@directus/api 11.0.1 → 12.0.0

package/dist/services/users.js

@@ -1,12 +1,12 @@
-import { FailedValidationException } from '@directus/exceptions';
 import { getSimpleHash, toArray } from '@directus/utils';
+import { FailedValidationError, joiValidationErrorItemToErrorExtensions } from '@directus/validation';
 import jwt from 'jsonwebtoken';
 import { cloneDeep, isEmpty } from 'lodash-es';
 import { performance } from 'perf_hooks';
 import getDatabase from '../database/index.js';
 import env from '../env.js';
-import { RecordNotUniqueException } from '../exceptions/database/record-not-unique.js';
-import { ForbiddenException, InvalidPayloadException, UnprocessableEntityException } from '../exceptions/index.js';
+import { ForbiddenError } from '../errors/forbidden.js';
+import { InvalidPayloadError, RecordNotUniqueError, UnprocessableContentError } from '../errors/index.js';
 import isUrlAllowed from '../utils/is-url-allowed.js';
 import { verifyJWT } from '../utils/jwt.js';
 import { stall } from '../utils/stall.js';
@@ -29,10 +29,9 @@ export class UsersService extends ItemsService {
         emails = emails.map((email) => email.toLowerCase());
         const duplicates = emails.filter((value, index, array) => array.indexOf(value) !== index);
         if (duplicates.length) {
-            throw new RecordNotUniqueException('email', {
+            throw new RecordNotUniqueError({
                 collection: 'directus_users',
                 field: 'email',
-                invalid: duplicates[0],
             });
         }
         const query = this.knex
@@ -44,10 +43,9 @@ export class UsersService extends ItemsService {
         }
         const results = await query;
         if (results.length) {
-            throw new RecordNotUniqueException('email', {
+            throw new RecordNotUniqueError({
                 collection: 'directus_users',
                 field: 'email',
-                invalid: results[0].email,
             });
         }
     }
@@ -70,14 +68,14 @@ export class UsersService extends ItemsService {
         const regex = new RegExp(wrapped ? policyRegExString.slice(1, -1) : policyRegExString);
         for (const password of passwords) {
             if (!regex.test(password)) {
-                throw new FailedValidationException({
+                throw new FailedValidationError(joiValidationErrorItemToErrorExtensions({
                     message: `Provided password doesn't match password policy`,
                     path: ['password'],
                     type: 'custom.pattern.base',
                     context: {
                         value: password,
                     },
-                });
+                }));
             }
         }
     }
@@ -92,7 +90,7 @@ export class UsersService extends ItemsService {
             .first();
         const otherAdminUsersCount = +(otherAdminUsers?.count || 0);
         if (otherAdminUsersCount === 0) {
-            throw new UnprocessableEntityException(`You can't remove the last admin user from the role.`);
+            throw new UnprocessableContentError({ reason: `You can't remove the last admin user from the role` });
         }
     }
     /**
@@ -109,7 +107,7 @@ export class UsersService extends ItemsService {
             .first();
         const otherAdminUsersCount = +(otherAdminUsers?.count || 0);
         if (otherAdminUsersCount === 0) {
-            throw new UnprocessableEntityException(`You can't change the active status of the last admin user.`);
+            throw new UnprocessableContentError({ reason: `You can't change the active status of the last admin user` });
         }
     }
     /**
@@ -154,7 +152,7 @@ export class UsersService extends ItemsService {
             }
         }
         catch (err) {
-            (opts || (opts = {})).preMutationException = err;
+            (opts || (opts = {})).preMutationError = err;
         }
         return await super.createMany(data, opts);
     }
@@ -185,7 +183,7 @@ export class UsersService extends ItemsService {
             });
             for (const item of data) {
                 if (!item[primaryKeyField])
-                    throw new InvalidPayloadException(`User in update misses primary key.`);
+                    throw new InvalidPayloadError({ reason: `User in update misses primary key` });
                 keys.push(await service.updateOne(item[primaryKeyField], item, opts));
             }
         });
@@ -209,10 +207,9 @@ export class UsersService extends ItemsService {
             }
             if (data['email']) {
                 if (keys.length > 1) {
-                    throw new RecordNotUniqueException('email', {
+                    throw new RecordNotUniqueError({
                         collection: 'directus_users',
                         field: 'email',
-                        invalid: data['email'],
                     });
                 }
                 await this.checkUniqueEmails([data['email']], keys[0]);
@@ -221,23 +218,23 @@ export class UsersService extends ItemsService {
                 await this.checkPasswordPolicy([data['password']]);
             }
             if (data['tfa_secret'] !== undefined) {
-                throw new InvalidPayloadException(`You can't change the "tfa_secret" value manually.`);
+                throw new InvalidPayloadError({ reason: `You can't change the "tfa_secret" value manually` });
             }
             if (data['provider'] !== undefined) {
                 if (this.accountability && this.accountability.admin !== true) {
-                    throw new InvalidPayloadException(`You can't change the "provider" value manually.`);
+                    throw new InvalidPayloadError({ reason: `You can't change the "provider" value manually` });
                 }
                 data['auth_data'] = null;
             }
             if (data['external_identifier'] !== undefined) {
                 if (this.accountability && this.accountability.admin !== true) {
-                    throw new InvalidPayloadException(`You can't change the "external_identifier" value manually.`);
+                    throw new InvalidPayloadError({ reason: `You can't change the "external_identifier" value manually` });
                 }
                 data['auth_data'] = null;
             }
         }
         catch (err) {
-            (opts || (opts = {})).preMutationException = err;
+            (opts || (opts = {})).preMutationError = err;
         }
         return await super.updateMany(keys, data, opts);
     }
@@ -256,7 +253,7 @@ export class UsersService extends ItemsService {
             await this.checkRemainingAdminExistence(keys);
         }
         catch (err) {
-            (opts || (opts = {})).preMutationException = err;
+            (opts || (opts = {})).preMutationError = err;
         }
         await this.knex('directus_notifications').update({ sender: null }).whereIn('sender', keys);
         await super.deleteMany(keys, opts);
@@ -281,11 +278,11 @@ export class UsersService extends ItemsService {
         const opts = {};
         try {
             if (url && isUrlAllowed(url, env['USER_INVITE_URL_ALLOW_LIST']) === false) {
-                throw new InvalidPayloadException(`Url "${url}" can't be used to invite users.`);
+                throw new InvalidPayloadError({ reason: `Url "${url}" can't be used to invite users` });
             }
         }
         catch (err) {
-            opts.preMutationException = err;
+            opts.preMutationError = err;
         }
         const emails = toArray(email);
         const mailService = new MailService({
@@ -323,10 +320,10 @@ export class UsersService extends ItemsService {
     async acceptInvite(token, password) {
         const { email, scope } = verifyJWT(token, env['SECRET']);
         if (scope !== 'invite')
-            throw new ForbiddenException();
+            throw new ForbiddenError();
         const user = await this.getUserByEmail(email);
         if (user?.status !== 'invited') {
-            throw new InvalidPayloadException(`Email address ${email} hasn't been invited.`);
+            throw new InvalidPayloadError({ reason: `Email address ${email} hasn't been invited` });
         }
         // Allow unauthenticated update
         const service = new UsersService({
@@ -341,10 +338,10 @@ export class UsersService extends ItemsService {
         const user = await this.getUserByEmail(email);
         if (user?.status !== 'active') {
             await stall(STALL_TIME, timeStart);
-            throw new ForbiddenException();
+            throw new ForbiddenError();
         }
         if (url && isUrlAllowed(url, env['PASSWORD_RESET_URL_ALLOW_LIST']) === false) {
-            throw new InvalidPayloadException(`Url "${url}" can't be used to reset passwords.`);
+            throw new InvalidPayloadError({ reason: `Url "${url}" can't be used to reset passwords` });
         }
         const mailService = new MailService({
             schema: this.schema,
@@ -373,17 +370,17 @@ export class UsersService extends ItemsService {
     async resetPassword(token, password) {
         const { email, scope, hash } = jwt.verify(token, env['SECRET'], { issuer: 'directus' });
         if (scope !== 'password-reset' || !hash)
-            throw new ForbiddenException();
+            throw new ForbiddenError();
         const opts = {};
         try {
             await this.checkPasswordPolicy([password]);
         }
         catch (err) {
-            opts.preMutationException = err;
+            opts.preMutationError = err;
         }
         const user = await this.getUserByEmail(email);
         if (user?.status !== 'active' || hash !== getSimpleHash('' + user.password)) {
-            throw new ForbiddenException();
+            throw new ForbiddenError();
         }
         // Allow unauthenticated update
         const service = new UsersService({

package/dist/services/utils.js

@@ -1,7 +1,7 @@
 import getDatabase from '../database/index.js';
 import { systemCollectionRows } from '../database/system-data/collections/index.js';
 import emitter from '../emitter.js';
-import { ForbiddenException, InvalidPayloadException } from '../exceptions/index.js';
+import { ForbiddenError, InvalidPayloadError } from '../errors/index.js';
 export class UtilsService {
     knex;
     accountability;
@@ -16,18 +16,18 @@ export class UtilsService {
             systemCollectionRows;
         const sortField = sortFieldResponse?.sort_field;
         if (!sortField) {
-            throw new InvalidPayloadException(`Collection "${collection}" doesn't have a sort field.`);
+            throw new InvalidPayloadError({ reason: `Collection "${collection}" doesn't have a sort field` });
         }
         if (this.accountability?.admin !== true) {
             const permissions = this.accountability?.permissions?.find((permission) => {
                 return permission.collection === collection && permission.action === 'update';
             });
             if (!permissions) {
-                throw new ForbiddenException();
+                throw new ForbiddenError();
             }
             const allowedFields = permissions.fields ?? [];
             if (allowedFields[0] !== '*' && allowedFields.includes(sortField) === false) {
-                throw new ForbiddenException();
+                throw new ForbiddenError();
             }
         }
         const primaryKeyField = this.schema.collections[collection].primary;

package/dist/services/websocket.d.ts

@@ -0,0 +1,14 @@
+import type { ActionHandler } from '@directus/types';
+import type { WebSocketClient } from '../websocket/types.js';
+import type { WebSocketMessage } from '../websocket/messages.js';
+export declare class WebSocketService {
+    private controller;
+    constructor();
+    on(event: 'connect' | 'message' | 'error' | 'close', callback: ActionHandler): void;
+    off(event: 'connect' | 'message' | 'error' | 'close', callback: ActionHandler): void;
+    broadcast(message: string | WebSocketMessage, filter?: {
+        user?: string;
+        role?: string;
+    }): void;
+    clients(): Set<WebSocketClient>;
+}

package/dist/services/websocket.js

@@ -0,0 +1,26 @@
+import { getWebSocketController } from '../websocket/controllers/index.js';
+import emitter from '../emitter.js';
+export class WebSocketService {
+    controller;
+    constructor() {
+        this.controller = getWebSocketController();
+    }
+    on(event, callback) {
+        emitter.onAction('websocket.' + event, callback);
+    }
+    off(event, callback) {
+        emitter.offAction('websocket.' + event, callback);
+    }
+    broadcast(message, filter) {
+        this.controller.clients.forEach((client) => {
+            if (filter && filter.user && filter.user !== client.accountability?.user)
+                return;
+            if (filter && filter.role && filter.role !== client.accountability?.role)
+                return;
+            client.send(typeof message === 'string' ? message : JSON.stringify(message));
+        });
+    }
+    clients() {
+        return this.controller.clients;
+    }
+}

package/dist/synchronization.js

@@ -73,9 +73,9 @@ class SynchronizationManagerRedis {
     namespace;
     client;
     constructor() {
-        const config = getConfigFromEnv('SYNCHRONIZATION_REDIS');
-        this.client = new Redis(env['SYNCHRONIZATION_REDIS'] ?? config);
-        this.namespace = env['SYNCHRONIZATION_NAMESPACE'] ?? 'directus';
+        const config = getConfigFromEnv('REDIS');
+        this.client = new Redis(env['REDIS'] ?? config);
+        this.namespace = env['SYNCHRONIZATION_NAMESPACE'] ?? 'directus-sync';
         this.client.defineCommand('setGreaterThan', {
             numberOfKeys: 1,
             lua: SET_GREATER_THAN_SCRIPT,

package/dist/types/items.d.ts

@@ -2,7 +2,7 @@
  * I know this looks a little silly, but it allows us to explicitly differentiate between when we're
  * expecting an item vs any other generic object.
  */
-import type { BaseException } from '@directus/exceptions';
+import type { DirectusError } from '@directus/errors';
 import type { EventContext } from '@directus/types';
 import type { MutationTracker } from '../services/items.js';
 export type Item = Record<string, any>;
@@ -46,7 +46,7 @@ export type MutationOptions = {
      * To keep track of mutation limits
      */
     mutationTracker?: MutationTracker | undefined;
-    preMutationException?: BaseException | undefined;
+    preMutationError?: DirectusError | undefined;
 };
 export type ActionEventParams = {
     event: string | string[];

package/dist/utils/apply-diff.js

@@ -1,6 +1,6 @@
 import deepDiff from 'deep-diff';
 import { cloneDeep, merge, set } from 'lodash-es';
-import { clearSystemCache } from '../cache.js';
+import { flushCaches } from '../cache.js';
 import { getHelpers } from '../database/helpers/index.js';
 import getDatabase from '../database/index.js';
 import emitter from '../emitter.js';
@@ -121,7 +121,12 @@ export async function applyDiff(currentSnapshot, snapshotDiff, options) {
         // then continue with nested collections recursively
         await createCollections(snapshotDiff.collections.filter(filterCollectionsForCreation));
         // delete top level collections (no group) first, then continue with nested collections recursively
-        await deleteCollections(snapshotDiff.collections.filter(({ diff }) => diff[0]?.kind === DiffKind.DELETE && diff[0].lhs.meta?.group === null));
+        await deleteCollections(snapshotDiff.collections.filter(({ diff }) => {
+            if (diff.length === 0 || diff[0] === undefined)
+                return false;
+            const collectionDiff = diff[0];
+            return collectionDiff.kind === DiffKind.DELETE && collectionDiff.lhs?.meta?.group === null;
+        }));
         for (const { collection, diff } of snapshotDiff.collections) {
             if (diff?.[0]?.kind === DiffKind.EDIT || diff?.[0]?.kind === DiffKind.ARRAY) {
                 const currentCollection = currentSnapshot.collections.find((field) => {
@@ -198,7 +203,11 @@ export async function applyDiff(currentSnapshot, snapshotDiff, options) {
             }
             if (diff?.[0]?.kind === DiffKind.NEW) {
                 try {
-                    await relationsService.createOne(diff[0].rhs, mutationOptions);
+                    await relationsService.createOne({
+                        ...diff[0].rhs,
+                        collection,
+                        field,
+                    }, mutationOptions);
                 }
                 catch (err) {
                     logger.error(`Failed to create relation "${collection}.${field}"`);
@@ -237,7 +246,7 @@ export async function applyDiff(currentSnapshot, snapshotDiff, options) {
     if (runPostColumnChange) {
         await helpers.schema.postColumnChange();
     }
-    await clearSystemCache();
+    await flushCaches();
     if (nestedActionEvents.length > 0) {
         const updatedSchema = await getSchema({ database, bypassCache: true });
         for (const nestedActionEvent of nestedActionEvents) {

package/dist/utils/apply-query.js

@@ -1,14 +1,13 @@
 import { getFilterOperatorsForType, getOutputTypeForFunction } from '@directus/utils';
 import { clone, isPlainObject } from 'lodash-es';
+import { customAlphabet } from 'nanoid/non-secure';
 import validate from 'uuid-validate';
 import { getHelpers } from '../database/helpers/index.js';
-import { InvalidQueryException } from '../exceptions/invalid-query.js';
+import { InvalidQueryError } from '../errors/index.js';
 import { getColumnPath } from './get-column-path.js';
 import { getColumn } from './get-column.js';
 import { getRelationInfo } from './get-relation-info.js';
 import { stripFunction } from './strip-function.js';
-// @ts-ignore
-import { customAlphabet } from 'nanoid/non-secure';
 export const generateAlias = customAlphabet('abcdefghijklmnopqrstuvwxyz', 5);
 /**
  * Apply the Query to a given Knex query builder instance
@@ -79,7 +78,9 @@ function addJoin({ path, collection, aliasMap, rootQuery, schema, relations, kne
             else if (relationType === 'a2o') {
                 const pathScope = pathParts[0].split(':')[1];
                 if (!pathScope) {
-                    throw new InvalidQueryException(`You have to provide a collection scope when sorting or filtering on a many-to-any item`);
+                    throw new InvalidQueryError({
+                        reason: `You have to provide a collection scope when sorting or filtering on a many-to-any item`,
+                    });
                 }
                 rootQuery.leftJoin({ [alias]: pathScope }, (joinClause) => {
                     joinClause
@@ -113,7 +114,9 @@ function addJoin({ path, collection, aliasMap, rootQuery, schema, relations, kne
         else if (relationType === 'a2o') {
             const pathScope = pathParts[0].split(':')[1];
             if (!pathScope) {
-                throw new InvalidQueryException(`You have to provide a collection scope when sorting or filtering on a many-to-any item`);
+                throw new InvalidQueryError({
+                    reason: `You have to provide a collection scope when sorting or filtering on a many-to-any item`,
+                });
             }
             parent = pathScope;
         }
@@ -288,7 +291,9 @@ export function applyFilter(knex, schema, rootQuery, rootFilter, collection, ali
                     }
                 }
                 if (filterPath.includes('_none') || filterPath.includes('_some')) {
-                    throw new InvalidQueryException(`"${filterPath.includes('_none') ? '_none' : '_some'}" can only be used with top level relational alias field`);
+                    throw new InvalidQueryError({
+                        reason: `"${filterPath.includes('_none') ? '_none' : '_some'}" can only be used with top level relational alias field`,
+                    });
                 }
                 const { columnPath, targetCollection, addNestedPkField } = getColumnPath({
                     path: filterPath,
@@ -314,7 +319,7 @@ export function applyFilter(knex, schema, rootQuery, rootFilter, collection, ali
         }
         function validateFilterField(fields, key, collection = 'unknown') {
             if (fields[key] === undefined) {
-                throw new InvalidQueryException(`Invalid filter key "${key}" on "${collection}"`);
+                throw new InvalidQueryError({ reason: `Invalid filter key "${key}" on "${collection}"` });
             }
             return fields[key];
         }
@@ -323,11 +328,15 @@ export function applyFilter(knex, schema, rootQuery, rootFilter, collection, ali
                 filterOperator = filterOperator.slice(1);
             }
             if (!getFilterOperatorsForType(type).includes(filterOperator)) {
-                throw new InvalidQueryException(`"${type}" field type does not contain the "_${filterOperator}" filter operator`);
+                throw new InvalidQueryError({
+                    reason: `"${type}" field type does not contain the "_${filterOperator}" filter operator`,
+                });
             }
             if (special.includes('conceal') &&
                 !getFilterOperatorsForType('hash').includes(filterOperator)) {
-                throw new InvalidQueryException(`Field with "conceal" special does not allow the "_${filterOperator}" filter operator`);
+                throw new InvalidQueryError({
+                    reason: `Field with "conceal" special does not allow the "_${filterOperator}" filter operator`,
+                });
             }
         }
         function applyFilterToQuery(key, operator, compareValue, logical = 'and', originalCollectionName) {
@@ -337,18 +346,18 @@ export function applyFilter(knex, schema, rootQuery, rootFilter, collection, ali
             // Knex supports "raw" in the columnName parameter, but isn't typed as such. Too bad..
             // See https://github.com/knex/knex/issues/4518 @TODO remove as any once knex is updated
             // These operators don't rely on a value, and can thus be used without one (eg `?filter[field][_null]`)
-            if (operator === '_null' || (operator === '_nnull' && compareValue === false)) {
+            if ((operator === '_null' && compareValue !== false) || (operator === '_nnull' && compareValue === false)) {
                 dbQuery[logical].whereNull(selectionRaw);
             }
-            if (operator === '_nnull' || (operator === '_null' && compareValue === false)) {
+            if ((operator === '_nnull' && compareValue !== false) || (operator === '_null' && compareValue === false)) {
                 dbQuery[logical].whereNotNull(selectionRaw);
             }
-            if (operator === '_empty' || (operator === '_nempty' && compareValue === false)) {
+            if ((operator === '_empty' && compareValue !== false) || (operator === '_nempty' && compareValue === false)) {
                 dbQuery[logical].andWhere((query) => {
                     query.whereNull(key).orWhere(key, '=', '');
                 });
             }
-            if (operator === '_nempty' || (operator === '_empty' && compareValue === false)) {
+            if ((operator === '_nempty' && compareValue !== false) || (operator === '_empty' && compareValue === false)) {
                 dbQuery[logical].andWhere((query) => {
                     query.whereNotNull(key).andWhere(key, '!=', '');
                 });

package/dist/utils/get-accountability-for-role.js

@@ -1,4 +1,3 @@
-import { InvalidConfigException } from '../exceptions/index.js';
 import { getPermissions } from './get-permissions.js';
 export async function getAccountabilityForRole(role, context) {
     let generatedAccountability = context.accountability;
@@ -27,7 +26,7 @@ export async function getAccountabilityForRole(role, context) {
             .where({ id: role })
             .first();
         if (!roleInfo) {
-            throw new InvalidConfigException(`Configured role "${role}" isn't a valid role ID or doesn't exist.`);
+            throw new Error(`Configured role "${role}" isn't a valid role ID or doesn't exist.`);
         }
         generatedAccountability = {
             role,

package/dist/utils/get-accountability-for-token.d.ts

@@ -0,0 +1,2 @@
+import type { Accountability } from '@directus/types';
+export declare function getAccountabilityForToken(token?: string | null, accountability?: Accountability): Promise<Accountability>;

package/dist/utils/get-accountability-for-token.js

@@ -0,0 +1,50 @@
+import getDatabase from '../database/index.js';
+import env from '../env.js';
+import { InvalidCredentialsError } from '../errors/index.js';
+import isDirectusJWT from './is-directus-jwt.js';
+import { verifyAccessJWT } from './jwt.js';
+export async function getAccountabilityForToken(token, accountability) {
+    if (!accountability) {
+        accountability = {
+            user: null,
+            role: null,
+            admin: false,
+            app: false,
+        };
+    }
+    if (token) {
+        if (isDirectusJWT(token)) {
+            const payload = verifyAccessJWT(token, env['SECRET']);
+            accountability.role = payload.role;
+            accountability.admin = payload.admin_access === true || payload.admin_access == 1;
+            accountability.app = payload.app_access === true || payload.app_access == 1;
+            if (payload.share)
+                accountability.share = payload.share;
+            if (payload.share_scope)
+                accountability.share_scope = payload.share_scope;
+            if (payload.id)
+                accountability.user = payload.id;
+        }
+        else {
+            // Try finding the user with the provided token
+            const database = getDatabase();
+            const user = await database
+                .select('directus_users.id', 'directus_users.role', 'directus_roles.admin_access', 'directus_roles.app_access')
+                .from('directus_users')
+                .leftJoin('directus_roles', 'directus_users.role', 'directus_roles.id')
+                .where({
+                'directus_users.token': token,
+                status: 'active',
+            })
+                .first();
+            if (!user) {
+                throw new InvalidCredentialsError();
+            }
+            accountability.user = user.id;
+            accountability.role = user.role;
+            accountability.admin = user.admin_access === true || user.admin_access == 1;
+            accountability.app = user.app_access === true || user.app_access == 1;
+        }
+    }
+    return accountability;
+}

package/dist/utils/get-column-path.js

@@ -1,4 +1,4 @@
-import { InvalidQueryException } from '../exceptions/index.js';
+import { InvalidQueryError } from '../errors/index.js';
 import { getRelationInfo } from './get-relation-info.js';
 /**
  * Converts a Directus field list path to the correct SQL names based on the constructed alias map.
@@ -15,7 +15,7 @@ export function getColumnPath({ path, collection, aliasMap, relations, schema })
         const pathRoot = pathParts[0].split(':')[0];
         const { relation, relationType } = getRelationInfo(relations, parentCollection, pathRoot);
         if (!relation) {
-            throw new InvalidQueryException(`"${parentCollection}.${pathRoot}" is not a relational field`);
+            throw new InvalidQueryError({ reason: `"${parentCollection}.${pathRoot}" is not a relational field` });
         }
         const alias = parentFields ? aliasMap[`${parentFields}.${pathParts[0]}`]?.alias : aliasMap[pathParts[0]]?.alias;
         const remainingParts = pathParts.slice(1);
@@ -23,7 +23,9 @@ export function getColumnPath({ path, collection, aliasMap, relations, schema })
         if (relationType === 'a2o') {
             const pathScope = pathParts[0].split(':')[1];
             if (!pathScope) {
-                throw new InvalidQueryException(`You have to provide a collection scope when sorting on a many-to-any item`);
+                throw new InvalidQueryError({
+                    reason: `You have to provide a collection scope when sorting on a many-to-any item`,
+                });
             }
             parent = pathScope;
         }

package/dist/utils/get-column.js

@@ -1,7 +1,7 @@
 import { REGEX_BETWEEN_PARENS } from '@directus/constants';
 import { getFunctionsForType } from '@directus/utils';
 import { getFunctions } from '../database/helpers/index.js';
-import { InvalidQueryException } from '../exceptions/index.js';
+import { InvalidQueryError } from '../errors/index.js';
 import { applyFunctionToColumnName } from './apply-function-to-column-name.js';
 /**
  * Return column prefixed by table. If column includes functions (like `year(date_created)`), the
@@ -25,7 +25,7 @@ export function getColumn(knex, table, column, alias = applyFunctionToColumnName
             const type = schema?.collections[collectionName]?.fields?.[columnName]?.type ?? 'unknown';
             const allowedFunctions = getFunctionsForType(type);
             if (allowedFunctions.includes(functionName) === false) {
-                throw new InvalidQueryException(`Invalid function specified "${functionName}"`);
+                throw new InvalidQueryError({ reason: `Invalid function specified "${functionName}"` });
             }
             const result = fn[functionName](table, columnName, {
                 type,
@@ -38,7 +38,7 @@ export function getColumn(knex, table, column, alias = applyFunctionToColumnName
             return result;
         }
         else {
-            throw new InvalidQueryException(`Invalid function specified "${functionName}"`);
+            throw new InvalidQueryError({ reason: `Invalid function specified "${functionName}"` });
         }
     }
     if (alias && column !== alias) {

package/dist/utils/get-service.d.ts

@@ -0,0 +1,7 @@
+import { ItemsService } from '../services/index.js';
+import type { AbstractServiceOptions } from '../types/services.js';
+/**
+ * Select the correct service for the given collection. This allows the individual services to run
+ * their custom checks (f.e. it allows UsersService to prevent updating TFA secret from outside)
+ */
+export declare function getService(collection: string, opts: AbstractServiceOptions): ItemsService;

package/dist/utils/get-service.js

@@ -0,0 +1,49 @@
+import { ActivityService, DashboardsService, FilesService, FlowsService, FoldersService, ItemsService, NotificationsService, OperationsService, PanelsService, PermissionsService, PresetsService, RevisionsService, RolesService, SettingsService, SharesService, UsersService, WebhooksService, } from '../services/index.js';
+/**
+ * Select the correct service for the given collection. This allows the individual services to run
+ * their custom checks (f.e. it allows UsersService to prevent updating TFA secret from outside)
+ */
+export function getService(collection, opts) {
+    switch (collection) {
+        case 'directus_activity':
+            return new ActivityService(opts);
+        // case 'directus_collections':
+        // 	return new CollectionsService(opts);
+        case 'directus_dashboards':
+            return new DashboardsService(opts);
+        // case 'directus_fields':
+        // 	return new FieldsService(opts);
+        case 'directus_files':
+            return new FilesService(opts);
+        case 'directus_flows':
+            return new FlowsService(opts);
+        case 'directus_folders':
+            return new FoldersService(opts);
+        case 'directus_notifications':
+            return new NotificationsService(opts);
+        case 'directus_operations':
+            return new OperationsService(opts);
+        case 'directus_panels':
+            return new PanelsService(opts);
+        case 'directus_permissions':
+            return new PermissionsService(opts);
+        case 'directus_presets':
+            return new PresetsService(opts);
+        // case 'directus_relations':
+        // 	return new RelationsService(opts);
+        case 'directus_revisions':
+            return new RevisionsService(opts);
+        case 'directus_roles':
+            return new RolesService(opts);
+        case 'directus_settings':
+            return new SettingsService(opts);
+        case 'directus_shares':
+            return new SharesService(opts);
+        case 'directus_users':
+            return new UsersService(opts);
+        case 'directus_webhooks':
+            return new WebhooksService(opts);
+        default:
+            return new ItemsService(collection, opts);
+    }
+}