npm - @directus/api - Versions diffs - 22.1.0 → 22.1.1 - Mend

@directus/api 22.1.0 → 22.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (51) hide show

package/dist/utils/apply-query.js CHANGED Viewed

@@ -5,6 +5,7 @@ import { clone, isPlainObject } from 'lodash-es';
 import { customAlphabet } from 'nanoid/non-secure';
 import { getHelpers } from '../database/helpers/index.js';
 import { applyCaseWhen } from '../database/run-ast/utils/apply-case-when.js';
+import { getCases } from '../permissions/modules/process-ast/lib/get-cases.js';
 import { getColumnPath } from './get-column-path.js';
 import { getColumn } from './get-column.js';
 import { getRelationInfo } from './get-relation-info.js';
@@ -15,7 +16,7 @@ export const generateAlias = customAlphabet('abcdefghijklmnopqrstuvwxyz', 5);
 /**
  * Apply the Query to a given Knex query builder instance
  */
-export default function applyQuery(knex, collection, dbQuery, query, schema, cases, options) {
+export default function applyQuery(knex, collection, dbQuery, query, schema, cases, permissions, options) {
     const aliasMap = options?.aliasMap ?? Object.create(null);
     let hasJoins = false;
     let hasMultiRelationalFilter = false;
@@ -42,7 +43,7 @@ export default function applyQuery(knex, collection, dbQuery, query, schema, cas
     // you're actually allowed to read
     const filter = joinFilterWithCases(query.filter, cases);
     if (filter) {
-        const filterResult = applyFilter(knex, schema, dbQuery, filter, collection, aliasMap, cases);
+        const filterResult = applyFilter(knex, schema, dbQuery, filter, collection, aliasMap, cases, permissions);
         if (!hasJoins) {
             hasJoins = filterResult.hasJoins;
         }
@@ -58,6 +59,7 @@ export default function applyQuery(knex, collection, dbQuery, query, schema, cas
                 aliasMap,
                 cases,
                 table: collection,
+                permissions,
             }, {
                 knex,
                 schema,
@@ -261,7 +263,7 @@ export function applyOffset(knex, rootQuery, offset) {
         getHelpers(knex).schema.applyOffset(rootQuery, offset);
     }
 }
-export function applyFilter(knex, schema, rootQuery, rootFilter, collection, aliasMap, cases) {
+export function applyFilter(knex, schema, rootQuery, rootFilter, collection, aliasMap, cases, permissions) {
     const helpers = getHelpers(knex);
     const relations = schema.relations;
     let hasJoins = false;
@@ -349,24 +351,27 @@ export function applyFilter(knex, schema, rootQuery, rootFilter, collection, ali
                     if (relationType === 'o2a') {
                         pkField = knex.raw(getHelpers(knex).schema.castA2oPrimaryKey(), [pkField]);
                     }
-                    const subQueryBuilder = (filter) => (subQueryKnex) => {
-                        const field = relation.field;
-                        const collection = relation.collection;
-                        const column = `${collection}.${field}`;
-                        subQueryKnex
-                            .select({ [field]: column })
-                            .from(collection)
-                            .whereNotNull(column);
-                        applyQuery(knex, relation.collection, subQueryKnex, { filter }, schema, cases);
-                    };
                     const childKey = Object.keys(value)?.[0];
-                    if (childKey === '_none') {
-                        dbQuery[logical].whereNotIn(pkField, subQueryBuilder(Object.values(value)[0]));
-                        continue;
-                    }
-                    else if (childKey === '_some') {
-                        dbQuery[logical].whereIn(pkField, subQueryBuilder(Object.values(value)[0]));
-                        continue;
+                    if (childKey === '_none' || childKey === '_some') {
+                        const subQueryBuilder = (filter, cases) => (subQueryKnex) => {
+                            const field = relation.field;
+                            const collection = relation.collection;
+                            const column = `${collection}.${field}`;
+                            subQueryKnex
+                                .select({ [field]: column })
+                                .from(collection)
+                                .whereNotNull(column);
+                            applyQuery(knex, relation.collection, subQueryKnex, { filter }, schema, cases, permissions);
+                        };
+                        const { cases: subCases } = getCases(relation.collection, permissions, []);
+                        if (childKey === '_none') {
+                            dbQuery[logical].whereNotIn(pkField, subQueryBuilder(Object.values(value)[0], subCases));
+                            continue;
+                        }
+                        else if (childKey === '_some') {
+                            dbQuery[logical].whereIn(pkField, subQueryBuilder(Object.values(value)[0], subCases));
+                            continue;
+                        }
                     }
                 }
                 if (filterPath.includes('_none') || filterPath.includes('_some')) {

package/dist/utils/get-column.d.ts CHANGED Viewed

@@ -1,10 +1,14 @@
-import type { Filter, Query, SchemaOverview } from '@directus/types';
+import type { Filter, Permission, Query, SchemaOverview } from '@directus/types';
 import type { Knex } from 'knex';
-type GetColumnOptions = {
-    query?: Query | undefined;
-    cases?: Filter[];
+type FunctionColumnOptions = {
+    query: Query;
+    cases: Filter[];
+    permissions: Permission[];
+};
+type OriginalCollectionName = {
     originalCollectionName?: string | undefined;
 };
+type GetColumnOptions = OriginalCollectionName | (FunctionColumnOptions & OriginalCollectionName);
 /**
  * Return column prefixed by table. If column includes functions (like `year(date_created)`), the
  * column is replaced with the appropriate SQL

package/dist/utils/get-column.js CHANGED Viewed

@@ -29,8 +29,13 @@ export function getColumn(knex, table, column, alias = applyFunctionToColumnName
             }
             const result = fn[functionName](table, columnName, {
                 type,
-                query: options?.query,
-                cases: options?.cases,
+                relationalCountOptions: isFunctionColumnOptions(options)
+                    ? {
+                        query: options.query,
+                        cases: options.cases,
+                        permissions: options.permissions,
+                    }
+                    : undefined,
                 originalCollectionName: options?.originalCollectionName,
             });
             if (alias) {
@@ -47,3 +52,6 @@ export function getColumn(knex, table, column, alias = applyFunctionToColumnName
     }
     return knex.ref(`${table}.${column}`);
 }
+function isFunctionColumnOptions(options) {
+    return !!options && 'query' in options;
+}

package/dist/utils/sanitize-query.js CHANGED Viewed

@@ -95,7 +95,7 @@ function sanitizeAggregate(rawAggregate) {
             aggregate = parseJSON(rawAggregate);
         }
         catch {
-            logger.warn('Invalid value passed for filter query parameter.');
+            logger.warn('Invalid value passed for aggregate query parameter.');
         }
     }
     for (const [operation, fields] of Object.entries(aggregate)) {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@directus/api",
-  "version": "22.1.0",
+  "version": "22.1.1",
   "description": "Directus is a real-time API and App dashboard for managing SQL database content",
   "keywords": [
     "directus",
@@ -99,7 +99,7 @@
     "graphql-ws": "5.16.0",
     "helmet": "7.1.0",
     "icc": "3.0.0",
-    "inquirer": "9.3.5",
+    "inquirer": "9.3.6",
     "ioredis": "5.4.1",
     "ip-matching": "2.1.2",
     "isolated-vm": "4.7.2",
@@ -143,35 +143,35 @@
     "sharp": "0.33.4",
     "snappy": "7.2.2",
     "stream-json": "1.8.0",
-    "tar": "7.4.2",
+    "tar": "7.4.3",
     "tsx": "4.16.5",
     "wellknown": "0.5.0",
     "ws": "8.18.0",
     "zod": "3.23.8",
     "zod-validation-error": "3.3.1",
-    "@directus/app": "13.0.1",
-    "@directus/constants": "12.0.0",
-    "@directus/env": "3.0.0",
+    "@directus/app": "13.1.0",
     "@directus/errors": "1.0.0",
-    "@directus/extensions": "2.0.0",
+    "@directus/env": "3.0.0",
+    "@directus/constants": "12.0.0",
     "@directus/extensions-registry": "2.0.0",
+    "@directus/extensions": "2.0.0",
+    "@directus/extensions-sdk": "12.0.1",
     "@directus/format-title": "11.0.0",
     "@directus/memory": "2.0.0",
-    "@directus/pressure": "2.0.0",
     "@directus/schema": "12.0.0",
-    "@directus/extensions-sdk": "12.0.0",
+    "@directus/pressure": "2.0.0",
     "@directus/specs": "11.0.0",
-    "@directus/storage-driver-azure": "11.0.0",
     "@directus/storage": "11.0.0",
+    "@directus/storage-driver-azure": "11.0.0",
     "@directus/storage-driver-cloudinary": "11.0.0",
     "@directus/storage-driver-gcs": "11.0.0",
+    "@directus/storage-driver-s3": "11.0.0",
     "@directus/storage-driver-local": "11.0.0",
     "@directus/storage-driver-supabase": "2.0.0",
     "@directus/system-data": "2.0.0",
-    "@directus/storage-driver-s3": "11.0.0",
+    "@directus/utils": "12.0.0",
     "@directus/validation": "1.0.0",
-    "directus": "11.0.1",
-    "@directus/utils": "12.0.0"
+    "directus": "11.0.2"
   },
   "devDependencies": {
     "@ngneat/falso": "7.2.0",
@@ -209,11 +209,12 @@
     "@vitest/coverage-v8": "1.5.3",
     "copyfiles": "2.4.1",
     "form-data": "4.0.0",
+    "get-port": "7.1.0",
     "knex-mock-client": "2.0.1",
     "typescript": "5.4.5",
     "vitest": "1.5.3",
-    "@directus/random": "1.0.0",
     "@directus/tsconfig": "2.0.0",
+    "@directus/random": "1.0.0",
     "@directus/types": "12.0.0"
   },
   "optionalDependencies": {