directus 9.1.2 → 9.3.0

package/dist/services/items.js

@@ -213,8 +213,16 @@ class ItemsService {
         if (records === null) {
             throw new exceptions_1.ForbiddenException();
         }
+        const filteredRecords = await emitter_1.default.emitFilter(`${this.eventScope}.read`, records, {
+            query,
+            collection: this.collection,
+        }, {
+            database: this.knex,
+            schema: this.schema,
+            accountability: this.accountability,
+        });
         emitter_1.default.emitAction(`${this.eventScope}.read`, {
-            payload: records,
+            payload: filteredRecords,
             query,
             collection: this.collection,
         }, {
@@ -222,23 +230,15 @@ class ItemsService {
             schema: this.schema,
             accountability: this.accountability,
         });
-        return records;
+        return filteredRecords;
     }
     /**
      * Get single item by primary key
      */
-    async readOne(key, query, opts) {
-        query = query !== null && query !== void 0 ? query : {};
+    async readOne(key, query = {}, opts) {
         const primaryKeyField = this.schema.collections[this.collection].primary;
-        const queryWithKey = {
-            ...query,
-            filter: {
-                ...(query.filter || {}),
-                [primaryKeyField]: {
-                    _eq: key,
-                },
-            },
-        };
+        const filterWithKey = (0, lodash_1.assign)({}, query.filter, { [primaryKeyField]: { _eq: key } });
+        const queryWithKey = (0, lodash_1.assign)({}, query, { filter: filterWithKey });
         const results = await this.readByQuery(queryWithKey, opts);
         if (results.length === 0) {
             throw new exceptions_1.ForbiddenException();
@@ -248,23 +248,12 @@ class ItemsService {
     /**
      * Get multiple items by primary keys
      */
-    async readMany(keys, query, opts) {
-        query = query !== null && query !== void 0 ? query : {};
+    async readMany(keys, query = {}, opts) {
+        var _a;
         const primaryKeyField = this.schema.collections[this.collection].primary;
-        const queryWithKeys = {
-            ...query,
-            filter: {
-                _and: [
-                    query.filter || {},
-                    {
-                        [primaryKeyField]: {
-                            _in: keys,
-                        },
-                    },
-                ],
-            },
-        };
-        const results = await this.readByQuery(queryWithKeys, opts);
+        const filterWithKey = { _and: [{ [primaryKeyField]: { _in: keys } }, (_a = query.filter) !== null && _a !== void 0 ? _a : {}] };
+        const queryWithKey = (0, lodash_1.assign)({}, query, { filter: filterWithKey });
+        const results = await this.readByQuery(queryWithKey, opts);
         return results;
     }
     /**

package/dist/services/payload.d.ts

@@ -1,6 +1,7 @@
 import { Knex } from 'knex';
 import { AbstractServiceOptions, Item, PrimaryKey, SchemaOverview } from '../types';
 import { Accountability } from '@directus/shared/types';
+import { Helpers } from '../database/helpers';
 declare type Action = 'create' | 'read' | 'update';
 declare type Transformers = {
     [type: string]: (context: {
@@ -18,6 +19,7 @@ declare type Transformers = {
 export declare class PayloadService {
     accountability: Accountability | null;
     knex: Knex;
+    helpers: Helpers;
     collection: string;
     schema: SchemaOverview;
     constructor(collection: string, options: AbstractServiceOptions);

package/dist/services/payload.js

@@ -13,7 +13,7 @@ const exceptions_1 = require("../exceptions");
 const utils_1 = require("@directus/shared/utils");
 const items_1 = require("./items");
 const flat_1 = require("flat");
-const geometry_1 = require("../database/helpers/geometry");
+const helpers_1 = require("../database/helpers");
 const wellknown_1 = require("wellknown");
 const generate_hash_1 = require("../utils/generate-hash");
 /**
@@ -111,6 +111,7 @@ class PayloadService {
         };
         this.accountability = options.accountability || null;
         this.knex = options.knex || (0, database_1.default)();
+        this.helpers = (0, helpers_1.getHelpers)(this.knex);
         this.collection = collection;
         this.schema = options.schema;
         return this;
@@ -188,10 +189,9 @@ class PayloadService {
      * to check if the value is a raw instance before stringifying it in the next step.
      */
     processGeometries(payloads, action) {
-        const helper = (0, geometry_1.getGeometryHelper)();
         const process = action == 'read'
             ? (value) => (typeof value === 'string' ? (0, wellknown_1.parse)(value) : value)
-            : (value) => helper.fromGeoJSON(typeof value == 'string' ? JSON.parse(value) : value);
+            : (value) => this.helpers.st.fromGeoJSON(typeof value == 'string' ? JSON.parse(value) : value);
         const fieldsInCollection = Object.entries(this.schema.collections[this.collection].fields);
         const geometryColumns = fieldsInCollection.filter(([_, field]) => field.type.startsWith('geometry'));
         for (const [name] of geometryColumns) {

package/dist/services/users.js

@@ -19,6 +19,7 @@ const mail_1 = require("./mail");
 const settings_1 = require("./settings");
 const stall_1 = require("../utils/stall");
 const perf_hooks_1 = require("perf_hooks");
+const utils_2 = require("@directus/shared/utils");
 class UsersService extends items_1.ItemsService {
     constructor(options) {
         super('directus_users', options);
@@ -251,7 +252,7 @@ class UsersService extends items_1.ItemsService {
         }
         const STALL_TIME = 500;
         const timeStart = perf_hooks_1.performance.now();
-        const user = await this.knex.select('status').from('directus_users').where({ email }).first();
+        const user = await this.knex.select('status', 'password').from('directus_users').where({ email }).first();
         if ((user === null || user === void 0 ? void 0 : user.status) !== 'active') {
             await (0, stall_1.stall)(STALL_TIME, timeStart);
             throw new exceptions_2.ForbiddenException();
@@ -261,7 +262,7 @@ class UsersService extends items_1.ItemsService {
             knex: this.knex,
             accountability: this.accountability,
         });
-        const payload = { email, scope: 'password-reset' };
+        const payload = { email, scope: 'password-reset', hash: (0, utils_2.getSimpleHash)('' + user.password) };
         const token = jsonwebtoken_1.default.sign(payload, env_1.default.SECRET, { expiresIn: '1d', issuer: 'directus' });
         const acceptURL = url ? `${url}?token=${token}` : `${env_1.default.PUBLIC_URL}/admin/reset-password?token=${token}`;
         const subjectLine = subject ? subject : 'Password Reset Request';
@@ -279,11 +280,12 @@ class UsersService extends items_1.ItemsService {
         await (0, stall_1.stall)(STALL_TIME, timeStart);
     }
     async resetPassword(token, password) {
-        const { email, scope } = jsonwebtoken_1.default.verify(token, env_1.default.SECRET, { issuer: 'directus' });
-        if (scope !== 'password-reset')
+        const { email, scope, hash } = jsonwebtoken_1.default.verify(token, env_1.default.SECRET, { issuer: 'directus' });
+        if (scope !== 'password-reset' || !hash)
             throw new exceptions_2.ForbiddenException();
-        const user = await this.knex.select('id', 'status').from('directus_users').where({ email }).first();
-        if ((user === null || user === void 0 ? void 0 : user.status) !== 'active') {
+        await this.checkPasswordPolicy([password]);
+        const user = await this.knex.select('id', 'status', 'password').from('directus_users').where({ email }).first();
+        if ((user === null || user === void 0 ? void 0 : user.status) !== 'active' || hash !== (0, utils_2.getSimpleHash)('' + user.password)) {
             throw new exceptions_2.ForbiddenException();
         }
         // Allow unauthenticated update

package/dist/tests/database/migrations/run.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/tests/database/migrations/run.test.js

@@ -0,0 +1,29 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const knex_1 = __importDefault(require("knex"));
+const knex_mock_client_1 = require("knex-mock-client");
+const run_1 = __importDefault(require("../../../database/migrations/run"));
+describe('run', () => {
+    let db;
+    let tracker;
+    beforeAll(() => {
+        db = (0, knex_1.default)({ client: knex_mock_client_1.MockClient });
+        tracker = (0, knex_mock_client_1.getTracker)();
+    });
+    afterEach(() => {
+        tracker.reset();
+    });
+    describe('when passed the argument up', () => {
+        it('returns "Nothing To Updage" if no directus_migrations', async () => {
+            // note the difference between an empty array and ['Empty']
+            tracker.on.select('directus_migrations').response(['Empty']);
+            await (0, run_1.default)(db, 'up').catch((e) => {
+                expect(e).toBeInstanceOf(Error);
+                expect(e.message).toBe('Nothing to upgrade');
+            });
+        });
+    });
+});

package/dist/types/extensions.d.ts

@@ -5,6 +5,7 @@ import { Logger } from 'pino';
 import env from '../env';
 import * as exceptions from '../exceptions';
 import * as services from '../services';
+import { Emitter } from '../emitter';
 import { getSchema } from '../utils/get-schema';
 import { SchemaOverview } from './schema';
 export declare type ExtensionContext = {
@@ -12,6 +13,7 @@ export declare type ExtensionContext = {
     exceptions: typeof exceptions;
     database: Knex;
     env: typeof env;
+    emitter: Emitter;
     logger: Logger;
     getSchema: typeof getSchema;
 };

package/dist/utils/apply-query.js

@@ -8,11 +8,9 @@ const lodash_1 = require("lodash");
 const nanoid_1 = require("nanoid");
 const uuid_validate_1 = __importDefault(require("uuid-validate"));
 const exceptions_1 = require("../exceptions");
-const apply_function_to_column_name_1 = require("./apply-function-to-column-name");
 const get_column_1 = require("./get-column");
 const get_relation_type_1 = require("./get-relation-type");
-const geometry_1 = require("../database/helpers/geometry");
-const date_1 = require("../database/helpers/date");
+const helpers_1 = require("../database/helpers");
 const generateAlias = (0, nanoid_1.customAlphabet)('abcdefghijklmnopqrstuvwxyz', 5);
 /**
  * Apply the Query to a given Knex query builder instance
@@ -45,7 +43,7 @@ function applyQuery(knex, collection, dbQuery, query, schema, subQuery = false)
         applySearch(schema, dbQuery, query.search, collection);
     }
     if (query.group) {
-        dbQuery.groupBy(query.group.map(apply_function_to_column_name_1.applyFunctionToColumnName));
+        dbQuery.groupBy(query.group.map((column) => (0, get_column_1.getColumn)(knex, collection, column, false)));
     }
     if (query.aggregate) {
         applyAggregate(dbQuery, query.aggregate, collection);
@@ -117,6 +115,7 @@ exports.default = applyQuery;
  * ```
  */
 function applyFilter(knex, schema, rootQuery, rootFilter, collection, subQuery = false) {
+    const helpers = (0, helpers_1.getHelpers)(knex);
     const relations = schema.relations;
     const aliasMap = {};
     addJoins(rootQuery, rootFilter, collection);
@@ -273,16 +272,15 @@ function applyFilter(knex, schema, rootQuery, rootFilter, collection, subQuery =
                     query.where(key, '!=', '');
                 });
             }
-            const dateHelper = (0, date_1.getDateHelper)();
             const [collection, field] = key.split('.');
             if (collection in schema.collections && field in schema.collections[collection].fields) {
                 const type = schema.collections[collection].fields[field].type;
                 if (['date', 'dateTime', 'time', 'timestamp'].includes(type)) {
                     if (Array.isArray(compareValue)) {
-                        compareValue = compareValue.map((val) => dateHelper.parseDate(val));
+                        compareValue = compareValue.map((val) => helpers.date.parse(val));
                     }
                     else {
-                        compareValue = dateHelper.parseDate(compareValue);
+                        compareValue = helpers.date.parse(compareValue);
                     }
                 }
             }
@@ -361,18 +359,17 @@ function applyFilter(knex, schema, rootQuery, rootFilter, collection, subQuery =
                     value = value.split(',');
                 dbQuery[logical].whereNotBetween(selectionRaw, value);
             }
-            const geometryHelper = (0, geometry_1.getGeometryHelper)();
             if (operator == '_intersects') {
-                dbQuery[logical].whereRaw(geometryHelper.intersects(key, compareValue));
+                dbQuery[logical].whereRaw(helpers.st.intersects(key, compareValue));
             }
             if (operator == '_nintersects') {
-                dbQuery[logical].whereRaw(geometryHelper.nintersects(key, compareValue));
+                dbQuery[logical].whereRaw(helpers.st.nintersects(key, compareValue));
             }
             if (operator == '_intersects_bbox') {
-                dbQuery[logical].whereRaw(geometryHelper.intersects_bbox(key, compareValue));
+                dbQuery[logical].whereRaw(helpers.st.intersects_bbox(key, compareValue));
             }
             if (operator == '_nintersects_bbox') {
-                dbQuery[logical].whereRaw(geometryHelper.nintersects_bbox(key, compareValue));
+                dbQuery[logical].whereRaw(helpers.st.nintersects_bbox(key, compareValue));
             }
         }
         function getWhereColumn(path, collection) {

package/dist/utils/apply-snapshot.js

@@ -10,6 +10,7 @@ const database_1 = __importDefault(require("../database"));
 const get_schema_1 = require("./get-schema");
 const services_1 = require("../services");
 const lodash_1 = require("lodash");
+const logger_1 = __importDefault(require("../logger"));
 async function applySnapshot(snapshot, options) {
     var _a, _b, _c, _d;
     const database = (_a = options === null || options === void 0 ? void 0 : options.database) !== null && _a !== void 0 ? _a : (0, database_1.default)();
@@ -20,7 +21,13 @@ async function applySnapshot(snapshot, options) {
         const collectionsService = new services_1.CollectionsService({ knex: trx, schema });
         for (const { collection, diff } of snapshotDiff.collections) {
             if ((diff === null || diff === void 0 ? void 0 : diff[0].kind) === 'D') {
-                await collectionsService.deleteOne(collection);
+                try {
+                    await collectionsService.deleteOne(collection);
+                }
+                catch (err) {
+                    logger_1.default.error(`Failed to delete collection "${collection}"`);
+                    throw err;
+                }
             }
             if ((diff === null || diff === void 0 ? void 0 : diff[0].kind) === 'N' && diff[0].rhs) {
                 // We'll nest the to-be-created fields in the same collection creation, to prevent
@@ -28,65 +35,112 @@ async function applySnapshot(snapshot, options) {
                 const fields = snapshotDiff.fields
                     .filter((fieldDiff) => fieldDiff.collection === collection)
                     .map((fieldDiff) => fieldDiff.diff[0].rhs);
-                await collectionsService.createOne({
-                    ...diff[0].rhs,
-                    fields,
-                });
+                try {
+                    await collectionsService.createOne({
+                        ...diff[0].rhs,
+                        fields,
+                    });
+                }
+                catch (err) {
+                    logger_1.default.error(`Failed to create collection "${collection}"`);
+                    throw err;
+                }
                 // Now that the fields are in for this collection, we can strip them from the field
                 // edits
                 snapshotDiff.fields = snapshotDiff.fields.filter((fieldDiff) => fieldDiff.collection !== collection);
             }
-            if ((diff === null || diff === void 0 ? void 0 : diff[0].kind) === 'E') {
-                const updates = diff.reduce((acc, edit) => {
-                    if (edit.kind !== 'E')
-                        return acc;
-                    (0, lodash_1.set)(acc, edit.path, edit.rhs);
-                    return acc;
-                }, {});
-                await collectionsService.updateOne(collection, updates);
+            if ((diff === null || diff === void 0 ? void 0 : diff[0].kind) === 'E' || (diff === null || diff === void 0 ? void 0 : diff[0].kind) === 'A') {
+                const newValues = snapshot.collections.find((field) => {
+                    return field.collection === collection;
+                });
+                if (newValues) {
+                    try {
+                        await collectionsService.updateOne(collection, newValues);
+                    }
+                    catch (err) {
+                        logger_1.default.error(`Failed to update collection "${collection}"`);
+                        throw err;
+                    }
+                }
             }
         }
         const fieldsService = new services_1.FieldsService({ knex: trx, schema: await (0, get_schema_1.getSchema)({ database: trx }) });
         for (const { collection, field, diff } of snapshotDiff.fields) {
             if ((diff === null || diff === void 0 ? void 0 : diff[0].kind) === 'N') {
-                await fieldsService.createField(collection, diff[0].rhs);
+                try {
+                    await fieldsService.createField(collection, diff[0].rhs);
+                }
+                catch (err) {
+                    logger_1.default.error(`Failed to create field "${collection}.${field}"`);
+                    throw err;
+                }
             }
-            if ((diff === null || diff === void 0 ? void 0 : diff[0].kind) === 'E') {
-                const updates = diff.reduce((acc, edit) => {
-                    if (edit.kind !== 'E')
-                        return acc;
-                    (0, lodash_1.set)(acc, edit.path, edit.rhs);
-                    return acc;
-                }, {});
-                await fieldsService.updateField(collection, {
-                    field,
-                    type: 'unknown',
-                    ...updates,
+            if ((diff === null || diff === void 0 ? void 0 : diff[0].kind) === 'E' || (diff === null || diff === void 0 ? void 0 : diff[0].kind) === 'A') {
+                const newValues = snapshot.fields.find((snapshotField) => {
+                    return snapshotField.collection === collection && snapshotField.field === field;
                 });
+                if (newValues) {
+                    try {
+                        await fieldsService.updateField(collection, {
+                            ...newValues,
+                        });
+                    }
+                    catch (err) {
+                        logger_1.default.error(`Failed to update field "${collection}.${field}"`);
+                        throw err;
+                    }
+                }
             }
             if ((diff === null || diff === void 0 ? void 0 : diff[0].kind) === 'D') {
-                await fieldsService.deleteField(collection, field);
+                try {
+                    await fieldsService.deleteField(collection, field);
+                }
+                catch (err) {
+                    logger_1.default.error(`Failed to delete field "${collection}.${field}"`);
+                    throw err;
+                }
                 // Field deletion also cleans up the relationship. We should ignore any relationship
                 // changes attached to this now non-existing field
                 snapshotDiff.relations = snapshotDiff.relations.filter((relation) => (relation.collection === collection && relation.field === field) === false);
             }
         }
         const relationsService = new services_1.RelationsService({ knex: trx, schema: await (0, get_schema_1.getSchema)({ database: trx }) });
-        for (const { collection, field, diff, related_collection } of snapshotDiff.relations) {
+        for (const { collection, field, diff } of snapshotDiff.relations) {
+            const structure = {};
+            for (const diffEdit of diff) {
+                (0, lodash_1.set)(structure, diffEdit.path, undefined);
+            }
             if ((diff === null || diff === void 0 ? void 0 : diff[0].kind) === 'N') {
-                await relationsService.createOne(diff[0].rhs);
+                try {
+                    await relationsService.createOne(diff[0].rhs);
+                }
+                catch (err) {
+                    logger_1.default.error(`Failed to create relation "${collection}.${field}"`);
+                    throw err;
+                }
             }
-            if ((diff === null || diff === void 0 ? void 0 : diff[0].kind) === 'E') {
-                const updates = diff.reduce((acc, edit) => {
-                    if (edit.kind !== 'E')
-                        return acc;
-                    (0, lodash_1.set)(acc, edit.path, edit.rhs);
-                    return acc;
-                }, { collection, field, related_collection });
-                await relationsService.updateOne(collection, field, updates);
+            if ((diff === null || diff === void 0 ? void 0 : diff[0].kind) === 'E' || (diff === null || diff === void 0 ? void 0 : diff[0].kind) === 'A') {
+                const newValues = snapshot.relations.find((relation) => {
+                    return relation.collection === collection && relation.field === field;
+                });
+                if (newValues) {
+                    try {
+                        await relationsService.updateOne(collection, field, newValues);
+                    }
+                    catch (err) {
+                        logger_1.default.error(`Failed to update relation "${collection}.${field}"`);
+                        throw err;
+                    }
+                }
             }
             if ((diff === null || diff === void 0 ? void 0 : diff[0].kind) === 'D') {
-                await relationsService.deleteOne(collection, field);
+                try {
+                    await relationsService.deleteOne(collection, field);
+                }
+                catch (err) {
+                    logger_1.default.error(`Failed to delete relation "${collection}.${field}"`);
+                    throw err;
+                }
             }
         }
     });

package/dist/utils/get-column.js

@@ -1,7 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.getColumn = void 0;
-const functions_1 = require("../database/functions");
+const helpers_1 = require("../database/helpers");
 const constants_1 = require("@directus/shared/constants");
 const apply_function_to_column_name_1 = require("./apply-function-to-column-name");
 /**
@@ -15,7 +15,7 @@ const apply_function_to_column_name_1 = require("./apply-function-to-column-name
  * @returns Knex raw instance
  */
 function getColumn(knex, table, column, alias = (0, apply_function_to_column_name_1.applyFunctionToColumnName)(column)) {
-    const fn = (0, functions_1.FunctionsHelper)(knex);
+    const { date: fn } = (0, helpers_1.getHelpers)(knex);
     if (column.includes('(') && column.includes(')')) {
         const functionName = column.split('(')[0];
         const columnName = column.match(constants_1.REGEX_BETWEEN_PARENS)[1];

package/dist/utils/get-default-index-name.js

@@ -1,7 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.getDefaultIndexName = void 0;
-const get_simple_hash_1 = require("./get-simple-hash");
+const utils_1 = require("@directus/shared/utils");
 /**
  * Generate an index name for a given collection + fields combination.
  *
@@ -18,7 +18,7 @@ function getDefaultIndexName(type, collection, fields) {
     const indexName = (table + '_' + fields.join('_') + '_' + type).toLowerCase();
     if (indexName.length <= 60)
         return indexName;
-    const suffix = `__${(0, get_simple_hash_1.simpleHash)(indexName)}_${type}`;
+    const suffix = `__${(0, utils_1.getSimpleHash)(indexName)}_${type}`;
     const prefix = indexName.substring(0, 60 - suffix.length);
     return `${prefix}${suffix}`;
 }

package/dist/utils/get-local-type.js

@@ -1,10 +1,5 @@
 "use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 Object.defineProperty(exports, "__esModule", { value: true });
-const database_1 = require("../database");
-const database_2 = __importDefault(require("../database"));
 const localTypeMap = {
     // Shared
     boolean: 'boolean',
@@ -100,8 +95,6 @@ const localTypeMap = {
     integerfirst: 'integer',
 };
 function getLocalType(column, field) {
-    const database = (0, database_2.default)();
-    const databaseClient = (0, database_1.getDatabaseClient)(database);
     if (!column)
         return 'alias';
     const dataType = column.data_type.toLowerCase();
@@ -125,13 +118,9 @@ function getLocalType(column, field) {
         return 'decimal';
     }
     /** Handle MS SQL varchar(MAX) (eg TEXT) types */
-    if (dataType === 'nvarchar(MAX)') {
+    if (column.data_type === 'nvarchar' && column.max_length === -1) {
         return 'text';
     }
-    /** Handle Boolean as TINYINT and edgecase MySQL where it still is just tinyint */
-    if (databaseClient === 'mysql' && dataType === 'tinyint(1)') {
-        return 'boolean';
-    }
     return type !== null && type !== void 0 ? type : 'unknown';
 }
 exports.default = getLocalType;

package/dist/utils/get-permissions.d.ts

@@ -1,3 +1,3 @@
-import { Accountability } from '@directus/shared/types';
+import { Permission, Accountability } from '@directus/shared/types';
 import { SchemaOverview } from '../types';
-export declare function getPermissions(accountability: Accountability, schema: SchemaOverview): Promise<any>;
+export declare function getPermissions(accountability: Accountability, schema: SchemaOverview): Promise<Permission[]>;