diff --git a/src/datasources/db/cargobikeAPI.ts b/src/datasources/db/cargobikeAPI.ts
index 5af5f4b..54c3fd0 100644
--- a/src/datasources/db/cargobikeAPI.ts
+++ b/src/datasources/db/cargobikeAPI.ts
@@ -1,5 +1,5 @@
 import { DataSource } from 'apollo-datasource';
-import { getConnection, Connection } from 'typeorm';
+import { getConnection, Connection, ObjectType } from 'typeorm';
 import { CargoBike } from '../../model/CargoBike';
 import { GraphQLError } from 'graphql';
 import { BikeEvent } from '../../model/BikeEvent';
@@ -31,12 +31,11 @@ export class CargoBikeAPI extends DataSource {
      * @param param0 id of bike
      */
     async findCargoBikeById (id: number) {
-        return (await this.connection.manager.getRepository(CargoBike).findByIds([id], { relations: ['lendingStation'] }))[0];
-        /* .createQueryBuilder()
-            .select('cargoBike')
-            .from(CargoBike, 'cargoBike')
-            .where('cargoBike.id = :id', { id })
-            .getOne() || new GraphQLError('ID not found'); */
+        return await this.connection.getRepository(CargoBike)
+            .createQueryBuilder('cargobike')
+            .select()
+            .where('cargobike.id = :id', { id })
+            .getOne();
     }
 
     async findCargoBikeByEngagementId (id: number) {
@@ -50,8 +49,6 @@ export class CargoBikeAPI extends DataSource {
 
     async lockCargoBike (id: number, req: any, dataSources: any) {
         const token = req.headers.authorization?.replace('Bearer ', '');
-        console.log(token);
-        console.log(Date.now().toString());
         const userId = await dataSources.userAPI.getUserId(token);
         const lock = await this.connection.getRepository(CargoBike)
             .createQueryBuilder('cargobike')
@@ -67,7 +64,39 @@ export class CargoBikeAPI extends DataSource {
         // eslint-disable-next-line eqeqeq
         if (!lock?.lockedUntil || lock?.lockedBy == userId) {
             // no lock -> set lock
-            console.log("no lock")
+            await this.connection.getRepository(CargoBike)
+                .createQueryBuilder('cargoBike')
+                .update()
+                .set({
+                    lockedUntil: () => 'CURRENT_TIMESTAMP + INTERVAL \'10 MINUTE\'',
+                    lockedBy: userId
+                })
+                .where('id = :id', { id: id })
+                .execute();
+            return true;
+        } else {
+            // lock was set
+            return false;
+        }
+    }
+
+    async lockEntity<MyEntity> (target: ObjectType<MyEntity>, alias: string, id: number, req: any, dataSources: any) {
+        const token = req.headers.authorization?.replace('Bearer ', '');
+        const userId = await dataSources.userAPI.getUserId(token);
+        const lock = await this.connection.getRepository(target)
+            .createQueryBuilder(alias)
+            .select([
+                alias + '.lockedUntil',
+                alias + '.lockedBy'
+            ])
+            .where('id = :id', {
+                id: id
+            })
+            .andWhere(alias + '.lockedUntil > CURRENT_TIMESTAMP')
+            .getOne();
+        // eslint-disable-next-line eqeqeq
+        if (!lock?.lockedUntil || lock?.lockedBy == userId) {
+            // no lock -> set lock
             await this.connection.getRepository(CargoBike)
                 .createQueryBuilder('cargoBike')
                 .update()
@@ -211,6 +240,10 @@ export class CargoBikeAPI extends DataSource {
             .getOne())?.cargoBike;
     }
 
+    async lockEquipment (id: number, req: any, dataSources: any) {
+
+    }
+
     /**
      * Will update Equipment, crashes when id not in db or cargoBikeId not db.
      * Will return updated Equipment joined with CargoBike only if cargoBike is was set in param0
diff --git a/src/model/CargoBike.ts b/src/model/CargoBike.ts
index 99fb15f..1dca1bd 100644
--- a/src/model/CargoBike.ts
+++ b/src/model/CargoBike.ts
@@ -38,12 +38,12 @@ export class Security {
     @Column({
         nullable: true
     })
-    keyNoFrameLock: string;
+    keyNumberFrameLock: string;
 
     @Column({
         nullable: true
     })
-    keyNoAXAChain: string;
+    keyNumberAXAChain: string;
 
     @Column({
         nullable: true
diff --git a/src/resolvers/cargobikeResolver.ts b/src/resolvers/cargobikeResolver.ts
index 6fb6080..3f090d0 100644
--- a/src/resolvers/cargobikeResolver.ts
+++ b/src/resolvers/cargobikeResolver.ts
@@ -94,6 +94,13 @@ export default {
                 return new GraphQLError('Insufficient Permissions');
             }
         },
+        lockEquipmentById: (_: any, { equipment }: { equipment: any }, { dataSources, req }: { dataSources: any, req: any }) => {
+            if (req.permissions.includes(Permission.WriteBike)) {
+                return dataSources.cargoBikeAPI.lockEquipment(equipment.id, req, dataSources);
+            } else {
+                return new GraphQLError('Insufficient Permissions');
+            }
+        },
         updateEquipment: (_: any, { equipment }: { equipment: any }, { dataSources, req }: { dataSources: any, req: any }) => {
             if (req.permissions.includes(Permission.WriteBike)) {
                 return dataSources.cargoBikeAPI.updateEquipment({ equipment });
diff --git a/src/schema/type-defs.ts b/src/schema/type-defs.ts
index 6d2e206..e39957a 100644
--- a/src/schema/type-defs.ts
+++ b/src/schema/type-defs.ts
@@ -716,6 +716,8 @@ type Mutation {
     updateCargoBike(cargoBike: CargoBikeUpdateInput!): CargoBike!
     "creates new peace of unique Equipment"
     createEquipment(equipment: EquipmentCreateInput!): Equipment!
+    "lock equipment returns true if bike is not locked or if it doesnt exist"
+    lockEquipmentById(id: ID!): Boolean!
     "update Equipment, returns updated equipment. CargoBike will be null, if cargoBikeId is not set. Pass null for cargoBikeIs to delete the relation"
     updateEquipment(equipment: EquipmentUpdateInput!): Equipment!
     "creates new lendingStation and returns lendingStation with new ID"