npm - @directus/api - Versions diffs - 20.0.0-rc.0 → 20.0.0 - Mend

@directus/api 20.0.0-rc.0 → 20.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (291) hide show

package/dist/services/files/lib/extract-metadata.js ADDED Viewed

@@ -0,0 +1,32 @@
+import { SUPPORTED_IMAGE_METADATA_FORMATS } from '../../../constants.js';
+import { getStorage } from '../../../storage/index.js';
+import { getMetadata } from '../utils/get-metadata.js';
+export async function extractMetadata(storageLocation, data) {
+    const storage = await getStorage();
+    const fileMeta = {};
+    if (data.type && SUPPORTED_IMAGE_METADATA_FORMATS.includes(data.type)) {
+        const stream = await storage.location(storageLocation).read(data.filename_disk);
+        const { height, width, description, title, tags, metadata } = await getMetadata(stream);
+        // Note that if this is a replace file upload, the below properties are fetched and included in the data above
+        // in the `existingFile` variable... so this will ONLY set the values if they're not already set
+        if (!data.height && height) {
+            fileMeta.height = height;
+        }
+        if (!data.width && width) {
+            fileMeta.width = width;
+        }
+        if (!data.metadata && metadata) {
+            fileMeta.metadata = metadata;
+        }
+        if (!data.description && description) {
+            fileMeta.description = description;
+        }
+        if (!data.title && title) {
+            fileMeta.title = title;
+        }
+        if (!data.tags && tags) {
+            fileMeta.tags = tags;
+        }
+    }
+    return fileMeta;
+}

package/dist/services/files/utils/get-metadata.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+/// <reference types="node" resolution-mode="require"/>
+import type { File } from '@directus/types';
+import type { Readable } from 'node:stream';
+export type Metadata = Partial<Pick<File, 'height' | 'width' | 'description' | 'title' | 'tags' | 'metadata'>>;
+export declare function getMetadata(stream: Readable, allowList?: string | string[]): Promise<Metadata>;

package/dist/services/files/utils/get-metadata.js ADDED Viewed

@@ -0,0 +1,107 @@
+import exif, {} from 'exif-reader';
+import { parse as parseIcc } from 'icc';
+import { pick } from 'lodash-es';
+import { pipeline } from 'node:stream/promises';
+import sharp from 'sharp';
+import { useEnv } from '@directus/env';
+import { useLogger } from '../../../logger.js';
+import { parseIptc, parseXmp } from './parse-image-metadata.js';
+const env = useEnv();
+const logger = useLogger();
+export async function getMetadata(stream, allowList = env['FILE_METADATA_ALLOW_LIST']) {
+    return new Promise((resolve, reject) => {
+        pipeline(stream, sharp().metadata(async (err, sharpMetadata) => {
+            if (err) {
+                reject(err);
+                return;
+            }
+            const metadata = {};
+            if (sharpMetadata.orientation && sharpMetadata.orientation >= 5) {
+                metadata.height = sharpMetadata.width ?? null;
+                metadata.width = sharpMetadata.height ?? null;
+            }
+            else {
+                metadata.width = sharpMetadata.width ?? null;
+                metadata.height = sharpMetadata.height ?? null;
+            }
+            // Backward-compatible layout as it used to be with 'exifr'
+            const fullMetadata = {};
+            if (sharpMetadata.exif) {
+                try {
+                    const { Image, ThumbnailTags, Iop, GPSInfo, Photo } = exif(sharpMetadata.exif);
+                    if (Image) {
+                        fullMetadata.ifd0 = Image;
+                    }
+                    if (ThumbnailTags) {
+                        fullMetadata.ifd1 = ThumbnailTags;
+                    }
+                    if (Iop) {
+                        fullMetadata.interop = Iop;
+                    }
+                    if (GPSInfo) {
+                        fullMetadata.gps = GPSInfo;
+                    }
+                    if (Photo) {
+                        fullMetadata.exif = Photo;
+                    }
+                }
+                catch (err) {
+                    logger.warn(`Couldn't extract Exif metadata from file`);
+                    logger.warn(err);
+                }
+            }
+            if (sharpMetadata.icc) {
+                try {
+                    fullMetadata.icc = parseIcc(sharpMetadata.icc);
+                }
+                catch (err) {
+                    logger.warn(`Couldn't extract ICC profile data from file`);
+                    logger.warn(err);
+                }
+            }
+            if (sharpMetadata.iptc) {
+                try {
+                    fullMetadata.iptc = parseIptc(sharpMetadata.iptc);
+                }
+                catch (err) {
+                    logger.warn(`Couldn't extract IPTC Photo Metadata from file`);
+                    logger.warn(err);
+                }
+            }
+            if (sharpMetadata.xmp) {
+                try {
+                    fullMetadata.xmp = parseXmp(sharpMetadata.xmp);
+                }
+                catch (err) {
+                    logger.warn(`Couldn't extract XMP data from file`);
+                    logger.warn(err);
+                }
+            }
+            if (fullMetadata?.iptc?.['Caption'] && typeof fullMetadata.iptc['Caption'] === 'string') {
+                metadata.description = fullMetadata.iptc?.['Caption'];
+            }
+            if (fullMetadata?.iptc?.['Headline'] && typeof fullMetadata.iptc['Headline'] === 'string') {
+                metadata.title = fullMetadata.iptc['Headline'];
+            }
+            if (fullMetadata?.iptc?.['Keywords']) {
+                metadata.tags = fullMetadata.iptc['Keywords'];
+            }
+            if (allowList === '*' || allowList?.[0] === '*') {
+                metadata.metadata = fullMetadata;
+            }
+            else {
+                metadata.metadata = pick(fullMetadata, allowList);
+            }
+            // Fix (incorrectly parsed?) values starting / ending with spaces,
+            // limited to one level and string values only
+            for (const section of Object.keys(metadata.metadata)) {
+                for (const [key, value] of Object.entries(metadata.metadata[section])) {
+                    if (typeof value === 'string') {
+                        metadata.metadata[section][key] = value.trim();
+                    }
+                }
+            }
+            resolve(metadata);
+        }));
+    });
+}

package/dist/services/files.d.ts CHANGED Viewed

@@ -1,10 +1,9 @@
 /// <reference types="node" resolution-mode="require"/>
-import type { BusboyFileStream, File, PrimaryKey } from '@directus/types';
+import type { BusboyFileStream, File, PrimaryKey, Query } from '@directus/types';
 import type { Readable } from 'node:stream';
 import type { AbstractServiceOptions, MutationOptions } from '../types/index.js';
-import { ItemsService } from './items.js';
-type Metadata = Partial<Pick<File, 'height' | 'width' | 'description' | 'title' | 'tags' | 'metadata'>>;
-export declare class FilesService extends ItemsService {
+import { ItemsService, type QueryOptions } from './items.js';
+export declare class FilesService extends ItemsService<File> {
     constructor(options: AbstractServiceOptions);
     /**
      * Upload a single new file to the configured storage adapter
@@ -15,7 +14,6 @@ export declare class FilesService extends ItemsService {
     /**
      * Extract metadata from a buffer's content
      */
-    getMetadata(stream: Readable, allowList?: string | string[]): Promise<Metadata>;
     /**
      * Import a single file from an external URL
      */
@@ -29,5 +27,5 @@ export declare class FilesService extends ItemsService {
      * Delete multiple files
      */
     deleteMany(keys: PrimaryKey[]): Promise<PrimaryKey[]>;
+    readByQuery(query: Query, opts?: QueryOptions | undefined): Promise<File[]>;
 }
-export {};

package/dist/services/files.js CHANGED Viewed

@@ -3,23 +3,17 @@ import { ContentTooLargeError, ForbiddenError, InvalidPayloadError, ServiceUnava
 import formatTitle from '@directus/format-title';
 import { toArray } from '@directus/utils';
 import encodeURL from 'encodeurl';
-import exif, {} from 'exif-reader';
-import { parse as parseIcc } from 'icc';
-import { clone, pick } from 'lodash-es';
+import { clone, cloneDeep } from 'lodash-es';
 import { extension } from 'mime-types';
 import { PassThrough as PassThroughStream, Transform as TransformStream } from 'node:stream';
-import { pipeline } from 'node:stream/promises';
 import zlib from 'node:zlib';
 import path from 'path';
-import sharp from 'sharp';
 import url from 'url';
-import { SUPPORTED_IMAGE_METADATA_FORMATS } from '../constants.js';
 import emitter from '../emitter.js';
 import { useLogger } from '../logger.js';
-import { validateAccess } from '../permissions/modules/validate-access/validate-access.js';
 import { getAxios } from '../request/index.js';
 import { getStorage } from '../storage/index.js';
-import { parseIptc, parseXmp } from '../utils/parse-image-metadata.js';
+import { extractMetadata } from './files/lib/extract-metadata.js';
 import { ItemsService } from './items.js';
 const env = useEnv();
 const logger = useLogger();
@@ -61,7 +55,7 @@ export class FilesService extends ItemsService {
         }
         const fileExtension = path.extname(payload.filename_download) || (payload.type && '.' + extension(payload.type)) || '';
         // The filename_disk is the FINAL filename on disk
-        payload.filename_disk = primaryKey + (fileExtension || '');
+        payload.filename_disk ||= primaryKey + (fileExtension || '');
         // Temp filename is used for replacements
         const tempFilenameDisk = 'temp_' + payload.filename_disk;
         if (!payload.type) {
@@ -129,37 +123,14 @@ export class FilesService extends ItemsService {
         }
         const { size } = await storage.location(data.storage).stat(payload.filename_disk);
         payload.filesize = size;
-        if (SUPPORTED_IMAGE_METADATA_FORMATS.includes(payload.type)) {
-            const stream = await storage.location(data.storage).read(payload.filename_disk);
-            const { height, width, description, title, tags, metadata } = await this.getMetadata(stream);
-            if (!payload.height && height) {
-                payload.height = height;
-            }
-            if (!payload.width && width) {
-                payload.width = width;
-            }
-            if (!payload.metadata && metadata) {
-                payload.metadata = metadata;
-            }
-            // Note that if this is a replace file upload, the below properties are fetched and included in the payload above
-            // in the `existingFile` variable... so this will ONLY set the values if they're not already set
-            if (!payload.description && description) {
-                payload.description = description;
-            }
-            if (!payload.title && title) {
-                payload.title = title;
-            }
-            if (!payload.tags && tags) {
-                payload.tags = tags;
-            }
-        }
+        const metadata = await extractMetadata(data.storage, payload);
         // We do this in a service without accountability. Even if you don't have update permissions to the file,
         // we still want to be able to set the extracted values from the file on create
         const sudoService = new ItemsService('directus_files', {
             knex: this.knex,
             schema: this.schema,
         });
-        await sudoService.updateOne(primaryKey, payload, { emitEvents: false });
+        await sudoService.updateOne(primaryKey, { ...payload, ...metadata }, { emitEvents: false });
         if (opts?.emitEvents !== false) {
             emitter.emitAction('files.upload', {
                 payload,
@@ -176,116 +147,13 @@ export class FilesService extends ItemsService {
     /**
      * Extract metadata from a buffer's content
      */
-    async getMetadata(stream, allowList = env['FILE_METADATA_ALLOW_LIST']) {
-        return new Promise((resolve, reject) => {
-            pipeline(stream, sharp().metadata(async (err, sharpMetadata) => {
-                if (err) {
-                    reject(err);
-                    return;
-                }
-                const metadata = {};
-                if (sharpMetadata.orientation && sharpMetadata.orientation >= 5) {
-                    metadata.height = sharpMetadata.width ?? null;
-                    metadata.width = sharpMetadata.height ?? null;
-                }
-                else {
-                    metadata.width = sharpMetadata.width ?? null;
-                    metadata.height = sharpMetadata.height ?? null;
-                }
-                // Backward-compatible layout as it used to be with 'exifr'
-                const fullMetadata = {};
-                if (sharpMetadata.exif) {
-                    try {
-                        const { Image, ThumbnailTags, Iop, GPSInfo, Photo } = exif(sharpMetadata.exif);
-                        if (Image) {
-                            fullMetadata.ifd0 = Image;
-                        }
-                        if (ThumbnailTags) {
-                            fullMetadata.ifd1 = ThumbnailTags;
-                        }
-                        if (Iop) {
-                            fullMetadata.interop = Iop;
-                        }
-                        if (GPSInfo) {
-                            fullMetadata.gps = GPSInfo;
-                        }
-                        if (Photo) {
-                            fullMetadata.exif = Photo;
-                        }
-                    }
-                    catch (err) {
-                        logger.warn(`Couldn't extract Exif metadata from file`);
-                        logger.warn(err);
-                    }
-                }
-                if (sharpMetadata.icc) {
-                    try {
-                        fullMetadata.icc = parseIcc(sharpMetadata.icc);
-                    }
-                    catch (err) {
-                        logger.warn(`Couldn't extract ICC profile data from file`);
-                        logger.warn(err);
-                    }
-                }
-                if (sharpMetadata.iptc) {
-                    try {
-                        fullMetadata.iptc = parseIptc(sharpMetadata.iptc);
-                    }
-                    catch (err) {
-                        logger.warn(`Couldn't extract IPTC Photo Metadata from file`);
-                        logger.warn(err);
-                    }
-                }
-                if (sharpMetadata.xmp) {
-                    try {
-                        fullMetadata.xmp = parseXmp(sharpMetadata.xmp);
-                    }
-                    catch (err) {
-                        logger.warn(`Couldn't extract XMP data from file`);
-                        logger.warn(err);
-                    }
-                }
-                if (fullMetadata?.iptc?.['Caption'] && typeof fullMetadata.iptc['Caption'] === 'string') {
-                    metadata.description = fullMetadata.iptc?.['Caption'];
-                }
-                if (fullMetadata?.iptc?.['Headline'] && typeof fullMetadata.iptc['Headline'] === 'string') {
-                    metadata.title = fullMetadata.iptc['Headline'];
-                }
-                if (fullMetadata?.iptc?.['Keywords']) {
-                    metadata.tags = fullMetadata.iptc['Keywords'];
-                }
-                if (allowList === '*' || allowList?.[0] === '*') {
-                    metadata.metadata = fullMetadata;
-                }
-                else {
-                    metadata.metadata = pick(fullMetadata, allowList);
-                }
-                // Fix (incorrectly parsed?) values starting / ending with spaces,
-                // limited to one level and string values only
-                for (const section of Object.keys(metadata.metadata)) {
-                    for (const [key, value] of Object.entries(metadata.metadata[section])) {
-                        if (typeof value === 'string') {
-                            metadata.metadata[section][key] = value.trim();
-                        }
-                    }
-                }
-                resolve(metadata);
-            }));
-        });
-    }
     /**
      * Import a single file from an external URL
      */
     async importOne(importURL, body) {
-        if (this.accountability) {
-            await validateAccess({
-                accountability: this.accountability,
-                action: 'create',
-                collection: 'directus_files',
-            }, {
-                knex: this.knex,
-                schema: this.schema,
-            });
+        const fileCreatePermissions = this.accountability?.permissions?.find((permission) => permission.collection === 'directus_files' && permission.action === 'create');
+        if (this.accountability && this.accountability?.admin !== true && !fileCreatePermissions) {
+            throw new ForbiddenError();
         }
         let fileResponse;
         try {
@@ -345,6 +213,22 @@ export class FilesService extends ItemsService {
         }
         return keys;
     }
+    async readByQuery(query, opts) {
+        const filteredQuery = cloneDeep(query);
+        const filterPartialUploads = { tus_id: { _null: true } };
+        if (!filteredQuery.filter) {
+            filteredQuery.filter = filterPartialUploads;
+        }
+        else if ('_and' in filteredQuery.filter && Array.isArray(filteredQuery.filter['_and'])) {
+            filteredQuery.filter['_and'].push(filterPartialUploads);
+        }
+        else {
+            filteredQuery.filter = {
+                _and: [filteredQuery.filter, filterPartialUploads],
+            };
+        }
+        return super.readByQuery(filteredQuery, opts);
+    }
 }
 function decompressResponse(stream, headers) {
     const contentEncoding = (headers['content-encoding'] || '').toLowerCase();

package/dist/services/graphql/index.d.ts CHANGED Viewed

@@ -20,9 +20,9 @@ export declare class GraphQLService {
     /**
      * Generate the GraphQL schema. Pulls from the schema information generated by the get-schema util.
      */
-    getSchema(): Promise<GraphQLSchema>;
-    getSchema(type: 'schema'): Promise<GraphQLSchema>;
-    getSchema(type: 'sdl'): Promise<GraphQLSchema | string>;
+    getSchema(): GraphQLSchema;
+    getSchema(type: 'schema'): GraphQLSchema;
+    getSchema(type: 'sdl'): GraphQLSchema | string;
     /**
      * Generic resolver that's used for every "regular" items/system query. Converts the incoming GraphQL AST / fragments into
      * Directus' query structure which is then executed by the services.

package/dist/services/graphql/index.js CHANGED Viewed

@@ -11,9 +11,6 @@ import { clearSystemCache, getCache } from '../../cache.js';
 import { DEFAULT_AUTH_PROVIDER, GENERATE_SPECIAL, REFRESH_COOKIE_OPTIONS, SESSION_COOKIE_OPTIONS, } from '../../constants.js';
 import getDatabase from '../../database/index.js';
 import { rateLimiter } from '../../middleware/rate-limiter-registration.js';
-import { fetchAllowedFieldMap } from '../../permissions/modules/fetch-allowed-field-map/fetch-allowed-field-map.js';
-import { fetchInconsistentFieldMap } from '../../permissions/modules/fetch-inconsistent-field-map/fetch-inconsistent-field-map.js';
-import { createDefaultAccountability } from '../../permissions/utils/create-default-accountability.js';
 import { generateHash } from '../../utils/generate-hash.js';
 import { getGraphQLType } from '../../utils/get-graphql-type.js';
 import { getIPFromReq } from '../../utils/get-ip-from-req.js';
@@ -51,9 +48,6 @@ import { GraphQLVoid } from './types/void.js';
 import { addPathToValidationError } from './utils/add-path-to-validation-error.js';
 import processError from './utils/process-error.js';
 import { sanitizeGraphqlSchema } from './utils/sanitize-gql-schema.js';
-import { fetchAccountabilityCollectionAccess } from '../../permissions/modules/fetch-accountability-collection-access/fetch-accountability-collection-access.js';
-import { fetchAccountabilityPolicyGlobals } from '../../permissions/modules/fetch-accountability-policy-globals/fetch-accountability-policy-globals.js';
-import { RolesService } from '../roles.js';
 const env = useEnv();
 const validationRules = Array.from(specifiedRules);
 if (env['GRAPHQL_INTROSPECTION'] === false) {
@@ -86,7 +80,7 @@ export class GraphQLService {
      * Execute a GraphQL structure
      */
     async execute({ document, variables, operationName, contextValue, }) {
-        const schema = await this.getSchema();
+        const schema = this.getSchema();
         const validationErrors = validate(schema, document, validationRules).map((validationError) => addPathToValidationError(validationError));
         if (validationErrors.length > 0) {
             throw new GraphQLValidationError({ errors: validationErrors });
@@ -114,7 +108,7 @@ export class GraphQLService {
             formattedResult.extensions = result['extensions'];
         return formattedResult;
     }
-    async getSchema(type = 'schema') {
+    getSchema(type = 'schema') {
         const key = `${this.scope}_${type}_${this.accountability?.role}_${this.accountability?.user}`;
         const cachedSchema = cache.get(key);
         if (cachedSchema)
@@ -122,53 +116,20 @@ export class GraphQLService {
         // eslint-disable-next-line @typescript-eslint/no-this-alias
         const self = this;
         const schemaComposer = new SchemaComposer();
-        let schema;
         const sanitizedSchema = sanitizeGraphqlSchema(this.schema);
-        if (!this.accountability || this.accountability.admin) {
-            schema = {
-                read: sanitizedSchema,
-                create: sanitizedSchema,
-                update: sanitizedSchema,
-                delete: sanitizedSchema,
-            };
-        }
-        else {
-            schema = {
-                read: reduceSchema(sanitizedSchema, await fetchAllowedFieldMap({
-                    accountability: this.accountability,
-                    action: 'read',
-                }, { schema: this.schema, knex: this.knex })),
-                create: reduceSchema(sanitizedSchema, await fetchAllowedFieldMap({
-                    accountability: this.accountability,
-                    action: 'create',
-                }, { schema: this.schema, knex: this.knex })),
-                update: reduceSchema(sanitizedSchema, await fetchAllowedFieldMap({
-                    accountability: this.accountability,
-                    action: 'update',
-                }, { schema: this.schema, knex: this.knex })),
-                delete: reduceSchema(sanitizedSchema, await fetchAllowedFieldMap({
-                    accountability: this.accountability,
-                    action: 'delete',
-                }, { schema: this.schema, knex: this.knex })),
-            };
-        }
-        const inconsistentFields = {
-            read: await fetchInconsistentFieldMap({
-                accountability: this.accountability,
-                action: 'read',
-            }, { schema: this.schema, knex: this.knex }),
-            create: await fetchInconsistentFieldMap({
-                accountability: this.accountability,
-                action: 'create',
-            }, { schema: this.schema, knex: this.knex }),
-            update: await fetchInconsistentFieldMap({
-                accountability: this.accountability,
-                action: 'update',
-            }, { schema: this.schema, knex: this.knex }),
-            delete: await fetchInconsistentFieldMap({
-                accountability: this.accountability,
-                action: 'delete',
-            }, { schema: this.schema, knex: this.knex }),
+        const schema = {
+            read: this.accountability?.admin === true
+                ? sanitizedSchema
+                : reduceSchema(sanitizedSchema, this.accountability?.permissions || null, ['read']),
+            create: this.accountability?.admin === true
+                ? sanitizedSchema
+                : reduceSchema(sanitizedSchema, this.accountability?.permissions || null, ['create']),
+            update: this.accountability?.admin === true
+                ? sanitizedSchema
+                : reduceSchema(sanitizedSchema, this.accountability?.permissions || null, ['update']),
+            delete: this.accountability?.admin === true
+                ? sanitizedSchema
+                : reduceSchema(sanitizedSchema, this.accountability?.permissions || null, ['delete']),
         };
         const subscriptionEventType = schemaComposer.createEnumTC({
             name: 'EventEnum',
@@ -339,18 +300,16 @@ export class GraphQLService {
                     name: action === 'read' ? collection.collection : `${action}_${collection.collection}`,
                     fields: Object.values(collection.fields).reduce((acc, field) => {
                         let type = getGraphQLType(field.type, field.special);
-                        const fieldIsInconsistent = inconsistentFields[action][collection.collection]?.includes(field.field);
                         // GraphQL doesn't differentiate between not-null and has-to-be-submitted. We
                         // can't non-null in update, as that would require every not-nullable field to be
                         // submitted on updates
                         if (field.nullable === false &&
                             !field.defaultValue &&
                             !GENERATE_SPECIAL.some((flag) => field.special.includes(flag)) &&
-                            fieldIsInconsistent === false &&
                             action !== 'update') {
                             type = new GraphQLNonNull(type);
                         }
-                        if (collection.primary === field.field && fieldIsInconsistent === false) {
+                        if (collection.primary === field.field) {
                             // permissions IDs need to be nullable https://github.com/directus/directus/issues/20509
                             if (collection.collection === 'directus_permissions') {
                                 type = GraphQLID;
@@ -1803,7 +1762,7 @@ export class GraphQLService {
                         accountability: this.accountability,
                         scope: args['scope'] ?? 'items',
                     });
-                    return await service.getSchema('sdl');
+                    return service.getSchema('sdl');
                 },
             },
             server_ping: {
@@ -1856,7 +1815,7 @@ export class GraphQLService {
                     otp: GraphQLString,
                 },
                 resolve: async (_, args, { req, res }) => {
-                    const accountability = createDefaultAccountability();
+                    const accountability = { role: null };
                     if (req?.ip)
                         accountability.ip = req.ip;
                     const userAgent = req?.get('user-agent');
@@ -1896,7 +1855,7 @@ export class GraphQLService {
                     mode: AuthMode,
                 },
                 resolve: async (_, args, { req, res }) => {
-                    const accountability = createDefaultAccountability();
+                    const accountability = { role: null };
                     if (req?.ip)
                         accountability.ip = req.ip;
                     const userAgent = req?.get('user-agent');
@@ -1954,7 +1913,7 @@ export class GraphQLService {
                     mode: AuthMode,
                 },
                 resolve: async (_, args, { req, res }) => {
-                    const accountability = createDefaultAccountability();
+                    const accountability = { role: null };
                     if (req?.ip)
                         accountability.ip = req.ip;
                     const userAgent = req?.get('user-agent');
@@ -2004,7 +1963,7 @@ export class GraphQLService {
                     reset_url: GraphQLString,
                 },
                 resolve: async (_, args, { req }) => {
-                    const accountability = createDefaultAccountability();
+                    const accountability = { role: null };
                     if (req?.ip)
                         accountability.ip = req.ip;
                     const userAgent = req?.get('user-agent');
@@ -2032,7 +1991,7 @@ export class GraphQLService {
                     password: new GraphQLNonNull(GraphQLString),
                 },
                 resolve: async (_, args, { req }) => {
-                    const accountability = createDefaultAccountability();
+                    const accountability = { role: null };
                     if (req?.ip)
                         accountability.ip = req.ip;
                     const userAgent = req?.get('user-agent');
@@ -2673,69 +2632,6 @@ export class GraphQLService {
                 },
             });
         }
-        if ('directus_permissions' in schema.read.collections) {
-            schemaComposer.Query.addFields({
-                permissions_me: {
-                    type: schemaComposer.createScalarTC({
-                        name: 'permissions_me_type',
-                        parseValue: (value) => value,
-                        serialize: (value) => value,
-                    }),
-                    resolve: async (_, _args, __, _info) => {
-                        if (!this.accountability?.user && !this.accountability?.role)
-                            return null;
-                        const result = await fetchAccountabilityCollectionAccess(this.accountability, {
-                            schema: this.schema,
-                            knex: getDatabase(),
-                        });
-                        return result;
-                    },
-                },
-            });
-        }
-        if ('directus_roles' in schema.read.collections) {
-            schemaComposer.Query.addFields({
-                roles_me: {
-                    type: ReadCollectionTypes['directus_roles'].List,
-                    resolve: async (_, args, __, info) => {
-                        if (!this.accountability?.user && !this.accountability?.role)
-                            return null;
-                        const service = new RolesService({
-                            accountability: this.accountability,
-                            schema: this.schema,
-                        });
-                        const selections = this.replaceFragmentsInSelections(info.fieldNodes[0]?.selectionSet?.selections, info.fragments);
-                        const query = this.getQuery(args, selections || [], info.variableValues);
-                        query.limit = -1;
-                        const roles = await service.readMany(this.accountability.roles, query);
-                        return roles;
-                    },
-                },
-            });
-        }
-        if ('directus_policies' in schema.read.collections) {
-            schemaComposer.Query.addFields({
-                policies_me_globals: {
-                    type: schemaComposer.createObjectTC({
-                        name: 'policy_me_globals_type',
-                        fields: {
-                            enforce_tfa: 'Boolean',
-                            app_access: 'Boolean',
-                            admin_access: 'Boolean',
-                        },
-                    }),
-                    resolve: async (_, _args, __, _info) => {
-                        if (!this.accountability?.user && !this.accountability?.role)
-                            return null;
-                        const result = await fetchAccountabilityPolicyGlobals(this.accountability, {
-                            schema: this.schema,
-                            knex: getDatabase(),
-                        });
-                        return result;
-                    },
-                },
-            });
-        }
         if ('directus_users' in schema.update.collections && this.accountability?.user) {
             schemaComposer.Mutation.addFields({
                 update_users_me: {