diff --git a/hana/lib/HANAService.js b/hana/lib/HANAService.js index 63001a6a8..e28aff781 100644 --- a/hana/lib/HANAService.js +++ b/hana/lib/HANAService.js @@ -15,6 +15,7 @@ const hanaKeywords = keywords.reduce((prev, curr) => { const DEBUG = cds.debug('sql|db') let HANAVERSION = 0 +const SANITIZE_VALUES = process.env.NODE_ENV === 'production' && cds.env.log.sanitize_values !== false /** * @implements SQLService @@ -180,7 +181,7 @@ class HANAService extends SQLService { : this.ensureDBC() && ps.run()) return new this.class.InsertResults(cqn, results) } catch (err) { - throw _not_unique(err, 'ENTITY_ALREADY_EXISTS') + throw _not_unique(err, 'ENTITY_ALREADY_EXISTS', data) } } @@ -1411,13 +1412,14 @@ SELECT ${mixing} FROM JSON_TABLE(SRC.JSON, '$' COLUMNS(${extraction})) AS NEW LE const createContainerDatabase = fs.readFileSync(path.resolve(__dirname, 'scripts/container-database.sql'), 'utf-8') const createContainerTenant = fs.readFileSync(path.resolve(__dirname, 'scripts/container-tenant.sql'), 'utf-8') -function _not_unique(err, code) { +function _not_unique(err, code, data) { if (err.code === 301) return Object.assign(err, { originalMessage: err.message, // FIXME: required because of next line message: code, // FIXME: misusing message as code code: 400, // FIXME: misusing code as (http) status }) + if (data) err.values = SANITIZE_VALUES ? ['***'] : data return err } diff --git a/postgres/lib/PostgresService.js b/postgres/lib/PostgresService.js index e5ba727ba..681ca9646 100644 --- a/postgres/lib/PostgresService.js +++ b/postgres/lib/PostgresService.js @@ -4,6 +4,7 @@ const cds = require('@sap/cds') const crypto = require('crypto') const { Writable, Readable } = require('stream') const sessionVariableMap = require('./session.json') +const SANITIZE_VALUES = process.env.NODE_ENV === 'production' && cds.env.log.sanitize_values !== false class PostgresService extends SQLService { init() { @@ -329,7 +330,7 @@ GROUP BY k try { return await super.onINSERT(req) } catch (err) { - throw _not_unique(err, 'ENTITY_ALREADY_EXISTS') + throw _not_unique(err, 'ENTITY_ALREADY_EXISTS', req.data) } } @@ -337,7 +338,7 @@ GROUP BY k try { return await super.onUPDATE(req) } catch (err) { - throw _not_unique(err, 'UNIQUE_CONSTRAINT_VIOLATION') + throw _not_unique(err, 'UNIQUE_CONSTRAINT_VIOLATION', req.data) } } @@ -869,13 +870,14 @@ class ParameterStream extends Writable { } } -function _not_unique(err, code) { +function _not_unique(err, code, data) { if (err.code === '23505') return Object.assign(err, { originalMessage: err.message, // FIXME: required because of next line message: code, // FIXME: misusing message as code code: 400, // FIXME: misusing code as (http) status }) + if (data) err.values = SANITIZE_VALUES ? ['***'] : data return err } diff --git a/sqlite/lib/SQLiteService.js b/sqlite/lib/SQLiteService.js index 71fd606d5..fdfe46e65 100644 --- a/sqlite/lib/SQLiteService.js +++ b/sqlite/lib/SQLiteService.js @@ -5,6 +5,7 @@ const $session = Symbol('dbc.session') const convStrm = require('stream/consumers') const { Readable } = require('stream') +const SANITIZE_VALUES = process.env.NODE_ENV === 'production' && cds.env.log.sanitize_values !== false const keywords = cds.compiler.to.sql.sqlite.keywords // keywords come as array const sqliteKeywords = keywords.reduce((prev, curr) => { @@ -268,7 +269,7 @@ class SQLiteService extends SQLService { try { return await super.onINSERT(req) } catch (err) { - throw _not_unique(err, 'ENTITY_ALREADY_EXISTS') + throw _not_unique(err, 'ENTITY_ALREADY_EXISTS', req.data) } } @@ -276,7 +277,7 @@ class SQLiteService extends SQLService { try { return await super.onUPDATE(req) } catch (err) { - throw _not_unique(err, 'UNIQUE_CONSTRAINT_VIOLATION') + throw _not_unique(err, 'UNIQUE_CONSTRAINT_VIOLATION', req.data) } } } @@ -289,13 +290,14 @@ class SQLiteService extends SQLService { // }) // } -function _not_unique(err, code) { +function _not_unique(err, code, data) { if (err.message.match(/unique constraint/i)) return Object.assign(err, { originalMessage: err.message, // FIXME: required because of next line message: code, // FIXME: misusing message as code code: 400, // FIXME: misusing code as (http) status }) + if (data) err.values = SANITIZE_VALUES ? ['***'] : data return err }