@directus/api 28.0.1 → 28.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/flows.js +12 -10
- package/package.json +11 -11
package/dist/flows.js
CHANGED
|
@@ -206,7 +206,7 @@ class FlowManager {
|
|
|
206
206
|
logger.warn(`Specified collection must be one of: ${enabledCollections.join(', ')}.`);
|
|
207
207
|
throw new ForbiddenError();
|
|
208
208
|
}
|
|
209
|
-
if (!targetKeys || !Array.isArray(targetKeys)) {
|
|
209
|
+
if (requireSelection && (!targetKeys || !Array.isArray(targetKeys))) {
|
|
210
210
|
logger.warn(`Manual trigger requires "keys" to be specified in the payload`);
|
|
211
211
|
throw new ForbiddenError();
|
|
212
212
|
}
|
|
@@ -233,15 +233,17 @@ class FlowManager {
|
|
|
233
233
|
logger.warn(`Triggering ${targetCollection} is not allowed`);
|
|
234
234
|
throw new ForbiddenError();
|
|
235
235
|
}
|
|
236
|
-
|
|
237
|
-
|
|
238
|
-
|
|
239
|
-
|
|
240
|
-
|
|
241
|
-
|
|
242
|
-
|
|
243
|
-
|
|
244
|
-
|
|
236
|
+
if (Array.isArray(targetKeys) && targetKeys.length > 0) {
|
|
237
|
+
const service = getService(targetCollection, { schema, accountability, knex: database });
|
|
238
|
+
const primaryField = schema.collections[targetCollection].primary;
|
|
239
|
+
const keys = await service.readMany(targetKeys, { fields: [primaryField] }, {
|
|
240
|
+
emitEvents: false,
|
|
241
|
+
});
|
|
242
|
+
const allowedKeys = keys.map((key) => key[primaryField]);
|
|
243
|
+
if (targetKeys.some((key) => !allowedKeys.includes(key))) {
|
|
244
|
+
logger.warn(`Triggering keys ${targetKeys} is not allowed`);
|
|
245
|
+
throw new ForbiddenError();
|
|
246
|
+
}
|
|
245
247
|
}
|
|
246
248
|
}
|
|
247
249
|
if (flow.options['async']) {
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@directus/api",
|
|
3
|
-
"version": "28.0.
|
|
3
|
+
"version": "28.0.2",
|
|
4
4
|
"description": "Directus is a real-time API and App dashboard for managing SQL database content",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"directus",
|
|
@@ -152,30 +152,30 @@
|
|
|
152
152
|
"ws": "8.18.1",
|
|
153
153
|
"zod": "3.24.2",
|
|
154
154
|
"zod-validation-error": "3.4.0",
|
|
155
|
-
"@directus/app": "13.11.
|
|
156
|
-
"@directus/env": "5.1.0",
|
|
157
|
-
"@directus/constants": "13.0.1",
|
|
155
|
+
"@directus/app": "13.11.2",
|
|
158
156
|
"@directus/errors": "2.0.2",
|
|
159
157
|
"@directus/extensions": "3.0.7",
|
|
158
|
+
"@directus/env": "5.1.0",
|
|
160
159
|
"@directus/extensions-registry": "3.0.7",
|
|
161
160
|
"@directus/extensions-sdk": "14.0.0",
|
|
161
|
+
"@directus/constants": "13.0.1",
|
|
162
|
+
"@directus/pressure": "3.0.6",
|
|
162
163
|
"@directus/memory": "3.0.6",
|
|
163
164
|
"@directus/format-title": "12.0.1",
|
|
164
|
-
"@directus/pressure": "3.0.6",
|
|
165
165
|
"@directus/schema": "13.0.1",
|
|
166
166
|
"@directus/schema-builder": "0.0.3",
|
|
167
167
|
"@directus/specs": "11.1.0",
|
|
168
168
|
"@directus/storage": "12.0.0",
|
|
169
|
-
"@directus/storage-driver-azure": "12.0.6",
|
|
170
169
|
"@directus/storage-driver-cloudinary": "12.0.6",
|
|
171
170
|
"@directus/storage-driver-gcs": "12.0.6",
|
|
171
|
+
"@directus/storage-driver-azure": "12.0.6",
|
|
172
172
|
"@directus/storage-driver-s3": "12.0.6",
|
|
173
173
|
"@directus/storage-driver-local": "12.0.0",
|
|
174
|
-
"@directus/utils": "13.0.7",
|
|
175
|
-
"@directus/system-data": "3.1.1",
|
|
176
174
|
"@directus/storage-driver-supabase": "3.0.6",
|
|
175
|
+
"@directus/utils": "13.0.7",
|
|
177
176
|
"@directus/validation": "2.0.6",
|
|
178
|
-
"directus": "
|
|
177
|
+
"@directus/system-data": "3.1.1",
|
|
178
|
+
"directus": "11.9.2"
|
|
179
179
|
},
|
|
180
180
|
"devDependencies": {
|
|
181
181
|
"@directus/tsconfig": "3.0.0",
|
|
@@ -219,9 +219,9 @@
|
|
|
219
219
|
"knex-mock-client": "3.0.2",
|
|
220
220
|
"typescript": "5.8.2",
|
|
221
221
|
"vitest": "2.1.9",
|
|
222
|
-
"@directus/random": "2.0.1",
|
|
223
222
|
"@directus/schema-builder": "0.0.3",
|
|
224
|
-
"@directus/types": "13.2.0"
|
|
223
|
+
"@directus/types": "13.2.0",
|
|
224
|
+
"@directus/random": "2.0.1"
|
|
225
225
|
},
|
|
226
226
|
"optionalDependencies": {
|
|
227
227
|
"@keyv/redis": "3.0.1",
|