directus 9.0.0 → 9.1.2

package/dist/app.js

@@ -40,6 +40,7 @@ const graphql_1 = __importDefault(require("./controllers/graphql"));
 const items_1 = __importDefault(require("./controllers/items"));
 const not_found_1 = __importDefault(require("./controllers/not-found"));
 const panels_1 = __importDefault(require("./controllers/panels"));
+const notifications_1 = __importDefault(require("./controllers/notifications"));
 const permissions_1 = __importDefault(require("./controllers/permissions"));
 const presets_1 = __importDefault(require("./controllers/presets"));
 const relations_1 = __importDefault(require("./controllers/relations"));
@@ -132,11 +133,13 @@ async function createApp() {
         // Set the App's base path according to the APIs public URL
         const html = await fs_extra_1.default.readFile(adminPath, 'utf8');
         const htmlWithBase = html.replace(/<base \/>/, `<base href="${adminUrl.toString({ rootRelative: true })}/" />`);
-        app.get('/admin', (req, res) => res.send(htmlWithBase));
-        app.use('/admin', express_1.default.static(path_1.default.join(adminPath, '..')));
-        app.use('/admin/*', (req, res) => {
+        const noCacheIndexHtmlHandler = (req, res) => {
+            res.setHeader('Cache-Control', 'no-cache');
             res.send(htmlWithBase);
-        });
+        };
+        app.get('/admin', noCacheIndexHtmlHandler);
+        app.use('/admin', express_1.default.static(path_1.default.join(adminPath, '..')));
+        app.use('/admin/*', noCacheIndexHtmlHandler);
     }
     // use the rate limiter - all routes for now
     if (env_1.default.RATE_LIMITER_ENABLED === true) {
@@ -161,6 +164,7 @@ async function createApp() {
     app.use('/files', files_1.default);
     app.use('/folders', folders_1.default);
     app.use('/items', items_1.default);
+    app.use('/notifications', notifications_1.default);
     app.use('/panels', panels_1.default);
     app.use('/permissions', permissions_1.default);
     app.use('/presets', presets_1.default);

package/dist/auth/drivers/ldap.js

@@ -91,21 +91,16 @@ class LDAPAuthDriver extends auth_1.AuthDriver {
         });
     }
     async fetchUserDn(identifier) {
-        const { userDn, userAttribute } = this.config;
+        const { userDn, userAttribute, userScope } = this.config;
         return new Promise((resolve, reject) => {
             // Search for the user in LDAP by attribute
-            this.bindClient.search(userDn, {
-                attributes: ['cn'],
-                filter: `(${userAttribute !== null && userAttribute !== void 0 ? userAttribute : 'cn'}=${identifier})`,
-                scope: 'one',
-            }, (err, res) => {
+            this.bindClient.search(userDn, { filter: `(${userAttribute !== null && userAttribute !== void 0 ? userAttribute : 'cn'}=${identifier})`, scope: userScope !== null && userScope !== void 0 ? userScope : 'one' }, (err, res) => {
                 if (err) {
                     reject(handleError(err));
                     return;
                 }
                 res.on('searchEntry', ({ object }) => {
-                    const userCn = typeof object.cn === 'object' ? object.cn[0] : object.cn;
-                    resolve(`cn=${userCn},${userDn}`.toLowerCase());
+                    resolve(object.dn.toLowerCase());
                 });
                 res.on('error', (err) => {
                     reject(handleError(err));
@@ -147,7 +142,7 @@ class LDAPAuthDriver extends auth_1.AuthDriver {
         });
     }
     async fetchUserGroups(userDn) {
-        const { groupDn, groupAttribute } = this.config;
+        const { groupDn, groupAttribute, groupScope } = this.config;
         if (!groupDn) {
             return Promise.resolve([]);
         }
@@ -157,7 +152,7 @@ class LDAPAuthDriver extends auth_1.AuthDriver {
             this.bindClient.search(groupDn, {
                 attributes: ['cn'],
                 filter: `(${groupAttribute !== null && groupAttribute !== void 0 ? groupAttribute : 'member'}=${userDn})`,
-                scope: 'one',
+                scope: groupScope !== null && groupScope !== void 0 ? groupScope : 'one',
             }, (err, res) => {
                 if (err) {
                     reject(handleError(err));
@@ -244,12 +239,13 @@ class LDAPAuthDriver extends auth_1.AuthDriver {
                 reject(handleError(err));
             });
             client.bind(user.external_identifier, password, (err) => {
-                client.destroy();
                 if (err) {
                     reject(handleError(err));
-                    return;
                 }
-                resolve();
+                else {
+                    resolve();
+                }
+                client.destroy();
             });
         });
     }

package/dist/auth/drivers/oauth2.d.ts

@@ -13,7 +13,7 @@ export declare class OAuth2AuthDriver extends LocalAuthDriver {
     generateAuthUrl(codeVerifier: string): string;
     private fetchUserId;
     getUserID(payload: Record<string, any>): Promise<string>;
-    login(user: User, sessionData: SessionData): Promise<SessionData>;
+    login(user: User): Promise<SessionData>;
     refresh(user: User, sessionData: SessionData): Promise<SessionData>;
 }
 export declare function createOAuth2AuthRouter(providerName: string): Router;

package/dist/auth/drivers/oauth2.js

@@ -80,7 +80,7 @@ class OAuth2AuthDriver extends local_1.LocalAuthDriver {
             tokenSet = await this.client.oauthCallback(this.redirectUrl, { code: payload.code, state: payload.state }, { code_verifier: payload.codeVerifier, state: openid_client_1.generators.codeChallenge(payload.codeVerifier) });
             const issuer = this.client.issuer;
             if (issuer.metadata.userinfo_endpoint) {
-                userInfo = await this.client.userinfo(tokenSet);
+                userInfo = await this.client.userinfo(tokenSet.access_token);
             }
             else if (tokenSet.id_token) {
                 userInfo = tokenSet.claims();
@@ -123,8 +123,8 @@ class OAuth2AuthDriver extends local_1.LocalAuthDriver {
         });
         return (await this.fetchUserId(identifier));
     }
-    async login(user, sessionData) {
-        return this.refresh(user, sessionData);
+    async login(user) {
+        return this.refresh(user, null);
     }
     async refresh(user, sessionData) {
         let authData = user.auth_data;

package/dist/auth/drivers/openid.d.ts

@@ -13,7 +13,7 @@ export declare class OpenIDAuthDriver extends LocalAuthDriver {
     generateAuthUrl(codeVerifier: string): Promise<string>;
     private fetchUserId;
     getUserID(payload: Record<string, any>): Promise<string>;
-    login(user: User, sessionData: SessionData): Promise<SessionData>;
+    login(user: User): Promise<SessionData>;
     refresh(user: User, sessionData: SessionData): Promise<SessionData>;
 }
 export declare function createOpenIDAuthRouter(providerName: string): Router;

package/dist/auth/drivers/openid.js

@@ -31,6 +31,12 @@ class OpenIDAuthDriver extends local_1.LocalAuthDriver {
         this.client = new Promise((resolve, reject) => {
             openid_client_1.Issuer.discover(issuerUrl)
                 .then((issuer) => {
+                const supportedTypes = issuer.metadata.response_types_supported;
+                if (!(supportedTypes === null || supportedTypes === void 0 ? void 0 : supportedTypes.includes('code'))) {
+                    reject(new exceptions_1.InvalidConfigException('OpenID provider does not support required code flow', {
+                        provider: additionalConfig.provider,
+                    }));
+                }
                 resolve(new issuer.Client({
                     client_id: clientId,
                     client_secret: clientSecret,
@@ -82,7 +88,7 @@ class OpenIDAuthDriver extends local_1.LocalAuthDriver {
             tokenSet = await client.callback(this.redirectUrl, { code: payload.code, state: payload.state }, { code_verifier: payload.codeVerifier, state: openid_client_1.generators.codeChallenge(payload.codeVerifier) });
             const issuer = client.issuer;
             if (issuer.metadata.userinfo_endpoint) {
-                userInfo = await client.userinfo(tokenSet);
+                userInfo = await client.userinfo(tokenSet.access_token);
             }
             else {
                 userInfo = tokenSet.claims();
@@ -125,8 +131,8 @@ class OpenIDAuthDriver extends local_1.LocalAuthDriver {
         });
         return (await this.fetchUserId(identifier));
     }
-    async login(user, sessionData) {
-        return this.refresh(user, sessionData);
+    async login(user) {
+        return this.refresh(user, null);
     }
     async refresh(user, sessionData) {
         let authData = user.auth_data;

package/dist/controllers/notifications.d.ts

@@ -0,0 +1,2 @@
+declare const router: import("express-serve-static-core").Router;
+export default router;

package/dist/controllers/notifications.js

@@ -0,0 +1,147 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const express_1 = __importDefault(require("express"));
+const exceptions_1 = require("../exceptions");
+const respond_1 = require("../middleware/respond");
+const use_collection_1 = __importDefault(require("../middleware/use-collection"));
+const validate_batch_1 = require("../middleware/validate-batch");
+const services_1 = require("../services");
+const async_handler_1 = __importDefault(require("../utils/async-handler"));
+const router = express_1.default.Router();
+router.use((0, use_collection_1.default)('directus_notifications'));
+router.post('/', (0, async_handler_1.default)(async (req, res, next) => {
+    const service = new services_1.NotificationsService({
+        accountability: req.accountability,
+        schema: req.schema,
+    });
+    const savedKeys = [];
+    if (Array.isArray(req.body)) {
+        const keys = await service.createMany(req.body);
+        savedKeys.push(...keys);
+    }
+    else {
+        const key = await service.createOne(req.body);
+        savedKeys.push(key);
+    }
+    try {
+        if (Array.isArray(req.body)) {
+            const records = await service.readMany(savedKeys, req.sanitizedQuery);
+            res.locals.payload = { data: records };
+        }
+        else {
+            const record = await service.readOne(savedKeys[0], req.sanitizedQuery);
+            res.locals.payload = { data: record };
+        }
+    }
+    catch (error) {
+        if (error instanceof exceptions_1.ForbiddenException) {
+            return next();
+        }
+        throw error;
+    }
+    return next();
+}), respond_1.respond);
+const readHandler = (0, async_handler_1.default)(async (req, res, next) => {
+    const service = new services_1.NotificationsService({
+        accountability: req.accountability,
+        schema: req.schema,
+    });
+    const metaService = new services_1.MetaService({
+        accountability: req.accountability,
+        schema: req.schema,
+    });
+    let result;
+    if (req.singleton) {
+        result = await service.readSingleton(req.sanitizedQuery);
+    }
+    else if (req.body.keys) {
+        result = await service.readMany(req.body.keys, req.sanitizedQuery);
+    }
+    else {
+        result = await service.readByQuery(req.sanitizedQuery);
+    }
+    const meta = await metaService.getMetaForQuery('directus_presets', req.sanitizedQuery);
+    res.locals.payload = { data: result, meta };
+    return next();
+});
+router.get('/', (0, validate_batch_1.validateBatch)('read'), readHandler, respond_1.respond);
+router.search('/', (0, validate_batch_1.validateBatch)('read'), readHandler, respond_1.respond);
+router.get('/:pk', (0, async_handler_1.default)(async (req, res, next) => {
+    const service = new services_1.NotificationsService({
+        accountability: req.accountability,
+        schema: req.schema,
+    });
+    const record = await service.readOne(req.params.pk, req.sanitizedQuery);
+    res.locals.payload = { data: record || null };
+    return next();
+}), respond_1.respond);
+router.patch('/', (0, validate_batch_1.validateBatch)('update'), (0, async_handler_1.default)(async (req, res, next) => {
+    const service = new services_1.NotificationsService({
+        accountability: req.accountability,
+        schema: req.schema,
+    });
+    let keys = [];
+    if (req.body.keys) {
+        keys = await service.updateMany(req.body.keys, req.body.data);
+    }
+    else {
+        keys = await service.updateByQuery(req.body.query, req.body.data);
+    }
+    try {
+        const result = await service.readMany(keys, req.sanitizedQuery);
+        res.locals.payload = { data: result };
+    }
+    catch (error) {
+        if (error instanceof exceptions_1.ForbiddenException) {
+            return next();
+        }
+        throw error;
+    }
+    return next();
+}), respond_1.respond);
+router.patch('/:pk', (0, async_handler_1.default)(async (req, res, next) => {
+    const service = new services_1.NotificationsService({
+        accountability: req.accountability,
+        schema: req.schema,
+    });
+    const primaryKey = await service.updateOne(req.params.pk, req.body);
+    try {
+        const record = await service.readOne(primaryKey, req.sanitizedQuery);
+        res.locals.payload = { data: record };
+    }
+    catch (error) {
+        if (error instanceof exceptions_1.ForbiddenException) {
+            return next();
+        }
+        throw error;
+    }
+    return next();
+}), respond_1.respond);
+router.delete('/', (0, validate_batch_1.validateBatch)('delete'), (0, async_handler_1.default)(async (req, res, next) => {
+    const service = new services_1.NotificationsService({
+        accountability: req.accountability,
+        schema: req.schema,
+    });
+    if (Array.isArray(req.body)) {
+        await service.deleteMany(req.body);
+    }
+    else if (req.body.keys) {
+        await service.deleteMany(req.body.keys);
+    }
+    else {
+        await service.deleteByQuery(req.body.query);
+    }
+    return next();
+}), respond_1.respond);
+router.delete('/:pk', (0, async_handler_1.default)(async (req, res, next) => {
+    const service = new services_1.NotificationsService({
+        accountability: req.accountability,
+        schema: req.schema,
+    });
+    await service.deleteOne(req.params.pk);
+    return next();
+}), respond_1.respond);
+exports.default = router;

package/dist/database/helpers/geometry.js

@@ -99,7 +99,7 @@ class KnexSpatial_PG extends KnexSpatial {
     createColumn(table, field) {
         var _a;
         const type = (_a = field.type.split('.')[1]) !== null && _a !== void 0 ? _a : 'geometry';
-        return table.specificType(field.field, `geometry(${type})`);
+        return table.specificType(field.field, `geometry(${type}, 4326)`);
     }
     _intersects_bbox(key, geojson) {
         const geometry = this.fromGeoJSON(geojson);
@@ -110,6 +110,9 @@ class KnexSpatial_MySQL extends KnexSpatial {
     collect(table, column) {
         return this.knex.raw(`concat('geometrycollection(', group_concat(? separator ', '), ')'`, this.asText(table, column));
     }
+    fromText(text) {
+        return this.knex.raw('st_geomfromtext(?)', text);
+    }
 }
 class KnexSpatial_Redshift extends KnexSpatial {
     createColumn(table, field) {

package/dist/database/migrations/20211103B-update-special-geometry.js

@@ -3,7 +3,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.down = exports.up = void 0;
 async function up(knex) {
     await knex('directus_fields')
-        .update({ special: knex.raw(`REPLACE(special, 'geometry,', 'geometry.')`) })
+        .update({ special: knex.raw(`REPLACE(??, 'geometry,', 'geometry.')`, ['special']) })
         .where('special', 'like', '%geometry,Point%')
         .orWhere('special', 'like', '%geometry,LineString%')
         .orWhere('special', 'like', '%geometry,Polygon%')
@@ -14,7 +14,7 @@ async function up(knex) {
 exports.up = up;
 async function down(knex) {
     await knex('directus_fields')
-        .update({ special: knex.raw(`REPLACE(special, 'geometry.', 'geometry,')`) })
+        .update({ special: knex.raw(`REPLACE(??, 'geometry.', 'geometry,')`, ['special']) })
         .where('special', 'like', '%geometry.Point%')
         .orWhere('special', 'like', '%geometry.LineString%')
         .orWhere('special', 'like', '%geometry.Polygon%')

package/dist/database/migrations/20211118A-add-notifications.d.ts

@@ -0,0 +1,3 @@
+import { Knex } from 'knex';
+export declare function up(knex: Knex): Promise<void>;
+export declare function down(knex: Knex): Promise<void>;

package/dist/database/migrations/20211118A-add-notifications.js

@@ -0,0 +1,28 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.down = exports.up = void 0;
+async function up(knex) {
+    await knex.schema.createTable('directus_notifications', (table) => {
+        table.increments();
+        table.timestamp('timestamp').notNullable();
+        table.string('status').defaultTo('inbox');
+        table.uuid('recipient').notNullable().references('id').inTable('directus_users').onDelete('CASCADE');
+        table.uuid('sender').notNullable().references('id').inTable('directus_users');
+        table.string('subject').notNullable();
+        table.text('message');
+        table.string('collection', 64);
+        table.string('item');
+    });
+    await knex.schema.alterTable('directus_users', (table) => {
+        table.boolean('email_notifications').defaultTo(true);
+    });
+    await knex('directus_users').update({ email_notifications: true });
+}
+exports.up = up;
+async function down(knex) {
+    await knex.schema.dropTable('directus_notifications');
+    await knex.schema.alterTable('directus_users', (table) => {
+        table.dropColumn('email_notifications');
+    });
+}
+exports.down = down;

package/dist/database/system-data/app-access-permissions/app-access-permissions.yaml

@@ -72,6 +72,20 @@
 - collection: directus_settings
   action: read
 
+- collection: directus_notifications
+  action: read
+  permissions:
+    recipient:
+      _eq: $CURRENT_USER
+  fields: '*'
+
+- collection: directus_notifications
+  action: update
+  permissions:
+    recipient:
+      _eq: $CURRENT_USER
+  fields: 'status'
+
 - collection: directus_users
   action: read
   permissions:

package/dist/database/system-data/collections/collections.yaml

@@ -63,3 +63,5 @@ data:
     note: $t:directus_collection.directus_dashboards
   - collection: directus_panels
     note: $t:directus_collection.directus_panels
+  - collection: directus_notifications
+    note: $t:directus_collection.directus_notifications

package/dist/database/system-data/fields/notifications.yaml

@@ -0,0 +1,12 @@
+table: directus_notifications
+
+fields:
+  - field: id
+  - field: timestamp
+    special: date-created
+  - field: recipient
+  - field: sender
+  - field: subject
+  - field: message
+  - field: collection
+  - field: item

package/dist/database/system-data/fields/settings.yaml

@@ -36,7 +36,7 @@ fields:
 
   - field: project_color
     interface: select-color
-    note: $t:field_options.directus_settings.project_logo_note
+    note: $t:field_options.directus_settings.project_color_note
     translations:
       language: en-US
       translations: Brand Color
@@ -44,7 +44,7 @@ fields:
 
   - field: project_logo
     interface: file
-    note: White 40x40 SVG/PNG
+    note: $t:field_options.directus_settings.project_logo_note
     translations:
       language: en-US
       translations: Brand Logo
@@ -77,7 +77,7 @@ fields:
       language: css
       lineNumber: true
       template: |
-        #app {
+        #app, #main-content {
           --border-radius-outline: 0px !important;
           --border-radius: 0px !important;
         }
@@ -170,7 +170,7 @@ fields:
               onlyOnCreate: false
             width: full
         - field: fit
-          name: Fit
+          name: $t:field_options.directus_settings.storage_asset_presets.fit_label
           type: string
           schema:
             is_nullable: false
@@ -217,7 +217,7 @@ fields:
               step: 1
             width: half
         - field: withoutEnlargement
-          name: Upscaling
+          name: $t:field_options.directus_settings.storage_asset_presets.upscaling
           type: boolean
           schema:
             default_value: false
@@ -227,7 +227,7 @@ fields:
             options:
               label: $t:no_upscale
         - field: format
-          name: Format
+          name: $t:format
           type: string
           schema:
             is_nullable: false
@@ -307,7 +307,7 @@ fields:
           meta:
             interface: text-input
             options:
-              placeholder: Enter the basemap name...
+              placeholder: $t:field_options.directus_settings.basemaps_name_placeholder
         - field: type
           name: $t:type
           meta:

package/dist/database/system-data/fields/users.yaml

@@ -90,6 +90,11 @@ fields:
     special: conceal
     width: half
 
+  - field: email_notifications
+    interface: boolean
+    width: half
+    special: boolean
+
   - field: admin_divider
     interface: presentation-divider
     options:

package/dist/database/system-data/fields/webhooks.yaml

@@ -40,19 +40,19 @@ fields:
     display_options:
       showAsDot: true
       choices:
-        - text: $t:active
+        - text: $t:field_options.directus_webhooks.status_options_active
           value: active
           foreground: 'var(--primary-10)'
           background: 'var(--primary)'
-        - text: $t:inactive
+        - text: $t:field_options.directus_webhooks.status_options_inactive
           value: inactive
           foreground: 'var(--foreground-normal)'
           background: 'var(--background-normal-alt)'
     options:
       choices:
-        - text: $t:active
+        - text: $t:field_options.directus_webhooks.status_options_active
           value: active
-        - text: $t:inactive
+        - text: $t:field_options.directus_webhooks.status_options_inactive
           value: inactive
     width: half
 

package/dist/database/system-data/relations/relations.yaml

@@ -82,3 +82,9 @@ data:
   - many_collection: directus_panels
     many_field: user_created
     one_collection: directus_users
+  - many_collection: directus_notifications
+    many_field: recipient
+    one_collection: directus_users
+  - many_collection: directus_notifications
+    many_field: sender
+    one_collection: directus_users

package/dist/mailer.js

@@ -11,14 +11,23 @@ let transporter;
 function getMailer() {
     if (transporter)
         return transporter;
-    if (env_1.default.EMAIL_TRANSPORT === 'sendmail') {
+    const transportName = env_1.default.EMAIL_TRANSPORT.toLowerCase();
+    if (transportName === 'sendmail') {
         transporter = nodemailer_1.default.createTransport({
             sendmail: true,
             newline: env_1.default.EMAIL_SENDMAIL_NEW_LINE || 'unix',
             path: env_1.default.EMAIL_SENDMAIL_PATH || '/usr/sbin/sendmail',
         });
     }
-    else if (env_1.default.EMAIL_TRANSPORT.toLowerCase() === 'smtp') {
+    else if (transportName === 'ses') {
+        const aws = require('@aws-sdk/client-ses');
+        const sesOptions = (0, get_config_from_env_1.getConfigFromEnv)('EMAIL_SES_');
+        const ses = new aws.SES(sesOptions);
+        transporter = nodemailer_1.default.createTransport({
+            SES: { ses, aws },
+        });
+    }
+    else if (transportName === 'smtp') {
         let auth = false;
         if (env_1.default.EMAIL_SMTP_USER || env_1.default.EMAIL_SMTP_PASSWORD) {
             auth = {
@@ -37,7 +46,7 @@ function getMailer() {
             tls,
         });
     }
-    else if (env_1.default.EMAIL_TRANSPORT.toLowerCase() === 'mailgun') {
+    else if (transportName === 'mailgun') {
         const mg = require('nodemailer-mailgun-transport');
         transporter = nodemailer_1.default.createTransport(mg({
             auth: {