@sap/cds 7.6.4 → 7.7.1

package/libx/odata/{afterburner.js → parse/afterburner.js}

@@ -1,10 +1,10 @@
-const cds = require('../_runtime/cds')
+const cds = require('../../../')
 
-const { where2obj, resolveFromSelect } = require('../_runtime/common/utils/cqn')
-const { findCsnTargetFor } = require('../_runtime/common/utils/csn')
-const normalizeTimestamp = require('../_runtime/common/utils/normalizeTimestamp')
-const { rewriteExpandAsterisk } = require('../_runtime/common/utils/rewriteAsterisks')
-const resolveStructured = require('../_runtime/common/utils/resolveStructured')
+const { where2obj, resolveFromSelect } = require('../../_runtime/common/utils/cqn')
+const { findCsnTargetFor } = require('../../_runtime/common/utils/csn')
+const normalizeTimestamp = require('../../_runtime/common/utils/normalizeTimestamp')
+const { rewriteExpandAsterisk } = require('../../_runtime/common/utils/rewriteAsterisks')
+const resolveStructured = require('../../_runtime/common/utils/resolveStructured')
 
 const _addKeysDeep = (keys, keysCollector, ignoreManagedBacklinks) => {
   for (const keyName in keys) {
@@ -165,28 +165,28 @@ function _processWhere(where, entity) {
 
     if (element) {
       i += 2
-      where[valIndex].val = _convertVal(element, where[valIndex].val)
+      where[valIndex].val = _convertVal(where[valIndex].val, element)
     }
   }
 }
 
-function _convertVal(element, value) {
+function _convertVal(value, element) {
   if (value === null) return value
   switch (element._type) {
+    // numbers
     case 'cds.UInt8':
     case 'cds.Integer':
     case 'cds.Int16':
     case 'cds.Int32':
-      if (!/^-?\+?\d+$/.test(value)) throw new Error('Not a valid integer')
+      if (!/^-?\+?\d+$/.test(value))
+        throw Object.assign(new Error(`${element.name} does not contain a valid Integer`), { statusCode: 400 })
       // eslint-disable-next-line no-case-declarations
       const n = Number(value)
-      if (!Number.isSafeInteger(n)) throw new Error('Not a valid integer')
-      if (element._type === 'cds.UInt8' && n < 0) throw new Error('Not a positive integer')
+      if (!Number.isSafeInteger(n))
+        throw Object.assign(new Error(`${element.name} does not contain a valid Integer`), { statusCode: 400 })
+      if (element._type === 'cds.UInt8' && n < 0)
+        throw Object.assign(new Error(`${element.name} does not contain a valid positive Integer`), { statusCode: 400 })
       return n
-
-    case 'cds.String':
-    case 'cds.LargeString':
-      return String(value)
     case 'cds.Double':
       return parseFloat(value)
     case 'cds.Decimal':
@@ -195,18 +195,44 @@ function _convertVal(element, value) {
     case 'cds.Integer64':
       if (typeof value === 'string') return value
       return String(value)
+    // others
+    case 'cds.String':
+    case 'cds.LargeString':
+      return String(value)
     case 'cds.Boolean':
       return typeof value === 'string' ? value === 'true' : value
-
     case 'cds.Timestamp':
       return normalizeTimestamp(value)
-
     default:
       return value
   }
 }
 
-function _processSegments(from, model, namespace, cqn) {
+const getStructRef = (element, ref = []) => {
+  if (element.kind === 'element') {
+    if (element.parent.kind === 'element') {
+      getStructRef(element.parent, ref)
+      ref.push(element.name)
+    }
+    if (element.parent.kind === 'entity') {
+      ref.push(element.name)
+    }
+  }
+  return ref
+}
+
+const getStructTargetName = element => {
+  if (element.kind === 'element') {
+    if (element.parent.kind === 'element') {
+      return getStructTargetName(element.parent)
+    }
+    if (element.elements && element.parent.kind === 'entity') {
+      return element.parent.name
+    }
+  }
+}
+
+function _processSegments(from, model, namespace, cqn, protocol) {
   const { ref } = from
 
   let current = model
@@ -247,7 +273,7 @@ function _processSegments(from, model, namespace, cqn) {
 
     if (incompleteKeys) {
       // > key
-      keys = keys || _keysOf(current, cds.env.features.odata_new_parser) // if odata, skip backlinks as key as they are used from structure
+      keys = keys || _keysOf(current, protocol !== 'rest') // if odata, skip backlinks as key as they are used from structure
       let key = keys[keyCount++]
       one = true
       const element = current.elements[key]
@@ -262,7 +288,7 @@ function _processSegments(from, model, namespace, cqn) {
           .join(',')})`
         base.where.push({ ref: [key] }, '=', { val })
       } else {
-        const val = _convertVal(element, seg)
+        const val = _convertVal(seg, element)
         base.where.push({ ref: [key] }, '=', { val })
       }
       ref[i] = null
@@ -306,7 +332,10 @@ function _processSegments(from, model, namespace, cqn) {
         ref[i].where = undefined
         if (ref[i + 1] !== 'Set') {
           // /Set is missing
-          throw cds.error(`Invalid call to "${current.name}". You need to navigate to Set`, { status: 400, code: 400 })
+          throw cds.error(`Invalid call to "${current.name}". You need to navigate to Set`, {
+            statusCode: 400,
+            code: 400
+          })
         }
         ref[++i] = null
       } else if (current.kind === 'entity') {
@@ -352,13 +381,32 @@ function _processSegments(from, model, namespace, cqn) {
           _resolveAliasesInXpr(ref[i].where, current)
           _processWhere(ref[i].where, current)
         }
+      } else if (current.kind === 'element' && current.elements && i < ref.length - 1) {
+        // > structured
+        continue
       } else {
         // > property
         // we do not support navigations from properties yet
         one = true
         // if the last segment is a property, it must be removed and pushed to columns
         target = target || _getDefinition(model, ref[0].id, namespace)
-        if (Object.keys(target.elements).includes(current.name)) {
+        if (getStructTargetName(current) === target.name) {
+          // TODO add simple isStructured check before
+          if (!cqn.SELECT.columns) cqn.SELECT.columns = []
+          const ref = getStructRef(current)
+          cqn.SELECT.columns.push({ ref }) // store struct as ref
+          // we need the keys to generate the correct @odata.context
+          for (const key in target.keys || {}) {
+            if (key !== 'IsActiveEntity' && !cqn.SELECT.columns.some(c => c.ref?.[0] === key))
+              cqn.SELECT.columns.push({ ref: [key] })
+          }
+          Object.defineProperty(cqn, '_propertyAccess', { value: current.name, enumerable: false })
+          // if we end up with structured, keep path as is, if we end up with property in structured, cut off property
+          if (!current.elements) {
+            from.ref.splice(-1)
+          }
+          break
+        } else if (Object.keys(target.elements).includes(current.name)) {
           if (!cqn.SELECT.columns) cqn.SELECT.columns = []
           cqn.SELECT.columns.push({ ref: ref.slice(i) })
           // we need the keys to generate the correct @odata.context
@@ -366,6 +414,7 @@ function _processSegments(from, model, namespace, cqn) {
             if (key !== 'IsActiveEntity' && !cqn.SELECT.columns.some(c => c.ref?.[0] === key))
               cqn.SELECT.columns.push({ ref: [key] })
           }
+          // REVISIT: remove hacky _propertyAccess
           Object.defineProperty(cqn, '_propertyAccess', { value: current.name, enumerable: false })
           from.ref.splice(i)
           break
@@ -382,7 +431,7 @@ function _processSegments(from, model, namespace, cqn) {
           keyCount === 1 ? 'was' : 'were'
         } provided.`
       ),
-      { status: 400 }
+      { statusCode: 400 }
     )
   }
 
@@ -430,7 +479,7 @@ function _removeDuplicateAsterisk(columns) {
   }
 }
 
-function _processColumns(cqn, target) {
+function _processColumns(cqn, target, protocol) {
   if (cqn.SELECT.from.SELECT) _processColumns(cqn.SELECT.from, target)
 
   let columns = cqn.SELECT.columns
@@ -445,7 +494,7 @@ function _processColumns(cqn, target) {
     _removeDuplicateAsterisk(columns)
 
     rewriteExpandAsterisk(columns, entity)
-    if (cds.env.features.odata_new_parser) _addKeys(columns, entity)
+    if (protocol !== 'rest') _addKeys(columns, entity)
   }
 
   if (!Array.isArray(columns)) return
@@ -481,7 +530,7 @@ const _checkAllKeysProvided = (params, entity) => {
   if (isView) {
     // view with params
     if (params === undefined) {
-      throw cds.error(`Invalid call to "${entity.name}". You need to navigate to Set`, { status: 400, code: 400 })
+      throw cds.error(`Invalid call to "${entity.name}". You need to navigate to Set`, { statusCode: 400, code: 400 })
     } else if (Object.keys(params).length === 0) {
       throw new Error('KEY_EXPECTED')
     }
@@ -505,7 +554,7 @@ const _checkAllKeysProvided = (params, entity) => {
             entity.name
           }"`
         ),
-        { status: 400 }
+        { statusCode: 400 }
       )
     }
   }
@@ -548,6 +597,7 @@ function _cleanupIgnored(SELECT, ignoredColumns, target, isOne) {
 
 function _4service(service) {
   const { namespace, model } = service
+  const protocol = service.options?.to
   if (!model) return cqn => cqn
 
   return cqn => {
@@ -575,7 +625,7 @@ function _4service(service) {
     /*
      * key vs. path segments (/Books/1/author/books/2/...) and more
      */
-    const { one, current, target } = _processSegments(from, model, namespace, cqn)
+    const { one, current, target } = _processSegments(from, model, namespace, cqn, protocol)
 
     if (cqn.SELECT.where) {
       _processWhere(cqn.SELECT.where, root)
@@ -594,7 +644,7 @@ function _4service(service) {
     /*
      * add default aggregation function (and alias)
      */
-    _processColumns(cqn, current)
+    _processColumns(cqn, current, protocol)
 
     const ignoredColumns = Object.values(root.elements ?? {})
       .filter(element => element['@cds.api.ignore'])

package/libx/odata/{cqn2odata.js → parse/cqn2odata.js}

@@ -1,5 +1,6 @@
-const { formatVal } = require('./utils')
-const cds = require('../_runtime/cds')
+const cds = require('../../../')
+
+const { formatVal } = require('../utils')
 
 const OPERATORS = {
   '=': 'eq',
@@ -119,7 +120,8 @@ const _format = (cur, elementName, target, kind, isLambda, func) => {
   if (typeof cur !== 'object') return encodeURIComponent(formatVal(cur, elementName, target, kind))
   if (hasValidProps(cur, 'ref'))
     return encodeURIComponent(isLambda ? [LAMBDA_VARIABLE, ...cur.ref].join('/') : cur.ref[0].id || cur.ref.join('/'))
-  if (hasValidProps(cur, 'val')) return encodeURIComponent(formatVal(cur.val, elementName, target, kind, func, cur.literal))
+  if (hasValidProps(cur, 'val'))
+    return encodeURIComponent(formatVal(cur.val, elementName, target, kind, func, cur.literal))
   if (hasValidProps(cur, 'xpr')) return `(${_xpr(cur.xpr, target, kind, isLambda)})`
   // REVISIT: How to detect the types for all functions?
   if (hasValidProps(cur, 'func')) {

package/libx/odata/{parseToCqn.js → parse/parseToCqn.js}

@@ -1,12 +1,10 @@
-const cds = require('../../lib')
+const cds = require('../../../')
 
 module.exports = (component, service, target, data, odataReq, upsert) => {
   let query = cds.odata.parse(odataReq, { service })
 
-  //For concat
-  if (component === 'READ' && Array.isArray(query)) {
-    return query
-  }
+  // for concat
+  if (component === 'READ' && Array.isArray(query)) return query
 
   const _target = query.SELECT && query.SELECT.from
 
@@ -22,7 +20,6 @@ module.exports = (component, service, target, data, odataReq, upsert) => {
       return INSERT.into(_target).entries(data)
     case 'DELETE':
       if (!one) cds.error('DELETE not allowed on collection', { code: 400 })
-
       // eslint-disable-next-line no-case-declarations
       const last = query._propertyAccess || (_target.ref && _target.ref[_target.ref.length - 1])
       if (target.elements[last] || target.elements[query._propertyAccess]) {

package/libx/odata/{utils.js → utils/index.js}

@@ -1,7 +1,43 @@
-const { toBase64url } = require('../_runtime/common/utils/binary')
-const cds = require('../_runtime/cds')
+// TODO: split into multiple files
 
-const MATH_FUNC = { round: 1, floor: 1, ceiling: 1 }
+const cds = require('../../../')
+
+const { toBase64url } = require('../../_runtime/common/utils/binary')
+const { where2obj } = require('../../_runtime/common/utils/cqn')
+
+// copied from cds-compiler/lib/edm/edmUtils.js
+const cds2edm = {
+  'cds.String': 'Edm.String',
+  // 'cds.hana.NCHAR': 'Edm.String',
+  'cds.LargeString': 'Edm.String',
+  // 'cds.hana.VARCHAR': 'Edm.String',
+  // 'cds.hana.CHAR': 'Edm.String',
+  // 'cds.hana.CLOB': 'Edm.String',
+  'cds.Binary': 'Edm.Binary',
+  // 'cds.hana.BINARY': 'Edm.Binary',
+  'cds.LargeBinary': 'Edm.Binary',
+  'cds.Decimal': 'Edm.Decimal',
+  'cds.DecimalFloat': 'Edm.Decimal',
+  // 'cds.hana.SMALLDECIMAL': 'Edm.Decimal', // V4: Scale="floating" Precision="16"
+  'cds.Integer64': 'Edm.Int64',
+  'cds.Integer': 'Edm.Int32',
+  'cds.Int64': 'Edm.Int64',
+  'cds.Int32': 'Edm.Int32',
+  'cds.Int16': 'Edm.Int16',
+  'cds.UInt8': 'Edm.Byte',
+  // 'cds.hana.SMALLINT': 'Edm.Int16',
+  // 'cds.hana.TINYINT': 'Edm.Byte',
+  'cds.Double': 'Edm.Double',
+  // 'cds.hana.REAL': 'Edm.Single',
+  'cds.Date': 'Edm.Date',
+  'cds.Time': 'Edm.TimeOfDay',
+  'cds.DateTime': 'Edm.DateTimeOffset',
+  'cds.Timestamp': 'Edm.DateTimeOffset',
+  'cds.Boolean': 'Edm.Boolean',
+  'cds.UUID': 'Edm.Guid'
+  // 'cds.hana.ST_POINT': 'Edm.GeometryPoint',
+  // 'cds.hana.ST_GEOMETRY': 'Edm.Geometry',
+}
 
 const odataError = (code, message) => ({ error: { code, message } })
 
@@ -26,11 +62,6 @@ const getSafeNumber = inputString => {
   return inputString
 }
 
-const UUID = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i
-const _PT = ([hh, mm, ss]) => `PT${hh}H${mm}M${ss}S`
-const _isTimestamp = val =>
-  /^\d+-\d\d-\d\d(T\d\d:\d\d(:\d\d(\.\d+)?)?(Z|([+-]{1}\d\d:\d\d))?)?$/.test(val) && !isNaN(Date.parse(val))
-
 const _getElement = (csnTarget, key) => {
   if (csnTarget) {
     if (csnTarget.elements) {
@@ -68,6 +99,8 @@ const _getElement = (csnTarget, key) => {
   }
 }
 
+const _PT = ([hh, mm, ss]) => `PT${hh}H${mm}M${ss}S`
+
 const _v2 = (val, element) => {
   switch (element.type) {
     case 'cds.UUID':
@@ -155,6 +188,12 @@ const _v4 = (val, element) => {
   }
 }
 
+const UUID = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i
+const MATH_FUNC = { round: 1, floor: 1, ceiling: 1 }
+
+const _isTimestamp = val =>
+  /^\d+-\d\d-\d\d(T\d\d:\d\d(:\d\d(\.\d+)?)?(Z|([+-]{1}\d\d:\d\d))?)?$/.test(val) && !isNaN(Date.parse(val))
+
 const formatVal = (val, elementName, csnTarget, kind, func, literal) => {
   if (val === null || val === 'null') return 'null'
   if (typeof val === 'boolean') return val
@@ -230,9 +269,56 @@ const skipToken = (token, cqn) => {
   }
 }
 
+// REVISIT: do we already have something like this _without using okra api_?
+const getKeysFromPath = (from, srv) => {
+  const keys = {}
+  // own
+  if (from.ref[from.ref.length - 1].where) {
+    Object.assign(keys, where2obj(from.ref[from.ref.length - 1].where))
+  }
+  // previous path segments
+  if (from.ref.length > 1) {
+    const entities = []
+    let cur = srv.model.definitions
+    for (let i = 0; i < from.ref.length; i++) {
+      const id = from.ref[i].id || from.ref[i]
+      const t = cur[id]._target || cur[id]
+      entities.push(t)
+      cur = t.elements
+    }
+    for (let i = from.ref.length - 2; i >= 0; i--) {
+      const ref = from.ref[i]
+      if (ref.where) {
+        const relation = entities[i]._relations[from.ref[i + 1].id || from.ref[i + 1]].join('target', 'source')
+        const seg_keys = where2obj(ref.where)
+        if (relation?.[0].xpr) {
+          const join = [...relation[0].xpr]
+          while (join.length >= 3) {
+            const [left, _, right] = join.splice(0, 4)
+            if (left.ref?.[0] === 'target') {
+              if (left.ref[1] in keys) break // we already added the foreign key for the last segment
+              keys[left.ref[1]] = 'val' in right ? right.val : seg_keys[right.ref[1]]
+            } else if (right.ref?.[0] === 'target') {
+              if (right.ref[1] in keys) break // we already added the foreign key for the last segment
+              keys[right.ref[1]] = 'val' in left ? left.val : seg_keys[left.ref[1]]
+            } else {
+              // REVISIT: what to do here?
+            }
+          }
+        } else {
+          // REVISIT: what to do here?
+        }
+      }
+    }
+  }
+  return keys
+}
+
 module.exports = {
+  cds2edm,
   getSafeNumber,
   formatVal,
   skipToken,
-  odataError
+  odataError,
+  getKeysFromPath
 }

package/libx/outbox/index.js

@@ -31,7 +31,7 @@ const _getMessagesEntity = () => {
 // REVISIT: Is this always a reliable way to identify the provider tenant?
 //          Are there scenarios where the credentials have a different format?
 const _isProviderTenant = tenant =>
-  cds.requires.auth && cds.requires.auth.credentials && cds.requires.auth.credentials.identityzoneid === tenant
+  cds.requires.auth && cds.requires.auth.credentials && cds.requires.auth.credentials.identityzoneid === tenant || cds.requires.multitenancy.t0 === tenant
 
 const hasPersistentOutbox = tenant => {
   if (!cds.requires.outbox || cds.requires.outbox.kind !== 'persistent-outbox') return false
@@ -275,6 +275,7 @@ function outboxed(srv, customOpts) {
       await writeInOutbox(srv.name, req, context)
       return
     }
+
     if (!context[$stored_reqs]) {
       context[$stored_reqs] = [] 
       context.on('succeeded', async () => {

package/libx/rest/RestAdapter.js

@@ -135,7 +135,6 @@ const RestAdapter = function (srv) {
           case 'PATCH':
             ;({ result, status } = await update(req))
             break
-
           case 'DELETE':
             ;({ result, status } = await deleet(req))
             break

package/libx/rest/middleware/operation.js

@@ -2,9 +2,11 @@ const cds = require('../../_runtime/cds')
 
 const RestRequest = require('../RestRequest')
 
-const { checkStatic, CDS_TYPE_CHECKS } = require('../../_runtime/cds-services/util/assert')
+const { checkStatic } = require('../../_runtime/cds-services/util/assert')
 const getError = require('../../_runtime/common/error')
 
+const typeCheckers = require('../../common/assert/type')
+
 // REVISIT: use i18n
 const _enrichErrorDetails = (isPrimitive, error) => {
   const element = error.target ? ` '${error.target}' ` : ' '
@@ -38,10 +40,10 @@ const _validateReturnType = (operation, data) => {
   // Return type contains primitives
   // eslint-disable-next-line no-proto
   const _type = typeof returnType._type === 'object' ? returnType.__proto__._type : returnType._type // REVISIT: super dirty hack for compiler's to.edmx polluting the csn definitions with ._type -> please use Symbols instead
-  const check = CDS_TYPE_CHECKS[_type] // IMPORTANT: use ._type
-  if (check) {
+  const typeChecker = typeCheckers[_type] // IMPORTANT: use ._type
+  if (typeChecker) {
     const array = Array.isArray(data) ? data : [data]
-    checkResult = array.filter(value => !check(value)).map(value => ({ type: _type, value }))
+    checkResult = array.filter(value => !typeChecker(value)).map(value => ({ type: _type, value }))
   } else {
     if (typeof data !== 'object') {
       throw new Error(

package/libx/rest/middleware/parse.js

@@ -20,7 +20,11 @@ module.exports = srv => (req, res, next) => {
     __target: definition,
     SELECT: { one }
   } = query
-  if (typeof definition === 'string') definition = srv.model.definitions[definition] || srv.model.definitions[definition.split(':$:')[0]].actions[definition.split(':$:')[1]]
+  if (typeof definition === 'string') {
+    definition =
+      srv.model.definitions[definition] ||
+      srv.model.definitions[definition.split(':$:')[0]].actions[definition.split(':$:')[1]]
+  }
   delete query.__target
 
   // REVISIT: hack for actions and functions
@@ -101,8 +105,22 @@ module.exports = srv => (req, res, next) => {
     if (operation && (operation.kind === 'action' || operation.kind === 'function') && !operation.params) {
       req._data = {}
     } else {
+      // TODO: add keys from url into payload (overwriting if already present) -> document this behavior, also for OData
       const payload = deepCopy(args || req.body)
-      convertStructured(srv, operation || definition, payload, { cleanupStruct: cds.env.features.rest_struct_data })
+      if (cds.env.features.cds_assert) {
+        const assertOptions = {
+          filter: true,
+          http: { req },
+          mandatories: req.method === 'POST' || req.method === 'PUT' || undefined
+        }
+        const errs = cds.assert(payload, definition, assertOptions)
+        if (errs) {
+          if (errs.length === 1) throw errs[0]
+          throw Object.assign(new Error('MULTIPLE_ERRORS'), { statusCode: 400, details: errs })
+        }
+      } else {
+        convertStructured(srv, operation || definition, payload, { cleanupStruct: cds.env.features.rest_struct_data })
+      }
       req._data = payload
     }
   }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sap/cds",
-  "version": "7.6.4",
+  "version": "7.7.1",
   "description": "SAP Cloud Application Programming Model - CDS for Node.js",
   "homepage": "https://cap.cloud.sap/",
   "keywords": [