@sap/cds 7.4.1 → 7.5.0

package/lib/srv/cds-serve.js

@@ -1,6 +1,6 @@
 const cds = require ('..')
-const { ProtocolAdapter } = cds.service.protocols
 const { Service } = cds.service.factory
+const { serve } = cds.service.protocols
 const _ready = Symbol(), _pending = cds.services._pending || {}
 const TRACE = cds.debug('trace')
 
@@ -82,9 +82,7 @@ module.exports = function cds_serve (som, _options) { // NOSONAR
   // cds.services, so they'll be found when they cds.connect to each others.
   let ready = provided.then (()=> Promise.all (all.map (async srv => {
     if (o.service && o.service._is_service_instance) return srv
-    srv.init && await srv.prepend (srv.init)
-    srv.options.impl && await srv.prepend (srv.options.impl)
-    cds.services[srv.name] = srv
+    cds.services[srv.name] = await srv._init()
     cds.service.providers.push (srv)
     if (srv[_ready]) srv[_ready](srv)
     return srv
@@ -104,30 +102,23 @@ module.exports = function cds_serve (som, _options) { // NOSONAR
       ready = ready.then (()=> all.forEach (each => {
         const d = each.definition
         if (d['@protocol'] === 'none' || d['@cds.api.ignore']) return each._is_dark = true
-        ProtocolAdapter.serve (each, /*in:*/ app)
+        serve (each, /*in:*/ app)
         if (!o.silent) cds.emit ('serving',each)
       }))
       return this
     },
 
-    /** Finally resolve to a single picked provider or a map of all */
-    then: (_resolve, _error) => ready.then (()=>{
-      if (all.length === 0) return _resolve()
-      const response = all.length === 1 ? all[0] : {}
-      for (const each of all) {
-        Object.defineProperty (response, each.name, { enumerable:true, configurable:true, get(){
-          let chimera = each
-          if (each.definition && !each._is_dark) {
-            chimera = ProtocolAdapter.for (each)
-            Object.setPrototypeOf (chimera, each)
-            Object.defineProperty (chimera, 'name', { value: each.name })
-          }
-          Object.defineProperty (response, each.name, { enumerable:true, value: chimera })
-          return chimera
-        }})
-      }
+    /**
+     * Finally resolve to a single service or a map of many,
+     * which can be used like that: @example
+     * let { CatalogService } = await cds.serve(...) // single or many
+     * let CatalogService = await cds.serve(...)    // single only
+     */
+    then: (_resolve, _error) => ready.then ((s)=>{
       TRACE?.timeEnd('cds.serve '+som+'  ')
-      return _resolve (response)
+      if (all.length === 0) return _resolve()
+      if (all.length === 1) return _resolve(Object.defineProperty(s=all[0],s.name,{value:s}))
+      else return _resolve (all.reduce ((r,s)=>{ r[s.name]=s; return r },{}))
     }, _error),
 
     catch: (e) => ready.catch(e)
@@ -143,8 +134,6 @@ async function _new (Service, d,m,o) {
     if (required.name) srv.name = required.name
     if (required.external && o.mocked) srv.mocked = true
   }
-  if (!srv.path) srv.path = cds.service.path4(srv,o)
-  if (!srv.endpoints) srv.endpoints = cds.service.endpoints4(srv,o)
   _pending[srv.name] = new Promise (r => srv[_ready]=r).finally(()=>{
     delete _pending[srv.name]
     delete srv[_ready]
@@ -161,5 +150,3 @@ async function _new (Service, d,m,o) {
 const is_csn = x => x && x.definitions
 const is_files = x => Array.isArray(x) || typeof x === 'string' && !/^[\w$]*$/.test(x)
 const is_class = x => typeof x === 'function' && x.prototype && /^class\b/.test(x)
-
-Object.defineProperty (module.exports, 'path4', { get(){ return cds.service.path4 } })

package/lib/srv/factory.js

@@ -1,4 +1,4 @@
-const cds = require('..'), { path, isfile } = cds.utils
+const cds = require('..'), { path, isfile, _redacted } = cds.utils
 const paths = Array.from (new Set ([ cds.root, ...require.resolve.paths('x') ]))
 const DEBUG = cds.debug('cds.service.factory',); DEBUG && DEBUG ({ 'cds.root':cds.root, paths })
 
@@ -10,7 +10,7 @@ const ServiceFactory = function (name, model, options) { //NOSONAR
   const serve = !(conf && conf.external && (!o.mocked || conf.credentials))
   const defs = !model ? {[name]:{}} : model.definitions || cds.error `Invalid argument for 'model': ${model}`
   const def = !name || name === 'db' ? {} : defs[name] || {}
-  DEBUG && DEBUG ({ name, definition:def, options:o })
+  DEBUG?. ({ name, definition:def, options:_redacted(o) })
 
   let it /* eslint-disable no-cond-assign */
   if (it = o.with)                 return _use (it) // from cds.serve (<options>)
@@ -60,7 +60,7 @@ const _function = (impl) => !_is_class(impl) ? impl : (srv) => {
 const sibling = (d) => {
   const { dir, name } = path.parse(_source(d)), TS = process.env.CDS_TYPESCRIPT
   for (let subdir of ['', './lib', './handlers']) {
-    let found = TS && _resolve(dir,subdir,name+'.ts') || _resolve(dir,subdir,name+'.js')
+    let found = TS && _resolve(dir,subdir,name+'.ts') || _resolve(dir,subdir,name+'.js') || _resolve(dir,subdir,name+'.mjs')
     if (found)  return found //> equiv to '.'+found.slice(home.length)
   }
 }

package/lib/srv/middlewares/index.js

@@ -1,6 +1,5 @@
 const auth      = exports.auth      = require('../../auth')
 const context   = exports.context   = require('./cds-context')
-const ctx_auth  = exports.ctx_auth  = require('./ctx-auth')
 const ctx_model = exports.ctx_model = require('./ctx-model')
 const errors    = exports.errors    = require('./errors')
 const trace     = exports.trace     = require('./trace')
@@ -10,7 +9,6 @@ exports.before = [
   context,    // provides cds.context
   trace,      // provides detailed trace logs when DEBUG=trace
   auth,       // provides req.user & tenant
-  ctx_auth,   // propagates auth results to cds.context
   ctx_model,  // fills in cds.context.model, in case of extensibility
 ].map(mw => _instantiate(mw))
 

package/lib/srv/middlewares/trace.js

@@ -30,7 +30,6 @@ if (!LOG._debug) module.exports = ()=>[]; else {
   class PerfTrace extends Array {
     log (...details) {
       const e = { details, start:performance.now() }
-      console.log(e)
       return this.push(e), e
     }
     done (e) {
@@ -40,7 +39,7 @@ if (!LOG._debug) module.exports = ()=>[]; else {
       const t0 = this[0].start; if (!this[0].stop) this[0].stop = performance.now()
       return '\n'+ this.map (e => truncate (format (
         (e.start - t0).toFixed(2).padStart(6), '→',
-        (e.stop  - t0).toFixed(2).padEnd(6), '= ',
+        (e.stop  - t0).toFixed(2).padEnd(6), '=',
         (e.stop  - e.start).toFixed(2).padStart(6), 'ms',
         '-', ...e.details))
       ).join('\n')
@@ -110,7 +109,7 @@ function _instrument_better_sqlite (_get_perf) {
             get(..._){ try { return x.get(..._) } finally { perf.done(pe) }},
             run(..._){ try { return x.run(..._) } finally { perf.done(pe) }},
           }
-          else return x
+          else return perf.done(pe), x
         }
         catch(e) { perf.done(pe); throw e }
       }

package/lib/srv/protocols/_legacy.js

@@ -1,34 +1,34 @@
-const libx = require('../../../libx/_runtime')
-const cds_context_model = require('../srv-models')
-const cds_context = require('../middlewares/cds-context')()
-const ctx_auth = require('../middlewares/ctx-auth')()
-const { ProtocolAdapter } = require('.')
-
-class LegacyProtocolAdapter extends ProtocolAdapter {
+const cds = require('../../index')
+cds.env.features.serve_on_root = true
 
-  static init(protocols = { ...cds.env.protocols }) {
-    // Legacy protocol behavior for odata and rest,
-    // but ensure that additional protocols like graphql can be configured
-    protocols['odata-v4'] = { get impl() { return libx.to.odata_v4 } }
-    protocols['odata'] = { get impl() { return libx.to.odata_v4 } }
-    protocols['rest'] = { get impl() { return libx.to.rest } }
-    return this.protocols = cds.service._protocols = protocols
-  }
+const protocols = require('.'), { serve } = protocols
+protocols['odata-v4'] = { ...protocols['odata-v4'], get impl() { return libx.to.odata_v4 } }
+protocols['odata'] = { ...protocols['odata'], get impl() { return libx.to.odata_v4 } }
+protocols['rest'] = { ...protocols['rest'], get impl() { return libx.to.rest } }
 
-  static serve (srv, /* in: */ app) {
-    return super.serve (srv, app, { before: [
-      cds_context,
-      libx.perf,
-      libx.auth(srv),
-      ctx_auth,
-      cap_req_logger,
-      cds_context_model.middleware4(srv)
-    ], after:[] })
-  }
+const cds_context_model = require('../srv-models')
+const cds_context = require('../middlewares/cds-context')()
+const ctx_auth = require('../../auth')._ctx_auth
+const libx = require('../../../libx/_runtime')
 
-}
+Object.defineProperty (protocols, 'serve', {
+  value: function _serve_legacy_adapter4 (srv, app) {
+    const endpoints = this.endpoints4 (srv)
+    if (endpoints.length > 1)
+      throw cds.error `Cannot serve multiple endpoints if cds.requires.middlewares is set to false`
+    return serve (srv, app, {
+      before: [
+        cds_context,
+        libx.perf,
+        libx.auth(srv), ctx_auth,
+        cap_req_logger,
+        cds_context_model.middleware4(srv)
+      ],
+      after:[]
+    })
+  }.bind(protocols)
+})
 
-const cds = require('../../index')
 const LOG = cds.log(), DEBUG = cds.debug()
 function cap_req_logger (req,_,next) {
   let url = req.originalUrl
@@ -42,6 +42,3 @@ function cap_req_logger (req,_,next) {
   })
   next()
 }
-
-LegacyProtocolAdapter.init()
-module.exports = LegacyProtocolAdapter

package/lib/srv/protocols/index.js

@@ -1,81 +1,196 @@
 const cds = require('../../index')
-const {join} = cds.utils.path
 
-class ProtocolAdapter {
+/**
+ * Provides canonic access to configured protocols as well as helper methods.
+ * Instance of this class is available as cds.service.protocols.
+ */
+class Protocols {
+
+  // Built-in protocols
+  'odata-v4' = { path: '/odata/v4', impl: './odata-v4' }
+  'odata-v2' = '/odata/v2'
+  'odata' = this['odata-v4']
+  'rest' = '/rest'
+  'hcql' = '/hcql'
+
+  /** Allows changing the default in projects */
+  default = 'odata'
+
+
+  constructor (conf = cds.env.protocols||{}) {
+    // Make helpers non-enumerable and bound functions
+    const protocols = Object.defineProperties (this, {
+      default: { writable: true, enumerable:false, value: this.default }, // makes it non-enumerable
+      serve: { writable:true, configurable:true, value: this.serve.bind(this) },
+    })
+    for (let [k,p] of Object.entries(this)) this[k] = _canonic (k,p)
+    for (let [k,p] of Object.entries(conf)) this[k] = _canonic (k,p,'merge')
+    function _canonic (kind,p,merge) {
+      if (typeof p === 'string') p = { path:p }
+      if (merge) p = { ...protocols[kind], ...p }
+      if (!p.impl) p.impl = './'+kind
+      if (!p.path.startsWith('/')) p.path = '/'+p.path
+      if (p.path.endsWith('/')) p.path = p.path.slice(0,-1)
+      return p
+    }
+  }
+
+
+  get debug() {
+    // Doing this lazy to avoid eager loading of cds.env
+    return super.debug = cds.debug('adapters')
+  }
 
   /**
-   * Provides canonicalized protocols configurations
+   * Constructs a new adapter for the given service, and mounts it to an express app.
    */
-  static init (protocols = { ...cds.env.protocols }) {
-    for (let each in protocols) protocols[each].kind = each
-    return this.protocols = cds.service._protocols = protocols
+  serve (srv, /* in: */ app, { before, after } = cds.middlewares) {
+
+    const endpoints = srv.endpoints = this.endpoints4(srv)
+    const cached = srv._adapters ??= {}
+    let n = 0
+
+    for (let { kind, path } of endpoints) {
+
+      // construct adapter instance from resolved implementation
+      let adapter = cached[kind]; if (!adapter) {
+        const conf = this[kind] ??= {}
+        let { impl } = conf; if (typeof impl !== 'function') {
+          if (impl[0] === '.') impl = __dirname+impl.slice(1)
+          try { require.resolve(impl) } catch { cds.error `Cannot find impl for protocol adapter: ${impl}` }
+          impl = conf.impl = require(impl)
+        }
+        adapter = cached[kind] = impl.prototype ? new impl(srv, conf) : impl(srv, conf)
+        if (!adapter) continue
+      }
+
+      // handle first as default adapter
+      if (n++ === 0) {
+        adapter.path = srv.path = path
+        cached._default = adapter
+        if (!app) return adapter //> when called without app, construct and return default adapter only
+
+        // Add a reject-all handler for non-existing static /webapp resources, which would lead
+        // to lots of "UriSemanticError: 'webapp' is not an entity set, ..." errors, if the
+        // service path and static app root path are the same, e.g. /browse in bookshop.
+        if (!path.match(/^\/.+\/.+/)) app.use (`${path}/webapp/`, (_,res) => res.sendStatus(404))
+
+        // Add a reject-all handler for access to /old/$metadata if new scheme is used
+        if (!cds.env.features.serve_on_root && path.startsWith(this[kind].path)) {
+          let LOG = cds.log(kind), msg = `PLEASE NOTE:\n
+            With @sap/cds version 7, default service paths have changed to '${this[kind].path}/<srv>'.
+            If you use SAP Fiori Elements, make sure to adapt the 'dataSources.uri' paths
+            in 'manifest.json' files accordingly. For more information see release notes at
+            https://cap.cloud.sap/docs/releases/jun23#changed-default-service-path.
+          `.replace(/ {9}/g,'')
+          app.use(`${path.slice(this[kind].path.length)}/\\$metadata`, (_,res) => {
+            res.status(404).send(`<pre>${msg}</pre>`)
+            LOG?.warn(msg); LOG = undefined
+          })
+        }
+      }
+
+      // mount adapter to express app
+      this.debug?.('app.use(', path, ', ... )')
+      app.use (path, before, adapter, after)
+    }
   }
 
   /**
-   * Returns the middleware impl for the given protocol
+   * Returns the endpoints for the given instance of cds.Service.
+   * Used in this.serve() and the outcome stored in srv.endpoints property.
+   * IMPORTANT: Currently only used internally in this module and should stay
+   * that way -> don't use anywhere else.
+   * @returns {{ kind:string, path:string }[]} Array of { kind, path } objects
    */
-  static middlewareFor (p) {
-    const conf = this.protocols[p] || (this.protocols[p] = {})
-    let { impl = join(__dirname,p) } = conf; if (typeof impl !== 'function') {
-      try { require.resolve(impl) } catch { cds.error `Cannot find protocol adapter implementation: ${impl}` }
-      impl = conf.impl = require(impl)
+  endpoints4 (srv, o = srv.options) {
+    const def = srv.definition; if (!def) return
+
+    // get @protocol annotations from service definition
+    let annos = o?.to || def['@protocol']
+    if (annos) {
+      if (annos === 'none') return
+      if (!annos.reduce) annos = [annos]
+    }
+    // get @odata, @rest annotations
+    else {
+      annos=[]; for (let kind in this) {
+        let path = def['@'+kind] || def['@protocol.'+kind]
+        if (path) annos.push ({ kind, path })
+      }
+    }
+    // no annotations at all -> use default protocol
+    if (!annos.length) annos.push ({ kind: this.default })
+
+    // canonicalize to { kind, path } objects
+    const no_mws = cds.requires.middlewares === false
+    const endpoints = annos.map (each => {
+      let { kind = each['='] || each, path } = each
+      let { path: prefix } = this[kind] || cds.error `Unknown protocol: ${kind}`
+      if (typeof path !== 'string') path = o?.at || o?.path || def['@path'] || _slugified(srv.name)
+      if (path[0] !== '/') path = no_mws ? '/'+path : prefix+'/'+path
+      return { kind, path }
+    })
+
+    // add serve-on-root endpoint if enabled
+    if (!no_mws && endpoints.length === 1 && cds.env.features.serve_on_root) {
+      let [{ kind, path }] = endpoints, prefix = this[kind].path
+      if (prefix && path.startsWith(prefix)) endpoints.unshift ({ kind, path: path.slice(prefix.length) })
     }
-    return impl
+
+    return endpoints.length && endpoints
   }
 
+
   /**
-   * Constructs a new adapter for the given service, or returns a formerly constructed one
+   * For compatibility with old @sap/cds-dk versions <= 7.4.0
+   * @deprecated Use def._serves_odata instead
    */
-  static for (srv, p = srv.options?.to || protocol4(srv.definition)) { // TODO default for param p?
-    const cache = srv._adapters || (srv._adapters={}); if (p in cache) return cache[p]
-    const impl = this.middlewareFor(p), conf = this.protocols[p]
-    return cache[p] = impl (srv, conf)
+  protocol4 (def) {
+    return def._serves_odata ? ['odata'] : []
   }
 
   /**
-   * Constructs a new adapter for the given service, and mounts it to an express app.
+   * Rarely used, e.g., by compile.to.srvinfo, and by compile.to.openapi:
+   * NOT PUBLIC API, hence not documented.
    */
-  static serve (srv, /* in: */ app, { before, after } = cds.middlewares) {
-    const logger = cds.log('adapters')
-
-    const endpoints = cds.service.endpoints4(srv, srv.options)
-    
-    if (endpoints.length > 1 && !cds.requires.middlewares) {
-      cds.error `Cannot serve multiple endpoints if cds.requires.middlewares is set to false`
-    }
+  path4 (srv,o) {
+    if (!srv.definition) srv = { definition: srv, name: srv.name } // fake srv object
+    return this.endpoints4(srv,o)?.[0]?.path
+  }
 
-    for (let endpoint of endpoints) {
-      let adapter = this.for(srv, endpoint.kind); if (!adapter) continue
-      // REVISIT: still needed with new handling in @sap/cds-fiori?
-      app.use (`${endpoint.path}/webapp/`, (_,res) => res.sendStatus(404))
-      app.use (adapter.path = endpoint.path, before, adapter, after)
-      logger._debug && logger.debug('app.use(', endpoint.path, ', ... )')
-
-      // REVISIT: move to @sap/cds-fiori
-      // log warning for changed path if $metadata is accessed
-      if (!cds.env.features.serve_on_root && endpoint.path.startsWith(this.protocols[endpoint.kind].path)) {
-        const oldPath = endpoint.path.replace(this.protocols[endpoint.kind].path, '')
-        let logged = false
-        app.use(`*${oldPath}/\\$metadata`, (req,res,next) => {
-          if (!logged) {
-            logger._warn && logger.warn(`With @sap/cds version 7, the service path has changed to '${endpoint.path}'.
-            If you use SAP Fiori Elements, make sure to adapt the 'dataSources.uri' paths
-            in 'manifest.json' files accordingly. For more information, see the release notes at
-            https://cap.cloud.sap/docs/releases/jun23.`)
-            logged = true
-          }
-          next()
-        })
-      }
-    }
+  /**
+   * Internal modules may use this to determine if the service is configured to serve OData.
+   * NOT PUBLIC API, hence not documented.
+   */
+  _serves_odata (def) {
+    const a = def['@protocol']
+    const vals = {odata: 1, 'odata-v4': 1}
+    if (a) return typeof a === 'string' ? a in vals : a.some(p => (p.kind||p) in vals)
+    if (def['@odata']) return true
+    if (def['@rest']) return false
+    for (let p in this) if (def['@'+p] || def['@protocol.'+p]) return false
+    return this.default === 'odata'
   }
 }
 
-const protocols = Object.keys(ProtocolAdapter.init())
-// REVISIT remove protocol4 (and protocols variable)
-const protocol4 = (def, _default = protocols[0] || 'odata-v4') => def?.['@protocol'] || protocols.find(p => def['@'+p]) || _default
 
-module.exports = { ProtocolAdapter, protocol4 }
-if (!cds.requires.middlewares) {
-  module.exports.ProtocolAdapter = require('./_legacy')
-}
+// Return a sluggified variant of a service's name
+const _slugified = name => (
+  /[^.]+$/.exec(name)[0]      //> my.very.CatalogService --> CatalogService
+  .replace(/Service$/,'')     //> CatalogService --> Catalog
+  .replace(/_/g,'-')          //> foo_bar_baz --> foo-bar-baz
+  .replace(/([a-z0-9])([A-Z])/g, (_,c,C) => c+'-'+C)  //> ODataFooBarX9 --> OData-Foo-Bar-X9
+  .toLowerCase()              //> FOO --> foo
+)
+
+
+const using_old_paths = (path) => `PLEASE NOTE:\n
+  With @sap/cds version 7, default service paths have changed to '${path}/<srv>'.
+  If you use SAP Fiori Elements, make sure to adapt the 'dataSources.uri' paths
+  in 'manifest.json' files accordingly. For more information, see the release notes at
+  https://cap.cloud.sap/docs/releases/jun23.
+`
+
+module.exports = new Protocols
+if (!cds.requires.middlewares) require('./_legacy')

package/lib/srv/protocols/odata-v4.js

@@ -1,25 +1,38 @@
-const cds = require('../../index'), { User } = cds, { decodeURI } = cds.utils
+const cds = require('../../index'),
+  { User } = cds,
+  { decodeURI } = cds.utils
 const libx = require('../../../libx/_runtime')
 const LOG = cds.log('odata')
+const express = require('express') // eslint-disable-line cds/no-missing-dependencies
 
-module.exports = function ODataAdapter (srv) { return [
-  (req, _, next) => {
+module.exports = function ODataAdapter(srv) {
+  const router = express.Router()
+
+  router.use((req, _, next) => {
     let u = req.user
     req.user = u instanceof User ? u : new User(u)
 
     let url = decodeURI(req.originalUrl)
-    LOG && LOG (req.method, url, req.body||'')
-    if (/\$batch/.test(req.url))  req.on ('dispatch', (req) => {
-      let path = decodeURI(req._path)
-      LOG && LOG ('>', req.event, path, req._query||'')
-      if (LOG._debug && req.query) LOG.debug (req.query)
-    })
+    LOG && LOG(req.method, url, req.body || '')
+    if (/\$batch/.test(req.url))
+      req.on('dispatch', req => {
+        let path = decodeURI(req._path)
+        LOG && LOG('>', req.event, path, req._query || '')
+        if (LOG._debug && req.query) LOG.debug(req.query)
+      })
 
     next()
-  },
-  ...cds.env.features.odata_new_adapter ? [
-    require('../../../libx/odata/service-document')(srv),
-    require('../../../libx/odata/metadata')(srv),
-  ] : [],
-  libx.to.odata_v4 (srv)
-]}
+  })
+
+  if (cds.env.features.odata_new_adapter) {
+    // REVISIT: add middleware for negative cases?
+    router.use(/^\/$/, require('../../../libx/odata/service-document')(srv))
+    router.use('/\\$metadata', require('../../../libx/odata/metadata')(srv))
+    router.get('*', require('../../../libx/odata/read')(srv))
+    router.use(require('../../../libx/odata/error')(srv))
+  }
+
+  router.use(libx.to.odata_v4(srv))
+
+  return router
+}

package/lib/srv/srv-api.js

@@ -15,17 +15,13 @@ class Service extends require('./srv-handlers') {
     if (model) this.model = model
   }
 
-  /**
-   * Subclasses commonly override this to register event handlers
-   */
-  init() {}
-
   /**
    * Subclasses may override this to prepare the given model appropriately
    */
   set model (csn) {
     if (csn) {
-      super.model = cds.compile.for.nodejs(csn)
+      let {definitions:defs={}} = super.model = cds.compile.for.nodejs(csn)
+      super.definition = defs[this.options?.service] || defs[this.name]
       add_methods_to (this)
     } else {
       super.model = undefined
@@ -97,14 +93,8 @@ class Service extends require('./srv-handlers') {
   /**
    * Model Reflection API...
    */
-  get definition() {
-    const defs = this.model && this.model.definitions, o = this.options
-    return super.definition = defs && (o && defs[o.service] || defs[this.name] )
-  }
-
   get namespace()  {
-    return super.namespace  = this.definition && this.definition.name
-    || this.model && this.model.namespace
+    return super.namespace  = this.definition?.name || this.model?.namespace
     || !(this.isDatabaseService) && !/\W/.test(this.name) && this.name || undefined
   }
 
@@ -131,6 +121,11 @@ class Service extends require('./srv-handlers') {
     delete cds.services[this.name]
   }
 
+  get path() { return super.path = cds.service.protocols.path4(this) }
+  set path(p) { super.path = p }
+
+  get endpoints() { return super.endpoints = cds.service.protocols.endpoints4(this) }
+  set endpoints(p) { super.endpoints = p }
 }
 
 const { dispatch, handle } = require('./srv-dispatch')

package/lib/srv/srv-handlers.js

@@ -15,23 +15,23 @@ class EventHandlers {
     (r) => r.reject (405, `Event "${r.event}" not allowed for entity "${r.path}".`)
   )}
 
-  async prepend (...impl_functions) {
-    // IMPORTANT: We might be called in parallel -> the ._handlers._real
-    // game below avoids loosing registrations due to race conditions.
-    // Note also that {__proto__:this, _handlers:_new} doesn't work as
-    // usages frequently look like that: srv.prepend(()=>srv.on(...)),
-    // which means the derived srv instance would be bypassed.
-    const _real = this._handlers._real || this._handlers
-    const _new = { on:[], before:[], after:[], _initial:[], _error:[], _real }
-    await Promise.all (impl_functions.map (fn => { if (is_impl(fn)) {
-      this._handlers = _new
-      return fn.call (this,this)
-    }}))
-    for (let handlers in _new) if (_new[handlers].length) _real[handlers] = [ ..._new[handlers], ..._real[handlers] ]
-    this._handlers = _real
+  prepend (fn) {
+    const {_handlers} = this, _new = this._handlers = { on:[], before:[], after:[], _initial:[], _error:[] }
+    const x = fn.call (this,this) // NOTE: we need the doubled await to compensate usages of srv.prepend() with missing awaits !!!
+    if (x?.then) throw cds.error `srv.prepend() doesn't accept asynchronous functions anymore`
+    for (let each in _new) if (_new[each].length) _handlers[each].unshift(..._new[each])
+    this._handlers = _handlers
     return this
   }
 
+  async init() {}
+  async _init() {
+    const { impl } = this.options
+    if (typeof impl === 'function' && !/^class\b/.test(impl))
+      await impl.call(this,this)
+    await this.init()
+    return this
+  }
 }
 module.exports = EventHandlers
 

package/lib/utils/cds-utils.js

@@ -200,3 +200,18 @@ if (process.env.JEST_WORKER_ID === undefined) {  // jest's ESM support is experi
     return import (pathToFileURL(id).href) // must use a file: URL, esp. on Windows for C:\... paths
   }
 }
+
+/**
+ * Masks password-like strings, also reducing clutter in output
+ */
+const SECRETS = /(password)|(certificate)|(ca)|(clientsecret)|(secret)|(key)|(clientcert)/i
+exports._redacted = function _redacted(cred) {
+  if (!cred) return cred
+  if (Array.isArray(cred)) return cred.map(_redacted)
+  if (typeof cred === 'object') {
+    const newCred = Object.assign({}, cred)
+    Object.keys(newCred).forEach(k => (typeof newCred[k] === 'string' && SECRETS.test(k)) ? (newCred[k] = '...') : (newCred[k] = _redacted(newCred[k])))
+    return newCred
+  }
+  return cred
+}