@sap/cds 7.9.3 → 8.0.3

package/libx/odata/middleware/read.js

@@ -1,11 +1,16 @@
 const cds = require('../../../')
-const { toODataResult, postProcess } = require('../utils/result')
+
 const querystring = require('node:querystring')
-const { getKeysAndParamsFromPath, handleSapMessages, validateIfNoneMatch, getPreferReturnHeader } = require('../utils')
-const { handleStreamProperties } = require('../../_runtime/common/utils/streamProp')
 
-const metaInfo = require('../utils/metaInfo')
+const { handleSapMessages, validateIfNoneMatch, getPreferReturnHeader } = require('../utils')
+const getODataMetadata = require('../utils/metadata')
+const postProcess = require('../utils/postProcess')
+const getODataResult = require('../utils/result')
+
+const { getKeysAndParamsFromPath } = require('../../common/utils')
+
 const { getPageSize } = require('../../_runtime/common/generic/paging')
+const { handleStreamProperties } = require('../../_runtime/common/utils/streamProp')
 
 const _getCount = result =>
   Array.isArray(result)
@@ -89,7 +94,7 @@ const resolveProxyExpands = ({ SELECT: { columns }, target: entity }, service) =
 
   for (const column of columns) {
     if (column.expand) {
-      _checkExpandDeep(column, entity.elements[column.ref[0]]._target, service.namespace)
+      _checkExpandDeep(column, entity.elements[column.ref[0]]._target, service.definition.name)
     }
   }
 }
@@ -107,143 +112,162 @@ const _count = result => {
     : result.$count ?? result._counted_ ?? 0
 }
 
-// basically stolen from old read handler without understanding it ^^
-const _handleArrayOfQueries = (srv, req, res, next) => {
-  const info = metaInfo(req._query, 'READ', srv, {}, req, false)
-  const cdsReq = new cds.Request({ query: req._query, req, res })
-  srv
-    .dispatch(cdsReq)
-    .then(result => {
-      handleSapMessages(cdsReq, req, res)
-
-      if (req.url.match(/\/\$count/)) return res.set('content-type', 'text/plain').send(_count(result).toString())
-
-      for (let i = 0; i < result.length; i++) {
-        // Add OData context, if it deviates from main context
-        if (i !== 0 && info.metadata.contextUrl !== info.metadata.additionalContextUrl[i - 1])
-          result[i].forEach(entry => (entry['@odata.context'] = info.metadata.additionalContextUrl[i - 1]))
-      }
+// REVISIT: integrate with default handler
+const _handleArrayOfQueriesFactory = adapter => {
+  const { service } = adapter
+
+  return (req, res, next) => {
+    const cdsReq = adapter.request4({ query: req._query, req, res })
+
+    // NOTES:
+    // - only via srv.run in combination with srv.dispatch inside,
+    //   we automatically either use a single auto-managed tx for the req (i.e., insert and read after write in same tx)
+    //   or the auto-managed tx opened for the respective atomicity group, if exists
+    // - in the then block of .run(), the transaction is committed (i.e., before sending the response) if a single auto-managed tx is used
+    return service
+      .run(() => {
+        return service.dispatch(cdsReq).then(result => {
+          // nothing to do
+          return result
+        })
+      })
+      .then(result => {
+        handleSapMessages(cdsReq, req, res)
+
+        if (req.url.match(/\/\$count/)) return res.set('Content-Type', 'text/plain').send(_count(result).toString())
+
+        const { context: mainOdataContext } = getODataMetadata(req._query[0], {
+          result: result[0],
+          isCollection: !req._query[0].SELECT.one
+        })
+        for (let i = 0; i < result.length; i++) {
+          const { context: subOdataContext } = getODataMetadata(req._query[i], {
+            result: result[i],
+            isCollection: !req._query[i].SELECT.one
+          })
+          // Add OData context, if it deviates from main context
+          if (i !== 0 && mainOdataContext !== subOdataContext) {
+            result[i].forEach(entry => (entry['@odata.context'] = subOdataContext))
+          }
+        }
 
-      res.set('content-type', 'application/json;IEEE754Compatible=true')
-      const flatRes = result.flat(Infinity)
-      if (cdsReq.query[0].SELECT.count) flatRes.$count = flatRes.length
-      res.send(toODataResult(flatRes, info))
-    })
-    .catch(next)
+        result = result.flat(Infinity)
+        if (cdsReq.query[0].SELECT.count) result.$count = result.length
+
+        result = getODataResult(
+          result,
+          { context: mainOdataContext },
+          { isCollection: !req._query[0].SELECT.one, property: req._query[0]._propertyAccess }
+        )
+        res.send(result)
+      })
+      .catch(err => {
+        handleSapMessages(cdsReq, req, res)
+
+        next(err)
+      })
+  }
 }
 
-module.exports = srv =>
-  function read(req, res, next) {
+module.exports = adapter => {
+  const { service } = adapter
+
+  const _handleArrayOfQueries = _handleArrayOfQueriesFactory(adapter)
+
+  return function read(req, res, next) {
     if (getPreferReturnHeader(req)) {
       const msg = `The 'return' preference is not allowed in ${req.method} requests`
       throw Object.assign(new Error(msg), { statusCode: 400 })
     }
 
     // $apply with concat -> multiple queries with special handling
-    if (Array.isArray(req._query)) return _handleArrayOfQueries(srv, req, res, next)
+    if (Array.isArray(req._query)) return _handleArrayOfQueries(req, res, next)
 
     // REVISIT: better solution for _propertyAccess
     let {
-      SELECT: { from },
+      SELECT: { from, one },
       target,
       _propertyAccess
     } = req._query
     const { _query: query } = req
 
     // payload & params
-    const { keys, params } = getKeysAndParamsFromPath(from, srv)
+    const { keys, params } = getKeysAndParamsFromPath(from, service)
     const data = keys //> for read and delete, we provide keys in req.data
 
     // cdsReq.headers should contain merged headers of envelope and subreq
     const headers = { ...cds.context.http.req.headers, ...req.headers }
 
     // we need a cds.Request for multiple reasons, incl. params, headers, sap-messages, read after write, ...
-    const cdsReq = new cds.Request({ query, data, params, headers, req, res })
-    Object.defineProperty(cdsReq, 'protocol', { value: 'odata-v4' })
-
-    // API for subrequests of $batch (or incoming request)
-    cdsReq.req = req
-    cdsReq.res = res
+    const cdsReq = adapter.request4({ query, data, params, headers, req, res })
 
     // REVISIT: what is this for? some tests fail without it... we should find a better solution!
     Object.defineProperty(query.SELECT, '_4odata', { value: true })
 
-    // do now to get meta info before the query is rewritten + to know return type
-    const info = metaInfo(query, 'READ', srv, {}, req, false)
-
-    // FIXME: wrong contextUrl for SiblingEntity
-    if (info.metadata.contextUrl.match(/\/SiblingEntity\//)) {
-      const split = info.metadata.contextUrl.split('/')
-      const i = split.findIndex(s => s === 'SiblingEntity')
-      split.splice(i, 1)
-      if (split[i - 1].match(/IsActiveEntity=false/)) {
-        split[i - 1] = split[i - 1].replace('IsActiveEntity=false', 'IsActiveEntity=true')
-        info.metadata.contextUrl = split.join('/')
-      } else {
-        info.metadata.contextUrl = split.join('/').replace(/IsActiveEntity=true/g, 'IsActiveEntity=false')
-      }
-    }
-
-    const lastPathElement = req.path.split('/').slice(-1)[0]
-
     if (cds.env.effective.odata.proxies && cds.env.effective.odata.xrefs) {
       // REVISIT check above is still not perfect solution
-      resolveProxyExpands(query, srv)
+      resolveProxyExpands(query, service)
     }
 
-    handleStreamProperties(target, query.SELECT.columns, srv.model)
+    if (!query.SELECT.columns) query.SELECT.columns = ['*']
+
+    handleStreamProperties(target, query.SELECT.columns, service.model)
 
     // REVISIT: what is this for? some tests fail without it... we should find a better solution!
     Object.defineProperty(query.SELECT, '_4odata', { value: true })
 
-    return srv
-      .dispatch(cdsReq)
-      .then(result => {
-        handleSapMessages(cdsReq, req, res)
-
-        if (result == null) {
-          if (!query.SELECT.one) {
-            result = []
-            if (req.query.$count) result.$count = 0
-          } else if (_isNullableSingleton(query) || _isToOneAssoc(query)) {
-            return res.sendStatus(204)
-          } else {
+    // NOTES:
+    // - only via srv.run in combination with srv.dispatch inside,
+    //   we automatically either use a single auto-managed tx for the req (i.e., insert and read after write in same tx)
+    //   or the auto-managed tx opened for the respective atomicity group, if exists
+    // - in the then block of .run(), the transaction is committed (i.e., before sending the response) if a single auto-managed tx is used
+    return service
+      .run(() => {
+        return service.dispatch(cdsReq).then(result => {
+          // 404
+          if (result == null && query.SELECT.one && !(_isNullableSingleton(query) || _isToOneAssoc(query))) {
             throw Object.assign(new Error('404'), { statusCode: 404 })
           }
-        }
-
-        if (validateIfNoneMatch(cdsReq, req, result)) {
-          return res.status(304).end()
-        }
 
-        // express always handles if-none-match header (see req.fresh)
-        if (!cdsReq.target._etag && req.headers['if-none-match']) {
-          delete req.headers['if-none-match']
-        }
+          return result
+        })
+      })
+      .then(result => {
+        handleSapMessages(cdsReq, req, res)
 
+        // 204
+        if (result == null && query.SELECT.one) return res.sendStatus(204)
         if (_propertyAccess && result[_propertyAccess] === null) return res.sendStatus(204)
 
-        if (lastPathElement === '$count') {
-          result = _getCount(result)
-          return res.set('content-type', 'text/plain').send(result.toString())
-        }
+        // 304
+        if (validateIfNoneMatch(cdsReq.target, req.headers?.['if-none-match'], result)) return res.sendStatus(304)
 
-        if (lastPathElement === '$value' && _propertyAccess) {
-          return res.set('content-type', 'text/plain').send(result[_propertyAccess].toString())
+        if (result == null) {
+          result = []
+          if (req.query.$count) result.$count = 0
         }
 
-        if (info.metadata.isCollection) _calculateNextLink(cdsReq, result)
-        postProcess(cdsReq.target, srv, result)
-        if (result['$etag']) res.set('etag', result['$etag'])
-        result = toODataResult(result, info)
+        if (!one) _calculateNextLink(cdsReq, result)
+        postProcess(cdsReq.target, service, result)
+        if (result?.$etag) res.set('ETag', result.$etag) //> must be done after post processing
+
+        const lastSeg = req.path.split('/').slice(-1)[0]
+        if (lastSeg === '$count') return res.set('Content-Type', 'text/plain').send(_getCount(result).toString())
+        if (lastSeg === '$value' && _propertyAccess) {
+          if (cdsReq.target.elements[_propertyAccess].type === 'cds.Binary')
+            return res.set('Content-Type', 'application/octet-stream').send(result[_propertyAccess])
+          else return res.set('Content-Type', 'text/plain').send(result[_propertyAccess].toString())
+        }
 
-        // Express interprets numbers as HTTP status codes
-        const isNumber = typeof result === 'number'
-        res.set('content-type', isNumber ? 'text/plain' : 'application/json;IEEE754Compatible=true')
-        res.send(isNumber ? result.toString() : result)
+        const metadata = getODataMetadata(query, { result, isCollection: !one })
+        result = getODataResult(result, metadata, { isCollection: !one, property: _propertyAccess })
+        res.send(result)
       })
       .catch(err => {
+        // REVISIT: move error middleware -> applies to all these anti patterns
         handleSapMessages(cdsReq, req, res)
+
         next(err)
       })
   }
+}

package/libx/odata/middleware/service-document.js

@@ -1,31 +1,29 @@
 const cds = require('../../../')
 
 const crypto = require('crypto')
-const metaInfo = require('../utils/metaInfo')
 
-const normalize_header = value => {
-  return value.split(',').map(str => str.trim())
-}
+const getODataMetadata = require('../utils/metadata')
+
+const normalize_header = value => value.split(',').map(str => str.trim())
 
 const validate_etag = (header, etag) => {
   const normalized = normalize_header(header)
   return normalized.includes(etag) || normalized.includes('*') || normalized.includes('"*"')
 }
 
-const generateEtag = s => {
-  return `W/"${crypto.createHash('sha256').update(s).digest('base64')}"`
-}
+const generateEtag = s => `W/"${crypto.createHash('sha256').update(s).digest('base64')}"`
+
+module.exports = adapter => {
+  const { service } = adapter
 
-module.exports = srv =>
-  function service_document(req, res) {
-    if (req.method === 'HEAD') return res.end()
-    if (req.method !== 'GET') {
+  return function service_document(req, res) {
+    if (req.method !== 'GET' && req.method !== 'HEAD') {
       const msg = `Method ${req.method} is not allowed for calls to the service endpoint`
       throw Object.assign(new Error(msg), { statusCode: 405 })
     }
 
-    const m = cds.context.model || cds.model
-    const csnService = (cds.context.model || cds.model).definitions[srv.name]
+    const model = cds.context.model || cds.model
+    const csnService = model.definitions[service.definition.name]
 
     if (req.headers['if-match']) {
       if (csnService.srvDocEtag) {
@@ -38,25 +36,29 @@ module.exports = srv =>
       if (csnService.srvDocEtag) {
         const unchanged = validate_etag(req.headers['if-none-match'], csnService.srvDocEtag)
         if (unchanged) {
-          res.set('etag', csnService.srvDocEtag)
+          res.set('ETag', csnService.srvDocEtag)
           return res.status(304).end()
         }
       }
     }
 
-    const srvEntities = m.childrenOf(srv.name)
+    const srvEntities = model.entities(service.definition.name)
+
     // REVISIT: How to identify the exposed entities? api.ignore, autoexposed, ...
     const exposedEntities = Object.keys(srvEntities).filter(
-      e => !srvEntities[e]['@cds.api.ignore'] && e !== 'DraftAdministrativeData'
+      entityName => !srvEntities[entityName]['@cds.api.ignore'] && entityName !== 'DraftAdministrativeData'
     )
 
     csnService.srvDocEtag = generateEtag(JSON.stringify(exposedEntities))
-    res.set('etag', csnService.srvDocEtag)
+    res.set('ETag', csnService.srvDocEtag)
 
-    const info = metaInfo({ SELECT: { from: { ref: [srv.name] } } }, 'READ', srv, {}, req, false)
+    const { context: odataContext } = getODataMetadata({
+      SELECT: { from: { ref: [service.definition.name] } },
+      _target: service.definition
+    })
 
     return res.json({
-      '@odata.context': info.metadata.contextUrl,
+      '@odata.context': odataContext,
       '@odata.metadataEtag': csnService.srvDocEtag,
       value: exposedEntities.map(e => {
         const e_ = e.replace(/\./g, '_')
@@ -64,3 +66,4 @@ module.exports = srv =>
       })
     })
   }
+}

package/libx/odata/middleware/stream.js

@@ -1,9 +1,14 @@
 const cds = require('../../../')
+const LOG = cds.log('odata')
+
 const { Readable } = require('node:stream')
+
+const { handleSapMessages, validateIfNoneMatch, isStream, isRedirect } = require('../utils')
+
+const { getKeysAndParamsFromPath } = require('../../common/utils')
+
 const getError = require('../../_runtime/common/error')
 const { getTransition } = require('../../_runtime/common/utils/resolveView')
-const LOG = cds.log('odata')
-const { getKeysAndParamsFromPath, handleSapMessages, validateIfNoneMatch } = require('../utils')
 
 const _resolveContentProperty = (target, annotName, resolvedProp) => {
   if (target.elements[resolvedProp]) {
@@ -18,18 +23,6 @@ const _resolveContentProperty = (target, annotName, resolvedProp) => {
   return key?.length && key[0]
 }
 
-const isStream = query => {
-  const { _propertyAccess, target } = query
-  if (!_propertyAccess) return
-
-  const element = target.elements[_propertyAccess]
-  return element._type === 'cds.LargeBinary' && element['@Core.MediaType']
-}
-
-const isStreamByDollarValue = (query, previous, last) => {
-  return query.SELECT?.one && last === '$value' && !(previous in query.target.elements)
-}
-
 const _addMetadataProperty = (query, property, annotName, odataName) => {
   if (typeof property[annotName] === 'object') {
     const contentProperty = _resolveContentProperty(
@@ -46,7 +39,7 @@ const _addMetadataProperty = (query, property, annotName, odataName) => {
   }
 }
 
-const addStreamMetadata = query => {
+const _addStreamMetadata = query => {
   // new odata parser sets streaming property in SELECT.from
   const ref = query.SELECT.columns?.[0].ref || query.SELECT.from.ref
   const propertyName = ref.at(-1)
@@ -78,7 +71,7 @@ const addStreamMetadata = query => {
   }
 }
 
-const validateStream = (req, result) => {
+const _validateStream = (req, result) => {
   // REVISIT: compat, should actually be treated as object
   if (!Array.isArray(result)) result = [result]
 
@@ -115,7 +108,7 @@ const _ensureStream = stream => {
   return stream_
 }
 
-const normalizeStream = (result, propertyName, lastPathElement, target) => {
+const _normalizeStream = (result, propertyName, lastPathElement, target) => {
   if (!result) return null
 
   let readable = result
@@ -151,8 +144,8 @@ const normalizeStream = (result, propertyName, lastPathElement, target) => {
   return readable
 }
 
-const setStreamingHeaders = (result, res) => {
-  // backwards compatibility for content-type in stream
+const _setStreamingHeaders = (result, res) => {
+  // backwards compatibility for Content-Type in stream
   if (result['$mediaContentType']) res.setHeader('Content-Type', result.$mediaContentType)
   else if (result['*@odata.mediaContentType']) res.setHeader('Content-Type', result['*@odata.mediaContentType'])
   else res.setHeader('Content-Type', 'application/octet-stream')
@@ -160,22 +153,32 @@ const setStreamingHeaders = (result, res) => {
   if ('$mediaContentDispositionFilename' in result) {
     const cdt = result.$mediaContentDispositionType || 'attachment'
     res.setHeader(
-      'Content-Disposition',
+      'content-disposition',
       `${cdt}; filename="${encodeURIComponent(result.$mediaContentDispositionFilename)}"`
     )
   }
 }
 
-const stream = srv =>
-  function streamHandler(req, res, next) {
+module.exports = adapter => {
+  const { service } = adapter
+
+  return function stream(req, res, next) {
     const { _query: query } = req
 
     // $apply with concat -> multiple queries with special handling -> read only, no stream?
     if (Array.isArray(query)) return next()
 
-    const [previous, lastPathElement] = req.path.split('/').slice(-2)
-    const _isStreamByDollarValue = isStreamByDollarValue(query, previous, lastPathElement)
+    if (isRedirect(query)) {
+      const cdsReq = adapter.request4({ query, req, res })
+      service.dispatch(cdsReq).then(result => {
+        if (result[query._propertyAccess]) res.set('Location', result[query._propertyAccess])
+        return res.sendStatus(307)
+      })
+    }
 
+    const [previous, lastPathElement] = req.path.split('/').slice(-2)
+    const _isStreamByDollarValue =
+      query.SELECT?.one && lastPathElement === '$value' && !(previous in query.target.elements)
     if (_isStreamByDollarValue) {
       for (const k in query.target.elements) {
         if (query.target.elements[k]['@Core.MediaType']) {
@@ -193,64 +196,59 @@ const stream = srv =>
     if (!_isStream) return next()
 
     if (!query.target['@cds.persistence.skip'] && !isMimeTypeStreamedByDefault) {
-      addStreamMetadata(query)
+      _addStreamMetadata(query)
     }
 
     // we need the cds request, so we can access the modified query, which is cloned due to lean-draft, so we need to use dispatch here and pass a cds req
-    const cdsReq = new cds.Request({ query, req, res })
-    Object.defineProperty(cdsReq, 'protocol', { value: 'odata-v4' })
+    const cdsReq = adapter.request4({ query, req, res })
 
     // for read and delete, we provide keys in req.data
     // payload & params
-    const { keys } = getKeysAndParamsFromPath(query.SELECT.from, srv)
+    const { keys } = getKeysAndParamsFromPath(query.SELECT.from, service)
     cdsReq.data = keys
 
     // REVISIT: what is this for? some tests fail without it... we should find a better solution!
     Object.defineProperty(query.SELECT, '_4odata', { value: true })
 
-    return srv
-      .tx(() => {
-        return srv.dispatch(cdsReq).then(async result => {
-          handleSapMessages(cdsReq, req, res)
-          validateStream(req, result)
+    // NOTES:
+    // - only via srv.run in combination with srv.dispatch inside,
+    //   we automatically either use a single auto-managed tx for the req (i.e., insert and read after write in same tx)
+    //   or the auto-managed tx opened for the respective atomicity group, if exists
+    // - in the then block of .run(), the transaction is committed (i.e., before sending the response) if a single auto-managed tx is used
+    return service
+      .run(() => {
+        return service.dispatch(cdsReq).then(async result => {
+          _validateStream(req, result)
 
-          if (validateIfNoneMatch(cdsReq, req, result)) {
-            return res.status(304).end()
-          }
+          if (validateIfNoneMatch(cdsReq.target, req.headers?.['if-none-match'], result)) return res.sendStatus(304)
 
-          const stream = normalizeStream(result, query._propertyAccess, lastPathElement, query.target)
-          if (stream === null) {
-            res.status(204)
-            return
-          }
+          const stream = _normalizeStream(result, query._propertyAccess, lastPathElement, query.target)
+          if (stream === null) return res.sendStatus(204)
 
-          if (pdfMimeType) {
-            if (!result.$mediaContentType) result.$mediaContentType = 'application/pdf'
-          }
+          if (pdfMimeType && !result.$mediaContentType) result.$mediaContentType = 'application/pdf'
 
-          setStreamingHeaders(result, res)
+          _setStreamingHeaders(result, res)
 
           return new Promise((resolve, reject) => {
-            if (res.destroyed) return reject(new Error('Response is closed while streaming'))
+            if (res.destroyed) return reject(new Error('Response was closed while streaming'))
             stream.pipe(res)
             stream.on('end', () => resolve(result))
             stream.once('error', reject)
             let finished = false
-            res.on('finish', () => {
-              finished = true
-            })
-            res.on('close', () => !finished && reject(new Error('Response is closed while streaming')))
+            res.on('finish', () => (finished = true))
+            res.on('close', () => !finished && reject(new Error('Response was closed while streaming')))
           })
         })
       })
       .then(() => {
-        // we use an extra then block, after getting the result, so the transaction is commited, before sending the response
+        handleSapMessages(cdsReq, req, res)
+
         res.end()
       })
-      .catch(next) // catch outside of transaction, so tx is rolled back automatically in case of error
-  }
+      .catch(err => {
+        handleSapMessages(cdsReq, req, res)
 
-module.exports = {
-  stream,
-  isStream
+        next(err)
+      })
+  }
 }