npm - @directus/api - Versions diffs - 20.0.0 → 21.0.0-rc.0 - Mend

@directus/api 20.0.0 → 21.0.0-rc.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (330) hide show

package/dist/app.js CHANGED Viewed

@@ -10,6 +10,7 @@ import path from 'path';
 import qs from 'qs';
 import { registerAuthProviders } from './auth.js';
 import activityRouter from './controllers/activity.js';
+import accessRouter from './controllers/access.js';
 import assetsRouter from './controllers/assets.js';
 import authRouter from './controllers/auth.js';
 import collectionsRouter from './controllers/collections.js';
@@ -26,6 +27,7 @@ import notificationsRouter from './controllers/notifications.js';
 import operationsRouter from './controllers/operations.js';
 import panelsRouter from './controllers/panels.js';
 import permissionsRouter from './controllers/permissions.js';
+import policiesRouter from './controllers/policies.js';
 import presetsRouter from './controllers/presets.js';
 import relationsRouter from './controllers/relations.js';
 import revisionsRouter from './controllers/revisions.js';
@@ -44,14 +46,12 @@ import { isInstalled, validateDatabaseConnection, validateDatabaseExtensions, va
 import emitter from './emitter.js';
 import { getExtensionManager } from './extensions/index.js';
 import { getFlowManager } from './flows.js';
-import { createExpressLogger, useLogger } from './logger.js';
+import { createExpressLogger, useLogger } from './logger/index.js';
 import authenticate from './middleware/authenticate.js';
 import cache from './middleware/cache.js';
-import { checkIP } from './middleware/check-ip.js';
 import cors from './middleware/cors.js';
 import errorHandler from './middleware/error-handler.js';
 import extractToken from './middleware/extract-token.js';
-import getPermissions from './middleware/get-permissions.js';
 import rateLimiterGlobal from './middleware/rate-limiter-global.js';
 import rateLimiter from './middleware/rate-limiter-ip.js';
 import sanitizeQuery from './middleware/sanitize-query.js';
@@ -198,16 +198,15 @@ export default async function createApp() {
     }
     app.get('/server/ping', (_req, res) => res.send('pong'));
     app.use(authenticate);
-    app.use(checkIP);
     app.use(sanitizeQuery);
     app.use(cache);
     app.use(schema);
-    app.use(getPermissions);
     await emitter.emitInit('middlewares.after', { app });
     await emitter.emitInit('routes.before', { app });
     app.use('/auth', authRouter);
     app.use('/graphql', graphqlRouter);
     app.use('/activity', activityRouter);
+    app.use('/access', accessRouter);
     app.use('/assets', assetsRouter);
     app.use('/collections', collectionsRouter);
     app.use('/dashboards', dashboardsRouter);
@@ -224,6 +223,7 @@ export default async function createApp() {
     app.use('/operations', operationsRouter);
     app.use('/panels', panelsRouter);
     app.use('/permissions', permissionsRouter);
+    app.use('/policies', policiesRouter);
     app.use('/presets', presetsRouter);
     app.use('/translations', translationsRouter);
     app.use('/relations', relationsRouter);

package/dist/auth/drivers/ldap.js CHANGED Viewed

@@ -3,16 +3,17 @@ import { ErrorCode, InvalidCredentialsError, InvalidPayloadError, InvalidProvide
 import { Router } from 'express';
 import Joi from 'joi';
 import ldap from 'ldapjs';
+import { REFRESH_COOKIE_OPTIONS, SESSION_COOKIE_OPTIONS } from '../../constants.js';
 import getDatabase from '../../database/index.js';
 import emitter from '../../emitter.js';
-import { useLogger } from '../../logger.js';
+import { useLogger } from '../../logger/index.js';
 import { respond } from '../../middleware/respond.js';
+import { createDefaultAccountability } from '../../permissions/utils/create-default-accountability.js';
 import { AuthenticationService } from '../../services/authentication.js';
 import { UsersService } from '../../services/users.js';
 import asyncHandler from '../../utils/async-handler.js';
 import { getIPFromReq } from '../../utils/get-ip-from-req.js';
 import { AuthDriver } from '../auth.js';
-import { REFRESH_COOKIE_OPTIONS, SESSION_COOKIE_OPTIONS } from '../../constants.js';
 // 0x2: ACCOUNTDISABLE
 // 0x10: LOCKOUT
 // 0x800000: PASSWORD_EXPIRED
@@ -295,10 +296,9 @@ export function createLDAPAuthRouter(provider) {
     }).unknown();
     router.post('/', asyncHandler(async (req, res, next) => {
         const env = useEnv();
-        const accountability = {
+        const accountability = createDefaultAccountability({
             ip: getIPFromReq(req),
-            role: null,
-        };
+        });
         const userAgent = req.get('user-agent')?.substring(0, 1024);
         if (userAgent)
             accountability.userAgent = userAgent;

package/dist/auth/drivers/local.js CHANGED Viewed

@@ -1,11 +1,12 @@
+import { useEnv } from '@directus/env';
 import { InvalidCredentialsError, InvalidPayloadError } from '@directus/errors';
 import argon2 from 'argon2';
 import { Router } from 'express';
 import Joi from 'joi';
 import { performance } from 'perf_hooks';
 import { REFRESH_COOKIE_OPTIONS, SESSION_COOKIE_OPTIONS } from '../../constants.js';
-import { useEnv } from '@directus/env';
 import { respond } from '../../middleware/respond.js';
+import { createDefaultAccountability } from '../../permissions/utils/create-default-accountability.js';
 import { AuthenticationService } from '../../services/authentication.js';
 import asyncHandler from '../../utils/async-handler.js';
 import { getIPFromReq } from '../../utils/get-ip-from-req.js';
@@ -47,10 +48,9 @@ export function createLocalAuthRouter(provider) {
     router.post('/', asyncHandler(async (req, res, next) => {
         const STALL_TIME = env['LOGIN_STALL_TIME'];
         const timeStart = performance.now();
-        const accountability = {
+        const accountability = createDefaultAccountability({
             ip: getIPFromReq(req),
-            role: null,
-        };
+        });
         const userAgent = req.get('user-agent')?.substring(0, 1024);
         if (userAgent)
             accountability.userAgent = userAgent;

package/dist/auth/drivers/oauth2.js CHANGED Viewed

@@ -9,17 +9,18 @@ import { getAuthProvider } from '../../auth.js';
 import { REFRESH_COOKIE_OPTIONS, SESSION_COOKIE_OPTIONS } from '../../constants.js';
 import getDatabase from '../../database/index.js';
 import emitter from '../../emitter.js';
-import { useLogger } from '../../logger.js';
+import { useLogger } from '../../logger/index.js';
 import { respond } from '../../middleware/respond.js';
+import { createDefaultAccountability } from '../../permissions/utils/create-default-accountability.js';
 import { AuthenticationService } from '../../services/authentication.js';
 import { UsersService } from '../../services/users.js';
 import asyncHandler from '../../utils/async-handler.js';
 import { getConfigFromEnv } from '../../utils/get-config-from-env.js';
 import { getIPFromReq } from '../../utils/get-ip-from-req.js';
+import { getSecret } from '../../utils/get-secret.js';
 import { isLoginRedirectAllowed } from '../../utils/is-login-redirect-allowed.js';
 import { Url } from '../../utils/url.js';
 import { LocalAuthDriver } from './local.js';
-import { getSecret } from '../../utils/get-secret.js';
 export class OAuth2AuthDriver extends LocalAuthDriver {
     client;
     redirectUrl;
@@ -251,10 +252,9 @@ export function createOAuth2AuthRouter(providerName) {
             throw new InvalidCredentialsError();
         }
         const { verifier, redirect, prompt } = tokenData;
-        const accountability = {
+        const accountability = createDefaultAccountability({
             ip: getIPFromReq(req),
-            role: null,
-        };
+        });
         const userAgent = req.get('user-agent')?.substring(0, 1024);
         if (userAgent)
             accountability.userAgent = userAgent;

package/dist/auth/drivers/openid.js CHANGED Viewed

@@ -9,8 +9,9 @@ import { getAuthProvider } from '../../auth.js';
 import { REFRESH_COOKIE_OPTIONS, SESSION_COOKIE_OPTIONS } from '../../constants.js';
 import getDatabase from '../../database/index.js';
 import emitter from '../../emitter.js';
-import { useLogger } from '../../logger.js';
+import { useLogger } from '../../logger/index.js';
 import { respond } from '../../middleware/respond.js';
+import { createDefaultAccountability } from '../../permissions/utils/create-default-accountability.js';
 import { AuthenticationService } from '../../services/authentication.js';
 import { UsersService } from '../../services/users.js';
 import asyncHandler from '../../utils/async-handler.js';
@@ -272,10 +273,7 @@ export function createOpenIDAuthRouter(providerName) {
             throw new InvalidCredentialsError();
         }
         const { verifier, redirect, prompt } = tokenData;
-        const accountability = {
-            ip: getIPFromReq(req),
-            role: null,
-        };
+        const accountability = createDefaultAccountability({ ip: getIPFromReq(req) });
         const userAgent = req.get('user-agent')?.substring(0, 1024);
         if (userAgent)
             accountability.userAgent = userAgent;

package/dist/auth/drivers/saml.js CHANGED Viewed

@@ -7,7 +7,7 @@ import { getAuthProvider } from '../../auth.js';
 import { REFRESH_COOKIE_OPTIONS, SESSION_COOKIE_OPTIONS } from '../../constants.js';
 import getDatabase from '../../database/index.js';
 import emitter from '../../emitter.js';
-import { useLogger } from '../../logger.js';
+import { useLogger } from '../../logger/index.js';
 import { respond } from '../../middleware/respond.js';
 import { AuthenticationService } from '../../services/authentication.js';
 import { UsersService } from '../../services/users.js';

package/dist/auth.js CHANGED Viewed

@@ -4,7 +4,7 @@ import { toArray } from '@directus/utils';
 import { LDAPAuthDriver, LocalAuthDriver, OAuth2AuthDriver, OpenIDAuthDriver, SAMLAuthDriver, } from './auth/drivers/index.js';
 import { DEFAULT_AUTH_PROVIDER } from './constants.js';
 import getDatabase from './database/index.js';
-import { useLogger } from './logger.js';
+import { useLogger } from './logger/index.js';
 import { getConfigFromEnv } from './utils/get-config-from-env.js';
 import { getSchema } from './utils/get-schema.js';
 const providers = new Map();

package/dist/cache.js CHANGED Viewed

@@ -2,12 +2,13 @@ import { useEnv } from '@directus/env';
 import { getSimpleHash } from '@directus/utils';
 import Keyv from 'keyv';
 import { useBus } from './bus/index.js';
-import { useLogger } from './logger.js';
+import { useLogger } from './logger/index.js';
 import { redisConfigAvailable } from './redis/index.js';
 import { compress, decompress } from './utils/compress.js';
 import { getConfigFromEnv } from './utils/get-config-from-env.js';
 import { getMilliseconds } from './utils/get-milliseconds.js';
 import { validateEnv } from './utils/validate-env.js';
+import { clearCache as clearPermissionCache } from './permissions/cache.js';
 import { createRequire } from 'node:module';
 const logger = useLogger();
 const env = useEnv();
@@ -66,6 +67,8 @@ export async function clearSystemCache(opts) {
     }
     await sharedSchemaCache.clear();
     await localSchemaCache.clear();
+    // Since a lot of cached permission function rely on the schema it needs to be cleared as well
+    await clearPermissionCache();
     messenger.publish('schemaChanged', { autoPurgeCache: opts?.autoPurgeCache });
 }
 export async function setSystemCache(key, value, ttl) {

package/dist/cli/commands/bootstrap/index.js CHANGED Viewed

@@ -2,12 +2,14 @@ import { useEnv } from '@directus/env';
 import getDatabase, { hasDatabaseConnection, isInstalled, validateDatabaseConnection, } from '../../../database/index.js';
 import runMigrations from '../../../database/migrations/run.js';
 import installDatabase from '../../../database/seeds/run.js';
-import { useLogger } from '../../../logger.js';
+import { useLogger } from '../../../logger/index.js';
+import { AccessService } from '../../../services/access.js';
+import { PoliciesService } from '../../../services/policies.js';
 import { RolesService } from '../../../services/roles.js';
 import { SettingsService } from '../../../services/settings.js';
 import { UsersService } from '../../../services/users.js';
 import { getSchema } from '../../../utils/get-schema.js';
-import { defaultAdminRole, defaultAdminUser } from '../../utils/defaults.js';
+import { defaultAdminPolicy, defaultAdminRole, defaultAdminUser } from '../../utils/defaults.js';
 export default async function bootstrap({ skipAdminInit }) {
     const logger = useLogger();
     logger.info('Initializing bootstrap...');
@@ -58,8 +60,12 @@ async function createDefaultAdmin(schema) {
     const env = useEnv();
     const { nanoid } = await import('nanoid');
     logger.info('Setting up first admin role...');
+    const accessService = new AccessService({ schema });
+    const policiesService = new PoliciesService({ schema });
     const rolesService = new RolesService({ schema });
     const role = await rolesService.createOne(defaultAdminRole);
+    const policy = await policiesService.createOne(defaultAdminPolicy);
+    await accessService.createOne({ policy, role });
     logger.info('Adding first admin user...');
     const usersService = new UsersService({ schema });
     let adminEmail = env['ADMIN_EMAIL'];
@@ -72,5 +78,6 @@ async function createDefaultAdmin(schema) {
         adminPassword = nanoid(12);
         logger.info(`No admin password provided. Defaulting to "${adminPassword}"`);
     }
-    await usersService.createOne({ email: adminEmail, password: adminPassword, role, ...defaultAdminUser });
+    const token = env['ADMIN_TOKEN'] ?? null;
+    await usersService.createOne({ ...defaultAdminUser, email: adminEmail, password: adminPassword, token, role });
 }

package/dist/cli/commands/count/index.js CHANGED Viewed

@@ -1,5 +1,5 @@
 import getDatabase from '../../../database/index.js';
-import { useLogger } from '../../../logger.js';
+import { useLogger } from '../../../logger/index.js';
 export default async function count(collection) {
     const database = getDatabase();
     const logger = useLogger();

package/dist/cli/commands/database/install.js CHANGED Viewed

@@ -1,6 +1,6 @@
 import installSeeds from '../../../database/seeds/run.js';
 import getDatabase from '../../../database/index.js';
-import { useLogger } from '../../../logger.js';
+import { useLogger } from '../../../logger/index.js';
 export default async function start() {
     const database = getDatabase();
     const logger = useLogger();

package/dist/cli/commands/database/migrate.js CHANGED Viewed

@@ -1,6 +1,6 @@
 import run from '../../../database/migrations/run.js';
 import getDatabase from '../../../database/index.js';
-import { useLogger } from '../../../logger.js';
+import { useLogger } from '../../../logger/index.js';
 export default async function migrate(direction) {
     const database = getDatabase();
     const logger = useLogger();

package/dist/cli/commands/init/index.js CHANGED Viewed

@@ -9,7 +9,7 @@ import runSeed from '../../../database/seeds/run.js';
 import { generateHash } from '../../../utils/generate-hash.js';
 import createDBConnection from '../../utils/create-db-connection.js';
 import createEnv from '../../utils/create-env/index.js';
-import { defaultAdminRole, defaultAdminUser } from '../../utils/defaults.js';
+import { defaultAdminPolicy, defaultAdminRole, defaultAdminUser } from '../../utils/defaults.js';
 import { drivers, getDriverForClient } from '../../utils/drivers.js';
 import { databaseQuestions } from './questions.js';
 export default async function init() {
@@ -79,18 +79,17 @@ export default async function init() {
         },
     ]);
     firstUser.password = await generateHash(firstUser.password);
-    const userID = randomUUID();
-    const roleID = randomUUID();
-    await db('directus_roles').insert({
-        id: roleID,
-        ...defaultAdminRole,
-    });
+    const role = randomUUID();
+    const policy = randomUUID();
+    await db('directus_roles').insert({ ...defaultAdminRole, id: role });
+    await db('directus_policies').insert({ ...defaultAdminPolicy, id: policy });
+    await db('directus_access').insert({ id: randomUUID(), role, policy });
     await db('directus_users').insert({
-        id: userID,
+        ...defaultAdminUser,
+        id: randomUUID(),
         email: firstUser.email,
         password: firstUser.password,
-        role: roleID,
-        ...defaultAdminUser,
+        role,
     });
     await db.destroy();
     process.stdout.write(`\nYour project has been created at ${chalk.green(rootPath)}.\n`);

package/dist/cli/commands/roles/create.js CHANGED Viewed

@@ -1,7 +1,7 @@
 import { getSchema } from '../../../utils/get-schema.js';
 import { RolesService } from '../../../services/roles.js';
 import getDatabase from '../../../database/index.js';
-import { useLogger } from '../../../logger.js';
+import { useLogger } from '../../../logger/index.js';
 export default async function rolesCreate({ role: name, admin }) {
     const database = getDatabase();
     const logger = useLogger();

package/dist/cli/commands/schema/apply.js CHANGED Viewed

@@ -5,7 +5,7 @@ import inquirer from 'inquirer';
 import { load as loadYaml } from 'js-yaml';
 import path from 'path';
 import getDatabase, { isInstalled, validateDatabaseConnection } from '../../../database/index.js';
-import { useLogger } from '../../../logger.js';
+import { useLogger } from '../../../logger/index.js';
 import { DiffKind } from '../../../types/index.js';
 import { isNestedMetaUpdate } from '../../../utils/apply-diff.js';
 import { applySnapshot } from '../../../utils/apply-snapshot.js';

package/dist/cli/commands/schema/snapshot.js CHANGED Viewed

@@ -3,7 +3,7 @@ import inquirer from 'inquirer';
 import { dump as toYaml } from 'js-yaml';
 import path from 'path';
 import getDatabase from '../../../database/index.js';
-import { useLogger } from '../../../logger.js';
+import { useLogger } from '../../../logger/index.js';
 import { getSnapshot } from '../../../utils/get-snapshot.js';
 export async function snapshot(snapshotPath, options) {
     const database = getDatabase();

package/dist/cli/commands/users/create.js CHANGED Viewed

@@ -1,5 +1,5 @@
 import getDatabase from '../../../database/index.js';
-import { useLogger } from '../../../logger.js';
+import { useLogger } from '../../../logger/index.js';
 import { UsersService } from '../../../services/users.js';
 import { getSchema } from '../../../utils/get-schema.js';
 export default async function usersCreate({ email, password, role, }) {

package/dist/cli/commands/users/passwd.js CHANGED Viewed

@@ -1,5 +1,5 @@
 import getDatabase from '../../../database/index.js';
-import { useLogger } from '../../../logger.js';
+import { useLogger } from '../../../logger/index.js';
 import { UsersService } from '../../../services/users.js';
 import { generateHash } from '../../../utils/generate-hash.js';
 import { getSchema } from '../../../utils/get-schema.js';

package/dist/cli/load-extensions.js CHANGED Viewed

@@ -1,7 +1,7 @@
 import { useEnv } from '@directus/env';
 import { isInstalled, validateMigrations } from '../database/index.js';
 import { getExtensionManager } from '../extensions/index.js';
-import { useLogger } from '../logger.js';
+import { useLogger } from '../logger/index.js';
 export const loadExtensions = async () => {
     const env = useEnv();
     const logger = useLogger();

package/dist/cli/utils/defaults.d.ts CHANGED Viewed

@@ -1,11 +1,4 @@
-export declare const defaultAdminRole: {
-    name: string;
-    icon: string;
-    admin_access: boolean;
-    description: string;
-};
-export declare const defaultAdminUser: {
-    status: string;
-    first_name: string;
-    last_name: string;
-};
+import type { Policy, Role, User } from '@directus/types';
+export declare const defaultAdminRole: Partial<Role>;
+export declare const defaultAdminUser: Partial<User>;
+export declare const defaultAdminPolicy: Partial<Policy>;

package/dist/cli/utils/defaults.js CHANGED Viewed

@@ -1,7 +1,6 @@
 export const defaultAdminRole = {
     name: 'Administrator',
     icon: 'verified',
-    admin_access: true,
     description: '$t:admin_description',
 };
 export const defaultAdminUser = {
@@ -9,3 +8,10 @@ export const defaultAdminUser = {
     first_name: 'Admin',
     last_name: 'User',
 };
+export const defaultAdminPolicy = {
+    name: 'Administrator',
+    icon: 'verified',
+    admin_access: true,
+    app_access: true,
+    description: '$t:admin_description',
+};

package/dist/constants.d.ts CHANGED Viewed

@@ -6,7 +6,7 @@ export declare const FILTER_VARIABLES: string[];
 export declare const ALIAS_TYPES: string[];
 export declare const DEFAULT_AUTH_PROVIDER = "default";
 export declare const COLUMN_TRANSFORMS: string[];
-export declare const GENERATE_SPECIAL: string[];
+export declare const GENERATE_SPECIAL: readonly ["uuid", "date-created", "role-created", "user-created"];
 export declare const UUID_REGEX = "[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}";
 export declare const REFRESH_COOKIE_OPTIONS: CookieOptions;
 export declare const SESSION_COOKIE_OPTIONS: CookieOptions;

package/dist/constants.js CHANGED Viewed

@@ -82,8 +82,8 @@ export const SUPPORTED_IMAGE_METADATA_FORMATS = [
 /** Resumable uploads */
 export const RESUMABLE_UPLOADS = {
     ENABLED: toBoolean(env['TUS_ENABLED']),
-    CHUNK_SIZE: bytes(env['TUS_CHUNK_SIZE']),
-    MAX_SIZE: bytes(env['FILES_MAX_UPLOAD_SIZE']),
+    CHUNK_SIZE: bytes.parse(env['TUS_CHUNK_SIZE']),
+    MAX_SIZE: bytes.parse(env['FILES_MAX_UPLOAD_SIZE']),
     EXPIRATION_TIME: getMilliseconds(env['TUS_UPLOAD_EXPIRATION'], 600_000 /* 10min */),
     SCHEDULE: String(env['TUS_CLEANUP_SCHEDULE']),
 };

package/dist/controllers/access.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ declare const router: import("express-serve-static-core").Router;
2	+ export default router;

package/dist/controllers/access.js ADDED Viewed

@@ -0,0 +1,148 @@
+import { ErrorCode, isDirectusError } from '@directus/errors';
+import express from 'express';
+import { respond } from '../middleware/respond.js';
+import useCollection from '../middleware/use-collection.js';
+import { validateBatch } from '../middleware/validate-batch.js';
+import { MetaService } from '../services/meta.js';
+import { AccessService } from '../services/access.js';
+import asyncHandler from '../utils/async-handler.js';
+import { sanitizeQuery } from '../utils/sanitize-query.js';
+const router = express.Router();
+router.use(useCollection('directus_access'));
+router.post('/', asyncHandler(async (req, res, next) => {
+    const service = new AccessService({
+        accountability: req.accountability,
+        schema: req.schema,
+    });
+    const savedKeys = [];
+    if (Array.isArray(req.body)) {
+        const keys = await service.createMany(req.body);
+        savedKeys.push(...keys);
+    }
+    else {
+        const key = await service.createOne(req.body);
+        savedKeys.push(key);
+    }
+    try {
+        if (Array.isArray(req.body)) {
+            const items = await service.readMany(savedKeys, req.sanitizedQuery);
+            res.locals['payload'] = { data: items };
+        }
+        else {
+            const item = await service.readOne(savedKeys[0], req.sanitizedQuery);
+            res.locals['payload'] = { data: item };
+        }
+    }
+    catch (error) {
+        if (isDirectusError(error, ErrorCode.Forbidden)) {
+            return next();
+        }
+        throw error;
+    }
+    return next();
+}), respond);
+const readHandler = asyncHandler(async (req, res, next) => {
+    const service = new AccessService({
+        accountability: req.accountability,
+        schema: req.schema,
+    });
+    const metaService = new MetaService({
+        accountability: req.accountability,
+        schema: req.schema,
+    });
+    let result;
+    if (req.body.keys) {
+        result = await service.readMany(req.body.keys, req.sanitizedQuery);
+    }
+    else {
+        result = await service.readByQuery(req.sanitizedQuery);
+    }
+    const meta = await metaService.getMetaForQuery('directus_access', req.sanitizedQuery);
+    res.locals['payload'] = { data: result, meta };
+    return next();
+});
+router.get('/', validateBatch('read'), readHandler, respond);
+router.search('/', validateBatch('read'), readHandler, respond);
+router.get('/:pk', asyncHandler(async (req, res, next) => {
+    if (req.path.endsWith('me'))
+        return next();
+    const service = new AccessService({
+        accountability: req.accountability,
+        schema: req.schema,
+    });
+    const record = await service.readOne(req.params['pk'], req.sanitizedQuery);
+    res.locals['payload'] = { data: record };
+    return next();
+}), respond);
+router.patch('/', validateBatch('update'), asyncHandler(async (req, res, next) => {
+    const service = new AccessService({
+        accountability: req.accountability,
+        schema: req.schema,
+    });
+    let keys = [];
+    if (Array.isArray(req.body)) {
+        keys = await service.updateBatch(req.body);
+    }
+    else if (req.body.keys) {
+        keys = await service.updateMany(req.body.keys, req.body.data);
+    }
+    else {
+        const sanitizedQuery = sanitizeQuery(req.body.query, req.accountability);
+        keys = await service.updateByQuery(sanitizedQuery, req.body.data);
+    }
+    try {
+        const result = await service.readMany(keys, req.sanitizedQuery);
+        res.locals['payload'] = { data: result };
+    }
+    catch (error) {
+        if (isDirectusError(error, ErrorCode.Forbidden)) {
+            return next();
+        }
+        throw error;
+    }
+    return next();
+}), respond);
+router.patch('/:pk', asyncHandler(async (req, res, next) => {
+    const service = new AccessService({
+        accountability: req.accountability,
+        schema: req.schema,
+    });
+    const primaryKey = await service.updateOne(req.params['pk'], req.body);
+    try {
+        const item = await service.readOne(primaryKey, req.sanitizedQuery);
+        res.locals['payload'] = { data: item || null };
+    }
+    catch (error) {
+        if (isDirectusError(error, ErrorCode.Forbidden)) {
+            return next();
+        }
+        throw error;
+    }
+    return next();
+}), respond);
+router.delete('/', validateBatch('delete'), asyncHandler(async (req, _res, next) => {
+    const service = new AccessService({
+        accountability: req.accountability,
+        schema: req.schema,
+    });
+    if (Array.isArray(req.body)) {
+        await service.deleteMany(req.body);
+    }
+    else if (req.body.keys) {
+        await service.deleteMany(req.body.keys);
+    }
+    else {
+        const sanitizedQuery = sanitizeQuery(req.body.query, req.accountability);
+        await service.deleteByQuery(sanitizedQuery);
+    }
+    return next();
+}), respond);
+router.delete('/:pk', asyncHandler(async (req, _res, next) => {
+    const service = new AccessService({
+        accountability: req.accountability,
+        schema: req.schema,
+    });
+    await service.deleteOne(req.params['pk']);
+    return next();
+}), respond);
+export default router;

package/dist/controllers/assets.js CHANGED Viewed

@@ -6,7 +6,7 @@ import { Router } from 'express';
 import { merge, pick } from 'lodash-es';
 import { ASSET_TRANSFORM_QUERY_KEYS, SYSTEM_ASSET_ALLOW_LIST } from '../constants.js';
 import getDatabase from '../database/index.js';
-import { useLogger } from '../logger.js';
+import { useLogger } from '../logger/index.js';
 import useCollection from '../middleware/use-collection.js';
 import { AssetsService } from '../services/assets.js';
 import { PayloadService } from '../services/payload.js';