@sap/cds 9.1.0 → 9.2.1

package/libx/_runtime/fiori/lean-draft.js

@@ -24,9 +24,9 @@ const _config_to_ms = (config, _default) => {
   const timeout = cds.env.fiori?.[config]
   let timeout_ms
   if (timeout === true) {
-    timeout_ms = cds.utils._unit.time2ms(_default)
+    timeout_ms = cds.utils.ms4(_default)
   } else if (typeof timeout === 'string') {
-    timeout_ms = cds.utils._unit.time2ms(timeout)
+    timeout_ms = cds.utils.ms4(timeout)
     if (!timeout_ms)
       throw new Error(`
 ${timeout} is an invalid value for \`cds.fiori.${config}\`.
@@ -384,26 +384,29 @@ const _replaceStreams = result => {
 
 const _compileUpdatedDraftMessages = (newMessages, persistedMessages, requestData, draftsRef) => {
   const prefixRef = []
-  const simplePathElements = []
-  let targetEntity = cds.infer.ref([draftsRef[0]], cds.context.tx.model)
 
   // Determine the path prefix required for a fully qualified validation message 'target'
+  let targetEntity = cds.context.tx.model.definitions[draftsRef[0].id || draftsRef[0]]
   for (let refIdx = 0; refIdx < draftsRef.length; refIdx++) {
-    let dRef = draftsRef[refIdx]
-    if (refIdx > 0) targetEntity = targetEntity.elements[draftsRef[refIdx].id || draftsRef[refIdx]]._target
+    const dRef = draftsRef[refIdx],
+      dRefId = dRef.id ?? dRef
 
+    // Determine entity, referenced by the processesd segment of 'draftsRef'
+    if (refIdx > 0) targetEntity = targetEntity.elements[dRefId]._target
+
+    // Construct 'prefixRef' segment
     const pRef = { where: [] }
 
-    const dRefId = dRef.id ?? dRef
     if (dRefId === targetEntity.name) {
       if (!targetEntity.isDraft) pRef.id = targetEntity.name.replace(`${targetEntity._service.name}.`, '')
       else pRef.id = targetEntity.actives.name.replace(`${targetEntity.actives._service.name}.`, '')
     } else pRef.id = dRefId
-    simplePathElements.push(pRef.id)
 
     if (targetEntity.isDraft) targetEntity = targetEntity.actives
 
     if (typeof dRef === 'string' || !dRef.where?.length) {
+      // In case of CREATE: The WHERE for the created entity must be constructed for use in 'prefixRef'
+
       for (const k in targetEntity.keys) {
         const key = targetEntity.keys[k]
         let v = requestData[key.name]
@@ -414,6 +417,7 @@ const _compileUpdatedDraftMessages = (newMessages, persistedMessages, requestDat
         pRef.where.push(key.name, '=', v)
       }
     } else {
+      // 'dRef.where' regards the draft and will never contain 'IsActiveEntity=false'
       pRef.where.push(...dRef.where, 'and', 'IsActiveEntity', '=', false)
     }
 
@@ -424,23 +428,30 @@ const _compileUpdatedDraftMessages = (newMessages, persistedMessages, requestDat
 
   // Collect messages that were created during the most recent validation run
   const newMessagesByCodeAndTarget = newMessages.reduce((acc, message) => {
-    message.simplePathElements = [...simplePathElements]
+    message.numericSeverity ??= 4
 
-    const messagePrefixRef = [...prefixRef]
+    // Handle validation messages produced during draftActivate, that went through error normalization already
+    // > We must not store pre-localized data in DraftAdministrativeData.DraftMessages
     const messageTarget = message.target.startsWith('in/') ? message.target.slice(3) : message.target
+    if (message.code) {
+      message.message = message.code
+      delete message.code
+    }
+
+    // Process the message target produced by validation
+    // > The message target contains the relative path of the erroneous entity
+    // > For a message specific 'prefixRef', this info must be added to the entity 'prefixRef'
+    const messagePrefixRef = [...prefixRef]
     const messageTargetRef = cds.odata.parse(messageTarget).SELECT.from.ref
     message.target = messageTargetRef.pop()
 
     for (const tRef of messageTargetRef) {
-      message.simplePathElements.push(tRef.id)
       messagePrefixRef.push(tRef)
       if ((tRef.where ??= []).some(w => w === 'IsActiveEntity' || w.ref?.[0] === 'IsActiveEntity')) continue
-      if (tRef.where.length > 0) tRef.where.push('and')
-      tRef.where.push('IsActiveEntity', '=', false)
+      if (tRef.where.length > 0) tRef.where.push('and', 'IsActiveEntity', '=', false)
     }
 
     message.prefix = cds.odata.urlify({ SELECT: { from: { ref: messagePrefixRef } } }).path
-    message.numericSeverity ??= 4
 
     nextMessages.push(message)
 
@@ -450,14 +461,18 @@ const _compileUpdatedDraftMessages = (newMessages, persistedMessages, requestDat
   const draftMessageTargetPrefix = cds.odata.urlify({ SELECT: { from: { ref: prefixRef } } }).path
 
   // Merge new messages with persisted ones & eliminate outdated ones
+  const simplePathElements = prefixRef.map(pRef => pRef.id)
   for (const message of persistedMessages) {
+    // Drop persisted draft messages that are replaced by new ones
     if (newMessagesByCodeAndTarget.has(`${message.message}:${message.prefix}:${message.target}`)) continue
+
+    // Drop persisted draft messages where the value of the target field changed without a new error
     if (message.prefix === draftMessageTargetPrefix && requestData[message.target] !== undefined) continue
-    if (
-      message.simplePathElements.length > simplePathElements.length &&
-      requestData[message.simplePathElements[simplePathElements.length]] !== undefined
-    )
-      continue
+
+    // Drop persisted draft messages, whose target's use navigations, where the value of the target field changed without a new error
+    const messageSimplePathElements = message.prefix.replaceAll(/\([^(]*\)/g, '').split('/')
+    if (messageSimplePathElements.length > simplePathElements.length)
+      if (requestData[messageSimplePathElements[simplePathElements.length]] !== undefined) continue
 
     nextMessages.push(message)
   }
@@ -843,6 +858,7 @@ const handle = async function (req) {
 
     // Remove draft artefacts from persistedDraft entry
     const DraftAdministrativeData_DraftUUID = res.DraftAdministrativeData_DraftUUID
+    const persistedDraftMessages = res.DraftAdministrativeData?.DraftMessages || []
     delete res.DraftAdministrativeData_DraftUUID
     delete res.DraftAdministrativeData
     const HasActiveEntity = res.HasActiveEntity
@@ -866,7 +882,29 @@ const handle = async function (req) {
     const upsertOptions = { headers: Object.assign({}, req.headers, { 'if-match': '*' }) }
 
     const _req = _newReq(req, upsertQuery, draftParams, upsertOptions)
-    const result = await h.call(this, _req)
+
+    let result
+    try {
+      result = await h.call(this, _req)
+    } catch (error) {
+      if (cds.model.definitions['DRAFT.DraftAdministrativeData'].elements.DraftMessages && _req.errors)
+        _req.on('failed', async () => {
+          const nextDraftMessages = _compileUpdatedDraftMessages(
+            _req.errors.map(e => ({ ...e })),
+            persistedDraftMessages,
+            {},
+            draftRef
+          )
+
+          await cds.tx(async () => {
+            await UPDATE('DRAFT.DraftAdministrativeData')
+              .set({ DraftMessages: nextDraftMessages })
+              .where({ DraftUUID: DraftAdministrativeData_DraftUUID })
+          })
+        })
+
+      throw error
+    }
 
     // REVISIT: Remove feature flag dependency
     if (cds.env.fiori.move_media_data_in_db) {
@@ -1203,7 +1241,9 @@ const Read = {
       _fillIsActiveEntity(row, false, query._drafts._target)
 
       if (cds.model.definitions['DRAFT.DraftAdministrativeData'].elements.DraftMessages && row.DraftMessages?.length) {
-        const simplifiedMessagePrefix = query._drafts.SELECT.from.ref
+        // Reduce persisted draft messages to the set of those that are part of the queried entities tree
+
+        const simplePath = query._drafts.SELECT.from.ref
           .map(refElement => {
             refElement = (refElement.id ?? refElement).split('.')
             if (refElement.length === 1) return refElement[0]
@@ -1213,7 +1253,8 @@ const Read = {
           .join('/')
 
         row.DraftMessages = row.DraftMessages.reduce((acc, msg) => {
-          if (!msg.simplePathElements.join('/').startsWith(simplifiedMessagePrefix)) return acc
+          const messageSimplePath = msg.prefix.replaceAll(/\([^(]*\)/g, '')
+          if (!messageSimplePath.startsWith(simplePath)) return acc
           msg.target = `/${msg.prefix}/${msg.target}`
           delete msg.prefix
           delete msg.simplePathElements
@@ -1221,7 +1262,6 @@ const Read = {
           return acc
         }, [])
 
-        // TODO: Messsages use i18n to map codes to textual error messages -> Replace!
         row.DraftMessages = getLocalizedMessages(row.DraftMessages, cds.context.http.req)
       }
     })

package/libx/_runtime/messaging/enterprise-messaging-utils/registerEndpoints.js

@@ -29,9 +29,10 @@ class EndpointRegistry {
         if (cds.context.user._is_anonymous) return res.status(401).end()
         next()
       })
-    } else if (process.env.NODE_ENV === 'production') {
-      LOG.warn('Messaging endpoints not secured')
     } else {
+      if (process.env.NODE_ENV === 'production') {
+        LOG.warn('Messaging endpoints not secured')
+      }
       // auth middlewares set cds.context.user
       cds.app.use(basePath, cds.middlewares.context())
     }

package/libx/_runtime/messaging/file-based.js

@@ -28,10 +28,11 @@ class FileBasedMessaging extends MessagingService {
     this.LOG._debug && this.LOG.debug('Emit', { topic: e, file: this.file })
     try {
       await fs.appendFile(this.file, `\n${e} ${JSON.stringify(_msg)}`)
+      unlock(this.file)
     } catch (e) {
       this.LOG._debug && this.LOG.debug('Error', e)
-    } finally {
       unlock(this.file)
+      throw e
     }
   }
 

package/libx/_runtime/messaging/service.js

@@ -48,7 +48,7 @@ module.exports = class MessagingService extends cds.Service {
           srv.on(event, async msg => {
             const { data, headers } = msg
             const messaging = await cds.connect.to('messaging') // needed for potential outbox
-            return messaging.tx(msg).emit({ event: topic, data, headers })
+            return messaging.emit({ event: topic, data, headers })
           })
         }
       })

package/libx/_runtime/remote/utils/client.js

@@ -231,7 +231,7 @@ const run = async (requestConfig, options) => {
     e.message = msg ? 'Error during request to remote service: ' + msg : 'Request to remote service failed.'
     const sanitizedError = _getSanitizedError(e, requestConfig, { suppressRemoteResponseBody })
     const err = Object.assign(new Error(e.message), { statusCode: 502, reason: sanitizedError })
-    LOG._warn && LOG.warn(err)
+    cds.repl || LOG.warn(err)
     throw err
   }
 

package/libx/common/assert/utils.js

@@ -50,21 +50,11 @@ function isBase64String(string, strict = false) {
   return true
 }
 
-const resolveCDSType = ele => {
-  // REVISIT: when is ele._type not set and sufficient?
-  if (ele._type?.match(/^cds\./)) return ele._type
-  if (ele.type) {
-    if (ele.type.match(/^cds\./)) return ele.type
-    return resolveCDSType(ele.__proto__)
-  }
-  if (ele.items) return resolveCDSType(ele.items)
-  return ele
-}
+
 
 
 module.exports = {
   getNormalizedDecimal,
   getTarget,
-  isBase64String,
-  resolveCDSType
+  isBase64String
 }

package/libx/common/utils/streaming.js

@@ -64,14 +64,9 @@ exports.collectStreamMetadata = (result, operation, query) => {
 }
 
 exports.getReadable = function readable4 (result) {
-  if (result == null) return
-  if (typeof result !== 'object') {
-    const stream = new Readable()
-    stream.push(result)
-    stream.push(null)
-    return stream
-  }
+  if (result == null) return null
   if (result instanceof Readable) return result
-  if (result.value) return readable4 (result.value) // REVISIT: for OData legacy only?
-  if (Array.isArray(result)) return readable4 (result[0]) // compat // REVISIT: remove ?
+  if (Array.isArray(result)) return readable4 (result[0]) // compat
+  if (typeof result === 'object' && 'value' in result) return readable4 (result.value)
+  cds.error(500, `Unexpected result type for streaming: Expected stream.Readable or null but got ${typeof result}`)
 }

package/libx/http/location.js

@@ -1,4 +1,5 @@
 module.exports = (target, srv, result, keys_as_segments) => {
+  if (typeof result !== 'object' || result == null || Array.isArray(result)) return
   const targetName = target.name.replace(`${srv.definition.name}.`, '')
   if (!target.keys) return targetName
 

package/libx/odata/index.js

@@ -1,6 +1,6 @@
 /** @typedef {import('../../lib/srv/cds.Service')} Service */
 
-const cds = require('../../')
+const cds = require('../..')
 const { decodeURIComponent } = cds.utils
 
 const odata2cqn = require('./parse/parser').parse

package/libx/odata/middleware/batch.js

@@ -259,7 +259,12 @@ const _tx_done = async (tx, responses, isJson) => {
     // here, the commit was rejected even though all requests were successful (e.g., by custom handler or db consistency check)
     rejected = 'rejected'
     // construct commit error (without modifying original error)
-    const error = normalizeError(Object.create(e), { locale: cds.context.locale })
+    const error = normalizeError(Object.create(e), {
+      get locale() {
+        return cds.context.locale
+      },
+      get() {}
+    })
     // replace all responses with commit error
     for (const res of responses) {
       res.status = 'fail'

package/libx/odata/middleware/create.js

@@ -72,7 +72,7 @@ module.exports = (adapter, isUpsert) => {
 
         handleSapMessages(cdsReq, req, res)
 
-        if (!target._isSingleton) {
+        if (!target._isSingleton && !res.hasHeader('location')) {
           res.set('location', location4(cdsReq.target, service, result || cdsReq.data))
         }
 

package/libx/odata/middleware/error.js

@@ -4,17 +4,8 @@ const { shutdown_on_uncaught_errors } = cds.env.server
 exports = module.exports = () =>
   function odata_error(err, req, res, next) {
     if (exports.pass_through(err)) return next(err)
+    else req._is_odata = true
     if (err.details) err = _fioritized(err)
-    const content_id = req.headers['content-id']
-    if (content_id) err['@Core.ContentID'] = content_id
-    err['@Common.numericSeverity'] ??= err.numericSeverity || 4
-
-    // propagate content-id and set @Common.numericSeverity
-    err.details?.forEach(e => {
-      if (content_id) e['@Core.ContentID'] = content_id
-      e['@Common.numericSeverity'] ??= e.numericSeverity || 4 // Fiori expects this in error.details
-    })
-
     exports.normalizeError(err, req)
     return next(err)
   }
@@ -25,21 +16,18 @@ exports.pass_through = err => {
 }
 
 exports.normalizeError = (err, req, cleanse = ODATA_PROPERTIES) => {
-  const locale = cds.i18n.locale.from(req)
-  err.status = _normalize(err, locale, cleanse) || 500
+  err.status = _normalize(err, req, cleanse) || 500
   return err
 }
 
-// TODO: This should go somewhere else ...
 exports.getLocalizedMessages = (messages, req) => {
   const locale = cds.i18n.locale.from(req)
-  for (let m of messages) _normalize(m, locale, SAP_MSG_PROPERTIES)
+  for (let m of messages) _normalize(m, req, SAP_MSG_PROPERTIES, locale)
   return messages
 }
 
 exports.getSapMessages = (messages, req) => {
-  const locale = cds.i18n.locale.from(req)
-  for (let m of messages) _normalize(m, locale, SAP_MSG_PROPERTIES)
+  messages = exports.getLocalizedMessages(messages, req)
   return JSON.stringify(messages).replace(
     /[\u007F-\uFFFF]/g,
     c => '\\u' + c.charCodeAt(0).toString(16).padStart(4, '0')
@@ -52,10 +40,13 @@ const SAP_MSG_PROPERTIES = { ...ODATA_PROPERTIES, longtextUrl: 2, transition: 2,
 const BAD_REQUESTS = { ENTITY_ALREADY_EXISTS: 1, FK_CONSTRAINT_VIOLATION: 2, UNIQUE_CONSTRAINT_VIOLATION: 3 }
 
 // prettier-ignore
-const _normalize = (err, locale = cds.env.i18n.default_language, keep) => {
+const _normalize = (err, req, keep,
+  locale = cds.i18n.locale.from(req) || cds.env.i18n.default_language,
+  content_id = req.get('content-id')
+) => {
 
   // Determine status code if not already set
-  const details = err.details?.map?.(each => _normalize (each, locale, keep))
+  const details = err.details?.map?.(each => _normalize (each, req, keep, locale, content_id))
   const status = err.status || err.statusCode || _status4(err) || _reduce(details)
 
   // Determine error code and message
@@ -71,7 +62,11 @@ const _normalize = (err, locale = cds.env.i18n.default_language, keep) => {
   Object.defineProperty(err, 'toJSON', { value: function() {
     const that = keep ? {} : {...this}
     if (keep) for (let k in this) if (k in keep || k[0] === '@') that[k] = this[k]
-    if (locale) that.message = i18n.messages.at (key, locale, this.args)
+    if (req._is_odata && keep !== SAP_MSG_PROPERTIES) {
+      that['@Common.numericSeverity'] ??= err.numericSeverity || 4
+      if (content_id) that['@Core.ContentID'] = content_id
+    }
+    if (locale) that.message = _message4 (err, key, locale)
     if (!that.message) that.message = this.message
     return that
   }})
@@ -83,6 +78,14 @@ const _status4 = err => {
   if (err.message in BAD_REQUESTS) return 400 // REVISIT: should we use 409 or 500 instead?
 }
 
+const _message4 = (err, key, locale) => {
+  if (err.i18n) {
+    key = /{i18n>(.*)}/.exec(err.i18n)?.[1]
+    if (!key) return err.i18n
+  }
+  return i18n.messages.at(key, locale, err.args)
+}
+
 const _reduce = details => {
   const unique = [...new Set(details)]
   if (unique.length === 1) return unique[0] // if only one unique status exists, we use that

package/libx/odata/middleware/stream.js

@@ -149,7 +149,7 @@ module.exports = adapter => {
           }
 
           const stream = getReadable(result)
-          if (!stream) return res.sendStatus(204)
+          if (stream == null) return res.sendStatus(204)
 
           validateMimetypeIsAcceptedOrThrow(req.headers, mimetype)
           if (!res.get('content-type')) res.set('content-type', mimetype)

package/libx/odata/parse/cqn2odata.js

@@ -1,4 +1,4 @@
-const cds = require('../../../')
+const cds = require('../../..')
 
 const { formatVal } = require('../utils')
 
@@ -65,10 +65,7 @@ function hasValidProps(obj, ...names) {
   for (const propName of names) {
     const validate = validators[propName]
     const isValid = validate && validate(obj[propName])
-
-    if (!isValid) {
-      return false
-    }
+    if (!isValid) return false
   }
 
   return true
@@ -183,23 +180,32 @@ function _xpr(expr, target, kind, isLambda, navPrefix = []) {
         if (inExpr) res.push(`(${inExpr})`)
         i += 1
       } else if (_isLambda(cur, expr[i + 1])) {
+        // Process 'exists' expression
+
         const { where } = expr[i + 1].ref.at(-1)
-        const nav = expr[i + 1].ref.map(ref => ref?.id ?? ref).join('/')
+        const navSegments = expr[i + 1].ref.map(ref => ref?.id ?? ref)
+        const nav = navSegments.join('/')
 
         if (kind === 'odata-v2') {
           // odata-v2 does not support lambda expressions but successfactors allows filter like for to-one assocs
           cds.log('remote').info(`OData V2 does not support lambda expressions. Using path expression as best effort.`)
           isLambda = false
           res.push(_xpr(where, target, kind, isLambda, [...navPrefix, nav]))
-        } else if (!where) {
-          res.push(`${nav}/any()`)
-        } else {
+        } else if (res.at(-1) === 'not' && where.length === 2 && where[0] === 'not' && where[1].xpr) {
+          // Convert double negation 'not exists where not' to 'all'
+          // > reverting the mirrored transformation performed in grammar.peggy/lambda
+
+          res.pop()
+          res.push(`${nav}/all(${LAMBDA_VARIABLE}:${_xpr(where[1].xpr, target, kind, true, navPrefix)})`)
+        } else if (where) {
           res.push(
             `${nav}/any(${LAMBDA_VARIABLE}:${_xpr(where, target?.elements[nav]._target, kind, true, navPrefix)})`
           )
+        } else {
+          res.push(`${nav}/any()`)
         }
 
-        i++
+        i += 1
       } else {
         res.push(OPERATORS[cur] || cur.toLowerCase())
       }

package/libx/odata/parse/grammar.peggy

@@ -190,7 +190,9 @@
       if (newCqn.SELECT?.recurse && cqn.where) {
         const where = cqn.where 
         delete cqn.where
-        newCqn = { SELECT: { from: newCqn, where } }
+        const columns = newCqn.SELECT.columns
+        delete newCqn.SELECT.columns
+        newCqn = { SELECT: { from: newCqn, where, columns } }
       }
       return newCqn
     }
@@ -206,7 +208,7 @@
       if (
         (topCqn.columns && topCqn.columns[0].as === '$count') ||
         //In QUERY_WITH_AGGREGATION topCqn.where is a having and thus no further nesting needed
-        (!QUERY_WITH_AGGREGATION && topCqn.where && (cqn.SELECT.where || cqn.SELECT.limit)) ||
+        (!QUERY_WITH_AGGREGATION && topCqn.where && (cqn.SELECT.where || cqn.SELECT.limit)) ||
         (cqn.SELECT.limit && topCqn.limit) ||
         (cqn.SELECT.orderBy && topCqn.orderBy) ||
         (cqn.SELECT.search && topCqn.search)
@@ -710,6 +712,8 @@
   = (
       c:('*' / ref) {
         const col = c === '*' ? {} : c
+        if (col.ref?.length > 1) throw Object.assign(new Error(`navigation "${col.ref.join('/')}" in "$expand" is not supported`), { statusCode: 400 })
+
         col.expand = ['*']
         if (!Array.isArray(SELECT.expand)) SELECT.expand = []
         if (!SELECT.expand.find(_compareRefs(col))) SELECT.expand.push(col)
@@ -984,7 +988,7 @@
       // Loop through each element, add it to current level, if element is already part of result, increase level
       for(let trafos of additionalTransformation) {
         for(const transformation in trafos) {
-          if (transformation === 'where' && (mainTransformation.groupBy || mainTransformation.aggregate) && !mainTransformation.having) {
+          if (transformation === 'where' && (mainTransformation.groupBy || mainTransformation.aggregate) && !mainTransformation.having) {
             //When a group by or aggregate preceed a where, the where is a having
             mainTransformation.having = trafos[transformation]
           }
@@ -1216,7 +1220,7 @@
 
   doubleQuotedString "a doubled quoted string"
     = '"' s:$('\\"' / '\\\\' / [^"])* '"'
-    {return s.replace(/\\\\/g,"\\").replace(/\\"/g,'"')}
+    {return s.replace(/\\(["\\])/g, '$1')}
 
   word "a string"
     = $([^ \t\n()"&;]+)