@directus/api 22.2.0 → 23.1.0

package/dist/database/migrations/20240909B-consolidate-content-versioning.js

@@ -0,0 +1,10 @@
+export async function up(knex) {
+    await knex.schema.alterTable('directus_versions', (table) => {
+        table.json('delta');
+    });
+}
+export async function down(knex) {
+    await knex.schema.alterTable('directus_versions', (table) => {
+        table.dropColumn('delta');
+    });
+}

package/dist/database/run-ast/lib/get-db-query.d.ts

@@ -1,4 +1,14 @@
-import type { Filter, Permission, Query, SchemaOverview } from '@directus/types';
+import type { Filter, Permission, Query } from '@directus/types';
 import type { Knex } from 'knex';
+import type { Context } from '../../../permissions/types.js';
 import type { FieldNode, FunctionFieldNode, O2MNode } from '../../../types/ast.js';
-export declare function getDBQuery(schema: SchemaOverview, knex: Knex, table: string, fieldNodes: (FieldNode | FunctionFieldNode)[], o2mNodes: O2MNode[], query: Query, cases: Filter[], permissions: Permission[]): Knex.QueryBuilder;
+export type DBQueryOptions = {
+    table: string;
+    fieldNodes: (FieldNode | FunctionFieldNode)[];
+    o2mNodes: O2MNode[];
+    query: Query;
+    cases: Filter[];
+    permissions: Permission[];
+    permissionsOnly?: boolean;
+};
+export declare function getDBQuery({ table, fieldNodes, o2mNodes, query, cases, permissions, permissionsOnly }: DBQueryOptions, { knex, schema }: Context): Knex.QueryBuilder;

package/dist/database/run-ast/lib/get-db-query.js

@@ -9,10 +9,10 @@ import { getColumnPreprocessor } from '../utils/get-column-pre-processor.js';
 import { getNodeAlias } from '../utils/get-field-alias.js';
 import { getInnerQueryColumnPreProcessor } from '../utils/get-inner-query-column-pre-processor.js';
 import { withPreprocessBindings } from '../utils/with-preprocess-bindings.js';
-export function getDBQuery(schema, knex, table, fieldNodes, o2mNodes, query, cases, permissions) {
+export function getDBQuery({ table, fieldNodes, o2mNodes, query, cases, permissions, permissionsOnly }, { knex, schema }) {
     const aliasMap = Object.create(null);
     const env = useEnv();
-    const preProcess = getColumnPreprocessor(knex, schema, table, cases, permissions, aliasMap);
+    const preProcess = getColumnPreprocessor(knex, schema, table, cases, permissions, aliasMap, permissionsOnly);
     const queryCopy = cloneDeep(query);
     const helpers = getHelpers(knex);
     const hasCaseWhen = o2mNodes.some((node) => node.whenCase && node.whenCase.length > 0) ||

package/dist/database/run-ast/modules/fetch-permitted-ast-root-fields.d.ts

@@ -0,0 +1,15 @@
+import type { Accountability, PermissionsAction, SchemaOverview } from '@directus/types';
+import type { Knex } from 'knex';
+import type { AST } from '../../../types/ast.js';
+type FetchPermittedAstRootFieldsOptions = {
+    schema: SchemaOverview;
+    accountability: Accountability;
+    knex: Knex;
+    action: PermissionsAction;
+};
+/**
+ * Fetch the permitted top level fields of a given root type AST using a case/when query that is constructed the
+ * same way as `runAst` but only returns flags (1/null) instead of actual field values.
+ */
+export declare function fetchPermittedAstRootFields(originalAST: AST, { schema, accountability, knex, action }: FetchPermittedAstRootFieldsOptions): Promise<any>;
+export {};

package/dist/database/run-ast/modules/fetch-permitted-ast-root-fields.js

@@ -0,0 +1,29 @@
+import { cloneDeep } from 'lodash-es';
+import { fetchPermissions } from '../../../permissions/lib/fetch-permissions.js';
+import { fetchPolicies } from '../../../permissions/lib/fetch-policies.js';
+import { getDBQuery } from '../lib/get-db-query.js';
+import { parseCurrentLevel } from '../lib/parse-current-level.js';
+/**
+ * Fetch the permitted top level fields of a given root type AST using a case/when query that is constructed the
+ * same way as `runAst` but only returns flags (1/null) instead of actual field values.
+ */
+export async function fetchPermittedAstRootFields(originalAST, { schema, accountability, knex, action }) {
+    const ast = cloneDeep(originalAST);
+    const { name: collection, children, cases, query } = ast;
+    // Retrieve the database columns to select in the current AST
+    const { fieldNodes } = await parseCurrentLevel(schema, collection, children, query);
+    let permissions = [];
+    if (accountability && !accountability.admin) {
+        const policies = await fetchPolicies(accountability, { schema, knex });
+        permissions = await fetchPermissions({ action, accountability, policies }, { schema, knex });
+    }
+    return getDBQuery({
+        table: collection,
+        fieldNodes,
+        o2mNodes: [],
+        query,
+        cases,
+        permissions,
+        permissionsOnly: true,
+    }, { schema, knex });
+}

package/dist/database/run-ast/run-ast.js

@@ -36,7 +36,14 @@ export async function runAst(originalAST, schema, accountability, options) {
             permissions = await fetchPermissions({ action: 'read', accountability, policies }, { schema, knex });
         }
         // The actual knex query builder instance. This is a promise that resolves with the raw items from the db
-        const dbQuery = getDBQuery(schema, knex, collection, fieldNodes, o2mNodes, query, cases, permissions);
+        const dbQuery = getDBQuery({
+            table: collection,
+            fieldNodes,
+            o2mNodes,
+            query,
+            cases,
+            permissions,
+        }, { schema, knex });
         const rawItems = await dbQuery;
         if (!rawItems)
             return null;

package/dist/database/run-ast/utils/get-column-pre-processor.d.ts

@@ -6,5 +6,5 @@ interface NodePreProcessOptions {
     /** Don't assign an alias to the column but instead return the column as is */
     noAlias?: boolean;
 }
-export declare function getColumnPreprocessor(knex: Knex, schema: SchemaOverview, table: string, cases: Filter[], permissions: Permission[], aliasMap: AliasMap): (fieldNode: FieldNode | FunctionFieldNode | M2ONode, options?: NodePreProcessOptions) => Knex.Raw<string>;
+export declare function getColumnPreprocessor(knex: Knex, schema: SchemaOverview, table: string, cases: Filter[], permissions: Permission[], aliasMap: AliasMap, permissionsOnly?: boolean): (fieldNode: FieldNode | FunctionFieldNode | M2ONode, options?: NodePreProcessOptions) => Knex.Raw<string>;
 export {};

package/dist/database/run-ast/utils/get-column-pre-processor.js

@@ -4,7 +4,7 @@ import { parseFilterKey } from '../../../utils/parse-filter-key.js';
 import { getHelpers } from '../../helpers/index.js';
 import { applyCaseWhen } from './apply-case-when.js';
 import { getNodeAlias } from './get-field-alias.js';
-export function getColumnPreprocessor(knex, schema, table, cases, permissions, aliasMap) {
+export function getColumnPreprocessor(knex, schema, table, cases, permissions, aliasMap, permissionsOnly) {
     const helpers = getHelpers(knex);
     return function (fieldNode, options) {
         // Don't assign an alias to the column expression if the field has a whenCase
@@ -22,7 +22,15 @@ export function getColumnPreprocessor(knex, schema, table, cases, permissions, a
             field = schema.collections[fieldNode.relation.collection].fields[fieldNode.relation.field];
         }
         let column;
-        if (field?.type?.startsWith('geometry')) {
+        if (permissionsOnly) {
+            if (noAlias) {
+                column = knex.raw(1);
+            }
+            else {
+                column = knex.raw('1 as ??', [alias]);
+            }
+        }
+        else if (field?.type?.startsWith('geometry')) {
             column = helpers.st.asText(table, field.field, rawColumnAlias);
         }
         else if (fieldNode.type === 'functionField') {

package/dist/extensions/lib/sandbox/generate-api-extensions-sandbox-entrypoint.d.ts

@@ -1,6 +1,3 @@
-/// <reference types="node" resolution-mode="require"/>
-/// <reference types="node/http.js" />
-/// <reference types="pino-http" />
 import type { ApiExtensionType, HybridExtensionType } from '@directus/extensions';
 import type { Router } from 'express';
 /**

package/dist/extensions/lib/sandbox/register/route.d.ts

@@ -1,9 +1,8 @@
-/// <reference types="node" resolution-mode="require"/>
 import type { Router } from 'express';
 import type { Reference } from 'isolated-vm';
 import type { IncomingHttpHeaders } from 'node:http';
 export declare function registerRouteGenerator(endpointName: string, endpointRouter: Router): {
-    register: (path: Reference<string>, method: Reference<'GET' | 'POST' | 'PUT' | 'PATCH' | 'DELETE'>, cb: Reference<(req: {
+    register: (path: Reference<string>, method: Reference<"GET" | "POST" | "PUT" | "PATCH" | "DELETE">, cb: Reference<(req: {
         url: string;
         headers: IncomingHttpHeaders;
         body: string;

package/dist/logger/index.d.ts

@@ -1,4 +1,3 @@
-/// <reference types="qs" />
 import type { RequestHandler } from 'express';
 import { type Logger } from 'pino';
 import { LogsStream } from './logs-stream.js';
@@ -11,5 +10,5 @@ export declare const useLogger: () => Logger<never>;
 export declare const getLogsStream: (pretty: boolean) => LogsStream;
 export declare const getHttpLogsStream: (pretty: boolean) => LogsStream;
 export declare const getLoggerLevelValue: (level: string) => number;
-export declare const createLogger: () => Logger<never>;
-export declare const createExpressLogger: () => RequestHandler<import("express-serve-static-core").ParamsDictionary, any, any, import("qs").ParsedQs, Record<string, any>>;
+export declare const createLogger: () => Logger<never, boolean>;
+export declare const createExpressLogger: () => RequestHandler;

package/dist/logger/logs-stream.d.ts

@@ -1,4 +1,3 @@
-/// <reference types="node" resolution-mode="require"/>
 import type { Bus } from '@directus/memory';
 import { Writable } from 'stream';
 type PrettyType = 'basic' | 'http' | false;

package/dist/mailer.js

@@ -56,12 +56,6 @@ export default function getMailer() {
             host: env['EMAIL_MAILGUN_HOST'] || 'api.mailgun.net',
         }));
     }
-    else if (transportName === 'sendgrid') {
-        const sg = require('nodemailer-sendgrid');
-        transporter = nodemailer.createTransport(sg({
-            apiKey: env['EMAIL_SENDGRID_API_KEY'],
-        }));
-    }
     else {
         logger.warn('Illegal transport given for email. Check the EMAIL_TRANSPORT env var.');
     }

package/dist/middleware/authenticate.d.ts

@@ -1,9 +1,7 @@
-/// <reference types="qs" />
-/// <reference types="cookie-parser" />
 import type { NextFunction, Request, Response } from 'express';
 /**
  * Verify the passed JWT and assign the user ID and role to `req`
  */
 export declare const handler: (req: Request, res: Response, next: NextFunction) => Promise<void>;
-declare const _default: (req: Request<import("express-serve-static-core").ParamsDictionary, any, any, import("qs").ParsedQs, Record<string, any>>, res: Response<any, Record<string, any>>, next: NextFunction) => Promise<void>;
+declare const _default: (req: Request, res: Response, next: NextFunction) => Promise<void>;
 export default _default;

package/dist/middleware/error-handler.d.ts

@@ -1,3 +1,2 @@
-/// <reference types="qs" />
 import type { ErrorRequestHandler } from 'express';
 export declare const errorHandler: (err: any, req: import("express-serve-static-core").Request<import("express-serve-static-core").ParamsDictionary, any, any, import("qs").ParsedQs, Record<string, any>>, res: import("express-serve-static-core").Response<any, Record<string, any>, number>, next: import("express-serve-static-core").NextFunction) => Promise<ReturnType<ErrorRequestHandler>>;

package/dist/middleware/validate-batch.d.ts

@@ -1,4 +1 @@
-/// <reference types="qs" />
-/// <reference types="express" />
-/// <reference types="cookie-parser" />
-export declare const validateBatch: (scope: 'read' | 'update' | 'delete') => (req: import("express").Request<import("express-serve-static-core").ParamsDictionary, any, any, import("qs").ParsedQs, Record<string, any>>, res: import("express").Response<any, Record<string, any>>, next: import("express").NextFunction) => Promise<void>;
+export declare const validateBatch: (scope: "read" | "update" | "delete") => (req: import("express").Request, res: import("express").Response, next: import("express").NextFunction) => Promise<void>;

package/dist/permissions/lib/fetch-permissions.d.ts

@@ -7,4 +7,14 @@ export interface FetchPermissionsOptions {
     accountability?: Pick<Accountability, 'user' | 'role' | 'roles' | 'app'>;
     bypassDynamicVariableProcessing?: boolean;
 }
-export declare function fetchPermissions(options: FetchPermissionsOptions, context: Context): Promise<import("@directus/types").Permission[]>;
+export declare function fetchPermissions(options: FetchPermissionsOptions, context: Context): Promise<{
+    permissions: import("@directus/types").Filter | null;
+    validation: import("@directus/types").Filter | null;
+    presets: any;
+    id?: number;
+    policy: string | null;
+    collection: string;
+    action: PermissionsAction;
+    fields: string[] | null;
+    system?: true;
+}[]>;

package/dist/permissions/modules/process-ast/utils/get-info-for-path.d.ts

@@ -1,5 +1,5 @@
 import type { CollectionKey, FieldMap, QueryPath } from '../types.js';
 export declare function getInfoForPath(fieldMap: FieldMap, group: keyof FieldMap, path: QueryPath, collection: CollectionKey): {
-    collection: string;
-    fields: Set<string>;
+    collection: CollectionKey;
+    fields: Set<import("../types.js").FieldKey>;
 };

package/dist/permissions/modules/validate-access/lib/validate-item-access.d.ts

@@ -5,5 +5,6 @@ export interface ValidateItemAccessOptions {
     action: PermissionsAction;
     collection: string;
     primaryKeys: PrimaryKey[];
+    fields?: string[];
 }
-export declare function validateItemAccess(options: ValidateItemAccessOptions, context: Context): Promise<boolean>;
+export declare function validateItemAccess(options: ValidateItemAccessOptions, context: Context): Promise<any>;

package/dist/permissions/modules/validate-access/lib/validate-item-access.js

@@ -1,5 +1,4 @@
-import { getAstFromQuery } from '../../../../database/get-ast-from-query/get-ast-from-query.js';
-import { runAst } from '../../../../database/run-ast/run-ast.js';
+import { fetchPermittedAstRootFields } from '../../../../database/run-ast/modules/fetch-permitted-ast-root-fields.js';
 import { processAst } from '../../process-ast/process-ast.js';
 export async function validateItemAccess(options, context) {
     const primaryKeyField = context.schema.collections[options.collection]?.primary;
@@ -8,17 +7,14 @@ export async function validateItemAccess(options, context) {
     }
     // When we're looking up access to specific items, we have to read them from the database to
     // make sure you are allowed to access them.
-    const query = {
-        // We don't actually need any of the field data, just want to know if we can read the item as
-        // whole or not
-        fields: [],
-        limit: options.primaryKeys.length,
+    const ast = {
+        type: 'root',
+        name: options.collection,
+        query: { limit: options.primaryKeys.length },
+        // Act as if every field was a "normal" field
+        children: options.fields?.map((field) => ({ type: 'field', name: field, fieldKey: field, whenCase: [] })) ?? [],
+        cases: [],
     };
-    const ast = await getAstFromQuery({
-        accountability: options.accountability,
-        query,
-        collection: options.collection,
-    }, context);
     await processAst({ ast, ...options }, context);
     // Inject the filter after the permissions have been processed, as to not require access to the primary key
     ast.query.filter = {
@@ -26,8 +22,17 @@ export async function validateItemAccess(options, context) {
             _in: options.primaryKeys,
         },
     };
-    const items = await runAst(ast, context.schema, options.accountability, { knex: context.knex });
+    const items = await fetchPermittedAstRootFields(ast, {
+        schema: context.schema,
+        accountability: options.accountability,
+        knex: context.knex,
+        action: options.action,
+    });
     if (items && items.length === options.primaryKeys.length) {
+        const { fields } = options;
+        if (fields) {
+            return items.every((item) => fields.every((field) => item[field] === 1));
+        }
         return true;
     }
     return false;

package/dist/permissions/modules/validate-access/validate-access.d.ts

@@ -5,6 +5,7 @@ export interface ValidateAccessOptions {
     action: PermissionsAction;
     collection: string;
     primaryKeys?: PrimaryKey[];
+    fields?: string[];
 }
 /**
  * Validate if the current user has access to perform action against the given collection and

package/dist/permissions/modules/validate-access/validate-access.js

@@ -7,6 +7,12 @@ import { validateItemAccess } from './lib/validate-item-access.js';
  * control rules and checking if we got the expected result back
  */
 export async function validateAccess(options, context) {
+    // Skip further validation if the collection does not exist
+    if (options.collection in context.schema.collections === false) {
+        throw new ForbiddenError({
+            reason: `You don't have permission to "${options.action}" from collection "${options.collection}" or it does not exist.`,
+        });
+    }
     if (options.accountability.admin === true) {
         return;
     }
@@ -21,8 +27,15 @@ export async function validateAccess(options, context) {
         access = await validateCollectionAccess(options, context);
     }
     if (!access) {
+        if (options.fields?.length ?? 0 > 0) {
+            throw new ForbiddenError({
+                reason: `You don't have permissions to perform "${options.action}" for the field(s) ${options
+                    .fields.map((field) => `"${field}"`)
+                    .join(', ')} in collection "${options.collection}" or it does not exist.`,
+            });
+        }
         throw new ForbiddenError({
-            reason: `You don't have permission to "${options.action}" from collection "${options.collection}" or it does not exist.`,
+            reason: `You don't have permission to perform "${options.action}" for collection "${options.collection}" or it does not exist.`,
         });
     }
 }

package/dist/permissions/modules/validate-remaining-admin/validate-remaining-admin-users.d.ts

@@ -1,5 +1,4 @@
 import { type FetchUserCountOptions } from '../../../utils/fetch-user-count/fetch-user-count.js';
 import type { Context } from '../../types.js';
-export interface ValidateRemainingAdminUsersOptions extends Pick<FetchUserCountOptions, 'excludeAccessRows' | 'excludePolicies' | 'excludeUsers' | 'excludeRoles'> {
-}
+export type ValidateRemainingAdminUsersOptions = Pick<FetchUserCountOptions, 'excludeAccessRows' | 'excludePolicies' | 'excludeUsers' | 'excludeRoles'>;
 export declare function validateRemainingAdminUsers(options: ValidateRemainingAdminUsersOptions, context: Context): Promise<void>;

package/dist/permissions/utils/fetch-dynamic-variable-context.js

@@ -32,13 +32,21 @@ export async function fetchDynamicVariableContext(options, context) {
             });
         });
     }
-    if (options.policies.length > 0 && (permissionContext.$CURRENT_POLICIES?.size ?? 0) > 0) {
-        contextData['$CURRENT_POLICIES'] = await fetchContextData('$CURRENT_POLICIES', permissionContext, { policies: options.policies }, async (fields) => {
-            const policiesService = new PoliciesService(context);
-            return await policiesService.readMany(options.policies, {
-                fields,
+    if (options.policies.length > 0) {
+        if ((permissionContext.$CURRENT_POLICIES?.size ?? 0) > 0) {
+            // Always add the id field
+            permissionContext.$CURRENT_POLICIES.add('id');
+            contextData['$CURRENT_POLICIES'] = await fetchContextData('$CURRENT_POLICIES', permissionContext, { policies: options.policies }, async (fields) => {
+                const policiesService = new PoliciesService(context);
+                return await policiesService.readMany(options.policies, {
+                    fields,
+                });
             });
-        });
+        }
+        else {
+            // Always create entries for the policies with the `id` field present
+            contextData['$CURRENT_POLICIES'] = options.policies.map((id) => ({ id }));
+        }
     }
     return contextData;
 }

package/dist/permissions/utils/process-permissions.d.ts

@@ -4,4 +4,14 @@ export interface ProcessPermissionsOptions {
     accountability: Pick<Accountability, 'user' | 'role' | 'roles'>;
     permissionsContext: Record<string, any>;
 }
-export declare function processPermissions({ permissions, accountability, permissionsContext }: ProcessPermissionsOptions): Permission[];
+export declare function processPermissions({ permissions, accountability, permissionsContext }: ProcessPermissionsOptions): {
+    permissions: import("@directus/types").Filter | null;
+    validation: import("@directus/types").Filter | null;
+    presets: any;
+    id?: number;
+    policy: string | null;
+    collection: string;
+    action: import("@directus/types").PermissionsAction;
+    fields: string[] | null;
+    system?: true;
+}[];

package/dist/permissions/utils/process-permissions.js

@@ -1,9 +1,11 @@
 import { parseFilter, parsePreset } from '@directus/utils';
 export function processPermissions({ permissions, accountability, permissionsContext }) {
     return permissions.map((permission) => {
-        permission.permissions = parseFilter(permission.permissions, accountability, permissionsContext);
-        permission.validation = parseFilter(permission.validation, accountability, permissionsContext);
-        permission.presets = parsePreset(permission.presets, accountability, permissionsContext);
-        return permission;
+        return {
+            ...permission,
+            permissions: parseFilter(permission.permissions, accountability, permissionsContext),
+            validation: parseFilter(permission.validation, accountability, permissionsContext),
+            presets: parsePreset(permission.presets, accountability, permissionsContext),
+        };
     });
 }

package/dist/request/agent-with-ip-validation.d.ts

@@ -1,4 +1,3 @@
-/// <reference types="node" resolution-mode="require"/>
 import type { Agent, ClientRequestArgs } from 'node:http';
 /**
  * 'createConnection' is missing in 'Agent' type, but assigned in actual implementation:

package/dist/server.d.ts

@@ -1,6 +1,3 @@
-/// <reference types="node" resolution-mode="require"/>
-/// <reference types="node/http.js" />
-/// <reference types="pino-http" />
 import * as http from 'http';
 export declare let SERVER_ONLINE: boolean;
 export declare function createServer(): Promise<http.Server>;

package/dist/services/activity.d.ts

@@ -1,11 +1,5 @@
-import type { Item, PrimaryKey } from '@directus/types';
-import type { AbstractServiceOptions, MutationOptions } from '../types/index.js';
+import type { AbstractServiceOptions } from '../types/index.js';
 import { ItemsService } from './items.js';
-import { NotificationsService } from './notifications.js';
-import { UsersService } from './users.js';
 export declare class ActivityService extends ItemsService {
-    notificationsService: NotificationsService;
-    usersService: UsersService;
     constructor(options: AbstractServiceOptions);
-    createOne(data: Partial<Item>, opts?: MutationOptions): Promise<PrimaryKey>;
 }

package/dist/services/activity.js

@@ -1,109 +1,6 @@
-import { Action } from '@directus/constants';
-import { useEnv } from '@directus/env';
-import { ErrorCode, isDirectusError } from '@directus/errors';
-import { uniq } from 'lodash-es';
-import { useLogger } from '../logger/index.js';
-import { fetchRolesTree } from '../permissions/lib/fetch-roles-tree.js';
-import { fetchGlobalAccess } from '../permissions/modules/fetch-global-access/fetch-global-access.js';
-import { validateAccess } from '../permissions/modules/validate-access/validate-access.js';
-import { createDefaultAccountability } from '../permissions/utils/create-default-accountability.js';
-import { isValidUuid } from '../utils/is-valid-uuid.js';
-import { Url } from '../utils/url.js';
-import { userName } from '../utils/user-name.js';
 import { ItemsService } from './items.js';
-import { NotificationsService } from './notifications.js';
-import { UsersService } from './users.js';
-const env = useEnv();
-const logger = useLogger();
 export class ActivityService extends ItemsService {
-    notificationsService;
-    usersService;
     constructor(options) {
         super('directus_activity', options);
-        this.notificationsService = new NotificationsService({ schema: this.schema });
-        this.usersService = new UsersService({ schema: this.schema });
-    }
-    async createOne(data, opts) {
-        if (data['action'] === Action.COMMENT && typeof data['comment'] === 'string') {
-            const usersRegExp = new RegExp(/@[0-9A-F]{8}-[0-9A-F]{4}-4[0-9A-F]{3}-[89AB][0-9A-F]{3}-[0-9A-F]{12}/gi);
-            const mentions = uniq(data['comment'].match(usersRegExp) ?? []);
-            const sender = await this.usersService.readOne(this.accountability.user, {
-                fields: ['id', 'first_name', 'last_name', 'email'],
-            });
-            for (const mention of mentions) {
-                const userID = mention.substring(1);
-                const user = await this.usersService.readOne(userID, {
-                    fields: ['id', 'first_name', 'last_name', 'email', 'role'],
-                });
-                const roles = await fetchRolesTree(user['role'], this.knex);
-                const globalAccess = await fetchGlobalAccess({ user: user['id'], roles, ip: null }, this.knex);
-                const accountability = createDefaultAccountability({
-                    user: userID,
-                    role: user['role']?.id ?? null,
-                    roles,
-                    ...globalAccess,
-                });
-                const usersService = new UsersService({ schema: this.schema, accountability });
-                try {
-                    if (this.accountability) {
-                        await validateAccess({
-                            accountability: this.accountability,
-                            action: 'read',
-                            collection: data['collection'],
-                            primaryKeys: [data['item']],
-                        }, {
-                            knex: this.knex,
-                            schema: this.schema,
-                        });
-                    }
-                    const templateData = await usersService.readByQuery({
-                        fields: ['id', 'first_name', 'last_name', 'email'],
-                        filter: { id: { _in: mentions.map((mention) => mention.substring(1)) } },
-                    });
-                    const userPreviews = templateData.reduce((acc, user) => {
-                        acc[user['id']] = `<em>${userName(user)}</em>`;
-                        return acc;
-                    }, {});
-                    let comment = data['comment'];
-                    for (const mention of mentions) {
-                        const uuid = mention.substring(1);
-                        // We only match on UUIDs in the first place. This is just an extra sanity check.
-                        if (isValidUuid(uuid) === false)
-                            continue;
-                        comment = comment.replace(new RegExp(mention, 'gm'), userPreviews[uuid] ?? '@Unknown User');
-                    }
-                    comment = `> ${comment.replace(/\n+/gm, '\n> ')}`;
-                    const href = new Url(env['PUBLIC_URL'])
-                        .addPath('admin', 'content', data['collection'], data['item'])
-                        .toString();
-                    const message = `
-Hello ${userName(user)},
-
-${userName(sender)} has mentioned you in a comment:
-
-${comment}
-
-<a href="${href}">Click here to view.</a>
-`;
-                    await this.notificationsService.createOne({
-                        recipient: userID,
-                        sender: sender['id'],
-                        subject: `You were mentioned in ${data['collection']}`,
-                        message,
-                        collection: data['collection'],
-                        item: data['item'],
-                    });
-                }
-                catch (err) {
-                    if (isDirectusError(err, ErrorCode.Forbidden)) {
-                        logger.warn(`User ${userID} doesn't have proper permissions to receive notification for this item.`);
-                    }
-                    else {
-                        throw err;
-                    }
-                }
-            }
-        }
-        return super.createOne(data, opts);
     }
 }

package/dist/services/assets.d.ts

@@ -1,4 +1,3 @@
-/// <reference types="node" resolution-mode="require"/>
 import type { Range, Stat } from '@directus/storage';
 import type { Accountability, SchemaOverview } from '@directus/types';
 import type { Knex } from 'knex';

package/dist/services/assets.js

@@ -98,7 +98,7 @@ export class AssetsService {
             }
             if (exists) {
                 return {
-                    stream: await storage.location(file.storage).read(assetFilename, range),
+                    stream: await storage.location(file.storage).read(assetFilename, { range }),
                     file,
                     stat: await storage.location(file.storage).stat(assetFilename),
                 };
@@ -121,7 +121,8 @@ export class AssetsService {
                     reason: 'Server too busy',
                 });
             }
-            const readStream = await storage.location(file.storage).read(file.filename_disk, range);
+            const version = file.modified_on !== undefined ? String(new Date(file.modified_on).getTime() / 1000) : undefined;
+            const readStream = await storage.location(file.storage).read(file.filename_disk, { range, version });
             const transformer = getSharpInstance();
             transformer.timeout({
                 seconds: clamp(Math.round(getMilliseconds(env['ASSETS_TRANSFORM_TIMEOUT'], 0) / 1000), 1, 3600),
@@ -151,13 +152,13 @@ export class AssetsService {
                 }
             }
             return {
-                stream: await storage.location(file.storage).read(assetFilename, range),
+                stream: await storage.location(file.storage).read(assetFilename, { range }),
                 stat: await storage.location(file.storage).stat(assetFilename),
                 file,
             };
         }
         else {
-            const readStream = await storage.location(file.storage).read(file.filename_disk, range);
+            const readStream = await storage.location(file.storage).read(file.filename_disk, { range });
             const stat = await storage.location(file.storage).stat(file.filename_disk);
             return { stream: readStream, file, stat };
         }

package/dist/services/collections.js

@@ -155,10 +155,11 @@ export class CollectionsService {
             if (opts?.autoPurgeSystemCache !== false) {
                 await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
             }
+            // Refresh the schema for subsequent reads
+            this.schema = await getSchema();
             if (opts?.emitEvents !== false && nestedActionEvents.length > 0) {
-                const updatedSchema = await getSchema();
                 for (const nestedActionEvent of nestedActionEvents) {
-                    nestedActionEvent.context.schema = updatedSchema;
+                    nestedActionEvent.context.schema = this.schema;
                     emitter.emitAction(nestedActionEvent.event, nestedActionEvent.meta, nestedActionEvent.context);
                 }
             }
@@ -196,10 +197,11 @@ export class CollectionsService {
             if (opts?.autoPurgeSystemCache !== false) {
                 await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
             }
+            // Refresh the schema for subsequent reads
+            this.schema = await getSchema();
             if (opts?.emitEvents !== false && nestedActionEvents.length > 0) {
-                const updatedSchema = await getSchema();
                 for (const nestedActionEvent of nestedActionEvents) {
-                    nestedActionEvent.context.schema = updatedSchema;
+                    nestedActionEvent.context.schema = this.schema;
                     emitter.emitAction(nestedActionEvent.event, nestedActionEvent.meta, nestedActionEvent.context);
                 }
             }