npm - @directus/api - Versions diffs - 23.0.0 → 23.1.1 - Mend

@directus/api 23.0.0 → 23.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (72) hide show

package/dist/app.js +2 -0
package/dist/controllers/activity.js +30 -27
package/dist/controllers/assets.js +1 -1
package/dist/controllers/comments.d.ts +2 -0
package/dist/controllers/comments.js +153 -0
package/dist/controllers/permissions.js +1 -1
package/dist/controllers/users.js +4 -8
package/dist/controllers/versions.js +10 -5
package/dist/database/helpers/schema/dialects/cockroachdb.d.ts +1 -1
package/dist/database/helpers/schema/dialects/cockroachdb.js +2 -2
package/dist/database/helpers/schema/dialects/mssql.d.ts +1 -1
package/dist/database/helpers/schema/dialects/mssql.js +1 -1
package/dist/database/helpers/schema/dialects/mysql.d.ts +1 -1
package/dist/database/helpers/schema/dialects/mysql.js +2 -2
package/dist/database/helpers/schema/dialects/oracle.d.ts +1 -1
package/dist/database/helpers/schema/dialects/oracle.js +1 -1
package/dist/database/helpers/schema/dialects/postgres.d.ts +1 -1
package/dist/database/helpers/schema/dialects/postgres.js +3 -3
package/dist/database/helpers/schema/types.d.ts +1 -1
package/dist/database/helpers/schema/types.js +1 -1
package/dist/database/index.js +3 -0
package/dist/database/migrations/20240806A-permissions-policies.d.ts +0 -3
package/dist/database/migrations/20240806A-permissions-policies.js +8 -94
package/dist/database/migrations/20240909A-separate-comments.d.ts +3 -0
package/dist/database/migrations/20240909A-separate-comments.js +65 -0
package/dist/database/migrations/20240909B-consolidate-content-versioning.d.ts +3 -0
package/dist/database/migrations/20240909B-consolidate-content-versioning.js +10 -0
package/dist/database/run-ast/lib/get-db-query.d.ts +12 -2
package/dist/database/run-ast/lib/get-db-query.js +3 -3
package/dist/database/run-ast/modules/fetch-permitted-ast-root-fields.d.ts +15 -0
package/dist/database/run-ast/modules/fetch-permitted-ast-root-fields.js +29 -0
package/dist/database/run-ast/run-ast.js +8 -1
package/dist/database/run-ast/utils/apply-case-when.js +1 -1
package/dist/database/run-ast/utils/get-column-pre-processor.d.ts +1 -1
package/dist/database/run-ast/utils/get-column-pre-processor.js +10 -2
package/dist/permissions/lib/fetch-permissions.d.ts +1 -1
package/dist/permissions/lib/fetch-permissions.js +4 -1
package/dist/permissions/modules/validate-access/lib/validate-item-access.d.ts +2 -1
package/dist/permissions/modules/validate-access/lib/validate-item-access.js +18 -13
package/dist/permissions/modules/validate-access/validate-access.d.ts +1 -0
package/dist/permissions/modules/validate-access/validate-access.js +14 -1
package/dist/permissions/utils/fetch-share-info.d.ts +12 -0
package/dist/permissions/utils/fetch-share-info.js +9 -0
package/dist/permissions/utils/get-permissions-for-share.d.ts +4 -0
package/dist/permissions/utils/get-permissions-for-share.js +182 -0
package/dist/permissions/utils/merge-permissions.d.ts +9 -0
package/dist/permissions/utils/merge-permissions.js +118 -0
package/dist/services/activity.d.ts +1 -7
package/dist/services/activity.js +0 -103
package/dist/services/assets.js +5 -4
package/dist/services/authentication.js +1 -10
package/dist/services/collections.js +6 -4
package/dist/services/comments.d.ts +31 -0
package/dist/services/comments.js +378 -0
package/dist/services/graphql/index.js +17 -16
package/dist/services/index.d.ts +1 -0
package/dist/services/index.js +1 -0
package/dist/services/items.js +3 -1
package/dist/services/mail/index.d.ts +2 -1
package/dist/services/mail/index.js +4 -1
package/dist/services/payload.js +15 -14
package/dist/services/shares.d.ts +2 -0
package/dist/services/shares.js +11 -9
package/dist/services/users.js +1 -0
package/dist/services/versions.js +59 -44
package/dist/types/auth.d.ts +0 -7
package/dist/utils/apply-diff.js +5 -6
package/dist/utils/get-accountability-for-token.js +0 -2
package/dist/utils/get-service.js +3 -1
package/dist/utils/sanitize-schema.d.ts +1 -1
package/dist/utils/sanitize-schema.js +2 -0
package/package.json +52 -52

package/dist/permissions/utils/merge-permissions.js ADDED Viewed

@@ -0,0 +1,118 @@
+import { flatten, intersection, isEqual, merge, omit, uniq } from 'lodash-es';
+// Adapted from https://github.com/directus/directus/blob/141b8adbf4dd8e06530a7929f34e3fc68a522053/api/src/utils/merge-permissions.ts#L4
+/**
+ * Merges multiple permission lists into a flat list of unique permissions.
+ * @param strategy `and` or `or` deduplicate permissions while `intersection` makes sure only common permissions across all lists are kept and overlapping permissions are merged through `and`.
+ * @param permissions List of permission lists to merge.
+ * @returns A flat list of unique permissions.
+ */
+export function mergePermissions(strategy, ...permissions) {
+    let allPermissions;
+    // Only keep permissions that are common to all lists
+    if (strategy === 'intersection') {
+        const permissionKeys = permissions.map((permissions) => {
+            return new Set(permissions.map((permission) => `${permission.collection}__${permission.action}`));
+        });
+        const intersectionKeys = permissionKeys.reduce((acc, val) => {
+            return new Set([...acc].filter((x) => val.has(x)));
+        }, permissionKeys[0]);
+        const deduplicateSubpermissions = permissions.map((permissions) => {
+            return mergePermissions('or', permissions);
+        });
+        allPermissions = flatten(deduplicateSubpermissions).filter((permission) => {
+            return intersectionKeys.has(`${permission.collection}__${permission.action}`);
+        });
+        strategy = 'and';
+    }
+    else {
+        allPermissions = flatten(permissions);
+    }
+    const mergedPermissions = allPermissions
+        .reduce((acc, val) => {
+        const key = `${val.collection}__${val.action}`;
+        const current = acc.get(key);
+        acc.set(key, current ? mergePermission(strategy, current, val) : val);
+        return acc;
+    }, new Map())
+        .values();
+    return Array.from(mergedPermissions);
+}
+export function mergePermission(strategy, currentPerm, newPerm) {
+    const logicalKey = `_${strategy}`;
+    let { permissions, validation, fields, presets } = currentPerm;
+    if (newPerm.permissions) {
+        if (currentPerm.permissions && Object.keys(currentPerm.permissions)[0] === logicalKey) {
+            permissions = {
+                [logicalKey]: [
+                    ...currentPerm.permissions[logicalKey],
+                    newPerm.permissions,
+                ],
+            };
+        }
+        else if (currentPerm.permissions) {
+            // Empty {} supersedes other permissions in _OR merge
+            if (strategy === 'or' && (isEqual(currentPerm.permissions, {}) || isEqual(newPerm.permissions, {}))) {
+                permissions = {};
+            }
+            else {
+                permissions = {
+                    [logicalKey]: [currentPerm.permissions, newPerm.permissions],
+                };
+            }
+        }
+        else {
+            permissions = {
+                [logicalKey]: [newPerm.permissions],
+            };
+        }
+    }
+    if (newPerm.validation) {
+        if (currentPerm.validation && Object.keys(currentPerm.validation)[0] === logicalKey) {
+            validation = {
+                [logicalKey]: [
+                    ...currentPerm.validation[logicalKey],
+                    newPerm.validation,
+                ],
+            };
+        }
+        else if (currentPerm.validation) {
+            // Empty {} supersedes other validations in _OR merge
+            if (strategy === 'or' && (isEqual(currentPerm.validation, {}) || isEqual(newPerm.validation, {}))) {
+                validation = {};
+            }
+            else {
+                validation = {
+                    [logicalKey]: [currentPerm.validation, newPerm.validation],
+                };
+            }
+        }
+        else {
+            validation = {
+                [logicalKey]: [newPerm.validation],
+            };
+        }
+    }
+    if (newPerm.fields) {
+        if (Array.isArray(currentPerm.fields) && strategy === 'or') {
+            fields = uniq([...currentPerm.fields, ...newPerm.fields]);
+        }
+        else if (Array.isArray(currentPerm.fields) && strategy === 'and') {
+            fields = intersection(currentPerm.fields, newPerm.fields);
+        }
+        else {
+            fields = newPerm.fields;
+        }
+        if (fields.includes('*'))
+            fields = ['*'];
+    }
+    if (newPerm.presets) {
+        presets = merge({}, presets, newPerm.presets);
+    }
+    return omit({
+        ...currentPerm,
+        permissions,
+        validation,
+        fields,
+        presets,
+    }, ['id', 'system']);
+}

package/dist/services/activity.d.ts CHANGED Viewed

@@ -1,11 +1,5 @@
-import type { Item, PrimaryKey } from '@directus/types';
-import type { AbstractServiceOptions, MutationOptions } from '../types/index.js';
+import type { AbstractServiceOptions } from '../types/index.js';
 import { ItemsService } from './items.js';
-import { NotificationsService } from './notifications.js';
-import { UsersService } from './users.js';
 export declare class ActivityService extends ItemsService {
-    notificationsService: NotificationsService;
-    usersService: UsersService;
     constructor(options: AbstractServiceOptions);
-    createOne(data: Partial<Item>, opts?: MutationOptions): Promise<PrimaryKey>;
 }

package/dist/services/activity.js CHANGED Viewed

@@ -1,109 +1,6 @@
-import { Action } from '@directus/constants';
-import { useEnv } from '@directus/env';
-import { ErrorCode, isDirectusError } from '@directus/errors';
-import { uniq } from 'lodash-es';
-import { useLogger } from '../logger/index.js';
-import { fetchRolesTree } from '../permissions/lib/fetch-roles-tree.js';
-import { fetchGlobalAccess } from '../permissions/modules/fetch-global-access/fetch-global-access.js';
-import { validateAccess } from '../permissions/modules/validate-access/validate-access.js';
-import { createDefaultAccountability } from '../permissions/utils/create-default-accountability.js';
-import { isValidUuid } from '../utils/is-valid-uuid.js';
-import { Url } from '../utils/url.js';
-import { userName } from '../utils/user-name.js';
 import { ItemsService } from './items.js';
-import { NotificationsService } from './notifications.js';
-import { UsersService } from './users.js';
-const env = useEnv();
-const logger = useLogger();
 export class ActivityService extends ItemsService {
-    notificationsService;
-    usersService;
     constructor(options) {
         super('directus_activity', options);
-        this.notificationsService = new NotificationsService({ schema: this.schema });
-        this.usersService = new UsersService({ schema: this.schema });
-    }
-    async createOne(data, opts) {
-        if (data['action'] === Action.COMMENT && typeof data['comment'] === 'string') {
-            const usersRegExp = new RegExp(/@[0-9A-F]{8}-[0-9A-F]{4}-4[0-9A-F]{3}-[89AB][0-9A-F]{3}-[0-9A-F]{12}/gi);
-            const mentions = uniq(data['comment'].match(usersRegExp) ?? []);
-            const sender = await this.usersService.readOne(this.accountability.user, {
-                fields: ['id', 'first_name', 'last_name', 'email'],
-            });
-            for (const mention of mentions) {
-                const userID = mention.substring(1);
-                const user = await this.usersService.readOne(userID, {
-                    fields: ['id', 'first_name', 'last_name', 'email', 'role'],
-                });
-                const roles = await fetchRolesTree(user['role'], this.knex);
-                const globalAccess = await fetchGlobalAccess({ user: user['id'], roles, ip: null }, this.knex);
-                const accountability = createDefaultAccountability({
-                    user: userID,
-                    role: user['role']?.id ?? null,
-                    roles,
-                    ...globalAccess,
-                });
-                const usersService = new UsersService({ schema: this.schema, accountability });
-                try {
-                    if (this.accountability) {
-                        await validateAccess({
-                            accountability: this.accountability,
-                            action: 'read',
-                            collection: data['collection'],
-                            primaryKeys: [data['item']],
-                        }, {
-                            knex: this.knex,
-                            schema: this.schema,
-                        });
-                    }
-                    const templateData = await usersService.readByQuery({
-                        fields: ['id', 'first_name', 'last_name', 'email'],
-                        filter: { id: { _in: mentions.map((mention) => mention.substring(1)) } },
-                    });
-                    const userPreviews = templateData.reduce((acc, user) => {
-                        acc[user['id']] = `<em>${userName(user)}</em>`;
-                        return acc;
-                    }, {});
-                    let comment = data['comment'];
-                    for (const mention of mentions) {
-                        const uuid = mention.substring(1);
-                        // We only match on UUIDs in the first place. This is just an extra sanity check.
-                        if (isValidUuid(uuid) === false)
-                            continue;
-                        comment = comment.replace(new RegExp(mention, 'gm'), userPreviews[uuid] ?? '@Unknown User');
-                    }
-                    comment = `> ${comment.replace(/\n+/gm, '\n> ')}`;
-                    const href = new Url(env['PUBLIC_URL'])
-                        .addPath('admin', 'content', data['collection'], data['item'])
-                        .toString();
-                    const message = `
-Hello ${userName(user)},
-${userName(sender)} has mentioned you in a comment:
-${comment}
-<a href="${href}">Click here to view.</a>
-`;
-                    await this.notificationsService.createOne({
-                        recipient: userID,
-                        sender: sender['id'],
-                        subject: `You were mentioned in ${data['collection']}`,
-                        message,
-                        collection: data['collection'],
-                        item: data['item'],
-                    });
-                }
-                catch (err) {
-                    if (isDirectusError(err, ErrorCode.Forbidden)) {
-                        logger.warn(`User ${userID} doesn't have proper permissions to receive notification for this item.`);
-                    }
-                    else {
-                        throw err;
-                    }
-                }
-            }
-        }
-        return super.createOne(data, opts);
     }
 }

package/dist/services/assets.js CHANGED Viewed

@@ -98,7 +98,7 @@ export class AssetsService {
             }
             if (exists) {
                 return {
-                    stream: await storage.location(file.storage).read(assetFilename, range),
+                    stream: await storage.location(file.storage).read(assetFilename, { range }),
                     file,
                     stat: await storage.location(file.storage).stat(assetFilename),
                 };
@@ -121,7 +121,8 @@ export class AssetsService {
                     reason: 'Server too busy',
                 });
             }
-            const readStream = await storage.location(file.storage).read(file.filename_disk, range);
+            const version = file.modified_on !== undefined ? String(Math.round(new Date(file.modified_on).getTime() / 1000)) : undefined;
+            const readStream = await storage.location(file.storage).read(file.filename_disk, { range, version });
             const transformer = getSharpInstance();
             transformer.timeout({
                 seconds: clamp(Math.round(getMilliseconds(env['ASSETS_TRANSFORM_TIMEOUT'], 0) / 1000), 1, 3600),
@@ -151,13 +152,13 @@ export class AssetsService {
                 }
             }
             return {
-                stream: await storage.location(file.storage).read(assetFilename, range),
+                stream: await storage.location(file.storage).read(assetFilename, { range }),
                 stat: await storage.location(file.storage).stat(assetFilename),
                 file,
             };
         }
         else {
-            const readStream = await storage.location(file.storage).read(file.filename_disk, range);
+            const readStream = await storage.location(file.storage).read(file.filename_disk, { range });
             const stat = await storage.location(file.storage).stat(file.filename_disk);
             return { stream: readStream, file, stat };
         }

package/dist/services/authentication.js CHANGED Viewed

@@ -212,13 +212,8 @@ export class AuthenticationService {
             user_auth_data: 'u.auth_data',
             user_role: 'u.role',
             share_id: 'd.id',
-            share_item: 'd.item',
-            share_role: 'd.role',
-            share_collection: 'd.collection',
             share_start: 'd.date_start',
             share_end: 'd.date_end',
-            share_times_used: 'd.times_used',
-            share_max_uses: 'd.max_uses',
         })
             .from('directus_sessions AS s')
             .leftJoin('directus_users AS u', 's.user', 'u.id')
@@ -289,11 +284,7 @@ export class AuthenticationService {
         }
         if (record.share_id) {
             tokenPayload.share = record.share_id;
-            tokenPayload.role = record.share_role;
-            tokenPayload.share_scope = {
-                collection: record.share_collection,
-                item: record.share_item,
-            };
+            tokenPayload.role = null;
             tokenPayload.app_access = false;
             tokenPayload.admin_access = false;
             delete tokenPayload.id;

package/dist/services/collections.js CHANGED Viewed

@@ -155,10 +155,11 @@ export class CollectionsService {
             if (opts?.autoPurgeSystemCache !== false) {
                 await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
             }
+            // Refresh the schema for subsequent reads
+            this.schema = await getSchema();
             if (opts?.emitEvents !== false && nestedActionEvents.length > 0) {
-                const updatedSchema = await getSchema();
                 for (const nestedActionEvent of nestedActionEvents) {
-                    nestedActionEvent.context.schema = updatedSchema;
+                    nestedActionEvent.context.schema = this.schema;
                     emitter.emitAction(nestedActionEvent.event, nestedActionEvent.meta, nestedActionEvent.context);
                 }
             }
@@ -196,10 +197,11 @@ export class CollectionsService {
             if (opts?.autoPurgeSystemCache !== false) {
                 await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
             }
+            // Refresh the schema for subsequent reads
+            this.schema = await getSchema();
             if (opts?.emitEvents !== false && nestedActionEvents.length > 0) {
-                const updatedSchema = await getSchema();
                 for (const nestedActionEvent of nestedActionEvents) {
-                    nestedActionEvent.context.schema = updatedSchema;
+                    nestedActionEvent.context.schema = this.schema;
                     emitter.emitAction(nestedActionEvent.event, nestedActionEvent.meta, nestedActionEvent.context);
                 }
             }

package/dist/services/comments.d.ts ADDED Viewed

@@ -0,0 +1,31 @@
+import type { Comment, Item, PrimaryKey, Query } from '@directus/types';
+import type { AbstractServiceOptions, MutationOptions } from '../types/index.js';
+import { ActivityService } from './activity.js';
+import { ItemsService, type QueryOptions } from './items.js';
+import { NotificationsService } from './notifications.js';
+import { UsersService } from './users.js';
+type serviceOrigin = 'activity' | 'comments';
+export declare class CommentsService extends ItemsService {
+    activityService: ActivityService;
+    notificationsService: NotificationsService;
+    usersService: UsersService;
+    serviceOrigin: serviceOrigin;
+    constructor(options: AbstractServiceOptions & {
+        serviceOrigin: serviceOrigin;
+    });
+    readOne(key: PrimaryKey, query?: Query, opts?: QueryOptions): Promise<Item>;
+    readByQuery(query: Query, opts?: QueryOptions): Promise<Item[]>;
+    readMany(keys: PrimaryKey[], query?: Query, opts?: QueryOptions): Promise<Item[]>;
+    createOne(data: Partial<Comment>, opts?: MutationOptions): Promise<PrimaryKey>;
+    updateByQuery(query: Query, data: Partial<Item>, opts?: MutationOptions): Promise<PrimaryKey[]>;
+    updateMany(keys: PrimaryKey[], data: Partial<Item>, opts?: MutationOptions): Promise<PrimaryKey[]>;
+    updateOne(key: PrimaryKey, data: Partial<Item>, opts?: MutationOptions): Promise<PrimaryKey>;
+    deleteByQuery(query: Query, opts?: MutationOptions): Promise<PrimaryKey[]>;
+    deleteMany(keys: PrimaryKey[], opts?: MutationOptions): Promise<PrimaryKey[]>;
+    deleteOne(key: PrimaryKey, opts?: MutationOptions): Promise<PrimaryKey>;
+    private processPrimaryKeys;
+    migrateLegacyComment(activityPk: PrimaryKey): Promise<PrimaryKey>;
+    generateQuery(type: serviceOrigin, originalQuery: Query): Query;
+    private sortLegacyResults;
+}
+export {};