@directus/api 35.2.0 → 36.0.0-rc.0

package/dist/schedules/license.js

@@ -0,0 +1,31 @@
+import { scheduleSynchronizedJob, validateCron } from "../utils/schedule.js";
+import { durationToCron } from "./utils/duration-to-cron.js";
+import { getLicenseManager } from "../license/manager.js";
+
+//#region src/schedules/license.ts
+let job = null;
+async function stopLicenseCheck() {
+	await job?.stop();
+}
+/**
+* Schedule a license check at the license's validation_interval.
+*/
+async function schedule() {
+	await job?.stop();
+	const licenseManager = getLicenseManager();
+	const license = await licenseManager.getLicense();
+	if (license.meta.validation_interval === -1) return false;
+	const cron = durationToCron(license.meta.validation_interval);
+	if (!validateCron(cron)) return false;
+	job = scheduleSynchronizedJob("license-check", cron, async () => {
+		const jobLicense = await licenseManager.getLicense();
+		if (jobLicense.meta.validation_interval !== license.meta.validation_interval) {
+			await job?.stop();
+			if (jobLicense.meta.validation_interval !== -1) await schedule();
+		} else await licenseManager.refresh();
+	});
+	return true;
+}
+
+//#endregion
+export { schedule as default, stopLicenseCheck };

package/dist/schedules/oauth-cleanup.js

@@ -0,0 +1,26 @@
+import { useLogger } from "../logger/index.js";
+import { scheduleSynchronizedJob, validateCron } from "../utils/schedule.js";
+import { getSchema } from "../utils/get-schema.js";
+import { McpOAuthService } from "../services/mcp-oauth/index.js";
+import { useEnv } from "@directus/env";
+
+//#region src/schedules/oauth-cleanup.ts
+async function scheduleOAuthCleanup() {
+	const env = useEnv();
+	const schedule = String(env["MCP_OAUTH_CLEANUP_SCHEDULE"]);
+	if (!validateCron(schedule)) {
+		useLogger().error(`Invalid MCP_OAUTH_CLEANUP_SCHEDULE: "${schedule}". OAuth cleanup disabled.`);
+		return false;
+	}
+	scheduleSynchronizedJob("oauth-cleanup", schedule, async () => {
+		try {
+			await new McpOAuthService({ schema: await getSchema() }).cleanup();
+		} catch (error) {
+			useLogger().error(error, "MCP OAuth cleanup failed");
+		}
+	});
+	return true;
+}
+
+//#endregion
+export { scheduleOAuthCleanup as default };

package/dist/schedules/retention.js

@@ -2,9 +2,9 @@ import { useLogger } from "../logger/index.js";
 import { getMilliseconds } from "../utils/get-milliseconds.js";
 import { getHelpers } from "../database/helpers/index.js";
 import database_default from "../database/index.js";
+import { scheduleSynchronizedJob, validateCron } from "../utils/schedule.js";
 import { useLock } from "../lock/lib/use-lock.js";
 import "../lock/index.js";
-import { scheduleSynchronizedJob, validateCron } from "../utils/schedule.js";
 import { useEnv } from "@directus/env";
 import { toBoolean } from "@directus/utils";
 import { Action } from "@directus/constants";

package/dist/schedules/telemetry.js

@@ -1,7 +1,9 @@
 import { getCache } from "../cache.js";
 import { scheduleSynchronizedJob } from "../utils/schedule.js";
+import { getEntitlementManager } from "../license/entitlements/manager.js";
 import { track } from "../telemetry/lib/track.js";
 import "../telemetry/index.js";
+import "../license/index.js";
 import { useEnv } from "@directus/env";
 import { toBoolean } from "@directus/utils";
 
@@ -19,7 +21,8 @@ const jobCallback = () => {
 * @returns Whether or not telemetry has been initialized
 */
 async function schedule() {
-	if (toBoolean(useEnv()["TELEMETRY"]) === false) return false;
+	const env = useEnv();
+	if (!getEntitlementManager().isEntitled("telemetry_required") && !toBoolean(env["TELEMETRY"])) return false;
 	scheduleSynchronizedJob("telemetry", "0 */6 * * *", jobCallback);
 	const { lockCache } = getCache();
 	if (!await lockCache.get("telemetry-lock")) {

package/dist/schedules/tus.js

@@ -1,6 +1,6 @@
 import { RESUMABLE_UPLOADS } from "../constants.js";
-import { getSchema } from "../utils/get-schema.js";
 import { scheduleSynchronizedJob, validateCron } from "../utils/schedule.js";
+import { getSchema } from "../utils/get-schema.js";
 import { createTusServer } from "../services/tus/server.js";
 import "../services/tus/index.js";
 

package/dist/schedules/utils/duration-to-cron.js

@@ -0,0 +1,36 @@
+import { random } from "lodash-es";
+
+//#region src/schedules/utils/duration-to-cron.ts
+const HOURS_IN_SECONDS = 3600;
+const ALLOWED_HOURS = new Set([
+	1,
+	2,
+	3,
+	4,
+	6,
+	8,
+	12
+]);
+/**
+* Convert a duration in seconds into a cron expression
+*
+* - Honored intervals (hours): 1, 2, 3, 4, 6, 8, 12.
+* - Random hour offset within [0, hours) spreads load across phase groups.
+* - Any duration outside interval falls back to daily.
+*
+*   3600 (1h)   → fires every hour at random minute and second
+*   7200 (2h)   → fires every 2h, phase offset 0 or 1
+*   25200 (7h)  → daily fallback
+*/
+function durationToCron(duration) {
+	const second = random(0, 59);
+	const minute = random(0, 59);
+	if (duration > 0 && duration % HOURS_IN_SECONDS === 0) {
+		const hours = duration / HOURS_IN_SECONDS;
+		if (ALLOWED_HOURS.has(hours)) return `${second} ${minute} ${hours === 1 ? "*" : random(0, hours - 1)}/${hours} * * *`;
+	}
+	return `${second} ${minute} ${random(0, 23)} * * *`;
+}
+
+//#endregion
+export { durationToCron };

package/dist/services/activity.js

@@ -1,10 +1,25 @@
 import { ItemsService } from "./items.js";
+import { getHistoryFilterQuery } from "../utils/get-history-filter-query.js";
 
 //#region src/services/activity.ts
 var ActivityService = class extends ItemsService {
+	queryCache = /* @__PURE__ */ new WeakMap();
 	constructor(options) {
 		super("directus_activity", options);
 	}
+	async readByQuery(query, opts) {
+		if (this.accountability === null) return super.readByQuery(query, opts);
+		const historyQuery = this.getLimitedHistoryQuery(query);
+		return super.readByQuery(historyQuery, opts);
+	}
+	getLimitedHistoryQuery(query) {
+		let cachedQuery = this.queryCache.get(query);
+		if (!cachedQuery) {
+			cachedQuery = getHistoryFilterQuery(query, "activity_historical_timeframe", (sinceDate) => ({ timestamp: { _gte: sinceDate.toISOString() } }));
+			this.queryCache.set(query, cachedQuery);
+		}
+		return cachedQuery;
+	}
 };
 
 //#endregion

package/dist/services/authentication.js

@@ -9,12 +9,15 @@ import { PayloadService } from "./payload.js";
 import { ActivityService } from "./activity.js";
 import { RateLimiterRes, createRateLimiter } from "../rate-limiter.js";
 import { stall } from "../utils/stall.js";
+import { getEntitlementManager } from "../license/entitlements/manager.js";
+import { RevisionsService } from "./revisions.js";
 import { SettingsService } from "./settings.js";
 import { getAuthProvider } from "../auth.js";
-import { RevisionsService } from "./revisions.js";
 import { TFAService } from "./tfa.js";
+import { getLicenseManager } from "../license/manager.js";
+import "../license/index.js";
 import { useEnv } from "@directus/env";
-import { InvalidCredentialsError, InvalidOtpError, ServiceUnavailableError, UserSuspendedError } from "@directus/errors";
+import { InvalidCredentialsError, InvalidOtpError, ResourceRestrictedError, ServiceUnavailableError, UserSuspendedError } from "@directus/errors";
 import { clone, cloneDeep } from "lodash-es";
 import { Action } from "@directus/constants";
 import { performance } from "perf_hooks";
@@ -96,6 +99,7 @@ var AuthenticationService = class {
 			} catch (error) {
 				if (error instanceof RateLimiterRes && error.remainingPoints === 0) {
 					await this.knex("directus_users").update({ status: "suspended" }).where({ id: user.id });
+					await getEntitlementManager().clearCache("sso_enabled", "seats");
 					if (this.accountability) {
 						const activity = await this.activityService.createOne({
 							action: Action.UPDATE,
@@ -160,6 +164,7 @@ var AuthenticationService = class {
 			user: user.id,
 			ip: this.accountability?.ip ?? null
 		}, { knex: this.knex });
+		if (await getLicenseManager().isLocked() && globalAccess.admin === false) throw new ResourceRestrictedError({ category: "login" });
 		const tokenPayload = {
 			id: user.id,
 			role: user.role,
@@ -237,7 +242,7 @@ var AuthenticationService = class {
 			share_id: "d.id",
 			share_start: "d.date_start",
 			share_end: "d.date_end"
-		}).from("directus_sessions AS s").leftJoin("directus_users AS u", "s.user", "u.id").leftJoin("directus_shares AS d", "s.share", "d.id").where("s.token", refreshToken).andWhere("s.expires", ">=", /* @__PURE__ */ new Date()).andWhere((subQuery) => {
+		}).from("directus_sessions AS s").leftJoin("directus_users AS u", "s.user", "u.id").leftJoin("directus_shares AS d", "s.share", "d.id").where("s.token", refreshToken).andWhere("s.expires", ">=", /* @__PURE__ */ new Date()).andWhere("s.oauth_client", null).andWhere((subQuery) => {
 			subQuery.whereNull("d.date_end").orWhere("d.date_end", ">=", /* @__PURE__ */ new Date());
 		}).andWhere((subQuery) => {
 			subQuery.whereNull("d.date_start").orWhere("d.date_start", "<=", /* @__PURE__ */ new Date());
@@ -259,6 +264,7 @@ var AuthenticationService = class {
 			roles,
 			ip: this.accountability?.ip ?? null
 		}, { knex: this.knex });
+		if (await getLicenseManager().isLocked() && globalAccess.admin === false) throw new ResourceRestrictedError({ category: "login" });
 		if (record.user_id) await getAuthProvider(record.user_provider).refresh({
 			id: record.user_id,
 			first_name: record.user_first_name,
@@ -346,12 +352,13 @@ var AuthenticationService = class {
 			expires: sessionExpiration,
 			ip: this.accountability?.ip,
 			user_agent: this.accountability?.userAgent,
-			origin: this.accountability?.origin
+			origin: this.accountability?.origin,
+			oauth_client: sessionRecord["oauth_client"]
 		});
 		return newSessionToken;
 	}
 	async logout(refreshToken) {
-		const record = await this.knex.select("u.id", "u.first_name", "u.last_name", "u.email", "u.password", "u.status", "u.role", "u.provider", "u.external_identifier", "u.auth_data").from("directus_sessions as s").innerJoin("directus_users as u", "s.user", "u.id").where("s.token", refreshToken).first();
+		const record = await this.knex.select("u.id", "u.first_name", "u.last_name", "u.email", "u.password", "u.status", "u.role", "u.provider", "u.external_identifier", "u.auth_data").from("directus_sessions as s").innerJoin("directus_users as u", "s.user", "u.id").where("s.token", refreshToken).andWhere("s.oauth_client", null).first();
 		if (record) {
 			const user = record;
 			await getAuthProvider(user.provider).logout(clone(user));

package/dist/services/collections.js

@@ -7,12 +7,14 @@ import { validateAccess } from "../permissions/modules/validate-access/validate-
 import { transaction } from "../utils/transaction.js";
 import { shouldClearCache } from "../utils/should-clear-cache.js";
 import { ItemsService } from "./items.js";
-import { fetchAllowedCollections } from "../permissions/modules/fetch-allowed-collections/fetch-allowed-collections.js";
 import { getSchema } from "../utils/get-schema.js";
+import { getEntitlementManager } from "../license/entitlements/manager.js";
 import { buildCollectionAndFieldRelations } from "./fields/build-collection-and-field-relations.js";
 import { getCollectionMetaUpdates } from "./fields/get-collection-meta-updates.js";
 import { getCollectionRelationList } from "./fields/get-collection-relation-list.js";
 import { FieldsService } from "./fields.js";
+import "../license/index.js";
+import { fetchAllowedCollections } from "../permissions/modules/fetch-allowed-collections/fetch-allowed-collections.js";
 import { useEnv } from "@directus/env";
 import { ForbiddenError, InvalidPayloadError } from "@directus/errors";
 import { addFieldFlag } from "@directus/utils";
@@ -48,6 +50,10 @@ var CollectionsService = class CollectionsService {
 		if (typeof payload.collection !== "string" || payload.collection === "") throw new InvalidPayloadError({ reason: `"collection" must be a non-empty string` });
 		if (payload.collection.startsWith("directus_")) throw new InvalidPayloadError({ reason: `Collections can't start with "directus_"` });
 		if (payload.collection.includes("/")) throw new InvalidPayloadError({ reason: `Collection name can't contain "/"` });
+		if (payload.schema && payload.meta && (!("status" in payload.meta) || payload.meta.status === "active")) await getEntitlementManager().assert("collections", {
+			adding: 1,
+			knex: this.knex
+		});
 		payload.collection = await this.helpers.schema.parseCollectionName(payload.collection);
 		const nestedActionEvents = [];
 		try {
@@ -126,7 +132,10 @@ var CollectionsService = class CollectionsService {
 			return payload.collection;
 		} finally {
 			if (shouldClearCache(this.cache, opts)) await this.cache.clear();
-			if (opts?.autoPurgeSystemCache !== false) await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
+			if (opts?.autoPurgeSystemCache !== false) {
+				await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
+				await getEntitlementManager().clearCache("collections");
+			}
 			if (opts?.emitEvents !== false && nestedActionEvents.length > 0) {
 				const updatedSchema = await getSchema();
 				for (const nestedActionEvent of nestedActionEvents) {
@@ -162,7 +171,10 @@ var CollectionsService = class CollectionsService {
 			});
 		} finally {
 			if (shouldClearCache(this.cache, opts)) await this.cache.clear();
-			if (opts?.autoPurgeSystemCache !== false) await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
+			if (opts?.autoPurgeSystemCache !== false) {
+				await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
+				await getEntitlementManager().clearCache("collections");
+			}
 			if (opts?.emitEvents !== false && nestedActionEvents.length > 0) {
 				const updatedSchema = await getSchema();
 				for (const nestedActionEvent of nestedActionEvents) {
@@ -253,7 +265,7 @@ var CollectionsService = class CollectionsService {
 	/**
 	* Update a single collection by name
 	*/
-	async updateOne(collectionKey, data, opts) {
+	async updateOne(collectionKey, payload, opts) {
 		if (this.accountability && this.accountability.admin !== true) throw new ForbiddenError();
 		const nestedActionEvents = [];
 		try {
@@ -262,8 +274,11 @@ var CollectionsService = class CollectionsService {
 				accountability: this.accountability,
 				schema: this.schema
 			});
-			const payload = data;
 			if (!payload.meta) return collectionKey;
+			if (payload.meta?.status === "active") await getEntitlementManager().assert("collections", {
+				adding: 1,
+				knex: this.knex
+			});
 			if (!!await this.knex.select("collection").from("directus_collections").where({ collection: collectionKey }).first()) await collectionsItemsService.updateOne(collectionKey, payload.meta, {
 				...opts,
 				bypassEmitAction: (params) => opts?.bypassEmitAction ? opts.bypassEmitAction(params) : nestedActionEvents.push(params)
@@ -278,7 +293,10 @@ var CollectionsService = class CollectionsService {
 			return collectionKey;
 		} finally {
 			if (shouldClearCache(this.cache, opts)) await this.cache.clear();
-			if (opts?.autoPurgeSystemCache !== false) await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
+			if (opts?.autoPurgeSystemCache !== false) {
+				await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
+				await getEntitlementManager().clearCache("collections");
+			}
 			if (opts?.emitEvents !== false && nestedActionEvents.length > 0) {
 				const updatedSchema = await getSchema();
 				for (const nestedActionEvent of nestedActionEvents) {
@@ -316,7 +334,10 @@ var CollectionsService = class CollectionsService {
 			});
 		} finally {
 			if (shouldClearCache(this.cache, opts)) await this.cache.clear();
-			if (opts?.autoPurgeSystemCache !== false) await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
+			if (opts?.autoPurgeSystemCache !== false) {
+				await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
+				await getEntitlementManager().clearCache("collections");
+			}
 			if (opts?.emitEvents !== false && nestedActionEvents.length > 0) {
 				const updatedSchema = await getSchema();
 				for (const nestedActionEvent of nestedActionEvents) {
@@ -349,7 +370,10 @@ var CollectionsService = class CollectionsService {
 			return collectionKeys;
 		} finally {
 			if (shouldClearCache(this.cache, opts)) await this.cache.clear();
-			if (opts?.autoPurgeSystemCache !== false) await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
+			if (opts?.autoPurgeSystemCache !== false) {
+				await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
+				await getEntitlementManager().clearCache("collections");
+			}
 			if (opts?.emitEvents !== false && nestedActionEvents.length > 0) {
 				const updatedSchema = await getSchema();
 				for (const nestedActionEvent of nestedActionEvents) {
@@ -434,7 +458,10 @@ var CollectionsService = class CollectionsService {
 			return collectionKey;
 		} finally {
 			if (shouldClearCache(this.cache, opts)) await this.cache.clear();
-			if (opts?.autoPurgeSystemCache !== false) await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
+			if (opts?.autoPurgeSystemCache !== false) {
+				await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
+				await getEntitlementManager().clearCache("collections");
+			}
 			if (opts?.emitEvents !== false && nestedActionEvents.length > 0) {
 				const updatedSchema = await getSchema();
 				for (const nestedActionEvent of nestedActionEvents) {
@@ -466,7 +493,10 @@ var CollectionsService = class CollectionsService {
 			return collectionKeys;
 		} finally {
 			if (shouldClearCache(this.cache, opts)) await this.cache.clear();
-			if (opts?.autoPurgeSystemCache !== false) await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
+			if (opts?.autoPurgeSystemCache !== false) {
+				await clearSystemCache({ autoPurgeCache: opts?.autoPurgeCache });
+				await getEntitlementManager().clearCache("collections");
+			}
 			if (opts?.emitEvents !== false && nestedActionEvents.length > 0) {
 				const updatedSchema = await getSchema();
 				for (const nestedActionEvent of nestedActionEvents) {

package/dist/services/fields.js

@@ -16,15 +16,15 @@ import getLocalType from "../utils/get-local-type.js";
 import getDefaultValue from "../utils/get-default-value.js";
 import { getSystemFieldRowsWithAuthProviders } from "../utils/get-field-system-rows.js";
 import { getSchema } from "../utils/get-schema.js";
+import { sanitizeColumn } from "../utils/sanitize-schema.js";
 import { buildCollectionAndFieldRelations } from "./fields/build-collection-and-field-relations.js";
 import { getCollectionMetaUpdates } from "./fields/get-collection-meta-updates.js";
 import { getCollectionRelationList } from "./fields/get-collection-relation-list.js";
-import { sanitizeColumn } from "../utils/sanitize-schema.js";
 import { useEnv } from "@directus/env";
 import { ForbiddenError, InvalidPayloadError } from "@directus/errors";
 import { addFieldFlag, getRelations, toArray } from "@directus/utils";
 import { isEqual, isNil, merge } from "lodash-es";
-import { z } from "zod";
+import { z as z$1 } from "zod";
 import { DEFAULT_NUMERIC_PRECISION, DEFAULT_NUMERIC_SCALE, KNEX_TYPES, REGEX_BETWEEN_PARENS } from "@directus/constants";
 import { createInspector } from "@directus/schema";
 import { isSystemField } from "@directus/system-data";
@@ -32,10 +32,10 @@ import { isSystemField } from "@directus/system-data";
 //#region src/services/fields.ts
 const systemFieldRows$1 = getSystemFieldRowsWithAuthProviders();
 const env = useEnv();
-const systemFieldUpdateSchema = z.object({
-	collection: z.string().optional(),
-	field: z.string().optional(),
-	schema: z.object({ is_indexed: z.boolean().optional() }).strict()
+const systemFieldUpdateSchema = z$1.object({
+	collection: z$1.string().optional(),
+	field: z$1.string().optional(),
+	schema: z$1.object({ is_indexed: z$1.boolean().optional() }).strict()
 }).strict();
 var FieldsService = class FieldsService {
 	knex;

package/dist/services/flows.js

@@ -1,4 +1,5 @@
 import { ItemsService } from "./items.js";
+import { getEntitlementManager } from "../license/entitlements/manager.js";
 import { getFlowManager } from "../flows.js";
 
 //#region src/services/flows.ts
@@ -7,12 +8,22 @@ var FlowsService = class extends ItemsService {
 		super("directus_flows", options);
 	}
 	async createOne(data, opts) {
+		if (!("status" in data) || data["status"] === "active") await getEntitlementManager().assert("flows", {
+			adding: 1,
+			knex: this.knex
+		});
 		const result = await super.createOne(data, opts);
+		await getEntitlementManager().clearCache("flows");
 		await getFlowManager().reload();
 		return result;
 	}
 	async updateMany(keys, data, opts) {
+		if ("status" in data && data["status"] === "active") await getEntitlementManager().assert("flows", {
+			adding: keys.length,
+			knex: this.knex
+		});
 		const result = await super.updateMany(keys, data, opts);
+		await getEntitlementManager().clearCache("flows");
 		await getFlowManager().reload();
 		return result;
 	}
@@ -22,6 +33,7 @@ var FlowsService = class extends ItemsService {
 			reject: null
 		}).whereIn("flow", keys);
 		const result = await super.deleteMany(keys, opts);
+		await getEntitlementManager().clearCache("flows");
 		await getFlowManager().reload();
 		return result;
 	}

package/dist/services/graphql/resolvers/system-admin.js

@@ -1,11 +1,11 @@
 import { RelationsService } from "../../relations.js";
-import { FieldsService, systemFieldUpdateSchema } from "../../fields.js";
-import { CollectionsService } from "../../collections.js";
 import { ExtensionsService } from "../../extensions.js";
+import { FieldsService, systemFieldUpdateSchema } from "../../fields.js";
 import { getCollectionType } from "./get-collection-type.js";
 import { getFieldType } from "./get-field-type.js";
 import { getRelationType } from "./get-relation-type.js";
 import "../index.js";
+import { CollectionsService } from "../../collections.js";
 import { InvalidPayloadError } from "@directus/errors";
 import { isSystemField } from "@directus/system-data";
 import { GraphQLBoolean, GraphQLID, GraphQLList, GraphQLNonNull, GraphQLString } from "graphql";

package/dist/services/graphql/resolvers/system-global.js

@@ -4,9 +4,9 @@ import { generateHash } from "../../../utils/generate-hash.js";
 import { getSecret } from "../../../utils/get-secret.js";
 import { createDefaultAccountability } from "../../../permissions/utils/create-default-accountability.js";
 import { verifyAccessJWT } from "../../../utils/jwt.js";
+import { RevisionsService } from "../../revisions.js";
 import { UsersService } from "../../users.js";
 import { getIPFromReq } from "../../../utils/get-ip-from-req.js";
-import { RevisionsService } from "../../revisions.js";
 import { TFAService } from "../../tfa.js";
 import { AuthenticationService } from "../../authentication.js";
 import isDirectusJWT from "../../../utils/is-directus-jwt.js";

package/dist/services/graphql/resolvers/system.js

@@ -1,9 +1,8 @@
 import database_default from "../../../database/index.js";
 import { FilesService } from "../../files.js";
 import { RelationsService } from "../../relations.js";
-import { FieldsService } from "../../fields.js";
-import { CollectionsService } from "../../collections.js";
 import { UsersService } from "../../users.js";
+import { FieldsService } from "../../fields.js";
 import { fetchAccountabilityCollectionAccess } from "../../../permissions/modules/fetch-accountability-collection-access/fetch-accountability-collection-access.js";
 import { fetchAccountabilityPolicyGlobals } from "../../../permissions/modules/fetch-accountability-policy-globals/fetch-accountability-policy-globals.js";
 import { RolesService } from "../../roles.js";
@@ -19,6 +18,7 @@ import { resolveSystemAdmin } from "./system-admin.js";
 import { globalResolvers } from "./system-global.js";
 import { generateSchema } from "../schema/index.js";
 import { GraphQLService } from "../index.js";
+import { CollectionsService } from "../../collections.js";
 import { useEnv } from "@directus/env";
 import { toBoolean } from "@directus/utils";
 import { GraphQLBoolean, GraphQLEnumType, GraphQLInt, GraphQLList, GraphQLNonNull, GraphQLObjectType, GraphQLString } from "graphql";
@@ -30,22 +30,38 @@ function injectSystemResolvers(gql, schemaComposer, { CreateCollectionTypes, Rea
 	globalResolvers(gql, schemaComposer);
 	const ServerInfo = schemaComposer.createObjectTC({
 		name: "server_info",
-		fields: { project: { type: new GraphQLObjectType({
-			name: "server_info_project",
-			fields: {
-				project_name: { type: GraphQLString },
-				project_descriptor: { type: GraphQLString },
-				project_logo: { type: GraphQLString },
-				project_color: { type: GraphQLString },
-				default_language: { type: GraphQLString },
-				public_foreground: { type: GraphQLString },
-				public_background: { type: GraphQLString },
-				public_note: { type: GraphQLString },
-				custom_css: { type: GraphQLString },
-				public_registration: { type: GraphQLBoolean },
-				public_registration_verify_email: { type: GraphQLBoolean }
-			}
-		}) } }
+		fields: {
+			project: { type: new GraphQLObjectType({
+				name: "server_info_project",
+				fields: {
+					project_name: { type: GraphQLString },
+					project_descriptor: { type: GraphQLString },
+					project_logo: { type: GraphQLString },
+					project_color: { type: GraphQLString },
+					default_language: { type: GraphQLString },
+					public_foreground: { type: GraphQLString },
+					public_background: { type: GraphQLString },
+					public_note: { type: GraphQLString },
+					custom_css: { type: GraphQLString },
+					public_registration: { type: GraphQLBoolean },
+					public_registration_verify_email: { type: GraphQLBoolean }
+				}
+			}) },
+			license: { type: new GraphQLObjectType({
+				name: "server_info_license",
+				fields: {
+					source: { type: GraphQLString },
+					entitlements: { type: new GraphQLObjectType({
+						name: "server_info_license_entitlements",
+						fields: {
+							production_enabled: { type: new GraphQLNonNull(GraphQLBoolean) },
+							ai_translations_enabled: { type: new GraphQLNonNull(GraphQLBoolean) },
+							display_powered_by: { type: new GraphQLNonNull(GraphQLString) }
+						}
+					}) }
+				}
+			}) }
+		}
 	});
 	if (gql.accountability?.user) ServerInfo.addFields({
 		rateLimit: env["RATE_LIMITER_ENABLED"] ? { type: new GraphQLObjectType({

package/dist/services/graphql/schema/get-types.js

@@ -1,8 +1,9 @@
+import { applyFunctionToColumnName } from "../../../database/run-ast/utils/apply-function-to-column-name.js";
 import { getGraphQLType } from "../../../utils/get-graphql-type.js";
 import { SYSTEM_DENY_LIST } from "./index.js";
 import { mapKeys, pick } from "lodash-es";
 import { GENERATE_SPECIAL } from "@directus/constants";
-import { GraphQLID, GraphQLInt, GraphQLNonNull, GraphQLScalarType, GraphQLUnionType } from "graphql";
+import { GraphQLID, GraphQLInt, GraphQLNonNull, GraphQLScalarType, GraphQLString, GraphQLUnionType } from "graphql";
 import { GraphQLJSON } from "graphql-compose";
 
 //#region src/services/graphql/schema/get-types.ts
@@ -81,12 +82,32 @@ function getTypes(schemaComposer, scope, schema, inconsistentFields, action) {
 							return mapKeys(pick(obj, Object.keys(DateTimeFunctions.getFields()).map((key) => `${field.field}_${key}`)), (_value, key) => key.substring(field.field.length + 1));
 						}
 					};
-					if (field.type === "json" || field.type === "alias") acc[`${field.field}_func`] = {
+					if (field.type === "alias") acc[`${field.field}_func`] = {
 						type: CountFunctions,
 						resolve: (obj) => {
 							return mapKeys(pick(obj, Object.keys(CountFunctions.getFields()).map((key) => `${field.field}_${key}`)), (_value, key) => key.substring(field.field.length + 1));
 						}
 					};
+					if (field.type === "json") {
+						const JsonFieldFunctions = schemaComposer.createObjectTC({
+							name: `${collection.collection}_${field.field}_func`,
+							fields: {
+								count: {
+									type: GraphQLInt,
+									resolve: (obj) => obj[`${field.field}_count`]
+								},
+								json: {
+									type: GraphQLJSON,
+									args: { path: { type: new GraphQLNonNull(GraphQLString) } },
+									resolve: (obj, { path }) => obj[applyFunctionToColumnName(`json(${field.field}, ${path})`)]
+								}
+							}
+						});
+						acc[`${field.field}_func`] = {
+							type: JsonFieldFunctions,
+							resolve: (obj) => obj
+						};
+					}
 				}
 				return acc;
 			}, {})

package/dist/services/graphql/schema/parse-query.js

@@ -65,6 +65,14 @@ async function getQuery(rawQuery, schema, selections, variableValues, accountabi
 					for (const subSelection of selection.selectionSet.selections) {
 						if (subSelection.kind !== "Field") continue;
 						if (subSelection.name.value.startsWith("__")) continue;
+						if (subSelection.name.value === "json" && subSelection.arguments?.length) {
+							const pathArg = subSelection.arguments.find((a) => a.name.value === "path");
+							if (pathArg) {
+								const pathValue = parseArgs([pathArg], variableValues).path;
+								children.push(`json(${rootField}, ${pathValue})`);
+								continue;
+							}
+						}
 						children.push(`${subSelection.name.value}(${rootField})`);
 					}
 				} else children = await parseFields(selection.selectionSet.selections, currentAlias ?? current, childCollection, selection.kind === "Field" ? selection.name.value : void 0);

package/dist/services/graphql/schema/read.js

@@ -6,6 +6,7 @@ import { GraphQLGeoJSON } from "../types/geojson.js";
 import { GraphQLHash } from "../types/hash.js";
 import { getGraphQLType } from "../../../utils/get-graphql-type.js";
 import { resolveQuery } from "../resolvers/query.js";
+import { GraphQLJsonFilter } from "../types/json-filter.js";
 import { GraphQLStringOrFloat } from "../types/string-or-float.js";
 import { getTypes } from "./get-types.js";
 import { SYSTEM_DENY_LIST } from "./index.js";
@@ -154,6 +155,14 @@ async function getReadableTypes(gql, schemaComposer, schema, inconsistentFields)
 			_nempty: { type: GraphQLBoolean }
 		}
 	});
+	const JsonFilterOperators = schemaComposer.createInputTC({
+		name: "json_filter_operators",
+		fields: {
+			_json: { type: GraphQLJsonFilter },
+			_null: { type: GraphQLBoolean },
+			_nnull: { type: GraphQLBoolean }
+		}
+	});
 	const CountFunctionFilterOperators = schemaComposer.createInputTC({
 		name: "count_function_filter_operators",
 		fields: { count: { type: NumberFilterOperators } }
@@ -213,6 +222,9 @@ async function getReadableTypes(gql, schemaComposer, schema, inconsistentFields)
 					case GraphQLDate:
 						filterOperatorType = DateFilterOperators;
 						break;
+					case GraphQLJSON:
+						filterOperatorType = JsonFilterOperators;
+						break;
 					case GraphQLGeoJSON:
 						filterOperatorType = GeometryFilterOperators;
 						break;