@sap/cds 6.4.1 → 6.5.0

package/libx/_runtime/common/utils/path.js

@@ -1,41 +1,21 @@
 const cds = require('../../cds')
 const { ensureNoDraftsSuffix } = require('./draft')
 
-/*
- * returns path like <service>.<entity>:<prop1>.<prop2> for ref = [{ id: '<service>.<entity>' }, '<prop1>', '<prop2>']
- */
-const getPathFromRef = ref => {
-  const x = ref.reduce((acc, cur) => {
-    acc += (acc ? ':' : '') + (cur.id ? cur.id : cur)
-    return acc
-  }, '')
-  const y = x.split(':')
-  let z = y.shift()
-  if (y.length) z += ':' + y.join('.')
-  return z
-}
-
 /*
  * returns the target entity for the given path
  */
 const getEntityFromPath = (path, def) => {
   let current = def.definitions ? { elements: def.definitions } : def
-  path = typeof path === 'string' ? cds.parse.path(path) : path
-  const segments = [...path.ref]
-  while (segments.length) {
-    let segment = segments.shift()
-    if (segment.id && typeof segment.id === 'string') {
-      segment.id = ensureNoDraftsSuffix(segment.id)
-    } else if (typeof segment === 'string') {
-      segment = ensureNoDraftsSuffix(segment)
-    }
-    current = current.elements[segment.id || segment]
+
+  let id
+  for (const segment of path.ref) {
+    id = ensureNoDraftsSuffix(segment.id || segment)
+    current = current.elements[id]
     if (current && current.target) current = current._target
   }
   return current
 }
 
 module.exports = {
-  getPathFromRef,
   getEntityFromPath
 }

package/libx/_runtime/common/utils/search2cqn4sql.js

@@ -15,20 +15,24 @@ const search2cqn4sql = (query, model, options = {}) => {
   const { search2cqn4sql } = options
   const { entityName, alias } = _targetFrom(query.SELECT.from, options)
   const entity = model.definitions[entityName]
-  const columns = computeColumnsToBeSearched(query, entity, alias)
-
+  const localizedAssociation = entity.associations?.localized
   // Call custom (optimized search to cqn for sql implementation) that tries
   // to optimize the search behavior for a specific database service.
   // REVISIT: $search query option combined with $count is not currently optimized
-  if (typeof search2cqn4sql === 'function' && !query.SELECT.count) {
-    const search2cqnOptions = { columns, locale: options.locale }
+  if (
+    typeof search2cqn4sql === 'function' &&
+    !query.SELECT.count &&
+    localizedAssociation &&
+    !(query._aggregated || /* new parser */ query.SELECT.groupBy)
+  ) {
+    const search2cqnOptions = { columns: computeColumnsToBeSearched(query, entity), locale: options.locale }
     return search2cqn4sql(query, entity, search2cqnOptions)
-  }
+  } else {
+    const expression = searchToLike(cqnSearchPhrase, computeColumnsToBeSearched(query, entity, alias))
 
-  const expression = searchToLike(cqnSearchPhrase, columns)
-
-  // REVISIT: find out here if where or having must be used
-  query._aggregated || /* if new parser */ query.SELECT.groupBy ? query.having(expression) : query.where(expression)
+    // REVISIT: find out here if where or having must be used
+    query._aggregated || /* if new parser */ query.SELECT.groupBy ? query.having(expression) : query.where(expression)
+  }
 }
 
 module.exports = search2cqn4sql

package/libx/_runtime/db/expand/expandCQNToJoin.js

@@ -40,7 +40,8 @@ function getCqnCopy(readToOneCQN) {
 
 class JoinCQNFromExpanded {
   constructor(cqn, csn, locale) {
-    this._SELECT = Object.assign({}, cqn.SELECT)
+    this._SELECT = {}
+    for (const prop in cqn.SELECT) this._SELECT[prop] = cqn.SELECT[prop]
     this._csn = csn
     // REVISIT: locale is only passed in case of sqlite -> bad coding
     if (cds.env.i18n.for_sqlite.includes(locale)) {

package/libx/_runtime/db/utils/localized.js

@@ -11,7 +11,7 @@ const _redirectXpr = (xpr, localize) => {
       }
 
       if (ele.SELECT) {
-        redirect(ele.SELECT, localize)
+        if (!ele._suppressLocalization) redirect(ele.SELECT, localize)
       }
     })
 }

package/libx/_runtime/fiori/generic/activate.js

@@ -174,6 +174,10 @@ const fioriGenericActivate = async function (req) {
     })
   ])
 
+  // REVISIT: we need to use okra API here because it must be set in the batched request
+  // status code must be set in handler to allow overriding for FE V2
+  req?._?.odataRes.setStatusCode(201)
+
   return result
 }
 

package/libx/_runtime/fiori/generic/before.js

@@ -155,6 +155,13 @@ const _validateDraftBoundAction = async function (req) {
   if (result && result.length > 0) _validateDraft(req, result, isBoundAction)
 }
 
+const _allowEntityCollectionOnAction = action => {
+  return (
+    action['@cds.odata.bindingparameter.collection'] ||
+    (action.params && Object.values(action.params).some(e => e?.items?.type === '$self'))
+  )
+}
+
 const _registerBoundActionHandlers = function (entityName, actions) {
   if (!actions) return
 
@@ -164,7 +171,7 @@ const _registerBoundActionHandlers = function (entityName, actions) {
       action.name !== 'draftPrepare' &&
       action.name !== 'draftEdit' &&
       action.name !== 'draftActivate' &&
-      !action['@cds.odata.bindingparameter.collection']
+      !_allowEntityCollectionOnAction(action)
   )
 
   for (const action of boundActions) {

package/libx/_runtime/fiori/generic/edit.js

@@ -156,6 +156,11 @@ const fioriGenericEdit = async function (req) {
   }
 
   await Promise.all(insertCQNs.map(CQN => dbtx.run(CQN)))
+
+  // REVISIT: we need to use okra API here because it must be set in the batched request
+  // status code must be set in handler to allow overriding for FE V2
+  req?._?.odataRes.setStatusCode(201)
+
   return results[0][0]
 }
 

package/libx/_runtime/fiori/generic/read.js

@@ -37,15 +37,16 @@ const _findRootSubSelectFor = query => {
 
 // append where with clauses from @restrict
 const _getWhereWithAppendedDraftRestrictions = (where = [], req) => {
+  const restrictions = []
   if (req.query._draftRestrictions) {
     for (const each of req.query._draftRestrictions) {
       const xpr = each._xpr
       if (each.target.name === ensureUnlocalized(req.target.name)) {
-        if (where.length) where.push('and')
         // restriction might contain or clause -> use xpr for grouping
-        xpr.includes('or') ? where.push({ xpr }) : where.push(...xpr)
+        if (restrictions.length) restrictions.push('or')
+        xpr.includes('or') ? restrictions.push({ xpr }) : restrictions.push(...xpr)
       } else {
-        // > restriction inherited from parent via autoexposure
+        // restriction inherited from parent via autoexposure
         // find inner most sub select if available and append restriction to where clause
         const rootSubSelect = _findRootSubSelectFor({ SELECT: { where } })
         if (rootSubSelect && rootSubSelect.SELECT.from) {
@@ -62,6 +63,10 @@ const _getWhereWithAppendedDraftRestrictions = (where = [], req) => {
     }
   }
 
+  if (restrictions.length) {
+    if (where.length) where.push('and', { xpr: restrictions })
+    else where.push(...restrictions)
+  }
   return where
 }
 

package/libx/_runtime/fiori/lean-draft.js

@@ -33,7 +33,8 @@ cds.ApplicationService.prototype.handle = function (req) {
     // REVISIT: This is a bit hacky -> better way?
     query._target = undefined
     cds.infer(query, this.model.definitions)
-    const _req = cds.Request.for(req._)
+    const _req = cds.Request.for(req._) // REVISIT: this causes req._.data of WRITE reqs copied to READ reqs
+    if (query.SELECT) delete _req.data // which we fix here -> but this is an ugly workaround
     _req.query = query
     _req.event = req.event
     _req.target = query._target
@@ -575,6 +576,11 @@ async function onDraftEdit(req) {
 
   const targetDraft = req.target.drafts
   await INSERT.into(targetDraft).entries(res)
+
+  // REVISIT: we need to use okra API here because it must be set in the batched request
+  // status code must be set in handler to allow overriding for FE V2
+  req?._?.odataRes.setStatusCode(201)
+
   return { ...res, IsActiveEntity: false } // REVISIT: Flatten?
 }
 exports.onDraftEdit = onDraftEdit
@@ -612,6 +618,11 @@ async function onDraftActivate(req) {
   }
   const r = new cds.Request({ event, query, data: res })
   const result = await this.dispatch(r)
+
+  // REVISIT: we need to use okra API here because it must be set in the batched request
+  // status code must be set in handler to allow overriding for FE V2
+  req?._?.odataRes.setStatusCode(201)
+
   return Object.assign(result, { IsActiveEntity: true })
 }
 exports.onDraftActivate = onDraftActivate

package/libx/_runtime/hana/customBuilder/CustomSelectBuilder.js

@@ -4,6 +4,11 @@ const LOG = cds.log('hana|db|sql')
 const SelectBuilder = require('../../db/sql-builder').SelectBuilder
 
 class CustomSelectBuilder extends SelectBuilder {
+  constructor(obj, options, csn) {
+    super(obj, options, csn)
+    // $searchUsingContains property is set in the sub SELECT of the query, optimized search case
+    if (this._obj?._$searchUsingContains) this._options.$searchUsingContains = this._obj._$searchUsingContains
+  }
   get FunctionBuilder() {
     const FunctionBuilder = require('./CustomFunctionBuilder')
     Object.defineProperty(this, 'FunctionBuilder', { value: FunctionBuilder })
@@ -28,11 +33,6 @@ class CustomSelectBuilder extends SelectBuilder {
     return SelectBuilder
   }
 
-  getDefaultOptions() {
-    const options = { $searchUsingContains: !!this._obj.SELECT._$searchUsingContains }
-    return { ...super.getDefaultOptions(), ...options }
-  }
-
   _val(obj) {
     if (typeof obj.val === 'boolean') return { sql: obj.val ? 'true' : 'false', values: [] }
     return super._val(obj)

package/libx/_runtime/hana/pool.js

@@ -79,7 +79,7 @@ async function credentials4(tenant, db) {
   }
 
   if (cds.xt?.serviceManager && !cds.env.requires['cds.xt.DeploymentService']?.['old-instance-manager']) {
-    return (await db._instance_manager.get(tenant)).credentials
+    return (await db._instance_manager.get(tenant, { disableCache: true })).credentials
   }
 
   return new Promise((resolve, reject) => {

package/libx/_runtime/hana/search2cqn4sql.js

@@ -1,8 +1,25 @@
+const cds = require('../cds')
 const { computeColumnsToBeSearched } = require('../cds-services/services/utils/columns')
 const searchToLike = require('../common/utils/searchToLike')
 const { isContainsPredicateSupported, search2Contains } = require('./search2Contains')
 const { addAliasToExpression } = require('../db/utils/generateAliases')
-
+const targetAlias = 'Target'
+const textsAlias = 'Texts'
+const _generateKeysWhereCondition = (entity, alias1, alias2) => {
+  const keys = Object.keys(entity.keys).filter(k => !entity.keys[k].isAssociation)
+  const where = []
+  keys.forEach(key => {
+    if (where.length > 0) where.push('and')
+    where.push({ ref: [alias1, key] }, '=', { ref: [alias2, key] })
+  })
+  return where
+}
+const _generateContainsColumns = (columns, entity) => {
+  const columnsTarget = addAliasToExpression(columns, targetAlias)
+  const columns2SearchText = columns.filter(col => col.ref && entity.elements[col.ref[col.ref.length - 1]].localized)
+  const columnsText = addAliasToExpression(columns2SearchText, textsAlias)
+  return [...columnsTarget, ...columnsText]
+}
 /**
  * Computes a CQN expression for a search query.
  *
@@ -24,67 +41,50 @@ const search2cqn4sql = (query, entity, options) => {
   const cqnSearchPhrase = query.SELECT.search
   if (!cqnSearchPhrase) return query
 
-  let { columns: columns2Search = computeColumnsToBeSearched(query, entity), locale } = options
   const localizedAssociation = entity.associations?.localized
-
-  // Resolve localized data at runtime if the localized association is defined for the target entity.
-  // Notice that if the localized association is defined, there should be at least one localized element.
   if (localizedAssociation) {
-    const onCondition = entity._relations[localizedAssociation.name].join(localizedAssociation.target, entity.name)
+    let { columns: columns2Search = computeColumnsToBeSearched(query, entity), locale } = options
+    const viewAlias = query.SELECT.from.as ? query.SELECT.from.as : 'LocalizedView'
+    if (!query.SELECT.from.as) {
+      _addAliasToQuery(query, viewAlias)
+    }
 
-    // REVISIT this is dirty but works for now
-    // replace $user_locale placeholder with the user locale or the HANA session context
-    onCondition[0].xpr[onCondition[0].xpr.length - 1] = { val: locale || "SESSION_CONTEXT('LOCALE')" }
+    const subQuery = cds.ql.SELECT.from(entity.name).columns(1)
+    subQuery.SELECT.from.as = targetAlias
+    const onCondition = _generateKeysWhereCondition(entity, targetAlias, textsAlias)
+    onCondition.push('and', { ref: [textsAlias, 'locale'] }, '=', { val: locale || "SESSION_CONTEXT('LOCALE')" })
 
-    // inner join the target table with the _texts table (the _texts table contains the translated texts)
-    const localizedEntityName = localizedAssociation.target
-    query.join(localizedEntityName).on(onCondition)
+    // left outer join the target table with the _texts table (the _texts table contains the translated texts)
+    subQuery.leftJoin(localizedAssociation.target, textsAlias).on(onCondition)
+    // add condition for equal keys of target table and localized view
+    subQuery.where(_generateKeysWhereCondition(entity, targetAlias, viewAlias))
+    const containsColumns = _generateContainsColumns(columns2Search, entity)
+    let expression
+    if (isContainsPredicateSupported(query, entity, columns2Search)) {
+      // generate CQN expression with `CONTAINS` predicate for the columns from the target and text table
+      expression = search2Contains(cqnSearchPhrase, containsColumns)
+      Object.defineProperty(subQuery, '_$searchUsingContains', { value: true, enumerable: true })
+    } else {
+      expression = searchToLike(cqnSearchPhrase, containsColumns)
+    }
 
-    // prevent SQL ambiguity error for columns with the same name
-    columns2Search = _addAliasToQuery(query, entity, columns2Search)
+    subQuery.where(expression)
 
-    // suppress the localize handler from redirecting the query's target to the localized view
-    Object.defineProperty(query, '_suppressLocalization', { value: true })
-  } // else --> resolve localized texts via localized view (default)
+    // suppress the localize handler from redirecting the subQuery's target to the localized view
+    Object.defineProperty(subQuery, '_suppressLocalization', { value: true })
+    query.where('exists', subQuery)
 
-  const useContains = !!localizedAssociation && isContainsPredicateSupported(query, entity, columns2Search)
-  let expression
-
-  if (useContains) {
-    expression = search2Contains(cqnSearchPhrase, columns2Search)
-    Object.defineProperty(query.SELECT, '_$searchUsingContains', { value: true, enumerable: true })
-  } else {
-    // No CONTAINS optimization possible. The search implementation for localized
-    // texts falls back to the LIKE predicate.
-    expression = searchToLike(cqnSearchPhrase, columns2Search)
+    return query
   }
-
-  // REVISIT: find out here if where or having must be used
-  query._aggregated || /* if new parser */ query.SELECT.groupBy ? query.having(expression) : query.where(expression)
-  return query
 }
 
-// The inner join modifies the original SELECT ... FROM query and adds ambiguity,
-// therefore add the table/entity name (as a preceding element) to the columns ref
-// to prevent a SQL ambiguity error.
-const _addAliasToQuery = (query, entity, columnsToBeSearched) => {
+const _addAliasToQuery = (query, alias) => {
   const SELECT = query.SELECT
-  const localizedEntityName = entity.associations?.localized.target
-  const elements = entity.elements
-  const entityName = entity.name
-  const getEntityName = columnRef => {
-    const columnName = columnRef[0]
-    const localizedElement = !!elements[columnName].localized
-    const targetEntityName = localizedElement ? localizedEntityName : entityName
-    return targetEntityName
-  }
-
-  SELECT.columns = addAliasToExpression(SELECT.columns, getEntityName)
-  columnsToBeSearched = addAliasToExpression(columnsToBeSearched, getEntityName)
-  SELECT.groupBy = addAliasToExpression(SELECT.groupBy, getEntityName)
-  SELECT.orderBy = addAliasToExpression(SELECT.orderBy, getEntityName)
-  SELECT.where = addAliasToExpression(SELECT.where, getEntityName)
-  return columnsToBeSearched
+  SELECT.from.as = alias
+  SELECT.columns = addAliasToExpression(SELECT.columns, alias)
+  SELECT.groupBy = addAliasToExpression(SELECT.groupBy, alias)
+  SELECT.orderBy = addAliasToExpression(SELECT.orderBy, alias)
+  SELECT.where = addAliasToExpression(SELECT.where, alias)
 }
 
 module.exports = search2cqn4sql

package/libx/odata/afterburner.js

@@ -284,11 +284,14 @@ function _processSegments(from, model, namespace) {
         incompleteKeys = ref[i].where ? false : i === ref.length - 1 || one ? false : true
 
         if (incompleteKeys && action) {
-          if (action['@cds.odata.bindingparameter.collection']) {
+          if (
+            action['@cds.odata.bindingparameter.collection'] ||
+            (action.params && Object.values(action.params).some(e => e?.items?.type === '$self'))
+          ) {
             incompleteKeys = false
           } else {
-            const msg = `Bound operations are not supported on entity collections.`
-            throw Object.assign(new Error(msg), { statusCode: 501 })
+            const msg = `"${action.name}" must be called on a single instance of "${current.name}".`
+            throw Object.assign(new Error(msg), { statusCode: 400 })
           }
         }
 

package/libx/odata/cqn2odata.js

@@ -318,7 +318,7 @@ const _parseColumnsV2 = (columns, prefix = []) => {
     }
 
     if (column === '*') {
-      select.push(encodeURIComponent(`${prefix.join('/')}/*`))
+      select.push(encodeURIComponent(prefix.length ? `${prefix.join('/')}/*` : '*'))
     }
   }
 

package/libx/rest/middleware/parse.js

@@ -40,8 +40,8 @@ module.exports = (req, res, next) => {
     case 'HEAD':
     case 'GET':
       if (operation) {
-        // function
-        req._operation = operation = definition.kind === 'function' ? definition : definition.actions[operation]
+        req._operation = operation = definition
+        if (operation.kind === 'action') cds.error('Action must be called by POST', { code: 400 })
         if (!unbound) query = one ? SELECT.one(_target) : SELECT.from(_target)
         else query = undefined
       } else {
@@ -50,8 +50,8 @@ module.exports = (req, res, next) => {
       break
     case 'POST':
       if (operation) {
-        // action
-        req._operation = operation = definition.kind === 'action' ? definition : definition.actions[operation]
+        req._operation = operation = definition
+        if (operation.kind === 'function') cds.error('Function must be called by GET', { code: 400 })
         if (!unbound) query = one ? SELECT.one(_target) : SELECT.from(_target)
         else query = undefined
       } else {
@@ -62,10 +62,32 @@ module.exports = (req, res, next) => {
       break
     case 'PUT':
     case 'PATCH':
+      if (operation) {
+        let errorMsg
+        if (definition) {
+          errorMsg = `${definition.kind.charAt(0).toUpperCase() + definition.kind.slice(1)} must be called by ${
+            definition.kind === 'action' ? 'POST' : 'GET'
+          }`
+        } else {
+          errorMsg = `That action/function must be called by POST/GET`
+        }
+        cds.error(errorMsg, { code: 400 })
+      }
       if (!one) throw { statusCode: 400, code: '400', message: `INVALID_${req.method}` }
       query = UPDATE(_target)
       break
     case 'DELETE':
+      if (operation) {
+        let errorMsg
+        if (definition) {
+          errorMsg = `${definition.kind.charAt(0).toUpperCase() + definition.kind.slice(1)} must be called by ${
+            definition.kind === 'action' ? 'POST' : 'GET'
+          }`
+        } else {
+          errorMsg = `That action/function must be called by POST/GET`
+        }
+        cds.error(errorMsg, { code: 400 })
+      }
       if (!one) cds.error('DELETE not allowed on collection', { code: 400 })
       query = DELETE.from(_target)
       break

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sap/cds",
-  "version": "6.4.1",
+  "version": "6.5.0",
   "description": "SAP Cloud Application Programming Model - CDS for Node.js",
   "homepage": "https://cap.cloud.sap/",
   "keywords": [