npm - @directus/api - Versions diffs - 13.2.0 → 14.0.1 - Mend

@directus/api 13.2.0 → 14.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (109) hide show

package/dist/__utils__/snapshots.js +9 -0
package/dist/app.js +2 -0
package/dist/cli/index.js +3 -4
package/dist/cli/load-extensions.d.ts +1 -0
package/dist/cli/load-extensions.js +19 -0
package/dist/controllers/extensions.js +28 -19
package/dist/controllers/versions.d.ts +2 -0
package/dist/controllers/versions.js +188 -0
package/dist/database/migrations/20230823A-add-content-versioning.d.ts +3 -0
package/dist/database/migrations/20230823A-add-content-versioning.js +36 -0
package/dist/database/migrations/20230927A-themes.d.ts +3 -0
package/dist/database/migrations/20230927A-themes.js +49 -0
package/dist/database/migrations/20231009B-update-panel-options.d.ts +3 -0
package/dist/database/migrations/20231009B-update-panel-options.js +77 -0
package/dist/database/migrations/20231010A-add-extensions.d.ts +3 -0
package/dist/database/migrations/20231010A-add-extensions.js +9 -0
package/dist/database/run-ast.js +1 -1
package/dist/database/system-data/app-access-permissions/app-access-permissions.yaml +5 -1
package/dist/database/system-data/collections/collections.yaml +6 -0
package/dist/database/system-data/fields/activity.yaml +4 -4
package/dist/database/system-data/fields/collections.yaml +19 -0
package/dist/database/system-data/fields/extensions.yaml +10 -0
package/dist/database/system-data/fields/revisions.yaml +3 -0
package/dist/database/system-data/fields/settings.yaml +73 -17
package/dist/database/system-data/fields/users.yaml +50 -12
package/dist/database/system-data/fields/versions.yaml +38 -0
package/dist/database/system-data/fields/webhooks.yaml +9 -9
package/dist/database/system-data/relations/relations.yaml +88 -20
package/dist/emitter.d.ts +2 -2
package/dist/env.js +4 -0
package/dist/extensions/lib/get-extensions-settings.d.ts +7 -0
package/dist/extensions/lib/get-extensions-settings.js +39 -0
package/dist/extensions/lib/get-extensions.d.ts +1 -0
package/dist/extensions/lib/get-extensions.js +11 -0
package/dist/extensions/{get-shared-deps-mapping.js → lib/get-shared-deps-mapping.js} +3 -3
package/dist/extensions/lib/sandbox/generate-api-extensions-sandbox-entrypoint.d.ts +31 -0
package/dist/extensions/lib/sandbox/generate-api-extensions-sandbox-entrypoint.js +80 -0
package/dist/extensions/lib/sandbox/generate-host-function-reference.d.ts +11 -0
package/dist/extensions/lib/sandbox/generate-host-function-reference.js +28 -0
package/dist/extensions/lib/sandbox/register/action.d.ts +6 -0
package/dist/extensions/lib/sandbox/register/action.js +18 -0
package/dist/extensions/lib/sandbox/register/call-reference.d.ts +5 -0
package/dist/extensions/lib/sandbox/register/call-reference.js +20 -0
package/dist/extensions/lib/sandbox/register/filter.d.ts +6 -0
package/dist/extensions/lib/sandbox/register/filter.js +21 -0
package/dist/extensions/lib/sandbox/register/index.d.ts +5 -0
package/dist/extensions/lib/sandbox/register/index.js +5 -0
package/dist/extensions/lib/sandbox/register/operation.d.ts +6 -0
package/dist/extensions/lib/sandbox/register/operation.js +19 -0
package/dist/extensions/lib/sandbox/register/route.d.ts +17 -0
package/dist/extensions/lib/sandbox/register/route.js +44 -0
package/dist/extensions/lib/sandbox/sdk/generators/index.d.ts +3 -0
package/dist/extensions/lib/sandbox/sdk/generators/index.js +3 -0
package/dist/extensions/lib/sandbox/sdk/generators/log.d.ts +3 -0
package/dist/extensions/lib/sandbox/sdk/generators/log.js +11 -0
package/dist/extensions/lib/sandbox/sdk/generators/request.d.ts +12 -0
package/dist/extensions/lib/sandbox/sdk/generators/request.js +49 -0
package/dist/extensions/lib/sandbox/sdk/generators/sleep.d.ts +3 -0
package/dist/extensions/lib/sandbox/sdk/generators/sleep.js +11 -0
package/dist/extensions/lib/sandbox/sdk/index.d.ts +2 -0
package/dist/extensions/lib/sandbox/sdk/index.js +2 -0
package/dist/extensions/lib/sandbox/sdk/instantiate.d.ts +11 -0
package/dist/extensions/lib/sandbox/sdk/instantiate.js +28 -0
package/dist/extensions/lib/sandbox/sdk/sdk.d.ts +20 -0
package/dist/extensions/lib/sandbox/sdk/sdk.js +11 -0
package/dist/extensions/lib/sandbox/sdk/utils/index.d.ts +1 -0
package/dist/extensions/lib/sandbox/sdk/utils/index.js +1 -0
package/dist/extensions/lib/sandbox/sdk/utils/wrap.d.ts +11 -0
package/dist/extensions/lib/sandbox/sdk/utils/wrap.js +17 -0
package/dist/extensions/manager.d.ts +128 -14
package/dist/extensions/manager.js +310 -136
package/dist/extensions/types.d.ts +1 -5
package/dist/flows.d.ts +1 -1
package/dist/flows.js +6 -6
package/dist/middleware/respond.js +12 -0
package/dist/server.js +2 -1
package/dist/services/assets.js +1 -1
package/dist/services/extensions.d.ts +31 -0
package/dist/services/extensions.js +136 -0
package/dist/services/graphql/index.d.ts +1 -1
package/dist/services/graphql/index.js +87 -24
package/dist/services/index.d.ts +2 -0
package/dist/services/index.js +2 -0
package/dist/services/server.js +3 -1
package/dist/services/users.js +2 -0
package/dist/services/versions.d.ts +21 -0
package/dist/services/versions.js +238 -0
package/dist/types/collection.d.ts +1 -0
package/dist/utils/apply-query.d.ts +1 -1
package/dist/utils/apply-query.js +30 -2
package/dist/utils/delete-from-require-cache.d.ts +1 -0
package/dist/utils/delete-from-require-cache.js +5 -0
package/dist/utils/get-service.js +3 -1
package/dist/utils/import-file-url.d.ts +5 -0
package/dist/utils/import-file-url.js +6 -0
package/dist/utils/job-queue.d.ts +2 -3
package/dist/utils/redact-object.d.ts +1 -1
package/dist/utils/redact-object.js +37 -24
package/dist/utils/sanitize-query.js +3 -0
package/dist/utils/validate-query.js +1 -0
package/dist/worker-pool.js +8 -0
package/package.json +28 -27
package/dist/extensions/get-extensions.d.ts +0 -47
package/dist/extensions/get-extensions.js +0 -9
package/dist/extensions/normalize-extension-info.d.ts +0 -5
package/dist/extensions/normalize-extension-info.js +0 -30
/package/dist/extensions/{get-shared-deps-mapping.d.ts → lib/get-shared-deps-mapping.d.ts} +0 -0
/package/dist/extensions/{wrap-embeds.d.ts → lib/wrap-embeds.d.ts} +0 -0
/package/dist/extensions/{wrap-embeds.js → lib/wrap-embeds.js} +0 -0

package/dist/extensions/lib/sandbox/generate-api-extensions-sandbox-entrypoint.d.ts ADDED Viewed

@@ -0,0 +1,31 @@
+/// <reference types="node" resolution-mode="require"/>
+/// <reference types="node/http.js" />
+/// <reference types="pino-http" />
+import type { ApiExtensionType, HybridExtensionType } from '@directus/extensions';
+import type { Router } from 'express';
+/**
+ * Generate the JS to run in the isolate to create the extension's entrypoint to the host
+ *
+ * @param type - Extension type to generate the entrypoint for
+ * @param name - Unique name of the extension
+ * @param endpointRouter - Scoped express router to register endpoint extension in
+ */
+export declare function generateApiExtensionsSandboxEntrypoint(type: ApiExtensionType | HybridExtensionType, name: string, endpointRouter: Router): {
+    code: string;
+    hostFunctions: ((event: import("isolated-vm").Reference<string>, cb: import("isolated-vm").Reference<(payload: unknown) => void | Promise<void>>) => void)[];
+    unregisterFunction: () => Promise<void>;
+} | {
+    code: string;
+    hostFunctions: ((path: import("isolated-vm").Reference<string>, method: import("isolated-vm").Reference<"GET" | "POST" | "DELETE" | "PUT" | "PATCH">, cb: import("isolated-vm").Reference<(req: {
+        url: string;
+        headers: import("http").IncomingHttpHeaders;
+        body: string;
+    }) => {
+        status: number;
+        body: string;
+    } | Promise<{
+        status: number;
+        body: string;
+    }>>) => void)[];
+    unregisterFunction: () => void;
+};

package/dist/extensions/lib/sandbox/generate-api-extensions-sandbox-entrypoint.js ADDED Viewed

@@ -0,0 +1,80 @@
+import { numberGenerator } from '@directus/utils';
+import { generateHostFunctionReference } from './generate-host-function-reference.js';
+import { registerActionGenerator, registerFilterGenerator, registerOperationGenerator, registerRouteGenerator, } from './register/index.js';
+/**
+ * Generate the JS to run in the isolate to create the extension's entrypoint to the host
+ *
+ * @param type - Extension type to generate the entrypoint for
+ * @param name - Unique name of the extension
+ * @param endpointRouter - Scoped express router to register endpoint extension in
+ */
+export function generateApiExtensionsSandboxEntrypoint(type, name, endpointRouter) {
+    const index = numberGenerator();
+    const hostFunctions = [];
+    const extensionExport = `const extensionExport = $${index.next().value}.deref();`;
+    if (type === 'hook') {
+        const code = `
+			${extensionExport}
+			const filter = ${generateHostFunctionReference(index, ['event', 'handler'], { async: false })}
+			const action = ${generateHostFunctionReference(index, ['event', 'handler'], { async: false })}
+			return extensionExport({ filter, action });
+		`;
+        const { register: filter, unregisterFunctions: filterUnregisterFunctions } = registerFilterGenerator();
+        const { register: action, unregisterFunctions: actionUnregisterFunctions } = registerActionGenerator();
+        hostFunctions.push(filter);
+        hostFunctions.push(action);
+        const unregisterFunction = async () => {
+            await Promise.all([...filterUnregisterFunctions, ...actionUnregisterFunctions].map((fn) => fn()));
+        };
+        return { code, hostFunctions, unregisterFunction };
+    }
+    else if (type === 'endpoint') {
+        const code = `
+			${extensionExport}
+			const registerRoute = ${generateHostFunctionReference(index, ['path', 'method', 'handler'], { async: false })}
+			const router = {
+				get: (path, handler) => {
+					registerRoute(path, 'GET', handler);
+				},
+				post: (path, handler) => {
+					registerRoute(path, 'POST', handler);
+				},
+				put: (path, handler) => {
+					registerRoute(path, 'PUT', handler);
+				},
+				patch: (path, handler) => {
+					registerRoute(path, 'PATCH', handler);
+				},
+				delete: (path, handler) => {
+					registerRoute(path, 'DELETE', handler);
+				}
+			};
+			return extensionExport(router);
+		`;
+        const { register, unregisterFunction } = registerRouteGenerator(name, endpointRouter);
+        hostFunctions.push(register);
+        return { code, hostFunctions, unregisterFunction };
+    }
+    else {
+        const code = `
+			${extensionExport}
+			const registerOperation = ${generateHostFunctionReference(index, ['id', 'handler'], { async: false })}
+			const operationConfig = extensionExport();
+			registerOperation(operationConfig.id, operationConfig.handler);
+		`;
+        const { register, unregisterFunctions } = registerOperationGenerator();
+        hostFunctions.push(register);
+        const unregisterFunction = async () => {
+            await Promise.all(unregisterFunctions.map((fn) => fn()));
+        };
+        return { code, hostFunctions, unregisterFunction };
+    }
+}

package/dist/extensions/lib/sandbox/generate-host-function-reference.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+/**
+ * Generate an anonymous function wrapper with the provided arguments that applies the args against a referenced function in the host
+ *
+ * @param index - Generator function that tracks the indexes used
+ * @param args - Named arguments of the host function
+ * @param options - Options to modify the output function
+ * @param options.async - Whether or not to generate the wrapper function as an async function
+ */
+export declare function generateHostFunctionReference(index: Generator<number, number, number>, args: string[], options: {
+    async: boolean;
+}): string;

package/dist/extensions/lib/sandbox/generate-host-function-reference.js ADDED Viewed

@@ -0,0 +1,28 @@
+/**
+ * Generate an anonymous function wrapper with the provided arguments that applies the args against a referenced function in the host
+ *
+ * @param index - Generator function that tracks the indexes used
+ * @param args - Named arguments of the host function
+ * @param options - Options to modify the output function
+ * @param options.async - Whether or not to generate the wrapper function as an async function
+ */
+export function generateHostFunctionReference(index, args, options) {
+    const argsList = args.join(', ');
+    const i = index.next().value;
+    if (options.async) {
+        return `
+			async (${argsList}) => {
+				const { result, error } = await $${i}.apply(undefined, [${argsList}], { arguments: { reference: true }, result: { copy: true, promise: true } });
+				if (error) {
+					throw result;
+				} else {
+					return result;
+				}
+			};
+		`;
+    }
+    else {
+        return `(${argsList}) => $${i}.applySync(undefined, [${argsList}], { arguments: { reference: true }, result: { copy: true } });`;
+    }
+}

package/dist/extensions/lib/sandbox/register/action.d.ts ADDED Viewed

@@ -0,0 +1,6 @@
+import type { PromiseCallback } from '@directus/types';
+import type { Reference } from 'isolated-vm';
+export declare function registerActionGenerator(): {
+    register: (event: Reference<string>, cb: Reference<(payload: unknown) => void | Promise<void>>) => void;
+    unregisterFunctions: PromiseCallback[];
+};

package/dist/extensions/lib/sandbox/register/action.js ADDED Viewed

@@ -0,0 +1,18 @@
+import emitter from '../../../../emitter.js';
+import { callReference } from './call-reference.js';
+export function registerActionGenerator() {
+    const unregisterFunctions = [];
+    const registerAction = (event, cb) => {
+        if (event.typeof !== 'string')
+            throw new TypeError('Action event has to be of type string');
+        if (cb.typeof !== 'function')
+            throw new TypeError('Action handler has to be of type function');
+        const eventCopied = event.copySync();
+        const handler = (payload) => callReference(cb, [payload]);
+        emitter.onAction(eventCopied, handler);
+        unregisterFunctions.push(() => {
+            emitter.offAction(eventCopied, handler);
+        });
+    };
+    return { register: registerAction, unregisterFunctions };
+}

package/dist/extensions/lib/sandbox/register/call-reference.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+import type { Reference } from 'isolated-vm';
+type Args<T> = T extends (...args: infer Args) => unknown ? Args : any[];
+type Result<T> = T extends (...args: any) => infer Result ? Result : unknown;
+export declare function callReference<T extends (...args: any[]) => unknown | Promise<unknown>>(fn: Reference<T>, args: Args<T>): Promise<Reference<Result<T>>>;
+export {};

package/dist/extensions/lib/sandbox/register/call-reference.js ADDED Viewed

@@ -0,0 +1,20 @@
+import env from '../../../../env.js';
+import logger from '../../../../logger.js';
+export async function callReference(fn, args) {
+    const sandboxTimeout = Number(env['EXTENSIONS_SANDBOX_TIMEOUT']);
+    try {
+        return await fn.apply(undefined, args, {
+            arguments: { copy: true },
+            result: { reference: true, promise: true },
+            timeout: sandboxTimeout,
+        });
+    }
+    catch (e) {
+        if (e instanceof RangeError) {
+            logger.error(`Extension sandbox has reached the memory limit`);
+            logger.error(e);
+            process.abort();
+        }
+        throw e;
+    }
+}

package/dist/extensions/lib/sandbox/register/filter.d.ts ADDED Viewed

@@ -0,0 +1,6 @@
+import type { PromiseCallback } from '@directus/types';
+import type { Reference } from 'isolated-vm';
+export declare function registerFilterGenerator(): {
+    register: (event: Reference<string>, cb: Reference<(payload: unknown) => unknown | Promise<unknown>>) => void;
+    unregisterFunctions: PromiseCallback[];
+};

package/dist/extensions/lib/sandbox/register/filter.js ADDED Viewed

@@ -0,0 +1,21 @@
+import emitter from '../../../../emitter.js';
+import { callReference } from './call-reference.js';
+export function registerFilterGenerator() {
+    const unregisterFunctions = [];
+    const registerFilter = (event, cb) => {
+        if (event.typeof !== 'string')
+            throw new TypeError('Filter event has to be of type string');
+        if (cb.typeof !== 'function')
+            throw new TypeError('Filter handler has to be of type function');
+        const eventCopied = event.copySync();
+        const handler = async (payload) => {
+            const response = await callReference(cb, [payload]);
+            return response.copy();
+        };
+        emitter.onFilter(eventCopied, handler);
+        unregisterFunctions.push(() => {
+            emitter.offFilter(eventCopied, handler);
+        });
+    };
+    return { register: registerFilter, unregisterFunctions };
+}

package/dist/extensions/lib/sandbox/register/index.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+export * from './action.js';
+export * from './call-reference.js';
+export * from './filter.js';
+export * from './operation.js';
+export * from './route.js';

package/dist/extensions/lib/sandbox/register/index.js ADDED Viewed

@@ -0,0 +1,5 @@
+export * from './action.js';
+export * from './call-reference.js';
+export * from './filter.js';
+export * from './operation.js';
+export * from './route.js';

package/dist/extensions/lib/sandbox/register/operation.d.ts ADDED Viewed

@@ -0,0 +1,6 @@
+import type { PromiseCallback } from '@directus/types';
+import type { Reference } from 'isolated-vm';
+export declare function registerOperationGenerator(): {
+    register: (id: Reference<string>, cb: Reference<(data: Record<string, unknown>) => unknown | Promise<unknown> | void>) => void;
+    unregisterFunctions: PromiseCallback[];
+};

package/dist/extensions/lib/sandbox/register/operation.js ADDED Viewed

@@ -0,0 +1,19 @@
+import { getFlowManager } from '../../../../flows.js';
+import { callReference } from './call-reference.js';
+export function registerOperationGenerator() {
+    const flowManager = getFlowManager();
+    const unregisterFunctions = [];
+    const registerOperation = (id, cb) => {
+        if (id.typeof !== 'string')
+            throw new TypeError('Operation config id has to be of type string');
+        if (cb.typeof !== 'function')
+            throw new TypeError('Operation config handler has to be of type function');
+        const idCopied = id.copySync();
+        const handler = async (data) => callReference(cb, [data]);
+        flowManager.addOperation(idCopied, handler);
+        unregisterFunctions.push(() => {
+            flowManager.removeOperation(idCopied);
+        });
+    };
+    return { register: registerOperation, unregisterFunctions };
+}

package/dist/extensions/lib/sandbox/register/route.d.ts ADDED Viewed

@@ -0,0 +1,17 @@
+import type { Router } from 'express';
+import type { Reference } from 'isolated-vm';
+import type { IncomingHttpHeaders } from 'node:http';
+export declare function registerRouteGenerator(endpointName: string, endpointRouter: Router): {
+    register: (path: Reference<string>, method: Reference<'GET' | 'POST' | 'PUT' | 'PATCH' | 'DELETE'>, cb: Reference<(req: {
+        url: string;
+        headers: IncomingHttpHeaders;
+        body: string;
+    }) => {
+        status: number;
+        body: string;
+    } | Promise<{
+        status: number;
+        body: string;
+    }>>) => void;
+    unregisterFunction: () => void;
+};

package/dist/extensions/lib/sandbox/register/route.js ADDED Viewed

@@ -0,0 +1,44 @@
+import express from 'express';
+import asyncHandler from '../../../../utils/async-handler.js';
+import { callReference } from './call-reference.js';
+export function registerRouteGenerator(endpointName, endpointRouter) {
+    const router = express.Router();
+    endpointRouter.use(`/${endpointName}`, router);
+    const registerRoute = (path, method, cb) => {
+        if (path.typeof !== 'string')
+            throw new TypeError('Route path has to be of type string');
+        if (method.typeof !== 'string')
+            throw new TypeError('Route method has to be of type string');
+        if (cb.typeof !== 'function')
+            throw new TypeError('Route handler has to be of type function');
+        const pathCopied = path.copySync();
+        const methodCopied = method.copySync();
+        const handler = asyncHandler(async (req, res) => {
+            const request = { url: req.url, headers: req.headers, body: req.body };
+            const response = await callReference(cb, [request]);
+            const responseCopied = await response.copy();
+            res.status(responseCopied.status).send(responseCopied.body);
+        });
+        switch (methodCopied) {
+            case 'GET':
+                router.get(pathCopied, handler);
+                break;
+            case 'POST':
+                router.post(pathCopied, handler);
+                break;
+            case 'PUT':
+                router.put(pathCopied, handler);
+                break;
+            case 'PATCH':
+                router.patch(pathCopied, handler);
+                break;
+            case 'DELETE':
+                router.delete(pathCopied, handler);
+                break;
+        }
+    };
+    const unregisterFunction = () => {
+        endpointRouter.stack = endpointRouter.stack.filter((layer) => router !== layer.handle);
+    };
+    return { register: registerRoute, unregisterFunction };
+}

package/dist/extensions/lib/sandbox/sdk/generators/index.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+export * from './log.js';
+export * from './request.js';
+export * from './sleep.js';

package/dist/extensions/lib/sandbox/sdk/generators/index.js ADDED Viewed

@@ -0,0 +1,3 @@
+export * from './log.js';
+export * from './request.js';
+export * from './sleep.js';

package/dist/extensions/lib/sandbox/sdk/generators/log.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+import type { ExtensionSandboxRequestedScopes } from '@directus/extensions';
+import type { Reference } from 'isolated-vm';
+export declare function logGenerator(requestedScopes: ExtensionSandboxRequestedScopes): (message: Reference<string>) => void;

package/dist/extensions/lib/sandbox/sdk/generators/log.js ADDED Viewed

@@ -0,0 +1,11 @@
+import logger from '../../../../../logger.js';
+export function logGenerator(requestedScopes) {
+    return (message) => {
+        if (requestedScopes.log === undefined)
+            throw new Error('No permission to access "log"');
+        if (message.typeof !== 'string')
+            throw new TypeError('Log message has to be of type string');
+        const messageCopied = message.copySync();
+        logger.info(messageCopied);
+    };
+}

package/dist/extensions/lib/sandbox/sdk/generators/request.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import type { ExtensionSandboxRequestedScopes } from '@directus/extensions';
+import type { Reference } from 'isolated-vm';
+export declare function requestGenerator(requestedScopes: ExtensionSandboxRequestedScopes): (url: Reference<string>, options: Reference<{
+    method?: 'GET' | 'POST' | 'PUT' | 'PATCH' | 'DELETE';
+    body?: Record<string, any> | string;
+    headers?: Record<string, string>;
+}>) => Promise<{
+    status: number;
+    statusText: string;
+    headers: Record<string, any>;
+    data: string;
+}>;

package/dist/extensions/lib/sandbox/sdk/generators/request.js ADDED Viewed

@@ -0,0 +1,49 @@
+import encodeUrl from 'encodeurl';
+import globToRegExp from 'glob-to-regexp';
+import { getAxios } from '../../../../../request/index.js';
+export function requestGenerator(requestedScopes) {
+    return async (url, options) => {
+        if (url.typeof !== 'string')
+            throw new TypeError('Request url has to be of type string');
+        if (options.typeof !== 'undefined' && options.typeof !== 'object') {
+            throw new TypeError('Request options has to be of type object');
+        }
+        const urlCopied = await url.copy();
+        const permissions = requestedScopes.request;
+        if (permissions === undefined)
+            throw new Error('No permission to access "request"');
+        const urlAllowed = permissions.urls.some((urlScope) => {
+            const regex = globToRegExp(urlScope);
+            return regex.test(urlCopied);
+        });
+        if (urlAllowed === false) {
+            throw new Error(`No permission to request "${urlCopied}"`);
+        }
+        const method = options.typeof !== 'undefined' ? await options.get('method', { reference: true }) : undefined;
+        const body = options.typeof !== 'undefined' ? await options.get('body', { reference: true }) : undefined;
+        const headers = options.typeof !== 'undefined' ? await options.get('headers', { reference: true }) : undefined;
+        if (method !== undefined && method.typeof !== 'undefined' && method.typeof !== 'string') {
+            throw new TypeError('Request method has to be of type string');
+        }
+        if (body !== undefined && body.typeof !== 'undefined' && body.typeof !== 'string' && body.typeof !== 'object') {
+            throw new TypeError('Request body has to be of type string or object');
+        }
+        if (headers !== undefined && headers.typeof !== 'undefined' && headers.typeof !== 'array') {
+            throw new TypeError('Request headers has to be of type array');
+        }
+        const methodCopied = await method?.copy();
+        const bodyCopied = await body?.copy();
+        const headersCopied = await headers?.copy();
+        if (!permissions.methods.includes(methodCopied ?? 'GET')) {
+            throw new Error(`No permission to use request method "${methodCopied}"`);
+        }
+        const axios = await getAxios();
+        const result = await axios({
+            url: encodeUrl(urlCopied),
+            method: methodCopied ?? 'GET',
+            data: bodyCopied ?? null,
+            headers: headersCopied ?? {},
+        });
+        return { status: result.status, statusText: result.statusText, headers: result.headers, data: result.data };
+    };
+}

package/dist/extensions/lib/sandbox/sdk/generators/sleep.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+import type { ExtensionSandboxRequestedScopes } from '@directus/extensions';
+import type { Reference } from 'isolated-vm';
+export declare function sleepGenerator(requestedScopes: ExtensionSandboxRequestedScopes): (milliseconds: Reference<number>) => Promise<void>;

package/dist/extensions/lib/sandbox/sdk/generators/sleep.js ADDED Viewed

@@ -0,0 +1,11 @@
+import { setTimeout } from 'node:timers/promises';
+export function sleepGenerator(requestedScopes) {
+    return async (milliseconds) => {
+        if (requestedScopes.sleep === undefined)
+            throw new Error('No permission to access "sleep"');
+        if (milliseconds.typeof !== 'number')
+            throw new TypeError('Sleep milliseconds has to be of type number');
+        const millisecondsCopied = await milliseconds.copy();
+        await setTimeout(millisecondsCopied);
+    };
+}

package/dist/extensions/lib/sandbox/sdk/index.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export * from './instantiate.js';
2	+ export * from './sdk.js';

package/dist/extensions/lib/sandbox/sdk/index.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export * from './instantiate.js';
2	+ export * from './sdk.js';

package/dist/extensions/lib/sandbox/sdk/instantiate.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+import type { ExtensionSandboxRequestedScopes } from '@directus/extensions';
+import type { Isolate, Module } from 'isolated-vm';
+/**
+ * Creates a new isolate context, generates the sandbox SDK, and returns an isolate Module with the
+ * SDK included in it's global scope
+ *
+ * @param isolate - Existing isolate in which to inject the SDK globally
+ * @param requestedScopes - Permissions as requested by the extension to generate the SDK for
+ * @returns Isolate module with SDK available in it's global scope
+ */
+export declare function instantiateSandboxSdk(isolate: Isolate, requestedScopes: ExtensionSandboxRequestedScopes): Promise<Module>;

package/dist/extensions/lib/sandbox/sdk/instantiate.js ADDED Viewed

@@ -0,0 +1,28 @@
+import { numberGenerator } from '@directus/utils';
+import { generateHostFunctionReference } from '../generate-host-function-reference.js';
+import { getSdk } from './sdk.js';
+import { wrap } from './utils/wrap.js';
+/**
+ * Creates a new isolate context, generates the sandbox SDK, and returns an isolate Module with the
+ * SDK included in it's global scope
+ *
+ * @param isolate - Existing isolate in which to inject the SDK globally
+ * @param requestedScopes - Permissions as requested by the extension to generate the SDK for
+ * @returns Isolate module with SDK available in it's global scope
+ */
+export async function instantiateSandboxSdk(isolate, requestedScopes) {
+    const apiContext = await isolate.createContext();
+    await apiContext.global.set('sdk', apiContext.global.derefInto());
+    const index = numberGenerator();
+    const sdk = getSdk();
+    const handlerCode = sdk
+        .map(({ name, args, async }) => `sdk.${name} = ${generateHostFunctionReference(index, args, { async })}`)
+        .join('\n');
+    await apiContext.evalClosure(handlerCode, sdk.map(({ generator, async }) => (async ? wrap(generator(requestedScopes)) : generator(requestedScopes))), { filename: '<extensions-sdk>', arguments: { reference: true } });
+    const exportCode = sdk.map(({ name }) => `export const ${name} = sdk.${name};`).join('\n');
+    const apiModule = await isolate.compileModule(exportCode);
+    await apiModule.instantiate(apiContext, () => {
+        throw new Error();
+    });
+    return apiModule;
+}

package/dist/extensions/lib/sandbox/sdk/sdk.d.ts ADDED Viewed

@@ -0,0 +1,20 @@
+import { logGenerator, requestGenerator, sleepGenerator } from './generators/index.js';
+/**
+ * Create a new SDK context for use in the isolate
+ */
+export declare function getSdk(): ({
+    name: string;
+    generator: typeof logGenerator;
+    args: string[];
+    async: boolean;
+} | {
+    name: string;
+    generator: typeof sleepGenerator;
+    args: string[];
+    async: boolean;
+} | {
+    name: string;
+    generator: typeof requestGenerator;
+    args: string[];
+    async: boolean;
+})[];

package/dist/extensions/lib/sandbox/sdk/sdk.js ADDED Viewed

@@ -0,0 +1,11 @@
+import { logGenerator, requestGenerator, sleepGenerator } from './generators/index.js';
+/**
+ * Create a new SDK context for use in the isolate
+ */
+export function getSdk() {
+    return [
+        { name: 'log', generator: logGenerator, args: ['message'], async: false },
+        { name: 'sleep', generator: sleepGenerator, args: ['milliseconds'], async: true },
+        { name: 'request', generator: requestGenerator, args: ['url', 'options'], async: true },
+    ];
+}

package/dist/extensions/lib/sandbox/sdk/utils/index.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export * from './wrap.js';

package/dist/extensions/lib/sandbox/sdk/utils/index.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export * from './wrap.js';

package/dist/extensions/lib/sandbox/sdk/utils/wrap.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+/**
+ * Call the passed function in a try-catch, and return the output wrapped in a state object.
+ *
+ * This is needed as isolated-vm doesn't allow the isolate to catch errors that are thrown in the
+ * host. Instead, we'll wrap the output in a known shape which allows the isolated sdk context to
+ * re-throw the error in the correct context
+ */
+export declare function wrap(util: (...args: any[]) => any): (...args: any[]) => Promise<{
+    result: any;
+    error: boolean;
+}>;

package/dist/extensions/lib/sandbox/sdk/utils/wrap.js ADDED Viewed

@@ -0,0 +1,17 @@
+/**
+ * Call the passed function in a try-catch, and return the output wrapped in a state object.
+ *
+ * This is needed as isolated-vm doesn't allow the isolate to catch errors that are thrown in the
+ * host. Instead, we'll wrap the output in a known shape which allows the isolated sdk context to
+ * re-throw the error in the correct context
+ */
+export function wrap(util) {
+    return async (...args) => {
+        try {
+            return { result: await util(...args), error: false };
+        }
+        catch (e) {
+            return { result: e, error: true };
+        }
+    };
+}