@directus/api 20.0.0-rc.0 → 20.0.0

package/dist/services/specifications.js

@@ -1,17 +1,14 @@
 import { useEnv } from '@directus/env';
 import formatTitle from '@directus/format-title';
 import { spec } from '@directus/specs';
-import { isSystemCollection } from '@directus/system-data';
 import { version } from 'directus/version';
 import { cloneDeep, mergeWith } from 'lodash-es';
 import { OAS_REQUIRED_SCHEMAS } from '../constants.js';
 import getDatabase from '../database/index.js';
-import { fetchPermissions } from '../permissions/lib/fetch-permissions.js';
-import { fetchPolicies } from '../permissions/lib/fetch-policies.js';
-import { fetchAllowedFieldMap } from '../permissions/modules/fetch-allowed-field-map/fetch-allowed-field-map.js';
 import { getRelationType } from '../utils/get-relation-type.js';
 import { reduceSchema } from '../utils/reduce-schema.js';
 import { GraphQLService } from './graphql/index.js';
+import { isSystemCollection } from '@directus/system-data';
 const env = useEnv();
 export class SpecificationService {
     accountability;
@@ -19,38 +16,29 @@ export class SpecificationService {
     schema;
     oas;
     graphql;
-    constructor(options) {
-        this.accountability = options.accountability || null;
-        this.knex = options.knex || getDatabase();
-        this.schema = options.schema;
-        this.oas = new OASSpecsService(options);
-        this.graphql = new GraphQLSpecsService(options);
+    constructor({ accountability, knex, schema }) {
+        this.accountability = accountability || null;
+        this.knex = knex || getDatabase();
+        this.schema = schema;
+        this.oas = new OASSpecsService({ knex, schema, accountability });
+        this.graphql = new GraphQLSpecsService({ knex, schema, accountability });
     }
 }
 class OASSpecsService {
     accountability;
     knex;
     schema;
-    constructor(options) {
-        this.accountability = options.accountability || null;
-        this.knex = options.knex || getDatabase();
-        this.schema = options.schema;
+    constructor({ knex, schema, accountability }) {
+        this.accountability = accountability || null;
+        this.knex = knex || getDatabase();
+        this.schema =
+            this.accountability?.admin === true ? schema : reduceSchema(schema, accountability?.permissions || null);
     }
     async generate(host) {
-        let schema = this.schema;
-        let permissions = [];
-        if (this.accountability && this.accountability.admin !== true) {
-            const allowedFields = await fetchAllowedFieldMap({
-                accountability: this.accountability,
-                action: 'read',
-            }, { schema, knex: this.knex });
-            schema = reduceSchema(schema, allowedFields);
-            const policies = await fetchPolicies(this.accountability, { schema, knex: this.knex });
-            permissions = await fetchPermissions({ action: 'read', policies, accountability: this.accountability }, { schema, knex: this.knex });
-        }
-        const tags = await this.generateTags(schema);
+        const permissions = this.accountability?.permissions ?? [];
+        const tags = await this.generateTags();
         const paths = await this.generatePaths(permissions, tags);
-        const components = await this.generateComponents(schema, tags);
+        const components = await this.generateComponents(tags);
         const isDefaultPublicUrl = env['PUBLIC_URL'] === '/';
         const url = isDefaultPublicUrl && host ? host : env['PUBLIC_URL'];
         const spec = {
@@ -74,9 +62,9 @@ class OASSpecsService {
             spec.components = components;
         return spec;
     }
-    async generateTags(schema) {
+    async generateTags() {
         const systemTags = cloneDeep(spec.tags);
-        const collections = Object.values(schema.collections);
+        const collections = Object.values(this.schema.collections);
         const tags = [];
         for (const systemTag of systemTags) {
             // Check if necessary authentication level is given
@@ -258,7 +246,7 @@ class OASSpecsService {
         }
         return paths;
     }
-    async generateComponents(schema, tags) {
+    async generateComponents(tags) {
         if (!tags)
             return;
         let components = cloneDeep(spec.components);
@@ -276,7 +264,7 @@ class OASSpecsService {
                 };
             }
         }
-        const collections = Object.values(schema.collections);
+        const collections = Object.values(this.schema.collections);
         for (const collection of collections) {
             const tag = tags.find((tag) => tag['x-collection'] === collection.collection);
             if (!tag)
@@ -289,7 +277,7 @@ class OASSpecsService {
                 schemaComponent['x-collection'] = collection.collection;
                 for (const field of fieldsInCollection) {
                     schemaComponent.properties[field.field] =
-                        cloneDeep(spec.components.schemas[tag.name].properties[field.field]) || this.generateField(schema, collection.collection, field, tags);
+                        cloneDeep(spec.components.schemas[tag.name].properties[field.field]) || this.generateField(collection.collection, field, tags);
                 }
                 components.schemas[tag.name] = schemaComponent;
             }
@@ -300,7 +288,7 @@ class OASSpecsService {
                     'x-collection': collection.collection,
                 };
                 for (const field of fieldsInCollection) {
-                    schemaComponent.properties[field.field] = this.generateField(schema, collection.collection, field, tags);
+                    schemaComponent.properties[field.field] = this.generateField(collection.collection, field, tags);
                 }
                 components.schemas[tag.name] = schemaComponent;
             }
@@ -323,13 +311,13 @@ class OASSpecsService {
                 return 'read';
         }
     }
-    generateField(schema, collection, field, tags) {
+    generateField(collection, field, tags) {
         let propertyObject = {};
         propertyObject.nullable = field.nullable;
         if (field.note) {
             propertyObject.description = field.note;
         }
-        const relation = schema.relations.find((relation) => (relation.collection === collection && relation.field === field.field) ||
+        const relation = this.schema.relations.find((relation) => (relation.collection === collection && relation.field === field.field) ||
             (relation.related_collection === collection && relation.meta?.one_field === field.field));
         if (!relation) {
             propertyObject = {
@@ -347,10 +335,10 @@ class OASSpecsService {
                 const relatedTag = tags.find((tag) => tag['x-collection'] === relation.related_collection);
                 if (!relatedTag ||
                     !relation.related_collection ||
-                    relation.related_collection in schema.collections === false) {
+                    relation.related_collection in this.schema.collections === false) {
                     return propertyObject;
                 }
-                const relatedCollection = schema.collections[relation.related_collection];
+                const relatedCollection = this.schema.collections[relation.related_collection];
                 const relatedPrimaryKeyField = relatedCollection.fields[relatedCollection.primary];
                 propertyObject.oneOf = [
                     {
@@ -363,10 +351,10 @@ class OASSpecsService {
             }
             else if (relationType === 'o2m') {
                 const relatedTag = tags.find((tag) => tag['x-collection'] === relation.collection);
-                if (!relatedTag || !relation.related_collection || relation.collection in schema.collections === false) {
+                if (!relatedTag || !relation.related_collection || relation.collection in this.schema.collections === false) {
                     return propertyObject;
                 }
-                const relatedCollection = schema.collections[relation.collection];
+                const relatedCollection = this.schema.collections[relation.collection];
                 const relatedPrimaryKeyField = relatedCollection.fields[relatedCollection.primary];
                 if (!relatedTag || !relatedPrimaryKeyField)
                     return propertyObject;

package/dist/services/tus/data-store.d.ts

@@ -0,0 +1,36 @@
+/// <reference types="node" resolution-mode="require"/>
+import type { TusDriver } from '@directus/storage';
+import type { Accountability, File, SchemaOverview } from '@directus/types';
+import stream from 'node:stream';
+import { DataStore, Upload } from '@tus/utils';
+export type TusDataStoreConfig = {
+    constants: {
+        ENABLED: boolean;
+        CHUNK_SIZE: number;
+        MAX_SIZE: number;
+        EXPIRATION_TIME: number;
+        SCHEDULE: string;
+    };
+    /** Storage location name **/
+    location: string;
+    driver: TusDriver;
+    schema: SchemaOverview;
+    accountability: Accountability | undefined;
+};
+export declare class TusDataStore extends DataStore {
+    protected chunkSize: number;
+    protected maxSize: number;
+    protected expirationTime: number;
+    protected location: string;
+    protected storageDriver: TusDriver;
+    protected schema: SchemaOverview;
+    protected accountability: Accountability | undefined;
+    constructor(config: TusDataStoreConfig);
+    create(upload: Upload): Promise<Upload>;
+    write(readable: stream.Readable, tus_id: string, offset: number): Promise<number>;
+    remove(tus_id: string): Promise<void>;
+    deleteExpired(): Promise<number>;
+    getExpiration(): number;
+    getUpload(id: string): Promise<Upload>;
+    protected getFileById(tus_id: string): Promise<File>;
+}

package/dist/services/tus/data-store.js

@@ -0,0 +1,214 @@
+import formatTitle from '@directus/format-title';
+import { extension } from 'mime-types';
+import { extname } from 'node:path';
+import stream from 'node:stream';
+import { DataStore, ERRORS, Upload } from '@tus/utils';
+import { ItemsService } from '../items.js';
+import { useLogger } from '../../logger.js';
+import getDatabase from '../../database/index.js';
+import { omit } from 'lodash-es';
+export class TusDataStore extends DataStore {
+    chunkSize;
+    maxSize;
+    expirationTime;
+    location;
+    storageDriver;
+    schema;
+    accountability;
+    constructor(config) {
+        super();
+        this.chunkSize = config.constants.CHUNK_SIZE;
+        this.maxSize = config.constants.MAX_SIZE;
+        this.expirationTime = config.constants.EXPIRATION_TIME;
+        this.location = config.location;
+        this.storageDriver = config.driver;
+        this.extensions = this.storageDriver.tusExtensions;
+        this.schema = config.schema;
+        this.accountability = config.accountability;
+    }
+    async create(upload) {
+        const logger = useLogger();
+        const knex = getDatabase();
+        const itemsService = new ItemsService('directus_files', {
+            accountability: this.accountability,
+            schema: this.schema,
+            knex,
+        });
+        upload.creation_date = new Date().toISOString();
+        if (!upload.size || !upload.metadata || !upload.metadata['filename_download']) {
+            throw ERRORS.INVALID_METADATA;
+        }
+        if (!upload.metadata['type']) {
+            upload.metadata['type'] = 'application/octet-stream';
+        }
+        if (!upload.metadata['title']) {
+            upload.metadata['title'] = formatTitle(upload.metadata['filename_download']);
+        }
+        let existingFile = null;
+        // If the payload contains a primary key, we'll check if the file already exists
+        if (upload.metadata['id']) {
+            // If the file you're uploading already exists, we'll consider this upload a replace so we'll fetch the existing file's folder and filename_download
+            existingFile =
+                (await knex
+                    .select('folder', 'filename_download', 'filename_disk', 'title', 'description', 'metadata', 'tus_id')
+                    .from('directus_files')
+                    .andWhere({ id: upload.metadata['id'] })
+                    .first()) ?? null;
+            if (existingFile && existingFile['tus_id'] !== null) {
+                throw ERRORS.INVALID_METADATA;
+            }
+        }
+        // Is this file a replacement? if the file data already exists and we have a primary key
+        const isReplacement = existingFile !== null && !!upload.metadata['id'];
+        if (isReplacement === true && upload.metadata['id']) {
+            upload.metadata['replace_id'] = upload.metadata['id'];
+        }
+        const fileData = {
+            ...omit(upload.metadata, ['id']),
+            tus_id: upload.id,
+            tus_data: upload,
+            filesize: upload.size,
+            storage: this.location,
+        };
+        // If no folder is specified, we'll use the default folder from the settings if it exists
+        if ('folder' in fileData === false) {
+            const settings = await knex.select('storage_default_folder').from('directus_settings').first();
+            if (settings?.storage_default_folder) {
+                fileData.folder = settings.storage_default_folder;
+            }
+        }
+        // If this is a new file upload, we need to generate a new primary key and DB record
+        const primaryKey = await itemsService.createOne(fileData, { emitEvents: false });
+        const fileExtension = extname(upload.metadata['filename_download']) ||
+            (upload.metadata['type'] && '.' + extension(upload.metadata['type'])) ||
+            '';
+        // The filename_disk is the FINAL filename on disk
+        fileData.filename_disk ||= primaryKey + (fileExtension || '');
+        // Temp filename is used for replacements
+        // const tempFilenameDisk = fileData.tus_id! + (fileExtension || '');
+        // if (isReplacement) {
+        // 	upload.metadata['temp_file'] = tempFilenameDisk;
+        // }
+        try {
+            // If this is a replacement, we'll write the file to a temp location first to ensure we don't overwrite the existing file if something goes wrong
+            upload = (await this.storageDriver.createChunkedUpload(fileData.filename_disk, upload));
+            fileData.tus_data = upload;
+            await itemsService.updateOne(primaryKey, fileData, { emitEvents: false });
+            return upload;
+        }
+        catch (err) {
+            logger.warn(`Couldn't create chunked upload for ${fileData.filename_disk}`);
+            logger.warn(err);
+            if (isReplacement) {
+                await itemsService.updateOne(primaryKey, { tus_id: null, tus_data: null }, { emitEvents: false });
+            }
+            else {
+                await itemsService.deleteOne(primaryKey, { emitEvents: false });
+            }
+            throw ERRORS.UNKNOWN_ERROR;
+        }
+    }
+    async write(readable, tus_id, offset) {
+        const fileData = await this.getFileById(tus_id);
+        const filePath = fileData.filename_disk;
+        const sudoService = new ItemsService('directus_files', {
+            schema: this.schema,
+        });
+        try {
+            const newOffset = await this.storageDriver.writeChunk(filePath, readable, offset, fileData.tus_data);
+            await sudoService.updateOne(fileData.id, {
+                tus_data: {
+                    ...fileData.tus_data,
+                    offset: newOffset,
+                },
+            });
+            if (Number(fileData.filesize) === newOffset) {
+                try {
+                    await this.storageDriver.finishChunkedUpload(filePath, fileData.tus_data);
+                }
+                catch (err) {
+                    await this.remove(fileData.tus_id);
+                    throw err;
+                }
+                const isReplacement = Boolean(fileData.tus_data?.['metadata']?.['replace_id']);
+                // If the file is a replacement, delete the old files, and upgrade the temp file
+                if (isReplacement === true) {
+                    const replaceId = fileData.tus_data['metadata']['replace_id'];
+                    const replaceData = await sudoService.readOne(replaceId, { fields: ['filename_disk'] });
+                    // delete the previously saved file and thumbnails to ensure they're generated fresh
+                    for await (const partPath of this.storageDriver.list(replaceId)) {
+                        await this.storageDriver.delete(partPath);
+                    }
+                    // Upgrade the temp file to the final filename
+                    await this.storageDriver.move(filePath, replaceData.filename_disk);
+                }
+            }
+            return newOffset;
+        }
+        catch (err) {
+            if ('status_code' in err && err.status_code === 500) {
+                throw err;
+            }
+            throw ERRORS.FILE_WRITE_ERROR;
+        }
+    }
+    async remove(tus_id) {
+        const sudoService = new ItemsService('directus_files', {
+            schema: this.schema,
+        });
+        const fileData = await this.getFileById(tus_id);
+        await this.storageDriver.deleteChunkedUpload(fileData.filename_disk, fileData.tus_data);
+        await sudoService.deleteOne(fileData.id);
+    }
+    async deleteExpired() {
+        const sudoService = new ItemsService('directus_files', {
+            schema: this.schema,
+        });
+        const now = new Date();
+        const toDelete = [];
+        const uploadFiles = await sudoService.readByQuery({
+            fields: ['modified_on', 'tus_id', 'tus_data'],
+            filter: { tus_id: { _nnull: true } },
+        });
+        if (!uploadFiles)
+            return 0;
+        for (const fileData of uploadFiles) {
+            if (fileData &&
+                fileData.tus_data &&
+                this.getExpiration() > 0 &&
+                fileData.tus_data['size'] !== fileData.tus_data['offset'] &&
+                fileData.modified_on) {
+                const modified = new Date(fileData.modified_on);
+                const expires = new Date(modified.getTime() + this.getExpiration());
+                if (now > expires) {
+                    toDelete.push(this.remove(fileData.tus_id));
+                }
+            }
+        }
+        await Promise.allSettled(toDelete);
+        return toDelete.length;
+    }
+    getExpiration() {
+        return this.expirationTime;
+    }
+    async getUpload(id) {
+        const fileData = await this.getFileById(id);
+        return new Upload(fileData.tus_data);
+    }
+    async getFileById(tus_id) {
+        const itemsService = new ItemsService('directus_files', {
+            schema: this.schema,
+        });
+        const results = await itemsService.readByQuery({
+            filter: {
+                tus_id: { _eq: tus_id },
+                storage: { _eq: this.location },
+                ...(this.accountability?.user ? { uploaded_by: { _eq: this.accountability.user } } : {}),
+            },
+        });
+        if (!results || !results[0]) {
+            throw ERRORS.FILE_NOT_FOUND;
+        }
+        return results[0];
+    }
+}

package/dist/services/tus/index.d.ts

@@ -0,0 +1,2 @@
+export * from './server.js';
+export * from './lockers.js';

package/dist/services/tus/index.js

@@ -0,0 +1,2 @@
+export * from './server.js';
+export * from './lockers.js';

package/dist/services/tus/lockers.d.ts

@@ -0,0 +1,36 @@
+import { type Lock, type Locker, type RequestRelease } from '@tus/utils';
+/**
+ * TusLocker is an implementation of the Locker interface that manages locks in memory or using Redis.
+ * This class is designed for exclusive access control over resources, often used in scenarios like upload management.
+ *
+ * Locking Behavior:
+ * - When the `lock` method is invoked for an already locked resource, the `cancelReq` callback is called.
+ *   This signals to the current lock holder that another process is requesting the lock, encouraging them to release it as soon as possible.
+ * - The lock attempt continues until the specified timeout is reached. If the timeout expires and the lock is still not
+ *   available, an error is thrown to indicate lock acquisition failure.
+ *
+ * Lock Acquisition and Release:
+ * - The `lock` method implements a wait mechanism, allowing a lock request to either succeed when the lock becomes available,
+ *   or fail after the timeout period.
+ * - The `unlock` method releases a lock, making the resource available for other requests.
+ */
+export declare class TusLocker implements Locker {
+    lockTimeout: number;
+    acquireTimeout: number;
+    constructor(options?: {
+        acquireLockTimeout: number;
+        lockTimeout: number;
+    });
+    newLock(id: string): KvLock;
+}
+export declare class KvLock implements Lock {
+    private id;
+    private lockTimeout;
+    private acquireTimeout;
+    private kv;
+    constructor(id: string, lockTimeout?: number, acquireTimeout?: number);
+    lock(cancelReq: RequestRelease): Promise<void>;
+    protected acquireLock(id: string, requestRelease: RequestRelease, signal: AbortSignal): Promise<boolean>;
+    unlock(): Promise<void>;
+}
+export declare function getTusLocker(): Locker;

package/dist/services/tus/lockers.js

@@ -0,0 +1,83 @@
+import { ERRORS } from '@tus/utils';
+import { useLock } from '../../lock/index.js';
+import { waitTimeout } from './utils/wait-timeout.js';
+/**
+ * TusLocker is an implementation of the Locker interface that manages locks in memory or using Redis.
+ * This class is designed for exclusive access control over resources, often used in scenarios like upload management.
+ *
+ * Locking Behavior:
+ * - When the `lock` method is invoked for an already locked resource, the `cancelReq` callback is called.
+ *   This signals to the current lock holder that another process is requesting the lock, encouraging them to release it as soon as possible.
+ * - The lock attempt continues until the specified timeout is reached. If the timeout expires and the lock is still not
+ *   available, an error is thrown to indicate lock acquisition failure.
+ *
+ * Lock Acquisition and Release:
+ * - The `lock` method implements a wait mechanism, allowing a lock request to either succeed when the lock becomes available,
+ *   or fail after the timeout period.
+ * - The `unlock` method releases a lock, making the resource available for other requests.
+ */
+export class TusLocker {
+    lockTimeout;
+    acquireTimeout;
+    constructor(options) {
+        this.acquireTimeout = options?.acquireLockTimeout ?? 1000 * 30;
+        this.lockTimeout = options?.lockTimeout ?? 1000 * 60;
+    }
+    newLock(id) {
+        return new KvLock(id, this.lockTimeout, this.acquireTimeout);
+    }
+}
+export class KvLock {
+    id;
+    lockTimeout;
+    acquireTimeout;
+    kv;
+    constructor(id, lockTimeout = 1000 * 60, acquireTimeout = 1000 * 30) {
+        this.id = id;
+        this.lockTimeout = lockTimeout;
+        this.acquireTimeout = acquireTimeout;
+        this.kv = useLock();
+    }
+    async lock(cancelReq) {
+        const abortController = new AbortController();
+        const lock = await Promise.race([
+            waitTimeout(this.acquireTimeout, abortController.signal),
+            this.acquireLock(this.id, cancelReq, abortController.signal),
+        ]);
+        abortController.abort();
+        if (!lock) {
+            throw ERRORS.ERR_LOCK_TIMEOUT;
+        }
+    }
+    async acquireLock(id, requestRelease, signal) {
+        if (signal.aborted) {
+            return false;
+        }
+        const lockTime = await this.kv.get(id);
+        const now = Date.now();
+        if (!lockTime || Number(lockTime) < now - this.lockTimeout) {
+            await this.kv.set(id, now);
+            return true;
+        }
+        await requestRelease();
+        return await new Promise((resolve, reject) => {
+            // Using setImmediate to:
+            // 1. Prevent stack overflow by deferring recursive calls to the next event loop iteration.
+            // 2. Allow event loop to process other pending events, maintaining server responsiveness.
+            // 3. Ensure fairness in lock acquisition by giving other requests a chance to acquire the lock.
+            setImmediate(() => {
+                this.acquireLock(id, requestRelease, signal).then(resolve).catch(reject);
+            });
+        });
+    }
+    async unlock() {
+        await this.kv.delete(this.id);
+    }
+}
+let _locker = undefined;
+export function getTusLocker() {
+    if (!_locker) {
+        _locker = new TusLocker();
+    }
+    return _locker;
+}

package/dist/services/tus/server.d.ts

@@ -0,0 +1,8 @@
+import type { Accountability, SchemaOverview } from '@directus/types';
+import { Server } from '@tus/server';
+type Context = {
+    schema: SchemaOverview;
+    accountability?: Accountability | undefined;
+};
+export declare function createTusServer(context: Context): Promise<Server>;
+export {};

package/dist/services/tus/server.js

@@ -0,0 +1,80 @@
+/**
+ * TUS implementation for resumable uploads
+ *
+ * https://tus.io/
+ */
+import { useEnv } from '@directus/env';
+import { supportsTus } from '@directus/storage';
+import { toArray } from '@directus/utils';
+import { Server } from '@tus/server';
+import { RESUMABLE_UPLOADS } from '../../constants.js';
+import { getStorage } from '../../storage/index.js';
+import { extractMetadata } from '../files/lib/extract-metadata.js';
+import { ItemsService } from '../index.js';
+import { TusDataStore } from './data-store.js';
+import { getTusLocker } from './lockers.js';
+import { pick } from 'lodash-es';
+async function createTusStore(context) {
+    const env = useEnv();
+    const storage = await getStorage();
+    const location = toArray(env['STORAGE_LOCATIONS'])[0];
+    const driver = storage.location(location);
+    if (!supportsTus(driver)) {
+        throw new Error(`Storage location ${location} does not support the TUS protocol`);
+    }
+    return new TusDataStore({
+        constants: RESUMABLE_UPLOADS,
+        accountability: context.accountability,
+        schema: context.schema,
+        location,
+        driver,
+    });
+}
+export async function createTusServer(context) {
+    const env = useEnv();
+    const store = await createTusStore(context);
+    return new Server({
+        path: '/files/tus',
+        datastore: store,
+        locker: getTusLocker(),
+        maxSize: RESUMABLE_UPLOADS.MAX_SIZE,
+        async onUploadFinish(req, res, upload) {
+            const service = new ItemsService('directus_files', {
+                schema: req.schema,
+            });
+            const file = (await service.readByQuery({
+                filter: { tus_id: { _eq: upload.id } },
+                limit: 1,
+            }))[0];
+            if (!file)
+                return res;
+            // update metadata when file is replaced
+            if (file.tus_data?.['metadata']?.['replace_id']) {
+                const newFile = await service.readOne(file.tus_data['metadata']['replace_id']);
+                const updateFields = pick(file, ['filename_download', 'filesize', 'type']);
+                const metadata = await extractMetadata(newFile.storage, {
+                    ...newFile,
+                    ...updateFields,
+                });
+                await service.updateOne(file.tus_data['metadata']['replace_id'], {
+                    ...updateFields,
+                    ...metadata,
+                });
+                await service.deleteOne(file.id);
+            }
+            else {
+                const metadata = await extractMetadata(file.storage, file);
+                await service.updateOne(file.id, {
+                    ...metadata,
+                    tus_id: null,
+                    tus_data: null,
+                });
+            }
+            return res;
+        },
+        generateUrl(_req, opts) {
+            return env['PUBLIC_URL'] + '/files/tus/' + opts.id;
+        },
+        relativeLocation: String(env['PUBLIC_URL']).startsWith('http'),
+    });
+}

package/dist/services/tus/utils/wait-timeout.d.ts

@@ -0,0 +1 @@
+export declare function waitTimeout(timeout: number, signal: AbortSignal): Promise<boolean>;

package/dist/services/tus/utils/wait-timeout.js

@@ -0,0 +1,13 @@
+export function waitTimeout(timeout, signal) {
+    return new Promise((resolve) => {
+        const handler = setTimeout(() => {
+            resolve(false);
+        }, timeout);
+        const abortListener = () => {
+            clearTimeout(handler);
+            signal.removeEventListener('abort', abortListener);
+            resolve(false);
+        };
+        signal.addEventListener('abort', abortListener);
+    });
+}

package/dist/services/users.d.ts

@@ -13,6 +13,11 @@ export declare class UsersService extends ItemsService {
      * directus_settings.auth_password_policy
      */
     private checkPasswordPolicy;
+    private checkRemainingAdminExistence;
+    /**
+     * Make sure there's at least one active admin user when updating user status
+     */
+    private checkRemainingActiveAdmin;
     /**
      * Get basic information of user identified by email
      */
@@ -47,5 +52,4 @@ export declare class UsersService extends ItemsService {
     verifyRegistration(token: string): Promise<string>;
     requestPasswordReset(email: string, url: string | null, subject?: string | null): Promise<void>;
     resetPassword(token: string, password: string): Promise<void>;
-    private clearCaches;
 }