@directus/api 30.0.0 → 32.0.0

package/dist/permissions/modules/process-payload/process-payload.js

@@ -1,4 +1,3 @@
-import { ForbiddenError } from '@directus/errors';
 import { parseFilter, validatePayload } from '@directus/utils';
 import { FailedValidationError, joiValidationErrorItemToErrorExtensions } from '@directus/validation';
 import { assign, difference, uniq } from 'lodash-es';
@@ -8,6 +7,7 @@ import { extractRequiredDynamicVariableContext } from '../../utils/extract-requi
 import { fetchDynamicVariableData } from '../../utils/fetch-dynamic-variable-data.js';
 import { contextHasDynamicVariables } from '../process-ast/utils/context-has-dynamic-variables.js';
 import { isFieldNullable } from './lib/is-field-nullable.js';
+import { createCollectionForbiddenError, createFieldsForbiddenError, } from '../process-ast/utils/validate-path/create-error.js';
 /**
  * @note this only validates the top-level fields. The expectation is that this function is called
  * for each level of nested insert separately
@@ -20,21 +20,14 @@ export async function processPayload(options, context) {
         policies = await fetchPolicies(options.accountability, context);
         permissions = await fetchPermissions({ action: options.action, policies, collections: [options.collection], accountability: options.accountability }, context);
         if (permissions.length === 0) {
-            throw new ForbiddenError({
-                reason: `You don't have permission to "${options.action}" from collection "${options.collection}" or it does not exist.`,
-            });
+            throw createCollectionForbiddenError('', options.collection);
         }
         const fieldsAllowed = uniq(permissions.map(({ fields }) => fields ?? []).flat());
         if (fieldsAllowed.includes('*') === false) {
             const fieldsUsed = Object.keys(options.payload);
             const notAllowed = difference(fieldsUsed, fieldsAllowed);
             if (notAllowed.length > 0) {
-                const fieldStr = notAllowed.map((field) => `"${field}"`).join(', ');
-                throw new ForbiddenError({
-                    reason: notAllowed.length === 1
-                        ? `You don't have permission to access field ${fieldStr} in collection "${options.collection}" or it does not exist.`
-                        : `You don't have permission to access fields ${fieldStr} in collection "${options.collection}" or they do not exist.`,
-                });
+                throw createFieldsForbiddenError('', options.collection, notAllowed);
             }
         }
         permissionValidationRules = permissions.map(({ validation }) => validation);

package/dist/permissions/modules/validate-access/validate-access.js

@@ -1,6 +1,7 @@
 import { ForbiddenError } from '@directus/errors';
 import { validateCollectionAccess } from './lib/validate-collection-access.js';
 import { validateItemAccess } from './lib/validate-item-access.js';
+import { createCollectionForbiddenError } from '../process-ast/utils/validate-path/create-error.js';
 /**
  * Validate if the current user has access to perform action against the given collection and
  * optional primary keys. This is done by reading the item from the database using the access
@@ -9,9 +10,7 @@ import { validateItemAccess } from './lib/validate-item-access.js';
 export async function validateAccess(options, context) {
     // Skip further validation if the collection does not exist
     if (!options.skipCollectionExistsCheck && options.collection in context.schema.collections === false) {
-        throw new ForbiddenError({
-            reason: `You don't have permission to "${options.action}" from collection "${options.collection}" or it does not exist.`,
-        });
+        throw createCollectionForbiddenError('', options.collection);
     }
     if (options.accountability.admin === true) {
         return;

package/dist/schedules/metrics.js

@@ -1,6 +1,6 @@
 import { useEnv } from '@directus/env';
 import { toBoolean } from '@directus/utils';
-import { scheduleJob } from 'node-schedule';
+import { CronJob } from 'cron';
 import { useLogger } from '../logger/index.js';
 import { useMetrics } from '../metrics/index.js';
 import { validateCron } from '../utils/schedule.js';
@@ -39,6 +39,10 @@ export default async function schedule() {
     if (!validateCron(String(env['METRICS_SCHEDULE']))) {
         return false;
     }
-    scheduleJob('metrics', String(env['METRICS_SCHEDULE']), handleMetricsJob);
+    CronJob.from({
+        cronTime: String(env['METRICS_SCHEDULE']),
+        onTick: handleMetricsJob,
+        start: true,
+    });
     return true;
 }

package/dist/schedules/project.d.ts

@@ -0,0 +1,4 @@
+/**
+ * Schedule the project status job
+ */
+export default function schedule(): Promise<void>;

package/dist/schedules/project.js

@@ -0,0 +1,27 @@
+import { random } from 'lodash-es';
+import getDatabase from '../database/index.js';
+import { sendReport } from '../telemetry/index.js';
+import { scheduleSynchronizedJob } from '../utils/schedule.js';
+import { version } from 'directus/version';
+/**
+ * Schedule the project status job
+ */
+export default async function schedule() {
+    const db = getDatabase();
+    // Schedules a job at a random time of the day to avoid overloading the telemetry server
+    scheduleSynchronizedJob('project-status', `${random(59)} ${random(23)} * * *`, async () => {
+        const { project_status, ...ownerInfo } = await db
+            .select('project_status', 'project_owner', 'project_usage', 'org_name', 'product_updates', 'project_id')
+            .from('directus_settings')
+            .first();
+        if (project_status !== 'pending')
+            return;
+        try {
+            await sendReport({ version, ...ownerInfo });
+            await db.update('project_status', '').from('directus_settings');
+        }
+        catch {
+            // Empty catch
+        }
+    });
+}

package/dist/services/authentication.js

@@ -15,6 +15,7 @@ import { getMilliseconds } from '../utils/get-milliseconds.js';
 import { getSecret } from '../utils/get-secret.js';
 import { stall } from '../utils/stall.js';
 import { ActivityService } from './activity.js';
+import { RevisionsService } from './revisions.js';
 import { SettingsService } from './settings.js';
 import { TFAService } from './tfa.js';
 const env = useEnv();
@@ -96,6 +97,25 @@ export class AuthenticationService {
                 if (error instanceof RateLimiterRes && error.remainingPoints === 0) {
                     await this.knex('directus_users').update({ status: 'suspended' }).where({ id: user.id });
                     user.status = 'suspended';
+                    if (this.accountability) {
+                        const activity = await this.activityService.createOne({
+                            action: Action.UPDATE,
+                            user: user.id,
+                            ip: this.accountability.ip,
+                            user_agent: this.accountability.userAgent,
+                            origin: this.accountability.origin,
+                            collection: 'directus_users',
+                            item: user.id,
+                        });
+                        const revisionsService = new RevisionsService({ knex: this.knex, schema: this.schema });
+                        await revisionsService.createOne({
+                            activity: activity,
+                            collection: 'directus_users',
+                            item: user.id,
+                            data: user,
+                            delta: { status: 'suspended' },
+                        });
+                    }
                     // This means that new attempts after the user has been re-activated will be accepted
                     await loginAttemptsLimiter.set(user.id, 0, 0);
                 }
@@ -137,6 +157,22 @@ export class AuthenticationService {
             app_access: globalAccess.app,
             admin_access: globalAccess.admin,
         };
+        // Add role-based enforcement to token payload for users who need to set up 2FA
+        if (!user.tfa_secret) {
+            // Check if user has role-based enforcement
+            const roleEnforcement = await this.knex
+                .select('directus_policies.enforce_tfa')
+                .from('directus_users')
+                .leftJoin('directus_roles', 'directus_users.role', 'directus_roles.id')
+                .leftJoin('directus_access', 'directus_roles.id', 'directus_access.role')
+                .leftJoin('directus_policies', 'directus_access.policy', 'directus_policies.id')
+                .where('directus_users.id', user.id)
+                .where('directus_policies.enforce_tfa', true)
+                .first();
+            if (roleEnforcement) {
+                tokenPayload.enforce_tfa = true;
+            }
+        }
         const refreshToken = nanoid(64);
         const refreshTokenExpiration = new Date(Date.now() + getMilliseconds(env['REFRESH_TOKEN_TTL'], 0));
         if (options?.session) {

package/dist/services/collections.d.ts

@@ -1,5 +1,5 @@
 import type { SchemaInspector } from '@directus/schema';
-import type { AbstractServiceOptions, Accountability, MutationOptions, SchemaOverview, RawCollection } from '@directus/types';
+import type { AbstractServiceOptions, Accountability, FieldMutationOptions, MutationOptions, RawCollection, SchemaOverview } from '@directus/types';
 import type Keyv from 'keyv';
 import type { Knex } from 'knex';
 import type { Helpers } from '../database/helpers/index.js';
@@ -16,11 +16,11 @@ export declare class CollectionsService {
     /**
      * Create a single new collection
      */
-    createOne(payload: RawCollection, opts?: MutationOptions): Promise<string>;
+    createOne(payload: RawCollection, opts?: FieldMutationOptions): Promise<string>;
     /**
      * Create multiple new collections
      */
-    createMany(payloads: RawCollection[], opts?: MutationOptions): Promise<string[]>;
+    createMany(payloads: RawCollection[], opts?: FieldMutationOptions): Promise<string[]>;
     /**
      * Read all collections. Currently doesn't support any query.
      */

package/dist/services/collections.js

@@ -62,6 +62,7 @@ export class CollectionsService {
             if (existingCollections.includes(payload.collection)) {
                 throw new InvalidPayloadError({ reason: `Collection "${payload.collection}" already exists` });
             }
+            const attemptConcurrentIndex = Boolean(opts?.attemptConcurrentIndex);
             // Create the collection/fields in a transaction so it'll be reverted in case of errors or
             // permission problems. This might not work reliably in MySQL, as it doesn't support DDL in
             // transactions.
@@ -114,7 +115,9 @@ export class CollectionsService {
                     await trx.schema.createTable(payload.collection, (table) => {
                         for (const field of payload.fields) {
                             if (field.type && ALIAS_TYPES.includes(field.type) === false) {
-                                fieldsService.addColumnToTable(table, payload.collection, field);
+                                fieldsService.addColumnToTable(table, payload.collection, field, {
+                                    attemptConcurrentIndex,
+                                });
                             }
                         }
                     });
@@ -159,6 +162,17 @@ export class CollectionsService {
                 }
                 return payload.collection;
             });
+            // concurrent index creation cannot be done inside the transaction
+            if (attemptConcurrentIndex && payload.schema && Array.isArray(payload.fields)) {
+                const fieldsService = new FieldsService({ schema: this.schema });
+                for (const field of payload.fields) {
+                    if (field.type && ALIAS_TYPES.includes(field.type) === false) {
+                        await fieldsService.addColumnIndex(payload.collection, field, {
+                            attemptConcurrentIndex,
+                        });
+                    }
+                }
+            }
             return payload.collection;
         }
         finally {
@@ -195,6 +209,7 @@ export class CollectionsService {
                         autoPurgeCache: false,
                         autoPurgeSystemCache: false,
                         bypassEmitAction: (params) => nestedActionEvents.push(params),
+                        attemptConcurrentIndex: Boolean(opts?.attemptConcurrentIndex),
                     });
                     collectionNames.push(name);
                 }

package/dist/services/fields.d.ts

@@ -1,10 +1,18 @@
 import type { Column, SchemaInspector } from '@directus/schema';
-import type { AbstractServiceOptions, Accountability, Field, MutationOptions, RawField, SchemaOverview, Type } from '@directus/types';
+import type { AbstractServiceOptions, Accountability, Field, FieldMutationOptions, MutationOptions, RawField, SchemaOverview, Type } from '@directus/types';
 import type Keyv from 'keyv';
 import type { Knex } from 'knex';
+import { z } from 'zod';
 import type { Helpers } from '../database/helpers/index.js';
 import { ItemsService } from './items.js';
 import { PayloadService } from './payload.js';
+export declare const systemFieldUpdateSchema: z.ZodObject<{
+    collection: z.ZodOptional<z.ZodString>;
+    field: z.ZodOptional<z.ZodString>;
+    schema: z.ZodObject<{
+        is_indexed: z.ZodOptional<z.ZodBoolean>;
+    }, z.core.$strict>;
+}, z.core.$strict>;
 export declare class FieldsService {
     knex: Knex;
     helpers: Helpers;
@@ -25,9 +33,17 @@ export declare class FieldsService {
         field: string;
         type: Type | null;
     }, table?: Knex.CreateTableBuilder, // allows collection creation to
-    opts?: MutationOptions): Promise<void>;
-    updateField(collection: string, field: RawField, opts?: MutationOptions): Promise<string>;
-    updateFields(collection: string, fields: RawField[], opts?: MutationOptions): Promise<string[]>;
+    opts?: FieldMutationOptions): Promise<void>;
+    updateField(collection: string, field: RawField, opts?: FieldMutationOptions): Promise<string>;
+    updateFields(collection: string, fields: RawField[], opts?: FieldMutationOptions): Promise<string[]>;
     deleteField(collection: string, field: string, opts?: MutationOptions): Promise<void>;
-    addColumnToTable(table: Knex.CreateTableBuilder, collection: string, field: RawField | Field, existing?: Column | null): void;
+    addColumnToTable(table: Knex.CreateTableBuilder, collection: string, field: RawField | Field, options?: {
+        attemptConcurrentIndex?: boolean;
+        existing?: Column | null;
+    }): void;
+    addColumnIndex(collection: string, field: Field | RawField, options?: {
+        attemptConcurrentIndex?: boolean;
+        knex?: Knex;
+        existing?: Column | null;
+    }): Promise<void>;
 }

package/dist/services/fields.js

@@ -2,8 +2,10 @@ import { DEFAULT_NUMERIC_PRECISION, DEFAULT_NUMERIC_SCALE, KNEX_TYPES, REGEX_BET
 import { useEnv } from '@directus/env';
 import { ForbiddenError, InvalidPayloadError } from '@directus/errors';
 import { createInspector } from '@directus/schema';
+import { isSystemField } from '@directus/system-data';
 import { addFieldFlag, getRelations, toArray } from '@directus/utils';
 import { isEqual, isNil, merge } from 'lodash-es';
+import { z } from 'zod';
 import { clearSystemCache, getCache, getCacheValue, setCacheValue } from '../cache.js';
 import { ALIAS_TYPES, ALLOWED_DB_DEFAULT_FUNCTIONS } from '../constants.js';
 import { translateDatabaseError } from '../database/errors/translate.js';
@@ -28,6 +30,17 @@ import { PayloadService } from './payload.js';
 import { RelationsService } from './relations.js';
 const systemFieldRows = getSystemFieldRowsWithAuthProviders();
 const env = useEnv();
+export const systemFieldUpdateSchema = z
+    .object({
+    collection: z.string().optional(),
+    field: z.string().optional(),
+    schema: z
+        .object({
+        is_indexed: z.boolean().optional(),
+    })
+        .strict(),
+})
+    .strict();
 export class FieldsService {
     knex;
     helpers;
@@ -89,14 +102,14 @@ export class FieldsService {
             schema: this.schema,
         });
         if (collection) {
-            fields = (await nonAuthorizedItemsService.readByQuery({
+            fields = await nonAuthorizedItemsService.readByQuery({
                 filter: { collection: { _eq: collection } },
                 limit: -1,
-            }));
+            });
             fields.push(...systemFieldRows.filter((fieldMeta) => fieldMeta.collection === collection));
         }
         else {
-            fields = (await nonAuthorizedItemsService.readByQuery({ limit: -1 }));
+            fields = await nonAuthorizedItemsService.readByQuery({ limit: -1 });
             fields.push(...systemFieldRows);
         }
         const columns = (await this.columnInfo(collection)).map((column) => ({
@@ -269,28 +282,35 @@ export class FieldsService {
             if (flagToAdd) {
                 addFieldFlag(field, flagToAdd);
             }
+            let hookAdjustedField = field;
+            const attemptConcurrentIndex = Boolean(opts?.attemptConcurrentIndex);
             await transaction(this.knex, async (trx) => {
                 const itemsService = new ItemsService('directus_fields', {
                     knex: trx,
                     accountability: this.accountability,
                     schema: this.schema,
                 });
-                const hookAdjustedField = opts?.emitEvents !== false
-                    ? await emitter.emitFilter(`fields.create`, field, {
-                        collection: collection,
-                    }, {
-                        database: trx,
-                        schema: this.schema,
-                        accountability: this.accountability,
-                    })
-                    : field;
+                hookAdjustedField =
+                    opts?.emitEvents !== false
+                        ? await emitter.emitFilter(`fields.create`, field, {
+                            collection: collection,
+                        }, {
+                            database: trx,
+                            schema: this.schema,
+                            accountability: this.accountability,
+                        })
+                        : field;
                 if (hookAdjustedField.type && ALIAS_TYPES.includes(hookAdjustedField.type) === false) {
                     if (table) {
-                        this.addColumnToTable(table, collection, hookAdjustedField);
+                        this.addColumnToTable(table, collection, hookAdjustedField, {
+                            attemptConcurrentIndex,
+                        });
                     }
                     else {
                         await trx.schema.alterTable(collection, (table) => {
-                            this.addColumnToTable(table, collection, hookAdjustedField);
+                            this.addColumnToTable(table, collection, hookAdjustedField, {
+                                attemptConcurrentIndex,
+                            });
                         });
                     }
                 }
@@ -327,6 +347,12 @@ export class FieldsService {
                     nestedActionEvents.push(actionEvent);
                 }
             });
+            // concurrent index creation cannot be done inside the transaction
+            if (attemptConcurrentIndex && hookAdjustedField.type && ALIAS_TYPES.includes(hookAdjustedField.type) === false) {
+                await this.addColumnIndex(collection, hookAdjustedField, {
+                    attemptConcurrentIndex,
+                });
+            }
         }
         finally {
             if (runPostColumnChange) {
@@ -339,7 +365,7 @@ export class FieldsService {
                 await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
             }
             if (opts?.emitEvents !== false && nestedActionEvents.length > 0) {
-                const updatedSchema = await getSchema();
+                const updatedSchema = await getSchema({ database: this.knex });
                 for (const nestedActionEvent of nestedActionEvents) {
                     nestedActionEvent.context.schema = updatedSchema;
                     emitter.emitAction(nestedActionEvent.event, nestedActionEvent.meta, nestedActionEvent.context);
@@ -390,20 +416,32 @@ export class FieldsService {
                 const columnToCompare = opts?.bypassLimits && opts.autoPurgeSystemCache === false ? sanitizeColumn(existingColumn) : existingColumn;
                 if (!isEqual(columnToCompare, hookAdjustedField.schema)) {
                     try {
+                        const attemptConcurrentIndex = Boolean(opts?.attemptConcurrentIndex);
                         await transaction(this.knex, async (trx) => {
-                            await trx.schema.alterTable(collection, async (table) => {
+                            await trx.schema.alterTable(collection, (table) => {
                                 if (!hookAdjustedField.schema)
                                     return;
-                                this.addColumnToTable(table, collection, field, existingColumn);
+                                this.addColumnToTable(table, collection, field, {
+                                    existing: existingColumn,
+                                    attemptConcurrentIndex,
+                                });
                             });
                         });
+                        // concurrent index creation cannot be done inside the transaction
+                        if (attemptConcurrentIndex) {
+                            await this.addColumnIndex(collection, field, {
+                                existing: existingColumn,
+                                attemptConcurrentIndex,
+                            });
+                        }
                     }
                     catch (err) {
                         throw await translateDatabaseError(err, field);
                     }
                 }
             }
-            if (hookAdjustedField.meta) {
+            // Only create/update a database record if this is not a system field
+            if (hookAdjustedField.meta && !isSystemField(collection, hookAdjustedField.field)) {
                 if (record) {
                     await this.itemsService.updateOne(record.id, {
                         ...hookAdjustedField.meta,
@@ -451,7 +489,7 @@ export class FieldsService {
                 await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
             }
             if (opts?.emitEvents !== false && nestedActionEvents.length > 0) {
-                const updatedSchema = await getSchema();
+                const updatedSchema = await getSchema({ database: this.knex });
                 for (const nestedActionEvent of nestedActionEvents) {
                     nestedActionEvent.context.schema = updatedSchema;
                     emitter.emitAction(nestedActionEvent.event, nestedActionEvent.meta, nestedActionEvent.context);
@@ -463,11 +501,13 @@ export class FieldsService {
         const nestedActionEvents = [];
         try {
             const fieldNames = [];
+            const attemptConcurrentIndex = Boolean(opts?.attemptConcurrentIndex);
             for (const field of fields) {
                 fieldNames.push(await this.updateField(collection, field, {
                     autoPurgeCache: false,
                     autoPurgeSystemCache: false,
                     bypassEmitAction: (params) => nestedActionEvents.push(params),
+                    attemptConcurrentIndex,
                 }));
             }
             return fieldNames;
@@ -480,7 +520,7 @@ export class FieldsService {
                 await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
             }
             if (opts?.emitEvents !== false && nestedActionEvents.length > 0) {
-                const updatedSchema = await getSchema();
+                const updatedSchema = await getSchema({ database: this.knex });
                 for (const nestedActionEvent of nestedActionEvents) {
                     nestedActionEvent.context.schema = updatedSchema;
                     emitter.emitAction(nestedActionEvent.event, nestedActionEvent.meta, nestedActionEvent.context);
@@ -590,6 +630,22 @@ export class FieldsService {
                         field: { _eq: field },
                     },
                 }, { emitEvents: false });
+                // cleanup permissions for deleted field
+                const permissionRows = await trx
+                    .select('id', 'collection', 'fields')
+                    .from('directus_permissions')
+                    .whereRaw('?? = ? AND ?? LIKE ?', ['collection', collection, 'fields', '%' + field + '%']);
+                if (permissionRows.length > 0) {
+                    for (const permissionRow of permissionRows) {
+                        const newFields = permissionRow['fields']
+                            .split(',')
+                            .filter((v) => v !== field)
+                            .join(',');
+                        await trx('directus_permissions')
+                            .update('fields', newFields.length > 0 ? newFields : null)
+                            .where('id', '=', permissionRow['id']);
+                    }
+                }
             });
             const actionEvent = {
                 event: 'fields.delete',
@@ -621,7 +677,7 @@ export class FieldsService {
                 await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
             }
             if (opts?.emitEvents !== false && nestedActionEvents.length > 0) {
-                const updatedSchema = await getSchema();
+                const updatedSchema = await getSchema({ database: this.knex });
                 for (const nestedActionEvent of nestedActionEvents) {
                     nestedActionEvent.context.schema = updatedSchema;
                     emitter.emitAction(nestedActionEvent.event, nestedActionEvent.meta, nestedActionEvent.context);
@@ -629,11 +685,12 @@ export class FieldsService {
             }
         }
     }
-    addColumnToTable(table, collection, field, existing = null) {
+    addColumnToTable(table, collection, field, options) {
         let column;
         // Don't attempt to add a DB column for alias / corrupt fields
         if (field.type === 'alias' || field.type === 'unknown')
             return;
+        const existing = options?.existing ?? null;
         if (field.schema?.has_auto_increment) {
             if (field.type === 'bigInteger') {
                 column = table.bigIncrements(field.field);
@@ -707,28 +764,48 @@ export class FieldsService {
         else if (!existing?.is_primary_key) {
             // primary key will already have unique/index constraints
             if (field.schema?.is_unique === true) {
-                if (!existing || existing.is_unique === false) {
+                if ((!existing || existing.is_unique === false) && !options?.attemptConcurrentIndex) {
                     column.unique({ indexName: this.helpers.schema.generateIndexName('unique', collection, field.field) });
                 }
             }
-            else if (field.schema?.is_unique === false) {
-                if (existing?.is_unique === true) {
-                    table.dropUnique([field.field], this.helpers.schema.generateIndexName('unique', collection, field.field));
-                }
+            else if (field.schema?.is_unique === false && existing?.is_unique === true) {
+                table.dropUnique([field.field], this.helpers.schema.generateIndexName('unique', collection, field.field));
             }
             if (field.schema?.is_indexed === true) {
-                if (!existing || existing.is_indexed === false) {
+                if ((!existing || existing.is_indexed === false) && !options?.attemptConcurrentIndex) {
                     column.index(this.helpers.schema.generateIndexName('index', collection, field.field));
                 }
             }
-            else if (field.schema?.is_indexed === false) {
-                if (existing?.is_indexed === true) {
-                    table.dropIndex([field.field], this.helpers.schema.generateIndexName('index', collection, field.field));
-                }
+            else if (field.schema?.is_indexed === false && existing?.is_indexed === true) {
+                table.dropIndex([field.field], this.helpers.schema.generateIndexName('index', collection, field.field));
             }
         }
         if (existing) {
             column.alter();
         }
     }
+    async addColumnIndex(collection, field, options) {
+        const attemptConcurrentIndex = Boolean(options?.attemptConcurrentIndex);
+        const knex = options?.knex ?? this.knex;
+        const existing = options?.existing ?? null;
+        // Don't attempt to index a DB column for alias / corrupt fields
+        if (field.type === 'alias' || field.type === 'unknown')
+            return;
+        // primary key will already have unique/index constraints
+        if (field.schema?.is_primary_key || existing?.is_primary_key)
+            return;
+        const helpers = getHelpers(knex);
+        if (field.schema?.is_unique === true && (!existing || existing.is_unique == false)) {
+            await helpers.schema.createIndex(collection, field.field, {
+                unique: true,
+                attemptConcurrentIndex,
+            });
+        }
+        if (field.schema?.is_indexed === true && (!existing || existing.is_indexed === false)) {
+            await helpers.schema.createIndex(collection, field.field, {
+                unique: false,
+                attemptConcurrentIndex,
+            });
+        }
+    }
 }

package/dist/services/graphql/resolvers/query.js

@@ -19,8 +19,8 @@ export async function resolveQuery(gql, info) {
     let query;
     const isAggregate = collection.endsWith('_aggregated') && collection in gql.schema.collections === false;
     if (isAggregate) {
-        query = await getAggregateQuery(args, selections, gql.schema, gql.accountability);
         collection = collection.slice(0, -11);
+        query = await getAggregateQuery(args, selections, gql.schema, gql.accountability, collection);
     }
     else {
         query = await getQuery(args, gql.schema, selections, info.variableValues, gql.accountability, collection);