@directus/api 17.0.0 → 17.1.0

package/dist/controllers/fields.js

@@ -126,9 +126,6 @@ router.patch('/:collection/:field', validateCollection, asyncHandler(async (req,
     if (error) {
         throw new InvalidPayloadError({ reason: error.message });
     }
-    if (req.body.schema && !req.body.type) {
-        throw new InvalidPayloadError({ reason: `You need to provide "type" when providing "schema"` });
-    }
     const fieldData = req.body;
     if (!fieldData.field)
         fieldData.field = req.params['field'];

package/dist/controllers/items.js

@@ -8,9 +8,10 @@ import { ItemsService } from '../services/items.js';
 import { MetaService } from '../services/meta.js';
 import asyncHandler from '../utils/async-handler.js';
 import { sanitizeQuery } from '../utils/sanitize-query.js';
+import { isSystemCollection } from '@directus/system-data';
 const router = express.Router();
 router.post('/:collection', collectionExists, asyncHandler(async (req, res, next) => {
-    if (req.params['collection'].startsWith('directus_'))
+    if (isSystemCollection(req.params['collection']))
         throw new ForbiddenError();
     if (req.singleton) {
         throw new RouteNotFoundError({ path: req.path });
@@ -47,7 +48,7 @@ router.post('/:collection', collectionExists, asyncHandler(async (req, res, next
     return next();
 }), respond);
 const readHandler = asyncHandler(async (req, res, next) => {
-    if (req.params['collection'].startsWith('directus_'))
+    if (isSystemCollection(req.params['collection']))
         throw new ForbiddenError();
     const service = new ItemsService(req.collection, {
         accountability: req.accountability,
@@ -77,7 +78,7 @@ const readHandler = asyncHandler(async (req, res, next) => {
 router.search('/:collection', collectionExists, validateBatch('read'), readHandler, respond);
 router.get('/:collection', collectionExists, readHandler, respond);
 router.get('/:collection/:pk', collectionExists, asyncHandler(async (req, res, next) => {
-    if (req.params['collection'].startsWith('directus_'))
+    if (isSystemCollection(req.params['collection']))
         throw new ForbiddenError();
     const service = new ItemsService(req.collection, {
         accountability: req.accountability,
@@ -90,7 +91,7 @@ router.get('/:collection/:pk', collectionExists, asyncHandler(async (req, res, n
     return next();
 }), respond);
 router.patch('/:collection', collectionExists, validateBatch('update'), asyncHandler(async (req, res, next) => {
-    if (req.params['collection'].startsWith('directus_'))
+    if (isSystemCollection(req.params['collection']))
         throw new ForbiddenError();
     const service = new ItemsService(req.collection, {
         accountability: req.accountability,
@@ -126,7 +127,7 @@ router.patch('/:collection', collectionExists, validateBatch('update'), asyncHan
     return next();
 }), respond);
 router.patch('/:collection/:pk', collectionExists, asyncHandler(async (req, res, next) => {
-    if (req.params['collection'].startsWith('directus_'))
+    if (isSystemCollection(req.params['collection']))
         throw new ForbiddenError();
     if (req.singleton) {
         throw new RouteNotFoundError({ path: req.path });
@@ -149,7 +150,7 @@ router.patch('/:collection/:pk', collectionExists, asyncHandler(async (req, res,
     return next();
 }), respond);
 router.delete('/:collection', collectionExists, validateBatch('delete'), asyncHandler(async (req, _res, next) => {
-    if (req.params['collection'].startsWith('directus_'))
+    if (isSystemCollection(req.params['collection']))
         throw new ForbiddenError();
     const service = new ItemsService(req.collection, {
         accountability: req.accountability,
@@ -168,7 +169,7 @@ router.delete('/:collection', collectionExists, validateBatch('delete'), asyncHa
     return next();
 }), respond);
 router.delete('/:collection/:pk', collectionExists, asyncHandler(async (req, _res, next) => {
-    if (req.params['collection'].startsWith('directus_'))
+    if (isSystemCollection(req.params['collection']))
         throw new ForbiddenError();
     const service = new ItemsService(req.collection, {
         accountability: req.accountability,

package/dist/extensions/lib/sandbox/generate-api-extensions-sandbox-entrypoint.d.ts

@@ -16,7 +16,7 @@ export declare function generateApiExtensionsSandboxEntrypoint(type: ApiExtensio
     unregisterFunction: () => Promise<void>;
 } | {
     code: string;
-    hostFunctions: ((path: import("isolated-vm").Reference<string>, method: import("isolated-vm").Reference<"GET" | "POST" | "DELETE" | "PUT" | "PATCH">, cb: import("isolated-vm").Reference<(req: {
+    hostFunctions: ((path: import("isolated-vm").Reference<string>, method: import("isolated-vm").Reference<"GET" | "POST" | "DELETE" | "PATCH" | "PUT">, cb: import("isolated-vm").Reference<(req: {
         url: string;
         headers: import("http").IncomingHttpHeaders;
         body: string;

package/dist/flows.js

@@ -19,6 +19,7 @@ import { mapValuesDeep } from './utils/map-values-deep.js';
 import { redactObject } from './utils/redact-object.js';
 import { sanitizeError } from './utils/sanitize-error.js';
 import { scheduleSynchronizedJob, validateCron } from './utils/schedule.js';
+import { isSystemCollection } from '@directus/system-data';
 let flowManager;
 export function getFlowManager() {
     if (flowManager) {
@@ -111,7 +112,7 @@ class FlowManager {
                             if (!flow.options?.['collections'])
                                 return [];
                             return toArray(flow.options['collections']).map((collection) => {
-                                if (collection.startsWith('directus_')) {
+                                if (isSystemCollection(collection)) {
                                     const action = scope.split('.')[1];
                                     return collection.substring(9) + '.' + action;
                                 }

package/dist/middleware/collection-exists.js

@@ -1,8 +1,8 @@
 /**
  * Check if requested collection exists, and save it to req.collection
  */
-import { systemCollectionRows } from '../database/system-data/collections/index.js';
 import { ForbiddenError } from '@directus/errors';
+import { systemCollectionRows } from '@directus/system-data';
 import asyncHandler from '../utils/async-handler.js';
 const collectionExists = asyncHandler(async (req, _res, next) => {
     if (!req.params['collection'])
@@ -11,11 +11,11 @@ const collectionExists = asyncHandler(async (req, _res, next) => {
         throw new ForbiddenError();
     }
     req.collection = req.params['collection'];
-    if (req.collection.startsWith('directus_')) {
-        const systemRow = systemCollectionRows.find((collection) => {
-            return collection?.collection === req.collection;
-        });
-        req.singleton = !!systemRow?.singleton;
+    const systemCollectionRow = systemCollectionRows.find((collection) => {
+        return collection?.collection === req.collection;
+    });
+    if (systemCollectionRow !== undefined) {
+        req.singleton = !!systemCollectionRow?.singleton;
     }
     else {
         req.singleton = req.schema.collections[req.collection]?.singleton ?? false;

package/dist/operations/item-update/index.js

@@ -32,7 +32,10 @@ export default defineOperationApi({
             return null;
         }
         let result;
-        if (!key || (Array.isArray(key) && key.length === 0)) {
+        if (Array.isArray(payloadObject)) {
+            result = await itemsService.updateBatch(payloadObject, { emitEvents: !!emitEvents });
+        }
+        else if (!key || (Array.isArray(key) && key.length === 0)) {
             result = await itemsService.updateByQuery(sanitizedQueryObject, payloadObject, { emitEvents: !!emitEvents });
         }
         else {

package/dist/operations/request/index.js

@@ -24,12 +24,12 @@ export default defineOperationApi({
             return { status: result.status, statusText: result.statusText, headers: result.headers, data: result.data };
         }
         catch (error) {
-            if (isAxiosError(error)) {
+            if (isAxiosError(error) && error.response) {
                 throw JSON.stringify({
-                    status: error.response?.status,
-                    statusText: error.response?.statusText,
-                    headers: error.response?.headers,
-                    data: error.response?.data,
+                    status: error.response.status,
+                    statusText: error.response.statusText,
+                    headers: error.response.headers,
+                    data: error.response.data,
                 });
             }
             else {

package/dist/request/agent-with-ip-validation.d.ts

@@ -0,0 +1,11 @@
+/// <reference types="node" resolution-mode="require"/>
+import type { Agent, ClientRequestArgs } from 'node:http';
+/**
+ * 'createConnection' is missing in 'Agent' type, but assigned in actual implementation:
+ * https://github.com/nodejs/node/blob/8a41d9b636be86350cd32847c3f89d327c4f6ff7/lib/_http_agent.js#L215
+ */
+export type _Agent = Agent & {
+    createConnection: NonNullable<ClientRequestArgs['createConnection']>;
+};
+/** Extends a HTTP agent with IP validation */
+export declare const agentWithIpValidation: (agent: Agent) => Agent;

package/dist/request/agent-with-ip-validation.js

@@ -0,0 +1,34 @@
+import { isIP } from 'node:net';
+import { isDeniedIp } from './is-denied-ip.js';
+const deniedError = (domain) => new Error(`Requested domain "${domain}" resolves to a denied IP address`);
+/** Extends a HTTP agent with IP validation */
+export const agentWithIpValidation = (agent) => {
+    const _agent = agent;
+    const { createConnection } = _agent;
+    _agent.createConnection = function (options, oncreate) {
+        const { host } = options;
+        /*
+         * Unexpected, but according to the types 'host' might be undefined.
+         * In that case, the request is denied to be on the safe side,
+         * since the host cannot be verified.
+         */
+        if (!host) {
+            throw new Error('Request cannot be verified due to missing host');
+        }
+        /*
+         * At this point, host is only verified if it's already an IP address.
+         * Otherwise it will be verified on 'lookup' event.
+         */
+        if (isIP(host) !== 0 && isDeniedIp(host))
+            throw deniedError(host);
+        const socket = createConnection.call(this, options, oncreate);
+        // Emitted after resolving the host name but before connecting.
+        socket.on('lookup', (error, address) => {
+            if (error || !isDeniedIp(address))
+                return;
+            return socket.destroy(deniedError(host));
+        });
+        return socket;
+    };
+    return agent;
+};

package/dist/request/index.js

@@ -1,14 +1,15 @@
-import { requestInterceptor } from './request-interceptor.js';
-import { responseInterceptor } from './response-interceptor.js';
 export const _cache = {
     axiosInstance: null,
 };
 export async function getAxios() {
     if (!_cache.axiosInstance) {
         const axios = (await import('axios')).default;
-        _cache.axiosInstance = axios.create();
-        _cache.axiosInstance.interceptors.request.use(requestInterceptor);
-        _cache.axiosInstance.interceptors.response.use(responseInterceptor);
+        const { Agent: AgentHttp } = await import('node:http');
+        const { Agent: AgentHttps } = await import('node:https');
+        const { agentWithIpValidation } = await import('./agent-with-ip-validation.js');
+        const httpAgent = agentWithIpValidation(new AgentHttp());
+        const httpsAgent = agentWithIpValidation(new AgentHttps());
+        _cache.axiosInstance = axios.create({ httpAgent, httpsAgent });
     }
     return _cache.axiosInstance;
 }

package/dist/request/is-denied-ip.d.ts

@@ -0,0 +1 @@
+export declare function isDeniedIp(ip: string): boolean;

package/dist/request/{validate-ip.js → is-denied-ip.js}

@@ -2,34 +2,32 @@ import { useEnv } from '@directus/env';
 import os from 'node:os';
 import { useLogger } from '../logger.js';
 import { ipInNetworks } from '../utils/ip-in-networks.js';
-const deniedError = (url) => new Error(`Requested URL "${url}" resolves to a denied IP address`);
-export function validateIp(ip, url) {
+export function isDeniedIp(ip) {
     const env = useEnv();
     const logger = useLogger();
     const ipDenyList = env['IMPORT_IP_DENY_LIST'];
     if (ipDenyList.length === 0)
-        return;
-    let denied;
+        return false;
     try {
-        denied = ipInNetworks(ip, ipDenyList);
+        const denied = ipInNetworks(ip, ipDenyList);
+        if (denied)
+            return true;
     }
     catch (error) {
-        logger.warn(`Invalid "IMPORT_IP_DENY_LIST" configuration`);
+        logger.warn(`Cannot verify IP address due to invalid "IMPORT_IP_DENY_LIST" config`);
         logger.warn(error);
-        throw deniedError(url);
+        return true;
     }
-    if (denied)
-        throw deniedError(url);
     if (ipDenyList.includes('0.0.0.0')) {
         const networkInterfaces = os.networkInterfaces();
         for (const networkInfo of Object.values(networkInterfaces)) {
             if (!networkInfo)
                 continue;
             for (const info of networkInfo) {
-                if (info.address === ip) {
-                    throw deniedError(url);
-                }
+                if (info.address === ip)
+                    return true;
             }
         }
     }
+    return false;
 }

package/dist/services/collections.d.ts

@@ -3,12 +3,13 @@ import type { Accountability, RawField, SchemaOverview } from '@directus/types';
 import type Keyv from 'keyv';
 import type { Knex } from 'knex';
 import type { Helpers } from '../database/helpers/index.js';
-import type { AbstractServiceOptions, Collection, CollectionMeta, MutationOptions } from '../types/index.js';
+import type { AbstractServiceOptions, Collection, MutationOptions } from '../types/index.js';
+import { type BaseCollectionMeta } from '@directus/system-data';
 export type RawCollection = {
     collection: string;
     fields?: RawField[];
     schema?: Partial<Table> | null;
-    meta?: Partial<CollectionMeta> | null;
+    meta?: Partial<BaseCollectionMeta> | null;
 };
 export declare class CollectionsService {
     knex: Knex;

package/dist/services/collections.js

@@ -7,12 +7,12 @@ import { clearSystemCache, getCache } from '../cache.js';
 import { ALIAS_TYPES } from '../constants.js';
 import { getHelpers } from '../database/helpers/index.js';
 import getDatabase, { getSchemaInspector } from '../database/index.js';
-import { systemCollectionRows } from '../database/system-data/collections/index.js';
 import emitter from '../emitter.js';
 import { getSchema } from '../utils/get-schema.js';
 import { shouldClearCache } from '../utils/should-clear-cache.js';
 import { FieldsService } from './fields.js';
 import { ItemsService } from './items.js';
+import { systemCollectionRows } from '@directus/system-data';
 export class CollectionsService {
     knex;
     helpers;

package/dist/services/fields.js

@@ -7,7 +7,6 @@ import { ALIAS_TYPES } from '../constants.js';
 import { translateDatabaseError } from '../database/errors/translate.js';
 import { getHelpers } from '../database/helpers/index.js';
 import getDatabase, { getSchemaInspector } from '../database/index.js';
-import { systemFieldRows } from '../database/system-data/fields/index.js';
 import emitter from '../emitter.js';
 import { ForbiddenError, InvalidPayloadError } from '@directus/errors';
 import { ItemsService } from './items.js';
@@ -18,6 +17,8 @@ import { getSchema } from '../utils/get-schema.js';
 import { sanitizeColumn } from '../utils/sanitize-schema.js';
 import { shouldClearCache } from '../utils/should-clear-cache.js';
 import { RelationsService } from './relations.js';
+import { getSystemFieldRowsWithAuthProviders } from '../utils/get-field-system-rows.js';
+const systemFieldRows = getSystemFieldRowsWithAuthProviders();
 export class FieldsService {
     knex;
     helpers;
@@ -299,6 +300,12 @@ export class FieldsService {
         }
         const runPostColumnChange = await this.helpers.schema.preColumnChange();
         const nestedActionEvents = [];
+        // 'type' is required for further checks on schema update
+        if (field.schema && !field.type) {
+            const existingType = this.schema.collections[collection]?.fields[field.field]?.type;
+            if (existingType)
+                field.type = existingType;
+        }
         try {
             const hookAdjustedField = await emitter.emitFilter(`fields.update`, field, {
                 keys: [field.field],

package/dist/services/files.js

@@ -288,11 +288,12 @@ export class FilesService extends ItemsService {
                 decompress: false,
             });
         }
-        catch (err) {
-            logger.warn(err, `Couldn't fetch file from URL "${importURL}"`);
+        catch (error) {
+            logger.warn(`Couldn't fetch file from URL "${importURL}"${error.message ? `: ${error.message}` : ''}`);
+            logger.trace(error);
             throw new ServiceUnavailableError({
                 service: 'external-file',
-                reason: `Couldn't fetch file from url "${importURL}"`,
+                reason: `Couldn't fetch file from URL "${importURL}"`,
             });
         }
         const parsedURL = url.parse(fileResponse.request.res.responseUrl);

package/dist/services/graphql/index.js

@@ -40,6 +40,7 @@ import { GraphQLStringOrFloat } from './types/string-or-float.js';
 import { GraphQLVoid } from './types/void.js';
 import { addPathToValidationError } from './utils/add-path-to-validation-error.js';
 import processError from './utils/process-error.js';
+import { isSystemCollection } from '@directus/system-data';
 const env = useEnv();
 const validationRules = Array.from(specifiedRules);
 if (env['GRAPHQL_INTROSPECTION'] === false) {
@@ -129,10 +130,10 @@ export class GraphQLService {
         const { ReadCollectionTypes, VersionCollectionTypes } = getReadableTypes();
         const { CreateCollectionTypes, UpdateCollectionTypes, DeleteCollectionTypes } = getWritableTypes();
         const scopeFilter = (collection) => {
-            if (this.scope === 'items' && collection.collection.startsWith('directus_') === true)
+            if (this.scope === 'items' && isSystemCollection(collection.collection))
                 return false;
             if (this.scope === 'system') {
-                if (collection.collection.startsWith('directus_') === false)
+                if (isSystemCollection(collection.collection) === false)
                     return false;
                 if (SYSTEM_DENY_LIST.includes(collection.collection))
                     return false;

package/dist/services/import-export.js

@@ -1,12 +1,14 @@
 import { useEnv } from '@directus/env';
 import { ForbiddenError, InvalidPayloadError, ServiceUnavailableError, UnsupportedMediaTypeError, } from '@directus/errors';
+import { isSystemCollection } from '@directus/system-data';
 import { parseJSON, toArray } from '@directus/utils';
+import { createTmpFile } from '@directus/utils/node';
 import { queue } from 'async';
 import destroyStream from 'destroy';
 import { dump as toYAML } from 'js-yaml';
 import { parse as toXML } from 'js2xmlparser';
 import { Parser as CSVParser, transforms as CSVTransforms } from 'json2csv';
-import { createReadStream } from 'node:fs';
+import { createReadStream, createWriteStream } from 'node:fs';
 import { appendFile } from 'node:fs/promises';
 import Papa from 'papaparse';
 import StreamArray from 'stream-json/streamers/StreamArray.js';
@@ -32,7 +34,7 @@ export class ImportService {
         this.schema = options.schema;
     }
     async import(collection, mimetype, stream) {
-        if (this.accountability?.admin !== true && collection.startsWith('directus_'))
+        if (this.accountability?.admin !== true && isSystemCollection(collection))
             throw new ForbiddenError();
         const createPermissions = this.accountability?.permissions?.find((permission) => permission.collection === collection && permission.action === 'create');
         const updatePermissions = this.accountability?.permissions?.find((permission) => permission.collection === collection && permission.action === 'update');
@@ -85,7 +87,10 @@ export class ImportService {
             });
         });
     }
-    importCSV(collection, stream) {
+    async importCSV(collection, stream) {
+        const tmpFile = await createTmpFile().catch(() => null);
+        if (!tmpFile)
+            throw new Error('Failed to create temporary file for import');
         const nestedActionEvents = [];
         return this.knex.transaction((trx) => {
             const service = new ItemsService(collection, {
@@ -115,35 +120,66 @@ export class ImportService {
                 transform,
             };
             return new Promise((resolve, reject) => {
-                stream
-                    .pipe(Papa.parse(Papa.NODE_STREAM_INPUT, PapaOptions))
-                    .on('data', (obj) => {
-                    // Filter out all undefined fields
-                    for (const field in obj) {
-                        if (obj[field] === undefined) {
-                            delete obj[field];
+                const streams = [stream];
+                const cleanup = (destroy = true) => {
+                    if (destroy) {
+                        for (const stream of streams) {
+                            destroyStream(stream);
                         }
                     }
-                    saveQueue.push(obj);
-                })
-                    .on('error', (err) => {
-                    destroyStream(stream);
-                    reject(new InvalidPayloadError({ reason: err.message }));
+                    tmpFile.cleanup().catch(() => {
+                        logger.warn(`Failed to cleanup temporary import file (${tmpFile.path})`);
+                    });
+                };
+                saveQueue.error((error) => {
+                    reject(error);
+                });
+                const fileWriteStream = createWriteStream(tmpFile.path)
+                    .on('error', (error) => {
+                    cleanup();
+                    reject(new Error('Error while writing import data to temporary file', { cause: error }));
                 })
-                    .on('end', () => {
-                    // In case of empty CSV file
-                    if (!saveQueue.started)
-                        return resolve();
-                    saveQueue.drain(() => {
-                        for (const nestedActionEvent of nestedActionEvents) {
-                            emitter.emitAction(nestedActionEvent.event, nestedActionEvent.meta, nestedActionEvent.context);
+                    .on('finish', () => {
+                    const fileReadStream = createReadStream(tmpFile.path).on('error', (error) => {
+                        cleanup();
+                        reject(new Error('Error while reading import data from temporary file', { cause: error }));
+                    });
+                    streams.push(fileReadStream);
+                    fileReadStream
+                        .pipe(Papa.parse(Papa.NODE_STREAM_INPUT, PapaOptions))
+                        .on('data', (obj) => {
+                        // Filter out all undefined fields
+                        for (const field in obj) {
+                            if (obj[field] === undefined) {
+                                delete obj[field];
+                            }
                         }
-                        return resolve();
+                        saveQueue.push(obj);
+                    })
+                        .on('error', (error) => {
+                        cleanup();
+                        reject(new InvalidPayloadError({ reason: error.message }));
+                    })
+                        .on('end', () => {
+                        cleanup(false);
+                        // In case of empty CSV file
+                        if (!saveQueue.started)
+                            return resolve();
+                        saveQueue.drain(() => {
+                            for (const nestedActionEvent of nestedActionEvents) {
+                                emitter.emitAction(nestedActionEvent.event, nestedActionEvent.meta, nestedActionEvent.context);
+                            }
+                            return resolve();
+                        });
                     });
                 });
-                saveQueue.error((err) => {
-                    reject(err);
-                });
+                streams.push(fileWriteStream);
+                stream
+                    .on('error', (error) => {
+                    cleanup();
+                    reject(new Error('Error while retrieving import data', { cause: error }));
+                })
+                    .pipe(fileWriteStream);
             });
         });
     }

package/dist/services/items.js

@@ -13,6 +13,7 @@ import { shouldClearCache } from '../utils/should-clear-cache.js';
 import { validateKeys } from '../utils/validate-keys.js';
 import { AuthorizationService } from './authorization.js';
 import { PayloadService } from './payload.js';
+import { isSystemCollection } from '@directus/system-data';
 const env = useEnv();
 export class ItemsService {
     collection;
@@ -25,7 +26,7 @@ export class ItemsService {
         this.collection = collection;
         this.knex = options.knex || getDatabase();
         this.accountability = options.accountability || null;
-        this.eventScope = this.collection.startsWith('directus_') ? this.collection.substring(9) : 'items';
+        this.eventScope = isSystemCollection(this.collection) ? this.collection.substring(9) : 'items';
         this.schema = options.schema;
         this.cache = getCache().cache;
         return this;

package/dist/services/permissions.js

@@ -1,6 +1,6 @@
 import { ForbiddenError } from '@directus/errors';
 import { clearSystemCache, getCache } from '../cache.js';
-import { appAccessMinimalPermissions } from '../database/system-data/app-access-permissions/index.js';
+import { appAccessMinimalPermissions } from '@directus/system-data';
 import { filterItems } from '../utils/filter-items.js';
 import { AuthorizationService } from './authorization.js';
 import { ItemsService } from './items.js';

package/dist/services/relations.js

@@ -4,12 +4,12 @@ import { toArray } from '@directus/utils';
 import { clearSystemCache, getCache } from '../cache.js';
 import { getHelpers } from '../database/helpers/index.js';
 import getDatabase, { getSchemaInspector } from '../database/index.js';
-import { systemRelationRows } from '../database/system-data/relations/index.js';
 import emitter from '../emitter.js';
 import { getDefaultIndexName } from '../utils/get-default-index-name.js';
 import { getSchema } from '../utils/get-schema.js';
 import { ItemsService } from './items.js';
 import { PermissionsService } from './permissions.js';
+import { systemRelationRows } from '@directus/system-data';
 export class RelationsService {
     knex;
     permissionsService;

package/dist/services/roles.d.ts

@@ -1,13 +1,18 @@
 import type { Query } from '@directus/types';
-import type { AbstractServiceOptions, MutationOptions, PrimaryKey } from '../types/index.js';
+import type { AbstractServiceOptions, Item, MutationOptions, PrimaryKey } from '../types/index.js';
 import { ItemsService } from './items.js';
 export declare class RolesService extends ItemsService {
     constructor(options: AbstractServiceOptions);
     private checkForOtherAdminRoles;
     private checkForOtherAdminUsers;
-    updateOne(key: PrimaryKey, data: Record<string, any>, opts?: MutationOptions): Promise<PrimaryKey>;
-    updateBatch(data: Record<string, any>[], opts?: MutationOptions): Promise<PrimaryKey[]>;
-    updateMany(keys: PrimaryKey[], data: Record<string, any>, opts?: MutationOptions): Promise<PrimaryKey[]>;
+    private isIpAccessValid;
+    private assertValidIpAccess;
+    createOne(data: Partial<Item>, opts?: MutationOptions): Promise<PrimaryKey>;
+    createMany(data: Partial<Item>[], opts?: MutationOptions): Promise<PrimaryKey[]>;
+    updateOne(key: PrimaryKey, data: Partial<Item>, opts?: MutationOptions): Promise<PrimaryKey>;
+    updateBatch(data: Partial<Item>[], opts?: MutationOptions): Promise<PrimaryKey[]>;
+    updateMany(keys: PrimaryKey[], data: Partial<Item>, opts?: MutationOptions): Promise<PrimaryKey[]>;
+    updateByQuery(query: Query, data: Partial<Item>, opts?: MutationOptions | undefined): Promise<PrimaryKey[]>;
     deleteOne(key: PrimaryKey): Promise<PrimaryKey>;
     deleteMany(keys: PrimaryKey[]): Promise<PrimaryKey[]>;
     deleteByQuery(query: Query, opts?: MutationOptions): Promise<PrimaryKey[]>;