, if any, or in a newly created one. This is in contrast to `srv.tx(fn)` which always creates a new tx.
   ```js
   cds.run (tx => { // nested operations are guaranteed to run in a tx

package/apis/log.d.ts

@@ -1,44 +1,122 @@
-/**
- * Returns a trace logger for the given module if trace is switched on for it,
- * otherwise returns null. All cds runtime packages use this method for their
- * trace and debug output.
- * 
- * @see [capire](https://cap.cloud.sap/docs/node.js/cds-log)
- *
- * By default this logger would prefix all output with '[sql] - '.
- * You can change this by specifying another prefix in the options:
- *
- *    const LOG = cds.log('sql|db',{ prefix:'cds.ql' })
- *
- * Call cds.log() for a given module again to dynamically change the log level
- * of all formerly created loggers, for example:
- *
- *    const LOG = cds.log('sql')
- *    LOG.info ('this will show, as default level is info')
- *    cds.log('sql','warn')
- *    LOG.info ('this will be suppressed now')
- * 
- */
 export = cds
 declare class cds {
-    log(name: string, options?: string | number | { level: number, prefix: string }): Logger
+    /**
+     * Create a new logger, or install a custom log formatter
+     */
+    log: LogFactory
+
+    /**
+     * Shortcut to `cds.log(...).debug`, returning `undefined` if `cds.log(...)._debug` is `false`.
+     * Use like this:
+     * ```
+     *   const dbg = cds.debug('foo')
+     *   ...
+     *   dbg && dbg('message')
+     * ```
+     *
+     * @param name logger name
+     */
+    debug(name: string): undefined | Log
 }
 
-declare class Logger {
+declare type LogFactory = {
+    /**
+     * Returns a trace logger for the given module if trace is switched on for it,
+     * otherwise returns null. All cds runtime packages use this method for their
+     * trace and debug output.
+     *
+     * By default this logger would prefix all output with `[sql] - `
+     * You can change this by specifying another prefix in the options:
+     * ```
+     *   const LOG = cds.log('sql|db',{ prefix:'cds.ql' })
+     * ```
+     * Call `cds.log()` for a given module again to dynamically change the log level
+     * of all formerly created loggers, for example:
+     * ```
+     *   const LOG = cds.log('sql')
+     *   LOG.info ('this will show, as default level is info')
+     *   cds.log('sql','warn')
+     *   LOG.info ('this will be suppressed now')
+     * ```
+     * @param name logger name
+     * @param options level and prefix
+     * @returns the logger
+     *
+     * @see [capire](https://cap.cloud.sap/docs/node.js/cds-log)
+     */
+    (name: string, options?: string | number | { level?: number, prefix?: string }): Logger
+
     /**
-     * Formats a log outputs by returning an array of arguments which are passed to
-     * console.log() et al.
-     * You can assign custom formatters like that:
+     * Set a custom formatter function like that:
+     * ```
+     *   cds.log.format = (module, level, ...args) => [ '[', module, ']', ...args ]
+     * ```
+     *
+     * The formatter shall return an array of arguments, which are passed to the logger (for example, `console.log()`)
      *
-     *    cds.log.format = (module, level, ...args) => [ '[', module, ']', ...args ]
+     * @param module logger name
+     * @param level log level
+     * @param args additional arguments
      */
     format(module: string, level: number, args: any[]): any[]
-    trace(message?: any, ...optionalParams: any[]): void
-    debug(message?: any, ...optionalParams: any[]): void
-    log(message?: any, ...optionalParams: any[]): void
-    info(message?: any, ...optionalParams: any[]): void
-    warn(message?: any, ...optionalParams: any[]): void
-    error(message?: any, ...optionalParams: any[]): void
+}
+
+declare class Logger {
+    /**
+     * Logs with 'trace' level
+     */
+    trace: Log
+    /**
+     * Logs with 'debug' level
+     */
+    debug: Log
+    /**
+     * Logs with 'info' level
+     */
+    info: Log
+    /**
+     * Logs with 'warn' level
+     */
+    warn: Log
+    /**
+     * Logs with 'error' level
+     */
+    error: Log
+    /**
+     * Logs with default level
+     */
+    log: Log
+
+    /**
+     * @returns whether 'trace' level is active
+     */
+    _trace: boolean
+    /**
+     * @returns whether 'debug' level is active
+     */
+     _debug: boolean
+    /**
+     * @returns whether 'info' level is active
+     */
+     _info: boolean
+    /**
+     * @returns whether 'warn' level is active
+     */
+     _warn: boolean
+    /**
+     * @returns whether 'error' level is active
+     */
+     _error: boolean
+}
+
+declare type Log = {
+    /**
+     * Logs a message
+     *
+     * @param message text to log
+     * @param optionalParams additional parameters, same as in `console.log(text, param1, ...)`
+     */
+     (message?: any, ...optionalParams: any[]): void
 }
 
 declare enum levels {

package/apis/services.d.ts

@@ -34,7 +34,7 @@ export class QueryAPI {
 	/**
 	 * @see [docs](https://cap.cloud.sap/docs/node.js/services#srv-run)
 	 */
-	run (query : ConstructedQuery) : Promise<ResultSet | any>
+	run (query : ConstructedQuery|ConstructedQuery[]) : Promise<ResultSet | any>
 
 	/**
 	 * @see [docs](https://cap.cloud.sap/docs/node.js/services#srv-run)
@@ -42,6 +42,11 @@ export class QueryAPI {
 	run (query : Query) : Promise<ResultSet | any>
 
 	/**
+	 * @see [docs](https://cap.cloud.sap/docs/node.js/services#srv-run-sql)
+	 */
+	 run (query : string, args? : any[]|object) : Promise<ResultSet | any>
+
+	 /**
 	 * @see [docs](https://cap.cloud.sap/docs/node.js/services#srv-run)
 	 */
 	foreach (query : Query, callback: (row:object) => void) : this
@@ -141,6 +146,12 @@ export class Service extends QueryAPI {
 	send (details: { event: Events, data?: object, headers?: object }) : Promise<this>
 
 	/**
+	 * Constructs and sends a synchronous request.
+	 * @see [capire docs](https://cap.cloud.sap/docs/node.js/services#srv-send)
+	 */
+	send (details: { query: ConstructedQuery, headers?: object }) : Promise<this>
+
+	 /**
 	 * Constructs and sends a GET request.
 	 * @see [capire docs](https://cap.cloud.sap/docs/node.js/services#srv-send)
 	 */
@@ -190,7 +201,7 @@ export class Service extends QueryAPI {
 
 }
 
-export interface Transaction extends QueryAPI {
+export interface Transaction extends Service {
 	commit() : Promise<void>
 	rollback() : Promise<void>
 }

package/lib/index.js

@@ -73,7 +73,7 @@ const cds = module.exports = extend (new facade) .with ({
   Request: require ('./req/request'),
   Event: require ('./req/event'),
   User: require ('./req/user'),
-  ql: lazy => require ('./ql/cds-ql'),
+  ql: require ('./ql/cds-ql'),
   tx: (..._) => (cds.db || cds.Service.prototype) .tx (..._),
   /** @type Service */ db: undefined,
 

package/lib/log/format/kibana.js

@@ -56,6 +56,24 @@ module.exports = (module, level, ...args) => {
     if (cf.length) toLog['#cf'] = { string: cf }
   }
 
+  const getCircularReplacer = () => {
+    const seen = new WeakSet()
+    return (key, value) => {
+      if (typeof value === "object" && value !== null) {
+        if (seen.has(value)) {
+          return 'cyclic'
+        }
+        seen.add(value)
+      }
+      return value
+    }
+  }
+  
   // return array with the stringified toLog (to avoid multiple log lines) as the sole element
-  return [util.inspect(toLog, { compact: true, breakLength: Infinity, depth: null })]
+  try {
+    return [JSON.stringify(toLog)]
+  } catch (e) {
+    // try again with removed circular references
+    return [JSON.stringify(toLog, getCircularReplacer())]
+  }
 }

package/lib/ql/UPDATE.js

@@ -54,8 +54,8 @@ module.exports = class UPDATE extends Whereable {
       const o = args[0]
       for (let col in o) {
         let op = '=', v = o[col]
-        if (typeof v === 'object' && !(v === null || v.map || v.pipe || v instanceof Buffer || v instanceof Date)) {
-          let o = Object.keys(v)[0] || this._expected `${{v}} to be an object with an operator as single key`
+        if (typeof v === 'object' && !(v === null || v.map || v.pipe || v instanceof Buffer || v instanceof Date || v instanceof RegExp)) {
+          let o = Object.keys(v)[0] //|| this._expected `${{v}} to be an object with an operator as single key`
           if (o in operators) v = v[op=o]
         }
         _add (this, col, op, v && (v.val !== undefined || v.ref || v.xpr || v.func || v.SELECT) ? v : {val:v})

package/lib/ql/cds-ql.js

@@ -1,4 +1,5 @@
 const cds = require('../index')
+const Query = require('./Query')
 require = path => { // eslint-disable-line no-global-assign
   const clazz = module.require (path); if (!clazz._api) return clazz
   Object.defineProperty (clazz.prototype, 'cmd', { value: path.match(/\w+$/)[0] })
@@ -6,12 +7,14 @@ require = path => { // eslint-disable-line no-global-assign
 }
 
 module.exports = Object.assign (_deprecated_srv_ql, { cdr: true,
+  Query,
   SELECT: require('./SELECT'),
   INSERT: require('./INSERT'),
   UPDATE: require('./UPDATE'),
   DELETE: require('./DELETE'),
   CREATE: require('./CREATE'),
   DROP: require('./DROP'),
+  clone(q) { return Query.prototype.clone.call(q) }
 })
 
 function _deprecated_srv_ql() { // eslint-disable-next-line no-console
@@ -24,7 +27,7 @@ function _deprecated_srv_ql() { // eslint-disable-next-line no-console
 
 module.exports._reset = ()=>{ // for strange tests only
   const _name = cds.env.sql.names === 'quoted' ? n =>`"${n}"` : n => n.replace(/[.:]/g,'_')
-  Object.defineProperty (require('./Query').prototype,'valueOf',{ configurable:1, value: function(cmd=this.cmd) {
+  Object.defineProperty (Query.prototype,'valueOf',{ configurable:1, value: function(cmd=this.cmd) {
     return `${cmd} ${_name(this._target.name)} `
   }})
   return this

package/libx/_runtime/cds-services/adapter/odata-v4/handlers/read.js

@@ -81,7 +81,8 @@ const _getCount = async (tx, readReq) => {
     // REVISIT: this process appears to be rather clumsy
     // Copy CQN including from, where and search + changing columns
     const select = SELECT.from(readReq.query.SELECT.from)
-    select.SELECT.columns = [{ func: 'count', args: [{ val: '1' }], as: '$count' }]
+    // { val: 1 } is used on purpose, as "numbers" are not used as param in prepared stmt
+    select.SELECT.columns = [{ func: 'count', args: [{ val: 1 }], as: '$count' }]
 
     if (readReq.query.SELECT.where) select.SELECT.where = readReq.query.SELECT.where
     if (readReq.query.SELECT.search) select.SELECT.search = readReq.query.SELECT.search

package/libx/_runtime/common/utils/keys.js

@@ -27,13 +27,18 @@ function _getOnCondElements(onCond, onCondElements = []) {
   return onCondElements
 }
 
-function _modifyWhereWithNavigations(where, newWhere, entityKey, targetKey) {
-  if (where) {
+function _mergeWhere(base, additional) {
+  if (additional?.length) {
     // copy where else query will be modified
-    const whereCopy = deepCopyArray(where)
-    if (newWhere.length > 0) newWhere.push('and')
-    newWhere.push(...whereCopy)
+    const whereCopy = deepCopyArray(additional)
+    if (base.length > 0) base.push('and')
+    base.push(...whereCopy)
   }
+  return base
+}
+
+function _modifyWhereWithNavigations(where, newWhere, entityKey, targetKey) {
+  _mergeWhere(newWhere, where)
 
   newWhere.forEach(element => {
     if (element.ref && element.ref[0] === targetKey) {
@@ -85,7 +90,10 @@ function _getWhereFromUpdate(query, target, model) {
     return where
   }
 
-  return query.UPDATE.where
+  const where = query.UPDATE.where || []
+  if (query.UPDATE.entity.ref?.length === 1 && query.UPDATE.entity.ref[0].where)
+    return _mergeWhere(query.UPDATE.entity.ref[0].where, where)
+  return where
 }
 
 // params: data, req, service/tx

package/libx/_runtime/db/expand/expandCQNToJoin.js

@@ -696,7 +696,7 @@ class JoinCQNFromExpanded {
 
       const assoc = entity.associations[column.ref[0]]
       if (assoc.is2one && assoc.on) {
-        const onCond = expandedEntity._relations[assoc.name].join('target', 'source')
+        const onCond = entity._relations[assoc.name].join('target', 'source')
         const xpr = onCond[0].xpr
         const fks = (xpr && xpr.filter(e => e.ref && e.ref[0] === 'target').map(e => e.ref[1])) || []
         for (const k of fks) {

package/libx/_runtime/db/sql-builder/InsertBuilder.js

@@ -306,7 +306,7 @@ class InsertBuilder extends BaseBuilder {
     const purelyManagedColumnValues = this._getAnnotatedInsertColumnValues(annotatedColumns, purelyManagedColumns)
 
     this._addUuidToColumns(columns, flattenColumnMap)
-    columns.push(...flattenColumnMap.keys())
+    columns.push(...Array.from(flattenColumnMap.keys()).filter(k => !columns.includes(k)))
 
     this._addEntries(valuesArray, { columns, flattenColumnMap, purelyManagedColumnValues, insertAnnotatedColumns })
 

package/libx/_runtime/extensibility/token.js

@@ -43,7 +43,8 @@ module.exports = {
       )
       response.send(data)
     } catch (error) {
-      error.message = `Authentication failed with root cause '${error.message}'. Passcode URL: https://${parsedUrl.hostname}/passcode`
+      const rootCause = error.response?.data ? JSON.stringify(error.response?.data) : error.message
+      error.message = `Authentication failed with root cause '${rootCause}'. Passcode URL: https://${parsedUrl.hostname}/passcode`
       const {
         constructor: { name },
         message

package/libx/_runtime/fiori/utils/where.js

@@ -160,7 +160,7 @@ const isActiveEntityRequested = where => {
 
   while (where[i]) {
     if (where[i].xpr) {
-      const isRequested = isActiveEntityRequested(where.xpr)
+      const isRequested = isActiveEntityRequested(where[i].xpr)
       if (isRequested) return true
     }
     if (

package/libx/_runtime/messaging/common-utils/authorizedRequest.js

@@ -19,7 +19,7 @@ const authorizedRequest = ({ method, uri, path, oa2, tenant, dataObj, headers, t
         if (dataObj) {
           data = JSON.stringify(dataObj)
           httpOptions.headers['Content-Type'] = 'application/json'
-          httpOptions.headers['Content-Length'] = data.length
+          httpOptions.headers['Content-Length'] = Buffer.byteLength(data)
         }
 
         if (headers) {

package/libx/_runtime/messaging/enterprise-messaging-utils/EMManagement.js

@@ -34,7 +34,6 @@ class EMManagement {
     this.namespace = namespace
     this.LOG = LOG
   }
-
   async getQueue(queueName = this.queueName) {
     this.LOG._info &&
       this.LOG.info(
@@ -303,7 +302,7 @@ class EMManagement {
         grantType: 'client_credentials',
         clientId: this.optionsMessagingREST.oa2.client,
         clientSecret: this.optionsMessagingREST.oa2.secret,
-        tokenUrl: this.optionsMessagingREST.oa2.endpoint
+        tokenUrl: this.optionsMessagingREST.oa2.endpoint // this is the changed tokenUrl
       }
     }
 

package/libx/odata/cqn2odata.js

@@ -200,8 +200,12 @@ const _keysOfWhere = (where, kind, target) => {
   if (where.length === 3) {
     const [left, op, right] = where
     if (op === '=' && (('val' in left && right.ref) || (left.ref && 'val' in right))) {
-      if ('val' in left) return `(${formatVal(left.val, right.ref.join('/'), target, kind)})`
-      return `(${formatVal(right.val, left.ref.join('/'), target, kind)})`
+      const formattedValue =
+        'val' in left
+          ? formatVal(left.val, right.ref.join('/'), target, kind)
+          : formatVal(right.val, left.ref.join('/'), target, kind)
+
+      return `(${encodeURIComponent(formattedValue)})`
     }
   }
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sap/cds",
-  "version": "6.1.1",
+  "version": "6.1.2",
   "description": "SAP Cloud Application Programming Model - CDS for Node.js",
   "homepage": "https://cap.cloud.sap/",
   "keywords": [

package/srv/model-provider.js

@@ -109,7 +109,7 @@ module.exports = class ModelProviderService extends cds.ApplicationService {
       const extensions = !base && await _getExtensions4 (req.data.tenant)
       if (!extensions && checkExt) req.reject(404, 'Missing extensions')
 
-      const features = !toggles ? [] : toggles === '*' || toggles.includes('*') ? [fts] : toggles.map (f => fts.replace('*',f))
+      const features = (!toggles || !main.requires.toggles) ? [] : toggles === '*' || toggles.includes('*') ? [fts] : toggles.map (f => fts.replace('*',f))
       const models = cds.resolve (['*',...features], main); if (!models) return
 
       DEBUG && DEBUG ('loading models for', { tenant, toggles } ,'from', models.map (cds.utils.local))