@sap/cds 6.7.1 → 6.8.1

package/libx/_runtime/common/generic/auth/utils.js

@@ -40,54 +40,51 @@ const _getCurrentSubClause = (next, restrict) => {
   const escaped = next[0].replace(/\$/g, '\\$').replace(/\./g, '\\.')
   const re1 = new RegExp(`([\\w\\.']*)\\s*=\\s*(${escaped})|(${escaped})\\s*=\\s*([\\w\\.']*)`)
   const re2 = new RegExp(`([\\w\\.']*)\\s*in\\s*(${escaped})|(${escaped})\\s*in\\s*([\\w\\.']*)`)
-  const clause = restrict.where.match(re1) || restrict.where.match(re2)
+  const re3 = new RegExp(`(${escaped})\\s*is\\s*null`)
+  const re4 = new RegExp(`(${escaped})\\s*is\\s*not\\s*null`)
+  const clause =
+    restrict.where.match(re3) || restrict.where.match(re4) || restrict.where.match(re1) || restrict.where.match(re2)
 
   if (clause) return clause
 
   // NOTE: arrayed attr with "=" as operator is some kind of legacy case
-  throw new Error('user attribute array must be used with operator "=" or "in"')
+  throw new Error('user attribute array must be used with operator "=", "in", "is null", or "is not null"')
 }
 
-const _processUserAttr = (next, restrict, user, attr) => {
+const _isNull = (userAttrs, attr) =>
+  userAttrs[attr] == null || (Array.isArray(userAttrs[attr]) && userAttrs[attr].length === 0)
+const _isNotNull = (userAttrs, attr) =>
+  userAttrs[attr] != null && Array.isArray(userAttrs[attr]) && userAttrs[attr].length > 0
+
+const _processUserAttr = (next, restrict, userAttrs, attr) => {
   const clause = _getCurrentSubClause(next, restrict)
   const valOrRef = clause[1] || clause[4]
 
-  if (clause[0].match(/ in /)) {
-    if (!user[attr] || user[attr].length === 0) {
+  if (clause[0].match(/ is\s*null/)) {
+    restrict.where = restrict.where.replace(clause[0], _isNull(userAttrs, attr) ? '1 = 1' : '1 = 2')
+  } else if (clause[0].match(/ is\s*not\s*null/)) {
+    restrict.where = restrict.where.replace(clause[0], _isNotNull(userAttrs, attr) ? '1 = 1' : '1 = 2')
+  } else {
+    if (_isNull(userAttrs, attr)) {
       restrict.where = restrict.where.replace(clause[0], '1 = 2')
-    } else if (user[attr].length === 1) {
-      restrict.where = restrict.where.replace(clause[0], `${valOrRef} = '${user[attr][0]}'`)
+    } else if (clause[0].match(/ in /)) {
+      if (userAttrs[attr].length === 1) {
+        restrict.where = restrict.where.replace(clause[0], `${valOrRef} = '${userAttrs[attr][0]}'`)
+      } else {
+        restrict.where = restrict.where.replace(
+          clause[0],
+          `${valOrRef} in (${userAttrs[attr].map(ele => `'${ele}'`).join(', ')})`
+        )
+      }
+    } else if (valOrRef.startsWith("'") && userAttrs[attr].includes(valOrRef.split("'")[1])) {
+      restrict.where = restrict.where.replace(clause[0], `${valOrRef} = ${valOrRef}`)
     } else {
       restrict.where = restrict.where.replace(
         clause[0],
-        `${valOrRef} in (${user[attr].map(ele => `'${ele}'`).join(', ')})`
+        `(${userAttrs[attr].map(ele => `${valOrRef} = '${ele}'`).join(' or ')})`
       )
     }
-  } else if (valOrRef.startsWith("'") && user[attr].includes(valOrRef.split("'")[1])) {
-    restrict.where = restrict.where.replace(clause[0], `${valOrRef} = ${valOrRef}`)
-  } else {
-    restrict.where = restrict.where.replace(
-      clause[0],
-      `(${user[attr].map(ele => `${valOrRef} = '${ele}'`).join(' or ')})`
-    )
-  }
-}
-
-const _getShortcut = (attrs, attr) => {
-  // undefined
-  if (attrs[attr] === undefined) {
-    return '1 = 2'
   }
-
-  // $UNRESTRICTED
-  if (
-    (typeof attrs[attr] === 'string' && attrs[attr].match(/\$UNRESTRICTED/i)) ||
-    (Array.isArray(attrs[attr]) && attrs[attr].some(a => a.match(/\$UNRESTRICTED/i)))
-  ) {
-    return '1 = 1'
-  }
-
-  return null
 }
 
 /*
@@ -120,15 +117,7 @@ const resolveUserAttrs = (restrict, req) => {
     let attr = parts.shift()
 
     while (attr) {
-      const shortcut = _getShortcut(attrs, attr)
-      if (shortcut) {
-        const clause = _getCurrentSubClause(next, restrict)
-        restrict.where = restrict.where.replace(clause[0], shortcut)
-        skip = true
-        break
-      }
-
-      if (Array.isArray(attrs[attr])) {
+      if (attrs[attr] === undefined || Array.isArray(attrs[attr])) {
         _processUserAttr(next, restrict, attrs, attr)
         skip = true
         break

package/libx/_runtime/common/generic/input.js

@@ -47,8 +47,12 @@ const _isStreamingProperty = (elements, row, property) =>
     element => element['@Core.MediaType'] && element['@Core.MediaType']['='] === property && row[element.name]
   )
 
-const _getMediaTypeValue = req =>
-  !req.http?.req?.headers?.['content-type'].match(/json|multipart/i) && req.http?.req?.headers?.['content-type']
+const _getMediaTypeValue = () => {
+  const ctx = cds.context
+  return (
+    !ctx?.http?.req?.headers?.['content-type']?.match(/json|multipart/i) && ctx?.http?.req?.headers?.['content-type']
+  )
+}
 
 const _preProcessAssertTarget = (assocInfo, assertMap) => {
   const { element: assoc, row } = assocInfo
@@ -145,9 +149,12 @@ const _processCategory = (req, category, value, elementInfo, assertMap) => {
   }
 
   // set media type from content-type header if streaming
-  const isStreaming = _isStreamingProperty(element.parent.elements, row, key)
-  const mtValue = _getMediaTypeValue(req)
-  if (category === 'stream' && isStreaming && mtValue) row[key] = mtValue
+  if (category === 'stream') {
+    if (_isStreamingProperty(element.parent.elements, row, key)) {
+      const mtValue = _getMediaTypeValue()
+      if (mtValue) row[key] = mtValue
+    }
+  }
 }
 
 const _getProcessorFn = (req, errors, assertMap) => {
@@ -219,7 +226,7 @@ const _callError = (req, errors) => {
   for (const error of errors) req.error(error)
 }
 
-const _getBoundAction = req => req.target.actions?.[req.context?.event]
+const _getBoundAction = req => req.target.actions?.[req._?.event || req.context?.event]
 const _getBoundActionBindingParameter = action => action['@cds.odata.bindingparameter.name'] || 'in'
 
 async function commonGenericInput(req) {
@@ -248,9 +255,8 @@ async function commonGenericInput(req) {
 
   if (boundAction) {
     const pathSegment = _getBoundActionBindingParameter(boundAction)
-    const keys = req._ && req._.params && req._.params[0]
     if (pathSegment) pathOptions.pathSegmentsInfo.push(pathSegment)
-
+    const keys = req._?.params?.[0]
     if (keys && 'IsActiveEntity' in keys) {
       pathOptions.draftKeys = { IsActiveEntity: keys.IsActiveEntity }
     }

package/libx/_runtime/common/i18n/messages.properties

@@ -85,7 +85,7 @@ CRUD_VIA_NAVIGATION_NOT_SUPPORTED=CRUD via navigations is not yet supported
 
 # draft
 DRAFT_ALREADY_EXISTS=A draft for this entity already exists
-DRAFT_LOCKED_BY_ANOTHER_USER=The entity is locked by another user
+DRAFT_LOCKED_BY_ANOTHER_USER=The entity is locked by user "{0}"
 DRAFT_MODIFICATION_ONLY_VIA_ROOT=A draft can only be modified via its root entity
 
 # singleton

package/libx/_runtime/db/expand/expandCQNToJoin.js

@@ -66,7 +66,6 @@ class JoinCQNFromExpanded {
 
     // Get first level of expanding regarding to many and all to one if not part of a nested to many expand.
     this._createJoinCQNFromExpanded(this._SELECT, [])
-
     return this
   }
 
@@ -117,10 +116,10 @@ class JoinCQNFromExpanded {
    */
   _createJoinCQNFromExpanded(SELECT, toManyTree, defaultLanguage) {
     const joinArgs = SELECT.from.args
-    const isJoinOfTwoSelects = joinArgs && joinArgs.every(a => a.SELECT)
+    const isJoinOfTwoSelects = joinArgs?.every(a => a.SELECT)
 
     const unionTableRef = this._getUnionTable(SELECT)
-    const unionTable = unionTableRef && unionTableRef.table
+    const unionTable = unionTableRef?.table
     const tableAlias = this._getTableAlias(SELECT, toManyTree)
 
     const readToOneCQN = this._getReadToOneCQN(SELECT, isJoinOfTwoSelects ? 'filterExpand' : tableAlias)
@@ -178,7 +177,8 @@ class JoinCQNFromExpanded {
    * @private
    */
   _getTableAlias(SELECT, toManyTree) {
-    return this._createAlias(toManyTree.length === 0 ? this._getRef(SELECT).table : toManyTree.join(':'))
+    const ref = this._getRef(SELECT)
+    return this._createAlias(toManyTree.length === 0 ? ref.table : toManyTree.join(':'), ref.as)
   }
 
   _getRef(SELECT) {
@@ -212,15 +212,21 @@ class JoinCQNFromExpanded {
    * Create an alias from value.
    *
    * @param {string} value
+   * @param {string} [alias]
    * @returns {string}
    * @private
    */
-  _createAlias(value) {
+  _createAlias(value, alias) {
     if (!this._aliases) {
       this._aliases = {}
     }
 
     if (!this._aliases[value]) {
+      if (alias) {
+        this._aliases[value] = alias
+        return alias
+      }
+
       const aliasNum = Object.keys(this._aliases).length
 
       if (aliasNum < 26) {
@@ -319,6 +325,7 @@ class JoinCQNFromExpanded {
         list: element.list.map(element => this._checkOrderByWhereElementRecursive(cqn, element, tableAlias))
       })
     }
+
     return this._checkOrderByWhereElementRecursive(cqn, element, tableAlias)
   }
 
@@ -333,9 +340,7 @@ class JoinCQNFromExpanded {
    */
   _adaptWhereOrderBy(cqn, tableAlias) {
     if (cqn.where) {
-      cqn.where = cqn.where.map(element => {
-        return this._adaptWhereElement(element, cqn, tableAlias)
-      })
+      cqn.where = cqn.where.map(element => this._adaptWhereElement(element, cqn, tableAlias))
     }
 
     if (cqn.having) {
@@ -343,15 +348,11 @@ class JoinCQNFromExpanded {
     }
 
     if (cqn.orderBy) {
-      cqn.orderBy = cqn.orderBy.map(element => {
-        return this._checkOrderByWhereElementRecursive(cqn, element, tableAlias)
-      })
+      cqn.orderBy = cqn.orderBy.map(element => this._checkOrderByWhereElementRecursive(cqn, element, tableAlias))
     }
 
     if (cqn.groupBy) {
-      cqn.groupBy = cqn.groupBy.map(element => {
-        return this._checkOrderByWhereElementRecursive(cqn, element, tableAlias)
-      })
+      cqn.groupBy = cqn.groupBy.map(element => this._checkOrderByWhereElementRecursive(cqn, element, tableAlias))
     }
 
     return cqn
@@ -393,7 +394,7 @@ class JoinCQNFromExpanded {
       element.xpr = element.xpr.map(nestedElement => {
         return this._checkOrderByWhereElementRecursive(cqn, nestedElement, tableAlias)
       })
-    } else if (element.SELECT && element.SELECT.where) {
+    } else if (element.SELECT?.where) {
       element = {
         SELECT: Object.assign({}, element.SELECT, {
           where: this._adaptWhereSELECT(this._getRef(cqn), element.SELECT.where, tableAlias)
@@ -416,6 +417,7 @@ class JoinCQNFromExpanded {
       if (element.xpr) {
         return { xpr: this._adaptWhereSELECT(aliasedTable, element.xpr, tableAlias) }
       }
+
       return this._elementAliasNeedsReplacement(element, aliasedTable)
         ? Object.assign({}, element, { ref: [tableAlias, element.ref[1]] })
         : element
@@ -847,7 +849,7 @@ class JoinCQNFromExpanded {
           continue
         }
 
-        if (arg.SELECT && arg.SELECT.columns.some(column => column[IDENTIFIER])) {
+        if (arg.SELECT?.columns.some(column => column[IDENTIFIER])) {
           return arg.SELECT.columns
         }
 
@@ -1434,7 +1436,7 @@ class JoinCQNFromExpanded {
   }
 
   _getValueFromEntry(entry, parentAlias, key, struct) {
-    let value = entry[key] || entry[key.toUpperCase()]
+    let value = entry[key] ?? entry[key.toUpperCase()]
     if (value === undefined) {
       value = entry[`${parentAlias}_${key}`] || entry[`${parentAlias}_${key}`.toUpperCase()]
     }

package/libx/_runtime/db/expand/rawToExpanded.js

@@ -158,9 +158,7 @@ class RawToExpanded {
     }
 
     // No property holds any value. A to null must have failed.
-    if (isEntityNull) {
-      return
-    }
+    if (isEntityNull) return
 
     return row
   }
@@ -175,10 +173,10 @@ class RawToExpanded {
    */
   _isNull(isEntityNull, value, key) {
     if (isEntityNull === undefined) {
-      return value === null || value === undefined || key === 'IsActiveEntity'
+      return value == null || key === 'IsActiveEntity'
     }
 
-    return isEntityNull === true && (value === null || value === undefined || key === 'IsActiveEntity')
+    return isEntityNull === true && (value == null || key === 'IsActiveEntity')
   }
 
   /**

package/libx/_runtime/db/utils/generateAliases.js

@@ -120,7 +120,7 @@ const _addAliasToElement = (expr, alias) => {
       alias = alias(expr.ref)
     }
 
-    return { ref: [alias, ...expr.ref] }
+    return { ...expr, ref: [alias, ...expr.ref] }
   }
 
   if (expr.list) {

package/libx/_runtime/fiori/generic/activate.js

@@ -122,7 +122,7 @@ const fioriGenericActivate = async function (req) {
   if (!draftData) req.reject(404)
   if (adminData.InProcessByUser !== req.user.id) {
     // REVISIT: security log?
-    req.reject(403, 'DRAFT_LOCKED_BY_ANOTHER_USER')
+    req.reject(403, 'DRAFT_LOCKED_BY_ANOTHER_USER', [adminData.InProcessByUser])
   }
 
   /*

package/libx/_runtime/fiori/generic/before.js

@@ -4,7 +4,7 @@ const { SELECT } = cds.ql
 
 const { isNavigationToMany } = require('../utils/req')
 const { getKeysCondition, removeIsActiveEntityRecursively } = require('../utils/where')
-const { isDraftActivateAction, ensureNoDraftsSuffix, ensureDraftsSuffix, draftIsLocked } = require('../utils/handler')
+const { ensureNoDraftsSuffix, ensureDraftsSuffix, draftIsLocked } = require('../utils/handler')
 
 const { DRAFT_COLUMNS_ADMIN_MAP } = require('../../common/constants/draft')
 const { deepCopyArray } = require('../../common/utils/copy')
@@ -32,7 +32,7 @@ const _validateDraft = (req, draftResult, isBoundAction) => {
   // user than the one who locked the entity and the configured drafts cancellation
   // timeout timer has expired
   if (draftIsLocked(draftAdminData.LastChangeDateTime)) {
-    req.reject(403, 'DRAFT_LOCKED_BY_ANOTHER_USER')
+    req.reject(403, 'DRAFT_LOCKED_BY_ANOTHER_USER', [draftAdminData.CreatedByUser])
   }
 
   // At this point, the request user ID isn't the owner of the draft.
@@ -60,16 +60,19 @@ const _getSelectDraftDataCqn = (entityName, where) => {
 
 const _getRoot = req => {
   if (!req.query) return
+
   const refObj = req.query.SELECT?.from || req.query.UPDATE?.entity || req.query.INSERT?.into || req.query.DELETE?.from
+  const ref0 = refObj.ref[0]
+
   const root = {
-    entityName: ensureDraftsSuffix(refObj.ref[0].id),
-    where: removeIsActiveEntityRecursively(deepCopyArray(refObj.ref[0].where))
+    entityName: ensureDraftsSuffix(ref0.id),
+    where: removeIsActiveEntityRecursively(deepCopyArray(ref0.where))
   }
 
-  for (const item of refObj.ref[0].where) {
+  for (const item of ref0.where) {
     if (item.ref && item.ref[item.ref.length - 1] === 'IsActiveEntity') {
-      const index = refObj.ref[0].where.indexOf(item)
-      root.IsActiveEntity = refObj.ref[0].where[index + 2].val
+      const index = ref0.where.indexOf(item)
+      root.IsActiveEntity = ref0.where[index + 2].val
       break
     }
   }
@@ -115,14 +118,12 @@ const _addDraftDataFromExistingDraft = async req => {
  * Generic Handler for before NEW requests.
  */
 const _new = async function (req) {
-  if (isDraftActivateAction(req)) return // REVISIT: How can NEW be draftActivate???
-
   if (isNavigationToMany(req)) {
-    // REVISIT: How can NEW be a navigation to many?
     const result = await _addDraftDataFromExistingDraft(req)
 
     // in order to fix corner case where active subitems are created in draft case
     if (result.length === 0) req.reject(404)
+
     return
   }
 
@@ -134,19 +135,17 @@ const _new = async function (req) {
 /**
  * Generic Handler for before PATCH and UPDATE requests.
  */
-const _patchUpdate = async function (req) {
-  if (isDraftActivateAction(req)) return
-
+const _patch = async function (req) {
   const result = await _addDraftDataFromExistingDraft(req)
 
-  // means that the draft does not exists
+  // no result means that the draft does not exist
   if (result.length === 0) req.reject(404)
 }
 
 /**
  * Generic Handler for before DELETE and CANCEL requests.
  */
-const _deleteCancel = async function (req) {
+const _cancel = async function (req) {
   await _addDraftDataFromExistingDraft(req)
 }
 
@@ -181,12 +180,12 @@ const _registerBoundActionHandlers = function (entityName, actions) {
 }
 
 _new._initial = true
-_patchUpdate._initial = true
-_deleteCancel._initial = true
+_patch._initial = true
+_cancel._initial = true
 
 module.exports = cds.service.impl((srv, entity) => {
   srv.before('NEW', entity, _new)
-  srv.before(['PATCH', 'UPDATE'], entity, _patchUpdate)
-  srv.before(['DELETE', 'CANCEL'], entity, _deleteCancel)
+  srv.before('PATCH', entity, _patch)
+  srv.before('CANCEL', entity, _cancel)
   _registerBoundActionHandlers.call(srv, entity.name, entity.actions)
 })

package/libx/_runtime/fiori/generic/prepare.js

@@ -39,7 +39,7 @@ const fioriGenericPrepare = async function (req) {
   if (!result) req.reject(404)
   if (result.draftAdmin_inProcessByUser !== req.user.id) {
     // REVISIT: security log?
-    req.reject(403, 'DRAFT_LOCKED_BY_ANOTHER_USER')
+    req.reject(403, 'DRAFT_LOCKED_BY_ANOTHER_USER', [result.draftAdmin_inProcessByUser])
   }
   delete result.draftAdmin_inProcessByUser
   return result

package/libx/_runtime/fiori/generic/read.js

@@ -787,7 +787,7 @@ const _getOrderByEnrichedColumns = (orderBy, columns, entity) => {
   const enrichedCol = []
 
   if (orderBy && orderBy.length > 1) {
-    const colNames = columns.map(el => el.ref[el.ref.length - 1])
+    const colNames = columns.filter(el => el.ref).map(el => el.ref[el.ref.length - 1])
 
     // REVISIT: GET Books?$select=title&$expand=NotBooks($select=pages)&$orderby=NotBooks/title - what's then?
     for (const el of orderBy) {

package/libx/_runtime/fiori/lean-draft.js

@@ -25,6 +25,16 @@ const DRAFT_ADMIN_ELEMENTS = [
   'DraftIsProcessedByMe'
 ]
 
+/// It's important to wait for the completion of all promises, otherwise a rollback might happen too soon
+const _promiseAll = async array => {
+  const results = await Promise.allSettled(array)
+  const e = results.find(r => r.status === 'rejected')
+  if (e) throw e.reason
+  return results.map(r => r.value)
+}
+
+const _isCount = query => query.SELECT.columns?.length === 1 && query.SELECT.columns[0].func === 'count'
+
 const _inProcessByUserXpr = lockShiftedNow => ({
   xpr: [
     'case',
@@ -42,14 +52,6 @@ const _inProcessByUserXpr = lockShiftedNow => ({
   cast: { type: 'cds.String' }
 })
 
-/// It's important to wait for the completion of all promises, otherwise a rollback might happen too soon
-const _promiseAll = async array => {
-  const results = await Promise.allSettled(array)
-  const e = results.find(r => r.status === 'rejected')
-  if (e) throw e.reason
-  return results.map(r => r.value)
-}
-
 const _lock = {
   get shiftedNow() {
     return new Date(Math.max(0, Date.now() - DRAFT_CANCEL_TIMEOUT_IN_MIN() * 60 * 1000)).toISOString()
@@ -160,7 +162,8 @@ cds.ApplicationService.prototype.handle = async function (req) {
       ])
     )
     const inProcessByUser = draft?.DraftAdministrativeData?.InProcessByUser
-    if (inProcessByUser && inProcessByUser !== cds.context.user.id) req.reject(403, 'DRAFT_LOCKED_BY_ANOTHER_USER')
+    if (inProcessByUser && inProcessByUser !== cds.context.user.id)
+      req.reject(403, 'DRAFT_LOCKED_BY_ANOTHER_USER', [inProcessByUser])
     const deletes = [run(DELETE.from({ ref: query.DELETE.from.ref }))]
     if (draft)
       deletes.push(
@@ -201,21 +204,22 @@ cds.ApplicationService.prototype.handle = async function (req) {
     )
     if (!res) req.reject(404)
     if (res.DraftAdministrativeData?.InProcessByUser !== cds.context.user.id)
-      req.reject(403, 'DRAFT_LOCKED_BY_ANOTHER_USER')
+      req.reject(403, 'DRAFT_LOCKED_BY_ANOTHER_USER', [res.DraftAdministrativeData?.InProcessByUser])
     const DraftAdministrativeData_DraftUUID = res.DraftAdministrativeData_DraftUUID
     delete res.DraftAdministrativeData_DraftUUID
     delete res.DraftAdministrativeData
     const HasActiveEntity = res.HasActiveEntity
     delete res.HasActiveEntity
     delete res.IsActiveEntity
+    // First run the handlers as they might need access to DraftAdministrativeData or the draft entities
+    const result = await run(
+      HasActiveEntity ? UPDATE(req.target).data(res).where(targetWhere) : INSERT.into(req.target).entries(res)
+    )
     await _promiseAll([
       run(DELETE.from(targetDraft).where(targetWhere)),
       DELETE.from('DRAFT.DraftAdministrativeData').where({ DraftUUID: DraftAdministrativeData_DraftUUID })
     ])
 
-    const result = await run(
-      HasActiveEntity ? UPDATE(req.target).data(res).where(targetWhere) : INSERT.into(req.target).entries(res)
-    )
     req?._?.odataRes?.setStatusCode(201)
 
     return Object.assign(result, { IsActiveEntity: true })
@@ -239,7 +243,7 @@ cds.ApplicationService.prototype.handle = async function (req) {
 
   if (req.event === 'PATCH') {
     if (draftParams.IsActiveEntity) req.reject(501)
-    if (req.event === 'PATCH' && !('IsActiveEntity' in draftParams)) {
+    if (!('IsActiveEntity' in draftParams)) {
       const res = await run(
         SELECT.one.from({ ref: req.UPDATE.entity.ref }).columns('DraftAdministrativeData_DraftUUID')
       )
@@ -248,7 +252,7 @@ cds.ApplicationService.prototype.handle = async function (req) {
       const result = await handle(_req)
       return result
     }
-    if (req.event === 'PATCH' && draftParams.IsActiveEntity === false) {
+    if (draftParams.IsActiveEntity === false) {
       LOG.debug('patch draft')
       if (req.target?.name.endsWith('DraftAdministrativeData')) req.reject(405)
       const draftsRef = _redirectRefToDrafts(query.UPDATE.entity.ref, this.model)
@@ -260,7 +264,7 @@ cds.ApplicationService.prototype.handle = async function (req) {
       )
       if (!res) req.reject(404)
       if (res.DraftAdministrativeData?.InProcessByUser !== cds.context.user.id)
-        req.reject(403, 'DRAFT_LOCKED_BY_ANOTHER_USER')
+        req.reject(403, 'DRAFT_LOCKED_BY_ANOTHER_USER', [res.DraftAdministrativeData?.InProcessByUser])
       await UPDATE('DRAFT.DraftAdministrativeData')
         .data({
           InProcessByUser: req.user.id,
@@ -345,6 +349,7 @@ const Read = {
   onlyActives: async function (run, query, { ignoreDrafts } = {}) {
     LOG.debug('List Editing Status: Only Active')
     // DraftAdministrativeData is only accessible via drafts
+    if (_isCount(query)) return run(query)
     if (query._target.name.endsWith('.DraftAdministrativeData')) return run(query._drafts)
     if (!query._target._isDraftEnabled) return run(query)
     if (!query.SELECT.groupBy && query.SELECT.columns && !query.SELECT.columns.some(c => c === '*')) {
@@ -428,7 +433,7 @@ const Read = {
     LOG.debug('List Editing Status: All')
     query._drafts.SELECT.count = false
     query._drafts.SELECT.limit = undefined // We need all entries for the keys to properly select actives (count)
-    const isCount = query._drafts.SELECT.columns?.[0]?.func === 'count'
+    const isCount = _isCount(query._drafts)
     if (isCount) {
       const keys = Object_keys(query._target.keys).filter(k => k !== 'IsActiveEntity')
       query._drafts.SELECT.columns = keys.map(k => ({ ref: [k] }))
@@ -839,7 +844,7 @@ async function onNew(req) {
     )
     if (!rootData) req.reject(404)
     if (rootData.DraftAdministrativeData?.InProcessByUser !== req.user.id)
-      req.reject(403, 'DRAFT_LOCKED_BY_ANOTHER_USER')
+      req.reject(403, 'DRAFT_LOCKED_BY_ANOTHER_USER', [rootData.DraftAdministrativeData.InProcessByUser])
     DraftUUID = rootData.DraftAdministrativeData_DraftUUID
   }
   const timestamp = cds.context.timestamp.toISOString() // REVISIT: toISOString should be done on db layer
@@ -863,7 +868,7 @@ async function onNew(req) {
         .where({ DraftUUID })
 
   const _assignDraftData = (obj, target) => {
-    const newObj = Object.assign({ DraftAdministrativeData_DraftUUID: DraftUUID, HasActiveEntity: false }, obj)
+    const newObj = Object.assign({}, obj, { DraftAdministrativeData_DraftUUID: DraftUUID, HasActiveEntity: false })
     if (!target) return newObj
 
     // Also support deep insertions
@@ -993,7 +998,7 @@ async function onCancel(req) {
   const draft = await this.run(draftDelete)
   if (draftParams.IsActiveEntity === false && !draft) req.reject(404)
   if (draft && draft.DraftAdministrativeData?.InProcessByUser !== cds.context.user.id)
-    req.reject(403, 'DRAFT_LOCKED_BY_ANOTHER_USER')
+    req.reject(403, 'DRAFT_LOCKED_BY_ANOTHER_USER', [draft.DraftAdministrativeData?.InProcessByUser])
   const deletes = !draft ? [] : [this.run(DELETE.from({ ref: req.query.DELETE.from.ref }))]
   if (draft && req.target['@Common.DraftRoot.ActivationAction'])
     // only for draft root
@@ -1023,7 +1028,8 @@ async function onPrepare(req) {
   Object.defineProperty(draftQuery, '_draftParams', { value: draftParams, enumerable: false })
   const data = await this.run(draftQuery)
   if (!data) req.reject(404)
-  if (data.DraftAdministrativeData?.InProcessByUser !== req.user.id) req.reject(403, 'DRAFT_LOCKED_BY_ANOTHER_USER')
+  if (data.DraftAdministrativeData?.InProcessByUser !== req.user.id)
+    req.reject(403, 'DRAFT_LOCKED_BY_ANOTHER_USER', [data.DraftAdministrativeData?.InProcessByUser])
   delete data.DraftAdministrativeData
   return { ...data, IsActiveEntity: false }
 }

package/libx/_runtime/fiori/utils/handler.js

@@ -188,11 +188,6 @@ const removeDraftUUIDIfNecessary = req =>
     ? () => {}
     : result => delete result.DraftAdministrativeData_DraftUUID
 
-const isDraftActivateAction = req => {
-  // REVISIT: get rid of getUrlObject
-  if (req.getUrlObject) return req.getUrlObject().pathname.endsWith('draftActivate')
-}
-
 const addColumnAlias = (columns, alias) => {
   if (!alias) {
     return columns
@@ -258,7 +253,6 @@ module.exports = {
   getUpdateDraftAdminCQN,
   getEnrichedCQN,
   removeDraftUUIDIfNecessary,
-  isDraftActivateAction,
   ensureDraftsSuffix,
   ensureNoDraftsSuffix,
   ensureUnlocalized,

package/libx/_runtime/hana/customBuilder/CustomFunctionBuilder.js

@@ -21,7 +21,7 @@ class CustomFunctionBuilder extends FunctionBuilder {
 
   _handleContains(args) {
     // fuzzy search has three arguments, must not be converted to like expressions
-    if (args.length > 2 || this._options.$searchUsingContains) {
+    if (args.length > 2 || this._obj.searchUsingContains) {
       this._outputObj.sql.push('CONTAINS')
       this._addFunctionArgs(args, true)
       return

package/libx/_runtime/hana/customBuilder/CustomSelectBuilder.js

@@ -4,11 +4,6 @@ const LOG = cds.log('hana|db|sql')
 const SelectBuilder = require('../../db/sql-builder').SelectBuilder
 
 class CustomSelectBuilder extends SelectBuilder {
-  constructor(obj, options, csn) {
-    super(obj, options, csn)
-    // $searchUsingContains property is set in the sub SELECT of the query, optimized search case
-    if (this._obj?._$searchUsingContains) this._options.$searchUsingContains = this._obj._$searchUsingContains
-  }
   get FunctionBuilder() {
     const FunctionBuilder = require('./CustomFunctionBuilder')
     Object.defineProperty(this, 'FunctionBuilder', { value: FunctionBuilder })