npm - @directus/api - Versions diffs - 20.1.0 → 21.0.0-rc.0 - Mend

@directus/api 20.1.0 → 21.0.0-rc.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (328) hide show

package/dist/database/get-ast-from-query/lib/parse-fields.js ADDED Viewed

@@ -0,0 +1,190 @@
+import { REGEX_BETWEEN_PARENS } from '@directus/constants';
+import { isEmpty } from 'lodash-es';
+import { fetchPermissions } from '../../../permissions/lib/fetch-permissions.js';
+import { fetchPolicies } from '../../../permissions/lib/fetch-policies.js';
+import { getRelationType } from '../../../utils/get-relation-type.js';
+import { getDeepQuery } from '../utils/get-deep-query.js';
+import { getRelatedCollection } from '../utils/get-related-collection.js';
+import { getRelation } from '../utils/get-relation.js';
+import { convertWildcards } from './convert-wildcards.js';
+export async function parseFields(options, context) {
+    let { fields } = options;
+    if (!fields)
+        return [];
+    fields = await convertWildcards({
+        fields,
+        parentCollection: options.parentCollection,
+        query: options.query,
+        accountability: options.accountability,
+    }, context);
+    if (!fields || !Array.isArray(fields))
+        return [];
+    const children = [];
+    const policies = options.accountability && options.accountability.admin === false
+        ? await fetchPolicies(options.accountability, context)
+        : null;
+    const relationalStructure = Object.create(null);
+    for (const fieldKey of fields) {
+        let name = fieldKey;
+        if (options.query.alias) {
+            // check for field alias (is one of the key)
+            if (name in options.query.alias) {
+                name = options.query.alias[fieldKey];
+            }
+        }
+        const isRelational = name.includes('.') ||
+            // We'll always treat top level o2m fields as a related item. This is an alias field, otherwise it won't return
+            // anything
+            !!context.schema.relations.find((relation) => relation.related_collection === options.parentCollection && relation.meta?.one_field === name);
+        if (isRelational) {
+            // field is relational
+            const parts = fieldKey.split('.');
+            let rootField = parts[0];
+            let collectionScope = null;
+            // a2o related collection scoped field selector `fields=sections.section_id:headings.title`
+            if (rootField.includes(':')) {
+                const [key, scope] = rootField.split(':');
+                rootField = key;
+                collectionScope = scope;
+            }
+            if (rootField in relationalStructure === false) {
+                if (collectionScope) {
+                    relationalStructure[rootField] = { [collectionScope]: [] };
+                }
+                else {
+                    relationalStructure[rootField] = [];
+                }
+            }
+            if (parts.length > 1) {
+                const childKey = parts.slice(1).join('.');
+                if (collectionScope) {
+                    if (collectionScope in relationalStructure[rootField] === false) {
+                        relationalStructure[rootField][collectionScope] = [];
+                    }
+                    relationalStructure[rootField][collectionScope].push(childKey);
+                }
+                else {
+                    relationalStructure[rootField].push(childKey);
+                }
+            }
+        }
+        else {
+            if (name.includes('(') && name.includes(')')) {
+                const columnName = name.match(REGEX_BETWEEN_PARENS)[1];
+                const foundField = context.schema.collections[options.parentCollection].fields[columnName];
+                if (foundField && foundField.type === 'alias') {
+                    const foundRelation = context.schema.relations.find((relation) => relation.related_collection === options.parentCollection && relation.meta?.one_field === columnName);
+                    if (foundRelation) {
+                        children.push({
+                            type: 'functionField',
+                            name,
+                            fieldKey,
+                            query: {},
+                            relatedCollection: foundRelation.collection,
+                            whenCase: [],
+                            cases: [],
+                        });
+                        continue;
+                    }
+                }
+            }
+            children.push({ type: 'field', name, fieldKey, whenCase: [] });
+        }
+    }
+    for (const [fieldKey, nestedFields] of Object.entries(relationalStructure)) {
+        let fieldName = fieldKey;
+        if (options.query.alias && fieldKey in options.query.alias) {
+            fieldName = options.query.alias[fieldKey];
+        }
+        const relatedCollection = getRelatedCollection(context.schema, options.parentCollection, fieldName);
+        const relation = getRelation(context.schema, options.parentCollection, fieldName);
+        if (!relation)
+            continue;
+        const relationType = getRelationType({
+            relation,
+            collection: options.parentCollection,
+            field: fieldName,
+        });
+        if (!relationType)
+            continue;
+        let child = null;
+        if (relationType === 'a2o') {
+            const allowedCollections = relation.meta.one_allowed_collections;
+            child = {
+                type: 'a2o',
+                names: allowedCollections,
+                children: {},
+                query: {},
+                relatedKey: {},
+                parentKey: context.schema.collections[options.parentCollection].primary,
+                fieldKey: fieldKey,
+                relation: relation,
+                cases: {},
+                whenCase: [],
+            };
+            for (const relatedCollection of allowedCollections) {
+                child.children[relatedCollection] = await parseFields({
+                    parentCollection: relatedCollection,
+                    fields: Array.isArray(nestedFields)
+                        ? nestedFields
+                        : nestedFields[relatedCollection] || [],
+                    query: options.query,
+                    deep: options.deep?.[`${fieldKey}:${relatedCollection}`],
+                    accountability: options.accountability,
+                }, context);
+                child.query[relatedCollection] = getDeepQuery(options.deep?.[`${fieldKey}:${relatedCollection}`] || {});
+                child.relatedKey[relatedCollection] = context.schema.collections[relatedCollection].primary;
+            }
+        }
+        else if (relatedCollection) {
+            if (options.accountability && options.accountability.admin === false && policies) {
+                const permissions = await fetchPermissions({
+                    action: 'read',
+                    collections: [relatedCollection],
+                    policies: policies,
+                    accountability: options.accountability,
+                }, context);
+                // Skip related collection if no permissions
+                if (permissions.length === 0) {
+                    continue;
+                }
+            }
+            // update query alias for children parseFields
+            const deepAlias = getDeepQuery(options.deep?.[fieldKey] || {})?.['alias'];
+            if (!isEmpty(deepAlias))
+                options.query.alias = deepAlias;
+            child = {
+                type: relationType,
+                name: relatedCollection,
+                fieldKey: fieldKey,
+                parentKey: context.schema.collections[options.parentCollection].primary,
+                relatedKey: context.schema.collections[relatedCollection].primary,
+                relation: relation,
+                query: getDeepQuery(options.deep?.[fieldKey] || {}),
+                children: await parseFields({
+                    parentCollection: relatedCollection,
+                    fields: nestedFields,
+                    query: options.query,
+                    deep: options.deep?.[fieldKey] || {},
+                    accountability: options.accountability,
+                }, context),
+                cases: [],
+                whenCase: [],
+            };
+            if (relationType === 'o2m' && !child.query.sort) {
+                child.query.sort = [relation.meta?.sort_field || context.schema.collections[relation.collection].primary];
+            }
+        }
+        if (child) {
+            children.push(child);
+        }
+    }
+    // Deduplicate any children fields that are included both as a regular field, and as a nested m2o field
+    const nestedCollectionNodes = children.filter((childNode) => childNode.type !== 'field');
+    return children.filter((childNode) => {
+        const existsAsNestedRelational = !!nestedCollectionNodes.find((nestedCollectionNode) => childNode.fieldKey === nestedCollectionNode.fieldKey);
+        if (childNode.type === 'field' && existsAsNestedRelational)
+            return false;
+        return true;
+    });
+}

package/dist/database/get-ast-from-query/utils/get-deep-query.d.ts ADDED Viewed

@@ -0,0 +1,14 @@
+/**
+ * Convert Deep query object to regular query object by ignoring all nested fields and returning the
+ * `_` prefixed fields as top level query fields
+ *
+ * @example
+ *
+ * ```js
+ * getDeepQuery({
+ *   _sort: ['a']
+ * });
+ * // => { sort: ['a'] }
+ * ```
+ */
+export declare function getDeepQuery(query: Record<string, any>): Record<string, any>;

package/dist/database/get-ast-from-query/utils/get-deep-query.js ADDED Viewed

@@ -0,0 +1,17 @@
+import { mapKeys, omitBy } from 'lodash-es';
+/**
+ * Convert Deep query object to regular query object by ignoring all nested fields and returning the
+ * `_` prefixed fields as top level query fields
+ *
+ * @example
+ *
+ * ```js
+ * getDeepQuery({
+ *   _sort: ['a']
+ * });
+ * // => { sort: ['a'] }
+ * ```
+ */
+export function getDeepQuery(query) {
+    return mapKeys(omitBy(query, (_value, key) => key.startsWith('_') === false), (_value, key) => key.substring(1));
+}

package/dist/database/get-ast-from-query/utils/get-related-collection.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import type { SchemaOverview } from '@directus/types';
2	+ export declare function getRelatedCollection(schema: SchemaOverview, collection: string, field: string): string \| null;

package/dist/database/get-ast-from-query/utils/get-related-collection.js ADDED Viewed

@@ -0,0 +1,13 @@
+import { getRelation } from './get-relation.js';
+export function getRelatedCollection(schema, collection, field) {
+    const relation = getRelation(schema, collection, field);
+    if (!relation)
+        return null;
+    if (relation.collection === collection && relation.field === field) {
+        return relation.related_collection || null;
+    }
+    if (relation.related_collection === collection && relation.meta?.one_field === field) {
+        return relation.collection || null;
+    }
+    return null;
+}

package/dist/database/get-ast-from-query/utils/get-relation.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import type { SchemaOverview } from '@directus/types';
2	+ export declare function getRelation(schema: SchemaOverview, collection: string, field: string): import("@directus/types").Relation \| undefined;

package/dist/database/get-ast-from-query/utils/get-relation.js ADDED Viewed

@@ -0,0 +1,7 @@
+export function getRelation(schema, collection, field) {
+    const relation = schema.relations.find((relation) => {
+        return ((relation.collection === collection && relation.field === field) ||
+            (relation.related_collection === collection && relation.meta?.one_field === field));
+    });
+    return relation;
+}

package/dist/database/helpers/fn/types.d.ts CHANGED Viewed

@@ -1,9 +1,10 @@
-import type { Query, SchemaOverview } from '@directus/types';
+import type { Filter, Query, SchemaOverview } from '@directus/types';
 import type { Knex } from 'knex';
 import { DatabaseHelper } from '../types.js';
 export type FnHelperOptions = {
     type: string | undefined;
     query: Query | undefined;
+    cases: Filter[] | undefined;
     originalCollectionName: string | undefined;
 };
 export declare abstract class FnHelper extends DatabaseHelper {

package/dist/database/helpers/fn/types.js CHANGED Viewed

@@ -28,7 +28,7 @@ export class FnHelper extends DatabaseHelper {
                     collection: relation.collection,
                 },
             };
-            countQuery = applyFilter(this.knex, this.schema, countQuery, options.query.filter, relation.collection, aliasMap).query;
+            countQuery = applyFilter(this.knex, this.schema, countQuery, options.query.filter, relation.collection, aliasMap, options.cases ?? []).query;
         }
         return this.knex.raw('(' + countQuery.toQuery() + ')');
     }

package/dist/database/helpers/geometry/dialects/mssql.d.ts CHANGED Viewed

@@ -6,7 +6,7 @@ export declare class GeometryHelperMSSQL extends GeometryHelper {
     isTrue(expression: Knex.Raw): Knex.Raw<any>;
     isFalse(expression: Knex.Raw): Knex.Raw<any>;
     createColumn(table: Knex.CreateTableBuilder, field: RawField | Field): Knex.ColumnBuilder;
-    asText(table: string, column: string): Knex.Raw;
+    asText(table: string, column: string, alias: string | false): Knex.Raw;
     fromText(text: string): Knex.Raw;
     _intersects(key: string, geojson: GeoJSONGeometry): Knex.Raw;
     _intersects_bbox(key: string, geojson: GeoJSONGeometry): Knex.Raw;

package/dist/database/helpers/geometry/dialects/mssql.js CHANGED Viewed

@@ -12,8 +12,10 @@ export class GeometryHelperMSSQL extends GeometryHelper {
         }
         return table.specificType(field.field, 'geometry');
     }
-    asText(table, column) {
-        return this.knex.raw('??.??.STAsText() as ??', [table, column, column]);
+    asText(table, column, alias) {
+        if (alias)
+            return this.knex.raw('??.??.STAsText() as ??', [table, column, alias]);
+        return this.knex.raw('??.??.STAsText()', [table, column]);
     }
     fromText(text) {
         return this.knex.raw('geometry::STGeomFromText(?, 4326)', text);

package/dist/database/helpers/geometry/dialects/mysql.js CHANGED Viewed

@@ -1,7 +1,7 @@
 import { GeometryHelper } from '../types.js';
 export class GeometryHelperMySQL extends GeometryHelper {
     collect(table, column) {
-        return this.knex.raw(`concat('geometrycollection(', group_concat(? separator ', '), ')'`, this.asText(table, column));
+        return this.knex.raw(`concat('geometrycollection(', group_concat(? separator ', '), ')'`, this.asText(table, column, column));
     }
     fromText(text) {
         return this.knex.raw('st_geomfromtext(?)', text);

package/dist/database/helpers/geometry/dialects/oracle.d.ts CHANGED Viewed

@@ -6,7 +6,7 @@ export declare class GeometryHelperOracle extends GeometryHelper {
     isTrue(expression: Knex.Raw): Knex.Raw<any>;
     isFalse(expression: Knex.Raw): Knex.Raw<any>;
     createColumn(table: Knex.CreateTableBuilder, field: RawField | Field): Knex.ColumnBuilder;
-    asText(table: string, column: string): Knex.Raw;
+    asText(table: string, column: string, alias: string | false): Knex.Raw;
     asGeoJSON(table: string, column: string): Knex.Raw;
     fromText(text: string): Knex.Raw;
     _intersects(key: string, geojson: GeoJSONGeometry): Knex.Raw;

package/dist/database/helpers/geometry/dialects/oracle.js CHANGED Viewed

@@ -12,8 +12,10 @@ export class GeometryHelperOracle extends GeometryHelper {
         }
         return table.specificType(field.field, 'sdo_geometry');
     }
-    asText(table, column) {
-        return this.knex.raw('sdo_util.to_wktgeometry(??.??) as ??', [table, column, column]);
+    asText(table, column, alias) {
+        if (alias)
+            return this.knex.raw('sdo_util.to_wktgeometry(??.??) as ??', [table, column, alias]);
+        return this.knex.raw('sdo_util.to_wktgeometry(??.??)', [table, column]);
     }
     asGeoJSON(table, column) {
         return this.knex.raw('sdo_util.to_geojson(??.??) as ??', [table, column, column]);
@@ -30,6 +32,6 @@ export class GeometryHelperOracle extends GeometryHelper {
         return this.knex.raw(`sdo_overlapbdyintersect(sdo_geom.sdo_mbr(??), sdo_geom.sdo_mbr(?))`, [key, geometry]);
     }
     collect(table, column) {
-        return this.knex.raw(`concat('geometrycollection(', listagg(?, ', '), ')'`, this.asText(table, column));
+        return this.knex.raw(`concat('geometrycollection(', listagg(?, ', '), ')'`, this.asText(table, column, column));
     }
 }

package/dist/database/helpers/geometry/types.d.ts CHANGED Viewed

@@ -7,7 +7,7 @@ export declare abstract class GeometryHelper extends DatabaseHelper {
     isTrue(expression: Knex.Raw): Knex.Raw<any>;
     isFalse(expression: Knex.Raw): Knex.Raw<any>;
     createColumn(table: Knex.CreateTableBuilder, field: RawField | Field): Knex.ColumnBuilder;
-    asText(table: string, column: string): Knex.Raw;
+    asText(table: string, column: string, alias: string | false): Knex.Raw;
     fromText(text: string): Knex.Raw;
     fromGeoJSON(geojson: GeoJSONGeometry): Knex.Raw;
     _intersects(key: string, geojson: GeoJSONGeometry): Knex.Raw;

package/dist/database/helpers/geometry/types.js CHANGED Viewed

@@ -14,8 +14,10 @@ export class GeometryHelper extends DatabaseHelper {
         const type = field.type.split('.')[1] ?? 'geometry';
         return table.specificType(field.field, type);
     }
-    asText(table, column) {
-        return this.knex.raw('st_astext(??.??) as ??', [table, column, column]);
+    asText(table, column, alias) {
+        if (alias)
+            return this.knex.raw('st_astext(??.??) as ??', [table, column, alias]);
+        return this.knex.raw('st_astext(??.??)', [table, column]);
     }
     fromText(text) {
         return this.knex.raw('st_geomfromtext(?, 4326)', text);

package/dist/database/index.js CHANGED Viewed

@@ -9,7 +9,7 @@ import path from 'path';
 import { performance } from 'perf_hooks';
 import { promisify } from 'util';
 import { getExtensionsPath } from '../extensions/lib/get-extensions-path.js';
-import { useLogger } from '../logger.js';
+import { useLogger } from '../logger/index.js';
 import { getConfigFromEnv } from '../utils/get-config-from-env.js';
 import { validateEnv } from '../utils/validate-env.js';
 import { getHelpers } from './helpers/index.js';
@@ -106,6 +106,7 @@ export function getDatabase() {
         };
     }
     if (client === 'mysql') {
+        Object.assign(knexConfig, { client: 'mysql2' });
         poolConfig.afterCreate = async (conn, callback) => {
             logger.trace('Retrieving database version');
             const run = promisify(conn.query.bind(conn));
@@ -185,7 +186,7 @@ export async function validateDatabaseConnection(database) {
 export function getDatabaseClient(database) {
     database = database ?? getDatabase();
     switch (database.client.constructor.name) {
-        case 'Client_MySQL':
+        case 'Client_MySQL2':
             return 'mysql';
         case 'Client_PG':
             return 'postgres';

package/dist/database/migrations/20210518A-add-foreign-key-constraints.js CHANGED Viewed

@@ -1,5 +1,5 @@
 import { createInspector } from '@directus/schema';
-import { useLogger } from '../../logger.js';
+import { useLogger } from '../../logger/index.js';
 import { getDefaultIndexName } from '../../utils/get-default-index-name.js';
 export async function up(knex) {
     const logger = useLogger();

package/dist/database/migrations/20210519A-add-system-fk-triggers.js CHANGED Viewed

@@ -1,5 +1,5 @@
 import { createInspector } from '@directus/schema';
-import { useLogger } from '../../logger.js';
+import { useLogger } from '../../logger/index.js';
 /**
  * Things to keep in mind:
  *

package/dist/database/migrations/20210802A-replace-groups.js CHANGED Viewed

@@ -1,5 +1,5 @@
 import { parseJSON } from '@directus/utils';
-import { useLogger } from '../../logger.js';
+import { useLogger } from '../../logger/index.js';
 export async function up(knex) {
     const logger = useLogger();
     const dividerGroups = await knex.select('*').from('directus_fields').where('interface', '=', 'group-divider');

package/dist/database/migrations/20230721A-require-shares-fields.js CHANGED Viewed

@@ -1,5 +1,5 @@
 import { createInspector } from '@directus/schema';
-import { useLogger } from '../../logger.js';
+import { useLogger } from '../../logger/index.js';
 import { getHelpers } from '../helpers/index.js';
 export async function up(knex) {
     const helper = getHelpers(knex).schema;

package/dist/database/migrations/20240710A-permissions-policies.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+import type { Knex } from 'knex';
+export declare function up(knex: Knex): Promise<void>;
+export declare function down(knex: Knex): Promise<void>;

package/dist/database/migrations/20240710A-permissions-policies.js ADDED Viewed

@@ -0,0 +1,169 @@
+import { randomUUID } from 'node:crypto';
+import { processChunk } from '@directus/utils';
+/**
+ * The public role used to be `null`, we gotta create a single new policy for the permissions
+ * previously attached to the public role (marked through `role = null`).
+ */
+const PUBLIC_POLICY_ID = 'abf8a154-5b1c-4a46-ac9c-7300570f4f17';
+export async function up(knex) {
+    /////////////////////////////////////////////////////////////////////////////////////////////////
+    // If the policies table already exists the migration has already run
+    if (await knex.schema.hasTable('directus_policies')) {
+        return;
+    }
+    /////////////////////////////////////////////////////////////////////////////////////////////////
+    // Create new policies table that mirrors previous Roles
+    await knex.schema.createTable('directus_policies', (table) => {
+        table.uuid('id').primary();
+        table.string('name', 100).notNullable();
+        table.string('icon', 64).notNullable().defaultTo('badge');
+        table.text('description');
+        table.text('ip_access');
+        table.boolean('enforce_tfa').defaultTo(false).notNullable();
+        table.boolean('admin_access').defaultTo(false).notNullable();
+        table.boolean('app_access').defaultTo(false).notNullable();
+    });
+    /////////////////////////////////////////////////////////////////////////////////////////////////
+    // Copy over all existing roles into new policies
+    const roles = await knex
+        .select('id', 'name', 'icon', 'description', 'ip_access', 'enforce_tfa', 'admin_access', 'app_access')
+        .from('directus_roles');
+    if (roles.length > 0) {
+        await processChunk(roles, 100, async (chunk) => {
+            await knex('directus_policies').insert(chunk);
+        });
+    }
+    await knex
+        .insert({
+        id: PUBLIC_POLICY_ID,
+        name: '$t:public_label',
+        icon: 'public',
+        description: '$t:public_description',
+        app_access: false,
+    })
+        .into('directus_policies');
+    // Change the admin policy description to $t:admin_policy_description
+    await knex('directus_policies')
+        .update({
+        description: '$t:admin_policy_description',
+    })
+        .where('description', 'LIKE', '$t:admin_description');
+    /////////////////////////////////////////////////////////////////////////////////////////////////
+    // Remove access control + add nesting to roles
+    await knex.schema.alterTable('directus_roles', (table) => {
+        table.dropColumn('ip_access');
+        table.dropColumn('enforce_tfa');
+        table.dropColumn('admin_access');
+        table.dropColumn('app_access');
+        table.uuid('parent').references('directus_roles.id');
+    });
+    /////////////////////////////////////////////////////////////////////////////////////////////////
+    // Link permissions to policies instead of roles
+    await knex.schema.alterTable('directus_permissions', (table) => {
+        table.uuid('policy').references('directus_policies.id').onDelete('CASCADE');
+        // Drop the foreign key constraint here in order to update `null` role to public policy ID
+        table.dropForeign('role');
+    });
+    await knex('directus_permissions')
+        .update({
+        role: PUBLIC_POLICY_ID,
+    })
+        .whereNull('role');
+    await knex('directus_permissions').update({
+        policy: knex.ref('role'),
+    });
+    await knex.schema.alterTable('directus_permissions', (table) => {
+        table.dropColumns('role');
+        table.dropNullable('policy');
+    });
+    /////////////////////////////////////////////////////////////////////////////////////////////////
+    // Setup junction table between roles/users and policies
+    // This could be a A2O style setup with a collection/item field rather than individual foreign
+    // keys, but we want to be able to show the reverse-relationship on the individual policies as
+    // well, which would require the O2A type to exist in Directus which currently doesn't.
+    // Shouldn't be the end of the world here, as we know we're only attaching policies to two other
+    // collections.
+    await knex.schema.createTable('directus_access', (table) => {
+        table.uuid('id').primary();
+        table.uuid('role').references('directus_roles.id').nullable().onDelete('CASCADE');
+        table.uuid('user').references('directus_users.id').nullable().onDelete('CASCADE');
+        table.uuid('policy').references('directus_policies.id').notNullable().onDelete('CASCADE');
+        table.integer('sort');
+    });
+    /////////////////////////////////////////////////////////////////////////////////////////////////
+    // Attach policies to existing roles for backwards compatibility
+    const policyAttachments = roles.map((role) => ({
+        id: randomUUID(),
+        role: role.id,
+        user: null,
+        policy: role.id,
+        sort: 1,
+    }));
+    await processChunk(policyAttachments, 100, async (chunk) => {
+        await knex('directus_access').insert(chunk);
+    });
+    await knex('directus_access').insert({
+        id: randomUUID(),
+        role: null,
+        user: null,
+        policy: PUBLIC_POLICY_ID,
+        sort: 1,
+    });
+}
+export async function down(knex) {
+    /////////////////////////////////////////////////////////////////////////////////////////////////
+    // Reinstate access control fields on directus roles + remove nesting
+    await knex.schema.alterTable('directus_roles', (table) => {
+        table.text('ip_access');
+        table.boolean('enforce_tfa').defaultTo(false).notNullable();
+        table.boolean('admin_access').defaultTo(false).notNullable();
+        table.boolean('app_access').defaultTo(true).notNullable();
+        table.dropForeign('parent');
+        table.dropColumn('parent');
+    });
+    /////////////////////////////////////////////////////////////////////////////////////////////////
+    // Copy policy access control rules back to roles
+    const policies = await knex
+        .select('id', 'ip_access', 'enforce_tfa', 'admin_access', 'app_access')
+        .from('directus_policies')
+        .whereNot({ id: PUBLIC_POLICY_ID });
+    for (const policy of policies) {
+        await knex('directus_roles')
+            .update({
+            ip_access: policy.ip_access,
+            enforce_tfa: policy.enforce_tfa,
+            admin_access: policy.admin_access,
+            app_access: policy.app_access,
+        })
+            .where({ id: policy.id });
+    }
+    /////////////////////////////////////////////////////////////////////////////////////////////////
+    // Drop all permissions that are only attached to a user
+    // TODO query all policies that are attached to a user and delete their permissions,
+    //  since we don't know were to put them now and it'll cause a foreign key problem
+    //  as soon as we reference directus_roles in directus_permissions again
+    /////////////////////////////////////////////////////////////////////////////////////////////////
+    // Drop policy attachments
+    await knex.schema.dropTable('directus_access');
+    /////////////////////////////////////////////////////////////////////////////////////////////////
+    // Reattach permissions to roles instead of policies
+    await knex.schema.alterTable('directus_permissions', (table) => {
+        table.uuid('role').nullable();
+    });
+    await knex('directus_permissions').update({
+        role: knex.ref('policy'),
+    });
+    await knex('directus_permissions')
+        .update({
+        role: null,
+    })
+        .where({ role: PUBLIC_POLICY_ID });
+    await knex.schema.alterTable('directus_permissions', (table) => {
+        table.uuid('role').references('directus_roles.id').alter();
+        table.dropForeign('policy');
+        table.dropColumn('policy');
+    });
+    /////////////////////////////////////////////////////////////////////////////////////////////////
+    // Drop policies table
+    await knex.schema.dropTable('directus_policies');
+}

package/dist/database/migrations/run.js CHANGED Viewed

@@ -6,7 +6,7 @@ import { dirname } from 'node:path';
 import { fileURLToPath } from 'node:url';
 import path from 'path';
 import { flushCaches } from '../../cache.js';
-import { useLogger } from '../../logger.js';
+import { useLogger } from '../../logger/index.js';
 import getModuleDefault from '../../utils/get-module-default.js';
 const __dirname = dirname(fileURLToPath(import.meta.url));
 export default async function run(database, direction, log = true) {

package/dist/database/run-ast/lib/get-db-query.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+import type { Filter, Query, SchemaOverview } from '@directus/types';
+import type { Knex } from 'knex';
+import type { FieldNode, FunctionFieldNode, O2MNode } from '../../../types/ast.js';
+export declare function getDBQuery(schema: SchemaOverview, knex: Knex, table: string, fieldNodes: (FieldNode | FunctionFieldNode)[], o2mNodes: O2MNode[], query: Query, cases: Filter[]): Knex.QueryBuilder;