npm - @directus/api - Versions diffs - 21.0.0-rc.0 → 22.0.0 - Mend

@directus/api 21.0.0-rc.0 → 22.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (65) hide show

package/dist/utils/apply-query.js CHANGED Viewed

@@ -4,6 +4,7 @@ import { getFilterOperatorsForType, getFunctionsForType, getOutputTypeForFunctio
 import { clone, isPlainObject } from 'lodash-es';
 import { customAlphabet } from 'nanoid/non-secure';
 import { getHelpers } from '../database/helpers/index.js';
+import { applyCaseWhen } from '../database/run-ast/utils/apply-case-when.js';
 import { getColumnPath } from './get-column-path.js';
 import { getColumn } from './get-column.js';
 import { getRelationInfo } from './get-relation-info.js';
@@ -34,9 +35,6 @@ export default function applyQuery(knex, collection, dbQuery, query, schema, cas
     if (query.search) {
         applySearch(knex, schema, dbQuery, query.search, collection);
     }
-    if (query.group) {
-        dbQuery.groupBy(query.group.map((column) => getColumn(knex, collection, column, false, schema)));
-    }
     // `cases` are the permissions cases that are required for the current data set. We're
     // dynamically adding those into the filters that the user provided to enforce the permission
     // rules. You should be able to read an item if one or more of the cases matches. The actual case
@@ -50,6 +48,37 @@ export default function applyQuery(knex, collection, dbQuery, query, schema, cas
         }
         hasMultiRelationalFilter = filterResult.hasMultiRelationalFilter;
     }
+    if (query.group) {
+        const rawColumns = query.group.map((column) => getColumn(knex, collection, column, false, schema));
+        let columns;
+        if (options?.groupWhenCases) {
+            columns = rawColumns.map((column, index) => applyCaseWhen({
+                columnCases: options.groupWhenCases[index].map((caseIndex) => cases[caseIndex]),
+                column,
+                aliasMap,
+                cases,
+                table: collection,
+            }, {
+                knex,
+                schema,
+            }));
+            if (query.sort && query.sort.length === 1 && query.sort[0] === query.group[0]) {
+                // Special case, where the sort query is injected by the group by operation
+                dbQuery.clear('order');
+                let order = 'asc';
+                if (query.sort[0].startsWith('-')) {
+                    order = 'desc';
+                }
+                // @ts-expect-error (orderBy does not accept Knex.Raw for some reason, even though it is handled correctly)
+                // https://github.com/knex/knex/issues/5711
+                dbQuery.orderBy([{ column: columns[0], order }]);
+            }
+        }
+        else {
+            columns = rawColumns;
+        }
+        dbQuery.groupBy(columns);
+    }
     if (query.aggregate) {
         applyAggregate(schema, dbQuery, query.aggregate, collection, hasJoins);
     }
@@ -408,11 +437,17 @@ export function applyFilter(knex, schema, rootQuery, rootFilter, collection, ali
             // Knex supports "raw" in the columnName parameter, but isn't typed as such. Too bad..
             // See https://github.com/knex/knex/issues/4518 @TODO remove as any once knex is updated
             // These operators don't rely on a value, and can thus be used without one (eg `?filter[field][_null]`)
-            if ((operator === '_null' && compareValue !== false) || (operator === '_nnull' && compareValue === false)) {
+            if ((operator === '_null' && compareValue !== false) ||
+                (operator === '_nnull' && compareValue === false) ||
+                (operator === '_eq' && compareValue === null)) {
                 dbQuery[logical].whereNull(selectionRaw);
+                return;
             }
-            if ((operator === '_nnull' && compareValue !== false) || (operator === '_null' && compareValue === false)) {
+            if ((operator === '_nnull' && compareValue !== false) ||
+                (operator === '_null' && compareValue === false) ||
+                (operator === '_neq' && compareValue === null)) {
                 dbQuery[logical].whereNotNull(selectionRaw);
+                return;
             }
             if ((operator === '_empty' && compareValue !== false) || (operator === '_nempty' && compareValue === false)) {
                 dbQuery[logical].andWhere((query) => {

package/dist/utils/fetch-user-count/fetch-access-lookup.d.ts CHANGED Viewed

@@ -5,6 +5,8 @@ export interface AccessLookup {
     user: string | null;
     app_access: boolean | number;
     admin_access: boolean | number;
+    user_status: 'active' | string;
+    user_role: string | null;
 }
 export interface FetchAccessLookupOptions {
     excludeAccessRows?: PrimaryKey[];

package/dist/utils/fetch-user-count/fetch-access-lookup.js CHANGED Viewed

@@ -1,8 +1,9 @@
 export async function fetchAccessLookup(options) {
     let query = options.knex
-        .select('directus_access.role', 'directus_access.user', 'directus_policies.app_access', 'directus_policies.admin_access')
+        .select('directus_access.role', 'directus_access.user', 'directus_policies.app_access', 'directus_policies.admin_access', 'directus_users.status as user_status', 'directus_users.role as user_role')
         .from('directus_access')
-        .leftJoin('directus_policies', 'directus_access.policy', 'directus_policies.id');
+        .leftJoin('directus_policies', 'directus_access.policy', 'directus_policies.id')
+        .leftJoin('directus_users', 'directus_access.user', 'directus_users.id');
     if (options.excludeAccessRows && options.excludeAccessRows.length > 0) {
         query = query.whereNotIn('directus_access.id', options.excludeAccessRows);
     }

package/dist/utils/fetch-user-count/fetch-user-count.js CHANGED Viewed

@@ -12,7 +12,9 @@ export async function fetchUserCount(options) {
         .filter((row) => !toBoolean(row.admin_access) && toBoolean(row.app_access) && row.role !== null)
         .map((row) => row.role));
     // All users that are directly granted rights through a connected policy
-    const adminUsers = new Set(accessRows.filter((row) => toBoolean(row.admin_access) && row.user !== null).map((row) => row.user));
+    const adminUsers = new Set(accessRows
+        .filter((row) => toBoolean(row.admin_access) && row.user !== null && row.user_status === 'active')
+        .map((row) => row.user));
     // Some roles might be granted access rights through nesting, so determine all roles that grant admin or app access,
     // including nested roles
     const { adminRoles: allAdminRoles, appRoles: allAppRoles } = await fetchAccessRoles({
@@ -35,7 +37,12 @@ export async function fetchUserCount(options) {
         };
     }
     const appUsers = new Set(accessRows
-        .filter((row) => !toBoolean(row.admin_access) && toBoolean(row.app_access) && row.user !== null)
+        .filter((row) => !toBoolean(row.admin_access) &&
+        toBoolean(row.app_access) &&
+        row.user !== null &&
+        row.user_status === 'active' &&
+        adminUsers.has(row.user) === false &&
+        adminRoles.has(row.user_role) === false)
         .map((row) => row.user));
     // All users that are granted app rights through a role, but not directly, and that aren't admin users
     const appCountQuery = getUserCountQuery(options.knex, {
@@ -52,6 +59,6 @@ export async function fetchUserCount(options) {
     return {
         admin: adminCount,
         app: appCount,
-        api: Number(allResult?.['count'] ?? 0) - adminCount - appCount,
+        api: Math.max(0, Number(allResult?.['count'] ?? 0) - adminCount - appCount),
     };
 }

package/dist/utils/fetch-user-count/get-user-count-query.js CHANGED Viewed

@@ -3,7 +3,7 @@ export function getUserCountQuery(knex, options) {
     if (options.includeRoles && options.includeRoles.length === 0) {
         return Promise.resolve({ count: 0 });
     }
-    let query = knex('directus_users').count({ count: '*' }).as('count').where('status', 'active');
+    let query = knex('directus_users').count({ count: '*' }).as('count').where('status', '=', 'active');
     if (options.excludeIds && options.excludeIds.length > 0) {
         query = query.whereNotIn('id', options.excludeIds);
     }

package/dist/utils/get-schema.js CHANGED Viewed

@@ -17,9 +17,6 @@ const logger = useLogger();
 export async function getSchema(options, attempt = 0) {
     const MAX_ATTEMPTS = 3;
     const env = useEnv();
-    if (attempt >= MAX_ATTEMPTS) {
-        throw new Error(`Failed to get Schema information: hit infinite loop`);
-    }
     if (options?.bypassCache || env['CACHE_SCHEMA'] === false) {
         const database = options?.database || getDatabase();
         const schemaInspector = createInspector(database);
@@ -29,6 +26,9 @@ export async function getSchema(options, attempt = 0) {
     if (cached) {
         return cached;
     }
+    if (attempt >= MAX_ATTEMPTS) {
+        throw new Error(`Failed to get Schema information: hit infinite loop`);
+    }
     const lock = useLock();
     const bus = useBus();
     const lockKey = 'schemaCache--preparing';

package/dist/utils/sanitize-schema.d.ts CHANGED Viewed

@@ -16,7 +16,7 @@ export declare function sanitizeCollection(collection: Collection | undefined):
  * @returns sanitized field
  */
 export declare function sanitizeField(field: Field | undefined, sanitizeAllSchema?: boolean): Partial<Field> | undefined;
-export declare function sanitizeColumn(column: Column): Pick<Column, "name" | "table" | "numeric_precision" | "numeric_scale" | "data_type" | "default_value" | "max_length" | "is_nullable" | "is_unique" | "is_primary_key" | "is_generated" | "generation_expression" | "has_auto_increment" | "foreign_key_table" | "foreign_key_column">;
+export declare function sanitizeColumn(column: Column): Pick<Column, "table" | "name" | "numeric_precision" | "numeric_scale" | "data_type" | "default_value" | "max_length" | "is_nullable" | "is_unique" | "is_primary_key" | "is_generated" | "generation_expression" | "has_auto_increment" | "foreign_key_table" | "foreign_key_column">;
 /**
  * Pick certain database vendor specific relation properties that should be compared when performing diff
  *

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@directus/api",
-  "version": "21.0.0-rc.0",
+  "version": "22.0.0",
   "description": "Directus is a real-time API and App dashboard for managing SQL database content",
   "keywords": [
     "directus",
@@ -59,7 +59,7 @@
   ],
   "dependencies": {
     "@authenio/samlify-node-xmllint": "2.0.0",
-    "@aws-sdk/client-ses": "3.600.0",
+    "@aws-sdk/client-ses": "3.614.0",
     "@godaddy/terminus": "4.12.1",
     "@rollup/plugin-alias": "5.1.0",
     "@rollup/plugin-node-resolve": "15.2.3",
@@ -70,7 +70,7 @@
     "@types/cookie": "0.6.0",
     "argon2": "0.40.3",
     "async": "3.2.5",
-    "axios": "1.7.2",
+    "axios": "1.7.3",
     "busboy": "1.6.0",
     "bytes": "3.1.2",
     "camelcase": "8.0.0",
@@ -99,7 +99,7 @@
     "graphql-ws": "5.16.0",
     "helmet": "7.1.0",
     "icc": "3.0.0",
-    "inquirer": "9.3.2",
+    "inquirer": "9.3.5",
     "ioredis": "5.4.1",
     "ip-matching": "2.1.2",
     "isolated-vm": "4.7.2",
@@ -111,12 +111,12 @@
     "keyv": "4.5.4",
     "knex": "3.1.0",
     "ldapjs": "2.3.3",
-    "liquidjs": "10.14.0",
+    "liquidjs": "10.15.0",
     "lodash-es": "4.17.21",
     "marked": "12.0.2",
     "micromustache": "8.0.3",
     "mime-types": "2.1.35",
-    "minimatch": "9.0.4",
+    "minimatch": "9.0.5",
     "mnemonist": "0.39.8",
     "ms": "2.1.3",
     "nanoid": "5.0.7",
@@ -124,7 +124,7 @@
     "node-schedule": "2.1.1",
     "nodemailer": "6.9.14",
     "object-hash": "3.0.0",
-    "openapi3-ts": "4.3.2",
+    "openapi3-ts": "4.3.3",
     "openid-client": "5.6.5",
     "ora": "8.0.1",
     "otplib": "12.0.1",
@@ -135,7 +135,7 @@
     "pino-http": "9.0.0",
     "pino-http-print": "3.1.0",
     "pino-pretty": "11.2.1",
-    "qs": "6.12.2",
+    "qs": "6.12.3",
     "rate-limiter-flexible": "5.0.3",
     "rollup": "4.17.2",
     "samlify": "2.8.10",
@@ -143,35 +143,35 @@
     "sharp": "0.33.4",
     "snappy": "7.2.2",
     "stream-json": "1.8.0",
-    "tar": "7.4.0",
-    "tsx": "4.12.0",
+    "tar": "7.4.2",
+    "tsx": "4.16.5",
     "wellknown": "0.5.0",
     "ws": "8.18.0",
     "zod": "3.23.8",
     "zod-validation-error": "3.3.0",
-    "@directus/constants": "11.1.0-rc.1",
-    "@directus/env": "1.3.1-rc.0",
-    "@directus/errors": "0.4.0-rc.1",
-    "@directus/app": "13.0.0-rc.2",
-    "@directus/extensions": "2.0.0-rc.1",
-    "@directus/extensions-registry": "1.0.10-rc.0",
-    "@directus/extensions-sdk": "11.0.10-rc.0",
-    "@directus/memory": "1.1.0-rc.1",
-    "@directus/format-title": "10.1.2",
-    "@directus/pressure": "1.0.22-rc.0",
-    "@directus/schema": "11.0.3",
-    "@directus/specs": "10.2.10",
-    "@directus/storage": "10.1.0",
-    "@directus/storage-driver-azure": "10.0.24-rc.0",
-    "@directus/storage-driver-cloudinary": "10.0.24-rc.0",
-    "@directus/storage-driver-gcs": "10.0.25-rc.0",
-    "@directus/storage-driver-local": "10.1.0",
-    "@directus/storage-driver-s3": "10.1.1-rc.0",
-    "@directus/storage-driver-supabase": "1.0.16-rc.0",
-    "@directus/validation": "0.0.19-rc.0",
-    "directus": "11.0.0-rc.3",
-    "@directus/system-data": "2.0.0-rc.1",
-    "@directus/utils": "12.0.0-rc.1"
+    "@directus/constants": "12.0.0",
+    "@directus/app": "13.0.0",
+    "@directus/env": "2.0.0",
+    "@directus/errors": "1.0.0",
+    "@directus/format-title": "11.0.0",
+    "@directus/extensions": "2.0.0",
+    "@directus/extensions-sdk": "12.0.0",
+    "@directus/extensions-registry": "2.0.0",
+    "@directus/pressure": "2.0.0",
+    "@directus/memory": "2.0.0",
+    "@directus/schema": "12.0.0",
+    "@directus/specs": "11.0.0",
+    "@directus/storage": "11.0.0",
+    "@directus/storage-driver-azure": "11.0.0",
+    "@directus/storage-driver-gcs": "11.0.0",
+    "@directus/storage-driver-local": "11.0.0",
+    "@directus/storage-driver-cloudinary": "11.0.0",
+    "@directus/storage-driver-s3": "11.0.0",
+    "@directus/storage-driver-supabase": "2.0.0",
+    "@directus/system-data": "2.0.0",
+    "@directus/validation": "1.0.0",
+    "@directus/utils": "12.0.0",
+    "directus": "11.0.0"
   },
   "devDependencies": {
     "@ngneat/falso": "7.2.0",
@@ -196,7 +196,7 @@
     "@types/lodash-es": "4.17.12",
     "@types/mime-types": "2.1.4",
     "@types/ms": "0.7.34",
-    "@types/node": "18.19.33",
+    "@types/node": "18.19.43",
     "@types/node-schedule": "2.1.7",
     "@types/nodemailer": "6.4.15",
     "@types/object-hash": "3.0.6",
@@ -205,16 +205,16 @@
     "@types/sanitize-html": "2.11.0",
     "@types/stream-json": "1.7.7",
     "@types/wellknown": "0.5.8",
-    "@types/ws": "8.5.10",
+    "@types/ws": "8.5.11",
     "@vitest/coverage-v8": "1.5.3",
     "copyfiles": "2.4.1",
     "form-data": "4.0.0",
     "knex-mock-client": "2.0.1",
     "typescript": "5.4.5",
     "vitest": "1.5.3",
-    "@directus/random": "0.2.8",
-    "@directus/tsconfig": "1.0.1",
-    "@directus/types": "12.0.0-rc.1"
+    "@directus/random": "1.0.0",
+    "@directus/tsconfig": "2.0.0",
+    "@directus/types": "12.0.0"
   },
   "optionalDependencies": {
     "@keyv/redis": "2.8.5",

package/dist/database/migrations/20240710A-permissions-policies.js DELETED Viewed

@@ -1,169 +0,0 @@
-import { randomUUID } from 'node:crypto';
-import { processChunk } from '@directus/utils';
-/**
- * The public role used to be `null`, we gotta create a single new policy for the permissions
- * previously attached to the public role (marked through `role = null`).
- */
-const PUBLIC_POLICY_ID = 'abf8a154-5b1c-4a46-ac9c-7300570f4f17';
-export async function up(knex) {
-    /////////////////////////////////////////////////////////////////////////////////////////////////
-    // If the policies table already exists the migration has already run
-    if (await knex.schema.hasTable('directus_policies')) {
-        return;
-    }
-    /////////////////////////////////////////////////////////////////////////////////////////////////
-    // Create new policies table that mirrors previous Roles
-    await knex.schema.createTable('directus_policies', (table) => {
-        table.uuid('id').primary();
-        table.string('name', 100).notNullable();
-        table.string('icon', 64).notNullable().defaultTo('badge');
-        table.text('description');
-        table.text('ip_access');
-        table.boolean('enforce_tfa').defaultTo(false).notNullable();
-        table.boolean('admin_access').defaultTo(false).notNullable();
-        table.boolean('app_access').defaultTo(false).notNullable();
-    });
-    /////////////////////////////////////////////////////////////////////////////////////////////////
-    // Copy over all existing roles into new policies
-    const roles = await knex
-        .select('id', 'name', 'icon', 'description', 'ip_access', 'enforce_tfa', 'admin_access', 'app_access')
-        .from('directus_roles');
-    if (roles.length > 0) {
-        await processChunk(roles, 100, async (chunk) => {
-            await knex('directus_policies').insert(chunk);
-        });
-    }
-    await knex
-        .insert({
-        id: PUBLIC_POLICY_ID,
-        name: '$t:public_label',
-        icon: 'public',
-        description: '$t:public_description',
-        app_access: false,
-    })
-        .into('directus_policies');
-    // Change the admin policy description to $t:admin_policy_description
-    await knex('directus_policies')
-        .update({
-        description: '$t:admin_policy_description',
-    })
-        .where('description', 'LIKE', '$t:admin_description');
-    /////////////////////////////////////////////////////////////////////////////////////////////////
-    // Remove access control + add nesting to roles
-    await knex.schema.alterTable('directus_roles', (table) => {
-        table.dropColumn('ip_access');
-        table.dropColumn('enforce_tfa');
-        table.dropColumn('admin_access');
-        table.dropColumn('app_access');
-        table.uuid('parent').references('directus_roles.id');
-    });
-    /////////////////////////////////////////////////////////////////////////////////////////////////
-    // Link permissions to policies instead of roles
-    await knex.schema.alterTable('directus_permissions', (table) => {
-        table.uuid('policy').references('directus_policies.id').onDelete('CASCADE');
-        // Drop the foreign key constraint here in order to update `null` role to public policy ID
-        table.dropForeign('role');
-    });
-    await knex('directus_permissions')
-        .update({
-        role: PUBLIC_POLICY_ID,
-    })
-        .whereNull('role');
-    await knex('directus_permissions').update({
-        policy: knex.ref('role'),
-    });
-    await knex.schema.alterTable('directus_permissions', (table) => {
-        table.dropColumns('role');
-        table.dropNullable('policy');
-    });
-    /////////////////////////////////////////////////////////////////////////////////////////////////
-    // Setup junction table between roles/users and policies
-    // This could be a A2O style setup with a collection/item field rather than individual foreign
-    // keys, but we want to be able to show the reverse-relationship on the individual policies as
-    // well, which would require the O2A type to exist in Directus which currently doesn't.
-    // Shouldn't be the end of the world here, as we know we're only attaching policies to two other
-    // collections.
-    await knex.schema.createTable('directus_access', (table) => {
-        table.uuid('id').primary();
-        table.uuid('role').references('directus_roles.id').nullable().onDelete('CASCADE');
-        table.uuid('user').references('directus_users.id').nullable().onDelete('CASCADE');
-        table.uuid('policy').references('directus_policies.id').notNullable().onDelete('CASCADE');
-        table.integer('sort');
-    });
-    /////////////////////////////////////////////////////////////////////////////////////////////////
-    // Attach policies to existing roles for backwards compatibility
-    const policyAttachments = roles.map((role) => ({
-        id: randomUUID(),
-        role: role.id,
-        user: null,
-        policy: role.id,
-        sort: 1,
-    }));
-    await processChunk(policyAttachments, 100, async (chunk) => {
-        await knex('directus_access').insert(chunk);
-    });
-    await knex('directus_access').insert({
-        id: randomUUID(),
-        role: null,
-        user: null,
-        policy: PUBLIC_POLICY_ID,
-        sort: 1,
-    });
-}
-export async function down(knex) {
-    /////////////////////////////////////////////////////////////////////////////////////////////////
-    // Reinstate access control fields on directus roles + remove nesting
-    await knex.schema.alterTable('directus_roles', (table) => {
-        table.text('ip_access');
-        table.boolean('enforce_tfa').defaultTo(false).notNullable();
-        table.boolean('admin_access').defaultTo(false).notNullable();
-        table.boolean('app_access').defaultTo(true).notNullable();
-        table.dropForeign('parent');
-        table.dropColumn('parent');
-    });
-    /////////////////////////////////////////////////////////////////////////////////////////////////
-    // Copy policy access control rules back to roles
-    const policies = await knex
-        .select('id', 'ip_access', 'enforce_tfa', 'admin_access', 'app_access')
-        .from('directus_policies')
-        .whereNot({ id: PUBLIC_POLICY_ID });
-    for (const policy of policies) {
-        await knex('directus_roles')
-            .update({
-            ip_access: policy.ip_access,
-            enforce_tfa: policy.enforce_tfa,
-            admin_access: policy.admin_access,
-            app_access: policy.app_access,
-        })
-            .where({ id: policy.id });
-    }
-    /////////////////////////////////////////////////////////////////////////////////////////////////
-    // Drop all permissions that are only attached to a user
-    // TODO query all policies that are attached to a user and delete their permissions,
-    //  since we don't know were to put them now and it'll cause a foreign key problem
-    //  as soon as we reference directus_roles in directus_permissions again
-    /////////////////////////////////////////////////////////////////////////////////////////////////
-    // Drop policy attachments
-    await knex.schema.dropTable('directus_access');
-    /////////////////////////////////////////////////////////////////////////////////////////////////
-    // Reattach permissions to roles instead of policies
-    await knex.schema.alterTable('directus_permissions', (table) => {
-        table.uuid('role').nullable();
-    });
-    await knex('directus_permissions').update({
-        role: knex.ref('policy'),
-    });
-    await knex('directus_permissions')
-        .update({
-        role: null,
-    })
-        .where({ role: PUBLIC_POLICY_ID });
-    await knex.schema.alterTable('directus_permissions', (table) => {
-        table.uuid('role').references('directus_roles.id').alter();
-        table.dropForeign('policy');
-        table.dropColumn('policy');
-    });
-    /////////////////////////////////////////////////////////////////////////////////////////////////
-    // Drop policies table
-    await knex.schema.dropTable('directus_policies');
-}

/package/dist/database/migrations/{20240710A-permissions-policies.d.ts → 20240716A-update-files-date-fields.d.ts} RENAMED Viewed

File without changes