@sap/cds 7.6.1 → 7.6.3

package/CHANGELOG.md

@@ -4,6 +4,25 @@
 - The format is based on [Keep a Changelog](http://keepachangelog.com/).
 - This project adheres to [Semantic Versioning](http://semver.org/).
 
+## Version 7.6.3 - 2024-02-13
+
+### Fixed
+
+- Event Mesh webhooks now add standard `before` middlewares in case of custom authorization
+- `compile.to.serviceinfo` no longer fails for services marked with `@protocol:'none'`. Such internal services are not shown in the output.
+
+## Version 7.6.2 - 2024-02-09
+
+### Fixed
+
+- Introduce i18n `BATCH_TOO_MANY_REQ` key for error message: "Batch request contains too many requests"
+- Properly handle `$orderby` in lean draft
+- View resolving in combination with `@cap-js/cds-db`
+- Allow `cds.requires.someService.outbox` to be a string
+- `cds.log`: errors, when not the first argument, were considered objects carrying custom fields
+- `accept` header parsing for OData requests if quality factor `q` is included
+- Broken links on index page if multiple protocols are configured
+
 ## Version 7.6.1 - 2024-01-30
 
 ### Fixed

package/app/index.js

@@ -1,10 +1,10 @@
 const cds = require('../lib')
 const { find, path, fs } = cds.utils
 
-module.exports = { get html(){
+const odata = srv => srv.endpoints?.[0]?.kind.startsWith('odata')
+const metadata = srv => odata(srv) ? ` / <a href="${srv.path}/$metadata">$metadata</a>` : ``
 
-  const odata = srv => srv._adapters && Object.keys(srv._adapters).find (a => a.startsWith ('odata'))
-  const metadata = srv => odata(srv) ? ` / <a href="${srv.path}/$metadata">$metadata</a>` : ``
+module.exports = { get html(){
 
   let html = fs.readFileSync(path.join(__dirname,'index.html'),'utf-8')
   // .replace ('{{subtitle}}', 'Version ' + cds.version)
@@ -26,17 +26,6 @@ module.exports = { get html(){
         </ul>
   `).join(''))
 
-  // add /graphql
-  if (cds.env.features.graphql) {
-    html = html.replace(/\n\s*<footer>/, `
-
-        <h3>
-          <a href="/graphql">/graphql</a>
-        </h3>
-
-        <footer>`)
-  }
-
   Object.defineProperty (this,'html',{value:html})
   return html
 
@@ -64,12 +53,12 @@ function _entities_in (service) {
 }
 
 function _moreLinks (srv, entity) {
-  return (srv.$linkProviders || [])
+  return odata(srv) ? (srv.$linkProviders || [])
     .map (linkProv => linkProv(entity))
     .filter (l => l && l.href && l.name)
     .sort ((l1, l2) => l1.name.localeCompare(l2))
     .map (l => ` <a class="preview" href="${l.href}" title="${l.title||l.name}"> &rarr; ${l.name}</a>`)
-    .join (' ')
+    .join (' ') : ''
 }
 
 function _project(){

package/lib/compile/to/srvinfo.js

@@ -11,17 +11,20 @@ module.exports = (model, options={}) => {
   const javaPrefix = _javaPrefix()
   const isJavaProject = !!javaPrefix
 
-  cds.linked(model) .all ('service') .forEach (service => {
-    if (isJavaProject) {
-      result.push(_makeJava(service))
-      if (isNodeProject) {  // could be a node project as well (hybrid)
+  cds.linked(model) .all ('service')
+    .filter(service => service['@protocol'] !== 'none') // 'none' means internal service
+    .forEach (service => {
+      if (isJavaProject) {
+        result.push(_makeJava(service))
+        if (isNodeProject) {  // could be a node project as well (hybrid)
+          result.push(_makeNode(service))
+        }
+      }
+      else { // assume this is node
         result.push(_makeNode(service))
       }
     }
-    else { // assume this is node
-      result.push(_makeNode(service))
-    }
-  })
+  )
 
   return result
 
@@ -46,11 +49,13 @@ module.exports = (model, options={}) => {
 
    // the URL path that is *likely* effective at runtime
   function _url4 (p) {
-    p = p.replace(/\\/g, '/') // handle Windows
-         .replace(/^\/+/, '') // strip leading
-         .replace(/\/+$/, '') // strip trailing
-    p += '/' // end with /
-    return p
+    if (p) {
+      p = p.replace(/\\/g, '/') // handle Windows
+           .replace(/^\/+/, '') // strip leading
+           .replace(/\/+$/, '') // strip trailing
+      p += '/' // end with /
+      return p
+    }
   }
 
   function _javaPath (service) {

package/lib/log/format/aspects/als.js

@@ -3,6 +3,7 @@ const cds = require('../../..')
 const $remove = Symbol('remove')
 
 const _is_custom_fields = (arg, custom_fields) => {
+  if (!Object.keys(arg).length) return false
   for (const k in arg) if (!(k in custom_fields)) return false
   return true
 }

package/lib/log/format/json.js

@@ -65,10 +65,14 @@ module.exports = function format(module, level, ...args) {
   }
   toLog.timestamp = new Date()
 
+  // start message with leading string args (if any)
+  const i = args.findIndex(arg => typeof arg === 'object' && arg.message)
+  if (i > 0 && args.slice(0, i).every(arg => typeof arg === 'string')) toLog.msg = args.splice(0, i).join(' ')
+
   // merge toLog with passed Error (or error-like object)
   if (args.length && typeof args[0] === 'object' && args[0].message) {
     const err = args.shift()
-    toLog.msg = err.message
+    toLog.msg = `${toLog.msg ? toLog.msg + ' ' : ''}${err.message}`
     if (typeof err.stack === 'string' && !_is4xx(err)) toLog.stacktrace = err.stack.split(/\s*\r?\n\s*/)
     if (Array.isArray(err.details))
       for (const d of err.details)

package/lib/req/cds-context.js

@@ -55,4 +55,4 @@ module.exports = new class extends AsyncLocalStorage {
   }
 }
 
-const _error = (err, cds) => { cds.log().error(`ERROR occured in background job:`, err); return err }
+const _error = (err, cds) => { cds.log().error(`ERROR occurred in background job:`, err); return err }

package/libx/_runtime/cds-services/adapter/odata-v4/okra/odata-server/batch/BatchProcessor.js

@@ -36,7 +36,7 @@ class BatchProcessor {
    * @returns {Promise} the overall result
    */
   process () {
-    if(cds.env.odata.batch_limit < this._batchContext.getRequestList().length) return Promise.reject({statusCode: 429, message: 'Batch request contains too many requests'})
+    if(cds.env.odata.batch_limit < this._batchContext.getRequestList().length) return Promise.reject({statusCode: 429, code: 'BATCH_TOO_MANY_REQ'})
     const request = this._batchContext.getRequest()
     const componentManager = request.getService().getComponentManager()
 

package/libx/_runtime/cds-services/adapter/odata-v4/okra/odata-server/http/HttpHeaderReader.js

@@ -9,7 +9,7 @@ const HeaderInfo = require('./HeaderInfo')
 const AcceptTypeInfo = require('../format/AcceptTypeInfo')
 const CharsetInfo = require('../format/CharsetInfo')
 
-const Q_PATTERN = new RegExp('^(?:(?:0(?:\\.\\d{0,3})?)|(?:1(?:\\.0{0,3})?))$')
+const Q_PATTERN = new RegExp('^(?:(?:0(?:\\.\\d{0,3})?)|(?:1(?:\\.0{0,3})?)|(?:0?\\.\\d{0,3})|\\bq=\\.\\d{0,3}\\b)$')
 
 /**
  * Reads header values as defined in RFCs 7231, 7230, 7240, and 5234.

package/libx/_runtime/cds-services/adapter/odata-v4/okra/odata-server/serializer/TrustedResourceJsonSerializer.js

@@ -303,6 +303,11 @@ class TrustedResourceJsonSerializer {
    * @private
    */
   _serializeStructure (result, type, data, expandItems, odataPath, structurePath) {
+    // enterprise search result? -> simply return what was provided
+    if (type._fqn?.name === 'sap_esh_SearchResult') {
+      return Object.assign(result, data)
+    }
+
     for (const entityProp in data) {
       // draft-enabled entities in odata v2 have own property DraftAdministrativeData_DraftUUID -> preserve if in data
       if (entityProp === 'DraftAdministrativeData_DraftUUID') {
@@ -337,12 +342,6 @@ class TrustedResourceJsonSerializer {
         const isCollection = Array.isArray(propertyValue)
         const edmProperty = type.getStructuralProperty(entityProp)
 
-        // enterprise search result? -> simple return what was provided
-        if (type._fqn?.name === 'sap_esh_SearchResult') {
-          result[entityProp] = propertyValue
-          continue
-        }
-
         if (edmProperty) {
           let propertyType = edmProperty.getType()
 

package/libx/_runtime/common/i18n/messages.properties

@@ -81,6 +81,9 @@ INVALID_PATCH=PATCH is only allowed on a specific resource
 INVALID_DELETE=DELETE is only supported on a specific resource
 CRUD_VIA_NAVIGATION_NOT_SUPPORTED=CRUD via navigations is not yet supported
 
+# OData protocol adapter
+BATCH_TOO_MANY_REQ=Batch request contains too many requests
+
 # draft
 DRAFT_ALREADY_EXISTS=A draft for this entity already exists
 DRAFT_NOT_EXISTING=No draft for this entity exists

package/libx/_runtime/common/utils/resolveView.js

@@ -234,7 +234,7 @@ const _newInsertColumns = (columns = [], transition) => {
 }
 
 // REVISIT: this hard-coding on ref indexes does not support path expressions
-const _newWhereRef = (newWhereElement, transition, alias, tableName, isSubSelect) => {
+const _newWhereRef = (newWhereElement, transition, alias, tableName) => {
   const newRef = Array.isArray(newWhereElement.ref) ? [...newWhereElement.ref] : [newWhereElement.ref]
 
   if (newRef.length > 1 && newRef[0] === alias) {
@@ -244,15 +244,9 @@ const _newWhereRef = (newWhereElement, transition, alias, tableName, isSubSelect
     newRef[0] = transition.target.name
     const mapped = transition.mapping.get(newRef[1])
     if (mapped) newRef[1] = mapped.ref.join('_')
-  } else {
+  } else if (newRef.length === 1) {
     const mapped = transition.mapping.get(newRef[0])
-    if (isSubSelect && mapped && newRef.length === 1) {
-      // Add a table alias prefix only for not-yet-qualified refs
-      newRef.unshift(transition.target.name)
-      newRef[1] = mapped.ref[0]
-    } else {
-      if (mapped) newRef[0] = mapped.ref[0]
-    }
+    if (mapped) newRef[0] = mapped.ref.join('_')
   }
 
   newWhereElement.ref = newRef
@@ -280,7 +274,7 @@ const _newWhere = (where = [], transition, tableName, alias, isSubselect = false
     }
 
     if (newWhereElement.ref) {
-      _newWhereRef(newWhereElement, transition, alias, tableName, isSubselect)
+      _newWhereRef(newWhereElement, transition, alias, tableName)
       return newWhereElement
     }
 

package/libx/_runtime/fiori/lean-draft.js

@@ -972,7 +972,7 @@ function _cleansed(query, model) {
     }
 
     if (target.drafts && cqn.where) cqn.where = _cleanseWhere(cqn.where, draftParams, DRAFT_ELEMENTS)
-    if (target.drafts && cqn.orderBy) cqn.orderBy = _cleanseWhere(cqn.orderBy, {}, DRAFT_ELEMENTS)
+    if (target.drafts && cqn.orderBy) cqn.orderBy = _cleanseCols(cqn.orderBy, DRAFT_ELEMENTS, target) // allowed to reuse
     if (cqn.columns) cqn.columns = _cleanseCols(cqn.columns, DRAFT_ELEMENTS, target)
     return q
   }

package/libx/_runtime/messaging/AMQPWebhookMessaging.js

@@ -57,7 +57,8 @@ class AMQPWebhookMessaging extends MessagingService {
         // In case of AMQP and Solace, the `failed` callback must be called
         // with an error, otherwise there are problems with the redelivery count.
         failed(new Error('processing failed'))
-        this.LOG.error('ERROR occured in asynchronous event processing:', e)
+        e.message = 'ERROR occurred in asynchronous event processing: ' + e.message
+        this.LOG.error(e)
       }
     })
   }

package/libx/_runtime/messaging/enterprise-messaging-utils/registerEndpoints.js

@@ -17,9 +17,7 @@ class EndpointRegistry {
     if (isSecured()) {
       if (cds.requires.auth.impl) {
         if (cds.env.requires.middlewares !== false) {
-          // we use auth factory here to allow custom auth to be a factory as well
-          const custom_auth = require('../../../../lib/auth/index.js')
-          paths.forEach(path => cds.app.use(path, custom_auth()))
+          paths.forEach(path => cds.app.use(path, cds.middlewares.before)) // contains auth, trace, context
         } else {
           const impl = _require(cds.resolve(cds.requires.auth.impl))
           paths.forEach(path => cds.app.use(path, impl))

package/libx/_runtime/messaging/file-based.js

@@ -55,9 +55,10 @@ class FileBasedMessaging extends MessagingService {
                 const event = this.subscribedTopics.get(topic)
                 if (!event) return
                 this.tx(tx =>
-                  tx
-                    .emit({ event, ...json, inbound: true })
-                    .catch(e => this.LOG.error('ERROR occured in asynchronous event processing:', e))
+                  tx.emit({ event, ...json, inbound: true }).catch(e => {
+                    e.message = 'ERROR occurred in asynchronous event processing: ' + e.message
+                    this.LOG.error(e)
+                  })
                 )
               } else other.push(each + '\n')
             }

package/libx/_runtime/messaging/redis-messaging.js

@@ -80,7 +80,8 @@ class RedisMessaging extends cds.MessagingService {
         try {
           await this.tx({ user: cds.User.privileged }, tx => tx.emit(msg))
         } catch (e) {
-          this.LOG.error('ERROR occured in asynchronous event processing:', e)
+          e.message = 'ERROR occurred in asynchronous event processing: ' + e.message
+          this.LOG.error(e)
         }
       })
     }

package/libx/outbox/index.js

@@ -13,6 +13,7 @@ const cdsUser = 'cds.internal.user'
 const $messageProcessorRegistered = Symbol('message processor registered')
 const $outboxed = Symbol('outboxed')
 const $unboxed = Symbol('unboxed')
+const $stored_reqs = Symbol('stored_reqs')
 
 const _get100NanosecondTimestampISOString = () => {
   const [now, nanoseconds] = [new Date(), process.hrtime()[1]]
@@ -245,13 +246,20 @@ function outboxed(srv, customOpts) {
 
   if (!new.target) Object.defineProperty(srv, $outboxed, { value: outboxedSrv })
 
+  let requiresOpts = cds.requires.outbox
+  let serviceOpts = srv.options?.outbox
+
+  if (typeof requiresOpts === 'string') requiresOpts = { kind: requiresOpts }
+  if (typeof serviceOpts === 'string') serviceOpts = { kind: serviceOpts }
+
   const outboxOpts = Object.assign(
     {},
-    (typeof cds.requires.outbox === 'object' && cds.requires.outbox) || {},
-    (typeof srv.options?.outbox === 'object' && srv.options.outbox) || {},
+    (typeof requiresOpts === 'object' && requiresOpts) || {},
+    (typeof serviceOpts === 'object' && serviceOpts) || {},
     customOpts || {}
   )
 
+
   outboxedSrv.handle = async function (req) {
     const context = req.context || cds.context
     if (outboxOpts.kind === 'persistent-outbox' && hasPersistentOutbox(context.tenant)) {
@@ -267,16 +275,23 @@ function outboxed(srv, customOpts) {
       await writeInOutbox(srv.name, req, context)
       return
     }
-    // REVISIT: Also allow maxAttempts for in-memory outbox?
-    context.on('succeeded', async () => {
-      try {
-        if (req.reply) await originalSrv.send(req)
-        else await originalSrv.emit(req)
-      } catch (e) {
-        LOG.error('Emit failed', { event: req.event, cause: e })
-        if (isStandardError(e)) cds.exit(1)
-      }
-    })
+    if (!context[$stored_reqs]) {
+      context[$stored_reqs] = [] 
+      context.on('succeeded', async () => {
+        // REVISIT: Also allow maxAttempts for in-memory outbox?
+        for (const _req of context[$stored_reqs]) {
+          try {
+            if (req.reply) await originalSrv.send(req)
+            else await originalSrv.emit(req)
+          } catch (e) {
+            LOG.error('Emit failed', { event: req.event, cause: e })
+            if (isStandardError(e)) cds.exit(1)
+          }
+        }
+        delete context[$stored_reqs]
+      })
+    }
+    context[$stored_reqs].push(req)
   }
 
   return outboxedSrv

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sap/cds",
-  "version": "7.6.1",
+  "version": "7.6.3",
   "description": "SAP Cloud Application Programming Model - CDS for Node.js",
   "homepage": "https://cap.cloud.sap/",
   "keywords": [