npm - @directus/api - Versions diffs - 21.0.0 → 22.0.0 - Mend

@directus/api 21.0.0 → 22.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (285) hide show

package/dist/services/payload.js CHANGED Viewed

@@ -9,6 +9,7 @@ import { parse as wktToGeoJSON } from 'wellknown';
 import { getHelpers } from '../database/helpers/index.js';
 import getDatabase from '../database/index.js';
 import { generateHash } from '../utils/generate-hash.js';
+import { UserIntegrityCheckFlag } from '../utils/validate-user-count-integrity.js';
 /**
  * Process a given payload for a collection to ensure the special fields (hash, uuid, date etc) are
  * handled correctly.
@@ -317,6 +318,7 @@ export class PayloadService {
             return relation.collection === this.collection;
         });
         const revisions = [];
+        let userIntegrityCheckFlags = UserIntegrityCheckFlag.None;
         const nestedActionEvents = [];
         const payload = cloneDeep(data);
         // Only process related records that are actually in the payload
@@ -362,6 +364,7 @@ export class PayloadService {
                 if (Object.keys(fieldsToUpdate).length > 0) {
                     await service.updateOne(relatedPrimaryKey, relatedRecord, {
                         onRevisionCreate: (pk) => revisions.push(pk),
+                        onRequireUserIntegrityCheck: (flags) => (userIntegrityCheckFlags |= flags),
                         bypassEmitAction: (params) => opts?.bypassEmitAction ? opts.bypassEmitAction(params) : nestedActionEvents.push(params),
                         emitEvents: opts?.emitEvents,
                         mutationTracker: opts?.mutationTracker,
@@ -371,6 +374,7 @@ export class PayloadService {
             else {
                 relatedPrimaryKey = await service.createOne(relatedRecord, {
                     onRevisionCreate: (pk) => revisions.push(pk),
+                    onRequireUserIntegrityCheck: (flags) => (userIntegrityCheckFlags |= flags),
                     bypassEmitAction: (params) => opts?.bypassEmitAction ? opts.bypassEmitAction(params) : nestedActionEvents.push(params),
                     emitEvents: opts?.emitEvents,
                     mutationTracker: opts?.mutationTracker,
@@ -379,7 +383,7 @@ export class PayloadService {
             // Overwrite the nested object with just the primary key, so the parent level can be saved correctly
             payload[relation.field] = relatedPrimaryKey;
         }
-        return { payload, revisions, nestedActionEvents };
+        return { payload, revisions, nestedActionEvents, userIntegrityCheckFlags };
     }
     /**
      * Save/update all nested related m2o items inside the payload
@@ -388,6 +392,7 @@ export class PayloadService {
         const payload = cloneDeep(data);
         // All the revisions saved on this level
         const revisions = [];
+        let userIntegrityCheckFlags = UserIntegrityCheckFlag.None;
         const nestedActionEvents = [];
         // Many to one relations that exist on the current collection
         const relations = this.schema.relations.filter((relation) => {
@@ -424,6 +429,7 @@ export class PayloadService {
                 if (Object.keys(fieldsToUpdate).length > 0) {
                     await service.updateOne(relatedPrimaryKey, relatedRecord, {
                         onRevisionCreate: (pk) => revisions.push(pk),
+                        onRequireUserIntegrityCheck: (flags) => (userIntegrityCheckFlags |= flags),
                         bypassEmitAction: (params) => opts?.bypassEmitAction ? opts.bypassEmitAction(params) : nestedActionEvents.push(params),
                         emitEvents: opts?.emitEvents,
                         mutationTracker: opts?.mutationTracker,
@@ -433,6 +439,7 @@ export class PayloadService {
             else {
                 relatedPrimaryKey = await service.createOne(relatedRecord, {
                     onRevisionCreate: (pk) => revisions.push(pk),
+                    onRequireUserIntegrityCheck: (flags) => (userIntegrityCheckFlags |= flags),
                     bypassEmitAction: (params) => opts?.bypassEmitAction ? opts.bypassEmitAction(params) : nestedActionEvents.push(params),
                     emitEvents: opts?.emitEvents,
                     mutationTracker: opts?.mutationTracker,
@@ -441,13 +448,14 @@ export class PayloadService {
             // Overwrite the nested object with just the primary key, so the parent level can be saved correctly
             payload[relation.field] = relatedPrimaryKey;
         }
-        return { payload, revisions, nestedActionEvents };
+        return { payload, revisions, nestedActionEvents, userIntegrityCheckFlags };
     }
     /**
      * Recursively save/update all nested related o2m items
      */
     async processO2M(data, parent, opts) {
         const revisions = [];
+        let userIntegrityCheckFlags = UserIntegrityCheckFlag.None;
         const nestedActionEvents = [];
         const relations = this.schema.relations.filter((relation) => {
             return relation.related_collection === this.collection;
@@ -516,6 +524,7 @@ export class PayloadService {
                 }
                 savedPrimaryKeys.push(...(await service.upsertMany(recordsToUpsert, {
                     onRevisionCreate: (pk) => revisions.push(pk),
+                    onRequireUserIntegrityCheck: (flags) => (userIntegrityCheckFlags |= flags),
                     bypassEmitAction: (params) => opts?.bypassEmitAction ? opts.bypassEmitAction(params) : nestedActionEvents.push(params),
                     emitEvents: opts?.emitEvents,
                     mutationTracker: opts?.mutationTracker,
@@ -540,6 +549,7 @@ export class PayloadService {
                 if (relation.meta.one_deselect_action === 'delete') {
                     // There's no revision for a deletion
                     await service.deleteByQuery(query, {
+                        onRequireUserIntegrityCheck: (flags) => (userIntegrityCheckFlags |= flags),
                         bypassEmitAction: (params) => opts?.bypassEmitAction ? opts.bypassEmitAction(params) : nestedActionEvents.push(params),
                         emitEvents: opts?.emitEvents,
                         mutationTracker: opts?.mutationTracker,
@@ -548,6 +558,7 @@ export class PayloadService {
                 else {
                     await service.updateByQuery(query, { [relation.field]: null }, {
                         onRevisionCreate: (pk) => revisions.push(pk),
+                        onRequireUserIntegrityCheck: (flags) => (userIntegrityCheckFlags |= flags),
                         bypassEmitAction: (params) => opts?.bypassEmitAction ? opts.bypassEmitAction(params) : nestedActionEvents.push(params),
                         emitEvents: opts?.emitEvents,
                         mutationTracker: opts?.mutationTracker,
@@ -590,6 +601,7 @@ export class PayloadService {
                     }
                     await service.createMany(createPayload, {
                         onRevisionCreate: (pk) => revisions.push(pk),
+                        onRequireUserIntegrityCheck: (flags) => (userIntegrityCheckFlags |= flags),
                         bypassEmitAction: (params) => opts?.bypassEmitAction ? opts.bypassEmitAction(params) : nestedActionEvents.push(params),
                         emitEvents: opts?.emitEvents,
                         mutationTracker: opts?.mutationTracker,
@@ -603,6 +615,7 @@ export class PayloadService {
                             [relation.field]: parent || payload[currentPrimaryKeyField],
                         }, {
                             onRevisionCreate: (pk) => revisions.push(pk),
+                            onRequireUserIntegrityCheck: (flags) => (userIntegrityCheckFlags |= flags),
                             bypassEmitAction: (params) => opts?.bypassEmitAction ? opts.bypassEmitAction(params) : nestedActionEvents.push(params),
                             emitEvents: opts?.emitEvents,
                             mutationTracker: opts?.mutationTracker,
@@ -628,6 +641,7 @@ export class PayloadService {
                     };
                     if (relation.meta.one_deselect_action === 'delete') {
                         await service.deleteByQuery(query, {
+                            onRequireUserIntegrityCheck: (flags) => (userIntegrityCheckFlags |= flags),
                             bypassEmitAction: (params) => opts?.bypassEmitAction ? opts.bypassEmitAction(params) : nestedActionEvents.push(params),
                             emitEvents: opts?.emitEvents,
                             mutationTracker: opts?.mutationTracker,
@@ -636,6 +650,7 @@ export class PayloadService {
                     else {
                         await service.updateByQuery(query, { [relation.field]: null }, {
                             onRevisionCreate: (pk) => revisions.push(pk),
+                            onRequireUserIntegrityCheck: (flags) => (userIntegrityCheckFlags |= flags),
                             bypassEmitAction: (params) => opts?.bypassEmitAction ? opts.bypassEmitAction(params) : nestedActionEvents.push(params),
                             emitEvents: opts?.emitEvents,
                             mutationTracker: opts?.mutationTracker,
@@ -644,7 +659,7 @@ export class PayloadService {
                 }
             }
         }
-        return { revisions, nestedActionEvents };
+        return { revisions, nestedActionEvents, userIntegrityCheckFlags };
     }
     /**
      * Transforms the input partial payload to match the output structure, to have consistency

package/dist/services/{permissions/index.d.ts → permissions.d.ts} RENAMED Viewed

@@ -1,12 +1,10 @@
-import type { Item, ItemPermissions, PermissionsAction, PrimaryKey, Query } from '@directus/types';
-import type Keyv from 'keyv';
-import type { AbstractServiceOptions, MutationOptions } from '../../types/index.js';
-import type { QueryOptions } from '../items.js';
-import { ItemsService } from '../items.js';
+import type { Item, ItemPermissions, PrimaryKey, Query } from '@directus/types';
+import type { AbstractServiceOptions, MutationOptions } from '../types/index.js';
+import type { QueryOptions } from './items.js';
+import { ItemsService } from './items.js';
 export declare class PermissionsService extends ItemsService {
-    systemCache: Keyv<any>;
     constructor(options: AbstractServiceOptions);
-    getAllowedFields(action: PermissionsAction, collection?: string): Record<string, string[]>;
+    private clearCaches;
     readByQuery(query: Query, opts?: QueryOptions): Promise<Partial<Item>[]>;
     createOne(data: Partial<Item>, opts?: MutationOptions): Promise<PrimaryKey>;
     createMany(data: Partial<Item>[], opts?: MutationOptions): Promise<PrimaryKey[]>;

package/dist/services/{permissions/index.js → permissions.js} RENAMED Viewed

@@ -1,32 +1,17 @@
 import { ForbiddenError } from '@directus/errors';
-import { clearSystemCache, getCache } from '../../cache.js';
-import { AuthorizationService } from '../authorization.js';
-import { ItemsService } from '../items.js';
-import { withAppMinimalPermissions } from './lib/with-app-minimal-permissions.js';
+import { clearSystemCache } from '../cache.js';
+import { withAppMinimalPermissions } from '../permissions/lib/with-app-minimal-permissions.js';
+import { validateAccess } from '../permissions/modules/validate-access/validate-access.js';
+import { ItemsService } from './items.js';
 export class PermissionsService extends ItemsService {
-    systemCache;
     constructor(options) {
         super('directus_permissions', options);
-        const { systemCache } = getCache();
-        this.systemCache = systemCache;
     }
-    getAllowedFields(action, collection) {
-        const results = this.accountability?.permissions?.filter((permission) => {
-            let matchesCollection = true;
-            if (collection) {
-                matchesCollection = permission.collection === collection;
-            }
-            const matchesAction = permission.action === action;
-            return collection ? matchesCollection && matchesAction : matchesAction;
-        }) ?? [];
-        const fieldsPerCollection = {};
-        for (const result of results) {
-            const { collection, fields } = result;
-            if (!fieldsPerCollection[collection])
-                fieldsPerCollection[collection] = [];
-            fieldsPerCollection[collection].push(...(fields ?? []));
+    async clearCaches(opts) {
+        await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
+        if (this.cache && opts?.autoPurgeCache !== false) {
+            await this.cache.clear();
         }
-        return fieldsPerCollection;
     }
     async readByQuery(query, opts) {
         const result = (await super.readByQuery(query, opts));
@@ -34,50 +19,32 @@ export class PermissionsService extends ItemsService {
     }
     async createOne(data, opts) {
         const res = await super.createOne(data, opts);
-        await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
-        if (this.cache && opts?.autoPurgeCache !== false) {
-            await this.cache.clear();
-        }
+        await this.clearCaches(opts);
         return res;
     }
     async createMany(data, opts) {
         const res = await super.createMany(data, opts);
-        await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
-        if (this.cache && opts?.autoPurgeCache !== false) {
-            await this.cache.clear();
-        }
+        await this.clearCaches(opts);
         return res;
     }
     async updateBatch(data, opts) {
         const res = await super.updateBatch(data, opts);
-        await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
-        if (this.cache && opts?.autoPurgeCache !== false) {
-            await this.cache.clear();
-        }
+        await this.clearCaches(opts);
         return res;
     }
     async updateMany(keys, data, opts) {
         const res = await super.updateMany(keys, data, opts);
-        await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
-        if (this.cache && opts?.autoPurgeCache !== false) {
-            await this.cache.clear();
-        }
+        await this.clearCaches(opts);
         return res;
     }
     async upsertMany(payloads, opts) {
         const res = await super.upsertMany(payloads, opts);
-        await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
-        if (this.cache && opts?.autoPurgeCache !== false) {
-            await this.cache.clear();
-        }
+        await this.clearCaches(opts);
         return res;
     }
     async deleteMany(keys, opts) {
         const res = await super.deleteMany(keys, opts);
-        await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
-        if (this.cache && opts?.autoPurgeCache !== false) {
-            await this.cache.clear();
-        }
+        await this.clearCaches(opts);
         return res;
     }
     async getItemPermissions(collection, primaryKey) {
@@ -115,16 +82,25 @@ export class PermissionsService extends ItemsService {
                 updateAction = 'create';
             }
         }
-        const authorizationService = new AuthorizationService({
-            knex: this.knex,
-            accountability: this.accountability,
-            schema: this.schema,
-        });
         await Promise.all(Object.keys(itemPermissions).map((key) => {
             const action = key;
             const checkAction = action === 'update' ? updateAction : action;
-            return authorizationService
-                .checkAccess(checkAction, collection, primaryKey)
+            if (!this.accountability) {
+                itemPermissions[action].access = true;
+                return Promise.resolve();
+            }
+            const opts = {
+                accountability: this.accountability,
+                action: checkAction,
+                collection,
+            };
+            if (primaryKey) {
+                opts.primaryKeys = [primaryKey];
+            }
+            return validateAccess(opts, {
+                schema: this.schema,
+                knex: this.knex,
+            })
                 .then(() => (itemPermissions[action].access = true))
                 .catch(() => { });
         }));

package/dist/services/policies.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import type { Policy, PrimaryKey } from '@directus/types';
+import type { AbstractServiceOptions, MutationOptions } from '../types/index.js';
+import { ItemsService } from './items.js';
+export declare class PoliciesService extends ItemsService<Policy> {
+    constructor(options: AbstractServiceOptions);
+    private clearCaches;
+    private isIpAccessValid;
+    private assertValidIpAccess;
+    createOne(data: Partial<Policy>, opts?: MutationOptions): Promise<PrimaryKey>;
+    updateMany(keys: PrimaryKey[], data: Partial<Policy>, opts?: MutationOptions): Promise<PrimaryKey[]>;
+    deleteMany(keys: PrimaryKey[], opts?: MutationOptions): Promise<PrimaryKey[]>;
+}

package/dist/services/policies.js ADDED Viewed

@@ -0,0 +1,87 @@
+import { InvalidPayloadError } from '@directus/errors';
+import { getMatch } from 'ip-matching';
+import { clearSystemCache } from '../cache.js';
+import { clearCache as clearPermissionsCache } from '../permissions/cache.js';
+import { UserIntegrityCheckFlag } from '../utils/validate-user-count-integrity.js';
+import { ItemsService } from './items.js';
+export class PoliciesService extends ItemsService {
+    constructor(options) {
+        super('directus_policies', options);
+    }
+    async clearCaches(opts) {
+        await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
+        if (this.cache && opts?.autoPurgeCache !== false) {
+            await this.cache.clear();
+        }
+    }
+    isIpAccessValid(value) {
+        if (value === undefined)
+            return false;
+        if (value === null)
+            return true;
+        if (Array.isArray(value) && value.length === 0)
+            return true;
+        for (const ip of value) {
+            if (typeof ip !== 'string' || ip.includes('*'))
+                return false;
+            try {
+                const match = getMatch(ip);
+                if (match.type == 'IPMask')
+                    return false;
+            }
+            catch {
+                return false;
+            }
+        }
+        return true;
+    }
+    assertValidIpAccess(partialItem) {
+        if ('ip_access' in partialItem && !this.isIpAccessValid(partialItem['ip_access'])) {
+            throw new InvalidPayloadError({
+                reason: 'IP Access contains an incorrect value. Valid values are: IP addresses, IP ranges and CIDR blocks',
+            });
+        }
+    }
+    async createOne(data, opts = {}) {
+        this.assertValidIpAccess(data);
+        // A policy has been created, but the attachment to a user/role happens in the AccessService,
+        // so no need to check user integrity
+        const result = await super.createOne(data, opts);
+        // TODO is this necessary? Since the attachment should be handled in the AccessService
+        // A new policy has created, clear the permissions cache
+        await clearPermissionsCache();
+        return result;
+    }
+    async updateMany(keys, data, opts = {}) {
+        this.assertValidIpAccess(data);
+        if ('admin_access' in data) {
+            let flags = UserIntegrityCheckFlag.RemainingAdmins;
+            if (data['admin_access'] === true) {
+                // Only need to perform a full user count if the policy allows admin access
+                flags |= UserIntegrityCheckFlag.All;
+            }
+            opts.userIntegrityCheckFlags = (opts.userIntegrityCheckFlags ?? UserIntegrityCheckFlag.None) | flags;
+        }
+        if ('app_access' in data) {
+            opts.userIntegrityCheckFlags =
+                (opts.userIntegrityCheckFlags ?? UserIntegrityCheckFlag.None) | UserIntegrityCheckFlag.UserLimits;
+        }
+        if (opts.userIntegrityCheckFlags)
+            opts.onRequireUserIntegrityCheck?.(opts.userIntegrityCheckFlags);
+        const result = await super.updateMany(keys, data, opts);
+        if ('admin_access' in data || 'app_access' in data || 'ip_access' in data || 'enforce_tfa' in data) {
+            // Some relevant properties on policies have been updated, clear the caches
+            await this.clearCaches(opts);
+        }
+        return result;
+    }
+    async deleteMany(keys, opts = {}) {
+        opts.userIntegrityCheckFlags = UserIntegrityCheckFlag.All;
+        opts.onRequireUserIntegrityCheck?.(opts.userIntegrityCheckFlags);
+        const result = await super.deleteMany(keys, opts);
+        // TODO is this necessary? Since the detachment should be handled in the AccessService
+        // Some policies have been deleted, clear the permissions cache
+        await this.clearCaches(opts);
+        return result;
+    }
+}

package/dist/services/relations.d.ts CHANGED Viewed

@@ -5,10 +5,8 @@ import type { Knex } from 'knex';
 import type { Helpers } from '../database/helpers/index.js';
 import type { AbstractServiceOptions, MutationOptions } from '../types/index.js';
 import { ItemsService, type QueryOptions } from './items.js';
-import { PermissionsService } from './permissions/index.js';
 export declare class RelationsService {
     knex: Knex;
-    permissionsService: PermissionsService;
     schemaInspector: SchemaInspector;
     accountability: Accountability | null;
     schema: SchemaOverview;
@@ -34,10 +32,6 @@ export declare class RelationsService {
      * Delete an existing relationship
      */
     deleteOne(collection: string, field: string, opts?: MutationOptions): Promise<void>;
-    /**
-     * Whether or not the current user has read access to relations
-     */
-    private get hasReadAccess();
     /**
      * Combine raw schema foreign key information with Directus relations meta rows to form final
      * Relation objects

package/dist/services/relations.js CHANGED Viewed

@@ -1,3 +1,4 @@
+import { useEnv } from '@directus/env';
 import { ForbiddenError, InvalidPayloadError } from '@directus/errors';
 import { createInspector } from '@directus/schema';
 import { systemRelationRows } from '@directus/system-data';
@@ -6,16 +7,16 @@ import { clearSystemCache, getCache, getCacheValue, setCacheValue } from '../cac
 import { getHelpers } from '../database/helpers/index.js';
 import getDatabase, { getSchemaInspector } from '../database/index.js';
 import emitter from '../emitter.js';
+import { fetchAllowedFieldMap } from '../permissions/modules/fetch-allowed-field-map/fetch-allowed-field-map.js';
+import { fetchAllowedFields } from '../permissions/modules/fetch-allowed-fields/fetch-allowed-fields.js';
+import { validateAccess } from '../permissions/modules/validate-access/validate-access.js';
 import { getDefaultIndexName } from '../utils/get-default-index-name.js';
 import { getSchema } from '../utils/get-schema.js';
 import { transaction } from '../utils/transaction.js';
 import { ItemsService } from './items.js';
-import { PermissionsService } from './permissions/index.js';
-import { useEnv } from '@directus/env';
 const env = useEnv();
 export class RelationsService {
     knex;
-    permissionsService;
     schemaInspector;
     accountability;
     schema;
@@ -25,7 +26,6 @@ export class RelationsService {
     helpers;
     constructor(options) {
         this.knex = options.knex || getDatabase();
-        this.permissionsService = new PermissionsService(options);
         this.schemaInspector = options.knex ? createInspector(options.knex) : getSchemaInspector();
         this.schema = options.schema;
         this.accountability = options.accountability || null;
@@ -59,8 +59,15 @@ export class RelationsService {
         return foreignKeys;
     }
     async readAll(collection, opts) {
-        if (this.accountability && this.accountability.admin !== true && this.hasReadAccess === false) {
-            throw new ForbiddenError();
+        if (this.accountability) {
+            await validateAccess({
+                accountability: this.accountability,
+                action: 'read',
+                collection: 'directus_relations',
+            }, {
+                knex: this.knex,
+                schema: this.schema,
+            });
         }
         const metaReadQuery = {
             limit: -1,
@@ -86,18 +93,17 @@ export class RelationsService {
     }
     async readOne(collection, field) {
         if (this.accountability && this.accountability.admin !== true) {
-            if (this.hasReadAccess === false) {
-                throw new ForbiddenError();
-            }
-            const permissions = this.accountability.permissions?.find((permission) => {
-                return permission.action === 'read' && permission.collection === collection;
+            await validateAccess({
+                accountability: this.accountability,
+                action: 'read',
+                collection: 'directus_relations',
+            }, {
+                schema: this.schema,
+                knex: this.knex,
             });
-            if (!permissions || !permissions.fields)
+            const allowedFields = await fetchAllowedFields({ collection, action: 'read', accountability: this.accountability }, { schema: this.schema, knex: this.knex });
+            if (allowedFields.includes('*') === false && allowedFields.includes(field) === false) {
                 throw new ForbiddenError();
-            if (permissions.fields.includes('*') === false) {
-                const allowedFields = permissions.fields;
-                if (allowedFields.includes(field) === false)
-                    throw new ForbiddenError();
             }
         }
         const metaRow = await this.relationsItemService.readByQuery({
@@ -379,14 +385,6 @@ export class RelationsService {
             }
         }
     }
-    /**
-     * Whether or not the current user has read access to relations
-     */
-    get hasReadAccess() {
-        return !!this.accountability?.permissions?.find((permission) => {
-            return permission.collection === 'directus_relations' && permission.action === 'read';
-        });
-    }
     /**
      * Combine raw schema foreign key information with Directus relations meta rows to form final
      * Relation objects
@@ -435,12 +433,11 @@ export class RelationsService {
     async filterForbidden(relations) {
         if (this.accountability === null || this.accountability?.admin === true)
             return relations;
-        const allowedCollections = this.accountability.permissions
-            ?.filter((permission) => {
-            return permission.action === 'read';
-        })
-            .map(({ collection }) => collection) ?? [];
-        const allowedFields = this.permissionsService.getAllowedFields('read');
+        const allowedFields = await fetchAllowedFieldMap({
+            accountability: this.accountability,
+            action: 'read',
+        }, { schema: this.schema, knex: this.knex });
+        const allowedCollections = Object.keys(allowedFields);
         relations = toArray(relations);
         return relations.filter((relation) => {
             let collectionsAllowed = true;

package/dist/services/roles.d.ts CHANGED Viewed

@@ -1,18 +1,10 @@
-import type { Item, PrimaryKey, Query } from '@directus/types';
+import type { Item, PrimaryKey } from '@directus/types';
 import type { AbstractServiceOptions, MutationOptions } from '../types/index.js';
 import { ItemsService } from './items.js';
 export declare class RolesService extends ItemsService {
     constructor(options: AbstractServiceOptions);
-    private checkForOtherAdminRoles;
-    private checkForOtherAdminUsers;
-    private isIpAccessValid;
-    private assertValidIpAccess;
-    private getRoleAccessType;
-    createOne(data: Partial<Item>, opts?: MutationOptions): Promise<PrimaryKey>;
-    createMany(data: Partial<Item>[], opts?: MutationOptions): Promise<PrimaryKey[]>;
-    updateOne(key: PrimaryKey, data: Partial<Item>, opts?: MutationOptions): Promise<PrimaryKey>;
-    updateBatch(data: Partial<Item>[], opts?: MutationOptions): Promise<PrimaryKey[]>;
     updateMany(keys: PrimaryKey[], data: Partial<Item>, opts?: MutationOptions): Promise<PrimaryKey[]>;
-    updateByQuery(query: Query, data: Partial<Item>, opts?: MutationOptions | undefined): Promise<PrimaryKey[]>;
-    deleteMany(keys: PrimaryKey[]): Promise<PrimaryKey[]>;
+    deleteMany(keys: PrimaryKey[], opts?: MutationOptions): Promise<PrimaryKey[]>;
+    private validateRoleNesting;
+    private clearCaches;
 }