@sap/cds 9.4.5 → 9.5.1

package/libx/_runtime/fiori/lean-draft.js

@@ -11,14 +11,18 @@ const { addEtagColumns } = require('../common/utils/etag')
 const { handleStreamProperties } = require('../common/utils/streamProp')
 
 const { getLocalizedMessages } = require('../../odata/middleware/error')
-const { Responses } = require('../../../lib/req/response')
+const { Responses, prepareError } = require('../../../lib/req/response')
 const location4 = require('../../http/location')
 
 const $original = Symbol('original')
 const $draftParams = Symbol('draftParams')
 
+const { WELL_KNOWN_EVENTS } = require('../../../lib/req/event')
+
 const AGGREGATION_FUNCTIONS = ['sum', 'min', 'max', 'avg', 'average', 'count']
 const MAX_RECURSION_DEPTH = cds.env.features.recursion_depth != null ? Number(cds.env.features.recursion_depth) : 4
+const IS_PERSISTED_DRAFT_MESSAGES_ENABLED =
+  !!cds.model?.definitions?.['DRAFT.DraftAdministrativeData']?.elements?.DraftMessages
 
 const _config_to_ms = (config, _default) => {
   const timeout = cds.env.fiori?.[config]
@@ -28,10 +32,10 @@ const _config_to_ms = (config, _default) => {
   } else if (typeof timeout === 'string') {
     timeout_ms = cds.utils.ms4(timeout)
     if (!timeout_ms)
-      throw new Error(`
+      cds.error`
 ${timeout} is an invalid value for \`cds.fiori.${config}\`.
 Please provide a value in format /^([0-9]+)(w|d|h|hrs|min)$/.
-`)
+`
   } else {
     timeout_ms = timeout
   }
@@ -56,11 +60,11 @@ const LOCK_TIMEOUT = {
   }
 }
 
-const reject_bypassed_draft = req => {
+const reject_bypassed_draft = () => {
   const message =
     !cds.profiles?.includes('production') &&
     '`cds.env.fiori.bypass_draft` must be enabled or the entity must be annotated with `@odata.draft.bypass` to support direct modifications of active instances.'
-  return req.reject({ code: 501, statusCode: 501, message })
+  cds.error({ status: 501, message })
 }
 
 const DRAFT_ELEMENTS = new Set([
@@ -382,15 +386,7 @@ const _replaceStreams = result => {
   }
 }
 
-const _compileUpdatedDraftMessages = (newMessages, persistedMessages, requestData, draftsRef) => {
-  const txModel = cds.context.tx.model
-  let targetEntity = txModel.definitions[draftsRef[0].id || draftsRef[0]]
-
-  // The 'target' of validation errors needs to specify the full path from the draft root
-  // > Since success of establishment of containment can't be guaranteed, we clean up messages
-  if (!targetEntity.actions.draftActivate) return []
-
-  // Determine the path prefix required for a fully qualified validation message 'target'
+const _extractPrefixRef = (draftsRef, targetEntity, requestData = null) => {
   const prefixRef = []
   for (let refIdx = 0; refIdx < draftsRef.length; refIdx++) {
     const dRef = draftsRef[refIdx],
@@ -408,7 +404,7 @@ const _compileUpdatedDraftMessages = (newMessages, persistedMessages, requestDat
 
     if (targetEntity.isDraft) targetEntity = targetEntity.actives
 
-    if (typeof dRef === 'string' || !dRef.where?.length) {
+    if ((typeof dRef === 'string' || !dRef.where?.length) && requestData) {
       // In case of CREATE: The WHERE for the created entity must be constructed for use in 'prefixRef'
 
       for (const k in targetEntity.keys) {
@@ -419,29 +415,59 @@ const _compileUpdatedDraftMessages = (newMessages, persistedMessages, requestDat
           else return null
         if (v instanceof Buffer) v = v.toString('base64') //> convert binary keys to base64
         if (pRef.where.length > 0) pRef.where.push('and')
-        pRef.where.push(key.name, '=', v)
+        pRef.where.push({ ref: [key.name] }, '=', { val: v })
       }
-    } else {
-      // 'dRef.where' regards the draft and will never contain 'IsActiveEntity=false'
-      pRef.where.push(...dRef.where, 'and', 'IsActiveEntity', '=', false)
+
+      prefixRef.push(pRef)
+      continue
+    }
+
+    if (dRef.where?.length) {
+      // Use the existing where clause from draftRef
+      pRef.where.push(...dRef.where)
+
+      if (!pRef.where.some(w => w === 'IsActiveEntity' || w.ref?.[0] === 'IsActiveEntity'))
+        pRef.where.push('and', { ref: ['IsActiveEntity'] }, '=', { val: false })
+
+      prefixRef.push(pRef)
+      continue
     }
 
-    prefixRef.push(pRef)
+    prefixRef.push(pRef.id)
   }
 
+  return prefixRef
+}
+
+const compileUpdatedDraftMessages = (newMessages, persistedMessages, requestData, draftsRef) => {
+  const txModel = cds.context.tx.model
+  let targetEntity = txModel.definitions[draftsRef[0].id || draftsRef[0]]
+
+  // The 'target' of validation errors needs to specify the full path from the draft root
+  // > Since success of establishment of containment can't be guaranteed, we clean up messages
+  if (!targetEntity['@Common.DraftRoot.ActivationAction']) return []
+
+  // Determine the path prefix required for a fully qualified validation message 'target'
+  const prefixRef = _extractPrefixRef(draftsRef, targetEntity, requestData)
+  if (!prefixRef) return null
+
+  const draftMessageTargetPrefix = cds.odata.urlify(
+    { SELECT: { from: { ref: prefixRef } } },
+    { kind: 'odata-v4', model: txModel }
+  ).path
+
   const nextMessages = []
 
   // Collect messages that were created during the most recent validation run
   const newMessagesByMessageKeyAndTarget = newMessages.reduce((acc, message) => {
+    if (!message.target) return acc //> silently ignore messages without target
+
     message.numericSeverity ??= message['@Common.numericSeverity'] ?? 4
     if (message['@Common.additionalTargets']) message.additionalTargets ??= message['@Common.additionalTargets']
     message.additionalTargets = message.additionalTargets?.map(t => (t.startsWith('in/') ? t.slice(3) : t))
     delete message['@Common.additionalTargets']
 
-    if (!message.target) return acc //> silently ignore messages without target
-
-    // Handle validation messages produced during draftActivate, that went through error normalization already
-    // > We must not store pre-localized data in DraftAdministrativeData.DraftMessages
+    // Remove prefix 'in/' in favor of fully qualified path to the target
     const messageTarget = message.target.startsWith('in/') ? message.target.slice(3) : message.target
     if (message.code) delete message.code // > Expect _only_ message to be set and contain the code
 
@@ -468,11 +494,6 @@ const _compileUpdatedDraftMessages = (newMessages, persistedMessages, requestDat
     return acc.set(`${message.message}:${message.prefix}:${message.target}`, message)
   }, new Map())
 
-  const draftMessageTargetPrefix = cds.odata.urlify(
-    { SELECT: { from: { ref: prefixRef } } },
-    { kind: 'odata-v4', model: txModel }
-  ).path
-
   // Merge new messages with persisted ones & eliminate outdated ones
   const simplePathElements = prefixRef.map(pRef => pRef.id)
   for (const message of persistedMessages) {
@@ -483,13 +504,13 @@ const _compileUpdatedDraftMessages = (newMessages, persistedMessages, requestDat
     )
     if (hasNewMessageForAdditionalTarget) continue
 
-    // Drop persisted draft messages where the value of the target field changed without a new error
+    // Drop persisted draft messages where the value of the target field changed
     if (message.prefix === draftMessageTargetPrefix) {
       if (requestData[message.target] !== undefined) continue
       if (message.additionalTargets?.some(target => requestData[target] !== undefined)) continue
     }
 
-    // Drop persisted draft messages, whose target's use navigations, where the value of the target field changed without a new error
+    // Drop persisted draft messages, whose target's use navigations, where the value of the target field changed
     const messageSimplePathElements = message.prefix.replaceAll(/\([^(]*\)/g, '').split('/')
     if (messageSimplePathElements.length > simplePathElements.length)
       if (requestData[messageSimplePathElements[simplePathElements.length]] !== undefined) continue
@@ -504,9 +525,88 @@ const _compileUpdatedDraftMessages = (newMessages, persistedMessages, requestDat
   return nextMessages
 }
 
+const _createNewDraftData = (obj, target, draftUUID) => {
+  const newDraftData = Object.assign({}, obj, {
+    DraftAdministrativeData_DraftUUID: draftUUID,
+    HasActiveEntity: false
+  })
+  if (!target) return newDraftData
+
+  for (const key in newDraftData) {
+    if (!target.elements[key]?.isComposition) continue
+
+    // Recurse into payload entries for nested associated entities
+    if (Array.isArray(newDraftData[key]))
+      newDraftData[key] = newDraftData[key].map(v => _createNewDraftData(v, target.elements[key]._target, draftUUID))
+    else if (typeof newDraftData[key] === 'object')
+      newDraftData[key] = _createNewDraftData(newDraftData[key], target.elements[key]._target, draftUUID)
+  }
+
+  return newDraftData
+}
+
+const _newReq = (req, query, draftParams, { event, headers }) => {
+  // REVISIT: This is a bit hacky -> better way?
+  query._target = undefined
+  query[$draftParams] = draftParams
+
+  // REVISIT: This is extremely bad. We should be able to just create a copy without such hacks.
+  const _req = cds.Request.for(req._) // REVISIT: this causes req._.data of WRITE reqs copied to READ reqs
+  // To create a `READ` event based on a modifying request, we need to delete req.data
+  if (event === 'READ' && req.event !== 'READ') delete _req.data
+
+  if (headers) {
+    _req.headers = Object.create(req.headers)
+    Object.assign(_req.headers, headers)
+  }
+
+  // Set relevant attributes of the inner request based on the outer
+  _req.target = cds.infer.target(query)
+  _req.query = query
+  _req.params = req.params
+  _req._ = req._
+
+  const cqnData = _req.query.UPDATE?.data || _req.query.INSERT?.entries?.[0]
+  if (cqnData) _req.data = cqnData // must point to the same object
+
+  if (req.protocol) _req.protocol = req.protocol
+  if (!_req._.event) _req._.event = req.event
+  if (req.tx && !_req.tx) _req.tx = req.tx
+
+  // Determine the proper event for the inner request
+  if (event) _req.event = event
+  else if (query.SELECT) _req.event = 'READ'
+  else if (query.INSERT) _req.event = 'CREATE'
+  else if (query.UPDATE) _req.event = 'UPDATE'
+  else if (query.DELETE) _req.event = 'DELETE'
+  else _req.event = req.event
+
+  // Divert messages and validation errors to outer request
+  /* prettier-ignore */ Object.defineProperty(_req, '_messages', { get() { return req._messages } })
+  /* prettier-ignore */ Object.defineProperty(_req, '_validationErrors', { get() { return req._validationErrors } })
+
+  const shouldCollectValidationErrorsSeparately =
+    _req.target.isDraft && IS_PERSISTED_DRAFT_MESSAGES_ENABLED && req.protocol && ['UPDATE', 'NEW'].includes(_req.event)
+  if (shouldCollectValidationErrorsSeparately) {
+    // Add a separate collection for validation errors, to the outer request
+    req._validationErrors ??= new Responses()
+
+    // Override .error to collect validation errors separately, for the inner request
+    // > Validation errors being classified by having a 'target'
+    _req.error = (...args) => {
+      const err = prepareError(4, ...args)
+      if (err.target) _req._validationErrors.push(err)
+      else _req._errors.add(null, ...args)
+      return err
+    }
+  }
+
+  return _req
+}
+
 // REVISIT: Can we do a regular handler function instead of monky patching?
-const h = cds.ApplicationService.prototype.handle
-const handle = async function (req) {
+const protoHandle = cds.ApplicationService.prototype.handle
+const draftHandle = async function (req) {
   if (req.event === 'DISCARD') req.event = 'CANCEL'
   else if (req.event === 'SAVE') {
     req.event = 'draftActivate'
@@ -515,15 +615,15 @@ const handle = async function (req) {
 
   // Fast exit for non-draft requests
   // REVISIT: should also start with else, but then this test fails: cds/tests/_runtime/odata/__tests__/integration/draft-custom-handlers.test.js
-  if (!req.query) return h.call(this, req)
-  else if ($draftParams in req.query) return h.call(this, req)
-  /* prettier-ignore */ else if (!(
+  if (!req.query) return protoHandle.call(this, req)
+  if ($draftParams in req.query) return protoHandle.call(this, req)
+  /* prettier-ignore */ if (!(
     // Note: we skip UPSERTs as these might have an additional INSERT
     'SELECT' in req.query ||
     'INSERT' in req.query ||
     'UPDATE' in req.query ||
     'DELETE' in req.query
-  )) return h.call(this, req)
+  )) return protoHandle.call(this, req)
   // TODO: also skip quickly if no draft-enabled entities are involved ?!?
   // TODO: also skip quickly if no isActiveEntity is part of the query ?!?
   // TODO: also skip quickly for CREATE request not from Fiori clients ???
@@ -539,64 +639,9 @@ const handle = async function (req) {
   if (req.data) _cleanseParams(req.data, req.target)
   const draftParams = query[$draftParams]
 
-  const _newReq = (req, query, draftParams, { event, headers }) => {
-    // REVISIT: This is a bit hacky -> better way?
-    query._target = undefined
-    query[$draftParams] = draftParams
-
-    // REVISIT: This is extremely bad. We should be able to just create a copy without such hacks.
-    const _req = cds.Request.for(req._) // REVISIT: this causes req._.data of WRITE reqs copied to READ reqs
-
-    if (headers) {
-      _req.headers = Object.create(req.headers)
-      Object.assign(_req.headers, headers)
-    }
-
-    // If we create a `READ` event based on a modifying request, we delete data
-    if (event === 'READ' && req.event !== 'READ') delete _req.data // which we fix here -> but this is an ugly workaround
-
-    _req.target = cds.infer.target(query)
-    _req.query = query
-    _req.event =
-      event ||
-      (query.SELECT && 'READ') ||
-      (query.INSERT && 'CREATE') ||
-      (query.UPDATE && 'UPDATE') ||
-      (query.DELETE && 'DELETE') ||
-      req.event
-    _req.params = req.params
-    if (req.protocol) _req.protocol = req.protocol
-    _req._ = req._
-    if (!_req._.event) _req._.event = req.event
-    const cqnData = _req.query.UPDATE?.data || _req.query.INSERT?.entries?.[0]
-    if (cqnData) _req.data = cqnData // must point to the same object
-    if (req.tx && !_req.tx) _req.tx = req.tx
-
-    // Ensure messages are added to the original request
-    Object.defineProperty(_req, '_messages', {
-      get: function () {
-        return req._messages
-      }
-    })
-
-    if (cds.model.definitions['DRAFT.DraftAdministrativeData'].elements.DraftMessages) {
-      if (_req.target.isDraft && (_req.event === 'UPDATE' || _req.event === 'NEW')) {
-        // Degrade all errors to messages & prevent !!req.errors into req.reject() in dispatch
-        const originalError = _req.error.bind(_req)
-        _req.error = (...args) => {
-          // REVISIT: re-consider target variants
-          if (args[0]?.target || args[2]) return _req._messages.add(4, ...args)
-          return originalError(...args)
-        }
-      }
-    }
-
-    return _req
-  }
-
   const run = (query, options = {}) => {
     const _req = _newReq(req, query, draftParams, options)
-    return h.call(this, _req)
+    return protoHandle.call(this, _req)
   }
 
   if (req.event === 'READ') {
@@ -606,84 +651,103 @@ const handle = async function (req) {
       !req.query._target.drafts
     ) {
       req.query = query
-      return h.call(this, req)
+      return protoHandle.call(this, req)
     }
 
     // apply paging and sorting on original query for protocol adapters relying on it
     commonGenericPaging(req)
     commonGenericSorting(req)
 
-    const read =
-      draftParams.IsActiveEntity === false &&
-      _hasStreaming(query.SELECT.columns, query._target) &&
-      !cds.env.features.binary_draft_compat
-        ? Read.draftStream
-        : req.query._target.name.endsWith('.drafts')
-          ? Read.ownDrafts
-          : draftParams.IsActiveEntity === false && draftParams.SiblingEntity_IsActiveEntity === null
-            ? Read.all
-            : draftParams.IsActiveEntity === true &&
-                draftParams.SiblingEntity_IsActiveEntity === null &&
-                (draftParams.DraftAdministrativeData_InProcessByUser === 'not null' ||
-                  draftParams.DraftAdministrativeData_InProcessByUser === 'not ')
-              ? Read.lockedByAnotherUser
-              : draftParams.IsActiveEntity === true &&
-                  draftParams.SiblingEntity_IsActiveEntity === null &&
-                  draftParams.DraftAdministrativeData_InProcessByUser === ''
-                ? Read.unsavedChangesByAnotherUser
-                : draftParams.IsActiveEntity === true && draftParams.HasDraftEntity === false
-                  ? Read.unchanged
-                  : draftParams.IsActiveEntity === true
-                    ? Read.onlyActives
-                    : draftParams.IsActiveEntity === false
-                      ? Read.ownDrafts
-                      : Read.onlyActives
+    const determineRead = () => {
+      // 'draftParams' as filled in '_cleanseQuery'
+      const isActiveEntity = draftParams.IsActiveEntity
+      const hasDraftEntity = draftParams.HasDraftEntity
+      const hasStreaming = _hasStreaming(query.SELECT.columns, query._target)
+      const isBinaryDraftCompat = cds.env.features.binary_draft_compat
+      const isTargetDraft = req.query._target.name.endsWith('.drafts')
+      const inProcessByUserEqNullString = ['not ', 'not null'].includes(
+        draftParams.DraftAdministrativeData_InProcessByUser
+      )
+      const inProcessByUserEqEmptyString = draftParams.DraftAdministrativeData_InProcessByUser === ''
+      const isSiblingIsActiveEntityNull = draftParams.SiblingEntity_IsActiveEntity === null
+
+      if (isActiveEntity === false && hasStreaming && !isBinaryDraftCompat) return Read.draftStream
+      if (isTargetDraft) return Read.ownDrafts
+      if (isActiveEntity === false && isSiblingIsActiveEntityNull) return Read.all
+      if (isActiveEntity === true && isSiblingIsActiveEntityNull && inProcessByUserEqNullString)
+        return Read.lockedByAnotherUser
+      if (isActiveEntity === true && isSiblingIsActiveEntityNull && inProcessByUserEqEmptyString)
+        return Read.unsavedChangesByAnotherUser
+      if (isActiveEntity === true && hasDraftEntity === false) return Read.unchanged
+      if (isActiveEntity === false) return Read.ownDrafts
+      return Read.onlyActives
+    }
+
+    const read = determineRead()
     const result = await read(run, query)
     return result
   }
 
   if (req.event === 'draftEdit') req.event = 'EDIT'
-  if (req.event === 'draftPrepare' && draftParams.IsActiveEntity) req.reject({ code: 400, statusCode: 400 })
+  if (req.event === 'draftPrepare' && draftParams.IsActiveEntity)
+    cds.error({ status: 400, message: 'Action "draftPrepare" can only be called on the draft entity' })
+
+  // REVISIT: Can't use req.subject here:
+  // REVISIT: > Caching in req.subject will yield erroneous result
+  // REVISIT: > after replacing req.query by draft adapted query
+  let rootEntityName = (
+    query.SELECT?.from ||
+    query.INSERT?.into ||
+    query.UPSERT?.into ||
+    query.UPDATE?.entity ||
+    query.DELETE?.from
+  )?.ref?.[0]
+  if (typeof rootEntityName === 'object') rootEntityName = rootEntityName.id
+  const rootEntity = this.model.definitions[rootEntityName]
+
+  const isNewDraftViaActionEnabled = cds.env.fiori.draft_new_action ?? false
+  let newDraftAction = rootEntity['@Common.DraftRoot.NewAction']
+  if (typeof newDraftAction != 'string' || !newDraftAction.length) newDraftAction = false
+  else newDraftAction = newDraftAction.split('.').pop()
+  const shouldHandleNewDraftAction = isNewDraftViaActionEnabled && req.target === rootEntity
 
   // Create active instance of draft-enabled entity
-  // Careful: New OData adapter only sets `NEW` for drafts... how to distinguish programmatic modifications?
+  // REVISIT: New OData adapter only sets `NEW` for drafts... how to distinguish programmatic modifications?
   if (
-    (req.event === 'NEW' && req.data.IsActiveEntity === true) || // old OData adapter changes CREATE to NEW also for actives
+    (req.event === 'NEW' && shouldHandleNewDraftAction && req.data.IsActiveEntity !== false) ||
     (req.event === 'CREATE' && req.target.drafts && req.data?.IsActiveEntity !== false && !req.target.isDraft)
   ) {
-    if (req.protocol === 'odata' && !cds.env.fiori.bypass_draft && !req.target['@odata.draft.bypass'])
+    if (
+      !isNewDraftViaActionEnabled &&
+      req.protocol === 'odata' &&
+      !cds.env.fiori.bypass_draft &&
+      !req.target['@odata.draft.bypass']
+    ) {
       return reject_bypassed_draft(req)
-    const containsDraftRoot =
-      this.model.definitions[query.INSERT.into?.ref?.[0]?.id || query.INSERT.into?.ref?.[0] || query.INSERT.into][
-        '@Common.DraftRoot.ActivationAction'
-      ]
+    }
 
-    if (!containsDraftRoot) req.reject({ code: 403, statusCode: 403, message: 'DRAFT_MODIFICATION_ONLY_VIA_ROOT' })
+    const queryUsesContainment = !!rootEntity['@Common.DraftRoot.ActivationAction']
+    if (!queryUsesContainment) cds.error({ status: 403, message: 'DRAFT_MODIFICATION_ONLY_VIA_ROOT' })
 
-    const isDirectAccess = typeof req.query.INSERT.into === 'string' || req.query.INSERT.into.ref?.length === 1
+    const isDirectAccess = req.query.INSERT.into.ref?.length === 1
     const data = Array.isArray(req.data) ? [...req.data] : Object.assign({}, req.data) // IsActiveEntity is not enumerable
-    const draftsRootRef =
-      typeof query.INSERT.into === 'string'
-        ? [req.target.drafts.name]
-        : _redirectRefToDrafts([query.INSERT.into.ref[0]], this.model)
+    const draftsRootRef = _redirectRefToDrafts([query.INSERT.into.ref[0]], this.model)
 
-    let rootHasDraft
+    let draftRootEntityExists
 
-    // children: check root entity has no draft
-    if (!isDirectAccess) {
-      rootHasDraft = await SELECT.one([1]).from({ ref: draftsRootRef })
-    }
+    // Children: check root entity has no draft
+    if (!isDirectAccess) draftRootEntityExists = await SELECT.one([1]).from({ ref: draftsRootRef })
 
-    // direct access and req.data contains keys: check if root has no draft with that keys
+    // Direct access and req.data contains keys: check if root has no draft with that keys
     if (isDirectAccess && _entityKeys(query._target).every(k => k in data)) {
       const keyData = _entityKeys(query._target).reduce((res, k) => {
         res[k] = req.data[k]
         return res
       }, {})
-      rootHasDraft = await SELECT.one([1]).from({ ref: draftsRootRef }).where(keyData)
+      draftRootEntityExists = await SELECT.one([1]).from({ ref: draftsRootRef }).where(keyData)
     }
 
-    if (rootHasDraft) req.reject({ code: 409, statusCode: 409, message: 'DRAFT_ALREADY_EXISTS' })
+    if (draftRootEntityExists) cds.error({ status: 409, message: 'DRAFT_ALREADY_EXISTS' })
 
     const cqn = INSERT.into(query.INSERT.into).entries(data)
     await run(cqn, { event: 'CREATE' })
@@ -694,64 +758,57 @@ const handle = async function (req) {
     return result
   }
 
-  // It needs to be redirected to drafts
-  if (req.event === 'NEW' || req.event === 'CANCEL' || req.event === 'draftPrepare') {
-    if (!req.target.isDraft) req.target = req.target.drafts // COMPAT: also support these events for actives
+  // Prevent creating active entities via drafts
+  if (req.event === 'CREATE' && draftParams.IsActiveEntity === false && !req.target.isDraft) {
+    cds.error({ status: 403, message: 'ACTIVE_MODIFICATION_VIA_DRAFT' })
+  }
 
-    if (cds.model.definitions['DRAFT.DraftAdministrativeData'].elements.DraftMessages && query.DELETE) {
-      const prefixRef = query.DELETE.from.ref.map(dRef => {
-        const pRef = { id: dRef.id, where: [...dRef.where] }
-        pRef.where.push('and', 'IsActiveEntity', '=', false)
-        return pRef
-      })
-      const messageTargetPrefix = cds.odata.urlify(
-        { SELECT: { from: { ref: prefixRef } } },
-        { kind: 'odata-v4', model: req.context.tx.model }
-      ).path
-
-      const draftData = await SELECT.one
-        .from({ ref: _redirectRefToDrafts(query.DELETE.from.ref, this.model) }) // REVISIT: Avoid redundant redirect
-        .columns('DraftAdministrativeData_DraftUUID', {
-          ref: ['DraftAdministrativeData'],
-          expand: [{ ref: ['DraftMessages'] }]
-        })
+  // Handle 'newDraftAction' event if enabled
+  if (shouldHandleNewDraftAction && req.event === newDraftAction) {
+    if (!req.target.isDraft) req.target = req.target.drafts
 
-      const draftAdminDataUUID = draftData?.DraftAdministrativeData_DraftUUID
-      const persistedDraftMessages = draftData?.DraftAdministrativeData?.DraftMessages || []
+    // Rewrite 'newDraftAction' into regular 'NEW' event
+    query.SELECT.from.ref = _redirectRefToDrafts(query.SELECT.from.ref, this.model)
+    const createNewQuery = INSERT.into(query.SELECT.from).entries(req.data)
 
-      if (draftAdminDataUUID && persistedDraftMessages?.length) {
-        let nextDraftMessages = persistedDraftMessages.filter(msg => !msg.prefix.startsWith(messageTargetPrefix))
-        if (!req.target.actions?.draftActivate) nextDraftMessages = []
+    req.event = req._.event = 'NEW'
+    req.query = req._.query = createNewQuery
 
-        await UPDATE('DRAFT.DraftAdministrativeData')
-          .set({ DraftMessages: nextDraftMessages })
-          .where({ DraftUUID: draftAdminDataUUID })
-      }
-    }
+    const innerReq = _newReq(req, createNewQuery, draftParams, { event: 'NEW' })
+    const createNewResult = await protoHandle.call(this, innerReq)
 
-    if (query.INSERT) {
-      if (typeof query.INSERT.into === 'string') query.INSERT.into = req.target.name
-      else if (query.INSERT.into.ref) query.INSERT.into.ref = _redirectRefToDrafts(query.INSERT.into.ref, this.model)
-    } else if (query.DELETE) {
-      query.DELETE.from.ref = _redirectRefToDrafts(query.DELETE.from.ref, this.model)
-    } else if (query.SELECT) {
-      query.SELECT.from.ref = _redirectRefToDrafts(query.SELECT.from.ref, this.model)
-    }
+    req.data = createNewResult
+    req.res.status(201)
+
+    return _readAfterDraftAction.call(this, { req, payload: createNewResult, action: 'draftNew' })
+  }
+
+  // Handle draft-only events, that can only ever target entities in draft state
+  if (
+    (req.event === 'NEW' && (!shouldHandleNewDraftAction || req.data.IsActiveEntity === false)) ||
+    req.event === 'CANCEL' ||
+    req.event === 'draftPrepare'
+  ) {
+    if (!req.target.isDraft) req.target = req.target.drafts // COMPAT: also support these events for actives
+
+    if (query.INSERT) query.INSERT.into.ref = _redirectRefToDrafts(query.INSERT.into.ref, this.model)
+    else if (query.DELETE) query.DELETE.from.ref = _redirectRefToDrafts(query.DELETE.from.ref, this.model)
+    else if (query.SELECT) query.SELECT.from.ref = _redirectRefToDrafts(query.SELECT.from.ref, this.model)
 
     const _req = _newReq(req, query, draftParams, { event: req.event })
 
     // Do not allow to create active instances via drafts
     if (req.event === 'NEW' && draftParams.IsActiveEntity === false && !_req.target.isDraft) {
-      req.reject({ code: 403, statusCode: 403, message: 'ACTIVE_MODIFICATION_VIA_DRAFT' })
+      cds.error({ status: 403, message: 'ACTIVE_MODIFICATION_VIA_DRAFT' })
     }
 
-    const result = await h.call(this, _req)
+    const result = await protoHandle.call(this, _req)
 
     req.data = result //> make keys available via req.data (as with normal crud)
     return result
   }
 
-  // Delete active instance of draft-enabled entity
+  // Handle 'DELETE' event on entities in active state
   if (req.target.drafts && !req.target.isDraft && req.event === 'DELETE' && draftParams.IsActiveEntity !== false) {
     const draftsRef = _redirectRefToDrafts(query.DELETE.from.ref, this.model)
     const inProcessByUserCol = {
@@ -801,7 +858,7 @@ const handle = async function (req) {
           }
         }
         const keyVal = req.query.DELETE.from.ref[0].where?.[2]?.val
-        if (keyVal === undefined) req.reject(400, 'Deletion not supported')
+        if (keyVal === undefined) cds.error({ status: 400, message: 'Deletion not supported' })
         // We must select actives and check for corresponding drafts (drafts themselve don't necessarily form a hierarchy)
         const recursiveQ = SELECT.from(req.target).columns(key)
         recursiveQ.SELECT.recurse = {
@@ -821,26 +878,26 @@ const handle = async function (req) {
     for (const draft of drafts) {
       const inProcessByUser = draft?.DraftAdministrativeData?.InProcessByUser
       if (!cds.context.user._is_privileged && inProcessByUser && inProcessByUser !== cds.context.user.id)
-        req.reject({ code: 403, statusCode: 403, message: 'DRAFT_LOCKED_BY_ANOTHER_USER', args: [inProcessByUser] })
-      else req.reject({ code: 403, statusCode: 403, message: 'DRAFT_ACTIVE_DELETE_FORBIDDEN_DRAFT_EXISTS' })
+        cds.error({ status: 403, message: 'DRAFT_LOCKED_BY_ANOTHER_USER', args: [inProcessByUser] })
+      else cds.error({ status: 403, message: 'DRAFT_ACTIVE_DELETE_FORBIDDEN_DRAFT_EXISTS' })
     }
     await run(query)
     return req.data
   }
 
+  // Handle 'draftActivate' event
   if (req.event === 'draftActivate') {
     LOG.debug('activate draft')
 
     if (req.query.SELECT.from.ref.length > 1 || draftParams.IsActiveEntity === true) {
-      req.reject({
-        code: 400,
-        statusCode: 400,
+      cds.error({
+        status: 400,
         message: 'Action "draftActivate" can only be called on the root draft entity'
       })
     }
 
     if (req.target._etag && !req.headers['if-match'] && !req.headers['if-none-match']) {
-      req.reject({ code: 428, statusCode: 428 })
+      cds.error(428)
     }
 
     const columns = expandStarStar(req.target.drafts, true)
@@ -857,9 +914,7 @@ const handle = async function (req) {
           ref: ['DraftAdministrativeData'],
           expand: [
             { ref: ['InProcessByUser'] },
-            ...(cds.model.definitions['DRAFT.DraftAdministrativeData'].elements.DraftMessages
-              ? [{ ref: ['DraftMessages'] }]
-              : [])
+            ...(IS_PERSISTED_DRAFT_MESSAGES_ENABLED ? [{ ref: ['DraftMessages'] }] : [])
           ]
         }
       ])
@@ -872,12 +927,11 @@ const handle = async function (req) {
         : req.headers['if-none-match']
           ? 'if-none-match'
           : undefined
-      req.reject(_etagValidationType ? { code: 412, statusCode: 412 } : { code: 'DRAFT_NOT_EXISTING', statusCode: 404 })
+      cds.error(_etagValidationType ? { status: 412 } : { status: 404, message: 'DRAFT_NOT_EXISTING' })
     }
     if (!cds.context.user._is_privileged && res.DraftAdministrativeData?.InProcessByUser !== cds.context.user.id) {
-      req.reject({
-        code: 403,
-        statusCode: 403,
+      cds.error({
+        status: 403,
         message: 'DRAFT_LOCKED_BY_ANOTHER_USER',
         args: [res.DraftAdministrativeData?.InProcessByUser]
       })
@@ -910,33 +964,32 @@ const handle = async function (req) {
 
     const _req = _newReq(req, upsertQuery, draftParams, upsertOptions)
 
-    let result
-    try {
-      result = await h.call(this, _req)
-    } catch (error) {
-      if (cds.model.definitions['DRAFT.DraftAdministrativeData'].elements.DraftMessages && _req.errors)
-        _req.on('failed', async () => {
-          const nextDraftMessages = _compileUpdatedDraftMessages(
-            // REVISIT: e._message hack for draft validation messages
-            // Errors procesed during 'failed' will have undergone error._normalize at this point
-            // > We need to revert the code - message swap _normalize includes
-            // > This is required to ensure, no localized messages are persisted and redundant localization is avoided
-            _req.errors.map(e => ({ message: e._message ?? e.message, target: e.target, args: e.args, i18n: e.i18n })),
-            persistedDraftMessages,
-            {},
-            draftRef
-          )
-
-          await cds.tx(async () => {
-            await UPDATE('DRAFT.DraftAdministrativeData')
-              .set({ DraftMessages: nextDraftMessages })
-              .where({ DraftUUID: DraftAdministrativeData_DraftUUID })
-          })
+    if (IS_PERSISTED_DRAFT_MESSAGES_ENABLED) {
+      _req.on('failed', async error => {
+        const errors = []
+        if (_req.errors) {
+          // REVISIT: e._message hack for draft validation messages
+          // Errors procesed during 'failed' will have undergone error._normalize at this point
+          // > We need to revert the code - message swap _normalize includes
+          // > This is required to ensure, no localized messages are persisted and redundant localization is avoided
+          errors.push(..._req.errors.map(e => ({ ...e, message: e._message ?? e.message })))
+        } else {
+          // NOTE: this branch is for on-commit errors, which don't end up in req.errors
+          // IMPORTANT: copy error objects to avoid side effects on original error
+          if (error.code) errors.push({ ...error })
+          if (error.details) errors.push(...error.details.map(e => ({ ...e })))
+        }
+        const nextDraftMessages = compileUpdatedDraftMessages(errors, persistedDraftMessages, {}, draftRef)
+        await cds.tx(async () => {
+          await UPDATE('DRAFT.DraftAdministrativeData')
+            .set({ DraftMessages: nextDraftMessages })
+            .where({ DraftUUID: DraftAdministrativeData_DraftUUID })
         })
-
-      throw error
+      })
     }
 
+    const result = await protoHandle.call(this, _req)
+
     // REVISIT: Remove feature flag dependency
     if (cds.env.fiori.move_media_data_in_db) {
       // Move cds.LargeBinary data from draft to active
@@ -970,22 +1023,33 @@ const handle = async function (req) {
     return Object.assign(result, { IsActiveEntity: true })
   }
 
-  if (req.target.actions?.[req.event] && draftParams.IsActiveEntity === false) {
+  // Handle regular custom actions on entities in draft state
+  if (req.target.actions?.[req.event] && !(req.event in WELL_KNOWN_EVENTS) && draftParams.IsActiveEntity === false) {
     if (query.SELECT?.from?.ref) query.SELECT.from.ref = _redirectRefToDrafts(query.SELECT.from.ref, this.model)
+
+    // Check if the draft is locked by another user
     const rootQuery = query.clone()
     rootQuery.SELECT.columns = [{ ref: ['DraftAdministrativeData'], expand: [{ ref: ['InProcessByUser'] }] }]
     rootQuery.SELECT.one = true
     rootQuery.SELECT.from = { ref: [query.SELECT.from.ref[0]] }
     const root = await cds.run(rootQuery)
-    if (!root) req.reject({ code: 404, statusCode: 404 })
+
+    if (!root) cds.error(404)
     if (root.DraftAdministrativeData?.InProcessByUser !== cds.context.user.id) {
-      req.reject({ code: 403, statusCode: 403 })
+      cds.error({
+        status: 403,
+        message: 'DRAFT_LOCKED_BY_ANOTHER_USER',
+        args: [root.DraftAdministrativeData.InProcessByUser]
+      })
     }
+
     const _req = _newReq(req, query, draftParams, { event: req.event })
-    const result = await h.call(this, _req)
+    const result = await protoHandle.call(this, _req)
+
     return result
   }
 
+  // Handle 'UPDATE' events on entities in draft or active state
   if (req.event === 'PATCH' || (req.event === 'UPDATE' && req.target.drafts)) {
     // also delete `IsActiveEntity` for references
     const _rmIsActiveEntity = (data, target) => {
@@ -1004,27 +1068,26 @@ const handle = async function (req) {
     }
     _rmIsActiveEntity(req.data, req.target)
 
+    // REVISIT: This should allow `IsActiveEntity: false` to be passed in the body
+    // REVISIT: > Enabling this would re-establish symmetry with CREATE
     if (draftParams.IsActiveEntity === false) {
       LOG.debug('patch draft')
 
-      if (req.target?.name.endsWith('DraftAdministrativeData')) req.reject({ code: 405, statusCode: 405 })
+      if (req.target?.name.endsWith('DraftAdministrativeData')) cds.error(405)
 
       const draftsRef = _redirectRefToDrafts(query.UPDATE.entity.ref, this.model)
       const res = await SELECT.one.from({ ref: draftsRef }).columns('DraftAdministrativeData_DraftUUID', {
         ref: ['DraftAdministrativeData'],
         expand: [
           { ref: ['InProcessByUser'] },
-          ...(cds.model.definitions['DRAFT.DraftAdministrativeData'].elements.DraftMessages
-            ? [{ ref: ['DraftMessages'] }]
-            : [])
+          ...(IS_PERSISTED_DRAFT_MESSAGES_ENABLED ? [{ ref: ['DraftMessages'] }] : [])
         ]
       })
 
-      if (!res) req.reject({ code: 404, statusCode: 404 })
+      if (!res) cds.error(404)
       if (!cds.context.user._is_privileged && res.DraftAdministrativeData?.InProcessByUser !== cds.context.user.id) {
-        req.reject({
-          code: 403,
-          statusCode: 403,
+        cds.error({
+          status: 403,
           message: 'DRAFT_LOCKED_BY_ANOTHER_USER',
           args: [res.DraftAdministrativeData?.InProcessByUser]
         })
@@ -1032,7 +1095,7 @@ const handle = async function (req) {
 
       const innerQuery = UPDATE({ ref: draftsRef }).data(req.data)
       const innerReq = _newReq(req, innerQuery, draftParams, {})
-      await h.call(this, innerReq).catch(error => {
+      await protoHandle.call(this, innerReq).catch(error => {
         // > This prevents thrown req.errors from being added to 'sap-messages'
         // > Downgraded req.error will add to req.messages, regardless of whether the error is thrown
         // > Unless we prevent it here, the response will contain the error in both body and header
@@ -1047,16 +1110,13 @@ const handle = async function (req) {
         LastChangeDateTime: new Date()
       }
 
-      if (cds.model.definitions['DRAFT.DraftAdministrativeData'].elements.DraftMessages) {
-        nextDraftAdminData.DraftMessages = _compileUpdatedDraftMessages(
-          req.messages ?? [],
+      if (IS_PERSISTED_DRAFT_MESSAGES_ENABLED) {
+        nextDraftAdminData.DraftMessages = compileUpdatedDraftMessages(
+          req._validationErrors ?? [],
           res.DraftAdministrativeData?.DraftMessages ?? [],
           req.data ?? {},
           draftsRef
         )
-
-        // Prevent validation errors from being sent in 'sap-messages' header
-        req.messages = req._set('_messages', new Responses())
       }
 
       await UPDATE('DRAFT.DraftAdministrativeData')
@@ -1069,32 +1129,34 @@ const handle = async function (req) {
 
     LOG.debug('patch active')
 
-    if (req.protocol === 'odata' && !cds.env.fiori.bypass_draft && !req.target['@odata.draft.bypass'])
+    if (
+      !isNewDraftViaActionEnabled &&
+      req.protocol === 'odata' &&
+      !cds.env.fiori.bypass_draft &&
+      !req.target['@odata.draft.bypass']
+    )
       return reject_bypassed_draft(req)
 
     const entityRef = query.UPDATE.entity.ref
 
     if (!this.model.definitions[entityRef[0].id || entityRef[0]]['@Common.DraftRoot.ActivationAction']) {
-      req.reject({ code: 403, statusCode: 403, message: 'DRAFT_MODIFICATION_ONLY_VIA_ROOT' })
+      // REVISIT: Should this really use 403?
+      cds.error({ status: 403, message: 'DRAFT_MODIFICATION_ONLY_VIA_ROOT' })
     }
 
     const draftsRef = _redirectRefToDrafts(entityRef, this.model)
     const draftsQuery = SELECT.one([1]).from({ ref: [draftsRef[0]] })
     if (query.UPDATE.where) draftsQuery.where(query.UPDATE.where)
     const hasDraft = !!(await draftsQuery)
-    if (hasDraft) req.reject({ code: 409, statusCode: 409, message: 'DRAFT_ALREADY_EXISTS' })
+    if (hasDraft) cds.error({ status: 409, message: 'DRAFT_ALREADY_EXISTS' })
 
     await run(query)
     return req.data
   }
 
-  if (req.event === 'CREATE' && draftParams.IsActiveEntity === false && !req.target.isDraft) {
-    req.reject({ code: 403, statusCode: 403, message: 'ACTIVE_MODIFICATION_VIA_DRAFT' })
-  }
-
   req.query = query
 
-  return h.call(this, req)
+  return protoHandle.call(this, req)
 }
 
 // REVISIT: It's not optimal to first calculate the whole result array and only later
@@ -1176,7 +1238,7 @@ const Read = {
     // DraftAdministrativeData is only accessible via drafts
     if (_isCount(query)) return run(query)
     if (query._target.name.endsWith('.DraftAdministrativeData')) {
-      if (query.SELECT.from.ref?.length === 1) throw cds.error('INVALID_DRAFT_REQUEST', { statusCode: 400 }) // only via drafts
+      if (query.SELECT.from.ref?.length === 1) cds.error({ status: 400, message: 'INVALID_DRAFT_REQUEST' }) // only via drafts
       return run(query._drafts)
     }
     if (!query._target._isDraftEnabled) return run(query)
@@ -1220,7 +1282,7 @@ const Read = {
     LOG.debug('List Editing Status: Unchanged')
 
     const draftsQuery = query._drafts
-    if (!draftsQuery) throw cds.error('INVALID_DRAFT_REQUEST', { statusCode: 400 }) // only via drafts
+    if (!draftsQuery) cds.error({ status: 400, message: 'INVALID_DRAFT_REQUEST' }) // only via drafts
     draftsQuery.SELECT.count = undefined
     draftsQuery.SELECT.orderBy = undefined
     draftsQuery.SELECT.limit = null
@@ -1236,7 +1298,7 @@ const Read = {
   ownDrafts: async function (run, query) {
     LOG.debug('List Editing Status: Own Draft')
 
-    if (!query._drafts) throw cds.error('INVALID_DRAFT_REQUEST', { statusCode: 400 }) // only via drafts
+    if (!query._drafts) cds.error({ status: 400, message: 'INVALID_DRAFT_REQUEST' }) // only via drafts
 
     // read active from draft
     if (!query._drafts._target?.name.endsWith('.drafts')) {
@@ -1259,13 +1321,16 @@ const Read = {
       selectedColumnNames.includes('*') ||
       Object.keys(query._drafts._target.keys).every(k => selectedColumnNames.includes(k))
 
-    if (cds.model.definitions['DRAFT.DraftAdministrativeData'].elements.DraftMessages && isAllKeysSelected) {
+    let txModel
+    if (IS_PERSISTED_DRAFT_MESSAGES_ENABLED && isAllKeysSelected) {
       // Replace selection of 'DraftMessages' with the proper path expression
 
       query._drafts.SELECT.columns = [
         ...(query._drafts.SELECT.columns ?? ['*']).filter(c => c.ref?.[0] !== 'DraftMessages'),
         { ref: ['DraftAdministrativeData', 'DraftMessages'], as: 'DraftMessages' }
       ]
+
+      txModel = cds.context.tx.model
     }
 
     const draftsQuery = query._drafts.where(
@@ -1281,31 +1346,65 @@ const Read = {
       })
       _fillIsActiveEntity(row, false, query._drafts._target)
 
-      if (cds.model.definitions['DRAFT.DraftAdministrativeData'].elements.DraftMessages && row.DraftMessages?.length) {
-        // Reduce persisted draft messages to the set of those that are part of the queried entities tree
-
-        const simplePath = query._drafts.SELECT.from.ref
-          .map(refElement => {
-            refElement = (refElement.id ?? refElement).split('.')
-            if (refElement.length === 1) return refElement[0]
-            if (refElement[refElement.length - 1] === 'drafts') return refElement[refElement.length - 2]
-            return refElement[refElement.length - 1]
-          })
-          .join('/')
-
-        row.DraftMessages = row.DraftMessages.reduce((acc, msg) => {
-          const messageSimplePath = msg.prefix.replaceAll(/\([^(]*\)/g, '')
-          if (!messageSimplePath.startsWith(simplePath)) return acc
+      if (IS_PERSISTED_DRAFT_MESSAGES_ENABLED && row.DraftMessages?.length) {
+        // Based on the query for own drafts, compile the ref of a query matching
+        // the format produced by cds.odata.parse to compare against message prefixes
+
+        const queryRootEntity = txModel.definitions[draftsQuery.SELECT.from.ref[0].id || draftsQuery.SELECT.from.ref[0]]
+        const queryPrefixRef = _extractPrefixRef(draftsQuery.SELECT.from.ref, queryRootEntity)
+
+        if (queryPrefixRef.length > 1) {
+          let targetRef = queryPrefixRef[queryPrefixRef.length - 1]
+          if (typeof targetRef === 'string') {
+            // Construct key from model info and result data
+
+            queryPrefixRef[queryPrefixRef.length - 1] = targetRef = { id: targetRef, where: [] }
+
+            // This repliactes the strucutally equivalent logic from _compileUpdatedDraftMessages
+            // > This is necessary to enable filtering for messages realted to a newly created entity
+            // > Since readAfterRide will put key info into a filter rather than into the path
+            for (const k in draftsQuery._target.actives.keys) {
+              const key = draftsQuery._target.actives.keys[k]
+              let v = row[key.name]
+              if (v === undefined)
+                if (key.name === 'IsActiveEntity') v = false
+                else continue
+              if (v instanceof Buffer) v = v.toString('base64') //> convert binary keys to base64
+              if (targetRef.where.length > 0) targetRef.where.push('and')
+              targetRef.where.push({ ref: [key.name] }, '=', { val: v })
+            }
+          }
+        }
+
+        // Reduce persisted draft messages to the set of those that are relevant for this result row:
+        // Specification: https://sapui5.hana.ondemand.com/#/topic/fbe1cb5613cf4a40a841750bf813238e:~:text=Lifecycle%20Management%20for%20State%20Messages,-The%20lifecycle%20management
+        const filteredDraftMessages = row.DraftMessages.reduce((acc, msg) => {
+          const msgPrefixRef = cds.odata.parse(msg.prefix).SELECT.from.ref
+          if (queryPrefixRef.length > msgPrefixRef.length) return acc
+
+          // TODO: This seems excessive ... how to compare more efficiently?
+          const queryPrefixUrl = cds.odata.urlify(
+            { SELECT: { from: { ref: queryPrefixRef } } },
+            { kind: 'odata-v4', model: txModel }
+          ).path
+          const msgPrefixUrl = cds.odata.urlify(
+            { SELECT: { from: { ref: msgPrefixRef } } },
+            { kind: 'odata-v4', model: txModel }
+          ).path
+
+          if (!msgPrefixUrl.startsWith(queryPrefixUrl)) return acc
+
           msg.target = `/${msg.prefix}/${msg.target}`
           if (msg.additionalTargets?.length)
             msg.additionalTargets = msg.additionalTargets.map(additionalTarget => `/${msg.prefix}/${additionalTarget}`)
+
           delete msg.prefix
-          delete msg.simplePathElements
+
           acc.push(msg)
           return acc
         }, [])
 
-        row.DraftMessages = getLocalizedMessages(row.DraftMessages, cds.context.http.req)
+        row.DraftMessages = getLocalizedMessages(filteredDraftMessages, cds.context.http.req)
       }
     })
 
@@ -1480,7 +1579,7 @@ const Read = {
 
   activesFromDrafts: async function (run, query, { isLocked = true }) {
     const draftsQuery = query._drafts
-    if (!draftsQuery) throw cds.error('INVALID_DRAFT_REQUEST', { statusCode: 400 }) // only via drafts
+    if (!draftsQuery) cds.error({ status: 400, message: 'INVALID_DRAFT_REQUEST' }) // only via drafts
 
     const additionalCols = draftsQuery.SELECT.columns
       ? draftsQuery.SELECT.columns.filter(
@@ -1908,6 +2007,8 @@ function expandStarStar(target, draftActivate, recursion = new Map()) {
 }
 
 async function beforeNew(req) {
+  if (!req.target.isDraft) return
+
   function _cleanseData(data, target) {
     if (!data) return
     delete data.IsActiveEntity
@@ -1924,28 +2025,32 @@ async function beforeNew(req) {
 
     return data
   }
+
   _cleanseData(req.data, req.target)
 }
 beforeNew._initial = true
 
-async function onNew(req) {
+async function onNew(req, next) {
+  if (!req.target.isDraft) return next?.()
+
   LOG.debug('new draft')
 
   if (req.target.actives['@Capabilities.InsertRestrictions.Insertable'] === false || req.target.actives['@readonly'])
-    req.reject({ code: 405, statusCode: 405 })
+    cds.error(405)
 
-  req.query ??= INSERT.into(req.subject).entries(req.data || {}) //> support simple srv.send('NEW',entity,...)
-  const isDirectAccess = typeof req.query.INSERT.into === 'string' || req.query.INSERT.into.ref?.length === 1
+  //> support simple srv.send('NEW',entity,...)
+  req.query ??= INSERT.into(req.subject).entries(req.data || {})
 
   // Only allowed for pseudo draft roots (entities with this action)
+  const isDirectAccess = req.query.INSERT.into.ref?.length === 1
   if (isDirectAccess && !req.target.actives['@Common.DraftRoot.ActivationAction'])
-    req.reject({ code: 403, statusCode: 403, message: 'DRAFT_MODIFICATION_ONLY_VIA_ROOT' })
+    cds.error({ status: 403, message: 'DRAFT_MODIFICATION_ONLY_VIA_ROOT' })
 
   _cleanUpOldDrafts(this, req.tenant)
 
   let DraftUUID
   let DraftMessages = []
-  let newDraftMessages = req.messages ?? req._messages ?? []
+  let nextDraftMessages = []
   if (isDirectAccess) DraftUUID = cds.utils.uuid()
   else {
     const rootData = await SELECT.one(req.query.INSERT.into.ref[0].id)
@@ -1955,19 +2060,16 @@ async function onNew(req) {
           ref: ['DraftAdministrativeData'],
           expand: [
             { ref: ['InProcessByUser'] },
-            ...(cds.model.definitions['DRAFT.DraftAdministrativeData'].elements.DraftMessages
-              ? [{ ref: ['DraftMessages'] }]
-              : [])
+            ...(IS_PERSISTED_DRAFT_MESSAGES_ENABLED ? [{ ref: ['DraftMessages'] }] : [])
           ]
         }
       ])
       .where(req.query.INSERT.into.ref[0].where)
 
-    if (!rootData) req.reject({ code: 404, statusCode: 404 })
+    if (!rootData) cds.error(404)
     if (!cds.context.user._is_privileged && rootData.DraftAdministrativeData?.InProcessByUser !== req.user.id)
-      req.reject({
-        code: 403,
-        statusCode: 403,
+      cds.error({
+        status: 403,
         message: 'DRAFT_LOCKED_BY_ANOTHER_USER',
         args: [rootData.DraftAdministrativeData.InProcessByUser]
       })
@@ -1976,33 +2078,16 @@ async function onNew(req) {
     DraftMessages = rootData.DraftAdministrativeData?.DraftMessages || []
   }
 
-  const _setDraftColumns = (obj, target) => {
-    const newObj = Object.assign({}, obj, { DraftAdministrativeData_DraftUUID: DraftUUID, HasActiveEntity: false })
-    if (!target) return newObj
-
-    // Also support deep insertions
-    for (const key in newObj) {
-      if (!target.elements[key]?.isComposition) continue
-      // do array trick
-      if (Array.isArray(newObj[key]))
-        newObj[key] = newObj[key].map(v => _setDraftColumns(v, target.elements[key]._target))
-      else if (typeof newObj[key] === 'object') {
-        newObj[key] = _setDraftColumns(newObj[key], target.elements[key]._target)
-      }
-    }
-
-    return newObj
-  }
-
   const timestamp = cds.context.timestamp.toISOString() // REVISIT: toISOString should be done on db layer
-  const draftData = _setDraftColumns(req.query.INSERT.entries[0], req.target)
+  const draftData = _createNewDraftData(req.query.INSERT.entries[0], req.target, DraftUUID)
   const draftCQN = INSERT.into(req.subject).entries(draftData)
 
-  await this.run(draftCQN)
+  const insertReq = _newReq(req, draftCQN, req.query[$draftParams], {})
+  await this.dispatch(insertReq)
 
-  if (cds.model.definitions['DRAFT.DraftAdministrativeData'].elements.DraftMessages) {
-    newDraftMessages = _compileUpdatedDraftMessages(
-      newDraftMessages,
+  if (IS_PERSISTED_DRAFT_MESSAGES_ENABLED) {
+    nextDraftMessages = compileUpdatedDraftMessages(
+      req._validationErrors ?? [],
       DraftMessages,
       draftData,
       req.query.INSERT.into.ref
@@ -2019,18 +2104,14 @@ async function onNew(req) {
         DraftIsCreatedByMe: true, // Dummy values
         DraftIsProcessedByMe: true, // Dummy values
         InProcessByUser: req.user.id,
-        ...(cds.model.definitions['DRAFT.DraftAdministrativeData'].elements.DraftMessages
-          ? { DraftMessages: newDraftMessages }
-          : {})
+        ...(IS_PERSISTED_DRAFT_MESSAGES_ENABLED ? { DraftMessages: nextDraftMessages } : {})
       })
     : UPDATE('DRAFT.DraftAdministrativeData')
         .data({
           InProcessByUser: req.user.id,
           LastChangedByUser: req.user.id,
           LastChangeDateTime: timestamp,
-          ...(cds.model.definitions['DRAFT.DraftAdministrativeData'].elements.DraftMessages
-            ? { DraftMessages: newDraftMessages }
-            : {})
+          ...(IS_PERSISTED_DRAFT_MESSAGES_ENABLED ? { DraftMessages: nextDraftMessages } : {})
         })
         .where({ DraftUUID })
 
@@ -2041,17 +2122,18 @@ async function onNew(req) {
   return { ...draftData, IsActiveEntity: false }
 }
 
-async function onEdit(req) {
+async function onEdit(req, next) {
+  if (req.target.isDraft) return next?.()
+
   LOG.debug('edit active')
 
   req.query ??= SELECT.from(req.target, req.data).where({ IsActiveEntity: true }) //> support simple srv.send('EDIT',entity,...)
 
   // REVISIT: can draftParams in the edit case ever be undefined or other than IsActiveEntity=true ?
   const draftParams = req.query[$draftParams] || { IsActiveEntity: true }
-  if (req.query.SELECT.from.ref.length > 1 || draftParams.IsActiveEntity !== true) {
-    req.reject({
-      code: 400,
-      statusCode: 400,
+  if (req.query.SELECT.from.ref.length > 1 || draftParams.IsActiveEntity === false) {
+    cds.error({
+      status: 400,
       message: 'Action "draftEdit" can only be called on the root active entity'
     })
   }
@@ -2061,11 +2143,9 @@ async function onEdit(req) {
     req.target['@insertonly'] ||
     req.target['@readonly']
   ) {
-    req.reject({ code: 405, statusCode: 405 })
+    cds.error({ status: 405 })
   }
 
-  if (draftParams.IsActiveEntity !== true) req.reject({ code: 400, statusCode: 400 })
-
   _cleanUpOldDrafts(this, req.tenant)
 
   const DraftUUID = cds.utils.uuid()
@@ -2143,8 +2223,7 @@ async function onEdit(req) {
     } catch (error) {
       LOG._debug && LOG.debug('Failed to acquire database lock:', error)
       const draft = await existingDraft
-      if (draft) req.reject({ code: 409, statusCode: 409, message: 'DRAFT_ALREADY_EXISTS' })
-      req.reject({ code: 409, statusCode: 409, message: 'ENTITY_LOCKED' })
+      cds.error({ status: 409, message: draft ? 'DRAFT_ALREADY_EXISTS' : 'ENTITY_LOCKED' })
     }
 
     const cqns = [
@@ -2175,13 +2254,13 @@ async function onEdit(req) {
     ])
   }
 
-  if (!res) req.reject({ code: 404, statusCode: 404 })
+  if (!res) cds.error(404)
 
   const preserveChanges = req.data?.PreserveChanges
   const inProcessByUser = draft?.DraftAdministrativeData?.InProcessByUser
 
   if (draft) {
-    if (inProcessByUser || preserveChanges) req.reject({ code: 409, statusCode: 409, message: 'DRAFT_ALREADY_EXISTS' })
+    if (inProcessByUser || preserveChanges) cds.error({ status: 409, message: 'DRAFT_ALREADY_EXISTS' })
     const keys = {}
     for (const key in req.target.drafts.keys) keys[key] = res[key]
     await _promiseAll([
@@ -2231,58 +2310,101 @@ async function onEdit(req) {
   }
 }
 
-async function onCancel(req) {
+async function onCancel(req, next) {
+  if (!req.target.isDraft) return next?.()
   LOG.debug('delete draft')
 
   req.query ??= DELETE(req.target, req.data) //> support simple srv.send('CANCEL',entity,...)
-  const draftParams = req.query[$draftParams] || { IsActiveEntity: false } // REVISIT: can draftParams in the cancel case ever be undefined or other than IsActiveEntity=false ?
+  const draftParams = req.query[$draftParams] || { IsActiveEntity: false }
 
-  const draftQuery = SELECT.one
-    .from({ ref: req.query.DELETE.from.ref })
-    .columns([
-      'DraftAdministrativeData_DraftUUID',
-      { ref: ['DraftAdministrativeData'], expand: [_inProcessByUserXpr(_lock.shiftedNow)] }
-    ])
+  const expandedDraftAdminElements = [_inProcessByUserXpr(_lock.shiftedNow)]
+  if (IS_PERSISTED_DRAFT_MESSAGES_ENABLED) expandedDraftAdminElements.push({ ref: ['DraftMessages'] })
+
+  const draftQuery = SELECT.one.from({ ref: req.query.DELETE.from.ref }).columns([
+    'DraftAdministrativeData_DraftUUID',
+    {
+      ref: ['DraftAdministrativeData'],
+      expand: expandedDraftAdminElements
+    }
+  ])
   if (req._etagValidationClause && draftParams.IsActiveEntity === false) draftQuery.where(req._etagValidationClause)
-  // do not add InProcessByUser restriction
+
   const draft = await draftQuery
-  if (!draft) req.reject(req._etagValidationType ? 412 : 404)
-  if (draft) {
-    const processByUser = draft.DraftAdministrativeData?.InProcessByUser
-    if (!cds.context.user._is_privileged && processByUser && processByUser !== cds.context.user.id)
-      req.reject({ code: 403, statusCode: 403, message: 'DRAFT_LOCKED_BY_ANOTHER_USER', args: [processByUser] })
-  }
 
-  const draftDeleteQuery = DELETE.from({ ref: req.query.DELETE.from.ref }) // REVISIT: Isn't that == req.query ?
+  if (!draft) cds.error({ status: req._etagValidationType ? 412 : 404 })
+
+  const processByUser = draft.DraftAdministrativeData?.InProcessByUser
+  if (!cds.context.user._is_privileged && processByUser && processByUser !== cds.context.user.id)
+    cds.error({ status: 403, message: 'DRAFT_LOCKED_BY_ANOTHER_USER', args: [processByUser] })
+
+  const deleteQuery = DELETE.from({ ref: req.query.DELETE.from.ref })
+  const deleteReq = _newReq(req, deleteQuery, draftParams, {})
+  const queries = [this.dispatch(deleteReq)]
+
+  if (req.target['@Common.DraftRoot.ActivationAction']) {
+    // The root entity is being deleted and draft admin data can be deleted
 
-  const queries = !draft ? [] : [this.run(draftDeleteQuery, req.data)]
-  if (draft && req.target['@Common.DraftRoot.ActivationAction'])
-    // only for draft root
-    queries.push(
-      DELETE.from('DRAFT.DraftAdministrativeData').where({ DraftUUID: draft.DraftAdministrativeData_DraftUUID })
-    )
-  else
     queries.push(
-      UPDATE('DRAFT.DraftAdministrativeData')
-        .data({
-          InProcessByUser: cds.context.user.id,
-          LastChangedByUser: cds.context.user.id,
-          LastChangeDateTime: cds.context.timestamp.toISOString()
-        })
-        .where({ DraftUUID: draft.DraftAdministrativeData_DraftUUID })
+      DELETE.from('DRAFT.DraftAdministrativeData').where({
+        DraftUUID: draft.DraftAdministrativeData_DraftUUID
+      })
     )
+  } else {
+    // A child entity is being deleted and draft admin data must be updated
+
+    const nextDraftAdminData = {
+      InProcessByUser: cds.context.user.id,
+      LastChangedByUser: cds.context.user.id,
+      LastChangeDateTime: cds.context.timestamp.toISOString()
+    }
+
+    if (IS_PERSISTED_DRAFT_MESSAGES_ENABLED) {
+      // Determine persisted draft messages that relate to the deleted child entity
+
+      const queryRootEntity = this.model.definitions[req.query.DELETE.from.ref[0].id || req.query.DELETE.from.ref[0]]
+
+      if (queryRootEntity['@Common.DraftRoot.ActivationAction']) {
+        // The DELETE query uses containment & we can compile a target prefix
+        // > This allows us to only remove those messages that target the delted child
+
+        const prefixRef = _extractPrefixRef(req.query.DELETE.from.ref, queryRootEntity)
+        const messageTargetPrefix = cds.odata.urlify(
+          { SELECT: { from: { ref: prefixRef } } },
+          { kind: 'odata-v4', model: req.context.tx.model }
+        ).path
+
+        // Remove those draft messages whose prefix matches the deleted child entity
+        nextDraftAdminData.DraftMessages = (draft?.DraftAdministrativeData?.DraftMessages || []).filter(
+          msg => !msg.prefix.startsWith(messageTargetPrefix)
+        )
+      } else {
+        // The query does not use containment & we can not compile a target prefix
+        // > Best ew can do is to clear all persisted messages
+
+        nextDraftAdminData.DraftMessages = []
+      }
+    }
+
+    const updateDraftAdminDataQuery = UPDATE('DRAFT.DraftAdministrativeData')
+      .data(nextDraftAdminData)
+      .where({ DraftUUID: draft.DraftAdministrativeData_DraftUUID })
+
+    queries.push(updateDraftAdminDataQuery)
+  }
+
   await _promiseAll(queries)
+
   return req.data
 }
 
-async function onPrepare(req) {
+async function onPrepare(req, next) {
+  if (!req.target.isDraft) return next?.()
   LOG.debug('prepare draft')
 
   const draftParams = req.query[$draftParams]
   if (req.query.SELECT.from.ref.length > 1 || draftParams.IsActiveEntity !== false) {
-    req.reject({
-      code: 400,
-      statusCode: 400,
+    cds.error({
+      status: 400,
       message: 'Action "draftPrepare" can only be called on the root draft entity'
     })
   }
@@ -2295,11 +2417,10 @@ async function onPrepare(req) {
     .where(where)
   draftQuery[$draftParams] = draftParams
   const data = await draftQuery
-  if (!data) req.reject({ code: 404, statusCode: 404 })
+  if (!data) cds.error(404)
   if (!cds.context.user._is_privileged && data.DraftAdministrativeData?.InProcessByUser !== req.user.id)
-    req.reject({
-      code: 403,
-      statusCode: 403,
+    cds.error({
+      status: 403,
       message: 'DRAFT_LOCKED_BY_ANOTHER_USER',
       args: [data.DraftAdministrativeData?.InProcessByUser]
     })
@@ -2355,6 +2476,7 @@ module.exports = cds.service.impl(function () {
   // REVISIT: don't pollute services... -> do we really need this?
   Object.defineProperty(this, '_datasource', { value: cds.db })
 
+  // Extend the AppService's API by draft specific functions
   this.new = function (draft, key) {
     return {
       then: (r, e) => this.send('NEW', draft, key).then(r, e),
@@ -2374,22 +2496,32 @@ module.exports = cds.service.impl(function () {
     return this.send('DISCARD', draft, key)
   }
 
-  this.handle = handle
-
-  function _wrapped(handler, isActiveEntity) {
-    const fn = function handle_draft_requests(req, next) {
-      if (!req.target?.drafts || (isActiveEntity && req.target.isDraft) || (!isActiveEntity && !req.target.isDraft))
-        return next?.()
-      return handler.call(this, req, next)
-    }
-    if (handler._initial) fn._initial = true
-    return fn
-  }
-
-  // Also runs those handlers if they're annotated with @odata.draft.enabled through extensibility
-  this.prepend(s => s.before('NEW', '*', _wrapped(beforeNew, false)))
-  this.on('NEW', '*', _wrapped(onNew, false))
-  this.on('EDIT', '*', _wrapped(onEdit, true))
-  this.on('CANCEL', '*', _wrapped(onCancel, false))
-  this.on('draftPrepare', '*', _wrapped(onPrepare, false))
+  // Override the AppService's handle function
+  this.handle = draftHandle
+
+  this.prepend(s =>
+    s.before(
+      'NEW',
+      '*',
+      Object.assign(
+        function (req) {
+          return beforeNew.call(this, req)
+        },
+        { _initial: true }
+      )
+    )
+  )
+  this.on('NEW', '*', function (req, next) {
+    return onNew.call(this, req, next)
+  })
+  this.on('EDIT', '*', function (req, next) {
+    return onEdit.call(this, req, next)
+  })
+  this.on('CANCEL', '*', function (req, next) {
+    return onCancel.call(this, req, next)
+  })
+  this.on('draftPrepare', '*', function (req, next) {
+    return onPrepare.call(this, req, next)
+  })
 })
+module.exports.compileUpdatedDraftMessages = compileUpdatedDraftMessages