@directus/api 18.2.1 → 19.0.1

package/dist/app.js

@@ -60,7 +60,6 @@ import { getConfigFromEnv } from './utils/get-config-from-env.js';
 import { Url } from './utils/url.js';
 import { validateEnv } from './utils/validate-env.js';
 import { validateStorage } from './utils/validate-storage.js';
-import { init as initWebhooks } from './webhooks.js';
 const require = createRequire(import.meta.url);
 export default async function createApp() {
     const env = useEnv();
@@ -240,8 +239,6 @@ export default async function createApp() {
     app.use(notFoundHandler);
     app.use(errorHandler);
     await emitter.emitInit('routes.after', { app });
-    // Register all webhooks
-    await initWebhooks();
     initTelemetry();
     await emitter.emitInit('app.after', { app });
     return app;

package/dist/auth/drivers/ldap.js

@@ -299,7 +299,7 @@ export function createLDAPAuthRouter(provider) {
             ip: getIPFromReq(req),
             role: null,
         };
-        const userAgent = req.get('user-agent');
+        const userAgent = req.get('user-agent')?.substring(0, 1024);
         if (userAgent)
             accountability.userAgent = userAgent;
         const origin = req.get('origin');

package/dist/auth/drivers/local.js

@@ -51,7 +51,7 @@ export function createLocalAuthRouter(provider) {
             ip: getIPFromReq(req),
             role: null,
         };
-        const userAgent = req.get('user-agent');
+        const userAgent = req.get('user-agent')?.substring(0, 1024);
         if (userAgent)
             accountability.userAgent = userAgent;
         const origin = req.get('origin');

package/dist/auth/drivers/oauth2.js

@@ -254,7 +254,7 @@ export function createOAuth2AuthRouter(providerName) {
             ip: getIPFromReq(req),
             role: null,
         };
-        const userAgent = req.get('user-agent');
+        const userAgent = req.get('user-agent')?.substring(0, 1024);
         if (userAgent)
             accountability.userAgent = userAgent;
         const origin = req.get('origin');

package/dist/auth/drivers/openid.js

@@ -275,7 +275,7 @@ export function createOpenIDAuthRouter(providerName) {
             ip: getIPFromReq(req),
             role: null,
         };
-        const userAgent = req.get('user-agent');
+        const userAgent = req.get('user-agent')?.substring(0, 1024);
         if (userAgent)
             accountability.userAgent = userAgent;
         const origin = req.get('origin');

package/dist/cache.js

@@ -80,7 +80,7 @@ export async function getSystemCache(key) {
 }
 export async function setSchemaCache(schema) {
     const { localSchemaCache, sharedSchemaCache } = getCache();
-    const schemaHash = await getSimpleHash(JSON.stringify(schema));
+    const schemaHash = getSimpleHash(JSON.stringify(schema));
     await sharedSchemaCache.set('hash', schemaHash);
     await localSchemaCache.set('schema', schema);
     await localSchemaCache.set('hash', schemaHash);

package/dist/cli/utils/create-env/env-stub.liquid

@@ -312,8 +312,8 @@ EXTENSIONS_AUTO_RELOAD=false
 ####################################################################################################
 ### Email
 
-# Email address from which emails are sent ["no-reply@directus.io"]
-EMAIL_FROM="no-reply@directus.io"
+# Email address from which emails are sent ["no-reply@example.com"]
+EMAIL_FROM="no-reply@example.com"
 
 # What to use to send emails. One of
 # sendmail, smtp, mailgun, sendgrid, ses.

package/dist/controllers/activity.js

@@ -70,7 +70,7 @@ router.post('/comment', asyncHandler(async (req, res, next) => {
         action: Action.COMMENT,
         user: req.accountability?.user,
         ip: getIPFromReq(req),
-        user_agent: req.get('user-agent'),
+        user_agent: req.accountability?.userAgent,
         origin: req.get('origin'),
     });
     try {

package/dist/controllers/assets.js

@@ -180,17 +180,10 @@ asyncHandler(async (req, res) => {
         res.setHeader('Content-Length', stat.size);
         return res.end();
     }
-    let isDataSent = false;
-    stream.on('data', (chunk) => {
-        isDataSent = true;
-        res.write(chunk);
-    });
-    stream.on('end', () => {
-        res.end();
-    });
-    stream.on('error', (e) => {
-        logger.error(e, `Couldn't stream file ${file.id} to the client`);
-        if (!isDataSent) {
+    stream
+        .on('error', (error) => {
+        logger.error(error, `Couldn't stream file ${file.id} to the client`);
+        if (!res.headersSent) {
             res.removeHeader('Content-Type');
             res.removeHeader('Content-Disposition');
             res.removeHeader('Cache-Control');
@@ -205,7 +198,11 @@ asyncHandler(async (req, res) => {
                 ],
             });
         }
-    });
+        else {
+            res.end();
+        }
+    })
+        .pipe(res);
     return undefined;
 }));
 export default router;

package/dist/controllers/auth.js

@@ -74,7 +74,7 @@ router.post('/refresh', asyncHandler(async (req, res, next) => {
         ip: getIPFromReq(req),
         role: null,
     };
-    const userAgent = req.get('user-agent');
+    const userAgent = req.get('user-agent')?.substring(0, 1024);
     if (userAgent)
         accountability.userAgent = userAgent;
     const origin = req.get('origin');
@@ -114,7 +114,7 @@ router.post('/logout', asyncHandler(async (req, res, next) => {
         ip: getIPFromReq(req),
         role: null,
     };
-    const userAgent = req.get('user-agent');
+    const userAgent = req.get('user-agent')?.substring(0, 1024);
     if (userAgent)
         accountability.userAgent = userAgent;
     const origin = req.get('origin');
@@ -148,7 +148,7 @@ router.post('/password/request', asyncHandler(async (req, _res, next) => {
         ip: getIPFromReq(req),
         role: null,
     };
-    const userAgent = req.get('user-agent');
+    const userAgent = req.get('user-agent')?.substring(0, 1024);
     if (userAgent)
         accountability.userAgent = userAgent;
     const origin = req.get('origin');
@@ -180,7 +180,7 @@ router.post('/password/reset', asyncHandler(async (req, _res, next) => {
         ip: getIPFromReq(req),
         role: null,
     };
-    const userAgent = req.get('user-agent');
+    const userAgent = req.get('user-agent')?.substring(0, 1024);
     if (userAgent)
         accountability.userAgent = userAgent;
     const origin = req.get('origin');
@@ -190,9 +190,10 @@ router.post('/password/reset', asyncHandler(async (req, _res, next) => {
     await service.resetPassword(req.body.token, req.body.password);
     return next();
 }), respond);
-router.get('/', asyncHandler(async (_req, res, next) => {
+router.get('/', asyncHandler(async (req, res, next) => {
+    const sessionOnly = 'sessionOnly' in req.query && (req.query['sessionOnly'] === '' || Boolean(req.query['sessionOnly']));
     res.locals['payload'] = {
-        data: getAuthProviders(),
+        data: getAuthProviders({ sessionOnly }),
         disableDefault: env['AUTH_DISABLE_DEFAULT'],
     };
     return next();

package/dist/controllers/collections.js

@@ -1,6 +1,5 @@
-import { isDirectusError } from '@directus/errors';
+import { ErrorCode, isDirectusError } from '@directus/errors';
 import { Router } from 'express';
-import { ErrorCode } from '@directus/errors';
 import { respond } from '../middleware/respond.js';
 import { validateBatch } from '../middleware/validate-batch.js';
 import { CollectionsService } from '../services/collections.js';

package/dist/controllers/dashboards.js

@@ -1,6 +1,5 @@
-import { isDirectusError } from '@directus/errors';
+import { ErrorCode, isDirectusError } from '@directus/errors';
 import express from 'express';
-import { ErrorCode } from '@directus/errors';
 import { respond } from '../middleware/respond.js';
 import useCollection from '../middleware/use-collection.js';
 import { validateBatch } from '../middleware/validate-batch.js';

package/dist/controllers/extensions.js

@@ -101,6 +101,36 @@ router.post('/registry/install', asyncHandler(async (req, _res, next) => {
     await service.install(extension, version);
     return next();
 }), respond);
+router.post('/registry/reinstall', asyncHandler(async (req, _res, next) => {
+    if (req.accountability && req.accountability.admin !== true) {
+        throw new ForbiddenError();
+    }
+    const { extension } = req.body;
+    if (!extension) {
+        throw new ForbiddenError();
+    }
+    const service = new ExtensionsService({
+        accountability: req.accountability,
+        schema: req.schema,
+    });
+    await service.reinstall(extension);
+    return next();
+}), respond);
+router.delete(`/registry/uninstall/:pk(${UUID_REGEX})`, asyncHandler(async (req, _res, next) => {
+    if (req.accountability && req.accountability.admin !== true) {
+        throw new ForbiddenError();
+    }
+    const pk = req.params['pk'];
+    if (typeof pk !== 'string') {
+        throw new ForbiddenError();
+    }
+    const service = new ExtensionsService({
+        accountability: req.accountability,
+        schema: req.schema,
+    });
+    await service.uninstall(pk);
+    return next();
+}), respond);
 router.patch(`/:pk(${UUID_REGEX})`, asyncHandler(async (req, res, next) => {
     if (req.accountability && req.accountability.admin !== true) {
         throw new ForbiddenError();

package/dist/controllers/fields.js

@@ -85,9 +85,7 @@ router.patch('/:collection', validateCollection, asyncHandler(async (req, res, n
     if (Array.isArray(req.body) === false) {
         throw new InvalidPayloadError({ reason: 'Submitted body has to be an array' });
     }
-    for (const field of req.body) {
-        await service.updateField(req.params['collection'], field);
-    }
+    await service.updateFields(req.params['collection'], req.body);
     try {
         const results = [];
         for (const field of req.body) {

package/dist/controllers/flows.js

@@ -1,7 +1,6 @@
-import { isDirectusError } from '@directus/errors';
+import { ErrorCode, isDirectusError } from '@directus/errors';
 import express from 'express';
 import { UUID_REGEX } from '../constants.js';
-import { ErrorCode } from '@directus/errors';
 import { getFlowManager } from '../flows.js';
 import { respond } from '../middleware/respond.js';
 import useCollection from '../middleware/use-collection.js';

package/dist/controllers/folders.js

@@ -1,6 +1,5 @@
-import { isDirectusError } from '@directus/errors';
+import { ErrorCode, isDirectusError } from '@directus/errors';
 import express from 'express';
-import { ErrorCode } from '@directus/errors';
 import { respond } from '../middleware/respond.js';
 import useCollection from '../middleware/use-collection.js';
 import { validateBatch } from '../middleware/validate-batch.js';

package/dist/controllers/items.js

@@ -1,15 +1,14 @@
-import { isDirectusError } from '@directus/errors';
+import { ErrorCode, ForbiddenError, RouteNotFoundError, isDirectusError } from '@directus/errors';
+import { isSystemCollection } from '@directus/system-data';
 import express from 'express';
-import { ErrorCode, ForbiddenError, RouteNotFoundError } from '@directus/errors';
 import collectionExists from '../middleware/collection-exists.js';
+import { mergeContentVersions } from '../middleware/merge-content-versions.js';
 import { respond } from '../middleware/respond.js';
 import { validateBatch } from '../middleware/validate-batch.js';
-import { mergeContentVersions } from '../middleware/merge-content-versions.js';
 import { ItemsService } from '../services/items.js';
 import { MetaService } from '../services/meta.js';
 import asyncHandler from '../utils/async-handler.js';
 import { sanitizeQuery } from '../utils/sanitize-query.js';
-import { isSystemCollection } from '@directus/system-data';
 const router = express.Router();
 router.post('/:collection', collectionExists, asyncHandler(async (req, res, next) => {
     if (isSystemCollection(req.params['collection']))

package/dist/controllers/notifications.js

@@ -1,6 +1,5 @@
-import { isDirectusError } from '@directus/errors';
+import { ErrorCode, isDirectusError } from '@directus/errors';
 import express from 'express';
-import { ErrorCode } from '@directus/errors';
 import { respond } from '../middleware/respond.js';
 import useCollection from '../middleware/use-collection.js';
 import { validateBatch } from '../middleware/validate-batch.js';

package/dist/controllers/operations.js

@@ -1,6 +1,5 @@
+import { ErrorCode, isDirectusError } from '@directus/errors';
 import express from 'express';
-import { isDirectusError } from '@directus/errors';
-import { ErrorCode } from '@directus/errors';
 import { respond } from '../middleware/respond.js';
 import useCollection from '../middleware/use-collection.js';
 import { validateBatch } from '../middleware/validate-batch.js';

package/dist/controllers/panels.js

@@ -1,6 +1,5 @@
-import { isDirectusError } from '@directus/errors';
+import { ErrorCode, isDirectusError } from '@directus/errors';
 import express from 'express';
-import { ErrorCode } from '@directus/errors';
 import { respond } from '../middleware/respond.js';
 import useCollection from '../middleware/use-collection.js';
 import { validateBatch } from '../middleware/validate-batch.js';

package/dist/controllers/presets.js

@@ -1,6 +1,5 @@
-import { isDirectusError } from '@directus/errors';
+import { ErrorCode, isDirectusError } from '@directus/errors';
 import express from 'express';
-import { ErrorCode } from '@directus/errors';
 import { respond } from '../middleware/respond.js';
 import useCollection from '../middleware/use-collection.js';
 import { validateBatch } from '../middleware/validate-batch.js';

package/dist/controllers/roles.js

@@ -1,6 +1,5 @@
-import { isDirectusError } from '@directus/errors';
+import { ErrorCode, isDirectusError } from '@directus/errors';
 import express from 'express';
-import { ErrorCode } from '@directus/errors';
 import { respond } from '../middleware/respond.js';
 import useCollection from '../middleware/use-collection.js';
 import { validateBatch } from '../middleware/validate-batch.js';

package/dist/controllers/translations.js

@@ -1,6 +1,5 @@
-import { isDirectusError } from '@directus/errors';
+import { ErrorCode, isDirectusError } from '@directus/errors';
 import express from 'express';
-import { ErrorCode } from '@directus/errors';
 import { respond } from '../middleware/respond.js';
 import useCollection from '../middleware/use-collection.js';
 import { validateBatch } from '../middleware/validate-batch.js';

package/dist/controllers/users.js

@@ -1,7 +1,6 @@
-import { isDirectusError } from '@directus/errors';
+import { ErrorCode, ForbiddenError, InvalidCredentialsError, InvalidPayloadError, isDirectusError, } from '@directus/errors';
 import express from 'express';
 import Joi from 'joi';
-import { ErrorCode, ForbiddenError, InvalidCredentialsError, InvalidPayloadError } from '@directus/errors';
 import { respond } from '../middleware/respond.js';
 import useCollection from '../middleware/use-collection.js';
 import { validateBatch } from '../middleware/validate-batch.js';

package/dist/controllers/webhooks.js

@@ -1,6 +1,5 @@
-import { isDirectusError } from '@directus/errors';
+import { ErrorCode, createError } from '@directus/errors';
 import express from 'express';
-import { ErrorCode } from '@directus/errors';
 import { respond } from '../middleware/respond.js';
 import useCollection from '../middleware/use-collection.js';
 import { validateBatch } from '../middleware/validate-batch.js';
@@ -10,37 +9,9 @@ import asyncHandler from '../utils/async-handler.js';
 import { sanitizeQuery } from '../utils/sanitize-query.js';
 const router = express.Router();
 router.use(useCollection('directus_webhooks'));
-router.post('/', asyncHandler(async (req, res, next) => {
-    const service = new WebhooksService({
-        accountability: req.accountability,
-        schema: req.schema,
-    });
-    const savedKeys = [];
-    if (Array.isArray(req.body)) {
-        const keys = await service.createMany(req.body);
-        savedKeys.push(...keys);
-    }
-    else {
-        const key = await service.createOne(req.body);
-        savedKeys.push(key);
-    }
-    try {
-        if (Array.isArray(req.body)) {
-            const items = await service.readMany(savedKeys, req.sanitizedQuery);
-            res.locals['payload'] = { data: items };
-        }
-        else {
-            const item = await service.readOne(savedKeys[0], req.sanitizedQuery);
-            res.locals['payload'] = { data: item };
-        }
-    }
-    catch (error) {
-        if (isDirectusError(error, ErrorCode.Forbidden)) {
-            return next();
-        }
-        throw error;
-    }
-    return next();
+router.post('/', asyncHandler(async (_req, _res, _next) => {
+    // Disallow creation of new Webhooks as part of the deprecation, see https://github.com/directus/directus/issues/15553
+    throw new (createError(ErrorCode.MethodNotAllowed, 'Webhooks are deprecated, use Flows instead', 405))();
 }), respond);
 const readHandler = asyncHandler(async (req, res, next) => {
     const service = new WebhooksService({
@@ -67,48 +38,13 @@ router.get('/:pk', asyncHandler(async (req, res, next) => {
     res.locals['payload'] = { data: record || null };
     return next();
 }), respond);
-router.patch('/', validateBatch('update'), asyncHandler(async (req, res, next) => {
-    const service = new WebhooksService({
-        accountability: req.accountability,
-        schema: req.schema,
-    });
-    let keys = [];
-    if (req.body.keys) {
-        keys = await service.updateMany(req.body.keys, req.body.data);
-    }
-    else {
-        const sanitizedQuery = sanitizeQuery(req.body.query, req.accountability);
-        keys = await service.updateByQuery(sanitizedQuery, req.body.data);
-    }
-    try {
-        const result = await service.readMany(keys, req.sanitizedQuery);
-        res.locals['payload'] = { data: result };
-    }
-    catch (error) {
-        if (isDirectusError(error, ErrorCode.Forbidden)) {
-            return next();
-        }
-        throw error;
-    }
-    return next();
+router.patch('/', validateBatch('update'), asyncHandler(async (_req, _res, _next) => {
+    // Disallow patching of Webhooks as part of the deprecation, see https://github.com/directus/directus/issues/15553
+    throw new (createError(ErrorCode.MethodNotAllowed, 'Webhooks are deprecated, use Flows instead', 405))();
 }), respond);
-router.patch('/:pk', asyncHandler(async (req, res, next) => {
-    const service = new WebhooksService({
-        accountability: req.accountability,
-        schema: req.schema,
-    });
-    const primaryKey = await service.updateOne(req.params['pk'], req.body);
-    try {
-        const item = await service.readOne(primaryKey, req.sanitizedQuery);
-        res.locals['payload'] = { data: item || null };
-    }
-    catch (error) {
-        if (isDirectusError(error, ErrorCode.Forbidden)) {
-            return next();
-        }
-        throw error;
-    }
-    return next();
+router.patch('/:pk', asyncHandler(async (_req, _res, _next) => {
+    // Disallow patching of Webhooks as part of the deprecation, see https://github.com/directus/directus/issues/15553
+    throw new (createError(ErrorCode.MethodNotAllowed, 'Webhooks are deprecated, use Flows instead', 405))();
 }), respond);
 router.delete('/', asyncHandler(async (req, _res, next) => {
     const service = new WebhooksService({

package/dist/database/migrations/20240122A-add-report-url-fields.d.ts

@@ -0,0 +1,3 @@
+import type { Knex } from 'knex';
+export declare function up(knex: Knex): Promise<void>;
+export declare function down(knex: Knex): Promise<void>;

package/dist/database/migrations/20240122A-add-report-url-fields.js

@@ -0,0 +1,14 @@
+export async function up(knex) {
+    await knex.schema.alterTable('directus_settings', (table) => {
+        table.string('report_error_url').nullable();
+        table.string('report_bug_url').nullable();
+        table.string('report_feature_url').nullable();
+    });
+}
+export async function down(knex) {
+    await knex.schema.alterTable('directus_settings', (table) => {
+        table.dropColumn('report_error_url');
+        table.dropColumn('report_bug_url');
+        table.dropColumn('report_feature_url');
+    });
+}

package/dist/database/migrations/20240204A-marketplace.js

@@ -32,7 +32,7 @@ export async function up(knex) {
                 source = 'local';
             }
             await knex('directus_extensions').update({ id, source, folder: name }).where({ name });
-            idMap.set(name, id);
+            idMap.set(name, { id, source });
         }
     }
     for (const { name } of installedExtensions) {
@@ -44,16 +44,28 @@ export async function up(knex) {
             continue;
         const isScopedModuleBundleChild = name.startsWith('@') && splittedName.length > 2;
         const bundleParentName = isScopedModuleBundleParent || isScopedModuleBundleChild ? splittedName.slice(0, 2).join('/') : splittedName[0];
-        const bundleParentId = idMap.get(bundleParentName);
-        if (!bundleParentId)
+        const bundleParent = idMap.get(bundleParentName);
+        if (!bundleParent)
             continue;
         await knex('directus_extensions')
-            .update({ bundle: bundleParentId, folder: name.substring(bundleParentName.length + 1) })
+            .update({
+            bundle: bundleParent.id,
+            folder: name.substring(bundleParentName.length + 1),
+            source: bundleParent.source,
+        })
             .where({ folder: name });
     }
+    await knex.schema.alterTable('directus_extensions', (table) => {
+        table.uuid('id').alter().notNullable();
+    });
+    await knex.transaction(async (trx) => {
+        await trx.schema.alterTable('directus_extensions', (table) => {
+            table.dropPrimary();
+            table.primary(['id']);
+        });
+    });
     await knex.schema.alterTable('directus_extensions', (table) => {
         table.dropColumn('name');
-        table.uuid('id').alter().primary().notNullable();
         table.string('source').alter().notNullable();
         table.string('folder').alter().notNullable();
     });

package/dist/database/migrations/20240305A-change-useragent-type.d.ts

@@ -0,0 +1,3 @@
+import type { Knex } from 'knex';
+export declare function up(knex: Knex): Promise<void>;
+export declare function down(knex: Knex): Promise<void>;

package/dist/database/migrations/20240305A-change-useragent-type.js

@@ -0,0 +1,19 @@
+import { getHelpers } from '../helpers/index.js';
+export async function up(knex) {
+    const helper = getHelpers(knex).schema;
+    await Promise.all([
+        helper.changeToType('directus_activity', 'user_agent', 'text'),
+        helper.changeToType('directus_sessions', 'user_agent', 'text'),
+    ]);
+}
+export async function down(knex) {
+    const helper = await getHelpers(knex).schema;
+    const opts = {
+        nullable: false,
+        length: 255,
+    };
+    await Promise.all([
+        helper.changeToType('directus_activity', 'user_agent', 'string', opts),
+        helper.changeToType('directus_sessions', 'user_agent', 'string', opts),
+    ]);
+}

package/dist/database/migrations/20240311A-deprecate-webhooks.d.ts

@@ -0,0 +1,13 @@
+import type { Knex } from 'knex';
+/**
+ * 0. Identify and persist which webhooks were active before deprecation
+ * 1. Migrate existing webhooks over to identically behaving Flows
+ * 2. Disable existing webhooks
+ * 3. Dont drop webhooks yet
+ */
+export declare function up(knex: Knex): Promise<void>;
+/**
+ * Dont completely drop Webhooks yet.
+ * Lets preserve the data and drop them in the next release to be extra safe with users data.
+ */
+export declare function down(knex: Knex): Promise<void>;