npm - @directus/api - Versions diffs - 20.0.0-rc.0 → 20.0.0 - Mend

@directus/api 20.0.0-rc.0 → 20.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (291) hide show

package/dist/utils/merge-permissions.js ADDED Viewed

@@ -0,0 +1,95 @@
+import { flatten, intersection, isEqual, merge, omit } from 'lodash-es';
+export function mergePermissions(strategy, ...permissions) {
+    const allPermissions = flatten(permissions);
+    const mergedPermissions = allPermissions
+        .reduce((acc, val) => {
+        const key = `${val.collection}__${val.action}__${val.role || '$PUBLIC'}`;
+        const current = acc.get(key);
+        acc.set(key, current ? mergePermission(strategy, current, val) : val);
+        return acc;
+    }, new Map())
+        .values();
+    return Array.from(mergedPermissions);
+}
+export function mergePermission(strategy, currentPerm, newPerm) {
+    const logicalKey = `_${strategy}`;
+    let permissions = currentPerm.permissions;
+    let validation = currentPerm.validation;
+    let fields = currentPerm.fields;
+    let presets = currentPerm.presets;
+    if (newPerm.permissions) {
+        if (currentPerm.permissions && Object.keys(currentPerm.permissions)[0] === logicalKey) {
+            permissions = {
+                [logicalKey]: [
+                    ...currentPerm.permissions[logicalKey],
+                    newPerm.permissions,
+                ],
+            };
+        }
+        else if (currentPerm.permissions) {
+            // Empty {} supersedes other permissions in _OR merge
+            if (strategy === 'or' && (isEqual(currentPerm.permissions, {}) || isEqual(newPerm.permissions, {}))) {
+                permissions = {};
+            }
+            else {
+                permissions = {
+                    [logicalKey]: [currentPerm.permissions, newPerm.permissions],
+                };
+            }
+        }
+        else {
+            permissions = {
+                [logicalKey]: [newPerm.permissions],
+            };
+        }
+    }
+    if (newPerm.validation) {
+        if (currentPerm.validation && Object.keys(currentPerm.validation)[0] === logicalKey) {
+            validation = {
+                [logicalKey]: [
+                    ...currentPerm.validation[logicalKey],
+                    newPerm.validation,
+                ],
+            };
+        }
+        else if (currentPerm.validation) {
+            // Empty {} supersedes other validations in _OR merge
+            if (strategy === 'or' && (isEqual(currentPerm.validation, {}) || isEqual(newPerm.validation, {}))) {
+                validation = {};
+            }
+            else {
+                validation = {
+                    [logicalKey]: [currentPerm.validation, newPerm.validation],
+                };
+            }
+        }
+        else {
+            validation = {
+                [logicalKey]: [newPerm.validation],
+            };
+        }
+    }
+    if (newPerm.fields) {
+        if (Array.isArray(currentPerm.fields) && strategy === 'or') {
+            fields = [...new Set([...currentPerm.fields, ...newPerm.fields])];
+        }
+        else if (Array.isArray(currentPerm.fields) && strategy === 'and') {
+            fields = intersection(currentPerm.fields, newPerm.fields);
+        }
+        else {
+            fields = newPerm.fields;
+        }
+        if (fields.includes('*'))
+            fields = ['*'];
+    }
+    if (newPerm.presets) {
+        presets = merge({}, presets, newPerm.presets);
+    }
+    return omit({
+        ...currentPerm,
+        permissions,
+        validation,
+        fields,
+        presets,
+    }, ['id', 'system']);
+}

package/dist/utils/reduce-schema.d.ts CHANGED Viewed

@@ -1,7 +1,9 @@
-import type { SchemaOverview } from '@directus/types';
-import type { FieldMap } from '../permissions/modules/fetch-allowed-field-map/fetch-allowed-field-map.js';
+import type { Permission, PermissionsAction, SchemaOverview } from '@directus/types';
 /**
  * Reduces the schema based on the included permissions. The resulting object is the schema structure, but with only
- * the allowed collections/fields/relations included based on the passed field map.
+ * the allowed collections/fields/relations included based on the permissions.
+ * @param schema The full project schema
+ * @param actions Array of permissions actions (crud)
+ * @returns Reduced schema
  */
-export declare function reduceSchema(schema: SchemaOverview, fieldMap: FieldMap): SchemaOverview;
+export declare function reduceSchema(schema: SchemaOverview, permissions: Permission[] | null, actions?: PermissionsAction[]): SchemaOverview;

package/dist/utils/reduce-schema.js CHANGED Viewed

@@ -1,20 +1,40 @@
+import { uniq } from 'lodash-es';
 /**
  * Reduces the schema based on the included permissions. The resulting object is the schema structure, but with only
- * the allowed collections/fields/relations included based on the passed field map.
+ * the allowed collections/fields/relations included based on the permissions.
+ * @param schema The full project schema
+ * @param actions Array of permissions actions (crud)
+ * @returns Reduced schema
  */
-export function reduceSchema(schema, fieldMap) {
+export function reduceSchema(schema, permissions, actions = ['create', 'read', 'update', 'delete']) {
     const reduced = {
         collections: {},
         relations: [],
     };
+    const allowedFieldsInCollection = permissions
+        ?.filter((permission) => actions.includes(permission.action))
+        .reduce((acc, permission) => {
+        if (!acc[permission.collection]) {
+            acc[permission.collection] = [];
+        }
+        if (permission.fields) {
+            acc[permission.collection] = uniq([...acc[permission.collection], ...permission.fields]);
+        }
+        return acc;
+    }, {}) ?? {};
     for (const [collectionName, collection] of Object.entries(schema.collections)) {
+        if (!permissions?.some((permission) => permission.collection === collectionName && actions.includes(permission.action))) {
+            continue;
+        }
         const fields = {};
         for (const [fieldName, field] of Object.entries(schema.collections[collectionName].fields)) {
-            if (!fieldMap[collectionName]?.includes('*') && !fieldMap[collectionName]?.includes(fieldName)) {
+            if (!allowedFieldsInCollection[collectionName]?.includes('*') &&
+                !allowedFieldsInCollection[collectionName]?.includes(fieldName)) {
                 continue;
             }
             const o2mRelation = schema.relations.find((relation) => relation.related_collection === collectionName && relation.meta?.one_field === fieldName);
-            if (o2mRelation && !fieldMap[collectionName]) {
+            if (o2mRelation &&
+                !permissions?.some((permission) => permission.collection === o2mRelation.collection && actions.includes(permission.action))) {
                 continue;
             }
             fields[fieldName] = field;
@@ -27,29 +47,29 @@ export function reduceSchema(schema, fieldMap) {
     reduced.relations = schema.relations.filter((relation) => {
         let collectionsAllowed = true;
         let fieldsAllowed = true;
-        if (Object.keys(fieldMap).includes(relation.collection) === false) {
+        if (Object.keys(allowedFieldsInCollection).includes(relation.collection) === false) {
             collectionsAllowed = false;
         }
         if (relation.related_collection &&
-            (Object.keys(fieldMap).includes(relation.related_collection) === false ||
+            (Object.keys(allowedFieldsInCollection).includes(relation.related_collection) === false ||
                 // Ignore legacy permissions with an empty fields array
-                fieldMap[relation.related_collection]?.length === 0)) {
+                allowedFieldsInCollection[relation.related_collection]?.length === 0)) {
             collectionsAllowed = false;
         }
         if (relation.meta?.one_allowed_collections &&
-            relation.meta.one_allowed_collections.every((collection) => Object.keys(fieldMap).includes(collection)) === false) {
+            relation.meta.one_allowed_collections.every((collection) => Object.keys(allowedFieldsInCollection).includes(collection)) === false) {
             collectionsAllowed = false;
         }
-        if (!fieldMap[relation.collection] ||
-            (fieldMap[relation.collection]?.includes('*') === false &&
-                fieldMap[relation.collection]?.includes(relation.field) === false)) {
+        if (!allowedFieldsInCollection[relation.collection] ||
+            (allowedFieldsInCollection[relation.collection]?.includes('*') === false &&
+                allowedFieldsInCollection[relation.collection]?.includes(relation.field) === false)) {
             fieldsAllowed = false;
         }
         if (relation.related_collection &&
             relation.meta?.one_field &&
-            (!fieldMap[relation.related_collection] ||
-                (fieldMap[relation.related_collection]?.includes('*') === false &&
-                    fieldMap[relation.related_collection]?.includes(relation.meta?.one_field) === false))) {
+            (!allowedFieldsInCollection[relation.related_collection] ||
+                (allowedFieldsInCollection[relation.related_collection]?.includes('*') === false &&
+                    allowedFieldsInCollection[relation.related_collection]?.includes(relation.meta?.one_field) === false))) {
             fieldsAllowed = false;
         }
         return collectionsAllowed && fieldsAllowed;

package/dist/utils/verify-session-jwt.js CHANGED Viewed

@@ -12,7 +12,8 @@ export async function verifySessionJWT(payload) {
         .from('directus_sessions')
         .where({
         token: payload['session'],
-        user: payload['id'],
+        user: payload['id'] || null,
+        share: payload['share'] || null,
     })
         .andWhere('expires', '>=', new Date())
         .first();

package/dist/websocket/authenticate.d.ts CHANGED Viewed

@@ -1,4 +1,6 @@
+import type { Accountability } from '@directus/types';
 import type { BasicAuthMessage } from './messages.js';
 import type { AuthenticationState } from './types.js';
 export declare function authenticateConnection(message: BasicAuthMessage & Record<string, any>): Promise<AuthenticationState>;
+export declare function refreshAccountability(accountability: Accountability | null | undefined): Promise<Accountability>;
 export declare function authenticationSuccess(uid?: string | number, refresh_token?: string): string;

package/dist/websocket/authenticate.js CHANGED Viewed

@@ -1,6 +1,7 @@
 import { DEFAULT_AUTH_PROVIDER } from '../constants.js';
 import { AuthenticationService } from '../services/index.js';
 import { getAccountabilityForToken } from '../utils/get-accountability-for-token.js';
+import { getPermissions } from '../utils/get-permissions.js';
 import { getSchema } from '../utils/get-schema.js';
 import { WebSocketError } from './errors.js';
 import { getExpiresAtForToken } from './utils/get-expires-at-for-token.js';
@@ -32,6 +33,17 @@ export async function authenticateConnection(message) {
         throw new WebSocketError('auth', 'AUTH_FAILED', 'Authentication failed.', message['uid']);
     }
 }
+export async function refreshAccountability(accountability) {
+    accountability = accountability ?? {
+        role: null,
+        user: null,
+        admin: false,
+        app: false,
+    };
+    const schema = await getSchema();
+    const permissions = await getPermissions(accountability, schema);
+    return { ...accountability, permissions };
+}
 export function authenticationSuccess(uid, refresh_token) {
     const message = {
         type: 'auth',

package/dist/websocket/controllers/graphql.js CHANGED Viewed

@@ -4,7 +4,7 @@ import { useLogger } from '../../logger.js';
 import { bindPubSub } from '../../services/graphql/subscription.js';
 import { GraphQLService } from '../../services/index.js';
 import { getSchema } from '../../utils/get-schema.js';
-import { authenticateConnection } from '../authenticate.js';
+import { authenticateConnection, refreshAccountability } from '../authenticate.js';
 import { handleWebSocketError } from '../errors.js';
 import { ConnectionParams, WebSocketMessage } from '../messages.js';
 import { getMessageType } from '../utils/message.js';
@@ -64,6 +64,9 @@ export class GraphQLSubscriptionController extends SocketController {
                             client.close(CloseCode.Forbidden, 'Forbidden');
                             return;
                         }
+                        else {
+                            client.accountability = await refreshAccountability(client.accountability);
+                        }
                         await cb(JSON.stringify(message));
                     }
                     catch (error) {

package/dist/websocket/controllers/hooks.js CHANGED Viewed

@@ -7,23 +7,19 @@ export function registerWebSocketEvents() {
     actionsRegistered = true;
     registerActionHooks([
         'items',
-        'access',
         'activity',
         'collections',
         'dashboards',
-        'flows',
         'folders',
         'notifications',
         'operations',
         'panels',
         'permissions',
-        'policies',
         'presets',
         'revisions',
         'roles',
         'settings',
         'shares',
-        'translations',
         'users',
         'versions',
         'webhooks',

package/dist/websocket/controllers/rest.js CHANGED Viewed

@@ -2,6 +2,7 @@ import { useEnv } from '@directus/env';
 import { parseJSON } from '@directus/utils';
 import emitter from '../../emitter.js';
 import { useLogger } from '../../logger.js';
+import { refreshAccountability } from '../authenticate.js';
 import { WebSocketError, handleWebSocketError } from '../errors.js';
 import { WebSocketMessage } from '../messages.js';
 import SocketController from './base.js';
@@ -19,6 +20,7 @@ export class WebSocketController extends SocketController {
         client.on('parsed-message', async (message) => {
             try {
                 message = WebSocketMessage.parse(await emitter.emitFilter('websocket.message', message, { client }));
+                client.accountability = await refreshAccountability(client.accountability);
                 emitter.emitAction('websocket.message', { message, client });
             }
             catch (error) {

package/dist/websocket/handlers/subscribe.js CHANGED Viewed

@@ -4,6 +4,7 @@ import { useBus } from '../../bus/index.js';
 import emitter from '../../emitter.js';
 import { getSchema } from '../../utils/get-schema.js';
 import { sanitizeQuery } from '../../utils/sanitize-query.js';
+import { refreshAccountability } from '../authenticate.js';
 import { WebSocketError, handleWebSocketError } from '../errors.js';
 import { WebSocketSubscribeMessage } from '../messages.js';
 import { getPayload } from '../utils/items.js';
@@ -111,6 +112,7 @@ export class SubscribeHandler {
                     continue;
             }
             try {
+                client.accountability = await refreshAccountability(client.accountability);
                 const result = await getPayload(subscription, client.accountability, schema, event);
                 if (Array.isArray(result?.['data']) && result?.['data']?.length === 0)
                     continue;

package/dist/websocket/utils/items.d.ts CHANGED Viewed

@@ -39,5 +39,5 @@ export declare function getFieldsPayload(subscription: PSubscription, accountabi
  * @param event Event data
  * @returns the fetched data
  */
-export declare function getItemsPayload(subscription: PSubscription, accountability: Accountability | null, schema: SchemaOverview, event?: WebSocketEvent): Promise<string | number | (string | number)[] | import("@directus/types").Item | import("@directus/types").Item[]>;
+export declare function getItemsPayload(subscription: PSubscription, accountability: Accountability | null, schema: SchemaOverview, event?: WebSocketEvent): Promise<string | number | import("@directus/types").Item | (string | number)[] | import("@directus/types").Item[]>;
 export {};

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@directus/api",
-  "version": "20.0.0-rc.0",
+  "version": "20.0.0",
   "description": "Directus is a real-time API and App dashboard for managing SQL database content",
   "keywords": [
     "directus",
@@ -59,11 +59,14 @@
   ],
   "dependencies": {
     "@authenio/samlify-node-xmllint": "2.0.0",
-    "@aws-sdk/client-ses": "3.568.0",
+    "@aws-sdk/client-ses": "3.600.0",
     "@godaddy/terminus": "4.12.1",
     "@rollup/plugin-alias": "5.1.0",
     "@rollup/plugin-node-resolve": "15.2.3",
     "@rollup/plugin-virtual": "3.0.2",
+    "@tus/file-store": "1.3.3",
+    "@tus/server": "1.6.0",
+    "@tus/utils": "0.2.0",
     "@types/cookie": "0.6.0",
     "argon2": "0.40.3",
     "async": "3.2.5",
@@ -91,7 +94,7 @@
     "flat": "6.0.1",
     "fs-extra": "11.2.0",
     "glob-to-regexp": "0.4.1",
-    "graphql": "16.8.2",
+    "graphql": "16.9.0",
     "graphql-compose": "9.0.11",
     "graphql-ws": "5.16.0",
     "helmet": "7.1.0",
@@ -100,7 +103,7 @@
     "ioredis": "5.4.1",
     "ip-matching": "2.1.2",
     "isolated-vm": "4.7.2",
-    "joi": "17.13.1",
+    "joi": "17.13.3",
     "js-yaml": "4.1.0",
     "js2xmlparser": "5.0.0",
     "json2csv": "5.0.7",
@@ -108,7 +111,7 @@
     "keyv": "4.5.4",
     "knex": "3.1.0",
     "ldapjs": "2.3.3",
-    "liquidjs": "10.13.1",
+    "liquidjs": "10.14.0",
     "lodash-es": "4.17.21",
     "marked": "12.0.2",
     "micromustache": "8.0.3",
@@ -140,35 +143,35 @@
     "sharp": "0.33.4",
     "snappy": "7.2.2",
     "stream-json": "1.8.0",
-    "tar": "7.2.0",
+    "tar": "7.4.0",
     "tsx": "4.12.0",
     "wellknown": "0.5.0",
-    "ws": "8.17.0",
+    "ws": "8.17.1",
     "zod": "3.23.8",
     "zod-validation-error": "3.3.0",
-    "@directus/app": "13.0.0-rc.0",
-    "@directus/constants": "11.1.0-rc.0",
-    "@directus/env": "1.1.7-rc.0",
-    "@directus/errors": "0.4.0-rc.0",
-    "@directus/extensions-registry": "1.0.9-rc.0",
-    "@directus/extensions-sdk": "11.0.9-rc.0",
+    "@directus/app": "12.2.0",
+    "@directus/constants": "11.0.4",
+    "@directus/extensions": "1.0.9",
+    "@directus/errors": "0.3.3",
+    "@directus/env": "1.2.0",
+    "@directus/extensions-registry": "1.0.9",
+    "@directus/extensions-sdk": "11.0.9",
     "@directus/format-title": "10.1.2",
-    "@directus/extensions": "2.0.0-rc.0",
-    "@directus/memory": "1.1.0-rc.0",
-    "@directus/pressure": "1.0.21-rc.0",
-    "@directus/specs": "10.2.10",
+    "@directus/memory": "1.0.10",
+    "@directus/pressure": "1.0.21",
     "@directus/schema": "11.0.3",
-    "@directus/storage": "10.0.13",
-    "@directus/storage-driver-azure": "10.0.23-rc.0",
-    "@directus/storage-driver-cloudinary": "10.0.23-rc.0",
-    "@directus/storage-driver-gcs": "10.0.24-rc.0",
-    "@directus/storage-driver-local": "10.0.20",
-    "@directus/storage-driver-supabase": "1.0.15-rc.0",
-    "@directus/storage-driver-s3": "10.0.24-rc.0",
-    "@directus/utils": "12.0.0-rc.0",
-    "@directus/system-data": "2.0.0-rc.0",
-    "@directus/validation": "0.0.18-rc.0",
-    "directus": "11.0.0-rc.1"
+    "@directus/specs": "10.2.10",
+    "@directus/storage-driver-azure": "10.0.23",
+    "@directus/storage-driver-cloudinary": "10.0.23",
+    "@directus/storage-driver-gcs": "10.0.24",
+    "@directus/storage": "10.1.0",
+    "@directus/storage-driver-local": "10.1.0",
+    "@directus/storage-driver-s3": "10.1.0",
+    "@directus/system-data": "1.1.0",
+    "@directus/storage-driver-supabase": "1.0.15",
+    "@directus/utils": "11.0.10",
+    "@directus/validation": "0.0.18",
+    "directus": "10.13.0"
   },
   "devDependencies": {
     "@ngneat/falso": "7.2.0",
@@ -211,15 +214,15 @@
     "vitest": "1.5.3",
     "@directus/random": "0.2.8",
     "@directus/tsconfig": "1.0.1",
-    "@directus/types": "12.0.0-rc.0"
+    "@directus/types": "11.2.0"
   },
   "optionalDependencies": {
     "@keyv/redis": "2.8.4",
-    "mysql2": "3.10.0",
+    "mysql": "2.18.1",
     "nodemailer-mailgun-transport": "2.1.5",
     "nodemailer-sendgrid": "1.0.3",
     "oracledb": "6.5.1",
-    "pg": "8.11.5",
+    "pg": "8.12.0",
     "sqlite3": "5.1.7",
     "tedious": "18.2.0"
   },
@@ -230,7 +233,6 @@
     "build": "tsc --project tsconfig.prod.json && copyfiles \"src/**/*.{yaml,liquid}\" -u 1 dist",
     "cli": "NODE_ENV=development SERVE_APP=false tsx src/cli/run.ts",
     "dev": "NODE_ENV=development SERVE_APP=true tsx watch --ignore extensions --clear-screen=false src/start.ts",
-    "test": "vitest run",
-    "test:watch": "vitest"
+    "test": "vitest --watch=false"
   }
 }

package/dist/controllers/access.js DELETED Viewed

@@ -1,148 +0,0 @@
-import { ErrorCode, isDirectusError } from '@directus/errors';
-import express from 'express';
-import { respond } from '../middleware/respond.js';
-import useCollection from '../middleware/use-collection.js';
-import { validateBatch } from '../middleware/validate-batch.js';
-import { MetaService } from '../services/meta.js';
-import { AccessService } from '../services/access.js';
-import asyncHandler from '../utils/async-handler.js';
-import { sanitizeQuery } from '../utils/sanitize-query.js';
-const router = express.Router();
-router.use(useCollection('directus_access'));
-router.post('/', asyncHandler(async (req, res, next) => {
-    const service = new AccessService({
-        accountability: req.accountability,
-        schema: req.schema,
-    });
-    const savedKeys = [];
-    if (Array.isArray(req.body)) {
-        const keys = await service.createMany(req.body);
-        savedKeys.push(...keys);
-    }
-    else {
-        const key = await service.createOne(req.body);
-        savedKeys.push(key);
-    }
-    try {
-        if (Array.isArray(req.body)) {
-            const items = await service.readMany(savedKeys, req.sanitizedQuery);
-            res.locals['payload'] = { data: items };
-        }
-        else {
-            const item = await service.readOne(savedKeys[0], req.sanitizedQuery);
-            res.locals['payload'] = { data: item };
-        }
-    }
-    catch (error) {
-        if (isDirectusError(error, ErrorCode.Forbidden)) {
-            return next();
-        }
-        throw error;
-    }
-    return next();
-}), respond);
-const readHandler = asyncHandler(async (req, res, next) => {
-    const service = new AccessService({
-        accountability: req.accountability,
-        schema: req.schema,
-    });
-    const metaService = new MetaService({
-        accountability: req.accountability,
-        schema: req.schema,
-    });
-    let result;
-    if (req.body.keys) {
-        result = await service.readMany(req.body.keys, req.sanitizedQuery);
-    }
-    else {
-        result = await service.readByQuery(req.sanitizedQuery);
-    }
-    const meta = await metaService.getMetaForQuery('directus_access', req.sanitizedQuery);
-    res.locals['payload'] = { data: result, meta };
-    return next();
-});
-router.get('/', validateBatch('read'), readHandler, respond);
-router.search('/', validateBatch('read'), readHandler, respond);
-router.get('/:pk', asyncHandler(async (req, res, next) => {
-    if (req.path.endsWith('me'))
-        return next();
-    const service = new AccessService({
-        accountability: req.accountability,
-        schema: req.schema,
-    });
-    const record = await service.readOne(req.params['pk'], req.sanitizedQuery);
-    res.locals['payload'] = { data: record };
-    return next();
-}), respond);
-router.patch('/', validateBatch('update'), asyncHandler(async (req, res, next) => {
-    const service = new AccessService({
-        accountability: req.accountability,
-        schema: req.schema,
-    });
-    let keys = [];
-    if (Array.isArray(req.body)) {
-        keys = await service.updateBatch(req.body);
-    }
-    else if (req.body.keys) {
-        keys = await service.updateMany(req.body.keys, req.body.data);
-    }
-    else {
-        const sanitizedQuery = sanitizeQuery(req.body.query, req.accountability);
-        keys = await service.updateByQuery(sanitizedQuery, req.body.data);
-    }
-    try {
-        const result = await service.readMany(keys, req.sanitizedQuery);
-        res.locals['payload'] = { data: result };
-    }
-    catch (error) {
-        if (isDirectusError(error, ErrorCode.Forbidden)) {
-            return next();
-        }
-        throw error;
-    }
-    return next();
-}), respond);
-router.patch('/:pk', asyncHandler(async (req, res, next) => {
-    const service = new AccessService({
-        accountability: req.accountability,
-        schema: req.schema,
-    });
-    const primaryKey = await service.updateOne(req.params['pk'], req.body);
-    try {
-        const item = await service.readOne(primaryKey, req.sanitizedQuery);
-        res.locals['payload'] = { data: item || null };
-    }
-    catch (error) {
-        if (isDirectusError(error, ErrorCode.Forbidden)) {
-            return next();
-        }
-        throw error;
-    }
-    return next();
-}), respond);
-router.delete('/', validateBatch('delete'), asyncHandler(async (req, _res, next) => {
-    const service = new AccessService({
-        accountability: req.accountability,
-        schema: req.schema,
-    });
-    if (Array.isArray(req.body)) {
-        await service.deleteMany(req.body);
-    }
-    else if (req.body.keys) {
-        await service.deleteMany(req.body.keys);
-    }
-    else {
-        const sanitizedQuery = sanitizeQuery(req.body.query, req.accountability);
-        await service.deleteByQuery(sanitizedQuery);
-    }
-    return next();
-}), respond);
-router.delete('/:pk', asyncHandler(async (req, _res, next) => {
-    const service = new AccessService({
-        accountability: req.accountability,
-        schema: req.schema,
-    });
-    await service.deleteOne(req.params['pk']);
-    return next();
-}), respond);
-export default router;

package/dist/controllers/policies.d.ts DELETED Viewed

	@@ -1,2 +0,0 @@
1	- declare const router: import("express-serve-static-core").Router;
2	- export default router;