@sap/cds 8.0.3 → 8.1.0

package/libx/odata/middleware/batch.js

@@ -13,8 +13,6 @@ const HTTP_METHODS = { GET: 1, POST: 1, PUT: 1, PATCH: 1, DELETE: 1 }
 const CT = { JSON: 'application/json', MULTIPART: 'multipart/mixed' }
 const CRLF = '\r\n'
 
-const CONTINUE_ON_ERROR = /odata\.continue-on-error/
-
 /*
  * common
  */
@@ -99,16 +97,17 @@ const _validateBatch = body => {
         _validateProperty('dependent request ID', dependsOnId, 'string')
 
         const dependency = ids[dependsOnId]
-        if (!dependency)
-          throw _deserializationError(`Request ID '${dependsOnId}' used in dependsOn has not been defined before.`)
-
-        const dependencyAtomicityGroup = dependency.atomicityGroup
-        if (
-          dependencyAtomicityGroup &&
-          dependencyAtomicityGroup !== atomicityGroup &&
-          !request.dependsOn.includes(dependencyAtomicityGroup)
-        )
-          request.dependsOn.push(dependencyAtomicityGroup)
+        if (!dependency) {
+          throw _deserializationError(
+            `"${dependsOnId}" does not match the id or atomicity group of any preceding request`
+          )
+        }
+
+        // automatically add the atomicityGroup of the dependency as a dependency (actually a client error)
+        const dag = dependency.atomicityGroup
+        if (dag && dag !== atomicityGroup && !request.dependsOn.includes(dag)) {
+          request.dependsOn.push(dag)
+        }
       })
     }
 
@@ -227,7 +226,7 @@ const _getNextForLookalike = lookalike => {
 const _transaction = async srv => {
   return new Promise(res => {
     const ret = {}
-    const _tx = srv.tx(
+    const _tx = (ret._tx = srv.tx(
       async () =>
         (ret.promise = new Promise((resolve, reject) => {
           const proms = []
@@ -253,10 +252,49 @@ const _transaction = async srv => {
           }
           res(ret)
         }))
-    )
+    ))
   })
 }
 
+const _tx_done = async (tx, responses, isJson) => {
+  let rejected
+  try {
+    rejected = await tx.done()
+  } catch (e) {
+    // here, the commit was rejected even though all requests were successful (e.g., by custom handler or db consistency check)
+    rejected = 'rejected'
+    // construct commit error
+    let statusCode = e.statusCode || e.status || (e.code && Number(e.code))
+    if (isNaN(statusCode)) statusCode = 500
+    const code = String(e.code || statusCode)
+    const message = e.message || 'Internal Server Error'
+    const error = { error: { ...e, code, message } }
+    // replace all responses with commit error
+    for (const res of responses) {
+      res.status = 'fail'
+      // REVISIT: should error go through any error middleware/ customization logic?
+      if (isJson) {
+        let txt = ''
+        for (let i = 0; i < res.txt.length; i++) txt += Buffer.isBuffer(res.txt[i]) ? res.txt[i].toString() : res.txt[i]
+        txt = JSON.parse(txt)
+        txt.status = statusCode
+        txt.body = error
+        // REVISIT: content-length needed? not there in multipart case...
+        delete txt.headers['content-length']
+        res.txt = [JSON.stringify(txt)]
+      } else {
+        let txt = res.txt[0]
+        txt = txt.replace(/HTTP\/1\.1 \d\d\d \w+/, `HTTP/1.1 ${statusCode} ${message}`)
+        txt = txt.split(/\r\n/)
+        txt.splice(-1, 1, JSON.stringify(error))
+        txt = txt.join('\r\n')
+        res.txt = [txt]
+      }
+    }
+  }
+  return rejected
+}
+
 const _processBatch = async (srv, router, req, res, next, body, ct, boundary) => {
   body ??= req.body
   ct ??= 'JSON'
@@ -268,6 +306,14 @@ const _processBatch = async (srv, router, req, res, next, body, ct, boundary) =>
   }
   const _formatResponse = isJson ? _formatResponseJson : _formatResponseMultipart
 
+  // continue-on-error defaults to true in json batch
+  let continue_on_error = req.headers.prefer?.match(/odata\.continue-on-error(=(\w+))?/)
+  if (!continue_on_error) {
+    continue_on_error = isJson ? true : false
+  } else {
+    continue_on_error = continue_on_error[2] === 'false' ? false : true
+  }
+
   try {
     const ids = _validateBatch(body) // REVISIT: we will not be able to validate the whole once we stream
 
@@ -304,13 +350,13 @@ const _processBatch = async (srv, router, req, res, next, body, ct, boundary) =>
         if (tx) {
           // Each change in `atomicityGroup` results in a new transaction. We execute them in sequence to avoid too many database connections.
           // In the future, we might make this configurable (e.g. allow X parallel connections per HTTP request).
-          const rejected = await tx.done()
+          const rejected = await _tx_done(tx, responses, isJson)
           if (tx.failed?.res.statusCode === 401 && req._login) return req._login()
           else sendPreludeOnce()
           isJson
             ? _writeResponseJson(responses, res)
             : _writeResponseMultipart(responses, res, rejected, previousAtomicityGroup, boundary)
-          if (rejected && !CONTINUE_ON_ERROR.test(req.headers.prefer)) {
+          if (rejected && !continue_on_error) {
             tx = null
             break
           }
@@ -318,7 +364,7 @@ const _processBatch = async (srv, router, req, res, next, body, ct, boundary) =>
 
         responses = []
         tx = await _transaction(srv)
-        if (atomicityGroup) ids[atomicityGroup].promise = tx.promise
+        if (atomicityGroup) ids[atomicityGroup].promise = tx._tx
       }
 
       tx.add(() => {
@@ -329,12 +375,13 @@ const _processBatch = async (srv, router, req, res, next, body, ct, boundary) =>
             const results = await Promise.allSettled(dependencies)
             const dependendOnFailed = results.some(({ status }) => status === 'rejected')
             if (dependendOnFailed) {
+              tx.id = request.id
               tx.res = {
                 getHeaders: () => {},
-                statusCode: 404,
+                statusCode: 424,
                 _chunk: JSON.stringify({
-                  status: 404,
-                  message: `Dependency for Request ${request.id} failed to execute`
+                  code: '424',
+                  message: 'Failed Dependency'
                 })
               }
               throw tx
@@ -375,14 +422,14 @@ const _processBatch = async (srv, router, req, res, next, body, ct, boundary) =>
           const resp = { status: 'ok' }
           if (separator) resp.separator = separator
           else separator = isJson ? Buffer.from(',') : Buffer.from(CRLF)
-          resp.txt = _formatResponse(req, boundary)
+          resp.txt = _formatResponse(req, atomicityGroup)
           responses.push(resp)
         })
         .catch(failedReq => {
           const resp = { status: 'fail' }
           if (separator) resp.separator = separator
           else separator = isJson ? Buffer.from(',') : Buffer.from(CRLF)
-          resp.txt = _formatResponse(failedReq, boundary)
+          resp.txt = _formatResponse(failedReq, atomicityGroup)
           tx.failed = failedReq
           responses.push(resp)
         })
@@ -392,7 +439,7 @@ const _processBatch = async (srv, router, req, res, next, body, ct, boundary) =>
 
     if (tx) {
       // The last open transaction must be finished
-      const rejected = await tx.done()
+      const rejected = await _tx_done(tx, responses, isJson)
       if (tx.failed?.res.statusCode === 401 && req._login) return req._login()
       else sendPreludeOnce()
       isJson
@@ -479,19 +526,19 @@ const _formatStatics = {
   close: Buffer.from('}')
 }
 
-const _formatResponseJson = request => {
+const _formatResponseJson = (request, atomicityGroup) => {
   const { id, res: response } = request
 
-  const raw = Buffer.from(
-    JSON.stringify({
-      id,
-      status: response.statusCode,
-      headers: {
-        ...response.getHeaders(),
-        'content-type': 'application/json' //> REVISIT: why?
-      }
-    })
-  )
+  const chunk = {
+    id,
+    status: response.statusCode,
+    headers: {
+      ...response.getHeaders(),
+      'content-type': 'application/json' //> REVISIT: why?
+    }
+  }
+  if (atomicityGroup) chunk.atomicityGroup = atomicityGroup
+  const raw = Buffer.from(JSON.stringify(chunk))
 
   // body?
   if (!response._chunk) return [raw]
@@ -506,12 +553,11 @@ const _formatResponseJson = request => {
  */
 
 module.exports = adapter => {
-  const { options: config, router, service } = adapter
-  const { max_content_length } = config //> max_content_length is unofficial config
-
-  const options = { type: '*/*' }
-  if (max_content_length) options.limit = max_content_length
-  const textBodyParser = express.text(options)
+  const { router, service } = adapter
+  const textBodyParser = express.text({
+    ...adapter.body_parser_options,
+    type: '*/*' // REVISIT: why do we need to override type here?
+  })
 
   return function odata_batch(req, res, next) {
     if (req.headers['content-type'].includes('application/json')) {

package/libx/odata/middleware/body-parser.js

@@ -3,9 +3,8 @@ const express = require('express')
 // basically express.json() with string representation of body stored in req._raw for recovery
 // REVISIT: why do we need our own body parser? Only because of req._raw?
 module.exports = function bodyParser4(adapter, options = {}) {
-  if (!options.type) options.type = 'json'
-  const { max_content_length } = adapter.options //> max_content_length is unofficial config
-  if (!options.limit && max_content_length) options.limit = max_content_length
+  Object.assign(options, adapter.body_parser_options)
+  options.type ??= 'json' // REVISIT: why do we need to override type here?
   const textParser = express.text(options)
   return function http_body_parser(req, res, next) {
     if (typeof req.body === 'object') {

package/libx/odata/middleware/operation.js

@@ -51,9 +51,6 @@ module.exports = adapter => {
     let { operation, args } = req._query.SELECT?.from.ref?.slice(-1)[0] || {}
     if (!operation) return next() //> create or read
 
-    // REVISIT: should not be necessary
-    const _originalQuery = JSON.parse(JSON.stringify(req._query))
-
     // unbound vs. bound
     let entity, params
     if (service.model.definitions[operation]) {
@@ -102,7 +99,6 @@ module.exports = adapter => {
 
         if (operation.returns._type?.match?.(/^cds\./)) {
           const context = `${'../'.repeat(query?.SELECT?.from?.ref?.length)}$metadata#${cds2edm[operation.returns._type]}`
-
           result = { '@odata.context': context, value: result }
           return res.send(result)
         }
@@ -121,15 +117,19 @@ module.exports = adapter => {
         if (operation.returns.type !== 'sap.esh.SearchResult') {
           const isCollection = !!operation.returns.items
           const _target = operation.returns.items ?? operation.returns
-          // REVISIT: when is edmName needed?
-          const edmName = _opResultName({ service, operation, returnType: _target })
-          const metadata = getODataMetadata(
-            { SELECT: { from: _originalQuery?.SELECT?.from, one: !isCollection }, _target },
-
-            { result, isCollection, edmName }
-          )
+          const options = { result, isCollection }
+          if (!_target.name) {
+            // case: return inline type def
+            options.edmName = _opResultName({ service, operation, returnType: _target })
+          }
+          const SELECT = {
+            from: query ? { ref: [...query.SELECT.from.ref, { operation: operation.name }] } : {},
+            one: !isCollection
+          }
+          const metadata = getODataMetadata({ SELECT, _target }, options)
           result = getODataResult(result, metadata, { isCollection })
         }
+
         res.send(result)
       })
       .catch(err => {

package/libx/odata/middleware/read.js

@@ -109,7 +109,7 @@ const _count = result => {
     ? result.reduce((acc, val) => {
         return acc + (val?.$count ?? val?._counted_ ?? (Array.isArray(val) && _count(val))) || 0
       }, 0)
-    : result.$count ?? result._counted_ ?? 0
+    : (result.$count ?? result._counted_ ?? 0)
 }
 
 // REVISIT: integrate with default handler

package/libx/odata/parse/grammar.peggy

@@ -402,6 +402,7 @@
     "$skip="        o val:skip { _setLimitOffset(val) } /
     "$search="      o s:search_expand { if (s) SELECT.search = s } /
     "$count="       o count /
+    "$apply="       &{ return cds.env.features.skip_apply_parsing } o [^&]* { return null } /
     "$apply="       o trafos:transformations { return trafos } /
     // Workaround to support empty expand even if not OData compliant old adapter supported it and did not crash
     "$expand=" {return null}
@@ -486,7 +487,11 @@
       / o // Do not add search property for space only
 
   search_clause
-    = val:$( [^&]+ ) { return [{ val }] }
+    = val:$(($[ ]* (
+            [^"&]+
+            / ('"' ("\\\\" / "\\\"" / [^"])+ '"' [ ]*)+
+      ))+)
+      { return [{ val }] }
 
   search_expand
     = val:$( [^;)]+ ) { return [{ val }] }